Source of file User.php
Size: 12,126 Bytes - Last Modified: 2018-03-12T01:55:16+01:00
C:/xampp/htdocs/PodTube/src/classes/User.php
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950
Covered by 6 test(s):
51
Covered by 6 test(s):
52
Covered by 6 test(s):
53
Covered by 6 test(s):
54
Covered by 6 test(s):
55
Covered by 6 test(s):
56
Covered by 6 test(s):
57
Covered by 6 test(s):
585960
Covered by 2 test(s):
61626364
Covered by 2 test(s):
6566
Covered by 2 test(s):
6768697071
Covered by 2 test(s):
72
Covered by 1 test(s):
737475
Covered by 2 test(s):
767778
Covered by 2 test(s):
79808182
Covered by 2 test(s):
83
Covered by 2 test(s):
84
Covered by 2 test(s):
85
Covered by 2 test(s):
86
Covered by 2 test(s):
87
Covered by 2 test(s):
88
Covered by 2 test(s):
89
Covered by 2 test(s):
90919293
Covered by 2 test(s):
94
Covered by 2 test(s):
95
Covered by 2 test(s):
96
Covered by 2 test(s):
97
Covered by 2 test(s):
98
Covered by 2 test(s):
99100101102103104105106107
Covered by 2 test(s):
108109110111112113114115116117
Covered by 2 test(s):
118119120121122123124125126127
Covered by 2 test(s):
128129130131132133134135136137
Covered by 3 test(s):
138139140141142143144145146147
Covered by 3 test(s):
148
Covered by 3 test(s):
149150
Covered by 3 test(s):
151152153154155156157158159
Covered by 3 test(s):
160161162163164165166167168169
Covered by 1 test(s):
170171172173174175176177178179180
Covered by 1 test(s):
181
Covered by 1 test(s):
182
Covered by 1 test(s):
183184185186
Covered by 1 test(s):
187188189190191192193194195196
Covered by 1 test(s):
197
Covered by 1 test(s):
198199
Covered by 1 test(s):
200201202203204205206207208209
Covered by 1 test(s):
210211212213214215216
Covered by 3 test(s):
217218219220221222223
Covered by 2 test(s):
224
Covered by 2 test(s):
225226227228229230
Covered by 3 test(s):
231232233234235236237
Covered by 1 test(s):
238
Covered by 1 test(s):
239240241242243244
Covered by 3 test(s):
245246247248249250251
Covered by 1 test(s):
252
Covered by 1 test(s):
253254255256257258259260261
Covered by 1 test(s):
262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295
Covered by 3 test(s):
296297298299300301302303304305
Covered by 2 test(s):
306
Covered by 2 test(s):
307
Covered by 2 test(s):
308309310311312313314315
Covered by 1 test(s):
316317318319320321322323324
Covered by 1 test(s):
325
Covered by 1 test(s):
326327328329330331332333
Covered by 3 test(s):
334335336337338339340341342
Covered by 3 test(s):
343
Covered by 3 test(s):
344
Covered by 3 test(s):
345346347348349350351352
Covered by 2 test(s):
353354355356357358359360361
Covered by 2 test(s):
362
Covered by 2 test(s):
363
Covered by 2 test(s):
364365366367368369370371
Covered by 1 test(s):
372373374375376377378379380
Covered by 1 test(s):
381
Covered by 1 test(s):
382383384385386387388389
Covered by 1 test(s):
390391392393394395396397398
Covered by 1 test(s):
399
Covered by 1 test(s):
400401402403404405406407
Covered by 1 test(s):
408
Covered by 1 test(s):
409410411
Covered by 1 test(s):
412413414415416417418419420
Covered by 1 test(s):
421
Covered by 1 test(s):
422423424425426427428429
Covered by 2 test(s):
430431432433434435436437438
Covered by 2 test(s):
439
Covered by 2 test(s):
440441442443444445446447
Covered by 1 test(s):
448
Covered by 1 test(s):
449450451452453454455456
Covered by 1 test(s):
457458459460461462463464465
Covered by 3 test(s):
466
Covered by 3 test(s):
467468469470471472473474
Covered by 1 test(s):
475476477478479480481482483
Covered by 3 test(s):
484
Covered by 3 test(s):
485486487488489490491492
Covered by 3 test(s):
493494495496497498499500501
Covered by 1 test(s):
502
Covered by 1 test(s):
503504505506507508
Covered by 1 test(s):
509
Covered by 1 test(s):
510511
Covered by 1 test(s):
512513514515516517518
Covered by 3 test(s):
519
Covered by 3 test(s):
520521522
| <?php namespace AudioDidact; use AudioDidact\DB\DAL; require_once __DIR__ . "/../header.php"; /** * Class User stores user specific information */ class User { /** @var string $username is the username */ private $username; /** @var string $email is the email */ private $email; /** @var string $fname is the first name */ private $fname; /** @var string $lname is the last name */ private $lname; /** @var int $gender is the gender as an integer */ private $gender; /** @var string $webID is the webID */ private $webID; /** @var string $passwd is the hashed password */ private $passwd; /** @var int $userID is the unique identifier assigned by the database */ private $userID; /** @var string $feedText is the full xml text of the feed */ private $feedText; /** @var int $feedLength is the maximum number of items in the feed */ private $feedLength; /** @var array $feedDetails is an associative array containing the details used to make the feed */ private $feedDetails; /** @var bool $privateFeed true if the user's feed