m1k1oblog/app/user.class.php

<?php
defined('PROJECT_PATH') OR exit('No direct script access allowed');

class user
{
	const SESSION_NAME = "logged_in";

	public static function is_visitor(){
		if(!Config::get_safe("force_login", false)){
			return true;
		}

		return !empty($_SESSION[User::SESSION_NAME]) && $_SESSION[User::SESSION_NAME] === 'visitor';
	}

	public static function is_logged_in(){
		if(!Config::get_safe("force_login", false)){
			return true;
		}

		return !empty($_SESSION[User::SESSION_NAME]) && $_SESSION[User::SESSION_NAME] === hash("crc32", Config::get("nick").Config::get_safe("pass", ""), false);
	}

	public static function login($nick, $pass){
		if(!Config::get_safe("force_login", false)){
			return true;
		}

		if(self::is_logged_in()){
			throw new Exception(__("You are already logged in."));
		}

		if(Config::get("nick") === $nick && Config::get_safe("pass", "") === $pass){
			$_SESSION[User::SESSION_NAME] = hash("crc32", $nick.$pass, false);
			return ["logged_in" => true, "is_visitor" => false];
		}

		// Legacy: Visitors and Friends.
		$visitors = array_merge(
			Config::get_safe("friends", []),
			Config::get_safe("visitor", [])
		);
		if(!empty($visitors) && isset($visitors[$nick]) && $visitors[$nick] === $pass){
			$_SESSION[User::SESSION_NAME] = 'visitor';
			return ["logged_in" => false, "is_visitor" => true];
		}

		Log::put("login_fails", $nick);
		throw new Exception(__("The nick or password is incorrect."));
	}

	public static function logout(){
		if(!Config::get_safe("force_login", false)){
			throw new Exception(__("You can't log out. There is no account."));
		}

		if(!self::is_logged_in() && !self::is_visitor()){
			throw new Exception(__("You are not even logged in."));
		}

		$_SESSION[User::SESSION_NAME] = false;
		return true;
	}
}
User moved to class 2016-12-28 14:46:07 +00:00			`<?php`
php deny code execution for included files 2019-12-23 17:50:43 +00:00			`defined('PROJECT_PATH') OR exit('No direct script access allowed');`
User moved to class 2016-12-28 14:46:07 +00:00
			`class user`
			`{`
			`const SESSION_NAME = "logged_in";`
remove empty lines with spaces 2019-12-20 17:38:48 +00:00
Added Visitors 2017-09-25 18:43:27 +00:00			`public static function is_visitor(){`
			`if(!Config::get_safe("force_login", false)){`
			`return true;`
			`}`
remove empty lines with spaces 2019-12-20 17:38:48 +00:00
equality operator to === 2019-12-20 17:30:35 +00:00			`return !empty($_SESSION[User::SESSION_NAME]) && $_SESSION[User::SESSION_NAME] === 'visitor';`
Added Visitors 2017-09-25 18:43:27 +00:00			`}`

User moved to class 2016-12-28 14:46:07 +00:00			`public static function is_logged_in(){`
			`if(!Config::get_safe("force_login", false)){`
			`return true;`
			`}`
remove empty lines with spaces 2019-12-20 17:38:48 +00:00
crc32 instead of md5 2019-12-20 17:31:32 +00:00			`return !empty($_SESSION[User::SESSION_NAME]) && $_SESSION[User::SESSION_NAME] === hash("crc32", Config::get("nick").Config::get_safe("pass", ""), false);`
User moved to class 2016-12-28 14:46:07 +00:00			`}`
remove empty lines with spaces 2019-12-20 17:38:48 +00:00
User moved to class 2016-12-28 14:46:07 +00:00			`public static function login($nick, $pass){`
			`if(!Config::get_safe("force_login", false)){`
			`return true;`
			`}`
remove empty lines with spaces 2019-12-20 17:38:48 +00:00
User moved to class 2016-12-28 14:46:07 +00:00			`if(self::is_logged_in()){`
Language Pack + New Filters 2017-06-19 17:51:59 +00:00			`throw new Exception(__("You are already logged in."));`
User moved to class 2016-12-28 14:46:07 +00:00			`}`
remove empty lines with spaces 2019-12-20 17:38:48 +00:00
equality operator to === 2019-12-20 17:30:35 +00:00			`if(Config::get("nick") === $nick && Config::get_safe("pass", "") === $pass){`
crc32 instead of md5 2019-12-20 17:31:32 +00:00			`$_SESSION[User::SESSION_NAME] = hash("crc32", $nick.$pass, false);`
Added Visitors 2017-09-25 18:43:27 +00:00			`return ["logged_in" => true, "is_visitor" => false];`
User moved to class 2016-12-28 14:46:07 +00:00			`}`
Added Visitors 2017-09-25 18:43:27 +00:00
visitors as friends in envs #17 2020-07-05 17:41:45 +00:00			`// Legacy: Visitors and Friends.`
			`$visitors = array_merge(`
			`Config::get_safe("friends", []),`
			`Config::get_safe("visitor", [])`
			`);`
equality operator to === 2019-12-20 17:30:35 +00:00			`if(!empty($visitors) && isset($visitors[$nick]) && $visitors[$nick] === $pass){`
Added Visitors 2017-09-25 18:43:27 +00:00			`$_SESSION[User::SESSION_NAME] = 'visitor';`
			`return ["logged_in" => false, "is_visitor" => true];`
			`}`

User moved to class 2016-12-28 14:46:07 +00:00			`Log::put("login_fails", $nick);`
Language Pack + New Filters 2017-06-19 17:51:59 +00:00			`throw new Exception(__("The nick or password is incorrect."));`
User moved to class 2016-12-28 14:46:07 +00:00			`}`
remove empty lines with spaces 2019-12-20 17:38:48 +00:00
User moved to class 2016-12-28 14:46:07 +00:00			`public static function logout(){`
			`if(!Config::get_safe("force_login", false)){`
Language Pack + New Filters 2017-06-19 17:51:59 +00:00			`throw new Exception(__("You can't log out. There is no account."));`
User moved to class 2016-12-28 14:46:07 +00:00			`}`
remove empty lines with spaces 2019-12-20 17:38:48 +00:00
Added Visitors 2017-09-25 18:43:27 +00:00			`if(!self::is_logged_in() && !self::is_visitor()){`
Language Pack + New Filters 2017-06-19 17:51:59 +00:00			`throw new Exception(__("You are not even logged in."));`
User moved to class 2016-12-28 14:46:07 +00:00			`}`
remove empty lines with spaces 2019-12-20 17:38:48 +00:00
User moved to class 2016-12-28 14:46:07 +00:00			`$_SESSION[User::SESSION_NAME] = false;`
			`return true;`
			`}`
			`}`