diff --git a/config/docker/reset.sql b/config/docker/reset.sql
new file mode 100644
index 0000000..793da23
--- /dev/null
+++ b/config/docker/reset.sql
@@ -0,0 +1,5 @@
+USE camagru;
+DROP TABLE `like`;
+DROP TABLE comment;
+DROP TABLE post;
+DROP TABLE user;
\ No newline at end of file
diff --git a/config/setup.php b/config/setup.php
index da42fe8..ae321d4 100644
--- a/config/setup.php
+++ b/config/setup.php
@@ -1,15 +1,6 @@
initiate();
+if ($userManager !== NULL && $success = $userManager->initiate())
+ $info = $info . "
Website is ok
";
else
- $success = false;
-ob_start();
-?>
-
-
Setup tried
- Website is ok";
- ?>
-
-
\ No newline at end of file
+ $info = $info . "Error during database init
";
+$content = "";
\ No newline at end of file
diff --git a/controller/password_reset.php b/controller/password_reset.php
index bfaad7e..331ecda 100644
--- a/controller/password_reset.php
+++ b/controller/password_reset.php
@@ -1,23 +1,24 @@
get_mail($_POST["mail"])))
+ && !empty($user = $userManager->get_mail($_POST["mail"])))
{
- if ($database->initiatePasswordReset($_POST["mail"]))
- $done = "Reset account mail sent ";
+ if ($userManager->initiatePasswordReset($_POST["mail"]))
+ $info = $info . "Reset account mail sent ";
else
- $done = "Unable to send reset mail,
+ $info = $info . "Unable to send reset mail,
check if your mail is valid ";
require ($_SERVER["DOCUMENT_ROOT"] . "/views/ask_password_reset.php");
}
else if (isset($_GET["token"]) && isset($_GET["mail"]))
{
- if (!empty($user = $database->get_mail($_GET["mail"])[0])
- && $user["check_token"] === $_GET["token"])
+ echo $_GET["token"] . " ";
+ if (!empty($user = $userManager->get_mail($_GET["mail"]))
+ && $user[0]["check_token"] === $_GET["token"])
{
- var_dump($user["reset_date"]);
require ($_SERVER["DOCUMENT_ROOT"] . "/views/chose_new_password.php");
}
+ var_dump($user[0]["reset_date"]);
}
else
require ($_SERVER["DOCUMENT_ROOT"] . "/views/ask_password_reset.php");
\ No newline at end of file
diff --git a/controller/signin.php b/controller/signin.php
index d381227..69bed99 100644
--- a/controller/signin.php
+++ b/controller/signin.php
@@ -1,14 +1,14 @@
validNewMail($_POST["mail"]);
- $validPass = $database->validNewPassword($_POST["password"]);
- $validLogin = $database->validNewLogin($_POST["login"]);
+ $validMail = $userManager->validNewMail($_POST["mail"]);
+ $validPass = $userManager->validNewPassword($_POST["password"]);
+ $validLogin = $userManager->validNewLogin($_POST["login"]);
if ($validMail && $validPass && $validLogin)
{
- $querySuccess = $database->newUser($_POST["login"],
+ $querySuccess = $userManager->newUser($_POST["login"],
$_POST["mail"], $_POST["password"]);
}
}
diff --git a/index.php b/index.php
index 69e94d2..d8e7eb6 100644
--- a/index.php
+++ b/index.php
@@ -2,24 +2,23 @@
session_start();
require_once ("config/database.php");
require_once ("config/site.php");
-require_once ("model/class_database.php");
+require_once ("model/UserManager.php");
$title = "Camagru";
$content = "Welcome To Camagru ";
+$info = "";
try {
- $database = new Database($DB_DSN, $DB_USER, $DB_PASSWORD, $SITE_ADDRESS);
+ $userManager = new UserManager($DB_DSN, $DB_USER, $DB_PASSWORD, $SITE_ADDRESS);
if (isset($_SESSION) && isset($_SESSION["user"])
&& $_SESSION["user"] != ""
