YaWK  24.1
Yet another WebKit
Public Member Functions | Static Public Member Functions | Public Attributes | List of all members
YAWK\user Class Reference

The default user class. Provide all functions to handle the user object. More...

Public Member Functions

 __construct ($db)
 user constructor. More...
 
 getUserArray ($db)
 return user data as an array More...
 
 isAllowedToOverrideTemplate ($db, $uid)
 check if user ID is allowed to override template More...
 
 isTemplateEqual ($db, $userTemplateID)
 check if user template equals selected (active) template More...
 
 setUserTemplate ($db, $overrideTemplate, $userTemplateID, $uid)
 set status and override template for this user ID More...
 

Static Public Member Functions

static ajaxLogin ($db, $user, $password)
 
static checkResetToken ($db, $token)
 Check if password reset token matches and return uid. More...
 
static countUsers ($db)
 count and return all users More...
 
static drawLoginBox ($username, $password)
 return the html for a default login box More...
 
static drawMenuLoginBox ($username, $password, $style)
 return the html for a menu login box More...
 
static drawPasswordResetForm ($db, $lang, $uid)
 Draw the form where users can reset their password. More...
 
static getCurrentUserName ($lang)
 return current username More...
 
static getLatestUsers ($db, $count)
 get latest users and return as array More...
 
static getLoginData ($db, $user)
 return an array with all login data More...
 
static getToken ($length)
 Generate a safe token for password reset. More...
 
static getUserEmail ($db, $user)
 return email address of $user More...
 
static getUserImage ($location, $user, $cssClass, $w, $h)
 return and output user image More...
 
static getUserList ($db)
 output a list of all users (who have not activated privacy switch) More...
 
static getUserTemplateID ($db, $uid)
 template ID for given user ID More...
 
static isAnybodyThere ($db)
 check, if a session username is set and if user is logged in More...
 
static sendResetEmail ($db, $username, $email, $lang)
 Send password change request email. More...
 
static setNewPassword ($db, $newPassword, $uid)
 Set a new user password. More...
 

Public Attributes

 $blocked
 
 $city
 
 $country
 
 $currentuser
 
 $date_changed
 
 $date_created
 
 $date_expired
 
 $date_lastlogin
 
 $email
 
 $facebook
 
 $firstname
 
 $gid
 
 $id
 
 $job
 
 $lastlogin
 
 $lastname
 
 $likes
 
 $logged_in
 
 $login_count
 
 $online
 
 $overrideTemplate
 
 $password
 
 $privacy
 
 $public_email
 
 $published
 
 $street
 
 $templateID
 
 $terms
 
 $twitter
 
 $url
 
 $username
 
 $zipcode
 

Detailed Description

The default user class. Provide all functions to handle the user object.

The default user class. Provide all functions to handle the user object.

All functions that are required to handle a user. Methods are: add, edit, delete, checklogin and many more.

Class covers both, backend & frontend functionality. See Methods Summary for Details!

Author
Daniel Retzl danie.nosp@m.lret.nosp@m.zl@gm.nosp@m.ail..nosp@m.com
Copyright
2009-2015 Daniel Retzl @license https://opensource.org/licenses/MIT

Definition at line 16 of file user.php.

Constructor & Destructor Documentation

◆ __construct()

YAWK\user::__construct (   $db)

user constructor.

Definition at line 86 of file user.php.

87  {
88  if (!isset($db)){ $db = new \YAWK\db(); }
89  if (isset($_SESSION['username']))
90  {
91  $this->loadProperties($db, $_SESSION['username']);
92  }
93  }

References $db.

Member Function Documentation

◆ ajaxLogin()

static YAWK\user::ajaxLogin (   $db,
  $user,
  $password 
)
static

Definition at line 1627 of file user.php.

1628  {
1629  // create new user class object
1630  $userClass = new \YAWK\user($db);
1631 
1632  // check user and password vars
1633  if (isset($user) && (!empty($user) && (is_string($user)
1634  && (isset($password) && (!empty($password) && (is_string($password)))))))
1635  {
1636  // check if user is logged in
1637  if (self::isLoggedIn($db, $user) === false)
1638  {
1639  // login successful
1640  if(self::login($db, $user, $password) === true)
1641  { // login successful
1642  $userClass->storeLogin($db, 0, "frontend", $user, $password);
1643  // \YAWK\sys::setSyslog($db, "3", "ajax login successful", 0, 0, 0, 0);
1644  return true;
1645  }
1646  else
1647  { // login failed
1648  $userClass->storeLogin($db, 1, "frontend", $user, $password);
1649  // \YAWK\sys::setSyslog($db, "5", "ajax login failed", 0, 0, 0, 0);
1650  return false;
1651  }
1652  }
1653  // in any other case
1654  return false;
1655  }
1656  else
1657  { // login data wrong
1658  return false;
1659  }
1660  }
YAWK\user\$password
$password
Definition: user.php:35

References $db, and YAWK\user\$password.

◆ checkResetToken()

static YAWK\user::checkResetToken (   $db,
  $token 
)
static

Check if password reset token matches and return uid.

