00001 <?PHP 00002 00003 # 00004 # Axis--User.php 00005 # An Object for Handling User Information 00006 # 00007 # Copyright 1999-2001 Axis Data 00008 # This code is free software that can be used or redistributed under the 00009 # terms of Version 2 of the GNU General Public License, as published by the 00010 # Free Software Foundation (http://www.fsf.org). 00011 # 00012 # Author: Edward Almasy (almasy@axisdata.com) 00013 # 00014 # Part of the AxisPHP library v1.2.4 00015 # For more information see http://www.axisdata.com/AxisPHP/ 00016 # 00017 00018 # status values (error codes) 00019 define("U_OKAY", 0); 00020 define("U_ERROR", 1); 00021 define("U_BADPASSWORD", 2); 00022 define("U_NOSUCHUSER", 3); 00023 define("U_PASSWORDSDONTMATCH", 4); 00024 define("U_EMAILSDONTMATCH", 5); 00025 define("U_DUPLICATEUSERNAME", 6); 00026 define("U_ILLEGALUSERNAME", 7); 00027 define("U_EMPTYUSERNAME", 8); 00028 define("U_ILLEGALPASSWORD", 9); 00029 define("U_ILLEGALPASSWORDAGAIN",10); 00030 define("U_EMPTYPASSWORD", 11); 00031 define("U_EMPTYPASSWORDAGAIN", 12); 00032 define("U_ILLEGALEMAIL", 13); 00033 define("U_ILLEGALEMAILAGAIN", 14); 00034 define("U_EMPTYEMAIL", 15); 00035 define("U_EMPTYEMAILAGAIN", 16); 00036 define("U_NOTLOGGEDIN", 17); 00037 define("U_MAILINGERROR", 18); 00038 define("U_TEMPLATENOTFOUND", 19); 00039 define("U_DUPLICATEEMAIL", 20); 00040 00041 00042 class User { 00043 00044 # ---- PUBLIC INTERFACE -------------------------------------------------- 00045 00046 function User(&$SessionOrDb, $UserInfo=NULL) 00047 { 00048 # assume constructor will succeed and user is not logged in 00049 $this->Result = U_OKAY; 00050 $this->LoggedIn = FALSE; 00051 00052 # if a session was passed in 00053 if (is_object($SessionOrDb) && method_exists($SessionOrDb, "Session")) 00054 { 00055 # save pointer to session 00056 $this->Session =& $SessionOrDb; 00057 00058 # swipe database handle from session 00059 $this->DB =& $this->Session->DB; 00060 00061 # if user ID is available from session 00062 if ($this->Session->Get("APUserId") !== NULL) 00063 { 00064 # save user ID 00065 $this->UserId = $this->Session->Get("APUserId"); 00066 00067 # set flag indicating user is currently logged in 00068 $this->LoggedIn = TRUE; 00069 } 00070 } 00071 # else if database handle was passed in 00072 elseif (is_object($SessionOrDb) 00073 && method_exists($SessionOrDb, "Database")) 00074 { 00075 # save database handle 00076 $this->DB =& $SessionOrDb; 00077 00078 # if user ID was passed in 00079 if (is_int($UserInfo)) 00080 { 00081 # save user ID 00082 $this->UserId = $UserInfo; 00083 } 00084 # else if user name was passed in 00085 elseif (is_string($UserInfo)) 00086 { 00087 # look up user ID in database 00088 $this->DB->Query("SELECT UserId FROM APUsers" 00089 ." WHERE UserName='".addslashes($UserInfo)."'"); 00090 00091 # if user ID was found 00092 if ($this->DB->NumRowsSelected() > 0) 00093 { 00094 $this->UserId = $this->DB->FetchField("UserId"); 00095 } 00096 else 00097 { 00098 # if name looks like it could actually be a user ID 00099 if (preg_match("/^[0-9-]$/", $UserInfo)) 00100 { 00101 # assume name was user ID 00102 $this->UserId = $UserInfo; 00103 } 00104 else 00105 { 00106 # set code indicating no user found 00107 $this->Result = U_NOSUCHUSER; 00108 } 00109 } 00110 } 00111 } 00112 else 00113 { 00114 # error out 00115 $this->Result = U_ERROR; 00116 exit("ERROR: User object creation attempted