function migrate($n = false)
{
if ($this->method !== 'post') {
$this->error('403', 'Forbidden');
return;
}
$CI =& get_instance();
$this->db =& $CI->db;
$db_config = Shutter::get_db_configuration();
$this->load->dbforge();
if ($n === 'schema') {
require FCPATH . 'app' . DIRECTORY_SEPARATOR . 'koken' . DIRECTORY_SEPARATOR . 'schema.php';
foreach ($koken_tables as $table_name => $info) {
$table = $db_config['prefix'] . "{$table_name}";
if ($this->db->table_exists($table)) {
$existing_fields = array();
foreach ($this->db->field_data($table) as $field) {
$existing_fields[$field->name] = $field;
}
foreach ($info['fields'] as $field_name => $field_info) {
if (array_key_exists($field_name, $existing_fields)) {
$field_info['type'] = strtolower($field_info['type']);
$compare = (array) $existing_fields[$field_name];
unset($compare['name']);
unset($compare['primary_key']);
if (isset($compare['max_length'])) {
$compare['constraint'] = (int) $compare['max_length'];
unset($compare['max_length']);
}
if (in_array(strtolower($field_info['type']), array('text', 'varchar', 'longtext'))) {
$field_info['null'] = true;
}
$diff = array_diff_assoc($field_info, $compare);
if (isset($diff['null']) && $diff['null'] === true && is_null($compare['default']) && $field_info['type'] !== 'text' && $field_info['type'] !== 'varchar') {
unset($diff['null']);
}
if (!empty($diff)) {
$this->dbforge->modify_column($table, array($field_name => $field_info));
}
} else {
if (in_array(strtolower($field_info['type']), array('text', 'varchar', 'longtext'))) {
$field_info['null'] = true;
}
$this->dbforge->add_column($table, array($field_name => $field_info));
}
}
if (isset($info['keys'])) {
foreach ($info['keys'] as $key) {
if (is_array($key)) {
$key_name = $this->db->_protect_identifiers(implode('_', $key));
$key = $this->db->_protect_identifiers($key);
} else {
$key_name = $this->db->_protect_identifiers($key);
$key = array($key_name);
}
$sql = "ALTER TABLE {$table} ADD KEY {$key_name} (" . implode(', ', $key) . ")";
$this->db->query($sql);
}
}
if (isset($info['uniques'])) {
foreach ($info['uniques'] as $key) {
$this->db->query("CREATE UNIQUE INDEX {$key} ON {$table} ({$key})");
}
}
} else {
if (!isset($info['no_id'])) {
$this->dbforge->add_field('id');
}
$this->dbforge->add_field($info['fields']);
if (isset($info['keys'])) {
foreach ($info['keys'] as $key) {
$primary = false;
if ($key == 'id') {
$primary = true;
}
$this->dbforge->add_key($key, $primary);
}
}
$this->dbforge->create_table($db_config['prefix'] . "{$table_name}");
if (isset($info['uniques'])) {
$table = $db_config['prefix'] . "{$table_name}";
foreach ($info['uniques'] as $key) {
$this->db->query("CREATE UNIQUE INDEX {$key} ON {$table} ({$key})");
}
}
}
}
$this->_clear_system_caches();
$s = new Setting();
$s->where('name', 'uuid')->get();
if (!$s->exists()) {
$s = new Setting();
$s->name = 'uuid';
$s->value = md5($_SERVER['HTTP_HOST'] . uniqid('', true));
$s->save();
}
$uuid = $s->value;
$base_folder = trim(preg_replace('/\\/api\\.php(.*)?$/', '', $_SERVER['SCRIPT_NAME']), '/');
include FCPATH . 'app' . DIRECTORY_SEPARATOR . 'koken' . DIRECTORY_SEPARATOR . 'DarkroomUtils.php';
