go-basic
[ class tree: go-basic ] [ index: go-basic ] [ all elements ]

3th Party Packages
Packages:
go-basic
go-basic-exceptions
go-calendar
go-database
go-global
go-html
go-mail
go-utils
go-xml

Source for file users.class.inc.php

Documentation is available at users.class.inc.php

  1. <?php
  2. /** 
  3.  * Copyright Intermesh
  4.  * 
  5.  * This file is part of Group-Office. You should have received a copy of the
  6.  * Group-Office license along with Group-Office. See the file /LICENSE.TXT
  7.  * 
  8.  * If you have questions write an e-mail to info@intermesh.nl
  9.  * 
  10.  * @copyright Copyright Intermesh
  11.  * @version $Id: users.class.inc.php 1294 2008-10-30 13:07:15Z mschering $
  12.  * @author Merijn Schering <mschering@intermesh.nl>
  13.  */
  14.  
  15.  
  16. /**
  17.  * This class is used to manage users in Group-Office.
  18.  * 
  19.  * @copyright Copyright Intermesh
  20.  * @version $Id: users.class.inc.php 1294 2008-10-30 13:07:15Z mschering $
  21.  * @author Merijn Schering <mschering@intermesh.nl>
  22.  
  23.  * @package go.basic
  24.  * @since Group-Office 2.05
  25.  * 
  26.  * @uses db
  27.  */
  28. class GO_USERS extends db
  29. {
  30.     /**
  31.      * The constructor initializes the SQL database connection.
  32.      * 
  33.      * Some functionality is global and therefore implemented in this class,
  34.      * and not in the child classes. For this functions a database connection
  35.      * is needed, so we initialize it in the constructor. There is no need to
  36.      * do anything else here.
  37.      * 
  38.      * @access public
  39.      */
  40.     function __construct()
  41.     {
  42.         global $GO_CONFIG;
  43.         
  44.         if(!isset($_SESSION['GO_SESSION']['decimal_seperator']))
  45.         {        
  46.             $_SESSION['GO_SESSION']['decimal_seperator'$GO_CONFIG->default_decimal_seperator;
  47.         }        
  48.         if(!isset($_SESSION['GO_SESSION']['thousands_seperator']))
  49.         {        
  50.             $_SESSION['GO_SESSION']['thousands_seperator'$GO_CONFIG->default_thousands_seperator;
  51.         }
  52.         if(!isset($_SESSION['GO_SESSION']['date_seperator']))
  53.         {        
  54.             $_SESSION['GO_SESSION']['date_seperator'$GO_CONFIG->default_date_seperator;
  55.         }        
  56.         if(!isset($_SESSION['GO_SESSION']['date_format']))
  57.         {        
  58.             $_SESSION['GO_SESSION']['date_format'Date::get_dateformat$GO_CONFIG->default_date_format$_SESSION['GO_SESSION']['date_seperator']);
  59.         }
  60.         if(!isset($_SESSION['GO_SESSION']['time_format']))
  61.         {        
  62.             $_SESSION['GO_SESSION']['time_format'$GO_CONFIG->default_time_format;
  63.         }
  64.         if(!isset($_SESSION['GO_SESSION']['currency']))
  65.         {        
  66.             $_SESSION['GO_SESSION']['currency'$GO_CONFIG->default_currency;
  67.         }
  68.         if(!isset($_SESSION['GO_SESSION']['timezone']))
  69.         {        
  70.             $_SESSION['GO_SESSION']['timezone'$GO_CONFIG->default_timezone;
  71.         }
  72.         if(!isset($_SESSION['GO_SESSION']['country']))
  73.         {    
  74.             $_SESSION['GO_SESSION']['country'$GO_CONFIG->default_country;
  75.         }
  76.         if(!isset($_SESSION['GO_SESSION']['sort_name']))
  77.         {        
  78.             $_SESSION['GO_SESSION']['sort_name''first_name';
  79.         }
  80.         
  81.         
  82.         parent::__construct();
  83.     }
  84.     
  85. /**
  86.      * Updates the session data corresponding to the user_id.
  87.      * 
  88.      * @access public
  89.      * 
  90.      * @param int $user_id 
  91.      * 
  92.      * @return bool 
  93.      */
  94.     function update_session$user_id $update_language=false{
  95.         global $GO_LANGUAGE$GO_CONFIG;
  96.         if ($userdata $this->get_user($user_id)) {
  97.             $middle_name $userdata['middle_name'== '' '' $userdata['middle_name'].' ';
  98.                 
  99.             if($update_language && $GO_LANGUAGE->language != $userdata['language'])
  100.             {
  101.                 $userdata['language'$up_user['language'$GO_LANGUAGE->language;
  102.                 $up_user['id']=$user_id;                
  103.                 
  104.                 $this->update_row('go_users''id'$up_user);
  105.             }else
  106.             {            
  107.                 $GO_LANGUAGE->set_language($userdata['language']);
  108.             }
  109.  
  110.             $_SESSION['GO_SESSION']['user_id'$user_id;
  111.             
  112.             $_SESSION['GO_SESSION']['username'$userdata['username'];
  113.             $_SESSION['GO_SESSION']['name'$userdata['first_name'].' '.$middle_name.$userdata['last_name'];
  114.             $_SESSION['GO_SESSION']['function'$userdata['function'];
  115.             $_SESSION['GO_SESSION']['department'$userdata['department'];
  116.             
