PageRenderTime 99ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/libraries/joomla/database/table/user.php

https://github.com/CCI-Studios/Wee-Magazine
PHP | 481 lines | 287 code | 56 blank | 138 comment | 56 complexity | 606dfed8b272ebd7e723c28313249255 MD5 | raw file
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * @package     Joomla.Platform
    4. 

  4.  * @subpackage  Database
    5. 

  5.  *
    6. 

  6.  * @copyright   Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved.
    7. 

  7.  * @license     GNU General Public License version 2 or later; see LICENSE
    8. 

  8.  */
    9. 

  9. 

  10. defined('JPATH_PLATFORM') or die;
    11. 

  11. 

  12. jimport('joomla.database.table');
    13. 

  13. 

  14. /**
    15. 

  15.  * Users table
    16. 

  16.  *
    17. 

  17.  * @package     Joomla.Platform
    18. 

  18.  * @subpackage  Table
    19. 

  19.  * @since       11.1
    20. 

  20.  */
    21. 

  21. class JTableUser extends JTable
    22. 

  22. {
    23. 

  23. 	/**
    24. 

  24. 	 * Associative array of user names => group ids
    25. 

  25. 	 *
    26. 

  26. 	 * @var    array
    27. 

  27. 	 * @since  11.1
    28. 

  28. 	 */
    29. 

  29. 	public $groups;
    30. 

  30. 

  31. 	/**
    32. 

  32. 	 * Constructor
    33. 

  33. 	 *
    34. 

  34. 	 * @param   JDatabase  &$db  A database connector object.
    35. 

  35. 	 *
    36. 

  36. 	 * @since  11.1
    37. 

  37. 	 */
    38. 

  38. 	public function __construct(&$db)
    39. 

  39. 	{
    40. 

  40. 		parent::__construct('#__users', 'id', $db);
    41. 

  41. 

  42. 		// Initialise.
    43. 

  43. 		$this->id = 0;
    44. 

  44. 		$this->sendEmail = 0;
    45. 

  45. 	}
    46. 

  46. 

  47. 	/**
    48. 

  48. 	 * Method to load a user, user groups, and any other necessary data
    49. 

  49. 	 * from the database so that it can be bound to the user object.
    50. 

  50. 	 *
    51. 

  51. 	 * @param   integer  $userId  An optional user id.
    52. 

  52. 	 * @param   boolean  $reset   False if row not found or on error
    53. 

  53. 	 * (internal error state set in that case).
    54. 

  54. 	 *
    55. 

  55. 	 * @return  boolean  True on success, false on failure.
    56. 

  56. 	 *
    57. 

  57. 	 * @since   11.1
    58. 

  58. 	 */
    59. 

  59. 	public function load($userId = null, $reset = true)
    60. 

  60. 	{
    61. 

  61. 		// Get the id to load.
    62. 

  62. 		if ($userId !== null)
    63. 

  63. 		{
    64. 

  64. 			$this->id = $userId;
    65. 

  65. 		}
    66. 

  66. 		else
    67. 

  67. 		{
    68. 

  68. 			$userId = $this->id;
    69. 

  69. 		}
    70. 

  70. 

  71. 		// Check for a valid id to load.
    72. 

  72. 		if ($userId === null)
    73. 

  73. 		{
    74. 

  74. 			return false;
    75. 

  75. 		}
    76. 

  76. 

  77. 		// Reset the table.
    78. 

  78. 		$this->reset();
    79. 

  79. 

  80. 		// Load the user data.
    81. 

  81. 		$query = $this->_db->getQuery(true);
    82. 

  82. 		$query->select('*');
    83. 

  83. 		$query->from($this->_db->quoteName('#__users'));
    84. 

  84. 		$query->where($this->_db->quoteName('id') . ' = ' . (int) $userId);
    85. 

  85. 		$this->_db->setQuery($query);
    86. 

  86. 		$data = (array) $this->_db->loadAssoc();
    87. 

  87. 

  88. 		// Check for an error message.
    89. 

  89. 		if ($this->_db->getErrorNum())
    90. 

  90. 		{
    91. 

