/**
* Update the sign-in credentials for the specific user.
*
* @param UserRecord $user The user to update the credentials for
* @return Boolean True on success
*/
public function assignCredentials(UserRecord $user)
{
$db = new DatabaseConnection();
// Generate a new salt and hash the password
$salt = $this->generateSalt();
// What hashing algorithm to use
$ha = config::get('lepton.user.hashalgorithm', 'md5');
$ps = $user->password . $salt;
$hp = hash($ha, $ps);
if ($user->userid == null) {
$uuid = UUID::v4();
try {
$id = $db->insertRow("REPLACE INTO " . LEPTON_DB_PREFIX . "users (username,salt,password,email,flags,registered,uuid) VALUES (%s,%s,%s,%s,%s,NOW(),%s)", $user->username, $salt, $hp, $user->email, $user->flags, $uuid);
$user->userid = $id;
} catch (Exception $e) {
throw $e;
// TODO: Handle exception
}
} else {
try {
$db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "users SET username=%s,salt=%s,password=%s,email=%s,flags=%s WHERE id=%d", $user->username, $salt, $hp, $user->email, $user->flags, $user->userid);
} catch (Exception $e) {
throw $e;
// TODO: Handle exception
}
}
return true;
}
function execute()
{
$db = new DatabaseConnection();
$stmt = "UPDATE " . $this->table . " SET ";
$su = array();
foreach ($this->update as $key => $val) {
$su[] = $db->escape($key . '=%s', $val);
}
$stmt .= join(', ', $su);
$stmt .= ' ' . $this->where;
return $db->updateRow($stmt);
}
/**
* @brief Assign a user to the current session.
*
* @param $id The user id to assign
*/
protected function setUser($id)
{
// Check if the user is active
$u = user::getUser($id);
if ($u == null) {
throw new UserException("Unassociated user id / Integrity failure", UserException::ERR_USER_UNASSOCIATED);
}
if (!$u->active) {
throw new UserException("User is not active, check audit log", UserException::ERR_USER_INACTIVE);
}
// TODO: Assign to session
if (ModuleManager::has('lepton.mvc.session')) {
session::set(User::KEY_USER_AUTH, $id);
}
if (class_exists('request')) {
$db = new DatabaseConnection();
$db->updateRow("UPDATE users SET lastlogin=NOW(), lastip=%s WHERE id=%d", request::getRemoteIp(), $id);
}
if (class_exists('UserEvents')) {
event::invoke(UserEvents::EVENT_USER_LOGIN, array('id' => $id));
}
}
/**
* @brief Update Acl entries in the database
*
* to allow or deny access to the specific object for the specific role and
* subject. If the subject is passed as null, it will be replaced with the
* active user.
*
* @param IAclObject $object The object
* @param string $role One or more object IDs as string or array.
* @param IAclSubject $subject One or more user or group IDs as string or array.
* @param boolean $access One of the acl::ACL_* flags.
*/
static function setAccess(IAclObject $object, $role, IAclSubject $subject, $access)
{
// If the subject is not specified, set it to the current user.
if (!$subject) {
$subject = user::getActiveUser();
}
// Retrieve the uuid of the subject and the object
$suuid = $subject->getSubjectUuid();
$ouuid = $object->getObjectUuid();
// Convert the access into a string
if ($access === self::ACL_NULL) {
$accesstr = '-';
} elseif ($access === self::ACL_ALLOW) {
$accesstr = 'Y';
} else {
$accesstr = 'N';
}
// Update the record
$db = new DatabaseConnection();
$db->updateRow("REPLACE INTO aclconf (object,role,subject,access) VALUES (%s,%s,%s,%s)", $ouuid, $role, $suuid, $accesstr);
}
/**
* @brief Unlink an identity based on its id.
