From ece63ed1cf5210fdc1ef79d07bfcfdb0f18736ee Mon Sep 17 00:00:00 2001
From: Astrologies <superativeroblox@gmail.com>
Date: Sat, 18 Dec 2021 23:57:33 -0500
Subject: [PATCH] User dep impl

---
 globals/Dependencies/Users/User.php     | 174 ++++++++++++------------
 globals/Dependencies/Users/UserRank.php |  60 --------
 globals/config.php                      |   6 +-
 globals/functions.php                   |   2 +-
 globals/userauth.php                    | 121 ----------------
 5 files changed, 93 insertions(+), 270 deletions(-)
 delete mode 100644 globals/Dependencies/Users/UserRank.php
 delete mode 100644 globals/userauth.php

diff --git a/globals/Dependencies/Users/User.php b/globals/Dependencies/Users/User.php
index e4f940e..c716858 100644
--- a/globals/Dependencies/Users/User.php
+++ b/globals/Dependencies/Users/User.php
@@ -1,59 +1,72 @@
 <?php
 
-namespace Alphaland\Users {
+/*
+	Alphaland 2021
+	User class
+*/
 
+namespace Alphaland\Users
+{
     use Alphaland\Moderation\UserModerationManager;
+    use Alphaland\Users\Activation;
     use Alphaland\Web\WebContextManager;
     use PDO;
 
-    class User
+    class user 
     {
-        public int $ID = -1;
-        public string $Name;
-        public UserRank $Rank = UserRank::Visitor;
-        public int $Currency = 0;
-        public int $SessionCookieID = 0;
-        public bool $IsLoggedIn = false;
+        public $id = -1;
+        public $name = "";
+        public $rank = -1; // -1 = visitor, 0 = member, 1 = mod, 2 = admin, 3 = owner
+        public $currency = -1;
+        public $sessionCookieID = 0;
+        public $logged_in = false;
+        public $twoFactorUnlocked = false;
 
-        function __construct()
-        {
-            // TODO: Potential shared constant for the cookie's name?
-            if (isset($_COOKIE['token']))
-                $this->ValidateToken($_COOKIE['token']);
+        private const SecondsInDays = 86400;
+        
+        function __construct() {
+            if(isset($_COOKIE['token'])) { 
+                $this->ValidateSession($_COOKIE['token']); 
+            }
         }
 
-        // RoleSet helpers
-        public function IsOwner()
-        {
-            return $this->Rank === UserRank::Owner;
+        function isOwner() {
+            if ($this->rank == 3) {
+                return true;
+            }
+            return false;
+        }
+        
+        function isAdmin() {
+            if($this->rank == 2 || $this->rank == 3) {
+                return true;
+            }
+            return false;
         }
 
-        public function IsAdministrator()
-        {
-            return $this->Rank === UserRank::Administrator || $this->Rank === UserRank::Owner;
-        }
-
-        public function IsStaff()
-        {
-            return $this->Rank === UserRank::Administrator || $this->Rank === UserRank::Moderator || $this->Rank === UserRank::Owner;
+        function isStaff() {
+            if($this->rank == 1 || $this->rank == 2 || $this->rank == 3) {
+                return true;
+            }
+            return false;
         }
 
         public function UpdateLastSeen()
         {
-            if (!UserModerationManager::IsBanned($this->ID)) {
-                $query = $GLOBALS['pdo']->prepare("UPDATE `users` SET `lastseen` = UNIX_TIMESTAMP() WHERE `id` = :id");
-                $query->bindParam(":id", $this->ID, PDO::PARAM_INT);
-                $query->execute();
+            if (!UserModerationManager::IsBanned($this->id)) {
+                $updateLastSeen = $GLOBALS['pdo']->prepare("UPDATE users SET lastseen = UNIX_TIMESTAMP() WHERE id = :id");
+                $updateLastSeen->bindParam(":id", $this->id, PDO::PARAM_INT);
+                $updateLastSeen->execute();
             }
         }
 
