2015-04-02 13:24:05 +00:00
< ? php
2016-02-03 22:22:56 +00:00
/**
* Holds various functions to interface with users .
2016-02-05 11:20:33 +00:00
*
2016-02-03 22:22:56 +00:00
* @ package Sakura
*/
2015-04-02 13:24:05 +00:00
namespace Sakura ;
2015-12-29 21:52:19 +00:00
use Sakura\Perms\Site ;
2015-10-18 19:06:30 +00:00
/**
2016-02-02 21:04:15 +00:00
* User management
2016-02-05 11:20:33 +00:00
*
2015-10-18 19:06:30 +00:00
* @ package Sakura
2016-02-02 21:04:15 +00:00
* @ author Julian van de Groep < me @ flash . moe >
2015-10-18 19:06:30 +00:00
*/
2015-09-14 20:51:23 +00:00
class Users
{
2016-02-02 21:04:15 +00:00
/**
* Check if a user is logged in
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param int $uid The user ID .
* @ param string $sid The session ID .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array | bool Either false or the ID and session in an array .
*/
2015-10-17 20:58:51 +00:00
public static function checkLogin ( $uid = null , $sid = null )
2015-09-14 20:51:23 +00:00
{
2015-10-17 20:58:51 +00:00
// Assign $uid and $sid
2015-12-04 14:19:10 +00:00
$uid = $uid ? $uid : ( isset ( $_COOKIE [ Config :: get ( 'cookie_prefix' ) . 'id' ])
? $_COOKIE [ Config :: get ( 'cookie_prefix' ) . 'id' ]
2015-10-17 20:58:51 +00:00
: 0 );
2015-12-04 14:19:10 +00:00
$sid = $sid ? $sid : ( isset ( $_COOKIE [ Config :: get ( 'cookie_prefix' ) . 'session' ])
? $_COOKIE [ Config :: get ( 'cookie_prefix' ) . 'session' ]
2015-10-17 20:58:51 +00:00
: 0 );
2015-08-23 22:08:36 +00:00
2015-10-17 20:58:51 +00:00
// Get session
2015-10-18 01:50:50 +00:00
$session = new Session ( $uid , $sid );
// Validate the session
$sessionValid = $session -> validate ();
2015-04-17 22:14:31 +00:00
2015-12-29 21:52:19 +00:00
// Get user object
$user = User :: construct ( $uid );
2015-09-15 20:37:29 +00:00
// Check if the session exists and check if the user is activated
2015-12-29 21:52:19 +00:00
if ( $sessionValid == 0 || $user -> permission ( Site :: DEACTIVATED )) {
2015-09-15 20:37:29 +00:00
// Unset User ID
setcookie (
2015-12-04 14:19:10 +00:00
Config :: get ( 'cookie_prefix' ) . 'id' ,
2015-09-15 20:37:29 +00:00
0 ,
time () - 60 ,
2016-02-02 21:04:15 +00:00
Config :: get ( 'cookie_path' )
2015-09-15 20:37:29 +00:00
);
// Unset Session ID
setcookie (
2015-12-04 14:19:10 +00:00
Config :: get ( 'cookie_prefix' ) . 'session' ,
2015-09-15 20:37:29 +00:00
'' ,
time () - 60 ,
2016-02-02 21:04:15 +00:00
Config :: get ( 'cookie_path' )
2015-09-15 20:37:29 +00:00
);
2015-09-05 16:11:04 +00:00
2015-06-04 12:41:55 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-04-17 22:14:31 +00:00
// Extend the cookie times if the remember flag is set
2015-10-18 01:50:50 +00:00
if ( $sessionValid == 2 ) {
2015-09-14 21:41:43 +00:00
// User ID cookie
setcookie (
2015-12-04 14:19:10 +00:00
Config :: get ( 'cookie_prefix' ) . 'id' ,
2015-09-14 21:41:43 +00:00
$uid ,
time () + 604800 ,
2016-02-02 21:04:15 +00:00
Config :: get ( 'cookie_path' )
2015-09-14 21:41:43 +00:00
);
// Session ID cookie
setcookie (
2015-12-04 14:19:10 +00:00
Config :: get ( 'cookie_prefix' ) . 'session' ,
2015-09-14 21:41:43 +00:00
$sid ,
time () + 604800 ,
2016-02-02 21:04:15 +00:00
Config :: get ( 'cookie_path' )
2015-09-14 21:41:43 +00:00
);
2015-04-17 22:14:31 +00:00
}
2015-04-27 00:41:59 +00:00
// Update last online
2016-02-25 16:06:29 +00:00
DBv2 :: prepare ( 'UPDATE `{prefix}users` SET `user_last_online` = :lo WHERE `user_id` = :id' )
2016-02-18 23:28:44 +00:00
-> execute ([
'lo' => time (),
'id' => $uid ,
2015-04-27 00:41:59 +00:00
]);
2015-07-01 14:29:12 +00:00
// Update the premium meta
2015-09-14 20:51:23 +00:00
self :: updatePremiumMeta ( $uid );
2015-07-01 14:29:12 +00:00
2015-04-17 22:14:31 +00:00
// If everything went through return true
2015-10-18 01:50:50 +00:00
return [ $uid , $sid ];
2015-04-02 13:24:05 +00:00
}
2016-02-02 21:04:15 +00:00
/**
* Log in to an account .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param string $username The username .
* @ param string $password The password .
* @ param bool $remember Stay logged in " forever " ?
* @ param bool $cookies Set cookies ?
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array Return the status .
*/
2015-09-14 20:51:23 +00:00
public static function login ( $username , $password , $remember = false , $cookies = true )
{
2015-04-24 19:31:09 +00:00
// Check if authentication is disallowed
2015-12-04 14:19:10 +00:00
if ( Config :: get ( 'lock_authentication' )) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-10-22 14:24:18 +00:00
// Check if we haven't hit the rate limit
2016-02-25 16:06:29 +00:00
$rates = DBv2 :: prepare ( 'SELECT * FROM `{prefix}login_attempts` WHERE `attempt_ip` = :ip AND `attempt_timestamp` > :time AND `attempt_success` = 0' );
2016-02-18 23:28:44 +00:00
$rates -> execute ([
'ip' => Net :: pton ( Net :: IP ()),
'time' => time () - 1800 ,
2015-10-22 14:24:18 +00:00
]);
2016-02-18 23:28:44 +00:00
$rates = $rates -> fetchAll ( \PDO :: FETCH_ASSOC );
2015-10-22 14:24:18 +00:00
if ( count ( $rates ) > 4 ) {
return [ 0 , 'RATE_LIMIT' ];
}
2015-04-08 19:27:51 +00:00
// Check if the user that's trying to log in actually exists
2015-09-14 20:51:23 +00:00
if ( ! $uid = self :: userExists ( $username , false )) {
2015-04-08 19:27:51 +00:00
return [ 0 , 'USER_NOT_EXIST' ];
2015-09-05 16:11:04 +00:00
}
2015-04-08 19:27:51 +00:00
// Get account data
2015-12-29 01:27:49 +00:00
$user = User :: construct ( $uid );
2015-04-08 19:27:51 +00:00
// Validate password
2016-01-17 01:58:31 +00:00
switch ( $user -> passwordAlgo ) {
2015-12-31 14:51:01 +00:00
// Disabled
case 'disabled' :
2015-08-10 02:01:07 +00:00
return [ 0 , 'NO_LOGIN' ];
2015-04-18 18:26:52 +00:00
2015-08-10 02:01:07 +00:00
// Default hashing method
default :
2015-09-14 21:41:43 +00:00
if ( ! Hashing :: validatePassword ( $password , [
2016-01-17 01:58:31 +00:00
$user -> passwordAlgo ,
$user -> passwordIter ,
$user -> passwordSalt ,
$user -> passwordHash ,
2015-08-10 02:01:07 +00:00
])) {
2016-01-17 01:58:31 +00:00
return [ 0 , 'INCORRECT_PASSWORD' , $user -> id , $user -> passwordChan ];
2015-08-10 02:01:07 +00:00
}
2015-04-08 19:27:51 +00:00
}
2015-05-29 19:27:45 +00:00
// Check if the user has the required privs to log in
2015-12-29 21:52:19 +00:00
if ( $user -> permission ( Site :: DEACTIVATED )) {
2016-01-17 01:58:31 +00:00
return [ 0 , 'NOT_ALLOWED' , $user -> id ];
2015-09-05 16:11:04 +00:00
}
2015-04-12 13:33:59 +00:00
// Create a new session
2016-01-17 01:58:31 +00:00
$session = new Session ( $user -> id );
2015-10-18 01:50:50 +00:00
// Generate a session key
$sessionKey = $session -> create ( $remember );
2015-04-12 13:33:59 +00:00
// Set cookies
2015-09-14 20:51:23 +00:00
if ( $cookies ) {
2015-09-14 21:41:43 +00:00
// User ID cookie
setcookie (
2015-12-04 14:19:10 +00:00
Config :: get ( 'cookie_prefix' ) . 'id' ,
2016-01-17 01:58:31 +00:00
$user -> id ,
2015-09-14 21:41:43 +00:00
time () + 604800 ,
2016-02-02 21:04:15 +00:00
Config :: get ( 'cookie_path' )
2015-09-14 21:41:43 +00:00
);
// Session ID cookie
setcookie (
2015-12-04 14:19:10 +00:00
Config :: get ( 'cookie_prefix' ) . 'session' ,
2015-09-14 21:41:43 +00:00
$sessionKey ,
time () + 604800 ,
2016-02-02 21:04:15 +00:00
Config :: get ( 'cookie_path' )
2015-09-14 21:41:43 +00:00
);
2015-05-24 22:06:53 +00:00
}
2015-04-12 13:33:59 +00:00
2015-04-08 19:27:51 +00:00
// Successful login! (also has a thing for the legacy password system)
2016-01-17 01:58:31 +00:00
return [ 1 , 'LOGIN_SUCCESS' , $user -> id ];
2015-04-08 19:27:51 +00:00
}
2016-02-02 21:04:15 +00:00
/**
* Logout
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return bool Was the logout successful ?
*/
2015-09-14 20:51:23 +00:00
public static function logout ()
{
2015-04-17 22:14:31 +00:00
// Check if user is logged in
2015-10-18 19:06:30 +00:00
if ( ! $check = self :: checkLogin ()) {
2015-04-17 22:14:31 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-10-18 19:06:30 +00:00
// Destroy the active session
( new Session ( $check [ 0 ], $check [ 1 ])) -> destroy ();
2015-09-05 16:11:04 +00:00
2015-09-15 20:37:29 +00:00
// Unset User ID
2015-09-14 21:41:43 +00:00
setcookie (
2015-12-04 14:19:10 +00:00
Config :: get ( 'cookie_prefix' ) . 'id' ,
2015-09-14 21:41:43 +00:00
0 ,
time () - 60 ,
2016-02-02 21:04:15 +00:00
Config :: get ( 'cookie_path' )
2015-09-14 21:41:43 +00:00
);
2015-09-15 20:37:29 +00:00
// Unset Session ID
2015-09-14 21:41:43 +00:00
setcookie (
2015-12-04 14:19:10 +00:00
Config :: get ( 'cookie_prefix' ) . 'session' ,
2015-09-14 21:41:43 +00:00
'' ,
time () - 60 ,
2016-02-02 21:04:15 +00:00
Config :: get ( 'cookie_path' )
2015-09-14 21:41:43 +00:00
);
2015-04-17 22:14:31 +00:00
// Return true indicating a successful logout
return true ;
2015-04-13 10:14:59 +00:00
}
2016-02-02 21:04:15 +00:00
/**
* Register a new account .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param string $username The username .
* @ param string $password The password .
* @ param string $confirmpass The password , again .
* @ param string $email The e - mail .
* @ param bool $tos Agreeing to the ToS .
* @ param string $captcha Captcha .
* @ param string $regkey Registration key ( unused ) .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array Status .
*/
2015-09-14 20:51:23 +00:00
public static function register ( $username , $password , $confirmpass , $email , $tos , $captcha = null , $regkey = null )
{
2015-04-24 19:31:09 +00:00
// Check if authentication is disallowed
2015-12-04 14:19:10 +00:00
if ( Config :: get ( 'lock_authentication' )) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Check if registration is even enabled
2015-12-04 14:19:10 +00:00
if ( Config :: get ( 'disable_registration' )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'DISABLED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Check if the user agreed to the ToS
2015-09-14 20:51:23 +00:00
if ( ! $tos ) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'TOS' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Verify the captcha if it's enabled
2015-12-04 14:19:10 +00:00
if ( Config :: get ( 'recaptcha' )) {
2016-01-17 01:58:31 +00:00
if ( ! Utils :: verifyCaptcha ( $captcha )[ 'success' ]) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'CAPTCHA_FAIL' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
}
// Check if the username already exists
2015-09-14 20:51:23 +00:00
if ( self :: userExists ( $username , false )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'USER_EXISTS' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Username too short
2015-12-04 14:19:10 +00:00
if ( strlen ( $username ) < Config :: get ( 'username_min_length' )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'NAME_TOO_SHORT' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Username too long
2015-12-04 14:19:10 +00:00
if ( strlen ( $username ) > Config :: get ( 'username_max_length' )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'NAME_TOO_LONG' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Check if the given email address is formatted properly
2015-09-14 20:51:23 +00:00
if ( ! filter_var ( $email , FILTER_VALIDATE_EMAIL )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'INVALID_EMAIL' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Check the MX record of the email
2016-01-17 01:58:31 +00:00
if ( ! Utils :: checkMXRecord ( $email )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'INVALID_MX' ];
2015-09-05 16:11:04 +00:00
}
2016-01-09 21:57:54 +00:00
// Check if the e-mail has already been used
2016-02-25 16:06:29 +00:00
$emailCheck = DBv2 :: prepare ( 'SELECT `user_id` FROM `{prefix}users` WHERE `email` = :email' );
2016-02-18 23:28:44 +00:00
$emailCheck -> execute ([
'email' => $email ,
]);
if ( $emailCheck -> rowCount () > 0 ) {
2016-01-09 21:57:54 +00:00
return [ 0 , 'EMAIL_EXISTS' ];
}
2015-04-24 19:31:09 +00:00
// Check password entropy
2016-01-17 01:58:31 +00:00
if ( Utils :: pwdEntropy ( $password ) < Config :: get ( 'min_entropy' )) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'PASS_TOO_SHIT' ];
2015-09-05 16:11:04 +00:00
}
2015-04-24 19:31:09 +00:00
// Passwords do not match
2015-09-14 20:51:23 +00:00
if ( $password != $confirmpass ) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'PASS_NOT_MATCH' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Set a few variables
2015-12-04 14:19:10 +00:00
$requireActive = Config :: get ( 'require_activation' );
2016-01-04 20:14:09 +00:00
$ranks = $requireActive ? [ 1 ] : [ 2 ];
2015-04-18 18:26:52 +00:00
2016-01-04 20:14:09 +00:00
// Create the user
$user = User :: create ( $username , $password , $email , $ranks );
2015-04-18 18:26:52 +00:00
// Check if we require e-mail activation
2015-09-14 20:51:23 +00:00
if ( $requireActive ) {
2015-04-18 18:26:52 +00:00
// Send activation e-mail to user
2016-01-17 01:58:31 +00:00
self :: sendActivationMail ( $user -> id );
2015-04-18 18:26:52 +00:00
}
// Return true with a specific message if needed
return [ 1 , ( $requireActive ? 'EMAILSENT' : 'SUCCESS' )];
}
2016-02-02 21:04:15 +00:00
/**
* Send password forgot e - mail
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param string $username The username .
* @ param string $email The e - mail .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array The status .
*/
2015-09-14 20:51:23 +00:00
public static function sendPasswordForgot ( $username , $email )
{
2015-04-25 20:08:44 +00:00
// Check if authentication is disallowed
2015-12-04 14:19:10 +00:00
if ( Config :: get ( 'lock_authentication' )) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Clean username string
2016-01-17 01:58:31 +00:00
$usernameClean = Utils :: cleanString ( $username , true );
$emailClean = Utils :: cleanString ( $email , true );
2015-04-25 20:08:44 +00:00
// Do database request
2016-02-25 16:06:29 +00:00
$user = DBv2 :: prepare ( 'SELECT * FROM `{prefix}users` WHERE `username_clean` = :clean AND `email` = :email' );
2016-02-18 23:28:44 +00:00
$user -> execute ([
'clean' => $usernameClean ,
'email' => $emailClean ,
2015-04-25 20:08:44 +00:00
]);
2016-02-18 23:28:44 +00:00
$user = $user -> fetch ( \PDO :: FETCH_ASSOC );
2015-04-25 20:08:44 +00:00
// Check if user exists
2015-09-14 20:51:23 +00:00
if ( count ( $user ) < 2 ) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'USER_NOT_EXIST' ];
2015-09-05 16:11:04 +00:00
}
2015-12-29 21:52:19 +00:00
// Create user object
$userObj = User :: construct ( $user [ 'user_id' ]);
2015-06-04 12:41:55 +00:00
// Check if the user has the required privs to log in
2015-12-29 21:52:19 +00:00
if ( $userObj -> permission ( Site :: DEACTIVATED )) {
2015-06-04 12:41:55 +00:00
return [ 0 , 'NOT_ALLOWED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Generate the verification key
2016-01-17 01:58:31 +00:00
$verk = ActionCode :: generate ( 'LOST_PASS' , $userObj -> id );
2015-04-25 20:08:44 +00:00
2015-09-05 16:11:04 +00:00
// Create new urls object
$urls = new Urls ();
2015-04-25 20:08:44 +00:00
// Build the e-mail
2015-09-14 20:51:23 +00:00
$message = " Hello " . $user [ 'username' ] . " , \r \n \r \n " ;
2015-12-04 14:19:10 +00:00
$message .= " You are receiving this notification because you have (or someone pretending to be you has) requested a password reset link to be sent for your account on \" " . Config :: get ( 'sitename' ) . " \" . If you did not request this notification then please ignore it, if you keep receiving it please contact the site administrator. \r \n \r \n " ;
2015-04-25 20:08:44 +00:00
$message .= " To use this password reset key you need to go to a special page. To do this click the link provided below. \r \n \r \n " ;
2015-12-04 14:19:10 +00:00
$message .= " http:// " . Config :: get ( 'url_main' ) . $urls -> format ( 'SITE_FORGOT_PASSWORD' ) . " ?pw=true&uid= " . $user [ 'user_id' ] . " &key= " . $verk . " \r \n \r \n " ;
2015-04-25 20:08:44 +00:00
$message .= " If successful you should be able to change your password here. \r \n \r \n " ;
2015-12-04 14:19:10 +00:00
$message .= " Alternatively if the above method fails for some reason you can go to http:// " . Config :: get ( 'url_main' ) . $urls -> format ( 'SITE_FORGOT_PASSWORD' ) . " ?pw=true&uid= " . $user [ 'user_id' ] . " and use the key listed below: \r \n \r \n " ;
2015-09-14 20:51:23 +00:00
$message .= " Verification key: " . $verk . " \r \n \r \n " ;
2015-04-25 20:08:44 +00:00
$message .= " You can of course change this password yourself via the profile page. If you have any difficulties please contact the site administrator. \r \n \r \n " ;
2015-12-04 14:19:10 +00:00
$message .= " -- \r \n \r \n Thanks \r \n \r \n " . Config :: get ( 'mail_signature' );
2015-04-25 20:08:44 +00:00
// Send the message
2016-01-17 01:58:31 +00:00
Utils :: sendMail ([ $user [ 'email' ] => $user [ 'username' ]], Config :: get ( 'sitename' ) . ' password restoration' , $message );
2015-04-25 20:08:44 +00:00
// Return success
return [ 1 , 'SUCCESS' ];
}
2016-02-02 21:04:15 +00:00
/**
* Reset a password .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param string $verk The e - mail verification key .
* @ param int $uid The user id .
* @ param string $newpass New pass .
* @ param string $verpass Again .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array Status .
*/
2015-09-14 20:51:23 +00:00
public static function resetPassword ( $verk , $uid , $newpass , $verpass )
{
2015-04-25 20:08:44 +00:00
// Check if authentication is disallowed
2015-12-04 14:19:10 +00:00
if ( Config :: get ( 'lock_authentication' )) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Check password entropy
2016-01-17 01:58:31 +00:00
if ( Utils :: pwdEntropy ( $newpass ) < Config :: get ( 'min_entropy' )) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'PASS_TOO_SHIT' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Passwords do not match
2015-09-14 20:51:23 +00:00
if ( $newpass != $verpass ) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'PASS_NOT_MATCH' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Check the verification key
2016-01-09 21:57:54 +00:00
$action = ActionCode :: validate ( 'LOST_PASS' , $verk , $uid );
2015-04-25 20:08:44 +00:00
// Check if we got a negative return
2016-01-09 21:57:54 +00:00
if ( ! $action ) {
return [ 0 , 'INVALID_CODE' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Hash the password
2015-09-14 21:41:43 +00:00
$password = Hashing :: createHash ( $newpass );
2015-04-25 20:08:44 +00:00
// Update the user
2016-02-25 16:06:29 +00:00
DBv2 :: prepare ( 'UPDATE `{prefix}users` SET `password_hash` = :hash, `password_salt` = :salt, `password_algo` = :algo, `password_iter` = :iter, `password_chan` = :chan WHERE `user_id` = :id' )
2016-02-18 23:28:44 +00:00
-> execute ([
'hash' => $password [ 3 ],
'salt' => $password [ 2 ],
'algo' => $password [ 0 ],
'iter' => $password [ 1 ],
'chan' => time (),
'id' => $uid ,
2015-04-25 20:08:44 +00:00
]);
// Return success
return [ 1 , 'SUCCESS' ];
}
2016-02-02 21:04:15 +00:00
/**
* Resend activation e - mail .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param string $username Username .
* @ param string $email E - mail .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array Status
*/
2015-09-14 20:51:23 +00:00
public static function resendActivationMail ( $username , $email )
{
2015-04-24 19:31:09 +00:00
// Check if authentication is disallowed
2015-12-04 14:19:10 +00:00
if ( Config :: get ( 'lock_authentication' )) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-21 14:23:28 +00:00
// Clean username string
2016-01-17 01:58:31 +00:00
$usernameClean = Utils :: cleanString ( $username , true );
$emailClean = Utils :: cleanString ( $email , true );
2015-04-21 14:23:28 +00:00
// Do database request
2016-02-25 16:06:29 +00:00
$user = DBv2 :: prepare ( 'SELECT * FROM `{prefix}users` WHERE `username_clean` = :clean AND `email` = :email' );
2016-02-18 23:28:44 +00:00
$user -> execute ([
'clean' => $usernameClean ,
'email' => $emailClean ,
2015-04-21 14:23:28 +00:00
]);
2016-02-18 23:28:44 +00:00
$user = $user -> fetch ( \PDO :: FETCH_ASSOC );
2015-04-21 14:23:28 +00:00
// Check if user exists
2015-09-14 20:51:23 +00:00
if ( count ( $user ) < 2 ) {
2015-04-21 14:23:28 +00:00
return [ 0 , 'USER_NOT_EXIST' ];
2015-09-05 16:11:04 +00:00
}
2015-12-29 21:52:19 +00:00
$userObj = User :: construct ( $user [ 'user_id' ]);
2015-04-21 14:23:28 +00:00
// Check if a user is activated
2015-12-29 21:52:19 +00:00
if ( ! $userObj -> permission ( Site :: DEACTIVATED )) {
2015-04-21 14:23:28 +00:00
return [ 0 , 'USER_ALREADY_ACTIVE' ];
2015-09-05 16:11:04 +00:00
}
2015-04-21 14:23:28 +00:00
// Send activation e-mail
2015-10-10 21:17:50 +00:00
self :: sendActivationMail ( $user [ 'user_id' ]);
2015-04-21 14:23:28 +00:00
// Return success
return [ 1 , 'SUCCESS' ];
}
2016-02-02 21:04:15 +00:00
/**
* Send activation e - mail .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param mixed $uid User ID .
* @ param mixed $customKey Key .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return bool Always true .
*/
2015-09-14 20:51:23 +00:00
public static function sendActivationMail ( $uid , $customKey = null )
{
2015-04-18 18:26:52 +00:00
// Get the user data
2015-12-29 21:52:19 +00:00
$user = User :: construct ( $uid );
2015-04-18 18:26:52 +00:00
// User is already activated or doesn't even exist
2016-01-17 01:58:31 +00:00
if ( ! $user -> id || ! $user -> permission ( Site :: DEACTIVATED )) {
2015-04-18 18:26:52 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Generate activation key
2016-01-17 01:58:31 +00:00
$activate = ActionCode :: generate ( 'ACTIVATE' , $user -> id );
2015-04-18 18:26:52 +00:00
2015-09-05 16:11:04 +00:00
// Create new urls object
$urls = new Urls ();
2015-04-18 18:26:52 +00:00
// Build the e-mail
2015-12-04 14:19:10 +00:00
$message = " Welcome to " . Config :: get ( 'sitename' ) . " ! \r \n \r \n " ;
2015-04-18 18:26:52 +00:00
$message .= " Please keep this e-mail for your records. Your account intormation is as follows: \r \n \r \n " ;
$message .= " ---------------------------- \r \n \r \n " ;
2016-01-17 01:58:31 +00:00
$message .= " Username: " . $user -> username . " \r \n \r \n " ;
$message .= " Your profile: http:// " . Config :: get ( 'url_main' ) . $urls -> format ( 'USER_PROFILE' , [ $user -> id ]) . " \r \n \r \n " ;
2015-04-18 18:26:52 +00:00
$message .= " ---------------------------- \r \n \r \n " ;
$message .= " Please visit the following link in order to activate your account: \r \n \r \n " ;
2016-01-17 01:58:31 +00:00
$message .= " http:// " . Config :: get ( 'url_main' ) . $urls -> format ( 'SITE_ACTIVATE' ) . " ?mode=activate&u= " . $user -> id . " &k= " . $activate . " \r \n \r \n " ;
2015-04-18 18:26:52 +00:00
$message .= " Your password has been securely stored in our database and cannot be retrieved. " ;
$message .= " In the event that it is forgotten, you will be able to reset it using the email address associated with your account. \r \n \r \n " ;
$message .= " Thank you for registering. \r \n \r \n " ;
2015-12-04 14:19:10 +00:00
$message .= " -- \r \n \r \n Thanks \r \n \r \n " . Config :: get ( 'mail_signature' );
2015-04-18 18:26:52 +00:00
// Send the message
2016-01-17 01:58:31 +00:00
Utils :: sendMail (
2015-09-14 21:41:43 +00:00
[
2016-01-18 20:21:08 +00:00
$user -> email => $user -> username ,
2015-09-14 21:41:43 +00:00
],
2015-12-04 14:19:10 +00:00
Config :: get ( 'sitename' ) . ' Activation Mail' ,
2015-09-14 21:41:43 +00:00
$message
);
2015-04-18 18:26:52 +00:00
// Return true indicating that the things have been sent
return true ;
}
2016-02-02 21:04:15 +00:00
/**
* Activate a user .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param int $uid The ID .
* @ param bool $requireKey Require a key .
* @ param string $key The key .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array Status .
*/
2015-09-14 20:51:23 +00:00
public static function activateUser ( $uid , $requireKey = false , $key = null )
{
2015-04-19 13:00:32 +00:00
// Get the user data
2015-12-29 21:52:19 +00:00
$user = User :: construct ( $uid );
2015-04-19 13:00:32 +00:00
// Check if user exists
2016-01-17 01:58:31 +00:00
if ( ! $user -> id ) {
2015-04-19 13:00:32 +00:00
return [ 0 , 'USER_NOT_EXIST' ];
2015-09-05 16:11:04 +00:00
}
2015-04-19 13:00:32 +00:00
// Check if user is already activated
2015-12-29 21:52:19 +00:00
if ( ! $user -> permission ( Site :: DEACTIVATED )) {
2015-04-19 13:00:32 +00:00
return [ 0 , 'USER_ALREADY_ACTIVE' ];
2015-09-05 16:11:04 +00:00
}
2016-01-09 21:57:54 +00:00
// Check if a key is set
2015-09-14 20:51:23 +00:00
if ( $requireKey ) {
2015-04-19 13:00:32 +00:00
// Check the action code
2016-01-17 01:58:31 +00:00
$action = ActionCode :: validate ( 'ACTIVATE' , $key , $user -> id );
2015-04-19 13:00:32 +00:00
// Check if we got a negative return
2016-01-09 21:57:54 +00:00
if ( ! $action ) {
return [ 0 , 'INVALID_CODE' ];
2015-09-05 16:11:04 +00:00
}
2015-04-19 13:00:32 +00:00
}
2016-02-05 11:20:33 +00:00
2016-01-09 21:57:54 +00:00
// Add normal user, remove deactivated and set normal as default
$user -> addRanks ([ 2 ]);
$user -> removeRanks ([ 1 ]);
$user -> setMainRank ( 2 );
2015-04-19 13:00:32 +00:00
// Return success
return [ 1 , 'SUCCESS' ];
}
2016-02-02 21:04:15 +00:00
/**
* Check if a user exists .
2016-02-05 11:20:33 +00:00
*
2016-02-18 23:28:44 +00:00
* @ param mixed $id The Username or ID .
* @ param mixed $unused Unused variable .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return mixed Returns the ID if it exists , false otherwise .
*/
2016-02-18 23:28:44 +00:00
public static function userExists ( $id , $unused = null )
2015-09-14 20:51:23 +00:00
{
2015-04-08 19:27:51 +00:00
// Do database request
2016-02-25 16:06:29 +00:00
$user = DBv2 :: prepare ( 'SELECT * FROM `{prefix}users` WHERE `user_id` = :id OR `username_clean` = :clean' );
2016-02-18 23:28:44 +00:00
$user -> execute ([
'id' => $id ,
'clean' => Utils :: cleanString ( $id , true , true ),
]);
$user = $user -> fetch ();
2015-04-08 19:27:51 +00:00
// Return count (which would return 0, aka false, if nothing was found)
2016-02-18 23:28:44 +00:00
return $user ? $user -> user_id : false ;
2015-04-08 19:27:51 +00:00
}
2016-02-02 21:04:15 +00:00
/**
* Get all available profile fields .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array | null The fields .
*/
2015-09-14 20:51:23 +00:00
public static function getProfileFields ()
{
2015-06-27 11:03:11 +00:00
// Get profile fields
2016-02-25 16:06:29 +00:00
$profileFields = DBv2 :: prepare ( 'SELECT * FROM `{prefix}profilefields`' );
2016-02-18 23:28:44 +00:00
$profileFields -> execute ();
$profileFields = $profileFields -> fetchAll ( \PDO :: FETCH_ASSOC );
2015-06-27 11:03:11 +00:00
// If there's nothing just return null
2015-09-14 20:51:23 +00:00
if ( ! count ( $profileFields )) {
2015-06-27 11:03:11 +00:00
return null ;
2015-09-05 16:11:04 +00:00
}
2015-06-27 11:03:11 +00:00
// Create output array
$fields = [];
// Iterate over the fields and clean them up
2015-09-14 20:51:23 +00:00
foreach ( $profileFields as $field ) {
2015-10-10 21:17:50 +00:00
$fields [ $field [ 'field_id' ]] = $field ;
2016-01-17 01:58:31 +00:00
$fields [ $field [ 'field_id' ]][ 'field_identity' ] = Utils :: cleanString ( $field [ 'field_name' ], true , true );
2015-10-10 21:17:50 +00:00
$fields [ $field [ 'field_id' ]][ 'field_additional' ] = json_decode ( $field [ 'field_additional' ], true );
2015-06-27 11:03:11 +00:00
}
// Return the yeahs
return $fields ;
}
2016-02-02 21:04:15 +00:00
/**
* Get all available option fields .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array | null The fields .
*/
2015-09-14 20:51:23 +00:00
public static function getOptionFields ()
{
2015-08-21 22:07:45 +00:00
// Get option fields
2016-02-25 16:06:29 +00:00
$optionFields = DBv2 :: prepare ( 'SELECT * FROM `{prefix}optionfields`' );
2016-02-18 23:28:44 +00:00
$optionFields -> execute ();
$optionFields = $optionFields -> fetchAll ( \PDO :: FETCH_ASSOC );
2015-08-21 22:07:45 +00:00
// If there's nothing just return null
2015-09-14 20:51:23 +00:00
if ( ! count ( $optionFields )) {
2015-08-21 22:07:45 +00:00
return null ;
}
// Create output array
$fields = [];
2015-12-29 21:52:19 +00:00
$user = User :: construct ( self :: checkLogin ()[ 0 ]);
2015-08-21 22:07:45 +00:00
// Iterate over the fields and clean them up
2015-09-14 20:51:23 +00:00
foreach ( $optionFields as $field ) {
2015-12-29 21:52:19 +00:00
if ( ! $user -> permission ( constant ( 'Sakura\Perms\Site::' . $field [ 'option_permission' ]))) {
2015-08-21 22:07:45 +00:00
continue ;
}
2015-10-10 21:17:50 +00:00
$fields [ $field [ 'option_id' ]] = $field ;
2015-08-21 22:07:45 +00:00
}
// Return the yeahs
return $fields ;
}
2016-02-02 21:04:15 +00:00
/**
* Get all online users .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array Array containing User instances .
*/
2015-09-14 20:51:23 +00:00
public static function checkAllOnline ()
{
2015-04-27 00:41:59 +00:00
// Assign time - 500 to a variable
2015-12-04 14:19:10 +00:00
$time = time () - Config :: get ( 'max_online_time' );
2015-11-07 22:58:02 +00:00
$return = [];
2015-04-27 00:41:59 +00:00
// Get all online users in the past 5 minutes
2016-02-25 16:06:29 +00:00
$getAll = DBv2 :: prepare ( 'SELECT * FROM `{prefix}users` WHERE `user_last_online` > :lo' );
2016-02-18 23:28:44 +00:00
$getAll -> execute ([
'lo' => $time ,
]);
$getAll = $getAll -> fetchAll ();
2015-04-27 00:41:59 +00:00
2015-11-07 22:58:02 +00:00
foreach ( $getAll as $user ) {
2016-02-18 23:28:44 +00:00
$return [] = User :: construct ( $user -> user_id );
2015-11-07 22:58:02 +00:00
}
2015-04-27 00:41:59 +00:00
// Return all the online users
2015-11-07 22:58:02 +00:00
return $return ;
2015-04-27 00:41:59 +00:00
}
2016-02-02 21:04:15 +00:00
/**
* Add premium time to a user .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param int $id The user ID .
