Example #1
0
 public function register()
 {
     $signedUser = $this->app->user();
     // auth
     if (Util\Auth::isAuth($signedUser)) {
         header('Location: /profile');
         exit;
     }
     // check
     $user = new \Rebond\Core\User\Model();
     $form = new \Rebond\Core\User\Form($user);
     $tpl = new Util\Template(Util\Template::MODULE, ['app', 'User']);
     // register
     $register = Util\Converter::toString('register', 'post');
     if (isset($register)) {
         if ($form->setFromPost()->validate(['username', 'email', 'password'])->isValid()) {
             $user->setStatus(0);
             $user->setPassword(Util\Security::encryptPassword($user->getPassword()));
             $resultUpload = Util\Media::upload($user->getUsername());
             if ($resultUpload['result'] == ResultType::ERROR) {
                 Util\Session::set('siteError', $resultUpload['message']);
             } else {
                 if ($resultUpload['result'] == ResultType::SUCCESS) {
                     $user->setAvatarId($resultUpload['mediaId']);
                 }
                 $user->save();
             }
             // send email
             if (Mail::register($this->app->site()->getTitle(), $user)) {
                 return $tpl->render('register-success');
             }
             // mail could not be sent
             $user->setStatus(1);
             $userRole = new \Rebond\Core\UserRole\Model();
             $userRole->setUserId($user->getId());
             $userRole->setRoleId(\Rebond\Core\Role\Model::MEMBER);
             $userRole->save();
             return $tpl->render('register-success-nomail');
         } else {
             Util\Session::set('siteError', $form->getValidation()->getMessage());
         }
     }
     // confirm email
     $confirm = Util\Converter::toString('confirm');
     if (isset($confirm)) {
         $signedUser = \Rebond\Core\UserSecurity\Service::getUserBySecure($confirm, \Rebond\Core\UserSecurity\Model::CONFIRM);
         if (isset($signedUser) && $signedUser->getId() != 0) {
             $userRole = new \Rebond\Core\UserRole\Model();
             $userRole->setUserId($signedUser->getId());
             $userRole->setRoleId(\Rebond\Core\Role\Model::MEMBER);
             $userRole->save();
             Util\Session::set('allSuccess', Util\Lang::lang('hi', [$signedUser->getUsername()]));
             Util\Session::set('signedUser', $signedUser->getId());
             $this->app->setUser($signedUser);
             return $tpl->render('register-confirm');
         }
     }
     $tpl->set('item', $form);
     return $tpl->render('register');
 }
Example #2
0
 public function changePassword($redirect, $checkCurrentPassword = true)
 {
     $currentPassword = $this->getModel()->getPassword();
     $this->setFromPost();
     $newPassword = Util\Converter::string('passwordnew', 'post');
     $fields = [];
     $fields['token'] = $this->validateToken();
     if ($checkCurrentPassword) {
         $fields['password'] = $this->validatePassword();
     }
     $fields['passwordnew'] = Util\Validate::validate('passwordnew', $newPassword, ['password' => true, 'required' => true, 'minLength' => 4, 'maxLength' => 40, 'different' => $this->getModel()->getPassword()]);
     $this->getValidation()->setFields($fields);
     if ($this->getValidation()->isValid()) {
         if (!$checkCurrentPassword || Service::validatePassword($currentPassword, $this->getModel()->getPassword())) {
             $this->getModel()->setPassword(Util\Security::encryptPassword($newPassword));
             \Rebond\Core\User\Data::savePassword($this->getModel());
             \Rebond\Core\UserSecurity\Data::deleteSecure($this->getModel()->getId(), \Rebond\Core\UserSecurity\Model::RESET);
             Util\Session::allSuccess('passwordChanged', $redirect);
         } else {
             Util\Session::set('allError', Util\Lang::lang('errorWrongPassword'));
         }
     } else {
         Util\Session::set('allError', $this->getValidation()->getMessage());
     }
 }
Example #3
0
 public function register()
 {
     $signedUser = $this->app->user();
     // auth
     if (Util\Auth::isAuth($signedUser)) {
         header('Location: /profile');
         exit;
     }
