andreas/hForumPHP
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

changed files to more updated version

Browse Source
This commit is contained in:
Andreas
2019-09-12 12:02:17 +02:00
parent 53794ac310
commit d50b864082
84 changed files with 1560 additions and 933 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
dev_mvc/controller/ActionHandler.php
View File

@@ -1,16 +0,0 @@
<?php
class ActionHandler
{
static function doAction(){
$action = '';
if(isset($_GET['action'])){
$action = $_GET['action'];
}
if(!$action == ''){
include_once("./model/actions/model_".$action.".php");
}
}
}
?>

12
dev_mvc/controller/AssetHandler.php
View File

@@ -1,12 +0,0 @@
<?php
class AssetHandler{
static function printAsset($image, $doSize=false, $size=128){
if($doSize){
echo '<img src="./view/img/'.$image.'" width='.$size.' height='.$size.' >';
}
else{
echo '<img src="./view/img/'.$image.'>';
}
}
}
?>

286
dev_mvc/controller/Database.php
View File

@@ -1,286 +0,0 @@
<?php
Class Database{
//Maakt verbinding met de database en returnt pdo opbject
static function connectToDB(){
//Defineer vars
$sql_server = "172.21.0.3"; //docker sql container bridge ip
$sql_username = "root";
$sql_password = "jenk";
$sql_database = "webforum";
$dsn = "mysql:host=$sql_server;dbname=$sql_database";
//Maak verbinding
$con = new PDO($dsn, $sql_username, $sql_password);
return $con;
}
//Controleert of het email adres al in de database voorkomt. Returnt true indien wel.
static function checkUsedEmail($email){
//Verbind met de database
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM users where email = :email");
//Bind parameters
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
//Voer de query uit
$query->execute();
//Check de hoeveelheid rijen die de database returnt.
if($query->rowCount() == 0){
//Email adres is niet in gebruik, return false
return false;
}
else{
//Email is al in gebruik of komt meer dan een keer voor. Beide gevallen zijn een probleem dus return true.
return true;
}
}
//Controleert of de gebruikersnaam al in de database voorkomt. Returnt true indien wel.
static function checkUsedUsername($username){
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM users where username = :username");
//Bind parameters
$query->bindParam(':username', $username, PDO::PARAM_STR, 256);
//Voer de query uit
$query->execute();
//Check de hoeveelheid rijen die de database returnt.
if($query->rowCount() == 0){
//Username adres is niet in gebruik, return false
return false;
}
else{
//Username is al in gebruik of komt meer dan een keer voor. Beide gevallen zijn een probleem dus return true.
return true;
}
}
//Registreert een gebruiker. Neemt als invoer email, wachtwoord, gebruikersnaam. en email activation key. Nog niet volledig geimplementeerd
static function registerUser($email, $password, $username){
$ip = $_SERVER['REMOTE_ADDR'];
//Initit db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("INSERT INTO users (username, email, password, reg_ip) VALUES (:username, :email, :password, :ip)");
//Bind parameters
$query->bindParam(':username', $username, PDO::PARAM_STR, 256);
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
$query->bindParam(':ip', $ip, PDO::PARAM_STR, 256);
//Voer query uit
$query->execute();
}
//Check of gegeven login info in de database voorkomt
static function isLoginValid($email, $password){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM users where email = :email AND password = :password");
//Bind params
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 1){
//login correct (komt voor in de db)
return true;
}
else{
//Incorrect
return false;
}
}
//Vraag gebruikers ID op doormiddel van email en pass
static function getUID($email, $password){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT id FROM users where email = :email AND password = :password");
//Bind params
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
return $result;
}
else{
//something went wrong, return -1
return -1;
}
}
static function getUsername($uid){
$con = Database::connectToDB();
$query = $con->prepare("SELECT username FROM users where id = :uid");
$query->bindParam(':uid', $uid, PDO::PARAM_STR, 256);
$query->execute();
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
return $result;
}
else{
//something went wrong, return -1
return "db_user_invalid";
}
}
/***
* ______ __ __ _____ _ _____ _______ _______ __ _______ _____ ____ _ _
