FuzeWorks/Core
FuzeWorks
/
Core
1
0
Fork 0
Code Issues 9 Pull Requests Packages Releases Activity

Started working on new systems. Continue on new development environment.

This commit is contained in:
Abel Hoogeveen 2015-09-12 19:52:04 +02:00
parent 5093f98c4b
commit d982534cf0
11 changed files with 874 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Core/System/class.config.php
View File

@ -51,13 +51,6 @@ class Config {
*/
public static $dbActive = false;
/**
* Class Constructor
* @access public
* @param FuzeWorks Core Reference
*/
public static function init() {}
/**
* All loaded Config files
* @var Array of ConfigORM
@ -70,7 +63,7 @@ class Config {
* @param String config file name
* @param String directory, default is Application/Config
* @throws \Exception on file not found
* @return StdObject of config
* @return \FuzeWorks\ConfigORM of config
*/
public static function loadConfigFile($name, $directory = null) {
$dir = (isset($directory) ? $directory : "Application/Config/");
@ -111,7 +104,7 @@ class Config {
* Magic config getter
* @access public
* @param String config file name
* @return StdObject of config
* @return \FuzeWorks\ConfigORM of config
*/
public static function get($name) {
return self::loadConfigFile($name);

37
Core/System/class.layout.php
View File

@ -71,13 +71,14 @@ class Layout {
/**
* Retrieve a template file using a string and a directory and immediatly echo it.
* What template files get loaded depend on the template engine that is used.
* PHP for example used .php files. Providing this function with 'home/dashboard' will load the home/view.dashboard.php files.
*
* What template file gets loaded depends on the template engine that is being used.
* PHP for example uses .php files. Providing this function with 'home/dashboard' will load the home/view.dashboard.php file.
* You can also provide no particular engine, and the manager will decide what template to load.
* Remember that doing so will result in an LayoutException when multiple compatible files are found.
* Remember that doing so will result in a LayoutException when multiple compatible files are found.
* @param String $file File to load
* @param string $directory Directory to load it from
* @return true on success
* @return Boolean true on success
* @throws LayoutException On error
*/
public static function view($file, $directory = 'Application/Views') {
@ -88,10 +89,11 @@ class Layout {
/**
* Retrieve a template file using a string and a directory.
* What template files get loaded depend on the template engine that is used.
* PHP for example used .php files. Providing this function with 'home/dashboard' will load the home/view.dashboard.php files.
*
* What template file gets loaded depends on the template engine that is being used.
* PHP for example uses .php files. Providing this function with 'home/dashboard' will load the home/view.dashboard.php file.
* You can also provide no particular engine, and the manager will decide what template to load.
* Remember that doing so will result in an LayoutException when multiple compatible files are found.
* Remember that doing so will result in a LayoutException when multiple compatible files are found.
* @param String $file File to load
* @param string $directory Directory to load it from
* @return String The output of the template
@ -156,6 +158,7 @@ class Layout {
/**
* Converts a view string to a file using the directory and the used extensions.
*
* It will detect wether the file exists and choose a file according to the provided extensions
* @param String $string The string used by a controller. eg: 'dashboard/home'
* @param String $directory The directory to search in for the template
@ -559,6 +562,20 @@ class JSONEngine implements TemplateEngine {
*/
protected $assigned_variables = array();
/**
* Whether the JSON data should be parsed or left as is
* @var boolean true if to be parsed
*/
protected static $string_return = true;
/**
* Whether the JSON data should be parsed or left as is
* @param true if to be parsed
*/
public static function returnAsString($boolean = true) {
self::$string_return = $boolean;
}
public function setDirectory($directory) {
return true;
}
@ -581,7 +598,10 @@ class JSONEngine implements TemplateEngine {
$json['data'] = $this->assigned_variables;
// And return it
return json_encode($json);
if (self::$string_return)
return json_encode($json);
return $json;
}
public function getFileExtensions() {
@ -590,6 +610,7 @@ class JSONEngine implements TemplateEngine {
public function reset() {
$this->assigned_variables = array();
$this->string_return = true;
}
public function test($param1, $param2, $param3) {

13
Core/System/class.router.php
View File

@ -446,13 +446,22 @@ class Router{
if(!class_exists($class))
require $file;
self::$callable = new $class();
// Get the path the controller should know about
$path = substr(self::getPath(), ($pos = strpos(self::getPath(), '/')) !== false ? $pos + 1 : 0);
// And create the controller
self::$callable = new $class($path);
// If the controller does not want a function to be loaded, provide a halt parameter.
if (isset(self::$callable->halt)) {
return;
}
// Check if method exists or if there is a caller function
if(method_exists(self::$callable, self::$function) || method_exists(self::$callable, '__call')){
// Execute the function on the controller
self::$callable->{self::$function}(self::$parameters);
echo self::$callable->{self::$function}(self::$parameters);
}else{
// Function could not be found

