summaryrefslogtreecommitdiffstats
path: root/examples
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--examples/class/controller.class.php35
-rw-r--r--examples/class/framework.class.php67
-rw-r--r--examples/class/object.class.php22
-rw-r--r--examples/class/user.class.php121
4 files changed, 0 insertions, 245 deletions
diff --git a/examples/class/controller.class.php b/examples/class/controller.class.php
index 0ab1a69..3e05812 100644
--- a/examples/class/controller.class.php
+++ b/examples/class/controller.class.php
@@ -1,25 +1,5 @@
<?php
-/*
- * SCROTT Copyright (C) 2016 Malf Furious
- *
- * Scrott is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
- * by the Free Software Foundation, either version 3 of the License,
- * or (at your option) any later version.
- *
- * Scrott is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
- * License for more details.
- */
-
-require_once "class/framework.class.php";
-
-/*
- * Abstract controller -- Contains app security constraints and provides access to
- * framework internals from concrete controllers
- */
abstract class Controller extends Framework
{
/*
@@ -46,21 +26,6 @@ abstract class Controller extends Framework
if (isset($_SERVER['HTTPS']))
$this->redirectTo("http://" . $_SERVER['SERVER_NAME'] . $this->ap());
}
-
- /*
- * Security check
- * Assert that the client's IP address does not change during its session. If a change is detected, logout.
- */
- function sec_verify_ip()
- {
- $addr = $_SERVER['REMOTE_ADDR'];
-
- if ($this->getCurrentUser() && $addr != $this->getOriginIP())
- {
- $this->setCurrentUser();
- $this->redirectTo($this->ar() . "/");
- }
- }
}
?>
diff --git a/examples/class/framework.class.php b/examples/class/framework.class.php
index 802c821..0461da7 100644
--- a/examples/class/framework.class.php
+++ b/examples/class/framework.class.php
@@ -1,30 +1,7 @@
<?php
-/* Define Scrott version number */
-define("__VERSION__", "v0.0");
-
-/* Init PHP session */
-session_start();
-
-require_once "class/mysql.class.php";
-require_once "class/user.class.php";
-
-/*
- * Global functions / operations and access to contextual or session-based information
- */
abstract class Framework
{
- static $dbobj = null;
-
- /*
- * Check for the existence of Scrott's system-level config
- */
- function scrottConfExists()
- {
- global $_SCROTT;
- return isset($_SCROTT['conf']);
- }
-
/*
* Get the absolute path on this server for the root of this app
*/
@@ -51,50 +28,6 @@ abstract class Framework
}
/*
- * Get a user object for the currently logged in user. Returns false if session is logged out.
- */
- function getCurrentUser()
- {
- if (isset($_SESSION['userguid']))
- {
- $user = new User($_SESSION['userguid']);
-
- if ($user->type == "user")
- return $user;
-
- $this->setCurrentUser();
- }
-
- return false;
- }
-
- /*
- * Get the IP address the client held when the current session began
- */
- function getOriginIP()
- {
- return $_SESSION['userip'];
- }
-
- /*
- * Set the current logged in user
- */
- function setCurrentUser($user = null)
- {
- if ($user != null && isset($user->guid))
- {
- $_SESSION['userguid'] = $user->guid;
- $_SESSION['userip'] = $_SERVER['REMOTE_ADDR'];
- }
-
- else
- {
- unset($_SESSION['userguid']);
- unset($_SESSION['userip']);
- }
- }
-
- /*
* Get or create the app's database connection object (this is a singleton object and dependent on system-level config)
*/
static function getDbConnection()
diff --git a/examples/class/object.class.php b/examples/class/object.class.php
index 3acea4f..4bafc5c 100644
--- a/examples/class/object.class.php
+++ b/examples/class/object.class.php
@@ -3,28 +3,6 @@
abstract class Object extends Framework
{
/*
- * Check if given user (or group) is the owner of this object
- */
- function isOwner($ug)
- {
- return $this->getOwner()->guid == $ug->guid;
- }
-
- /*
- * Check if given user (or group) is a member of this object
- */
- function isMember($ug)
- {
- foreach ($this->getMembers() as $member)
- {
- if ($member->guid == $ug->guid)
- return true;
- }
-
- return false;
- }
-
- /*
* Check if given user has permissions for this object
*/
function canAccess($user)
diff --git a/examples/class/user.class.php b/examples/class/user.class.php
index b8143a9..eff5fd0 100644
--- a/examples/class/user.class.php
+++ b/examples/class/user.class.php
@@ -1,129 +1,8 @@
<?php
-/*
- * SCROTT Copyright (C) 2016 Malf Furious
- *
- * Scrott is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published
- * by the Free Software Foundation, either version 3 of the License,
- * or (at your option) any later version.
- *
- * Scrott is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
- * License for more details.
- */
-
-require_once "class/object.class.php";
-require_once "class/group.class.php";
-
-/*
- * Application users
- */
class User extends Object
{
/*
- * Constructor
- */
- function __construct($guid = null)
- {
- $cols = array(
- "guid",
- "key",
- "salt",
- "alias",
- "admin",
- "email",
- "emailConf",
- "emailConfKey"
- );
-
- parent::__construct("user", $cols);
- $this->loadObj($guid);
- }
-
- /*
- * Initialize object by username
- */
- function initByUsername($username)
- {
- $query = "SELECT guid FROM object WHERE type = 'user' AND name = '" . $this->db->esc($username) . "'";
- $result = $this->db->query($query);
-
- if (count($result) == 0)
- return false;
-
- $this->loadObj($result[0]['guid']);
- return true;
- }
-
- /*
- * Get all users -- ordered by name, ascending
- */
- function getAllUsers_orderByName()
- {
- $query = "SELECT guid FROM `object` WHERE `type` = 'user' ORDER BY name";
- $result = $this->db->query($query);
-
- $users = array();
-
- foreach ($result as $u)
- $users[] = new User($u['guid']);
-
- return $users;
- }
-
- /*
- * Get all users -- ordered by admin DESC (admins first), then by name
- */
- function getAllUsers_orderByAdminByName()
- {
- $query = "SELECT o.guid FROM object o JOIN user u ON o.guid = u.guid WHERE o.type = 'user' ORDER BY u.admin DESC, o.name";
- $result = $this->db->query($query);
-
- $users = array();
-
- foreach ($result as $u)
- $users[] = new User($u['guid']);
-
- return $users;
- }
-
- /*
- * Get the number of administrative accounts in the system
- */
- function getNumAdmins()
- {
- $query = "SELECT count(*) as cnt FROM user WHERE admin = 1";
- $results = $this->db->query($query);
- return $results[0]['cnt'];
- }
-
- /*
- * Check whether a given username is currently in use
- */
- function usernameInUse($username)
- {
- $escd_username = $this->db->esc($username);
-
- $query = "SELECT name FROM object WHERE type = 'user' AND name = '" . $escd_username . "'";
- $results = $this->db->query($query);
-
- if (count($results) > 0)
- return true;
-
- return false;
- }
-
- /*
- * Generate a key from a user's password and salt
- */
- function getKey($password, $salt)
- {
- return hash("sha256", $salt . $password);
- }
-
- /*
* Create a new User object with the given username and keyed with the given plain-text password
* This function returns false if $username is already being used
* On success, this object should be initialized as the new user (use only on new User() objects)