$s->where('name', 'image_processing_library')->get();
$libs = DarkroomUtils::libraries();
$processing_string = $libs[$s->value]['label'];
$themes = array('axis' => '86d2f683-9f90-ca3f-d93f-a2e0a9d0a089', 'blueprint' => '1a355994-6217-c7ce-b67a-4241be3feae8', 'boulevard' => 'b30686d9-3490-9abb-1049-fe419a211502', 'chastain' => 'd174e766-5a5f-19eb-d735-5b46ae673a6d', 'elementary' => 'be1cb2d9-ed05-2d81-85b4-23282832eb84', 'madison' => '618e0b9f-fba0-37eb-810a-6d615d0f0e08', 'observatory' => '605ea246-fa37-11f0-f078-d54c8a7cbd3c', 'regale' => 'efde04b6-657d-33b6-767d-67af8ef15e7b', 'repertoire' => 'fa8a5d39-01a5-dfd6-92ff-65a22af5d5ac');
$themes_dir = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR;
foreach ($themes as $name => $guid) {
$dir = $themes_dir . $name;
$guid_path = $dir . DIRECTORY_SEPARATOR . 'koken.guid';
$old_guid_path = $dir . DIRECTORY_SEPARATOR . '.guid';
if (file_exists($old_guid_path)) {
rename($old_guid_path, $guid_path);
} else {
if (is_dir($dir) && !file_exists($guid_path)) {
file_put_contents($guid_path, $guid);
}
}
}
$plugins = array('google-analytics' => 'c4e5bc2b-be8b-3ae7-ccbe-d7e7a1a26136', 'font-loader' => '5b6016ae-9d1a-2336-78c4-63dbb74d39b3', 'koken-spotify' => 'e24a53fc-ac9a-5ab6-5777-237f6dc98496', 'koken-rdio' => '84eb1b9a-ea40-c204-5420-c1af5e1bcbe6', 'koken-html-injector' => '045cb01a-07a6-02b6-a0df-2ae377ce18af', 'koken-pulse-timer' => '6e5cbaa3-9fee-ca89-c989-a7969aa491f3', 'koken-pulse-transition-pack' => '7e958135-8e3e-3b34-5ccd-defe39db9400', 'koken-disqus' => '0a430465-cb52-be7d-a160-94bf73e40c03', 'koken-timeago' => 'bf4ceae8-b2b8-dc16-a439-46a4d915161c');
$plugins_dir = FCPATH . 'storage' . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR;
foreach ($plugins as $name => $guid) {
$dir = $plugins_dir . $name;
$guid_path = $dir . DIRECTORY_SEPARATOR . 'koken.guid';
if (is_dir($dir) && !file_exists($guid_path)) {
file_put_contents($guid_path, $guid);
}
}
$this->load->library('webhostwhois');
$host = new WebhostWhois(array('useDns' => false));
if ($host->key === 'unknown' && isset($_SERVER['KOKEN_HOST'])) {
$host->key = $_SERVER['KOKEN_HOST'];
}
$data = array('domain' => $_SERVER['HTTP_HOST'], 'path' => '/' . $base_folder, 'uuid' => $uuid, 'php' => PHP_VERSION, 'version' => KOKEN_VERSION, 'ip' => $_SERVER['SERVER_ADDR'], 'image_processing' => urlencode($processing_string), 'host' => $host->key, 'plugins' => array());
$s = new Setting();
$s->where('name', 'site_url')->get();
if ($s->value !== 'default') {
$data['published_path'] = $s->value;
}
$t = new Theme();
$themes = $t->read();
foreach ($themes as $theme) {
if (isset($theme['koken_store_guid'])) {
$data['plugins'][] = array('guid' => $theme['koken_store_guid'], 'version' => $theme['version']);
}
}
$plugins = $this->parse_plugins();
foreach ($plugins as $plugin) {
if (isset($plugin['koken_store_guid'])) {
$data['plugins'][] = array('guid' => $plugin['koken_store_guid'], 'version' => $plugin['version']);
}
}
if (!isset($_COOKIE['koken_session']) && !isset($_COOKIE['koken_session_ci'])) {
// Catch upgrades with old auth setup and try to keep them logged in.
