Untitled

<?php

	/**
	 * A11n (by daGrevis).
	 *
	 * @version    0.3
	 * @author     daGrevis
	 * @copyright  (C) 2011 by daGrevis
	 * @license    MIT License
	 */


	defined( 'SYSPATH' ) or exit( 'No direct script access.' );


	class Model_A11n extends Model {

		/**
		 * Model's validation.
		 *
		 * @param   string   Mode (example, 'sign-in', 'sign-up').
		 * @param   Validation   Validation object.
		 */

		public function validation( $mode, Validation $extraValidation = null ) {

			if ( empty( $extraValidation ) ) {

				$validation = Validation::factory( array() );

			} else {

				$validation = $extraValidation;

			}


			switch ( $mode ) {

				case 'sign-up':

					$validation
						->rule( 'username', 'not_empty' )
						->rule( 'username', 'max_length', array( ':value', 32 ) )
						->rule( 'username', 'alpha_dash', array( ':value', true ) )
						->rule( 'username', 'Model_A11n::usernameExists', array( ':validation', ':value' ) )
						->rule( 'password', 'not_empty' )
						->rule( 'password', 'min_length', array( ':value', 6 ) )
						->rule( 'password', 'max_length', array( ':value', 255 ) )
						->rule( 'email', 'not_empty' )
						->rule( 'email', 'email' )
						->rule( 'email', 'Model_A11n::emailExists', array( ':validation', ':value' ) );

				break;

				case 'sign-in':

					$validation
						->rule( 'username', 'not_empty' )
						->rule( 'username', 'max_length', array( ':value', 32 ) )
						->rule( 'username', 'alpha_dash', array( ':value', true ) )
						->rule( 'password', 'not_empty' )
						->rule( 'password', 'min_length', array( ':value', 6 ) )
						->rule( 'password', 'max_length', array( ':value', 255 ) )
						->rule( 'password', array( $this, 'checkPassword' ), array( ':validation', ':value' ) );

				break;

			}


			return $validation;

		}

		/**
		 * Whether username already exists in the database?
		 *
		 * @param   Validation   Validation object.
		 * @param   string   User's username.
		 */

		public static function usernameExists( Validation $validation, $username ) {

			$query =
				DB::select( 'id' )
					->from( 'users' )
					->where( 'username', '=', $username );

			$result =
				$query->execute()
					->count();


			if ( $result ) {

				$validation->error( 'username', 'usernameExists' );

			}

		}

		/**
		 * Whether e-mail already exists in the database?
		 *
		 * @param   Validation   Validation object.
		 * @param   string   User's e-mail.
		 */

		public static function emailExists( Validation $validation, $email ) {

			$query =
				DB::select( 'id' )
					->from( 'users' )
					->where( 'email', '=', $email );

			$result =
				$query->execute()
					->count();


			if ( $result ) {

				$validation->error( 'email', 'emailExists' );

			}

		}

		/**
		 * Checks whether user with given username **and** given password exists. In other words, check that password is correct.
		 *
		 * @param   Validation   Validation object.
		 * @param   string   User's password (plain text).
		 */

		public function checkPassword( Validation $validation, $password ) {

			$username = $validation['username'];
			$hashedPassword = $this->_hashPassword( $password, $this->_getSaltFromId( $this->_getIdFromUsername( $username ) ) );


			$query =
				DB::select( 'id' )
					->from( 'users' )
					->where( 'username', '=', $username )
					->where( 'password', '=', $hashedPassword );

			$result =
				$query->execute()
					->count();


			if ( !$result ) {

				$validation->error( 'password', 'checkPassword' );

			}

		}

		/**
		 * Gets user's ID from database (using username).
		 *
		 * @param   string   User's username.
		 * @return  integer   User's ID from database.
		 */

		protected function _getIdFromUsername( $username ) {

			$query =
				DB::select( 'id' )
					->from( 'users' )
					->where( 'username', '=', $username );

			$result =
				$query->execute()
					->get( 'id' );


			return
				(integer) $result;

		}

		/**
		 * Gets user's access from database (using ID). Use this only when you know that you need value from database because access is saved in session as well.
		 *
		 * @param   string   User's ID.
		 * @return  integer   User's access from database.
		 */

		protected function _getAccessFromId( $id ) {

			$query =
				DB::select( 'access' )
					->from( 'users' )
					->where( 'id', '=', $id );

			$result =
				$query->execute()
					->get( 'access' );


			return
				(integer) $result;

		}

		/**
		 * Gets user's salt from database (using ID).
		 *
		 * @param   string   User's ID.
		 * @return  string   User's salt from database.
		 */

		protected function _getSaltFromId( $id ) {

			$query =
				DB::select( 'salt' )
					->from( 'users' )
					->where( 'id', '=', $id );

			$result =
				$query->execute()
					->get( 'salt' );


			return
				(string) $result;

		}

		/**
		 * Hashes password (plain text), salt (value stored in database (auto-generated for each user)) and nuts (value from configuration that's stored on file-server (MUST BE CHANGED BEFORE PRODUCTION STAGE FROM DEFAULT ("Cartman")!)) using SHA-1 algorythm.
		 *
		 * @param   string   User's password.
		 * @param   string   Salt (auto-generated for each user).
		 * @param   string   Nuts from configuration that's stored on file-server.
		 * @return  string   Hashed password.
		 */

		protected function _hashPassword( $password, $salt, $nuts = '' ) {

			if ( $nuts === '' ) { $nuts = Kohana::config( 'a11n' )->nuts; }

			$password =
				sha1(
					$password
					. $salt
					. $nuts
				);


			return $password;

		}


		/**
		 * Adds new user in the database.
		 *
		 * @param   Validation   Validation object.
		 */

		public function signUp( Validation $validation ) {

			$username = $validation['username'];
			$salt = uniqId( null, true );
			$password = $this->_hashPassword( $validation['password'], $salt );
			$email = $validation['email'];


			$query =
				DB::insert( 'users', array( 'username', 'password', 'salt', 'email' ) )
					->values( array( $username, $password, $salt, $email ) );

			$result =
				$query->execute();

		}

	}