public function __construct() { parent::__construct(); \ipinga\acl::$userTableName = 'users'; \ipinga\acl::$usernameFieldName = 'email'; $mgr = \ipinga\ipinga::getInstance()->manager; $mgr->userIsLoggedIn(false); // determine if the user is logged in or not $this->template->logo_url = \ipinga\options::get('logo_url'); $this->template->showLoginFormInTopBanner = false; $u = new \ipinga\table('users'); if ($mgr->isLoggedIn == true) { $u->loadById($mgr->loggedInDetails['USER_ID']); $mgr->update($u->id); } $this->template->loggedInUser = $u; // will be a bunch of null data if the user isn't logged in $this->template->manager = $mgr; $this->template->menuHtml = ''; if (\ipinga\cookie::keyExists('message_for_next_screen') == true) { $this->template->message_for_next_screen = \ipinga\cookie::keyValue('message_for_next_screen'); \ipinga\cookie::drop('message_for_next_screen'); } $this->template->title = \ipinga\options::get('site_title'); $this->template->activePanel = 0; $this->template->skin = \ipinga\options::get('skin'); }
/** * @param array $overrideDefaults */ public static function applySettings($overrideDefaults = array()) { if (count(self::$settings) == 0 || count($overrideDefaults) > 0) { $ipinga = \ipinga\ipinga::getInstance(); $defaults = array('encryption.algorithm' => $ipinga->config('encryption.algorithm'), 'encryption.mode' => $ipinga->config('encryption.mode'), 'encryption.key' => $ipinga->config('encryption.key'), 'encryption.iv' => $ipinga->config('encryption.iv')); self::$settings = array_merge($defaults, $overrideDefaults); } }
public function call() { $mgr = \ipinga\ipinga::getInstance()->manager; $mgr->userIsLoggedIn(true); // determine if the user is logged in or not // die('<pre>'. var_export($mgr,true)); return $mgr->isLoggedIn; }
/** * @param array $params */ function __construct($overrideSettings = array()) { $ipinga = \ipinga\ipinga::getInstance(); // params override global settings $this->settings['manager.max_minutes'] = isset($overrideSettings['manager.max_minutes']) ? $overrideSettings['manager.max_minutes'] : $ipinga->config('manager.max_minutes'); $this->settings['manager.login_url'] = isset($overrideSettings['manager.login_url']) ? $overrideSettings['manager.login_url'] : $ipinga->config('manager.login_url'); $this->settings['manager.expired_url'] = isset($overrideSettings['manager.expired_url']) ? $overrideSettings['manager.expired_url'] : $ipinga->config('manager.expired_url'); $this->settings['manager.ip_changed_url'] = isset($overrideSettings['manager.ip_changed_url']) ? $overrideSettings['manager.ip_changed_url'] : $ipinga->config('manager.ip_changed_url'); $this->newUrl = ''; }
public static function set() { static::initialize(); $ipinga = \ipinga\ipinga::getInstance(); if (count(static::$contents) == 0) { // expire it now if (isset($_COOKIE[$ipinga->config('cookie.name')]) == true) { setcookie($ipinga->config('cookie.name'), '', 1, '/'); } // no need for an else branch, as it wasn't there to begin with } else { $a = array('kludge' => static::$contents); $encrypted = \ipinga\crypto::encrypt(json_encode($a)); setcookie($ipinga->config('cookie.name'), $encrypted, $ipinga->config('cookie.expiration_time'), '/'); } }
public function post() { $v = new \ipinga\validator($_POST, true); $v->checkEmail('email', 'E-Mail Address', true); $v->checkPassword('passwd', 'Password', 4, 20, true, false); if (empty($v->message) == false) { $this->template->message = 'Please fix input errors.'; $this->template->show('login.form'); } else { if (\ipinga\acl::authenticate($_POST['email'], $_POST['passwd']) == true) { // user provided good credentials \ipinga\ipinga::getInstance()->manager->update(\ipinga\acl::$userTable->id); header('location: /'); } else { // user blew it $this->template->message = 'Login Failed: Either your email address or password is incorrect.'; $this->template->show('login.form'); } } }
