/** * Update the sign-in credentials for the specific user. * * @param UserRecord $user The user to update the credentials for * @return Boolean True on success */ public function assignCredentials(UserRecord $user) { $db = new DatabaseConnection(); // Generate a new salt and hash the password $salt = $this->generateSalt(); // What hashing algorithm to use $ha = config::get('lepton.user.hashalgorithm', 'md5'); $ps = $user->password . $salt; $hp = hash($ha, $ps); if ($user->userid == null) { $uuid = UUID::v4(); try { $id = $db->insertRow("REPLACE INTO " . LEPTON_DB_PREFIX . "users (username,salt,password,email,flags,registered,uuid) VALUES (%s,%s,%s,%s,%s,NOW(),%s)", $user->username, $salt, $hp, $user->email, $user->flags, $uuid); $user->userid = $id; } catch (Exception $e) { throw $e; // TODO: Handle exception } } else { try { $db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "users SET username=%s,salt=%s,password=%s,email=%s,flags=%s WHERE id=%d", $user->username, $salt, $hp, $user->email, $user->flags, $user->userid); } catch (Exception $e) { throw $e; // TODO: Handle exception } } return true; }
function execute() { $db = new DatabaseConnection(); $stmt = "UPDATE " . $this->table . " SET "; $su = array(); foreach ($this->update as $key => $val) { $su[] = $db->escape($key . '=%s', $val); } $stmt .= join(', ', $su); $stmt .= ' ' . $this->where; return $db->updateRow($stmt); }
/** * @brief Assign a user to the current session. * * @param $id The user id to assign */ protected function setUser($id) { // Check if the user is active $u = user::getUser($id); if ($u == null) { throw new UserException("Unassociated user id / Integrity failure", UserException::ERR_USER_UNASSOCIATED); } if (!$u->active) { throw new UserException("User is not active, check audit log", UserException::ERR_USER_INACTIVE); } // TODO: Assign to session if (ModuleManager::has('lepton.mvc.session')) { session::set(User::KEY_USER_AUTH, $id); } if (class_exists('request')) { $db = new DatabaseConnection(); $db->updateRow("UPDATE users SET lastlogin=NOW(), lastip=%s WHERE id=%d", request::getRemoteIp(), $id); } if (class_exists('UserEvents')) { event::invoke(UserEvents::EVENT_USER_LOGIN, array('id' => $id)); } }
/** * @brief Update Acl entries in the database * * to allow or deny access to the specific object for the specific role and * subject. If the subject is passed as null, it will be replaced with the * active user. * * @param IAclObject $object The object * @param string $role One or more object IDs as string or array. * @param IAclSubject $subject One or more user or group IDs as string or array. * @param boolean $access One of the acl::ACL_* flags. */ static function setAccess(IAclObject $object, $role, IAclSubject $subject, $access) { // If the subject is not specified, set it to the current user. if (!$subject) { $subject = user::getActiveUser(); } // Retrieve the uuid of the subject and the object $suuid = $subject->getSubjectUuid(); $ouuid = $object->getObjectUuid(); // Convert the access into a string if ($access === self::ACL_NULL) { $accesstr = '-'; } elseif ($access === self::ACL_ALLOW) { $accesstr = 'Y'; } else { $accesstr = 'N'; } // Update the record $db = new DatabaseConnection(); $db->updateRow("REPLACE INTO aclconf (object,role,subject,access) VALUES (%s,%s,%s,%s)", $ouuid, $role, $suuid, $accesstr); }
