00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038 include_once( 'kernel/classes/ezpersistentobject.php' );
00039 include_once( 'lib/ezutils/classes/ezhttptool.php' );
00040 include_once( 'lib/ezfile/classes/ezdir.php' );
00041 include_once( 'lib/ezutils/classes/ezsys.php' );
00042
00043 $ini =& eZINI::instance();
00044 define( 'EZ_USER_ANONYMOUS_ID', (int)$ini->variable( 'UserSettings', 'AnonymousUserID' ) );
00045
00046
00047 define( 'EZ_USER_PASSWORD_HASH_MD5_PASSWORD', 1 );
00048
00049 define( 'EZ_USER_PASSWORD_HASH_MD5_USER', 2 );
00050
00051 define( 'EZ_USER_PASSWORD_HASH_MD5_SITE', 3 );
00052
00053 define( 'EZ_USER_PASSWORD_HASH_MYSQL', 4 );
00054
00055 define( 'EZ_USER_PASSWORD_HASH_PLAINTEXT', 5 );
00056
00057
00058 define( 'EZ_USER_AUTHENTICATE_LOGIN', 1 << 0 );
00059
00060 define( 'EZ_USER_AUTHENTICATE_EMAIL', 1 << 1 );
00061
00062 define( 'EZ_USER_AUTHENTICATE_ALL', EZ_USER_AUTHENTICATE_LOGIN | EZ_USER_AUTHENTICATE_EMAIL );
00063
00064 $GLOBALS['eZUserBuiltins'] = array( EZ_USER_ANONYMOUS_ID );
00065
00066 class eZUser extends eZPersistentObject
00067 {
00068 function eZUser( $row )
00069 {
00070 $this->eZPersistentObject( $row );
00071 $this->OriginalPassword = false;
00072 $this->OriginalPasswordConfirm = false;
00073 }
00074
00075 function definition()
00076 {
00077 return array( 'fields' => array( 'contentobject_id' => array( 'name' => 'ContentObjectID',
00078 'datatype' => 'integer',
00079 'default' => 0,
00080 'required' => true,
00081 'foreign_class' => 'eZContentObject',
00082 'foreign_attribute' => 'id',
00083 'multiplicity' => '0..1' ),
00084 'login' => array( 'name' => 'Login',
00085 'datatype' => 'string',
00086 'default' => '',
00087 'required' => true ),
00088 'email' => array( 'name' => 'Email',
00089 'datatype' => 'string',
00090 'default' => '',
00091 'required' => true ),
00092 'password_hash' => array( 'name' => 'PasswordHash',
00093 'datatype' => 'string',
00094 'default' => '',
00095 'required' => true ),
00096 'password_hash_type' => array( 'name' => 'PasswordHashType',
00097 'datatype' => 'integer',
00098 'default' => 1,
00099 'required' => true ) ),
00100 'keys' => array( 'contentobject_id' ),
00101 'function_attributes' => array( 'contentobject' => 'contentObject',
00102 'groups' => 'groups',
00103 'has_stored_login' => 'hasStoredLogin',
00104 'original_password' => 'originalPassword',
00105 'original_password_confirm' => 'originalPasswordConfirm',
00106 'roles' => 'roles',
00107 'role_id_list' => 'roleIDList',
00108 'limited_assignment_value_list' => 'limitValueList',
00109 'is_logged_in' => 'isLoggedIn',
00110 'is_enabled' => 'isEnabled',
00111 'is_locked' => 'isLocked',
00112 'last_visit' => 'lastVisit',
00113 'has_manage_locations' => 'hasManageLocations' ),
00114 'relations' => array( 'contentobject_id' => array( 'class' => 'ezcontentobject',
00115 'field' => 'id' ) ),
00116 'class_name' => 'eZUser',
00117 'name' => 'ezuser' );
00118 }
00119
00120
00121
00122
00123 function passwordHashTypeName( $id )
00124 {
00125 switch ( $id )
00126 {
00127 case EZ_USER_PASSWORD_HASH_MD5_PASSWORD:
00128 {
00129 return 'md5_password';
00130 } break;
00131 case EZ_USER_PASSWORD_HASH_MD5_USER:
00132 {
00133 return 'md5_user';
00134 } break;
00135 case EZ_USER_PASSWORD_HASH_MD5_SITE:
00136 {
00137 return 'md5_site';
00138 } break;
00139 case EZ_USER_PASSWORD_HASH_MYSQL:
00140 {
00141 return 'mysql';
00142 } break;
00143 case EZ_USER_PASSWORD_HASH_PLAINTEXT:
00144 {
00145 return 'plaintext';
00146 } break;
00147 }
00148 }
00149
00150
00151
00152
00153 function passwordHashTypeID( $identifier )
00154 {
00155 switch ( $identifier )
00156 {
00157 case 'md5_password':
00158 {
00159 return EZ_USER_PASSWORD_HASH_MD5_PASSWORD;
00160 } break;
00161 default:
00162 case 'md5_user':
00163 {
00164 return EZ_USER_PASSWORD_HASH_MD5_USER;
00165 } break;
00166 case 'md5_site':
00167 {
00168 return EZ_USER_PASSWORD_HASH_MD5_SITE;
00169 } break;
00170 case 'mysql':
00171 {
00172 return EZ_USER_PASSWORD_HASH_MYSQL;
00173 } break;
00174 case 'plaintext':
00175 {
00176 return EZ_USER_PASSWORD_HASH_PLAINTEXT;
00177 } break;
00178 }
00179 }
00180
00181
00182
00183
00184 function &hasManageLocations()
00185 {
00186 $retValue = false;
00187 $accessResult = $this->hasAccessTo( 'content', 'manage_locations' );
00188 if ( $accessResult['accessWord'] != 'no' )
00189 {
00190 $retValue = true;
00191 }
00192
00193 return $retValue;
00194 }
00195
00196 function create( $contentObjectID )
00197 {
00198 $row = array(
00199 'contentobject_id' => $contentObjectID,
00200 'login' => null,
00201 'email' => null,
00202 'password_hash' => null,
00203 'password_hash_type' => null
00204 );
00205 return new eZUser( $row );
00206 }
00207
00208 function store()
00209 {
00210 $this->Email = trim( $this->Email );
00211 include_once( 'lib/ezutils/classes/ezexpiryhandler.php' );
00212 $handler =& eZExpiryHandler::instance();
00213 $handler->setTimestamp( 'user-info-cache', mktime() );
00214 $handler->setTimestamp( 'user-groups-cache', mktime() );
00215 $handler->setTimestamp( 'user-access-cache', mktime() );
00216 $handler->store();
00217 $userID = $this->attribute( 'contentobject_id' );
00218
00219 unset( $GLOBALS['eZUserObject_' . $userID] );
00220 $GLOBALS['eZUserObject_' . $userID] =& $this;
00221 eZPersistentObject::store();
00222 }
00223
00224 function &originalPassword()
00225 {
00226 return $this->OriginalPassword;
00227 }
00228
00229 function setOriginalPassword( $password )
00230 {
00231 $this->OriginalPassword = $password;
00232 }
00233
00234 function &originalPasswordConfirm()
00235 {
00236 return $this->OriginalPasswordConfirm;
00237 }
00238
00239 function setOriginalPasswordConfirm( $password )
00240 {
00241 $this->OriginalPasswordConfirm = $password;
00242 }
00243
00244 function &hasStoredLogin()
00245 {
00246 $db =& eZDB::instance();
00247 $contentObjectID = $this->attribute( 'contentobject_id' );
00248 $sql = "SELECT * FROM ezuser WHERE contentobject_id='$contentObjectID' AND LENGTH( login ) > 0";
00249 $rows = $db->arrayQuery( $sql );
00250 $hasStoredLogin = count( $rows ) > 0;
00251 return $hasStoredLogin;
00252 }
00253
00254
00255
00256
00257
00258 function setInformation( $id, $login, $email, $password, $passwordConfirm = false )
00259 {
00260 $this->setAttribute( "contentobject_id", $id );
00261 $this->setAttribute( "email", $email );
00262 $this->setAttribute( "login", $login );
00263 if ( eZUser::validatePassword( $password ) and
00264 $password == $passwordConfirm )
00265 {
00266 $this->setAttribute( "password_hash", eZUser::createHash( $login, $password, eZUser::site(),
00267 eZUser::hashType() ) );
00268 $this->setAttribute( "password_hash_type", eZUser::hashType() );
00269 }
00270 else
00271 {
00272 $this->setOriginalPassword( $password );
00273 $this->setOriginalPasswordConfirm( $passwordConfirm );
00274 }
00275 }
00276
00277 function fetch( $id, $asObject = true )
00278 {
00279 if ( !$id )
00280 return null;
00281 return eZPersistentObject::fetchObject( eZUser::definition(),
00282 null,
00283 array( 'contentobject_id' => $id ),
00284 $asObject );
00285 }
00286
00287 function fetchByName( $login, $asObject = true )
00288 {
00289 return eZPersistentObject::fetchObject( eZUser::definition(),
00290 null,
00291 array( 'LOWER( login )' => strtolower( $login ) ),
00292 $asObject );
00293 }
00294
00295 function fetchByEmail( $email, $asObject = true )
00296 {
00297 return eZPersistentObject::fetchObject( eZUser::definition(),
00298 null,
00299 array( 'LOWER( email )' => strtolower( $email ) ),
00300 $asObject );
00301 }
00302
00303
00304
00305
00306
00307
00308
00309
00310 function fetchLoggedInList( $asObject = false, $offset = false, $limit = false, $sortBy = false )
00311 {
00312 $db =& eZDB::instance();
00313 $time = mktime();
00314 $ini =& eZINI::instance();
00315 $activityTimeout = $ini->variable( 'Session', 'ActivityTimeout' );
00316 $sessionTimeout = $ini->variable( 'Session', 'SessionTimeout' );
00317 $time = $time + $sessionTimeout - $activityTimeout;
00318
00319 $parameters = array();
00320 if ( $offset )
00321 $parameters['offset'] =(int) $offset;
00322 if ( $limit )
00323 $parameters['limit'] =(int) $limit;
00324 $sortText = '';
