/**
* Registers a new account
*
* @param $username
*
* @param $password
*
* @param $email
*
* @return string
*/
public function Register($username, $password, $email)
{
$class = new Register();
/**
* Get result
*/
$result = $class->AttemptRegistration($username, $password, $email);
/**
* Did we error?
*/
if ($result == false) {
/**
* Display a reason why (returns in json)
*/
return ApiReturn::Error(ErrorBuilder::ReturnErrors());
}
/**
* Else, return a positive
*/
return ApiReturn::Success($result);
}
public function Login($username, $password)
{
/**
* Create a new login class
*/
$class = new Login();
/**
* Lets a attempt a login
*/
$result = $class->AttemptLogin($username, $password, true);
/**
* If we failed to login
*/
if ($result == false) {
/**
* Display a reason why (returns in json)
*/
return ApiReturn::Error(ErrorBuilder::ReturnErrors());
}
/**
* Else, return a positive
*/
return ApiReturn::Success($result);
}
/**
* Checks the information
*
* @param $username
*
* @param $password
*
* @return bool
*/
public function CheckInformation($username, $password)
{
/**
* First, lets check if this is a valid username
*/
if ($this->ValidUsername($username) == false) {
/**
* Tell error builder what went wrong
*/
ErrorBuilder::AddError('An Error Occurred with the information you have entered.');
/**
* Return false
*/
return false;
}
/**
* Great, its a valid username, now the fun begins
*/
$user_id = $this->MatchUsername($username)['user_id'];
/**
* If we have our user_id!
*/
if ($user_id != null) {
/**
* Lets get our MD5 password
*/
$md5_password = $this->GetPassword($user_id);
/**
* Lets then compare the passwords, if the passwords match, we can confirm that this user has indeed logged in with the correct information!
*/
if ($this->ComparePasswords($password, $md5_password, $this->GetSalt($user_id))) {
/**
* And thats it, return true yay!
*/
return true;
}
}
/**
* If we got here, we failed, so return false
*/
ErrorBuilder::AddError('Your information is invalid.');
/**
* Return false!
*/
return false;
}
/**
* Attempts a registration
*
* @param $username
*
* @param $password
*
* @param $email
*
* @param bool|true $return_token
*
* @return bool
*/
public function AttemptRegistration($username, $password, $email, $return_token = true)
{
if (SettingsManager::GetSetting('syscrack_allow_registration') == false) {
/**
* Add an error stating registration is disabled.
*/
ErrorBuilder::AddError("Sorry, Registration is disabled!");
/**
* Return false;
*/
return false;
}
/**
* If username is already taken
*/
if ($this->user->GetUserID($username) != null) {
/**
* Return an error is the username is taken
*/
ErrorBuilder::AddError("Sorry, this username is taken.");
/**
* Return false;
*/
return false;
}
/**
* Lets now check all of our data
*/
if (StringChecker::CheckLength(5, $username) == false || StringChecker::CheckLength(5, $password) == false) {
/**
* Throw out an error
*/
ErrorBuilder::AddError("The data you entered is to small.");
/**
* Return false!
*/
return false;
}
/**
* Username has special characters
*/
if (StringChecker::HasSpecialCharacters($username)) {
/**
* The username has special characters!
*/
ErrorBuilder::AddError("Your username has special characters.");
/**
* Return false
*/
return false;
}
/**
* Password to weak
*/
if (StringChecker::GetScore($password) < 5) {
/**
* Password is far to weak!
*/
ErrorBuilder::AddError("Your password is to weak.");
/**
* Return false
*/
return false;
}
/**
* Is this an email?
*/
if (StringChecker::IsEmail($email) == false) {
/**
* Its not an email
*/
ErrorBuilder::AddError("The email you entered is invalid.");
/**
* Return false
*/
return false;
}
/**
* If the email already has an owner.
*/
if ($this->user->EmailOwner($email) != null) {
/**
* This email is already taken!
*/
ErrorBuilder::AddError("This email is already registered to an account, maybe you forgot your password?");
/**
* Return false
*/
return false;
}
/**
* If we have reached this point, everything is valid! Now lets generate a salt
*/
$salt = $this->GenerateSalt();
/**
* Very important not to continue if the salt is null
*/
if ($salt != null) {
/**
* Great, we've now encrypted the password
*/
$encrypted_password = $this->EncryptPassword($password, $salt);
/**
* Another check, lets not continue if this is null!
*/
if ($encrypted_password != null) {
/**
* Lets now insert them into the database
*/
$this->user->Manager()->InsertUser($username, $encrypted_password, $salt, $email, $this->DefaultPermissionGroup());
/**
* But, we are not done yet, this user cannot login until they have verified their email! Lets create a token for them!
*/
if ($this->user->GetUserID($username) != null) {
/**
* Lets get the user id
*/
$user_id = $this->user->GetUserID($username)['user_id'];
/**
* Lets make that request
*/
$result = $this->MakeVerifyRequest($user_id, $email);
/**
* We sent that email successfully
*/
if ($result == true) {
/**
* If we are set to return this access token (normally we are)
*/
if ($return_token) {
/**
* Gets the first row
*/
$row = Result::GetFirst($this->user->Email()->verify->GetVerifyAttempts($user_id));
/**
* Return the token
*/
return $row['token_key'];
}
/**
* Else, return true!
*/
return true;
} else {
/**
* Error this user
*/
ErrorBuilder::AddError("We was unable to send you a verification email, please try again later");
/**
* Delete them from the table (unable to verify)
*/
$this->user->Manager()->TrashUser($user_id);
/**
* Delete that verification attempt
*/
$this->user->Email()->verify->HasDeleteAttempts($user_id);
/**
* Return false
*/
return false;
}
}
}
}
/**
* An error occurred that we could not determine
*/
return false;
}
