engelsystem/includes/model/User_model.php

441 lines
12 KiB
PHP
Raw Normal View History

2012-12-26 14:02:27 +01:00
<?php
2016-11-18 08:20:17 +01:00
use Engelsystem\ValidationResult;
2014-09-28 14:50:08 +02:00
/**
* User model
*/
/**
* Delete a user
*
2017-01-02 03:57:23 +01:00
* @param int $user_id
2017-01-03 03:22:48 +01:00
* @return mysqli_result|false
*/
2017-01-02 03:57:23 +01:00
function User_delete($user_id)
{
return sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($user_id) . "'");
}
2014-12-26 01:49:59 +01:00
/**
* Update user.
2014-12-26 19:26:53 +01:00
*
2017-01-03 03:22:48 +01:00
* @param array $user
* @return mysqli_result|false
2014-12-26 01:49:59 +01:00
*/
2017-01-02 03:57:23 +01:00
function User_update($user)
{
2017-01-02 15:43:36 +01:00
return sql_query("
UPDATE `User` SET
2014-12-26 01:49:59 +01:00
`Nick`='" . sql_escape($user['Nick']) . "',
`Name`='" . sql_escape($user['Name']) . "',
`Vorname`='" . sql_escape($user['Vorname']) . "',
2014-12-28 13:44:56 +01:00
`Alter`='" . sql_escape($user['Alter']) . "',
2014-12-26 01:49:59 +01:00
`Telefon`='" . sql_escape($user['Telefon']) . "',
`DECT`='" . sql_escape($user['DECT']) . "',
`Handy`='" . sql_escape($user['Handy']) . "',
`email`='" . sql_escape($user['email']) . "',
2014-12-28 13:44:56 +01:00
`email_shiftinfo`=" . sql_bool($user['email_shiftinfo']) . ",
`email_by_human_allowed`=" . sql_bool($user['email_by_human_allowed']) . ",
2014-12-26 01:49:59 +01:00
`jabber`='" . sql_escape($user['jabber']) . "',
`Size`='" . sql_escape($user['Size']) . "',
2014-12-28 13:44:56 +01:00
`Gekommen`='" . sql_escape($user['Gekommen']) . "',
`Aktiv`='" . sql_escape($user['Aktiv']) . "',
`force_active`=" . sql_bool($user['force_active']) . ",
`Tshirt`='" . sql_escape($user['Tshirt']) . "',
`color`='" . sql_escape($user['color']) . "',
2014-12-26 01:49:59 +01:00
`Sprache`='" . sql_escape($user['Sprache']) . "',
`Hometown`='" . sql_escape($user['Hometown']) . "',
2015-08-12 23:44:39 +02:00
`got_voucher`='" . sql_escape($user['got_voucher']) . "',
2015-08-11 12:04:22 +02:00
`arrival_date`='" . sql_escape($user['arrival_date']) . "',
2016-11-11 16:34:23 +01:00
`planned_arrival_date`='" . sql_escape($user['planned_arrival_date']) . "',
2016-11-15 16:36:03 +01:00
`planned_departure_date`=" . sql_null($user['planned_departure_date']) . "
2017-01-02 15:43:36 +01:00
WHERE `UID`='" . sql_escape($user['UID']) . "'
");
2014-12-26 01:49:59 +01:00
}
2014-09-28 15:01:02 +02:00
/**
* Counts all forced active users.
