public function __construct() { $this->redis = new Redis(); if (!$this->redis->connect(AppConfig::getValue('redis_socket'))) { AppController::fatalError('unable to connect to Redis server'); } }
public static function unauthorised($message = null) { if ($message) { (new Log(SECURITY_LOG))->setFatal(true)->logMessage($message); } // Show a Friendly Error Page $view = new HTMLView(true); $view->includeTemplate('error.unauthorised', ['app_name' => AppConfig::getValue('app_name')]); $view->render(true); exit; // terminate script (regardless of location) }
private function connect() { // Set Connection Settings $this->dbname = AppConfig::getValue('db_name'); $this->schema = AppConfig::getValue('db_schema'); $this->hostname = AppConfig::getValue('db_hostname'); $this->port = AppConfig::getValue('db_port'); $this->username = AppConfig::getValue('db_username'); $this->password = AppConfig::getValue('db_password'); try { $this->handle = new PDO('pgsql:host=' . $this->hostname . ';dbname=' . $this->dbname . ';port=' . $this->port, $this->username, $this->password); // errors are silent by default, see PDO::ATTR_ERRMODE } catch (PDOException $PDO_Error) { exit('Connection Failed, PDO Error: ' . $PDO_Error->getMessage() . '.'); } return $this->handle; }
public function send() { // Don't send in development... if (isTrue(AppConfig::getValue('development'))) { (new Log(INFO_LOG))->logMessage('email (' . $this->mailer->Subject . ') sent to ' . (count($this->mailer->getToAddresses()) > 1 ? print_r($this->mailer->getToAddresses(), true) : $this->mailer->getToAddresses()[0][0]) . ', body: ' . $this->mailer->Body); return true; } // Test the Outcome (log errors) if (($status = $this->mailer->send()) === false) { $log = new Log(ERROR_LOG); $log->logMessage(__METHOD__ . ' failed, ' . $this->mailer->ErrorInfo); return false; } else { (new Log(INFO_LOG))->logMessage('email (' . $this->mailer->Subject . ') sent to ' . (count($this->mailer->getToAddresses()) > 1 ? print_r($this->mailer->getToAddresses(), true) : $this->mailer->getToAddresses()[0][0]) . ', body: ' . $this->mailer->Body); return true; } }
public function __construct($error = false) { // Some checks shouldn't be done when we've encountered a fatal error, like a Redis issue, which will cause infinite recursion! if (!$error) { $session = SessionModel::currentSession(); if ($user = $session->user()) { $flashQ = new FlashQueue($user); while ($flash = $flashQ->getFlash()) { $this->globals['flash_queue'][] = $flash; } $this->globals['websites_with_access'] = array_map(function ($website) { return get_object_vars($website); // convert to array... }, $user->websitesWithAccess()); } } // Globals $this->globals['app_name'] = AppConfig::getValue('app_name'); // Clean Globals self::stripHTML($this->globals); }
define('LIB_EXT_ROOT', APP_ROOT . 'lib-ext/'); define('TEMPLATE_ROOT', APP_ROOT . 'templates/'); // Assign File Locations define('ROUTES_FILE', ETC_ROOT . 'routes.json'); define('CONFIG_FILE', ETC_ROOT . 'application.conf.ini'); // Assign Log File DEFINEs define('ERROR_LOG', LOG_ROOT . 'error.log'); define('WARNING_LOG', LOG_ROOT . 'warning.log'); define('INFO_LOG', LOG_ROOT . 'info.log'); define('PERFORMANCE_LOG', LOG_ROOT . 'performance.log'); define('SECURITY_LOG', LOG_ROOT . 'security.log'); define('STRIPE_LOG', LOG_ROOT . 'stripe.log'); // Load Custom Function Library require_once LIB_ROOT . 'functions.php'; // Class Auto-Loading spl_autoload_register(function ($class) { @(include LIB_ROOT . strtolower($class) . '.php'); // @ to allow passthru on fail (observe hierarchy) }); // Composer (vendor) Auto-Loading require_once LIB_EXT_ROOT . 'vendor/autoload.php'; // Domain/Cookie Setup (using config file, so load after autoloader) $appDomain = AppConfig::getValue('cookie_domain'); define('COOKIE_DOMAIN', is_string($appDomain) && !empty($appDomain) ? $appDomain : $_SERVER['SERVER_NAME']); // default to current server name define('HOSTNAME', $_SERVER['SERVER_NAME']); // this is the hostname we use in URLs // Update (start) the Performance Monitor PerformanceMonitor::setStart($script_start_ts_micro); // Launch the AppController (new AppController())->run();
public function index() { $this->view = new HTMLView(); $this->view->includeTemplate('index', ['app_name' => AppConfig::getValue('app_name'), 'guest' => !$this->session->isUserAuthenticated(false)]); $this->view->render(true); }
<?php CSRFPRotection::generateHTMLTag(); ?> <input type="hidden" value="" name="token"> </form> <p><a href="<?php echo RouteController::fqURL('index'); ?> ">back to home</a></p> </div> <script src="https://code.jquery.com/jquery-1.11.2.min.js"></script> <script src="https://js.stripe.com/v2/"></script> <script> Stripe.setPublishableKey("<?php echo AppConfig::getValue('stripe_public_api_key'); ?> "); function stripeResponseHandler(status, response) { var $form = $('#add-card'); if (response.error) { alert(response.error.message); } else { $('#token input[name="token"]').val(response.id); $('#token').submit(); // new (hidden) form so that we don't the touch card details...
