kelio.org/keliopanel-v4
2
0
Fork 0
Code Releases Activity

Migration SVN

Browse Source
This commit is contained in:
Benjamin Mercier
2016-02-21 14:28:40 +01:00
commit df45f10305
1455 changed files with 20440 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

327
system/api/user.api.php Executable file
View File

@@ -0,0 +1,327 @@
<?php
/**
* @class user
* @brief Manage, display user
*
* @author Benjamin Mercier
* @date 08/03/2009
* @version 0.1
*/
class user {
/**
* @brief Array with information from current hosting for all API.
* @brief Null when user is not initialized
*/
public $information_user = null;
// obsolete, a virer
//public $user_not_logued = true;
/**
* @brief Result test for userInitialize.
* @brief Get the result code before be used by userCheckAccess
*/
public $result_test = null;
/**
* @brief Check autorisation to access for the page
* @return True ONLY : Do not use, for test !
*/
public function userCheckAccess($access_min, $access_max = null)
{
$user_statut = $this->result_test;
if ( $user_statut == 1 ) {
throw new myException('SECURITY WARNING : The password of user is not the same in DB and session');
} elseif ( $user_statut == 2 ) {
redirect('error-3.xhtml');
} elseif ( $user_statut == 3 ) {
redirect('error-4.xhtml');
}
if ( is_null($this->information_user) and $access_min == 0 ) {
return TRUE;
} elseif ( is_null($this->information_user) ) {
redirect('connection.xhtml');
}
$user_lvl = $this->information_user->lvl;
if ( $user_lvl < $access_min ) {
redirect('error-1.xhtml');
} elseif ( !is_null($access_max) and $user_lvl > $access_max ) {
redirect('error-2.xhtml');
} else {
return TRUE;
}
} // End of checkaccess
/**
* @brief Initialize information_user with all informations from the current user
* @return 0 : User not found
* @return 1 : Username & password is wrong
* @return 2 : User is not active
* @return 3 : Group is not active
* @return 4 : Evrythinks is okay :-)
* @returb 5 : User is not logued
*/
public function userInitialize()
{
// The user informations is initialized ?
if ( !is_null($this->information_user) ) {
throw new myException('The var information_user is already initialized');
}
// The sessions is existing ? No : User is not logged
if ( !isset($_SESSION['user_infos']) ) {
$this->result_test = 5;
return 5;
}
// Convert session in array
$informations = unserialize($_SESSION['user_infos']);
if ( !is_array($informations) ) {
throw new myException('the user_infos is not an array');
}
// Check the information where user_id in session database
$user_info = $this->selectInformationsFromDB($informations['user_id']);
if ( !$user_info ) throw new myException("Not user found with id '$userid'");
// User is found
// Get user, password, userid from session
$password = $informations['hash'];
$userid = $informations['user_id'];
$user_info = $user_info[0];
// The password of session and DB are differents
if ( $user_info->password != $password ) {
$this->result_test = 1;
return 1;
}
// The user is not active
elseif ( $user_info->user_active == 'false' ) {
$this->result_test = 2;
return 2;
}
// The group is not active
elseif ( $user_info->group_active == 'false' ) {
$this->result_test = 3;
return 3;
}
// All tests are passed, the user is logged
else {
$this->information_user = $user_info;
$this->result_test = 4;
return 4;
}
} // End of initializeUser
/**
* @brief Return the name of the user template
* @return Name/False : If name is empty, return false
*/
public function userGetTemplate()
{
if ( is_null($this->information_user) ) throw new myException('The user is not logued');
$template_name = $this->information_user->template;
if ( empty($template_name) ) return false;
else return $template_name;
} // End of getUserTemplate
/**
* @brief Return the lang of the user
* @return Lang/False : If lang is empty, return false
*/
public function userGetLang()
{
if ( is_null($this->information_user) ) throw new myException('The user is not logued');
$lang = $this->information_user->lang;
if ( empty($lang) ) return false;
else return $lang;
} // End of getUserLang
/**
* @brief Select informations from user in database
* @param user_id -> Id of a user, optionnaly
* @return Array with informations from user or FALSE is user is not found
*/
private function selectInformationsFromDB($user_id = NULL)
{
if ( is_null($user_id) ) {
$informations = unserialize($_SESSION['user_infos']);
if ( !is_array($informations) ) throw new myException('Need to get a user_id but informations session is not initialized');
$user_id = $informations['user_id'];
}
$req = "SELECT
u.username AS user,
u.password AS password,
u.id AS userid,
u.email AS email,
u.first_name AS first_name,
u.last_name AS last_name,
u.company AS company,
u.address AS address,
u.city AS city,
u.zipcode AS zipcode,
c.flag AS countrie,
u.template AS template,
u.is_active AS user_active,
g.is_active AS group_active,
g.name AS group_name,
g.id AS groupid,
g.lvl AS lvl,
l.flag AS lang,
l.is_lang AS lang_active
FROM users AS u
LEFT JOIN groups AS g