  117.             $_SESSION['GO_SESSION']['first_name'$userdata['first_name'];
  118.             $_SESSION['GO_SESSION']['middle_name'$userdata['middle_name'];
  119.             $_SESSION['GO_SESSION']['last_name'$userdata['last_name'];
  120.             $_SESSION['GO_SESSION']['country'$userdata['country'];
  121.             $_SESSION['GO_SESSION']['email'$userdata['email'];
  122.  
  123.             $_SESSION['GO_SESSION']['thousands_seperator'$userdata['thousands_seperator'];
  124.             $_SESSION['GO_SESSION']['decimal_seperator'$userdata['decimal_seperator'];
  125.             $_SESSION['GO_SESSION']['date_format'Date::get_dateformat($userdata['date_format']$userdata['date_seperator']);
  126.             $_SESSION['GO_SESSION']['date_seperator'$userdata['date_seperator'];
  127.             $_SESSION['GO_SESSION']['time_format'$userdata['time_format'];
  128.             $_SESSION['GO_SESSION']['currency'$userdata['currency'];
  129.             $_SESSION['GO_SESSION']['lastlogin'= isset ($userdata['lastlogin']$userdata['lastlogin'time();
  130.             $_SESSION['GO_SESSION']['max_rows_list'$userdata['max_rows_list'];
  131.             $_SESSION['GO_SESSION']['timezone'$userdata['timezone'];
  132.             $_SESSION['GO_SESSION']['start_module'= isset ($userdata['start_module']$userdata['start_module''summary';
  133.  
  134.             //$_SESSION['GO_SESSION']['language'] = $userdata['language'];
  135.             $_SESSION['GO_SESSION']['theme'$userdata['theme'];
  136.             $_SESSION['GO_SESSION']['mute_sound'$userdata['mute_sound'];
  137.             $_SESSION['GO_SESSION']['first_weekday'$userdata['first_weekday'];
  138.             $_SESSION['GO_SESSION']['sort_name'!empty($userdata['sort_name']$userdata['sort_name''first_name';
  139.             return true;
  140.         }
  141.         return false;
  142.     }
  143.  
  144.     /**
  145.    * This function returns an array of the fields that can be used as search
  146.    * criterias for users.
  147.    * 
  148.    * @access public
  149.    * @param void 
  150.    * @return array 
  151.    */
  152.     function get_search_fields({
  153.         
  154.         global $lang;
  155.  
  156.         $searchfields[array'',  $lang['common']['SearchAll');
  157.         $searchfields[array'first_name',  $lang['common']['firstName');
  158.         $searchfields[array'last_name',   $lang['common']['lastName');
  159.         $searchfields[array'email',        $lang['common']['email');
  160.         $searchfields[array'company',        $lang['common']['company');
  161.         $searchfields[array'department',  $lang['common']['department');
  162.         $searchfields[array'function',    $lang['common']['function');
  163.         $searchfields[array'address',        $lang['common']['address');
  164.         $searchfields[array'city',        $lang['common']['city');
  165.         $searchfields[array'zip',        $lang['common']['zip');
  166.         $searchfields[array'state',        $lang['common']['state');
  167.         $searchfields[array'country',        $lang['common']['country');
  168.         $searchfields[array'work_address',$lang['common']['workAddress');
  169.         $searchfields[array'work_cip',    $lang['common']['workZip');
  170.         $searchfields[array'work_city',   $lang['common']['workCity');
  171.         $searchfields[array'work_state',  $lang['common']['workState');
  172.         $searchfields[array'work_country',$lang['common']['workCountry');
  173.         return $searchfields;
  174.     }
  175.  
  176.     /**
  177.    * This function searches for users with the given search field.
  178.    * 
  179.    * @access public
  180.    * 
  181.    * @param string $query 
  182.    * @param string $field 
  183.    * @param int $user_id 
  184.    * @param int $start 
  185.    * @param int $offset 
  186.    * 
  187.    * @return array 
  188.    */
  189.     
  190.     function search($query$field$user_id=0$start=0$offset=0$sort="name"$sort_direction='ASC')
  191.     {
  192.         global $GO_MODULES;
  193.         
  194.         if($sort == 'name')
  195.         {
  196.             if(!isset($_SESSION['GO_SESSION']['sort_name']|| $_SESSION['GO_SESSION']['sort_name'== 'first_name')
  197.             {
  198.                 $sort 'first_name '.$sort_direction.', last_name ';
  199.             }else
  200.             {
  201.                 $sort 'last_name '.$sort_direction.', first_name ';
  202.             }
  203.         }
  204.  
  205.         if($user_id 0)
  206.         {
  207.             $sql "SELECT DISTINCT go_users.*";
  208.         /*    if(isset($GO_MODULES->modules['customfields']) && $GO_MODULES->modules['customfields']['read_permission'])
  209.             {
  210.                 $sql .= ", cf_8.* ";
  211.             }*/
  212.             $sql .=" FROM go_users INNER JOIN go_acl ON go_users.acl_id = go_acl.acl_id ".
  213.             "LEFT JOIN go_users_groups ON go_acl.group_id = go_users_groups.group_id ";
  214.             
  215.             