* | ____| \/ | /\ |_ _| | /\ / ____|__ __|_ _\ \ / /\|__ __|_ _/ __ \| \ | |
* | |__ | \ / | / \ | | | | / \ | | | | | | \ \ / / \ | | | || | | | \| |
* | __| | |\/| | / /\ \ | | | | / /\ \| | | | | | \ \/ / /\ \ | | | || | | | . ` |
* | |____| | | |/ ____ \ _| |_| |____ / ____ \ |____ | | _| |_ \ / ____ \| | _| || |__| | |\ |
* |______|_| |_/_/ \_\_____|______| /_/ \_\_____| |_| |_____| \/_/ \_\_| |_____\____/|_| \_|
*
*
***/
//Kijk of de user activation key al bestaat in de databse.
static function doesUserActivationKeyExist($activationKey){
$con = Database::connectToDB();
$query = $con->prepare("SELECT * FROM email_activation_keys WHERE activationkey = :activationKey");
$query->bindParam(':activationKey', $activationKey, PDO::PARAM_STR, 256);
$query->execute();
if($query->rowCount() == 0){
//bestaat nog niet
return false;
}
else{
//bestaat al
return true;
}
}
static function registerActivationKey($users_id, $activationKey){
$con = Database::connectToDB();
$query = $con->prepare("INSERT INTO email_activation_keys (users_id, activationkey) VALUES (:users_id, :activationkey)");
$query->bindParam(':users_id', $users_id);
$query->bindParam(':activationkey', $activationKey);
$query->execute();
}
//Activeer gebruiker en verwijder activation key uit de activation key tabel
static function activateUser($activationKey){
$con = Database::connectToDb();
$query = $con->prepare("SELECT users_id FROM email_activation_keys WHERE activationKey = :activationKey");
$query->bindParam('activationKey', $activationKey);
$query->execute();
$result = -1;
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
}
else{
//activation key komt niet voor in de db, return -1
return -1;
}
$id = $result;
$query = null;
$query = $con->prepare("UPDATE users SET active = 1 WHERE id = :id and active = 0");
$query->bindParam(':id',$id,PDO::PARAM_INT);
$query->execute();
}
/***
* _____ ______ _____ _____ _____ ____ _ _ _______ ____ _ ________ _ _ _____
* / ____| ____|/ ____/ ____|_ _/ __ \| \ | | |__ __/ __ \| |/ / ____| \ | |/ ____|
* | (___ | |__ | (___| (___ | || | | | \| | | | | | | | ' /| |__ | \| | (___
* \___ \| __| \___ \\___ \ | || | | | . ` | | | | | | | < | __| | . ` |\___ \
* ____) | |____ ____) |___) |_| || |__| | |\ | | | | |__| | . \| |____| |\ |____) |
* |_____/|______|_____/_____/|_____\____/|_| \_| |_| \____/|_|\_\______|_| \_|_____/
*
***/
static function isSessionTokenInUse($token){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM usersessions where token = :token");
//Bind params
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 0){
return false;
}
else{
return true;
}
}
static function registerNewSession($uid, $token, $expires){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("INSERT INTO usersessions (uid, token, expires) VALUES (:uid, :token, :expires)");
//Bind params
$query->bindParam(':uid', $uid, PDO::PARAM_INT);
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
$query->bindParam(':expires', $expires, PDO::PARAM_STR);
//Voer query it
$query->execute();
}
static function isSessionValid($token, $uid){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM usersessions where token = :token AND uid = :uid AND expires > NOW()");
//Bind params
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
$query->bindParam(':uid', $uid, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 1){
return true;
}
else{
return false;
}
}
static function invalidateSession($token){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("DELETE FROM usersessions WHERE token = :token");
//Bind params
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
}
static function invalidateSessionByUID($uid){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("DELETE FROM usersessions WHERE uid = :uid");
//Bind params
$query->bindParam(':token', $uid, PDO::PARAM_INT);
//Voer query it
$query->execute();
}
static function deleteExpiredSessions(){
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("DELETE FROM usersessions WHERE expires < NOW()");
$query->execute();
}
static function getSessionExpiryDate($token){
$con = Database::connectToDB();
$query = $con->prepare("SELECT expires FROM usersessions where token = :token");
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
$query->execute();
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
return $result;
}
else{
//something went wrong, return an invalid date.
return "2000-01-01 00:00:00";
}
}
}
?>