2017-01-03 03:22:48 +01:00
*
* @return string|null
2014-09-28 15:01:02 +02:00
*/
2017-01-02 03:57:23 +01:00
function User_force_active_count()
{
2017-01-03 14:12:17 +01:00
return sql_select_single_cell('SELECT COUNT(*) FROM `User` WHERE `force_active` = 1');
2014-09-28 15:01:02 +02:00
}
2017-01-03 03:22:48 +01:00
/**
* @return string|null
*/
2017-01-02 03:57:23 +01:00
function User_active_count()
{
2017-01-03 14:12:17 +01:00
return sql_select_single_cell('SELECT COUNT(*) FROM `User` WHERE `Aktiv` = 1');
2014-09-28 15:01:02 +02:00
}
2017-01-03 03:22:48 +01:00
/**
* @return string|null
*/
2017-01-02 03:57:23 +01:00
function User_got_voucher_count()
{
2017-01-03 14:12:17 +01:00
return sql_select_single_cell('SELECT SUM(`got_voucher`) FROM `User`');
2014-12-26 01:49:59 +01:00
}
2017-01-03 03:22:48 +01:00
/**
* @return string|null
*/
2017-01-02 03:57:23 +01:00
function User_arrived_count()
{
2017-01-03 14:12:17 +01:00
return sql_select_single_cell('SELECT COUNT(*) FROM `User` WHERE `Gekommen` = 1');
2014-09-28 15:01:02 +02:00
}
2017-01-03 03:22:48 +01:00
/**
* @return string|null
*/
2017-01-02 03:57:23 +01:00
function User_tshirts_count()
{
2017-01-03 14:12:17 +01:00
return sql_select_single_cell('SELECT COUNT(*) FROM `User` WHERE `Tshirt` = 1');
2014-09-28 15:01:02 +02:00
}
/**
* Returns all column names for sorting in an array.
2017-01-03 03:22:48 +01:00
*
* @return array
2014-09-28 15:01:02 +02:00
*/
2017-01-02 03:57:23 +01:00
function User_sortable_columns()
{
return [
2017-01-02 15:43:36 +01:00
'Nick',
'Name',
'Vorname',
'Alter',
'DECT',
'email',
'Size',
'Gekommen',
'Aktiv',
'force_active',
'Tshirt',
'lastLogIn'
];
2014-09-28 15:01:02 +02:00
}
2014-09-28 14:50:08 +02:00
/**
* Get all users, ordered by Nick by default or by given param.
2014-09-28 15:01:02 +02:00
*
2017-01-02 03:57:23 +01:00
* @param string $order_by
2017-01-03 03:22:48 +01:00
* @return array|false
2014-09-28 14:50:08 +02:00
*/
2017-01-02 03:57:23 +01:00
function Users($order_by = 'Nick')
{
return sql_select("SELECT * FROM `User` ORDER BY `" . sql_escape($order_by) . "` ASC");
2014-09-28 14:50:08 +02:00
}
2014-08-23 01:55:18 +02:00
/**
* Returns true if user is freeloader
*
2017-01-03 03:22:48 +01:00
* @param array $user
* @return bool
2014-08-23 01:55:18 +02:00
*/
2017-01-02 03:57:23 +01:00
function User_is_freeloader($user)
{
global $max_freeloadable_shifts, $user;
2017-01-02 15:43:36 +01:00
2017-01-02 03:57:23 +01:00
return count(ShiftEntries_freeloaded_by_user($user)) >= $max_freeloadable_shifts;
2014-08-23 01:55:18 +02:00
}
/**
* Returns all users that are not member of given angeltype.
*
2017-01-03 03:22:48 +01:00
* @param array $angeltype Angeltype
* @return array
*/
2017-01-02 03:57:23 +01:00
function Users_by_angeltype_inverted($angeltype)
{
$result = sql_select("
2014-12-12 23:39:54 +01:00
SELECT `User`.*
FROM `User`
2017-01-02 15:43:36 +01:00
LEFT JOIN `UserAngelTypes`
ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`='" . sql_escape($angeltype['id']) . "')
WHERE `UserAngelTypes`.`id` IS NULL
ORDER BY `Nick`");
2017-01-02 03:57:23 +01:00
if ($result === false) {
engelsystem_error("Unable to load users.");
}
return $result;
}
2013-10-13 00:52:44 +02:00
/**
* Returns all members of given angeltype.
