From 01a3de39d6199ada21025980cd773fd948c30eb7 Mon Sep 17 00:00:00 2001
From: flashwave <me@flash.moe>
Date: Tue, 29 Dec 2015 02:27:49 +0100
Subject: [PATCH] r20151228

delayed edition
---
 .gitignore                          |  1 +
 Sakura.phpproj.user                 |  2 +-
 integrations/SockChat.php           | 14 +++---
 libraries/Comments.php              |  2 +-
 libraries/Forum/Forum.php           |  2 +
 libraries/Forum/Permissions.php     | 26 ----------
 libraries/Forum/Perms.php           | 73 +++++++++++++++++++++++++++++
 libraries/Forum/Post.php            |  4 +-
 libraries/Main.php                  |  2 +-
 libraries/News.php                  |  2 +-
 libraries/Permissions.php           | 66 +++++++++++++-------------
 libraries/Perms.php                 | 46 ++++++++++++++++++
 libraries/Perms/Forum.php           | 23 +++++++++
 libraries/Perms/Site.php            | 45 ++++++++++++++++++
 libraries/User.php                  | 21 +++++++--
 libraries/Users.php                 |  8 ++--
 public/authenticate.php             |  2 +-
 public/imageserve.php               |  6 +--
 public/index.php                    |  2 +-
 public/profile.php                  |  2 +-
 public/settings.php                 |  2 +-
 sakura.php                          | 13 +++--
 templates/yuuno/forum/viewtopic.tpl |  4 +-
 23 files changed, 275 insertions(+), 93 deletions(-)
 delete mode 100644 libraries/Forum/Permissions.php
 create mode 100644 libraries/Forum/Perms.php
 create mode 100644 libraries/Perms.php
 create mode 100644 libraries/Perms/Forum.php
 create mode 100644 libraries/Perms/Site.php

diff --git a/.gitignore b/.gitignore
index 2fd1586..961f9af 100644
--- a/.gitignore
+++ b/.gitignore
@@ -16,4 +16,5 @@ Desktop.ini
 $RECYCLE.BIN/
 .DS_Store
 *.phpproj
+*.user
 *.sln
diff --git a/Sakura.phpproj.user b/Sakura.phpproj.user
index ff40b91..153c73f 100644
--- a/Sakura.phpproj.user
+++ b/Sakura.phpproj.user
@@ -2,7 +2,7 @@
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <StartAction>SpecificPage</StartAction>
-    <SpecificPageValue>index.php</SpecificPageValue>
+    <SpecificPageValue>integrations/</SpecificPageValue>
     <StartUrlValue />
     <PHPDebugging>True</PHPDebugging>
     <JsDebugging>False</JsDebugging>
diff --git a/integrations/SockChat.php b/integrations/SockChat.php
index b55dcad..51fec4e 100644
--- a/integrations/SockChat.php
+++ b/integrations/SockChat.php
@@ -41,14 +41,14 @@ if (Auth::getPageType() == AUTH_FETCH) {
     // Check if session is active else deny
     if ($data = Users::checkLogin($uid, $sid)) {
         // Check if they can access the chat
-        if (Permissions::check('SITE', 'DEACTIVATED', $uid, 1) || Permissions::check('SITE', 'RESTRICTED', $uid, 1)) {
+        if (Perms::check('SITE', 'DEACTIVATED', $uid, 1) || Perms::check('SITE', 'RESTRICTED', $uid, 1)) {
             Auth::Deny();
             Auth::Serve();
             exit;
         }
 
         // Create a user object
-        $user = new User($uid);
+        $user = User::construct($uid);
 
