public static function saveSession()
{
$engine = EngineAPI::singleton();
$localvars = localvars::getInstance();
$db = db::get($localvars->get('dbConnectionName'));
$sql = "INSERT INTO `session`(username,sessionPages,ipAddr) VALUES(?,?,?)";
$validate = new validate();
$username = session::get('username');
$pages = session::get('loggedPages');
$pages = dbSanitize(implode(',', $pages));
$ip = $_SERVER['REMOTE_ADDR'];
$sqlArray = array($username, $pages, $ip);
$db->beginTransaction();
try {
$sqlResult = $db->query($sql, $sqlArray);
if ($sqlResult->error()) {
throw new Exception("ERROR SQL" . $sqlResult->errorMsg());
}
$db->commit();
} catch (Exception $e) {
$db->rollback();
$localvars->set('feedback', $e->getMessage());
errorHandle::errorMsg($e->getMessage());
}
}
<?php
require_once "includes/engine.php";
if (isset($_POST['MYSQL']) && !isset($_SESSION['data']['username'])) {
$insertSession = User::insertSession($_POST['MYSQL']);
if (isset($insertSession) && $insertSession !== false) {
$username = dbSanitize($_POST['MYSQL']['username']);
$options['timeout'] = strtotime('+2 years', time());
session::set('username', $username, $options);
if (isset($_SESSION['data']['username'])) {
header('Location:/setup');
}
}
}
templates::display('header');
if (isset($_SESSION['data']['username'])) {
header('Location:/welcomeback');
}
?>
<section class="wrapper">
<div class="container">
<h2> Get Started </h2>
<p> This app is geared towards teaching concepts to designers that will help them to better understand programming concepts using 2 different frameworks. These frameworks will allow the users to quickly and efficienty learn concepts to focus on the real problems that they are trying to solve. </p>
<p class="micro-text"> This application uses cookies as a local storage system and to validate that you have submitted the basic information. Please make sure you have cookies enabled. </p>
<form class="registerUser" action="<?php
print htmlspecialchars($_SERVER["PHP_SELF"]);
?>
" method="post">
<?php
$localvars = localvars::getInstance();
// username
$username = dbSanitize(session::get('username'));
// rating sys
$starHTML = '<div class="rating-system">
<span class="star" data-star="1"></span>
<span class="star" data-star="2"></span>
<span class="star" data-star="3"></span>
<span class="star" data-star="4"></span>
<span class="star" data-star="5"></span>
</div>';
// create customer form
$form = formBuilder::createForm('setup');
$form->linkToDatabase(array('table' => 'setupSurvey'));
if (!is_empty($_POST) || session::has('POST')) {
$processor = formBuilder::createProcessor();
$processor->setCallback('beforeInsert', 'feedbackCheck');
$processor->processPost();
}
// form titles
$form->insertTitle = "Setup Survey";
$form->editTitle = "";
$form->updateTitle = "";
$form->template = "learningAppTemp";
// form information
$form->addField(array('name' => 'ssID', 'type' => 'hidden', 'primary' => TRUE, 'fieldClass' => 'id', 'showIn' => array(formBuilder::TYPE_INSERT, formBuilder::TYPE_UPDATE)));
$form->addField(array('name' => 'ipAddr', 'type' => 'hidden', 'fieldClass' => 'ip', 'value' => $_SERVER['REMOTE_ADDR'], 'showIn' => array(formBuilder::TYPE_INSERT, formBuilder::TYPE_UPDATE)));
$form->addField(array('name' => 'username', 'type' => 'hidden', 'label' => 'Username:'******'value' => $username, 'required' => TRUE, 'fieldClass' => 'username'));
$form->addField(array('name' => 'starRating', 'type' => 'plaintext', 'label' => 'How easy would you consider your choice, based on this lesson, would be to setup?', 'fieldClass' => 'starRating', 'value' => $starHTML));
public static function numCompleted($user)
{
$engine = EngineAPI::singleton();
$localvars = localvars::getInstance();
