Elgg  Version 1.11
UsersTable.php
Go to the documentation of this file.
1 <?php
2 namespace Elgg\Database;
3 
5 
11 
21 class UsersTable {
27  private $CONFIG;
28 
32  public function __construct() {
33  global $CONFIG;
34  $this->CONFIG = $CONFIG;
35  }
36 
45  function getRow($guid) {
46 
47 
48  $guid = (int)$guid;
49  return _elgg_services()->db->getDataRow("SELECT * from {$this->CONFIG->dbprefix}users_entity where guid=$guid");
50  }
51 
60 
61  $owner_guid = (int) $owner_guid;
63  if (_elgg_services()->events->trigger('disable', $entity->type, $entity)) {
64  if ($entity->canEdit()) {
65  $query = "UPDATE {$this->CONFIG->dbprefix}entities
66  set enabled='no' where owner_guid={$owner_guid}
67  or container_guid = {$owner_guid}";
68 
69  $res = _elgg_services()->db->updateData($query);
70  return $res;
71  }
72  }
73  }
74 
75  return false;
76  }
77 
86  function ban($user_guid, $reason = "") {
87 
88 
89  $user_guid = (int)$user_guid;
90 
92 
93  if (($user) && ($user->canEdit()) && ($user instanceof \ElggUser)) {
94  if (_elgg_services()->events->trigger('ban', 'user', $user)) {
95  // Add reason
96  if ($reason) {
97  create_metadata($user_guid, 'ban_reason', $reason, '', 0, ACCESS_PUBLIC);
98  }
99 
100  // invalidate memcache for this user
101  static $newentity_cache;
102  if ((!$newentity_cache) && (is_memcache_available())) {
103  $newentity_cache = new \ElggMemcache('new_entity_cache');
104  }
105 
106  if ($newentity_cache) {
107  $newentity_cache->delete($user_guid);
108  }
109 
110  // Set ban flag
111  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity set banned='yes' where guid=$user_guid";
112  return _elgg_services()->db->updateData($query);
113  }
114 
115  return false;
116  }
117 
118  return false;
119  }
120 
128  function unban($user_guid) {
129 
130 
131  $user_guid = (int)$user_guid;
132 
134 
135  if (($user) && ($user->canEdit()) && ($user instanceof \ElggUser)) {
136  if (_elgg_services()->events->trigger('unban', 'user', $user)) {
137  create_metadata($user_guid, 'ban_reason', '', '', 0, ACCESS_PUBLIC);
138 
139  // invalidate memcache for this user
140  static $newentity_cache;
141  if ((!$newentity_cache) && (is_memcache_available())) {
142  $newentity_cache = new \ElggMemcache('new_entity_cache');
143  }
144 
145  if ($newentity_cache) {
146  $newentity_cache->delete($user_guid);
147  }
148 
149 
150  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity set banned='no' where guid=$user_guid";
151  return _elgg_services()->db->updateData($query);
152  }
153 
154  return false;
155  }
156 
157  return false;
158  }
159 
167  function makeAdmin($user_guid) {
168 
169 
170  $user = get_entity((int)$user_guid);
171 
172  if (($user) && ($user instanceof \ElggUser) && ($user->canEdit())) {
173  if (_elgg_services()->events->trigger('make_admin', 'user', $user)) {
174 
175  // invalidate memcache for this user
176  static $newentity_cache;
177  if ((!$newentity_cache) && (is_memcache_available())) {
178  $newentity_cache = new \ElggMemcache('new_entity_cache');
179  }
180 
181  if ($newentity_cache) {
182  $newentity_cache->delete($user_guid);
183  }
184 
185  $r = _elgg_services()->db->updateData("UPDATE {$this->CONFIG->dbprefix}users_entity set admin='yes' where guid=$user_guid");
187  return $r;
188  }
189 
190  return false;
191  }
192 
193  return false;
194  }
195 
204 
205 
206  $user = get_entity((int)$user_guid);
207 
208  if (($user) && ($user instanceof \ElggUser) && ($user->canEdit())) {
209  if (_elgg_services()->events->trigger('remove_admin', 'user', $user)) {
210 
211  // invalidate memcache for this user
212  static $newentity_cache;
213  if ((!$newentity_cache) && (is_memcache_available())) {
214  $newentity_cache = new \ElggMemcache('new_entity_cache');
215  }
216 
217  if ($newentity_cache) {
218  $newentity_cache->delete($user_guid);
219  }
220 
221  $r = _elgg_services()->db->updateData("UPDATE {$this->CONFIG->dbprefix}users_entity set admin='no' where guid=$user_guid");
223  return $r;
224  }
225 
226  return false;
227  }
228 
229  return false;
230  }
231 
241 
242  // Fixes #6052. Username is frequently sniffed from the path info, which,
243  // unlike $_GET, is not URL decoded. If the username was not URL encoded,
244  // this is harmless.
