- fixed explanation info text in aauth config

REJack · REJack · commit fe89cdb861d6 · 2016-05-30T19:58:08.000+02:00
- added `pm_cleanup_max_age`-config_var
 - added 2 files (`pm_deleted_sender` &amp; `pm_deleted_receiver`) in pm table
 - changed `list_pms()` to catch only not deleted pm's
 - changed `delete_pm()` now it need a user_id to delete a pm (like `get_pm()`)
 - changed `delete_pm()` sender's can now detete pm's from outbox
 - changed `count_unread_pms()` it counts now only not deleted pm's.
 - added `cleanup_pms()` removes pms older than X defined by `pm_cleanup_max_age`-config_var
diff --git a/application/config/aauth.php b/application/config/aauth.php
@@ -5,139 +5,148 @@
 | -------------------------------------------------------------------
 | Aauth Config
 | -------------------------------------------------------------------
-| A library Basic Authorization for CodeIgniter 2+
+| A library Basic Authorization for CodeIgniter 2.x and 3.x
 |
 | -------------------------------------------------------------------
 | EXPLANATION
 | -------------------------------------------------------------------
 |
-|	See http://codeigniter-aauth-test.readthedocs.org/en/latest/
-|	for more details and explainations
+|   ['no_permission']                   If user don't have permisssion to see the page he will be redirected the page spesificed.
 |
+|   ['admin_group']                     Name of admin group
+|   ['default_group']                   Name of default group, the new user is added in it
+|   ['public_group']                    Public group , people who not logged in
 |
-| 	['no_permission']                  	If user don't have permisssion to see the page he will be redirected the page spesificed.
+|   ['db_profile']                      The configuration database profile (definied in config/database.php)
 |
-| 	['admin_group']                    	Name of admin group
-| 	['default_group']                  	Name of default group, the new user is added in it
-| 	['public_group']                   	Public group , people who not logged in
+|   ['users']                           The table which contains users
+|   ['groups']                          The table which contains groups
+|   ['user_to_group']                   The table which contains join of users and groups
+|   ['perms']                           The table which contains permissions
+|   ['perm_to_group']                   The table which contains permissions for groups
+|   ['perm_to_user']                    The table which contains permissions for users
+|   ['pms']                             The table which contains private messages
+|   ['user_variables']                  The table which contains users variables
+|   ['login_attempts']                  The table which contains login attempts
 |
-| 	['db_profile']                     	The configuration database profile (see config/database.php)
+|   ['remember']                        Remember time (in relative format) elapsed after connecting and automatic LogOut for usage with Cookies
+|                                       Relative Format (e.g. '+ 1 week', '+ 1 month', '+ first day of next month') 
+|                                       for details see http://php.net/manual/de/datetime.formats.relative.php
+|                                       !!IMPORTANT!! If you use Session instead of Cookies, 
+|                                       remember time is definied by 'sess_expiration' in config/config.php
 |
-| 	['users']                          	The table which contains users
-| 	['groups']                         	The table which contains groups
-| 	['user_to_group']                  	The table which contains join of users and groups
-| 	['perms']                          	The table which contains permissions
-| 	['perm_to_group']                  	The table which contains permissions for groups
-| 	['perm_to_user']                   	The table which contains permissions for users
-| 	['pms']                            	The table which contains private messages
-| 	['user_variables']                 	The table which contains users variables
-| 	['login_attempts']                 	The table which contains login attempts
+|   ['max']                             Maximum char long for Password
+|   ['min']                             Minimum char long for Password
 |
-| 	['remember']                       	Remember time elapsed after connecting and automatic LogOut
+|   ['additional_valid_chars']          Additional valid chars for username. Non alphanumeric characters that are allowed by default
 |
-| 	['max']                            	Maximum char long for Password
-| 	['min']                            	Minimum char long for Password
+|   ['ddos_protection']                 If it is true, the user will be banned temporary when he exceed the login 'try'
 |
-| 	['additional_valid_chars']          Additional valid chars for username. Non alphanumeric characters that are allowed by default
+|   ['recaptcha_active']                Enable reCAPTCHA (for details see www.google.com/recaptcha/admin)
+|   ['recaptcha_login_attempts']        Login Attempts to display reCAPTCHA
+|   ['recaptcha_siteKey']               The reCAPTCHA siteKey
+|   ['recaptcha_secret']                The reCAPTCHA secretKey
 |
-| 	['ddos_protection']                	If it is true, the user will be banned temporary when he exceed the login 'try'
+|   ['totp_active']                     The Time-based One-time Password Algorithm
+|   ['totp_only_on_ip_change']          TOTP only on IP Change
+|   ['totp_reset_over_reset_password']  TOTP reset over reset Password
+|   ['totp_two_step_login']             Enables/Disables TOTP two step login 
+|   ['totp_two_step_login_redirect']    Redirect path to TOTP Verification page used by control() & is_allowed()
 |
-| 	['recaptcha_active']               	Enable reCAPTCHA (see www.google.com/recaptcha/admin)
-| 	['recaptcha_login_attempts']       	:
-| 	['recaptcha_siteKey']              	The reCAPTCHA siteKey
-| 	['recaptcha_secret']               	The reCAPTCHA secretKey
+|   ['max_login_attempt']               Login attempts time interval (default 10 times in one hour)
+|   ['max_login_attempt_time_period']   Period of time for max login attempts (default "5 minutes")
+|   ['remove_successful_attempts']      Enables/Disables removing login attempt after successful login
 |
-| 	['totp_active']                    	The Time-based One-time Password Algorithm
-| 	['totp_only_on_ip_change']         	TOTP only on IP Change
-| 	['totp_reset_over_reset_password'] 	TOTP reset over reset Password
-| 	['totp_two_step_login']             Enables/Disables TOTP two step login 
-| 	['totp_two_step_login_redirect']    Redirect path to TOTP Verification page used by control() & is_allowed()
+|   ['login_with_name']                 Login Identificator, if TRUE username needed to login else email address.
 |
-| 	['max_login_attempt']              	Login attempts time interval (default 10 times in one hour)
-| 	['max_login_attempt_time_period']   Period of time for max login attempts (default "5 minutes")
-| 	['remove_successful_attempts']      Enables/Disables removing login attempt after successful login
+|   ['use_cookies']                     FALSE only on CI3
 |
-| 	['login_with_name']                	Login Identificator, if TRUE username needed to login else email address.
+|   ['email']                           Sender email address, used for remind_password, send_verification and reset_password
+|   ['name']                            Sender name, used for remind_password, send_verification and reset_password
 |
-| 	['use_cookies']                    	FALSE only on CI3
+|   ['verification']                    User Verification, if TRUE sends a verification email on account creation.
+|   ['verification_link']               Link for verification without site_url or base_url
+|   ['reset_password_link']             Link for reset_password without site_url or base_url
 |
-| 	['email']                          	Sender email address, used for remind_password, send_verification and reset_password
-| 	['name']                           	Sender name, used for remind_password, send_verification and reset_password
-|
-| 	['verification']                   	User Verification, if TRUE sends a verification email on account creation.
-| 	['verification_link']              	Link for verification without site_url or base_url
-| 	['reset_password_link']            	Link for reset_password without site_url or base_url
-|
-|	['hash']                            Name of selected hashing algorithm (e.g. "md5", "sha256", "haval160,4", etc..)
+|   ['hash']                            Name of selected hashing algorithm (e.g. "md5", "sha256", "haval160,4", etc..)
 |                                       Please, run hash_algos() for know your all supported algorithms
-| 	['use_password_hash']               True to use PHP's own password_hash() function with BCrypt, needs PHP5.5 or higher
-| 	['password_hash_algo']              password_hash algorithm (PASSWORD_DEFAULT, PASSWORD_BCRYPT) for details see http://php.net/manual/de/password.constants.php
-| 	['password_hash_options']           password_hash options array for details see http://php.net/manual/en/function.password-hash.php
+|   ['use_password_hash']               True to use PHP's own password_hash() function with BCrypt, needs PHP5.5 or higher
+|   ['password_hash_algo']              password_hash algorithm (PASSWORD_DEFAULT, PASSWORD_BCRYPT) 
+|                                       for details see http://php.net/manual/de/password.constants.php
+|   ['password_hash_options']           password_hash options array 
+|                                       for details see http://php.net/manual/en/function.password-hash.php
+|
+|   ['pm_encryption']                   Enables/Disables PM Encryption, needs configured CI Encryption Class.
+|                                       for details see: http://www.codeigniter.com/userguide2/libraries/encryption.html
+|   ['pm_cleanup_max_age']              PM Cleanup max age (in relative format), PM's are older than max age get deleted with 'cleanup_pms()'
+|                                       Relative Format (e.g. '2 week', '1 month') 
+|                                       for details see http://php.net/manual/de/datetime.formats.relative.php
 |
 */
 $config_aauth = array();
 
 $config_aauth["default"] = array(
-	'no_permission'                  => FALSE,
+ 'no_permission'                  => FALSE,
 
-	'admin_group'                    => 'admin',
-	'default_group'                  => 'default',
-	'public_group'                   => 'public',
+ 'admin_group'                    => 'admin',
+ 'default_group'                  => 'default',
+ 'public_group'                   => 'public',
 
-	'db_profile'                     => 'default',
+ 'db_profile'                     => 'default',
 
-	'users'                          => 'aauth_users',
-	'groups'                         => 'aauth_groups',
-	'group_to_group'                 => 'aauth_group_to_group',
-	'user_to_group'                  => 'aauth_user_to_group',
-	'perms'                          => 'aauth_perms',
-	'perm_to_group'                  => 'aauth_perm_to_group',
-	'perm_to_user'                   => 'aauth_perm_to_user',
-	'pms'                            => 'aauth_pms',
-	'user_variables'                 => 'aauth_user_variables',
-	'login_attempts'                 => 'aauth_login_attempts',
+ 'users'                          => 'aauth_users',
+ 'groups'                         => 'aauth_groups',
+ 'group_to_group'                 => 'aauth_group_to_group',
+ 'user_to_group'                  => 'aauth_user_to_group',
+ 'perms'                          => 'aauth_perms',
+ 'perm_to_group'                  => 'aauth_perm_to_group',
+ 'perm_to_user'                   => 'aauth_perm_to_user',
+ 'pms'                            => 'aauth_pms',
+ 'user_variables'                 => 'aauth_user_variables',
+ 'login_attempts'                 => 'aauth_login_attempts',
 
-	'remember'                       => ' +3 days',
+ 'remember'                       => ' +3 days',
 
-	'max'                            => 13,
-	'min'                            => 5,
+ 'max'                            => 13,
+ 'min'                            => 5,
 
-	'additional_valid_chars'         => array(),
+ 'additional_valid_chars'         => array(),
 
-	'ddos_protection'                => true,
+ 'ddos_protection'                => true,
 
-	'recaptcha_active'               => false,
-	'recaptcha_login_attempts'       => 4,
-	'recaptcha_siteKey'              => '',
-	'recaptcha_secret'               => '',
+ 'recaptcha_active'               => false,
+ 'recaptcha_login_attempts'       => 4,
+ 'recaptcha_siteKey'              => '',
+ 'recaptcha_secret'               => '',
 
-	'totp_active'                    => false,
-	'totp_only_on_ip_change'         => false,
-	'totp_reset_over_reset_password' => false,
-	'totp_two_step_login_active'     => false,
-	'totp_two_step_login_redirect'   => '/account/twofactor_verification/',
+ 'totp_active'                    => false,
+ 'totp_only_on_ip_change'         => false,
+ 'totp_reset_over_reset_password' => false,
+ 'totp_two_step_login_active'     => false,
+ 'totp_two_step_login_redirect'   => '/account/twofactor_verification/',
 
-	'max_login_attempt'              => 10,
-	'max_login_attempt_time_period'  => "5 minutes",
-	'remove_successful_attempts'     => true,
+ 'max_login_attempt'              => 10,
+ 'max_login_attempt_time_period'  => "5 minutes",
+ 'remove_successful_attempts'     => true,
 
-	'login_with_name'                => false,
+ 'login_with_name'                => false,
 
-	'use_cookies'                    => true,
+ 'use_cookies'                    => true,
 
-	'email'                          => 'admin@admin.com',
-	'name'                           => 'Emre Akay',
+ 'email'                          => 'admin@admin.com',
+ 'name'                           => 'Emre Akay',
 
-	'verification'                   => false,
-	'verification_link'              => '/account/verification/',
-	'reset_password_link'            => '/account/reset_password/',
+ 'verification'                   => false,
+ 'verification_link'              => '/account/verification/',
+ 'reset_password_link'            => '/account/reset_password/',
 
-	'hash'                           => 'sha256',
-	'use_password_hash'              => false,
-	'password_hash_algo'             => PASSWORD_DEFAULT,
-	'password_hash_options'          => array(),
+ 'hash'                           => 'sha256',
+ 'use_password_hash'              => false,
+ 'password_hash_algo'             => PASSWORD_DEFAULT,
+ 'password_hash_options'          => array(),
 
-	'pm_encryption'                  => false
+ 'pm_encryption'                  => false,
+ 'pm_cleanup_max_age'             => "6 months",
 );
 
 $config['aauth'] = $config_aauth['default'];
diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php
@@ -1963,14 +1963,14 @@ public function send_pms( $sender_id, $receiver_ids, $title, $message ){
 	 * @param int $receiver_id User id of private message receiver
 	 * @return object Array of private messages
 	 */
-	public function list_pms($limit=5, $offset=0, $receiver_id = FALSE, $sender_id=FALSE){
-
-		if ( $receiver_id != FALSE){
+	public function list_pms($limit=5, $offset=0, $receiver_id=NULL, $sender_id=NULL){
+		if (is_numeric($sender_id)){
 			$query = $this->aauth_db->where('receiver_id', $receiver_id);
+			$query = $this->aauth_db->where('pm_deleted_receiver', 0);
 		}
-
-		if( $sender_id != FALSE ){
+		if (is_numeric($sender_id)){
 			$query = $this->aauth_db->where('sender_id', $sender_id);
+			$query = $this->aauth_db->where('pm_deleted_sender', 0);
 		}
 
 		$query = $this->aauth_db->order_by('id','DESC');
@@ -1991,7 +1991,7 @@ public function get_pm($pm_id, $user_id = NULL, $set_as_read = TRUE){
 		if(!$user_id){
 			$user_id = $this->CI->session->userdata('id');
 		}
-		if( !is_numeric($user_id)){
+		if( !is_numeric($user_id) || !is_numeric($pm_id)){
 			$this->error( $this->CI->lang->line('aauth_error_no_pm') );
 			return FALSE;
 		}
@@ -2028,9 +2028,46 @@ public function get_pm($pm_id, $user_id = NULL, $set_as_read = TRUE){
 	 * @param int $pm_id Private message id to be deleted
 	 * @return bool Delete success/failure
 	 */
-	public function delete_pm($pm_id){
-		
-		return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id) );
+	public function delete_pm($pm_id, $user_id = NULL){
+		if(!$user_id){
+			$user_id = $this->CI->session->userdata('id');
+		}
+		if( !is_numeric($user_id) || !is_numeric($pm_id)){
+			$this->error( $this->CI->lang->line('aauth_error_no_pm') );
+			return FALSE;
+		}
+
+		$query = $this->aauth_db->where('id', $pm_id);
+		$query = $this->aauth_db->where('receiver_id', $user_id);
+		$query = $this->aauth_db->or_where('sender_id', $user_id);
+		$query = $this->aauth_db->get( $this->config_vars['pms'] );
+		$result = $query->row();
+		if ($user_id == $result->sender_id){
+			if($result->pm_deleted_receiver == 1){
+				return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id));			
+			}
+			
+			return $this->aauth_db->update( $this->config_vars['pms'], array('pm_deleted_sender'=>1), array('id' => $pm_id));			
+		}else if ($user_id == $result->result->receiver_id){
+			if($result->pm_deleted_sender == 1){
+				return $this->aauth_db->delete( $this->config_vars['pms'], array('id' => $pm_id));			
+			}
+
+			return $this->aauth_db->update( $this->config_vars['pms'], array('pm_deleted_receiver'=>1), array('id' => $pm_id) );
+		}
+	}
+
+	/**
+	 * Cleanup PMs 
+	 * Removes PMs older than 'pm_cleanup_max_age' (definied in aauth config).
+	 * recommend for a cron job
+	 */
+	public function cleanup_pms(){
+		$pm_cleanup_max_age = $this->config_vars['pm_cleanup_max_age'];
+		$date_sent = date('Y-m-d H:i:s', strtotime("now -".$pm_cleanup_max_age));
+		$this->aauth_db->where('date_sent <', $date_sent);
+
+		return $this->aauth_db->delete($this->config_vars['pms']);			
 	}
 
 	//tested
@@ -2047,6 +2084,7 @@ public function count_unread_pms($receiver_id=FALSE){
 		}
 
 		$query = $this->aauth_db->where('receiver_id', $receiver_id);
+		$query = $this->aauth_db->where('pm_deleted_receiver', 0);
 		$query = $this->aauth_db->where('date_read', NULL);
 		$query = $this->aauth_db->get( $this->config_vars['pms'] );
 
diff --git a/sql/Aauth_v2.sql b/sql/Aauth_v2.sql
@@ -77,6 +77,8 @@ CREATE TABLE `aauth_pms` (
   `message` text,
   `date_sent` datetime DEFAULT NULL,
   `date_read` datetime DEFAULT NULL,
+  `pm_deleted_sender` int(1) DEFAULT '0',
+  `pm_deleted_receiver` int(1) DEFAULT '0',
   PRIMARY KEY (`id`),
   KEY `full_index` (`id`,`sender_id`,`receiver_id`,`date_read`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
diff --git a/sql/Aauth_v2_BCrypt.sql b/sql/Aauth_v2_BCrypt.sql
@@ -77,6 +77,8 @@ CREATE TABLE `aauth_pms` (
   `message` text,
   `date_sent` datetime DEFAULT NULL,
   `date_read` datetime DEFAULT NULL,
+  `pm_deleted_sender` int(1) DEFAULT '0',
+  `pm_deleted_receiver` int(1) DEFAULT '0',
   PRIMARY KEY (`id`),
   KEY `full_index` (`id`,`sender_id`,`receiver_id`,`date_read`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
