Search:

CWIS Developers Documentation

  • Main Page
  • Classes
  • Files
  • File List
  • File Members

Axis--User.php

Go to the documentation of this file.
00001 <?PHP
00002 
00003 #
00004 #   Axis--User.php
00005 #   An Object for Handling User Information
00006 #
00007 #   Copyright 1999-2001 Axis Data
00008 #   This code is free software that can be used or redistributed under the
00009 #   terms of Version 2 of the GNU General Public License, as published by the
00010 #   Free Software Foundation (http://www.fsf.org).
00011 #
00012 #   Author:  Edward Almasy (almasy@axisdata.com)
00013 #
00014 #   Part of the AxisPHP library v1.2.4
00015 #   For more information see http://www.axisdata.com/AxisPHP/
00016 #
00017 
00018 # status values (error codes)
00019 define("U_OKAY",                0);
00020 define("U_ERROR",               1);
00021 define("U_BADPASSWORD",         2);
00022 define("U_NOSUCHUSER",          3);
00023 define("U_PASSWORDSDONTMATCH",  4);
00024 define("U_EMAILSDONTMATCH",     5);
00025 define("U_DUPLICATEUSERNAME",   6);
00026 define("U_ILLEGALUSERNAME",     7);
00027 define("U_EMPTYUSERNAME",       8);
00028 define("U_ILLEGALPASSWORD",     9);
00029 define("U_ILLEGALPASSWORDAGAIN",10);
00030 define("U_EMPTYPASSWORD",       11);
00031 define("U_EMPTYPASSWORDAGAIN",  12);
00032 define("U_ILLEGALEMAIL",        13);
00033 define("U_ILLEGALEMAILAGAIN",   14);
00034 define("U_EMPTYEMAIL",          15);
00035 define("U_EMPTYEMAILAGAIN",     16);
00036 define("U_NOTLOGGEDIN",         17);
00037 define("U_MAILINGERROR",        18);
00038 define("U_TEMPLATENOTFOUND",    19);
00039 define("U_DUPLICATEEMAIL",      20);
00040 
00041 
00042 class User {
00043 
00044     # ---- PUBLIC INTERFACE --------------------------------------------------
00045 
00046     function User(&$SessionOrDb, $UserInfo=NULL)
00047     {
00048         # assume constructor will succeed and user is not logged in
00049         $this->Result = U_OKAY;
00050         $this->LoggedIn = FALSE;
00051 
00052         # if a session was passed in
00053         if (is_object($SessionOrDb) && method_exists($SessionOrDb, "Session"))
00054         {
00055             # save pointer to session
00056             $this->Session =& $SessionOrDb;
00057 
00058             # swipe database handle from session
00059             $this->DB =& $this->Session->DB;
00060 
00061             # if user ID is available from session
00062             if ($this->Session->Get("APUserId") !== NULL)
00063             {
00064                 # save user ID
00065                 $this->UserId = $this->Session->Get("APUserId");
00066 
00067                 # set flag indicating user is currently logged in
00068                 $this->LoggedIn = TRUE;
00069             }
00070         }
00071         # else if database handle was passed in
00072         elseif (is_object($SessionOrDb) 
00073                 && method_exists($SessionOrDb, "Database"))
00074         {
00075             # save database handle
00076             $this->DB =& $SessionOrDb;
00077 
00078             # if user ID was passed in
00079             if (is_int($UserInfo))
00080             {
00081                 # save user ID
00082                 $this->UserId = $UserInfo;
00083             }
00084             # else if user name was passed in
00085             elseif (is_string($UserInfo))
00086             {
00087                 # look up user ID in database
00088                 $this->DB->Query("SELECT UserId FROM APUsers"
00089                         ." WHERE UserName='".addslashes($UserInfo)."'");
00090 
00091                 # if user ID was found
00092                 if ($this->DB->NumRowsSelected() > 0)
00093                 {
00094                     $this->UserId = $this->DB->FetchField("UserId");
00095                 }
00096                 else
00097                 {
00098                     # if name looks like it could actually be a user ID
00099                     if (preg_match("/^[0-9-]$/", $UserInfo))
00100                     {
00101                         # assume name was user ID
00102                         $this->UserId = $UserInfo;
00103                     }
00104                     else
00105                     {
