User Authentication Class

You are not logged in. [Log In] ubbDev » Forums » UBB.Threads 7 Development » Addons and Modifications » User Authentication Class

Page 3 of 3

Topic Options

#317432 - 07/21/08 07:07 PM Re: User Authentication Class [Re: swebs]
Gizmo Wizard Registered: 01/10/00 Posts: 5131 Loc: Portland, OR, USA	Originally Posted By: swebs The problem is that I have a bunch of dynamic pages that call eachother. I would have to create a bunch of wrapper pages. Is there any way to create 1 file the I can include in my code to add the header and footer of the site? I did this for a client over at www.jrdrags.com actually... Let me know if it's what you're looking for and I'll throw the mockup up here... (check out the side navbar, all links go through a central location) _________________________ UBB.Dev - Where you too can render your UBB install completely useless... UGN Security, Elite Web Gamers & VNC Web Design Owner
Top

#317646 - 11/06/08 01:00 AM Re: User Authentication Class [Re: swebs]
intensity Power User Registered: 06/15/01 Posts: 56	I'm getting this weird error. Any ideas? Running php.v.5.2.6 and threads.v.7.3.1 Fatal error: Call to undefined function array_get() in xxx/forum/libs/mysql.inc.php on line 150
Top

#317647 - 11/06/08 07:02 AM Re: User Authentication Class [Re: intensity]
Gizmo Wizard Registered: 01/10/00 Posts: 5131 Loc: Portland, OR, USA	i don't think its compatible with 7.3 or newer _________________________ UBB.Dev - Where you too can render your UBB install completely useless... UGN Security, Elite Web Gamers & VNC Web Design Owner
Top

#317648 - 11/06/08 10:58 AM Re: User Authentication Class [Re: Gizmo]
intensity Power User Registered: 06/15/01 Posts: 56	I wasn't sure when Blaaskaak said he has it working if he meant unmodified or if he had to modify it. Nonetheless the error is a bit weird. Any help getting this working for me would be hugely appreciated.
Top

#317657 - 11/08/08 04:59 AM Re: User Authentication Class [Re: intensity]
blaaskaak Enthusiast Registered: 02/25/07 Posts: 303 Loc: The Netherlands	Will post my updated version tomorrow. Do mind that it does not support the new 7.3 permission matrix. _________________________
Top

#317658 - 11/09/08 04:04 AM

Re: User Authentication Class [Re: blaaskaak]

blaaskaak Offline

Enthusiast

Registered: 02/25/07
Posts: 303
Loc: The Netherlands

Php Code:



<?php
require('/home/themeparknl/html/themepark.nl/ubb/libs/smarty/Smarty.class.php');
$smarty = new Smarty();

$smarty->template_dir = 'templates/default';
$smarty->compile_dir = 'templates/compile';

require_once( "/home/themeparknl/html/themepark.nl/ubb/includes/config.inc.php" );
require_once( "/home/themeparknl/html/themepark.nl/ubb/libs/mysql.inc.php" );
require_once( "/home/themeparknl/html/themepark.nl/ubb/libs/html.inc.php");
require_once( "/home/themeparknl/html/themepark.nl/ubb/libs/ubbthreads.inc.php" );

$dbh = new sql;
$dbh->connect();

class admin {
	function error( $x ) {
		echo 'SQL error';
		die;
	}
}

//function getmicrotime(){
//	list( $usec, $sec ) = explode( " ", microtime() );
//	return ( (float) $usec + (float) $sec );
//}

//function find_environmental( $x ) {
//	return isset( $_SERVER[$x] ) ? $_SERVER[$x] : "";
//}

class UserAuth {
	var $fields;
	var $is_logged_in;
	var $permissions;
	var $is_banned;
	var $groups;

	function UserAuth() {
		global $config, $dbh;

		// First, the stupid stuff we do in every constructor
		$this->fields = array();
		$this->is_logged_in = false;
		$this->permissions = "";
		$this->is_banned = false;
		$this->groups = array();

		// Now, the real meat
		$id = $this->fetch_cookie( "ubbt_myid" );
		$pass = $this->fetch_cookie( "ubbt_pass" );

		if( $id == 0 ) {
			$this->is_logged_in = false;
			$this->fields = array(
				'USER_ID' => 1,
				'USER_DISPLAY_NAME' => "Anonymous",
			);
			$this->get_permissions();
			return;
		}

