/**
* Create CAPTCHA token
*
* @param int $reload
* @return Captcha
*/
public function createToken($reload = null)
{
$sess = Session::getInstance();
ob_start();
include __DIR__ . '/../../../phire/view/captcha.phtml';
$captcha = ob_get_clean();
// If reload, or captcha token doesn't exist, create new one
if (null !== $reload || !isset($sess->pop_captcha)) {
$token = ['captcha' => $captcha, 'value' => Random::create($this->length, Random::ALPHANUM | Random::UPPERCASE), 'expire' => (int) $this->expire, 'start' => time()];
$sess->pop_captcha = serialize($token);
// Else, check existing token
} else {
$token = unserialize($sess->pop_captcha);
if ($token['value'] == '') {
$token = ['captcha' => $captcha, 'value' => Random::create($this->length, Random::ALPHANUM | Random::UPPERCASE), 'expire' => (int) $this->expire, 'start' => time()];
$sess->pop_captcha = serialize($token);
// Check to see if the token has expired
} else {
if ($token['expire'] > 0) {
if ($token['expire'] + $token['start'] < time()) {
$token = ['captcha' => $captcha, 'value' => Random::create($this->length, Random::ALPHANUM | Random::UPPERCASE), 'expire' => (int) $this->expire, 'start' => time()];
$sess->pop_captcha = serialize($token);
}
}
}
}
$this->token = $token;
return $this;
}
/**
* Constructor method to instantiate the default controller object
*
* @param Request $request
* @param Response $response
* @param Project $project
* @param string $viewPath
* @return self
*/
public function __construct(Request $request = null, Response $response = null, Project $project = null, $viewPath = null)
{
if (null === $viewPath) {
$cfg = $project->module('Phire')->asArray();
$viewPath = __DIR__ . '/../../../../../view/phire/install';
if (isset($cfg['view'])) {
$class = get_class($this);
if (is_array($cfg['view']) && isset($cfg['view'][$class])) {
$viewPath = $cfg['view'][$class];
} else {
if (is_array($cfg['view']) && isset($cfg['view']['*'])) {
$viewPath = $cfg['view']['*'] . '/install';
} else {
if (is_string($cfg['view'])) {
$viewPath = $cfg['view'] . '/install';
}
}
}
}
}
$lang = isset($_GET['lang']) ? $_GET['lang'] : 'en_US';
if (!defined('POP_LANG')) {
define('POP_LANG', $lang);
}
$this->i18n = I18n::factory();
$this->i18n->loadFile($_SERVER['DOCUMENT_ROOT'] . BASE_PATH . APP_PATH . '/vendor/Phire/data/assets/i18n/' . $this->i18n->getLanguage() . '.xml');
parent::__construct($request, $response, $project, $viewPath);
$this->sess = Session::getInstance();
}
/**
* Get sort order
*
* @param string $sort
* @param string $page
* @param string $ord
* @return array
*/
public function getSortOrder($sort = null, $page = null, $ord = 'ASC')
{
$field = 'id';
$order = $ord;
$sess = null;
if (stripos(php_sapi_name(), 'cli') === false || stripos(php_sapi_name(), 'server') !== false) {
$sess = Session::getInstance();
}
if (null !== $sort) {
if (null !== $sess && $page != $sess->lastPage) {
if ($sort != $sess->lastSortField) {
$field = $sort;
$order = $ord;
} else {
$field = $sess->lastSortField;
$order = $sess->lastSortOrder;
}
} else {
$field = $sort;
if (null !== $sess && isset($sess->lastSortOrder)) {
$order = $sess->lastSortOrder == 'ASC' ? 'DESC' : 'ASC';
} else {
$order = $ord;
}
}
}
if (null !== $sess) {
$sess->lastSortField = $field;
$sess->lastSortOrder = $order;
$sess->lastPage = $page;
}
return $field . ' ' . $order;
}
/**
* Set the field values
*
* @param array $values
* @return Unsubscribe
*/
public function setFieldValues(array $values = null)
{
parent::setFieldValues($values);
if ($_POST && null !== $this->email) {
$member = Table\Users::findBy(['email' => $this->email]);
if (!isset($member->id)) {
$this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'That email does not exist.'));
} else {
if (null !== $member->role_id) {
$sess = \Pop\Web\Session::getInstance();
$requireLogin = true;
$role = Table\Roles::findById($member->role_id);
if (isset($role->id) && null !== $role->permissions) {
$permissions = unserialize($role->permissions);
if (isset($permissions['deny'])) {
foreach ($permissions['deny'] as $deny) {
if ($deny['resource'] == 'member-login') {
$requireLogin = false;
}
}
}
}
if ($requireLogin) {
if (!isset($sess->member) || isset($sess->member) && $sess->member->id != $member->id) {
$memberAdmin = new \Phire\Members\Model\MembersAdmin();
$memberAdmin->getByRoleId($member->role_id);
$memberUri = isset($memberAdmin->uri) ? $memberAdmin->uri : APP_URI;
$this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'You must <a href="' . BASE_PATH . $memberUri . '/login">log in</a> to unsubscribe.'));
}
}
}
}
}
return $this;
}
/**
* Constructor method to instantiate the user controller object
*
* @param Request $request
* @param Response $response
* @param Project $project
* @param string $viewPath
* @return self
*/
public function __construct(Request $request = null, Response $response = null, Project $project = null, $viewPath = null)
{
// Create the session object and get the user type
$this->sess = Session::getInstance();
$this->type = $project->getService('acl')->getType();
if (null === $viewPath) {
$cfg = $project->module('Phire')->asArray();
$viewPath = __DIR__ . '/../../../../view/phire';
if (isset($cfg['view'])) {
$class = get_class($this);
if (is_array($cfg['view']) && isset($cfg['view'][$class])) {
$viewPath = $cfg['view'][$class];
} else {
if (is_array($cfg['view']) && isset($cfg['view']['*'])) {
$viewPath = $cfg['view']['*'];
} else {
if (is_string($cfg['view'])) {
$viewPath = $cfg['view'];
}
}
}
}
// If it is not a user, or a user globally logged into another area
if (strtolower($this->type->type) != 'user' && !$this->type->global_access || substr($_SERVER['REQUEST_URI'], 0, strlen(BASE_PATH . APP_URI)) != BASE_PATH . APP_URI) {
$site = Table\Sites::getSite();
$theme = Table\Extensions::findBy(array('type' => 0, 'active' => 1), null, 1);
$themePath = $site->document_root . $site->base_path . CONTENT_PATH . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $this->type->type;
$activeThemePath = null;
if (isset($theme->rows[0])) {
$activeThemePath = $site->document_root . $site->base_path . CONTENT_PATH . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme->rows[0]->name . DIRECTORY_SEPARATOR . $this->type->type;
}
if (null !== $activeThemePath && file_exists($activeThemePath)) {
$viewPath = $activeThemePath;
} else {
if (file_exists($themePath)) {
$viewPath = $themePath;
}
}
}
}
// Set the correct base path and user URI based on user type
if (get_called_class() == 'Phire\\Controller\\Phire\\IndexController') {
$basePath = strtolower($this->type->type) != 'user' ? BASE_PATH . '/' . strtolower($this->type->type) : BASE_PATH . APP_URI;
$request = new Request(null, $basePath);
}
parent::__construct($request, $response, $project, $viewPath);
}
/**
* Constructor method to instantiate the default controller object
*
* @param Request $request
* @param Response $response
* @param Project $project
* @param string $viewPath
* @return self
*/
public function __construct(Request $request = null, Response $response = null, Project $project = null, $viewPath = null)
{
if (null === $viewPath) {
$cfg = $project->module('Phire')->asArray();
$viewPath = __DIR__ . '/../../../../../view/phire/structure';
if (isset($cfg['view'])) {
$class = get_class($this);
if (is_array($cfg['view']) && isset($cfg['view'][$class])) {
$viewPath = $cfg['view'][$class];
} else {
if (is_array($cfg['view']) && isset($cfg['view']['*'])) {
$viewPath = $cfg['view']['*'] . '/structure';
} else {
if (is_string($cfg['view'])) {
$viewPath = $cfg['view'] . '/structure';
}
}
}
}
}
parent::__construct($request, $response, $project, $viewPath);
$this->sess = Session::getInstance();
}
/**
* Get all modules
*
* @param \Pop\Module\Manager $moduleManager
* @param \Pop\Acl\Acl $acl
* @param int $limit
* @param int $page
* @param string $sort
* @return array
*/
public function getAll(\Pop\Module\Manager $moduleManager, \Pop\Acl\Acl $acl, $limit = null, $page = null, $sort = null)
{
$order = null !== $sort ? $this->getSortOrder($sort, $page) : 'order, id ASC';
if (null !== $limit) {
$page = null !== $page && (int) $page > 1 ? $page * $limit - $limit : null;
$modules = Table\Modules::findAll(['offset' => $page, 'limit' => $limit, 'order' => $order])->rows();
} else {
$modules = Table\Modules::findAll(['order' => $order])->rows();
}
$sess = Session::getInstance();
foreach ($modules as $module) {
if (isset($moduleManager[$module->name]) && isset($moduleManager[$module->name]->config()['nav.module'])) {
$module->nav = new Nav([$moduleManager[$module->name]->config()['nav.module']], ['top' => ['class' => 'module-nav']]);
$module->nav->setBaseUrl(BASE_PATH . APP_URI);
$module->nav->setAcl($acl);
$module->nav->setRole($acl->getRole($sess->user->role));
$module->nav->setIndent(' ');
} else {
$module->nav = null;
}
}
return $modules;
}
/**
* Save site
*
* @param \Pop\Form\Form $form
* @return void
*/
public function save(\Pop\Form\Form $form)
{
$fields = $form->getFields();
$docRoot = substr($fields['document_root'], -1) == '/' && substr($fields['document_root'], -1) == "\\" ? substr($fields['document_root'], 0, -1) : $fields['document_root'];
if ($fields['base_path'] != '') {
$basePath = substr($fields['base_path'], 0, 1) != '/' && substr($fields['base_path'], 0, 1) != "\\" ? '/' . $fields['base_path'] : $fields['base_path'];
if (substr($basePath, -1) == '/' && substr($basePath, -1) == "\\") {
$basePath = substr($basePath, 0, -1);
}
} else {
$basePath = '';
}
$site = new Table\Sites(array('domain' => $fields['domain'], 'document_root' => str_replace('\\', '/', $docRoot), 'base_path' => str_replace('\\', '/', $basePath), 'title' => $fields['title'], 'force_ssl' => (int) $fields['force_ssl'], 'live' => (int) $fields['live']));
