- OO version of user class
- no more duplicated functions - improved performances (much less duplicated mysql queries) - less code and better error handling
This commit is contained in:
Jonathan Ernst
WineHQ
500
include/user.php
500
include/user.php
@@ -1,323 +1,293 @@
|
||||
<?php
|
||||
/******************************************/
|
||||
/* This class represents a logged in user */
|
||||
/******************************************/
|
||||
/************************************/
|
||||
/* user class and related functions */
|
||||
/************************************/
|
||||
|
||||
|
||||
/**
|
||||
* User class for handling users
|
||||
*/
|
||||
class User {
|
||||
|
||||
var $stamp;
|
||||
var $userid;
|
||||
var $realname;
|
||||
var $created;
|
||||
var $status;
|
||||
var $perm;
|
||||
var $CVSrelease;
|
||||
var $iUserId;
|
||||
var $sEmail;
|
||||
var $sRealname;
|
||||
var $sStamp;
|
||||
var $sDateCreated;
|
||||
var $sWineRelease;
|
||||
|
||||
/**
|
||||
* constructor
|
||||
* opens a connection to the user database
|
||||
* Constructor.
|
||||
* If $iUserId is provided, logs in user.
|
||||
*/
|
||||
function User()
|
||||
function User($iUserId="")
|
||||
{
|
||||
|
||||
if($iUserId)
|
||||
{
|
||||
$sQuery = "SELECT *
|
||||
FROM user_list
|
||||
WHERE userId = '".$iUserId."'";
|
||||
$hResult = query_appdb($sQuery);
|
||||
$oRow = mysql_fetch_object($hResult);
|
||||
$this->iUserId = $oRow->userid;
|
||||
$this->sEmail = $oRow->email;
|
||||
$this->sRealname = $oRow->realname;
|
||||
$this->sStamp = $oRow->stamp;
|
||||
$this->sDateCreated = $oRow->created;
|
||||
$this->sWineRelease = $oRow->CVSrelease;
|
||||
}
|
||||
return $this->isLoggedIn();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* check if a user exists
|
||||
* returns TRUE if the user exists
|
||||
* Logs in an user using e-mail and password.
|
||||
*/
|
||||
function exists($sEmail)
|
||||
{
|
||||
$result = query_appdb("SELECT * FROM user_list WHERE email = '$sEmail'");
|
||||
if(!$result || mysql_num_rows($result) != 1)
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
function lookup_userid($sEmail)
|
||||
{
|
||||
$result = query_appdb("SELECT userid FROM user_list WHERE email = '$sEmail'");
|
||||
if(!$result || mysql_num_rows($result) != 1)
|
||||
return null;
|
||||
$ob = mysql_fetch_object($result);
|
||||
return $ob->userid;
|
||||
}
|
||||
|
||||
|
||||
function lookup_realname($userid)
|
||||
{
|
||||
$result = query_appdb("SELECT realname FROM user_list WHERE userid = $userid");
|
||||
if(!$result || mysql_num_rows($result) != 1)
|
||||
return null;
|
||||
$ob = mysql_fetch_object($result);
|
||||
return $ob->realname;
|
||||
}
|
||||
|
||||
|
||||
function lookup_email($userid)
|
||||
{
|
||||
return lookupEmail($userid);
|
||||
}
|
||||
|
||||
function lookup_CVSrelease($userId)
|
||||
{
|
||||
$result = query_appdb("SELECT CVSrelease FROM user_list WHERE userId = '$userId'");
|
||||
if(!$result || mysql_num_rows($result) != 1)
|
||||
return null;
|
||||
$ob = mysql_fetch_object($result);
|
||||
return $ob->CVSrelease;
|
||||
}
|
||||
|
||||
/**
|
||||
* restore a user from the database
|
||||
* returns 0 on success and an error msg on failure
|
||||
*/
|
||||
function restore($sEmail, $sPassword)
|
||||
{
|
||||
$result = query_appdb("SELECT stamp, userid, realname, ".
