Elgg  Version 1.11
UsersTable.php
Go to the documentation of this file.
1 <?php
2 namespace Elgg\Database;
3 
5 
9 global $USERNAME_TO_GUID_MAP_CACHE;
10 $USERNAME_TO_GUID_MAP_CACHE = array();
11 
21 class UsersTable {
27  private $CONFIG;
28 
32  public function __construct() {
33  global $CONFIG;
34  $this->CONFIG = $CONFIG;
35  }
36 
45  function getRow($guid) {
46 
47 
48  $guid = (int)$guid;
49  return _elgg_services()->db->getDataRow("SELECT * from {$this->CONFIG->dbprefix}users_entity where guid=$guid");
50  }
51 
59  function disableEntities($owner_guid) {
60 
61  $owner_guid = (int) $owner_guid;
62  if ($entity = get_entity($owner_guid)) {
63  if (_elgg_services()->events->trigger('disable', $entity->type, $entity)) {
64  if ($entity->canEdit()) {
65  $query = "UPDATE {$this->CONFIG->dbprefix}entities
66  set enabled='no' where owner_guid={$owner_guid}
67  or container_guid = {$owner_guid}";
68 
69  $res = _elgg_services()->db->updateData($query);
70  return $res;
71  }
72  }
73  }
74 
75  return false;
76  }
77 
86  function ban($user_guid, $reason = "") {
87 
88 
89  $user_guid = (int)$user_guid;
90 
91  $user = get_entity($user_guid);
92 
93  if (($user) && ($user->canEdit()) && ($user instanceof \ElggUser)) {
94  if (_elgg_services()->events->trigger('ban', 'user', $user)) {
95  // Add reason
96  if ($reason) {
97  create_metadata($user_guid, 'ban_reason', $reason, '', 0, ACCESS_PUBLIC);
98  }
99 
100  // invalidate memcache for this user
101  static $newentity_cache;
102  if ((!$newentity_cache) && (is_memcache_available())) {
103  $newentity_cache = new \ElggMemcache('new_entity_cache');
104  }
105 
106  if ($newentity_cache) {
107  $newentity_cache->delete($user_guid);
108  }
109 
110  // Set ban flag
111  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity set banned='yes' where guid=$user_guid";
112  return _elgg_services()->db->updateData($query);
113  }
114 
115  return false;
116  }
117 
118  return false;
119  }
120 
128  function unban($user_guid) {
129 
130 
131  $user_guid = (int)$user_guid;
132 
133  $user = get_entity($user_guid);
134 
135  if (($user) && ($user->canEdit()) && ($user instanceof \ElggUser)) {
136  if (_elgg_services()->events->trigger('unban', 'user', $user)) {
137  create_metadata($user_guid, 'ban_reason', '', '', 0, ACCESS_PUBLIC);
138 
139  // invalidate memcache for this user
140  static $newentity_cache;
141  if ((!$newentity_cache) && (is_memcache_available())) {
142  $newentity_cache = new \ElggMemcache('new_entity_cache');
143  }
144 
145  if ($newentity_cache) {
146  $newentity_cache->delete($user_guid);
147  }
148 
149 
150  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity set banned='no' where guid=$user_guid";
151  return _elgg_services()->db->updateData($query);
152  }
153 
154  return false;
155  }
156 
157  return false;
158  }
159 
167  function makeAdmin($user_guid) {
168 
169 
170  $user = get_entity((int)$user_guid);
171 
172  if (($user) && ($user instanceof \ElggUser) && ($user->canEdit())) {
173  if (_elgg_services()->events->trigger('make_admin', 'user', $user)) {
174 
175  // invalidate memcache for this user
176  static $newentity_cache;
177  if ((!$newentity_cache) && (is_memcache_available())) {
178  $newentity_cache = new \ElggMemcache('new_entity_cache');
179  }
180 
181  if ($newentity_cache) {
182  $newentity_cache->delete($user_guid);
183  }
184 
185  $r = _elgg_services()->db->updateData("UPDATE {$this->CONFIG->dbprefix}users_entity set admin='yes' where guid=$user_guid");
186  _elgg_invalidate_cache_for_entity($user_guid);
187  return $r;
188  }
189 
190  return false;
191  }