         public function UpdateDailyTime(int $dailyTime)
         {
-            if (!UserModerationManager::IsBanned($this->ID)) {
+            if (Activation::IsUserActivated($this->id) && !UserModerationManager::IsBanned($this->id)) {
                 if (($dailyTime + User::SecondsInDays) < time() || $dailyTime == 0) {
                     // it has been a day or this is their first collection.
                     $query = $GLOBALS['pdo']->prepare("UPDATE `users` SET `dailytime` = UNIX_TIMESTAMP(), `currency` = (`currency` + 20) WHERE `id` = :id");
-                    $query->bindParam(":id", $this->ID, PDO::PARAM_INT);
+                    $query->bindParam(":id", $this->id, PDO::PARAM_INT);
                     $query->execute();
                 }
             }
@@ -62,70 +75,57 @@ namespace Alphaland\Users {
         public function UpdateIpAddress()
         {
             $ip = WebContextManager::GetCurrentIPAddress();
-            $query = $GLOBALS['pdo']->prepare("UPDATE `users` SET `ip` = :ip WHERE `id` = :id");
-            $query->bindParam(":ip", $ip, PDO::PARAM_STR);
-            $query->bindParam(":id", $this->ID, PDO::PARAM_INT);
-            $query->execute();
+            $updateip = $GLOBALS['pdo']->prepare("UPDATE users SET ip = :ip WHERE id = :id");
+            $updateip->bindParam(":ip", $ip, PDO::PARAM_STR);
+            $updateip->bindParam(":id", $this->id, PDO::PARAM_INT);
+            $updateip->execute();
         }
 
-        public function ValidateToken(string $token): bool
+        public function ValidateSession(string $token)
         {
-            $query = $GLOBALS['pdo']->prepare("SELECT * FROM `users` WHERE `id` = :id");
-            $query->bindParam(":tk", $token, PDO::PARAM_STR);
-            $query->execute();
+            $session = $GLOBALS['pdo']->prepare("SELECT * FROM sessions WHERE token = :tk AND valid = 1");
+            $session->bindParam(":tk", $token, PDO::PARAM_STR);
+            $session->execute();
+            if($session->rowCount() > 0) 
+            {
+                $session = $session->fetch(PDO::FETCH_OBJ);
+                $userinfo = $GLOBALS['pdo']->prepare("SELECT * FROM users WHERE id = :id");
+                $userinfo->bindParam(":id", $session->uid, PDO::PARAM_INT);
+                $userinfo->execute();
 
-            if ($query->rowCount() > 0) {
-                return $this->ValidateTokenInternal($query->fetch(PDO::FETCH_OBJ));
+                if ($userinfo->rowCount() > 0) 
+                {
+                    $userinfo = $userinfo->fetch(PDO::FETCH_OBJ);
+                    
+                    //session dependent info
+                    $this->logged_in = true;
+                    $this->sessionCookieID = $session->id;
+                    $this->twoFactorUnlocked = $session->twoFactorUnlocked;
+
+                    //user dependent info
+                    $this->id = $userinfo->id;
+                    $this->name = $userinfo->username;
+                    $this->rank = $userinfo->rank;
+                    $this->currency = $userinfo->currency;
+                    $this->UpdateLastSeen();
+                    $this->UpdateIpAddress();          
+                    $this->UpdateDailyTime($userinfo->dailytime);
+
+                    return true;
+                }
             }
-
-            // No valid session found.
-            setcookie("token", null, time(), "/");
+            //No valid session
+            setcookie("token", null, time(), "/", ".alphaland.cc"); //delete (all token?) cookies
             return false;
         }
 
