diff --git a/.gitignore b/.gitignore index f0ee7bb..b471de2 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -sys/*.sqlite \ No newline at end of file +sys/*.sqlite +docs/* \ No newline at end of file diff --git a/app/classes/controller.php b/app/classes/controller.php new file mode 100644 index 0000000..f458ba1 --- /dev/null +++ b/app/classes/controller.php @@ -0,0 +1,43 @@ +load_model('meta\model'); + $this->page->build_header(); + } + + /** + * Destruct controller and build page footer + */ + public function __destruct() + { + $this->page->build_footer(); + } + +} diff --git a/app/modules/meta/controllers/category.php b/app/modules/meta/controllers/category.php index 0e62ced..92ef9a2 100644 --- a/app/modules/meta/controllers/category.php +++ b/app/modules/meta/controllers/category.php @@ -18,7 +18,7 @@ * * @package meta */ -class Category extends miniMVC\Controller { +class category extends meta\controller { /** * Initialize the Controller @@ -26,10 +26,6 @@ class Category extends miniMVC\Controller { public function __construct() { parent::__construct(); - - $this->load_model('meta\model'); - - $this->page->build_header(); } /** @@ -37,13 +33,6 @@ class Category extends miniMVC\Controller { */ public function index() { - $id = (int) miniMVC\get_last_segment(); - - if ($id === 0) - { - return miniMVC\show_404(); - } - $this->detail(); } @@ -69,15 +58,23 @@ class Category extends miniMVC\Controller { } // Render the basic page - $this->index(); + $this->detail(-1); } /** * Returns the sections / editing options for a category */ - public function detail() + public function detail($id = 0) { - $id = (int) miniMVC\get_last_segment(); + if ($id === 0) + { + $id = (int) miniMVC\get_last_segment(); + } + + if ($id === 0) + { + miniMVC\show_404(); + } $data = array( 'category' => $this->model->get_category_by_id($id), @@ -86,7 +83,6 @@ class Category extends miniMVC\Controller { ); $this->load_view('category_detail', $data); - $this->page->build_footer(); } } diff --git a/app/modules/meta/controllers/genre.php b/app/modules/meta/controllers/genre.php index c8a5ea7..3163137 100644 --- a/app/modules/meta/controllers/genre.php +++ b/app/modules/meta/controllers/genre.php @@ -18,7 +18,7 @@ * * @package meta */ -class Genre extends miniMVC\Controller { +class genre extends meta\controller { /** * Initialize the Controller @@ -26,10 +26,6 @@ class Genre extends miniMVC\Controller { public function __construct() { parent::__construct(); - - $this->load_model('meta\model'); - - $this->page->build_header(); } /** @@ -51,7 +47,6 @@ class Genre extends miniMVC\Controller { $data['genres'] = $this->model->get_genres(); $this->load_view('genres', $data); - $this->page->build_footer(); } /** @@ -95,7 +90,6 @@ class Genre extends miniMVC\Controller { ); $this->load_view('genre_detail', $data); - $this->page->build_footer(); } } diff --git a/app/modules/meta/controllers/section.php b/app/modules/meta/controllers/section.php index 7260261..01c375a 100644 --- a/app/modules/meta/controllers/section.php +++ b/app/modules/meta/controllers/section.php @@ -16,12 +16,25 @@ /** * Section Controller */ -class Section extends \miniMVC\Controller { +class section extends meta\controller { /** * Constructor */ public function __construct() + { + parent::__construct(); + } + + public function index() + { + + } + + /** + * Adds a new section to the current category + */ + public function add() { } diff --git a/app/modules/meta/controllers/welcome.php b/app/modules/meta/controllers/welcome.php index 2ce9a24..cc5050c 100644 --- a/app/modules/meta/controllers/welcome.php +++ b/app/modules/meta/controllers/welcome.php @@ -18,7 +18,7 @@ * * @package meta */ -class Welcome extends miniMVC\Controller { +class welcome extends miniMVC\Controller { /** * Initialize the constructor @@ -30,6 +30,7 @@ class Welcome extends miniMVC\Controller { parent::__construct(); $this->load_model('meta\model'); + $this->load_model('meta\user_model'); } diff --git a/app/modules/meta/models/model.php b/app/modules/meta/models/model.php index aa2e920..5aa913a 100644 --- a/app/modules/meta/models/model.php +++ b/app/modules/meta/models/model.php @@ -20,7 +20,7 @@ namespace meta; * * @package meta */ -class Model extends \miniMVC\Model { +class model extends \miniMVC\Model { /** * Reference to database connection diff --git a/app/modules/meta/models/user_model.php b/app/modules/meta/models/user_model.php index 34e7d7b..25bdd98 100644 --- a/app/modules/meta/models/user_model.php +++ b/app/modules/meta/models/user_model.php @@ -20,7 +20,14 @@ namespace meta; * * @package meta */ -class User_model extends \miniMVC\Model { +class user_model extends \miniMVC\Model { + + /** + * Reference to bcrypt object + * + * @var Bcrypt + */ + protected $bcrypt; /** * Initialize the User model @@ -28,6 +35,34 @@ class User_model extends \miniMVC\Model { public function __construct() { parent::__construct(); + + $this->bcrypt = new \Bcrypt(15); + } + + // -------------------------------------------------------------------------- + + /** + * Check and see if the login is valid + * + * @param string + * @param string + * @return bool + */ + public function check_login($username, $pass) + { + $query = $this->db->from('user') + ->where('username', $username) + ->get(); + + $row = $query->fetch(\PDO::FETCH_ASSOC); + + // The user does not exist + if (empty($row)) + { + return FALSE; + } + + return $this->bcrypt->verify($pass, $row['hash']); } } diff --git a/app/views/errors/error_404.php b/app/views/errors/error_404.php index e210433..b82ebbb 100644 --- a/app/views/errors/error_404.php +++ b/app/views/errors/error_404.php @@ -11,9 +11,9 @@

