X-Git-Url: http://p2p-next.cs.pub.ro/gitweb/?a=blobdiff_plain;f=application%2Fmodels%2Fusers_model.php;h=76f378d905e54f5b6a3b92f1c1b337cbb090abf1;hb=faf92fa039c2be353c94d0d0e8e488e56eaa5058;hp=862229c841832b17db14f8b6074f37a3fb22a193;hpb=37fe2e29a60066614f4155c292e2a2bd99b71b49;p=living-lab-site.git diff --git a/application/models/users_model.php b/application/models/users_model.php index 862229c..76f378d 100644 --- a/application/models/users_model.php +++ b/application/models/users_model.php @@ -205,10 +205,17 @@ class Users_model extends CI_Model { $vals = ''; foreach ($data as $col=> $val) { + if ($val === NULL) + { + $cols .= "$col, "; + $vals .= "NULL, "; + continue; + } + $cols .= "$col, "; if (is_int($val)) $vals .= "$val, "; - else + else if (is_string($val)) $vals .= "'$val', "; } $cols = substr($cols, 0, -2); @@ -217,17 +224,18 @@ class Users_model extends CI_Model { $query = $this->db->query("INSERT INTO `users` ($cols, registration_date, last_login) VALUES ($vals, utc_timestamp(), utc_timestamp())"); - if ($query === FALSE) return FALSE; - // If the registered with internal authentication it needs to activate + // If registered with internal authentication it needs to activate // the account. - $activation_code = Users_model::gen_activation_code(); + $activation_code = Users_model::gen_activation_code($data['username']); $user_id = $this->get_user_id($data['username']); $query = $this->db->query("INSERT INTO `users_unactivated` (user_id, activation_code) VALUES ($user_id, '$activation_code')"); + $this->send_activation_email($user_id, $data['email'], + $activation_code, $data['username']); // TODO exception on failure return $query; @@ -272,26 +280,102 @@ class Users_model extends CI_Model { return TRUE; } + public function send_activation_email($user_id, $email = NULL, + $activation_code = NULL, $username = NULL) + { + if (!$activation_code || !$email || !$username) + { + if (!$email) + $cols = 'email, '; + else + $cols = ''; + + $userdata = $this->get_userdata($user_id, + $cols. "a.activation_code, username"); + $activation_code =& $userdata['activation_code']; + + if (!$email) + $email =& $userdata['email']; + $username =& $userdata['username']; + } + + if ($activation_code === NULL) + return TRUE; + + $subject = '['. $this->config->item('site_name') + . '] Account Activation'; + $activation_url = + site_url("user/activate/$user_id/code/$activation_code"); + $msg = sprintf($this->lang->line('user_activation_email_content'), + $username, $this->config->item('site_name'), site_url(), + $activation_url, $activation_code); + $headers = "From: ". $this->config->item('noreply_email'); + + return mail($email, $subject, $msg, $headers); + } + + public function recover_password($username, $email) + { + $userdata = $this->get_userdata($username, 'email, username, id'); + + if (strcmp($userdata['email'], $email) !== 0) + return FALSE; + + $recovered_password = Users_model::gen_password(); + + $this->set_userdata(intval($userdata['id']), array('password'=> + $recovered_password)); + + $subject = '['. $this->config->item('site_name') + . '] Password Recovery'; + $msg = sprintf($this->lang->line('user_password_recovery_email_content'), + $username, $this->config->item('site_name'), site_url(), + $recovered_password); + $headers = "From: ". $this->config->item('noreply_email'); + + mail($email, $subject, $msg, $headers); + + return TRUE; + } + /** * Returns data from `users` table. If $user is int it is used as an * id, if it is string it is used as an username. * * @param mixed $user + * @param string $table_cols (optional) string with comma separated + * `users` table column names. Use a.activation_code to check user's + * account activation_code. If this value is NULL than the account is + * active. + * @return array associative array with userdata from DB */ - public function get_userdata($user) + public function get_userdata($user, $table_cols = '*') { if (is_int($user)) $cond = "id = $user"; else $cond = "username = '$user'"; - $query = $this->db->query("SELECT * from `users` + $query = $this->db->query("SELECT $table_cols + FROM `users` u LEFT JOIN `users_unactivated` a + ON (u.id = a.user_id) WHERE $cond"); if ($query->num_rows() === 0) return FALSE; - return $query->row_array(); + $userdata = $query->row_array(); + + // Post process userdata. + if (isset($userdata['picture'])) + { + $userdata['picture_thumb'] = site_url( + "data/user_pictures/{$userdata['picture']}-thumb.jpg"); + $userdata['picture'] = site_url( + "data/user_pictures/{$userdata['picture']}"); + } + + return $userdata; } /** @@ -300,6 +384,7 @@ class Users_model extends CI_Model { * @param int $user_id * @param array $data key-value pairs with columns and new values to be * modified + * @return boolean returns TRUE on success and FALSE otherwise */ public function set_userdata($user_id, $data) { @@ -315,8 +400,10 @@ class Users_model extends CI_Model { { if (is_int($val)) $set .= "$col = $val, "; - else + else if (is_string($val)) $set .= "$col = '$val', "; + else if (is_null($var)) + $set .= "$col = NULL, "; } $set = substr($set, 0, -2); @@ -342,6 +429,26 @@ class Users_model extends CI_Model { return $activation_code; } + public static function gen_password() + { + $ci =& get_instance(); + $length = 16; + $chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,.?!_-'; + $len_chars = strlen($chars); + $enc_key = $ci->config->item('encryption_key'); + $len_enc_key = strlen($enc_key); + $password = ''; + + for ($p = 0; $p < $length; $p++) + { + $i = (mt_rand(1, 100) * ord($enc_key[ mt_rand(0, $len_enc_key-1) ])) + % $len_chars; + $password .= $chars[$i]; + } + + return $password; + } + public static function roles_to_string($roles) { $ci =& get_instance();