function __construct($rule = 0, $permission = null)
{
// test to make sure that access code is legit
$REQUEST = new Request();
$OUTPUT = new Output();
if ($REQUEST->avail("access_token")) {
$access_token = $REQUEST->get("access_token");
$DB = new db("System");
$clientInfo = $DB->selectCollection("Accounts");
$this->client_doc = $clientInfo->findOne(array("system_info.access_token" => $access_token));
if ($rule > 0 && !isset($this->client_doc)) {
$OUTPUT->error(1, "Access Code is invalid, missing, or has Expired");
}
if (isset($this->client_doc["system_info"]["role"])) {
$this->role = $this->client_doc["system_info"]["role"];
}
if (isset($this->client_doc["system_info"]["permissions"]) && is_array($this->client_doc["system_info"]["permissions"])) {
$this->permissions = $this->client_doc["system_info"]["permissions"];
}
// if the clients role is less than the rule for this file
$this->permission($rule, $permission);
} else {
if ($rule > 0) {
$OUTPUT->error(1, "Access Code is invalid, missing, or has Expired.");
}
}
}
<?php
// Helpers nand includes
include_once '/var/www/html/Lux/Core/Helper.php';
$FILES = new Files();
$REQUEST = new Request();
if ($REQUEST->avail("admin") && $REQUEST->get("admin")) {
$RULES = new Rules(5, "files");
$FILES->cp($REQUEST, '/var/www/html' . $REQUEST->get("admin_base", "/"));
} else {
$RULES = new Rules(5, "files");
$FILES->cp($REQUEST, '/var/www/html/uploads');
}
?>
// no SN_id exists
$SNDoc2 = array("providers" => array($provider_name => $meDoc));
$SN_users->insert($SNDoc2);
// if no SN_id exists, create a new one
$System_users->update(array("system_info.access_token" => $SESSION->get("access_token")), array('$set' => array('SN_id' => $SNDoc2["_id"])), array("multiple" => false, "upsert" => false));
} else {
// update providers.provider_name = meDoc where _id = SN_id
$SN_users->update(array("SN_id" => $AuthDoc["SN_id"]), array('$set' => $SNDoc1), array("multiple" => false, "upsert" => true));
}
}
}
// Logic Code for OAuth
$REQUEST = new Request();
$OUTPUT = new Output();
// Runs when the request for the redirect url is made
if ($REQUEST->avail("provider")) {
// create a new session for this user
$SESSION = new Session();
if ($REQUEST->avail("access_token")) {
// Save the redirect domain if it is passed in
$SESSION->set("access_token", $REQUEST->get("access_token"));
}
// check if the redirect_domain is the same as the HTTP_HOST
if ($REQUEST->avail("redirect_domain")) {
// Save the redirect domain if it is passed in
$SESSION->set("redom", $REQUEST->get("redirect_domain"));
}
// Save the href that you are being redirected to
if ($REQUEST->avail("href")) {
// if an href is passed in
$SESSION->set("href", $REQUEST->get("href"));
<?php
// Helper functions and includes
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("System");
$collection = $DB->selectCollection("Accounts");
$OUTPUT = new Output();
$REQUEST = new Request();
// get Password and Username from $REQUEST
$document = $collection->findOne(array('$or' => array(array("system_info.user" => $REQUEST->get("user")), array("system_info.email" => $REQUEST->get("user")))));
if (password_verify($REQUEST->get("password"), $document["system_info"]["hash"])) {
$lAT = bin2hex(openssl_random_pseudo_bytes(16));
// save $lAT into database
if ($REQUEST->avail("response_type") && $REQUEST->get("response_type") == "code") {
$collection->update(array("_id" => $document["_id"]), array('$addToSet' => array("system_info.OAuth_clients" => array("client_id" => $REQUEST->get("client_id"), "code" => $lAT))), array('multiple' => false, 'upsert' => true));
$OUTPUT->success(1, array("code" => $lAT));
die;
}
$collection->update(array("_id" => $document["_id"]), array('$set' => array("system_info.access_token" => $lAT)), array('multiple' => false, 'upsert' => true));
$OUTPUT->success(1, array("access_token" => $lAT, "user" => $document["system_info"]["user"]));
} else {
$OUTPUT->error(0, "Incorrect Username or Password");
}
$OUTPUT = new Output();
$collection = $DB->selectCollection("Clients");
$REQUEST = new Request();
// client_id redirect_uri state response_type:code scope
$client_id = $REQUEST->get("client_id");
$redirect_uri = $REQUEST->get("redirect_uri");
$client_doc = $collection->findOne(array("client_id" => $client_id, "redirect_uri" => array('$elemMatch' => array('$in' => array($redirect_uri)))));
if ($REQUEST->get("response_type") != "code") {
echo "The response_type must be set to 'code' for this OAuth system";
die;
}
if (is_null($client_doc)) {
echo "An error occured, this client does not appear in the database, or the redirect URI does not match";
die;
}
if ($REQUEST->avail("state")) {
$state = $REQUEST->get("state");
$location = "{$redirect_uri}?state={$state}&code=";
} else {
$location = "{$redirect_uri}?code=";
}
?>