- + - + - \ No newline at end of file + \ No newline at end of file diff --git a/app/views/errors/error_db.php b/app/views/errors/error_db.php index bab8d6d..2a85f38 100644 --- a/app/views/errors/error_db.php +++ b/app/views/errors/error_db.php @@ -1,6 +1,6 @@

A Database Error was encountered

- +

Code:

Driver Code:

Message:

diff --git a/app/views/errors/error_general.php b/app/views/errors/error_general.php index e210433..b82ebbb 100644 --- a/app/views/errors/error_general.php +++ b/app/views/errors/error_general.php @@ -11,9 +11,9 @@

- + - +
- \ No newline at end of file + \ No newline at end of file diff --git a/app/views/errors/error_php_exception.php b/app/views/errors/error_php_exception.php index e69e9ce..689c056 100755 --- a/app/views/errors/error_php_exception.php +++ b/app/views/errors/error_php_exception.php @@ -1,13 +1,13 @@

An uncaught exception was thrown.

- +

Message:

- + - +

Backtrace:

getTrace() as $error): ?> - +

File:
@@ -15,8 +15,8 @@ Function:

- +

- +
\ No newline at end of file diff --git a/assets/config/config.php b/assets/config/config.php index 05bdf7e..235397d 100755 --- a/assets/config/config.php +++ b/assets/config/config.php @@ -8,7 +8,7 @@ * @author Timothy J. Warren * @copyright Copyright (c) 2011 - 2012 * @link https://github.com/aviat4ion/miniMVC - * @license http://philsturgeon.co.uk/code/dbad-license + * @license http://philsturgeon.co.uk/code/dbad-license */ // -------------------------------------------------------------------------- @@ -25,11 +25,11 @@ | Document Root |-------------------------------------------------------------------------- | -| The folder where the index of the website exists. In most situations, -| this will not need to be changed. +| The folder where the index of the website exists. In most situations, +| this will not need to be changed. | | If the website is in a folder off of the domain name, like: -| http://example.com/website/ +| http://example.com/website/ | you will need to add that folder to the document root. | */ diff --git a/assets/config/js_groups.php b/assets/config/js_groups.php index f1b33b7..7836649 100755 --- a/assets/config/js_groups.php +++ b/assets/config/js_groups.php @@ -8,7 +8,7 @@ * @author Timothy J. Warren * @copyright Copyright (c) 2011 - 2012 * @link https://github.com/aviat4ion/miniMVC - * @license http://philsturgeon.co.uk/code/dbad-license + * @license http://philsturgeon.co.uk/code/dbad-license */ // -------------------------------------------------------------------------- @@ -16,10 +16,10 @@ /** * This is the config array for javascript files to concatenate and minify */ -return [ +return [ /* For each group create an array like so - + 'my_group' => array( 'path/to/css/file1.css', 'path/to/css/file2.css' diff --git a/assets/css.php b/assets/css.php index a44f76a..c6059ab 100755 --- a/assets/css.php +++ b/assets/css.php @@ -8,12 +8,12 @@ * @author Timothy J. Warren * @copyright Copyright (c) 2011 - 2012 * @link https://github.com/aviat4ion/miniMVC - * @license http://philsturgeon.co.uk/code/dbad-license + * @license http://philsturgeon.co.uk/code/dbad-license */ // -------------------------------------------------------------------------- -/** +/** * CSS Minifier and Cacher * * @package miniMVC @@ -21,10 +21,10 @@ */ //Get config files -require('./config/config.php'); +require './config/config.php'; //Include the css groups -$groups = require("./config/css_groups.php"); +$groups = require './config/css_groups.php'; //The name