File ernel/member.php

  1: <?php
  2: /**
  3:  * XOOPS Kernel Class
  4:  *
  5:  * You may not change or alter any portion of this comment or credits
  6:  * of supporting developers from this source code or any supporting source code
  7:  * which is considered copyrighted (c) material of the original comment or credit authors.
  8:  * This program is distributed in the hope that it will be useful,
  9:  * but WITHOUT ANY WARRANTY; without even the implied warranty of
 10:  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 11:  *
 12:  * @copyright       (c) 2000-2016 XOOPS Project (www.xoops.org)
 13:  * @license             GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html)
 14:  * @package             kernel
 15:  * @since               2.0.0
 16:  * @author              Kazumi Ono (AKA onokazu) http://www.myweb.ne.jp/, http://jp.xoops.org/
 17:  */
 18: defined('XOOPS_ROOT_PATH') || exit('Restricted access');
 19: 
 20: require_once $GLOBALS['xoops']->path('kernel/user.php');
 21: require_once $GLOBALS['xoops']->path('kernel/group.php');
 22: 
 23: /**
 24:  * XOOPS member handler class.
 25:  * This class provides simple interface (a facade class) for handling groups/users/
 26:  * membership data.
 27:  *
 28:  *
 29:  * @author              Kazumi Ono <onokazu@xoops.org>
 30:  * @copyright       (c) 2000-2016 XOOPS Project (www.xoops.org)
 31:  * @package             kernel
 32:  */
 33: class XoopsMemberHandler
 34: {
 35:     /**
 36:      * holds reference to group handler(DAO) class
 37:      * @access private
 38:      */
 39:     protected $groupHandler;
 40: 
 41:     /**
 42:      * holds reference to user handler(DAO) class
 43:      */
 44:     protected $userHandler;
 45: 
 46:     /**
 47:      * holds reference to membership handler(DAO) class
 48:      */
 49:     protected $membershipHandler;
 50: 
 51:     /**
 52:      * holds temporary user objects
 53:      */
 54:     protected $membersWorkingList = array();
 55: 
 56:     /**
 57:      * constructor
 58:      * @param XoopsDatabase|null| $db
 59:      */
 60:     public function __construct(XoopsDatabase $db)
 61:     {
 62:         $this->groupHandler = new XoopsGroupHandler($db);
 63:         $this->userHandler = new XoopsUserHandler($db);
 64:         $this->membershipHandler = new XoopsMembershipHandler($db);
 65:     }
 66: 
 67:     /**
 68:      * create a new group
 69:      *
 70:      * @return XoopsGroup XoopsGroup reference to the new group
 71:      */
 72:     public function &createGroup()
 73:     {
 74:         $inst = $this->groupHandler->create();
 75: 
 76:         return $inst;
 77:     }
 78: 
 79:     /**
 80:      * create a new user
 81:      *
 82:      * @return XoopsUser reference to the new user
 83:      */
 84:     public function createUser()
 85:     {
 86:         $inst = $this->userHandler->create();
 87: 
 88:         return $inst;
 89:     }
 90: 
 91:     /**
 92:      * retrieve a group
 93:      *
 94:      * @param  int $id ID for the group
 95:      * @return XoopsGroup XoopsGroup reference to the group
 96:      */
 97:     public function getGroup($id)
 98:     {
 99:         return $this->groupHandler->get($id);
100:     }
101: 
102:     /**
103:      * retrieve a user
104:      *
105:      * @param  int $id ID for the user
106:      * @return XoopsUser reference to the user
107:      */
108:     public function getUser($id)
109:     {
110:         if (!isset($this->membersWorkingList[$id])) {
111:             $this->membersWorkingList[$id] = $this->userHandler->get($id);
112:         }
113: 
114:         return $this->membersWorkingList[$id];
115:     }
116: 
117:     /**
118:      * delete a group
119:      *
120:      * @param  XoopsGroup $group reference to the group to delete
121:      * @return bool   FALSE if failed
122:      */
123:     public function deleteGroup(XoopsGroup $group)
124:     {
125:         $s1 = $this->membershipHandler->deleteAll(new Criteria('groupid', $group->getVar('groupid')));
126:         $s2 = $this->groupHandler->delete($group);
127: 
128:         return ($s1 && $s2);// ? true : false;
129:     }
130: 
131:     /**
132:      * delete a user
133:      *
