1 |
<? |
2 |
/** |
3 |
* This file contains the Tracker::User module. |
4 |
* |
5 |
* @author Andreas Motl <andreas.motl@ilo.de> |
6 |
* @package org.netfrag.flib |
7 |
* @name Tracker::User |
8 |
* |
9 |
*/ |
10 |
|
11 |
|
12 |
// ----------------------------------------------------------------------------- |
13 |
// $Id: User.php,v 1.15 2004/03/11 21:04:48 jonen Exp $ |
14 |
// ----------------------------------------------------------------------------- |
15 |
// $Log: User.php,v $ |
16 |
// Revision 1.15 2004/03/11 21:04:48 jonen |
17 |
// +changed backend-functions to only get/save User ONLY not SOME object (security!) |
18 |
// |
19 |
// Revision 1.14 2003/07/02 11:02:09 joko |
20 |
// + fixed bug with create/_create |
21 |
// |
22 |
// Revision 1.13 2003/04/04 02:15:09 joko |
23 |
// renamed method of helper object |
24 |
// |
25 |
// Revision 1.12 2003/03/03 21:20:47 joko |
26 |
// mungled the namespaces |
27 |
// |
28 |
// Revision 1.11 2003/02/14 14:22:06 joko |
29 |
// + always (re-)tries to connect |
30 |
// |
31 |
// Revision 1.10 2003/02/13 21:58:39 joko |
32 |
// + caching mechanisms more configurable now |
33 |
// |
34 |
// Revision 1.9 2003/02/09 17:46:26 joko |
35 |
// + now utilizing DesignPattern::RemoteProxy and Data::Deep |
36 |
// |
37 |
// Revision 1.8 2002/12/28 01:16:42 jonen |
38 |
// + added clear of $this->state[autologout] at 'hadTimeout()' |
39 |
// |
40 |
// Revision 1.7 2002/12/23 11:32:28 jonen |
41 |
// + added inserting of uservars on '_create' to frontend db(needed to login user after create!) |
42 |
// + added hard link to page 'pub/register', TODO: move this out here |
43 |
// |
44 |
// Revision 1.6 2002/12/18 22:46:06 jonen |
45 |
// + added function 'getUserGuid()' |
46 |
// (returns user's 'guid' read from database at function 'login()' (now)) |
47 |
// + function '_loadData()' loads user remote now via 'getUserGuid()' |
48 |
// |
49 |
// Revision 1.5 2002/12/12 21:34:32 joko |
50 |
// + fix in 'function update': invalidate data only if it's not for caching purposes |
51 |
// |
52 |
// Revision 1.4 2002/12/06 04:10:28 joko |
53 |
// + replaced 'xyzCache' through 'xyzProxy' |
54 |
// |
55 |
// Revision 1.3 2002/12/04 07:42:54 jonen |
56 |
// + changes according to backend schema change |
57 |
// |
58 |
// Revision 1.2 2002/12/03 16:47:22 joko |
59 |
// - function preLogout() |
60 |
// + function preLogout($autologout = 0) |
61 |
// + function hadTimeout() |
62 |
// |
63 |
// Revision 1.1 2002/11/12 05:42:31 joko |
64 |
// + initial checkin |
65 |
// |
66 |
// Revision 1.7 2002/10/29 19:09:53 cvsjoko |
67 |
// + function getLastLogin |
68 |
// + function getUserId |
69 |
// |
70 |
// Revision 1.6 2002/10/25 11:18:10 cvsmax |
71 |
// - removed old functions ('logout', 'create',...) |
72 |
// + add function preLogout() # save user session and unset (session) state |
73 |
// |
74 |
// Revision 1.5 2002/10/22 09:47:48 cvsmax |
75 |
// + add new |
76 |
// - function create() # create & save new user-object in session |
77 |
// - function _create($attr) # create & save new user-object in backend |
78 |
// |
79 |
// - purged some very old functions |
80 |
// |
81 |
// Revision 1.4 2002/10/17 03:12:17 cvsmax |
82 |
// -(+) cleaned code from old structure |
