Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2016-02-01 | Implement authentication helper functions in User class | Malf Furious | 1 | -0/+24 | |
Added function to initialize a User object by username wrather than GUID. Added function to validate a user-supplied plain-text password for a given user | |||||
2016-01-31 | Log in on signup success | Malf Furious | 2 | -1/+10 | |
Now, on a successful submission of the signup view form (Auth MVC), the app automatically logs in the newly-created user and redirects to Framework::ap() . "/". Placeholder code has been added to the root controller to simply var_dump() the current logged in user if one exists, otherwise the login view (Auth MVC) is shown | |||||
2016-01-31 | Implement PHP session semantics in Framework class | Malf Furious | 1 | -0/+41 | |
Added PHP session handling to core framework. Functions now exist to set the current user, get the current user, and get the IP address used to login (to compare with furure requests on the same session to combat session hijacking). | |||||
2016-01-31 | Merge Auth MVC, initial_signup action into signup | Malf Furious | 2 | -15/+5 | |
There was a mistake that caused the page notice about no accounts existing to sometimes not showup in error. This merge resolves that issue as well as tidys up the code a bit. | |||||
2016-01-30 | Implement signup_submit action on Auth MVC | Malf Furious | 2 | -0/+44 | |
Submissions to the Auth signup page are now fully handled by either creating a new account (User object in the system) or posting an error message to the page (Auth model) | |||||
2016-01-30 | Add functionality to create new User objects | Malf Furious | 1 | -0/+54 | |
User class now has a new function which will take a $username and a $password and use it to initialize itself as well as write new object data to the database. This commit introduces a helper function getKey() (from class User) for creating user object keys by hashing the contatenation of its password and salt. This commit introduces a helper function usernameInUse() (from class User) for ensuring the uniqueness of names amongst user-type objects | |||||
2016-01-30 | Update app source of entropy for creating random blobs | Malf Furious | 1 | -2/+9 | |
Removed use of PHP's rand() functon in favor of openssl extension's openssl_random_pseudo_bytes() to create blobs with better entropy. Created function getBlob (from class Object) to get a sha256 hash created from randomness for use as object GUIDs, password salts, application tokens, etc. | |||||
2016-01-30 | Handle object timestamps automatically in Object::saveObj() | Malf Furious | 1 | -0/+14 | |
The saveObj() function now initializes and update the timeCreated and timeUpdated fields of objects on its own. A new function, getCurrentTimestamp() (from class Object) is introduced to aid simpler fetching of the date and time | |||||
2016-01-30 | Modify database schema and semantics for user objects | Malf Furious | 1 | -2/+1 | |
When user objects are initially created they need to hold a NULL owner value (since users are self-owning objects and prior to db insertion their own guid is not known). Also, the timeUpdated field will no longer hold special meaning for user objects and is now going to be treated as consistent with the rest of the data model. | |||||
2016-01-28 | Finish signup and initialSignup actions on Auth MVC | Malf Furious | 2 | -2/+35 | |
If no accounts exist no login page will be shown. Instead, the app presents the signup page to allow the administrator to create his account. This is the only case where a new account should be an admin by default. | |||||
2016-01-28 | Add admin field to user table | Malf Furious | 2 | -0/+2 | |
User accounts now have a field to denote whether they are site administrators. The first account created during app initial configuration is an admin automatically. | |||||
2016-01-27 | + Added view for account registration | Malf Furious | 1 | -0/+60 | |
2016-01-26 | + Added function to User class to fetch all users from DB | Malf Furious | 2 | -0/+26 | |
* Altered Auth MVC deflt action to return false if no users are found. This way, the Auth controller can automatically present user a page to create an admin account | |||||
2016-01-26 | + Added a basic login page design | Malf Furious | 1 | -0/+34 | |
2016-01-03 | Merge branch 'dev' into auth | Malf Furious | 1 | -1/+1 | |
2016-01-03 | * Bug fix in sysconf model - save action: problem with how the code is ↵ | Malf Furious | 1 | -1/+1 | |
redirecting to the app root on success (needed to add a trailing shash character) | |||||
2016-01-03 | * Start of application navbar | Malf Furious | 3 | -21/+28 | |
* Digested some example code | |||||
2016-01-03 | + Adding default view for Auth MVC | Malf Furious | 1 | -0/+13 | |
2016-01-03 | * Hooked the Auth MVC from the Root controller | Malf Furious | 1 | -1/+6 | |
2016-01-03 | + Added model for Auth MVC | Malf Furious | 1 | -0/+15 | |
2016-01-03 | + Added controller for new MVC "Auth" | Malf Furious | 1 | -0/+33 | |
2016-01-02 | + Adding initial view files for common MVC | Malf Furious | 3 | -0/+3 | |
2016-01-02 | + Added model for new page master layer ("Common" MVC) | Malf Furious | 1 | -0/+9 | |
2016-01-01 | Merge branch 'datastructures' into dev | Malf Furious | 9 | -1/+210 | |
2016-01-01 | + Added class file for setting table | Malf Furious | 2 | -1/+29 | |
2016-01-01 | + Added class file for message table | Malf Furious | 1 | -0/+26 | |
2016-01-01 | + Added class file for issue table | Malf Furious | 1 | -0/+28 | |
2015-12-31 | + Added class file for stage table | Malf Furious | 1 | -0/+25 | |
2015-12-31 | + Added class file for Pad table | Malf Furious | 1 | -0/+26 | |
2015-12-30 | + Added class file for group table | Malf Furious | 1 | -0/+20 | |
2015-12-30 | + Created class file for extern-user table | Malf Furious | 1 | -0/+26 | |
2015-12-30 | + Created db table child class for User table | Malf Furious | 1 | -0/+30 | |
2015-12-24 | * Added required=true to form fields on bootstrap views | Malf Furious | 1 | -3/+3 | |
2015-12-24 | * Now performing a database connection test before allowing the sytsconf ↵ | Malf Furious | 1 | -1/+20 | |
page submission to succeed | |||||
2015-12-18 | Merge branch 'framework' into dev | Malf Furious | 29 | -9/+1309 | |
2015-12-18 | ! Review of app/ directory for merging upstream to dev has been ↵ | Malf Furious | 1 | -0/+3 | |
completed..... whew + Added some TODO comments for later development | |||||
2015-12-18 | * Moved all remaining example content out of the app/ directory and into a ↵ | Malf Furious | 1 | -0/+0 | |
new /examples/ directory | |||||
2015-12-18 | - Rm'd example content images from assets directory | Malf Furious | 6 | -0/+0 | |
2015-12-18 | + Added DBObject class -- A non-abstract version of Object class | Malf Furious | 1 | -0/+15 | |
2015-12-18 | * now using rand() instead of random_bytes for numbers | Malf Furious | 1 | -1/+1 | |
2015-12-18 | + Implemented Object::getNewGUID function for Object class | Malf Furious | 1 | -0/+15 | |
2015-12-18 | + Added function "isGUID" to object class for checking whether GUIDs exist | Malf Furious | 1 | -0/+17 | |
2015-12-18 | * Defined some default values for function parameters for object class -- ↵ | Malf Furious | 1 | -2/+2 | |
planning to make a class "RawObject" so that objects may be created in a polymorphic way | |||||
2015-12-18 | + Added delObj function to object class | Malf Furious | 1 | -0/+17 | |
2015-12-18 | + Added saveObj function to Object class | Malf Furious | 1 | -1/+93 | |
2015-12-17 | + Added abstract base class for Scrott database objects (implemented ↵ | Malf Furious | 1 | -0/+71 | |
constructor and loadObj functions) | |||||
2015-12-17 | * Bug fix in Mysql support class -- misuse of Mysql result object and its ↵ | Malf Furious | 1 | -2/+2 | |
member function fetch_assoc | |||||
2015-12-17 | + Added function to framework class for getting (or creating) the app's ↵ | Malf Furious | 1 | -0/+32 | |
singleton db connection object. If no connection is established, logic uses system-level configuration to decide how to connect before returning | |||||
2015-12-17 | + Added generic database interface to use throughout the app since I'm ↵ | Malf Furious | 2 | -0/+76 | |
planning on supporting multiple database engines + Defined interface for Mysql DBMS for Scrott | |||||
2015-12-08 | + Added controller security assertions: require_https and forbid_https | M | 1 | -0/+20 | |