00106                         # set code indicating no user found
00107                         $this->Result = U_NOSUCHUSER;
00108                     }
00109                 }
00110             }
00111         }
00112         else
00113         {
00114             # error out
00115             $this->Result = U_ERROR;
00116             exit("ERROR: User object creation attempted without DB or session");
00117         }
00118     }
00119 
00120     function Status()
00121     {
00122         return $this->Result;
00123     }
00124 
00125     # return text message corresponding to current (or specified) status code
00126     function StatusMessage($StatusCode = NULL)
00127     {
00128         $APUserStatusMessages = array(
00129                 U_OKAY                => "The operation was successful.",
00130                 U_ERROR               => "There has been an error.",
00131                 U_BADPASSWORD         => "The password you entered was"
00132                                             ." incorrect.",
00133                 U_NOSUCHUSER          => "No such user name was found.",
00134                 U_PASSWORDSDONTMATCH  => "The new passwords you entered do"
00135                                             ." not match.",
00136                 U_EMAILSDONTMATCH     => "The e-mail addresses you entered"
00137                                             ." do not match.",
00138                 U_DUPLICATEUSERNAME   => "The user name you requested is"
00139                                             ." already in use.",
00140                 U_ILLEGALUSERNAME     => "The user name you requested is too"
00141                                             ." short, too long, or contains"
00142                                             ." illegal characters.",
00143                 U_ILLEGALPASSWORD     => "The new password you requested is"
00144                                             ." too short, too long, or"
00145                                             ." contains illegal characters.",
00146                 U_ILLEGALEMAIL        => "The e-mail address you entered"
00147                                             ." appears to be invalid.",
00148                 U_NOTLOGGEDIN         => "The user is not logged in.",
00149                 U_MAILINGERROR        => "An error occurred while attempting"
00150                                             ." to send e-mail.  Please notify"
00151                                             ." the system administrator.",
00152                 U_TEMPLATENOTFOUND    => "An error occurred while attempting"
00153                                             ." to generate e-mail.  Please"
00154                                             ." notify the system administrator.",
00155                 U_DUPLICATEEMAIL      => "The e-mail address you supplied already"
00156                                             ." has an account associated with it.",
00157                 );
00158 
00159         return ($StatusCode === NULL) ? $APUserStatusMessages[$this->Result]
00160                 : $APUserStatusMessages[$StatusCode];
00161     }
00162 
00163     function Delete()
00164     {
00165         # clear priv list values
00166         $this->DB->Query("DELETE FROM APUserPrivileges WHERE UserId = '".$this->UserId."'");
00167 
00168         # delete user record from database
00169         $this->DB->Query("DELETE FROM APUsers WHERE UserId = '".$this->UserId."'");
00170 
00171         # report to caller that everything succeeded
00172         $this->Result = U_OKAY;
00173         return $this->Result;
00174     }
00175 
00176 
00177     # ---- Getting/Setting Values --------------------------------------------
00178 
00179     function Id()
00180     {
00181         return $this->UserId;
00182     }
00183     function Name()
00184     {
00185         return $this->Get("UserName");
00186     }
00187     function LastLocation($NewLocation = NULL)
00188     {
00189         if ($NewLocation)
00190         {
00191             $this->DB->Query("UPDATE APUsers SET"
00192                     ." LastLocation = '".addslashes($NewLocation)."',"
00193                     ." LastActiveDate = NOW(),"
00194                     ." LastIPAddress = '".$_SERVER["REMOTE_ADDR"]."'"
