auth_model.php | searchcode

/src/system/application/models/auth_model.php

https://bitbucket.org/seezoo/seezoo/
PHP | 332 lines | 274 code | 36 blank | 22 comment | 33 complexity | dddafa187f00b000cb635d512a1fb5d3 MD5 | raw file
Possible License(s): GPL-2.0

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
 *  =========================================================
 * ログイン用モデルクラス
 *
 * @package Seezoo Core
 * @author Yoshiaki Sugimoto <neo.yoshiaki.sugimoto@gmail.com>
 *  =========================================================
 */
class Auth_model extends Model
{
	function __construct()
	{
		parent::Model();
	}

	function login($uname, $pass, $is_admin_login = FALSE)
	{
		$sql = 
			'SELECT '
			.	'user_id, '
			.	'hash, '
			.	'password, '
			.	'login_times, '
			.	'admin_flag, '
			.	'login_miss_count '
			.'FROM '
			.	'users '
			.'WHERE '
			.	'user_name = ? '
			.'AND '
			.	'login_miss_count < 3 ';
		if ($is_admin_login)
		{
			$sql .= 'AND is_admin_user = 1 ';
		}
		$sql .= 'LIMIT 1';
		$query = $this->db->query($sql, array($uname));

		if ($query->row())
		{
			$result = $query->row();

			// crypted password is match?
			//$password = md5($result->hash . $pass);
			
			// detect password stretching algorithm
			$algorithm_case = substr($result->password, 0, 3);
			if ( $algorithm_case === '$1$' )
			{
				// case md5 stretching
				$algorithm = 'md5';
				$password  = substr($result->password, 3);
			}
			else if ( $algorithm_case === '$2$' )
			{
				// case sha1 stretching
				$algorithm = 'sha1';
				$password  = substr($result->password, 3);
			}
			else if ( $algorithm_case === '$3$' )
			{
				// case sha256 stretching
				$algorithm = 'sha256';
				$password  = substr($result->password, 3);
			}
			else
			{
				// not stretching
				$algorithm = FALSE;
				$password  = $result->password;
			}
			
			$match_password = password_stretch($result->hash, $pass, $algorithm);

			if ($match_password === $password)
			{
				// update login user data
				$data = array(
					'last_login'			=> date('Y-m-d H:i:s', time()),
					'login_times'			=> (int)$result->login_times + 1,
					'login_miss_count'	=> 0
				);

				$this->db->where('user_id', $result->user_id);
				$this->db->update('users', $data);

				// set login session
				$this->session->set_userdata('user_id', $result->user_id);
				
				// protect code
				if ($this->session->userdata('edit_version'))
				{
					$this->session->unset_userdata('edit_version');
				}

				// 前回までのログインデータが残っていると不整合が起きるので全削除
				$this->_delete_all_edit_state($result->user_id);

				if ($result->admin_flag == 1)
				{
					$return_path = 'dashboard/panel';
				}
				else
				{
					$return_path = '/';
				}

				return $return_path;
			}
			else 
			{
				if ($result->login_miss_count < 4 && $result->user_id > 1)
				{
					$update = array(
						'login_miss_count' => (int)$result->login_miss_count + 1
					);
					$this->db->where('user_id', $result->user_id);
					$this->db->update('users', $update);
				}
			}
		}
		return FALSE;
	}

	function logout()
	{
		if ( $this->session->userdata('user_id') )
		{
			$sql = 'UPDATE '
				.		'pages '
				.	'SET '
				.		'is_editting = ?, '
				.		'edit_user_id = ? '
				.	'WHERE '
				.		'edit_user_id = ?';
			$query = $this->db->query($sql, array(0, 0, $this->session->userdata('user_id')));
	
			$this->session->unset_userdata('user_id');
		}
	}
	
	function member_logout()
	{
		if ( $this->session->userdata('member_id') )
		{
			$this->session->unset_userdata('member_id');
		}
	}

	function relogin_with_other_user($uid)
	{
		if ((int)$this->session->userdata('user_id') !== 1)
		{
			return FALSE;
		}
		$this->session->set_userdata('user_id', $uid);
		return TRUE;
	}

	function _delete_all_edit_state($uid)
	{
		$data = array(
			'is_editting'		=> 0,
			'edit_user_id'		=> 0,
			'is_arranging'		=> 0,
			'edit_start_time'	=> '0000-00-00 00:00:00'
		);
		$this->db->where('edit_user_id', $uid);
		$this->db->update('pages', $data);

		if ($this->session->userdata('edit_version'))
		{
			$this->session->unset_userdata('edit_version');
		}
		if ($this->session->userdata('is_arrange'))
		{
			$this->session->unet_userdata('is_arrange');
		}
	}

	function set_remember_token($val)
	{
		$this->db->where('user_id', $this->session->userdata('user_id'));
		$this->db->update('users', array('remember_token' => $val));
	}

	function remember_login($val)
	{
		$sql = 'SELECT '
			.		'user_id, '
			.		'admin_flag '
			.	'FROM '
			.		'users '
			.	'WHERE '
			.		'remember_token = ? '
			.	'LIMIT 1'
			;
		$query = $this->db->query($sql, array($val));

		if ($query->row())
		{
			$result = $query->row();
			$this->session->set_userdata('user_id', $result->user_id);
			if ($this->session->userdata('edit_version'))
			{
				$this->session->unset_userdata('edit_version');
			}
			// 前回までのログインデータが残っていると不整合が起きるので全削除
			$this->_delete_all_edit_state($result->user_id);

			if ($result->admin_flag > 0)
			{
				redirect('dashboard/panel');
			}
			else
			{
				redirect('/');
			}
		}
		return FALSE;
	}

	function is_email($mail)
	{
		$sql = 'SELECT user_id FROM users WHERE email = ? LIMIT 1';
		$query = $this->db->query($sql, array($mail));

		if ($query->row())
		{
			return TRUE;
		}
		else
		{
			return FALSE;
		}
	}

	function update_new_password_for_email($mail, $data)
	{
		$this->db->where('email', $mail);
		return $this->db->update('users', $data);
	}
	
	function get_master_email()
	{
		$CI =& get_instance();
		if ( isset($CI->site_data) && !empty($CI->site_data->system_mail_from) )
		{
			return $CI->site_data->system_mail_from;
		}
		$sql =
				'SELECT '
				.	'email '
				.'FROM '
				.	'users '
				.'WHERE '
				.	'user_id = 1 '
				.'LIMIT 1';
		$query = $this->db->query($sql);
		
		if ($query && $query->row())
		{
			$result = $query->row();
			return $result->email;
		}
		return 'info@example.com';
	}
	
	function generate_member_activation_code($member_id, $email)
	{
		$salt = sha1(uniqid(mt_rand(), TRUE));
		$code = sha1($member_id . $email . $salt);
		
		$insert = array(
			'activation_code'       => $code,
			'sz_member_id'          => $member_id,
			'email'                 => $email,
			'activation_limit_time' => date('Y-m-d H:i:s', strtotime('+1 day'))
		);
		
		if ( $this->db->insert('sz_activation_data', $insert) )
		{
			return $code;
		}
		return FALSE;
	}
	
	function do_member_activation($code)
	{
		$sql =
				'SELECT '
				.	'sz_member_id, '
				.	'email, '
				.	'activation_limit_time '
				.'FROM '
				.	'sz_activation_data '
				.'WHERE '
				.	'activation_code = ? '
				.'LIMIT 1'
				;
		$query = $this->db->query($sql, array($code));
		
		if ( $query->num_rows() == 0 )
		{
			return FALSE;
		}
		
		$result = $query->row();
		if ( strtotime($result->activation_limit_time) < time() )
		{
			$ret = 'timeout';
		}
		else
		{
			$ret = TRUE;
		}
		
		// update email
		$this->db->where('sz_member_id', $result->sz_member_id);
		if ( ! $this->db->update('sz_members', array('email' => $result->email)) )
		{
			return FALSE;
		}
		
		// delete record
		$this->db->where('activation_code', $code);
		$this->db->delete('sz_activation_data');
		
		return $ret;
	}
}