hedera-web-mindshore/vn/web/app.php

<?php

namespace Vn\Web;

require_once ('vn/lib/app.php');
require_once ('vn/lib/util.php');

use Vn\Lib;
use Vn\Lib\Locale;
use Vn\Db\Conn;

/**
 * Thrown when user credentials could not be fetched.
 **/
class SessionExpiredException extends \Exception {}

/**
 * Thrown when user credentials are invalid.
 **/
class BadLoginException extends \Exception {}

/**
 * Thrown when client version is outdated.
 **/
class OutdatedVersionException extends \Exception {}

/**
 * Main class for web applications.
 **/
abstract class App extends Lib\App
{
	/**
	 * Starts the user session.
	 **/
	function startSession ()
	{
		if ($this->isHttps ())
			ini_set ('session.cookie_secure', TRUE);
	
		session_start ();
	
		// Setting the locale

		if (isset ($_SERVER['HTTP_ACCEPT_LANGUAGE']))
		if (!isset ($_SESSION['http_language'])
		|| $_SESSION['http_language'] != $_SERVER['HTTP_ACCEPT_LANGUAGE'])
		{
			$_SESSION['http_language'] = $_SERVER['HTTP_ACCEPT_LANGUAGE'];			
			$regexp = '/([a-z]{1,4})(?:-[a-z]{1,4})?\s*(?:;\s*q\s*=\s*(?:1|0\.[0-9]+))?,?/i';

			preg_match_all ($regexp, $_SERVER['HTTP_ACCEPT_LANGUAGE'], $languages);

			foreach ($languages[1] as $lang)
			if (stream_resolve_include_path ("locale/$lang"))
			{
				$_SESSION['lang'] = $lang;
				break;
			}
		}

		if (!isset ($_SESSION['lang']))
			$_SESSION['lang'] = NULL;
		
		Locale::set ($_SESSION['lang']);

		// Registering the visit

		if (!isset ($_COOKIE['PHPSESSID'])
		|| isset ($_SESSION['access'])
		|| isset ($_SESSION['skipVisit']))
			return;

		$agent = $_SERVER['HTTP_USER_AGENT'];
		$browser = get_browser ($agent, TRUE);
		
		if (isset ($browser['crawler']) && $browser['crawler'])
		{
			$_SESSION['skipVisit'] = TRUE;
			return;
		}

		if (isset ($_SERVER['REMOTE_ADDR']))
			$ip = ip2long ($_SERVER['REMOTE_ADDR']);

		$sysConn = $this->getSysConn ();
		$row = $sysConn->getRow (
			'CALL visit_register (#, #, #, #, #, #, #, #, #)',
			[
				 nullIf ($_COOKIE, 'vn_visit')
				,nullIf ($browser, 'platform')
				,nullIf ($browser, 'browser') 
				,nullIf ($browser, 'version')
				,nullIf ($browser, 'javascript')
				,nullIf ($browser, 'cookies')
				,isset ($agent) ? $agent : NULL
				,isset ($ip) && $ip ? $ip : NULL
				,nullIf ($_SERVER, 'HTTP_REFERER')
			]
		);

		if (isset ($row['access']))
		{
			setcookie ('vn_visit', $row['visit'], time () + 31536000); // 1 Year
			$_SESSION['access'] = $row['access'];
		}
		else
			$_SESSION['skipVisit'] = TRUE;
	}

	/**
	 * Checks if the HTTP connection is secure.
	 *
	 * @return boolean Return %TRUE if its secure, %FALSE otherwise
	 **/
	function isHttps ()
	{
		return isset ($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on';
	}
	
	/**
	 * Obtains the application version number. It is based on de last
	 * modification date of the main script.
	 **/
	function getVersion ()
	{
		return (int) strftime ('%G%m%d%H%M%S',
			filectime ($_SERVER['SCRIPT_FILENAME']));
	}

	/**
	 * Gets the configuration file name.
	 **/
	function getConfigFile ()
	{
		if (!empty ($_SERVER['SERVER_NAME'])
		&& preg_match ('/^[\w\-\.]+$/', $_SERVER['SERVER_NAME']))
		{
			$hostSplit = explode ('.', $_SERVER['SERVER_NAME']);
			$configDir = _CONFIG_DIR .'/'. $this->name;
			$hostFile = $configDir .'/config.'. $hostSplit[0] .'.php';
		}

		if (isset ($hostFile) && file_exists ($hostFile))
			return $hostFile;
		else
			return parent::getConfigFile ();
	}

