public function edit()
{
$nro = SomeRequest::getInt("nro", 0);
$type = SomeRequest::getString("type", 0);
$model = $this->getModel('profile');
//!!!!
$model->getProfile($nro, $type);
$view = $this->getView('default');
$view->setModel($model);
$user = SomeFactory::getUser();
$role = $user->getUserrole();
//Muokataan jonkun muun profiilia
if ($nro != 0 && $nro != $user->getUsername()) {
//MikŠli kyseessŠ opiskelijan profiili, oltava opettaja tai ylituutori
if ($type === SomeUser::ROLE_STUDENT && ($role === SomeUser::ROLE_TEACHER || $role === SomeUser::ROLE_HEADTEACHER)) {
$view->display('edit_student');
} else {
if ($type === SomeUser::ROLE_TEACHER && $role === SomeUser::ROLE_HEADTEACHER) {
$view->display('edit_teacher');
}
}
} else {
if ($role === SomeUser::ROLE_STUDENT) {
$view->display('edit_student');
} else {
if ($role === SomeUser::ROLE_TEACHER || $role === SomeUser::ROLE_HEADTEACHER) {
$view->display('edit_teacher');
}
}
}
}
public function register()
{
//nimeämiskäytäntö! model/register.php and SomeModelRegister must exist.
$model = $this->getModel('register');
$username = SomeRequest::getVar('tunnus', null);
//jos username on olemassa, käyttäjältä tulee lomake, yritä käsitellä se
if ($username) {
$success = $model->dotask();
// paluu arvo voi kertoa onnistumisesta tai epäonnistumisesta.
if ($success) {
/*$view = $this->getView('register'); // eli view/register/register.php pitää löytyä
$view->setModel($model);
$view->display('succesful'); // eli view/register/tmpl/successful.php tiedosto pitää löytyä*/
$app = SomeFactory::getApplication();
$app->redirect('index.php?app=hops&action=listPeople');
} else {
echo "Virhe: " . print_r($model->getErrors());
}
/*else {
//failed, no valid data?
$view = $this->getView('register'); // eli view/register/register.php pitää löytyä
$view->setModel($model);
$view->display('form'); // eli view/register/tmpl/form.php tiedosto pitää löytyä
} */
} else {
echo "Tarkista tiedot ja yritä uudestaan!";
}
/*else {
//ei ole lomakkeen lähetys, näytä lomake
$view = $this->getView('register'); // eli view/register/register.php pitää löytyä
$view->setModel($model);
$view->display('form'); // eli view/register/tmpl/form.php tiedosto pitää löytyä
}*/
}
public function login()
{
$username = SomeRequest::getVar('username', null);
$password = SomeRequest::getVar('password', null);
// IF PASSWORD IS HASHED and optionally SALTED
// only load the user and check password match in the php code
$sql = "SELECT * FROM someuser WHERE username=? and password=?";
$database = SomeFactory::getDBO();
$stmt = $database->prepare($sql);
$ok = $stmt->execute(array($username, $password));
if ($ok) {
$row = $stmt->fetch();
if ($row['id']) {
//
$this->userdata = $row;
$user = SomeFactory::getUser();
$user->setId($row['id']);
$user->setUsername(trim($row['username']));
$user->setUserrole(trim($row['userrole']));
$user->setEmail(trim($row['email']));
$user->setHomepage(trim($row['homepage']));
return true;
} else {
echo "Käyttäjää ei löytynyt";
$this->errors['notfound'] = "user {$username} not found from database. Check username and password";
}
}
return false;
}
/**
* @return true if user is created, false if not.
