3 class mw_data_users extends mw_data{
10 # ----------------------------------------------------------------------------------------
14 function users($start = 0, $alpha = null, $status = null){
15 $sgbd = $this->sgbd();
17 $users = array("list" => array(), "total" => 0);
19 if($rst = $sgbd->open_data("users")){
20 while($v_rst = $sgbd->fetch_data($rst)){
22 if(!isset($alpha) || (isset($v_rst["login"]) && strtolower(substr($v_rst["login"], 0, 1)) == strtolower($alpha))){
23 if(!isset($status) || (isset($v_rst["status"]) && $v_rst["status"] == $status)){
24 $res[$v_rst["id"]] = $v_rst;
34 $sgbd->close_data($rst);
37 foreach($res as $id_user => $user){
39 if(!$env->config("max_list") || ($n > $start && $n <= ($start + $env->config("max_list")))){
40 $users["list"][$user["id"]] = $user;
41 if(!isset($this->users)) $this->users = array();
42 $this->users[$user["id"]] = $user;
45 foreach($users["list"] as $id_user => $user){
46 if(($status = $this->list_user_status($id_user)) !== false){
47 $users["list"][$id_user]["status"] = $status;
61 function list_user_status($id_user){
62 $sgbd = $this->sgbd();
64 if($rst = $sgbd->open_data("users_roles")){
65 while($v_rst = $sgbd->fetch_data($rst)){
67 if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id_user){
68 $status[] = $v_rst["id_role"];
76 $sgbd->close_data($rst);
82 function user_by_id($id){
83 if(!isset($this->users)) $this->users = array();
84 if(isset($this->users[$id])) return $this->users[$id];
85 $sgbd = $this->sgbd();
86 if(($user = $sgbd->get_data("users", $id)) !== false){
87 $this->users[$id] = $user;
88 if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status;
94 function user($login){
95 $sgbd = $this->sgbd();
97 if($rst = $sgbd->open_data("users")){
98 while($v_rst = $sgbd->fetch_data($rst)){
100 if(isset($v_rst["login"]) && $v_rst["login"] == $login){
107 $sgbd->close_data($rst);
109 if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status;
115 if(!isset($this->users)) $this->users = array();
116 if($user) $this->users[$user["id"]] = $user;
121 function user_exists($login){
122 $sgbd = $this->sgbd();
124 if($rst = $sgbd->open_data("users")){
125 while($v_rst = $sgbd->fetch_data($rst)){
127 if(isset($v_rst["login"]) && $v_rst["login"] == $login){
136 $sgbd->close_data($rst);
138 else $EXISTS = false;
142 function add_user($login, $password, $email, $status){
143 $sgbd = $this->sgbd();
146 $id_user = $sgbd->add_data(
150 "password" => $password,
157 foreach($status as $id_role){
158 $OK = $sgbd->add_data(
161 "id_user" => $id_user,
162 "id_role" => $id_role
167 if(!$OK) return false;
171 function set_user($id, $login, $password, $email, $status){
172 $sgbd = $this->sgbd();
179 "password" => $password,
184 if($rst = $sgbd->open_data("users_roles")){
186 while($v_rst = $sgbd->fetch_data($rst)){
188 if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id){
189 if(!$sgbd->del_data("users_roles", $v_rst["id"])){
197 $sgbd->close_data($rst);
198 if(!$OK) return false;
201 foreach($status as $id_role){
202 $OK = $sgbd->add_data(
206 "id_role" => $id_role
211 if(!$OK) return false;
215 function del_user($login){
216 if(($user = $this->user($login)) !== false){
217 $sgbd = $this->sgbd();
218 if(!$sgbd->del_data("users", $user["id"])) return false;
219 if($rst = $sgbd->open_data("users_roles")){
221 while($v_rst = $sgbd->fetch_data($rst)){
223 if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){
224 if(!$sgbd->del_data("users_roles", $v_rst["id"])){
232 $sgbd->close_data($rst);
239 # ----------------------------------------------------------------------------------------
243 function init_user_status($status = array()){
244 $sgbd = $this->sgbd();
245 $this->user_status = array();
246 if($rst = $sgbd->open_data("roles")){
247 while($v_rst = $sgbd->fetch_data($rst)){
