Elgg  Version 2.2
 All Classes Namespaces Files Functions Variables Pages
UsersTable.php
Go to the documentation of this file.
1 <?php
2 namespace Elgg\Database;
3 
5 
11 
21 class UsersTable {
27  private $CONFIG;
28 
32  public function __construct() {
33  global $CONFIG;
34  $this->CONFIG = $CONFIG;
35  }
36 
45  function getRow($guid) {
46  $guid = (int)$guid;
47  return _elgg_services()->db->getDataRow("SELECT * from {$this->CONFIG->dbprefix}users_entity where guid=$guid");
48  }
49 
58  $owner_guid = (int) $owner_guid;
60  if (_elgg_services()->events->trigger('disable', $entity->type, $entity)) {
61  if ($entity->canEdit()) {
62  $query = "UPDATE {$this->CONFIG->dbprefix}entities
63  set enabled='no' where owner_guid={$owner_guid}
64  or container_guid = {$owner_guid}";
65 
66  $res = _elgg_services()->db->updateData($query);
67  return $res;
68  }
69  }
70  }
71 
72  return false;
73  }
74 
83  function ban($user_guid, $reason = "") {
84  $user_guid = (int)$user_guid;
85 
87 
88  if (($user instanceof \ElggUser) && $user->canEdit()) {
89  if (_elgg_services()->events->trigger('ban', 'user', $user)) {
90  // Add reason
91  if ($reason) {
92  create_metadata($user_guid, 'ban_reason', $reason, '', 0, ACCESS_PUBLIC);
93  }
94 
95  // invalidate memcache for this user
96  static $newentity_cache;
97  if ((!$newentity_cache) && (is_memcache_available())) {
98  $newentity_cache = new \ElggMemcache('new_entity_cache');
99  }
100 
101  if ($newentity_cache) {
102  $newentity_cache->delete($user_guid);
103  }
104 
105  return $this->markBanned($user_guid, true);
106  }
107 
108  return false;
109  }
110 
111  return false;
112  }
113 
124  public function markBanned($guid, $banned) {
125  $banned = $banned ? 'yes' : 'no';
126  $query = "
127  UPDATE {$this->CONFIG->dbprefix}users_entity
128  SET banned = '$banned'
129  WHERE guid = $guid
130  ";
131 
132  return _elgg_services()->db->updateData($query);
133  }
134 
142  function unban($user_guid) {
143  $user_guid = (int)$user_guid;
144 
146 
147  if (($user) && ($user->canEdit()) && ($user instanceof \ElggUser)) {
148  if (_elgg_services()->events->trigger('unban', 'user', $user)) {
149  create_metadata($user_guid, 'ban_reason', '', '', 0, ACCESS_PUBLIC);
150 
151  // invalidate memcache for this user
152  static $newentity_cache;
153  if ((!$newentity_cache) && (is_memcache_available())) {
154  $newentity_cache = new \ElggMemcache('new_entity_cache');
155  }
156 
157  if ($newentity_cache) {
158  $newentity_cache->delete($user_guid);
159  }
160 
161  return $this->markBanned($user_guid, false);
162  }
163 
164  return false;
165  }
166 
167  return false;
168  }
169 
177  function makeAdmin($user_guid) {
178  $user = get_entity((int)$user_guid);
179 
180  if (($user) && ($user instanceof \ElggUser) && ($user->canEdit())) {
181  if (_elgg_services()->events->trigger('make_admin', 'user', $user)) {
182 
183  // invalidate memcache for this user
184  static $newentity_cache;
185  if ((!$newentity_cache) && (is_memcache_available())) {
186  $newentity_cache = new \ElggMemcache('new_entity_cache');
187  }
188 
189  if ($newentity_cache) {
190  $newentity_cache->delete($user_guid);
191  }
192 
193  $r = _elgg_services()->db->updateData("UPDATE {$this->CONFIG->dbprefix}users_entity set admin='yes' where guid=$user_guid");
194  _elgg_services()->entityCache->remove($user_guid);
195  return $r;
196  }
197 
198  return false;
199  }
200 
201  return false;
202  }
203 
212 
213 
214  $user = get_entity((int)$user_guid);
215 
216  if (($user) && ($user instanceof \ElggUser) && ($user->canEdit())) {
217  if (_elgg_services()->events->trigger('remove_admin', 'user', $user)) {
218 
219  // invalidate memcache for this user
220  static $newentity_cache;
221  if ((!$newentity_cache) && (is_memcache_available())) {
222  $newentity_cache = new \ElggMemcache('new_entity_cache');
223  }
224 
225  if ($newentity_cache) {
226  $newentity_cache->delete($user_guid);
227  }
228 
229  $r = _elgg_services()->db->updateData("UPDATE {$this->CONFIG->dbprefix}users_entity set admin='no' where guid=$user_guid");
230  _elgg_services()->entityCache->remove($user_guid);
231  return $r;
232  }
233 
234  return false;
235  }
236 
237  return false;
238  }
239 
249 
250  // Fixes #6052. Username is frequently sniffed from the path info, which,
251  // unlike $_GET, is not URL decoded. If the username was not URL encoded,
252  // this is harmless.
