OXID eShop CE: core/objects/oxerptype

00001 <?php
00002 
00003 require_once 'oxerptype.php';
00004 require_once realpath(dirname(__FILE__).'/../oxerpcompatability.php');
00005 
00009 class oxERPType_User extends oxERPType
00010 {
00015     static $CAN_NOT_IMPORT_SALT = 'ERROR: Can not import user password salt to shop config.';
00016 
00021     protected $_aFieldListVersions = array(
00022         '1' => array(
00023             'OXID'           => 'OXID',
00024             'OXACTIV'        => 'OXACTIV',
00025             'OXRIGHTS'       => 'OXRIGHTS',
00026             'OXSHOPID'       => 'OXSHOPID',
00027             'OXUSERNAME'     => 'OXUSERNAME',
00028             'OXPASSWORD'     => 'OXPASSWORD',
00029             'OXCUSTNR'       => 'OXCUSTNR',
00030             'OXUSTID'        => 'OXUSTID',
00031             'OXCOMPANY'      => 'OXCOMPANY',
00032             'OXFNAME'        => 'OXFNAME',
00033             'OXLNAME'        => 'OXLNAME',
00034             'OXSTREET'       => 'OXSTREET',
00035             'OXSTREETNR'     => 'OXSTREETNR',
00036             'OXADDINFO'      => 'OXADDINFO',
00037             'OXCITY'         => 'OXCITY',
00038             'OXCOUNTRY'      => 'OXCOUNTRY',
00039             'OXCOUNTRYID'    => 'OXCOUNTRYID', //hard to obtain for external users, use getCountries ERP method, it should be correct countryid
00040             'OXZIP'          => 'OXZIP',
00041             'OXFON'          => 'OXFON',
00042             'OXFAX'          => 'OXFAX',
00043             'OXSAL'          => 'OXSAL',
00044             'OXBONI'         => 'OXBONI',
00045             'OXCREATE'       => 'OXCREATE', //always now
00046             'OXREGISTER'     => 'OXREGISTER',
00047             'OXPRIVFON'      => 'OXPRIVFON',
00048             'OXMOBFON'       => 'OXMOBFON',
00049             'OXBIRTHDATE'    => 'OXBIRTHDATE',
00050             'OXURL'          => 'OXURL',
00051             'OXBUERGELLASTCHECK'         => 'OXBUERGELLASTCHECK',
00052             'OXBUERGELTEXT'  => 'OXBUERGELTEXT',
00053             'OXBUERGELADRESSSTATUS'      => 'OXBUERGELADRESSSTATUS',
00054             'OXBUERGELADRESSTEXT'        => 'OXBUERGELADRESSTEXT',
00055             'OXDISABLEAUTOGRP'           => 'OXDISABLEAUTOGRP',
00056             'OXLDAPKEY'      => 'OXLDAPKEY',
00057             'OXWRONGLOGINS'  => 'OXWRONGLOGINS'
00058         ),
00059         '2' => array(
00060             'OXID' => 'OXID',
00061             'OXACTIVE' => 'OXACTIVE',
00062             'OXRIGHTS' => 'OXRIGHTS',
00063             'OXSHOPID' => 'OXSHOPID',
00064             'OXUSERNAME' => 'OXUSERNAME',
00065             'OXPASSWORD' => 'OXPASSWORD',
00066             'OXCUSTNR' => 'OXCUSTNR',
00067             'OXUSTID' => 'OXUSTID',
00068             'OXUSTIDSTATUS' => 'OXUSTIDSTATUS',
00069             'OXCOMPANY' => 'OXCOMPANY',
00070             'OXFNAME' => 'OXFNAME',
00071             'OXLNAME' => 'OXLNAME',
00072             'OXSTREET' => 'OXSTREET',
00073             'OXSTREETNR' => 'OXSTREETNR',
00074             'OXADDINFO' => 'OXADDINFO',
00075             'OXCITY' => 'OXCITY',
00076             'OXCOUNTRYID' => 'OXCOUNTRYID',
00077             'OXZIP' => 'OXZIP',
00078             'OXFON' => 'OXFON',
00079             'OXFAX' => 'OXFAX',
00080             'OXSAL' => 'OXSAL',
00081             'OXBONI' => 'OXBONI',
00082             'OXCREATE' => 'OXCREATE',
00083             'OXREGISTER' => 'OXREGISTER',
00084             'OXPRIVFON' => 'OXPRIVFON',
00085             'OXMOBFON' => 'OXMOBFON',
00086             'OXBIRTHDATE' => 'OXBIRTHDATE',
00087             'OXURL' => 'OXURL',
00088             'OXDISABLEAUTOGRP' => 'OXDISABLEAUTOGRP',
00089             'OXLDAPKEY' => 'OXLDAPKEY',
00090             'OXWRONGLOGINS' => 'OXWRONGLOGINS',