|
||||
"created, status, perm FROM user_list WHERE ".
|
||||
"email = '$sEmail' AND ".
|
||||
"password = password('$sPassword')");
|
||||
if(!$result)
|
||||
return "A database error occurred";
|
||||
|
||||
if(mysql_num_rows($result) == 0)
|
||||
return "Invalid e-mail or password";
|
||||
|
||||
list($this->stamp, $this->userid, $this->realname,
|
||||
$this->created, $status, $perm) = mysql_fetch_row($result);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
function login($sEmail, $sPassword)
|
||||
{
|
||||
$result = $this->restore($sEmail, $sPassword);
|
||||
|
||||
/* if our result is non-null then we must have had an error */
|
||||
if($result != null)
|
||||
return $result;
|
||||
|
||||
/* update the 'stamp' field in the users account to reflect the last time */
|
||||
/* they logged in */
|
||||
$myUserId = $this->lookup_userid($sEmail);
|
||||
$result = query_appdb("UPDATE user_list SET stamp=null WHERE userid=$myUserId;");
|
||||
return 0;
|
||||
$sQuery = "SELECT *
|
||||
FROM user_list
|
||||
WHERE email = '".$sEmail."'
|
||||
AND password = password('".$sPassword."')";
|
||||
$hResult = query_appdb($sQuery);
|
||||
$oRow = mysql_fetch_object($hResult);
|
||||
$this->iUserId = $oRow->userid;
|
||||
$this->sEmail = $oRow->email;
|
||||
$this->sRealname = $oRow->realname;
|
||||
$this->sStamp = $oRow->stamp;
|
||||
$this->sDateCreated = $oRow->created;
|
||||
$this->sWineRelease = $oRow->CVSrelease;
|
||||
if($this->isLoggedIn())
|
||||
{
|
||||
// Update timestamp
|
||||
query_appdb("UPDATE user_list SET stamp=null WHERE userid=".$this->iUserId);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* create a new user
|
||||
* returns 0 on success and an error msg on failure
|
||||
* Creates a new user.
|
||||
* returns true on success, false on failure
|
||||
*/
|
||||
function create($sEmail, $sPassword, $sRealname, $sCVSrelease)
|
||||
function create($sEmail, $sPassword, $sRealname, $sWineRelease)
|
||||
{
|
||||
if(user_exists($sEmail))
|
||||
{
|
||||
addMsg("An account with this e-mail exists already.","red");
|
||||
return false;
|
||||
} else
|
||||
{
|
||||
$aInsert = compile_insert_string(array( 'realname' => $sRealname,
|
||||
'email' => $sEmail,
|
||||
'status' => 0,
|
||||
'perm' => 0,
|
||||
'CVSrelease' => $sCVSrelease ));
|
||||
'CVSrelease' => $sWineRelease ));
|
||||
|
||||
$sFields = "({$aInsert['FIELDS']}, `password`, `stamp`, `created`)";
|
||||
$sValues = "({$aInsert['VALUES']}, password('".$sPassword."'), NOW(), NOW() )";
|
||||
|
||||
query_appdb("INSERT INTO user_list $sFields VALUES $sValues", "Error while creating a new user.");
|
||||
$this->restore($sEmail, $sPassword);
|
||||
return $this->login($sEmail, $sPassword);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Update User Account;
|
||||
*/
|
||||
function update($userid = 0, $password = null, $realname = null, $email = null, $CVSrelease = null)
|
||||
function update($sEmail = null, $sPassword = null, $sRealname = null, $sWineRelease = null)
|
||||
{
|
||||
if (!$userid)
|
||||
return 0;
|
||||
if ($password)
|
||||
if(!$this->isLoggedIn()) return false;
|
||||
|
||||
if ($sEmail)
|
||||
{
|
||||
if (!query_appdb("UPDATE user_list SET password = password('$password') WHERE userid = $userid"))
|
||||
return 0;
|
||||
if(user_exists($sEmail) && $sEmail != $this->sEmail)
|
||||
{
|
||||
addMsg("An account with this e-mail exists already.","red");
|
||||
return false;
|
||||
}
|
||||
if (!query_appdb("UPDATE user_list SET email = '".addslashes($sEmail)."' WHERE userid = ".$this->iUserId))