*/
public function create()
{
$user = SomeFactory::getUser();
if ($user->getUserrole() === SomeUser::ROLE_HEADTEACHER) {
someloader('some.user.user');
$someuser = new SomeUser();
$this->userdata = array('username' => SomeRequest::getVar('tunnus', ''), 'fname' => SomeRequest::getVar('etunimi', ''), 'lname' => SomeRequest::getVar('sukunimi', ''), 'unit' => SomeRequest::getVar('yksikko', ''), 'email' => SomeRequest::getVar('sposti', ''), 'phone' => SomeRequest::getVar('puh', ''), 'password' => SomeRequest::getVar('salasana', ''));
$someuser->setUsername($this->userdata['username']);
// DO THE PASSWORD HASHING HERE
$someuser->setPassword($this->userdata['password']);
$someuser->setUserrole('teacher');
$this->userdata['userrole'] = $someuser->getUserrole();
$someuser->create();
//Yritetään lisäksi tehdä uusi tuutori
$db = SomeFactory::getDBO();
$stmt = $db->prepare("INSERT INTO tuutori VALUES(?, ?, ?, ?, ?, ?, 'Tuutori')");
$ok = $stmt->execute(array($this->userdata['username'], $this->userdata['fname'], $this->userdata['lname'], $this->userdata['email'], $this->userdata['phone'], $this->userdata['unit']));
if ($someuser->getId() > 0 && $ok > 0) {
$this->userdata['id'] = $someuser->getId();
return true;
} else {
return false;
}
}
}
function login()
{
$model = $this->getModel('default');
$view = $this->getView('login');
$tmpl = SomeRequest::getVar('tmpl', 'default');
$view->setModel($model);
if ($model->isSubmit()) {
// was it succesfull?
$user = SomeFactory::getUser();
if (!$user->getId()) {
$tmpl = 'default';
} else {
//Kirjautuminen onnistui, ohjataan hops-käyttöliittmään
//TODO: RBAC !??
if ($user->getUserrole() === 'teacher' || $user->getUserrole() === 'student' || $user->getUserrole() === 'headteacher') {
$app = SomeFactory::getApplication();
$app->redirect('index.php?app=hops');
} else {
$tmpl = 'succesful';
}
}
} else {
$tmpl = 'default';
}
$view->display($tmpl);
//
}
public function prepare()
{
//if run test, run test
$runtest = SomeRequest::getVar('runtest', 0);
if ($runtest) {
$this->runtest();
}
}
function tables()
{
$view = SomeRequest::getCmd('view', 'edit');
$model = $this->getModel($view);
$view = $this->getView($view);
$view->setModel($model);
$view->display();
}
public function showFilled()
{
//Täytetyn hopsin tarkastelu
$lukuvuosi = SomeRequest::getInt("lv", 0);
$vuositaso = SomeRequest::getInt("vt", 0);
$model = $this->getModel('hops');
$model->getFilled($lukuvuosi, $vuositaso);
$view = $this->getView('hops');
$view->setModel($model);
$view->display('showFilled');
}
public function install()
{
$table = SomeRequest::getCmd('table');
if ($table == 'someuser') {
$this->installSomeUserTable();
} else {
if ($table == 'somesession') {
$this->installSomeSessionTable();
}
}
}
protected function changeRole()
{
$id = SomeRequest::getInt('id', 0);
if ($id) {
$ur = SomeRequest::getCmd('newrole');
$user = new SomeUser();
$user->setId($id);
$user->read();
$user->setUserrole($ur);
$user->update();
}
}
private function save()
{
$this->edit();
$conf = SomeFactory::getConfiguration();
foreach ($this->conf_categories as $catname => $v) {
foreach ($v as $key => $val) {
$value_from_post = SomeRequest::getVar("{$catname}___{$key}", '');
$conf->set($key, $catname, $value_from_post);
}
}
$exportedarray = var_export($conf->getAsArray(), true);
file_put_contents(SOME_PATH . DS . 'configuration.php', "<?php\n defined('SOME_PATH') or die('Unauthorized access');\n \$configuration = {$exportedarray};");
$this->edit();
}
public function setLanguage()
{
$session = SomeFactory::getSession();
$conf = SomeFactory::getConfiguration();
$language = SomeRequest::getVar('language', null);
$sesslanguage = $session->get('language', null);
$argumentlanguage = $conf->get('language', 'common');
if ($language) {
$session->set('language', $language);
$argumentlanguage = $language;
} else {
if ($sesslanguage) {
$argumentlanguage = $sesslanguage;
}
}
$this->language = $argumentlanguage;
SomeFactory::getLanguage($argumentlanguage);
}
public function prepare()
{
//do we even have
$installtables = SomeRequest::getInt('ist', 0);
if ($installtables && $this->confOk()) {
if (!$this->hasUsertable()) {
$this->createUserTable();
}
if (!$this->hasSessiontable()) {
$this->createSessionTable();
}
}
//get the information on tables needes and what is installed
if (!$this->hasUsertable()) {
$this->errors[] = "No someuser database table installed!";
}
if (!$this->hasSessiontable()) {
$this->errors[] = "No somesession database table installed!";
}
if (!$this->confOk()) {
$this->errors[] = "Check you configuration.xml on database values.";
}
}
<?php
$table = SomeRequest::getVar('table');
?>
Installed <?php
echo $table;
?>
<hr />
Back to <a href='index.php?app=configuration&cntr=install'>configuration info</a>.
