PageRenderTime 49ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 0ms

/admin/datamodel/user.php

#
PHP | 398 lines | 303 code | 49 blank | 46 comment | 7 complexity | 2d69ddbb85e42c9c42f2390abaf48f15 MD5 | raw file
Possible License(s): GPL-3.0, LGPL-2.1 
    

  1. <?php

    2. 

  2. 

    3. 

  3. /*

    4. 

  4. 	Copyright (C) 2009-2010  Fabio Mattei <burattino@gmail.com>

    5. 

  5. 

    6. 

  6. 	This program is free software: you can redistribute it and/or modify

    7. 

  7. 	it under the terms of the GNU General Public License as published by

    8. 

  8. 	the Free Software Foundation, either version 3 of the License, or

    9. 

  9. 	(at your option) any later version.

    10. 

  10. 

    11. 

  11. 	This program is distributed in the hope that it will be useful,

    12. 

  12. 	but WITHOUT ANY WARRANTY; without even the implied warranty of

    13. 

  13. 	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

    14. 

  14. 	GNU General Public License for more details.

    15. 

  15. 

    16. 

  16. 	You should have received a copy of the GNU General Public License

    17. 

  17. 	along with this program.  If not, see <http://www.gnu.org/licenses/>.

    18. 

  18. */

    19. 

  19. 

    20. 

  20. require_once(STARTPATH.UTILSPATH.'password.php');

    21. 

  21. require_once(STARTPATH.UTILSPATH.'imagefiles.php');

    22. 

  22. require_once(STARTPATH.FILTERPATH.'userfilterremote.php');

    23. 

  23. 

    24. 

  24. 

    25. 

  25. class User {

    26. 

  26.     const NEW_USER = -1;

    27. 

  27.     private $id = self::NEW_USER;

    28. 

  28.     private $name;

    29. 

  29.     private $username;

    30. 

  30.     private $password;

    31. 

  31.     private $body;

    32. 

  32.     private $role;

    33. 

  33.     private $toshow;

    34. 

  34.     private $email;

    35. 

  35.     private $msn;

    36. 

  36.     private $skype;

    37. 

  37.     private $created;

    38. 

  38.     private $updated;

    39. 

  39. 

    40. 

  40.     const INSERT_SQL = 'insert into users (id, name, username, password, body, role, toshow, email, msn, skype, created, updated) values (@#@, @?@, @?@, @?@, @?@, @?@, @#@, @?@, @?@, @?@, now(), now())';

    41. 

  41.     const UPDATE_SQL = 'update users set name = @?@, body = @?@, role = @?@, toshow = @#@, email = @?@, msn = @?@, skype = @?@, updated=now() where id = @#@';

    42. 

  42.     const UPDATE_SQL_PASSWORD = 'update users set password = @?@, updated=now() where id = @#@';

    43. 

  43.     const UPDATE_SQL_USERNAME = 'update users set username = @?@, updated=now() where id = @#@';

    44. 

  44.     const DELETE_SQL = 'delete from users where id = @#@';

    45. 

  45.     const SELECT_MAX_ID = 'select max(id) as maxid from users ';

    46. 

  46.     const SELECT_BY_ID = 'select * from users where id = @#@ ';

    47. 

  47.     const SELECT_BY_NAME = 'select * from users where name like @?@ order by name';

    48. 

  48.     const SELECT_BY_USERNAME = 'select * from users where username = @?@ LIMIT 1 ';

    49. 

  49.     const SELECT_BY_USERNAME_AND_EMAIL = 'select * from users where username = @?@ AND email = @?@ order by name ';

    50. 

  50.     const SELECT_ALL = 'select * from users order by name ';

    51. 

  51.     const SELECT_ALL_TO_SHOW = 'select * from users WHERE toshow = 1 order by name ';

    52. 

  52.     const SELECT_USR_PSW = 'select * from users WHERE username like @?@ AND password like @?@ ';

    53. 

  53.     const SELECT_BY_ID_ORD = 'select id from users order by id DESC';

    54. 