00325 if ( $asObject )
00326 {
00327 $selectArray = array( "distinct ezuser.*" );
00328 }
00329 else
00330 {
00331 $selectArray = array( "ezuser.contentobject_id as user_id", "ezcontentobject.name" );
00332 }
00333 if ( $sortBy !== false )
00334 {
00335 $sortElements = array();
00336 if ( !is_array( $sortBy ) )
00337 {
00338 $sortBy = array( array( $sortBy, true ) );
00339 }
00340 else if ( !is_array( $sortBy[0] ) )
00341 $sortBy = array( $sortBy );
00342 $sortColumns = array();
00343 foreach ( $sortBy as $sortElements )
00344 {
00345 $sortColumn = $sortElements[0];
00346 $sortOrder = $sortElements[1];
00347 $orderText = $sortOrder ? 'asc' : 'desc';
00348 switch ( $sortColumn )
00349 {
00350 case 'user_id':
00351 {
00352 $sortColumn = "ezuser.contentobject_id $orderText";
00353 } break;
00354
00355 case 'login':
00356 {
00357 $sortColumn = "ezuser.login $orderText";
00358 } break;
00359
00360 case 'activity':
00361 {
00362 $selectArray[] = "( ezsession.expiration_time - " . ( $sessionTimeout - $activityTimeout ) . " ) AS activity";
00363 $sortColumn = "activity $orderText";
00364 } break;
00365
00366 case 'email':
00367 {
00368 $sortColumn = "ezuser.email $orderText";
00369 } break;
00370
00371 default:
00372 {
00373 eZDebug::writeError( "Unkown sort column '$sortColumn'", 'eZUser::fetchLoggedInList' );
00374 $sortColumn = false;
00375 } break;
00376 }
00377 if ( $sortColumn )
00378 $sortColumns[] = $sortColumn;
00379 }
00380 if ( count( $sortColumns ) > 0 )
00381 $sortText = "ORDER BY " . implode( ', ', $sortColumns );
00382 }
00383 if ( $asObject )
00384 {
00385 $selectText = implode( ', ', $selectArray );
00386 $sql = "SELECT $selectText
00387 FROM ezsession, ezuser
00388 WHERE ezsession.user_id != '" . EZ_USER_ANONYMOUS_ID . "' AND
00389 ezsession.expiration_time > '$time' AND
00390 ezuser.contentobject_id = ezsession.user_id
00391 $sortText";
00392 $rows = $db->arrayQuery( $sql, $parameters );
00393 $list = array();
00394 foreach ( $rows as $row )
00395 {
00396 $list[] = new eZUser( $row );
00397 }
00398 }
00399 else
00400 {
00401 $selectText = implode( ', ', $selectArray );
00402 $sql = "SELECT $selectText
00403 FROM ezsession, ezuser, ezcontentobject
00404 WHERE ezsession.user_id != '" . EZ_USER_ANONYMOUS_ID . "' AND
00405 ezsession.expiration_time > '$time' AND
00406 ezuser.contentobject_id = ezsession.user_id AND
00407 ezcontentobject.id = ezuser.contentobject_id
00408 $sortText";
00409 $rows = $db->arrayQuery( $sql, $parameters );
00410 $list = array();
00411 foreach ( $rows as $row )
00412 {
00413 $list[$row['user_id']] = $row['name'];
00414 }
00415 }
00416 return $list;
00417 }
00418
00419
00420
00421
00422
00423
00424 function fetchLoggedInCount()
00425 {
00426 if ( isset( $GLOBALS['eZSiteBasics']['no-cache-adviced'] ) and
00427 !$GLOBALS['eZSiteBasics']['no-cache-adviced'] and
00428 isset( $GLOBALS['eZUserLoggedInCount'] ) )
00429 return $GLOBALS['eZUserLoggedInCount'];
00430 $db =& eZDB::instance();
00431 $time = mktime();
00432 $ini =& eZINI::instance();
00433 $activityTimeout = $ini->variable( 'Session', 'ActivityTimeout' );
00434 $sessionTimeout = $ini->variable( 'Session', 'SessionTimeout' );
00435 $time = $time + $sessionTimeout - $activityTimeout;
00436
00437 $sql = "SELECT count( DISTINCT user_id ) as count
00438 FROM ezsession
00439 WHERE user_id != '" . EZ_USER_ANONYMOUS_ID . "' AND
00440 user_id > 0 AND
00441 expiration_time > '$time'";
00442 $rows = $db->arrayQuery( $sql );
00443 $count = ( count( $rows ) > 0 ) ? $rows[0]['count'] : 0;
00444 $GLOBALS['eZUserLoggedInCount'] = $count;
00445 return $count;
00446 }
00447
00448
00449
00450
00451
00452
00453 function fetchAnonymousCount()
00454 {
00455 if ( isset( $GLOBALS['eZSiteBasics']['no-cache-adviced'] ) and
00456 !$GLOBALS['eZSiteBasics']['no-cache-adviced'] and
00457 isset( $GLOBALS['eZUserAnonymousCount'] ) )
00458 return $GLOBALS['eZUserAnonymousCount'];
00459 $db =& eZDB::instance();
00460 $time = mktime();
00461 $ini =& eZINI::instance();
00462 $activityTimeout = $ini->variable( 'Session', 'ActivityTimeout' );
00463 $sessionTimeout = $ini->variable( 'Session', 'SessionTimeout' );
00464 $time = $time + $sessionTimeout - $activityTimeout;
00465
00466 $sql = "SELECT count( session_key ) as count
00467 FROM ezsession
00468 WHERE user_id = '" . EZ_USER_ANONYMOUS_ID . "' AND
00469 expiration_time > '$time'";
00470 $rows = $db->arrayQuery( $sql );
00471 $count = ( count( $rows ) > 0 ) ? $rows[0]['count'] : 0;
00472 $GLOBALS['eZUserAnonymousCount'] = $count;
00473 return $count;
00474 }
00475
00476
00477
00478
00479
00480
00481
00482 function isUserLoggedIn( $userID )
00483 {
00484 $userID = (int)$userID;
00485 if ( isset( $GLOBALS['eZSiteBasics']['no-cache-adviced'] ) and
00486 !$GLOBALS['eZSiteBasics']['no-cache-adviced'] and
00487 isset( $GLOBALS['eZUserLoggedInMap'][$userID] ) )
00488 return $GLOBALS['eZUserLoggedInMap'][$userID];
00489 $db =& eZDB::instance();
00490 $time = mktime();
00491 $ini =& eZINI::instance();
00492 $activityTimeout = $ini->variable( 'Session', 'ActivityTimeout' );
00493 $sessionTimeout = $ini->variable( 'Session', 'SessionTimeout' );
00494 $time = $time + $sessionTimeout - $activityTimeout;
00495
00496 $sql = "SELECT DISTINCT user_id
00497 FROM ezsession
00498 WHERE user_id = '" . $userID . "' AND
00499 expiration_time > '$time'";
00500 $rows = $db->arrayQuery( $sql, array( 'limit' => 2 ) );
00501 $isLoggedIn = count( $rows ) > 0;
00502 $GLOBALS['eZUserLoggedInMap'][$userID] = $isLoggedIn;
00503 return $isLoggedIn;
00504 }
00505
00506
00507
00508
00509
00510
00511
00512
00513 function clearSessionCache()
00514 {
00515 unset( $GLOBALS['eZUserLoggedInCount'] );
00516 unset( $GLOBALS['eZUserAnonymousCount'] );
00517 unset( $GLOBALS['eZUserLoggedInMap'] );
00518 }
00519
00520
00521
00522
00523
00524 function removeSessionData( $userID )
00525 {
00526 eZUser::clearSessionCache();
00527 $db =& eZDB::instance();
00528 $userID = (int)$userID;
00529 $db->query( 'DELETE FROM ezsession WHERE user_id = \'' . $userID . '\'' );
00530 }
00531
00532
00533
00534
00535
00536 function removeUser( $userID )
00537 {
00538 include_once( 'kernel/classes/notification/handler/ezsubtree/ezsubtreenotificationrule.php' );
00539 include_once( 'kernel/classes/notification/handler/ezcollaborationnotification/ezcollaborationnotificationrule.php' );
00540 include_once( 'kernel/classes/datatypes/ezuser/ezusersetting.php' );
00541 include_once( 'kernel/classes/datatypes/ezuser/ezuseraccountkey.php' );
00542 include_once( 'kernel/classes/datatypes/ezuser/ezforgotpassword.php' );
00543 include_once( 'kernel/classes/ezwishlist.php' );
00544
00545 $user = eZUser::fetch( $userID );
00546 if ( $user )
00547 {
00548 eZUser::removeSessionData( $userID );
00549 }
00550
00551 eZSubtreeNotificationRule::removeByUserID( $userID );
00552 eZCollaborationNotificationRule::removeByUserID( $userID );
00553 eZUserSetting::remove( $userID );
00554 eZUserAccountKey::remove( $userID );
00555 eZForgotPassword::remove( $userID );
00556 eZWishList::removeByUserID( $userID );
00557
00558 eZPersistentObject::removeObject( eZUser::definition(),
00559 array( 'contentobject_id' => $userID ) );
00560 }
00561
00562
00563
00564
00565
00566 function fetchContentList()
00567 {
00568 $contentObjectStatus = EZ_CONTENT_OBJECT_STATUS_PUBLISHED;
00569 $query = "SELECT ezcontentobject.*
00570 FROM ezuser, ezcontentobject, ezuser_setting
00571 WHERE ezcontentobject.status = '$contentObjectStatus' AND
00572 ezuser_setting.is_enabled = 1 AND
00573 ezcontentobject.id = ezuser.contentobject_id AND
00574 ezuser_setting.user_id = ezuser.contentobject_id";
00575 $db =& eZDB::instance();
00576 $rows = $db->arrayQuery( $query );
00577 return $rows;
00578 }
00579
00580
00581
00582
00583
00584 function hashType()
00585 {
00586 include_once( 'lib/ezutils/classes/ezini.php' );
00587 $ini =& eZINI::instance();
00588 $type = strtolower( $ini->variable( 'UserSettings', 'HashType' ) );
00589 if ( $type == 'md5_site' )
00590 return EZ_USER_PASSWORD_HASH_MD5_SITE;
00591 else if ( $type == 'md5_user' )
00592 return EZ_USER_PASSWORD_HASH_MD5_USER;
00593 else if ( $type == 'plaintext' )
00594 return EZ_USER_PASSWORD_HASH_PLAINTEXT;