ON u.groups_id = g.id
LEFT JOIN countries AS c
ON u.countries_id = c.id
LEFT JOIN countries AS l
ON u.lang_id = l.id
WHERE
u.id = '$user_id'";
$user_selected = $_SESSION['database']->fetchObject($req);
if ( is_array($user_selected) ) {
if ( is_null($user_selected[0]->countrie) ) throw new myException('The user selected has no countrie flag');
elseif ( is_null($user_selected[0]->groupid) ) throw new myException('The user selected has no groupid');
elseif ( is_null($user_selected[0]->lvl) ) throw new myException('The group has not a int right '.$user_selected[0]->lvl);
else {
if ( $user_selected[0]->lang_active == 'false' ) $user_selected[0]->lang = null;
return $user_selected;
}
} else {
return FALSE;
}
} // End of selectInformationsFromDB
/**
* @brief Edit an user
* @param user_id -> ID of the user
* @param first_name -> First name of the user
* @param last_name -> Last name of the user
* @param company -> Name of the company
* @param address -> Address of the user
* @param city -> City of the user
* @param zipcode -> Zipcode of the user
* @param email -> Email of the user
* @param pseudo -> Pseudo of the user
* @param countrie_id -> Countrie of the user
* @param lang_id -> Lang of the user
* @param template -> Template of the user
* @return True : Member edited
*/
private function editMember($user_id, $first_name, $last_name, $company, $address, $city, $zipcode, $email, $pseudo, $countrie_id, $lang_id, $template)
{
$user_id = $_SESSION['database']->clearString($user_id);
$first_name = $_SESSION['database']->clearString($first_name);
$last_name = $_SESSION['database']->clearString($last_name);
$company = $_SESSION['database']->clearString($company);
$address = $_SESSION['database']->clearString($address);
$city = $_SESSION['database']->clearString($city);
$zipcode = $_SESSION['database']->clearString($zipcode);
$email = $_SESSION['database']->clearString($email);
$pseudo = $_SESSION['database']->clearString($pseudo);
$countrie_id = $_SESSION['database']->clearString($countrie_id);
$lang_id = $_SESSION['database']->clearString($lang_id);
$template = $_SESSION['database']->clearString($template);
$req = "UPDATE users
SET
username = '$pseudo',
email = '$email',
template = '$template',
lang_id = '$lang_id',
first_name = '$first_name',
last_name = '$last_name',
company = '$company',
address = '$address',
city = '$city',
zipcode = '$zipcode',
countries_id = '$countrie_id',
template = '$template'
WHERE id = '$user_id'";
$_SESSION['database']->execRequest($req);
// save action to history
history::add("history_action_profile",$user_id);
return true;
} // End of editMember
/**
* @brief Edit user
* @see Description from editMember
*/
public function userEdit($first_name, $last_name, $company, $address, $city, $zipcode, $email, $pseudo, $countrie_id, $lang_id, $template)
{
if ( $this->editMember($this->information_user->userid, $first_name, $last_name, $company, $address, $city, $zipcode, $email, $pseudo, $countrie_id, $lang_id, $template) ) {
return true;
} else {
return false;
}
} // End of userEdit
/**
* @brief Check existence of an username
* @param username -> Name of username
* @return True/False
*/
public function checkUsernameExistence ($username)
{
$username = $_SESSION['database']->clearString($username);
$req = "SELECT COUNT(id) AS total FROM users WHERE username='$username'";
$number = $_SESSION['database']->fetchObject($req);
if ( $number[0]->total >= 1) {
return false;
} else return true;
} // End of checkUsernameExistence
/**
* @brief Check Countrie existence and activation
* @param ID -> ID of the countrie
* @param clause -> Optionnal clause for the where
* @return True/False
*/
public function checkCountrieExistence ($countrie_id)
{
$countrie_id = $_SESSION['database']->clearString($countrie_id);
$req = "SELECT COUNT(id) AS total FROM countries WHERE id = '$countrie_id'";
$result = $_SESSION['database']->fetchObject($req);
if ( $result[0]->total == 0 ) return false;
else return true;
} // End of checkCountrieExistence
/**
* @brief Check Lang existence and activation
* @param lang_id -> ID of the lang
* @return True/False
*/
public function checkLangExistence($lang_id)
{
$land_id = $_SESSION['database']->clearString($lang_id);
$req = "SELECT COUNT(id) AS total FROM countries WHERE id = '$lang_id' AND is_lang = 'true'";
$result = $_SESSION['database']->fetchObject($req);
if ( $result[0]->total == 0 ) return false;
else return true;
} // End of checkLangActivation
/**
* @biref Get information about countrie
* @param countrie_id -> ID of the countrie
* @return False/Array with informations
*/
public function getCountrieInformations( $countrie_id, $clause = NULL )
{
if ( !is_null($clause) ) $clause = " $clause";
$countrie_id = $_SESSION['database']->clearString($countrie_id);
$req = "SELECT id,flag,countrie,date_format,time_format,is_lang FROM countries WHERE id = '$countrie_id'$clause";
$result = $_SESSION['database']->fetchObject($req);
if ( count($result) == 0 ) return false;
else return $result[0];
}
} // End of class