/**
* GoCompare!
* @since Version 3.10.0
* @return \Railpage\Users\SockpuppetManager
*/
public function compare()
{
/**
* Load our reference data first
*/
$ref = array("ips" => json_encode($this->ReferenceUser->getIPs(new DateTime("6 months ago"))));
/**
* Start our SimHash stuff
*/
$SimHash = new SimHash();
$Extractor = new SimpleTextExtractor();
$Comparator = new GaussianComparator(3);
foreach ($ref as $key => $lookup) {
$this->hashes[$key]['reference'] = $SimHash->hash($Extractor->extract($lookup), SimHash::SIMHASH_64);
}
foreach ($this->suspects as $Suspect) {
$suspectData = array("ips" => json_encode($Suspect->getIPs(new DateTime("6 months ago"))));
foreach ($suspectData as $key => $lookup) {
$this->hashes[$key]['suspect'] = $SimHash->hash($Extractor->extract($lookup), SimHash::SIMHASH_64);
}
foreach ($this->hashes as $key => $users) {
$this->results[$Suspect->id][$key] = $Comparator->compare($users['reference'], $users['suspect']);
}
}
}
public function test_newUser()
{
$User = new User();
$User->username = "******";
$User->contact_email = "*****@*****.**";
$User->setPassword("BanControl");
$User->commit();
return $User;
}
public function test_addUser()
{
$User = new User();
$User->username = "******";
$User->contact_email = "*****@*****.**";
$User->setPassword("asdfafasfasdf");
$User->commit();
return $User;
}
public function test_createUser()
{
$User = new User();
$User->username = "******";
$User->contact_email = "*****@*****.**";
$User->setPassword("letmein1234");
$User->commit();
return $User;
}
public function test_addUser()
{
$User = new User();
$User->username = "******";
$User->setPassword('asfdasdf');
$User->contact_email = "*****@*****.**";
$User->commit();
return $User;
}
/**
* Create a demo user
*/
public function testCreateDemoUser()
{
$User = new User();
$User->username = "******";
$User->contact_email = "*****@*****.**";
$User->provider = "railpage";
$User->setPassword("thisisnotmypassword");
$User->commit();
return $User;
}
public function test_createUser()
{
$User = new User();
$User->username = "******";
$User->contact_email = "*****@*****.**";
$User->setPassword("asdfadfa1111zz");
$User->commit();
$User->setUserAccountStatus(User::STATUS_ACTIVE);
return $User;
}
public function testAddUser()
{
$User = new User();
$User->username = "******";
$User->contact_email = "*****@*****.**";
$User->setPassword("letmein1234");
$User->commit();
$this->assertFalse(!filter_var($User->id, FILTER_VALIDATE_INT));
return $User->id;
}
public function test_createUser($username = "******", $email = "*****@*****.**")
{
$User = new User();
$User->username = $username;
$User->contact_email = $email;
$User->setPassword(md5(time()));
$User->commit();
$User->setUserAccountStatus(User::STATUS_ACTIVE);
return $User;
}
public function testAddUser()
{
$User = new User();
$User->username = self::AUTHOR;
$User->setPassword('zasdfasdfadfag');
$User->contact_email = "*****@*****.**";
$User->commit();
$this->assertFalse(!filter_var($User->id, FILTER_VALIDATE_INT));
return $User;
}
/**
* Commit changes to this idea
* @since Version 3.8.7
* @return $this
*/
public function commit()
{
$this->validate();
$data = array("title" => $this->title, "description" => $this->description, "slug" => $this->slug, "votes" => $this->votes, "author" => $this->Author->id, "category_id" => $this->Category->id, "date" => $this->Date->format("Y-m-d H:i:s"), "status" => $this->status);
if (filter_var($this->id, FILTER_VALIDATE_INT)) {
$where = array("id = ?" => $this->id);
$this->db->update("idea_ideas", $data, $where);
} else {
$this->db->insert("idea_ideas", $data);
$this->id = $this->db->lastInsertId();
$this->Author->wheat(5);
/**
* Log the creation of this idea
*/
try {
$Event = new SiteEvent();
$Event->title = "Suggested an idea";
$Event->user_id = $this->Author->id;
$Event->module_name = strtolower($this->Module->name);
$Event->key = "idea_id";
$Event->value = $this->id;
$Event->commit();
} catch (Exception $e) {
die($e->getMessage());
}
}
return $this;
}
/**
* @depends testAddItem
*/
public function test_logContributor($Item)
{
$User = new User();
$User->username = "******";
$User->contact_email = "*****@*****.**";
$User->setPassword('sadfasdfaf');
$User->commit();
$Event = new SiteEvent();
$Event->user_id = $User->id;
$Event->module_name = "help";
$Event->title = "Help item created";
$Event->args = array();
