ComunicAPI/classes/components/user.php

443 lines
12 KiB
PHP
Raw Normal View History

2017-05-17 12:43:12 +00:00
<?php
/**
* Main user class
*
* @author Pierre HUBER
*/
class User{
2017-06-03 12:53:47 +00:00
/**
* @var String $userTable The name of the user table
*/
private $userTable = "utilisateurs";
2017-06-07 12:53:58 +00:00
/**
* @var String $userLoginAPItable The name of the table that contains logins performed on the API
*/
private $userLoginAPItable = "";
/**
* Public constructor
*/
public function __construct(){
$this->userLoginAPItable = CS::get()->config->get("dbprefix")."API_userLoginToken";
}
2017-05-17 12:43:12 +00:00
/**
* Try to login user with returning a service token
*
2017-12-25 08:11:57 +00:00
* @param string $email The e-mail address of the user
* @param string $password The password of the user
* @param int $serviceID The ID of the service
* @return array Tokens if success, false if fails
2017-05-17 12:43:12 +00:00
*/
2017-12-25 08:11:57 +00:00
public function generateUserLoginTokens(string $email, string $password, int $serviceID) : array{
2017-05-17 12:43:12 +00:00
//Try to find user ID in the database
$conditions = "WHERE mail = ? AND password = ?";
$values = array(
$email,
$this->cryptPassword($password)
);
2017-06-03 12:53:47 +00:00
$userInfos = CS::get()->db->select($this->userTable, $conditions, $values);
2017-05-17 12:43:12 +00:00
//Check if there is anything
if(count($userInfos) == 0)
return array(); //Not any account was found
2017-05-17 12:43:12 +00:00
//Extract first value ID
$userID = $userInfos[0]['ID'];
//Check if any other token already exists
$existingTokens = $this->getUserLoginTokenByIDs($userID, $serviceID, CS::get()->db);
if(is_array($existingTokens)){
//Return result
return $existingTokens;
}
//Generate random tokens
$token1 = random_str(75);
$token2 = random_str(75);
//Insert token in the database
2017-06-07 12:53:58 +00:00
$tableName = $this->userLoginAPItable;
2017-05-17 12:43:12 +00:00
$insertValues = array(
"ID_utilisateurs" => $userID,
2017-06-07 12:53:58 +00:00
"ID_".CS::get()->config->get("dbprefix")."API_ServicesToken" => $serviceID,
2017-05-17 12:43:12 +00:00
"token1" => $token1,
"token2" => $token2
);
if(!CS::get()->db->addLine($tableName, $insertValues))
return array(); //Something went wrong
2017-05-17 12:43:12 +00:00
//We can return tokens
return array($token1, $token2);
}
/**
* Get token with the help of userID and serviceID
*
2017-12-25 08:11:57 +00:00
* @param int $userID The ID of the user
* @param int $serviceID The ID of the service
* @return FALSE if it fails, or tokens if success
2017-05-17 12:43:12 +00:00
*/
2017-12-25 08:11:57 +00:00
private function getUserLoginTokenByIDs(int $userID, int $serviceID) {
2017-05-17 12:43:12 +00:00
//Prepare database request
2017-06-07 12:53:58 +00:00
$conditions = "WHERE ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
2017-05-17 12:43:12 +00:00
$values = array(
$userID,
$serviceID
);
2017-06-07 12:53:58 +00:00
$tokenInfos = CS::get()->db->select($this->userLoginAPItable, $conditions, $values);
2017-05-17 12:43:12 +00:00
if(count($tokenInfos) == 0)
return false; //There is nobody at this address
else {
//Return tokens
$token1 = $tokenInfos[0]['token1'];
$token2 = $tokenInfos[0]['token2'];
return array($token1, $token2);
}
}
/**
* Delete token from given informations
*
2017-12-25 08:11:57 +00:00
* @param int $userID The ID of the user to delete
* @param string $serviceID The service ID
* @return bool False if it fails
2017-05-17 12:43:12 +00:00
*/
2017-12-25 08:11:57 +00:00
public function deleteUserLoginToken(int $userID, string $serviceID) : bool {
2017-05-17 12:43:12 +00:00
//Prepare database request
2017-06-07 12:53:58 +00:00
$condition = "ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
2017-05-17 12:43:12 +00:00
$values = array(
2017-05-24 16:41:24 +00:00
$userID,
2017-05-17 12:43:12 +00:00
$serviceID
);
//Try to perform request
2017-06-07 12:53:58 +00:00
if(!CS::get()->db->deleteEntry($this->userLoginAPItable, $condition, $values))
2017-05-17 12:43:12 +00:00
return false; //Something went wrong during the request
//Everything is ok
return true;
}
/**
2017-05-19 16:07:52 +00:00
* Get User ID from token
2017-05-17 12:43:12 +00:00
*
2017-12-25 08:11:57 +00:00
* @param int $serviceID The ID of the service
* @param array $tokens The user login tokens
* @return int User ID (0 for a failure)
2017-05-17 12:43:12 +00:00
