| 602 |
stephane |
1 |
<?php
|
|
|
2 |
/*
|
|
|
3 |
|
|
|
4 |
*/
|
|
|
5 |
require_once('mysql.class.php');// the mysql class in already OK!
|
|
|
6 |
|
|
|
7 |
class radiusMysqlUser
|
|
|
8 |
{
|
|
|
9 |
// public properties
|
|
|
10 |
// no public properties
|
|
|
11 |
|
|
|
12 |
// private properties
|
|
|
13 |
private $database = null;
|
|
|
14 |
private $username = null;
|
|
|
15 |
private $userid = 0;
|
|
|
16 |
private $userInfos = Array("Username"=>"","Name"=>"","Mail"=>"","Department"=>"","WorkPhone"=>"","HomePhone"=>"","Mobile"=>"");
|
|
|
17 |
private $checkItems = Array();
|
|
|
18 |
private $replyItems = Array();
|
|
|
19 |
|
|
|
20 |
//TO DO : init $userInfos, $checkItems and $replyItems fields and operator from config file !!!! URGENT
|
|
|
21 |
|
|
|
22 |
|
|
|
23 |
// protected properties
|
|
|
24 |
// no protected properties
|
|
|
25 |
|
|
|
26 |
// Class constructor
|
|
|
27 |
public function __construct($dbOptions = Array(), $attributeConfig = Array())
|
|
|
28 |
{
|
|
|
29 |
/*
|
|
|
30 |
Db init and config init to do!
|
|
|
31 |
*/
|
|
|
32 |
$this->database = new mysql("127.0.0.1","root","","radius");
|
|
|
33 |
}
|
|
|
34 |
// Class destructor
|
|
|
35 |
public function __destruct()
|
|
|
36 |
{
|
|
|
37 |
//$this->mysql->close(); //is private !
|
|
|
38 |
$this->database = null;
|
|
|
39 |
}
|
|
|
40 |
// public methods
|
|
|
41 |
public static function find($options = Array(), $escape=false)
|
|
|
42 |
{
|
|
|
43 |
$database = new mysql("127.0.0.1","root","","radius");
|
|
|
44 |
/*
|
|
|
45 |
If the options are not xss clean, escape all options string by calling _escapeDatas() method.
|
|
|
46 |
*/
|
|
|
47 |
if ($escape == true) {
|
|
|
48 |
//$this->_extractArray($options, true); //create variable from $options array and get xss clean for mysql database
|
|
|
49 |
$options = $this->_escapeDatas($options); //create variable from $options array and get xss clean for mysql database
|
|
|
50 |
}
|
|
|
51 |
/*
|
|
|
52 |
The differents $options values are :
|
|
|
53 |
|
|
|
54 |
$distinct -> only distinct response ?
|
|
|
55 |
$username -> only for this username
|
|
|
56 |
$fields -> fields to return (default : username)
|
|
|
57 |
$search -> search value to find
|
|
|
58 |
$search_IN -> search in this/those field(s)(text or array)
|
|
|
59 |
$limit -> to limit the resultset
|
|
|
60 |
$offset -> offset (work with $limit for pagination)
|
|
|
61 |
$sortby -> sort by x field (default : no sorting)
|
|
|
62 |
$sortdir -> sort direction (ASC/DESC) (default : no sorting)
|
|
|
63 |
$radius_attr-> radius attribute to find (text or array) if search_IN = radius
|
|
|
64 |
*/
|
|
|
65 |
|
|
|
66 |
//mysql_real_escape_string
|
|
|
67 |
|
|
|
68 |
|
|
|
69 |
$sql = "SELECT ";
|
|
|
70 |
// distinct option
|
|
|
71 |
if ((isset($distinct))&&($distinct=="distinct"))
|
|
|
72 |
$sql .= "DISTINCT ";
|
|
|
73 |
// field option (make sure that the field exist!)
|
|
|
74 |
if ((isset($options['fields']))&&($options['fields']!='')){
|
|
|
75 |
$sql .= $options['fields'].", username ";
|
|
|
76 |
}else{
|
|
|
77 |
$sql .= "username ";
|
|
|
78 |
}
|
|
|
79 |
$sql .= "FROM userinfo ";
|
|
|
80 |
// search option
|
|
|
81 |
if ((isset($options['username']))&&($options['username']!='')){
|
|
|
82 |
|
|
|
83 |
}
|
|
|
84 |
// where option
|
|
|
85 |
if ((isset($options['username']))&&($options['username']!=""))
|
|
|
86 |
{
|
|
|
87 |
$sql .= "WHERE username='".$options['username']."'";
|
|
|
88 |
$this->username = $options['username'];
|
|
|
89 |
}
|
|
|
90 |
// sort
|
|
|
91 |
if ((isset($options['sortby']))&&($options['sortby']!='')){
|
|
|
92 |
$sql .= "ORDER BY ".$options['sortby']." ";
|
|
|
93 |
if ((isset($options['sortdir']))&&($options['sortdir']!='')){
|
|
|
94 |
$sql .= "LIMIT ".$options['sortdir']." ";
|
|
|
95 |
}
|
|
|
96 |
}
|
|
|
97 |
// limit / offset
|
|
|
98 |
if ((isset($options['limit']))&&($options['limit']!='')){
|
|
|
99 |
if ((isset($options['offset']))&&($options['offset']!='')){
|
|
|
100 |
$sql .= "LIMIT $offset $limit ";
|
|
|
101 |
} else {
|
|
|
102 |
$sql .= "LIMIT $limit ";
|
|
|
103 |
}
|
|
|
104 |
|
|
|
105 |
}
|
|
|
106 |
$sql .= ";";
|
|
|
107 |
|
|
|
108 |
// query
|
|
|
109 |
$result = $database->query($sql);
|
|
|
110 |
// return the result values
|
|
|
111 |
return $result;
|
|
|
112 |
}
|
|
|
113 |
public function load($username, $attribute = false) //ok
|
|
|
114 |
{
|
|
|
115 |
/*
|
|
|
116 |
Load an user from mysql database. If $attribute==true, get all chekitems and replyitems attributes too.
|
|
|
117 |
*/
|
|
|
118 |
$sql = "SELECT * FROM userinfo WHERE UserName='$username';";
|
|
|
119 |
$result = $this->database->query($sql);
|
|
|
120 |
|
|
|
121 |
if (count($result) != 1) return false;
|
|
|
122 |
|
|
|
123 |
$this->userInfos = $result[0];
|
|
|
124 |
|
|
|
125 |
if ($attribute === true){
|
|
|
126 |
|
|
|
127 |
// get from radcheck table
|
|
|
128 |
$result=null;
|
|
|
129 |
$sql = "SELECT * FROM radcheck WHERE username='$username';";
|
|
|
130 |
$result = $this->database->query($sql);
|
|
|
131 |
if (count($result) != 1) return false;
|
|
|
132 |
$this->checkItems = $result[0];
|
|
|
133 |
|
|
|
134 |
// get from radreply table
|
|
|
135 |
$result=null;
|
|
|
136 |
$sql = "SELECT * FROM radreply WHERE username='$username';";
|
|
|
137 |
$result = $this->database->query($sql);
|
|
|
138 |
if (count($result) != 1) return false;
|
|
|
139 |
$this->replyItems = $result[0];
|
|
|
140 |
}
|
|
|
141 |
|
|
|
142 |
return true;
|
|
|
143 |
}
|
|
|
144 |
public function add()
|
|
|
145 |
{
|
|
|
146 |
/*
|
|
|
147 |
Add the current user with all his attribute in the mysql database
|
|
|
148 |
(only if the user not already exist)
|
|
|
149 |
*/
|
|
|
150 |
$sql = "";
|
|
|
151 |
//INSERT INTO table (a,b,c) VALUES (1,2,3)
|
|
|
152 |
|
|
|
153 |
//INSERT userinfo table (insert)
|
|
|
154 |
$sql = "INSERT INTO userinfo (UserName, Name, Mail, Department, WorkPhone, HomePhone, Mobile) VALUES ()";
|
|
|
155 |
//INSERT radcheck table (insert)
|
|
|
156 |
$sql = "";
|
|
|
157 |
//INSERT radreply table (insert)
|
|
|
158 |
$sql = "";
|
|
|
159 |
//INSERT radusergroup table (insert)
|
|
|
160 |
$sql = "";
|
|
|
161 |
//INSERT radpostauth table (insert)
|
|
|
162 |
|
|
|
163 |
|
|
|
164 |
}
|
|
|
165 |
public function delete() //ok
|
|
|
166 |
{
|
|
|
167 |
/*
|
|
|
168 |
Delete the current user from the mysql database
|
|
|
169 |
note : this function doesn't delete any accounting record of the current user
|
|
|
170 |
*/
|
|
|
171 |
if ($this->userid == 0) return 0; //0 record deleted
|
|
|
172 |
|
|
|
173 |
//can be better with transaction
