2
Class User extends CI_Model {
6
function __construct() {
9
//Load required libraries and drivers
10
$this->load->database();
11
$this->load->library('session');
16
* This function returns the users password hint (or FALSE if user isn't logged in).
17
* RESTRICTED-LEVEL: None
19
public function getPasswordHint($user) {
21
$this->db->select('passwdHint');
22
$this->db->from('Users');
23
$this->db->where('userName', $user);
27
$query = $this->db->get();
28
$result = $query->result();
30
//If a matching DB record is found.
32
foreach($result as $row) {
33
$hint = $row->passwdHint;
46
* This function logs the user in (returns FALSE on fail).
47
* RESTRICTED-LEVEL: None
49
public function login($username, $password) {
50
//Generate a salted hash
51
$hash = $this->getSaltedHash($password);
54
$this->db->select('userName, name, passwd, userType, ssn, activeCourse'); // Tog bort firstLogin här.
55
$this->db->from('Users');
56
$this->db->where('userName', $username);
57
$this->db->where('passwd', $hash);
61
$query = $this->db->get();
62
$result = $query->result();
64
//If a matching DB record is found.
66
//Prepare session data
67
$userDetails = array();
68
foreach($result as $row) {
70
'username' => $row->userName,
72
'usertype' => $row->userType,
74
'activeCourse' => $row->activeCourse,
75
// 'firstLogin' => $row->firstLogin
80
$this->session->set_userdata('authenticated', $userDetails);
82
//Log attempt as valid
83
$this->logLogin($username, 1);
89
//Log attempt as invalid
90
$this->logLogin($username, 0);
98
* This function logs the user out.
99
* RESTRICTED-LEVEL: Self
101
public function logout() {
103
$this->session->unset_userdata('authenticated');
108
* This function changes the users password.
109
* RESTRICTED-LEVEL: Self
111
public function changePassword($pwdOld, $pwdNew, $pwdHint) {
112
//Check that a user is logged in.
113
if($this->isLoggedIn()) {
114
$user = $this->getUserName();
115
$oldHash = $this->getSaltedHash($pwdOld);
116
$newHash = $this->getSaltedHash($pwdNew);
118
//Validate input with database
119
$this->db->select('userName');
120
$this->db->from('Users');
121
$this->db->where('userName', $user);
122
$this->db->where('passwd', $oldHash);
124
$query = $this->db->get();
125
$result = $query->result();
127
//If a matching DB record is found, update database.
130
'passwd' => $newHash,
131
'passwdHint' => $pwdHint
134
$this->db->where('userName', $user);
135
$this->db->update('Users', $data);
148
* This function registers user into the database.
149
* RESTRICTED-LEVEL: Teacher
151
public function addUser($userName, $name, $ssn, $password, $userType, $pwdHint, $email) {
152
//Check that a user is logged in and has the right privileges (is teacher)
153
if($this->isLoggedIn() && $this->getUserType() === 'Teacher') {
154
//Generate a salted hash
155
$hash = $this->getSaltedHash($password);
157
//Query-structure (All values are escaped automatically by codeigninte, producing safer queries.)
158
$this->db->set('userName', $userName);
159
$this->db->set('name', $name);
160
$this->db->set('ssn', $ssn);
161
$this->db->set('passwd', $hash);
162
$this->db->set('userType', $userType);
163
$this->db->set('passwdHint', $pwdHint);
164
$this->db->set('email', $email);
165
$result = $this->db->insert('Users');
167
//Check for my-sql error
180
* This function removes users from the database.
181
* RESTRICTED-LEVEL: Teacher
183
public function removeUser($userName) {
184
//Check that a user is logged in, has the right privileges (is teacher) and not is the users own username.
185
if($this->isLoggedIn() && $this->getUserType() === 'Teacher' && $this->getUserName() != $userName) {
187
$this->db->where('userName', $userName);
188
$result = $this->db->delete('Users');
190
//Check for my-sql error
203
* This reset the password for the user.
204
* RESTRICTED-LEVEL: Teacher
206
public function resetUser($userName) {
207
//Check that a user is logged in, has the right privileges (is teacher) and not is the users own username.
208
if($this->isLoggedIn() && $this->getUserType() === 'Teacher' && $this->getUserName() != $userName) {
210
$this->db->select('userName, userType, ssn, email');
211
$this->db->from('Users');
212
$this->db->where('userName', $username);
214
$query = $this->db->get();
215
$result = $query->result();
217
//If a matching DB record is found.
