PageRenderTime 190ms CodeModel.GetById 40ms app.highlight 61ms RepoModel.GetById 80ms app.codeStats 1ms

/lib/packages/webusers/webuser.class.php

https://bitbucket.org/navigatecms/navigatecms
PHP | 890 lines | 731 code | 129 blank | 30 comment | 66 complexity | 1e1893e6589700f0c376222c111d91c7 MD5 | raw file
  1<?php
  2
  3class webuser
  4{
  5	public $id;
  6	public $website;
  7	public $username;
  8	public $password;
  9	public $email;
 10	public $email_verification_date;
 11    public $groups;
 12	public $fullname;
 13	public $gender; // male / female / company / (empty)
 14	public $avatar;
 15	public $birthdate;
 16	public $language; // ISO 639-1 (2 chars) (en => English, es => EspaĂąol)
 17	public $country; // ISO-3166-1993 (US => United States of America, ES => Spain)
 18	public $timezone; // PHP5 Timezone Code (, "Europe/Madrid")
 19	public $address;
 20	public $zipcode;
 21	public $location;
 22	public $phone;
 23	public $social_website;
 24	public $joindate;
 25    public $lastseen;
 26	public $newsletter;
 27    public $private_comment;
 28	public $activation_key;
 29	public $cookie_hash;
 30	public $access; // 0: allowed, 1 => blocked, 2 => allowed within a date range
 31	public $access_begin;   // timestamp, 0 => infinite
 32	public $access_end; // timestamp, 0 => infinite
 33
 34    public $properties;
 35  	
 36	public function load($id)
 37	{
 38		global $DB;
 39		if($DB->query('SELECT * FROM nv_webusers WHERE id = '.intval($id)))
 40		{
 41			$data = $DB->result();
 42			$this->load_from_resultset($data);
 43		}
 44	}
 45	
 46	public function load_by_hash($hash)
 47	{
 48		global $DB;
 49		global $session;
 50        global $events;
 51
 52        $ok = $DB->query('SELECT * FROM nv_webusers WHERE cookie_hash = '.protect($hash));
 53        if($ok)
 54            $data = $DB->result();
 55
 56        if(!empty($data))
 57		{
 58			$this->load_from_resultset($data);
 59
 60			// check if the user is still allowed to sign in
 61			$blocked = 1;
 62			if( $this->access == 0 ||
 63                ( $this->access == 2 &&
 64                    ($this->access_begin==0 || $this->access_begin < time()) &&
 65                    ($this->access_end==0 || $this->access_end > time())
 66                )
 67            )
 68			{
 69				$blocked = 0;
 70			}
 71
 72			if($blocked==1)
 73				return false;
 74
 75			$session['webuser'] = $this->id;
 76
 77            // maybe this function is called without initializing $events
 78            if(method_exists($events, 'trigger'))
 79            {
 80                $events->trigger(
 81                    'webuser',
 82                    'sign_in',
 83                    array(
 84                        'webuser' => $this,
 85                        'by' => 'cookie'
 86                    )
 87                );
 88            }
 89		}
 90
 91	}
 92
 93    public function load_by_profile($network, $network_user_id)
 94    {
 95        global $DB;
 96        global $session;
 97
 98        // the profile exists (connected to a social network)?
 99        $swuser = $DB->query_single(
100            'webuser',
101            'nv_webuser_profiles',
102            ' network = '.protect($network).' AND '.
