Namespaces

Classes

1: <?php
2: namespace Opencart\System\Library\Cart;
3: /**
4: * Class User
5: *
6: * @package Opencart\System\Library\Cart
7: */
8: class User {
9: /**
10: * @var object
11: */
12: private object $db;
13: /**
14: * @var object
15: */
16: private object $request;
17: /**
18: * @var object
19: */
20: private object $session;
21: /**
22: * @var int
23: */
24: private int $user_id = 0;
25: /**
26: * @var string
27: */
28: private string $username = '';
29: /**
30: * @var string
31: */
32: private string $firstname = '';
33: /**
34: * @var string
35: */
36: private string $lastname = '';
37: /**
38: * @var string
39: */
40: private string $email = '';
41: /**
42: * @var int
43: */
44: private int $user_group_id = 0;
45: /**
46: * @var array<string, array<int, string>>
47: */
48: private array $permission = [];
49:
50: /**
51: * Constructor
52: *
53: * @param \Opencart\System\Engine\Registry $registry
54: */
55: public function __construct(\Opencart\System\Engine\Registry $registry) {
56: $this->db = $registry->get('db');
57: $this->request = $registry->get('request');
58: $this->session = $registry->get('session');
59:
60: if (isset($this->session->data['user_id'])) {
61: $user_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user` WHERE `user_id` = '" . (int)$this->session->data['user_id'] . "' AND `status` = '1'");
62:
63: if ($user_query->num_rows) {
64: $this->user_id = $user_query->row['user_id'];
65: $this->username = $user_query->row['username'];
66: $this->firstname = $user_query->row['firstname'];
67: $this->lastname = $user_query->row['lastname'];
68: $this->email = $user_query->row['email'];
69: $this->user_group_id = $user_query->row['user_group_id'];
70:
71: $this->db->query("UPDATE `" . DB_PREFIX . "user` SET `ip` = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "' WHERE `user_id` = '" . (int)$this->session->data['user_id'] . "'");
72:
73: $user_group_query = $this->db->query("SELECT `permission` FROM `" . DB_PREFIX . "user_group` WHERE `user_group_id` = '" . (int)$user_query->row['user_group_id'] . "'");
74:
75: $permissions = json_decode($user_group_query->row['permission'], true);
76:
77: if (is_array($permissions)) {
78: foreach ($permissions as $key => $value) {
79: $this->permission[$key] = $value;
80: }
81: }
82: } else {
83: $this->logout();
84: }
85: }
86: }
87:
88: /**
89: * Login
90: *
91: * @param string $username
92: * @param string $password
93: *
94: * @return bool
95: */
96: public function login(string $username, string $password): bool {
97: $user_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user` WHERE `username` = '" . $this->db->escape($username) . "' AND `status` = '1'");
98:
99: if ($user_query->num_rows) {
100: if (password_verify($password, $user_query->row['password'])) {
101: $rehash = password_needs_rehash($user_query->row['password'], PASSWORD_DEFAULT);
102: } elseif (isset($user_query->row['salt']) && $user_query->row['password'] == sha1($user_query->row['salt'] . sha1($user_query->row['salt'] . sha1($password)))) {
103: $rehash = true;
104: } elseif ($user_query->row['password'] == md5($password)) {
105: $rehash = true;
106: } else {
107: return false;
108: }
109:
110: if ($rehash) {
111: $this->db->query("UPDATE `" . DB_PREFIX . "user` SET `password` = '" . $this->db->escape(password_hash($password, PASSWORD_DEFAULT)) . "' WHERE `user_id` = '" . (int)$user_query->row['user_id'] . "'");
112: }
113:
114: $this->session->data['user_id'] = $user_query->row['user_id'];
115:
116: $this->user_id = $user_query->row['user_id'];
117: $this->username = $user_query->row['username'];
118: $this->firstname = $user_query->row['firstname'];
119: $this->lastname = $user_query->row['lastname'];
120: $this->email = $user_query->row['email'];
121: $this->user_group_id = $user_query->row['user_group_id'];
122:
123: $user_group_query = $this->db->query("SELECT `permission` FROM `" . DB_PREFIX . "user_group` WHERE `user_group_id` = '" . (int)$user_query->row['user_group_id'] . "'");
124:
125: $permissions = json_decode($user_group_query->row['permission'], true);
126:
127: if (is_array($permissions)) {
128: foreach ($permissions as $key => $value) {
129: $this->permission[$key] = $value;
130: }
131: }
132:
133: return true;
134: } else {
135: return false;
136: }
137: }
138:
139: /**
140: * Logout
141: *
142: * @return void
143: */
144: public function logout(): void {
145: unset($this->session->data['user_id']);
146:
147: $this->user_id = 0;
148: $this->username = '';
149: $this->firstname = '';
150: $this->lastname = '';
151: $this->email = '';
152: $this->user_group_id = 0;
153: }
154:
155: /**
156: * hasPermission
157: *
158: * @param string $key
159: * @param string $value
160: *
161: * @return bool
162: */
163: public function hasPermission(string $key, string $value): bool {
164: if (isset($this->permission[$key])) {
165: return in_array($value, $this->permission[$key]);
166: } else {
167: return false;
168: }
169: }
170:
171: /**
172: * isLogged
173: *
174: * @return bool
175: */
176: public function isLogged(): bool {
177: return $this->user_id ? true : false;
178: }
179:
180: /**
181: * getId
182: *
183: * @return int
184: */
185: public function getId(): int {
186: return $this->user_id;
187: }
188:
189: /**
190: * getUserName
191: *
192: * @return string
193: */
194: public function getUserName(): string {
195: return $this->username;
196: }
197:
198: /**
199: * getFirstName
200: *
201: * @return string
202: */
203: public function getFirstName(): string {
204: return $this->firstname;
205: }
206:
207: /**
208: * getLastName
209: *
210: * @return string
211: */
212: public function getLastName(): string {
213: return $this->lastname;
214: }
215:
216: /**
217: * getEmail
218: *
219: * @return string
220: */
221: public function getEmail(): string {
222: return $this->email;
223: }
224:
225: /**
226: * getGroupId
227: *
228: * @return int
229: */
230: public function getGroupId(): int {
231: return $this->user_group_id;
232: }
233: }
234:
OpenCart API API documentation generated by ApiGen dev-master