function is_token_valid($token)
{
$db = Flight::db();
$stmt = $db->prepare('SELECT token FROM tokens WHERE token = :token');
$stmt->bindParam(':token', $token);
$stmt->execute();
$data = $stmt->fetch(PDO::FETCH_ASSOC);
if (empty($data)) {
return false;
}
if ($data['token'] == $token) {
return true;
}
return false;
}
/**
* Get User with Email
* @param String $email Email
* @return Object Return userobject or false
*/
public static function getUserWithEmail($email)
{
$sql = "SELECT * FROM user WHERE email = '{$email}'";
$result = Flight::db()->query($sql);
if ($result != false) {
return new user($result->fetch_assoc());
} else {
return false;
}
}
<html>
<head>
<meta charset = "utf-8"/>
<title>Авторизация</title>
</head>
<body>
<form method = "POST" action = "/auth" id = 'Vasya'>
<p><input name = "input_email" type = "text" size = 20/></p>
<p><input name = "input_passw" type = "text" size = 20/></p>
<p><button onclick = "document.getElementById('Vasya').submit()">
Submit
</button></p>
</form>
<?php
if (!empty($_POST)) {
$r = Flight::db()->Authorise($_POST['input_email'], $_POST['input_passw']);
if ($r) {
var_dump($_SESSION);
$_SESSION['login'] = $_POST['input_email'];
var_dump($_SESSION);
Flight::redirect('/');
}
}
?>
</body>
</html>
/**
* Gets Post with given Id
* @param Int Id of searched post
* @return post Post with the given Id
* @todo Better error handling
*/
public static function getPostWithId($post_id)
{
$sql = "SELECT * FROM post WHERE id = '{$post_id}'";
$result = Flight::db()->query($sql);
//Todo: Better error handling
if ($result != false) {
return new post($result->fetch_assoc());
}
}
public function getAllPlayers()
{
$sql = "SELECT * FROM player ORDER BY team DESC";
$result = Flight::db()->query($sql);
$players = array();
while ($row = $result->fetch_assoc()) {
$players[] = new player($row);
}
return $players;
}
public function delete()
{
Flight::db()->begin_transaction();
$sql = "DELETE FROM events WHERE id = '{$this->id}'";
$result = Flight::db()->query($sql);
if ($result == false) {
Flight::db()->rollback();
return false;
}
Flight::db()->commit();
return true;
}
public function validate($model, $inputs, $update = false)
{
$rules = $model::$validate;
$error = false;
$response = array();
foreach ($inputs as $key => $input) {
if (array_key_exists($key, $rules)) {
$rule = $rules[$key];
$response[$key] = array("value" => $input, "name" => $key);
if (empty($input) && $rule['required'] == true) {
$response[$key]['type'] = "missing";
$error = true;
continue;
}
if (isset($rule['unique']) && $rule['unique'] == true && $update == false) {
$sql = "SELECT * FROM {$model} WHERE {$key} = '{$input}'";
$result = Flight::db()->query($sql);
if ($result->num_rows > 0) {
$response[$key]['type'] = 'not unique';
$error = true;
continue;
}
}
$response[$key] = array("value" => $input, "name" => $key);
switch ($rule['type']) {
case "email":
if (!filter_var($input, FILTER_VALIDATE_EMAIL)) {
$response[$key]['type'] = "invalid";
$error = true;
}
break;
case "int":
if (!filter_var($input, FILTER_VALIDATE_INT)) {
$response[$key]['type'] = "invalid";
$error = true;
}
break;
case "text":
if (!preg_match('/^[A-Za-z]+$/', $input)) {
$response[$key]['type'] = "invalid";
$error = true;
}
break;
}
}
}
return $error == true ? $response : true;
}
public function login()
{
$response = Flight::util()->validate("auth", Flight::request()->data);
if (is_array($response)) {
Flight::util()->render('login', array('error' => $response));
return;
}
$email = Flight::request()->data->email;
$password = Flight::request()->data->password;
$sql = "SELECT * FROM user WHERE email = '{$email}'";
$result = Flight::db()->query($sql);
if ($result == false) {
Flight::util()->render('login', array('error_string' => true));
return;
}
$row = $result->fetch_assoc();
if (password_verify($password, $row['password'])) {