00595 else
00596 return EZ_USER_PASSWORD_HASH_MD5_PASSWORD;
00597 }
00598
00599
00600
00601
00602
00603 function site()
00604 {
00605 include_once( 'lib/ezutils/classes/ezini.php' );
00606 $ini =& eZINI::instance();
00607 return $ini->variable( 'UserSettings', 'SiteName' );
00608 }
00609
00610
00611
00612
00613
00614 function &fetchBuiltin( $id )
00615 {
00616 if ( !in_array( $id, $GLOBALS['eZUserBuiltins'] ) )
00617 $id = EZ_USER_ANONYMOUS_ID;
00618 $builtinInstance =& $GLOBALS["eZUserBuilitinInstance-$id"];
00619 if ( get_class( $builtinInstance ) != 'ezuser' )
00620 {
00621 include_once( 'lib/ezutils/classes/ezini.php' );
00622 $builtinInstance = eZUser::fetch( EZ_USER_ANONYMOUS_ID );
00623 }
00624 return $builtinInstance;
00625 }
00626
00627
00628
00629
00630
00631 function id()
00632 {
00633 return $this->ContentObjectID;
00634 }
00635
00636
00637
00638
00639 function authenticationMatch()
00640 {
00641 include_once( 'lib/ezutils/classes/ezini.php' );
00642 $ini =& eZINI::instance();
00643 $matchArray = $ini->variableArray( 'UserSettings', 'AuthenticateMatch' );
00644 $match = 0;
00645 foreach ( $matchArray as $matchItem )
00646 {
00647 switch ( $matchItem )
00648 {
00649 case "login":
00650 {
00651 $match = ( $match | EZ_USER_AUTHENTICATE_LOGIN );
00652 } break;
00653 case "email":
00654 {
00655 $match = ( $match | EZ_USER_AUTHENTICATE_EMAIL );
00656 } break;
00657 }
00658 }
00659 return $match;
00660 }
00661
00662
00663
00664
00665 function requireUniqueEmail()
00666 {
00667 $ini =& eZINI::instance();
00668 return $ini->variable( 'UserSettings', 'RequireUniqueEmail' ) == 'true';
00669 }
00670
00671
00672
00673
00674
00675
00676 function &loginUser( $login, $password, $authenticationMatch = false )
00677 {
00678 include_once( 'kernel/classes/ezcontentobject.php' );
00679
00680 $http =& eZHTTPTool::instance();
00681 $db =& eZDB::instance();
00682
00683 if ( $authenticationMatch === false )
00684 $authenticationMatch = eZUser::authenticationMatch();
00685
00686 $loginEscaped = $db->escapeString( $login );
00687 $passwordEscaped = $db->escapeString( $password );
00688
00689 $loginArray = array();
00690 if ( $authenticationMatch & EZ_USER_AUTHENTICATE_LOGIN )
00691 $loginArray[] = "login='$loginEscaped'";
00692 if ( $authenticationMatch & EZ_USER_AUTHENTICATE_EMAIL )
00693 {
00694 include_once( 'lib/ezutils/classes/ezmail.php' );
00695 if ( eZMail::validate( $login ) )
00696 {
00697 $loginArray[] = "email='$loginEscaped'";
00698 }
00699 }
00700 if ( count( $loginArray ) == 0 )
00701 $loginArray[] = "login='$loginEscaped'";
00702 $loginText = implode( ' OR ', $loginArray );
00703
00704 $contentObjectStatus = EZ_CONTENT_OBJECT_STATUS_PUBLISHED;
00705
00706 $ini =& eZINI::instance();
00707 $databaseImplementation = $ini->variable( 'DatabaseSettings', 'DatabaseImplementation' );
00708
00709 if ( $databaseImplementation == "ezmysql" )
00710 {
00711 $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login
00712 FROM ezuser, ezcontentobject
00713 WHERE ( $loginText ) AND
00714 ezcontentobject.status='$contentObjectStatus' AND
00715 ezcontentobject.id=contentobject_id AND
00716 ( ( password_hash_type!=4 ) OR
00717 ( password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') ) )";
00718 }
00719 else
00720 {
00721 $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login
00722 FROM ezuser, ezcontentobject
00723 WHERE ( $loginText ) AND
00724 ezcontentobject.status='$contentObjectStatus' AND
00725 ezcontentobject.id=contentobject_id";
00726 }
00727
00728 $users = $db->arrayQuery( $query );
00729 $exists = false;
00730 if ( $users !== false and count( $users ) >= 1 )
00731 {
00732 include_once( 'lib/ezutils/classes/ezini.php' );
00733 $ini =& eZINI::instance();
00734 foreach ( array_keys( $users ) as $key )
00735 {
00736 $userRow =& $users[$key];
00737 $userID = $userRow['contentobject_id'];
00738 $hashType = $userRow['password_hash_type'];
00739 $hash = $userRow['password_hash'];
00740 $exists = eZUser::authenticateHash( $userRow['login'], $password, eZUser::site(),
00741 $hashType,
00742 $hash );
00743
00744
00745 if ( $hashType == EZ_USER_PASSWORD_HASH_MYSQL and $databaseImplementation == "ezmysql" )
00746 {
00747 $queryMysqlUser = "SELECT contentobject_id, password_hash, password_hash_type, email, login
00748 FROM ezuser, ezcontentobject
00749 WHERE ezcontentobject.status='$contentObjectStatus' AND
00750 password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') ";
00751 $mysqlUsers = $db->arrayQuery( $queryMysqlUser );
00752 if ( count( $mysqlUsers ) >= 1 )
00753 $exists = true;
00754
00755 }
00756
00757 eZDebugSetting::writeDebug( 'kernel-user', eZUser::createHash( $userRow['login'], $password, eZUser::site(),
00758 $hashType ), "check hash" );
00759 eZDebugSetting::writeDebug( 'kernel-user', $hash, "stored hash" );
00760
00761 $canLogin = eZUser::isEnabledAfterFailedLogin( $userID );
00762
00763 if ( $exists )
00764 {
00765
00766 $GLOBALS['eZFailedLoginAttemptUserID'] = $userID;
00767
00768 include_once( "kernel/classes/datatypes/ezuser/ezusersetting.php" );
00769 $userSetting = eZUserSetting::fetch( $userID );
00770 $isEnabled = $userSetting->attribute( "is_enabled" );
00771 if ( $hashType != eZUser::hashType() and
00772 strtolower( $ini->variable( 'UserSettings', 'UpdateHash' ) ) == 'true' )
00773 {
00774 $hashType = eZUser::hashType();
00775 $hash = eZUser::createHash( $login, $password, eZUser::site(),
00776 $hashType );
00777 $db->query( "UPDATE ezuser SET password_hash='$hash', password_hash_type='$hashType' WHERE contentobject_id='$userID'" );
00778 }
00779 break;
00780 }
00781 }
00782 }
00783 include_once( "kernel/classes/ezaudit.php" );
00784 if ( $exists and $isEnabled and $canLogin )
00785 {
00786 $oldUserID = $contentObjectID = $http->sessionVariable( "eZUserLoggedInID" );
00787 eZDebugSetting::writeDebug( 'kernel-user', $userRow, 'user row' );
00788 $user = new eZUser( $userRow );
00789 eZDebugSetting::writeDebug( 'kernel-user', $user, 'user' );
00790 $userID = $user->attribute( 'contentobject_id' );
00791
00792
00793 eZAudit::writeAudit( 'user-login', array( 'User id' => $userID, 'User login' => $user->attribute( 'login' ) ) );
00794
00795 eZUser::updateLastVisit( $userID );
00796 eZUser::setCurrentlyLoggedInUser( $user, $userID );
00797
00798
00799 eZUser::setFailedLoginAttempts( $userID, 0 );
00800
00801 return $user;
00802 }
00803 else
00804 {
00805
00806 $userIDAudit = isset( $userID ) ? $userID : 'null';
00807 eZAudit::writeAudit( 'user-failed-login', array( 'User id' => $userIDAudit, 'User login' => $loginEscaped,
00808 'Comment' => 'Failed login attempt: eZUser::loginUser()' ) );
00809
00810
00811 if ( isset( $userID ) )
00812 eZUser::setFailedLoginAttempts( $userID );
00813
00814 $user = false;
00815 return $user;
00816 }
00817 }
00818
00819
00820
00821
00822
00823 function isUserIPInList( $ipList )
00824 {
00825 $ipAddress = eZSys::serverVariable( 'REMOTE_ADDR', true );
00826 if ( $ipAddress )
00827 {
00828 $result = false;
00829 foreach( $ipList as $itemToMatch )
00830 {
00831 if ( preg_match("/^(([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+))(\/([0-9]+)$|$)/", $itemToMatch, $matches ) )
00832 {
00833 if ( $matches[6] )
00834 {
00835 if ( eZDebug::isIPInNet( $ipAddress, $matches[1], $matches[7] ) )
00836 {
00837 $result = true;
00838 break;
00839 }
00840 }
00841 else
00842 {
00843 if ( $matches[1] == $ipAddress )
00844 {
00845 $result = true;
00846 break;
00847 }
00848 }
00849 }
00850 }
00851 }
00852 else
00853 {
00854 $result = (
00855 in_array( 'commandline', $ipList ) &&
00856 ( php_sapi_name() == 'cli' )
00857 );
00858 }
00859 return $result;
00860 }
00861
00862
00863
00864
00865
00866 function isTrusted()
00867 {
00868 $ini =& eZINI::instance();
00869
00870
00871 $trustedIPs = $ini->hasVariable( 'UserSettings', 'TrustedIPList' ) ? $ini->variable( 'UserSettings', 'TrustedIPList' ) : array();
00872
00873
00874 $trustedUser = eZUser::isUserIPInList( $trustedIPs );
00875 if ( $trustedUser )
00876 return true;
00877
00878 return false;
00879 }
00880
00881
00882
00883
00884
00885 function maxNumberOfFailedLogin()
00886 {
00887 $ini =& eZINI::instance();
00888