249 $this->user_status[$v_rst["id"]] = $v_rst;
252 $this->user_status = false;
256 $sgbd->close_data($rst);
258 else $this->user_status = false;
259 return $this->user_status;
262 function add_role($nom, $intitule){
263 $sgbd = $this->sgbd();
264 $id_role = $sgbd->add_data(
268 "intitule" => $intitule
271 if(!isset($id_role)) return false;
275 function get_role($id){
276 if($id === "0") return array(
281 $sgbd = $this->sgbd();
282 $role = $sgbd->get_data("roles", $id);
283 if(!isset($role)) return false;
284 return $role ? $role : array();
287 function set_role($id, $nom, $intitule){
288 $sgbd = $this->sgbd();
295 "intitule" => $intitule
302 function clear_role_actions($id_role){
303 $sgbd = $this->sgbd();
304 if($rst = $sgbd->open_data("action_status")){
306 while($v_rst = $sgbd->fetch_data($rst)){
308 if(isset($v_rst["id"]) && isset($v_rst["id_status"]) && $v_rst["id_status"] == $id_role){
309 if(!$sgbd->del_data("action_status", $v_rst["id"])){
317 $sgbd->close_data($rst);
323 function clear_role_users($id_role){
324 $sgbd = $this->sgbd();
325 if($rst = $sgbd->open_data("users_roles")){
327 while($v_rst = $sgbd->fetch_data($rst)){
329 if(isset($v_rst["id"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){
330 if(!$sgbd->del_data("users_roles", $v_rst["id"])){
338 $sgbd->close_data($rst);
344 function add_role_action($id_role, $action){
345 $sgbd = $this->sgbd();
346 $id_action_status = $sgbd->add_data(
350 "id_status" => $id_role
353 if(!isset($id_action_status)) return false;
354 return $id_action_status;
357 function del_role($id_role){
358 $sgbd = $this->sgbd();
359 return $sgbd->del_data("roles", $id_role) ? true : false;
363 if(!isset($this->user_status)) return false;
364 return $this->user_status;
367 function get_user_status(){
368 $user_status = array();
369 $user = $this->get_session_user();
370 if($user && isset($user["id"])){
371 $sgbd = $this->sgbd();
372 if($rst = $sgbd->open_data("users_roles")){
373 while($v_rst = $sgbd->fetch_data($rst)){
375 if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){
376 $user_status[] = $v_rst["id_role"];
380 $user_status = false;
384 $sgbd->close_data($rst);
386 else $user_status = false;
387 if($user_status === false) return false;
389 else $user_status[] = 0;
390 if(!$user_status) $user_status[] = 0;
394 function init_action_status($status = array()){
395 if(!isset($this->user_status)) return false;
396 $this->action_status = $this->read_action_status();
397 return $this->action_status;
400 function read_action_status($params = array()){
401 if(!isset($this->user_status)) return false;
402 $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false;
403 $sgbd = $this->sgbd();
404 $action_status = array();
405 if($rst = $sgbd->open_data("action_status")){
406 while($v_rst = $sgbd->fetch_data($rst)){
408 if(isset($v_rst["action"]) && isset($v_rst["id_status"])){
409 if($group_by_action){
410 if(!isset($action_status[$v_rst["action"]])) $action_status[$v_rst["action"]] = array();
411 $action_status[$v_rst["action"]][] = $v_rst["id_status"];
413 else $action_status[$v_rst["id"]] = $v_rst;
417 $action_status = false;
421 $sgbd->close_data($rst);
423 else $action_status = false;
424 return $action_status;
427 function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){
428 $sgbd = $this->sgbd();
430 if($rst = $sgbd->open_data("action_status")){
431 while($status !==false && $v_rst = $sgbd->fetch_data($rst)){
432 if(isset($v_rst) && isset($v_rst["action"]) && isset($v_rst["id_status"])){
434 $v_rst["action"] == $mod
435 || $v_rst["action"] == $mod."/".$controller
436 || $v_rst["action"] == $mod."/".$controller."/".$action
438 if(!isset($status[$v_rst["action"]])) $status[$v_rst["action"]] = array();
439 $status[$v_rst["action"]][$v_rst["id_status"]] = true;
442 else $status = false;
