public function __construct()
{
try {
$this->_pdo = new PDO('mysql:host=' . Config::get('mysql.host') . ';dbname=' . Config::get('mysql.prefix') . Config::get('mysql.db'), Config::get('mysql.username'), Config::get('mysql.password'));
} catch (PDOException $e) {
//die($e->getMessage());
die_err(500, 'err_45071');
}
}
function render()
{
$data = $GLOBALS['data'];
$app = $GLOBALS['app'];
$layout_file = LAYOUTS_PATH . DS . Config::get('html.layout') . VIEW_EXTENSION;
if (file_exists($layout_file)) {
require_once $layout_file;
} else {
die_err(500, 'err_51002');
}
}
public function find($user = null)
{
if (!$this->_db->table_exists(TABLE_USERS)) {
die_err(500, 'err_32001');
}
if ($user) {
$field = is_numeric($user) ? 'id' : 'user';
$dataI = $this->_db->get(TABLE_USERS, array($field, '=', $user));
//var_dump($dataI);
if ($dataI->count()) {
$this->_data = $dataI->first();
return true;
}
}
return false;
}
public function __construct()
{
session_start();
$this->_db = DB::getInstance();
//$this->_sessionName = Config::get('session/session_name');
//$this->_cookieName = Config::get('remember/cookie_name');
$this->url = $this->parseUrl();
$this->constructCAV();
if ($this->error['cma'] == true) {
$this->error['404'] = true;
$this->method = 'errors';
}
require_once APP_PATH . DS . 'controllers' . DS . $this->controller . '.php';
$this->controller = new $this->controller();
if (method_exists($this->controller, $this->method) && is_callable(array($this->controller, $this->method))) {
call_user_func_array(array($this->controller, $this->method), array($this->param));
} else {
die_err(500, 'err_50928');
}
}
public function __construct($app)
{
$this->app = $app;
$app->group('/user', function () use($app) {
$app->get('/autocomplete', function () {
$userService = new \Core\Service\UserService();
echo json_encode($userService->getAutocomplete($_GET['s']));
});
$app->get('/check', function () {
$userAvailible = ECP\UserQuery::create()->filterByName($_GET['name'])->count() == 0;
echo json_encode((object) array('isAvailible' => $userAvailible));
});
$app->get('/status', function () {
$userService = new \Core\Service\UserService();
$isLoggedIn = $userService->isLoggedIn();
if (!$isLoggedIn) {
die(json_encode((object) array('isLoggedIn' => false)));
}
$user = $userService->getLoggedInUser();
echo json_encode((object) array('isLoggedIn' => true, 'id' => $user->id, 'username' => $user->username));
});
$app->post('/login', function () {
$p = getPost();
$user = ECP\UserQuery::create()->filterByName($p->username)->filterByPassword(sha1($p->password))->filterByConfirmationCode('')->findOne();
if (!$user) {
die(json_encode((object) array('status' => 'incorrect credentials')));
}
$_SESSION['ecp'] = (object) array('id' => $user->getId(), 'username' => $user->getName());
echo $this->getBoolStatus(true);
});
$app->post('/register', function () {
$userService = new \Core\Service\UserService();
$p = getPost();
if (strpos($p->username, '/') !== false) {
die_err('Slashes are not allowed in names!');
}
$code = generateCode();
$user = new ECP\User();
$user->setName($p->username);
$user->setPassword(sha1($p->password));
$user->setEmail($p->email);
$user->setCreated(time());
$user->setConfirmationCode($code);
$user->save();
$userService->sendRegistrationMail($user);
echo $this->getBoolStatus(true);
});
$app->post('/logout', function () {
unset($_SESSION['ecp']);
echo '{}';
});
$app->post('/recover-password', function () {
$userService = new \Core\Service\UserService();
$p = getPost();
$users = ECP\UserQuery::create()->filterByEmail($p->email)->filterByConfirmationCode('')->find();
foreach ($users as $user) {
$code = generateCode();
$user->setRecoverPasswordCode($code);
$user->save();
$userService->sendRecoverPassword($user);
}
echo $this->getBoolStatus(true);
});
