/**
* This is the part where we actually create the tables and then populate them
*/
function doAction()
{
global $lang, $config, $db, $q, $inserts, $connect;
$prefix = $connect['prefix'];
$errors = 0;
$db = DblFactory::getConn();
foreach ($q as $key => $value) {
$qu = $db->query(str_replace('{0}', $prefix, $value));
if ($qu) {
$content .= greenIt(ucfirst($key) . $lang->message('step1', 'wasAdded')) . '<br/>';
} else {
$content .= redIt(ucfirst($key) . $lang->message('step1', 'wasNot')) . '<br/>';
$errors++;
}
}
$content .= '<p/>';
foreach ($inserts as $key => $value) {
$qu = $db->query(str_replace('{0}', $prefix, $value));
if (!$qu) {
$errors++;
}
}
if ($errors == 0) {
$content .= '<p/>' . $lang->message('general', 'continue') . '<p/>';
} else {
$content .= '<p/>' . $lang->message('step1', 'fix') . '<p/>';
}
return array($content, $errors, true);
}
function doAction()
{
global $lang, $config, $db, $connect;
$prefix = $connect['prefix'];
$db = DblFactory::getConn();
if ($_POST['password'] == $_POST['repeatPass']) {
$pass = md5($_POST['password']);
$template = <<<END
<table>\t
\t<tr>
\t\t<td>{subject}</td>
\t\t<td>{time}</td>
\t</tr>
\t<tr>
\t\t<td colspan="2">{news}</td>
\t</tr>
\t<tr>
\t\t<td><a href="mailto:{email}">{news}</a></td>
\t\t<td>{category}</td>
\t</tr>
</table>
END;
$db->query('insert into ' . $prefix . '_user ( user, pass, userLevel ) values ( \'' . $_POST['userName'] . '\', \'' . $pass . '\', \'3\' )');
$db->query('insert into ' . $prefix . '_template ( template, user ) values ( \'' . $template . '\', 0 )');
header('Location: ../index.php');
} else {
header('Location: index.php?page=5&error=There%20was%20an%20error.%20Please%20try%20again.');
}
return array($content, $errors, true);
}
public function __construct($class, $defaultNull = null)
{
if (!is_null($defaultNull)) {
$this->defaultNull = $defaultNull;
}
$this->class = $class;
$this->db = DblFactory::getConn();
}
public function __construct($name, $pass)
{
global $connect;
$this->prefix = $connect['prefix'];
$this->db = DblFactory::getConn();
$this->user = $name;
$this->pass = $pass;
}
/**
* Initializes the database connection, and the configuration connections,
* and then makes a call to an abstract method that must be defined in the
* child classes in order to initialize the template system
*
* Contains the only statically called query in the entire application, as it
* resides in an abstract class and the preparedQueryHandler depends on the fact
* that it can derive the name of the class at run time and load those queries.
*/
public function __construct()
{
$this->db = DblFactory::getConn();
$this->config = ConfigFactory::getConfig();
/** STRONG AUTHENTICATION */
if (isset($_COOKIE['uName']) && isset($_COOKIE['pass'])) {
$this->user = UserFactory::getUser($_COOKIE['uName'], md5($_COOKIE['pass']));
} else {
// login as a dummy user who is only able to see news
$this->user = '';
}
$this->init();
}
public static function getUser($name, $password)
{
global $connect;
$prefix = $connect['prefix'];
if ($name == NULL) {
return new Reader(null, null);
} else {
$db = DblFactory::getConn();
$level = $db->query('select userLevel from ' . $prefix . '_user where user=\'' . $name . '\' and pass=\'' . $password . '\'')->fetchObject();
switch ($level->userLevel) {
case 1:
return new Poster($name, $password);
break;
case 2:
return new Moderator($name, $password);
break;
case 3:
return new Administrator($name, $password);
break;
default:
throw new Exception('Cannot create an instance of invalid user level ' . $level->userLevel . '!');
}
}
}
<?php
use blargon\display\News;
use blargon\lang\Language;
use blargon\factory\ConfigFactory;
use blargon\factory\DblFactory;
require_once dirname(__FILE__) . '/config.php';
$db = DblFactory::getConn();
ConfigFactory::setDb($db);
$config = ConfigFactory::getConfig();
$lang = new Language('login');
if (isset($_POST['submit']) && $_POST['submit']) {
$result = $db->query('SELECT id, pass FROM ' . $config->get('prefix') . '_user WHERE user=\'' . $_POST['user'] . '\'')->fetchObject();
if ($db->query('select * from ' . $config->get('prefix') . '_attempts where userId=\'' . $result->id . '\'')->rowCount() >= 5) {
header('Location: login.php?error=' . $lang->message('general', 'locked') . '.');
die;
}
if (md5($_POST['pass']) == $result->pass) {
$id = $db->query('SELECT id FROM ' . $config->get('prefix') . '_user WHERE user=\'' . $_POST['user'] . '\'')->fetchObject();
$db->query('delete from ' . $config->get('prefix') . '_attempts where userId=\'' . $id->id . '\'') or die(mysql_error());
$level = $db->query('SELECT userLevel FROM ' . $config->get('prefix') . '_user WHERE user=\'' . $_POST['user'] . '\'')->fetchObject();
if (isset($_POST['stayLogged']) && $_POST['stayLogged']) {
setcookie('pass', $_POST['pass'], time() + 29030400);
setcookie('uName', $_POST['user'], time() + 29030400);
setcookie('uLevel', $level->userLevel, time() + 29030400);
} else {
setcookie('pass', $_POST['pass']);
setcookie('uName', $_POST['user']);
setcookie('uLevel', $level->userLevel);
}
header('Location: index.php');
public function __construct()
{
$this->db = DblFactory::getConn();
$this->config = ConfigFactory::getConfig();
}