192 
193  return false;
194  }
195 
203  function removeAdmin($user_guid) {
204 
205 
206  $user = get_entity((int)$user_guid);
207 
208  if (($user) && ($user instanceof \ElggUser) && ($user->canEdit())) {
209  if (_elgg_services()->events->trigger('remove_admin', 'user', $user)) {
210 
211  // invalidate memcache for this user
212  static $newentity_cache;
213  if ((!$newentity_cache) && (is_memcache_available())) {
214  $newentity_cache = new \ElggMemcache('new_entity_cache');
215  }
216 
217  if ($newentity_cache) {
218  $newentity_cache->delete($user_guid);
219  }
220 
221  $r = _elgg_services()->db->updateData("UPDATE {$this->CONFIG->dbprefix}users_entity set admin='no' where guid=$user_guid");
222  _elgg_invalidate_cache_for_entity($user_guid);
223  return $r;
224  }
225 
226  return false;
227  }
228 
229  return false;
230  }
231 
239  function getByUsername($username) {
240  global $USERNAME_TO_GUID_MAP_CACHE;
241 
242  // Fixes #6052. Username is frequently sniffed from the path info, which,
243  // unlike $_GET, is not URL decoded. If the username was not URL encoded,
244  // this is harmless.
245  $username = rawurldecode($username);
246 
247  $username = sanitise_string($username);
248  $access = _elgg_get_access_where_sql();
249 
250  // Caching
251  if ((isset($USERNAME_TO_GUID_MAP_CACHE[$username]))
252  && (_elgg_retrieve_cached_entity($USERNAME_TO_GUID_MAP_CACHE[$username]))) {
253  return _elgg_retrieve_cached_entity($USERNAME_TO_GUID_MAP_CACHE[$username]);
254  }
255 
256  $query = "SELECT e.* FROM {$this->CONFIG->dbprefix}users_entity u
257  JOIN {$this->CONFIG->dbprefix}entities e ON e.guid = u.guid
258  WHERE u.username = '$username' AND $access";
259 
260  $entity = _elgg_services()->db->getDataRow($query, 'entity_row_to_elggstar');
261  if ($entity) {
262  $USERNAME_TO_GUID_MAP_CACHE[$username] = $entity->guid;
263  } else {
264  $entity = false;
265  }
266 
267  return $entity;
268  }
269 
277  function getByEmail($email) {
278 
279 
280  $email = sanitise_string($email);
281 
282  $access = _elgg_get_access_where_sql();
283 
284  $query = "SELECT e.* FROM {$this->CONFIG->dbprefix}entities e
285  JOIN {$this->CONFIG->dbprefix}users_entity u ON e.guid = u.guid
286  WHERE email = '$email' AND $access";
287 
288  return _elgg_services()->db->getData($query, 'entity_row_to_elggstar');
289  }
290 
309  function findActive($options = array(), $limit = 10, $offset = 0, $count = false) {
310 
311  $seconds = 600; //default value
312 
313  if (!is_array($options)) {
314  elgg_deprecated_notice("find_active_users() now accepts an \$options array", 1.9);
315  if (!$options) {
316  $options = $seconds; //assign default value
317  }
318  $options = array('seconds' => $options);
319  }
320 
321  if ($limit === null) {
322  $limit = _elgg_services()->config->get('default_limit');
323  }
324 
325  $options = array_merge(array(
326  'seconds' => $seconds,
327  'limit' => $limit,
328  'offset' => $offset,
329  'count' => $count,
330  ), $options);
331 
332  // cast options we're sending to hook
333  foreach (array('seconds', 'limit', 'offset') as $key) {
334  $options[$key] = (int)$options[$key];
335  }
336  $options['count'] = (bool)$options['count'];
337 
338  // allow plugins to override
339  $params = array(
340  'seconds' => $options['seconds'],
341  'limit' => $options['limit'],
342  'offset' => $options['offset'],
343  'count' => $options['count'],
344  'options' => $options,
345  );
346  $data = _elgg_services()->hooks->trigger('find_active_users', 'system', $params, null);
347  // check null because the handler could legitimately return falsey values.
