+AGB, +DeleteUser feature

3 files changed, 33 insertions, 36 deletions

diff --git a/inc/database.inc.php b/inc/database.inc.php
index efc330f..f76c9e7 100644
--- a/inc/database.inc.php
+++ b/inc/database.inc.php
@@ -14,21 +14,8 @@ class Database
 	private static $dbh = false;
 	private static $statements = array();
 	
-	/**
-	 * Get database schema version - used for checking for updates
-	 * @return int Version of db schema
-	 */
-	public static function getExpectedSchemaVersion()
-	{
-		return 9;
-	}
 	
-	public static function needSchemaUpdate()
-	{
-		return Property::getCurrentSchemaVersion() < self::getExpectedSchemaVersion();
-	}
-
-	/**
+		/**
 	 * Connect to the DB if not already connected.
 	 */
 	private static function init()
diff --git a/inc/session.inc.php b/inc/session.inc.php
index 6718006..891a465 100644
--- a/inc/session.inc.php
+++ b/inc/session.inc.php
@@ -86,7 +86,7 @@ class Session
 	{
 		if (self::$sid === false) return;
 		Database::exec('DELETE FROM websession WHERE sid = :sid', array('sid' => self::$sid));
-		@setcookie('sid', '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+		@setcookie('sid', '', time() - CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
 		self::$sid = false;
 		self::$data = false;
 	}
diff --git a/inc/user.inc.php b/inc/user.inc.php
index ef29003..e2b7e43 100644
--- a/inc/user.inc.php
+++ b/inc/user.inc.php
@@ -43,7 +43,7 @@ class User
 	{
 		if (!isset(self::$user['userid']))
 			return false;
-		return (int)self::$user['userid'];
+		return (int) self::$user['userid'];
 	}
 
 	public static function getMail()
@@ -106,9 +106,8 @@ class User
 			return false;
 		if (is_null(self::$organization)) {
 			self::$organization = Database::queryFirst('SELECT organizationid, name FROM satellite_suffix '
-				. ' INNER JOIN satellite USING (organizationid) '
-				. ' WHERE suffix = :org LIMIT 1',
-				array('org' => self::$user['organization']));
+					. ' INNER JOIN satellite USING (organizationid) '
+					. ' WHERE suffix = :org LIMIT 1', array('org' => self::$user['organization']));
 		}
 		return self::$organization;
 	}
@@ -133,9 +132,12 @@ class User
 			Session::save();
 		}
 		self::$isShib = true;
-		if (!isset($_SERVER['sn'])) $_SERVER['sn'] = '';
-		if (!isset($_SERVER['givenName'])) $_SERVER['givenName'] = '';
-		if (!isset($_SERVER['mail'])) $_SERVER['mail'] = '';
+		if (!isset($_SERVER['sn']))
+			$_SERVER['sn'] = '';
+		if (!isset($_SERVER['givenName']))
+			$_SERVER['givenName'] = '';
+		if (!isset($_SERVER['mail']))
+			$_SERVER['mail'] = '';
 		$shibId = md5($_SERVER['persistent-id']);
 		self::$user = array(
 			'userid' => 0,
@@ -159,6 +161,7 @@ class User
 			// No match in database, user is not signed up
 			return true;
 		}
+		self::$user['userid'] = $user['userid'];
 		if (Session::getUid() === false) {
 			Session::setUid($user['userid']);
 			Session::save();
@@ -182,18 +185,18 @@ class User
 			Database::exec("INSERT INTO user (shibid, login, organizationid, firstname, lastname, email) "
 				. " VALUES (:shibid, :shibid, :org, '', '', '') "
 				. " ON DUPLICATE KEY UPDATE firstname = '', lastname = '', email = ''", array(
-					'shibid' => self::$user['shibid'],
-					'org'    => self::getOrganizationId()
+				'shibid' => self::$user['shibid'],
+				'org' => self::getOrganizationId()
 			));
 		} else {
 			Database::exec("INSERT INTO user (shibid, login, organizationid, firstname, lastname, email) "
 				. " VALUES (:shibid, :shibid, :org, :firstname, :lastname, :email) "
 				. " ON DUPLICATE KEY UPDATE firstname = VALUES(firstname), lastname = VALUES(lastname), email = VALUES(email)", array(
-					'shibid' => self::$user['shibid'],
-					'firstname' => self::$user['firstname'],
-					'lastname' => self::$user['lastname'],
-					'email' => self::$user['email'],
-					'org'    => self::getOrganizationId()
+				'shibid' => self::$user['shibid'],
+				'firstname' => self::$user['firstname'],
+				'lastname' => self::$user['lastname'],
+				'email' => self::$user['email'],
+				'org' => self::getOrganizationId()
 			));
 		}
 	}
@@ -204,23 +207,23 @@ class User
 			return false;
 		$pw = Crypto::hash6($pass);
 		$ret = Database::exec('UPDATE user SET password = :pass WHERE userid = :user LIMIT 1', array(
-			'pass' => $pw,
-			'user' => self::getId()
+				'pass' => $pw,
+				'user' => self::getId()
 		));
 		return $ret == 1;
 	}
 
-
 	public static function updateMail($mail)
 	{
 		if (!self::isLoggedIn() || self::$isShib || !self::$isInDb)
 			return false;
 		$ret = Database::exec('UPDATE user SET email = :mail WHERE userid = :user LIMIT 1', array(
-			'mail' => $mail,
-			'user' => self::getId()
+				'mail' => $mail,
+				'user' => self::getId()
 		));
 		return $ret == 1 || $mail === self::get('email');
 	}
+
 	public static function login($user, $pass)
 	{
 		$ret = Database::queryFirst('SELECT userid, password FROM user WHERE login = :user LIMIT 1', array(':user' => $user));
@@ -240,15 +243,22 @@ class User
 		foreach ($_COOKIE as $name => $value) {
 			if (substr($name, 0, 5) !== '_shib')
 				continue;
-			@setcookie($name, '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+			@setcookie($name, '', time() - CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
 		}
 		Session::delete();
 		if (self::$isShib) {
-			Header('Location: ?do=Logout&noredirect=yes');
+			Header('Location: ' . CONFIG_PREFIX . '?do=Logout&noredirect=yes');
 		} else {
 			Header('Location: ?do=Main');
 		}
 		exit(0);
 	}
 
+	public static function delete()
+	{
+		if (!User::isLoggedIn() || !User::isInDatabase())
+			return true;
+		return Database::exec("DELETE FROM user WHERE userid = :userid LIMIT 1", array('userid' => User::getId()), true) > 0;
+	}
+
 }