Commit | Line | Data |
---|---|---|
2aa91ff2 S |
1 | <?php |
2 | namespace dns\system; | |
3 | ||
4 | /** | |
5 | * @author Jan Altensen (Stricted) | |
6 | * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> | |
7 | * @copyright 2014-2015 Jan Altensen (Stricted) | |
8 | */ | |
9 | class User { | |
10 | /** | |
11 | * check if the user is loggedin | |
12 | * | |
13 | * @return boolean | |
14 | */ | |
15 | public static function isLoggedIn () { | |
5a33cd73 | 16 | if (DNS::getSession()->login !== null && DNS::getSession()->login == 1) { |
2aa91ff2 S |
17 | return true; |
18 | } | |
19 | ||
20 | if (isset($_COOKIE['userID']) && !empty($_COOKIE['userID']) && isset($_COOKIE['cookieHash']) && !empty($_COOKIE['cookieHash'])) { | |
21 | return self::cookieLogin($_COOKIE['userID'], $_COOKIE['cookieHash']); | |
22 | } | |
23 | ||
24 | return false; | |
25 | } | |
26 | ||
2c424371 S |
27 | /** |
28 | * check if user is an Admin | |
29 | * | |
30 | * @return boolean | |
31 | */ | |
2aa91ff2 | 32 | public static function isAdmin () { |
5a33cd73 | 33 | if (DNS::getSession()->status !== null && DNS::getSession()->status == 2) { |
2aa91ff2 S |
34 | return true; |
35 | } | |
36 | ||
37 | return false; | |
38 | } | |
39 | ||
2c424371 S |
40 | /** |
41 | * check if user is an Reseller | |
42 | * | |
43 | * @return boolean | |
44 | */ | |
2aa91ff2 S |
45 | public static function isReseller () { |
46 | if (self::isAdmin() === true) { | |
47 | return true; | |
48 | } | |
49 | ||
5a33cd73 | 50 | if (DNS::getSession()->status !== null && DNS::getSession()->status == 1) { |
2aa91ff2 S |
51 | return true; |
52 | } | |
53 | ||
54 | return false; | |
55 | } | |
56 | ||
2c424371 S |
57 | /** |
58 | * check if user has an login cookie | |
59 | * | |
60 | * @param integer $userID | |
61 | * @param string $hash | |
62 | * @return boolean | |
63 | */ | |
2aa91ff2 S |
64 | public static function cookieLogin ($userID, $hash) { |
65 | $query = DNS::getDB()->query("SELECT * FROM dns_user WHERE SHA1(userID) = ?", array($userID)); | |
66 | $row = DNS::getDB()->fetch_array($query); | |
67 | if (!empty($row)) { | |
68 | $sha1UserID = sha1($row["userID"]); | |
69 | $sha1Password = sha1($row['password']); | |
70 | $sha1CookieHash = sha1($sha1UserID.$sha1Password); | |
71 | if ($sha1CookieHash == $hash) { | |
5a33cd73 S |
72 | DNS::getSession()->register('login', 1); |
73 | DNS::getSession()->register('username', $row["username"]); | |
74 | DNS::getSession()->register('userID', $row["userID"]); | |
75 | DNS::getSession()->register('status', intval($row["status"])); | |
ff49a0be | 76 | DNS::getSession()->register('csrf_token', DNS::generateRandomID()); |
2aa91ff2 S |
77 | return true; |
78 | } | |
79 | } | |
80 | ||
81 | return false; | |
82 | } | |
83 | ||
ff49a0be S |
84 | public static function getSecurityToken () { |
85 | return DNS::getSession()->csrf_token; | |
86 | } | |
87 | ||
2c424371 S |
88 | /** |
89 | * login the user | |
90 | * | |
91 | * @param string $username | |
92 | * @param string $password | |
93 | * @param boolean $remember | |
94 | * @return boolean | |
95 | */ | |
2aa91ff2 S |
96 | public static function login ($username, $password, $remember = false) { |
97 | $query = DNS::getDB()->query("SELECT * FROM dns_user WHERE username = ?", array($username)); | |
98 | $row = DNS::getDB()->fetch_array($query); | |
99 | if (!empty($row)) { | |
100 | if (crypt(crypt($password, $row['password']), $row['password']) == $row['password']) { | |
5a33cd73 S |
101 | DNS::getSession()->register('login', 1); |
102 | DNS::getSession()->register('username', $row["username"]); | |
103 | DNS::getSession()->register('userID', $row["userID"]); | |
104 | DNS::getSession()->register('status', intval($row["status"])); | |
ff49a0be | 105 | DNS::getSession()->register('csrf_token', DNS::generateRandomID()); |
5a33cd73 | 106 | |
2aa91ff2 S |
107 | if ($remember === true) { |
108 | $sha1UserID = sha1($row["userID"]); | |
109 | $sha1Password = sha1($row['password']); | |
110 | $sha1CookieHash = sha1($sha1UserID.$sha1Password); | |
111 | ||
112 | setcookie("userID", $sha1UserID, time() + 3600 * 24 * 60); // 60 days | |
113 | setcookie("cookieHash", $sha1CookieHash, time() + 3600 * 24 * 60); // 60 days | |
114 | ||
115 | } | |
116 | return true; | |
117 | } | |
118 | } | |
119 | ||
120 | return false; | |
121 | } | |
122 | ||
2c424371 S |
123 | /** |
124 | * log the user out | |
125 | */ | |
