Esempio n. 1
0
 public function __construct()
 {
     $this->redis = new Redis();
     if (!$this->redis->connect(AppConfig::getValue('redis_socket'))) {
         AppController::fatalError('unable to connect to Redis server');
     }
 }
Esempio n. 2
0
 public static function unauthorised($message = null)
 {
     if ($message) {
         (new Log(SECURITY_LOG))->setFatal(true)->logMessage($message);
     }
     // Show a Friendly Error Page
     $view = new HTMLView(true);
     $view->includeTemplate('error.unauthorised', ['app_name' => AppConfig::getValue('app_name')]);
     $view->render(true);
     exit;
     // terminate script (regardless of location)
 }
Esempio n. 3
0
 private function connect()
 {
     // Set Connection Settings
     $this->dbname = AppConfig::getValue('db_name');
     $this->schema = AppConfig::getValue('db_schema');
     $this->hostname = AppConfig::getValue('db_hostname');
     $this->port = AppConfig::getValue('db_port');
     $this->username = AppConfig::getValue('db_username');
     $this->password = AppConfig::getValue('db_password');
     try {
         $this->handle = new PDO('pgsql:host=' . $this->hostname . ';dbname=' . $this->dbname . ';port=' . $this->port, $this->username, $this->password);
         // errors are silent by default, see PDO::ATTR_ERRMODE
     } catch (PDOException $PDO_Error) {
         exit('Connection Failed, PDO Error: ' . $PDO_Error->getMessage() . '.');
     }
     return $this->handle;
 }
Esempio n. 4
0
 public function send()
 {
     // Don't send in development...
     if (isTrue(AppConfig::getValue('development'))) {
         (new Log(INFO_LOG))->logMessage('email (' . $this->mailer->Subject . ') sent to ' . (count($this->mailer->getToAddresses()) > 1 ? print_r($this->mailer->getToAddresses(), true) : $this->mailer->getToAddresses()[0][0]) . ', body: ' . $this->mailer->Body);
         return true;
     }
     // Test the Outcome (log errors)
     if (($status = $this->mailer->send()) === false) {
         $log = new Log(ERROR_LOG);
         $log->logMessage(__METHOD__ . ' failed, ' . $this->mailer->ErrorInfo);
         return false;
     } else {
         (new Log(INFO_LOG))->logMessage('email (' . $this->mailer->Subject . ') sent to ' . (count($this->mailer->getToAddresses()) > 1 ? print_r($this->mailer->getToAddresses(), true) : $this->mailer->getToAddresses()[0][0]) . ', body: ' . $this->mailer->Body);
         return true;
     }
 }
Esempio n. 5
0
 public function __construct($error = false)
 {
     // Some checks shouldn't be done when we've encountered a fatal error, like a Redis issue, which will cause infinite recursion!
     if (!$error) {
         $session = SessionModel::currentSession();
         if ($user = $session->user()) {
             $flashQ = new FlashQueue($user);
             while ($flash = $flashQ->getFlash()) {
                 $this->globals['flash_queue'][] = $flash;
             }
             $this->globals['websites_with_access'] = array_map(function ($website) {
                 return get_object_vars($website);
                 // convert to array...
             }, $user->websitesWithAccess());
         }
     }
     // Globals
     $this->globals['app_name'] = AppConfig::getValue('app_name');
     // Clean Globals
     self::stripHTML($this->globals);
 }
Esempio n. 6
0
define('LIB_EXT_ROOT', APP_ROOT . 'lib-ext/');
define('TEMPLATE_ROOT', APP_ROOT . 'templates/');
// Assign File Locations
define('ROUTES_FILE', ETC_ROOT . 'routes.json');
define('CONFIG_FILE', ETC_ROOT . 'application.conf.ini');
// Assign Log File DEFINEs
define('ERROR_LOG', LOG_ROOT . 'error.log');
define('WARNING_LOG', LOG_ROOT . 'warning.log');
define('INFO_LOG', LOG_ROOT . 'info.log');
define('PERFORMANCE_LOG', LOG_ROOT . 'performance.log');
define('SECURITY_LOG', LOG_ROOT . 'security.log');
define('STRIPE_LOG', LOG_ROOT . 'stripe.log');
// Load Custom Function Library
require_once LIB_ROOT . 'functions.php';
// Class Auto-Loading
spl_autoload_register(function ($class) {
    @(include LIB_ROOT . strtolower($class) . '.php');
    // @ to allow passthru on fail (observe hierarchy)
});
// Composer (vendor) Auto-Loading
require_once LIB_EXT_ROOT . 'vendor/autoload.php';
// Domain/Cookie Setup (using config file, so load after autoloader)
$appDomain = AppConfig::getValue('cookie_domain');
define('COOKIE_DOMAIN', is_string($appDomain) && !empty($appDomain) ? $appDomain : $_SERVER['SERVER_NAME']);
// default to current server name
define('HOSTNAME', $_SERVER['SERVER_NAME']);
// this is the hostname we use in URLs
// Update (start) the Performance Monitor
PerformanceMonitor::setStart($script_start_ts_micro);
// Launch the AppController
(new AppController())->run();
Esempio n. 7
0
 public function index()
 {
     $this->view = new HTMLView();
     $this->view->includeTemplate('index', ['app_name' => AppConfig::getValue('app_name'), 'guest' => !$this->session->isUserAuthenticated(false)]);
     $this->view->render(true);
 }
Esempio n. 8
0
			<?php 
CSRFPRotection::generateHTMLTag();
?>
			<input type="hidden" value="" name="token">
		</form>
		<p><a href="<?php 
echo RouteController::fqURL('index');
?>
">back to home</a></p>
	</div>
	<script src="https://code.jquery.com/jquery-1.11.2.min.js"></script>
	<script src="https://js.stripe.com/v2/"></script>
	<script>

		Stripe.setPublishableKey("<?php 
echo AppConfig::getValue('stripe_public_api_key');
?>
");

		function stripeResponseHandler(status, response) {

			var $form = $('#add-card');

			if (response.error) {

				alert(response.error.message);

			} else {

				$('#token input[name="token"]').val(response.id);
				$('#token').submit(); // new (hidden) form so that we don't the touch card details...
Esempio n. 9
0
 public function resetPassword()
 {
     $this->view = new HTMLView();
     if ($this->request->isPOST()) {
         $post = $this->request->postData();
         $user = new UserModel();
         if ($this->request->isQueryArgSet('token')) {
             if ($user->getUserForPasswordResetToken($this->request->queryArgValue('token'))) {
                 $user->password = @$post['password'];
                 if ($user->save()) {
                     $user->deletePasswordResetTokens();
                     $alert = new Alert(Alert::SUCCESS);
                     $alert->addMessage('Password Set, Please Login');
                 } else {
                     $alert = new Alert(Alert::ERROR);
                     $alert->addMessageArray($user->getErrors());
                 }
                 $this->view->includeTemplate('auth.reset-password.password', ['app_name' => AppConfig::getValue('app_name'), 'alert' => $alert]);
             } else {
                 AppController::redirect(RouteController::fqURL('resetPassword'), ['status' => 'token-expired']);
             }
         } else {
             if ($post['email'] && $user->find($post['email'], 'email')) {
                 $token = $user->getPasswordResetTokenData();
                 if ($token['last_email_timestamp'] <= Carbon::now()->subMinutes(pow(2, $token['email_attempts']))) {
                     $user->incrementPasswordResetEmailCount();
                     $link = addQueryParams(RouteController::fqURL('resetPassword'), ['token' => $token['token']]);
                     // Send Email
                     $mailer = new Mailer();
                     $mailer->setSubject('Password Reset Token');
                     $mailer->addAddress($user->email);
                     $mailer->includeHTMLTemplate('email.reset-password', ['link' => $link]);
                     $mailer->send();
                     // errors handled within
                     // Show Message
                     $alert = new Alert(Alert::SUCCESS);
                     $alert->addMessage('Email Sent');
                 } else {
                     $alert = new Alert(Alert::ERROR);
                     $alert->addMessage('Too Many Attempts, Please Try Again Later');
                 }
                 $this->view->includeTemplate('auth.reset-password.email', ['app_name' => AppConfig::getValue('app_name'), 'alert' => $alert]);
             } else {
                 $alert = new Alert(Alert::ERROR);
                 $alert->addMessage('Email is Invalid/Non-Existent');
                 $this->view->includeTemplate('auth.reset-password.email', ['app_name' => AppConfig::getValue('app_name'), 'alert' => $alert]);
             }
         }
     } else {
         if ($this->request->isQueryArgSet('token')) {
             $user = new UserModel();
             if ($user->getUserForPasswordResetToken($this->request->queryArgValue('token'))) {
                 $this->view->includeTemplate('auth.reset-password.password', ['app_name' => AppConfig::getValue('app_name')]);
             } else {
                 AppController::redirect(RouteController::fqURL('resetPassword'), ['status' => 'token-expired']);
             }
         } else {
             if ($this->request->isQueryArgSet('status') && $this->request->queryArgValue('status') == 'token-expired') {
                 $alert = new Alert(Alert::ERROR);
                 $alert->addMessage('Token is Invalid/Expired, Please Request a New One');
             }
             $this->view->includeTemplate('auth.reset-password.email', ['app_name' => AppConfig::getValue('app_name'), 'alert' => isset($alert) ? $alert : null]);
         }
     }
     $this->view->render(true);
 }
Esempio n. 10
0
 private function getCustomer(UserModel $user)
 {
     // Redirect to Start... (not a customer)
     if (!$user->isStripeCustomer()) {
         AppController::redirect(RouteController::fqURL('subscription.manage'));
     }
     try {
         \Stripe\Stripe::setApiKey(AppConfig::getValue('stripe_secret_api_key'));
         // Attempt to Fetch Customer...
         $customer = \Stripe\Customer::retrieve($user->getStripeData()->customer_id);
         // Exisitng, Deleted?
         if ($customer->deleted) {
             $user->stripe_customer_id = null;
             $user->setStripeData(null);
             $user->save();
             // Redirect to Start...
             AppController::redirect(RouteController::fqURL('subscription.manage'));
         } else {
             return $customer;
         }
     } catch (\Stripe\Error\Card $exception) {
         $this->logStripeException($exception, $customer->id);
     } catch (\Stripe\Error\InvalidRequest $exception) {
         $this->logStripeException($exception, $customer->id);
     } catch (\Stripe\Error\Authentication $exception) {
         $this->logStripeException($exception, $customer->id);
     } catch (\Stripe\Error\ApiConnection $exception) {
         $this->logStripeException($exception, $customer->id);
     } catch (\Stripe\Error\Base $exception) {
         $this->logStripeException($exception, $customer->id);
     }
 }