Elgg  Version 1.10
UsersTable.php
Go to the documentation of this file.
1 <?php
2 namespace Elgg\Database;
3 
5 
9 global $USERNAME_TO_GUID_MAP_CACHE;
10 $USERNAME_TO_GUID_MAP_CACHE = array();
11 
21 class UsersTable {
27  private $CONFIG;
28 
32  public function __construct() {
33  global $CONFIG;
34  $this->CONFIG = $CONFIG;
35  }
36 
45  function getRow($guid) {
46 
47 
48  $guid = (int)$guid;
49  return _elgg_services()->db->getDataRow("SELECT * from {$this->CONFIG->dbprefix}users_entity where guid=$guid");
50  }
51 
59  function disableEntities($owner_guid) {
60 
61  $owner_guid = (int) $owner_guid;
62  if ($entity = get_entity($owner_guid)) {
63  if (_elgg_services()->events->trigger('disable', $entity->type, $entity)) {
64  if ($entity->canEdit()) {
65  $query = "UPDATE {$this->CONFIG->dbprefix}entities
66  set enabled='no' where owner_guid={$owner_guid}
67  or container_guid = {$owner_guid}";
68 
69  $res = _elgg_services()->db->updateData($query);
70  return $res;
71  }
72  }
73  }
74 
75  return false;
76  }
77 
86  function ban($user_guid, $reason = "") {
87 
88 
89  $user_guid = (int)$user_guid;
90 
91  $user = get_entity($user_guid);
92 
93  if (($user) && ($user->canEdit()) && ($user instanceof \ElggUser)) {
94  if (_elgg_services()->events->trigger('ban', 'user', $user)) {
95  // Add reason
96  if ($reason) {
97  create_metadata($user_guid, 'ban_reason', $reason, '', 0, ACCESS_PUBLIC);
98  }
99 
100  // invalidate memcache for this user
101  static $newentity_cache;
102  if ((!$newentity_cache) && (is_memcache_available())) {
103  $newentity_cache = new \ElggMemcache('new_entity_cache');
104  }
105 
106  if ($newentity_cache) {
107  $newentity_cache->delete($user_guid);
108  }
109 
110  // Set ban flag
111  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity set banned='yes' where guid=$user_guid";
112  return _elgg_services()->db->updateData($query);
113  }
114 
115  return false;
116  }
117 
118  return false;
119  }
120 
128  function unban($user_guid) {
129 
130 
131  $user_guid = (int)$user_guid;
132 
133  $user = get_entity($user_guid);
134 
135  if (($user) && ($user->canEdit()) && ($user instanceof \ElggUser)) {
136  if (_elgg_services()->events->trigger('unban', 'user', $user)) {
137  create_metadata($user_guid, 'ban_reason', '', '', 0, ACCESS_PUBLIC);
138 
139  // invalidate memcache for this user
140  static $newentity_cache;
141  if ((!$newentity_cache) && (is_memcache_available())) {
142  $newentity_cache = new \ElggMemcache('new_entity_cache');
143  }
144 
145  if ($newentity_cache) {
146  $newentity_cache->delete($user_guid);
147  }
148 
149 
150  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity set banned='no' where guid=$user_guid";
151  return _elgg_services()->db->updateData($query);
152  }
153 
154  return false;
155  }
156 
157  return false;
158  }
159 
167  function makeAdmin($user_guid) {
168 
169 
170  $user = get_entity((int)$user_guid);
171 
172  if (($user) && ($user instanceof \ElggUser) && ($user->canEdit())) {
173  if (_elgg_services()->events->trigger('make_admin', 'user', $user)) {
174 
175  // invalidate memcache for this user
176  static $newentity_cache;
177  if ((!$newentity_cache) && (is_memcache_available())) {
178  $newentity_cache = new \ElggMemcache('new_entity_cache');
179  }
180 
181  if ($newentity_cache) {
182  $newentity_cache->delete($user_guid);
183  }
184 
185  $r = _elgg_services()->db->updateData("UPDATE {$this->CONFIG->dbprefix}users_entity set admin='yes' where guid=$user_guid");
186  _elgg_invalidate_cache_for_entity($user_guid);
187  return $r;
188  }
189 
190  return false;
191  }
192 
193  return false;
194  }
195 
203  function removeAdmin($user_guid) {
204 
205 