  216.         /*    if(isset($GO_MODULES->modules['customfields']) && $GO_MODULES->modules['customfields']['read_permission'])
  217.             {
  218.                 $sql .= "LEFT JOIN cf_8 ON cf_8.link_id=users.link_id ";
  219.             }*/
  220.             
  221.             $sql .= "WHERE (go_acl.user_id=".$this->escape($user_id)." ".
  222.             "OR go_users_groups.user_id=".$this->escape($user_id).") AND ";
  223.         }else
  224.         {
  225.             $sql "SELECT * FROM go_users ";
  226.             /*if(isset($GO_MODULES->modules['customfields']) && $GO_MODULES->modules['customfields']['read_permission'])
  227.             {
  228.                 $sql .= "LEFT JOIN cf_8 ON cf_8.link_id=users.link_id ";
  229.             }*/
  230.             $sql .= "WHERE ";
  231.             
  232.         }
  233.         
  234.         if(!is_array($field))
  235.         {
  236.             $fields=array();
  237.             if($field == '')
  238.             {
  239.                 $fields_sql "SHOW FIELDS FROM go_users";
  240.                 $this->query($fields_sql);
  241.                 while($this->next_record())
  242.                 {
  243.                     if(eregi('varchar'$this->f('Type')))
  244.                     {
  245.                         $fields[]='go_users.'.$this->f('Field');
  246.                     }
  247.                 }
  248.                 /*if(isset($GO_MODULES->modules['customfields']) && $GO_MODULES->modules['customfields']['read_permission'])
  249.                 {
  250.                     $fields_sql = "SHOW FIELDS FROM cf_8";
  251.                     $this->query($fields_sql);
  252.                     while ($this->next_record()) {
  253.                         $fields[]='cf_8.'.$this->f('Field');
  254.                     }
  255.                     
  256.                 }*/
  257.             }else {
  258.                 $fields[]=$field;
  259.             }
  260.         }else {
  261.             $fields=$field;
  262.         }
  263.         
  264.         foreach($fields as $field)
  265.         {
  266.             if(count($fields)>1)
  267.             {
  268.                 if(isset($first))
  269.                 {
  270.                     $sql .= ' OR ';
  271.                 }else
  272.                 {
  273.                     $first true;
  274.                     $sql .= '(';
  275.                 }                
  276.             }
  277.             
  278.             if($field=='name')
  279.             {
  280.                 $sql .= "CONCAT(first_name,middle_name,last_name) LIKE '".$this->escape(str_replace(' ','%'$query))."' ";
  281.             }else
  282.             {
  283.                 $sql .= "$field LIKE '".$this->escape($query)."' ";
  284.             }
  285.         }
  286.         if(count($fields)>1)
  287.         {
  288.             $sql .= ')';
  289.         }    
  290.  
  291.         $sql .= " ORDER BY $sort $sort_direction";
  292.         $this->query($sql);
  293.         $count $this->num_rows();
  294.  
  295.         if ($offset != 0)
  296.         {
  297.             $sql .= " LIMIT ".$this->escape($start.",".$offset);
  298.             $this->query($sql);
  299.         }
  300.  
  301.         return $count;
  302.     }
  303.     
  304.     function get_linked_users($user_id$link_id)
  305.     {
  306.         global $GO_LINKS;
  307.         $links $GO_LINKS->get_links($link_id8);
  308.         
  309.         if(count($links))
  310.         {
  311.             $sql "SELECT go_users.* FROM go_users  INNER JOIN go_acl ON go_users.acl_id = go_acl.acl_id ".
  312.                 "LEFT JOIN go_users_groups ON go_acl.group_id = go_users_groups.group_id WHERE (go_acl.user_id=".$this->escape($user_id)." ".
  313.                 "OR go_users_groups.user_id=".$this->escape($user_id).") AND link_id IN (".implode(',',$links).") ORDER BY last_name ASC, first_name ASC";
  314.             
  315.             $this->query($sql);
  316.             return $this->num_rows();
  317.         }
  318.         return 0;
  319.     }
  320.  
  321.     /**
  322.      * Fetch all users from the user management backend.
  323.      * 
  324.      * This function retrieves all users from the database and returns their
  325.      * number. After that you are able to process each user via next_record.
  326.      * 
  327.      * over the different user accounts. next_user() should be considered.
  328.      * 
  329.      * @access public
  330.      * 
  331.      * @param string $sort The field to sort on
  332.      * @param string $direction The sort direction
  333.      * @param int $start Return results starting from this row
  334.      * @param int $offset Return this number of rows
  335.      * 
  336.      * @return int The number of users
  337.      */
  338.  
  339.     function get_users($sort="name",$direction="ASC"$start=0$offset=0)
  340.     {
  341.         if ($sort == 'name')
  342.         {
  343.             if(!isset($_SESSION['GO_SESSION']['sort_name']||  $_SESSION['GO_SESSION']['sort_name'== 'first_name')
  344.             {
  345.                 $sort 'first_name '.$direction.', last_name';
  346.             }else
  347.             {
  348.                 $sort 'last_name '.$direction.', first_name';
  349.             }
  350.             //      $sort = 'first_name '.$direction.', last_name';
  351.         }
  352.         $count=0;
  353.         $this->query("SELECT id FROM go_users");
  354.         if ($this->next_record())
  355.         {
  356.             $count $this->num_rows();
  357.         }
  358.  
  359.         if ($count 0)
  360.         {
  361.             $sql "SELECT * FROM go_users ORDER BY ".$sort." ".$direction;
  362.  
