PageRenderTime 28ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/system/libraries/user.lib.php

https://gitlab.com/paulmfoster/grotworx
PHP | 492 lines | 345 code | 70 blank | 77 comment | 39 complexity | b41c1a50d48cd2d1f66ce7e4bf6361e4 MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. if (!class_exists('database')) {
    4. 

  4.     include LIBDIR . 'database.lib.php';
    5. 

  5. }
    6. 

  6. 

  7. class user
    8. 

  8. {
    9. 

  9.     private const EVERYONE = 255;
    10. 

  10. 

  11. 	function __construct()
    12. 

  12. 	{
    13. 

  13.         $filename = DATADIR . 'users.sq3';
    14. 

  14.         $already = file_exists($filename);
    15. 

  15.         $dsn = 'sqlite:' . $filename;
    16. 

  16.         $this->db = new database($dsn);
    17. 

  17. 

  18.         if (!$already) {
    19. 

  19.             $this->make_tables();
    20. 

  20.             $this->sample_admin();
    21. 

  21.         }
    22. 

  22. 	}
    23. 

  23. 

  24.     function make_tables()
    25. 

  25.     {
    26. 

  26.         $sql = "CREATE TABLE user (id integer primary key autoincrement, login varchar(30), password varchar(255), name varchar(50) not null, email varchar(255) not null, nonce varchar(255) not null, level integer default 255)";
    27. 

  27.         $this->db->query($sql);
    28. 

  28.         $sql = "CREATE TABLE confirm (id integer primary key autoincrement, login varchar(30), password varchar(255), name varchar(50), email varchar(255), nonce varchar(255), level integer, ip varchar(15), link varchar(255), timestamp integer)";
    29. 

  29.         $this->db->query($sql);
    30. 

  30.     }
    31. 

  31. 

  32.     function sample_admin()
    33. 

  33.     {
    34. 

  34.         $user = [
    35. 

  35.             'login' => 'admin',
    36. 

  36.             'password' => password_hash('password', PASSWORD_BCRYPT),
    37. 

  37.             'name' => 'Administrator',
    38. 

  38.             'email' => 'me@example.com',
    39. 

  39.             'nonce' => md5('admin'),
    40. 

  40.             'level' => 0
    41. 

  41.         ];
    42. 

  42.         $this->db->insert('user', $user);
    43. 

  43.     }
    44. 

  44. 

  45. 	/**
    46. 

  46. 	 * get_ip_address()
    47. 

  47. 	 *
    48. 

  48. 	 * Should obtain and return IP address under almost all
    49. 

  49. 	 * circumstances. Code is taken from stackoverflow.com, and tries to
    50. 

  50. 	 * compensate for proxies, etc.
    51. 

  51. 	 *
    52. 

  52. 	 */
    53. 

  53. 

  54. 	private function get_ip_address()
    55. 

  55. 	{
    56. 

  56. 		$server_parms = [
    57. 

  57. 			'HTTP_CLIENT_IP', 
    58. 

  58. 			'HTTP_X_FORWARDED_FOR', 
    59. 

  59. 			'HTTP_X_FORWARDED', 
    60. 

  60. 			'HTTP_X_CLUSTER_CLIENT_IP', 
    61. 

  61. 			'HTTP_FORWARDED_FOR', 
    62. 

  62. 			'HTTP_FORWARDED', 
    63. 

  63. 			'REMOTE_ADDR'
    64. 

  64. 		];
    65. 

  65. 

  66. 		foreach ($server_parms as $key) {
    67. 

  67. 			if (array_key_exists($key, $_SERVER) === true) {
    68. 

  68. 				foreach (explode(',', $_SERVER[$key]) as $ip) {
    69. 

  69. 					$ip = trim($ip); // just to be safe
    70. 

  70. 

  71. 					if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false){
    72. 

  72. 						return $ip;
    73. 

  73. 					}
    74. 

  74. 				}
    75. 

  75. 			}
    76. 

  76. 		}
    77. 

  77. 	}
    78. 

  78. 

  79. 	private function random_string($length = 32) {
    80. 

  80. 		$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    81. 

  81. 		$len = strlen($characters);
    82. 

  82. 		$rs = '';
    83. 

  83. 		for ($i = 0; $i < $length; $i++) {
    84. 

  84. 			$rs .= $characters[rand(0, $len - 1)];
    85. 

  85. 		}
    86. 

  86. 		return $rs;
    87. 

  87. 	}
    88. 

  88. 

  89. 	function register($post)
    90. 

  90. 	{
    91. 

  91. 		global $form;
    92. 

  92. 

  93. 		// did the user omit a required field?
    94. 

