Teknik is a suite of services with attractive and functional interfaces. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

UserTools.class.php 6.7KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221
  1. <?php
  2. require_once('User.class.php');
  3. require_once('DB.class.php');
  4. class UserTools {
  5. function UserTools($db, $CONF)
  6. {
  7. $this->db=$db;
  8. $this->conf=$CONF;
  9. }
  10. //Log the user in. First checks to see if the
  11. //username and password match a row in the database.
  12. //If it is successful, set the session variables
  13. //and store the user object within.
  14. public function login($username, $password, $remember_me, $CONF)
  15. {
  16. $result = $this->db->select("users", "username=? AND password=?", array($username, $password));
  17. if($result)
  18. {
  19. $user = new User($result, $this->db);
  20. $_SESSION[$CONF['session_prefix']."user"] = serialize($user);
  21. $_SESSION[$CONF['session_prefix']."logged_in"] = 1;
  22. if ($remember_me)
  23. {
  24. $identifier = hashPassword($username, $this->conf);
  25. $token = bin2hex(openssl_random_pseudo_bytes(20));
  26. $data = array(
  27. "user_id" => $user->id,
  28. "identifier" => $identifier,
  29. "token" => $token,
  30. "timeout" => date("Y-m-d H:i:s",time() + 60 * 60 * 24 * 7)
  31. );
  32. $this->db->insert($data, "sessions");
  33. setcookie($CONF['session_prefix'].'auth', "$identifier:$token", time() + 60 * 60 * 24 * 7, '/', '.'.$this->conf['host']);
  34. }
  35. return true;
  36. }else{
  37. return false;
  38. }
  39. }
  40. // Checks to see if the password provided is valid for the username
  41. public function checkPass($username, $password)
  42. {
  43. $result = $this->db->select("users", "username=? AND password=?", array($username, $password));
  44. if($result)
  45. {
  46. return true;
  47. }
  48. return false;
  49. }
  50. //Log the user out. Destroy the session variables.
  51. public function logout($CONF)
  52. {
  53. if (isset($_COOKIE['auth']))
  54. {
  55. $user = unserialize($_SESSION[$CONF['session_prefix'].'user']);
  56. list($identifier, $token) = explode(':', $_COOKIE['auth']);
  57. $this->db->delete("sessions", "user_id=?", array($user->id));
  58. setcookie($CONF['session_prefix'].'auth', false, time() + 60 * 60 * 24 * 7, '/', '.'.$this->conf['host']);
  59. }
  60. unset($_SESSION[$CONF['session_prefix'].'user']);
  61. unset($_SESSION[$CONF['session_prefix'].'logged_in']);
  62. session_destroy();
  63. }
  64. //Check to see if a username exists.
  65. //This is called during registration to make sure all user names are unique.
  66. public function checkUsernameExists($username) {
  67. $result = $this->db->select("users", "username=?", array($username), "id");
  68. if($result['id'])
  69. {
  70. return true;
  71. }else{
  72. return false;
  73. }
  74. }
  75. //Check to see if a email exists.
  76. //This is called during registration to make sure a user is not added that would co-incide with an email address already made.
  77. public function checkEmailExists($domain, $email) {
  78. try
  79. {
  80. $account = $domain->Accounts->ItemByAddress($email);
  81. }
  82. catch(Exception $e)
  83. {
  84. return false;
  85. }
  86. return true;
  87. }
  88. //Check to see if a username exists.
  89. //This is called during registration to make sure all user names are unique.
  90. public function getUser($username)
  91. {
  92. $result = $this->db->select('users', "username=?", array($username));
  93. return new User($result, $this->db);
  94. }
  95. //Grab all of the users from a select group
  96. public function getUsersFromGroup($group)
  97. {
  98. $results = $this->db->select('users', "group_name=?", array($group));
  99. $users = array();
  100. foreach ($results as $result)
  101. {
  102. if (!is_array($result))
  103. {
  104. return array(new User($results, $this->db));
  105. }
  106. $users[] = new User($result, $this->db);
  107. }
  108. return $users;
  109. }
  110. //Grab all users
  111. public function getUsers()
  112. {
  113. $results = $this->db->select('users', "1=?", array("1"));
  114. $users = array();
  115. foreach ($results as $result)
  116. {
  117. if (!is_array($result))
  118. {
  119. return array(new User($results, $this->db));
  120. }
  121. array_push($users, new User($result, $this->db));
  122. }
  123. return $users;
  124. }
  125. //get a user
  126. //returns a User object. Takes the users id as an input
  127. public function get($id)
  128. {
  129. $result = $this->db->select('users', "id=?", array($id));
  130. return new UserUser($result, $this->db);
  131. }
  132. // check if user has a specific privilege
  133. public function hasPrivilege($perm)
  134. {
  135. foreach ($this->roles as $role)
  136. {
  137. if ($role->hasPerm($perm))
  138. {
  139. return true;
  140. }
  141. }
  142. return false;
  143. }
  144. // check if a user has a specific role
  145. public function hasRole($role_name)
  146. {
  147. return isset($this->roles[$role_name]);
  148. }
  149. // insert a new role permission association
  150. public function insertPerm($role_id, $perm_id)
  151. {
  152. $data = array(
  153. "role_id" => $role_id,
  154. "perm_id" => $perm_id
  155. );
  156. $this->db->insert($data, "role_perm");
  157. return true;
  158. }
  159. // delete ALL role permissions
  160. public function deletePerms()
  161. {
  162. $db->delete('role_perm', '1=?', array(1));
  163. return true;
  164. }
  165. // insert a new role
  166. public function insertRole($role_name)
  167. {
  168. $data = array(
  169. "role_name" => $role_name
  170. );
  171. $this->db->insert($data, "roles");
  172. return true;
  173. }
  174. // insert array of roles for specified user id
  175. public function insertUserRoles($user_id, $roles)
  176. {
  177. foreach ($roles as $role_id)
  178. {
  179. $data = array(
  180. "user_id" => $user_id,
  181. "role_id" => $role_id
  182. );
  183. $this->db->insert($data, "user_role");
  184. }
  185. return true;
  186. }
  187. // delete array of roles, and all associations
  188. public static function deleteRoles($roles)
  189. {
  190. foreach ($roles as $role_id)
  191. {
  192. $db->delete('roles as t1 JOIN user_role as t2 on t1.role_id = t2.role_id JOIN role_perm as t3 on t1.role_id = t3.role_id', 't1.role_id=?', array($role_id), "t1, t2, t3");
  193. }
  194. return true;
  195. }
  196. // delete ALL roles for specified user id
  197. public static function deleteUserRoles($user_id)
  198. {
  199. $db->delete('user_role', 'user_id=?', array($user_id));
  200. return true;
  201. }
  202. }
  203. ?>