83 |
// + function getPostVar($fieldname) |
84 |
// |
85 |
// Revision 1.3 2002/10/10 02:41:57 cvsjoko |
86 |
// + fixed typo |
87 |
// |
88 |
// Revision 1.2 2002/10/10 02:34:33 cvsjoko |
89 |
// + new level of data-caching (session and persistant) |
90 |
// + function _save() |
91 |
// + function save() |
92 |
// + handling (storing/caching) of POSTed data |
93 |
// + function getPostVars() |
94 |
// + function setPostVars() |
95 |
// + handy utils |
96 |
// + function doDataReady() cares for ready data to continue working |
97 |
// + function refresh() clears underlying data container and makes data "unready" |
98 |
// |
99 |
// Revision 1.1 2002/10/09 00:40:13 cvsjoko |
100 |
// + new |
101 |
// |
102 |
// |
103 |
// ----------------------------------------------------------------------------- |
104 |
|
105 |
|
106 |
/** |
107 |
* This is the User class. |
108 |
* |
109 |
* @author Andreas Motl <andreas.motl@ilo.de> |
110 |
* @package org.netfrag.flib |
111 |
* @name Tracker::User |
112 |
* |
113 |
*/ |
114 |
class User { |
115 |
|
116 |
var $state; |
117 |
var $meta; |
118 |
|
119 |
var $pObject; |
120 |
var $data; |
121 |
|
122 |
|
123 |
function User() { |
124 |
|
125 |
// attention: |
126 |
// this code is only run when your session is _really_ fresh |
127 |
if (session_register_safe('userstate')) { |
128 |
} |
129 |
|
130 |
$this->_loadState(); |
131 |
$this->meta[logontoken] = 'k&%g2'; |
132 |
|
133 |
// print dumpVar($_SESSION); |
134 |
|
135 |
} |
136 |
|
137 |
function _loadState() { |
138 |
global $userstate; |
139 |
$this->state = $userstate; |
140 |
} |
141 |
function _saveState() { |
142 |
global $userstate; |
143 |
$userstate = $this->state; |
144 |
} |
145 |
|
146 |
|
147 |
function _loadData() { |
148 |
$this->meta[data_ready] = 1; |
149 |
//$this->pObject = new ProxyObject($this->getUserGuid(), array( remote => 1, classname => "NetPerson", guid => 1) ); |
150 |
$rpcinfo = $this->site->configuration->get("rpcinfo"); |
151 |
//$this->pObject = mkObject('DesignPattern::RemoteProxy', $this->getUserGuid(), array( remote => 1, classname => "NetPerson", guid => 1, rpcinfo => $rpcinfo, cache => array( db => 1, session => 1 ), connect => 1 ) ); |
152 |
$this->pObject = mkObject('DesignPattern::RemoteProxy', $this->getUserGuid(), array( key => 1, command => 'getUser', query => $this->getUserGuid(), remote => 1, rpcinfo => $rpcinfo, cache => array( db => 1, session => 1 ), connect => 1 ) ); |
153 |
if ($this->getUserGuid()) { |
154 |
$this->data = $this->pObject->getResult(); |
155 |
} |
156 |
} |
157 |
|
158 |
function _saveData($newRawData) { |
159 |
|
160 |
//print "newRawData: " . Dumper($newRawData) . "<br>"; |
161 |
foreach ($newRawData as $key => $val) { |
162 |
//print "$key => $val<br>"; |
163 |
$this->set($key, $val); |
164 |
} |
165 |
|
166 |
$this->_save("cache"); |
167 |
|
168 |
//$this->pObject->flushProxy(); // done in "pObject->save" |
169 |
|
170 |
} |
171 |
|
172 |
function _save($type = '') { |
173 |
//print Dumper($this->data); |
174 |
//$this->pObject->save($this->data, $type); |
175 |
// new of 2004-03-08: don't use generic 'saveObject'!! |
176 |
// for security reasons disabled at ClientBackend!!! |
177 |
if($type == 'commit') { |
178 |