         // Set the user's data
         Auth::SetUserData(
@@ -60,11 +60,11 @@ if (Auth::getPageType() == AUTH_FETCH) {
         // Set the common permissions
         Auth::SetCommonPermissions(
             $user->mainRank()['hierarchy'],
-            Permissions::check('MANAGE', 'USE_MANAGE', $uid, 1) ? 1 : 0,
-            Permissions::check('SITE', 'CREATE_BACKGROUND', $uid, 1) ? 1 : 0,
-            Permissions::check('SITE', 'CHANGE_USERNAME', $uid, 1) ? 1 : 0,
-            Permissions::check('SITE', 'MULTIPLE_GROUPS', $uid, 1) ? 2 : (
-                Permissions::check('SITE', 'CREATE_GROUP', $uid, 1) ? 1 : 0
+            Perms::check('MANAGE', 'USE_MANAGE', $uid, 1) ? 1 : 0,
+            Perms::check('SITE', 'CREATE_BACKGROUND', $uid, 1) ? 1 : 0,
+            Perms::check('SITE', 'CHANGE_USERNAME', $uid, 1) ? 1 : 0,
+            Perms::check('SITE', 'MULTIPLE_GROUPS', $uid, 1) ? 2 : (
+                Perms::check('SITE', 'CREATE_GROUP', $uid, 1) ? 1 : 0
             )
         );
 
diff --git a/libraries/Comments.php b/libraries/Comments.php
index 668de49..c774a80 100644
--- a/libraries/Comments.php
+++ b/libraries/Comments.php
@@ -49,7 +49,7 @@ class Comments
             // Check if we already have an object for this user
             if (!array_key_exists($comment['comment_poster'], $this->commenters)) {
                 // Create new object
-                $this->commenters[$comment['comment_poster']] = new User($comment['comment_poster']);
+                $this->commenters[$comment['comment_poster']] = User::construct($comment['comment_poster']);
             }
 
             // Attach the poster
diff --git a/libraries/Forum/Forum.php b/libraries/Forum/Forum.php
index 3752ec2..089410f 100644
--- a/libraries/Forum/Forum.php
+++ b/libraries/Forum/Forum.php
@@ -6,6 +6,8 @@
 namespace Sakura\Forum;
 
 use Sakura\Database;
+use Sakura\Users;
+use Sakura\User;
 
 /**
  * Class Forum
diff --git a/libraries/Forum/Permissions.php b/libraries/Forum/Permissions.php
deleted file mode 100644
index 983136d..0000000
--- a/libraries/Forum/Permissions.php
+++ /dev/null
@@ -1,26 +0,0 @@
-<?php
-/*
- * Forum specific permissions class
- */
-
-namespace Sakura\Forum;
-
-use Sakura\Database;
-
-/**
- * Class Permissions
- * @package Sakura
- */
-class Permissions
-{
-    // Permissions
-    const VIEW = 1;
-    const REPLY = 2;
-    const CREATE_THREADS = 4;
-    const EDIT_OWN = 8;
-    const DELETE_OWN = 16;
-    const STICKY = 32;
-    const ANNOUNCEMENT = 64;
-    const EDIT_ANY = 128;
-    const DELETE_ANY = 256;
-}
diff --git a/libraries/Forum/Perms.php b/libraries/Forum/Perms.php
new file mode 100644
index 0000000..414c70b
--- /dev/null
+++ b/libraries/Forum/Perms.php
@@ -0,0 +1,73 @@
+<?php
+/*
+ * Forum specific permissions class
+ */
+
+namespace Sakura\Forum;
+
+use Sakura\Database;
+
+/**
+ * Class Perms
+ * @package Sakura
+ */
+class Perms
+{
+    // Permissions
+    const VIEW = 1;
+    const REPLY = 2;
+    const CREATE_THREADS = 4;
+    const EDIT_OWN = 8;
+    const DELETE_OWN = 16;
+    const STICKY = 32;
+    const ANNOUNCEMENT = 64;
+    const EDIT_ANY = 128;
+    const DELETE_ANY = 256;
+
+    // Permission row
+    private $perms = 0;
+
+    // Constructor
+    public function __construct($forumId, $rankId = 0, $userId = 0) {
+        // Get permissions
+        $this->perms = $this->getPerms($forumId, $rankId, $userId);
+    }
+
+    // Get permissions
+    private function getPerms($forumId, $rankId = 0, $userId = 0, $perms = 0) {
+        // Attempt to get the forum's row from the db
+        $forumRows = Database::fetch('forums', true, ['forum_id' => [$forumId, '=']]);
+
+        // Check if anything was returned, otherwise just stop
+        if (!$forumRows) {
+            return $perms;
+        }
+
+        // Get the data from the permissions table
+        $forumPerms = Database::fetch('forum_permissions', false, [
+            'forum_id' => [$forumId, '='],
+            'rank_id' => [$rankId, '='],
+            'user_id' => [$userId, '='],
+        ]);
+
+        // Perform a bitwise OR if perms is already set to something
+        if ($perms) {
+            $perms = $perms | $forumPerms['forum_perms'];
+        } else {
+            $perms = $forumPerms['forum_perms'];
+        }
+
+        // Perform this again if this forum has a parent
+        if ($forumRows['forum_category']) {
+            $perms = $this->getPerms($forumId, $rankId, $userId, $perms);
+        }
+
+        // Return new value
+        return $perms;
+    }
+
+    // Check permission
+    public function check($perm) {
+        return bindec($this->perms) & $perm === true;
+    }
+}
diff --git a/libraries/Forum/Post.php b/libraries/Forum/Post.php
index d79d6ec..d6efb67 100644
--- a/libraries/Forum/Post.php
+++ b/libraries/Forum/Post.php
@@ -45,7 +45,7 @@ class Post
             $this->id = $postRow['post_id'];
             $this->thread = $postRow['topic_id'];
             $this->forum = $postRow['forum_id'];
-            $this->poster = new User($postRow['poster_id']);
+            $this->poster = User::construct($postRow['poster_id']);
             $this->ip = $postRow['poster_ip'];
             $this->time = $postRow['post_time'];
             $this->signature = $postRow['post_signature'];
@@ -53,7 +53,7 @@ class Post
             $this->text = $postRow['post_text'];
             $this->editTime = $postRow['post_edit_time'];
             $this->editReason = $postRow['post_edit_reason'];
-            $this->editUser = new User($postRow['post_edit_user']);
+            $this->editUser = User::construct($postRow['post_edit_user']);
         }
 
         // Parse the markup
diff --git a/libraries/Main.php b/libraries/Main.php
index fb48e22..e20b7a5 100644
--- a/libraries/Main.php
+++ b/libraries/Main.php
@@ -740,7 +740,7 @@ class Main
 
             // Add userdata to table
             if (!array_key_exists($row['user_id'], $data['users'])) {
-                $data['users'][$row['user_id']] = new User($row['user_id']);
+                $data['users'][$row['user_id']] = User::construct($row['user_id']);
             }
         }
 
diff --git a/libraries/News.php b/libraries/News.php
index 545bf43..20d05d7 100644
--- a/libraries/News.php
+++ b/libraries/News.php
@@ -26,7 +26,7 @@ class News
             // Check if we already have an object for this user
             if (!array_key_exists($post['user_id'], $this->posters)) {
                 // Create new object
-                $this->posters[$post['user_id']] = new User($post['user_id']);
+                $this->posters[$post['user_id']] = User::construct($post['user_id']);
             }
 
             // Parse the news post
diff --git a/libraries/Permissions.php b/libraries/Permissions.php
index f1d66b1..d40301e 100644
--- a/libraries/Permissions.php
+++ b/libraries/Permissions.php
@@ -5,6 +5,8 @@
 
 namespace Sakura;
 
+use Sakura\Perms\Site;
+
 /**
  * Class Permissions
  * @package Sakura
@@ -24,37 +26,37 @@ class Permissions
     protected static $permissions = [
         // Site permissions
         'SITE' => [
-            'DEACTIVATED' => 1, // Is a user deactivated
-            'RESTRICTED' => 2, // Is a user restricted
-            'ALTER_PROFILE' => 4, // Can alter their profile data
-            'CHANGE_AVATAR' => 8, // Can change their avatar
-            'CREATE_BACKGROUND' => 16, // Can create a background (different from changing)
-            'CHANGE_BACKGROUND' => 32, // Can change their background
-            'VIEW_MEMBERLIST' => 64, // Can view the memberlist
-            'CREATE_USERPAGE' => 128, // Can create a userpage (different from changing)
-            'CHANGE_USERPAGE' => 256, // Can change their userpage
-            'USE_MESSAGES' => 512, // Can use the Private Messaging system
-            'SEND_MESSAGES' => 1024, // Can send Private Messages to other users
-            'CHANGE_EMAIL' => 2048, // Can change their account e-mail address
-            'CHANGE_USERNAME' => 4096, // Can change their username
-            'CHANGE_USERTITLE' => 8192, // Can change their usertitle
-            'CHANGE_PASSWORD' => 16384, // Can change their password
-            'ALTER_RANKS' => 32768, // Can change their ranks
-            'MANAGE_SESSIONS' => 65536, // Can manage their sessions
-            'CHANGE_SIGNATURE' => 131072, // User can change their signature
-            'DEACTIVATE_ACCOUNT' => 262144, // Can deactivate their account
-            'VIEW_PROFILE_DATA' => 524288, // Can view other's profile data
-            'MANAGE_FRIENDS' => 1048576, // Can manage friends (add/remove)
-            'REPORT_USERS' => 2097152, // Can report users to staff
-            'OBTAIN_PREMIUM' => 4194304, // Can obtain the premium rank
-            'JOIN_GROUPS' => 8388608, // Can join groups
-            'CREATE_GROUP' => 16777216, // Can create a group
-            'MULTIPLE_GROUPS' => 33554432, // Can create multiple groups (requires single group perm)
-            'CHANGE_NAMECOLOUR' => 67108864, // Can change their username colour
-            'STATIC_PREMIUM' => 134217728, // User has static premium status
-            'CREATE_COMMENTS' => 268435456, // User can make comments
-            'DELETE_COMMENTS' => 536870912, // User can delete own comments
-            'VOTE_COMMENTS' => 1073741824, // User can vote on comments
+            'DEACTIVATED' => Site::DEACTIVATED, // Is a user deactivated
+            'RESTRICTED' => Site::RESTRICTED, // Is a user restricted
+            'ALTER_PROFILE' => Site::ALTER_PROFILE, // Can alter their profile data
+            'CHANGE_AVATAR' => Site::CHANGE_AVATAR, // Can change their avatar
+            'CREATE_BACKGROUND' => Site::CREATE_BACKGROUND, // Can create a background (different from changing)
+            'CHANGE_BACKGROUND' => Site::CHANGE_BACKGROUND, // Can change their background
+            'VIEW_MEMBERLIST' => Site::VIEW_MEMBERLIST, // Can view the memberlist
+            'CREATE_USERPAGE' => Site::CREATE_USERPAGE, // Can create a userpage (different from changing)
+            'CHANGE_USERPAGE' => Site::CHANGE_USERPAGE, // Can change their userpage
+            'USE_MESSAGES' => Site::USE_MESSAGES, // Can use the Private Messaging system
+            'SEND_MESSAGES' => Site::SEND_MESSAGES, // Can send Private Messages to other users
+            'CHANGE_EMAIL' => Site::CHANGE_EMAIL, // Can change their account e-mail address
+            'CHANGE_USERNAME' => Site::CHANGE_USERNAME, // Can change their username
+            'CHANGE_USERTITLE' => Site::CHANGE_USERTITLE, // Can change their usertitle
+            'CHANGE_PASSWORD' => Site::CHANGE_PASSWORD, // Can change their password
+            'ALTER_RANKS' => Site::ALTER_RANKS, // Can change their ranks
+            'MANAGE_SESSIONS' => Site::MANAGE_SESSIONS, // Can manage their sessions
+            'CHANGE_SIGNATURE' => Site::CHANGE_SIGNATURE, // User can change their signature
+            'DEACTIVATE_ACCOUNT' => Site::DEACTIVATE_ACCOUNT, // Can deactivate their account
+            'VIEW_PROFILE_DATA' => Site::VIEW_PROFILE_DATA, // Can view other's profile data
+            'MANAGE_FRIENDS' => Site::MANAGE_FRIENDS, // Can manage friends (add/remove)
+            'REPORT_USERS' => Site::REPORT_USERS, // Can report users to staff
+            'OBTAIN_PREMIUM' => Site::OBTAIN_PREMIUM, // Can obtain the premium rank
+            'JOIN_GROUPS' => Site::JOIN_GROUPS, // Can join groups
+            'CREATE_GROUP' => Site::CREATE_GROUP, // Can create a group
+            'MULTIPLE_GROUPS' => Site::MULTIPLE_GROUPS, // Can create multiple groups (requires single group perm)
+            'CHANGE_NAMECOLOUR' => Site::CHANGE_NAMECOLOUR, // Can change their username colour
+            'STATIC_PREMIUM' => Site::STATIC_PREMIUM, // User has static premium status
+            'CREATE_COMMENTS' => Site::CREATE_COMMENTS, // User can make comments
+            'DELETE_COMMENTS' => Site::DELETE_COMMENTS, // User can delete own comments
+            'VOTE_COMMENTS' => Site::VOTE_COMMENTS, // User can vote on comments
         ],
 
         // Site management permissions
@@ -130,7 +132,7 @@ class Permissions
     public static function getUserPermissions($uid)
     {
         // Get user data
-        $user = new User($uid);
+        $user = User::construct($uid);
 
         // Attempt to get the permission row of a user
         $userPerms = Database::fetch('permissions', false, ['rank_id' => [0, '='], 'user_id' => [$user->id(), '=']]);
diff --git a/libraries/Perms.php b/libraries/Perms.php
new file mode 100644
index 0000000..b30dd04
--- /dev/null
+++ b/libraries/Perms.php
@@ -0,0 +1,46 @@
+<?php
+/*
+ * Permission Handler
+ */
+
+namespace Sakura;
+
+/**
+ * Class Perms
+ * @package Sakura
+ */
+class Perms
+{
+    // Modes
+    const SITE = 'permissions\permissions_site\user_id,rank_id';
+    const MANAGE = 'permissions\permissions_manage\user_id,rank_id';
+    const FORUM = 'forum_permissions\forum_perms\forum_id,user_id,rank_id';
+
+    // Variables
+    protected $table = '';
+    protected $column = '';
+    protected $selectors = [];
+
+    // Constructor
+    public function __construct($mode) {
+        // Split the mode variable
+        $mode = explode('\\', $mode);
+
+        // Assign $table, $column and $selectors
+        $this->table = $mode[0];
+        $this->column = $mode[1];
+        $this->selectors = explode(',', $mode[2]);
+    }
+
+    // Checking permissions
+    public function check($flag, $perm) {
+        return ($flag & bindec($perm)) > 0;
+    }
+
+    // Getting rank permissions
+    public function get($select) {
+        // Combine $select into $selectors
+        $select = array_slice($select, 0, count($this->selectors));
+        $select = array_combine($this->selectors, $select);
+    }
+}
diff --git a/libraries/Perms/Forum.php b/libraries/Perms/Forum.php
new file mode 100644
index 0000000..a35bd1b
--- /dev/null
+++ b/libraries/Perms/Forum.php
@@ -0,0 +1,23 @@
+<?php
+/*
+ * Forum permissions
+ */
+
+namespace Sakura\Perms;
+
+/**
+ * Class Forum
+ * @package Sakura
+ */
+class Forum
+{
+    const VIEW = 1; // Can view this forum
+    const REPLY = 2; // Can reply to threads in this forum
+    const CREATE_THREADS = 4; // Can create threads in this forum
+    const EDIT_OWN = 8; // Can edit their posts
+    const DELETE_OWN = 16; // Can delete theirs posts
+    const STICKY = 32; // Can sticky threads
+    const ANNOUNCEMENT = 64; // Can announce threads
+    const EDIT_ANY = 128; // Can edit any post
+    const DELETE_ANY = 256; // Can delete any post
+}
diff --git a/libraries/Perms/Site.php b/libraries/Perms/Site.php
new file mode 100644
index 0000000..222f511
--- /dev/null
+++ b/libraries/Perms/Site.php
@@ -0,0 +1,45 @@
+<?php
+/*
+ * Global site permissions
+ */
+
+namespace Sakura\Perms;
+
+/**
+ * Class Site
+ * @package Sakura
+ */
+class Site
+{
+    const DEACTIVATED = 1; // Is a user deactivated
+    const RESTRICTED = 2; // Is a user restricted
+    const ALTER_PROFILE = 4; // Can alter their profile data
+    const CHANGE_AVATAR = 8; // Can change their avatar
+    const CREATE_BACKGROUND = 16; // Can create a background
+    const CHANGE_BACKGROUND = 32; // Can change their background
+    const VIEW_MEMBERLIST = 64; // Can view the memberlist
+    const CREATE_USERPAGE = 128; // Can create a userpage
+    const CHANGE_USERPAGE = 256; // Can change their userpage
+    const USE_MESSAGES = 512; // Can use the Private Messaging system
+    const SEND_MESSAGES = 1024; // Can send Private Messages to other users
+    const CHANGE_EMAIL = 2048; // Can change their account e-mail address
+    const CHANGE_USERNAME = 4096; // Can change their username
+    const CHANGE_USERTITLE = 8192; // Can change their usertitle
+    const CHANGE_PASSWORD = 16384; // Can change their password
+    const ALTER_RANKS = 32768; // Can change their ranks
+    const MANAGE_SESSIONS = 65536; // Can manage their sessions
+    const CHANGE_SIGNATURE = 131072; // User can change their signature
+    const DEACTIVATE_ACCOUNT = 262144; // Can deactivate their account
+    const VIEW_PROFILE_DATA = 524288; // Can view other's profile data
+    const MANAGE_FRIENDS = 1048576; // Can manage friends (add/remove)
+    const REPORT_USERS = 2097152; // Can report users to staff
+    const OBTAIN_PREMIUM = 4194304; // Can obtain the premium rank
+    const JOIN_GROUPS = 8388608; // Can join groups
+    const CREATE_GROUP = 16777216; // Can create a group
+    const MULTIPLE_GROUPS = 33554432; // Can create multiple groups (requires single group perm)
+    const CHANGE_NAMECOLOUR = 67108864; // Can change their username colour
+    const STATIC_PREMIUM = 134217728; // User has static premium status
+    const CREATE_COMMENTS = 268435456; // User can make comments
+    const DELETE_COMMENTS = 536870912; // User can delete own comments
+    const VOTE_COMMENTS = 1073741824; // User can vote on comments
+}
diff --git a/libraries/User.php b/libraries/User.php
index bd293cf..8eb8736 100644
--- a/libraries/User.php
+++ b/libraries/User.php
@@ -36,9 +36,22 @@ class User
     ];
     private $ranks = [];
     private $mainRank = [];
+    protected static $_userCache = [];
+
+    // Static initialiser
+    public static function construct($uid, $forceRefresh = false) {
+        // Check if a user object isn't present in cache
+        if ($forceRefresh || !array_key_exists($uid, self::$_userCache)) {
+            // If not create a new object and cache it
+            self::$_userCache[$uid] = new User($uid);
+        }
+
+        // Return the cached object
+        return self::$_userCache[$uid];
+    }
 
     // Initialise the user object
-    public function __construct($uid)
+    private function __construct($uid)
     {
         // Get the user database row
         $getUser = Database::fetch(
@@ -310,7 +323,7 @@ class User
     public function addFriend($uid)
     {
         // Create the foreign object
-        $user = new User($uid);
+        $user = User::construct($uid);
 
         // Validate that the user exists
         if ($user->checkPermission('SITE', 'DEACTIVATED')) {
@@ -337,7 +350,7 @@ class User
     public function removeFriend($uid, $deleteRequest = false)
     {
         // Create the foreign object
-        $user = new User($uid);
+        $user = User::construct($uid);
 
         // Validate that the user exists
         if ($user->checkPermission('SITE', 'DEACTIVATED')) {
@@ -445,7 +458,7 @@ class User
         // Create the user objects
         foreach ($users as $user) {
             // Create new object
-            $objects[$user] = new User($user);
+            $objects[$user] = User::construct($user);
         }
 
         // Return the objects
diff --git a/libraries/Users.php b/libraries/Users.php
index 82ed318..4d6f839 100644
--- a/libraries/Users.php
+++ b/libraries/Users.php
@@ -114,7 +114,7 @@ class Users
         }
 
         // Get account data
-        $user = new User($uid);
+        $user = User::construct($uid);
 
