2017-11-19 21:55:28 +00:00
|
|
|
<?php
|
2017-11-26 19:25:25 +00:00
|
|
|
|
2017-11-19 21:55:28 +00:00
|
|
|
/**
|
|
|
|
* @file src/Model/User.php
|
|
|
|
* @brief This file includes the User class with user related database functions
|
|
|
|
*/
|
2017-11-26 19:25:25 +00:00
|
|
|
|
2017-11-19 21:55:28 +00:00
|
|
|
namespace Friendica\Model;
|
|
|
|
|
|
|
|
use Friendica\Core\System;
|
|
|
|
use Friendica\Core\Worker;
|
2017-11-26 19:25:25 +00:00
|
|
|
use Friendica\Database\DBM;
|
2017-11-19 21:55:28 +00:00
|
|
|
use dba;
|
|
|
|
|
|
|
|
require_once 'boot.php';
|
2017-11-26 19:25:25 +00:00
|
|
|
require_once 'include/plugin.php';
|
2017-11-19 21:55:28 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief This class handles User related functions
|
|
|
|
*/
|
|
|
|
class User
|
|
|
|
{
|
2017-11-26 19:25:25 +00:00
|
|
|
public static function authenticate($user_info, $password)
|
|
|
|
{
|
|
|
|
if (is_object($user_info)) {
|
|
|
|
$user = (array) $user_info;
|
|
|
|
} elseif (is_int($user_info)) {
|
|
|
|
$user = dba::select('user',
|
|
|
|
['uid', 'password'],
|
|
|
|
[
|
|
|
|
'uid' => $user_info,
|
|
|
|
'blocked' => 0,
|
|
|
|
'account_expired' => 0,
|
|
|
|
'account_removed' => 0,
|
|
|
|
'verified' => 1
|
|
|
|
],
|
|
|
|
['limit' => 1]
|
|
|
|
);
|
|
|
|
} elseif (is_string($user_info)) {
|
|
|
|
$user = dba::fetch_first('SELECT `uid`, `password`
|
|
|
|
FROM `user`
|
|
|
|
WHERE (`email` = ? OR `username` = ? OR `nickname` = ?)
|
|
|
|
AND `blocked` = 0
|
|
|
|
AND `account_expired` = 0
|
|
|
|
AND `account_removed` = 0
|
|
|
|
AND `verified` = 1
|
|
|
|
LIMIT 1',
|
|
|
|
$user_info,
|
|
|
|
$user_info,
|
|
|
|
$user_info
|
|
|
|
);
|
|
|
|
} else {
|
|
|
|
$user = $user_info;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!DBM::isResult($user) || !isset($user['uid']) || !isset($user['password'])) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
$password_hashed = hash('whirlpool', $password);
|
|
|
|
|
|
|
|
if ($password_hashed !== $user['password']) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return $user['uid'];
|
|
|
|
}
|
|
|
|
|
2017-11-20 16:14:35 +00:00
|
|
|
/**
|
|
|
|
* @param object $uid user to remove
|
|
|
|
* @return void
|
|
|
|
*/
|
2017-11-19 21:55:28 +00:00
|
|
|
public static function remove($uid)
|
|
|
|
{
|
|
|
|
if (!$uid) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
logger('Removing user: ' . $uid);
|
|
|
|
|
|
|
|
$r = dba::select('user', array(), array('uid' => $uid), array("limit" => 1));
|
|
|
|
|
|
|
|
call_hooks('remove_user', $r);
|
|
|
|
|
|
|
|
// save username (actually the nickname as it is guaranteed
|
|
|
|
// unique), so it cannot be re-registered in the future.
|
|
|
|
|
|
|
|
dba::insert('userd', array('username' => $r['nickname']));
|
|
|
|
|
|
|
|
// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
|
|
|
|
q("UPDATE `user` SET `account_removed` = 1, `account_expires_on` = UTC_TIMESTAMP() WHERE `uid` = %d", intval($uid));
|
|
|
|
Worker::add(PRIORITY_HIGH, "Notifier", "removeme", $uid);
|
|
|
|
|
|
|
|
// Send an update to the directory
|
|
|
|
Worker::add(PRIORITY_LOW, "Directory", $r['url']);
|
|
|
|
|
|
|
|
if ($uid == local_user()) {
|
|
|
|
unset($_SESSION['authenticated']);
|
|
|
|
unset($_SESSION['uid']);
|
|
|
|
goaway(System::baseUrl());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|