Location: PHPKode > projects > SASHA > SASHA/inc/lib/lib.user.php
<?php

/**
 * SASHA :: inc/lib/lib.user.php
 *
 * This contains all of the user classes.
 *
 * @package SASHA
 * @copyright (C) 2006-2010 Gordon P. Hemsley
 * @license docs/LICENSE BSD License
 * @version $Id: lib.user.php 84 2010-01-21 01:26:56Z gphemsley $
 */

/**
 * User
 *
 * Base class for User
 *
 * @package SASHA
 * @subpackage User
 */
class User
{
	/**
	 * User->user_info
	 *
	 * @var array $user_info Contains information about the current user
	 */
	var $user_info;

	/**
	 * User::__construct()
	 *
	 * Gets user information for the given user ID.
	 *
	 * @param int $user_id User ID for which to get information
	 * @return array User information
	 */
	function __construct( $user_id )
	{
		global $Database;
		global $config;

		$this->user_info = array(
			'id'					=>	USER_ANONYMOUS,
			'username'				=>	'Anonymous',
			'email'					=>	'hide@address.com',
			'full_name'				=>	'Anonymous',
			'preferred_name'		=>	'Anonymous',
			'default_institution'	=>	$config['default_institution'],
			'type'					=>	UT_ANONYMOUS
		);

		$sql = 'SELECT u.*
			FROM users u
			WHERE u.user_id = ' . (int) $user_id;

		$result = $Database->query( $sql );

		if( $Database->has_result( $result ) )
		{
			while( $user = $Database->fetch_assoc( $result ) )
			{
				$this->user_info['id'] = (int) $user['user_id'];
				$this->user_info['username'] = $user['username'];
				$this->user_info['email'] = $user['email_address'];
				$this->user_info['full_name'] = $user['full_name'];
				$this->user_info['preferred_name'] = $user['preferred_name'];
				$this->user_info['default_institution'] = $user['default_institution'];
//				$this->user_info['type'] = (int) $user['user_type'];
			}
		}

		$Database->free_result( $result );

		return $this->user_info;
	}

	/**
	 * User::_check_username_availability()
	 *
	 * Checks whether the given username is already in use.
	 *
	 * @access protected
	 * @param string $username Username to check
	 * @return bool Availability of username
	 */
	protected function _check_username_availability( $username )
	{
		global $Database;

		$sql = "SELECT username
			FROM users
			WHERE username = '" . $Database->escape( $username ) . "'";

		$result = $Database->query( $sql );
		$username = $Database->fetch_assoc( $result );
		$Database->free_result( $result );

		if( !empty( $username ) )
		{
			return FALSE;
		}
		else
		{
			return TRUE;
		}
	}

	/**
	 * User::validate_username()
	 *
	 * Checks whether the given username is valid.
	 *
	 * @access protected
	 * @param string $username Username to validate
	 * @return bool Validity of username
	 */
	protected function _validate_username( $username )
	{
		return (bool) preg_match( '/[a-z0-9_-]+/i', $username );
	}

	/**
	 * User::_check_password_strength()
	 *
	 * Checks whether the given password is strong.
	 *
	 * @access protected
	 * @param string $password Password to check
	 * @return bool Strength of password
	 */
	protected function _check_password_strength( $password )
	{
		return (bool) preg_match( '/.{6,}/', $password );
	}

	/**
	 * User::validate_email_address()
	 *
	 * Checks whether the given e-mail address is valid.
	 *
	 * @access protected
	 * @param string $email_address E-mail address to validate
	 * @return bool Validity of e-mail address
	 */
	protected function _validate_email_address( $email_address )
	{
		return (bool) preg_match( '/.+@(.+\.)+.+/', $email_address );
	}

	/**
	 * User::_check_email_address_availability()
	 *
	 * Checks whether the given e-mail address is already in use.
	 *
	 * @access protected
	 * @param string $email_address E-mail address to check
	 * @return bool Availability of e-mail address
	 */
	protected function _check_email_address_availability( $email_address )
	{
		global $Database;

		$sql = "SELECT email_address
			FROM users
			WHERE email_address = '" . $Database->escape( $email_address ) . "'";

		$result = $Database->query( $sql );
		$email_address = $Database->fetch_assoc( $result );
		$Database->free_result( $result );

		if( !empty( $email_address ) )
		{
			return FALSE;
		}
		else
		{
			return TRUE;
		}
	}

	/**
	 * User::register_user()
	 *
	 * Creates a new user.
	 *
	 * @todo Add user type to the mix.
	 *
	 * @param string $username Username
	 * @param string $password Password
	 * @param string $password_confirm Confirm password
	 * @param string $email_address E-mail address
	 * @param string $full_name Full name
	 * @param string $preferred_name Preferred name
	 * @param string $default_institution Default institution
	 * @return bool Was registration successful?
	 */
	function register_user( $username, $password, $password_confirm, $email_address, $full_name, $preferred_name, $default_institution )
	{
		global $SASHA, $Database;

		$error = FALSE;