00889 $maxNumberOfFailedLogin = $ini->hasVariable( 'UserSettings', 'MaxNumberOfFailedLogin' ) ? $ini->variable( 'UserSettings', 'MaxNumberOfFailedLogin' ) : '0';
00890 return $maxNumberOfFailedLogin;
00891 }
00892
00893
00894
00895
00896
00897
00898
00899
00900 function isEnabledAfterFailedLogin( $userID, $ignoreTrusted = false )
00901 {
00902 if ( !is_numeric( $userID ) )
00903 return true;
00904
00905 $userObject = eZUser::fetch( $userID );
00906 if ( !$userObject )
00907 return true;
00908
00909 $trustedUser = eZUser::isTrusted();
00910
00911 if ( $trustedUser and !$ignoreTrusted )
00912 return true;
00913
00914 $maxNumberOfFailedLogin = eZUser::maxNumberOfFailedLogin();
00915
00916 if ( $maxNumberOfFailedLogin == '0' )
00917 return true;
00918
00919 $failedLoginAttempts = $userObject->failedLoginAttempts();
00920 if ( $failedLoginAttempts > $maxNumberOfFailedLogin )
00921 return false;
00922
00923 return true;
00924 }
00925
00926
00927
00928
00929
00930
00931
00932
00933
00934 function setCurrentlyLoggedInUser( &$user, $userID )
00935 {
00936 $http =& eZHTTPTool::instance();
00937
00938 $GLOBALS["eZUserGlobalInstance_$userID"] =& $user;
00939
00940
00941 $GLOBALS["eZUserGlobalInstance_"] =& $user;
00942 $http->setSessionVariable( 'eZUserLoggedInID', $userID );
00943 eZSessionRegenerate();
00944 $user->cleanup();
00945 eZSessionSetUserID( $userID );
00946 }
00947
00948
00949
00950
00951
00952 function sessionCleanup()
00953 {
00954 }
00955
00956
00957
00958
00959
00960
00961
00962
00963 function cleanup()
00964 {
00965 $http =& eZHTTPTool::instance();
00966 $http->setSessionVariable( 'eZUserGroupsCache_Timestamp', false );
00967 $http->removeSessionVariable( 'eZUserGroupsCache' );
00968
00969 $http->removeSessionVariable( 'eZUserInfoCache' );
00970
00971 $http->removeSessionVariable( 'AccessArray' );
00972 $http->removeSessionVariable( 'CanInstantiateClassesCachedForUser' );
00973 $http->removeSessionVariable( 'CanInstantiateClassList' );
00974 $http->removeSessionVariable( 'ClassesCachedForUser' );
00975 $http->removeSessionVariable( 'eZRoleIDList' );
00976 $http->setSessionVariable( 'eZRoleIDList_Timestamp', 0 );
00977 $http->removeSessionVariable( 'eZRoleLimitationValueList' );
00978 $http->setSessionVariable( 'eZRoleLimitationValueList_Timestamp', 0 );
00979
00980
00981
00982 include_once( 'kernel/classes/ezpreferences.php' );
00983 eZPreferences::sessionCleanup();
00984 }
00985
00986
00987
00988
00989 function loginCurrent()
00990 {
00991 $this->setCurrentlyLoggedInUser( $this, $this->ContentObjectID );
00992 }
00993
00994
00995
00996
00997
00998 function logoutCurrent()
00999 {
01000 $http =& eZHTTPTool::instance();
01001 $id = false;
01002 $GLOBALS["eZUserGlobalInstance_$id"] = false;
01003 $contentObjectID = $http->sessionVariable( "eZUserLoggedInID" );
01004 $newUserID = EZ_USER_ANONYMOUS_ID;
01005 $http->setSessionVariable( 'eZUserLoggedInID', $newUserID );
01006 eZSessionSetUserID( $newUserID );
01007
01008 $db =& eZDB::instance();
01009 $db->begin();
01010 include_once( 'kernel/classes/ezbasket.php' );
01011 eZBasket::cleanupCurrentBasket();
01012 $db->commit();
01013
01014 if ( $contentObjectID )
01015 eZUser::cleanup();
01016 }
01017
01018
01019
01020
01021
01022
01023
01024
01025
01026 function &instance( $id = false )
01027 {
01028 $currentUser =& $GLOBALS["eZUserGlobalInstance_$id"];
01029 if ( get_class( $currentUser ) == 'ezuser' )
01030 {
01031 return $currentUser;
01032 }
01033
01034 $http =& eZHTTPTool::instance();
01035
01036 if ( $id === false )
01037 {
01038 $id = $http->sessionVariable( 'eZUserLoggedInID' );
01039
01040 if ( !is_numeric( $id ) )
01041 {
01042 $id = EZ_USER_ANONYMOUS_ID;
01043 $http->setSessionVariable( 'eZUserLoggedInID', $id );
01044 eZSessionSetUserID( $id );
01045 }
01046 }
01047
01048 $fetchFromDB = true;
01049
01050
01051 include_once( 'lib/ezutils/classes/ezexpiryhandler.php' );
01052 $handler =& eZExpiryHandler::instance();
01053 $expiredTimeStamp = 0;
01054 if ( $handler->hasTimestamp( 'user-info-cache' ) )
01055 $expiredTimeStamp = $handler->timestamp( 'user-info-cache' );
01056
01057 $userArrayTimestamp =& $http->sessionVariable( 'eZUserInfoCache_Timestamp' );
01058
01059 if ( $userArrayTimestamp > $expiredTimeStamp )
01060 {
01061 $userInfo = array();
01062 if ( $http->hasSessionVariable( 'eZUserInfoCache' ) )
01063 $userInfo =& $http->sessionVariable( 'eZUserInfoCache' );
01064
01065 if ( isset( $userInfo[$id] ) )
01066 {
01067 $userArray =& $userInfo[$id];
01068
01069 if ( is_numeric( $userArray['contentobject_id'] ) )
01070 {
01071 $currentUser = new eZUser( $userArray );
01072 $fetchFromDB = false;
01073 }
01074 }
01075 }
01076
01077 if ( $fetchFromDB == true )
01078 {
01079 $currentUser = eZUser::fetch( $id );
01080
01081 if ( $currentUser )
01082 {
01083 $userInfo = array();
01084 $userInfo[$id] = array( 'contentobject_id' => $currentUser->attribute( 'contentobject_id' ),
01085 'login' => $currentUser->attribute( 'login' ),
01086 'email' => $currentUser->attribute( 'email' ),
01087 'password_hash' => $currentUser->attribute( 'password_hash' ),
01088 'password_hash_type' => $currentUser->attribute( 'password_hash_type' )
01089 );
01090 $http->setSessionVariable( 'eZUserInfoCache', $userInfo );
01091 $http->setSessionVariable( 'eZUserInfoCache_Timestamp', mktime() );
01092 }
01093 }
01094
01095 $ini =& eZINI::instance();
01096
01097
01098 if ( is_object( $currentUser ) and !$currentUser->isLoggedIn() )
01099 {
01100 $ssoHandlerArray = $ini->variable( 'UserSettings', 'SingleSignOnHandlerArray' );
01101 if ( count( $ssoHandlerArray ) > 0 )
01102 {
01103 $ssoUser = false;
01104 foreach ( $ssoHandlerArray as $ssoHandler )
01105 {
01106
01107 $handlerFile = 'kernel/classes/ssohandlers/ez' . strtolower( $ssoHandler ) . 'ssohandler.php';
01108 if ( file_exists( $handlerFile ) )
01109 {
01110 include_once( $handlerFile );
01111 $className = 'eZ' . $ssoHandler . 'SSOHandler';
01112 $impl = new $className();
01113 $ssoUser = $impl->handleSSOLogin();
01114 }
01115 else
01116 {
01117 include_once( 'lib/ezutils/classes/ezextension.php' );
01118 $ini =& eZINI::instance();
01119 $extensionDirectories = $ini->variable( 'UserSettings', 'ExtensionDirectory' );
01120 $directoryList = eZExtension::expandedPathList( $extensionDirectories, 'sso_handler' );
01121 foreach( $directoryList as $directory )
01122 {
01123 $handlerFile = $directory . '/ez' . strtolower( $ssoHandler ) . 'ssohandler.php';
01124 if ( file_exists( $handlerFile ) )
01125 {
01126 include_once( $handlerFile );
01127 $className = 'eZ' . $ssoHandler . 'SSOHandler';
01128 $impl = new $className();
01129 $ssoUser = $impl->handleSSOLogin();
01130 }
01131 }
01132 }
01133 }
01134
01135 if ( $ssoUser !== false )
01136 {
01137 $currentUser = $ssoUser;
01138
01139 $userInfo = array();
01140 $userInfo[$id] = array( 'contentobject_id' => $currentUser->attribute( 'contentobject_id' ),
01141 'login' => $currentUser->attribute( 'login' ),
01142 'email' => $currentUser->attribute( 'email' ),
01143 'password_hash' => $currentUser->attribute( 'password_hash' ),
01144 'password_hash_type' => $currentUser->attribute( 'password_hash_type' )
01145 );
01146 $http->setSessionVariable( 'eZUserInfoCache', $userInfo );
01147 $http->setSessionVariable( 'eZUserInfoCache_Timestamp', mktime() );
01148 $http->setSessionVariable( 'eZUserLoggedInID', $id );
01149 eZSessionSetUserID( $currentUser->attribute( 'contentobject_id' ) );
01150
01151 eZUser::updateLastVisit( $currentUser->attribute( 'contentobject_id' ) );
01152 eZUser::setCurrentlyLoggedInUser( $currentUser, $currentUser->attribute( 'contentobject_id' ) );
01153 eZHTTPTool::redirect( eZSys::wwwDir() . eZSys::indexFile( false ) . eZSys::requestURI(), array(), 201 );
01154
01155 }
01156 }
01157 }
01158
01159 $anonymousUserID = $ini->variable( 'UserSettings', 'AnonymousUserID' );
01160 if ( $id <> $anonymousUserID )
01161 {
01162 $sessionInactivityTimeout = $ini->variable( 'Session', 'ActivityTimeout' );
01163 if ( !isset( $GLOBALS['eZSessionIdleTime'] ) )
01164 {
01165 eZUser::updateLastVisit( $id );
01166 }
01167 else
01168 {
01169 $sessionIdle = $GLOBALS['eZSessionIdleTime'];
01170 if ( $sessionIdle > $sessionInactivityTimeout )
01171 {
