|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace db\access; |
|
4
|
|
|
|
|
5
|
|
|
use Asymptix\core\Tools; |
|
6
|
|
|
use Asymptix\db\DBCore; |
|
7
|
|
|
|
|
8
|
|
|
/** |
|
9
|
|
|
* Simple User bean class. |
|
10
|
|
|
* (You can modify this class according to your database structure) |
|
11
|
|
|
* |
|
12
|
|
|
* @category Asymptix PHP Framework |
|
13
|
|
|
* @author Dmytro Zarezenko <[email protected]> |
|
14
|
|
|
* @copyright (c) 2009 - 2017, Dmytro Zarezenko |
|
15
|
|
|
* @license http://opensource.org/licenses/MIT |
|
16
|
|
|
*/ |
|
17
|
|
|
class User extends \Asymptix\db\DBTimedObject { |
|
18
|
|
|
const STATUS_ACTIVATED = 1; |
|
19
|
|
|
const STATUS_DEACTIVATED = 0; |
|
20
|
|
|
|
|
21
|
|
|
const LOGIN_NOT_ACTIVATED = 0; |
|
22
|
|
|
const LOGIN_INVALID_USERNAME = -1; |
|
23
|
|
|
const LOGIN_INVALID_PASSWORD = -2; |
|
24
|
|
|
|
|
25
|
|
|
const GENDER_NONE = 'none'; |
|
26
|
|
|
const GENDER_MALE = 'male'; |
|
27
|
|
|
const GENDER_FEMALE = 'female'; |
|
28
|
|
|
|
|
29
|
|
|
const TABLE_NAME = "users"; |
|
30
|
|
|
const ID_FIELD_NAME = "user_id"; |
|
31
|
|
|
protected $fieldsList = array( |
|
32
|
|
|
'user_id' => 0, // int(10) unsigned NOT NULL AUTO_INCREMENT |
|
33
|
|
|
'username' => "", // varchar(255) NOT NULL |
|
|
|
|
|
|
34
|
|
|
'email' => "", // varchar(255) NOT NULL |
|
|
|
|
|
|
35
|
|
|
'password' => "", // varchar(255) NOT NULL |
|
|
|
|
|
|
36
|
|
|
'auth_key' => "", // varchar(32) NOT NULL |
|
|
|
|
|
|
37
|
|
|
'role' => 0, // int(1) unsigned not null |
|
|
|
|
|
|
38
|
|
|
|
|
39
|
|
|
'full_name' => "", // VARCHAR(255) NOT NULL |
|
|
|
|
|
|
40
|
|
|
'gender' => self::GENDER_NONE, // ENUM( 'male', 'female', 'none', '' ) NOT NULL DEFAULT 'none' |
|
|
|
|
|
|
41
|
|
|
'language' => "en", // VARCHAR(2) NOT NULL DEFAULT 'en' |
|
|
|
|
|
|
42
|
|
|
|
|
43
|
|
|
'last_login_time' => "0000-00-00 00:00:00", // datetime DEFAULT NULL |
|
44
|
|
|
'create_time' => "0000-00-00 00:00:00", // datetime DEFAULT NULL |
|
45
|
|
|
'create_user_id' => 0, // int(11) DEFAULT NULL |
|
|
|
|
|
|
46
|
|
|
'update_time' => "0000-00-00 00:00:00", // datetime DEFAULT NULL |
|
47
|
|
|
'update_user_id' => 0, // int(11) DEFAULT NULL |
|
|
|
|
|
|
48
|
|
|
|
|
49
|
|
|
'activation' => 0, // tinyint(1) NOT NULL DEFAULT '0' |
|
|
|
|
|
|
50
|
|
|
|
|
51
|
|
|
'signature' => "", // TEXT NOT NULL |
|
52
|
|
|
'avatar' => "", // varchar(100) not null |
|
|
|
|
|
|
53
|
|
|
|
|
54
|
|
|
// additional fields according to your database structure |
|
55
|
|
|
); |
|
56
|
|
|
|
|
57
|
|
|
public function __construct() { |
|
58
|
|
|
parent::__construct(); |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
/** |
|
62
|
|
|
* For user accounts we must verify if login field ID is unique. |
|
63
|
|
|
*/ |
|
64
|
|
|
public function save($debug = false) { |
|
65
|
|
|
try { |
