2015-04-02 13:24:05 +00:00
< ? php
/*
* User Management
*/
namespace Sakura ;
2015-10-18 19:06:30 +00:00
/**
* Class Users
* @ package Sakura
*/
2015-09-14 20:51:23 +00:00
class Users
{
2015-04-02 13:24:05 +00:00
// Empty user template
public static $emptyUser = [
2015-10-11 12:13:27 +00:00
'user_id' => 0 ,
2015-10-24 08:55:45 +00:00
'username' => 'User' ,
'username_clean' => 'user' ,
2015-09-14 20:51:23 +00:00
'password_hash' => '' ,
'password_salt' => '' ,
'password_algo' => 'nologin' ,
'password_iter' => 1000 ,
'password_chan' => 0 ,
'password_new' => '' ,
'email' => 'sakura@localhost' ,
'rank_main' => 0 ,
2015-10-10 21:36:17 +00:00
'user_ranks' => '[0]' ,
'user_colour' => '' ,
2015-09-14 20:51:23 +00:00
'register_ip' => '127.0.0.1' ,
'last_ip' => '127.0.0.1' ,
2015-10-24 08:55:45 +00:00
'user_title' => '' ,
2015-10-10 21:36:17 +00:00
'user_registered' => 0 ,
'user_last_online' => 0 ,
'user_birthday' => '' ,
'user_country' => 'XX' ,
2015-10-10 21:17:50 +00:00
'user_data' => '[]' ,
2015-04-02 13:24:05 +00:00
];
2015-04-06 20:06:33 +00:00
// Empty rank template
public static $emptyRank = [
2015-10-10 21:17:50 +00:00
'rank_id' => 0 ,
2015-10-24 08:55:45 +00:00
'rank_name' => 'Rank' ,
'rank_hierarchy' => 0 ,
2015-10-10 21:17:50 +00:00
'rank_multiple' => null ,
'rank_hidden' => 1 ,
'rank_colour' => '#444' ,
2015-10-24 08:55:45 +00:00
'rank_description' => '' ,
2015-10-10 21:17:50 +00:00
'rank_title' => '' ,
2015-04-02 13:24:05 +00:00
];
// Check if a user is logged in
2015-10-17 20:58:51 +00:00
public static function checkLogin ( $uid = null , $sid = null )
2015-09-14 20:51:23 +00:00
{
2015-04-02 13:24:05 +00:00
2015-10-17 20:58:51 +00:00
// Assign $uid and $sid
2015-11-06 22:30:37 +00:00
$uid = $uid ? $uid : ( isset ( $_COOKIE [ Config :: getConfig ( 'cookie_prefix' ) . 'id' ])
? $_COOKIE [ Config :: getConfig ( 'cookie_prefix' ) . 'id' ]
2015-10-17 20:58:51 +00:00
: 0 );
2015-11-06 22:30:37 +00:00
$sid = $sid ? $sid : ( isset ( $_COOKIE [ Config :: getConfig ( 'cookie_prefix' ) . 'session' ])
? $_COOKIE [ Config :: getConfig ( 'cookie_prefix' ) . 'session' ]
2015-10-17 20:58:51 +00:00
: 0 );
2015-08-23 22:08:36 +00:00
2015-10-17 20:58:51 +00:00
// Get session
2015-10-18 01:50:50 +00:00
$session = new Session ( $uid , $sid );
// Validate the session
$sessionValid = $session -> validate ();
2015-04-17 22:14:31 +00:00
2015-09-15 20:37:29 +00:00
// Check if the session exists and check if the user is activated
2015-10-18 01:50:50 +00:00
if ( $sessionValid == 0 || Permissions :: check ( 'SITE' , 'DEACTIVATED' , $uid , 1 )) {
2015-09-15 20:37:29 +00:00
// Unset User ID
setcookie (
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_prefix' ) . 'id' ,
2015-09-15 20:37:29 +00:00
0 ,
time () - 60 ,
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_path' ),
Config :: getConfig ( 'cookie_domain' )
2015-09-15 20:37:29 +00:00
);
// Unset Session ID
setcookie (
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_prefix' ) . 'session' ,
2015-09-15 20:37:29 +00:00
'' ,
time () - 60 ,
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_path' ),
Config :: getConfig ( 'cookie_domain' )
2015-09-15 20:37:29 +00:00
);
2015-09-05 16:11:04 +00:00
2015-06-04 12:41:55 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-04-17 22:14:31 +00:00
// Extend the cookie times if the remember flag is set
2015-10-18 01:50:50 +00:00
if ( $sessionValid == 2 ) {
2015-09-14 21:41:43 +00:00
// User ID cookie
setcookie (
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_prefix' ) . 'id' ,
2015-09-14 21:41:43 +00:00
$uid ,
time () + 604800 ,
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_path' ),
Config :: getConfig ( 'cookie_domain' )
2015-09-14 21:41:43 +00:00
);
// Session ID cookie
setcookie (
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_prefix' ) . 'session' ,
2015-09-14 21:41:43 +00:00
$sid ,
time () + 604800 ,
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_path' ),
Config :: getConfig ( 'cookie_domain' )
2015-09-14 21:41:43 +00:00
);
2015-04-17 22:14:31 +00:00
}
2015-04-27 00:41:59 +00:00
// Update last online
Database :: update ( 'users' , [
[
2015-10-10 21:17:50 +00:00
'user_last_online' => time (),
2015-04-27 00:41:59 +00:00
],
[
2015-10-10 21:17:50 +00:00
'user_id' => [ $uid , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-04-27 00:41:59 +00:00
]);
2015-07-01 14:29:12 +00:00
// Update the premium meta
2015-09-14 20:51:23 +00:00
self :: updatePremiumMeta ( $uid );
2015-07-01 14:29:12 +00:00
2015-04-17 22:14:31 +00:00
// If everything went through return true
2015-10-18 01:50:50 +00:00
return [ $uid , $sid ];
2015-04-02 13:24:05 +00:00
}
2015-04-08 19:27:51 +00:00
// Log a user in
2015-09-14 20:51:23 +00:00
public static function login ( $username , $password , $remember = false , $cookies = true )
{
2015-04-08 19:27:51 +00:00
2015-04-24 19:31:09 +00:00
// Check if authentication is disallowed
2015-11-06 22:30:37 +00:00
if ( Config :: getConfig ( 'lock_authentication' )) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-10-22 14:24:18 +00:00
// Check if we haven't hit the rate limit
$rates = Database :: fetch ( 'login_attempts' , true , [
'attempt_ip' => [ Main :: getRemoteIP (), '=' ],
'attempt_timestamp' => [ time () - 1800 , '>' ],
'attempt_success' => [ 0 , '=' ],
]);
if ( count ( $rates ) > 4 ) {
return [ 0 , 'RATE_LIMIT' ];
}
2015-04-08 19:27:51 +00:00
// Check if the user that's trying to log in actually exists
2015-09-14 20:51:23 +00:00
if ( ! $uid = self :: userExists ( $username , false )) {
2015-04-08 19:27:51 +00:00
return [ 0 , 'USER_NOT_EXIST' ];
2015-09-05 16:11:04 +00:00
}
2015-04-08 19:27:51 +00:00
// Get account data
2015-04-27 15:18:57 +00:00
$user = self :: getUser ( $uid );
2015-04-08 19:27:51 +00:00
// Validate password
2015-09-14 20:51:23 +00:00
switch ( $user [ 'password_algo' ]) {
2015-08-10 02:01:07 +00:00
// Abyssing
case 'nologin' :
return [ 0 , 'NO_LOGIN' ];
2015-04-18 18:26:52 +00:00
2015-08-10 02:01:07 +00:00
// Default hashing method
default :
2015-09-14 21:41:43 +00:00
if ( ! Hashing :: validatePassword ( $password , [
2015-08-10 02:01:07 +00:00
$user [ 'password_algo' ],
$user [ 'password_iter' ],
$user [ 'password_salt' ],
2015-09-14 20:51:23 +00:00
$user [ 'password_hash' ],
2015-08-10 02:01:07 +00:00
])) {
2015-10-22 14:24:18 +00:00
return [ 0 , 'INCORRECT_PASSWORD' , $user [ 'user_id' ], $user [ 'password_chan' ]];
2015-08-10 02:01:07 +00:00
}
2015-04-08 19:27:51 +00:00
}
2015-05-29 19:27:45 +00:00
// Check if the user has the required privs to log in
2015-10-11 12:13:27 +00:00
if ( Permissions :: check ( 'SITE' , 'DEACTIVATED' , $user [ 'user_id' ], 1 )) {
2015-10-22 14:24:18 +00:00
return [ 0 , 'NOT_ALLOWED' , $user [ 'user_id' ]];
2015-09-05 16:11:04 +00:00
}
2015-04-12 13:33:59 +00:00
// Create a new session
2015-10-18 01:50:50 +00:00
$session = new Session ( $user [ 'user_id' ]);
// Generate a session key
$sessionKey = $session -> create ( $remember );
2015-04-12 13:33:59 +00:00
// Set cookies
2015-09-14 20:51:23 +00:00
if ( $cookies ) {
2015-09-14 21:41:43 +00:00
// User ID cookie
setcookie (
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_prefix' ) . 'id' ,
2015-10-11 12:13:27 +00:00
$user [ 'user_id' ],
2015-09-14 21:41:43 +00:00
time () + 604800 ,
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_path' ),
Config :: getConfig ( 'cookie_domain' )
2015-09-14 21:41:43 +00:00
);
// Session ID cookie
setcookie (
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_prefix' ) . 'session' ,
2015-09-14 21:41:43 +00:00
$sessionKey ,
time () + 604800 ,
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_path' ),
Config :: getConfig ( 'cookie_domain' )
2015-09-14 21:41:43 +00:00
);
2015-05-24 22:06:53 +00:00
}
2015-04-12 13:33:59 +00:00
2015-04-08 19:27:51 +00:00
// Successful login! (also has a thing for the legacy password system)
2015-10-11 12:13:27 +00:00
return [ 1 , 'LOGIN_SUCCESS' , $user [ 'user_id' ]];
2015-04-08 19:27:51 +00:00
}
2015-04-13 10:14:59 +00:00
// Logout and kill the session
2015-09-14 20:51:23 +00:00
public static function logout ()
{
2015-04-13 10:14:59 +00:00
2015-04-17 22:14:31 +00:00
// Check if user is logged in
2015-10-18 19:06:30 +00:00
if ( ! $check = self :: checkLogin ()) {
2015-04-17 22:14:31 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-10-18 19:06:30 +00:00
// Destroy the active session
( new Session ( $check [ 0 ], $check [ 1 ])) -> destroy ();
2015-09-05 16:11:04 +00:00
2015-09-15 20:37:29 +00:00
// Unset User ID
2015-09-14 21:41:43 +00:00
setcookie (
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_prefix' ) . 'id' ,
2015-09-14 21:41:43 +00:00
0 ,
time () - 60 ,
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_path' ),
Config :: getConfig ( 'cookie_domain' )
2015-09-14 21:41:43 +00:00
);
2015-09-15 20:37:29 +00:00
// Unset Session ID
2015-09-14 21:41:43 +00:00
setcookie (
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_prefix' ) . 'session' ,
2015-09-14 21:41:43 +00:00
'' ,
time () - 60 ,
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'cookie_path' ),
Config :: getConfig ( 'cookie_domain' )
2015-09-14 21:41:43 +00:00
);
2015-04-17 22:14:31 +00:00
// Return true indicating a successful logout
return true ;
2015-04-13 10:14:59 +00:00
}
2015-04-18 18:26:52 +00:00
// Register user
2015-09-14 20:51:23 +00:00
public static function register ( $username , $password , $confirmpass , $email , $tos , $captcha = null , $regkey = null )
{
2015-04-18 18:26:52 +00:00
2015-04-24 19:31:09 +00:00
// Check if authentication is disallowed
2015-11-06 22:30:37 +00:00
if ( Config :: getConfig ( 'lock_authentication' )) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Check if registration is even enabled
2015-11-06 22:30:37 +00:00
if ( Config :: getConfig ( 'disable_registration' )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'DISABLED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Check if registration codes are required
2015-11-06 22:30:37 +00:00
if ( Config :: getConfig ( 'require_registration_code' )) {
2015-04-18 18:26:52 +00:00
// Check if the code is valid
2015-09-14 20:51:23 +00:00
if ( ! self :: checkRegistrationCode ( $regkey )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'INVALID_REG_KEY' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
}
// Check if the user agreed to the ToS
2015-09-14 20:51:23 +00:00
if ( ! $tos ) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'TOS' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Verify the captcha if it's enabled
2015-11-06 22:30:37 +00:00
if ( Config :: getConfig ( 'recaptcha' )) {
2015-09-14 20:51:23 +00:00
if ( ! Main :: verifyCaptcha ( $captcha )[ 'success' ]) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'CAPTCHA_FAIL' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
}
// Check if the username already exists
2015-09-14 20:51:23 +00:00
if ( self :: userExists ( $username , false )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'USER_EXISTS' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Username too short
2015-11-06 22:30:37 +00:00
if ( strlen ( $username ) < Config :: getConfig ( 'username_min_length' )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'NAME_TOO_SHORT' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Username too long
2015-11-06 22:30:37 +00:00
if ( strlen ( $username ) > Config :: getConfig ( 'username_max_length' )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'NAME_TOO_LONG' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Check if the given email address is formatted properly
2015-09-14 20:51:23 +00:00
if ( ! filter_var ( $email , FILTER_VALIDATE_EMAIL )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'INVALID_EMAIL' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Check the MX record of the email
2015-09-14 20:51:23 +00:00
if ( ! Main :: checkMXRecord ( $email )) {
2015-04-18 18:26:52 +00:00
return [ 0 , 'INVALID_MX' ];
2015-09-05 16:11:04 +00:00
}
2015-04-24 19:31:09 +00:00
// Check password entropy
2015-11-06 22:30:37 +00:00
if ( Main :: pwdEntropy ( $password ) < Config :: getConfig ( 'min_entropy' )) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'PASS_TOO_SHIT' ];
2015-09-05 16:11:04 +00:00
}
2015-04-24 19:31:09 +00:00
// Passwords do not match
2015-09-14 20:51:23 +00:00
if ( $password != $confirmpass ) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'PASS_NOT_MATCH' ];
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Set a few variables
2015-09-14 20:51:23 +00:00
$usernameClean = Main :: cleanString ( $username , true );
$emailClean = Main :: cleanString ( $email , true );
2015-09-14 21:41:43 +00:00
$password = Hashing :: createHash ( $password );
2015-11-06 22:30:37 +00:00
$requireActive = Config :: getConfig ( 'require_activation' );
2015-09-14 20:51:23 +00:00
$userRank = $requireActive ? [ 1 ] : [ 2 ];
$userRankJson = json_encode ( $userRank );
2015-04-18 18:26:52 +00:00
// Insert the user into the database
Database :: insert ( 'users' , [
2015-09-14 20:51:23 +00:00
'username' => $username ,
'username_clean' => $usernameClean ,
'password_hash' => $password [ 3 ],
'password_salt' => $password [ 2 ],
'password_algo' => $password [ 0 ],
'password_iter' => $password [ 1 ],
'email' => $emailClean ,
'rank_main' => $userRank [ 0 ],
2015-10-10 21:17:50 +00:00
'user_ranks' => $userRankJson ,
2015-09-14 20:51:23 +00:00
'register_ip' => Main :: getRemoteIP (),
'last_ip' => Main :: getRemoteIP (),
2015-10-10 21:17:50 +00:00
'user_registered' => time (),
'user_last_online' => 0 ,
'user_country' => Main :: getCountryCode (),
'user_data' => '[]' ,
2015-04-18 18:26:52 +00:00
]);
// Get userid of the new user
2015-10-10 21:17:50 +00:00
$uid = Database :: fetch ( 'users' , false , [ 'username_clean' => [ $usernameClean , '=' ]])[ 'user_id' ];
2015-04-18 18:26:52 +00:00
// Check if we require e-mail activation
2015-09-14 20:51:23 +00:00
if ( $requireActive ) {
2015-04-18 18:26:52 +00:00
// Send activation e-mail to user
self :: sendActivationMail ( $uid );
}
// Check if registration codes are required
2015-11-06 22:30:37 +00:00
if ( Config :: getConfig ( 'require_registration_code' )) {
2015-04-18 18:26:52 +00:00
// If we do mark the registration code that was used as used
self :: markRegistrationCodeUsed ( $regkey , $uid );
}
// Return true with a specific message if needed
return [ 1 , ( $requireActive ? 'EMAILSENT' : 'SUCCESS' )];
}
2015-04-25 20:08:44 +00:00
// Check if a user exists and then send the password forgot email
2015-09-14 20:51:23 +00:00
public static function sendPasswordForgot ( $username , $email )
{
2015-04-25 20:08:44 +00:00
// Check if authentication is disallowed
2015-11-06 22:30:37 +00:00
if ( Config :: getConfig ( 'lock_authentication' )) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Clean username string
2015-09-14 20:51:23 +00:00
$usernameClean = Main :: cleanString ( $username , true );
$emailClean = Main :: cleanString ( $email , true );
2015-04-25 20:08:44 +00:00
// Do database request
$user = Database :: fetch ( 'users' , false , [
2015-09-14 20:51:23 +00:00
'username_clean' => [ $usernameClean , '=' ],
'email' => [ $emailClean , '=' ],
2015-04-25 20:08:44 +00:00
]);
// Check if user exists
2015-09-14 20:51:23 +00:00
if ( count ( $user ) < 2 ) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'USER_NOT_EXIST' ];
2015-09-05 16:11:04 +00:00
}
2015-06-04 12:41:55 +00:00
// Check if the user has the required privs to log in
2015-10-10 21:17:50 +00:00
if ( Permissions :: check ( 'SITE' , 'DEACTIVATED' , $user [ 'user_id' ], 1 )) {
2015-06-04 12:41:55 +00:00
return [ 0 , 'NOT_ALLOWED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Generate the verification key
2015-10-10 21:17:50 +00:00
$verk = Main :: newActionCode ( 'LOST_PASS' , $user [ 'user_id' ], [
2015-04-25 20:08:44 +00:00
'meta' => [
2015-09-14 20:51:23 +00:00
'password_change' => 1 ,
],
2015-04-25 20:08:44 +00:00
]);
2015-09-05 16:11:04 +00:00
// Create new urls object
$urls = new Urls ();
2015-04-25 20:08:44 +00:00
// Build the e-mail
2015-09-14 20:51:23 +00:00
$message = " Hello " . $user [ 'username' ] . " , \r \n \r \n " ;
2015-11-06 22:30:37 +00:00
$message .= " You are receiving this notification because you have (or someone pretending to be you has) requested a password reset link to be sent for your account on \" " . Config :: getConfig ( 'sitename' ) . " \" . If you did not request this notification then please ignore it, if you keep receiving it please contact the site administrator. \r \n \r \n " ;
2015-04-25 20:08:44 +00:00
$message .= " To use this password reset key you need to go to a special page. To do this click the link provided below. \r \n \r \n " ;
2015-11-06 22:30:37 +00:00
$message .= " http:// " . Config :: getConfig ( 'url_main' ) . $urls -> format ( 'SITE_FORGOT_PASSWORD' ) . " ?pw=true&uid= " . $user [ 'user_id' ] . " &key= " . $verk . " \r \n \r \n " ;
2015-04-25 20:08:44 +00:00
$message .= " If successful you should be able to change your password here. \r \n \r \n " ;
2015-11-06 22:30:37 +00:00
$message .= " Alternatively if the above method fails for some reason you can go to http:// " . Config :: getConfig ( 'url_main' ) . $urls -> format ( 'SITE_FORGOT_PASSWORD' ) . " ?pw=true&uid= " . $user [ 'user_id' ] . " and use the key listed below: \r \n \r \n " ;
2015-09-14 20:51:23 +00:00
$message .= " Verification key: " . $verk . " \r \n \r \n " ;
2015-04-25 20:08:44 +00:00
$message .= " You can of course change this password yourself via the profile page. If you have any difficulties please contact the site administrator. \r \n \r \n " ;
2015-11-06 22:30:37 +00:00
$message .= " -- \r \n \r \n Thanks \r \n \r \n " . Config :: getConfig ( 'mail_signature' );
2015-04-25 20:08:44 +00:00
// Send the message
2015-11-06 22:30:37 +00:00
Main :: sendMail ([ $user [ 'email' ] => $user [ 'username' ]], Config :: getConfig ( 'sitename' ) . ' password restoration' , $message );
2015-04-25 20:08:44 +00:00
// Return success
return [ 1 , 'SUCCESS' ];
}
// Reset password with key
2015-09-14 20:51:23 +00:00
public static function resetPassword ( $verk , $uid , $newpass , $verpass )
{
2015-04-25 20:08:44 +00:00
// Check if authentication is disallowed
2015-11-06 22:30:37 +00:00
if ( Config :: getConfig ( 'lock_authentication' )) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Check password entropy
2015-11-06 22:30:37 +00:00
if ( Main :: pwdEntropy ( $newpass ) < Config :: getConfig ( 'min_entropy' )) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'PASS_TOO_SHIT' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Passwords do not match
2015-09-14 20:51:23 +00:00
if ( $newpass != $verpass ) {
2015-04-25 20:08:44 +00:00
return [ 0 , 'PASS_NOT_MATCH' ];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Check the verification key
$action = Main :: useActionCode ( 'LOST_PASS' , $verk , $uid );
// Check if we got a negative return
2015-09-14 20:51:23 +00:00
if ( ! $action [ 0 ]) {
2015-04-25 20:08:44 +00:00
return [ 0 , $action [ 1 ]];
2015-09-05 16:11:04 +00:00
}
2015-04-25 20:08:44 +00:00
// Hash the password
2015-09-14 21:41:43 +00:00
$password = Hashing :: createHash ( $newpass );
2015-09-14 20:51:23 +00:00
$time = time ();
2015-04-25 20:08:44 +00:00
// Update the user
Database :: update ( 'users' , [
[
'password_hash' => $password [ 3 ],
'password_salt' => $password [ 2 ],
'password_algo' => $password [ 0 ],
'password_iter' => $password [ 1 ],
2015-09-14 20:51:23 +00:00
'password_chan' => $time ,
2015-04-25 20:08:44 +00:00
],
[
2015-10-10 21:17:50 +00:00
'user_id' => [ $uid , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-04-25 20:08:44 +00:00
]);
// Return success
return [ 1 , 'SUCCESS' ];
}
2015-04-21 14:23:28 +00:00
// Check if a user exists and then resend the activation e-mail
2015-09-14 20:51:23 +00:00
public static function resendActivationMail ( $username , $email )
{
2015-04-21 14:23:28 +00:00
2015-04-24 19:31:09 +00:00
// Check if authentication is disallowed
2015-11-06 22:30:37 +00:00
if ( Config :: getConfig ( 'lock_authentication' )) {
2015-04-24 19:31:09 +00:00
return [ 0 , 'AUTH_LOCKED' ];
2015-09-05 16:11:04 +00:00
}
2015-04-21 14:23:28 +00:00
// Clean username string
2015-09-14 20:51:23 +00:00
$usernameClean = Main :: cleanString ( $username , true );
$emailClean = Main :: cleanString ( $email , true );
2015-04-21 14:23:28 +00:00
// Do database request
$user = Database :: fetch ( 'users' , false , [
2015-09-14 20:51:23 +00:00
'username_clean' => [ $usernameClean , '=' ],
'email' => [ $emailClean , '=' ],
2015-04-21 14:23:28 +00:00
]);
// Check if user exists
2015-09-14 20:51:23 +00:00
if ( count ( $user ) < 2 ) {
2015-04-21 14:23:28 +00:00
return [ 0 , 'USER_NOT_EXIST' ];
2015-09-05 16:11:04 +00:00
}
2015-04-21 14:23:28 +00:00
// Check if a user is activated
2015-10-10 21:17:50 +00:00
if ( ! Permissions :: check ( 'SITE' , 'DEACTIVATED' , $user [ 'user_id' ], 1 )) {
2015-04-21 14:23:28 +00:00
return [ 0 , 'USER_ALREADY_ACTIVE' ];
2015-09-05 16:11:04 +00:00
}
2015-04-21 14:23:28 +00:00
// Send activation e-mail
2015-10-10 21:17:50 +00:00
self :: sendActivationMail ( $user [ 'user_id' ]);
2015-04-21 14:23:28 +00:00
// Return success
return [ 1 , 'SUCCESS' ];
}
2015-04-18 18:26:52 +00:00
// Send the activation e-mail and do other required stuff
2015-09-14 20:51:23 +00:00
public static function sendActivationMail ( $uid , $customKey = null )
{
2015-04-18 18:26:52 +00:00
// Get the user data
2015-10-10 21:17:50 +00:00
$user = Database :: fetch ( 'users' , false , [ 'user_id' => [ $uid , '=' ]]);
2015-04-18 18:26:52 +00:00
// User is already activated or doesn't even exist
2015-10-10 21:17:50 +00:00
if ( count ( $user ) < 2 || ! Permissions :: check ( 'SITE' , 'DEACTIVATED' , $user [ 'user_id' ], 1 )) {
2015-04-18 18:26:52 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Generate activation key
2015-04-19 13:00:32 +00:00
$activate = ( $customKey ? $customKey : Main :: newActionCode ( 'ACTIVATE' , $uid , [
'user' => [
2015-04-27 15:13:52 +00:00
'rank_main' => 2 ,
2015-10-10 21:17:50 +00:00
'user_ranks' => json_encode ([ 2 ]),
2015-09-14 20:51:23 +00:00
],
2015-04-19 13:00:32 +00:00
]));
2015-04-18 18:26:52 +00:00
2015-09-05 16:11:04 +00:00
// Create new urls object
$urls = new Urls ();
2015-04-18 18:26:52 +00:00
// Build the e-mail
2015-11-06 22:30:37 +00:00
$message = " Welcome to " . Config :: getConfig ( 'sitename' ) . " ! \r \n \r \n " ;
2015-04-18 18:26:52 +00:00
$message .= " Please keep this e-mail for your records. Your account intormation is as follows: \r \n \r \n " ;
$message .= " ---------------------------- \r \n \r \n " ;
2015-09-14 20:51:23 +00:00
$message .= " Username: " . $user [ 'username' ] . " \r \n \r \n " ;
2015-11-06 22:30:37 +00:00
$message .= " Your profile: http:// " . Config :: getConfig ( 'url_main' ) . $urls -> format ( 'USER_PROFILE' , [ $user [ 'user_id' ]]) . " \r \n \r \n " ;
2015-04-18 18:26:52 +00:00
$message .= " ---------------------------- \r \n \r \n " ;
$message .= " Please visit the following link in order to activate your account: \r \n \r \n " ;
2015-11-06 22:30:37 +00:00
$message .= " http:// " . Config :: getConfig ( 'url_main' ) . $urls -> format ( 'SITE_ACTIVATE' ) . " ?mode=activate&u= " . $user [ 'user_id' ] . " &k= " . $activate . " \r \n \r \n " ;
2015-04-18 18:26:52 +00:00
$message .= " Your password has been securely stored in our database and cannot be retrieved. " ;
$message .= " In the event that it is forgotten, you will be able to reset it using the email address associated with your account. \r \n \r \n " ;
$message .= " Thank you for registering. \r \n \r \n " ;
2015-11-06 22:30:37 +00:00
$message .= " -- \r \n \r \n Thanks \r \n \r \n " . Config :: getConfig ( 'mail_signature' );
2015-04-18 18:26:52 +00:00
// Send the message
2015-09-14 21:41:43 +00:00
Main :: sendMail (
[
$user [ 'email' ] => $user [ 'username' ],
],
2015-11-06 22:30:37 +00:00
Config :: getConfig ( 'sitename' ) . ' Activation Mail' ,
2015-09-14 21:41:43 +00:00
$message
);
2015-04-18 18:26:52 +00:00
// Return true indicating that the things have been sent
return true ;
}
2015-04-19 13:00:32 +00:00
// Activating a user
2015-09-14 20:51:23 +00:00
public static function activateUser ( $uid , $requireKey = false , $key = null )
{
2015-04-19 13:00:32 +00:00
// Get the user data
2015-10-10 21:17:50 +00:00
$user = Database :: fetch ( 'users' , false , [ 'user_id' => [ $uid , '=' ]]);
2015-04-19 13:00:32 +00:00
// Check if user exists
2015-09-14 20:51:23 +00:00
if ( ! count ( $user ) > 1 ) {
2015-04-19 13:00:32 +00:00
return [ 0 , 'USER_NOT_EXIST' ];
2015-09-05 16:11:04 +00:00
}
2015-04-19 13:00:32 +00:00
// Check if user is already activated
2015-10-10 21:17:50 +00:00
if ( ! Permissions :: check ( 'SITE' , 'DEACTIVATED' , $user [ 'user_id' ], 1 )) {
2015-04-19 13:00:32 +00:00
return [ 0 , 'USER_ALREADY_ACTIVE' ];
2015-09-05 16:11:04 +00:00
}
2015-04-19 13:00:32 +00:00
// Set default values for activation
2015-09-14 20:51:23 +00:00
$rank = 2 ;
$ranks = json_encode ([ 2 ]);
2015-04-19 13:00:32 +00:00
2015-09-14 21:41:43 +00:00
/* Check if a key is set ( there ' s an option to not set one for user
management reasons but you can ' t really get around this anyway ) */
2015-09-14 20:51:23 +00:00
if ( $requireKey ) {
2015-04-19 13:00:32 +00:00
// Check the action code
$action = Main :: useActionCode ( 'ACTIVATE' , $key , $uid );
// Check if we got a negative return
2015-09-14 20:51:23 +00:00
if ( ! $action [ 0 ]) {
2015-04-19 13:00:32 +00:00
return [ 0 , $action [ 1 ]];
2015-09-05 16:11:04 +00:00
}
2015-04-19 13:00:32 +00:00
// Assign the special values
2015-09-14 20:51:23 +00:00
$instructionData = json_decode ( $action [ 2 ], true );
$rank = $instructionData [ 'user' ][ 'rank_main' ];
2015-10-10 21:17:50 +00:00
$ranks = $instructionData [ 'user' ][ 'user_ranks' ];
2015-04-19 13:00:32 +00:00
}
// Activate the account
Database :: update ( 'users' , [
[
'rank_main' => $rank ,
2015-10-10 21:17:50 +00:00
'user_ranks' => $ranks ,
2015-04-19 13:00:32 +00:00
],
[
2015-10-10 21:17:50 +00:00
'user_id' => [ $uid , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-04-19 13:00:32 +00:00
]);
// Return success
return [ 1 , 'SUCCESS' ];
}
// Deactivating a user
2015-09-14 20:51:23 +00:00
public static function deactivateUser ( $uid )
{
2015-04-19 13:00:32 +00:00
// Get the user data
2015-10-10 21:17:50 +00:00
$user = Database :: fetch ( 'users' , false , [ 'user_id' => [ $uid , '=' ]]);
2015-04-19 13:00:32 +00:00
// Check if user exists
2015-09-14 20:51:23 +00:00
if ( ! count ( $user ) > 1 ) {
2015-04-19 13:00:32 +00:00
return [ 0 , 'USER_NOT_EXIST' ];
2015-09-05 16:11:04 +00:00
}
2015-04-19 13:00:32 +00:00
// Check if user is already deactivated
2015-10-10 21:17:50 +00:00
if ( Permissions :: check ( 'SITE' , 'DEACTIVATED' , $user [ 'user_id' ], 1 )) {
2015-04-19 13:00:32 +00:00
return [ 0 , 'USER_ALREADY_DEACTIVE' ];
2015-09-05 16:11:04 +00:00
}
2015-04-19 13:00:32 +00:00
// Deactivate the account
Database :: update ( 'users' , [
[
2015-04-27 15:13:52 +00:00
'rank_main' => 2 ,
2015-10-10 21:17:50 +00:00
'user_ranks' => json_encode ([ 2 ]),
2015-04-19 13:00:32 +00:00
],
[
2015-10-10 21:17:50 +00:00
'user_id' => [ $uid , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-04-19 13:00:32 +00:00
]);
// Return success
return [ 1 , 'SUCCESS' ];
}
2015-04-18 18:26:52 +00:00
// Check if registration code is valid
2015-09-14 20:51:23 +00:00
public static function checkRegistrationCode ( $code )
{
2015-04-18 18:26:52 +00:00
// Get registration key
$keyRow = Database :: fetch ( 'regcodes' , true , [ 'code' => [ $code , '=' ], 'key_used' => [ 0 , '=' ]]);
// Check if it exists and return it
return count ( $keyRow ) ? $keyRow [ 0 ][ 'id' ] : false ;
}
// Mark registration code as used
2015-09-14 20:51:23 +00:00
public static function markRegistrationCodeUsed ( $code , $uid = 0 )
{
2015-04-18 18:26:52 +00:00
// Check if the code exists
2015-09-14 20:51:23 +00:00
if ( ! $id = self :: checkRegistrationCode ( $code )) {
