Changeset 376 for trunk/Modules/User/User.php
- Timestamp:
- Jan 20, 2012, 8:29:46 AM (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Modules/User/User.php
r373 r376 2 2 3 3 include(dirname(__FILE__).'/UserList.php'); 4 include(dirname(__FILE__).'/UserPermission.php'); 4 5 5 6 define('LOGIN_USED', 'Přihlašovací jméno již použito.'); … … 98 99 function Register($Login, $Password, $Password2, $Email, $Name, $PhoneNumber, $ICQ) 99 100 { 100 global $ Options, $Config;101 global $Config; 101 102 102 103 if(($Email == '') || ($Login == '') || ($Password == '') || ($Password2 == '') || ($Name == '')) $Result = DATA_MISSING; … … 119 120 $this->Database->insert('User', array('Name' => $Name, 'Login' => $Login, 'Password' => sha1($Password), 'Email' => $Email, 'RegistrationTime' => 'NOW()', 'Locked' => 1, 'PhoneNumber' => $PhoneNumber, 'ICQ' => $ICQ)); 120 121 $UserId = $this->Database->insert_id; 121 122 $this->Database->insert('PermissionUserAssignment', array('User' => $UserId, 'GroupOrOperation' => 2, 'Type' => 'Group')); 122 123 123 $Subject = FromUTF8('Registrace nového účtu', 'iso2'); 124 $Message = 'Provedli jste registraci nového účtu na serveru <a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder']."</a>.<br>\nPokud jste tak neučinili, měli by jste tento email ignorovat.<br><br>\n\nVáš účet je: ".$Login."\n<br>Pro dokončení registrace klikněte na tento odkaz: ".'<a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=UserRegisterConfirm&User='.$UserId.'&H='.sha1($Password).'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=UserRegisterConfirm&User='.$UserId.'&H='.sha1($Password).'</a>.'."\n<br> \n\n<br><br>Na tento email neodpovídejte."; 125 $AdditionalHeaders = "To: ".$Name." <".$Email.">\n"."From: ".FromUTF8($Config['Web']['Title'], 'iso2')." <noreplay@zdechov.net>\n"."MIME-Version: 1.0\n"."Content-type: text/html; charset=utf-8"; 126 mail($Email, $Subject, $Message, $AdditionalHeaders); 124 $Mail = new Mail(); 125 $Mail->Subject = 'Registrace nového účtu'; 126 $Mail->Message = 'Provedli jste registraci nového účtu na serveru <a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder']."</a>.<br>\nPokud jste tak neučinili, měli by jste tento email ignorovat.<br><br>\n\nVáš účet je: ".$Login."\n<br>Pro dokončení registrace klikněte na tento odkaz: ".'<a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=UserRegisterConfirm&User='.$UserId.'&H='.sha1($Password).'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=UserRegisterConfirm&User='.$UserId.'&H='.sha1($Password).'</a>.'."\n<br> \n\n<br><br>Na tento email neodpovídejte."; 127 $Mail->RecipientName = $Name; 128 $Mail->RecipientAddress = $Email; 129 $Mail->SenderName = $Config['Web']['Title']; 130 $Mail->SenderAddress = 'noreplay@zdechov.net'; 131 $Mail->Send(); 127 132 $Result = USER_REGISTRATED; 128 133 $this->System->Modules['Log']->NewRecord('User', 'NewRegistration', $Login); … … 181 186 } 182 187 183 function LoadRoles()184 { 185 $this->Roles = array();186 $DbResult = $this->Database->select(' UserRole', '*');188 function CheckGroupPermission($GroupId, $OperationId) 189 { 190 // Check group-group relation 191 $DbResult = $this->Database->select('PermissionGroupAssignment', '*', '`Group`="'.$GroupId.'"'); 187 192 while($DbRow = $DbResult->fetch_array()) 188 $this->Roles[] = $DbRow; 189 } 190 191 function LoadPermission($Role) 192 { 193 $this->User['Permission'] = array(); 194 $DbResult = $this->Database->query('SELECT `UserRolePermission`.*, `PermissionOperation`.`Description` FROM `UserRolePermission` JOIN `PermissionOperation` ON `PermissionOperation`.`Id` = `UserRolePermission`.`Operation` WHERE `UserRolePermission`.`Role` = '.$Role); 195 if($DbResult->num_rows > 0) 196 while($DbRow = $DbResult->fetch_array()) 197 $this->User['Permission'][$DbRow['Operation']] = $DbRow; 198 } 199 200 function PermissionMatrix() 201 { 202 $Result = array(); 203 $DbResult = $this->Database->query('SELECT `UserRolePermission`.*, `PermissionOperation`.`Description`, `UserRole`.`Title` FROM `UserRolePermission` LEFT JOIN `PermissionOperation` ON `PermissionOperation`.`Id` = `UserRolePermission`.`Operation` LEFT JOIN `UserRole` ON `UserRole`.`Id` = `UserRolePermission`.`Role`'); 204 while($DbRow = $DbResult->fetch_array()) 205 { 206 $Value = ''; 207 if($DbRow['Read']) $Value .= 'R'; 208 if($DbRow['Write']) $Value .= 'W'; 209 $Result[$DbRow['Description']][$DbRow['Title']] = $Value; 193 { 194 if($this->CheckGroupPermission($DbRow['AssignedGroup'], $OperationId) == true) return(true); 210 195 } 211 return($Result);212 }213 214 function CheckGroupPermission($GroupId, $OperationId)215 {216 // Check group-group relation217 $DbResult = $this->Database->select('PermissionGroupAssignment', '*', '`Group`="'.$GroupId.'" AND `Type`="Group"');218 while($DbRow = $DbResult->fetch_array())219 {220 if($this->CheckGroupPermission($DbRow['GroupOrOperation'], $OperationId) == true) return(true);221 }222 196 223 197 // Check group-operation relation 224 $DbResult = $this->Database->select('PermissionGroupAssignment', '*', '`Group`="'.$GroupId.'" AND ` GroupOrOperation`="'.$OperationId.'" AND `Type`="Operation"');198 $DbResult = $this->Database->select('PermissionGroupAssignment', '*', '`Group`="'.$GroupId.'" AND `AssignedOperation`="'.$OperationId.'"'); 225 199 if($DbResult->num_rows > 0) return(true); 226 200 return(false); … … 254 228 { 255 229 // Check user-operation relation 256 $DbResult = $this->Database->select('PermissionUserAssignment', '*', '`User`="'.$this->User['Id'].'" AND ` GroupOrOperation`="'.$OperationId.'" AND `Type`="Operation"');230 $DbResult = $this->Database->select('PermissionUserAssignment', '*', '`User`="'.$this->User['Id'].'" AND `AssignedOperation`="'.$OperationId.'"'); 257 231 if($DbResult->num_rows > 0) return(true); 258 232 259 233 // Check user-group relation 260 $DbResult = $this->Database->select('PermissionUserAssignment', ' GroupOrOperation', '`User`="'.$this->User['Id'].'" AND `Type`="Group"');234 $DbResult = $this->Database->select('PermissionUserAssignment', 'AssignedGroup', '`User`="'.$this->User['Id'].'"'); 261 235 while($DbRow = $DbResult->fetch_array()) 262 236 { 263 if($this->CheckGroupPermission($DbRow[' GroupOrOperation'], $OperationId) == true) return(true);237 if($this->CheckGroupPermission($DbRow['AssignedGroup'], $OperationId) == true) return(true); 264 238 } 265 239 return(false); … … 277 251 $NewPassword = substr(sha1(strtoupper($Row['Login'])), 0, 7); 278 252 279 $Subject = 'Obnova hesla'; 280 $Message = 'Požádali jste o zaslání nového hesla na serveru <a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder']."</a>.<br />\nPokud jste tak neučinili, měli by jste tento email ignorovat.<br /><br />\n\nVaše nové heslo k účtu ".$Row['Login']." je: ".$NewPassword."\n<br>Pro aktivaci tohoto hesla klikněte na ".'<a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=PasswordRecoveryConfirm&User='.$Row['Id'].'&H='.$Row['Password'].'&P='.$NewPassword.'">tento odkaz</a>.'."\n<br /> Po přihlášení si prosím změňte heslo na nové.\n\n<br><br>Na tento email neodpovídejte."; 281 $AdditionalHeaders = "To: ".$Row['Name']." <".$Row['Email'].">\n"."From: ".FromUTF8($Config['Web']['Title'], 'iso2')." <noreplay@zdechov.net>\n"."MIME-Version: 1.0\n"."Content-type: text/html; charset=utf-8"; 282 mail($Row['Email'], $Subject, $Message, $AdditionalHeaders); 253 $Mail = new Mail(); 254 $Mail->Subject = 'Obnova hesla'; 255 $Mail->Message = 'Požádali jste o zaslání nového hesla na serveru <a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'">http://'.$Config['Web']['Host'].$Config['Web']['RootFolder']."</a>.<br />\nPokud jste tak neučinili, měli by jste tento email ignorovat.<br /><br />\n\nVaše nové heslo k účtu ".$Row['Login']." je: ".$NewPassword."\n<br>Pro aktivaci tohoto hesla klikněte na ".'<a href="http://'.$Config['Web']['Host'].$Config['Web']['RootFolder'].'/?Action=PasswordRecoveryConfirm&User='.$Row['Id'].'&H='.$Row['Password'].'&P='.$NewPassword.'">tento odkaz</a>.'."\n<br /> Po přihlášení si prosím změňte heslo na nové.\n\n<br><br>Na tento email neodpovídejte."; 256 $Mail->RecipientAddress = $Row['Email']; 257 $Mail->RecipientName = $Row['Name']; 258 $Mail->SenderAddress = 'noreplay@zdechov.net'; 259 $Mail->SenderName = $Config['Web']['Title']; 260 $Mail->Send(); 283 261 $Output = USER_PASSWORD_RECOVERY_SUCCESS; 284 262 $this->System->Modules['Log']->NewRecord('User', 'PasswordRecoveryRequest', 'Login='.$Login.',Email='.$Email); … … 395 373 $this->Dependencies = array(); 396 374 $this->Models = array('User', 'UserOnline'); 397 $this->Views = array('UserLogin', 'PasswordRecove', 'UserRegister', 'UserOptions'); 375 $this->Views = array('UserLogin', 'PasswordRecove', 'UserRegister', 'UserOptions', 376 'PermissionGroup', 'PermissionOperation', 'PermissionGroupAssignement', 377 'PermissionUserAssignment'); 398 378 } 399 379
Note:
See TracChangeset
for help on using the changeset viewer.