added the webui to the tarball

2025-06-13 03:17:01 +02:00 · 2012-02-08 23:14:28 +01:00
parent 79cdeed1b6
commit 1211e9a39c
272 changed files with 26456 additions and 11 deletions
--- a/webui/model/user/auth.php
+++ b/webui/model/user/auth.php
@ -0,0 +1,78 @@
+<?php
+
+class ModelUserAuth extends Model {
+
+   public function checkLogin($username = '', $password = '') {
+
+      $query = $this->db->query("SELECT " . TABLE_USER . ".username, " . TABLE_USER . ".uid, " . TABLE_USER . ".realname, " . TABLE_USER . ".dn, " . TABLE_USER . ".password, " . TABLE_USER . ".isadmin, " . TABLE_USER . ".domain FROM " . TABLE_USER . ", " . TABLE_EMAIL . " WHERE " . TABLE_EMAIL . ".email=? AND " . TABLE_EMAIL . ".uid=" . TABLE_USER . ".uid", array($username));
+
+      if(!isset($query->row['password'])) { return 0; }
+
+      $pass = crypt($password, $query->row['password']);
+
+      if($pass == $query->row['password']){
+
+         $_SESSION['username'] = $query->row['username'];
+         $_SESSION['uid'] = $query->row['uid'];
+         $_SESSION['admin_user'] = $query->row['isadmin'];
+         $_SESSION['email'] = $username;
+         $_SESSION['domain'] = $query->row['domain'];
+         $_SESSION['realname'] = $query->row['realname'];
+
+         $_SESSION['emails'] = $this->model_user_user->get_users_all_email_addresses($query->row['uid']);
+
+         AUDIT(ACTION_LOGIN, $username, '', '', 'successful auth against user table');
+
+         return 1;
+      }
+      else {
+         AUDIT(ACTION_LOGIN_FAILED, $username, '', '', 'failed auth against user table');
+      }
+
+      if(strlen($query->row['dn']) > 3) { return $this->checkLoginAgainstLDAP($query->row, $password); }
+
+      return 0;
+   }
+
+
+   private function checkLoginAgainstLDAP($user = array(), $password = '') {
+      if($password == '' || !isset($user['username']) || !isset($user['domain']) || !isset($user['dn']) || strlen($user['domain']) < 2){ return 0; }
+
+      $query = $this->db->query("SELECT remotehost, basedn FROM " . TABLE_REMOTE . " WHERE remotedomain=?", array($user['domain']));
+
+      if($query->num_rows != 1) { return 0; }
+
+      $ldap = new LDAP($query->row['remotehost'], $user['dn'], $password);
+
+      if($ldap->is_bind_ok()) {
+         $_SESSION['username'] = $user['username'];
+         $_SESSION['admin_user'] = 0;
+         $_SESSION['email'] = $user['username'];
+
+         $this->changePassword($user['username'], $password);
+
+         AUDIT(ACTION_LOGIN, $user['username'], '', '', 'changed password in local table');
+
+         return 1;
+      }
+      else {
+         AUDIT(ACTION_LOGIN_FAILED, $user['username'], '', '', 'failed bind to ' . $query->row['remotehost'], $user['dn']);
+      }
+
+      return 0; 
+   }
+
+
+   public function changePassword($username = '', $password = '') {
+      if($username == "" || $password == ""){ return 0; }
+
+      $query = $this->db->query("UPDATE " . TABLE_USER . " SET password=? WHERE username=?", array(crypt($password), $username));
+
+      $rc = $this->db->countAffected();
+
+      return $rc;
+   }
+
+}
+
+?>
--- a/webui/model/user/import.php
+++ b/webui/model/user/import.php
@ -0,0 +1,344 @@
+<?php
+
+
+class ModelUserImport extends Model {
+
+
+   public function getLdapParameters() {
+      $my_domain = $this->model_user_user->getDomains();
+      $query = $this->db->query("SELECT remotehost, basedn, binddn FROM " . TABLE_REMOTE . " WHERE remotedomain=?", array($my_domain[0]));
+
+      return $query->row;
+   }
+
+
+   public function queryRemoteUsers($host) {
+      $data = array();