  94. 		if (!$form->check_requireds($post)) {
    95. 

  95. 			emsg('F', 'One or more required fields not provided');
    96. 

  96. 			return FALSE;
    97. 

  97. 		}
    98. 

  98. 

  99. 		// password and confirm must match
    100. 

  100. 		if ($post['password'] !== $post['confirm']) {
    101. 

  101. 			emsg('F', 'Password and confirmation do not match');
    102. 

  102. 			return FALSE;
    103. 

  103. 		}
    104. 

  104. 

  105. 		// hacker login?
    106. 

  106. 		if ($post['login'] != preg_replace('%[^0-9A-Za-z]%', '', $content)) {
    107. 

  107. 			emsg('F', 'Not-allowed characters in login');
    108. 

  108. 			return FALSE;
    109. 

  109. 		}
    110. 

  110. 

  111. 		// hacker name?
    112. 

  112. 		if ($post['name'] != preg_replace('%[^\. ,\-0-9A-Za-z]%', '', $content)) {
    113. 

  113. 			emsg('F', 'Not-allowed characters in user name');
    114. 

  114. 			return FALSE;
    115. 

  115. 		}
    116. 

  116. 

  117. 		// hacker email?
    118. 

  118. 		if ($post['email'] != filter_var($content, FILTER_SANITIZE_EMAIL)) {
    119. 

  119. 			emsg('F', 'Invalid email address');
    120. 

  120. 			return FALSE;
    121. 

  121. 		}
    122. 

  122. 		
    123. 

  123. 		// check for pre-existing identical login
    124. 

  124. 		$sql = "SELECT * FROM user WHERE login = '{$post['login']}'";
    125. 

  125. 		$pre_exist = $this->db->query($sql)->fetch();
    126. 

  126. 		if ($pre_exist) {
    127. 

  127. 			// user login already exists
    128. 

  128. 			emsg('F', 'A user with this login already exists');
    129. 

  129. 			return FALSE;
    130. 

  130. 		}
    131. 

  131. 

  132. 		$save = array(
    133. 

  133. 			'login' => $post['login'],
    134. 

  134. 			'password' => password_hash($post['password'], PASSWORD_BCRYPT),
    135. 

  135. 			'name' => $post['name'],
    136. 

  136. 			'email' => $post['email'],
    137. 

  137. 			'nonce' => md5($post['login']),
    138. 

  138. 			'level' => 255,
    139. 

  139. 			'ip' => $this->get_ip_address(),
    140. 

  140. 			'link' => $this->random_string(32),
    141. 

  141. 			'timestamp' => time()
    142. 

  142. 		);
    143. 

  143. 		$save_prepped = $this->db->prepare('confirm', $save);
    144. 

  144. 		$this->db->insert('confirm', $save_prepped);
    145. 

  145. 

  146. 		$message = <<<EOD
    147. 

  147. 

  148. In order to confirm your registration with our site you must copy
    149. 

  149. the "token" below on the web page you came from.
    150. 

  150. 

  151. Token: {$save['link']}
    152. 

  152. 

  153. Thanks!
    154. 

  154. 

  155. EOD;
    156. 

  156. 

  157. 		$subject = 'Please CONFIRM your registration with our site';
    158. 

  158. 		mail($post['email'], $subject, $message);
    159. 

  159. 

  160. 		return TRUE;
    161. 

  161. 	}
    162. 

  162. 

  163. 

  164. 	/**
    165. 

  165. 	 * confirm_registration()
    166. 

  166. 	 *
    167. 

  167. 	 * Confirms (or not) that a user is allowed to register, and does
    168. 

  168. 	 * so.
    169. 

  169. 	 *
    170. 

  170. 	 * @param string $get confirmation link
    171. 

  171. 	 *
    172. 

  172. 	 * @return boolean Either you're okay or you're not
    173. 

  173. 	 *
    174. 

  174. 	 */
    175. 

  175. 

  176. 	function confirm_registration($token)
    177. 

  177. 	{
    178. 

  178. 		// XSS
    179. 

  179. 		$token = preg_replace('/[^A-Za-z0-9]/', '', $token);
    180. 

  180. 

  181. 		$now = time();
    182. 

  182. 		$limit = $now - 3600;
    183. 

  183. 

  184. 		// best time to delete all the expired records
    185. 

  185. 		$sql = "DELETE FROM confirm WHERE timestamp < $limit";
    186. 

  186. 		$this->db->query($sql);
    187. 

  187. 

  188. 		// grab confirmation record
    189. 

  189. 		$sql = "SELECT * FROM confirm WHERE link = '$token'";
    190. 