*
* @param int $iid The identity ID
* @param int $userid The user ID that owns the identity
* @return boolean True on success
*/
static function unlinkIdentity($iid, $userid = null)
{
$db = new DatabaseConnection();
// Default to the active user
if (!$userid) {
$userid = user::getActiveUser()->userid;
}
// And make sure we have an identity to unlink
if ($iid != 0) {
$identities = $db->getRows("SELECT * FROM userengage WHERE userid=%d", user::getActiveUser()->userid);
$identity = $db->getSingleRow("SELECT * FROM userengage WHERE userid=%d AND id=%d", user::getActiveUser()->userid, $iid);
if (count($identities) > 1) {
if ($identity) {
$db->updateRow("DELETE FROM userengage WHERE userid=%d AND id=%d", user::getActiveUser()->userid, $iid);
return true;
}
} else {
view::set('identity', $identity);
return false;
}
} else {
return false;
}
}
/**
* @brief Remove a user based on username or UserRecord.
*
* This action can not be reverted, so make sure that you really want
* to remove the username before actually doing this.
*
* @param String|UserRecord $username The user to remove
* @return Boolean True if the operation was successful
*/
static function remove($username)
{
$db = new DatabaseConnection();
if (is_a($username, 'UserRecord')) {
$user = $db->getSingleRow("SELECT * FROM users WHERE id=%d", $username->userid);
} else {
$user = $db->getSingleRow("SELECT * FROM users WHERE username=%s", $username);
}
if ($user) {
$uid = $user['id'];
$db->updateRow("DELETE FROM users WHERE id=%d", $uid);
$db->updateRow("DELETE FROM userdata WHERE id=%d", $uid);
$db->updateRow("DELETE FROM userengage WHERE id=%d", $uid);
$db->updateRow("DELETE FROM userppp WHERE id=%d", $uid);
return true;
}
return false;
}
public function save()
{
if (!$this->uuid) {
$this->uuid = uuid::v4();
}
if (count($this->modified) > 0) {
// Get a database reference
$db = new DatabaseConnection();
// Determine what needs to be updated.
$mtable = array('user' => false, 'userdata' => false, 'ambient' => false, 'credentials' => false);
foreach ($this->modified as $mod) {
switch ($mod) {
case 'ambient':
$mtable['ambient'] = true;
break;
case 'username':
$mtable['user'] = true;
break;
case 'password':
$mtable['credentials'] = true;
break;
case 'email':
$mtable['user'] = true;
break;
case 'uuid':
$mtable['user'] = true;
break;
case 'active':
$mtable['user'] = true;
break;
case 'displayname':
$mtable['userdata'] = true;
break;
case 'firstname':
$mtable['userdata'] = true;
break;
case 'lastname':
$mtable['userdata'] = true;
break;
case 'sex':
$mtable['userdata'] = true;
break;
case 'country':
$mtable['userdata'] = true;
break;
case 'flags':
$mtable['user'] = true;
break;
case 'userid':
break;
default:
throw new BadArgumentException("Unknown field modified: {$mod}");
}
}
$this->modified = array();
if (!$this->userid) {
// Check to see if the username already exists
if (user::find($this->username)) {
throw new UserException("User already exists!");
}
// Insert
$ambient = serialize($this->ambient);
$this->userid = $db->insertRow("INSERT INTO " . LEPTON_DB_PREFIX . "users (username,email,uuid,flags,active,registered) VALUES " . "(%s,%s,%s,%s,%d,NOW())", $this->username, $this->email, $this->uuid, $this->flags, $this->active ? 1 : 0);
$db->updateRow("INSERT INTO " . LEPTON_DB_PREFIX . "userdata (displayname,firstname,lastname,sex,country,ambient,id) VALUES " . "(%s,%s,%s,%s,%s,%s,%d)", $this->displayname, $this->firstname, $this->lastname, $this->sex, $this->country, $ambient, $this->userid);
// Update credentials
$backend = User::getAuthenticationBackend();
$backend->assignCredentials($this);
} else {
// Update
if ($mtable['ambient'] && $mtable['userdata']) {
// Update complete userdata table
$ambient = serialize($this->ambient);
$db->updateRow("Update " . LEPTON_DB_PREFIX . "userdata SET displayname=%s,firstname=%s,lastname=%s,sex=%s,country=%s,ambient=%s WHERE id=%d", $this->displayname, $this->firstname, $this->lastname, $this->sex, $this->country, $ambient, $this->userid);
} elseif ($mtable['ambient']) {
// Update the ambient column
$ambient = serialize($this->ambient);
$db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "userdata SET ambient=%s WHERE id=%d ", $ambient, $this->userid);
} elseif ($mtable['userdata']) {
// Update the userdata columns
$db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "userdata SET displayname=%s,firstname=%s,lastname=%s,sex=%s,country=%s WHERE id=%d", $this->displayname, $this->firstname, $this->lastname, $this->sex, $this->country, $this->userid);
}
if ($mtable['user']) {
// Update users table
$db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "users SET username=%s,email=%s,uuid=%s,flags=%s,active=%s WHERE id=%d", $this->username, $this->email, $this->uuid, $this->flags, $this->active ? 1 : 0, $this->userid);
}
if ($mtable['credentials']) {
// Update credentials
$backend = User::getAuthenticationBackend();
$backend->assignCredentials($this);
}
}
}
return true;
}
/**
* Update the sign-in credentials for the specific user.
