Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /* This Class is the basic user model */
- class User {
- // Constants
- const NICKNAME_MAXLENGTH = 20;
- const NICKNAME_MINLENGTH = 3;
- const PASSWORD_MAXLENGTH = 30;
- const PASSWORD_MINLENGTH = 5;
- const LANG_USABILITY = 1;
- const LANG_EXISTS = 0;
- const TRAINER_DEFAULT_ICON = 1;
- const TRAINER_MSG_MAXLENGTH = 255;
- const USER_LEVEL = 0;
- const MODERATOR_LEVEL = 1;
- const ADMINISTRATOR_LEVEL = 2;
- const OWNER_LEVEL = 3;
- // Main user atributes
- private $user_id;
- private $nickname;
- private $password;
- // Profile attributes
- private $language = DEFAULT_LANGUAGE;
- private $trainer_icon = self::TRAINER_DEFAULT_ICON;
- private $trainer_msg;
- private $color;
- private $timezone;
- private $IP;
- private $last_visit;
- private $subscribed;
- private $template;
- // User authority attribute
- private $auth_level = self::USER_LEVEL;
- public function __construct($nickname = '', $password = '') {
- global $_SERVER;
- $this->nickname = $nickname;
- $this->password = $password;
- $this->IP = $_SERVER['REMOTE_ADDR'];
- $this->last_visit = time();
- $this->subscribed = time();
- $this->template = $this->GetDefaultTemplate();
- }
- public function SetNickname($nickname) {
- return $this->nickname = $nickname;
- }
- public function SetPassword($password) {
- return $this->password = $password;
- }
- public function SetLanguage($lang) {
- global $UF;
- if($this->VerifyUserLanguage($UF->SecureData($lang)))
- {
- $this->language = $UF->SecureData($lang);
- }
- }
- public function SetTrainerIcon($icon) {
- $this->trainer_icon = $icon;
- }
- public function GetNickname() {
- return $this->nickname;
- }
- public function GetPassword() {
- return $this->password;
- }
- public function GetLanguage() {
- return $this->language;
- }
- public function GetDefaultTemplate() {
- global $PA;
- $query = $PA->query('SELECT '.TABLE_TEMPLATES.'.template_id FROM '.TABLE_TEMPLATES.' WHERE '.TABLE_TEMPLATES.'.template_default=1') or die($PA->error);
- $default = $query->fetch();
- $query = NULL;
- return $default['template_id'];
- }
- // Verify if the nickname is already taken
- public function VerifyNickAvailability($nick) {
- global $PA;
- global $UF;
- // We start by verifying the nickname's syntax
- if(!$this->VerifyLogins($nick, '', 1, 0))
- {
- return false;
- break;
- }
- // We look for any primary or secondary nickname identifal to the login
- $query = $PA->prepare('SELECT '.TABLE_USERS_USERID.' FROM '.TABLE_USERS.' WHERE '.TABLE_USERS_NICKNAME.'=:nickname') or die($PA->error);
- $query->execute(array('nickname'=>$UF->SecureData($nick)));
- if($query->rowCount() != 0) // If it's taken as a primary nickname
- {
- $query = NULL;
- return false;
- break;
- }
- else
- {
- $query = NULL;
- // We verify if it it's used as a secondary nickname
- $query = $PA->prepare('SELECT '.TABLE_SECONDARIES_NICK.'.user_id FROM '.TABLE_SECONDARIES_NICK.' WHERE '.TABLE_SECONDARIES_NICK.'.user_nickname=:nickname') or die($PA->error);
- $query->execute(array('nickname'=>$UF->SecureData($nick)));
- if($query->rowCount() != 0) // If it's taken as a secondary nickname
- {
- $query = NULL;
- return false;
- }
- else
- {
- $query = NULL;
- return true;
- }
- }
- }
- public function VerifyLogins($login, $password, $VerifyLogin = 1, $VerifyPassword = 1) { // Verify the format of the login/password
- global $UF; // We need the utility Function
- $errors = '';
- // We start by verifying the nickname
- if(($VerifyLogin == 1) && (empty($login) || !preg_match("#^[^".$UF->EspapeRegexData('*+\\/"\'')."]{".self::NICKNAME_MINLENGTH.",".self::NICKNAME_MAXLENGTH."}$#", $login)))
- {
- $errors .= 'The nickname is incorrect.<br />';
- }
- // We verify the password
- if(($VerifyPassword == 1) && (empty($password) || !preg_match("#^[^(\n)]{".self::PASSWORD_MINLENGTH.",".self::PASSWORD_MAXLENGTH."}$#", $password)))
- {
- $errors .= 'The password is incorrect.<br />';
- }
- // Now if the $errors variable is not empty then there is an error
- if($errors == '')
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- public function AddUser($login, $password) { // Add a new user to the database
- global $PA; // To access the PDO variable
- global $UF;
- // First we need to verify the logins
- if($this->VerifyLogins($login, $password) && $this->VerifyNickAvailability($login) && $this->VerifyUserIP($this->IP) && $this->VerifyUserLanguage($this->language, self::LANG_USABILITY))
- {
- // Now that we are sure about the validity of the logins, we can add the user to the dabase
- $query = $PA->prepare('INSERT INTO '.TABLE_USERS.'('.TABLE_USERS_NICKNAME.', '.TABLE_USERS_PASSWORD.') VALUES(:nickname, :password)') or die($PA->error);
- $query->execute(array('nickname'=>$UF->SecureData($this->nickname), 'password'=>md5($this->password)));
- $query = NULL;
- $this->user_id = $PA->lastInsertId(); // We recover the ID given to the user
- // Now we need to create the rest of the tables that are in relation with the users table
- $query = $PA->prepare('INSERT INTO '.TABLE_USERS_AUTH.'(user_id, user_auth_level) VALUES(:id, :auth)') or die($PA->error);
- $query->execute(array('id'=>$this->user_id, 'auth'=>$this->auth_level));
- $query = NULL;
- // Now we add the user profile
- $query = $PA->prepare('INSERT INTO '.TABLE_USERS_PROFILES.'(user_id, user_lang, user_color, user_ip, user_last_visit, user_subscribed, user_template) VALUES(:id, :language, :color, :ip, :timestamp, :timestamp2, :template)') or die($PA->error);
- $query->execute(array('id'=>$this->user_id, 'language'=>$this->language, 'color'=>$UF->RandomColor(), 'ip'=>$this->IP, 'timestamp'=>$this->last_visit, 'timestamp2'=>$this->subscribed, 'template'=>$this->template));
- $query = NULL;
- // Now we add the user status
- $query = $PA->prepare('INSERT INTO '.TABLE_USERS_STATUS.'(user_id, user_tempban) VALUES(:id, :tempban)') or die($PA->error);
- $query->execute(array('id'=>$this->user_id, ':tempban'=>time()));
- return true; // The user was successfully added
- }
- else
- {
- return false;
- }
- }
- /* Methodes concerning the user profile */
- // Verify if a language exists in the database and if it is usable depending on the $option parametre
- public function VerifyUserLanguage($lang, $option) {
- global $PA;
- global $UF;
- if(preg_match("#^[a-zA-Z0-9_]$#", $lang))
- {
- if($option == self::LANG_EXISTS) // Will only verify if it exists
- {
- $query = $PA->prepare('SELECT lang_name FROM '.TABLE_LANGUAGES.' WHERE '.TABLE_LANGUAGES.'.lang_name=:langname') or die($PA->error);
- $query->execute(array('langname'=>$UF->SecureData($lang)));
- if($query->rowCount() == 0) // No existing language with the same name
- {
- $query = NULL;
- return false;
- break;
- }
- else
- {
- $query = NULL;
- return true;
- break;
- }
- }
- elseif($option == self::LANG_USABILITY) // Will verify if we can use it(existence and status)
- {
- $query = $PA->prepare('SELECT lang_name FROM '.TABLE_LANGUAGES.' WHERE '.TABLE_LANGUAGES.'.lang_name=:langname AND '.TABLE_LANGUAGES.'.lang_status=1') or die($PA->error);
- $query->execute(array('langname'=>$UF->SecureData($lang)));
- if($query->rowCount() == 0) // No existing language with the same name/width 1 as status
- {
- $query = NULL;
- return false;
- }
- else
- {
- $query = NULL;
- return true;
- }
- }
- }
- }
- // Verify if a trainer icon exists
- public function VerifyTrainerIcon($icon) {
- global $PA;
- if(preg_match("#^[0-9]{1,3}$#", $icon)) // We need to make sure it's an ID
- {
- // Now we look for the ID in the database
- $query = $PA->prepare('SELECT trainer_id FROM '.TABLE_TRAINERS_ICONS.' WHERE '.TABLE_TRAINERS_ICONS.'.trainer_id=:icon') or die($PA->error);
- $query->execute(array('icon'=>$icon));
- if($query->rowCount() != 0) // Exists
- {
- return true;
- }
- else
- {
- return false;
- }
- $query = NULL;
- }
- }
- // Verify the trainer message
- public function VerifyTrainerMsg($msg) {
- if(mb_strlen($msg) <= self::TRAINER_MSG_MAXLENGTH)
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- // Verify the syntaxt of a color
- public function VerifyUserColor($color) {
- if(preg_match("#^\#[A-F0-9]{6}$#i", $color))
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- // Verify the syntaxt of the inputed timezone
- public function VerifyUserTimezone($timezone) {
- if($timezone >= -12 && $timezone <= +12)
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- // Verify the validity of an IP adress
- public function VerifyUserIP($ip) {
- if(preg_match("#\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b#", $ip))
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- // Verify the syntaxt of the timestamp
- public function VerifyUserTimestamp($timestamp) {
- if(preg_match("#[0-9]{10}#", $timestamp))
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- // Return an array containing all the informations about the user
- public function GetUserInformations($username) {
- global $PA;
- global $UF;
- $query = $PA->prepare('SELECT '.TABLE_USERS_USERID.', '.TABLE_USERS_NICKNAME.', '.TABLE_USERS_PASSWORD.',
- '.TABLE_USERS_AUTH.'.user_auth_level, '.TABLE_USERS_PROFILES.'.user_lang, '.TABLE_USERS_PROFILES.'.user_trainer_icon,
- '.TABLE_USERS_PROFILES.'.user_trainer_msg, '.TABLE_USERS_PROFILES.'.user_color, '.TABLE_USERS_PROFILES.'.user_timezone,
- '.TABLE_USERS_PROFILES.'.user_ip, '.TABLE_USERS_PROFILES.'.user_last_visit, '.TABLE_USERS_PROFILES.'.user_subscribed,
- '.TABLE_USERS_PROFILES.'.user_template FROM '.TABLE_USERS.' LEFT JOIN '.TABLE_USERS_AUTH.' ON '.TABLE_USERS_USERID.'='.TABLE_USERS_AUTH.'.user_id
- LEFT JOIN '.TABLE_USERS_PROFILES.' ON '.TABLE_USERS_USERID.'='.TABLE_USERS_PROFILES.'.user_id WHERE '.TABLE_USERS_NICKNAME.'=:username') or die($PA->error);
- $query->execute(array('username'=>$UF->SecureData($username)));
- if($query->rowCount() == 1)
- {
- $infos = $query->fetch();
- $query = NULL;
- return $infos;
- }
- else
- {
- $query = NULL;
- return 0;
- }
- }
- // Load User Default Language
- public function LoadUserLanguage() {
- global $_COOKIE;
- global $UF;
- if(!empty($_COOKIE['language']) && $this->VerifyUserLanguage($_COOKIE['language'], self::LANG_USABILITY)) // If there is a cookie containing the name of the user language and if it's usable
- {
- require(SERVER_ROOT.'/langs/'.strtolower($_COOKIE['language']).".php");
- }
- else // If not, we use the default language
- {
- require(SERVER_ROOT.'/langs/'.strtolower(DEFAULT_LANGUAGE).".php");
- }
- }
- // Verify if someone is connected
- public function VerifyUserIsConnected() {
- global $_SESSION;
- if(!empty($_SESSION['id']) && !empty($_SESSION['username']) && !empty($_SESSION['auth_level']))
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- // Connect the user to the server
- public function ConnectUser($username, $password, $lang = DEFAULT_LANGUAGE, $save_login = 'off') {
- global $_COOKIE;
- if(!$this->VerifyUserIsConnected() && $this->VerifyLogins($username, $password)) // If the logins have a correct format and he isn't connected
- {
- $UserInfos = $this->GetUserInformations($username);
- if($UserInfos[ROW_USERS_PASSWORD] == md5($password))
- {
- // We identify the user
- $_SESSION['id'] == $UserInfos[ROW_USERS_USERID];
- $_SESSION['username'] == $UserInfos[ROW_USERS_NICKNAME];
- $_SESSION['auh_level'] == $UserInfos['user_auth_level'];
- setcookie('language', $UF->SecureData($lang), time()+60*60*24*30*12);
- if($save_login == 'on')
- {
- setcookie('nickname', $_SESSION['username'], time()+60*60*24*30*12);
- setcookie('password', md5($UserInfos['user_password']), time()+60*60*24*30*12);
- }
- }
- }
- elseif(!$this->VerifyUserIsConnected() && $this->VerifyLogins($_COOKIE['nickname'], $_COOKIE['password']))
- {
- $UserInfos = $this->GetUserInformations($_COOKIE['nickname']);
- if($UserInfos[ROW_USERS_PASSWORD] == md5($_COOKIE['password']))
- {
- // We identify the user
- $_SESSION['id'] == $UserInfos[ROW_USERS_USERID];
