[GitHub/Stricted/Domain-Control-Panel.git] / lib / system / User.class.php

<?php
namespace dns\system;

/**
 * @author      Jan Altensen (Stricted)
 * @license     GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 * @copyright   2014-2015 Jan Altensen (Stricted)
 */
class User {
	/**
	 * check if the user is loggedin
	 *
	 * @return	boolean
	 */
	public static function isLoggedIn () {		
		if (DNS::getSession()->login !== null && DNS::getSession()->login == 1) {
			return true;
		}
		
		if (isset($_COOKIE['userID']) && !empty($_COOKIE['userID']) && isset($_COOKIE['cookieHash']) && !empty($_COOKIE['cookieHash'])) {
			return self::cookieLogin($_COOKIE['userID'], $_COOKIE['cookieHash']);
		}
		
		return false;
	}
	
	/**
	 * check if user is an Admin
	 *
	 * @return	boolean
	 */
	public static function isAdmin () {
		if (DNS::getSession()->status !== null && DNS::getSession()->status == 2) {
			return true;
		}
		
		return false;
	}
	
	/**
	 * check if user is an Reseller
	 *
	 * @return	boolean
	 */
	public static function isReseller () {
		if (self::isAdmin() === true) {
			return true;
		}
		
		if (DNS::getSession()->status !== null && DNS::getSession()->status == 1) {
			return true;
		}
		
		return false;
	}
	
	/**
	 * check if user has an login cookie
	 *
	 * @param	integer	$userID
	 * @param	string	$hash
	 * @return	boolean
	 */
	public static function cookieLogin ($userID, $hash) {
		$query = DNS::getDB()->query("SELECT * FROM dns_user WHERE SHA1(userID) = ?", array($userID));
		$row = DNS::getDB()->fetch_array($query);
		if (!empty($row)) {
			$sha1UserID = sha1($row["userID"]);
			$sha1Password = sha1($row['password']);
			$sha1CookieHash = sha1($sha1UserID.$sha1Password);
			if ($sha1CookieHash == $hash) {
				DNS::getSession()->register('login', 1);
				DNS::getSession()->register('username', $row["username"]);
				DNS::getSession()->register('userID', $row["userID"]);
				DNS::getSession()->register('status', intval($row["status"]));
				DNS::getSession()->register('csrf_token', DNS::generateRandomID());
				return true;
			}
		}
		
		return false;
	}
	
	public static function getSecurityToken () {
		return DNS::getSession()->csrf_token;
	}	
	
	/**
	 * login the user
	 *
	 * @param	string	$username
	 * @param	string	$password
	 * @param	boolean	$remember
	 * @return	boolean
	 */
	public static function login ($username, $password, $remember = false) {
		$query = DNS::getDB()->query("SELECT * FROM dns_user WHERE username = ?", array($username));
		$row = DNS::getDB()->fetch_array($query);
		if (!empty($row)) {
			if (crypt(crypt($password, $row['password']), $row['password']) == $row['password']) {
				DNS::getSession()->register('login', 1);
				DNS::getSession()->register('username', $row["username"]);
				DNS::getSession()->register('userID', $row["userID"]);
				DNS::getSession()->register('status', intval($row["status"]));
				DNS::getSession()->register('csrf_token', DNS::generateRandomID());
				
				if ($remember === true) {
					$sha1UserID = sha1($row["userID"]);
					$sha1Password = sha1($row['password']);
					$sha1CookieHash = sha1($sha1UserID.$sha1Password);
					
					setcookie("userID", $sha1UserID, time() + 3600 * 24 * 60); // 60 days
					setcookie("cookieHash", $sha1CookieHash, time() + 3600 * 24 * 60); // 60 days
					
				}
				return true;
			}
		}
		
		return false;
	}
	
	/**
	 * log the user out
	 */
	public static function logout () {		
		if (isset($_COOKIE["userID"])) {
			setcookie("userID", '', time() - 3600);
		}
		
		if (isset($_COOKIE["cookieHash"])) {
			setcookie("cookieHash", '', time() - 3600);
		}
		