without DB or session"); 00117 } 00118 } 00119 00120 function Status() 00121 { 00122 return $this->Result; 00123 } 00124 00125 # return text message corresponding to current (or specified) status code 00126 function StatusMessage($StatusCode = NULL) 00127 { 00128 $APUserStatusMessages = array( 00129 U_OKAY => "The operation was successful.", 00130 U_ERROR => "There has been an error.", 00131 U_BADPASSWORD => "The password you entered was" 00132 ." incorrect.", 00133 U_NOSUCHUSER => "No such user name was found.", 00134 U_PASSWORDSDONTMATCH => "The new passwords you entered do" 00135 ." not match.", 00136 U_EMAILSDONTMATCH => "The e-mail addresses you entered" 00137 ." do not match.", 00138 U_DUPLICATEUSERNAME => "The user name you requested is" 00139 ." already in use.", 00140 U_ILLEGALUSERNAME => "The user name you requested is too" 00141 ." short, too long, or contains" 00142 ." illegal characters.", 00143 U_ILLEGALPASSWORD => "The new password you requested is" 00144 ." too short, too long, or" 00145 ." contains illegal characters.", 00146 U_ILLEGALEMAIL => "The e-mail address you entered" 00147 ." appears to be invalid.", 00148 U_NOTLOGGEDIN => "The user is not logged in.", 00149 U_MAILINGERROR => "An error occurred while attempting" 00150 ." to send e-mail. Please notify" 00151 ." the system administrator.", 00152 U_TEMPLATENOTFOUND => "An error occurred while attempting" 00153 ." to generate e-mail. Please" 00154 ." notify the system administrator.", 00155 U_DUPLICATEEMAIL => "The e-mail address you supplied already" 00156 ." has an account associated with it.", 00157 ); 00158 00159 return ($StatusCode === NULL) ? $APUserStatusMessages[$this->Result] 00160 : $APUserStatusMessages[$StatusCode]; 00161 } 00162 00163 function Delete() 00164 { 00165 # clear priv list values 00166 $this->DB->Query("DELETE FROM APUserPrivileges WHERE UserId = '".$this->UserId."'"); 00167 00168 # delete user record from database 00169 $this->DB->Query("DELETE FROM APUsers WHERE UserId = '".$this->UserId."'"); 00170 00171 # report to caller that everything succeeded 00172 $this->Result = U_OKAY; 00173 return $this->Result; 00174 } 00175 00176 00177 # ---- Getting/Setting Values -------------------------------------------- 00178 00179 function Id() 00180 { 00181 return $this->UserId; 00182 } 00183 function Name() 00184 { 00185 return $this->Get("UserName"); 00186 } 00187 function LastLocation($NewLocation = NULL) 00188 { 00189 if ($NewLocation) 00190 { 00191 $this->DB->Query("UPDATE APUsers SET" 00192 ." LastLocation = '".addslashes($NewLocation)."'," 00193 ." LastActiveDate = NOW()," 00194 ." LastIPAddress = '".$_SERVER["REMOTE_ADDR"]."'" 00195 ." WHERE UserId = '".addslashes($this->UserId)."'"); 00196 if (isset($this->DBFields)) 00197 { 00198 $this->DBFields["LastLocation"] = $NewLocation; 00199 $this->DBFields["LastActiveDate"] = date("Y-m-d H:i:s"); 00200 } 00201 } 00202 return $this->Get("LastLocation"); 00203 } 00204 function LastActiveDate() 00205 { 00206 return $this->Get("LastActiveDate"); 00207 } 00208 function LastIPAddress() 00209 { 00210 return $this->Get("LastIPAddress"); 00211 } 00212 00213 # get value from specified field 00214 function Get($FieldName) 00215 { 00216 return $this->UpdateValue($FieldName); 00217 } 00218 00219 # get value (formatted as a date) from specified field 00220 function GetDate($FieldName, $Format = "") 00221 { 00222 # retrieve specified value from database 00223 if (strlen($Format) > 0) 00224 { 00225 $this->DB->Query("SELECT DATE_FORMAT(`".addslashes($FieldName)."