userLoginAPItable = CS::get()->config->get("dbprefix")."API_userLoginToken"; } /** * Try to login user with returning a service token * * @param string $email The e-mail address of the user * @param string $password The password of the user * @param int $serviceID The ID of the service * @return array Tokens if success, false if fails */ public function generateUserLoginTokens(string $email, string $password, int $serviceID) : array{ //Try to find user ID in the database $conditions = "WHERE mail = ? AND password = ?"; $values = array( $email, $this->cryptPassword($password) ); $userInfos = CS::get()->db->select(self::USER_TABLE, $conditions, $values); //Check if there is anything if(count($userInfos) == 0) return array(); //Not any account was found //Extract first value ID $userID = $userInfos[0]['ID']; //Check if any other token already exists $existingTokens = $this->getUserLoginTokenByIDs($userID, $serviceID, CS::get()->db); if(is_array($existingTokens)){ //Return result return $existingTokens; } //Generate random tokens $token1 = random_str(75); $token2 = random_str(75); //Insert token in the database $tableName = $this->userLoginAPItable; $insertValues = array( "ID_utilisateurs" => $userID, "ID_".CS::get()->config->get("dbprefix")."API_ServicesToken" => $serviceID, "token1" => $token1, "token2" => $token2 ); if(!CS::get()->db->addLine($tableName, $insertValues)) return array(); //Something went wrong //We can return tokens return array($token1, $token2); } /** * Get token with the help of userID and serviceID * * @param int $userID The ID of the user * @param int $serviceID The ID of the service * @return FALSE if it fails, or tokens if success */ private function getUserLoginTokenByIDs(int $userID, int $serviceID) { //Prepare database request $conditions = "WHERE ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?"; $values = array( $userID, $serviceID ); $tokenInfos = CS::get()->db->select($this->userLoginAPItable, $conditions, $values); if(count($tokenInfos) == 0) return false; //There is nobody at this address else { //Return tokens $token1 = $tokenInfos[0]['token1']; $token2 = $tokenInfos[0]['token2']; return array($token1, $token2); } } /** * Delete token from given informations * * @param int $userID The ID of the user to delete * @param string $serviceID The service ID * @return bool False if it fails */ public function deleteUserLoginToken(int $userID, string $serviceID) : bool { //Prepare database request $condition = "ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?"; $values = array( $userID, $serviceID ); //Try to perform request if(!CS::get()->db->deleteEntry($this->userLoginAPItable, $condition, $values)) return false; //Something went wrong during the request //Everything is ok return true; } /** * Get User ID from token * * @param int $serviceID The ID of the service * @param array $tokens The user login tokens * @return int User ID (0 for a failure) */ public function getUserIDfromToken(int $serviceID, array $tokens) : int { //Check token number if(count($tokens) != 2) return 0; //Prepare database request $tablesName = $this->userLoginAPItable; $conditions = "WHERE ".$this->userLoginAPItable.".ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ? AND ".$this->userLoginAPItable.".token1 = ? AND ".$this->userLoginAPItable.".token2 = ?"; $conditionsValues = array( $serviceID, $tokens[0], $tokens[1] ); //Perform request $userInfos = CS::get()->db->select($tablesName, $conditions, $conditionsValues); //Check if result is correct or not if(count($userInfos) == 0) return 0; //No result //Return ID return $userInfos[0]["ID_utilisateurs"]; } /** * Check whether an email address is linked to an account or not * * @return bool TRUE if the email is linked to an account / FALSE else */ public function exists_email(string $email) : bool { //Perform an API request $tableName = self::USER_TABLE; $conditions = "WHERE mail = ?"; $values = array($email); //Return result return CS::get()->db->count($tableName, $conditions, $values) > 0; } /** * Intend to create an account * * @param NewAccount $account The new account to create * @return bool TRUE in case of success / FALSE else */ public function create(NewAccount $newAccount) : bool { //Crypt password $password = $this->cryptPassword($newAccount->password); //Set the values $values = array( "nom" => $newAccount->lastName, "prenom" => $newAccount->firstName, "date_creation" => mysql_date(), "mail" => $newAccount->email, "password" => $password ); //Try to insert the user in the database return CS::get()->db->addLine(self::USER_TABLE, $values); } /** * Check if a password is valid for a user * * @param int $userID Target user ID : The ID of the user to check * @param string $password The password to check * @return bool TRUE if the password is valid / FALSE else */ public function checkUserPassword(int $userID, string $password){ //Crypt password $password = $this->cryptPassword($password); //Prepare request over the database $conditions = array( "ID" => $userID, "password" => $password ); $data = CS::get()->db->splitConditionsArray($conditions); $sql_conds = "WHERE ".$data[0]; $values = $data[1]; //Perform request and return result return CS::get()->db->count(self::USER_TABLE, $sql_conds, $values) > 0; } /** * Update user password * * @param int $userID Target user ID * @param string $password The new password to set to the user * @return bool TRUE in case of success / FALSE else */ public function set_new_user_password(int $userID, string $password) : bool { //Crypt the password $password = $this->cryptPassword($password); //Prepare database update $modif = array("password" => $password); //Perform the request return CS::get()->db->updateDB(self::USER_TABLE, "ID = ?", $modif, array($userID)); } /** * Crypt user password * * @param string $userPassword The password to crypt * @return string The encrypted password */ public function cryptPassword(string $userPassword) : string { return crypt(sha1($userPassword), sha1($userPassword)); } /** * Delete user account * * @param int $userID The ID of the account to delete * @return bool TRUE for a success / FALSE else */ public function delete(int $userID) : bool { //Delete user comments if(!components()->comments->deleteAllUser($userID)) return false; //Delete user posts if(!components()->posts->deleteAllUser($userID)) return false; //Delete user participation in surveys if(!components()->survey->cancel_all_user_responses($userID)) return false; //Delete all the likes created by the user if(!components()->likes->delete_all_user($userID)) return false; //Delete user movies //Delete conversation messages //Remove users from all its conversations //Delete all the notifications related with the user //Delete all user friends, including friendship requests //Delete user account image //Delete connections to all the services //Delete user from the database } } //Register class Components::register("account", new AccountComponent());