mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
gecko-dev/webtools/addons/shared/lib/user.class.php

347 строки
10 KiB
PHP
Исходник Ответственный История

<?php
/**
* User class. Contains user methods and metadata.
* @package amo
* @subpackage docs
*/
class User extends AMO_Object
{
// User metadata.
var $UserID;
var $UserEmail;
var $UserWebsite;
var $UserMode;
var $UserTrusted;
var $UserEmailHide;
var $UserLastLogin;
var $ConfirmationCode;
// Addons metadata.
var $AddOns;
/**
* Constructor.
*
* @param int $UserID UserID
*/
function User($UserID=null)
{
// Our DB and Smarty objects are global to save cycles.
global $db, $tpl;
// Pass by reference in order to save memory.
$this->db =& $db;
$this->tpl =& $tpl;
// If $ID is set, attempt to retrieve data.
if (!empty($UserID)) {
$this->setVar('UserID',$UserID);
$this->getUser();
$this->getAddons();
}
}
/**
* Get user information from singular record.
*/
function getUser()
{
$this->db->query("
SELECT
UserName,
UserEmail,
UserWebsite,
UserMode,
UserTrusted,
UserEmailHide,
UserLastLogin,
ConfirmationCode
FROM
userprofiles
WHERE
UserID = {$this->UserID}
", SQL_INIT, SQL_ASSOC);
if (!empty($this->db->record)) {
$this->setVars($this->db->record);
}
}
/**
* Get addons for this author.
*/
function getAddons()
{
// Gather addons metadata, user info.
$this->db->query("
SELECT
main.ID,
main.Name,
main.Description
FROM
main
INNER JOIN authorxref ON authorxref.ID = main.ID
INNER JOIN userprofiles ON userprofiles.UserID = authorxref.UserID
WHERE
userprofiles.UserID = '{$this->UserID}'
", SQL_ALL, SQL_ASSOC);
if (!empty($this->db->record)) {
$this->setVar('AddOns',$this->db->record);
}
}
/**
* A static method for adding a new user.
*/
function addUser($info)
{
global $db;//this is a static function
$_email = mysql_real_escape_string($info['email']);
$_name = mysql_real_escape_string($info['name']);
$_website = mysql_real_escape_string($info['website']);
$_password = mysql_real_escape_string($info['password']);
$_confirmation_code = md5(mt_rand());//just some string
$_sql = "INSERT INTO `userprofiles`
( `UserName`,
`UserEmail`,
`UserWebsite`,
`UserPass`,
`UserMode`,
`ConfirmationCode`
) VALUES (
'{$_name}',
'{$_email}',
'{$_website}',
MD5('{$_password}'),
'D',
'{$_confirmation_code}'
)";
if ($db->query($_sql)) {
// Our db class has some severe shortcomings :(
$_sql = 'SELECT LAST_INSERT_ID()';
if ($db->query($_sql, SQL_INIT)) {
return $db->record;
} else {
return false;
}
} else {
return false;
}
}
/**
* A convenience function for new accounts
* @param string plaintext password to send to user
* @access public
*/
function sendConfirmation($pass)
{
$subject = "Activate your new Mozilla Update account\n";
$message = "Welcome to Mozilla Update.\n";
$message .= "Before you can use your new account you must activate it, this ensures the e-mail address you used is valid and belongs to you.\n";
$message .= "To activate your account, click the link below or copy and paste the whole thing into your browsers location bar:\n";
$message .= HTTP_HOST.WEB_PATH.'/verifyaccount.php?email='.urlencode($this->UserEmail).'&confirmationcode='.$this->ConfirmationCode."\n\n";
$message .= "Keep this e-mail in a safe-place for your records, below is your account details you used when registering for your account.\n\n";
$message .= "E-Mail: {$this->UserEmail}\n";
$message .= "Password: {$pass}\n\n";
$message .= "Thanks for joining Mozilla Update\n";
$message .= "-- Mozilla Update Staff\n";
$this->sendMail($subject, $message);
}
/**
* Will send an email to the current user
* @param string subject
* @param string message
* @access public
*/
function sendMail($subject, $message)
{
$_to = $this->UserEmail;
$_from_name = "Mozilla Update";
$_from_address = "update-daemon@mozilla.org";
$_headers = "MIME-Version: 1.0\r\n";
$_headers .= "Content-type: text/plain; charset=iso-8859-1\r\n";
$_headers .= "From: ".$_from_name." <".$_from_address.">\r\n";
//$_headers .= "Reply-To: ".$from_name." <".$from_address.">\r\n";
$_headers .= "X-Priority: 3\r\n";
$_headers .= "X-MSMail-Priority: Normal\r\n";
$_headers .= "X-Mailer: UMO Mail System 1.0";
mail($_to, $subject, $message, $_headers);
}
/**
* A static function to get a user by email address. Really, I wrote it so I could see
* if an email address was already in use.
* @param string address to check
* @return mixed A user object, or false on failure
* @access public
*/
function getUserByEmail($address)
{
global $db;//static function
$_email = mysql_real_escape_string($address);
$_sql = "SELECT
`UserID`
FROM
`userprofiles`
WHERE
`UserEmail`='{$_email}'
LIMIT 1";
$db->query($_sql, SQL_INIT, SQL_ASSOC);
$ret = $db->record;
if (is_array($ret) && array_key_exists('UserID', $ret) && is_numeric($ret['UserID'])) {
return new User($ret['UserID']);
} else {
return false;
}
}
/**
* Will flip a user from 'D' to 'U' (confirm the account)
* @access public
* @param string the confirmation code emailed to the user
* @return bool true on success, false on failure
*/
function confirm($code)
{
$_code = mysql_real_escape_string($code);
$_sql = "UPDATE
`userprofiles`
SET
`UserMode`='U',
`ConfirmationCode` = ''
WHERE
`UserEmail`='{$this->UserEmail}'
AND
`ConfirmationCode` = '{$_code}'
LIMIT 1";
$this->db->query($_sql);
// Workaround for sql library :-/
// This will refresh the usermode
$this->getUser();
if ($this->UserMode == 'U') {
return true;
} else {
return false;
}
}
/**
* Will generate and put a confirmation code into a user's row
* @access public
*/
function generateConfirmationCode()
{
$_code = md5(mt_rand());//just some string
$_sql = "UPDATE
`userprofiles`
SET
`ConfirmationCode` = '{$_code}'
WHERE
`UserID`='{$this->UserID}'
LIMIT 1";
$this->db->query($_sql);
// refresh the confirmation code
$this->getUser();
return true;
}
/**
* Will send a password recovery email to the currently logged in user
* @access public
*/
function sendPasswordRecoveryEmail()
{
$_email = urlencode($this->UserEmail);
$_code = urlencode($this->ConfirmationCode);
$subject = "Mozilla Addons Password Reset\n";
$message = "Mozilla Addons Password Reset\n";
$message .= "\n";
$message .= "A request was recieved to reset the password for this\n";
$message .= "account on http://addons.mozilla.org/. To change the password\n";
$message .= "please click on the following link, or paste it into your browser:\n";
$message .= HTTP_HOST.WEB_PATH."/resetpassword.php?email={$_email}&code={$_code}\n";
$message .= "\n";
$message .= "If you did not request this email there is no need for further action.\n";
$message .= "Thanks,\n";
$message .= "-- Mozilla Update Staff\n";
$this->sendMail($subject,$message);
return true;
}
/**
* Checks whether a given code is valid to reset a password.
* @access public
* @param string email address
* @param string code reset code
* @return boolean true or false (duh, I guess)
*/
function checkResetPasswordCode($email, $code)
{
$_email = mysql_real_escape_string($email);
$_code = mysql_real_escape_string($code);
$_sql = "SELECT
`UserID`
FROM
`userprofiles`
WHERE
`UserEmail`='{$_email}'
AND
`ConfirmationCode` = '{$_code}'
LIMIT 1";
$this->db->query($_sql, SQL_INIT, SQL_ASSOC);
$ret = $this->db->record;
if (is_array($ret) && array_key_exists('UserID', $ret) && is_numeric($ret['UserID'])) {
return true;
} else {
return false;
}
}
/**
* Will simply reset the password for a user
* @param string password to reset to
* @access public
*/
function setPassword($password)
{
$_password = mysql_real_escape_string($password);
$_sql = "UPDATE
`userprofiles`
SET
`UserPass` = MD5('{$_password}')
WHERE
`UserID`='{$this->UserID}'
LIMIT 1";
$this->db->query($_sql);
}
}
?>
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку