diff options
| -rw-r--r-- | lib/class/user.class.php | 619 |
1 files changed, 319 insertions, 300 deletions
diff --git a/lib/class/user.class.php b/lib/class/user.class.php index 73e23a51..6400b54b 100644 --- a/lib/class/user.class.php +++ b/lib/class/user.class.php @@ -38,27 +38,27 @@ class User extends database_object { public $validation; // Constructed variables - public $prefs = array(); + public $prefs = array(); /** * Constructor * This function is the constructor object for the user * class, it currently takes a username - */ + */ public function __construct($user_id=0) { - - if (!$user_id) { return false; } + + if (!$user_id) { return false; } $this->id = intval($user_id); $info = $this->_get_info(); - foreach ($info as $key=>$value) { + foreach ($info as $key=>$value) { // Let's not save the password in this object :S - if ($key == 'password') { continue; } - $this->$key = $value; - } - + if ($key == 'password') { continue; } + $this->$key = $value; + } + // Make sure the Full name is always filled if (strlen($this->fullname) < 1) { $this->fullname = $this->username; } @@ -70,28 +70,28 @@ class User extends database_object { */ private function _get_info() { - $id = intval($this->id); + $id = intval($this->id); - if (parent::is_cached('user',$id)) { - return parent::get_from_cache('user',$id); - } + if (parent::is_cached('user',$id)) { + return parent::get_from_cache('user',$id); + } // If the ID is -1 then - if ($id == '-1') { - $data['username'] = 'System'; - $data['fullname'] = 'Ampache User'; - $data['access'] = '25'; - return $data; - } + if ($id == '-1') { + $data['username'] = 'System'; + $data['fullname'] = 'Ampache User'; + $data['access'] = '25'; + return $data; + } $sql = "SELECT * FROM `user` WHERE `id`='$id'"; $db_results = Dba::query($sql); - $data = Dba::fetch_assoc($db_results); + $data = Dba::fetch_assoc($db_results); - parent::add_to_cache('user',$id,$data); + parent::add_to_cache('user',$id,$data); - return $data; + return $data; } // _get_info @@ -101,30 +101,49 @@ class User extends database_object { * has a tmp_playlist, creating it if it doesn't, then sets $this->playlist * as a tmp_playlist object that can be fiddled with later on */ - public function load_playlist() { + public function load_playlist() { - $session_id = session_id(); + $session_id = session_id(); - $this->playlist = tmpPlaylist::get_from_session($session_id); + $this->playlist = tmpPlaylist::get_from_session($session_id); } // load_playlist /** * get_from_username - * This returns a built user from a username. This is a + * This returns a built user from a username. This is a * static function so it doesn't require an instance */ - public static function get_from_username($username) { + public static function get_from_username($username) { - $username = Dba::escape($username); - - $sql = "SELECT `id` FROM `user` WHERE `username`='$username'"; + $username = Dba::escape($username); + + $sql = "SELECT `id` FROM `user` WHERE `username`='$username'"; $db_results = Dba::read($sql); - $results = Dba::fetch_assoc($db_results); - - $user = new User($results['id']); + $results = Dba::fetch_assoc($db_results); + + $user = new User($results['id']); - return $user; + return $user; + + } // get_from_username + + /** + * get_from_email + * This returns a built user from a email. This is a + * static function so it doesn't require an instance + */ + public static function get_from_email($email) { + + $email = Dba::escape($email); + + $sql = "SELECT `id` FROM `user` WHERE `email`='$email'"; + $db_results = Dba::read($sql); + $results = Dba::fetch_assoc($db_results); + + $user = new User($results['id']); + + return $user; } // get_from_username @@ -132,20 +151,20 @@ class User extends database_object { * get_catalogs * This returns the catalogs as an array of ids that this user is allowed to access */ - public function get_catalogs() { + public function get_catalogs() { - if (parent::is_cached('user_catalog',$this->id)) { - return parent::get_from_cache('user_catalog',$this->id); - } + if (parent::is_cached('user_catalog',$this->id)) { + return parent::get_from_cache('user_catalog',$this->id); + } - $sql = "SELECT * FROM `user_catalog` WHERE `user`='$user_id'"; - $db_results = Dba::read($sql); + $sql = "SELECT * FROM `user_catalog` WHERE `user`='$user_id'"; + $db_results = Dba::read($sql); - while ($row = Dba::fetch_assoc($db_results)) { - $catalogs[] = $row['catalog']; - } + while ($row = Dba::fetch_assoc($db_results)) { + $catalogs[] = $row['catalog']; + } - parent::add_to_cache('user_catalog',$this->id,$catalogs); + parent::add_to_cache('user_catalog',$this->id,$catalogs); return $catalogs; @@ -160,39 +179,39 @@ class User extends database_object { * []['prefs'] = array(array('name','display','value')); * []['admin'] = t/f value if this is an admin only section */ - function get_preferences($user_id=0,$type=0) { - + function get_preferences($user_id=0,$type=0) { + // Fill out the user id - $user_id = $user_id ? Dba::escape($user_id) : Dba::escape($this->id); + $user_id = $user_id ? Dba::escape($user_id) : Dba::escape($this->id); - if ($user_id != '-1') { + if ($user_id != '-1') { $user_limit = "AND preference.catagory != 'system'"; } if (!Config::get('use_auth')) { $user_id = '-1'; } - - if ($type != '0') { + + if ($type != '0') { $user_limit = "AND preference.catagory = '" . Dba::escape($type) . "'"; } - - $sql = "SELECT preference.name, preference.description, preference.catagory, preference.level, user_preference.value " . + + $sql = "SELECT preference.name, preference.description, preference.catagory, preference.level, user_preference.value " . "FROM preference INNER JOIN user_preference ON user_preference.preference=preference.id " . "WHERE user_preference.user='$user_id' " . $user_limit; $db_results = Dba::query($sql); /* Ok this is crapy, need to clean this up or improve the code FIXME */ - while ($r = Dba::fetch_assoc($db_results)) { + while ($r = Dba::fetch_assoc($db_results)) { $type = $r['catagory']; $admin = false; if ($type == 'system') { $admin = true; } $type_array[$type][$r['name']] = array('name'=>$r['name'],'level'=>$r['level'],'description'=>$r['description'],'value'=>$r['value']); - ksort($type_array[$type]); + ksort($type_array[$type]); $results[$type] = array ('title'=>ucwords($type),'admin'=>$admin,'prefs'=>$type_array[$type]); } // end while - + return $results; - + } // get_preferences /** @@ -201,7 +220,7 @@ class User extends database_object { */ public function set_preferences() { - $user_id = Dba::escape($this->id); + $user_id = Dba::escape($this->id); $sql = "SELECT preference.name,user_preference.value FROM preference,user_preference WHERE user_preference.user='$user_id' " . "AND user_preference.preference=preference.id AND preference.type != 'system'"; @@ -210,14 +229,14 @@ class User extends database_object { while ($r = Dba::fetch_assoc($db_results)) { $key = $r['name']; $this->prefs[$key] = $r['value']; - } + } } // set_preferences /** * get_favorites * returns an array of your $type favorites */ - function get_favorites($type) { + function get_favorites($type) { $web_path = Config::get('web_path'); @@ -225,9 +244,9 @@ class User extends database_object { $items = array(); - foreach ($results as $r) { + foreach ($results as $r) { /* If its a song */ - if ($type == 'song') { + if ($type == 'song') { $data = new Song($r['object_id']); $data->count = $r['count']; $data->format(); @@ -235,22 +254,22 @@ class User extends database_object { $items[] = $data; } /* If its an album */ - elseif ($type == 'album') { + elseif ($type == 'album') { $data = new Album($r['object_id']); $data->count = $r['count']; $data->format(); $items[] = $data; - } + } /* If its an artist */ - elseif ($type == 'artist') { + elseif ($type == 'artist') { $data = new Artist($r['object_id']); $data->count = $r['count']; $data->format(); $data->f_name = $data->f_link; $items[] = $data; - } + } /* If it's a genre */ - elseif ($type == 'genre') { + elseif ($type == 'genre') { $data = new Genre($r['object_id']); $data->count = $r['count']; $data->format(); @@ -259,7 +278,7 @@ class User extends database_object { } } // end foreach - + return $items; } // get_favorites @@ -267,57 +286,57 @@ class User extends database_object { /** * get_recommendations * This returns recommended objects of $type. The recommendations - * are based on voodoo economics,the phase of the moon and my current BAL. + * are based on voodoo economics,the phase of the moon and my current BAL. */ - function get_recommendations($type) { + function get_recommendations($type) { - /* First pull all of your ratings of this type */ - $sql = "SELECT object_id,user_rating FROM ratings " . + /* First pull all of your ratings of this type */ + $sql = "SELECT object_id,user_rating FROM ratings " . "WHERE object_type='" . Dba::escape($type) . "' AND user='" . Dba::escape($this->id) . "'"; - $db_results = Dba::query($sql); + $db_results = Dba::query($sql); // Incase they only have one user - $users = array(); + $users = array(); - while ($r = Dba::fetch_assoc($db_results)) { + while ($r = Dba::fetch_assoc($db_results)) { /* Store the fact that you rated this */ $key = $r['object_id']; $ratings[$key] = true; /* Build a key'd array of users with this same rating */ - $sql = "SELECT user FROM ratings WHERE object_type='" . Dba::escape($type) . "' " . - "AND user !