245  $username = rawurldecode($username);
246 
249 
250  // Caching
251  if ((isset($USERNAME_TO_GUID_MAP_CACHE[$username]))
252  && (_elgg_retrieve_cached_entity($USERNAME_TO_GUID_MAP_CACHE[$username]))) {
253  return _elgg_retrieve_cached_entity($USERNAME_TO_GUID_MAP_CACHE[$username]);
254  }
255 
256  $query = "SELECT e.* FROM {$this->CONFIG->dbprefix}users_entity u
257  JOIN {$this->CONFIG->dbprefix}entities e ON e.guid = u.guid
258  WHERE u.username = '$username' AND $access";
259 
260  $entity = _elgg_services()->db->getDataRow($query, 'entity_row_to_elggstar');
261  if ($entity) {
262  $USERNAME_TO_GUID_MAP_CACHE[$username] = $entity->guid;
263  } else {
264  $entity = false;
265  }
266 
267  return $entity;
268  }
269 
277  function getByEmail($email) {
278 
279 
281 
283 
284  $query = "SELECT e.* FROM {$this->CONFIG->dbprefix}entities e
285  JOIN {$this->CONFIG->dbprefix}users_entity u ON e.guid = u.guid
286  WHERE email = '$email' AND $access";
287 
288  return _elgg_services()->db->getData($query, 'entity_row_to_elggstar');
289  }
290 
309  function findActive($options = array(), $limit = 10, $offset = 0, $count = false) {
310 
311  $seconds = 600; //default value
312 
313  if (!is_array($options)) {
314  elgg_deprecated_notice("find_active_users() now accepts an \$options array", 1.9);
315  if (!$options) {
316  $options = $seconds; //assign default value
317  }
318  $options = array('seconds' => $options);
319  }
320 
321  if ($limit === null) {
322  $limit = _elgg_services()->config->get('default_limit');
323  }
324 
325  $options = array_merge(array(
326  'seconds' => $seconds,
327  'limit' => $limit,
328  'offset' => $offset,
329  'count' => $count,
330  ), $options);
331 
332  // cast options we're sending to hook
333  foreach (array('seconds', 'limit', 'offset') as $key) {
334  $options[$key] = (int)$options[$key];
335  }
336  $options['count'] = (bool)$options['count'];
337 
338  // allow plugins to override
339  $params = array(
340  'seconds' => $options['seconds'],
341  'limit' => $options['limit'],
342  'offset' => $options['offset'],
343  'count' => $options['count'],
344  'options' => $options,
345  );
346  $data = _elgg_services()->hooks->trigger('find_active_users', 'system', $params, null);
347  // check null because the handler could legitimately return falsey values.
348  if ($data !== null) {
349  return $data;
350  }
351 
352  $dbprefix = _elgg_services()->config->get('dbprefix');
353  $time = time() - $options['seconds'];
354  return elgg_get_entities(array(
355  'type' => 'user',
356  'limit' => $options['limit'],
357  'offset' => $options['offset'],
358  'count' => $options['count'],
359  'joins' => array("join {$dbprefix}users_entity u on e.guid = u.guid"),
360  'wheres' => array("u.last_action >= {$time}"),
361  'order_by' => "u.last_action desc",
362  ));
363  }
364 
378  function register($username, $password, $name, $email, $allow_multiple_emails = false) {
379 
380  // no need to trim password.
