public function uploadImage($image, $alt) { try { $file = new File($image, 10000); $uploadDir = ASSETS . 'uploads/portfolio/gallery/'; $tmp = ASSETS . 'uploads/portfolio/tmp/'; $file->setUploadDir($tmp); $fileSaver = new FileSaver($file); if (!$file->isNormalSize()) { throw new \Exception('Very big file size'); } if (!$fileSaver->save()) { throw new \Exception('File not selected'); } if (!ImageHelper::isImage($fileSaver->uploadedFile, ['gif', 'png', 'jpg', 'jpeg'])) { throw new \Exception('File is not image'); } if (file_exists($uploadDir . $file->getName())) { $uniqName = FileHelper::getUniqFileName($uploadDir, FileHelper::getFileExtension($file->getName())); $file->setName($uniqName); } FileHelper::move($fileSaver->uploadedFile, $uploadDir . $file->getName()); $db = Service::get('db'); $query = 'INSERT INTO ' . self::getTable() . '(name, alt) VALUES (:name, :alt)'; $stmt = $db->prepare($query); if (!$stmt->execute([':name' => $file->getName(), ':alt' => $alt])) { throw new \Exception('File not saved into DB'); } Service::get('session')->setFlushMsg('success', 'File successfully downloaded'); } catch (\Exception $e) { Service::get('session')->setFlushMsg('error', $e->getMessage()); $response = new ResponseRedirect(Request::getHost() . '/admin'); $response->send(); } }
/** * Redirect to $url with flash msg(type and msg). * * @param $url * @param null $type * @param null $msg * @return ResponseRedirect */ public function redirect($url, $type = null, $msg = null) { $flushmsg = Service::get('session'); $flushmsg->setFlush($type, $msg); $redirect = new ResponseRedirect($url); $redirect->send(); }
public function loginAction() { if (Service::get('security')->isAuthenticated()) { $redirect = new ResponseRedirect($this->generateRoute('home')); $redirect->send(); } $errors = array(); if ($this->getRequest()->isPost()) { if ($user = User::findByEmail($this->getRequest()->post('email'))) { if ($user->password == md5($this->getRequest()->post('password'))) { Service::get('security')->setUser($user); $returnUrl = Service::get('session')->getReturnUrlAndRemove(); if ($user->role == 'ROLE_USER') { $about_access = 'view and create posts'; } elseif ($user->role == 'ROLE_ADMIN') { $about_access = 'view, create, delete posts'; } else { $about_access = 'view posts'; } return $this->redirect(!empty($returnUrl) ? $returnUrl : $this->generateRoute('home'), 'info', 'Hello ' . $user->name . '. Now you can ' . $about_access . '.'); } } array_push($errors, 'Invalid username or password'); } return $this->render('login.html', array('errors' => $errors)); }
public function __construct($msg, $url, $code = 301) { $session = Service::get('session'); $session->setReturnUrl(Service::get('request')->getUri()); $session->addFlushMessage('info', $msg); $resp = new ResponseRedirect($url, $code); $resp->send(); }
public function run() { ServiceContainer::get('security')->generateToken(); try { if (!ServiceContainer::get('security')->checkToken()) { die('Invalid token'); } $map = $this->config['routes']; ServiceContainer::set('route', new Router($map)); $match_route = ServiceContainer::get('route'); $route = $match_route->findRoute(); if (!empty($route['security'])) { $user = ServiceContainer::get('session')->get('authenticated'); if (!empty($user->user_role) != 'ROLE_USER') { $msg = 'Access denied, please login to your account!'; $fsg = ServiceContainer::get('session'); $fsg->setFlush('error', $msg); $redirect = new ResponseRedirect(ServiceContainer::get('route')->buildRoute('security_signin')); $redirect->send(); } } if (class_exists($route['controller'])) { $controller = $route['controller']; $action = $route['action']; $vars = NULL; if (!empty($route['vars'])) { $vars = $route['vars']; } $response = $this->startController($controller, $action, $vars); } else { throw new HttpNotFoundException(); } } catch (HttpNotFoundException $e) { $error_layout = $this->config['not_found']; $renderer = new Renderer($error_layout, array('message' => $e->getMessage(), 'code' => $e->getCode())); $response = new Response($renderer->render()); } $flush = ServiceContainer::get('session')->get('flush') ? ServiceContainer::get('session')->get('flush') : array(); ServiceContainer::get('session')->unsetSession('flush'); if ($response instanceof Response) { if ($response->getType() == 'html') { $view = $this->config['main_layout']; $renderer = new Renderer($view, array('content' => $response->getContent(), 'flush' => $flush)); $wrapped = $renderer->render(); $response = new Response($wrapped); $response->send(); } elseif ($response->getType() == 'json') { $response = new ResponseJson(); $response->send(); } } }
