/**
* Generate unique invite string
* @return string
*/
private function makeInvite()
{
$token = Str::randomLatinNumeric(mt_rand(32, 128));
$find = Invite::where('token', '=', $token)->count();
return $find === 0 ? $token : $this->makeInvite();
// prevent duplication
}
/**
* Save configurations build by installer interface
*/
public function make()
{
// prepare configurations to save
/** @var array $cfg */
$cfg = App::$Properties->getAll('default');
$this->before();
$cfg['baseDomain'] = $this->baseDomain;
$cfg['database'] = $this->db;
$cfg['adminEmail'] = $this->email;
$cfg['singleLanguage'] = $this->singleLanguage;
$cfg['multiLanguage'] = (bool) $this->multiLanguage;
$cfg['passwordSalt'] = '$2a$07$' . Str::randomLatinNumeric(mt_rand(21, 30)) . '$';
$cfg['debug']['cookie']['key'] = 'fdebug_' . Str::randomLatinNumeric(mt_rand(4, 16));
$cfg['debug']['cookie']['value'] = Str::randomLatinNumeric(mt_rand(32, 128));
// import database tables
$connectName = 'install';
include root . '/Private/Database/install.php';
// insert admin user
$user = new User();
$user->setConnection('install');
$user->login = $this->user['login'];
$user->email = $this->user['email'];
$user->role_id = 4;
$user->password = App::$Security->password_hash($this->user['password'], $cfg['passwordSalt']);
$user->save();
$profile = new Profile();
$profile->setConnection('install');
$profile->user_id = $user->id;
$profile->save();
// set installation version
$system = new System();
$system->setConnection('install');
$system->var = 'version';
$system->data = Version::VERSION;
$system->save();
// write config data
App::$Properties->writeConfig('default', $cfg);
// make routing configs based on preset property
$routing = [];
switch ($this->mainpage) {
case 'news':
$routing = ['Alias' => ['Front' => ['/' => '/content/list/news', '/about' => '/content/read/page/about-page']]];
break;
case 'about':
$routing = ['Alias' => ['Front' => ['/' => '/content/read/page/about-page']]];
break;
}
// write routing configurations
App::$Properties->writeConfig('routing', $routing);
// write installer lock
File::write('/Private/Install/install.lock', 'Installation is locked!');
}
/**
* Initialize validator. Set csrf protection token from request data if available.
* @param bool $csrf
*/
public function initialize($csrf = false)
{
$this->_tokenRequired = $csrf;
if ($csrf === true) {
// get current token value from session
$currentToken = App::$Session->get('_csrf_token', false);
// set new token value to session
$newToken = Str::randomLatinNumeric(mt_rand(32, 64));
App::$Session->set('_csrf_token', $newToken);
// if request is submited for this model - try to validate input data
if ($this->send()) {
// token is wrong - update bool state
if ($currentToken !== $this->getRequest('_csrf_token', 'all')) {
$this->_tokenOk = false;
}
}
// set token data to display
$this->_csrf_token = $newToken;
}
}
/**
* Process submit new request
* @return FeedbackPost
*/
public function make()
{
// calculate security hash to direct-on access
$hash = Str::randomLatinNumeric(mt_rand(16, 64));
// init new row and set row data
$record = new FeedbackPost();
$record->name = $this->name;
$record->email = $this->email;
$record->message = $this->message;
$record->hash = $hash;
if (App::$User->isAuth()) {
$record->user_id = App::$User->identity()->getId();
}
$record->ip = App::$Request->getClientIp();
// save row to db
$record->save();
// send notification to email
$this->sendEmail($record);
return $record;
}
/**
* After validation generate new pwd, recovery token and send email
* @throws SyntaxException
* @throws \Ffcms\Core\Exception\NativeException
*/
public function make()
{
$user = App::$User->getIdentityViaEmail($this->email);
if ($user === null) {
throw new SyntaxException('Email not found');
}
if ($user->approve_token !== '0' && Str::length($user->approve_token) > 0) {
throw new SyntaxException('You must approve your account');
}
$rows = UserRecovery::where('user_id', '=', $user->getId())->orderBy('id', 'DESC')->first();
if ($rows !== null && $rows !== false) {
