Sponsorenverwaltung - Team StarCraft e.V.
 All Data Structures Files Functions Variables
class.user.php
Go to the documentation of this file.
1 <?php
2  /**
3  * @file class.user.php
4  *
5  * @brief Home of the class LoggedInUser
6  *
7  * @details
8  * This file is mainly indenpendent.
9  *
10  * @copyright 2013, Team StarCraft e.V.
11  * @version 1.0.0
12  * @author Usercake (http://usercake.com)
13  * @author Alexander Vorndran
14  * @author Daniel Seichter
15  * @date 02.07.2013
16  */
17 
18  /**
19  * @brief The main structure to store the data of a logged in user.
20  *
21  * @details
22  * The main structure to store the data of a logged in user. Besides storing
23  * the information and session identiefiers of a logged in user this class
24  * is also responsible for storing temporary results from searching
25  *
26  * This class is based on the class loggedInUser from UserCake (Version 2.0.2)
27  *
28  * This file depends on inc/common.php.
29  *
30  * @copyright 2013, Team StarCraft e.V.
31  * @version 1.0.0
32  * @author Usercake (http://usercake.com)
33  * @author Alexander Vorndran
34  * @author Daniel Seichter
35  * @date 02.07.2013
36  */
37  class LoggedInUser {
38 
39  //! Holds the email-address of the logged in user
40  public $email = NULL;
41  //! Holds the hashed password of the logged in user
42  public $passwordHash = NULL;
43  //! Holds the userid of the current user
44  public $userId = NULL;
45  //! An id to identify the current session
46  public $sessionId = NULL;
47  //! The username of the logged in user
48  public $username = NULL;
49  //! An array to store temporary results e.g. for exports
50  private $tempReults = array();
51  //! An array to store results of a search e.g. for sorting them
52  private $searchResults = array();
53  //! An array to store results of filtering the listview
54  private $filterResults = array();
55 
56  /**
57  * Simple function to update the last activity of a user
58  */
59  public function updateLastActivity() {
60  global $mysqli, $db;
61  $time = time();
62  $stmt = $mysqli->prepare("UPDATE " . $db['users'] . "
63  SET
64  last_sign_in_stamp = ?
65  WHERE
66  id = ?");
67  $stmt->bind_param("ii", $time, $this->userId);
68  $stmt->execute();
69  $stmt->close();
70  }
71 
72  /**
73  * Return the timestamp when the user registered
74  * @return integer timestamp of the sign-up
75  */
76  public function signupTimeStamp() {
77  global $mysqli, $db;
78 
79  $stmt = $mysqli->prepare("SELECT sign_up_stamp
80  FROM " . $db['users'] . "
81  WHERE id = ?");
82  $stmt->bind_param("i", $this->userId);
83  $stmt->execute();
84  $stmt->bind_result($timestamp);
85  $stmt->fetch();
86  $stmt->close();
87  return ($timestamp);
88  }
89 
90  /**
91  * Update a users password
92  * @param string $newPassword the new password
93  */
94  public function updatePassword($newPassword) {
95  global $mysqli, $db;
96  $secure_pass = generateImprovedHash($newPassword);
97  $stmt = $mysqli->prepare("UPDATE " . $db['users'] . "
98  SET
99  password = ?
100  WHERE
101  id = ?");
102  $stmt->bind_param("si", $secure_pass, $this->userId);
103  $result = $stmt->execute();
104  $stmt->close();
105  if(!$result===FALSE) {
106  $this->passwordHash = $secure_pass;
107  }
108 
109  }
110 
111  /**
112  * Update a users email
113  * @param string $newEmail the new e-mail-address
114  */
115  public function updateEmail($newEmail) {
116  global $mysqli, $db;
117  $this->email = $newEmail;
118  $stmt = $mysqli->prepare("UPDATE " . $db['users'] . "
119  SET
120  email = ?
121  WHERE
122  id = ?");
123  $stmt->bind_param("si", $newEmail, $this->userId);
124  $stmt->execute();
125  $stmt->close();
126  }
127 
128  /**
129  * Check if a user has a permission
130  * @param integer $permissionId the id of the permission that should be checked
131  * @return boolean TRUE if he has the permission FALSE if not
132  */
133  public function checkPermission($permissionId) {
134  global $mysqli, $db;
