public function action_recover($hash = null)
{
if (Input::Method() === "POST") {
if ($user = \Model\Auth_User::find_by_email(Input::POST('email'))) {
// generate a recovery hash
$hash = \Auth::instance()->hash_password(\Str::random()) . $user->id;
// and store it in the user profile
\Auth::update_user(array('lostpassword_hash' => $hash, 'lostpassword_created' => time()), $user->username);
// send an email out with a reset link
\Package::load('email');
$email = \Email::forge();
$html = 'Your password recovery link <a href="' . Uri::Create('login/recover/' . $hash) . '">Recover My Password!</a>';
// use a view file to generate the email message
$email->html_body($html);
// give it a subject
$email->subject(\Settings::Get('site_name') . ' Password Recovery');
// GET ADMIN EMAIL FROM SETTINGS?
$admin_email = Settings::get('admin_email');
if (empty($admin_email) === false) {
$from = $admin_email;
} else {
$from = 'support@' . str_replace('http:', '', str_replace('/', '', Uri::Base(false)));
}
$email->from($from);
$email->to($user->email, $user->fullname);
// and off it goes (if all goes well)!
try {
// send the email
$email->send();
Session::set('success', 'Email has been sent to ' . $user->email . '! Please check your spam folder!');
} catch (\Exception $e) {
Session::Set('error', 'We failed to send the eamil , contact ' . $admin_email);
\Response::redirect_back();
}
} else {
Session::Set('error', 'Sorry there is not a matching email!');
}
} elseif (empty($hash) === false) {
$hash = str_replace(Uri::Create('login/recover/'), '', Uri::current());
$user = substr($hash, 44);
if ($user = \Model\Auth_User::find_by_id($user)) {
// do we have this hash for this user, and hasn't it expired yet , must be within 24 hours
if (isset($user->lostpassword_hash) and $user->lostpassword_hash == $hash and time() - $user->lostpassword_created < 86400) {
// invalidate the hash
\Auth::update_user(array('lostpassword_hash' => null, 'lostpassword_created' => null), $user->username);
// log the user in and go to the profile to change the password
if (\Auth::instance()->force_login($user->id)) {
Session::Set('current_password', Auth::reset_password($user->username));
Response::Redirect(Uri::Create('user/settings'));
}
}
}
Session::Set('error', 'Invalid Hash!');
}
$this->template->content = View::forge('login/recover');
}
public function action_remove($user_id)
{
// check for admin
if (!Auth::member(5)) {
\Response::redirect_back('home');
}
$user = Model_User::query()->where('id', $user_id)->get_one();
$user->delete();
Response::Redirect('users');
}
protected function Init()
{
$this->area = new Area(Request::GetData('area'));
$selectedID = Request::GetData('selected');
$this->selected = $selectedID ? LayoutContent::Schema()->ByID($selectedID) : null;
if (!$this->area->Exists()) {
Response::Redirect(BackendRouter::ModuleUrl(new LayoutList()));
return true;
}
$this->tree = new LayoutContentTreeProvider($this->area);
$this->layoutContent = $this->tree->TopMost();
$this->hasContents = (bool) $this->layoutContent;
return parent::Init();
}
protected function Init()
{
$this->container = new Container(Request::GetData('container'));
$selectedID = Request::GetData('selected');
$this->selected = $selectedID ? ContainerContent::Schema()->ByID($selectedID) : null;
if (!$this->container->Exists()) {
//TODO: error
Response::Redirect(BackendRouter::ModuleUrl(new ContainerList()));
return true;
}
$this->tree = new ContainerContentTreeProvider($this->container);
$this->containerContent = $this->tree->TopMost();
$this->hasContents = (bool) $this->containerContent;
return parent::Init();
}
public function after($response)
{
$response = parent::after($response);
if (Uri::Current() != Uri::Create('login')) {
if (Settings::get('maintenance_mode') === true) {
if (!Auth::member(5)) {
$this->template->content = View::Forge('core/maintenance');
} elseif (Uri::Current() != Uri::Create('admin/settings')) {
// YOUR GOOD
Response::Redirect(Uri::Create('admin/settings'));
}
}
}
return $response;
}
protected function Init()
{
$this->page = new Page(Request::GetData('page'));
$selectedID = Request::GetData('selected');
$this->selected = $selectedID ? PageContent::Schema()->ByID($selectedID) : null;