Parameters
object$dbdatabase obj
string$tokentoken that was generated for this user
Returns
mixed returns the affected user id (or false)

Definition at line 131 of file user.php.

132  {
133  // check if token is set and in valid format
134  if (isset($token) && (is_string($token)))
135  {
136  // strip tags for security reasons
137  $token = strip_tags($token);
138 
139  // compare with stored token in database
140  if ($res = $db->query("SELECT id FROM {users} WHERE hashValue = '".$token."'"))
141  {
142  // token matches, get user ID
143  if ($row = mysqli_fetch_row($res))
144  {
145  // return user ID
146  return $row[0];
147  }
148  else
149  { // no ID found
150  return false;
151  }
152  }
153  else
154  { // no user with this token hash value found
155  return false;
156  }
157  }
158  else
159  { // user token not set or wrong type
160  return false;
161  }
162  }

References $db, and $res.

Referenced by YAWK\controller\filterfilename().

◆ countUsers()

static YAWK\user::countUsers (   $db)
static

count and return all users

Parameters
object$dbdatabase
Returns
string|bool

Definition at line 754 of file user.php.

755  {
756  /* @param $db \YAWK\db */
757  if ($result = $db->query("SELECT count(id) FROM {users}"))
758  {
759  $i = mysqli_fetch_row($result);
760  return $i[0];
761  }
762  else
763  {
764  \YAWK\sys::setSyslog($db, 11, 1, "failed to count user db ", 0, 0, 0, 0);
765  return false;
766  }
767  }
$result
$result
Definition: email-send.php:137
$i
$i
Definition: widget-edit.php:203

References $db, $i, and $result.

◆ drawLoginBox()

static YAWK\user::drawLoginBox (   $username,
  $password 
)
static

return the html for a default login box

Parameters
string$usernameusername, as option
string$passwordpassword, as option
Returns
string

Definition at line 2001 of file user.php.

2002  {
2003  $html = "
2004  <form name=\"login\" id=\"loginForm\" role=\"form\" method=\"POST\">
2005  <input type=\"text\" id=\"user\" name=\"user\" value=\"".$username."\" class=\"form-control animated fadeIn\" placeholder=\"Benutzername\">
2006  <input type=\"password\" id=\"password\" name=\"password\" value=\"".$password."\" class=\"form-control animated fadeIn\" placeholder=\"Passwort\">
2007  <input type=\"hidden\" name=\"login\" value=\"login\">
2008  <input type=\"submit\" id=\"submitBtn\" value=\"Login\" style=\"margin-top:5px;\" name=\"Login\" class=\"btn btn-success animated fadeIn\">
2009  <div id=\"captchaNode\"></div>
2010  </form>";
2011  return $html;
2012  }

References YAWK\user\$password.

Referenced by YAWK\controller\filterfilename().

◆ drawMenuLoginBox()

static YAWK\user::drawMenuLoginBox (   $username,
  $password,
  $style 
)
static

return the html for a menu login box

Parameters
string$usernameusername, as option
string$passwordpassword, as option
string$stylemenu styling: light or dark
Returns
string htmnl that draws the menu login box

Definition at line 2021 of file user.php.

2022  {
2023  if (!isset($style) || (empty($style)))
2024  {
2025  $style = "light";
2026  $input_style = '';
2027  }
2028  else
2029  {
2030  if ($style == "light")
2031  {
2032  $input_style = '';
2033  }
2034  elseif ($style == "dark")
2035  {
2036  $input_style = "style=\"color: #ccc; border-color: #000; background-color: #444;\"";
2037  }
2038  else
2039  {
2040  $input_style = '';
2041  }
2042  }
2043 
2044  $html = "<form name=\"login\" id=\"loginForm\" class=\"navbar-form navbar-right\" role=\"form\" action=\"welcome.html\" method=\"POST\">
2045  <div class=\"form-group\">
2046  <input type=\"text\" id=\"user\" name=\"user\" value=\"".$username."\" class=\"form-control\" $input_style placeholder=\"Benutzername\">
2047  <input type=\"password\" id=\"password\" name=\"password\" value=\"".$password."\" class=\"form-control\" $input_style placeholder=\"Passwort\">
2048  <input type=\"hidden\" name=\"login\" value=\"login\">
2049  <input type=\"hidden\" name=\"LOCK\" value=\"1\">
2050  <input type=\"hidden\" name=\"include\" value=\"login\">
2051  <input type=\"submit\" value=\"Login\" name=\"Login\" class=\"btn btn-success\">
2052  </div>
2053  </form>";
2054  return $html;
2055  }

References YAWK\user\$password.

Referenced by YAWK\menu\display().

◆ drawPasswordResetForm()

static YAWK\user::drawPasswordResetForm (   $db,
  $lang,
  $uid 
)
static

Draw the form where users can reset their password.

The password reset email leads to this form.

Parameters
object$dbdatabase obj
array$langlanguage array
int$uiduser ID

Definition at line 171 of file user.php.