	/**
	 * Tries to retrieve user credentials from many sources such as POST,
	 * SESSION or COOKIES. If $_POST['remember'] is defined the user credentials 
	 * are saved on the client brownser for future logins, cookies names are
	 * 'vn_user' for the user name and 'vn_pass' for user password, the
	 * password is encoded using base64_encode() function and should be decoded
	 * using base64_decode().
	 **/
	function login ()
	{
		if ($this->conn)
			return $this->conn;
	
		$user = NULL;
		$password = NULL;
		$rememberUser = TRUE;
		$rememberPass = FALSE;
		$credentialsChanged = TRUE;
		$wasLoged = isset ($_SESSION['user']);
		
		if (isset ($_POST['guest']))
		{
			$sysConn = $this->getSysConn ();
			$row = $sysConn->getRow (
				'SELECT guest_user, guest_pass FROM config');

			if ($row)
			{
				$user = $row['guest_user'];
				$password = base64_decode ($row['guest_pass']);
				$rememberUser = FALSE;
			}
		}
		elseif (isset ($_POST['user']) && isset ($_POST['password']))
		{
			$user = $_POST['user'];
			$password = $_POST['password'];

			if (isset ($_POST['remember']) && $_POST['remember'])
				$rememberPass = TRUE;
		}
		elseif (isset ($_SESSION['user']))
		{
			$user = $_SESSION['user'];
			$password = $_SESSION['password'];
			$credentialsChanged = FALSE;
		}
		elseif (isset ($_COOKIE['vn_user']) && isset ($_COOKIE['vn_pass']))
		{
			$user = $_COOKIE['vn_user'];
			$password = base64_decode ($_COOKIE['vn_pass']);
			$rememberPass = TRUE;
		}

		if (!isset ($user))
			throw new SessionExpiredException ();

		try {
			$db = $this->createConnection ($user, $password);
			$db->query ('CALL user_session_start (#)', [session_id ()]);
			$this->conn = $db;

			if ($rememberUser)
			{
				$cookieLife = time () + 7 * 86400; // 7 Days
				setcookie ('vn_user', $user, $cookieLife);

				if ($rememberPass)
					setcookie ('vn_pass',
						base64_encode ($password), $cookieLife);
			}

			$_SESSION['user'] = $user;
			$_SESSION['password'] = $password;
		}
		catch (\Exception $e)
		{
			$this->conn = NULL;
			throw new BadLoginException ();
		}

		// Registering the user access

		if (!$wasLoged)
			unset ($_SESSION['visitUser']);

		if (isset ($_SESSION['access'])
		&& !isset ($_SESSION['visitUser']))
		{
			$sysConn = $this->getSysConn ();
			$_SESSION['visitUser'] = $sysConn->getValue (
				'CALL visit_user_new (#, #, #)',
				[
					 $_SESSION['access']
					,nullIf ($_SESSION, 'visitUser')
					,session_id ()
				]
			);
	
			if (!isset ($_SESSION['visitUnknown']))
				$_SESSION['visitUnknown'] = $_SESSION['visitUser'];
		}
		
		return $db;
	}
	
	/**
	 * Cleans the last saved used credentials.
	 **/
	function logout ()
	{
		$_SESSION['visitUser'] = nullIf ($_SESSION, 'visitUnknown');
		
		setcookie ('vn_pass', '', -1);
		unset ($_COOKIE['vn_pass']);
		unset ($_SESSION['user']);
		unset ($_SESSION['password']);
		
		if ($this->conn)
		{
			$this->conn->query (
				'DELETE FROM user_session_view '
				 .'WHERE connection_id = CONNECTION_ID()'
			);
			$this->conn->close ();
			$this->conn = NULL;
		}
	}

	/**
	 * Deinitializes the Application. When init method is called, this 
	 * function is called automatically at the end of the script .
	 **/
	function deinit ()
	{
		if ($this->conn)
			$this->conn->query ('CALL user_session_end ()');
			
		parent::deinit ();
	}
}

?>
Backup 2016-07-22 20:00:27 +00:00			`<?php`

			`namespace Vn\Web;`

			`require_once ('vn/lib/app.php');`
			`require_once ('vn/lib/util.php');`

			`use Vn\Lib;`
			`use Vn\Lib\Locale;`
			`use Vn\Db\Conn;`

			`/**`
			`* Thrown when user credentials could not be fetched.`
			`**/`
			`class SessionExpiredException extends \Exception {}`

			`/**`
			`* Thrown when user credentials are invalid.`
			`**/`
			`class BadLoginException extends \Exception {}`

