Source for file _class_user.php
Documentation is available at _class_user.php
* This file implements Users * b2evolution - {@link http://b2evolution.net/} * Released under GNU GPL License - {@link http://b2evolution.net/about/license.html} * @copyright (c)2003-2005 by Francois PLANQUE - {@link http://fplanque.net/} if( !defined('DB_USER') ) die( 'Please, do not access this page directly.' ); require_once dirname(__FILE__
).
'/_class_dataobject.php'; var $Group; // Pointer to group // Blog posts statuses permissions: * {@internal User::User(-)}} * @param array existing userdata {@link get_userdata()} function User( $userdata =
NULL ) global $GroupCache, $tableusers, $default_locale; // Call parent constructor: // echo 'Creating blank user'; $this->locale =
$default_locale; // echo 'Instanciating existing user'; $this->ID =
$userdata['ID']; $this->login =
$userdata['user_login']; $this->pass =
$userdata['user_pass']; $this->firstname =
$userdata['user_firstname']; $this->lastname =
$userdata['user_lastname']; $this->nickname =
$userdata['user_nickname']; $this->idmode =
$userdata['user_idmode']; $this->locale =
$userdata['user_locale']; $this->email =
$userdata['user_email']; $this->url =
$userdata['user_url']; $this->icq =
$userdata['user_icq']; $this->aim =
$userdata['user_aim']; $this->msn =
$userdata['user_msn']; $this->yim =
$userdata['user_yim']; $this->ip =
$userdata['user_ip']; $this->domain =
$userdata['user_domain']; $this->browser =
$userdata['user_browser']; $this->level =
$userdata['user_level']; $this->notify =
$userdata['user_notify']; $this->Group =
$GroupCache->get_by_ID( $userdata['user_grp_ID'] ); * {@internal User::get(-)}} // Prefered name to display return parent::get('firstname').
' '.
parent::get('lastname'); return parent::get('lastname').
' '.
parent::get('firstname'); return parent::get( $parname ); function set( $parname, $parvalue ) // case 'icq': // Dangerous: easy to forget it's not a string parent::set_param( $parname, 'number', $parvalue ); parent::set_param( $parname, 'string', $parvalue ); * User::set_datecreated(-) // Remmeber change for later db update: $this->dbchange( 'dateYMDhour' , 'string', 'datecreated' ); $this->dbchange( 'user_grp_ID', 'number', 'Group->get(\'ID\')' ); * Check permission for this user * {@internal User::check_perm(-) }} * @param string Permission name, can be one of: * - 'cats_post_statuses', see {@link User::check_perm_catsusers()} * - either group permission names, see {@link Group::check_perm()} * - either blogusers permission names, see {@link User::check_perm_blogusers()} * @param string Permission level * @param boolean Execution will halt if this is !0 and permission is denied * @param mixed Permission target (blog ID, array of cat IDs...) * @return boolean 0 if permission denied function check_perm( $permname, $permlevel =
'any', $assert =
false, $perm_target =
NULL ) global $use_fileupload, $fileupload_minlevel, $fileupload_allowedusers; { // What permission do we want to check? // Global permission to upload files... $perm =
(($use_fileupload) &&
($this->level) >=
$fileupload_minlevel) &&
((ereg(' '.
$this->login.
' ', $fileupload_allowedusers)) ||
(trim($fileupload_allowedusers)==
'')); // Global permission to edit timestamps... $perm =
($this->level >=
5); case 'cats_post_statuses':
// Category permissions... // Blog permission to edit its properties... (depending on user AND hits group) // Forward request to group: if( $this->Group->check_perm( 'blogs', $permlevel ) ) { // Check user perm for this blog case 'blog_post_statuses':
// Blog permission to this or that... (depending on this user only) // Other global permissions (see if the group can handle them) // Forward request to group: $perm =
$this->Group->check_perm( $permname, $permlevel ); { // We can't let this go on! die( T_('Permission denied!').
' ('.
$permname .
'/'.
$permlevel .