00195                     ." WHERE UserId = '".addslashes($this->UserId)."'");
00196             if (isset($this->DBFields))
00197             {
00198                 $this->DBFields["LastLocation"] = $NewLocation;
00199                 $this->DBFields["LastActiveDate"] = date("Y-m-d H:i:s");
00200             }
00201         }
00202         return $this->Get("LastLocation");
00203     }
00204     function LastActiveDate()
00205     {
00206         return $this->Get("LastActiveDate");
00207     }
00208     function LastIPAddress()
00209     {
00210         return $this->Get("LastIPAddress");
00211     }
00212 
00213     # get value from specified field
00214     function Get($FieldName)
00215     {
00216         return $this->UpdateValue($FieldName);
00217     }
00218 
00219     # get value (formatted as a date) from specified field
00220     function GetDate($FieldName, $Format = "")
00221     {
00222         # retrieve specified value from database
00223         if (strlen($Format) > 0)
00224         {
00225             $this->DB->Query("SELECT DATE_FORMAT(`".addslashes($FieldName)."`, '".addslashes($Format)."') AS `".addslashes($FieldName)."` FROM APUsers WHERE UserId='".$this->UserId."'");
00226         }
00227         else
00228         {
00229             $this->DB->Query("SELECT `".addslashes($FieldName)."` FROM APUsers WHERE UserId='".$this->UserId."'");
00230         }
00231         $Record = $this->DB->FetchRow();
00232 
00233         # return value to caller
00234         return $Record[$FieldName];
00235     }
00236 
00237     # set value in specified field
00238     function Set($FieldName, $NewValue)
00239     {
00240         $this->UpdateValue($FieldName, $NewValue);
00241         $this->Result = U_OKAY;
00242         return $this->Result;
00243     }
00244 
00245 
00246     # ---- Login Functions ---------------------------------------------------
00247 
00248     function Login($UserName, $Password, $IgnorePassword = FALSE)
00249     {
00250         global $APUserId;
00251 
00252         # error out if we are not part of a session
00253         if (!isset($this->Session))
00254         {
00255             exit("ERROR: User->Login() called on object without session");
00256         }
00257 
00258         # if user not found in DB
00259         $this->DB->Query("SELECT * FROM APUsers"
00260                 ." WHERE UserName = '"
00261                         .addslashes($this->NormalizeUserName($UserName))."'");
00262         if ($this->DB->NumRowsSelected() < 1)
00263         {
00264             # result is no user by that name
00265             $this->Result = U_NOSUCHUSER;
00266         }
00267         else
00268         {
00269             # grab password from DB
00270             $Record = $this->DB->FetchRow();
00271             $StoredPassword = $Record["UserPassword"];
00272 
00273             # if supplied password matches encrypted password
00274             $EncryptedPassword = crypt($Password, $StoredPassword);
00275             if (($EncryptedPassword == $StoredPassword) || $IgnorePassword)
00276             {
00277                 # result is success
00278                 $this->Result = U_OKAY;
00279 
00280                 # store user ID for session
00281                 $this->UserId = $Record["UserId"];
00282                 $APUserId = $this->UserId;
00283                 $this->Session->RegisterVariable("APUserId");
00284 
00285                 # update last login date
00286                 $this->DB->Query("UPDATE APUsers SET LastLoginDate = NOW() "
00287                         ."WHERE UserId = '".$this->UserId."'");
00288 
00289                 # set flag to indicate we are logged in
00290                 $this->LoggedIn = TRUE;
00291             }
00292             else
00293             {
00294                 # result is bad password
00295                 $this->Result = U_BADPASSWORD;
00296             }
00297         }
00298 
00299         # return result to caller
00300         return $this->Result;
00301     }
00302 
00303     # log this user out
00304     function Logout()
00305     {
00306         # if we are part of a session
00307         if (isset($this->Session))
00308         {
00309             # clear user ID for session
00310             $this->Session->UnregisterVariable("APUserId");
00311         }
00312 
00313         # set flag to indicate user is no longer logged in
00314         $this->LoggedIn = FALSE;
00315     }
00316 
