<?php defined("SYSPATH") or die("No direct script access.");
/**
 * Gallery - a web based photo album viewer and editor
 * Copyright (C) 2000-2008 Bharat Mediratta
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or (at
 * your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
 */

/**
 * This helper provides a common around the user management functions.
 *
 * @author Tim Almdal <public@timalmdal.com>
 *
 */
class user {

  /**
   * Return the form for creating / modifying users.
   */
  public static function get_edit_form($user) {
    $form = new Forge(
      url::site("users/{$user->id}?_method=put"), "", "post", array("id" => "gUserForm"));
    $group = $form->group(_("User Info"));
    $group->input("name")         ->label(_("Name"))         ->id("gName")        ->value($user->name);
    $group->input("display_name") ->label(_("Display Name")) ->id("gDisplayName") ->value($user->display_name);
    $group->password("password")  ->label(_("Password"))     ->id("gPassword");
    $group->input("email")        ->label(_("Email"))        ->id("gEmail")       ->value($user->email);
    $group->submit(_("Modify"));
    $form->add_rules_from($user);
    return $form;
  }

  /**
   * Is the password provided correct?
   *
   * @param user User Model
   * @param string $password a plaintext password
   * @return boolean true if the password is correct
   */
  public static function is_correct_password($user, $password) {
    $valid = $user->password;

    $salt = substr($valid, 0, 4);
    /* Support both old (G1 thru 1.4.0; G2 thru alpha-4) and new password schemes: */
    $guess = (strlen($valid) == 32) ? md5($password) : ($salt . md5($salt . $password));
    if (!strcmp($guess, $valid)) {
      return true;
    }

    /* Passwords with <&"> created by G2 prior to 2.1 were hashed with entities */
    $sanitizedPassword = html::specialchars($password, false);
    $guess = (strlen($valid) == 32) ? md5($sanitizedPassword)
          : ($salt . md5($salt . $sanitizedPassword));
    if (!strcmp($guess, $valid)) {
      return true;
    }

    /* Also support hashes generated by phpass for interoperability with other applications */
    if (strlen($valid) == 34) {
      $hashGenerator = new PasswordHash(10, true);
      return $hashGenerator->CheckPassword($password, $valid);
    }

    return false;
  }

  /**
   * Create the hashed passwords.
   * @param string $password a plaintext password
   * @return string hashed password
   */
  public static function hash_password($password) {
    return user::_md5Salt($password);
  }

  /**
   * Perform the post authentication processing
   * @param object $user the user object.
   */
  public static function login($user) {
    $user->login_count += 1;
    $user->last_login = time();
    $user->save();

    Session::instance()->set('user', $user);
  }

  /**
   * Create a hashed password using md5 plus salt.
   * @param string $password plaintext password
   * @param string $salt (optional) salt or hash containing salt (randomly generated if omitted)
   * @return string hashed password
   */
  private static function _md5Salt($password, $salt='') {
    if (empty($salt)) {
      for ($i = 0; $i < 4; $i++) {
        $char = mt_rand(48, 109);
        $char += ($char > 90) ? 13 : ($char > 57) ? 7 : 0;
        $salt .= chr($char);
      }
    } else {
      $salt = substr($salt, 0, 4);
    }
    return $salt . md5($salt . $password);
  }
}