PageRenderTime 176ms CodeModel.GetById 23ms RepoModel.GetById 4ms app.codeStats 0ms

/model/user.php

https://github.com/onliners/Goteo
PHP | 1209 lines | 824 code | 150 blank | 235 comment | 153 complexity | edff4a6011df520ca9ee086c70d307f0 MD5 | raw file
Possible License(s): AGPL-1.0 
    

  1. <?php

    2. 

  2. /*

    3. 

  3.  *  Copyright (C) 2012 Platoniq y Fundación Fuentes Abiertas (see README for details)

    4. 

  4.  *	This file is part of Goteo.

    5. 

  5.  *

    6. 

  6.  *  Goteo is free software: you can redistribute it and/or modify

    7. 

  7.  *  it under the terms of the GNU Affero General Public License as published by

    8. 

  8.  *  the Free Software Foundation, either version 3 of the License, or

    9. 

  9.  *  (at your option) any later version.

    10. 

  10.  *

    11. 

  11.  *  Goteo is distributed in the hope that it will be useful,

    12. 

  12.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

    13. 

  13.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

    14. 

  14.  *  GNU Affero General Public License for more details.

    15. 

  15.  *

    16. 

  16.  *  You should have received a copy of the GNU Affero General Public License

    17. 

  17.  *  along with Goteo.  If not, see <http://www.gnu.org/licenses/agpl.txt>.

    18. 

  18.  *

    19. 

  19.  */

    20. 

  20. 

    21. 

  21. 

    22. 

  22. namespace Goteo\Model {

    23. 

  23. 

    24. 

  24. 	use Goteo\Core\Redirection,

    25. 

  25.         Goteo\Library\Text,

    26. 

  26.         Goteo\Model\Image,

    27. 

  27.         Goteo\Library\Template,

    28. 

  28.         Goteo\Library\Mail,

    29. 

  29.         Goteo\Library\Check,

    30. 

  30.         Goteo\Library\Message;

    31. 

  31. 

    32. 

  32. 	class User extends \Goteo\Core\Model {

    33. 

  33. 

    34. 

  34.         public

    35. 

  35.             $id = false,

    36. 

  36.             $userid, // para el login name al registrarse

    37. 

  37.             $email,

    38. 

  38.             $password, // para gestion de super admin

    39. 

  39.             $name,

    40. 

  40.             $location,

    41. 

  41.             $avatar = false,

    42. 

  42.             $about,

    43. 

  43.             $contribution,

    44. 

  44.             $keywords,

    45. 

  45.             $active,  // si no activo, no puede loguear

    46. 

  46.             $confirmed,  // si no ha confirmado el email

    47. 

  47.             $hide, // si oculto no aparece su avatar en ninguna parte (pero sus aportes cuentan)

    48. 

  48.             $facebook,

    49. 

  49.             $google,

    50. 

  50.             $twitter,

    51. 

  51.             $identica,

    52. 

  52.             $linkedin,

    53. 

  53.             $created,

    54. 

  54.             $modified,

    55. 

  55.             $interests = array(),

    56. 

  56.             $webs = array(),

    57. 

  57.             $roles = array();

    58. 

  58. 

    59. 

  59.         /**

    60. 

  60.          * Sobrecarga de métodos 'setter'.

    61. 

  61.          *

    62. 

  62.          * @param type string	$name

    63. 

  63.          * @param type string	$value

    64. 

  64.          */

    65. 

  65.         public function __set ($name, $value) {

    66. 

  66. 	        if($name == "token") {

    67. 

  67. 	            $this->$name = $this->setToken($value);

    68. 

  68. 	        }

    69. 

  69.             $this->$name = $value;

    70. 

  70.         }

    71. 

  71. 

    72. 

  72.         /**

    73. 

  73.          * Sobrecarga de métodos 'getter'.

    74. 

  74.          *

    75. 

  75.          * @param type string $name

    76. 

  76.          * @return type mixed

    77. 

  77.          */

    78. 

  78.         public function __get ($name) {

    79. 

  79.             if($name == "token") {

    80. 

  80. 	            return $this->getToken();

    81. 

  81. 	        }

    82. 

  82. 	        if($name == "support") {

    83. 

  83. 	            return $this->getSupport();

    84. 

  84. 	        }

    85. 

  85. 	        if($name == "worth") {

    86. 

  86. 	            return $this->getWorth();

    87. 

  87. 	        }

    88. 

  88.             return $this->$name;

    89. 

  89.         }

    90. 

  90. 

    91. 

  91.         /**

    92. 

  92.          * Guardar usuario.

    93. 

  93.          * Guarda los valores de la instancia del usuario en la tabla.

    94. 

  94.          *

    95. 

  95.          * @param type array	$errors     	   Errores devueltos pasados por referencia.

    96. 

  96.          * @param type array	$skip_validations  Crea el usuario aunque estos campos no sean correctos

    97. 

  97.          *                                         password, active

    98. 

  98.          * @return type bool	true|false

    99. 

  99.          */

    100. 

  100.         public function save (&$errors = array(),$skip_validations = array()) {

    101. 

  101.             if($this->validate($errors,$skip_validations)) {

    102. 

  102.                 // Nuevo usuario.

    103. 

  103.                 if(empty($this->id)) {

    104. 

  104.                     $insert = true;

    105. 

  105.                     $data[':id'] = $this->id = static::idealiza($this->userid);

    106. 

  106.                     $data[':name'] = $this->name;

    107. 

  107.                     $data[':location'] = $this->location;

    108. 

  108.                     $data[':email'] = $this->email;

    109. 

  109.                     $data[':token'] = $token = md5(uniqid());

    110. 

  110.                     if(!in_array('password',$skip_validations)) $data[':password'] = sha1($this->password);

    111. 

  111.                     $data[':created'] = date('Y-m-d H:i:s');

    112. 

  112.                     $data[':active'] = true;

    113. 

  113.                     $data[':confirmed'] = false;

    114. 

  114. 

    115. 

  115.                     // Rol por defecto.

    116. 

  116.                     if (!empty($this->id)) {

    117. 

  117.                         static::query('REPLACE INTO user_role (user_id, role_id, node_id) VALUES (:user, :role, :node);', array(

    118. 

  118.                             ':user' => $this->id,

    119. 

  119.                             ':role' => 'user',

    120. 

  120.                             ':node' => '*',

    121. 

  121.                         ));

    122. 

  122.                     }

    123. 

  123. 

    124. 

  124. 					//active = 1 si no se quiere comprovar

    125. 

  125. 					if(in_array('active',$skip_validations) && $this->active) $data[':active'] = 1;

    126. 

  126. 					else {

    127. 

  127. 						// Obtenemos la plantilla para asunto y contenido

    128. 

  128. 						$template = Template::get(5);

    129. 

  129. 

    130. 

  130. 						// Sustituimos los datos

    131. 

  131. 						$subject = $template->title;

    132. 

  132. 

    133. 

  133. 						// En el contenido:

    134. 

  134. 						$search  = array('%USERNAME%', '%USERID%', '%ACTIVATEURL%');

    135. 

  135. 						$replace = array($this->name, $this->id, SITE_URL . '/user/activate/' . $token);

    136. 

  136. 						$content = \str_replace($search, $replace, $template->text);

    137. 

  137. 

    138. 

  138. 						// Activación

    139. 

  139. 						$mail = new Mail();

    140. 

  140. 						$mail->to = $this->email;

    141. 

  141. 						$mail->toName = $this->name;

    142. 

  142. 						$mail->subject = $subject;

    143. 

  143. 						$mail->content = $content;

    144. 

