Fixed a cache-check in `OC_USER_Database::getGroupName()` and minor style changes
* Added spaces here and there * Using camelCase for same variable
This commit is contained in:
Aldo "xoen" Giambelluca
parent
7b84bf5f0e
commit
64fd3f7aea
|
|
@ -22,6 +22,7 @@
|
|||
*/
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Class for usermanagement in a SQL Database
|
||||
* eg mysql, sqlite
|
||||
|
|
@ -29,262 +30,277 @@
|
|||
class OC_USER_Database extends OC_USER {
|
||||
|
||||
/**
|
||||
* check if the login button is pressed and logg the user in
|
||||
*
|
||||
*/
|
||||
public static function loginLisener(){
|
||||
if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){
|
||||
if(OC_USER::login($_POST['login'],$_POST['password'])){
|
||||
* check if the login button is pressed and logg the user in
|
||||
*
|
||||
*/
|
||||
public static function loginLisener() {
|
||||
if ( isset($_POST['loginbutton']) AND isset($_POST['password']) AND isset($_POST['login']) ) {
|
||||
if ( OC_USER::login($_POST['login'], $_POST['password']) ) {
|
||||
echo 1;
|
||||
OC_LOG::event($_SESSION['username'],1,'');
|
||||
OC_LOG::event($_SESSION['username'], 1, '');
|
||||
echo 2;
|
||||
if((isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL) or isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {
|
||||
$url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
|
||||
}else{
|
||||
$url = "http://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
|
||||
if ( ( isset($CONFIG_HTTPFORCESSL) AND $CONFIG_HTTPFORCESSL )
|
||||
OR ( isset($_SERVER['HTTPS']) AND ( 'on' === $_SERVER['HTTPS'] ) ) ) {
|
||||
$url = 'https://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
|
||||
} else {
|
||||
$url = 'http://'. $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
|
||||
}
|
||||
header("Location: $url");
|
||||
header('Location: $url');
|
||||
die();
|
||||
}else{
|
||||
return('error');
|
||||
}
|
||||
} else {
|
||||
return 'error';
|
||||
}
|
||||
}
|
||||
|
||||
return('');
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* try to create a new user
|
||||
*
|
||||
*/
|
||||
public static function createUser($username,$password){
|
||||
* try to create a new user
|
||||
*
|
||||
*/
|
||||
public static function createUser($username, $password) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
if(OC_USER::getuserid($username,true)!=0){
|
||||
if ( 0 !== OC_USER::getUserId($username, true) ) {
|
||||
return false;
|
||||
}else{
|
||||
$usernameclean=strtolower($username);
|
||||
$password=sha1($password);
|
||||
$username=OC_DB::escape($username);
|
||||
$usernameclean=OC_DB::escape($usernameclean);
|
||||
$query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')";
|
||||
$result=OC_DB::query($query);
|
||||
return ($result)?true:false;
|
||||
}
|
||||
} else {
|
||||
$usernameclean = strtolower($username);
|
||||
$password = sha1($password);
|
||||
$username = OC_DB::escape($username);
|
||||
$usernameclean = OC_DB::escape($usernameclean);
|
||||
$query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')";
|
||||
$result = OC_DB::query($query);
|
||||
|
||||
return ($result) ? true : false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* try to login a user
|
||||
*
|
||||
*/
|
||||
public static function login($username,$password){
|
||||
* try to login a user
|
||||
*
|
||||
*/
|
||||
public static function login($username, $password) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
|
||||
$password=sha1($password);
|
||||
$usernameclean=strtolower($username);
|
||||
$username=OC_DB::escape($username);
|
||||
$usernameclean=OC_DB::escape($usernameclean);
|
||||
$password = sha1($password);
|
||||
$usernameclean = strtolower($username);
|
||||
$username = OC_DB::escape($username);
|
||||
$usernameclean = OC_DB::escape($usernameclean);
|
||||
$query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
|
||||
$result=OC_DB::select($query);
|
||||
if(isset($result[0]) && isset($result[0]['user_id'])){
|
||||
$_SESSION['user_id']=$result[0]['user_id'];
|
