diff options
Diffstat (limited to 'public/system/library/cart/user.php')
| -rw-r--r-- | public/system/library/cart/user.php | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/public/system/library/cart/user.php b/public/system/library/cart/user.php new file mode 100644 index 0000000..ca1d09e --- /dev/null +++ b/public/system/library/cart/user.php @@ -0,0 +1,95 @@ +<?php +namespace Cart; +class User { + private $user_id; + private $user_group_id; + private $username; + private $permission = array(); + + public function __construct($registry) { + $this->db = $registry->get('db'); + $this->request = $registry->get('request'); + $this->session = $registry->get('session'); + + if (isset($this->session->data['user_id'])) { + $user_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "user WHERE user_id = '" . (int)$this->session->data['user_id'] . "' AND status = '1'"); + + if ($user_query->num_rows) { + $this->user_id = $user_query->row['user_id']; + $this->username = $user_query->row['username']; + $this->user_group_id = $user_query->row['user_group_id']; + + $this->db->query("UPDATE " . DB_PREFIX . "user SET ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "' WHERE user_id = '" . (int)$this->session->data['user_id'] . "'"); + + $user_group_query = $this->db->query("SELECT permission FROM " . DB_PREFIX . "user_group WHERE user_group_id = '" . (int)$user_query->row['user_group_id'] . "'"); + + $permissions = json_decode($user_group_query->row['permission'], true); + + if (is_array($permissions)) { + foreach ($permissions as $key => $value) { + $this->permission[$key] = $value; + } + } + } else { + $this->logout(); + } + } + } + + public function login($username, $password) { + $user_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "user WHERE username = '" . $this->db->escape($username) . "' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->db->escape($password) . "'))))) OR password = '" . $this->db->escape(md5($password)) . "') AND status = '1'"); + + if ($user_query->num_rows) { + $this->session->data['user_id'] = $user_query->row['user_id']; + + $this->user_id = $user_query->row['user_id']; + $this->username = $user_query->row['username']; + $this->user_group_id = $user_query->row['user_group_id']; + + $user_group_query = $this->db->query("SELECT permission FROM " . DB_PREFIX . "user_group WHERE user_group_id = '" . (int)$user_query->row['user_group_id'] . "'"); + + $permissions = json_decode($user_group_query->row['permission'], true); + + if (is_array($permissions)) { + foreach ($permissions as $key => $value) { + $this->permission[$key] = $value; + } + } + + return true; + } else { + return false; + } + } + + public function logout() { + unset($this->session->data['user_id']); + + $this->user_id = ''; + $this->username = ''; + } + + public function hasPermission($key, $value) { + if (isset($this->permission[$key])) { + return in_array($value, $this->permission[$key]); + } else { + return false; + } + } + + public function isLogged() { + return $this->user_id; + } + + public function getId() { + return $this->user_id; + } + + public function getUserName() { + return $this->username; + } + + public function getGroupId() { + return $this->user_group_id; + } +}
\ No newline at end of file |