/**
* User Information Fetching
* -------------------------
* Fetch user info from dA upon request to nonexistant user
*
* @param string $username
* @param string $dbcols
*
* @return User|null|false
*/
function fetch($username, $dbcols = null)
{
global $Database, $USERNAME_REGEX;
if (!$USERNAME_REGEX->match($username)) {
return null;
}
$oldName = $Database->where('old', $username)->getOne('log__da_namechange', 'id');
if (!empty($oldName)) {
return self::get($oldName['id'], 'id', $dbcols);
}
try {
$userdata = DeviantArt::request('user/whois', null, array('usernames[0]' => $username));
} catch (CURLRequestException $e) {
return null;
}
if (empty($userdata['results'][0])) {
return false;
}
$userdata = $userdata['results'][0];
$ID = strtolower($userdata['userid']);
/** @var $DBUser User */
$DBUser = $Database->where('id', $ID)->getOne('users', 'name');
$userExists = !empty($DBUser);
$insert = array('name' => $userdata['username'], 'avatar_url' => URL::makeHttps($userdata['usericon']));
if (!$userExists) {
$insert['id'] = $ID;
}
if (!($userExists ? $Database->where('id', $ID)->update('users', $insert) : $Database->insert('users', $insert))) {
throw new \Exception('Saving user data failed' . (Permission::sufficient('developer') ? ': ' . $Database->getLastError() : ''));
}
if (!$userExists) {
Logs::action('userfetch', array('userid' => $insert['id']));
}
$names = array($username);
if ($userExists && $DBUser->name !== $username) {
$names[] = $DBUser->name;
}
foreach ($names as $name) {
if (strcasecmp($name, $insert['name']) !== 0) {
if (UserPrefs::get('discord_token', $ID) === 'true') {
UserPrefs::set('discord_token', '', $ID);
}
Logs::action('da_namechange', array('old' => $name, 'new' => $insert['name'], 'id' => $ID), Logs::FORCE_INITIATOR_WEBSERVER);
}
}
return self::get($insert['name'], 'name', $dbcols);
}
use App\Cookie;
use App\CSRFProtection;
use App\DeviantArt;
use App\Exceptions\CURLRequestException;
use App\Permission;
use App\Response;
use App\Users;
use App\Models\User;
/** @var $signedIn bool */
if (!$signedIn) {
Response::success("You've already signed out");
}
CSRFProtection::protect();
if (isset($_REQUEST['unlink'])) {
try {
DeviantArt::request('https://www.deviantart.com/oauth2/revoke', null, array('token' => $currentUser->Session['access']));
} catch (CURLRequestException $e) {
Response::fail("Coulnd not revoke the site's access: {$e->getMessage()} (HTTP {$e->getCode()})");
}
}
if (isset($_REQUEST['unlink']) || isset($_REQUEST['everywhere'])) {
$col = 'user';
$val = $currentUser->id;
$username = Users::validateName('username', null, true);
if (isset($username)) {
if (!Permission::sufficient('staff') || isset($_REQUEST['unlink'])) {
Response::fail();
}
/** @var $TargetUser User */
$TargetUser = $Database->where('name', $username)->getOne('users', 'id,name');
if (empty($TargetUser)) {
/**
* Requests or refreshes an Access Token
* $type defaults to 'authorization_code'
*
* @param string $code
* @param null|string $type
*
* @return User|void
*/
static function getToken(string $code, string $type = null)
{
global $Database, $http_response_header;
if (empty($type) || !in_array($type, array('authorization_code', 'refresh_token'))) {
$type = 'authorization_code';
}
$URL_Start = 'https://www.deviantart.com/oauth2/token?client_id=' . DA_CLIENT . '&client_secret=' . DA_SECRET . "&grant_type={$type}";
switch ($type) {
case "authorization_code":
$json = DeviantArt::request("{$URL_Start}&code={$code}" . OAUTH_REDIRECT_URI, false);
break;
case "refresh_token":
$json = DeviantArt::request("{$URL_Start}&refresh_token={$code}", false);
break;
}
if (empty($json)) {
if (Cookie::exists('access')) {
$Database->where('access', Cookie::get('access'))->delete('sessions');
Cookie::delete('access', Cookie::HTTPONLY);
}
HTTP::redirect("/da-auth?error=server_error&error_description={$http_response_header[0]}");
}
if (empty($json['status'])) {
HTTP::redirect("/da-auth?error={$json['error']}&error_description={$json['error_description']}");
}
$userdata = DeviantArt::request('user/whoami', $json['access_token']);
/** @var $User Models\User */
$User = $Database->where('id', $userdata['userid'])->getOne('users');
if (isset($User->role) && $User->role === 'ban') {
$_GET['error'] = 'user_banned';
$BanReason = $Database->where('target', $User->id)->orderBy('entryid', 'ASC')->getOne('log__banish');
if (!empty($BanReason)) {
$_GET['error_description'] = $BanReason['reason'];
}
return;
}
$UserID = strtolower($userdata['userid']);
$UserData = array('name' => $userdata['username'], 'avatar_url' => URL::makeHttps($userdata['usericon']));
$AuthData = array('access' => $json['access_token'], 'refresh' => $json['refresh_token'], 'expires' => date('c', time() + intval($json['expires_in'])), 'scope' => $json['scope']);
$cookie = bin2hex(random_bytes(64));
$AuthData['token'] = sha1($cookie);
$browser = CoreUtils::detectBrowser();
foreach ($browser as $k => $v) {
if (!empty($v)) {
$AuthData[$k] = $v;
}
}
if (empty($User)) {
$MoreInfo = array('id' => $UserID, 'role' => 'user');
$makeDev = !$Database->has('users');
if ($makeDev) {
$MoreInfo['id'] = strtoupper($MoreInfo['id']);
}
$Insert = array_merge($UserData, $MoreInfo);
$Database->insert('users', $Insert);
$User = new User($Insert);
if ($makeDev) {
$User->updateRole('developer');
}
} else {
$Database->where('id', $UserID)->update('users', $UserData);
}
if (empty($makeDev) && !empty($User) && Permission::insufficient('member', $User->role) && $User->isClubMember()) {
$User->updateRole('member');
}
if ($type === 'refresh_token') {
$Database->where('refresh', $code)->update('sessions', $AuthData);
} else {
$Database->where('user', $User->id)->where('scope', $AuthData['scope'], '!=')->delete('sessions');
$Database->insert('sessions', array_merge($AuthData, array('user' => $UserID)));
}
$Database->rawQuery("DELETE FROM sessions WHERE \"user\" = ? && lastvisit <= NOW() - INTERVAL '1 MONTH'", array($UserID));
Cookie::set('access', $cookie, time() + Time::$IN_SECONDS['year'], Cookie::HTTPONLY);
return $User ?? null;
}