     // check
     $user = new \Rebond\Core\User\Model();
     $form = new \Rebond\Core\User\Form($user);
     $tpl = new Util\Template(Util\Template::MODULE, ['app', 'User']);
     // register
     $register = Util\Converter::string('register', 'post');
     if (isset($register)) {
         if ($form->setFromPost()->validate()->isValid()) {
             $user->setStatus(0);
             $user->setPassword(Util\Security::encryptPassword($user->getPassword()));
             $avatarId = Util\Media::generateAvatar($user->getUsername());
             $user->setAvatarId($avatarId);
             $user->save();
             // send email
             if (Mail::register($this->app->site()->getTitle(), $user)) {
                 return $tpl->render('register-success');
             } else {
                 $user->setStatus(1);
                 $user->save();
                 $userRole = new \Rebond\Core\UserRole\Model();
                 $userRole->setUserId($user->getId());
                 $userRole->setRoleId(5);
                 // member
                 $userRole->save();
                 return $tpl->render('register-success-nomail');
             }
         } else {
             Session::set('siteError', $form->getValidation()->getMessage());
         }
     }
     // confirm email
     $confirm = Util\Converter::string('confirm');
     if (isset($confirm)) {
         $signedUser = \Rebond\Core\UserSecurity\Data::loadBySecure($confirm, \Rebond\Core\UserSecurity\Model::CONFIRM);
         if (isset($signedUser) && $signedUser->getId() != 0) {
             $userRole = new \Rebond\Core\UserRole\Model();
             $userRole->setUserId($signedUser->getId());
             $userRole->setRoleId(5);
             // member
             $userRole->save();
             Util\Session::set('allSuccess', Util\Lang::lang('hi', [$signedUser->getUsername()]));
             Util\Session::set('signedUser', $signedUser->getId());
             $this->app->setUser($signedUser);
             return $tpl->render('register-confirm');
         }
     }
     $tpl->set('item', $form);
     return $tpl->render('register');
 }
Example #4
0
 public static function validatePassword($password, $encryptedPassword)
 {
     if (Util\Security::isValidPassword($password, $encryptedPassword)) {
         return true;
     }
     // legacy security
     if ($encryptedPassword == Util\Security::encrypt($password)) {
         return true;
     }
     return false;
 }
Example #5
0
File: Own.php Project: vincium/resa
 public function player()
 {
     Util\Auth::isAdminAuthorized($this->signedUser, 'member', true, '/');
     $playerId = Util\Converter::toInt('id');
     if (!isset($playerId)) {
         Util\Session::adminError('item.not.found', [Util\Lang::lang('player'), $playerId], '/own');
     }
     $user = \Rebond\Core\User\Data::loadById($playerId, true);
     $player = \Own\Bus\Player\Data::loadById($playerId, true);
     $userForm = new \Rebond\Core\User\Form($user);
     $playerForm = new \Own\Bus\Player\Form($player);
     // action
     $save = Util\Converter::toString('save', 'post');
     $membershipIds = Util\Converter::toArray('membership', 'post');
     if (isset($save)) {
         if ($user->getId() == 0) {
             $user->setUsername($user->getEmail());
             $user->setPassword(Util\Security::encryptPassword($user->getPassword()));
         }
         if ($userForm->setFromPost()->validate()->isValid()) {
             if ($playerForm->setFromPost()->validate()->isValid()) {
                 \Own\Bus\PlayerMembership\Data::deleteByPlayerId($player->getId());
                 $newMemberships = [];
                 if (isset($membershipIds)) {
                     foreach ($membershipIds as $membershipId) {
                         $playerMembership = new \Own\Bus\PlayerMembership\Model();
                         $playerMembership->setPlayerId($player->getId());
                         $playerMembership->setMembershipId($membershipId);
                         $newMemberships[] = $playerMembership;
                     }
                 }
                 \Own\Bus\PlayerMembership\Data::saveAll($newMemberships);
                 $user->save();
                 $player->save();
