2017-05-17 12:43:12 +00:00
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
* Main user class
|
|
|
|
|
*
|
|
|
|
|
* @author Pierre HUBER
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
class User{
|
2017-06-03 12:53:47 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @var String $userTable The name of the user table
|
|
|
|
|
*/
|
|
|
|
|
private $userTable = "utilisateurs";
|
|
|
|
|
|
2017-06-07 12:53:58 +00:00
|
|
|
/**
|
|
|
|
|
* @var String $userLoginAPItable The name of the table that contains logins performed on the API
|
|
|
|
|
*/
|
|
|
|
|
private $userLoginAPItable = "";
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Public constructor
|
|
|
|
|
*/
|
|
|
|
|
public function __construct(){
|
|
|
|
|
$this->userLoginAPItable = CS::get()->config->get("dbprefix")."API_userLoginToken";
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-17 12:43:12 +00:00
|
|
|
/**
|
|
|
|
|
* Try to login user with returning a service token
|
|
|
|
|
*
|
|
|
|
|
* @param String $email The e-mail address of the user
|
|
|
|
|
* @param String $password The password of the user
|
|
|
|
|
* @param String $serviceID The ID of the service
|
|
|
|
|
* @return String Token if success, false if fails
|
|
|
|
|
*/
|
2017-06-19 12:53:30 +00:00
|
|
|
public function generateUserLoginTokens($email, $password, $serviceID) : array{
|
2017-05-17 12:43:12 +00:00
|
|
|
//Try to find user ID in the database
|
|
|
|
|
$conditions = "WHERE mail = ? AND password = ?";
|
|
|
|
|
$values = array(
|
|
|
|
|
$email,
|
|
|
|
|
$this->cryptPassword($password)
|
|
|
|
|
);
|
2017-06-03 12:53:47 +00:00
|
|
|
$userInfos = CS::get()->db->select($this->userTable, $conditions, $values);
|
2017-05-17 12:43:12 +00:00
|
|
|
|
|
|
|
|
//Check if there is anything
|
|
|
|
|
if(count($userInfos) == 0)
|
2017-10-31 13:25:33 +00:00
|
|
|
return array(); //Not any account was found
|
2017-05-17 12:43:12 +00:00
|
|
|
|
|
|
|
|
//Extract first value ID
|
|
|
|
|
$userID = $userInfos[0]['ID'];
|
|
|
|
|
|
|
|
|
|
//Check if any other token already exists
|
|
|
|
|
$existingTokens = $this->getUserLoginTokenByIDs($userID, $serviceID, CS::get()->db);
|
|
|
|
|
|
|
|
|
|
if(is_array($existingTokens)){
|
|
|
|
|
//Return result
|
|
|
|
|
return $existingTokens;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Generate random tokens
|
|
|
|
|
$token1 = random_str(75);
|
|
|
|
|
$token2 = random_str(75);
|
|
|
|
|
|
|
|
|
|
//Insert token in the database
|
2017-06-07 12:53:58 +00:00
|
|
|
$tableName = $this->userLoginAPItable;
|
2017-05-17 12:43:12 +00:00
|
|
|
$insertValues = array(
|
|
|
|
|
"ID_utilisateurs" => $userID,
|
2017-06-07 12:53:58 +00:00
|
|
|
"ID_".CS::get()->config->get("dbprefix")."API_ServicesToken" => $serviceID,
|
2017-05-17 12:43:12 +00:00
|
|
|
"token1" => $token1,
|
|
|
|
|
"token2" => $token2
|
|
|
|
|
);
|
|
|
|
|
if(!CS::get()->db->addLine($tableName, $insertValues))
|
2017-10-31 13:25:33 +00:00
|
|
|
return array(); //Something went wrong
|
2017-05-17 12:43:12 +00:00
|
|
|
|
|
|
|
|
//We can return tokens
|
|
|
|
|
return array($token1, $token2);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get token with the help of userID and serviceID
|
|
|
|
|
*
|
|
|
|
|
* @param Integer $userID The ID of the user
|
|
|
|
|
* @param Integer $serviceID The ID of the service
|
|
|
|
|
* @return False if it fails, or tokens if success
|
|
|
|
|
*/
|
2017-12-20 17:29:15 +00:00
|
|
|
private function getUserLoginTokenByIDs($userID, $serviceID){
|
2017-05-17 12:43:12 +00:00