134:      * @param  XoopsUser $user reference to the user to delete
135:      * @return bool   FALSE if failed
136:      */
137:     public function deleteUser(XoopsUser $user)
138:     {
139:         $s1 = $this->membershipHandler->deleteAll(new Criteria('uid', $user->getVar('uid')));
140:         $s2 = $this->userHandler->delete($user);
141: 
142:         return ($s1 && $s2);// ? true : false;
143:     }
144: 
145:     /**
146:      * insert a group into the database
147:      *
148:      * @param  XoopsGroup $group reference to the group to insert
149:      * @return bool       TRUE if already in database and unchanged
150:      *                           FALSE on failure
151:      */
152:     public function insertGroup(XoopsGroup $group)
153:     {
154:         return $this->groupHandler->insert($group);
155:     }
156: 
157:     /**
158:      * insert a user into the database
159:      *
160:      * @param XoopsUser $user reference to the user to insert
161:      * @param bool      $force
162:      *
163:      * @return bool TRUE if already in database and unchanged
164:      *              FALSE on failure
165:      */
166:     public function insertUser(XoopsUser $user, $force = false)
167:     {
168:         return $this->userHandler->insert($user, $force);
169:     }
170: 
171:     /**
172:      * retrieve groups from the database
173:      *
174:      * @param  CriteriaElement $criteria  {@link CriteriaElement}
175:      * @param  bool            $id_as_key use the group's ID as key for the array?
176:      * @return array           array of {@link XoopsGroup} objects
177:      */
178:     public function getGroups(CriteriaElement $criteria = null, $id_as_key = false)
179:     {
180:         return $this->groupHandler->getObjects($criteria, $id_as_key);
181:     }
182: 
183:     /**
184:      * retrieve users from the database
185:      *
186:      * @param  CriteriaElement $criteria  {@link CriteriaElement}
187:      * @param  bool            $id_as_key use the group's ID as key for the array?
188:      * @return array           array of {@link XoopsUser} objects
189:      */
190:     public function getUsers(CriteriaElement $criteria = null, $id_as_key = false)
191:     {
192:         return $this->userHandler->getObjects($criteria, $id_as_key);
193:     }
194: 
195:     /**
196:      * get a list of groupnames and their IDs
197:      *
198:      * @param  CriteriaElement $criteria {@link CriteriaElement} object
199:      * @return array           associative array of group-IDs and names
200:      */
201:     public function getGroupList(CriteriaElement $criteria = null)
202:     {
203:         $groups = $this->groupHandler->getObjects($criteria, true);
204:         $ret    = array();
205:         foreach (array_keys($groups) as $i) {
206:             $ret[$i] = $groups[$i]->getVar('name');
207:         }
208: 
209:         return $ret;
210:     }
211: 
212:     /**
213:      * get a list of usernames and their IDs
214:      *
215:      * @param  CriteriaElement $criteria {@link CriteriaElement} object
216:      * @return array           associative array of user-IDs and names
217:      */
218:     public function getUserList(CriteriaElement $criteria = null)
219:     {
220:         $users =& $this->userHandler->getObjects($criteria, true);
221:         $ret   = array();
222:         foreach (array_keys($users) as $i) {
223:             $ret[$i] = $users[$i]->getVar('uname');
224:         }
225: 
226:         return $ret;
227:     }
228: 
229:     /**
230:      * add a user to a group
231:      *
232:      * @param  int $group_id ID of the group
233:      * @param  int $user_id  ID of the user
234:      * @return XoopsMembership XoopsMembership
235:      */
236:     public function addUserToGroup($group_id, $user_id)
237:     {
238:         $mship = $this->membershipHandler->create();
239:         $mship->setVar('groupid', $group_id);
240:         $mship->setVar('uid', $user_id);
241: 
242:         return $this->membershipHandler->insert($mship);
243:     }
244: 
245:     /**
246:      * remove a list of users from a group
247:      *
248:      * @param  int   $group_id ID of the group
249:      * @param  array $user_ids array of user-IDs
250:      * @return bool  success?
