]>
jfr.im git - irc/unrealircd/unrealircd-webpanel.git/blob - plugins/sql_auth/SQL/user.php
5 * This is the User class for the SQL_Auth plugin
10 public $username = NULL;
11 private $passhash = NULL;
12 public $first_name = NULL;
13 public $last_name = NULL;
14 public $created = NULL;
15 public $user_meta = [];
19 * Find a user in the database by name or ID
23 function __construct(string $name = NULL, int $id = NULL)
29 $prep = $conn->prepare("SELECT * FROM " . SQL_PREFIX
. "users WHERE user_id = :id LIMIT 1");
30 $prep->execute(["id" => strtolower($id)]);
34 $prep = $conn->prepare("SELECT * FROM " . SQL_PREFIX
. "users WHERE LOWER(user_name) = :name LIMIT 1");
35 $prep->execute(["name" => strtolower($name)]);
39 $data = $prep->fetchAll();
40 if (isset($data[0]) && $data = $data[0])
42 $this->id
= $data['user_id'];
43 $this->username
= $data['user_name'];
44 $this->passhash
= $data['user_pass'];
45 $this->first_name
= $data['user_fname'] ?? NULL;
46 $this->last_name
= $data['user_lname'] ?? NULL;
47 $this->created
= $data['created'];
48 $this->bio
= $data['user_bio'];
49 $this->user_meta
= (new SQLA_User_Meta($this->id
))->list;
54 * Verify a user's password
55 * @param string $input
58 function password_verify(string $input) : bool
60 if (password_verify($input, $this->passhash
))
68 * @param string $value
71 function add_meta(string $key, string $value)
84 /* check if it exists first, update it if it does */
85 $query = "SELECT * FROM " . SQL_PREFIX
. "user_meta WHERE user_id = :id AND meta_key = :key";
86 $stmt = $conn->prepare($query);
87 $stmt->execute(["id" => $this->id
, "key" => $key]);
88 if ($stmt->rowCount()) // it exists, update instead of insert
90 $query = "UPDATE " . SQL_PREFIX
. "user_meta SET meta_value = :value WHERE user_id = :id AND meta_key = :key";
91 $stmt = $conn->prepare($query);
92 $stmt->execute($meta);
93 if ($stmt->rowCount())
100 $query = "INSERT INTO " . SQL_PREFIX
. "user_meta (user_id, meta_key, meta_value) VALUES (:id, :key, :value)";
101 $stmt = $conn->prepare($query);
102 $stmt->execute($meta);
103 if ($stmt->rowCount())
110 * Delete user meta data by key
114 function delete_meta(string $key)
125 $query = "DELETE FROM " . SQL_PREFIX
. "user_meta WHERE user_id = :id AND meta_key = :key";
126 $stmt = $conn->prepare($query);
127 $stmt->execute($meta);
128 if ($stmt->rowCount())
137 * This class looks up and returns any user meta.
138 * This is used by SQLA_User, so you won't need to
139 * call it separately from SQLA_User.
144 function __construct($id)
149 $prep = $conn->prepare("SELECT * FROM " . SQL_PREFIX
. "user_meta WHERE user_id = :id");
150 $prep->execute(["id" => $id]);
152 foreach ($prep->fetchAll() as $row)
154 $this->list[$row['meta_key']] = $row['meta_value'];
174 function create_new_user(array $user) : bool
176 if (!isset($user['user_name']) || !isset($user['user_pass']))
177 throw new Exception("Attempted to add user without specifying user_name or user_pass");
179 $username = $user['user_name'];
180 $password = password_hash($user['user_pass'], PASSWORD_ARGON2ID
);
181 $first_name = (isset($user['fname'])) ? $user['fname'] : NULL;
182 $last_name = (isset($user['lname'])) ? $user['lname'] : NULL;
183 $user_bio = (isset($user['user_bio'])) ? $user['user_bio'] : NULL;
187 $prep = $conn->prepare("INSERT INTO " . SQL_PREFIX
. "users (user_name, user_pass, user_fname, user_lname, user_bio, created) VALUES (:name, :pass, :fname, :lname, :user_bio, :created)");
188 $prep->execute(["name" => $username, "pass" => $password, "fname" => $first_name, "lname" => $last_name, "user_bio" => $user_bio, "created" => date("Y-m-d H:i:s")]);
194 * Gets the user object for the current session
195 * @return SQLA_User|bool
197 function unreal_get_current_user() : SQLA_User
|bool
200 if (isset($_SESSION['id']))
202 $user = new SQLA_User(NULL, $_SESSION['id']);
210 * Checks if a user can do something
211 * @param string $permission
214 function current_user_can() : bool
221 * Delete a user and related meta
222 * @param int $id The ID of the user in the SQL database.
223 * @param array $info Optional: This will fill with a response.
227 * 1 The user was successfully deleted.
228 * 0 The user was not found
229 * -1 The admin does not have permission to delete users [TODO]
231 function delete_user(int $id, &$info = []) : int
233 $user = new SQLA_User(NULL, $id);
235 $info[] = "Could not find user";
236 var_dump("return 1");
239 $query = "DELETE FROM " . SQL_PREFIX
. "users WHERE user_id = :id";
241 $stmt = $conn->prepare($query);
242 $stmt->execute(["id" => $user->id
]);
243 $deleted = $stmt->rowCount();
246 $info[] = "Successfully deleted user \"$user->username\"";
249 $info[] = "Unknown error";