Untitled

<?php
/* This Class is the basic user model */
class User {
     // Constants
     const NICKNAME_MAXLENGTH = 20;
     const NICKNAME_MINLENGTH = 3;
     const PASSWORD_MAXLENGTH = 30;
     const PASSWORD_MINLENGTH = 5;
     const LANG_USABILITY = 1;
     const LANG_EXISTS = 0;
     const TRAINER_MSG_MAXLENGTH = 255;

     // Main user atributes
     private $user_id;
     private $nickname;
     private $password;
     // Profile attributes
     private $language = DEFAULT_LANGUAGE;
     private $trainer_icon = 1;
     private $trainer_msg;
     private $color;
     private $timetable;
     private $IP;
     private $last_visit;
     private $subscribed;
     // User authority attribute
     private $auth_level = 0;

     public function __construct($nickname, $password) {
         global $_SERVER;
         $this->nickname = $nickname;
         $this->password = $password;
         $this->IP = $_SERVER['REMOTE_ADDR'];
         $this->last_visit = time();
         $this->subscribed = time();
     }

     public function SetLanguage($lang) {
         global $UF;
         if($this->VerifyUserLanguage($UF->SecureData($lang)))
         {
             $this->language = $UF->SecureData($lang);
         }
     }

     public function SetTrainerIcon($icon) {
         $this->trainer_icon = $icon;
     }

     public function GetNickname() {
         return $this->nickname;
     }

     public function GetPassword() {
         return $this->password;
     }

     public function GetLanguage() {
         return $this->language;
     }

     // Verify if the nickname is already taken
     public function VerifyNickAvailability($nick) {
         global $PA;
         global $UF;

         // We look for any primary or secondary nickname identifal to the login
         $query = $PA->prepare('SELECT '.TABLE_USERS_USERID.' FROM '.TABLE_USERS.' WHERE '.TABLE_USERS_NICKNAME.'=:nickname') or die($PA->error);
         $query->execute(array('nickname'=>$UF->SecureData($nick)));
         if($query->rowCount() != 0) // If it's taken as a primary nickname
         {
             $query = NULL;
             return false;
             break;
         }
         else
         {
             $query = NULL;
             // We verify if it it's used as a secondary nickname
             $query = $PA->prepare('SELECT '.TABLE_SECONDARIES_NICK.'.user_id FROM '.TABLE_SECONDARIES_NICK.' WHERE '.TABLE_SECONDARIES_NICK.'.user_nickname=:nickname') or die($PA->error);
             $query->execute(array('nickname'=>$UF->SecureData($nick)));
             if($query->rowCount() != 0) // If it's taken as a secondary nickname
             {
                 $query = NULL;
                 return false;
             }
             else
             {
                 $query = NULL;
                 return true;
             }
         }
     }

     public function VerifyLogins($login, $password) { // Verify the format of the login/password
         global $UF; // We need the utility Function
         $errors = '';

         // We start by verifying the nickname
         if(empty($login) || !preg_match("#^[^".$UF->EspapeRegexData('*+\\/"\'')."]{".self::NICKNAME_MINLENGTH.",".self::NICKNAME_MAXLENGTH."}$#", $login))
         {
             $errors .= 'The nickname is incorrect.<br /c';
         }
         // We verify the password
         if(empty($password) || !preg_match("#^[^(\n)]{".self::PASSWORD_MINLENGTH.",".self::PASSWORD_MAXLENGTH."}$#", $password))
         {
             $errors .= 'The password is incorrect.<br />';
         }
         // Now if the $errors variable is not empty then there is an error
         if($errors == '')
         {
             return true;
         }
         else
         {
             return false;
         }
     }

     public function AddUser($login, $password) { // Add a new user to the database
         global $PA; // To access the PDO variable
         global $UF;