17
dev_mvc/controller/HUtils.php
View File

@@ -1,7 +1,5 @@
<?php
Class HUtils{
const FETCHGET = 0;
const FETCHPOST = 1;
static function issetPost($arr_postvars){
for ($i=0; $i <sizeof($arr_postvars) ; $i++)
{
@@ -23,21 +21,6 @@ Class HUtils{
static function sqlDateToPhpDate($date){
return new DateTime($date);
}
static function getPage($fetchmethod){
$p = "";
if($fetchmethod == HUtils::FETCHGET){
if(isset($_GET['p'])){
$p = $_GET['p'];
}
}
else if($fetchmethod == HUtils::FETCHPOST){
if(isset($_POST['p']))
{
$p = $_POST['p'];
}
}
return $p;
}
static function getSiteTitle(){
return "hPHPForum";
}

90
dev_mvc/controller/MVCController.php Normal file
View File

@@ -0,0 +1,90 @@
<?php
class MVCController{
private $model;
private $viewmodel;
private $view;
private $viewOverridden = false;
private $timesOverridden = 0;
private static $mvcController;
public static $viewData = [];
function MVCController(){
self::$mvcController = $this;
//prepare current view and view model
if(isset($_GET['p']) && $_GET['p'] != ''){
$this->view = "./view/webcontent/content_".$_GET['p'].".php";
$this->viewmodel = "./viewmodel/viewmodel_".$_GET['p'].".php";
}
else{
$this->view = "./view/webcontent/content_home.php";
$this->viewmodel = "./viewmodel/viewmodel_home.php";
}
//prepare current action model
if(isset($_POST['action'])){
$this->model = "./model/actions/model_".$_POST['action'].".php";
}
else if(isset($_GET['action'])){
$this->model = "./model/actions/model_".$_GET['action'].".php";
}
else{
$this->model = "./model/actions/model_empty.php";
}
}
static function getMVCController():MVCController
{
return self::$mvcController;
}
function overrideView($view_target):void
{
$this->view = "./view/webcontent/content_".$view_target.".php";
$this->viewmodel = "./viewmodel/viewmodel_".$view_target.".php";
$this->viewOverridden = true;
}
function executeAction():void
{
//check if action model is valid
if(file_exists($this->model)){
//execute action model
include_once($this->model);
}
//model doesn't exist and will not be called
else{
//debug message
echo("caught call on non-existant model file.");
}
}
function executeViewmodel():void
{
if(file_exists($this->viewmodel))
{
include_once($this->viewmodel);
}
}
function executeModel():void
{
$this->executeAction();
//check if the view was overridden by action.
if($this->viewOverridden){
//don't need to run the viewmodel twice if it was overridden by action
$this->viewOverridden = false;
}
//run viewmodel
$this->executeViewmodel();
//run viewmodel again if overridden by viewmodel
if($this->viewOverridden)
{
$this->executeViewmodel();
}
}
function loadView(){
if(file_exists($this->view)){
include_once($this->view);
}
else{
include_once("./view/webcontent/content_404.php");
echo("view: ".$this->view." not found.");
}
}
}
?>

