/** * Gets the list of all admins. * @return User[] */ public static function admins() { if (self::$admins_cache != null) { return self::$admins_cache; } $query = Database::connection()->prepare('SELECT * FROM user WHERE is_admin = 1'); $query->execute(); $result = $query->fetch(); $admins = array(); foreach ($result as $row) { array_push($admins, User::fromRow($row)); } self::$admins_cache = $admins; return $admins; }
/** * Log in a user * * @param string $username Username * @param string $password Password (in cleartext) / Cookie Token (used if $autologin == TRUE) * @param bool $autologin Is this log in called via COOKIE? * @param string redirect Redirect a user to this page after successful login * * @return User (if successful) logged in user */ public function login($username, $password, $autologin = false, $redirect = null) { global $db, $token; // if login via cookie, select info by cookie token and username if ($autologin) { $res = $db->query(' SELECT * FROM ' . TABLE_USERS . ' WHERE username = :username AND user_cookie_token = :token ', array($username, $password)); } else { $res = $db->query(' SELECT * FROM ' . TABLE_USERS . ' WHERE username = :username ', array($username)); } $row = $db->fetchObject($res); // user does exist? if (!$row || !$autologin && !self::checkPassword($password, $row->user_password)) { return false; } else { $this->user = User::fromRow($row); $_SESSION[$this->sessionName] = $this->user->getID(); // set cookie, if not logged in via cookie if (!$autologin) { $cookieToken = self::generateCookieToken($this->user); setcookie(self::COOKIE_AUTO_USERNAME, $this->user->getUsername(), time() + self::COOKIE_AUTO_LIFETIME, '/', null); setcookie(self::COOKIE_AUTO_TOKEN, $cookieToken, time() + self::COOKIE_AUTO_LIFETIME, '/', null); $this->user->save(User::KEY_COOKIE_TOKEN, $cookieToken); } $this->updateOnlineList(); if (!empty($redirect)) { /* Prevent CRLF header injection */ if (strpos($redirect, "\n") !== FALSE || strpos($redirect, "\r") !== FALSE) { return true; } header('Location: ' . $redirect); exit; } return $this->user; } }
/** * Gets an array of users who like this answer. * @return User[] */ private function getLikes() { // See if we can return the cached result if ($this->likesCache != null) { return $this->likesCache; } // Do the query $query = Database::connection()->prepare('SELECT user.* from user, answer_likes WHERE answer_likes.answerid = ? AND' . ' answer_likes.userid = user.userid ORDER BY answer_likes.created_at DESC'); $query->bindValue(1, $this->getAnswerId(), PDO::PARAM_INT); $query->execute(); // Create the array of users $results = $query->fetchAll(); $users = array(); foreach ($results as $row) { array_push($users, User::fromRow($row)); } // Set the cache and return $this->likesCache = $users; return $users; }
/** * Updates the array of users who are in this course. * @param Course $course */ private function getCourseUsers() { // If we already have the results don't do anything if ($this->users != null && $this->professors != null) { return; } // Query the database for all of the user rows in the course $query = Database::connection()->prepare('SELECT user.*, course_user.is_professor FROM course_user, user ' . 'WHERE course_user.courseid = ? AND user.userid = course_user.userid ORDER BY user.userid'); $query->bindValue(1, $this->getCourseId(), PDO::PARAM_INT); if (!$query->execute() || $query->rowCount() == 0) { return array(); } // Reset the arrays $this->users = array(); $this->professors = array(); // Go through and add the user to the correct array $result = $query->fetchAll(); foreach ($result as $row) { $user = User::fromRow($row); if (boolval($row['is_professor'])) { $this->professors[$user->getUserId()] = $user; } else { $this->users[$user->getUserId()] = $user; } } }