='" . Dba::escape($this->id) . "' AND object_id='" . Dba::escape($r['object_id']) . "' " . + $sql = "SELECT user FROM ratings WHERE object_type='" . Dba::escape($type) . "' " . + "AND user !='" . Dba::escape($this->id) . "' AND object_id='" . Dba::escape($r['object_id']) . "' " . "AND user_rating ='" . Dba::escape($r['user_rating']) . "'"; - $user_results = Dba::query($sql); + $user_results = Dba::query($sql); - while ($user_info = Dba::fetch_assoc($user_results)) { + while ($user_info = Dba::fetch_assoc($user_results)) { $key = $user_info['user']; - $users[$key]++; + $users[$key]++; } - } // end while + } // end while - /* now we've got your ratings, and all users and the # of ratings that match your ratings + /* now we've got your ratings, and all users and the # of ratings that match your ratings * sort the users[$key] array by value and then find things they've rated high (4+) that you * haven't rated */ - $recommendations = array(); + $recommendations = array(); asort($users); - foreach ($users as $user_id=>$score) { + foreach ($users as $user_id=>$score) { /* Find everything they've rated at 4+ */ - $sql = "SELECT object_id,user_rating FROM ratings " . - "WHERE user='" . Dba::escape($user_id) . "' AND user_rating >='4' AND " . - "object_type = '" . Dba::escape($type) . "' ORDER BY user_rating DESC"; - $db_results = Dba::query($sql); + $sql = "SELECT object_id,user_rating FROM ratings " . + "WHERE user='" . Dba::escape($user_id) . "' AND user_rating >='4' AND " . + "object_type = '" . Dba::escape($type) . "' ORDER BY user_rating DESC"; + $db_results = Dba::query($sql); - while ($r = Dba::fetch_assoc($db_results)) { + while ($r = Dba::fetch_assoc($db_results)) { $key = $r['object_id']; - if (isset($ratings[$key])) { continue; } + if (isset($ratings[$key])) { continue; } /* Let's only get 5 total for now */ - if (count($recommendations) > 5) { return $recommendations; } + if (count($recommendations) > 5) { return $recommendations; } $recommendations[$key] = $r['user_rating']; @@ -333,18 +352,18 @@ class User extends database_object { /** * is_logged_in * checks to see if $this user is logged in returns their current IP if they - * are logged in + * are logged in */ - public function is_logged_in() { + public function is_logged_in() { - $username = Dba::escape($this->username); + $username = Dba::escape($this->username); $sql = "SELECT `id`,`ip` FROM `session` WHERE `username`='$username'" . " AND `expire` > ". time(); $db_results = Dba::query($sql); - if ($row = Dba::fetch_assoc($db_results)) { - $ip = $row['ip'] ? $row['ip'] : NULL; + if ($row = Dba::fetch_assoc($db_results)) { + $ip = $row['ip'] ? $row['ip'] : NULL; return $ip; } @@ -357,10 +376,10 @@ class User extends database_object { * this function checkes to see if this user has access * to the passed action (pass a level requirement) */ - function has_access($needed_level) { + function has_access($needed_level) { if (!Config::get('use_auth') || Config::get('demo_mode')) { return true; } - + if ($this->access >= $needed_level) { return true; } return false; @@ -373,41 +392,41 @@ class User extends database_object { * calls the mini ones does all the error checking and all that * good stuff */ - public function update($data) { - - if (empty($data['username'])) { - Error::add('username',_('Error Username Required')); - } - - if ($data['password1'] != $data['password2'] AND !empty($data['password1'])) { - Error::add('password',_("Error Passwords don't match")); - } - - if (Error::occurred()) { - return false; - } - - foreach ($data as $name=>$value) { - switch ($name) { - case 'password1'; - $name = 'password'; + public function update($data) { + + if (empty($data['username'])) { + Error::add('username',_('Error Username Required')); + } + + if ($data['password1'] != $data['password2'] AND !empty($data['password1'])) { + Error::add('password',_("Error Passwords don't match")); + } + + if (Error::occurred()) { + return false; + } + + foreach ($data as $name=>$value) { + switch ($name) { + case 'password1'; + $name = 'password'; case 'access': case 'email': - case 'username': - case 'fullname'; - if ($this->$name != $value) { - $function = 'update_' . $name; + case 'username': + case 'fullname'; + if ($this->$name != $value) { + $function = 'update_' . $name; $this->$function($value); - } + } break; - default: + default: // Rien a faire break; } // end switch on field - } // end foreach + } // end foreach - return true; + return true; } // update @@ -428,13 +447,13 @@ class User extends database_object { * update_validation * This is used by the registration mumbojumbo * Use this function to update the validation key - * NOTE: crap this doesn't have update_item the humanity of it all + * NOTE: crap this doesn't have update_item the humanity of it all */ - public function update_validation($new_validation) { + public function update_validation($new_validation) { $new_validation = Dba::escape($new_validation); $sql = "UPDATE `user` SET `validation`='$new_validation', `disabled`='1' WHERE `id`='" . Dba::escape($this->id) . "'"; - $db_results = Dba::query($sql); + $db_results = Dba::query($sql); $this->validation = $new_validation; return $db_results; @@ -446,7 +465,7 @@ class User extends database_object { * updates their fullname */ public function update_fullname($new_fullname) { - + $new_fullname = Dba::escape($new_fullname); $sql = "UPDATE `user` SET `fullname`='$new_fullname' WHERE `id`='$this->id'"; $db_results = Dba::query($sql); @@ -465,26 +484,26 @@ class User extends database_object { } // update_email - /** + /** * disable * This disables the current user */ - public function disable() { + public function disable() { // Make sure we aren't disabling the last admin - $sql = "SELECT `id` FROM `user` WHERE `disabled` = '0' AND `id` != '" . $this->id . "' AND `access`='100'"; - $db_results = Dba::query($sql); - - if (!Dba::num_rows($db_results)) { return false; } + $sql = "SELECT `id` FROM `user` WHERE `disabled` = '0' AND `id` != '" . $this->id . "' AND `access`='100'"; + $db_results = Dba::query($sql); + + if (!Dba::num_rows($db_results)) { return false; } $sql = "UPDATE `user` SET `disabled`='1' WHERE id='" . $this->id . "'"; - $db_results = Dba::query($sql); + $db_results = Dba::query($sql); // Delete any sessions they may have - $sql = "DELETE FROM `session` WHERE `username`='" . Dba::escape($this->username) . "'"; - $db_results = Dba::query($sql); + $sql = "DELETE FROM `session` WHERE `username`='" . Dba::escape($this->username) . "'"; + $db_results = Dba::query($sql); - return true; + return true; } // disable @@ -492,12 +511,12 @@ class User extends database_object { * enable * this enables the current user */ - public function enable() { + public function enable() { $sql = "UPDATE `user` SET `disabled`='0' WHERE id='" . $this->id . "'"; - $db_results = Dba::query($sql); + $db_results = Dba::query($sql); - return true; + return true; } // enable @@ -505,10 +524,10 @@ class User extends database_object { * update_access * updates their access level */ - public function update_access($new_access) { + public function update_access($new_access) { /* Prevent Only User accounts */ - if ($new_access < '100') { + if ($new_access < '100') { $sql = "SELECT `id` FROM user WHERE `access`='100' AND `id` != '$this->id'"; $db_results = Dba::query($sql); if (!Dba::num_rows($db_results)) { return false; } @@ -524,11 +543,11 @@ class User extends database_object { @function update_last_seen @discussion updates the last seen data for this user */ - function update_last_seen() { - + function update_last_seen() { + $sql = "UPDATE user SET last_seen='" . time() . "' WHERE `id`='$this->id'"; $db_results = Dba::query($sql); - + } // update_last_seen /** @@ -538,38 +557,38 @@ class User extends database_object { public function update_stats($song_id) { $song_info = new Song($song_id); - $song_info->format(); + $song_info->format(); $user = $this->id; - + if (!strlen($song_info->file)) { return false; } // Make sure we didn't just play this song $data = Stats::get_last_song($this->id); - $last_song = new Song($data['object_id']); - if ($data['date']+($song_info->time/2) >= time()) { - debug_event('Stats','Not collecting stats less then 50% of song has elapsed','3'); + $last_song = new Song($data['object_id']); + if ($data['date']+($song_info->time/2) >= time()) { + debug_event('Stats','Not collecting stats less then 50% of song has elapsed','3'); return false; - } + } - $this->set_preferences(); + $this->set_preferences(); // Check if lastfm is loaded, if so run the update - if (Plugin::is_installed('Last.FM')) { + if (Plugin::is_installed('Last.FM')) { $lastfm = new Plugin('Lastfm'); - if ($lastfm->_plugin->load($this->prefs,$this->id)) { - $lastfm->_plugin->submit($song_info,$this->id); - } - } // end if is_installed + if ($lastfm->_plugin->load($this->prefs,$this->id)) { + $lastfm->_plugin->submit($song_info,$this->id); + } + } // end if is_installed // Check and see if librefm is loaded and run scrobblizing - if (Plugin::is_installed('Libre.FM')) { - $librefm = new Plugin('Librefm'); + if (Plugin::is_installed('Libre.FM')) { + $librefm = new Plugin('Librefm'); if ($librefm->_plugin->load($this->prefs,$this->id)) { $librefm->_plugin->submit($song_info,$this->id); } - } // end if is_installed + } // end if is_installed - // Do this last so the 'last played checks are correct' + // Do this last so the 'last played checks are correct' Stats::insert('song',$song_id,$user); Stats::insert('album',$song_info->album,$user); Stats::insert('artist',$song_info->artist,$user); @@ -582,31 +601,31 @@ class User extends database_object { * This inserts a row into the IP History recording this user at this * address at this time in this place, doing this thing.. you get the point */ - public function insert_ip_history() { + public function insert_ip_history() { if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])){ $sip = $_SERVER['HTTP_X_FORWARDED_FOR']; debug_event('User Ip', 'Login from ip adress: ' . $sip,'3'); - } + } else { $sip = $_SERVER['REMOTE_ADDR']; debug_event('User Ip', 'Login from ip adress: ' . $sip,'3'); } - $ip = Dba::escape(inet_pton($sip)); - $date = time(); + $ip = Dba::escape(inet_pton($sip)); + $date = time(); $user = $this->id; - $agent = Dba::escape($_SERVER['HTTP_USER_AGENT']); + $agent = Dba::escape($_SERVER['HTTP_USER_AGENT']); $sql = "INSERT INTO `ip_history` (`ip`,`user`,`date`,`agent`) VALUES ('$ip','$user','$date','$agent')"; $db_results = Dba::query($sql); /* Clean up old records... sometimes */ - if (rand(1,100) > 60) { + if (rand(1,100) > 60) { $date = time() - (86400*Config::get('user_ip_cardinality')); $sql = "DELETE FROM `ip_history` WHERE `date` < $date"; $db_results = Dba::query($sql); - } + } return true; @@ -616,7 +635,7 @@ class User extends database_object { * create * inserts a new user into ampache */ - public static function create($username, $fullname, $email, $password, $access) { + public static function create($username, $fullname, $email, $password, $access) { /* Lets clean up the fields... */ $username = Dba::escape($username); @@ -629,11 +648,11 @@ class User extends database_object { $sql = "INSERT INTO `user` (`username`, `fullname`, `email`, `password`, `access`, `create_date`) VALUES" . " ('$username','$fullname','$email','$password_hashed','$access','" . time() ."')"; $db_results = Dba::write($sql); - + if (!$db_results) { return false; } // Get the insert_id - $insert_id = Dba::insert_id(); + $insert_id = Dba::insert_id(); /* Populates any missing preferences, in this case all of them */ self::fix_preferences($insert_id); @@ -641,31 +660,31 @@ class User extends database_object { return $insert_id; } // create - + /** * update_password * updates a users password */ - public function update_password($new_password) { + public function update_password($new_password) { - $new_password = hash('sha256',$new_password); + $new_password = hash('sha256',$new_password); $new_password = Dba::escape($new_password); $sql = "UPDATE `user` SET `password`='$new_password' WHERE `id`='$this->id'"; $db_results = Dba::write($sql); - + // Clear this (temp fix) - if ($db_results) { unset($_SESSION['userdata']['password']); } + if ($db_results) { unset($_SESSION['userdata']['password']); } - } // update_password + } // update_password /** * format * This function sets up the extra variables we need when we are displaying a - * user for an admin, these should not be normally called when creating a + * user for an admin, these should not be normally called when creating a * user object */ - public function format() { + public function format() { /* If they have a last seen date */ if (!