<?phpnamespace Revolution;if(!defined('IN_INDEX')) { die('Sorry, you canno

1. <?php
2.  
3. namespace Revolution;
4. if(!defined('IN_INDEX')) { die('Sorry, you cannot access this file.'); }
5. class users implements iUsers
6. {
7.  
8. /*-------------------------------Authenticate-------------------------------------*/
9.  
10. final public function isLogged()
11. {
12. if(isset($_SESSION['user']['id']))
13. {
14. return true;
15. }
16.  
17. return false;
18. }
19.  
20. /*-------------------------------Checking of submitted data-------------------------------------*/
21.  
22. final public function validName($username)
23. {
24. if(strlen($username) <= 25 && ctype_alnum($username))
25. {
26. return true;
27. }
28.  
29. return false;
30. }
31.  
32. final public function validEmail($email)
33. {
34. return preg_match("/^[a-z0-9_\.-]+@([a-z0-9]+([\-]+[a-z0-9]+)*\.)+[a-z]{2,7}$/i", $email);
35. }
36.  
37. final public function nameTaken($username)
38. {
39. global $engine;
40.  
41. if($engine->num_rows("SELECT * FROM users WHERE username = '" . $username . "' LIMIT 1") > 0)
42. {
43. return true;
44. }
45.  
46. return false;
47. }
48.  
49. final public function emailTaken($email)
50. {
51. global $engine;
52.  
53. if($engine->num_rows("SELECT * FROM users WHERE mail = '" . $email . "' LIMIT 1") > 0)
54. {
55. return true;
56. }
57.  
58. return false;
59. }
60.  
61. final public function userValidation($username, $password)
62. {
63. global $engine;
64. if($engine->num_rows("SELECT * FROM users WHERE username = '" . $username . "' AND password = '" . $password . "' LIMIT 1") > 0)
65. {
66. return true;
67. }
68.  
69. return false;
70. }
71.  
72. /*-------------------------------Stuff related to bans-------------------------------------*/
73.  
74. final public function isBanned($value)
75. {
76. global $engine;
77. if($engine->num_rows("SELECT * FROM bans WHERE value = '" . $value . "' LIMIT 1") > 0)
78. {
79. return true;
80. }
81.  
82. return false;
83. }
84.  
85. final public function getReason($value)
86. {
87. global $engine;
88. return $engine->result("SELECT ban_reason FROM bans WHERE value = '" . $value . "' LIMIT 1");
89. }
90.  
91. final public function hasClones($ip)
92. {
93. global $engine;
94. if($engine->num_rows("SELECT * FROM users WHERE ip_register = '" . $_SERVER['REMOTE_ADDR'] . "'") == 2) {
95. return true;
96. }
97.  
98. return false;
99. }
100.  
101. /*-------------------------------Login or Register user-------------------------------------*/
102.  
103. final public function register()
104. {
105. global $core, $template, $_CONFIG;
106.  
107. if(isset($_POST['register']))
108. {
109. unset($template->form->error);
110.  
111. $template->form->setData();
112.  
113. if($this->validName($template->form->reg_username))
114. {
115. if(!$this->nameTaken($template->form->reg_username))
116. {
117. if($this->validEmail($template->form->reg_email))
118. {
119. if(!$this->emailTaken($template->form->reg_email))
120. {
121. if(strlen($template->form->reg_password) > 6)
122. {
123. if($template->form->reg_password == $template->form->reg_rep_password)
124. {
125. if($this->isBanned($_SERVER['REMOTE_ADDR']) == false)
126. {
127. if(!$this->hasClones($_SERVER['REMOTE_ADDR']))
128. {
129. if(!preg_match('/[^a-z_\-0-9]/i', $template->form->reg_username)
130. {
131. if (preg_match('mod|staff|admin|vip', $template->form->reg_username)
132. {
133. if(!isset($template->form->reg_gender)) { $template->form->reg_gender = 'M'; }
134. if(!isset($template->form->reg_figure)) { $template->form->reg_figure = $_CONFIG['hotel']['figure']; }
135.  
136. $this->addUser($template->form->reg_username, $core->hashed($template->form->reg_password), $template->form->reg_email, $_CONFIG['hotel']['motto'], $_CONFIG['hotel']['credits'], $_CONFIG['hotel']['pixels'], 1, $template->form->reg_figure, $template->form->reg_gender, $core->hashed($template->form->reg_key));
137.  
138. $this->turnOn($template->form->reg_username);
139.  
140. header('Location: ' . $_CONFIG['hotel']['url'] . '/me');
141. exit;
142. }
143. else
144. {
145. $template->form->error = 'Sorry, but that prefix is reserved!';
146. }
147. else
148. {
149. $template->form->error = 'Sorry, but the username you entered contained invalid characters';
150. }
151. else
152. {
153. $template->form->error = 'Sorry, but you cannot register twice';
154. }
155. }
156. else
157. {
158. $template->form->error = 'Sorry, it appears you are IP banned.<br />';
159. $template->form->error .= 'Reason: ' . $this->getReason($_SERVER['REMOTE_ADDR']);
160. return;
161. }
162. }
163. else
164. {
165. $template->form->error = 'Password does not match repeated password';
166. return;
167. }
168.  