251:      */
252:     public function removeUsersFromGroup($group_id, $user_ids = array())
253:     {
254:         $criteria = new CriteriaCompo();
255:         $criteria->add(new Criteria('groupid', $group_id));
256:         $criteria2 = new CriteriaCompo();
257:         foreach ($user_ids as $uid) {
258:             $criteria2->add(new Criteria('uid', $uid), 'OR');
259:         }
260:         $criteria->add($criteria2);
261: 
262:         return $this->membershipHandler->deleteAll($criteria);
263:     }
264: 
265:     /**
266:      * get a list of users belonging to a group
267:      *
268:      * @param  int  $group_id ID of the group
269:      * @param  bool $asobject return the users as objects?
270:      * @param  int  $limit    number of users to return
271:      * @param  int  $start    index of the first user to return
272:      * @return array Array of {@link XoopsUser} objects (if $asobject is TRUE)
273:      *                        or of associative arrays matching the record structure in the database.
274:      */
275:     public function getUsersByGroup($group_id, $asobject = false, $limit = 0, $start = 0)
276:     {
277:         $user_ids = $this->membershipHandler->getUsersByGroup($group_id, $limit, $start);
278:         if (!$asobject) {
279:             return $user_ids;
280:         } else {
281:             $ret = array();
282:             foreach ($user_ids as $u_id) {
283:                 $user =& $this->getUser($u_id);
284:                 if (is_object($user)) {
285:                     $ret[] = &$user;
286:                 }
287:                 unset($user);
288:             }
289: 
290:             return $ret;
291:         }
292:     }
293: 
294:     /**
295:      * get a list of groups that a user is member of
296:      *
297:      * @param  int  $user_id  ID of the user
298:      * @param  bool $asobject return groups as {@link XoopsGroup} objects or arrays?
299:      * @return array array of objects or arrays
300:      */
301:     public function getGroupsByUser($user_id, $asobject = false)
302:     {
303:         $group_ids = $this->membershipHandler->getGroupsByUser($user_id);
304:         if (!$asobject) {
305:             return $group_ids;
306:         } else {
307:             foreach ($group_ids as $g_id) {
308:                 $ret[] = $this->getGroup($g_id);
309:             }
310: 
311:             return $ret;
312:         }
313:     }
314: 
315:     /**
316:      * log in a user
317:      *
318:      * @param  string    $uname username as entered in the login form
319:      * @param  string    $pwd   password entered in the login form
320:      *
321:      * @return XoopsUser|false logged in XoopsUser, FALSE if failed to log in
322:      */
323:     public function loginUser($uname, $pwd)
324:     {
325:         $db = XoopsDatabaseFactory::getDatabaseConnection();
326:         $uname = $db->escape($uname);
327:         $pwd = $db->escape($pwd);
328:         $criteria = new Criteria('uname', $uname);
329:         $user =& $this->userHandler->getObjects($criteria, false);
330:         if (!$user || count($user) != 1) {
331:             return false;
332:         }
333: 
334:         $hash = $user[0]->pass();
335:         $type = substr($user[0]->pass(), 0, 1);
336:         // see if we have a crypt like signature, old md5 hash is just hex digits
337:         if ($type==='$') {
338:             if (!password_verify($pwd, $hash)) {
339:                 return false;
340:             }
341:             // check if hash uses the best algorithm (i.e. after a PHP upgrade)
342:             $rehash = password_needs_rehash($hash, PASSWORD_DEFAULT);
343:         } else {
344:             if ($hash!=md5($pwd)) {
345:                 return false;
346:             }
347:             $rehash = true; // automatically update old style
348:         }
349:         // hash used an old algorithm, so make it stronger
350:         if ($rehash) {
351:             if ($this->getColumnCharacterLength('users', 'pass') < 255) {
352:                 error_log('Upgrade required on users table!');
353:             } else {
354:                 $user[0]->setVar('pass', password_hash($pwd, PASSWORD_DEFAULT));
355:                 $this->userHandler->insert($user[0]);