         // Validate password
         switch ($user->password()['password_algo']) {
@@ -701,7 +701,7 @@ class Users
         $getAll = Database::fetch('users', true, ['user_last_online' => [$time, '>']]);
 
         foreach ($getAll as $user) {
-            $return[] = new User($user['user_id']);
+            $return[] = User::construct($user['user_id']);
         }
 
         // Return all the online users
@@ -749,7 +749,7 @@ class Users
         $premiumRank = Config::get('premium_rank_id');
 
         // Create user object
-        $user = new User($id);
+        $user = User::construct($id);
 
         // Run the check
         $check = $user->isPremium();
@@ -835,7 +835,7 @@ class Users
                 continue;
             }
 
-            $users[$user['user_id']] = new User($user['user_id']);
+            $users[$user['user_id']] = User::construct($user['user_id']);
         }
 
         // and return an array with the users
diff --git a/public/authenticate.php b/public/authenticate.php
index 7b1007c..6bff689 100644
--- a/public/authenticate.php
+++ b/public/authenticate.php
@@ -203,7 +203,7 @@ if (isset($_REQUEST['mode'])) {
                 // Add page specific things
                 $renderData['page'] = [
 
-                    'redirect' => $login[0] ? ((new User($login[2]))->dates()['lastOnline'] ? $_REQUEST['redirect'] : $urls->format('INFO_PAGE', ['welcome'])) : $urls->format('SITE_LOGIN'),
+                    'redirect' => $login[0] ? (User::construct($login[2])->dates()['lastOnline'] ? $_REQUEST['redirect'] : $urls->format('INFO_PAGE', ['welcome'])) : $urls->format('SITE_LOGIN'),
                     'message' => $messages[$login[1]],
                     'success' => $login[0],
 
diff --git a/public/imageserve.php b/public/imageserve.php
index fa4a4ea..0effbf1 100644
--- a/public/imageserve.php
+++ b/public/imageserve.php
@@ -43,7 +43,7 @@ if (isset($_GET['m'])) {
             }
 
             // Get user data
-            $user = new User($_GET['u']);
+            $user = User::construct($_GET['u']);
 
             // If user is deactivated use deactive avatar
             if ($user->hasRanks([0, 1])) {
@@ -78,7 +78,7 @@ if (isset($_GET['m'])) {
             }
 
             // Get user data
-            $user = new User($_GET['u']);
+            $user = User::construct($_GET['u']);
 
             // If user is deactivated use deactive avatar
             if ($user->hasRanks([0, 1])) {
@@ -114,7 +114,7 @@ if (isset($_GET['m'])) {
             }
 
             // Get user data
-            $user = new User($_GET['u']);
+            $user = User::construct($_GET['u']);
 
             // If user is deactivated use deactive avatar
             if ($user->hasRanks([0, 1])) {
diff --git a/public/index.php b/public/index.php
index cb3a7e0..e3a6af1 100644
--- a/public/index.php
+++ b/public/index.php
@@ -54,7 +54,7 @@ $renderData['forum'] = ($forumMode ? (new Forum\Forum()) : null);
 
 $renderData['stats'] = [
     'userCount' => Database::count('users', ['password_algo' => ['nologin', '!='], 'rank_main' => ['1', '!=']])[0],
-    'newestUser' => ($_INDEX_NEWEST_USER = new User(Users::getNewestUserId())),
+    'newestUser' => ($_INDEX_NEWEST_USER = User::construct(Users::getNewestUserId())),
     'lastRegDate' => ($_INDEX_LAST_REGDATE = date_diff(
         date_create(
             date(
diff --git a/public/profile.php b/public/profile.php
index 7e095af..3f23651 100644
--- a/public/profile.php
+++ b/public/profile.php
@@ -16,7 +16,7 @@ $template = new Template();
 $template->setTemplate($templateName);
 
 // Get the user's context
-$profile = new User(isset($_GET['u']) ? $_GET['u'] : 0);
+$profile = User::construct(isset($_GET['u']) ? $_GET['u'] : 0);
 
