diff options
| author | Greg Roach <fisharebest@gmail.com> | 2017-10-28 12:45:16 +0100 |
|---|---|---|
| committer | Greg Roach <fisharebest@gmail.com> | 2017-10-28 21:17:32 +0100 |
| commit | f7fb7d41913a5b884bc9f0e8ca9c25cb77fb079d (patch) | |
| tree | b5a319f967c88d6daf81deaa0b2ba75c8c42358f /app/User.php | |
| parent | 7b6f04df73c42e6edf564d4f1e96369f43cad576 (diff) | |
| download | webtrees-f7fb7d41913a5b884bc9f0e8ca9c25cb77fb079d.tar.gz webtrees-f7fb7d41913a5b884bc9f0e8ca9c25cb77fb079d.tar.bz2 webtrees-f7fb7d41913a5b884bc9f0e8ca9c25cb77fb079d.zip | |
Dashboard
Diffstat (limited to 'app/User.php')
| -rw-r--r-- | app/User.php | 297 |
1 files changed, 155 insertions, 142 deletions
diff --git a/app/User.php b/app/User.php index 81791a4272..0a4c953e03 100644 --- a/app/User.php +++ b/app/User.php @@ -40,6 +40,69 @@ class User { private static $cache = []; /** + * Create a new user object from a row in the database. + * + * @param stdclass $user A row from the wt_user table + */ + public function __construct(stdClass $user) { + $this->user_id = $user->user_id; + $this->user_name = $user->user_name; + $this->real_name = $user->real_name; + $this->email = $user->email; + } + + /** + * Create a new user. + * + * The calling code needs to check for duplicates identifiers before calling + * this function. + * + * @param string $user_name + * @param string $real_name + * @param string $email + * @param string $password + * + * @return User + */ + public static function create($user_name, $real_name, $email, $password) { + Database::prepare( + "INSERT INTO `##user` (user_name, real_name, email, password) VALUES (:user_name, :real_name, :email, :password)" + )->execute([ + 'user_name' => $user_name, + 'real_name' => $real_name, + 'email' => $email, + 'password' => password_hash($password, PASSWORD_DEFAULT), + ]); + + // Set default blocks for this user + $user = self::findByIdentifier($user_name); + Database::prepare( + "INSERT INTO `##block` (`user_id`, `location`, `block_order`, `module_name`)" . + " SELECT :user_id , `location`, `block_order`, `module_name` FROM `##block` WHERE `user_id` = -1" + )->execute(['user_id' => $user->getUserId()]); + + return $user; + } + + /** + * Delete a user + */ + public function delete() { + // Don't delete the logs. + Database::prepare("UPDATE `##log` SET user_id=NULL WHERE user_id =?")->execute([$this->user_id]); + // Take over the user’s pending changes. (What else could we do with them?) + Database::prepare("DELETE FROM `##change` WHERE user_id=? AND status='rejected'")->execute([$this->user_id]); + Database::prepare("UPDATE `##change` SET user_id=? WHERE user_id=?")->execute([Auth::id(), $this->user_id]); + Database::prepare("DELETE `##block_setting` FROM `##block_setting` JOIN `##block` USING (block_id) WHERE user_id=?")->execute([$this->user_id]); + Database::prepare("DELETE FROM `##block` WHERE user_id=?")->execute([$this->user_id]); + Database::prepare("DELETE FROM `##user_gedcom_setting` WHERE user_id=?")->execute([$this->user_id]); + Database::prepare("DELETE FROM `##gedcom_setting` WHERE setting_value=? AND setting_name IN ('CONTACT_USER_ID', 'WEBMASTER_USER_ID')")->execute([$this->user_id]); + Database::prepare("DELETE FROM `##user_setting` WHERE user_id=?")->execute([$this->user_id]); + Database::prepare("DELETE FROM `##message` WHERE user_id=?")->execute([$this->user_id]); + Database::prepare("DELETE FROM `##user` WHERE user_id=?")->execute([$this->user_id]); + } + + /** * Find the user with a specified user_id. * * @param int|null $user_id @@ -62,23 +125,6 @@ class User { } /** - * Find the user with a specified user_name. - * - * @param string $user_name - * - * @return User|null - */ - public static function findByUserName($user_name) { - $user_id = Database::prepare( - "SELECT SQL_CACHE user_id FROM `##user` WHERE user_name = :user_name" - )->execute([ - 'user_name' => $user_name, - ])->fetchOne(); - - return self::find($user_id); - } - - /** * Find the user with a specified email address. * * @param string $email @@ -117,7 +163,7 @@ class User { * * @return User|null */ - public static function findByGenealogyRecord(Individual $individual) { + public