From e6af0ab4c954758ca368aadcafdba43361974498 Mon Sep 17 00:00:00 2001 From: Benny Baumann Date: Fri, 31 Jul 2015 07:59:57 +0200 Subject: [PATCH 1/2] bug 1391: Fix Whitespace --- manager/application/models/User.php | 191 ++++++++++++++-------------- 1 file changed, 95 insertions(+), 96 deletions(-) diff --git a/manager/application/models/User.php b/manager/application/models/User.php index 443dac5..53711f9 100644 --- a/manager/application/models/User.php +++ b/manager/application/models/User.php @@ -5,20 +5,20 @@ class Default_Model_User { protected $db; - + protected $id; protected $points = null; - + protected function __construct(Zend_Db_Adapter_Abstract $db, $id) { // Not allowed to create new users from within the manager - + $this->db = $db; $this->id = $id; } - + /** * Get an user object for the given ID - * + * * @param $id int * @return Default_Model_User */ @@ -29,7 +29,7 @@ class Default_Model_User { APPLICATION_ENV); $db = Zend_Db::factory($config->ca_mgr->db->auth->pdo, $config->ca_mgr->db->auth); - + // Check if the ID is present on the test server $query = 'select `id` from `users` where `id` = :user'; $query_params['user'] = $id; @@ -39,13 +39,13 @@ class Default_Model_User { __METHOD__ . ': user ID not found in the data base'); } $row = $result->fetch(); - + return new Default_Model_User($db, $row['id']); } - + /** * Get an user object for the currently logged in user - * + * * @return Default_Model_User */ public static function findCurrentUser() { @@ -54,56 +54,56 @@ class Default_Model_User { throw new Exception( __METHOD__ . ': you need to log in to use this feature'); } - + return self::findById($session->authdata['authed_id']); } - + /** * Get the first assurer who didn't already assure the user - * + * * @return Default_Model_User */ public function findNewAssurer() { $query = 'select min(`id`) as `assurer` from `users` ' . - 'where `email` like \'john.doe-___@example.com\' and ' . + 'where `email` like \'john.doe-___@example.com\' and ' . '`id` not in (select `from` from `notary` where `to` = :user)'; $query_params['user'] = $this->id; $row = $this->db->query($query, $query_params)->fetch(); - + if ($row['assurer'] === NULL) { throw new Exception( __METHOD__ . ': no more assurers that haven\'t already '. 'assured this account'); } - + return new Default_Model_User($this->db, $row['assurer']); } - + /** * Get the first assuree who hasn't already been assured by this user - * + * * @return Default_Model_User */ public function findNewAssuree() { $query = 'select min(`id`) as `assuree` from `users` ' . - 'where `email` like \'john.doe-___@example.com\' and ' . + 'where `email` like \'john.doe-___@example.com\' and ' . '`id` not in (select `to` from `notary` where `from` = :user)'; $query_params['user'] = $this->id; $row = $this->db->query($query, $query_params)->fetch(); - + if ($row['assuree'] === NULL) { throw new Exception( __METHOD__ . ': no more assurees that haven\'t already '. 'been assured by this account'); } - + return new Default_Model_User($this->db, $row['assuree']); } - + /** * Refresh the current value of points from the test server - * + * * Needed if operations outside this class are made, that might affect the * user's points */ @@ -113,13 +113,13 @@ class Default_Model_User { $query_params['user'] = $this->id; $row = $this->db->query($query, $query_params)->fetch(); if ($row['total'] === null) $row['total'] = 0; - + $this->points = $row['total']; } - - /** + + /** * Get points of the user - * + * * @return int * The amount of points the user has */ @@ -128,40 +128,40 @@ class Default_Model_User { if ($this->points === null) { $this->refreshPoints(); } - + return $this->points; } - + /** * Fix the assurer flag for the user */ public function fixAssurerFlag() { - // TODO: unset flag if requirements are not met - + // TODO: unset flag if requirements are not met + $query = 'UPDATE `users` SET `assurer` = 1 WHERE `users`.`id` = :user AND '. - + 'EXISTS(SELECT * FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` '. 'WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND '. '`cp`.`user_id` = :user) AND '. - + '(SELECT SUM(`points`) FROM `notary` WHERE `to` = :user AND '. '`expire` < now()) >= 100'; $query_params['user'] = $this->id; $this->db->query($query, $query_params); } - + /** * @return boolean */ public function getAssurerStatus() { $query = 'SELECT 1 FROM `users` WHERE `users`.