diff options
| author | Malf Furious <m@lfurio.us> | 2016-02-07 14:01:22 -0500 |
|---|---|---|
| committer | Malf Furious <m@lfurio.us> | 2016-02-07 14:01:22 -0500 |
| commit | 72e37180b69db2c067b926b54c64e1989bef0be4 (patch) | |
| tree | d5e76f4894d3822f1923464c641c63fa283bdd2b /app/class/user.class.php | |
| parent | 43ca317ea7d49396eb2958a38aed8b737ef4186b (diff) | |
| parent | c5564a0a2ae183c533a38905eccdbf383030cd4c (diff) | |
| download | scrott-72e37180b69db2c067b926b54c64e1989bef0be4.tar.gz scrott-72e37180b69db2c067b926b54c64e1989bef0be4.zip | |
Merge branch 'auth' into dev
Diffstat (limited to 'app/class/user.class.php')
| -rw-r--r-- | app/class/user.class.php | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/app/class/user.class.php b/app/class/user.class.php index 8ef91ae..bd2e174 100644 --- a/app/class/user.class.php +++ b/app/class/user.class.php @@ -17,6 +17,7 @@ class User extends Object "key", "salt", "alias", + "admin", "email", "emailConf", "emailConfKey" @@ -25,6 +26,100 @@ class User extends Object parent::__construct("user", $cols); $this->loadObj($guid); } + + /* + * Initialize object by username + */ + function initByUsername($username) + { + $query = "SELECT guid FROM object WHERE type = 'user' AND name = '" . $this->db->esc($username) . "'"; + $result = $this->db->query($query); + + if (count($result) == 0) + return false; + + $this->loadObj($result[0]['guid']); + return true; + } + + /* + * Get all users -- ordered by name, ascending + */ + function getAllUsers_orderByName() + { + $query = "SELECT guid FROM `object` WHERE `type` = 'user' ORDER BY name"; + $result = $this->db->query($query); + + $users = array(); + + foreach ($result as $u) + $users[] = new User($u['guid']); + + return $users; + } + + /* + * Check whether a given username is currently in use + */ + function usernameInUse($username) + { + $escd_username = $this->db->esc($username); + + $query = "SELECT name FROM object WHERE type = 'user' AND name = '" . $escd_username . "'"; + $results = $this->db->query($query); + + if (count($results) > 0) + return true; + + return false; + } + + /* + * Generate a key from a user's password and salt + */ + function getKey($password, $salt) + { + return hash("sha256", $salt . $password); + } + + /* + * Create a new User object with the given username and keyed with the given plain-text password + * This function returns false if $username is already being used + * On success, this object should be initialized as the new user (use only on new User() objects) + */ + function createNewUser($username, $password) + { + if ($this->usernameInUse($username)) + return false; + + /* if there exist no users already, make this new one an admin */ + if (count($this->getAllUsers_orderByName()) == 0) + $this->admin = 1; + + $this->perms = 0; + $this->name = $username; + $this->type = "user"; + $this->salt = $this->getBlob(); + $this->key = $this->getKey($password, $this->salt); + $this->emailConf = 0; + $this->emailConfKey = $this->getBlob(); + + $this->saveObj(); + + $this->owner = $this->guid; + $this->saveObj(); + + return true; + } + + /* + * Validate the password for this user. Returns true if correct, false otherwise + */ + function validatePassword($password) + { + $key = $this->getKey($password, $this->salt); + return $key == $this->key; + } } ?> |