2015-04-18 18:26:52 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Mark it as used
Database :: update ( 'regcodes' , [
[
2015-09-14 20:51:23 +00:00
'used_by' => $uid ,
'key_used' => 1 ,
2015-04-18 18:26:52 +00:00
],
[
2015-09-14 20:51:23 +00:00
'id' => [ $id , '=' ],
],
2015-04-18 18:26:52 +00:00
]);
// Return true because yeah
return true ;
}
// Create new registration code
2015-10-18 01:50:50 +00:00
public static function createRegistrationCode ( $userId )
2015-09-14 20:51:23 +00:00
{
2015-04-18 18:26:52 +00:00
// Check if we're logged in
2015-09-14 20:51:23 +00:00
if ( ! self :: checkLogin ()) {
2015-04-18 18:26:52 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Check if the user is not exceeding the maximum registration key amount
2015-09-14 21:41:43 +00:00
if ( Database :: count (
'regcodes' ,
true ,
2015-10-18 01:50:50 +00:00
[ 'uid' => [ $userId , '=' ]]
2015-11-06 22:30:37 +00:00
)[ 0 ] >= Config :: getConfig ( 'max_reg_keys' )) {
2015-04-18 18:26:52 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-04-18 18:26:52 +00:00
// Generate a code by MD5'ing some random bullshit
2015-10-18 01:50:50 +00:00
$code = md5 ( 'SAKURA' . rand ( 0 , 99999999 ) . $userId . 'NOOKLSISGOD' );
2015-04-18 18:26:52 +00:00
// Insert the key into the database
Database :: insert ( 'regcodes' , [
2015-09-14 20:51:23 +00:00
'code' => $code ,
2015-10-18 01:50:50 +00:00
'created_by' => $userId ,
2015-09-14 20:51:23 +00:00
'used_by' => 0 ,
'key_used' => 0 ,
2015-04-18 18:26:52 +00:00
]);
// Return the code
return $code ;
}
2015-07-01 14:29:12 +00:00
// Set the default rank of a user
2015-09-14 20:51:23 +00:00
public static function setDefaultRank ( $uid , $rid , $userIdIsUserData = false )
{
2015-07-01 14:29:12 +00:00
// Get the specified user
$user = $userIdIsUserData ? $uid : self :: getUser ( $uid );
// Decode the json
2015-10-10 21:17:50 +00:00
$ranks = json_decode ( $user [ 'user_ranks' ], true );
2015-07-01 14:29:12 +00:00
// Check if the rank we're trying to set is actually there
2015-09-14 20:51:23 +00:00
if ( ! in_array ( $rid , $ranks )) {
2015-07-01 14:29:12 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-07-01 14:29:12 +00:00
// Update the row
Database :: update ( 'users' , [
[
2015-09-14 20:51:23 +00:00
'rank_main' => $rid ,
2015-07-01 14:29:12 +00:00
],
[
2015-10-10 21:17:50 +00:00
'user_id' => [ $uid , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-07-01 14:29:12 +00:00
]);
// Return true if everything was successful
return true ;
}
// Add a rank to a user
2015-09-14 20:51:23 +00:00
public static function addRanksToUser ( $ranks , $uid , $userIdIsUserData = false )
{
2015-07-01 14:29:12 +00:00
// Get the specified user
$user = $userIdIsUserData ? $uid : self :: getUser ( $uid );
// Decode the array
2015-10-10 21:17:50 +00:00
$current = json_decode ( $user [ 'user_ranks' ], true );
2015-07-01 14:29:12 +00:00
// Go over all the new ranks
2015-09-14 20:51:23 +00:00
foreach ( $ranks as $rank ) {
2015-07-01 14:29:12 +00:00
// Check if the user already has this rank and set it if not
2015-09-14 20:51:23 +00:00
if ( ! in_array ( $rank , $current )) {
$current [] = ( int ) $rank ;
}
2015-07-01 14:29:12 +00:00
}
// Encode the array
$current = json_encode ( $current );
// Update the row
Database :: update ( 'users' , [
[
2015-10-10 21:17:50 +00:00
'user_ranks' => $current ,
2015-07-01 14:29:12 +00:00
],
[
2015-10-10 21:17:50 +00:00
'user_id' => [ $uid , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-07-01 14:29:12 +00:00
]);
// Return true because
return true ;
}
// Removing ranks from a user
2015-09-14 20:51:23 +00:00
public static function removeRanksFromUser ( $ranks , $uid , $userIdIsUserData = false )
{
2015-07-01 14:29:12 +00:00
// Get the specified user
$user = $userIdIsUserData ? $uid : self :: getUser ( $uid );
// Get the ranks
2015-10-10 21:17:50 +00:00
$current = json_decode ( $user [ 'user_ranks' ], true );
2015-07-01 14:29:12 +00:00
// Check the current ranks for ranks in the set array
2015-09-14 20:51:23 +00:00
foreach ( $current as $key => $rank ) {
2015-07-01 14:29:12 +00:00
// Unset the rank
2015-09-14 20:51:23 +00:00
if ( in_array ( $rank , $ranks )) {
2015-07-01 14:29:12 +00:00
unset ( $current [ $key ]);
2015-09-14 20:51:23 +00:00
}
2015-07-01 14:29:12 +00:00
}
// Encode the array
$current = json_encode ( $current );
// Update the row
Database :: update ( 'users' , [
[
2015-10-10 21:17:50 +00:00
'user_ranks' => $current ,
2015-07-01 14:29:12 +00:00
],
[
2015-10-10 21:17:50 +00:00
'user_id' => [ $uid , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-07-01 14:29:12 +00:00
]);
// Return true
return true ;
}
2015-04-27 15:13:52 +00:00
// Check if a user has these ranks
2015-09-14 20:51:23 +00:00
public static function checkIfUserHasRanks ( $ranks , $userid , $userIdIsUserData = false )
{
2015-10-14 19:35:16 +00:00
return $userIdIsUserData ? $userid -> checkIfUserHasRanks ( $ranks ) : ( new User ( $userid )) -> checkIfUserHasRanks ( $ranks );
2015-04-27 15:13:52 +00:00
}
2015-04-08 19:27:51 +00:00
// Check if a user exists
2015-09-14 20:51:23 +00:00
public static function userExists ( $user , $id = true )
{
2015-04-08 19:27:51 +00:00
// Clean string
$user = Main :: cleanString ( $user , true );
// Do database request
2015-10-10 21:17:50 +00:00
$user = Database :: fetch ( 'users' , true , [( $id ? 'user_id' : 'username_clean' ) => [ $user , '=' ]]);
2015-04-08 19:27:51 +00:00
// Return count (which would return 0, aka false, if nothing was found)
2015-10-10 21:17:50 +00:00
return count ( $user ) ? $user [ 0 ][ 'user_id' ] : false ;
2015-04-08 19:27:51 +00:00
}
2015-06-27 11:03:11 +00:00
// Get the available profile fields
2015-09-14 20:51:23 +00:00
public static function getProfileFields ()
{
2015-06-27 11:03:11 +00:00
// Get profile fields
$profileFields = Database :: fetch ( 'profilefields' );
// If there's nothing just return null
2015-09-14 20:51:23 +00:00
if ( ! count ( $profileFields )) {
2015-06-27 11:03:11 +00:00
return null ;
2015-09-05 16:11:04 +00:00
}
2015-06-27 11:03:11 +00:00
// Create output array
$fields = [];
// Iterate over the fields and clean them up
2015-09-14 20:51:23 +00:00
foreach ( $profileFields as $field ) {
2015-10-10 21:17:50 +00:00
$fields [ $field [ 'field_id' ]] = $field ;
$fields [ $field [ 'field_id' ]][ 'field_identity' ] = Main :: cleanString ( $field [ 'field_name' ], true , true );
$fields [ $field [ 'field_id' ]][ 'field_additional' ] = json_decode ( $field [ 'field_additional' ], true );
2015-06-27 11:03:11 +00:00
}
// Return the yeahs
return $fields ;
}
2015-08-21 22:07:45 +00:00
// Get the available option fields
2015-09-14 20:51:23 +00:00
public static function getOptionFields ()
{
2015-08-21 22:07:45 +00:00
// Get option fields
$optionFields = Database :: fetch ( 'optionfields' );
// If there's nothing just return null
2015-09-14 20:51:23 +00:00
if ( ! count ( $optionFields )) {
2015-08-21 22:07:45 +00:00
return null ;
}
// Create output array
$fields = [];
// Iterate over the fields and clean them up
2015-09-14 20:51:23 +00:00
foreach ( $optionFields as $field ) {
2015-10-18 01:50:50 +00:00
if ( ! Permissions :: check ( 'SITE' , $field [ 'option_permission' ], self :: checkLogin ()[ 0 ], 1 )) {
2015-08-21 22:07:45 +00:00
continue ;
}
2015-10-10 21:17:50 +00:00
$fields [ $field [ 'option_id' ]] = $field ;
2015-08-21 22:07:45 +00:00
}
// Return the yeahs
return $fields ;
}
2015-04-27 00:41:59 +00:00
// Get user's profile fields
2015-09-14 20:51:23 +00:00
public static function getUserProfileFields ( $id , $inputIsData = false )
{
2015-04-27 00:41:59 +00:00
// Get profile fields
$profileFields = Database :: fetch ( 'profilefields' );
// If there's nothing just return null
2015-09-14 20:51:23 +00:00
if ( ! count ( $profileFields )) {
2015-04-27 00:41:59 +00:00
return null ;
2015-09-05 16:11:04 +00:00
}
2015-06-04 12:41:55 +00:00
// Assign the profileData variable
2015-10-10 21:17:50 +00:00
$profileData = ( $inputIsData ? $id : self :: getUser ( $id )[ 'user_data' ]);
2015-04-27 00:41:59 +00:00
// Once again if nothing was returned just return null
2015-09-14 20:51:23 +00:00
if ( count ( $profileData ) < 1 || $profileData == null || empty ( $profileData [ 'profileFields' ])) {
2015-04-27 00:41:59 +00:00
return null ;
2015-09-05 16:11:04 +00:00
}
2015-06-04 12:41:55 +00:00
// Redeclare profileData
$profileData = $profileData [ 'profileFields' ];
2015-04-27 00:41:59 +00:00
// Create output array
$profile = [];
// Check if profile fields aren't fake
2015-09-14 20:51:23 +00:00
foreach ( $profileFields as $field ) {
2015-04-27 00:41:59 +00:00
// Completely strip all special characters from the field name
$fieldName = Main :: cleanString ( $field [ 'name' ], true , true );
// Check if the user has the current field set otherwise continue
2015-09-14 20:51:23 +00:00
if ( ! array_key_exists ( $fieldName , $profileData )) {
2015-04-27 00:41:59 +00:00
continue ;
2015-09-05 16:11:04 +00:00
}
2015-04-27 00:41:59 +00:00
// Assign field to output with value
2015-10-18 19:06:30 +00:00
$profile [ $fieldName ] = [];
2015-09-14 20:51:23 +00:00
$profile [ $fieldName ][ 'name' ] = $field [ 'name' ];
$profile [ $fieldName ][ 'value' ] = $profileData [ $fieldName ];
$profile [ $fieldName ][ 'islink' ] = $field [ 'islink' ];
2015-04-27 00:41:59 +00:00
// If the field is set to be a link add a value for that as well
2015-09-14 20:51:23 +00:00
if ( $field [ 'islink' ]) {
2015-04-27 00:41:59 +00:00
$profile [ $fieldName ][ 'link' ] = str_replace ( '{{ VAL }}' , $profileData [ $fieldName ], $field [ 'linkformat' ]);
2015-09-05 16:11:04 +00:00
}
2015-04-27 00:41:59 +00:00
// Check if we have additional options as well
2015-09-14 20:51:23 +00:00
if ( $field [ 'additional' ] != null ) {
2015-04-27 00:41:59 +00:00
// Decode the json of the additional stuff
$additional = json_decode ( $field [ 'additional' ], true );
// Go over all additional forms
2015-09-14 20:51:23 +00:00
foreach ( $additional as $subName => $subField ) {
2015-04-27 00:41:59 +00:00
// Check if the user has the current field set otherwise continue
2015-09-14 20:51:23 +00:00
if ( ! array_key_exists ( $subName , $profileData )) {
2015-04-27 00:41:59 +00:00
continue ;
2015-09-05 16:11:04 +00:00
}
2015-04-27 00:41:59 +00:00
// Assign field to output with value
$profile [ $fieldName ][ $subName ] = $profileData [ $subName ];
}
}
}
// Return appropiate profile data
return $profile ;
}
2015-08-08 00:37:56 +00:00
// Updating the profile data of a user
2015-09-14 20:51:23 +00:00
public static function updateUserDataField ( $id , $data )
{
2015-08-08 00:37:56 +00:00
// We retrieve the current content from the database
2015-10-10 21:17:50 +00:00
$current = self :: getUser ( $id )[ 'user_data' ];
2015-08-08 00:37:56 +00:00
// Merge the arrays
2015-08-09 18:26:01 +00:00
$data = array_merge ( $current , $data );
2015-08-08 00:37:56 +00:00
// Encode the json
$data = json_encode ( $data );
// Store it in the database
Database :: update ( 'users' , [
[
2015-10-10 21:17:50 +00:00
'user_data' => $data ,
2015-08-08 00:37:56 +00:00
],
[
2015-10-10 21:17:50 +00:00
'user_id' => [ $id , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-08-08 00:37:56 +00:00
]);
}
2015-04-27 00:41:59 +00:00
// Check if a user is online
2015-09-14 20:51:23 +00:00
public static function checkUserOnline ( $id )
{
2015-04-27 00:41:59 +00:00
// Get user
$user = self :: getUser ( $id );
// Return false if the user doesn't exist because a user that doesn't exist can't be online
2015-09-14 20:51:23 +00:00
if ( empty ( $user )) {
2015-04-27 00:41:59 +00:00
return false ;
2015-09-05 16:11:04 +00:00
}
2015-04-27 00:41:59 +00:00
// Return true if the user was online in the last 5 minutes
2015-10-10 21:17:50 +00:00
return ( $user [ 'user_last_online' ] > ( time () - 500 ));
2015-04-27 00:41:59 +00:00
}
// Get all online users
2015-09-14 20:51:23 +00:00
public static function checkAllOnline ()
{
2015-04-27 00:41:59 +00:00
// Assign time - 500 to a variable
$time = time () - 500 ;
// Get all online users in the past 5 minutes
2015-10-10 21:17:50 +00:00
$getAll = Database :: fetch ( 'users' , true , [ 'user_last_online' => [ $time , '>' ]]);
2015-04-27 00:41:59 +00:00
// Return all the online users
return $getAll ;
}
2015-07-01 14:29:12 +00:00
// Add premium to a user
2015-09-14 20:51:23 +00:00
public static function addUserPremium ( $id , $seconds )
{
2015-07-01 14:29:12 +00:00
// Check if there's already a record of premium for this user in the database
$getUser = Database :: fetch ( 'premium' , false , [
2015-10-10 21:17:50 +00:00
'user_id' => [ $id , '=' ],
2015-07-01 14:29:12 +00:00
]);
// Calculate the (new) start and expiration timestamp
2015-10-10 21:17:50 +00:00
$start = isset ( $getUser [ 'premium_start' ]) ? $getUser [ 'premium_start' ] : time ();
$expire = isset ( $getUser [ 'premium_expire' ]) ? $getUser [ 'premium_expire' ] + $seconds : time () + $seconds ;
2015-07-01 14:29:12 +00:00
// If the user already exists do an update call, otherwise an insert call
2015-09-14 20:51:23 +00:00
if ( empty ( $getUser )) {
2015-07-01 14:29:12 +00:00
Database :: insert ( 'premium' , [
2015-10-10 21:17:50 +00:00
'user_id' => $id ,
'premium_start' => $start ,
'premium_expire' => $expire ,
2015-07-01 14:29:12 +00:00
]);
} else {
Database :: update ( 'premium' , [
[
2015-10-10 21:17:50 +00:00
'premium_expire' => $expire ,
2015-07-01 14:29:12 +00:00
],
[
2015-10-10 21:17:50 +00:00
'user_id' => [ $id , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-07-01 14:29:12 +00:00
]);
}
// Return the expiration timestamp
return $expire ;
}
// Remove the premium status of a user
2015-09-14 20:51:23 +00:00
public static function removeUserPremium ( $id )
{
2015-07-01 14:29:12 +00:00
Database :: delete ( 'premium' , [
2015-10-10 21:17:50 +00:00
'user_id' => [ $id , '=' ],
2015-07-01 14:29:12 +00:00
]);
}
// Check if user has Premium
2015-09-14 20:51:23 +00:00
public static function checkUserPremium ( $id )
{
2015-04-27 00:41:59 +00:00
2015-07-01 17:20:20 +00:00
