API tools faq
paste
Advertisement
Guest User

so-question-chriszo111-2

a guest
Mar 19th, 2015
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 12.41 KB | None | 0 0
raw download clone embed print report
  1. /************* PAGE.CLASS.PHP ************************************************************************/
  2. <?php
  3.    
  4.     abstract class Page {
  5.  
  6.         protected $dbCon = null;
  7.        
  8.         protected function __construct() {
  9.             $this->dbCon = mysqli_connect("127.0.0.1", "root", "", "chat") or die("Error " . mysqli_error($this->dbCon));
  10.         }
  11.        
  12.         protected function __destruct() {
  13.             mysqli_close($this->dbCon);
  14.             $this->dbCon = null;
  15.         }
  16.        
  17.         protected function generateHeader($title = "Standard Title - localhost") {
  18.             echo <<< HTML
  19. <!DOCTYPE html>
  20. <html>
  21. <head>
  22.     <meta name="viewport" content="width=device-width, initial-scale=1">
  23.     <meta charset="utf-8">
  24.     <meta http-equiv="X-UA-Compatible" content="IE=edge">
  25.     <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
  26.     <link rel="stylesheet" href="css/style.css">
  27.     <title>$title</title>
  28. </head>
  29. <body>
  30. <script src="js/functions.js"></script>    
  31. <script src="http://code.jquery.com/jquery-1.11.0.min.js"></script>
  32. <script src="js/cookie.js"></script>
  33. <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
  34. HTML;
  35. if(!isset($_COOKIE['cookieConsent']) || $_COOKIE['cookieConsent'] == false) {
  36. echo <<< HTML
  37. <div id="cookieBanner">
  38. <div class="row">
  39. <div class="col-md-6 col-md-offset-3">
  40. <div class="alert alert-info alert-dismissible" role="alert">
  41.     <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
  42.     This website is using Cookies to improve the user experience. If you do not allow cookies in your browser settings you will not be able to use this website.
  43.     If you do not accept the website's cookie policy and usage, you may leave this website now and there will not be cookies saved yet. For further information
  44.     you can use the buttons below.<br />
  45.     <div id="cookieBannerActions">
  46.     <a class="noconsent" href="ref=cookies"><button class="btn btn-sm btn-info">Learn about this website's cookies</button></a>
  47.     <a class="denyConsent noconsent" href="#"><button class="btn btn-sm btn-default">Disallow cookies</button></a>
  48.     </div>
  49. </div>
  50. </div>
  51. </div>
  52. HTML;
  53.         }
  54. }
  55.        
  56.         protected function generateNav() {
  57.             require_once 'html/nav.html';
  58.             echo <<< HTML
  59. <div class="container">
  60. HTML;
  61.         }
  62.        
  63.         protected function generateFooter() {
  64.         echo <<< HTML
  65. </div>
  66. </body>
  67. </html>
  68. HTML;
  69.         }
  70.    
  71.     }
  72.    
  73. /************* FETCHPAGE.CLASS.PHP ************************************************************************/
  74. <?php
  75. // Includes
  76. require_once 'Page.class.php';
  77. require_once 'getIP.function.php';
  78.  
  79. class Auth extends Page {
  80.     /* This class is intended for the sole checks of whether there is a login and whether the login is on different rights (Moderator, Admin, etc.) */
  81.     private $guestip = null;
  82.    
  83.     function __construct() {
  84.         parent::__construct();
  85.         if(!isset($_COOKIE['usrID'])) {
  86.             $this->guestip = get_ip_address();
  87.             setcookie("guestip", "$this->guestip", time() + 86400, "/"); // guest ip on visit saved for 1 day
  88.         }
  89.     }
  90.    
  91.     // to do: __destruct()
  92.  
  93.     function isAdmin() {
  94.         $usrID = $_COOKIE['usrID'];
  95.         $sqlCheckAdmin = mysqli_query($this->dbCon, "SELECT adminStatus FROM chatUsr WHERE usrID = '$usrID'");
  96.         if($dataSql = mysqli_fetch_assoc($sqlCheckAdmin)) {
  97.             var_dump($dataSql);
  98.         }
  99.     }
  100.    
  101.     function isLogged() {
  102.         if(isset($_COOKIE['usrID']) && $_COOKIE['usrID'] != null) {
  103.             return true;
  104.         } else {
  105.             return false;
  106.         }
  107.     }
  108. }
  109.  
  110. class FetchPage extends Page {
  111.        
  112.         protected $pageContents = null;
  113.         protected $objChatSession;
  114.         public $objAuth = null;
  115.  
  116.         function __construct() {
  117.             parent::__construct();
  118.             $this->objAuth = new Auth();
  119.             parent::generateHeader();
  120.             parent::generateNav();
  121.            
  122.             var_dump($_COOKIE);
  123.            
  124.             if($this->load($_GET['ref']) === true) {
  125.                
  126.                 include_once $_GET['ref'].".php";
  127.             } else {
  128.                 echo "Failed loading page contents of function load()..<br />";
  129.             }
  130.            
  131.             parent::generateFooter();          
  132.         }
  133.        
  134.         function __destruct() {
  135.             // to do
  136.         }
  137.        
  138.         function load($pageName) {
  139.             /* @get ref set page, calls parent Page functions to generate, @return none */
  140.             $pagePath = $pageName.".php";
  141.             $pageFile = fopen($pagePath, "r") or die("Error opening the page file!\n");
  142.             $this->pageContents = fread($pageFile, filesize($pagePath)) or die("Error reading the page contents!\n");
  143.            
  144.             if($this->pageContents != null) {
  145.                 return true;
  146.             } else {
  147.                 return false;
  148.             }
  149.         }
  150.        
  151.         public static function main() {
  152.             $page = new FetchPage();
  153.         }
  154.     }
  155.    
  156.     FetchPage::main();
  157.  
  158. /************* CHATCOOKIE.CLASS.PHP ************************************************************************/
  159.  
  160. <?php
  161. // Includes
  162. require_once 'Page.class.php';
  163.  
  164. class ChatCookie extends Page {
  165.         /* This class saves the active session in a database table */
  166.        
  167.         protected $cookieArray = Array();
  168.        
  169.         function __construct() {
  170.             var_dump($_COOKIE);
  171.             parent::__construct();
  172.             setcookie("online", false, time() + 86400, "/");
  173.            
  174.             // @function read() checks if there was a session before for this fUsrID or not
  175.             if(isset($_COOKIE['PHPSESSID'])) {
  176.                 //$this->readCookie();
  177.             }
  178.             $this->tmpCookieString = "";
  179.         }
  180.        
  181.         function __destruct() {
  182.             //
  183.         }
  184.        
  185.         function deleteCookie() {
  186.             // to do: query to update the timestampEnd in SQL
  187.            
  188.             $saved = false;
  189.             $deleted = false;
  190.            
  191.             /* Save cookie data for later use */
  192.             if($this->saveCookie()) {
  193.                 $saved = true;
  194.             }
  195.            
  196.             /* Delete the Cookie and all data */
  197.            
  198.             foreach($_COOKIE as $key => $value) {
  199.                 if(is_array($value)) {
  200.                     // no arrays created yet
  201.                 }
  202.                
  203.                 setcookie("$key", null, time() - 3600);
  204.                 unset($_COOKIE[$key]);
  205.             }
  206.            
  207.             if(!isset($_COOKIE['usrID'])) {
  208.                 $deleted = true;
  209.             }
  210.            
  211.             if($deleted == true && $saved == true) {
  212.                 $this->objChatCookie = new ChatCookie();
  213.                
  214.                 return true;
  215.             } else {
  216.                 return false;
  217.             }
  218.            
  219.             var_dump($_COOKIE);
  220.         }
  221.        
  222.         function readCookie() {
  223.             $tmpCookieArray = Array();
  224.             $cookieID = $_COOKIE['PHPSESSID'];
  225.             $sqlRead = mysqli_query($this->dbCon, "SELECT * FROM chatCookies WHERE cookieID = '$cookieID'") or die("Error performing query #".mysqli_errno($sqlRead));
  226.            
  227.             while($row = mysqli_fetch_array($sqlRead)) {
  228.                 if(isset($row['cookieData']) && $row['cookieData'] != null) {
  229.                     $tmpCookieArray[] = $row;
  230.                 }
  231.             }
  232.            
