/**
* Constructor.
*
* @param string $sTable Table name.
* @param string $sName Fielde name. Default NULL
* @param string $sType Field type. Default NULL
* @param integer $iLength Length field. Default NULL
* @param string $sDefVal Default field value. Default NULL
*/
public function __construct($sTable, $sName = null, $sType = null, $iLength = null, $sDefVal = null)
{
$this->_sTable = Various::checkModelTable($sTable);
$this->_sName = $sName;
$this->_sType = $sType;
$this->_iLength = (int) $iLength;
$this->_sDefVal = $sDefVal;
}
/**
* Send a Security Alert Login Attempts email.
*
* @param integer $iMaxAttempts
* @param integer $iAttemptTime
* @param string $sIp IP address
* @param string $sTo Email address to send the message.
* @param object \PH7\Framework\Layout\Tpl\Engine\PH7Tpl\PH7Tpl $oView
* @param string $sTable Default 'Members'
* @return void
*/
public function sendAlertLoginAttemptsExceeded($iMaxAttempts, $iAttemptTime, $sIp, $sTo, PH7Tpl $oView, $sTable = 'Members')
{
Various::checkModelTable($sTable);
$sForgotPwdLink = Uri::get('lost-password', 'main', 'forgot', Various::convertTableToMod($sTable));
$oView->content = t('Dear, %0%', (new UserCoreModel())->getUsername($sTo, $sTable)) . '<br />' . t('Somebody tried to connect more %0% times with the IP address: "%1%".', $iMaxAttempts, $sIp) . '<br />' . t('For safety reasons we have blocked access to this person for a delay of %1% minutes.', $iAttemptTime) . '<br /><ol><li>' . t('If it is you who have made the connection attempts, we suggest you request a new password <a href="%0%">here</a> in %1% minutes.', $iAttemptTime, $sForgotPwdLink) . '</li><li>' . t('If you do not know the person who made the connection attempts, you should be very careful and change your password to a password more complicated.') . '<br />' . t('We also recommend that you change the password for your mailbox, because it is in this box email we send a potential new password in case you forget.') . '</li></ol><br /><hr />' . t('Have a nice day!');
$sMessageHtml = $oView->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/core/alert_login_attempt.tpl', $sTo);
$aInfo = ['to' => $sTo, 'subject' => t('Security Alert : Login Attempts - %site_name%')];
(new Mail())->send($aInfo, $sMessageHtml);
}
/**
* Generic method to check if the field exists and with the check \PH7\Framework\Mvc\Model\Engine\Util\Various::checkModelTable() method.
*
* @access protected
* @param string $sColumn
* @param string $sValue
* @param string $sTable
* @param string $sType PDO PARAM TYPE (\PDO::PARAM_*). Default is \PDO::PARAM_STR
* @param string $sParam Optional WHERE parameter SQL.
* @return boolean Returns TRUE if it exists, FALSE otherwise.
*/
protected function _is($sColumn, $sValue, $sTable, $sType = null, $sParam = null)
{
Various::checkModelTable($sTable);
$sType = empty($sType) ? \PDO::PARAM_STR : $sType;
$rExists = Db::getInstance()->prepare('SELECT COUNT(' . $sColumn . ') FROM' . Db::prefix($sTable) . 'WHERE ' . $sColumn . ' = :column ' . $sParam . ' LIMIT 1');
$rExists->bindValue(':column', $sValue, $sType);
$rExists->execute();
return $rExists->fetchColumn() == 1;
}
public function updateScore($fScore, $iId, $sTable)
{
$sTable = Various::checkTable($sTable);
$sWhere = Various::convertTableToId($sTable);
$rStmt = Db::getInstance()->prepare('UPDATE' . Db::prefix($sTable) . 'SET score = :score WHERE ' . $sWhere . ' = :id');
$rStmt->bindValue(':score', $fScore);
$rStmt->bindValue(':id', $iId);
return $rStmt->execute();
}
public function ban($iProfileId, $iBan, $sTable = 'Members')
{
Various::checkModelTable($sTable);
$iProfileId = (int) $iProfileId;
$iBan = (int) $iBan;
$rStmt = Db::getInstance()->prepare('UPDATE' . Db::prefix($sTable) . 'SET ban = :ban WHERE profileId = :profileId');
$rStmt->bindValue(':profileId', $iProfileId, \PDO::PARAM_INT);
$rStmt->bindValue(':ban', $iBan, \PDO::PARAM_INT);
return $rStmt->execute();
}
/**
* This method was created to avoid retrieving the column "views" with the general Model of the module,
* since it uses the cache and therefore cannot retrieve the number of real-time views.
*
* @param integer $iId
* @param string $sTable
* @return integer Number of views.
*/
public static function getView($iId, $sTable)
{
$sWhere = Various::convertTableToId($sTable);
$rStmt = Db::getInstance()->prepare('SELECT views FROM' . Db::prefix($sTable) . 'WHERE ' . $sWhere . ' = :id LIMIT 1');
$rStmt->bindValue(':id', $iId, \PDO::PARAM_INT);
$rStmt->execute();
$oRow = $rStmt->fetch(\PDO::FETCH_OBJ);
Db::free($rStmt);
return (int) @$oRow->views;
}
/**
* Convert table to Ads's ID.
*
* @param string $sTable
* @return mixed (string or void if table is not valid) Returns the table if it is correct.
* @throws If the table is not valid, it throws an exception and displays a error message with the method \PH7\Framework\Mvc\Model\Engine\Util\Various::launchErr() and exit().
*/
public static function convertTableToId($sTable)
{
switch ($sTable) {
case 'Ads':
case 'AdsAffiliates':
$sId = 'adsId';
break;
default:
Framework\Mvc\Model\Engine\Util\Various::launchErr();
}
return $sId;
}
/**
* Get the Affiliated Id of a User.
*
* @param integer $iProfileId
* @param string $sTable 'Members', 'Affiliates' or 'Subscribers'. Default 'Members'
* @return integer The Affiliated ID
*/
public function getAffiliatedId($iProfileId, $sTable = 'Members')
{
$this->cache->start(static::CACHE_GROUP, 'affiliatedId' . $iProfileId . $sTable, static::CACHE_TIME);
if (!($iData = $this->cache->get())) {
Various::checkModelTable($sTable);
$iProfileId = (int) $iProfileId;
$rStmt = Db::getInstance()->prepare('SELECT affiliatedId FROM' . Db::prefix($sTable) . 'WHERE profileId = :profileId LIMIT 1');
$rStmt->bindValue(':profileId', $iProfileId, \PDO::PARAM_INT);
$oRow = $rStmt->fetch(\PDO::FETCH_OBJ);
Db::free($rStmt);
$iData = (int) $oRow->affiliatedId;
unset($oRow);
$this->cache->put($iData);
}
return $iData;
}
public function reset($sMod = '', $sMail = '', $sHash = '')
{
$this->checkMod($sMod);
$sTable = VariousModel::convertModToTable($sMod);
if (!(new UserCoreModel())->checkHashValidation($sMail, $sHash, $sTable)) {
Header::redirect($this->registry->site_url, t('Oops! Email or hash is invalid.'), 'error');
} else {
$sNewPassword = Various::genRndWord(8, 40);
(new UserCoreModel())->changePassword($sMail, $sNewPassword, $sTable);
$this->view->content = t('Hello!<br />Your password has been changed to <em>"%0%"</em>.<br />Please change it next time you login.', $sNewPassword);
$sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/mod/lost-password/recover_password.tpl', $sMail);
$aInfo = ['to' => $sMail, 'subject' => t('Your new password - %site_name%')];
if (!(new Mail())->send($aInfo, $sMessageHtml)) {
Header::redirect($this->registry->site_url, Form::errorSendingEmail(), 'error');
} else {
Header::redirect($this->registry->site_url, t('Your new password has been emailed to you.'));
}
}
}
/**
* Total Logins.
*
* @param string $sTable Default 'Members'
* @param integer $iDay Default '0'
* @param string $sGenger Values available 'all', 'male', 'female'. 'couple' is only available to Members. Default 'all'
*/
public function totalLogins($sTable = 'Members', $iDay = 0, $sGenger = 'all')
{
Framework\Mvc\Model\Engine\Util\Various::checkModelTable($sTable);
$iDay = (int) $iDay;
$bIsDay = $iDay > 0;
$bIsGenger = $sTable === 'Members' ? $sGenger === 'male' || $sGenger === 'female' || $sGenger === 'couple' : $sGenger === 'male' || $sGenger === 'female';
$sSqlDay = $bIsDay ? ' AND (lastActivity + INTERVAL :day DAY) > NOW()' : '';
$sSqlGender = $bIsGenger ? ' AND sex = :gender' : '';
$rStmt = Db::getInstance()->prepare('SELECT COUNT(profileId) AS totalLogins FROM' . Db::prefix($sTable) . 'WHERE username <> \'' . PH7_GHOST_USERNAME . '\'' . $sSqlDay . $sSqlGender);
if ($bIsDay) {
$rStmt->bindValue(':day', $iDay, \PDO::PARAM_INT);
}
if ($bIsGenger) {
$rStmt->bindValue(':gender', $sGenger, \PDO::PARAM_STR);
}
$rStmt->execute();
$oRow = $rStmt->fetch(\PDO::FETCH_OBJ);
return (int) $oRow->totalLogins;
}
public static function display()
{
$sTable = Various::convertModToTable((new Http())->get('mod'));
if (isset($_POST['submit_forgot_password'])) {
if (\PFBC\Form::isValid($_POST['submit_forgot_password'])) {
new ForgotPasswordFormProcess($sTable);
}
Framework\Url\HeaderUrl::redirect();
}
$oForm = new \PFBC\Form('form_forgot_password', 500);
$oForm->configure(array('action' => ''));
$oForm->addElement(new \PFBC\Element\Hidden('submit_forgot_password', 'form_forgot_password'));
$oForm->addElement(new \PFBC\Element\Token('forgot_password'));
$oForm->addElement(new \PFBC\Element\Email(t('Your Email:'), 'mail', array('id' => 'email', 'onblur' => 'CValid(this.value, this.id,\'user\',\'' . $sTable . '\')', 'required' => 1)));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error email"></span>'));
$oForm->addElement(new \PFBC\Element\CCaptcha(t('Captcha:'), 'captcha', array('id' => 'ccaptcha', 'onkeyup' => 'CValid(this.value, this.id)', 'description' => t('Enter the code above:'))));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error ccaptcha"></span>'));
$oForm->addElement(new \PFBC\Element\Button(t('Generate a new password!'), 'submit', array('icon' => 'key')));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<script src="' . PH7_URL_STATIC . PH7_JS . 'validate.js"></script>'));
$oForm->render();
}
/**
* Executes sql queries for the module of the software.
*
* @param string $sSqlModuleFile File SQL
* @return mixed (boolean | array) Returns TRUE if there are no errors, otherwise returns an ARRAY of error information.
*/
public function run($sSqlModuleFile)
{
return Various::execQueryFile($sSqlModuleFile);
}
/**
* Executes sql queries for the upgrade of the software.
*
* @param string $sSqlUpgradeFile File SQL
* @return mixed (boolean | array) Returns TRUE if there are no errors, otherwise returns an ARRAY of error information.
*/
public function run($sSqlUpgradeFile)
{
return Various::execQueryFile($sSqlUpgradeFile);
}
/**
* Restore SQL backup file.
*
* @access public
* @return mixed (boolean | string) Returns TRUE if there are no errors, otherwise returns "the error message".
*/
public function restore()
{
$mRet = Various::execQueryFile($this->_sPathName);
return $mRet !== true ? print_r($mRet, true) : true;
}
/**
* Clear Login Attempts.
*
* @param string $sTable Default 'Members'
* @return void
*/
public function clearLoginAttempts($sTable = 'Members')
{
Various::checkModelTable($sTable);
$rStmt = Db::getInstance()->prepare('DELETE FROM' . Db::prefix($sTable . 'AttemptsLogin') . 'WHERE ip = :ip');
$rStmt->bindValue(':ip', $this->_sIp, \PDO::PARAM_STR);
$rStmt->execute();
Db::free($rStmt);
}
/**
* Get Info Fields from profile ID.
*
* @param integer $iProfileId
* @param string $sTable Default 'MembersInfo'
* @return object
*/
public function getInfoFields($iProfileId, $sTable = 'MembersInfo')
{
$this->cache->start(self::CACHE_GROUP, 'infoFields' . $iProfileId . $sTable, static::CACHE_TIME);
if (!($oData = $this->cache->get())) {
Various::checkModelTable($sTable);
$rStmt = Db::getInstance()->prepare('SELECT * FROM' . Db::prefix($sTable) . 'WHERE profileId = :profileId LIMIT 1');
$rStmt->bindValue(':profileId', $iProfileId, \PDO::PARAM_INT);
$rStmt->execute();
$oColumns = $rStmt->fetch(\PDO::FETCH_OBJ);
Db::free($rStmt);
$oData = new \stdClass();
foreach ($oColumns as $sColumn => $sValue) {
if ($sColumn != 'profileId') {
$oData->{$sColumn} = $sValue;
}
}
$this->cache->put($oData);
}
return $oData;
}
/**
* Generic method to clear the user cache.
*
* @param string $sId Cache ID.
* @param integer $iId User ID.
* @param string $sTable Table name.
* @return void
*/
private function _clearCache($sId, $iId, $sTable)
{
Framework\Mvc\Model\Engine\Util\Various::checkModelTable($sTable);
(new Framework\Cache\Cache())->start(UserCoreModel::CACHE_GROUP, $sId . $iId . $sTable, null)->clear();
}