$site->save();
$this->data['id'] = $site->id;
$user = Table\Users::findById($this->data['user']->id);
$siteIds = unserialize($user->site_ids);
$siteIds[] = $site->id;
$user->site_ids = serialize($siteIds);
$user->update();
$sess = \Pop\Web\Session::getInstance();
$sess->user->site_ids = $siteIds;
FieldValue::save($fields, $site->id);
$this->createFolders($docRoot, $basePath);
// Copy any themes over
$themes = Table\Extensions::findAll(null, array('type' => 0));
if (isset($themes->rows[0])) {
$themePath = $docRoot . $basePath . CONTENT_PATH . '/extensions/themes';
foreach ($themes->rows as $theme) {
if (!file_exists($themePath . '/' . $theme->name)) {
copy($_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR . BASE_PATH . DIRECTORY_SEPARATOR . CONTENT_PATH . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme->file, $themePath . '/' . $theme->file);
$archive = new \Pop\Archive\Archive($themePath . '/' . $theme->file);
$archive->extract($themePath . '/');
if ((stripos($theme->file, 'gz') || stripos($theme->file, 'bz')) && file_exists($themePath . '/' . $theme->name . '.tar')) {
unlink($themePath . '/' . $theme->name . '.tar');
}
}
}
}
}
/**
* Update user
*
* @param \Pop\Form\Form $form
* @param \Pop\Config $config
* @return void
*/
public function update(\Pop\Form\Form $form, $config)
{
$encOptions = $config->encryptionOptions->asArray();
$fields = $form->getFields();
$type = Table\UserTypes::findById($fields['type_id']);
$user = Table\Users::findById($fields['id']);
if (isset($user->id)) {
// If there's a new password, set according to the user type
if ($fields['password1'] != '' && $fields['password2'] != '') {
$user->password = self::encryptPassword($fields['password1'], $type->password_encryption, $encOptions);
}
// Set role
if (isset($fields['role_id'])) {
$roleId = $fields['role_id'] == 0 ? null : $fields['role_id'];
} else {
$roleId = $user->role_id;
}
// Set verified and attempts
$verified = isset($fields['verified']) ? $fields['verified'] : $user->verified;
$failedAttempts = isset($fields['failed_attempts']) ? $fields['failed_attempts'] : $user->failed_attempts;
$first = null === $user->role_id && null === $user->logins && $type->login;
if (isset($fields['profile']) && $fields['profile']) {
$siteIds = $user->site_ids;
} else {
$siteIds = isset($fields['site_ids']) ? serialize($fields['site_ids']) : serialize(array());
}
// Save the user's updated data
$user->role_id = $roleId;
$user->username = isset($fields['username']) ? $fields['username'] : $fields['email1'];
$user->email = $fields['email1'];
$user->verified = $verified;
$user->failed_attempts = $failedAttempts;
$user->site_ids = $siteIds;
$user->updated = date('Y-m-d H:i:s');
$sess = Session::getInstance();
if (isset($fields['reset_pwd']) && $fields['reset_pwd']) {
$user->updated_pwd = date('Y-m-d H:i:s');
unset($sess->reset_pwd);
}
$sess->last_user_id = $user->id;
if ($sess->user->id == $user->id) {
$sess->user->username = $user->username;
$sess->user->site_ids = unserialize($siteIds);
}
$user->update();
$this->data['id'] = $user->id;
FieldValue::update($fields, $user->id);
// Send verification if needed
if ($first) {
$this->sendApproval($user, $type);
}
}
}
<?php
/**
* Module Name: phire-sessions
* Author: Nick Sagona
* Description: This is the sessions module for Phire CMS 2
* Version: 1.0
*/
return ['phire-sessions' => ['prefix' => 'Phire\\Sessions\\', 'src' => __DIR__ . '/../src', 'routes' => include 'routes.php', 'resources' => include 'resources.php', 'forms' => include 'forms.php', 'nav.phire' => ['sessions' => ['name' => 'Sessions', 'href' => '/sessions', 'acl' => ['resource' => 'sessions', 'permission' => 'index'], 'attributes' => ['class' => 'sessions-nav-icon'], 'children' => ['logins' => ['name' => 'Logins', 'href' => 'logins', 'acl' => ['resource' => 'sessions', 'permission' => 'logins']]]]], 'nav.module' => ['name' => 'Sessions Config', 'href' => '/sessions/config', 'acl' => ['resource' => 'sessions-config', 'permission' => 'index']], 'events' => [['name' => 'app.send.pre', 'action' => 'Phire\\Sessions\\Event\\UserSession::login'], ['name' => 'app.send.pre', 'action' => 'Phire\\Sessions\\Event\\UserSession::dashboard'], ['name' => 'app.dispatch.pre', 'action' => 'Phire\\Sessions\\Event\\UserSession::logout']], 'uninstall' => function () {
if (isset($_SERVER['REMOTE_ADDR'])) {
$path = BASE_PATH . APP_URI;
if ($path == '') {
$path = '/';
}
$cookie = \Pop\Web\Cookie::getInstance(['path' => $path]);
$cookie->delete('phire_session_timeout');
$cookie->delete('phire_session_path');
$sess = \Pop\Web\Session::getInstance();
if (isset($sess->user) && isset($sess->user->session)) {
unset($sess->user->session);
}
}