  144. 						$mail->html = false;

    145. 

  145. 						$mail->template = $template->id;

    146. 

  146. 						if ($mail->send($errors)) {

    147. 

  147. 							Message::Info(Text::get('register-confirm_mail-success'));

    148. 

  148. 						} else {

    149. 

  149. 							Message::Error(Text::get('register-confirm_mail-fail', GOTEO_MAIL));

    150. 

  150. 							Message::Error(implode('<br />', $errors));

    151. 

  151. 						}

    152. 

  152. 					}

    153. 

  153.                 }

    154. 

  154.                 else {

    155. 

  155.                     $data[':id'] = $this->id;

    156. 

  156. 

    157. 

  157.                     // E-mail

    158. 

  158.                     if(!empty($this->email)) {

    159. 

  159.                         if(count($tmp = explode('¬', $this->email)) > 1) {

    160. 

  160.                             $data[':email'] = $tmp[1];

    161. 

  161.                             $data[':token'] = null;

    162. 

  162.                         }

    163. 

  163.                         else {

    164. 

  164.                             $query = self::query('SELECT email FROM user WHERE id = ?', array($this->id));

    165. 

  165.                             if($this->email !== $query->fetchColumn()) {

    166. 

  166.                                 $this->token = md5(uniqid()) . '¬' . $this->email;

    167. 

  167.                             }

    168. 

  168.                         }

    169. 

  169.                     }

    170. 

  170. 

    171. 

  171.                     // Contraseña

    172. 

  172.                     if(!empty($this->password)) {

    173. 

  173.                         $data[':password'] = sha1($this->password);

    174. 

  174.                         static::query('DELETE FROM user_login WHERE user= ?', $this->id);

    175. 

  175.                     }

    176. 

  176. 

    177. 

  177.                     if(!is_null($this->active)) {

    178. 

  178.                         $data[':active'] = $this->active;

    179. 

  179.                     }

    180. 

  180. 

    181. 

  181.                     if(!is_null($this->confirmed)) {

    182. 

  182.                         $data[':confirmed'] = $this->confirmed;

    183. 

  183.                     }

    184. 

  184. 

    185. 

  185.                     if(!is_null($this->hide)) {

    186. 

  186.                         $data[':hide'] = $this->hide;

    187. 

  187.                     }

    188. 

  188. 

    189. 

  189.                     // Avatar

    190. 

  190.                     if (is_array($this->avatar) && !empty($this->avatar['name'])) {

    191. 

  191.                         $image = new Image($this->avatar);

    192. 

  192.                         $image->save();

    193. 

  193.                         $data[':avatar'] = $image->id;

    194. 

  194. 

    195. 

  195.                         /**

    196. 

  196.                          * Guarda la relación NM en la tabla 'user_image'.

    197. 

  197.                          */

    198. 

  198.                         if(!empty($image->id)) {

    199. 

  199.                             self::query("REPLACE user_image (user, image) VALUES (:user, :image)", array(':user' => $this->id, ':image' => $image->id));

    200. 

  200.                         }

    201. 

  201.                     }

    202. 

  202. 

    203. 

  203.                     // Perfil público

    204. 

  204.                     if(isset($this->name)) {

    205. 

  205.                         $data[':name'] = $this->name;

    206. 

  206.                     }

    207. 

  207. 

    208. 

  208.                     // Dónde está

    209. 

  209.                     if(isset($this->location)) {

    210. 

  210.                         $data[':location'] = $this->location;

    211. 

  211.                     }

    212. 

  212. 

    213. 

  213.                     if(isset($this->about)) {

    214. 

  214.                         $data[':about'] = $this->about;

    215. 

  215.                     }

    216. 

  216. 

    217. 

  217.                     if(isset($this->keywords)) {

    218. 

  218.                         $data[':keywords'] = $this->keywords;

    219. 

  219.                     }

    220. 

  220. 

    221. 

  221.                     if(isset($this->contribution)) {

    222. 

  222.                         $data[':contribution'] = $this->contribution;

    223. 

  223.                     }

    224. 

  224. 

    225. 

  225.                     if(isset($this->facebook)) {

    226. 

  226.                         $data[':facebook'] = $this->facebook;

    227. 

  227.                     }

    228. 

  228. 

    229. 

  229.                     if(isset($this->google)) {

    230. 

  230.                         $data[':google'] = $this->google;

    231. 

  231.                     }

    232. 

  232. 

    233. 

  233.                     if(isset($this->twitter)) {

    234. 

  234.                         $data[':twitter'] = $this->twitter;

    235. 

  235.                     }

    236. 

  236. 

    237. 

  237.                     if(isset($this->identica)) {

    238. 

  238.                         $data[':identica'] = $this->identica;

    239. 

  239.                     }

    240. 

  240. 

    241. 

  241.                     if(isset($this->linkedin)) {

    242. 

  242.                         $data[':linkedin'] = $this->linkedin;

    243. 

  243.                     }

    244. 

  244. 

    245. 

  245.                     // Intereses

    246. 

  246.                     $interests = User\Interest::get($this->id);

    247. 

  247.                     if(!empty($this->interests)) {

    248. 

  248.                         foreach($this->interests as $interest) {

    249. 

  249.                             if(!in_array($interest, $interests)) {

    250. 

  250.                                 $_interest = new User\Interest();

    251. 

  251.                                 $_interest->id = $interest;

    252. 

  252.                                 $_interest->user = $this->id;

    253. 

  253.                                 $_interest->save($errors);

    254. 

  254.                                 $interests[] = $_interest;

    255. 

  255.                             }

    256. 

  256.                         }

    257. 

  257.                     }

    258. 

  258.                     foreach($interests as $key => $interest) {

    259. 

  259.                         if(!in_array($interest, $this->interests)) {

    260. 

  260.                             $_interest = new User\Interest();

    261. 

  261.                             $_interest->id = $interest;

    262. 

  262.                             $_interest->user = $this->id;

    263. 

  263.                             $_interest->remove($errors);

    264. 

  264.                         }

    265. 

  265.                     }

    266. 

  266. 

    267. 

  267.                     // Webs

    268. 

  268.                     static::query('DELETE FROM user_web WHERE user= ?', $this->id);

    269. 

  269.                     if (!empty($this->webs)) {

    270. 

  270.                         foreach ($this->webs as $web) {

    271. 

  271.                             if ($web instanceof User\Web) {

    272. 

  272.                                 $web->user = $this->id;

    273. 

  273.                                 $web->save($errors);

    274. 

  274.                             }

    275. 

  275.                         }

    276. 

  276.                     }

    277. 

  277.                 }

    278. 

  278. 

    279. 

  279.                 try {

    280. 

  280.                     // Construye SQL.

    281. 

  281.                     if(isset($insert) && $insert == true) {

    282. 

  282.                         $query = "INSERT INTO user (";

    283. 

  283.                         foreach($data AS $key => $row) {

    284. 

  284.                             $query .= substr($key, 1) . ", ";

    285. 

  285.                         }

    286. 

  286.                         $query = substr($query, 0, -2) . ") VALUES (";

    287. 

  287.                         foreach($data AS $key => $row) {

    288. 

  288.                             $query .= $key . ", ";

    289. 

  289.                         }

    290. 

  290.                         $query = substr($query, 0, -2) . ")";

    291. 

  291.                     }

    292. 

  292.                     else {

    293. 

  293.                         $query = "UPDATE user SET ";

    294. 

  294.                         foreach($data AS $key => $row) {

    295. 

  295.                             if($key != ":id") {

    296. 

  296.                                 $query .= substr($key, 1) . " = " . $key . ", ";

    297. 