$db = db::get($localvars->get('dbConnectionName'));
$sql = "SELECT * FROM `completed` WHERE username=?";
$sqlArray = array(dbSanitize($user));
$sqlResult = $db->query($sql, $sqlArray);
if ($sqlResult->error()) {
return false;
} else {
return $sqlResult->rowCount();
}
}
<?php
require_once "../../includes/engine.php";
templates::display('header');
if (isset($_POST['MYSQL'])) {
$login = $_POST['MYSQL'];
$username = dbSanitize($login['username']);
$pass = dbSanitize($login['password']);
$accepted = LoginAuth::loginUser($username, $pass);
if ($accepted) {
$feedback = "<div class='alert alert-success'> Logged In Successfully! </div>";
header("refresh:3;url=/");
} else {
if (!LoginAuth::checkUsername($username)) {
$feedback = "<div class='alert alert-danger'> Login Failed, wrong <strong><u> username </u></strong> please try again </div>";
} else {
$feedback = "<div class='alert alert-danger'> Login Failed, wrong <strong><u> password </u></strong> please try again </div>";
}
}
$localvars->set('feedback', $feedback);
}
?>
<div class="row">
<div class="col-xs-12 col-sm-offset-2 col-sm-8">
<h2> Login </h2>
</div>
<div class="col-xs-12 col-sm-offset-2 col-sm-8 register well">
{local var="feedback"}
<form action=<?php
function feedbackCheck($processor, $data)
{
$newData = array_map('cleanOutput', $data);
$returnData = dbSanitize($newData);
return $returnData;
}
<?php
require_once "../../includes/engine.php";
if (!isset($_GET['MYSQL']['username']) && !isset($_GET['MYSQL']['ipAddress']) && !isset($_GET['MYSQL']['page'])) {
$complete = false;
} else {
$data = dbSanitize($_GET['MYSQL']);
$complete = User::completed($data['username'], $data['ipAddress'], $data['page']);
if (session::has('completePages')) {
$newSessPages = session::get('completePages');
} else {
$newSessPages = array();
}
$pageCompleted = $data['page'];
if (!in_array($pageCompleted, $newSessPages)) {
$newSessPages[] = $pageCompleted;
}
session::set('completePages', $newSessPages);
}
header('Content-Type: application/json');
print json_encode($complete);
/**
* =========================================================
* Checks logic for searching if user email is in the system
* this will help to provide a way to make sure that users
* are not duplicated in the system.
* =========================================================
**/
public static function checkEmail($email)
{
$engine = EngineAPI::singleton();
$localvars = localvars::getInstance();
$db = db::get($localvars->get('dbConnectionName'));
$sql = "SELECT `email` FROM `users` WHERE `email`=? LIMIT=1";
$email = dbSanitize($email);
$sqlResult = $db->query($sql, array($email));
try {
if ($sqlResult->error()) {
throw new Exception("Error Getting Entries");
}
if ($sqlResult->rowCount() < 1) {
return false;
} else {
return true;
}
} catch (Exception $e) {
errorHandle::errorMsg($e->getMessage());
}
}
<?php
require_once "../includes/engine.php";
templates::display('header');
if (isset($_POST['MYSQL']) && !session::has('username')) {
$data = dbSanitize($_POST['MYSQL']);
$username = $data['username'];
$email = $data['email'];
if (User::checkUser($username, $email) === true) {
$options['timeout'] = strtotime('+2 years', time());
session::set('username', $username, $options);
header('Location:/welcomeback');
} else {
header('Location:/login?failed');
}
}
if (isset($_GET['MYSQL']['failed'])) {
$localvars->set('feedback', '<div class="error-message"> Login failed please check your password, or <a href="/"> register your account. </a> </div>');
}
?>
<section class="wrapper">
<div class="container">
<form class="registerUser" action="<?php
print htmlspecialchars($_SERVER["PHP_SELF"]);
?>
" method="post">
<div class="feedback">
{local var="feedback"}
</div>
{csrf}
<div class='username form-group'>
