API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 6th, 2017
297
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 10.41 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.     class UserException extends Exception { }
  4.      
  5.     class User {
  6.          
  7.         private $sessionID;
  8.         public  $sessionData;
  9.         public  $data;
  10.         public  $loggedIn;
  11.          
  12.         /**
  13.           * Constructor - forms session and loads session data.
  14.           * @global $db
  15.           * @global $core
  16.           */
  17.         public function __construct() {
  18.          
  19.             global $db, $core;
  20.              
  21.             $this->clearUpSessions();
  22.              
  23.             $this->sessionID = session_id();
  24.              
  25.             $this->createSession();
  26.              
  27.             $query = $db->query( "SELECT * FROM sessions WHERE session_id = '{$this->sessionID}'" );
  28.             $this->sessionData = $db->assoc( $query );
  29.              
  30.             if( $this->sessionData['user_id'] ) {
  31.              
  32.                 $this->loggedIn = true;
  33.                  
  34.                 $query      = $db->query( "SELECT * FROM users WHERE id = '{$this->sessionData['user_id']}'" );
  35.                 $this->data = $db->assoc( $query );
  36.                  
  37.                 $this->data['uGroupArray'] = explode( ",", $this->data['usergroups'] );
  38.                  
  39.                 $query = $db->query("SELECT * FROM usergroups WHERE id = '{$this->data['displaygroup']}'");
  40.                 $array = $db->assoc($query);
  41.                  
  42.                 $this->data['usergroup'] = $array;
  43.                  
  44.                 $this->data['fullUsername'] = "<span style=\"color: #{$array['colour']}\">" . $this->data['username'] . "</span>";
  45.                 $this->data['simpleUsername'] = $this->data['username'];
  46.                
  47.             }
  48.          
  49.         }
  50.          
  51.             private function createSession() {
  52.              
  53.             global $db, $core;
  54.              
  55.             $query = $db->query( "SELECT * FROM sessions WHERE session_id = '{$this->sessionID}'" );
  56.             $num   = $db->num( $query );
  57.             $result = $db->assoc( $query );
  58.  
  59.             $oldID = $this->sessionID;    
  60.             $time  = time();
  61.  
  62.             if( $num == 0 ) {
  63.  
  64.                 $time = time();
  65.  
  66.                 $query2 = $db->query( "SELECT id FROM users WHERE `id` = '{$result['user_id']}'" );
  67.                 $num2 = $db->num( $query2 );
  68.  
  69.                 if( $num2 == 0 ) {
  70.                  
  71.                     $db->query( "INSERT INTO sessions VALUES ( NULL, '{$this->sessionID}', '0', '{$time}' );" );
  72.  
  73.                 }
  74.                 else {
  75.  
  76.                     session_regenerate_id();
  77.                     $newID = session_id();
  78.                  
  79.                     $db->query( "UPDATE sessions SET session_id = '{$newID}', stamp = '{$time}' WHERE user_id = '{$result['user_id']}'" );
  80.                  
  81.                     $this->sessionID = $newID;
  82.  
  83.                 }
  84.  
  85.             }
  86.             else {
  87.  
  88.                 session_regenerate_id();
  89.                 $newID = session_id();
  90.  
  91.                 $db->query( "UPDATE sessions SET session_id = '{$newID}', stamp = '{$time}' WHERE session_id = '{$oldID}'" );
  92.                  
  93.                 $this->sessionID = $newID;
  94.                  
  95.             }
  96.          
  97.         }
  98.          
  99.         public function hasGroup( $id ) {
  100.              
  101.             if( in_array( $id, $this->data['uGroupArray'] ) ) {
  102.                 return true;
  103.             }
  104.             else {
  105.                 return false;
  106.             }
  107.              
  108.         }
  109.          
  110.         private function clearUpSessions() {
  111.              
  112.             global $params, $db;
  113.              
  114.             $time = strtotime( "{$params['user']['timeout']} ago" );
  115.                          
  116.             $db->query( "DELETE FROM sessions WHERE stamp < '{$time}'" );
  117.              
  118.         }
  119.          
  120.         public function destroySession() {
  121.              
  122.             global $db;
  123.              
  124.             $db->query( "DELETE FROM sessions WHERE session_id = '{$this->sessionID}'" );
  125.          
  126.         }
  127.          
  128.         private function assignUser( $id ) {
  129.              
  130.             global $db;
  131.              
  132.             $db->query( "UPDATE sessions SET user_id = '{$id}' WHERE session_id = '{$this->sessionID}'" );
  133.          
  134.         }
  135.          
  136.         public function login( $username, $password ) {
  137.              
  138.             global $core, $db;
  139.              
  140.             $username     = $core->clean( $username );
  141.             $password     = $core->clean( $password );
  142.             $password_enc = $core->encrypt( $password );
  143.              
  144.             $query = $db->query("SELECT * FROM users WHERE username = '{$username}' AND password = '{$password_enc}'");
  145.             $array = $db->assoc($query);
  146.             $num   = $db->num($query);
  147.              
  148.             if( !$username or !$password ) {
  149.              
  150.                 throw new UserException( 'All fields are required.' );
  151.              
  152.             }
  153.             elseif( $num != 1 ) {
  154.              
  155.                 throw new UserException( 'Invalid username/password.' );
  156.              
  157.             }
  158.             elseif( $array['timestamp'] > 1295280000 ) {
  159.            
  160.                 throw new UserException( "For accounts created after the 18th of November 2011, please use your email address to login. Otherwise, login with your username." );
  161.             }
  162.             elseif( $array['banned'] == "1" ) {
  163.  
  164.                 throw new UserException( "You have been banned. Please contact a member of the staff team or at me[at]jiajiann.com. with the subject line as Support." );
  165.                
  166.             }
  167.             elseif( $array['verified'] == "0" ) {
  168.            
  169.                 throw new UserException( "Your account has not been verified yet! Please check your email inbox for the verification link or request for a new one <a href=\"resend.php\">here</a>." );
  170.                
  171.             }
  172.             else {
  173.              
  174.                 $this->assignUser( $array['id'] );
  175.                 return true;
  176.              
  177.             }
  178.          
  179.         }
  180.         public function emailLogin( $username, $password ) {
  181.              
  182.             global $core, $db;
  183.              
  184.             $username     = $core->clean( $username );
  185.             $password     = $core->clean( $password );
  186.             $password_enc = $core->encrypt( $password );
  187.              
  188.             $query = $db->query("SELECT * FROM users WHERE email = '{$username}' AND password = '{$password_enc}'");
  189.             $array = $db->assoc($query);
  190.             $num   = $db->num($query);
  191.              
  192.             if( !$username or !$password ) {
  193.              
  194.                 throw new UserException( 'All fields are required.' );
  195.              
  196.             }
  197.             elseif( $num != 1 ) {
  198.              
  199.                 throw new UserException( 'Invalid login ID/password.' );
  200.              
  201.             }
  202.             else if ($array['banned'] == "1") {
  203.  
  204.                 throw new UserException( "You have been banned. Please contact a member of the staff team or at me[at]jiajiann.com. with the subject line as Support." );
  205.             }
  206.             else if ($array['verified'] == "0") {
  207.            
  208.                 throw new UserException( "Your account has not been verified yet! Please check your email inbox for the verification link or request for a new one <a href=\"resend.php\">here</a>." );
  209.             }
  210.             else {
  211.              
  212.                 $this->assignUser( $array['id'] );
  213.                 return true;
  214.              
  215.             }
  216.          
  217.         }
  218.      public function quickreg( $username, $password, $email, $time, $ip ) {
  219.  
  220.             global $core, $db;
  221.            
  222.             $username        = $core->clean( $_POST['username'] );
  223.             $email           = $core->clean( $_POST['email'] );
  224.             $time            = time();
  225.             $ip              = $_SERVER['REMOTE_ADDR'];
  226.             $password_enc    = $core->encrypt( $password );
  227.            
  228.             $query_name = $db->query("SELECT * FROM users WHERE username = '{$username}'");
  229.             $num_name   = $db->num($query_name);
  230.            
  231.             $query_email    = $db->query("SELECT * FROM users WHERE email = '{$email}'");
  232.             $num_email  = $db->num($query_email);
  233.            
  234.             if( $num_name != 0 ) {
  235.            
  236.                 throw new UserException( 'The username is already in use.' );
  237.            
  238.             }
  239.             elseif( $num_email != 0 ) {
  240.            
  241.                 throw new UserException( 'There is already an account registered under this email.' );
  242.            
  243.             }
  244.             else {
  245.            
  246.                 $db->query( "INSERT INTO users (username, password, email, timestamp, ip, verified) VALUES('$username', '$password_enc', '$email', '$time', '$ip', '1')" );
  247.                 $query = $db->query("SELECT * FROM users WHERE username = '{$username}'");
  248.                 $array = $db->assoc( $query );
  249.                 $this->assignUser( $array['id'] );
  250.                 return true;
  251.             }
  252.        
  253.         }
  254.      public function register( $username, $password, $password_retype, $email, $email_retype, $habbo, $time, $ip ) {
  255.            
  256.             global $core, $db;
  257.            
  258.             $username               = $core->clean( $username );
  259.             $password               = $core->clean( $password );
  260.             $password_retype        = $core->clean( $password_retype );
  261.             $email              = $core->clean( $email );
  262.             $email_retype           = $core->clean( $email_retype );
  263.             $habbo              = $core->clean( $habbo );
  264.             $time               = time();
  265.             $ip                             = $_SERVER['REMOTE_ADDR'];
  266.             $password_enc           = $core->encrypt( $password );
  267.             $password_retype_enc        = $core->encrypt( $password_retype );
  268.            
  269.             $query_name = $db->query("SELECT * FROM users WHERE username = '{$username}'");
  270.             $num_name   = $db->num($query_name);
  271.            
  272.             $query_email    = $db->query("SELECT * FROM users WHERE email = '{$email}'");
  273.             $num_email  = $db->num($query_email);
  274.            
  275.             if( ( $password != $password_retype ) or ( $password_enc != $password_retype_enc ) ) {
  276.                
  277.                 throw new UserException( 'The passwords you entered does not match!' );
  278.                
  279.             }
  280.             elseif( $email != $email_retype ) {
  281.            
  282.                 throw new UserException( 'The emails you entered does not match!' );
  283.            
  284.             }
  285.             elseif( $num_name != 0 ) {
  286.            
  287.                 throw new UserException( 'The username is already in use.' );
  288.            
  289.             }
  290.             elseif( $num_email != 0 ) {
  291.            
  292.                 throw new UserException( 'There is already an account registered under this email.' );
  293.            
  294.             }
  295.             else {
  296.            
  297.                 $db->query("INSERT INTO users (id, username, password, email, habbo, timestamp, ip, displaygroup, usergroups) VALUES (NULL, '{$username}', '{$password_enc}', '{$email}', '{$habbo}', '$time', '$ip', '1', '1')");
  298.                 $query = $db->query("SELECT * FROM users WHERE username = '{$username}'");
  299.                 $array = $db->assoc( $query );
  300.                 $this->assignUser( $array['id'] );
  301.                 return true;
  302.            
  303.             }
  304.        
  305.         }
  306.        
  307.     }
  308.      
  309.     $user = new User();
  310.  
  311. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!