  91. 			$this->setError($this->_db->getErrorMsg());
    92. 

  92. 			return false;
    93. 

  93. 		}
    94. 

  94. 

  95. 		if (!count($data))
    96. 

  96. 		{
    97. 

  97. 			return false;
    98. 

  98. 		}
    99. 

  99. 		// Bind the data to the table.
    100. 

  100. 		$return = $this->bind($data);
    101. 

  101. 

  102. 		if ($return !== false)
    103. 

  103. 		{
    104. 

  104. 			// Load the user groups.
    105. 

  105. 			$query->clear();
    106. 

  106. 			$query->select($this->_db->quoteName('g') . '.' . $this->_db->quoteName('id'));
    107. 

  107. 			$query->select($this->_db->quoteName('g') . '.' . $this->_db->quoteName('title'));
    108. 

  108. 			$query->from($this->_db->quoteName('#__usergroups') . ' AS g');
    109. 

  109. 			$query->join('INNER', $this->_db->quoteName('#__user_usergroup_map') . ' AS m ON m.group_id = g.id');
    110. 

  110. 			$query->where($this->_db->quoteName('m.user_id') . ' = ' . (int) $userId);
    111. 

  111. 			$this->_db->setQuery($query);
    112. 

  112. 			// Add the groups to the user data.
    113. 

  113. 			$this->groups = $this->_db->loadAssocList('id', 'id');
    114. 

  114. 

  115. 			// Check for an error message.
    116. 

  116. 			if ($this->_db->getErrorNum())
    117. 

  117. 			{
    118. 

  118. 				$this->setError($this->_db->getErrorMsg());
    119. 

  119. 				return false;
    120. 

  120. 			}
    121. 

  121. 		}
    122. 

  122. 

  123. 		return $return;
    124. 

  124. 	}
    125. 

  125. 

  126. 	/**
    127. 

  127. 	 * Method to bind the user, user groups, and any other necessary data.
    128. 

  128. 	 *
    129. 

  129. 	 * @param   array  $array   The data to bind.
    130. 

  130. 	 * @param   mixed  $ignore  An array or space separated list of fields to ignore.
    131. 

  131. 	 *
    132. 

  132. 	 * @return  boolean  True on success, false on failure.
    133. 

  133. 	 *
    134. 

  134. 	 * @since   11.1
    135. 

  135. 	 */
    136. 

  136. 	public function bind($array, $ignore = '')
    137. 

  137. 	{
    138. 

  138. 		if (key_exists('params', $array) && is_array($array['params']))
    139. 

  139. 		{
    140. 

  140. 			$registry = new JRegistry;
    141. 

  141. 			$registry->loadArray($array['params']);
    142. 

  142. 			$array['params'] = (string) $registry;
    143. 

  143. 		}
    144. 

  144. 

  145. 		// Attempt to bind the data.
    146. 

  146. 		$return = parent::bind($array, $ignore);
    147. 

  147. 

  148. 		// Load the real group data based on the bound ids.
    149. 

  149. 		if ($return && !empty($this->groups))
    150. 

  150. 		{
    151. 

  151. 			// Set the group ids.
    152. 

  152. 			JArrayHelper::toInteger($this->groups);
    153. 

  153. 

  154. 			// Get the titles for the user groups.
    155. 

  155. 			$query = $this->_db->getQuery(true);
    156. 

  156. 			$query->select($this->_db->quoteName('id'));
    157. 

  157. 			$query->select($this->_db->quoteName('title'));
    158. 

  158. 			$query->from($this->_db->quoteName('#__usergroups'));
    159. 

  159. 			$query->where($this->_db->quoteName('id') . ' = ' . implode(' OR ' . $this->_db->quoteName('id') . ' = ', $this->groups));
    160. 

  160. 			$this->_db->setQuery($query);
    161. 

  161. 			// Set the titles for the user groups.
    162. 

  162. 			$this->groups = $this->_db->loadAssocList('id', 'id');
    163. 

  163. 

  164. 			// Check for a database error.
    165. 

  165. 			if ($this->_db->getErrorNum())
    166. 