$_SESSION['user'] = new user($row);
Flight::redirect('/teams');
} else {
Flight::util()->render('login', array('error_string' => true));
return;
}
}
require 'vendor/autoload.php';
require 'EasyBlogDBInterface.php';
include 'MyFuncs.php';
Flight::register('db', 'MyDBInterface', array('localhost', 'EasyBlog', 'root', 'root'));
session_start();
//главная страница
Flight::route('/(\\?p=@p)', function ($p) {
$s_login = SetLogin();
//gettin page index
$page = 1;
if ($p > 1) {
$page = $p;
}
$postselector = ($page - 1) * 5;
$posts = Flight::db()->GetPosts($postselector, 5);
$postscount = Flight::db()->CountPosts();
$pages_count = ceil($postscount / 5);
Flight::render('home.php', array('headertext' => 'Мой летучий блог', 'authorname' => $s_login, 'footertext' => '@ProgForce forever'), 'home_page_content');
Flight::render('post.php', array('posts' => $posts), 'posts_block');
Flight::render('page_hyperlinks.php', array('pages_count' => $pages_count, 'current_page' => $page), 'pages_n_links');
Flight::render('auth_view.php', null, 'auth_view');
Flight::render('home_layout.php', null);
});
Flight::route('/exit', function () {
session_destroy();
Flight::redirect('/');
});
Flight::route('/auth/', function () {
Flight::render('auth.php', null);
});
/*Flight::route('POST /authconfirm/', function()
<?php
// Includes
require 'flight/Flight.php';
require 'classes/auth.class.php';
require 'classes/config.class.php';
require 'languages/en.php';
require 'database.php';
// Settings
Flight::set('lang', $lang);
Flight::set('flight.log_errors', true);
Flight::set('flight.views.path', 'views/');
// Register classes
Flight::register('db', 'PDO', array("mysql:host={$db_host};dbname={$db_name}", $db_user, $db_pass));
Flight::register('config', 'Config', array(Flight::db()));
Flight::register('auth', 'Auth', array(Flight::db(), Flight::config()));
// Set Timezone
date_default_timezone_set(Flight::config()->site_timezone);
// Check if user is logged in
if (Flight::request()->cookies->{Flight::config()->cookie_name} == false) {
Flight::set('loggedin', false);
} else {
if (Flight::auth()->checkSession(Flight::request()->cookies->{Flight::config()->cookie_name})) {
Flight::set('loggedin', true);
$uid = Flight::auth()->getSessionUID(Flight::request()->cookies->{Flight::config()->cookie_name});
Flight::set('userdata', Flight::auth()->getUser($uid));
} else {
Flight::set('loggedin', false);
setcookie(Flight::config()->cookie_name, "", time() - 3600, Flight::config()->cookie_path, Flight::config()->cookie_domain, Flight::config()->cookie_secure, Flight::config()->cookie_http);
}
}
<?php
try {
$db = Flight::db();
$db->exec('CREATE TABLE projects(
id INTEGER PRIMARY KEY,
title VARCHAR(255) NOT NULL,
date DATE,
link TEXT,
description TEXT,
tags VARCHAR(255)
);');
} catch (PDOException $e) {
echo $e->getMessage();
}
public static function query($statement)
{
$db = \Flight::db();
return $db->query($statement);
}
static function snippet()
{
$data = Flight::request()->data;
$mode = $data["mode"];
if ($mode === "get") {
$sql = "SELECT * FROM snippets WHERE LOWER(identifier) LIKE LOWER(?)";
$sth = Flight::db()->prepare($sql);
$sth->bindParam(1, $data["identifier"]);
$sth->execute();
$res = $sth->fetchAll(PDO::FETCH_ASSOC);
if (count($res) == 0) {
Flight::error();
}
echo Flight::json($res[0]);
} elseif ($mode === "exists") {
$sql = "SELECT * FROM snippets WHERE LOWER(identifier) LIKE LOWER(?)";
$sth = Flight::db()->prepare($sql);
$sth->bindParam(1, $data["identifier"]);
$sth->execute();
$res = $sth->fetchAll(PDO::FETCH_ASSOC);
if (count($res) !== 0) {
Flight::error();
} else {
echo "";
}
} elseif ($mode === "new") {
$sql = "SELECT * FROM snippets WHERE LOWER(identifier) LIKE LOWER(?)";
$sth = Flight::db()->prepare($sql);
$sth->bindParam(1, $data["identifier"]);
$sth->execute();
$res = $sth->fetchAll();
if (count($res) !== 0) {
Flight::error();
}
$jwt = JWTHelper::authenticate(apache_request_headers());
$sql = "INSERT INTO snippets(identifier,name,author,version,code) VALUES(?,?,?,?,?)";
$sth = Flight::db()->prepare($sql);
$sth->bindParam(1, $data["identifier"]);
$sth->bindParam(2, $data["name"]);
$sth->bindParam(3, $jwt->data->userName);
$sth->bindParam(4, $data["version"]);
$sth->bindParam(5, $data["code"]);
$sth->execute();
} elseif ($mode === "delete") {
$sql = "SELECT * FROM snippets WHERE LOWER(identfier) LIKE LOWER(?)";
$sth = Flight::db()->prepare($sql);
$sth->bindParam(1, $data["identifier"]);
$sth->execute();
$res = $sth->fetchAll();
if (count($res) !== 1) {
Flight::error();
}
$jwt = JWTHelper::authenticate(apache_request_headers());
$sql = "DELETE FROM snippets WHERE LOWER(identifier) LIKE LOWER(?)";
$sth = Flight::db()->prepare($sql);
$sth->bindParam(1, $data["identifier"]);
$sth->execute();
}
}
public function getEventWithId($id)
{
$sql = "SELECT * FROM events WHERE id = '{$id}'";
$result = Flight::db()->query($sql);
return new event($result->fetch_assoc());
}
/**
* Update user
* @return Mysqliresult Result from query
*/
public function update()
{
$sql = "UPDATE user SET prename = '{$this->prename}', surname = '{$this->surname}', bio = '" . nl2br($this->bio) . "', email = '{$this->email}', password = '******' WHERE id = '{$this->id}'";
$result = Flight::db()->query($sql);
return $result;
}
public function getUserWithId($id)
{
$sql = "SELECT * FROM user WHERE id = '{$id}'";
$result = Flight::db()->query($sql);
return new user($result->fetch_assoc());
}
public function getTeamNameWithId($id)
{
$sql = "SELECT name FROM team WHERE id = '{$id}'";
$result = Flight::db()->query($sql);
return $result->fetch_assoc()['name'];
}
public static function connectMysqlDB()
{
$db = Flight::db();
$mysqlDB = mysql_connect($db['server'], $db['username'], $db['password']);
mysql_select_db($db['database_name'], $mysqlDB);
mysql_query("set names 'utf8'");
return $mysqlDB;
}
public function getAbsenceWithId($id)
{
$sql = "SELECT * FROM absences WHERE id = '{$id}'";
$result = Flight::db()->query($sql);
return new absence($result->fetch_assoc());
}
public function delete()
{
Flight::db()->begin_transaction();
$players = $this->getPlayers();
foreach ($players as $player) {
$player->team = '0';
$player->update();
}
$sql = "DELETE FROM coach_team WHERE team_id = '{$this->id}'";
$response = Flight::db()->query($sql);
if ($response == false) {
Flight::db()->rollback();
return false;
}
$sql = "DELETE FROM events WHERE team = '{$this->id}'";
$response = Flight::db()->query($sql);
if ($response == false) {
Flight::db()->rollback();
return false;
}
$sql = "DELETE FROM team WHERE id = '{$this->id}'";
Flight::db()->query($sql);
if ($response == false) {
Flight::db()->rollback();
return false;
}
Flight::db()->commit();
return true;
}
public function update()
{
Flight::db()->begin_transaction();
$sql = "UPDATE user SET surname = '{$this->surname}', forename = '{$this->forename}', email = '{$this->email}' WHERE id='{$this->id}'";
$result = Flight::db()->query($sql);
if ($result == false) {
Flight::db()->rollback();
return false;
}
$sql = "SELECT * FROM coach_team WHERE coach_id = '{$this->id}'";
$result = Flight::db()->query($sql);
if ($result == false) {
Flight::db()->rollback();
return false;
}
if ($this->role == 20) {
Flight::db()->commit();
return true;
}
$ids = array();
while ($row = $result->fetch_assoc()) {
$ids[] = $row['team_id'];
}
$new = array_diff($this->teams, $ids);
$removed = array_diff($ids, $this->teams);
foreach ($new as $id) {
$sql = "INSERT INTO coach_team (team_id, coach_id) VALUES ('{$id}','{$this->id}')";
Flight::db()->query($sql);
}
foreach ($removed as $id) {
$sql = "DELETE FROM coach_team WHERE team_id = '{$id}' AND coach_id = '{$this->id}'";
Flight::db()->query($sql);
}
Flight::db()->commit();
return true;
}