381  $username = trim($username);
382  $name = trim(strip_tags($name));
383  $email = trim($email);
384 
385  // A little sanity checking
386  if (empty($username)
387  || empty($password)
388  || empty($name)
389  || empty($email)) {
390  return false;
391  }
392 
393  // Make sure a user with conflicting details hasn't registered and been disabled
396 
397  if (!validate_email_address($email)) {
398  throw new \RegistrationException(_elgg_services()->translator->translate('registration:emailnotvalid'));
399  }
400 
401  if (!validate_password($password)) {
402  throw new \RegistrationException(_elgg_services()->translator->translate('registration:passwordnotvalid'));
403  }
404 
406  throw new \RegistrationException(_elgg_services()->translator->translate('registration:usernamenotvalid'));
407  }
408 
410  throw new \RegistrationException(_elgg_services()->translator->translate('registration:userexists'));
411  }
412 
413  if ((!$allow_multiple_emails) && (get_user_by_email($email))) {
414  throw new \RegistrationException(_elgg_services()->translator->translate('registration:dupeemail'));
415  }
416 
418 
419  // Create user
420  $user = new \ElggUser();
421  $user->username = $username;
422  $user->email = $email;
423  $user->name = $name;
424  $user->access_id = ACCESS_PUBLIC;
425  $user->setPassword($password);
426  $user->owner_guid = 0; // Users aren't owned by anyone, even if they are admin created.
427  $user->container_guid = 0; // Users aren't contained by anyone, even if they are admin created.
428  $user->language = _elgg_services()->translator->getCurrentLanguage();
429  if ($user->save() === false) {
430  return false;
431  }
432 
433  // Turn on email notifications by default
434  set_user_notification_setting($user->getGUID(), 'email', true);
435 
436  return $user->getGUID();
437  }
438 
448  $time = time();
449  return "$time." . _elgg_services()->crypto->getHmac([(int)$time, $username])->getToken();
450  }
451 
462  // validate the format of the token created by ->generateInviteCode()
463  if (!preg_match('~^(\d+)\.([a-zA-Z0-9\-_]+)$~', $code, $m)) {
464  return false;
465  }
466  $time = $m[1];
467  $mac = $m[2];
468 
469  return _elgg_services()->crypto->getHmac([(int)$time, $username])->matchesToken($mac);
470  }
471 
480  function setValidationStatus($user_guid, $status, $method = '') {
481  $result1 = create_metadata($user_guid, 'validated', $status, '', 0, ACCESS_PUBLIC, false);
482  $result2 = create_metadata($user_guid, 'validated_method', $method, '', 0, ACCESS_PUBLIC, false);
483  if ($result1 && $result2) {
484  return true;
485  } else {
486  return false;
487  }
488  }
489 
497  $md = elgg_get_metadata(array(
498  'guid' => $user_guid,
499  'metadata_name' => 'validated'
500  ));
501  if ($md == false) {
502  return null;
503  }
504 
505  if ($md[0]->value) {
506  return true;
507  }
508 
509  return false;
510  }
511 
520  $user_guid = (int) $user_guid;
521 
522  $time = time();
523 
524  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity
525  set prev_last_action = last_action,
526  last_action = {$time} where guid = {$user_guid}";
527 
529  }
530 
539  $user_guid = (int) $user_guid;
540 
541  $time = time();
542 
543  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity
544  set prev_last_login = last_login, last_login = {$time} where guid = {$user_guid}";
545 
547  }
548 
549 }
$dbprefix
Definition: index.php:13
$r
get_user_by_email($email)
Get an array of users from an email address.
Definition: users.php:120
$username
Definition: delete.php:22
setLastLogin($user_guid)
Sets the last logon time of the given user to right now.
Definition: UsersTable.php:538
_elgg_invalidate_cache_for_entity($guid)
Invalidate this class&#39;s entry in the cache.
Definition: entities.php:63
$m
Definition: metadata.php:11
if($guid==elgg_get_logged_in_user_guid()) $name
Definition: delete.php:21
$method
Definition: form.php:25
_elgg_retrieve_cached_entity($guid)
Retrieve a entity from the cache.
Definition: entities.php:125
getValidationStatus($user_guid)
Gets the validation status of a user.