 // Views array
 $views = [
diff --git a/public/settings.php b/public/settings.php
index 860ae3c..2947665 100644
--- a/public/settings.php
+++ b/public/settings.php
@@ -381,7 +381,7 @@ if (isset($_REQUEST['request-notifications']) && $_REQUEST['request-notification
         // Create a notification
         if (array_key_exists($action[1], $notifStrings)) {
             // Get the current user's profile data
-            $user = new User($currentUser->id());
+            $user = User::construct($currentUser->id());
 
             Users::createNotification(
                 $_REQUEST[(isset($_REQUEST['add']) ? 'add' : 'remove')],
diff --git a/sakura.php b/sakura.php
index 4d4f1da..d8fd68b 100644
--- a/sakura.php
+++ b/sakura.php
@@ -8,7 +8,7 @@
 namespace Sakura;
 
 // Define Sakura version
-define('SAKURA_VERSION', '20151227');
+define('SAKURA_VERSION', '20151228');
 define('SAKURA_VLABEL', 'Eminence');
 define('SAKURA_COLOUR', '#6C3082');
 
@@ -31,7 +31,7 @@ if (!@include_once ROOT . 'vendor/autoload.php') {
     die('Autoloader not found, did you run composer?');
 }
 
-// Include components
+// Include core libraries
 require_once ROOT . 'libraries/ActionCode.php';
 require_once ROOT . 'libraries/Bans.php';
 require_once ROOT . 'libraries/BBcode.php';
@@ -44,6 +44,7 @@ require_once ROOT . 'libraries/Main.php';
 require_once ROOT . 'libraries/Manage.php';
 require_once ROOT . 'libraries/News.php';
 require_once ROOT . 'libraries/Payments.php';
+require_once ROOT . 'libraries/Perms.php';
 require_once ROOT . 'libraries/Permissions.php';
 require_once ROOT . 'libraries/Rank.php';
 require_once ROOT . 'libraries/Session.php';
@@ -54,9 +55,11 @@ require_once ROOT . 'libraries/User.php';
 require_once ROOT . 'libraries/Users.php';
 require_once ROOT . 'libraries/Whois.php';
 require_once ROOT . 'libraries/Forum/Forum.php';
-require_once ROOT . 'libraries/Forum/Permissions.php';
+require_once ROOT . 'libraries/Forum/Perms.php';
 require_once ROOT . 'libraries/Forum/Post.php';
 require_once ROOT . 'libraries/Forum/Thread.php';
+require_once ROOT . 'libraries/Perms/Forum.php';
+require_once ROOT . 'libraries/Perms/Site.php';
 
 // Include database extensions
 foreach (glob(ROOT . 'libraries/DBWrapper/*.php') as $driver) {
@@ -104,7 +107,7 @@ ob_start(Config::get('use_gzip') ? 'ob_gzhandler' : null);
 $authCheck = Users::checkLogin();
 
 // Create a user object for the current logged in user
-$currentUser = new User($authCheck[0]);
+$currentUser = User::construct($authCheck[0]);
 
 // Create the Urls object
 $urls = new Urls();
@@ -212,7 +215,7 @@ if (!defined('SAKURA_NO_TPL')) {
                 'reason' => $ban['reason'],
                 'issued' => $ban['issued'],
                 'expires' => $ban['expires'],
-                'issuer' => (new User($ban['issuer'])),
+                'issuer' => (User::construct($ban['issuer'])),
             ],
         ]);
 
diff --git a/templates/yuuno/forum/viewtopic.tpl b/templates/yuuno/forum/viewtopic.tpl
index 11d720d..5c50b08 100644
--- a/templates/yuuno/forum/viewtopic.tpl
+++ b/templates/yuuno/forum/viewtopic.tpl
@@ -25,11 +25,11 @@
 {% block title %}{{ thread.title }}{% endblock %}
 
 {% block css %}
-    <link rel="stylesheet" href="/content/libraries/highlight.css" />
+    <link rel="stylesheet" href="{{ sakura.contentPath }}/libraries/highlight.css" />
 {% endblock %}
 
 {% block js %}
-    <script src="/content/libraries/highlight.js"></script>
+    <script src="{{ sakura.contentPath }}/libraries/highlight.js"></script>
     <script>hljs.initHighlightingOnLoad();</script>
 {% endblock %}