111
Database.sql Normal file
View File

@ -0,0 +1,111 @@
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
CREATE TABLE IF NOT EXISTS `hi_config` (
`id` int(11) NOT NULL,
`file` varchar(32) NOT NULL,
`key` text NOT NULL,
`value` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `hi_log` (
`id` int(11) NOT NULL,
`type` varchar(8) NOT NULL,
`message` varchar(255) NOT NULL,
`logFile` varchar(255) NOT NULL,
`logLine` int(11) NOT NULL,
`context` text NOT NULL,
`runtime` double NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `hi_user_data` (
`data_id` int(11) NOT NULL,
`data_user_id` int(11) NOT NULL,
`data_key` varchar(255) NOT NULL,
`data_value` varchar(255) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `hi_user_emails` (
`email_id` int(11) NOT NULL,
`email_user_id` int(11) NOT NULL,
`email_text` varchar(64) NOT NULL,
`email_primary` tinyint(1) NOT NULL DEFAULT '0'
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `hi_user_permissions` (
`permission_id` int(11) NOT NULL,
`permission_tag_id` int(11) NOT NULL,
`permission_user_id` int(11) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `hi_user_sessions` (
`session_id` int(11) NOT NULL,
`session_hash` varchar(255) NOT NULL,
`session_user_id` int(11) NOT NULL,
`session_info` text NOT NULL,
`session_ip` varchar(64) NOT NULL,
`session_start` datetime NOT NULL,
`session_end` datetime NOT NULL,
`session_active` tinyint(1) NOT NULL DEFAULT '1'
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `hi_user_tags` (
`tag_id` int(11) NOT NULL,
`tag_name` varchar(64) NOT NULL
) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1;
INSERT INTO `hi_user_tags` (`tag_id`, `tag_name`) VALUES
(1, 'ACTIVE'),
(2, 'BLOCKED'),
(3, 'ADMIN');
CREATE TABLE IF NOT EXISTS `hi_user_users` (
`user_id` int(11) NOT NULL,
`user_username` varchar(32) NOT NULL,
`user_password` varchar(255) NOT NULL,
`user_email` varchar(255) NOT NULL COMMENT 'Primary Email of the user',
`user_verify_code` varchar(16) NOT NULL COMMENT 'Verification code used in email to verify user email'
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
ALTER TABLE `hi_config`
ADD PRIMARY KEY (`id`);
ALTER TABLE `hi_log`
ADD PRIMARY KEY (`id`);
ALTER TABLE `hi_user_data`
ADD PRIMARY KEY (`data_id`);
ALTER TABLE `hi_user_emails`
ADD PRIMARY KEY (`email_id`);
ALTER TABLE `hi_user_permissions`
ADD PRIMARY KEY (`permission_id`);
ALTER TABLE `hi_user_sessions`
ADD PRIMARY KEY (`session_id`);
ALTER TABLE `hi_user_tags`
ADD PRIMARY KEY (`tag_id`);
ALTER TABLE `hi_user_users`
ADD PRIMARY KEY (`user_id`);
ALTER TABLE `hi_config`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
ALTER TABLE `hi_log`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
ALTER TABLE `hi_user_data`
MODIFY `data_id` int(11) NOT NULL AUTO_INCREMENT;
ALTER TABLE `hi_user_emails`
MODIFY `email_id` int(11) NOT NULL AUTO_INCREMENT;
ALTER TABLE `hi_user_permissions`
MODIFY `permission_id` int(11) NOT NULL AUTO_INCREMENT;
ALTER TABLE `hi_user_sessions`
MODIFY `session_id` int(11) NOT NULL AUTO_INCREMENT;
ALTER TABLE `hi_user_tags`
MODIFY `tag_id` int(11) NOT NULL AUTO_INCREMENT,AUTO_INCREMENT=4;
ALTER TABLE `hi_user_users`
MODIFY `user_id` int(11) NOT NULL AUTO_INCREMENT;

41
Modules/api/class.main.php
View File

@ -1,10 +1,51 @@
<?php
/**
* FuzeWorks
*
* The FuzeWorks MVC PHP FrameWork
*
* Copyright (C) 2015 TechFuze
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @author TechFuze
* @copyright Copyright (c) 2013 - 2015, Techfuze. (http://techfuze.net)
* @copyright Copyright (c) 1996 - 2015, Free Software Foundation, Inc. (http://www.fsf.org/)
* @license http://opensource.org/licenses/GPL-3.0 GPLv3 License
* @link http://fuzeworks.techfuze.net
* @since Version 0.0.1
* @version Version 0.0.1
*/
namespace Module\Api;
use \FuzeWorks\Module;
/**
* Loading class for multiple API types
*
* Currently loads a REST API class which controllers can extend so they provide a standardized API
* @package net.techfuze.fuzeworks.core
* @author Abel Hoogeveen <abel@techfuze.net>
* @copyright Copyright (c) 2013 - 2015, Techfuze. (http://techfuze.net)
*/
class Main extends Module {
/**
* Gets loaded upon module initialization
*
* Loads all the API types
*/
public function onLoad() {
require_once($this->getModulePath() . "/class.rest.php");
}