			`/**`
			`* Thrown when client version is outdated.`
			`**/`
			`class OutdatedVersionException extends \Exception {}`

			`/**`
			`* Main class for web applications.`
			`**/`
			`abstract class App extends Lib\App`
			`{`
			`/**`
			`* Starts the user session.`
			`**/`
			`function startSession ()`
			`{`
			`if ($this->isHttps ())`
			`ini_set ('session.cookie_secure', TRUE);`

			`session_start ();`

			`// Setting the locale`

			`if (isset ($_SERVER['HTTP_ACCEPT_LANGUAGE']))`
			`if (!isset ($_SESSION['http_language'])`
			`\|\| $_SESSION['http_language'] != $_SERVER['HTTP_ACCEPT_LANGUAGE'])`
			`{`
			`$_SESSION['http_language'] = $_SERVER['HTTP_ACCEPT_LANGUAGE'];`
			`$regexp = '/([a-z]{1,4})(?:-[a-z]{1,4})?\s(?:;\sq\s=\s(?:1\|0\.[0-9]+))?,?/i';`

			`preg_match_all ($regexp, $_SERVER['HTTP_ACCEPT_LANGUAGE'], $languages);`

			`foreach ($languages[1] as $lang)`
			`if (stream_resolve_include_path ("locale/$lang"))`
			`{`
			`$_SESSION['lang'] = $lang;`
			`break;`
			`}`
			`}`

			`if (!isset ($_SESSION['lang']))`
			`$_SESSION['lang'] = NULL;`

			`Locale::set ($_SESSION['lang']);`

			`// Registering the visit`

			`if (!isset ($_COOKIE['PHPSESSID'])`
			`\|\| isset ($_SESSION['access'])`
			`\|\| isset ($_SESSION['skipVisit']))`
			`return;`

			`$agent = $_SERVER['HTTP_USER_AGENT'];`
			`$browser = get_browser ($agent, TRUE);`

			`if (isset ($browser['crawler']) && $browser['crawler'])`
			`{`
			`$_SESSION['skipVisit'] = TRUE;`
			`return;`
			`}`

			`if (isset ($_SERVER['REMOTE_ADDR']))`
			`$ip = ip2long ($_SERVER['REMOTE_ADDR']);`

			`$sysConn = $this->getSysConn ();`
			`$row = $sysConn->getRow (`
			`'CALL visit_register (#, #, #, #, #, #, #, #, #)',`
			`[`
			`nullIf ($_COOKIE, 'vn_visit')`
			`,nullIf ($browser, 'platform')`
			`,nullIf ($browser, 'browser')`
			`,nullIf ($browser, 'version')`
			`,nullIf ($browser, 'javascript')`
			`,nullIf ($browser, 'cookies')`
			`,isset ($agent) ? $agent : NULL`
			`,isset ($ip) && $ip ? $ip : NULL`
			`,nullIf ($_SERVER, 'HTTP_REFERER')`
			`]`
			`);`

			`if (isset ($row['access']))`
			`{`
			`setcookie ('vn_visit', $row['visit'], time () + 31536000); // 1 Year`
			`$_SESSION['access'] = $row['access'];`
			`}`
			`else`
			`$_SESSION['skipVisit'] = TRUE;`
			`}`

			`/**`
			`* Checks if the HTTP connection is secure.`
			`*`
			`* @return boolean Return %TRUE if its secure, %FALSE otherwise`
			`**/`
			`function isHttps ()`
			`{`
			`return isset ($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on';`
			`}`

			`/**`
			`* Obtains the application version number. It is based on de last`
			`* modification date of the main script.`
			`**/`
			`function getVersion ()`
			`{`
			`return (int) strftime ('%G%m%d%H%M%S',`
			`filectime ($_SERVER['SCRIPT_FILENAME']));`
			`}`

			`/**`
			`* Gets the configuration file name.`
			`**/`
			`function getConfigFile ()`
			`{`
			`if (!empty ($_SERVER['SERVER_NAME'])`
			`&& preg_match ('/^[\w\-\.]+$/', $_SERVER['SERVER_NAME']))`
			`{`
			`$hostSplit = explode ('.', $_SERVER['SERVER_NAME']);`
			`$configDir = _CONFIG_DIR .'/'. $this->name;`
			`$hostFile = $configDir .'/config.'. $hostSplit[0] .'.php';`
			`}`

			`if (isset ($hostFile) && file_exists ($hostFile))`
			`return $hostFile;`
			`else`
			`return parent::getConfigFile ();`
			`}`