*
2017-01-03 03:22:48 +01:00
* @param array $angeltype
* @return array
*/
2017-01-02 03:57:23 +01:00
function Users_by_angeltype($angeltype)
{
$result = sql_select("
2014-12-12 23:39:54 +01:00
SELECT
`User`.*,
2017-01-02 15:43:36 +01:00
`UserAngelTypes`.`id` AS `user_angeltype_id`,
`UserAngelTypes`.`confirm_user_id`,
2016-11-11 14:59:25 +01:00
`UserAngelTypes`.`supporter`,
`UserDriverLicenses`.*
FROM `User`
JOIN `UserAngelTypes` ON `User`.`UID`=`UserAngelTypes`.`user_id`
LEFT JOIN `UserDriverLicenses` ON `User`.`UID`=`UserDriverLicenses`.`user_id`
2014-12-28 13:44:56 +01:00
WHERE `UserAngelTypes`.`angeltype_id`='" . sql_escape($angeltype['id']) . "'
ORDER BY `Nick`");
2017-01-02 03:57:23 +01:00
if ($result === false) {
2017-01-03 14:12:17 +01:00
engelsystem_error('Unable to load members.');
2017-01-02 03:57:23 +01:00
}
return $result;
}
2013-12-29 15:08:21 +01:00
/**
* Returns User id array
2017-01-03 03:22:48 +01:00
*
* @return array|false
2013-12-29 15:08:21 +01:00
*/
2017-01-02 03:57:23 +01:00
function User_ids()
{
2017-01-03 14:12:17 +01:00
return sql_select('SELECT `UID` FROM `User`');
2013-12-29 15:08:21 +01:00
}
2013-12-27 19:45:50 +01:00
/**
* Strip unwanted characters from a users nick.
*
2017-01-02 03:57:23 +01:00
* @param string $nick
2017-01-03 03:22:48 +01:00
* @return string
2013-12-27 19:45:50 +01:00
*/
2017-01-02 03:57:23 +01:00
function User_validate_Nick($nick)
{
2017-01-03 14:12:17 +01:00
return preg_replace('/([^a-z0-9üöäß. _+*-]{1,})/ui', '', $nick);
2013-12-27 19:45:50 +01:00
}
/**
* Validate user email address.
*
* @param string $mail
* The email address to validate
* @return ValidationResult
*/
2017-01-02 03:57:23 +01:00
function User_validate_mail($mail)
{
$mail = strip_item($mail);
return new ValidationResult(check_email($mail), $mail);
}
2016-11-14 19:10:29 +01:00
/**
* Validate user jabber address
*
* @param string $jabber
* Jabber-ID to validate
* @return ValidationResult
*/
2017-01-02 03:57:23 +01:00
function User_validate_jabber($jabber)
{
$jabber = strip_item($jabber);
if ($jabber == '') {
// Empty is ok
2017-01-02 15:43:36 +01:00
return new ValidationResult(true, '');
2017-01-02 03:57:23 +01:00
}
return new ValidationResult(check_email($jabber), $jabber);
2016-11-14 19:10:29 +01:00
}
2016-11-11 16:34:23 +01:00
/**
* Validate the planned arrival date
*
2017-01-03 03:22:48 +01:00
* @param int $planned_arrival_date Unix timestamp
2016-11-11 16:34:23 +01:00
* @return ValidationResult
*/
2017-01-02 03:57:23 +01:00
function User_validate_planned_arrival_date($planned_arrival_date)
{
if ($planned_arrival_date == null) {
// null is not okay
2017-01-02 15:43:36 +01:00
return new ValidationResult(false, time());
2017-01-02 03:57:23 +01:00
}
$event_config = EventConfig();
if ($event_config == null) {
// Nothing to validate against
2017-01-02 15:43:36 +01:00
return new ValidationResult(true, $planned_arrival_date);
2017-01-02 03:57:23 +01:00
}
if (isset($event_config['buildup_start_date']) && $planned_arrival_date < $event_config['buildup_start_date']) {
// Planned arrival can not be before buildup start date
2017-01-02 15:43:36 +01:00
return new ValidationResult(false, $event_config['buildup_start_date']);
2017-01-02 03:57:23 +01:00
}
if (isset($event_config['teardown_end_date']) && $planned_arrival_date > $event_config['teardown_end_date']) {
// Planned arrival can not be after teardown end date
2017-01-02 15:43:36 +01:00