219
//Prepare new hash depending on user-type
222
if ($row->userType == 'Student') {
223
$newPwdHash = $this->getSaltedHash($row->ssn);
225
else if ($row->userType == 'Teacher') {
226
//$newPwdHash = $this->getSaltedHash($row->email);
227
$newPwdHash = $this->getSaltedHash($row->email);
232
'passwd' => $newPwdHash,
233
'passwdHint' => 'default',
237
$this->db->where('userName', $userName);
238
$this->db->update('Users', $data);
251
* This parses a user list from ladok and returns an array with users.
252
* RESTRICTED-LEVEL: Teacher
254
public function parseLadok($string) {
255
//Check that a user is logged in and has the right privileges (is teacher).
256
if($this->isLoggedIn() && $this->getUserType() === 'Teacher') {
257
$userArray = array();
259
//Populate array with users from ladok
260
$ladokUsers = preg_split( '/\r\n|\r|\n/', $string);
263
foreach ($ladokUsers as $key => $value) {
264
$ladokUsers[$key] = trim($ladokUsers[$key]);
267
//Split after last name
268
foreach ($ladokUsers as $key => $value) {
269
$ladokUsers[$key] = explode(',', trim($ladokUsers[$key]));
272
//Replace whitespaces and tabs with divider.
273
foreach ($ladokUsers as $key => $value) {
274
foreach ($ladokUsers[$key] as $key2 => $value2) {
275
$ladokUsers[$key][$key2] = preg_replace('/\s+/', ' ', trim($ladokUsers[$key][$key2]));
279
//Generate user array
280
foreach ($ladokUsers as $key => $value) {
282
'ssn' => substr($ladokUsers[$key][0], 0, 11),
283
'lastname' => substr($ladokUsers[$key][0], 12, strlen($ladokUsers[$key][0])),
284
'firstname' => substr($ladokUsers[$key][1], 0, stripos($ladokUsers[$key][1], ' ')),
285
'email' => substr($ladokUsers[$key][1], (strrpos($ladokUsers[$key][1], ' ') + 1))
287
$temp['username'] = substr($temp['email'], 0, (stripos($temp['email'], '@')));
288
array_push($userArray, $temp);
291
//Return parsed user array
301
* Generates a salted password hash, encrypted with sha1.
302
* RESTRICTED-LEVEL: System
304
private function getSaltedHash($pwd) {
305
//Salt = CodeIgniters encryption-key from config
306
$salt = $this->config->item('encryption_key');
308
//Generate SHA1 hash using salt
309
$hash = sha1($salt.$pwd);
316
* Log the login attempt.
317
* RESTRICTED-LEVEL: System
319
private function logLogin($userName, $valid) {
321
'userName' => $userName,
322
'userAgent' => $this->session->userdata('user_agent'),
323
'userIP' => $this->session->userdata('ip_address'),
324
'browserID' => $this->session->userdata('session_id'),
328
$this->db->insert('logUserLoginAttempts', $data);
333
* This function return TRUE if the user is logged in and FALSE otherwise.
334
* RESTRICTED-LEVEL: System
336
public function isLoggedIn() {
337
if ($this->session->userdata('authenticated')) {
347
* This function returns the users type (or FALSE if user isn't logged in).
348
* RESTRICTED-LEVEL: System
350
public function getUserType() {
351
if($this->isLoggedIn()) {
352
$temp = $this->session->userdata('authenticated');
353
return $temp['usertype'];
361
* This function returns a boolean containing information if it is the first login.
362
* RESTRICTED-LEVEL: System
364
public function isFirstLogin() {
365
if($this->isLoggedIn()) {
366
$temp = $this->session->userdata('authenticated');
367
if ($temp['firstLogin'] == 1) {
377
* This function returns the username (or FALSE if user isn't logged in).
378
* RESTRICTED-LEVEL: System
380
public function getUserName() {
381
if($this->isLoggedIn()) {
382
$temp = $this->session->userdata('authenticated');
383
return $temp['username'];
390
* This function fetches the active course from the user table
392
public function getActiveCourse(){
393
if($this->isLoggedIn()) {
394
$temp = $this->session->userdata('authenticated');
395
return $temp['activeCourse'];
b'\\ No newline at end of file'
added
removed
codeigniter/application/models/user.php