  233.             if(isset($tmpCookieArray)) {
  234.                 $this->cookieArray[] = $tmpCookieArray;
  235.                 return true;
  236.             } else {
  237.                 return false;
  238.             }
  239.         }
  240.        
  241.         function saveCookie() {
  242.             $tmpCookieString = "";
  243.             $time = time();
  244.            
  245.             if(!isset($_COOKIE['usrID']) && $_COOKIE['usrID'] <= 0) {
  246.                 return false;
  247.             } else {
  248.                 $cookieID = $_COOKIE['PHPSESSID'];
  249.                 $fUsrID = $_COOKIE['usrID'];
  250.                 foreach($_COOKIE as $key => $value) {
  251.                     if($key == "PHPSESSID" || $key == "usrID") continue;
  252.                     $tmpCookieString = $tmpCookieString.$key.":".$value.";";
  253.                 }
  254.                
  255.                 if($this->readCookie()) {
  256.                     /* Cookie PHPSESSID has already been used and has to get updated, because its a primary key and can't be set twice */
  257.                     if(mysqli_query($this->dbCon, "UPDATE chatCookies SET cookieData = '$tmpCookieString' WHERE cookieID = '$cookieID'") or die("Error performing query UPDATE COOKIE in file ChatCookie.class.php on line ".__LINE__)) {
  258.                         return true;
  259.                     }
  260.                 } else {
  261.                     if(mysqli_query($this->dbCon, "INSERT INTO chatCookies (cookieID, fUsrID, timestampStart cookieData) VALUES ('$cookieID', '$fUsrID', '$time', '$tmpCookieString')") or die("Error performing query INSERT INTO COOKIE in file ChatCookie.class.php on line ".__LINE__)) {
  262.                         return true;
  263.                     }
  264.                 }
  265.             }
  266.         }
  267.     }
  268.  
  269. /************* LOGIN.CLASS.PHP ************************************************************************/
  270. <?php
  271. require_once 'Page.class.php';
  272. require_once 'ChatCookie.class.php';
  273.  
  274. class Login extends Page {
  275.    
  276.     public $objChatCookie = null;
  277.    
  278.     function __construct() {
  279.         var_dump($_COOKIE);
  280.         parent::__construct();
  281.         $this->objChatCookie = new ChatCookie();
  282.     }
  283.    
  284.     function __destruct() {
  285.         parent::__destruct();
  286.     }
  287.    
  288.     protected function checkPwdHash($password, $oldHash) {
  289.     /* Sample code from http://php.net/manual/de/function.password-needs-rehash.php - 18/03/2015 */
  290.         $new = [
  291.             'options' => ['cost' => 11],
  292.             'algo' => PASSWORD_DEFAULT,
  293.             'hash' => null
  294.         ];
  295.        
  296.         if (true === password_verify($password, $oldHash)) {
  297.            
  298.             if (true === password_needs_rehash($oldHash, $new['algo'], $new['options'])) {
  299.                 //rehash/store plain-text password using new hash
  300.                 return password_hash($password, $new['algo'], $new['options']);
  301.             } else {
  302.                 return true;
  303.             }
  304.         } else {
  305.             return false;
  306.         }
  307.     }
  308.    
  309.     protected function updateHash($newHash, $usrID) {
  310.         $sqlQueryNewHash = mysqli_query($this->dbCon, "UPDATE chatUsr SET passwordHash = '$newHash' WHERE usrID = '$usrID'");
  311.         if($sqlQueryNewHash) {
  312.             return true;
  313.         } else {
  314.             return false;
  315.         }
  316.     }
  317.    
  318.     function checkUsrData($usrName, $usrPwd) {
  319.         $sqlCheckUsr = mysqli_query($this->dbCon, "SELECT * FROM chatUsr WHERE eMail = '$usrName' OR userName = '$usrName' AND passwordHash = '$usrPwd' LIMIT 1");
  320.        