return new ValidationResult(false, $event_config['teardown_end_date']);
2017-01-02 03:57:23 +01:00
}
return new ValidationResult(true, $planned_arrival_date);
2016-11-11 16:34:23 +01:00
}
/**
* Validate the planned departure date
*
* @param int $planned_arrival_date
* Unix timestamp
* @param int $planned_departure_date
* Unix timestamp
* @return ValidationResult
*/
2017-01-02 03:57:23 +01:00
function User_validate_planned_departure_date($planned_arrival_date, $planned_departure_date)
{
if ($planned_departure_date == null) {
// null is okay
2017-01-02 15:43:36 +01:00
return new ValidationResult(true, null);
2017-01-02 03:57:23 +01:00
}
if ($planned_arrival_date > $planned_departure_date) {
// departure cannot be before arrival
2017-01-02 15:43:36 +01:00
return new ValidationResult(false, $planned_arrival_date);
2017-01-02 03:57:23 +01:00
}
$event_config = EventConfig();
if ($event_config == null) {
// Nothing to validate against
2017-01-02 15:43:36 +01:00
return new ValidationResult(true, $planned_departure_date);
2017-01-02 03:57:23 +01:00
}
if (isset($event_config['buildup_start_date']) && $planned_departure_date < $event_config['buildup_start_date']) {
// Planned arrival can not be before buildup start date
2017-01-02 15:43:36 +01:00
return new ValidationResult(false, $event_config['buildup_start_date']);
2017-01-02 03:57:23 +01:00
}
if (isset($event_config['teardown_end_date']) && $planned_departure_date > $event_config['teardown_end_date']) {
// Planned arrival can not be after teardown end date
2017-01-02 15:43:36 +01:00
return new ValidationResult(false, $event_config['teardown_end_date']);
2017-01-02 03:57:23 +01:00
}
return new ValidationResult(true, $planned_departure_date);
2016-11-11 16:34:23 +01:00
}
2012-12-26 14:02:27 +01:00
/**
* Returns user by id.
2013-10-13 00:52:44 +02:00
*
2017-01-03 03:22:48 +01:00
* @param int $user_id UID
* @return array|null
2012-12-26 14:02:27 +01:00
*/
2017-01-02 03:57:23 +01:00
function User($user_id)
{
$user_source = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1");
if ($user_source === false) {
2017-01-03 14:12:17 +01:00
engelsystem_error('Unable to load user.');
2017-01-02 03:57:23 +01:00
}
if (count($user_source) > 0) {
return $user_source[0];
}
return null;
2012-12-26 14:02:27 +01:00
}
/**
* Returns User by api_key.
2013-10-13 00:52:44 +02:00
*
* @param string $api_key
* User api key
2017-01-03 03:22:48 +01:00
* @return array|null Matching user, null on error
*/
2017-01-02 03:57:23 +01:00
function User_by_api_key($api_key)
{
$user = sql_select("SELECT * FROM `User` WHERE `api_key`='" . sql_escape($api_key) . "' LIMIT 1");
if ($user === false) {
2017-01-03 14:12:17 +01:00
engelsystem_error('Unable to find user by api key.');
2017-01-02 03:57:23 +01:00
}
if (count($user) == 0) {
return null;
}
return $user[0];
}
2013-12-26 13:34:48 +01:00
/**
* Returns User by email.
*
2017-01-02 03:57:23 +01:00
* @param string $email
2017-01-03 03:22:48 +01:00
* @return array|null Matching user, null or false on error
2013-12-26 13:34:48 +01:00
*/
2017-01-02 03:57:23 +01:00
function User_by_email($email)
{
$user = sql_select("SELECT * FROM `User` WHERE `email`='" . sql_escape($email) . "' LIMIT 1");
if ($user === false) {
2017-01-03 14:12:17 +01:00
engelsystem_error('Unable to load user.');
2017-01-02 03:57:23 +01:00
}
if (count($user) == 0) {
return null;
}
return $user[0];
2013-12-26 13:34:48 +01:00
}
/**
* Returns User by password token.