$this->last_seen) { $this->f_last_seen = _('Never'); } @@ -679,22 +698,22 @@ class User extends database_object { $this->f_link = '<a href="' . Config::get('web_path') . '/stats.php?action=show_user&user_id=' . $this->id . '">' . $this->fullname . '</a>'; /* Calculate their total Bandwidth Useage */ - $sql = "SELECT `song`.`size` FROM `song` LEFT JOIN `object_count` ON `song`.`id`=`object_count`.`object_id` " . + $sql = "SELECT `song`.`size` FROM `song` LEFT JOIN `object_count` ON `song`.`id`=`object_count`.`object_id` " . "WHERE `object_count`.`user`='$this->id' AND `object_count`.`object_type`='song'"; $db_results = Dba::read($sql); - while ($r = Dba::fetch_assoc($db_results)) { + while ($r = Dba::fetch_assoc($db_results)) { $total = $total + $r['size']; - } + } $divided = 0; - - while (strlen(floor($total)) > 3) { + + while (strlen(floor($total)) > 3) { $total = ($total / 1024); $divided++; } - switch ($divided) { + switch ($divided) { default: case '1': $name = "KB"; break; case '2': $name = "MB"; break; @@ -704,10 +723,10 @@ class User extends database_object { } // end switch $this->f_useage = round($total,2) . $name; - + /* Get Users Last ip */ $data = $this->get_ip_history(1); - $this->ip_history = inet_ntop($data['0']['ip']); + $this->ip_history = inet_ntop($data['0']['ip']); } // format_user @@ -716,17 +735,17 @@ class User extends database_object { * takes an array of objects and formats them corrrectly * and returns a simply array with just <a href values */ - public function format_favorites($items) { + public function format_favorites($items) { // The length of the longest item $maxlen = strlen($items[0]->count); - + // Go through the favs - foreach ($items as $data) { - - // Make all number lengths equal + foreach ($items as $data) { + + // Make all number lengths equal $len = strlen($data->count); - while ($len < $maxlen) { + while ($len < $maxlen) { $data->count = "0" . $data->count; $len++; } @@ -744,25 +763,25 @@ class User extends database_object { * This takes an array of [object_id] = ratings * and displays them in a semi-pretty format */ - function format_recommendations($items,$type) { + function format_recommendations($items,$type) { - foreach ($items as $object_id=>$rating) { + foreach ($items as $object_id=>$rating) { - switch ($type) { + switch ($type) { case 'artist': $object = new Artist($object_id); - $object->format_artist(); + $object->format_artist(); $name = $object->link; break; case 'album': $object = new Album($object_id); - $object->format_album(); + $object->format_album(); $name = $object->f_link; break; case 'song': $object = new Song($object_id); - $object->format_song(); - $name = $object->f_link; + $object->format_song(); + $name = $object->f_link; break; } // end switch on type $results[] = "<li>$name -- " . get_rating_name($rating) . "<br />\n</li>"; @@ -770,7 +789,7 @@ class User extends database_object { } // end foreach items - return $results; + return $results; } // format_recommendations @@ -778,25 +797,25 @@ class User extends database_object { * access_name_to_level * This takes the access name for the user and returns the level */ - public static function access_name_to_level($level) { - - switch ($level) { - case 'admin': - return '100'; - break; - case 'user': - return '25'; - break; - case 'manager': + public static function access_name_to_level($level) { + + switch ($level) { + case 'admin': + return '100'; + break; + case 'user': + return '25'; + break; + case 'manager': return '75'; - break; - case 'guest': - return '5'; + break; + case 'guest': + return '5'; break; default: - return '0'; - break; - } + return '0'; + break; + } return false; @@ -807,45 +826,45 @@ class User extends database_object { * This is the new fix_preferences function, it does the following * Remove Duplicates from user, add in missing * If -1 is passed it also removes duplicates from the `preferences` - * table. + * table. */ - public static function fix_preferences($user_id) { + public static function fix_preferences($user_id) { - $user_id = Dba::escape($user_id); + $user_id = Dba::escape($user_id); /* Get All Preferences for the current user */ - $sql = "SELECT * FROM `user_preference` WHERE `user`='$user_id'"; - $db_results = Dba::query($sql); + $sql = "SELECT * FROM `user_preference` WHERE `user`='$user_id'"; + $db_results = Dba::query($sql); - $results = array(); + $results = array(); - while ($r = Dba::fetch_assoc($db_results)) { + while ($r = Dba::fetch_assoc($db_results)) { $pref_id = $r['preference']; /* Check for duplicates */ - if (isset($results[$pref_id])) { - $r['value'] = Dba::escape($r['value']); - $sql = "DELETE FROM `user_preference` WHERE `user`='$user_id' AND `preference`='" . $r['preference'] . "' AND" . - " `value`='" . Dba::escape($r['value']) . "'"; - $delete_results = Dba::query($sql); + if (isset($results[$pref_id])) { + $r['value'] = Dba::escape($r['value']); + $sql = "DELETE FROM `user_preference` WHERE `user`='$user_id' AND `preference`='" . $r['preference'] . "' AND" . + " `value`='" . Dba::escape($r['value']) . "'"; + $delete_results = Dba::query($sql); } // if its set - else { - $results[$pref_id] = 1; - } + else { + $results[$pref_id] = 1; + } } // end while - + /* If we aren't the -1 user before we continue grab the -1 users values */ - if ($user_id != '-1') { + if ($user_id != '-1') { $sql = "SELECT `user_preference`.`preference`,`user_preference`.`value` FROM `user_preference`,`preference` " . "WHERE `user_preference`.`preference` = `preference`.`id` AND `user_preference`.`user`='-1' AND `preference`.`catagory` !='system'"; $db_results = Dba::query($sql); /* While through our base stuff */ while ($r = Dba::fetch_assoc($db_results)) { - $key = $r['preference']; + $key = $r['preference']; $zero_results[$key] = $r['value']; } } // if not user -1 - // get me _EVERYTHING_ + // get me _EVERYTHING_ $sql = "SELECT * FROM `preference`"; // If not system, exclude system... *gasp* @@ -863,7 +882,7 @@ class User extends database_object { if (isset($zero_results[$key])) { $r['value'] = $zero_results[$key]; } - $value = Dba::escape($r['value']); + $value = Dba::escape($r['value']); $sql = "INSERT INTO user_preference (`user`,`preference`,`value`) VALUES ('$user_id','$key','$value')"; $insert_db = Dba::query($sql); } @@ -893,45 +912,45 @@ class User extends database_object { * deletes this user and everything assoicated with it. This will affect * ratings and tottal stats */ - public function delete() { + public function delete() { - /* - Before we do anything make sure that they aren't the last + /* + Before we do anything make sure that they aren't the last admin */ - if ($this->has_access(100)) { + if ($this->has_access(100)) { $sql = "SELECT `id` FROM `user` WHERE `access`='100' AND id !='" . Dba::escape($this->id) . "'"; $db_results = mysql_query($sql); - if (!Dba::num_rows($db_results)) { + if (!Dba::num_rows($db_results)) { return false; } - } // if this is an admin check for others + } // if this is an admin check for others // Delete their playlists $sql = "DELETE FROM `playlist` WHERE `user`='$this->id'"; $db_results = Dba::query($sql); // Clean up the playlist data table - $sql = "DELETE FROM `playlist_data` USING `playlist_data` " . - "LEFT JOIN `playlist` ON `playlist`.`id`=`playlist_data`.`playlist` " . - "WHERE `playlist`.`id` IS NULL"; - $db_results = Dba::query($sql); + $sql = "DELETE FROM `playlist_data` USING `playlist_data` " . + "LEFT JOIN `playlist` ON `playlist`.`id`=`playlist_data`.`playlist` " . + "WHERE `playlist`.`id` IS NULL"; + $db_results = Dba::query($sql); // Delete any stats they have $sql = "DELETE FROM `object_count` WHERE `user`='$this->id'"; $db_results = Dba::query($sql); // Clear the IP history for this user - $sql = "DELETE FROM `ip_history` WHERE `user`='$this->id'"; - $db_results = Dba::query($sql); + $sql = "DELETE FROM `ip_history` WHERE `user`='$this->id'"; + $db_results = Dba::query($sql); // Nuke any access lists that are specific to this user - $sql = "DELETE FROM `access_list` WHERE `user`='$this->id'"; - $db_results = Dba::query($sql); + $sql = "DELETE FROM `access_list` WHERE `user`='$this->id'"; + $db_results = Dba::query($sql); // Delete their ratings $sql = "DELETE FROM `rating` WHERE `user`='$this->id'"; - $db_results = Dba::query($sql); + $db_results = Dba::query($sql); // Delete their tags $sql = "DELETE FROM `tag_map` WHERE `user`='$this->id'"; @@ -939,7 +958,7 @@ class User extends database_object { // Clean out the tags $sql = "DELETE FROM `tags` USING `tag_map` LEFT JOIN `tag_map` ON tag_map.id=tags.map_id AND tag_map.id IS NULL"; - $db_results = Dba::query($sql); + $db_results = Dba::query($sql); // Delete their preferences $sql = "DELETE FROM `user_preference` WHERE `user`='$this->id'"; @@ -947,12 +966,12 @@ class User extends database_object { // Delete their voted stuff in democratic play $sql = "DELETE FROM `user_vote` WHERE `user`='$this->id'"; - $db_results = Dba::query($sql); + $db_results = Dba::query($sql); // Delete their shoutbox posts $sql = "DELETE FROM `user_shout` WHERE `user='$this->id'"; - $db_results = Dba::query($sql); - + $db_results = Dba::query($sql); + // Delete the user itself $sql = "DELETE FROM `user` WHERE `id`='$this->id'"; $db_results = Dba::query($sql); @@ -981,12 +1000,12 @@ class User extends database_object { *if user exists before activation can be done. */ public static function get_validation($username) { - + $usename = Dba::escape($username); - + $sql = "SELECT `validation` FROM `user` WHERE `username`='$username'"; - $db_results = Dba::query($sql); - + $db_results = Dba::query($sql); + $row = Dba::fetch_assoc($db_results); return $row['validation']; @@ -998,38 +1017,38 @@ class User extends database_object { * This gets the recently played items for this user respecting * the limit passed */ - public function get_recently_played($limit,$type='') { + public function get_recently_played($limit,$type='') { - if (!$type) { $type = 'song'; } + if (!$type) { $type = 'song'; } - $sql = "SELECT * FROM `object_count` WHERE `object_type`='$type' AND `user`='$this->id' " . - "ORDER BY `date` DESC LIMIT $limit"; - $db_results = Dba::query($sql); + $sql = "SELECT * FROM `object_count` WHERE `object_type`='$type' AND `user`='$this->id' " . + "ORDER BY `date` DESC LIMIT $limit"; + $db_results = Dba::query($sql); - while ($row = Dba::fetch_assoc($db_results)) { + while ($row = Dba::fetch_assoc($db_results)) { $results[] = $row['object_id']; - } + } - return $results; + return $results; } // get_recently_played /** - * get_ip_history + * get_ip_history * This returns the ip_history from the * last Config::get('user_ip_cardinality') days - */ - public function get_ip_history($count='',$distinct='') { + */ + public function get_ip_history($count='',$distinct='') { $username = Dba::escape($this->id); - $count = $count ? intval($count) : intval(Config::get('user_ip_cardinality')); - - // Make sure it's something - if ($count < 1) { $count = '1'; } + $count = $count ? intval($count) : intval(Config::get('user_ip_cardinality')); + + // Make sure it's something + if ($count < 1) { $count = '1'; } $limit_sql = "LIMIT " . intval($count); - + if ($distinct) { $group_sql = "GROUP BY `ip`"; } - + /* Select ip history */ $sql = "SELECT `ip`,`date` FROM `ip_history`" . " WHERE `user`='$username'" . @@ -1037,13 +1056,13 @@ class User extends database_object { $db_results = Dba::read($sql); $results = array(); - + while ($row = Dba::fetch_assoc($db_results)) { $results[] = $row; } - + return $results; - + } // get_ip_history /*! @@ -1051,12 +1070,12 @@ class User extends database_object { @activates the user from public_registration */ public function activate_user($username) { - - $username = Dba::escape($username); - + + $username = Dba::escape($username); + $sql = "UPDATE user SET disabled='0' WHERE username='$username'"; $db_results = Dba::query($sql); - + } // activate_user /*! @@ -1083,18 +1102,18 @@ class User extends database_object { * This checks to make sure the username passed doesn't already * exist in this instance of ampache */ - public static function check_username($username) { + public static function check_username($username) { - $username = Dba::escape($username); + $username = Dba::escape($username); - $sql = "SELECT `id` FROM `user` WHERE `username`='$username'"; - $db_results = Dba::query($sql); + $sql = "SELECT `id` FROM `user` WHERE `username`='$username'"; + $db_results = Dba::query($sql); - if (Dba::num_rows($db_results)) { - return false; - } + if (Dba::num_rows($db_results)) { + return false; + } - return true; + return true; } // check_username @@ -1102,18 +1121,18 @@ class User extends database_object { * rebuild_all_preferences * This rebuilds the user preferences for all installed users, called by the plugin functions */ - public static function rebuild_all_preferences() { + public static function rebuild_all_preferences() { - $sql = "SELECT * FROM `user`"; - $db_results = Dba::query($sql); + $sql = "SELECT * FROM `user`"; + $db_results = Dba::query($sql); - User::fix_preferences('-1'); + User::fix_preferences('-1'); - while ($row = Dba::fetch_assoc($db_results)) { - User::fix_preferences($row['id']); - } + while ($row = Dba::fetch_assoc($db_results)) { + User::fix_preferences($row['id']); + } - return true; + return true; } // rebuild_all_preferences |