andreas/hForumPHP
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

legacy dev map verwijdert

Browse Source
This commit is contained in:
Hion-V 2019-05-24 21:21:00 +02:00
parent cab9405885
commit 09e9e616ec
21 changed files with 0 additions and 577 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
dev/app/HUtils.php
View File

@ -1,26 +0,0 @@
<?php
Class HUtils{
static function issetPost($arr_postvars){
for ($i=0; $i <sizeof($arr_postvars) ; $i++)
{
if(!isset($_POST[$arr_postvars[$i]])){
return false;
}
}
return true;
}
static function issetSession($arr_sessionvars)
{
for ($i=0; $i <sizeof($arr_sessionvars) ; $i++) {
if(!isset($_POST[$arr_sessionvars[$i]])){
return false;
}
}
return true;
}
static function sqlDateToPhpDate($date){
return new DateTime($date);
}
}
?>

17
dev/app/assets/AssetHandler.php
View File

@ -1,17 +0,0 @@
<?php
class AssetHandler{
static function printAsset($image, $doSize=false, $size=128){
if($doSize){
echo '<img src="./img/'.$image.'" width='.$size.' height='.$size.' >';
}
else{
echo '<img src="./img/'.$image.'>';
}
}
}
?>

218
dev/app/db/Database.php
View File

@ -1,218 +0,0 @@
<?php
Class Database{
static function connectToDB(){
//Defineer vars
$sql_server = "localhost";
$sql_username = "root";
$sql_password = "kankerlow";
$sql_database = "webforum";
$dsn = "mysql:host=$sql_server;dbname=$sql_database";
//Maak verbinding
$con = new PDO($dsn, $sql_username, $sql_password);
return $con;
}
//Controleert of het email adres al in de database voorkomt. Returnt true indien wel.
static function checkUsedEmail($email){
//Verbind met de database
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM users where email = :email");
//Bind parameters
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
//Voer de query uit
$query->execute();
//Check de hoeveelheid rijen die de database returnt.
if($query->rowCount() == 0){
//Email adres is niet in gebruik, return false
return false;
}
else{
//Email is al in gebruik of komt meer dan een keer voor. Beide gevallen zijn een probleem dus return true.
return true;
}
}
//Controleert of de gebruikersnaam al in de database voorkomt. Returnt true indien wel.
static function checkUsedUsername($username){
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM users where username = :username");
//Bind parameters
$query->bindParam(':username', $username, PDO::PARAM_STR, 256);
//Voer de query uit
$query->execute();
//Check de hoeveelheid rijen die de database returnt.
if($query->rowCount() == 0){
//Username adres is niet in gebruik, return false
return false;
}
else{
//Username is al in gebruik of komt meer dan een keer voor. Beide gevallen zijn een probleem dus return true.
return true;
}
}
//Registreert een gebruiker. Neemt als invoer email, wachtwoord, gebruikersnaam.
static function registerUser($email, $password, $username){
$ip = $_SERVER['REMOTE_ADDR'];
//Initit db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("INSERT INTO users (username, email, password, reg_ip) VALUES (:username, :email, :password, :ip)");
//Bind parameters
$query->bindParam(':username', $username, PDO::PARAM_STR, 256);
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
$query->bindParam(':ip', $ip, PDO::PARAM_STR, 256);
//Voer query uit
$query->execute();
}
//Check of gegeven login info in de database voorkomt
static function isLoginValid($email, $password){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM users where email = :email AND password = :password");
//Bind params
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 1){
//login correct (komt voor in de db)
return true;
}
else{
//Incorrect
return false;
}
}
//Vraag gebruikers ID op doormiddel van email en pass
static function getUID($email, $password){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT id FROM users where email = :email AND password = :password");
//Bind params
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
return $result;
}
else{
//something went wrong, return -1
return -1;
}
}
static function getUsername($uid){
$con = Database::connectToDB();
$query = $con->prepare("SELECT username FROM users where id = :uid");
$query->bindParam(':uid', $uid, PDO::PARAM_STR, 256);
$query->execute();
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
return $result;
}
else{
//something went wrong, return -1
return "dbfetcherror";
}
}
static function isSessionTokenInUse($token){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM usersessions where token = :token");
//Bind params
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 0){
return false;
}
else{
return true;
}
}
static function registerNewSession($uid, $token, $expires){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("INSERT INTO usersessions (uid, token, expires) VALUES (:uid, :token, :expires)");
//Bind params
$query->bindParam(':uid', $uid, PDO::PARAM_INT);
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
$query->bindParam(':expires', $expires, PDO::PARAM_STR);
//Voer query it
$query->execute();
}
static function isSessionValid($token, $uid){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM usersessions where token = :token AND uid = :uid AND expires > NOW()");
//Bind params
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
$query->bindParam(':uid', $uid, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 1){
return true;
}
else{
return false;
}
}
static function invalidateSession($token){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("DELETE FROM usersessions WHERE token = :token");
//Bind params
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
}
static function invalidateSessionByUID($uid){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("DELETE FROM usersessions WHERE uid = :uid");
//Bind params
$query->bindParam(':token', $uid, PDO::PARAM_INT);
//Voer query it
$query->execute();
}
static function deleteExpiredSessions(){
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("DELETE FROM usersessions WHERE expires < NOW()");
$query->execute();
}
static function getSessionExpiryDate($token){
$con = Database::connectToDB();
$query = $con->prepare("SELECT expires FROM usersessions where token = :token");
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
$query->execute();
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
return $result;
}
else{
//something went wrong, return -1
return "2000-01-01 00:00:00";
}
}
static function createThread(){
}
}
?>