00317     # report whether this user is or is not currently logged in
00318     function IsLoggedIn() {  return $this->LoggedIn;  }
00319     function IsNotLoggedIn() {  return !$this->LoggedIn;  }
00320 
00321 
00322     # ---- Password Functions ------------------------------------------------
00323  
00324     # set new password (with checks against old password)
00325     function ChangePassword($OldPassword, $NewPassword, $NewPasswordAgain)
00326     {
00327         # if we are part of a session make sure a user is logged in
00328         if (isset($this->Session) && ($this->IsLoggedIn() == FALSE)) 
00329         {  
00330             $this->Result = U_NOTLOGGEDIN;  
00331             return $this->Result;
00332         }
00333 
00334         # if old password is not correct
00335         $StoredPassword = $this->DB->Query("SELECT UserPassword FROM APUsers"
00336                 ." WHERE UserId='".$this->UserId."'", "UserPassword");
00337         $EncryptedPassword = crypt($OldPassword, $StoredPassword);
00338         if ($EncryptedPassword != $StoredPassword) 
00339         {  
00340             # set status to indicate error
00341             $this->Result = U_BADPASSWORD;
00342         }
00343         # else if new password is not legal
00344         elseif (!$this->IsValidPassword($NewPassword)) 
00345         {  
00346             # set status to indicate error
00347             $this->Result = U_ILLEGALPASSWORD;
00348         }
00349         # else if both instances of new password do not match
00350         elseif ($this->NormalizePassword($NewPassword) 
00351                 != $this->NormalizePassword($NewPasswordAgain))
00352         {  
00353             # set status to indicate error
00354             $this->Result = U_PASSWORDSDONTMATCH;
00355         }
00356         else
00357         {
00358             # set new password
00359             $this->SetPassword($NewPassword);
00360 
00361             # set status to indicate password successfully changed
00362             $this->Result = U_OKAY;
00363         }
00364 
00365         # report to caller that everything succeeded
00366         return $this->Result;
00367     }
00368 
00369     # set new password
00370     function SetPassword($NewPassword)
00371     {
00372         # generate encrypted password
00373         $EncryptedPassword = crypt($this->NormalizePassword($NewPassword));
00374 
00375         # save encrypted password
00376         $this->UpdateValue("UserPassword", $EncryptedPassword);
00377     }
00378 
00379     function CreateNewUserWithEMailedPassword(
00380             $UserName, $EMail, $EMailAgain, 
00381             $TemplateFile = "Axis--User--EMailTemplate.txt")
00382     {
00383         return CreateNewUserAndMailPasswordFromFile(
00384                 $UserName, $EMail, $EMailAgain, $TemplateFile);
00385     }
00386 
00387     function CreateNewUserAndMailPasswordFromFile(
00388             $UserName, $EMail, $EMailAgain, 
00389             $TemplateFile = "Axis--User--EMailTemplate.txt")
00390     {
00391         # load e-mail template from file (first line is subject)
00392         $Template = file($TemplateFile, 1);
00393         $EMailSubject = array_shift($Template);
00394         $EMailBody = join("", $Template);
00395 
00396         return CreateNewUserAndMailPassword(
00397                 $UserName, $EMail, $EMailAgain, $EMailSubject, $EMailBody);
00398     }
00399 
00400     function CreateNewUserAndMailPassword(
00401             $UserName, $EMail, $EMailAgain, $EMailSubject, $EMailBody)
00402     {
00403         # make sure e-mail addresses match
00404         if ($EMail != $EMailAgain) 
00405         {  
00406             $this->Result = U_EMAILSDONTMATCH;
00407             return $this->Result;  
00408         }
00409 
00410         # make sure e-mail address looks valid
00411         if ($this->IsValidLookingEMailAddress($EMail) == FALSE) 
00412         {  
00413             $this->Result = U_ILLEGALEMAIL;
00414             return $this->Result;  
00415         }
00416 
00417         # generate random password
00418         $Password = $this->GetRandomPassword();
00419 
00420         # attempt to create new user with password
00421         $Result = $this->CreateNewUser($UserName, $Password, $Password);
00422 
00423         # if user creation failed
00424         if ($Result != U_OKAY)
00425         {
00426             # report error result to caller
00427             return $Result;
00428         }
00429         # else
00430         else
00431         {
00432             # set e-mail address in user record
00433             $this->Set("EMail", $EMail);
00434 
00435             # plug appropriate values into subject and body of e-mail message
00436             $EMailSubject = str_replace("X-USERNAME-X", $UserName, $EMailSubject);
00437             $EMailBody = str_replace("X-USERNAME-X", $UserName, $EMailBody);
00438             $EMailBody = str_replace("X-PASSWORD-X", $Password, $EMailBody);
00439 
00440             # send out e-mail message with new account info
00441             $Result = mail($EMail, $EMailSubject, $EMailBody);
00442 
00443             # if mailing attempt failed
00444             if ($Result != TRUE)
00445             {
00446                 # report error to caller
00447                 $this->Result = U_MAILINGERROR;
00448                 return $this->Result;
00449             }
00450             # else
00451             else
00452             {
00453                 # report success to caller
00454                 $this->Result = U_OKAY;
00455                 return $this->Result;
00456             }
00457         }
00458     }
00459 
00460     # get code for user to submit to confirm registration
00461     function GetActivationCode()
00462     {
00463         # code is MD5 sum based on user name and encrypted password
00464         $ActivationCodeLength = 6;
00465         return $this->GetUniqueCode("Activation", $ActivationCodeLength);
00466     }
00467 
00468     # check whether confirmation code is valid
00469     function IsActivationCodeGood($Code)
00470     {
00471         return (strtoupper(trim($Code)) == $this->GetActivationCode())
00472                 ? TRUE : FALSE;
00473     }
00474 
00475     # get/set whether user registration has been confirmed
00476     function IsActivated($NewValue = DB_NOVALUE)
00477     {
00478         return $this->UpdateValue("RegistrationConfirmed", $NewValue);
00479     }
00480 
00481     # get code for user to submit to confirm password reset
00482     function GetResetCode()
00483     {
00484         # code is MD5 sum based on user name and encrypted password
00485         $ResetCodeLength = 10;
00486         return $this->GetUniqueCode("Reset", $ResetCodeLength);
00487     }
00488 
00489     # check whether password reset code is valid
00490     function IsResetCodeGood($Code)
00491     {
00492         return (strtoupper(trim($Code)) == $this->GetResetCode())
00493                 ? TRUE : FALSE;
00494     }
00495 
00496     # send e-mail to user (returns TRUE on success)
00497     function SendEMail(
00498             $TemplateTextOrFileName, $FromAddress = NULL, $MoreSubstitutions = NULL)
00499     {
00500         # if template is file name
00501         if (@is_file($TemplateTextOrFileName))
00502         {
00503             # load in template from file
00504             $Template = file($TemplateTextOrFileName, 1);
00505 
00506             # report error to caller if template load failed
00507             if ($Template == FALSE)
00508             {
00509                 $this->Status = U_TEMPLATENOTFOUND;
00510                 return $this->Status;
00511             }
00512 
00513             # join into one text block
00514             $TemplateTextOrFileName = join("", $Template);
00515         }
00516 
00517         # split template into lines
00518         $Template = explode("\n", $TemplateTextOrFileName);
00519 
00520         # strip any comments out of template
00521         $FilteredTemplate = array();
00522         foreach ($Template as $Line)
00523         {
00524             if (!preg_match("/^[\\s]*#/", $Line))
00525             {
00526                 $FilteredTemplate[] = $Line;
00527             }
00528         }
00529 
00530         # split subject line out of template (first non-comment line in file)
00531         $EMailSubject = array_shift($FilteredTemplate);
00532         $EMailBody = join("\n", $FilteredTemplate);
00533 
00534         # set up our substitutions
00535         $Substitutions = array(
00536                 "X-USERNAME-X" => $this->Get("UserName"),
00537                 "X-EMAILADDRESS-X" => $this->Get("EMail"),
00538                 "X-ACTIVATIONCODE-X" => $this->GetActivationCode(),
00539                 "X-RESETCODE-X" => $this->GetResetCode(),
00540                 "X-IPADDRESS-X" => @$_SERVER["REMOTE_ADDR"],
00541                 );
00542 