- $_SESSION['username'] == $UserInfos[ROW_USERS_NICKNAME];
- $_SESSION['auh_level'] == $UserInfos['user_auth_level'];
- setcookie('language', $UF->SecureData($lang), time()+60*60*24*30*12);
- if($save_login == 'on')
- {
- setcookie('nickname', $_SESSION['username'], time()+60*60*24*30*12);
- setcookie('password', md5($UserInfos['user_password']), time()+60*60*24*30*12);
- }
- }
- }
- else
- {
- return false;
- }
- }
- public function UpdateUserInformations($ArrayInfos) {
- global $PA;
- $NewUserInfos = array();
- // First of all, we need to verify the nickname syntax, if it's not correct we can't continue our verification
- if(!$this->VerifyLogins($ArrayInfos[ROWS_USERS_NICKNAME], '', 1, 0))
- {
- return false;
- break;
- }
- // We extract the actual user informations
- $UserInfos = $this->GetUserInformations($ArrayInfos[ROW_USERS_NICKNAME]);
- foreach($UserInfos as $key=>$info) // We will create an array with the updated informations
- {
- if(!isset($ArrayInfos[$key]))
- {
- $NewUserInfos[$key] = $UserInfos[$key];
- }
- elseif($key == ROW_USERS_USERID)
- {
- $NewUserInfos[ROW_USERS_USERID] = $UserInfos[ROW_USERS_USERID];
- }
- elseif($key == ROW_USERS_NICKNAME && !$this->VerifyNickAvailability($ArrayInfos[ROW_USERS_NICKNAME]))
- {
- $NewUserInfos[ROW_USERS_NICKNAME] = $UserInfos[ROW_USERS_NICKNAME];
- }
- elseif($key == ROW_USERS_PASSWORD && !$this->VerifyLogins('', $ArrayInfos[ROW_USERS_PASSWORD], 0, 1))
- {
- $NewUserInfos[ROW_USERS_PASSWORD] = $UserInfos[ROW_USERS_PASSWORD];
- }
- elseif($key == ROW_USERS_PASSWORD && $this->VerifyLogins('', $ArrayInfos[ROW_USERS_PASSWORD], 0, 1))
- {
- $NewUserInfos[ROW_USERS_PASSWORD] = md5($ArrayInfos[ROW_USERS_PASSWORD]);
- }
- elseif($key == 'user_lang' && !$this->VerifyUserLanguage($ArrayInfos['user_lang'], self::LANG_USABILITY))
- {
- $NewUserInfos['user_lang'] = $UserInfos['user_lang'];
- }
- elseif($key == 'user_trainer_icon' && !$this->VerifyTrainerIcon($ArrayInfos['user_trainer_icon']))
- {
- $NewUserInfos['user_trainer_icon'] = $UserInfos['user_trainer_icon'];
- }
- elseif($key == 'user_trainer_msg' && !$this->VerifyTrainerMsg($ArrayInfos['user_trainer_msg']))
- {
- $NewUserInfos['user_trainer_msg'] = $UserInfos['user_trainer_msg'];
- }
- elseif($key == 'user_color' && !$this->VerifyUserColor($ArrayInfos['user_color']))
- {
- $NewUserInfos['user_color'] = $UserInfos['user_color'];
- }
- elseif($key == 'user_timezone' && !$this->VerifyUserTimezone($ArrayInfos['user_timezone']))
- {
- $NewUserInfos['user_timezone'] = $UserInfos['user_timezone'];
- }
- elseif($key = 'user_ip' && !$this->VerifyUserIP($ArrayInfos['user_ip']))
- {
- $NewUserInfos['user_ip'] = $UserInfos['user_ip'];
- }
- elseif($key == 'user_last_visit' && !$this->VerifyUserTimestamp($ArrayInfos['user_last_visit']))
- {
- $NewUserInfos['user_last_visit'] = $UserInfos['user_last_visit'];
- }
- elseif($key == 'user_subscribed' && !$this->VerifyUserTimestamp($ArrayInfos['user_subscribed']))
- {
- $NewUserInfos['user_subscribed'] = $UserInfos['user_subscribed'];
- }
- elseif($key == 'user_ban' && !in_array($ArrayInfos['user_auth_level'], array(0, 1)))
- {
- $NewUserInfos['user_ban'] = $UserInfos['user_ban'];
- }
- elseif($key == 'user_tempban' && !$this->VerifyUserTimestamp($ArrayInfos['user_tempban']))
- {
- $NewUserInfos['user_tempban'] = $UserInfos['user_tempban'];
- }
- elseif($key == 'user_auth_level' && !in_array($ArrayInfos['user_auth_level'], array(self::USER_LEVEL, self::MODERATOR_LEVEL, self::ADMINISTRATOR_LEVEL, self::OWNER_LEVEL)))
- {
- $NewUserInfos['user_auth_level'] = $UserInfos['user_auth_level'];
- }
- else
- {
- $NewUserInfos[$key] = $ArrayInfos[$key];
- }
- }
- // Now that the array has been created, we update the database
- $query = $PA->prepare('UPDATE') or die($PA->error);
- $query->execute($NewUserInfos);
- if($query->rowCount != 0)
- {
- $query = NULL;
- return true;
- }
- else
- {
- $query = NULL;
- return false;
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement