summaryrefslogtreecommitdiff
path: root/public_html/class/vfsuser.php
diff options
context:
space:
mode:
Diffstat (limited to 'public_html/class/vfsuser.php')
-rw-r--r--public_html/class/vfsuser.php120
1 files changed, 120 insertions, 0 deletions
diff --git a/public_html/class/vfsuser.php b/public_html/class/vfsuser.php
new file mode 100644
index 0000000..931c53c
--- /dev/null
+++ b/public_html/class/vfsuser.php
@@ -0,0 +1,120 @@
+<?php
+
+class vfsuser {
+
+ public $username;
+ public $login = false;
+
+ private $pepper;
+ private $query = false;
+
+ public function __construct($name){
+ $this->username = $name;
+
+ if ( isset($_SESSION["loggedin"]) )
+ $this->login = $_SESSION["loggedin"];
+
+ if ( PEPPER_IS_FILE )
+ $this->pepper=file_get_contents(PEPPER);
+ else
+ $this->pepper=PEPPER;
+
+ $this->_setQuery();
+ }
+
+ # get's everything from the database
+ private function _setQuery(){
+ global $vfsdb;
+
+ $db_db = $vfsdb->doQuery("SELECT * FROM " . DBPREFIX . "user WHERE name='" . $this->username . "';");
+ if ( is_bool($db_db) )
+ $this->query=false;
+ else
+ $this->query=$db_db->fetch_array(MYSQLI_ASSOC);
+ }
+
+ public function getUser(){
+ return $this->query['name'];
+ }
+
+ public function getUserId(){
+ return $this->query['id'];
+ }
+
+ public function getPassword(){
+ return $this->query['password'];
+ }
+
+ public function getInvites(){
+ return $this->query['invites'];
+ }
+
+ public function getEmail(){
+ return $this->query['email'];
+ }
+
+ public function getKey(){
+ return $this->query['invitekey'];
+ }
+
+ public function getStatus(){
+ return $this->query['status'];
+ }
+
+ public function getRegister(){
+ return $this->query['register'];
+ }
+
+ public function getInviter(){
+ return $this->query['inviter'];
+ }
+
+ # check if current user is authenticated
+ public function isLoggedIn(){
+ return $this->login;
+ }
+
+ public function login($password, $second_password){
+
+ # check if both passwords the same
+ if ( $password != $second_password)
+ return false;
+
+ # get hashed password from the database
+ $hashed_password = $this->getPassword();
+
+ # do the password check with php function
+ if ( ! password_verify($password . PEPPER, $hashed_password) )
+ return false;
+
+ # set login to true
+ $this->login = true;
+
+ # start a session if needed
+ if ( session_status() != PHP_SESSION_ACTIVE )
+ session_name(VFS_SESSION);
+ session_start();
+ }
+
+ # set session variable to true
+ $_SESSION["loggedin"] = true;
+
+ return true;
+ }
+
+ public function logout(){
+
+ # no session active, so return false
+ if ( session_status() != PHP_SESSION_ACTIVE )
+ return false;
+
+ # set login to false
+ $this->login = false;
+
+ # destroy session
+ if( ! session_destroy() )
+ return false;
+
+ return true;
+ }
+}