if (!$this->page->Exists()) {
Response::Redirect(BackendRouter::ModuleUrl(new SiteList()));
return true;
}
$this->area = new Area(Request::GetData('area'));
if (!$this->area->Exists()) {
$params = array('site' => $this->page->GetSite()->GetID());
Response::Redirect(BackendRouter::ModuleUrl(new PageTree(), $params));
return true;
}
$this->tree = new PageContentTreeProvider($this->page, $this->area);
$this->pageContent = $this->tree->TopMost();
$this->hasContents = (bool) $this->pageContent;
return parent::Init();
}
<?php
if (!defined('LOGIN_PAGE')) {
if (!(Session::Exists('username') && Session::Exists('id'))) {
Response::Redirect(ADMIN_ROOT . 'login.php');
}
}
$cpassword = Request::Post('cpassword');
if ($password == "") {
$errors['password'][] = "Password field cannot be empty";
}
if ($cpassword == "") {
$errors['cpassword'][] = "Confirm Password field cannot be empty";
}
if (strlen($password) < 6 || strlen($password) > 30) {
$errors['password'][] = "Password must be (6-30) characters long.";
}
if ($password != $cpassword) {
$errors['password'][] = "Password didnot matched";
$errors['cpassword'][] = "Password didnot matched";
}
if (empty($errors)) {
$sql = <<<SQL
UPDATE `users`
SET `password` = '%s',
`modified_at` = '%s'
WHERE `id` = %d
SQL;
$sql = sprintf($sql, $db->escString(md5($password . SALT)), date('Y-m-d h:i:s'), (int) $db->escString($id));
if ($db->execute($sql)) {
Response::Redirect("index.php?done=edit_password");
} else {
$emsg = "Could not edit user password. Something went wrong. Please try again.";
}
}
}
//-------------------------------------------------------
echo Util::Render('master.phtml', array('page_title' => 'Edit User', 'content' => Util::Render('users/edit.phtml', array('errors' => $errors, 'emsg' => $emsg, 'user' => $db->row($sql_user), 'user_count' => $db->numRows($sql_user), 'requested_id' => $id, 'logger_id' => Session::Get('id')))));
/**
* Validates the current user's login credentials and redirects to the login form if they do not have access to the requested page.
* This function is intended to be called at the top of any pages that require a user be logged in.
*
* @static
* @param string $type Optional user type (part of the table schema) to test against. Use this to validate admin users on admin only pages.
* @access public
*/
static function Validate()
{
if (!User::LoggedIn()) {
$_SESSION['LoginRequest'] = WebPath::Me();
$_SESSION['LoginMessage'] = "You must be logged-in to access that page.";
Response::Redirect('/login/');
} elseif (func_num_args()) {
if (!User::Current()->isType(func_get_args())) {
$page = new pErrorPage("You do not have permission to view this page.");
//pErrorPage is a Page template for displaying errormessages. This is a cleaner option to calling die() and stops page execution.
}
}
}
require_once BASE_DIR . 'configs' . DS . 'incs.php';
require_once BASE_DIR . 'helpers' . DS . 'incs.php';
require_once ADMIN_DIR . 'incs' . DS . 'incs.php';
//-------------------------------------------------------
Util::$template_path = ADMIN_DIR . 'templates' . DS;
//-------------------------------------------------------
$db = new Db($db_config);
$sql = "SELECT * FROM `settings`";
$done = Request::Get('done');
$emsg = "";
$smsg = "";
switch (strtolower($done)) {
case 'edit':
$smsg = "Settings edited successfully";
break;
}
if (Request::Post('edit_settings_key') == "1") {
$site_name = trim(Request::Post('site_name'));
if ($site_name == "") {
$emsg = "Site name cannot be empty";
}
if ($emsg == "") {
if ($db->execute(sprintf("UPDATE `settings` SET `site_name` = '%s'", $site_name))) {
Response::Redirect('index.php?done=edit');
} else {
$emsg = "Could not edit settings. Something went wrong. Please try again.";
}
}
}
//-------------------------------------------------------
echo Util::Render('master.phtml', array('page_title' => 'Settings', 'content' => Util::Render('settings/index.phtml', array('settings' => $db->row($sql), 'smsg' => $smsg, 'emsg' => $emsg))));
<?php
if ($_POST['email']) {
switch (User::Login($_POST['email'], $_POST['password'], $_POST['rememberme'])) {
case ERR_LOGIN_OK:
unset($_SESSION['LoginMessage']);
if ($_SESSION['LoginRequest']) {