`, '".addslashes($Format)."') AS `".addslashes($FieldName)."` FROM APUsers WHERE UserId='".$this->UserId."'"); 00226 } 00227 else 00228 { 00229 $this->DB->Query("SELECT `".addslashes($FieldName)."` FROM APUsers WHERE UserId='".$this->UserId."'"); 00230 } 00231 $Record = $this->DB->FetchRow(); 00232 00233 # return value to caller 00234 return $Record[$FieldName]; 00235 } 00236 00237 # set value in specified field 00238 function Set($FieldName, $NewValue) 00239 { 00240 $this->UpdateValue($FieldName, $NewValue); 00241 $this->Result = U_OKAY; 00242 return $this->Result; 00243 } 00244 00245 00246 # ---- Login Functions --------------------------------------------------- 00247 00248 function Login($UserName, $Password, $IgnorePassword = FALSE) 00249 { 00250 global $APUserId; 00251 00252 # error out if we are not part of a session 00253 if (!isset($this->Session)) 00254 { 00255 exit("ERROR: User->Login() called on object without session"); 00256 } 00257 00258 # if user not found in DB 00259 $this->DB->Query("SELECT * FROM APUsers" 00260 ." WHERE UserName = '" 00261 .addslashes($this->NormalizeUserName($UserName))."'"); 00262 if ($this->DB->NumRowsSelected() < 1) 00263 { 00264 # result is no user by that name 00265 $this->Result = U_NOSUCHUSER; 00266 } 00267 else 00268 { 00269 # grab password from DB 00270 $Record = $this->DB->FetchRow(); 00271 $StoredPassword = $Record["UserPassword"]; 00272 00273 # if supplied password matches encrypted password 00274 $EncryptedPassword = crypt($Password, $StoredPassword); 00275 if (($EncryptedPassword == $StoredPassword) || $IgnorePassword) 00276 { 00277 # result is success 00278 $this->Result = U_OKAY; 00279 00280 # store user ID for session 00281 $this->UserId = $Record["UserId"]; 00282 $APUserId = $this->UserId; 00283 $this->Session->RegisterVariable("APUserId"); 00284 00285 # update last login date 00286 $this->DB->Query("UPDATE APUsers SET LastLoginDate = NOW() " 00287 ."WHERE UserId = '".$this->UserId."'"); 00288 00289 # set flag to indicate we are logged in 00290 $this->LoggedIn = TRUE; 00291 } 00292 else 00293 { 00294 # result is bad password 00295 $this->Result = U_BADPASSWORD; 00296 } 00297 } 00298 00299 # return result to caller 00300 return $this->Result; 00301 } 00302 00303 # log this user out 00304 function Logout() 00305 { 00306 # if we are part of a session 00307 if (isset($this->Session)) 00308 { 00309 # clear user ID for session 00310 $this->Session->UnregisterVariable("APUserId"); 00311 } 00312 00313 # set flag to indicate user is no longer logged in 00314 $this->LoggedIn = FALSE; 00315 } 00316 00317 # report whether this user is or is not currently logged in 00318 function IsLoggedIn() { return $this->LoggedIn; } 00319 function IsNotLoggedIn() { return !$this->LoggedIn; } 00320 00321 00322 # ---- Password Functions ------------------------------------------------ 00323 00324 # set new password (with checks against old password) 00325 function ChangePassword($OldPassword, $NewPassword, $NewPasswordAgain) 00326 { 00327 # if we are part of a session make sure a user is logged in 00328 if (isset($this->Session) && ($this->IsLoggedIn() == FALSE)) 00329 { 00330 $this->Result = U_NOTLOGGEDIN; 00331 return $this->Result; 00332 } 00333 00334 # if old password is not correct 00335 $StoredPassword = $this->DB->Query("SELECT UserPassword FROM APUsers" 00336 ." WHERE UserId='".