public function install($db_type) { $f3 = \Base::instance(); $db_type = strtoupper($db_type); if ($db = storage::instance()->get($db_type)) { $f3->set('DB', $db); } else { $f3->error(256, 'no valid DB specified'); } // setup the models \Model\Post::setup(); \Model\Tag::setup(); \Model\Comment::setup(); \Model\User::setup(); // create demo admin user $user = new \Model\User(); $user->load(array('username = ?', 'admin')); if ($user->dry()) { $user->username = '******'; $user->name = 'Administrator'; $user->password = '******'; $user->save(); \Flash::instance()->addMessage('Admin User created,' . ' username: admin, password: fabulog', 'success'); } \Flash::instance()->addMessage('Setup complete', 'success'); }
/** * Login Procedure * @param $f3 * @param $params */ public function login($f3, $params) { if ($f3->exists('POST.username') && $f3->exists('POST.password')) { sleep(3); // login should take a while to kick-ass brute force attacks $user = new \Model\User(); $user->load(array('username = ?', $f3->get('POST.username'))); if (!$user->dry()) { // check hash engine $hash_engine = $f3->get('password_hash_engine'); $valid = false; if ($hash_engine == 'bcrypt') { $valid = \Bcrypt::instance()->verify($f3->get('POST.password'), $user->password); } elseif ($hash_engine == 'md5') { $valid = md5($f3->get('POST.password') . $f3->get('password_md5_salt')) == $user->password; } if ($valid) { @$f3->clear('SESSION'); //recreate session id $f3->set('SESSION.user_id', $user->_id); if ($f3->get('CONFIG.ssl_backend')) { $f3->reroute('https://' . $f3->get('HOST') . $f3->get('BASE') . '/'); } else { $f3->reroute('/cnc'); } } } \Flash::instance()->addMessage('Wrong Username/Password', 'danger'); } $this->response->setTemplate('templates/login.html'); }
/** * Installs tables with default user * @param $db_type */ public function install($db_type) { $f3 = \Base::instance(); $db_type = strtoupper($db_type); if ($db = DBHandler::instance()->get($db_type)) { $f3->set('DB', $db); } else { $f3->error(256, 'no valid Database Type specified'); } // setup the models \Model\User::setup(); \Model\Payload::setup(); \Model\Webot::setup(); // create demo admin user $user = new \Model\User(); $user->load(array('username = ?', 'mth3l3m3nt')); if ($user->dry()) { $user->username = '******'; $user->name = 'Framework Administrator'; $user->password = '******'; $user->email = '*****@*****.**'; $user->save(); //migrate payloads successfully $payload_file = $f3->ROOT . $f3->BASE . '/db_dump_optional/mth3l3m3nt_payload'; if (file_exists($payload_file)) { $payload = new \Model\Payload(); $payload_file_data = $f3->read($payload_file); $payloadarray = json_decode($payload_file_data, true); foreach ($payloadarray as $payloaddata) { $payload->pName = $payloaddata['pName']; $payload->pType = $payloaddata['pType']; $payload->pCategory = $payloaddata['pCategory']; $payload->pDescription = $payloaddata['pDescription']; $payload->payload = $payloaddata['payload']; $payload->save(); //ensures values set to null before continuing update $payload->reset(); } //migtate payloads \Flash::instance()->addMessage('Payload StarterPack: ,' . 'All Starter Pack Payloads added New database', 'success'); } else { \Flash::instance()->addMessage('Payload StarterPack: ,' . 'StarterPack Database not Found no payloads installed ', 'danger'); } \Flash::instance()->addMessage('Admin User created,' . ' username: mth3l3m3nt, password: mth3l3m3nt', 'success'); } \Flash::instance()->addMessage('New Database Setup Completed', 'success'); }