public function getNameData()
{
$namedata;
$user = SomeFactory::getUser();
$db = SomeFactory::getDBO();
$stmt = null;
//Jos kirjautunut ja opiskelija
if ($user->getId() && $user->getUserrole() === 'student') {
$statement = $db->prepare("SELECT etunimi, sukunimi FROM opiskelija WHERE opnro=?");
$ok = $statement->execute(array($user->getUsername()));
if ($ok) {
$namedata = $statement->fetch(PDO::FETCH_ASSOC);
}
} else {
if ($user->getId() && $user->getUserrole() === 'teacher' || $user->getId() && $user->getUserrole() === 'headteacher') {
$statement = $db->prepare("SELECT etunimi, sukunimi FROM tuutori WHERE tunnus=?");
$ok = $statement->execute(array($user->getUsername()));
if ($ok) {
$namedata = $statement->fetch(PDO::FETCH_ASSOC);
}
} else {
echo "You do not have permission!!!!";
}
}
return $namedata;
}
public function login()
{
$username = SomeRequest::getVar('username', null);
$password = SomeRequest::getVar('password', null);
// IF PASSWORD IS HASHED and optionally SALTED
// only load the user and check password match in the php code
$sql = "SELECT * FROM someuser WHERE username=? and password=?";
$database = SomeFactory::getDBO();
$stmt = $database->prepare($sql);
$ok = $stmt->execute(array($username, $password));
if ($ok) {
$row = $stmt->fetch();
if ($row['id']) {
//
$this->userdata = $row;
$user = SomeFactory::getUser();
$user->setId($row['id']);
$user->setUsername(trim($row['username']));
$user->setUserrole(trim($row['userrole']));
$user->setEmail(trim($row['email']));
$user->setHomepage(trim($row['homepage']));
return true;
} else {
echo "Käyttäjää ei löytynyt";
$this->errors['notfound'] = "user {$username} not found from database. Check username and password";
}
}
return false;
}
/**
* @return true if user is created, false if not.
*/
public function create()
{
$user = SomeFactory::getUser();
if ($user->getUserrole() === SomeUser::ROLE_HEADTEACHER) {
someloader('some.user.user');
$someuser = new SomeUser();
$this->userdata = array('username' => SomeRequest::getVar('tunnus', ''), 'fname' => SomeRequest::getVar('etunimi', ''), 'lname' => SomeRequest::getVar('sukunimi', ''), 'unit' => SomeRequest::getVar('yksikko', ''), 'email' => SomeRequest::getVar('sposti', ''), 'phone' => SomeRequest::getVar('puh', ''), 'password' => SomeRequest::getVar('salasana', ''));
$someuser->setUsername($this->userdata['username']);
// DO THE PASSWORD HASHING HERE
$someuser->setPassword($this->userdata['password']);
$someuser->setUserrole('teacher');
$this->userdata['userrole'] = $someuser->getUserrole();
$someuser->create();
//Yritetään lisäksi tehdä uusi tuutori
$db = SomeFactory::getDBO();
$stmt = $db->prepare("INSERT INTO tuutori VALUES(?, ?, ?, ?, ?, ?, 'Tuutori')");
$ok = $stmt->execute(array($this->userdata['username'], $this->userdata['fname'], $this->userdata['lname'], $this->userdata['email'], $this->userdata['phone'], $this->userdata['unit']));
if ($someuser->getId() > 0 && $ok > 0) {
$this->userdata['id'] = $someuser->getId();
return true;
} else {
return false;
}
}
}
protected function loadAllUsers()
{
$sql = "SELECT * FROM someuser";
$database = SomeFactory::getDBO();
$result = $database->query($sql);
$this->users = $result->fetchAll(PDO::FETCH_ASSOC);
}
public function register()
{
//nimeämiskäytäntö! model/register.php and SomeModelRegister must exist.
$model = $this->getModel('register');
$username = SomeRequest::getVar('tunnus', null);
//jos username on olemassa, käyttäjältä tulee lomake, yritä käsitellä se
if ($username) {
$success = $model->dotask();
// paluu arvo voi kertoa onnistumisesta tai epäonnistumisesta.
if ($success) {
/*$view = $this->getView('register'); // eli view/register/register.php pitää löytyä
$view->setModel($model);
$view->display('succesful'); // eli view/register/tmpl/successful.php tiedosto pitää löytyä*/
$app = SomeFactory::getApplication();
$app->redirect('index.php?app=hops&action=listPeople');
} else {
echo "Virhe: " . print_r($model->getErrors());
}
/*else {
//failed, no valid data?
$view = $this->getView('register'); // eli view/register/register.php pitää löytyä
$view->setModel($model);
$view->display('form'); // eli view/register/tmpl/form.php tiedosto pitää löytyä
} */
} else {
echo "Tarkista tiedot ja yritä uudestaan!";
}
/*else {
//ei ole lomakkeen lähetys, näytä lomake
$view = $this->getView('register'); // eli view/register/register.php pitää löytyä
$view->setModel($model);
$view->display('form'); // eli view/register/tmpl/form.php tiedosto pitää löytyä
}*/
}
public function create()
{
$key = $this->getPrimary();
//if it does exists, then update, else insert
if ($this->exists()) {
$this->update();
return $this->{$key};
} else {
#####################################
$columnstmp = $this->getColumns();
foreach ($columnstmp as $colname) {
$columns[$colname] = $this->{$colname};
}
$table = $this->getTable();
$qmarks = array_fill(0, count($columns), '?');
$sql = "INSERT INTO {$table} (" . join(',', array_keys($columns)) . ") VALUES(" . join(',', $qmarks) . ")";
$columns = array_values($columns);
//values must be integer indexed array
$database = SomeFactory::getDBO();
$statement = $database->prepare($sql);
$this->sql = $sql;
$success = $statement->execute($columns);
ob_start();
print_r($columns);
$this->columnsdebug = ob_get_clean();
return $this->{$key};
#####################################
}
}
public function saveHops()
{
//Hopslomakkeen tallennus
$model = $this->getModel('hops');
$model->saveHopsData();
$app = SomeFactory::getApplication();
$app->redirect("index.php?app=hops&action=listHops");
}
/**
* Passes a string thru an printf
*
* @access public
* @param format The format string
* @param mixed Mixed number of arguments for the sprintf function
*/
public static function printf($string)
{
$lang = SomeFactory::getLanguage();
$args = func_get_args();
if (count($args) > 0) {
$args[0] = $lang->_($args[0]);
return call_user_func_array('printf', $args);
}
return '';
}
public static function isValid($token)
{
$session = SomeFactory::getSession();
$csrftoken = $session->get('csrftoken', 'sadfasgagsagsadfsaf');
// time is not used $csrftokentime = $session->get('csrftokentime',0);
if ($csrftoken === $token) {
return true;
}
return false;
}
function gc($lifetime = 1440)
{
// Get the database connection object and verify its connected.
$database = SomeFactory::getDBO();
// Determine the timestamp threshold with which to purge old sessions.
$past = time() - $lifetime;
// Remove expired sessions from the database.
$database->query('DELETE FROM somesession' . ' WHERE `expiry` < ' . (int) $past);
return true;
}
function logout()
{
$user = SomeFactory::getUser();
$user = SomeFactory::getUser();
$user->setId(0);
$user->setUsername('');
$user->setUserrole('guest');
$user->setUsername('');
$user->setEmail('');
$user->setHomepage('');
$app = SomeFactory::getApplication();
$app->redirect('index.php?app=login');
}
private function save()
{
$this->edit();
$conf = SomeFactory::getConfiguration();
foreach ($this->conf_categories as $catname => $v) {
foreach ($v as $key => $val) {
$value_from_post = SomeRequest::getVar("{$catname}___{$key}", '');
$conf->set($key, $catname, $value_from_post);
}
}
$exportedarray = var_export($conf->getAsArray(), true);
file_put_contents(SOME_PATH . DS . 'configuration.php', "<?php\n defined('SOME_PATH') or die('Unauthorized access');\n \$configuration = {$exportedarray};");
$this->edit();
}
?>
<p> Palvelu Tampereen yliopiston opettajien ja opiskelijoiden välistä HOPS-yhteistyötä varten. <br>
HOPS-palvelun avulla helpotetaan opintojen suunnittelua ja HOPS-ryhmien valvontaa. <br>
Palveluun kirjaudutaan opiskelija-/opettajanumerolla. </p>
<br>
<?php
$app = SomeFactory::getApplication();
?>
<?php
if (SomeFactory::getUser()->getId() > 0) {
?>
<a href="index.php?app=login&view=logout">Log Out <?php
echo SomeFactory::getUser()->getUsername();
?>
</a>
<?php
} else {
?>
<form action='index.php?app=login&view=login' method='post'>
<label for='username'>Käyttäjätunnus:</label>
<br> <input type='text' name='username' value='' />
<br />
<label for='password'>Salasana:</label>
<br><input type='password' name='password' value='' />
<br />
<input type='submit' name='smit' value='Kirjaudu' />
</form>
/**
* delete row.