103            ' network_user_id = '.protect($network_user_id)
104        );
105
106        if(!empty($swuser))
107            $this->load($swuser);
108    }
109
110    public function load_from_resultset($rs)
111	{
112		$main = $rs[0];	
113		
114		$this->id      		= $main->id;		
115		$this->website      = $main->website;
116		$this->username		= $main->username;
117		$this->password		= $main->password;
118   		$this->email	    = $main->email;    
119   		$this->email_verification_date  = $main->email_verification_date;
120		$this->fullname		= $main->fullname;
121		$this->gender		= $main->gender;		
122		$this->avatar		= $main->avatar;		
123		$this->birthdate	= $main->birthdate;
124		$this->language		= $main->language;	
125		$this->country		= $main->country;
126		$this->timezone		= $main->timezone;
127		$this->address		= $main->address;
128		$this->zipcode		= $main->zipcode;
129		$this->location		= $main->location;
130		$this->phone		= $main->phone;	
131		$this->social_website   = $main->social_website;
132        $this->joindate		= $main->joindate;
133        $this->lastseen		= $main->lastseen;
134		$this->newsletter	= $main->newsletter;
135		$this->private_comment	= $main->private_comment;
136		$this->activation_key	= $main->activation_key;
137		$this->cookie_hash	= $main->cookie_hash;
138		$this->access		= $main->access;
139		$this->access_begin	= $main->access_begin;
140		$this->access_end	= $main->access_end;
141
142        // to get the array of groups first we remove the "g" character
143        $groups = str_replace('g', '', $main->groups);
144        $this->groups = explode(',', $groups);
145        if(!is_array($this->groups))  $this->groups = array($groups);
146	}
147	
148	public function load_from_post()
149	{
150		//$this->website      = $_REQUEST['webuser-website'];
151		$this->username		= trim($_REQUEST['webuser-username']);
152		if(!empty($_REQUEST['webuser-password']))
153			$this->set_password($_REQUEST['webuser-password']);			
154   		$this->email	    = $_REQUEST['webuser-email'];
155   		$this->groups	    = $_REQUEST['webuser-groups'];
156		$this->fullname		= $_REQUEST['webuser-fullname'];
157		$this->gender		= $_REQUEST['webuser-gender'][0];		
158		$this->avatar		= $_REQUEST['webuser-avatar'];		
159		if(!empty($_REQUEST['webuser-birthdate']))
160			$this->birthdate	= core_date2ts($_REQUEST['webuser-birthdate']);
161		else
162			$this->birthdate	= '';
163		$this->language		= $_REQUEST['webuser-language'];			
164		$this->newsletter	= ($_REQUEST['webuser-newsletter']=='1'? '1' : '0');
165		$this->access		= $_REQUEST['webuser-access'];
166		$this->access_begin	= (empty($_REQUEST['webuser-access-begin'])? '' : core_date2ts($_REQUEST['webuser-access-begin']));
167		$this->access_end	= (empty($_REQUEST['webuser-access-end'])? '' : core_date2ts($_REQUEST['webuser-access-end']));
168
169
170		$this->country		= $_REQUEST['webuser-country'];
171		$this->timezone		= $_REQUEST['webuser-timezone'];
172		$this->address		= $_REQUEST['webuser-address'];
173		$this->zipcode		= $_REQUEST['webuser-zipcode'];
174		$this->location		= $_REQUEST['webuser-location'];
175		$this->phone		= $_REQUEST['webuser-phone'];			
176		$this->social_website = $_REQUEST['webuser-social_website'];
177		$this->private_comment = $_REQUEST['webuser-private_comment'];
178
179        // social profiles is a navigate cms private field
180	}
181	
182	
183	public function save($trigger_webuser_modified=true)
184	{
185		if(!empty($this->id))
186		  return $this->update($trigger_webuser_modified);
187		else
188		  return $this->insert();
189	}
190	
191	public function delete()
192	{
193		global $DB;
194        global $events;
195
196		if(!empty($this->id))
197		{
198            // remove all social profiles
199            $DB->execute('
200 				DELETE FROM nv_webuser_profiles
201				 WHERE webuser = '.intval($this->id)
202            );
203
204            // remove properties
205            property::remove_properties('webuser', $this->id);
206
207            // remove grid notes
208            grid_notes::remove_all('webuser', $this->id);
209
210            // finally remove webuser account
211            $DB->execute('
