KumiSystems/gastrodata
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Another load of changes.

Browse source
This commit is contained in:
Kumi 2020-08-20 20:37:49 +02:00
parent 183777e4e8
commit f250461583
10 changed files with 134 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -1,2 +1,3 @@
.vscode/
config.php
config.php
test.php

48
Session.class.php
View file

@ -3,8 +3,19 @@
session_start();
require_once("Database.class.php");
require_once("constants.php");
class Session {
public static function get_admin_session()
{
return Database::escape_string($_SESSION[$GLOBALS["SESSION_ADMIN"]]);
}
public static function get_visitor_session()
{
return Database::escape_string($_SESSION[$GLOBALS["SESSION_VISITOR"]]);
}
public static function generate_id()
{
return uniqid(uniqid("", true), true);
@ -13,33 +24,54 @@ class Session {
public static function login($user_id)
{
$session_id = self::generate_id();
$_SESSION["gastoadmin"] = $session_id;
$expiry = time() + $GLOBALS["SESSION_ADMIN_VALIDITY"];
$query = "INSERT INTO `user_sessions` (`session_id`, `user_id`, `expiry`) VALUES ('$session_id', $user_id, $expiry);";
Database::execute_query($query);
$_SESSION[$GLOBALS["SESSION_ADMIN"]] = $session_id;
return self::is_logged_in() == $user_id;
}
public static function logout()
{
unset($_SESSION["gastroadmin"]);
$query = "DELETE FROM `admin_sessions` WHERE `session_id` = '" . self::get_admin_session() . "';";
Database::execute_query($query);
unset($_SESSION[$GLOBALS["SESSION_ADMIN"]]);
}
public static function is_logged_in()
{
$query = "SELECT `user_id` FROM `visitor_sessions` WHERE `session_id` = '" . $_SESSION["gastroadmin"] . "';";
Database::execute_query($query)
$query = "SELECT `user_id` FROM `admin_sessions` WHERE `session_id` = '" . self::get_admin_session() . "';";
$result = Database::execute_query($query);
if ($result->num_rows == 1) {
return $result->fetch_assoc()["user_id"];
}
return false;
}
public static function remember_visitor($visitor_id)
{
$session_id = self::generate_id();
$_SESSION["gastroguest"] = $session_id;
$expiry = time() + $GLOBALS["SESSION_VISITOR_VALIDITY"];
$query = "INSERT INTO `visitor_sessions` (`session_id`, `user_id`, `expiry`) VALUES ('$session_id', $visitor_id, $expiry);";
Database::execute_query($query);
$_SESSION[$GLOBALS["SESSION_VISITOR"]] = $session_id;
return self::get_visitor() == $visitor_id;
}
public static function get_visitor($visitor_id)
public static function get_visitor()
{
# TODO
$query = "SELECT `visitor_id` FROM `visitor_sessions` WHERE `session_id` = '" . self::get_visitor_session() . "';";
$result = Database::execute_query($query);
if ($result->num_rows == 1) {
return $result->fetch_assoc()["visitor_id"];
}
return false;
}
public static function forget_visitor($visitor_id)
{
# TODO
$query = "DELETE FROM `visitor_sessions` WHERE `session_id` = '" . self::get_visitor_session() . "';";
Database::execute_query($query);
unset($_SESSION[$GLOBALS["SESSION_VISITOR"]]);
}
}

9
Setting.class.php
View file

@ -10,18 +10,21 @@ class Setting {
$this->settingKey = Database::escape_string($setting_key);
}
public function get($default="")
public function get($default="", $set=false)
{
$query = "SELECT `setting_value` FROM `settings` WHERE `setting_key` = '" . $this->settingKey . "';";
$result = Database::execute_query($query);
if ($result->num_rows == 1) {
return $result->fetch_assoc()["setting_key"];
return $result->fetch_assoc()["setting_value"];
} else {
if (!empty($default)) {
if ($set) {
$this->set($default);
}
return $default;
}
return false;
}
return false;
}
public function set($value)

6
Template.class.php
View file

@ -222,7 +222,11 @@ class Template
* @uses $template
*/
private function replaceLangVars($lang) {
$this->template = preg_replace("/\{L_(.*)\}/isUe", "\$lang[strtolower('\\1')]", $this->template);
$this->template = preg_replace_callback("/\{L_(.*)\}/isU",
function($matches) use ($lang) {
return $lang[strtolower($matches[1])];
},
$this->template);
}
/**

61
User.class.php Normal file
View file

@ -0,0 +1,61 @@
<?php
require_once("Database.class.php");
class User
{
private $user_id = null;
public function __construct($user_id)
{
$this->user_id = $user_id;
}
public function id() {
return $this->user_id;
}
public static function authenticate($username, $password)
{
$escaped_username = Database::escape_string($username);
$query = "SELECT `password`, `user_id` FROM `users` WHERE username='$escaped_username';";
$result = Database::execute_query($query);
if ($result->num_rows == 1)
{
$user = $result->fetch_assoc();
if (password_verify($password, $user["password"]))
{
return new self($user["user_id"]);
}
}
return false;
}
public static function register($username, $password, $admin=false)
{
$escaped_username = Database::escape_string($username);
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$admin_status = (int)$admin;
if (!password_verify($password, $hashed_password))
{
die("Something went wrong trying to hash the password...");
}
$query = "INSERT INTO `users` (`email`, `password`, `is_admin`) VALUES ('$escaped_username', '$hashed_password', $admin_status);";
if (!Database::execute_query($query)) {
return false;
}
$id_query = "SELECT `user_id` FROM `users` WHERE `email` = '$escaped_username';";
$id_result = Database::execute_query($id_query);
if ($id_result->num_rows == 1) {
return new self($id_result->fetch_assoc()["user_id"]);
}
return false;
}
}

