Subversion Repositories ALCASAR

Rev

Rev 610 | Blame | Last modification | View Log

<?php
/*

*/
if (!(defined('ALCASAR_SESSION') && (ALCASAR_SESSION === 1))){
        exit();
}
require_once('mysql.class.php');// the mysql class in already OK!
require_once(ALCASAR_ADMIN_PATH_INC.'/config.inc.php');
require_once('attrmap.php');

class radiusMysqlUser
{
        // public properties
        // no public properties
        
        // private properties
        private $database       = null;
        private $username       = null;
        private $userpassword   = null; //$userpassword attribute = Crypt-Password
        private $userInfos      = Array("id"=>"0","Username"=>"","Name"=>"","Mail"=>"","Department"=>"","WorkPhone"=>"","HomePhone"=>"","Mobile"=>"");
        private $checkItems     = Array();
        private $replyItems     = Array();
        private $op                     = Array();
        private $groups         = Array();
        
        //TO DO : init $userInfos, $checkItems and $replyItems fields and operator from config file !!!! URGENT
        
        
        // protected properties
        // no protected properties
        
        // Class constructor
        public function __construct($dbOptions = Array())//ok
        {
                if (count($dbOptions) == 0){
                        global $config;
                        $this->database = new mysql($config['mysql_host'],$config['mysql_user'],$config['mysql_pwd'],$config['mysql_db']);
                } else {
                        extract($dbOptions);
                        if (isset($mysql_host)&&isset($mysql_user)&&isset($mysql_pwd)&&isset($mysql_db)){
                                $this->database = new mysql($mysql_host,$mysql_user,$mysql_pwd,$mysql_db);
                        }
                }
                $this->_init();
        }
        // Class destructor
        public function __destruct()
        {
                //$this->mysql->close();        //is private !
                $this->database = null;
        }
        // public methods
        public static function find($options = Array(), $escape=false)
        {
                $database = new mysql("127.0.0.1","root","","radius");
                /*
                If the options are not xss clean, escape all options string by calling _escapeDatas() method.
                */
                if ($escape == true) { 
                        //$this->_extractArray($options, true); //create variable from $options array and get xss clean for mysql database
                        $options = $this->_escapeDatas($options); //create variable from $options array and get xss clean for mysql database
                }
                /*
                The differents $options values are :
                
                $distinct       -> only distinct response ?
                $username       -> only for this username
                $fields         -> fields to return (default : username)
                $search         -> search value to find
                $search_IN      -> search in this/those field(s)(text or array)
                $limit          -> to limit the resultset
                $offset         -> offset (work with $limit for pagination)
                $sortby         -> sort by x field (default : no sorting)
                $sortdir        -> sort direction (ASC/DESC) (default : no sorting)
                $radius_attr-> radius attribute to find (text or array) if search_IN = radius
                */
                
                //mysql_real_escape_string
                
                
                $sql = "SELECT ";
                // distinct option
                if ((isset($distinct))&&($distinct=="distinct"))
                        $sql .= "DISTINCT ";
                // field option (make sure that the field exist!)
                if ((isset($options['fields']))&&($options['fields']!='')){
                        $sql .= $options['fields'].", username ";
                }else{
                        $sql .= "username ";
                }
                $sql .= "FROM userinfo ";
                // search option
                if ((isset($options['username']))&&($options['username']!='')){
                
                }
                // where option
                if ((isset($options['username']))&&($options['username']!=""))
                {
                        $sql .= "WHERE username='".$options['username']."'";
                        $this->username = $options['username'];
                }
                // sort
                if ((isset($options['sortby']))&&($options['sortby']!='')){
                        $sql .= "ORDER BY ".$options['sortby']." ";
                        if ((isset($options['sortdir']))&&($options['sortdir']!='')){
                                $sql .= "LIMIT ".$options['sortdir']." ";
                        }
                }
                // limit / offset
                if ((isset($options['limit']))&&($options['limit']!='')){
                        if ((isset($options['offset']))&&($options['offset']!='')){
                                $sql .= "LIMIT $offset $limit ";
                        } else {
                                $sql .= "LIMIT $limit ";
                        }
                        
                }
                $sql .= ";";

                // query
                $result = $database->query($sql);
                // return the result values
                return $result;
        }
        public function load($username, $attribute = false) //ok
        {
                /*
                Load an user from mysql database. If $attribute==true, get all chekitems and replyitems attributes too.
                */
                $sql = "SELECT * FROM userinfo WHERE UserName='$username';";
                $result = $this->database->query($sql);
        
                if (count($result) != 1) return false;
                
                $this->userInfos = $result[0];

                $sql = "SELECT * FROM radusergroup WHERE UserName='$username';";
                $groups = $this->database->query($sql);
        
                foreach ($groups as $group){
                        $this->groups[] = $group['groupname'];
                }
                
                if ($attribute === true){
                
                        // get from radcheck table
                        $rows=null;
                        $sql = "SELECT * FROM radcheck WHERE username='$username';";
                        $rows = $this->database->query($sql);
                        