// prevent spam of recovery messages
if (Date::convertToTimestamp($rows->created_at) > time() - self::DELAY) {
return;
}
}
// generate pwd, token and pwdCrypt
$newPwd = Str::randomLatinNumeric(mt_rand(8, 16));
$pwdCrypt = App::$Security->password_hash($newPwd);
$token = Str::randomLatinNumeric(mt_rand(64, 128));
// write new data to recovery table
$rObject = new UserRecovery();
$rObject->user_id = $user->id;
$rObject->password = $pwdCrypt;
$rObject->token = $token;
$rObject->save();
// write logs data
$log = new UserLog();
$log->user_id = $user->id;
$log->type = 'RECOVERY';
$log->message = __('Password recovery is initialized from: %ip%', ['ip' => App::$Request->getClientIp()]);
$log->save();
// generate mail template
$mailTemplate = App::$View->render('user/mail/recovery', ['login' => $user->login, 'email' => $this->email, 'password' => $newPwd, 'token' => $token, 'id' => $rObject->id]);
$sender = App::$Properties->get('adminEmail');
// format SWIFTMailer format
$mailMessage = \Swift_Message::newInstance(App::$Translate->get('Profile', 'Account recovery on %site%', ['site' => App::$Request->getHost()]))->setFrom([$sender])->setTo([$this->email])->setBody($mailTemplate, 'text/html');
// send message
App::$Mailer->send($mailMessage);
}
/**
* Try to insert user data in database
* @param bool $activation
* @return bool
* @throws \Ffcms\Core\Exception\SyntaxException
* @throws \Ffcms\Core\Exception\NativeException
*/
public function tryRegister($activation = false)
{
$check = App::$User->where('login', '=', $this->login)->orWhere('email', '=', $this->email)->count();
if ($check !== 0) {
return false;
}
$password = App::$Security->password_hash($this->password);
// create row
$user = new User();
$user->login = $this->login;
$user->email = $this->email;
$user->password = $password;
// if need to be approved - make random token and send email
if ($activation) {
$user->approve_token = Str::randomLatinNumeric(mt_rand(32, 128));
// random token for validation url
// send email
$template = App::$View->render('user/mail/approve', ['token' => $user->approve_token, 'email' => $user->email, 'login' => $user->login]);
$sender = App::$Properties->get('adminEmail');
// format SWIFTMailer format
$mailMessage = \Swift_Message::newInstance(App::$Translate->get('Default', 'Registration approve', []))->setFrom([$sender])->setTo([$this->email])->setBody($template, 'text/html');
// send message
App::$Mailer->send($mailMessage);
}
// save row
$user->save();
// create profile
$profile = new Profile();
$profile->user_id = $user->id;
// save profile
$profile->save();
// set user & profile objects to attributes to allow extending this model
$this->_userObject = $user;
$this->_profileObject = $profile;
return true;
}
/**
* Generate random string for comment hash value
* @return string
*/
private function generateCommentHash()
{
$hash = Str::randomLatinNumeric(mt_rand(32, 128));
$find = Content::where('comment_hash', '=', $hash)->count();
// hmmm, is always exist? Chance of it is TOOOO low, but lets recursion re-generate
if ($find !== 0) {
return $this->generateCommentHash();
}
return $hash;
}
/**
* Update user information in database based on current obj attributes passed from input data
*/
public function save()
{
foreach ($this->getAllProperties() as $property => $value) {
if ($property === 'password' || $property === 'newpassword') {
// update password only if new is set and length >= 3
if ($this->newpassword !== null && Str::length($this->newpassword) >= 3) {
$this->_user->password = App::$Security->password_hash($this->newpassword);
}
} elseif ($property === 'approve_token') {
if ($value == "1") {
$this->_user->approve_token = '0';
} else {
if ($this->_approve_tmp === '0') {
$this->_approve_tmp = Str::randomLatinNumeric(mt_rand(32, 128));
}
$this->_user->approve_token = $this->_approve_tmp;
}
} else {
$this->_user->{$property} = $value;
}
}
$this->_user->save();
}
/**
* Console installation
* @return string
* @throws NativeException
*/
public function actionInstall()
{