  363.             if ($offset != 0)
  364.             {
  365.                 $sql .= " LIMIT ".$this->escape($start.",".$offset);
  366.             }
  367.             $this->query($sql);
  368.         }
  369.         return $count;
  370.     }
  371.  
  372.     /**
  373.      * This function retrieves all users that are visible to a user.
  374.      * 
  375.      * This function fetches all users that should be visible to the given
  376.      * user. next_record() can be used to iterate over the result set.
  377.      * 
  378.      * @access public
  379.      * 
  380.      * @param string $sort The field to sort on
  381.      * @param string $direction The sort direction
  382.      * @param int $start Return results starting from this row
  383.      * @param int $offset Return this number of rows
  384.      * 
  385.      * @return int The number of users
  386.      */
  387.     function get_authorized_users($user_id$sort="name",$direction="ASC")
  388.     {
  389.         if ($sort == 'users.name' || $sort=='name')
  390.         {
  391.             if($_SESSION['GO_SESSION']['sort_name'== 'first_name')
  392.             {
  393.                 $sort 'users.first_name '.$direction.', go_users.last_name';
  394.             }else
  395.             {
  396.                 $sort 'users.last_name '.$direction.', go_users.first_name';
  397.             }
  398.             //      $sort = 'users.first_name '.$direction.', go_users.last_name';
  399.         }
  400.         $sql "SELECT DISTINCT go_users.* FROM go_users ".
  401.         "INNER JOIN go_acl ON go_users.acl_id= go_acl.acl_id ".
  402.         "LEFT JOIN go_users_groups ON (go_acl.group_id = go_users_groups.group_id) ".
  403.         "WHERE go_users_groups.user_id=".$this->escape($user_id)." OR ".
  404.         "go_acl.user_id = ".$this->escape($user_id)." ORDER BY ".$sort." ".$direction;
  405.  
  406.         $this->query($sql);
  407.         return $this->num_rows();
  408.     }
  409.  
  410.     /**
  411.      * This function searches for a user by his email address.
  412.      * 
  413.      * This function retrieves all userdata based on the users email address.
  414.      * 
  415.      * @access public
  416.      * 
  417.      * @param string $email The e-mail address of a user
  418.      * 
  419.      * @return array 
  420.      */
  421.     function get_user_by_email($email)
  422.     {
  423.         $email String::get_email_from_string($email);
  424.         $sql "SELECT * FROM go_users WHERE email='".$this->escape($email)."'";
  425.         $this->query($sql);
  426.         
  427.         //return false if there is more then one result
  428.         if($this->num_rows()!=1)
  429.         {
  430.             return false;
  431.         }elseif ($this->next_record(MYSQL_ASSOC))
  432.         {
  433.             return $this->record;
  434.         }
  435.         
  436.     }
  437.     /**
  438.      * This function returns all userdata based on the user's name.
  439.      * 
  440.      * @access public
  441.      * 
  442.      * @param int $user_id The user to check access for
  443.      * @param string $username 
  444.      * 
  445.      * @return array The user profile
  446.      */
  447.     function get_authorized_user_by_email($user_id$email)
  448.     {
  449.         $sql "SELECT DISTINCT go_users.* FROM go_users ".
  450.         "INNER JOIN go_acl ON go_users.acl_id= go_acl.acl_id ".
  451.         "LEFT JOIN go_users_groups ON (go_acl.group_id = go_users_groups.group_id) ".
  452.         "WHERE (go_users_groups.user_id=".$this->escape($user_id)." OR ".
  453.         "go_acl.user_id = ".$this->escape($user_id).") AND email='".$this->escape($email)."'";
  454.         $this->query($sql);
  455.         if ($this->next_record(MYSQL_ASSOC))
  456.         {
  457.             return $this->record;
  458.         }
  459.         return false;
  460.     }
  461.  
  462.     /**
  463.      * This function checks if the password the user supplied is valid.
  464.      * 
  465.      * @access public
  466.      * 
  467.      * @param string $password 
  468.      * 
  469.      * @return bool 
  470.      */
  471.     function check_password($password)
  472.     {
  473.         $this->query("SELECT id FROM go_users WHERE password='".md5($password).
  474.         "' AND id='".$_SESSION['GO_SESSION']['user_id']."'");
  475.         if ($this->num_rows(0)
  476.         {
  477.             return true;
  478.         }
  479.         return false;
  480.     }
  481.  
  482.     /**
  483.      * This function searches for a user by his ID andreturns all userdata based on the users ID.
  484.      * 
  485.      * @access public
  486.      * @param int $user_id 
  487.      * @return array 
  488.      */
  489.     function get_user($user_id)
  490.     {
  491.         $sql "SELECT * FROM go_users WHERE id='".$this->escape($user_id)."'";
  492.         $this->query$sql );
  493.         if ($this->next_record(MYSQL_ASSOC))
  494.         {
  495.             if($this->record['date_seperator']=='')
  496.             {
  497.                 $this->record['date_seperator']=' ';
  498.             }
  499.             return $this->record;
  500.         }
  501.         return false;
  502.     }
  503.  
  504.     /**
  505.      * This function updates all userdata based on the given parameters.
  506.      * 
  507.      * @access public
  508.      *
  509.      * @return bool True on success
  510.      */
  511.  
