Changeset 376 for trunk


Ignore:
Timestamp:
Jan 20, 2012, 8:29:46 AM (13 years ago)
Author:
chronos
Message:
Location:
trunk
Files:
2 added
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/Modules/User/User.php

    r373 r376  
    22
    33include(dirname(__FILE__).'/UserList.php');
     4include(dirname(__FILE__).'/UserPermission.php');
    45
    56define('LOGIN_USED', 'Přihlašovací jméno již použito.');
     
    9899  function Register($Login, $Password, $Password2, $Email, $Name, $PhoneNumber, $ICQ)
    99100  {
    100     global $Options, $Config;
     101    global $Config;
    101102
    102103    if(($Email == '') || ($Login == '') || ($Password == '') || ($Password2 == '')  || ($Name == '')) $Result = DATA_MISSING;
     
    119120            $this->Database->insert('User', array('Name' => $Name, 'Login' => $Login, 'Password' => sha1($Password), 'Email' => $Email, 'RegistrationTime' => 'NOW()', 'Locked' => 1, 'PhoneNumber' => $PhoneNumber, 'ICQ' => $ICQ));
    120121            $UserId = $this->Database->insert_id;
    121                         $this->Database->insert('PermissionUserAssignment', array('User' => $UserId, 'GroupOrOperation' => 2, 'Type' => 'Group'));
     122            $this->Database->insert('PermissionUserAssignment', array('User' => $UserId, 'GroupOrOperation' => 2, 'Type' => 'Group'));
    122123         
    123             $Subject = FromUTF8('Registrace nového účtu', 'iso2');
    124             $Message = 'Provedli jste registraci nového účtu na serveru <a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder']."</a>.<br>\nPokud jste tak neučinili, měli by jste tento email ignorovat.<br><br>\n\nVáš účet je: ".$Login."\n<br>Pro dokončení registrace klikněte na tento odkaz: ".'<a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=UserRegisterConfirm&User='.$UserId.'&H='.sha1($Password).'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=UserRegisterConfirm&User='.$UserId.'&H='.sha1($Password).'</a>.'."\n<br> \n\n<br><br>Na tento email neodpovídejte.";
    125             $AdditionalHeaders = "To: ".$Name." <".$Email.">\n"."From: ".FromUTF8($Config['Web']['Title'], 'iso2')." <noreplay@zdechov.net>\n"."MIME-Version: 1.0\n"."Content-type: text/html; charset=utf-8";
    126             mail($Email, $Subject, $Message, $AdditionalHeaders);
     124            $Mail = new Mail();           
     125            $Mail->Subject = 'Registrace nového účtu';
     126            $Mail->Message = 'Provedli jste registraci nového účtu na serveru <a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder']."</a>.<br>\nPokud jste tak neučinili, měli by jste tento email ignorovat.<br><br>\n\nVáš účet je: ".$Login."\n<br>Pro dokončení registrace klikněte na tento odkaz: ".'<a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=UserRegisterConfirm&User='.$UserId.'&H='.sha1($Password).'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=UserRegisterConfirm&User='.$UserId.'&H='.sha1($Password).'</a>.'."\n<br> \n\n<br><br>Na tento email neodpovídejte.";
     127            $Mail->RecipientName = $Name;
     128            $Mail->RecipientAddress = $Email;
     129            $Mail->SenderName = $Config['Web']['Title'];
     130            $Mail->SenderAddress = 'noreplay@zdechov.net';           
     131            $Mail->Send();
    127132            $Result = USER_REGISTRATED;
    128133            $this->System->Modules['Log']->NewRecord('User', 'NewRegistration', $Login);
     
    181186  }
    182187
    183   function LoadRoles()
    184   {
    185     $this->Roles = array();
    186     $DbResult = $this->Database->select('UserRole', '*');
     188  function CheckGroupPermission($GroupId, $OperationId)
     189  {
     190    // Check group-group relation
     191    $DbResult = $this->Database->select('PermissionGroupAssignment', '*', '`Group`="'.$GroupId.'"');
    187192    while($DbRow = $DbResult->fetch_array())
    188       $this->Roles[] = $DbRow;
    189   }
    190 
    191   function LoadPermission($Role)
    192   {
    193     $this->User['Permission'] = array();
    194     $DbResult = $this->Database->query('SELECT `UserRolePermission`.*, `PermissionOperation`.`Description` FROM `UserRolePermission` JOIN `PermissionOperation` ON `PermissionOperation`.`Id` = `UserRolePermission`.`Operation` WHERE `UserRolePermission`.`Role` = '.$Role);
    195     if($DbResult->num_rows > 0)
    196     while($DbRow = $DbResult->fetch_array())
    197       $this->User['Permission'][$DbRow['Operation']] = $DbRow;
    198   }
    199 
    200   function PermissionMatrix()
    201   {
    202     $Result = array();
    203     $DbResult = $this->Database->query('SELECT `UserRolePermission`.*, `PermissionOperation`.`Description`, `UserRole`.`Title` FROM `UserRolePermission` LEFT JOIN `PermissionOperation` ON `PermissionOperation`.`Id` = `UserRolePermission`.`Operation` LEFT JOIN `UserRole` ON `UserRole`.`Id` = `UserRolePermission`.`Role`');
    204     while($DbRow = $DbResult->fetch_array())
    205     {
    206       $Value = '';
    207       if($DbRow['Read']) $Value .= 'R';
    208       if($DbRow['Write']) $Value .= 'W';
    209       $Result[$DbRow['Description']][$DbRow['Title']] = $Value;
     193    {
     194       if($this->CheckGroupPermission($DbRow['AssignedGroup'], $OperationId) == true) return(true);
    210195    }
    211     return($Result);
    212   }
    213 
    214   function CheckGroupPermission($GroupId, $OperationId)
    215   {
    216     // Check group-group relation
    217     $DbResult = $this->Database->select('PermissionGroupAssignment', '*', '`Group`="'.$GroupId.'" AND `Type`="Group"');
    218     while($DbRow = $DbResult->fetch_array())
    219     {
    220        if($this->CheckGroupPermission($DbRow['GroupOrOperation'], $OperationId) == true) return(true);
    221     }
    222196
    223197    // Check group-operation relation
    224     $DbResult = $this->Database->select('PermissionGroupAssignment', '*', '`Group`="'.$GroupId.'" AND `GroupOrOperation`="'.$OperationId.'" AND `Type`="Operation"');
     198    $DbResult = $this->Database->select('PermissionGroupAssignment', '*', '`Group`="'.$GroupId.'" AND `AssignedOperation`="'.$OperationId.'"');
    225199    if($DbResult->num_rows > 0) return(true);
    226200    return(false);
     