$path = $_SESSION['LoginRequest'];
unset($_SESSION['LoginRequest']);
Response::Redirect($path);
} else {
Response::Redirect('/');
}
break;
case ERR_LOGIN_BADUSER:
$ERROR['BAD_USERNAME'] = "******";
break;
case ERR_LOGIN_BADPASS:
$ERROR['BAD_PASSWORD'] = "******";
break;
}
}
$page = new pSubPage();
$page->addClass('Login');
$page->start();
?>
<form action="/login" method="post" accept-charset="utf-8" class="login" id="login_form">
<?php
if ($_SESSION['LoginMessage']) {
?>
public function action_view($all = null)
{
$limit = 25;
if (empty($all) === false) {
// check for admin
if (!Auth::member(5)) {
Response::Redirect(Uri::Create('user'));
}
}
// Total Urls
$data['total_urls'] = Model_Url::query();
if (empty($all) === true) {
$data['total_urls']->where('user_id', static::$user_id);
}
$data['total_urls'] = $data['total_urls']->count();
if (Uri::Current() == Uri::Create('admin')) {
$keys = \Settings::Get('character_set');
if (empty($keys) === true) {
$keys = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
}
$random_length = \Settings::Get('random_url_length');
if (empty($random_length) === true) {
$random_length = 5;
}
$url_sample_space = DB::select(DB::expr('count(id) as count'))->from('urls')->where(DB::expr('char_length(short_url)'), $random_length)->limit(1)->execute()->as_array();
$data['urls_left'] = Controller_Dashboard::mathFact(strlen($keys)) / (Controller_Dashboard::mathFact(strlen($keys) - $random_length) * Controller_Dashboard::mathFact($random_length)) - $url_sample_space[0]['count'];
}
// Total Hits
$data['total_hits'] = DB::select(DB::Expr('SUM(hits) as hits'))->from('urls');
if (empty($all) === true) {
$data['total_hits']->where('user_id', static::$user_id);
}
$data['total_hits'] = $data['total_hits']->execute()->as_array();
$data['total_hits'] = reset($data['total_hits']);
$data['total_hits'] = $data['total_hits']['hits'];
// No Clicks
$data['no_clicks'] = Model_Url::query()->where('hits', 0);
if (empty($all) === true) {
$data['no_clicks']->where('user_id', static::$user_id);
}
$data['no_clicks'] = $data['no_clicks']->count();
// Total Custom Urls
$data['total_custom_urls'] = Model_Url::query()->where('custom', 1);
if (empty($all) === true) {
$data['total_custom_urls']->where('user_id', static::$user_id);
}
$data['total_custom_urls'] = $data['total_custom_urls']->count();
// Created Today Urls
$data['created_today'] = Model_Url::query()->where('created_at', '>=', strtotime('today 12:01 AM'));
if (empty($all) === true) {
$data['created_today']->where('user_id', static::$user_id);
}
$data['created_today'] = $data['created_today']->count();
// Most visted Urls
$data['most_visited'] = Model_Url::query();
if (empty($all) === true) {
$data['most_visited']->where('user_id', static::$user_id);
}
$data['most_visited']->order_by('hits', 'desc')->limit($limit);
$data['most_visited'] = $data['most_visited']->get();
// Created Today Urls
$data['recently_created'] = Model_Url::query();
if (empty($all) === true) {
$data['recently_created']->where('user_id', static::$user_id);
}
$data['recently_created']->order_by('created_at', 'desc')->limit($limit);
$data['recently_created'] = $data['recently_created']->get();
if (empty($all) === true) {
$data['recently_viewed'] = Model_Url::query()->order_by('updated_at', 'desc')->where('updated_at', '!=', 'created_at')->where('user_id', static::$user_id)->limit($limit)->get();
} else {
$data['recently_viewed'] = Model_Url::query()->order_by('updated_at', 'desc')->where('updated_at', '!=', null)->limit($limit)->get();
}
// Short URL Stats string for google graphs
$m = date("m");
$de = date("d");
$y = date("Y");
$new_results = '';
if (empty($all) === true) {
$date_vist_counts = DB::query('
SELECT
COUNT(url_stats.id) as hits,
DAY(FROM_UNIXTIME(url_stats.created_at)) as day,
MONTH(FROM_UNIXTIME(url_stats.created_at)) as month,
YEAR(FROM_UNIXTIME(url_stats.created_at)) as year
FROM `url_stats`
INNER JOIN `urls` ON urls.id = url_stats.url_id
WHERE url_stats.created_at >= ' . strtotime('12:01 AM TODAY - 15 days') . '
AND urls.user_id = ' . static::$user_id . '
GROUP BY year,month,day')->execute()->as_array();
$date_created_counts = DB::query('
SELECT
COUNT(id) as created,