/** * @brief Unlink an identity based on its id. * * @param int $iid The identity ID * @param int $userid The user ID that owns the identity * @return boolean True on success */ static function unlinkIdentity($iid, $userid = null) { $db = new DatabaseConnection(); // Default to the active user if (!$userid) { $userid = user::getActiveUser()->userid; } // And make sure we have an identity to unlink if ($iid != 0) { $identities = $db->getRows("SELECT * FROM userengage WHERE userid=%d", user::getActiveUser()->userid); $identity = $db->getSingleRow("SELECT * FROM userengage WHERE userid=%d AND id=%d", user::getActiveUser()->userid, $iid); if (count($identities) > 1) { if ($identity) { $db->updateRow("DELETE FROM userengage WHERE userid=%d AND id=%d", user::getActiveUser()->userid, $iid); return true; } } else { view::set('identity', $identity); return false; } } else { return false; } }
/** * @brief Remove a user based on username or UserRecord. * * This action can not be reverted, so make sure that you really want * to remove the username before actually doing this. * * @param String|UserRecord $username The user to remove * @return Boolean True if the operation was successful */ static function remove($username) { $db = new DatabaseConnection(); if (is_a($username, 'UserRecord')) { $user = $db->getSingleRow("SELECT * FROM users WHERE id=%d", $username->userid); } else { $user = $db->getSingleRow("SELECT * FROM users WHERE username=%s", $username); } if ($user) { $uid = $user['id']; $db->updateRow("DELETE FROM users WHERE id=%d", $uid); $db->updateRow("DELETE FROM userdata WHERE id=%d", $uid); $db->updateRow("DELETE FROM userengage WHERE id=%d", $uid); $db->updateRow("DELETE FROM userppp WHERE id=%d", $uid); return true; } return false; }
public function save() { if (!$this->uuid) { $this->uuid = uuid::v4(); } if (count($this->modified) > 0) { // Get a database reference $db = new DatabaseConnection(); // Determine what needs to be updated. $mtable = array('user' => false, 'userdata' => false, 'ambient' => false, 'credentials' => false); foreach ($this->modified as $mod) { switch ($mod) { case 'ambient': $mtable['ambient'] = true; break; case 'username': $mtable['user'] = true; break; case 'password': $mtable['credentials'] = true; break; case 'email': $mtable['user'] = true; break; case 'uuid': $mtable['user'] = true; break; case 'active': $mtable['user'] = true; break; case 'displayname': $mtable['userdata'] = true; break; case 'firstname': $mtable['userdata'] = true; break; case 'lastname': $mtable['userdata'] = true; break; case 'sex': $mtable['userdata'] = true; break; case 'country': $mtable['userdata'] = true; break; case 'flags': $mtable['user'] = true; break; case 'userid': break; default: throw new BadArgumentException("Unknown field modified: {$mod}"); } } $this->modified = array(); if (!$this->userid) { // Check to see if the username already exists if (user::find($this->username)) { throw new UserException("User already exists!"); } // Insert $ambient = serialize($this->ambient); $this->userid = $db->insertRow("INSERT INTO " . LEPTON_DB_PREFIX . "users (username,email,uuid,flags,active,registered) VALUES " . "(%s,%s,%s,%s,%d,NOW())", $this->username, $this->email, $this->uuid, $this->flags, $this->active ? 1 : 0); $db->updateRow("INSERT INTO " . LEPTON_DB_PREFIX . "userdata (displayname,firstname,lastname,sex,country,ambient,id) VALUES " . "(%s,%s,%s,%s,%s,%s,%d)", $this->displayname, $this->firstname, $this->lastname, $this->sex, $this->country, $ambient, $this->userid); // Update credentials $backend = User::getAuthenticationBackend(); $backend->assignCredentials($this); } else { // Update if ($mtable['ambient'] && $mtable['userdata']) { // Update complete userdata table $ambient = serialize($this->ambient); $db->updateRow("Update " . LEPTON_DB_PREFIX . "userdata SET displayname=%s,firstname=%s,lastname=%s,sex=%s,country=%s,ambient=%s WHERE id=%d", $this->displayname, $this->firstname, $this->lastname, $this->sex, $this->country, $ambient, $this->userid); } elseif ($mtable['ambient']) { // Update the ambient column $ambient = serialize($this->ambient); $db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "userdata SET ambient=%s WHERE id=%d ", $ambient, $this->userid); } elseif ($mtable['userdata']) { // Update the userdata columns $db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "userdata SET displayname=%s,firstname=%s,lastname=%s,sex=%s,country=%s WHERE id=%d", $this->displayname, $this->firstname, $this->lastname, $this->sex, $this->country, $this->userid); } if ($mtable['user']) { // Update users table $db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "users SET username=%s,email=%s,uuid=%s,flags=%s,active=%s WHERE id=%d", $this->username, $this->email, $this->uuid, $this->flags, $this->active ? 1 : 0, $this->userid); } if ($mtable['credentials']) { // Update credentials $backend = User::getAuthenticationBackend(); $backend->assignCredentials($this); } } } return true; }
/** * Update the sign-in credentials for the specific user. * * @param UserRecord $user The user to update the credentials for * @return Boolean True on success */ public function assignCredentials(UserRecord $user) { $db = new DatabaseConnection(); $hp = $this->hashPassword($user->password); logger::debug("Updating password has for %s with '%s'", $user->username, $hp); if ($user->userid == null) { $uuid = UUID::v4(); try { $id = $db->insertRow("REPLACE INTO " . LEPTON_DB_PREFIX . "users (username,password,email,flags,registered,uuid) VALUES (%s,%s,%s,%s,%s,NOW(),%s)", $user->username, $hp, $user->email, $user->flags, $uuid); $user->userid = $id; } catch (Exception $e) { throw $e; // TODO: Handle exception } } else { try { $db->updateRow("UPDATE " . LEPTON_DB_PREFIX . "users SET username=%s,password=%s,email=%s,flags=%s WHERE id=%d", $user->username, $hp, $user->email, $user->flags, $user->userid); } catch (Exception $e) { throw $e; // TODO: Handle exception } } return true; }
/** * Update a wiki page * @param string $pagename The namespace and page name * @param string $title The page title * @param string $content The page content */ function updatePage($pagename, $title, $content) { $ns = String::getNamespace('default', $pagename); $uri = String::getLocation($pagename); $db = new DatabaseConnection(); $author = User::getActiveUserId(); try { // pull the latest revision of the page $rs = $db->getSingleRow('SELECT MAX(revision) AS latest FROM wiki WHERE ns=\'%s\' AND uri=\'%s\'', $ns, $uri); $currev = $rs ? $rs['latest'] : 0; // set to 0 if no record returned // bump revision $currev++; // and insert the new data $db->updateRow("INSERT INTO wiki SET content='%s',revision='%d',title='%s',ns='%s',uri='%s',lastedit=NOW(),author='%d'", $content, $currev, $title, $ns, $uri, $author); } catch (DBXException $e) { die($e); } }
/** * @brief Check if the token used for authentication is valid * * @return boolean True on success, false otherwise. */ public function isTokenValid() { $user = User::find($this->username); if ($user) { $userid = $user->userid; $db = new DatabaseConnection(); $rs = $db->getSingleRow("SELECT * FROM userppp WHERE id=%d", $userid); $db->updateRow("UPDATE userppp SET codeindex=codeindex+1 WHERE id=%d", $userid); if ($rs) { $codekey = $rs['secretkey']; $codeindex = $rs['codeindex']; $codematch = self::getCode($codekey, $codeindex); // printf('Key <b>%s</b>, index: <b>%s</b>, code: <b>%s</b>, token: <b>%s</b>', // $codekey, $codeindex, $codematch, $this->passcode); if ($codematch == $this->passcode) { $this->userid = $user->userid; return true; } else { return false; } } else { return false; } } else { return false; } }
public static function setCountryStatus($country, $enabled = true) { $db = new DatabaseConnection(); $db->updateRow("UPDATE geonames_datasets SET active=%d WHERE setkey=%s", $enabled ? 1 : 0, $country); }