import v1.1.0_beta1 | 2009-08-21

modules/users/models/AuthAttempt.php

@@ -0,0 +1,29 @@
+<?php
+
+/*
+* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
+* @license http://creativecommons.org/licenses/BSD/ BSD License
+* @author Keyboard Monkeys Ltd.
+* @since CommunityID 0.9
+* @package CommunityID
+* @packager Keyboard Monkeys
+*/
+
+
+class Users_Model_AuthAttempt extends Zend_Db_Table_Row_Abstract
+{
+    const MAX_ATTEMPTS_ALLOWED = 3;
+    const MIN_MINUTES_BETWEEN_ATTEMPTS = 30;
+
+    public function addFailure()
+    {
+        $this->failed_attempts++;
+        $this->last_attempt = date('Y-m-d H:i:s');
+    }
+
+    public function surpassedMaxAllowed()
+    {
+        return ($this->failed_attempts >= self::MAX_ATTEMPTS_ALLOWED)
+            && $this->last_attempt > date('Y-m-d H:i:s', time() - self::MIN_MINUTES_BETWEEN_ATTEMPTS * 60);
+    }
+}

modules/users/models/AuthAttempts.php

@@ -0,0 +1,51 @@
+<?php
+
+/*
+* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
+* @license http://creativecommons.org/licenses/BSD/ BSD License
+* @author Keyboard Monkeys Ltd.
+* @since CommunityID 0.9
+* @package CommunityID
+* @packager Keyboard Monkeys
+*/
+
+
+class Users_Model_AuthAttempts extends Monkeys_Db_Table_Gateway
+{
+    protected $_name = 'auth_attempts';
+    protected $_primary = 'id';
+    protected $_rowClass = 'Users_Model_AuthAttempt';
+
+    /**
+    * This method first searches for a match on the session_id.
+    * If nothing is found, it searches for a match on the IP.
+    */
+    public function get()
+    {
+        $ip = @$_SERVER['REMOTE_ADDR'];
+
+        $select = $this->select()
+                       ->where('session_id=?', session_id());
+
+        $row = $this->fetchRow($select);
+        if ($row) {
+            return $row;
+        }
+
+        $select = $select->where('IP=?', $ip);
+
+        return $this->fetchRow($select);
+    }
+    
+    public function create()
+    {
+        $ip = @$_SERVER['REMOTE_ADDR'];
+
+        $attempt = $this->createRow();
+        $attempt->IP = $ip;
+        $attempt->session_id = session_id();
+        $attempt->failed_attempts = 1;
+        $attempt->last_attempt = date('Y-m-d H:i:s');
+        $attempt->save();
+    }
+}

modules/users/models/User.php

@@ -4,13 +4,13 @@
 * @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
 * @license http://creativecommons.org/licenses/BSD/ BSD License
 * @author Keyboard Monkeys Ltd.
-* @since Textroller 0.9
-* @package TextRoller
+* @since CommunityID 0.9
+* @package CommunityID
 * @packager Keyboard Monkeys
 */
 
 
-class User extends Zend_Db_Table_Row_Abstract
+class Users_Model_User extends Zend_Db_Table_Row_Abstract
 {
     const ROLE_GUEST = 'guest';
     const ROLE_REGISTERED = 'registered';

modules/users/models/Users.php

@@ -4,21 +4,23 @@
 * @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
 * @license http://creativecommons.org/licenses/BSD/ BSD License
 * @author Keyboard Monkeys Ltd.
-* @since Textroller 0.9
-* @package TextRoller
+* @since CommunityID 0.9
+* @package CommunityID
 * @packager Keyboard Monkeys
 */
 
 
-class Users extends Monkeys_Db_Table_Gateway
+class Users_Model_Users extends Monkeys_Db_Table_Gateway
 {
-    protected $_name = 'users';
-    protected $_primary = 'id';
-    protected $_rowClass = 'User';
-
     const DIR_ASC = 0;
     const DIR_DESC = 1;
 
+    protected $_name = 'users';
+    protected $_primary = 'id';
+    protected $_rowClass = 'Users_Model_User';
+
+    private $_user;
+
     private $_sortFields = array(
         'name'          => array('firstname', 'lastname'),
         'registration'  => array('registration_date', 'firstname', 'lastname'),
@@ -30,12 +32,74 @@ class Users extends Monkeys_Db_Table_Gateway
         return parent::createRow(array(
             'openid'                 => '',
             'password_changed'       => '0000-00-00',
-            'role'                   => User::ROLE_GUEST,
+            'role'                   => Users_Model_User::ROLE_GUEST,
             'passwordreset_token'    => '',
         ));
     }
 
