-
Notifications
You must be signed in to change notification settings - Fork 46
/
Copy pathUserManager.php
117 lines (93 loc) · 3.47 KB
/
UserManager.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
<?php
class UserManager {
private static $instance = NULL;
private static $aid = -1;
public static function init($aid, $hash = '') {
if (self::$instance !== NULL)
return;
if (is_int($aid))
self::$aid = $aid;
self::$instance = new CUserManager(self::$aid, $hash);
self::$aid = self::$instance->aid;
if (self::$aid != -1) {
self::updateEntity('lastvisit', time()); // update visiting time
}
}
public static function getInstance() {
if (self::$instance === NULL)
self::init(-1);
return self::$instance;
}
public static function login($username, $password, &$reason) {
if (empty($password)) {
$reason = 'Не указан пароль.';
return false;
}
$reason = 'Неверный логин и/или пароль';
$DB = \DatabaseManager::GetConnection();
$DB->Prepare('SELECT `aid`, `password`, `expired` FROM `{{prefix}}admins` WHERE `user` = :username');
$DB->BindData('username', $username);
$Result = $DB->Finish();
$Data = $Result->Single();
$Result->EndData();
if (!$Data) {
return false;
}
if (empty($Data['password'])) {
$reason = 'У пользователя не задан пароль. Обратитесь к администратору.';
return false;
}
// try use new algo.
if (password_verify($password, $Data['password']))
return self::ContinueLogin($Data, $reason);
// using old algo.
if ($Data['password'] == sha1(sha1('SourceBans' . $password))) {
// rehash user with new algo.
$Data['password'] = password_hash($password, PASSWORD_DEFAULT);
$DB->Prepare('UPDATE `{{prefix}}admins` SET `password` = :password WHERE `aid` = :id');
$DB->BindMultipleData([
'password' => $Data['password'],
'id' => $Data['aid']
]);
$DB->Finish();
// and continue login logic.
return self::ContinueLogin($Data, $reason);
}
return false;
}
public static function forceLoginBySteam($steamId, &$reason) {
if (!is_object($steamId) || get_class($steamId) != 'CSteamId')
throw new \LogicException('Invalid SteamID object passed.');
$DB = \DatabaseManager::GetConnection();
$DB->Prepare('SELECT `aid`, `password`, `expired` FROM `{{prefix}}admins` WHERE `authid` LIKE :auth');
$DB->BindData('auth', '%' . str_replace('STEAM_0:', '', $steamId->v2));
$Result = $DB->Finish();
$UserData = $Result->Single();
$Result->EndData();
if (!$UserData) {
$reason = 'Пользователя с Вашим SteamID не найдено.';
return false;
}
return self::ContinueLogin($UserData, $reason);
}
public static function getMyID() {
return self::$aid;
}
private static function ContinueLogin($UserData, &$reason) {
if ($UserData['expired'] != 0 && $UserData['expired'] < time()) {
$reason = 'Ваши привилегии истекли. Их необходимо продлить для дальнейшего использования.';
return false;
}
$_SESSION['admin_id'] = intval($UserData['aid']);
$_SESSION['admin_hash'] = $UserData['password'];
\session_write_close();
return true;
}
private static function updateEntity($field, $value) {
$DB = \DatabaseManager::GetConnection();
$DB->Prepare("UPDATE `{{prefix}}admins` SET $field = :value WHERE `aid` = :id");
$DB->BindData('id', self::$aid);
$DB->BindData('value', $value);
$DB->Finish();
}
}