  54.     const SELECT_ARTICLES = 'select AR.* from articles as AR, users_articles as UA where AR.id = UA.article_id AND UA.user_id = @#@ order by AR.id DESC';

    55. 

  55.     const SELECT_COMMENTSARTICLES = 'select CM.* from comments as CM, articles as AR, users_articles as UA where AR.id = CM.article_id AND AR.id = UA.article_id AND UA.user_id = @#@ order by CM.id DESC';

    56. 

  56. 

    57. 

  57.     public function __construct($id=self::NEW_USER, $name='', $username='', $password='', $body='', $role='', $toshow='', $email='', $msn='', $skype='', $created='', $updated='') {

    58. 

  58.         $this->filter = UserFilterRemote::getInstance();

    59. 

  59.         $this->id = $id;

    60. 

  60.         $this->name = $name;

    61. 

  61.         $this->username = $username;

    62. 

  62.         $this->password = $password;

    63. 

  63.         $this->body = $body;

    64. 

  64.         $this->role = $role;

    65. 

  65.         $this->toshow = $toshow;

    66. 

  66.         $this->email = $email;

    67. 

  67.         $this->msn = $msn;

    68. 

  68.         $this->skype = $skype;

    69. 

  69.         $this->created = $created;

    70. 

  70.         $this->updated = $updated;

    71. 

  71.     }

    72. 

  72. 

    73. 

  73.     /**

    74. 

  74.      * Return a user from the query

    75. 

  75.      *

    76. 

  76.      * @return User

    77. 

  77.      */

    78. 

  78.     public static function findOne($SQL, $array_str, $array_int) {

    79. 

  79.         $tables = array("users" => TBPREFIX."users");

    80. 

  80.         try {

    81. 

  81.             $rs = DB::getInstance()->execute(

    82. 

  82.                     $SQL,

    83. 

  83.                     $array_str,

    84. 

  84.                     $array_int,

    85. 

  85.                     $tables);

    86. 

  86.             if ($row = mysql_fetch_array($rs)) {

    87. 

  87.                 $ret = new User($row['id'], $row['name'], $row['username'], $row['password'], $row['body'], $row['role'], $row['toshow'], $row['email'], $row['msn'], $row['skype'], $row['created'], $row['updated']);

    88. 

  88.             } else {

    89. 

  89.                 $ret = new User();

    90. 

  90.             }

    91. 

  91.         } catch (Exception $e) {

    92. 

  92.             $ret = new User();

    93. 

  93.             echo 'Caught exception: ',  $e->getMessage(), "\n";

    94. 

  94.         }

    95. 

  95.         return $ret;

    96. 

  96.     }

    97. 

  97. 

    98. 

  98.     public static function findMany($SQL, $array_str, $array_int) {

    99. 

  99.         $tables = array("users" => TBPREFIX."users");

    100. 

  100.         $ret = array();

    101. 

  101.         try {

    102. 

  102.             $rs = DB::getInstance()->execute(

    103. 

  103.                     $SQL,

    104. 

  104.                     $array_str,

    105. 

  105.                     $array_int,

    106. 

  106.                     $tables);

    107. 

  107.             while ($row = mysql_fetch_array($rs)) {

    108. 

  108.                 $ret[] = new User($row['id'], $row['name'], $row['username'], $row['password'], $row['body'], $row['role'], $row['toshow'], $row['email'], $row['msn'], $row['skype'], $row['created'], $row['updated']);

    109. 

  109.             }

    110. 

  110.         } catch (Exception $e) {

    111. 

  111.             $ret[] = new User();

    112. 

  112.             echo 'Caught exception: ', $e->getMessage(), "\n";

    113. 

  113.         }

    114. 

  114.         return $ret;

    115. 

  115.     }

    116. 

  116. 

    117. 

  117.     /**

    118. 

  118.      * Return a user from the query searching by id

    119. 

  119.      *

    120. 

  120.      * @return User

    121. 

  121.      */

    122. 

  122.     public static function findById($id) {

    123. 

  123.         return USER::findOne(self::SELECT_BY_ID, array(), array($id));

    124. 

  124.     }

    125. 

  125. 

    126. 

  126.     /**

    127. 

