public function sign_up($data)
{
$data = strtr($data, "_-:", "/+=");
if (($data = base64_decode($data)) === false) {
return false;
}
$aes = new AES256($this->settings->secret_website_code);
if (($data = $aes->decrypt($data)) === false) {
return false;
}
if (($data = json_decode($data, true)) === false) {
return false;
}
if ($data["timestamp"] + HOUR < time()) {
return false;
}
$signature = $data["signature"];
unset($data["signature"]);
if ($this->get_signature($data) != $signature) {
return false;
}
if ($this->valid_signup($data) == false) {
return false;
}
$user = array("id" => null, "organisation_id" => 1, "username" => $data["username"], "password" => hash_password($data["password"], $data["username"]), "one_time_key" => null, "status" => USER_STATUS_ACTIVE, "fullname" => $data["fullname"], "email" => $data["email"]);
if ($this->db->query("begin") == false) {
return false;
}
if ($this->db->insert("users", $user) == false) {
$this->db->query("rollback");
return false;
}
$user_id = $this->db->last_insert_id;
if ($this->db->query("insert into user_role values (%d, %d)", $user_id, USER_ROLE_ID) == false) {
$this->db->query("rollback");
return false;
}
$email = new email("New account registered at " . $_SERVER["SERVER_NAME"], $this->setttings->webmaster_email);
$email->set_message_fields(array("FULLNAME" => $data["fullname"], "EMAIL" => $data["email"], "USERNAME" => $data["username"], "HOSTNAME" => $_SERVER["SERVER_NAME"], "IP_ADDR" => $_SERVER["REMOTE_ADDR"]));
$email->message(file_get_contents("../extra/account_registered.txt"));
$email->send($this->settings->webmaster_email);
return $this->db->query("commit") !== false;
}
public function getArrayFromCode($code)
{
$decryptedString = AES256::decrypt($code);
$keyValuePairs = explode(";", $decryptedString);
$resultingArray = array();
foreach ($keyValuePairs as $keyVal) {
$keyValArr = explode(":", $keyVal);
if (count($keyValArr) == 2) {
$resultingArray[$keyValArr[0]] = $keyValArr[1];
}
}
if (count($resultingArray) == 0 or !isset($resultingArray['r'])) {
return false;
}
unset($resultingArray['r']);
return $resultingArray;
}
/**
* Get User from request data.
*
* @return User
*/
public function getUserFromRequest()
{
if (isset($_SESSION[$this->config->sessionVarName]) and is_numeric($_SESSION[$this->config->sessionVarName])) {
$usr = $this->um->getUserById($_SESSION[$this->config->sessionVarName]);
$this->checkIfLoginIsAllowed($usr);
return $usr;
} elseif (!empty($_COOKIE[$this->config->loginCookieName])) {
try {
$cookieData = explode(":", AES256::decrypt($_COOKIE[$this->config->loginCookieName]));
if (count($cookieData) == 2) {
list($userId, $hash) = $cookieData;
$usr = $this->um->getUserById($userId);
$correctHashFotUser = hash('sha256', $usr->login . ":" . $usr->password);
if ($correctHashFotUser === $hash) {
$this->checkIfLoginIsAllowed($usr);
return $usr;
}
}
} catch (Exception $e) {
}
}
return null;
}
