/** * Removes a user from a group * * @param $user_id * * @param $group_id * * @return null */ public function RemoveUser($user_id, $group_id) { if ($this->GroupExists($group_id)) { $this->users->SetUserGroup($user_id, SettingsManager::GetSetting('syscrack_default_group')); } return null; }
/** * Registered a new database session * * @param $user_id * * @return bool|string */ public function RegisterSession($user_id) { /** * This userID is invalid! */ if ($this->user_extension->GetUser($user_id) == null) { return false; } /** * Does this user already have to many sessions? */ if (count($this->session_extension->GetAllUserSessions($user_id)) >= SettingsManager::GetSetting('syscrack_session_limit')) { /** * If so, we delete the first session we see. */ $result = $this->session_extension->GetFirstSessionID($user_id); /** * If our result is not equal to null */ if ($result != null) { /** * Trash it! */ $this->session_extension->TrashSession($result); } } /** * If all the checks are done, lets create a new session! */ $this->StartSession(); /** * Regenerate that ID! */ $this->RegenerateSessionID(); /** * Lets set our cookies! */ if ($this->GetSessionID() != null) { /** * This sets the user_id of the user stored in their cookies */ $this->SetUserID($user_id); } /** * Now lets add this to the database */ $this->session_extension->InsertSession($user_id, $this->GetSessionID()); /** * Return the session_id! */ return $this->GetSessionID(); }
/** * Gets the connection settings required to start a database connection * * @return array */ public static function GetConnectionSettings() { /** * Lets first decrypt our file settings */ SettingsManager::$database_settings = SettingsManager::DecryptDatabaseSettings(); /** * A payload for the other settings needed to form a connection. */ $payload = ['driver' => 'mysql', 'charset' => 'utf8', 'collation' => 'utf8_unicode_ci', 'prefix' => '']; /** * Merges the two arrays together. */ return array_merge(SettingsManager::$database_settings, $payload); }
/** * Verifies a users email * * @param $user_id * * @param $token * * @return bool */ public function VerifyUser($user_id, $token) { if ($this->user_actions->GetUser($user_id) != null) { if ($this->IsVerified($user_id)) { return false; } /** * Lets get our attempts */ $attempts = $this->GetVerifyAttempts($user_id); /** * No attempts have been made */ if ($attempts == null) { return false; } /** * If it is in this array, lets pull the single result it is found in */ if (in_array($attempts, $token)) { $row = $this->PickRow($attempts, $token); /** * If this token is valid, lets now check its date and see if it matches up */ if ($row['token_date'] < Time::HoursPast($row['token_date'], SettingsManager::GetSetting('syscrack_security_email_verification_time'))) { /** * Great, this token matches the user, its in date, and its valid! Hurray! */ $this->database->RemoveUserTokens($user_id); /** * Then lets return true! */ return true; } } } /** * The user has not verified! */ return false; }
/** * Starts a new connection */ protected function CreateConnection() { /** * Get our connection settings from the setting master */ $settings = SettingsManager::GetConnectionSettings(); /** * If these settings are null */ if ($settings == null) { //TODO: Error builder. return null; } /** * Add a new connection with these settings */ $this->capsule->addConnection($settings); /** * Set this capsule to be global */ $this->capsule->setAsGlobal(); }
/** * Gets the scope of which we search * * @return int */ public function GetHoursScope() { return Time::HoursAhead(SettingsManager::GetSetting('syscrack_security_bruteforce_scope')); }
/** * Checks to see if our email is verified * * @param $user_id * * @return bool */ public function IsEmailVerified($user_id) { /** * We will instantly return true if we are now using verified emails! */ if (SettingsManager::GetSetting('syscrack_security_email_require_verify') == false) { return true; } /** * If not, lets check their email */ if ($this->user->Manager()->GetUser($user_id) != null) { /** * Is our email verified? */ if ($this->user->EmailVerified($user_id)) { return true; } } return false; }
