friendica-github/src/Model/User.php

104 lines
2.3 KiB
PHP
Raw Normal View History

<?php
2017-11-26 19:25:25 +00:00
/**
* @file src/Model/User.php
* @brief This file includes the User class with user related database functions
*/
2017-11-26 19:25:25 +00:00
namespace Friendica\Model;
use Friendica\Core\System;
use Friendica\Core\Worker;
2017-11-26 19:25:25 +00:00
use Friendica\Database\DBM;
use dba;
require_once 'boot.php';
2017-11-26 19:25:25 +00:00
require_once 'include/plugin.php';
/**
* @brief This class handles User related functions
*/
class User
{
2017-11-26 19:25:25 +00:00
public static function authenticate($user_info, $password)
{
if (is_object($user_info)) {
$user = (array) $user_info;
} elseif (is_int($user_info)) {
$user = dba::select('user',
['uid', 'password'],
[
'uid' => $user_info,
'blocked' => 0,
'account_expired' => 0,
'account_removed' => 0,
'verified' => 1
],
['limit' => 1]
);
} elseif (is_string($user_info)) {
$user = dba::fetch_first('SELECT `uid`, `password`
FROM `user`
WHERE (`email` = ? OR `username` = ? OR `nickname` = ?)
AND `blocked` = 0
AND `account_expired` = 0
AND `account_removed` = 0
AND `verified` = 1
LIMIT 1',
$user_info,
$user_info,
$user_info
);
} else {
$user = $user_info;
}
if (!DBM::isResult($user) || !isset($user['uid']) || !isset($user['password'])) {
return false;
}
$password_hashed = hash('whirlpool', $password);
if ($password_hashed !== $user['password']) {
return false;
}
return $user['uid'];
}
/**
* @param object $uid user to remove
* @return void
*/
public static function remove($uid)
{
if (!$uid) {
return;
}
logger('Removing user: ' . $uid);
$r = dba::select('user', array(), array('uid' => $uid), array("limit" => 1));
call_hooks('remove_user', $r);
// save username (actually the nickname as it is guaranteed
// unique), so it cannot be re-registered in the future.
dba::insert('userd', array('username' => $r['nickname']));
// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
q("UPDATE `user` SET `account_removed` = 1, `account_expires_on` = UTC_TIMESTAMP() WHERE `uid` = %d", intval($uid));
Worker::add(PRIORITY_HIGH, "Notifier", "removeme", $uid);
// Send an update to the directory
Worker::add(PRIORITY_LOW, "Directory", $r['url']);
if ($uid == local_user()) {
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
goaway(System::baseUrl());
}
}
}