// Check if the user has static premium
2015-09-14 20:51:23 +00:00
if ( Permissions :: check ( 'SITE' , 'STATIC_PREMIUM' , $id , 1 )) {
2015-07-01 18:22:45 +00:00
return [ 2 , 0 , time () + 1 ];
2015-09-05 16:11:04 +00:00
}
2015-07-01 14:29:12 +00:00
// Attempt to retrieve the premium record from the database
$getRecord = Database :: fetch ( 'premium' , false , [
2015-10-10 21:17:50 +00:00
'user_id' => [ $id , '=' ],
2015-07-01 14:29:12 +00:00
]);
// If nothing was returned just return false
2015-09-14 20:51:23 +00:00
if ( empty ( $getRecord )) {
2015-07-01 14:29:12 +00:00
return [ 0 ];
2015-09-05 16:11:04 +00:00
}
2015-07-01 14:29:12 +00:00
// Check if the Tenshi hasn't expired
2015-10-10 21:17:50 +00:00
if ( $getRecord [ 'premium_expire' ] < time ()) {
2015-07-01 14:29:12 +00:00
self :: removeUserPremium ( $id );
self :: updatePremiumMeta ( $id );
2015-10-10 21:17:50 +00:00
return [ 0 , $getRecord [ 'premium_start' ], $getRecord [ 'premium_expire' ]];
2015-07-01 14:29:12 +00:00
}
// Else return the start and expiration date
2015-10-10 21:17:50 +00:00
return [ 1 , $getRecord [ 'premium_start' ], $getRecord [ 'premium_expire' ]];
2015-07-01 14:29:12 +00:00
}
// Update the premium data
2015-09-14 20:51:23 +00:00
public static function updatePremiumMeta ( $id )
{
2015-07-01 14:29:12 +00:00
// Get the ID for the premium user rank from the database
2015-11-06 22:30:37 +00:00
$premiumRank = Config :: getConfig ( 'premium_rank_id' );
2015-07-01 14:29:12 +00:00
// Run the check
$check = self :: checkUserPremium ( $id );
// Check if the user has premium
2015-09-14 20:51:23 +00:00
if ( $check [ 0 ] == 1 ) {
2015-07-01 14:29:12 +00:00
// If so add the rank to them
self :: addRanksToUser ([ $premiumRank ], $id );
// Check if the user's default rank is standard user and update it to premium
2015-09-14 20:51:23 +00:00
if ( self :: getUser ( $id )[ 'rank_main' ] == 2 ) {
2015-07-01 14:29:12 +00:00
self :: setDefaultRank ( $id , $premiumRank );
2015-09-05 16:11:04 +00:00
}
2015-09-14 20:51:23 +00:00
} elseif ( $check [ 0 ] == 0 && count ( $check ) > 1 ) {
2015-07-01 14:29:12 +00:00
// Else remove the rank from them
self :: removeRanksFromUser ([ $premiumRank ], $id );
}
2015-04-27 00:41:59 +00:00
}
2015-04-02 13:24:05 +00:00
// Get user data by id
2015-09-14 20:51:23 +00:00
public static function getUser ( $id )
{
2015-04-02 13:24:05 +00:00
// If user was found return user data
2015-09-11 23:31:54 +00:00
return ( new User ( $id )) -> data ;
2015-04-02 13:24:05 +00:00
}
2015-04-06 20:06:33 +00:00
// Get rank data by id
2015-09-14 20:51:23 +00:00
public static function getRank ( $id )
{
2015-04-02 13:24:05 +00:00
2015-04-06 20:06:33 +00:00
// If rank was found return rank data
2015-10-14 19:35:16 +00:00
return ( new Rank ( $id )) -> data ;
2015-04-02 13:24:05 +00:00
}
2015-04-12 01:20:31 +00:00
// Get user(s) by IP
2015-09-14 20:51:23 +00:00
public static function getUsersByIP ( $ip )
{
2015-04-12 01:20:31 +00:00
// Get users by registration IP
$registeredFrom = Database :: fetch ( 'users' , true , [ 'register_ip' => [ $ip , '=' ]]);
// Get users by last IP
$lastFrom = Database :: fetch ( 'users' , true , [ 'last_ip' => [ $ip , '=' ], 'register_ip' => [ $ip , '!=' ]]);
// Merge the arrays
$users = array_merge ( $registeredFrom , $lastFrom );
// Return the array with users
return $users ;
}
2015-04-27 21:07:48 +00:00
// Get users in rank
2015-09-14 20:51:23 +00:00
public static function getUsersInRank ( $rankId , $users = null , $excludeAbyss = true )
{
2015-04-27 21:07:48 +00:00
// Get all users (or use the supplied user list to keep server load down)
2015-09-14 20:51:23 +00:00
if ( ! $users ) {
2015-04-27 21:07:48 +00:00
$users = self :: getAllUsers ();
2015-09-05 16:11:04 +00:00
}
2015-04-27 21:07:48 +00:00
// Make output array
2015-10-18 19:06:30 +00:00
$rank = [];
2015-04-27 21:07:48 +00:00
// Go over all users and check if they have the rank id
2015-09-14 20:51:23 +00:00
foreach ( $users as $user ) {
2015-04-27 21:07:48 +00:00
// If so store the user's row in the array
2015-09-14 21:41:43 +00:00
if ( self :: checkIfUserHasRanks ([ $rankId ], $user , true )
2015-10-14 19:35:16 +00:00
&& ( $excludeAbyss ? $user -> data [ 'password_algo' ] != 'nologin' : true )) {
2015-04-27 21:07:48 +00:00
$rank [] = $user ;
2015-09-05 16:11:04 +00:00
}
2015-04-27 21:07:48 +00:00
}
// Then return the array with the user rows
return $rank ;
}
2015-04-02 13:24:05 +00:00
// Get all users
2015-09-14 20:51:23 +00:00
public static function getAllUsers ( $includeInactive = true , $includeAbyss = false )
{
2015-04-02 13:24:05 +00:00
// Execute query
$getUsers = Database :: fetch ( 'users' , true );
2015-04-25 20:25:44 +00:00
// Define variable
$users = [];
2015-04-02 13:24:05 +00:00
// Reorder shit
2015-09-14 20:51:23 +00:00
foreach ( $getUsers as $user ) {
2015-04-27 21:24:43 +00:00
// Skip abyss
2015-09-14 20:51:23 +00:00
if ( ! $includeAbyss && $user [ 'password_algo' ] == 'nologin' ) {
2015-04-27 21:24:43 +00:00
continue ;
2015-09-05 16:11:04 +00:00
}
2015-04-19 13:00:32 +00:00
// Skip if inactive and not include deactivated users
2015-10-10 21:17:50 +00:00
if ( ! $includeInactive && Permissions :: check ( 'SITE' , 'DEACTIVATED' , $user [ 'user_id' ], 1 )) {
2015-04-19 13:00:32 +00:00
continue ;
2015-09-05 16:11:04 +00:00
}
2015-10-14 19:35:16 +00:00
$users [ $user [ 'user_id' ]] = new User ( $user [ 'user_id' ]);
2015-04-19 13:00:32 +00:00
}
2015-04-02 13:24:05 +00:00
// and return an array with the users
return $users ;
}
2015-04-06 20:06:33 +00:00
// Get all ranks
2015-09-14 20:51:23 +00:00
public static function getAllRanks ()
{
2015-04-02 13:24:05 +00:00
// Execute query
2015-04-06 20:06:33 +00:00
$getRanks = Database :: fetch ( 'ranks' , true );
2015-04-02 13:24:05 +00:00
2015-04-25 20:25:44 +00:00
// Define variable
$ranks = [];
2015-04-02 13:24:05 +00:00
// Reorder shit
2015-09-14 20:51:23 +00:00
foreach ( $getRanks as $rank ) {
2015-10-14 19:35:16 +00:00
$ranks [ $rank [ 'rank_id' ]] = new Rank ( $rank [ 'rank_id' ]);
2015-09-05 16:11:04 +00:00
}
2015-04-06 20:06:33 +00:00
// and return an array with the ranks
return $ranks ;
2015-04-02 13:24:05 +00:00
}
2015-05-04 20:08:53 +00:00
// Get all warnings issued to a user (or all warnings a user issued)
2015-09-14 20:51:23 +00:00
public static function getWarnings ( $uid = 0 , $iid = false )
{
2015-05-04 20:08:53 +00:00
// Do the database query
2015-05-05 03:47:58 +00:00
$warnings = Database :: fetch ( 'warnings' , true , ( $uid ? [
2015-10-10 21:17:50 +00:00
( $iid ? 'moderator_id' : 'user_id' ) => [ $uid , '=' ],
2015-05-05 03:47:58 +00:00
] : null ));
2015-05-04 20:08:53 +00:00
// Return all the warnings
return $warnings ;
}
2015-05-09 00:56:55 +00:00
// Get a user's notifications
2015-09-14 20:51:23 +00:00
public static function getNotifications ( $uid = null , $timediff = 0 , $excludeRead = true , $markRead = false )
{
2015-05-09 00:56:55 +00:00
// Prepare conditions
2015-10-18 19:06:30 +00:00
$conditions = [];