		// Make sure username is valid.
		if( empty( $username ) || !$this->_validate_username( $username ) )
		{
			print_message( 'bad', 'Please enter a valid username. Usernames may only contain letters, numbers, hyphens, and underscores.', 'Invalid username.' );

			$error = TRUE;
		}

		// Make sure username is available.
		if( !empty( $username ) && !$this->_check_username_availability( $username ) )
		{
			print_message( 'bad', 'Sorry, that username is taken. Please choose a different username.', 'Username taken.' );

			$error = TRUE;
		}

		// Make sure passwords match.
		if( $password !== $password_confirm )
		{
			print_message( 'bad', 'Please ensure that both passwords are the same.', 'Password mismatch.' );

			$error = TRUE;
		}

		// Make sure password is strong enough.
		if( empty( $password ) || !$this->_check_password_strength( $password ) )
		{
			print_message( 'bad', 'Please enter a stronger password, with at least 6 characters. It is recommended that you use uppercase and lowercase letters, numbers, and symbols for the best security.', 'Weak password.' );

			$error = TRUE;
		}

		// Make sure e-mail address is valid.
		if( empty( $email_address ) || !$this->_validate_email_address( $email_address ) )
		{
			print_message( 'bad', 'Please enter a valid e-mail address.', 'Invalid e-mail address.' );

			$error = TRUE;
		}

		// Make sure e-mail address is available.
		if( !empty( $email_address ) && !$this->_check_email_address_availability( $email_address ) )
		{
			print_message( 'bad', 'Sorry, that e-mail address is already in use. Please use a different e-mail address.', 'E-mail address in use.' );

			$error = TRUE;
		}

		// Make sure institution is valid.
		if( empty( $default_institution ) || !$SASHA->validate_institution( $default_institution ) )
		{
			print_message( 'bad', 'Please select a valid institution.', 'Invalid institution.' );

			$error = TRUE;
		}

		// If there was an error, we can't continue.
		if( $error )
		{
			return FALSE;
		}

		$sql = "INSERT INTO users ( username, password, email_address, full_name, preferred_name, default_institution, registration_date, user_type )
			VALUES ( '" . $Database->escape( strtolower( $username ) ) . "', '" . sha1( $password ) . "', '" . $Database->escape( $email_address ) . "', '" . $Database->escape( $full_name ) . "', '" . $Database->escape( $preferred_name ) . "', '" . $Database->escape( $default_institution ) . "', " . time() . ', ' . UT_STUDENT . ' )';

		if( $result = $Database->query( $sql ) )
		{
			return TRUE;
		}
		else
		{
			return FALSE;
		}
	}

	/**
	 * User::print_registration_form()
	 *
	 * Prints user registration form.
	 *
	 * @param array $defaults Default values to pre-propagate the form
	 * @return void Prints user registration form
	 */
	function print_registration_form( $defaults = array() )
	{
		global $SASHA;

		$form_data = array(
			array(
				'type'	=>	'header',
				'name'	=>	'registration-header',
				'label'	=>	'Register',
				'data'	=>	array(
					'level'		=>	2
				)
			),
			array(
				'type'	=>	'text',
				'name'	=>	'username',
				'label'	=>	'Username',
				'data'	=>	array(
					'size'		=>	25,
					'maxlength'	=>	255,
					'value'		=>	@$defaults['username']
				)
			),
			array(
				'type'	=>	'password',
				'name'	=>	'password',
				'label'	=>	'Password',
				'data'	=>	array(
					'size'		=>	25,
					'maxlength'	=>	255,
					'value'		=>	@$defaults['password']
				)
			),
			array(
				'type'	=>	'password',
				'name'	=>	'password_confirm',
				'label'	=>	'Confirm Password',
				'data'	=>	array(
					'size'		=>	25,
					'maxlength'	=>	255,
					'value'		=>	@$defaults['password_confirm']
				)
			),
			array(
				'type'	=>	'text',
				'name'	=>	'email',
				'label'	=>	'E-mail Address',
				'data'	=>	array(
					'size'		=>	30,
					'maxlength'	=>	320,
					'value'		=>	@$defaults['email']
				)
			),
			array(
				'type'	=>	'text',
				'name'	=>	'full_name',
				'label'	=>	'Full Name',
				'data'	=>	array(
					'size'		=>	50,
					'value'		=>	@$defaults['full_name']
				)
			),
			array(
				'type'	=>	'text',
				'name'	=>	'preferred_name',
				'label'	=>	'Preferred Name',
				'data'	=>	array(
					'size'		=>	30,
					'value'		=>	@$defaults['preferred_name']
				)
			),
			array(
				'type'	=>	'institution',
				'name'	=>	'default_institution',
				'label'	=>	'Default Institution',
				'data'	=>	array( @$defaults['default_institution'] )
			),
			array(
				'type'	=>	'submit',
				'name'	=>	'submit',
				'data'	=>	array(
					'value'	=>	'Register'
				)
			)
		);

		print_message( NULL, 'SASHA requires you to be a registered user in order to store your personal data. Please use the form below to register a new user.' );

		$SASHA->create_form( 'registration-form', ROOT . 'register.php', $form_data );
	}
}

?>
Return current item: SASHA