Location: PHPKode > projects > phpC Forum > RSamaium-phpcforum-bddd8d5/phpcforum-1.0/includes/class/user.class.php
<?php
/**
Copyright © Samuel Ronce 2010
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated 
documentation files (the "Software"), to deal in the Software without restriction, including without limitation 
the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and 
to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions 
of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT 
LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

*/
/**-------------------------------------------------
Classe User : Prend les caractéristiques de l'utilisateur + gestion des permissions

Date de finition : 
Dernière modification --

Créé par Samuel Ronce

-- Tous droits réservés --
//------------------------------------------------\\
					
----------------------------------------------------**/
class User {

	public $data;
	public $session_data;
	private $db;
	private $autologin;
	public $current_ip;
	public $session_id;
	public $in_admin_panel;
	private $browser;
	private $permission_forum = array();
	private $permission_userforum = array();
	private $option = array(
			'user_allow_contact_email'		=> 	 0x1,
			'user_allow_contact_pm'			=> 	 0x2,
			'user_mask_statut'				=> 	 0x4,
			'new_pm_avert'					=> 	 0x8,
			'new_pm_popup'					=> 	 0x10,
			'user_sig'						=> 	 0x20,
			'user_reply_avert'				=> 	 0x40,
			'display_img_post'				=> 	 0x80,
			'display_flash'					=> 	 0x100,
			'display_smilies_img'			=> 	 0x200,
			'display_sig'					=> 	 0x400,
			'display_sig'					=> 	 0x400,
			'display_avatar'				=> 	 0x800
			);

	function __construct($db, $session) {
		$this->db = $db;	
		$this->current_ip = $_SERVER['REMOTE_ADDR'];
		$this->session_id = session_id();
		$user_id = $this->autologin();
		if ($this->autologin) {
			$session['user_id'] = $user_id;
			$session['user_ip'] = $_SERVER['REMOTE_ADDR'];
		}
		$this->browser = $_SERVER['HTTP_USER_AGENT'];
		if (isset($session['user_ip']) && $this->current_ip != $session['user_ip']) {
			session_destroy();
		}
		$this->in_admin_panel  = isset($session['adm_user_ip']) && $this->current_ip == $session['adm_user_ip'];
		$this->updateIP($session);
		$this->iniUserData($session);
		$this->session_register();
		$this->assignPermission();
		$this->initPermissionGroupForum();
		$this->initPermissionUserForum();
	}
	
	public function autologin() {
		$session_id = $this->loadCookie('auth');
		$data = $this->db->select(SESSIONS, 'session_id="' . $session_id . '" AND session_autologin=1 AND session_real_user_id != 0', null, null, '*', 'one');
		if (isset($data['session_real_user_id'])) {
			$this->autologin = true;
			return $data['session_real_user_id'];
		}
		else {
			$this->autologin = false;
			return false;
		}
	}
	
	public function isRegister() {
		return $this->data['user_id'] != ANONYMOUS_ID;
	}
	
	public function updateData() {
		$session = array('user_id' => $this->data['user_id']);
		$this->iniUserData($session);
	}
	
	public function session_delete() {
		 $this->db->query('DELETE FROM ' . SESSIONS . ' 
						   WHERE session_id="' . $this->session_id . '" AND session_user_id=' . $this->data['user_id']);
		session_destroy();
	}
	
	public function dataBan() {
		$sql = 'SELECT ban_id, ban_expire, ban_date FROM ' . USERS_BAN . '
				WHERE ban_user_id=' . $this->data['user_id'] . ' OR ban_ip = "' . $this->current_ip . '"';
		$result = $this->db->query($sql);
		return $result->fetch_array();
	}
	
	private function updateIP($session) {
		if (isset($session['user_id']) && $session['user_id'] != ANONYMOUS_ID) {
			$sql = 'UPDATE ' . USERS . ' 
					SET user_ip="' . $this->current_ip. '"
					WHERE user_id="' . $session['user_id'] . '"';
			$this->db->query($sql);
		}
	}
	
	private function session_register() {
		$time = time();
		
		$this->db->query('DELETE FROM ' . SESSIONS . ' WHERE session_time <= "' . ($time-3600*24*5) . '"');
		
		$ban = $this->dataBan();
		if (empty($ban['ban_id']) || !$this->isRegister())  {
			$this->session_data  = $this->db->select(SESSIONS, 'session_ip="' . $this->current_ip . '"', null, null, '*', 'one');
			
		
		if ($this->session_data['session_autologin']) {
			$this->setCookie('auth', $this->session_id);
		}
		