  512.     function update_user(
  513.     $user,
  514.     $user_groups=null,
  515.     $visible_user_groups=null,
  516.     $modules_read=null,
  517.     $modules_write=null)
  518.     {
  519.         global $GO_MODULES$GO_SECURITY$GO_GROUPS;
  520.  
  521.         if($this->update_profile($user))
  522.         {
  523.             
  524.             $this->cache_user($user['id']);
  525.             
  526.             $GO_MODULES->get_modules();
  527.             while ($GO_MODULES->next_record())
  528.             {
  529.                 if(isset($modules_read))
  530.                 {
  531.                     $could_read $GO_SECURITY->has_permission($user['id']$GO_MODULES->f('acl_read'));
  532.                     $can_read =  in_array($GO_MODULES->f('id')$modules_read);
  533.  
  534.                     if ($could_read && !$can_read)
  535.                     {
  536.                         $GO_SECURITY->delete_user_from_acl($user['id']$GO_MODULES->f('acl_read'));
  537.                     }
  538.  
  539.                     if ($can_read && !$could_read)
  540.                     {
  541.                         $GO_SECURITY->add_user_to_acl($user['id']$GO_MODULES->f('acl_read'));
  542.                     }
  543.                 }
  544.  
  545.                 if(isset($modules_write))
  546.                 {
  547.                     $could_write $GO_SECURITY->has_permission($user['id']$GO_MODULES->f('acl_write'));
  548.                     $can_write =  in_array($GO_MODULES->f('id')$modules_write);
  549.  
  550.                     if ($could_write && !$can_write)
  551.                     {
  552.                         $GO_SECURITY->delete_user_from_acl($user['id']$GO_MODULES->f('acl_write'));
  553.                     }
  554.  
  555.                     if ($can_write && !$could_write)
  556.                     {
  557.                         $GO_SECURITY->add_user_to_acl($user['id']$GO_MODULES->f('acl_write'));
  558.                     }
  559.                 }
  560.             }
  561.  
  562.             //make sure we have user['acl_id']
  563.             $user $this->get_user($user['id']);
  564.  
  565.  
  566.             $GO_GROUPS->get_groups();
  567.             $groups2 new GO_GROUPS();
  568.             while($GO_GROUPS->next_record())
  569.             {
  570.                 if(isset($user_groups))
  571.                 {
  572.                     $is_in_group $groups2->is_in_group($user['id']$GO_GROUPS->f('id'));
  573.                     $should_be_in_group in_array($GO_GROUPS->f('id')$user_groups);
  574.  
  575.                     if ($is_in_group && !$should_be_in_group)
  576.                     {
  577.                         $groups2->delete_user_from_group($user['id']$GO_GROUPS->f('id'));
  578.                     }
  579.  
  580.                     if (!$is_in_group && $should_be_in_group)
  581.                     {
  582.                         $groups2->add_user_to_group($user['id']$GO_GROUPS->f('id'));
  583.                     }
  584.                 }
  585.  
  586.                 if(isset($visible_user_groups))
  587.                 {
  588.                     $group_is_visible $GO_SECURITY->group_in_acl($GO_GROUPS->f('id')$user['acl_id']);
  589.                     $group_should_be_visible in_array($GO_GROUPS->f('id')$visible_user_groups);
  590.  
  591.                     if ($group_is_visible && !$group_should_be_visible)
  592.                     {
  593.                         $GO_SECURITY->delete_group_from_acl($GO_GROUPS->f('id')$user['acl_id']);
  594.                     }
  595.  
  596.                     if (!$group_is_visible  && $group_should_be_visible)
  597.                     {
  598.                         $GO_SECURITY->add_group_to_acl($GO_GROUPS->f('id')$user['acl_id']);
  599.                     }
  600.                 }
  601.             }
  602.             return true;
  603.         }
  604.         return false;
  605.     }
  606.  
  607.     /**
  608.      * This function updates a the profile of a user.
  609.      * 
  610.      * Using an SQL update record, this function actualizes the profile of the
  611.      * given user.
  612.      * 
  613.      * 
  614.      * @access protected
  615.      * 
  616.      * @param Array $user is an array of all data that should be updated.
  617.      * 
  618.      * @return Boolean to indicate the success of the operation.
  619.      */
  620.     function update_profile($user$complete_profile=false)
  621.     {
  622.         global $GO_MODULES;
  623.         $user['mtime']=time();
  624.         
  625.         $params array('user'=>$user);
  626.         
  627.         
  628.         $ret false;
  629.         if(!empty($user['password']))
  630.         {            
  631.             $user['password']=md5($user['password']);
  632.         }
  633.         
  634.         if($this->update_row('go_users''id'$user))
  635.         {
  636.             if(isset($_SESSION['GO_SESSION']['user_id']&& $user['id'== $_SESSION['GO_SESSION']['user_id'])
  637.             {
  638.                 $ret $this->update_session($user['id']);
  639.             }
  640.             $ret true;
  641.         }
  642.         
  643.         $this->cache_user($user['id']);
  644.         
  645.         if($complete_profile)
  646.         {
  647.             $params['user']=$this->get_user($user['id']);
  648.             $GO_MODULES->fire_event('add_user'$params);
  649.         }else
  650.         {
  651.             $GO_MODULES->fire_event('update_user'$params);
  652.         }
  653.         
  654.         return $ret;
  655.     }
  656.     /**
  657.      * This function updates the user's password.