||||
$_SESSION['username']=$username;
|
||||
$_SESSION['username_clean']=$usernameclean;
|
||||
$result = OC_DB::select($query);
|
||||
if ( isset($result[0]) AND isset($result[0]['user_id'])) {
|
||||
$_SESSION['user_id'] = $result[0]['user_id'];
|
||||
$_SESSION['username'] = $username;
|
||||
$_SESSION['username_clean'] = $usernameclean;
|
||||
|
||||
return true;
|
||||
}else{
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* check if the logout button is pressed and logout the user
|
||||
*
|
||||
*/
|
||||
public static function logoutLisener(){
|
||||
if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){
|
||||
OC_LOG::event($_SESSION['username'],2,'');
|
||||
$_SESSION['user_id']=false;
|
||||
$_SESSION['username']='';
|
||||
$_SESSION['username_clean']='';
|
||||
* check if the logout button is pressed and logout the user
|
||||
*
|
||||
*/
|
||||
public static function logoutLisener() {
|
||||
if ( isset($_GET['logoutbutton']) AND isset($_SESSION['username']) ) {
|
||||
OC_LOG::event($_SESSION['username'], 2, '');
|
||||
$_SESSION['user_id'] = false;
|
||||
$_SESSION['username'] = '';
|
||||
$_SESSION['username_clean'] = '';
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* check if a user is logged in
|
||||
*
|
||||
*/
|
||||
public static function isLoggedIn(){
|
||||
return (isset($_SESSION['user_id']) && $_SESSION['user_id'])?true:false;
|
||||
}
|
||||
|
||||
/**
|
||||
* try to create a new group
|
||||
*
|
||||
*/
|
||||
public static function createGroup($groupname){
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
if(OC_USER::getgroupid($groupname,true)==0){
|
||||
$groupname=OC_DB::escape($groupname);
|
||||
$query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupname')";
|
||||
$result=OC_DB::query($query);
|
||||
return ($result)?true:false;
|
||||
}else{
|
||||
* check if a user is logged in
|
||||
*
|
||||
*/
|
||||
public static function isLoggedIn() {
|
||||
if ( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* get the id of a user
|
||||
*
|
||||
*/
|
||||
public static function getUserId($username,$nocache=false){
|
||||
* try to create a new group
|
||||
*
|
||||
*/
|
||||
public static function createGroup($groupname) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
$usernameclean=strtolower($username);
|
||||
if(!$nocache and isset($_SESSION['user_id_cache'][$usernameclean])){//try to use cached value to save an sql query
|
||||
return $_SESSION['user_id_cache'][$usernameclean];
|
||||
if ( 0 === OC_USER::getGroupId($groupname, true) ) {
|
||||
$groupname = OC_DB::escape($groupname);
|
||||
$query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupname')";
|
||||
$result = OC_DB::query($query);
|
||||
|
||||
return ($result) ? true : false;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
$usernameclean=OC_DB::escape($usernameclean);
|
||||
$query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'";
|
||||
$result=OC_DB::select($query);
|
||||
if(!is_array($result)){
|
||||
}
|
||||
|
||||
/**
|
||||
* get the id of a user
|
||||
*
|
||||
*/
|
||||
public static function getUserId($username, $nocache=false) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
|
||||
$usernameClean = strtolower($username);
|
||||
//try to use cached value to save an sql query
|
||||
if ( !$nocache AND isset($_SESSION['user_id_cache'][$usernameClean]) ) {
|
||||
return $_SESSION['user_id_cache'][$usernameClean];
|
||||
}
|
||||
$usernameClean = OC_DB::escape($usernameClean);
|
||||
$query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameClean'";
|
||||
$result = OC_DB::select($query);
|
||||
if ( !is_array($result) ) {
|
||||
return 0;
|
||||
}
|
||||
if(isset($result[0]) && isset($result[0]['user_id'])){
|
||||
$_SESSION['user_id_cache'][$usernameclean]=$result[0]['user_id'];
|
||||
if ( isset($result[0]) AND isset($result[0]['user_id']) ) {
|
||||
$_SESSION['user_id_cache'][$usernameClean] = $result[0]['user_id'];
|
||||
return $result[0]['user_id'];
|
||||
}else{
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* get the id of a group
