2021-07-17 18:17:29 -04:00
|
|
|
<?php
|
2021-07-26 17:42:43 -04:00
|
|
|
|
2021-07-17 18:17:29 -04:00
|
|
|
class User {
|
2021-07-20 12:15:41 -04:00
|
|
|
public const REMEMBER_TOKEN_COOKIE = '_ponepaste_token';
|
|
|
|
|
|
2021-07-17 18:17:29 -04:00
|
|
|
public int $user_id;
|
|
|
|
|
public string $username;
|
|
|
|
|
|
|
|
|
|
private function __construct(array $row) {
|
2021-07-24 14:45:46 -04:00
|
|
|
$this->user_id = intval($row['id']);
|
2021-07-17 18:17:29 -04:00
|
|
|
$this->username = $row['username'];
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-24 15:12:19 -04:00
|
|
|
public function destroySession(DatabaseHandle $conn, string $token) {
|
|
|
|
|
$conn->query('DELETE FROM user_sessions WHERE user_id = ? AND token = ?', [$this->user_id, $token]);
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-26 17:42:43 -04:00
|
|
|
public static function findByUsername(DatabaseHandle $conn, string $username) : User|null {
|
2021-07-19 18:38:13 -04:00
|
|
|
$query = $conn->query('SELECT id, username FROM users WHERE username = ?', [$username]);
|
|
|
|
|
$row = $query->fetch();
|
|
|
|
|
|
|
|
|
|
return empty($row) ? null : new User($row);
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-26 17:42:43 -04:00
|
|
|
public static function current(DatabaseHandle $conn) : User|null {
|
2021-07-17 18:17:29 -04:00
|
|
|
$session_user = User::createFromPhpSession($conn);
|
|
|
|
|
|
|
|
|
|
if ($session_user !== null) {
|
|
|
|
|
return $session_user;
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-20 12:15:41 -04:00
|
|
|
if (!empty($_COOKIE[self::REMEMBER_TOKEN_COOKIE]) &&
|
|
|
|
|
($token_user = User::createFromRememberToken($conn, $_COOKIE[self::REMEMBER_TOKEN_COOKIE]))) {
|
2021-07-17 18:17:29 -04:00
|
|
|
$_SESSION['user_id'] = $token_user->user_id;
|
|
|
|
|
return $token_user;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-26 17:42:43 -04:00
|
|
|
public static function createFromRememberToken(DatabaseHandle $conn, string $remember_token) : User|null {
|
2021-07-17 18:17:29 -04:00
|
|
|
$result = $conn->query(
|
2021-07-24 15:12:19 -04:00
|
|
|
'SELECT users.id AS id, users.username AS username, users.banned AS banned, user_sessions.id AS session_id, user_sessions.expire_at AS session_expiry
|
2021-07-17 18:17:29 -04:00
|
|
|
FROM user_sessions
|
|
|
|
|
INNER JOIN users ON users.id = user_sessions.user_id
|
|
|
|
|
WHERE user_sessions.token = ?', [$remember_token]
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if ($row = $result->fetch()) {
|
2021-07-24 15:12:19 -04:00
|
|
|
$session_expiry = new DateTime($row['session_expiry']);
|
|
|
|
|
$now = new DateTime();
|
|
|
|
|
|
|
|
|
|
/* Session is expired (diff is negative) */
|
|
|
|
|
if ($now->diff($session_expiry)->invert === 1) {
|
|
|
|
|
$conn->query('DELETE FROM user_sessions WHERE id = ?', [$row['session_id']]);
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-17 18:17:29 -04:00
|
|
|
return new User($row);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-26 17:42:43 -04:00
|
|
|
public static function createFromPhpSession(DatabaseHandle $conn) : User|null {
|
2021-07-17 18:17:29 -04:00
|
|
|
if (empty($_SESSION['user_id'])) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$user_id = intval($_SESSION['user_id']);
|
|
|
|
|
|
2021-07-19 18:38:13 -04:00
|
|
|
$row = $conn->query('SELECT id, username, banned FROM users WHERE id = ?', [$user_id])->fetch();
|
2021-07-17 18:17:29 -04:00
|
|
|
|
|
|
|
|
return $row ? new User($row) : null;
|
|
|
|
|
}
|
|
|
|
|
}
|
