| [ Index ] |
|
Code source de Plume CMS 1.2.2 |
1 <?php 2 /* -*- tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 3 /* 4 # ***** BEGIN LICENSE BLOCK ***** 5 # This file is part of Plume CMS, a website management application. 6 # Copyright (C) 2001-2005 Loic d'Anterroches and contributors. 7 # 8 # Plume CMS is free software; you can redistribute it and/or modify 9 # it under the terms of the GNU General Public License as published by 10 # the Free Software Foundation; either version 2 of the License, or 11 # (at your option) any later version. 12 # 13 # Plume CMS is distributed in the hope that it will be useful, 14 # but WITHOUT ANY WARRANTY; without even the implied warranty of 15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 # GNU General Public License for more details. 17 # 18 # You should have received a copy of the GNU General Public License 19 # along with this program; if not, write to the Free Software 20 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 21 # 22 # ***** END LICENSE BLOCK ***** */ 23 24 /*============================================================================= 25 Class User 26 =============================================================================*/ 27 define('PX_USER_NOINIT', 0); 28 define('PX_USER_INIT', 1); 29 define('PX_USER_SYNCHRO_FROM_SESSION', 2); 30 define('PX_USER_SYNCHRO_TO_SESSION', 3); 31 32 require_once dirname(__FILE__).'/../extinc/class.recordset.php'; 33 34 /** 35 * The User class stores the user data when doing manipulation on the user. 36 * Through RecordSet the User class extends the CError class. When a call 37 * to a method is not successfull it is always possible to get the reason 38 * by accessing the error message through the methods provided by CError. 39 */ 40 class User extends RecordSet 41 { 42 var $prefs = array(); 43 var $webs = array(); 44 var $wdata = array(); 45 var $website = ''; //current website 46 var $lang = ''; //current lang (can change with the website) 47 var $con = null; 48 49 /** 50 * Constructor. 51 * The user object is initialized from the id (integer) or 52 * username (string). If no id or username is given, an empty 53 * User object is created. 54 * 55 * @param mixed Id or username ('') 56 */ 57 function User($user='') 58 { 59 if (!empty($user) and !is_array($user)) { 60 $this->con =& pxDBConnect(); 61 $this->load($user); 62 } elseif (is_array($user)) { 63 parent::recordset($user); 64 } 65 } 66 67 /** 68 * Load user data from the database. 69 * Given an id (integer) or a username (string) the data from the 70 * corresponding user are loaded from the database. 71 * If no id or username are given, try to load from the user_id 72 * taken from $this->f('user_id') 73 * 74 * @param mixed Id or username of the user ('') 75 * @return bool Success 76 */ 77 function load($user='') 78 { 79 if (empty($user)) { 80 $user = $this->f('user_id'); 81 if (empty($user)) { 82 $this->setError('Error: No user_id or username given, impossible to load the user.'); 83 return false; 84 } 85 } 86 $user_id = 0; 87 if (!preg_match('/[^0-9]/', $user)) { 88 //Only digits, this is the user id 89 $user_id = $user; 90 } 91 92 $this->con =& pxDBConnect(); 93 if ($user_id === 0) { 94 $req = 'SELECT * FROM '.$this->con->pfx.'users 95 WHERE user_username 96 LIKE \''.$this->con->escapeStr($user).'\' LIMIT 1'; 97 } else { 98 //The previous check ensures that $user is a safe string 99 //with only digits. 100 $req = 'SELECT * FROM '.$this->con->pfx.'users 101 WHERE user_id='.$user.' LIMIT 1'; 102 } 103 if (($rs = $this->con->select($req)) !== false) { 104 //init the internal array with the user data 105 parent::recordset($rs->getData()); 106 107 if (false === $this->loadPrefs() || 108 false === $this->loadWebsites()) { 109 return false; 110 } 111 } else { 112 $this->setError('MySQL: '. $this->con->error(), 500); 113 return false; 114 } 115 return true; 116 } 117 118 119 /** 120 * Return the user id. 121 * 122 * @return int User id 123 */ 124 function getId() 125 { 126 return $this->f('user_id'); 127 } 128 129 /** 130 * Get the list of resources created by the user. 131 * 132 * @param string Website id, all the websites if empty ('') 133 * @return mixed Recordset object with the resources or false 134 * 135 * @todo Should return a ResourceSet object. 