/libraries/ipsconnect.php
PHP | 149 lines | 106 code | 26 blank | 17 comment | 18 complexity | c836426f2066a32305c2986191976eaa MD5 | raw file
- <?php
- class Ipsconnect {
- static $masterUrl;
- static $masterKey;
- public function __constructor() {
- $masterUrl = Config::get('ipsconnect.masterurl');
- $masterKey = Config::get('ipsconnect.masterkey');
- }
- public static function login()
- {
- $value = Config::get('application.url');
- $idType = 'username';
- $id = Input::get('username');
- $password = Input::get('password');
- $_member = NULL;
- if ( $_member = DB::table('ipsconnect_members')->where('username', '=', $id)->first() ) {
- $idType = 'id';
- $id = $_member['connect_id'];
- }
- $login = file_get_contents( Ipsconnect::$masterUrl . '?' . http_build_query( array( 'act' => 'login', 'idType' => $idType, 'id' => $id, 'password' => md5( $password ) ) ) );
- if ( $login = @json_decode( $login, TRUE ) ) {
- switch ( $login['connect_status'] ) {
- case 'SUCCESS':
- // Load local member
- $member = DB::table('ipsconnect_members')->where('connect_id', '=', intval($login['connect_id']))->first();
- // $member = $db->query( "SELECT * FROM members WHERE connect_id=". intval( $login['connect_id'] ) )->fetch_array();
- // If we can't load based of the connect ID, but we already loaded off the username, update the connect ID
- if ( isset( $_member['id'] ) and !isset( $member['id'] ) )
- {
- $member = $_member;
- $db->query( "UPDATE members SET connect_id=". intval( $login['connect_id'] ) ." WHERE id={$_member['id']};" );
- }
- // If we don't have a member, create one
- if ( !isset( $member['id'] ) )
- {
- $db->query( "INSERT INTO members ( username, email, password, connect_id ) VALUES ( '". $db->escape_string( $login['connect_username'] ) ."', '". $db->escape_string( $login['connect_email'] ) ."', '". md5( $password ) ."', ". intval( $login['connect_id'] ) ." )" );
- }
- // Or update our existing one
- else
- {
- $db->query( "UPDATE members SET username='". $db->escape_string( $login['connect_username'] ) ."', email='". $db->escape_string( $login['connect_email'] ) ."', password='".md5( $password )."' WHERE id={$member['id']};" );
- }
- // Log the user in ....
- setcookie( 'ipsce_user', $login['connect_username'], time()+60*60*24*30 );
- setcookie( 'ipsce_pass', md5( $password ), time()+60*60*24*30 );
- // And redirect
- $redirect = base64_encode( str_replace( 'login.php', 'index.php', $_SERVER['HTTP_ORIGIN'] . $_SERVER['PHP_SELF'] ) );
- header( 'Location: ' . Ipsconnect::$masterUrl . '?' . http_build_query( array( 'act' => 'login', 'idType' => $idType, 'id' => $id, 'password' => md5( $password ), 'key' => md5( Ipsconnect::$masterKey . $id ), 'redirect' => $redirect, 'redirectHash' => md5( Ipsconnect::$masterKey . $redirect ), 'noparams' => '1' ) ) );
- exit;
- case 'WRONG_AUTH':
- $error = "Password incorrect.";
- break;
- case 'NO_USER':
- $error = "Could not locate a user with that username.";
- break;
- case 'ACCOUNT_LOCKED':
- $minutes = ceil( $login['connect_unlock'] / 60 );
- $error = "Your account is locked. Please try again in {$minutes} minutes.";
- break;
- case 'VALIDATING':
- $error = "You must validate your account before you can log in. <a href='{$login['connect_revalidate_url']}' target='_blank'>Resend Validation Email</a>";
- break;
- case 'MISSING_DATA':
- default:
- $error = "We could not log you in. Please try again later.";
- break;
- }
- } else {
- $error = "We could not log you in. Please try again later.";
- }
- }
- public static function isLoggedIn() {
- $loggedIn = NULL;
- // Only do this if the user has not expressly logged out of the IPS Connect Network
- if ( !isset( $_COOKIE[ 'ipsconnect_' . md5( Ipsconnect::$masterUrl ) ] ) or $_COOKIE[ 'ipsconnect_' . md5( Ipsconnect::$masterUrl ) ] )
- {
- // Check local cookies
- if ( isset( $_COOKIE['ipsce_user'] ) )
- {
- $user = DB::table('ipsconnect_members')->where('username', '=', $_COOKIE['ipsce_user'])->first();
- if ( $user )
- {
- if ( $user->password == $_COOKIE['ipsce_pass'] )
- {
- $loggedIn = $user->username;
- }
- }
- }
- // Check IPS Connect
- if ( $loggedIn === NULL and isset( $_COOKIE[ 'ipsconnect_' . md5( Ipsconnect::$masterUrl ) ] ) and $_COOKIE[ 'ipsconnect_' . md5( Ipsconnect::$masterUrl ) ] )
- {
- $check = file_get_contents( Ipsconnect::$masterUrl . '?' . http_build_query( array( 'act' => 'cookies', 'data' => json_encode( $_COOKIE ) ) ) );
- if ( $check = @json_decode( $check, TRUE ) and $check['connect_status'] == 'SUCCESS' )
- {
- // Load local member
- $user = DB::table('ipsconnect_members')->where('connect_id', '=', intval($check['connect_id']))->first();
- if ( $user )
- {
- // Update local member
- if ( $user->username != $check['connect_username'] or $user->email != $check['connect_email'] )
- {
- DB::table('ipsconnect_members')->update(array('username' => $check['connect_username'], 'email' => $check['connect_email']))->where('connect_id', '=', intval($check['connect_id']));
- // $db->query( "UPDATE ipsconnect_members SET username='". $db->escape_string( $check['connect_username'] ) ."', email='". $db->escape_string( $check['connect_email'] ) ."' WHERE connect_id=". intval( $check['connect_id'] ) .";" );
- }
- }
- else
- {
- // Create local member
- DB::table('ipsconnect_members')->insert(array('username' => $check['connect_username'], 'email' => $check['connect_email'], 'password' => md5( rand( 1, 10000 )), 'connect_id' => intval( $check['connect_id'] )));
- // $db->query( "INSERT INTO ipsconnect_members ( username, email, password, connect_id ) VALUES ( '". $db->escape_string( $check['connect_username'] ) ."', '". $db->escape_string( $check['connect_email'] ) ."', '". md5( rand( 1, 10000 ) ) ."', ". intval( $check['connect_id'] ) ." )" );
- $user = DB::table('ipsconnect_members')->where('connect_id', '=', intval($check['connect_id']))->first();
- // $user = $db->query( "SELECT * FROM ipsconnect_members WHERE connect_id=". intval( $check['connect_id'] ) )->fetch_array();
- }
- // Log in
- setcookie( 'ipsce_user', $user->username, time()+60*60*24*30 );
- setcookie( 'ipsce_pass', $user->password, time()+60*60*24*30 );
- $loggedIn = $user->username;
- }
- }
- }
- return $loggedIn;
- }
- }