01172 eZUser::updateLastVisit( $id );
01173 }
01174 }
01175 }
01176
01177 if ( !$currentUser )
01178 {
01179 $currentUser = eZUser::fetch( EZ_USER_ANONYMOUS_ID );
01180 eZDebug::writeWarning( 'User not found, returning anonymous' );
01181 }
01182
01183 if ( !$currentUser )
01184 {
01185 $currentUser = new eZUser( array( 'id' => -1, 'login' => 'NoUser' ) );
01186
01187 eZDebug::writeWarning( 'Anonymous user not found, returning NoUser' );
01188 }
01189
01190 return $currentUser;
01191 }
01192
01193
01194
01195
01196 function updateLastVisit( $userID )
01197 {
01198 if ( isset( $GLOBALS['eZUserUpdatedLastVisit'] ) )
01199 return;
01200 $db =& eZDB::instance();
01201 $userID = (int) $userID;
01202 $userVisitArray = $db->arrayQuery( "SELECT 1 FROM ezuservisit WHERE user_id=$userID" );
01203 $time = time();
01204
01205 if ( count( $userVisitArray ) == 1 )
01206 {
01207 $db->query( "UPDATE ezuservisit SET last_visit_timestamp=current_visit_timestamp, current_visit_timestamp=$time WHERE user_id=$userID" );
01208 }
01209 else
01210 {
01211 $db->query( "INSERT INTO ezuservisit ( current_visit_timestamp, last_visit_timestamp, user_id ) VALUES ( $time, $time, $userID )" );
01212 }
01213 $GLOBALS['eZUserUpdatedLastVisit'] = true;
01214 }
01215
01216
01217
01218
01219 function &lastVisit()
01220 {
01221 $db =& eZDB::instance();
01222
01223 $userVisitArray = $db->arrayQuery( "SELECT last_visit_timestamp FROM ezuservisit WHERE user_id=$this->ContentObjectID" );
01224 if ( count( $userVisitArray ) == 1 )
01225 {
01226 return $userVisitArray[0]['last_visit_timestamp'];
01227 }
01228 else
01229 {
01230 $retValue = time();
01231 return $retValue;
01232 }
01233 }
01234
01235
01236
01237
01238
01239
01240 function setFailedLoginAttempts( $userID, $value = false, $setByForce = false )
01241 {
01242 $trustedUser = eZUser::isTrusted();
01243
01244 if ( $trustedUser and !$setByForce )
01245 return true;
01246
01247 $maxNumberOfFailedLogin = eZUser::maxNumberOfFailedLogin();
01248
01249 if ( $maxNumberOfFailedLogin == '0' and !$setByForce )
01250 return true;
01251
01252 $userID = (int) $userID;
01253 $userObject = eZUser::fetch( $userID );
01254 if ( !$userObject )
01255 return true;
01256
01257 $isEnabled = $userObject->isEnabled();
01258
01259 if ( !$isEnabled and !$setByForce )
01260 return true;
01261
01262 $db =& eZDB::instance();
01263 $db->begin();
01264
01265 $userVisitArray = $db->arrayQuery( "SELECT 1 FROM ezuservisit WHERE user_id=$userID" );
01266
01267 if ( count( $userVisitArray ) == 1 )
01268 {
01269 if ( $value === false )
01270 {
01271 $failedLoginAttempts = $userObject->failedLoginAttempts();
01272 $failedLoginAttempts += 1;
01273 }
01274 else
01275 $failedLoginAttempts = (int) $value;
01276
01277 $db->query( "UPDATE ezuservisit SET failed_login_attempts=$failedLoginAttempts WHERE user_id=$userID" );
01278 }
01279 else
01280 {
01281 if ( $value === false )
01282 {
01283 $failedLoginAttempts = 1;
01284 }
01285 else
01286 $failedLoginAttempts = (int) $value;
01287
01288 $db->query( "INSERT INTO ezuservisit ( failed_login_attempts, user_id ) VALUES ( $failedLoginAttempts, $userID )" );
01289 }
01290 $db->commit();
01291
01292 include_once( 'kernel/classes/ezcontentcachemanager.php' );
01293 eZContentCacheManager::clearContentCacheIfNeeded( $userID );
01294 eZContentCacheManager::generateObjectViewCache( $userID );
01295 }
01296
01297
01298
01299
01300 function failedLoginAttempts( $userID = false )
01301 {
01302 $db =& eZDB::instance();
01303
01304 if ( $userID === false )
01305 {
01306 $contentObjectID = $this->attribute( 'contentobject_id' );
01307 }
01308 else
01309 {
01310 $contentObjectID = (int) $userID;
01311 }
01312
01313 $userVisitArray = $db->arrayQuery( "SELECT failed_login_attempts FROM ezuservisit WHERE user_id=$contentObjectID" );
01314 if ( count( $userVisitArray ) == 1 )
01315 {
01316 return $userVisitArray[0]['failed_login_attempts'];
01317 }
01318 else
01319 {
01320 $retValue = 0;
01321 return $retValue;
01322 }
01323 }
01324
01325
01326
01327
01328 function &isLocked()
01329 {
01330 $userID = $this->attribute( 'contentobject_id' );
01331 $isNotLocked = eZUser::isEnabledAfterFailedLogin( $userID, true );
01332 $retValue = !$isNotLocked ? true : false;
01333 return $retValue;
01334 }
01335
01336
01337
01338
01339 function &isEnabled()
01340 {
01341 if ( $this == eZUser::currentUser() )
01342 {
01343 $retValue = true;
01344 return $retValue;
01345 }
01346
01347 include_once( "kernel/classes/datatypes/ezuser/ezusersetting.php" );
01348 $setting = eZUserSetting::fetch( $this->attribute( 'contentobject_id' ) );
01349 if ( $setting and !$setting->attribute( 'is_enabled' ) )
01350 $retValue = false;
01351 else
01352 $retValue = true;
01353 return $retValue;
01354 }
01355
01356
01357
01358
01359 function isAnonymous()
01360 {
01361 if ( $this->attribute( 'contentobject_id' ) != EZ_USER_ANONYMOUS_ID )
01362 {
01363 return false;
01364 }
01365 return true;
01366 }
01367
01368
01369
01370
01371
01372 function ¤tUser()
01373 {
01374 $user =& eZUser::instance();
01375 return $user;
01376 }
01377
01378
01379
01380
01381
01382 function currentUserID()
01383 {
01384 $user =& eZUser::instance();
01385 if ( !$user )
01386 return 0;
01387 return $user->attribute( 'contentobject_id' );
01388 }
01389
01390
01391
01392
01393
01394
01395 function authenticateHash( $user, $password, $site, $type, $hash )
01396 {
01397 return eZUser::createHash( $user, $password, $site, $type ) == $hash;
01398 }
01399
01400
01401
01402
01403
01404 function passwordCharacterTable()
01405 {
01406 $table =& $GLOBALS['eZUserPasswordCharacterTable'];
01407 if ( isset( $table ) )
01408 return $table;
01409 $table = array_merge( range( 'a', 'z' ), range( 'A', 'Z' ), range( 0, 9 ) );
01410
01411 $ini =& eZINI::instance();
01412 if ( $ini->variable( 'UserSettings', 'UseSpecialCharacters' ) == 'true' )
01413 {
01414 $specialCharacters = '!#%&{[]}+?;:*';
01415 $table = array_merge( $table, preg_split( '//', $specialCharacters, -1, PREG_SPLIT_NO_EMPTY ) );
01416 }
01417
01418 $table = array_diff( $table, array( 'I', 'l', 'o', 'O', '0' ) );
01419 $tableTmp = $table;
01420 $table = array();
01421 foreach ( $tableTmp as $item )
01422 {
01423 $table[] = $item;
01424 }
01425 return $table;
01426 }
01427
01428
01429
01430
01431
01432
01433
01434
01435 function isUserObject( $contentObject )
01436 {
01437 if ( !$contentObject )
01438 {
01439 return false;
01440 }
01441
01442 eZDataType::loadAndRegisterType( 'ezuser' );
01443
01444 $contentClass = $contentObject->attribute( 'content_class' );
01445 $classAttributeList = $contentClass->fetchAttributes();
01446 foreach( $classAttributeList as $classAttribute )
01447 {
01448 if ( $classAttribute->attribute( 'data_type_string' ) == EZ_DATATYPESTRING_USER )
01449 return true;
01450 }
01451
01452 return false;
01453 }
01454
01455
01456
01457
01458
01459
01460
01461
01462
01463 function createPassword( $passwordLength, $seed = false )
01464 {
01465 $chars = 0;
01466 $password = '';
01467 if ( $passwordLength < 1 )
01468 $passwordLength = 1;
01469 $decimal = 0;
01470 while ( $chars < $passwordLength )
01471 {
01472 if ( $seed == false )
01473 $seed = mktime() . ":" . mt_rand();
01474 $text = md5( $seed );
01475 $characterTable = eZUser::passwordCharacterTable();
01476 $tableCount = count( $characterTable );
01477 for ( $i = 0; ( $chars < $passwordLength ) and $i < 32; ++$chars, $i += 2 )
01478 {
01479 $decimal += hexdec( substr( $text, $i, 2 ) );
01480 $index = ( $decimal % $tableCount );
01481 $character = $characterTable[$index];
01482 $password .= $character;
01483 }
01484 $seed = false;
01485 }
01486 return $password;
01487 }
01488
01489
01490
01491
01492
01493 function createHash( $user, $password, $site, $type )
01494 {
01495 $str = '';
01496
01497 if( $type == EZ_USER_PASSWORD_HASH_MD5_USER )
01498 {
01499 $str = md5( "$user\n$password" );
01500 }
01501 else if ( $type == EZ_USER_PASSWORD_HASH_MD5_SITE )
01502 {
01503 $str = md5( "$user\n$password\n$site" );
01504 }
01505 else if ( $type == EZ_USER_PASSWORD_HASH_MYSQL )
01506 {
01507 $db =& eZDB::instance();
01508 $hash = $db->escapeString( $password );
01509
01510 $str = $db->arrayQuery( "SELECT PASSWORD( '$hash' )" );
01511 $hashes = array_values( $str[0] );
01512 $str = $hashes[0];
01513 }
01514 else if ( $type == EZ_USER_PASSWORD_HASH_PLAINTEXT )
01515 {
01516 $str = $password;
01517 }
01518 else
01519 {
01520 $str = md5( $password );
01521 }
01522 eZDebugSetting::writeDebug( 'kernel-user', $str, "ezuser($type)" );
01523 return $str;
01524 }
01525
01526
01527
01528
01529
01530
01531
01532
01533
01534
01535
01536
01537
01538
01539 function hasAccessTo( $module, $function = false )
01540 {
01541 $accessArray =& $this->accessArray();
01542
01543 $functionArray = array();
01544 if ( isset( $accessArray['*']['*'] ) )
01545 {
01546 $functionArray = $accessArray['*']['*'];
01547 }
01548 if ( isset( $accessArray[$module] ) )
01549 {
01550 if ( isset( $accessArray[$module]['*'] ) )
01551 {
01552 $functionArray = array_merge_recursive( $functionArray, $accessArray[$module]['*'] );
01553 }
01554 if ( $function and isset( $accessArray[$module][$function] ) and $function != '*' )
01555 {
01556 $functionArray = array_merge_recursive( $functionArray, $accessArray[$module][$function] );
01557 }
01558 }
01559
01560 if ( !$functionArray )
01561 {
01562 return array( 'accessWord' => 'no',
01563 'accessList' => array( 'FunctionRequired' => array ( 'Module' => $module,
01564 'Function' => $function,
01565 'ClassID' => '',
01566 'MainNodeID' => '' ),
01567 'PolicyList' => array() )
01568 );
01569 }
01570
01571 if ( isset( $functionArray['*'] ) &&
01572 ( $functionArray['*'] == '*' || in_array( '*', $functionArray['*'] ) ) )
01573 {
01574 return array( 'accessWord' => 'yes' );
01575 }
01576
01577 return array( 'accessWord' => 'limited', 'policies' => $functionArray );
01578 }
01579
01580
01581
01582
01583
01584 function &accessArray()
01585 {
01586 if ( !isset( $this->AccessArray ) )
01587 {
01588 $ini =& eZINI::instance();
01589 $isRoleCachingEnabled = ( $ini->variable( 'RoleSettings', 'EnableCaching' ) == 'true' );
01590
01591 $userID = $this->attribute( 'contentobject_id' );
01592 $currentUserID = eZUser::currentUserID();
01593
01594 $accessArray = false;
01595
01596 if ( $isRoleCachingEnabled )
01597 {
01598 if ( $userID == $currentUserID )
01599 {
01600 $http =& eZHTTPTool::instance();
01601 if ( $http->hasSessionVariable( 'AccessArray' ) and
01602 $http->hasSessionVariable( 'AccessArrayTimestamp' ) )
01603 {
01604 $expiredTimestamp = $this->userInfoExpiry();
01605 $userAccessTimestamp = $http->sessionVariable( 'AccessArrayTimestamp' );
01606 if ( $userAccessTimestamp > $expiredTimestamp )
01607 {
01608 $accessArray = $http->sessionVariable( 'AccessArray' );
01609 }
01610 }
01611 }
01612
01613 if ( !$accessArray )
01614 {
01615 $cacheFilePath = eZUser::getCacheFilename( $userID );
01616 if ( $cacheFilePath )
01617 {
01618 require_once( 'kernel/classes/ezclusterfilehandler.php' );
01619 $cacheFile = eZClusterFileHandler::instance( $cacheFilePath );
01620
01621 $expiredTimestamp = $this->userInfoExpiry();
01622 if ( $cacheFile->exists() && $cacheFile->mtime() > $expiredTimestamp )
01623 {
01624 $fetchedFilePath = $cacheFile->fetchUnique();
01625 $accessArray = include( $fetchedFilePath );
01626 $cacheFile->fileDeleteLocal( $fetchedFilePath );
01627 }
01628 else
01629 {
01630 $accessArray = $this->generateAccessArray();
01631 $fileContents = "<?php\nreturn ". var_export( $accessArray, true ) . ";\n?>\n";
01632 $cacheFile->storeContents( $fileContents, 'user-info-cache', 'php' );
01633 }
01634
01635 if ( $userID == $currentUserID )
01636 {
01637
01638
01639 $http->setSessionVariable( 'AccessArray', $accessArray );
01640 $http->setSessionVariable( 'AccessArrayTimestamp', mktime() );
01641 }
01642 }
01643 else
01644 {
01645
01646
01647 $accessArray = $this->generateAccessArray();
01648 }
01649 }
01650 }
01651 else
01652 {
01653
01654 $accessArray = $this->generateAccessArray();
01655 }
01656
01657 $this->AccessArray =& $accessArray;
01658 }
01659
01660 return $this->AccessArray;
01661 }
01662
01663
01664
01665
01666
01667 function generateAccessArray()
01668 {
01669 include_once( 'kernel/classes/ezrole.php' );
01670 $idList = $this->groups();
01671 $idList[] = $this->attribute( 'contentobject_id' );
01672
01673 return eZRole::accessArrayByUserID( $idList );
01674 }
01675
01676
01677
01678
01679 function userInfoExpiry()
01680 {
01681
01682 include_once( 'lib/ezutils/classes/ezexpiryhandler.php' );
01683 $handler =& eZExpiryHandler::instance();
01684 if ( $handler->hasTimestamp( 'user-access-cache' ) )
01685 {
01686 $expiredTimestamp = $handler->timestamp( 'user-access-cache' );
01687 }
01688 else
01689 {
01690 $expiredTimestamp = mktime();
01691 $handler->setTimestamp( 'user-access-cache', $expiredTimestamp );
01692 }
01693
01694 return $expiredTimestamp;
01695 }
01696
01697
01698
01699
01700
01701
01702 function hasAccessToView( $module, $viewName, &$params )
01703 {
01704 $accessAllowed = false;
01705 $views = $module->attribute( 'views' );
01706 if ( isset( $views[$viewName] ) )
01707 {
01708 $view = $views[$viewName];
01709 if ( isset( $view['functions'] ) && !empty( $view['functions'] ) )
01710 {
01711 if ( is_array( $view['functions'] ) )
01712 {
01713 $funcExpression = false;
01714 $accessAllowed = true;
01715 foreach ( $view['functions'] as $function )
01716 {
01717 if ( empty( $function ) )
01718 {
01719 $funcExpression = false;
01720 $accessAllowed = false;
01721 break;
01722 }
01723 else if ( is_string( $function ) )
01724 {
01725 if ( $funcExpression )
01726 {
01727 $funcExpression .= ' and ';
01728 }
01729 $funcExpression .= '( ' . $function . ' )';
01730 }
01731 }
01732 }
01733 else if ( is_string( $view['functions'] ) )
01734 {
01735 $funcExpression = $view['functions'];
01736 }
01737 else
01738 {
01739 $funcExpression = false;
01740 $accessAllowed = true;
01741 }
01742
01743 if ( $funcExpression )
01744 {
01745
01746
01747 $pS = '/(?<=\b)';
01748 $pE = '(?=\b)/';
01749
01750 $moduleName = $module->attribute( 'name' );
01751 $availableFunctions = $module->attribute( 'available_functions' );
01752 if ( is_array( $availableFunctions ) and
01753 count( $availableFunctions ) > 0 )
01754 {
01755 $pattern = $pS . '(' . implode( '|', array_keys( $availableFunctions ) ) . ')' . $pE;
01756 $matches = array();
01757 if ( preg_match_all( $pattern, ' ' . $funcExpression . ' ', $matches ) > 0 )
01758 {
01759 $patterns = array();
01760 $replacements = array();
01761 $matches = array_unique( $matches[1] );
01762 foreach ( $matches as $match )
01763 {
01764 if ( !isset( $replacements[$match] ) )
01765 {
01766 $accessResult = $this->hasAccessTo( $moduleName, $match );
01767 if ( $accessResult['accessWord'] == 'no' )
01768 {
01769 $replacements[$match] = 'false';
01770 $params['accessList'] = $accessResult['accessList'];
01771 }
01772 else
01773 {
01774 $replacements[$match] = 'true';
01775 if ( $accessResult['accessWord'] == 'limited' )
01776 {
01777 $params['Limitation'] = $accessResult['policies'];
01778 $GLOBALS['ezpolicylimitation_list'][$this->ContentObjectID][$moduleName][$match] = $params['Limitation'];
01779 }
01780 }
01781 $patterns[$match] = $pS . $match . $pE;
01782 }
01783 }
01784 $funcExpression = preg_replace( $patterns, $replacements, ' ' . $funcExpression . ' ' );
01785 }
01786 }
01787 $funcExpressionForEval = $funcExpression;
01788
01789
01790 $words = array();
01791 $words[] = $pS . 'and' . $pE;
01792 $words[] = $pS . 'or' . $pE;
01793 $words[] = $pS . 'true' . $pE;
01794 $words[] = $pS . 'false' . $pE;
01795 $pS = '/(?<=[^&|])';
01796 $pE = '(?=[^&|])/';
01797 $words[] = $pS . '\|\|' . $pE;
01798 $words[] = $pS . '&&' . $pE;
01799 $words[] = '/[\(\)]/';
01800
01801 $replacement = '';
01802 $funcExpression = preg_replace( $words, $replacement, ' ' . $funcExpression . ' ' );
01803
01804 $funcExpression = trim( $funcExpression );
01805
01806 if ( empty( $funcExpression ) )
01807 {
01808
01809 ob_start();
01810 $ret = eval( "\$accessAllowed = ( bool ) ( $funcExpressionForEval );" );
01811 $buffer = ob_get_contents();
01812 ob_end_clean();
01813
01814
01815 if ( !empty( $buffer ) or $ret === false )
01816 {
01817 eZDebug::writeError( "There was an error while evaluating the policy functions value of the '$moduleName/$viewName' view. " .
01818 "Please check the '$moduleName/module.php' file." );
01819 $accessAllowed = false;
01820 }
01821 }
01822 else
01823 {
01824 eZDebug::writeError( "There is a mistake in the functions array data of the '$moduleName/$viewName' view. " .
01825 "Please check the '$moduleName/module.php' file." );
01826 $accessAllowed = false;
01827 }
01828 }
01829 }
01830 else
01831 {
01832 $moduleName = $module->attribute( 'name' );
01833 $accessResult = $this->hasAccessTo( $moduleName );
01834 if ( $accessResult['accessWord'] == 'no' )
01835 {
01836 $params['accessList'] = $accessResult['accessList'];
01837 $accessAllowed = false;
01838 }
01839 else
01840 {
01841 $accessAllowed = true;
01842 if ( $accessResult['accessWord'] == 'limited' )
01843 {
01844 $params['Limitation'] = $accessResult['policies'];
01845 $GLOBALS['ezpolicylimitation_list'][$this->ContentObjectID][$moduleName]['*'] = $params['Limitation'];
01846 }
01847 }
01848 }
01849 }
01850
01851 return $accessAllowed;
01852 }
01853
01854
01855
01856
01857 function &roles()
01858 {
01859 include_once( 'kernel/classes/ezrole.php' );
01860 $groups = $this->attribute( 'groups' );
01861 $groups[] = $this->attribute( 'contentobject_id' );
01862 $roles = eZRole::fetchByUser( $groups );
01863 return $roles;
01864 }
01865
01866
01867
01868
01869 function &roleIDList()
01870 {
01871 $http =& eZHTTPTool::instance();
01872
01873
01874 $useCache = ( $this->ContentObjectID == $http->sessionVariable( 'eZUserLoggedInID' ) );
01875
01876 if ( $useCache )
01877 {
01878 include_once( 'lib/ezutils/classes/ezexpiryhandler.php' );
01879 $handler =& eZExpiryHandler::instance();
01880 $expiredTimeStamp = 0;
01881 $roleIDListTimestamp =& $http->sessionVariable( 'eZRoleIDList_Timestamp' );
01882 if ( $handler->hasTimestamp( 'user-info-cache' ) )
01883 $expiredTimeStamp = $handler->timestamp( 'user-info-cache' );
01884
01885 if ( $roleIDListTimestamp > $expiredTimeStamp )
01886 {
01887 if ( $http->hasSessionVariable( 'eZRoleIDList' ) )
01888 {
01889 return $http->sessionVariable( 'eZRoleIDList' );
01890 }
01891 }
01892 }
01893
01894 include_once( 'kernel/classes/ezrole.php' );
01895 $groups = $this->attribute( 'groups' );
01896 $groups[] = $this->attribute( 'contentobject_id' );
01897 $roleList = eZRole::fetchIDListByUser( $groups );
01898
01899 if ( $useCache )
01900 {
01901 $http->setSessionVariable( 'eZRoleIDList', $roleList );
01902 $http->setSessionVariable( 'eZRoleIDList_Timestamp', mktime() );
01903 }
01904 return $roleList;
01905 }
01906
01907
01908
01909
01910 function limitList()
01911 {
01912 $groups = $this->groups( false );
01913 $groups[] = $this->attribute( 'contentobject_id' );
01914 $groups = implode( ', ', $groups );
01915
01916 $db =& eZDB::instance();
01917
01918 $limitationsArray = $db->arrayQuery( "SELECT DISTINCT limit_identifier, limit_value
01919 FROM ezuser_role
01920 WHERE contentobject_id IN ( $groups )" );
01921
01922 return $limitationsArray;
01923 }
01924
01925
01926
01927
01928 function &limitValueList()
01929 {
01930 $limitValueList = array();
01931
01932 $http =& eZHTTPTool::instance();
01933
01934
01935 $useCache = ( $this->ContentObjectID == $http->sessionVariable( 'eZUserLoggedInID' ) );
01936
01937 if ( $useCache )
01938 {
01939 include_once( 'lib/ezutils/classes/ezexpiryhandler.php' );
01940 $handler =& eZExpiryHandler::instance();
01941 $expiredTimeStamp = 0;
01942 $roleLimitationValueListTimeStamp =& $http->sessionVariable( 'eZRoleLimitationValueList_Timestamp' );
01943 if ( $handler->hasTimestamp( 'user-info-cache' ) )
01944 $expiredTimeStamp = $handler->timestamp( 'user-info-cache' );
01945
01946 if ( $roleLimitationValueListTimeStamp > $expiredTimeStamp && $http->hasSessionVariable( 'eZRoleLimitationValueList' ) )
01947 {
01948 return $http->sessionVariable( 'eZRoleLimitationValueList' );
01949 }
01950 }
01951
01952 $limitList = $this->limitList();
01953 foreach ( $limitList as $limit )
01954 $limitValueList[] = $limit['limit_value'];
01955
01956 if ( $useCache )
01957 {
01958 $http->setSessionVariable( 'eZRoleLimitationValueList', $limitValueList );
01959 $http->setSessionVariable( 'eZRoleLimitationValueList_Timestamp', mktime() );
01960 }
01961
01962 return $limitValueList;
01963 }
01964
01965 function &contentObject()
01966 {
01967 if ( isset( $this->ContentObjectID ) and $this->ContentObjectID )
01968 {
01969 include_once( 'kernel/classes/ezcontentobject.php' );
01970 $object =& eZContentObject::fetch( $this->ContentObjectID );
01971 }
01972 else
01973 $object = null;
01974 return $object;
01975 }
01976
01977
01978
01979
01980
01981 function &isLoggedIn()
01982 {
01983 $return = true;
01984 if ( $this->ContentObjectID == EZ_USER_ANONYMOUS_ID or
01985 $this->ContentObjectID == -1 )
01986 {
01987 $return = false;
01988 }
01989 return $return;
01990 }
01991
01992
01993
01994
01995 function &groups( $asObject = false, $userID = false )
01996 {
01997 $db =& eZDB::instance();
01998 $http =& eZHTTPTool::instance();
01999
02000 if ( $asObject == true )
02001 {
02002 $this->Groups = array();
02003 if ( !isset( $this->GroupsAsObjects ) )
02004 {
02005 include_once( 'kernel/classes/ezcontentobject.php' );
02006
02007 if ( $userID )
02008 {
02009 $contentobjectID = (int) $userID;
02010 }
02011 else
02012 {
02013 $contentobjectID = $this->attribute( 'contentobject_id' );
02014 }
02015 $userGroups = $db->arrayQuery( "SELECT d.*, c.path_string
02016 FROM ezcontentobject_tree b,
02017 ezcontentobject_tree c,
02018 ezcontentobject d
02019 WHERE b.contentobject_id='$contentobjectID' AND
02020 b.parent_node_id = c.node_id AND
02021 d.id = c.contentobject_id
02022 ORDER BY c.contentobject_id ");
02023 $userGroupArray = array();
02024 $pathArray = array();
02025 foreach ( $userGroups as $group )
02026 {
02027 $pathItems = explode( '/', $group["path_string"] );
02028 array_pop( $pathItems );
02029 array_pop( $pathItems );
02030 foreach ( $pathItems as $pathItem )
02031 {
02032 if ( $pathItem != '' && $pathItem > 1 )
02033 $pathArray[] = $pathItem;
02034 }
02035 $userGroupArray[] = new eZContentObject( $group );
02036 }
02037 $pathArray = array_unique( $pathArray );
02038
02039 if ( count( $pathArray ) != 0 )
02040 {
02041 $extraGroups = $db->arrayQuery( "SELECT d.*
02042 FROM ezcontentobject_tree c,
02043 ezcontentobject d
02044 WHERE c.node_id in ( " . implode( ', ', $pathArray ) . " ) AND
02045 d.id = c.contentobject_id
02046 ORDER BY c.contentobject_id ");
02047 foreach ( $extraGroups as $group )
02048 {
02049 $userGroupArray[] = new eZContentObject( $group );
02050 }
02051 }
02052
02053 $this->GroupsAsObjects =& $userGroupArray;
02054 }
02055 return $this->GroupsAsObjects;
02056 }
02057 else
02058 {
02059 if ( !isset( $this->Groups ) )
02060 {
02061
02062 $useCache = ( $this->ContentObjectID == $http->sessionVariable( 'eZUserLoggedInID' ) );
02063
02064 if ( $useCache )
02065 {
02066 $userGroupTimestamp =& $http->sessionVariable( 'eZUserGroupsCache_Timestamp' );
02067
02068 include_once( 'lib/ezutils/classes/ezexpiryhandler.php' );
02069 $handler =& eZExpiryHandler::instance();
02070 $expiredTimeStamp = 0;
02071 if ( $handler->hasTimestamp( 'user-info-cache' ) )
02072 $expiredTimeStamp = $handler->timestamp( 'user-info-cache' );
02073
02074 if ( $userGroupTimestamp > $expiredTimeStamp )
02075 {
02076 if ( $http->hasSessionVariable( 'eZUserGroupsCache' ) )
02077 {
02078 $this->Groups =& $http->sessionVariable( 'eZUserGroupsCache' );
02079 return $this->Groups;
02080 }
02081 }
02082 }
02083
02084 if ( $userID )
02085 {
02086 $contentobjectID = $userID;
02087 }
02088 else
02089 {
02090 $contentobjectID = $this->attribute( 'contentobject_id' );