444 $sgbd->close_data($rst);
446 else $status = false;
450 function get_actions($id_role = null){
452 if($actions = $env->get_actions()){
453 if(($action_status = $this->read_action_status(array("group_by_action" => true))) !== false){
454 foreach($actions as $module_name => $module){
455 if(isset($id_role)) $actions[$module_name]["module_allowed"] =
456 isset($action_status[$module_name])
457 && in_array($id_role, $action_status[$module_name]);
458 $actions[$module_name]["is_public"] =
459 isset($action_status[$module_name])
460 && in_array(0, $action_status[$module_name]);
461 foreach($module["controleurs"] as $controleur_name => $controleur){
462 if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] =
463 isset($action_status[$module_name."/".$controleur_name])
464 && in_array($id_role, $action_status[$module_name."/".$controleur_name]);
465 $actions[$module_name]["controleurs"][$controleur_name]["is_public"] =
466 isset($action_status[$module_name."/".$controleur_name])
467 && in_array(0, $action_status[$module_name."/".$controleur_name]);
468 foreach($controleur["als"] as $index_als => $al){
471 $HAS_ACTION_NOT_ALLOWED = false;
472 foreach($al["actions"] as $action_name){
474 !isset($action_status[$module_name."/".$controleur_name."/".$action_name])
475 || !in_array($id_role, $action_status[$module_name."/".$controleur_name."/".$action_name])
477 $HAS_ACTION_NOT_ALLOWED = true;
481 if(!$HAS_ACTION_NOT_ALLOWED){
482 $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true;
485 $HAS_ACTION_NOT_ALLOWED = false;
486 foreach($al["actions"] as $action_name){
488 !isset($action_status[$module_name."/".$controleur_name."/".$action_name])
489 || !in_array(0, $action_status[$module_name."/".$controleur_name."/".$action_name])
491 $HAS_ACTION_NOT_ALLOWED = true;
495 if(!$HAS_ACTION_NOT_ALLOWED){
496 $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true;
508 # ----------------------------------------------------------------------------------------
512 function login($login, $password){
513 if(($user = $this->user($login)) !== false){
514 if($this->password_ok($user, $password)){
515 if(!$this->set_session($user)) $user = false;
518 $this->clear_session();
526 return $this->clear_session();
529 function user_ok($user){
531 strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0
532 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
535 function password_ok($user, $password){
536 if(!$user) return false;
538 strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0
539 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
542 # ----------------------------------------------------------------------------------------
546 function load_session(){
548 if(!isset($_SESSION["id"])) $this->clear_session();
551 isset($_COOKIE["user"]) || isset($_SESSION["user"]) ?
552 $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"])
556 if(isset($_COOKIE["user"])) $this->set_session($user);
557 if(!$this->user_ok($user)){
558 $this->clear_session();
562 $this->_user = $user;
566 function set_session($user){
567 $_SESSION["user"] = $user["login"];
568 $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]);
570 return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web"));
573 function clear_session(){
574 unset($_SESSION["user"]);
575 unset($_SESSION["pass"]);
576 $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"];
577 $_SESSION["id"] = md5(rand());
579 return setcookie("user", "", 0, $env->path("web"));
582 function get_session_user(){
586 # ----------------------------------------------------------------------------------------
590 function check_user_uploads_dir($user = null){
592 $user_dir = $env->path("content")."uploads/".(isset($user) ? $user : $this->_user["id"]);
593 if(!file_exists($user_dir)) @mkdir($user_dir);
594 return file_exists($user_dir);