  166. 			{
    167. 

  167. 				$this->setError($this->_db->getErrorMsg());
    168. 

  168. 				return false;
    169. 

  169. 			}
    170. 

  170. 		}
    171. 

  171. 

  172. 		return $return;
    173. 

  173. 	}
    174. 

  174. 

  175. 	/**
    176. 

  176. 	 * Validation and filtering
    177. 

  177. 	 *
    178. 

  178. 	 * @return  boolean  True if satisfactory
    179. 

  179. 	 *
    180. 

  180. 	 * @since   11.1
    181. 

  181. 	 */
    182. 

  182. 	public function check()
    183. 

  183. 	{
    184. 

  184. 		// Validate user information
    185. 

  185. 		if (trim($this->name) == '')
    186. 

  186. 		{
    187. 

  187. 			$this->setError(JText::_('JLIB_DATABASE_ERROR_PLEASE_ENTER_YOUR_NAME'));
    188. 

  188. 			return false;
    189. 

  189. 		}
    190. 

  190. 

  191. 		if (trim($this->username) == '')
    192. 

  192. 		{
    193. 

  193. 			$this->setError(JText::_('JLIB_DATABASE_ERROR_PLEASE_ENTER_A_USER_NAME'));
    194. 

  194. 			return false;
    195. 

  195. 		}
    196. 

  196. 

  197. 		if (preg_match("#[<>\"'%;()&]#i", $this->username) || strlen(utf8_decode($this->username)) < 2)
    198. 

  198. 		{
    199. 

  199. 			$this->setError(JText::sprintf('JLIB_DATABASE_ERROR_VALID_AZ09', 2));
    200. 

  200. 			return false;
    201. 

  201. 		}
    202. 

  202. 

  203. 		if ((trim($this->email) == "") || !JMailHelper::isEmailAddress($this->email))
    204. 

  204. 		{
    205. 

  205. 			$this->setError(JText::_('JLIB_DATABASE_ERROR_VALID_MAIL'));
    206. 

  206. 			return false;
    207. 

  207. 		}
    208. 

  208. 

  209. 		// Set the registration timestamp
    210. 

  210. 		if ($this->registerDate == null || $this->registerDate == $this->_db->getNullDate())
    211. 

  211. 		{
    212. 

  212. 			$this->registerDate = JFactory::getDate()->toSql();
    213. 

  213. 		}
    214. 

  214. 

  215. 		// check for existing username
    216. 

  216. 		$query = $this->_db->getQuery(true);
    217. 

  217. 		$query->select($this->_db->quoteName('id'));
    218. 

  218. 		$query->from($this->_db->quoteName('#__users'));
    219. 

  219. 		$query->where($this->_db->quoteName('username') . ' = ' . $this->_db->quote($this->username));
    220. 

  220. 		$query->where($this->_db->quoteName('id') . ' != ' . (int) $this->id);
    221. 

  221. 		$this->_db->setQuery($query);
    222. 

  222. 

  223. 		$xid = intval($this->_db->loadResult());
    224. 

  224. 		if ($xid && $xid != intval($this->id))
    225. 

  225. 		{
    226. 

  226. 			$this->setError(JText::_('JLIB_DATABASE_ERROR_USERNAME_INUSE'));
    227. 

  227. 			return false;
    228. 

  228. 		}
    229. 

  229. 

  230. 		// check for existing email
    231. 

  231. 		$query->clear();
    232. 

  232. 		$query->select($this->_db->quoteName('id'));
    233. 

  233. 		$query->from($this->_db->quoteName('#__users'));
    234. 

  234. 		$query->where($this->_db->quoteName('email') . ' = ' . $this->_db->quote($this->email));
    235. 

  235. 		$query->where($this->_db->quoteName('id') . ' != ' . (int) $this->id);
    236. 

  236. 		$this->_db->setQuery($query);
    237. 

  237. 		$xid = intval($this->_db->loadResult());
    238. 

  238. 		if ($xid && $xid != intval($this->id))
    239. 

  239. 		{
    240. 