public function delete()
{
//VielŠ kerran varmistus kŠyttŠjŠn oikeuksista
$user = SomeFactory::getUser();
if ($user->getUserrole() === SomeUser::ROLE_HEADTEACHER) {
//On oikeudet. Poistetaan ensin kŠyttŠjŠ someuser-taulusta
$someuser = new SomeUser();
$tunnus = SomeRequest::getVar('tunnus', '');
$db = SomeFactory::getDBO();
$stmt = $db->prepare("SELECT id FROM someuser WHERE username=?");
$ok = $stmt->execute(array($tunnus));
$id = $stmt->fetch(PDO::FETCH_ASSOC);
if ($id) {
//Saatiin id, voidaan poistaa kŠyttŠjŠ
$someuser->setId($id['id']);
$ryhmat;
$stmt = $db->prepare("SELECT tunnus FROM hops_ryhma WHERE tuutori = ?");
$ok = $stmt->execute(array($tunnus));
if ($ok) {
$i = 0;
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$ryhmat[$i++] = $row;
}
}
var_dump($ryhmat);
$i = 0;
if ($ryhmat != null) {
foreach ($ryhmat as $ryhma) {
$stmt = $db->prepare("UPDATE opiskelija SET hopsryhma = null WHERE hopsryhma = ?");
$ok = $stmt->execute(array($ryhma['tunnus']));
$stmt = $db->prepare("DELETE FROM hops_ryhma WHERE tunnus = ?");
$ok = $stmt->execute(array($ryhma['tunnus']));
if ($ok) {
echo "RyhmŠn poisto onnistui";
}
}
}
//Poistetaan myšs itse tuutori omasta taulustaan
$stmt = $db->prepare("DELETE FROM tuutori WHERE tunnus=?");
$ok = $stmt->execute(array($tunnus));
if ($ok) {
$someuser->delete();
return true;
}
} else {
return false;
}
} else {
return false;
}
}
<?php
defined('SOME_PATH') or die('Unauthorized access');
////
//// MUST BE ADMIN TO ACCESS HERE!
////
/*
$user = SomeFactory::getUser();
if ($user->getUserrole() != 'admin') {
$app = SomeFactory::getApplication();
$app->redirect('index.php?app=login', SomeText::_('MUST LOGIN AS ADMIN'));
exit;
}
*/
someloader('some.application.controller');
if (!defined('PATH_CONTENT')) {
define('PATH_CONTENT', dirname(__FILE__));
}
$cntrparam = SomeRequest::getCmd('cntr', 'default');
$cntrlclass = 'SomeController' . ucfirst($cntrparam);
include PATH_CONTENT . DS . 'controller' . DS . $cntrparam . '.php';
// default or install controller.
$controller = new $cntrlclass();
$controller->execute();
public function create()
{
//Tarkistetaan, ollaanko ylituutori
$user = SomeFactory::getUser();
if ($user->getUserrole() === SomeUser::ROLE_HEADTEACHER) {
//Ollaan. Halutaan luoda uusi ryhmä.
