<?php
namespace entities\evr\security;

class Registrar
{
   public function register()
   {
      $this->set_username();
      $this->set_password();
      $this->set_email_address();
      $this->set_join_flag();
      if ($this->username && $this->password && $this->email)
      {
         if (Security::validate_key())
         {
            $this->add_user();
            Security::remove_key();
            Security::show_success($this->username . " registered");
            return true;
         }
      }
      return false;
   }
   private function set_username()
   {
      $name = Security::get_post_parameter("username");
      if (!$this->check_username_length($name))
      {
         Security::show_error("Please change username length");
         $name = null;
      }
      if (!$this->check_username_content($name))
      {
         Security::show_error("Please use only a-z, A-Z, 0-9, or _");
         $name = null;
      }
      if (Security::find_user_directory($name))
      {
         Security::show_error("Username $name is already taken");
         $name = null;
      }
      $this->username = $name;
   }
   private function check_username_length($name)
   {
      $min = $GLOBALS["USER_NAME_MIN_LENGTH"];
      $max = $GLOBALS["USER_NAME_MAX_LENGTH"];
      return $this->check_length($name, $min, $max);
   }
   private function check_length($string, $min, $max)
   {
      $length = strlen($string);
      return $length >= $min && $length <= $max;
   }
   private function check_username_content($name)
   {
      return preg_match("/^[a-zA-Z0-9_]*$/", $name);
   }
   private function set_password()
   {
      $passwords = Security::get_post_parameter("password");
      $password = $passwords[0];
      if ($passwords[0] != $passwords[1])
      {
         Security::show_error("Two different passwords submitted");
         $password = null;
      }
      if (!$this->check_password_length($passwords[0]))
      {
         Security::show_error("Please change password length");
         $password = null;
      }
      if (!$this->check_password_characters($passwords[0]))
      {
         Security::show_error("Please mix letters and numbers in the password");
         $password = null;
      }
      $this->password = $password;
   }
   private function check_password_length($password)
   {
      $min = $GLOBALS["PASSWORD_MIN_LENGTH"];
      $max = $GLOBALS["PASSWORD_MAX_LENGTH"];
      return $this->check_length($password, $min, $max);
   }
   private function check_password_characters($password)
   {
      $chars = "/[a-zA-Z]/";
      $numerals = "/[0-9]/";
      return preg_match($chars, $password) && preg_match($numerals, $password);
   }
   private function set_email_address()
   {
      $email = Security::get_post_parameter("email_address");
      if (!preg_match("/.+@.+\..+/", $email))
      {
         Security::show_error("Please use a different e-mail address format");
         $email = null;
      }
      $this->email = $email;
   }
   private function set_join_flag()
   {
      if (Security::get_post_parameter("join"))
      {
         $this->join = "1";
      }
      else
      {
         $this->join = "0";
      }
   }
   private function add_user()
   {
      $this->create_user_directory();
      $this->store_password();
      $this->store_email_address();
      $this->create_addresses_file();
      $this->create_history_file();
      $this->create_expert_file();
      $this->initialize_progress_file();
   }
   private function create_user_directory()
   {
      $saved = umask(0);
      mkdir($this->get_user_path(), 0770);
      umask($saved);
   }
   private function store_password()
   {
      $hash = $this->hash_password();
      $path = $this->create_file($GLOBALS["USER_HASH_PATH"]);
      file_put_contents($path, $hash . "\n");
   }
   private function create_file($name)
   {
      $path = $this->get_user_path() . $name;
      touch($path);
      chmod($path, octdec($GLOBALS["USER_FILE_PERMISSIONS"]));
      return $path;
   }
   private function get_user_path()
   {
      return $GLOBALS["USERS_PATH"] . "/" . $this->username . "/";
   }
   private function hash_password()
   {
      $salt = $this->generate_salt();
      return crypt($this->password, $salt);
   }
   private function generate_salt()
   {
      return chr(rand(65, 90)) . rand(0, 9);
   }
   private function store_email_address()
   {
      $content = $this->email . " " . $this->join . "\n";
      $path = $this->create_file($GLOBALS["USER_EMAIL_ADDRESS_PATH"]);
      file_put_contents($path, $content);
   }
   private function create_addresses_file()
   {
      $this->create_file($GLOBALS["USER_ADDRESSES_PATH"]);
   }
   private function create_history_file()
   {
      $this->create_file($GLOBALS["USER_HISTORY_PATH"]);
   }
   private function create_expert_file()
   {
      $this->create_file($GLOBALS["USER_EXPERT_PROGRESS_PATH"]);
   }
   private function initialize_progress_file()
   {
      $path = $this->create_file($GLOBALS["USER_PROGRESS_PATH"]);
      file_put_contents($path, "0\n");
   }
   public function change_password()
   {
      $this->username = Security::get_post_parameter("username");
      $password = Security::get_post_parameter("old_password");
      if (Security::verify_credentials($this->username, $password))
      {
         $this->set_password();
         if ($this->password)
         {
            $this->store_password();
            Security::show_success("password changed");
            return true;
         }
      }
      return false;
   }
   public function reset_password()
   {
      $this->username = Security::get_post_parameter("username");
      $this->password = $this->generate_password();
      if (Security::find_user_directory($this->username))
      {
         $this->store_password();
         return $this->send_password($this->password);
      }
      Security::show_error("Username not found");
      return false;
   }
   private function generate_password()
   {
      $length = $GLOBALS["GENERATED_PASSWORD_LENGTH"];
      $set = $this->generate_character_set();
      $password = "";
      for ($ii = 0; $ii < $length; $ii++)
      {
         $password .= $set[rand(0, strlen($set) - 1)];
      }
      return $password;
   }
   private function generate_character_set()
   {
      $set = "";
      for ($ii = 0; $ii <= 90 - 65; $ii++)
      {
         $set .= chr($ii + 65);
      }
      for ($ii = 0; $ii <= 122 - 97; $ii++)
      {
         $set .= chr($ii + 97);
      }
      for ($ii = 0; $ii <= 9; $ii++)
      {
         $set .= $ii;
      }
      return $set;
   }
   private function send_password($password)
   {
      $email_address = $this->get_email_address();
      $mail = new Password_Mail($email_address, $password);
      if ($mail->send())
      {
         Security::show_success("New password emailed");
         return true;
      }
      Security::show_error("Mail delivery failed");
      return false;
   }
   private function get_email_address()
   {
      $path = $this->get_user_path() . $GLOBALS["USER_EMAIL_ADDRESS_PATH"];
      $fields = explode(" ", file_get_contents($path, FILE_IGNORE_NEW_LINES));
      return $fields[0];
   }
}
18.97.9.173
18.97.9.173
18.97.9.173
 
