1 |
<? |
2 |
/** |
3 |
* This file contains the Tracker::User module. |
4 |
* |
5 |
* @author Andreas Motl <andreas.motl@ilo.de> |
6 |
* @package org.netfrag.flib |
7 |
* @name Tracker::User |
8 |
* |
9 |
*/ |
10 |
|
11 |
|
12 |
// ----------------------------------------------------------------------------- |
13 |
// $Id: User.php,v 1.17 2004/06/07 16:54:53 joko Exp $ |
14 |
// ----------------------------------------------------------------------------- |
15 |
// $Log: User.php,v $ |
16 |
// Revision 1.17 2004/06/07 16:54:53 joko |
17 |
// modified cache-key |
18 |
// added cache-control |
19 |
// |
20 |
// Revision 1.16 2004/05/06 13:02:09 jonen |
21 |
// + added/modified functions related to User-Messages |
22 |
// |
23 |
// Revision 1.15 2004/03/11 21:04:48 jonen |
24 |
// +changed backend-functions to only get/save User ONLY not SOME object (security!) |
25 |
// |
26 |
// Revision 1.14 2003/07/02 11:02:09 joko |
27 |
// + fixed bug with create/_create |
28 |
// |
29 |
// Revision 1.13 2003/04/04 02:15:09 joko |
30 |
// renamed method of helper object |
31 |
// |
32 |
// Revision 1.12 2003/03/03 21:20:47 joko |
33 |
// mungled the namespaces |
34 |
// |
35 |
// Revision 1.11 2003/02/14 14:22:06 joko |
36 |
// + always (re-)tries to connect |
37 |
// |
38 |
// Revision 1.10 2003/02/13 21:58:39 joko |
39 |
// + caching mechanisms more configurable now |
40 |
// |
41 |
// Revision 1.9 2003/02/09 17:46:26 joko |
42 |
// + now utilizing DesignPattern::RemoteProxy and Data::Deep |
43 |
// |
44 |
// Revision 1.8 2002/12/28 01:16:42 jonen |
45 |
// + added clear of $this->state[autologout] at 'hadTimeout()' |
46 |
// |
47 |
// Revision 1.7 2002/12/23 11:32:28 jonen |
48 |
// + added inserting of uservars on '_create' to frontend db(needed to login user after create!) |
49 |
// + added hard link to page 'pub/register', TODO: move this out here |
50 |
// |
51 |
// Revision 1.6 2002/12/18 22:46:06 jonen |
52 |
// + added function 'getUserGuid()' |
53 |
// (returns user's 'guid' read from database at function 'login()' (now)) |
54 |
// + function '_loadData()' loads user remote now via 'getUserGuid()' |
55 |
// |
56 |
// Revision 1.5 2002/12/12 21:34:32 joko |
57 |
// + fix in 'function update': invalidate data only if it's not for caching purposes |
58 |
// |
59 |
// Revision 1.4 2002/12/06 04:10:28 joko |
60 |
// + replaced 'xyzCache' through 'xyzProxy' |
61 |
// |
62 |
// Revision 1.3 2002/12/04 07:42:54 jonen |
63 |
// + changes according to backend schema change |
64 |
// |
65 |
// Revision 1.2 2002/12/03 16:47:22 joko |
66 |
// - function preLogout() |
67 |
// + function preLogout($autologout = 0) |
68 |
// + function hadTimeout() |
69 |
// |
70 |
// Revision 1.1 2002/11/12 05:42:31 joko |
71 |
// + initial checkin |
72 |
// |
73 |
// Revision 1.7 2002/10/29 19:09:53 cvsjoko |
74 |
// + function getLastLogin |
75 |
// + function getUserId |
76 |
// |
77 |
// Revision 1.6 2002/10/25 11:18:10 cvsmax |
78 |
// - removed old functions ('logout', 'create',...) |
79 |
// + add function preLogout() # save user session and unset (session) state |
80 |
// |
81 |
// Revision 1.5 2002/10/22 09:47:48 cvsmax |
82 |
// + add new |
83 |
// - function create() # create & save new user-object in session |
84 |
// - function _create($attr) # create & save new user-object in backend |