  297.                             }

    298. 

  298.                         }

    299. 

  299.                         $query = substr($query, 0, -2) . " WHERE id = :id";

    300. 

  300.                     }

    301. 

  301.                     // Ejecuta SQL.

    302. 

  302.                     return self::query($query, $data);

    303. 

  303.             	} catch(\PDOException $e) {

    304. 

  304.                     $errors[] = "Error al actualizar los datos del usuario: " . $e->getMessage();

    305. 

  305.                     return false;

    306. 

  306.     			}

    307. 

  307.             }

    308. 

  308.             return false;

    309. 

  309.         }

    310. 

  310. 

    311. 

  311. 		public function saveLang (&$errors = array()) {

    312. 

  312. 

    313. 

  313. 			$fields = array(

    314. 

  314. 				'id'=>'id',

    315. 

  315. 				'lang'=>'lang',

    316. 

  316. 				'about'=>'about_lang',

    317. 

  317. 				'keywords'=>'keywords_lang',

    318. 

  318. 				'contribution'=>'contribution_lang'

    319. 

  319. 				);

    320. 

  320. 

    321. 

  321. 			$set = '';

    322. 

  322. 			$values = array();

    323. 

  323. 

    324. 

  324. 			foreach ($fields as $field=>$ffield) {

    325. 

  325. 				if ($set != '') $set .= ", ";

    326. 

  326. 				$set .= "`$field` = :$field ";

    327. 

  327. 				$values[":$field"] = $this->$ffield;

    328. 

  328. 			}

    329. 

  329. 

    330. 

  330. 			try {

    331. 

  331. 				$sql = "REPLACE INTO user_lang SET " . $set;

    332. 

  332. 				self::query($sql, $values);

    333. 

  333.             	

    334. 

  334. 				return true;

    335. 

  335. 			} catch(\PDOException $e) {

    336. 

  336.                 $errors[] = "El usuario {$this->id} no se ha grabado correctamente. Por favor, revise los datos." . $e->getMessage();

    337. 

  337.                 return false;

    338. 

  338. 			}

    339. 

  339. 		}

    340. 

  340. 

    341. 

  341.         /**

    342. 

  342.          * Validación de datos de usuario.

    343. 

  343.          *

    344. 

  344.          * @param type array $errors               Errores devueltos pasados por referencia.

    345. 

  345.          * @param type array	$skip_validations  Crea el usuario aunque estos campos no sean correctos

    346. 

  346.          *                                         password, active

    347. 

  347.          * @return bool true|false

    348. 

  348.          */

    349. 

  349.         public function validate (&$errors = array(), $skip_validations = array()) {

    350. 

  350.             // Nuevo usuario.

    351. 

  351.             if(empty($this->id)) {

    352. 

  352.                 // Nombre de usuario (id)

    353. 

  353.                 if(empty($this->userid)) {

    354. 

  354.                     $errors['userid'] = Text::get('error-register-userid');

    355. 

  355.                 }

    356. 

  356.                 else {

    357. 

  357.                     $id = self::idealiza($this->userid);

    358. 

  358.                     $query = self::query('SELECT id FROM user WHERE id = ?', array($id));

    359. 

  359.                     if($query->fetchColumn()) {

    360. 

  360.                         $errors['userid'] = Text::get('error-register-user-exists');

    361. 

  361.                     }

    362. 

  362.                 }

    363. 

  363. 

    364. 

  364.                 if(empty($this->name)) {

    365. 

  365.                     $errors['username'] = Text::get('error-register-username');

    366. 

  366.                 }

    367. 

  367. 

    368. 

  368.                 // E-mail

    369. 

  369.                 if (empty($this->email)) {

    370. 

  370.                     $errors['email'] = Text::get('mandatory-register-field-email');

    371. 

  371.                 } elseif (!Check::mail($this->email)) {

    372. 

  372.                     $errors['email'] = Text::get('validate-register-value-email');

    373. 

  373.                 } else {

    374. 

  374.                     $query = self::query('SELECT email FROM user WHERE email = ?', array($this->email));

    375. 

  375.                     if($query->fetchObject()) {

    376. 

  376.                         $errors['email'] = Text::get('error-register-email-exists');

    377. 

  377.                     }

    378. 

  378.                 }

    379. 

  379. 

    380. 

  380.                 // Contraseña

    381. 

  381.                 if(!in_array('password',$skip_validations))  {

    382. 

  382. 					if(!empty($this->password)) {

    383. 

  383. 						if(!Check::password($this->password)) {

    384. 

  384. 							$errors['password'] = Text::get('error-register-invalid-password');

    385. 

  385. 						}

    386. 

  386. 					}

    387. 

  387. 					else {

    388. 

  388. 						$errors['password'] = Text::get('error-register-pasword-empty');

    389. 

  389. 					}

    390. 

  390. 				}

    391. 

  391.                 return empty($errors);

    392. 

  392.             }

    393. 

  393.             // Modificar usuario.

    394. 

  394.             else {

    395. 

  395.                 if(!empty($this->email)) {

    396. 

  396.                     if(count($tmp = explode('¬', $this->email)) > 1) {

    397. 

  397.                         if($this->email !== $this->token) {

    398. 

  398.                             $errors['email'] = Text::get('error-user-email-token-invalid');

    399. 

  399.                         }

    400. 

  400.                     }

    401. 

  401.                     elseif(!Check::mail($this->email)) {

    402. 

  402.                         $errors['email'] = Text::get('error-user-email-invalid');

    403. 

  403.                     }

    404. 

  404.                     else {

    405. 

  405.                         $query = self::query('SELECT id FROM user WHERE email = ?', array($this->email));

    406. 

  406.                         if($found = $query->fetchColumn()) {

    407. 

  407.                             if($this->id !== $found) {

    408. 

  408.                                 $errors['email'] = Text::get('error-user-email-exists');

    409. 

  409.                             }

    410. 

  410.                         }

    411. 

  411.                     }

    412. 

  412.                 }

    413. 

  413.                 if(!empty($this->password)) {

    414. 

  414.                     if(!Check::password($this->password)) {

    415. 

  415.                         $errors['password'] = Text::get('error-user-password-invalid');

    416. 

  416.                     }

    417. 

  417.                 }

    418. 

  418. 

    419. 

  419.                 if (is_array($this->avatar) && !empty($this->avatar['name'])) {

    420. 

  420.                     $image = new Image($this->avatar);

    421. 

  421.                     $_err = array();

    422. 

  422.                     $image->validate($_err);

    423. 

  423.                     $errors['avatar'] = $_err['image'];

    424. 

  424.                 }

    425. 

  425.             }

    426. 

  426. 

    427. 

  427.             if (\str_replace(Text::get('regular-facebook-url'), '', $this->facebook) == '') $this->facebook = '';

    428. 

  428.             if (\str_replace(Text::get('regular-google-url'), '', $this->google) == '') $this->google = '';

    429. 

  429.             if (\str_replace(Text::get('regular-twitter-url'), '', $this->twitter) == '') $this->twitter = '';

    430. 

  430.             if (\str_replace(Text::get('regular-identica-url'), '', $this->identica) == '') $this->identica = '';

    431. 

  431.             if (\str_replace(Text::get('regular-linkedin-url'), '', $this->linkedin) == '') $this->linkedin = '';

    432. 

  432. 

    433. 

  433. 

    434. 

  434. 

    435. 

  435.             return (empty($errors['email']) && empty($errors['password']));

    436. 

  436.         }

    437. 

  437. 

    438. 

  438.         /**

    439. 

  439.          * Este método actualiza directamente los campos de email y contraseña de un usuario (para gestión de superadmin)

    440. 