  658.      * 
  659.      * @access public
  660.      * 
  661.      * @param int $user_id 
  662.      * @param string $password 
  663.      * 
  664.      * @return bool True on success
  665.     
  666.     function update_password($user_id, $password)
  667.     {
  668.         $sql = "UPDATE go_users SET password='".md5($password)."' WHERE id='$user_id'";
  669.         if ($this->query($sql))
  670.         {
  671.             
  672.             $params = array('user_id'=>$user_id, 'password'=>$password);
  673.             $GO_MODULES->fire_event('change_user_password', $params);
  674.             
  675.             return true;
  676.         }
  677.         return false;
  678.     } */
  679.  
  680.     /**
  681.      * This function returns all userdata based on the user's name.
  682.      * 
  683.      * @access public
  684.      * 
  685.      * @param string $username 
  686.      * 
  687.      * @return array The user profile
  688.      */
  689.     function get_user_by_username($username)
  690.     {
  691.         $sql "SELECT * FROM go_users WHERE username='".$this->escape($username)."'";
  692.         $this->query($sql);
  693.         if ($this->next_record())
  694.         {
  695.             return $this->record;
  696.         }
  697.         return false;
  698.     }
  699.     /**
  700.      * This function checks, if there is already a user with the given email
  701.      * address.
  702.      * 
  703.      * @access public
  704.      * 
  705.      * @param string $email 
  706.      * 
  707.      * @return bool True if exists
  708.      */
  709.     function email_exists($email)
  710.     {
  711.         $sql "SELECT id FROM go_users WHERE email='".$this->escape($email)."'";
  712.         $this->query($sql);
  713.         if ($this->num_rows(0)
  714.         {
  715.             return true;
  716.         }
  717.         return false;
  718.     }
  719.  
  720.     /**
  721.      * This function adds a new user to the database.
  722.      * 
  723.      * @access public
  724.      * 
  725.      * @param string $user Array of all columns of table 'go_users'
  726.      * @param string $user_groups The user group id's the user will be member of
  727.      * @param string $visible_user_groups The user group id's where the user will be visible to
  728.      * @param string $modules_read The modules the user will have read permissions for
  729.      * @param string $modules_write The modules the user will have write permissions for
  730.      * @param string $acl    Some custom ACL id's the user will have access to (Be careful)
  731.  
  732.      * 
  733.      * @return bool True on success
  734.      */
  735.  
  736.     function add_user(
  737.     $user,
  738.     $user_groups=array(),
  739.     $visible_user_groups=array(),
  740.     $modules_read=array(),
  741.     $modules_write=array(),
  742.     $acl=array())
  743.     {
  744.         global $GO_CONFIG$GO_LANGUAGE$GO_SECURITY$GO_GROUPS$GO_MODULES;
  745.  
  746.         // We check if we are able to add a new user. If we already have too much
  747.         // of them we do not want new ones ;)
  748.         if $this->max_users_reached() ) {
  749.             return false;
  750.         }
  751.         // We check if a user with this email address already exists. Since the
  752.         // email address is used as key for the acl_id, no two users may have the
  753.         // same address. It also should not be possible to have multiple users
  754.         // with the same name...
  755.         if(!$GO_CONFIG->allow_duplicate_email)
  756.         {
  757.             $this->query"SELECT id FROM go_users WHERE email='".$this->escape($user['email'])."' OR username='".$this->escape($user['username'])."'");
  758.             if $this->num_rows({
  759.  
  760.                 return false;
  761.             }
  762.         }        
  763.         
  764.         if(!isset($user['start_module']))
  765.             $user['start_module']='summary';
  766.         
  767.         if(!isset($user['language']))
  768.              $user['language'$GO_LANGUAGE->language;
  769.  
  770.              
  771.         if(!isset($user['currency']))
  772.              $user['currency'$GO_CONFIG->default_currency;
  773.              
  774.          if(!isset($user['decimal_seperator']))
  775.             $user['decimal_seperator'$GO_CONFIG->default_decimal_seperator;
  776.             
  777.         if(!isset($user['thousands_seperator']))
  778.             $user['thousands_seperator'$GO_CONFIG->default_thousands_seperator;
  779.             
  780.         if(!isset($user['time_format']))
  781.             $user['time_format'$GO_CONFIG->default_time_format;
  782.             
  783.         if(!isset($user['date_format']))
  784.             $user['date_format'$GO_CONFIG->default_date_format;
  785.             
  786.         if(!isset($user['date_seperator']))
  787.             $user['date_seperator'$GO_CONFIG->default_date_seperator;
  788.         
  789.         if(!isset($user['first_weekday']))
  790.             $user['first_weekday'$GO_CONFIG->default_first_weekday;
  791.             
  792.         if(!isset($user['timezone']))
  793.             $user['timezone'$GO_CONFIG->default_timezone;
  794.         
  795.         if(!isset($user['theme']))
  796.             $user['theme'$GO_CONFIG->theme;
  797.             
  798.         if(!isset($user['max_rows_list']))
  799.             $user['max_rows_list'30;
  800.  
  801.  
  802.         if (empty($user['id'])){
  803.             $user['id'$this->nextid("go_users");
  804.         }
  805.         
  806.         