172  {
173  echo "<form action=\"index.php?setNewPassword=true\" method=\"POST\" role=\"form\">";
174  echo "<label for=\"newPassword1\">$lang[PASSWORD]</label>";
175  echo "<input type=\"password\" class=\"form-control\" name=\"newPassword1\" id=\"newPassword1\">";
176  echo "<label for=\"newPassword2\">$lang[PASSWORD_REPEAT]</label>";
177  echo "<input type=\"password\" class=\"form-control\" name=\"newPassword2\" id=\"newPassword2\">";
178  echo "<input type=\"hidden\" value=\"$uid\" class=\"form-control\" name=\"uid\" id=\"uid\">";
179  echo "<button type=\"submit\" style=\"margin-top:5px;\" class=\"btn btn-success\">$lang[PASSWORD_SET_NEW]</button>";
180  echo "</form>";
181  }

Referenced by YAWK\controller\filterfilename().

◆ getCurrentUserName()

static YAWK\user::getCurrentUserName (   $lang)
static

return current username

Parameters
object$langlanguage obj
Returns
string current username

Definition at line 344 of file user.php.

345  {
346  if (isset($_SESSION['username']))
347  {
348  return $_SESSION['username'];
349  }
350  else
351  {
352  return $lang['GUEST'];
353  }
354  }
$lang
print $lang['FILEMAN_UPLOAD']
Definition: filemanager.php:385

References $lang.

Referenced by YAWK\BACKEND\AdminLTE\drawHtmlContent().

◆ getLatestUsers()

static YAWK\user::getLatestUsers (   $db,
  $count 
)
static

get latest users and return as array

Parameters
object$dbdatabase
int$countlimit the query
Returns
array|string

Definition at line 718 of file user.php.

719  {
720  if (isset($count))
721  { // param
722  $limit = $count;
723  }
724  else
725  { // default value
726  $limit = 8;
727  }
728  /* @param $db \YAWK\db */
729  if ($result = $db->query("SELECT cu.*, cg.value as gid FROM {users} as cu
730  JOIN {user_groups} as cg on cu.gid = cg.id ORDER BY id LIMIT $limit"))
731  {
732  $userDataArray = array();
733  // cycle trough results
734  while ($row = $result->fetch_assoc())
735  {
736  $userDataArray[] = $row;
737  }
738  /* free result */
739  $result->close();
740  }
741  else {
742  $userDataArray = '';
743  \YAWK\sys::setSyslog($db, 11, 1, "failed to fetch user list", 0, 0, 0, 0);
744  echo \YAWK\alert::draw("danger", "Error", "Sorry, database error: fetch getLatestUsers failed.","page=users","4800");
745  }
746  return $userDataArray;
747  }

References $db, and $result.

Referenced by YAWK\BACKEND\dashboard\drawLatestUsers().

◆ getLoginData()

static YAWK\user::getLoginData (   $db,
  $user 
)
static

return an array with all login data

Parameters
object$dbdatabase
object$user
Returns
array|bool

Definition at line 540 of file user.php.

541  { /* @param $db \YAWK\db */
542  if (isset($user) && (!empty($user)))
543  { // check if user is registered
544  if (self::hasLoggedIn($db, $user))
545  { // user is in list, extend sql string
546  $sqlStr = "WHERE username='$user'";
547  \YAWK\alert::draw("success", "showing login data for user: $user", " ", "",2400);
548  }
549  else
550  { // user not found in table, so draw an alert and show all logins...
551  $sqlStr = '';
552  \YAWK\alert::draw("warning", "Error!", "<h4>No login data available.</h4> Could not get data for user <b>$user</b>. Displaying all data instead.", "",5000);
553  }
554  }
555  else
556  { // show all logins
557  $sqlStr = '';
558  }
559  if ($res = $db->query("SELECT * FROM {logins} $sqlStr"))
560  { // fetch data in loop
561  while ($row = $res->fetch_assoc())
562  { // store logins into array
563  $loginsArray[] = $row;
564  }
565  if (isset($loginsArray) && (!empty($loginsArray)))
566  { // if array is set and not empty
567  return $loginsArray;
568  }
569  else
570  { // something went wrong
571  return false;
572  }
573  }
574  else
575  { // could not query login data...
576  \YAWK\sys::setSyslog($db, 11, 1, "failed to query login data of $user ", 0, 0, 0, 0);
577  return false;
578  }
579  }
YAWK\alert\draw
static draw($type, $title, $text, $redirect, $delay)
Definition: alert.php:30

References $db, $res, and YAWK\alert\draw().

◆ getToken()

static YAWK\user::getToken (   $length)
static

Generate a safe token for password reset.

Parameters
string$lengththe length of your token
Returns
string $token function returns the token

Definition at line 101 of file user.php.

102  {
103  $token = "";
104  $code = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
105  $code.= "abcdefghijklmnopqrstuvwxyz";
106  $code.= "0123456789";
107  $max = strlen($code); // edited
108 
109  for ($i=0; $i < $length; $i++)
110  {
111  $token .= $code[random_int(0, $max-1)];
112  }
113  // check if token is set
114  if (is_string($token))
115  { // ok, return token
116  return $token;
117  }
118  else
119  { // error generating token
120  return false;
121  }
122  }

References $i.