00543         # if caller provided additional substitutions
00544         if (is_array($MoreSubstitutions))
00545         {
00546             # add in entries from caller to substitution list
00547             $Substitutions = array_merge(
00548                     $Substitutions, $MoreSubstitutions);
00549         }
00550 
00551         # perform substitutions on subject and body of message
00552         $EMailSubject = str_replace(array_keys($Substitutions), 
00553                 array_values($Substitutions), $EMailSubject);
00554         $EMailBody = str_replace(array_keys($Substitutions), 
00555                 array_values($Substitutions), $EMailBody);
00556 
00557         # if caller provided "From" address
00558         if ($FromAddress)
00559         {
00560             # prepend "From" address onto message
00561             $AdditionalHeaders = "From: ".$FromAddress;
00562         }
00563 
00564         # send out mail message
00565         if (isset($AdditionalHeaders))
00566         {
00567             $Result = mail($this->Get("EMail"), $EMailSubject, 
00568                     $EMailBody, $AdditionalHeaders);
00569         }
00570         else
00571         {
00572             $Result = mail($this->Get("EMail"), $EMailSubject, $EMailBody);
00573         }
00574 
00575         # report result of mailing attempt to caller
00576         $this->Status = ($Result == TRUE) ? U_OKAY : U_MAILINGERROR;
00577         return ($this->Status == U_OKAY);
00578     }
00579 
00580 
00581     # ---- Privilege Functions -----------------------------------------------
00582 
00583     function HasPriv($Privilege, $Privilege2 = NULL, $Privilege3 = NULL, 
00584             $Privilege4 = NULL, $Privilege5 = NULL, $Privilege6 = NULL)
00585     {
00586         # make sure a user is logged in (no privileges if not logged in)
00587         if ($this->IsLoggedIn() == FALSE) {  return FALSE;  }
00588 
00589         # build database query to check privileges
00590         $Query = "SELECT COUNT(*) AS PrivCount FROM APUserPrivileges "
00591                         ."WHERE UserId='".$this->UserId."'"
00592                             ." AND (Privilege='".$Privilege."'";
00593         if ($Privilege2 != NULL)
00594                 { $Query .= " OR Privilege='".$Privilege2."'";  }
00595         if ($Privilege3 != NULL)
00596                 {  $Query .= " OR Privilege='".$Privilege3."'";  }
00597         if ($Privilege4 != NULL)
00598                 {  $Query .= " OR Privilege='".$Privilege4."'";  }
00599         if ($Privilege5 != NULL)
00600                 {  $Query .= " OR Privilege='".$Privilege5."'";  }
00601         if ($Privilege6 != NULL)
00602                 {  $Query .= " OR Privilege='".$Privilege6."'";  }
00603         $Query .= ")";
00604 
00605         # look for privilege in database
00606         $PrivCount = $this->DB->Query($Query, "PrivCount");
00607 
00608         # return value to caller
00609         return ($PrivCount > 0) ? TRUE : FALSE;
00610     }
00611 
00612     function GrantPriv($Privilege)
00613     {
00614         # if privilege value is invalid
00615         if (intval($Privilege) != trim($Privilege))
00616         {
00617             # set code to indicate error
00618             $this->Result = U_ERROR;
00619         }
00620         else
00621         {
00622             # if user does not already have privilege
00623             $PrivCount = $this->DB->Query("SELECT COUNT(*) AS PrivCount"
00624                     ." FROM APUserPrivileges"
00625                     ." WHERE UserId='".$this->UserId."'"
00626                     ." AND Privilege='".$Privilege."'",
00627                     "PrivCount");
00628             if ($PrivCount == 0)
00629             {
00630                 # add privilege for this user to database
00631                 $this->DB->Query("INSERT INTO APUserPrivileges"
00632                         ." (UserId, Privilege) VALUES"
00633                         ." ('".$this->UserId."', ".$Privilege.")");
00634             }
00635 
00636             # set code to indicate success
00637             $this->Result = U_OKAY;
00638         }
00639 
00640         # report result to caller
00641         return $this->Result;
00642     }
00643 
00644     function RevokePriv($Privilege)
00645     {
00646         # remove privilege from database (if present)
00647         $this->DB->Query("DELETE FROM APUserPrivileges"
00648                          ." WHERE UserId = '".$this->UserId."'"
