Design/EasySoft-ZenTaoPMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 30 Wiki Activity
Files
ff42d1f2eb4ffed25b140dd41eecd41d4b54388a
EasySoft-ZenTaoPMS/trunk/module/user/model.php
wangchunsheng ff42d1f2eb + add the suport of get method identify.
2010-07-02 07:58:36 +00:00

260 lines
9.8 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
/**
* The model file of user module of ZenTaoMS.
*
* ZenTaoMS is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* ZenTaoMS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with ZenTaoMS. If not, see <http://www.gnu.org/licenses/>.
*
* @copyright Copyright 2009-2010 青岛易软天创网络科技有限公司(www.cnezsoft.com)
* @author Chunsheng Wang <chunsheng@cnezsoft.com>
* @package user
* @version $Id$
* @link http://www.zentaoms.com
*/
?>
<?php
class userModel extends model
{
/* 设置菜单。*/
public function setMenu($users, $account)
{
$methodName = $this->app->getMethodName();
$selectHtml = html::select('account', $users, $account, "onchange=\"switchAccount(this.value, '$methodName')\"");
common::setMenuVars($this->lang->user->menu, 'account', $selectHtml);
common::setMenuVars($this->lang->user->menu, 'todo', $account);
common::setMenuVars($this->lang->user->menu, 'task', $account);
common::setMenuVars($this->lang->user->menu, 'bug', $account);
common::setMenuVars($this->lang->user->menu, 'project', $account);
common::setMenuVars($this->lang->user->menu, 'profile', $account);
}
/* 获得某一个公司的用户列表。*/
public function getList()
{
return $this->dao->select('*')->from(TABLE_USER)->where('deleted')->eq(0)->orderBy('account')->fetchAll();
}
/* 获得account=>realname的列表。params: noletter|noempty|noclosed|nodeleted。*/
public function getPairs($params = '')
{
$users = $this->dao->select('account, realname')->from(TABLE_USER)
->beginIF(strpos($params, 'nodeleted') !== false)
->where('deleted')->eq(0)
->fi()
->orderBy('account')->fetchPairs();
foreach($users as $account => $realName)
{
$firstLetter = ucfirst(substr($account, 0, 1)) . ':';
if(strpos($params, 'noletter') !== false) $firstLetter = '';
$users[$account] = $firstLetter . ($realName ? $realName : $account);
}
if(strpos($params, 'noempty') === false) $users = array('' => '') + $users;
if(strpos($params, 'noclosed') === false) $users = $users + array('closed' => 'Closed');
return $users;
}
/* 追加已经删除的用户。*/
public function setDeleted($users, $deleteds = '')
{
$deleteds = explode(',', $deleteds);
foreach($deleteds as $deleted)
{
if(!isset($users[$deleted])) $users[$deleted] = $deleted . $this->lang->user->deleted;
}
return $users;
}
/* 获得用户的真实姓名和email地址列表。*/
public function getRealNameAndEmails($users)
{
$users = $this->dao->select('account, email, realname')->from(TABLE_USER)->where('account')->in($users)->fetchAll('account');
if(!$users) return array();
foreach($users as $account => $user) if($user->realname == '') $user->realname = $account;
return $users;
}
/* 通过id获取某一个用户的信息。*/
public function getById($userID)
{
$user = $this->dao->select('*')->from(TABLE_USER)
->beginIF(is_numeric($userID))->where('id')->eq((int)$userID)->fi()
->beginIF(!is_numeric($userID))->where('account')->eq($userID)->fi()
->fetch();
if(!$user) return false;
$user->last = date(DT_DATETIME1, $user->last);
return $user;
}
/* 新增一个用户。*/
public function create()
{
/* 先检查密码是否符合规则。*/
if(!$this->checkPassword()) return;
$user = fixer::input('post')
->setDefault('join', '0000-00-00')
->setIF($this->post->password1 != false, 'password', md5($this->post->password1))
->setIF($this->post->password1 == false, 'password', '')
->remove('password1, password2')
->get();
$this->dao->insert(TABLE_USER)->data($user)
->autoCheck()
->batchCheck($this->config->user->create->requiredFields, 'notempty')
->check('account', 'unique')
->check('account', 'account')