356:             }
357:         }
358:         return $user[0];
359:     }
360: 
361:     /**
362:      * Get maximum character length for a table column
363:      *
364:      * @param string $table  database table
365:      * @param string $column table column
366:      *
367:      * @return int|null max length or null on error
368:      */
369:     public function getColumnCharacterLength($table, $column)
370:     {
371:         /** @var XoopsMySQLDatabase $db */
372:         $db = XoopsDatabaseFactory::getDatabaseConnection();
373: 
374:         $dbname = constant('XOOPS_DB_NAME');
375:         $table = $db->prefix($table);
376: 
377:         $sql = sprintf(
378:             'SELECT `CHARACTER_MAXIMUM_LENGTH` FROM `information_schema`.`COLUMNS` '
379:             . "WHERE TABLE_SCHEMA = '%s'AND TABLE_NAME = '%s' AND COLUMN_NAME = '%s'",
380:             $db->escape($dbname),
381:             $db->escape($table),
382:             $db->escape($column)
383:         );
384: 
385:         /** @var mysqli_result $result */
386:         $result = $db->query($sql);
387:         if ($result) {
388:             $row = $db->fetchRow($result);
389:             if ($row) {
390:                 $columnLength = $row[0];
391:                 return (int) $columnLength;
392:             }
393:         }
394:         return null;
395:     }
396: 
397:     /**
398:      * count users matching certain conditions
399:      *
400:      * @param  CriteriaElement $criteria {@link CriteriaElement} object
401:      * @return int
402:      */
403:     public function getUserCount(CriteriaElement $criteria = null)
404:     {
405:         return $this->userHandler->getCount($criteria);
406:     }
407: 
408:     /**
409:      * count users belonging to a group
410:      *
411:      * @param  int $group_id ID of the group
412:      * @return int
413:      */
414:     public function getUserCountByGroup($group_id)
415:     {
416:         return $this->membershipHandler->getCount(new Criteria('groupid', $group_id));
417:     }
418: 
419:     /**
420:      * updates a single field in a users record
421:      *
422:      * @param  XoopsUser $user       reference to the {@link XoopsUser} object
423:      * @param  string    $fieldName  name of the field to update
424:      * @param  string    $fieldValue updated value for the field
425:      * @return bool      TRUE if success or unchanged, FALSE on failure
426:      */
427:     public function updateUserByField(XoopsUser $user, $fieldName, $fieldValue)
428:     {
429:         $user->setVar($fieldName, $fieldValue);
430: 
431:         return $this->insertUser($user);
432:     }
433: 
434:     /**
435:      * updates a single field in a users record
436:      *
437:      * @param  string          $fieldName  name of the field to update
438:      * @param  string          $fieldValue updated value for the field
439:      * @param  CriteriaElement $criteria   {@link CriteriaElement} object
440:      * @return bool            TRUE if success or unchanged, FALSE on failure
441:      */
442:     public function updateUsersByField($fieldName, $fieldValue, CriteriaElement $criteria = null)
443:     {
444:         return $this->userHandler->updateAll($fieldName, $fieldValue, $criteria);
445:     }
446: 
447:     /**
448:      * activate a user
449:      *
450:      * @param  XoopsUser $user reference to the {@link XoopsUser} object
451:      * @return mixed      successful? false on failure
452:      */
453:     public function activateUser(XoopsUser $user)
454:     {
455:         if ($user->getVar('level') != 0) {
456:             return true;
457:         }
458:         $user->setVar('level', 1);
459:         $actkey = substr(md5(uniqid(mt_rand(), 1)), 0, 8);
460:         $user->setVar('actkey', $actkey);
461: 
462:         return $this->userHandler->insert($user, true);
463:     }
464: 
465:     /**
466:      * Get a list of users belonging to certain groups and matching criteria
467:      * Temporary solution
468:      *
469:      * @param  array           $groups    IDs of groups
470:      * @param  CriteriaElement $criteria  {@link CriteriaElement} object
471:      * @param  bool            $asobject  return the users as objects?