`id` = :user AND '. - '`assurer_blocked` = 0 AND '. - - 'EXISTS(SELECT * FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` '. - 'WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND '. - '`cp`.`user_id` = :user) AND '. - + '`assurer_blocked` = 0 AND '. + + 'EXISTS(SELECT * FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` '. + 'WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND '. + '`cp`.`user_id` = :user) AND '. + '(SELECT SUM(`points`) FROM `notary` WHERE `to` = :user AND '. '`expire` < now()) >= 100'; $query_params['user'] = $this->id; @@ -169,10 +169,10 @@ class Default_Model_User { if ($result->rowCount() === 1) { return true; } - + return false; } - + /** * @return Zend_Date */ @@ -180,10 +180,10 @@ class Default_Model_User { $query = 'select `dob` from `users` where `id` = :user'; $query_params['user'] = $this->id; $row = $this->db->query($query, $query_params)->fetch(); - + return new Zend_Date($row['dob'], Zend_Date::ISO_8601); } - + /** * @return int */ @@ -191,16 +191,16 @@ class Default_Model_User { $now = new Zend_Date(); $dob = $this->getDob(); $age = $now->get(Zend_Date::YEAR) - $dob->get(Zend_Date::YEAR); - + // Did we have a happy birthday already this year? $dob->setYear($now); if ($dob->compare($now) > 0) { - $age -= 1; + $age -= 1; } - + return $age; } - + /** * @return string */ @@ -208,44 +208,43 @@ class Default_Model_User { $query = 'select `email` from `users` where `id` = :user'; $query_params['user'] = $this->id; $row = $this->db->query($query, $query_params)->fetch(); - + return $row['email']; } - + /** * Assure another user. Usual restrictions apply - * + * * @param $assuree Default_Model_User * @param $points int * @param $location string * @param $date string * @throws Exception - * + * * @return int * The amount of points that have been issued (might be less than * $points) */ - public function assure(Default_Model_User $assuree, $points, $location, - $date) { + public function assure(Default_Model_User $assuree, $points, $location, $date) { // Sanitize inputs $points = intval($points); $location = stripslashes($location); $date = stripslashes($date); - + if (!$this->getAssurerStatus()) { throw new Exception( __METHOD__ . ': '.$this->id.' needs to be an assurer to do '. 'assurances'); } - + if ($this->id === $assuree->id) { throw new Exception( __METHOD__ . ': '.$this->id.' is not allowed to assure '. 'himself'); } - + $query = 'select * from `notary` where `from`= :assurer and '. - '`to`= :assuree'; + '`to`= :assuree'; $query_params['assurer'] = $this->id; $query_params['assuree'] = $assuree->id; $result = $this->db->query($query, $query_params); @@ -254,11 +253,11 @@ class Default_Model_User { __METHOD__ . ': '.$this->id.' is not allowed to assure '. $assuree->id .' more than once'); } - + // Respect the maximum points $max = $this->maxpoints(); $points = min($points, $max); - + $rounddown = $points; if ($max < 100) { if ($assuree->getPoints() + $points > 100) @@ -268,10 +267,10 @@ class Default_Model_User { $rounddown = $max - $assuree->getPoints(); } if ($rounddown < 0) $rounddown = 0; - + $query = 'select * from `notary` where `from` = :assurer and '. - '`to` = :assuree and `awarded` = :points and '. - '`location` = :location and `date` = :date'; + '`to` = :assuree and `awarded` = :points and '. + '`location` = :location and `date` = :date'; $query_params['assurer'] = $this->id; $query_params['assuree'] = $assuree->id; $query_params['points'] = $points; @@ -283,7 +282,7 @@ class Default_Model_User { __METHOD__ . ': '.$this->id.' is not allowed to do the same '. 'assurance to '.$assuree->id.' more than once'); } - + // Make sure it is empty $assurance = array(); $assurance['from'] = $this->id; @@ -293,16 +292,16 @@ class Default_Model_User { $assurance['location'] = $location; $assurance['date'] = $date; $assurance['when'] = new Zend_Db_Expr('now()'); - + $this->db->insert('notary', $assurance); $assuree->points += $rounddown; $assuree->fixAssurerFlag(); return $rounddown; } - + /** * Do an administrative increase - * + * * @param $points int * @param $location string * @param $date string @@ -312,7 +311,7 @@ class Default_Model_User { $points = intval($points); $location = stripslashes($location); $date = stripslashes($date); - + $increase = array(); $increase['from'] = $this->id; $increase['to'] = $this->id; @@ -322,23 +321,23 @@ class Default_Model_User { $increase['date'] = $date; $increase['method'] = 'Administrative Increase'; $increase['when'] = new Zend_Db_Expr('now()'); - + $this->db->insert('notary', $increase); $this->points += $points; - + $this->fixAssurerFlag(); } - + /** * Maximum number of points the user may issue - * + * * @return int */ public function maxpoints() { if (!