		$query = "
			SELECT	t1.USER_ID, t1.USER_DISPLAY_NAME, t1.USER_PASSWORD, t1.USER_MEMBERSHIP_LEVEL, t1.USER_IS_BANNED,
				t2.*
			FROM	{$config['TABLE_PREFIX']}USERS as t1,
				{$config['TABLE_PREFIX']}USER_PROFILE as t2
			WHERE	t1.USER_ID = t2.USER_ID AND t1.USER_ID = ?
		";

		$sth = $dbh->do_placeholder_query( $query, array( $id ), __LINE__, __FILE__ );
		$temp = $dbh->fetch_array( $sth );

		foreach( $temp as $k => $v ) {
			if( is_numeric( $k ) ) {
				unset( $temp[$k] );
			}
		}

		$this->fields =& $temp;
		
		$this->get_permissions();


		$key = $this->fetch_cookie( "ubbt_key" );
		$session = $this->fetch_cookie( "ubbt_mysess" );

		if( $this->fields['USER_SESSION_ID'] == $session ) {
			$this->is_logged_in = true;
			$this->check_ban();
			return;
		}

		if( $key == md5( $this->fields['USER_ID'] . $this->fields['USER_PASSWORD'] ) ) {
			srand( (double) ( microtime() * 1000000 ) );

			$new_session_id = md5( rand( 0, 32767 ) );

			$now = time() + ( $config['SERVER_TIME_OFFSET'] * 3600 );

			$query = "
				UPDATE	{$config['TABLE_PREFIX']}USERS
				SET	USER_SESSION_ID = ?
				WHERE	USER_ID = ?
			";

			$dbh->do_placeholder_query( $query, array( $new_session_id, $this->fields['USER_ID'] ), __LINE__, __FILE__ );

			$this->set_cookie( "ubbt_mysess", $new_session_id );
			$this->is_logged_in = true;

			$query = "
				UPDATE	{$config['TABLE_PREFIX']}USER_DATA
				SET	USER_LAST_VISIT_TIME = ?
				WHERE	USER_ID = ?
			";

			$dbh->do_placeholder_query( $query, array( $now, $this->fields['USER_ID'] ), __LINE__, __FILE__ );
			$this->check_ban();
			return;
		}
	}

	function check_ban() {
		// This will be especially long, since I refuse to require
		// an html object, since that makes this class pointless.
		global $config, $dbh;

		// First, is his status actually set to banned?
		if( $this->fields['USER_IS_BANNED'] ) {
			// This user was specifically banned, so find out for how long
			require_once( "/home/themeparknl/html/themepark.nl/ubb/libs/triggers.inc.php" );
			$free = trigger_ban_expiration();

			if( ! isset( $free[ $this->fields['USER_ID'] ] ) ) {
				$this->is_banned = true;
			}
		}

		$ip = $_SERVER['REMOTE_ADDR'];

		$query = "
			SELECT	COUNT( BANNED_HOST )
			FROM	{$config['TABLE_PREFIX']}BANNED_HOSTS
			WHERE	? LIKE BANNED_HOST
		";

		$sth = $dbh->do_placeholder_query( $query, array( $ip ), __LINE__, __FILE__ );
		list( $banned ) = $dbh->fetch_array( $sth );

		if( $banned ) {
			$this->is_banned = true;
		}
	}



	function fetch_cookie( $name ) {
		global $config;

		$k = $config['COOKIE_PREFIX'] . $name;

		return isset( $_COOKIE[$k] ) ? $_COOKIE[$k] : "";
	}

	function set_cookie( $name, $value ) {
		global $config;

		$name = $config['COOKIE_PREFIX'] . $name;
		$path = ( $config['COOKIE_PATH'] ? $config['COOKIE_PATH'] : ( $config['SEARCH_FRIENDLY_URLS'] ? "/" : "" ) );

		setcookie( $name, $value, 0, $path );

		if( $value ) {
			$_SESSION[$name] = $value;
		} else {
			unset( $_SESSION[$name] );
		}
	}

	function in_group( $id ) {
		return in_array( $id, $this->groups );
	}

	function build_permissions() {
		global $config, $dbh;

		if( is_array( $this->permissions ) ) {
			return true;
		}

		$this->permissions = array();

		$query = "
			SELECT	GROUP_ID
			FROM	{$config['TABLE_PREFIX']}USER_GROUPS
			WHERE	USER_ID = ?
		";
		
		$sth = $dbh->do_placeholder_query( $query, array( $this->fields['USER_ID'] ), __LINE__, __FILE__ );
		
		$groups = array();
		while( $x = $dbh->fetch_array( $sth ) ) {
			$groups[] = $x[0];
		}
		
		if( count( $groups ) == 0 ) {
			$groups[] = "4";
		}

		$this->groups = $groups;
		
		$query = "
			SELECT	*
			FROM	{$config['TABLE_PREFIX']}FORUM_PERMISSIONS
			WHERE	GROUP_ID in ( ? )
		";
		
		$sth = $dbh->do_placeholder_query( $query, array( $groups ), __LINE__, __FILE__ );
		
		while( $result = $dbh->fetch_array( $sth ) ) {
			if( ! $this->check_access( $result['FORUM_ID'], "read" ) ) {
				$this->set_access( $result['FORUM_ID'], "read", $result['FORUM_PERMISSION_CAN_READ'] );
			}
			
			if( ! $this->check_access( $result['FORUM_ID'], "topic" ) ) {
				$this->set_access( $result['FORUM_ID'], "topic", $result['FORUM_PERMISSION_CAN_CREATE_TOPIC'] );
			}
			
			if( ! $this->check_access( $result['FORUM_ID'], "reply" ) ) {
				$this->set_access( $result['FORUM_ID'], "reply", $result['FORUM_PERMISSION_CAN_CREATE_REPLY'] );
			}
		}
		
		$now = time();
		$cutoff = $now - ( 3600 * 4 );
		
		$query = "
			DELETE FROM	{$config['TABLE_PREFIX']}CACHED_PERMISSIONS
			WHERE		CACHED_TIMESTAMP < ?
		";
		
		$dbh->do_placeholder_query( $query, array( $cutoff ), __LINE__, __FILE__ );
		
		$query = "
			REPLACE INTO	{$config['TABLE_PREFIX']}CACHED_PERMISSIONS
					( USER_ID, CACHED_PERMISSION_DATA, CACHED_TIMESTAMP )
			VALUES		( ?, ?, ? )
		";
		
//		$dbh->do_placeholder_query( $query, array( $this->fields['USER_ID'], serialize( $this->permissions ), $now ), __LINE__, __FILE__ );
	}

	function get_permissions() {
		global $config, $dbh;

		// First, check to see if we have permissions cached
		$query = "
			SELECT CACHED_PERMISSION_DATA
			FROM {$config['TABLE_PREFIX']}CACHED_PERMISSIONS
			WHERE USER_ID = ?
		";

//		$sth = $dbh->do_placeholder_query( $query, array( $this->user_id ), __LINE__, __FILE__ );
		list( $data ) = $dbh->fetch_array( $sth );

		//if( ! $data ) {
			$this->build_permissions();
			return true;
//		}

		$this->permissions = unserialize( $data );
		return is_array( $this->permissions );
	}

	function check_access( $id, $type ) {
		return isset( $this->permissions[$id][$type] ) && $this->permissions[$id][$type] == 1;
	}
	
	function set_access( $id, $type, $val ) {
		if( ! isset( $this->permissions[$id] ) ) {
			$this->permissions[$id] = array();
		}
		
		$this->permissions[$id][$type] = $val;	
	}
}
?>

I am dropping this in as-is on my site. You'd need to adjust the include paths for your site.

Lots of stuff that game me errors just got commented out, I never did a cleanup and as I said, reading out forum permissions does not work anymore.

_________________________

Top

#317659 - 11/10/08 10:10 PM Re: User Authentication Class [Re: blaaskaak]
intensity Power User Registered: 06/15/01 Posts: 56	Sweet! It works! Thanks Yarp!
Top

Page 3 of 3

Previous Topic

Index

Next Topic

Hop to:

Moderator: sirdude