[irc/unrealircd/unrealircd-webpanel.git] / plugins / sql_auth / SQL / user.php

<?php

class SQLA_User
{
    public $id = NULL;
    public $username = NULL;
    private $passhash = NULL;
    public $first_name = NULL;
    public $last_name = NULL;
    public $user_meta = [];

    /**
     * Find a user in the database by name or ID
     * @param string $name
     * @param mixed $id
     */
    function __construct(string $name = NULL, $id = NULL)
    {
        $conn = sqlnew();

        if ($id)
        {
            $prep = $conn->prepare("SELECT * FROM " . SQL_PREFIX . "users WHERE user_id = :id LIMIT 1");
            $prep->execute(["id" => strtolower($id)]);
        }
        elseif ($name)
        {
            $prep = $conn->prepare("SELECT * FROM " . SQL_PREFIX . "users WHERE LOWER(user_name) = :name LIMIT 1");
            $prep->execute(["name" => strtolower($name)]);
        }
        $data = NULL;
        if ($prep)
            $data = $prep->fetchAll();
        if ($data = $data[0])
        {
            $this->id = $data['user_id'];
            $this->username = $data['user_name'];
            $this->passhash = $data['user_pass'];
            $this->first_name = $data['user_fname'] ?? NULL;
            $this->last_name = $data['user_lname'] ?? NULL;
            $this->user_meta = (new SQLA_User_Meta($this->id))->list;
        }
    }

    function password_verify(string $input)
    {
        if (password_verify($input, $this->passhash))
            return true;
        return false;
    }
}

class SQLA_User_Meta
{
    public $list = [];
    function __construct($id)
    {
        $conn = sqlnew();
        if ($id)
        {
            $prep = $conn->prepare("SELECT * FROM " . SQL_PREFIX . "user_meta WHERE user_id = :id");
            $prep->execute(["id" => $id]);
        }
        foreach ($prep->fetchAll() as $row)
        {
            $this->list[$row['meta_key']] = $row['meta_value'];
        }
    }
}

/**
 * Array of user
 * 
 * Required:
 * user_name
 * user_pass
 * 
 * Optional:
 * user_fname
 * user_lname
 * 
 * @param array $user
 * @throws Exception
 * @return bool
 */
function create_new_user(array $user) : bool
{
    if (!isset($user['user_name']) || !isset($user['user_pass']))
        throw new Exception("Attempted to add user without specifying user_name or user_pass");

    $username = $user['user_name'];
    $password = password_hash($user['user_pass'], PASSWORD_ARGON2ID);
    $first_name = (isset($user['fname'])) ? $user['fname'] : NULL;
    $last_name = (isset($user['lname'])) ? $user['lname'] : NULL;

    $conn = sqlnew();
    $prep = $conn->prepare("INSERT INTO " . SQL_PREFIX . "users (user_name, user_pass, user_fname, user_lname) VALUES (:name, :pass, :fname, :lname)");
    $prep->execute(["name" => $username, "pass" => $password, "fname" => $first_name, "lname" => $last_name]);
    
    return true;
}

/**
 * Gets the user object for the current session
 * @return SQLA_User|bool
 */
function unreal_get_current_user() : SQLA_User|bool
{
    session_start();
    if (isset($_SESSION['id']))
    {
        $user = new SQLA_User(NULL, $_SESSION['id']);
        if ($user->id)
            return $user;
    }
    return false;
}

/**
 * Checks if a user can do something
 * @param string $permission
 * @return bool
 */
function current_user_can() : bool
{
    