$args = array( 'guid' => $this->data[guid], 'data' => $this->data ); |
179 |
$this->pObject->backend->send('saveUser', $args, array( utf8 => 1) ); |
180 |
$this->_save_local(); |
181 |
} |
182 |
// invalidate data only if it's not for caching purposes |
183 |
if ($type != 'cache') { |
184 |
$this->meta[data_ready] = 0; |
185 |
} |
186 |
} |
187 |
|
188 |
function _save_local() { |
189 |
connectdb(); |
190 |
$username = $this->get('userData.username'); |
191 |
$password = $this->get('userData.password'); |
192 |
$sql = "UPDATE td_users SET pass='$password' WHERE uname='$username'"; |
193 |
$res = send_sql($sql); |
194 |
} |
195 |
|
196 |
function save() { |
197 |
$this->_doDataReady(); |
198 |
$this->_save("commit"); |
199 |
} |
200 |
|
201 |
function create() { |
202 |
$this->_save(); |
203 |
$attr = $this->pObject->getResult(); |
204 |
//print DumpVar($attr); |
205 |
$this->_create($attr); |
206 |
} |
207 |
|
208 |
function createGuest() { |
209 |
if($this->isLoggedOn) { return; } |
210 |
//$this->_save(); |
211 |
//$attr = $this->pObject->getResult(); |
212 |
//print DumpVar($attr); |
213 |
$data = $this->_createGuest(); |
214 |
return $data; |
215 |
} |
216 |
|
217 |
function _create($result) { |
218 |
global $site; |
219 |
//print "saving to backend: " . dumpVar($result) . "<br>"; |
220 |
$response = $this->pObject->backend->send('createUser', array('data' => $result) ); |
221 |
$objectId = $response[oid]; |
222 |
if($objectId) { |
223 |
connectdb(); |
224 |
$guid = $response[guid]; |
225 |
$username = $this->get('userData.username'); |
226 |
$password = $this->get('userData.password'); |
227 |
$sql = "INSERT into td_users VALUES ( '$objectId', '$guid', '', '$username', '$password','' )"; |
228 |
$res = send_sql($sql); |
229 |
} |
230 |
else { |
231 |
// TODO: handle this with a generic rpc-debug/pending function |
232 |
$site->session->set('register_error', 'rpc_error'); |
233 |
$site->redirect( getlink('/pub/register/') ); |
234 |
} |
235 |
//$this->_init($objectId); |
236 |
} |
237 |
|
238 |
function _createGuest() { |
239 |
global $site; |
240 |
//print "saving to backend: " . dumpVar($result) . "<br>"; |
241 |
if(!$this->pObject) { |
242 |
$rpcinfo = $this->site->configuration->get("rpcinfo"); |
243 |
$pObject = mkObject('DesignPattern::RemoteProxy', 'guest', array( key => 1, command => 'createGuestUser', '', remote => 1, rpcinfo => $rpcinfo, cache => array( db => 1, session => 1 ), connect => 1 ) ); |
244 |
$response = $pObject->getResult(); |
245 |
} else { |
246 |
$response = $this->pObject->backend->send('createGuestUser'); |
247 |
} |
248 |
//print "response: " . Dumper($response) . "<br>"; |
249 |
$objectId = $response[oid]; |
250 |
if($objectId) { |
251 |
return $response; |
252 |
} |
253 |
else { |
254 |
// TODO: handle this with a generic rpc-debug/pending function |
255 |
$site->session->set('login_error', 'rpc_error'); |
256 |
$site->redirect( getlink('/pub/login/') ); |
257 |
} |
258 |
//$this->_init($objectId); |
259 |
} |
260 |
|
261 |
function get($attr) { |
262 |
$this->_doDataReady(); |
263 |
$deep = new Data_Deep($this->data); |
264 |
return $deep->get($attr); |
265 |
} |
266 |
function set($attr, $val) { |
267 |
$this->_doDataReady(); |
268 |
$deep = new Data_Deep($this->data); |