of this file $this_file = __FILE__; @@ -38,10 +38,10 @@ $this_file = __FILE__; * @return string */ function compress($buffer) { - + //Remove CSS comments $buffer = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!', '', $buffer); - + //Remove tabs, spaces, newlines, etc. $buffer = preg_replace('`\s+`', ' ', $buffer); $replace = [ @@ -55,12 +55,12 @@ function compress($buffer) { ': ' => ':', '; ' => ';', ]; - + //Eradicate every last space! $buffer = trim(strtr($buffer, $replace)); $buffer = str_replace('{ ', '{', $buffer); $buffer = str_replace('} ', '}', $buffer); - + return $buffer; } @@ -77,9 +77,9 @@ while($i < $pia_len) { $j = $i+1; $j = (isset($pia[$j])) ? $j : $i; - + $_GET[$pia[$i]] = $pia[$j]; - + $i = $j + 1; }; @@ -103,8 +103,8 @@ $modified[] = filemtime($this_file); rsort($modified); $last_modified = $modified[0]; -$requested_time= (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) - ? strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) +$requested_time= (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) + ? strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) : time(); if ($last_modified === $requested_time) diff --git a/assets/css/theme.css b/assets/css/theme.css index 96a0191..a836496 100644 --- a/assets/css/theme.css +++ b/assets/css/theme.css @@ -18,6 +18,7 @@ a:hover { /* form styles */ form dt, form dd { + display:-moz-inline-box; /* For older versions of Mozilla/Firefox */ display:inline-block; padding:0.25em 0; } diff --git a/assets/js.php b/assets/js.php index 57ba8d8..b26e04b 100755 --- a/assets/js.php +++ b/assets/js.php @@ -8,7 +8,7 @@ * @author Timothy J. Warren * @copyright Copyright (c) 2011 - 2012 * @link https://github.com/aviat4ion/miniMVC - * @license http://philsturgeon.co.uk/code/dbad-license + * @license http://philsturgeon.co.uk/code/dbad-license */ // -------------------------------------------------------------------------- @@ -21,7 +21,7 @@ */ //Get config files -require('./config/config.php'); +require './config/config.php'; //Include the js groups $groups_file = "./config/js_groups.php"; @@ -34,7 +34,7 @@ $this_file = __FILE__; /** * Get Files - * + * * Concatenates the javascript files for the current * group as a string * @return string @@ -44,13 +44,13 @@ function get_files() global $groups, $js_root; $js = ''; - + foreach ($groups[$_GET['g']] as &$file) { $new_file = realpath($js_root.$file); $js .= file_get_contents($new_file); } - + return $js; } @@ -71,7 +71,7 @@ function google_min($new_file) curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, 'output_info=compiled_code&output_format=text&compilation_level=SIMPLE_OPTIMIZATIONS&js_code=' . urlencode($new_file)); $output = curl_exec($ch); - curl_close($ch); + curl_close($ch); return $output; } @@ -88,9 +88,9 @@ while ($i < $pia_len) { $j = $i+1; $j = (isset($pia[$j])) ? $j : $i; - + $_GET[$pia[$i]] = $pia[$j]; - + $i = $j + 1; }; @@ -103,19 +103,19 @@ $modified = []; if (isset($groups[$_GET['g']])) { $cache_file = $js_root.'cache/'.$_GET['g']; - + foreach ($groups[$_GET['g']] as &$file) { $new_file = realpath($js_root.