136 */ 137 function getListResources($website='') 138 { 139 $userid = $this->f('user_id'); 140 $this->con =& pxDBConnect(); 141 142 $r = 'SELECT * FROM '.$this->con->pfx.'resources 143 WHERE user_id = \''.$this->con->escapeStr($userid).'\''; 144 if (!empty($website)) 145 $r .= ' AND website_id = \''.$this->con->escapeStr($website).'\''; 146 147 if (($rs = $this->con->select($r)) !== false) { 148 return $rs; 149 } else { 150 $this->setError('MySQL: ' . $this->con->error(), 500); 151 return false; 152 } 153 } 154 155 /** 156 * Get the rights on a given website. 157 * 158 * @param string Website id 159 * @return int Level 160 */ 161 function getWebsiteLevel($website) 162 { 163 $levels = $this->getWebsiteLevels(); 164 if (isset($levels[$website])) { 165 return $levels[$website]; 166 } 167 return 0; 168 } 169 170 /** 171 * Get the levels for the websites. 172 * 173 * If no user id is given, uses the current one. 174 * 175 * @param int User id ('') 176 * @return array Associative array array('websiteid' => level, ...); 177 */ 178 function getWebsiteLevels($user_id='') 179 { 180 if ('' == $user_id) { 181 $user_id = $this->f('user_id'); 182 } 183 $res = array(); 184 $this->con =& pxDBConnect(); 185 186 $req = SQL::getWebsiteLevels($user_id); 187 if (($rs = $this->con->select($req)) !== false) { 188 while (!$rs->EOF()) { 189 $res[$rs->f('website_id')] = $rs->f('level'); 190 $rs->moveNext(); 191 } 192 } else { 193 $this->setError('MySQL: ' . $this->con->error(), 500); 194 return false; 195 } 196 return $res; 197 } 198 199 200 201 /** 202 * Clean the current user object. 203 * This is a basic cleaning, some state variables from the recordset 204 * and CError parents are not cleaned. 205 * 206 * @return void 207 */ 208 function clear() 209 { 210 $this->prefs = array(); 211 $this->webs = array(); 212 $this->wdata = array(); 213 $this->arry_data = array(); 214 $this->website =''; 215 $this->lang = ''; 216 } 217 218 /** 219 * Clean the current user object and remove it from the session. 220 * The session is closed and destroyed. 221 * 222 * @return void 223 */ 224 function logout() 225 { 226 $this->clear(); 227 session_unset(); 228 session_destroy(); 229 } 230 231 /** 232 * Check the login/password of a user. 233 * This method can be used as a static method. Thus it is 234 * not possible to get directly the error message from 235 * the Connection object if an error occured in the DB query. 236 * To get the message, use pxDBConnect() to get a Connection object and 237 * check the last error message. 238 * 239 * @param string Username 240 * @param string Password 241 * @return bool The pair is valid or not 242 */ 243 function checkUser($user, $pswd) 244 { 245 if (0 == strlen($user) || 0 == strlen($pswd)) return false; 246 $con =& pxDBConnect(); 247 $r = 'SELECT user_username, user_password 248 FROM '.$con->pfx.'users WHERE user_username 249 LIKE \''.$con->escapeStr($user).'\' LIMIT 1'; 250 if (($rs = $con->select($r)) !== false) { 251 $md5pass = $rs->f('user_password'); 252 return (md5($pswd) == $md5pass); 253 } else { 254 return false; 255 } 256 } 257 258 259 /** 260 * Load user preferences. 261 * The preferences are stored in the $this->prefs member variable. 262 * 263 * @return bool Success 264 */ 265 function loadPrefs() 266 { 267 $user = $this->f('user_id'); 268 $this->prefs = array(); 269 $this->con =& pxDBConnect(); 270 271 if ((int)$user > 0) { 272 $req = 'SELECT * FROM '.$this->con->pfx.'userprefs 273 WHERE user_id LIKE \''.$this->con->escapeStr($user).'\''; 274 if (($rs = $this->con->select($req)) !== false) { 275 $d = $rs->getData(); 276 while (list( , $val) = each($d)) { 277 $this->prefs[$val['keyname']][$val['website_id']] = $val['data']; 278 } 279 $this->lang = $this->getPref('lang', $this->website); 280 } else { 281 $this->setError('MySQL: ' . $this->con->error(), 500); 282 return false; 283 } 284 } else { 285 return false; 286 } 287 return true; 288 } 289 290 /** 291 * Get one preference. 