if (File::exist('/Private/Install/install.lock')) {
throw new NativeException('Installation is locked! Please delete /Private/Install/install.lock');
}
echo Console::$Output->writeHeader('License start');
echo File::read('/LICENSE') . PHP_EOL;
echo Console::$Output->writeHeader('License end');
$config = Console::$Properties->get('database');
$newConfig = [];
// creating default directory's
foreach (self::$installDirs as $obj) {
// looks like a directory
if (!Str::contains('.', $obj)) {
Directory::create($obj, 0777);
}
}
echo Console::$Output->write('Upload and private directories are successful created!');
// set chmods
echo $this->actionChmod();
// database config from input
echo Console::$Output->writeHeader('Database connection configuration');
echo 'Driver(default:' . $config['driver'] . '):';
$dbDriver = Console::$Input->read();
if (Arr::in($dbDriver, ['mysql', 'pgsql', 'sqlite'])) {
$newConfig['driver'] = $dbDriver;
}
// for sqlite its would be a path
echo 'Host(default:' . $config['host'] . '):';
$dbHost = Console::$Input->read();
if (!Str::likeEmpty($dbHost)) {
$newConfig['host'] = $dbHost;
}
echo 'Database name(default:' . $config['database'] . '):';
$dbName = Console::$Input->read();
if (!Str::likeEmpty($dbName)) {
$newConfig['database'] = $dbName;
}
echo 'User(default:' . $config['username'] . '):';
$dbUser = Console::$Input->read();
if (!Str::likeEmpty($dbUser)) {
$newConfig['username'] = $dbUser;
}
echo 'Password(default:' . $config['password'] . '):';
$dbPwd = Console::$Input->read();
if (!Str::likeEmpty($dbPwd)) {
$newConfig['password'] = $dbPwd;
}
echo 'Table prefix(default:' . $config['prefix'] . '):';
$dbPrefix = Console::$Input->read();
if (!Str::likeEmpty($dbPrefix)) {
$newConfig['prefix'] = $dbPrefix;
}
// merge configs and add new connection to db pull
$dbConfigs = Arr::merge($config, $newConfig);
Console::$Database->addConnection($dbConfigs, 'install');
try {
Console::$Database->connection('install')->getDatabaseName();
} catch (\Exception $e) {
return 'Testing database connection is failed! Run installer again and pass tested connection data! Log: ' . $e->getMessage();
}
// autoload isn't work here
include root . '/Apps/Controller/Console/Db.php';
// import db data
$dbController = new DbController();
echo $dbController->actionImportAll('install');
// add system info about current install version
$system = new System();
$system->setConnection('install');
$system->var = 'version';
$system->data = Version::VERSION;
$system->save();
// set website send from email from input
$emailConfig = Console::$Properties->get('adminEmail');
echo 'Website sendFrom email(default: ' . $emailConfig . '):';
$email = Console::$Input->read();
if (!Str::isEmail($email)) {
$email = $emailConfig;
}
// set base domain
echo 'Website base domain name(ex. ffcms.org):';
$baseDomain = Console::$Input->read();
if (Str::likeEmpty($baseDomain)) {
$baseDomain = Console::$Properties->get('baseDomain');
}
// generate other configuration data and security salt, key's and other
echo Console::$Output->writeHeader('Writing configurations');
/** @var array $allCfg */
$allCfg = Console::$Properties->getAll('default');
$allCfg['database'] = $dbConfigs;
$allCfg['adminEmail'] = $email;
$allCfg['baseDomain'] = $baseDomain;
echo Console::$Output->write('Generate password salt for BLOWFISH crypt');
$allCfg['passwordSalt'] = '$2a$07$' . Str::randomLatinNumeric(mt_rand(21, 30)) . '$';
echo Console::$Output->write('Generate security cookies for debug panel');
$allCfg['debug']['cookie']['key'] = 'fdebug_' . Str::randomLatinNumeric(mt_rand(8, 32));
$allCfg['debug']['cookie']['value'] = Str::randomLatinNumeric(mt_rand(32, 128));
// write config data
$writeCfg = Console::$Properties->writeConfig('default', $allCfg);
if ($writeCfg !== true) {
return 'File /Private/Config/Default.php is unavailable to write data!';
}
File::write('/Private/Install/install.lock', 'Install is locked');
return 'Configuration done! FFCMS 3 is successful installed! Visit your website. You can add administrator using command php console.php db/adduser';
}