$file); $modified[] = filemtime($new_file); } - + //Add this page too, as well as the groups file $modified[] = filemtime($this_file); $modified[] = filemtime($groups_file); - + $cache_modified = 0; - + //Add the cache file if (is_file($cache_file)) { @@ -133,11 +133,11 @@ else //Nothing to display? Just exit rsort($modified); $last_modified = $modified[0]; -$requested_time=(isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) - ? strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) +$requested_time=(isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) + ? strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) : time(); -// If the browser's cached version is up to date, +// If the browser's cached version is up to date, // don't resend the file if ($last_modified === $requested_time) { @@ -152,7 +152,7 @@ if ($cache_modified < $last_modified) { $js = google_min(get_files()); $cs = file_put_contents($cache_file, $js); - + //Make sure cache file gets created/updated if ($cs === FALSE) { @@ -164,7 +164,7 @@ elseif (isset($_GET['debug'])) $js = get_files(); } else -{ +{ $len = filesize($cache_file); header("Content-Length: {$len}"); $js = file_get_contents($cache_file); diff --git a/sys/common.php b/sys/common.php index 2d626cb..085990a 100644 --- a/sys/common.php +++ b/sys/common.php @@ -298,7 +298,6 @@ if ( ! function_exists('do_include')) function init() { // Catch fatal errors, don't show them - error_reporting((-1) & ~(E_ERROR | E_PARSE)); register_shutdown_function('miniMVC\shutdown'); //Set error handlers @@ -330,40 +329,6 @@ function get_last_segment() // -------------------------------------------------------------------------- -/** - * Call a method in another controller - * - * @param string - * @param string - * @param args - */ -function call_controller_method($controller, $method="index", $args=array()) -{ - // Load the routes config file - $routes = include(MM_APP_PATH . 'config/routes.php'); - - // Set the default route - $module = $routes['default_module']; - $class = $routes['default_controller']; - - // Split the controller into module/controller if possible - $parts = explode('/', $controller); - - if (count($parts) === 2) - { - list($module, $class) = $parts; - } - else - { - $class = $parts[0]; - } - - // Call the method - run($module, $class, $method, $args); -} - -// -------------------------------------------------------------------------- - /** * Gets an array of the segments of the current url * @@ -397,13 +362,11 @@ function get_segments() */ function route() { - $sn = $_SERVER['SCRIPT_NAME']; - $ru = $_SERVER['REQUEST_URI']; - // Get the equivalent to path info - $pi = (isset($_SERVER['PATH_INFO'])) - ? str_replace($sn, '', $ru) - : '/'; + // Get the path info + $pi = $_SERVER['PATH_INFO']; + $ru = $_SERVER['REQUEST_URI']; + $sn = $_SERVER['SCRIPT_NAME']; // Make sure the home page works when in a sub_directory if (strlen($sn) > strlen($ru)) diff --git a/sys/core/Page.php b/sys/core/Page.php index b3bf7e4..0ceba90 100644 --- a/sys/core/Page.php +++ b/sys/core/Page.php @@ -151,22 +151,14 @@ class Page { if ( ! empty($this->buffer)) { - $errors = error_get_last(); - if (empty($errors)) - { - // Compression is good! - ob_start("ob_gzhandler"); - } - else - { - ob_start(); - } + // @todo Figure out how to adjust content compression for 5.4.4 + ob_start(); echo $this->buffer; // Check if a buffer exists // so that it doesn't throw a notice - if (ob_get_level > 0) + if (ob_get_level() > 0) { ob_end_flush(); } diff --git a/sys/core/db.php b/sys/core/db.php index 8037f16..7cc281a 100644 --- a/sys/core/db.php +++ b/sys/core/db.php @@ -8,20 +8,20 @@ * @author Timothy J. Warren * @copyright Copyright (c) 2011 - 2012 * @link https://github.com/aviat4ion/miniMVC - * @license http://philsturgeon.co.uk/code/dbad-license + * @license http://philsturgeon.co.uk/code/dbad-license */ - + // -------------------------------------------------------------------------- namespace miniMVC; - + /** * Extend PHP's PDO class to add some more functionality * * @package miniMVC * @subpackage System */ -class DB extends \Query_Builder { +class db extends \Query_Builder { /** * DB connection instances @@ -29,9 +29,9 @@ class DB extends \Query_Builder { * @var array */ private static $instance = array(); - + // -------------------------------------------------------------------------- - + /** * Indexed singleton method * @@ -45,7 +45,7 @@ class DB extends \Query_Builder { { // Include the database config file require_once(MM_APP_PATH.'config/db.php'); - + // Get the correct database in the config file if ( ! is_like_array($db_conf[$dbname])) { @@ -54,16 +54,16 @@ class DB extends \Query_Builder { trigger_error("Database does not exist", E_USER_ERROR); die(); } - + //echo 'Creating new instance of db class.'; self::$instance[$dbname] = new DB($db_conf[$dbname]); } return self::$instance[$dbname]; } - + // -------------------------------------------------------------------------- - + /** * Returns the last error from the database * diff --git a/sys/db b/sys/db index 9774349..1e71b22 160000 --- a/sys/db +++ b/sys/db @@ -1 +1 @@ -Subproject commit 977434977e4177fe5a09fffa0f3a152faa82f606 +Subproject commit 1e71b225c533bada107f439106c9216982b62daa diff --git a/sys/libraries/Bcrypt.php b/sys/libraries/Bcrypt.php new file mode 100644 index 0000000..db87d0e --- /dev/null +++ b/sys/libraries/Bcrypt.php @@ -0,0 +1,201 @@ +rounds = $rounds; + } + + // -------------------------------------------------------------------------- + + /** + * Returns a has for the input string + * + * @param string + * @return string + */ + public function hash($input) + { + $hash = crypt($input, $this->getSalt()); + + if (strlen($hash) > 13) + return $hash; + + return false; + } + + // -------------------------------------------------------------------------- + + /** + * Check if a password hash is valid + * + * @param string + * @param string + * @return bool + */ + public function verify($input, $existingHash) + { + $hash = crypt($input, $existingHash); + + return $hash === $existingHash; + } + + // -------------------------------------------------------------------------- + + /** + * Private function to generate the random salt + * + * @return string + */ + private function getSalt() + { + $salt = sprintf('$2a$%02d$', $this->rounds); + + $bytes = $this->getRandomBytes(16); + + $salt .= $this->encodeBytes($bytes); + + return $salt; + } + + // -------------------------------------------------------------------------- + + /** + * Private method to generate random characters for salt + * + * @param int + * @return string + */ + private function getRandomBytes($count) + { + $bytes = ''; + + if (function_exists('openssl_random_pseudo_bytes') && (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')) // OpenSSL slow on Win + { + $bytes = openssl_random_pseudo_bytes($count); + } + + if ($bytes === '' && is_readable('/dev/urandom') && ($hRand = @fopen('/dev/urandom', 'rb')) !== FALSE) + { + $bytes = fread($hRand, $count); + fclose($hRand); + } + + if (strlen($bytes) < $count) + { + $bytes = ''; + + if ($this->randomState === null) + { + $this->randomState = microtime(); + if (function_exists('getmypid')) + { + $this->randomState .= getmypid(); + } + } + + for ($i = 0; $i < $count; $i += 16) + { + $this->randomState = md5(microtime() . $this->randomState); + + if (PHP_VERSION >= '5') + { + $bytes .