File: D:/HostingSpaces/PvdBoogaard/indoorski.nl/backup/oude-site/cms/api/class.user.php
<?php
/**
* This file contains the API user for IWP
*
* @package IWP
**/
/**
* We need to require the base extendable UserClass
**/
IWP::GetLib('class.user');
/**
* This is the user API class
*
* @package IWP
**/
class iwp_user extends UserClass {
/**
* The column listing for the User
*
* @var Array
**/
protected $tableFields = array(
"userid",
"username",
"firstname",
"lastname",
"password",
"biography",
"picture",
"email",
"status",
);
/**
* The name of the database table
*/
protected $baseTableName = "users";
protected $_columns = array(
"userid"=> '',
"username"=> '',
"firstname"=> '',
"lastname"=> '',
"password"=> '',
"biography"=> '',
"picture"=> '',
"email" => '',
"status" => '',
);
protected $data = array(
"userid"=> '',
"username"=> '',
"firstname"=> '',
"lastname"=> '',
"password"=> '',
"biography"=> '',
"picture"=> '',
"email"=> '',
"status" => '',
);
/**
* The primary key for the user table
**/
protected $primaryKey = "userid";
/**
* Holds any validation necessary for this user
*
* @var Array
**/
protected $validation = array();
/**
* This static variable holds the current instance of this object being loaded.
* So using the getInstance function anywhere will return the very same instance.
*
* @var object Instance
**/
public static $Instance;
public static $PermissionOptions;
/**
* getInstance
* This is a static function that sets up the class instance and stores it to the static variable. It will then return that instantiation in the future.
*
* @return iwp_user Returns the instantiated object
**/
public static function getInstance(){
if(!isset(self::$Instance)){
self::$Instance = new self();
}
return self::$Instance;
}
public static function getPermissionOptions ()
{
return self::$PermissionOptions;
}
public function Load ($id = null) {
$success = parent::Load($id);
if ($success) {
$this->data['biography'] = iwp_content::getInstance()->DecodeSiteURLs($this->Get('biography'));
}
return $success;
}
/**
* Returns a granularity list for this class.
*
* @param Integer $total Total will be populated with number of rows found in query (by reference)
* @param String $filter Filter string, optional
* @param Integer $page Page number of records to return, optional
* @return Array List of value/text pairs
*/
public static function getGranularityList (&$total, &$page, $filter = '')
{
$limitStart = ($page * IWP_PERMISSIONGRANULARITEMS_PER_PAGE) - IWP_PERMISSIONGRANULARITEMS_PER_PAGE;
$where = '';
if ($filter) {
$filter = '%'. self::getInstance()->db->Quote($filter) .'%';
$where = sprintf("WHERE (firstname LIKE '%s') OR (lastname LIKE '%s') OR (username LIKE '%s')", $filter, $filter, $filter);
}
$result = self::getInstance()->db->Query(sprintf("SELECT SQL_CALC_FOUND_ROWS userid AS `value`, CONCAT(firstname, ' ', lastname) AS `text` FROM %s %s ORDER BY firstname, lastname LIMIT %d, %d", IWP_TABLE_USERS, $where, $limitStart, IWP_PERMISSIONGRANULARITEMS_PER_PAGE));
$total = self::getInstance()->db->FetchOne('SELECT found_rows()');
$list = array();
if ($result) {
while ($row = self::getInstance()->db->Fetch($result)) {
$row['value'] = (int)$row['value'];
array_push($list, $row);
}
self::getInstance()->db->FreeResult($result);
}
return $list;
}
/**
* Will retrieve a list of groups the provided user in and return associatively
*
* @param Integer $userid
* @return Array
*/
public function GetUserGroups ($userid)
{
$return = array();
if ((int)$userid < 1) {
throw new iwp_exception_user(GetLang('InvalidUserId'));
}
$sql = "SELECT SQL_CALC_FOUND_ROWS " . IWP_TABLE_GROUPASSOC . ".*, " . IWP_TABLE_GROUPS . ".`name` FROM " . IWP_TABLE_GROUPASSOC . " LEFT JOIN " . IWP_TABLE_GROUPS . " ON " . IWP_TABLE_GROUPS . ".`groupid` = " . IWP_TABLE_GROUPASSOC . ".`groupid` WHERE `userid`='" . $this->db->Quote($userid) ."'";
$res = $this->db->Query($sql);
$total = (int)$this->db->FetchOne("SELECT found_rows()");
if ($res && strlen($this->db->GetErrorMsg()) < 1) {
while(($row = $this->db->Fetch($res))) {
$return[] = $row;
}
} else {
throw new iwp_exception_user(GetLang('UserGroupsLoadFailed'));
}
return $return;
}
/**
* Returns an array of associative arrays representing the user data for the provided list of users
*
* @param array $idList An array of user ids.
