3 class mw_data_users extends mw_data{
10 # ----------------------------------------------------------------------------------------
14 function users($start = 0, $alpha = null, $id_role = null){
15 $sgbd = $this->sgbd();
17 $users = array("list" => array(), "total" => 0);
19 $role_users = array();
20 if($rst = $sgbd->open_data("users_roles")){
21 while($v_rst = $sgbd->fetch_data($rst)){
23 if(($v_rst["id_user"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){
24 $role_users[] = $v_rst["id_user"];
32 $sgbd->close_data($rst);
34 else $role_users = false;
35 if($role_users === false) return false;
38 if($rst = $sgbd->open_data("users")){
39 while($v_rst = $sgbd->fetch_data($rst)){
41 if(!isset($alpha) || (isset($v_rst["login"]) && strtolower(substr($v_rst["login"], 0, 1)) == strtolower($alpha))){
42 if(!isset($id_role) || in_array($id_role, $role_users)){
43 $res[$v_rst["id"]] = $v_rst;
53 $sgbd->close_data($rst);
56 foreach($res as $id_user => $user){
58 if(!$env->config("max_list") || ($n > $start && $n <= ($start + $env->config("max_list")))){
59 $users["list"][$user["id"]] = $user;
60 if(!isset($this->users)) $this->users = array();
61 $this->users[$user["id"]] = $user;
64 foreach($users["list"] as $id_user => $user){
65 if(($roles = $this->list_user_roles($id_user)) !== false){
66 $users["list"][$id_user]["roles"] = $roles;
80 function list_user_roles($id_user){
81 $sgbd = $this->sgbd();
83 if($rst = $sgbd->open_data("users_roles")){
84 while($v_rst = $sgbd->fetch_data($rst)){
86 if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id_user){
87 $roles[] = $v_rst["id_role"];
95 $sgbd->close_data($rst);
101 function user_by_id($id){
102 if(!isset($this->users)) $this->users = array();
103 if(isset($this->users[$id])) return $this->users[$id];
104 $sgbd = $this->sgbd();
105 if(($user = $sgbd->get_data("users", $id)) !== false){
106 $this->users[$id] = $user;
107 if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles;
113 function user($login){
114 $sgbd = $this->sgbd();
116 if($rst = $sgbd->open_data("users")){
117 while($v_rst = $sgbd->fetch_data($rst)){
119 if(isset($v_rst["login"]) && $v_rst["login"] == $login){
126 $sgbd->close_data($rst);
128 if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles;
134 if(!isset($this->users)) $this->users = array();
135 if($user) $this->users[$user["id"]] = $user;
140 function user_exists($login){
141 $sgbd = $this->sgbd();
143 if($rst = $sgbd->open_data("users")){
144 while($v_rst = $sgbd->fetch_data($rst)){
146 if(isset($v_rst["login"]) && $v_rst["login"] == $login){
155 $sgbd->close_data($rst);
157 else $EXISTS = false;
161 function add_user($login, $password, $email, $roles){
162 $sgbd = $this->sgbd();
165 $id_user = $sgbd->add_data(
169 "password" => $password,
176 foreach($roles as $id_role){
177 $OK = $sgbd->add_data(
180 "id_user" => $id_user,
181 "id_role" => $id_role
186 if(!$OK) return false;
190 function set_user($id, $login, $password, $email, $roles){
191 $sgbd = $this->sgbd();
198 "password" => $password,
203 if($rst = $sgbd->open_data("users_roles")){
205 while($v_rst = $sgbd->fetch_data($rst)){
207 if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id){
208 if(!$sgbd->del_data("users_roles", $v_rst["id"])){
216 $sgbd->close_data($rst);
217 if(!$OK) return false;
220 foreach($roles as $id_role){
221 $OK = $sgbd->add_data(
225 "id_role" => $id_role
230 if(!$OK) return false;
234 function del_user($login){
235 if(($user = $this->user($login)) !== false){
236 $sgbd = $this->sgbd();
237 if(!$sgbd->del_data("users", $user["id"])) return false;
238 if($rst = $sgbd->open_data("users_roles")){
240 while($v_rst = $sgbd->fetch_data($rst)){
242 if(isset($v_rst["id"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){
243 if(!$sgbd->del_data("users_roles", $v_rst["id"])){
251 $sgbd->close_data($rst);
258 # ----------------------------------------------------------------------------------------
262 function init_roles(){
263 $sgbd = $this->sgbd();
264 $this->roles = array();
265 if($rst = $sgbd->open_data("roles")){
266 while($v_rst = $sgbd->fetch_data($rst)){
268 $this->roles[$v_rst["id"]] = $v_rst;
271 $this->roles = false;
275 $sgbd->close_data($rst);
277 else $this->roles = false;
282 if(!isset($this->roles)) return false;
286 function add_role($nom, $intitule){
287 $sgbd = $this->sgbd();
288 $id_role = $sgbd->add_data(
292 "intitule" => $intitule
295 if(!isset($id_role)) return false;
299 function get_role($id){
300 if($id === "0") return array(
305 $sgbd = $this->sgbd();
306 $role = $sgbd->get_data("roles", $id);
307 if(!isset($role)) return false;
308 return $role ? $role : array();
311 function set_role($id, $nom, $intitule){
312 $sgbd = $this->sgbd();
319 "intitule" => $intitule
326 function clear_role_actions($id_role){
327 $sgbd = $this->sgbd();
328 if($rst = $sgbd->open_data("actions_roles")){
330 while($v_rst = $sgbd->fetch_data($rst)){
332 if(isset($v_rst["id"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){
333 if(!$sgbd->del_data("actions_roles", $v_rst["id"])){
341 $sgbd->close_data($rst);
347 function clear_role_users($id_role){
348 $sgbd = $this->sgbd();
349 if($rst = $sgbd->open_data("users_roles")){
351 while($v_rst = $sgbd->fetch_data($rst)){
353 if(isset($v_rst["id"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){
354 if(!$sgbd->del_data("users_roles", $v_rst["id"])){
362 $sgbd->close_data($rst);
368 function add_role_action($id_role, $action){
369 $sgbd = $this->sgbd();
370 $id_action_role = $sgbd->add_data(
374 "id_role" => $id_role
377 if(!isset($id_action_role)) return false;
378 return $id_action_role;
381 function del_role($id_role){
382 $sgbd = $this->sgbd();
383 return $sgbd->del_data("roles", $id_role) ? true : false;
386 function get_user_roles(){
387 $user_roles = array();
388 $user = $this->get_session_user();
389 if($user && isset($user["id"])){
390 $sgbd = $this->sgbd();
391 if($rst = $sgbd->open_data("users_roles")){
392 while($v_rst = $sgbd->fetch_data($rst)){
394 if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){
395 $user_roles[] = $v_rst["id_role"];
403 $sgbd->close_data($rst);
405 else $user_roles = false;
406 if($user_roles === false) return false;
408 else $user_roles[] = 0;
409 if(!$user_roles) $user_roles[] = 0;
413 function init_actions_roles(){
414 if(!isset($this->roles)) return false;
415 $this->actions_roles = $this->read_actions_roles();
416 return $this->actions_roles;
419 function read_actions_roles($params = array()){
420 if(!isset($this->roles)) return false;
421 $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false;
422 $sgbd = $this->sgbd();
423 $actions_roles = array();
424 if($rst = $sgbd->open_data("actions_roles")){
425 while($v_rst = $sgbd->fetch_data($rst)){
427 if(isset($v_rst["action"]) && isset($v_rst["id_role"])){
428 if($group_by_action){
429 if(!isset($actions_roles[$v_rst["action"]])) $actions_roles[$v_rst["action"]] = array();
430 $actions_roles[$v_rst["action"]][] = $v_rst["id_role"];
432 else $actions_roles[$v_rst["id"]] = $v_rst;
436 $actions_roles = false;
440 $sgbd->close_data($rst);
442 else $actions_roles = false;
443 return $actions_roles;
446 function get_action_roles($mod, $controller = "index", $action = "index"){
447 $sgbd = $this->sgbd();
449 if($rst = $sgbd->open_data("actions_roles")){
450 while($roles !==false && $v_rst = $sgbd->fetch_data($rst)){
451 if(isset($v_rst) && isset($v_rst["action"]) && isset($v_rst["id_role"])){
453 $v_rst["action"] == $mod
454 || $v_rst["action"] == $mod."/".$controller
455 || $v_rst["action"] == $mod."/".$controller."/".$action
457 if(!isset($roles[$v_rst["action"]])) $roles[$v_rst["action"]] = array();
458 $roles[$v_rst["action"]][$v_rst["id_role"]] = true;
463 $sgbd->close_data($rst);