		$real_user_id = null;
		if ($this->session_data['session_real_user_id'] == 0 && $this->isRegister()) {
			$real_user_id = $this->data['user_id'];
		}
		
		if (empty($this->session_data['session_id'])) {
				$sql =  array(
					'session_id'			=> $this->session_id,
					'session_user_id'		=> $this->data['user_id'],
					'session_start'			=> $time,
					'session_time'			=> $time,
					'session_ip'			=> $this->current_ip,
					'session_browser'		=> $this->browser,
					'session_page'			=> $_SERVER['REQUEST_URI'],
					'session_viewonline'	=> '1',
					'session_autologin'		=> $this->autologin ? 1 : 0
				);
				if (isset($real_user_id)) {
					$sql['session_real_user_id'] = $real_user_id;
				}
				$this->db->insert(SESSIONS, $sql);
			}
			else {
				$sql = array(
					'session_id'		=> $this->session_id,
					'session_time'		=> $time,
					'session_ip'		=> $this->current_ip,
					'session_browser'	=> $this->browser,
					'session_page'		=> $_SERVER['REQUEST_URI'],
					'session_user_id'	=> $this->data['user_id']
				);
				if (isset($real_user_id)) {
					$sql['session_real_user_id'] = $real_user_id;
				}
				$this->db->update(SESSIONS, $sql, 'session_ip="' . $this->session_data['session_ip'] . '"');
			}
			$this->session_data  = $this->db->select(SESSIONS, 'session_ip="' . $this->current_ip . '"', null, null, '*', 'one');
		}

		
	}
	
	public function updateViewOnline($value) {
		$sql = 'UPDATE ' . SESSIONS . ' 
				SET session_viewonline=' . $value . '
				WHERE session_id="' . $this->session_id . '"';
		return $this->db->query($sql);
	}
	
	public function updateAutoLogin($value) {
		return $this->db->update(SESSIONS, array('session_autologin' => $value), 'session_id="' . $this->session_id . '"');
	}
	
	private function iniUserData($session) {
		$result = $this->db->query('SELECT * FROM ' . USERS . ' u, ' . GROUPS . ' g
									WHERE u.group_id=g.group_id AND user_id=' . (isset($session['user_id']) ? $session['user_id'] : ANONYMOUS_ID));
		$this->data = $result->fetch_array();
		if (empty($this->data) && isset($session['user_id'])) {
			session_destroy();
			$this->iniUserData(null);
		}
		$this->data['user_options'] = hexdec($this->data['user_options']);
	}
	
	private function assignPermission() {
		$user_permission = 0x0;
		if ($this->data['user_permissions'] == '') {
			$result = $this->db->query('SELECT group_permissions FROM ' . USERS_GROUP . ' ug, ' . GROUPS . ' g
										WHERE g.group_id = ug.group_id AND user_status=1 AND user_id=' . $this->data['user_id']);
			while ($data = $result->fetch_array()) {
				$user_permission |= hexdec($data['group_permissions']);
				
			}
			
		}
		$this->data['user_permissions'] = $user_permission;
	}

	public function isCan($permission) {
		return ($permission & $this->data['user_permissions']) == $permission;
	}
	
	public function removePermission($permission) {
		$this->data['user_permissions'] -= $permission;
		$this->registerPermission();
	}
	
	public function addPermission($permission) {
		$this->data['user_permissions'] += $permission;
		$this->registerPermission();	
	}
	
	private function registerPermission() {
		$sql = 'UPDATE ' . USERS . ' SET user_permissions="' . dechex($this->data['user_permissions']) . '" 
				WHERE user_id=' . $this->data['user_id'];
		return $this->db->query($sql);
	}
	
	public function isCanForum($permission, $forum_id) {
		if (isset($this->permission_userforum[$forum_id])) {
			$forum_permission = $this->permission_userforum[$forum_id];
		}
		else {
			// $forum_permission = $this->dataPermissionGroupForum($forum_id);
			$forum_permission = $this->permission_forum[$forum_id];
			
		}
		return ($permission & $forum_permission) == $permission;
	}
	
	private function initPermissionUserForum() {
		$result = $this->db->query('SELECT * FROM ' . USERS_PERMISSION . ' 
									WHERE user_id=' . $this->data['user_id']);
		while ($data = $result->fetch_assoc()) {
			$this->permission_userforum[$data['forum_id']] = hexdec($data['user_permission']);
		}	
	}
	
	private function dataPermissionForum($forum_id) {
		
		$result = $this->db->query('SELECT user_permission FROM ' . USERS_PERMISSION . ' 
									WHERE user_id=' . $this->data['user_id'] . ' AND forum_id="' . $forum_id . '"');
		$data = $result->fetch_array();
		$data['user_permission'] = hexdec($data['user_permission']);
		return $data['user_permission'];
		
	}
	
	private function initPermissionGroupForum() {
		if ($this->data['user_id'] == ANONYMOUS_ID) {
			$result = $this->db->select(GROUPS_PERMISSION,  'group_id=' . GROUP_VISITOR_ID, null, null, '*');
			
		}
		else {
			$result = $this->db->query('SELECT * FROM ' . GROUPS_PERMISSION . ' gp, ' . USERS_GROUP . ' ug
									WHERE gp.group_id = ug.group_id AND user_status=1 AND ug.user_id=' . $this->data['user_id']);
		}
		if ($user->data['group_id'] == GROUP_MEMBER_ID) {
		
		
		}
		while ($data = $result->fetch_assoc()) {
			if (isset($this->permission_forum[$data['forum_id']])) {
				$this->permission_forum[$data['forum_id']] |= hexdec($data['group_permission']);
			}
			else {
				$this->permission_forum[$data['forum_id']] =  hexdec($data['group_permission']);
			}
			
		}
	}
	
	/*private function dataPermissionGroupForum($forum_id) {
		$group_permission = 0x0;
		if ($this->data['user_id'] == ANONYMOUS_ID) {
			$result = $this->db->select(GROUPS_PERMISSION,  'group_id=' . GROUP_VISITOR_ID . ' AND forum_id=' . $forum_id, null, null, 'group_permission');
		}
		else {
			$result = $this->db->query('SELECT group_permission FROM ' . GROUPS_PERMISSION . ' gp, ' . USERS_GROUP . ' ug
									WHERE gp.group_id = ug.group_id AND user_status=1 AND ug.user_id=' . $this->data['user_id'] . ' AND forum_id="' . $forum_id . '"');
		}
		while ($data = $result->fetch_array()) {
			$group_permission |= hexdec($data['group_permission']);
		}
		return $group_permission;
	}*/
	
	
	public function removePermissionForum($permission, $forum_id) {
		$data = $this->dataPermissionForum($forum_id);
		$permission -= $data;
		$this->registerPermissionForum($permission, $forum_id);
	}
	
	public function addPermissionForum($permission, $forum_id) {
		$data = $this->dataPermissionForum($forum_id);
		$permission  += $data;
		$this->registerPermissionForum($permission, $forum_id);
	}
	
	private function registerPermissionForum($permission, $forum_id) {
		$sql = 'UPDATE ' . USERS_PERMISSION . ' SET user_permission="' . dechex($permission) . '" 
				WHERE user_id=' . $this->data['user_id'];
		return $this->db->query($sql);
	}
	
	public function profileOptions($label_option) {
		return ($this->option[$label_option] & $this->data['user_options']) == $this->option[$label_option];
	}
	
	public function removeProfileOptions($label_option) {
		$this->data['user_options'] -= $this->option[$label_option];
	}
	
	public function addProfileOptions($label_option) {
		$this->data['user_options'] += $this->option[$label_option];	
	}
	
	public function registerProfileOptions() {
		$sql = 'UPDATE ' . USERS . ' SET user_options="' . dechex($this->data['user_options']) . '" 
				WHERE user_id=' . $this->data['user_id'];
		return $this->db->query($sql);
	}
	
	public function getOption($label_option) {
		return $this->option[$label_option];
	}
	
	public function incrementeMsg() {
		$result = $this->db->query('SELECT user_nb_message  FROM ' . USERS . ' 
							  WHERE user_id=' . $this->data['user_id']);
		$data = $result->fetch_array();
		return $this->db->query('UPDATE ' . USERS . ' SET user_nb_message=' . ($data['user_nb_message']+1) . ' 
						   WHERE user_id=' . $this->data['user_id']);
	}
	
	public function isAdmin($permission) {
		return $this->isCan($permission['users']['admin_permission']) 		|| 
			   $this->isCan($permission['users']['admin_style']) 			||
			   $this->isCan($permission['users']['admin_group'])			||
			   $this->isCan($permission['users']['admin_delete_user'])		||
			   $this->isCan($permission['users']['admin_add_forum'])		||
			   $this->isCan($permission['users']['admin_del_forum'])		||
			   $this->isCan($permission['users']['admin_edit_forum']);
	}
	
	public function setCookie($key, $value, $name = 'phpcforum', $path = ROOT) {
		setcookie($name . '[' . $key . ']', $value, time()+3600*24*30, $path);
	}
	
	public function loadCookie($key, $name = 'phpcforum') {
		if (isset($_COOKIE[$name])) {
			return $_COOKIE[$name][$key];
		}
		else
			return null;
	}
	
	public function removeCookie($name = 'phpcforum') {
		setcookie($name, '', 1); 
	}
	
	public function setValueSession($name, $value) {
		$_SESSION[$name] = $value;
	}
	
	public function getValueSession($name) {
		return isset($_SESSION[$name]) ? $_SESSION[$name] : null;
	}
	
	public function addValueSession($name, $value, $key = null) {
		if (isset($key)) {
			$_SESSION[$name][$key] = $value;
		}
		else {
			$_SESSION[$name][] = $value;
		}
		
	}
	
	public function currentPage() {
			$current_page = $_SERVER['REQUEST_URI'];
			return $current_page;
	}
	
	public function pageIsAdm() {
		$page = $this->currentPage();
		if (preg_match('#^(' . ROOT . '/adm)#', $page)) 
			return true;
		else
			return false;
	}
	
}
?>
Return current item: phpC Forum