From b7377f144600b46caca9f7c9973f5cf159f1d417 Mon Sep 17 00:00:00 2001
From: flashwave <me@flash.moe>
Date: Wed, 8 Apr 2015 19:27:51 +0000
Subject: [PATCH] more auth shit

---
 _sakura/components/Users.php              | 47 +++++++++++++++++++++++
 _sakura/templates/yuuno/global/header.tpl |  4 +-
 main/authenticate.php                     | 40 +++++++++++++++----
 main/index.php                            |  8 ++--
 4 files changed, 86 insertions(+), 13 deletions(-)

diff --git a/_sakura/components/Users.php b/_sakura/components/Users.php
index 60911a9..85b84fc 100644
--- a/_sakura/components/Users.php
+++ b/_sakura/components/Users.php
@@ -52,6 +52,53 @@ class Users {
 
     }
 
+    // Log a user in
+    public static function login($username, $password) {
+
+        // Check if the user that's trying to log in actually exists
+        if(!$uid = self::userExists($username, false))
+            return [0, 'USER_NOT_EXIST'];
+
+        // Get account data
+        $userData = self::getUser($uid);
+
+        // Validate password
+        if($userData['password_algo'] == 'legacy') { // Shitty legacy method of sha512(strrev(sha512()))
+
+            if(Main::legacyPasswordHash($password) != $userData['password_hash'])
+                return [0, 'INCORRECT_PASSWORD'];
+
+        } else { // Dank ass PBKDF2 hashing
+
+            if(!Hashing::validate_password($password, [
+                $userData['password_algo'],
+                $userData['password_iter'],
+                $userData['password_salt'],
+                $userData['password_hash']
+            ]))
+                return [0, 'INCORRECT_PASSWORD'];
+
+        }
+
+        // Successful login! (also has a thing for the legacy password system)
+        return [1, ($userData['password_algo'] == 'legacy' ? 'LEGACY_SUCCESS' : 'LOGIN_SUCESS')];
+
+    }
+
+    // Check if a user exists
+    public static function userExists($user, $id = true) {
+
+        // Clean string
+        $user = Main::cleanString($user, true);
+
+        // Do database request
+        $user = Database::fetch('users', true, [($id ? 'id' : 'username_clean') => [$user, '=']]);
+
+        // Return count (which would return 0, aka false, if nothing was found)
+        return count($user) ? $user[0]['id'] : false;
+
+    }
+
     // Get user data by id
     public static function getUser($id) {
 
diff --git a/_sakura/templates/yuuno/global/header.tpl b/_sakura/templates/yuuno/global/header.tpl
index 8e8bfb0..8c9106a 100644
--- a/_sakura/templates/yuuno/global/header.tpl
+++ b/_sakura/templates/yuuno/global/header.tpl
@@ -5,10 +5,10 @@
         <meta charset="{{ sakura.charset }}" />
         <title>{{ page.title }}</title>
         <meta name="description" content="Any community that gets its laughs by pretending to be idiots will eventually be flooded by actual idiots who mistakenly believe that they're in good company. Welcome to Flashii." />
-        <meta name="keywords" content="Flashii, Media, Flashwave, Murasaki, Misaka, Circle, Zeniea, MalwareUp, Cybernetics, Saibateku, Community" />
+        <meta name="keywords" content="Flashii, Media, Flashwave,Circle, Zeniea, MalwareUp, Cybernetics, Saibateku, Community" />
         <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" />
         {% if page.redirect %}
-            <meta http-equiv="refresh" content="5; URL={{ page.redirect }}" />
+            <meta http-equiv="refresh" content="3; URL={{ page.redirect }}" />
         {% endif %}
         <!-- CSS -->
         <link rel="stylesheet" type="text/css" href="//{{ sakura.urls.content }}/global.css" />
diff --git a/main/authenticate.php b/main/authenticate.php
index f1107ce..c816159 100644
--- a/main/authenticate.php
+++ b/main/authenticate.php
@@ -18,22 +18,48 @@ if(
 
     switch($_REQUEST['mode']) {
 
+        // Login processing
         case 'login':
-        case 'register':
-        case 'forgotpassword':
+
             // Add page specific things
             $renderData['page'] = [
-                'title'     => 'auth test',
+                'title'     => 'Login',
                 'redirect'  => $_SERVER['PHP_SELF'],
-                'message'   => 'meow meow meow meow meow meow meow meow meow meow meow meow'
+                'message'   => 'what'
             ];
 
-            // Print page contents
-            print Templates::render('errors/information.tpl', $renderData);
-            exit;
+            break;
+
+        // Registration processing
+        case 'register':
+
+            // Add page specific things
+            $renderData['page'] = [
+                'title'     => 'Register on Flashii',
+                'redirect'  => $_SERVER['PHP_SELF'],
+                'message'   => 'what'
+            ];
+
+            break;
+
+        // Unforgetting passwords
+        case 'forgotpassword':
+
+            // Add page specific things
+            $renderData['page'] = [
+                'title'     => 'Forgot Password',
+                'redirect'  => $_SERVER['PHP_SELF'],
+                'message'   => 'what'
+            ];
+
+            break;
 
     }
 
+    // Print page contents
+    print Templates::render('errors/information.tpl', $renderData);
+    exit;
+
 }
 
 // Add page specific things
diff --git a/main/index.php b/main/index.php
index 985e4e5..e2286f3 100644
--- a/main/index.php
+++ b/main/index.php
@@ -16,10 +16,10 @@ $renderData['page'] = [
     'articleCount'  => count($renderData['newsPosts'])
 ];
 $renderData['stats'] = [
-    'userCount' => ($userCount = count($users = Users::getAllUsers())) .' user'. ($userCount == 1 ? '' : 's'),
-    'newestUser' => max($users),
-    'lastRegDate' => ($lastRegDate = date_diff(date_create(date('Y-m-d', max($users)['regdate'])), date_create(date('Y-m-d')))->format('%a')) .' day'. ($lastRegDate == 1 ? '' : 's'),
-    'chatOnline' => ($chatOnline = 0) .' user'. ($chatOnline == 1 ? '' : 's')
+    'userCount'     => ($userCount = count($users = Users::getAllUsers())) .' user'. ($userCount == 1 ? '' : 's'),
+    'newestUser'    => max($users),
+    'lastRegDate'   => ($lastRegDate = date_diff(date_create(date('Y-m-d', max($users)['regdate'])), date_create(date('Y-m-d')))->format('%a')) .' day'. ($lastRegDate == 1 ? '' : 's'),
+    'chatOnline'    => ($chatOnline = 0) .' user'. ($chatOnline == 1 ? '' : 's')
 ];
 
 // Print page contents