$this->UserId."'", "UserPassword"); 00337 $EncryptedPassword = crypt($OldPassword, $StoredPassword); 00338 if ($EncryptedPassword != $StoredPassword) 00339 { 00340 # set status to indicate error 00341 $this->Result = U_BADPASSWORD; 00342 } 00343 # else if new password is not legal 00344 elseif (!$this->IsValidPassword($NewPassword)) 00345 { 00346 # set status to indicate error 00347 $this->Result = U_ILLEGALPASSWORD; 00348 } 00349 # else if both instances of new password do not match 00350 elseif ($this->NormalizePassword($NewPassword) 00351 != $this->NormalizePassword($NewPasswordAgain)) 00352 { 00353 # set status to indicate error 00354 $this->Result = U_PASSWORDSDONTMATCH; 00355 } 00356 else 00357 { 00358 # set new password 00359 $this->SetPassword($NewPassword); 00360 00361 # set status to indicate password successfully changed 00362 $this->Result = U_OKAY; 00363 } 00364 00365 # report to caller that everything succeeded 00366 return $this->Result; 00367 } 00368 00369 # set new password 00370 function SetPassword($NewPassword) 00371 { 00372 # generate encrypted password 00373 $EncryptedPassword = crypt($this->NormalizePassword($NewPassword)); 00374 00375 # save encrypted password 00376 $this->UpdateValue("UserPassword", $EncryptedPassword); 00377 } 00378 00379 function CreateNewUserWithEMailedPassword( 00380 $UserName, $EMail, $EMailAgain, 00381 $TemplateFile = "Axis--User--EMailTemplate.txt") 00382 { 00383 return CreateNewUserAndMailPasswordFromFile( 00384 $UserName, $EMail, $EMailAgain, $TemplateFile); 00385 } 00386 00387 function CreateNewUserAndMailPasswordFromFile( 00388 $UserName, $EMail, $EMailAgain, 00389 $TemplateFile = "Axis--User--EMailTemplate.txt") 00390 { 00391 # load e-mail template from file (first line is subject) 00392 $Template = file($TemplateFile, 1); 00393 $EMailSubject = array_shift($Template); 00394 $EMailBody = join("", $Template); 00395 00396 return CreateNewUserAndMailPassword( 00397 $UserName, $EMail, $EMailAgain, $EMailSubject, $EMailBody); 00398 } 00399 00400 function CreateNewUserAndMailPassword( 00401 $UserName, $EMail, $EMailAgain, $EMailSubject, $EMailBody) 00402 { 00403 # make sure e-mail addresses match 00404 if ($EMail != $EMailAgain) 00405 { 00406 $this->Result = U_EMAILSDONTMATCH; 00407 return $this->Result; 00408 } 00409 00410 # make sure e-mail address looks valid 00411 if ($this->IsValidLookingEMailAddress($EMail) == FALSE) 00412 { 00413 $this->Result = U_ILLEGALEMAIL; 00414 return $this->Result; 00415 } 00416 00417 # generate random password 00418 $Password = $this->GetRandomPassword(); 00419 00420 # attempt to create new user with password 00421 $Result = $this->CreateNewUser($UserName, $Password, $Password); 00422 00423 # if user creation failed 00424 if ($Result != U_OKAY) 00425 { 00426 # report error result to caller 00427 return $Result; 00428 } 00429 # else 00430 else 00431 { 00432 # set e-mail address in user record 00433 $this->Set("EMail", $EMail); 00434 00435 # plug appropriate values into subject and body of e-mail message 00436 $EMailSubject = str_replace("X-USERNAME-X", $UserName, $EMailSubject); 00437 $EMailBody = str_replace("X-USERNAME-X", $UserName, $EMailBody); 00438 $EMailBody = str_replace("X-PASSWORD-X", $Password, $EMailBody); 00439 00440 # send out e-mail message with new account info 00441 $Result = mail($EMail, $EMailSubject, $EMailBody); 00442 00443 # if mailing attempt failed 00444 if ($Result != TRUE) 00445 { 00446 # report error to caller 00447 $this->Result = U_MAILINGERROR; 00448 return $this->Result; 00449 } 00450 # else 00451 else 00452 { 00453 # report success to caller 00454 $this->Result = U_OKAY; 00455 return $this->Result; 00456 } 00457 } 00458 } 00459 00460 # get code for user to submit to confirm registration 00461 function GetActivationCode() 00462 { 00463 # code is MD5 sum based on user name and encrypted password 00464 $ActivationCodeLength = 6; 00465 return $this->GetUniqueCode("Activation", $ActivationCodeLength); 00466 } 00467 00468 # check whether confirmation code is valid 00469 function IsActivationCodeGood($Code) 00470 { 00471 return (strtoupper(trim($Code)) == $this->GetActivationCode()) 00472 ? TRUE : FALSE; 00473 } 00474 00475 # get/set whether user registration has been confirmed 00476 function IsActivated($NewValue = DB_NOVALUE) 00477 { 00478 return $this->UpdateValue("RegistrationConfirmed", $NewValue); 00479 } 00480 00481 # get code for user to submit to confirm password reset 00482 function GetResetCode() 00483 { 00484 # code is MD5 sum based on user name and encrypted password 00485 $ResetCodeLength = 10; 00486 return $this->GetUniqueCode("Reset", $ResetCodeLength); 00487 } 00488 00489 # check whether password reset code is valid 00490 function IsResetCodeGood($Code) 00491 { 00492 return (strtoupper(trim($Code)) == $this->GetResetCode()) 00493 ? TRUE : FALSE; 00494 } 00495 00496 # send e-mail to user (returns TRUE on success) 00497 function SendEMail( 00498 $TemplateTextOrFileName, $FromAddress = NULL, $MoreSubstitutions = NULL) 00499 { 00500 # if template is file name 00501 if (@is_file($TemplateTextOrFileName)) 00502 { 00503 # load in template from file 00504 $Template = file($TemplateTextOrFileName, 1); 00505 00506 # report error to caller if template load failed 00507 if ($Template == FALSE) 00508 { 00509 $this->Status = U_TEMPLATENOTFOUND; 00510 return $this->Status; 00511 } 00512 00513 # join into one text block 00514 $TemplateTextOrFileName = join("", $Template); 00515 } 00516 00517 # split template into lines 00518 $Template = explode("\n", $TemplateTextOrFileName); 00519 00520 # strip any comments out of template 00521 $FilteredTemplate = array(); 00522 foreach ($Template as $Line) 00523 { 00524 if (!preg_match("/^[\\s]*#/", $Line)) 00525 { 00526 $FilteredTemplate[] = $Line; 00527 } 00528 } 00529 00530 # split subject line out of template (first non-comment line in file) 00531 $EMailSubject = array_shift($FilteredTemplate); 00532 $EMailBody = join("\n", $FilteredTemplate); 00533 00534 # set up our substitutions 00535 $Substitutions = array( 00536 "X-USERNAME-X" => $this->Get("UserName"), 00537 "X-EMAILADDRESS-X" => $this->Get("EMail"), 00538 "X-ACTIVATIONCODE-X" => $this->GetActivationCode(), 00539 "X-RESETCODE-X" => $this->GetResetCode(), 00540 "X-IPADDRESS-X" => @$_SERVER["REMOTE_ADDR"], 00541 ); 00542 00543 # if caller provided additional substitutions 00544 if (is_array($MoreSubstitutions)) 00545 { 00546 # add in entries from caller to substitution list 00547 $Substitutions = array_merge( 00548 $Substitutions, $MoreSubstitutions); 00549 } 00550 00551 # perform substitutions on subject and body of message 00552 $EMailSubject = str_replace(array_keys($Substitutions), 00553 array_values($Substitutions), $EMailSubject); 00554 $EMailBody = str_replace(array_keys($Substitutions), 00555 array_values($Substitutions), $EMailBody); 00556 00557 # if caller provided "From" address 00558 if ($FromAddress) 00559 { 00560 # prepend "From" address onto message 00561 $AdditionalHeaders = "From: ".