/lenasys/trunk

To get this branch, use:
bzr branch http://gegoxaren.bato24.eu/bzr/lenasys/trunk

« back to all changes in this revision

Viewing changes to codeigniter/application/models/user.php

  • Committer: b11johgu
  • Date: 2013-05-03 11:39:08 UTC
  • mto: This revision was merged to the branch mainline in revision 53.
  • Revision ID: b11johgu@student.his.se-20130503113908-m8nilvexb8atwtvz
Added controllers for examplepage, templatelayout.
Updated models for login and database interaction.
Added ajax controller.
... A lot of stuff has changed.

Show diffs side-by-side

added added

removed removed

Lines of Context:
codeigniter/application/models/user.php
11
11
                        $this->load->library('session');
12
12
                }
13
13
 
14
 
                //Queries the DB and for a matching username and password. Returns result or false.
15
14
                /*
16
 
                 *      Constructor
 
15
                 *      This function logs the user in (returns FALSE on fail).
17
16
                 */ 
18
17
                public function login($username, $password)
19
18
                {                       
49
48
                                
50
49
                                //Return success
51
50
                                return TRUE;
52
 
                        } else {
53
 
                                //Return fail
54
 
                                return FALSE;
55
 
                        }       
 
51
                        }
 
52
 
 
53
                        //Return fail
 
54
                        return FALSE;   
56
55
                }
57
56
 
58
57
 
71
70
                public function isLoggedIn() {  
72
71
                        if ($this->session->userdata('authenticated')) {
73
72
                                return TRUE;
74
 
                        } else {
75
 
                                return FALSE;
76
 
                        }
77
 
                }
78
 
                
79
 
                
80
 
                //Generates a password hash using a user-unique salt.
 
73
                        }
 
74
                        
 
75
                        return FALSE;
 
76
                }
 
77
                
 
78
                
 
79
                /*
 
80
                 *      This function returns the users type (or FALSE if user isn't logged in).
 
81
                 */ 
 
82
                public function getUserType() { 
 
83
                        if($this->isLoggedIn()) {
 
84
                                $temp = $this->session->userdata('authenticated');
 
85
                                return $temp['usertype'];
 
86
                        }
 
87
                        
 
88
                        return FALSE;
 
89
                }
 
90
                
 
91
                
 
92
                /*
 
93
                 *      This function returns the username (or FALSE if user isn't logged in).
 
94
                 */ 
 
95
                public function getUserName() { 
 
96
                        if($this->isLoggedIn()) {
 
97
                                $temp = $this->session->userdata('authenticated');
 
98
                                return $temp['username'];
 
99
                        }
 
100
                        
 
101
                        return FALSE;
 
102
                }
 
103
                
 
104
                
 
105
                /*
 
106
                 *      This function returns the users password hint (or FALSE if user isn't logged in).
 
107
                 */ 
 
108
                public function getPasswordHint($user) {
 
109
                        $hint = '';
 
110
 
 
111
                        //Query-structure
 
112
                        $this->db->select('passwdHint');
 
113
                        $this->db->from('Users');
 
114
                        $this->db->where('userName', $user);
 
115
                        $this->db->limit(1);
 
116
                        
 
117
                        //Execute query
 
118
                        $query = $this->db->get();
 
119
                        $result = $query->result();
 
120
                        
 
121
                        //If a matching DB record is found.
 
122
                        if($result) {
 
123
                            foreach($result as $row) {
 
124
                                $hint = $row->passwdHint;
 
125
                                return $hint;
 
126
                            }
 
127
                        }
 
128
                        
 
129
                        return FALSE;
 
130
                }
 
131
                
 
132
                
 
133
                /*
 
134
                 *      This function registers user into the database.
 
135
                 */
 
136
                public function addUser($userName, $name, $ssn, $password, $userType, $pwdHint) {
 
137
                        //Check that a user is logged in and has the right privileges (is teacher)
 
138
                        if($this->isLoggedIn() && $this->getUserType() === 'Teacher') {
 
139
                                //Generate a salted hash
 
140
                                $hash = $this->getSaltedHash($password);
 
141
                                
 
142
                                //Query-structure (All values are escaped automatically by codeigninte, producing safer queries.)
 
143
                                $this->db->set('userName', $userName);
 
144
                                $this->db->set('name', $name);
 
145
                                $this->db->set('ssn', $ssn);
 
146
                                $this->db->set('passwd', $password);
 
147
                                $this->db->set('userType', $userType);
 
148
                                $this->db->set('passwdHint', $pwdHint);
 
149
                                $result = $this->db->insert('Users');
 
150
                                
 
151
                                //Check for my-sql error
 
152
                                if($result) {
 
153
                                        //Return success
 
154
                                        return TRUE;
 
155
                                } 
 
156
                        }
 
157
                        
 
158
                        //Return error
 
159
                        return FALSE;
 
160
                }
 
161
                
 
162
 
 
163
                /*
 
164
                 *      This function changes the users password.
 
165
                 */ 
 
166
                public function changePassword($pwdOld, $pwdNew, $pwdHint) {
 
167
                        //Check that a user is logged in.
 
168
                        if($this->isLoggedIn()) {
 
169
                                $user = $this->getUserName();
 
170
                                $oldHash = $this->getSaltedHash($pwdOld);
 
171
                                $newHash = $this->getSaltedHash($pwdNew);
 
172
                                
 
173
                                //Validate
 
174
                                $this->db->select('userName');
 
175
                                $this->db->from('Users');
 
176
                                $this->db->where('userName', $user);
 
177
                                $this->db->where('passwd', $oldHash);
 
178
                                $this->db->limit(1);
 
179
                                $query = $this->db->get();
 
180
                                $result = $query->result();
 
181
                                
 
182
                                //If a matching DB record is found, update database with new info.
 
183
                                if($result) {
 
184
                                        $data = array(
 
185
                                                'passwd' => $newHash,
 
186
                                                'passwdHint' => $pwdHint
 
187
                                        );
 
188
                                        
 
189
                                        $this->db->where('userName', $user);
 
190
                                        $this->db->update('Users', $data);
 
191
                                        
 
192
                                        //Return Success!
 
193
                                        return TRUE;                                                    
 
194
                                }
 
195
                        }
 
196
                        
 
197
                        //Return error
 
198
                        return FALSE;
 
199
                }
 
200
 
 
201
                
 
202
                /*
 
203
                 *      This function removes users from the database.
 
204
                 */ 
 
205
                public function removeUser($userName) {
 
206
                        //Check that a user is logged in, has the right privileges (is teacher) and not is the users own username.
 
207
                        if($this->isLoggedIn() && $this->getUserType() === 'Teacher' && $this->getUserName() != $userName) {
 
208
                                //Query-structure
 
209
                                $this->db->where('userName', $userName);
 
210
                                $result = $this->db->delete('Users');            
 
211
                                
 
212
                                //Check for my-sql error
 
213
                                if($result) {
 
214
                                        //Return success
 
215
                                        return TRUE;
 
216
                                } 
 
217
                        }
 
218
                        
 
219
                        //Return error
 
220
                        return FALSE;
 
221
                }
 
222
                
 
223
 
 
224
                /*
 
225
                 *      Generates a password hash using a user-unique salt.
 
226
                 */             
81
227
                private function getSaltedHash($pwd)
82
228
                {       
83
229
                        /* Salt algorithm: