diff options
Diffstat (limited to 'bootstrap/class')
| -rw-r--r-- | bootstrap/class/cache.php | 69 | ||||
| -rw-r--r-- | bootstrap/class/mysql.php | 153 | ||||
| -rw-r--r-- | bootstrap/class/user.php | 153 |
3 files changed, 0 insertions, 375 deletions
diff --git a/bootstrap/class/cache.php b/bootstrap/class/cache.php deleted file mode 100644 index 8005484..0000000 --- a/bootstrap/class/cache.php +++ /dev/null @@ -1,69 +0,0 @@ -<?php - -class cache { - public $token = ""; - - private $db; - - public function __construct($rconnect, $rdb){ - $this->db = new Redis(); - - try { - $this->db->connect($rconnect); - } catch (Exception $e) { - return $e->getMessage(); - } - try { - $this->db->ping(); - } catch (Exception $e) { - return $e->getMessage(); - } - try { - $this->db->select($rdb); - } catch (Exception $e) { - return $e->getMessage(); - } - } - - public function check(){ - try { - return $this->db->ping(); - } catch (Exception $e) { - return $e->getMessage(); - } - } - - public function setKey($key, $value, $ttl = null){ - $this->db->set($key, $value, $ttl); - } - - public function getValue($key){ - return $this->db->get($key); - } - - public function getToken($data, $append = ""){ - $this->token = CACHEPREFIX . $append . md5(strtolower($data)); - return $this->token; - } - - public function exists($key){ - return $this->db->exists($key); - } - - public function delete($key){ - return $this->db->delete($key); - } - - public function del($key){ - return $this->db->delete($key); - } - - public function flush($token = null){ - if ( is_null($token) ) - return $this->db->flushDB(); - else - return $this->db->delete($token); - } -} - - diff --git a/bootstrap/class/mysql.php b/bootstrap/class/mysql.php deleted file mode 100644 index 8d75538..0000000 --- a/bootstrap/class/mysql.php +++ /dev/null @@ -1,153 +0,0 @@ -<?php - -class db { - - protected $db; - - public function __construct(){ - $this->open(); - } - - public function open(){ - try { - $this->db = new mysqli(DBHOST, DBUSER, DBPASSWORD, DBNAME); - } catch (Exception $e){ - failure("<p>".$e->getMessage()."</p>", '500 Server Failure', false, '<h1>Failed to open database connection.</h1>'); - } - - if ( $this->db->connect_errno ){ - failure("<p>Can't connect to the database. MySQL gave this error code: " . $this->db->connect_errno . "</p>", '500 Server Failure', false, '<h1>Connection to MySQL server failed.</h1>'); - } - - if ( ! $this->db->ping() ){ - failure("<p>Can't reach MySQL server. Server says: " . $this->db->error . "</p>", '500 Server Failure', false, "<h1>Can't reach MySQL server!</h1>"); - } - - if ( ! $this->db->set_charset(DBCHARSET) ){ - failure("<p>Can't set " . DBCHARSET . " as the charset on your MySQL server.</p>" , '500 Server Failure', false, "<h1>Setting Charset failed!</h1>"); - } - - } - - public function close(){ - $this->db->close(); - } - - public function check(){ - if ( ! $this->db->ping() ){ - return false; - } - - return true; - } - - # does a single MySQL query with output (SELECT, INSERT, UPDATE... ) - public function doQuery($string){ - if ( ! $this->check() ) - return false; - - return $this->db->query($string); - } - - # does multiple queries WITHOUT output (INSERT, UPDATE, DELETE... ) - public function execMultipleQueries($sql){ - if ( ! $this->check() ) - return false; - - $result = $this->db->multi_query($sql); - if ( ! $result ) - return false; - - do { - if( ! $this->db->more_results() ) - break; - if ( ! $this->db->next_result() ){ - if ( $this->db->error != "" ){ - //$result->free(); - return false; - } - } - } while (true); - - return true; - } - - # code by WordPress. See @link https://core.trac.wordpress.org/browser/branches/4.0/src/wp-includes/wp-db.php#L1154 - # syntax like sprintf() - public function prepare( $query, $args ) { - if ( is_null( $query ) ) - return; - - // This is not meant to be foolproof -- but it will catch obviously incorrect usage. - if ( strpos( $query, '%' ) === false ) { - return false; - } - - $args = func_get_args(); - array_shift( $args ); - - // If args were passed as an array (as in vsprintf), move them up - if ( isset( $args[0] ) && is_array($args[0]) ) - $args = $args[0]; - - $query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it - $query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting - $query = preg_replace( '|(?<!%)%f|' , '%F', $query ); // Force floats to be locale unaware - $query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s - - array_walk( $args, array( $this, '_escape_by_ref' ) ); - - return @vsprintf( $query, $args ); - } - - private function _escape_by_ref( &$string ){ - if ( ! is_float( $string ) ) - $string = $this->_real_escape( $string ); - } - - private function _real_escape( $string ){ - return $this->db->real_escape_string($string); - } - # WordPress End - - public function createTables(){ - $user_table = - 'CREATE TABLE IF NOT EXISTS ' . DBPREFIX . 