348  if ($data !== null) {
349  return $data;
350  }
351 
352  $dbprefix = _elgg_services()->config->get('dbprefix');
353  $time = time() - $options['seconds'];
354  return elgg_get_entities(array(
355  'type' => 'user',
356  'limit' => $options['limit'],
357  'offset' => $options['offset'],
358  'count' => $options['count'],
359  'joins' => array("join {$dbprefix}users_entity u on e.guid = u.guid"),
360  'wheres' => array("u.last_action >= {$time}"),
361  'order_by' => "u.last_action desc",
362  ));
363  }
364 
378  function register($username, $password, $name, $email, $allow_multiple_emails = false) {
379 
380  // no need to trim password.
381  $username = trim($username);
382  $name = trim(strip_tags($name));
383  $email = trim($email);
384 
385  // A little sanity checking
386  if (empty($username)
387  || empty($password)
388  || empty($name)
389  || empty($email)) {
390  return false;
391  }
392 
393  // Make sure a user with conflicting details hasn't registered and been disabled
394  $access_status = access_get_show_hidden_status();
395  access_show_hidden_entities(true);
396 
397  if (!validate_email_address($email)) {
398  throw new \RegistrationException(_elgg_services()->translator->translate('registration:emailnotvalid'));
399  }
400 
401  if (!validate_password($password)) {
402  throw new \RegistrationException(_elgg_services()->translator->translate('registration:passwordnotvalid'));
403  }
404 
405  if (!validate_username($username)) {
406  throw new \RegistrationException(_elgg_services()->translator->translate('registration:usernamenotvalid'));
407  }
408 
409  if ($user = get_user_by_username($username)) {
410  throw new \RegistrationException(_elgg_services()->translator->translate('registration:userexists'));
411  }
412 
413  if ((!$allow_multiple_emails) && (get_user_by_email($email))) {
414  throw new \RegistrationException(_elgg_services()->translator->translate('registration:dupeemail'));
415  }
416 
417  access_show_hidden_entities($access_status);
418 
419  // Create user
420  $user = new \ElggUser();
421  $user->username = $username;
422  $user->email = $email;
423  $user->name = $name;
424  $user->access_id = ACCESS_PUBLIC;
425  $user->setPassword($password);
426  $user->owner_guid = 0; // Users aren't owned by anyone, even if they are admin created.
427  $user->container_guid = 0; // Users aren't contained by anyone, even if they are admin created.
428  $user->language = _elgg_services()->translator->getCurrentLanguage();
429  if ($user->save() === false) {
430  return false;
431  }
432 
433  // Turn on email notifications by default
434  set_user_notification_setting($user->getGUID(), 'email', true);
435 
436  return $user->getGUID();
437  }
438 
447  function generateInviteCode($username) {
448  $time = time();
449  return "$time." . _elgg_services()->crypto->getHmac([(int)$time, $username])->getToken();
450  }
451 
461  function validateInviteCode($username, $code) {
462  // validate the format of the token created by ->generateInviteCode()
463  if (!preg_match('~^(\d+)\.([a-zA-Z0-9\-_]+)$~', $code, $m)) {
464  return false;
465  }
466  $time = $m[1];
467  $mac = $m[2];
468 
469  return _elgg_services()->crypto->getHmac([(int)$time, $username])->matchesToken($mac);
470  }
471 
480  function setValidationStatus($user_guid, $status, $method = '') {
481  $result1 = create_metadata($user_guid, 'validated', $status, '', 0, ACCESS_PUBLIC, false);
482  $result2 = create_metadata($user_guid, 'validated_method', $method, '', 0, ACCESS_PUBLIC, false);
483  if ($result1 && $result2) {
484  return true;
485  } else {
486  return false;
487  }
488  }
489 
496  function getValidationStatus($user_guid) {
497  $md = elgg_get_metadata(array(
498  'guid' => $user_guid,
499  'metadata_name' => 'validated'
500  ));
501  if ($md == false) {
502  return null;
503  }
504 
505  if ($md[0]->value) {
506  return true;
507  }
508 
509  return false;
510  }
511 
519  function setLastAction($user_guid) {
520  $user_guid = (int) $user_guid;
521 
522  $time = time();
523 
524  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity
525  set prev_last_action = last_action,
526  last_action = {$time} where guid = {$user_guid}";
527 
528  execute_delayed_write_query($query);
529  }
530 
538  function setLastLogin($user_guid) {
539  $user_guid = (int) $user_guid;
540 
541  $time = time();
542 
543  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity
544  set prev_last_login = last_login, last_login = {$time} where guid = {$user_guid}";
545 
546  execute_delayed_write_query($query);
547  }
548 
549 }
$password
$password
Definition: login.php:25
$params
$params
Definition: login.php:72
$email
$email
Definition: register.php:15
$username
$username
Definition: delete.php:22
$name
if($guid==elgg_get_logged_in_user_guid()) $name
Definition: delete.php:21
_elgg_services
_elgg_services()
Definition: autoloader.php:14
$user_guid
$user_guid
Avatar remove action.
Definition: remove.php:6
$user
$user
Definition: ban.php:13
Elgg\Database\UsersTable\getRow
getRow($guid)
Return the user specific details of a user by a row.
Definition: UsersTable.php:45
Elgg\Database\UsersTable\removeAdmin
removeAdmin($user_guid)
Removes user $guid's admin flag.
Definition: UsersTable.php:203
Elgg\Database\UsersTable\setValidationStatus
setValidationStatus($user_guid, $status, $method='')
Set the validation status for a user.
Definition: UsersTable.php:480
Elgg\Database\UsersTable\disableEntities
disableEntities($owner_guid)
Disables all of a user's entities.
Definition: UsersTable.php:59
Elgg\Database\UsersTable\generateInviteCode
generateInviteCode($username)
Generates a unique invite code for a user.
Definition: UsersTable.php:447
Elgg\Database\UsersTable\getByEmail
getByEmail($email)
Get an array of users from an email address.
Definition: UsersTable.php:277
Elgg\Database\UsersTable\findActive
findActive($options=array(), $limit=10, $offset=0, $count=false)
Return users (or the number of them) who have been active within a recent period.
Definition: UsersTable.php:309
Elgg\Database\UsersTable\validateInviteCode
validateInviteCode($username, $code)
Validate a user's invite code.
Definition: UsersTable.php:461
Elgg\Database\UsersTable\setLastLogin
setLastLogin($user_guid)
Sets the last logon time of the given user to right now.
Definition: UsersTable.php:538
Elgg\Database\UsersTable\unban
unban($user_guid)
Unban a user.
Definition: UsersTable.php:128
Elgg\Database\UsersTable\getValidationStatus
getValidationStatus($user_guid)
Gets the validation status of a user.
Definition: UsersTable.php:496
Elgg\Database\UsersTable\setLastAction
setLastAction($user_guid)
Sets the last action time of the given user to right now.
Definition: UsersTable.php:519
Elgg\Database\UsersTable\ban
ban($user_guid, $reason="")
Ban a user.
Definition: UsersTable.php:86
Elgg\Database\UsersTable\getByUsername
getByUsername($username)
Get user by username.
Definition: UsersTable.php:239
Elgg\Database\UsersTable\makeAdmin
makeAdmin($user_guid)
Makes user $guid an admin.
Definition: UsersTable.php:167
Elgg\Database\UsersTable\__construct
__construct()
Constructor.
