| 1 | <!--- |
|---|
| 2 | Name : cfcs/user.cfc |
|---|
| 3 | Author : Raymond Camden |
|---|
| 4 | Created : August 3, 2007 |
|---|
| 5 | Last Updated : |
|---|
| 6 | History : |
|---|
| 7 | Purpose : |
|---|
| 8 | ---> |
|---|
| 9 | |
|---|
| 10 | <cfcomponent displayName="User" hint="Basic User CFC" output="false"> |
|---|
| 11 | |
|---|
| 12 | |
|---|
| 13 | <cffunction name="init" access="public" returnType="user" output="false" |
|---|
| 14 | hint="Returns an instance of the CFC initialized with the correct DSN."> |
|---|
| 15 | <cfargument name="dsn" type="string" required="true" hint="DSN used for all operations in the CFC."> |
|---|
| 16 | <cfargument name="dbtype" type="string" required="true" hint="Database type."> |
|---|
| 17 | <cfargument name="tableprefix" type="string" required="true" hint="Table prefix."> |
|---|
| 18 | |
|---|
| 19 | <cfset variables.dsn = arguments.dsn> |
|---|
| 20 | <cfset variables.dbtype = arguments.dbtype> |
|---|
| 21 | <cfset variables.tableprefix = arguments.tableprefix> |
|---|
| 22 | <cfset variables.lockname = "soundings_20_userlock"> |
|---|
| 23 | <cfreturn this> |
|---|
| 24 | |
|---|
| 25 | </cffunction> |
|---|
| 26 | |
|---|
| 27 | <cffunction name="addUser" access="public" returnType="void" output="false"> |
|---|
| 28 | <cfargument name="username" type="string" required="true"> |
|---|
| 29 | <cfargument name="password" type="string" required="false" default=""> |
|---|
| 30 | <cfset var check = ""> |
|---|
| 31 | |
|---|
| 32 | <cflock name="#variables.lockname#" type="exclusive" timeout="30"> |
|---|
| 33 | <!--- did we pick someone existing? ---> |
|---|
| 34 | |
|---|
| 35 | <cfquery name="check" datasource="#variables.dsn#"> |
|---|
| 36 | select username |
|---|
| 37 | from #variables.tableprefix#users |
|---|
| 38 | where username = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.username#" maxlength="255"> |
|---|
| 39 | </cfquery> |
|---|
| 40 | |
|---|
| 41 | <cfif check.recordCount> |
|---|
| 42 | <cfthrow message="A user by this name, #arguments.username#, already exists."> |
|---|
| 43 | </cfif> |
|---|
| 44 | |
|---|
| 45 | |
|---|
| 46 | <cfquery datasource="#variables.dsn#"> |
|---|
| 47 | insert into #variables.tableprefix#users(username,password) |
|---|
| 48 | values(<cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.username#" maxlength="255">, |
|---|
| 49 | <cfqueryparam cfsqltype="cf_sql_varchar" value="#hash(arguments.password)#" maxlength="255">) |
|---|
| 50 | </cfquery> |
|---|
| 51 | |
|---|
| 52 | </cflock> |
|---|
| 53 | </cffunction> |
|---|
| 54 | |
|---|
| 55 | <cffunction name="authenticate" access="public" returnType="boolean" output="false"> |
|---|
| 56 | <cfargument name="username" type="string" required="true"> |
|---|
| 57 | <cfargument name="password" type="string" required="true"> |
|---|
| 58 | <cfset var q = ""> |
|---|
| 59 | |
|---|
| 60 | <cfquery name="q" datasource="#variables.dsn#"> |
|---|
| 61 | select username |
|---|
| 62 | from #variables.tableprefix#users |
|---|
| 63 | where username = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.username#" maxlength="255"> |
|---|
| 64 | and password = <cfqueryparam cfsqltype="cf_sql_varchar" value="#hash(arguments.password)#" maxlength="255"> |
|---|
| 65 | </cfquery> |
|---|
| 66 | |
|---|
| 67 | <cfreturn q.recordCount is 1> |
|---|
| 68 | </cffunction> |
|---|
| 69 | |
|---|
| 70 | <cffunction name="deleteUser" access="public" returnType="void" output="false"> |
|---|
| 71 | <cfargument name="username" type="string" required="true"> |
|---|
| 72 | |
|---|
| 73 | <cfquery datasource="#variables.dsn#"> |
|---|
| 74 | delete from #variables.tableprefix#users |
|---|
| 75 | where username = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.username#" maxlength="255"> |
|---|
| 76 | </cfquery> |
|---|
| 77 | |
|---|
| 78 | </cffunction> |
|---|
| 79 | |
|---|
| 80 | <cffunction name="getUser" access="public" returnType="struct" output="false"> |
|---|
| 81 | <cfargument name="username" type="string" required="true"> |
|---|
| 82 | <cfset var q = ""> |
|---|
| 83 | <cfset var s = structNew()> |
|---|
| 84 | |
|---|
| 85 | <cfquery name="q" datasource="#variables.dsn#"> |