212 				DELETE FROM nv_webusers
213				 WHERE id = '.intval($this->id).'
214              	 LIMIT 1 '
215			);
216
217            $events->trigger(
218                'webuser',
219                'delete',
220                array(
221                    'webuser' => $this
222                )
223            );
224		}
225
226		return $DB->get_affected_rows();		
227	}
228	
229	public function insert()
230	{
231		global $DB;	
232		global $website;
233        global $events;
234
235        $groups = '';
236        if(is_array($this->groups))
237        {
238            $this->groups = array_unique($this->groups); // remove duplicates
239            $this->groups = array_filter($this->groups); // remove empty
240            if(!empty($this->groups))
241                $groups = 'g'.implode(',g', $this->groups);
242        }
243
244        if($groups == 'g')
245            $groups = '';
246
247		$ok = $DB->execute(' 
248		    INSERT INTO nv_webusers
249                (	id, website, username, password, email, groups, fullname, gender, avatar, birthdate,
250                    language, country, timezone, address, zipcode, location, phone, social_website,
251                    joindate, lastseen, newsletter, private_comment, activation_key, cookie_hash, 
252                    access, access_begin, access_end, email_verification_date
253                )
254                VALUES 
255                (
256                    :id, :website, :username, :password, :email, :groups, :fullname, :gender, :avatar, :birthdate,
257                    :language, :country, :timezone, :address, :zipcode, :location, :phone, :social_website,
258                    :joindate, :lastseen, :newsletter, :private_comment, :activation_key, :cookie_hash, 
259                    :access, :access_begin, :access_end, :email_verification_date
260                )',
261            array(
262                ":id" => 0,
263                ":website" => $website->id,
264                ":username" => is_null($this->username)? '' : $this->username,
265                ":password" => is_null($this->password)? '' : $this->password,
266                ":email" => is_null($this->email)? '' : $this->email,
267                ":groups" => $groups,
268                ":fullname" => is_null($this->fullname)? '' : $this->fullname,
269                ":gender" => is_null($this->gender)? '' : $this->gender,
270                ":avatar" => is_null($this->avatar)? '' : $this->avatar,
271                ":birthdate" => value_or_default($this->birthdate, 0),
272                ":language" => is_null($this->language)? '' : $this->language,
273                ":country" => is_null($this->country)? '' : $this->country,
274                ":timezone" => is_null($this->timezone)? '' : $this->timezone,
275                ":address" => is_null($this->address)? '' : $this->address,
276                ":zipcode" => is_null($this->zipcode)? '' : $this->zipcode,
277                ":location" => is_null($this->location)? '' : $this->location,
278                ":phone" => is_null($this->phone)? '' : $this->phone,
279                ":social_website" => is_null($this->social_website)? '' : $this->social_website,
280                ":joindate" => core_time(),
281                ":lastseen" => 0,
282                ":newsletter" => is_null($this->newsletter)? '0' : $this->newsletter,
283                ":private_comment" => is_null($this->private_comment)? '' : $this->private_comment,
284                ":activation_key" => is_null($this->activation_key)? '' : $this->activation_key,
285                ":cookie_hash" => is_null($this->cookie_hash)? '' : $this->cookie_hash,
286				":access" => value_or_default($this->access, 0),
287                ":access_begin" => value_or_default($this->access_begin, 0),
288                ":access_end" => value_or_default($this->access_end, 0),
289	            ":email_verification_date" => value_or_default($this->email_verification_date, 0)
290            )
291        );							
292				
293		if(!$ok)
294			throw new Exception($DB->get_last_error());
295		
296		$this->id = $DB->get_last_id();
297
298        $events->trigger(
299            'webuser',
300            'save',
301            array(
302                'webuser' => $this
303            )
304        );
305
306        $this->new_webuser_notification();
307		
308		return true;
309	}	
310	
311	public function update($trigger_webuser_modified=true)
312	{
313		global $DB;
314        global $events;
315
316        $groups = '';
317        if(is_array($this->groups))
318        {
319            $this->groups = array_unique($this->groups); // remove duplicates
320            $this->groups = array_filter($this->groups); // remove empty