  321.         if($fetchSql = mysqli_fetch_assoc($sqlCheckUsr)) {
  322.             $chkPwdHashVar = $this->checkPwdHash($usrPwd, $fetchSql['passwordHash']);
  323.             if($chkPwdHashVar == true) {
  324.                 $this->setCookieData($fetchSql['usrID']);
  325.                 return true;
  326.             } else if($chkPwdHashVar == false) {
  327.                 return false;
  328.             } else {
  329.                 if($this->updateHash($chkPwdHashVar, $fetchSql['usrID'])) {
  330.                     $this->setCookieData(intval($fetchSql['usrID']));
  331.                     return true;
  332.                 } else {
  333.                     echo "Fatal error: Could not update your profile. Please contact website administrator!\nError occured at Login.class.php at line: ".__LINE__;
  334.                 }
  335.             }
  336.         }
  337.     }
  338.    
  339.     function checkMail($email) {
  340.         $sqlCheckMail = mysqli_query($this->dbCon, "SELECT eMail FROM chatUsr WHERE eMail = '$email' LIMIT 1");
  341.         if($sqlCheckMail <= 0) {
  342.             return true;
  343.         } else {
  344.             return false;
  345.         }
  346.     }
  347.    
  348.     protected function hashPwd($pwd) {
  349.         return password_hash($pwd, PASSWORD_DEFAULT);
  350.     }
  351.    
  352.     function addUsr($usrName, $plainPwd) {
  353.         $pwdHash = $this->hashPwd($plainPwd);
  354.         $sqlAddUsr = mysqli_query($this->dbCon, "INSERT INTO chatUsr (eMail, passwordHash) VALUES ('$usrName', '$pwdHash')");
  355.         if($sqlAddUsr) {
  356.             return true;
  357.         } else {
  358.             return false;
  359.         }
  360.     }
  361.    
  362.     protected function setCookieData($usrID) {
  363.     /* Saving userdata into session variables to access them outside the class without initiating a class Object */
  364.         $sqlGetUsrData = mysqli_query($this->dbCon, "SELECT * FROM chatUsr WHERE usrID = '$usrID' LIMIT 1");
  365.         if($usrData = mysqli_fetch_assoc($sqlGetUsrData)) {
  366.             setcookie("usrID", "$usrID", time() + (86400 * 30), "/"); // 86400s = 1 day -> 3 days
  367.         }
  368.     }
  369.    
  370.     function logoutUsr() {
  371.         if($this->objChatCookie->deleteCookie()) {
  372.             $this->objChatCookie = null;
  373.             return true;
  374.         } else {
  375.             return false;
  376.         }
  377.     }
  378. }
  379.  
  380. /************* LOGIN.PHP ************************************************************************/
  381.  
  382. <?php
  383. if($this->objAuth->isLogged() == false) {
  384. require_once 'classes/Login.class.php';
  385. $login = new Login();
  386.  
  387. if(count($_GET) === 1 && isset($_GET['ref'])) {
  388. // EOF
  389. include_once 'html/login.html';
  390. } else if(count($_GET) === 2 && isset($_GET['ref']) && isset($_GET['check']) && $_GET['check'] == true) {
  391.     // Check the data login
  392.     var_dump($_POST);
  393.     if($login->checkUsrData($_POST['usr'], $_POST['pwd'])) {
  394.         header("location: index.php?ref=chat");
  395.     }
  396. } else if(count($_GET) === 2 && isset($_GET['ref']) && isset($_GET['proceed']) && $_GET['proceed'] == true) {
  397.  
  398. }
  399. } else {
  400. include_once 'html/noview.html';
  401. }
  402.  
  403. /************* LOGOUT.PHP ************************************************************************/
  404.  
  405. <?php
  406.  
  407. if($this->objAuth->isLogged() == true) {
  408. require_once 'classes/Login.class.php';
  409. $login = new Login();
  410.     if($login->logoutUsr()) {
  411.         echo '<div class="alert alert-success"><strong>Success!</strong> You logged out properly from the chat. All the data has been saved and is available to you when you log in next time!</div>';
  412.         var_dump($_COOKIE);
  413.     } else {
  414.         echo '<div class="alert alert-danger"><strong>Oh snap!</strong> Something went completly wrong here. We have a <strong><em>false</em></strong> return.. that is harsh. Contact the website administrator please.</div>';
  415.     }
  416. } else {
  417.     echo '<div class="alert alert-info"><strong>Wait a moment..</strong> How about you first create an account, little fella?</div>';
  418. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!