  440.          */

    441. 

  441.         public function update (&$errors = array()) {

    442. 

  442.             if(!empty($this->password)) {

    443. 

  443.                 if(!Check::password($this->password)) {

    444. 

  444.                     $errors['password'] = Text::get('error-user-password-invalid');

    445. 

  445.                 }

    446. 

  446.             }

    447. 

  447.             if(!empty($this->email)) {

    448. 

  448.                 if(!Check::mail($this->email)) {

    449. 

  449.                     $errors['email'] = Text::get('error-user-email-invalid');

    450. 

  450.                 }

    451. 

  451.                 else {

    452. 

  452.                     $query = self::query('SELECT id FROM user WHERE email = ?', array($this->email));

    453. 

  453.                     if($found = $query->fetchColumn()) {

    454. 

  454.                         if($this->id !== $found) {

    455. 

  455.                             $errors['email'] = Text::get('error-user-email-exists');

    456. 

  456.                         }

    457. 

  457.                     }

    458. 

  458.                 }

    459. 

  459.             }

    460. 

  460. 

    461. 

  461.             if (!empty($errors['email']) || !empty($errors['password'])) {

    462. 

  462.                 return false;

    463. 

  463.             }

    464. 

  464. 

    465. 

  465.             $set = '';

    466. 

  466.             $values = array(':id'=>$this->id);

    467. 

  467. 

    468. 

  468.             if (!empty($this->email)) {

    469. 

  469.                 if ($set != '') $set .= ", ";

    470. 

  470.                 $set .= "`email` = :email ";

    471. 

  471.                 $values[":email"] = $this->email;

    472. 

  472.             }

    473. 

  473. 

    474. 

  474.             if (!empty($this->password)) {

    475. 

  475.                 if ($set != '') $set .= ", ";

    476. 

  476.                 $set .= "`password` = :password ";

    477. 

  477.                 $values[":password"] = sha1($this->password);

    478. 

  478.             }

    479. 

  479. 

    480. 

  480.             if ($set == '') return false;

    481. 

  481. 

    482. 

  482.             try {

    483. 

  483.                 $sql = "UPDATE user SET " . $set . " WHERE id = :id";

    484. 

  484.                 self::query($sql, $values);

    485. 

  485. 

    486. 

  486.                 return true;

    487. 

  487.             } catch(\PDOException $e) {

    488. 

  488.                 $errors[] = "No se ha guardado correctamente. " . $e->getMessage();

    489. 

  489.                 return false;

    490. 

  490.             }

    491. 

  491. 

    492. 

  492.         }

    493. 

  493. 

    494. 

  494. 

    495. 

  495.         /**

    496. 

  496.          * Usuario.

    497. 

  497.          *

    498. 

  498.          * @param string $id    Nombre de usuario

    499. 

  499.          * @return obj|false    Objeto de usuario, en caso contrario devolverá 'false'.

    500. 

  500.          */

    501. 

  501.         public static function get ($id, $lang = null) {

    502. 

  502.             try {

    503. 

  503.                 if (!$lang == 'es') $lang = null;

    504. 

  504. 

    505. 

  505.                 $sql = "

    506. 

  506.                     SELECT

    507. 

  507.                         user.id as id,

    508. 

  508.                         user.email as email,

    509. 

  509.                         user.name as name,

    510. 

  510.                         user.location as location,

    511. 

  511.                         user.avatar as avatar,

    512. 

  512.                         IFNULL(user_lang.about, user.about) as about,

    513. 

  513.                         IFNULL(user_lang.contribution, user.contribution) as contribution,

    514. 

  514.                         IFNULL(user_lang.keywords, user.keywords) as keywords,

    515. 

  515.                         user.facebook as facebook,

    516. 

  516.                         user.google as google,

    517. 

  517.                         user.twitter as twitter,

    518. 

  518.                         user.identica as identica,

    519. 

  519.                         user.linkedin as linkedin,

    520. 

  520.                         user.active as active,

    521. 

  521.                         user.confirmed as confirmed,

    522. 

  522.                         user.hide as hide,

    523. 

  523.                         user.created as created,

    524. 

  524.                         user.modified as modified

    525. 

  525.                     FROM user

    526. 

  526.                     LEFT JOIN user_lang

    527. 

  527.                         ON  user_lang.id = user.id

    528. 

  528.                         AND user_lang.lang = :lang

    529. 

  529.                     WHERE user.id = :id

    530. 

  530.                     ";

    531. 

  531. 

    532. 

  532.                 $query = static::query($sql, array(':id' => $id, ':lang' => $lang));

    533. 

  533.                 $user = $query->fetchObject(__CLASS__);

    534. 

  534. 

    535. 

  535.                 if (!$user instanceof  \Goteo\Model\User) {

    536. 

  536.                     throw new \Goteo\Core\Error('404', Text::html('fatal-error-user'));

    537. 

  537.                 }

    538. 

  538. 

    539. 

  539.                 $user->roles = $user->getRoles();

    540. 

  540.                 $user->avatar = Image::get($user->avatar);

    541. 

  541.                 if (empty($user->avatar->id) || !$user->avatar instanceof Image) {

    542. 

  542.                     $user->avatar = Image::get(1);

    543. 

  543.                 }

    544. 

  544.                 $user->interests = User\Interest::get($id);

    545. 

  545.                 $user->webs = User\Web::get($id);

    546. 

  546.                 return $user;

    547. 

  547.             } catch(\PDOException $e) {

    548. 

  548.                 return false;

    549. 

  549.             }

    550. 

  550.         }

    551. 

  551. 

    552. 

  552.         // version mini de get para sacar nombre i mail

    553. 

  553.         public static function getMini ($id) {

    554. 

  554.             try {

    555. 

  555.                 $query = static::query("

    556. 

  556.                     SELECT

    557. 

  557.                         id,

    558. 

  558.                         name,

    559. 

  559.                         avatar,

    560. 

  560.                         email

    561. 

  561.                     FROM user

    562. 

  562.                     WHERE id = :id

    563. 

  563.                     ", array(':id' => $id));

    564. 

  564.                 $user = $query->fetchObject(); // stdClass para qno grabar accidentalmente y machacar todo

    565. 

  565. 

    566. 

  566.                 $user->avatar = Image::get($user->avatar);

    567. 

  567.                 if (empty($user->avatar->id) || !$user->avatar instanceof Image) {

    568. 

  568.                     $user->avatar = Image::get(1);

    569. 

  569.                 }

    570. 

  570. 

    571. 

  571.                 return $user;

    572. 

  572.             } catch(\PDOException $e) {

    573. 

  573.                 return false;

    574. 

  574.             }

    575. 

  575.         }

    576. 

  576. 

    577. 

  577.         /**

    578. 

  578.          * Lista de usuarios.

    579. 

  579.          *

    580. 

  580.          * @param  bool $visible    true|false

    581. 

  581.          * @return mixed            Array de objetos de usuario activos|todos.

    582. 

  582.          */

    583. 

  583.         public static function getAll ($filters = array()) {

    584. 

  584.             $users = array();

    585. 

  585. 

    586. 

  586.             $sqlFilter = "";

    587. 

  587.             if (!empty($filters['name'])) {

    588. 

  588.                 $sqlFilter .= " AND ( name LIKE ('%{$filters['name']}%') OR email LIKE ('%{$filters['name']}%') )";

    589. 

  589.             }

    590. 

  590.             if (!empty($filters['status'])) {

    591. 

  591.                 $active = $filters['status'] == 'active' ? '1' : '0';

    592. 