			`/**`
			`* Tries to retrieve user credentials from many sources such as POST,`
			`* SESSION or COOKIES. If $_POST['remember'] is defined the user credentials`
			`* are saved on the client brownser for future logins, cookies names are`
			`* 'vn_user' for the user name and 'vn_pass' for user password, the`
			`* password is encoded using base64_encode() function and should be decoded`
			`* using base64_decode().`
			`**/`
			`function login ()`
			`{`
			`if ($this->conn)`
			`return $this->conn;`

			`$user = NULL;`
			`$password = NULL;`
			`$rememberUser = TRUE;`
			`$rememberPass = FALSE;`
			`$credentialsChanged = TRUE;`
			`$wasLoged = isset ($_SESSION['user']);`

			`if (isset ($_POST['guest']))`
			`{`
			`$sysConn = $this->getSysConn ();`
			`$row = $sysConn->getRow (`
			`'SELECT guest_user, guest_pass FROM config');`

			`if ($row)`
			`{`
			`$user = $row['guest_user'];`
			`$password = base64_decode ($row['guest_pass']);`
			`$rememberUser = FALSE;`
			`}`
			`}`
			`elseif (isset ($_POST['user']) && isset ($_POST['password']))`
			`{`
			`$user = $_POST['user'];`
			`$password = $_POST['password'];`

			`if (isset ($_POST['remember']) && $_POST['remember'])`
			`$rememberPass = TRUE;`
			`}`
			`elseif (isset ($_SESSION['user']))`
			`{`
			`$user = $_SESSION['user'];`
			`$password = $_SESSION['password'];`
			`$credentialsChanged = FALSE;`
			`}`
			`elseif (isset ($_COOKIE['vn_user']) && isset ($_COOKIE['vn_pass']))`
			`{`
			`$user = $_COOKIE['vn_user'];`
			`$password = base64_decode ($_COOKIE['vn_pass']);`
			`$rememberPass = TRUE;`
			`}`

			`if (!isset ($user))`
			`throw new SessionExpiredException ();`

			`try {`
			`$db = $this->createConnection ($user, $password);`
			`$db->query ('CALL user_session_start (#)', [session_id ()]);`
			`$this->conn = $db;`

			`if ($rememberUser)`
			`{`
			`$cookieLife = time () + 7 * 86400; // 7 Days`
			`setcookie ('vn_user', $user, $cookieLife);`

			`if ($rememberPass)`
			`setcookie ('vn_pass',`
			`base64_encode ($password), $cookieLife);`
			`}`

			`$_SESSION['user'] = $user;`
			`$_SESSION['password'] = $password;`
			`}`
			`catch (\Exception $e)`
			`{`
			`$this->conn = NULL;`
			`throw new BadLoginException ();`
			`}`

			`// Registering the user access`

			`if (!$wasLoged)`
			`unset ($_SESSION['visitUser']);`

			`if (isset ($_SESSION['access'])`
			`&& !isset ($_SESSION['visitUser']))`
			`{`
			`$sysConn = $this->getSysConn ();`
			`$_SESSION['visitUser'] = $sysConn->getValue (`
			`'CALL visit_user_new (#, #, #)',`
			`[`
			`$_SESSION['access']`
			`,nullIf ($_SESSION, 'visitUser')`
			`,session_id ()`
			`]`
			`);`

			`if (!isset ($_SESSION['visitUnknown']))`
			`$_SESSION['visitUnknown'] = $_SESSION['visitUser'];`
			`}`

			`return $db;`
			`}`

			`/**`
			`* Cleans the last saved used credentials.`
			`**/`
			`function logout ()`
			`{`
			`$_SESSION['visitUser'] = nullIf ($_SESSION, 'visitUnknown');`

			`setcookie ('vn_pass', '', -1);`
			`unset ($_COOKIE['vn_pass']);`
			`unset ($_SESSION['user']);`
			`unset ($_SESSION['password']);`

			`if ($this->conn)`
			`{`
			`$this->conn->query (`
			`'DELETE FROM user_session_view '`
			`.'WHERE connection_id = CONNECTION_ID()'`
			`);`
			`$this->conn->close ();`
			`$this->conn = NULL;`
			`}`
			`}`

			`/**`
			`* Deinitializes the Application. When init method is called, this`
			`* function is called automatically at the end of the script .`
			`**/`
			`function deinit ()`
			`{`
			`if ($this->conn)`
			`$this->conn->query ('CALL user_session_end ()');`

			`parent::deinit ();`
			`}`
			`}`

			`?>`