-    public function getUsers($startIndex = false, $results = false, $sort = false, $dir = false, $where = false)
+    /**
+    * In CID we chose from the beginning not to use SET NAMES, and instead leave the charset encodings configurations
+    * to remain in the database server side (my.cnf).
+    *
+    * CID's strings are UTF8. If character_set_client is not UTF8 but latin1 for example (unfortunatly that's the common case), non-latin1
+    * characters will appear garbled when manually browsing the db, but they should show OK in CID's web pages.
+    *
+    * When authenticating below, we use MySQL's MD5 function. From my tests, it looks like the argument of this function
+    * gets automatically converted to the charset of that field. Sorta like if we had implicitly MD5(CONVERT(arg using charset)).
+    * When the tables are build during setup, the charset of string fields are set accordingly to the my.cnf directives
+    * character-set-server and collation-server.
+    * If those directives don't match character_set_client, the conversion inside MD5 will in fact transform the string, and we'll
+    * get the MD5 of a different string than what we had intended (well, only if the string contains non-latin1 characters).
+    * For this reason we have to override that conversion, converting to the charset specified in character_set_client, as shown below.
+    *
+    * @return Zend_Auth_Result
+    */
+    public function authenticate($identity, $password, $isOpenId = false)
+    {
+        $auth = Zend_Auth::getInstance();
+        $db = $this->getAdapter();
+
+        $result = $db->query("SHOW VARIABLES LIKE 'character_set_client'")->fetch();
+        $clientCharset = $result['Value'];
+        if ($isOpenId) {
+            if (!Zend_OpenId::normalize($identity)) {
+                return false;
+            }
+
+            $authAdapter = new Zend_Auth_Adapter_DbTable($db, 'users', 'openid', 'password',
+                'MD5(CONCAT(CONVERT(openid using ' . $clientCharset . '), CONVERT(? using ' . $clientCharset . ')))');
+        } else {
+            $authAdapter = new Zend_Auth_Adapter_DbTable($db, 'users', 'username', 'password',
+                'MD5(CONCAT(CONVERT(openid using ' . $clientCharset . '), CONVERT(? using ' . $clientCharset . ')))');
+        }
+
+        $authAdapter->setIdentity($identity);
+        $authAdapter->setCredential($password);
+
+        $result = $auth->authenticate($authAdapter);
+
+        if ($result->isValid()) {
+            if ($isOpenId) {
+                $this->_user = $this->getUserWithOpenId($identity);
+            } else {
+                $this->_user = $this->getUserWithUsername($identity);
+            }
+
+            $auth->getStorage()->write($this->_user);
+            Zend_Registry::set('user', $this->_user);
+
+            return true;
+        }
+
+        return false;
+    }
+
+    public function getUser()
+    {
+        return $this->_user;
+    }
+
+    public function getUsers($startIndex = false, $results = false, $sort = false, $dir = false, $where = false, $search = false)
     {
         $select = $this->select();
 
@@ -57,19 +121,23 @@ class Users extends Monkeys_Db_Table_Gateway
             $select = $select->where($where);
         }
 
+        if ($search) {
+            $select = $select->where('firstname LIKE ? OR lastname LIKE ?', "%$search%", "%$search%");
+        }
+
         return $this->fetchAll($select);
     }
 
-    public function getNumUsers($where = false)
+    public function getNumUsers($where = false, $search = false)
     {
-        $users = $this->getUsers(false, false, false, false, $where);
+        $users = $this->getUsers(false, false, false, false, $where, $search);
 
         return count($users);
     }
 
     public function getNumUnconfirmedUsers()
     {
-        $users = $this->getUsers(false, false, false, false, "accepted_eula=0 AND role != '".User::ROLE_ADMIN."'");
+        $users = $this->getUsers(false, false, false, false, "accepted_eula=0 AND role != '".Users_Model_User::ROLE_ADMIN."'");
 
         return count($users);
     }
@@ -90,6 +158,14 @@ class Users extends Monkeys_Db_Table_Gateway
         return $this->fetchRow($select);
     }
 
+    public function getUserWithUsername($username)
+    {
+        $select = $this->select()
+                       ->where('username=?', $username);
+
+        return $this->fetchRow($select);
+    }
+
     public function getUserWithOpenId($openid)
     {
         $select = $this->select()
@@ -98,11 +174,14 @@ class Users extends Monkeys_Db_Table_Gateway
         return $this->fetchRow($select);
     }
 
-    public function getUser($identity)
+    public function getUnconfirmedUsers($olderThanDays)
     {
-        $select = $this->select()->where('username=?', $identity);
+        $date = date('Y-m-d', strtotime("$olderThanDays days ago"));
+        $select = $this->select()
+                       ->where('accepted_eula=0')
+                       ->where('registration_date < ?', $date);
 
-        return $this->fetchRow($select);
+        return $this->fetchAll($select);
     }
 
     public function deleteUser(User $user)
@@ -116,9 +195,11 @@ class Users extends Monkeys_Db_Table_Gateway
         $this->delete('test=1');
     }
 
-    public function deleteUnconfirmed()
+    public function deleteUnconfirmed($olderThanDays)
     {
-        $this->delete("accepted_eula=0 AND role = '".User::ROLE_GUEST."'");
+        $olderThanDays = (int) $olderThanDays;
+        $date = date('Y-m-d', strtotime("$olderThanDays days ago"));
+        $this->delete("accepted_eula=0 AND role = '".Users_Model_User::ROLE_GUEST."' AND registration_date < '$date'");
     }
 
     protected $_metadata = array(