database()->getStatus($uid)<3; switch ($type) { case 0: // unactivated user case 1: // user case 2: $obj = new User($uid); // admin case 3: $obj = new Group($uid); case 4: $obj = new Auth($uid); // deleted } self::$users[$uid] = $obj; } return self::$users[$uid]; } public static function isNameLegal($name) { // Current rules: // * Not in "$illegal_names" // * Does not contain '.' // * Fewer than 256 characters $illegal_names = array('', 'new', 'index', 'all'); return true && (!in_array($name, $illegal_names)) && (strpos($name,'.')===false) && (strpos($name,'!')===false) && (strlen($name)<256); } protected $db = null; protected $uid = false; public function __construct($uid) { global $mm; $this->db = $mm->database(); $this->uid = $uid; } public function getUID() { return $this->uid; } /**********************************************************************\ * The 'auth' table. * \**********************************************************************/ // Row Type //////////////////////////////////////////////////////////// /** * @return 0=unverified 1=user 2=admin 3=group 4=deleted */ protected function getType() { $type = $this->db->getStatus($this->uid); return $type; } protected function setType($type) { $logged_in_uid = Login::isLoggedIn(); $logged_in_obj = Auth::getObj($logged_in_uid); $is_admin = $logged_in_obj->isAdmin(); if (!$is_admin) return false; return $this->db->setStatus($this->uid, $type); } public function isUser() { $type = $this->getType(); return ($type===1) || ($type===2); } public function isAdmin() { $type = $this->getType(); return ($type===2); } public function isGroup() { $type = $this->getType(); return ($type===3); } public function setUser($is_user) { $is_user = ($is_user?true:false); if ($this->isUser() != $is_user) { $this->setType($is_user?1:0); } } public function setAdmin($is_admin) { $is_admin = ($is_admin?true:false); $is_user = $this->isUser(); $this->setType($is_admin?2:($is_user?1:0)); } public function delete() { $this->setType(4); } // Permissions ///////////////////////////////////////////////////////// public function canRead() { $logged_in_uid = Login::isLoggedIn(); $is_me = ($logged_in_uid === $this->uid); $logged_in_obj = Auth::getObj($logged_in_uid); $is_user = $logged_in_obj->isUser(); return ($is_me || $is_user); } public function canEdit() { $logged_in_uid = Login::isLoggedIn(); $is_me = ($logged_in_uid === $this->uid); $logged_in_obj = Auth::getObj($logged_in_uid); $is_admin = $logged_in_obj->isAdmin(); return ($is_me || $is_admin); } // [user|group]name //////////////////////////////////////////////////// public function getName() { return $this->db->getUsername($this->uid); } public function setName($new_name) { if (!$this->canEdit()) return false; if (!self::isNameLegal($new_name)) return false; return $this->db->setUsername($this->uid, $new_name); } /**********************************************************************\ * The 'users' table. * \**********************************************************************/ public function getConf($setting) { if (!$this->canRead()) return false; return $this->db->getUserConf($this->uid, $setting); } public function setConf($setting, $value) { if (!$this->canEdit()) return false; return $this->db->setUserConf($this->uid, $setting, $value); } public function getConfArray($setting) { $string = $this->getConf($setting); return $this->db->valueToArray($string); } public function setConfArray($setting, $list) { $string = $this->db->arrayToValue($list); return $this->setConf($setting, $string); } }