    254228    {
    255229      // Check user-operation relation
    256       $DbResult = $this->Database->select('PermissionUserAssignment', '*', '`User`="'.$this->User['Id'].'" AND `GroupOrOperation`="'.$OperationId.'" AND `Type`="Operation"');
     230      $DbResult = $this->Database->select('PermissionUserAssignment', '*', '`User`="'.$this->User['Id'].'" AND `AssignedOperation`="'.$OperationId.'"');
    257231      if($DbResult->num_rows > 0) return(true);
    258232
    259233      // Check user-group relation
    260       $DbResult = $this->Database->select('PermissionUserAssignment', 'GroupOrOperation', '`User`="'.$this->User['Id'].'" AND `Type`="Group"');
     234      $DbResult = $this->Database->select('PermissionUserAssignment', 'AssignedGroup', '`User`="'.$this->User['Id'].'"');
    261235      while($DbRow = $DbResult->fetch_array())
    262236      {
    263        if($this->CheckGroupPermission($DbRow['GroupOrOperation'], $OperationId) == true) return(true);
     237       if($this->CheckGroupPermission($DbRow['AssignedGroup'], $OperationId) == true) return(true);
    264238      }
    265239      return(false);
     
    277251      $NewPassword = substr(sha1(strtoupper($Row['Login'])), 0, 7);
    278252
    279       $Subject = 'Obnova hesla';
    280       $Message = 'Požádali jste o zaslání nového hesla na serveru <a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder']."</a>.<br />\nPokud jste tak neučinili, měli by jste tento email ignorovat.<br /><br />\n\nVaše nové heslo k účtu ".$Row['Login']." je: ".$NewPassword."\n<br>Pro aktivaci tohoto hesla klikněte na ".'<a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=PasswordRecoveryConfirm&User='.$Row['Id'].'&H='.$Row['Password'].'&P='.$NewPassword.'">tento odkaz</a>.'."\n<br /> Po přihlášení si prosím změňte heslo na nové.\n\n<br><br>Na tento email neodpovídejte.";
    281       $AdditionalHeaders = "To: ".$Row['Name']." <".$Row['Email'].">\n"."From: ".FromUTF8($Config['Web']['Title'], 'iso2')." <noreplay@zdechov.net>\n"."MIME-Version: 1.0\n"."Content-type: text/html; charset=utf-8";
    282       mail($Row['Email'], $Subject, $Message, $AdditionalHeaders);
     253      $Mail = new Mail();
     254      $Mail->Subject = 'Obnova hesla';
     255      $Mail->Message = 'Požádali jste o zaslání nového hesla na serveru <a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder']."</a>.<br />\nPokud jste tak neučinili, měli by jste tento email ignorovat.<br /><br />\n\nVaše nové heslo k účtu ".$Row['Login']." je: ".$NewPassword."\n<br>Pro aktivaci tohoto hesla klikněte na ".'<a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=PasswordRecoveryConfirm&User='.$Row['Id'].'&H='.$Row['Password'].'&P='.$NewPassword.'">tento odkaz</a>.'."\n<br /> Po přihlášení si prosím změňte heslo na nové.\n\n<br><br>Na tento email neodpovídejte.";
     256      $Mail->RecipientAddress = $Row['Email'];
     257      $Mail->RecipientName = $Row['Name'];
     258      $Mail->SenderAddress = 'noreplay@zdechov.net';
     259      $Mail->SenderName = $Config['Web']['Title'];
     260      $Mail->Send();
    283261      $Output = USER_PASSWORD_RECOVERY_SUCCESS;
    284262      $this->System->Modules['Log']->NewRecord('User', 'PasswordRecoveryRequest', 'Login='.$Login.',Email='.$Email);
     
    395373    $this->Dependencies = array();
    396374    $this->Models = array('User', 'UserOnline');
    397     $this->Views = array('UserLogin', 'PasswordRecove', 'UserRegister', 'UserOptions');
     375    $this->Views = array('UserLogin', 'PasswordRecove', 'UserRegister', 'UserOptions',
     376      'PermissionGroup', 'PermissionOperation', 'PermissionGroupAssignement',
     377      'PermissionUserAssignment');
    398378  }
    399379 
Note: See TracChangeset for help on using the changeset viewer.