static function findByIndividual(Individual $individual) { $user_id = Database::prepare( "SELECT SQL_CACHE user_id" . " FROM `##user_gedcom_setting`" . @@ -131,6 +177,23 @@ class User { } /** + * Find the user with a specified user_name. + * + * @param string $user_name + * + * @return User|null + */ + public static function findByUserName($user_name) { + $user_id = Database::prepare( + "SELECT SQL_CACHE user_id FROM `##user` WHERE user_name = :user_name" + )->execute([ + 'user_name' => $user_name, + ])->fetchOne(); + + return self::find($user_id); + } + + /** * Find the latest user to register. * * @return User|null @@ -147,71 +210,19 @@ class User { } /** - * Create a new user. - * - * The calling code needs to check for duplicates identifiers before calling - * this function. - * - * @param string $user_name - * @param string $real_name - * @param string $email - * @param string $password - * - * @return User - */ - public static function create($user_name, $real_name, $email, $password) { - Database::prepare( - "INSERT INTO `##user` (user_name, real_name, email, password) VALUES (:user_name, :real_name, :email, :password)" - )->execute([ - 'user_name' => $user_name, - 'real_name' => $real_name, - 'email' => $email, - 'password' => password_hash($password, PASSWORD_DEFAULT), - ]); - - // Set default blocks for this user - $user = self::findByIdentifier($user_name); - Database::prepare( - "INSERT INTO `##block` (`user_id`, `location`, `block_order`, `module_name`)" . - " SELECT :user_id , `location`, `block_order`, `module_name` FROM `##block` WHERE `user_id` = -1" - )->execute(['user_id' => $user->getUserId()]); - - return $user; - } - - /** - * Get a count of all users. - * - * @return int - */ - public static function count() { - return (int) Database::prepare( - "SELECT SQL_CACHE COUNT(*)" . - " FROM `##user`" . - " WHERE user_id > 0" - )->fetchOne(); - } - - /** * Get a list of all users. * * @return User[] */ public static function all() { - $users = []; - $rows = Database::prepare( "SELECT SQL_CACHE user_id, user_name, real_name, email" . " FROM `##user`" . " WHERE user_id > 0" . - " ORDER BY user_name" + " ORDER BY real_name" )->fetchAll(); - foreach ($rows as $row) { - $users[] = new self($row); - } - - return $users; + return array_map(function($row) { return new static($row); }, $rows); } /** @@ -219,116 +230,118 @@ class User { * * @return User[] */ - public static function allAdmins() { + public static function administrators() { $rows = Database::prepare( "SELECT SQL_CACHE user_id, user_name, real_name, email" . " FROM `##user`" . " JOIN `##user_setting` USING (user_id)" . - " WHERE user_id > 0" . - " AND setting_name = 'canadmin'" . - " AND setting_value = '1'" + " WHERE user_id > 0 AND setting_name = 'canadmin' AND setting_value = '1'" . + " ORDER BY real_name" )->fetchAll(); - $users = []; - foreach ($rows as $row) { - $users[] = new self($row); - } + return array_map(function($row) { return new static($row); }, $rows); + } + + /** Validate a supplied password + * @param string $password + * + * @return bool + */ + public function checkPassword($password) { + $password_hash = Database::prepare( + "SELECT password FROM `##user` WHERE user_id = ?" + )->execute([$this->user_id])->fetchOne(); - return $users; + if (password_verify($password, $password_hash)) { + if (password_needs_rehash($password_hash, PASSWORD_DEFAULT)) { + $this->setPassword($password); + } + + return true; + } else { + return false; + } } /** - * Get a list of all verified uses. + * Get a list of all managers. * * @return User[] */ - public static function allVerified() { + public static function managers() { $rows = Database::prepare( "SELECT SQL_CACHE user_id, user_name, real_name, email" . - " FROM `##user`" . - " JOIN `##user_setting` USING (user_id)" . - " WHERE user_id > 0" . - " AND setting_name = 'verified'" . - " AND setting_value = '1'" + " FROM `##user` JOIN `##user_gedcom_setting` USING (user_id)" . + " WHERE setting_name = 'canedit' AND setting_value='admin'" . + " GROUP BY user_id, real_name" . + " ORDER BY real_name" )->fetchAll(); - $users = []; - foreach ($rows as $row) { - $users[] = new