+
+      LOGGER("running queryRemoteUsers() ...");
+
+      $attrs = array("cn", "mail", "mailAlternateAddress", "memberdn", "memberaddr");
+      $mailAttr = 'mail';
+      $mailAttrs = array("mail", "mailalternateaddress");
+
+      $memberAttrs = array("memberdn");
+
+      $ldap = new LDAP($host['ldap_host'], $host['ldap_binddn'], $host['ldap_bindpw']);
+      if($ldap->is_bind_ok() == 0) {
+         LOGGER($host['ldap_binddn'] . ": failed bind to " . $host['ldap_host']);
+         return array();
+      }
+
+      LOGGER($host['ldap_binddn'] . ": successful bind to " . $host['ldap_host']);
+      LOGGER("LDAP type: " . $host['type']);
+
+      if($host['type'] == "AD") {
+         $attrs = array("cn", "proxyaddresses", "member");
+
+         $mailAttr = "proxyaddresses";
+         $mailAttrs = array("proxyaddresses");
+
+         $memberAttrs = array("member");
+      }
+
+
+      $query = $ldap->query($host['ldap_basedn'], "$mailAttr=*", $attrs );
+      LOGGER("LDAP query: $mailAttr=* for basedn:" . $host['ldap_basedn']);
+
+      foreach ($query->rows as $result) {
+         $emails = "";
+
+         if(!isset($result['cn']) || !isset($result['dn']) ) { continue; }
+
+         foreach($mailAttrs as $__mail_attr) {
+
+            if(isset($result[$__mail_attr]) ) {
+
+               if(is_array($result[$__mail_attr]) ) {
+
+                  for($i = 0; $i < $result[$__mail_attr]['count']; $i++) {
+                     LOGGER("found email entry: " . $result['dn'] . " => $__mail_attr:" . $result[$__mail_attr][$i]);
+                     if(preg_match("/^smtp\:/i", $result[$__mail_attr][$i])) {
+                        $emails .= strtolower(preg_replace("/^smtp\:/i", "", $result[$__mail_attr][$i])) . "\n";
+                     }
+                  }
+               }
+               else {
+                  LOGGER("found email entry: " . $result['dn'] . " => $__mail_attr:" . $result[$__mail_attr]);
+                  $emails .= strtolower(preg_replace("/smtp\:/i", "", $result[$__mail_attr])) . "\n";
+               }
+
+            }
+
+         }
+
+         $__emails = explode("\n", $emails);
+
+
+         $members = "";
+
+         foreach($memberAttrs as $__member_attr) {
+
+            if(isset($result[$__member_attr]) ) {
+               if(is_array($result[$__member_attr]) ) {
+                  for($i = 0; $i < $result[$__member_attr]['count']; $i++) {
+                     LOGGER("found member entry: " . $result['dn'] . " => $__member_attr:" . $result[$__member_attr][$i]);
+                     $members .= $result[$__member_attr][$i] . "\n";
+                  }
+               }
+               else {
+                  LOGGER("found member entry: " . $result['dn'] . " => $__member_attr:" . $result[$__member_attr]);
+                  $members .= $result[$__member_attr] . "\n";
+               }
+            }
+
+         }
+
+         $data[] = array(
+                         'username'     => preg_replace("/\n{1,}$/", "", $__emails[0]),
+                         'realname'     => $result['cn'],
+                         'dn'           => $result['dn'],
+                         'emails'       => preg_replace("/\n{1,}$/", "", $emails),
+                         'members'      => preg_replace("/\n{1,}$/", "", $members)
+                        );
+
+      }
+
+      LOGGER("found " . count($data) . " users");
+
+      return $data;
+   }
+
+
+
+   public function fillRemoteTable($host = array(), $domain = '') {
+      if($domain == '') { return 0; }
+
+      /*
+       * if the 't_remote' table has no entry for your domain and we read some users
