PageRenderTime 65ms CodeModel.GetById 31ms RepoModel.GetById 0ms app.codeStats 0ms

/libraries/ipsconnect.php

https://bitbucket.org/nathanbird/ips-connect-laravel-library
PHP | 149 lines | 106 code | 26 blank | 17 comment | 18 complexity | c836426f2066a32305c2986191976eaa MD5 | raw file
  1. <?php
  2. class Ipsconnect {
  3. static $masterUrl;
  4. static $masterKey;
  5. public function __constructor() {
  6. $masterUrl = Config::get('ipsconnect.masterurl');
  7. $masterKey = Config::get('ipsconnect.masterkey');
  8. }
  9. public static function login()
  10. {
  11. $value = Config::get('application.url');
  12. $idType = 'username';
  13. $id = Input::get('username');
  14. $password = Input::get('password');
  15. $_member = NULL;
  16. if ( $_member = DB::table('ipsconnect_members')->where('username', '=', $id)->first() ) {
  17. $idType = 'id';
  18. $id = $_member['connect_id'];
  19. }
  20. $login = file_get_contents( Ipsconnect::$masterUrl . '?' . http_build_query( array( 'act' => 'login', 'idType' => $idType, 'id' => $id, 'password' => md5( $password ) ) ) );
  21. if ( $login = @json_decode( $login, TRUE ) ) {
  22. switch ( $login['connect_status'] ) {
  23. case 'SUCCESS':
  24. // Load local member
  25. $member = DB::table('ipsconnect_members')->where('connect_id', '=', intval($login['connect_id']))->first();
  26. // $member = $db->query( "SELECT * FROM members WHERE connect_id=". intval( $login['connect_id'] ) )->fetch_array();
  27. // If we can't load based of the connect ID, but we already loaded off the username, update the connect ID
  28. if ( isset( $_member['id'] ) and !isset( $member['id'] ) )
  29. {
  30. $member = $_member;
  31. $db->query( "UPDATE members SET connect_id=". intval( $login['connect_id'] ) ." WHERE id={$_member['id']};" );
  32. }
  33. // If we don't have a member, create one
  34. if ( !isset( $member['id'] ) )
  35. {
  36. $db->query( "INSERT INTO members ( username, email, password, connect_id ) VALUES ( '". $db->escape_string( $login['connect_username'] ) ."', '". $db->escape_string( $login['connect_email'] ) ."', '". md5( $password ) ."', ". intval( $login['connect_id'] ) ." )" );
  37. }
  38. // Or update our existing one
  39. else
  40. {
  41. $db->query( "UPDATE members SET username='". $db->escape_string( $login['connect_username'] ) ."', email='". $db->escape_string( $login['connect_email'] ) ."', password='".md5( $password )."' WHERE id={$member['id']};" );
  42. }
  43. // Log the user in ....
