-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuser.inc
125 lines (120 loc) · 5.31 KB
/
user.inc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php //SCHOOL DEPENDENT
mb_internal_encoding('UTF-8');
class User {
use Form;
const SIG = "class-user";
public static function sig() { return static::SIG; }
function __construct($qs=NULL) {
$v=new NView('view-user_1.ixml');
$this->iniForm(NULL,$v,false,"id",false);
$this->key=NULL; //this form only handles new users.
$this->table="sio_user";
$this->setboolfld('active',null,null,'on',false);
$this->setfld('username');
$this->setfld('email');
$this->setfld('passwordn','','!skip');
$this->setfld('passwordb','','!skip');
$this->insert_qs=$qs; //query string for new records. id placeholder = [[ID]]
}
public function validate() {
$sisig="sioreg_";
$retval = true;
//force lowercase.
if (isset($this->fields['username'][0])) {
$this->fields['username'][0]=mb_strtolower($this->fields['username'][0]);
}
$this->valUnique('username', Dict::get('errors_name_unique'));
if (isset($this->fields['email'][0])) {
$em=Settings::esc($this->fields['email'][0]);
$qry="select count(id) as ok from " . $this->table . " where emailp='" . $em . "' or email='" . $em . "'";
if ($rx = Settings::$sql->query($qry)) {
if (strcmp($rx->fetch_row()[0],"0") !== 0) {
$retval = false;
$this->seterr("email",Dict::get($sisig.'errors_email_exists'));
}
$rx->close();
}
if (isset($this->fields['passwordn'][0]) && ($this->fields['passwordn'][0] === $this->fields['email'][0])) {
$this->seterr("passwordn",Dict::get($sisig.'errors_new_pw_too_em_simple'));
$retval = false;
}
} else {
$this->seterr("email",Dict::get($sisig.'errors_no_email'));
$retval = false;
}
if (isset($this->fields['passwordn'][0]) && isset($this->fields['passwordb'][0])) {
$pwa=$this->fields['passwordn'][0];
$pwb=$this->fields['passwordb'][0];
if ($pwa !== $pwb ) {
$this->seterr("passwordn",Dict::get($sisig.'errors_new_pw_different'));
$retval = false;
}
if (strlen($pwa) < 7) {
$this->seterr("passwordn",Dict::get($sisig.'errors_new_pw_too_short'));
$retval = false;
}
} else {
$this->seterr("passwordn",Dict::get($sisig.'errors_no_password'));
$retval = false;
}
$this->valEmail('email',Dict::get($sisig .'errors_email_badformat'));
if ($this->valid) {
$this->valid = $retval;
}
}
public function populate() {
$this->vset('username');
$this->vset('email');
$this->vset('active','cb');
}
public function postcommit() {
$id=intval($this->newid);
$pw=$this->fields['passwordn'][0];
$unm=$this->fields['username'][0];
$ph=SioSetPW::enhash($unm,$this->fields['passwordn'][0]);
$qry="update sio_user set password='".$ph."' where id=".$id;
Settings::$sql->query($qry);
$qry="insert into sio_userprofile set user=".$id.",school=".Settings::$usr['school'].",role=".Sec::ROLE_UNASSIGNED.",firstname='(new user)',familyname='".$this->fields['email'][0]."'";
Settings::$sql->query($qry);
}
public static function listing($qs='u',$url='',$restricted=true) {
$v = NULL;
if (Sec::ok(Sec::USERMGMT)) {
$v=new NView('view-userrole-userlistusr.ixml');
$rt=$v->consume("//h:ul/h:li");
if( $restricted ){
$rlim=" and r.cat=1";
} else {
$rlim="";
}
$qry="select u.id,concat (p.firstname,' ',p.familyname,' (',r.name,')') as name,u.email,u.active from sio_user u,sio_userprofile p,sio_role r where ".Sec::schsql('school','p')." and p.user=u.id and p.role=r.id ".$rlim." order by u.active desc,r.name,p.familyname";
if ($rx = Settings::$sql->query($qry)) {
while ($f = $rx->fetch_assoc()) {
$r=new NView($rt);
if($f['active']!=='on') { $r->set("//h:a/@class"); }
$r->set("//h:a/child-gap()",$f['name']);
$r->set("//*[@data-xp='email']/child-gap()",$f['email']);
$r->set("//h:a/@href/child-gap()",$url.'?'.$qs.'='.$f['id']);
$v->set("//h:ul/child-gap()",$r);
}
$rx->close();
}
$v->set("//*[@data-xp='new']/@href",$url.'?'.$qs.'=NULL');
$v->set("//h:ul/child-gap()",new NView($rt));
}
return $v;
}
public static function newuser($qs='u',$url='') {
$v = NULL;
if (Sec::ok(Sec::USERMGMT)) {
$v=new NView('view-userrole-usernewusr.ixml');
$v->set("//h:a[@data-xp='back']/@href",$url);
$user=new User($qs);
$v->set("//*[@data-xp='user']/child-gap()",$user->form(true));
if ( $user->success() ) {
$user->postcommit();
}
}
return $v;
}
}