<?php
/**
================================================================================ 
 LISENCE
================================================================================

    This file is part of php4dvd.

    php4dvd is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    php4dvd is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with php4dvd. If not, see <http://www.gnu.org/licenses/>.
**/

/**
 * This is the User class. Users can log in on a website and have permissions.
 * In this case, there are three permissions: Guest, Editor, Admin.
 * Guests can view the movie collection.
 * Editors can edit the movie information and delete movies.
 * Admins can create and remove user accounts.
 */

class User extends DataObject { 
	// All variables
	var $id;
	var $email;
	var $username;
	var $password;
	var $permission;
	var $lastlogin;
	
	// Static vars for the user permissions
	var $GUEST = 0;
	var $EDITOR = 1;
	var $ADMIN = 2;
	
	// Constructor, default permission is guest for security reasons.
	function User() { 
		$this->permission = $this->GUEST;
	}

	// Update alle gevens van de User
	function update() {
		// MySQL query
		$query  = "UPDATE users SET ";
		$query .= "email			= '".addslashes($this->email)."', ";
		$query .= "username			= '".addslashes($this->username)."', ";
		$query .= "password			= '".addslashes($this->password)."', ";
		$query .= "permission		= '".addslashes($this->permission)."', ";
		$query .= "lastlogin		= '".addslashes($this->lastlogin)."' ";
		$query .= "WHERE id = '".addslashes($this->id)."'";

		mysql_query($query) or
			die (mysql_error());
	}
	
	/**
	 * Check the permissions of the user.
	 * When a user is Admin, he/she is also editor and guest.
	 */
	function isGuest() {
		return $this->permission >= $this->GUEST;
	}
	function isEditor() {
		return $this->permission >= $this->EDITOR;
	}
	function isAdmin() {
		return $this->permission >= $this->ADMIN;
	}
	
	/**
	 * Generate a random password.
	 *
	 * @param int $passwordLength
	 * @return the password
	 */
	function generateRandomPassword($passwordLength = 8) {
		$salt = "abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ234567892345678923456789";
		srand((double)microtime() * 1000000); // start the random generator

		$password = ""; // set the inital variable
		for($i = 0; $i < $passwordLength; $i++)  // loop and create password
			$password = $password.substr($salt, rand()%strlen($salt), 1);
		
		return $password;
	}
}

?>