KingOfDog.de/old
Archived
1
0
Fork 0
Code Releases Activity

Changes of the last few months including restructuring system from using only ranks to permissions

Browse Source
This commit is contained in:
Marcel
2018-12-26 18:19:28 +01:00
parent 72f3434803
commit 1a1ac17ecf
38 changed files with 845 additions and 361 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
application/models/EmailModel.php
View File

@@ -17,7 +17,7 @@
$config['mailtype'] = 'html';
$this->email->initialize($config);
$this->email->from('no-reply@kingofdog.eu', 'KingOfDog');
$this->email->from('no-reply@kingofdog.eu', 'KingOfDog.eu');
$this->email->to($recipient);
$this->email->subject($subject);

32
application/models/FileModel.php
View File

@@ -17,18 +17,22 @@ class FileModel extends CI_Model
public function uploadFile($original_name, $tmpname, $size, $type, $userContent = true)
{
$target_dir = "files" . DIRECTORY_SEPARATOR . ($userContent ? 'userContent' . DIRECTORY_SEPARATOR : '');
$target_dir = 'files' . DIRECTORY_SEPARATOR . ($userContent ? 'userContent' . DIRECTORY_SEPARATOR : '');
$filetype = pathinfo(basename($original_name), PATHINFO_EXTENSION);
$target_file = $target_dir . $this->generateName() . '.' . $filetype;
$name = explode('.' . $filetype, explode(DIRECTORY_SEPARATOR, $target_file)[1])[0];
$name = $this->generateName();
$target_file = $target_dir . $name . '.' . $filetype;
if (!move_uploaded_file($tmpname, $target_file)) {
die('File couldn\'t be uploaded!');
}
$target_file = str_replace('\\', '/', $target_file);
$this->db->query('INSERT INTO files (name, original_name, type, size, path, isUserData) VALUES (?, ?, ?, ?, ?, ?)', [$name, $original_name, $type, $size, $target_file, $userContent]);
echo shell_exec(escapeshellcmd('python /var/www/codeigniter/duplicates.py'));
$this->db->cache_delete('admin', 'files');
echo shell_exec('python /var/www/codeigniter/duplicates.py');
return "/f/" . $name;
}
@@ -58,7 +62,9 @@ class FileModel extends CI_Model
$this->db->query('INSERT INTO files (name, original_name, type, size, path, isUserData) VALUES (?, ?, ?, ?, ?, ?)', [$data['raw_name'], $originalname, $data['file_type'], $data['file_size'] * 1024, $this->getPath($data['file_name'], $userContent), $userContent]);
echo shell_exec(escapeshellcmd('python /var/www/codeigniter/duplicates.py'));
$this->db->cache_delete('admin', 'files');
echo shell_exec('python /var/www/codeigniter/duplicates.py');
return '/f/' . $data['raw_name'];
}
@@ -113,25 +119,31 @@ class FileModel extends CI_Model
$this->db->query('INSERT INTO files (name, original_name, type, size, path, isUserData) VALUES (?, ?, ?, ?, ?, ?)', [$data['raw_name'], $originalname, $data['file_type'], $data['file_size'] * 1024, $this->getPath($data['file_name'], $userContent), $userContent]);
echo shell_exec(escapeshellcmd('python /var/www/codeigniter/duplicates.py'));
$this->db->cache_delete('admin', 'files');
echo shell_exec('python /var/www/codeigniter/duplicates.py');
return '/f/' . $data['raw_name'];
}
}
public function uploadFileByContent($content, $original_name, $fullType, $fileSize, $userContent = true) {
$target_dir = "files" . DIRECTORY_SEPARATOR . ($userContent ? 'userContent' . DIRECTORY_SEPARATOR : '');
$target_dir = 'files' . DIRECTORY_SEPARATOR . ($userContent ? 'userContent' . DIRECTORY_SEPARATOR : '');
$filetype = pathinfo(basename($original_name), PATHINFO_EXTENSION);
$target_file = $target_dir . $this->generateName() . '.' . $filetype;
$name = explode('.' . $filetype, explode(DIRECTORY_SEPARATOR, $target_file)[1])[0];
$name = $this->generateName();
$target_file = $target_dir . $name . '.' . $filetype;
$fp = fopen($target_file, 'w');
fwrite($fp, $content);
fclose($fp);
$target_file = str_replace('\\', '/', $target_file);
$this->db->query('INSERT INTO files (name, original_name, type, size, path, isUserData) VALUES (?, ?, ?, ?, ?, ?)', [$name, $original_name, $fullType, $fileSize, $target_file, $userContent]);
echo shell_exec(escapeshellcmd('python /var/www/codeigniter/duplicates.py'));
$this->db->cache_delete('admin', 'files');
echo shell_exec('python /var/www/codeigniter/duplicates.py');
return '/f/' . $name;
}

