X-Git-Url: http://git.dj3c1t.com/?a=blobdiff_plain;f=mw%2Fapp%2Fdata%2Fmodules%2Fxml%2Fmw_data_users.php;h=3bbffee86f2d74aec564a31bd1f92d2cb52ae68a;hb=e1b64e4088232b9d7b4acb2dc24279bb38fcafba;hp=2f7009567f8c6de017d05ac1332c15a4c08f0195;hpb=3c17f81e1d2fb68f69cfa620ca00ad63e83cc17c;p=mtweb diff --git a/mw/app/data/modules/xml/mw_data_users.php b/mw/app/data/modules/xml/mw_data_users.php index 2f70095..3bbffee 100644 --- a/mw/app/data/modules/xml/mw_data_users.php +++ b/mw/app/data/modules/xml/mw_data_users.php @@ -3,24 +3,43 @@ class mw_data_users extends mw_data{ var $users; - var $_user; - var $user_status; - var $action_status; + var $user; + var $roles; + var $actions_roles; # ---------------------------------------------------------------------------------------- # users # - function users($start = 0, $alpha = null, $status = null){ + function users($start = 0, $alpha = null, $id_role = null){ $sgbd = $this->sgbd(); $env = $this->env(); $users = array("list" => array(), "total" => 0); + if(isset($id_role)){ + $role_users = array(); + if($rst = $sgbd->open_data("users_roles")){ + while($v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst)){ + if(($v_rst["id_user"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){ + $role_users[] = $v_rst["id_user"]; + } + } + else{ + $role_users = false; + break; + } + } + $sgbd->close_data($rst); + } + else $role_users = false; + if($role_users === false) return false; + } $res = array(); if($rst = $sgbd->open_data("users")){ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ if(!isset($alpha) || (isset($v_rst["login"]) && strtolower(substr($v_rst["login"], 0, 1)) == strtolower($alpha))){ - if(!isset($status) || (isset($v_rst["status"]) && $v_rst["status"] == $status)){ + if(!isset($id_role) || in_array($id_role, $role_users)){ $res[$v_rst["id"]] = $v_rst; $users["total"]++; } @@ -43,8 +62,8 @@ } } foreach($users["list"] as $id_user => $user){ - if(($status = $this->list_user_status($id_user)) !== false){ - $users["list"][$id_user]["status"] = $status; + if(($roles = $this->list_user_roles($id_user)) !== false){ + $users["list"][$id_user]["roles"] = $roles; } else{ $users = false; @@ -58,25 +77,25 @@ return $users; } - function list_user_status($id_user){ + function list_user_roles($id_user){ $sgbd = $this->sgbd(); - $status = array(); + $roles = array(); if($rst = $sgbd->open_data("users_roles")){ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $id_user){ - $status[] = $v_rst["id_role"]; + $roles[] = $v_rst["id_role"]; } } else{ - $status = false; + $roles = false; break; } } $sgbd->close_data($rst); } - else $status = false; - return $status; + else $roles = false; + return $roles; } function user_by_id($id){ @@ -85,7 +104,7 @@ $sgbd = $this->sgbd(); if(($user = $sgbd->get_data("users", $id)) !== false){ $this->users[$id] = $user; - if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status; + if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles; else $user = false; } return $user; @@ -106,7 +125,7 @@ } $sgbd->close_data($rst); if($user){ - if(($status = $this->list_user_status($user["id"])) !== false) $user["status"] = $status; + if(($roles = $this->list_user_roles($user["id"])) !== false) $user["roles"] = $roles; else $user = false; } } @@ -139,7 +158,7 @@ return $EXISTS; } - function add_user($login, $password, $email, $status){ + function add_user($login, $password, $email, $roles){ $sgbd = $this->sgbd(); if( ( @@ -154,7 +173,7 @@ ) === false ) return false; $OK = true; - foreach($status as $id_role){ + foreach($roles as $id_role){ $OK = $sgbd->add_data( "users_roles", array( @@ -168,7 +187,7 @@ return $id_user; } - function set_user($id, $login, $password, $email, $status){ + function set_user($id, $login, $password, $email, $roles){ $sgbd = $this->sgbd(); if( !