|
|
|
174 |
$sql1 = "DELETE FROM radreply WHERE username = $this->username ;";
|
|
|
175 |
$sql2 = "DELETE FROM radcheck WHERE username = $this->username ;";
|
|
|
176 |
$sql3 = "DELETE FROM radpostauth WHERE username = $this->username ;";
|
|
|
177 |
$sql4 = "DELETE FROM radusergroup WHERE username = $this->username ;";
|
|
|
178 |
$sql5 = "DELETE FROM userinfo WHERE username = $this->username ;";
|
|
|
179 |
|
|
|
180 |
$nb1 = $this->database->exec($sql1);
|
|
|
181 |
$nb2 = $this->database->exec($sql2);
|
|
|
182 |
$nb3 = $this->database->exec($sql3);
|
|
|
183 |
$nb4 = $this->database->exec($sql4);
|
|
|
184 |
$nb5 = $this->database->exec($sql5);
|
|
|
185 |
|
|
|
186 |
return ($nb1+$nb2+$nb3+$nb4+$nb5); // n record deleted
|
|
|
187 |
}
|
|
|
188 |
public function update()
|
|
|
189 |
{
|
|
|
190 |
/*
|
|
|
191 |
Update the current user with all his attribute in the mysql database
|
|
|
192 |
(only if the user does not already exist)
|
|
|
193 |
*/
|
|
|
194 |
if ($this->userid == 0) return 0; //0 record deleted
|
|
|
195 |
|
|
|
196 |
//UPDATE userinfo table (update)
|
|
|
197 |
|
|
|
198 |
//UPDATE radcheck table (update)
|
|
|
199 |
|
|
|
200 |
//UPDATE radreply table (update)
|
|
|
201 |
|
|
|
202 |
//UPDATE radusergroup table (update)
|
|
|
203 |
|
|
|
204 |
//UPDATE radpostauth table (update)
|
|
|
205 |
}
|
|
|
206 |
public function save() //ok
|
|
|
207 |
{
|
|
|
208 |
/*
|
|
|
209 |
insert or Update the current user with all his attribute in the mysql database
|
|
|
210 |
(use add() and update() method)
|
|
|
211 |
*/
|
|
|
212 |
if ($this->userid == 0){
|
|
|
213 |
return $this->add();
|
|
|
214 |
} else {
|
|
|
215 |
return $this->update();
|
|
|
216 |
}
|
|
|
217 |
}
|
|
|
218 |
public function get($userInfo = 'null') //ok
|
|
|
219 |
{
|
|
|
220 |
/*
|
|
|
221 |
return userInfos
|
|
|
222 |
*/
|
|
|
223 |
if (array_key_exists($userInfo, $this->userInfos)){
|
|
|
224 |
return $this->userInfos[$userInfo];
|
|
|
225 |
} else {
|
|
|
226 |
return $this->userInfos;
|
|
|
227 |
}
|
|
|
228 |
}
|
|
|
229 |
public function set($userInfo) //ok
|
|
|
230 |
{
|
|
|
231 |
/*
|
| 610 |
stephane |
232 |
Set a value in userInfos
|
| 602 |
stephane |
233 |
*/
|
|
|
234 |
if (array_key_exists($userInfo, $this->userInfos)){
|
|
|
235 |
$this->userInfos[$userInfo] = $userInfo;
|
|
|
236 |
}
|
|
|
237 |
if (strtolower($userInfo) == "username") $this->username = $userInfo;
|
|
|
238 |
}
|
|
|
239 |
public function getAttribute($attribute = null)
|
|
|
240 |
{
|
|
|
241 |
/*
|
|
|
242 |
Get a checkItem or replyItem from the user or get the value from the mysql database
|
|
|
243 |
*/
|
|
|
244 |
if (array_key_exists($attribute, $this->userInfos)){
|
|
|
245 |
|
|
|
246 |
} elseif (array_key_exists($attribute, $this->checkItems)){
|
|
|
247 |
|
|
|
248 |
} elseif (array_key_exists($attribute, $this->replyItems)){
|
|
|
249 |
|
|
|
250 |
} else{
|
|
|
251 |
|
|
|
252 |
}
|
|
|
253 |
}
|
|
|
254 |
public function setAttribute($attribute)
|
|
|
255 |
{
|
|
|
256 |
/*
|
|
|
257 |
Set a checkItem or replyItem of the user
|
|
|
258 |
*/
|
|
|
259 |
}
|
|
|
260 |
public function checkPassword($pwd)
|
|
|
261 |
{
|
|
|
262 |
// Check the user password
|
|
|
263 |
// Return true or false
|
|
|
264 |
}
|
|
|
265 |
public function setPassword($pwd)
|
|
|
266 |
{
|
|
|
267 |
// Set or change the user password
|
|
|
268 |
}
|
|
|
269 |
// private methods
|
|
|
270 |
private function _escapeDatas($options)
|
|
|
271 |
{
|
|
|
272 |
|
|
|
273 |
}
|
|
|
274 |
private function _init($configFile)
|
|
|
275 |
{
|
|
|
276 |
|
|
|
277 |
}
|
|
|
278 |
// protected methods
|
|
|
279 |
// no protected method
|
|
|
280 |
}
|
|
|
281 |
?>
|