1 : <?php
2 :
3 : /**
4 : * PHPDevShell is a RAD Framework aimed at developing administrative applications.
5 : *
6 : * @package PHPDevShell
7 : * @link http://www.phpdevshell.org
8 : * @copyright Copyright (C) 2007 Jason Schoeman, All rights reserved.
9 : * @license GNU/LGPL, see readme/licensed_under_lgpl or http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
10 : *
11 : * Copyright notice: See readme/notice
12 : * By using PHPDevShell you agree to notice and license, if you dont agree to this notice/license you are not allowed to use PHPDevShell.
13 : *
14 : */
15 :
16 : /**
17 : * A class representing a user in PHPDevShell.
18 : *
19 : * Can be used to examine / modify an existing user, or create / import a new user
20 : *
21 : * @date 20091125
22 : * @version 1.0.1
23 : * @author Greg, Jason
24 : */
25 : class PHPDS_user extends user
26 : {
27 : /**
28 : * Stores string of groups for specific user.
29 : *
30 : * @var string
31 : */
32 : public $mergeGroups;
33 : /**
34 : * Stores string of roles for specific user.
35 : *
36 : * @var string
37 : */
38 : public $mergeRoles;
39 : /**
40 : * Set roles that exists.
41 : *
42 : * @var array
43 : */
44 : public $rolesArray;
45 : /**
46 : * Set groups that exists.
47 : *
48 : * @var array
49 : */
50 : public $groupsArray;
51 : /**
52 : * Array contains parent groups.
53 : *
54 : * @var array
55 : */
56 : public $parentGroups;
57 :
58 : /**
59 : * This function gets all role id's for a given user id, while returning a string divided by ',' character or an array with ids.
60 : * To pull multiple user roles, provide a string for $user_ids like so: '2,5,10,19'.
61 : *
62 : * @param string $user_id
63 : * @param boolean $return_array
64 : * @return mixed If $return_array = false a comma delimited string will be returned, else an array.
65 : * @author Jason Schoeman <titan@phpdevshell.org>
66 : */
67 : public function getRoles($user_id = false, $return_array = false)
68 : {
69 0 : return $this->db->invokeQuery('USER_getRolesQuery', $user_id, $return_array);
70 : }
71 :
72 : /**
73 : * This function gets all group id's for given user ids, while returning a string divided by ',' character or an array with ids.
74 : * To pull multiple user groups, provide a string for $user_ids like so : '2,5,10,19'.
75 : *
76 : * @param string $user_id Leave this field empty if you want skip if user is root.
77 : * @param boolean $return_array
78 : * @return mixed If $return_array = false a comma delimited string will be returned, else an array.
79 : * @author Jason Schoeman <titan@phpdevshell.org>
80 : */
81 : public function getGroups($user_id = false, $return_array = false, $alias_only = false)
82 : {
83 : // $alias_only is deprecated and replaced by tagger.
84 0 : $groups = $this->db->invokeQuery('USER_getGroupsQuery', $user_id, $return_array);
85 0 : return $groups;
86 : }
87 :
88 : /**
89 : * Will dig deeper for children of groups.
90 : *
91 : * @param int $group_id
92 : * @return string
93 : */
94 : public function findGroupChildren($group_id)
95 : {
96 : // Return found results.
97 0 : return $this->db->invokeQuery('USER_findGroupChildren',$group_id);
98 : }
99 :
100 : /**
101 : * Simple check to see if a certain role exists.
102 : *
103 : * @param integer $role_id
104 : * @return boolean
105 : */
106 : public function roleExist($role_id)
107 : {
108 0 : return $this->db->invokeQuery('USER_roleExistQuery', $role_id);
109 : }
110 :
111 : /**
112 : * Simple check to see if a certain group exists.
113 : *
114 : * @param integer $group_id
115 : * @return boolean
116 : */
117 : public function groupExist($group_id)
118 : {
119 0 : return $this->db->invokeQuery('USER_groupExistQuery', $group_id);
120 : }
121 :
122 : /**
123 : * Check if user belongs to given role. Returns true if user belongs to user role.
124 : *
125 : * @param integer $user_id
126 : * @param integer $user_role
127 : * @return boolean Returns true if user belongs to user role.
128 : * @author Jason Schoeman <titan@phpdevshell.org>
129 : */
130 : public function belongsToRole($user_id = false, $user_role)
131 : {
132 0 : return $this->db->invokeQuery('USER_belongsToRoleQuery', $user_id, $user_role);
133 : }
134 :
135 : /**
136 : * Check if user belongs to given group. Returns true if user belongs to user group.
137 : *
138 : * @param integer $user_id
139 : * @param integer $user_group
140 : * @return boolean Returns true if user belongs to user group.