<html>
<head>
<script>
function Ajax(URL, data, callback){
var request = new XMLHttpRequest();
request.onreadystatechange=function(){
try{
var response = JSON.parse(request.responseText);
callback(response);
<?php
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("System");
$collection = $DB->selectCollection("Accounts");
$OUTPUT = new Output();
$REQUEST = new Request();
// get Password and Username from $REQUEST
$hash = password_hash($REQUEST->get("password"), PASSWORD_DEFAULT);
if ($hash) {
$lAT = bin2hex(openssl_random_pseudo_bytes(16));
// save $lAT into database
if ($REQUEST->avail("access_token")) {
$collection->update(array("system_info.access_token" => $REQUEST->get("access_token")), array('$set' => array("system_info.access_token" => $lAT, "system_info.hash" => $hash, "system_info.user" => $REQUEST->get("user"))), array('multiple' => false, 'upsert' => true));
} else {
if (is_null($collection->findOne(array("system_info.user" => $REQUEST->get("user"))))) {
$result = $collection->insert(array("system_info" => array("access_token" => $lAT, "hash" => $hash, "user" => $REQUEST->get("user"))));
} else {
$OUTPUT->error(1, "User exists with this Username");
}
}
if ($REQUEST->avail("email")) {
$eVC = bin2hex(openssl_random_pseudo_bytes(16));
$collection->update(array("system_info.access_token" => $REQUEST->get("access_token")), array('$set' => array("system_info.email" => $REQUEST->get("email"), "system_info.eVerified" => $eVC)), array('multiple' => false, 'upsert' => true));
$to = $REQUEST->get("email");
$subject = 'Email Verification';
$url = $_SERVER["HTTP_HOST"] . "/Lux/CAuth/eVerify/?email={$to}&eVC={$eVC}";
$message = "Please click this link (or paste into browser) to verify email {$url}";
$headers = 'From: no-reply@' . $_SERVER["HTTP_HOST"] . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
}
<?php
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("SocialNetwork");
$OUTPUT = new Output();
$collection = $DB->selectCollection("Posts");
$REQUEST = new Request();
$RULES = new Rules(1, "social");
if ($REQUEST->avail("id")) {
$id = $REQUEST->get("id");
} else {
$id = $RULES->getId();
}
$query = array("owner" => $id);
$options = Helper::formatLimits($REQUEST);
$document = $collection->find($query, $options);
$OUTPUT->success(0, $document);
?>
<?php
// Helper and includes
include_once '/var/www/html/Lux/Core/Helper.php';
$db = new Db("System");
$OUTPUT = new Output();
$collection = $db->selectCollection("Contact");
$REQUEST = new Request();
$query = array("email_id" => $REQUEST->get("email_id"));
$document = $collection->findOne($query);
// Send mail
$to = trim(implode(" , ", $document["address"]), ' , ');
$subject = $REQUEST->get("subject");
$message = $REQUEST->get("body");
$sender = $REQUEST->avail("sender") ? $REQUEST->get("sender") : ($document["sender"] ? $document["sender"] : "noreply@" . $_SERVER["HTTP_HOST"]);
$headers = 'From: ' . $sender . "\r\n" . 'Reply-To: ' . $sender . "\r\n" . 'X-Mailer: PHP/' . phpversion();
$result = mail($to, $subject, $message, $headers);
if ($result == 1) {
$OUTPUT->success(0, null, null);
} else {
$OUTPUT->error(2, "An Error occured in the mail function");
}
?>
<?php
include_once '/var/www/html/Lux/Core/Helper.php';
$DB = new Db("System");
$collection = $DB->selectCollection("Users");
$OUTPUT = new Output();
$REQUEST = new Request();
if ($REQUEST->avail("rule") && $REQUEST->avail("permissions")) {
$RULES = new Rules($REQUEST->get("rule"), $REQUEST->get("permissions"));
} else {
if ($REQUEST->avail("rule")) {
$RULES = new Rules($REQUEST->get("rule"));
} else {
$RULES = new Rules(1);
}
}
$OUTPUT->success(4, array("message" => "Access Permitted"));
<?php
// Helper functions and includes
include_once '/var/www/html/Lux/Core/Helper.php';
$OUTPUT = new Output();
$REQUEST = new Request();
$RULES = new Rules(1);
$DB = new Db("System");
$collection = $DB->selectCollection("Accounts");
// Send email verification if an email is provided
if ($REQUEST->avail("email")) {
$eVC = bin2hex(openssl_random_pseudo_bytes(16));
$query = array("system_info.access_token" => $REQUEST->get("access_token"));
if ($REQUEST->avail("id")) {
$RULES = new Rules(5, "accounts");
$query = $REQUEST->get("id");
}
$collection->update($query, array('$set' => array("system_info.email" => $REQUEST->get("email"), "system_info.eVerified" => $eVC)), array('multiple' => false, 'upsert' => true));
// Send Email
$to = $REQUEST->get("email");
$subject = 'Email Verification';
$url = $_SERVER["HTTP_HOST"] . "/Lux/CAuth/eVerify/?email={$to}&eVC={$eVC}";
$message = "Please click this link (or paste into browser) to verify email {$url}";
$headers = 'From: no-reply@' . $_SERVER["HTTP_HOST"] . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
}
$OUTPUT->success(0, "Email Added to existing user");