Definition: UsersTable.php:32
Elgg\Database\$USERNAME_TO_GUID_MAP_CACHE
global $USERNAME_TO_GUID_MAP_CACHE
Map a username to a cached GUID.
Definition: UsersTable.php:9
$owner_guid
$owner_guid
Definition: comments_block.php:22
$mac
$mac
Definition: contents.php:14
$r
$r
Definition: relationship.php:11
$guid
$guid
Removes an admin notice.
Definition: delete_admin_notice.php:6
events
events($event="", $object_type="", $function="", $priority=500, $call=false, $object=null)
Deprecated events core function.
Definition: deprecated-1.8.php:397
elgg_deprecated_notice
elgg_deprecated_notice($msg, $dep_version, $backtrace_level=1)
Log a notice about deprecated use of a function, view, etc.
Definition: elgglib.php:1006
ACCESS_PUBLIC
const ACCESS_PUBLIC
Definition: elgglib.php:1956
access_get_show_hidden_status
access_get_show_hidden_status()
Return current status of showing disabled entities.
Definition: access.php:172
access_show_hidden_entities
access_show_hidden_entities($show_hidden)
Show or hide disabled entities.
Definition: access.php:159
_elgg_get_access_where_sql
_elgg_get_access_where_sql(array $options=array())
Returns the SQL where clause for enforcing read access to data.
Definition: access.php:216
sanitise_string
sanitise_string($string)
Wrapper function for alternate English spelling (.
Definition: database.php:150
execute_delayed_write_query
execute_delayed_write_query($query, $handler="")
Queue a query for running during shutdown that writes to the database.
Definition: database.php:19
elgg_get_metadata
elgg_get_metadata(array $options=array())
Returns metadata.
Definition: metadata.php:143
create_metadata
create_metadata($entity_guid, $name, $value, $value_type='', $owner_guid=0, $access_id=ACCESS_PRIVATE, $allow_multiple=false)
Create a new metadata object, or update an existing one.
Definition: metadata.php:65
$entity
$entity
Definition: delete.php:10
get_entity
get_entity($guid)
Loads and returns an entity object from a guid.
Definition: entities.php:382
_elgg_invalidate_cache_for_entity
_elgg_invalidate_cache_for_entity($guid)
Invalidate this class's entry in the cache.
Definition: entities.php:63
_elgg_retrieve_cached_entity
_elgg_retrieve_cached_entity($guid)
Retrieve a entity from the cache.
Definition: entities.php:125
elgg_get_entities
elgg_get_entities(array $options=array())
Returns an array of entities with optional filtering.
Definition: entities.php:490
$method
$method
Definition: form.php:25
is_memcache_available
is_memcache_available()
Return true if memcache is available and configured.
Definition: memcache.php:16
set_user_notification_setting
set_user_notification_setting($user_guid, $method, $value)
Set a user notification pref.
Definition: notification.php:560
$data
$data
Definition: opendd.php:13
$options
$options
Definition: index.php:14
$dbprefix
$dbprefix
Definition: index.php:13
$offset
if(! $count) $offset
Definition: pagination.php:25
$count
if(elgg_in_context('widget')) $count
Definition: pagination.php:20
$key
$key
Definition: summary.php:34
$CONFIG
global $CONFIG
Definition: settings.example.php:17
$access_status
$access_status
Definition: unban.php:9
$limit
$limit
Definition: userpicker.php:31
validate_email_address
validate_email_address($address)
Simple validation of a email.
Definition: users.php:292
get_user_by_email
get_user_by_email($email)
Get an array of users from an email address.
Definition: users.php:120
validate_username
validate_username($username)
Simple function which ensures that a username contains only valid characters.
Definition: users.php:205
get_user_by_username
get_user_by_username($username)
Get user by username.
Definition: users.php:98
validate_password
validate_password($password)
Simple validation of a password.
Definition: users.php:267
$m
$m
Definition: metadata.php:11
$access
$access
Definition: save.php:15
Generated on Fri Aug 29 2025 00:00:37 for Elgg by doxygen 1.9.1