206  $user = get_entity((int)$user_guid);
207 
208  if (($user) && ($user instanceof \ElggUser) && ($user->canEdit())) {
209  if (_elgg_services()->events->trigger('remove_admin', 'user', $user)) {
210 
211  // invalidate memcache for this user
212  static $newentity_cache;
213  if ((!$newentity_cache) && (is_memcache_available())) {
214  $newentity_cache = new \ElggMemcache('new_entity_cache');
215  }
216 
217  if ($newentity_cache) {
218  $newentity_cache->delete($user_guid);
219  }
220 
221  $r = _elgg_services()->db->updateData("UPDATE {$this->CONFIG->dbprefix}users_entity set admin='no' where guid=$user_guid");
222  _elgg_invalidate_cache_for_entity($user_guid);
223  return $r;
224  }
225 
226  return false;
227  }
228 
229  return false;
230  }
231 
241  function get($guid) {
242  $result = _elgg_services()->entityTable->get($guid);
243 
244  return ($result instanceof \ElggUser) ? $result : false;
245  }
246 
254  function getByUsername($username) {
255  global $USERNAME_TO_GUID_MAP_CACHE;
256 
257  // Fixes #6052. Username is frequently sniffed from the path info, which,
258  // unlike $_GET, is not URL decoded. If the username was not URL encoded,
259  // this is harmless.
260  $username = rawurldecode($username);
261 
262  $username = sanitise_string($username);
263  $access = _elgg_get_access_where_sql();
264 
265  // Caching
266  if ((isset($USERNAME_TO_GUID_MAP_CACHE[$username]))
267  && (_elgg_retrieve_cached_entity($USERNAME_TO_GUID_MAP_CACHE[$username]))) {
268  return _elgg_retrieve_cached_entity($USERNAME_TO_GUID_MAP_CACHE[$username]);
269  }
270 
271  $query = "SELECT e.* FROM {$this->CONFIG->dbprefix}users_entity u
272  JOIN {$this->CONFIG->dbprefix}entities e ON e.guid = u.guid
273  WHERE u.username = '$username' AND $access";
274 
275  $entity = _elgg_services()->db->getDataRow($query, 'entity_row_to_elggstar');
276  if ($entity) {
277  $USERNAME_TO_GUID_MAP_CACHE[$username] = $entity->guid;
278  } else {
279  $entity = false;
280  }
281 
282  return $entity;
283  }
284 
292  function getByEmail($email) {
293 
294 
295  $email = sanitise_string($email);
296 
297  $access = _elgg_get_access_where_sql();
298 
299  $query = "SELECT e.* FROM {$this->CONFIG->dbprefix}entities e
300  JOIN {$this->CONFIG->dbprefix}users_entity u ON e.guid = u.guid
301  WHERE email = '$email' AND $access";
302 
303  return _elgg_services()->db->getData($query, 'entity_row_to_elggstar');
304  }
305 
324  function findActive($options = array(), $limit = 10, $offset = 0, $count = false) {
325 
326  $seconds = 600; //default value
327 
328  if (!is_array($options)) {
329  elgg_deprecated_notice("find_active_users() now accepts an \$options array", 1.9);
330  if (!$options) {
331  $options = $seconds; //assign default value
332  }
333  $options = array('seconds' => $options);
334  }
335 
336  if ($limit === null) {
337  $limit = _elgg_services()->config->get('default_limit');
338  }
339 
340  $options = array_merge(array(
341  'seconds' => $seconds,
342  'limit' => $limit,
343  'offset' => $offset,
344  'count' => $count,
345  ), $options);
346 
347  // cast options we're sending to hook
348  foreach (array('seconds', 'limit', 'offset') as $key) {
349  $options[$key] = (int)$options[$key];
350  }
351  $options['count'] = (bool)$options['count'];
352 
353  // allow plugins to override
354  $params = array(
355  'seconds' => $options['seconds'],
356  'limit' => $options['limit'],
357  'offset' => $options['offset'],
358  'count' => $options['count'],
359  'options' => $options,
360  );
361  $data = _elgg_services()->hooks->trigger('find_active_users', 'system', $params, null);
362  // check null because the handler could legitimately return falsey values.
