From 7e92c31751810f6ef6581b1d53aa965d3755f6e9 Mon Sep 17 00:00:00 2001 From: REJack Date: Wed, 1 Jun 2016 13:17:33 +0200 Subject: [PATCH] v2.5.0-alpha.5 fixes - fixed both SQL files - fixed `list_pms()` - fixed `delete_pm()` - updated CHANGELOG - added abilty to send `system` PM's for `send_pm()` & `send_pms()` - changed `name` to `username` in aauth_users table - changed `name` to `username` in all user related functions - changed `$name` to `$username` in `create_user()` & `update_user()` - added `user_exist_by_username()` - changed `user_exist_by_name()` to an alias of `user_exist_by_username()` --- CHANGELOG.md | 7 +++- application/libraries/Aauth.php | 65 +++++++++++++++++++++------------ sql/Aauth_v2.sql | 6 +-- sql/Aauth_v2_BCrypt.sql | 6 +-- 4 files changed, 52 insertions(+), 32 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 72e35beb..5297f8aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,11 +1,14 @@ ## Change Log -### upcoming +### v2.5.0-alpha.5 (2016/05/30) +- [847a639](https://github.com/emreakay/CodeIgniter-Aauth/commit/847a639d893cff4ae821615ddb48061cedb64def) (@REJack) + - reverted changed `count_unread_pms()` it counts now only not deleted pm's + - changed `delete_pm()` if a receiver deletes a pm it updates date_read - [84b61fd](https://github.com/emreakay/CodeIgniter-Aauth/commit/84b61fd97cef0e7de9560e1675f851f2572c5942) changed some explanation infos in aauth's config (@REJack) - [fe89cdb](https://github.com/emreakay/CodeIgniter-Aauth/commit/fe89cdb861d6864dc200db4089561669a3fd4353) (@REJack) - fixed explanation info text in aauth config - added `pm_cleanup_max_age`-config_var - - added 2 files (`pm_deleted_sender` & `pm_deleted_receiver`) in pm table + - added 2 fields (`pm_deleted_sender` & `pm_deleted_receiver`) in pm table - changed `list_pms()` to catch only not deleted pm's - changed `delete_pm()` now it need a user_id to delete a pm (like `get_pm()`) - changed `delete_pm()` sender's can now detete pm's from outbox diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php index 82b9b8d1..98e0620e 100644 --- a/application/libraries/Aauth.php +++ b/application/libraries/Aauth.php @@ -150,7 +150,7 @@ public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL) $this->error($this->CI->lang->line('aauth_error_login_failed_name')); return FALSE; } - $db_identifier = 'name'; + $db_identifier = 'username'; }else{ if( !valid_email($identifier) OR strlen($pass) < $this->config_vars['min'] OR strlen($pass) > $this->config_vars['max'] ) { @@ -306,7 +306,7 @@ public function login($identifier, $pass, $remember = FALSE, $totp_code = NULL) // create session $data = array( 'id' => $row->id, - 'name' => $row->name, + 'username' => $row->username, 'email' => $row->email, 'loggedin' => TRUE ); @@ -526,7 +526,7 @@ public function login_fast($user_id){ // create session $data = array( 'id' => $row->id, - 'name' => $row->name, + 'username' => $row->username, 'email' => $row->email, 'loggedin' => TRUE ); @@ -715,20 +715,20 @@ public function update_remember($user_id, $expression=null, $expire=null) { * Creates a new user * @param string $email User's email address * @param string $pass User's password - * @param string $name User's name + * @param string $username User's username * @return int|bool False if create fails or returns user id if successful */ - public function create_user($email, $pass, $name = FALSE) { + public function create_user($email, $pass, $username = FALSE) { $valid = TRUE; if($this->config_vars['login_with_name'] == TRUE){ - if (empty($name)){ + if (empty($username)){ $this->error($this->CI->lang->line('aauth_error_username_required')); $valid = FALSE; } } - if ($this->user_exist_by_name($name) && $name != FALSE) { + if ($this->user_exist_by_username($username) && $username != FALSE) { $this->error($this->CI->lang->line('aauth_error_username_exists')); $valid = FALSE; } @@ -746,7 +746,7 @@ public function create_user($email, $pass, $name = FALSE) { $this->error($this->CI->lang->line('aauth_error_password_invalid')); $valid = FALSE; } - if ($name != FALSE && !ctype_alnum(str_replace($this->config_vars['additional_valid_chars'], '', $name))){ + if ($username != FALSE && !ctype_alnum(str_replace($this->config_vars['additional_valid_chars'], '', $username))){ $this->error($this->CI->lang->line('aauth_error_username_invalid')); $valid = FALSE; } @@ -757,7 +757,7 @@ public function create_user($email, $pass, $name = FALSE) { $data = array( 'email' => $email, 'pass' => $this->hash_password($pass, 0), // Password cannot be blank but user_id required for salt, setting bad password for now - 'name' => (!$name) ? '' : $name , + 'username' => (!$username) ? '' : $username , 'date_created' => date("Y-m-d H:i:s"), ); @@ -805,7 +805,7 @@ public function create_user($email, $pass, $name = FALSE) { * @param string|bool $name User's name, or FALSE if not to be updated * @return bool Update fails/succeeds */ - public function update_user($user_id, $email = FALSE, $pass = FALSE, $name = FALSE) { + public function update_user($user_id, $email = FALSE, $pass = FALSE, $username = FALSE) { $data = array(); $valid = TRUE; @@ -836,20 +836,20 @@ public function update_user($user_id, $email = FALSE, $pass = FALSE, $name = FAL $data['pass'] = $this->hash_password($pass, $user_id); } - if ($user->name == $name) { - $name = FALSE; + if ($user->username == $username) { + $username = FALSE; } - if ($name != FALSE) { - if ($this->user_exist_by_name($name)) { + if ($username != FALSE) { + if ($this->user_exist_by_username($username)) { $this->error($this->CI->lang->line('aauth_error_update_username_exists')); $valid = FALSE; } - if ($name !='' && !ctype_alnum(str_replace($this->config_vars['additional_valid_chars'], '', $name))){ + if ($username !='' && !ctype_alnum(str_replace($this->config_vars['additional_valid_chars'], '', $username))){ $this->error($this->CI->lang->line('aauth_error_username_invalid')); $valid = FALSE; } - $data['name'] = $name; + $data['username'] = $username; } if ( !$valid || empty($data)) { @@ -1073,14 +1073,14 @@ public function is_banned($user_id) { } /** - * user_exist_by_name - * Check if user exist by name + * user_exist_by_username + * Check if user exist by username * @param $user_id * * @return bool */ - public function user_exist_by_name( $name ) { - $query = $this->aauth_db->where('name', $name); + public function user_exist_by_username( $name ) { + $query = $this->aauth_db->where('username', $name); $query = $this->aauth_db->get($this->config_vars['users']); @@ -1090,6 +1090,17 @@ public function user_exist_by_name( $name ) { return FALSE; } + /** + * user_exist_by_name !DEPRECATED! + * Check if user exist by name + * @param $user_id + * + * @return bool + */ + public function user_exist_by_name( $name ) { + return $this->user_exist_by_name($name); + } + /** * user_exist_by_email * Check if user exist by user email @@ -1884,10 +1895,13 @@ public function send_pm( $sender_id, $receiver_id, $title, $message ){ $this->error($this->CI->lang->line('aauth_error_self_pm')); return FALSE; } - if (($this->is_banned($receiver_id) || !$this->user_exist_by_id($receiver_id)) || ($this->is_banned($sender_id) || !$this->user_exist_by_id($sender_id))){ + if (($this->is_banned($receiver_id) || !$this->user_exist_by_id($receiver_id)) || ($sender_id && ($this->is_banned($sender_id) || !$this->user_exist_by_id($sender_id)))){ $this->error($this->CI->lang->line('aauth_error_no_user')); return FALSE; } + if ( !$sender_id){ + $sender_id = 0; + } if ($this->config_vars['pm_encryption']){ $this->CI->load->library('encrypt'); @@ -1921,10 +1935,13 @@ public function send_pms( $sender_id, $receiver_ids, $title, $message ){ $title = $this->CI->encrypt->encode($title); $message = $this->CI->encrypt->encode($message); } - if (($this->is_banned($sender_id) || !$this->user_exist_by_id($sender_id))){ + if ($sender_id && ($this->is_banned($sender_id) || !$this->user_exist_by_id($sender_id))){ $this->error($this->CI->lang->line('aauth_error_no_user')); return FALSE; } + if ( !$sender_id){ + $sender_id = 0; + } if (is_numeric($receiver_ids)) { $receiver_ids = array($receiver_ids); } @@ -1964,7 +1981,7 @@ public function send_pms( $sender_id, $receiver_ids, $title, $message ){ * @return object Array of private messages */ public function list_pms($limit=5, $offset=0, $receiver_id=NULL, $sender_id=NULL){ - if (is_numeric($sender_id)){ + if (is_numeric($receiver_id)){ $query = $this->aauth_db->where('receiver_id', $receiver_id); $query = $this->aauth_db->where('pm_deleted_receiver', 0); } @@ -2048,7 +2065,7 @@ public function delete_pm($pm_id, $user_id = NULL){ } return $this->aauth_db->update( $this->config_vars['pms'], array('pm_deleted_sender'=>1), array('id' => $pm_id)); - }else if ($user_id == $result->result->receiver_id){ + }else if ($user_id == $result->receiver_id){ if($result->pm_deleted_sender == 1){ return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id)); } diff --git a/sql/Aauth_v2.sql b/sql/Aauth_v2.sql index aa50c898..1efb8b62 100644 --- a/sql/Aauth_v2.sql +++ b/sql/Aauth_v2.sql @@ -95,7 +95,7 @@ CREATE TABLE `aauth_users` ( `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `email` varchar(100) COLLATE utf8_general_ci NOT NULL, `pass` varchar(64) COLLATE utf8_general_ci NOT NULL, - `name` varchar(100) COLLATE utf8_general_ci, + `username` varchar(100) COLLATE utf8_general_ci, `banned` tinyint(1) DEFAULT '0', `last_login` datetime DEFAULT NULL, `last_activity` datetime DEFAULT NULL, @@ -112,7 +112,7 @@ CREATE TABLE `aauth_users` ( -- ---------------------------- -- Records of aauth_users -- ---------------------------- -INSERT INTO `aauth_users` VALUES ('1', 'admin@example.com', 'dd5073c93fb477a167fd69072e95455834acd93df8fed41a2c468c45b394bfe3', 'Admin', '0', null, null, null, null, null, null, null, null, null, '0'); +INSERT INTO `aauth_users` VALUES ('1', 'admin@example.com', 'dd5073c93fb477a167fd69072e95455834acd93df8fed41a2c468c45b394bfe3', 'Admin', '0', null, null, null, null, null, null, null, null, '0'); -- ---------------------------- -- Table structure for `aauth_user_to_group` @@ -168,7 +168,7 @@ CREATE TABLE `aauth_group_to_group` ( CREATE TABLE IF NOT EXISTS `aauth_login_attempts` ( `id` int(11) NOT NULL AUTO_INCREMENT, `ip_address` varchar(39) DEFAULT '0', - `timestamp` datetime DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + `timestamp` datetime DEFAULT NULL, `login_attempts` tinyint(2) DEFAULT '0', PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; diff --git a/sql/Aauth_v2_BCrypt.sql b/sql/Aauth_v2_BCrypt.sql index f295d044..3af3c057 100644 --- a/sql/Aauth_v2_BCrypt.sql +++ b/sql/Aauth_v2_BCrypt.sql @@ -95,7 +95,7 @@ CREATE TABLE `aauth_users` ( `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `email` varchar(100) COLLATE utf8_general_ci NOT NULL, `pass` varchar(60) COLLATE utf8_general_ci NOT NULL, - `name` varchar(100) COLLATE utf8_general_ci, + `username` varchar(100) COLLATE utf8_general_ci, `banned` tinyint(1) DEFAULT '0', `last_login` datetime DEFAULT NULL, `last_activity` datetime DEFAULT NULL, @@ -112,7 +112,7 @@ CREATE TABLE `aauth_users` ( -- ---------------------------- -- Records of aauth_users -- ---------------------------- -INSERT INTO `aauth_users` VALUES ('1', 'admin@example.com', '$2y$10$h19Lblcr6amOIUL1TgYW2.VVZOhac/e1kHMgAwCubMTlYXZrL0wS2', 'Admin', '0', null, null, null, null, null, null, null, null, null, '0'); +INSERT INTO `aauth_users` VALUES ('1', 'admin@example.com', '$2y$10$h19Lblcr6amOIUL1TgYW2.VVZOhac/e1kHMgAwCubMTlYXZrL0wS2', 'Admin', '0', null, null, null, null, null, null, null, null, '0'); -- ---------------------------- -- Table structure for `aauth_user_to_group` @@ -168,7 +168,7 @@ CREATE TABLE `aauth_group_to_group` ( CREATE TABLE IF NOT EXISTS `aauth_login_attempts` ( `id` int(11) NOT NULL AUTO_INCREMENT, `ip_address` varchar(39) DEFAULT '0', - `timestamp` datetime DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + `timestamp` datetime DEFAULT NULL, `login_attempts` tinyint(2) DEFAULT '0', PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1;