82
Modules/api/class.rest.php
View File

@ -1,50 +1,96 @@
<?php
/**
* FuzeWorks
*
* The FuzeWorks MVC PHP FrameWork
*
* Copyright (C) 2015 TechFuze
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @author TechFuze
* @copyright Copyright (c) 2013 - 2015, Techfuze. (http://techfuze.net)
* @copyright Copyright (c) 1996 - 2015, Free Software Foundation, Inc. (http://www.fsf.org/)
* @license http://opensource.org/licenses/GPL-3.0 GPLv3 License
* @link http://fuzeworks.techfuze.net
* @since Version 0.0.1
* @version Version 0.0.1
*/
namespace Module\Api;
use \FuzeWorks\Module;
use \FuzeWorks\Layout;
class RestApi extends Module {
public function onLoad() {}
/**
* RestAPI class for creating API's out of modules or contrllers
*
* Extend a Controller with this class, and be sure to return the data from methods of your controller.
* This data will be parsed by this class and returned as valid JSON data.
* The necessity of API keys can be configured in the controller by settings $this->requireApiKey = false;
* @package net.techfuze.fuzeworks.core
* @author Abel Hoogeveen <abel@techfuze.net>
* @copyright Copyright (c) 2013 - 2015, Techfuze. (http://techfuze.net)
*/
abstract class RestAPI
{
/**
* Property: method
* The HTTP method this request was made in, either GET, POST, PUT or DELETE
*/
public $method = '';
protected $method = '';
/**
* Property: endpoint
* The Model requested in the URI. eg: /files
*/
public $endpoint = '';
protected $endpoint = '';
/**
* Property: verb
* An optional additional descriptor about the endpoint, used for things that can
* not be handled by the basic methods. eg: /files/process
*/
public $verb = '';
protected $verb = '';
/**
* Property: args
* Any additional URI components after the endpoint and verb have been removed, in our
* case, an integer ID for the resource. eg: /<endpoint>/<verb>/<arg0>/<arg1>
* or /<endpoint>/<arg0>
*/
public $args = Array();
protected $args = Array();
/**
* Property: file
* Stores the input of the PUT request
*/
public $file = Null;
protected $file = Null;
/**
* Whether API authentication is needed before interacting with the API
*/
protected $requireApiKey = true;
/**
* Request
* Constructor: __construct
* Allow for CORS, assemble and pre-process the data
*/
public function request($request) {
public function __construct($request) {
header("Access-Control-Allow-Orgin: *");
header("Access-Control-Allow-Methods: *");
header("Content-Type: application/json");
// Return layout data as string
Layout::setEngine('JSON');
Layout::returnAsString(false);
$this->args = explode('/', rtrim($request, '/'));
$this->endpoint = array_shift($this->args);
if (array_key_exists(0, $this->args) && !is_numeric($this->args[0])) {
@ -78,10 +124,21 @@ class RestApi extends Module {
$this->_response('Invalid Method', 405);
break;
}
// And afterwards process the data
echo $this->processAPI();
// Halter for when the RestApi is used by a controller
$this->halt = true;
Layout::reset();
}
/**
* Process an API request when retrieving
* @return String JSON encoded response
*/
public function processAPI() {
if ((int)method_exists($this, $this->endpoint) > 0) {
if (method_exists($this, $this->endpoint)) {
return $this->_response($this->{$this->endpoint}($this->args));
}
return $this->_response("No Endpoint: $this->endpoint", 404);
@ -113,5 +170,4 @@ class RestApi extends Module {
);
return ($status[$code])?$status[$code]:$status[500];
}
}

31
Modules/api/moduleInfo.php
View File

@ -1,4 +1,33 @@
<?php
/**
* FuzeWorks
*
* The FuzeWorks MVC PHP FrameWork
*
* Copyright (C) 2015 TechFuze
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @author TechFuze
* @copyright Copyright (c) 2013 - 2015, Techfuze. (http://techfuze.net)
* @copyright Copyright (c) 1996 - 2015, Free Software Foundation, Inc. (http://www.fsf.org/)
* @license http://opensource.org/licenses/GPL-3.0 GPLv3 License
* @link http://fuzeworks.techfuze.net
* @since Version 0.0.1
* @version Version 0.0.1
*/
return array(
'module_class' => 'Module\Api\Main',
@ -18,7 +47,7 @@ return array(
'website' => 'http://fuzeworks.techfuze.net/',
'date_created' => '03-05-2015',
'date_updated' => '03-05-2015',
'date_updated' => '06-09-2015',
'enabled' => true,
);