+       * let's put the connection info to the 't_remote' table needed for proxying
+       * the authentication requests
+       */
+
+      $query = $this->db->query("SELECT COUNT(*) AS num FROM " . TABLE_REMOTE . " WHERE remotedomain=?", array($domain));
+
+      if(isset($query->row['num'])) {
+
+         if($query->row['num'] == 0) {
+            $query = $this->db->query("INSERT INTO " . TABLE_REMOTE . " (remotedomain, remotehost, basedn, binddn) VALUES(?,?,?,?)", array($domain, $host['ldap_host'], $host['ldap_basedn'], $host['ldap_binddn']));
+         }
+         else {
+            $query = $this->db->query("UPDATE " . TABLE_REMOTE . " SET remotehost=?, basedn=?, binddn=? WHERE remotedomain=?", array($host['ldap_host'], $host['ldap_basedn'], $host['ldap_binddn'], $domain));
+
+         }
+
+         LOGGER("SQL exec:" . $query->query);
+
+      }
+
+      return 1;
+   }
+
+
+
+   public function processUsers($users = array(), $globals = array()) {
+      $late_add = array();
+      $uids = array();
+      $exclude = array();
+      $newuser = 0;
+      $deleteduser = 0;
+      $n = 0;
+
+      LOGGER("running processUsers() ...");
+
+      /* build a list of DNs to exclude from the import */
+
+      while (list($k, $v) = each($globals)) {
+         if(preg_match("/^reject_/", $k)) {
+            $exclude[$v] = $v;
+         }
+      }
+
+
+      foreach ($users as $_user) {
+         if(strlen($_user['dn']) > DN_MAX_LEN) { LOGGER("ERR: too long entry: " . $_user['dn']); }
+
+         if(in_array($_user['dn'], $exclude) ) {
+            LOGGER("excluding from import:" . $_user['dn']);
+            continue;
+         }
+
+         /* Does this DN exist in the user table ? */
+
+         $__user = $this->model_user_user->getUserByDN($_user['dn']);
+
+         if(isset($__user['uid'])) {
+
+            array_push($uids, $__user['uid']);
+
+
+            /* if so, then verify the email addresses */
+
+            $changed = 0;
+            $emails = $this->model_user_user->getEmailsByUid($__user['uid']);
+
+            /* first let's add the new email addresses */
+
+            $ldap_emails = explode("\n", $_user['emails']);
+            $sql_emails = explode("\n", $emails);
+
+            foreach ($ldap_emails as $email) {
+               if(!in_array($email, $sql_emails)) {
+                  $rc = $this->model_user_user->addEmail($__user['uid'], $email);
+                  $changed++;
+
+                  /* in case of an error add it to the $late_add array() */
+
+                  if($rc == 0) {
+                     $late_add[] = array(
+                                          'uid'   => $__user['uid'],
+                                          'email' => $email
+                                        );
+                  }
+               }
+            }
+
+
+            /* delete emails not present in the user's LDAP entry */
+
+            foreach ($sql_emails as $email) {
+               if(!in_array($email, $ldap_emails)) {
+                  $rc = $this->model_user_user->removeEmail($__user['uid'], $email);
+                  $changed++;
+               }
+            }
+
+            LOGGER($_user['dn'] . ": exists, changed=$changed");
+
+            if($changed > 0) { $n++; }
+         }
+         else {
+
+            /* or add the new user */
+
+            $user = $this->createNewUserArray($_user['dn'], $_user['username'], $_user['realname'], $_user['emails'], $globals);
+            array_push($uids, $user['uid']);
+
+            $rc = $this->model_user_user->addUser($user);
+            if($rc == 1) { $newuser++; }
+         }
+      }
+
+
+      /* add the rest to the email table */
+
+      foreach ($late_add as $new) {
+         $rc = $this->model_user_user->addEmail($new['uid'], $new['email']);
+         if($rc == 1) { $newuser++; }
+      }
+
+
+      /* delete accounts not present in the LDAP directory */
+
+      if(count($uids) > 0) {
+         $uidlist = implode("','", $uids);
+         $query = $this->db->query("SELECT uid, username FROM " . TABLE_USER . " WHERE domain=? AND dn != '*' AND dn LIKE '%" . $globals['ldap_basedn'] . "' AND dn is NOT NULL AND uid NOT IN ('$uidlist')", array($globals['domain']) );
+
+         foreach ($query->rows as $deleted) {
+            $deleteduser++;
+            $this->model_user_user->deleteUser($deleted['uid']);
+         }
+      }
+
+
+      /* try to add new membership entries */
+
+      reset($users);
+
+      foreach ($users as $user) {
+         if($user['members']) {
+
+            $group = $this->model_user_user->getUserByDN($user['dn']);
+
+            $members = explode("\n", $user['members']);
+            if(count($members) > 0) {
+
+               if(isset($group['uid'])) {
+                  $query = $this->db->query("DELETE FROM " . TABLE_EMAIL_LIST . " WHERE gid=?", array($group['uid']) );
+               }
+
+               foreach ($members as $member) {
+                  if(validemail($member)) {
+                     $__user = $this->model_user_user->getUserByEmail($member);
+                  } else {
+                     $__user = $this->model_user_user->getUserByDN($member);
+                  }
+
+                  if(isset($group['uid']) && isset($__user['uid'])) {
+                     $query = $this->db->query("INSERT INTO " . TABLE_EMAIL_LIST . " (uid, gid) VALUES(?,?)", array((int)$__user['uid'], $group['uid']));
+                  }
+
+               }
+            }
+            
+         }
+      }
+
+      return array($newuser, $deleteduser);
+   }
+
+
+   private function createNewUserArray($dn = '', $username = '', $realname = '', $emails = '', $globals = array()) {
+      $user = array();
+
+      $user['uid'] = $this->model_user_user->getNextUid();
+      $user['gid'] = $globals['gid'];
+
+      $user['email'] = $emails;
+
+      if(USE_EMAIL_AS_USERNAME == 1) {
+         $email = explode("\n", $emails);
+         $user['username'] = $email[0];
+      }
+      else {
+         $user['username'] = $username . $user['uid'];
+      }
+
+
+      $user['password'] = '*';
+
+      $user['realname'] = $realname;
+
+      if($realname == '') { $user['realname'] = $username; }
+
+      $user['domain'] = $globals['domain'];
+      $user['dn'] = $dn;
+      $user['policy_group'] = $globals['policy_group'];
+      $user['isadmin'] = 0;
+      $user['whitelist'] = '';
+      $user['blacklist'] = '';
+
+      return $user;
+   }
+
+
+   public function trashPassword($users = array()) {
+      foreach ($users as $user) {
+         $query = $this->db->query("UPDATE " . TABLE_USER . " SET password='*' WHERE dn=?", array($user['dn']));
+         $rc = $this->db->countAffected();
+         LOGGER("setting default password for " . $user['dn'] . " (rc=$rc)");
+      }
+   }
+
+
+   public function count_email_addresses() {
+      $query = $this->db->query("SELECT COUNT(*) AS num FROM " . TABLE_EMAIL);
+
+      if(isset($query->row['num'])) { return $query->row['num']; }
+
+      return 0;
+   }
+
+}
+
+?>
--- a/webui/model/user/prefs.php
+++ b/webui/model/user/prefs.php
@ -0,0 +1,45 @@
+<?php
+
+class ModelUserPrefs extends Model {
+
+   public function get_user_preferences($username = '') {
+      if($username == "") { return 0; }
+
+      $query = $this->db->query("SELECT * FROM " . TABLE_USER_SETTINGS . " WHERE username=?", array($username));
+
+      if(isset($query->row['pagelen'])) { $_SESSION['pagelen'] = $query->row['pagelen']; } else { $_SESSION['pagelen'] = PAGE_LEN; }
+      if(isset($query->row['lang'])) { $_SESSION['lang'] = $query->row['lang']; } else { $_SESSION['lang'] = LANG; }
+      if(isset($query->row['theme'])) { $_SESSION['theme'] = $query->row['theme']; } else { $_SESSION['theme'] = THEME; }
+
+      return 1;
+   }
+
+
+   public function set_user_preferences($username = '', $prefs = array() ) {
+
+      if(!isset($prefs['pagelen']) || !is_numeric($prefs['pagelen']) || $prefs['pagelen'] < 10 || $prefs['pagelen'] > 100
+         || !isset($prefs['lang']) || strlen($prefs['lang']) != 2 || !file_exists(DIR_LANGUAGE . $prefs['lang']) 
+         || !isset($prefs['theme']) || !preg_match("/^([a-zA-Z0-9\-\_]+)$/", $prefs['theme']) || !file_exists(DIR_THEME . $prefs['theme']) ) { return 1; }
+
+      $query = $this->db->query("SELECT COUNT(*) AS num FROM " . TABLE_USER_SETTINGS . " WHERE username=?", array($username));
+
+      if((int)@$query->row['num'] == 1) {
+         $query = $this->db->query("UPDATE " . TABLE_USER_SETTINGS . " SET lang=?, pagelen=?, theme=? WHERE username=?", array($prefs['lang'], (int)@$prefs['pagelen'], $prefs['theme'], $username));
+      }
+      else {
+         $query = $this->db->query("INSERT INTO " . TABLE_USER_SETTINGS . " (username, pagelen, lang, theme) VALUES(?,?,?,?)", array($username, (int)@$prefs['pagelen'], $prefs['lang'], $prefs['theme']));
+      }
+
+
+      $_SESSION['pagelen'] = $prefs['pagelen'];
+      $_SESSION['lang'] = $prefs['lang'];
+      $_SESSION['theme'] = $prefs['theme'];
+
+      LOGGER("set user preference", $username);
+
+      return 1;
+   }
+
+}
+
+?>
--- a/webui/model/user/user.php
+++ b/webui/model/user/user.php
@ -0,0 +1,421 @@
+<?php
+
+class ModelUserUser extends Model {
+
+
+   public function checkUID($uid) {
+      if($uid == "") { return 0; }
+
+      if(!is_numeric($uid)) { return 0; }
+
+      if($uid < 1) { return 0; }
+
+      return 1;
+   }
+
+
+   public function getUidByName($username = '') {
+      if($username == ""){ return -1; }
+
+      $query = $this->db->query("SELECT uid FROM " . TABLE_USER . " WHERE username=?", array($username));
+
+      if(isset($query->row['uid'])){
+         return $query->row['uid'];
+      }
+
+      return -1;
+   }
+
+
+   public function getUsernameByUid($uid = 0) {
+
+      $query = $this->db->query("SELECT username FROM " . TABLE_USER . " WHERE uid=?", array((int)$uid));
+
+      if(isset($query->row['username'])){
+         return $query->row['username'];
+      }
+
+      return "";
+   }
+
+
+   public function get_uid_by_email($email = '') {
+      $query = $this->db->query("SELECT uid FROM " . TABLE_EMAIL . " WHERE email=?", array($email));
+
+      if(isset($query->row['uid'])){ return $query->row['uid']; }
+
+      return -1;
+   }
+
+
+   public function get_username_by_email($email = '') {
+      $query = $this->db->query("SELECT username FROM " . TABLE_USER . ", " . TABLE_EMAIL . " WHERE " . TABLE_USER . ".uid=" . TABLE_EMAIL . ".uid AND email=?", array($email));
+
+      if(isset($query->row['username'])){ return $query->row['username']; }
+
+      return "";
+   }
+
+
+   public function get_users_all_email_addresses($uid = 0) {
+      $data = array();
+      $uids = $uid;
+
+      if($uid > 0) {
+         $query = $this->db->query("SELECT gid FROM " . TABLE_EMAIL_LIST . " WHERE uid=?", array((int)$uid));
+
+         if(isset($query->rows)) {
+            foreach ($query->rows as $q) {
+               if(is_numeric($q['gid']) && $q['gid'] > 0) {
+                  $uids .= "," . $q['gid'];
+               }
+            }
+         }
+
+         $query = $this->db->query("SELECT email FROM " . TABLE_EMAIL . " WHERE uid IN ($uids)");
+         foreach ($query->rows as $q) {
+            array_push($data, $q['email']);
+         }
+      
+      }
+
+      return $data;
+   }
+
+
+   public function get_additional_uids($uid = 0) {
+      $data = array();
+
+      if($uid > 0) {
+         $query = $this->db->query("SELECT gid FROM " . TABLE_EMAIL_LIST . " WHERE uid=?", array((int)$uid));
+
+         if(isset($query->rows)) {
+            foreach ($query->rows as $q) {
+               array_push($data, $q['gid']);
+            }
+         }
+      }
+
+      return $data;
+   }
+
+
+   public function getEmailAddress($username = '') {
+
+      $query = $this->db->query("SELECT " . TABLE_EMAIL . ".email AS email FROM " . TABLE_EMAIL . "," . TABLE_USER . " WHERE " . TABLE_EMAIL . ".uid=" . TABLE_USER . ".uid AND " . TABLE_USER . ".username=? LIMIT 1", array($username));
+
+      if(isset($query->row['email'])){
+         return $query->row['email'];
+      }
+
+      return "";
+   }
+
+
+   public function getEmails($username = '') {
+      $emails = "";
+
+      $query = $this->db->query("SELECT " . TABLE_EMAIL . ".email AS email FROM " . TABLE_EMAIL . "," . TABLE_USER . " WHERE " . TABLE_EMAIL . ".uid=" . TABLE_USER . ".uid AND " . TABLE_USER . ".username=?", array($username));
+
+      foreach ($query->rows as $q) {
+         $emails .= $q['email'] . "\n";
+      }
+
+      return preg_replace("/\n$/", "", $emails);
+   }
+
+
+   public function getEmailsByUid($uid = 0) {
+      $emails = "";
+
+      $query = $this->db->query("SELECT email FROM " . TABLE_EMAIL . " WHERE uid=?", array((int)$uid));
+      foreach ($query->rows as $q) {
+         $emails .= $q['email'] . "\n";
+      }
+
+      return preg_replace("/\n$/", "", $emails);
+   }
+
+
+   public function getUserByDN($dn = '') {
+      if($dn == '') { return array(); }
+
+      $query = $this->db->query("SELECT * FROM " . TABLE_USER . " WHERE dn=?", array($dn));
+
+      if($query->num_rows == 1) {
+         return $query->row;
+      }
+
+      return array();
+   }
+
+
+   public function getUserByUid($uid = 0) {
+      if(!is_numeric($uid) || (int)$uid < 0){
+         return array();
+      }
+
+      $query = $this->db->query("SELECT * FROM " . TABLE_USER . " WHERE uid=?", array((int)$uid));
+
+      return $query->row;
+   }
+
+
+   public function getUserByEmail($email = '') {
+      if($email == '') {
+         return array();
+      }
+
+      $query = $this->db->query("SELECT * FROM " . TABLE_USER . "," . TABLE_EMAIL . " WHERE " . TABLE_USER . ".uid=" . TABLE_EMAIL . ".uid AND email=?", array($email));
+
+      return $query->row;
+   }
+
+
+   public function getUsernameByEmail($email = '') {
+      $username = "";
+
+      if($email == '') { return $username; }
+
+      $query = $this->db->query("SELECT username FROM " . TABLE_USER . " WHERE uid IN (SELECT uid FROM " . TABLE_EMAIL . " WHERE email=?)", array($email));
+
+      if(isset($query->row['username'])) { $username = $query->row['username']; }
+
+      return $username;
+   }
+
+
+   public function getUsers($search = '', $page = 0, $page_len = 0, $sort = 'username', $order = 0) {
+      $where_cond = " WHERE " . TABLE_USER . ".uid=" . TABLE_EMAIL . ".uid ";
+      $_order = "";
+      $users = array();
+      $my_domain = array();
+      $limit = "";
+
+      $from = (int)$page * (int)$page_len;
+
+      $search = preg_replace("/\s{1,}/", "", $search);
+
+      if($search){
+         $where_cond .= " AND email like '%" . $this->db->escape($search) . "%' ";
+      }
+
+      /* sort order */
+
+      if($order == 0) { $order = "ASC"; }
+      else { $order = "DESC"; }
+
+      $_order = "ORDER BY $sort $order";
+
+      if($page_len > 0) { $limit = " LIMIT " . (int)$from . ", " . (int)$page_len; }
+
+      $query = $this->db->query("SELECT " . TABLE_USER . ".uid, isadmin, username, realname, domain, email FROM " . TABLE_USER . "," . TABLE_EMAIL . " $where_cond group by " . TABLE_USER . ".uid $_order $limit");
+
+      foreach ($query->rows as $q) {
+
+         if(Registry::get('admin_user') == 1 || (isset($q['domain']) && $q['domain'] == $my_domain[0]) ) {
+            $users[] = array(
+                          'uid'          => $q['uid'],
+                          'username'     => $q['username'],
+                          'realname'     => $q['realname'],
+                          'domain'       => isset($q['domain']) ? $q['domain'] : "",
+                          'email'        => $q['email'],
+                          'isadmin'      => $q['isadmin']
+                         );
+         }
+
+      }
+
+      return $users;
+   }
+
+
+   public function howManyUsers($search = '') {
+      $where_cond = "";
+
+      if($search){
+         $where_cond .= " WHERE email like '%" . $this->db->escape($search) . "%' ";
+      }
+
+      $query = $this->db->query("SELECT COUNT(*) AS num, uid FROM " . TABLE_EMAIL . " $where_cond group by uid");
+
+      return $query->num_rows;
+   }
+
+
+   public function get_domains() {
+      $data = array();
+
+      $query = $this->db->query("SELECT DISTINCT mapped AS domain FROM " . TABLE_DOMAIN);
+
+      foreach ($query->rows as $q) {
+         array_push($data, $q['domain']);
+      }
+
+      return $data;
+   }
+
+
+   public function get_email_domains() {
+      $data = array();
+
+      $query = $this->db->query("SELECT domain FROM " . TABLE_DOMAIN);
+
+      foreach ($query->rows as $q) {
+         array_push($data, $q['domain']);
+      }
+
+      return $data;
+   }
+
+
+   public function getNextUid() {
+
+      $query = $this->db->query("SELECT MAX(uid) AS last_id FROM " . TABLE_USER);
+
+      if(isset($query->row['last_id']) && $query->row['last_id'] > 0) {
+         return (int)$query->row['last_id'] + 1;
+      }
+
+      return 1;
+   }
+
+
+   public function addUser($user) {
+      LOGGER("add user: " . $user['username'] . ", uid=" . (int)$user['uid']);
+
+      if(!isset($user['domain']) || $user['domain'] == "") { return -1; }
+      if(!isset($user['username']) || $user['username'] == "" || $this->getUidByName($user['username']) > 0) { return -1; }
+
+      $emails = explode("\n", $user['email']);
+      foreach ($emails as $email) {
+         $email = rtrim($email);
+
+         $query = $this->db->query("SELECT COUNT(*) AS count FROM " . TABLE_EMAIL . " WHERE email=?", array($email));
+
+         /* remove from memcached */
+
+         if(MEMCACHED_ENABLED) {
+            $memcache = Registry::get('memcache');
+            $memcache->delete("_c:" . $email);
+         }
+
+         if($query->row['count'] > 0) {
+            return $email;
+         }
+      }
+
+
+      $query = $this->db->query("SELECT COUNT(*) AS count FROM " . TABLE_USER . " WHERE username=?", array($user['username']));