*
* @param UserRecord $user The user to update the credentials for
* @return Boolean True on success
*/
public function assignCredentials(UserRecord $user)
{
$db = new DatabaseConnection();
$hp = $this->hashPassword($user->password);
logger::debug("Updating password has for %s with '%s'", $user->username, $hp);
if ($user->userid == null) {
$uuid = UUID::v4();
try {
$id = $db->insertRow("REPLACE INTO " . LEPTON_DB_PREFIX . "users (username,password,email,flags,registered,uuid) VALUES (%s,%s,%s,%s,%s,NOW(),%s)", $user->username, $hp, $user->email, $user->flags, $uuid);
$user->userid = $id;
} catch (Exception $e) {
throw $e;
// TODO: Handle exception
}
} else {
try {
$db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "users SET username=%s,password=%s,email=%s,flags=%s WHERE id=%d", $user->username, $hp, $user->email, $user->flags, $user->userid);
} catch (Exception $e) {
throw $e;
// TODO: Handle exception
}
}
return true;
}
/**
* Update a wiki page
* @param string $pagename The namespace and page name
* @param string $title The page title
* @param string $content The page content
*/
function updatePage($pagename, $title, $content)
{
$ns = String::getNamespace('default', $pagename);
$uri = String::getLocation($pagename);
$db = new DatabaseConnection();
$author = User::getActiveUserId();
try {
// pull the latest revision of the page
$rs = $db->getSingleRow('SELECT MAX(revision) AS latest FROM wiki WHERE ns=\'%s\' AND uri=\'%s\'', $ns, $uri);
$currev = $rs ? $rs['latest'] : 0;
// set to 0 if no record returned
// bump revision
$currev++;
// and insert the new data
$db->updateRow("INSERT INTO wiki SET content='%s',revision='%d',title='%s',ns='%s',uri='%s',lastedit=NOW(),author='%d'", $content, $currev, $title, $ns, $uri, $author);
} catch (DBXException $e) {
die($e);
}
}
/**
* @brief Check if the token used for authentication is valid
*
* @return boolean True on success, false otherwise.
*/
public function isTokenValid()
{
$user = User::find($this->username);
if ($user) {
$userid = $user->userid;
$db = new DatabaseConnection();
$rs = $db->getSingleRow("SELECT * FROM userppp WHERE id=%d", $userid);
$db->updateRow("UPDATE userppp SET codeindex=codeindex+1 WHERE id=%d", $userid);
if ($rs) {
$codekey = $rs['secretkey'];
$codeindex = $rs['codeindex'];
$codematch = self::getCode($codekey, $codeindex);
// printf('Key <b>%s</b>, index: <b>%s</b>, code: <b>%s</b>, token: <b>%s</b>',
// $codekey, $codeindex, $codematch, $this->passcode);
if ($codematch == $this->passcode) {
$this->userid = $user->userid;
return true;
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}
public static function setCountryStatus($country, $enabled = true)
{
$db = new DatabaseConnection();
$db->updateRow("UPDATE geonames_datasets SET active=%d WHERE setkey=%s", $enabled ? 1 : 0, $country);
}