*/
2017-12-25 08:11:57 +00:00
public function getUserIDfromToken(int $serviceID, array $tokens) : int {
2017-05-17 12:43:12 +00:00
//Check token number
if(count($tokens) != 2)
2017-05-19 16:07:52 +00:00
return 0;
2017-05-17 12:43:12 +00:00
//Prepare database request
2017-06-07 12:53:58 +00:00
$tablesName = $this->userLoginAPItable;
$conditions = "WHERE ".$this->userLoginAPItable.".ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ? AND ".$this->userLoginAPItable.".token1 = ? AND ".$this->userLoginAPItable.".token2 = ?";
2017-05-17 12:43:12 +00:00
$conditionsValues = array(
$serviceID,
$tokens[0],
$tokens[1]
);
//Perform request
$userInfos = CS::get()->db->select($tablesName, $conditions, $conditionsValues);
2017-05-19 16:07:52 +00:00
//Check if result is correct or not
if(count($userInfos) == 0)
return 0; //No result
//Return ID
return $userInfos[0]["ID_utilisateurs"];
}
/**
2017-05-28 12:09:20 +00:00
* Get Single User Infos
2017-05-19 16:07:52 +00:00
*
2017-12-25 08:11:57 +00:00
* @param int $userID The user ID
* @param bool $advanced Get advanced informations about user, for its page for example
2017-05-19 16:07:52 +00:00
* @return Array The result of the function (user informations) (empty one if it fails)
*/
2017-12-25 08:11:57 +00:00
public function getUserInfos(int $userID, bool $advanced = false) : array {
2017-05-19 16:07:52 +00:00
//Prepare database request
2017-06-03 12:53:47 +00:00
$tablesName = $this->userTable;
2017-05-19 16:07:52 +00:00
$conditions = "WHERE utilisateurs.ID = ?";
$conditionsValues = array(
$userID*1,
);
//Perform request
$userInfos = CS::get()->db->select($tablesName, $conditions, $conditionsValues);
2017-05-17 12:43:12 +00:00
//Check if result is correct or not
if(count($userInfos) == 0)
return array(); //No result
2017-05-26 07:50:20 +00:00
//Return result
return $this->generateUserInfosArray($userInfos[0], $advanced);
2017-05-26 07:50:20 +00:00
}
2017-05-27 12:09:05 +00:00
/**
* Get Multiple Users Infos
*
* @param Array $usersID The users ID
* @return Array The result of the function (user informations) (empty one if it fails)
*/
public function getMultipleUserInfos(array $usersID) : array {
//Prepare database request
2017-06-03 12:53:47 +00:00
$tablesName = $this->userTable;
2017-05-27 13:11:17 +00:00
$conditions = "WHERE (utilisateurs.ID < 0)";
2017-05-27 12:09:05 +00:00
$conditionsValues = array();
//Process users
foreach($usersID as $i=>$process){
2017-05-27 13:11:17 +00:00
$conditions .= " OR utilisateurs.ID = ?";
2017-12-25 08:11:57 +00:00
$conditionsValues[] = $process*1;
2017-05-27 12:09:05 +00:00
}
//Perform request
$usersInfos = CS::get()->db->select($tablesName, $conditions, $conditionsValues);
//Check if result is correct or not
if(count($usersInfos) == 0)
return array(); //No result
//Process result
2017-05-27 13:11:17 +00:00
foreach($usersInfos as $processUser){
2017-05-27 12:09:05 +00:00
$result[$processUser['ID']] = $this->generateUserInfosArray($processUser);
}
//Return result
return $result;
}
2017-05-26 07:50:20 +00:00
/**
* Generate and return an array containing informations about a user
* given the database entry
*
2017-12-25 08:11:57 +00:00
* @param array $userInfos The user entry in the database
* @param bool $advanced Get advanced informations about user or not (to display its profile for example)
* @return array The informations ready to be returned
2017-05-26 07:50:20 +00:00
*/
2017-12-16 16:55:42 +00:00
private function generateUserInfosArray(array $userInfos, bool $advanced = false) : array{
2017-05-17 12:43:12 +00:00
//Prepare return
$return = array();
2017-05-26 07:50:20 +00:00
$return['userID'] = $userInfos['ID'];
$return['firstName'] = $userInfos['prenom'];
$return['lastName'] = $userInfos['nom'];
2017-12-23 16:51:53 +00:00
$return['publicPage'] = $userInfos['public'] == 1;
$return['openPage'] = $userInfos['pageouverte'] == 1;
2017-05-26 07:50:20 +00:00
$return['virtualDirectory'] = $userInfos['sous_repertoire'];
2017-05-19 16:07:52 +00:00
//Add account image url
$return['accountImage'] = CS::get()->components->accountImage->getPath($return['userID']);
//Check if we have to fetch advanced informations
if($advanced){
2017-12-23 16:51:53 +00:00
//Public friend list
$return['friend_list_public'] = $userInfos['liste_amis_publique'] == 1;
//Personnal website
$return['personnalWebsite'] = $userInfos['site_web'];
//Block comment his his page ?