$sgbd->set_data( @@ -198,7 +217,7 @@ if(!$OK) return false; } else return false; - foreach($status as $id_role){ + foreach($roles as $id_role){ $OK = $sgbd->add_data( "users_roles", array( @@ -237,26 +256,31 @@ } # ---------------------------------------------------------------------------------------- - # status + # roles # - function init_user_status($status = array()){ + function init_roles(){ $sgbd = $this->sgbd(); - $this->user_status = array(); + $this->roles = array(); if($rst = $sgbd->open_data("roles")){ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ - $this->user_status[$v_rst["id"]] = $v_rst; + $this->roles[$v_rst["id"]] = $v_rst; } else{ - $this->user_status = false; + $this->roles = false; break; } } $sgbd->close_data($rst); } - else $this->user_status = false; - return $this->user_status; + else $this->roles = false; + return $this->roles; + } + + function roles(){ + if(!isset($this->roles)) return false; + return $this->roles; } function add_role($nom, $intitule){ @@ -301,12 +325,12 @@ function clear_role_actions($id_role){ $sgbd = $this->sgbd(); - if($rst = $sgbd->open_data("action_status")){ + if($rst = $sgbd->open_data("actions_roles")){ $OK = true; while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ - if(isset($v_rst["id"]) && isset($v_rst["id_status"]) && $v_rst["id_status"] == $id_role){ - if(!$sgbd->del_data("action_status", $v_rst["id"])){ + if(isset($v_rst["id"]) && isset($v_rst["id_role"]) && $v_rst["id_role"] == $id_role){ + if(!$sgbd->del_data("actions_roles", $v_rst["id"])){ $OK = false; break; } @@ -343,15 +367,15 @@ function add_role_action($id_role, $action){ $sgbd = $this->sgbd(); - $id_action_status = $sgbd->add_data( - "action_status", + $id_action_role = $sgbd->add_data( + "actions_roles", array( "action" => $action, - "id_status" => $id_role + "id_role" => $id_role ) ); - if(!isset($id_action_status)) return false; - return $id_action_status; + if(!isset($id_action_role)) return false; + return $id_action_role; } function del_role($id_role){ @@ -359,13 +383,8 @@ return $sgbd->del_data("roles", $id_role) ? true : false; } - function status(){ - if(!isset($this->user_status)) return false; - return $this->user_status; - } - - function get_user_status(){ - $user_status = array(); + function get_user_roles(){ + $user_roles = array(); $user = $this->get_session_user(); if($user && isset($user["id"])){ $sgbd = $this->sgbd(); @@ -373,106 +392,106 @@ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ if(isset($v_rst["id_role"]) && isset($v_rst["id_user"]) && $v_rst["id_user"] == $user["id"]){ - $user_status[] = $v_rst["id_role"]; + $user_roles[] = $v_rst["id_role"]; } } else{ - $user_status = false; + $user_roles = false; break; } } $sgbd->close_data($rst); } - else $user_status = false; - if($user_status === false) return false; + else $user_roles = false; + if($user_roles === false) return false; } - else $user_status[] = 0; - if(!$user_status) $user_status[] = 0; - return $user_status; + else $user_roles[] = 0; + if(!$user_roles) $user_roles[] = 0; + return $user_roles; } - function init_action_status($status = array()){ - if(!isset($this->user_status)) return false; - $this->action_status = $this->read_action_status(); - return $this->action_status; + function init_actions_roles(){ + if(!isset($this->roles)) return false; + $this->actions_roles = $this->read_actions_roles(); + return $this->actions_roles; } - function read_action_status($params = array()){ - if(!isset($this->user_status)) return false; + function read_actions_roles($params = array()){ + if(!isset($this->roles)) return false; $group_by_action = isset($params["group_by_action"]) ? $params["group_by_action"] : false; $sgbd = $this->sgbd(); - $action_status = array(); - if($rst = $sgbd->open_data("action_status")){ + $actions_roles = array(); + if($rst = $sgbd->open_data("actions_roles")){ while($v_rst = $sgbd->fetch_data($rst)){ if(isset($v_rst)){ - if(isset($v_rst["action"]) && isset($v_rst["id_status"])){ + if(isset($v_rst["action"]) && isset($v_rst["id_role"])){ if($group_by_action){ - if(!isset($action_status[$v_rst["action"]])) $action_status[$v_rst["action"]] = array(); - $action_status[$v_rst["action"]][] = $v_rst["id_status"]; + if(!isset($actions_roles[$v_rst["action"]])) $actions_roles[$v_rst["action"]] = array(); + $actions_roles[$v_rst["action"]][] = $v_rst["id_role"]; } - else $action_status[$v_rst["id"]] = $v_rst; + else $actions_roles[$v_rst["id"]] = $v_rst; } } else{ - $action_status = false; + $actions_roles = false; break; } } $sgbd->close_data($rst); } - else $action_status = false; - return $action_status; + else $actions_roles = false; + return $actions_roles; } - function get_action_status($mod, $controller = "index", $action = "index", $set_status = array()){ + function get_action_roles($mod, $controller = "index", $action = "index"){ $sgbd = $this->sgbd(); - $status = array(); - if($rst = $sgbd->open_data("action_status")){ - while($status !==false && $v_rst = $sgbd->fetch_data($rst)){ - if(isset($v_rst) && isset($v_rst["action"]) && isset($v_rst["id_status"])){ + $roles = array(); + if($rst = $sgbd->open_data("actions_roles")){ + while($roles !==false && $v_rst = $sgbd->fetch_data($rst)){ + if(isset($v_rst) && isset($v_rst["action"]) && isset($v_rst["id_role"])){ if( $v_rst["action"] == $mod || $v_rst["action"] == $mod."/".$controller || $v_rst["action"] == $mod."/".$controller."/".$action ){ - if(!isset($status[$v_rst["action"]])) $status[$v_rst["action"]] = array(); - $status[$v_rst["action"]][$v_rst["id_status"]] = true; + if(!isset($roles[$v_rst["action"]])) $roles[$v_rst["action"]] = array(); + $roles[$v_rst["action"]][$v_rst["id_role"]] = true; } } - else $status = false; + else $roles = false; } $sgbd->close_data($rst); } - else $status = false; - return $status; + else $roles = false; + return $roles; } function get_actions($id_role = null){ $env = $this->env(); if($actions = $env->get_actions()){ - if(($action_status = $this->read_action_status(array("group_by_action" => true))) !== false){ + if(($actions_roles = $this->read_actions_roles(array("group_by_action" => true))) !== false){ foreach($actions as $module_name => $module){ if(isset($id_role)) $actions[$module_name]["module_allowed"] = - isset($action_status[$module_name]) - && in_array($id_role, $action_status[$module_name]); + isset($actions_roles[$module_name]) + && in_array($id_role, $actions_roles[$module_name]); $actions[$module_name]["is_public"] = - isset($action_status[$module_name]) - && in_array(0, $action_status[$module_name]); + isset($actions_roles[$module_name]) + && in_array(0, $actions_roles[$module_name]); foreach($module["controleurs"] as $controleur_name => $controleur){ if(isset($id_role)) $actions[$module_name]["controleurs"][$controleur_name]["controleur_allowed"] = - isset($action_status[$module_name."/".$controleur_name]) - && in_array($id_role, $action_status[$module_name."/".$controleur_name]); + isset($actions_roles[$module_name."/".$controleur_name]) + && in_array($id_role, $actions_roles[$module_name."/".$controleur_name]); $actions[$module_name]["controleurs"][$controleur_name]["is_public"] = - isset($action_status[$module_name."/".$controleur_name]) - && in_array(0, $action_status[$module_name."/".$controleur_name]); + isset($actions_roles[$module_name."/".$controleur_name]) + && in_array(0, $actions_roles[$module_name."/".$controleur_name]); foreach($controleur["als"] as $index_als => $al){ if($al["actions"]){ if(isset($id_role)){ $HAS_ACTION_NOT_ALLOWED = false; foreach($al["actions"] as $action_name){ if( - !isset($action_status[$module_name."/".$controleur_name."/".$action_name]) - || !in_array($id_role, $action_status[$module_name."/".$controleur_name."/".$action_name]) + !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name]) + || !in_array($id_role, $actions_roles[$module_name."/".$controleur_name."/".$action_name]) ){ $HAS_ACTION_NOT_ALLOWED = true; break; @@ -485,8 +504,8 @@ $HAS_ACTION_NOT_ALLOWED = false; foreach($al["actions"] as $action_name){ if( - !isset($action_status[$module_name."/".$controleur_name."/".$action_name]) - || !in_array(0, $action_status[$module_name."/".$controleur_name."/".$action_name]) + !isset($actions_roles[$module_name."/".$controleur_name."/".$action_name]) + || !in_array(0, $actions_roles[$module_name."/".$controleur_name."/".$action_name]) ){ $HAS_ACTION_NOT_ALLOWED = true; break; @@ -505,95 +524,6 @@ return array(); } - # ---------------------------------------------------------------------------------------- - # log in / out - # - - function login($login, $password){ - if(($user = $this->user($login)) !== false){ - if($this->password_ok($user, $password)){ - if(!$this->set_session($user)) $user = false; - } - else{ - $this->clear_session(); - $user = array(); - } - } - return $user; - } - - function logout(){ - return $this->clear_session(); - } - - function user_ok($user){ - return - strcmp(md5($user["password"].$_SESSION["id"]), $_SESSION["pass"]) == 0 - && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"]; - } - - function password_ok($user, $password){ - if(!$user) return false; - return - strcmp(md5($user["password"].$_SESSION["id"]), $password) == 0 - && $_SESSION["ip"] == $_SERVER["REMOTE_ADDR"]; - } - - # ---------------------------------------------------------------------------------------- - # session - # - - function load_session(){ - session_start(); - if(!isset($_SESSION["id"])) $this->clear_session(); - if( - $user = ( - isset($_COOKIE["user"]) || isset($_SESSION["user"]) ? - $this->user(isset($_COOKIE["user"]) ? $_COOKIE["user"] : $_SESSION["user"]) - : array() - ) - ){ - if(isset($_COOKIE["user"])) $this->set_session($user); - if(!$this->user_ok($user)){ - $this->clear_session(); - $user = array(); - } - } - $this->_user = $user; - return $user; - } - - function set_session($user){ - $_SESSION["user"] = $user["login"]; - $_SESSION["pass"] = md5($user["password"].$_SESSION["id"]); - $env = $this->env(); - return setcookie("user", $user["login"], time() + (60 * 60 * 24 * 7), $env->path("web")); - } - - function clear_session(){ - unset($_SESSION["user"]); - unset($_SESSION["pass"]); - $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"]; - $_SESSION["id"] = md5(rand()); - $env = $this->env(); - return setcookie("user", "", 0, $env->path("web")); - } - - function get_session_user(){ - return $this->_user; - } - - # ---------------------------------------------------------------------------------------- - # uploads - # - - function check_user_uploads_dir($user = null){ - $env = $this->env(); - $user_dir = $env->path("content")."uploads/".(isset($user) ? $user : $this->_user["id"]); - if(!file_exists($user_dir)) @mkdir($user_dir); - return file_exists($user_dir); - } - } ?> \ No newline at end of file