$app->get('/reset-password-check', function () {
$userCount = ECP\UserQuery::create()->filterByRecoverPasswordCode($_GET['code'])->count();
echo $this->getBoolStatus($userCount != 0);
});
$app->post('/reset-password', function () {
$p = getPost();
$users = ECP\UserQuery::create()->filterByRecoverPasswordCode($p->code)->find();
$found = false;
foreach ($users as $user) {
$user->setRecoverPasswordCode('');
$user->setPassword(sha1($p->password));
$user->save();
$found = true;
}
echo $this->getBoolStatus($found);
});
$app->post('/confirm-registration', function () {
$p = getPost();
$users = ECP\UserQuery::create()->filterByConfirmationCode($p->code)->find();
$found = false;
foreach ($users as $user) {
$user->setConfirmationCode('');
$user->save();
$found = true;
}
echo $this->getBoolStatus($found);
});
});
}
protected function getLocalyMappedEntityToSave($data, $fork)
{
$user = $this->userService->getLoggedInUser();
if ($this->isSingleEntity) {
$data->id = $this->getSingleEntityId();
}
$entity = null;
if ($data->id != 'new') {
$entity = $this->getEntity($data->id, true);
if ($this->hasUserField && $this->getUserId($entity) != $user->id) {
$this->dieAccessDenied();
}
} else {
$entity = $this->getNewEntity();
if ($this->hasUserField) {
if ($this->isUserEntity()) {
throw new Exception('not supported for the user entity');
}
$entity->setUserId($user->id);
}
}
if ($this->hasNameField) {
if (strpos($data->name, '/') !== false) {
die_err('Slashes are not allowed in names!');
}
$entity->setName($data->name);
}
if ($this->hasIsListedField) {
$entity->setIsListed($data->isListed);
}
if ($fork != false) {
$entity->setForkedId($fork);
}
return $entity;
}
}elseif(!$in_string && ($sql[$i] == "\"" || $sql[$i] == "'")&&(!isset($buffer[0]) || $buffer[0] != "\\")){
$in_string = $sql[$i];
}
if(isset($buffer[1])){
$buffer[0] = $buffer[1];
}else{
$buffer[1] = $sql[$i];
}
}
if(!empty($sql)){
$ret[] = $sql;
}
if(count($ret)==0){
die_err('Не са подадени заявки за изпълнение');
}
foreach($ret as $key=>$query){
$query=trim($query);
$query=stripslashes($query);
echo "<b>[".$key."]</b> ".urlencode(htmlspecialchars($query))."<br>";
logit("admin query: ".$query);
$result=@sql_q($query);
if(mysql_error()==false){
logit("admin query ok");
echo "<font color=blue>OK</font><br>";
}else{
logit("admin query err: ".mysql_error());
echo "<font color=red><i>Грешка: ".mysql_error()."</i></font><br>";
$sqlerr=true;
function arr_2_str($arr, $fuhao)
{
$str = NULL;
foreach ($arr as $tmp) {
$str .= $tmp . $fuhao;
}
if ($str) {
$str = substr($str, 0, -1);
} else {
die_err("err_json", __LINE__);
}
// 错误码:status为空
return $str;
}
function db_query($sql, &$select_result, $out_arg = NULL, &$out_value = NULL)
{
$mysqli = new mysqli(_HOST_, _USER_, _PSW_, _DB_);
if (mysqli_connect_errno()) {
die_err("err_mysql_con", __LINE__, mb_convert_encoding(mysqli_connect_error(), 'utf-8', 'gb2312'), ifile_name(__FILE__));
// 错误码:接连数据库失败
}
$mysqli->query("set names 'utf8'");
//输出中文
$mysqli->autocommit(FALSE);
$arry = array();
$result_arr = array();
if ($mysqli->multi_query($sql)) {
if ($result = $mysqli->store_result()) {
while (!is_null($select_result) && ($row = $result->fetch_assoc())) {
array_push($select_result, $row);
}
$result->close();
}
while ($mysqli->more_results() && $mysqli->next_result()) {
$result = $mysqli->store_result();
}
} else {
die_err("err_null_out", __LINE__, mysqli_error($mysqli), ifile_name(__FILE__));
}
$mysqli->commit();
$num = count($out_arg);
$i = 0;
while ($i < $num) {
$result2 = $mysqli->query("select " . $out_arg[$i] . " ;");
if ($result2) {
while ($row = $result2->fetch_assoc()) {
$out_value = array_merge($out_value, $row);
}
$i++;
$result2->close();
} else {
die_err("err_null_out", __LINE__, mysqli_error($mysqli), ifile_name(__FILE__));
}
}
$mysqli->close();
}
