function ActivationMail($Email, $UserID, $Username)
{
$ActivationToken = jf::$Security->RandomToken();
jf::SaveGeneralSetting("activation_{$ActivationToken}", $UserID);
$MyEmail = "admin@" . HttpRequest::Host();
$Content = "Thank you for joininig " . constant("jf_Application_Title") . " {$Username},\n\t\t\t\tPlease open the following link in order to activate your account:\n\n\t\t\t\t" . SiteRoot . "/sys/xuser/signup?validate={$ActivationToken}\n\n\t\t\t\tIf you did not sign up on this site, just ignore this email.";
return mail($Email, "Account Confirmation", $Content, "From: " . constant("jf_Application_Name") . " <{$MyEmail}>");
}
private function activationMail($email, $userId, $username)
{
$activationToken = jf::$Security->RandomToken();
jf::SaveGeneralSetting("activation_{$activationToken}", $userId);
$myEmail = "*****@*****.**";
$content = "Thank you for joining " . constant("jf_Application_Title") . " {$username},\n Please open the following link in order to activate your account:\n " . CONTEST_MODE_DIR . "user/signup?validate={$activationToken}\n\n If you did not sign up on this site, just ignore this email.";
return mail($email, "Account Confirmation", $content, "From: " . constant("jf_Application_Name") . " <{$myEmail}>");
}
function Start()
{
$this->Username = jf::$XUser->Username();
$Logged = false;
if (isset($_COOKIE["jframework_rememberme"])) {
$rememberMeToken = $_COOKIE["jframework_rememberme"];
$userID = jf::LoadGeneralSetting("rememberme_" . $rememberMeToken);
if ($userID > 0) {
$Result = jf::$XUser->ForceLogin($userID);
$Logged = true;
}
}
if (isset($_POST["Username"])) {
$Username = $_POST['Username'];
$Password = $_POST['Password'];
$loginResult = jf::$XUser->Login($Username, $Password);
if ($loginResult == false) {
$UserID = jf::$XUser->UserID($Username);
$res = jf::$XUser->LastError;
if ($res == \jf\ExtendedUserErrors::Inactive) {
$ErrorString = "Your account is not activated.";
} elseif ($res == \jf\ExtendedUserErrors::InvalidCredentials or $res == \jf\ExtendedUserErrors::NotFound) {
$ErrorString = "Invalid Credentials.";
} elseif ($res == \jf\ExtendedUserErrors::Locked) {
$ErrorString = "Your account is locked. Try again in " . floor(jf::$XUser->LockTime($Username) / 60) . " minute(s).";
} elseif ($res == \jf\ExtendedUserErrors::PasswordExpired) {
$Link = "./reset?user={$UserID}";
$ErrorString = "Your password is expired. You should <a href='{$Link}'>change your password</a>.";
} elseif ($res == \jf\ExtendedUserErrors::TemporaryValidPassword) {
$Link = "./reset?user={$UserID}&temp={$Password}";
$ErrorString = "This is a temporary password. You should <a href='{$Link}'>reset your password</a> now.";
}
$Logged = false;
$this->Error = $ErrorString;
} else {
$Logged = true;
if (isset($_POST['Remember'])) {
$timeout = 60 * 60 * 24 * 30;
$rememberMeToken = jf::$Security->RandomToken();
jf::SaveGeneralSetting("rememberme_" . $rememberMeToken, jf::CurrentUser(), $timeout);
setcookie('jframework_rememberme', $rememberMeToken, jf::time() + $timeout);
}
}
}
if ($Logged == true) {
if (isset($_GET['return'])) {
$this->Redirect($_GET['return']);
}
$this->Success = true;
}
return $this->Present();
}
/**
* Function to scan all the sub directories in the
* challenges directory and store them in application
* settings
*/
public static function run()
{
$categoryObj = new Category();
$categories = $categoryObj->getCategories();
$categoryLessons = array();
//Contains all categories and corresponding lessons
foreach ($categories as $category) {
$categoryLessons[$category] = array();
}
$subDirectories = glob(LESSON_PATH . '*', GLOB_ONLYDIR);
foreach ($subDirectories as $lessonDir) {
$className = "\\webgoat\\" . basename($lessonDir);
if (!class_exists($className)) {
throw new ClassNotFoundException("No class {$className} exists. Please run loadClasses() first.");
}