*
* @return boolean
*/
public function delete()
{
$sql = "DELETE FROM " . $this->getTable() . " WHERE " . $this->getPrimary() . '=?';
$database = SomeFactory::getDBO();
$statement = $database->prepare($sql);
$key = $this->getPrimary();
return $statement->execute(array($this->{$key}));
$this->sql = $sql;
return true;
}
public function getCourseData($year)
{
$coursedata;
$tunnus = null;
$user = SomeFactory::getUser();
if ($user) {
$tunnus = $user->getUsername();
} else {
$this->data = array("Kukaan ei ole kirjautunut!!");
return false;
}
$db = SomeFactory::getDBO();
//Tässä kohtaa lasketaan minkä vuosien kurssisuorituksia haetaan.
$syksylisa = 0;
$kevatlisa = 0;
if ($year == 1) {
$kevatlisa = 1;
} else {
if ($year == 2) {
$syksylisa = 1;
$kevatlisa = 2;
} else {
if ($year == 3) {
$syksylisa = 2;
$kevatlisa = 3;
}
}
}
$statement = $db->prepare("SELECT k.tunnus, k.nimi, k.op, os.kausi FROM kurssi as k JOIN on_suorittanut as os ON k.tunnus = os.tunnus JOIN opiskelija as o ON o.opnro = os.opnro WHERE os.opnro=? AND ((os.vuosi = o.avuosi+? AND os.kausi ='Syksy') OR (os.vuosi=o.avuosi+? AND os.kausi='Kevät'))");
$ok = $statement->execute(array($tunnus, $syksylisa, $kevatlisa));
if ($ok) {
$i = 1;
while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
$coursedata[$i++] = $row;
}
}
return $coursedata;
}
public function delete()
{
//VielŠ kerran varmistus kŠyttŠjŠn oikeuksista
$user = SomeFactory::getUser();
if ($user->getUserrole() === SomeUser::ROLE_HEADTEACHER) {
//On oikeudet. Poistetaan ensin kŠyttŠjŠ someuser-taulusta
$someuser = new SomeUser();
$tunnus = SomeRequest::getVar('tunnus', '');
$db = SomeFactory::getDBO();
$stmt = $db->prepare("SELECT id FROM someuser WHERE username=?");
$ok = $stmt->execute(array($tunnus));
$id = $stmt->fetch(PDO::FETCH_ASSOC);
if ($id) {
//Saatiin id, voidaan poistaa kŠyttŠjŠ
$someuser->setId($id['id']);
$ryhmat;
$stmt = $db->prepare("SELECT tunnus FROM hops_ryhma WHERE tuutori = ?");
$ok = $stmt->execute(array($tunnus));
if ($ok) {
$i = 0;
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$ryhmat[$i++] = $row;
}
}
var_dump($ryhmat);
$i = 0;
if ($ryhmat != null) {
foreach ($ryhmat as $ryhma) {
$stmt = $db->prepare("UPDATE opiskelija SET hopsryhma = null WHERE hopsryhma = ?");
$ok = $stmt->execute(array($ryhma['tunnus']));
$stmt = $db->prepare("DELETE FROM hops_ryhma WHERE tunnus = ?");
$ok = $stmt->execute(array($ryhma['tunnus']));
if ($ok) {
echo "RyhmŠn poisto onnistui";
}
}
}
//Poistetaan myšs itse tuutori omasta taulustaan
$stmt = $db->prepare("DELETE FROM tuutori WHERE tunnus=?");
$ok = $stmt->execute(array($tunnus));
if ($ok) {
$someuser->delete();
return true;
}
} else {
return false;
}
} else {
return false;
}
}
<?php
defined('SOME_PATH') or die('Unauthorized access');
/**
* @package content
* @subpackage user
*/
#
# this is user content bootstrap
#
$user = SomeFactory::getUser();
$app = SomeFactory::getApplication();
#
# create controller here and call its execute. See
# content/example, content/hello or content/numberguessmvc for examples.
#
include PATH_CONTENT . DS . 'controller' . DS . 'default.php';
$c = new SomeControllerDefault();
$c->execute();
/*
Kun tänne tullaan (etusivulle), vaihdetaan kirjautumisen ajaksi template=login
*/
$app->setTemplate('login');
public function createSessionTable()
{
$sql = "\n\t\t CREATE TABLE somesession (\n sesskey character(32) NOT NULL,\n expiry integer NOT NULL,\n value text\n)";
$database = SomeFactory::getDBO();
$database->query($sql);
}
protected function loadLanguage()
{
$app = SomeRequest::getVar('app');
$language = SomeFactory::getLanguage();
$language->load($app);
}
public function saveEndForm()
{
$data = $_POST;
$user = SomeFactory::getUser();
$db = SomeFactory::getDBO();
$stmt = null;
if ($user->getId() && $user->getUserrole() === 'teacher') {
foreach ($data['ryhmat'] as $tiedot) {
$stmt = $db->prepare("UPDATE loppuraportit \n\t SET alkup_koko = ?, palautetut = ?, osallistuneet_ryhma = ?, osallistuneet_yks = ?, tavoittamattomat = ?, poisjaaneet = ?, i = ?, ii = ?, iii = ?, iv = ?, v = ?\n\t WHERE tuutori = '" . $user->getUsername() . "' AND hopsryhma = '" . $tiedot['tunnus'] . "'");
$ok = $stmt->execute(array($tiedot['alkup_koko'], $tiedot['pal_hopsit'], $tiedot['osallistuneet'], $tiedot['yks_tapaamiset'], $tiedot['tavoittamattomat'], $tiedot['poissa'], $tiedot['i'], $tiedot['ii'], $tiedot['iii'], $tiedot['iv'], $tiedot['v']));
$stmt = $db->prepare("INSERT INTO loppuraportit VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?)");
$ok = $stmt->execute(array($user->getUsername(), $tiedot['tunnus'], $tiedot['alkup_koko'], $tiedot['pal_hopsit'], $tiedot['osallistuneet'], $tiedot['yks_tapaamiset'], $tiedot['tavoittamattomat'], $tiedot['poissa'], $tiedot['i'], $tiedot['ii'], $tiedot['iii'], $tiedot['iv'], $tiedot['v']));
}
}
}
/**
* create someuser table to postgres
*/
public function installSomeUserTable()
{
$sql = "\n\t\tCREATE TABLE someuser (\n id SERIAL,\n username character varying(32),\n \"password\" character(32),\n userrole character(32),\n email text,\n homepage text\n\t)\n\t\t";
$database = SomeFactory::getDBO();
$database->query($sql);
}
public function loadConfiguration()
{
//load configuration.
$conf = SomeFactory::getConfiguration();
//get it to arrays, for simpler edit.
$this->conf_categories = $conf->getAsArray();
return true;
}
public function delete()
{
//Varmistutaan vielŠ, ettŠ kŠyttŠjŠ on varmasti ylituutori
$user = SomeFactory::getUser();
if ($user->getUserrole() === SomeUser::ROLE_HEADTEACHER) {
//Oli, voidaan edetŠ poiston kanssa
$model = $this->getModel('profile');
$success = $model->delete();
if ($success) {
$app = SomeFactory::getApplication();
$app->redirect('index.php?app=hops&action=listPeople');
}
} else {
echo "Sinulla ei ole kŠyttšoikeuksia poistoon!";
}
}
public function create()
{
//Tarkistetaan, ollaanko ylituutori
$user = SomeFactory::getUser();
if ($user->getUserrole() === SomeUser::ROLE_HEADTEACHER) {
//Ollaan. Halutaan luoda uusi ryhmä.