/** * Method initiates the application's work * * @throws AccessException */ public function run() { Service::get('security')->generateToken(); try { if (!Service::get('security')->checkToken()) { throw new AccessException('tokens aren\'t the same'); } //gets necessary information from Router $route = Service::get('router')->start(); // if there are restrictions of rights, will check user's rights if (!empty($route['security'])) { $user = Service::get('session')->get('user'); if (is_object($user)) { if (array_search($user->getRole(), $route['security']) === false) { throw new AccessException('access denied'); } } else { Service::get('session')->setReturnUrl(Service::get('router')->buildRoute($route['_name'])); $redirect = new ResponseRedirect(Service::get('router')->buildRoute($this->config['security']['login_route'])); $redirect->send(); } } $this->savePathToView($route['controller']); Service::get('session')->setReturnUrl(Service::get('request')->getRequestInfo('uri')); $vars = null; if (!empty($route['vars'])) { $vars = $route['vars']; } $response = $this->startController($route['controller'], $route['action'], $vars); } catch (AccessException $e) { echo $e->getMessage(); die; } catch (HttpNotFoundException $e) { $redirect = new ResponseRedirect(Service::get('router')->buildRoute('/')); $redirect->send(); } catch (ServerErrorException $e) { $renderer = new Renderer($e->layout, array('message' => $e->message, 'code' => $e->code)); $response = new Response($renderer->render()); $response->send(); die; } if ($response->getType() == 'html') { $flush = Service::get('session')->get('flush') ? Service::get('session')->get('flush') : array(); Service::get('session')->delFromSess('flush'); $content['content'] = $response->getContent(); $content['flush'] = $flush; $renderer = new Renderer($this->config['main_layout'], $content); $response = new Response($renderer->render()); } $response->send(); }
public function signinAction() { if (Service::get('security')->isAuthenticated()) { $redirect = new ResponseRedirect($this->generateRoute('home')); $redirect->send(); } $errors = array(); if ($this->getRequest()->isPost()) { try { $user = new User(); $user->email = $this->getRequest()->post('email'); $user->password = md5($this->getRequest()->post('password')); $user->role = 'ROLE_USER'; $user->save(); return $this->redirect($this->generateRoute('home')); } catch (DatabaseException $e) { $errors = array($e->getMessage()); } } return $this->render('signin.html', array('errors' => $errors)); }
/** * Sign up new User * * @return \Framework\Response\Response */ public function signupAction() { if (ServiceContainer::get('security')->isAuthenticated()) { $redirect = new ResponseRedirect($this->generateRoute('performance_home')); $redirect->send(); } $errors = array(); if ($this->getRequest()->isPost() == 'POST') { try { $user = new User(); $user->name = $this->getRequest()->post('name'); $user->email = $this->getRequest()->post('email'); $user->password = md5($this->getRequest()->post('password')); $user->user_role = 'ROLE_USER'; $user->save(); return $this->redirect($this->generateRoute('security_signin')); } catch (\Exception $e) { $errors = array($e->getMessage()); } } return $this->render('signup.html', array('errors' => $errors)); }
/** * Check Security * * @param $route * @throws \Exception * * @return void */ private function _checkSecurity($route) { Service::get('security')->generateToken(); if ((new Request())->isPost() && !Service::get('security')->checkToken()) { Service::get('session')->setFlash('error', self::TOKEN_NOT_EXIST); $redirect = new ResponseRedirect((new Request())->getURI()); $redirect->send(); } if (!empty($route['security'])) { $user = Service::get('session')->get('authenticated'); if (is_object($user)) { $user_info = get_object_vars($user); } $user_info['role'] = isset($user_info['role']) ? $user_info['role'] : null; if (!in_array($user_info['role'], $route['security'])) { Service::get('session')->setFlash('error', self::ACCESS_DENIED); Service::get('session')->setReturnUrl(); $redirect = new ResponseRedirect(Service::get('router')->generateRoute($this->_config['security']['login_route'])); $redirect->send(); } } }
