2015-04-02 13:24:05 +00:00
|
|
|
<?php
|
|
|
|
|
/*
|
|
|
|
|
* User Management
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
namespace Sakura;
|
|
|
|
|
|
|
|
|
|
class Users {
|
|
|
|
|
|
|
|
|
|
// Empty user template
|
|
|
|
|
public static $emptyUser = [
|
|
|
|
|
'id' => 0,
|
2015-04-02 13:25:18 +00:00
|
|
|
'username' => 'Deleted User',
|
|
|
|
|
'username_clean' => 'deleted user',
|
2015-04-02 13:24:05 +00:00
|
|
|
'password_hash' => '',
|
|
|
|
|
'password_salt' => '',
|
|
|
|
|
'password_algo' => 'sha256',
|
|
|
|
|
'password_iter' => 1000,
|
|
|
|
|
'password_chan' => 0,
|
|
|
|
|
'password_new' => '',
|
|
|
|
|
'email' => 'deleted@flashii.net',
|
2015-04-06 20:26:05 +00:00
|
|
|
'rank_main' => 0,
|
|
|
|
|
'ranks' => '[0]',
|
2015-04-02 13:24:05 +00:00
|
|
|
'name_colour' => '',
|
|
|
|
|
'register_ip' => '127.0.0.1',
|
|
|
|
|
'last_ip' => '127.0.0.1',
|
|
|
|
|
'usertitle' => 'Non-existent user account',
|
|
|
|
|
'profile_md' => '',
|
|
|
|
|
'avatar_url' => '',
|
|
|
|
|
'background_url' => '',
|
|
|
|
|
'regdate' => 0,
|
|
|
|
|
'lastdate' => 0,
|
|
|
|
|
'lastunamechange' => 0,
|
|
|
|
|
'birthday' => '',
|
|
|
|
|
'profile_data' => '[]'
|
|
|
|
|
];
|
|
|
|
|
|
2015-04-06 20:06:33 +00:00
|
|
|
// Empty rank template
|
|
|
|
|
public static $emptyRank = [
|
2015-04-02 13:24:05 +00:00
|
|
|
'id' => 0,
|
2015-04-06 20:06:33 +00:00
|
|
|
'rankname' => 'Non-existent Rank',
|
2015-04-02 13:24:05 +00:00
|
|
|
'multi' => 0,
|
2015-04-12 13:33:59 +00:00
|
|
|
'colour' => '#444',
|
2015-04-06 20:06:33 +00:00
|
|
|
'description' => 'A hardcoded dummy rank for fallback.'
|
2015-04-02 13:24:05 +00:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
// Check if a user is logged in
|
|
|
|
|
public static function loggedIn() {
|
|
|
|
|
|
|
|
|
|
// Just return false for now since we don't have a user system yet
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-08 19:27:51 +00:00
|
|
|
// Log a user in
|
2015-04-12 13:33:59 +00:00
|
|
|
public static function login($username, $password, $remember = false) {
|
2015-04-08 19:27:51 +00:00
|
|
|
|
|
|
|
|
// Check if the user that's trying to log in actually exists
|
|
|
|
|
if(!$uid = self::userExists($username, false))
|
|
|
|
|
return [0, 'USER_NOT_EXIST'];
|
|
|
|
|
|
|
|
|
|
// Get account data
|
|
|
|
|
$userData = self::getUser($uid);
|
|
|
|
|
|
|
|
|
|
// Validate password
|
|
|
|
|
if($userData['password_algo'] == 'legacy') { // Shitty legacy method of sha512(strrev(sha512()))
|
|
|
|
|
|
|
|
|
|
if(Main::legacyPasswordHash($password) != $userData['password_hash'])
|
|
|
|
|
return [0, 'INCORRECT_PASSWORD'];
|
|
|
|
|
|
2015-04-12 13:33:59 +00:00
|
|
|
} else { // PBKDF2 hashing
|
2015-04-08 19:27:51 +00:00
|
|
|
|
|
|
|
|
if(!Hashing::validate_password($password, [
|
|
|
|
|
$userData['password_algo'],
|
|
|
|
|
$userData['password_iter'],
|
|
|
|
|
$userData['password_salt'],
|
|
|
|
|
$userData['password_hash']
|
|
|
|
|
]))
|
|
|
|
|
return [0, 'INCORRECT_PASSWORD'];
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-12 13:33:59 +00:00
|
|
|
// Check if the user is deactivated
|
|
|
|
|
if(in_array(0, json_decode($userData['ranks'], true)))
|
|
|
|
|
return [0, 'DEACTIVATED'];
|
|
|
|
|
|
|
|
|
|
// Create a new session
|
|
|
|
|
$sessionKey = Session::newSession($userData['id'], $remember);
|
|
|
|
|
|
|
|
|
|
// Set cookies
|
|
|
|
|
setcookie(Configuration::getConfig('cookie_prefix') .'id', $userData['id'], time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
|
|
|
|
|
setcookie(Configuration::getConfig('cookie_prefix') .'session', $sessionKey, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
|
|
|
|
|
|
2015-04-08 19:27:51 +00:00
|
|
|
// Successful login! (also has a thing for the legacy password system)