288
Modules/users/class.cookie.php Normal file
View File

@ -0,0 +1,288 @@
<?php
/**
* FuzeWorks
*
* The FuzeWorks MVC PHP FrameWork
*
* Copyright (C) 2015 TechFuze
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @author TechFuze
* @copyright Copyright (c) 2013 - 2015, Techfuze. (http://techfuze.net)
* @copyright Copyright (c) 1996 - 2015, Free Software Foundation, Inc. (http://www.fsf.org/)
* @license http://opensource.org/licenses/GPL-3.0 GPLv3 License
* @link http://fuzeworks.techfuze.net
* @since Version 0.0.1
* @version Version 0.0.1
*/
namespace Module\Users;
/**
* Cookie object class.
*
* When a cookie is set in the users class, this object gets returned which can apply the cookie
* @package net.techfuze.fuzeworks.sessions
* @author Abel Hoogeveen <abel@techfuze.net>
* @copyright Copyright (c) 2013 - 2015, Techfuze. (http://techfuze.net)
*/
class Cookie {
/**
* The name of the cookie. Usually the value in the Users config file
* @var String
*/
public $cookie_name;
/**
* The value of the cookie. This will most likely be a sessionkey
* @var Mixed
*/
public $cookie_value = '';
/**
* Cookie time to live. Time until the cookie runs out
* @var integer
*/
public $cookie_ttl = 0;
/**
* The path where this cookie is active. Usually site-wide, but not always
* @var string
*/
public $cookie_path = '';
/**
* The domain where this cookie is active. Usually the domain of the website define in config->main
* @var string
*/
public $cookie_domain = '';
/**
* Whether the cookie is only active on HTTPS
* @var boolean
*/
public $cookie_secure = false;
/**
* Whether the cookie is only active on HTTP
* @var boolean
*/
public $cookie_http_only = false;
/**
* Create the cookie class and all its variables
* @param String $name The name of the cookie. Usually the value in the Users config file
* @param string $value The value of the cookie. This will most likely be a sessionkey
* @param integer $expire Cookie time to live. Time until the cookie runs out
* @param string $path The path where this cookie is active. Usually site-wide, but not always
* @param string $domain The domain where this cookie is active. Usually the domain of the website define in config->main
* @param boolean $secure Whether the cookie is only active on HTTPS
* @param boolean $httponly Whether the cookie is only active on HTTP
*/
public function __construct($name, $value = "", $expire = 0, $path = "", $domain = "", $secure = false, $httponly = false) {
$this->cookie_name = $name;
$this->cookie_value = $value;
$this->cookie_ttl = $expire;
$this->cookie_path = $path;
$this->cookie_domain = $domain;
$this->cookie_secure = $secure;
$this->cookie_http_only = $httponly;
}
/**
* Gets the The name of the cookie. Usually the value in the Users config file.
*
* @return String
*/
public function getCookieName()
{
return $this->cookie_name;
}
/**
* Sets the The name of the cookie. Usually the value in the Users config file.
*
* @param String $cookie_name the cookie name
*
* @return self
*/
public function setCookieName(String $cookie_name)
{
$this->cookie_name = $cookie_name;
return $this;
}
/**
* Gets the The value of the cookie. This will most likely be a sessionkey.
*
* @return Mixed
*/
public function getCookieValue()
{
return $this->cookie_value;
}
/**
* Sets the The value of the cookie. This will most likely be a sessionkey.
*
* @param Mixed $cookie_value the cookie value
*
* @return self
*/
public function setCookieValue(Mixed $cookie_value)
{
$this->cookie_value = $cookie_value;
return $this;
}
/**
* Gets the Cookie time to live. Time until the cookie runs out.
*
* @return integer
*/
public function getCookieTtl()
{
return $this->cookie_ttl;
}
/**
* Sets the Cookie time to live. Time until the cookie runs out.
*
* @param integer $cookie_ttl the cookie ttl
*
* @return self
*/
public function setCookieTtl($cookie_ttl)
{
$this->cookie_ttl = $cookie_ttl;
return $this;
}
/**
* Gets the The path where this cookie is active. Usually site-wide, but not always.
*
* @return string
*/
public function getCookiePath()
{
return $this->cookie_path;
}
/**
* Sets the The path where this cookie is active. Usually site-wide, but not always.
*
* @param string $cookie_path the cookie path
*
* @return self
*/
public function setCookiePath($cookie_path)
{
$this->cookie_path = $cookie_path;
return $this;
}
/**
* Gets the The domain where this cookie is active. Usually the domain of the website define in config->main.
*
* @return string
*/
public function getCookieDomain()
{
return $this->cookie_domain;
}
/**
* Sets the The domain where this cookie is active. Usually the domain of the website define in config->main.
*
* @param string $cookie_domain the cookie domain
*
* @return self
*/
public function setCookieDomain($cookie_domain)
{
$this->cookie_domain = $cookie_domain;
return $this;
}
/**
* Gets the Whether the cookie is only active on HTTPS.
*
* @return boolean
*/
public function getCookieSecure()
{
return $this->cookie_secure;
}
/**
* Sets the Whether the cookie is only active on HTTPS.
*
* @param boolean $cookie_secure the cookie secure
*
* @return self
*/
public function setCookieSecure($cookie_secure)
{
$this->cookie_secure = $cookie_secure;
return $this;
}
/**
* Gets the Whether the cookie is only active on HTTP.
*
* @return boolean
*/
public function getCookieHttpOnly()
{
return $this->cookie_http_only;
}
/**
* Sets the Whether the cookie is only active on HTTP.
*
* @param boolean $cookie_http_only the cookie http only
*
* @return self
*/
public function setCookieHttpOnly($cookie_http_only)
{
$this->cookie_http_only = $cookie_http_only;
return $this;
}
/**
* Send the cookie to the user
* @return boolean Whether the cookie has been successfully placed
*/
public function place() {
return setcookie($this->cookie_name,
$this->cookie_value,
$this->cookie_ttl,
$this->cookie_path,
$this->cookie_domain,
$this->cookie_secure,
$this->cookie_http_only
);
}
}
?>

151
Modules/users/class.udt.php Normal file
View File

@ -0,0 +1,151 @@
<?php
/**
* FuzeWorks
*
* The FuzeWorks MVC PHP FrameWork
*
* Copyright (C) 2015 TechFuze
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @author TechFuze
* @copyright Copyright (c) 2013 - 2015, Techfuze. (http://techfuze.net)
* @copyright Copyright (c) 1996 - 2015, Free Software Foundation, Inc. (http://www.fsf.org/)
* @license http://opensource.org/licenses/GPL-3.0 GPLv3 License
* @link http://fuzeworks.techfuze.net
* @since Version 0.0.1
* @version Version 0.0.1
*/
namespace Module\Users;
/**
* User Data Table
*
* Contains all the information about a user available in the database.
*
* This includes permissions, key-data storage, emails and general information.
*
* This includes session information of the current session if applicable. This does not contain a history of sessions.
*
* This does also NOT include password and verification code because of security.
*
* This class can read the permissions of the user, this class can however NOT change the permissions.
*
* For changing permissions, invoke removePermission of addPermission on the \Module\Users\Users class.
*
* @package net.techfuze.fuzeworks.sessions
* @author Abel Hoogeveen <abel@techfuze.net>
* @copyright Copyright (c) 2013 - 2015, Techfuze. (http://techfuze.net)
*/
class Udt {
/**
* The user ID of the user
* @var int UserID
*/
public $user_id;
/**
* The username of the user
* @var String username
*/
public $username;
/**
* The primary email address of the user
* @var String email adress
*/
public $primaryEmail;
/**
* All the emails of this user
* @var array of emails
*/
public $emails = array();
/**
* All the permissions that this user has
* @var array of permissions
*/
public $permissions = array();
/**
* Basic key-value data storage of this user
* @var array key-value
*/
public $data = array();
/**
* Information about the current session, if applicable
* @var null|array Null if not active, array if about the current session
*/
public $session = null;
/**
* The sessionKey of the current session
* @var null|string Null if not active, string if about the current session
*/
public $sessionKey = null;
/**
* Create the UDT object
* @param int $id The user ID of the user
* @param String $username The username of the user
* @param String $primaryEmail The primary email address of the user
* @param Array $emails All the emails of this user
* @param Array $permissions All the permissions that this user has
* @param array $data Basic key-value data storage of this user
* @param null|string $session Information about the current session, if applicable
* @param null|array $sessionKey The sessionKey of the current session, if applicable
*/
public function __construct($id, $username, $primaryEmail, $emails, $permissions, $data = array(), $session = null, $sessionKey = null) {
$this->user_id = $id;
$this->username = $username;
$this->primaryEmail = $primaryEmail;
$this->emails = $emails;
$this->permissions = $permissions;
$this->data = $data;
$this->session = $session;
$this->sessionKey = $sessionKey;
}
/**
* Whether this user has access to a certain permissiontag
* @param String $permissionTag The tag to look for
* @return boolean true if permission is present
*/
public function hasPermission($permissionTag) {
return (isset($this->permissions[$permissionTag]) || isset($this->permissions['ADMIN']));
}
/**
* Return the UDT as an array
* @return Array of UDT
*/
public function toArray() {
return array(
'user_id' => $this->user_id,
'username' => $this->username,
'email' => $this->primaryEmail,
'emails' => $this->emails,
'permissions' => $this->permissions,
'data' => $this->data,
'session' => (is_null($this->session) ? false : $this->session),
'sessionKey' => (is_null($this->sessionKey) ? false : $this->sessionKey)
);
}
}
?>