self($row); - } - - return $users; + return array_map(function($row) { return new static($row); }, $rows); } /** - * Get a list of all users who are currently logged in. + * Get a list of all moderators. * * @return User[] */ - public static function allLoggedIn() { + public static function moderators() { $rows = Database::prepare( - "SELECT SQL_NO_CACHE DISTINCT user_id, user_name, real_name, email" . - " FROM `##user`" . - " JOIN `##session` USING (user_id)" + "SELECT SQL_CACHE user_id, user_name, real_name, email" . + " FROM `##user` JOIN `##user_gedcom_setting` USING (user_id)" . + " WHERE setting_name = 'canedit' AND setting_value='accept'" . + " GROUP BY user_id, real_name" . + " ORDER BY real_name" )->fetchAll(); - $users = []; - foreach ($rows as $row) { - $users[] = new self($row); - } - - return $users; + return array_map(function($row) { return new static($row); }, $rows); } /** - * Create a new user object from a row in the database. + * Get a list of all verified users. * - * @param stdclass $user A row from the wt_user table + * @return User[] */ - public function __construct(stdClass $user) { - $this->user_id = $user->user_id; - $this->user_name = $user->user_name; - $this->real_name = $user->real_name; - $this->email = $user->email; + public static function unapproved() { + $rows = Database::prepare( + "SELECT SQL_CACHE user_id, user_name, real_name, email" . + " FROM `##user` JOIN `##user_setting` USING (user_id)" . + " WHERE setting_name = 'verified_by_admin' AND setting_value = '0'" . + " ORDER BY real_name" + )->fetchAll(); + + return array_map(function($row) { return new static($row); }, $rows); } /** - * Delete a user + * Get a list of all verified users. + * + * @return User[] */ - public function delete() { - // Don't delete the logs. - Database::prepare("UPDATE `##log` SET user_id=NULL WHERE user_id =?")->execute([$this->user_id]); - // Take over the user’s pending changes. (What else could we do with them?) - Database::prepare("DELETE FROM `##change` WHERE user_id=? AND status='rejected'")->execute([$this->user_id]); - Database::prepare("UPDATE `##change` SET user_id=? WHERE user_id=?")->execute([Auth::id(), $this->user_id]); - Database::prepare("DELETE `##block_setting` FROM `##block_setting` JOIN `##block` USING (block_id) WHERE user_id=?")->execute([$this->user_id]); - Database::prepare("DELETE FROM `##block` WHERE user_id=?")->execute([$this->user_id]); - Database::prepare("DELETE FROM `##user_gedcom_setting` WHERE user_id=?")->execute([$this->user_id]); - Database::prepare("DELETE FROM `##gedcom_setting` WHERE setting_value=? AND setting_name IN ('CONTACT_USER_ID', 'WEBMASTER_USER_ID')")->execute([$this->user_id]); - Database::prepare("DELETE FROM `##user_setting` WHERE user_id=?")->execute([$this->user_id]); - Database::prepare("DELETE FROM `##message` WHERE user_id=?")->execute([$this->user_id]); - Database::prepare("DELETE FROM `##user` WHERE user_id=?")->execute([$this->user_id]); + public static function unverified() { + $rows = Database::prepare( + "SELECT SQL_CACHE user_id, user_name, real_name, email" . + " FROM `##user` JOIN `##user_setting` USING (user_id)" . + " WHERE setting_name = 'verified' AND setting_value = '0'" . + " ORDER BY real_name" + )->fetchAll(); + + return array_map(function($row) { return new static($row); }, $rows); } - /** Validate a supplied password - * @param string $password + /** + * Get a list of all users who are currently logged in. * - * @return bool + * @return User[] */ - public function checkPassword($password) { - $password_hash = Database::prepare( - "SELECT password FROM `##user` WHERE user_id = ?" - )->execute([$this->user_id])->fetchOne(); - - if (password_verify($password, $password_hash)) { - if (password_needs_rehash($password_hash, PASSWORD_DEFAULT)) { - $this->setPassword($password); - } + public static function allLoggedIn() { + $rows = Database::prepare( + "SELECT SQL_NO_CACHE DISTINCT user_id, user_name, real_name, email" . + " FROM `##user`" . + " JOIN `##session` USING (user_id)" + )->fetchAll(); - return true; - } else { - return false; - } + return array_map(function($row) { return new static($row); }, $rows); } /** |