269 |
$deep->set($attr, $val); |
270 |
} |
271 |
|
272 |
function isLoggedOn() { |
273 |
if ($this->state[id] && $this->state[status] == $this->meta[logontoken]) { |
274 |
return 1; |
275 |
} |
276 |
} |
277 |
|
278 |
|
279 |
//===== function userlogin ========================= |
280 |
function login($user,$passwd) { |
281 |
connectdb(); |
282 |
//$sql = "SELECT * FROM td_users WHERE uname='$user'"; |
283 |
$sql = "SELECT user_oid, guid, uname, pass FROM td_users WHERE uname='$user'"; |
284 |
if ($res=send_sql($sql)) { |
285 |
$row = mysql_fetch_array($res,MYSQL_ASSOC); |
286 |
if (!is_array($row)) { return 0; } |
287 |
} |
288 |
if ($row[pass] == $passwd) { |
289 |
//return $uservars_db; |
290 |
// store 1st priority user-data to state |
291 |
$this->state[id] = $row[user_oid]; |
292 |
$this->state[guid] = $row[guid]; |
293 |
$this->state[status] = $this->meta[logontoken]; |
294 |
$this->_saveState(); |
295 |
$this->site->log( get_class($this) . "->login ok", PEAR_LOG_NOTICE ); |
296 |
return 1; |
297 |
} else { |
298 |
return 0; |
299 |
} |
300 |
} |
301 |
|
302 |
//===== function guestlogin ========================= |
303 |
function loginGuest($data) { |
304 |
// store 1st priority user-data to state |
305 |
$this->state[id] = $data[oid]; |
306 |
$this->state[guid] = $data[guid]; |
307 |
$this->state[status] = $this->meta[logontoken]; |
308 |
$this->_saveState(); |
309 |
$this->site->log( get_class($this) . "->guest-login ok", PEAR_LOG_NOTICE ); |
310 |
return 1; |
311 |
} |
312 |
|
313 |
function exists($string) { |
314 |
connectdb(); |
315 |
$sql = "SELECT uname FROM td_users WHERE uname='$string'"; |
316 |
if ($res=send_sql($sql)) { |
317 |
$row = mysql_fetch_array($res,MYSQL_ASSOC); |
318 |
|
319 |
if (is_array($row)) { |
320 |
return 1; |
321 |
} |
322 |
} |
323 |
|
324 |
} |
325 |
|
326 |
|
327 |
function update($vars) { |
328 |
$this->setPostVars($vars); |
329 |
//print Dumper($vars); |
330 |
$data = $this->_transformInputData($vars); |
331 |
//print Dumper($data); |
332 |
$this->_saveData($data); |
333 |
} |
334 |
|
335 |
function _transformInputData(&$uservars) { |
336 |
global $def_mapping; |
337 |
$mapping_uservars2data = array_flip($def_mapping[data2uservars]); |
338 |
foreach ($uservars as $key => $val) { |
339 |
$key_target = $mapping_uservars2data[$key]; |
340 |
if($key_target != '') { |
341 |
//print "$key => $key_target: $val<br>"; |
342 |
$target[$key_target] = $val; |
343 |
} |
344 |
} |
345 |
return $target; |
346 |
} |
347 |
|
348 |
function logout() { |
349 |
|
350 |
global $site; |
351 |
|
352 |
// get information about user from site |
353 |
$userid = $this->getUserId(); |
354 |
|
355 |
$this->site->log( get_class($this) . "->logout: userid $userid", PEAR_LOG_NOTICE ); |
356 |
|
357 |
// get information about session from php |
358 |
$session_id = session_id(); |
359 |
$session_name = session_name(); |
360 |
|
361 |
// session-sqldb related |
362 |
$date = date('Y-m-d H:i:s', time()); |
363 |
$session_e = $site->session->exists($session_id); |
364 |
$sql = "UPDATE f_map_user_session SET date_logged_out='$date' WHERE session_uid='$session_e[session_uid]' AND user_uid='$userid'"; |
365 |
$res = send_sql($sql); |
366 |
|
367 |
// destroy user's session at server-side |