                        foreach ($rows as $row){
                                $this->checkItems[$row['attribute']] = $row['value'];
                        }
                        
                        // get from radreply table
                        $rows=null;
                        $sql = "SELECT * FROM radreply WHERE username='$username';";
                        $rows = $this->database->query($sql);
                        foreach ($rows as $row){
                                $this->replyItems[$row['attribute']] = $row['value'];
                        }
                }
                
                return true;
        }
        public function add()//ok
        {
                /*
                Add the current user with all his attribute in the mysql database
                (only if the user not already exist)
                */
                $sql = "";
                //INSERT INTO table (a,b,c) VALUES (1,2,3)
                
                //INSERT userinfo table (insert)
                $sql = "INSERT INTO userinfo (UserName, Name, Mail, Department, WorkPhone, HomePhone, Mobile) VALUES ($this->username, $this->userInfos['Name'], $this->userInfos['Mail'], $this->userInfos['Department'],$this->userInfos['WorkPhone'],$this->userInfos['HomePhone'],$this->userInfos['Mobile'])";
                $this->database->exec($sql);
                
                //INSERT radcheck table (insert)
                foreach($this->checkItems as $key => $value){
                        if ($value!=""){
                                $sql = "INSERT INTO radcheck (UserName, attribute, op, value) VALUES ($this->username, $key, $this->op[$key], $value)";
                                $this->database->exec($sql);
                        }
                }
                //INSERT radreply table (insert)
                foreach($this->replyItems as $key => $value){
                        if ($value!=""){
                                $sql = "INSERT INTO radreply (UserName, attribute, op, value) VALUES ($this->username, $key, $this->op[$key], $value)";
                                $this->database->exec($sql);
                        }
                }
                //INSERT radusergroup table (insert)
                foreach($this->groups as $group){
                        $sql = "INSERT INTO radusergroup (userName, groupname, priority) VALUES ($this->username, $group, 1)";
                        $this->database->exec($sql);
                }
                
                //INSERT radpostauth table (insert)
                //$sql = "INSERT INTO radpostauth () VALUES ()";
                // NOT YET !
                
                //FUNCTION SET PASSWORD MUST BE CALLED MANUALLY !!!
        }
        public function delete() //ok
        {
                if ($this->username === null)
                        return false;
                        
                /*
                Delete the current user from the mysql database
                note : this function doesn't delete any accounting record of the current user
                */
                if ($this->userid == 0) return 0; //0 record deleted
                
                //can be better with transaction
                $sql1 = "DELETE FROM radreply WHERE username = $this->username ;";
                $sql2 = "DELETE FROM radcheck WHERE username = $this->username ;";
                $sql3 = "DELETE FROM radpostauth WHERE username = $this->username ;";
                $sql4 = "DELETE FROM radusergroup WHERE username = $this->username ;";
                $sql5 = "DELETE FROM userinfo WHERE username = $this->username ;";
                
                $nb1 = $this->database->exec($sql1);
                $nb2 = $this->database->exec($sql2);
                $nb3 = $this->database->exec($sql3);
                $nb4 = $this->database->exec($sql4);
                $nb5 = $this->database->exec($sql5);
                
                return ($nb1+$nb2+$nb3+$nb4+$nb5); // n record deleted
        }
        public function update()
        {
                if ($this->username === null)
                        return false;
                        
                /*
                Update the current user with all his attribute in the mysql database
                (only if the user does not already exist)
                */
                if ($this->userid == 0) return 0; //0 record deleted
                
                //UPDATE userinfo table (update)
                
                //UPDATE radcheck table (update)
                foreach ($this->checkItems  as $checkItem){
                        if ($checkItem == ""){
                                $this->_deleteItem($checkItem, "radcheck");
                        } else {
                                $this->_insertUpdateItem($checkItem, "radcheck");
                        }
                }
                //UPDATE radreply table (update)
                foreach ($this->replyItems  as $replyItem){
                        if ($replyItem == ""){
                                $this->_deleteItem($replyItem, "radreply");
                        } else {
                                $this->_insertUpdateItem($replyItem, "radreply");
                        }
                }
                //UPDATE radusergroup table (update)
                foreach ($this->groups  as $group){
                        if ($group == ""){
                                $this->_deletegroup($group);
                        } else {
                                $this->_insertUpdateGroup($group);
                        }
                }
                //UPDATE radpostauth table (update)
                //NOT YET
        }
        public function save()
        {
                if ($this->username === null)
                        return false;
                        
                /*
                insert or Update the current user with all his attribute in the mysql database
                (use add() and update() method)
                */
                if ($this->userInfos['id'] != 0){
                        // User was loaded, so it exist
                        return $this->update();
                }else{
                        // load function was not called, we must test if the user exist!
                        $options['username'] = $this->username;
                        $users = radiusMysqlUser::find($options);
                        if (count($users)==0){
                                //username do not exist
                                
