Changeset 880 for trunk/Modules/User/User.php
- Timestamp:
- Apr 7, 2020, 10:15:48 PM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Modules/User/User.php
r871 r880 34 34 'Icon' => '', 35 35 ), 0); 36 if (array_key_exists('Search', $this->System->ModuleManager->Modules))36 if (array_key_exists('Search', $this->System->ModuleManager->Modules)) 37 37 $this->System->ModuleManager->Modules['Search']->RegisterSearch('user', 38 38 T('Translators'), array('Name'), '`User`', $this->System->Link('/users/?search=')); … … 49 49 'WHERE (`ActivityTime` >= NOW() - 300) '. 50 50 'ORDER BY `ActivityTime` DESC ) AS `T` GROUP BY `Name`'); 51 while ($DbUser = $DbResult->fetch_assoc())51 while ($DbUser = $DbResult->fetch_assoc()) 52 52 { 53 53 $Name = '<a href="'.$this->System->Link('/user/?user='.$DbUser['ID']).'">'.$DbUser['Name'].'</a>'; 54 54 $Output .= $Name.'<br />'; 55 55 } 56 return ($Output);56 return $Output; 57 57 } 58 58 … … 60 60 { 61 61 $Output = ''; 62 if ($this->System->User->Licence(LICENCE_USER))62 if ($this->System->User->Licence(LICENCE_USER)) 63 63 { 64 64 //$DbResult =$this->Database->query('SELECT `Id`, `Name` FROM `Team` WHERE `Id`='.$this->System->User->Team); … … 79 79 '<a href="'.$this->System->Link('/registration/').'">'.T('Registration').'</a>'; 80 80 } 81 return ($Output);81 return $Output; 82 82 } 83 83 } … … 104 104 </table> 105 105 </fieldset></form>'; 106 return ($Output);106 return $Output; 107 107 } 108 108 } … … 132 132 $this->Database = &$System->Database; 133 133 $this->OnlineStateTimeout = 600; // in seconds 134 if (isset($_SESSION)) $this->Check();134 if (isset($_SESSION)) $this->Check(); 135 135 } 136 136 … … 144 144 $DbResult = $this->Database->query('SELECT `ID` FROM `User` WHERE '. 145 145 'LOWER(`Name`) = LOWER("'.$Name.'") AND `Pass` = '.$this->CryptPasswordSQL('"'.$Password.'"', '`Salt`')); 146 if ($DbResult->num_rows > 0)146 if ($DbResult->num_rows > 0) 147 147 { 148 148 $User = $DbResult->fetch_assoc(); … … 151 151 // Prepare cookies for permanent login 152 152 $StayLoggedSalt = $this->GetPasswordSalt(); 153 if ($StayLogged == true) $StayLoggedValue = 1; else $StayLoggedValue = 0;153 if ($StayLogged == true) $StayLoggedValue = 1; else $StayLoggedValue = 0; 154 154 $this->Database->update('UserOnline', '`SessionId`="'.$SID.'"', array( 155 155 'User' => $User['ID'], 'StayLogged' => $StayLoggedValue, 'StayLoggedHash' => $StayLoggedSalt)); 156 if ($StayLogged)156 if ($StayLogged) 157 157 { 158 158 setcookie('LoginUserId', $User['ID'], time() + 365 * 24 * 60 * 60); … … 176 176 { 177 177 $SID = session_id(); 178 if ($this->Role != LICENCE_ANONYMOUS)178 if ($this->Role != LICENCE_ANONYMOUS) 179 179 { 180 180 $this->Database->update('UserOnline', '`SessionId`="'.$SID.'"', array('User' => null)); … … 192 192 'LEFT JOIN `ClientVersion` ON `ClientVersion`.`Id` = `User`.`PreferredVersion` '. 193 193 'WHERE `User`.`ID` = '.$this->Id); 194 if ($DbResult->num_rows > 0)194 if ($DbResult->num_rows > 0) 195 195 { 196 196 $User = $DbResult->fetch_assoc(); … … 222 222 function Licence($Licence) 223 223 { 224 if (GetRemoteAddress() == '') return(true); // Execution from command line225 else return ($this->Role >= $Licence);224 if (GetRemoteAddress() == '') return true; // Execution from command line 225 else return $this->Role >= $Licence; 226 226 } 227 227 … … 229 229 { 230 230 $DbResult = $this->Database->select('APIToken', 'User', '`Token`="'.