  240. 			$this->setError(JText::_('JLIB_DATABASE_ERROR_EMAIL_INUSE'));
    241. 

  241. 			return false;
    242. 

  242. 		}
    243. 

  243. 

  244. 		// check for root_user != username
    245. 

  245. 		$config = JFactory::getConfig();
    246. 

  246. 		$rootUser = $config->get('root_user');
    247. 

  247. 		if (!is_numeric($rootUser))
    248. 

  248. 		{
    249. 

  249. 			$query->clear();
    250. 

  250. 			$query->select($this->_db->quoteName('id'));
    251. 

  251. 			$query->from($this->_db->quoteName('#__users'));
    252. 

  252. 			$query->where($this->_db->quoteName('username') . ' = ' . $this->_db->quote($rootUser));
    253. 

  253. 			$this->_db->setQuery($query);
    254. 

  254. 			$xid = intval($this->_db->loadResult());
    255. 

  255. 			if ($rootUser == $this->username && (!$xid || $xid && $xid != intval($this->id))
    256. 

  256. 				|| $xid && $xid == intval($this->id) && $rootUser != $this->username)
    257. 

  257. 			{
    258. 

  258. 				$this->setError(JText::_('JLIB_DATABASE_ERROR_USERNAME_CANNOT_CHANGE'));
    259. 

  259. 				return false;
    260. 

  260. 			}
    261. 

  261. 		}
    262. 

  262. 

  263. 		return true;
    264. 

  264. 	}
    265. 

  265. 

  266. 	/**
    267. 

  267. 	 * Method to store a row in the database from the JTable instance properties.
    268. 

  268. 	 * If a primary key value is set the row with that primary key value will be
    269. 

  269. 	 * updated with the instance property values.  If no primary key value is set
    270. 

  270. 	 * a new row will be inserted into the database with the properties from the
    271. 

  271. 	 * JTable instance.
    272. 

  272. 	 *
    273. 

  273. 	 * @param   boolean  $updateNulls  True to update fields even if they are null.
    274. 

  274. 	 *
    275. 

  275. 	 * @return  boolean  True on success.
    276. 

  276. 	 *
    277. 

  277. 	 * @link    http://docs.joomla.org/JTable/store
    278. 

  278. 	 * @since   11.1
    279. 

  279. 	 */
    280. 

  280. 	public function store($updateNulls = false)
    281. 

  281. 	{
    282. 

  282. 		// Get the table key and key value.
    283. 

  283. 		$k = $this->_tbl_key;
    284. 

  284. 		$key = $this->$k;
    285. 

  285. 

  286. 		// TODO: This is a dumb way to handle the groups.
    287. 

  287. 		// Store groups locally so as to not update directly.
    288. 

  288. 		$groups = $this->groups;
    289. 

  289. 		unset($this->groups);
    290. 

  290. 

  291. 		// Insert or update the object based on presence of a key value.
    292. 

  292. 		if ($key)
    293. 

  293. 		{
    294. 

  294. 			// Already have a table key, update the row.
    295. 

  295. 			$return = $this->_db->updateObject($this->_tbl, $this, $this->_tbl_key, $updateNulls);
    296. 

  296. 		}
    297. 

  297. 		else
    298. 

  298. 		{
    299. 

  299. 			// Don't have a table key, insert the row.
    300. 

  300. 			$return = $this->_db->insertObject($this->_tbl, $this, $this->_tbl_key);
    301. 

  301. 		}
    302. 

  302. 

  303. 		// Handle error if it exists.
    304. 

  304. 		if (!$return)
    305. 

  305. 		{
    306. 

  306. 			$this->setError(JText::sprintf('JLIB_DATABASE_ERROR_STORE_FAILED', strtolower(get_class($this)), $this->_db->getErrorMsg()));
    307. 

  307. 			return false;
    308. 

  308. 		}
    309. 

  309. 

  310. 		// Reset groups to the local object.
    311. 

  311. 		$this->groups = $groups;
    312. 

  312. 		unset($groups);
    313. 

  313. 

  314. 		// Store the group data if the user data was saved.
    315. 

  315. 		if ($return && is_array($this->groups) && count($this->groups))
    316. 