$FromAddress; 00562 } 00563 00564 # send out mail message 00565 if (isset($AdditionalHeaders)) 00566 { 00567 $Result = mail($this->Get("EMail"), $EMailSubject, 00568 $EMailBody, $AdditionalHeaders); 00569 } 00570 else 00571 { 00572 $Result = mail($this->Get("EMail"), $EMailSubject, $EMailBody); 00573 } 00574 00575 # report result of mailing attempt to caller 00576 $this->Status = ($Result == TRUE) ? U_OKAY : U_MAILINGERROR; 00577 return ($this->Status == U_OKAY); 00578 } 00579 00580 00581 # ---- Privilege Functions ----------------------------------------------- 00582 00583 function HasPriv($Privilege, $Privilege2 = NULL, $Privilege3 = NULL, 00584 $Privilege4 = NULL, $Privilege5 = NULL, $Privilege6 = NULL) 00585 { 00586 # make sure a user is logged in (no privileges if not logged in) 00587 if ($this->IsLoggedIn() == FALSE) { return FALSE; } 00588 00589 # build database query to check privileges 00590 $Query = "SELECT COUNT(*) AS PrivCount FROM APUserPrivileges " 00591 ."WHERE UserId='".$this->UserId."'" 00592 ." AND (Privilege='".$Privilege."'"; 00593 if ($Privilege2 != NULL) 00594 { $Query .= " OR Privilege='".$Privilege2."'"; } 00595 if ($Privilege3 != NULL) 00596 { $Query .= " OR Privilege='".$Privilege3."'"; } 00597 if ($Privilege4 != NULL) 00598 { $Query .= " OR Privilege='".$Privilege4."'"; } 00599 if ($Privilege5 != NULL) 00600 { $Query .= " OR Privilege='".$Privilege5."'"; } 00601 if ($Privilege6 != NULL) 00602 { $Query .= " OR Privilege='".$Privilege6."'"; } 00603 $Query .= ")"; 00604 00605 # look for privilege in database 00606 $PrivCount = $this->DB->Query($Query, "PrivCount"); 00607 00608 # return value to caller 00609 return ($PrivCount > 0) ? TRUE : FALSE; 00610 } 00611 00612 function GrantPriv($Privilege) 00613 { 00614 # if privilege value is invalid 00615 if (intval($Privilege) != trim($Privilege)) 00616 { 00617 # set code to indicate error 00618 $this->Result = U_ERROR; 00619 } 00620 else 00621 { 00622 # if user does not already have privilege 00623 $PrivCount = $this->DB->Query("SELECT COUNT(*) AS PrivCount" 00624 ." FROM APUserPrivileges" 00625 ." WHERE UserId='".$this->UserId."'" 00626 ." AND Privilege='".$Privilege."'", 00627 "PrivCount"); 00628 if ($PrivCount == 0) 00629 { 00630 # add privilege for this user to database 00631 $this->DB->Query("INSERT INTO APUserPrivileges" 00632 ." (UserId, Privilege) VALUES" 00633 ." ('".$this->UserId."', ".$Privilege.")"); 00634 } 00635 00636 # set code to indicate success 00637 $this->Result = U_OKAY; 00638 } 00639 00640 # report result to caller 00641 return $this->Result; 00642 } 00643 00644 function RevokePriv($Privilege) 00645 { 00646 # remove privilege from database (if present) 00647 $this->DB->Query("DELETE FROM APUserPrivileges" 00648 ." WHERE UserId = '".$this->UserId."'" 00649 ." AND Privilege = '".$Privilege."'"); 00650 00651 # report success to caller 00652 $this->Result = U_OKAY; 00653 return $this->Result; 00654 } 00655 00656 function GetPrivList() 00657 { 00658 # read privileges from database and return array to caller 00659 $this->DB->Query("SELECT Privilege FROM APUserPrivileges" 00660 ." WHERE UserId='".