//Haetaan oleelliset muuttujat post-variablesta
//uuden ryhmän tunnus
$ryhma_tunnus = SomeRequest::getVar('tunnus', '');
//Ryhmän tuutorin tunnus
$tuutori_tunnus = SomeRequest::getVar('tuutori_tunnus', '');
if (!empty($ryhma_tunnus) && !empty($tuutori_tunnus)) {
//Saatiin jotain, luodaan uusi ryhmä
$db = SomeFactory::getDBO();
$stmt = $db->prepare("INSERT INTO hops_ryhma VALUES(?,?)");
$ok = $stmt->execute(array($ryhma_tunnus, $tuutori_tunnus));
if ($ok) {
return true;
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}
public static function getPath()
{
$HTTP_HOST = SomeRequest::getString('HTTP_HOST', null, 'SERVER');
$REQUEST_URI = SomeRequest::getString('REQUEST_URI', null, 'SERVER');
$currentUrl = "http://{$HTTP_HOST}{$REQUEST_URI}";
$urlParts = parse_url($currentUrl);
$pathPart = strpos($urlParts['path'], "index.php") === FALSE ? $urlParts['path'] : dirname($urlParts['path']);
if (substr($pathPart, -1) === "/") {
$pathPart = substr($pathPart, 0, -1);
}
return $pathPart;
}
protected function loadLanguage()
{
$app = SomeRequest::getVar('app');
$language = SomeFactory::getLanguage();
$language->load($app);
}
/**
* Cleans the request from script injection.
*
* @static
* @return void
* @since 1.5
*/
public static function clean()
{
SomeRequest::_cleanArray($_FILES);
SomeRequest::_cleanArray($_ENV);
SomeRequest::_cleanArray($_GET);
SomeRequest::_cleanArray($_POST);
SomeRequest::_cleanArray($_COOKIE);
SomeRequest::_cleanArray($_SERVER);
if (isset($_SESSION)) {
SomeRequest::_cleanArray($_SESSION);
}
$REQUEST = $_REQUEST;
$GET = $_GET;
$POST = $_POST;
$COOKIE = $_COOKIE;
$FILES = $_FILES;
$ENV = $_ENV;
$SERVER = $_SERVER;
if (isset($_SESSION)) {
$SESSION = $_SESSION;
}
foreach ($GLOBALS as $key => $value) {
if ($key != 'GLOBALS') {
unset($GLOBALS[$key]);
}
}
$_REQUEST = $REQUEST;
$_GET = $GET;
$_POST = $POST;
$_COOKIE = $COOKIE;
$_FILES = $FILES;
$_ENV = $ENV;
$_SERVER = $SERVER;
if (isset($SESSION)) {
$_SESSION = $SESSION;
}
// Make sure the request hash is clean on file inclusion
$GLOBALS['_JREQUEST'] = array();
}
* trying to get framework. Failing to do so means that there is bugs or something broken at the server.
*/
require_once SOME_LIBRARY . DS . 'some' . DS . 'common.php';
$framework = SomeFactory::getApplication();
$debug = $framework->getDebug();
} catch (SomeException $e) {
//get error template from root and exit, can not even build
require SOME_PATH . DS . 'error.php';
exit;
} catch (Exception $e) {
require SOME_PATH . DS . 'error.php';
exit;
}
//Try to do framework magic, failing to do so can happen for lots of reasons.
try {
$app = SomeRequest::getVar('app', 'login');
$framework->dispatch($app);
// render puts xhtml string to SomeDocumentHTML buffer, it does not echo anything
$framework->render();
// predebug string has all the e_notifications and such messages.
$prebug = ob_get_clean();
} catch (Exception $e) {
require SOME_PATH . DS . 'error.php';
exit;
}
//id debug, echo debug
if ($debug) {
//echo "<pre>$prebug</pre>\n";
if ($prebug) {
SomeResponse::setBody("<pre>{$prebug}</pre>\n");
}