|
||||
*
|
||||
*/
|
||||
public static function getGroupId($groupname,$nocache=false){
|
||||
* get the id of a group
|
||||
*
|
||||
*/
|
||||
public static function getGroupId($groupName, $noCache=false) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
if(!$nocache and isset($_SESSION['group_id_cache'][$groupname])){//try to use cached value to save an sql query
|
||||
return $_SESSION['group_id_cache'][$groupname];
|
||||
|
||||
//try to use cached value to save an sql query
|
||||
if ( !$noCache AND isset($_SESSION['group_id_cache'][$groupName]) ) {
|
||||
return $_SESSION['group_id_cache'][$groupName];
|
||||
}
|
||||
$groupname=OC_DB::escape($groupname);
|
||||
$query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'";
|
||||
$result=OC_DB::select($query);
|
||||
if(!is_array($result)){
|
||||
$groupName = OC_DB::escape($groupName);
|
||||
$query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupName'";
|
||||
$result = OC_DB::select($query);
|
||||
if ( !is_array($result) ) {
|
||||
return 0;
|
||||
}
|
||||
if(isset($result[0]) && isset($result[0]['group_id'])){
|
||||
$_SESSION['group_id_cache'][$groupname]=$result[0]['group_id'];
|
||||
if ( isset($result[0]) AND isset($result[0]['group_id']) ) {
|
||||
$_SESSION['group_id_cache'][$groupName] = $result[0]['group_id'];
|
||||
return $result[0]['group_id'];
|
||||
}else{
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* get the name of a group
|
||||
*
|
||||
*/
|
||||
public static function getGroupName($groupid,$nocache=false){
|
||||
* get the name of a group
|
||||
*
|
||||
*/
|
||||
public static function getGroupName($groupId, $noCache=false) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
if($nocache and $name=array_search($groupid,$_SESSION['group_id_cache'])){//try to use cached value to save an sql query
|
||||
|
||||
//try to use cached value to save an sql query
|
||||
if ( !$noCache AND ( $name = array_search($groupId,$_SESSION['group_id_cache']) ) ) {
|
||||
return $name;
|
||||
}
|
||||
$groupid=(integer)$groupid;
|
||||
$query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1";
|
||||
$result=OC_DB::select($query);
|
||||
if(isset($result[0]) && isset($result[0]['group_name'])){
|
||||
$groupId = (integer)$groupId;
|
||||
$query = "SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupId' LIMIT 1";
|
||||
$result = OC_DB::select($query);
|
||||
if ( isset($result[0]) AND isset($result[0]['group_name']) ) {
|
||||
return $result[0]['group_name'];
|
||||
}else{
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* check if a user belongs to a group
|
||||
*
|
||||
*/
|
||||
public static function inGroup($username,$groupname){
|
||||
* check if a user belongs to a group
|
||||
*
|
||||
*/
|
||||
public static function inGroup($username, $groupName) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
|
||||
$userid=OC_USER::getuserid($username);
|
||||
$groupid=OC_USER::getgroupid($groupname);
|
||||
if($groupid>0 and $userid>0){
|
||||
$query="SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupid' AND user_id = '$userid';";
|
||||
$result=OC_DB::select($query);
|
||||
if(isset($result[0]) && isset($result[0]['user_group_id'])){
|
||||
$userId = OC_USER::getUserId($username);
|
||||
$groupId = OC_USER::getGroupId($groupName);
|
||||
if ( ( $groupId > 0 ) AND ( $userId > 0 ) ) {
|
||||
$query = "SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupId' AND user_id = '$userId';";
|
||||
$result = OC_DB::select($query);
|
||||
if ( isset($result[0]) AND isset($result[0]['user_group_id']) ) {
|
||||
return true;
|
||||
}else{
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}else{
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* add a user to a group
|
||||
*
|
||||
*/
|
||||
public static function addToGroup($username,$groupname){
|
||||
* add a user to a group
|
||||
*
|
||||
*/
|
||||
public static function addToGroup($username, $groupName) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
|
||||