45
application/models/LoginModel.php
View File

@@ -8,6 +8,7 @@
{
parent::__construct();
$this->load->model('NotificationModel', '', TRUE);
$this->load->model('UserModel', '', TRUE);
$this->load->model('EmailModel', '', TRUE);
$this->load->helper('cookie');
}
@@ -22,19 +23,26 @@
}
$logindata = $logindata[0];
if($logindata['isDeleted']) {
$_SESSION['notice'] .= '<div class="alert alert-danger alert-dismissible"><button type="button" class="close" data-dismiss="alert" aria-label="Schließen"><span aria-hidden="true">&times;</span></button><strong>Der Account wurde deaktiviert!</strong> Dein Account wurde vom System deaktiviert, womöglich aufgrund von Fehlverhalten (beispielsweise in Form von anstößigen, unerwünschten, diskriminierenden oder volksverhetzenden Kommentaren, Posts oder Namen). Solltest du dies für ein Fehler halten, nutze bitte das Kontaktformular, um dich <b>höflich</b> zu beschweren.</div>';
return;
}
$encryptedPassword = $this->getPasswordHash($password, $logindata['original_name']);
if ($encryptedPassword == $logindata['password']) {
$this->startLoginSession($logindata, $rememberMe);
} else {
$_SESSION['notice'] .= '<div class="alert alert-danger alert-dismissible"><button type="button" class="close" data-dismiss="alert" aria-label="Schließen"><span aria-hidden="true">&times;</span></button><strong>Falsche Anmeldedaten!</strong> Benutzername und Passwort stimmen nicht überein!</div>';
$_SESSION['notice'] .= '<div class="alert alert-danger alert-dismissible"><button type="button" class="close" data-dismiss="alert" aria-label="Schließen"><span aria-hidden="true">&times;</span></button><strong>Falsche Anmeldedaten!</strong> Benutzername oder Passwort stimmen nicht mit unseren Akten überein.</div>';
}
}
public function getLoginData($username)
{
$this->db->cache_off();
$return = $this->db->query('SELECT * FROM users WHERE (username = lower(?) OR email = lower(?)) AND is_activated = TRUE LIMIT 1',
[htmlspecialchars($username, ENT_QUOTES), $username])->result_array();
$this->db->cache_on();
return $return;
}
@@ -47,26 +55,26 @@
public function startLoginSession($logindata, $rememberMe)
{
$_SESSION['user']['displayname'] = $logindata['displayname'];
$_SESSION['user']['username'] = $logindata['username'];
$_SESSION['user']['rank'] = $logindata['rank'];
$_SESSION['user']['ID'] = $logindata['ID'];
$_SESSION['user']['ads'] = $logindata['showAds'];
$profilePic = $logindata['profile_picture'];
if (empty($profilePic)) {
$_SESSION['user']['profilePic'] = '/assets/images/steam.jpg';
} else {
$_SESSION['user']['profilePic'] = $profilePic;
}
$this->reloadLoginSession($logindata);
$this->db->query('UPDATE users SET isCurrentlyOnline = 1, lastLogin = CURRENT_TIMESTAMP() WHERE ID = ?', [$logindata['ID']]);
if ($rememberMe == 'on') {
$expire = time() + 3600 * 24 * 60;
$expire = 3600 * 24 * 60;
$userHash = $this->LoginModel->getUserHash($logindata['username'], $logindata['password'], $logindata['email'], $logindata['ID']);
var_dump($expire);
set_cookie('rememberMe', base64_encode($logindata['username']), $expire, base_url(), '/');
set_cookie('token', $userHash, $expire, base_url(), '/');
// $this->input->set_cookie('rememberMe', base64_encode($logindata['username']), $expire, base_url(), '/');
// $this->input->set_cookie('token', $userHash, $expire, base_url(), '/');
var_dump(get_cookie('rememberMe'));
echo 'fresh';
var_dump($_COOKIE);
$_COOKIE['rememberMe'] = base64_encode($logindata['username']);
$_COOKIE['token'] = $userHash;
echo 'tech';
// var_dump(get_cookie('rememberMe'));
// var_dump(get_cookie('token'));
var_dump($_COOKIE);
}
}
@@ -83,6 +91,8 @@
} else {
$_SESSION['user']['profilePic'] = $profilePic;
}
$_SESSION['user']['permissions'] = $this->UserModel->getPermissions($logindata['ID']);
}
public function isTrashMail($email)
@@ -133,13 +143,16 @@
if (isset($_SESSION['loggedOut']) && $_SESSION['loggedOut']) {
return;
}
var_dump('test');
if (!isset($_SESSION['user']) && isset($_COOKIE['rememberMe']) && isset($_COOKIE['token'])) {
var_dump($_COOKIE);
$logindata = $this->getLoginData(base64_decode($_COOKIE['rememberMe']));
if (!empty($logindata)) {
$logindata = $logindata[0];
$token = $this->getUserHash($logindata['username'], $logindata['password'], $logindata['email'], $logindata['ID']);
if ($_COOKIE['token'] == $token) {
echo '<br> TEST! <br>';
$this->startLoginSession($logindata, 'on');
}
}