169. }
170. else
171. {
172. $template->form->error = 'Password must have more than 6 characters';
173. return;
174. }
175. }
176. else
177. {
178. $template->form->error = 'Email: <b>' . $template->form->reg_email . '</b> is already registered';
179. return;
180. }
181. }
182. else
183. {
184. $template->form->error = 'Email is not valid';
185. return;
186. }
187. }
188. else
189. {
190. $template->form->error = 'Username is already registered';
191. return;
192. }
193. }
194. else
195. {
196. $template->form->error = 'Username is invalid';
197. return;
198. }
199. }
200. }
201.  
202. final public function login()
203. {
204. global $template, $_CONFIG, $core;
205.  
206. if(isset($_POST['login']))
207. {
208. $template->form->setData();
209. unset($template->form->error);
210.  
211. if($this->nameTaken($template->form->log_username))
212. {
213. if($this->isBanned($template->form->log_username) == false || $this->isBanned($_SERVER['REMOTE_ADDR']) == false)
214. {
215. if($this->userValidation($template->form->log_username, $core->hashed($template->form->log_password)))
216. {
217. $this->turnOn($template->form->log_username);
218. $this->updateUser($_SESSION['user']['id'], 'ip_current', $_SERVER['REMOTE_ADDR']);
219. $template->form->unsetData();
220. header('Location: ' . $_CONFIG['hotel']['url'] . '/me');
221. exit;
222. }
223. else
224. {
225. $template->form->error = 'Details do not match';
226. return;
227. }
228. }
229. else
230. {
231. $template->form->error = 'Sorry, it appears this user is banned<br />';
232. $template->form->error .= 'Reason: ' . $this->getReason($template->form->log_username);
233. return;
234. }
235. }
236. else
237. {
238. $template->form->error = 'Username does not exist';
239. return;
240. }
241. }
242. }
243.  
244. /*final public function loginHK()
245. {
246. global $template, $_CONFIG, $core;
247.  
248. if(isset($_POST['login']))
249. {
250. $template->form->setData();
251. unset($template->form->error);
252.  
253. if(isset($template->form->username) && isset($template->form->password))
254. {
255. if($this->nameTaken($template->form->username))
256. {
257. if($this->userValidation($template->form->username, $core->hashed($template->form->password)))
258. {
259. if(($this->getInfo($_SESSION['user']['id'], 'rank')) >= 6)
260. {
261. $_SESSION["in_hk"] = true;
262. header("Location:".$_CONFIG['hotel']['url']."/admin/");
263. exit;
264. }
265. else
266. {
267. $template->form->error = 'Incorrect access level.';
268. return;
269. }
270. }
271. else
272. {
273. $template->form->error = 'Incorrect password.';
274. return;
275. }
276. }
277. else
278. {
279. $template->form->error = 'User does not exist.';
280. return;
281. }
282. }
283.  
284. $template->form->unsetData();
285. }
286. } */
287.  
288. final public function help()
289. {
290. global $template, $_CONFIG;
291. $template->form->setData();
292.  
293. if(isset($template->form->help))
294. {
295. $to = $_CONFIG['hotel']['email'];
296. $subject = "Help from RevCMS user - " . $this->getInfo($_SESSION['user']['id'], 'username');
297. $body = $template->form->question;
298.  
299. if (mail($to, $subject, $body))
300. {
301. $template->form->error = 'Message successfully sent! We will answer you shortly!';
302. }
303. else
304. {
305. $template->form->error = 'Message delivery failed.';
306. }
307. }
308. }
309.  
310. /*-------------------------------Account settings-------------------------------------*/
311.  
312. final public function updateAccount()
313. {
314. global $template, $_CONFIG, $core, $engine;
315.  
316. if(isset($_POST['account']))
317. {
318.  
319. if(isset($_POST['acc_motto']) && strlen($_POST['acc_motto']) < 30 && $_POST['acc_motto'] != $this->getInfo($_SESSION['user']['id'], 'motto'))
320. {
321. $this->updateUser($_SESSION['user']['id'], 'motto', $engine->secure($_POST['acc_motto']));
322. header('Location: '.$_CONFIG['hotel']['url'].'/account');
323. exit;
324. }
325. else
326. {
327. $template->form->error = 'Motto is invalid.';
328. }
329.  
330. if(isset($_POST['acc_email']) && $_POST['acc_email'] != $this->getInfo($_SESSION['user']['id'], 'mail'))
331. {
332. if($this->validEmail($_POST['acc_email']))
333. {
334. $this->updateUser($_SESSION['user']['id'], 'mail', $engine->secure($_POST['acc_email']));
335. header('Location: '.$_CONFIG['hotel']['url'].'/account');
336. exit;
337. }
338. else
339. {
340. $template->form->error = 'Email is not valid';
341. return;
342. }
343. }
344.  