+      if($query->row['count'] > 0) {
+         return $user['username'];
+      }
+
+      $encrypted_password = crypt($user['password']);
+
+      $query = $this->db->query("INSERT INTO " . TABLE_USER . " (uid, username, realname, password, domain, dn, isadmin) VALUES(?,?,?,?,?,?,?)", array((int)$user['uid'], $user['username'], $user['realname'], $encrypted_password, $user['domain'], @$user['dn'], (int)$user['isadmin']));
+
+      if($query->error == 1 || $this->db->countAffected() == 0){ return $user['username']; }
+
+      foreach ($emails as $email) {
+         $email = rtrim($email);
+
+         $ret = $this->addEmail((int)$user['uid'], $email);
+         if($ret == 0) { return -2; }
+      }
+
+
+      return 1;
+   }
+
+
+   public function addEmail($uid = 0, $email = '') {
+      if($uid < 1 || $email == ""){ return 0; }
+
+      $query = $this->db->query("INSERT INTO " . TABLE_EMAIL . " (uid, email) VALUES(?,?)", array((int)$uid, $email));
+
+      $rc = $this->db->countAffected();
+
+      LOGGER("add email: $email, uid=$uid (rc=$rc)");
+
+      return $rc;
+   }
+
+
+   public function removeEmail($uid = 0, $email = '') {
+      if((int)$uid < 1 || $email == ""){ return 0; }
+
+      $query = $this->db->query("DELETE FROM " . TABLE_EMAIL . " WHERE uid=? AND email=?", array((int)$uid, $email));
+
+      $rc = $this->db->countAffected();
+
+      LOGGER("remove email: $email, uid=$uid (rc=$rc)");
+
+      return $rc;
+   }
+
+
+   public function updateUser($user) {
+      LOGGER("update user: " . $user['username'] . ", uid=" . (int)$user['uid']);
+
+      $emails = explode("\n", $user['email']);
+      foreach ($emails as $email) {
+         $email = rtrim($email);
+
+         $query = $this->db->query("SELECT COUNT(*) AS count FROM " . TABLE_EMAIL . " WHERE uid!=? AND email=?", array((int)$user['uid'], $email));
+
+         if($query->row['count'] > 0) {
+            return $email;
+         }
+      }
+
+
+      /* update password field if we have to */
+ 
+      if(strlen($user['password']) >= MIN_PASSWORD_LENGTH) {
+         $query = $this->db->query("UPDATE " . TABLE_USER . " SET password=? WHERE uid=?", array(crypt($user['password']), (int)$user['uid']));
+         if($this->db->countAffected() != 1) { return 0; }
+      }
+
+      $query = $this->db->query("UPDATE " . TABLE_USER . " SET username=?, realname=?, domain=?, dn=?, isadmin=? WHERE uid=?", array($user['username'], $user['realname'], $user['domain'], @$user['dn'], $user['isadmin'], (int)$user['uid']));
+
+
+      /* first, remove all his email addresses */
+
+      $query = $this->db->query("DELETE FROM " . TABLE_EMAIL . " WHERE uid=?", array((int)$user['uid']));
+
+      /* then add all the emails we have from the CGI post input */
+
+      foreach ($emails as $email) {
+         $email = rtrim($email);
+         $query = $this->db->query("INSERT INTO " . TABLE_EMAIL . " (uid, email) VALUES(?,?)", array((int)$user['uid'], $email));
+
+         /* remove from memcached */
+
+         if(MEMCACHED_ENABLED) {
+            $memcache = Registry::get('memcache');
+            $memcache->delete("_c:" . $email);
+         }
+
+      }
+
+      return 1;
+   }
+
+
+   public function deleteUser($uid) {
+      if(!$this->checkUID($uid)){ return 0; }
+
+      $query = $this->db->query("DELETE FROM " . TABLE_EMAIL . " WHERE uid=?", array((int)$uid));
+      $query = $this->db->query("DELETE FROM " . TABLE_USER . " WHERE uid=?", array((int)$uid));
+
+      LOGGER("remove user: uid=$uid");
+
+      return 1;
+   }
+
+
+
+}
+
+?>