92
dev/app/login/UserSession.php
View File

@ -1,92 +0,0 @@
<?php
Class UserSession{
public $username = "undefined";
public $uid = -1;
public $token = "undefined";
public $expires;
public function UserSession($username, $uid, $token = "undefined"){
$this->username = $username;
$this->uid = $uid;
$this->token = $token;
$this->setExpiry();
//echo($username."<br>");
//echo($loginSessionToken);
$_SESSION['usersession'] = $this;
setcookie('usersession', $this->token);
setcookie('uid', $this->uid);
}
public function setSessionToken($token){
$this->token = $token;
}
public function getSessionToken(){
return $this->token;
}
public function getFormattedExpiry(){
return $this->expires->format('Y-m-d H:i:s');
}
public function setExpiry(){
$this->expires = new DateTime();
$this->expires->modify("+ 1 hour");
}
public static function generateToken(){
$chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$token = "";
for ($i=0; $i < 32 ; $i++) {
$token .= $chars[rand(0, strlen($chars) - 1)];
}
return $token;
}
public static function isSessionValid(){
if(isset($_SESSION['usersession'])){
if(!UserSession::isSessionExpired($_SESSION['usersession'])){
//check if session also exists in database
return true;
}
}
else{
if(isset($_COOKIE['usersession'])){
$token = $_COOKIE['usersession'];
$uid = $_COOKIE['uid'];
if(Database::isSessionValid($token,$uid)){
$username = Database::getUsername($uid);
$session = new UserSession($username, $uid, $token);
$session->expires = new DateTime(Database::getSessionExpiryDate($token));
}
else{
return false;
}
if(!UserSession::isSessionExpired($session)){
return true;
}
}
return false;
}
}
public static function getSession()
{
return $_SESSION['usersession'];
}
public static function isSessionExpired($session){
//session is expired
if(new DateTime() > $session->expires){
return true;
}
//session is not expired
else{
return false;
}
}
public static function isUserSignedIn(){
if(UserSession::isSessionValid()){
if(!UserSession::isSessionExpired(UserSession::getSession())){
if(Database::isSessionValid(UserSession::getSession()->token, UserSession::getSession()->uid)){
return true;
}
}
else{
return false;
}
}
}
}
?>

46
dev/app/login/attempt_login.php
View File

@ -1,46 +0,0 @@
<?php
$debuginfo = false;
include_once("./app/login/UserSession.php");
include_once("./app/db/Database.php");
include_once("./app/HUtils.php");
if(!UserSession::isSessionValid()){
if(HUtils::issetPost(['email','password'])){
if(Database::isLoginValid($_POST['email'], $_POST['password'])){
//obtain UID
$uid = Database::getUID($_POST['email'], $_POST['password']);
if($uid != -1){
//obtain username
$username = Database::getUsername($uid);
//gen unique session token
$token = UserSession::generateToken();
//regen if already in use
while(Database::isSessionTokenInUse($token)){
$token = UserSession::generateToken();
}
$a = new UserSession($username, $uid, $token);
if($debuginfo){
echo $a->getSessionToken();
echo "<br>";
echo $a->uid;
echo "<br>";
echo $a->username;
}
//clean up expired sessions from ANY users
Database::deleteExpiredSessions();
Database::registerNewSession($a->uid, $a->token, $a->getFormattedExpiry());
//logged in, time to continue with other stuff
}
else{
echo "uid returned -1 from db interface";
}
}
else{
echo("login invalid");
}
}
}
else{
//we're done, don't even need to log in, session already active
//echo($_SESSION['usersession']->uid);
}
?>

12
dev/app/login/attempt_logout.php
View File

@ -1,12 +0,0 @@
<?php
include_once("UserSession.php");
if(UserSession::isSessionValid()){
Database::invalidateSession(UserSession::getSession()->token);
session_destroy();
}
?>

3
dev/app/login/destroy.php
View File

@ -1,3 +0,0 @@
<?php
session_destroy();
?>

6
dev/app/pagecontent/content_createthread.php
View File

@ -1,6 +0,0 @@
<?php
?>

7
dev/app/pagecontent/content_header.php
View File

@ -1,7 +0,0 @@
<?php
include_once("./app/assets/AssetHandler.php");
AssetHandler::printAsset("logo.png", true, 128);
?>
<nav>
<a href="?p=login">log in</a> <a href="?p=register">register</a> <a href="?p=">home</a>
</nav>

6
dev/app/pagecontent/content_header_signedin.php
View File

@ -1,6 +0,0 @@
<?php
include("./app/assets/logo.php");
?>
<nav>
<a href="?p=attempt_logout">log out</a> <a href="?p=">home</a> <a href="?p=destroy">simulate browser session expiry</a>
</nav>

3
dev/app/pagecontent/content_index.php
View File

@ -1,3 +0,0 @@
<article>
<h1>Welkom op hForumPHP. Log in of registreer om iets te doen.</h1>
</article>

57
dev/app/pagecontent/content_page.php
View File

@ -1,57 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>
<?=$sSiteTitle?>
</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" media="screen" href="css/main.css" />
</head>
<body>
<header>
<?php
if(UserSession::isUserSignedIn()){
include("./app/pagecontent/content_header_signedin.php");
}else{
include("./app/pagecontent/content_header.php");
}
?>
</header>
<main>
<?php
//Laad juiste pagina content
switch($p){
case '':
include("./app/pagecontent/content_index.php");
break;
case 'register':
include("./app/pagecontent/login/content_register.php");
break;
case 'login':
include("./app/pagecontent/login/content_login.php");
break;
case 'attempt_reg':
include("We signed you up (probably)");
break;
case 'attempt_login':
if(UserSession::isUserSignedIn()){
include("./app/pagecontent/login/content_login_succesful.php");
}else{
include("./app/pagecontent/login/content_login_unsuccesful.php");
}
break;
case 'attempt_logout':
break;
case 'destroy':
include("./app/pagecontent/login/content_destroy.php");
break;
default:
echo "404";
break;
}
?>
</main>
</body>
</html>

3
dev/app/pagecontent/login/content_destroy.php
View File

@ -1,3 +0,0 @@
<article>
<h1>You're still signed in thanks to our cookies!</h1>
</article>

10
dev/app/pagecontent/login/content_login.php
View File

@ -1,10 +0,0 @@
<article>
<form action="?p=attempt_login" method="post">
E-mail: <input type="text" name="email"><br>
Password: <input type="password" name="password"><br>
<input type="submit">
</form>
</article>
<?php
?>

8
dev/app/pagecontent/login/content_login_succesful.php
View File

@ -1,8 +0,0 @@
<article>
<h1>Login succesful :DDDDDDDD</h1>
</article>
<?php
//print_r($_COOKIE['usersession']);
?>

3
dev/app/pagecontent/login/content_login_unsuccesful.php
View File

@ -1,3 +0,0 @@
<article>
<h1>UNEXPECTED LOGIN ERROR. OUR CODEMONKEYS DID SOMETHING VERY WRONG :(</h1>
</article>

9
dev/app/pagecontent/login/content_register.php
View File

@ -1,9 +0,0 @@
<article>
<form action="attempt_register.php" method="post">
Username: <input type="text" name="name"><br>
E-mail: <input type="text" name="email"><br>
Password: <input type="password" name="pass"><br>
Verify Password: <input type="password" name="pass2"><br>
<input type="submit">
</form>
</article>

19
dev/app/registration/attempt_register.php
View File

@ -1,19 +0,0 @@
<?php
//Include classes
include_once("./app/db/Database.php");
include_once("./app/HUtils.php");
if(HUtils::issetPost(['email', 'pass', 'name'])){
if($_POST['pass'] == $_POST['pass2']){
//Check of email aanwezig is in de database
if(!Database::checkUsedEmail($_POST['email']) && !Database::checkUsedUsername($_POST['name'])){
Database::registerUser($_POST['email'], $_POST['pass'], $_POST['name']);
}
}
else{
echo("REGISTRATION FAILED: PASSWORD VERIFICATION MISSMATCH");
}
}
else{
echo "POST UNSUCCESFUL: POST DATA INCOMPLETE OR NOT FOUND";
}
?>

0
dev/css/main.css
View File

BIN
dev/img/logo.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 57 KiB

32
dev/index.php
View File

@ -1,32 +0,0 @@
<?php
//include class lib.
include_once("./app/db/Database.php");
include_once("./app/login/UserSession.php");
include_once("./app/HUtils.php");
session_start();
//initialiseer standaard variabelen
$p="";
//check of pagina gespecificeerd is in de
if(isset($_GET['p'])){
$p = $_GET['p'];
}
//Doe server-side operaties die afgerond moeten worden voordat de pagina is geladen.
switch($p){
case 'destroy':
include("./app/login/destroy.php");
break;
case 'attempt_login':
include("./app/login/attempt_login.php");
break;
case 'attempt_logout':
include("./app/login/attempt_logout.php");
break;
case 'attempt_reg':
include("./app/registration/attempt_register.php");
break;
default:
break;
}
//laad de pagina
include("./app/pagecontent/content_page.php");
?>