85 |
// |
86 |
// - purged some very old functions |
87 |
// |
88 |
// Revision 1.4 2002/10/17 03:12:17 cvsmax |
89 |
// -(+) cleaned code from old structure |
90 |
// + function getPostVar($fieldname) |
91 |
// |
92 |
// Revision 1.3 2002/10/10 02:41:57 cvsjoko |
93 |
// + fixed typo |
94 |
// |
95 |
// Revision 1.2 2002/10/10 02:34:33 cvsjoko |
96 |
// + new level of data-caching (session and persistant) |
97 |
// + function _save() |
98 |
// + function save() |
99 |
// + handling (storing/caching) of POSTed data |
100 |
// + function getPostVars() |
101 |
// + function setPostVars() |
102 |
// + handy utils |
103 |
// + function doDataReady() cares for ready data to continue working |
104 |
// + function refresh() clears underlying data container and makes data "unready" |
105 |
// |
106 |
// Revision 1.1 2002/10/09 00:40:13 cvsjoko |
107 |
// + new |
108 |
// |
109 |
// |
110 |
// ----------------------------------------------------------------------------- |
111 |
|
112 |
|
113 |
/** |
114 |
* This is the User class. |
115 |
* |
116 |
* @author Andreas Motl <andreas.motl@ilo.de> |
117 |
* @package org.netfrag.flib |
118 |
* @name Tracker::User |
119 |
* |
120 |
*/ |
121 |
class User { |
122 |
|
123 |
var $state; |
124 |
var $meta; |
125 |
|
126 |
var $pObject; |
127 |
var $data; |
128 |
|
129 |
|
130 |
function User() { |
131 |
|
132 |
// attention: |
133 |
// this code is only run when your session is _really_ fresh |
134 |
if (session_register_safe('userstate')) { |
135 |
} |
136 |
|
137 |
$this->_loadState(); |
138 |
$this->meta[logontoken] = 'k&%g2'; |
139 |
|
140 |
// print dumpVar($_SESSION); |
141 |
|
142 |
} |
143 |
|
144 |
function _loadState() { |
145 |
global $userstate; |
146 |
$this->state = $userstate; |
147 |
} |
148 |
function _saveState() { |
149 |
global $userstate; |
150 |
$userstate = $this->state; |
151 |
} |
152 |
|
153 |
|
154 |
function _loadData() { |
155 |
$this->meta[data_ready] = 1; |
156 |
//$this->pObject = new ProxyObject($this->getUserGuid(), array( remote => 1, classname => "NetPerson", guid => 1) ); |
157 |
$rpcinfo = $this->site->configuration->get("rpcinfo"); |
158 |
//$this->pObject = mkObject('DesignPattern::RemoteProxy', $this->getUserGuid(), array( remote => 1, classname => "NetPerson", guid => 1, rpcinfo => $rpcinfo, cache => array( db => 1, session => 1 ), connect => 1 ) ); |
159 |
$cache_key = $this->getUserGuid() . "_user"; |
160 |
$this->pObject = mkObject('DesignPattern::RemoteProxy', $cache_key, array( key => 1, command => 'getUser', query => $this->getUserGuid(), remote => 1, rpcinfo => $rpcinfo, cache => array( db => 1, session => 1 ), connect => 1 ) ); |
161 |
if ($this->getUserGuid()) { |
162 |
$this->data = $this->pObject->getResult(); |
163 |
} |
164 |
} |
165 |
|
166 |
function _saveData($newRawData) { |
167 |
|
168 |
//print "newRawData: " . Dumper($newRawData) . "<br>"; |
169 |
foreach ($newRawData as $key => $val) { |
170 |
//print "$key => $val<br>"; |
171 |
$this->set($key, $val); |
172 |
} |
173 |
|
174 |
$this->_save("cache"); |
175 |
|
176 |
//$this->pObject->flushProxy(); // done in "pObject->save" |
177 |
|
178 |
} |
179 |
|
180 |
function _save($type = '') { |
181 |
//print Dumper($this->data); |
182 |
//$this->pObject->save($this->data, $type); |
183 |
// new of 2004-03-08: don't use generic 'saveObject'!! |
184 |
// for security reasons disabled at ClientBackend!!! |
185 |
if($type == 'commit') { |
186 |
$args = array( 'guid' => $this->data[guid], 'data' => $this->data ); |
187 |
$this->pObject->backend->send('saveUser', $args, array( utf8 => 1) ); |
188 |
$this->_save_local(); |
189 |
$this->refresh(); |
190 |
} |
191 |
// invalidate data only if it's not for caching purposes |
192 |
if ($type != 'cache') { |
193 |
$this->meta[data_ready] = 0; |
194 |
} |
195 |
} |
196 |
|
197 |
function _save_local() { |
198 |
connectdb(); |
199 |
$username = $this->get('userData.username'); |
200 |
$password = $this->get('userData.password'); |
201 |
$sql = "UPDATE td_users SET pass='$password' WHERE uname='$username'"; |
202 |
$res = send_sql($sql); |
203 |
} |
204 |
|
205 |
function save() { |
206 |
$this->_doDataReady(); |
207 |
$this->_save("commit"); |
208 |
} |
209 |
|
210 |
function create() { |
211 |
$this->_save(); |
212 |
$attr = $this->pObject->getResult(); |
213 |
//print DumpVar($attr); |
214 |
$this->_create($attr); |
215 |
} |
216 |
|
217 |
function createGuest() { |
218 |
if($this->isLoggedOn) { return; } |
219 |
//$this->_save(); |
220 |
//$attr = $this->pObject->getResult(); |
221 |
//print DumpVar($attr); |
222 |
$data = $this->_createGuest(); |
223 |
return $data; |
224 |
} |
225 |
|
226 |
function _create($result) { |
227 |
global $site; |
228 |
//print "saving to backend: " . dumpVar($result) . "<br>"; |
229 |
$response = $this->pObject->backend->send('createUser', array('data' => $result) ); |
230 |
$objectId = $response[oid]; |
231 |
if($objectId) { |
232 |
connectdb(); |
233 |
$guid = $response[guid]; |
234 |
$username = $this->get('userData.username'); |
235 |
$password = $this->get('userData.password'); |
236 |
$sql = "INSERT into td_users VALUES ( '$objectId', '$guid', '', '$username', '$password','' )"; |
237 |
$res = send_sql($sql); |
238 |
} |
239 |
else { |
240 |
// TODO: handle this with a generic rpc-debug/pending function |
241 |
$site->session->set('register_error', 'rpc_error'); |
242 |
$site->redirect( getlink('/pub/register/') ); |
243 |
} |
244 |
//$this->_init($objectId); |
245 |
} |
246 |
|
247 |
function _createGuest() { |
248 |
global $site; |
249 |
//print "saving to backend: " . dumpVar($result) . "<br>"; |
250 |
if(!$this->pObject) { |
251 |
$cache_key = php::CreateGUID() . "_guest"; |
252 |
$rpcinfo = $this->site->configuration->get("rpcinfo"); |
253 |
$pObject = mkObject('DesignPattern::RemoteProxy', $cache_key, array( key => 1, command => 'createGuestUser', '', remote => 1, rpcinfo => $rpcinfo, cache => array( db => 1, session => 1 ), connect => 1 ) ); |
254 |
$response = $pObject->getResult(); |
255 |
} else { |
256 |
$response = $this->pObject->backend->send('createGuestUser'); |
257 |
} |
258 |
//print "response: " . Dumper($response) . "<br>"; |
259 |
$objectId = $response[oid]; |
260 |
if($objectId) { |
261 |
return $response; |
262 |
} |
263 |
else { |
264 |
// TODO: handle this with a generic rpc-debug/pending function |
265 |
$site->session->set('login_error', 'rpc_error'); |
266 |
$site->redirect( getlink('/pub/login/') ); |
267 |
} |
268 |
//$this->_init($objectId); |
269 |
} |
270 |
|
271 |
function get($attr) { |
272 |
$this->_doDataReady(); |
273 |
$deep = new Data_Deep($this->data); |