		DNS::getSession()->destroy();
		session_destroy();
	}
	
	/**
	 * create a new user
	 *
	 * @param	string	$username
	 * @param	string	$email
	 * @param	string	$password
	 * @param	string	$password2
	 * @param	integer	$reseller
	 * @param	integer	$status
	 * @return	boolean
	 */
	public static function createUser ($username, $email, $password, $password2, $reseller = 0, $status = 0) {
		$res = DNS::getDB()->query("SELECT * FROM dns_user WHERE username = ?", array($username));
		$row = DNS::getDB()->fetch_array($res);
		if (!isset($row['username'])) {
			if ($password == $password2) {
				$salt = self::generateSalt();
				$bind = array($username, $email, crypt(crypt($password, $salt), $salt), $reseller, $status);
				DNS::getDB()->query("INSERT INTO dns_user (userID, username, email, password, reseller, status) VALUES (null, ?, ?, ?, ?, ?);", $bind);
				return true;
			}
		}
		
		return false;
	}
	
	/**
	 * delete specific user
	 *
	 * @param	integer	$userID
	 */
	public static function deleteUser ($userID) {
		DNS::getDB()->query("DELETE FROM dns_user WHERE userID = ?", array($userID));
	}
	
	/**
	 * change user password
	 *
	 * @param	integer	$userID
	 * @param	string	$oldpassword
	 * @param	string	$newpassword
	 * @param	string	$newpassword2
	 * @return	boolean
	 */
	public static function change_password ($userID, $oldpassword, $newpassword, $newpassword2) {
		$res = DNS::getDB()->query("SELECT * FROM dns_user WHERE userID = ?", array($userID));
		$row = DNS::getDB()->fetch_array($res);
		if ($oldpassword != "" && $newpassword != "" && $newpassword2 != "") {
			if ($newpassword == $newpassword2) {
				if (crypt(crypt($oldpassword, $row['password']), $row['password']) == $row['password']) {
					$salt = self::generateSalt();
					$password = crypt(crypt($newpassword, $salt), $salt);
					DNS::getDB()->query("UPDATE dns_user SET password = ? WHERE userID = ?", array($password, $userID));
					return true;
				}
			}
		}
		
		return false;
	}
	
	/**
	 * generate new password salt
	 *
	 * @return	string
	 */
	public static function generateSalt() {
		$blowfishCharacters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./';
		$maxIndex = strlen($blowfishCharacters) - 1;
		$salt = '';

		for ($i = 0; $i < 22; $i++) {
			$rand = mt_rand(0, $maxIndex);
			$salt .= $blowfishCharacters[$rand];
		}

		return '$2a$08$' . $salt;
	}
	
	/**
	 * get accessible domains for given user
	 *
	 * @param	integer	$userID
	 * @return	array
	 */
	public static function getAccessibleDomains ($userID = 0) {
		$data = array();
		
		if ($userID === 0 && self::isLoggedIn()) {
			if (DNS::getSession()->userID !== null) {
				$userID = DNS::getSession()->userID;
			}
			
			if (self::isAdmin()) {
				$res = DNS::getDB()->query("SELECT * FROM dns_soa");
				while ($row = DNS::getDB()->fetch_array($res)) {
					$data[] = $row['id'];
				}
				
				return $data;
			}
		}
		
		$res = DNS::getDB()->query("SELECT * FROM dns_soa_to_user WHERE userID = ?", array($userID));
		while ($row = DNS::getDB()->fetch_array($res)) {
			$data[] = $row['soaID'];
		}
		
		return $data;
	}
}
Commit	Line	Data
2aa91ff2 S	1	<?php
	2	namespace dns\system;
	3
	4	/**
	5	* @author Jan Altensen (Stricted)
	6	* @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
	7	* @copyright 2014-2015 Jan Altensen (Stricted)
	8	*/
	9	class User {
	10	/**
	11	* check if the user is loggedin
	12	*
	13	* @return boolean
	14	*/
	15	public static function isLoggedIn () {
5a33cd73	16	if (DNS::getSession()->login !== null && DNS::getSession()->login == 1) {
2aa91ff2 S	17	return true;
	18	}
	19
	20	if (isset($_COOKIE['userID']) && !empty($_COOKIE['userID']) && isset($_COOKIE['cookieHash']) && !empty($_COOKIE['cookieHash'])) {
	21	return self::cookieLogin($_COOKIE['userID'], $_COOKIE['cookieHash']);
	22	}
	23
	24	return false;
	25	}
	26
2c424371 S	27	/**
	28	* check if user is an Admin
	29	*
	30	* @return boolean
	31	*/
2aa91ff2	32	public static function isAdmin () {
5a33cd73	33	if (DNS::getSession()->status !== null && DNS::getSession()->status == 2) {
2aa91ff2 S	34	return true;
	35	}
	36
	37	return false;
	38	}
	39
2c424371 S	40	/**
	41	* check if user is an Reseller
	42	*
	43	* @return boolean
	44	*/
2aa91ff2 S	45	public static function isReseller () {
	46	if (self::isAdmin() === true) {
	47	return true;
	48	}
	49
5a33cd73	50	if (DNS::getSession()->status !== null && DNS::getSession()->status == 1) {
2aa91ff2 S	51	return true;
	52	}
	53
	54	return false;
	55	}
	56
2c424371 S	57	/**
	58	* check if user has an login cookie
	59	*
	60	* @param integer $userID
	61	* @param string $hash
	62	* @return boolean
	63	*/
2aa91ff2 S	64	public static function cookieLogin ($userID, $hash) {
	65	$query = DNS::getDB()->query("SELECT * FROM dns_user WHERE SHA1(userID) = ?", array($userID));
	66	$row = DNS::getDB()->fetch_array($query);
	67	if (!empty($row)) {
	68	$sha1UserID = sha1($row["userID"]);
	69	$sha1Password = sha1($row['password']);
	70	$sha1CookieHash = sha1($sha1UserID.$sha1Password);
	71	if ($sha1CookieHash == $hash) {
5a33cd73 S	72	DNS::getSession()->register('login', 1);
	73	DNS::getSession()->register('username', $row["username"]);
	74	DNS::getSession()->register('userID', $row["userID"]);
	75	DNS::getSession()->register('status', intval($row["status"]));
ff49a0be	76	DNS::getSession()->register('csrf_token', DNS::generateRandomID());
2aa91ff2 S	77	return true;
	78	}
	79	}
	80
	81	return false;
	82	}
	83
ff49a0be S	84	public static function getSecurityToken () {
	85	return DNS::getSession()->csrf_token;
	86	}
	87
2c424371 S	88	/**
	89	* login the user
	90	*
	91	* @param string $username
	92	* @param string $password
	93	* @param boolean $remember
	94	* @return boolean
	95	*/
2aa91ff2 S	96	public static function login ($username, $password, $remember = false) {
	97	$query = DNS::getDB()->query("SELECT * FROM dns_user WHERE username = ?", array($username));
	98	$row = DNS::getDB()->fetch_array($query);
	99	if (!empty($row)) {
	100	if (crypt(crypt($password, $row['password']), $row['password']) == $row['password']) {
5a33cd73 S	101	DNS::getSession()->register('login', 1);
	102	DNS::getSession()->register('username', $row["username"]);
	103	DNS::getSession()->register('userID', $row["userID"]);
	104	DNS::getSession()->register('status', intval($row["status"]));
ff49a0be	105	DNS::getSession()->register('csrf_token', DNS::generateRandomID());
5a33cd73	106
2aa91ff2 S	107	if ($remember === true) {
	108	$sha1UserID = sha1($row["userID"]);
	109	$sha1Password = sha1($row['password']);
	110	$sha1CookieHash = sha1($sha1UserID.$sha1Password);
	111
	112	setcookie("userID", $sha1UserID, time() + 3600 * 24 * 60); // 60 days
	113	setcookie("cookieHash", $sha1CookieHash, time() + 3600 * 24 * 60); // 60 days
	114
	115	}
	116	return true;
	117	}
	118	}
	119
	120	return false;
	121	}
	122
2c424371 S	123	/**
	124	* log the user out
	125	*/
