public static function get($key = false)
{
if (self::$user === null && isset($_COOKIE['user'])) {
self::$user = Database::get_full_row('user', 'cookie = ?', $_COOKIE['user']);
}
return $key ? self::$user[$key] : self::$user;
}
function test_val()
{
User::$user = new User(1);
$this->assertEquals('Test User', User::val('name'));
$this->assertEquals('Test User 2', User::val('name', 'Test User 2'));
$this->assertEquals('Test User 2', User::val('name'));
}
/**
* Determines if admin has been installed by checking if an admin
* user has been created.
*/
public static function isConfigured()
{
if (User::user()->where('is_admin', '>', 0)->limit(1)->first()) {
return true;
}
return false;
}
/**
* Displays a table of pages, either for all users or the currently logged in users pages only
* based on permissions.
*
* Route: admin/pages/manage
*/
public static function manage()
{
// Check if user only has access to their pages
if (!User::current()->hasPermission('page.manage')) {
$pages = Page::page()->where('user_id', '=', User::current()->id)->orderBy('title')->all();
} else {
$pages = Page::page()->orderBy('title')->all();
}
$table = Html::table();
$header = $table->addHeader();
$header->addCol('Title');
$header->addCol('User', array('colspan' => 2));
if ($pages) {
MultiArray::load($pages, 'page_id');
$indentedPages = MultiArray::indent();
foreach ($indentedPages as $page) {
$user = User::user()->find($page->user_id);
$row = $table->addRow();
$row->addCol(Html::a()->get($page->indent . $page->title, 'admin/page/edit/' . $page->id));
$row->addCol($user->email);
$row->addCol(Html::a('Delete', 'admin/page/delete/' . $page->id, array('onclick' => "return confirm('Delete this page? All child pages will be deleted as well.')")), array('class' => 'right'));
}
} else {
$table->addRow()->addCol('<em>No pages</em>', array('colspan' => 2));
}
return array('title' => 'Manage Page', 'content' => $table->render());
}
/**
* @depends test_exists
*/
function test_update()
{
// Get the lock info
$info = DB::single('select * from #prefix#lock');
// Back to original user id
User::$user = (object) array('id' => 1);
// Update the lock after one second delay
sleep(1);
$this->assertEquals(self::$lock->update(), true);
$this->assertNotEquals(self::$lock->info(), $info);
}
public static function login()
{
if ($_POST) {
$user = User::user()->where('email', '=', $_POST['email'])->andWhere('pass', '=', md5($_POST['password']))->first();
if ($user) {
$_SESSION[Config::get('user.session_key')] = $user->id;
Url::redirect('admin');
} else {
Message::error('Invalid login details.');
}
}
}
public static function logincheck()
{
if (defined('USER_ID') && is_int(USER_ID)) {
return self::$user;
}
if (empty($_SESSION[S_NAME]) || !isset($_SESSION[S_NAME]['user_id'], $_SESSION[S_NAME]['secret'], $_SESSION[S_NAME]['ip']) || !count($arrUser = db_select('mpp_users', 'id = ' . (int) $_SESSION[S_NAME]['user_id'] . ' AND secret = \'' . addslashes($_SESSION[S_NAME]['secret']) . '\' AND login_ip = \'' . addslashes($_SESSION[S_NAME]['ip']) . '\'')) || $_SERVER['REMOTE_ADDR'] !== $_SESSION[S_NAME]['ip']) {
return false;
}
self::$user = new self($arrUser[0]);
define('USER_ID', (int) $arrUser[0]['id']);
return self::$user;
}
/**
* Used to run the admin install if it hasn't been created yet.