if(!OC_USER::ingroup($username,$groupname)){
|
||||
$userid=OC_USER::getuserid($username);
|
||||
$groupid=OC_USER::getgroupid($groupname);
|
||||
if($groupid!=0 and $userid!=0){
|
||||
$query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');";
|
||||
$result=OC_DB::query($query);
|
||||
if($result){
|
||||
if ( !OC_USER::inGroup($username, $groupName) ) {
|
||||
$userId = OC_USER::getuserid($username);
|
||||
$groupId = OC_USER::getgroupid($groupName);
|
||||
if ( ( 0 != $groupId ) AND ( 0 != $userId ) ) {
|
||||
$query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userId', '$groupId');";
|
||||
$result = OC_DB::query($query);
|
||||
if ( $result ) {
|
||||
return true;
|
||||
}else{
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}else{
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}else{
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
public static function generatePassword(){
|
||||
public static function generatePassword() {
|
||||
return uniqid();
|
||||
}
|
||||
|
||||
/**
|
||||
* get all groups the user belongs to
|
||||
*
|
||||
*/
|
||||
public static function getUserGroups($username){
|
||||
* get all groups the user belongs to
|
||||
*
|
||||
*/
|
||||
public static function getUserGroups($username) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
|
||||
$userid=OC_USER::getuserid($username);
|
||||
$query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userid'";
|
||||
$result=OC_DB::select($query);
|
||||
$groups=array();
|
||||
if(is_array($result)){
|
||||
foreach($result as $group){
|
||||
$groupid=$group['group_id'];
|
||||
$groups[]=OC_USER::getgroupname($groupid);
|
||||
$userId = OC_USER::getUserId($username);
|
||||
$query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userId'";
|
||||
$result = OC_DB::select($query);
|
||||
$groups = array();
|
||||
if ( is_array($result) ) {
|
||||
foreach ( $result as $group ) {
|
||||
$groupId = $group['group_id'];
|
||||
$groups[] = OC_USER::getGroupName($groupId);
|
||||
}
|
||||
}
|
||||
|
||||
return $groups;
|
||||
}
|
||||
|
||||
/**
|
||||
* set the password of a user
|
||||
*
|
||||
*/
|
||||
public static function setPassword($username,$password){
|
||||
* set the password of a user
|
||||
*
|
||||
*/
|
||||
public static function setPassword($username, $password) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
|
||||
$password=sha1($password);
|
||||
$userid=OC_USER::getuserid($username);
|
||||
$query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userid'";
|
||||
$result=OC_DB::query($query);
|
||||
if($result){
|
||||
$password = sha1($password);
|
||||
$userId = OC_USER::getUserId($username);
|
||||
$query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userId'";
|
||||
$result = OC_DB::query($query);
|
||||
if ( $result ) {
|
||||
return true;
|
||||
}else{
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -293,21 +309,20 @@ class OC_USER_Database extends OC_USER {
|
|||
* check the password of a user
|
||||
*
|
||||
*/
|
||||
public static function checkPassword($username,$password){
|
||||
public static function checkPassword($username, $password) {
|
||||
global $CONFIG_DBTABLEPREFIX;
|
||||
|
||||
$password=sha1($password);
|
||||
$usernameclean=strtolower($username);
|
||||
$username=OC_DB::escape($username);
|
||||
$usernameclean=OC_DB::escape($usernameclean);
|
||||
$query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
|
||||
$result=OC_DB::select($query);
|
||||
if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){
|
||||
$password = sha1($password);
|
||||
$usernameClean = strtolower($username);
|
||||
$username = OC_DB::escape($username);
|
||||
$usernameClean = OC_DB::escape($usernameClean);
|
||||
$query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameClean' AND user_password = '$password' LIMIT 1";
|
||||
$result = OC_DB::select($query);
|
||||
if ( isset($result[0]) AND isset($result[0]['user_id']) AND ( $result[0]['user_id'] > 0 ) ) {
|
||||
return true;
|
||||
}else{
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue