username = ''; } function jakChecklogged() { /* Check if user has been remembered */ if (isset($_COOKIE['jak_lcp_cookname']) && isset($_COOKIE['jak_lcp_cookid'])) { $_SESSION['jak_lcp_username'] = $_COOKIE['jak_lcp_cookname']; $_SESSION['jak_lcp_idhash'] = $_COOKIE['jak_lcp_cookid']; } /* Username and idhash have been set */ if (isset($_SESSION['jak_lcp_username']) && isset($_SESSION['jak_lcp_idhash']) && $_SESSION['jak_lcp_username'] != $this->username) { /* Confirm that username and userid are valid */ if (!JAK_userlogin::jakConfirmidhash($_SESSION['jak_lcp_username'], $_SESSION['jak_lcp_idhash'])) { /* Variables are incorrect, user not logged in */ unset($_SESSION['jak_lcp_username']); unset($_SESSION['jak_lcp_idhash']); return false; } // Return the user data return JAK_userlogin::jakUserinfo($_SESSION['jak_lcp_username']); /* User not logged in */ } else { return false; } } function jakCheckrestlogged($userid, $hash) { /* UserID and Hash have been set */ global $jakdb; $datauinfo = $jakdb->get("user", "*", ["AND" => ["id" => $userid, "idhash" => $hash]]); if (isset($datauinfo) && !empty($datauinfo)) { // Return the user data return $datauinfo; /* User not logged in */ } else { return false; } } public static function jakCheckuserdata($username, $pass) { // The new password encrypt with hash_hmac $passcrypt = hash_hmac('sha256', $pass, DB_PASS_HASH); if (!filter_var($username, FILTER_VALIDATE_EMAIL)) { if (!preg_match('/^([a-zA-Z0-9\-_])+$/', $username)) { return false; } } global $jakdb; $datausr = $jakdb->get("user", ["id", "username"], ["AND" => ["OR" => ["username" => strtolower($username), "email" => strtolower($username)], "password" => $passcrypt, "access" => 1]]); if ($datausr) { return $datausr; } else { return false; } } public static function jakLogin($name, $pass, $remember) { // The new password encrypt with hash_hmac $passcrypt = hash_hmac('sha256', $pass, DB_PASS_HASH); global $jakdb; // Get the stuff out the database $datausr = $jakdb->get("user", ["idhash", "logins"], ["AND" => ["username" => $name, "password" => $passcrypt]]); if ($datausr['logins'] % 10 == 0) { // Generate new idhash $nidhash = JAK_userlogin::generateRandID(); } else { if (isset($datausr['idhash']) && !empty($datausr['idhash']) && $datausr['idhash'] != "NULL") { // Take old idhash $nidhash = $datausr['idhash']; } else { // Generate new idhash $nidhash = JAK_userlogin::generateRandID(); } } // Set session in database $jakdb->update("user", ["session" => session_id(), "idhash" => $nidhash, "logins[+]" => 1, "available" => 1, "forgot" => 0, "lastactivity" => time()], ["AND" => ["username" => $name, "password" => $passcrypt]]); $_SESSION['jak_lcp_username'] = $name; $_SESSION['jak_lcp_idhash'] = $nidhash; // Check if cookies are set previous (wrongly) and delete if (isset($_COOKIE['jak_lcp_cookname']) || isset($_COOKIE['jak_lcp_cookid'])) { JAK_base::jakCookie('jak_lcp_cookname', $name, JAK_COOKIE_TIME, JAK_COOKIE_PATH); JAK_base::jakCookie('jak_lcp_cookid', $nidhash, JAK_COOKIE_TIME, JAK_COOKIE_PATH); } // Now check if remember is selected and set cookies new... if ($remember) { JAK_base::jakCookie('jak_lcp_cookname', $name, JAK_COOKIE_TIME, JAK_COOKIE_PATH); JAK_base::jakCookie('jak_lcp_cookid', $nidhash, JAK_COOKIE_TIME, JAK_COOKIE_PATH); } } public static function jakrestLogin($name, $pass) { // The new password encrypt with hash_hmac $passcrypt = hash_hmac('sha256', $pass, DB_PASS_HASH); global $jakdb; // Get the stuff out the database $datausr = $jakdb->get("user",["idhash", "logins"], ["AND" => ["username" => $name, "password" => $passcrypt]]); if ($datausr['logins'] % 10 == 0) { // Generate new idhash $nidhash = JAK_userlogin::generateRandID(); } else { if (isset($datausr['idhash']) && !empty($datausr['idhash']) && $datausr['idhash'] != "NULL") { // Take old idhash $nidhash = $datausr['idhash']; } else { // Generate new idhash $nidhash = JAK_userlogin::generateRandID(); } } // Set session in database $jakdb->update("user", ["session" => session_id(), "idhash" => $nidhash, "logins[+]" => 1, "available" => 1, "forgot" => 0, "lastactivity" => time()], ["AND" => ["username" => $name, "password" => $passcrypt]]); // Return the user data return JAK_userlogin::jakUserinfo($name); } public static function jakWriteDeviceToken($userid, $opid, $device, $token, $appname, $appversion) { // Check the data before we run any queries $allowed_device_types = ['ios', 'android']; if (in_array($device, $allowed_device_types) === false) { return false; } if ((strlen(trim($token)) === 0) || (strlen(trim($token)) > 250)) { return false; } $allowed_app_versions = ['LC3', 'HD3']; if (in_array($appname, $allowed_app_versions) === false) { $appname = 'LC3'; } // trim token $token = trim($token); global $jakdb; // Get the info out the database $pushid = $jakdb->get("push_notification_devices", "id", ["token" => $token]); if (isset($pushid) && !empty($pushid)) { $jakdb->update("push_notification_devices", ["lastedit" => $jakdb->raw("NOW()")], ["id" => $pushid]); } else { // We have no entry at all $jakdb->insert("push_notification_devices", ["userid" => $userid, "opid" => $opid, "ostype" => $device, "token" => $token, "appname" => $appname, "appversion" => $appversion, "lastedit" => $jakdb->raw("NOW()"), "created" => $jakdb->raw("NOW()")]); } // Remove old entries older than 4 weeks $deleteold = strtotime("-4 weeks"); $deleteoldmysql = date('Y-m-d H:i:s', $deleteold); $jakdb->delete("push_notification_devices", ["lastedit[<]" => $deleteoldmysql]); return true; } public static function jakConfirmidhash($username, $idhash) { global $jakdb; if (isset($username) && !empty($username)) { $datausr = $jakdb->get("user","idhash",["AND" => ["username" => $username, "access" => 1]]); if ($datausr) { $datausr = stripslashes($datausr); $idhash = stripslashes($idhash); /* Validate that userid is correct */ if(!is_null($datausr) && $idhash == $datausr) { return true; //Success! Username and idhash confirmed } } } return false; } public static function jakUserinfo($username) { global $jakdb; $datauinfo = $jakdb->get("user", "*", ["AND" => ["username" => $username, "access" => 1]]); if ($datauinfo) { return $datauinfo; } else { return false; } } public static function jakUpdatelastactivity($userid) { global $jakdb; if (is_numeric($userid)) $jakdb->update("user", ["lastactivity" => time()], ["id" => $userid]); } public static function jakForgotpassword($email, $time) { global $jakdb; if ($jakdb->has("user", ["AND" => ["email" => $email, "access" => 1]])) { if ($time != 0) $jakdb->update("user", ["forgot" => $time], ["email" => $email]); return true; } else { return false; } } public static function jakForgotactive($forgotid) { global $jakdb; if ($jakdb->has("user", ["AND" => ["forgot" => $forgotid, "access" => 1]])) { return true; } else return false; } public static function jakForgotcheckuser($email, $forgotid) { global $jakdb; if ($jakdb->has("user", ["AND" => ["email" => $email, "forgot" => $forgotid, "access" => 1]])) { return true; } else return false; } public static function jakWriteloginlog($username, $url, $ip, $agent, $success) { global $jakdb; if ($success == 1) { $jakdb->update("loginlog", ["access" => 1], ["AND" => ["ip" => $ip, "time" => $jakdb->raw("NOW()")]]); } else { $jakdb->insert("loginlog", ["name" => $username, "fromwhere" => $url, "usragent" => $agent, "ip" => $ip, "time" => $jakdb->raw("NOW()"), "access" => 0]); } } public static function jakLogout($userid) { global $jakdb; // Delete cookies from this page JAK_base::jakCookie('jak_lcp_cookname', '', -JAK_COOKIE_TIME, JAK_COOKIE_PATH); JAK_base::jakCookie('jak_lcp_cookid', '', - JAK_COOKIE_TIME, JAK_COOKIE_PATH); // Update Database to session NULL $jakdb->update("user", ["session" => $jakdb->raw("NULL"), "idhash" => $jakdb->raw("NULL"), "available" => 0], ["id" => $userid]); // Unset the main sessions unset($_SESSION['jak_lcp_username']); unset($_SESSION['jak_lcp_idhash']); unset($_SESSION['jak_lcp_lang']); // Destroy session and generate new one for that user session_destroy(); // Start new session session_start(); session_regenerate_id(); } public static function jakLogoutRest($userid) { global $jakdb; // Update Database to session NULL $jakdb->update("user", ["session" => $jakdb->raw("NULL"), "idhash" => $jakdb->raw("NULL"), "available" => 0], ["id" => $userid]); } public static function generateRandStr($length) { $randstr = ""; for($i=0; $i<$length; $i++){ $randnum = mt_rand(0,61); if($randnum < 10){ $randstr .= chr($randnum+48); }else if($randnum < 36){ $randstr .= chr($randnum+55); }else{ $randstr .= chr($randnum+61); } } return $randstr; } private static function generateRandID() { return md5(JAK_userlogin::generateRandStr(16)); } } ?>