                 Util\Session::adminSuccess('saved', '/own/player?id=' . $user->getId());
             } else {
                 Util\Session::set('adminError', $playerForm->getValidation()->getMessage());
             }
         } else {
             Util\Session::set('adminError', $userForm->getValidation()->getMessage());
         }
     }
     $tplEditor = new Util\Template(Util\Template::SITE, ['admin']);
     $tplEditor->set('user', $userForm);
     $tplEditor->set('player', $playerForm);
     $tplInfo = new Util\Template(Util\Template::SITE, ['admin']);
     $tplInfo->set('user', $user);
     return $this->response('tpl-default', ['title' => Util\Lang::lang('own'), 'jsLauncher' => 'own'], 'layout-2-col', ['column1' => $tplEditor->render('player-editor'), 'column2' => $tplInfo->render('player-info')]);
 }
Example #6
0
 public function user_edit()
 {
     // auth
     Auth::isAdminAuthorized($this->signedUser, 'admin.user', true, '/user');
     // check
     $save = Converter::string('save', 'post');
     $id = \Rebond\Util\Converter::int('id');
     $user = \Rebond\Core\User\Data::loadById($id, true);
     $id = $user->getId();
     $form = new \Rebond\Core\User\Form($user);
     // action
     if (isset($save)) {
         Auth::isAdminAuthorized($this->signedUser, 'admin.user.edit', true, '/user/edit?id=' . $id);
         if ($form->setFromPost()->validate()->isValid()) {
             if ($user->getId() == 0) {
                 $user->setPassword(\Rebond\Util\Security::encryptPassword($user->getPassword()));
             }
             $user->save();
             $userSettings = \Rebond\Cms\UserSettings\Data::loadByUserId($user->getId());
             if (!isset($userSettings)) {
                 $userSettings = new \Rebond\Cms\UserSettings\Model();
                 $userSettings->setUserId($user->getId());
                 $userSettings->save();
             }
             Session::adminSuccess('saved', '/user');
         } else {
             Session::set('adminError', $form->getValidation()->getMessage());
         }
     }
     // view
     $this->setTpl();
     // main
     $tplMain = new Template(Template::MODULE, ['core', 'user']);
     $tplMain->set('item', $form);
     // layout
     if (Auth::isAdminAuthorized($this->signedUser, 'admin.user.edit', false)) {
         if ($id == 0) {
             $this->tplLayout->set('column1', $tplMain->render('register'));
         } else {
             $this->tplLayout->set('column1', $tplMain->render('editor'));
         }
     } else {
         $this->tplLayout->set('column1', $tplMain->render('view'));
     }
     // master
     $this->tplMaster->set('layout', $this->tplLayout->render('layout-1-col'));
     $this->tplMaster->set('jsLauncher', 'userEdit');
     return $this->tplMaster->render('tpl-default');
 }
Example #7
0
 public static function saveSecure(\Rebond\Core\User\Model $user, $type)
 {
     $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
     $secure = Util\Security::encrypt($user->getEmail() . $ip);
     if ($type == Model::REMEMBER) {
         $expire = time() + 60 * 60 * 24 * 7;
         // 7 days
         setcookie('signedUser', $secure, $expire, '/', Util\Nav::removePort(\Rebond\Config::getPath('siteUrl')));
         $options = [];
         $options['where'][] = ['user_id = ?', $user->getId()];
         $options['where'][] = ['type = ?', Model::REMEMBER];
         $userSecure = Data::load($options);
         if (isset($userSecure)) {
             return $userSecure;
         }
     }
     $userSecure = new Model();
     $userSecure->setUserId($user->getId());
     $userSecure->setSignIn($user->getEmail());
     $userSecure->setSecure($secure);
     $userSecure->setType($type);
     $userSecure->save();
     return $secure;
 }
Example #8
0
 public function validateToken()
 {
     return Util\Security::validateToken($this->unique, get_class($this), $this->getModel()->getId(), $this->token);
 }
Example #9
0
 public function view()
 {
     $matchId = Util\Converter::toInt('id');
     $live = Util\Converter::toBool('live');
     $key = Util\Converter::toString('key');
     $options = [];
     $options['where'][] = 'match.id = ' . $matchId;
     $options['where'][] = 'match.status IN (' . MatchStatus::PLAYING . ', ' . MatchStatus::FINISHED . ')';