Referenced by YAWK\user\sendResetEmail().

◆ getUserArray()

YAWK\user::getUserArray (   $db)

return user data as an array

Parameters
object$dbdatabase
Returns
array|string

Definition at line 690 of file user.php.

691  {
692  /* @param $db \YAWK\db */
693  if ($result = $db->query("SELECT cu.*, cg.value as gid FROM {users} as cu
694  JOIN {user_groups} as cg on cu.gid = cg.id ORDER BY id"))
695  {
696  $userDataArray = array();
697  // cycle trough results
698  while ($row = $result->fetch_assoc())
699  {
700  $userDataArray[] = $row;
701  }
702  /* free result */
703  $result->close();
704  }
705  else {
706  $userDataArray = '';
707  echo \YAWK\alert::draw("danger", "Error", "Sorry, database error: fetch getUserArray failed.","page=users","4800");
708  }
709  return $userDataArray;
710  }

References $db, and $result.

◆ getUserEmail()

static YAWK\user::getUserEmail (   $db,
  $user 
)
static

return email address of $user

Parameters
object$dbdatabase
string$userusername
Returns
bool the emailadress of this $user
Parameters
$db\YAWK\db $res

Definition at line 1254 of file user.php.

1255  { /** @param $db \YAWK\db $res */
1256  if ($res = $db->query("SELECT email
1257  FROM {users}
1258  WHERE username = '" . $user. "'"))
1259  { // fetch data
1260  $row = $res->fetch_row();
1261  return $row[0];
1262  }
1263  else
1264  { // q failed
1265  \YAWK\sys::setSyslog($db, 11, 1, "failed to get email address of <b>$user</b> ", 0, 0, 0, 0);
1266  return false;
1267  }
1268  }

References $db, and $res.

Referenced by YAWK\user\sendResetEmail().

◆ getUserImage()

static YAWK\user::getUserImage (   $location,
  $user,
  $cssClass,
  $w,
  $h 
)
static

return and output user image

Parameters
string$locationfrontend or backend
string$userusername
string$cssClassimage css class eg. img-circle
int$wwidth in pixel
int$hheight in pixel
Returns
string

Definition at line 1079 of file user.php.

1080  {
1081  if (isset($w) && isset($h))
1082  {
1083  if ($w === 0)
1084  {
1085  $width = 0;
1086  }
1087  else
1088  {
1089  $width = "width=\"$w\" ";
1090  }
1091  if ($h === 0)
1092  {
1093  $height = 0;
1094  }
1095  else
1096  {
1097  $height = "height=\"$h\" ";
1098  }
1099  }
1100  else
1101  {
1102  $width = '';
1103  $height = '';
1104  }
1105  if (isset($cssClass))
1106  {
1107  $css = "class=\"$cssClass\"";
1108  }
1109  else
1110  {
1111  $css = '';
1112  }
1113 
1114  if (isset($location))
1115  {
1116  if ($location == "frontend"){
1117  $imageJpg = "media/images/users/".$user.".jpg";
1118  $imagePng = "media/images/users/".$user.".png";
1119  $defaultPic = "<img src=\"media/images/users/avatar.png\" $width $height $css>";
1120 
1121  }
1122  else
1123  {
1124  $imageJpg = '';
1125  $imagePng = '';
1126  $defaultPic = "<img src=\"media/images/users/avatar.png\" $width $height $css>";
1127  }
1128  if ($location == "backend"){
1129  $imageJpg = "../media/images/users/".$user.".jpg";
1130  $imagePng = "../media/images/users/".$user.".png";
1131 
1132  if ($cssClass == "img-circle")
1133  {
1134  $defaultPic = "<img src=\"../media/images/users/avatar.png\" $width $height $css>";
1135  }
1136  elseif ($cssClass == "img-circle sidebar-toggle")
1137  {
1138  $defaultPic = "<img src=\"../media/images/users/avatar-light.png\" $width $height $css>";
1139  }
1140  if ($cssClass == "user-image")
1141  {
1142  $defaultPic = "<img src=\"../media/images/users/avatar.png\" $width $height $css>";
1143  }
1144  if ($cssClass == "profile-user-img img-responsive img-circle")
1145  {
1146  $defaultPic = "<img src=\"../media/images/users/avatar.png\" $width $height $css>";
1147  }
1148  }
1149  else
1150  {
1151  $imageJpg = '';
1152  $imagePng = '';
1153  $defaultPic = "<img src=\"media/images/users/avatar.png\" $width $height $css>";
1154  }
1155  }
1156  else
1157  {
1158  $imageJpg = '';
1159  $imagePng = '';
1160  $defaultPic = "<img src=\"media/images/users/avatar.png\" $width $height $css>";
1161  }
1162 
1163 
1164  if (file_exists($imageJpg)){
1165  return "<img src=\"".$imageJpg."\" $width $height $css>";
1166  }
1167  elseif (file_exists($imagePng)){
1168  return "<img src=\"".$imagePng."\" $width $height $css>";
1169  }
1170  else
1171  {
1172  return $defaultPic;
1173  }
1174  }

Referenced by YAWK\BACKEND\AdminLTE\drawHtmlLeftSidebar(), YAWK\BACKEND\AdminLTE\drawHtmlNavbarMessagesMenu(), YAWK\BACKEND\AdminLTE\drawHtmlNavbarUserAccountMenu(), YAWK\BACKEND\dashboard\drawLatestUsers(), YAWK\menu\drawLogoutMenu(), and YAWK\PLUGINS\MESSAGES\messages\MessageView().