321            if(!empty($this->groups))
322                $groups = 'g'.implode(',g', $this->groups);
323        }
324
325        if($groups == 'g')
326            $groups = '';
327
328		$ok = $DB->execute('
329		    UPDATE nv_webusers
330                SET
331                  website = :website,
332                  username = :username,
333                  password = :password,
334                  email = :email,
335                  groups = :groups,
336                  fullname = :fullname,
337                  gender = :gender,
338                  avatar = :avatar,
339                  birthdate = :birthdate,
340                  language = :language,
341                  lastseen = :lastseen,
342                  country = :country,
343                  timezone = :timezone,
344                  address = :address,
345                  zipcode = :zipcode,
346                  location = :location,
347                  phone	= :phone,
348                  social_website = :social_website,
349                  newsletter = :newsletter,
350                  private_comment = :private_comment,
351                  activation_key = :activation_key,
352                  cookie_hash = :cookie_hash,
353                  access = :access,
354                  access_begin = :access_begin,
355                  access_end = :access_end,
356                  email_verification_date = :email_verification_date
357                WHERE id = :id
358            ',
359            array(
360                ':website' => $this->website,
361                ':username' => $this->username,
362                ':password' => $this->password,
363                ':email' => $this->email,
364                ':groups' => $groups,
365                ':fullname' => $this->fullname,
366                ':gender' => value_or_default($this->gender, ""),
367                ':avatar' => $this->avatar,
368                ':birthdate' => value_or_default($this->birthdate, 0),
369                ':language' => value_or_default($this->language, ""),
370                ':lastseen' => $this->lastseen,
371                ':country' => $this->country,
372                ':timezone' => $this->timezone,
373                ':address' => $this->address,
374                ':zipcode' => $this->zipcode,
375                ':location' => $this->location,
376                ':phone'	=> $this->phone,
377                ':social_website' => value_or_default($this->social_website, ""),
378                ':newsletter' => value_or_default($this->newsletter, 0),
379                ':private_comment' => value_or_default($this->private_comment, ""),
380                ':activation_key' => value_or_default($this->activation_key, ""),
381                ':cookie_hash' => value_or_default($this->cookie_hash, ""),
382                ":access" => value_or_default($this->access, 0),
383                ":access_begin" => value_or_default($this->access_begin, 0),
384                ":access_end" => value_or_default($this->access_end, 0),
385                ':id' => $this->id,
386	            ':email_verification_date' => value_or_default($this->email_verification_date, 0)
387            )
388        );
389
390		if(!$ok) throw new Exception($DB->get_last_error());
391
392        if($trigger_webuser_modified)
393        {
394            $events->trigger(
395                'webuser',
396                'save',
397                array(
398                    'webuser' => $this
399                )
400            );
401        }
402
403		return true;
404	}
405
406	public function access_allowed()
407	{
408		// check if the user is still allowed to sign in
409		if( $this->access == 0 ||
410            ( $this->access == 2 &&
411                ($this->access_begin==0 || $this->access_begin < time()) &&
412                ($this->access_end==0 || $this->access_end > time())
413            )
414        )
415		{
416			return true;
417		}
418
419		return false;
420	}
421
422	
423	public function authenticate($website, $username, $password)
424	{
425		global $DB;
426        global $events;
427		
428		$username = trim($username);
429		$username = mb_strtolower($username);
430				
431		$A1 = md5($username.':'.APP_REALM.':'.$password);
432
433        $website_check = '';
434		if($website > 0)
435			$website_check = 'AND website  = '.protect($website);
436
437		if($DB->query('SELECT * 
438						 FROM nv_webusers 
439						WHERE ( access = 0 OR
440						 		(access = 2 AND 
441						 			(access_begin = 0 OR access_begin < '.time().') AND 
442						 			(access_end = 0 OR access_end > '.time().') 
443					            )
444					           )
445						  '.$website_check.'
