32bc0c558e7cdd8c1028a5441354fb6d44240050
[mtweb] / mw / app / data / modules / sql / mw_data_users.php
1 <?php
2
3   class mw_data_users extends mw_data{
4
5     var $users;
6     var $user;
7     var $roles;
8     var $actions_roles;
9
10     # ----------------------------------------------------------------------------------------
11     #                                                                                    users
12     #
13
14     function users($start = 0, $alpha = null, $id_role = null){
15       $sgbd = $this->sgbd();
16       $env = $this->env();
17       $users = array("list" => array(), "total" => 0);
18       try{
19         $SELECT = "SELECT #--users.*";
20         $FROM = " FROM #--users";
21         $WHERE = "";
22         $WHERE .= (isset($alpha) ? ($WHERE ? " AND" : " WHERE")." LEFT(login, 1)=".$this->eq($alpha) : "");
23         if(isset($id_role)){
24           $SELECT .= ", #--users_roles.id_role";
25           $FROM .=
26            " LEFT JOIN #--users_roles ON ("
27           ." #--users_roles.id_user=#--users.id"
28           ." AND #--users_roles.id_role=".$this->eq($id_role)
29           .")";
30           $WHERE .= ($WHERE ? " AND" : " WHERE")." mw_users_roles.id_role IS NOT NULL";
31         }
32         $LIMIT = ($env->config("max_list") ? " LIMIT ".$env->config("max_list")." OFFSET ".$start : "");
33         $sql = "SELECT count(*) as n FROM(".$SELECT.$FROM.$WHERE.") res";
34         $rst = $sgbd->query($sql);
35         if($v_rst = $sgbd->fetch_assoc($rst)) $users["total"] = $v_rst["n"];
36         $sgbd->free_result($rst);
37         if($users["total"] > 0){
38           $sql = "SELECT * FROM(".$SELECT.$FROM.$WHERE.$LIMIT.") res";
39           $rst = $sgbd->query($sql);
40           while($v_rst = $sgbd->fetch_assoc($rst)) $users["list"][$v_rst["id"]] = $v_rst;
41           $sgbd->free_result($rst);
42           foreach($users["list"] as $id_user => $user){
43             if(($roles = $this->list_user_roles($id_user)) !== false){
44               $users["list"][$id_user]["roles"] = $roles;
45             }
46             else{
47               $users = false;
48               break;
49             }
50           }
51         }
52       }
53       catch(Exception $e) { $users = false; }
54       return $users;
55     }
56
57     function list_user_roles($id_user){
58       $sgbd = $this->sgbd();
59       $roles = array();
60       try{
61         $rst = $sgbd->query("SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($id_user));
62         while($v_rst = $sgbd->fetch_assoc($rst)) $roles[] = $v_rst["id_role"];
63         $sgbd->free_result($rst);
64       }
65       catch(Exception $e) { $roles = false; }
66       return $roles;
67     }
68
69     function user_by_id($id){
70       $sgbd = $this->sgbd();
71       $user = array();
72       try{
73         $sql = "SELECT * from #--users WHERE id=".$this->eq($id);
74         $rst = $sgbd->query($sql);
75         if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
76         $sgbd->free_result($rst);
77         if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles;
78         else $user = false;
79       }
80       catch(Exception $e) { $user = false; }
81       return $user;
82     }
83
84     function user($login){
85       $sgbd = $this->sgbd();
86       $user = array();
87       try{
88         $sql = "SELECT * from #--users WHERE login=".$this->eq($login);
89         $rst = $sgbd->query($sql);
90         if($v_rst = $sgbd->fetch_assoc($rst)) $user = $v_rst;
91         $sgbd->free_result($rst);
92         if($user){
93           if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles;
94           else $user = false;
95         }
96       }
97       catch(Exception $e) { $user = false; }
98       return $user;
99     }
100
101     function user_exists($login){
102       $sgbd = $this->sgbd();
103       $EXISTS = 0;
104       try{
105         $sql = "SELECT count(*) as n from #--users WHERE login=".$this->eq($login);
106         $rst = $sgbd->query($sql);
107         if($v_rst = $sgbd->fetch_assoc($rst)) $EXISTS = $v_rst["n"];
108         $sgbd->free_result($rst);
109       }
110       catch(Exception $e) { $EXISTS = false; }
111       return $EXISTS;
112     }
113
114     function add_user($login, $password, $email, $roles){
115       $sgbd = $this->sgbd();
116       $user_id = false;
117       try{
118         $sql =
119          "INSERT INTO #--users(login, password, email) VALUES"
120         ."( ".$this->eq($login)
121         .", ".$this->eq($password)
122         .", ".$this->eq($email)
123         .")";
124         $sgbd->query($sql);
125         $user_id = $sgbd->insert_id();
126         foreach($roles as $id_role){
127           $sql =