274 |
return $deep->get($attr); |
275 |
} |
276 |
function set($attr, $val) { |
277 |
$this->_doDataReady(); |
278 |
$deep = new Data_Deep($this->data); |
279 |
$deep->set($attr, $val); |
280 |
} |
281 |
|
282 |
function isLoggedOn() { |
283 |
if ($this->state[id] && $this->state[status] == $this->meta[logontoken]) { |
284 |
return 1; |
285 |
} |
286 |
} |
287 |
|
288 |
|
289 |
//===== function userlogin ========================= |
290 |
function login($user,$passwd) { |
291 |
connectdb(); |
292 |
//$sql = "SELECT * FROM td_users WHERE uname='$user'"; |
293 |
$sql = "SELECT user_oid, guid, uname, pass FROM td_users WHERE uname='$user'"; |
294 |
if ($res=send_sql($sql)) { |
295 |
$row = mysql_fetch_array($res,MYSQL_ASSOC); |
296 |
if (!is_array($row)) { return 0; } |
297 |
} |
298 |
if ($row[pass] == $passwd) { |
299 |
//return $uservars_db; |
300 |
// store 1st priority user-data to state |
301 |
$this->state[id] = $row[user_oid]; |
302 |
$this->state[guid] = $row[guid]; |
303 |
$this->state[status] = $this->meta[logontoken]; |
304 |
$this->_saveState(); |
305 |
$this->site->log( get_class($this) . "->login ok", PEAR_LOG_NOTICE ); |
306 |
return 1; |
307 |
} else { |
308 |
return 0; |
309 |
} |
310 |
} |
311 |
|
312 |
//===== function guestlogin ========================= |
313 |
function loginGuest($data) { |
314 |
// store 1st priority user-data to state |
315 |
$this->state[id] = $data[oid]; |
316 |
$this->state[guid] = $data[guid]; |
317 |
$this->state[status] = $this->meta[logontoken]; |
318 |
$this->_saveState(); |
319 |
$this->site->log( get_class($this) . "->guest-login ok", PEAR_LOG_NOTICE ); |
320 |
return 1; |
321 |
} |
322 |
|
323 |
function exists($string) { |
324 |
connectdb(); |
325 |
$sql = "SELECT uname FROM td_users WHERE uname='$string'"; |
326 |
if ($res=send_sql($sql)) { |
327 |
$row = mysql_fetch_array($res,MYSQL_ASSOC); |
328 |
|
329 |
if (is_array($row)) { |
330 |
return 1; |
331 |
} |
332 |
} |
333 |
|
334 |
} |
335 |
|
336 |
|
337 |
function update($vars) { |
338 |
$this->setPostVars($vars); |
339 |
//print Dumper($vars); |
340 |
$data = $this->_transformInputData($vars); |
341 |
//print Dumper($data); |
342 |
$this->_saveData($data); |
343 |
} |
344 |
|
345 |
function _transformInputData(&$uservars) { |
346 |
global $def_mapping; |
347 |
$mapping_uservars2data = array_flip($def_mapping[data2uservars]); |
348 |
foreach ($uservars as $key => $val) { |
349 |
$key_target = $mapping_uservars2data[$key]; |
350 |
if($key_target != '') { |
351 |
//print "$key => $key_target: $val<br>"; |
352 |
$target[$key_target] = $val; |
353 |
} |
354 |
} |
355 |
return $target; |
356 |
} |
357 |
|
358 |
function logout() { |
359 |
|
360 |
global $site; |
361 |
|
362 |
// get information about user from site |
363 |
$userid = $this->getUserId(); |
364 |
|
365 |
$this->site->log( get_class($this) . "->logout: userid $userid", PEAR_LOG_NOTICE ); |
366 |
|
367 |
// get information about session from php |
368 |
$session_id = session_id(); |
369 |
$session_name = session_name(); |
370 |
|
371 |
// session-sqldb related |
372 |
$date = date('Y-m-d H:i:s', time()); |
373 |
$session_e = $site->session->exists($session_id); |
374 |
$sql = "UPDATE f_map_user_session SET date_logged_out='$date' WHERE session_uid='$session_e[session_uid]' AND user_uid='$userid'"; |
375 |
$res = send_sql($sql); |
376 |
|
377 |
// destroy user's session at server-side |
378 |
$session_name = session_name(); |
379 |
session_destroy(); |
380 |
|
381 |
// overwrite session-variables - to be sure ;) |
382 |
$_SESSION = array(); |
383 |
unset($_COOKIE[$session_name]); |
384 |
|
385 |
} |
386 |
|
387 |
function preLogout($autologout = 0) { |
388 |
global $site; |
389 |
$this->state[status] = ''; |
390 |
$this->state[autologout] = $autologout; |
391 |
$this->_saveState(); |
392 |
} |
393 |
|
394 |
function getAccountSum() { |
395 |
// store additional user-data to state |
396 |
if (!$this->state[accountSum]) { |
397 |
$this->state[accountSum] = $this->get("account.amount"); |
398 |
$this->_saveState(); |
399 |
} |
400 |
return $this->state[accountSum]; |
401 |
} |
402 |
|
403 |
function getAccountCurrency() { |
404 |
// store additional user-data to state |
405 |
if (!$this->state[accountCurrency]) { |
406 |
$this->state[accountCurrency] = $this->get("account.currency"); |
407 |
$this->_saveState(); |
408 |
} |
409 |
//print "state: " . $this->get("financeInfo.currency") . "<br>"; |
410 |
return $this->state[accountCurrency]; |
411 |
} |
412 |
|
413 |
function refresh() { |
414 |
if ($this->pObject) {$this->pObject->flush();} |
415 |
$this->meta[data_ready] = 0; |
416 |
} |
417 |
|
418 |
function _doDataReady() { |
419 |
if (!$this->meta[data_ready]) { $this->_loadData(); } |
420 |
} |
421 |
|
422 |
function getLastLogin() { |
423 |
$userid = $this->getUserId(); |
424 |
connectdb(); |
425 |
$sql = "SELECT * FROM f_map_user_session WHERE user_uid='$userid' AND last='1'"; |
426 |
$res = send_sql($sql); |
427 |
while($row = mysql_fetch_array($res,MYSQL_BOTH)) { |
428 |
if($row[date_logged_out]=="0000-00-00 00:00:00") { |
429 |
$date = $row[date_logged_in]; |
430 |
} else { |
431 |
$date = $row[date_logged_out]; |
432 |
} |
433 |
$lastLogin = strftime("%d %b %Y - %H:%M",strtotime($date)); |
434 |
} |
435 |
return $lastLogin; |
436 |
} |
437 |
|
438 |
function getUserId() { |
439 |
return $this->state[id]; |
440 |
} |
441 |
|
442 |
function getUserGuid() { |
443 |
return $this->state[guid]; |
444 |
} |
445 |
|
446 |
function getPostVars() { |
447 |
return $this->state[postvars]; |
448 |
} |
449 |
|
450 |
function setPostVars($postvars) { |
451 |
$this->state[postvars] = $postvars; |
452 |
$this->_saveState(); |
453 |
} |
454 |
|
455 |
function getPostVar($var) { |
456 |
return $this->state[postvars][$var]; |
457 |
} |
458 |
|
459 |
function hadTimeout() { |
460 |
if ($this->state[autologout]) { $this->state[autologout] = ''; return 1; } |
461 |
} |
462 |
|
463 |
function getNewMessages() { |
464 |
$messages = array(); |
465 |
$userguid = $this->getUserGuid(); |
466 |
connectdb(); |
467 |
$sql = "SELECT * FROM td_message WHERE target_guid='$userguid' AND new='1'"; |
468 |
if ($res=send_sql($sql)) { |
469 |
while($row = mysql_fetch_array($res,MYSQL_ASSOC)) { |
470 |
if (!is_array($row)) { return 0; } |
471 |
array_push($messages, $row); |
472 |
} |
473 |
} |
474 |
return $messages; |
475 |
} |
476 |
|
477 |
function markNewMessage($mid) { |
478 |
connectdb(); |
479 |
$sql = "UPDATE td_message SET new='0' WHERE mid='$mid'"; |
480 |
if(!$res=send_sql($sql)) { |
481 |
return "Message not found!"; |
482 |
} |
483 |
} |
484 |
|
485 |
} |
486 |
|
487 |
?> |