//Haetaan oleelliset muuttujat post-variablesta
//uuden ryhmän tunnus
$ryhma_tunnus = SomeRequest::getVar('tunnus', '');
//Ryhmän tuutorin tunnus
$tuutori_tunnus = SomeRequest::getVar('tuutori_tunnus', '');
if (!empty($ryhma_tunnus) && !empty($tuutori_tunnus)) {
//Saatiin jotain, luodaan uusi ryhmä
$db = SomeFactory::getDBO();
$stmt = $db->prepare("INSERT INTO hops_ryhma VALUES(?,?)");
$ok = $stmt->execute(array($ryhma_tunnus, $tuutori_tunnus));
if ($ok) {
return true;
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}
/** */
require_once SOME_PATH . DS . 'includes' . DS . 'someexception.php';
#/** */
#require_once( SOME_PATH.DS.'includes'.DS.'errorhandler.php' );
try {
/**
* initialize someloader()
*/
require_once SOME_LIBRARY . DS . 'loader.php';
someloader('some.csrf.csrf');
/**
* more initializing, library classes that are always loaded.
* trying to get framework. Failing to do so means that there is bugs or something broken at the server.
*/
require_once SOME_LIBRARY . DS . 'some' . DS . 'common.php';
$framework = SomeFactory::getApplication();
$debug = $framework->getDebug();
} catch (SomeException $e) {
//get error template from root and exit, can not even build
require SOME_PATH . DS . 'error.php';
exit;
} catch (Exception $e) {
require SOME_PATH . DS . 'error.php';
exit;
}
//Try to do framework magic, failing to do so can happen for lots of reasons.
try {
$app = SomeRequest::getVar('app', 'login');
$framework->dispatch($app);
// render puts xhtml string to SomeDocumentHTML buffer, it does not echo anything
$framework->render();
<?php
$user = SomeFactory::getUser();
$nimi = $this->getNameData();
echo "<h1>Tervetuloa " . $nimi['etunimi'] . " " . $nimi['sukunimi'] . " (" . $user->getUsername() . ")</h1><br/><br/>";
echo "Tämä palvelu on tarkoitettu Tampereen yliopiston opiskelijoiden ja opettajien väliseen hops-käyttöön. <br><br>\nPalvelussa opiskelijat voivat täyttää vuosittaiset hops-lomakkeensa ja suunnitella tulevan lukuvuoden kursseja. <br> He voivat myös seurata opintojensa etenemistä 'Suoritukset' välilehden alta.\n<br><br>Tuutorit sen sijaan voivat palvelun avulla pitää paremmin kirjaa tuutoroitavistaan ja muodostaa helpommin lukukausittaiset vuosiraportit, <br>jotka sitten lähetetään niistä vastuussa olevalle ylituutorille.\n<br><br>\nOmat tietosi löydät 'Omat tiedot' välilehden alta. Muistathan pitää yhteystietosi ajantasalla.";
/**
* send location header to browser.
* @param string $url the http address to redirect browser
* @param string $msg the optional message, not implemented
*/
public function redirect($url, $msg = '')
{
// if message is not empty, save it to session
if (!empty($msg)) {
$session = SomeFactory::getSession();
$session->set('sysmessage', $msg);
}
header('Location:' . $url);
$this->close();
}
public static function getLanguage($lang = null)
{
static $instance;
if (!is_object($instance)) {
someloader('some.language.language');
$conf = SomeFactory::getConfiguration();
$language = $lang ? $lang : $conf->get('language', 'common');
//echo "new SomeLanguage($language)<br />\n";
$instance = new SomeLanguage($language);
}
return $instance;
}
/**
* create someuser table to mysql
*/
public function installSomeUserTable()
{
$sql = "CREATE TABLE IF NOT EXISTS `someuser` (\n `id` INT NOT NULL AUTO_INCREMENT,\n `username` varchar(32) DEFAULT NULL,\n `password` char(32) DEFAULT NULL,\n `userrole` char(32) DEFAULT NULL,\n `email` text,\n `homepage` text,\n UNIQUE KEY `id` (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_swedish_ci AUTO_INCREMENT=1";
$database = SomeFactory::getDBO();
return $database->query($sql);
}