<?php namespace YetAnotherPanel; class User extends Core { pr

1. <?php
2.  
3. namespace YetAnotherPanel;
4.  
5. class User extends Core
6. {
7.  
8. private $isLoggedIn = false,
9. $cache = array(),
10. $id = 0,
11. $userName = '';
12.  
13.  
14.  
15. public function __construct()
16. {
17.  
18. $this->_checkSessions();
19.  
20. if( $this->isLoggedIn() )
21. {
22.  
23. if( !$this->_grabCache() )
24. {
25.  
26. $this->_generateCache();
27.  
28. }
29.  
30. }
31.  
32. }
33.  
34. public function isLoggedIn()
35. {
36.  
37. return $this->isLoggedIn;
38.  
39. }
40.  
41. public function login( $userName, $passWord )
42. {
43.  
44. if( !$userName || !$passWord )
45. {
46.  
47. return 'All fields are required';
48.  
49. }
50.  
51. $query = $this->query('SELECT id FROM {prefix}users WHERE username = {0} AND password = {1} LIMIT 1;',
52. array( $userName, $passWord ) );
53.  
54. if( $query->countRows() > 0 )
55. {
56.  
57. $this->id = $query->fetchResult();
58.  
59. if( $this->_isBanned() )
60. {
61.  
62. return 'You have been banned from the system.';
63.  
64. }
65.  
66. $this->_createSession();
67.  
68. }
69. else
70. {
71.  
72. return 'Invalid username or password.';
73.  
74. }
75.  
76. }
77.  
78. private function _createSession()
79. {
80.  
81. global $engine;
82.  
83. $key = $engine->randomChars( 10 );
84.  
85. $_SESSION['y__rndKey'] = $key;
86.  
87. $query = $this->query('SELECT null FROM {prefix}sessions WHERE id = {0, i}', array( $this->id ) );
88.  
89. session_regenerate_id();
90.  
91. if( $query->countRows() > 0 )
92. {
93.  
94. $this->query('UPDATE {prefix}sessions SET sessionTimeout = {now} + 500, sessionId = {0}, sessionKey = {1} WHERE userId = {2, i} LIMIT 1;', array( session_id(), $key, $this->id ) );
95.  
96. }
97. else
98. {
99.  
100. $this->query('INSERT INTO {prefix}session VALUES({0}, {1, i},{now} + 500, {2} )', array( session_id(), $this->id, $key ) );
101.  
102. }
103.  
104. }
105.  
106. private function _isBanned()
107. {
108.  
109. $query = $this->query('
110. SELECT
111.  
112. null
113.  
114. FROM
115.  
116. {prefix}bans
117.  
118. WHERE
119.  
120. userId = {0, i}
121.  
122. AND
123.  
124. timeExpire - {now} > 0
125.  
126. LIMIT 1;
127. ', array( $this->id ) );
128.  
129.  
130. if( $query->countRows() > 0 )
131. {
132.  
133. return true;
134.  
135. }
136. else
137. {
138.  
139. return false;
140.  
141. }
142.  
143. }
144.  
145. private function _checkSessions()
146. {
147.  
148. $query = $this->Query('
149. SELECT
150.  
151. userId, sessionKey
152.  
153. FROM
154.  
155. {prefix}sessions
156.  
157. WHERE
158.  
159. sessionId = {0}
160.  
161. AND
162.  
163. sessionTimeOut + 500 - {now} > 0
164.  
165. LIMIT 1;
166.  
167. ', array( session_id( ) ) );
168.  
169. if( $query->countRows() > 0 )
170. {
171.  
172. $data = $query->fetchRow();
173.  
174. if( $data[ 1 ] == $_SESSION['y__rndKey'] )
175. {
176.  
177. $this->isLoggedIn = true;
178.  
179. $this->id = $data[ 0 ];
180.  
181. $this->Query( 'UPDATE {prefix}sessions SET sessionTimeout = {now} + 500 WHERE userId = {0, i} LIMIT 1;', array( $this->id ) );
182.  
183. }
184.  
185. }
186.  
187. }
188.  
189. private function _grabCache()
190. {
191.  
192. $cacheUrl = BASE . '_cache/_users/' . $this->id . '.cache';
193.  
194. if( !file_exists( $cacheUrl ) )
195. {
196.  
197. return false;
198.  
199. }
200.  
201. $this->cache = unserialize( @file_get_contents( BASE . '_cache/_users/' . $this->id . '.cache' ) );
202.  
203. }
204.  
205. private function _generateCache()
206. {
207.  
208.  
209. $query = $this->Query('SELECT * FROM {prefix}users WHERE id = {0, i} LIMIT 1;', array( $this->id ) );
210.  
211. foreach( $query->fetchArray( MYSQL_ASSOC ) as $key => $value )
212. {
213.  
214. if( $key == 'password' ) continue;
215.  
216. $userCache[ $key ] = $value;
217.  
218. }
219.  
220. $userCache = serialize( $userCache );
221.  
222. file_put_contents( BASE . '_cache/_users/' . $this->id . '.cache', $userCache );
223.  
224.  
225. }
226.  
227.  
228. }