public function __construct()
{
parent::__construct();
\ipinga\acl::$userTableName = 'users';
\ipinga\acl::$usernameFieldName = 'email';
$mgr = \ipinga\ipinga::getInstance()->manager;
$mgr->userIsLoggedIn(false);
// determine if the user is logged in or not
$this->template->logo_url = \ipinga\options::get('logo_url');
$this->template->showLoginFormInTopBanner = false;
$u = new \ipinga\table('users');
if ($mgr->isLoggedIn == true) {
$u->loadById($mgr->loggedInDetails['USER_ID']);
$mgr->update($u->id);
}
$this->template->loggedInUser = $u;
// will be a bunch of null data if the user isn't logged in
$this->template->manager = $mgr;
$this->template->menuHtml = '';
if (\ipinga\cookie::keyExists('message_for_next_screen') == true) {
$this->template->message_for_next_screen = \ipinga\cookie::keyValue('message_for_next_screen');
\ipinga\cookie::drop('message_for_next_screen');
}
$this->template->title = \ipinga\options::get('site_title');
$this->template->activePanel = 0;
$this->template->skin = \ipinga\options::get('skin');
}
/**
* @param array $overrideDefaults
*/
public static function applySettings($overrideDefaults = array())
{
if (count(self::$settings) == 0 || count($overrideDefaults) > 0) {
$ipinga = \ipinga\ipinga::getInstance();
$defaults = array('encryption.algorithm' => $ipinga->config('encryption.algorithm'), 'encryption.mode' => $ipinga->config('encryption.mode'), 'encryption.key' => $ipinga->config('encryption.key'), 'encryption.iv' => $ipinga->config('encryption.iv'));
self::$settings = array_merge($defaults, $overrideDefaults);
}
}
public function call()
{
$mgr = \ipinga\ipinga::getInstance()->manager;
$mgr->userIsLoggedIn(true);
// determine if the user is logged in or not
// die('<pre>'. var_export($mgr,true));
return $mgr->isLoggedIn;
}
/**
* @param array $params
*/
function __construct($overrideSettings = array())
{
$ipinga = \ipinga\ipinga::getInstance();
// params override global settings
$this->settings['manager.max_minutes'] = isset($overrideSettings['manager.max_minutes']) ? $overrideSettings['manager.max_minutes'] : $ipinga->config('manager.max_minutes');
$this->settings['manager.login_url'] = isset($overrideSettings['manager.login_url']) ? $overrideSettings['manager.login_url'] : $ipinga->config('manager.login_url');
$this->settings['manager.expired_url'] = isset($overrideSettings['manager.expired_url']) ? $overrideSettings['manager.expired_url'] : $ipinga->config('manager.expired_url');
$this->settings['manager.ip_changed_url'] = isset($overrideSettings['manager.ip_changed_url']) ? $overrideSettings['manager.ip_changed_url'] : $ipinga->config('manager.ip_changed_url');
$this->newUrl = '';
}
public static function set()
{
static::initialize();
$ipinga = \ipinga\ipinga::getInstance();
if (count(static::$contents) == 0) {
// expire it now
if (isset($_COOKIE[$ipinga->config('cookie.name')]) == true) {
setcookie($ipinga->config('cookie.name'), '', 1, '/');
}
// no need for an else branch, as it wasn't there to begin with
} else {
$a = array('kludge' => static::$contents);
$encrypted = \ipinga\crypto::encrypt(json_encode($a));
setcookie($ipinga->config('cookie.name'), $encrypted, $ipinga->config('cookie.expiration_time'), '/');
}
}
public function post()
{
$v = new \ipinga\validator($_POST, true);
$v->checkEmail('email', 'E-Mail Address', true);
$v->checkPassword('passwd', 'Password', 4, 20, true, false);
if (empty($v->message) == false) {
$this->template->message = 'Please fix input errors.';
$this->template->show('login.form');
} else {
if (\ipinga\acl::authenticate($_POST['email'], $_POST['passwd']) == true) {
// user provided good credentials
\ipinga\ipinga::getInstance()->manager->update(\ipinga\acl::$userTable->id);
header('location: /');
} else {
// user blew it
$this->template->message = 'Login Failed: Either your email address or password is incorrect.';
$this->template->show('login.form');
}
}
}
public function isDupeUsername($username = '')
{
$ipinga = \ipinga\ipinga::getInstance();
$IsDupe = true;
if (!empty($username)) {
try {
$sql = 'select count(*) as row_count from ' . $this->tableName . ' where username = :username';
$this->lastSql = $sql;
$stmt = $ipinga->pdo()->prepare($sql);
$stmt->bindParam(':username', $username);
$stmt->execute();
$row = $stmt->fetch(\PDO::FETCH_ASSOC);
if ($row['row_count'] == 0) {
$IsDupe = false;
}
} catch (\PDOException $e) {
echo $e->getMessage() . '<br>' . $sql . '<br><hr>';
$this->saved = false;
}
}
return $IsDupe;
}
public static function log($level, $logMessage)
{
$instanceName = self::instanceName();
if ($level >= self::$threshold) {
if ($level >= 0 && $level <= 7) {
$type = array('DEBUG', 'INFO', 'NOTICE', 'WARNING', 'ERROR', 'CRITICAL', 'ALERT', 'EMERGENCY')[$level];
} else {
$type = 'UNKNOWN';
}
try {
if (isset(self::$filename) == false) {
self::$filename = \ipinga\ipinga::getInstance()->config('logfile');
}
if (file_exists(self::$filename) == true) {
$handle = fopen(self::$filename, 'ab');
if (!$handle) {
throw new \Exception('(log-1) Failed to open file ' . self::$filename);
}
} else {
$handle = fopen(self::$filename, 'wb');
if (!$handle) {
throw new \Exception('(log-2) Failed to create file ' . self::$filename);
}
}
fseek($handle, 0, SEEK_END);
if (isset(self::$environment) == true) {
$environment = self::$environment;
fwrite($handle, date("Y-m-d H:i:s") . " [{$type}] [{$environment}] [{$instanceName}] {$logMessage}\r\n");
} else {
fwrite($handle, date("Y-m-d H:i:s") . " [{$type}] [{$instanceName}] {$logMessage}\r\n");
}
fflush($handle);
fclose($handle);
} catch (\Exception $e) {
die($e->getMessage());
}
}
}
public function loadByFieldsMatching($fields = array(), $orderBy = 'id')
{
$w = '';
foreach ($fields as $fieldName => $desiredValue) {
if (empty($w) == false) {
$w .= ' AND ';
}
$w .= $fieldName . ' = :' . $fieldName;
}
if (empty($w) == true) {
$sql = sprintf('select id from %s order by %s', $this->tableName, $orderBy);
} else {
$sql = sprintf('select id from %s where %s order by %s', $this->tableName, $w, $orderBy);
}
$this->lastSql = $sql;
try {
$stmt = \ipinga\ipinga::getInstance()->pdo()->prepare($sql);
foreach ($fields as $fieldName => $desiredValue) {
$stmt->bindValue(':' . $fieldName, $desiredValue);
}
$stmt->execute();
while ($r = $stmt->fetch(\PDO::FETCH_ASSOC)) {
$tbl = new \ipinga\table($this->tableName);
$tbl->loadById($r['id']);
$this->records[] = $tbl;
}
} catch (\PDOException $e) {
echo $e->getMessage() . '<br>' . $sql . '<br><hr>';
$this->saved = false;
}
}
/**
* @param $filename
*
* @throws \Exception
*/
public function include_file($filename)
{
$ipinga = \ipinga\ipinga::getInstance();
$fullFilename = $ipinga->config('path.views') . '/' . $filename . '.php';
if (file_exists($fullFilename) == false) {
throw new \Exception('View not found in ' . $fullFilename);
}
// Load variables so template code has easier access. This is redundant so it does cause a slight performance hit, but not much.
foreach ($this->vars as $key => $value) {
${$key} = $value;
}
include_once $fullFilename;
}
function ipinga_autoload($className)
{
$ipinga = \ipinga\ipinga::getInstance();
// is this something in the ipinga framework?
if (strpos($className, 'ipinga\\') === 0) {
$file = $ipinga->config('path.framework') . '/' . substr($className, 7) . '.class.php';
if (file_exists($file) == true) {
require_once $file;
return true;
}
}
/*
$c = debug_backtrace(false);
\ipinga\log::debug(var_export($c,true));
*/
\ipinga\log::debug('autoload $className=' . $className);
// some devs name controllers differently
$filename = strtolower(substr($className, 0, strrpos($className, 'Controller'))) . '.controller.php';
// part of the application controllers?
$file = $ipinga->config('path.controllers') . '/' . $filename;
if (file_exists($file) == true) {
\ipinga\log::debug('autoload (controller) $file=' . $file);
require_once $file;
return true;
}
// some devs name controllers with a class filename
$filename = strtolower($className) . '.class.php';
// part of the application controllers?
$file = $ipinga->config('path.controllers') . '/' . $filename;
if (file_exists($file) == true) {
\ipinga\log::debug('autoload (class in controller directory) $file=' . $file);
require_once $file;
return true;
}
// some other class?
$file = $ipinga->config('path.classes') . '/' . $filename;
if (file_exists($file) == true) {
\ipinga\log::debug('autoload (class) $file=' . $file);
require_once $file;
return true;
}
// an interface?
$filename = strtolower($className) . '.interface.php';
$file = $ipinga->config('path.interfaces') . '/' . $filename;
if (file_exists($file) == true) {
\ipinga\log::debug('autoload (interface) $file=' . $file);
require_once $file;
return true;
}
// part of the application models?
$filename = strtolower($className) . '.model.php';
$file = $ipinga->config('path.models') . '/' . $filename;
if (file_exists($file) == true) {
\ipinga\log::debug('autoload (model) $file=' . $file);
require_once $file;
return true;
}
return false;
}
/**
* This is the method that handles the form post for login
*/
public function index()
{
\ipinga\ipinga::getInstance()->manager->logout();
header('location: /');
}
<?php
defined('__VERN') or die('Restricted access');
// a little foghorn leghorn just for laughs!
echo '<iframe width="560" height="315" src="https://www.youtube.com/embed/1jaSoo9hPi4?rel=0" frameborder="0" allowfullscreen></iframe>';
echo '<pre>' . PHP_EOL;
echo '$_GET= ' . var_export($_GET, true) . PHP_EOL . PHP_EOL;
echo '$_POST= ' . var_export($_POST, true) . PHP_EOL . PHP_EOL;
echo '$_FILES= ' . var_export($_FILES, true) . PHP_EOL . PHP_EOL;
echo 'ipinga routes= ' . var_export(\ipinga\ipinga::getInstance()->routes, true) . PHP_EOL . PHP_EOL;
public static function removeAccess($accessWord, $userId = 0)
{
if (isset(self::$userTable) == false) {
self::$userTable = new table(self::$userTableName);
}
if ($userId == 0) {
$userId = self::$userTable->id;
}
$sql = 'delete from ' . self::$aclTableName . ' where user_id = :user_id and access_word = :access_word';
try {
$stmt = \ipinga\ipinga::getInstance()->pdo()->prepare($sql);
$stmt->bindParam(':user_id', $userId);
$stmt->bindParam(':access_word', $accessWord);
$stmt->execute();
} catch (\PDOException $e) {
echo $e->getMessage() . '<br>' . $sql . '<br><hr>';
}
}
private function processMiddleWare()
{
$middlewareList = explode('|', $this->middleware);
$ipinga = \ipinga\ipinga::getInstance();
$result = true;
foreach ($middlewareList as $mw) {
if (empty($mw) == false) {
$middlewareFile = $ipinga->config('path.middleware') . '/' . $mw . '.middleware.php';
// include the middleware
require_once $middlewareFile;
// a new controller class instance
$class = $mw . 'Middleware';
$middleware = new $class();
$result = call_user_func_array(array($middleware, 'call'), array($ipinga));
if ($result === false) {
break;
}
}
}
\ipinga\log::debug('middleware ' . $this->middleware . ' is returning ' . $result);
return $result;
}
/**
* WARNING! This son-of-a-gun is ripe with the ability to screw the pooch! PDO doesn't allow a dynamic where
* clause. Meaning... you can only bindParam to field=value pairs. It is 100% your responsibility to make
* sure the where clause you pass to me is safe from SqlInjection. Just remember "Bobby Tables"!!!! YOU HAVE
* BEEN WARNED.
*
* @param $where
*
* @return bool
*/
public function loadByCustomWhere($where)
{
$this->clear();
try {
$sql = 'select * from ' . $this->tableName . ' where ' . $where;
$this->lastSql = $sql;
$this->sqlParams = array();
$stmt = \ipinga\ipinga::getInstance()->pdo()->prepare($sql);
$this->_process_loadby_execute($stmt);
} catch (\PDOException $e) {
echo $e->getMessage() . '<br>' . $sql . '<br><hr>';
$this->saved = false;
}
return $this->saved;
}