}, 'header' => __DIR__ . '/../view/phire/header.phtml', 'footer' => __DIR__ . '/../view/phire/footer.phtml', 'clear_sessions' => 86400, 'multiple_session_warning' => false, 'login_limit' => 500]];
/**
* Create nav tree from content type
*
* @param mixed $type
* @param int $navId
* @return void
*/
protected function createNavFrom($type, $navId)
{
if ($type == 'categories') {
$category = new \Phire\Categories\Model\Category();
$contentAry = $category->getAll();
$cat = true;
} else {
$sess = Session::getInstance();
unset($sess->lastSortField);
unset($sess->lastSortOrder);
unset($sess->lastPage);
$content = new \Phire\Content\Model\Content();
$contentAry = $content->getAll($type, 'id');
$cat = false;
}
foreach ($contentAry as $c) {
$item = new Table\NavigationItems(['navigation_id' => $navId, 'item_id' => $c->id, 'type' => $cat ? 'category' : 'content', 'name' => $c->title, 'href' => $cat ? '/category' . $c->uri : $c->uri, 'order' => 0]);
$item->save();
if (isset($c->status) && $c->status == 1 || !isset($c->status)) {
$this->createNavChildren($item->id, $navId, $c, 0, $cat);
}
}
}
function __construct()
{
$this->session = S::getInstance();
}
/**
* Get all content by type ID
*
* @param int $typeId
* @return array
*/
public function getAllByTypeId($typeId)
{
$type = new ContentType();
$type->getById($typeId);
$contentAry = Table\Content::findBy(['type_id' => $typeId, 'status' => 1], ['order' => 'order, id ASC'])->rows();
$ary = [];
foreach ($contentAry as $cont) {
if (class_exists('Phire\\Fields\\Model\\FieldValue')) {
$c = \Phire\Fields\Model\FieldValue::getModelObject('Phire\\Content\\Model\\Content', [$cont->id]);
$data = $c->toArray();
} else {
$data = (array) $cont;
}
$c = $this->setContent($data);
$sess = \Pop\Web\Session::getInstance();
if (is_array($c['roles']) && count($c['roles']) > 0) {
if (isset($sess->user) && in_array($sess->user->role_id, $c['roles']) || isset($sess->member) && in_array($sess->member->role_id, $c['roles'])) {
$ary[] = $c;
}
} else {
$ary[] = $c;
}
}
return $ary;
}
/**
* Get the init field values
*
* @param int $tid
* @param boolean $profile
* @param int $uid
* @param string $action
* @param boolean $register
* @return array
*/
protected function getInitFields($tid = 0, $profile = false, $uid = 0, $action, $register = false)
{
$type = Table\UserTypes::findById($tid);
$fields1 = array();
// Continue setting up initial user fields
$fields1['email1'] = array('type' => 'text', 'label' => $this->i18n->__('Email'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => new Validator\Email());
if ($type->email_verification) {
$fields1['email2'] = array('type' => 'text', 'label' => $this->i18n->__('Re-Type Email'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => new Validator\Email());
}
// If not email as username, create username field
if (!$type->email_as_username) {
$fields2 = array('username' => array('type' => 'text', 'label' => $this->i18n->__('Username'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => array(new Validator\AlphaNumeric(), new Validator\LengthGte(4))));
if ($uid != 0) {
$fields2['username']['attributes']['onkeyup'] = "phire.updateTitle('#username-title', this);";
}
} else {
$fields2 = array();
if ($uid != 0) {
$fields1['email1']['attributes']['onkeyup'] = "phire.updateTitle('#username-title', this);";
}
}
// Continue setting up initial user fields
if ($type->login) {
$fields3 = array('password1' => array('type' => 'password', 'label' => $this->i18n->__('Enter Password'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => new Validator\LengthGte(6)), 'password2' => array('type' => 'password', 'label' => $this->i18n->__('Re-Type Password'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => new Validator\LengthGte(6)));
} else {
$fields3 = array();
}
$fieldGroups = array();
$dynamicFields = false;
$model = str_replace('Form', 'Model', get_class($this));
$newFields = \Phire\Model\Field::getByModel($model, $tid, $uid);
if ($newFields['dynamic']) {
$dynamicFields = true;
}
if ($newFields['hasFile']) {
$this->hasFile = true;
}
foreach ($newFields as $key => $value) {
if (is_numeric($key)) {
$fieldGroups[] = $value;
}
}
$fields4 = array();
if ($register) {
$site = Table\Sites::getSite();
if ($type->use_csrf) {
$fields4['csrf'] = array('type' => 'csrf', 'value' => \Pop\Filter\String::random(8));
}
if ($type->use_captcha) {
$fields4['captcha'] = array('type' => 'captcha', 'label' => $this->i18n->__('Enter Code'), 'captcha' => '<br /><img id="captcha-image" src="' . $site->base_path . '/captcha" /><br /><a class="reload-link" href="#" onclick="document.getElementById(\'captcha-image\').src = \'' . $site->base_path . '/captcha?reload=1\';return false;">' . $this->i18n->__('Reload') . '</a>', 'attributes' => array('size' => 5));
}
}
// Finish the initial fields
$fields4['submit'] = array('type' => 'submit', 'value' => strpos($action, '/register') !== false ? $this->i18n->__('REGISTER') : $this->i18n->__('SAVE'), 'attributes' => array('class' => strpos($action, '/install/user') !== false || $profile ? 'update-btn' : 'save-btn'));
if ($profile) {
$fields4['submit']['label'] = ' ';
$fields4['submit']['attributes']['style'] = 'width: 250px;';
$fields4['profile'] = array('type' => 'hidden', 'value' => 1);
$sess = \Pop\Web\Session::getInstance();
if (isset($sess->reset_pwd)) {
$fields4['reset_pwd'] = array('type' => 'hidden', 'value' => 1);
}
}
if (!$profile) {
$fields4['update'] = array('type' => 'button', 'value' => $this->i18n->__('Update'), 'attributes' => array('onclick' => "return phire.updateForm('#user-form', " . ($this->hasFile || $dynamicFields ? 'true' : 'false') . ");", 'class' => 'update-btn'));
}
$fields4['type_id'] = array('type' => 'hidden', 'value' => $tid);
$fields4['id'] = array('type' => 'hidden', 'value' => 0);
if (!$profile) {
$fields4['update_value'] = array('type' => 'hidden', 'value' => 0);
}
// If not profile
if (!$profile) {
// Get roles for user type
$rolesAry = array('0' => '(' . $this->i18n->__('Blocked') . ')');
if ($tid != 0) {
$roles = Table\UserRoles::findBy(array('type_id' => $tid), 'id ASC');
foreach ($roles->rows as $role) {
$rolesAry[$role->id] = $role->name;
}
}
$siteIds = array('0' => $_SERVER['HTTP_HOST']);
$sites = Table\Sites::findAll();
foreach ($sites->rows as $site) {
$siteIds[(string) $site->id] = $site->domain;
}
$fields4['role_id'] = array('type' => 'select', 'required' => true, 'label' => $this->i18n->__('User Role'), 'value' => $rolesAry, 'marked' => $type->default_role_id);
$fields4['verified'] = array('type' => 'select', 'label' => $this->i18n->__('Verified'), 'value' => array('1' => $this->i18n->__('Yes'), '0' => $this->i18n->__('No')), 'marked' => '0');
$fields4['failed_attempts'] = array('type' => 'text', 'label' => $this->i18n->__('Failed Attempts'), 'attributes' => array('size' => 3));
$fields4['site_ids'] = array('type' => 'checkbox', 'label' => $this->i18n->__('Allowed Sites'), 'value' => $siteIds);
}
if (strpos($action, '/install/user') !== false || $profile) {
$allFields = array($fields1, $fields2, $fields3);
if (count($fieldGroups) > 0) {
foreach ($fieldGroups as $fg) {
$allFields[] = $fg;
}
}
$allFields[] = $fields4;
} else {
$allFields = array($fields4, $fields1, $fields2, $fields3);
if (count($fieldGroups) > 0) {
foreach ($fieldGroups as $fg) {
$allFields[] = $fg;
}
}
}
return $allFields;
}
/**
* Install config method
*
* @param mixed $form
* @param string $docRoot
* @return void
*/
public function config($form, $docRoot = null)
{
if (null === $docRoot) {
$docRoot = $_SERVER['DOCUMENT_ROOT'] . BASE_PATH;
}
// Get config file contents
$cfgFile = new File($docRoot . '/config.php');
$config = $cfgFile->read();
// Get DB interface and type
if (strpos($form->db_adapter, 'Pdo') !== false) {
$dbInterface = 'Pdo';
$dbType = strtolower(substr($form->db_adapter, strrpos($form->db_adapter, '\\') + 1));
} else {
$dbInterface = html_entity_decode($form->db_adapter, ENT_QUOTES, 'UTF-8');
$dbType = null;
}
// If DB is SQLite
if (strpos($form->db_adapter, 'Sqlite') !== false) {
touch($docRoot . $form->content_path . '/.htphire.sqlite');
$relativeDbName = "__DIR__ . '" . $form->content_path . '/.htphire.sqlite';
$dbName = realpath($docRoot . $form->content_path . '/.htphire.sqlite');
$dbUser = null;
$dbPassword = null;
$dbHost = null;
$installFile = $dbName;
chmod($dbName, 0777);
} else {
$relativeDbName = null;
$dbName = $form->db_name;
$dbUser = $form->db_username;
$dbPassword = $form->db_password;
$dbHost = $form->db_host;
$installFile = null;
}
$dbPrefix = $form->db_prefix;
// Set config values
$config = str_replace("define('CONTENT_PATH', '/phire-content');", "define('CONTENT_PATH', '" . $form->content_path . "');", $config);
$config = str_replace("define('APP_URI', '/phire');", "define('APP_URI', '" . $form->app_uri . "');", $config);
$config = str_replace("define('DB_INTERFACE', '');", "define('DB_INTERFACE', '" . $dbInterface . "');", $config);
$config = str_replace("define('DB_TYPE', '');", "define('DB_TYPE', '" . $dbType . "');", $config);
$config = str_replace("define('DB_NAME', '');", "define('DB_NAME', " . (null !== $relativeDbName ? $relativeDbName : "'" . $dbName) . "');", $config);
$config = str_replace("define('DB_USER', '');", "define('DB_USER', '" . $dbUser . "');", $config);
$config = str_replace("define('DB_PASS', '');", "define('DB_PASS', '" . $dbPassword . "');", $config);
$config = str_replace("define('DB_HOST', '');", "define('DB_HOST', '" . $dbHost . "');", $config);
$config = str_replace("define('DB_PREFIX', '');", "define('DB_PREFIX', '" . $dbPrefix . "');", $config);
$this->data['configWritable'] = is_writable($docRoot . '/config.php');
if ($form instanceof \Pop\Form\Form) {
// Store the config values in session in case config file is not writable.