363  if ($data !== null) {
364  return $data;
365  }
366 
367  $dbprefix = _elgg_services()->config->get('dbprefix');
368  $time = time() - $options['seconds'];
369  return elgg_get_entities(array(
370  'type' => 'user',
371  'limit' => $options['limit'],
372  'offset' => $options['offset'],
373  'count' => $options['count'],
374  'joins' => array("join {$dbprefix}users_entity u on e.guid = u.guid"),
375  'wheres' => array("u.last_action >= {$time}"),
376  'order_by' => "u.last_action desc",
377  ));
378  }
379 
393  function register($username, $password, $name, $email, $allow_multiple_emails = false) {
394 
395  // no need to trim password.
396  $username = trim($username);
397  $name = trim(strip_tags($name));
398  $email = trim($email);
399 
400  // A little sanity checking
401  if (empty($username)
402  || empty($password)
403  || empty($name)
404  || empty($email)) {
405  return false;
406  }
407 
408  // Make sure a user with conflicting details hasn't registered and been disabled
409  $access_status = access_get_show_hidden_status();
410  access_show_hidden_entities(true);
411 
412  if (!validate_email_address($email)) {
413  throw new \RegistrationException(_elgg_services()->translator->translate('registration:emailnotvalid'));
414  }
415 
416  if (!validate_password($password)) {
417  throw new \RegistrationException(_elgg_services()->translator->translate('registration:passwordnotvalid'));
418  }
419 
420  if (!validate_username($username)) {
421  throw new \RegistrationException(_elgg_services()->translator->translate('registration:usernamenotvalid'));
422  }
423 
424  if ($user = get_user_by_username($username)) {
425  throw new \RegistrationException(_elgg_services()->translator->translate('registration:userexists'));
426  }
427 
428  if ((!$allow_multiple_emails) && (get_user_by_email($email))) {
429  throw new \RegistrationException(_elgg_services()->translator->translate('registration:dupeemail'));
430  }
431 
432  access_show_hidden_entities($access_status);
433 
434  // Create user
435  $user = new \ElggUser();
436  $user->username = $username;
437  $user->email = $email;
438  $user->name = $name;
439  $user->access_id = ACCESS_PUBLIC;
440  $user->setPassword($password);
441  $user->owner_guid = 0; // Users aren't owned by anyone, even if they are admin created.
442  $user->container_guid = 0; // Users aren't contained by anyone, even if they are admin created.
