sintonia/airtime_mvc/application/models/Subjects.php

<?php
define('ALIBERR_NOTGR', 20);
define('ALIBERR_BADSMEMB', 21);

/**
 * Subj class
 *
 * users + groups
 * with "linearized recursive membership" ;)
 *   (allow adding users to groups or groups to groups)
 *
 * @package Airtime
 * @subpackage Alib
 * @copyright 2010 Sourcefabric O.P.S.
 * @license http://www.gnu.org/licenses/gpl.txt
 */
class Application_Model_Subjects {

    /* ======================================================= public methods */

    /**
     * Check login and password
     *
     * @param string $login
     * @param string $pass
     * 		optional
     * @return boolean|int|PEAR_Error
     */
    public static function Authenticate($login, $pass='')
    {
        global $CC_CONFIG;
        $con = Propel::getConnection();
        $cpass = md5($pass);
        $sql = "SELECT id FROM ".$CC_CONFIG['subjTable']
            ." WHERE login='$login' AND pass='$cpass' AND type='U'"
            ." LIMIT 1";
        $query = $con->query($sql)->fetchColumn(0);
        return $query;
    }


    /**
     * Change user password
     *
     * @param string $login
     * @param string $oldpass
     * 		old password (optional for 'superuser mode')
     * @param string $pass
     * 		optional
     * @param boolean $passenc
     * 		optional, password already encrypted if true
     * @return boolean|PEAR_Error
     */
    public static function Passwd($login, $oldpass=null, $pass='', $passenc=FALSE)
    {
        global $CC_CONFIG;
        $con = Propel::getConnection();
        if (!$passenc) {
            $cpass = md5($pass);
        } else {
            $cpass = $pass;
        }
        if (!is_null($oldpass)) {
            $oldcpass = md5($oldpass);
            $oldpCond = "AND pass='$oldcpass'";
        } else {
            $oldpCond = '';
        }
        $sql = "UPDATE ".$CC_CONFIG['subjTable']." SET pass='$cpass'"
            ." WHERE login='$login' $oldpCond AND type='U'";
        $con->exec($sql);
        return TRUE;
    }


    /* --------------------------------------------------------------- groups */

    /* --------------------------------------------------------- info methods */

    /**
     * Get subject id from login
     *
     * @param string $login
     * @return int|false
     */
    public static function GetSubjId($login)
    {
        global $CC_CONFIG;
        $con = Propel::getConnection();
        $sql = "SELECT id FROM ".$CC_CONFIG['subjTable']
            ." WHERE login='$login'";
        $query = $con->query($sql)->fetchColumn(0);
        return ($query !== false) ? $query : NULL;
    }


    /**
     * Return true if uid is direct member of gid
     *
     * @param int $uid
     * 		local user id
     * @param int $gid
     * 		local group id
     * @return boolean
     */
    public static function IsMemberOf($uid, $gid)
    {
        global $CC_CONFIG;
        $con = Propel::getConnection();
        $sql = "SELECT count(*) as cnt"
            ." FROM ".$CC_CONFIG['smembTable']
            ." WHERE uid='$uid' AND gid='$gid'";
        $res = $con->query($sql)->fetchColumn(0);
        return (intval($res) > 0);
    }

    public static function increaseLoginAttempts($login)
    {
        global $CC_CONFIG;
        $con = Propel::getConnection();
        $sql = "UPDATE ".$CC_CONFIG['subjTable']." SET login_attempts = login_attempts+1"
            ." WHERE login='$login'";
        $res = $con->exec($sql);
        return (intval($res) > 0);
    }

    public static function resetLoginAttempts($login)
    {
        global $CC_CONFIG;
        $con = Propel::getConnection();
        $sql = "UPDATE ".$CC_CONFIG['subjTable']." SET login_attempts = '0'"
            ." WHERE login='$login'";
        $res = $con->exec($sql);
        return TRUE;
    }

    public static function getLoginAttempts($login)
    {
        global $CC_CONFIG;
        $con = Propel::getConnection();
        $sql = "SELECT login_attempts FROM ".$CC_CONFIG['subjTable']." WHERE login='$login'";
        $res = $con->query($sql)->fetchColumn(0);
        return ($res !== false) ? $res : 0;
    }

} // class Subjects
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`<?php`
			`define('ALIBERR_NOTGR', 20);`
			`define('ALIBERR_BADSMEMB', 21);`

			`/**`
			`* Subj class`
			`*`
			`* users + groups`
			`* with "linearized recursive membership" ;)`
			`* (allow adding users to groups or groups to groups)`
			`*`
-changed some references from campcaster to airtime in the documentation / comments 2011-01-05 18:19:58 +01:00			`* @package Airtime`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`* @subpackage Alib`
			`* @copyright 2010 Sourcefabric O.P.S.`
			`* @license http://www.gnu.org/licenses/gpl.txt`
			`*/`
CC-2789: Prevent brue-force password guessing attacks - add recaptcha on login page 2011-09-13 20:16:16 +02:00			`class Application_Model_Subjects {`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00
			`/* ======================================================= public methods */`

