DomFramework/users.php

<?php
/** The abstraction class of the users 
    Allow to manage the users in multiple storages (SQL, HTPasswd, passwd file).
    CRUD the users and allow to modify the password */
class users
{
  /** Connect to the storage */
  public function connect ()
  {
  }

  /** Initialise the storage 
      Create the structure of data needed to the class */
  public function initStorage ()
  {
  }

  /** Create a new user
      If the password is not provided, create a default passwd (can be disable
      password) */
  public function adduser ($email, $firstname, $lastname, $password=null)
  {
  } 

  /** Delete a user */
  public function deluser ($email)
  {
  }

  /** Update a user */
  public function updateuser ($oldemail, $newemail, $firstname, $lastname)
  {
  }

  /** List the users */
  public function listusers ()
  {
  }

  /** Change password 
      @param string $email the user email to change the password
      @param string $oldpassword The old password (to check if the user have the
         rights to change the password)
      @param string $newpassword The new password to be recorded */
  public function changepassword ($email, $oldpassword, $newpassword)
  {
  }

  /** Overwrite password (without oldpassword check)
      Must be reserved to the administrators. For the users, use changepassword
      method
      @param string $email the user email to change the password
      @param string $newpassword The new password to be recorded */
  public function overwritepassword ($email, $newpassword)
  {
  }

  /** Check if the provided password is correctely associated to the email user
    */
  public function checkValidPassword ($email, $password)
  {
  }

  /** Check if the user provided is correct */
  public function checkEmail ($email)
  {
    if (! is_string ($email))
      throw new Exception (dgettext("domframework", 
                                    "Invalid email provided : not a string"),
                           500);
    if (strlen ($email) < 5)
      throw new Exception (dgettext("domframework", 
                                    "Invalid email provided : too short"),
                           500);
    if (strpos ($lastname, ":") !== false)
      throw new Exception (dgettext("domframework", 
                                "Invalid email provided : colon forbidden"),
                           500);
    return true;
  }

  /** Check if the firstname provided is correct */
  public function checkFirstname ($firstname)
  {
    if (! is_string ($firstname))
      throw new Exception (dgettext("domframework", 
                                   "Invalid firstname provided : not a string"),
                           500);
    if (strlen ($firstname) < 1)
      throw new Exception (dgettext("domframework", 
                                    "Invalid firstname provided : too short"),
                           500);
    if (strpos ($firstname, ":") !== false)
      throw new Exception (dgettext("domframework", 
                                "Invalid firstname provided : colon forbidden"),
                           500);
    return true;
  }

  /** Check if the lastname provided is correct */
  public function checkLastname ($lastname)
  {
    if (! is_string ($lastname))
      throw new Exception (dgettext("domframework", 
                                    "Invalid lastname provided : not a string"),
                           500);
    if (strpos ($lastname, ":") !== false)
      throw new Exception (dgettext("domframework", 
                                "Invalid lastname provided : colon forbidden"),
                           500);
    return true;
  }

  /** Check if the password provided is correct */
  public function checkPassword ($password)
  {
    if (! is_string ($password))
      throw new Exception (dgettext("domframework", 
                                    "Invalid password provided : not a string"),
                           500);
    if (strlen ($password) < 5)
      throw new Exception (dgettext("domframework", 
                                    "Invalid password provided : too short"),
                           500);
    if (strlen ($password) >= 128)
      throw new Exception (dgettext("domframework", 
                                    "Invalid password provided : too long"),
                           500);
    return true;
  }

  /** Crypt the password with the best algorithm available */
  public function cryptPasswd ($password)
  {
    if (! function_exists ("openssl_random_pseudo_bytes"))
      throw new Exception (dgettext("domframework",
                           "No PHP support for openssl_random_pseudo_bytes"),
                           500);
    $cost = 11;
    $salt = substr (base64_encode (openssl_random_pseudo_bytes (17)), 0, 22);
    $salt = str_replace ("+", ".", $salt);
    $param = '$'.implode ('$', array(
             "2y", //select the most secure version of blowfish (>=PHP 5.3.7)
             str_pad ($cost, 2, "0", STR_PAD_LEFT), //add the cost in two digits
             $salt //add the salt
    ));
    //now do the actual hashing
    return crypt ($password, $param);
  }

  /** Check if the password is enough complex
      Return True if the password is enough complex */
  public function passwdComplexity ($password)
  {
  }
}