nextcloud/lib/User/database.php

210 lines
5.2 KiB
PHP
Raw Normal View History

2010-07-15 16:09:22 +04:00
<?php
/**
* ownCloud
*
* @author Frank Karlitschek
* @copyright 2010 Frank Karlitschek karlitschek@kde.org
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
/*
*
* The following SQL statement is just a help for developers and will not be
* executed!
*
* CREATE TABLE `users` (
* `uid` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
* `password` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
* PRIMARY KEY (`uid`)
* ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
*
*/
2010-07-15 16:09:22 +04:00
2011-04-16 12:12:53 +04:00
require_once('User/backend.php');
2010-07-15 16:09:22 +04:00
/**
* Class for user management in a SQL Database (e.g. MySQL, SQLite)
2010-07-15 16:09:22 +04:00
*/
class OC_USER_DATABASE extends OC_USER_BACKEND {
2010-09-12 19:04:52 +04:00
static private $userGroupCache=array();
2010-07-15 16:09:22 +04:00
/**
2011-04-18 12:41:01 +04:00
* @brief Create a new user
* @param $username The username of the user to create
* @param $password The password of the new user
* @returns true/false
*
2011-04-18 12:41:01 +04:00
* Creates a new user
*/
2011-04-18 12:41:01 +04:00
public static function createUser( $username, $password ){
// Check if the user already exists
2011-04-18 12:41:01 +04:00
$query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" );
$result = $query->execute( array( $username ));
if ( $result->numRows() > 0 ){
2010-07-15 16:09:22 +04:00
return false;
}
else{
$query = OC_DB::prepare( "INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )" );
2011-04-18 12:41:01 +04:00
$result = $query->execute( array( $username, sha1( $password )));
return $result ? true : false;
}
}
2011-04-17 03:04:23 +04:00
/**
2011-04-18 12:41:01 +04:00
* @brief delete a user
* @param $uid The username of the user to delete
* @returns true/false
2011-04-17 03:04:23 +04:00
*
2011-04-18 12:41:01 +04:00
* Deletes a user
2011-04-17 03:04:23 +04:00
*/
public static function deleteUser( $uid ){
2011-04-18 12:41:01 +04:00
// Delete user
2011-04-17 14:35:58 +04:00
$query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE uid = ?" );
2011-04-17 03:04:23 +04:00
$result = $query->execute( array( $uid ));
2011-04-18 12:41:01 +04:00
// Delete user-group-relation
$query = OC_DB::prepare( "DELETE FROM `*PREFIX*group_user` WHERE uid = ?" );
$result = $query->execute( array( $uid ));
2011-04-17 03:04:23 +04:00
return true;
}
2010-07-15 16:09:22 +04:00
/**
2011-04-18 12:41:01 +04:00
* @brief Try to login a user
* @param $uid The username of the user to log in
* @param $password The password of the user
* @returns true/false
*
2011-04-18 12:41:01 +04:00
* Log in a user - if the password is ok
*/
2011-04-18 12:41:01 +04:00
public static function login( $uid, $password ){
// Query
2011-04-17 14:22:40 +04:00
$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid = ? AND password = ?" );
2011-04-18 12:41:01 +04:00
$result = $query->execute( array( $uid, sha1( $password )));
2010-07-15 16:09:22 +04:00
if( $result->numRows() > 0 ){
2011-04-18 12:41:01 +04:00
// Set username if name and password are known
$row = $result->fetchRow();
$_SESSION['user_id'] = $row["uid"];
2011-04-18 12:41:01 +04:00
OC_LOG::add( "core", $_SESSION['user_id'], "login" );
2010-07-15 16:09:22 +04:00
return true;
}
else{
return false;
2010-07-15 16:09:22 +04:00
}
}
/**
2011-04-18 12:41:01 +04:00
* @brief Kick the user
* @returns true
*
2011-04-18 12:41:01 +04:00
* Logout, destroys session
*/
2011-04-18 12:41:01 +04:00
public static function logout(){
OC_LOG::add( "core", $_SESSION['user_id'], "logout" );
$_SESSION['user_id'] = false;
2011-04-18 12:41:01 +04:00
return true;
}
2010-07-15 16:09:22 +04:00
/**
2011-04-18 12:41:01 +04:00
* @brief Check if the user is logged in
* @returns true/false
*
2011-04-18 12:41:01 +04:00
* Checks if the user is logged in
*/
public static function isLoggedIn() {
if( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ){
return true;
}
else{
2010-07-15 16:09:22 +04:00
return false;
}
}
/**
2011-04-18 12:41:01 +04:00
* @brief Autogenerate a password
* @returns string
*
* generates a password
*/
public static function generatePassword(){
return uniqId();
2010-07-15 16:09:22 +04:00
}
2010-07-15 16:09:22 +04:00
/**
2011-04-18 12:41:01 +04:00
* @brief Set password
* @param $uid The username
* @param $password The new password
* @returns true/false
*
2011-04-18 12:41:01 +04:00
* Change the password of a user
*/
2011-04-18 12:41:01 +04:00
public static function setPassword( $uid, $password ){
// Check if the user already exists
$query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" );
$result = $query->execute( array( $uid ));
2010-07-15 16:09:22 +04:00
2011-04-18 12:41:01 +04:00
if ( $result->numRows() > 0 ){
return false;
}
else{
$query = OC_DB::prepare( "UPDATE *PREFIX*users SET password = ? WHERE uid = ?" );
$result = $query->execute( array( sha1( $password ), $uid ));
return true;
}
2010-07-15 16:09:22 +04:00
}
2010-07-15 16:09:22 +04:00
/**
2011-04-18 12:41:01 +04:00
* @brief Check if the password is correct
* @param $uid The username
* @param $password The password
* @returns true/false
*
2011-04-18 12:41:01 +04:00
* Check if the password is correct without logging in the user
*/
2011-04-18 12:41:01 +04:00
public static function checkPassword( $uid, $password ){
2011-04-17 14:35:58 +04:00
$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid = ? AND password = ?" );
2011-04-18 12:41:01 +04:00
$result = $query->execute( array( $uid, sha1( $password )));
2010-07-15 16:09:22 +04:00
if( $result->numRows() > 0 ){
2010-07-15 16:09:22 +04:00
return true;
}
else{
2010-07-15 16:09:22 +04:00
return false;
}
}
2010-09-12 19:04:52 +04:00
/**
2011-04-18 12:41:01 +04:00
* @brief Get a list of all users
* @returns array with all uids
2010-09-12 19:04:52 +04:00
*
2011-04-18 12:41:01 +04:00
* Get a list of all users.
2010-09-12 19:04:52 +04:00
*/
public static function getUsers(){
2011-04-17 14:35:58 +04:00
$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users" );
$result = $query->execute();
2010-09-12 19:04:52 +04:00
$users=array();
while( $row = $result->fetchRow()){
$users[] = $row["uid"];
2010-09-12 19:04:52 +04:00
}
return $users;
}
}