*
2017-01-02 03:57:23 +01:00
* @param string $token
2017-01-03 03:22:48 +01:00
* @return array|null Matching user, null or false on error
2013-12-26 13:34:48 +01:00
*/
2017-01-02 03:57:23 +01:00
function User_by_password_recovery_token($token)
{
$user = sql_select("SELECT * FROM `User` WHERE `password_recovery_token`='" . sql_escape($token) . "' LIMIT 1");
if ($user === false) {
2017-01-03 14:12:17 +01:00
engelsystem_error('Unable to load user.');
2017-01-02 03:57:23 +01:00
}
if (count($user) == 0) {
return null;
}
return $user[0];
2013-12-26 13:34:48 +01:00
}
/**
* Generates a new api key for given user.
2013-10-13 00:52:44 +02:00
*
2017-01-03 03:22:48 +01:00
* @param array $user
* @param bool $log
* @return bool
*/
2017-01-02 03:57:23 +01:00
function User_reset_api_key(&$user, $log = true)
{
$user['api_key'] = md5($user['Nick'] . time() . rand());
$result = sql_query("UPDATE `User` SET `api_key`='" . sql_escape($user['api_key']) . "' WHERE `UID`='" . sql_escape($user['UID']) . "' LIMIT 1");
if ($result === false) {
return false;
}
2017-01-03 03:22:48 +01:00
2017-01-02 03:57:23 +01:00
if ($log) {
2017-01-03 14:12:17 +01:00
engelsystem_log(sprintf('API key resetted (%s).', User_Nick_render($user)));
2017-01-02 03:57:23 +01:00
}
2017-01-03 03:22:48 +01:00
return true;
}
2013-12-26 13:34:48 +01:00
/**
* Generates a new password recovery token for given user.
*
2017-01-03 03:22:48 +01:00
* @param array $user
* @return string
2013-12-26 13:34:48 +01:00
*/
2017-01-02 03:57:23 +01:00
function User_generate_password_recovery_token(&$user)
{
$user['password_recovery_token'] = md5($user['Nick'] . time() . rand());
2017-01-03 14:12:17 +01:00
$result = sql_query("
UPDATE `User`
SET `password_recovery_token`='" . sql_escape($user['password_recovery_token']) . "'
WHERE `UID`='" . sql_escape($user['UID']) . "'
LIMIT 1
");
2017-01-02 03:57:23 +01:00
if ($result === false) {
2017-01-03 14:12:17 +01:00
engelsystem_error('Unable to generate password recovery token.');
2017-01-02 03:57:23 +01:00
}
2017-01-03 14:12:17 +01:00
engelsystem_log('Password recovery for ' . User_Nick_render($user) . ' started.');
2017-01-02 03:57:23 +01:00
return $user['password_recovery_token'];
2013-12-26 13:34:48 +01:00
}
2017-01-03 03:22:48 +01:00
/**
* @param array $user
* @return float
*/
2017-01-02 03:57:23 +01:00
function User_get_eligable_voucher_count(&$user)
{
global $voucher_settings;
2017-01-02 15:43:36 +01:00
2017-01-02 03:57:23 +01:00
$shifts_done = count(ShiftEntries_finished_by_user($user));
2017-01-02 15:43:36 +01:00
2017-01-02 03:57:23 +01:00
$earned_vouchers = $user['got_voucher'] - $voucher_settings['initial_vouchers'];
$elegible_vouchers = $shifts_done / $voucher_settings['shifts_per_voucher'] - $earned_vouchers;
if ($elegible_vouchers < 0) {
return 0;
}
2017-01-02 15:43:36 +01:00
2017-01-02 03:57:23 +01:00
return $elegible_vouchers;
}