  592.                 $sqlFilter .= " AND active = '$active'";

    593. 

  593.             }

    594. 

  594.             if (!empty($filters['interest'])) {

    595. 

  595.                 $sqlFilter .= " AND id IN (

    596. 

  596.                     SELECT user

    597. 

  597.                     FROM user_interest

    598. 

  598.                     WHERE interest = {$filters['interest']}

    599. 

  599.                     ) ";

    600. 

  600.             }

    601. 

  601.             if (!empty($filters['role'])) {

    602. 

  602.                 $sqlFilter .= " AND id IN (

    603. 

  603.                     SELECT user_id

    604. 

  604.                     FROM user_role

    605. 

  605.                     WHERE role_id = '{$filters['role']}'

    606. 

  606.                     ) ";

    607. 

  607.             }

    608. 

  608.             if (!empty($filters['posted'])) {

    609. 

  609.                 /*

    610. 

  610.                  * Si ha enviado algun mensaje o comentario

    611. 

  611.                 $sqlFilter .= " AND id IN (

    612. 

  612.                     SELECT user

    613. 

  613.                     FROM message

    614. 

  614.                     WHERE interest = {$filters['interest']}

    615. 

  615.                     ) ";

    616. 

  616.                  *

    617. 

  617.                  */

    618. 

  618.             }

    619. 

  619. 

    620. 

  620.             //el Order

    621. 

  621.             switch ($filters['order']) {

    622. 

  622.                 case 'name':

    623. 

  623.                     $sqlOrder .= " ORDER BY name ASC";

    624. 

  624.                 break;

    625. 

  625.                 default:

    626. 

  626.                     $sqlOrder .= " ORDER BY created DESC";

    627. 

  627.                 break;

    628. 

  628.             }

    629. 

  629. 

    630. 

  630.             $sql = "SELECT

    631. 

  631.                         id,

    632. 

  632.                         name,

    633. 

  633.                         email,

    634. 

  634.                         active,

    635. 

  635.                         hide,

    636. 

  636.                         DATE_FORMAT(created, '%d/%m/%Y %H:%i:%s') as register_date

    637. 

  637.                     FROM user

    638. 

  638.                     WHERE id != 'root'

    639. 

  639.                         $sqlFilter

    640. 

  640.                    $sqlOrder

    641. 

  641.                     ";

    642. 

  642. 

    643. 

  643. 

    644. 

  644. 

    645. 

  645.             $query = self::query($sql, array($node));

    646. 

  646.             foreach ($query->fetchAll(\PDO::FETCH_CLASS, __CLASS__) as $user) {

    647. 

  647. 

    648. 

  648.                 $query = static::query("

    649. 

  649.                     SELECT

    650. 

  650.                         role_id

    651. 

  651.                     FROM user_role

    652. 

  652.                     WHERE user_id = :id

    653. 

  653.                     ", array(':id' => $user->id));

    654. 

  654.                 foreach ($query->fetchAll(\PDO::FETCH_CLASS) as $role) {

    655. 

  655.                     if ($role->role_id == 'checker') {

    656. 

  656.                         $user->checker = true;

    657. 

  657.                     }

    658. 

  658.                     if ($role->role_id == 'translator') {

    659. 

  659.                         $user->translator = true;

    660. 

  660.                     }

    661. 

  661.                     if ($role->role_id == 'admin') {

    662. 

  662.                         $user->admin = true;

    663. 

  663.                     }

    664. 

  664.                 }

    665. 

  665. 

    666. 

  666.                 $users[] = $user;

    667. 

  667.             }

    668. 

  668.             return $users;

    669. 

  669.         }

    670. 

  670. 

    671. 

  671.         /*

    672. 

  672.          * Listado simple de todos los usuarios

    673. 

  673.          */

    674. 

  674.         public static function getAllMini() {

    675. 

  675. 

    676. 

  676.             $list = array();

    677. 

  677. 

    678. 

  678.             $query = static::query("

    679. 

  679.                 SELECT

    680. 

  680.                     user.id as id,

    681. 

  681.                     user.name as name

    682. 

  682.                 FROM    user

    683. 

  683.                 ORDER BY user.name ASC

    684. 

  684.                 ");

    685. 

  685. 

    686. 

  686.             foreach ($query->fetchAll(\PDO::FETCH_CLASS) as $item) {

    687. 

  687.                 $list[$item->id] = $item->name;

    688. 

  688.             }

    689. 

  689. 

    690. 

  690.             return $list;

    691. 

  691.         }

    692. 

  692. 

    693. 

  693.         /*

    694. 

  694.          * Listado simple de los usuarios que han creado proyectos

    695. 

  695.          */

    696. 

  696.         public static function getOwners() {

    697. 

  697. 

    698. 

  698.             $list = array();

    699. 

  699. 

    700. 

  700.             $query = static::query("

    701. 

  701.                 SELECT

    702. 

  702.                     user.id as id,

    703. 

  703.                     user.name as name

    704. 

  704.                 FROM    user

    705. 

  705.                 INNER JOIN project

    706. 

  706.                     ON project.owner = user.id

    707. 

  707.                 ORDER BY user.name ASC

    708. 

  708.                 ");

    709. 

  709. 

    710. 

  710.             foreach ($query->fetchAll(\PDO::FETCH_CLASS) as $item) {

    711. 

  711.                 $list[$item->id] = $item->name;

    712. 

  712.             }

    713. 

  713. 

    714. 

  714.             return $list;

    715. 

  715.         }

    716. 

  716. 

    717. 

  717.         /*

    718. 

  718.          * Listado id-nombre-email de los usuarios que siguen teniendo su email como contraseña

    719. 

  719.         public static function getWorkshoppers() {

    720. 

  720. 

    721. 

  721.             $list = array();

    722. 

  722. 

    723. 

  723.             $query = static::query("

    724. 

  724.                 SELECT

    725. 

  725.                     user.id as id,

    726. 

  726.                     user.name as name,

    727. 

  727.                     user.email as email

    728. 

  728.                 FROM    user

    729. 

  729.                 WHERE BINARY password = SHA1(user.email)

    730. 

  730.                 ORDER BY user.name ASC

    731. 

  731.                 ");

    732. 

  732. 

    733. 

  733.             foreach ($query->fetchAll(\PDO::FETCH_CLASS) as $item) {

    734. 

  734.                 $list[] = $item;

    735. 

  735.             }

    736. 

  736. 

    737. 

  737.             return $list;

    738. 

  738.         }

    739. 

  739.          */

    740. 

  740. 

    741. 

  741. 		/**

    742. 

  742. 		 * Validación de usuario.

    743. 

  743. 		 *

    744. 

  744. 		 * @param string $username Nombre de usuario

    745. 

  745. 		 * @param string $password Contraseña

    746. 

  746. 		 * @return obj|false Objeto del usuario, en caso contrario devolverá 'false'.

    747. 

  747. 		 */

    748. 

  748. 		public static function login ($username, $password) {

    749. 

  749.             $query = self::query("

    750. 

  750.                     SELECT

    751. 

  751.                         id

    752. 

  752.                     FROM user

    753. 

  753.                     WHERE BINARY id = :username

    754. 

  754.                     AND BINARY password = :password",

    755. 

  755. 				array(

    756. 

  756. 					':username' => trim($username),

    757. 

  757. 					':password' => sha1($password)

    758. 

  758. 				)

    759. 

  759. 			);

    760. 

  760. 

    761. 

  761. 			if($row = $query->fetch()) {

    762. 

  762. 			    $user = static::get($row['id']);

    763. 

  763. 			    if($user->active) {

    764. 

  764. 			        return $user;

    765. 