                        } elseif (count($users)==1){
                                //username already exist
                                return $this->update();
                        } else {
                                // error in database, we fixe it
                                $this->delete();
                                return $this->add();
                        }
                }
        }
        
        public function set($key = null, $val=null)//ok
        {
                /*
                Set a value in userInfos, checkItem or replyItem
                */
                //exit('hs1');
                if (($key == null)||($val == null)){
                        //exit('hs2');
                        return false;
                } else {
                        if (array_key_exists($key, $this->userInfos)){
                                $this->userInfos[$key] = $val;
                                //exit('hs3');
                        } elseif (array_key_exists($key, $this->checkItems)){
                                $this->checkItems[$key] = $val;
                                //exit('hs4');
                        } elseif (array_key_exists($key, $this->replyItems)){
                                $this->replyItems[$key] = $val;
                                //exit('hs5');
                        } else{
                                //exit('hs6');
                                return false;
                        }
                        return true;
                }               
        }
        public function get($key = null)//ok
        {
                /*
                Get a userInfos, checkItem or replyItem from the user or get the value from the mysql database
                */
                if ($key == null){
                        $tmp = array_merge($this->userInfos,$this->checkItems, $this->replyItems);
                        return array_change_key_case($tmp);
                } else {
                        if (array_key_exists($key, $this->userInfos)){
                                 return $this->userInfos[$key];
                        } elseif (array_key_exists($key, $this->checkItems)){
                                return $this->checkItems[$key];
                        } elseif (array_key_exists($key, $this->replyItems)){
                                return $this->replyItems[$key];
                        } else{
                                return null;
                        }
                }
        }
        public function checkPassword($pwd)
        {
                //      Check the user password
                //      Return true or false
        }
        public function setPassword($pwd = null, $username = null)
        {
                if ($pwd==null){
                        $pwd = $this->_encrypt($this->checkitems);
                } else {
                
                }
                
                //      Set or change the user password
                /*
                $sql = 
                "SELECT value FROM $config[sql_check_table] WHERE username = '$login'
                        AND attribute = '$config[sql_password_attribute]';");
                
"UPDATE $config[sql_check_table] SET value = '$passwd' $text3 WHERE
                                attribute = '$config[sql_password_attribute]' AND username = '$login';"

"INSERT INTO $config[sql_check_table] (attribute,value,username $text1)
                                        VALUES ('$config[sql_password_attribute]','$passwd','$login' $text2);"
                                        
                */
        }
        
        public function groups()
        {
                return $this->groups;
        }
        public function addgroup($groupname)//ok
        {
                $this->groups[] = $groupname;
        }
        public function deletegroup($groupname)//ok
        {
                if (array_key_exists($groupname, $this->groups)){
                        unset($this->groups[$groupname]);
                }
        }
        // private methods
        private function _insertUpdateItem($itemName, $tableName)
        {
                // faire un select
                $sqlSelect = "";
                $result = $database->query($sqlSelect);
                if (count($result) > 0){
                        // update si réponse select > 0
                        $sqlUpdate = "";
                        return $this->database->exec($sqlUpdate);
                } else {
                        // insert si réponse select == 0
                        $sqlInsert = "";
                        return $this->database->exec($sqlInsert);
                }
        }
        private function _deleteItem($itemName, $tableName)
        {
                $sql1 = "DELETE FROM $tableName WHERE username = $this->username AND attribute = $itemName;";
                return $this->database->exec($sql1);
        }
        private function _insertUpdateGroup($groupName)
        {
                // faire un select
                $sqlSelect = "";
                $result = $database->query($sqlSelect);
                if (count($result) > 0){
                        // update si réponse select > 0
                        $sqlUpdate = "";
                        return $this->database->exec($sqlUpdate);
                } else {
                        // insert si réponse select == 0
                        $sqlInsert = "";
                        return $this->database->exec($sqlInsert);
                }
        }
        private function _deletegroup($groupName)
        {
                $sql1 = "DELETE FROM radusergroup WHERE username = $this->username AND groupname = $groupName;";
                return $this->database->exec($sql1);
        }
        private function _escapeDatas($options)
        {
        
        }
        private function _encrypt()
        {
                $numargs=func_num_args();
                $passwd=func_get_arg(0);
                # calcul d'un salt pour forcer le chiffrement en MD5 au lieu de blowfish par defaut dans php version mdva > 2007.1
                $salt='$1$passwd$';
                if ($numargs == 2){
                        $salt=func_get_arg(1);
                        return crypt($passwd,$salt);
                }
                        return crypt($passwd,$salt);
        }
        private function _init()
        {
                //TO DO : supprimer les variables globales
                global $attrmap, $attr_type, $attr_op;
                
                foreach ($attrmap as $attr){
                        if ($attr_type[$attr]=="checkItem"){
                                $this->checkItems[$attr] = "";
                        }elseif ($attr_type[$attr]=="replyItem"){
                                $this->replyItems[$attr] = "";
                        }
                        if ($attr_op[$attr] != ""){
                                $this->op[$attr] = $attr_op[$attr];
                        } else {
                                $this->op[$attr] = "=";
                        }
                }               
        }
        // protected methods
        // no protected method
}
?>

Generated by GNU Enscript 1.6.6.