    return false;
}
Commit	Line	Data
961b0aa7 VP	1	<?php
	2
	3	class SQLA_User
	4	{
	5	public $id = NULL;
	6	public $username = NULL;
4225314c	7	private $passhash = NULL;
961b0aa7 VP	8	public $first_name = NULL;
961b0aa7 VP	9	public $last_name = NULL;
4d634d0a	10	public $user_meta = [];
961b0aa7	11
a3151e7c VP	12	/**
	13	* Find a user in the database by name or ID
	14	* @param string $name
	15	* @param mixed $id
	16	*/
4d634d0a	17	function __construct(string $name = NULL, $id = NULL)
961b0aa7 VP	18	{
961b0aa7 VP	19	$conn = sqlnew();
a3151e7c VP	20
	21	if ($id)
	22	{
	23	$prep = $conn->prepare("SELECT * FROM " . SQL_PREFIX . "users WHERE user_id = :id LIMIT 1");
	24	$prep->execute(["id" => strtolower($id)]);
	25	}
	26	elseif ($name)
	27	{
	28	$prep = $conn->prepare("SELECT * FROM " . SQL_PREFIX . "users WHERE LOWER(user_name) = :name LIMIT 1");
	29	$prep->execute(["name" => strtolower($name)]);
	30	}
4d634d0a VP	31	$data = NULL;
	32	if ($prep)
	33	$data = $prep->fetchAll();
961b0aa7 VP	34	if ($data = $data[0])
	35	{
	36	$this->id = $data['user_id'];
	37	$this->username = $data['user_name'];
	38	$this->passhash = $data['user_pass'];
4d634d0a VP	39	$this->first_name = $data['user_fname'] ?? NULL;
	40	$this->last_name = $data['user_lname'] ?? NULL;
	41	$this->user_meta = (new SQLA_User_Meta($this->id))->list;
961b0aa7	42	}
961b0aa7 VP	43	}
961b0aa7 VP	44
a3151e7c VP	45	function password_verify(string $input)
	46	{
	47	if (password_verify($input, $this->passhash))
	48	return true;
	49	return false;
	50	}
4d634d0a	51	}
a3151e7c	52
4d634d0a VP	53	class SQLA_User_Meta
	54	{
	55	public $list = [];
	56	function __construct($id)
	57	{
	58	$conn = sqlnew();
	59	if ($id)
	60	{
	61	$prep = $conn->prepare("SELECT * FROM " . SQL_PREFIX . "user_meta WHERE user_id = :id");
	62	$prep->execute(["id" => $id]);
	63	}
	64	foreach ($prep->fetchAll() as $row)
	65	{
	66	$this->list[$row['meta_key']] = $row['meta_value'];
	67	}
	68	}
a3151e7c VP	69	}
a3151e7c VP	70
4225314c VP	71	/**
	72	* Array of user
	73	*
	74	* Required:
	75	* user_name
	76	* user_pass
	77	*
	78	* Optional:
	79	* user_fname
	80	* user_lname
	81	*
	82	* @param array $user
	83	* @throws Exception
	84	* @return bool
	85	*/
4d634d0a VP	86	function create_new_user(array $user) : bool
	87	{
	88	if (!isset($user['user_name']) \|\| !isset($user['user_pass']))
	89	throw new Exception("Attempted to add user without specifying user_name or user_pass");
	90
	91	$username = $user['user_name'];
	92	$password = password_hash($user['user_pass'], PASSWORD_ARGON2ID);
	93	$first_name = (isset($user['fname'])) ? $user['fname'] : NULL;
	94	$last_name = (isset($user['lname'])) ? $user['lname'] : NULL;
a3151e7c	95
4d634d0a VP	96	$conn = sqlnew();
	97	$prep = $conn->prepare("INSERT INTO " . SQL_PREFIX . "users (user_name, user_pass, user_fname, user_lname) VALUES (:name, :pass, :fname, :lname)");
	98	$prep->execute(["name" => $username, "pass" => $password, "fname" => $first_name, "lname" => $last_name]);
	99
	100	return true;
	101	}
	102
	103	/**
	104	* Gets the user object for the current session
	105	* @return SQLA_User\|bool
	106	*/
	107	function unreal_get_current_user() : SQLA_User\|bool
a3151e7c VP	108	{
	109	session_start();
	110	if (isset($_SESSION['id']))
	111	{
4d634d0a VP	112	$user = new SQLA_User(NULL, $_SESSION['id']);
	113	if ($user->id)
	114	return $user;
a3151e7c VP	115	}
a3151e7c VP	116	return false;
4d634d0a VP	117	}
	118
	119	/**
	120	* Checks if a user can do something
	121	* @param string $permission
	122	* @return bool
	123	*/
	124	function current_user_can() : bool
	125	{
	126
	127	return false;
	128	}
	129