public function install($db_type)
{
$f3 = \Base::instance();
$db_type = strtoupper($db_type);
if ($db = storage::instance()->get($db_type)) {
$f3->set('DB', $db);
} else {
$f3->error(256, 'no valid DB specified');
}
// setup the models
\Model\Post::setup();
\Model\Tag::setup();
\Model\Comment::setup();
\Model\User::setup();
// create demo admin user
$user = new \Model\User();
$user->load(array('username = ?', 'admin'));
if ($user->dry()) {
$user->username = '******';
$user->name = 'Administrator';
$user->password = '******';
$user->save();
\Flash::instance()->addMessage('Admin User created,' . ' username: admin, password: fabulog', 'success');
}
\Flash::instance()->addMessage('Setup complete', 'success');
}
/**
* Login Procedure
* @param $f3
* @param $params
*/
public function login($f3, $params)
{
if ($f3->exists('POST.username') && $f3->exists('POST.password')) {
sleep(3);
// login should take a while to kick-ass brute force attacks
$user = new \Model\User();
$user->load(array('username = ?', $f3->get('POST.username')));
if (!$user->dry()) {
// check hash engine
$hash_engine = $f3->get('password_hash_engine');
$valid = false;
if ($hash_engine == 'bcrypt') {
$valid = \Bcrypt::instance()->verify($f3->get('POST.password'), $user->password);
} elseif ($hash_engine == 'md5') {
$valid = md5($f3->get('POST.password') . $f3->get('password_md5_salt')) == $user->password;
}
if ($valid) {
@$f3->clear('SESSION');
//recreate session id
$f3->set('SESSION.user_id', $user->_id);
if ($f3->get('CONFIG.ssl_backend')) {
$f3->reroute('https://' . $f3->get('HOST') . $f3->get('BASE') . '/');
} else {
$f3->reroute('/cnc');
}
}
}
\Flash::instance()->addMessage('Wrong Username/Password', 'danger');
}
$this->response->setTemplate('templates/login.html');
}
/**
* Installs tables with default user
* @param $db_type
*/
public function install($db_type)
{
$f3 = \Base::instance();
$db_type = strtoupper($db_type);
if ($db = DBHandler::instance()->get($db_type)) {
$f3->set('DB', $db);
} else {
$f3->error(256, 'no valid Database Type specified');
}
// setup the models
\Model\User::setup();
\Model\Payload::setup();
\Model\Webot::setup();
// create demo admin user
$user = new \Model\User();
$user->load(array('username = ?', 'mth3l3m3nt'));
if ($user->dry()) {
$user->username = '******';
$user->name = 'Framework Administrator';
$user->password = '******';
$user->email = '*****@*****.**';
$user->save();
//migrate payloads successfully
$payload_file = $f3->ROOT . $f3->BASE . '/db_dump_optional/mth3l3m3nt_payload';
if (file_exists($payload_file)) {
$payload = new \Model\Payload();
$payload_file_data = $f3->read($payload_file);
$payloadarray = json_decode($payload_file_data, true);
foreach ($payloadarray as $payloaddata) {
$payload->pName = $payloaddata['pName'];
$payload->pType = $payloaddata['pType'];
$payload->pCategory = $payloaddata['pCategory'];
$payload->pDescription = $payloaddata['pDescription'];
$payload->payload = $payloaddata['payload'];
$payload->save();
//ensures values set to null before continuing update
$payload->reset();
}
//migtate payloads
\Flash::instance()->addMessage('Payload StarterPack: ,' . 'All Starter Pack Payloads added New database', 'success');
} else {
\Flash::instance()->addMessage('Payload StarterPack: ,' . 'StarterPack Database not Found no payloads installed ', 'danger');
}
\Flash::instance()->addMessage('Admin User created,' . ' username: mth3l3m3nt, password: mth3l3m3nt', 'success');
}
\Flash::instance()->addMessage('New Database Setup Completed', 'success');
}
