/php/Login.php

<?php



require_once 'Database.php';



class NotLoggedIn extends Exception { }



class Login {

	private static $logged = null;

	public static $name;

	public static $email;

	public static $status;

	public static $id;

	

	

	public static function register($user, $email, $pass1, $pass2) {

		// Check that everything is okay

		if (strlen($user) > 30)

			return 'Username is too long!';

		if (strlen($user) < 1)

			return 'Username is too short!';

		if (!self::valid_name($user))

			return 'Username contains invalid characters!';

		if (DB::user_exists($user))

			return 'Username is already in use!';

		if (filter_var($email, FILTER_VALIDATE_EMAIL) !== $email)

			return 'Invalid email!';

		if (strlen($pass1) < 6)

			return 'Password is too short! It should be at least 6 characters.';

		if ($pass1 !== $pass2)

			return 'Passwords didn\'t match!';

		

			

		$salt = self::create_salt();

		$hash = self::create_hash($pass1, $salt);

		

		$succ = DB::add_user($user, $email, $hash);

		

		if (!$succ)

			return 'Something went horribly wrong! Try again or contact admin.';

			

		return true;

	}

	

	public static function log_in($user, $pass, $persistent) {

		if (!self::valid_name($user))

			return 'Invalid username!';

		

		$info = DB::get_user_info($user);

		

		if (!$info)

			return 'Invalid username!';

		

		if (!self::right_pass($pass, $info['hash']))

			return 'Wrong password!';

		

		self::create_cookie($info, $persistent);

		self::$logged = true;

		

		self::set_login_info($info);

		

		return true;

	}

	

	public static function is_logged_in() {

		if (self::$logged === true) return true;

		if (self::$logged === false) return false;

		

		if (!isset($_COOKIE['li_name'])) return false;

		if (!isset($_COOKIE['li_foo'])) return false;

		if (!isset($_COOKIE['li_bar'])) return false;

		

		$info = DB::get_user_info($_COOKIE['li_name']);

		

		if (!$info)

			return false;

		

		if ($info['name'] !== $_COOKIE['li_name'])

			return false;

		

		$hash = self::create_cookie_hash($info, $_COOKIE['li_bar']);

		if ($hash !== $_COOKIE['li_foo'])

			return false;

		

		self::set_login_info($info);

		return true;

	}

	

	public static function log_out() {

		setcookie('li_name', '', time() - 3600, '/');

		setcookie('li_foo', '', time() - 3600, '/');

		setcookie('li_bar', '', time() - 3600, '/');

		self::$logged = false;

	}

	

	public static function protect() {

		if (!Login::is_logged_in()) {

			echo 'Not logged in.';

			throw new NotLoggedIn();

		}

	}

	

	private static function set_login_info($info) {

		self::$name = $info['name'];

		self::$email = $info['email'];

		self::$id = $info['id'];

		self::$status = $info['status'];

		self::$logged = true;

	}

	

	private static function create_cookie($info, $persistent) {

		$exp = ($persistent ? 2000000000 : 0);

		$salt = self::create_cookie_salt();

		$hash = self::create_cookie_hash($info, $salt);

		

		setcookie('li_name', $info['name'], $exp, '/');

		setcookie('li_foo', $hash, $exp, '/');

		setcookie('li_bar', $salt, $exp, '/');

	}

	

	

	private static function create_cookie_hash($info, $salt) {

		$data = $info['name'] . $info['id'] . $info['hash'] . $info['status'] .

		        $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $salt;

		return hash('sha256', $data);

	}

	

	private static function create_cookie_salt() {

		return hash('sha1', self::create_salt());

	}

	

	private static function valid_name($name) {

		return (preg_match('/^[a-zA-Z0-9_-]+$/', $name) === 1);

	}

	

	private static function create_salt() {

		return substr(str_replace('+', '.', base64_encode(sha1(uniqid(microtime(true)), true))), 0, 22);

	}

	

	private static function create_hash($pass, $salt) {

		return crypt($pass, '$2a$10$' . $salt);

	}

	

	private static function right_pass($pass, $hash) {

		return (crypt($pass, $hash) === $hash);

	}

}