tasks/includes/t-basics/dao_users.inc.php
Emmanuel BENOîT 56741bccaa Task assignment
Tasks can be assigned to users. An user may decide to "claim" a task
directly, which will assign the task to him. Otherwise, it is possible
to set some arbitrary user as the assignee or remove the assignee
completely through the edition form.

Marking a task as completed will remove the assignee, while
re-activating a task will assign it to the user who re-activated it.

Also, fixed a bug which allowed a completed task to be edited.
2012-02-06 16:54:20 +01:00

117 lines
2.7 KiB
PHP

<?php
class Dao_Users
extends DAO
{
private function hashPassword( $password , $salt , $iterations )
{
$hash = $password;
$salt = trim( $salt );
do {
$hash = sha1( "$salt$hash$salt" );
$iterations --;
} while ( $iterations > 0 );
return $hash;
}
private function hashNewPassword( $password )
{
$iterations = rand( 130 , 160 );
$randSource = array( );
for ( $i = 0 ; $i < 26 ; $i ++ ) {
array_push( $randSource , chr( $i + ord( 'a' ) ) );
array_push( $randSource , chr( $i + ord( 'A' ) ) );
if ( $i < 10 ) {
array_push( $randSource , chr( $i + 48 ) );
}
}
shuffle( $randSource );
$salt = join( '' , array_splice( $randSource , 0 , 4 ) );
$hash = $this->hashPassword( $password , $salt , $iterations );
return array( $iterations , $salt , $hash );
}
public function getUsers( )
{
return $this->query(
'SELECT user_id , user_display_name , user_email , user_view_name '
. 'FROM users_view '
. 'ORDER BY LOWER( user_email )' )->execute( );
}
public function getUserById( $uid )
{
$query = $this->query( 'SELECT * FROM users_view WHERE user_id = $1' );
$results = $query->execute( $uid );
if ( empty( $results ) ) {
return null;
}
return array_shift( $results );
}
public function getUser( $email )
{
$query = $this->query( 'SELECT * FROM users_view WHERE user_email = LOWER( $1 )' );
$results = $query->execute( $email );
if ( empty( $results ) ) {
return null;
}
return array_shift( $results );
}
public function checkLogin( $email , $password )
{
$userData = $this->getUser( $email );
if ( $userData != null ) {
$hashed = $this->hashPassword( $password ,
$userData->user_salt ,
$userData->user_iterations );
if ( $hashed === $userData->user_hash ) {
return $userData;
}
}
return null;
}
public function addUser( $email , $password , $name )
{
list( $iterations , $salt , $hash ) = $this->hashNewPassword( $password );
$result = $this->query( 'SELECT users_add( $1 , $2 , $3 , $4 , $5 ) AS error' )
->execute( $email , $salt , $iterations , $hash , $name );
return $result[ 0 ]->error;
}
public function hasUsers( )
{
$result = $this->query( 'SELECT COUNT(*) AS n_users FROM users' )->execute( );
return $result[0]->n_users > 0;
}
public function modify( $id , $email , $name )
{
$result = $this->query( 'SELECT users_edit( $1 , $2 , $3 ) AS error'
)->execute( $id , $email , $name );
return $result[0]->error;
}
public function setPassword( $id , $password )
{
list( $iterations , $salt , $hash ) = $this->hashNewPassword( $password );
$this->query(
'UPDATE users '
. 'SET user_iterations = $1 , user_salt = $2 , user_hash = $3 '
. 'WHERE user_id = $4'
)->execute( $iterations , $salt , $hash , $id );
}
}