238
dev_mvc/controller/UserSession.php
View File

@@ -1,121 +1,125 @@
<?php
require_once('./controller/db/Database.php');
Class UserSession{
public $uid = -1;
public $token = "undefined";
public $expires;
public function UserSession($uid, $token = "undefined"){
$this->uid = $uid;
$this->token = $token;
$this->setExpiry();
//echo($loginSessionToken);
$_SESSION['usersession'] = $this;
setcookie('usersession', $this->token);
setcookie('uid', $this->uid);
}
public function setSessionToken($token){
$this->token = $token;
}
public function getSessionToken(){
return $this->token;
}
public function getFormattedExpiry(){
return $this->expires->format('Y-m-d H:i:s');
}
public function setExpiry(){
$this->expires = new DateTime();
$this->expires->modify("+ 1 hour");
}
public static function generateToken(){
$chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$token = "";
for ($i=0; $i < 32 ; $i++) {
$token .= $chars[rand(0, strlen($chars) - 1)];
}
return $token;
}
public static function isSessionValid(){
if(isset($_SESSION['usersession'])){
if(!Database::isSessionValid($_SESSION['usersession']->token, $_SESSION['usersession']->uid)){
return false;
}
if(!UserSession::isSessionExpired($_SESSION['usersession'])){
//check if session also exists in database
return true;
}
}
else{
if(isset($_COOKIE['usersession'])){
$token = $_COOKIE['usersession'];
$uid = $_COOKIE['uid'];
if(Database::isSessionValid($token,$uid)){
$session = new UserSession($uid, $token);
$session->expires = new DateTime(Database::getSessionExpiryDate($token));
}
else{
return false;
}
if(!UserSession::isSessionExpired($session)){
return true;
}
}
return false;
}
}
public static function getSession()
{
return $_SESSION['usersession'];
}
public static function isSessionExpired($session){
//session is expired
if(new DateTime() > $session->expires){
return true;
}
//session is not expired
else{
return false;
}
}
public static function isUserSignedIn(){
/*
if(UserSession::isSessionValid()){
if(!UserSession::isSessionExpired(UserSession::getSession())){
if(Database::isSessionValid(UserSession::getSession()->token, UserSession::getSession()->uid)){
return true;
}
}
else{
return false;
}
}
else{
return false;
}
*/
//session exists, no need to do anything
if(isset($_SESSION['usersession'])){
return true;
}
else{
if(isset($_COOKIE['usersession'])){
//check if the session exists in the database
if(Database::isSessionTokenInUse($_COOKIE['usersession'])){
//check if database expiration datetime is still valid
$expirationDateTime = Database::getSessionExpiryDate($_COOKIE['usersession']);
if(new DateTime($expirationDateTime) >= new DateTime()){
//user is signed in. Restore session
$userSession = new UserSession($_COOKIE['uid'], $_COOKIE['usersession']);
return true;
}
else{
//remove session from the database
Database::invalidateSession($_COOKIE['usersession']);
}
}
}
}
//session either doesn't exist, doesn't exist in cookie, doesn't exist in database, or is expired in the database.
return false;
}
public $uid = -1;
public $token = "undefined";
public $expires;
public static $session;
public function UserSession($uid, $token = "undefined"){
$this->uid = $uid;
$this->token = $token;
$this->setExpiry();
//echo($loginSessionToken);
$_SESSION['usersession'] = $this;
setcookie('usersession', $this->token);
setcookie('uid', $this->uid);
}
public function setSessionToken($token){
$this->token = $token;
}
public function getSessionToken(){
return $this->token;
}
public function getFormattedExpiry(){
return $this->expires->format('Y-m-d H:i:s');
}
public function setExpiry(){
$this->expires = new DateTime();
$this->expires->modify("+ 1 hour");
}
public static function generateToken(){
$chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$token = "";
for ($i=0; $i < 32 ; $i++) {
$token .= $chars[rand(0, strlen($chars) - 1)];
}
return $token;
}
public static function isSessionValid(){
if(isset($_SESSION['usersession'])){
if(!Database::isSessionValid($_SESSION['usersession']->token, $_SESSION['usersession']->uid)){
return false;
}
if(!UserSession::isSessionExpired($_SESSION['usersession'])){
//check if session also exists in database
return true;
}
}
else{
if(isset($_COOKIE['usersession'])){
$token = $_COOKIE['usersession'];
$uid = $_COOKIE['uid'];
if(Database::isSessionValid($token,$uid)){
$session = new UserSession($uid, $token);
$session->expires = new DateTime(Database::getSessionExpiryDate($token));
}
else{
return false;
}
if(!UserSession::isSessionExpired($session)){
return true;
}
}
return false;
}
}
public static function getSession()
{
if(isset($_SESSION['usersession'])){
return $_SESSION['usersession'];
}
}
public static function isSessionExpired($session){
//session is expired
if(new DateTime() > $session->expires){
return true;
}
//session is not expired
else{
return false;
}
}
public static function isUserSignedIn(){
/*
if(UserSession::isSessionValid()){
if(!UserSession::isSessionExpired(UserSession::getSession())){
if(Database::isSessionValid(UserSession::getSession()->token, UserSession::getSession()->uid)){
return true;
}
}
else{
return false;
}
}
else{
return false;
}
*/
//session exists, no need to do anything
if(isset($_SESSION['usersession'])){
return true;
}
else{
if(isset($_COOKIE['usersession'])){
//check if the session exists in the database
if(Database::isSessionTokenInUse($_COOKIE['usersession'])){
//check if database expiration datetime is still valid
$expirationDateTime = Database::getSessionExpiryDate($_COOKIE['usersession']);
if(new DateTime($expirationDateTime) >= new DateTime()){
//user is signed in. Restore session
$userSession = new UserSession($_COOKIE['uid'], $_COOKIE['usersession']);
return true;
}
else{
//remove session from the database
Database::invalidateSession($_COOKIE['usersession']);
}
}
}
}
//session either doesn't exist, doesn't exist in cookie, doesn't exist in database, or is expired in the database.
return false;
}
}
?>

38
dev_mvc/controller/data/Reply.php
View File

@@ -1,38 +0,0 @@
<?php
class Reply{
public $id;
public $user;
public $thread;
public $text;
function Reply($id, $user, $thread, $text){
$this->id = $id;
$this->user = $user;
$this->thread = $thread;
$this->text = $text;
}
public function getId(){
return $this->id;
}
public function setId($id){
$this->id = $id;
}
public function getUser(){
return $this->user;
}
public function setUser($user){
$this->user = $user;
}
public function getThread(){
return $this->thread;
}
public function setThread($thread){
$this->thread = $thread;
}
public function getText(){
return $this->text;
}
public function setText($text){
$this->text = $text;
}
}
?>

17
dev_mvc/controller/data/Thread.php
View File

@@ -1,17 +0,0 @@
<?php
class Thread{
static $threadArray = [];
public $id;
public $titel;
public $text;
public $user;
public $board;
public function Thread($id, $titel, $text, $user){
$this->id = $id;
$this->titel = $titel;
$this->text = $text;
$this->user = $user;
array_push(Thread::$threadArray, $this);
}
}
?>

33
dev_mvc/controller/data/User.php
View File

@@ -1,33 +0,0 @@
<?php
class User{
static $userArray = [];
public $id;
public $username;
public $email;
public function User($id, $username, $email, $password){
$this->id = $id;
$this->username = $username;
$this->email = $email;
$this->password = $password;
array_push(User::$userArray, $this);
}
public function getId(){
return $this->id;
}
public function setId($id){
$this->id = $id;
}
public function getUsername(){
return $this->username;
}
public function setUsername($username){
$this->username = $username;
}
public function getEmail(){
return $this->email;
}
public function setEmail($email){
$this->email = $email;
}
}
?>

12
dev_mvc/controller/db/DBBoard.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
require_once './controller/db/Database.php';
class DBBoard extends Database{
static function getBoards():array
{
$con = self::connectToDB();
$query = $con->prepare("SELECT * FROM board");
$query->execute();
return $query->fetchAll(PDO::FETCH_BOTH);
}
}

39
dev_mvc/controller/db/DBReply.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
require_once './controller/db/Database.php';
class DBReply extends Database{
static function createReply($uid, $threadID, $content){
$con = self::connectToDB();
$query = $con->prepare("INSERT INTO reply (thread_ID, users_ID, content) VALUES (:tid, :uid, :content);");
$query->bindParam(":uid", $uid);
$query->bindParam(":tid", $threadID);
$query->bindParam(":content", $content);
echo "$uid, $threadID, $content";
$query->execute();
}
static function getReplyByID($id):array
{
$con = self::connectToDB();
$query = $con->prepare("SELECT * FROM reply WHERE id = :id");
$query->bindParam(":id", $id);
$query->execute();
return $query->fetch(PDO::FETCH_BOTH);
}
static function getRepliesByThreadID($tid):array
{
$con = self::connectToDB();
$query = $con->prepare("SELECT * FROM reply WHERE thread_ID = :tid");
$query->bindParam(":tid", $tid);
$query->execute();
return $query->fetchAll(PDO::FETCH_BOTH);
}
static function getLastReplyByThreadID():array
{
$con = self::connectToDB();
$query = $con->prepare("SELECT * FROM reply WHERE thread_ID = :tid ORDER BY date_created DESC LIMIT 1");
$query->bindParam(":tid", $tid);
$query->execute();
return $query->fetch(PDO::FETCH_BOTH);
}
}

37
dev_mvc/controller/db/DBThread.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
require_once './model/forum/Thread.php';
class DBThread extends Database {
static function getThreadByID($id){
$con = self::connectToDB();
$query = $con->prepare("SELECT * FROM thread WHERE ID = :id");
$query->bindParam(":id", $id);
$query->execute();
return $query->fetch(PDO::FETCH_BOTH);
}
static function getThreadsByBoard($boardID){
$con = self::connectToDB();
$query = $con->prepare("SELECT * FROM thread WHERE board_ID = :boardID");
$query->bindParam(":boardID", $boardID);
$query->execute();
return $query->fetchAll(PDO::FETCH_BOTH);
}
static function createThread($threadObject){
$con = self::connectToDB();
$query = $con->prepare( "INSERT INTO thread" .
"(users_ID, board_ID, title, text)" .
"VALUES (:uid, :bid, :title, :content);");
$uid = $threadObject->getUserID();
$bid = $threadObject->getBoardID();
$title = $threadObject->getTitle();
$content = $threadObject->getContent();
$query->bindParam(":uid", $uid);
$query->bindParam(":bid", $bid);
$query->bindParam(":title", $title);
$query->bindParam(":content", $content);
$query->execute();
}
}