  316. 		{
    317. 

  317. 			// Delete the old user group maps.
    318. 

  318. 			$query = $this->_db->getQuery(true);
    319. 

  319. 			$query->delete();
    320. 

  320. 			$query->from($this->_db->quoteName('#__user_usergroup_map'));
    321. 

  321. 			$query->where($this->_db->quoteName('user_id') . ' = ' . (int) $this->id);
    322. 

  322. 			$this->_db->setQuery($query);
    323. 

  323. 			$this->_db->execute();
    324. 

  324. 

  325. 			// Check for a database error.
    326. 

  326. 			if ($this->_db->getErrorNum())
    327. 

  327. 			{
    328. 

  328. 				$this->setError($this->_db->getErrorMsg());
    329. 

  329. 				return false;
    330. 

  330. 			}
    331. 

  331. 

  332. 			// Set the new user group maps.
    333. 

  333. 			$query->clear();
    334. 

  334. 			$query->insert($this->_db->quoteName('#__user_usergroup_map'));
    335. 

  335. 			$query->columns(array($this->_db->quoteName('user_id'), $this->_db->quoteName('group_id')));
    336. 

  336. 			$query->values($this->id . ', ' . implode('), (' . $this->id . ', ', $this->groups));
    337. 

  337. 			$this->_db->setQuery($query);
    338. 

  338. 			$this->_db->execute();
    339. 

  339. 

  340. 			// Check for a database error.
    341. 

  341. 			if ($this->_db->getErrorNum())
    342. 

  342. 			{
    343. 

  343. 				$this->setError($this->_db->getErrorMsg());
    344. 

  344. 				return false;
    345. 

  345. 			}
    346. 

  346. 		}
    347. 

  347. 

  348. 		return true;
    349. 

  349. 	}
    350. 

  350. 

  351. 	/**
    352. 

  352. 	 * Method to delete a user, user groups, and any other necessary data from the database.
    353. 

  353. 	 *
    354. 

  354. 	 * @param   integer  $userId  An optional user id.
    355. 

  355. 	 *
    356. 

  356. 	 * @return  boolean  True on success, false on failure.
    357. 

  357. 	 *
    358. 

  358. 	 * @since   11.1
    359. 

  359. 	 */
    360. 

  360. 	public function delete($userId = null)
    361. 

  361. 	{
    362. 

  362. 		// Set the primary key to delete.
    363. 

  363. 		$k = $this->_tbl_key;
    364. 

  364. 		if ($userId)
    365. 

  365. 		{
    366. 

  366. 			$this->$k = intval($userId);
    367. 

  367. 		}
    368. 

  368. 

  369. 		// Delete the user.
    370. 

  370. 		$query = $this->_db->getQuery(true);
    371. 

  371. 		$query->delete();
    372. 

  372. 		$query->from($this->_db->quoteName($this->_tbl));
    373. 

  373. 		$query->where($this->_db->quoteName($this->_tbl_key) . ' = ' . (int) $this->$k);
    374. 

  374. 		$this->_db->setQuery($query);
    375. 

  375. 		$this->_db->execute();
    376. 

  376. 

  377. 		// Check for a database error.
    378. 

  378. 		if ($this->_db->getErrorNum())
    379. 

  379. 		{
    380. 

  380. 			$this->setError($this->_db->getErrorMsg());
    381. 

  381. 			return false;
    382. 

  382. 		}
    383. 

  383. 

  384. 		// Delete the user group maps.
    385. 

  385. 		$query->clear();
    386. 

  386. 		$query->delete();
    387. 

  387. 		$query->from($this->_db->quoteName('#__user_usergroup_map'));
    388. 

  388. 		$query->where($this->_db->quoteName('user_id') . ' = ' . (int) $this->$k);
    389. 

  389. 		$this->_db->setQuery($query);
    390. 

  390. 		$this->_db->execute();
    391. 

  391. 

  392. 		// Check for a database error.
    393. 

  393. 		if ($this->_db->getErrorNum())
    394. 

  394. 		{
    395. 