July 18, 2022


A new era ‼

Our infrastructure has recently upgraded ‼

Nugget Communications Bureau 👍

You've never emailed like this before ‼

Roundcube

Webmail software for reading and sending email from @nugget.fun and @shampoo.ooo addresses.

Mailman3

Email discussion lists, modernized with likes and emojis. It can be used for announcements and newsletters in addition to discussions. See lists for Picture Processing or Scrapeboard. Nowadays, people use Discord, but you really don't have to!

FreshRSS

With this hidden in plain sight, old technology, even regular people like you and me can start our own newspaper or social media feed.

Nugget Streaming Media 👍

The content you crave ‼

HLS

A live streaming, video format based on M3U playlists that can be played with HTML5.

RTMP

A plugin for Nginx can receive streaming video from ffmpeg or OBS and forward it as an RTMP stream to sites like Youtube and Twitch or directly to VLC.


Professional ‼

Nugget Productivity Suite 👍

Unleash your potential ‼

Kanboard

Virtual index cards you can use to gamify your daily grind.

Gitea

Grab whatever game code you want, share your edits, and report bugs.

Nugget Security 👍

The real Turing test ‼

Fail2ban

Banning is even more fun when it's automated.

Spamassassin

The documentation explains, "an email which mentions rolex watches, Viagra, porn, and debt all in one" will probably be considered spam.

GoAccess

Display HTTP requests in real time, so you can watch bots try to break into WordPress.

Nugget Entertainment Software 👍

The best in gaming entertainment ‼

Emoticon vs. Rainbow

With everything upgraded to the bleeding edge, this HTML4 game is running better than ever.


Zoom ‼

The game engine I've been working on, SPACE BOX, is now able to export to web, so I'm planning on turning nugget.fun into a games portal by releasing my games on it and adding an accounts system. The upgraded server and software will make it easier to create and maintain. I'm also thinking of using advertising and subscriptions to support the portal, so some of these services, like webmail or the RSS reader, may be offered to accounts that upgrade to a paid subscription.