lib/User_Registered.php

   1 <?php
   2 /**
   3  * Class for a registered user, but not the one viewing the page.
   4  *
   5  * @author Ant P <p@cpi.merseine.nu>
   6  * @license file://../COPYING
   7  * @version 2.15
   8  */
   9 class User_Registered extends User_Anonymous
  10 {
  11     public $admin;
  12
  13     function __construct($userid)
  14     {
  15         $this->attrcache = SO2::$DB->q('SELECT * FROM users WHERE userid = ?', $userid);
  16         $this->attrcache['options'] = explode(',', $this->attrcache['options']);
  17         $this->admin = ('admin' == $this->attrcache['level']);
  18     }
  19
  20     function __get($v)
  21     {
  22         switch ( $v ) {
  23             case 'reg_ip':
  24             case 'last_ip':
  25             case 'last_login_ip':
  26                 return SO2::$DB->q('SELECT INET_NTOA(?)', $this->attrcache[$v], SO2_PDO::QVALUE);
  27             case 'password':
  28                 return SO2::$DB->q('SELECT AES_DECRYPT(?, ?)',
  29                                    array($this->attrcache[$v], $this->attrcache['reg_ip']), SO2_PDO::QVALUE);
  30             case 'posts':
  31                 return SO2::$DB->q('SELECT COUNT(*) FROM messages WHERE userid = ?',
  32                                    $this->attrcache['userid'], SO2_PDO::QVALUE);
  33         }
  34
  35         if ( array_key_exists($v, $this->attrcache) ) {
  36             return $this->attrcache[$v];
  37         }
  38
  39         throw new OutOfBoundsException('Invalid attribute name '.$v);
  40     }
  41
  42     function __set($var, $value)
  43     {
  44         $column = '?';
  45
  46         switch ( $var ) {
  47             case 'reg_ip':
  48             case 'last_ip':
  49             case 'last_login_ip':
  50                 if ( strpos($value, ':') !== false ) { // IPv6
  51                     $value = 'NULL';
  52                     break;
  53                 }
  54                 $column = 'INET_ATON(?)';
  55                 break;
  56             case 'password':
  57                 $var = 'passwd';
  58                 $column = 'AES_ENCRYPT(?, reg_ip)';
  59                 break;
  60             case 'points':
  61                 $this->attrcache['points'] = $value;
  62                 $tmp = sqrt($value);
  63
  64                 $invites = SO2::$DB->q('SELECT COUNT(*) FROM things WHERE what = \'invite\' AND userid = ?',
  65                                        $this->attrcache['userid'], SO2_PDO::QVALUE);
  66
  67                 if ( floor($tmp) == $tmp
  68                 &&   $tmp > $this->attrcache['invites']
  69                 &&   $invites < 5 ) {
  70                     SO2::$DB->q('INSERT INTO things VALUES (NULL, ?, \'invite\', UUID())', $this->attrcache['userid']);
  71                     SO2::$DB->q('UPDATE users SET invites = (invites + 1) WHERE userid = ?', $this->attrcache['userid']);
  72                 }
  73                 break;
  74             case 'options':
  75                 if ( is_array($value) ) {
  76                     $this->attrcache['options'] = $value;
  77                     $value = implode(',', $value);
  78                 }
  79                 break;
  80             default:
  81                 $this->attrcache[$var] = $value;
  82         }
  83         SO2::$DB->q('UPDATE users SET '.$var.' = '.$column.' WHERE userid = ?', array($value, $this->attrcache['userid']));
  84     }
  85
  86     function __toString()
  87     {
  88         return $this->attrcache['alias'];
  89     }
  90
  91     /**
  92      * Check whether the user's password in the DB is Null.
  93      */
  94     public function check_nullpass()
  95     {
  96         return SO2::$DB->query('SELECT COUNT(*) FROM users WHERE userid = @userid AND passwd IS NULL')->fetchColumn(0);
  97     }
  98
  99     /**
 100      * Access control function
 101      * @return mixed Value equivalent to true/false, actual value varies with implementation
 102      */
 103     public function has_access($feature, array $details = array())
 104     {
 105         if ( $this->admin )
 106             return 5;
 107
 108         switch ( $feature ) {
 109             // Board access
 110             case 'posttopic':
 111                 if ( $this->points < 0 || 'none' == $this->level ) return false;
 112                 return $this->access_level($details['topic_lvl'], $details['points']);
 113             case 'postmessage':
 114                 if ( 'none' == $this->level ) return false;
 115                 return $this->access_level($details['post_lvl'], $details['points']);
 116             case 'viewboard':
 117                 return $this->access_level($details['view_lvl'], $details['points']);
 118
 119             // Misc stuff
 120             case 'allhtml':
 121                 return ($this->attrcache['points'] >= 10000);
 122             case 'moderate': // Return moderator level as integer
 123                 return ($this->attrcache['points'] > 0 ? strlen($this->attrcache['points']) - 1 : 0);
 124
 125             default:
 126                 return false;
 127         }
 128     }
 129
 130     private function access_level($lev, $pts)
 131     {
 132         switch ( $lev ) {
 133             case 'none':
 134                 return true;
 135             case 'login':
 136                 return ('none' != $this->level); // True for all but suspended userlevel
 137             case 'points':
 138                 if ( $this->attrcache['points'] >= $pts ) return true;
 139                 // Don't return if false, check userlevel instead
 140             case 'vip':
 141                 return ('vip' == $this->level);
 142             case 'admin': // Admin is handled at start of has_access(), never calls this function
 143             default:
 144                 return false;
 145         }
 146     }
 147
 148     public function getopt($name)
 149     {
 150         return in_array($name, $this->attrcache['options']);
 151     }
 152 }
 153 ?>