/**
* Removes a user from a group
*
* @param $user_id
*
* @param $group_id
*
* @return null
*/
public function RemoveUser($user_id, $group_id)
{
if ($this->GroupExists($group_id)) {
$this->users->SetUserGroup($user_id, SettingsManager::GetSetting('syscrack_default_group'));
}
return null;
}
/**
* Registered a new database session
*
* @param $user_id
*
* @return bool|string
*/
public function RegisterSession($user_id)
{
/**
* This userID is invalid!
*/
if ($this->user_extension->GetUser($user_id) == null) {
return false;
}
/**
* Does this user already have to many sessions?
*/
if (count($this->session_extension->GetAllUserSessions($user_id)) >= SettingsManager::GetSetting('syscrack_session_limit')) {
/**
* If so, we delete the first session we see.
*/
$result = $this->session_extension->GetFirstSessionID($user_id);
/**
* If our result is not equal to null
*/
if ($result != null) {
/**
* Trash it!
*/
$this->session_extension->TrashSession($result);
}
}
/**
* If all the checks are done, lets create a new session!
*/
$this->StartSession();
/**
* Regenerate that ID!
*/
$this->RegenerateSessionID();
/**
* Lets set our cookies!
*/
if ($this->GetSessionID() != null) {
/**
* This sets the user_id of the user stored in their cookies
*/
$this->SetUserID($user_id);
}
/**
* Now lets add this to the database
*/
$this->session_extension->InsertSession($user_id, $this->GetSessionID());
/**
* Return the session_id!
*/
return $this->GetSessionID();
}
/**
* Gets the connection settings required to start a database connection
*
* @return array
*/
public static function GetConnectionSettings()
{
/**
* Lets first decrypt our file settings
*/
SettingsManager::$database_settings = SettingsManager::DecryptDatabaseSettings();
/**
* A payload for the other settings needed to form a connection.
*/
$payload = ['driver' => 'mysql', 'charset' => 'utf8', 'collation' => 'utf8_unicode_ci', 'prefix' => ''];
/**
* Merges the two arrays together.
*/
return array_merge(SettingsManager::$database_settings, $payload);
}
/**
* Verifies a users email
*
* @param $user_id
*
* @param $token
*
* @return bool
*/
public function VerifyUser($user_id, $token)
{
if ($this->user_actions->GetUser($user_id) != null) {
if ($this->IsVerified($user_id)) {
return false;
}
/**
* Lets get our attempts
*/
$attempts = $this->GetVerifyAttempts($user_id);
/**
* No attempts have been made
*/
if ($attempts == null) {
return false;
}
/**
* If it is in this array, lets pull the single result it is found in
*/
if (in_array($attempts, $token)) {
$row = $this->PickRow($attempts, $token);
/**
* If this token is valid, lets now check its date and see if it matches up
*/
if ($row['token_date'] < Time::HoursPast($row['token_date'], SettingsManager::GetSetting('syscrack_security_email_verification_time'))) {
/**
* Great, this token matches the user, its in date, and its valid! Hurray!
*/
$this->database->RemoveUserTokens($user_id);
/**
* Then lets return true!
*/
return true;
}
}
}
/**
* The user has not verified!
*/
return false;
}
/**
* Starts a new connection
*/
protected function CreateConnection()
{
/**
* Get our connection settings from the setting master
*/
$settings = SettingsManager::GetConnectionSettings();
/**
* If these settings are null
*/
if ($settings == null) {
//TODO: Error builder.
return null;
}
/**
* Add a new connection with these settings
*/
$this->capsule->addConnection($settings);
/**
* Set this capsule to be global
*/
$this->capsule->setAsGlobal();
}
/**
* Gets the scope of which we search
*
* @return int
*/
public function GetHoursScope()
{
return Time::HoursAhead(SettingsManager::GetSetting('syscrack_security_bruteforce_scope'));
}
/**
* Checks to see if our email is verified
*
* @param $user_id
*
* @return bool
*/
public function IsEmailVerified($user_id)
{
/**
* We will instantly return true if we are now using verified emails!
*/
if (SettingsManager::GetSetting('syscrack_security_email_require_verify') == false) {
return true;
}
/**
* If not, lets check their email
*/
if ($this->user->Manager()->GetUser($user_id) != null) {
/**
* Is our email verified?
*/
if ($this->user->EmailVerified($user_id)) {
return true;
}
}
return false;
}
/**
* Attempts a registration
*
* @param $username
*
* @param $password
*
* @param $email
*
* @param bool|true $return_token
*
* @return bool
*/
public function AttemptRegistration($username, $password, $email, $return_token = true)
{
if (SettingsManager::GetSetting('syscrack_allow_registration') == false) {
/**
* Add an error stating registration is disabled.
*/
ErrorBuilder::AddError("Sorry, Registration is disabled!");
/**
* Return false;
*/
return false;
}
/**
* If username is already taken
*/
if ($this->user->GetUserID($username) != null) {
/**
* Return an error is the username is taken
*/
ErrorBuilder::AddError("Sorry, this username is taken.");
/**
* Return false;
*/
return false;
}
/**
* Lets now check all of our data
*/
if (StringChecker::CheckLength(5, $username) == false || StringChecker::CheckLength(5, $password) == false) {
/**
* Throw out an error
*/
ErrorBuilder::AddError("The data you entered is to small.");
/**
* Return false!
*/
return false;
}
/**
* Username has special characters
*/
if (StringChecker::HasSpecialCharacters($username)) {
/**
* The username has special characters!
*/
ErrorBuilder::AddError("Your username has special characters.");
/**
* Return false
*/
return false;
}
/**
* Password to weak
*/
if (StringChecker::GetScore($password) < 5) {
/**
* Password is far to weak!
*/
ErrorBuilder::AddError("Your password is to weak.");
/**
* Return false
*/
return false;
}
/**
* Is this an email?
*/
if (StringChecker::IsEmail($email) == false) {
/**
* Its not an email
*/
ErrorBuilder::AddError("The email you entered is invalid.");
/**
* Return false
*/
return false;
}
/**
* If the email already has an owner.
*/
if ($this->user->EmailOwner($email) != null) {
/**
* This email is already taken!
*/
ErrorBuilder::AddError("This email is already registered to an account, maybe you forgot your password?");
/**
* Return false
*/
return false;
}
/**
* If we have reached this point, everything is valid! Now lets generate a salt
*/
$salt = $this->GenerateSalt();
/**
* Very important not to continue if the salt is null
*/
if ($salt != null) {
/**
* Great, we've now encrypted the password
*/
$encrypted_password = $this->EncryptPassword($password, $salt);
/**
* Another check, lets not continue if this is null!
*/
if ($encrypted_password != null) {
/**
* Lets now insert them into the database
*/
$this->user->Manager()->InsertUser($username, $encrypted_password, $salt, $email, $this->DefaultPermissionGroup());
/**
* But, we are not done yet, this user cannot login until they have verified their email! Lets create a token for them!
*/
if ($this->user->GetUserID($username) != null) {
/**
* Lets get the user id
*/
$user_id = $this->user->GetUserID($username)['user_id'];
/**
* Lets make that request
*/
$result = $this->MakeVerifyRequest($user_id, $email);
/**
* We sent that email successfully
*/
if ($result == true) {
/**
* If we are set to return this access token (normally we are)
*/
if ($return_token) {
/**
* Gets the first row
*/
$row = Result::GetFirst($this->user->Email()->verify->GetVerifyAttempts($user_id));
/**
* Return the token
*/
return $row['token_key'];
}
/**
* Else, return true!
*/
return true;
} else {
/**
* Error this user
*/
ErrorBuilder::AddError("We was unable to send you a verification email, please try again later");
/**
* Delete them from the table (unable to verify)
*/
$this->user->Manager()->TrashUser($user_id);
/**
* Delete that verification attempt
*/
$this->user->Email()->verify->HasDeleteAttempts($user_id);
/**
* Return false
*/
return false;
}
}
}
}
/**
* An error occurred that we could not determine
*/
return false;
}
/**
* Sets the name
*/
private function SetName()
{
session_name(SettingsManager::GetSetting('syscrack_session_name'));
}
/**
* Outputs a full list of mail settings, ready to be sent.
*
* @param $recipient
*
* @param $subject
*
* @param $body
*
* @return array
*/
public function EasySettings($recipient, $subject, $body)
{
return ["Host" => SettingsManager::GetSetting('syscrack_mailer_host'), "SMTPAuth" => SettingsManager::GetSetting('syscrack_mailer_auth'), "SMTPSecure" => SettingsManager::GetSetting('syscrack_mailer_security'), "Post" => SettingsManager::GetSetting('syscrack_mailer_port'), "isHTML" => SettingsManager::GetSetting('syscrack_mailer_html'), "addAddress" => $recipient, "Subject" => $subject, 'Body' => $body];
}
