function is_token_valid($token) { $db = Flight::db(); $stmt = $db->prepare('SELECT token FROM tokens WHERE token = :token'); $stmt->bindParam(':token', $token); $stmt->execute(); $data = $stmt->fetch(PDO::FETCH_ASSOC); if (empty($data)) { return false; } if ($data['token'] == $token) { return true; } return false; }
/** * Get User with Email * @param String $email Email * @return Object Return userobject or false */ public static function getUserWithEmail($email) { $sql = "SELECT * FROM user WHERE email = '{$email}'"; $result = Flight::db()->query($sql); if ($result != false) { return new user($result->fetch_assoc()); } else { return false; } }
<html> <head> <meta charset = "utf-8"/> <title>Авторизация</title> </head> <body> <form method = "POST" action = "/auth" id = 'Vasya'> <p><input name = "input_email" type = "text" size = 20/></p> <p><input name = "input_passw" type = "text" size = 20/></p> <p><button onclick = "document.getElementById('Vasya').submit()"> Submit </button></p> </form> <?php if (!empty($_POST)) { $r = Flight::db()->Authorise($_POST['input_email'], $_POST['input_passw']); if ($r) { var_dump($_SESSION); $_SESSION['login'] = $_POST['input_email']; var_dump($_SESSION); Flight::redirect('/'); } } ?> </body> </html>
/** * Gets Post with given Id * @param Int Id of searched post * @return post Post with the given Id * @todo Better error handling */ public static function getPostWithId($post_id) { $sql = "SELECT * FROM post WHERE id = '{$post_id}'"; $result = Flight::db()->query($sql); //Todo: Better error handling if ($result != false) { return new post($result->fetch_assoc()); } }
public function getAllPlayers() { $sql = "SELECT * FROM player ORDER BY team DESC"; $result = Flight::db()->query($sql); $players = array(); while ($row = $result->fetch_assoc()) { $players[] = new player($row); } return $players; }
public function delete() { Flight::db()->begin_transaction(); $sql = "DELETE FROM events WHERE id = '{$this->id}'"; $result = Flight::db()->query($sql); if ($result == false) { Flight::db()->rollback(); return false; } Flight::db()->commit(); return true; }
public function validate($model, $inputs, $update = false) { $rules = $model::$validate; $error = false; $response = array(); foreach ($inputs as $key => $input) { if (array_key_exists($key, $rules)) { $rule = $rules[$key]; $response[$key] = array("value" => $input, "name" => $key); if (empty($input) && $rule['required'] == true) { $response[$key]['type'] = "missing"; $error = true; continue; } if (isset($rule['unique']) && $rule['unique'] == true && $update == false) { $sql = "SELECT * FROM {$model} WHERE {$key} = '{$input}'"; $result = Flight::db()->query($sql); if ($result->num_rows > 0) { $response[$key]['type'] = 'not unique'; $error = true; continue; } } $response[$key] = array("value" => $input, "name" => $key); switch ($rule['type']) { case "email": if (!filter_var($input, FILTER_VALIDATE_EMAIL)) { $response[$key]['type'] = "invalid"; $error = true; } break; case "int": if (!filter_var($input, FILTER_VALIDATE_INT)) { $response[$key]['type'] = "invalid"; $error = true; } break; case "text": if (!preg_match('/^[A-Za-z]+$/', $input)) { $response[$key]['type'] = "invalid"; $error = true; } break; } } } return $error == true ? $response : true; }
public function login() { $response = Flight::util()->validate("auth", Flight::request()->data); if (is_array($response)) { Flight::util()->render('login', array('error' => $response)); return; } $email = Flight::request()->data->email; $password = Flight::request()->data->password; $sql = "SELECT * FROM user WHERE email = '{$email}'"; $result = Flight::db()->query($sql); if ($result == false) { Flight::util()->render('login', array('error_string' => true)); return; } $row = $result->fetch_assoc(); if (password_verify($password, $row['password'])) { $_SESSION['user'] = new user($row); Flight::redirect('/teams'); } else { Flight::util()->render('login', array('error_string' => true)); return; } }
require 'vendor/autoload.php'; require 'EasyBlogDBInterface.php'; include 'MyFuncs.php'; Flight::register('db', 'MyDBInterface', array('localhost', 'EasyBlog', 'root', 'root')); session_start(); //главная страница Flight::route('/(\\?p=@p)', function ($p) { $s_login = SetLogin(); //gettin page index $page = 1; if ($p > 1) { $page = $p; } $postselector = ($page - 1) * 5; $posts = Flight::db()->GetPosts($postselector, 5); $postscount = Flight::db()->CountPosts(); $pages_count = ceil($postscount / 5); Flight::render('home.php', array('headertext' => 'Мой летучий блог', 'authorname' => $s_login, 'footertext' => '@ProgForce forever'), 'home_page_content'); Flight::render('post.php', array('posts' => $posts), 'posts_block'); Flight::render('page_hyperlinks.php', array('pages_count' => $pages_count, 'current_page' => $page), 'pages_n_links'); Flight::render('auth_view.php', null, 'auth_view'); Flight::render('home_layout.php', null); }); Flight::route('/exit', function () { session_destroy(); Flight::redirect('/'); }); Flight::route('/auth/', function () { Flight::render('auth.php', null); }); /*Flight::route('POST /authconfirm/', function()
<?php // Includes require 'flight/Flight.php'; require 'classes/auth.class.php'; require 'classes/config.class.php'; require 'languages/en.php'; require 'database.php'; // Settings Flight::set('lang', $lang); Flight::set('flight.log_errors', true); Flight::set('flight.views.path', 'views/'); // Register classes Flight::register('db', 'PDO', array("mysql:host={$db_host};dbname={$db_name}", $db_user, $db_pass)); Flight::register('config', 'Config', array(Flight::db())); Flight::register('auth', 'Auth', array(Flight::db(), Flight::config())); // Set Timezone date_default_timezone_set(Flight::config()->site_timezone); // Check if user is logged in if (Flight::request()->cookies->{Flight::config()->cookie_name} == false) { Flight::set('loggedin', false); } else { if (Flight::auth()->checkSession(Flight::request()->cookies->{Flight::config()->cookie_name})) { Flight::set('loggedin', true); $uid = Flight::auth()->getSessionUID(Flight::request()->cookies->{Flight::config()->cookie_name}); Flight::set('userdata', Flight::auth()->getUser($uid)); } else { Flight::set('loggedin', false); setcookie(Flight::config()->cookie_name, "", time() - 3600, Flight::config()->cookie_path, Flight::config()->cookie_domain, Flight::config()->cookie_secure, Flight::config()->cookie_http); } }
<?php try { $db = Flight::db(); $db->exec('CREATE TABLE projects( id INTEGER PRIMARY KEY, title VARCHAR(255) NOT NULL, date DATE, link TEXT, description TEXT, tags VARCHAR(255) );'); } catch (PDOException $e) { echo $e->getMessage(); }
public static function query($statement) { $db = \Flight::db(); return $db->query($statement); }
static function snippet() { $data = Flight::request()->data; $mode = $data["mode"]; if ($mode === "get") { $sql = "SELECT * FROM snippets WHERE LOWER(identifier) LIKE LOWER(?)"; $sth = Flight::db()->prepare($sql); $sth->bindParam(1, $data["identifier"]); $sth->execute(); $res = $sth->fetchAll(PDO::FETCH_ASSOC); if (count($res) == 0) { Flight::error(); } echo Flight::json($res[0]); } elseif ($mode === "exists") { $sql = "SELECT * FROM snippets WHERE LOWER(identifier) LIKE LOWER(?)"; $sth = Flight::db()->prepare($sql); $sth->bindParam(1, $data["identifier"]); $sth->execute(); $res = $sth->fetchAll(PDO::FETCH_ASSOC); if (count($res) !== 0) { Flight::error(); } else { echo ""; } } elseif ($mode === "new") { $sql = "SELECT * FROM snippets WHERE LOWER(identifier) LIKE LOWER(?)"; $sth = Flight::db()->prepare($sql); $sth->bindParam(1, $data["identifier"]); $sth->execute(); $res = $sth->fetchAll(); if (count($res) !