5a33cd73	126	public static function logout () {
2aa91ff2 S	127	if (isset($_COOKIE["userID"])) {
	128	setcookie("userID", '', time() - 3600);
	129	}
	130
	131	if (isset($_COOKIE["cookieHash"])) {
	132	setcookie("cookieHash", '', time() - 3600);
	133	}
	134
5a33cd73	135	DNS::getSession()->destroy();
2aa91ff2 S	136	session_destroy();
	137	}
	138
2c424371 S	139	/**
	140	* create a new user
	141	*
	142	* @param string $username
	143	* @param string $email
	144	* @param string $password
	145	* @param string $password2
	146	* @param integer $reseller
	147	* @param integer $status
	148	* @return boolean
	149	*/
2aa91ff2 S	150	public static function createUser ($username, $email, $password, $password2, $reseller = 0, $status = 0) {
	151	$res = DNS::getDB()->query("SELECT * FROM dns_user WHERE username = ?", array($username));
	152	$row = DNS::getDB()->fetch_array($res);
	153	if (!isset($row['username'])) {
	154	if ($password == $password2) {
	155	$salt = self::generateSalt();
	156	$bind = array($username, $email, crypt(crypt($password, $salt), $salt), $reseller, $status);
	157	DNS::getDB()->query("INSERT INTO dns_user (userID, username, email, password, reseller, status) VALUES (null, ?, ?, ?, ?, ?);", $bind);
	158	return true;
	159	}
	160	}
	161
	162	return false;
	163	}
	164
2c424371 S	165	/**
	166	* delete specific user
	167	*
	168	* @param integer $userID
	169	*/
2aa91ff2 S	170	public static function deleteUser ($userID) {
	171	DNS::getDB()->query("DELETE FROM dns_user WHERE userID = ?", array($userID));
	172	}
	173
2c424371 S	174	/**
	175	* change user password
	176	*
	177	* @param integer $userID
	178	* @param string $oldpassword
	179	* @param string $newpassword
	180	* @param string $newpassword2
	181	* @return boolean
	182	*/
2aa91ff2 S	183	public static function change_password ($userID, $oldpassword, $newpassword, $newpassword2) {
	184	$res = DNS::getDB()->query("SELECT * FROM dns_user WHERE userID = ?", array($userID));
	185	$row = DNS::getDB()->fetch_array($res);
	186	if ($oldpassword != "" && $newpassword != "" && $newpassword2 != "") {
	187	if ($newpassword == $newpassword2) {
	188	if (crypt(crypt($oldpassword, $row['password']), $row['password']) == $row['password']) {
	189	$salt = self::generateSalt();
	190	$password = crypt(crypt($newpassword, $salt), $salt);
	191	DNS::getDB()->query("UPDATE dns_user SET password = ? WHERE userID = ?", array($password, $userID));
	192	return true;
	193	}
	194	}
	195	}
	196
	197	return false;
	198	}
	199
2c424371 S	200	/**
	201	* generate new password salt
	202	*
	203	* @return string
	204	*/
2aa91ff2 S	205	public static function generateSalt() {
	206	$blowfishCharacters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./';
	207	$maxIndex = strlen($blowfishCharacters) - 1;
	208	$salt = '';
	209
	210	for ($i = 0; $i < 22; $i++) {
	211	$rand = mt_rand(0, $maxIndex);
	212	$salt .= $blowfishCharacters[$rand];
	213	}
	214
	215	return '$2a$08$' . $salt;
	216	}
	217
2c424371 S	218	/**
	219	* get accessible domains for given user
	220	*
	221	* @param integer $userID
	222	* @return array
	223	*/
2aa91ff2 S	224	public static function getAccessibleDomains ($userID = 0) {
	225	$data = array();
	226
	227	if ($userID === 0 && self::isLoggedIn()) {
5a33cd73 S	228	if (DNS::getSession()->userID !== null) {
5a33cd73 S	229	$userID = DNS::getSession()->userID;
2aa91ff2 S	230	}
	231
	232	if (self::isAdmin()) {
	233	$res = DNS::getDB()->query("SELECT * FROM dns_soa");
	234	while ($row = DNS::getDB()->fetch_array($res)) {
	235	$data[] = $row['id'];
	236	}
	237
	238	return $data;
	239	}
	240	}
	241
	242	$res = DNS::getDB()->query("SELECT * FROM dns_soa_to_user WHERE userID = ?", array($userID));
	243	while ($row = DNS::getDB()->fetch_array($res)) {
	244	$data[] = $row['soaID'];
	245	}
	246
	247	return $data;
	248	}
	249	}