Strahan

Global classes

Jul 24th, 2022 (edited)
1,303
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 15.18 KB | None | 0 0
  1. //*******************************************************************************************************************************************
  2. //
  3. // User object
  4. //
  5. //*******************************************************************************************************************************************
  6. class User {
  7.   public $id = "";
  8.   public $username = "";
  9.   public $password = "";
  10.   public $email = "";
  11.   public $flags = 0;
  12.   public $datecreated = 0;
  13.   public $datedisabled = 0;
  14.   public $daterequested = 0;
  15.   public $datelogin = 0;
  16.   public $resetkey = "";
  17.   public $tfacode = "";
  18.   public $verification = "";
  19.   public $rights = 0;
  20.   public $roles = [];
  21.   public $authtoken = "";
  22.  
  23.   function __construct($uid = "", $opts = []) {
  24.     if (empty($uid)) return;
  25.    
  26.     $this->id = $uid;
  27.     $this->populate($opts);
  28.   }
  29.  
  30.   function getAclPrincipal() {
  31.     $ret = new ACLPrincipal();
  32.     $ret->set($this->id, $this->username);
  33.     return $ret;
  34.   }
  35.  
  36.   function populate() {
  37.     global $pdo;
  38.     if (empty($this->id)) return;
  39.    
  40.     $sql = $pdo->prepare("SELECT * FROM users WHERE uid = ?");
  41.     $sql->execute([$this->id]); $row = $sql->fetch(PDO::FETCH_ASSOC);
  42.     if (!$row) return;
  43.    
  44.     if (empty($row["userobj"])) {
  45.       $this->email = $row["email"];
  46.       $this->username = $row["username"];
  47.       $this->populateRoles();
  48.       return;
  49.     }
  50.    
  51.     $obj = unserialize($row["userobj"]);
  52.     foreach ((new ReflectionClass("User"))->getProperties() AS $k=>$v) {
  53.       $this->{$v->getName()} = $obj->{$v->getName()};
  54.     }
  55.   }
  56.  
  57.   function populateRoles() {
  58.     global $pdo;
  59.     if (empty($this->id)) return;
  60.    
  61.     $this->roles = [];
  62.     $data = getData($pdo, "users_roles", ["criteria"=>["uid = ?"=>$this->id]]);
  63.     foreach ($data AS $rid=>$data) {
  64.       $this->roles[] = new Role($rid);
  65.     }
  66.   }
  67.      
  68.   function flush() {
  69.     global $pdo;
  70.     if (empty($this->id)) $this->datecreated = time();
  71.     if (empty(password_get_info($this->password)["algo"]) && !empty($this->password)) $this->password = password_hash($this->password, PASSWORD_DEFAULT);
  72.     $data = ["userobj"=>serialize($this)];
  73.     foreach (["username","email"] AS $f) $data[$f] = $this->$f;
  74.    
  75.     if (empty($this->id)) {
  76.       $this->id = setData($pdo, "users", $data);
  77.       setData($pdo, "users", ["uid"=>$this->id, "userobj"=>serialize($this)]);
  78.       delData($pdo, "users_roles", ["uid = ?"=>$this->id]);
  79.       foreach ($this->roles AS $role) setData($pdo, "roles", ["id"=>$this->id, "rid"=>$role->id]);
  80.       return $this->id;
  81.     }
  82.  
  83.     $data["uid"] = $this->id;
  84.     setData($pdo, "users", $data);
  85.     delData($pdo, "users_roles", ["id = ?"=>$this->id]);
  86.     foreach ($this->roles AS $role) setData($pdo, "roles", ["id"=>$this->id, "rid"=>$role->id]);
  87.   }
  88.  
  89.   function hasPermission($perm, $opts = []) {
  90.     $class = array_key_exists("class", $opts) ? $opts["class"] : "Perm";
  91.     $admin = array_key_exists("admin", $opts) ? $opts["admin"] : Perm::Administrator;
  92.     $deny  = array_key_exists("deny",  $opts) ? $opts["deny"]  : Perm::Deny;
  93.    
  94.     if ($this->rights & $admin) return true;
  95.     if ($this->rights & $deny) return false;
  96.     foreach ($roles AS $role) {
  97.       if ($role->rights & $deny) return false;
  98.       if ($role->rights & $perm) return true;
  99.     }
  100.     if ($this->rights & $perm) return true;
  101.   }
  102. }
  103.  
  104.  
  105. //*******************************************************************************************************************************************
  106. //
  107. // Status files
  108. //
  109. //*******************************************************************************************************************************************
  110. class Status {
  111.   const Invalid = 1;
  112.   const Expired = 2;
  113.   const OK = 4;
  114.   const Aborted = 8;
  115.   const Error = 16;
  116.   const Save = 32;
  117. }
  118.  