  127.      * Return a user from the query searching by name

    128. 

  128.      *

    129. 

  129.      * @return User

    130. 

  130.      */

    131. 

  131.     public static function findByName($name) {

    132. 

  132.         return USER::findMany(self::SELECT_BY_NAME, array("%$name%"), array());

    133. 

  133.     }

    134. 

  134. 

    135. 

  135.     /**

    136. 

  136.      * Return a user from the query searching by username

    137. 

  137.      *

    138. 

  138.      * @return User

    139. 

  139.      */

    140. 

  140.     public static function findByUserName($username) {

    141. 

  141.         return USER::findOne(self::SELECT_BY_USERNAME, array("$username"), array());

    142. 

  142.     }

    143. 

  143. 

    144. 

  144.     /**

    145. 

  145.      * Return a user from the  searching by Username and Email

    146. 

  146.      *

    147. 

  147.      * @return User

    148. 

  148.      */

    149. 

  149.     public static function findByUsernameAndEmail($username, $email) {

    150. 

  150.         return USER::findOne(self::SELECT_BY_USERNAME_AND_EMAIL, array("$username", "$email"), array());

    151. 

  151.     }

    152. 

  152. 

    153. 

  153.     /**

    154. 

  154.      * Return all user in the database

    155. 

  155.      *

    156. 

  156.      * @return Array(User)

    157. 

  157.      */

    158. 

  158.     public static function findAll() {

    159. 

  159.         return USER::findMany(self::SELECT_ALL, array(), array());

    160. 

  160.     }

    161. 

  161. 

    162. 

  162.     public static function findAllToShow() {

    163. 

  163.         return USER::findMany(self::SELECT_ALL_TO_SHOW, array(), array());

    164. 

  164.     }

    165. 

  165. 

    166. 

  166.     public static function checkUsrPsw($usr, $psw) {

    167. 

  167.         return USER::findOne(self::SELECT_USR_PSW, array("$usr", md5($psw)), array());

    168. 

  168.     }

    169. 

  169. 

    170. 

  170.     public function articles() {

    171. 

  171.         $tables = array('articles' => TBPREFIX.'articles',

    172. 

  172.                 'users_articles' => TBPREFIX.'users_articles');

    173. 

  173.         return ARTICLE::findManyAndSpecifyTables(self::SELECT_ARTICLES, array(), array($this->id), $tables);

    174. 

  174.     }

    175. 

  175. 

    176. 

  176.     public function articlescomments() {

    177. 

  177.         $tables = array('comments' => TBPREFIX.'comments',

    178. 

  178.                 'articles' => TBPREFIX.'articles',

    179. 

  179.                 'users_articles' => TBPREFIX.'users_articles');

    180. 

  180.         return COMMENT::findManyAndSpecifyTables(self::SELECT_COMMENTSARTICLES, array(), array($this->id), $tables);

    181. 

  181.     }

    182. 

  182. 

    183. 

  183.     public function getMaxId() {

    184. 

  184.         $tables = array("users" => TBPREFIX."users");

    185. 

  185.         try {

    186. 

  186.             $rs = DB::getInstance()->execute(

    187. 

  187.                     self::SELECT_MAX_ID,

    188. 

  188.                     array(),

    189. 

  189.                     array(),

    190. 

  190.                     $tables);

    191. 

  191.             $row = mysql_fetch_array($rs);

    192. 

  192.             $maxId = $row['maxid'];

    193. 

  193.         } catch (Exception $e) {

    194. 

  194.             $maxId = 0;

    195. 

  195.             echo 'Caught exception: ',  $e->getMessage(), "\n";

    196. 

  196.         }

    197. 

  197.         return $maxId;

    198. 

  198.     }

    199. 

  199. 

    200. 

  200.     public function save() {

    201. 

  201.         if ($this->id == self::NEW_USER) {

    202. 

  202.             $this->insert();

    203. 

  203.         } else {

    204. 

  204.             $this->update();

    205. 

  205.         }

    206. 

  206.     }

    207. 

  207. 

    208. 

  208.     public function delete() {

    209. 

  209.         $tables = array("users" => TBPREFIX."users");

    210. 