446						  AND LOWER(username) = '.protect($username))
447		)
448		{		
449			$data = $DB->result();
450
451			if(!empty($data))
452			{
453				if($data[0]->password==$A1)
454				{
455					$this->load_from_resultset($data);
456
457	                // maybe this function is called without initializing $events
458	                if(method_exists($events, 'trigger'))
459	                {
460	                    $events->trigger(
461	                        'webuser',
462	                        'sign_in',
463	                        array(
464	                            'webuser' => $this,
465	                            'by' => 'authenticate'
466	                        )
467	                    );
468	                }
469
470					return true;
471				}
472			}
473		}
474		
475		return false;		
476	}
477
478	public function check_password($password)
479    {
480        $match = ($this->password ==  md5(mb_strtolower($this->username).':'.APP_REALM.':'.$password));
481        return $match;
482    }
483	
484	public function set_password($newpass)
485	{
486		$this->password = md5(mb_strtolower($this->username).':'.APP_REALM.':'.$newpass);
487	}
488	
489	public function set_cookie()
490	{
491		global $session;
492
493		$session['webuser'] = $this->id;
494		$this->cookie_hash = sha1(rand(1, 9999999));
495		$this->update();
496		setcookie('webuser', $this->cookie_hash, time()+60*60*24*365, '/', substr($_SERVER['SERVER_NAME'], strpos($_SERVER['SERVER_NAME'], "."))); // 365 days
497	}
498	
499	public static function unset_cookie()
500	{
501		global $session;
502        global $events;
503
504        $webuser_sign_out_id = $session['webuser'];
505        $session['webuser'] = '';
506        setcookie('webuser', NULL, -1, '/', substr($_SERVER['SERVER_NAME'], strpos($_SERVER['SERVER_NAME'], ".")));
507
508
509        if(method_exists($events, 'trigger'))
510        {
511            $events->trigger(
512                'webuser',
513                'sign_out',
514                array(
515                    'webuser_id' => $webuser_sign_out_id
516                )
517            );
518        }
519    }
520
521	public static function email_verification($email, $hash)
522	{
523		global $DB;
524
525		$status = false;
526
527		$DB->query('
528			SELECT id, activation_key
529			  FROM nv_webusers
530			 WHERE email = '.protect($email).'
531			   AND activation_key = '.protect($hash).'
532		');
533		$rs = $DB->first();
534
535		if(!empty($rs->id))
536		{
537			$wu = new webuser();
538			$wu->load($rs->id);
539
540			// access is only enabled for blocked users (access==1) which don't have a password nor an email verification date
541			if($wu->access==1 && empty($wu->password) && empty($wu->email_verification_date))
542			{
543				// email is confirmed through a newsletter subscribe request
544				$wu->email_verification_date = time();
545				$wu->access = 0;
546				$wu->activation_key = "";
547				$status = $wu->save();
548			}
549		}
550
551		return $status;
552	}
553
554	public function quicksearch($text)
555	{
556		$like = ' LIKE '.protect('%'.$text.'%');
557		
558		$cols[] = 'id' . $like;
559		$cols[] = 'LOWER(username)' . mb_strtolower($like);
560		$cols[] = 'email' . $like;
561		$cols[] = 'fullname' . $like;		
562	
563		$where = ' AND ( ';	
564		$where.= implode( ' OR ', $cols); 
565		$where .= ')';
566		
567		return $where;
568	}	
569
570    public static function social_network_profile_update($network, $network_user_id, $extra='', $data=array())
571    {
572        global $DB;
573        global $webuser;
574        global $website;
575
576        $already_updated = false;
577
578        if(is_array($extra))
579            $extra = serialize($extra);
580
581        // the profile exists?
582        $swuser = $DB->query_single(
583            'webuser',
584            'nv_webuser_profiles',
585            ' network = '.protect($network).' AND '.
586            ' network_user_id = '.protect($network_user_id)
587        );
588
589        // the webuser already exists or is logged in?
590        $wuser = new webuser();
591
592        if(!empty($webuser->id))
593        {
594            // an existing webuser is already signed in, but we don't have his/her social profile
595            if(empty($swuser))
596            {
597                $DB->execute('
598                    INSERT nv_webuser_profiles
599                        (id, network, network_user_id, webuser, extra)
600                    VALUES
601                       (    0, :network, :network_user_id, :webuser, :extra     )',
602	                array(
603		                'network' => $network,
604		                'network_user_id' => $network_user_id,
605		                'webuser' => $webuser->id,
606		                'extra' => $extra
607	                )
608                );
609            }
610
611            $wuser->load($webuser->id);
612        }
613        else
614        {
615            // there is no webuser logged in, it's a new user!