  190. 		$rec = $this->db->query($sql)->fetch();
    191. 

  191. 

  192. 		// can't find the confirmation key
    193. 

  193. 		if ($rec === FALSE) {
    194. 

  194. 			emsg('F', 'No such confirmation token, or token expired');
    195. 

  195. 			return FALSE;
    196. 

  196. 		}
    197. 

  197. 

  198. 		$store = array(
    199. 

  199. 			'login' => $rec['login'],
    200. 

  200. 			'password' => $rec['password'],
    201. 

  201. 			'name' => $rec['name'],
    202. 

  202. 			'email' => $rec['email'],
    203. 

  203. 			'nonce' => $rec['nonce'],
    204. 

  204. 			'level' => $rec['level']
    205. 

  205. 		);
    206. 

  206. 

  207. 		$save = $this->db->prepare('user', $store);
    208. 

  208. 		$this->db->insert('user', $save);
    209. 

  209. 

  210. 		$sql = "DELETE FROM confirm WHERE link = '$token'";
    211. 

  211. 		$this->db->query($sql);
    212. 

  212. 

  213. 		return TRUE;
    214. 

  214. 	}
    215. 

  215. 

  216. 	function get_user_list()
    217. 

  217. 	{
    218. 

  218. 		$sql = "SELECT * FROM user ORDER BY name";
    219. 

  219. 		return $this->db->query($sql)->fetch_all();
    220. 

  220. 	}
    221. 

  221. 

  222. 	function get_user_by_nonce($nonce)
    223. 

  223. 	{
    224. 

  224. 		// XSS
    225. 

  225. 		$nonce = preg_replace('/[^A-Za-z0-9]/', '', $nonce);
    226. 

  226. 

  227. 		$sql = "SELECT * FROM user WHERE nonce = '$nonce'";
    228. 

  228. 		return $this->db->query($sql)->fetch();
    229. 

  229. 	}
    230. 

  230. 

  231. 	function get_current_user()
    232. 

  232. 	{
    233. 

  233. 		if (isset($_SESSION['user'])) {
    234. 

  234. 			$u = $this->get_user_by_nonce($_SESSION['user']);
    235. 

  235. 			return $u;
    236. 

  236. 		}
    237. 

  237. 		return FALSE;
    238. 

  238. 	}
    239. 

  239. 

  240. 	function get_user($id)
    241. 

  241. 	{
    242. 

  242. 		$id = filter_var($id, FILTER_SANITIZE_NUMBER_INT);
    243. 

  243. 

  244. 		$sql = "SELECT * FROM user WHERE id = $id";
    245. 

  245. 		return $this->db->query($sql)->fetch();
    246. 

  246. 	}
    247. 

  247. 

  248. 	function get_user_by_login($login)
    249. 

  249. 	{
    250. 

  250. 		$sql = "SELECT * FROM user WHERE login = '$login'";
    251. 

  251. 		return $this->db->query($sql)->fetch();
    252. 

  252. 	}
    253. 

  253. 

  254. 	function get_admin_users()
    255. 

  255. 	{
    256. 

  256. 		$sql = "SELECT * FROM user WHERE level = 0";
    257. 

  257. 		return $this->db->query($sql)->fetch_all();
    258. 

  258. 	}
    259. 

  259. 

  260. 	function get_non_admin_users()
    261. 

  261. 	{
    262. 

  262. 		$sql = "SELECT * FROM user WHERE level != 0";
    263. 

  263. 		return $this->db->query($sql)->fetch_all();
    264. 

  264. 	}
    265. 

  265. 

  266. 	/**
    267. 

  267. 	 * create_user()
    268. 

  268. 	 *
    269. 

  269. 	 * Does the heavy lifting of creating a user,
    270. 

  270. 	 * after we figure out if it's okay for him
    271. 

  271. 	 * to create that user.
    272. 

  272. 	 *
    273. 

  273. 	 * @param array $post The $_POST array
    274. 

  274. 	 *
    275. 

  275. 	 * @return boolean TRUE
    276. 

  276. 	 *
    277. 

  277. 	 */
    278. 

  278. 

  279. 	private function create_user($post)
    280. 

  280. 	{
    281. 

  281. 		// encrypt the password
    282. 

  282. 		$post['password'] = password_hash($post['password'], PASSWORD_BCRYPT);
    283. 

  283. 		$post['nonce'] = md5($post['login']);
    284. 

  284. 

  285. 		$add_array = $this->db->prepare('user', $post);
    286. 

  286. 		$this->db->insert('user', $add_array);
    287. 

  287. 

  288. 		return TRUE;
    289. 

  289. 	}
    290. 

  290. 

  291. 	function add_user($post)
    292. 

  292. 	{
    293. 

  293. 		// check for pre-existing identical login
    294. 

  294. 		$sql = "SELECT * FROM user WHERE login = '{$post['login']}'";
    295. 

  295. 		$pre_exist = $this->db->query($sql)->fetch();
    296. 

  296. 		if ($pre_exist) {
    297. 

  297. 			// user login already exists
    298. 

  298. 			emsg('F', 'User login already exists');
    299. 

  299. 			return FALSE;
    300. 

  300. 		}
    301. 

  301. 

  302. 		// logged in?/determine level of user
    303. 

  303. 		if (isset($_SESSION['user'])) {
    304. 

  304. 			$sql = "SELECT level FROM user WHERE nonce = '{$_SESSION['user']}'";
    305. 

  305. 			$level_rec = $this->db->query($sql)->fetch();
    306. 

  306. 			$level = $level_rec['level'];
    307. 

  307. 		}
    308. 

  308. 		else {
    309. 

  309. 			// signal value for "not logged in"
    310. 

  310. 			$level = 1024;
    311. 

  311. 		}
    312. 

  312. 

  313. 		if ($level == 0) {
    314. 

  314. 			// admin, create any users
    315. 

  315. 			$this->create_user($post);
    316. 

  316. 			return TRUE;
    317. 

  317. 		}
    318. 

  318. 		elseif ($level == 255) {
    319. 

  319. 			// regular user, can't create other users
    320. 

  320. 			emsg('F', 'You are not authorized to create a new user.');
    321. 

  321. 			return FALSE;
    322. 

  322. 		}
    323. 

  323. 		elseif ($level == 1024) {
    324. 

  324. 			// not logged in
    325. 

  325. 			if  ($post['level'] != 255) {
    326. 

  326. 				// can't create an admin user
    327. 

  327. 				emsg('F', 'You are not authorized to create an admin user.');
    328. 

  328. 				return FALSE;
    329. 

  329. 			}
    330. 

  330. 

  331. 			// NOTE Theoretically, a not-logged-in user could
    332. 

  332. 			// create numerous low level users
    333. 

  333. 	
    334. 

  334. 			$this->create_user($post);
    335. 

  335. 			return TRUE;
    336. 

  336. 		}
    337. 

  337. 

  338. 	}
    339. 

  339. 

  340. 	function update_user($post)
    341. 

  341. 	{
    342. 

  342. 		$rec = [
    343. 

  343. 			'name' => $post['name'],
    344. 

  344. 			'email' => $post['email']
    345. 

  345. 		];
    346. 

  346. 

  347. 		// check for password change
    348. 

  348. 		if (!empty($post['password'])) {
    349. 

  349. 			// does password === confirm?
    350. 

  350. 			if ($post['password'] === $post['confirm']) {
    351. 

  351. 				// encrypt password for storage
    352. 

  352. 				$post['password'] = password_hash($post['password'], PASSWORD_BCRYPT);
    353. 

  353. 				$rec['password'] = $post['password'];
    354. 

  354. 			}
    355. 

  355. 			else {
    356. 

  356. 				emsg('F', "Confirm password doesn't match original");
    357. 

  357. 				return FALSE;
    358. 

  358. 			}
    359. 

  359. 			
    360. 

  360. 		}
    361. 

  361. 

  362. 		$user = $this->db->prepare('user', $post);
    363. 

  363. 		$this->db->update('user', $user, "id = {$user['id']}");
    364. 

  364. 

  365. 		return TRUE;
    366. 

  366. 	}
    367. 

  367. 

  368. 	function delete_user($userid)
    369. 

  369. 	{
    370. 

  370. 		$userid = filter_var($userid, FILTER_SANITIZE_NUMBER_INT);
    371. 

  371. 

  372. 		// id == 0 not a real user ID
    373. 

  373. 		if ($userid == 0) {
    374. 

  374. 			emsg('F', 'Cannot delete a non-existent user');
    375. 

  375. 			return FALSE;
    376. 

  376. 		}
    377. 

  377. 

  378. 		// all okay; delete user
    379. 

  379. 		$sql = "DELETE FROM user WHERE id = $userid";
    380. 

  380. 		$this->db->query($sql);
    381. 

  381. 		return TRUE;
    382. 

  382. 	}
    383. 

  383. 

  384. 	/**
    385. 

  385. 	 * Log in.
    386. 

  386. 	 *
    387. 

  387. 	 * Checks the login and password from the login screen.
    388. 

  388. 	 * Ensures the user in question exists, and that the
    389. 

  389. 	 * password entered matches the one on file.
    390. 

  390. 	 *
    391. 

  391. 	 * @param array $post The $_POST array
    392. 

  392. 	 *
    393. 

  393. 	 * @return boolean TRUE if user found, else FALSE
    394. 

  394. 	 *
    395. 

  395. 	 */
    396. 

  396. 

  397. 	function login($post)
    398. 

  398. 	{
    399. 

  399. 		$sql = "SELECT * FROM user WHERE login = '{$post['login']}'";
    400. 

  400. 		$user = $this->db->query($sql)->fetch();
    401. 

  401. 

  402. 		if ($user) {
    403. 

  403. 			$verified = password_verify($post['password'], $user['password']);
    404. 

  404. 			if ($verified) {
    405. 

  405. 				// this tells the system who's logged in
    406. 

  406. 				$_SESSION['user'] = $user['nonce'];
    407. 

  407. 				return TRUE;
    408. 

  408. 			}
    409. 

  409. 			else {
    410. 

  410. 				// password didn't match
    411. 

  411. 				return FALSE;
    412. 

  412. 			}
    413. 

  413. 		}
    414. 

  414. 		else {
    415. 

  415. 			// no such user
    416. 

  416. 			return FALSE;
    417. 

  417. 		}
    418. 

  418. 	}
    419. 

  419. 

  420. 	/**
    421. 

  421. 	 * Limit access in a script.
    422. 

  422. 	 *
    423. 

  423. 	 * This function should appear in every controller which demands
    424. 

  424. 	 * some privilege in order to access that page.
    425. 

  425. 	 *
    426. 

  426. 	 * @param int $level The level of user needed to access the page.
    427. 

  427. 	 *
    428. 

  428. 	 * @return boolean TRUE if the user is qualified, else FALSE
    429. 

  429. 	 *
    430. 

  430. 	 */
    431. 

  431. 

  432. 	function access($level)
    433. 

  433. 	{
    434. 

  434. 		$level = filter_var($level, FILTER_SANITIZE_NUMBER_INT);
    435. 

  435. 

  436. 		if (isset($_SESSION['user'])) {
    437. 

  437. 

  438. 			// user is logged in
    439. 

  439. 			$sql = "SELECT level FROM user WHERE nonce = '{$_SESSION['user']}'";
    440. 

  440. 			$user = $this->db->query($sql)->fetch();
    441. 

  441. 

  442. 			if ($user === FALSE) {
    443. 

  443. 				// nonce is not in the system,
    444. 

  444. 				// so user was deleted,
    445. 

  445. 				// or someone's attempting a hack
    446. 

  446. 				emsg('F', 'User is anonymous or not in the system.');
    447. 

  447. 				return FALSE;
    448. 

  448. 			}	
    449. 

  449. 				
    450. 

  450. 			if ($user['level'] > $level) {
    451. 

  451. 				// user isn't qualified 
    452. 

  452. 				emsg('F', 'User not authorized.');
    453. 

  453. 				return FALSE;
    454. 

  454. 			}
    455. 

  455. 		}
    456. 

  456. 		elseif ($level < EVERYONE) {
    457. 

  457. 			// user is not logged in or no user
    458. 

  458. 			// access level is "below" the "everyone" threshold
    459. 

  459. 			emsg('F', 'User not logged in or no user');
    460. 

  460. 			return FALSE;
    461. 

  461. 		}
    462. 

  462. 

  463. 		return TRUE;
    464. 

  464. 	}
    465. 

  465. 	
    466. 

  466. 	function fetch_user_info()
    467. 

  467. 	{
    468. 

  468. 		if (isset($_SESSION['user'])) {
    469. 

  469. 			$sql = "SELECT * FROM user WHERE nonce = '{$_SESSION['user']}'";
    470. 

  470. 			$details = $this->db->query($sql)->fetch();
    471. 

  471. 			return $details;
    472. 

  472. 		}
    473. 

  473. 		else {
    474. 

  474. 			return FALSE;
    475. 

  475. 		}
    476. 

  476. 	}
    477. 

  477. 

  478. 	function is_admin()
    479. 

  479. 	{
    480. 

  480. 		if (isset($_SESSION['user'])) {
    481. 

  481. 			$sql = "SELECT level FROM user WHERE nonce = '{$_SESSION['user']}'";
    482. 

  482. 			$level_rec = $this->db->query($sql)->fetch();
    483. 

  483. 			if ($level_rec['level'] == 0) {
    484. 

  484. 				return TRUE;
    485. 

  485. 			}
    486. 

  486. 		}
    487. 

  487. 		return FALSE;
    488. 

  488. 	}
    489. 

  489. 

  490. 

  491. };
    492. 

  492. 

  493.