469 function get_actions($id_role = null){
471 if($actions = $env->get_actions()){
472 if(($actions_roles = $this->read_actions_roles(array("group_by_action" => true))) !== false){
473 foreach($actions as $module_name => $module){
474 if(isset($id_role)) $actions[$module_name]["module_allowed"] =
475 isset($actions_roles[$module_name])
476 && in_array($id_role, $actions_roles[$module_name]);
477 $actions[$module_name]["is_public"] =
478 isset($actions_roles[$module_name])
479 && in_array(0, $actions_roles[$module_name]);
480 foreach($module["controleurs"] as $controleur_name => $controleur){
481 if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] =
482 isset($actions_roles[$module_name."/".$controleur_name])
483 && in_array($id_role, $actions_roles[$module_name."/".$controleur_name]);
484 $actions[$module_name]["controleurs"][$controleur_name]["is_public"] =
485 isset($actions_roles[$module_name."/".$controleur_name])
486 && in_array(0, $actions_roles[$module_name."/".$controleur_name]);
487 foreach($controleur["als"] as $index_als => $al){
490 $HAS_ACTION_NOT_ALLOWED = false;
491 foreach($al["actions"] as $action_name){
493 !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name])
494 || !in_array($id_role, $actions_roles[$module_name."/".$controleur_name."/".$action_name])
496 $HAS_ACTION_NOT_ALLOWED = true;
500 if(!$HAS_ACTION_NOT_ALLOWED){
501 $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["action_allowed"] = true;
504 $HAS_ACTION_NOT_ALLOWED = false;
505 foreach($al["actions"] as $action_name){
507 !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name])
508 || !in_array(0, $actions_roles[$module_name."/".$controleur_name."/".$action_name])
510 $HAS_ACTION_NOT_ALLOWED = true;
514 if(!$HAS_ACTION_NOT_ALLOWED){
515 $actions[$module_name]["controleurs"][$controleur_name]["als"][$index_als]["is_public"] = true;
527 # ----------------------------------------------------------------------------------------
531 function login($login, $password){
532 if(($user = $this->user($login)) !== false){
533 if($this->password_ok($user, $password)){
534 if(!$this->set_session($user)) $user = false;
537 $this->clear_session();
545 return $this->clear_session();
548 function user_ok($user){
550 strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0
551 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
554 function password_ok($user, $password){
555 if(!$user) return false;
557 strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0
558 && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"];
561 # ----------------------------------------------------------------------------------------
565 function load_session(){
567 if(!isset($_SESSION["id"])) $this->clear_session();
570 isset($_COOKIE["user"]) || isset($_SESSION["user"]) ?
571 $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"])
575 if(isset($_COOKIE["user"])) $this->set_session($user);
576 if(!$this->user_ok($user)){
577 $this->clear_session();
585 function set_session($user){
586 $_SESSION["user"] = $user["login"];
587 $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]);
589 return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web"));
592 function clear_session(){
593 unset($_SESSION["user"]);
594 unset($_SESSION["pass"]);
595 $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"];
596 $_SESSION["id"] = md5(rand());
598 return setcookie("user", "", 0, $env->path("web"));
601 function get_session_user(){
605 # ----------------------------------------------------------------------------------------
609 function check_user_uploads_dir($user = null){
611 if((!isset($user) || !$user) && !isset($this->user["id"])) return false;
612 $user_dir = $env->path("content")."uploads/".(isset($user) && $user ? $user : $this->user["id"]);
613 if(!file_exists($user_dir)) @mkdir($user_dir);
614 return file_exists($user_dir);