616            if(empty($swuser))
617            {
618                // and we don't have any social profile that matches the one used to sign in
619                // Example: signed in with Facebook without having a previous webuser account in the current website
620                $wuser->website = $website->id;
621                $wuser->joindate = core_time();
622                $wuser->lastseen = core_time();
623                $wuser->access = 0;
624                foreach ($data as $field => $value)
625                {   $wuser->$field = $value;    }
626                $already_updated = true;
627
628                $wuser->insert();
629
630	            $DB->execute('
631                    INSERT nv_webuser_profiles
632                        (id, network, network_user_id, webuser, extra)
633                    VALUES
634                       (    0, :network, :network_user_id, :webuser, :extra     )',
635	                array(
636		                'network' => $network,
637		                'network_user_id' => $network_user_id,
638		                'webuser' => $wuser->id,
639		                'extra' => $extra
640	                )
641                );
642            }
643            else
644            {
645                // BUT we have a social profile matching a previous webuser in database
646                // Ex. Signed in with Facebook having a webuser account previously
647                $wuser->load($swuser);
648            }
649        }
650
651        if(!$already_updated)
652        {
653            // either way, now we have a webuser account that we need to update
654            foreach ($data as $field => $value)
655                $wuser->$field = $value;
656
657            $wuser->update();
658        }
659
660        return $wuser->id;
661    }
662
663	public static function available($username, $website_id)
664	{
665		global $DB;
666		
667		// remove spaces and make username lowercase (only to compare case insensitive)
668		$username = trim($username);
669		$username = mb_strtolower($username);
670	
671		$data = NULL;
672		if($DB->query('SELECT COUNT(*) as total
673					   FROM nv_webusers 
674					   WHERE LOWER(username) = '.protect($username).'
675					   	 AND website = '.$website_id))
676		{
677			$data = $DB->first();
678		}
679		
680		return ($data->total <= 0);
681	}
682
683    public function property($property_name, $raw=false)
684    {
685        global $theme;
686
687        // load properties if not already done
688        if(empty($this->properties))
689            $this->properties = property::load_properties('webuser', $theme->name, 'webuser', $this->id);
690
691        for($p=0; $p < count($this->properties); $p++)
692        {
693            if($this->properties[$p]->name==$property_name || $this->properties[$p]->id==$property_name)
694            {
695                if($raw)
696                    $out = $this->properties[$p]->value;
697                else
698                    $out = $this->properties[$p]->value;
699
700                break;
701            }
702        }
703
704        return $out;
705    }
706
707    public function property_definition($property_name)
708    {
709        global $theme;
710
711        // load properties if not already done
712        if(empty($this->properties))
713            $this->properties = property::load_properties('webuser', $theme->name, 'webuser', $this->id);
714
715        for($p=0; $p < count($this->properties); $p++)
716        {
717            if($this->properties[$p]->name==$property_name || $this->properties[$p]->id==$property_name)
718            {
719                $out = $this->properties[$p];
720                break;
721            }
722        }
723
724        return $out;
725    }
726
727    public function property_exists($property_name)
728    {
729        global $theme;
730
731        // load properties if not already done
732        if(empty($this->properties))
733            $this->properties = property::load_properties('webuser', $theme->name, 'webuser', $this->id);
734
735        for($p=0; $p < count($this->properties); $p++)
736        {
737            if($this->properties[$p]->name==$property_name || $this->properties[$p]->id==$property_name)
738                return true;
739        }
740        return false;
741    }
742
743    public function new_webuser_notification()
744    {
745        global $website;
746
747        // notify about the new webuser account,
748        // only if the current user is not logged in Navigate CMS
749        if (empty($_SESSION['APP_USER#' . APP_UNIQUE]))
750        {
751            $subject = $website->name . ' | ' . t(661, 'New web user signed up') . ' [' . $this->username . ']';
752
753            $body = navigate_compose_email(
754                array(
755                    array(
756                        'title'   => t(177, "Website"),
757                        'content' => '<a href="' . $website->absolute_path() . $website->homepage() . '">' . $website->name . '</a>'
758                    ),
759                    array(
760                        'title'   => "ID (".t(647,"Webuser").")",
761                        'content' => $this->id
762                    ),
763                    array(
764                        'title'   => t(1, "User"),
765                        'content' => value_or_default($this->username, "&nbsp;")
766                    ),
767                    array(
768                        'title'   => t(44, "E-Mail"),
769                        'content' => value_or_default($this->email, "&nbsp;")
770                    ),
771                    array(
772                        'title'   => t(159, "Name"),
773                        'content' => value_or_default($this->fullname, "&nbsp;")
774                    ),
775                    array(
776                        'title'   => t(249, "Newsletter"),
777                        'content' => $this->newsletter ? "&#x2714;" : "&mdash;"
778                    ),
779                    array(
780                        'footer' => '<a href="' . NAVIGATE_URL . '?fid=webusers&act=edit&id=' . $this->id . '">' .