$u = new User();
$u->get_by_id($this->auth_user_id);
if ($u->exists()) {
$this->load->library('session');
$u->create_session($this->session);
}
}
// Session upgrade to CI sessions (0.14)
if (!isset($_COOKIE['koken_session_ci']) && isset($_COOKIE['koken_session'])) {
$old_session = unserialize($_COOKIE['koken_session']);
if ($old_session) {
$u = new User();
$u->get_by_id($old_session['user']['id']);
if ($u->exists()) {
$this->load->library('session');
$u->create_session($this->session);
}
}
}
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, KOKEN_STORE_URL . '/register');
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data, '', '&'));
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$r = curl_exec($curl);
curl_close($curl);
die(json_encode(array('done' => true)));
} else {
if ($n) {
$path = $this->migrate_path . "{$n}.php";
$migrate_setting = new Setting();
$migrate_setting->where('name', 'last_migration')->get();
if (is_file($path)) {
include $path;
$is_done = isset($done);
if ($migrate_setting->exists() && $is_done) {
$migrate_setting->value = (int) $n;
$migrate_setting->save();
}
die(json_encode(array('done' => $is_done)));
exit;
}
}
}
}
function index()
{
// GC old sessions
if ($this->method !== 'delete') {
$gc = new Application();
$gc->where('role', 'god')->where('created_on <', strtotime('-14 days'))->get();
$gc->delete_all();
}
if ($this->method == 'get') {
$auth = $this->authenticate();
if ($auth) {
$user_id = $auth[0];
$u = new User();
$u->get_by_id($user_id);
if ($u->exists()) {
$this->set_response_data(array('token' => $auth[1], 'user' => $u->to_array()));
} else {
$this->error('404', 'User not found.');
return;
}
} else {
$this->error('404', 'Session not found.');
return;
}
} else {
switch ($this->method) {
case 'post':
$u = new User();
if ($this->input->post('email') && $this->input->post('password')) {
$u->where('email', $this->input->post('email'))->limit(1)->get();
if ($u->exists() && $u->check_password($this->input->post('password'))) {
$u->create_session($this->session, $this->input->post('remember') === 'on');
} else {
$this->error('404', 'User not found.');
return;
}
} else {
$this->error('403', 'Required parameters "email" and/or "password" are not present.');
return;
}
$this->redirect("/sessions");
break;
case 'delete':
$auth = $this->authenticate();
if (!$auth) {
$this->error('401', 'Not authorized to perform this action.');
return;
}
$a = new Application();
$a->where('token', $auth[1])->get();
$a->delete();
$user_id = $auth[0];
$u = new User();
$u->get_by_id($user_id);
$u->remember_me = null;
$u->save();
$this->load->helper('cookie');
delete_cookie('remember_me');
$this->session->sess_destroy();
exit;
break;
}
}
}
function authenticate($require_king = false)
{
$token = false;
$cookie = false;
$cookie_auth = isset($_SERVER['HTTP_X_KOKEN_AUTH']) && $_SERVER['HTTP_X_KOKEN_AUTH'] === 'cookie';
$this->load->helper('cookie');
if (isset($_COOKIE['koken_session_ci']) && $cookie_auth) {
$token = $this->session->userdata('token');
if ($token) {
$cookie = true;
}
} else {
if (isset($_COOKIE['koken_session']) && !$this->strict_cookie_auth) {
$cookie = unserialize($_COOKIE['koken_session']);
$token = $cookie['token'];
} else {
if ($this->method == 'get' && preg_match("/token:([a-zA-Z0-9]{32})/", $this->uri->uri_string(), $matches)) {
// TODO: deprecate this in favor of X-KOKEN-TOKEN
$token = $matches[1];
} else {
if (isset($_REQUEST['token'])) {
$token = $_REQUEST['token'];
} else {
if (isset($_SERVER['HTTP_X_KOKEN_TOKEN'])) {
$token = $_SERVER['HTTP_X_KOKEN_TOKEN'];
}
}
}
}
}
if ($token && $token === $this->config->item('encryption_key')) {
return true;
} else {
if ($token) {
$a = new Application();
$a->where('token', $token)->limit(1)->get();
if ($a->exists()) {
if ($a->role === 'god' && $this->strict_cookie_auth) {
if (!$cookie) {
return false;
}
} else {
if ($a->single_use) {
$a->delete();
}
}
return array($a->user_id, $token, $a->role);
}
} else {
if ($cookie_auth && get_cookie('remember_me')) {
$remember_token = get_cookie('remember_me');
$u = new User();
$u->where('remember_me', $remember_token)->get();
if ($u->exists()) {
$token = $u->create_session($this->session, true);
return array($u->id, $token, 'god');
}
}
}
}
return false;
}