134
dev_mvc/controller/db/DBUser.php Normal file
View File

@@ -0,0 +1,134 @@
<?php
class DBUser extends Database
{
static function isUserActive($uid){
$user = self::getUserByUID($uid);
if($user['active']){
return true;
}
else{
return false;
}
}
static function getUserByUID($uid){
$con = self::connectToDB();
$query = $con->prepare("SELECT * FROM users WHERE ID = :uid");
$query->bindParam(":uid", $uid);
$query->execute();
return $query->fetch(PDO::FETCH_BOTH);
}
//Controleert of het email adres al in de database voorkomt. Returnt true indien wel.
static function checkUsedEmail($email){
//Verbind met de database
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM users where email = :email");
//Bind parameters
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
//Voer de query uit
$query->execute();
//Check de hoeveelheid rijen die de database returnt.
if($query->rowCount() == 0){
//Email adres is niet in gebruik, return false
return false;
}
else{
//Email is al in gebruik of komt meer dan een keer voor. Beide gevallen zijn een probleem dus return true.
return true;
}
}
//Controleert of de gebruikersnaam al in de database voorkomt. Returnt true indien wel.
static function checkUsedUsername($username){
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM users where username = :username");
//Bind parameters
$query->bindParam(':username', $username, PDO::PARAM_STR, 256);
//Voer de query uit
$query->execute();
//Check de hoeveelheid rijen die de database returnt.
if($query->rowCount() == 0){
//Username adres is niet in gebruik, return false
return false;
}
else{
//Username is al in gebruik of komt meer dan een keer voor. Beide gevallen zijn een probleem dus return true.
return true;
}
}
//Registreert een gebruiker. Neemt als invoer email, wachtwoord, gebruikersnaam. en email activation key. Nog niet volledig geimplementeerd
static function registerUser($email, $password, $username){
$ip = $_SERVER['REMOTE_ADDR'];
//Initit db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("INSERT INTO users (username, email, password, reg_ip) VALUES (:username, :email, :password, :ip)");
//Bind parameters
$query->bindParam(':username', $username, PDO::PARAM_STR, 256);
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
$query->bindParam(':ip', $ip, PDO::PARAM_STR, 256);
//Voer query uit
$query->execute();
}
//Check of gegeven login info in de database voorkomt
static function isLoginValid($email, $password){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM users where email = :email AND password = :password");
//Bind params
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 1){
//login correct (komt voor in de db)
return true;
}
else{
//Incorrect
return false;
}
}
//Vraag gebruikers ID op doormiddel van email en pass
static function getUID($email, $password){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT id FROM users where email = :email AND password = :password");
//Bind params
$query->bindParam(':email', $email, PDO::PARAM_STR, 256);
$query->bindParam(':password', $password, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
return $result;
}
else{
//something went wrong, return -1
return -1;
}
}
static function getUsername($uid){
$con = Database::connectToDB();
$query = $con->prepare("SELECT username FROM users where id = :uid");
$query->bindParam(':uid', $uid, PDO::PARAM_STR, 256);
$query->execute();
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
return $result;
}
else{
//something went wrong, return -1
return "db_user_invalid";
}
}
}

