Location: PHPKode > projects > GroundOS > groundos/logic/user/user.class.php
<?PHP
/**
 * /logic/user/user.class.php
 *
 * Governs everything about users.
 * 
 * @package AgaresCore4
 * @author Agares Media <hide@address.com>
 * @copyright Copyright (c) 2007, 2008, 2009 Agares Media.  All rights reserved.
 */

/**
 * user() Class
 *
 * Governs everything about users.
 * @package AgaresCore4
 * @var interger $currentuserid The class variable that holds the current users userid.
 */
loadclass('rootclass');
class user extends rootclass {
	var $currentuserid;
	
		public function __construct() {
			$this->currentuserid = 0;
		}
		
		public function __destruct() {
			//
		}		

		/**
		 * setcookie() Method
		 * 
		 * This method will create a logged in cookie for the user specified in $userkey.  The ac4uid cookie is set for a longer period of time to
		 * match the length of time the ac4perm cookie is set.
		 * 
		 * @access public
		 * @param integer $userkey The primary key for the user in question
		 * @return boolean Returns true if the cookies were set, false otherwise
		 * @see remember()
		 */
		public function setcookie($userkey) {
			$userpassword = $this->get($userkey, '`user_password`'); // Let's grab the users hashed password value
			$cookievalue = md5($userpassword . $this->getsid()); // The hash value stored in the cookie is a hash of the password hash along with the session id
			$cookievalue = serialize($cookievalue); // Before writing to the cookie, the data is serialized
			if (setcookie("ac4login", $cookievalue, time()+360000, '/') && setcookie("ac4uid", $userkey, time()+36000000, '/')) {
				return true;
			} else {
				return false;
			}
		}

		/**
		 * readcookie() Method
		 * 
		 * This method looks to see if the login cookie has been set.  If so, it returns the value of the cookie, otherwise it returns false
		 * 
		 * @access private
		 * @return mixed Returns the value of the cookie if it is set, otherwise it returns false.
		 */
		private function readcookie() {
			if(isset($_COOKIE['ac4login'])) {
				return unserialize($_COOKIE['ac4login']);
			} else {
				return false;
			}
		}		

				/**
		 * validatecookie() Method
		 * 
		 * Verifies that the cookie is set, the session is still current, etc.  Also updates the user database for the current IP address and time stamp the user logged in.
		 * 
		 * @access public
		 * @return boolean Returns true if the user was validated, otherwise redirects to login
		 */
		public function validatecookie() {
			global $defaultloginpage, $router;
			if ($this->verifycookie()==false) {
				$router->reroute("$defaultloginpage"); // Reroutes to the login page
				exit();	
			}			
			
		}
		
		/**
		 * verifycookie() Method
		 * 
		 * Verifies that the cookie is set, the session is still current, etc.  Also updates the user database for the current IP address and time stamp the user logged in.
		 * 
		 * @access public
		 * @return boolean Returns true if the user was validated, otherwise false
		 */
		public function verifycookie() {
			global $database;
			if(isset($_COOKIE['ac4uid']) && is_numeric($_COOKIE['ac4uid'])) {
				$userkey = $this->clean($_COOKIE['ac4uid']);
				if(isset($_COOKIE['ac4perm'])) { // First we'll try and see if the user has a permanent cookie
					$keys = @$this->get($this->clean($_COOKIE['ac4uid']), '`user_key`, `user_remember_key`');
					$finalkey = md5($keys['user_key'] . $keys['user_remember_key'] . $_SERVER['REMOTE_ADDR']);
					if($this->clean($_COOKIE['ac4perm'])==$finalkey) {
						$this->debug('User perm validated as UID: '.$this->clean($_COOKIE['ac4uid']));
						$this->currentuserid = $this->clean($_COOKIE['ac4uid']);
						$database->query('UPDATE `users` SET `user_last_ip`="'.$database->clean($_SERVER['REMOTE_ADDR']).'", `user_last_visit_date`="'.date("Ymd").'" WHERE `id`='.$this->clean($_COOKIE['ac4uid']).';');
						return true;			
					} else {
						$this->debug('User perm validation failed as UID: '.$this->clean($_COOKIE['ac4uid']));
						$this->removecookie(); // Deletes the permanent ac4perm cookie so we can try logining in again. 
						return false; // Was unable to authenticate cookie						
					}
				} else {				
					if($this->readcookie()!=false){
						$userpassword = $this->get($userkey, '`user_password`');
						$cookievalue = md5($userpassword . $this->getsid());
						if($this->readcookie()==$cookievalue){
							$this->debug('User validated as UID: '.$this->clean($_COOKIE['ac4uid']));
							$this->currentuserid = $this->clean($_COOKIE['ac4uid']);
							$database->query('UPDATE `users` SET `user_last_ip`="'.$database->clean($_SERVER['REMOTE_ADDR']).'", `user_last_visit_date`="'.date("Ymd").'" WHERE `id`='.$this->clean($_COOKIE['ac4uid']).';');
							return true;
						} else {
							$this->debug('User validation failed as UID: '.$this->clean($_COOKIE['ac4uid']));
							return false; // Was unable to authenticate cookie
						}
					} else {
						$this->debug('User validation failed. No ac4login cookie set.');
						return false; // Return false, no cookie set
					}
				}
			} else {
				$this->debug('User validation failed.  No UID set.');
				return false; // Return false, no cookie set
			}
		}
		
		/**
		 * remember() Method
		 * 
		 * Sets a persistent cookie 
		 * @access public
		 */
		public function remember($userkey) {
			$keys = $this->get($userkey, '`user_key`, `user_remember_key`, `user_last_ip`');
			$finalkey = md5($keys['user_key'] . $keys['user_remember_key'] . $keys['user_last_ip']);
			setcookie("ac4perm", $finalkey, time()+36000000, '/');
		}
		
		
		/**
		 * removepermcookie() Method
		 * 
		 * Removes the AgaresCore 4 permanent login cookie (ac4perm)  Returns true on success, false on failure
		 * 
		 * @access public
		 * @return boolean Returns true on success, false on failure
		 */
		public function removepermcookie() {
			if(setcookie("ac4perm", false, time()-3600, '/')) {
				return true;		
			} else {
				return false;
			}
		}		
		
		/**
		 * removecookie() Method
		 * 
		 * Removes the AgaresCore 4 login cookies.  Returns true on success, false on failure
		 * 
		 * @access public
		 * @return boolean Returns true on success, false on failure
		 */
		public function removecookie() {
			if(setcookie("ac4login", false, time()-3600, '/') && setcookie("ac4uid", false, time()-3600, '/') && $this->removepermcookie()) {
				return true;		
			} else {
				return false;
			}
		}
		
		/**
		 * generatepass() Method
		 * 
		 * This returns a string with the properly encoded and formated password for the user/password specified
		 * 
		 * @access public
		 * @param integer $userkey The primary key for the user in question
		 * @param string $stringpassword The plain text password that the user most likely entered in a login form 
		 * @return string Returns a string with the properly encoded and formated password for the user/password specified
		 */		
		public function generatepass($userkey, $stringpassword) {
			global $globalsalt; // The global salt is set in settings.php
			$userhash = $this->get($userkey, '`user_key`');
			$finalpass = md5($userhash[0] . $stringpassword . $globalsalt);
			return $finalpass;
		}
		
	
		/**
		 * checkpass() Method
		 * 
		 * This method returns true if the information provided matches the password stored in the database, 
		 * otherwise it returns false
		 * 
		 * @access public
		 * @param integer $userkey The primary key for the user in question
		 * @param string $stringpassword The plain text password that the user most likely entered in a login form 
		 * @return boolean Returns true if the information provided matches the password stored in the database, otherwise it returns false
		 */
		public function checkpass($userkey, $stringpassword) {
			$inputpass = $this->generatepass($userkey, $stringpassword);
			$userpassword = $this->get($userkey, '`user_password`');
			if($inputpass==$userpassword[0]) {
				return true;
			} else {
				return false;
			}
		}
		
		/**
		 * getsid() Method
		 * 
		 * Returns the current session ID.
		 * @access public
		 * @return mixed Returns the current session ID or false if no session exists (should never happen)
		 */
		public function getsid() {
			if(isset($_SESSION)) {
				return session_id();
			} else {
				return false;
			}
		}
		
		/**
		 * getuid() Method
		 * 
		 * Resolves and returns the User ID number based off the primary key
		 * @access public
		 * @param string $username The username you wish to look up the user id of.
		 * @return mixed Returns an integer value, corresponding to the user id.  If the query fails, returns false.
		 */
		public function getuid($username) {
			global $database;
			if($result = $database->query('SELECT `id` FROM `users` WHERE `username`="'.$this->clean($username).'";')) {
				return $result[0][0];
			} else {
				return false;
			}
		}
		
		/**
		 * get() Method
		 * 
		 * The get() method returns information regarding the user specified in $user, and returns the columns specified in $columns
		 * Be careful to properly sanitize any user submitted data before feeding it to this method.
		 * 
		 * @access public
		 * @param integer $user The user number of the user you wish to look up
		 * @param string $columns The comma seperated list of columns to return.  By default this method returns all columns.
		 */
		public function get($user, $columns = '*') {
			global $database; // $database is the global database connection
			try {
				if ($result = $database->query('SELECT '.$columns.' FROM `users` WHERE `id`='.$user.';')) {
					return $result[0];
				} else {
					throw new Exception('A query used to access the user database failed.  $user='.$user.' $columns='.$columns);
				}
			} catch(Exception $e) {
				$this->errorReport($e);
			}			
		}
		
		/**
		 * permissions() Method
		 * 
		 * Returns the numeric permission level for the $user specified
		 * 
		 * @access public
		 * @param integer $user The user number of the user to look up permissions for.  If not specified, this will return guest privledges
		 * @return integer Returns the numeric permission level for the $user specified
		 */
		public function permissions($user=0) {
			try {
				if($user!=0) {	
					$group_id = $this->get($user, '`group_id`');
					$this->debug('User permission level: ' . $group_id['group_id']);
					return $group_id['group_id']; // Return the permission level of the user
				} else {
					return 997; // Return 997, which is the default "Guest"
				}
			} catch(Exception $e) {
				$this->errorReport($e);
			}				
		}
		
		/**
		 * createuser() Method
		 * 
		 * Creates a new user
		 * 
		 * @access public
		 * @param array $userfields
		 * @return void
		 */		
		public function createuser($userfields) {
			global $database;
			$database->query("INSERT INTO `users` (`id`,`group_id`,`username`,`user_password`,`user_email`,`user_ip`,`user_points`,`user_slogan`,`user_description`,`user_location`,`user_avatar`,`user_last_visit_date`,`user_register_date`,`user_posts`,`user_comments`,`user_warnings`,`user_language`,`user_timezone`,`user_website`,`user_birthday`,`user_aim`,`user_msn`,`user_skype`,`user_signature`,`user_hobbies`,`user_favorite_music`,`user_favorite_movies`,`user_favorite_games`,`user_about`,`user_mood`,`user_key`,`user_remember_key`,`user_last_ip`) VALUES ({$userfields['id']},{$userfields['group_id']},'{$userfields['username']}','{$userfields['user_password']}','{$userfields['user_email']}','{$userfields['user_ip']}',{$userfields['user_points']},'{$userfields['user_slogan']}','{$userfields['user_description']}','{$userfields['user_location']}','{$userfields['user_avatar']}',{$userfields['user_last_visit_date']},{$userfields['user_register_date']},{$userfields['user_posts']},{$userfields['user_comments']},{$userfields['user_warnings']},'{$userfields['user_language']}','{$userfields['user_timezone']}','{$userfields['user_website']}',{$userfields['user_birthday']},'{$userfields['user_aim']}','{$userfields['user_msn']}','{$userfields['user_skype']}','{$userfields['user_signature']}','{$userfields['user_hobbies']}','{$userfields['user_favorite_music']}','{$userfields['user_favorite_movies']}','{$userfields['user_favorite_games']}','{$userfields['user_about']}','{$userfields['user_mood']}','{$userfields['user_key']}','{$userfields['user_remember_key']}','{$userfields['user_last_ip']}');");
		}
		
		
		
		
		
}
Return current item: GroundOS