$sess = Session::getInstance();
$sess->config = serialize(htmlentities($config, ENT_QUOTES, 'UTF-8'));
$sess->app_uri = $form->app_uri;
}
if ($this->data['configWritable']) {
$cfgFile->write($config)->save();
}
// Install the database
$sqlFile = __DIR__ . '/../../../data/phire.' . str_replace(array('pdo\\', 'mysqli'), array('', 'mysql'), strtolower($form->db_adapter)) . '.sql';
$db = array('database' => $dbName, 'username' => $dbUser, 'password' => $dbPassword, 'host' => $dbHost, 'prefix' => $dbPrefix, 'type' => str_replace('\\', '_', $form->db_adapter));
Dbs::install($dbName, $db, $sqlFile, $installFile, true);
if (stripos($form->db_adapter, 'Pdo\\') !== false) {
$adapter = 'Pdo';
$type = strtolower(substr($form->db_adapter, strpos($form->db_adapter, '\\') + 1));
} else {
$adapter = $form->db_adapter;
$type = null;
}
// Set the default system config
$db = Db::factory($adapter, array('database' => $dbName, 'username' => $dbUser, 'password' => $dbPassword, 'host' => $dbHost, 'type' => $type));
// Get server info
if (isset($_SERVER) && isset($_SERVER['SERVER_SOFTWARE'])) {
$server = new Server();
$os = $server->getOs() . ' (' . $server->getDistro() . ')';
$srv = $server->getServer() . ' ' . $server->getServerVersion();
$domain = $_SERVER['HTTP_HOST'];
$doc = $_SERVER['DOCUMENT_ROOT'];
} else {
$os = '';
$srv = '';
$domain = '';
$doc = '';
}
// Set the system configuration
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "config SET value = '" . \Phire\Project::VERSION . "' WHERE setting = 'system_version'");
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "config SET value = '" . $db->adapter()->escape($domain) . "' WHERE setting = 'system_domain'");
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "config SET value = '" . $db->adapter()->escape($doc) . "' WHERE setting = 'system_document_root'");
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "config SET value = '" . $db->adapter()->escape($os) . "' WHERE setting = 'server_operating_system'");
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "config SET value = '" . $db->adapter()->escape($srv) . "' WHERE setting = 'server_software'");
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "config SET value = '" . $db->adapter()->version() . "' WHERE setting = 'database_version'");
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "config SET value = '" . PHP_VERSION . "' WHERE setting = 'php_version'");
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "config SET value = '" . date('Y-m-d H:i:s') . "' WHERE setting = 'installed_on'");
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "config SET value = '" . $db->adapter()->escape($form->language) . "' WHERE setting = 'default_language'");
$db->adapter()->query("UPDATE " . $db->adapter()->escape($dbPrefix) . "user_types SET password_encryption = '" . $db->adapter()->escape((int) $form->password_encryption) . "' WHERE id = 2001");
}
<?php
require_once '../../bootstrap.php';
use Pop\Web\Session;
try {
$sess = Session::getInstance();
$sess->username = '******';
print_r($sess);
print_r($_SESSION);
$sess_id = $sess->getId();
echo $sess_id . PHP_EOL . PHP_EOL;
// Destroy a session and all its data
//$sess->kill();
} catch (\Exception $e) {
echo $e->getMessage() . PHP_EOL . PHP_EOL;
}
/**
* Initialize the ACL object, checking for user types and user roles
*
* @return void
*/
protected function initAcl()
{
// Get the user type from either session or the URI
$sess = \Pop\Web\Session::getInstance();
$type = str_replace(BASE_PATH, '', $_SERVER['REQUEST_URI']);
// If the URI matches the system user URI
if (substr($type, 0, strlen(APP_URI)) == APP_URI) {
$type = 'user';
// Else, set user type
} else {
$type = substr($type, 1);
if (strpos($type, '/') !== false) {
$type = substr($type, 0, strpos($type, '/'));
}
}
// Create the type object and pass it to the Acl object
if (isset($sess->user->type_id)) {
$typeObj = \Phire\Table\UserTypes::findById($sess->user->type_id);
} else {
$typeObj = \Phire\Table\UserTypes::findBy(array('type' => $type));
}
$this->getService('acl')->setType($typeObj);
// Set the roles for this user type in the Acl object
$perms = \Phire\Table\UserRoles::getAllRoles($typeObj->id);
if (count($perms['roles']) > 0) {
foreach ($perms['roles'] as $role) {
$this->getService('acl')->addRole($role);
}
}
// Set up the ACL object's resources and permissions
if (count($perms['resources']) > 0) {
foreach ($perms['resources'] as $role => $perm) {
if (count($perm['allow']) > 0) {
foreach ($perm['allow'] as $resource => $p) {
$this->getService('acl')->addResource($resource);
if (count($p) > 0) {
$this->getService('acl')->allow($role, $resource, $p);
} else {
$this->getService('acl')->allow($role, $resource);
}
}
} else {
$this->getService('acl')->allow($role);
}
if (count($perm['deny']) > 0) {
foreach ($perm['deny'] as $resource => $p) {
$this->getService('acl')->addResource($resource);
if (count($p) > 0) {
$this->getService('acl')->deny($role, $resource, $p);
} else {
$this->getService('acl')->deny($role, $resource);
}
}
}
}
}
}
/**
* Get sort order
*
* @param string $sort
* @param string $page
* @param string $ord
* @return array
*/
public function getSortOrder($sort = null, $page = null, $ord = 'ASC')
{
$sess = Session::getInstance();
$limit = (int) $this->config->pagination_limit;
$order = array('field' => 'id', 'order' => $ord, 'limit' => $limit > 0 ? $limit : null, 'offset' => 0);
if (null !== $sort) {
if ($page != $sess->lastPage) {
if ($sort != $sess->lastSortField) {
$order['field'] = $sort;
$order['order'] = $ord;
} else {
$order['field'] = $sess->lastSortField;
$order['order'] = $sess->lastSortOrder;
}
} else {
$order['field'] = $sort;
if (isset($sess->lastSortOrder)) {
$order['order'] = $sess->lastSortOrder == 'ASC' ? 'DESC' : 'ASC';
} else {
$order['order'] = $ord;
}
}
}
if (null !== $page && (int) $page > 1) {
$order['offset'] = $page * $limit - $limit;
}
$sess->lastSortField = $order['field'];
$sess->lastSortOrder = $order['order'];
$sess->lastPage = $page;
return $order;
}
/**
* Method to determine the mobile device
*
* @param string $mobile
* @return string
*/
public static function getDevice($mobile = null)
{
$session = Session::getInstance();
if (null !== $mobile) {
$force = $mobile;
if ($force == 'clear') {
unset($session->mobile);
} else {
$session->mobile = $force;
}
}
if (!isset($session->mobile)) {
$device = Mobile::getDevice();
if (null !== $device) {
$device = strtolower($device);
if ($device == 'android' || $device == 'windows') {
$device .= Mobile::isTabletDevice() ? '-tablet' : '-phone';
}
}
} else {
$device = $session->mobile;
}
return $device;
}
/**
* Set type method
*
* @param \Phire\Table\UserTypes $type
* @return \Phire\Auth\Acl
*/
public function setType(\Phire\Table\UserTypes $type)
{
$this->sess = Session::getInstance();
$this->type = $type;
$this->basePath = strtolower($this->type->type) != 'user' ? BASE_PATH . '/' . strtolower($this->type->type) : BASE_PATH . APP_URI;
}
/**
* Get session object
*
* @return \Pop\Web\Session
*/
public function getSession()
{
return \Pop\Web\Session::getInstance();
}
/**
* Prepare view method
*
* @param string $template
* @param array $data
* @return void
*/
public function prepareView($template = null, array $data = array())
{
$site = \Phire\Table\Sites::getSite();
if (null !== $template) {
$template = $this->getCustomView($template, $site);
}
$sess = \Pop\Web\Session::getInstance();
$config = \Phire\Table\Config::getSystemConfig();
$i18n = \Phire\Table\Config::getI18n();
$this->live = (bool) $config->live;
$jsVars = null;
$this->view = View::factory($template, $data);
$this->view->set('base_path', $site->base_path)->set('content_path', CONTENT_PATH);
// Check for an override Phire theme for the header/footer
if (file_exists($site->document_root . $site->base_path . CONTENT_PATH . '/extensions/themes/phire/header.phtml') && file_exists($site->document_root . $site->base_path . CONTENT_PATH . '/extensions/themes/phire/footer.phtml')) {
$this->view->set('phireHeader', $site->document_root . $site->base_path . CONTENT_PATH . '/extensions/themes/phire/header.phtml')->set('phireFooter', $site->document_root . $site->base_path . CONTENT_PATH . '/extensions/themes/phire/footer.phtml');
// Else, just use the default header/footer
} else {
$this->view->set('phireHeader', $site->document_root . $site->base_path . APP_PATH . '/vendor/Phire/view/phire/header.phtml')->set('phireFooter', $site->document_root . $site->base_path . APP_PATH . '/vendor/Phire/view/phire/footer.phtml');
}
if (isset($this->view->assets)) {
$jsVars = '?lang=' . $config->default_language;
}
if (isset($sess->user)) {
if (isset($this->sess->user->last_action)) {
$this->sess->user->last_action = date('Y-m-d H:i:s');
}
// Set the timeout warning, giving a 30 second buffer to act
if (isset($this->view->assets)) {
if (isset($this->view->acl) && $this->view->acl->getType()->session_expiration > 0 && $this->view->acl->getType()->timeout_warning) {
$exp = $this->view->acl->getType()->session_expiration * 60 - 30;
$uri = $site->base_path . (strtolower($this->view->acl->getType()->type) != 'user' ? '/' . strtolower($this->view->acl->getType()->type) : APP_URI);
$jsVars .= '&_exp=' . $exp . '&_base=' . urlencode($uri);
}
}
$this->view->set('user', $sess->user)->set('role', \Phire\Table\UserRoles::getRole($sess->user->role_id))->set('globalAccess', $sess->user->global_access);
if (isset($this->view->phireNav) && isset($this->view->acl) && $this->view->acl->hasRole($this->view->role->getName())) {
$this->view->phireNav->setConfig(array('top' => array('node' => 'ul', 'id' => 'phire-nav')));
$this->view->phireNav->setAcl($this->view->acl);
$this->view->phireNav->setRole($this->view->role);
$tree = $this->view->phireNav->getTree();
// If the sub-children haven't been added yet
if (isset($tree[0])) {
// And any user types to the main phire nav
$userTypes = \Phire\Table\UserTypes::findAll('id ASC');
if (isset($userTypes->rows)) {
foreach ($userTypes->rows as $type) {
$perm = 'index_' . $type->id;
if ($this->view->acl->isAuth('Phire\\Controller\\Phire\\User\\IndexController', 'index') && $this->view->acl->isAuth('Phire\\Controller\\Phire\\User\\IndexController', 'index_' . $type->id)) {
$perm = 'index';
}