|
|
|
//Prepare database request
|
2017-06-07 12:53:58 +00:00
|
|
|
$conditions = "WHERE ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
|
2017-05-17 12:43:12 +00:00
|
|
|
$values = array(
|
|
|
|
|
$userID,
|
|
|
|
|
$serviceID
|
|
|
|
|
);
|
2017-06-07 12:53:58 +00:00
|
|
|
$tokenInfos = CS::get()->db->select($this->userLoginAPItable, $conditions, $values);
|
2017-05-17 12:43:12 +00:00
|
|
|
|
|
|
|
|
if(count($tokenInfos) == 0)
|
|
|
|
|
return false; //There is nobody at this address
|
|
|
|
|
else {
|
|
|
|
|
//Return tokens
|
|
|
|
|
$token1 = $tokenInfos[0]['token1'];
|
|
|
|
|
$token2 = $tokenInfos[0]['token2'];
|
|
|
|
|
return array($token1, $token2);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Delete token from given informations
|
|
|
|
|
*
|
2017-05-24 16:41:24 +00:00
|
|
|
* @param Integer $userID The ID of the user to delete
|
2017-05-17 12:43:12 +00:00
|
|
|
* @param String $serviceID The service ID
|
|
|
|
|
* @return Boolean False if it fails
|
|
|
|
|
*/
|
2017-05-24 16:41:24 +00:00
|
|
|
public function deleteUserLoginToken($userID, $serviceID){
|
2017-05-17 12:43:12 +00:00
|
|
|
|
|
|
|
|
//Prepare database request
|
2017-06-07 12:53:58 +00:00
|
|
|
$condition = "ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
|
2017-05-17 12:43:12 +00:00
|
|
|
$values = array(
|
2017-05-24 16:41:24 +00:00
|
|
|
$userID,
|
2017-05-17 12:43:12 +00:00
|
|
|
$serviceID
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
//Try to perform request
|
2017-06-07 12:53:58 +00:00
|
|
|
if(!CS::get()->db->deleteEntry($this->userLoginAPItable, $condition, $values))
|
2017-05-17 12:43:12 +00:00
|
|
|
return false; //Something went wrong during the request
|
|
|
|
|
|
|
|
|
|
//Everything is ok
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2017-05-19 16:07:52 +00:00
|
|
|
* Get User ID from token
|
2017-05-17 12:43:12 +00:00
|
|
|
*
|
|
|
|
|
* @param Array $tokens The user login tokens
|
|
|
|
|
* @param String $serviceID The ID of the service
|
2017-05-19 16:07:52 +00:00
|
|
|
* @return Integer User ID (0 for a failure)
|
2017-05-17 12:43:12 +00:00
|
|
|
*/
|
2017-05-19 16:07:52 +00:00
|
|
|
public function getUserIDfromToken($serviceID, array $tokens){
|
2017-05-17 12:43:12 +00:00
|
|
|
//Check token number
|
|
|
|
|
if(count($tokens) != 2)
|
2017-05-19 16:07:52 +00:00
|
|
|
return 0;
|
|
|
|
|
|
2017-05-17 12:43:12 +00:00
|
|
|
//Prepare database request
|
2017-06-07 12:53:58 +00:00
|
|
|
$tablesName = $this->userLoginAPItable;
|
|
|
|
|
$conditions = "WHERE ".$this->userLoginAPItable.".ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ? AND ".$this->userLoginAPItable.".token1 = ? AND ".$this->userLoginAPItable.".token2 = ?";
|
2017-05-17 12:43:12 +00:00
|
|
|
$conditionsValues = array(
|
|
|
|
|
$serviceID,
|
|
|
|
|
$tokens[0],
|
|
|
|
|
$tokens[1]
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
//Perform request
|
|
|
|
|
$userInfos = CS::get()->db->select($tablesName, $conditions, $conditionsValues);
|
|
|
|
|
|
2017-05-19 16:07:52 +00:00
|
|
|
//Check if result is correct or not
|
|
|
|
|
if(count($userInfos) == 0)
|
|
|
|
|
return 0; //No result
|
|
|
|
|
|
|
|
|
|
//Return ID
|
|
|
|
|
return $userInfos[0]["ID_utilisateurs"];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2017-05-28 12:09:20 +00:00
|
|
|
* Get Single User Infos
|
2017-05-19 16:07:52 +00:00
|
|
|
*
|
|
|
|
|
* @param Integer $userID The user ID
|
2017-12-16 15:26:42 +00:00
|
|
|
* @param $advanced Get advanced informations about user, for its page for example