202
Modules/users/class.users.php
View File

@ -60,22 +60,38 @@ class Users extends Module {
*/
private $db;
/**
* Whether cookies should be set or the details should be returned as arrays
* @var boolean true for cookies, false for arrays
*/
public $setCookies = true;
/**
* Gets called upon module initialization
* @access public
*/
public function onLoad() {
require_once($this->getmodulePath() . "/class.events.php");
$this->setModuleConfig(Config::loadConfigFile('sessions', $this->getModulePath()));
require_once($this->getModulePath() . "/class.cookie.php");
require_once($this->getModulePath() . "/class.udt.php");
$this->db = Modules::get('core/database');
}
/**
* Whether cookies should be set or the details should be returned as arrays
* @param boolean $boolean true for cookies, false for arrays
*/
public function setCookies($boolean = true) {
$this->setCookies = $boolean;
}
/**
* Validate a session using a sessionKey
* Looks up wether a session exists and returns sessionData
* @access public
* @param String SessionKey (optional)
* @return SessionData Array
* @todo Evaluate final conditions, vague
*/
public function start($sessionKey = null) {
// Fetch the sessionKey, if it exists
@ -93,18 +109,16 @@ class Users extends Module {
// Prepare for the event
if ($data !== false) {
$udt = $this->convertUserData($data);
$user_id = $udt['user_id'];
$username = $udt['user_username'];
$email = $udt['user_email'];
$guest_session = false;
} else {
$udt = $this->getGuestUdt();
$user_id = 0;
$username = 'Guest';
$email = 'Guest@'.Config::get('main')->SITE_DOMAIN;
$guest_session = true;
}
$user_id = $udt->user_id;
$username = $udt->username;
$email = $udt->primaryEmail;
// Fire the event
$event = Events::fireEvent(new SessionStartEvent(), $user_id, $username, $email, $udt, $guest_session);
if ($event->isCancelled() || $event->guest_session) {
@ -124,8 +138,13 @@ class Users extends Module {
* @return Guest UDT
*/
private function sendGuestSession() {
// Replace a cookie if present so the user will become a guest
if (isset($_COOKIE[$this->cfg->cookie_name])) {
setcookie($this->cfg->cookie_name, '', time()-3600, '/', Config::get('main')->SITE_DOMAIN);
$cookie = new Cookie($this->cfg->cookie_name, '', time()-3600, '/', Config::get('main')->SITE_DOMAIN);
// Set the cookie if required to do so
if ($this->setCookies) {
$cookie->place();
}
}
$udt = $this->getGuestUdt();
$this->udt = $udt;
@ -139,15 +158,21 @@ class Users extends Module {
* @return Array UDT
*/
private function getGuestUdt() {
return array(
'user_id' => 0,
'user_username' => 'Guest',
'username' => 'Guest',
'user_email' => 'Guest@'.Config::get('main')->SITE_DOMAIN,
'email' => 'Guest@'.Config::get('main')->SITE_DOMAIN,
'permissions' => array('GUEST' => 'GUEST', 'LOGIN' => 'LOGIN'),
'session_hash' => '0'
);
$udt = new Udt(0,
'Guest',
'Guest@'.Config::get('main')->SITE_DOMAIN,
array(
'Guest@'.Config::get('main')->SITE_DOMAIN
),
array(
'GUEST' => 'GUEST',
'LOGIN' => 'LOGIN'
),
array(),
'0'
);
return $udt;
}
/**
@ -158,8 +183,6 @@ class Users extends Module {
* @return UDT
*/
private function sendUserSession($udt) {
$udt['username'] = $udt['user_username'];
$udt['email'] = $udt['user_email'];
$this->udt = $udt;
$this->logSessionData();
return $udt;
@ -171,7 +194,7 @@ class Users extends Module {
*/
private function logSessionData() {
Logger::newLevel("Activating Session");
Logger::logInfo("<br />SessionKey: " . $this->session_hash . "<br />Username: " . $this->user_username . "<br/>Email: " . $this->user_email . "<br/>Permissions: " . implode('-', $this->permissions));
Logger::logInfo("<br />SessionKey: " . $this->sessionKey . "<br />Username: " . $this->username . "<br/>Email: " . $this->primaryEmail . "<br/>Permissions: " . implode('-', $this->permissions));
Logger::stopLevel();
}
@ -219,15 +242,15 @@ class Users extends Module {
$prefix = $this->db->getPrefix();
$query = "
SELECT *
FROM ".$prefix."session_permissions AS permissions
FROM ".$prefix."user_permissions AS permissions
LEFT JOIN ".$prefix."session_users AS users
LEFT JOIN ".$prefix."user_users AS users
ON permissions.permission_user_id=users.user_id
LEFT JOIN ".$prefix."session_tags AS tags
LEFT JOIN ".$prefix."user_tags AS tags
ON permissions.permission_tag_id=tags.tag_id
LEFT JOIN ".$prefix."session_sessions AS sessions
LEFT JOIN ".$prefix."user_sessions AS sessions
ON permissions.permission_user_id=sessions.session_user_id
WHERE sessions.session_hash = ?
@ -264,7 +287,7 @@ class Users extends Module {
$prefix = $this->db->getPrefix();
$query = "
SELECT *
FROM ".$prefix."session_users AS users
FROM ".$prefix."user_users AS users
WHERE users.user_email = :identifier OR users.user_username = :identifier";
$stmnt = $this->db->prepare($query);
$stmnt->execute(array('identifier' => $identifier));
@ -364,7 +387,7 @@ class Users extends Module {
* Propagate a login to the database and set the cookie. Don't forget to redirect to apply the cookie
* @access public
* @param Array SessionData
* @return Boolean true on success, false on failure
* @return Boolean|\Module\Users\Cookie true on success, false on failure, \Module\Users\Cookie on success with cookie data
*/
public function propagate($sessionData) {
$prefix = $this->db->getPrefix();
@ -377,7 +400,7 @@ class Users extends Module {
'session_start' => $sessionData['session_start']);
$query = "
INSERT INTO ".$prefix."session_sessions
INSERT INTO ".$prefix."user_sessions
(session_hash,session_user_id,session_info,session_ip,session_start)
VALUES (:hash, :user_id, :info, :ip, :session_start)
";
@ -385,11 +408,14 @@ class Users extends Module {
$stmnt->execute($insert_array);
if ($stmnt->rowCount() == 1) {
// Set the cookie