141 : * @author Jason Schoeman <titan@phpdevshell.org>
142 : */
143 : public function belongsToGroup($user_id = false, $user_group)
144 : {
145 : // We need to check what user group this user belongs to.
146 : // This user belongs to root group, so it is safe to allow.
147 0 : if ($this->user->isRoot($user_id)) return true;
148 : // Check if we have a user id.
149 0 : if (empty($user_id)) {
150 : // Use default id.
151 0 : (!empty($this->configuration['user_id'])) ? $user_id = $this->configuration['user_id'] : $user_id = false;
152 0 : }
153 : // Call groups and list them all.
154 0 : $user_groups_arr = array_flip($this->getGroups($user_id, true));
155 : // Lets check if this user exists.
156 0 : if (array_key_exists($user_group, $user_groups_arr)) {
157 0 : return true;
158 : } else {
159 0 : return false;
160 : }
161 : }
162 :
163 : /**
164 : * Creates a query to extend a role query, it will return false if user is root so everything can get listed.
165 : * This is meant to be used inside an existing role query.
166 : *
167 : * @param string $query_request Normal query to be returned if user is not a root user.
168 : * @param string $query_root_request If you want a query to be processed for a root user seperately.
169 : * @return mixed
170 : */
171 : public function setRoleQuery($query_request, $query_root_request = false)
172 : {
173 : // Check if it is a root user, if it is, we dont need to return anything cause everything should be listed.
174 0 : if ($this->user->isRoot()) {
175 : // This user belongs to root role, so it is safe to allow.
176 0 : if (!empty($query_root_request)) {
177 0 : return " $query_root_request ";
178 : } else {
179 0 : return false;
180 : }
181 : } else {
182 : // Set query line.
183 0 : return " $query_request ";
184 : }
185 : }
186 :
187 : /**
188 : * Creates a query to extend a group query, it will return false if user is root so everything can get listed.
189 : * This is meant to be used inside an existing group query.
190 : *
191 : * @param string $query_request Normal query to be returned if user is not a root user.
192 : * @param string $query_root_request If you want a query to be processed for a root user seperately.
193 : * @return mixed
194 : */
195 : public function setGroupQuery($query_request, $query_root_request = false)
196 : {
197 : // Check if it is a root user, if it is, we dont need to return anything cause everything should be listed.
198 0 : if ($this->user->isRoot()) {
199 : // This user belongs to root group, so it is safe to allow.
200 0 : if (!empty($query_root_request)) {
201 0 : return " $query_root_request ";
202 : } else {
203 0 : return false;
204 : }
205 : } else {
206 : // Set query line.
207 0 : return " $query_request ";
208 : }
209 : }
210 :
211 : /**
212 : * Check if user is a root user.
213 : *
214 : * @date 20100608 (v1.0.1) (greg) moved to query system
215 : * @param mixed $user_id If not logged in user, what user should be checked (primary role check only).
216 : * @return boolean
217 : */
218 : public function isRoot($user_id = false)
219 : {
220 : // Check if we are doing a custom check on a user.
221 : // If we have a given user id we need to handle this differently.
222 0 : if (!empty($user_id)) {
223 : // Check if we are checking an active logged in user.
224 0 : if ($this->configuration['user_id'] == $user_id) {
225 : // We are checking a logged in user.
226 0 : if ($this->configuration['user_role'] == $this->configuration['root_role']) {
227 : // Is root! Nice!
228 0 : return true;
229 : } else {
230 : // We did not get anywhere, this user is not a root user.
231 0 : return false;
232 : }
233 : } else {
234 : // Oh ok, we need to delve deeper so we can find out who this user is.
235 0 : $check_role_id = $this->db->invokeQuery('USER_isRootQuery', $user_id);
236 : // Ok is this a role user or not.
237 0 : if ($check_role_id == $this->configuration['root_role']) {
238 0 : return true;
239 : } else {
240 0 : return false;
241 : }
242 : }
243 0 : } else if (($this->configuration['user_role'] == $this->configuration['root_role'])) {
244 0 : return true;
245 : } else {
246 0 : return false;
247 : }
248 : }
249 :
250 : /**
251 : * Returns current logged in user id.
252 : *
253 : * @return integer
254 : */
255 : public function currentUserID()
256 : {
257 0 : if (! empty($this->configuration['user_id'])) {
258 0 : return $this->configuration['user_id'];
259 : } else {
260 0 : return false;
261 : }
262 : }
263 :
264 : /**
265 : * Check if the currently logged in user is the same group as the given user.
266 : *
267 : * This can be used to check if the current user is allowed access to the given user's data
268 : *
269 : * @date 20100222
270 : * @version 1.0
271 : * @author greg
272 : * @param $user_id integer, the ID of the other user
273 : * @return boolean, whether the current user is in the same group
274 : */
275 : public function isSameGroup($user_id)
276 : {
277 0 : $edit = $this->db->invokeQuery('USER_isSameGroupQuery', $user_id);
278 0 : return (!empty($edit['user_id']));
279 : }
280 :
281 : /**
282 : * Simple method to return users IP, this method will be improved in the future if needed.
283 : *
284 : * @return string
285 : */
286 : public function userIp()
287 : {
288 0 : return $this->getUserIp();
289 : }
290 :
291 : /**
292 : * Simple method to return users IP, this method will be improved in the future if needed.
293 : *
294 : * @version 1.0.1
295 : * @date 20110315 (v1.0.1) (greg) fix a possible undef when not used through a webserver
296 : *
297 : * @return string
298 : */
299 : public function getUserIp()
300 : {
301 : // Extremely basic form of IP tracking.
302 0 : if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
303 : // If user comes from proxy.
304 0 : return $_SERVER['HTTP_X_FORWARDED_FOR'];
305 : } else {
306 : // No proxy, show remote address.
307 0 : return isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : false;
308 : }
309 : }
310 :
311 : /**
312 : * Check is user is logged in, return false if not.
313 : *
314 : * @return boolean
315 : */
316 : public function isLoggedIn()
317 : {
318 : // Do a simple check to see if user is logged in.
319 0 : if (empty($_SESSION['user_id'])) {
320 0 : return false;
321 : } else {
322 0 : return true;
323 : }
324 : }
325 :
326 : /**
327 : * Check if a user has access to a given menu id.
328 : *
329 : * @version 1.0.1
330 : * @date 20091105 fixed a possible warning when the menu is not in the list (i.e. the user is not allowed)
331 : *
332 : * @param mixed This can have both the menu id as an integer or as a string.
333 : * @param string The type of item requested, menu_id, menu_name etc...
334 : * @return boolean Will return requested variable if user has access to requested menu item menu item.
335 : */
336 : public function canAccessMenu($menu_id, $type = 'menu_id')
337 : {
338 : // Do a simple check to see if menu id exists.
339 0 : if (!empty($this->navigation->navigation[$menu_id][$type])) {
340 : // If access is allowed return true.
341 0 : return $this->navigation->navigation[$menu_id][$type];
342 : } else {
343 : // If access is denied return false.
344 0 : return false;
345 : }
346 : }
347 :
348 : /**
349 : * Simply writes user session data.
350 : *
351 : * @date 20110622
352 : * @version 1.1
353 : * @author Jason Schoeman
354 : */
355 : public function userConfig()
356 : {
357 0 : $conf = $this->configuration;
358 :
359 0 : $conf['user_id'] = empty($_SESSION['user_id']) ? 0 : $_SESSION['user_id'];
360 0 : $conf['user_name'] = empty($_SESSION['user_name']) ? '' : $_SESSION['user_name'];
361 0 : $conf['user_display_name'] = empty($_SESSION['user_display_name']) ? '' : $_SESSION['user_display_name'];
362 0 : $conf['user_group'] = empty($_SESSION['user_group']) ? 0 : $_SESSION['user_group'];
363 0 : $conf['user_role'] = empty($_SESSION['user_role']) ? 0 : $_SESSION['user_role'];
364 0 : $conf['user_email'] = empty($_SESSION['user_email']) ? '' : $_SESSION['user_email'];
365 0 : $conf['user_language'] = empty($_SESSION['user_language']) ? '' : $_SESSION['user_language'];
366 0 : $conf['user_region'] = empty($_SESSION['user_region']) ? '' : $_SESSION['user_region'];
367 0 : $conf['user_timezone'] = empty($_SESSION['user_timezone']) ? '' : $_SESSION['user_timezone'];
368 0 : $conf['user_locale'] = empty($_SESSION['user_locale']) ? $this->core->formatLocale() : $_SESSION['user_locale'];
369 0 : }
370 :
371 : /**
372 : * Actual processing of login page.
373 : *
374 : * @verion 1.0.0
375 : * @date 2011-06-20
376 : * @author Jason Schoeman
377 : */
378 : public function controlLogin()
379 : {
380 : // Call class only when required to do so.
381 0 : if (! isset($_SESSION['user_id']) || ! empty($_POST['login']) || ! empty($_REQUEST['logout'])) {
382 0 : $this->factory('StandardLogin')->controlLogin();
383 0 : }
384 :
385 0 : $this->userConfig();
386 0 : }
387 : }
|