00649                          ." AND Privilege = '".$Privilege."'");
00650 
00651         # report success to caller
00652         $this->Result = U_OKAY;
00653         return $this->Result;
00654     }
00655 
00656     function GetPrivList()
00657     {
00658         # read privileges from database and return array to caller
00659         $this->DB->Query("SELECT Privilege FROM APUserPrivileges"
00660                 ." WHERE UserId='".$this->UserId."'");
00661         return $this->DB->FetchColumn("Privilege");
00662     }
00663 
00664     function SetPrivList($NewPrivileges)
00665     {
00666         # clear old priv list values
00667         $this->DB->Query("DELETE FROM APUserPrivileges"
00668                 ." WHERE UserId='".$this->UserId."'");
00669 
00670         # for each priv value passed in
00671         foreach ($NewPrivileges as $Privilege)
00672         {
00673             # set priv for user
00674             $this->GrantPriv($Privilege);
00675         }
00676     }
00677 
00678 
00679     # ---- Miscellaneous Functions -------------------------------------------
00680 
00681     # get unique alphanumeric code for user
00682     function GetUniqueCode($SeedString, $CodeLength)
00683     {
00684         return substr(strtoupper(md5(
00685                 $this->Get("UserName").$this->Get("UserPassword").$SeedString)),
00686                 0, $CodeLength);
00687     }
00688 
00689 
00690     # ---- PRIVATE INTERFACE -------------------------------------------------
00691 
00692     var $DB;        # handle to SQL database we use to store user information
00693     var $Session;   # session to use in storing persistent information
00694     var $UserId;    # user ID number for reference into database
00695     var $Result;    # result of last operation
00696     var $LoggedIn;  # flag indicating whether user is logged in
00697     var $DBFields;  # used for caching user values
00698 
00699     # check whether a user name is valid  (alphanumeric string of 2-24 chars)
00700     function IsValidUserName($UserName)
00701     {
00702         if (preg_match("/^[a-zA-Z0-9]{2,24}$/", $UserName)) {  return TRUE;  } else {  return FALSE;  }
00703     }
00704 
00705     # check whether a password is valid  (at least 6 characters)
00706     function IsValidPassword($Password)
00707     {
00708         if (strlen(User::NormalizePassword($Password)) < 6)
00709                 {  return FALSE;  } else {  return TRUE;  }
00710     }
00711 
00712     # check whether an e-mail address looks valid
00713     function IsValidLookingEMailAddress($EMail)
00714     {
00715         if (preg_match("/^[a-zA-Z0-9._\-]+@[a-zA-Z0-9._\-]+\.[a-zA-Z]{2,3}$/", $EMail)) {  return TRUE;  } else {  return FALSE;  }
00716     }
00717 
00718     # get normalized version of e-mail address
00719     # (may be called statically)
00720     function NormalizeEMailAddress($EMailAddress)
00721     {
00722         return strtolower(trim($EMailAddress));
00723     }
00724 
00725     # get normalized version of user name
00726     # (may be called statically)
00727     function NormalizeUserName($UserName)
00728     {
00729         return trim($UserName);
00730     }
00731 
00732     # get normalized version of password
00733     # (may be called statically)
00734     function NormalizePassword($Password)
00735     {
00736         return trim($Password);
00737     }
00738 
00739     # generate random password
00740     # generate random password
00741     function GetRandomPassword($PasswordMinLength = 6, $PasswordMaxLength = 8)
00742     {
00743         # seed random number generator
00744         mt_srand((double)microtime() * 1000000);
00745 
00746         # generate password of requested length
00747         return sprintf("%06d", mt_rand(pow(10, ($PasswordMinLength - 1)),
00748                 (pow(10, $PasswordMaxLength) - 1)));
00749     }
00750 
00751     # convenience function to supply parameters to Database->UpdateValue()
00752     function UpdateValue($FieldName, $NewValue = DB_NOVALUE)
00753     {
00754         return $this->DB->UpdateValue("APUsers", $FieldName, $NewValue,
00755                 "UserId = '".$this->UserId."'", $this->DBFields);
00756     }
00757 
00758     # methods for backward compatibility with earlier versions of User
00759     function GivePriv($Privilege) {  $this->GrantPriv($Privilege);  }
00760 };
00761 
00762 
00763 ?>
CWIS logo doxygen
Copyright 2009 Internet Scout