  44. setcookie( 'ipsce_user', $login['connect_username'], time()+60*60*24*30 );
  45. setcookie( 'ipsce_pass', md5( $password ), time()+60*60*24*30 );
  46. // And redirect
  47. $redirect = base64_encode( str_replace( 'login.php', 'index.php', $_SERVER['HTTP_ORIGIN'] . $_SERVER['PHP_SELF'] ) );
  48. header( 'Location: ' . Ipsconnect::$masterUrl . '?' . http_build_query( array( 'act' => 'login', 'idType' => $idType, 'id' => $id, 'password' => md5( $password ), 'key' => md5( Ipsconnect::$masterKey . $id ), 'redirect' => $redirect, 'redirectHash' => md5( Ipsconnect::$masterKey . $redirect ), 'noparams' => '1' ) ) );
  49. exit;
  50. case 'WRONG_AUTH':
  51. $error = "Password incorrect.";
  52. break;
  53. case 'NO_USER':
  54. $error = "Could not locate a user with that username.";
  55. break;
  56. case 'ACCOUNT_LOCKED':
  57. $minutes = ceil( $login['connect_unlock'] / 60 );
  58. $error = "Your account is locked. Please try again in {$minutes} minutes.";
  59. break;
  60. case 'VALIDATING':
  61. $error = "You must validate your account before you can log in. <a href='{$login['connect_revalidate_url']}' target='_blank'>Resend Validation Email</a>";
  62. break;
  63. case 'MISSING_DATA':
  64. default:
  65. $error = "We could not log you in. Please try again later.";
  66. break;
  67. }
  68. } else {
  69. $error = "We could not log you in. Please try again later.";
  70. }
  71. }
  72. public static function isLoggedIn() {
  73. $loggedIn = NULL;
  74. // Only do this if the user has not expressly logged out of the IPS Connect Network
  75. if ( !isset( $_COOKIE[ 'ipsconnect_' . md5( Ipsconnect::$masterUrl ) ] ) or $_COOKIE[ 'ipsconnect_' . md5( Ipsconnect::$masterUrl ) ] )
  76. {
  77. // Check local cookies
  78. if ( isset( $_COOKIE['ipsce_user'] ) )
  79. {
  80. $user = DB::table('ipsconnect_members')->where('username', '=', $_COOKIE['ipsce_user'])->first();
  81. if ( $user )
  82. {
  83. if ( $user->password == $_COOKIE['ipsce_pass'] )
  84. {
  85. $loggedIn = $user->username;
  86. }
  87. }
  88. }
  89. // Check IPS Connect
  90. if ( $loggedIn === NULL and isset( $_COOKIE[ 'ipsconnect_' . md5( Ipsconnect::$masterUrl ) ] ) and $_COOKIE[ 'ipsconnect_' . md5( Ipsconnect::$masterUrl ) ] )
  91. {
  92. $check = file_get_contents( Ipsconnect::$masterUrl . '?' . http_build_query( array( 'act' => 'cookies', 'data' => json_encode( $_COOKIE ) ) ) );
  93. if ( $check = @json_decode( $check, TRUE ) and $check['connect_status'] == 'SUCCESS' )
  94. {
  95. // Load local member
  96. $user = DB::table('ipsconnect_members')->where('connect_id', '=', intval($check['connect_id']))->first();
  97. if ( $user )
  98. {
  99. // Update local member
  100. if ( $user->username != $check['connect_username'] or $user->email != $check['connect_email'] )
  101. {
  102. DB::table('ipsconnect_members')->update(array('username' => $check['connect_username'], 'email' => $check['connect_email']))->where('connect_id', '=', intval($check['connect_id']));
  103. // $db->query( "UPDATE ipsconnect_members SET username='". $db->escape_string( $check['connect_username'] ) ."', email='". $db->escape_string( $check['connect_email'] ) ."' WHERE connect_id=". intval( $check['connect_id'] ) .";" );
  104. }
  105. }
  106. else
  107. {
  108. // Create local member
  109. DB::table('ipsconnect_members')->insert(array('username' => $check['connect_username'], 'email' => $check['connect_email'], 'password' => md5( rand( 1, 10000 )), 'connect_id' => intval( $check['connect_id'] )));
  110. // $db->query( "INSERT INTO ipsconnect_members ( username, email, password, connect_id ) VALUES ( '". $db->escape_string( $check['connect_username'] ) ."', '". $db->escape_string( $check['connect_email'] ) ."', '". md5( rand( 1, 10000 ) ) ."', ". intval( $check['connect_id'] ) ." )" );
  111. $user = DB::table('ipsconnect_members')->where('connect_id', '=', intval($check['connect_id']))->first();
  112. // $user = $db->query( "SELECT * FROM ipsconnect_members WHERE connect_id=". intval( $check['connect_id'] ) )->fetch_array();
  113. }
  114. // Log in
  115. setcookie( 'ipsce_user', $user->username, time()+60*60*24*30 );
  116. setcookie( 'ipsce_pass', $user->password, time()+60*60*24*30 );
  117. $loggedIn = $user->username;
  118. }
  119. }
  120. }
  121. return $loggedIn;
  122. }
  123. }