|---|
| 86 | select username, password |
|---|
| 87 | from #variables.tableprefix#users |
|---|
| 88 | where username = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.username#" maxlength="255"> |
|---|
| 89 | </cfquery> |
|---|
| 90 | |
|---|
| 91 | <cfset s.username = q.username> |
|---|
| 92 | <cfset s.password = q.password> |
|---|
| 93 | |
|---|
| 94 | <cfreturn s> |
|---|
| 95 | </cffunction> |
|---|
| 96 | |
|---|
| 97 | <cffunction name="getUsers" access="public" returnType="query" output="false"> |
|---|
| 98 | <cfset var q = ""> |
|---|
| 99 | |
|---|
| 100 | <cfquery name="q" datasource="#variables.dsn#"> |
|---|
| 101 | select username, password |
|---|
| 102 | from #variables.tableprefix#users |
|---|
| 103 | order by username asc |
|---|
| 104 | </cfquery> |
|---|
| 105 | |
|---|
| 106 | <cfreturn q> |
|---|
| 107 | </cffunction> |
|---|
| 108 | |
|---|
| 109 | <cffunction name="updatePassword" access="public" returnType="void" output="false"> |
|---|
| 110 | <cfargument name="username" type="string" required="true"> |
|---|
| 111 | <cfargument name="oldpassword" type="string" required="true"> |
|---|
| 112 | <cfargument name="newpassword" type="string" required="true"> |
|---|
| 113 | |
|---|
| 114 | <!--- ensure old password is right ---> |
|---|
| 115 | <cfif authenticate(arguments.username,arguments.oldpassword)> |
|---|
| 116 | <cfquery datasource="#variables.dsn#"> |
|---|
| 117 | update #variables.tableprefix#users |
|---|
| 118 | set password = <cfqueryparam cfsqltype="cf_sql_varchar" value="#hash(arguments.newpassword)#" maxlength="255"> |
|---|
| 119 | where username = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.username#" maxlength="255"> |
|---|
| 120 | </cfquery> |
|---|
| 121 | <cfelse> |
|---|
| 122 | <cfthrow message="Old password did not match."> |
|---|
| 123 | </cfif> |
|---|
| 124 | |
|---|
| 125 | </cffunction> |
|---|
| 126 | |
|---|
| 127 | <cffunction name="updateUser" access="public" returnType="void" output="false"> |
|---|
| 128 | <cfargument name="originalusername" type="string" required="true"> |
|---|
| 129 | <cfargument name="username" type="string" required="true"> |
|---|
| 130 | <cfargument name="password" type="string" required="false" default=""> |
|---|
| 131 | <cfset var check = ""> |
|---|
| 132 | |
|---|
| 133 | <!--- Logic is simple: |
|---|
| 134 | If username changed, I need to check for uniqueness. |
|---|
| 135 | If password has a value, I update and hash. |
|---|
| 136 | So if username same as orig and no new password, might as well make like a banana and split. |
|---|
| 137 | ---> |
|---|
| 138 | |
|---|
| 139 | <cfif arguments.originalusername is arguments.username and arguments.password is ""> |
|---|
| 140 | <cfreturn> |
|---|
| 141 | </cfif> |
|---|
| 142 | |
|---|
| 143 | <cflock name="#variables.lockname#" type="exclusive" timeout="30"> |
|---|
| 144 | <!--- did we change names? ---> |
|---|
| 145 | <cfif arguments.originalusername neq arguments.username> |
|---|
| 146 | |
|---|
| 147 | <cfquery name="check" datasource="#variables.dsn#"> |
|---|
| 148 | select username |
|---|
| 149 | from #variables.tableprefix#users |
|---|
| 150 | where username = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.username#" maxlength="255"> |
|---|
| 151 | </cfquery> |
|---|
| 152 | |
|---|
| 153 | <cfif check.recordCount> |
|---|
| 154 | <cfthrow message="A user by this name, #arguments.username#, already exists."> |
|---|
| 155 | </cfif> |
|---|
| 156 | |
|---|
| 157 | </cfif> |
|---|
| 158 | |
|---|
| 159 | <cfquery datasource="#variables.dsn#"> |
|---|
| 160 | update #variables.tableprefix#users |
|---|
| 161 | set username = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.username#" maxlength="255"> |
|---|
| 162 | <cfif len(arguments.password)> |
|---|
| 163 | ,password = <cfqueryparam cfsqltype="cf_sql_varchar" value="#hash(arguments.password)#" maxlength="255"> |
|---|
| 164 | </cfif> |
|---|
| 165 | where username = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.originalusername#" maxlength="255"> |
|---|
| 166 | </cfquery> |
|---|
| 167 | |
|---|
| 168 | </cflock> |
|---|
| 169 | </cffunction> |
|---|
| 170 | |
|---|
| 171 | </cfcomponent> |
|---|