|
||||
return false;
|
||||
$this->sEmail = $sEmail;
|
||||
}
|
||||
|
||||
if ($realname)
|
||||
if ($sPassword)
|
||||
{
|
||||
if (!query_appdb("UPDATE user_list SET realname = '".addslashes($realname)."' WHERE userid = $userid"))
|
||||
return 0;
|
||||
if (!query_appdb("UPDATE user_list SET password = password('$sPassword') WHERE userid = ".$this->iUserId))
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($email)
|
||||
if ($sRealname)
|
||||
{
|
||||
if (!query_appdb("UPDATE user_list SET email = '".addslashes($email)."' WHERE userid = $userid"))
|
||||
return 0;
|
||||
if (!query_appdb("UPDATE user_list SET realname = '".addslashes($sRealname)."' WHERE userid = ".$this->iUserId))
|
||||
return false;
|
||||
$this->sRealname = $sRealname;
|
||||
}
|
||||
|
||||
if ($CVSrelease)
|
||||
if ($sWineRelease)
|
||||
{
|
||||
if (!query_appdb("UPDATE user_list SET CVSrelease = '".addslashes($CVSrelease)."' WHERE userid = $userid"))
|
||||
return 0;
|
||||
if (!query_appdb("UPDATE user_list SET CVSrelease = '".addslashes($sWineRelease)."' WHERE userid = ".$this->iUserId))
|
||||
return false;
|
||||
$this->sWineRelease = $sWineRelease;
|
||||
}
|
||||
|
||||
return 1;
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* remove the current, or specified user from the database
|
||||
* returns 0 on success and an error msg on failure
|
||||
* Removes the current, or specified user and preferences from the database.
|
||||
* returns true on success and false on failure.
|
||||
*/
|
||||
function remove($sEmail = "")
|
||||
function delete()
|
||||
{
|
||||
if(!$sEmail)
|
||||
$sEmail = $this->email;
|
||||
$result = query_appdb("DELETE FROM user_list WHERE email = '".$sEmail."'");
|
||||
if(!$result)
|
||||
return "A database error occurred";
|
||||
return 0;
|
||||
if(!$this->isLoggedIn()) return false;
|
||||
$hResult2 = query_appdb("DELETE FROM user_privs WHERE id = '".$this->iUserId."'");
|
||||
$hResult3 = query_appdb("DELETE FROM user_prefs WHERE id = '".$this->iUserId."'");
|
||||
return($hResult = query_appdb("DELETE FROM user_list WHERE id = '".$this->iUserId."'"));
|
||||
}
|
||||
|
||||
|
||||
function done()
|
||||
/**
|
||||
* Get a preference for the current user.
|
||||
*/
|
||||
function getPref($sKey, $sDef = null)
|
||||
{
|
||||
|
||||
}
|
||||
if(!$this->isLoggedIn() || !$sKey)
|
||||
return $sDef;
|
||||
|
||||
|
||||
function getpref($key, $def = null)
|
||||
{
|
||||
if(!$this->userid || !$key)
|
||||
return $def;
|
||||
|
||||
$result = query_appdb("SELECT * FROM user_prefs WHERE userid = $this->userid AND name = '$key'");
|
||||
if(!$result || mysql_num_rows($result) == 0)
|
||||
return $def;
|
||||
$ob = mysql_fetch_object($result);
|
||||
$hResult = query_appdb("SELECT * FROM user_prefs WHERE userid = ".$this->iUserId." AND name = '$sKey'");
|
||||
if(!$hResult || mysql_num_rows($hResult) == 0)
|
||||
return $sDef;
|
||||
$ob = mysql_fetch_object($hResult);
|
||||
return $ob->value;
|
||||
}
|
||||
|
||||
|
||||
function setpref($key, $value)
|
||||
{
|
||||
if(!$this->userid || !$key || !$value)
|
||||
return null;
|
||||
|
||||
$result = query_appdb("DELETE FROM user_prefs WHERE userid = $this->userid AND name = '$key'");
|
||||
$result = query_appdb("INSERT INTO user_prefs VALUES($this->userid, '$key', '$value')");
|
||||
return $result ? true : false;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* check if this user has $priv
|
||||
* Set a preference for the current user.