|
2017-05-19 16:07:52 +00:00
|
|
|
* @return Array The result of the function (user informations) (empty one if it fails)
|
|
|
|
|
*/
|
2017-12-16 15:26:42 +00:00
|
|
|
public function getUserInfos($userID, bool $advanced = false) : array {
|
2017-05-19 16:07:52 +00:00
|
|
|
//Prepare database request
|
2017-06-03 12:53:47 +00:00
|
|
|
$tablesName = $this->userTable;
|
2017-05-19 16:07:52 +00:00
|
|
|
$conditions = "WHERE utilisateurs.ID = ?";
|
|
|
|
|
$conditionsValues = array(
|
|
|
|
|
$userID*1,
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
//Perform request
|
|
|
|
|
$userInfos = CS::get()->db->select($tablesName, $conditions, $conditionsValues);
|
|
|
|
|
|
2017-05-17 12:43:12 +00:00
|
|
|
//Check if result is correct or not
|
|
|
|
|
if(count($userInfos) == 0)
|
|
|
|
|
return array(); //No result
|
|
|
|
|
|
2017-05-26 07:50:20 +00:00
|
|
|
//Return result
|
2017-12-16 15:26:42 +00:00
|
|
|
return $this->generateUserInfosArray($userInfos[0], $advanced);
|
2017-05-26 07:50:20 +00:00
|
|
|
}
|
|
|
|
|
|
2017-05-27 12:09:05 +00:00
|
|
|
/**
|
|
|
|
|
* Get Multiple Users Infos
|
|
|
|
|
*
|
|
|
|
|
* @param Array $usersID The users ID
|
|
|
|
|
* @return Array The result of the function (user informations) (empty one if it fails)
|
|
|
|
|
*/
|
|
|
|
|
public function getMultipleUserInfos(array $usersID) : array {
|
|
|
|
|
//Prepare database request
|
2017-06-03 12:53:47 +00:00
|
|
|
$tablesName = $this->userTable;
|
2017-05-27 13:11:17 +00:00
|
|
|
$conditions = "WHERE (utilisateurs.ID < 0)";
|
2017-05-27 12:09:05 +00:00
|
|
|
$conditionsValues = array();
|
|
|
|
|
|
|
|
|
|
//Process users
|
|
|
|
|
foreach($usersID as $i=>$process){
|
2017-05-27 13:11:17 +00:00
|
|
|
$conditions .= " OR utilisateurs.ID = ?";
|
2017-05-27 12:09:05 +00:00
|
|
|
$conditionsValues[] = $process;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Perform request
|
|
|
|
|
$usersInfos = CS::get()->db->select($tablesName, $conditions, $conditionsValues);
|
|
|
|
|
|
|
|
|
|
//Check if result is correct or not
|
|
|
|
|
if(count($usersInfos) == 0)
|
|
|
|
|
return array(); //No result
|
|
|
|
|
|
|
|
|
|
//Process result
|
2017-05-27 13:11:17 +00:00
|
|
|
foreach($usersInfos as $processUser){
|
2017-05-27 12:09:05 +00:00
|
|
|
$result[$processUser['ID']] = $this->generateUserInfosArray($processUser);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Return result
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-26 07:50:20 +00:00
|
|
|
/**
|
|
|
|
|
* Generate and return an array containing informations about a user
|
|
|
|
|
* given the database entry
|
|
|
|
|
*
|
|
|
|
|
* @param Array $userInfos The user entry in the database
|
2017-12-16 15:26:42 +00:00
|
|
|
* @param $advanced Get advanced informations about user or not (to display its profile for example)
|
2017-05-26 07:50:20 +00:00
|
|
|
* @return Array The informations ready to be returned
|
|
|
|
|
*/
|
2017-12-16 16:55:42 +00:00
|
|
|
private function generateUserInfosArray(array $userInfos, bool $advanced = false) : array{
|
2017-05-17 12:43:12 +00:00
|
|
|
//Prepare return
|
|
|
|
|
$return = array();
|
2017-05-26 07:50:20 +00:00
|
|
|
$return['userID'] = $userInfos['ID'];
|
|
|
|
|
$return['firstName'] = $userInfos['prenom'];
|
|
|
|
|
$return['lastName'] = $userInfos['nom'];
|
|
|
|
|
$return['accountCreationDate'] = $userInfos['date_creation'];
|
|
|
|
|
$return['publicPage'] = $userInfos['public'];
|
|
|
|
|
$return['openPage'] = $userInfos['pageouverte'];