public function run() { //print_r($_SERVER); $logger = Service::get('logger'); $router = Service::get('router'); $route = $router->attemptToFindRoute(); //Service::get('logger')->log(Password::hash('mirana1111')); //print_r($route); //Service::get('security')->clear(); //$size = ImageHelper::getImageSize('C:\xampp\htdocs\portfolio\web\uploads\portfolio\gallery\2.jpg'); //Service::get('logger')->log($size[1]); try { if (empty($route)) { throw new HttpNotFoundException(); } else { if (isset($route['security'])) { $user = Service::get('security')->getUser(); if (isset($route['security']['login_route'])) { Service::get('security')->loginRoute = $route['security']['login_route']; } if (is_null($user)) { $host = Request::getHost(); $redirect = new ResponseRedirect($host . Service::get('security')->loginRoute); $redirect->send(); } $role = $route['security']['role']; if ($role !== $user->role) { Service::get('session')->setFlushMsg('warning', '�� ���������� ����'); $host = Request::getHost(); $redirect = new ResponseRedirect($host); $redirect->send(); } /* $c = 0; for ( ; ; ) { if ($c > count($routeSecurity) - 1) { break; } switch($routeSecurity[$c]) { case 'ROLE_USER': $user = $security->getUser(); if(is_null($user)) { $host = Request::getHost(); $redirect = new ResponseRedirect($host.$security->loginRoute); $redirect->send(); break; } else { break; } //continue security } ++$c; } */ } $controllerClass = $route['controller']; if (!class_exists($controllerClass)) { $logger->log('Maybe it`s problem with incorrect routes', 'FATAL'); throw new ServerException('CrAsHeD!!!! SERVER ERROR', 500); } $controller = new $controllerClass(); $action = $route['action'] . 'Action'; if (!method_exists($controller, $action)) { $logger->log('Maybe it`s problem with incorrect routes', 'FATAL'); throw new ServerException('CrAsHeD!!!! SERVER ERROR', 500); } $reflMethod = new \ReflectionMethod($controllerClass, $action); $response = $reflMethod->invokeArgs($controller, isset($route['variables']) ? $route['variables'] : []); $response->send(); } } catch (HttpNotFoundException $e) { $e->show404page(); } catch (ServerException $e) { $e->crashed(); } catch (DatabaseException $e) { die('Database error: ' . $e->getMessage()); } catch (\Exception $e) { } // print_r(Post::find('all')); //$request = Service::get('request'); //echo $request->getFullUrl(); /* $htmlPurifierBuilder = new HtmlPurifierBuilder(); $purifier = $htmlPurifierBuilder->execute(); $purifier->delInvalidTags(true); echo $purifier->purify('<script> awdasfasfafa</script>'); */ //$logger = Service::get('logger'); //$logger->log('suck'); //print_r($route); // $test = new TestController(); // echo $test->generateRoute('add_post'); // $response = $test->render('ok.html'); // $response->send(); }
public function run() { Service::get('security')->generateToken(); if (!Service::get('security')->checkToken()) { die('Token not exist'); } $map = $this->config['routes']; Service::set('route', new Router($map)); $match_route = Service::get('route'); $route = $match_route->findRoute(); if (!empty($route['security'])) { $user = Service::get('session')->get('authenticated'); if (is_object($user)) { $user_role = get_object_vars($user); } if (!empty($user_role['role'] !== 'ROLE_ADMIN')) { $msg = 'Access Denied! Only the administrator can create new posts.'; $fsg = Service::get('session'); $fsg->setFlush('error', $msg); $redirect = new ResponseRedirect(Service::get('route')->buildRoute($this->config['security']['login_route'])); $redirect->send(); } } try { if (class_exists($route['controller'])) { $controller = new $route['controller'](); $action = $route['action'] . 'Action'; if (isset($route['vars'])) { $vars = $route['vars']; } $controller_reflection = new \ReflectionClass($route['controller']); if ($controller_reflection->hasMethod($action)) { $method = new \ReflectionMethod($controller, $action); $params = $method->getParameters(); if (empty($params)) { $response = $method->invoke(new $controller()); } else { $response = $method->invokeArgs(new $controller(), $vars); } } } else { throw new HttpNotFoundException('Oops, Not Found', 404); } } catch (HttpNotFoundException $e) { $error_layout = $this->config['error_500']; $renderer = new Renderer($error_layout, array('message' => $e->getMessage(), 'code' => $e->getCode())); $response = new Response($renderer->render()); } $flush = Service::get('session')->get('flush') ? Service::get('session')->get('flush') : array(); Service::get('session')->unsetSession('flush'); Service::get('session')->setReturnUrl(Service::get('request')->getRequestInfo('uri')); try { if ($response instanceof Response) { if ($response->type == 'html') { $view = $this->config['main_layout']; $renderer = new Renderer($view, array('content' => $response->getContent(), 'flush' => $flush)); $wrapped = $renderer->render(); $response = new Response($wrapped); } $response->send(); } else { throw new BadResponseException('Bad response', 500); } } catch (BadResponseException $e) { echo $e->getMessage(); } }