<?php
//#################################################################################################
//	Class User
//#################################################################################################
//	chillyCMS - Content Management System
//	Copyright (C) 2008
//	Stefanie Wiegand <hide@address.com> & Johannes Cox <hide@address.com>
//	
//	This program is licensed under the GPL 3.0 license. For more information see LICENSE.txt.
//#################################################################################################
defined('DOIT') or die('Restricted access');

class User {
	//Class variables//////////////////////////////////////////////////////////////////////////
	private $uid;		//User ID
	private $user;		//Nickname, false = nonexistent
	private $name;		//real name, false = nonexistent
	private $pw;		//Password, false = wrong
	private $gids;		//Array of all groups the user is in. Min: 1 group, comma-separated
	private $gids_assoc;	//array("gid"=>"r", "gid2"=>"w",...);
	private $modgids;	//Groups where the user is admin
	private $modgids_assoc;	//array("gid"=>"r", "gid2"=>"w",...);
	private $backend;	//0/1
	private $active;	//0/1
	private $email;
	private $language;
	private $getnewsletter;	//0/1
	//Functions////////////////////////////////////////////////////////////////////////////////
	//Constructor, creates a new User
	public function __construct($user, $pw) {
		global $page,$groups;

		//read user from database, case insensitive
		$lowername=strtolower($page->db->escape($user));
		$page->query("select * from system_users where `user`=lower('$lowername') limit 1");
		$result = $page->db->getdata();

		if ($result) {
			//found one user
			if (!empty($result)) {
				$this->uid = $result["uid"];
				$this->user = $result["user"];
				$this->name = $result["name"];
				$this->email = $result["email"];
				$this->language = $result["language"];
				$this->getnewsletter = $result["getnewsletter"];
				//check password
				if ($pw == $result["pw"]) { $this->pw = $result["pw"]; }
				else { $this->pw = false; }
				//gids & active
				$this->gids = explode(",", $result["gids"]);
				$this->active = $result["active"];
				//read backend access from groups table
				$this->backend=0;
				$this->modgids=$this->gids_assoc=array();
				//look at all groups the user is in
				foreach ($groups as $g) {
					if (in_array($g["gid"],$this->gids)) {
						if (isset($g["write"]) && $g["write"]==1) {
							$this->gids_assoc[$g["gid"]]="w";
						} else {
							$this->gids_assoc[$g["gid"]]="r";
						}
					}
					//--if one of them has backend access let the user in
					if ($g["backend"]==1 && in_array($g["gid"],$this->gids)) {
						$this->backend=1;
					}
					//--if the user is the mod in that group set modgids
					if ($g["moderator"]==$this->uid) {
						$this->modgids[]=$g["gid"];
						if (isset($g["write"]) && $g["write"]==1) {
							$this->modgids_assoc[$g["gid"]]="w";
						} else {
							$this->modgids_assoc[$g["gid"]]="r";
						}
					}
				}
			} else {
				$this->setinvalid();
			}
		//username not found in database
		} else {
			$this->setinvalid();
		}
	}
	//Getter
	public function __get($name) {
		if (isset($name, $this->$name)) { return $this->$name; }
		else { return false; }
	}
	//Setter
	public function __set($name,$value) {
		if (isset($name, $this->$name)) { $this->$name=$value; }
		else { return false; }	
	}
	public function setinvalid() {
		$this->gids=array();
		$this->uid=$this->user=$this->name=$this->pw=$this->backend=$this->active=
		$this->language=$this->getnewsletter=false;
	}
	public function get_permission($pw) {
		if ($this->user==false) { return "wronguser";}
		elseif ($this->pw != $pw) { return "wrongpw";}
		elseif (!$this->active) { return "inactive";}
		else { return "ok"; }
	}
}
?>