|
66
|
|
|
return parent::save($debug); |
|
67
|
|
|
} catch (DBException $ex) { |
|
|
|
|
|
|
68
|
|
|
print($ex->getMessage()); |
|
69
|
|
|
return false; //TODO: maybe verify if duplicate or other error |
|
|
|
|
|
|
70
|
|
|
} |
|
71
|
|
|
} |
|
72
|
|
|
|
|
73
|
|
|
/** |
|
74
|
|
|
* Password encoding method. |
|
75
|
|
|
* |
|
76
|
|
|
* @param string $password Password |
|
77
|
|
|
* @return string Encoded password string. |
|
78
|
|
|
*/ |
|
79
|
|
|
public static function passwordEncode($password) { |
|
80
|
|
|
return md5($password); |
|
81
|
|
|
} |
|
82
|
|
|
|
|
83
|
|
|
/** |
|
84
|
|
|
* Login functionality. |
|
85
|
|
|
* |
|
86
|
|
|
* @param string $login Username from login form. |
|
87
|
|
|
* @param string $password Password from login form. |
|
88
|
|
|
* |
|
89
|
|
|
* @return mixed User object on success or integer result code if some problems occurred. |
|
90
|
|
|
*/ |
|
91
|
|
|
public static function login($login, $password) { |
|
92
|
|
|
$user = self::_select(['email' => $login])->limit(1)->go(); |
|
93
|
|
|
if ($user) { |
|
94
|
|
|
if ($user->isActivated()) { |
|
95
|
|
|
if ($user->password == self::passwordEncode($password)) { |
|
96
|
|
|
$user->updateLoginTime(); |
|
97
|
|
|
|
|
98
|
|
|
return $user; |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
return self::LOGIN_INVALID_PASSWORD; |
|
102
|
|
|
} |
|
103
|
|
|
|
|
104
|
|
|
return self::LOGIN_NOT_ACTIVATED; |
|
105
|
|
|
} |
|
106
|
|
|
|
|
107
|
|
|
return self::LOGIN_INVALID_USERNAME; |
|
108
|
|
|
} |
|
109
|
|
|
|
|
110
|
|
|
/** |
|
111
|
|
|
* Updates login time. |
|
112
|
|
|
*/ |
|
113
|
|
|
public function updateLoginTime() { |
|
114
|
|
|
$query = "UPDATE " . self::TABLE_NAME . " |
|
115
|
|
|
SET last_login_time = NOW() |
|
116
|
|
|
WHERE " . self::ID_FIELD_NAME . " = ?"; |
|
117
|
|
|
DBCore::doUpdateQuery($query, "i", array($this->id)); |
|
|
|
|
|
|
118
|
|
|
} |
|
119
|
|
|
|
|
120
|
|
|
/** |
|
121
|
|
|
* Checks if user is logged in. |
|
122
|
|
|
* |
|
123
|
|
|
* @global User $_USER Current user object. |
|
124
|
|
|
* |
|
125
|
|
|
* @return boolean |
|
126
|
|
|
*/ |
|
127
|
|
|
public static function checkLoggedIn() { |
|
128
|
|
|
global $_USER; |
|
|
|
|
|
|
129
|
|
|
|
|
130
|
|
|
if (Tools::isInstanceOf($_USER, new self)) { |
|
|
|
|
|
|
131
|
|
|
return true; |
|
132
|
|
|
} |
|
133
|
|
|
return false; |
|
134
|
|
|
} |
|
135
|
|
|
|
|
136
|
|
|
/** |
|
137
|
|
|
* Checks if account of the current user is equal to the needed account page. |
|
138
|
|
|
* |
|
139
|
|
|
* @global User $_USER Current user object. |
|
140
|
|
|
* @param array $roles Needed roles. |
|
141
|
|
|
* |
|
142
|
|
|
* @return boolean |
|
143
|
|
|
*/ |
|
144
|
|
|
public static function checkAccountAccess($roles = array()) { |
|
145
|
|
|
global $_USER; |
|
|
|
|
|
|
146
|
|
|
|
|
147
|
|
|