781                            t(170, 'Edit') .
782                            '</a>'
783                    )
784                )
785            );
786
787            navigate_send_email($subject, $body);
788        }
789    }
790
791
792    public static function export($type='csv')
793    {
794        global $DB;
795        global $website;
796
797        $out = array();
798
799        $DB->query('
800            SELECT id, website, username, email, groups, fullname, gender,
801                '/*avatar,*/.'
802                birthdate, language, country, timezone,
803                address, zipcode, location, phone, social_website,
804                joindate, lastseen, newsletter, private_comment, 
805                access, access_begin, access_end
806            FROM nv_webusers
807            WHERE website = '.protect($website->id), 'array');
808
809        $fields = array(
810            "id",
811            t(177, 'Website').' [NV]',
812            t(1, 'User'),
813            t(44, 'E-Mail'),
814            t(506, 'Groups'),
815            t(159, 'Name'),
816            t(304, 'Gender'),
817            //(246, 'Avatar'),
818            t(248, 'Birthdate'),
819            t(46, 'Language'),
820            t(224, 'Country'),
821            t(97, 'Timezone'),
822            t(233, 'Address'),
823            t(318, 'Zip code'),
824            t(319, 'Location'),
825            t(320, 'Phone'),
826            t(177, 'Website'),
827            t(247, 'Date joined'),
828            t(563, 'Last seen'),
829            t(249, 'Newsletter'),
830            t(538, 'Private comment'),
831            t(364, 'Access'),
832            t(364, 'Access').' / '.t(623, 'Begin'),
833            t(364, 'Access').' / '.t(624, 'End')
834        );
835
836        $out = $DB->result();
837
838        $temp_file = tempnam("", 'nv_');
839        $fp = fopen($temp_file, 'w');
840
841        fputcsv($fp, $fields);
842
843        foreach ($out as $fields)
844            fputcsv($fp, $fields);
845
846        header('Content-Description: File Transfer');
847        header('Content-Type: text/csv');
848        header('Content-Disposition: attachment; filename='.basename('webusers.csv'));
849        header('Expires: 0');
850        header('Cache-Control: must-revalidate');
851        header('Pragma: public');
852        header('Content-Length: ' . filesize($temp_file));
853        ob_clean();
854        flush();
855        fclose($fp);
856        readfile($temp_file);
857
858        @unlink($temp_file);
859		
860        core_terminate();
861    }
862
863    public function backup($type='json')
864    {
865        global $DB;
866        global $website;
867
868        $out = array();
869
870        $DB->query('SELECT * FROM nv_webusers WHERE website = '.protect($website->id), 'object');
871
872        if($type='json')
873            $out['nv_webusers'] = json_encode($DB->result());
874
875        $DB->query('SELECT nwp.* FROM nv_webuser_profiles nwp, nv_webusers nw
876                    WHERE nwp.webuser = nw.id
877                      AND nw.website = '.protect($website->id),
878            'object');
879
880        if($type='json')
881            $out['nv_webuser_profiles'] = json_encode($DB->result());
882
883        if($type='json')
884            $out = json_encode($out);
885
886        return $out;
887    }
888}
889
890?>