|
||||
*/
|
||||
function checkpriv($priv)
|
||||
function setPref($sKey, $sValue)
|
||||
{
|
||||
if(!$this->userid || !$priv)
|
||||
return 0;
|
||||
|
||||
$result = query_appdb("SELECT * FROM user_privs WHERE userid = $this->userid AND priv = '$priv'");
|
||||
if(!$result)
|
||||
return 0;
|
||||
return mysql_num_rows($result);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* check if this user is a maintainer of a given appId/versionId
|
||||
*/
|
||||
function is_maintainer($appId, $versionId)
|
||||
{
|
||||
if(!$this->userid)
|
||||
if(!$this->isLoggedIn() || !$sKey || !$sValue)
|
||||
return false;
|
||||
|
||||
$hResult = query_appdb("DELETE FROM user_prefs WHERE userid = ".$this->iUserId." AND name = '$sKey'");
|
||||
$hResult = query_appdb("INSERT INTO user_prefs VALUES(".$this->iUserId.", '$sKey', '$sValue')");
|
||||
return $hResult;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check if this user has $priv.
|
||||
*/
|
||||
function hasPriv($sPriv)
|
||||
{
|
||||
if(!$this->isLoggedIn() || !$sPriv)
|
||||
return false;
|
||||
|
||||
$hResult = query_appdb("SELECT * FROM user_privs WHERE userid = ".$this->iUserId." AND priv = '".$sPriv."'");
|
||||
if(!$hResult)
|
||||
return false;
|
||||
return mysql_num_rows($hResult);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check if this user is a maintainer of a given appId/versionId.
|
||||
*/
|
||||
function isMaintainer($iAppId=null, $iVersionId=null)
|
||||
{
|
||||
if(!$this->isLoggedIn()) return false;
|
||||
|
||||
/* if this user is a super maintainer of this appid then they */
|
||||
/* are a maintainer of all of the versionId's of it as well */
|
||||
if($this->is_super_maintainer($appId))
|
||||
if($this->isSuperMaintainer($iAppId))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
$query = "SELECT * FROM appMaintainers WHERE userid = '$this->userid' AND appId = '$appId' AND versionId = '$versionId'";
|
||||
$result = query_appdb($query);
|
||||
if(!$result)
|
||||
return 0;
|
||||
return mysql_num_rows($result);
|
||||
|
||||
if($iAppId && $iVersionId)
|
||||
{
|
||||
$sQuery = "SELECT * FROM appMaintainers WHERE userid = '".$this->iUserId."' AND appId = '".$iAppId."' AND versionId = '$iVersionId'";
|
||||
} else
|
||||
{
|
||||
$sQuery = "SELECT * FROM appMaintainers WHERE userid = '".$this->iUserId."'";
|
||||
}
|
||||
$hResult = query_appdb($sQuery);
|
||||
if(!$hResult)
|
||||
return false;
|
||||
return mysql_num_rows($hResult);
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* check if this user is a maintainer of a given appId/versionId
|
||||
* Check if this user is a maintainer of a given appId/versionId.
|
||||
*/
|
||||
function is_super_maintainer($appId)
|
||||
function isSuperMaintainer($iAppId=null)
|
||||
{
|
||||
if(!$this->userid)
|
||||
if(!$this->isLoggedIn()) return false;
|
||||
|
||||
if($iAppId)
|
||||
{
|
||||
$sQuery = "SELECT * FROM appMaintainers WHERE userid = '$this->iUserId' AND appId = '$iAppId' AND superMaintainer = '1'";
|
||||
} else
|
||||
{
|
||||
$sQuery = "SELECT * FROM appMaintainers WHERE userid = '$this->iUserId' AND superMaintainer = '1'";
|
||||
}
|
||||
$hResult = query_appdb($sQuery);
|
||||
if(!$hResult)
|
||||
return false;
|
||||
return mysql_num_rows($hResult);
|
||||
}
|
||||
|
||||
|
||||
function addPriv($sPriv)
|
||||
{
|
||||
if(!$this->isLoggedIn() || !$sPriv)
|
||||
return false;
|
||||
|
||||
$query = "SELECT * FROM appMaintainers WHERE userid = '$this->userid' AND appId = '$appId' AND superMaintainer = '1'";
|
||||
$result = query_appdb($query);
|
||||
if(!$result)
|
||||
return 0;
|
||||
return mysql_num_rows($result);
|
||||
if($this->hasPriv($sPriv))
|
||||
return true;
|
||||
|
||||
$hResult = query_appdb("INSERT INTO user_privs VALUES ($this->iUserId, '$sPriv')");
|
||||
return $hResult;
|
||||
}
|
||||
|
||||
|
||||
function addpriv($priv)
|
||||
function delPriv($sPriv)
|
||||
{
|
||||
if(!$this->userid || !$priv)
|
||||
return 0;
|
||||
if(!$this->isLoggedIn() || !$sPriv)
|
||||
return false;
|
||||
|
||||
if($this->checkpriv($priv))
|
||||
return 1;
|
||||
|
||||
$result = query_appdb("INSERT INTO user_privs VALUES ($this->userid, '$priv')");
|
||||
return $result;
|
||||
$hRresult = query_appdb("DELETE FROM user_privs WHERE userid = $this->iUserId AND priv = '$sPriv'");
|
||||
return $hRresult;
|
||||
}
|
||||
|
||||
|
||||
function delpriv($priv)
|
||||
/**
|
||||
* Checks if the current user is valid.
|
||||
*/
|
||||
function isLoggedIn()
|
||||
{
|
||||
if(!$this->userid || !$priv)
|
||||
return 0;
|
||||
|
||||
$result = query_appdb("DELETE FROM user_privs WHERE userid = $this->userid AND priv = '$priv'");
|
||||
return $result;
|
||||
return $this->iUserId;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Checks if user should see debugging infos.
|
||||
*
|
||||
*/
|
||||
function showDebuggingInfos()
|
||||
{
|
||||
return (($this->isLoggedIn() && $this->getPref("debug") == "yes") || APPDB_DEBUG == 1);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
function loggedin()
|
||||
{
|
||||
if(isset($_SESSION['current']) && $_SESSION['current']->userid)
|
||||
return true;
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
function havepriv($priv)
|
||||
{
|
||||
if(!loggedin())
|
||||
return false;
|
||||
return $_SESSION['current']->checkpriv($priv);
|
||||
}
|
||||
|
||||
function debugging()
|
||||
{
|
||||
return ((loggedin() && $_SESSION['current']->getpref("debug") == "yes") || APPDB_DEBUG == 1);
|
||||
}
|
||||
|
||||
|
||||
function makeurl($text, $url, $pref = null)
|
||||
{
|
||||
if(loggedin())
|
||||
{
|
||||
if($_SESSION['current']->getpref($pref) == "yes")
|
||||
$extra = "window='new'";
|
||||
}
|
||||
return "<a href='$url' $extra> $text </a>\n";
|
||||
}
|
||||
|
||||
/*
|
||||
* User functions that are not part of the class
|
||||
*/
|
||||
|
||||
/**
|
||||
* create a new random password
|
||||
* Creates a new random password.
|
||||
*/
|
||||
function generate_passwd($pass_len = 10)
|
||||
{
|
||||
@@ -332,55 +302,10 @@ function generate_passwd($pass_len = 10)
|
||||
}
|
||||
|
||||
|
||||
function lookupEmail($userid)
|
||||
{
|
||||
$result = query_appdb("SELECT email FROM user_list WHERE userid = $userid");
|
||||
if(!$result || mysql_num_rows($result) != 1)
|
||||
return null;
|
||||
$ob = mysql_fetch_object($result);
|
||||
return $ob->email;
|
||||
}
|
||||
|
||||
function lookupRealname($userid)
|
||||
{
|
||||
$result = query_appdb("SELECT realname FROM user_list WHERE userid = $userid");
|
||||
if(!$result || mysql_num_rows($result) != 1)
|
||||
return null;
|
||||
$ob = mysql_fetch_object($result);
|
||||
return $ob->realname;
|
||||
}
|
||||
|
||||
function UserWantsEmail($userid)
|
||||
{
|
||||
$result = query_appdb("SELECT * FROM user_prefs WHERE userid = $userid AND name = 'send_email'");
|
||||
if(!$result || mysql_num_rows($result) == 0)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
$ob = mysql_fetch_object($result);
|
||||
return ($ob->value == 'no' ? false : true);
|
||||
}
|
||||
|
||||
function isAdministrator($iUserId)
|
||||
{
|
||||
$hResult = query_appdb("SELECT * FROM user_privs WHERE userid = ".$iUserId." AND priv = 'admin'");
|
||||
if(!$hResult)
|
||||
return 0;
|
||||
return mysql_num_rows($hResult);
|
||||
}
|
||||
|
||||
function isMaintainer($iUserId)
|
||||
{
|
||||
$hResult = query_appdb("SELECT * FROM appMaintainers WHERE userId = ".$iUserId);
|
||||
if(!$hResult)
|
||||
return 0;
|
||||
return mysql_num_rows($hResult);
|
||||
}
|
||||
|
||||
/**
|
||||
* get the email address of people to notify for this appId and versionId
|
||||
* Get the email address of people to notify for this appId and versionId.
|
||||
*/
|
||||
function getNotifyEmailAddressList($appId, $versionId = 0)
|
||||
function get_notify_email_address_list($appId, $versionId = 0)
|
||||
{
|
||||
$aUserId = array();
|
||||
$c = 0;
|
||||
@@ -418,8 +343,9 @@ function getNotifyEmailAddressList($appId, $versionId = 0)
|
||||
{
|
||||
while(list($index, list($userIdValue)) = each($aUserId))
|
||||
{
|
||||
if (UserWantsEmail($userIdValue))
|
||||
$retval .= lookupEmail($userIdValue)." ";
|
||||
$oUser = new User($userIdValue);
|
||||
if ($oUser->getPref("send_email"))
|
||||
$retval .= $oUser->sEmail." ";
|
||||
}
|
||||
}
|
||||
return $retval;
|
||||
@@ -429,7 +355,7 @@ function getNotifyEmailAddressList($appId, $versionId = 0)
|
||||
/**
|
||||
* Get the number of users in the database
|
||||
*/
|
||||
function getNumberOfUsers()
|
||||
function get_number_of_users()
|
||||
{
|
||||
$result = query_appdb("SELECT count(*) as num_users FROM user_list;");
|
||||
$row = mysql_fetch_object($result);
|
||||
@@ -440,11 +366,23 @@ function getNumberOfUsers()
|
||||
/**
|
||||
* Get the number of active users within $days of the current day
|
||||
*/
|
||||
function getActiveUsersWithinDays($days)
|
||||
function get_active_users_within_days($days)
|
||||
{
|
||||
$result = query_appdb("SELECT count(*) as num_users FROM user_list WHERE stamp >= DATE_SUB(CURDATE(), interval $days day);");
|
||||
$row = mysql_fetch_object($result);
|
||||
return $row->num_users;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check if a user exists.
|
||||
* returns TRUE if the user exists
|
||||
*/
|
||||
function user_exists($sEmail)
|
||||
{
|
||||
$result = query_appdb("SELECT * FROM user_list WHERE email = '$sEmail'");
|
||||
if(!$result || mysql_num_rows($result) != 1)
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user