     $match = \Own\Bus\Match\Data::load($options);
     if (!isset($match)) {
         Util\Session::siteError('matchNotFound', null, '/match/schedule');
     }
     if ($this->player == null) {
         $this->player = new \Own\Bus\Player\Model();
     }
     $realKey = \Rebond\Util\Security::encrypt($match->getId());
     $hasViewed = $match->hasViewed($this->player->getId());
     $options = [];
     $options['where'][] = ['match_id = ?', $match->getId()];
     $options['order'][] = 'id';
     $matchLog = \Own\Bus\Log\Data::loadAll($options);
     if ($live && count($matchLog) == 0) {
         $live = false;
         Util\Session::set('siteError', Util\Lang::lang('noMatchLog'));
         $key = $realKey;
     }
     // auth
     if (!$live) {
         if ($match->getStatus() == MatchStatus::PLAYING) {
             Util\Session::siteError('matchPlaying', null, '/match/schedule');
         }
         if ($key != $realKey && !$hasViewed && count($matchLog) > 0 && ($this->player->getId() == $match->getPlayerMatch1()->getPlayerId() || $this->player->getId() == $match->getPlayerMatch2()->getPlayerId())) {
             $live = true;
         }
     }
     // view
     $this->setTpl();
     // main
     $tplMain = new Util\Template(Util\Template::SITE, ['www']);
     $tplMain->set('match', $match);
     if ($live) {
         $logs = [];
         foreach ($matchLog as $log) {
             $logs[] = $log->toArray();
         }
         $tplMain->set('logs', $logs);
         $isLive = !$hasViewed && $match->getModifiedDate() > time() - 1800 ? 1 : 0;
         $tplMain->set('isLive', $isLive);
         $tplMain->set('key', $realKey);
         $tpl = 'match-view-live';
         $this->tplMaster->set('bodyClass', 'body-' . $match->getSurface());
     } else {
         if ($key == $realKey) {
             $match->setViewed($this->player->getId());
             \Own\Bus\Notification\Data::updateViewedByPlayerIdAndMatchId($this->player->getId(), $match->getId());
         }
         $tpl = 'match-view';
         $options = [];
         $options['where'][] = ['match_id = ?', $match->getId()];
         $notification = \Own\Bus\Notification\Data::load($options);
         $tplMain->set('notification', $notification);
         $tplMain->set('serveLabels', \Own\Bus\PlayerMatch\Service::getServeLabels());
         $tplMain->set('player1ServeStats', \Own\Bus\PlayerMatch\Service::getServeStats($match->getPlayerMatch1()));
         $tplMain->set('player2ServeStats', \Own\Bus\PlayerMatch\Service::getServeStats($match->getPlayerMatch2()));
         $tplMain->set('returnLabels', \Own\Bus\PlayerMatch\Service::getReturnLabels());
         $tplMain->set('player1ReturnStats', \Own\Bus\PlayerMatch\Service::getReturnStats($match->getPlayerMatch1()));
         $tplMain->set('player2ReturnStats', \Own\Bus\PlayerMatch\Service::getReturnStats($match->getPlayerMatch2()));
         $tplMain->set('otherLabels', \Own\Bus\PlayerMatch\Service::getOtherLabels());
         $tplMain->set('player1OtherStats', \Own\Bus\PlayerMatch\Service::getOtherStats($match->getPlayerMatch1()));
         $tplMain->set('player2OtherStats', \Own\Bus\PlayerMatch\Service::getOtherStats($match->getPlayerMatch2()));
         $tplMain->set('attitudeLabels', \Own\Bus\PlayerMatch\Service::getAttitudeLabels());
         $tplMain->set('player1AttitudeStats', \Own\Bus\PlayerMatch\Service::getAttitudeStats($match->getPlayerMatch1()));
         $tplMain->set('player2AttitudeStats', \Own\Bus\PlayerMatch\Service::getAttitudeStats($match->getPlayerMatch2()));
         $tplMain->set('mentalLabels', \Own\Bus\PlayerMatch\Service::getMentalLabels());
         $tplMain->set('player1MentalStats', \Own\Bus\PlayerMatch\Service::getMentalStats($match->getPlayerMatch1()));
         $tplMain->set('player2MentalStats', \Own\Bus\PlayerMatch\Service::getMentalStats($match->getPlayerMatch2()));
         $tplMain->set('shotLabels', \Own\Bus\PlayerMatch\Service::getShotLabels());
         $tplMain->set('player1ShotStats', \Own\Bus\PlayerMatch\Service::getShotStats($match->getPlayerMatch1()));
         $tplMain->set('player2ShotStats', \Own\Bus\PlayerMatch\Service::getShotStats($match->getPlayerMatch2()));