345. if(!empty($_POST['acc_old_password']) && !empty($_POST['acc_new_password']))
346. {
347. if($this->userValidation($this->getInfo($_SESSION['user']['id'], 'username'), $core->hashed($_POST['acc_old_password'])))
348. {
349. if(strlen($_POST['acc_new_password']) >= 8)
350. {
351. $this->updateUser($_SESSION['user']['id'], 'password', $core->hashed($_POST['acc_new_password']));
352. header('Location: '.$_CONFIG['hotel']['url'].'/me');
353. exit;
354. }
355. else
356. {
357. $template->form->error = 'New password is too short';
358. return;
359. }
360. }
361. else
362. {
363. $template->form->error = 'Current password is wrong';
364. return;
365. }
366. }
367. }
368. }
369.  
370.  
371. final public function turnOn($k)
372. {
373. $j = $this->getID($k);
374. $this->createSSO($j);
375. $_SESSION['user']['id'] = $j;
376. $this->cacheUser($j);
377. unset($j);
378. }
379.  
380. /*-------------------------------Loggin forgotten-------------------------------------*/
381.  
382. final public function forgotten()
383. {
384. //this was an exploit.......
385. }
386.  
387. /*-------------------------------Create SSO auth_ticket-------------------------------------*/
388.  
389. final public function createSSO($k)
390. {
391. $sessionKey = 'RevCMS-'.rand(9,999).'/'.substr(sha1(time()).'/'.rand(9,9999999).'/'.rand(9,9999999).'/'.rand(9,9999999),0,33);
392.  
393. $this->updateUser($k, 'auth_ticket', $sessionKey);
394.  
395. unset($sessionKey);
396. }
397.  
398. /*-------------------------------Adding/Updating/Deleting users-------------------------------------*/
399.  
400. final public function addUser($username, $password, $email, $motto, $credits, $pixels, $rank, $figure, $gender)
401. {
402. global $engine;
403. $sessionKey = 'RevCMS-'.rand(9,999).'/'.substr(sha1(time()).'/'.rand(9,9999999).'/'.rand(9,9999999).'/'.rand(9,9999999),0,33);
404. $engine->query("INSERT INTO users (username, password, mail, motto, credits, points, rank, look, gender, ip_current, ip_register, account_created, last_online, auth_ticket) VALUES('" . $username . "', '" . $password . "', '" . $email . "', '" . $motto . "', '" . $credits . "', '" . $pixels . "', '" . $rank . "', '" . $figure . "', '" . $gender . "', '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['REMOTE_ADDR'] . "', '" . time() . "', '" . time() . "', '" . $sessionKey . "')");
405. unset($sessionKey);
406.  
407. }
408.  
409. final public function deleteUser($k)
410. {
411. global $engine;
412. $engine->query("DELETE FROM users WHERE id = '" . $k . "' LIMIT 1");
413. $engine->query("DELETE FROM items WHERE userid = '" . $k . "' LIMIT 1");
414. $engine->query("DELETE FROM rooms WHERE ownerid = '" . $k . "' LIMIT 1");
415. }
416.  
417. final public function updateUser($k, $key, $value)
418. {
419. global $engine;
420. $engine->query("UPDATE users SET " . $key . " = '" . $engine->secure($value) . "' WHERE id = '" . $k . "' LIMIT 1");
421. $_SESSION['user'][$key] = $engine->secure($value);
422. }
423.  
424. /*-------------------------------Handling user information-------------------------------------*/
425.  
426. final public function cacheUser($k)
427. {
428. global $engine;
429. $userInfo = $engine->fetch_assoc("SELECT username, rank, motto, mail, credits, points, look, auth_ticket, ip_current FROM users WHERE id = '" . $k . "' LIMIT 1");
430.  
431. foreach($userInfo as $key => $value)
432. {
433. $this->setInfo($key, $value);
434. }
435. }
436.  
437. final public function setInfo($key, $value)
438. {
439. global $engine;
440. $_SESSION['user'][$key] = $engine->secure($value);
441. }
442.  
443. final public function getInfo($k, $key)
444. {
445. global $engine;
446. if(!isset($_SESSION['user'][$key]))
447. {
448. $value = $engine->result("SELECT $key FROM users WHERE id = '" . $engine->secure($k) . "' LIMIT 1");
449. if($value != null)
450. {
451. $this->setInfo($key, $value);
452. }
453. }
454.  
455. return $_SESSION['user'][$key];
456. }
457.  
458.  
459.  
460. /*-------------------------------Get user ID or Username-------------------------------------*/
461.  
462. final public function getID($k)
463. {
464. global $engine;
465. return $engine->result("SELECT id FROM users WHERE username = '" . $engine->secure($k) . "' LIMIT 1");
466. }
467.  
468. final public function getUsername($k)
469. {
470. global $engine;
471. return $this->getInfo($_SESSION['user']['id'], 'username');
472. }
473.  
474. }
475. ?>