setcookie($this->cfg->cookie_name, $sessionData['hash'], $sessionData['valid_time'], '/', Config::get('main')->SITE_DOMAIN);
$cookie = new Cookie($this->cfg->cookie_name, $sessionData['hash'], $sessionData['valid_time'], '/', Config::get('main')->SITE_DOMAIN);
if ($this->setCookies)
$cookie->place();
else
return $cookie;
return true;
} else {
throw new SessionException("Could not log user in. Database error", 1);
return false;
}
}
@ -399,7 +425,7 @@ class Users extends Module {
* @access public
* @param String SessionKey (optional)
* @param Boolean Propagate the logout to the database (default true)
* @return Boolean true on success, false on deny
* @return Boolean|\Module\Users\Cookie true on success, false on deny, \Moule\Users\Cookie on success without sending the cookie
* @throws SessionException on fatal error
*/
public function logout($sessionKey = null, $propagate = true) {
@ -426,19 +452,26 @@ class Users extends Module {
if ($propagate) {
// If set to propagete, edit the entry in the database
$prefix = $this->db->getPrefix();
$query = "UPDATE ".$prefix."session_sessions SET session_active = 0 WHERE session_hash = ?";
$query = "UPDATE ".$prefix."user_sessions SET session_active = 0 WHERE session_hash = ?";
$stmnt = $this->db->prepare($query);
$stmnt->execute(array($sessionKey));
// And after that remove the cookie
if ($stmnt->rowCount() == 1) {
// Set the cookie
setcookie($this->cfg->cookie_name, $sessionKey, date('U') - 3600, '/', Config::get('main')->SITE_DOMAIN);
$cookie = new Cookie($this->cfg->cookie_name, $sessionKey, date('U') - 3600, '/', Config::get('main')->SITE_DOMAIN);
if ($this->setCookies) {
$cookie->place();
} else {
return $cookie;
}
return true;
}
throw new SessionException("Could not log user out. Database error", 1);
}
return true;
}
}
@ -504,26 +537,26 @@ class Users extends Module {
$password = password_hash($password, PASSWORD_DEFAULT);
// Check for the existence of an account
$qry = "SELECT * FROM hi_session_users WHERE user_username = :username OR user_email = :email";
$qry = "SELECT * FROM hi_user_users WHERE user_username = :username OR user_email = :email";
$stmnt = Modules::get('core/database')->prepare($qry);
$stmnt->execute(['username' => $username, 'email' => $email]);
$data = $stmnt->fetch(\PDO::FETCH_ASSOC);
if (empty($data)) {
// And put the data into the database
$prefix = $this->db->getPrefix();
$qry1 = "INSERT INTO ".$prefix."session_users (user_username,user_password,user_email,verify_code) VALUES (:username,:password,:email,:verify_code)";
$qry2 = "INSERT INTO ".$prefix."session_permissions (permission_tag_id,permission_user_id) VALUES (:tag_id,:user_id)";
$qry1 = "INSERT INTO ".$prefix."user_users (user_username,user_password,user_email,user_verify_code) VALUES (:username,:password,:email,:user_verify_code)";
$qry2 = "INSERT INTO ".$prefix."user_permissions (permission_tag_id,permission_user_id) VALUES (:tag_id,:user_id)";
Modules::get('core/database')->beginTransaction();
$stmnt1 = Modules::get('core/database')->prepare($qry1);
$stmnt2 = Modules::get('core/database')->prepare($qry2);
$stmnt1->execute(['username' => $username, 'password' => $password, 'email' => $email, 'verify_code' => substr(sha1(uniqid()), 0, 15)]);
$stmnt1->execute(['username' => $username, 'password' => $password, 'email' => $email, 'user_verify_code' => substr(sha1(uniqid()), 0, 15)]);
$id = Modules::get('core/database')->lastInsertId();
$stmnt2->execute(['tag_id' => 1, 'user_id' => $id]);
// And then fire the event
$event = Events::fireEvent(new SessionUserCreateEvent(), $user_id, $username, $password);
$event = Events::fireEvent(new SessionUserCreateEvent(), $id, $username, $password);
if ($event->isCancelled()) {
Modules::get('core/database')->rollBack();
return false;
@ -634,7 +667,7 @@ class Users extends Module {
// And fetch tag information
$prefix = $this->db->getPrefix();
$stmnt = Modules::get('core/database')->prepare("UPDATE ".$prefix."session_users SET $key = ?");
$stmnt = Modules::get('core/database')->prepare("UPDATE ".$prefix."user_users SET $key = ?");
$stmnt->execute([$value]);
if ($stmnt->rowCount() == 1) {
return true;
@ -765,7 +798,7 @@ class Users extends Module {
public function verifyUser($verifyCode) {
// And fetch tag information
$prefix = $this->db->getPrefix();
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."session_users WHERE user_verify_code = ?");
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."user_users WHERE user_verify_code = ?");
$stmnt->execute([$verifyCode]);
$data = $stmnt->fetchAll(\PDO::FETCH_ASSOC);
if (count($data == 1)) {
@ -784,7 +817,7 @@ class Users extends Module {
*/
public function verifyPassword($userId, $password) {
$prefix = $this->db->getPrefix();
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."session_users WHERE user_id = ?");
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."user_users WHERE user_id = ?");
$stmnt->execute([$userId]);
$data = $stmnt->fetchAll(\PDO::FETCH_ASSOC);
if (!empty($data)) {
@ -873,7 +906,7 @@ class Users extends Module {
// And fetch tag information
$prefix = $this->db->getPrefix();
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."session_tags WHERE tag_name = ?");
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."user_tags WHERE tag_name = ?");
$stmnt->execute([strtoupper($permissionTag)]);
$tag = $stmnt->fetch(\PDO::FETCH_ASSOC);
if (!empty($tag)) {
@ -881,16 +914,16 @@ class Users extends Module {
}
// And now remove the reference in the database
$stmnt = Modules::get('core/database')->prepare("DELETE FROM ".$prefix."session_permissions WHERE permission_tag_id = :tag_id AND permission_user_id = :user_id");
$stmnt = Modules::get('core/database')->prepare("DELETE FROM ".$prefix."user_permissions WHERE permission_tag_id = :tag_id AND permission_user_id = :user_id");