$this->UserId."'"); 00661 return $this->DB->FetchColumn("Privilege"); 00662 } 00663 00664 function SetPrivList($NewPrivileges) 00665 { 00666 # clear old priv list values 00667 $this->DB->Query("DELETE FROM APUserPrivileges" 00668 ." WHERE UserId='".$this->UserId."'"); 00669 00670 # for each priv value passed in 00671 foreach ($NewPrivileges as $Privilege) 00672 { 00673 # set priv for user 00674 $this->GrantPriv($Privilege); 00675 } 00676 } 00677 00678 00679 # ---- Miscellaneous Functions ------------------------------------------- 00680 00681 # get unique alphanumeric code for user 00682 function GetUniqueCode($SeedString, $CodeLength) 00683 { 00684 return substr(strtoupper(md5( 00685 $this->Get("UserName").$this->Get("UserPassword").$SeedString)), 00686 0, $CodeLength); 00687 } 00688 00689 00690 # ---- PRIVATE INTERFACE ------------------------------------------------- 00691 00692 var $DB; # handle to SQL database we use to store user information 00693 var $Session; # session to use in storing persistent information 00694 var $UserId; # user ID number for reference into database 00695 var $Result; # result of last operation 00696 var $LoggedIn; # flag indicating whether user is logged in 00697 var $DBFields; # used for caching user values 00698 00699 # check whether a user name is valid (alphanumeric string of 2-24 chars) 00700 function IsValidUserName($UserName) 00701 { 00702 if (preg_match("/^[a-zA-Z0-9]{2,24}$/", $UserName)) { return TRUE; } else { return FALSE; } 00703 } 00704 00705 # check whether a password is valid (at least 6 characters) 00706 function IsValidPassword($Password) 00707 { 00708 if (strlen(User::NormalizePassword($Password)) < 6) 00709 { return FALSE; } else { return TRUE; } 00710 } 00711 00712 # check whether an e-mail address looks valid 00713 function IsValidLookingEMailAddress($EMail) 00714 { 00715 if (preg_match("/^[a-zA-Z0-9._\-]+@[a-zA-Z0-9._\-]+\.[a-zA-Z]{2,3}$/", $EMail)) { return TRUE; } else { return FALSE; } 00716 } 00717 00718 # get normalized version of e-mail address 00719 # (may be called statically) 00720 function NormalizeEMailAddress($EMailAddress) 00721 { 00722 return strtolower(trim($EMailAddress)); 00723 } 00724 00725 # get normalized version of user name 00726 # (may be called statically) 00727 function NormalizeUserName($UserName) 00728 { 00729 return trim($UserName); 00730 } 00731 00732 # get normalized version of password 00733 # (may be called statically) 00734 function NormalizePassword($Password) 00735 { 00736 return trim($Password); 00737 } 00738 00739 # generate random password 00740 # generate random password 00741 function GetRandomPassword($PasswordMinLength = 6, $PasswordMaxLength = 8) 00742 { 00743 # seed random number generator 00744 mt_srand((double)microtime() * 1000000); 00745 00746 # generate password of requested length 00747 return sprintf("%06d", mt_rand(pow(10, ($PasswordMinLength - 1)), 00748 (pow(10, $PasswordMaxLength) - 1))); 00749 } 00750 00751 # convenience function to supply parameters to Database->UpdateValue() 00752 function UpdateValue($FieldName, $NewValue = DB_NOVALUE) 00753 { 00754 return $this->DB->UpdateValue("APUsers", $FieldName, $NewValue, 00755 "UserId = '".$this->UserId."'", $this->DBFields); 00756 } 00757 00758 # methods for backward compatibility with earlier versions of User 00759 function GivePriv($Privilege) { $this->GrantPriv($Privilege); } 00760 }; 00761 00762 00763 ?>