6
constants.php Normal file
View file

@ -0,0 +1,6 @@
<?php
define("SESSION_ADMIN", "gastroadmin"); # Name of the admin user ID variable in sessions
define("SESSION_VISITOR", "gastroguest"); # Name of the visitor ID variable in sessions
define("SESSION_ADMIN_VALIDITY", 300); # Lifetime (in seconds) of admin sessions
define("SESSION_VISITOR_VALIDITY", 86400); # Lifetime (in seconds) of visitor sessions

4
index.php
View file

@ -8,6 +8,10 @@ Route::add('/',function(){
include("views/index.php");
});
Route::add('accounts/register/', function() {
}, "post");
Route::run('/');
?>

0
language/de/main.php Normal file
View file

21
sql/schema.sql
View file

@ -9,7 +9,6 @@ CREATE TABLE IF NOT EXISTS `users` (
`display_name` VARCHAR(255),
`email` VARCHAR(255) NOT NULL UNIQUE,
`password` VARCHAR(255) NOT NULL,
`salt` VARCHAR(255) NOT NULL,
`is_admin` BOOLEAN,
PRIMARY KEY (`user_id`)
);
@ -17,9 +16,9 @@ CREATE TABLE IF NOT EXISTS `users` (
CREATE TABLE IF NOT EXISTS `user_sessions` (
`session_id` VARCHAR(255) NOT NULL,
`user_id` INT NOT NULL,
`expiry` DATETIME NOT NULL,
`expiry` INT NOT NULL,
PRIMARY KEY (`session_id`),
FOREIGN KEY (`user_id`) REFERENCES `users`(`user_id`)
FOREIGN KEY (`user_id`) REFERENCES `users`(`user_id`) ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS `locations` (
@ -34,17 +33,17 @@ CREATE TABLE IF NOT EXISTS `permissions` (
`location_id` INT NOT NULL,
`is_owner` BOOLEAN,
PRIMARY KEY (`user_id`, `location_id`),
FOREIGN KEY (`user_id`) REFERENCES `users`(`user_id`),
FOREIGN KEY (`location_id`) REFERENCES `locations`(`location_id`)
FOREIGN KEY (`user_id`) REFERENCES `users`(`user_id`) ON DELETE CASCADE,
FOREIGN KEY (`location_id`) REFERENCES `locations`(`location_id`) ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS `visits` (
`visit_id` VARCHAR(255) NOT NULL,
`location_id` INT NOT NULL,
`arrival` DATETIME NOT NULL,
`departure` DATETIME NOT NULL,
`arrival` INT NOT NULL,
`departure` INT NOT NULL,
PRIMARY KEY (`visit_id`),
FOREIGN KEY (`location_id`) REFERENCES `locations`(`location_id`)
FOREIGN KEY (`location_id`) REFERENCES `locations`(`location_id`) ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS `visitors` (
@ -61,13 +60,13 @@ CREATE TABLE IF NOT EXISTS `visitors` (
`phone` VARCHAR(255),
`email` VARCHAR(255),
PRIMARY KEY (`visitor_id`),
FOREIGN KEY (`visit_id`) REFERENCES `visits`(`visit_id`)
FOREIGN KEY (`visit_id`) REFERENCES `visits`(`visit_id`) ON DELETE CASCADE
);
CREATE TABLE IF NOT EXISTS `visitor_sessions` (
`session_id` VARCHAR(255) NOT NULL,
`visitor_id` VARCHAR(255) NOT NULL,
`expiry` DATETIME,
`expiry` INT,
PRIMARY KEY (`session_id`),
FOREIGN KEY (`visitor_id`) REFERENCES `visitors`(`visitor_id`)
FOREIGN KEY (`visitor_id`) REFERENCES `visitors`(`visitor_id`) ON DELETE CASCADE
);

27
views/index.php
View file

@ -1,27 +0,0 @@
<?php
if (!defined("GastroData")) {
die("This file cannot be accessed directly. Sorry.");
};
require_once("Template.class.php");
require_once("Setting.class.php");
// Das Template laden
$tpl = new Template();
$tpl->load("index.tpl");
// Die Sprachdatei laden
$langs[] = "de/lang_main.php";
$lang = $tpl->loadLanguage($langs);
// Platzhalter ersetzen
$title = new Setting("title");
$tpl->assign( "website_title", $title->get("GastroData") );
$tpl->assign( "time", date("H:i") );
// Zugriff auf eine Sprachvariable
$tpl->assign( "test", $lang['test'] );
// Und die Seite anzeigen
$tpl->display();