253  $username = rawurldecode($username);
254 
257 
258  // Caching
259  if ((isset($USERNAME_TO_GUID_MAP_CACHE[$username]))
260  && (_elgg_services()->entityCache->get($USERNAME_TO_GUID_MAP_CACHE[$username]))) {
261  return _elgg_services()->entityCache->get($USERNAME_TO_GUID_MAP_CACHE[$username]);
262  }
263 
264  $query = "SELECT e.* FROM {$this->CONFIG->dbprefix}users_entity u
265  JOIN {$this->CONFIG->dbprefix}entities e ON e.guid = u.guid
266  WHERE u.username = '$username' AND $access";
267 
268  $entity = _elgg_services()->db->getDataRow($query, 'entity_row_to_elggstar');
269  if ($entity) {
270  $USERNAME_TO_GUID_MAP_CACHE[$username] = $entity->guid;
271  } else {
272  $entity = false;
273  }
274 
275  return $entity;
276  }
277 
285  function getByEmail($email) {
286 
287 
289 
291 
292  $query = "SELECT e.* FROM {$this->CONFIG->dbprefix}entities e
293  JOIN {$this->CONFIG->dbprefix}users_entity u ON e.guid = u.guid
294  WHERE email = '$email' AND $access";
295 
296  return _elgg_services()->db->getData($query, 'entity_row_to_elggstar');
297  }
298 
317  function findActive($options = array(), $limit = 10, $offset = 0, $count = false) {
318 
319  $seconds = 600; //default value
320 
321  if (!is_array($options)) {
322  elgg_deprecated_notice("find_active_users() now accepts an \$options array", 1.9);
323  if (!$options) {
324  $options = $seconds; //assign default value
325  }
326  $options = array('seconds' => $options);
327  }
328 
329  if ($limit === null) {
330  $limit = _elgg_services()->config->get('default_limit');
331  }
332 
333  $options = array_merge(array(
334  'seconds' => $seconds,
335  'limit' => $limit,
336  'offset' => $offset,
337  'count' => $count,
338  ), $options);
339 
340  // cast options we're sending to hook
341  foreach (array('seconds', 'limit', 'offset') as $key) {
342  $options[$key] = (int)$options[$key];
343  }
344  $options['count'] = (bool)$options['count'];
345 
346  // allow plugins to override
347  $params = array(
348  'seconds' => $options['seconds'],
349  'limit' => $options['limit'],
350  'offset' => $options['offset'],
351  'count' => $options['count'],
352  'options' => $options,
353  );
354  $data = _elgg_services()->hooks->trigger('find_active_users', 'system', $params, null);
355  // check null because the handler could legitimately return falsey values.
356  if ($data !== null) {
357  return $data;
358  }
359 
360  $dbprefix = _elgg_services()->config->get('dbprefix');
361  $time = time() - $options['seconds'];
362  return elgg_get_entities(array(
363  'type' => 'user',
364  'limit' => $options['limit'],
365  'offset' => $options['offset'],
366  'count' => $options['count'],
367  'joins' => array("join {$dbprefix}users_entity u on e.guid = u.guid"),
368  'wheres' => array("u.last_action >= {$time}"),
369  'order_by' => "u.last_action desc",
370  ));
371  }
372 
386  function register($username, $password, $name, $email, $allow_multiple_emails = false) {
387 
388  // no need to trim password.
389  $username = trim($username);
390  $name = trim(strip_tags($name));
391  $email = trim($email);
392 
393  // A little sanity checking
394  if (empty($username)
395  || empty($password)
396  || empty($name)
397  || empty($email)) {
398  return false;
399  }
400 
401  // Make sure a user with conflicting details hasn't registered and been disabled
404 
406  throw new \RegistrationException(_elgg_services()->translator->translate('registration:emailnotvalid'));
407  }
408 
410  throw new \RegistrationException(_elgg_services()->translator->translate('registration:passwordnotvalid'));
411  }
412 
414  throw new \RegistrationException(_elgg_services()->translator->translate('registration:usernamenotvalid'));
415  }
416 
418  throw new \RegistrationException(_elgg_services()->translator->translate('registration:userexists'));
419  }
420 
421  if ((!$allow_multiple_emails) && (get_user_by_email($email))) {
422  throw new \RegistrationException(_elgg_services()->translator->translate('registration:dupeemail'));
423  }
424 
426 
427  // Create user
428  $user = new \ElggUser();
429  $user->username = $username;
430  $user->email = $email;
431  $user->name = $name;
432  $user->access_id = ACCESS_PUBLIC;
433  $user->setPassword($password);
434  $user->owner_guid = 0; // Users aren't owned by anyone, even if they are admin created.
435  $user->container_guid = 0; // Users aren't contained by anyone, even if they are admin created.
436  $user->language = _elgg_services()->translator->getCurrentLanguage();
437  if ($user->save() === false) {
438  return false;
439  }
440 
441  // Turn on email notifications by default
442  set_user_notification_setting($user->getGUID(), 'email', true);
443 
444  return $user->getGUID();
445  }
446 
456  $time = time();
457  return "$time." . _elgg_services()->crypto->getHmac([(int)$time, $username])->getToken();
458  }
459 
470  // validate the format of the token created by ->generateInviteCode()
471  if (!preg_match('~^(\d+)\.([a-zA-Z0-9\-_]+)$~', $code, $m)) {
472  return false;
473  }
474  $time = $m[1];
475  $mac = $m[2];
476 
477  return _elgg_services()->crypto->getHmac([(int)$time, $username])->matchesToken($mac);
478  }
479 
488  function setValidationStatus($user_guid, $status, $method = '') {
489  $result1 = create_metadata($user_guid, 'validated', $status, '', 0, ACCESS_PUBLIC, false);
490  $result2 = create_metadata($user_guid, 'validated_method', $method, '', 0, ACCESS_PUBLIC, false);
491  if ($result1 && $result2) {
492  return true;
493  } else {
494  return false;
495  }
496  }
497 
505  $md = elgg_get_metadata(array(
506  'guid' => $user_guid,
507  'metadata_name' => 'validated'
508  ));
509  if ($md == false) {
510  return null;
511  }
512 
513  if ($md[0]->value) {
514  return true;
515  }
516 
517  return false;
518  }
519 
528  $user_guid = (int) $user_guid;
529 
530  $time = time();
531 
532  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity
533  set prev_last_action = last_action,
534  last_action = {$time} where guid = {$user_guid}";
535 
537  }
538 
547  $user_guid = (int) $user_guid;
548 
549  $time = time();
550 
551  $query = "UPDATE {$this->CONFIG->dbprefix}users_entity
552  set prev_last_login = last_login, last_login = {$time} where guid = {$user_guid}";
553 
555  }
556 
557 }
$r
get_user_by_email($email)
Get an array of users from an email address.
Definition: users.php:120
$username
Definition: delete.php:22
setLastLogin($user_guid)
Sets the last logon time of the given user to right now.
Definition: UsersTable.php:546
$m
Definition: metadata.php:11
if($guid==elgg_get_logged_in_user_guid()) $name
Definition: delete.php:21
$method
Definition: form.php:25
getValidationStatus($user_guid)
Gets the validation status of a user.
Definition: UsersTable.php:504
$data
Definition: opendd.php:13
disableEntities($owner_guid)
Disables all of a user's entities.
Definition: UsersTable.php:57
validate_username($username)
Simple function which ensures that a username contains only valid characters.
Definition: users.php:205
if(!$count) $offset
Definition: pagination.php:26
validate_email_address($address)
Simple validation of a email.
Definition: users.php:292
$guid
Removes an admin notice.
$mac
Definition: contents.php:14
$email
Definition: register.php:15
unban($user_guid)
Unban a user (calls events, removes the reason)
Definition: UsersTable.php:142
getByEmail($email)
Get an array of users from an email address.
Definition: UsersTable.php:285
getByUsername($username)
Get user by username.
Definition: UsersTable.php:247
makeAdmin($user_guid)
Makes user $guid an admin.
Definition: UsersTable.php:177
$options
Elgg admin footer.
Definition: footer.php:6
get_user_by_username($username)
Get user by username.
Definition: users.php:98
$access_status
Definition: unban.php:9
$params
Definition: login.php:72
$owner_guid
$limit
Definition: userpicker.php:38
ban($user_guid, $reason="")
Ban a user (calls events, stores the reason)
Definition: UsersTable.php:83
$key
Definition: summary.php:34
validate_password($password)
Simple validation of a password.
Definition: users.php:267
execute_delayed_write_query($query, $callback=null, array $params=[])
Queue a query for running during shutdown that writes to the database.
Definition: database.php:21
create_metadata($entity_guid, $name, $value, $value_type= '', $owner_guid=0, $access_id=ACCESS_PRIVATE, $allow_multiple=false)
Create a new metadata object, or update an existing one.
Definition: metadata.php:65
sanitise_string($string)
Alias of sanitize_string.
Definition: database.php:166
$dbprefix
Definition: index.php:13
$user
Definition: ban.php:13
set_user_notification_setting($user_guid, $method, $value)
Set a user notification pref.
elgg_get_entities(array $options=array())
Returns an array of entities with optional filtering.
Definition: entities.php:316
elgg_deprecated_notice($msg, $dep_version, $backtrace_level=1)
Log a notice about deprecated use of a function, view, etc.
Definition: elgglib.php:1070
findActive($options=array(), $limit=10, $offset=0, $count=false)
Return users (or the number of them) who have been active within a recent period. ...
Definition: UsersTable.php:317
removeAdmin($user_guid)
Removes user $guid's admin flag.
Definition: UsersTable.php:211
validateInviteCode($username, $code)
Validate a user's invite code.
Definition: UsersTable.php:469
_elgg_services(\Elgg\Di\ServiceProvider $services=null)
Get the global service provider.
Definition: autoloader.php:17
access_get_show_hidden_status()
Return current status of showing disabled entities.
Definition: access.php:170
__construct()
Constructor.
Definition: UsersTable.php:32
$password
Definition: login.php:25
setValidationStatus($user_guid, $status, $method= '')
Set the validation status for a user.
Definition: UsersTable.php:488
setLastAction($user_guid)
Sets the last action time of the given user to right now.
Definition: UsersTable.php:527
const ACCESS_PUBLIC
Definition: elgglib.php:1990
access_show_hidden_entities($show_hidden)
Show or hide disabled entities.
Definition: access.php:158
elgg_get_metadata(array $options=array())
Returns metadata.
Definition: metadata.php:143
global $USERNAME_TO_GUID_MAP_CACHE
Definition: UsersTable.php:9
$entity
Definition: delete.php:7
if(elgg_in_context('widget')) $count
Definition: pagination.php:21
generateInviteCode($username)
Generates a unique invite code for a user.
Definition: UsersTable.php:455
is_memcache_available()
Return true if memcache is available and configured.
Definition: memcache.php:16
$user_guid
Avatar remove action.
Definition: remove.php:6
_elgg_get_access_where_sql(array $options=array())
Returns the SQL where clause for enforcing read access to data.
Definition: access.php:214
getRow($guid)
Return the user specific details of a user by a row.
Definition: UsersTable.php:45
markBanned($guid, $banned)
Mark a user entity banned or unbanned.
Definition: UsersTable.php:124
get_entity($guid)
Loads and returns an entity object from a guid.
Definition: entities.php:204
$access
Definition: save.php:15