Untitled

<?php
class Users
{
    public static $UserID;
    public static $Username;
    public static $UserIP;

    public function __construct()
    {
        self::$UserID   = (isset($_SESSION['user_id'])) ? $_SESSION['user_id'] : NULL;
        self::$Username = (isset($_SESSION['user_name'])) ? $_SESSION['user_name'] : NULL;
        self::$UserIP   = (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) ? $_SERVER['HTTP_CF_CONNECTING_IP'] : (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
    }

    public static function setSession($id, $username)
    {
        self::$UserID   = $id;
        self::$Username = $username;

        $_SESSION['user_id']    = $id;
        $_SESSION['user_name']  = $username;
    }

    public static function validateUsername($username)
    {
        if(preg_match('/^[a-z0-9]+$/i', $username) && strlen($username) >= 1 && strlen($username) <= 20)
        {
            $count = LightShot::$Database->countQuery("SELECT username FROM users WHERE username = ?", array($username));

            if($count == 0) return true;
        }

        return false;
    }

    public static function validatePassword($password, $password2)
    {
        if(strlen($password) >= 6 && $password == $password2) return true;

        return false;
    }

    public static function validateEmail($username)
    {
        if(filter_var($email, FILTER_VALIDATE_EMAIL))
        {
            $count = LightShot::$Database->countQuery("SELECT mail FROM users WHERE mail = ?", array($username));

            if($count == 0) return true;
        }

        return false;
    }

    public static function checkDuplicates()
    {
        $count = LightShot::$Database->countQuery("SELECT username FROM users WHERE ip_last = ? OR WHERE ip_reg = ?", array(self::$UserIP, self::$UserIP));

        if($count >= LightShot::$Config['new_user']['max_accounts']) return false;

        return true;
    }

    public static function userData($id, $key)
    {
        $user = LightShot::$Database->arrayQuery("SELECT {$key} FROM users WHERE id = ?", array($id));

        return $user[$key];
    }

    public static function login($username, $password)
    {
        $user = LightShot::$Database->arrayQuery("SELECT `id`, `username`, `password` FROM `users` WHERE `username` = ? OR WHERE `mail` = ? LIMIT 1", array($username));

        if(user == null)
        {
            Templater::$Notice = 'Incorrect username or email address. Please double check your details and resubmit!';
            return false;
        }

        if($user['password'] != Site::Hash($password))
        {
            Templater::$Notice = 'The password you entered is incorrect. Please double check your details and resubmit!';
            return false;
        }

        self::setSession($user['id'], $user['username']);

        return true;
    }

    public static function register($username, $password, $password2, $email)
    {
        if($username == null || $password == null || $password2 == null || $email == null) return false;

        if(self::checkDuplicates() == true)
        {
            if(self::validateUsername($username) == true)
            {
                if(self::validatePassword($password, $password2) == true)
                {
                    $password = Site::Hash($password);

                    $user = LightShot::$Database->query(
                        "INSERT INTO `users` VALUES (NULL, ?, NULL, ?, ?, 0, ?, 0, NULL, NULL, ?, ?, ?, ?, ?, 0, 0, 0, NULL, ?, ?, NULL, ?)",
                        array(
                            $username,
                            $password,
                            $email,
                            time(),
                            LightShot::$Config['new_user']['motto'],
                            LightShot::$Config['new_user']['look'],
                            LightShot::$Config['new_user']['gender'],
                            LightShot::$Config['new_user']['rank'],
                            LightShot::$Config['new_user']['credits'],
                            self::$UserIP,
                            self::$UserIP,
                            LightShot::$Config['new_user']['home_room']));

                    $id = LightShot::$Database->getLastID();

                    $currency = LightShot::$Database->query(
                        "INSERT INTO `users` VALUES (?, 0, ?), (?, 5, ?)", array(
                            $id,
                            LightShot::$Config['new_user']['duckets'],
                            $id,
                            LightShot::$Config['new_user']['diamonds']));
                }
            }
        }
    }

    public static function CreateSSO(){
      $sso_var_1 = rand(1000000, 9999999);
      $sso_var_2 = str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ');
      $ticket = strtoupper(LightShot::$Config->site_name).'/--/'.$sso_var_2.'/--/'.sha1($sso_var_1);

      LightShot::$MySQL->query('UPDATE users SET `auth_ticket` = ? WHERE `id` = ?', Array($ticket, self::$ID));

      return $ticket;
    }

    public static function CheckRegDetails($username, $captcha, $captcha_entered, $email, $password, $repeat_password, $age, $gender){
      /* The data inserted into this function does not need to be secured */

      if(self::UsernameOk($username) == 'true'){
        if($captcha == $captcha_entered){
          if(preg_match('/^[a-z0-9_\.-]+@([a-z0-9]+([\-]+[a-z0-9]+)*\.)+[a-z]{2,7}$/i', $email) && !empty($email)){
            if(LightShot::$MySQL->num_rows('SELECT null FROM users WHERE mail = ?', array($email)) == 0){
              if(self::PasswordsOk($password, $repeat_password) == 'true'){
                if(true){
                  if($gender == 'M' || $gender == 'F' || $gender == ''){
                    if($gender == 'M' || $gender == ''){ $look = 'sh-3016-110.hd-209-2.ea-8030-85.lg-3320-92-92.ch-7285-110.hr-8623-34'; }elseif($gender == 'F'){ $look = 'sh-905-1414.hd-629-2.he-1608-92.ch-7013-81-82.hr-3625-34-40.lg-3596-83-85'; }
                    /*
                    * [Current verified data]
                    * $username
                    * $email
                    * $password
                    * $age
                    * $gender
                    * $look
                    */
                    if(self::InsertUser($username, $email, $password, $age, $gender, 'wa-2001-3072.ch-220-66.hd-180-1.hr-3090-1398.lg-285-82.sh-305-92')){
                      if(self::Login($username, $password)){
                        Templater::$Notice = 'Welcome, '.$username.', Your registry was successful your account has been created! Redirecting you now...';
                        return true; //We did good
                      }
                    }
                  }else{/*Username check failed*/ Templater::$Notice = 'Do not manipulate our forms. Thank you..'; return false; }
                }else{/*Not too young or too old*/ Templater::$Notice = 'Sorry that here you must be older than 8 years and younger than 30 years. This is due to the fact that the use of pedals is allowed, and this hotel has an explicit language. Excuse me. But if you really want to come, change your age.'; return false; }
              }else{/*Password check failed*/ Templater::$Notice = self::PasswordsOk($password, $repeat_password); return false; }
            }else{/*Password check failed*/ Templater::$Notice = 'Sorry, but this email address is taken. Please enter a new one.'; return false; }
          }else{/*Email entered is incorrect*/ Templater::$Notice = 'This email address is invalid. Please confirm your entries and resubmit.'; return false; }
        }else{/*Captcha false*/ Templater::$Notice = 'The captcha you entered is incorrect. Please try again.'; return false; }
      }else{/*Username check failed*/ Templater::$Notice = self::UsernameOk($username); return false; }
    }

    public static function InsertUser($username, $email, $password, $age, $gender, $look){
      try{
        /* Just so our passwords can not be grabbed */
        $password = Site::Hash($password);
        /* Just setting vars, easier to use in the query */
        $coins = LightShot::$Config->default_coins;
        $duckets = LightShot::$Config->default_duckets;
        $rank = LightShot::$Config->default_rank;
        $motto = LightShot::$Config->default_motto;
        /* Insert the user */
        LightShot::$MySQL->query('INSERT INTO users (username, motto, mail, password, gender, credits, pixels, account_created, rank, look, ip_register, ip_current) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)',
        array($username, $motto, $email, $password, $gender, $coins, $duckets, time(), $rank, $look, LightShot::$ClientIP, LightShot::$ClientIP)
        );
        $id = LightShot::$MySQL->fetch_array('SELECT `id` FROM `users` WHERE `username` = ?', array($username))['id'];
        LightShot::$MySQL->query('INSERT INTO users_currency (user_id, type, amount) VALUES (?, 0, 100)', array($id));
        LightShot::$MySQL->query('INSERT INTO cms_minimail (message, date_sent, sender_look, sender_name, replied, deleted, receiver) VALUES (?, ?, ?, ?, ?, ?, ?)',
        array('Welcome to '.LightShot::$Config->site_name.', we hope that you enjoy your stay!', time(), 'hr-165-34.sh-290-92.ch-215-84.hd-180-1.lg-280-64', '#'.LightShot::$Config->site_name, 0, 0, $username)
        );

        return true;

      /* Error */
      }catch(PDOException $error){
        die('<center><h1>LightShot CMS Error:</h1><hr>Error inserting user in class.users.php on line 205</center><br><br><b>Error data:</b><br><br>'.$error);
      }
    }
  }
'';
?>