source: trunk/class/User.php

Last change on this file was 14, checked in by maron, 13 years ago

přihlášení

  • Property svn:executable set to *
File size: 3.1 KB
Line 
1<?php
2
3//class User
4//last change 19.6.2012
5
6// User licence levels
7define('LICENCE_ANONYMOUS', -1);
8define('LICENCE_USER', 0);
9define('LICENCE_MODERATOR', 1);
10define('LICENCE_ADMIN', 2);
11
12class User
13{
14 var $Id;
15 var $Name;
16 var $Team;
17 var $Role;
18 var $Database;
19
20 function __construct($Database)
21 {
22 $this->Database = $Database;
23 if(isset($_SESSION)) $this->Restore();
24 else $this->SetAnonymous();
25 }
26
27 function __destroy()
28 {
29 if(isset($_SESSION)) $this->Store();
30 }
31
32 function Login($Name, $Password)
33 {
34 $DbResult = $this->Database->query('SELECT `ID` FROM `User` WHERE LOWER(`Name`) = LOWER("'.$Name.'") AND `Pass` = '.$this->CryptPasswordSQL('"'.$Password.'"', '`Salt`'));
35 if($DbResult->num_rows > 0)
36 {
37 $User = $DbResult->fetch_assoc();
38 $this->Id = $User['ID'];
39 $this->Load();
40 //TODO: WriteLog('Login: '.$Name, LOG_TYPE_USER);
41 $this->UpdateState();
42 } else $ŧhis->Role = LICENCE_ANONYMOUS;
43 }
44
45 function Register($Email,$RegUser,$RegPass,$RegPass2)
46 {
47
48 if ($RegPass != $RegPass2) return -1;
49
50 $Salt = $this->GetPasswordSalt();
51
52 $DbResult = $this->Database->insert('User', array(
53 'Email' => '"'.$Email.'"',
54 'Name' => '"'.$RegUser.'"',
55 'Pass' => $this->CryptPasswordSQL('"'.$RegPass.'"', '"'.$Salt.'"'),
56 'LastIP' => '"'.$_SERVER['REMOTE_ADDR'].'"',
57 'Salt' => '"'.$Salt.'"',
58 )
59 );
60
61
62 return $DbResult;
63
64 }
65
66 function Logout()
67 {
68 if($this->Role != LICENCE_ANONYMOUS)
69 $this->Database->query('UPDATE `User` SET `LastLogout` = NOW() WHERE `ID` = '.$this->Id);
70 $this->SetAnonymous();
71 }
72
73 function Load()
74 {
75 $DbResult = $this->Database->query('SELECT * FROM `User` WHERE `ID` = '.$this->Id);
76 $User = $DbResult->fetch_assoc();
77 // Security: Password and Salt hash should not be loaded to variables
78 $this->Id = $User['ID'];
79 $this->Name = $User['Name'];
80 $this->Role = LICENCE_USER;
81 $this->Email = $User['Email'];
82 }
83
84 function Restore()
85 {
86 if(array_key_exists('UserId', $_SESSION))
87 {
88 $this->Id = $_SESSION['UserId'];
89 if($this->Id != 0)
90 {
91 $this->Load();
92 $this->UpdateState();
93 } else $this->SetAnonymous();
94 } else $this->SetAnonymous();
95 }
96
97 protected function Store()
98 {
99 $_SESSION['UserId'] = $this->Id;
100 }
101
102 protected function SetAnonymous()
103 {
104 $this->Id = 0;
105 $this->Name = 'anonymous';
106 $this->Role = LICENCE_ANONYMOUS;
107 $this->Email = '';
108 }
109
110 function Licence($Licence)
111 {
112 if(!isset($_SERVER['REMOTE_ADDR'])) return(true); // Execution from command line
113 else return($this->Role >= $Licence);
114 }
115
116 protected function GetPasswordSalt()
117 {
118 return(substr(sha1(mt_rand()), 0, 8));
119 }
120
121 protected function CryptPasswordSQL($Password, $Salt)
122 {
123 return('sha1(CONCAT(sha1('.$Password.'), '.$Salt.'))');
124 }
125
126 function UpdateState()
127 {
128 if(array_key_exists('REMOTE_ADDR', $_SERVER))
129 $this->Database->query('UPDATE `User` SET `LastIP` = "'.$_SERVER['REMOTE_ADDR'].'", `LastLogin` = NOW() WHERE `ID` = '.$this->Id);
130 }
131}
132
133?>
Note: See TracBrowser for help on using the repository browser.