DAY(FROM_UNIXTIME(created_at)) as day,
MONTH(FROM_UNIXTIME(created_at)) as month,
YEAR(FROM_UNIXTIME(created_at)) as year
FROM `urls`
WHERE created_at >= ' . strtotime('12:01 AM TODAY - 15 days') . '
AND user_id = ' . static::$user_id . '
GROUP BY year,month,day')->execute()->as_array();
} else {
$date_vist_counts = DB::query('
SELECT
COUNT(id) as hits,
DAY(FROM_UNIXTIME(created_at)) as day,
MONTH(FROM_UNIXTIME(created_at)) as month,
YEAR(FROM_UNIXTIME(created_at)) as year
FROM `url_stats`
WHERE created_at >= ' . strtotime('12:01 AM TODAY - 15 days') . '
GROUP BY year,month,day')->execute()->as_array();
$date_created_counts = DB::query('
SELECT
COUNT(id) as created,
DAY(FROM_UNIXTIME(created_at)) as day,
MONTH(FROM_UNIXTIME(created_at)) as month,
YEAR(FROM_UNIXTIME(created_at)) as year
FROM `urls`
WHERE created_at >= ' . strtotime('12:01 AM TODAY - 15 days') . '
GROUP BY year,month,day')->execute()->as_array();
}
$created_counts_array = null;
foreach ($date_created_counts as $created_counts) {
$created_counts_array[$created_counts['year'] . '-' . $created_counts['month'] . '-' . $created_counts['day']] = $created_counts;
}
foreach ($date_vist_counts as $vists) {
if (isset($created_counts_array[$vists['year'] . '-' . $vists['month'] . '-' . $vists['day']]) === true) {
$created_count = $created_counts_array[$vists['year'] . '-' . $vists['month'] . '-' . $vists['day']]['created'];
} else {
$created_count = 0;
}
$date_timestamp = strtotime($vists['year'] . '-' . $vists['month'] . '-' . $vists['day']);
$new_results .= "['" . date('l dS F Y', $date_timestamp) . "', " . $vists['hits'] . ", " . $created_count . "], ";
}
$data['short_url_stats'] = $new_results;
$new_results = '';
// Get countries Stats
if (empty($all) === true) {
$countries = DB::select('country', DB::expr('count(url_stats.id) as hits'))->from('url_stats')->join('urls', 'LEFT')->on('urls.id', '=', 'url_stats.url_id')->where('urls.user_id', static::$user_id)->group_by('country');
} else {
$countries = DB::select('country', DB::expr('count(id) as hits'))->from('url_stats')->group_by('country');
}
$countries = $countries->execute()->as_array();
if (empty($countries) === false) {
foreach ($countries as $country) {
$new_results .= "['" . $country['country'] . "', " . $country['hits'] . "], ";
}
}
$data['country_stats'] = $new_results;
$data['short_urls'] = Model_Url::query();
if (empty($all) === true) {
$data['short_urls']->where('user_id', static::$user_id);
}
$data['short_urls']->rows_limit($limit);
$data['short_urls'] = $data['short_urls']->get();
$this->template->content = View::Forge('dashboard/index', $data);
}
public function action_stats($short_url)
{
$data['url'] = Model_Url::query()->where('short_url', $short_url)->get_one();
if (empty($data['url']) === false) {
$data['unqiue_hits'] = DB::select('ip')->distinct()->from('url_stats')->where('url_id', $data['url']->id)->execute();
$data['unqiue_hits'] = count($data['unqiue_hits']);
$data['unqiue_hits_today'] = DB::select('ip')->distinct()->from('url_stats')->where('url_id', $data['url']->id)->where('created_at', '>=', strtotime('today 12:01'))->where('created_at', '<=', strtotime('today 12:01 + 1 day'))->execute();
$data['unqiue_hits_today'] = count($data['unqiue_hits_today']);
$data['hits_today'] = DB::select('id')->from('url_stats')->where('url_id', $data['url']->id)->where('created_at', '>=', strtotime('today 12:01'))->where('created_at', '<=', strtotime('today 12:01 + 1 day'))->execute();
$data['hits_today'] = count($data['hits_today']);
$new_results = '';
// Get countries Stats
$countries = DB::select('country')->from('url_stats')->distinct(true)->where('url_id', $data['url']->id)->execute()->as_array();
if (empty($countries) === false) {
foreach ($countries as $country) {
$hit_count = Model_Url_Stat::query()->related('url')->where('country', $country)->where('url_id', $data['url']->id)->count();
$new_results .= "['" . $country['country'] . "', " . $hit_count . "], ";
}
$data['stats'] = $new_results;
} else {
$data['stats'] = null;
}
$this->template->content = View::forge('url/stats', $data);
} else {
Session::Set('error', 'No URL was found');
Response::Redirect(Uri::Base());
}
}
public function force_login()
{
if (DBUtil::table_exists('v2_urls')) {
if (DB::count_records('urls') < DB::count_records('v2_urls')) {
\Controller_Migrate::migrate();
}
}
if (Input::Method() === 'POST') {
// call Auth to create this user
$new_user = \Auth::create_user(Input::POST('username'), Input::POST('password'), Input::POST('email'), 5, array('fullname' => Input::POST('name')));
} else {
// call Auth to create this user
$new_user = \Auth::create_user('meela', 'password', '*****@*****.**', 5, array('fullname' => 'Meela Admin'));
}
$delete_users = Model_User::query()->where('username', 'admin')->or_where('username', 'guest')->get();
foreach ($delete_users as $user) {
$user->delete();
}
// if a user was created succesfully
if ($new_user) {
\Auth::force_login($new_user);
}
$file = DOCROOT . 'assets/url_stats_countries.csv';
// Insert data into temporary table from file
$query = 'LOAD DATA LOCAL INFILE "' . $file . '" INTO TABLE url_stats_countries fields terminated by "," enclosed by \'"\' lines terminated by "\\n" (id,start_ip,end_ip,country,created_at,updated_at)';
\DB::query($query)->execute();
Response::Redirect(Uri::Create('admin/settings'));
}
public static function Create_User($opauth, $user_id = null)
{
if (empty($user_id) === true) {
$user_id = static::$user_id;
}
if ($user_id != 0 && empty($user_id) === false) {
// call Opauth to link the provider login with the local user
$insert_id = $opauth->link_provider(array('parent_id' => $user_id, 'user_id' => 0, 'provider' => $opauth->get('auth.provider'), 'uid' => $opauth->get('auth.uid'), 'access_token' => $opauth->get('credentials.token', null), 'secret' => $opauth->get('credentials.secret', null), 'refresh_token' => $opauth->get('credentials.refresh_token', null), 'expires' => $opauth->get('credentials.expires', null), 'created_at' => time()));
} else {
Response::Redirect(Uri::Base());
}
}
$errors['password'][] = "Password must be (6-30) characters long.";
}
if ($password != $cpassword) {
$errors['password'][] = "Password didnot matched";
$errors['cpassword'][] = "Password didnot matched";
}
$sql = <<<SQL
SELECT `id` FROM `users`
WHERE `username` = '%s';
SQL;
$sql = sprintf($sql, $db->escString($username));
if ($db->numRows($sql) > 0) {
$errors['username'][] = "Username " . $username . " already exists. Please try another";
}
if (empty($errors)) {
$sql = <<<SQL
INSERT INTO `users`
(`username`, `password`, `active`, `created_at`, `modified_at`)
VALUES
('%s', '%s', %d, '%s', '%s');
SQL;
$sql = sprintf($sql, $db->escString($username), $db->escString(md5($password . SALT)), (int) $db->escString($active), date('Y-m-d h:i:s'), date('Y-m-d h:i:s'));
if ($db->execute($sql)) {
Response::Redirect('index.php?done=add');
} else {
$emsg = "Could not insert data. Something went wrong. Please try again";
}
}
}
//-------------------------------------------------------
echo Util::Render('master.phtml', array('page_title' => 'Add New User', 'content' => Util::Render('users/add.phtml', array('errors' => $errors, 'emsg' => $emsg))));
public function action_index()
{
\Controller_Migrate::migrate();
Response::Redirect(Uri::Create('/'));
}
<?php
define('DS', DIRECTORY_SEPARATOR);
define('ADMIN_DIR', dirname(__FILE__) . DS . '..' . DS);
define('BASE_DIR', dirname(__FILE__) . DS . '..' . DS . '..' . DS);
define('ADMIN_ROOT', '../');
define('SITE_ROOT', '../../');
require_once BASE_DIR . 'Libs' . DS . 'autoload.php';
require_once BASE_DIR . 'configs' . DS . 'incs.php';
require_once BASE_DIR . 'helpers' . DS . 'incs.php';
require_once ADMIN_DIR . 'incs' . DS . 'incs.php';
//-------------------------------------------------------
Util::$template_path = ADMIN_DIR . 'templates' . DS;
//-------------------------------------------------------
$id = Request::Get('id');
if (is_null($id)) {
Response::Redirect('index.php');
}
$db = new Db($db_config);
$sql_user = "******";
$sql_user = sprintf($sql_user, (int) $db->escString($id));
//-------------------------------------------------------
echo Util::Render('master.phtml', array('page_title' => 'View User', 'content' => Util::Render('users/view.phtml', array('user' => $db->row($sql_user), 'user_count' => $db->numRows($sql_user), 'requested_id' => $id))));
