/** Is the user valid? Valid means that the account is validated or hasn't exhausted it's validation period.
$errmsg: Returs the reason why the account is or isn't valid
$errno: Returns an error code identifying the error */
function isUserValid(&$errmsg = null, &$errno = 0)
{
global $account_status_to_text;
$db = AbstractDb::getObject();
$retval = false;
$account_status = $this->getAccountStatus();
if ($account_status == ACCOUNT_STATUS_ALLOWED) {
$retval = true;
} else {
if ($account_status == ACCOUNT_STATUS_VALIDATION) {
$sql = "SELECT CASE WHEN ((CURRENT_TIMESTAMP - reg_date) > networks.validation_grace_time) THEN true ELSE false END AS validation_grace_time_expired, EXTRACT(EPOCH FROM networks.validation_grace_time) as validation_grace_time FROM users JOIN networks ON (users.account_origin = networks.network_id) WHERE (user_id='{$this->id}')";
$db->execSqlUniqueRes($sql, $user_info, false);
if ($user_info['validation_grace_time_expired'] == 't') {
$errmsg = sprintf(getErrorText(ERR_VALIDATION_EXPIRED), $user_info['validation_grace_time'] / 60);
$errno = ERR_VALIDATION_EXPIRED;
$retval = false;
} else {
$errmsg = _("Your account is currently valid.");
$retval = true;
}
} else {
$errmsg = getErrorText(ERR_ACCOUNT_INVALID) . $account_status_to_text[$account_status];
$errno = ERR_ACCOUNT_INVALID;
$retval = false;
}
}
return $retval;
}
/**
* Attempts to login a user against the authentication source
*
* If successfull, returns a User object
*
* @param string $username A valid identifying token for the source. Not
* necessarily unique. For local user, bots username
* and email are valid.
* @param string $password Clear text password.
* @param string $errmsg Reference of error message
* @param int $errno Reference to error code
*
* @return object The actual User object if login was successfull, false
* otherwise.
*/
public function login($username, $password, &$errmsg = null, &$errno = 0)
{
//echo "DEBUG: login($username, $password, $errmsg)<br/>";
$db = AbstractDb::getObject();
// Init values
$retval = false;
$username = $db->escapeString($username);
if (empty($username)) {
$errmsg .= sprintf(getErrorText(ERR_NO_USERNAME));
$errno = ERR_NO_USERNAME;
$retval = false;
} else {
/* gbastien: this is not reusable!!, why not use password directly? */
//$password_hash = User::passwordHash($_REQUEST['password']);
$password_hash = User::passwordHash($password);
$password = $db->escapeString($password);
$username = $this->getNetwork()->getUsernamesCaseSensitive() ? $username : strtolower($username);
$compareto = $this->getNetwork()->getUsernamesCaseSensitive() ? 'username' : 'lower(username)';
$sql = "SELECT user_id FROM users WHERE ({$compareto} = '{$username}' OR lower(email) = '{$username}') AND account_origin='" . $this->getNetwork()->getId() . "' AND pass='******'";
$db->execSqlUniqueRes($sql, $user_info, false);
if ($user_info != null) {
$user = User::getObject($user_info['user_id']);
if ($user->isUserValid($errmsg, $errno)) {
$retval =& $user;
$errmsg = _("Login successfull");
} else {
$retval = false;
//Reason for refusal is already in $errmsg
}
} else {
/*
* This is only used to discriminate if the problem was a
* non-existent user or a wrong password.
*/
$user_info = null;
$db->execSqlUniqueRes("SELECT * FROM users WHERE ({$compareto} = '{$username}' OR lower(email) = '{$username}') AND account_origin='" . $this->getNetwork()->getId() . "'", $user_info, false);
if ($user_info == null) {
$errmsg = getErrorText(ERR_UNKNOWN_USERNAME);
$errno = ERR_UNKNOWN_USERNAME;
} else {
$errmsg = getErrorText(ERR_WRONG_PASSWORD);
$errno = ERR_WRONG_PASSWORD;
}
$retval = false;
}
}
User::setCurrentUser($retval);
return $retval;
}
echo $test["test"]["cert"]["hash"];
?>
</td>
<td><?php
echo date("j. n. Y", $test["test"]["cert"]["validFrom_time_t"]);
?>
</td>
<td><?php
echo date("j. n. Y", $test["test"]["cert"]["validTo_time_t"]);
?>
</td>
<?php
} else {
?>
<td colspan="4">Chyba - <?php
echo getErrorText($test["test"]["status"]);
?>
.</td>
<?php
}
?>
</tr>
<?php
}
?>
</table>
<hr>
Vygenerováno v <?php
echo date("G:i j. n. Y");