$Event->key = "help_id";
$Event->value = $Item->id;
$Event->commit();
$contributors = $Item->getContributors();
$this->assertTrue(count($contributors) > 0);
}
public function test_addEvent()
{
$User = new User();
$User->username = "******";
$User->contact_email = "*****@*****.**";
$User->setPassword('sadfasdfaf');
$User->commit();
$Event = new SiteEvent();
$Event->user_id = $User->id;
$Event->module_name = "help";
$Event->title = "Help item created";
$Event->args = array();
$Event->key = "help_id";
$Event->value = 1;
$Event->commit();
$Event = new SiteEvent($Event->id);
$Event->title = "sdfasdfadf";
$Event->commit();
}
/**
* Commit changes to this warning
*
* @since Version 3.8.7
* @return void
*/
public function commit()
{
$this->validate();
$data = array("new_warning_level" => trim($this->level), "old_warning_level" => $this->level - trim($this->adjustment), "warn_reason" => trim($this->reason), "actiontaken" => trim($this->action), "mod_comments" => trim($this->comments), "user_id" => $this->Recipient->id, "warned_by" => $this->Issuer->id, "warn_date" => $this->Date->getTimestamp());
$this->db->insert("phpbb_warnings", $data);
$this->id = $this->db->lastInsertId();
$this->Recipient->warning_level = $this->level;
$this->Recipient->commit();
$Message = new Message();
$Message->setRecipient($this->Recipient);
$Message->setAuthor($this->Issuer);
$Message->subject = "You have received an official warning from Railpage";
$Message->body = sprintf("%s,\n\nYou have been issued a warning for breaching our Terms of Use or Rules for Posting.\n\n[b]Reason[/b]\n%s\n\n[b]Action taken[/b]\n%s\n\nRegards,\n%s\n\nRailpage Moderator Team.", $this->Recipient->username, $this->reason, $this->action, $this->Issuer->username);
$Message->send();
}
/**
* Commit changes to this idea
* @since Version 3.8.7
* @return $this
*/
public function commit()
{
$this->validate();
$data = $this->prepareSubmitData();
if (filter_var($this->id, FILTER_VALIDATE_INT)) {
$where = array("id = ?" => $this->id);
$this->db->update("idea_ideas", $data, $where);
$this->makeURLs();
return $this;
}
$this->db->insert("idea_ideas", $data);
$this->id = $this->db->lastInsertId();
$this->Author->wheat(10);
$this->logEvent();
$this->makeURLs();
return $this;
}
/**
* @depends test_newUser
*/
public function test_updateVisit($User)
{
$User->updateVisit(false, time());
$User->updateVisit();
unset($User->mckey);
$User->updateVisit();
$NewUser = new User();
$NewUser->updateVisit();
}
/**
* Force refresh the user group membership
* @since Version 3.9.1
* @param \Railpage\Users\User|int $userObject
* @return void
*/
private function updateUserGroupMembership($userObject)
{
if (filter_var($userObject, FILTER_VALIDATE_INT)) {
$userObject = new User($userObject);
}
if (!$userObject instanceof User) {
throw new Exception("No instance of \\Railpage\\Users\\User provided");
}
$mckey = sprintf("railpage:group=%d.user_id=%d", $this->id, $userObject->id);
$this->Redis->delete($mckey);
$rdkey = sprintf("railpage:usergroups.user_id=%d", $userObject->id);
$this->Redis->delete($rdkey);
$userObject->getGroups(true);
return;
}
public function test_validateNewUser_DefaultTheme()
{
$User = new User();
$User->username = "******";
$User->contact_email = "*****@*****.**";
$User->provider = "google";
$User->default_theme = NULL;
$User->validate();
}
public function testCreateUser()
{
$User = new User();
$User->username = __FUNCTION__;
$User->contact_email = sprintf("*****@*****.**", $User->username);
$User->setPassword("sdfadfa7986asfsdf");
$User->commit();
return $User;
}
/**
* Get an associative array of this object
* @since Version 3.10.0
* @return array
*/
public function getArray()
{
$data = ["id" => $this->id, "name" => $this->name, "description" => $this->desc, "url_file" => $this->url_file, "filename" => $this->filename, "filepath" => $this->filepath, "filesize" => $this->filesize, "mime" => $this->mime, "active" => $this->active, "approved" => $this->approved, "meta" => $this->extra_data, "date" => $this->Date, "author" => $this->Author->getArray(), "url" => $this->url->getURLs(), "thumbnail" => $this->getThumbnail(), "icon" => $this->getIcon()];
return $data;
}
/**
* Build the Forums ACL
* @since Version 3.8.7
* @param boolean $force Force an update of the ACL
* @todo Finish this shit
*/
public function buildACL($force = false)
{
/**
* I hate using Globals...
*/
global $acl;
if (!$this->User instanceof User) {
throw new Exception("A valid user must be set before the ACL can be built");
}
$mckey = "railpage.forums.list";
if ($force || !($forums = getMemcacheObject($mckey))) {
$query = "SELECT forum_id FROM nuke_bbforums";
$forums = $this->db->fetchAll($query);
setMemcacheObject($mckey, $forums);
}
$acl_forums = array();
/**
* Add all the forums to the ACL
*/
foreach ($forums as $row) {
$acl_forum_name = sprintf("railpage.forums.forum:%d", $row['forum_id']);
$acl_forums[$row['forum_id']] = $acl_forum_name;
try {
$acl->get($acl_forum_name);
} catch (Exception $e) {
$acl->addResource(new Zend_Acl_Resource($acl_forum_name));
}
}
/**
* Get the forum permissions from the database
*/
$a_sql = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_vote", "auth_pollcreate");
$auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate');
$query = "SELECT forum_id, " . implode(", ", $a_sql) . ", " . self::AUTH_ACL . " AS auth_mod FROM nuke_bbforums";
$db_acl = array();
foreach ($this->db->fetchAll($query) as $row) {
$db_acl[$row['forum_id']] = $row;
}
/**
* Get the group permissions for this user
*/
$query = "SELECT a.* FROM nuke_bbauth_access AS a WHERE a.group_id IN (SELECT group_id FROM nuke_bbuser_group WHERE user_id = ? AND user_pending = 0)";
$gperms = array();
foreach ($this->db->fetchAll($query, $this->User->id) as $perm) {
$forum_id = $perm['forum_id'];
$group_id = $perm['group_id'];
unset($perm['forum_id']);
unset($perm['group_id']);
$gperms[$forum_id][$group_id] = $perm;
}
/**
* Add the forum permissions to Zend_ACL
*/
foreach ($db_acl as $forum_id => $permissions) {
$allowed = array();
$denied = array();
foreach ($permissions as $item => $value) {
switch ($value) {
case self::AUTH_ALL:
$allowed[] = $item;
break;
case self::AUTH_REG:
if (!$this->User->guest) {
$allowed[] = $item;
}
break;
case self::AUTH_ACL:
if (isset($gperms[$forum_id])) {
foreach ($gperms[$forum_id] as $group) {
foreach ($group as $gitem => $gval) {
switch ($gval) {
case self::AUTH_REG:
$allowed[] = $item;
break;
case self::AUTH_ACL:
// Inception
break;
case self::AUTH_MOD:
if ($this->User->inGroup(RP_GROUP_MODERATORS)) {
$allowed[] = $gitem;
}
break;
case self::AUTH_ADMIN:
if ($this->User->inGroup(RP_GROUP_ADMINS)) {
$allowed[] = $gitem;
}
break;
}
}
}
}
break;
case self::AUTH_MOD:
if ($this->User->inGroup(RP_GROUP_MODERATORS)) {
$allowed[] = $item;
}
break;
case self::AUTH_ADMIN:
if ($this->User->inGroup(RP_GROUP_ADMINS)) {
$allowed[] = $item;
}
break;
}
}
foreach ($permissions as $item => $value) {
if (!in_array($item, $allowed)) {
$denied[] = $item;
}
}
$allowed = array_unique($allowed);
$denied = array_unique($denied);
$acl->allow("forums_viewer", sprintf("railpage.forums.forum:%d", $forum_id), $allowed);
$acl->deny("forums_viewer", sprintf("railpage.forums.forum:%d", $forum_id), $denied);
}
$this->ZendACL = $acl;
}
/**
* @depends testAddIdea
*/
public function testCanVote($idea_id)
{
$User = new User($this->author_id);
$Idea = new Idea($idea_id);
$this->assertFalse($Idea->canVote($User));
unset($User);
$User = new User();
$User->username = __METHOD__;
$User->contact_email = "*****@*****.**";
$User->setPassword("asdfafasfafsdff23434");
$User->commit();
$this->assertTrue($Idea->canVote($User));
$Idea->vote($User);
$this->assertEquals(1, $Idea->getVotes());
$this->assertFalse($Idea->canVote($User));
$this->assertEquals(1, count($Idea->getVoters()));
}
/**
* Get an array of data
* @since Version 3.9.1
* @return array
*/
public function getArray()
{
return array("id" => $this->id, "name" => $this->name, "description" => $this->description, "namespace" => $this->namespace, "created" => array("absolute" => $this->DateCreated->format("Y-m-d H:i:s"), "relative" => ContentUtility::relativeTime($this->DateCreated)), "modified" => array("absolute" => $this->DateModified->format("Y-m-d H:i:s"), "relative" => ContentUtility::relativeTime($this->DateModified)), "url" => $this->url->getURLs(), "owner" => $this->Author->getArray());
}
/**
* Validate a password for this account
*
* Updated to use PHP 5.5's password_hash(), password_verify() and password_needs_rehash() functions
* @since Version 3.8.7
*
* @param string $password
*
* @return boolean
*/
public function validatePassword($password = false, $username = false)
{
Utility\PasswordUtility::validateParameters($password, $username, $this);
/**
* Create a temporary instance of the requested user for logging purposes
*/
try {
$TmpUser = Factory::CreateUserFromUsername($username);
} catch (Exception $e) {
if ($e->getMessage() == "Could not find user ID from given username") {
$TmpUser = new User($this->id);
}
}
/**
* Get the stored password for this username
*/
if ($username && !empty($username) && empty($this->username)) {
$query = "SELECT user_id, user_password, user_password_bcrypt FROM nuke_users WHERE username = ?";
$row = $this->db->fetchRow($query, $username);
$stored_user_id = $row['user_id'];
$stored_pass = $row['user_password'];
$stored_pass_bcrypt = $row['user_password_bcrypt'];
} elseif (!empty($this->password)) {
$stored_user_id = $this->id;
$stored_pass = $this->password;
$stored_pass_bcrypt = $this->password_bcrypt;
}
/**
* Check if the invalid auth timeout is in effect
*/
if (isset($TmpUser->meta['InvalidAuthTimeout'])) {
if ($TmpUser->meta['InvalidAuthTimeout'] <= time()) {
unset($TmpUser->meta['InvalidAuthTimeout']);
unset($TmpUser->meta['InvalidAuthCounter']);
$TmpUser->commit();
$this->refresh();
} else {
$TmpUser->addNote("Login attempt while InvalidAuthTimeout is in effect");
throw new Exception("You've attempted to log in with the wrong password too many times. We've temporarily disabled your account to protect it against hackers. Please try again soon. <a href='/account/resetpassword'>Can't remember your password?</a>");
}
}
/**
* Verify the password
*/
if (Utility\PasswordUtility::validatePassword($password, $stored_pass, $stored_pass_bcrypt)) {
$this->load($stored_user_id);
/**
* Check if the password needs rehashing
*/
if (password_needs_rehash($stored_pass, PASSWORD_DEFAULT) || password_needs_rehash($stored_pass_bcrypt, PASSWORD_DEFAULT)) {
$this->setPassword($password);
}
/**
* Reset the InvalidAuthCounter
*/
if (isset($this->meta['InvalidAuthCounter'])) {
unset($this->meta['InvalidAuthCounter']);
}
if (isset($this->meta['InvalidAuthTimeout'])) {
unset($this->meta['InvalidAuthTimeout']);
}
$this->commit();
return true;
}
/**
* Unsuccessful login attempt - bump up the invalid auth counter
*/
$TmpUser->meta['InvalidAuthCounter'] = !isset($TmpUser->meta['InvalidAuthCounter']) ? 1 : $TmpUser->meta['InvalidAuthCounter']++;
$TmpUser->addNote(sprintf("Invalid login attempt %d", $TmpUser->meta['InvalidAuthCounter']));
$TmpUser->commit();
$this->refresh();
if ($TmpUser->meta['InvalidAuthCounter'] === 3) {
$TmpUser->meta['InvalidAuthTimeout'] = strtotime("+10 minutes");
$TmpUser->addNote("Too many invalid login attempts - account disabled for ten minutes");
$TmpUser->commit();
$this->refresh();
throw new Exception("You've attempted to log in with the wrong password too many times. As a result, we're disabling this account for the next ten minutes. <a href='/account/resetpassword'>Can't remember your password?</a>");
}
$this->reset();
return false;
}
