219 Zeilen
5.7 KiB
PHP
219 Zeilen
5.7 KiB
PHP
<?php
|
|
/**
|
|
* Project:
|
|
* Contenido Content Management System
|
|
*
|
|
* Description:
|
|
* Frontend user class
|
|
*
|
|
* Requirements:
|
|
* @con_php_req 5.0
|
|
*
|
|
*
|
|
* @package Contenido Backend classes
|
|
* @version 1.2
|
|
* @author unknown
|
|
* @copyright four for business AG <www.4fb.de>
|
|
* @license http://www.contenido.org/license/LIZENZ.txt
|
|
* @link http://www.4fb.de
|
|
* @link http://www.contenido.org
|
|
* @since file available since contenido release <= 4.6
|
|
*
|
|
* {@internal
|
|
* created unknown
|
|
* modified 2008-06-30, Frederic Schneider, add security fix
|
|
* modified 2011-03-14, Murat Purc, adapted to new GenericDB partly ported to PHP 5, formatting
|
|
*
|
|
* $Id$:
|
|
* }}
|
|
*
|
|
*/
|
|
|
|
if (!defined('CON_FRAMEWORK')) {
|
|
die('Illegal call');
|
|
}
|
|
|
|
|
|
/**
|
|
* Frontend user management class
|
|
*/
|
|
class FrontendUserCollection extends ItemCollection
|
|
{
|
|
/**
|
|
* Constructor Function
|
|
* @param none
|
|
*/
|
|
public function __construct()
|
|
{
|
|
global $cfg;
|
|
parent::__construct($cfg["tab"]["frontendusers"], "idfrontenduser");
|
|
$this->_setItemClass("FrontendUser");
|
|
}
|
|
|
|
/**
|
|
* Checks if a specific user already exists
|
|
* @param $sUsername string specifies the username to search for
|
|
*/
|
|
public function userExists($sUsername)
|
|
{
|
|
global $client;
|
|
|
|
$oFrontendUserCollection = new FrontendUserCollection();
|
|
|
|
$oFrontendUserCollection->setWhere("idclient", $client);
|
|
$oFrontendUserCollection->setWhere("username", strtolower($sUsername));
|
|
$oFrontendUserCollection->query();
|
|
|
|
if ($oItem = $oFrontendUserCollection->next()) {
|
|
return ($oItem);
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Creates a new user
|
|
* @param $username string Specifies the username
|
|
* @param $password string Specifies the password (optional)
|
|
*/
|
|
public function create($username, $password = "")
|
|
{
|
|
global $client, $auth;
|
|
|
|
// Check if the username already exists
|
|
$this->select("idclient='".Contenido_Security::toInteger($client)."' AND username='".urlencode($username)."'");
|
|
|
|
if ($this->next()) {
|
|
return $this->create($username."_".substr(md5(rand()),0,10), $password);
|
|
}
|
|
|
|
$item = parent::createNewItem();
|
|
$item->set("idclient", $client);
|
|
$item->set("username", $username);
|
|
$item->set("password", $password);
|
|
$item->set("created", date("Y-m-d H:i:s"), false);
|
|
$item->set("author", $auth->auth["uid"]);
|
|
$item->set("active", 0);
|
|
|
|
$item->store();
|
|
|
|
// Put this user into the default groups
|
|
$fegroups = new FrontendGroupCollection();
|
|
$fegroups->select("idclient = '".Contenido_Security::toInteger($client)."' AND defaultgroup='1'");
|
|
|
|
$members = new FrontendGroupMemberCollection;
|
|
|
|
$iduser = $item->get("idfrontenduser");
|
|
|
|
while ($fegroup = $fegroups->next()) {
|
|
$idgroup = $fegroup->get("idfrontendgroup");
|
|
$members->create($idgroup, $iduser);
|
|
}
|
|
|
|
return $item;
|
|
}
|
|
|
|
/**
|
|
* Overridden delete method to remove user from groupmember table
|
|
* before deleting user
|
|
*
|
|
* @param $itemID int specifies the frontend user
|
|
*/
|
|
public function delete($itemID)
|
|
{
|
|
$associations = new FrontendGroupMemberCollection();
|
|
$associations->select("idfrontenduser = '$itemID'");
|
|
|
|
while ($item = $associations->next()) {
|
|
$associations->delete($item->get("idfrontendgroupmember"));
|
|
}
|
|
parent::delete($itemID);
|
|
}
|
|
}
|
|
|
|
|
|
/**
|
|
* Single FrontendUser Item
|
|
*/
|
|
class FrontendUser extends Item
|
|
{
|
|
/**
|
|
* Constructor Function
|
|
* @param mixed $mId Specifies the ID of item to load
|
|
*/
|
|
public function __construct($mId = false)
|
|
{
|
|
global $cfg;
|
|
parent::__construct($cfg["tab"]["frontendusers"], "idfrontenduser");
|
|
if ($mId !== false) {
|
|
$this->loadByPrimaryKey($mId);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Overridden setField method to md5 the password
|
|
* Sets the value of a specific field
|
|
*
|
|
* @param string $field Specifies the field to set
|
|
* @param string $value Specifies the value to set
|
|
*/
|
|
public function setField($field, $value, $safe = true)
|
|
{
|
|
if ($field == "password") {
|
|
parent::setField($field, md5($value), $safe);
|
|
} else {
|
|
parent::setField($field, $value, $safe);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* setRawPassword: Sets the password to a raw value
|
|
* without md5 encoding.
|
|
*
|
|
* @param string $password Raw password
|
|
*/
|
|
public function setRawPassword($password)
|
|
{
|
|
return parent::setField("password", $password);
|
|
}
|
|
|
|
/**
|
|
* Checks if the given password matches the password in the database
|
|
* @param $password string Password to check
|
|
* @return boolean True if the password is correct, false otherwise
|
|
*/
|
|
public function checkPassword($password)
|
|
{
|
|
if (md5($password) == $this->get("password")) {
|
|
return true;
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public function store()
|
|
{
|
|
global $auth;
|
|
|
|
$this->set("modified", date("Y-m-d H:i:s"), false);
|
|
$this->set("modifiedby", $auth->auth["uid"]);
|
|
parent::store();
|
|
}
|
|
|
|
public function getGroupsForUser()
|
|
{
|
|
$FrontendGroupMemberCollection = new FrontendGroupMemberCollection();
|
|
$FrontendGroupMemberCollection->setWhere("idfrontenduser", $this->get("idfrontenduser"));
|
|
$FrontendGroupMemberCollection->query();
|
|
|
|
$groups = array();
|
|
|
|
while ($FrontendGroupMember = $FrontendGroupMemberCollection->next()) {
|
|
$groups[] = $FrontendGroupMember->get("idfrontendgroup");
|
|
}
|
|
|
|
return ($groups);
|
|
}
|
|
}
|
|
|
|
?>
|