  210.         try {

    211. 

  211.             DB::getInstance()->execute(

    212. 

  212.                     self::DELETE_SQL,

    213. 

  213.                     array(),

    214. 

  214.                     array($this->id),

    215. 

  215.                     $tables);

    216. 

  216.             $this->id = self::NEW_USER;

    217. 

  217.             $this->name = '';

    218. 

  218.             $this->username = '';

    219. 

  219.             $this->password = '';

    220. 

  220.             $this->body = '';

    221. 

  221.             $this->role = '';

    222. 

  222.             $this->toshow = '';

    223. 

  223.             $this->email = '';

    224. 

  224.             $this->msn = '';

    225. 

  225.             $this->skype = '';

    226. 

  226.             $this->created = '';

    227. 

  227.             $this->updated = '';

    228. 

  228.         } catch (Exception $e) {

    229. 

  229.             echo 'Caught exception: ',  $e->getMessage(), "\n";

    230. 

  230.         }

    231. 

  231.     }

    232. 

  232. 

    233. 

  233.     protected function insert() {

    234. 

  234.         $this->id = $this->getMaxId()+1;

    235. 

  235.         $tables = array("users" => TBPREFIX."users");

    236. 

  236.         $psw = md5($this->password);

    237. 

  237.         try {

    238. 

  238.             DB::getInstance()->execute(

    239. 

  239.                     self::INSERT_SQL,

    240. 

  240.                     array($this->name, $this->username, $psw, $this->body, $this->role, $this->email, $this->msn, $this->skype),

    241. 

  241.                     array($this->id, $this->toshow),

    242. 

  242.                     $tables);

    243. 

  243.         } catch (Exception $e) {

    244. 

  244.             echo 'Caught exception: ',  $e->getMessage(), "\n";

    245. 

  245.         }

    246. 

  246.     }

    247. 

  247. 

    248. 

  248.     protected function update() {

    249. 

  249.         $tables = array("users" => TBPREFIX."users");

    250. 

  250.         try {

    251. 

  251.             DB::getInstance()->execute(

    252. 

  252.                     self::UPDATE_SQL,

    253. 

  253.                     array($this->name, $this->body, $this->role, $this->email, $this->msn, $this->skype),

    254. 

  254.                     array($this->toshow, $this->id),

    255. 

  255.                     $tables);

    256. 

  256.         } catch (Exception $e) {

    257. 

  257.             echo 'Caught exception: ',  $e->getMessage(), "\n";

    258. 

  258.         }

    259. 

  259.     }

    260. 

  260. 

    261. 

  261.     public function updatePassword($NewPsw, $OldPsw) {

    262. 

  262.         if (md5($OldPsw)==$this->password) {

    263. 

  263.             $tables = array("users" => TBPREFIX."users");

    264. 

  264.             $this->password = md5($NewPsw);

    265. 

  265.             try {

    266. 

  266.                 DB::getInstance()->execute(

    267. 

  267.                         self::UPDATE_SQL_PASSWORD,

    268. 

  268.                         array($this->password),

    269. 

  269.                         array($this->id),

    270. 

  270.                         $tables);

    271. 

  271.             } catch (Exception $e) {

    272. 

  272.                 echo 'Caught exception: ',  $e->getMessage(), "\n";

    273. 

  273.             }

    274. 

  274.         }

    275. 

  275.     }

    276. 

  276. 

    277. 

  277.     public function updateUsername($NewUserName) {

    278. 

  278.         $tables = array("users" => TBPREFIX."users");

    279. 

  279.         $this->username = $NewUserName;

    280. 

  280.         try {

    281. 

  281.             DB::getInstance()->execute(

    282. 

  282.                     self::UPDATE_SQL_USERNAME,

    283. 

  283.                     array($this->username),

    284. 

  284.                     array($this->id),

    285. 

  285.                     $tables);

    286. 

  286.         } catch (Exception $e) {

    287. 

  287.             echo 'Caught exception: ',  $e->getMessage(), "\n";

    288. 

  288.         }

    289. 

  289.     }

    290. 

  290. 

    291. 