= md5($this->randomState, true); + } + else + { + $bytes .= pack('H*', md5($this->randomState)); + } + } + + $bytes = substr($bytes, 0, $count); + } + + return $bytes; + } + + // -------------------------------------------------------------------------- + + /** + * Further randomizes salt? + * + * @param string + * @return string + */ + private function encodeBytes($input) + { + // The following is code from the PHP Password Hashing Framework + $itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; + + $output = ''; + $i = 0; + do + { + $c1 = ord($input[$i++]); + $output .= $itoa64[$c1 >> 2]; + $c1 = ($c1 & 0x03) << 4; + if ($i >= 16) + { + $output .= $itoa64[$c1]; + break; + } + + $c2 = ord($input[$i++]); + $c1 |= $c2 >> 4; + $output .= $itoa64[$c1]; + $c1 = ($c2 & 0x0f) << 2; + + $c2 = ord($input[$i++]); + $c1 |= $c2 >> 6; + $output .= $itoa64[$c1]; + $output .= $itoa64[$c2 & 0x3f]; + } while (1); + + return $output; + } +} \ No newline at end of file diff --git a/sys/libraries/Data_Store.php b/sys/libraries/Data_Store.php index 02ab68a..d873e80 100644 --- a/sys/libraries/Data_Store.php +++ b/sys/libraries/Data_Store.php @@ -8,7 +8,7 @@ * @author Timothy J. Warren * @copyright Copyright (c) 2011 - 2012 * @link https://github.com/aviat4ion/miniMVC - * @license http://philsturgeon.co.uk/code/dbad-license + * @license http://philsturgeon.co.uk/code/dbad-license */ // -------------------------------------------------------------------------- @@ -22,24 +22,24 @@ namespace miniMVC; * @subpackage Libraries */ class Data_Store { - + /** * Settings object represented by the currently loaded JSON file */ private $current; - + /** * Singleton instance */ private static $instance; - + /** * Create and/or load json file */ protected function __construct() { $path = MM_APP_PATH .'config/data_store.json'; - + if ( ! is_file($path)) { touch($path); @@ -49,12 +49,12 @@ class Data_Store { { // Load the file $json = file_get_contents($path); - + // Load the object into the class $this->current = json_decode($json); } } - + // -------------------------------------------------------------------------- /** @@ -66,9 +66,9 @@ class Data_Store { file_put_contents(MM_APP_PATH . 'config/data_store.json', $file_string); } - + // -------------------------------------------------------------------------- - + /** * Magic function called when cloning an object */ @@ -76,7 +76,7 @@ class Data_Store { { trigger_error('Clone is not allowed.', E_USER_ERROR); } - + // -------------------------------------------------------------------------- /** @@ -104,9 +104,9 @@ class Data_Store { { return $this->current->{$key} = $val; } - + // -------------------------------------------------------------------------- - + /** * Static method to retreive current instance * of the singleton @@ -123,9 +123,9 @@ class Data_Store { return self::$instance; } - + // -------------------------------------------------------------------------- - + /** * Removes a key from the data store * @@ -136,9 +136,9 @@ class Data_Store { { unset($this->current->{$key}); } - + // -------------------------------------------------------------------------- - + /** * Return the entire data store object * diff --git a/sys/libraries/Session.php b/sys/libraries/Session.php index b7b2d55..8903c3d 100644 --- a/sys/libraries/Session.php +++ b/sys/libraries/Session.php @@ -29,7 +29,7 @@ class Session { * @var array */ protected $sess = array(); - + /** * Reference to current instance *