From 737f6695c2b710c76aa7f7f87d404f84f8096739 Mon Sep 17 00:00:00 2001 From: flashwave Date: Mon, 1 Aug 2016 19:38:59 +0200 Subject: [PATCH] an attempt at something --- app/Controllers/AuthController.php | 15 ++----- app/Controllers/MetaController.php | 5 +++ .../Settings/AdvancedController.php | 2 +- app/Notification.php | 8 ++-- app/User.php | 45 ++++++++++--------- utility.php | 19 ++++++++ 6 files changed, 55 insertions(+), 39 deletions(-) diff --git a/app/Controllers/AuthController.php b/app/Controllers/AuthController.php index 059ac5d..938f102 100644 --- a/app/Controllers/AuthController.php +++ b/app/Controllers/AuthController.php @@ -124,7 +124,7 @@ class AuthController extends Controller return Template::render('global/information'); } - if (strlen($user->password) < 1) { + if ($user->passwordExpired()) { $message = 'Your password expired.'; $redirect = Router::route('auth.resetpassword'); Template::vars(compact('message', 'redirect')); @@ -132,7 +132,7 @@ class AuthController extends Controller return Template::render('global/information'); } - if (!password_verify($password, $user->password)) { + if (!$user->verifyPassword($password)) { $this->touchRateLimit($user->id); $message = 'The password you entered was invalid.'; Template::vars(compact('message', 'redirect')); @@ -552,16 +552,7 @@ class AuthController extends Controller return Template::render('global/information'); } - // Hash the password - $password = password_hash($password, PASSWORD_BCRYPT); - - // Update the user - DB::table('users') - ->where('user_id', $user->id) - ->update([ - 'password' => $password, - 'password_chan' => time(), - ]); + $user->setPassword($password); $message = "Changed your password! You may now log in."; $redirect = Router::route('auth.login'); diff --git a/app/Controllers/MetaController.php b/app/Controllers/MetaController.php index 70b33d3..ae19a08 100644 --- a/app/Controllers/MetaController.php +++ b/app/Controllers/MetaController.php @@ -12,6 +12,7 @@ use Sakura\DB; use Sakura\News\Category; use Sakura\Template; use Sakura\User; +use Sakura\UserTest; /** * Meta page controllers (sections that aren't big enough to warrant a dedicated controller). @@ -28,6 +29,10 @@ class MetaController extends Controller */ public function index() { + $test = new UserTest(1); + + echo $test->country(true); + // Get the newest user $newestUserId = DB::table('users') ->whereNotIn('rank_main', [config('rank.banned'), config('rank.inactive')]) diff --git a/app/Controllers/Settings/AdvancedController.php b/app/Controllers/Settings/AdvancedController.php index 4a49eac..8b9ed85 100644 --- a/app/Controllers/Settings/AdvancedController.php +++ b/app/Controllers/Settings/AdvancedController.php @@ -114,7 +114,7 @@ class AdvancedController extends Controller } // Check password - if (!password_verify($password, ActiveUser::$user->password)) { + if (!ActiveUser::$user->passwordVerify($password)) { $message = "Your password was invalid!"; Template::vars(compact('redirect', 'message')); return Template::render('global/information'); diff --git a/app/Notification.php b/app/Notification.php index 68d0387..d619324 100644 --- a/app/Notification.php +++ b/app/Notification.php @@ -36,15 +36,15 @@ class Notification if ($data) { $data = $data[0]; - $this->id = $data->alert_id; - $this->user = $data->user_id; - $this->time = $data->alert_timestamp; + $this->id = intval($data->alert_id); + $this->user = intval($data->user_id); + $this->time = intval($data->alert_timestamp); $this->read = intval($data->alert_read) !== 0; $this->title = $data->alert_title; $this->text = $data->alert_text; $this->link = $data->alert_link; $this->image = $data->alert_img; - $this->timeout = $data->alert_timeout; + $this->timeout = intval($data->alert_timeout); } } diff --git a/app/User.php b/app/User.php index b57bd91..e39d27d 100644 --- a/app/User.php +++ b/app/User.php @@ -45,28 +45,7 @@ class User * * @var string */ - public $passwordHash = ''; - - /** - * The user's password salt. - * - * @var string - */ - public $passwordSalt = ''; - - /** - * The user's password algorithm. - * - * @var string - */ - public $passwordAlgo = 'disabled'; - - /** - * The password iterations. - * - * @var int - */ - public $passwordIter = 0; + public $password = ''; /** * UNIX timestamp of last time the password was changed. @@ -1119,6 +1098,28 @@ class User ]); } + /** + * Check if password expired + * + * @return bool + */ + public function passwordExpired() + { + return strlen($this->password) < 1; + } + + /** + * Verify the user's password + * + * @param string $password + * + * @return bool + */ + public function verifyPassword($password) + { + return password_verify($password, $this->password); + } + /** * Get all the notifications for this user. * diff --git a/utility.php b/utility.php index c6747df..ed1ae43 100644 --- a/utility.php +++ b/utility.php @@ -41,6 +41,25 @@ function view($name, $vars = []) return Template::render($name); } +// Convert camel case to snake case +function camel_to_snake($text) +{ + return ltrim(strtolower(preg_replace('#[A-Z]#', '_$0', $text)), '_'); +} + +// Convert snake case to camel case +function snake_to_camel($text) +{ + $split = explode('_', $text); + $name = array_shift($split); + + foreach ($split as $part) { + $name .= ucfirst($part); + } + + return $name; +} + function clean_string($string, $lower = false, $noSpecial = false, $replaceSpecial = '') { // Run common sanitisation function over string