Definition: UsersTable.php:496
$data
Definition: opendd.php:13
disableEntities($owner_guid)
Disables all of a user&#39;s entities.
Definition: UsersTable.php:59
validate_username($username)
Simple function which ensures that a username contains only valid characters.
Definition: users.php:205
if(!$count) $offset
Definition: pagination.php:25
validate_email_address($address)
Simple validation of a email.
Definition: users.php:292
$guid
Removes an admin notice.
$mac
Definition: contents.php:14
$email
Definition: register.php:15
unban($user_guid)
Unban a user.
Definition: UsersTable.php:128
getByEmail($email)
Get an array of users from an email address.
Definition: UsersTable.php:277
getByUsername($username)
Get user by username.
Definition: UsersTable.php:239
makeAdmin($user_guid)
Makes user $guid an admin.
Definition: UsersTable.php:167
get_user_by_username($username)
Get user by username.
Definition: users.php:98
$access_status
Definition: unban.php:9
$params
Definition: login.php:72
$options
Definition: index.php:14
$owner_guid
$limit
Definition: userpicker.php:31
ban($user_guid, $reason="")
Ban a user.
Definition: UsersTable.php:86
$key
Definition: summary.php:34
execute_delayed_write_query($query, $handler="")
Queue a query for running during shutdown that writes to the database.
Definition: database.php:19
validate_password($password)
Simple validation of a password.
Definition: users.php:267
_elgg_services()
Definition: autoloader.php:14
create_metadata($entity_guid, $name, $value, $value_type= '', $owner_guid=0, $access_id=ACCESS_PRIVATE, $allow_multiple=false)
Create a new metadata object, or update an existing one.
Definition: metadata.php:65
sanitise_string($string)
Wrapper function for alternate English spelling (.
Definition: database.php:150
$user
Definition: ban.php:13
elgg ElggUser
Definition: ElggUser.js:12
set_user_notification_setting($user_guid, $method, $value)
Set a user notification pref.
elgg_get_entities(array $options=array())
Returns an array of entities with optional filtering.
Definition: entities.php:490
elgg_deprecated_notice($msg, $dep_version, $backtrace_level=1)
Log a notice about deprecated use of a function, view, etc.
Definition: elgglib.php:1006
elgg global
Pointer to the global context.
Definition: elgglib.js:12
findActive($options=array(), $limit=10, $offset=0, $count=false)
Return users (or the number of them) who have been active within a recent period. ...
Definition: UsersTable.php:309
removeAdmin($user_guid)
Removes user $guid&#39;s admin flag.
Definition: UsersTable.php:203
validateInviteCode($username, $code)
Validate a user&#39;s invite code.
Definition: UsersTable.php:461
access_get_show_hidden_status()
Return current status of showing disabled entities.
Definition: access.php:172
__construct()
Constructor.
Definition: UsersTable.php:32
$password
Definition: login.php:25
setValidationStatus($user_guid, $status, $method= '')
Set the validation status for a user.
Definition: UsersTable.php:480
setLastAction($user_guid)
Sets the last action time of the given user to right now.
Definition: UsersTable.php:519
const ACCESS_PUBLIC
Definition: elgglib.php:1956
access_show_hidden_entities($show_hidden)
Show or hide disabled entities.
Definition: access.php:159
elgg_get_metadata(array $options=array())
Returns metadata.
Definition: metadata.php:143
global $USERNAME_TO_GUID_MAP_CACHE
Definition: UsersTable.php:9
if(elgg_in_context('widget')) $count
Definition: pagination.php:20
generateInviteCode($username)
Generates a unique invite code for a user.
Definition: UsersTable.php:447
is_memcache_available()
Return true if memcache is available and configured.
Definition: memcache.php:16
$user_guid
Avatar remove action.
Definition: remove.php:6
$entity
Definition: delete.php:10
_elgg_get_access_where_sql(array $options=array())
Returns the SQL where clause for enforcing read access to data.
Definition: access.php:216
getRow($guid)
Return the user specific details of a user by a row.
Definition: UsersTable.php:45
get_entity($guid)
Loads and returns an entity object from a guid.
Definition: entities.php:382
$access
Definition: save.php:15