$return['noCommentOnHisPage'] = $userInfos['bloquecommentaire'] == 1;
//Allow user to post informations on his page
$return['allowPostFromFriendOnHisPage'] = $userInfos['autoriser_post_amis'] == 1;
//Account creation date
$return['account_creation_time'] = strtotime($userInfos['date_creation']);
2017-12-23 16:51:53 +00:00
//Add background image url
$return['backgroundImage'] = CS::get()->components->backgroundImage->getPath($return['userID']);
}
2017-05-17 12:43:12 +00:00
//Return result
return $return;
}
2017-06-03 12:53:47 +00:00
/**
* Update last user activity time on the network
*
2017-12-25 08:11:57 +00:00
* @param int $userID The ID of the user to update
* @return bool True for a success
2017-06-03 12:53:47 +00:00
*/
2017-12-25 08:11:57 +00:00
public function updateLastActivity(int $userID) : bool{
2017-06-03 12:53:47 +00:00
//Perform a request on the database
$tableName = $this->userTable;
$conditions = "ID = ?";
$whereValues = array(userID);
$modifs = array(
"last_activity" => time()
);
if(!CS::get()->db->updateDB($tableName, $conditions, $modifs, $whereValues))
return false;
//Success
return true;
}
/**
* Check if a user exists or not
*
2017-12-25 08:11:57 +00:00
* @param int $userID The ID of the user to check
* @return bool Depends of the existence of the user
*/
public function exists(int $userID) : bool {
//Perform a request on the database
$tableName = $this->userTable;
$condition = "WHERE ID = ?";
$condValues = array($userID);
$requiredFields = array("ID");
//Try to perform request
$result = CS::get()->db->select($tableName, $condition, $condValues, $requiredFields);
//Check for errors
if($result === false)
return false; //An error occured
//Check and return result
return count($result) !== 0;
}
2017-12-10 10:38:23 +00:00
/**
* Find the user specified by a folder name
*
* @param string $folder The folder of the research
* @return int 0 if no user was found or the ID of the user in case of success
*/
public function findByFolder(string $folder) : int {
//Perform a request on the database
$tableName = $this->userTable;
$condition = "WHERE sous_repertoire = ?";
$condValues = array($folder);
$requiredFields = array("ID");
//Try to perform the request
$result = CS::get()->db->select($tableName, $condition, $condValues, $requiredFields);
//Check for errors
if($result === false){
return 0;
}
if(count($result) == 0)
return 0; //There is no result
//Return result
return $result[0]["ID"];
}
2017-12-16 14:09:14 +00:00
/**
* Get a user page visibility level
*
2017-12-25 08:11:57 +00:00
* @param int $id The ID of the user to fetch
* @return int The visibility level of the user page
2017-12-16 14:09:14 +00:00
* - -1 : In case of failure (will make the protection level elevated)
* - 0 : The page is private (for user friends)
* - 1 : The page is public (for signed in users)
* - 2 : The page is open (for everyone)
*/
2017-12-25 08:11:57 +00:00
public function getVisibility(int $userID) : int {
2017-12-16 14:09:14 +00:00
//Perform a request on the database
$tableName = $this->userTable;
$condition = "WHERE ID = ?";
$condValues = array($userID);
$requiredFields = array(
"public",
"pageouverte"
);
//Perform the request
$result = CS::get()->db->select($tableName, $condition, $condValues, $requiredFields);
if($result === false){
return -1;
}
//Check for a result
if(count($result) == 0){
return -1;
}
//Check if the page is public
if($result[0]["public"] == 0)
return 0;
//Check if the page is open or not
if($result[0]["pageouverte"] == 1)
return 3; //Page open
else
return 2; //Public page
}
/**
* Check if a user is allowed to access another user page content
*
2017-12-25 08:11:57 +00:00
* @param int $userID The ID of the user attempting to get user informations (0 = no user)
* @param int $targetUser Target user for the research
* @return bool TRUE if the user is allowed to see the page / FALSE else
*/
public function userAllowed(int $userID, int $targetUser) : bool {
2017-12-19 18:38:05 +00:00
//Check if the requested user is the current user
if($userID == $targetUser)
return true; //A user can access to its own page !
//Get the visibility level of the page
2017-12-25 08:11:57 +00:00
$visibility = $this->getVisibility($targetUser);
//Check for errors
if($visibility == -1)
return FALSE; //An error occured
//Check if the page is public
if($visibility == 3)
return true;
if($userID == 0)
return false;
if($visibility == 2)
return true;
if(CS::get()->components->friends->are_friend($userID, $targetUser))
return true;
else
return false;
}
2017-12-16 14:09:14 +00:00
2017-05-17 12:43:12 +00:00
/**
* Crypt user password
*
2017-12-25 08:11:57 +00:00
* @param string $userPassword The password to crypt
* @return string The encrypted password
2017-05-17 12:43:12 +00:00
*/
2017-12-25 08:11:57 +00:00
public function cryptPassword(string $userPassword) : string {
2017-05-17 12:43:12 +00:00
return crypt(sha1($userPassword), sha1($userPassword));
}
}
//Register class
Components::register("user", new User());