  291.     public function setNewRandomPassword() {

    292. 

  292.         $newPassword = Password::generatePassword();

    293. 

  293.         $tables = array("users" => TBPREFIX."users");

    294. 

  294.         $this->password = md5($newPassword);

    295. 

  295.         try {

    296. 

  296.             DB::getInstance()->execute(

    297. 

  297.                     self::UPDATE_SQL_PASSWORD,

    298. 

  298.                     array($this->password),

    299. 

  299.                     array($this->id),

    300. 

  300.                     $tables);

    301. 

  301.         } catch (Exception $e) {

    302. 

  302.             echo 'Caught exception: ',  $e->getMessage(), "\n";

    303. 

  303.         }

    304. 

  304.         return $newPassword;

    305. 

  305.     }

    306. 

  306. 

    307. 

  307.     public function getId() {

    308. 

  308.         return $this->id;

    309. 

  309.     }

    310. 

  310. 

    311. 

  311.     public function getName() {

    312. 

  312.         return $this->name;

    313. 

  313.     }

    314. 

  314. 

    315. 

  315.     public function setName($name) {

    316. 

  316.         $this->name = $name;

    317. 

  317.     }

    318. 

  318. 

    319. 

  319.     public function getUsername() {

    320. 

  320.         return $this->username;

    321. 

  321.     }

    322. 

  322. 

    323. 

  323.     public function setUsername($username) {

    324. 

  324.         $this->username = $username;

    325. 

  325.     }

    326. 

  326. 

    327. 

  327.     public function getPassword() {

    328. 

  328.         return $this->password;

    329. 

  329.     }

    330. 

  330. 

    331. 

  331.     public function setPassword($password) {

    332. 

  332.         $this->password = $password;

    333. 

  333.     }

    334. 

  334. 

    335. 

  335.     public function getBody() {

    336. 

  336.         $out = $this->filter->executeFiltersBody($this->body);

    337. 

  337.         return $out;

    338. 

  338.     }

    339. 

  339. 

    340. 

  340.     public function getUnfilteredBody() {

    341. 

  341.         return $this->body;

    342. 

  342.     }

    343. 

  343. 

    344. 

  344.     public function setBody($body) {

    345. 

  345.         $this->body = $body;

    346. 

  346.     }

    347. 

  347. 

    348. 

  348.     public function getRole() {

    349. 

  349.         return $this->role;

    350. 

  350.     }

    351. 

  351. 

    352. 

  352.     public function setRole($role) {

    353. 

  353.         $this->role = $role;

    354. 

  354.     }

    355. 

  355. 

    356. 

  356.     public function getToshow() {

    357. 

  357.         return $this->toshow;

    358. 

  358.     }

    359. 

  359. 

    360. 

  360.     public function setToshow($toshow) {

    361. 

  361.         $this->toshow = $toshow;

    362. 

  362.     }

    363. 

  363. 

    364. 

  364.     public function getEmail() {

    365. 

  365.         return $this->email;

    366. 

  366.     }

    367. 

  367. 

    368. 

  368.     public function setEmail($email) {

    369. 

  369.         $this->email = $email;

    370. 

  370.     }

    371. 

  371. 

    372. 

  372.     public function getMsn() {

    373. 

  373.         return $this->msn;

    374. 

  374.     }

    375. 

  375. 

    376. 

  376.     public function setMsn($msn) {

    377. 

  377.         $this->msn = $msn;

    378. 

  378.     }

    379. 

  379. 

    380. 

  380.     public function getSkype() {

    381. 

  381.         return $this->skype;

    382. 

  382.     }

    383. 

  383. 

    384. 

  384.     public function setSkype($skype) {

    385. 

  385.         $this->skype = $skype;

    386. 

  386.     }

    387. 

  387. 

    388. 

  388.     public function getCreated() {

    389. 

  389.         return $this->created;

    390. 

  390.     }

    391. 

  391. 

    392. 

  392.     public function getUpdated() {

    393. 

  393.         return $this->updated;

    394. 

  394.     }

    395. 

  395. 

    396. 

  396. }

    397. 

  397. 

    398. 

  398. ?>
    399.