2015-10-18 01:50:50 +00:00
$conditions [ 'user_id' ] = [( $uid ? $uid : self :: checkLogin ()[ 0 ]), '=' ];
2015-09-05 16:11:04 +00:00
2015-09-14 20:51:23 +00:00
if ( $timediff ) {
2015-10-10 21:17:50 +00:00
$conditions [ 'alert_timestamp' ] = [ time () - $timediff , '>' ];
2015-09-05 16:11:04 +00:00
}
2015-09-14 20:51:23 +00:00
if ( $excludeRead ) {
2015-10-10 21:17:50 +00:00
$conditions [ 'alert_read' ] = [ 0 , '=' ];
2015-09-05 16:11:04 +00:00
}
2015-05-09 00:56:55 +00:00
// Get notifications for the database
$notifications = Database :: fetch ( 'notifications' , true , $conditions );
// Mark the notifications as read
2015-09-14 20:51:23 +00:00
if ( $markRead ) {
2015-05-09 00:56:55 +00:00
// Iterate over all entries
2015-09-14 20:51:23 +00:00
foreach ( $notifications as $notification ) {
2015-05-09 00:56:55 +00:00
// If the notifcation is already read skip
2015-10-10 21:17:50 +00:00
if ( $notification [ 'alert_read' ]) {
2015-05-09 00:56:55 +00:00
continue ;
2015-09-05 16:11:04 +00:00
}
2015-05-09 00:56:55 +00:00
// Mark them as read
2015-10-16 13:37:29 +00:00
self :: markNotificationRead ( $notification [ 'alert_id' ]);
2015-05-09 00:56:55 +00:00
}
}
// Return the notifications
return $notifications ;
}
// Marking notifications as read
2015-09-14 20:51:23 +00:00
public static function markNotificationRead ( $id , $mode = true )
{
2015-05-09 00:56:55 +00:00
// Execute an update statement
Database :: update ( 'notifications' , [
[
2015-10-10 21:17:50 +00:00
'alert_read' => ( $mode ? 1 : 0 ),
2015-05-09 00:56:55 +00:00
],
[
2015-10-10 21:17:50 +00:00
'alert_id' => [ $id , '=' ],
2015-09-14 20:51:23 +00:00
],
2015-05-09 00:56:55 +00:00
]);
}
// Adding a new notification
2015-09-14 20:51:23 +00:00
public static function createNotification ( $user , $title , $text , $timeout = 60000 , $img = 'FONT:fa-info-circle' , $link = '' , $sound = 0 )
{
2015-05-09 00:56:55 +00:00
// Get current timestamp
$time = time ();
// Insert it into the database
Database :: insert ( 'notifications' , [
2015-10-10 21:17:50 +00:00
'user_id' => $user ,
'alert_timestamp' => $time ,
'alert_read' => 0 ,
'alert_sound' => ( $sound ? 1 : 0 ),
'alert_title' => $title ,
'alert_text' => $text ,
'alert_link' => $link ,
'alert_img' => $img ,
'alert_timeout' => $timeout ,
2015-05-09 00:56:55 +00:00
]);
}
2015-05-11 22:20:19 +00:00
// Getting a user's PMs
2015-09-14 20:51:23 +00:00
public static function getPrivateMessages ( $from = false )
{
2015-05-11 22:20:19 +00:00
// Get all messages from the database
$messages = Database :: fetch ( 'messages' , true , [
2015-10-18 01:50:50 +00:00
( $from ? 'from_user' : 'to_user' ) => [ self :: checkLogin ()[ 0 ], '=' ],
2015-05-11 22:20:19 +00:00
]);
// Prepare a storage array
2015-10-18 19:06:30 +00:00
$store = [];
2015-05-11 22:20:19 +00:00
// Go over each message and check if they are for the current user
2015-09-14 20:51:23 +00:00
foreach ( $messages as $message ) {
2015-05-11 22:20:19 +00:00
// Store the message
$store [ $message [ 'id' ]] = $message ;
// Store user data as well
2015-09-14 20:51:23 +00:00
$store [ $message [ 'id' ]][ 'data' ][ 'from' ][ 'user' ] = ( $_MSG_USR = self :: getUser ( $message [ 'from_user' ]));
$store [ $message [ 'id' ]][ 'data' ][ 'from' ][ 'rank' ] = self :: getRank ( $_MSG_USR [ 'rank_main' ]);
$store [ $message [ 'id' ]][ 'data' ][ 'to' ][ 'user' ] = ( $_MSG_USR = self :: getUser ( $message [ 'to_user' ]));
$store [ $message [ 'id' ]][ 'data' ][ 'to' ][ 'rank' ] = self :: getRank ( $_MSG_USR [ 'rank_main' ]);
2015-05-11 22:20:19 +00:00
}
// Return store array
return $store ;
}
2015-06-19 23:44:16 +00:00
// Get friends
2015-09-14 20:51:23 +00:00
public static function getFriends ( $uid = null , $timestamps = false , $getData = false , $checkOnline = false )
{
2015-06-19 23:44:16 +00:00
// Assign $uid
2015-09-14 20:51:23 +00:00
if ( ! $uid ) {
2015-10-18 01:50:50 +00:00
$uid = Users :: checkLogin ()[ 0 ];
2015-09-05 16:11:04 +00:00
}
2015-06-19 23:44:16 +00:00
// Get all friends
$getFriends = Database :: fetch ( 'friends' , true , [
2015-10-10 21:17:50 +00:00
'user_id' => [ $uid , '=' ],
2015-06-19 23:44:16 +00:00
]);
// Create the friends array
$friends = [];
// Iterate over the raw database return
2015-09-14 20:51:23 +00:00
foreach ( $getFriends as $key => $friend ) {
2015-06-19 23:44:16 +00:00
// Add friend to array
2015-10-10 21:17:50 +00:00
$friends [( $timestamps ? $friend [ 'friend_id' ] : $key )] = $getData ? ([
2015-07-31 21:18:14 +00:00
2015-10-10 21:17:50 +00:00
'user' => ( $_UDATA = self :: getUser ( $friend [ 'friend_id' ])),
2015-09-14 20:51:23 +00:00
'rank' => self :: getRank ( $_UDATA [ 'rank_main' ]),
2015-07-31 21:18:14 +00:00
2015-10-10 21:17:50 +00:00
]) : $friend [( $timestamps ? 'friend_timestamp' : 'friend_id' )];
2015-06-19 23:44:16 +00:00
}
2015-08-09 18:26:01 +00:00
// Check who is online and who isn't
2015-09-14 20:51:23 +00:00
if ( $checkOnline ) {
2015-08-09 18:26:01 +00:00
// Check each user
2015-09-14 20:51:23 +00:00
foreach ( $friends as $key => $friend ) {
2015-09-14 21:41:43 +00:00
$friends [
2015-10-10 21:17:50 +00:00
self :: checkUserOnline ( $getData ? $friend [ 'user' ][ 'user_id' ] : $friend ) ? 'online' : 'offline'
2015-09-14 21:41:43 +00:00
][] = $friend ;
2015-08-09 18:26:01 +00:00
}
}
2015-06-19 23:44:16 +00:00
// Return formatted array
return $friends ;
}
2015-07-08 13:09:57 +00:00
// Get non-mutual friends
2015-09-14 20:51:23 +00:00
public static function getPendingFriends ( $uid = null , $getData = false )
{
2015-07-08 13:09:57 +00:00
// Assign $of automatically if it's not set
2015-09-14 20:51:23 +00:00
if ( ! $uid ) {
2015-10-18 01:50:50 +00:00
$uid = self :: checkLogin ()[ 0 ];
2015-09-05 16:11:04 +00:00
}
2015-07-08 13:09:57 +00:00
// Get all friend entries from other people involved the current user
$friends = Database :: fetch ( 'friends' , true , [
2015-10-10 21:17:50 +00:00
'friend_id' => [ $uid , '=' ],
2015-07-08 13:09:57 +00:00
]);
// Create pending array
$pending = [];
// Check if the friends are mutual
2015-09-14 20:51:23 +00:00
foreach ( $friends as $friend ) {
2015-10-12 18:25:37 +00:00
// Create user object
$user = new User ( $uid );
2015-07-08 13:09:57 +00:00
// Check if the friend is mutual
2015-10-12 18:25:37 +00:00
if ( ! $user -> checkFriends ( $friend [ 'user_id' ])) {
2015-07-31 21:18:14 +00:00
$pending [] = $getData ? ([
2015-10-10 21:17:50 +00:00
'user' => ( $_UDATA = self :: getUser ( $friend [ 'user_id' ])),
2015-09-14 20:51:23 +00:00
'rank' => self :: getRank ( $_UDATA [ 'rank_main' ]),
2015-07-31 21:18:14 +00:00
]) : $friend ;
}
2015-07-08 13:09:57 +00:00
}
// Return the pending friends
return $pending ;
}
2015-08-28 20:32:31 +00:00
// Get the ID of the newest user
2015-09-14 20:51:23 +00:00
public static function getNewestUserId ()
{
2015-10-10 21:17:50 +00:00
return Database :: fetch ( 'users' , false , [ 'password_algo' => [ 'nologin' , '!=' ]], [ 'user_id' , true ], [ '1' ])[ 'user_id' ];
2015-08-28 20:32:31 +00:00
}
2015-04-02 13:24:05 +00:00
}