From: konrad Date: Sun, 16 Dec 2007 21:21:03 +0000 (+0000) Subject: add customer class X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=2aea6cdeb9290e8daf5bb6b41bb95d8bb1fd4d92;p=web%2Fkonrad%2Fsmoke.git add customer class git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@82 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33 --- diff --git a/www/inc/cauth_hash.php b/www/inc/cauth_hash.php index 879ea2b..c3d6ef2 100644 --- a/www/inc/cauth_hash.php +++ b/www/inc/cauth_hash.php @@ -26,4 +26,10 @@ function calcAuth($cha,$tok) } } +/**helper for Customer::authenticate and Customer::setPassword*/ +function calcPasswd($pass,$salt) +{ + return $salt.":".hash("sha1",$salt.$pass); +} + ?> \ No newline at end of file diff --git a/www/inc/cauth_mhash.php b/www/inc/cauth_mhash.php index 7f32602..9813969 100644 --- a/www/inc/cauth_mhash.php +++ b/www/inc/cauth_mhash.php @@ -26,4 +26,10 @@ function calcAuth($cha,$tok) } } +/**helper for Customer::authenticate and Customer::setPassword*/ +function calcPasswd($pass,$salt) +{ + return $salt.":".bin2hex(mhash(MHASH_SHA1,$salt.$pass)); +} + ?> \ No newline at end of file diff --git a/www/inc/cauth_string.php b/www/inc/cauth_string.php index 2f70290..546a8f9 100644 --- a/www/inc/cauth_string.php +++ b/www/inc/cauth_string.php @@ -22,4 +22,10 @@ function calcAuth($key,$tok) } } +/**helper for Customer::authenticate and Customer::setPassword*/ +function calcPasswd($pass,$salt) +{ + return $salt.":".strtolower(sha1($salt.$pass)); +} + ?> \ No newline at end of file diff --git a/www/inc/customer.php b/www/inc/customer.php new file mode 100644 index 0000000..b503dc3 --- /dev/null +++ b/www/inc/customer.php @@ -0,0 +1,93 @@ +id=false; + if($id!==false){ + $this->getByID($id); + } + } + + /**tries to get the customer by its ID, returns false if it fails*/ + public function getByID($id) + { + global $db; + $res=$db->select("customer","customerid","where customerid=".$db->escapeInt($id)); + if(count($res)>0){ + $this->id=$id+0; + return true; + }else + return false; + } + + /**tries to get the customer by its email address, returns false if it fails*/ + public function getByMail($mail) + { + global $db; + $res=$db->select("customer","customerid","where email=".$db->escapeString($mail)); + if(count($res)>0){ + $this->id=$res[0]["customerid"]; + return true; + }else + return false; + } + + /**checks whether the customer exists in the database; getByID or getByMail must have been called first*/ + public function exists() + { + return $this->id !== false; + } + + /**creates the customer in the database; getByID or getByMail must not have been called yet; + returns the new ID on success or false on failure*/ + public function create($name) + { + if($this->id!==false)return; + global $db; + $this->id=$db->insert("customer",array("name"=>$name)); + return $this->id; + } + + /**sets the email of this customer*/ + public function setMail($mail) + { + if($this->id===false)return; + global $db; + $db->update("customer",array("email"=>$mail),"customerid=".$db->escapeInt($this->id)); + } + + /**sets the password of this customer*/ + public function setPassword($pwd) + { + if($this->id===false)return; + global $db; + $pass=calcPasswd($pwd,getSalt()); + $db->update("customer",array("passwd"=>$pass),"customerid=".$db->escapeInt($this->id)); + } + + /**checks whether $password matches the stored password for this customer; returns true on success*/ + public function authenticate($passwd) + { + if($this->id===false)return false; + //get record + global $db; + $res=$db->select("customer","passwd","customerid=".$db->escapeInt($this->id)); + //found anything? + if(count($res)<0)return false; + //is it a password + if(!is_string($res[0]["passwd"]) || strlen($res[0]["passwd"])<10)return false; + //check + $pwd=explode(":",$res[0]["passwd"]); + $pwd2=calcPasswd($passwd,$pwd[0]); + return $pwd2 == $res[0]["passwd"]; + } +}; + +?> \ No newline at end of file diff --git a/www/inc/loader_nonadmin.php b/www/inc/loader_nonadmin.php index c0a2c65..fe7b5a0 100644 --- a/www/inc/loader_nonadmin.php +++ b/www/inc/loader_nonadmin.php @@ -12,6 +12,9 @@ include("./inc/cart.php"); include('./inc/error.php'); include('./inc/language_manager.php'); include('./inc/parser.php'); -include('./inc/config_manager.php') +include('./inc/config_manager.php'); +include('./inc/customer.php'); +//load hash lib +include("./inc/cauth_".$HashLib.".php"); ?> \ No newline at end of file diff --git a/www/inc/random.php b/www/inc/random.php index 096e88f..9b19645 100644 --- a/www/inc/random.php +++ b/www/inc/random.php @@ -44,4 +44,10 @@ function getRandom($bits) return substr($ret,0,$bits); } +/**return a salt value for Customer::setPassword */ +function getSalt() +{ + return getRandom(16*4); +} + ?> \ No newline at end of file diff --git a/www/inc/session.php b/www/inc/session.php index 3b1bb05..cfcdf89 100644 --- a/www/inc/session.php +++ b/www/inc/session.php @@ -217,6 +217,4 @@ class Session } }; -include("cauth_".$HashLib.".php"); - ?> \ No newline at end of file