*/
public static function install()
{
if ($_POST) {
Validate::check('email', array('email'));
Validate::check('password', array('required'));
Validate::check('conf_password', array('matches:password'));
if (Validate::passed()) {
$userId = User::user()->insert(array('email' => $_POST['email'], 'pass' => md5($_POST['password']), 'is_admin' => 1));
if ($userId) {
Message::ok('Admin install complete.');
Url::redirect('admin/login');
} else {
Message::error('Error creating admin account. Please try again.');
}
}
}
}
static function load()
{
if (!empty(self::$user)) {
return self::$user;
} elseif (!empty($_SESSION[self::SESSION_KEY])) {
$pdo = DataSource::load();
$statement = 'SELECT * FROM User WHERE secret = :secret LIMIT 1';
$preparedStatement = $pdo->prepare($statement);
$preparedStatement->execute(array('secret' => $_SESSION[self::SESSION_KEY]));
$userData = $preparedStatement->fetch();
if (!empty($userData)) {
$user = new User();
$user->setProperties($userData);
self::$user = $user;
return self::$user;
}
}
return false;
}
/**
* Returns the singleton instance of this class.
*/
public static function singleton()
{
if (is_null(self::$_instance)) {
$className = __CLASS__;
self::$_instance = new $className();
if (isset($_SESSION[Config::get('user.session_key')])) {
$user = User::user()->where('id', '=', $_SESSION[Config::get('user.session_key')])->first();
if ($user) {
self::$_user['id'] = $user->id;
self::$_user['email'] = $user->email;
self::$_user['is_admin'] = $user->is_admin;
$permissions = User::permission()->select('user_permissions.permission')->distinct()->leftJoin('habtm_userroles_userusers t', 't.role_id', '=', 'user_permissions.role_id')->where('t.user_id', '=', $user->id)->get();
if ($permissions) {
foreach ($permissions as $row) {
self::$_user['permissions'][] = $row->permission;
}
}
}
}
Log::debug('user', 'Current user ID: ' . self::$_user['id']);
}
return self::$_instance;
}
/**
* Set the current user
*
* @access public
* @param User $user
*/
public static function set(User $user)
{
self::$user = $user;
}
/**
* Fetch or set the currently active user.
*/
public static function current(User $current = null)
{
if ($current !== null) {
self::$user = $current;
}
return self::$user;
}
/**
* A custom handler for `simple_auth()`. Note: Calls `session_start()`
* for you, and creates the global `$user` object if a session is
* valid, since we have the data already.
*/
public static function method($callback)
{
if (!isset($_SESSION)) {
@session_set_cookie_params(time() + 2592000);
@session_start();
}
if (isset($_POST['username']) && isset($_POST['password'])) {
return call_user_func($callback, $_POST['username'], $_POST['password']);
} elseif (isset($_SESSION['session_id'])) {
$u = DB::single('select * from `user` where session_id = ? and expires > ?', $_SESSION['session_id'], gmdate('Y-m-d H:i:s'));
if ($u) {
// Verify user agent as a last step (make hijacking harder)
global $memcache;
$ua = $memcache->get('_user_session_agent_' . $_SESSION['session_id']);
if ($ua && $ua !== $_SERVER['HTTP_USER_AGENT']) {
return false;
}
$class = get_called_class();
self::$user = new $class((array) $u, false);
return true;
}
}
return false;
}
/**
* Unset the `$i18n`, `$cache`, `$page`, and `$tpl` objects upon
* completion.
*/
public static function tearDownAfterClass()
{
error_reporting(E_ALL);
global $i18n, $cache, $page, $tpl;
unset($i18n);
unset($cache);
unset($page);
unset($tpl);
if (isset(DB::$connections) && isset(DB::$connections['master'])) {
unset(DB::$connections['master']);
}
if (isset(User::$user)) {
User::$user = FALSE;
}
}
public static function logOut()
{
//$_SESSION['everythingSthlm']['userId'] = FALSE;
session_destroy();
self::$user = FALSE;
$output = ['redirect_url' => '//' . ROOT];
return $output;
}
/**
* Deletes a user and redirects to manage page.
*/
public static function delete($id)
{
if (User::user()->find($id)->is_admin > 0) {
Message::error('Admin user cannot be deleted.');
} else {
if ($response = User::user()->delete($id)) {
Message::ok('User deleted successfully.');
} else {
Message::error('Error deleting user.');
}
}
Url::redirect('admin/user/manage');
}
static function tearDownAfterClass()
{
User::$user = false;
}
public static function logOut()
{
//$_SESSION['everythingSthlm']['userId'] = FALSE;
session_destroy();
self::$user = FALSE;
header('Location: //' . ROOT);
}