$this->view->phireNav->addLeaf('Users', array('name' => ucwords(str_replace('-', ' ', $type->type)), 'href' => 'index/' . $type->id, 'acl' => array('resource' => 'Phire\\Controller\\Phire\\User\\IndexController', 'permission' => $perm)), 1);
}
}
// Set the language
$tree = $this->view->phireNav->getTree();
foreach ($tree as $key => $value) {
if (isset($value['name'])) {
$tree[$key]['name'] = $i18n->__($value['name']);
if (isset($value['children']) && count($value['children']) > 0) {
foreach ($value['children'] as $k => $v) {
if ($v['name'] == 'Fields' && isset($tree[$key]['children'][$k]['children'][0]['name'])) {
$tree[$key]['children'][$k]['children'][0]['name'] = $i18n->__($tree[$key]['children'][$k]['children'][0]['name']);
}
$tree[$key]['children'][$k]['name'] = $i18n->__($v['name']);
}
}
}
}
$this->view->phireNav->setTree($tree);
}
$this->view->phireNav->rebuild();
$this->view->phireNav->nav()->setIndent(' ');
}
}
if (isset($this->view->assets)) {
$this->view->assets = str_replace('jax.3.2.0.min.js', 'jax.3.2.0.min.js' . $jsVars, $this->view->assets);
}
if (isset($sess->errors)) {
$this->view->set('errors', $sess->errors);
}
// Set config object and system/site default data
$this->view->set('i18n', $i18n)->set('system_title', $config->system_title)->set('system_email', $config->system_email)->set('site_title', $config->site_title)->set('base_path', $config->base_path)->set('separator', $config->separator)->set('default_language', $config->default_language)->set('datetime_format', $config->datetime_format);
}
/**
* Create nav tree from content type
*
* @param int $id
* @return mixed
*/
protected function createNavFrom($id)
{
$tree = [];
if ($id == 'categories') {
$category = new \Phire\Categories\Model\Category();
$contentAry = $category->getAll();
$cat = true;
} else {
$sess = Session::getInstance();
unset($sess->lastSortField);
unset($sess->lastSortOrder);
unset($sess->lastPage);
$content = new \Phire\Content\Model\Content();
$contentAry = $content->getAll($id, 'id');
$cat = false;
}
foreach ($contentAry as $c) {
$branch = ['id' => $c->id, 'type' => $cat ? 'category' : 'content', 'name' => $c->title, 'href' => $c->uri, 'children' => isset($c->status) && $c->status == 1 || !isset($c->status) ? $this->getNavChildren($c, 0, $cat) : []];
if (isset($c->roles)) {
$roles = unserialize($c->roles);
if (count($roles) > 0) {
$branch['acl'] = ['resource' => 'content-' . $c->id];
}
}
if (isset($c->status) && $c->status == 1 || !isset($c->status)) {
$tree[] = $branch;
}
}
return serialize($tree);
}
/**
* Parse the value
*
* @param string $fieldValue
* @return boolean
*/
protected static function parseValue($fieldValue)
{
$fieldValue = str_replace(['[{base_path}]', '[{content_path}]'], [BASE_PATH, CONTENT_PATH], $fieldValue);
// Parse any date placeholders
$dates = [];
preg_match_all('/\\[\\{date.*\\}\\]/', $fieldValue, $dates);
if (isset($dates[0]) && isset($dates[0][0])) {
foreach ($dates[0] as $date) {
$pattern = str_replace('}]', '', substr($date, strpos($date, '_') + 1));
$fieldValue = str_replace($date, date($pattern), $fieldValue);
}
}
// Parse any session placeholders
$open = [];
$close = [];
$merge = [];
$sess = [];
preg_match_all('/\\[\\{sess\\}\\]/msi', $fieldValue, $open, PREG_OFFSET_CAPTURE);
preg_match_all('/\\[\\{\\/sess\\}\\]/msi', $fieldValue, $close, PREG_OFFSET_CAPTURE);
// If matches are found, format and merge the results.
if (isset($open[0][0]) && isset($close[0][0])) {
foreach ($open[0] as $key => $value) {
$merge[] = [$open[0][$key][0] => $open[0][$key][1], $close[0][$key][0] => $close[0][$key][1]];
}
}
foreach ($merge as $match) {
$sess[] = substr($fieldValue, $match['[{sess}]'], $match['[{/sess}]'] - $match['[{sess}]'] + 9);
}
if (count($sess) > 0) {
$session = Session::getInstance();
foreach ($sess as $s) {
$sessString = str_replace(['[{sess}]', '[{/sess}]'], ['', ''], $s);
$isSess = null;
$noSess = null;
if (strpos($sessString, '[{or}]') !== false) {
$sessValues = explode('[{or}]', $sessString);
if (isset($sessValues[0])) {
$isSess = $sessValues[0];
}
if (isset($sessValues[1])) {
$noSess = $sessValues[1];
}
} else {
$isSess = $sessString;
}
if (null !== $isSess) {
if (!isset($session->user)) {
$fieldValue = str_replace($s, $noSess, $fieldValue);
} else {
$newSess = $isSess;
foreach ($_SESSION as $sessKey => $sessValue) {
if ((is_array($sessValue) || $sessValue instanceof \ArrayObject) && strpos($fieldValue, '[{' . $sessKey . '->') !== false) {
foreach ($sessValue as $sessK => $sessV) {
if (!is_array($sessV)) {
$newSess = str_replace('[{' . $sessKey . '->' . $sessK . '}]', $sessV, $newSess);
}
}
} else {
if (!is_array($sessValue) && !$sessValue instanceof \ArrayObject && strpos($fieldValue, '[{' . $sessKey) !== false) {
$newSess = str_replace('[{' . $sessKey . '}]', $sessValue, $newSess);
}
}
}
if ($newSess != $isSess) {
$fieldValue = str_replace('[{sess}]' . $sessString . '[{/sess}]', $newSess, $fieldValue);
} else {
$fieldValue = str_replace($s, $noSess, $fieldValue);
}
}
} else {
$fieldValue = str_replace($s, '', $fieldValue);
}
}
}
return $fieldValue;
}
public function logout()
{
$this->sess->kill();
$this->redirect('/login');
}