-        public function Logout()
+        function logout() 
         {
-            if ($this->IsLoggedIn) {
-                $query = $GLOBALS['pdo']->prepare("UPDATE `sessions` SET `valid` = 0 WHERE `id` = :id");
-                $query->bindParam(":id", $this->SessionCookieID, PDO::PARAM_INT);
-                $query->execute();
+            if($this->logged_in) {
+                $logout = $GLOBALS['pdo']->prepare("DELETE FROM sessions WHERE id = :id");
+                $logout->bindParam(":id", $this->sessionCookieID, PDO::PARAM_INT);
+                $logout->execute();
             }
         }
-
-        private function ValidateTokenInternal($session): bool
-        {
-            $query = $GLOBALS['pdo']->prepare("SELECT * FROM users WHERE id = :id");
-            $query->bindParam(":id", $session->uid, PDO::PARAM_INT);
-            $query->execute();
-
-            if ($query->rowCount() > 0) {
-                $userInfo = $query->fetch(PDO::FETCH_OBJ);
-                $this->ConstructSelf($session, $userInfo);
-                $this->UpdateLastSeen();
-                $this->UpdateIpAddress();
-                $this->UpdateDailyTime($userInfo->dailytime);
-                return true;
-            }
-
-            // No user info found.
-            setcookie("token", null, time(), "/");
-            return false;
-        }
-
-
-        private function ConstructSelf($session, $userInfo)
-        {
-            // Session
-            $this->IsLoggedIn = true;
-            $this->ID = $session->uid;
-            $this->SessionCookieID = $session->id;
-
-            // UserInfo
-            $this->Name = $userInfo->username;
-            $this->Rank = UserRank::FromInt($userInfo->rank);
-            $this->Currency = $userInfo->currency;
-        }
-
-        private const SecondsInDays = 86400;
-    }
-}
+    }	
+}
\ No newline at end of file
diff --git a/globals/Dependencies/Users/UserRank.php b/globals/Dependencies/Users/UserRank.php
deleted file mode 100644
index e528dde..0000000
--- a/globals/Dependencies/Users/UserRank.php
+++ /dev/null
@@ -1,60 +0,0 @@
-<?php
-
-
-/**
- * File Name: UserRank.php
- * Written By: Nikita Petko
- * Description: Rank of a user I suppose
- */
-
-namespace Alphaland\Users {
-
-    /**
-     * Refers to the mock RoleSet of a user in the DataBase.
-     * The abstract class here is apparently how you do Enums in PHP.
-     */
-    abstract class UserRank
-    {
-        /**
-         * The user is a visitor to the site.
-         */
-        const Visitor = -1;
-
-        /**
-         * The user is a regular member that signed up.
-         */
-        const Member = 0;
-
-        /**
-         * The user has more privilages
-         */
-        const Moderator = 1;
-
-        /**
-         * Too lazy to doc
-         */
-        const Administrator = 2;
-
-        /**
-         * Too lazy to doc
-         */
-        const Owner = 3;
-
-        public static function FromInt(int $id)
-        {
-            switch ($id) {
-                case 0:
-                    return UserRank::Member;
-                case 1:
-                    return UserRank::Moderator;
-                case 2:
-                    return UserRank::Administrator;
-                case 3:
-                    return UserRank::Owner;
-                case -1:
-                default:
-                    return UserRank::Visitor;
-            }
-        }
-    }
-}
diff --git a/globals/config.php b/globals/config.php
index 70c0fc4..9207864 100644
--- a/globals/config.php
+++ b/globals/config.php
@@ -17,6 +17,7 @@ use Alphaland\Users\TwoFactor;
 use Alphaland\Moderation\UserModerationManager;
 use Alphaland\Web\WebContextManager;
 use Alphaland\Common\System;
+use Alphaland\Users\User;
 
 try 
 {
@@ -114,6 +115,7 @@ try
 	include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Users/Render.php";
 	include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Common/Signing.php";
 	include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Games/Ticket.php";
+	include "C:/Webserver/nginx/Alphaland/globals/Dependencies/Users/User.php";
 
 	//authenticator 
 	$authenticator = new PHPGangsta_GoogleAuthenticator();
@@ -137,7 +139,9 @@ try
 	
 	//more includes
 	require_once 'functions.php';
-	require_once 'userauth.php';
+
+	//user
+	$user = new User();
 	
 	//redirects
 	if (!System::IsCommandLine() && //is not executed from cmd line
diff --git a/globals/functions.php b/globals/functions.php
index f74e8b8..7f9ce48 100644
--- a/globals/functions.php
+++ b/globals/functions.php
@@ -4984,7 +4984,7 @@ function createSession($userID) {
 	$session->bindParam(":ua", $user_agent, PDO::PARAM_STR);
 	if($session->execute()) {
 		setcookie("token", $token, time() + (86400 * 30), "/", ".alphaland.cc"); //30 day expiration on token for (hopefully) all alphaland paths 
-		$GLOBALS['user']->checkIfTokenValid($token);
+		$GLOBALS['user']->ValidateSession($token);
 		return true;
 	} else {
 		return false;
diff --git a/globals/userauth.php b/globals/userauth.php
deleted file mode 100644
index 3e7321d..0000000
--- a/globals/userauth.php
+++ /dev/null
@@ -1,121 +0,0 @@
-<?php
-
-/*
-	Alphaland 2021
-	User class
-*/
-
-use Alphaland\Moderation\UserModerationManager;
-use Alphaland\Users\Activation;
-
-class user {
-	public $id = -1;
-	public $name = "";
-	public $rank = -1; // -1 = visitor, 0 = member, 1 = mod, 2 = admin, 3 = owner
-	public $currency = -1;
-	public $sessionCookieID = 0;
-	public $logged_in = false;
-	public $twoFactorUnlocked = false;
-	
-	function __construct() {
-		if(isset($_COOKIE['token'])) { $this->checkIfTokenValid($_COOKIE['token']); }
-	}
-
-	function isOwner() {
-		if ($this->rank == 3) {
-			return true;
-		}
-		return false;
-	}
-	
-	function isAdmin() {
-		if($this->rank == 2 || $this->rank == 3) {
-			return true;
-		}
-		return false;
-	}
-
-	function isStaff() {
-		if($this->rank == 1 || $this->rank == 2 || $this->rank == 3) {
-			return true;
-		}
-		return false;
-	}
-	
-	function checkIfTokenValid($token) {
-		$check = $GLOBALS['pdo']->prepare("SELECT * FROM sessions WHERE token = :tk AND valid = 1");
-		$check->bindParam(":tk", $token, PDO::PARAM_STR);
-		$check->execute();
-		if($check->rowCount() > 0) {
-		    $info = $check->fetch(PDO::FETCH_OBJ);
-			$userIP = getIP();
-    		//if(($info->whenCreated + (86400 * 30)) > time()) { //Tokens should only last 30 days
-				$userInfo = $GLOBALS['pdo']->prepare("SELECT * FROM users WHERE id = :id");
-				$userInfo->bindParam(":id", $info->uid, PDO::PARAM_INT);
-				$userInfo->execute();
-				if($userInfo->rowCount() > 0) {
-					$userInfo = $userInfo->fetch(PDO::FETCH_OBJ);
-							
-					//session info
-					$this->logged_in = true;
-					$this->id = $info->uid;
-					$this->sessionCookieID = $info->id;
-					$this->twoFactorUnlocked = $info->twoFactorUnlocked;
-					// ...
-							
-					//user info
-					$this->name = $userInfo->username;
-					$this->rank = $userInfo->rank;
-					$this->currency = $userInfo->currency;
-					// ..
-
-					//activation stuff
-					$activated = Activation::IsUserActivated($this->id);
-
-					//banned
-					$banned = UserModerationManager::IsBanned($this->id);
-
-					if (!$banned)
-					{
-						//update token interval
-						$updateLastSeen = $GLOBALS['pdo']->prepare("UPDATE users SET lastseen = UNIX_TIMESTAMP() WHERE id = :id");
-						$updateLastSeen->bindParam(":id", $this->id, PDO::PARAM_INT);
-						$updateLastSeen->execute();
-					}
-							
-					//update user's ip
-					$updateip = $GLOBALS['pdo']->prepare("UPDATE users SET ip = :ip WHERE id = :id");
-					$updateip->bindParam(":ip", $userIP, PDO::PARAM_STR);
-					$updateip->bindParam(":id", $info->uid, PDO::PARAM_INT);
-					$updateip->execute();
-							
-					if ($activated && !$banned)
-					{
-						//reward currency daily
-						if (($userInfo->dailytime + (86400 * 1)) < time() || $userInfo->dailytime == 0) //its been a day or first time
-						{
-							$updateDaily = $GLOBALS['pdo']->prepare("UPDATE users SET dailytime = UNIX_TIMESTAMP(), currency = (currency + 20) WHERE id = :id");
-							$updateDaily->bindParam(":id", $this->id, PDO::PARAM_INT);
-							$updateDaily->execute();
-						}
-					}
-					return true;
-				}
-    	    //}
-		}
-		//invalid token, set the token to null
-		setcookie("token", null, time(), "/");
-		return false;
-	}
-	function logout() {
-		if($this->logged_in) {
-			$logout = $GLOBALS['pdo']->prepare("DELETE FROM sessions WHERE id = :id");
-			$logout->bindParam(":id", $this->sessionCookieID, PDO::PARAM_INT);
-			$logout->execute();
-		}
-	}
-
-	
-}
-
-$user = new user();
\ No newline at end of file