Fix some vulns in User.php

This commit is contained in:
William 2022-02-27 09:05:48 +01:00
parent 5679ac6640
commit b4d045d8aa

View File

@ -1,15 +1,18 @@
<?php <?php
// TODO: // TODO: ...
class User class User
{ {
private Session $session; private Session $session;
private Database $database; private Database $database;
// Always initialized
public bool $loggedIn; public bool $loggedIn;
public int $powerLevel; // Set to 0 when not logged in
public string $username; // Username and password is only initalized if logged in // Initialized only if logged in
public string $username;
public string $password; public string $password;
public int $powerLevel;
public function __construct(Session $session, Database $database) public function __construct(Session $session, Database $database)
{ {
@ -17,37 +20,34 @@ class User
$this->database = $database; $this->database = $database;
$user = $this->session->get('user'); $user = $this->session->get('user');
if ($user)
// Check if user session has been set
if (!$user)
{ {
// User session was set previously
$this->loggedIn = $user['loggedIn'];
$this->username = $user['username'];
$this->password = $user['password'];
} else {
// User session has not been set yet
$this->loggedIn = FALSE; $this->loggedIn = FALSE;
return;
} }
// Check if username and password matches // Check if username and password match
if ($this->loggedIn && !$this->authenticate($this->username, $this->password)) if (!$this->authenticate($user['username'], $user['password']))
{ {
$this->logout(); $this->logout();
$this->session->flash('Kontodetaljer endret, vennligst logg inn igjen', 'warning'); $this->session->flash('Kontodetaljer er blitt endret, vennligst logg inn igjen', 'warning');
return;
} }
// All is good, we should be logged in now! (hopefully)
$this->username = $user['username'];
$this->password = $user['password'];
$this->loggedIn = TRUE;
// Set powerLevel // Set powerLevel
if ($this->loggedIn)
{
$sth = $this->database->conn->prepare( $sth = $this->database->conn->prepare(
'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?' 'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'
); );
$sth->execute([$this->username, $this->password]); $sth->execute([$this->username, $this->password]);
$row = $sth->fetch(PDO::FETCH_ASSOC); $row = $sth->fetch(PDO::FETCH_ASSOC);
$this->powerLevel = $row['Nivå']; $this->powerLevel = $row['Nivå'];
} else {
$this->powerLevel = 0;
}
} }
// Set session if user and password match // Set session if user and password match