2
application/models/NotificationModel.php
View File

@@ -82,7 +82,7 @@
$this->db->cache_delete('Main', 'getNotifications');
// Send email
$email = $this->UserModel->getUserEmailByID($notification->sender->getId());
$email = $this->UserModel->getUserEmailByID($notification->recipient->getId());
$group = new NotificationGroup([$notification], 1);
$messageData = $group->message();
$message = sprintf(lang($messageData['line']), ...$messageData['attributes']);

50
application/models/UserModel.php
View File

@@ -13,7 +13,7 @@
function getUser($username)
{
$result = $this->db->query('SELECT ID, username, displayname, email, rank, profile_picture, header_image, about, social_networks, showAds, date_created, gender, language, country, birthdate, birthyear, receiveEmails, receiveNewsletter FROM users WHERE username = ? AND is_activated = TRUE LIMIT 1', [$username])->result_array();
$result = $this->db->query('SELECT ID, username, displayname, email, rank, profile_picture, header_image, about, social_networks, showAds, date_created, gender, language, country, birthdate, birthyear, receiveEmails, receiveNewsletter FROM users WHERE username = ? AND is_activated = TRUE AND isDeleted = FALSE LIMIT 1', [$username])->result_array();
if (empty($result)) {
return null;
}
@@ -26,7 +26,7 @@
{
for ($i = 0; $i < sizeof($userList); $i++) {
if ((isset($userList[$i]['header_image']) && ($userList[$i]['header_image'] == '' || $userList[$i]['header_image'] == NULL)) || !isset($userList[$i]['header_image'])) {
$userList[$i]['header_image'] = substr(base_url(), 0, base_url() - 1) . ':5000/' . $userList[$i]['displayname'];
$userList[$i]['header_image'] = 'https://cdn.kinogofdog.eu' . '/' . $userList[$i]['displayname'];
}
if (isset($userList[$i]['profile_picture']) && $userList[$i]['profile_picture'] == '') {
$userList[$i]['profile_picture'] = base_url('/f/8d204712d8132b36d765640ce775ce15');
@@ -64,7 +64,7 @@
public function getFollowers($id)
{
$this->db->cache_off();
$followers = $this->db->query('SELECT ID, followedSince, username, displayname, profile_picture, header_image FROM user_followers LEFT JOIN users ON ID = followerUserID WHERE followedUserID = ? ORDER BY followedSince DESC', [$id])->result_array();
$followers = $this->db->query('SELECT ID, followedSince, username, displayname, profile_picture, header_image FROM user_followers LEFT JOIN users ON ID = followerUserID WHERE followedUserID = ? AND is_activated = TRUE AND isDeleted = FALSE ORDER BY followedSince DESC', [$id])->result_array();
$this->db->cache_on();
$followers = $this->setDefaultImages($followers);
$followers = $this->mergeFollowerCount($followers);
@@ -73,7 +73,7 @@
function getUserByID($id)
{
$result = $this->db->query('SELECT ID, original_name, username, displayname, email, rank, profile_picture, header_image, is_activated, about, lastLogin, social_networks, showAds, date_created, gender, language, country, birthdate, birthyear, receiveEmails, receiveNewsletter FROM users WHERE ID = ? AND is_activated = TRUE LIMIT 1', [$id])->result_array();
$result = $this->db->query('SELECT ID, original_name, username, displayname, email, rank, profile_picture, header_image, is_activated, about, lastLogin, social_networks, showAds, date_created, gender, language, country, birthdate, birthyear, receiveEmails, receiveNewsletter FROM users WHERE ID = ? AND is_activated = TRUE AND isDeleted = FALSE LIMIT 1', [$id])->result_array();
if (empty($result)) {
return null;
}
@@ -83,14 +83,14 @@
}
function getUserEmailByID($id) {
$result = $this->db->query('SELECT email FROM users WHERE ID = ? AND is_activated = TRUE', [$id])->result_array();
$result = $this->db->query('SELECT email FROM users WHERE ID = ? AND is_activated = TRUE AND isDeleted = TRUE', [$id])->result_array();
return !empty($result) ? $result[0]['email'] : '';
}
public function getFollowing($id)
{
$this->db->cache_off();
$following = $this->db->query('SELECT ID, followedSince, username, displayname, profile_picture, header_image FROM user_followers LEFT JOIN users ON ID = followedUserID WHERE followerUserID = ? ORDER BY followedSince DESC', [$id])->result_array();
$following = $this->db->query('SELECT ID, followedSince, username, displayname, profile_picture, header_image FROM user_followers LEFT JOIN users ON ID = followedUserID WHERE followerUserID = ? AND isDeleted = FALSE ORDER BY followedSince DESC', [$id])->result_array();
$this->db->cache_on();
$following = $this->setDefaultImages($following);
$following = $this->mergeFollowerCount($following);
@@ -187,14 +187,14 @@ WHERE user_id = ?', [$userID, $userID, $userID])->result_array()[0];
function getActiveUsers($count)
{
$data = $this->db->query('SELECT username, displayname, profile_picture, lastLogin, (SELECT COUNT(*) FROM user_followers WHERE followedUserID = users.ID) follower_count FROM users WHERE isCurrentlyOnline = TRUE ORDER BY lastLogin DESC LIMIT ?', [$count])->result_array();
$data = $this->db->query('SELECT username, displayname, profile_picture, lastLogin, (SELECT COUNT(*) FROM user_followers WHERE followedUserID = users.ID) follower_count FROM users WHERE isCurrentlyOnline = TRUE AND is_activated = TRUE AND isDeleted = FALSE ORDER BY lastLogin DESC LIMIT ?', [$count])->result_array();
$data = $this->setDefaultImages($data);
return $data;
}
public function getNewestUsers($count)
{
$data = $this->db->query('SELECT username, displayname, profile_picture, date_created, (SELECT COUNT(*) FROM user_followers WHERE followedUserID = users.ID) follower_count FROM users ORDER BY date_created DESC LIMIT ?', [$count])->result_array();
$data = $this->db->query('SELECT username, displayname, profile_picture, date_created, (SELECT COUNT(*) FROM user_followers WHERE followedUserID = users.ID) follower_count FROM users WHERE is_activated = TRUE AND isDeleted = FALSE ORDER BY date_created DESC LIMIT ?', [$count])->result_array();
$data = $this->setDefaultImages($data);
return $data;
}
@@ -222,7 +222,7 @@ WHERE user_id = ?', [$userID, $userID, $userID])->result_array()[0];
$dbClause = join(' AND ', $conditions);
$inputs[] = $amount;
$inputs[] = $offset;
$data = $this->db->query('SELECT username, displayname, profile_picture, header_image, about, rank FROM users WHERE ' . $dbClause . ' LIMIT ? OFFSET ?', $inputs)->result_array();
$data = $this->db->query('SELECT username, displayname, profile_picture, header_image, about, rank FROM users WHERE is_activated = TRUE AND isDeleted = FALSE AND ' . $dbClause . ' LIMIT ? OFFSET ?', $inputs)->result_array();
$data = $this->setDefaultImages($data);
$data = $this->setRankname($data);
@@ -238,4 +238,36 @@ WHERE user_id = ?', [$userID, $userID, $userID])->result_array()[0];
return $this->db->query('SELECT language, count(*) langUserCount FROM users GROUP BY language ORDER BY language')->result_array();
}
public function deleteUser($id) {
$this->db->query('UPDATE users SET isDeleted = TRUE, isCurrentlyOnline = FALSE, lastOnlineUpdate = NULL WHERE ID = ?', [$id])->result_array();
}
public function getPermissions($userID) {
$this->db->cache_off();
$result = $this->db->query('SELECT * FROM user_permissions WHERE userID = ?', [$userID])->result_array();
$this->db->cache_on();
$perms = [];
foreach ($result as $item) {
$perms[] = $item['permissionType'] . '.' . $item['permissionName'];
}
return $perms;
}
public function hasPermission($userID, $permType, $permName) {
$this->db->cache_off();
$result = $this->db->query('SELECT ID FROM user_permissions WHERE userID = ? AND permissionType = ? AND permissionName = ?', [$userID, $permType, $permName])->result_array();
$this->db->cache_on();
return !empty($result);
}
public function addPermission($userID, $permissionGroup, $permissionName, $givenBy) {
$this->db->query('INSERT INTO user_permissions (userID, permissionType, permissionName, givenBy) VALUES (?, ?, ?, ?)', [$userID, $permissionGroup, $permissionName, $givenBy]);
}
public function revokePermission($userID, $permissionGroup, $permissionName) {
$this->db->query('DELETE FROM user_permissions WHERE userID = ? AND permissionType = ? AND permissionName = ?', [$userID, $permissionGroup, $permissionName]);
}
}