5a33cd73 | 126 | public static function logout () { |
2aa91ff2 S |
127 | if (isset($_COOKIE["userID"])) { |
128 | setcookie("userID", '', time() - 3600); | |
129 | } | |
130 | ||
131 | if (isset($_COOKIE["cookieHash"])) { | |
132 | setcookie("cookieHash", '', time() - 3600); | |
133 | } | |
134 | ||
5a33cd73 | 135 | DNS::getSession()->destroy(); |
2aa91ff2 S |
136 | session_destroy(); |
137 | } | |
138 | ||
2c424371 S |
139 | /** |
140 | * create a new user | |
141 | * | |
142 | * @param string $username | |
143 | * @param string $email | |
144 | * @param string $password | |
145 | * @param string $password2 | |
146 | * @param integer $reseller | |
147 | * @param integer $status | |
148 | * @return boolean | |
149 | */ | |
2aa91ff2 S |
150 | public static function createUser ($username, $email, $password, $password2, $reseller = 0, $status = 0) { |
151 | $res = DNS::getDB()->query("SELECT * FROM dns_user WHERE username = ?", array($username)); | |
152 | $row = DNS::getDB()->fetch_array($res); | |
153 | if (!isset($row['username'])) { | |
154 | if ($password == $password2) { | |
155 | $salt = self::generateSalt(); | |
156 | $bind = array($username, $email, crypt(crypt($password, $salt), $salt), $reseller, $status); | |
157 | DNS::getDB()->query("INSERT INTO dns_user (userID, username, email, password, reseller, status) VALUES (null, ?, ?, ?, ?, ?);", $bind); | |
158 | return true; | |
159 | } | |
160 | } | |
161 | ||
162 | return false; | |
163 | } | |
164 | ||
2c424371 S |
165 | /** |
166 | * delete specific user | |
167 | * | |
168 | * @param integer $userID | |
169 | */ | |
2aa91ff2 S |
170 | public static function deleteUser ($userID) { |
171 | DNS::getDB()->query("DELETE FROM dns_user WHERE userID = ?", array($userID)); | |
172 | } | |
173 | ||
2c424371 S |
174 | /** |
175 | * change user password | |
176 | * | |
177 | * @param integer $userID | |
178 | * @param string $oldpassword | |
179 | * @param string $newpassword | |
180 | * @param string $newpassword2 | |
181 | * @return boolean | |
182 | */ | |
2aa91ff2 S |
183 | public static function change_password ($userID, $oldpassword, $newpassword, $newpassword2) { |
184 | $res = DNS::getDB()->query("SELECT * FROM dns_user WHERE userID = ?", array($userID)); | |
185 | $row = DNS::getDB()->fetch_array($res); | |
186 | if ($oldpassword != "" && $newpassword != "" && $newpassword2 != "") { | |
187 | if ($newpassword == $newpassword2) { | |
188 | if (crypt(crypt($oldpassword, $row['password']), $row['password']) == $row['password']) { | |
189 | $salt = self::generateSalt(); | |
190 | $password = crypt(crypt($newpassword, $salt), $salt); | |
191 | DNS::getDB()->query("UPDATE dns_user SET password = ? WHERE userID = ?", array($password, $userID)); | |
192 | return true; | |
193 | } | |
194 | } | |
195 | } | |
196 | ||
197 | return false; | |
198 | } | |
199 | ||
2c424371 S |
200 | /** |
201 | * generate new password salt | |
202 | * | |
203 | * @return string | |
204 | */ | |
2aa91ff2 S |
205 | public static function generateSalt() { |
206 | $blowfishCharacters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./'; | |
207 | $maxIndex = strlen($blowfishCharacters) - 1; | |
208 | $salt = ''; | |
209 | ||
210 | for ($i = 0; $i < 22; $i++) { | |
211 | $rand = mt_rand(0, $maxIndex); | |
212 | $salt .= $blowfishCharacters[$rand]; | |
213 | } | |
214 | ||
215 | return '$2a$08$' . $salt; | |
216 | } | |
217 | ||
2c424371 S |
218 | /** |
219 | * get accessible domains for given user | |
220 | * | |
221 | * @param integer $userID | |
222 | * @return array | |
223 | */ | |
2aa91ff2 S |
224 | public static function getAccessibleDomains ($userID = 0) { |
225 | $data = array(); | |
226 | ||
227 | if ($userID === 0 && self::isLoggedIn()) { | |
5a33cd73 S |
228 | if (DNS::getSession()->userID !== null) { |
229 | $userID = DNS::getSession()->userID; | |
2aa91ff2 S |
230 | } |
231 | ||
232 | if (self::isAdmin()) { | |
233 | $res = DNS::getDB()->query("SELECT * FROM dns_soa"); | |
234 | while ($row = DNS::getDB()->fetch_array($res)) { | |
235 | $data[] = $row['id']; | |
236 | } | |
237 | ||
238 | return $data; | |
239 | } | |
240 | } | |
241 | ||
242 | $res = DNS::getDB()->query("SELECT * FROM dns_soa_to_user WHERE userID = ?", array($userID)); | |
243 | while ($row = DNS::getDB()->fetch_array($res)) { | |
244 | $data[] = $row['soaID']; | |
245 | } | |
246 | ||
247 | return $data; | |
248 | } | |
249 | } |