292 * 293 * @return string preference or empty string if no pref 294 * @param string key 295 * @param string website id 296 */ 297 function getPref($key, $websiteid = '') 298 { 299 if (strlen($key) == 0) 300 return ''; 301 if (strlen($websiteid) == 0) 302 $websiteid = $this->website; 303 if (!empty($this->prefs[$key][$websiteid])) 304 return $this->prefs[$key][$websiteid]; 305 if (!empty($this->prefs[$key]['#all#'])) 306 return $this->prefs[$key]['#all#']; 307 if (!empty($GLOBALS['_PX_config'][$key])) 308 return $GLOBALS['_PX_config'][$key]; 309 return ''; 310 } 311 312 /** 313 * Load user website grants and data. 314 * The website grants are saved in $this->webs 315 * The website data are saved in $this->wdata 316 * 317 * @return bool Success 318 */ 319 function loadWebsites() 320 { 321 $user = $this->f('user_id'); 322 $this->webs = array(); 323 $this->wdata = array(); 324 $this->con =& pxDBConnect(); 325 326 if ((int)$user > 0) { 327 $req = SQL::getWebsiteLevels($user); 328 if (($rs = $this->con->select($req)) !== false) { 329 while (!$rs->EOF()) { 330 $this->webs[$rs->f('website_id')] = $rs->f('level'); 331 $this->wdata[$rs->f('website_id')]['website_name'] = $rs->f('website_name'); 332 $this->wdata[$rs->f('website_id')]['website_url'] = $rs->f('website_url'); 333 $this->wdata[$rs->f('website_id')]['website_reurl'] = $rs->f('website_reurl'); 334 $this->wdata[$rs->f('website_id')]['website_xmedia_path'] = $rs->f('website_xmedia_path'); 335 $rs->moveNext(); 336 } 337 } else { 338 $this->setError('MySQL: ' . $this->con->error(), 500); 339 return false; 340 } 341 } else { 342 return false; 343 } 344 return true; 345 } 346 347 /** 348 * Set the current website. 349 * It loads the lang preference of the website and try to set the 350 * locale. 351 * 352 * @param string Website id 353 * @return bool True 354 */ 355 function setWebsite($website) 356 { 357 $this->website = $website; 358 $this->lang = $this->getPref('lang', $website); 359 if (false === @setlocale(LC_ALL, $this->lang)) { 360 @setlocale(LC_ALL, $this->lang.'_'.strtoupper($this->lang)); 361 } 362 return true; 363 } 364 365 /** 366 * Remove a pref for a user in the database, and in the 367 * user object. 368 * 369 * @return bool success 370 * @param string Key 371 * @param string Website id ('#all#') 372 * @param bool Remove in all the websites (false) 373 * @param bool Remove only in the session (false) 374 */ 375 function removePref($key, $website='#all#', $all=false, $sessiononly=false) 376 { 377 if (strlen($key) == 0) return false; 378 379 if (!empty($_SESSION['prefs'][$key][$website])) 380 unset($_SESSION['prefs'][$key][$website]); 381 if (!empty($this->prefs[$key][$website])) 382 unset($this->prefs[$key][$website]); 383 384 if (false == $sessiononly) { 385 $this->con =& pxDBConnect(); 386 $extra = ''; 387 if (false === $all) 388 $extra = 'website_id=\''.$this->con->escapeStr($website).'\' 389 AND '; 390 $r = 'DELETE FROM '.$this->con->pfx.'userprefs 391 WHERE user_id=\''.$this->f('user_id').'\' AND 392 '. $extra .' keyname=\''.$this->con->escapeStr($key).'\''; 393 return $this->con->execute($r); 394 } 395 return true; 396 } 397 398 /** 399 * Save a user preference. 400 * The user preference can be saved only in the session or in the session 401 * and the database. 402 * 403 * @param string Key of the preference 404 * @param mixed Value of the preference 405 * @param string Website id ('') Set as current is none given 406 * @param bool Save only in the session (false) 407 */ 408 function savePref($key, $value, $website='', $sessiononly=false) 409 { 410 if (strlen($website) == 0) { 411 $website = $this->website; 412 } 413 414 if (false === ($error = $this->removePref($key, $website, false, $sessiononly))) { 415 return $this->con->error(); 416 } 417 418 if (strlen($value) > 0) { 419 if (false === $sessiononly) { 420 $req = 'INSERT INTO '.$this->con->pfx.'userprefs SET 421 user_id=\''.$this->con->escapeStr($this->f('user_id')).'\', 422 website_id=\''.