         // First we need to verify the logins
         if($this->VerifyLogins($login, $password) && $this->VerifyNickAvailability($login) && $this->VerifyUserIP($this->IP) && $this->VerifyUserLanguage($this->language, self::LANG_USABILITY))
         {
             // Now that we are sure about the validity of the logins, we can add the user to the dabase
             $query = $PA->prepare('INSERT INTO '.TABLE_USERS.'('.TABLE_USERS_NICKNAME.', '.TABLE_USERS_PASSWORD.') VALUES(:nickname, :password)') or die($PA->error);
             $query->execute(array('nickname'=>$UF->SecureData($this->nickname), 'password'=>md5($this->password)));
             $query = NULL;
             $this->user_id = $PA->lastInsertId(); // We recover the ID given to the user
             // Now we need to create the rest of the tables that are in relation with the users table
             $query = $PA->prepare('INSERT INTO '.TABLE_USERS_AUTH.'(user_id, user_auth_level) VALUES(:id, :auth)') or die($PA->error);
             $query->execute(array('id'=>$this->user_id, 'auth'=>$this->auth_level));
             $query = NULL;
             // Now we add the user profile
             $query = $PA->prepare('INSERT INTO '.TABLE_USERS_PROFILES.'(user_id, user_lang, user_color, user_ip, user_last_visit, user_subscribed) VALUES(:id, :language, :color, :ip, :timestamp, :timestamp2)') or die($PA->error);
             $query->execute(array('id'=>$this->user_id, 'language'=>$this->language, 'color'=>$UF->RandomColor(), 'ip'=>$this->IP, 'timestamp'=>$this->last_visit, 'timestamp2'=>$this->subscribed));
             $query = NULL;
             // Now we add the user status
             $query = $PA->prepare('INSERT INTO '.TABLE_USERS_STATUS.'(user_id, user_tempban) VALUES(:id, :tempban)') or die($PA->error);
             $query->execute(array('id'=>$this->user_id, ':tempban'=>time()));
             return true; // The user was successfully added
         }
         else
         {
             return false;
         }
     }

     /* Methodes concerning the user profile */

     // Verify if a language exists in the database and if it is usable depending on the $option parametre
     public function VerifyUserLanguage($lang, $option) {
         global $PA;
         global $UF;

         if($option == self::LANG_EXISTS) // Will only verify if it exists
         {
             $query = $PA->prepare('SELECT lang_name FROM '.TABLE_LANGUAGES.' WHERE '.TABLE_LANGUAGES.'.lang_name=:langname') or die($PA->error);
             $query->execute(array('langname'=>$UF->SecureData($lang)));
             if($query->rowCount() == 0) // No existing language with the same name
             {
                 $query = NULL;
                 return false;
                 break;
             }
             else
             {
                 $query = NULL;
                 return true;
                 break;
             }
         }
         elseif($option == self::LANG_USABILITY) // Will verify if we can use it(existence and status)
         {
             $query = $PA->prepare('SELECT lang_name FROM '.TABLE_LANGUAGES.' WHERE '.TABLE_LANGUAGES.'.lang_name=:langname AND '.TABLE_LANGUAGES.'.lang_status=1') or die($PA->error);
             $query->execute(array('langname'=>$UF->SecureData($lang)));
             if($query->rowCount() == 0) // No existing language with the same name/width 1 as status
             {
                 $query = NULL;
                 return false;
             }
             else
             {
                 $query = NULL;
                 return true;
             }
         }
     }

     // Verify if a trainer icon exists
     public function VerifyTrainerIcon($icon) {
         global $PA;
         if(preg_match("#^[0-9]{1,3}$#", $icon)) // We need to make sure it's an ID
         {
             // Now we look for the ID in the database
             $query = $PA->prepare('SELECT trainer_id FROM '.TABLE_TRAINERS_ICONS.' WHERE '.TABLE_TRAINERS_ICONS.'.trainer_id=:icon') or die($PA->error);
             $query->execute(array('icon'=>$icon));
             if($query->rowCount() != 0) // Exists
             {
                 return true;
             }
             else
             {
                 return false;
             }
             $query = NULL;
         }
     }

     // Verify the trainer message
     public function VerifyTrainerMsg($msg) {
         if(mb_strlen($msg) <= self::TRAINER_MSG_MAXLENGTH)
         {
             return true;
         }
         else
         {
             return false;
         }
     }

     // Verify the syntaxt of a color
     public function VerifyUserColor($color) {
         if(preg_match("#^\#[A-F0-9]{6}$#i", $color))
         {
             return true;
         }
         else
         {
             return false;
         }
     }

     // Verify the syntaxt of the inputed timetable
     public function VerifyUserTimetable($timetable) {
         if($timetable >= -12 && $timetable <= +12)
         {
             return true;
         }
         else
         {
             return false;
         }
     }

     // Verify the validity of an IP adress
     public function VerifyUserIP($ip) {
         if(preg_match("#\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b#", $ip))
         {
             return true;
         }
         else
         {
             return false;
         }
     }
}
?>