$Token.'"'); 231 if ($DbResult->num_rows > 0)231 if ($DbResult->num_rows > 0) 232 232 { 233 233 $DbRow = $DbResult->fetch_assoc(); 234 234 $DbResult2 = $this->Database->select('User', 'GM', '`ID`="'.$DbRow['User'].'"'); 235 235 $DbRow2 = $DbResult2->fetch_assoc(); 236 return ($DbRow2['GM'] >= $Licence);237 } else return (false);236 return $DbRow2['GM'] >= $Licence; 237 } else return false; 238 238 } 239 239 240 240 function GetPasswordSalt() 241 241 { 242 return (substr(sha1(mt_rand()), 0, 8));242 return substr(sha1(mt_rand()), 0, 8); 243 243 } 244 244 245 245 function CryptPasswordSQL($Password, $Salt) 246 246 { 247 return ('SHA1(CONCAT(SHA1('.$Password.'), '.$Salt.'))');247 return 'SHA1(CONCAT(SHA1('.$Password.'), '.$Salt.'))'; 248 248 } 249 249 … … 253 253 // Lookup user record 254 254 $Query = $this->Database->select('UserOnline', '*', 'SessionId="'.$SID.'"'); 255 if ($Query->num_rows > 0)255 if ($Query->num_rows > 0) 256 256 { 257 257 // Refresh time of last access 258 258 $this->Database->update('UserOnline', 'SessionId="'.$SID.'"', array('ActivityTime' => 'NOW()')); 259 259 } else { 260 if (GetRemoteAddress() != '') $HostName = gethostbyaddr(GetRemoteAddress());260 if (GetRemoteAddress() != '') $HostName = gethostbyaddr(GetRemoteAddress()); 261 261 else $HostName = ''; 262 262 $this->Database->insert('UserOnline', array('SessionId' => $SID, … … 267 267 268 268 // Logged permanently? 269 if (array_key_exists('LoginHash', $_COOKIE))269 if (array_key_exists('LoginHash', $_COOKIE)) 270 270 { 271 271 $DbResult = $this->Database->query('SELECT * FROM `UserOnline` WHERE `User`='.$_COOKIE['LoginUserId']. 272 272 ' AND `StayLogged`=1 AND SessionId!="'.$SID.'"'); 273 if ($DbResult->num_rows > 0)273 if ($DbResult->num_rows > 0) 274 274 { 275 275 $DbRow = $DbResult->fetch_assoc(); 276 if (sha1($_COOKIE['LoginUserId'].$DbRow['StayLoggedHash']) == $_COOKIE['LoginHash'])276 if (sha1($_COOKIE['LoginUserId'].$DbRow['StayLoggedHash']) == $_COOKIE['LoginHash']) 277 277 { 278 278 $this->Database->query('DELETE FROM `UserOnline` WHERE `SessionId`="'.$SID.'"'); … … 285 285 $Query = $this->Database->select('UserOnline', '*', '`SessionId`="'.$SID.'"'); 286 286 $Row = $Query->fetch_assoc(); 287 if ($Row['User'] != '')287 if ($Row['User'] != '') 288 288 { 289 289 $this->Id = $Row['User']; … … 296 296 // Remove nonactive users 297 297 $DbResult = $this->Database->select('UserOnline', '`Id`, `User`', '(`ActivityTime` < DATE_SUB(NOW(), INTERVAL '.$this->OnlineStateTimeout.' SECOND)) AND (`StayLogged` = 0)'); 298 while ($DbRow = $DbResult->fetch_array())298 while ($DbRow = $DbResult->fetch_array()) 299 299 { 300 300 $this->Database->delete('UserOnline', 'Id='.$DbRow['Id']); … … 305 305 { 306 306 $Salt = $this->GetPasswordSalt(); 307 if ($Team == null) $Team = 'NULL';308 if ($PreferredVersion == null) $PreferredVersion = 'NULL';307 if ($Team == null) $Team = 'NULL'; 308 if ($PreferredVersion == null) $PreferredVersion = 'NULL'; 309 309 $this->Database->query('INSERT INTO `User` '. 310 310 '(`Name` , `Pass` , `Salt`, `Email` , `Language` , `Team` , `NeedUpdate`, `RegistrationTime`, `PreferredVersion` ) '.
Note:
See TracChangeset
for help on using the changeset viewer.