|
|
|
|
|
$return['allowPostFromFriendOnHisPage'] = $userInfos['autoriser_post_amis'];
|
|
|
|
|
$return['noCommentOnHisPage'] = $userInfos['bloquecommentaire'];
|
|
|
|
|
$return['virtualDirectory'] = $userInfos['sous_repertoire'];
|
|
|
|
|
$return['personnalWebsite'] = $userInfos['site_web'];
|
|
|
|
|
$return['isPublicFriendList'] = $userInfos['liste_amis_publique'];
|
2017-05-19 16:07:52 +00:00
|
|
|
|
2017-05-25 13:16:34 +00:00
|
|
|
//Add account image url
|
2017-05-26 07:50:20 +00:00
|
|
|
$return['accountImage'] = CS::get()->components->accountImage->getPath($return['userID']);
|
2017-05-25 13:16:34 +00:00
|
|
|
|
2017-12-16 15:26:42 +00:00
|
|
|
//Check if we have to fetch advanced informations
|
|
|
|
|
if($advanced){
|
|
|
|
|
|
|
|
|
|
//Add background image url
|
|
|
|
|
$return['backgroundImage'] = CS::get()->components->backgroundImage->getPath($return['userID']);
|
|
|
|
|
|
|
|
|
|
}
|
2017-05-17 12:43:12 +00:00
|
|
|
|
|
|
|
|
//Return result
|
|
|
|
|
return $return;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-03 12:53:47 +00:00
|
|
|
/**
|
|
|
|
|
* Update last user activity time on the network
|
|
|
|
|
*
|
|
|
|
|
* @param Integer $userID The ID of the user to update
|
|
|
|
|
* @return Boolean True for a success
|
|
|
|
|
*/
|
|
|
|
|
public function updateLastActivity($userID){
|
|
|
|
|
|
|
|
|
|
//Perform a request on the database
|
|
|
|
|
$tableName = $this->userTable;
|
|
|
|
|
$conditions = "ID = ?";
|
|
|
|
|
$whereValues = array(userID);
|
|
|
|
|
$modifs = array(
|
|
|
|
|
"last_activity" => time()
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if(!CS::get()->db->updateDB($tableName, $conditions, $modifs, $whereValues))
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
//Success
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-19 12:53:30 +00:00
|
|
|
/**
|
|
|
|
|
* Check if a user exists or not
|
|
|
|
|
*
|
|
|
|
|
* @param Integer $userID The ID of the user to check
|
|
|
|
|
* @return Boolean Depends of the existence of the user
|
|
|
|
|
*/
|
|
|
|
|
public function exists($userID){
|
|
|
|
|
//Perform a request on the database
|
|
|
|
|
$tableName = $this->userTable;
|
|
|
|
|
$condition = "WHERE ID = ?";
|
|
|
|
|
$condValues = array($userID);
|
|
|
|
|
$requiredFields = array("ID");
|
|
|
|
|
|
|
|
|
|
//Try to perform request
|
|
|
|
|
$result = CS::get()->db->select($tableName, $condition, $condValues, $requiredFields);
|
|
|
|
|
|
|
|
|
|
//Check for errors
|
|
|
|
|
if($result === false)
|
|
|
|
|
return false; //An error occured
|
|
|
|
|
|
|
|
|
|
//Check and return result
|
|
|
|
|
return count($result) !== 0;
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-10 10:38:23 +00:00
|
|
|
/**
|
|
|
|
|
* Find the user specified by a folder name
|
|
|
|
|
*
|
|
|
|
|
* @param string $folder The folder of the research
|
|
|
|
|
* @return int 0 if no user was found or the ID of the user in case of success
|
|
|
|
|
*/
|
|
|
|
|
public function findByFolder(string $folder) : int {
|
|
|
|
|
|
|
|
|
|
//Perform a request on the database
|
|
|
|
|
$tableName = $this->userTable;
|
|
|
|
|
$condition = "WHERE sous_repertoire = ?";
|
|
|
|
|
$condValues = array($folder);
|
|
|
|
|
$requiredFields = array("ID");
|
|
|
|
|
|
|
|
|
|
//Try to perform the request
|
|
|
|
|
$result = CS::get()->db->select($tableName, $condition, $condValues, $requiredFields);
|
|
|
|
|
|
|
|
|
|
//Check for errors
|
|
|
|
|
if($result === false){
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(count($result) == 0)
