PHP security\Models\SiteLogger FullLog Examples

Programming Language: PHP

Namespace/Package Name: security\Models\SiteLogger

Class/Type: FullLog

Examples at hotexamples.com: 4

PHP security\Models\SiteLogger FullLog - 4 examples found. These are the top rated real world PHP examples of security\Models\SiteLogger\FullLog extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

addWarning(3)

addCritical(1)

addError(1)

serverData(1)

Example #1

Show file

File: ViewCorporateOrdersController.php Project: anhnt4288/owaspsecuritywithphp

    {
        $this->orders = $this->orderModel->setOrders();
    }
    public function getOrders()
    {
        return $this->orders;
    }
}
if (isset($_POST['submit']) || isset($_GET['submit'])) {
    extract($_POST);
    extract($_GET);
    $auth = new Authenticate();
    $isAjax = isset($isAjax) && $auth->isAjax() ? true : false;
    $pdo = new PDOSingleton(PDOSingleton::ADMINUSER);
    $errorRunner = new ErrorRunner();
    $logger = new FullLog('Corporate Viewing Orders');
    $logger->serverData();
    $checkAuth = new CheckAuth($logger);
    $errors = [];
    $orderID = !empty($orderid) ? $auth->cInt($orderid) : null;
    $isCorporate = $checkAuth->isCorporate();
    $employeeID = !empty($_SESSION['employeeid']) ? $auth->cInt($_SESSION['employeeid']) : null;
    $employeeID || ($errors[] = "No customer id.  You have most likely timed out.  Log out and log back in.");
    $isCorporate || ($errors[] = "You are not authenticated as a corporate user.");
    $models = new stdClass();
    $models->pdo = $pdo;
    $models->errorRunner = $errorRunner;
    $models->logger = $logger;
    $orderData = new stdClass();
    $orderData->orderID = $orderID;
    $orderData->employeeID = $employeeID;

Example #2

Show file

File: viewCorporate.php Project: anhnt4288/owaspsecuritywithphp

require_once dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . "partials/header.php";
use security\Controllers\Corporate\EmployeeGroupsOrdersController;
use security\Models\Authenticator\BlackLister;
use security\Models\Authenticator\CheckAuth;
use security\Models\ErrorRunner;
use security\Models\PDOSingleton;
use security\Models\RedisSingleton;
use security\Models\Router\Router;
use security\Models\SiteLogger\FullLog;
$router = new Router(__DIR__);
$rootPath = $router->rootPath;
$redis = new RedisSingleton();
$errorRunner = new ErrorRunner();
$pdo = new PDOSingleton(PDOSingleton::CORPORATEUSER);
$logger = new FullLog('Corporate View Orders Page');
$checkAuth = new CheckAuth($logger);
$blackList = new BlackLister($redis);
$isCorporate = $checkAuth->isCorporate();
$isAdmin = $checkAuth->isAdmin();
$router = new Router(__DIR__);
$rootPath = $router->rootPath;
if (!$isCorporate) {
    $logger->serverData();
    $logger->addWarning("User attempted to access unauthorized location.");
    $error = rawurlencode('Not an authenticated corporate user.');
    die(header("Location:{$rootPath}goodsite/corporate/corporatelogin.php?errors={$error}"));
}
$models = new stdClass();
$models->redis = $redis;
$models->errorRunner = $errorRunner;

Example #3

Show file

File: verifyregistration.php Project: anhnt4288/owaspsecuritywithphp

<?php

require_once dirname(__DIR__) . DIRECTORY_SEPARATOR . 'partials/header.php';
use security\Models\PDOSingleton;
use security\Models\RedisSingleton;
use security\Models\SiteLogger\FullLog;
$redis = new RedisSingleton();
$pdo = new PDOSingleton();
$logger = new FullLog();
$errors = [];
$message = null;
$successClass = $errorClass = 'hide';
$errorString = '';
if (isset($_GET['uniq'])) {
    $uid = $_GET['uniq'];
    $id = $redis->get($uid);
    if ($id) {
        $query = "UPDATE customers SET verified = 1 WHERE id = :id";
        $stmt = $pdo->prepare($query);
        $stmt->bindParam(':id', $id, PDO::PARAM_INT);
        $stmt->execute();
        $errorInfo = $stmt->errorInfo();
        if (isset($errorInfo[2])) {
            $errors[] = "No user matching the UID provided.";
            $logger->addCritical("Unable to Add new user because {$errorInfo[2]}.");
        }
        $changed = $stmt->rowCount();
        if ($changed) {
            $successClass = null;
            $message = "Successfully verified new customer and email.  You can now login to the customer site.";
            $redis->del($uid);

Example #4

Show file

File: createNewCustomer.php Project: anhnt4288/owaspsecuritywithphp

use security\Models\Generator\CountryList;
use security\Models\PDOSingleton;
use security\Models\RedisSingleton;
use security\Models\Router\Router;
use security\Models\SiteLogger\FullLog;
$countryList = new CountryList();
$countries = $countryList->getCountryList();
$countryOptions = '';
foreach ($countries as $code => $countryName) {
    $countryOptions .= "<option value='{$code}'>{$countryName}</option>";
}
$router = new Router(__DIR__);
$rootPath = $router->rootPath;
$redis = new RedisSingleton();
$errorRunner = new ErrorRunner();
$logger = new FullLog("Create new Customer");
$pdo = new PDOSingleton(PDOSingleton::CUSTOMERUSER);
$blacklist = new BlackLister();
if (!isset($_SESSION["visits"])) {
    $_SESSION["visits"] = 0;
}
$_SESSION["visits"] = $_SESSION["visits"] + 1;
if ($_SESSION["visits"] > 5) {
    $logger->serverData();
    // increment the blacklister by one.
    $logger->addWarning("Someone is repeatedly visiting the create new customer account, this is their {$_SESSION['visits']}.  Potential abuse.");
    $blacklist->blackList();
}
if ($blacklist->isBlackListed()) {
    // Again, this is an incredibly weak protection.
    $logger->addError("This IP has been flagged as abusive.");