->checkIF($this->post->email != false, 'email', 'email')
->exec();
}
/* 更新一个用户。*/
public function update($userID)
{
/* 先检查密码是否符合规则。*/
if(!$this->checkPassword()) return;
/* 进行其他的检查,更新数据库。*/
$userID = (int)$userID;
$user = fixer::input('post')
->setIF(isset($_POST['join']) and $this->post->join == '', 'join', '0000-00-00')
->setIF($this->post->password1 != false, 'password', md5($this->post->password1))
->remove('password1, password2')
->get();
$this->dao->update(TABLE_USER)->data($user)
->autoCheck()
->batchCheck($this->config->user->edit->requiredFields, 'notempty')
->check('account', 'unique', "id != '$userID'")
->check('account', 'account')
->checkIF($this->post->email != false, 'email', 'email')
->where('id')->eq((int)$userID)
->exec();
}
/* 检查密码是否符合要求。*/
public function checkPassword()
{
if($this->post->password1 != false)
{
if($this->post->password1 != $this->post->password2) dao::$errors['password'][] = $this->lang->error->passwordsame;
if(!validater::checkReg($this->post->password1, '|(.){6,}|')) dao::$errors['password'][] = $this->lang->error->passwordrule;
}
return !dao::isError();
}
/**
* 验证用户的身份。
*
* @param string $account 用户账号
* @param string $password 用户密码
* @access public
* @return object
*/
public function identify($account, $password)
{
$account = filter_var($account, FILTER_SANITIZE_STRING);
$password = filter_var($password, FILTER_SANITIZE_STRING);
if(!$account or !$password) return false;
$user = $this->dao->select('*')->from(TABLE_USER)
->where('account')->eq($account)
->beginIF(strlen($password) != 32)
->andWhere('password')->eq(md5($password))
->fi()
->andWhere('deleted')->eq(0)
->fetch();
/* 密码长度为32位改用md5 hash方式验证。*/
if(strlen($password) == 32)
{
$hash = $this->session->rand ? md5($user->password . $this->session->rand) : $user->password;
$user = $password == $hash ? $user : '';
}
if($user)
{
$ip = $_SERVER['REMOTE_ADDR'];
$last = time();
$this->dao->update(TABLE_USER)->set('visits = visits + 1')->set('ip')->eq($ip)->set('last')->eq($last)->where('account')->eq($account)->exec();
$user->last = date(DT_DATETIME1, $user->last);
}
return $user;
}
/**
* 取得对用户的授权。
*
* @param string $account 用户账号
* @access public
* @return array 包含用户权限的数组。
*/
public function authorize($account)
{
$account = filter_var($account, FILTER_SANITIZE_STRING);
if(!$account) return false;
$rights = array();
if($account == 'guest')
{
$sql = $this->dao->select('module, method')->from(TABLE_GROUP)->alias('t1')->leftJoin(TABLE_GROUPPRIV)->alias('t2')
->on('t1.id = t2.group')->where('t1.name')->eq('guest');
}
else
{
$sql = $this->dao->select('module, method')->from(TABLE_USERGROUP)->alias('t1')->leftJoin(TABLE_GROUPPRIV)->alias('t2')
->on('t1.group = t2.group')
->where('t1.account')->eq($account);
}
$stmt = $sql->query();
if(!$stmt) return $rights;
while($row = $stmt->fetch(PDO::FETCH_ASSOC))
{
$rights[strtolower($row['module'])][strtolower($row['method'])] = true;
}
return $rights;
}
/*
/**
* 判断用户是否在线。
*
* @access public
* @return bool
*/
public function isLogon()
{
return (isset($_SESSION['user']) and !empty($_SESSION['user']) and $_SESSION['user']->account != 'guest');
}
/* 获得用户所属的分组。*/
public function getGroups($account)
{
return $this->dao->findByAccount($account)->from(TABLE_USERGROUP)->fields('`group`')->fetchPairs();
}
/* 获得用户参与的项目列表。*/
public function getProjects($account)
{
return $this->dao->select('t1.*,t2.*')->from(TABLE_TEAM)->alias('t1')
->leftJoin(TABLE_PROJECT)->alias('t2')->on('t1.project = t2.id')
->where('t1.account')->eq($account)
->fetchAll();
}
/* 获得用户的Bug列表。*/
public function getBugs($account)
{
return $this->dao->findByAssignedTo($account)->from(TABLE_BUG)->andWhere('deleted')->eq(0)->fetchAll();
}
}
Reference in New Issue View Git Blame Copy Permalink