M_Viper/WP-Business-Forum
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity
Files
5d7a4743d7e732f1592a5dd2a20d8c0854b22cdc
WP-Business-Forum/includes/class-forum-auth.php
M_Viper 4fb7c0608e Update from Git Manager GUI
2026-03-21 00:54:10 +01:00

103 lines
4.3 KiB
PHP
Raw Blame History

<?php
if ( ! defined( 'ABSPATH' ) ) exit;
class WBF_Auth {
const SESSION_KEY = 'wbf_forum_user';
public static function init() {
if ( ! session_id() ) {
session_start();
}
// Auto-login via Remember-Me cookie if not already logged in
if ( empty( $_SESSION[ self::SESSION_KEY ] ) && isset( $_COOKIE['wbf_remember'] ) ) {
$row = WBF_DB::verify_remember_token( $_COOKIE['wbf_remember'] );
if ( $row ) {
$user = WBF_DB::get_user( (int)$row->user_id );
if ( $user && WBF_Roles::level($user->role) >= 0 ) {
$_SESSION[ self::SESSION_KEY ] = $user->id;
WBF_DB::touch_last_active( $user->id );
}
}
}
}
public static function is_forum_logged_in() {
self::init();
return ! empty( $_SESSION[ self::SESSION_KEY ] );
}
public static function get_current_user() {
self::init();
if ( empty( $_SESSION[ self::SESSION_KEY ] ) ) return null;
return WBF_DB::get_user( (int) $_SESSION[ self::SESSION_KEY ] );
}
public static function login( $username_or_email, $password ) {
self::init();
$user = WBF_DB::get_user_by( 'username', $username_or_email );
if ( ! $user ) {
$user = WBF_DB::get_user_by( 'email', $username_or_email );
}
if ( ! $user ) return array( 'success' => false, 'message' => 'Benutzer nicht gefunden.' );
if ( ! password_verify( $password, $user->password ) ) {
return array( 'success' => false, 'message' => 'Falsches Passwort.' );
}
if ( WBF_Roles::level($user->role) < 0 ) {
$reason = !empty($user->ban_reason) ? $user->ban_reason : 'Dein Konto wurde gesperrt.';
return array( 'success' => false, 'banned' => true, 'message' => $reason );
}
$_SESSION[ self::SESSION_KEY ] = $user->id;
WBF_DB::touch_last_active( $user->id );
return array( 'success' => true, 'user' => $user );
}
public static function register( $username, $email, $password, $display_name ) {
self::init();
$username = sanitize_user( $username );
$email = sanitize_email( $email );
$display_name = sanitize_text_field( $display_name );
if ( strlen($username) < 3 ) return array('success'=>false,'message'=>'Benutzername mindestens 3 Zeichen.');
if ( ! is_email($email) ) return array('success'=>false,'message'=>'Ungültige E-Mail-Adresse.');
if ( strlen($password) < 6 ) return array('success'=>false,'message'=>'Passwort mindestens 6 Zeichen.');
if ( empty($display_name) ) return array('success'=>false,'message'=>'Anzeigename darf nicht leer sein.');
if ( WBF_DB::get_user_by('username', $username) ) return array('success'=>false,'message'=>'Benutzername bereits vergeben.');
if ( WBF_DB::get_user_by('email', $email) ) return array('success'=>false,'message'=>'E-Mail bereits registriert.');
$avatar = 'https://www.gravatar.com/avatar/' . md5( strtolower($email) ) . '?d=identicon&s=80';
$id = WBF_DB::create_user( array(
'username' => $username,
'email' => $email,
'password' => password_hash( $password, PASSWORD_DEFAULT ),
'display_name' => $display_name,
'avatar_url' => $avatar,
));
$_SESSION[ self::SESSION_KEY ] = $id;
return array('success'=>true,'user'=>WBF_DB::get_user($id));
}
public static function logout() {
self::init();
$user_id = $_SESSION[ self::SESSION_KEY ] ?? 0;
unset( $_SESSION[ self::SESSION_KEY ] );
if ( $user_id ) {
WBF_DB::delete_remember_token( (int)$user_id );
}
// Remove cookie
if ( isset($_COOKIE['wbf_remember']) ) {
setcookie( 'wbf_remember', '', time() - 3600, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
}
}
/** Remember-Me Token setzen und Cookie senden */
public static function set_remember_cookie( $user_id ) {
$token = WBF_DB::create_remember_token( (int)$user_id );
setcookie( 'wbf_remember', $token, time() + 30 * DAY_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
}
}
add_action('init', array('WBF_Auth','init'), 1);
Reference in New Issue View Git Blame Copy Permalink