$this->con->escapeStr($website).'\', 423 keyname =\''.$this->con->escapeStr($key).'\', 424 data =\''.$this->con->escapeStr($value).'\''; 425 426 if (false === $this->con->execute($req)) { 427 return $this->con->error(); 428 } 429 } 430 $_SESSION['prefs'][$key][$website] = $value; 431 $this->prefs[$key][$website] = $value; 432 } 433 return true; 434 } 435 436 /** 437 * Synchronize the User object from or to the session. 438 * The User object is used in the manager to store the data of the 439 * currently logged user. To avoid a set of queries against the database 440 * for each page in the manager, the object can be saved in the session 441 * and restored from the session. This is the purpose of this method. 442 * 443 * @param int Direction of the synchro (PX_USER_SYNCHRO_FROM_SESSION) 444 * @return bool Success 445 */ 446 function synchronize($dir=PX_USER_SYNCHRO_FROM_SESSION) 447 { 448 if (PX_USER_SYNCHRO_FROM_SESSION == $dir) { 449 //Init the User object from data in the session 450 parent::recordset($_SESSION['user']); 451 $this->prefs = $_SESSION['prefs']; 452 $this->webs = $_SESSION['webs']; 453 $this->wdata = $_SESSION['wdata']; 454 $this->website = $_SESSION['website_id']; 455 $this->lang = $this->getPref('lang', $this->website); 456 457 // set the locale 458 if (false === @setlocale(LC_ALL, $this->lang)) { 459 @setlocale(LC_ALL, $this->lang.'_'.strtoupper($this->lang)); 460 } 461 } else { 462 $_SESSION['user_id'] = $this->f('user_id'); 463 $_SESSION['prefs'] = $this->prefs; 464 $_SESSION['webs'] = $this->webs; 465 $_SESSION['wdata'] = $this->wdata; 466 $_SESSION['website_id'] = $this->website; 467 $_SESSION['user'] = $this->getData(); 468 $_SESSION['lang'] = $this->getPref('lang', $this->website); 469 setcookie('lang', $_SESSION['lang'], time()+31536000); 470 setcookie('website_id', $_SESSION['website_id'], time()+31536000); 471 } 472 return true; 473 } 474 475 476 /* ======================================================================== 477 * Set of utility methods. 478 * ===================================================================== */ 479 480 /** 481 * Increase the size of the textarea preference. 482 * 483 * @param string Textarea to increase the size 484 * @return int New size, max value 100 485 */ 486 function increase($area) 487 { 488 $p = $this->getPref($area); 489 $p = $p + 5; 490 if ($p > 100) $p = 100; 491 $this->savePref($area, $p); 492 return $p; 493 } 494 495 /** 496 * Decrease the size of the textarea preference. 497 * 498 * @param string Textarea to decrease the size 499 * @return int New size, min value 5 500 */ 501 function decrease($area) 502 { 503 $p = $this->getPref($area); 504 $p = $p - 5; 505 if ($p < 5) $p = 5; 506 $this->savePref($area, $p); 507 return $p; 508 } 509 510 /** 511 * Get the current "main" theme for the user. 512 * It can be used for the path to the images and css. 513 * If the user's theme is not available anymore or if no 514 * theme is defined yet, 'default' is returned. 515 * 516 * @return string Theme id. 517 */ 518 function getTheme() 519 { 520 $theme = $this->getPref('theme'); 521 // check if the path exists else reset to 'default' 522 if (strlen($theme) > 0 523 && file_exists($GLOBALS['_PX_config']['manager_path'].'/themes/'.$theme.'/')) { 524 return $theme; 525 } else { 526 return 'default'; 527 } 528 } 529 530 /** 531 * Get the current "plugin" theme for the user. 532 * It can be used for the path to the images and css of the current plugin, 533 * as the "main" theme may not be available for the plugin. 534 * 535 * @param string Id of the plugin (plugin folder) 536 * @return string Theme id 537 */ 538 function getPluginTheme($plugin) 539 { 540 $theme = $this->getPref('theme'); 541 // check if the path exists else reset to 'default' 542 if (strlen($theme) > 0 543 && file_exists(config::f('manager_path').'/tools/'.$plugin.'/themes/'.$theme.'/')) { 544 return $theme; 545 } else { 546 return 'default'; 547 } 548 } 549 550 551 } // end class User 552 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 11:57:01 2007 | par Balluche grâce à PHPXref 0.7 |
|
|