  119.  
  120. //*******************************************************************************************************************************************
  121. //
  122. // Flags
  123. //
  124. //*******************************************************************************************************************************************
  125. class Flag {
  126.   const Debug = 1;
  127.   const CookieLogin = 2;
  128.   const Registration = 4;
  129.   const PasswordRetrieval = 8;
  130.   const RequireValidation = 16;
  131.   const ImplementsEmail = 32;
  132.   const ImplementsUsername = 64;
  133.   const ManualAcctApproval = 128;
  134.   const Disabled = 256;
  135.   const NavTop = 512;
  136.   const NavLeft = 1024;
  137.   const Clipboard = 2048;
  138.   const RequireLogin = 4096;
  139.   const AllowEternalCookieLogin = 8192;
  140. }
  141.  
  142.  
  143. //*******************************************************************************************************************************************
  144. //
  145. // Base permission flags
  146. //
  147. //*******************************************************************************************************************************************
  148. class Perm {
  149.   const Read = 1;
  150.   const Add = 2;
  151.   const Edit = 4;
  152.   const Delete = 8;
  153.   const Deny = 16;
  154.   const Administrator = 32;
  155. }
  156.  
  157.  
  158. //*******************************************************************************************************************************************
  159. //
  160. // ACL
  161. //
  162. //*******************************************************************************************************************************************
  163. class ACL {
  164.   public $entries = [];
  165.  
  166.   function __construct($aclentries = []) {
  167.     foreach ($aclentries AS $aclentry) {
  168.       if (!($aclentry instanceof ACLEntry)) continue;
  169.      
  170.       $this->entries[] = $aclentry;
  171.     }
  172.   }
  173.      
  174.   function add($aclentry) {
  175.     $this->entries[] = $aclentry;
  176.   }
  177.  
  178.   function remove($obj) {
  179.     if ($obj instanceof ACLEntry) {
  180.     }
  181.    
  182.     for ($x=0; $x<count($this->entries); $x++) {
  183.       if ($this->entries[$x]->principal != $obj) continue;
  184.       unset($this->entries[$x]);
  185.       break;
  186.     }
  187.   }
  188.  
  189.   function getPermission($principal, $deny = -1) {
  190.     global $cfg;
  191.    
  192.     $primary = 0; $anon = 0; $deny = $deny == -1 ? Perm::Deny : $deny;
  193.     $principal = $principal instanceof User ? $principal->getAclPrincipal() : ($principal == null ? new ACLPrincipal(-1) : $principal);
  194.    
  195.     foreach ($this->entries AS $entry) {
  196.       if ($entry->principal instanceof ACLPrincipal) {
  197.         if ($entry->principal->id == -1) {
  198.           $anon = $entry->rights;
  199.           continue;
  200.         }
  201.         if ($entry->principal->id != $principal->id) continue;
  202.        
  203.         $primary = $entry->rights;
  204.       }
  205.     }
  206.  
  207.     return $primary & $deny ? 0 : (empty($primary) ? $anon : $primary);
  208.   }
  209.  
  210.   function zhasPermission($principal, $permission, $opts = []) {
  211.     $class = array_key_exists("class", $opts) ? $opts["class"] : "Perm";
  212.     $deny = array_key_exists("deny", $opts) ? $opts["deny"] : Perm::Deny;
  213.     $rights = $this->getPermission($principal);
  214.    
  215.   }
  216.  
  217.   function hasPermission($principal, $permission, $opts = []) {
  218.     global $cfg;
  219.  
  220.     $admin = array_key_exists("admin", $opts) ? $opts["admin"] : Perm::Administrator;
  221.     $deny = array_key_exists("deny", $opts) ? $opts["deny"] : Perm::Deny;
  222.     $rights = $this->getPermission($principal);
  223.  
  224.     if ($admin > -1 && $principal != null && $principal->hasPermission($admin)) return true;
  225.    
  226.     if (!($principal instanceof ACLRole) && $principal != null) {
  227.       $user = $principal instanceof User ? $principal : new User($principal->id);
  228.       if ($user instanceof User && count($user->roles) > 0) {
  229.         foreach ($user->roles AS $r) {
  230.           $rolerights = $this->getPermission($r);
  231.           if ($rolerights & $deny) return false;
  232.           if (isset($cfg) && array_key_exists("perm.inheritance", $cfg) && array_key_exists($permission, $cfg["perm.inheritance"])) {
  233.             foreach ($cfg["perm.inheritance"][$permission] AS $ir) {
  234.               $rolerights = getEnabledBitwise("SitePerms", [$rolerights, $ir]);
  235.             }
  236.           }
  237.           if ($admin > 0 && ($rolerights & $admin)) return true;
  238.  
  239.           $rights = $rolerights & $permission;
  240.         }
  241.       }
  242.     }
  243.    
  244.     return $rights & $deny ? false : $rights & $permission;
  245.   }
  246. }
  247.  
  248. //*******************************************************************************************************************************************
  249. //
  250. // Entry object.  Holds a principal and its permissions
  251. //
  252. //*******************************************************************************************************************************************
  253. class ACLEntry {
  254.   public $principal;
  255.   public $rights = 0;
  256.  
  257.   function __construct($principal = "", $rights = 0) {
  258.     if (empty($principal)) return;
  259.    
  260.     if (!($principal instanceof ACLPrincipal)) showError("Cannot add a non-ACL based principal to an ACLEntry!", true);
  261.     if (empty($principal->id)) showError("Attempted to add an empty principal!", true);
  262.    
  263.     $this->principal = $principal;
  264.     $this->rights = $rights;
  265.   }
  266.  
  267.   function set($principal, $rights) {
  268.     if (!($principal instanceof ACLPrincipal)) showError("Cannot add a non-ACL based principal to an ACLEntry!", true);
  269.  
  270.     $this->principal = $principal;
  271.     $this->rights = $rights;
  272.   }
  273. }
  274.  
  275.  
  276. //*******************************************************************************************************************************************
  277. //
  278. // Principal, typically a user but also the base for a role
  279. //
  280. //*******************************************************************************************************************************************
  281. class ACLPrincipal {
  282.   public $id;
  283.   public $name;
  284.  
  285.   function __construct($id = 0, $name = "") {
  286.     global $cfg;
  287.     if (empty($id)) return;
  288.    
  289.     if ($id == -1) {
  290.       $this->id = array_key_exists("anonkey", $cfg) ? $cfg["anonkey"] : "-1";
  291.       $this->name = array_key_exists("anondisp", $cfg) ? $cfg["anondisp"] : "(Anonymous)";
  292.       return;
  293.     }
  294.     if ($id == -2) {
  295.       $this->id = array_key_exists("authkey", $cfg) ? $cfg["authkey"] : "-2";
  296.       $this->name = array_key_exists("authdisp", $cfg) ? $cfg["authdisp"] : "(Authenticated User)";
  297.       return;
  298.     }
  299.    
  300.     $this->id = $id;
  301.     $this->name = $name;
  302.   }
  303.      
  304.   function set($id, $name) {
  305.     $this->id = $id;
  306.     $this->name = $name;
  307.   }
  308.  
  309.   function hasPermission($perm, $opts = []) {
  310.     global $cfg;
  311.    
  312.     $anon = array_key_exists("anonkey", $cfg) ? $cfg["anonkey"] : "-1";
  313.     $auth = array_key_exists("authkey", $cfg) ? $cfg["authkey"] : "-2";
  314.     if ($this->id == $anon || $this->id == $auth) return false;
  315.     $user = new User($this->id);
  316.     if ($user == null) return false;
  317.    
  318.     return $user->hasPermission($perm, $opts);
  319.   }
  320. }
  321.  
  322. //*******************************************************************************************************************************************
  323. //
  324. // A principal that is specifically for a group
  325. //
  326. //*******************************************************************************************************************************************
  327. class ACLRole extends ACLPrincipal {
  328.   public $rights = 0;
  329.   public $datecreated = 0;
  330.   public $createdby = 0;
  331.  
  332.   function __construct($id = "") {
  333.     if (empty($id)) return;
  334.    
  335.     if (is_numeric($id)) {
  336.       $this->id = $id;
  337.     } else {
  338.       $this->name = $id;
  339.     }
  340.     $this->populate();
  341.   }
  342.  
  343.   function set($id, $name) {
  344.     $this->id = $id;
  345.     $this->name = $name;
  346.   }
  347.  
  348.   function populate() {
  349.     global $pdo;
  350.    
  351.     if (!empty($this->id)) {
  352.       $sql = $pdo->prepare("SELECT * FROM roles WHERE rid = ?");
  353.       $sql->execute([$this->id]);
  354.     } else if (!empty($this->name)) {
  355.       $sql = $pdo->prepare("SELECT * FROM roles WHERE rolename = ?");
  356.       $sql->execute([$this->name]);
  357.     } else {
  358.       showError("Attempting to populate an invalid role!", true);
  359.     }
  360.     $row = $sql->fetch(PDO::FETCH_ASSOC);
  361.     if (!$row) return;
  362.  
  363.     $this->id = $row["rid"];      
  364.     $this->name = $row["rolename"];
  365.     $this->rights = $row["rights"];
  366.     $this->datecreated = $row["datecreated"];
  367.     $this->createdby = $row["createdby"];
  368.   }
  369.  
  370.   function flush() {
  371.     global $pdo;
  372.  
  373.     if (!isset($_SESSION["user"])) showError("Could not flush role; no valid user logged in!", true);      
  374.     if (empty($this->id)) {
  375.       $sql = $pdo->prepare("INSERT INTO roles (rolename, rights, datecreated, createdby) VALUES (?, ?, NOW(), ?)");
  376.       $sql->execute([$this->name, $this->rights, $_SESSION["user"]->id]);
  377.       $this->id = lastID($pdo, "roles");
  378.       return;
  379.     }
  380.    
  381.     $sql = $pdo->prepare("UPDATE roles SET rolename = ?, rights = ? WHERE rid = ?");
  382.     $sql->execute([$this->name, $this->rights, $this->id]);
  383.   }
  384. }
  385.  
  386.  
  387. //*******************************************************************************************************************************************
  388. //
  389. // Honestly, I can't remember why I still have this when I have the ACLRole object lol
  390. //
  391. //*******************************************************************************************************************************************
  392. class Role {
  393.   public $id = 0;
  394.   public $name = "";
  395.   public $rights = 0;
  396.   public $datecreated = 0;
  397.   public $createdby = 0;
  398.  
  399.   function __construct($id = null) {
  400.     if (empty($id)) return;
  401.    
  402.     $this->populate($id);
  403.   }
  404.  
  405.   function set($id, $name, $rights, $datecreated, $createdby) {
  406.     $this->id = $id;
  407.     $this->name = $name;
  408.     $this->rights = $rights;
  409.     $this->datecreated = $datecreated;
  410.     $this->createdby = $createdby;
  411.   }
  412.  
  413.   function getCreatedDate() {
  414.     if (empty($this->datecreated)) return "Unknown";
  415.     return date("m/d/Y @ g:i A", strtotime($this->datecreated));
  416.   }
  417.  
  418.   function getCreatedBy() {
  419.     $system = new User();
  420.     $system->id = 0;
  421.     $system->username = "System Account";
  422.  
  423.     if ($this->createdby == 0) return $system;
  424.    
  425.     $tmp = getUserObject(["uid"=>$this->createdby]);
  426.     return $tmp == null ? $system : $tmp;      
  427.   }
  428.  
  429.   function populate($id) {
  430.     global $pdo;
  431.    
  432.     if (empty($id)) return;
  433.     if (is_array($id)) {
  434.       foreach (["rid","rolename","rights","datecreated","createdby"] AS $f) {
  435.         if (!array_key_exists($f, $id)) errorMsg("Failed to populate role - missing field(s)!  ($f)");
  436.       }
  437.     } else {      
  438.       $id = getData($pdo, "roles", ["criteria"=>["rid = ?"=>$id], "onlyone"=>true]);
  439.       if (count($id) == 0) return;
  440.     }
  441.  
  442.     $this->id = $id["rid"];
  443.     $this->name = $id["rolename"];
  444.     $this->rights = $id["rights"];
  445.     $this->datecreated = strtotime($id["datecreated"]);
  446.     $this->createdby = $id["createdby"];      
  447.   }
  448.  
  449.   function flush() {
  450.     global $pdo;
  451.     if (empty($this->id)) {
  452.       if (empty($this->name)) return null;
  453.      
  454.       $sql = $pdo->prepare("INSERT INTO roles (rolename, rights, datecreated, createdby) VALUES (?, ?, NOW(), ?)");
  455.       $sql->execute([$this->name, $this->rights, isset($_SESSION["user"]) ? $_SESSION["user"]->id : 0]);
  456.       $sql = $pdo->query("SELECT LAST_INSERT_ID() AS newid FROM roles");
  457.       $row = $sql->fetch(PDO::FETCH_ASSOC);
  458.       $this->id = $row["newid"];
  459.       $_SESSION["rolecache"][$this->id] = $this;
  460.       return $this->id;
  461.     }
  462.    
  463.     $sql = $pdo->prepare("UPDATE roles SET rolename = ?, rights = ? WHERE rid = ?");
  464.     $sql->execute([$this->name, $this->rights, $this->id]);
  465.   }
  466. }
  467.  
Add Comment
Please, Sign In to add comment