$this->getAssurerStatus()) return 0; - + if ($this->getAge() < 18) return 10; - + $points = $this->getPoints(); if ($points >= 300) return 200; if ($points >= 200) return 150; @@ -348,18 +347,18 @@ class Default_Model_User { if ($points >= 120) return 20; if ($points >= 110) return 15; if ($points >= 100) return 10; - + // Should not get here throw new Exception( __METHOD__ . ': '.$this->id.' We have reached unreachable code'); } - + /** * Get the challenge types that are available in the database - * + * * @param $db Zend_Db_Adapter_Abstract * The database connection to use - * + * * @return array(int => string) */ public static function getAvailableChallengeTypes( @@ -367,16 +366,16 @@ class Default_Model_User { $query = 'select `id`, `type_text` from `cats_type`'; return $db->fetchPairs($query); } - + /** * Get the challenge variants for this type that are available in the * database - * + * * @param $db Zend_Db_Adapter_Abstract * The database connection to use * @param $type int * The type of challenge you want to get the variants of - * + * * @return array(int => string) */ public static function getAvailableChallengeVariants( @@ -386,10 +385,10 @@ class Default_Model_User { $query_params['type'] = $type; return $db->fetchPairs($query, $query_params); } - + /** * Assign the challenge to the user - * + * * @param $type int * The type of the challenge, has to be one of the keys returned by * getAvailableChallengeTypes() @@ -406,14 +405,14 @@ class Default_Model_User { __METHOD__ . ': got wrong challenge type '.$type.' when '. 'assigning challenge to user '.$this->id); } - + $variants = self::getAvailableChallengeVariants($this->db, $type); if (!isset($variants[$variant])) { throw new Exception( __METHOD__ . ': got wrong challenge variant '.$variant.' when '. 'assigning challenge to user '.$this->id); } - + $challenge = array(); $challenge['user_id'] = $this->id; $challenge['variant_id'] = $variant; @@ -421,21 +420,21 @@ class Default_Model_User { $challenge['pass_date'] = $date->toString('Y-m-d H:i:s'); // otherwise default value of the database will be used } - + $this->db->insert('cats_passed', $challenge); - + $this->fixAssurerFlag(); } - + /** * Get the flags that are set - * + * * @return array (string => boolean) */ public function getFlags() { $flags = $this->db->select()->from('users', self::flags()) ->where('`id` = ?', $this->id)->query()->fetch(); - + foreach ($flags as $key => $value) { if ($value === '0') { $flags[$key] = false; @@ -443,20 +442,20 @@ class Default_Model_User { $flags[$key] = true; } } - + return $flags; } - + /** * Set the flags - to know which flags exist you might want to call * getFlags() first - * + * * @param $flags array (string => boolean) * Currently unknown flags are silently ignored */ public function setFlags(array $flags) { $newflags = array(); - + // filter values foreach (self::flags() as $flag) { if (isset($flags[$flag])) { @@ -467,11 +466,11 @@ class Default_Model_User { } } } - + $where = $this->db->quoteInto('`id` = ?', $this->id, Zend_Db::INT_TYPE); $this->db->update('users', $newflags, $where); } - + /** * The flags from the `users` table that might be set */ @@ -492,4 +491,4 @@ class Default_Model_User { 'assurer', 'assurer_blocked'); } -} \ No newline at end of file +} From 3c8663a208346f502173a4b123d98120869b0765 Mon Sep 17 00:00:00 2001 From: Benny Baumann Date: Fri, 31 Jul 2015 08:04:11 +0200 Subject: [PATCH 2/2] bug 1391: fix sql statement --- manager/application/models/User.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manager/application/models/User.php b/manager/application/models/User.php index 53711f9..f8ebf60 100644 --- a/manager/application/models/User.php +++ b/manager/application/models/User.php @@ -108,8 +108,8 @@ class Default_Model_User { * user's points */ public function refreshPoints() { - $query = "select sum(`points`) as `total` from `notary` " . - "where `to` = :user and method != 'Administrative Increase' and from != to"; + $query = "SELECT SUM(`points`) AS `total` FROM `notary` " . + "WHERE `to` = :user AND `method` != 'Administrative Increase' AND `from` != `to`"; $query_params['user'] = $this->id; $row = $this->db->query($query, $query_params)->fetch(); if ($row['total'] === null) $row['total'] = 0;