/**
* Print a line to the stdout.
*
* @param string $string
* The output.
* @param boolean $log
* Whether to add the output to the log.
*/
public function out($string, $log = false)
{
if ($log) {
Logger::message($string);
}
print $string . "\n";
}
/**
* Create the session object.
*
* @param boolean $create_session
* Whether to create the session for the user.
*
* @return Session
* The current session.
*/
public static function createInstance($create_session = true)
{
if ($session_key = static::loadRequestSessionKey()) {
$session_criteria = array('session_key' => array('LIKE', $session_key));
// If the session is only allowed on one IP.
if (Configuration::get('session.single_ip')) {
$session_criteria['session_ip'] = LightningRequest::server('ip_int');
}
// See if the session exists.
if ($session_details = Database::getInstance()->selectRow('session', $session_criteria)) {
// Load the session.
$session = new static($session_details);
if ($session->validateState()) {
$session->ping();
return $session;
} else {
$session->destroy();
return static::create();
}
} else {
// Possible security issue.
Logger::security('Bad session', Logger::SEVERITY_MED);
// There is an old cookie that we should delete.
// Send a cookie to erase the users cookie, in case this is really a minor error.
static::clearCookie();
return static::create();
}
} elseif ($create_session) {
// No session exists, create a new one.
return static::create();
} else {
return null;
}
}
public function execute($job)
{
// Remove expired sessions.
Logger::message('Cleaning sessions...');
$count = Session::clearExpiredSessions();
Logger::message($count . ' sessions removed.');
// Remove user reset keys.
Logger::message('Cleaning expired user keys...');
$count = User::removeExpiredTempKeys();
Logger::message($count . ' user keys removed.');
}
/**
* The main page handler, outputs a 1x1 pixel image.
*/
public function get()
{
if ($t = Request::get('t', 'encrypted')) {
// Track an encrypted link.
if (!Tracker::trackLink($t)) {
Logger::error('Failed to track encrypted link: ' . Encryption::aesDecrypt($t, Configuration::get('tracker.key')));
}
} elseif (Configuration::get('tracker.allow_unencrypted') && ($tracker = Request::get('tracker', 'int'))) {
// Track an unencrypted link.
$user = Request::get('user', 'int') ?: ClientUser::createInstance()->id;
$sub = Request::get('sub', 'int');
Tracker::trackEventID($tracker, $sub, $user);
}
// Output a single pixel image.
header('Content-Type: image/png');
echo base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQMAAAAl21bKAAAAA1BMVEUAAACnej3aAAAAAXRSTlMAQObYZgAAAApJREFUCNdjYAAAAAIAAeIhvDMAAAAASUVORK5CYII=');
exit;
}
public function out($string)
{
Logger::message($string);
}
/**
* Makes sure there is a session, and checks the user password.
* If everything checks out, the global user is created.
*
* @param $email
* @param $password
* @param bool $remember
* If true, the cookie will be permanent, but the password and pin state will still be on a timeout.
* @param boolean $auth_only
* If true, the user will be authenticated but will not have the password state set.
*
* @return bool
*/
public static function login($email, $password, $remember = FALSE, $auth_only = FALSE)
{
// If $auth_only is set, it has to be remembered.
if ($auth_only) {
$remember = TRUE;
}
$user = ClientUser::getInstance();
// If a user is already logged in, cancel that user.
if ($user->id > 0) {
$user->destroy();
}
if ($temp_user = static::loadByEmail($email)) {
// user found
if ($temp_user->checkPass($password)) {
$temp_user->registerToSession($remember, $auth_only ?: Session::STATE_PASSWORD);
return true;
} else {
Logger::security('Bad Password', Logger::SEVERITY_HIGH);
}
} else {
Logger::security('Bad Username', Logger::SEVERITY_MED);
}
// Could not log in.
return false;
}
/**
* Called whenever mysql returns an error executing a query.
*
* @param array $error
* The PDO error.
* @param string $sql
* The original query.
*
* @throws Exception
* When a mysql error occurs.
*/
public function errorHandler($error, $sql)
{
$errors = array();
// Add a header.
$errors[] = "MYSQL ERROR ({$error['0']}:{$error['1']}): {$error['2']}";
// Add the full query.
$errors[] = $sql;
// Show the stack trace.
$backtrace = debug_backtrace();
foreach ($backtrace as $call) {
if (empty($call['file'])) {
$errors[] = 'Called from: ' . $call['class'] . ' : ' . $call['function'];
} elseif (!preg_match('/class_database\\.php$/', $call['file'])) {
$errors[] = 'Called from: ' . $call['file'] . ' : ' . $call['line'];
}
}
// Show actual mysql error.
$errors[] = $error[2];
if ($this->verbose) {
// Add a footer.
// @todo change this so it doesn't require an input.
foreach ($errors as $e) {
Messenger::error($e);
}
throw new Exception("***** MYSQL ERROR *****");
} else {
foreach ($errors as $e) {
Logger::error($e);
}
Logger::error($sql);
}
exit;
}
public static function errorHandler($errno, $errstr, $errfile, $errline)
{
Logger::errorLogStacktrace($errno, $errstr, $errfile, $errline);
}
public function out($string, $log = false)
{
if ($this->stdOUT) {
echo $string . "\n";
}
Logger::message($string);
}
