UserSpice 5.0.7

instructions.txt

@@ -0,0 +1,13 @@
+1. Copy the contents of this zip to your web folder
+
+2. Make sure you have your database username and password handy. You can either create a DB in advance or allow UserSpice to try to do it for you.
+
+3. Navigate to the web folder you copied to the files to with your web browser and follow the on screen instructions.
+
+4. Documentation can be found at https://UserSpice.com/kb
+
+5. You can get help online at our Discord Server https://discord.gg/PMNquvh
+
+6. After installing, you can login as administrator with the credentials admin and password
+You can also login as a "regular" user with the credentials user and password
+Please change these credentials.

users/classes/User.php

@@ -112,7 +112,7 @@ public function login($username = null, $password = null, $remember = false){
 					$date = date("Y-m-d H:i:s");
 					$this->_db->query("UPDATE users SET last_login = ?, logins = logins + 1 WHERE id = ?",[$date,$this->data()->id]);
 					$_SESSION['last_confirm']=date("Y-m-d H:i:s");
-					$this->_db->insert('logs',['logdate' => $date,'user_id' => $this->data()->id,'logtype' => "User",'lognote' => "User logged in."]);
+					$this->_db->insert('logs',['logdate' => $date,'user_id' => $this->data()->id,'logtype' => "User",'lognote' => "User logged in.", 'ip' => $_SERVER['REMOTE_ADDR'] ]);
 					$ip = ipCheck();
 					$q = $this->_db->query("SELECT id FROM us_ip_list WHERE ip = ?",array($ip));
 					$c = $q->count();
@@ -161,7 +161,7 @@ public function loginEmail($email = null, $password = null, $remember = false){
 					$date = date("Y-m-d H:i:s");
 					$this->_db->query("UPDATE users SET last_login = ?, logins = logins + 1 WHERE id = ?",[$date,$this->data()->id]);
 					$_SESSION['last_confirm']=date("Y-m-d H:i:s");
-					$this->_db->insert('logs',['logdate' => $date,'user_id' => $this->data()->id,'logtype' => "User",'lognote' => "User logged in."]);
+					$this->_db->insert('logs',['logdate' => $date,'user_id' => $this->data()->id,'logtype' => "User",'lognote' => "User logged in.", 'ip' => $_SERVER['REMOTE_ADDR'] ]);
 					$ip = ipCheck();
 					$q = $this->_db->query("SELECT id FROM us_ip_list WHERE ip = ?",array($ip));
 					$c = $q->count();
@@ -280,25 +280,4 @@ public function update($fields = array(), $id=null){
 			throw new Exception('There was a problem updating.');
 		}
 	}
-
-	//This is for future versions of UserSpice
-	public function hasPermission($key){
-		$group = $this->_db->get('permissions', array('id', '=', $this->data()->permissions));
-		if ($group->count()) {
-			$permissions = json_decode($group->first()->permissions, true);
-			if ($permissions[$key] == true) {
-				return true;
-			}
-		}
-		return false;
-	}
-	//This is for future versions of UserSpice
-	public function noPermissionRedirect($perm,$location){
-		if(!$this->hasPermission($perm)){
-			Redirect::to($location);
-		}else{
-			return true;
-		}
-	}
-
 }

users/helpers/permissions.php

@@ -460,6 +460,18 @@ function checkPermission($permission) {
 	}
 }
 
+//Check if a permission level name exists in the DB
+if(!function_exists('permissionNameExists')) {
+	function permissionNameExists($permission) {
+		$db = DB::getInstance();
+		$query = $db->query("SELECT id FROM permissions WHERE
+			name = ?",array($permission));
+			$results = $query->results();
+			if($results) return true;
+			else return false;
+		}
+	}
+
 if(!function_exists('addPermission')) {
 	//Match permission level(s) with user(s)
 	function addPermission($permission_ids, $members) {
@@ -507,6 +519,9 @@ function deletePermission($permission) {
 
 if(!function_exists('hasPerm')) {
 	function hasPerm($permissions, $id=null) {
+		if(!is_array($permissions)){
+			$permissions = [$permissions];
+		}
 		if(is_null($id)) {
 			global $user;
 			if($user->isLoggedIn()) $id=$user->data()->id;