			`/**`
			`* Check login and password`
			`*`
			`* @param string $login`
			`* @param string $pass`
			`* optional`
			`* @return boolean\|int\|PEAR_Error`
			`*/`
			`public static function Authenticate($login, $pass='')`
			`{`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`global $CC_CONFIG;`
			`$con = Propel::getConnection();`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`$cpass = md5($pass);`
			`$sql = "SELECT id FROM ".$CC_CONFIG['subjTable']`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`." WHERE login='$login' AND pass='$cpass' AND type='U'"`
			`." LIMIT 1";`
			`$query = $con->query($sql)->fetchColumn(0);`
			`return $query;`
			`}`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00

			`/**`
			`* Change user password`
			`*`
			`* @param string $login`
			`* @param string $oldpass`
			`* old password (optional for 'superuser mode')`
			`* @param string $pass`
			`* optional`
			`* @param boolean $passenc`
			`* optional, password already encrypted if true`
			`* @return boolean\|PEAR_Error`
			`*/`
			`public static function Passwd($login, $oldpass=null, $pass='', $passenc=FALSE)`
			`{`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`global $CC_CONFIG;`
			`$con = Propel::getConnection();`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`if (!$passenc) {`
			`$cpass = md5($pass);`
			`} else {`
			`$cpass = $pass;`
			`}`
			`if (!is_null($oldpass)) {`
			`$oldcpass = md5($oldpass);`
			`$oldpCond = "AND pass='$oldcpass'";`
			`} else {`
			`$oldpCond = '';`
			`}`
			`$sql = "UPDATE ".$CC_CONFIG['subjTable']." SET pass='$cpass'"`
			`." WHERE login='$login' $oldpCond AND type='U'";`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`$con->exec($sql);`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`return TRUE;`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`}`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00

			`/* --------------------------------------------------------------- groups */`

			`/* --------------------------------------------------------- info methods */`

			`/**`
			`* Get subject id from login`
			`*`
			`* @param string $login`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`* @return int\|false`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`*/`
			`public static function GetSubjId($login)`
			`{`
			`global $CC_CONFIG;`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`$con = Propel::getConnection();`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`$sql = "SELECT id FROM ".$CC_CONFIG['subjTable']`
			`." WHERE login='$login'";`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`$query = $con->query($sql)->fetchColumn(0);`
CC-1927: Remove PEAR DB -various fixes 2012-04-19 22:54:38 +02:00			`return ($query !== false) ? $query : NULL;`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`}`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00

			`/**`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`* Return true if uid is direct member of gid`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`*`
			`* @param int $uid`
			`* local user id`
			`* @param int $gid`
			`* local group id`
			`* @return boolean`
			`*/`
			`public static function IsMemberOf($uid, $gid)`
			`{`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`global $CC_CONFIG;`
			`$con = Propel::getConnection();`
			`$sql = "SELECT count(*) as cnt"`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`." FROM ".$CC_CONFIG['smembTable']`
			`." WHERE uid='$uid' AND gid='$gid'";`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`$res = $con->query($sql)->fetchColumn(0);`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00			`return (intval($res) > 0);`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`}`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`public static function increaseLoginAttempts($login)`
			`{`
			`global $CC_CONFIG;`
			`$con = Propel::getConnection();`
CC-2789: Prevent brue-force password guessing attacks - add recaptcha on login page 2011-09-13 20:16:16 +02:00			`$sql = "UPDATE ".$CC_CONFIG['subjTable']." SET login_attempts = login_attempts+1"`
			`." WHERE login='$login'";`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`$res = $con->exec($sql);`
CC-2789: Prevent brue-force password guessing attacks - add recaptcha on login page 2011-09-13 20:16:16 +02:00			`return (intval($res) > 0);`
			`}`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00
			`public static function resetLoginAttempts($login)`
			`{`
			`global $CC_CONFIG;`
			`$con = Propel::getConnection();`
CC-2789: Prevent brue-force password guessing attacks - add recaptcha on login page 2011-09-13 20:16:16 +02:00			`$sql = "UPDATE ".$CC_CONFIG['subjTable']." SET login_attempts = '0'"`
			`." WHERE login='$login'";`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`$res = $con->exec($sql);`
			`return TRUE;`
CC-2789: Prevent brue-force password guessing attacks - add recaptcha on login page 2011-09-13 20:16:16 +02:00			`}`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00
			`public static function getLoginAttempts($login)`
			`{`
			`global $CC_CONFIG;`
			`$con = Propel::getConnection();`
CC-2789: Prevent brue-force password guessing attacks - add recaptcha on login page 2011-09-13 20:16:16 +02:00			`$sql = "SELECT login_attempts FROM ".$CC_CONFIG['subjTable']." WHERE login='$login'";`
CC-1927: Remove PEAR DB First pass through the model classes to remove use of $CC_DBC. Web application is working. There are still other parts of the app that use PEAR DB. 2012-04-01 21:51:03 +02:00			`$res = $con->query($sql)->fetchColumn(0);`
CC-1927: Remove PEAR DB -various fixes 2012-04-19 22:54:38 +02:00			`return ($res !== false) ? $res : 0;`
CC-2789: Prevent brue-force password guessing attacks - add recaptcha on login page 2011-09-13 20:16:16 +02:00			`}`
adding zend project folders into old campcaster. 2010-12-07 20:19:27 +01:00
			`} // class Subjects`
CC-1971 Remove "?>" from the end of pure-PHP files to prevent "HEADERS ALREADY SENT" 2011-02-22 18:22:31 +01:00