* @ param int $seconds The amount of extra seconds .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array | double | int The new expiry date .
*/
2015-09-14 20:51:23 +00:00
public static function addUserPremium ( $id , $seconds )
{
2015-07-01 14:29:12 +00:00
// Check if there's already a record of premium for this user in the database
2016-02-25 16:06:29 +00:00
$getUser = DBv2 :: prepare ( 'SELECT * FROM `{prefix}premium` WHERE `user_id` = :user' );
2016-02-18 23:28:44 +00:00
$getUser -> execute ([
'user' => $id ,
2015-07-01 14:29:12 +00:00
]);
2016-02-18 23:28:44 +00:00
$getUser = $getUser -> fetch ( \PDO :: FETCH_ASSOC );
2015-07-01 14:29:12 +00:00
// Calculate the (new) start and expiration timestamp
2015-10-10 21:17:50 +00:00
$start = isset ( $getUser [ 'premium_start' ]) ? $getUser [ 'premium_start' ] : time ();
$expire = isset ( $getUser [ 'premium_expire' ]) ? $getUser [ 'premium_expire' ] + $seconds : time () + $seconds ;
2015-07-01 14:29:12 +00:00
// If the user already exists do an update call, otherwise an insert call
2015-09-14 20:51:23 +00:00
if ( empty ( $getUser )) {
2016-02-25 16:06:29 +00:00
DBv2 :: prepare ( 'INSERT INTO `{prefix}premium` (`user_id`, `premium_start`, `premium_expire`) VALUES (:user, :start, :expire)' )
2016-02-18 23:28:44 +00:00
-> execute ([
'user' => $id ,
'start' => $start ,
'expire' => $expire ,
2015-07-01 14:29:12 +00:00
]);
} else {
2016-02-25 16:06:29 +00:00
DBv2 :: prepare ( 'UPDATE `{prefix}premium` SET `premium_expire` = :expire WHERE `user_id` = :id' )
2016-02-18 23:28:44 +00:00
-> execute ([
'expire' => $expire ,
'user_id' => $id ,
2015-07-01 14:29:12 +00:00
]);
}
// Return the expiration timestamp
return $expire ;
}
2016-02-02 21:04:15 +00:00
/**
* Process premium meta data .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param int $id The user ID .
*/
2015-09-14 20:51:23 +00:00
public static function updatePremiumMeta ( $id )
{
2015-07-01 14:29:12 +00:00
// Get the ID for the premium user rank from the database
2015-12-04 14:19:10 +00:00
$premiumRank = Config :: get ( 'premium_rank_id' );
2015-12-31 14:51:01 +00:00
$excepted = Config :: get ( 'restricted_rank_id' );
2015-07-01 14:29:12 +00:00
2015-11-11 21:54:56 +00:00
// Create user object
2015-12-29 01:27:49 +00:00
$user = User :: construct ( $id );
2015-11-11 21:54:56 +00:00
2015-07-01 14:29:12 +00:00
// Run the check
2015-11-11 21:54:56 +00:00
$check = $user -> isPremium ();
2015-07-01 14:29:12 +00:00
// Check if the user has premium
2016-01-17 01:58:31 +00:00
if ( $check [ 0 ] && ! array_key_exists ( $excepted , $user -> ranks )) {
2015-07-01 14:29:12 +00:00
// If so add the rank to them
2015-11-11 21:54:56 +00:00
$user -> addRanks ([ $premiumRank ]);
2015-07-01 14:29:12 +00:00
// Check if the user's default rank is standard user and update it to premium
2016-01-17 01:58:31 +00:00
if ( $user -> mainRankId == 2 ) {
2015-11-11 21:54:56 +00:00
$user -> setMainRank ( $premiumRank );
2015-09-05 16:11:04 +00:00
}
2016-01-02 17:55:31 +00:00
} elseif ( ! $check [ 0 ]) {
2015-11-11 21:54:56 +00:00
// Remove the expired entry
2016-02-25 16:06:29 +00:00
DBv2 :: prepare ( 'DELETE FROM `{prefix}premium` WHERE `user_id` = :user' )
2016-02-18 23:28:44 +00:00
-> execute ([
'user' => $user -> id ,
2015-11-11 21:54:56 +00:00
]);
2015-07-01 14:29:12 +00:00
// Else remove the rank from them
2015-11-11 21:54:56 +00:00
$user -> removeRanks ([ $premiumRank ]);
2015-07-01 14:29:12 +00:00
}
2015-04-27 00:41:59 +00:00
}
2016-02-02 21:04:15 +00:00
/**
* Get all users that registered from a certain IP .
2016-02-05 11:20:33 +00:00
*
* @ param string $ip The IP .
*
2016-02-02 21:04:15 +00:00
* @ return array The users .
*/
2015-09-14 20:51:23 +00:00
public static function getUsersByIP ( $ip )
{
2016-02-18 23:28:44 +00:00
// Get the users
2016-02-25 16:06:29 +00:00
$users = DBv2 :: prepare ( 'SELECT * FROM `{prefix}users` WHERE `register_ip` = :rip OR `last_ip` = :lip' );
2016-02-18 23:28:44 +00:00
$users -> execute ([
'rip' => $ip ,
'lip' => $ip ,
]);
$users = $users -> fetchAll ( \PDO :: FETCH_ASSOC );
2015-04-12 01:20:31 +00:00
// Return the array with users
return $users ;
}
2016-02-02 21:04:15 +00:00
/**
* Get all ranks .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array All ranks .