|
|
|
|
|
return [1, ($userData['password_algo'] == 'legacy' ? 'LEGACY_SUCCESS' : 'LOGIN_SUCESS')];
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-13 10:14:59 +00:00
|
|
|
// Logout and kill the session
|
|
|
|
|
public static function logout() {
|
|
|
|
|
|
|
|
|
|
// Remove the active session from the database
|
|
|
|
|
// Session::deleteSession($id, $key);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-08 19:27:51 +00:00
|
|
|
// Check if a user exists
|
|
|
|
|
public static function userExists($user, $id = true) {
|
|
|
|
|
|
|
|
|
|
// Clean string
|
|
|
|
|
$user = Main::cleanString($user, true);
|
|
|
|
|
|
|
|
|
|
// Do database request
|
|
|
|
|
$user = Database::fetch('users', true, [($id ? 'id' : 'username_clean') => [$user, '=']]);
|
|
|
|
|
|
|
|
|
|
// Return count (which would return 0, aka false, if nothing was found)
|
|
|
|
|
return count($user) ? $user[0]['id'] : false;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-02 13:24:05 +00:00
|
|
|
// Get user data by id
|
|
|
|
|
public static function getUser($id) {
|
|
|
|
|
|
|
|
|
|
// Execute query
|
|
|
|
|
$user = Database::fetch('users', false, ['id' => [$id, '=']]);
|
|
|
|
|
|
|
|
|
|
// Return false if no user was found
|
|
|
|
|
if(empty($user))
|
|
|
|
|
return self::$emptyUser;
|
|
|
|
|
|
|
|
|
|
// If user was found return user data
|
|
|
|
|
return $user;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-06 20:06:33 +00:00
|
|
|
// Get rank data by id
|
|
|
|
|
public static function getRank($id) {
|
2015-04-02 13:24:05 +00:00
|
|
|
|
|
|
|
|
// Execute query
|
2015-04-06 20:06:33 +00:00
|
|
|
$rank = Database::fetch('ranks', false, ['id' => [$id, '=']]);
|
2015-04-02 13:24:05 +00:00
|
|
|
|
2015-04-06 20:06:33 +00:00
|
|
|
// Return false if no rank was found
|
|
|
|
|
if(empty($rank))
|
|
|
|
|
return self::$emptyRank;
|
2015-04-02 13:24:05 +00:00
|
|
|
|
2015-04-06 20:06:33 +00:00
|
|
|
// If rank was found return rank data
|
|
|
|
|
return $rank;
|
2015-04-02 13:24:05 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-12 01:20:31 +00:00
|
|
|
// Get user(s) by IP
|
|
|
|
|
public static function getUsersByIP($ip) {
|
|
|
|
|
|
|
|
|
|
// Get users by registration IP
|
|
|
|
|
$registeredFrom = Database::fetch('users', true, ['register_ip' => [$ip, '=']]);
|
|
|
|
|
|
|
|
|
|
// Get users by last IP
|
|
|
|
|
$lastFrom = Database::fetch('users', true, ['last_ip' => [$ip, '='], 'register_ip' => [$ip, '!=']]);
|
|
|
|
|
|
|
|
|
|
// Merge the arrays
|
|
|
|
|
$users = array_merge($registeredFrom, $lastFrom);
|
|
|
|
|
|
|
|
|
|
// Return the array with users
|
|
|
|
|
return $users;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-02 13:24:05 +00:00
|
|
|
// Get all users
|
|
|
|
|
public static function getAllUsers() {
|
|
|
|
|
|
|
|
|
|
// Execute query
|
|
|
|
|
$getUsers = Database::fetch('users', true);
|
|
|
|
|
|
|
|
|
|
// Reorder shit
|
|
|
|
|
foreach($getUsers as $user)
|
|
|
|
|
$users[$user['id']] = $user;
|
|
|
|
|
|
|
|
|
|
// and return an array with the users
|
|
|
|
|
return $users;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-06 20:06:33 +00:00
|
|
|
// Get all ranks
|
|
|
|
|
public static function getAllRanks() {
|
2015-04-02 13:24:05 +00:00
|
|
|
|
|
|
|
|
// Execute query
|
2015-04-06 20:06:33 +00:00
|
|
|
$getRanks = Database::fetch('ranks', true);
|
2015-04-02 13:24:05 +00:00
|
|
|
|
|
|
|
|
// Reorder shit
|
2015-04-06 20:06:33 +00:00
|
|
|
foreach($getRanks as $rank)
|
|
|
|
|
$ranks[$rank['id']] = $rank;
|
2015-04-02 13:24:05 +00:00
|
|
|
|
2015-04-06 20:06:33 +00:00
|
|
|
// and return an array with the ranks
|
|
|
|
|
return $ranks;
|
2015-04-02 13:24:05 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