$obj = new $className();
$classNameWithoutNamespace = basename($lessonDir);
//array key contains categories, value contains lessons belonging to that category
array_push($categoryLessons[$obj->getCategory()], array($classNameWithoutNamespace, $obj));
}
\jf::SaveGeneralSetting('categoryLessons', $categoryLessons);
}
public function Start()
{
if (jf::CurrentUser()) {
// Authorize the user
if (jf::Check('workshop')) {
$hiddenLessons = jf::LoadGeneralSetting("hiddenWorkshopLessons");
// If request to hide the lesson
if (isset($_POST['hide'])) {
if ($hiddenLessons === null) {
// If first request i.e settings not present
$hiddenLessons = array($_POST['hide']);
} else {
array_push($hiddenLessons, $_POST['hide']);
}
jf::SaveGeneralSetting("hiddenWorkshopLessons", $hiddenLessons);
echo json_encode(array('status' => true));
return true;
}
// If request to show the lesson
if (isset($_POST['show'])) {
if ($hiddenLessons !== null) {
$position = array_search($_POST['show'], $hiddenLessons);
if ($position !== false) {
unset($hiddenLessons[$position]);
}
}
jf::SaveGeneralSetting("hiddenWorkshopLessons", $hiddenLessons);
echo json_encode(array('status' => true));
return true;
}
// Get the list of all the lessons/categories
$this->allCategoryLesson = jf::LoadGeneralSetting("categoryLessons");
$this->hiddenLessons = $hiddenLessons;
// To generate 'overview' section of the dashboard
// Store all the stats
$obj = new \webgoat\WorkshopUsers();
if (($workshopUsers = $obj->getAll()) === null) {
// Will return 'null' if no users are present
$workshopUsers = array();
// Initialize it to empty array
}
$this->totalUsers = count($workshopUsers);
$this->totalCategories = count($this->allCategoryLesson);
$lessonCount = 0;
foreach ($this->allCategoryLesson as $category => $lessons) {
$lessonCount += count($lessons);
}
$this->totalLessons = $lessonCount;
$this->totalVisibleLessons = $lessonCount - count($this->hiddenLessons);
// For each lesson store a list of users
// who have completed it
$lessonsCompletedBy = array();
$lessonPrefix = "completed_webgoat\\";
foreach ($this->allCategoryLesson as $category => $lessons) {
foreach ($lessons as $lesson) {
$lessonsCompletedBy[$lesson[0]] = array();
// Index 0 is for name
foreach ($workshopUsers as $user) {
if (jf::LoadUserSetting($lessonPrefix . $lesson[0], $user['ID'])) {
array_push($lessonsCompletedBy[$lesson[0]], $user['Username']);
}
}
}
}
// To generate the reports page
$this->reports = $lessonsCompletedBy;
// To generate analytics
$noOfLessonsInCategories = array(array('Category', 'No of Lessons'));
// Initialize with heading
foreach ($this->allCategoryLesson as $category => $lessons) {
array_push($noOfLessonsInCategories, array($category, count($lessons)));
}
$this->analytics = $noOfLessonsInCategories;
return $this->Present();
} else {
// User not authorized
$this->Redirect(SiteRoot);
// Redirect to home page instead of Login Page
}
} else {
// User not authenticated
$this->Redirect(jf::url() . "/user/login?return=/" . jf::$BaseRequest);
}
}
/**
* @depends testSaveGeneral
*/
function testDeleteGeneral()
{
jf::SaveGeneralSetting("some_name", "some_value");
$this->assertTrue(jf::DeleteGeneralSetting("some_name"));
}
<?php
#####################################################################################
# Transition script. Used to make changes between versions, such as database schema #
# upgrades and similar things. #
#####################################################################################
$OldVersion = jf::LoadGeneralSetting("Version");
$Version = constant("jf_Application_Version");
if ($Version != $OldVersion) {
jf::SaveGeneralSetting("Version", $Version);
# save the new version first, so that concurrent requests do not run transition again
if ($OldVersion == "1.0" and $Version == "2.0") {
//upgrade the database schema from version 1 to version 2
}
}