472:      * @param  bool            $id_as_key use the UID as key for the array if $asobject is TRUE
473:      * @return array           Array of {@link XoopsUser} objects (if $asobject is TRUE)
474:      *                                    or of associative arrays matching the record structure in the database.
475:      */
476:     public function getUsersByGroupLink($groups, CriteriaElement $criteria = null, $asobject = false, $id_as_key = false)
477:     {
478:         $ret           = array();
479:         $criteriaCompo = new CriteriaCompo();
480:         $select        = $asobject ? 'u.*' : 'u.uid';
481:         $sql           = "SELECT DISTINCT {$select} " . ' FROM ' . $this->userHandler->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->membershipHandler->db->prefix('groups_users_link') . ' AS m ON m.uid = u.uid WHERE ';
482:         if (!empty($groups)) {
483:             $criteriaCompo->add(new Criteria('m.groupid', '(' . implode(', ', $groups) . ')', 'IN'));
484:         }
485: 
486:         $limit = $start = 0;
487:         if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
488:             $criteriaCompo->add($criteria);
489:             $sql_criteria = $criteriaCompo->render();
490:             if ($criteria->getSort() != '') {
491:                 $sql_criteria .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder();
492:             }
493:             $limit = $criteria->getLimit();
494:             $start = $criteria->getStart();
495:         } else {
496:             $sql_criteria = $criteriaCompo->render();
497:         }
498: 
499:         if ($sql_criteria) {
500:             $sql .= $sql_criteria;
501:         } else {
502:             $sql .= '1 = 1';
503:         }
504: 
505:         if (!$result = $this->userHandler->db->query($sql, $limit, $start)) {
506:             return $ret;
507:         }
508:         while ($myrow = $this->userHandler->db->fetchArray($result)) {
509:             if ($asobject) {
510:                 $user = new XoopsUser();
511:                 $user->assignVars($myrow);
512:                 if (!$id_as_key) {
513:                     $ret[] =& $user;
514:                 } else {
515:                     $ret[$myrow['uid']] =& $user;
516:                 }
517:                 unset($user);
518:             } else {
519:                 $ret[] = $myrow['uid'];
520:             }
521:         }
522: 
523:         return $ret;
524:     }
525: 
526:     /**
527:      * Get count of users belonging to certain groups and matching criteria
528:      * Temporary solution
529:      *
530:      * @param  int             $groups IDs of groups
531:      * @param  CriteriaElement $criteria
532:      * @return int             count of users
533:      */
534:     public function getUserCountByGroupLink($groups, CriteriaElement $criteria = null)
535:     {
536:         $ret           = 0;
537:         $criteriaCompo = new CriteriaCompo();
538:         $sql           = 'SELECT DISTINCT COUNT(u.uid) ' . ' FROM ' . $this->userHandler->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->membershipHandler->db->prefix('groups_users_link') . ' AS m ON m.uid = u.uid' . ' WHERE ';
539:         if (!empty($groups)) {
540:             $criteriaCompo->add(new Criteria('m.groupid', '(' . implode(', ', $groups) . ')', 'IN'));
541:         }
542:         if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
543:             $criteriaCompo->add($criteria);
544:         }
545:         $sql_criteria = $criteriaCompo->render();
546: 
547:         if ($sql_criteria) {
548:             $sql .= $sql_criteria;
549:         } else {
550:             $sql .= '1 = 1';
551:         }
552: 
553:         if (!$result = $this->userHandler->db->query($sql)) {
554:             return $ret;
555:         }
556:         list($ret) = $this->userHandler->db->fetchRow($result);
557: 
558:         return $ret;
559:     }
560: }
561:
Namespaces

Classes

Interfaces

Exceptions

Functions