128            "INSERT INTO #--users_roles(id_user, id_role) VALUES"
129           ."( ".$user_id
130           .", ".$this->eq($id_role)
131           .")";
132           $sgbd->query($sql);
133         }
134       }
135       catch(Exception $e) { $user_id = false; }
136       return $user_id;
137     }
138
139     function set_user($id, $login, $password, $email, $roles){
140       $sgbd = $this->sgbd();
141       try{
142         $sql =
143          "UPDATE #--users SET"
144         ."  login=".$this->eq($login)
145         .", password=".$this->eq($password)
146         .", email=".$this->eq($email)
147         ." WHERE id=".$this->eq($id);
148         $sgbd->query($sql);
149         $sql = "DELETE FROM #--users_roles WHERE id_user=".$this->eq($id);
150         $sgbd->query($sql);
151         foreach($roles as $id_role){
152           $sql =
153            "INSERT INTO #--users_roles(id_user, id_role) VALUES"
154           ."( ".$this->eq($id)
155           .", ".$this->eq($id_role)
156           .")";
157           $sgbd->query($sql);
158         }
159       }
160       catch(Exception $e) { return false; }
161       return true;
162     }
163
164     function del_user($login){
165       if(($user = $this->user($login)) !== false){
166         $sgbd = $this->sgbd();
167         try{
168           $sql = "DELETE FROM #--users_roles WHERE id_user=".$user["id"];
169           $sgbd->query($sql);
170           $sql = "DELETE FROM #--users WHERE login=".$this->eq($login)." AND id=".$user["id"];
171           $sgbd->query($sql);
172         }
173         catch(Exception $e) { return false; }
174       }
175       else return false;
176       return true;
177     }
178
179     # ----------------------------------------------------------------------------------------
180     #                                                                                    roles
181     #
182
183     function init_roles(){
184       $sgbd = $this->sgbd();
185       $this->roles = array();
186       try{
187         $sql = "SELECT * FROM #--roles";
188         $rst = $sgbd->query($sql);
189         while($v_rst = $sgbd->fetch_assoc($rst)) $this->roles[$v_rst["id"]] = $v_rst;
190         $sgbd->free_result($rst);
191       }
192       catch(Exception $e) { $this->roles = false; }
193       return $this->roles;
194     }
195
196     function roles(){
197       if(!isset($this->roles)) return false;
198       return $this->roles;
199     }
200
201     function add_role($nom, $intitule){
202       $sgbd = $this->sgbd();
203       try{
204         $sql =
205          "INSERT INTO #--roles(nom, intitule) VALUES("
206         ."  ".$this->eq($nom)
207         .", ".$this->eq($intitule)
208         .")";
209         $rst = $sgbd->query($sql);
210         $id_role = $sgbd->insert_id();
211       }
212       catch(Exception $e) { $id_role = false; }
213       return $id_role;
214     }
215
216     function get_role($id){
217       if($id === "0") return array(
218         "id" => 0,
219         "nom" => "",
220         "intitule" => ""
221       );
222       $sgbd = $this->sgbd();
223       $role = array();
224       try{
225         $sql = "SELECT * FROM #--roles WHERE id=".$this->eq($id);
226         $rst = $sgbd->query($sql);
227         if($v_rst = $sgbd->fetch_assoc($rst)) $role = $v_rst;
228         $sgbd->free_result($rst);
229       }
230       catch(Exception $e) { $role = false; }
231       return $role;
232     }
233
234     function set_role($id, $nom, $intitule){
235       $sgbd = $this->sgbd();
236       try{
237         $sql =
238          "UPDATE #--roles SET"
239         ."  nom=".$this->eq($nom)
240         .", intitule=".$this->eq($intitule)
241         ." WHERE id=".$this->eq($id);
242         $rst = $sgbd->query($sql);
243       }
244       catch(Exception $e) { return false; }
245       return true;
246     }
247
248     function clear_role_actions($id_role){
249       $sgbd = $this->sgbd();
250       try{
251         $sql = "DELETE FROM #--actions_roles WHERE id_role=".$this->eq($id_role);
252         $sgbd->query($sql);
253       }
254       catch(Exception $e) { return false; }
255       return true;
256     }
257
258     function clear_role_users($id_role){
259       $sgbd = $this->sgbd();
260       try{
261         $sql = "DELETE FROM #--users_roles WHERE id_role=".$this->eq($id_role);
262         $sgbd->query($sql);
263       }
264       catch(Exception $e) { return false; }
265       return true;
266     }
267
268     function add_role_action($id_role, $action){
269       $sgbd = $this->sgbd();
270       try{
271         $sql = "INSERT INTO #--actions_roles(action, id_role) VALUES(".$this->eq($action).", ".$this->eq($id_role).")";
272         $sgbd->query($sql);
273         $id_action_role = $sgbd->insert_id();
274       }
275       catch(Exception $e) { $id_action_role = false; }
276       return $id_action_role;
277     }
278
279     function del_role($id_role){
280       $sgbd = $this->sgbd();
281       try{
282         $sql = "DELETE FROM #--roles WHERE id=".$this->eq($id_role);
283         $sgbd->query($sql);
284       }
285       catch(Exception $e) { return false; }
286       return true;
287     }
288
289     function get_user_roles(){
290       $user_roles = array();
291       $user = $this->get_session_user();
292       if($user && isset($user["id"])){
293         $sgbd = $this->sgbd();
294         try{
295           $sql = "SELECT id_role FROM #--users_roles WHERE id_user=".$this->eq($user["id"]);
296           $rst = $sgbd->query($sql);
297           while($v_rst = $sgbd->fetch_assoc($rst)) $user_roles[] = $v_rst["id_role"];
298           $sgbd->free_result($rst);
299         }
300         catch(Exception $_e){ return false; }
301       }
302       else $user_roles[] = 0;
303       if(!$user_roles) $user_roles[] = 0;
304       return $user_roles;
305     }
306
307     function init_actions_roles(){
308       if(!isset($this->roles)) return false;
309       $this->actions_roles = $this->read_actions_roles();
310       return $this->actions_roles;
311     }
312
313     function read_actions_roles($params = array()){
314       $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false;
315       $sgbd = $this->sgbd();
316       $actions_roles = array();
317       try{
318         $sql = "SELECT * FROM #--actions_roles";
319         $rst = $sgbd->query($sql);
320         while($v_rst = $sgbd->fetch_assoc($rst)){
321           if($group_by_action){
322             if(!isset($actions_roles[$v_rst["action"]])) $actions_roles[$v_rst["action"]] = array();
323             $actions_roles[$v_rst["action"]][] = $v_rst["id_role"];
324           }
325           else $actions_roles[$v_rst["id"]] = $v_rst;
326         }
327         $sgbd->free_result($rst);
328       }
329       catch(Exception $e) { $actions_roles = false; }
330       return $actions_roles;
331     }
332
333     function get_action_roles($mod, $controller = "index", $action = "index"){
334       $sgbd = $this->sgbd();
335       $roles = array();
336       try{
337         $sql =
338          "SELECT action, id_role"
339         ." FROM #--actions_roles"
340         ." WHERE action=".$this->eq($mod)
341         ." OR action=".$this->eq($mod."/".$controller)
342         ." OR action=".$this->eq($mod."/".$controller."/".$action);
343         $rst = $sgbd->query($sql);
344         while($v_rst = $sgbd->fetch_assoc($rst)){
345           if(!isset($roles[$v_rst["action"]])) $roles[$v_rst["action"]] = array();
346           $roles[$v_rst["action"]][$v_rst["id_role"]] = true;
347         }
348         $sgbd->free_result($rst);
349       }
350       catch(Exception $e) { $roles = false; }
351       return $roles;
352     }
353
354     function get_actions($id_role = null){
355       $env = $this->env();
356       if($actions = $env->get_actions()){
357         if(($actions_roles = $this->read_actions_roles(array("group_by_action" => true))) !== false){
358           foreach($actions as $module_name => $module){
359             if(isset($id_role)) $actions[$module_name]["module_allowed"] =
360                 isset($actions_roles[$module_name])
361             &&  in_array($id_role, $actions_roles[$module_name]);
362             $actions[$module_name]["is_public"] =
363                 isset($actions_roles[$module_name])
364             &&  in_array(0, $actions_roles[$module_name]);
365             foreach($module["controleurs"] as $controleur_name => $controleur){
366               if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] =
367                   isset($actions_roles[$module_name."/".$controleur_name])
368               &&  in_array($id_role, $actions_roles[$module_name."/".$controleur_name]);
369               $actions[$module_name]["controleurs"][$controleur_name]["is_public"] =
370                   isset($actions_roles[$module_name."/".$controleur_name])
371               &&  in_array(0, $actions_roles[$module_name."/".$controleur_name]);
372               foreach($controleur["als"] as $index_als => $al){
373                 if($al["actions"]){
374                   if(isset($id_role)){
375                     $HAS_ACTION_NOT_ALLOWED = false;
376                     foreach($al["actions"] as $action_name){
377                       if(
378                           !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name])
379                       ||  !in_array($id_role, $actions_roles[$module_name."/".$controleur_name."/".$action_name])
380                       ){
381                         $HAS_ACTION_NOT_ALLOWED = true;
382                         break;
383                       }
384                     }
385                     if(!$HAS_ACTION_NOT_ALLOWED){
386                       $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true;
387                     }
388                   }
389                   $HAS_ACTION_NOT_ALLOWED = false;
390                   foreach($al["actions"] as $action_name){
391                     if(
392                         !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name])
393                     ||  !in_array(0, $actions_roles[$module_name."/".$controleur_name."/".$action_name])
394                     ){
395                       $HAS_ACTION_NOT_ALLOWED = true;
396                       break;
397                     }
398                   }
399                   if(!$HAS_ACTION_NOT_ALLOWED){
400                     $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true;
401                   }
402                 }
403               }
404             }
405           }
406           return $actions;
407         }
408       }
409       return array();
410     }
411
412     # ----------------------------------------------------------------------------------------
413     #                                                                             log in / out
414     #
415
416     function login($login, $password){
417       if(($user = $this->user($login)) !== false){
418         if($this->password_ok($user, $password)){
419           if(!$this->set_session($user)) $user = false;
420         }
421         else{
422           $this->clear_session();
423           $user = array();
424         }
425       }
426       return $user;
427     }
428
429     function logout(){
430       return $this->clear_session();
431     }
432
433     function user_ok($user){
434       return
435       strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0
436       && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
437     }
438
439     function password_ok($user, $password){
440       if(!$user) return false;
441       return
442            strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0
443         && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
444     }
445
446     # ----------------------------------------------------------------------------------------
447     #                                                                                  session
448     #
449
450     function load_session(){
451       @session_start();
452       if(!isset($_SESSION["id"])) $this->clear_session();
453       $user = array();
454       if(isset($_SESSION["user"])){
455         $user = $this->user($_SESSION["user"]);
456       }
457       elseif(isset($_COOKIE["user"]) && isset($_COOKIE["pass"])){
458         if($user = $this->user($_COOKIE["user"])){
459           $user["password"] = $_COOKIE["pass"];
460           $this->set_session($user);
461         }
462       }
463       if($user){
464         if(!$this->user_ok($user)){
465           $this->clear_session();
466           $user = array();
467         }
468       }
469       else $user = array();
470       $this->user = $user;
471       return $user;
472     }
473
474     function set_session($user){
475       $_SESSION["user"] = $user["login"];
476       $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]);
477       $env = $this->env();
478       return
479           setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web"))
480       &&  setcookie("pass", $user["password"], time() + (60 * 60 * 24 * 7), $env->path("web"));
481     }
482
483     function clear_session(){
484       unset($_SESSION["user"]);
485       unset($_SESSION["pass"]);
486       $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"];
487       $_SESSION["id"] = md5(rand());
488       $env = $this->env();
489       return
490           setcookie("user", "", 0, $env->path("web"))
491       &&  setcookie("pass", "", 0, $env->path("web"));
492     }
493
494     function get_session_user(){
495       return $this->user;
496     }
497
498     # ----------------------------------------------------------------------------------------
499     #                                                                                  uploads
500     #
501
502     function check_user_uploads_dir($user = null){
503       $env = $this->env();
504       if((!isset($user) || !$user) && !isset($this->user["id"])) return false;
505       $user_dir = $env->path("content")."uploads/".(isset($user) && $user ? $user : $this->user["id"]);
506       if(!file_exists($user_dir)) @mkdir($user_dir);
507       return file_exists($user_dir);
508     }
509
510   }
511
512 ?>