aboutsummaryrefslogtreecommitdiff
path: root/bootstrap/class/user.php
diff options
context:
space:
mode:
Diffstat (limited to 'bootstrap/class/user.php')
-rw-r--r--bootstrap/class/user.php153
1 files changed, 153 insertions, 0 deletions
diff --git a/bootstrap/class/user.php b/bootstrap/class/user.php
new file mode 100644
index 0000000..321ca57
--- /dev/null
+++ b/bootstrap/class/user.php
@@ -0,0 +1,153 @@
+<?php
+
+class jg {
+
+ public $username;
+ public $login = false;
+
+ private $pepper;
+ private $query = false;
+
+ public function __construct($name = null){
+ if ( is_null($name) )
+ return;
+
+ $this->username = $name;
+
+ if ( isset($_SESSION["loggedin"]) )
+ $this->login = $_SESSION["loggedin"];
+
+ $this->_setPepper();
+
+ $this->_setQuery();
+ }
+
+ # get's everything from the database
+ private function _setQuery(){
+ global $vfsdb;
+
+ $sql = $vfsdv->prepare("SELECT * FROM " . DBPREFIX . "user WHERE name=%s;", $this->username);
+ $db_db = $vfsdb->doQuery($sql);
+ if ( is_bool($db_db) )
+ $this->query = false;
+ else
+ $this->query = $db_db->fetch_array(MYSQLI_ASSOC);
+ }
+
+ private function _setPepper(){
+ if ( PEPPER_IS_FILE )
+ $this->pepper = file_get_contents(PEPPER);
+ else
+ $this->pepper = PEPPER;
+ }
+
+ public function getUser(){
+ return $this->query['name'];
+ }
+
+ public function getUserId(){
+ return $this->query['id'];
+ }
+
+ public function getPassword(){
+ return $this->query['password'];
+ }
+
+ public function getEmail(){
+ return $this->query['email'];
+ }
+
+ public function getRegister(){
+ return $this->query['register'];
+ }
+
+ # check if valid user
+ public function isValidUser(){
+ if( ( is_bool($this->query) && ! $this->query ) || is_null($this->query) )
+ return false;
+
+ return true;
+ }
+
+ # check if current user is authenticated
+ public function isLoggedIn(){
+ return $this->login;
+ }
+
+ public function login($password){
+
+ # get hashed password from the database
+ $hashed_password = $this->getPassword();
+
+ # do the password check with php function
+ if ( ! password_verify($password . PEPPER, $hashed_password) )
+ return false;
+
+ # set login to true
+ $this->login = true;
+
+ # start a session if needed
+ if ( session_status() != PHP_SESSION_ACTIVE ) {
+ session_name(VFS_SESSION);
+ session_start();
+ }
+
+ # set session variable to true
+ $_SESSION["loggedin"] = true;
+
+ # assign userid to the session variable
+ $_SESSION["userid"] = $this->getUserId();
+
+ return true;
+ }
+
+ public function logout(){
+
+ # no session active, so return false
+ if ( session_status() != PHP_SESSION_ACTIVE )
+ return false;
+
+ # set login to false
+ $this->login = false;
+
+ # destroy session
+ if( ! session_destroy() )
+ return false;
+
+ return true;
+ }
+
+ public function register($name, $password, $email){
+ global $vfsdb;
+
+ $password = $password . PEPPER;
+ $hash = password_hash($password, PASSWORD_DEFAULT);
+
+ $sql = $vfsdb->prepare("
+ INSERT INTO " . DBPREFIX . "user VALUES (
+ NULL,
+ name = %s,
+ password = %s,
+ email = %s,
+ register = %d
+ );", $name, $hash, $email, time() );
+
+ if ( ! $vfsdb->doQuery($sql) )
+ return false;
+
+ # the user is successfull registered, thus already logged in
+ $this->username = $name;
+
+ # redefine the class attributes
+ $this->_setPepper();
+ $this->_setQuery();
+
+ $this->login($password);
+
+ return true;
+ }
+
+ public function __destruct(){
+ return true;
+ }
+}