         $tplMain->set('notificationCount', \Own\Bus\Notification\Data::countByPlayerId($this->player->getId()));
     }
     // layout
     $this->tplLayout->set('column1', $tplMain->render($tpl));
     // template
     $this->tplMaster->set('layout', $this->tplLayout->render('layout-center'));
     return $this->tplMaster->render('tpl-default');
 }
Example #10
0
 private function addPlayers(array $players, $start, $batch)
 {
     $start *= $batch;
     $sqlUserMain = 'INSERT INTO core_user
     (id, firstname, lastname, username, email, password, avatar_id, is_admin, is_dev, status, created_date, modified_date) VALUES ';
     $sqlUserItem = "(%d, '%s', '%s', '%s', '%s', '%s', 0, 0, 0, 1, NOW(), NOW())";
     $sqlUserRoleMain = 'INSERT INTO core_user_role (user_id, role_id) VALUES ';
     $sqlUserRoleItem = '(%d, 5)';
     $sqlPlayerMain = 'INSERT INTO bus_player (id, max_booking, level, is_caroussel, credits) VALUES ';
     $sqlPlayerItem = '(%d, 1, 0, 0, 10)';
     $sqlMembershipMain = 'INSERT INTO bus_player_membership (player_id, membership_id) VALUES ';
     $sqlMembershipItem = '(%d, 1)';
     $count = 0;
     $sqlUser = [];
     $sqlUserRole = [];
     $sqlPlayer = [];
     $sqlMembership = [];
     foreach ($players as $id => $player) {
         if ($id < 1) {
             continue;
         }
         $start--;
         if ($start >= 0) {
             continue;
         }
         $sqlUser[] = sprintf($sqlUserItem, $id, $player[1], $player[0], Util\Format::friendlyTitle($player[1] . '_' . $player[0]), uniqid() . '@gmail.com', Util\Security::encryptPassword('test'));
         $sqlUserRole[] = sprintf($sqlUserRoleItem, $id);
         $sqlPlayer[] = sprintf($sqlPlayerItem, $id);
         $sqlMembership[] = sprintf($sqlMembershipItem, $id);
         $count++;
         if ($count >= $batch) {
             break;
         }
     }
     $db = new Util\Data();
     $db->execute($sqlUserMain . implode(',', $sqlUser));
     $db->execute($sqlUserRoleMain . implode(',', $sqlUserRole));
     $db->execute($sqlPlayerMain . implode(',', $sqlPlayer));
     $db->execute($sqlMembershipMain . implode(',', $sqlMembership));
     return $count . ' players added. ';
 }
Example #11
0
 public function index()
 {
     // check
     $this->db = new \Rebond\Util\Data();
     $this->authFile = \Rebond\Config::getPath('config') . 'authentication.txt';
     $this->queryTables = 'SELECT COUNT(TABLE_NAME) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = \'' . \Rebond\Config::getDb('name') . '\'';
     $this->queryCheckUser = 'SHOW TABLES LIKE "core_user"';
     $this->info = [];
     $isAuth = Session::int('auth');
     $action = Converter::string('action');
     // action
     if ($isAuth == 0) {
         $this->step = 'auth';
         // check auth
         if (!file_exists($this->authFile)) {
             $auth = \Rebond\Util\Security::encrypt(time());
             File::save($this->authFile, 'w', $auth);
         } else {
             $auth = File::read($this->authFile, 'r');
         }
         if (isset($_POST['submitAuth'])) {
             if ($auth == $_POST['auth']) {
                 Session::set('auth', 1);
                 $isAuth = 1;
                 unlink($this->authFile);
                 $this->step = 'db';
                 $this->info[] = '<p class="bg-success">You have been authenticated!</p>';
             } else {
                 $this->info[] = '<p class="bg-error">The identification number you entered is incorrect. Please try again.</p>';
             }
         }
     }
     if ($isAuth == 1) {
         // check db
         $tableCount = $this->db->count($this->queryTables);
         $userTable = $this->db->selectOne($this->queryCheckUser);
         if ($tableCount != 0 && $tableCount !== self::TABLECOUNT) {
             $this->info[] = '<p class="bg-error">Your database contains ' . $tableCount . ' table(s). A fresh install of Rebond should contain ' . self::TABLECOUNT . ' tables. Please check your database name to make sure that you want to install Rebond in this database.</p>';
         }
         if (count($userTable) == 0) {
             $this->step = 'db';
             if ($action == 'db') {
                 $scripts = \Rebond\Util\File::getFiles('files/install');
                 sort($scripts);
