leilukin-tumbleblog/includes/model/User.php

285 lines
8.2 KiB
PHP

<?php
/**
* Class: User
* The User model.
*
* See Also:
* <Model>
*/
class User extends Model {
public $belongs_to = "group";
public $has_many = array("posts", "pages");
/**
* Function: __construct
*
* See Also:
* <Model::grab>
*/
public function __construct(
$user_id,
$options = array()
) {
parent::grab($this, $user_id, $options);
if ($this->no_results)
return;
Trigger::current()->filter($this, "user");
}
/**
* Function: find
*
* See Also:
* <Model::search>
*/
public static function find(
$options = array(),
$options_for_object = array()
): array {
fallback($options["order"], "id ASC");
return parent::search(
self::class,
$options,
$options_for_object
);
}
/**
* Function: authenticate
* Checks to see if a given login and password match a user in the database.
*
* Parameters:
* $login - The Login to check.
* $password - The matching Password to check.
*
* Returns:
* @true@ or @false@
*/
static function authenticate(
$login,
$password
): bool {
$check = new self(array("login" => $login));
if ($check->no_results)
return false;
if (self::check_password($password, $check->password))
return true;
return false;
}
/**
* Function: add
* Adds a user to the database.
*
* Parameters:
* $login - The Login for the new user.
* $password - The hashed password for the new user.
* $email - The email for the new user.
* $full_name - The full name of the user (optional).
* $website - The user's website (optional).
* $group_id - The user's <Group> ID (defaults to the default group).
* $joined_at - Join date (defaults to now).
*
* Returns:
* The newly created <User>.
*
* See Also:
* <update>
*/
public static function add(
$login,
$password,
$email,
$full_name = "",
$website = "",
$group_id = null,
$approved = true,
$joined_at = null
): self {
$config = Config::current();
$sql = SQL::current();
$trigger = Trigger::current();
$new_values = array(
"login" => sanitize_db_string($login, 64),
"password" => $password,
"email" => sanitize_db_string($email, 128),
"full_name" => sanitize_db_string($full_name, 250),
"website" => sanitize_db_string($website, 128),
"group_id" => oneof($group_id, $config->default_group),
"approved" => oneof($approved, true),
"joined_at" => oneof($joined_at, datetime())
);
$trigger->filter($new_values, "before_add_user");
$sql->insert(table:"users", data:$new_values);
$user = new self($sql->latest("users"));
$trigger->call("add_user", $user);
return $user;
}
/**
* Function: update
* Updates a user with the given parameters.
*
* Parameters:
* $login - The new Login to set.
* $password - The new hashed password to set.
* $full_name - The new Full Name to set.
* $email - The new email to set.
* $website - The new Website to set.
* $group_id - The new <Group> ID to set.
*
* Returns:
* The updated <User>.
*
* See Also:
* <add>
*/
public function update(
$login = null,
$password = null,
$email = null,
$full_name = null,
$website = null,
$group_id = null,
$approved = null,
$joined_at = null
): self|false {
if ($this->no_results)
return false;
$sql = SQL::current();
$trigger = Trigger::current();
$new_values = array(
"login" => (
isset($login) ?
sanitize_db_string($login, 64) :
$this->login
),
"password" => (
isset($password) ?
$password :
$this->password
),
"email" => (
isset($email) ?
sanitize_db_string($email, 128) :
$this->email
),
"full_name" => (
isset($full_name) ?
sanitize_db_string($full_name, 250) :
$this->full_name
),
"website" => (
isset($website) ?
sanitize_db_string($website, 128) :
$this->website
),
"group_id" => oneof(
$group_id,
$this->group_id
),
"approved" => oneof(
$approved,
$this->approved
),
"joined_at" => oneof(
$joined_at,
$this->joined_at
)
);
$trigger->filter($new_values, "before_update_user");
$sql->update(
table:"users",
conds:array("id" => $this->id),
data:$new_values
);
$user = new self(
null,
array(
"read_from" => array_merge(
$new_values,
array("id" => $this->id)
)
)
);
$trigger->call("update_user", $user, $this);
return $user;
}
/**
* Function: delete
* Deletes a given user.
*
* See Also:
* <Model::destroy>
*/
public static function delete(
$user_id
): void {
parent::destroy(self::class, $user_id);
}
/**
* Function: hash_password
* Creates a hash of a user's password for the database.
*
* Parameters:
* $password - The unhashed password.
*
* Returns:
* The password hashed using the SHA-512 algorithm.
*
* Notes:
* <random> uses a cryptographically secure function.
*/
public static function hash_password(
$password
): string {
$salt = random(16);
$prefix = '$6$rounds=50000$';
$hash = crypt($password, $prefix.$salt);
if (strlen($hash) < 13)
trigger_error(
__("Failed to encrypt password."),
E_USER_WARNING
);
return $hash;
}
/**
* Function: check_password
* Checks a given password against the user's stored hash.
*
* Parameters:
* $password - The unhashed password given during a login attempt.
* $stored - The the user's stored hash value from the database.
*
* Returns:
* @true@ or @false@
*
* Notes:
* Uses <password_verify> to mitigate timing attacks.
*/
public static function check_password(
$password,
$stored
): bool {
return password_verify($password, $stored);
}
}