443  $user->language = _elgg_services()->translator->getCurrentLanguage();
444  if ($user->save() === false) {
445  return false;
446  }
447 
448  // Turn on email notifications by default
449  set_user_notification_setting($user->getGUID(), 'email', true);
450 
451  return $user->getGUID();
452  }
453 
462  function generateInviteCode($username) {
463  $time = time();
464  return "{$time}." . _elgg_services()->crypto->getHmac($time . $username);
465  }
466 
476  function validateInviteCode($username, $code) {
477  // validate the format of the token created by ->generateInviteCode()
478  if (!preg_match('~^(\d+)\.(\w+)$~', $code, $m)) {
479  return false;
480  }
481  $time = $m[1];
482  $mac = $m[2];
483 
484  $crypto = _elgg_services()->crypto;
485  return $crypto->areEqual($mac, $crypto->getHmac($time . $username));
486  }
487 
496  function setValidationStatus($user_guid, $status, $method = '') {
497  $result1 = create_metadata($user_guid, 'validated', $status, '', 0, ACCESS_PUBLIC, false);
498  $result2 = create_metadata($user_guid, 'validated_method', $method, '', 0, ACCESS_PUBLIC, false);
499  if ($result1 && $result2) {
500  return true;
501  } else {
502  return false;
503  }
504  }
505 
512  function getValidationStatus($user_guid) {
513  $md = elgg_get_metadata(array(
514  'guid' => $user_guid,
515  'metadata_name' => 'validated'
516  ));
517  if ($md == false) {
518  return null;
519  }
520 
521  if ($md[0]->value) {
522  return true;
523  }
524 
525  return false;
526  }
527 
535  function setLastAction($user_guid) {
536  $user_guid = (int) $user_guid;
537 
538  $time = time();
539 
540  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity
541  set prev_last_action = last_action,
542  last_action = {$time} where guid = {$user_guid}";
543 
544  execute_delayed_write_query($query);
545  }
546 
554  function setLastLogin($user_guid) {
555  $user_guid = (int) $user_guid;
556 
557  $time = time();
558 
559  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity
560  set prev_last_login = last_login, last_login = {$time} where guid = {$user_guid}";
561 
562  execute_delayed_write_query($query);
563  }
564 
565 }
$result
$result
Definition: set_maintenance_mode.php:11
$password
$password
Definition: login.php:25
$params
$params
Definition: login.php:72
$email
$email
Definition: register.php:15
$username
$username
Definition: delete.php:22
$name
if($guid==elgg_get_logged_in_user_guid()) $name
Definition: delete.php:21
_elgg_services
if(! $autoload_available) _elgg_services()
Definition: autoloader.php:20
$user_guid
$user_guid
Avatar remove action.
Definition: remove.php:6
$user
$user
Definition: ban.php:13
Elgg\Database\UsersTable\getRow
getRow($guid)
Return the user specific details of a user by a row.
Definition: UsersTable.php:45
Elgg\Database\UsersTable\removeAdmin
removeAdmin($user_guid)
Removes user $guid's admin flag.
Definition: UsersTable.php:203
Elgg\Database\UsersTable\setValidationStatus
setValidationStatus($user_guid, $status, $method='')
Set the validation status for a user.
Definition: UsersTable.php:496
Elgg\Database\UsersTable\disableEntities
disableEntities($owner_guid)
Disables all of a user's entities.
Definition: UsersTable.php:59
Elgg\Database\UsersTable\generateInviteCode
generateInviteCode($username)
Generates a unique invite code for a user.
Definition: UsersTable.php:462
Elgg\Database\UsersTable\getByEmail
getByEmail($email)
Get an array of users from an email address.
Definition: UsersTable.php:292
Elgg\Database\UsersTable\findActive
findActive($options=array(), $limit=10, $offset=0, $count=false)
Return users (or the number of them) who have been active within a recent period.
Definition: UsersTable.php:324
Elgg\Database\UsersTable\validateInviteCode
validateInviteCode($username, $code)
Validate a user's invite code.
Definition: UsersTable.php:476
Elgg\Database\UsersTable\setLastLogin
setLastLogin($user_guid)
Sets the last logon time of the given user to right now.
Definition: UsersTable.php:554
Elgg\Database\UsersTable\unban
unban($user_guid)
Unban a user.
Definition: UsersTable.php:128
Elgg\Database\UsersTable\getValidationStatus
getValidationStatus($user_guid)
Gets the validation status of a user.
Definition: UsersTable.php:512
Elgg\Database\UsersTable\setLastAction
setLastAction($user_guid)
Sets the last action time of the given user to right now.
Definition: UsersTable.php:535
Elgg\Database\UsersTable\ban
ban($user_guid, $reason="")
Ban a user.
Definition: UsersTable.php:86
Elgg\Database\UsersTable\getByUsername
getByUsername($username)
Get user by username.
Definition: UsersTable.php:254
Elgg\Database\UsersTable\makeAdmin
makeAdmin($user_guid)
Makes user $guid an admin.
Definition: UsersTable.php:167
Elgg\Database\UsersTable\__construct
__construct()
Constructor.