368 |
$session_name = session_name(); |
369 |
session_destroy(); |
370 |
|
371 |
// overwrite session-variables - to be sure ;) |
372 |
$_SESSION = array(); |
373 |
unset($_COOKIE[$session_name]); |
374 |
|
375 |
} |
376 |
|
377 |
function preLogout($autologout = 0) { |
378 |
global $site; |
379 |
$this->state[status] = ''; |
380 |
$this->state[autologout] = $autologout; |
381 |
$this->_saveState(); |
382 |
} |
383 |
|
384 |
function getAccountSum() { |
385 |
// store additional user-data to state |
386 |
if (!$this->state[accountSum]) { |
387 |
$this->state[accountSum] = $this->get("account.amount"); |
388 |
$this->_saveState(); |
389 |
} |
390 |
return $this->state[accountSum]; |
391 |
} |
392 |
|
393 |
function getAccountCurrency() { |
394 |
// store additional user-data to state |
395 |
if (!$this->state[accountCurrency]) { |
396 |
$this->state[accountCurrency] = $this->get("account.currency"); |
397 |
$this->_saveState(); |
398 |
} |
399 |
//print "state: " . $this->get("financeInfo.currency") . "<br>"; |
400 |
return $this->state[accountCurrency]; |
401 |
} |
402 |
|
403 |
function refresh() { |
404 |
if ($this->pObject) {$this->pObject->flushState();} |
405 |
$this->meta[data_ready] = 0; |
406 |
} |
407 |
|
408 |
function _doDataReady() { |
409 |
if (!$this->meta[data_ready]) { $this->_loadData(); } |
410 |
} |
411 |
|
412 |
function getLastLogin() { |
413 |
$userid = $this->getUserId(); |
414 |
connectdb(); |
415 |
$sql = "SELECT * FROM f_map_user_session WHERE user_uid='$userid' AND last='1'"; |
416 |
$res = send_sql($sql); |
417 |
while($row = mysql_fetch_array($res,MYSQL_BOTH)) { |
418 |
if($row[date_logged_out]=="0000-00-00 00:00:00") { |
419 |
$date = $row[date_logged_in]; |
420 |
} else { |
421 |
$date = $row[date_logged_out]; |
422 |
} |
423 |
$lastLogin = strftime("%d %b %Y - %H:%M",strtotime($date)); |
424 |
} |
425 |
return $lastLogin; |
426 |
} |
427 |
|
428 |
function getUserId() { |
429 |
return $this->state[id]; |
430 |
} |
431 |
|
432 |
function getUserGuid() { |
433 |
return $this->state[guid]; |
434 |
} |
435 |
|
436 |
function getPostVars() { |
437 |
return $this->state[postvars]; |
438 |
} |
439 |
|
440 |
function setPostVars($postvars) { |
441 |
$this->state[postvars] = $postvars; |
442 |
$this->_saveState(); |
443 |
} |
444 |
|
445 |
function getPostVar($var) { |
446 |
return $this->state[postvars][$var]; |
447 |
} |
448 |
|
449 |
function hadTimeout() { |
450 |
if ($this->state[autologout]) { $this->state[autologout] = ''; return 1; } |
451 |
} |
452 |
|
453 |
function getNewMessages() { |
454 |
$messages = array(); |
455 |
$userguid = $this->getUserGuid(); |
456 |
connectdb(); |
457 |
$sql = "SELECT * FROM td_message WHERE target_guid='$userguid' AND new='1'"; |
458 |
if ($res=send_sql($sql)) { |
459 |
while($row = mysql_fetch_array($res,MYSQL_ASSOC)) { |
460 |
if (!is_array($row)) { return 0; } |
461 |
array_push($messages, $row); |
462 |
} |
463 |
} |
464 |
return $messages; |
465 |
} |
466 |
|
467 |
function markNewMessage($mid) { |
468 |
connectdb(); |
469 |
$sql = "UPDATE td_message SET new='0' WHERE mid='$mid'"; |
470 |
if(!$res=send_sql($sql)) { |
471 |
return "Message not found!"; |
472 |
} |
473 |
} |
474 |
|
475 |
} |
476 |
|
477 |
?> |