function __construct($rule = 0, $permission = null) { // test to make sure that access code is legit $REQUEST = new Request(); $OUTPUT = new Output(); if ($REQUEST->avail("access_token")) { $access_token = $REQUEST->get("access_token"); $DB = new db("System"); $clientInfo = $DB->selectCollection("Accounts"); $this->client_doc = $clientInfo->findOne(array("system_info.access_token" => $access_token)); if ($rule > 0 && !isset($this->client_doc)) { $OUTPUT->error(1, "Access Code is invalid, missing, or has Expired"); } if (isset($this->client_doc["system_info"]["role"])) { $this->role = $this->client_doc["system_info"]["role"]; } if (isset($this->client_doc["system_info"]["permissions"]) && is_array($this->client_doc["system_info"]["permissions"])) { $this->permissions = $this->client_doc["system_info"]["permissions"]; } // if the clients role is less than the rule for this file $this->permission($rule, $permission); } else { if ($rule > 0) { $OUTPUT->error(1, "Access Code is invalid, missing, or has Expired."); } } }
<?php // Helpers nand includes include_once '/var/www/html/Lux/Core/Helper.php'; $FILES = new Files(); $REQUEST = new Request(); if ($REQUEST->avail("admin") && $REQUEST->get("admin")) { $RULES = new Rules(5, "files"); $FILES->cp($REQUEST, '/var/www/html' . $REQUEST->get("admin_base", "/")); } else { $RULES = new Rules(5, "files"); $FILES->cp($REQUEST, '/var/www/html/uploads'); } ?>
// no SN_id exists $SNDoc2 = array("providers" => array($provider_name => $meDoc)); $SN_users->insert($SNDoc2); // if no SN_id exists, create a new one $System_users->update(array("system_info.access_token" => $SESSION->get("access_token")), array('$set' => array('SN_id' => $SNDoc2["_id"])), array("multiple" => false, "upsert" => false)); } else { // update providers.provider_name = meDoc where _id = SN_id $SN_users->update(array("SN_id" => $AuthDoc["SN_id"]), array('$set' => $SNDoc1), array("multiple" => false, "upsert" => true)); } } } // Logic Code for OAuth $REQUEST = new Request(); $OUTPUT = new Output(); // Runs when the request for the redirect url is made if ($REQUEST->avail("provider")) { // create a new session for this user $SESSION = new Session(); if ($REQUEST->avail("access_token")) { // Save the redirect domain if it is passed in $SESSION->set("access_token", $REQUEST->get("access_token")); } // check if the redirect_domain is the same as the HTTP_HOST if ($REQUEST->avail("redirect_domain")) { // Save the redirect domain if it is passed in $SESSION->set("redom", $REQUEST->get("redirect_domain")); } // Save the href that you are being redirected to if ($REQUEST->avail("href")) { // if an href is passed in $SESSION->set("href", $REQUEST->get("href"));
<?php // Helper functions and includes include_once '/var/www/html/Lux/Core/Helper.php'; $DB = new Db("System"); $collection = $DB->selectCollection("Accounts"); $OUTPUT = new Output(); $REQUEST = new Request(); // get Password and Username from $REQUEST $document = $collection->findOne(array('$or' => array(array("system_info.user" => $REQUEST->get("user")), array("system_info.email" => $REQUEST->get("user"))))); if (password_verify($REQUEST->get("password"), $document["system_info"]["hash"])) { $lAT = bin2hex(openssl_random_pseudo_bytes(16)); // save $lAT into database if ($REQUEST->avail("response_type") && $REQUEST->get("response_type") == "code") { $collection->update(array("_id" => $document["_id"]), array('$addToSet' => array("system_info.OAuth_clients" => array("client_id" => $REQUEST->get("client_id"), "code" => $lAT))), array('multiple' => false, 'upsert' => true)); $OUTPUT->success(1, array("code" => $lAT)); die; } $collection->update(array("_id" => $document["_id"]), array('$set' => array("system_info.access_token" => $lAT)), array('multiple' => false, 'upsert' => true)); $OUTPUT->success(1, array("access_token" => $lAT, "user" => $document["system_info"]["user"])); } else { $OUTPUT->error(0, "Incorrect Username or Password"); }
$OUTPUT = new Output(); $collection = $DB->selectCollection("Clients"); $REQUEST = new Request(); // client_id redirect_uri state response_type:code scope $client_id = $REQUEST->get("client_id"); $redirect_uri = $REQUEST->get("redirect_uri"); $client_doc = $collection->findOne(array("client_id" => $client_id, "redirect_uri" => array('$elemMatch' => array('$in' => array($redirect_uri))))); if ($REQUEST->get("response_type") != "code") { echo "The response_type must be set to 'code' for this OAuth system"; die; } if (is_null($client_doc)) { echo "An error occured, this client does not appear in the database, or the redirect URI does not match"; die; } if ($REQUEST->avail("state")) { $state = $REQUEST->get("state"); $location = "{$redirect_uri}?state={$state}&code="; } else { $location = "{$redirect_uri}?code="; } ?> <html> <head> <script> function Ajax(URL, data, callback){ var request = new XMLHttpRequest(); request.onreadystatechange=function(){ try{ var response = JSON.parse(request.responseText); callback(response);
