Location: PHPKode > projects > O - OpenSource GroupWare > osgw/osgw/classes/class.user.php
<?php
/**************************************************************************
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   @Authors:	Ryan Thompson(hide@address.com)
***************************************************************************/
/*$Id: class.user.php,v 1.36 2004/05/04 05:32:43 rthomp Exp $*/
class user
{

	var $user_id;
	var $login_time;
	var $username;
	var $name;

	/*!
		@function login()
		@author Ryan Thompson
		@abstract Logs in a user
		@version 0.1
		@params $username
		@params $password
		@return TRUE/FALSE
		@since 22-11-2003
	*/
	function login($username, $password)
	{
		
		GLOBAL $O, $session, $tracker, $security;
		
		//Return password encrypted
		$enc_password = $security->encrypt_password($password);
		
		//Match username/password to an account		
		if($this->user_id = $security->check_password($username, $enc_password))
		{
			
			if($security->system_locked())
			{
				//If system is locked only users with administrator access to admin panel can log in.
				if($security->get_access_level($this->user_id, 'ad') < 3)
				{
					return FALSE;
				}
			}

			//Account Enabled
			if(!$security->account_enabled($this->user_id))
			{
				return FALSE;
				
			} elseif($security->account_expired($this->user_id))
			{
				return FALSE;
			} else {

				//All seems good. Create session.
				
				if($session->create_session($this->user_id))
				{
					$tracker->login_success($this->user_id);
					return TRUE;
				}
			}
		} else {
			//Track failed login for user
			$tracker->login_fail($username);
			return FALSE;
		}

		return TRUE;
	}
	
	
	function update_user_data($data)
	{
		GLOBAL $O, $db, $user;
		$sql = "UPDATE o_users SET firstname='$data[firstname]',lastname='$data[lastname]',
			email='$data[email]',website='$data[website]',icq='$data[icq]',msn='$data[msn]',
			yahoo='$data[yahoo]',aim='$data[aim]' WHERE user_id='{$user->user_id}'";

		$db->query($sql);
		return TRUE;
	}
	
	function create_user($data)
	{	
		GLOBAL $O, $db, $tracker, $groups, $lang, $layout, $security, $category;
	
		$uid = $this->get_uid();

		
		if($this->user_search($data['new_username']))
		{
			//return ERROR
			echo "user exists";
			return FALSE;
		}
		
		$sql = "SELECT value FROM o_settings WHERE setting_id='9'";
		$db->query($sql);
		$db->fetch_results();
		if($db->record['value'] == 'TRUE')
		{
			$sql = "SELECT value FROM o_settings WHERE setting_id='1'";
			$db->query($sql);
			$db->fetch_results();
			$data['new_password'] = $security->random_string($db->record['value']);
		} else {
			if(!$security->compare($data['new_password'], $data['confirm_password']))
			{
				//Return error.
				echo "Compare failed";
				return FALSE;
			}
		}

		if(!$security->password_length($data['new_password']))
		{
			//Return error.
			echo "Password too short";
			return FALSE;
		} else {
		
			$password = $security->encrypt_password($data['new_password']);
			$i = 0;
			
			foreach($data['access_rights'] AS $key => $value)
			{
				$security->enable_access($uid, $key, $value, $data['new_username']);
			}
			$tracker->create_tracker($uid);
			$tracker->create_user_security($uid);
			$this->create_preferences($uid);
			$category->add_default_categories($uid);
			
			while($i < count($data['groups']))
			{
				$gid = $data['groups'][$i];
				$groups->add_user($uid, $gid);
				$i++;
			}
			
			$subject = $lang->get_msg('new_user_subject', 'ad');
			$subject = str_replace('%SITENAME%', $layout->sitename, $subject);
			$message = $lang->get_msg('new_user_message','ad');
			$message = str_replace('%SITENAME%', $layout->sitename, $message);
			$message = str_replace('%LOGIN%', $security->protocol. $O->url ."/login.php", $message);
			$message = str_replace('%USERNAME%', $data['new_username'], $message);
			$message = str_replace('%PASSWORD%', $data['new_password'], $message);
			
			if($O->mailer($data['email'], $subject, $message))
			{
				$this->add_user($uid, $password, $data);
			}
			return TRUE;
		}

	}


	function get_uid()
	{
		GLOBAL $O, $db;
		$uid = rand(100000,999999);

		$sql = "SELECT user_id FROM o_users WHERE user_id='$uid'";
		$db->query($sql);
		if($db->num_rows >= 1)
		{
			$this->get_uid();
		} else {
			return $uid;
		}
	}
	
	function create_preferences($user_id)
	{
		GLOBAL $O, $db;
		$sql = "SELECT * FROM o_preferences WHERE user_id='1'";
		$db->query($sql);
		while($db->fetch_results())
		{
			$prefs[$db->record['preference']][$db->record['service']] = $db->record;
		}
		
		foreach($prefs AS $key => $value)
		{
			foreach($prefs[$key] AS $key => $value)
			{

				$sql = "INSERT INTO o_preferences (service, user_id, preference, value) VALUES ('$key', '$user_id', '$value[preference]','$value[value]')";
				$db->query($sql);

			}
		}
	}
	
	function user_search($username)
	{
		GLOBAL $O, $db;
		$sql = "SELECT username FROM o_users WHERE username='$username'";
		$db->query($sql);
		
		if($db->num_rows >= 1)
		{

			return TRUE;
		} else {
			return FALSE;
		}
	}
	
	function add_user($uid, $password, $data)
	{
		GLOBAL $O, $db;
		