  807.         // When the acl_id is already given, we do not have to create a new one,
  808.         // but it may be neccessary to change the owner of the acl - this is
  809.         // needed when the authentication framework "accidentially" creates the
  810.         // acl id for this user (which happens in the case, when the user is
  811.         // authenticated against an LDAP directory, where the id is generated
  812.         // when the LDAP entry is converted to the $user entry, which is given
  813.         // as parameter to this function).
  814.         if isset$user['acl_id') ) {
  815.             $GO_SECURITY->set_acl_owner$user['acl_id']$user['id');
  816.         else {
  817.             $user['acl_id'$GO_SECURITY->get_new_acl$user['email');
  818.         }
  819.         
  820.         
  821.  
  822.         $user['registration_time'$user['mtime']=time();
  823.         
  824.         $params array('user'=>$user);
  825.         $GO_MODULES->fire_event('before_add_user'$params);
  826.         
  827.         $unencrypted_password $user['password'];
  828.         if(!empty($user['password']))
  829.         {
  830.             $unencrypted_password $user['password'];
  831.             $user['password'md5($user['password']);
  832.         }
  833.  
  834.         if ($user['id'&& $this->insert_row('go_users'$user))
  835.         {
  836.             
  837.             $this->cache_user($user['id']);
  838.             
  839.             $GO_SECURITY->set_acl_owner$user['acl_id']$user['id');
  840.             $GO_GROUPS->add_user_to_group$user['id']$GO_CONFIG->group_everyone);
  841.  
  842.             foreach($user_groups as $group_id)
  843.             {
  844.                 if($group_id && $group_id != $GO_CONFIG->group_everyone && !$GO_GROUPS->is_in_group($user['id']$group_id))
  845.                 {
  846.                     $GO_GROUPS->add_user_to_group($user['id']$group_id);
  847.                 }
  848.             }
  849.             foreach($visible_user_groups as $group_id)
  850.             {
  851.                 if($group_id && !$GO_SECURITY->group_in_acl($group_id$user['acl_id']))
  852.                 {
  853.                     $GO_SECURITY->add_group_to_acl($group_id$user['acl_id']);
  854.                 }
  855.             }
  856.  
  857.             foreach($modules_read as $module_name)
  858.             {
  859.                 $module $GO_MODULES->get_module($module_name);
  860.                 if($module && !$GO_SECURITY->user_in_acl($user['id']$module['acl_read']))
  861.                 {
  862.                     $GO_SECURITY->add_user_to_acl($user['id']$module['acl_read']);
  863.                 }
  864.             }
  865.  
  866.             foreach($modules_write as $module_name)
  867.             {
  868.                 $module $GO_MODULES->get_module($module_name);
  869.                 if($module && !$GO_SECURITY->user_in_acl($user['id']$module['acl_write']))
  870.                 {
  871.                     $GO_SECURITY->add_user_to_acl($user['id']$module['acl_write']);
  872.                 }
  873.             }
  874.  
  875.             foreach($acl as $acl_id)
  876.             {
  877.                 if(!$GO_SECURITY->user_in_acl($user['id']$acl_id))
  878.                 {
  879.                     $GO_SECURITY->add_user_to_acl($user['id']$acl_id);
  880.                 }
  881.             }
  882.             
  883.             $user['password']=$unencrypted_password;
  884.             
  885.             //delay add user event because name must be supplied first.
  886.             if(!empty($user['first_name']&& !empty($user['first_name']))
  887.             {            
  888.                 $GO_MODULES->fire_event('add_user'$params);
  889.             }
  890.  
  891.             return $user['id'];
  892.         else {
  893.             $GO_SECURITY->delete_acl$user['id');
  894.         }
  895.     
  896.         return false;
  897.     }
  898.     /**
  899.      * This function tells us if we exceeded the maximum number of users if set in
  900.      * config.php
  901.      * 
  902.      * @access public
  903.      * 
  904.      * @param void 
  905.      * 
  906.      * @return bool 
  907.      */
  908.     function max_users_reached()
  909.     {
  910.         global $GO_CONFIG;
  911.  
  912.         if($this->get_users($GO_CONFIG->max_users || $GO_CONFIG->max_users == 0)
  913.         {
  914.             return false;
  915.         }else
  916.         {
  917.             return true;
  918.         }
  919.     }
  920.     /**
  921.      * This function deletes a user from the database.
  922.      * 
  923.      * @access public
  924.      * 
  925.      * @param int $user_id 
  926.      * 
  927.      * @return bool 
  928.      */
  929.     function delete_user($user_id)
  930.     {
  931.         global $GO_CONFIG,$GO_SECURITY$GO_MODULES$GO_GROUPS;
  932.  
  933.         if($user $this->get_user($user_id))
  934.         {
  935.             $acl_id $this->f("acl_id");
  936.             $username $this->f("username");
  937.             $sql "DELETE FROM go_users WHERE id='".$this->escape($user_id)."'";
  938.             if ($this->query($sql))
  939.             {
  940.                 $GO_SECURITY->delete_acl($acl_id);
  941.                 $GO_SECURITY->delete_user($user_id);
  942.                 
  943.                 require_once($GO_CONFIG->class_path.'base/search.class.inc.php');
  944.                 $search new search();
  945.                 
  946.                 $search->delete_search_result($user_id8);
  947.                 
  948.                 
  949.                 $GO_MODULES->fire_event('user_delete'$user);
  950.  
  951.                 //$GO_GROUPS->__on_user_delete($user_id);
  952.  