$stmnt->execute(['tag_id' => $tag_id, 'user_id' => $user_id]);
if ($stmnt->rowCount() == 1) {
// Check if the tag is still used
if ($removeTag) {
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."session_permissions WHERE permission_tag_id = ?");
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."user_permissions WHERE permission_tag_id = ?");
$stmnt->execute([strtoupper($permissionTag)]);
if (count($stmnt->fetchAll(\PDO::FETCH_ASSOC)) == 0) {
// Remove the tag
$stmnt = Modules::get('core/database')->prepare("DELETE FROM ".$prefix."session_tags WHERE tag_name = ?");
$stmnt = Modules::get('core/database')->prepare("DELETE FROM ".$prefix."user_tags WHERE tag_name = ?");
$stmnt->execute([strtoupper($permissionTag)]);
if ($stmnt->rowCount() == 0) {
// Something went wrong
@ -933,13 +966,13 @@ class Users extends Module {
// Check if the tag already exists
$prefix = $this->db->getPrefix();
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."session_tags WHERE tag_name = ?");
$stmnt = Modules::get('core/database')->prepare("SELECT * FROM ".$prefix."user_tags WHERE tag_name = ?");
$stmnt->execute([strtoupper($permissionTag)]);
$d = $stmnt->fetchAll(\PDO::FETCH_ASSOC);
if (count($d) == 0) {
// Create tag
$stmnt = Modules::get('core/database')->prepare("INSERT INTO ".$prefix."session_tags (tag_name) VALUES (:tag_name)");
$stmnt = Modules::get('core/database')->prepare("INSERT INTO ".$prefix."user_tags (tag_name) VALUES (:tag_name)");
$stmnt->execute(['tag_name' => strtoupper($permissionTag)]);
$id = $stmnt->lastInsertId();
} elseif (count($d) == 1) {
@ -949,7 +982,7 @@ class Users extends Module {
}
// Add the permission
$stmnt = Modules::get('core/database')->prepare("INSERT INTO ".$prefix."session_permissions (permission_tag_id,permission_user_id) VALUES (:permission_tag_id,:permission_user_id)");
$stmnt = Modules::get('core/database')->prepare("INSERT INTO ".$prefix."user_permissions (permission_tag_id,permission_user_id) VALUES (:permission_tag_id,:permission_user_id)");
$stmnt->execute(['permission_tag_id' => $id, 'permission_user_id' => $user_id]);
if ($stmnt->rowCount() == 1) {
@ -972,12 +1005,12 @@ class Users extends Module {
$prefix = $this->db->getPrefix();
$query = "
SELECT *
FROM ".$prefix."session_permissions AS permissions
FROM ".$prefix."user_permissions AS permissions
LEFT JOIN ".$prefix."session_users AS users
LEFT JOIN ".$prefix."user_users AS users
ON permissions.permission_user_id=users.user_id
LEFT JOIN ".$prefix."session_tags AS tags
LEFT JOIN ".$prefix."user_tags AS tags
ON permissions.permission_tag_id=tags.tag_id
WHERE users.user_username = ?
@ -1009,12 +1042,12 @@ class Users extends Module {
$prefix = $this->db->getPrefix();
$query = "
SELECT *
FROM ".$prefix."session_permissions AS permissions
FROM ".$prefix."user_permissions AS permissions
LEFT JOIN ".$prefix."session_users AS users
LEFT JOIN ".$prefix."user_users AS users
ON permissions.permission_user_id=users.user_id
LEFT JOIN ".$prefix."session_tags AS tags
LEFT JOIN ".$prefix."user_tags AS tags
ON permissions.permission_tag_id=tags.tag_id
WHERE users.user_id = ?
@ -1033,6 +1066,41 @@ class Users extends Module {
return $users;
}
/**
* Get users by their sessionKey
* @param array $sessionKeys Sessionkeys of the users
* @return array of UDT's
*/
public function getUsersBySessionKeys($sessionKeys = array()) {
if (is_string($sessionKeys)) {
$sessionKeys = array($sessionKeys);
}
$prefix = $this->db->getPrefix();
$query = "SELECT DISTINCT users.user_id
FROM ".$prefix."user_sessions AS sessions
LEFT JOIN ".$prefix."user_users AS users
ON sessions.session_user_id=users.user_id
WHERE sessions.session_hash = ?
";
$stmnt = $this->db->prepare($query);
$ids = array();
foreach ($sessionKeys as $hash) {
$stmnt->execute(array($hash));
$data = $stmnt->fetch(\PDO::FETCH_ASSOC);
if (!empty($data)) {
$ids[] = $data['user_id'];
}
}
// And afterwards retrieve the UDT's by parsing this result
return $this->getUsersByIds($ids);
}
/**
* Get users by Email address
* @access public
@ -1043,15 +1111,29 @@ class Users extends Module {
if (is_string($emails)) {
$emails = array($emails);
}
// First we will retrieve all the ids, and afterwards we will retrieve the user using these ids
$prefix = $this->db->getPrefix();
$query = "SELECT DISTINCT users.user_id
FROM ".$prefix."user_emails AS emails
LEFT JOIN ".$prefix."user_users AS users
ON emails.email_user_id=users.user_id";
$ids = Modules::get('core/database')->prepare($query);
foreach ($emails as $email) {
}
$query = "
SELECT *
FROM ".$prefix."session_permissions AS permissions
FROM ".$prefix."user_permissions AS permissions
LEFT JOIN ".$prefix."session_users AS users
LEFT JOIN ".$prefix."user_users AS users
ON permissions.permission_user_id=users.user_id
LEFT JOIN ".$prefix."session_tags AS tags
LEFT JOIN ".$prefix."user_tags AS tags
ON permissions.permission_tag_id=tags.tag_id
WHERE users.user_email = ?
@ -1082,12 +1164,12 @@ class Users extends Module {
$prefix = $this->db->getPrefix();
$query = "
SELECT *
FROM ".$prefix."session_permissions AS permissions
FROM ".$prefix."user_permissions AS permissions
LEFT JOIN ".$prefix."session_users AS users
LEFT JOIN ".$prefix."user_users AS users
ON permissions.permission_user_id=users.user_id
LEFT JOIN ".$prefix."session_tags AS tags
LEFT JOIN ".$prefix."user_tags AS tags
ON permissions.permission_tag_id=tags.tag_id
WHERE tags.tag_name = ?
@ -1137,7 +1219,7 @@ class Users extends Module {
* @return Mixed Value
*/
public function __get($key) {
return $this->udt[$key];
return $this->udt->$key;
}
}

0
Modules/users/config.sessions.php → Modules/users/config.users.php
View File