		$time = time();
		$sql = "INSERT INTO o_users (user_id, username, firstname, lastname, password, email,
			date_created) VALUES ('$uid','$data[new_username]','$data[firstname]',
			'$data[lastname]','$password','$data[email]','$time')";
		$db->query($sql);
		return;
	}
	
	function get_user_agent()
	{
		return $_SERVER['HTTP_USER_AGENT'];
	}
	
	function get_user_ip()
	{
		return $_SERVER["REMOTE_ADDR"];
	}
	
	
	function drop_account($user_id)
	{
		GLOBAL $O, $db, $security, $error;

		$sql = "SELECT username FROM o_users WHERE user_id='$user_id'";
		$db->query($sql);
		$db->fetch_results();
		$username = $db->record['username'];

		$sql = "SELECT location FROM o_services";
		$db->query($sql);
		
		$i = 0;
		while($db->fetch_results())
		{
			$service[$i] = $db->record['location'];
			$i++;
		}
		$i = 0;
		//echo count($service);
		while($i < count($service))
		{
			$security->delete_from_service($service[$i], $username, $user_id);
			$i++;
		}

		$sql = "DELETE FROM o_users WHERE user_id='$user_id'";
		$db->query($sql);
	}
	
	function forgot_password($email, $username)
	{
		GLOBAL $O, $db, $error, $layout, $security;
		
		$db->query("SELECT user_id, firstname, lastname FROM o_users WHERE email='$email' AND username='$username'");
		if($db->num_rows == 1)
		{
			$db->fetch_results();
			$new_password = $security->random_string(8);
			$fn = $db->record['firstname'];
			$ln = $db->record['lastname'];
			$uid = $db->record['user_id'];
		 	$message = "$fn $ln\n\n
				A request was made to create a new password for the account matching this address
				at ". $O->sitename ." below is a new password to access your account\n\n
				New Password: $new_password\n\n If you did not make this request sorry for the inconvenience";
			if($O->mailer($email, $layout->sitename ." - Password Retrieval", $message))
			{
				$enc_password = $security->encrypt_password($new_password);
				
				$sql = "UPDATE o_users SET password='$enc_password' WHERE user_id='$uid'";
				$db->query($sql);
				
				echo "A new password has been sent to the corresponding address"; 
			}
		} else {
			$error->get_message(1003);
			return FALSE;
		}
		
	}

	/*!
		@function get_preferences()
		@author Ryan Thompson
		@abstract Retrieves a user preference from the database
		@version 0.1
		@params $service - Current service the preference is for
		@params $preference - The preference item were looking for
		@return $value - The value of the preference
		@since 07-11-2003
	*/
	function get_preference($service, $preference, $user_id)
	{
	
		GLOBAL $O, $db, $error;
				
		$sql = "SELECT value FROM o_preferences WHERE service='$service' AND
			 preference='$preference' AND user_id='". $user_id ."'";
		$db->query($sql);
		$db->fetch_results();
		
		return $db->record['value'];
	}
	
	/*!
		@function get_default_service()
		@author Ryan Thompson
		@abstract Retrieves default service on user login
		@version 0.1
		@return $service_location
		@since 06-11-2003
	*/
	function get_default_service($user_id)
	{
		GLOBAL $O, $db;
		$service = $this->get_preference('gl', 'default_service', $user_id);
		$sql = "SELECT location FROM o_services WHERE code='$service'";
		$db->query($sql);
		$db->fetch_results();
		
		return $db->record['location'];
	}
	
	/*!
		@function update_preferences()
		@author Ryan Thompson
		@abstract Updates users preferences and adds them if they're missing
		@version 0.1
		@params $data
		@params $service
		@params $user_id
		@return TRUE
		@since 09-12-2003
	*/
	function update_preferences($data, $service, $user_id)
	{
		GLOBAL $db;
		foreach($data AS $key => $value)
		{
			//Make sure they have this preference to update. If not. Add it.
			$sql = "SELECT preference FROM o_preferences WHERE preference='$key' 
				AND service='$service' AND user_id='$user_id'";
			$db->query($sql);
			if($db->num_rows == 0)
			{
				//Move add else where.
				$sql = "INSERT INTO o_preferences (user_id, service, preference, value) VALUES
					('$user_id','$service','$key','$value')";
					
			} else {
				$sql = "UPDATE o_preferences SET value='$value' WHERE preference='$key' AND user_id='$user_id' 
				AND service='$service'";
			}
			$db->query($sql);
		
		}
		return;
	}
	
	/*!
		@function get_all_prefs()
		@author Ryan Thompson
		@abstract Gets all preferences relating to a service
		@version 0.1
		@params $service
		@params $user_id
		@return $pref_list[]
		@since 09-12-2003
	*/	
	function get_all_prefs($service, $user_id)
	{
		GLOBAL $db;
		
		$sql = "SELECT * FROM o_preferences WHERE user_id='$user_id' AND service='$service'";
		$db->query($sql);
	
		while($db->fetch_results())
		{
				$pref = $db->record['preference'];
				$pref_list[$db->record['preference']] = $db->record['value'];
		}
		
		return $pref_list;
	}
}

?>
Return current item: O - OpenSource GroupWare