                 foreach ($scripts as $script) {
                     $result = $this->db->runScript('files/install', $script);
                     if ($result['status'] == \Rebond\Core\ResultType::SUCCESS) {
                         $this->info[] = '<p>' . $script . '... success.</p>';
                     } else {
                         $this->info[] = '<p>' . $script . '... failed: <span class="error">' . $result['message'] . '</span></p>';
                         break;
                     }
                 }
                 $tableCount = $this->db->count($this->queryTables);
                 $userTable = $this->db->selectOne($this->queryCheckUser);
                 if (count($userTable) == 0) {
                     $this->info[] = '<p class="bg-error">The database has NOT been installed correctly. Please try to reinstall the database.</p>';
                 } else {
                     $this->info[] = '<p class="bg-success">The database has been installed successfully.</p>';
                     $this->step = 'db-ok';
                 }
             }
             // check user
         } else {
             if (\Rebond\Core\User\Data::count() == 0) {
                 $this->step = 'user';
                 $user = new \Rebond\Core\User\Model();
                 $userForm = new \Rebond\Core\User\Form($user);
                 if (isset($_POST['submitUser'])) {
                     if ($userForm->setFromPost()->validate()->isValid()) {
                         $user->setPassword(Security::encryptPassword($user->getPassword()));
                         $user->setIsAdmin(true);
                         $user->setIsDev(true);
                         $user->save();
                         $this->step = 'ready';
                     } else {
                         Session::set('adminError', $userForm->getValidation()->getMessage());
                     }
                 }
                 // ready
             } else {
                 $this->step = 'ready';
                 if ($action == 'launch') {
                     $adminPath = \Rebond\Config::getPath('admin');
                     $sitePath = \Rebond\Config::getPath('site');
                     rename($adminPath . 'index.php', $adminPath . 'index_install.php');
                     rename($adminPath . 'index_admin.php', $adminPath . 'index.php');
                     rename($sitePath . 'index.php', $sitePath . 'index_install.php');
                     rename($sitePath . 'index_cms.php', $sitePath . 'index.php');
                     $db = new \Rebond\Util\Data();
                     $db->backup('launch');
                     Session::kill('auth');
                     Session::setAndRedirect('signedUser', 1, '/configuration/site');
                 }
             }
         }
     }
     // menu
     $tplMenu = new Template(Template::SITE, ['admin', 'install']);
     $tplMenu->set('menuAuth', $this->step == 'auth' ? ' class="active"' : '');
     $tplMenu->set('menuDb', in_array($this->step, ['db', 'db-ok']) ? ' class="active"' : '');
     $tplMenu->set('menuUser', $this->step == 'user' ? ' class="active"' : '');
     $tplMenu->set('menuReady', $this->step == 'ready' ? ' class="active"' : '');
     // main
     $tplMain = new Template(Template::SITE, ['admin', 'install']);
     // layout
     $this->tplLayout->set('column1', $tplMenu->render('menu'));
     $this->tplLayout->add('column1', implode($this->info));
     if ($this->step == 'user') {
         if (!isset($user)) {
             $userForm = new \Rebond\Core\User\Form();
             $userForm->setFromPost();
         }
         $tplMain->set('form', $userForm);
     }
     $this->tplLayout->add('column1', $tplMain->render($this->step));
     // master
     $this->tplMaster->set('layout', $this->tplLayout->render('layout-1-col'));
     $this->tplMaster->set('jsLauncher', 'install');
     $this->tplMaster->addCss('/css/normalize.css');
     $this->tplMaster->addCss('/css/rebond.css');
     $this->tplMaster->addCss('/css/custom.css');
     $this->tplMaster->addJs('//code.jquery.com/jquery-2.1.3.min.js');
     $this->tplMaster->addJs('/js/rebond.js');
     $this->tplMaster->addJs('/js/custom.js');
     return $this->tplMaster->render('tpl-install');
 }