  395. 			$this->setError($this->_db->getErrorMsg());
    396. 

  396. 			return false;
    397. 

  397. 		}
    398. 

  398. 

  399. 		/*
    400. 

  400. 		 * Clean Up Related Data.
    401. 

  401. 		 */
    402. 

  402. 

  403. 		$query->clear();
    404. 

  404. 		$query->delete();
    405. 

  405. 		$query->from($this->_db->quoteName('#__messages_cfg'));
    406. 

  406. 		$query->where($this->_db->quoteName('user_id') . ' = ' . (int) $this->$k);
    407. 

  407. 		$this->_db->setQuery($query);
    408. 

  408. 		$this->_db->execute();
    409. 

  409. 

  410. 		// Check for a database error.
    411. 

  411. 		if ($this->_db->getErrorNum())
    412. 

  412. 		{
    413. 

  413. 			$this->setError($this->_db->getErrorMsg());
    414. 

  414. 			return false;
    415. 

  415. 		}
    416. 

  416. 

  417. 		$query->clear();
    418. 

  418. 		$query->delete();
    419. 

  419. 		$query->from($this->_db->quoteName('#__messages'));
    420. 

  420. 		$query->where($this->_db->quoteName('user_id_to') . ' = ' . (int) $this->$k);
    421. 

  421. 		$this->_db->setQuery($query);
    422. 

  422. 		$this->_db->execute();
    423. 

  423. 

  424. 		// Check for a database error.
    425. 

  425. 		if ($this->_db->getErrorNum())
    426. 

  426. 		{
    427. 

  427. 			$this->setError($this->_db->getErrorMsg());
    428. 

  428. 			return false;
    429. 

  429. 		}
    430. 

  430. 

  431. 		return true;
    432. 

  432. 	}
    433. 

  433. 

  434. 	/**
    435. 

  435. 	 * Updates last visit time of user
    436. 

  436. 	 *
    437. 

  437. 	 * @param   integer  $timeStamp  The timestamp, defaults to 'now'.
    438. 

  438. 	 * @param   integer  $userId     The user id (optional).
    439. 

  439. 	 *
    440. 

  440. 	 * @return  boolean  False if an error occurs
    441. 

  441. 	 *
    442. 

  442. 	 * @since   11.1
    443. 

  443. 	 */
    444. 

  444. 	public function setLastVisit($timeStamp = null, $userId = null)
    445. 

  445. 	{
    446. 

  446. 		// Check for User ID
    447. 

  447. 		if (is_null($userId))
    448. 

  448. 		{
    449. 

  449. 			if (isset($this))
    450. 

  450. 			{
    451. 

  451. 				$userId = $this->id;
    452. 

  452. 			}
    453. 

  453. 			else
    454. 

  454. 			{
    455. 

  455. 				// do not translate
    456. 

  456. 				jexit(JText::_('JLIB_DATABASE_ERROR_SETLASTVISIT'));
    457. 

  457. 			}
    458. 

  458. 		}
    459. 

  459. 

  460. 		// If no timestamp value is passed to function, than current time is used.
    461. 

  461. 		$date = JFactory::getDate($timeStamp);
    462. 

  462. 

  463. 		// Update the database row for the user.
    464. 

  464. 		$db = $this->_db;
    465. 

  465. 		$query = $db->getQuery(true);
    466. 

  466. 		$query->update($db->quoteName($this->_tbl));
    467. 

  467. 		$query->set($db->quoteName('lastvisitDate') . '=' . $db->quote($date->toSql()));
    468. 

  468. 		$query->where($db->quoteName('id') . '=' . (int) $userId);
    469. 

  469. 		$db->setQuery($query);
    470. 

  470. 		$db->execute();
    471. 

  471. 

  472. 		// Check for a database error.
    473. 

  473. 		if ($db->getErrorNum())
    474. 

  474. 		{
    475. 

  475. 			$this->setError($db->getErrorMsg());
    476. 

  476. 			return false;
    477. 

  477. 		}
    478. 

  478. 

  479. 		return true;
    480. 

  480. 	}
    481. 

  481. }
    482. 

  482.