should be protected by HTTP Basic Authentication */ private $privateFeed; /** @var bool $emailVerified true when the user has verified their email address */ private $emailVerified; /** @var array $emailVerificationCodes a dictionary of valid email verification response codes * values are in the form of [["code"=xyz, "expiration"=xyz]]*/ private $emailVerificationCodes; /** @var array $passwordRecoveryCodes a dictionary of valid password recovery response codes * values are in the form of [["code"=xyz, "expiration"=xyz]]*/ private $passwordRecoveryCodes; /** * User constructor. */ public function __construct(){ $this->feedDetails = ["title" => "AudioDidact", "description" => "Learn by putting audio and video from multiple sources into a portable podcast feed.", "icon" => LOCAL_URL . "public/img/favicon/favicon-512x512.png", "itunesAuthor" => "Michael Dombrowski"]; $this->emailVerificationCodes = []; $this->passwordRecoveryCodes = []; $this->emailVerified = false; } public function signup($uname, $passwd, $email, DAL $dal, $sendEmail = true){ if(trim($uname) == "" || trim($passwd) == "" || trim($email) == ""){ return "Sign up failed:\nUsername, password, or email is empty!"; } // Disallow spaces in usernames, but automatically correct it $uname = trim($uname); if(!$this->validatePassword($passwd)){ return "Sign up failed:\nPassword must be greater than 6 characters long!"; } // Make sure the username and email address are not taken. if($dal->emailExists($email) || $dal->usernameExists($uname)){ return "Sign up failed:\nUsername or email already in use!"; } if(!$this->validateEmail($email)){ return "Sign up failed:\nInvalid Email Address!"; } if(!$this->validateWebID($uname)){ return "Sign up failed:\nUsername contains invalid characters!"; } $this->setUsername($uname); $this->setEmail($email); $this->setPasswd($passwd); $this->setWebID($uname); $this->setPrivateFeed(false); $this->setFeedLength(25); $this->setFeedText(PodTube::makeFullFeed($this, $dal, true)->generateFeed()); $this->setEmailVerified(false); // Add user to db and send email to verify try{ $dal->addUser($this); $user = $dal->getUserByUsername($uname); $user->addEmailVerificationCode(); $dal->updateUserEmailPasswordCodes($user); if($sendEmail && EMAIL_ENABLED){ EMail::sendVerificationEmail($user); } } catch(\Exception $e){ error_log($e); return "Sign up failed due to an unknown error.\nPlease contact the developer from the help page."; } return "Sign up success!"; } /** * Validates password for length * * @param $password * @return bool */ public function validatePassword($password){ return mb_strlen($password) >= 6; } /** * Validates names and other strings using PHP FILTER_VALIDATE_EMAIL. Returns true if the string is valid * * @param $email * @return bool */ public function validateEmail($email){ return filter_var($email, FILTER_VALIDATE_EMAIL); } /** * Validates webID so it can only contain alphanumerics _,-,@, and $. Returns true if the string is valid * * @param $webID * @return bool */ public function validateWebID($webID){ return $webID == mb_ereg_replace("[^a-zA-Z0-9_\-~@\$]", "", $webID) && mb_strlen($webID) > 0; } /** * Generates a random code and adds it to the list of email verification codes * * @return array */ public function addEmailVerificationCode(){ // Make a new code and set the expiration for 24 hours $newRandomCode = $this->generateRandomCode(); $this->emailVerificationCodes[] = $newRandomCode; return $newRandomCode; } /** * returns a dictionary in the form of ["code"=random, "expiration"=24hours from now] * * @return array */ private function generateRandomCode(){ return ["code" => md5(uniqid(rand(), true)), "expiration" => time() + (60 * 60 * 24)]; } /** * verifies that a given email verification code is valid for this user * * @param $c * @return bool */ public function verifyEmailVerificationCode($c){ return $this->verifyCodes($this->emailVerificationCodes, $c); } /** * Generic function to check that a given code is in a given code set and the expiration has not been exceeded * * @param $existingCodes * @param $toCheck * @return bool */ private function verifyCodes($existingCodes, $toCheck){ foreach($existingCodes as $codes){ if($codes["code"] == $toCheck && $codes["expiration"] >= time()){ return true; } } return false; } /** * Generates a random code and adds it to the list of password recovery codes * * @return array */ public function addPasswordRecoveryCode(){ // Make a new code and set the expiration for 24 hours $newRandomCode = $this->generateRandomCode(); $this->passwordRecoveryCodes[] = $newRandomCode; return $newRandomCode; } /** * verifies that a given password recovery code is valid for this user * * @param $c * @return bool */ public function verifyPasswordRecoveryCode($c){ return $this->verifyCodes($this->passwordRecoveryCodes, $c); } /** * @return bool */ public function isEmailVerified(){ return $this->emailVerified; } /** * @param bool $emailVerified */ public function setEmailVerified($emailVerified){ $this->emailVerified = boolval($emailVerified); } /** * @return array */ public function getEmailVerificationCodes(){ return $this->emailVerificationCodes; } /** * @param array $emailVerificationCodes */ public function setEmailVerificationCodes($emailVerificationCodes){ $this->emailVerificationCodes = $emailVerificationCodes; } /** * @return array */ public function getPasswordRecoveryCodes(){ return $this->passwordRecoveryCodes; } /** * @param array $passwordRecoveryCodes */ public function setPasswordRecoveryCodes($passwordRecoveryCodes){ $this->passwordRecoveryCodes = $passwordRecoveryCodes; } /** * Validates names and other strings using PHP FILTER_SANITIZE_STRING. Returns true if the string is valid * * @param $name * @return bool */ public function validateName($name){ return filter_var($name, FILTER_SANITIZE_STRING) == $name; } /** * Checks if plaintext password when hashed, matches the hashed password stored in this User * * @param string $passwd The password to check against the password stored in the database * @return bool */ public function passwdCorrect($passwd){ if(mb_strpos($this->getPasswd(), '$2y$12$') !== false){ return password_verify($passwd, $this->getPasswd()); } else{ // Check password using old scheme $result = hash("SHA512", $passwd . $this->username) == $this->getPasswd(); // If the password was correct, then update it to the new bcrypt scheme if($result){ $this->setPasswd($passwd); require_once __DIR__ . "/../config.php"; $dal = GlobalFunctions::getDAL(); $dal->updateUserPassword($this); } return $result; } } /** * Gets hashed password * * @return mixed */ public function getPasswd(){ return $this->passwd; } /** * Sets hashed password using plaintext password and username * * @param string $passwd * */ public function setPasswd($passwd){ $options = ['cost' => 12]; $this->passwd = password_hash($passwd, PASSWORD_BCRYPT, $options); } /** * Gets user ID * * @return mixed */ public function getUserID(){ return $this->userID; } /** * Sets user ID * * @param mixed $userID */ public function setUserID($userID){ $this->userID = $userID; } /** * Gets username in lowercase * * @return mixed */ public function getUsername(){ return mb_strtolower($this->username); } /** * Sets username in lowercase * * @param mixed $username */ public function setUsername($username){ $username = mb_strtolower($username); $this->username = $username; } /** * Gets email in lowercase * * @return mixed */ public function getEmail(){ return mb_strtolower($this->email); } /** * Sets email in lower case * * @param mixed $email */ public function setEmail($email){ $email = mb_strtolower($email); $this->email = $email; } /** * Gets first name * * @return mixed */ public function getFname(){ return $this->fname; } /** * Sets first name * * @param mixed $fname */ public function setFname($fname){ $this->fname = $fname; } /** * Gets last name * * @return mixed */ public function getLname(){ return $this->lname; } /** * Sets last name * * @param mixed $lname */ public function setLname($lname){ $this->lname = $lname; } /** * Gets gender as integer, or if not set, returns 1 (Male) * * @return int */ public function getGender(){ if($this->gender == ""){ return 1; } return $this->gender; } /** * Sets gender * * @param int $gender */ public function setGender($gender){ $this->gender = intval($gender); } /** * Gets webID * * @return mixed */ public function getWebID(){ return $this->webID; } /** * Sets webID * * @param string $webID */ public function setWebID($webID){ $this->webID = $webID; } /** * Used to set the hashed password from the database. * * @param string $passwd Hashed password from database */ public function setPasswdDB($passwd){ $this->passwd = $passwd; } /** * Gets feed text * * @return string */ public function getFeedText(){ return $this->feedText; } /** * Sets feed text * * @param string $feedText */ public function setFeedText($feedText){ $this->feedText = $feedText; } /** * Gets feed length * * @return int */ public function getFeedLength(){ return $this->feedLength; } /** * Sets feed length * * @param int $feedLength */ public function setFeedLength($feedLength){ $this->feedLength = intval($feedLength); } /** * Gets the feed detail array * * @return array */ public function getFeedDetails(){ return $this->feedDetails; } /** * Sets the feed detail array * * @param array $feedDetails */ public function setFeedDetails($feedDetails){ $this->feedDetails = $feedDetails; } /** * @return boolean */ public function isPrivateFeed(){ if(empty($this->privateFeed)){ return false; } return $this->privateFeed; } /** * @param boolean $privateFeed */ public function setPrivateFeed($privateFeed){ $this->privateFeed = boolval($privateFeed); } } |