public function resetPassword() { $this->view = new HTMLView(); if ($this->request->isPOST()) { $post = $this->request->postData(); $user = new UserModel(); if ($this->request->isQueryArgSet('token')) { if ($user->getUserForPasswordResetToken($this->request->queryArgValue('token'))) { $user->password = @$post['password']; if ($user->save()) { $user->deletePasswordResetTokens(); $alert = new Alert(Alert::SUCCESS); $alert->addMessage('Password Set, Please Login'); } else { $alert = new Alert(Alert::ERROR); $alert->addMessageArray($user->getErrors()); } $this->view->includeTemplate('auth.reset-password.password', ['app_name' => AppConfig::getValue('app_name'), 'alert' => $alert]); } else { AppController::redirect(RouteController::fqURL('resetPassword'), ['status' => 'token-expired']); } } else { if ($post['email'] && $user->find($post['email'], 'email')) { $token = $user->getPasswordResetTokenData(); if ($token['last_email_timestamp'] <= Carbon::now()->subMinutes(pow(2, $token['email_attempts']))) { $user->incrementPasswordResetEmailCount(); $link = addQueryParams(RouteController::fqURL('resetPassword'), ['token' => $token['token']]); // Send Email $mailer = new Mailer(); $mailer->setSubject('Password Reset Token'); $mailer->addAddress($user->email); $mailer->includeHTMLTemplate('email.reset-password', ['link' => $link]); $mailer->send(); // errors handled within // Show Message $alert = new Alert(Alert::SUCCESS); $alert->addMessage('Email Sent'); } else { $alert = new Alert(Alert::ERROR); $alert->addMessage('Too Many Attempts, Please Try Again Later'); } $this->view->includeTemplate('auth.reset-password.email', ['app_name' => AppConfig::getValue('app_name'), 'alert' => $alert]); } else { $alert = new Alert(Alert::ERROR); $alert->addMessage('Email is Invalid/Non-Existent'); $this->view->includeTemplate('auth.reset-password.email', ['app_name' => AppConfig::getValue('app_name'), 'alert' => $alert]); } } } else { if ($this->request->isQueryArgSet('token')) { $user = new UserModel(); if ($user->getUserForPasswordResetToken($this->request->queryArgValue('token'))) { $this->view->includeTemplate('auth.reset-password.password', ['app_name' => AppConfig::getValue('app_name')]); } else { AppController::redirect(RouteController::fqURL('resetPassword'), ['status' => 'token-expired']); } } else { if ($this->request->isQueryArgSet('status') && $this->request->queryArgValue('status') == 'token-expired') { $alert = new Alert(Alert::ERROR); $alert->addMessage('Token is Invalid/Expired, Please Request a New One'); } $this->view->includeTemplate('auth.reset-password.email', ['app_name' => AppConfig::getValue('app_name'), 'alert' => isset($alert) ? $alert : null]); } } $this->view->render(true); }
private function getCustomer(UserModel $user) { // Redirect to Start... (not a customer) if (!$user->isStripeCustomer()) { AppController::redirect(RouteController::fqURL('subscription.manage')); } try { \Stripe\Stripe::setApiKey(AppConfig::getValue('stripe_secret_api_key')); // Attempt to Fetch Customer... $customer = \Stripe\Customer::retrieve($user->getStripeData()->customer_id); // Exisitng, Deleted? if ($customer->deleted) { $user->stripe_customer_id = null; $user->setStripeData(null); $user->save(); // Redirect to Start... AppController::redirect(RouteController::fqURL('subscription.manage')); } else { return $customer; } } catch (\Stripe\Error\Card $exception) { $this->logStripeException($exception, $customer->id); } catch (\Stripe\Error\InvalidRequest $exception) { $this->logStripeException($exception, $customer->id); } catch (\Stripe\Error\Authentication $exception) { $this->logStripeException($exception, $customer->id); } catch (\Stripe\Error\ApiConnection $exception) { $this->logStripeException($exception, $customer->id); } catch (\Stripe\Error\Base $exception) { $this->logStripeException($exception, $customer->id); } }