◆ getUserList()

static YAWK\user::getUserList (   $db)
static

output a list of all users (who have not activated privacy switch)

Parameters
object$dbdatabase

Definition at line 2129 of file user.php.

2130  { /* @param \YAWK\db $db */
2131  // show ALL users
2132  // get all users from db where privacy is set to zero
2133  // & just pick users who are set to online in database
2134  $res = $db->query("SELECT username, email, public_email, online FROM {users} WHERE privacy != 1");
2135  while ($row = mysqli_fetch_assoc($res)){
2136  // first char uppcerase
2137  $username = ucfirst($row['username']);
2138  // check if users email adress is public
2139  if ($row['email'] && $row['public_email'] === '0'){
2140  $email = $row['email'];
2141  } else {
2142  $email = "";
2143  } // if not, build an empty string
2144  if ($row['online'] === '0') {
2145  $color = "text-danger";
2146  }
2147  else {
2148  $color = "text-success";
2149  }
2150  echo "<ul class=\"list-group\">
2151  <li class=\"list-group-item\"><span class=\"".$color."\"><strong>".$username." &nbsp;&nbsp;<small>".$email."</strong></small></span></li>
2152  </ul>";
2153  }
2154  }
YAWK\user\$email
$email
Definition: user.php:47
YAWK\user\$username
$username
Definition: user.php:21

References $db, YAWK\user\$email, $res, and YAWK\user\$username.

Referenced by YAWK\template\setPosition().

◆ getUserTemplateID()

static YAWK\user::getUserTemplateID (   $db,
  $uid 
)
static

template ID for given user ID

Parameters
object$dbdatabase
int$uiduser ID
Returns
string|bool return template ID to corresponding user ID

Definition at line 421 of file user.php.

422  { /* @param $db \YAWK\db */
423  if (!isset($uid) && (empty($uid)))
424  { // uid is missing
425  return false;
426  }
427  if ($res = $db->query("SELECT templateID FROM {users} WHERE id = $uid"))
428  {
429  if ($row = mysqli_fetch_row($res))
430  { // return $userTemplateID
431  return $row[0];
432  }
433  else
434  {
435  \YAWK\sys::setSyslog($db, 11, 1, "failed to get templateID from user db ", $uid, 0, 0, 0);
436  return false;
437  }
438  }
439  else
440  {
441  \YAWK\sys::setSyslog($db, 11, 1, "failed to query templateID from user db ", $uid, 0, 0, 0);
442  return false;
443  }
444  }
$uid
if(!isset($db)) $uid
Definition: accept-friend.php:13

References $db, $res, and $uid.

◆ isAllowedToOverrideTemplate()

YAWK\user::isAllowedToOverrideTemplate (   $db,
  $uid 
)

check if user ID is allowed to override template

Parameters
object$dbdatabase
int$uiduser ID
Returns
bool

Definition at line 452 of file user.php.

453  { /* @param $db \YAWK\db */
454  if ($res = $db->query("SELECT overrideTemplate FROM {users} WHERE id = $uid"))
455  {
456  if ($row = mysqli_fetch_row($res))
457  {
458  if ($row[0] === "1")
459  {
460  return true;
461  }
462  else
463  {
464  return false;
465  }
466  }
467  else
468  {
469  \YAWK\sys::setSyslog($db, 11, 1, "failed to get overrideTemplate status from user db ", 0, 0, 0, 0);
470  return false;
471  }
472  }
473  else
474  {
475  return false;
476  }
477  }

References $db, and $res.

◆ isAnybodyThere()

static YAWK\user::isAnybodyThere (   $db)
static

check, if a session username is set and if user is logged in

Parameters
object$dbdatabase obj
Returns
string|bool return current username or false

Definition at line 361 of file user.php.

362  {
363  // check if session is set
364  if (isset($_SESSION))
365  {
366  // check if session username + uid is set
367  if (isset($_SESSION['username']) && isset($_SESSION['uid']))
368  { // check if session logged_in status is true
369  if ($_SESSION['logged_in'] == true)
370  { // session username is set, check if its a non-empty string
371  if (!empty($_SESSION['username']) && (is_string($_SESSION['username'])))
372  { // username seems to be valid -
373  return $_SESSION['username'];
374  }
375  else
376  { // username seems not to be valid
377  return false;
378  }
379  }
380  else
381  { // user is there, but not logged in
382  return false;
383  }
384  }
385  else
386  { // session username is not set
387  return false;
388  }
389  }
390  // no session - check if $_GET is set instead
391  else if (isset($_GET))
392  { // check if user param is set
393  if (isset($_GET['user']) && (!empty($_GET['user']) && (is_string($_GET['user']))))
394  { // check if database says user is logged in
395  if (self::isLoggedIn($db, $_GET['user']))
396  { // user is logged in
397  return $_GET['user'];
398  }
399  else
400  { // user is not logged in
401  return false;
402  }
403  }
404  else
405  { // $_GET user is not set, empty or not valid
406  return false;
407  }
408  }
409  else
410  { // no user is there
411  return false;
412  }
413  }
$_GET
print $_GET['id']
Definition: page-edit.php:357

References $_GET, and $db.

Referenced by YAWK\WIDGETS\LOGINBOX\LOGIN\loginbox\init().

◆ isTemplateEqual()

YAWK\user::isTemplateEqual (   $db,
  $userTemplateID 
)

check if user template equals selected (active) template

Parameters
object$dbDatabase
int$userTemplateIDthe user template ID
Returns
bool

Definition at line 519 of file user.php.

520  {
521  /* @param $db \YAWK\db */
522  // check if userTemplateID param is set
523  if (!isset($userTemplateID) && (empty($userTemplateID))) { // missing templateID - cannot compare,
524  return false;
525  }
526  $selectedTemplate = \YAWK\settings::getSetting($db, "selectedTemplate");
527  if ($selectedTemplate === $userTemplateID) { // user templateID and primary template (selectedTemplate) are equal
528  return true;
529  } else { // user templateID and selected template do not match
530  return false;
531  }
532  }
YAWK\settings\getSetting
static getSetting($db, $property)
Get and return value for property from settings database.
Definition: settings.php:470
$userTemplateID
$userTemplateID
Definition: template-overview.php:492

References $db, $userTemplateID, and YAWK\settings\getSetting().

◆ sendResetEmail()

static YAWK\user::sendResetEmail (   $db,
  $username,
  $email,
  $lang 
)
static

Send password change request email.

Parameters
object$dbdatabase obj
string$usernameusername from pwd reset form
string$emailemail from pwd reset from
object$langlanguage obj
Returns
bool true|false

Definition at line 232 of file user.php.

233  {
234  // first of all we check if user entered a correct username or email string.
235  // afterwards, we get the UID for this user and store a personal hash value
236  // user will get an email, containing a link with the hash to the form where
237  // he can set his new password. If hash matches, password change is possible.
238  // Until this last step he can still login with his old credentials - password
239  // in database will not be touched until he enters a new one.
240 
241  // get UID from username
242  if (isset($username) && (!empty($username) && (is_string($username)))) {
243  // user wants to reset with his username
244  $username = trim($username);
245  $username = strip_tags($username);
246  // get user id from username
247  $uid = self::getUserIdFromName($db, $username);
248  }
249  // or get UID from email
250  else if (isset($email) && (!empty($email) && (is_string($email))))
251  {
252  // user wants to reset with his email
253  $email = trim($email);
254  $email = strip_tags($email);
255  $uid = self::getUserIdFromEmail($db, $email);
256  }
257  else
258  {
259  \YAWK\alert::draw("warning", $lang['WARNING'], $lang['USERNAME_OR_EMAIL_NOT_SET'], "", 3800);
260  return false;
261  }
262 
263  // check if UID is valid
264  if (empty($uid) || (!is_numeric($uid)))
265  { // throw error - UID is not valid
266  \YAWK\alert::draw("danger", $lang['ERROR'], $lang['PASSWORD_RESET_UID_FAILED'], "", 3800);
267  return false;
268  }
269  else
270  { // uid is valid, go ahead and generate hash value
271  $token = self::getToken(196);
272 
273  // store token in database
274  if ($res = $db->query("UPDATE {users} SET hashValue = '".$token."' WHERE id = '".$uid."'"))
275  {
276  // get user email address
277  if (!isset($email) || (empty($email)))
278  {
279  // get email address of this user
280  $to = \YAWK\user::getUserEmail($db, $username);
281  }
282  else
283  { // password recipient
284  $to = $email;
285  // get username
286  $username = self::getUserNameFromID($db, $uid);
287  }
288 
289  // get admin email address
290  $from = \YAWK\settings::getSetting($db, "admin_email");
291 
292  // check if $to is a valid email address
293  if (filter_var($to, FILTER_VALIDATE_EMAIL))
294  {
295  // get full url to build the link
296  $url = \YAWK\sys::getHost($db);
297 
298  // append token and generate complete url
299  $firstCharOfUrl = mb_substr($url, 0,-1);
300  if ($firstCharOfUrl === "/")
301  { // url missing trailing slash, append it
302  $tokenLink = $url."/index.php?resetPassword=true&token=$token";
303  }
304  else
305  { // url still got a slash
306  $tokenLink = $url."index.php?resetPassword=true&token=$token";
307  }
308 
309  $mailBody = "$lang[HELLO] $username!\n\r$lang[PASSWORD_RESET_REQUESTED]\n\r$lang[PASSWORD_RESET_MAILBODY]\n\r".$tokenLink."\n\r$lang[PASSWORD_RESET_REQUEST_WARNING].";
310  if (\YAWK\email::sendEmail($from, $to, "", "$lang[PASSWORD_RESET] $url", $mailBody) === true)
311  { // reset password email sent
312  \YAWK\sys::setSyslog($db, 9, 0, "reset password email requested from $username ($to)", $uid, 0, 0, 0);
313  $_SESSION['passwordFail'] = 0;
314  return true;
315  }
316  else
317  { // FAILED to send password reset email
318  \YAWK\alert::draw("warning", $lang['ERROR'], "$lang[EMAIL_NOT_SENT] <br>(from: $from)<br>(to: $to)", "", 3800);
319  \YAWK\sys::setSyslog($db, 11, 1, "failed to send reset password email to $username ($to)", $uid, 0, 0, 0);
320  return false;
321  }
322  }
323  else
324  { // NOT VALID EMAIL ADDRESS (to:)
325  \YAWK\alert::draw("warning", $lang['ERROR'], $lang['EMAIL_ADD_INVALID'], "", 3800);
326  \YAWK\sys::setSyslog($db, 11, 1, "invalid email address $to", $uid, 0, 0, 0);
327  return false;
328  }
329  }
330  else
331  { // error: hash value could not be stored / updated in database
332  \YAWK\sys::setSyslog($db, 11, 1, "failed to update hash value in database", $uid, 0, 0, 0);
333  \YAWK\alert::draw("warning", "Hash Value", "could not be stored.", "", 3800);
334  return false;
335  }
336  }
337  }
YAWK\email\sendEmail
static sendEmail($email_from, $email_to, $email_cc, $email_subject, $email_message)
send an email
Definition: email.php:31
YAWK\sys\getHost
static getHost($db)
get hostname (url where yawk is installed) from database
Definition: sys.php:1115
YAWK\user\getToken
static getToken($length)
Generate a safe token for password reset.
Definition: user.php:101
YAWK\user\getUserEmail
static getUserEmail($db, $user)
return email address of $user
Definition: user.php:1254
YAWK
This class serves methods to create backup from files.
Definition: AdminLTE.php:2

