Dominique Fournier
a04d3a4f4a
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@3012 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
157 lines
5.2 KiB
PHP
157 lines
5.2 KiB
PHP
<?php
|
|
/** The abstraction class of the users
|
|
Allow to manage the users in multiple storages (SQL, HTPasswd, passwd file).
|
|
CRUD the users and allow to modify the password */
|
|
class users
|
|
{
|
|
/** Connect to the storage */
|
|
public function connect ()
|
|
{
|
|
}
|
|
|
|
/** Initialise the storage
|
|
Create the structure of data needed to the class */
|
|
public function initStorage ()
|
|
{
|
|
}
|
|
|
|
/** Create a new user
|
|
If the password is not provided, create a default passwd (can be disable
|
|
password) */
|
|
public function adduser ($email, $firstname, $lastname, $password=null)
|
|
{
|
|
}
|
|
|
|
/** Delete a user */
|
|
public function deluser ($email)
|
|
{
|
|
}
|
|
|
|
/** Update a user */
|
|
public function updateuser ($oldemail, $newemail, $firstname, $lastname)
|
|
{
|
|
}
|
|
|
|
/** List the users */
|
|
public function listusers ()
|
|
{
|
|
}
|
|
|
|
/** Change password
|
|
@param string $email the user email to change the password
|
|
@param string $oldpassword The old password (to check if the user have the
|
|
rights to change the password)
|
|
@param string $newpassword The new password to be recorded */
|
|
public function changepassword ($email, $oldpassword, $newpassword)
|
|
{
|
|
}
|
|
|
|
/** Overwrite password (without oldpassword check)
|
|
Must be reserved to the administrators. For the users, use changepassword
|
|
method
|
|
@param string $email the user email to change the password
|
|
@param string $newpassword The new password to be recorded */
|
|
public function overwritepassword ($email, $newpassword)
|
|
{
|
|
}
|
|
|
|
/** Check if the provided password is correctely associated to the email user
|
|
*/
|
|
public function checkValidPassword ($email, $password)
|
|
{
|
|
}
|
|
|
|
/** Check if the user provided is correct */
|
|
public function checkEmail ($email)
|
|
{
|
|
if (! is_string ($email))
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid email provided : not a string"),
|
|
500);
|
|
if (strlen ($email) < 5)
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid email provided : too short"),
|
|
500);
|
|
if (strpos ($email, ":") !== false)
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid email provided : colon forbidden"),
|
|
500);
|
|
return true;
|
|
}
|
|
|
|
/** Check if the firstname provided is correct */
|
|
public function checkFirstname ($firstname)
|
|
{
|
|
if (! is_string ($firstname))
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid firstname provided : not a string"),
|
|
500);
|
|
if (strlen ($firstname) < 1)
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid firstname provided : too short"),
|
|
500);
|
|
if (strpos ($firstname, ":") !== false)
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid firstname provided : colon forbidden"),
|
|
500);
|
|
return true;
|
|
}
|
|
|
|
/** Check if the lastname provided is correct */
|
|
public function checkLastname ($lastname)
|
|
{
|
|
if (! is_string ($lastname))
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid lastname provided : not a string"),
|
|
500);
|
|
if (strpos ($lastname, ":") !== false)
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid lastname provided : colon forbidden"),
|
|
500);
|
|
return true;
|
|
}
|
|
|
|
/** Check if the password provided is correct */
|
|
public function checkPassword ($password)
|
|
{
|
|
if (! is_string ($password))
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid password provided : not a string"),
|
|
500);
|
|
if (strlen ($password) < 5)
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid password provided : too short"),
|
|
500);
|
|
if (strlen ($password) >= 128)
|
|
throw new Exception (dgettext("domframework",
|
|
"Invalid password provided : too long"),
|
|
500);
|
|
return true;
|
|
}
|
|
|
|
/** Crypt the password with the best algorithm available */
|
|
public function cryptPasswd ($password)
|
|
{
|
|
if (! function_exists ("openssl_random_pseudo_bytes"))
|
|
throw new Exception (dgettext("domframework",
|
|
"No PHP support for openssl_random_pseudo_bytes"),
|
|
500);
|
|
$cost = 11;
|
|
$salt = substr (base64_encode (openssl_random_pseudo_bytes (17)), 0, 22);
|
|
$salt = str_replace ("+", ".", $salt);
|
|
$param = '$'.implode ('$', array(
|
|
"2y", //select the most secure version of blowfish (>=PHP 5.3.7)
|
|
str_pad ($cost, 2, "0", STR_PAD_LEFT), //add the cost in two digits
|
|
$salt //add the salt
|
|
));
|
|
//now do the actual hashing
|
|
return crypt ($password, $param);
|
|
}
|
|
|
|
/** Check if the password is enough complex
|
|
Return True if the password is enough complex */
|
|
public function passwdComplexity ($password)
|
|
{
|
|
}
|
|
}
|