')' ); * Check permission for this user on a set of specified categories * This is not for direct use, please call {@link User::check_perm()} instead * {@internal User::check_perm_catsusers(-) }} * @see User::check_perm() * @param string Permission name, can be one of the following: * - more to come later... * @param string Permission level * @param array Array of target cat IDs * @return boolean 0 if permission denied // Check if permission is granted: case 'cats_post_statuses':
// We'll actually pass this on to blog permissions // First we need to create an array of blogs, not cats $perm_target_blogs =
array(); foreach( $perm_target_cats as $loop_cat_ID ) // echo "cat $loop_cat_ID -> blog $loop_cat_blog_ID <br/>"; if( ! in_array( $loop_cat_blog_ID, $perm_target_blogs ) ) { // not already in list: add it: $perm_target_blogs[] =
$loop_cat_blog_ID; // Now we'll check permissions for each blog: foreach( $perm_target_blogs as $loop_blog_ID ) { // If at least one blog is denied: return false; // permission denied return true; // Permission granted return false; // permission denied * Check permission for this user on a specified blog * This is not for direct use, please call {@link User::check_perm()} instead * {@internal User::check_perm_blogusers(-) }} * @see User::check_perm() * @param string Permission name, can be one of the following: * @param string Permission level * @param integer Permission target blog ID * @return boolean 0 if permission denied global $DB, $tableblogusers; // echo "checkin for $permname >= $permlevel on blog $perm_target_blog<br />"; { // Allowed blog post statuses have not been loaded yet: { // User not in DB, nothing to load!: return false; // Permission denied // echo 'loading allowed statuses'; WHERE bloguser_blog_ID = $perm_target_blog AND bloguser_user_ID = $this->ID"; // echo $query, '<br />'; if( ($row =
$DB->get_row( $query, ARRAY_A )) ==
NULL ) { // No rights set for this Blog/User return false; // Permission denied $this->blog_post_statuses[$perm_target_blog]['blog_ismember'] =
$row['bloguser_ismember']; $bloguser_perm_post =
$row['bloguser_perm_poststatuses']; if( empty($bloguser_perm_post ) ) $this->blog_post_statuses[$perm_target_blog]['blog_del_post'] =
$row['bloguser_perm_delpost']; $this->blog_post_statuses[$perm_target_blog]['blog_comments'] =
$row['bloguser_perm_comments']; $this->blog_post_statuses[$perm_target_blog]['blog_properties'] =
$row['bloguser_perm_properties']; // Check if permission is granted: return ($this->level >=
2); case 'blog_post_statuses':
if( $permlevel ==
'any' ) { // Any prermission will do: // echo count($this->blog_post_statuses); // We want a specific permission: // echo 'checking :', implode( ',', $this->blog_post_statuses ), '<br />'; // echo $permname, '=', $this->blog_post_statuses[$perm_target_blog][$permname], ' '; * Delete user and dependencies from database * Includes WAY TOO MANY requests because we try to be compatible with mySQL 3.23, bleh! * {@internal User::dbdelete(-) }} * @todo delete comments on user's posts * @param boolean true if you want to echo progress global $DB, $tablecomments, $tableposts, $tablepostcats, $tableblogusers; if( $this->ID ==
0 ) die( 'Non persistant object cannot be deleted!' ); // Note: No need to localize the status messages... if( $echo ) echo
'<p>mySQL 3.23 compatibility mode!'; // Transform registered user comments to unregistered: if( $echo ) echo
'<br />Transforming user\'s comments to unregistered comments... '; $ret =
$DB->query( "UPDATE $tablecomments SET comment_author_ID = NULL, comment_author = ".
$DB->quote( $this->get('preferedname') ).
", comment_author_email = ".
$DB->quote( $this->get('email') ).
", comment_author_url = ".
$DB->quote( $this->get('url') ).
" WHERE comment_author_ID = $this->ID" ); if( $echo ) printf( '(%d rows)', $ret ); // Get list of posts that are going to be deleted (3.23) if( $echo ) echo
'<br />Getting post list to delete... '; $post_list =
$DB->get_list( "SELECT ID WHERE post_author = $this->ID" ); if( empty( $post_list ) ) if( $echo ) echo
'<br />Deleting comments on user\'s posts... '; $ret =
$DB->query( "DELETE FROM $tablecomments WHERE comment_post_ID IN ($post_list)" ); if( $echo ) printf( '(%d rows)', $ret ); if( $echo ) echo
'<br />Deleting user\'s posts\' extracats... '; $ret =
$DB->query( "DELETE FROM $tablepostcats WHERE postcat_post_ID IN ($post_list)" ); if( $echo ) printf( '(%d rows)', $ret ); if( $echo ) echo
'<br />Deleting user\'s posts... '; $ret =
$DB->query( "DELETE FROM $tableposts WHERE post_author = $this->ID" ); if( $echo ) printf( '(%d rows)', $ret ); // Delete userblog permissions if( $echo ) echo
'<br />Deleting user-blog permissions... '; $ret =
$DB->query( "DELETE FROM $tableblogusers WHERE bloguser_user_ID = $this->ID" ); if( $echo ) printf( '(%d rows)', $ret ); if( $echo ) echo
'<br />Deleting User... '; * Template function: display user's level * {@internal User::level(-) }} $this->disp( 'level', 'raw' ); * Template function: display user's login * {@internal User::login(-) }} * @param string Output format, see {@link format_to_output()} function login( $format =
'htmlbody' ) $this->disp( 'login', $format ); * Template function: display user's prefered name * {@internal User::prefered_name(-) }} * @param string Output format, see {@link format_to_output()} $this->disp( 'preferedname', $format ); * Template function: display user's URL * {@internal User::url(-) }} * @param string string to display before the date (if changed) * @param string string to display after the date (if changed) * @param string Output format, see {@link format_to_output()} function url( $before =
'', $after =
'', $format =
'htmlbody' ) if( !empty( $this->url ) ) $this->disp( 'url', $format );
