Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Octocat-spinner-32-eaf2f5

Cannot retrieve contributors at this time

file 186 lines (165 sloc) 5.586 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185
<?php defined("SYSPATH") or die("No direct script access.");
/**
* Gallery - a web based photo album viewer and editor
* Copyright (C) 2000-2013 Bharat Mediratta
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
class User_Model_Core extends ORM implements User_Definition {
  protected $has_and_belongs_to_many = array("groups");
  protected $password_length = null;
  protected $groups_cache = null;

  public function __set($column, $value) {
    switch ($column) {
    case "hashed_password":
      $column = "password";
      break;

    case "password":
      $this->password_length = strlen($value);
      $value = user::hash_password($value);
      break;
    }
    parent::__set($column, $value);
  }

  /**
* @see ORM::delete()
*/
  public function delete($id=null) {
    $old = clone $this;
    module::event("user_before_delete", $this);
    parent::delete($id);

    db::build()
      ->delete("groups_users")
      ->where("user_id", "=", empty($id) ? $old->id : $id)
      ->execute();

    module::event("user_deleted", $old);
    $this->groups_cache = null;
  }

  /**
* Return a url to the user's avatar image.
* @param integer $size the target size of the image (default 80px)
* @return string a url
*/
  public function avatar_url($size=80, $default=null) {
    return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s",
                   md5($this->email), $size, $default ? "&d=" . urlencode($default) : "");
  }

  public function groups() {
    if (!$this->groups_cache) {
      $this->groups_cache = $this->groups->find_all()->as_array();
    }
    return $this->groups_cache;
  }

  /**
* Specify our rules here so that we have access to the instance of this model.
*/
  public function validate(Validation $array=null) {
    // validate() is recursive, only modify the rules on the outermost call.
    if (!$array) {
      $this->rules = array(
        "admin" => array("callbacks" => array(array($this, "valid_admin"))),
        "email" => array("rules" => array("length[1,255]", "valid::email"),
                             "callbacks" => array(array($this, "valid_email"))),
        "full_name" => array("rules" => array("length[0,255]")),
        "locale" => array("rules" => array("length[2,10]")),
        "name" => array("rules" => array("length[1,32]", "required"),
                             "callbacks" => array(array($this, "valid_name"))),
        "password" => array("callbacks" => array(array($this, "valid_password"))),
        "url" => array("rules" => array("valid::url")),
      );
    }

    parent::validate($array);
  }

  /**
* Handle any business logic necessary to create or update a user.
* @see ORM::save()
*
* @return ORM User_Model
*/
  public function save() {
    if ($this->full_name === null) {
      $this->full_name = "";
    }

    if (!$this->loaded()) {
      // New user
      $this->add(group::everybody());
      if (!$this->guest) {
        $this->add(group::registered_users());
      }

      parent::save();
      module::event("user_created", $this);
    } else {
      // Updated user
      $original = ORM::factory("user", $this->id);
      parent::save();
      module::event("user_updated", $original, $this);
    }

    $this->groups_cache = null;
    return $this;
  }

  /**
* Return the best version of the user's name. Either their specified full name, or fall back
* to the user name.
* @return string
*/
  public function display_name() {
    return empty($this->full_name) ? $this->name : $this->full_name;
  }

  /**
* Validate the user name. Make sure there are no conflicts.
*/
  public function valid_name(Validation $v, $field) {
    if (db::build()->from("users")
        ->where("name", "=", $this->name)
        ->merge_where($this->id ? array(array("id", "<>", $this->id)) : null)
        ->count_records() == 1) {
      $v->add_error("name", "conflict");
    }
  }

  /**
* Validate the password.
*/
  public function valid_password(Validation $v, $field) {
    if ($this->guest) {
      return;
    }

    if (!$this->loaded() || isset($this->password_length)) {
      $minimum_length = module::get_var("user", "minimum_password_length", 5);
      if ($this->password_length < $minimum_length) {
        $v->add_error("password", "min_length");
      }
    }
  }

  /**
* Validate the admin bit.
*/
  public function valid_admin(Validation $v, $field) {
    $active = identity::active_user();
    if ($this->id == $active->id && $active->admin && !$this->admin) {
      $v->add_error("admin", "locked");
    }
  }

  /**
* Validate the email field.
*/
  public function valid_email(Validation $v, $field) {
    if ($this->guest) { // guests don't require an email address
      return;
    }

    if (empty($this->email)) {
      $v->add_error("email", "required");
    }
  }
}
Something went wrong with that request. Please try again.