* @return array An array of associative arrays representing the user data for the provided list of users
*/
public function GetAuthorListByIdList ($idList)
{
$idListClean = $this->valid->FilterCsv($idList);
if(strlen($idListClean) < 1){
return false;
}
$resource = $this->db->Query('select * from ' . IWP_TABLE_USERS .' where userid IN('.$idListClean.')');
$authors = array();
while($row = $this->db->Fetch($resource)){
$authors[] = $row;
}
return $authors;
}
/**
* Returns an array containing a list of author names, optionally linked to their profile URL, for the given user id list.
*
* @param array $idList An array of user ids.
* @param bool $plainText If true, the list will be a plain text list of user's full names, otherwise the list will contain HTML links to the user profiles.
* @return array An array of either names only, or HTML-linked names.
*/
public function GetAuthorNameListByIdList($idList, $plainText=false){
$authorData = $this->GetAuthorListByIdList($idList);
$authors = array();
if(is_array($authorData) && sizeof($authorData) > 0){
foreach ($authorData as $row) {
$name = trim($row['firstname'] . ' ' . $row['lastname']);
$url = $this->urls->GetURLPrepend(true,false) . $this->urls->ViewAuthorProfileURL($row['userid'], $name);
if($plainText){
$authors[] = $name;
}else{
$authors[] = $this->output->LinkTag($url, $name);
}
}
}
if(is_array($authors) && sizeof($authors) > 0){
return implode(', ', $authors);
}
return false;
}
public function GetData(){
return $this->data;
}
public function GetUserDataById($userid){
if(!iwp_IsId($userid)){
return array();
}
$self = new self();
$self->Load($userid);
return $self->GetData();
}
/**
* Returns a list of user 'titles' (names) for the supplied ids. Used by the permission management system.
*
* @param Array $ids
* @return Array
*/
public static function getTitleList (&$ids)
{
$list = array();
if (count($ids)) {
$me = self::getInstance();
$sql = sprintf("SELECT userid as `value`, CONCAT(firstname, ' ', lastname) AS `text` FROM %s WHERE userid IN (%s) ORDER BY firstname, lastname", IWP_TABLE_USERS, implode(',', $ids));
$result = $me->db->Query($sql);
while ($row = $me->db->Fetch($result)) {
$row['value'] = (int)$row['value'];
array_push($list, $row);
}
}
return $list;
}
/**
* This function checks the *currently logged in user* to see if it has permission to edit any detail of the given user $userId.
* Intended for use by navigation features to see if the current user should be allowed to click through to either the user area or a specific user id.
* This checks for the various edit* permissions but does *not* check for create or delete permissions.
*
* @param $userId integer|string The numeric id of the user to check against. Also accepts wildcard '*' string to check 'any' user using the permission system.
*/
public static function HasAnyEditPermission ($userId) {
// this funciton needs to be updated if any edit* permissions are added, removed or changed in iwp_user::$PermissionOptions
return iwp_auth::getInstance()->HasMultiPerm(IWP_MULTIPERM_MATCHTYPE_ANY, 'core', 'user', array('editpersonal', 'editpassword', 'editusername', 'editstatus', 'editgroups', 'editadmin'), $userId);
}
}
iwp_user::$PermissionOptions = array(
'full' => new iwp_permissionoption(true, true, false),
'create' => new iwp_permissionoption(false, false, false),
'delete' => new iwp_permissionoption(true, false, false),
// if any edit* permissions are added, removed or changed, make the same changes to the iwp_user::HasAnyEditPermission function
'editpersonal' => new iwp_permissionoption(true, true, false),
'editpassword' => new iwp_permissionoption(true, true, false),
'editusername' => new iwp_permissionoption(true, true, false),
'editstatus' => new iwp_permissionoption(true, true, false),
'editgroups' => new iwp_permissionoption(true, true, false),
'editadmin' => new iwp_permissionoption(true, true, false),
);