API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 20th, 2018
116
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.33 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. class Config {
  3. public static function get($path = null) {
  4. if($path) {
  5. $config = $GLOBALS['config'];
  6. $path = explode('/', $path);
  7.  
  8. foreach($path as $bit) {
  9. if(isset($config[$bit])) {
  10. $config = $config[$bit];
  11. }
  12. }
  13.  
  14. return $config;
  15. }
  16.  
  17. return false;
  18.  
  19. }
  20. }
  21.  
  22. <?php
  23. class Cookie {
  24. public static function exists($name) {
  25. return (isset($_COOKIE[$name])) ? true : false;
  26. }
  27.  
  28. public static function get($name) {
  29. return $_COOKIE[$name];
  30. }
  31.  
  32. public static function put($name, $value, $expiry) {
  33. if(setcookie($name, $value, time() + $expiry, '/')) {
  34. return true;
  35. }
  36. return false;
  37. }
  38.  
  39. public static function delete($name) {
  40. self::put($name, '', time() -1);
  41. }
  42. }
  43.  
  44. <?php
  45. class DB {
  46. private static $_instance = null;
  47. private $_pdo,
  48. $_query,
  49. $_error =false,
  50. $_results,
  51. $_count = 0;
  52.  
  53. private function __construct() {
  54. try {
  55. $this->_pdo = new PDO('mysql:host=' . Config::get('mysql/host') . ';dbname=' . Config::get('mysql/db'), Config::get('mysql/username'), Config::get('mysql/password'));
  56. } catch(PDOException $e) {
  57. die($e->getMessage());
  58. }
  59. }
  60.  
  61. public static function getInstance() {
  62. if(!isset(self::$_instance)) {
  63. self::$_instance = new DB();
  64. }
  65. return self::$_instance;
  66. }
  67.  
  68. public function query($sql, $params = array()) {
  69. $this->_error = false;
  70. if($this->_query = $this->_pdo->prepare($sql)) {
  71. $x = 1;
  72. if(count($params)) {
  73. foreach($params as $param) {
  74. $this->_query->bindValue($x, $param);
  75. $x++;
  76. }
  77. }
  78.  
  79. if($this->_query->execute()) {
  80. $this->_results = $this->_query->fetchAll(PDO::FETCH_OBJ);
  81. $this->_count = $this->_query->rowCount();
  82. } else {
  83. $this->_error = true;
  84. }
  85. }
  86.  
  87. return $this;
  88. }
  89.  
  90. public function action($action, $table, $where = array()) {
  91. if(count($where) === 3) {
  92. $operators = array('=', '>', '<', '>=', '<=');
  93.  
  94. $field =$where[0];
  95. $operator =$where[1];
  96. $value =$where[2];
  97.  
  98. if(in_array($operator, $operators)) {
  99. $sql = "{$action} FROM {$table} WHERE {$field} {$operator} ?";
  100.  
  101. if(!$this->query($sql, array($value))->error()) {
  102. return $this;
  103. }
  104. }
  105. }
  106. return false;
  107. }
  108. public function get($table, $where) {
  109. return $this->action('SELECT *', $table, $where);
  110.  
  111. }
  112.  
  113. public function delete($table, $where) {
  114. return $this->action('DELETE *', $table, $where);
  115. }
  116.  
  117. public function insert($table, $fields = array()) {
  118. $keys = array_keys($fields);
  119. $values = '';
  120. $x = 1;
  121.  
  122. foreach($fields as $field) {
  123. $values .='?';
  124. if($x < count($fields)) {
  125. $values .=', ';
  126. }
  127. $x++;
  128. }
  129.  
  130. $sql= "INSERT INTO {$table} (`" . implode('`, `', $keys) . "`) VALUES ({$values})";
  131.  
  132. if(!$this->query($sql, $fields)->error()) {
  133. return true;
  134. }
  135.  
  136. return false;
  137. }
  138.  
  139. public function update($table, $id, $fields) {
  140. $set = '';
  141. $x = 1;
  142.  
  143. foreach($fields as $name => $value) {
  144. $set .= "{$name} = ?";
  145. if($x < count($fields)) {
  146. $set .= ', ';
  147. }
  148. $x++;
  149. }
  150.  
  151. $sql = "UPDATE {$table} SET {$set} WHERE id = ($id)";
  152.  
  153. if(!$this->query($sql, $fields)->error()) {
  154. return true;
  155. }
  156.  
  157. return false;
  158. }
  159.  
  160. public function results() {
  161. return $this->_results;
  162. }
  163.  
  164. Public function first() {
  165. return $this->results()[0];
  166. }
  167.  
  168. public function error() {
  169. return $this->_error;
  170. }
  171.  
  172. public function count() {
  173. return $this->_count;
  174. }
  175. }
  176.  
  177. <?php
  178. class Hash {
  179.  
  180. public static function make($string, $salt = '') {
  181. return hash('sha256', $string . $salt);
  182. }
  183.  
  184. public static function salt($length) {
  185. #return mcrypt_create_iv($length);
  186. return substr(str_shuffle(str_repeat("0123456789abcdefghijklmnopqrstuvwxyz", $length)), 0, $length);
  187. }
  188.  
  189. public static function unique() {
  190. return self::make(uniqid());
  191. }
  192. }
  193.  
  194. <?php
  195. class Input {
  196. public static function exists($type = 'post') {
  197. switch($type) {
  198. case 'post':
  199. return (!empty($_POST)) ? true : false;
  200. break;
  201. case 'get':
  202. return (!empty($_GET)) ? true : false;
  203. break;
  204. default:
  205. return false;
  206. break;
  207. }
  208. }
  209.  
  210. public static function get($item) {
  211. if(isset($_POST[$item])) {
  212. return $_POST[$item];
  213. } else if(isset($_GET[$item])) {
  214. return $_GET[$item];
  215. }
  216. return '';
  217. }
  218. }
  219.  
  220. <?php
  221. class Redirect {
  222. public static function to($location = null) {
  223. if($location) {
  224. if(is_numeric($location)) {
  225. switch($location) {
  226. case 404:
  227. header('HTTP/1.0 404 Not Found');
  228. include 'includes/errors/404.php';
  229. exit();
  230. break;
  231. }
  232. }
  233. header('Location:' . $location);
  234. exit();
  235. }
  236. }
  237. }
  238.  
  239. <?php
  240. class Redirect {
  241. public static function to($location = null) {
  242. if($location) {
  243. if(is_numeric($location)) {
  244. switch($location) {
  245. case 404:
  246. header('HTTP/1.0 404 Not Found');
  247. include 'includes/errors/404.php';
  248. exit();
  249. break;
  250. }
  251. }
  252. header('Location:' . $location);
  253. exit();
  254. }
  255. }
  256. }
  257.  
  258. <?php
  259. class Token {
  260. public static function generate() {
  261. return Session::put(Config::get('session/token_name'), md5(uniqid()));
  262. }
  263.  
  264. public static function check($token) {
  265. $tokenName = Config::get('session/token_name');
  266.  
  267. if(Session::exists($tokenName) && $token === Session::get($tokenName)) {
  268. Session::delete($tokenName);
  269. return true;
  270. }
  271.  
  272. return false;
  273. }
  274. }
  275.  
  276. <?php
  277. class User {
  278. private $_db,
  279. $_data,
  280. $_sessionName,
  281. $_cookieName,
  282. $_isLoggedIn;
  283.  
  284. public function __construct($user = null) {
  285. $this->_db = DB::getInstance();
  286.  
  287. $this->_sessionName = Config::get('session/session_name');
  288. $this->_cookieName = Config::get('remember/cookie_name');
  289.  
  290. if(!$user) {
  291. if(Session::exists($this->_sessionName)) {
  292. $user = Session::get($this->_sessionName);
  293.  
  294. if($this->find($user)) {
  295. $this->_isLoggedIn = true;
  296. } else {
  297. // process Logout
  298. }
  299. }
  300. } else {
  301. $this->find($user);
  302. }
  303.  
  304. }
  305.  
  306. public function create($fields = array()) {
  307. if(!$this->_db->insert('users', $fields)) {
  308. throw new Exception('There was a problem creating an account.');
  309. }
  310. }
  311.  
  312. public function find($user = null) {
  313. if($user) {
  314. $field = (is_numeric($user)) ? 'id' : 'username';
  315. $data = $this->_db->get('users', array($field, '=', $user));
  316.  
  317. if($data->count()) {
  318. $this->_data = $data->first();
  319. return true;
  320. }
  321. }
  322. return false;
  323. }
  324.  
  325. public function login($username = null, $password = null, $remember = false) {
  326. $user = $this->find($username);
  327.  
  328. if($user) {
  329. if($this->data()->password === Hash::make($password, $this->data()->salt)) {
  330. Session::put($this->_sessionName, $this->data()->id);
  331.  
  332. if($remember) {
  333. $hash = Hash::unique();
  334. $hashCheck = $this->_db->get('users_session', array('user_id', '=', $this->data()->id));
  335.  
  336. if(!$hashCheck->count()) {
  337. $this->_db->insert('users_session', array(
  338. 'user_id' => $this->data()->id,
  339. 'hash' => $hash
  340. ));
  341. } else {
  342. $hash = $hashCheck->first()->hash;
  343. }
  344.  
  345. Cookie::put($this->_cookieName, $hash, Config::get('remember/cookie_expiry'));
  346. }
  347.  
  348. return true;
  349. }
  350. }
  351.  
  352. return false;
  353. }
  354.  
  355. public function logout() {
  356. Session::delete($this->_sessionName);
  357. }
  358.  
  359. public function data() {
  360. return $this->_data;
  361. }
  362.  
  363. public function isLoggedIn() {
  364. return $this->_isLoggedIn;
  365. }
  366. }
  367.  
  368. <?php
  369. class Validate {
  370. private $_passed = false,
  371. $_errors = array(),
  372. $_db = null;
  373.  
  374. public function __construct() {
  375. $this->_db = DB::getInstance();
  376. }
  377.  
  378. Public function check($source, $items = array()) {
  379. foreach($items as $item => $rules) {
  380. foreach($rules as $rule => $rule_value) {
  381.  
  382. $value = trim($source[$item]);
  383. $item = escape($item);
  384.  
  385. if($rule === 'required' && empty($value)) {
  386. $this->addError("{$item} is required");
  387. } else if(!empty($value)){
  388. switch($rule) {
  389. case 'min':
  390. if(strlen($value) < $rule_value) {
  391. $this->addError("{$item} must be a minimun of {$rule_value} vcharacters.");
  392. }
  393. break;
  394. case 'max':
  395. if(strlen($value) > $rule_value) {
  396. $this->addError("{$item} must be a maximum of {$rule_value} characters.");
  397. }
  398. break;
  399. case 'matches':
  400. if($value != $source[$rule_value]) {
  401. $this->addError("{$rule_value} must match {$item}");
  402. }
  403. break;
  404. case 'unique':
  405. $check = $this->_db->get($rule_value, array($item, '=', $value));
  406. if($check->count()) {
  407. $this->addError("{$item} already exists.");
  408. }
  409. break;
  410. }
  411. }
  412.  
  413. }
  414. }
  415.  
  416. if(empty($this->_errors)) {
  417. $this->_passed = true;
  418. }
  419.  
  420. return $this;
  421. }
  422.  
  423. private function addError($error) {
  424. $this->_errors[] = $error;
  425. }
  426.  
  427. public function errors() {
  428. return $this->_errors;
  429. }
  430.  
  431. public function passed() {
  432. return $this->_passed;
  433. }
  434. }
  435.  
  436. <?php
  437. session_start();
  438.  
  439. $GLOBALS['config'] = array(
  440. 'mysql' => array(
  441. 'host' => 'localhost',
  442. 'username' => '******',
  443. 'password' => '******',
  444. 'db' => 'users-pass'
  445. ),
  446. 'remember' => array(
  447. 'cookie_name' => 'hash',
  448. 'cookie_expiry' => 604800
  449. ),
  450. 'session' => array(
  451. 'session_name' => 'user',
  452. 'token_name' => 'token'
  453. )
  454. );
  455.  
  456. spl_autoload_register(function($class) {
  457. require_once 'classes/' . $class . '.php';
  458. });
  459.  
  460. require_once 'functions/sanitize.php';
  461.  
  462. if(Cookie::exists(Config::get('remember/cookie_name')) && !Session::exists(Config::get('session/session_name'))) {
  463. echo 'User asked to be remembered';
  464. }
  465.  
  466. <?php
  467. function escape($string){
  468. return htmlentities($string, ENT_QUOTES, 'UTF-8');
  469. }
  470.  
  471. <?php
  472. require_once 'core/init.php';
  473.  
  474. if(Session::exists('home')) {
  475. echo '<p>' . Session::flash('home') . '</p>';
  476. }
  477.  
  478. $user = new User();
  479. if($user->isLoggedIn()) {
  480. ?>
  481. <p>Hello <a href="#"><?php echo escape($user->data()->username); ?></a>!</p>
  482.  
  483. <ul>
  484. <li><a href="logout.php">Log out</a></li>
  485. </ul>
  486.  
  487. <?php
  488. } else {
  489. echo '<p>You need to <a href="login.php">log in</a> or <a href="register.php">register</a></p>';
  490. }
  491.  
  492. <?php
  493. require_once 'core/init.php';
  494.  
  495. if(Input::exists()) {
  496. if(Token::check(Input::get('token'))) {
  497.  
  498. $validate = new Validate();
  499. $validation = $validate->check($_POST, array(
  500. 'username' => array('required' => true),
  501. 'password' => array('required' => true)
  502. ));
  503.  
  504. if($validation->passed()) {
  505. $user = new User();
  506.  
  507. $remember = (Input::get('remeber') === 'on') ? true : false;
  508. $login = $user->login(Input::get('username'), Input::get('password'), $remember);
  509.  
  510. if($login) {
  511. Redirect::to('index.php');
  512. } else {
  513. echo '<p>Sorry, logging in failed.</p>';
  514. }
  515.  
  516. } else {
  517. foreach ($validation->errors() as $error) {
  518. echo $error, '<br>';
  519. }
  520. }
  521.  
  522. }
  523. }
  524. ?>
  525.  
  526. <form action="" method="post">
  527. <div class="field">
  528. <label for="username">Username</label>
  529. <input type="text" name="username" id="username" autocomplete="off">
  530. </div>
  531.  
  532. <div class="field">
  533. <label for="password">Password</label>
  534. <input type="password" name="password" id="password" autocomplete="off">
  535. </div>
  536.  
  537. <div class="field">
  538. <label for="remember">
  539. <input type="checkbox" name="remember" id="remember"> Remember me
  540. </label>
  541. </div>
  542.  
  543. <input type="hidden" name="token" value="<?php echo Token::generate(); ?>">
  544. <input type="submit" value="Log in">
  545. </form>
  546.  
  547. <?php
  548. require_once 'core/init.php';
  549.  
  550. $user = new User();
  551. $user->logout();
  552.  
  553. Redirect::to('index.php');
  554.  
  555. <?php
  556. require_once 'core/init.php';
  557.  
  558. if(Input::exists()) {
  559. if(Token::check(Input::get('token'))) {
  560.  
  561. $validate = new Validate();
  562. $validation = $validate->check($_POST, array(
  563. 'username' => array(
  564. 'required' => true,
  565. 'min' => 2,
  566. 'max' => 20,
  567. 'unique' => 'users'
  568. ),
  569. 'password' => array(
  570. 'required' => true,
  571. 'min' => 6
  572. ),
  573. 'password_again' => array(
  574. 'required' => true,
  575. 'matches' => 'password'
  576. ),
  577. 'name' => array(
  578. 'required' => true,
  579. 'min' => 2,
  580. 'max' => 50
  581. )
  582. ));
  583.  
  584. if($validation->passed()) {
  585. $user = new User();
  586.  
  587. $salt = Hash::salt(32);
  588.  
  589. try {
  590.  
  591. $user->create(array(
  592. 'username' => Input::get('username'),
  593. 'password' => Hash::make(Input::get('password'), $salt),
  594. 'salt' => $salt,
  595. 'name' => Input::get('name'),
  596. 'joined'=> date('Y-m-d H:i:s'),
  597. 'group' => 1
  598. ));
  599.  
  600. Session::flash('home', 'You have been registered and can now log in!');
  601. Redirect::to('index.php');
  602.  
  603. } catch(Exception $e) {
  604. die($e->getMessage());
  605. }
  606. } else {
  607. foreach($validation->errors() as $error) {
  608. echo $error, '<br>';
  609. }
  610. }
  611. }
  612. }
  613. ?>
  614.  
  615. <form action="" method="post">
  616. <div class="field">
  617. <label for="username">Username</label>
  618. <input type="text" name="username" id="username" value="<?php echo escape(Input::get('username')); ?>" autocomplete="off">
  619. </div>
  620.  
  621. <div class="field">
  622. <label for="password">Choose a password</label>
  623. <input type="password" name="password" id="password">
  624. </div>
  625.  
  626. <div class="field">
  627. <label for="password_again">Enter your password again</label>
  628. <input type="password" name="password_again" id="password_again">
  629. </div>
  630.  
  631. <div class="field">
  632. <label for="name">Enter your name</label>
  633. <input type="text" name="name" value="<?php echo escape(Input::get('name')); ?>" id="name">
  634. </div>
  635.  
  636. <input type="hidden" name="token" value="<?php echo Token::generate(); ?>">
  637. <input type="submit" value="Register">
  638. </form>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!