172
dev_mvc/controller/db/Database.php Normal file
View File

@@ -0,0 +1,172 @@
<?php
Class Database{
static function connectToDB(){
//Defineer vars
$sql_server = "localhost";
$sql_username = "root";
$sql_password = "kankerlow";
$sql_database = "webforum";
$dsn = "mysql:host=$sql_server;dbname=$sql_database";
//Maak verbinding
$con = new PDO($dsn, $sql_username, $sql_password);
return $con;
}
/***
* ______ __ __ _____ _ _____ _______ _______ __ _______ _____ ____ _ _
* | ____| \/ | /\ |_ _| | /\ / ____|__ __|_ _\ \ / /\|__ __|_ _/ __ \| \ | |
* | |__ | \ / | / \ | | | | / \ | | | | | | \ \ / / \ | | | || | | | \| |
* | __| | |\/| | / /\ \ | | | | / /\ \| | | | | | \ \/ / /\ \ | | | || | | | . ` |
* | |____| | | |/ ____ \ _| |_| |____ / ____ \ |____ | | _| |_ \ / ____ \| | _| || |__| | |\ |
* |______|_| |_/_/ \_\_____|______| /_/ \_\_____| |_| |_____| \/_/ \_\_| |_____\____/|_| \_|
*
*
***/
//Kijk of de user activation key al bestaat in de databse.
static function doesUserActivationKeyExist($activationKey){
$con = Database::connectToDB();
$query = $con->prepare("SELECT * FROM email_activation_keys WHERE activationkey = :activationKey");
$query->bindParam(':activationKey', $activationKey, PDO::PARAM_STR, 256);
$query->execute();
if($query->rowCount() == 0){
//bestaat nog niet
return false;
}
else{
//bestaat al
return true;
}
}
static function registerActivationKey($users_id, $activationKey){
$con = Database::connectToDB();
$query = $con->prepare("INSERT INTO email_activation_keys (users_id, activationkey) VALUES (:users_id, :activationkey)");
$query->bindParam(':users_id', $users_id);
$query->bindParam(':activationkey', $activationKey);
$query->execute();
}
//Activeer gebruiker en verwijder activation key uit de activation key tabel
static function activateUser($activationKey){
$con = Database::connectToDb();
$query = $con->prepare("SELECT users_id FROM email_activation_keys WHERE activationKey = :activationKey");
$query->bindParam('activationKey', $activationKey);
$query->execute();
$result = -1;
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
}
else{
//activation key komt niet voor in de db, return -1
return -1;
}
$id = $result;
$query = null;
$query = $con->prepare("UPDATE users SET active = 1 WHERE id = :id and active = 0");
$query->bindParam(':id',$id,PDO::PARAM_INT);
$query->execute();
}
/***
* _____ ______ _____ _____ _____ ____ _ _ _______ ____ _ ________ _ _ _____
* / ____| ____|/ ____/ ____|_ _/ __ \| \ | | |__ __/ __ \| |/ / ____| \ | |/ ____|
* | (___ | |__ | (___| (___ | || | | | \| | | | | | | | ' /| |__ | \| | (___
* \___ \| __| \___ \\___ \ | || | | | . ` | | | | | | | < | __| | . ` |\___ \
* ____) | |____ ____) |___) |_| || |__| | |\ | | | | |__| | . \| |____| |\ |____) |
* |_____/|______|_____/_____/|_____\____/|_| \_| |_| \____/|_|\_\______|_| \_|_____/
*
***/
static function isSessionTokenInUse($token){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM usersessions where token = :token");
//Bind params
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 0){
return false;
}
else{
return true;
}
}
static function registerNewSession($uid, $token, $expires){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("INSERT INTO usersessions (uid, token, expires) VALUES (:uid, :token, :expires)");
//Bind params
$query->bindParam(':uid', $uid, PDO::PARAM_INT);
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
$query->bindParam(':expires', $expires, PDO::PARAM_STR);
//Voer query it
$query->execute();
}
static function isSessionValid($token, $uid){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("SELECT * FROM usersessions where token = :token AND uid = :uid AND expires > NOW()");
//Bind params
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
$query->bindParam(':uid', $uid, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
//Check hoeveelheid teruggestuurde rijen
if($query->rowCount() == 1){
return true;
}
else{
return false;
}
}
static function invalidateSession($token){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("DELETE FROM usersessions WHERE token = :token");
//Bind params
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
//Voer query it
$query->execute();
}
static function invalidateSessionByUID($uid){
//Init db connection
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("DELETE FROM usersessions WHERE uid = :uid");
//Bind params
$query->bindParam(':token', $uid, PDO::PARAM_INT);
//Voer query it
$query->execute();
}
static function deleteExpiredSessions(){
$con = Database::connectToDB();
//Bereid query voor
$query = $con->prepare("DELETE FROM usersessions WHERE expires < NOW()");
$query->execute();
}
static function getSessionExpiryDate($token){
$con = Database::connectToDB();
$query = $con->prepare("SELECT expires FROM usersessions where token = :token");
$query->bindParam(':token', $token, PDO::PARAM_STR, 256);
$query->execute();
if($query->rowCount() == 1){
//login correct, return uid
$result = $query->fetch(PDO::FETCH_COLUMN);
return $result;
}
else{
//something went wrong, return an invalid date.
return "2000-01-01 00:00:00";
}
}
}