|
|
|
|
|
return 0; //There is no result
|
|
|
|
|
|
|
|
|
|
//Return result
|
|
|
|
|
return $result[0]["ID"];
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-16 14:09:14 +00:00
|
|
|
/**
|
|
|
|
|
* Get a user page visibility level
|
|
|
|
|
*
|
|
|
|
|
* @param $id The ID of the user to fetch
|
|
|
|
|
* @return The visibility level of the user page
|
|
|
|
|
* - -1 : In case of failure (will make the protection level elevated)
|
|
|
|
|
* - 0 : The page is private (for user friends)
|
|
|
|
|
* - 1 : The page is public (for signed in users)
|
|
|
|
|
* - 2 : The page is open (for everyone)
|
|
|
|
|
*/
|
2017-12-16 14:30:04 +00:00
|
|
|
public function getVisibilty(int $userID) : int {
|
2017-12-16 14:09:14 +00:00
|
|
|
|
|
|
|
|
//Perform a request on the database
|
|
|
|
|
$tableName = $this->userTable;
|
|
|
|
|
$condition = "WHERE ID = ?";
|
|
|
|
|
$condValues = array($userID);
|
|
|
|
|
|
|
|
|
|
$requiredFields = array(
|
|
|
|
|
"public",
|
|
|
|
|
"pageouverte"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
//Perform the request
|
|
|
|
|
$result = CS::get()->db->select($tableName, $condition, $condValues, $requiredFields);
|
|
|
|
|
|
|
|
|
|
if($result === false){
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Check for a result
|
|
|
|
|
if(count($result) == 0){
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Check if the page is public
|
|
|
|
|
if($result[0]["public"] == 0)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
//Check if the page is open or not
|
|
|
|
|
if($result[0]["pageouverte"] == 1)
|
|
|
|
|
return 3; //Page open
|
|
|
|
|
else
|
|
|
|
|
return 2; //Public page
|
|
|
|
|
|
|
|
|
|
}
|
2017-12-16 14:30:04 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check if a user is allowed to access another user page content
|
|
|
|
|
*
|
|
|
|
|
* @param $userID The ID of the user attempting to get user informations (0 = no user)
|
|
|
|
|
* @param $targetUser Target user for the research
|
|
|
|
|
* @return TRUE if the user is allowed to see the page / FALSE else
|
|
|
|
|
*/
|
|
|
|
|
public function userAllowed(int $userID, int $targetUser) : bool {
|
|
|
|
|
|
2017-12-19 18:38:05 +00:00
|
|
|
//Check if the requested user is the current user
|
|
|
|
|
if($userID == $targetUser)
|
|
|
|
|
return true; //A user can access to its own page !
|
|
|
|
|
|
2017-12-16 14:30:04 +00:00
|
|
|
//Get the visibility level of the page
|
|
|
|
|
$visibility = $this->getVisibilty($targetUser);
|
|
|
|
|
|
|
|
|
|
//Check if the page is public
|
|
|
|
|
if($visibility == 3)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
if($userID == 0)
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
if($visibility == 2)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
if(CS::get()->components->friends->are_friend($userID, $targetUser))
|
|
|
|
|
return true;
|
|
|
|
|
else
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
}
|
2017-12-16 14:09:14 +00:00
|
|
|
|
|
|
|
|
|
2017-05-17 12:43:12 +00:00
|
|
|
/**
|
|
|
|
|
* Crypt user password
|
|
|
|
|
*
|
|
|
|
|
* @param String $userPassword The password to crypt
|
|
|
|
|
* @return String The encrypted password
|
|
|
|
|
*/
|
|
|
|
|
public function cryptPassword($userPassword){
|
|
|
|
|
return crypt(sha1($userPassword), sha1($userPassword));
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-03 12:24:45 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Register class
|
|
|
|
|
Components::register("user", new User());
|