public function isDupeUsername($username = '') { $ipinga = \ipinga\ipinga::getInstance(); $IsDupe = true; if (!empty($username)) { try { $sql = 'select count(*) as row_count from ' . $this->tableName . ' where username = :username'; $this->lastSql = $sql; $stmt = $ipinga->pdo()->prepare($sql); $stmt->bindParam(':username', $username); $stmt->execute(); $row = $stmt->fetch(\PDO::FETCH_ASSOC); if ($row['row_count'] == 0) { $IsDupe = false; } } catch (\PDOException $e) { echo $e->getMessage() . '<br>' . $sql . '<br><hr>'; $this->saved = false; } } return $IsDupe; }
public static function log($level, $logMessage) { $instanceName = self::instanceName(); if ($level >= self::$threshold) { if ($level >= 0 && $level <= 7) { $type = array('DEBUG', 'INFO', 'NOTICE', 'WARNING', 'ERROR', 'CRITICAL', 'ALERT', 'EMERGENCY')[$level]; } else { $type = 'UNKNOWN'; } try { if (isset(self::$filename) == false) { self::$filename = \ipinga\ipinga::getInstance()->config('logfile'); } if (file_exists(self::$filename) == true) { $handle = fopen(self::$filename, 'ab'); if (!$handle) { throw new \Exception('(log-1) Failed to open file ' . self::$filename); } } else { $handle = fopen(self::$filename, 'wb'); if (!$handle) { throw new \Exception('(log-2) Failed to create file ' . self::$filename); } } fseek($handle, 0, SEEK_END); if (isset(self::$environment) == true) { $environment = self::$environment; fwrite($handle, date("Y-m-d H:i:s") . " [{$type}] [{$environment}] [{$instanceName}] {$logMessage}\r\n"); } else { fwrite($handle, date("Y-m-d H:i:s") . " [{$type}] [{$instanceName}] {$logMessage}\r\n"); } fflush($handle); fclose($handle); } catch (\Exception $e) { die($e->getMessage()); } } }
public function loadByFieldsMatching($fields = array(), $orderBy = 'id') { $w = ''; foreach ($fields as $fieldName => $desiredValue) { if (empty($w) == false) { $w .= ' AND '; } $w .= $fieldName . ' = :' . $fieldName; } if (empty($w) == true) { $sql = sprintf('select id from %s order by %s', $this->tableName, $orderBy); } else { $sql = sprintf('select id from %s where %s order by %s', $this->tableName, $w, $orderBy); } $this->lastSql = $sql; try { $stmt = \ipinga\ipinga::getInstance()->pdo()->prepare($sql); foreach ($fields as $fieldName => $desiredValue) { $stmt->bindValue(':' . $fieldName, $desiredValue); } $stmt->execute(); while ($r = $stmt->fetch(\PDO::FETCH_ASSOC)) { $tbl = new \ipinga\table($this->tableName); $tbl->loadById($r['id']); $this->records[] = $tbl; } } catch (\PDOException $e) { echo $e->getMessage() . '<br>' . $sql . '<br><hr>'; $this->saved = false; } }
/** * @param $filename * * @throws \Exception */ public function include_file($filename) { $ipinga = \ipinga\ipinga::getInstance(); $fullFilename = $ipinga->config('path.views') . '/' . $filename . '.php'; if (file_exists($fullFilename) == false) { throw new \Exception('View not found in ' . $fullFilename); } // Load variables so template code has easier access. This is redundant so it does cause a slight performance hit, but not much. foreach ($this->vars as $key => $value) { ${$key} = $value; } include_once $fullFilename; }
function ipinga_autoload($className) { $ipinga = \ipinga\ipinga::getInstance(); // is this something in the ipinga framework? if (strpos($className, 'ipinga\\') === 0) { $file = $ipinga->config('path.framework') . '/' . substr($className, 7) . '.class.php'; if (file_exists($file) == true) { require_once $file; return true; } } /* $c = debug_backtrace(false); \ipinga\log::debug(var_export($c,true)); */ \ipinga\log::debug('autoload $className=' . $className); // some devs name controllers differently $filename = strtolower(substr($className, 0, strrpos($className, 'Controller'))) . '.controller.php'; // part of the application controllers? $file = $ipinga->config('path.controllers') . '/' . $filename; if (file_exists($file) == true) { \ipinga\log::debug('autoload (controller) $file=' . $file); require_once $file; return true; } // some devs name controllers with a class filename $filename = strtolower($className) . '.class.php'; // part of the application controllers? $file = $ipinga->config('path.controllers') . '/' . $filename; if (file_exists($file) == true) { \ipinga\log::debug('autoload (class in controller directory) $file=' . $file); require_once $file; return true; } // some other class? $file = $ipinga->config('path.classes') . '/' . $filename; if (file_exists($file) == true) { \ipinga\log::debug('autoload (class) $file=' . $file); require_once $file; return true; } // an interface? $filename = strtolower($className) . '.interface.php'; $file = $ipinga->config('path.interfaces') . '/' . $filename; if (file_exists($file) == true) { \ipinga\log::debug('autoload (interface) $file=' . $file); require_once $file; return true; } // part of the application models? $filename = strtolower($className) . '.model.php'; $file = $ipinga->config('path.models') . '/' . $filename; if (file_exists($file) == true) { \ipinga\log::debug('autoload (model) $file=' . $file); require_once $file; return true; } return false; }
/** * This is the method that handles the form post for login */ public function index() { \ipinga\ipinga::getInstance()->manager->logout(); header('location: /'); }
<?php defined('__VERN') or die('Restricted access'); // a little foghorn leghorn just for laughs! echo '<iframe width="560" height="315" src="https://www.youtube.com/embed/1jaSoo9hPi4?rel=0" frameborder="0" allowfullscreen></iframe>'; echo '<pre>' . PHP_EOL; echo '$_GET= ' . var_export($_GET, true) . PHP_EOL . PHP_EOL; echo '$_POST= ' . var_export($_POST, true) . PHP_EOL . PHP_EOL; echo '$_FILES= ' . var_export($_FILES, true) . PHP_EOL . PHP_EOL; echo 'ipinga routes= ' . var_export(\ipinga\ipinga::getInstance()->routes, true) . PHP_EOL . PHP_EOL;
public static function removeAccess($accessWord, $userId = 0) { if (isset(self::$userTable) == false) { self::$userTable = new table(self::$userTableName); } if ($userId == 0) { $userId = self::$userTable->id; } $sql = 'delete from ' . self::$aclTableName . ' where user_id = :user_id and access_word = :access_word'; try { $stmt = \ipinga\ipinga::getInstance()->pdo()->prepare($sql); $stmt->bindParam(':user_id', $userId); $stmt->bindParam(':access_word', $accessWord); $stmt->execute(); } catch (\PDOException $e) { echo $e->getMessage() . '<br>' . $sql . '<br><hr>'; } }
private function processMiddleWare() { $middlewareList = explode('|', $this->middleware); $ipinga = \ipinga\ipinga::getInstance(); $result = true; foreach ($middlewareList as $mw) { if (empty($mw) == false) { $middlewareFile = $ipinga->config('path.middleware') . '/' . $mw . '.middleware.php'; // include the middleware require_once $middlewareFile; // a new controller class instance $class = $mw . 'Middleware'; $middleware = new $class(); $result = call_user_func_array(array($middleware, 'call'), array($ipinga)); if ($result === false) { break; } } } \ipinga\log::debug('middleware ' . $this->middleware . ' is returning ' . $result); return $result; }
/** * WARNING! This son-of-a-gun is ripe with the ability to screw the pooch! PDO doesn't allow a dynamic where * clause. Meaning... you can only bindParam to field=value pairs. It is 100% your responsibility to make * sure the where clause you pass to me is safe from SqlInjection. Just remember "Bobby Tables"!!!! YOU HAVE * BEEN WARNED. * * @param $where * * @return bool */ public function loadByCustomWhere($where) { $this->clear(); try { $sql = 'select * from ' . $this->tableName . ' where ' . $where; $this->lastSql = $sql; $this->sqlParams = array(); $stmt = \ipinga\ipinga::getInstance()->pdo()->prepare($sql); $this->_process_loadby_execute($stmt); } catch (\PDOException $e) { echo $e->getMessage() . '<br>' . $sql . '<br><hr>'; $this->saved = false; } return $this->saved; }