  765. 			    } else {

    766. 

  766. 			        Message::Error(Text::get('user-account-inactive'));

    767. 

  767. 			    }

    768. 

  768. 			}

    769. 

  769. 			return false;

    770. 

  770. 		}

    771. 

  771. 

    772. 

  772. 		/**

    773. 

  773. 		 * Comprueba si el usuario está identificado.

    774. 

  774. 		 *

    775. 

  775. 		 * @return boolean

    776. 

  776. 		 */

    777. 

  777. 		public static function isLogged () {

    778. 

  778. 			return !empty($_SESSION['user']);

    779. 

  779. 		}

    780. 

  780. 

    781. 

  781. 		/**

    782. 

  782. 		 * Refresca la sesión.

    783. 

  783. 		 * (Utilizar después de un save)

    784. 

  784. 		 *

    785. 

  785. 		 * @return type object	User

    786. 

  786. 		 */

    787. 

  787. 		public static function flush () {

    788. 

  788.     		if(static::isLogged()) {

    789. 

  789.     			return $_SESSION['user'] = self::get($_SESSION['user']->id);

    790. 

  790.     		}

    791. 

  791.     	}

    792. 

  792. 

    793. 

  793. 		/**

    794. 

  794. 		 * Verificacion de recuperacion de contraseña

    795. 

  795. 		 *

    796. 

  796. 		 * @param string $username Nombre de usuario

    797. 

  797. 		 * @param string $email    Email de la cuenta

    798. 

  798. 		 * @return boolean true|false  Correctos y mail enviado

    799. 

  799. 		 */

    800. 

  800. 		public static function recover ($username = null, $email = null) {

    801. 

  801.             $query = self::query("

    802. 

  802.                     SELECT

    803. 

  803.                         id,

    804. 

  804.                         name,

    805. 

  805.                         email

    806. 

  806.                     FROM user

    807. 

  807.                     WHERE (BINARY id = :username

    808. 

  808.                     OR BINARY email = :email)

    809. 

  809.                     ",

    810. 

  810. 				array(

    811. 

  811. 					':username' => trim($username),

    812. 

  812. 					':email'    => trim($email)

    813. 

  813. 				)

    814. 

  814. 			);

    815. 

  815. 			if($row = $query->fetchObject()) {

    816. 

  816.                 // tenemos id, nombre, email

    817. 

  817.                 // genero el token

    818. 

  818.                 $token = md5(uniqid()) . '¬' . $row->email;

    819. 

  819.                 self::query('UPDATE user SET token = :token WHERE id = :id', array(':id' => $row->id, ':token' => $token));

    820. 

  820. 

    821. 

  821.                 // Obtenemos la plantilla para asunto y contenido

    822. 

  822.                 $template = Template::get(6);

    823. 

  823. 

    824. 

  824.                 // Sustituimos los datos

    825. 

  825.                 $subject = $template->title;

    826. 

  826. 

    827. 

  827.                 // En el contenido:

    828. 

  828.                 $search  = array('%USERNAME%', '%USERID%', '%RECOVERURL%');

    829. 

  829.                 $replace = array($row->name, $row->id, SITE_URL . '/user/recover/' . base64_encode($token));

    830. 

  830.                 $content = \str_replace($search, $replace, $template->text);

    831. 

  831.                 // Email de recuperacion

    832. 

  832.                 $mail = new Mail();

    833. 

  833.                 $mail->to = $row->email;

    834. 

  834.                 $mail->toName = $row->name;

    835. 

  835.                 $mail->subject = $subject;

    836. 

  836.                 $mail->content = $content;

    837. 

  837.                 $mail->html = true;

    838. 

  838.                 $mail->template = $template->id;

    839. 

  839.                 if ($mail->send($errors)) {

    840. 

  840.                     return true;

    841. 

  841.                 }

    842. 

  842. 			}

    843. 

  843. 			return false;

    844. 

  844. 		}

    845. 

  845. 

    846. 

  846. 		/**

    847. 

  847. 		 * Verificacion de darse de baja

    848. 

  848. 		 *

    849. 

  849. 		 * @param string $email    Email de la cuenta

    850. 

  850. 		 * @return boolean true|false  Correctos y mail enviado

    851. 

  851. 		 */

    852. 

  852. 		public static function leaving ($email, $message = null) {

    853. 

  853.             $query = self::query("

    854. 

  854.                     SELECT

    855. 

  855.                         id,

    856. 

  856.                         name,

    857. 

  857.                         email

    858. 

  858.                     FROM user

    859. 

  859.                     WHERE BINARY email = :email

    860. 

  860.                     AND active = 1

    861. 

  861.                     AND hide = 0

    862. 

  862.                     ",

    863. 

  863. 				array(

    864. 

  864. 					':email'    => trim($email)

    865. 

  865. 				)

    866. 

  866. 			);

    867. 

  867. 			if($row = $query->fetchObject()) {

    868. 

  868.                 // tenemos id, nombre, email

    869. 

  869.                 // genero el token

    870. 

  870.                 $token = md5(uniqid()) . '¬' . $row->email;

    871. 

  871.                 self::query('UPDATE user SET token = :token WHERE id = :id', array(':id' => $row->id, ':token' => $token));

    872. 

  872. 

    873. 

  873.                 // Obtenemos la plantilla para asunto y contenido

    874. 

  874.                 $template = Template::get(9);

    875. 

  875. 

    876. 

  876.                 // Sustituimos los datos

    877. 

  877.                 $subject = $template->title;

    878. 

  878. 

    879. 

  879.                 // En el contenido:

    880. 

  880.                 $search  = array('%USERNAME%', '%URL%');

    881. 

  881.                 $replace = array($row->name, SITE_URL . '/user/leave/' . base64_encode($token));

    882. 

  882.                 $content = \str_replace($search, $replace, $template->text);

    883. 

  883.                 // Email de recuperacion

    884. 

  884.                 $mail = new Mail();

    885. 

  885.                 $mail->to = $row->email;

    886. 

  886.                 $mail->toName = $row->name;

    887. 

  887.                 $mail->subject = $subject;

    888. 

  888.                 $mail->content = $content;

    889. 

  889.                 $mail->html = true;

    890. 

  890.                 $mail->template = $template->id;

    891. 

  891.                 $mail->send($errors);

    892. 

  892.                 unset($mail);

    893. 

  893. 

    894. 

  894.                 // email a los de goteo

    895. 

  895.                 $mail = new Mail();

    896. 

  896.                 $mail->to = \GOTEO_MAIL;

    897. 

  897.                 $mail->toName = 'Admin Goteo';

    898. 

  898.                 $mail->subject = 'El usuario ' . $row->id . ' se da de baja';

    899. 

  899.                 $mail->content = '<p>Han solicitado la baja para el mail <strong>'.$email.'</strong> que corresponde al usuario <strong>'.$row->name.'</strong>';

    900. 

  900.                 if (!empty($message)) $mail->content .= 'y ha dejado el siguiente mensaje:</p><p> ' . $message;

    901. 

  901.                 $mail->content .= '</p>';

    902. 

  902.                 $mail->fromName = "{$row->name}";

    903. 

  903.                 $mail->from = $row->email;

    904. 

  904.                 $mail->html = true;

    905. 

  905.                 $mail->template = 0;

    906. 

  906.                 $mail->send($errors);

    907. 

  907.                 unset($mail);

    908. 

  908. 

    909. 

  909.                 return true;

    910. 

  910. 			}

    911. 

  911. 			return false;

    912. 

  912. 		}

    913. 

  913. 

    914. 

  914.     	/**

    915. 