if (self::checkLoggedIn()) { |
|
148
|
|
|
if (empty($roles)) { |
|
149
|
|
|
return true; |
|
150
|
|
|
} |
|
151
|
|
|
|
|
152
|
|
|
if (!is_array($roles)) { |
|
153
|
|
|
$roles = array($roles); |
|
154
|
|
|
} |
|
155
|
|
|
foreach ($roles as $role) { |
|
156
|
|
|
if ($_USER->role == $role) { |
|
157
|
|
|
return true; |
|
158
|
|
|
} |
|
159
|
|
|
} |
|
160
|
|
|
return false; |
|
161
|
|
|
} |
|
162
|
|
|
return false; |
|
163
|
|
|
} |
|
164
|
|
|
|
|
165
|
|
|
/** |
|
166
|
|
|
* Logout functionality. |
|
167
|
|
|
*/ |
|
168
|
|
|
public static function logout() { |
|
169
|
|
|
global $_USER; |
|
|
|
|
|
|
170
|
|
|
|
|
171
|
|
|
$_USER = null; |
|
172
|
|
|
session_unset(); |
|
173
|
|
|
} |
|
174
|
|
|
|
|
175
|
|
|
/** |
|
176
|
|
|
* Returns current users avatar image file path. |
|
177
|
|
|
* |
|
178
|
|
|
* @param boolean $icon Return only default icon flag. |
|
179
|
|
|
* |
|
180
|
|
|
* @return string Image path. |
|
181
|
|
|
*/ |
|
182
|
|
|
public function getAvatarPath($icon = false) { |
|
183
|
|
|
$currentAvatarFileName = $this->avatar; |
|
|
|
|
|
|
184
|
|
View Code Duplication |
if (!empty($currentAvatarFileName) && file_exists(Config::DIR_AVATARS . $currentAvatarFileName)) { |
|
|
|
|
|
|
185
|
|
|
return Config::DIR_AVATARS . $currentAvatarFileName; |
|
186
|
|
|
} |
|
187
|
|
|
if ($icon) { |
|
188
|
|
|
return "img/user_avatar.png"; |
|
189
|
|
|
} |
|
190
|
|
|
return "img/placehold/100x100.png"; |
|
191
|
|
|
} |
|
192
|
|
|
|
|
193
|
|
|
/** |
|
194
|
|
|
* Updates users avatar image file path in the DB. |
|
195
|
|
|
* |
|
196
|
|
|
* @param string $newAvatarFileName New filename. |
|
197
|
|
|
* |
|
198
|
|
|
* @return boolean Success flag. |
|
199
|
|
|
*/ |
|
200
|
|
|
public function updateAvatar($newAvatarFileName) { |
|
201
|
|
|
$currentAvatarFileName = $this->avatar; |
|
|
|
|
|
|
202
|
|
View Code Duplication |
if (!empty($currentAvatarFileName) && file_exists(Config::DIR_AVATARS . $currentAvatarFileName)) { |
|
|
|
|
|
|
203
|
|
|
unlink(Config::DIR_AVATARS . $currentAvatarFileName); |
|
204
|
|
|
} |
|
205
|
|
|
|
|
206
|
|
|
if (file_exists(Config::DIR_AVATARS . $newAvatarFileName)) { |
|
207
|
|
|
$query = "UPDATE " . self::TABLE_NAME |
|
208
|
|
|
. " SET avatar = ?" |
|
209
|
|
|
. " WHERE " . self::ID_FIELD_NAME . " = ?"; |
|
210
|
|
|
if (DBCore::doUpdateQuery($query, "si", array( |
|
211
|
|
|
$newAvatarFileName, |
|
212
|
|
|
$this->id |
|
|
|
|
|
|
213
|
|
|
))) { |
|
214
|
|
|
$this->avatar = $newAvatarFileName; |
|
|
|
|
|
|
215
|
|
|
return true; |
|
216
|
|
|
} else { |
|
217
|
|
|
return false; |
|
218
|
|
|
} |
|
219
|
|
|
} else { |
|
220
|
|
|
return false; |
|
221
|
|
|
} |
|
222
|
|
|
} |
|
223
|
|
|
|
|
224
|
|
|
} |
|
225
|
|
|
|
Asymptix /
Framework
Loading history...
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.