Definition: UsersTable.php:32
Elgg\Database\$USERNAME_TO_GUID_MAP_CACHE
global $USERNAME_TO_GUID_MAP_CACHE
Map a username to a cached GUID.
Definition: UsersTable.php:9
$owner_guid
$owner_guid
Definition: comments_block.php:21
$r
$r
Definition: relationship.php:11
$guid
$guid
Removes an admin notice.
Definition: delete_admin_notice.php:6
events
events($event="", $object_type="", $function="", $priority=500, $call=false, $object=null)
Deprecated events core function.
Definition: deprecated-1.8.php:397
elgg_deprecated_notice
elgg_deprecated_notice($msg, $dep_version, $backtrace_level=1)
Sends a notice about deprecated use of a function, view, etc.
Definition: elgglib.php:1055
ACCESS_PUBLIC
const ACCESS_PUBLIC
Definition: elgglib.php:2048
access_get_show_hidden_status
access_get_show_hidden_status()
Return current status of showing disabled entities.
Definition: access.php:170
access_show_hidden_entities
access_show_hidden_entities($show_hidden)
Show or hide disabled entities.
Definition: access.php:157
_elgg_get_access_where_sql
_elgg_get_access_where_sql(array $options=array())
Returns the SQL where clause for enforcing read access to data.
Definition: access.php:214
sanitise_string
sanitise_string($string)
Wrapper function for alternate English spelling (.
Definition: database.php:150
execute_delayed_write_query
execute_delayed_write_query($query, $handler="")
Queue a query for running during shutdown that writes to the database.
Definition: database.php:19
elgg_get_metadata
elgg_get_metadata(array $options=array())
Returns metadata.
Definition: metadata.php:143
create_metadata
create_metadata($entity_guid, $name, $value, $value_type='', $owner_guid=0, $access_id=ACCESS_PRIVATE, $allow_multiple=false)
Create a new metadata object, or update an existing one.
Definition: metadata.php:65
$entity
$entity
Definition: delete.php:10
get_entity
get_entity($guid)
Loads and returns an entity object from a guid.
Definition: entities.php:382
_elgg_invalidate_cache_for_entity
_elgg_invalidate_cache_for_entity($guid)
Invalidate this class's entry in the cache.
Definition: entities.php:63
_elgg_retrieve_cached_entity
_elgg_retrieve_cached_entity($guid)
Retrieve a entity from the cache.
Definition: entities.php:125
elgg_get_entities
elgg_get_entities(array $options=array())
Returns an array of entities with optional filtering.
Definition: entities.php:490
$method
$method
Definition: form.php:25
is_memcache_available
is_memcache_available()
Return true if memcache is available and configured.
Definition: memcache.php:16
set_user_notification_setting
set_user_notification_setting($user_guid, $method, $value)
Set a user notification pref.
Definition: notification.php:564
$data
$data
Definition: opendd.php:13
$options
$options
Definition: index.php:14
$dbprefix
$dbprefix
Definition: index.php:13
$count
if(! $limit=(int) elgg_extract('limit', $vars, elgg_get_config('default_limit'))) $count
Definition: pagination.php:26
$offset
if(elgg_in_context('widget')) $offset
Definition: pagination.php:20
$key
$key
Definition: summary.php:34
$CONFIG
global $CONFIG
Definition: settings.example.php:17
$access_status
$access_status
Definition: unban.php:9
$limit
$limit
Definition: userpicker.php:33
validate_email_address
validate_email_address($address)
Simple validation of a email.
Definition: users.php:292
get_user_by_email
get_user_by_email($email)
Get an array of users from an email address.
Definition: users.php:120
validate_username
validate_username($username)
Simple function which ensures that a username contains only valid characters.
Definition: users.php:205
get_user_by_username
get_user_by_username($username)
Get user by username.
Definition: users.php:98
validate_password
validate_password($password)
Simple validation of a password.
Definition: users.php:267
$m
$m
Definition: metadata.php:11
$access
$access
Definition: save.php:15
Generated on Wed Sep 17 2025 00:00:27 for Elgg by doxygen 1.9.1