<?php include_once '/var/www/html/Lux/Core/Helper.php'; $DB = new Db("System"); $collection = $DB->selectCollection("Accounts"); $OUTPUT = new Output(); $REQUEST = new Request(); // get Password and Username from $REQUEST $hash = password_hash($REQUEST->get("password"), PASSWORD_DEFAULT); if ($hash) { $lAT = bin2hex(openssl_random_pseudo_bytes(16)); // save $lAT into database if ($REQUEST->avail("access_token")) { $collection->update(array("system_info.access_token" => $REQUEST->get("access_token")), array('$set' => array("system_info.access_token" => $lAT, "system_info.hash" => $hash, "system_info.user" => $REQUEST->get("user"))), array('multiple' => false, 'upsert' => true)); } else { if (is_null($collection->findOne(array("system_info.user" => $REQUEST->get("user"))))) { $result = $collection->insert(array("system_info" => array("access_token" => $lAT, "hash" => $hash, "user" => $REQUEST->get("user")))); } else { $OUTPUT->error(1, "User exists with this Username"); } } if ($REQUEST->avail("email")) { $eVC = bin2hex(openssl_random_pseudo_bytes(16)); $collection->update(array("system_info.access_token" => $REQUEST->get("access_token")), array('$set' => array("system_info.email" => $REQUEST->get("email"), "system_info.eVerified" => $eVC)), array('multiple' => false, 'upsert' => true)); $to = $REQUEST->get("email"); $subject = 'Email Verification'; $url = $_SERVER["HTTP_HOST"] . "/Lux/CAuth/eVerify/?email={$to}&eVC={$eVC}"; $message = "Please click this link (or paste into browser) to verify email {$url}"; $headers = 'From: no-reply@' . $_SERVER["HTTP_HOST"] . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); }
<?php include_once '/var/www/html/Lux/Core/Helper.php'; $DB = new Db("SocialNetwork"); $OUTPUT = new Output(); $collection = $DB->selectCollection("Posts"); $REQUEST = new Request(); $RULES = new Rules(1, "social"); if ($REQUEST->avail("id")) { $id = $REQUEST->get("id"); } else { $id = $RULES->getId(); } $query = array("owner" => $id); $options = Helper::formatLimits($REQUEST); $document = $collection->find($query, $options); $OUTPUT->success(0, $document); ?>
<?php // Helper and includes include_once '/var/www/html/Lux/Core/Helper.php'; $db = new Db("System"); $OUTPUT = new Output(); $collection = $db->selectCollection("Contact"); $REQUEST = new Request(); $query = array("email_id" => $REQUEST->get("email_id")); $document = $collection->findOne($query); // Send mail $to = trim(implode(" , ", $document["address"]), ' , '); $subject = $REQUEST->get("subject"); $message = $REQUEST->get("body"); $sender = $REQUEST->avail("sender") ? $REQUEST->get("sender") : ($document["sender"] ? $document["sender"] : "noreply@" . $_SERVER["HTTP_HOST"]); $headers = 'From: ' . $sender . "\r\n" . 'Reply-To: ' . $sender . "\r\n" . 'X-Mailer: PHP/' . phpversion(); $result = mail($to, $subject, $message, $headers); if ($result == 1) { $OUTPUT->success(0, null, null); } else { $OUTPUT->error(2, "An Error occured in the mail function"); } ?>
<?php include_once '/var/www/html/Lux/Core/Helper.php'; $DB = new Db("System"); $collection = $DB->selectCollection("Users"); $OUTPUT = new Output(); $REQUEST = new Request(); if ($REQUEST->avail("rule") && $REQUEST->avail("permissions")) { $RULES = new Rules($REQUEST->get("rule"), $REQUEST->get("permissions")); } else { if ($REQUEST->avail("rule")) { $RULES = new Rules($REQUEST->get("rule")); } else { $RULES = new Rules(1); } } $OUTPUT->success(4, array("message" => "Access Permitted"));
<?php // Helper functions and includes include_once '/var/www/html/Lux/Core/Helper.php'; $OUTPUT = new Output(); $REQUEST = new Request(); $RULES = new Rules(1); $DB = new Db("System"); $collection = $DB->selectCollection("Accounts"); // Send email verification if an email is provided if ($REQUEST->avail("email")) { $eVC = bin2hex(openssl_random_pseudo_bytes(16)); $query = array("system_info.access_token" => $REQUEST->get("access_token")); if ($REQUEST->avail("id")) { $RULES = new Rules(5, "accounts"); $query = $REQUEST->get("id"); } $collection->update($query, array('$set' => array("system_info.email" => $REQUEST->get("email"), "system_info.eVerified" => $eVC)), array('multiple' => false, 'upsert' => true)); // Send Email $to = $REQUEST->get("email"); $subject = 'Email Verification'; $url = $_SERVER["HTTP_HOST"] . "/Lux/CAuth/eVerify/?email={$to}&eVC={$eVC}"; $message = "Please click this link (or paste into browser) to verify email {$url}"; $headers = 'From: no-reply@' . $_SERVER["HTTP_HOST"] . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); } $OUTPUT->success(0, "Email Added to existing user");