yolinlin/aowow
1
0
Fork 0
mirror of https://github.com/Sarjuuk/aowow.git synced 2025-11-29 15:58:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Template/Endpoints (Prep)

Browse Source 
* modernize DB-Types
   - long term: should be split in class that describes the DB-Type and container class that handles multiples
 * make unchanging filter props static, allow lookup of criteria indizes through filter
 * move username/mail/password checks to util and make them usable as input filter
This commit is contained in:
Sarjuuk
2025-08-06 20:47:20 +02:00
parent 8cf0b6243d
commit aeb84327d6
47 changed files with 1163 additions and 1082 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
includes/user.class.php
View File

@@ -120,11 +120,14 @@ class User
// self::$debug = $userData['debug']; // TBD
self::$email = $userData['email'];
$conditions = [['OR', ['user', self::$id], ['ap.accountId', self::$id]]];
if (!self::isInGroup(U_GROUP_ADMIN | U_GROUP_BUREAU))
$conditions[] = [['cuFlags', PROFILER_CU_DELETED, '&'], 0];
if (Cfg::get('PROFILER_ENABLE'))
{
$conditions = [['OR', ['user', self::$id], ['ap.accountId', self::$id]]];
if (!self::isInGroup(U_GROUP_ADMIN | U_GROUP_BUREAU))
$conditions[] = [['cuFlags', PROFILER_CU_DELETED, '&'], 0];
self::$profiles = (new LocalProfileList($conditions));
self::$profiles = (new LocalProfileList($conditions));
}
// stuff, that updates on a daily basis goes here (if you keep you session alive indefinitly, the signin-handler doesn't do very much)
@@ -403,45 +406,6 @@ class User
return ($verifier === str_pad(gmp_export($v, 1, GMP_LSW_FIRST), 32, chr(0), STR_PAD_RIGHT));
}
public static function isValidName(string $name, int &$errCode = 0) : bool
{
$errCode = 0;
// different auth modes require different usernames
$min = 0; // external case
$max = 0;
if (Cfg::get('ACC_AUTH_MODE') == AUTH_MODE_SELF)
{
$min = 4;
$max = 16;
}
else if (Cfg::get('ACC_AUTH_MODE') == AUTH_MODE_REALM)
{
$min = 3;
$max = 32;
}
if (($min && mb_strlen($name) < $min) || ($max && mb_strlen($name) > $max))
$errCode = 1;
else if (preg_match('/[^\w\d\-]/i', $name))
$errCode = 2;
return $errCode == 0;
}
public static function isValidPass(string $pass, ?int &$errCode = 0) : bool
{
$errCode = 0;
// only enforce for own passwords
if (mb_strlen($pass) < 6 && Cfg::get('ACC_AUTH_MODE') == AUTH_MODE_SELF)
$errCode = 1;
// else if (preg_match('/[^\w\d!"#\$%]/', $pass)) // such things exist..? :o
// $errCode = 2;
return $errCode == 0;
}
/*********************/
/* access management */
@@ -663,6 +627,9 @@ class User
if (!self::isLoggedIn() || self::isBanned())
return $result;
if (!Cfg::get('PROFILER_ENABLE'))
return $result;
$modes = [1 => 'excludes', 2 => 'includes'];
foreach ($modes as $mode => $field)
if ($ex = DB::Aowow()->selectCol('SELECT `type` AS ARRAY_KEY, `typeId` AS ARRAY_KEY2, `typeId` FROM ?_account_excludes WHERE `mode` = ?d AND `userId` = ?d', $mode, self::$id))