/** * Attempts a registration * * @param $username * * @param $password * * @param $email * * @param bool|true $return_token * * @return bool */ public function AttemptRegistration($username, $password, $email, $return_token = true) { if (SettingsManager::GetSetting('syscrack_allow_registration') == false) { /** * Add an error stating registration is disabled. */ ErrorBuilder::AddError("Sorry, Registration is disabled!"); /** * Return false; */ return false; } /** * If username is already taken */ if ($this->user->GetUserID($username) != null) { /** * Return an error is the username is taken */ ErrorBuilder::AddError("Sorry, this username is taken."); /** * Return false; */ return false; } /** * Lets now check all of our data */ if (StringChecker::CheckLength(5, $username) == false || StringChecker::CheckLength(5, $password) == false) { /** * Throw out an error */ ErrorBuilder::AddError("The data you entered is to small."); /** * Return false! */ return false; } /** * Username has special characters */ if (StringChecker::HasSpecialCharacters($username)) { /** * The username has special characters! */ ErrorBuilder::AddError("Your username has special characters."); /** * Return false */ return false; } /** * Password to weak */ if (StringChecker::GetScore($password) < 5) { /** * Password is far to weak! */ ErrorBuilder::AddError("Your password is to weak."); /** * Return false */ return false; } /** * Is this an email? */ if (StringChecker::IsEmail($email) == false) { /** * Its not an email */ ErrorBuilder::AddError("The email you entered is invalid."); /** * Return false */ return false; } /** * If the email already has an owner. */ if ($this->user->EmailOwner($email) != null) { /** * This email is already taken! */ ErrorBuilder::AddError("This email is already registered to an account, maybe you forgot your password?"); /** * Return false */ return false; } /** * If we have reached this point, everything is valid! Now lets generate a salt */ $salt = $this->GenerateSalt(); /** * Very important not to continue if the salt is null */ if ($salt != null) { /** * Great, we've now encrypted the password */ $encrypted_password = $this->EncryptPassword($password, $salt); /** * Another check, lets not continue if this is null! */ if ($encrypted_password != null) { /** * Lets now insert them into the database */ $this->user->Manager()->InsertUser($username, $encrypted_password, $salt, $email, $this->DefaultPermissionGroup()); /** * But, we are not done yet, this user cannot login until they have verified their email! Lets create a token for them! */ if ($this->user->GetUserID($username) != null) { /** * Lets get the user id */ $user_id = $this->user->GetUserID($username)['user_id']; /** * Lets make that request */ $result = $this->MakeVerifyRequest($user_id, $email); /** * We sent that email successfully */ if ($result == true) { /** * If we are set to return this access token (normally we are) */ if ($return_token) { /** * Gets the first row */ $row = Result::GetFirst($this->user->Email()->verify->GetVerifyAttempts($user_id)); /** * Return the token */ return $row['token_key']; } /** * Else, return true! */ return true; } else { /** * Error this user */ ErrorBuilder::AddError("We was unable to send you a verification email, please try again later"); /** * Delete them from the table (unable to verify) */ $this->user->Manager()->TrashUser($user_id); /** * Delete that verification attempt */ $this->user->Email()->verify->HasDeleteAttempts($user_id); /** * Return false */ return false; } } } } /** * An error occurred that we could not determine */ return false; }
/** * Sets the name */ private function SetName() { session_name(SettingsManager::GetSetting('syscrack_session_name')); }
/** * Outputs a full list of mail settings, ready to be sent. * * @param $recipient * * @param $subject * * @param $body * * @return array */ public function EasySettings($recipient, $subject, $body) { return ["Host" => SettingsManager::GetSetting('syscrack_mailer_host'), "SMTPAuth" => SettingsManager::GetSetting('syscrack_mailer_auth'), "SMTPSecure" => SettingsManager::GetSetting('syscrack_mailer_security'), "Post" => SettingsManager::GetSetting('syscrack_mailer_port'), "isHTML" => SettingsManager::GetSetting('syscrack_mailer_html'), "addAddress" => $recipient, "Subject" => $subject, 'Body' => $body]; }