== 0) { Flight::error(); } $jwt = JWTHelper::authenticate(apache_request_headers()); $sql = "INSERT INTO snippets(identifier,name,author,version,code) VALUES(?,?,?,?,?)"; $sth = Flight::db()->prepare($sql); $sth->bindParam(1, $data["identifier"]); $sth->bindParam(2, $data["name"]); $sth->bindParam(3, $jwt->data->userName); $sth->bindParam(4, $data["version"]); $sth->bindParam(5, $data["code"]); $sth->execute(); } elseif ($mode === "delete") { $sql = "SELECT * FROM snippets WHERE LOWER(identfier) LIKE LOWER(?)"; $sth = Flight::db()->prepare($sql); $sth->bindParam(1, $data["identifier"]); $sth->execute(); $res = $sth->fetchAll(); if (count($res) !== 1) { Flight::error(); } $jwt = JWTHelper::authenticate(apache_request_headers()); $sql = "DELETE FROM snippets WHERE LOWER(identifier) LIKE LOWER(?)"; $sth = Flight::db()->prepare($sql); $sth->bindParam(1, $data["identifier"]); $sth->execute(); } }
public function getEventWithId($id) { $sql = "SELECT * FROM events WHERE id = '{$id}'"; $result = Flight::db()->query($sql); return new event($result->fetch_assoc()); }
/** * Update user * @return Mysqliresult Result from query */ public function update() { $sql = "UPDATE user SET prename = '{$this->prename}', surname = '{$this->surname}', bio = '" . nl2br($this->bio) . "', email = '{$this->email}', password = '******' WHERE id = '{$this->id}'"; $result = Flight::db()->query($sql); return $result; }
public function getUserWithId($id) { $sql = "SELECT * FROM user WHERE id = '{$id}'"; $result = Flight::db()->query($sql); return new user($result->fetch_assoc()); }
public function getTeamNameWithId($id) { $sql = "SELECT name FROM team WHERE id = '{$id}'"; $result = Flight::db()->query($sql); return $result->fetch_assoc()['name']; }
public static function connectMysqlDB() { $db = Flight::db(); $mysqlDB = mysql_connect($db['server'], $db['username'], $db['password']); mysql_select_db($db['database_name'], $mysqlDB); mysql_query("set names 'utf8'"); return $mysqlDB; }
public function getAbsenceWithId($id) { $sql = "SELECT * FROM absences WHERE id = '{$id}'"; $result = Flight::db()->query($sql); return new absence($result->fetch_assoc()); }
public function delete() { Flight::db()->begin_transaction(); $players = $this->getPlayers(); foreach ($players as $player) { $player->team = '0'; $player->update(); } $sql = "DELETE FROM coach_team WHERE team_id = '{$this->id}'"; $response = Flight::db()->query($sql); if ($response == false) { Flight::db()->rollback(); return false; } $sql = "DELETE FROM events WHERE team = '{$this->id}'"; $response = Flight::db()->query($sql); if ($response == false) { Flight::db()->rollback(); return false; } $sql = "DELETE FROM team WHERE id = '{$this->id}'"; Flight::db()->query($sql); if ($response == false) { Flight::db()->rollback(); return false; } Flight::db()->commit(); return true; }
public function update() { Flight::db()->begin_transaction(); $sql = "UPDATE user SET surname = '{$this->surname}', forename = '{$this->forename}', email = '{$this->email}' WHERE id='{$this->id}'"; $result = Flight::db()->query($sql); if ($result == false) { Flight::db()->rollback(); return false; } $sql = "SELECT * FROM coach_team WHERE coach_id = '{$this->id}'"; $result = Flight::db()->query($sql); if ($result == false) { Flight::db()->rollback(); return false; } if ($this->role == 20) { Flight::db()->commit(); return true; } $ids = array(); while ($row = $result->fetch_assoc()) { $ids[] = $row['team_id']; } $new = array_diff($this->teams, $ids); $removed = array_diff($ids, $this->teams); foreach ($new as $id) { $sql = "INSERT INTO coach_team (team_id, coach_id) VALUES ('{$id}','{$this->id}')"; Flight::db()->query($sql); } foreach ($removed as $id) { $sql = "DELETE FROM coach_team WHERE team_id = '{$id}' AND coach_id = '{$this->id}'"; Flight::db()->query($sql); } Flight::db()->commit(); return true; }