'user - ( id INTEGER AUTO_INCREMENT NOT NULL, PRIMARY KEY(id), - name VARCHAR(70), UNIQUE(name), - password VARCHAR(70), UNIQUE(password), - email VARCHAR(70), UNIQUE(email), - register INTEGER - ) ENGINE=InnoDB;'; - - $banned_user_table = - 'CREATE TABLE IF NOT EXISTS ' . DBPREFIX . 'banned_user - ( banned_id INTEGER AUTO_INCREMENT NOT NULL, PRIMARY KEY(banned_id), - login_attempts INTEGER, - ip TEXT, - session_id TEXT, - time INTEGER, - user INTEGER - ) - ENGINE=InnoDB;'; - - $jg_table = - 'CREATE TABLE IF NOT EXISTS ' . DBPREFIX . 'member - ( member_id INTEGER AUTO_INCREMENT NOT NULL, PRIMARY KEY(member_id), - name varchar(70), UNIQUE(name), - adresse TEXT, - telefonnummer TEXT, - handynummer TEXT, - email varchar(70), UNIQUE(email), - geburtstag TEXT - ) - ENGINE=InnoDB;'; - - if ( ! $this->execMultipleQueries('BEGIN; '. $user_table . ' ' . $banned_user_table . ' ' . $jg_table . ' COMMIT;') ) - failure("<p>There was a problem during bootstrapping the database schema. " . $this->db->error . "</p>", '500 Server Failure', false, "<h1>CREATE TABLE FAILED</h1>"); - } - - public function __destruct(){ - $this->close(); - } -} diff --git a/bootstrap/class/user.php b/bootstrap/class/user.php deleted file mode 100644 index 969d734..0000000 --- a/bootstrap/class/user.php +++ /dev/null @@ -1,153 +0,0 @@ -<?php - -class jg { - - public $username; - public $login = false; - - private $pepper; - private $query = false; - - public function __construct($name = null){ - - $this->username = $name; - - if ( isset($_SESSION["loggedin"]) ) - $this->login = $_SESSION["loggedin"]; - - $this->_setPepper(); - - $this->_setQuery(); - } - - # get's everything from the database - private function _setQuery(){ - global $db; - - $sql = $db->prepare("SELECT * FROM " . DBPREFIX . "user WHERE name=%s;", $this->username); - $db_db = $db->doQuery($sql); - if ( is_bool($db_db) ) - $this->query = false; - else - $this->query = $db_db->fetch_array(MYSQLI_ASSOC); - } - - private function _setPepper(){ - if ( PEPPER_IS_FILE ) - $this->pepper = file_get_contents(PEPPER); - else - $this->pepper = PEPPER; - } - - public function getUser(){ - return $this->query['name']; - } - - public function getUserId(){ - return $this->query['id']; - } - - public function getPassword(){ - return $this->query['password']; - } - - public function getEmail(){ - if ( $this->query['email'] == "null" ) - return ""; - else - return $this->query['email']; - } - - public function getRegister(){ - return $this->query['register']; - } - - # check if valid user - public function isValidUser(){ - if( ( is_bool($this->query) && ! $this->query ) || is_null($this->query) ) - return false; - - return true; - } - - # check if current user is authenticated - public function isLoggedIn(){ - return $this->login; - } - - public function login($user, $password){ - if ( is_null($this->username) ) - $this->__construct($user); - - # get hashed password from the database - $hashed_password = $this->getPassword(); - - # do the password check with php function - if ( ! password_verify($password . PEPPER, $hashed_password) ) - return false; - - # set login to true - $this->login = true; - - $this->username=$user; - - # start a session if needed - if ( session_status() != PHP_SESSION_ACTIVE ) { - session_name(SESSION); - session_start(); - } - - # set session variable to true - $_SESSION["loggedin"] = true; - - # assign userid to the session variable - $_SESSION["userid"] = $this->getUserId(); - $_SESSION["username"] = $this->username; - - return true; - } - - public function logout(){ - - # no session active, so return false - if ( session_status() != PHP_SESSION_ACTIVE ) - return false; - - # set login to false - $this->login = false; - - # destroy session - if( ! session_destroy() ) - return false; - - return true; - } - - public function register($name, $password, $email){ - global $db; - - $hash = password_hash($password . PEPPER, PASSWORD_DEFAULT); - - $sql = $db->prepare(" - INSERT INTO " . DBPREFIX . "user (id, name, password, email, register) VALUES (NULL, %s, %s, %s, %d);", $name, $hash, $email, time() - ); - - if ( ! $db->doQuery($sql) ) - return false; - - # the user is successfull registered, thus already logged in - $this->username = $name; - - # redefine the class attributes - $this->_setPepper(); - $this->_setQuery(); - - $this->login($name, $password); - - return true; - } - - public function __destruct(){ - return true; - } -} |