  953.                 
  954.                 $sql "DELETE FROM go_acl WHERE user_id=".$this->escape($user_id).";";
  955.                 $this->query($sql);
  956.                 
  957. //                system('rm -Rf '.$GO_CONFIG->file_storage_path.'users/'.$user_id);
  958.                 return true;
  959.             }
  960.         }
  961.         throw new Exception('An error has occured while deleting the user');
  962.     }
  963.  
  964.     function increment_logins$user_id {
  965.         $sql =  "UPDATE go_users SET logins=logins+1, lastlogin='".time().
  966.         "' WHERE id='$user_id'";
  967.         $this->query$sql );
  968.     }
  969.     
  970.     /**
  971.      * This function generates a randomized password.
  972.      * 
  973.      * @access public
  974.      * 
  975.      * @param string $characters_allow 
  976.      * @param string $characters_disallow 
  977.      * @param int $password_length 
  978.      * @param int $repeat 
  979.      * 
  980.      * @return string 
  981.      */
  982.     function random_password$characters_allow 'a-z,1-9'$characters_disallow 'i,o'$password_length 4$repeat {
  983.         // Generate array of allowable characters.
  984.         $characters_allow explode(','$characters_allow);
  985.     
  986.         for ($i 0$i count($characters_allow)$i ++{
  987.             if (substr_count($characters_allow[$i]'-'0{
  988.                 $character_range explode('-'$characters_allow[$i]);
  989.     
  990.                 for ($j ord($character_range[0])$j <= ord($character_range[1])$j ++{
  991.                     $array_allow[chr($j);
  992.                 }
  993.             else {
  994.                 $array_allow[$characters_allow[$i];
  995.             }
  996.         }
  997.     
  998.         // Generate array of disallowed characters.
  999.         $characters_disallow explode(','$characters_disallow);
  1000.     
  1001.         for ($i 0$i count($characters_disallow)$i ++{
  1002.             if (substr_count($characters_disallow[$i]'-'0{
  1003.                 $character_range explode('-'$characters_disallow[$i]);
  1004.     
  1005.                 for ($j ord($character_range[0])$j <= ord($character_range[1])$j ++{
  1006.                     $array_disallow[chr($j);
  1007.                 }
  1008.             else {
  1009.                 $array_disallow[$characters_disallow[$i];
  1010.             }
  1011.         }
  1012.     
  1013.         mt_srand(( double ) microtime(1000000);
  1014.     
  1015.         // Generate array of allowed characters by removing disallowed
  1016.         // characters from array.
  1017.         $array_allow array_diff($array_allow$array_disallow);
  1018.  
  1019.         // Resets the keys since they won't be consecutive after
  1020.         // removing the disallowed characters.
  1021.         reset($array_allow);
  1022.         $new_key 0;
  1023.         while (list ($key$valeach($array_allow)) {
  1024.             $array_allow_tmp[$new_key$val;
  1025.             $new_key ++;
  1026.         }
  1027.  
  1028.         $array_allow $array_allow_tmp;
  1029.         $password '';
  1030.         while (strlen($password$password_length{
  1031.             $character mt_rand(0count($array_allow1);
  1032.  
  1033.             // If characters are not allowed to repeat,
  1034.             // only add character if not found in partial password string.
  1035.             if ($repeat == 0{
  1036.                 if (substr_count($password$array_allow[$character]== 0{
  1037.                     $password .= $array_allow[$character];
  1038.                 }
  1039.             else {
  1040.                 $password .= $array_allow[$character];
  1041.             }
  1042.         }
  1043.         return $password;
  1044.     }
  1045.     
  1046. /**
  1047.      * When a global search action is performed this function will be called for each module
  1048.      *
  1049.      * @param int $last_sync_time The time this function was called last
  1050.      */
  1051.  
  1052.     
  1053.  
  1054.     function cache_user($user_id)
  1055.     {
  1056.         global $GO_MODULES$GO_CONFIG$GO_LANGUAGE;
  1057.         
  1058.         require_once($GO_CONFIG->class_path.'/base/search.class.inc.php');
  1059.         $search new search();
  1060.  
  1061.         require($GO_LANGUAGE->get_language_file('users'));
  1062.  
  1063.         $sql "SELECT DISTINCT *  FROM go_users WHERE id=?";
  1064.         $this->query($sql'i'$user_id);
  1065.         $record $this->next_record();
  1066.         if($record)
  1067.         {    
  1068.             $cache['id']=$this->f('id');
  1069.             $cache['user_id']=1;
  1070.             $cache['name'String::format_name($this->f('last_name'),$this->f('first_name'),$this->f('middle_name'));
  1071.             $cache['link_type']=8;
  1072.             $cache['description']='';
  1073.             $cache['type']=$us_user;
  1074.             $cache['keywords']=$search->record_to_keywords($this->record).','.$cache['type'];
  1075.             $cache['mtime']=$this->f('mtime');
  1076.             $cache['module']='users';
  1077.             $cache['acl_read']=$GO_MODULES->modules['users']['acl_read'];
  1078.             $cache['acl_write']=$GO_MODULES->modules['users']['acl_write'];
  1079.                 
  1080.             $search->cache_search_result($cache);
  1081.         }
  1082.     }
  1083. }
Documentation generated on Thu, 30 Oct 2008 14:13:55 +0100 by phpDocumentor 1.4.0