00091         ),
00092     );
00093 
00099     public function __construct()
00100     {
00101         parent::__construct();
00102 
00103         $oCompat = oxNew('OXERPCompatability');
00104         if ($oCompat->isPasswordSaltInOxUser() && (oxERPBase::getUsedDbFieldsVersion() < 3)) {
00105             // also read OXPASSSALT, which will be included into combo, but removed from output
00106             $this->_aFieldList['OXPASSSALT'] = 'OXPASSSALT';
00107         }
00108 
00109         $this->_sTableName      = 'oxuser';
00110         $this->_sShopObjectName = 'oxuser';
00111     }
00112 
00122     public function getSQL( $sWhere, $iLanguage = 0,$iShopID = 1)
00123     {
00124         $myConfig = oxConfig::getInstance();
00125 
00126         // add type 'user' for security reasons
00127         if ( strstr( $sWhere, 'where' ) ) {
00128             $sWhere .= ' and ';
00129         } else {
00130             $sWhere .= ' where ';
00131         }
00132 
00133         $sWhere .= ' oxrights = \'user\'';
00134         //MAFI also check for shopid to restrict access
00135         if ( !$myConfig->getConfigParam( 'blMallUsers' ) ) {
00136             $sWhere .= ' AND oxshopid = \''.$iShopID.'\'';
00137         }
00138 
00139         return parent::getSQL( $sWhere, $iLanguage);;
00140     }
00141 
00149     public function checkWriteAccess($sOxid)
00150     {
00151         $myConfig = oxConfig::getInstance();
00152 
00153         if (!$myConfig->getConfigParam('blMallUsers')) {
00154             parent::checkWriteAccess($sOxid);
00155         }
00156     }
00157 
00165     public function getObjectForDeletion( $sId)
00166     {
00167         $myConfig = oxConfig::getInstance();
00168 
00169         if ( !isset( $sId ) ) {
00170             throw new Exception( "Missing ID!");
00171         }
00172 
00173         $oUser = oxNew( $this->getShopObjectName(), "core");
00174         if ( !$oUser->exists( $sId ) ) {
00175             throw new Exception( $this->getShopObjectName(). " " . $sId. " does not exists!");
00176         }
00177 
00178         //We must load the object here, to check shopid and return it for further checks
00179         $oUser->load($sId);
00180 
00181         //if blMallUsers is true its possible to delete all users of all shops
00182         if ( $oUser->getShopId() != $myConfig->getShopId() && !$myConfig->getConfigParam('blMallUsers' ) ) {
00183             throw new Exception( "No right to delete object {$sId} !");
00184         }
00185 
00186         //set to false, to allow a deletion, even if its normally not allowed
00187         $oUser->setIsDerived(false);
00188         return $oUser;
00189     }
00190 
00200     protected function getSqlFieldName($sField, $iLanguage = 0, $iShopID = 1)
00201     {
00202         if ('1' == oxERPBase::getUsedDbFieldsVersion()) {
00203             switch ($sField) {
00204                 case 'OXACTIV':
00205                     return "OXACTIVE as OXACTIV";
00206                 case 'OXACTIVFROM':
00207                     return "OXACTIVEFROM as OXACTIVEFROM";
00208                 case 'OXACTIVTO':
00209                     return "OXACTIVETO as OXACTIVTO";
00210                 case 'OXCOUNTRY':
00211                     return "(select oxtitle from oxcountry where oxcountry.oxid=OXCOUNTRYID limit 1) as OXCOUNTRY";
00212                 case 'OXBUERGELLASTCHECK':
00213                     return "'0000-00-00 00:00:00' as $sField";
00214                 case 'OXBUERGELADRESSSTATUS':
00215                     return "'0' as $sField";
00216                 case 'OXBUERGELTEXT':
00217                 case 'OXBUERGELADRESSTEXT':
00218                     return "'' as $sField";
00219             }
00220         }
00221 
00222         return parent::getSqlFieldName($sField, $iLanguage, $iShopID);
00223     }
00224 
00225 
00235     protected function _preAssignObject($oShopObject, $aData, $blAllowCustomShopId)
00236     {
00237         $aData = parent::_preAssignObject($oShopObject, $aData, $blAllowCustomShopId);
00238 
00239         $oCompat = oxNew('OXERPCompatability');
00240         if ($oCompat->isPasswordSaltSupported() && (oxERPBase::getUsedDbFieldsVersion() < 3)) {
00241             // emulate passwd and salt with only passwd field: check if combined
00242             // combine rules: array(passwd, salt, md5(passwd+salt))
00243             $aCombo = @explode(':', $aData['OXPASSWORD']);
00244             if (is_array($aCombo) && (3 == count($aCombo)) && (md5($aCombo[0].$aCombo[1]) == $aCombo[2])) {
00245                 // combo detected
00246                 $aData['OXPASSWORD'] = $aCombo[0];
00247                 if ($oCompat->isPasswordSaltInOxUser()) {
00248                     $aData['OXPASSSALT'] = $aCombo[1];
00249                 } else {
00250                     $sConfigSalt = oxConfig::getInstance()->getConfigParam( 'sPasswdSalt' );
00251                     $sConfigSalt = unpack('H*', $sConfigSalt);
00252                     $sConfigSalt = $sConfigSalt[1];
00253                     if ($aCombo[1] != $sConfigSalt) {
00254                         // note: can not import config value here, since it will break other passwds
00255                         throw new Exception( self::$CAN_NOT_IMPORT_SALT );
00256                     }
00257                 }
00258             }
00259         }
00260         return $aData;
00261     }
00262 
00272     protected function _preSaveObject($oShopObject, $aData)
00273     {
00274         $oCompat = oxNew('OXERPCompatability');
00275         if ($oCompat->isPasswordSaltSupported()) {
00276             if (method_exists($oShopObject, 'getPasswordHash')) {
00277                 $oShopObject->getPasswordHash();
00278             } else {
00279                 if ( $oShopObject->oxuser__oxpassword->value ) {
00280                     if ( strpos( $oShopObject->oxuser__oxpassword->value, 'ox_' ) === 0 ) {
00281                         // decodable pass ?
00282                         $oShopObject->setPassword( oxUtils::getInstance()->strRem( $oShopObject->oxuser__oxpassword->value ) );
00283                     } elseif ( ( strlen( $oShopObject->oxuser__oxpassword->value ) < 32 ) && ( strpos( $oShopObject->oxuser__oxpassword->value, 'openid_' ) !== 0 ) ) {
00284                         // plain pass ?
00285                         $oShopObject->setPassword( $oShopObject->oxuser__oxpassword->value );
00286                     }
00287                 }
00288             }
00289         }
00290         return parent::_preSaveObject($oShopObject, $aData);
00291     }
00292 
00300     public function addExportData( $aFields )
00301     {
00302         $oCompat = oxNew('OXERPCompatability');
00303         if ($oCompat->isPasswordSaltSupported() && (oxERPBase::getUsedDbFieldsVersion() < 3)) {
00304             $sSalt = '';
00305             if ($oCompat->isPasswordSaltInOxUser()) {
00306                 $sSalt = $aFields['OXPASSSALT'];
00307                 $aFields['OXPASSSALT'] = null;
00308                 unset($aFields['OXPASSSALT']);
00309             } else {
00310                 $sSalt = oxConfig::getInstance()->getConfigParam( 'sPasswdSalt' );
00311                 $sSalt = unpack('H*', $sSalt);
00312                 $sSalt = $sSalt[1];
00313             }
00314             $sCheckSum = md5($aFields['OXPASSWORD'].$sSalt);
00315             $aFields['OXPASSWORD'] = implode(':', array($aFields['OXPASSWORD'], $sSalt, $sCheckSum));
00316         }
00317         return $aFields;
00318     }
00319 
00320 }
oxerptype_user.php