- && $database != NULL && empty($database->get_user($_SESSION["user"])))
+ && $userManager != NULL && empty($userManager->get_user($_SESSION["user"])))
$_SESSION["user"] = "";
} catch (Exception $e) {
- $database = NULL;
+ $userManager = NULL;
$info = "Fatal database error ";
-}
-
-if ($database === NULL)
$info = $DB_ERROR;
+}
/************* Router ************/
@@ -29,13 +28,13 @@
if (isset($_POST)
&& isset($_POST["submit"]) && $_POST["submit"] === "Login"
&& isset($_POST["login"]) && isset($_POST["password"])
- && ($auth = $database->authenticate(
+ && ($auth = $userManager->authenticate(
$_POST["login"], $_POST["password"])))
$_SESSION["user"] = $_POST["login"];
require("controller/login.php");
}
else if ($_GET["action"] === "logout") {
- if ($database !== NULL) {
+ if ($userManager !== NULL) {
if (isset($_SESSION)
&& isset($_SESSION["user"]) && $_SESSION["user"] != "")
$_SESSION["user"] = "";
@@ -52,10 +51,10 @@
else if ($_GET["action"] === "verify") {
$done = 0;
if (isset($_GET["user"]) && isset($_GET["token"])
- && $database->verify_user($_GET["user"], $_GET["token"]))
- $info = $info . ("Account activated ");
+ && $userManager->verify_user($_GET["user"], $_GET["token"]))
+ $info = $info . "Account activated ";
else
- $info = $info . ("Error wrong token/login ");;
+ $info = $info . "Error wrong token/login ";
}
else if ($_GET["action"] === "reset") {
require("controller/password_reset.php");
diff --git a/model/DatabaseManager.php b/model/DatabaseManager.php
new file mode 100644
index 0000000..a1bc75d
--- /dev/null
+++ b/model/DatabaseManager.php
@@ -0,0 +1,85 @@
+PDO = new PDO($DB_DSN, $DB_USER, $DB_PASSWORD,
+ array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
+ $this->SITE_ADDRESS = $SITE_ADDRESS;
+ }
+ catch (Exception $exception)
+ {
+ throw new Exception("Cannot connect to database");
+ }
+ }
+
+ public function initiate()
+ {
+ try
+ {
+ $this->PDO->exec("
+ CREATE TABLE IF NOT EXISTS user (
+ id INT NOT NULL AUTO_INCREMENT UNIQUE,
+ login VARCHAR(20) NOT NULL,
+ password VARCHAR(128),
+ mail VARCHAR(254),
+ check_token VARCHAR(128),
+ reset_token VARCHAR(128),
+ creation_date TIMESTAMP NOT NULL DEFAULT now(),
+ reset_date TIMESTAMP,
+ is_verified INT NOT NULL DEFAULT 0,
+ PRIMARY KEY (id))
+ ENGINE = InnoDB;");
+
+ $this->PDO->exec("
+ CREATE TABLE IF NOT EXISTS post (
+ id INT NOT NULL AUTO_INCREMENT UNIQUE,
+ user_id INT NOT NULL,
+ image VARCHAR(100),
+ description VARCHAR(256),
+ post_date TIMESTAMP NOT NULL DEFAULT now(),
+ PRIMARY KEY (id),
+ CONSTRAINT fk_user_id
+ FOREIGN KEY (user_id)
+ REFERENCES user (id))
+ ENGINE = InnoDB;");
+
+ $this->PDO->exec("
+ CREATE TABLE IF NOT EXISTS comment (
+ id INT NOT NULL AUTO_INCREMENT UNIQUE,
+ post_id INT NOT NULL,
+ `text` VARCHAR(256) NOT NULL,
+ comment_date TIMESTAMP NOT NULL DEFAULT now(),
+ PRIMARY KEY (id),
+ CONSTRAINT fk_post_id
+ FOREIGN KEY (post_id)
+ REFERENCES post (id))
+ ENGINE = InnoDB;");
+
+ $this->PDO->exec("
+ CREATE TABLE IF NOT EXISTS `like` (
+ post_id INT NOT NULL,
+ user_id INT NOT NULL,
+ CONSTRAINT fk_like_post_id FOREIGN KEY (post_id) REFERENCES post(id),
+ CONSTRAINT fk_like_user_id FOREIGN KEY (user_id) REFERENCES user(id))
+ ENGINE = InnoDB;
+ ");
+ return true;
+ }
+ catch (Exception $e)
+ {
+ return false;
+ }
+ }
+
+ protected function generate_random_token()
+ {
