/** * User Information Fetching * ------------------------- * Fetch user info from dA upon request to nonexistant user * * @param string $username * @param string $dbcols * * @return User|null|false */ function fetch($username, $dbcols = null) { global $Database, $USERNAME_REGEX; if (!$USERNAME_REGEX->match($username)) { return null; } $oldName = $Database->where('old', $username)->getOne('log__da_namechange', 'id'); if (!empty($oldName)) { return self::get($oldName['id'], 'id', $dbcols); } try { $userdata = DeviantArt::request('user/whois', null, array('usernames[0]' => $username)); } catch (CURLRequestException $e) { return null; } if (empty($userdata['results'][0])) { return false; } $userdata = $userdata['results'][0]; $ID = strtolower($userdata['userid']); /** @var $DBUser User */ $DBUser = $Database->where('id', $ID)->getOne('users', 'name'); $userExists = !empty($DBUser); $insert = array('name' => $userdata['username'], 'avatar_url' => URL::makeHttps($userdata['usericon'])); if (!$userExists) { $insert['id'] = $ID; } if (!($userExists ? $Database->where('id', $ID)->update('users', $insert) : $Database->insert('users', $insert))) { throw new \Exception('Saving user data failed' . (Permission::sufficient('developer') ? ': ' . $Database->getLastError() : '')); } if (!$userExists) { Logs::action('userfetch', array('userid' => $insert['id'])); } $names = array($username); if ($userExists && $DBUser->name !== $username) { $names[] = $DBUser->name; } foreach ($names as $name) { if (strcasecmp($name, $insert['name']) !== 0) { if (UserPrefs::get('discord_token', $ID) === 'true') { UserPrefs::set('discord_token', '', $ID); } Logs::action('da_namechange', array('old' => $name, 'new' => $insert['name'], 'id' => $ID), Logs::FORCE_INITIATOR_WEBSERVER); } } return self::get($insert['name'], 'name', $dbcols); }
use App\Cookie; use App\CSRFProtection; use App\DeviantArt; use App\Exceptions\CURLRequestException; use App\Permission; use App\Response; use App\Users; use App\Models\User; /** @var $signedIn bool */ if (!$signedIn) { Response::success("You've already signed out"); } CSRFProtection::protect(); if (isset($_REQUEST['unlink'])) { try { DeviantArt::request('https://www.deviantart.com/oauth2/revoke', null, array('token' => $currentUser->Session['access'])); } catch (CURLRequestException $e) { Response::fail("Coulnd not revoke the site's access: {$e->getMessage()} (HTTP {$e->getCode()})"); } } if (isset($_REQUEST['unlink']) || isset($_REQUEST['everywhere'])) { $col = 'user'; $val = $currentUser->id; $username = Users::validateName('username', null, true); if (isset($username)) { if (!Permission::sufficient('staff') || isset($_REQUEST['unlink'])) { Response::fail(); } /** @var $TargetUser User */ $TargetUser = $Database->where('name', $username)->getOne('users', 'id,name'); if (empty($TargetUser)) {
/** * Requests or refreshes an Access Token * $type defaults to 'authorization_code' * * @param string $code * @param null|string $type * * @return User|void */ static function getToken(string $code, string $type = null) { global $Database, $http_response_header; if (empty($type) || !in_array($type, array('authorization_code', 'refresh_token'))) { $type = 'authorization_code'; } $URL_Start = 'https://www.deviantart.com/oauth2/token?client_id=' . DA_CLIENT . '&client_secret=' . DA_SECRET . "&grant_type={$type}"; switch ($type) { case "authorization_code": $json = DeviantArt::request("{$URL_Start}&code={$code}" . OAUTH_REDIRECT_URI, false); break; case "refresh_token": $json = DeviantArt::request("{$URL_Start}&refresh_token={$code}", false); break; } if (empty($json)) { if (Cookie::exists('access')) { $Database->where('access', Cookie::get('access'))->delete('sessions'); Cookie::delete('access', Cookie::HTTPONLY); } HTTP::redirect("/da-auth?error=server_error&error_description={$http_response_header[0]}"); } if (empty($json['status'])) { HTTP::redirect("/da-auth?error={$json['error']}&error_description={$json['error_description']}"); } $userdata = DeviantArt::request('user/whoami', $json['access_token']); /** @var $User Models\User */ $User = $Database->where('id', $userdata['userid'])->getOne('users'); if (isset($User->role) && $User->role === 'ban') { $_GET['error'] = 'user_banned'; $BanReason = $Database->where('target', $User->id)->orderBy('entryid', 'ASC')->getOne('log__banish'); if (!empty($BanReason)) { $_GET['error_description'] = $BanReason['reason']; } return; } $UserID = strtolower($userdata['userid']); $UserData = array('name' => $userdata['username'], 'avatar_url' => URL::makeHttps($userdata['usericon'])); $AuthData = array('access' => $json['access_token'], 'refresh' => $json['refresh_token'], 'expires' => date('c', time() + intval($json['expires_in'])), 'scope' => $json['scope']); $cookie = bin2hex(random_bytes(64)); $AuthData['token'] = sha1($cookie); $browser = CoreUtils::detectBrowser(); foreach ($browser as $k => $v) { if (!empty($v)) { $AuthData[$k] = $v; } } if (empty($User)) { $MoreInfo = array('id' => $UserID, 'role' => 'user'); $makeDev = !$Database->has('users'); if ($makeDev) { $MoreInfo['id'] = strtoupper($MoreInfo['id']); } $Insert = array_merge($UserData, $MoreInfo); $Database->insert('users', $Insert); $User = new User($Insert); if ($makeDev) { $User->updateRole('developer'); } } else { $Database->where('id', $UserID)->update('users', $UserData); } if (empty($makeDev) && !empty($User) && Permission::insufficient('member', $User->role) && $User->isClubMember()) { $User->updateRole('member'); } if ($type === 'refresh_token') { $Database->where('refresh', $code)->update('sessions', $AuthData); } else { $Database->where('user', $User->id)->where('scope', $AuthData['scope'], '!=')->delete('sessions'); $Database->insert('sessions', array_merge($AuthData, array('user' => $UserID))); } $Database->rawQuery("DELETE FROM sessions WHERE \"user\" = ? && lastvisit <= NOW() - INTERVAL '1 MONTH'", array($UserID)); Cookie::set('access', $cookie, time() + Time::$IN_SECONDS['year'], Cookie::HTTPONLY); return $User ?? null; }