  915.     	 * Guarda el Token y envía un correo de confirmación.

    916. 

  916.     	 *

    917. 

  917.     	 * Usa el separador: ¬

    918. 

  918.     	 *

    919. 

  919.     	 * @param type string	$token	Formato: '<md5>¬<email>'

    920. 

  920.     	 * @return type bool

    921. 

  921.     	 */

    922. 

  922.     	private function setToken ($token) {

    923. 

  923.             if(count($tmp = explode('¬', $token)) > 1) {

    924. 

  924.                 $email = $tmp[1];

    925. 

  925.                 if(Check::mail($email)) {

    926. 

  926. 

    927. 

  927.                     // Obtenemos la plantilla para asunto y contenido

    928. 

  928.                     $template = Template::get(7);

    929. 

  929. 

    930. 

  930.                     // Sustituimos los datos

    931. 

  931.                     $subject = $template->title;

    932. 

  932. 

    933. 

  933.                     // En el contenido:

    934. 

  934.                     $search  = array('%USERNAME%', '%CHANGEURL%');

    935. 

  935.                     $replace = array($this->name, SITE_URL . '/user/changeemail/' . base64_encode($token));

    936. 

  936.                     $content = \str_replace($search, $replace, $template->text);

    937. 

  937. 

    938. 

  938. 

    939. 

  939. 

    940. 

  940.                     $mail = new Mail();

    941. 

  941.                     $mail->to = $email;

    942. 

  942.                     $mail->toName = $this->name;

    943. 

  943.                     $mail->subject = $subject;

    944. 

  944.                     $mail->content = $content;

    945. 

  945.                     $mail->html = true;

    946. 

  946.                     $mail->template = $template->id;

    947. 

  947.                     $mail->send();

    948. 

  948. 

    949. 

  949.                     return self::query('UPDATE user SET token = :token WHERE id = :id', array(':id' => $this->id, ':token' => $token));

    950. 

  950.                 }

    951. 

  951.             }

    952. 

  952.     	}

    953. 

  953. 

    954. 

  954.     	/**

    955. 

  955.     	 * Token de confirmación.

    956. 

  956.     	 *

    957. 

  957.     	 * @return type string

    958. 

  958.     	 */

    959. 

  959.     	private function getToken () {

    960. 

  960.             $query = self::query('SELECT token FROM user WHERE id = ?', array($this->id));

    961. 

  961.             return $query->fetchColumn(0);

    962. 

  962.     	}

    963. 

  963. 

    964. 

  964.         /**

    965. 

  965.          * Cofinanciación.

    966. 

  966.          *

    967. 

  967.          * @return type array

    968. 

  968.          */

    969. 

  969.     	private function getSupport () {

    970. 

  970.             $query = self::query('SELECT DISTINCT(project) FROM invest WHERE user = ? AND (status = 0 OR status = 1 OR status = 3 OR status = 4)', array($this->id));

    971. 

  971.             $projects = $query->fetchAll(\PDO::FETCH_ASSOC);

    972. 

  972.             $query = self::query('SELECT SUM(amount), COUNT(id) FROM invest WHERE user = ? AND (status = 0 OR status = 1 OR status = 3 OR status = 4)', array($this->id));

    973. 

  973.             $invest = $query->fetch();

    974. 

  974.             return array('projects' => $projects, 'amount' => $invest[0], 'invests' => $invest[1]);

    975. 

  975.         }

    976. 

  976. 

    977. 

  977. 	    /**

    978. 

  978.     	 * Nivel actual de meritocracia. (1-5)

    979. 

  979.     	 * [Recalcula y actualiza el registro en db]

    980. 

  980.     	 *

    981. 

  981.     	 * @return type int	Worth::id

    982. 

  982.     	 */

    983. 

  983.     	private function getWorth () {

    984. 

  984.             $query = self::query('SELECT id FROM worthcracy WHERE amount <= ? ORDER BY amount DESC LIMIT 1', array($this->support['amount']));

    985. 

  985.             $worth = $query->fetchColumn();

    986. 

  986.     	    $query = self::query('SELECT worth FROM user WHERE id = ?', array($this->id));

    987. 

  987.             if($worth !== $query->fetchColumn()) {

    988. 

  988.                 self::query('UPDATE user SET worth = :worth WHERE id = :id', array(':id' => $this->id, ':worth' => $worth));

    989. 

  989.             }

    990. 

  990.             return $worth;

    991. 

  991.         }

    992. 

  992. 

    993. 

  993.         /**

    994. 

  994.          * Valores por defecto actuales para datos personales

    995. 

  995.          *

    996. 

  996.          * @return type array

    997. 

  997.          */

    998. 

  998.         public static function getPersonal ($id) {

    999. 

  999.             $query = self::query('SELECT

    1000. 

  1000.                                       contract_name,

    1001. 

  1001.                                       contract_nif,

    1002. 

  1002.                                       phone,

    1003. 

  1003.                                       address,

    1004. 

  1004.                                       zipcode,

    1005. 

  1005.                                       location,

    1006. 

  1006.                                       country

    1007. 

  1007.                                   FROM user_personal

    1008. 

  1008.                                   WHERE user = ?'

    1009. 

  1009.                 , array($id));

    1010. 

  1010. 

    1011. 

  1011.             $data = $query->fetchObject();

    1012. 

  1012.             return $data;

    1013. 

  1013.         }

    1014. 

  1014. 

    1015. 

  1015.         /**

    1016. 

  1016.          * Actualizar los valores personales

    1017. 

  1017.          *

    1018. 

  1018.          * @params force boolean  (REPLACE data when true, only if empty when false)

    1019. 

  1019.          * @return type booblean

    1020. 

  1020.          */

    1021. 

  1021.         public static function setPersonal ($user, $data = array(), $force = false, &$errors = array()) {

    1022. 

  1022. 

    1023. 

  1023.             if ($force) {

    1024. 

  1024.                 // actualizamos los datos

    1025. 

  1025.                 $ins = 'REPLACE';

    1026. 

  1026.             } else {

    1027. 

  1027.                 // solo si no existe el registro

    1028. 

  1028.                 $ins = 'INSERT';

    1029. 

  1029.                 $query = self::query('SELECT user FROM user_personal WHERE user = ?', array($user));

    1030. 

  1030.                 if ($query->fetchColumn(0) == $user) {

    1031. 

  1031.                     return false;

    1032. 

  1032.                 }

    1033. 

  1033.             }

    1034. 

  1034. 

    1035. 

  1035. 

    1036. 

  1036.             $fields = array(

    1037. 

  1037.                   'contract_name',

    1038. 

  1038.                   'contract_nif',

    1039. 

  1039.                   'phone',

    1040. 

  1040.                   'address',

    1041. 

  1041.                   'zipcode',

    1042. 

  1042.                   'location',

    1043. 

  1043.                   'country'

    1044. 

  1044.             );

    1045. 

  1045. 

    1046. 

  1046.             $values = array();

    1047. 

  1047.             $set = '';

    1048. 

  1048. 

    1049. 

  1049.             foreach ($data as $key=>$value) {

    1050. 

  1050.                 if (in_array($key, $fields)) {

    1051. 

  1051.                     $values[":$key"] = $value;

    1052. 

  1052.                     if ($set != '') $set .= ', ';

    1053. 

  1053.                     $set .= "$key = :$key";

    1054. 

  1054.                 }

    1055. 

  1055.             }

    1056. 

  1056. 

    1057. 

  1057.             if (!empty($values) && $set != '') {

    1058. 

  1058.                     $values[':user'] = $user;

    1059. 

  1059.                     $sql = "$ins INTO user_personal SET user = :user, " . $set;

    1060. 

  1060. 

    1061. 

  1061.                 try {

    1062. 

  1062.                     self::query($sql, $values);

    1063. 

  1063.                     return true;

    1064. 

  1064. 

    1065. 

  1065.                 } catch (\PDOException $e) {

    1066. 

  1066.                     $errors[] = "FALLO al gestionar el registro de datos personales " . $e->getMessage();

    1067. 

  1067.                     return false;

    1068. 

  1068.                 }

    1069. 

  1069.             }

    1070. 

  1070. 

    1071. 

  1071. 

    1072. 

  1072.         }

    1073. 

  1073. 

    1074. 

  1074.         /**

    1075. 

  1075.          * Preferencias de notificacion

    1076. 

  1076.          *

    1077. 

  1077.          * @return type array

    1078. 

  1078.          */

    1079. 

  1079.         public static function getPreferences ($id) {

    1080. 

  1080.             $query = self::query('SELECT

    1081. 

  1081.                                       updates,

    1082. 

  1082.                                       threads,

    1083. 

  1083.                                       rounds,

    1084. 

  1084.                                       mailing

    1085. 

  1085.                                   FROM user_prefer

    1086. 

  1086.                                   WHERE user = ?'

    1087. 

  1087.                 , array($id));

    1088. 

  1088. 

    1089. 

  1089.             $data = $query->fetchObject();

    1090. 

  1090.             return $data;

    1091. 

  1091.         }

    1092. 

  1092. 

    1093. 

  1093.         /**

    1094. 

  1094.          * Actualizar las preferencias de notificación

    1095. 

  1095.          *

    1096. 

  1096.          * @return type booblean

    1097. 

  1097.          */

    1098. 

  1098.         public static function setPreferences ($user, $data = array(), &$errors = array()) {

    1099. 

  1099. 

    1100. 

  1100.             $values = array();

    1101. 

  1101.             $set = '';

    1102. 

  1102. 

    1103. 

  1103.             foreach ($data as $key=>$value) {

    1104. 

  1104.                 $values[":$key"] = $value;

    1105. 

  1105.                 if ($set != '') $set .= ', ';

    1106. 

  1106.                 $set .= "$key = :$key";

    1107. 

  1107.             }

    1108. 

  1108. 

    1109. 

  1109.             if (!empty($values) && $set != '') {

    1110. 

  1110.                     $values[':user'] = $user;

    1111. 

  1111.                     $sql = "REPLACE INTO user_prefer SET user = :user, " . $set;

    1112. 

  1112. 

    1113. 

  1113.                 try {

    1114. 

  1114.                     self::query($sql, $values);

    1115. 

  1115.                     return true;

    1116. 

  1116. 

    1117. 

  1117.                 } catch (\PDOException $e) {

    1118. 

  1118.                     $errors[] = "FALLO al gestionar las preferencias de notificación " . $e->getMessage();

    1119. 

  1119.                     return false;

    1120. 

  1120.                 }

    1121. 

  1121.             }

    1122. 

  1122. 

    1123. 

  1123. 

    1124. 

  1124.         }

    1125. 

  1125. 

    1126. 

  1126. 		private function getRoles () {

    1127. 

  1127. 

    1128. 

  1128.             $roles = array();

    1129. 

  1129.             

    1130. 

  1130. 		    $query = self::query('

    1131. 

  1131. 		    	SELECT

    1132. 

  1132. 		    		role.id as id,

    1133. 

  1133. 		    		role.name as name

    1134. 

  1134. 		    	FROM role

    1135. 

  1135. 		    	JOIN user_role ON role.id = user_role.role_id

    1136. 

  1136. 		    	WHERE user_id = ?

    1137. 

  1137. 		    ', array($this->id));

    1138. 

  1138.             foreach ($query->fetchAll(\PDO::FETCH_OBJ) as $rol) {

    1139. 

  1139.                 $roles[$rol->id] = $rol;

    1140. 

  1140.             }

    1141. 

  1141.             return $roles;

    1142. 

  1142. 

    1143. 

  1143. 		}

    1144. 

  1144. 

    1145. 

  1145. 

    1146. 

  1146.         /*

    1147. 

  1147.          * Lista de proyectos cofinanciados

    1148. 

  1148.          */

    1149. 

  1149.         public static function invested($user, $publicOnly = true)

    1150. 

  1150.         {

    1151. 

  1151.             $projects = array();

    1152. 

  1152. 

    1153. 

  1153.             $sql = "SELECT project.id

    1154. 

  1154.                     FROM  project

    1155. 

  1155.                     INNER JOIN invest

    1156. 

  1156.                         ON project.id = invest.project

    1157. 

  1157.                         AND invest.user = ?

    1158. 

  1158.                         AND (invest.status = 0 OR invest.status = 1)

    1159. 

  1159.                     WHERE project.status < 7

    1160. 

  1160.                     ";

    1161. 

  1161.             if ($publicOnly) {

    1162. 

  1162.                 $sql .= "AND project.status >= 3

    1163. 

  1163.                     ";

    1164. 

  1164.             }

    1165. 

  1165.             $sql .= "GROUP BY project.id

    1166. 

  1166.                     ORDER BY name ASC

    1167. 

  1167.                     ";

    1168. 

  1168. 

    1169. 

  1169.             /*

    1170. 

  1170.              * Restriccion de que no aparecen los que cofinancio que esten en edicion

    1171. 

  1171.              *  solamente no sacamos los caducados

    1172. 

  1172.              * project.status > 1 AND

    1173. 

  1173.              */

    1174. 

  1174. 

    1175. 

  1175.             $query = self::query($sql, array($user));

    1176. 

  1176.             foreach ($query->fetchAll(\PDO::FETCH_CLASS) as $proj) {

    1177. 

  1177.                 $projects[] = \Goteo\Model\Project::get($proj->id);

    1178. 

  1178.             }

    1179. 

  1179.             return $projects;

    1180. 

  1180.         }

    1181. 

  1181. 

    1182. 

  1182.         public static function calcWorth($userId) {

    1183. 

  1183.             $query = self::query('SELECT id FROM worthcracy WHERE amount <= (SELECT SUM(amount) FROM invest WHERE user = ? AND (status = 0 OR status = 1)) ORDER BY amount DESC LIMIT 1', array($userId));

    1184. 

  1184.             $worth = $query->fetchColumn();

    1185. 

  1185.             self::query('UPDATE user SET worth = :worth WHERE id = :id', array(':id' => $userId, ':worth' => $worth));

    1186. 

  1186. 

    1187. 

  1187.             return $worth;

    1188. 

  1188.         }

    1189. 

  1189. 

    1190. 

  1190.         /**

    1191. 

  1191.          * Metodo para cancelar la cuenta de usuario

    1192. 

  1192.          * Nos e borra nada, se desactiva y se oculta.

    1193. 

  1193.          *

    1194. 

  1194.          * @param string $userId

    1195. 

  1195.          * @return bool

    1196. 

  1196.          */

    1197. 

  1197.         public static function cancel($userId) {

    1198. 

  1198. 

    1199. 

  1199.             if (self::query('UPDATE user SET active = 0, hide = 1 WHERE id = :id', array(':id' => $userId))) {

    1200. 

  1200.                 return true;

    1201. 

  1201.             } else {

    1202. 

  1202.                 return false;

    1203. 

  1203.             }

    1204. 

  1204. 

    1205. 

  1205.         }

    1206. 

  1206. 

    1207. 

  1207. 

    1208. 

  1208. 	}

    1209. 

  1209. }

    1210. 

  1210.