+ return bin2hex(openssl_random_pseudo_bytes(16));
+ }
+}
\ No newline at end of file
diff --git a/model/class_database.php b/model/UserManager.php
similarity index 59%
rename from model/class_database.php
rename to model/UserManager.php
index 55a7935..7ab3eec 100644
--- a/model/class_database.php
+++ b/model/UserManager.php
@@ -1,115 +1,52 @@
PDO = new PDO($DB_DSN, $DB_USER, $DB_PASSWORD,
- array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
- $this->SITE_ADDRESS = $SITE_ADDRESS;
- } catch (Exception $exception) {
- throw new Exception("Cannot connect to database");
- }
- }
-
- public function initiate() {
- try {
- $this->PDO->exec("
- CREATE TABLE IF NOT EXISTS user (
- id INT NOT NULL AUTO_INCREMENT UNIQUE,
- login VARCHAR(20) NOT NULL,
- password VARCHAR(128),
- mail VARCHAR(254),
- check_token VARCHAR(128),
- reset_token VARCHAR(128),
- reset_date TIMESTAMP,
- is_verified INT NOT NULL DEFAULT 0,
- PRIMARY KEY (id))
- ENGINE = InnoDB;");
-
- $this->PDO->exec("
- CREATE TABLE IF NOT EXISTS post (
- id INT NOT NULL AUTO_INCREMENT UNIQUE,
- user_id INT NOT NULL,
- image VARCHAR(100),
- description VARCHAR(256),
- post_date TIMESTAMP NOT NULL DEFAULT now(),
- PRIMARY KEY (id),
- CONSTRAINT fk_user_id
- FOREIGN KEY (user_id)
- REFERENCES user (id))
- ENGINE = InnoDB;");
-
- $this->PDO->exec("
- CREATE TABLE IF NOT EXISTS comment (
- id INT NOT NULL AUTO_INCREMENT UNIQUE,
- post_id INT NOT NULL,
- `text` VARCHAR(256) NOT NULL,
- comment_date TIMESTAMP NOT NULL DEFAULT now(),
- PRIMARY KEY (id),
- CONSTRAINT fk_post_id
- FOREIGN KEY (post_id)
- REFERENCES post (id))
- ENGINE = InnoDB;");
-
- $this->PDO->exec("
- CREATE TABLE IF NOT EXISTS `like` (
- post_id INT NOT NULL,
- user_id INT NOT NULL,
- CONSTRAINT fk_like_post_id FOREIGN KEY (post_id) REFERENCES post(id),
- CONSTRAINT fk_like_user_id FOREIGN KEY (user_id) REFERENCES user(id))
- ENGINE = InnoDB;
- ");
- return true;
- } catch (Exception $e) {
- return false;
- }
- }
-
- private function hash_pw($pw) {
return hash("SHA512", $pw);
}
- private function generate_random_token() {
- return bin2hex(openssl_random_pseudo_bytes(16));
- }
-
- public function validNewMail ($mail) {
+ public function validNewMail($mail)
+ {
return isset($mail) && filter_var($mail, FILTER_VALIDATE_EMAIL)
&& empty($this->get_mail($mail));
}
- public function validNewPassword ($password) {
+ public function validNewPassword($password)
+ {
return isset($password)
&& strlen($password) >= 8
&& preg_match('/[A-Za-z].*[0-9]|[0-9].*[A-Za-z]/', $password);
}
- public function validNewLogin ($login) {
+ public function validNewLogin($login)
+ {
return isset($login) && strlen($login) >= 4
&& empty($this->get_user($login));
}
- public function validChars ($login) {
+ public function validChars($login)
+ {
/*if (preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/', $login))*/
if (preg_match('/[\\\]/', $login))
return false;
return true;
}
- public function get_mail($mail) {
+ public function get_mail($mail)
+ {
try
{
$query = $this->PDO->prepare("
SELECT * FROM user WHERE mail LIKE :mail");
$query->execute(array(":mail" => $mail));
return ($query->fetchAll());
- } catch (Exception $e) {
+ }
+ catch (Exception $e)
+ {
return false;
}
}
@@ -133,7 +70,7 @@ public function newUser($login, $mail, $password)
$token = $this->generate_random_token();
$query = $this->PDO->prepare("
INSERT INTO user VALUES
- (NULL, :login, :password, :mail, :token, NULL, NULL, 0);");
+ (NULL, :login, :password, :mail, :token, NULL, NULL, NULL, 0);");
$query->execute(array(
':login' => $login,
':password' => $password,
@@ -167,7 +104,7 @@ public function newUser($login, $mail, $password)
}
}
- public function initiatePasswordReset ($mail) {
+ public function initiatePasswordReset($mail) {
try
{
if (empty($user = $this->get_mail($mail)[0]) || !isset($user['id']))
@@ -177,6 +114,7 @@ public function initiatePasswordReset ($mail) {
else
{
$token = $this->generate_random_token();
+ var_dump($token);
$query = $this->PDO->prepare("
UPDATE user
SET reset_token = :token AND reset_date = now()
@@ -188,24 +126,27 @@ public function initiatePasswordReset ($mail) {
"?action=reset&mail={$mail}&token={$token}";
$message =
"" .
+ text-align: center;
+ background-color: #e98e4e;
+ border-radius: 20px;
+ color: whitesmoke;
+ padding: 30px;'>" .
"
Hello {$user["login"]}
- Someone asked to reset your password, if it's not you just ignore this email
" .
- "
Reset Password " .
- "Otherwise click to the link to enter your new password
";
+ Someone asked to reset your password, if it's not you just ignore this email " .
+ "Otherwise click to the link to set a new password" .
+ "Reset Password ";
return $query > 0
&& $this->sendUserMail($mail, 'Password reset', $message);
}
- } catch (Exception $e) {
+ }
+ catch (Exception $e)
+ {
return false;
}
}
- public function verify_user ($login, $token) {
+ public function verify_user($login, $token)
+ {
try
{
if ($this->validChars($login)
@@ -220,27 +161,34 @@ public function verify_user ($login, $token) {
':login' => $login,
':token' => $token));
return ($query->rowCount() > 0);
- } else if (isset($user) && $user["is_verified"] == 1)
+ }
+ else if (isset($user) && $user["is_verified"] == 1)
return true;
- } catch (Exception $e) {
+ }
+ catch (Exception $e)
+ {
return false;
}
return false;
}
- public function get_user($login) {
+ public function get_user($login)
+ {
try
{
$query = $this->PDO->prepare("
SELECT * FROM user WHERE login LIKE :login");
$query->execute(array(":login" => $login));
return ($query->fetchAll());
- } catch (Exception $e) {
+ }
+ catch (Exception $e)
+ {
return false;
}
}
- public function authenticate ($login, $password) {
+ public function authenticate($login, $password)
+ {
try
{
if (!$this->validChars($login) || $login === "" || $password === "")
@@ -252,7 +200,9 @@ public function authenticate ($login, $password) {
AND user.password = :password");
$query->execute(array(':login' => $login, ':password' => $password));
return !empty($query->fetchAll());
- } catch (Exception $e) {
+ }
+ catch (Exception $e)
+ {
return false;
}
}
diff --git a/views/login_form.php b/views/login_form.php
index 10d82cb..b91496d 100644
--- a/views/login_form.php
+++ b/views/login_form.php
@@ -1,4 +1,5 @@
-
+$content = ob_get_clean(); ?>
diff --git a/views/structure/template.php b/views/structure/template.php
index ebe7b49..e3d93f4 100644
--- a/views/structure/template.php
+++ b/views/structure/template.php
@@ -2,7 +2,7 @@
- = $title ?>
+ =$title?>
@@ -14,17 +14,17 @@
Login");
+ echo "";
else
- echo("");?>
+ echo "";?>
-
- = $content ?>
+ =$content?>
Camagru is a 42 school project