References $db, YAWK\user\$email, $lang, $res, $uid, YAWK\user\$url, YAWK\user\$username, YAWK\alert\draw(), YAWK\sys\getHost(), YAWK\settings\getSetting(), YAWK\user\getToken(), YAWK\user\getUserEmail(), and YAWK\email\sendEmail().

◆ setNewPassword()

static YAWK\user::setNewPassword (   $db,
  $newPassword,
  $uid 
)
static

Set a new user password.

Parameters
string$newPasswordThe new password that will be stored in the database
int$uidThe affected user id
object$dbdatabase obj

Definition at line 189 of file user.php.

190  {
191  // check if new password is set and valid
192  if (isset($newPassword) && (!empty($newPassword)) && (is_string($newPassword)))
193  { // check if uid is set and valid
194  if (isset($uid) && (!empty($uid)) && (is_numeric($uid)))
195  {
196  // hash password
197  $newPassword = md5($newPassword);
198 
199  // update database - change password
200  if ($res = $db->query("UPDATE {users} SET password = '".$newPassword."' WHERE id = '".$uid."'"))
201  { // password changed successfully
202  \YAWK\sys::setSyslog($db, 9, 0, "user $uid changed his password", $uid, 0, 0, 0);
203  return true;
204  }
205  else
206  { // password cannot be changed
207  \YAWK\sys::setSyslog($db, 11, 1, "failed to update password of user $uid ", $uid, 0, 0, 0);
208  return false;
209  }
210  }
211  else
212  { // uid not set or not valid
213  \YAWK\sys::setSyslog($db, 11, 1, "uid not set, empty or wrong datatype", $uid, 0, 0, 0);
214  return false;
215  }
216  }
217  else
218  { // new password not set or not valid
219  \YAWK\sys::setSyslog($db, 11, 1, "failed to update user password: new password not set, empty or not valid", $uid, 0, 0, 0);
220  return false;
221  }
222  }

References $db, $res, and $uid.

Referenced by YAWK\controller\filterfilename().

◆ setUserTemplate()

YAWK\user::setUserTemplate (   $db,
  $overrideTemplate,
  $userTemplateID,
  $uid 
)

set status and override template for this user ID

Parameters
object$dbdatabase
int$overrideTemplate0|1 1 if template could be overridden by this user
int$userTemplateIDthe template ID you wish to set for this user
int$uiduser ID
Returns
bool

Definition at line 487 of file user.php.

488  { /* @param $db \YAWK\db */
489  if (!isset($overrideTemplate) && (!is_numeric($overrideTemplate)))
490  { // wrong param
491  return false;
492  }
493  if (!isset($userTemplateID) && (!is_numeric($userTemplateID)))
494  { // wrong param
495  return false;
496  }
497  if (!isset($uid) && (!is_numeric($uid)))
498  { // wrong param
499  return false;
500  }
501 
502  if ($res = $db->query("UPDATE {users} SET overrideTemplate = $overrideTemplate, templateID = $userTemplateID WHERE id = $uid"))
503  {
504  return true;
505  }
506  else
507  {
508  \YAWK\sys::setSyslog($db, 11, 1, "failed to update user template override - template ID: $userTemplateID", $uid, 0, 0, 0);
509  return false;
510  }
511  }
YAWK\user\$overrideTemplate
$overrideTemplate
Definition: user.php:77

References $db, YAWK\user\$overrideTemplate, $res, $uid, and $userTemplateID.

Member Data Documentation

◆ $blocked

YAWK\user::$blocked
  • Parameters
    int0|1 if 1, user is blocked and cannot login anymore

Definition at line 23 of file user.php.

◆ $city

YAWK\user::$city
  • Parameters
    stringcity

Definition at line 63 of file user.php.

◆ $country

YAWK\user::$country
  • Parameters
    stringcountry

Definition at line 65 of file user.php.

◆ $currentuser

YAWK\user::$currentuser
  • Parameters
    stringcurrent user name

Definition at line 19 of file user.php.

◆ $date_changed

YAWK\user::$date_changed
  • Parameters
    stringdatetime when user has changed

Definition at line 39 of file user.php.

◆ $date_created

YAWK\user::$date_created
  • Parameters
    stringdatetime when user was created

Definition at line 37 of file user.php.

◆ $date_expired

YAWK\user::$date_expired
  • Parameters
    stringdatetime when user account is about to expire

Definition at line 43 of file user.php.

◆ $date_lastlogin

YAWK\user::$date_lastlogin
  • Parameters
    stringdatetime when user has last logged in

Definition at line 41 of file user.php.

◆ $email

YAWK\user::$email
  • Parameters
    stringuser email address

Definition at line 47 of file user.php.

Referenced by YAWK\user\getUserList(), and YAWK\user\sendResetEmail().

◆ $facebook

YAWK\user::$facebook
  • Parameters
    stringuser facebook url

Definition at line 53 of file user.php.

◆ $firstname

YAWK\user::$firstname
  • Parameters
    stringuser firstname

Definition at line 55 of file user.php.

◆ $gid

YAWK\user::$gid
  • Parameters
    intgroup ID

Definition at line 33 of file user.php.

◆ $id

YAWK\user::$id
  • Parameters
    intuser ID

Definition at line 25 of file user.php.

◆ $job

YAWK\user::$job
  • Parameters
    stringjob description - can held any string

Definition at line 67 of file user.php.

◆ $lastlogin

YAWK\user::$lastlogin
  • Parameters
    stringdatetime when user has last logged in

Definition at line 69 of file user.php.

◆ $lastname

YAWK\user::$lastname
  • Parameters
    stringuser lastname

Definition at line 57 of file user.php.

◆ $likes

YAWK\user::$likes
  • Parameters
    inthow many likes the user has achieved

Definition at line 75 of file user.php.

◆ $logged_in

YAWK\user::$logged_in
  • Parameters
    int0|1 user is currently logged in - or at least: not logged out

Definition at line 73 of file user.php.

◆ $login_count

YAWK\user::$login_count
  • Parameters
    inthow many times the user have logged in

Definition at line 45 of file user.php.

◆ $online

YAWK\user::$online
  • Parameters
    int0|1 if 1, user is currently online (or at least: not logged out)

Definition at line 31 of file user.php.

◆ $overrideTemplate

YAWK\user::$overrideTemplate
  • Parameters
    intoverride the current template ID

Definition at line 77 of file user.php.

Referenced by YAWK\user\setUserTemplate().

◆ $password

YAWK\user::$password
  • Parameters
    stringuser password

Definition at line 35 of file user.php.

Referenced by YAWK\user\ajaxLogin(), YAWK\user\drawLoginBox(), and YAWK\user\drawMenuLoginBox().

◆ $privacy

YAWK\user::$privacy
  • Parameters
    int0|1 if 1, user privacy needs to be respected

Definition at line 29 of file user.php.

◆ $public_email

YAWK\user::$public_email
  • Parameters
    int0|1 1 means the email is public and can be shown on the website

Definition at line 71 of file user.php.

◆ $published

YAWK\user::$published
  • Parameters
    int0|1 if 1, user is published (active)

Definition at line 27 of file user.php.

◆ $street

YAWK\user::$street
  • Parameters
    stringstreet

Definition at line 59 of file user.php.

◆ $templateID

YAWK\user::$templateID
  • Parameters
    intcurrent template ID

Definition at line 79 of file user.php.

◆ $terms

YAWK\user::$terms
  • Parameters
    int0|1 indicates, if user has accepted the terms of service

Definition at line 81 of file user.php.

◆ $twitter

YAWK\user::$twitter
  • Parameters
    stringuser twitter url

Definition at line 51 of file user.php.

◆ $url

YAWK\user::$url
  • Parameters
    stringuser URL

Definition at line 49 of file user.php.

Referenced by YAWK\user\sendResetEmail().

◆ $username

YAWK\user::$username
  • Parameters
    stringusername

Definition at line 21 of file user.php.

Referenced by YAWK\user\getUserList(), and YAWK\user\sendResetEmail().

◆ $zipcode

YAWK\user::$zipcode
  • Parameters
    stringzip code

Definition at line 61 of file user.php.

The documentation for this class was generated from the following file: