<?php
/**
* Administrative methods for use with the MySQL driver
* @package phlyMail Nahariya 4.0+ Default branch
* @subpackage Config interface
* @copyright 2003-2010 phlyLabs, Berlin (http://phlylabs.de)
* @version 4.1.0mod1 2010-07-06
*/
class admin extends driver {
// This is the constructor
function __construct($Conf, $secaccpass = true)
{
parent::__construct($Conf, $secaccpass);
$this->Tbl['admin'] = $this->DB['db_pref'].'admin';
return true;
}
/**
* Administrators counterpart of authenticate()
* @param string admin name
* @return $return array data on success, FALSE otherwise
* $return[0] uid of the admin
* $return[1] MD5 hash of admin's password
*/
function adm_auth($un = '')
{
$un = $this->escape($un);
$qid = $this->query('SELECT uid,password,externalemail email FROM '.$this->Tbl['admin'].' WHERE username="'.$un.'" AND active="1"');
return $this->fetchrow($qid);
}
/**
*
* Return the basic user data for an admin's user ID
* @param integer user id
* @return $return array data on success, FALSE otherwise
*/
function get_admdata($uid = 0)
{
return $this->fetchassoc($this->query('SELECT uid,username,externalemail email,active,choices,permissions,is_root,unix_timestamp(logintime) as login_time, '.'unix_timestamp(logouttime) as logout_time FROM '.$this->Tbl['admin'].' WHERE uid="'.intval($uid).'"'));
}
// Administrators counterparts for failure count (identical API)
function get_admfail($uid = false)
{
if (!$uid) return false;
return $this->fetchassoc($this->query('SELECT fail_count,fail_time FROM '.$this->Tbl['admin'].' WHERE uid='.intval($uid)));
}
function set_admfail($uid = false)
{
if (!$uid) return false;
return $this->query('UPDATE '.$this->Tbl['admin'].' set fail_count=fail_count+1, fail_time=unix_timestamp() WHERE uid='.intval($uid));
}
function reset_admfail($uid = false)
{
if (!$uid) return false;
return $this->query('UPDATE '.$this->Tbl['admin'].' set fail_count=0, fail_time=0 WHERE uid='.intval($uid));
}
/**
* Set login timestamp of a specific admin
* @param integer user id)
* @return void
*/
function set_admlogintime($uid = false)
{
if (!$uid) return false;
return $this->query('UPDATE '.$this->Tbl['admin'].' set logintime=NOW() WHERE uid='.intval($uid));
}
/**
* Set logout timestamp of a specific admin
* @param integer user id)
* @return void
*/
function set_admlogouttime($uid = false)
{
if (!$uid) return false;
return $this->query('UPDATE '.$this->Tbl['admin'].' set logouttime=NOW() WHERE uid='.intval($uid));
}
/**
* Update the record of an admin in the database
* @param $input array containing user data
* $input['uid'] UserID to update
* $input['username'] Login name
* $input['password'] Password (Omit if unchanged)
* $input['email'] Email address for notifications
* $input['active'] '0' for no, '1' for yes (Omit if unchanged)
* $input['is_root'] SuperAdmin flag; 'no'|'yes' (Omit if unchanged)
* $input['choices'] string settings (Omit if unchanged)
* $input['permissions'] string permissions (Omit if unchanged)
* @return TRUE on success, FALSE otherwise
*/
function upd_admin($input)
{
$query = 'UPDATE '.$this->Tbl['admin'].' SET username="'.$this->escape($input['username']).'",externalemail="'.$this->escape($input['email']).'"';
if (isset($input['password']) && $input['password']) $query .= ',password=md5("'.$this->escape($input['password']).'")';
if (isset($input['active'])) $query .= ',active="'.intval($input['active']).'"';
if (isset($input['is_root'])) $query .= ',is_root="'.$this->escape($input['is_root']).'"';
if (isset($input['choices']) && $input['choices']) $query .= ',choices="'.$this->escape($input['choices']).'"';
if (isset($input['permissions']) && $input['permissions']) $query .= ',permissions="'.$this->escape($input['permissions']).'"';
$query .= ' WHERE uid="'.intval($input['uid']).'"';
return ($this->query($query));
}
/**
* Get index for all administrators
* If you pass "include superadmins" as boolean TRUE, you will also get SAs in the list, else not
* If a search pattern is given, only usernames containing it will be returned;
* the pattern may contain '*' or '%' as wildcards
* If the num (number of admins) and optionally the start values are given, only the search results
* within this range are returned
* @param integer user id
* @param boolean include superadmins
*[@param string pattern]
*[@param string criteria]
*[@param integer num]
*[@param integer start]
* @return array data on success, FALSE otherwise
*/
function get_admidx($uid = 0, $include_sa, $pattern = '', $criteria = '', $num = 0, $start = 0)
{
$return = array();
$q_l = 'SELECT uid,username FROM '.$this->Tbl['admin'].' WHERE 1';
if (!$include_sa) $q_l .= ' AND is_root!="yes"';
$pattern = addslashes($pattern);
if (strlen($pattern) > 0) $pattern = str_replace('*', '%', $this->escape($pattern)); $q_l.=' AND username LIKE "'.$pattern.'"';
switch ($criteria) {
case 'inactive': $q_l .= ' AND active="0"'; break;
case 'active': $q_l .= ' AND active="1"'; break;
case 'locked': $q_l .= ' AND fail_count>='.$GLOBALS['WP_core']['countonfail']; break;
}
$q_r = ($num != 0) ? ' LIMIT '.intval($start).','.intval($num) : '';
$qid = $this->query($q_l.' ORDER BY username'.$q_r);
while (list ($uid, $username) = $this->fetchrow($qid)) {
$return[$uid] = $username;
}
return $return;
}
/** Get numbers of users, acitve users, inactive users, locked administrators
* @param integer $failcount the number of failed logins to be considered as 'locked'
* @return array data on Succes, empty array on failure
* $return['all'] All users
* $return['active'] active
* $return['inactive'] inactive
* $return['locked'] locked
*/
function get_admoverview($failcount)
{
$qid = $this->query('SELECT count(*), active FROM '.$this->Tbl['admin'].' GROUP by active');
while (list ($number, $active) = $this->fetchrow($qid)) {
$num[$active] = $number;
}
list ($locked) = $this->fetchrow($this->query('SELECT count(*) FROM '.$this->Tbl['admin'].' where fail_count >= '.intval($failcount)));
$return = array
('inactive' => isset($num['0']) ? $num['0'] : 0
,'active' => isset($num['1']) ? $num['1'] : 0
,'locked' => isset($locked) ? $locked : 0
);
$return['all'] = $return['active'] + $return['inactive'] + $return['locked'];
return $return;
}
/**
* Insert a new admin into the database
* @param $input array containing admin data
* $input['username'] Login name
* $input['password'] Password
* $input['email'] Email address for notifications
* $input['active'] '0' for no, '1' for yes
* $input['is_root'] SuperAdmin flag; 'no'|'yes' (Default: 'no')
* $input['choices'] string settings (Default:empty string)
* $input['permissions'] string permissions (Default:empty string)
* @return UserID of created user on success, FALSE otherwise
*/
function add_admin($input)
{
if (!isset($input['choices'])) $input['choices'] = '';
if (!isset($input['permissions'])) $input['permissions'] = '';
if (!isset($input['is_root'])) $input['is_root'] = 'no';
if ($this->query('INSERT '.$this->Tbl['admin'].' (username,password,externalemail,active,is_root,choices,permissions) VALUES ("'
.$this->escape($input['username']).'",md5("'.$this->escape($input['password']).'"),"'
.$this->escape($input['email']).'","'.$this->escape($input['active']).'","'
.$this->escape($input['is_root']).'","'.$this->escape($input['choices']).'","'
.$this->escape($input['permissions']).'")')) {
return $this->insertid();
}
return false;
}
/**
* Delete an admin from the database
* @param $username username of the admin to be deleted
* @return TRUE on success, FALSE otherwise
*/
function delete_admin($un)
{
list ($uid) = $this->fetchrow($this->query('SELECT uid FROM '.$this->Tbl['admin'].' WHERE username="'.$this->escape($un).'"'));
return $this->query('DELETE FROM '.$this->Tbl['admin'].' WHERE uid="'.$uid.'"');
}
/**
* Switch activity status of a user
* @param string username
* @param 0|1 status
* @return TRUE on success, FALSE otherwise
*/
function onoff_admin($username, $active)
{
return $this->query('UPDATE '.$this->Tbl['admin'].' SET active="'.$this->escape($active).'" WHERE username="'.$this->escape($username).'"');
}
/**
* Check, if a given admin's name (already) exists in the database
* @param string username
* @return TRUE if exists, FALSE otherwise
*/
function checkfor_admname($admname = '')
{
list ($exists) = $this->fetchrow($this->query('SELECT 1 FROM '.$this->Tbl['user'].' WHERE username="'.$this->escape($admname).'" LIMIT 1'));
return (1 == $exists);
}
public function add_group($name, $childof = 0, $description = '')
{
$this->query('INSERT '.$this->Tbl['group'].' SET `friendly_name`="'.$this->escape($name).'"'
.',`childof`='.intval($childof).',`description`="'.$this->escape($description).'", `active`="1"');
return $this->insertid();
}
/**
* Handy short cut method to check, whether this installation has any groups
* or permissions defined. This is used on new installations or those upgraded from
* a version prior to 4, where permsssions were not used.
*
* Opposed to MessageCenter we don't have neither groups nor permissions...
*
* @return bool TRUE
*/
public function has_permissions_set()
{
return true;
}
}
?>