/**
* Gets the list of all admins.
* @return User[]
*/
public static function admins()
{
if (self::$admins_cache != null) {
return self::$admins_cache;
}
$query = Database::connection()->prepare('SELECT * FROM user WHERE is_admin = 1');
$query->execute();
$result = $query->fetch();
$admins = array();
foreach ($result as $row) {
array_push($admins, User::fromRow($row));
}
self::$admins_cache = $admins;
return $admins;
}
/**
* Log in a user
*
* @param string $username Username
* @param string $password Password (in cleartext) / Cookie Token (used if $autologin == TRUE)
* @param bool $autologin Is this log in called via COOKIE?
* @param string redirect Redirect a user to this page after successful login
*
* @return User (if successful) logged in user
*/
public function login($username, $password, $autologin = false, $redirect = null)
{
global $db, $token;
// if login via cookie, select info by cookie token and username
if ($autologin) {
$res = $db->query('
SELECT *
FROM ' . TABLE_USERS . '
WHERE username = :username AND user_cookie_token = :token
', array($username, $password));
} else {
$res = $db->query('
SELECT *
FROM ' . TABLE_USERS . '
WHERE username = :username
', array($username));
}
$row = $db->fetchObject($res);
// user does exist?
if (!$row || !$autologin && !self::checkPassword($password, $row->user_password)) {
return false;
} else {
$this->user = User::fromRow($row);
$_SESSION[$this->sessionName] = $this->user->getID();
// set cookie, if not logged in via cookie
if (!$autologin) {
$cookieToken = self::generateCookieToken($this->user);
setcookie(self::COOKIE_AUTO_USERNAME, $this->user->getUsername(), time() + self::COOKIE_AUTO_LIFETIME, '/', null);
setcookie(self::COOKIE_AUTO_TOKEN, $cookieToken, time() + self::COOKIE_AUTO_LIFETIME, '/', null);
$this->user->save(User::KEY_COOKIE_TOKEN, $cookieToken);
}
$this->updateOnlineList();
if (!empty($redirect)) {
/* Prevent CRLF header injection */
if (strpos($redirect, "\n") !== FALSE || strpos($redirect, "\r") !== FALSE) {
return true;
}
header('Location: ' . $redirect);
exit;
}
return $this->user;
}
}
/**
* Gets an array of users who like this answer.
* @return User[]
*/
private function getLikes()
{
// See if we can return the cached result
if ($this->likesCache != null) {
return $this->likesCache;
}
// Do the query
$query = Database::connection()->prepare('SELECT user.* from user, answer_likes WHERE answer_likes.answerid = ? AND' . ' answer_likes.userid = user.userid ORDER BY answer_likes.created_at DESC');
$query->bindValue(1, $this->getAnswerId(), PDO::PARAM_INT);
$query->execute();
// Create the array of users
$results = $query->fetchAll();
$users = array();
foreach ($results as $row) {
array_push($users, User::fromRow($row));
}
// Set the cache and return
$this->likesCache = $users;
return $users;
}
/**
* Updates the array of users who are in this course.
* @param Course $course
*/
private function getCourseUsers()
{
// If we already have the results don't do anything
if ($this->users != null && $this->professors != null) {
return;
}
// Query the database for all of the user rows in the course
$query = Database::connection()->prepare('SELECT user.*, course_user.is_professor FROM course_user, user ' . 'WHERE course_user.courseid = ? AND user.userid = course_user.userid ORDER BY user.userid');
$query->bindValue(1, $this->getCourseId(), PDO::PARAM_INT);
if (!$query->execute() || $query->rowCount() == 0) {
return array();
}
// Reset the arrays
$this->users = array();
$this->professors = array();
// Go through and add the user to the correct array
$result = $query->fetchAll();
foreach ($result as $row) {
$user = User::fromRow($row);
if (boolval($row['is_professor'])) {
$this->professors[$user->getUserId()] = $user;
} else {
$this->users[$user->getUserId()] = $user;
}
}
}