02091 }
02092
02093 $userGroups = false;
02094
02095 $userGroups = $db->arrayQuery( "SELECT c.contentobject_id as id,c.path_string
02096 FROM ezcontentobject_tree b,
02097 ezcontentobject_tree c
02098 WHERE b.contentobject_id='$contentobjectID' AND
02099 b.parent_node_id = c.node_id
02100 ORDER BY c.contentobject_id ");
02101 $userGroupArray = array();
02102
02103 $pathArray = array();
02104 foreach ( $userGroups as $group )
02105 {
02106 $pathItems = explode( '/', $group["path_string"] );
02107 array_pop( $pathItems );
02108 array_pop( $pathItems );
02109 foreach ( $pathItems as $pathItem )
02110 {
02111 if ( $pathItem != '' && $pathItem > 1 )
02112 $pathArray[] = $pathItem;
02113 }
02114 $userGroupArray[] = $group['id'];
02115 }
02116
02117 if ( count( $pathArray ) > 0 )
02118 {
02119 $pathArray = array_unique ($pathArray);
02120 $extraGroups = $db->arrayQuery( "SELECT c.contentobject_id as id
02121 FROM ezcontentobject_tree c,
02122 ezcontentobject d
02123 WHERE c.node_id in ( " . implode( ', ', $pathArray ) . " ) AND
02124 d.id = c.contentobject_id
02125 ORDER BY c.contentobject_id ");
02126 foreach ( $extraGroups as $group )
02127 {
02128 $userGroupArray[] = $group['id'];
02129 }
02130 }
02131
02132 if ( $useCache )
02133 {
02134 $http->setSessionVariable( 'eZUserGroupsCache', $userGroupArray );
02135 $http->setSessionVariable( 'eZUserGroupsCache_Timestamp', mktime() );
02136 }
02137 $this->Groups =& $userGroupArray;
02138 }
02139 return $this->Groups;
02140 }
02141 }
02142
02143
02144
02145
02146
02147
02148
02149 function checkUser( &$siteBasics, &$uri )
02150 {
02151 $ini =& eZINI::instance();
02152 $http =& eZHTTPTool::instance();
02153 $check = array( "module" => "user",
02154 "function" => "login" );
02155 if ( $http->hasSessionVariable( "eZUserLoggedInID" ) and
02156 $http->sessionVariable( "eZUserLoggedInID" ) != '' and
02157 $http->sessionVariable( "eZUserLoggedInID" ) != $ini->variable( 'UserSettings', 'AnonymousUserID' ) )
02158 {
02159 include_once( "kernel/classes/datatypes/ezuser/ezuser.php" );
02160 $currentUser =& eZUser::currentUser();
02161 if ( !$currentUser->isEnabled() )
02162 {
02163 eZUser::logoutCurrent();
02164 $currentUser =& eZUser::currentUser();
02165 }
02166 else
02167 {
02168 return null;
02169 }
02170 }
02171
02172 $moduleName = $uri->element();
02173 $viewName = $uri->element( 1 );
02174 $anonymousAccessList = $ini->variable( "SiteAccessSettings", "AnonymousAccessList" );
02175 foreach ( $anonymousAccessList as $anonymousAccess )
02176 {
02177 $elements = explode( '/', $anonymousAccess );
02178 if ( count( $elements ) == 1 )
02179 {
02180 if ( $moduleName == $elements[0] )
02181 {
02182 return null;
02183 }
02184 }
02185 else
02186 {
02187 if ( $moduleName == $elements[0] and
02188 $viewName == $elements[1] )
02189 {
02190 return null;
02191 }
02192 }
02193 }
02194
02195 return $check;
02196 }
02197
02198
02199
02200
02201
02202
02203
02204 function preCollectUserInfo()
02205 {
02206 return array( 'module' => 'user', 'function' => 'login' );
02207 }
02208
02209
02210
02211
02212
02213
02214
02215
02216
02217
02218 function postCollectUserInfo()
02219 {
02220 return true;
02221 }
02222
02223
02224
02225
02226
02227
02228 function loginURI()
02229 {
02230 return false;
02231 }
02232
02233
02234
02235
02236
02237
02238 function forceLogin()
02239 {
02240 return false;
02241 }
02242
02243
02244
02245
02246
02247
02248
02249 function getCacheDir( $id = 0 )
02250 {
02251 $sys =& eZSys::instance();
02252 $dir = $sys->cacheDirectory() . '/user-info' . eZDir::createMultilevelPath( $id, 2 );
02253
02254 if ( !is_dir( $dir ) )
02255 {
02256 eZDir::mkdir( $dir, false, true );
02257
02258 }
02259 return $dir;
02260 }
02261
02262 function cleanupCache()
02263 {
02264 include_once( 'lib/ezutils/classes/ezexpiryhandler.php' );
02265 $handler =& eZExpiryHandler::instance();
02266 $handler->setTimestamp( 'user-access-cache', mktime() );
02267 $handler->setTimestamp( 'user-info-cache', mktime() );
02268 $handler->store();
02269 }
02270
02271
02272
02273
02274
02275
02276 function getCacheFilename( $id )
02277 {
02278 $ini =& eZINI::instance();
02279 $cacheUserPolicies = $ini->variable( 'RoleSettings', 'UserPolicyCache' );
02280 if ( $cacheUserPolicies == 'enabled' )
02281 {
02282
02283 return eZUser::getCacheDir( $id ). '/user-'. $id . '.cache.php';
02284 }
02285 else if ( $cacheUserPolicies != 'disabled' )
02286 {
02287 $cachableIDs = split( ',', $cacheUserPolicies );
02288 if ( in_array( $id, $cachableIDs ) )
02289 {
02290
02291 return eZUser::getCacheDir( $id ). '/user-'. $id . '.cache.php';
02292 }
02293 }
02294
02295 return false;
02296 }
02297
02298 function fetchUserClassList( $asObject = false, $fields = false )
02299 {
02300
02301 if ( !$asObject and
02302 is_array( $fields ) and
02303 count( $fields ) > 0 )
02304 {
02305 $fieldsFilter = '';
02306 $i = 0;
02307 foreach ( $fields as $fieldName )
02308 {
02309 if ( $i > 0 )
02310 $fieldsFilter .= ', ';
02311 $fieldsFilter .= 'ezcontentclass.' . $fieldName;
02312 $i++;
02313 }
02314 }
02315 else
02316 {
02317 $fieldsFilter = 'ezcontentclass.*';
02318 }
02319 $db =& eZDB::instance();
02320 $userClasses = $db->arrayQuery( "SELECT $fieldsFilter
02321 FROM ezcontentclass, ezcontentclass_attribute
02322 WHERE ezcontentclass.id = ezcontentclass_attribute.contentclass_id AND
02323 ezcontentclass.version = " . EZ_CLASS_VERSION_STATUS_DEFINED ." AND
02324 ezcontentclass_attribute.version = 0 AND
02325 ezcontentclass_attribute.data_type_string = 'ezuser'" );
02326
02327 return eZPersistentObject::handleRows( $userClasses, "eZContentClass", $asObject );
02328 }
02329
02330 function fetchUserClassNames()
02331 {
02332 $userClassNames = array();
02333 $userClasses = eZUser::fetchUserClassList( false, array( 'identifier' ) );
02334 foreach ( $userClasses as $class )
02335 {
02336 $userClassNames[] = $class[ 'identifier' ];
02337 }
02338 return $userClassNames;
02339 }
02340
02341 function fetchUserGroupClassNames()
02342 {
02343
02344 $userClassNames = array();
02345 $userClasses = eZUser::fetchUserClassList( false, array( 'identifier' ) );
02346 foreach ( $userClasses as $class )
02347 {
02348 $userClassNames[] = $class[ 'identifier' ];
02349 }
02350
02351
02352 $contentIni =& eZINI::instance( "content.ini" );
02353 $userGroupClassNames = array();
02354 if ( $contentIni->hasVariable( 'ClassGroupIDs', 'Users' ) and
02355 is_numeric( $usersClassGroupID = $contentIni->variable( 'ClassGroupIDs', 'Users' ) ) and
02356 count( $usersClassList = eZContentClassClassGroup::fetchClassList( EZ_CLASS_VERSION_STATUS_DEFINED, $usersClassGroupID ) ) > 0 )
02357 {
02358 foreach ( $usersClassList as $userClass )
02359 {
02360 $userGroupClassNames[] = $userClass->attribute( 'identifier' );
02361 }
02362 }
02363
02364
02365 $groupClassNames = array_diff( $userGroupClassNames, $userClassNames );
02366 return $groupClassNames;
02367 }
02368
02369
02370
02371
02372
02373
02374 function validatePassword( $password )
02375 {
02376 $ini =& eZINI::instance();
02377 $minPasswordLength = $ini->hasVariable( 'UserSettings', 'MinPasswordLength' ) ? $ini->variable( 'UserSettings', 'MinPasswordLength' ) : 3;
02378 if ( $password !== false and
02379 $password !== null and
02380 strlen( $password ) >= (int) $minPasswordLength )
02381 {
02382 return true;
02383 }
02384
02385 return false;
02386 }
02387
02388
02389 var $Login;
02390 var $Email;
02391 var $PasswordHash;
02392 var $PasswordHashType;
02393 var $Groups;
02394 var $OriginalPassword;
02395 var $OriginalPasswordConfirm;
02396 }
02397
02398 ?>