135 
136  $stmt = $mysqli->prepare("SELECT id
137  FROM " . $db['user_permission'] . "
138  WHERE user_id = ?
139  AND permission_id = ?
140  LIMIT 1
141  ");
142  $access = 0;
143  foreach ($permissionId as $check) {
144  if ($access == 0) {
145  $stmt->bind_param("ii", $this->userId, $check);
146  $stmt->execute();
147  $stmt->store_result();
148  if ($stmt->num_rows > 0) {
149  $access = 1;
150  }
151  }
152  }
153  $stmt->close();
154  if ($access == 1) {
155  return true;
156  } else {
157  return false;
158  }
159  }
160 
161  /**
162  * Returns the full name of the user
163  * @return string the full name of the user
164  */
165  public function getFullName() {
166  $details = fetchUserDetails(null, null, $this->userId);
167  return $details['firstname'] . " " . $details['lastname'];
168  }
169 
170  /**
171  * @author Alexander Vorndran
172  * @param array $result the result to store
173  * @param mixed $resultType
174  * - 1 for search results
175  * - 2 for filter results
176  * - 3 for temporary results
177  * @return string an identifier that can be used to access the stored result with the loadResult(...) function
178  */
179  private function storeResult($result, $resultType) {
180  if($resultType == 1) {
181  $storeArray = &$this->searchResults;
182  } else if ($resultType == 2) {
183  $storeArray = &$this->filterResults;
184  }else {
185  $storeArray = &$this->tempReults;
186  }
187  // avoid storing empty results
188  if(!empty($result) && is_array($result)) {
189  // if there are more than five results stored delete the oldest
190  if(count($storeArray)>=5) {
191  // sort by time
192  kdsort($storeArray, 1, SORT_ASC);
193  // delete oldest result
194  unset($storeArray[0]);
195  }
196  // try to avoid duplicate entrys
197  $matchingKey = NULL;
198  foreach ($storeArray as $resultSet) {
199  if(count($resultSet['result'])==count($result)) {
200  $diff = array_diff($resultSet['result'], $result);
201  if(empty($diff)) {
202  $matchingKey = $resultSet['id'];
203  break;
204  }
205  }
206  }
207  if($matchingKey==NULL) {
208  // this result identifier is the key to obtain the data later
209  $resultIdentifier = substr(sha1(uniqid($this->userId,true)),0,25);
210  $storeArray[] = array('result'=>$result,'time'=> time(),'id'=>$resultIdentifier);
211  return $resultIdentifier;
212  } else {
213  return $matchingKey;
214  }
215  }
216  }
217 
218  /**
219  * @author Alexander Vorndran
220  * Stores the given result and a the current time into an array.
221  * If there are 5 results stored already the oldest will be overwritten
222  * @param array $result the result to store
223  * @return string an identifier that can be used to access the stored result with the loadResult(...) function
224  */
225  public function storeTemporaryResult($result) {
226  return $this->storeResult($result, 3);
227  }
228 
229  /**
230  * @author Alexander Vorndran
231  * Stores the given result and a the current time into an array.
232  * If there are 5 results stored already the oldest will be overwritten
233  * @param array $result the result to store
234  * @return string an identifier that can be used to access the stored result with the loadResult(...) function
235  */
236  public function storeFilterResult($result) {
237  return $this->storeResult($result, 2);
238  }
239 
240  /**
241  * @author Alexander Vorndran
242  * Stores the given result and a the current time into an array.
243  * If there are 5 results stored already the oldest will be overwritten
244  * @param array $result the result to store
245  * @return string an identifier that can be used to access the stored result with the loadResult(...) function
246  */
247  public function storeSearchResult($result) {
248  return $this->storeResult($result, 1);
249  }
250 
251  /**
252  * @author Alexander Vorndran
253  * Load a result
254  * @param string $resultIdentifier
255  * @return mixed the stored result or FALSE if an error occurred
256  */
257  public function loadResult($resultIdentifier) {
258  if($this->isResultAvailable($resultIdentifier)) {
259  foreach ($this->tempReults as $cResult) {
260  if(strcmp($cResult['id'],$resultIdentifier)==0) {
261  return $cResult['result'];
262  }
263  }
264  foreach ($this->searchResults as $cResult) {
265  if(strcmp($cResult['id'],$resultIdentifier)==0) {
266  return $cResult['result'];
267  }
268  }
269  foreach ($this->filterResults as $cResult) {
270  if(strcmp($cResult['id'],$resultIdentifier)==0) {
271  return $cResult['result'];
272  }
273  }
274  } else {
275  return FALSE;
276  }
277  }
278 
279  /**
280  * Checks if the resource with the given identifier is still present
281  * @param string $resultIdentifier
282  * @return boolean
283  * - TRUE if it is present
284  * - FALSE if not
285  */
286  public function isResultAvailable($resultIdentifier) {
287  foreach ($this->tempReults as $cResult) {
288  if(strcmp($cResult['id'],$resultIdentifier)==0) {
289  return TRUE;
290  }
291  }
292  foreach ($this->searchResults as $cResult) {
293  if(strcmp($cResult['id'],$resultIdentifier)==0) {
294  return TRUE;
295  }
296  }
297  foreach ($this->filterResults as $cResult) {
298  if(strcmp($cResult['id'],$resultIdentifier)==0) {
299  return TRUE;
300  }
301  }
302  return FALSE;
303  }
304 
305  /**
306  * Save the current session-id to database
307  */
308  public function setStoredSession() {
309  global $mysqli, $db;
310 
311  $qry = "UPDATE " . $db['users'] . "
312  SET session_id = ?
313  WHERE id = ?";
314  $stmt = $mysqli->prepare($qry);
315  $stmt->bind_param("si", $this->sessionId, $this->userId);
316  $stmt->execute();
317  $stmt->close();
318  }
319 
320  /**
321  * Log the user out by reseting his session-id in the database and destroy the session variables
322  */
323  public function userLogOut() {
324  resetStoredSession($this->userId);
325  destroySession("userCakeUser");
326  }
327 
328  }
329 
330 ?>