/**
* Generates a Query Exception
* @param string $message
* @param int $code
* @param string $caller Caller class' name
*/
public function __construct($message = 'An exception occured', $code = 1, $forceExit = false)
{
if ($forceExit) {
die('Security : ' . \Orion\Core\Security::preventInjection($message));
exit(1);
}
parent::__construct((string) $message, $code, 'Security');
}
/**
* /!\ This method is experimental and should be used only if you know what you are doing.
* Query chain element, joining provided $table to the query.
* This method does not require a bound model.
* But the downside is that you won't have any object formating or column aliasing, so be careful with overlaps.
* @param string $link A table name.
* @param string $leftfield The field from the current table
* @param string $rightfield The field from the joined table
* @param string $type [LEFT|RIGHT|INNER|OUTER]
*/
public function &joinTable($table, $leftfield, $rightfield, $type = 'LEFT')
{
if (empty($table) || empty($leftfield) || empty($rightfield)) {
throw new Core\Exception('Missing arguments while trying to join [' . Core\Security::preventInjection($table) . '].');
}
if (!Core\Tools::match($type, '(natural )?((inner|cross)|(left|right)( outer)?)?', 'i')) {
throw new Core\Exception('Invalid join type while trying to join [' . Core\Security::preventInjection($table) . '].');
}
$this->_JOIN_TABLE[$table] = array($leftfield, $rightfield, $type);
return $this;
}
/**
* Manual login method
* @param type $user
* @param type $password
* @return int Returns 0 if success, else returns a specific error code that is > 0
*/
public static function manualLogin($user, $password)
{
try {
if (empty($user) || empty($password)) {
return self::E_NO_DATA;
}
$data = Models\Auth\User::get()->where('login', Query::EQUAL, $user)->limit(1)->fetch();
if ($data != false) {
if (Models\Auth\User::hasField('verified') && $data->verified == 0) {
return self::E_NOT_VERIFIED;
}
if (Models\Auth\User::hasField('banned') && $data->banned == 1) {
return self::E_BANNED;
}
$hash = Security::saltedHash($password, $user);
if ($hash == $data->password) {
$session = new Models\Auth\User();
$session->login = $data->login;
$session->level = $data->level;
$session->name = $data->name;
$session->surname = $data->surname;
$session->id = $data->id;
self::$user = $session;
$_SESSION['orionauth'] = $session->toArray();
return 0;
} else {
return self::E_PASSWORD_MISMATCH;
}
} else {
return self::E_LOGIN_MISMATCH;
}
} catch (Exception $e) {
throw $e;
}
}
public function &encrypt()
{
$this->password = Core\Security::saltedHash($this->password, $this->login);
return $this;
}