*/
2015-09-14 20:51:23 +00:00
public static function getAllRanks ()
{
2015-04-02 13:24:05 +00:00
// Execute query
2016-02-25 16:06:29 +00:00
$getRanks = DBv2 :: prepare ( 'SELECT * FROM `{prefix}ranks`' );
2016-02-18 23:28:44 +00:00
$getRanks -> execute ();
$getRanks = $getRanks -> fetchAll ();
2015-04-02 13:24:05 +00:00
2015-04-25 20:25:44 +00:00
// Define variable
$ranks = [];
2015-04-02 13:24:05 +00:00
// Reorder shit
2015-09-14 20:51:23 +00:00
foreach ( $getRanks as $rank ) {
2016-02-18 23:28:44 +00:00
$ranks [ $rank -> rank_id ] = Rank :: construct ( $rank -> rank_id );
2015-09-05 16:11:04 +00:00
}
2015-04-06 20:06:33 +00:00
// and return an array with the ranks
return $ranks ;
2015-04-02 13:24:05 +00:00
}
2016-02-02 21:04:15 +00:00
/**
* Get a user ' s notifications .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param int $uid The user id .
* @ param int $timediff The maximum difference in time .
* @ param bool $excludeRead Exclude notifications that were already read .
* @ param bool $markRead Automatically mark as read .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return array The notifications .
*/
2015-09-14 20:51:23 +00:00
public static function getNotifications ( $uid = null , $timediff = 0 , $excludeRead = true , $markRead = false )
{
2015-05-09 00:56:55 +00:00
// Prepare conditions
2016-02-18 23:28:44 +00:00
$uid = $uid ? $uid : self :: checkLogin ()[ 0 ];
$time = $timediff ? time () - $timediff : '%' ;
$read = $excludeRead ? '0' : '%' ;
2015-09-05 16:11:04 +00:00
2015-05-09 00:56:55 +00:00
// Get notifications for the database
2016-02-25 16:06:29 +00:00
$notifications = DBv2 :: prepare ( 'SELECT * FROM `{prefix}notifications` WHERE `user_id` = :user AND `alert_timestamp` > :time AND `alert_read` = :read' );
2016-02-18 23:28:44 +00:00
$notifications -> execute ([
'user' => $uid ,
'time' => $time ,
'read' => $read ,
]);
$notifications = $notifications -> fetchAll ( \PDO :: FETCH_ASSOC );
2015-05-09 00:56:55 +00:00
// Mark the notifications as read
2015-09-14 20:51:23 +00:00
if ( $markRead ) {
2015-05-09 00:56:55 +00:00
// Iterate over all entries
2015-09-14 20:51:23 +00:00
foreach ( $notifications as $notification ) {
2015-05-09 00:56:55 +00:00
// If the notifcation is already read skip
2015-10-10 21:17:50 +00:00
if ( $notification [ 'alert_read' ]) {
2015-05-09 00:56:55 +00:00
continue ;
2015-09-05 16:11:04 +00:00
}
2015-05-09 00:56:55 +00:00
// Mark them as read
2015-10-16 13:37:29 +00:00
self :: markNotificationRead ( $notification [ 'alert_id' ]);
2015-05-09 00:56:55 +00:00
}
}
// Return the notifications
return $notifications ;
}
2016-02-02 21:04:15 +00:00
/**
* Mark a notification as read
2016-02-05 11:20:33 +00:00
*
* @ param mixed $id The notification ' s ID .
2016-02-02 21:04:15 +00:00
* @ param mixed $mode Read or unread .
*/
2015-09-14 20:51:23 +00:00
public static function markNotificationRead ( $id , $mode = true )
{
2015-05-09 00:56:55 +00:00
// Execute an update statement
2016-02-25 16:06:29 +00:00
DBv2 :: prepare ( 'UPDATE `{prefix}notifications` SET `alert_read` = :read WHERE `alert_id` = :id' )
2016-02-18 23:28:44 +00:00
-> execute ([
'read' => ( $mode ? 1 : 0 ),
'id' => $id ,
2015-05-09 00:56:55 +00:00
]);
}
2016-02-02 21:04:15 +00:00
/**
* Create a new notification .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ param int $user The user id .
* @ param string $title The notification title .
* @ param string $text The rest of the text .
* @ param int $timeout After how many seconds the notification should disappear .
* @ param string $img The image .
* @ param string $link The link .
* @ param int $sound Whether it should play a noise .
*/
2015-09-14 20:51:23 +00:00
public static function createNotification ( $user , $title , $text , $timeout = 60000 , $img = 'FONT:fa-info-circle' , $link = '' , $sound = 0 )
{
2015-05-09 00:56:55 +00:00
// Insert it into the database
2016-02-25 16:06:29 +00:00
DBv2 :: prepare ( 'INSERT INTO `{prefix}notifications` (`user_id`, `alert_timestamp`, `alert_read`, `alert_sound`, `alert_title`, `alert_text`, `alert_link`, `alert_img`, `alert_timeout`) VALUES (:user, :time, :read, :sound, :title, :text, :link, :img, :timeout)' )
2016-02-18 23:28:44 +00:00
-> execute ([
'user' => $user ,
'time' => time (),
'read' => 0 ,
'sound' => ( $sound ? 1 : 0 ),
'title' => $title ,
'text' => $text ,
'link' => $link ,
'img' => $img ,
'timeout' => $timeout ,
2015-05-09 00:56:55 +00:00
]);
}
2016-02-02 21:04:15 +00:00
/**
* Get the newest member ' s ID .
2016-02-05 11:20:33 +00:00
*
2016-02-02 21:04:15 +00:00
* @ return int The user ID .
*/
2015-09-14 20:51:23 +00:00
public static function getNewestUserId ()
{
2016-02-25 16:06:29 +00:00
$get = DBv2 :: prepare ( 'SELECT `user_id` FROM `{prefix}users` WHERE `rank_main` != :restricted ORDER BY `user_id` DESC LIMIT 1' );
2016-02-18 23:28:44 +00:00
$get -> execute ([
'restricted' => Config :: get ( 'restricted_rank_id' ),
]);
$get = $get -> fetch ();
return $get ? $get -> user_id : 0 ;
2015-08-28 20:32:31 +00:00
}
2015-04-02 13:24:05 +00:00
}