init (); $srv = empty ($_REQUEST['srv']) ? '' : $_REQUEST['srv']; $explode = explode (':', $srv, 2); if (count ($explode) > 0) $_REQUEST['service'] = $explode[0]; if (count ($explode) > 1) $_REQUEST['method'] = $explode[1]; $service = empty ($_REQUEST['service']) ? 'html' : $_REQUEST['service']; if (in_array ($service, $this->allowedServices, TRUE)) { $includeFile = __DIR__."/$service-service.php"; require_once ($includeFile); $className = __NAMESPACE__ .'\\'. hyphenToCamelCase ($service, TRUE) .'Service'; $service = new $className ($this); $service->run (); } else http_response_code (400); } /** * Gets the configuration file name associated to the current vhost * or the default config file if isn't defined a file for the vhost. **/ function getConfigFile () { if (!empty ($_SERVER['SERVER_NAME']) && preg_match ('/^[\w\-\.]+$/', $_SERVER['SERVER_NAME'])) { $hostSplit = explode ('.', $_SERVER['SERVER_NAME']); $configDir = _CONFIG_DIR .'/'. $this->name; $hostFile = $configDir .'/config.'. $hostSplit[0] .'.php'; } if (isset ($hostFile) && file_exists ($hostFile)) return $hostFile; else return parent::getConfigFile (); } /** * Tries to retrieve user credentials from many sources such as POST, * SESSION or COOKIES. If $_POST['remember'] is defined the user credentials * are saved on the client brownser for future logins, cookies names are * 'vn_user' for the user name and 'vn_pass' for user password, the * password is encoded using base64_encode() function and should be decoded * using base64_decode(). * * return Db\Conn The database connection **/ function login () { if ($this->conn) return $this->conn; $user = NULL; $password = NULL; $rememberUser = TRUE; $rememberPass = FALSE; $credentialsChanged = TRUE; $wasLoged = isset ($_SESSION['user']); if (isset ($_POST['guest'])) { $sysConn = $this->getSysConn (); $row = $sysConn->getRow ( 'SELECT guest_user, guest_pass FROM config'); if ($row) { $user = $row['guest_user']; $password = base64_decode ($row['guest_pass']); $rememberUser = FALSE; } } elseif (isset ($_POST['user']) && isset ($_POST['password'])) { $user = $_POST['user']; $password = $_POST['password']; if (isset ($_POST['remember']) && $_POST['remember']) $rememberPass = TRUE; } elseif (isset ($_SESSION['user'])) { $user = $_SESSION['user']; $password = $_SESSION['password']; $credentialsChanged = FALSE; } elseif (isset ($_COOKIE['vn_user']) && isset ($_COOKIE['vn_pass'])) { $user = $_COOKIE['vn_user']; $password = base64_decode ($_COOKIE['vn_pass']); $rememberPass = TRUE; } if (!isset ($user)) throw new SessionExpiredException (); try { $db = $this->createConnection ($user, $password); $db->query ('CALL user_session_start (#)', [session_id ()]); $this->conn = $db; if ($rememberUser) { $cookieLife = time () + 7 * 86400; // 7 Days setcookie ('vn_user', $user, $cookieLife); if ($rememberPass) setcookie ('vn_pass', base64_encode ($password), $cookieLife); } $_SESSION['user'] = $user; $_SESSION['password'] = $password; } catch (\Exception $e) { $this->conn = NULL; throw new BadLoginException (); } // Registering the user access if (!$wasLoged) unset ($_SESSION['visitUser']); if (isset ($_SESSION['access']) && !isset ($_SESSION['visitUser'])) { $sysConn = $this->getSysConn (); $_SESSION['visitUser'] = $sysConn->getValue ( 'CALL visit_user_new (#, #, #)', [ $_SESSION['access'] ,nullIf ($_SESSION, 'visitUser') ,session_id () ] ); if (!isset ($_SESSION['visitUnknown'])) $_SESSION['visitUnknown'] = $_SESSION['visitUser']; } return $db; } /** * Logouts the current user. Cleans the last saved used credentials. **/ function logout () { $_SESSION['visitUser'] = nullIf ($_SESSION, 'visitUnknown'); setcookie ('vn_pass', '', -1); unset ($_COOKIE['vn_pass']); unset ($_SESSION['user']); unset ($_SESSION['password']); if ($this->conn) { $this->conn->query ( 'DELETE FROM user_session_view ' .'WHERE connection_id = CONNECTION_ID()' ); $this->conn->close (); $this->conn = NULL; } } } ?>