From aa8c9f2a32ea75278d52c86c6a3a39d34bce5cc7 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Nicolas=20L=C5=93uillet?= Date: Fri, 31 May 2013 22:55:52 +0200 Subject: [PATCH] Installation mode --- inc/Session.class.php | 2 +- inc/config.php | 25 ++++++++++++++++--- inc/functions.php | 7 ++++-- inc/store/sqlite.class.php | 51 +++++++++++++++++++++++++++++++++++++- inc/store/store.class.php | 8 ++++++ index.php | 9 +++++-- tpl/install.html | 30 ++++++++++++++++++++++ tpl/login.html | 2 +- 8 files changed, 124 insertions(+), 10 deletions(-) create mode 100644 tpl/install.html diff --git a/inc/Session.class.php b/inc/Session.class.php index ee12b3d1..eff924cc 100644 --- a/inc/Session.class.php +++ b/inc/Session.class.php @@ -93,7 +93,7 @@ class Session // Force logout public static function logout() { - unset($_SESSION['uid'],$_SESSION['info'],$_SESSION['expires_on'],$_SESSION['tokens']); + unset($_SESSION['uid'],$_SESSION['info'],$_SESSION['expires_on'],$_SESSION['tokens'], $_SESSION['login'], $_SESSION['pass']); } // Make sure user is logged in. diff --git a/inc/config.php b/inc/config.php index 737f5215..2de725f4 100644 --- a/inc/config.php +++ b/inc/config.php @@ -18,6 +18,7 @@ define ('ABS_PATH', 'assets/'); define ('CONVERT_LINKS_FOOTNOTES', TRUE); define ('REVERT_FORCED_PARAGRAPH_ELEMENTS',FALSE); define ('DOWNLOAD_PICTURES', TRUE); +define ('SALT', '464v54gLLw928uz4zUBqkRJeiPY68zCX'); $storage_type = 'sqlite'; # sqlite or file include 'functions.php'; @@ -33,9 +34,7 @@ require_once 'class.messages.php'; Session::init(); -$store = new $storage_type(); -$msg = new Messages(); - +$store = new $storage_type(); # initialisation de RainTPL raintpl::$tpl_dir = './tpl/'; raintpl::$cache_dir = './cache/'; @@ -43,4 +42,24 @@ raintpl::$base_url = get_poche_url(); raintpl::configure('path_replace', false); raintpl::configure('debug', false); $tpl = new raintpl(); + +if(!$store->isInstalled()) +{ + logm('poche still not installed'); + $tpl->draw('install'); + if (isset($_GET['install'])) { + if (($_POST['password'] == $_POST['password_repeat']) + && $_POST['password'] != "" && $_POST['login'] != "") { + $store->install($_POST['login'], encode_string($_POST['password'] . $_POST['login'])); + Session::logout(); + MyTool::redirect(); + } + } + exit(); +} + +$_SESSION['login'] = (isset ($_SESSION['login'])) ? $_SESSION['login'] : $store->getLogin(); +$_SESSION['pass'] = (isset ($_SESSION['pass'])) ? $_SESSION['pass'] : $store->getPassword(); + +$msg = new Messages(); $tpl->assign('msg', $msg); \ No newline at end of file diff --git a/inc/functions.php b/inc/functions.php index c2a149c6..73e591c5 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -23,6 +23,11 @@ function get_poche_url() return $protocol . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; } +function encode_string($string) +{ + return sha1($string . SALT); +} + // function define to retrieve url content function get_external_file($url) { @@ -375,12 +380,10 @@ function action_to_do($action, $url, $id = 0) break; case 'toggle_fav' : $store->favoriteById($id); - $msg->add('s', 'the favorite toggle has been done successfully'); logm('mark as favorite link #' . $id); break; case 'toggle_archive' : $store->archiveById($id); - $msg->add('s', 'the archive toggle has been done successfully'); logm('archive link #' . $id); break; default: diff --git a/inc/store/sqlite.class.php b/inc/store/sqlite.class.php index cda412e6..4bfbb29e 100644 --- a/inc/store/sqlite.class.php +++ b/inc/store/sqlite.class.php @@ -17,7 +17,6 @@ class Sqlite extends Store { parent::__construct(); $this->handle = new PDO(self::$db_path); - $this->handle->exec('CREATE TABLE IF NOT EXISTS "entries" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL UNIQUE , "title" VARCHAR, "url" VARCHAR UNIQUE , "is_read" INTEGER DEFAULT 0, "is_fav" INTEGER DEFAULT 0, "content" BLOB)'); $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } @@ -25,6 +24,56 @@ class Sqlite extends Store { return $this->handle; } + public function isInstalled() { + $sql = "SELECT name FROM sqlite_sequence WHERE name=?"; + $query = $this->executeQuery($sql, array('config')); + $hasConfig = $query->fetchAll(); + + if (count($hasConfig) == 0) + return FALSE; + + if (!$this->getLogin() || !$this->getPassword()) + return FALSE; + + return TRUE; + } + + public function install($login, $password) { + $this->getHandle()->exec('CREATE TABLE IF NOT EXISTS "config" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL UNIQUE , "name" VARCHAR UNIQUE, "value" BLOB)'); + + $this->handle->exec('CREATE TABLE IF NOT EXISTS "entries" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL UNIQUE , "title" VARCHAR, "url" VARCHAR UNIQUE , "is_read" INTEGER DEFAULT 0, "is_fav" INTEGER DEFAULT 0, "content" BLOB)'); + + if (!$this->getLogin()) { + $sql_login = 'INSERT INTO config ( name, value ) VALUES (?, ?)'; + $params_login = array('login', $login); + $query = $this->executeQuery($sql_login, $params_login); + } + + if (!$this->getPassword()) { + $sql_pass = 'INSERT INTO config ( name, value ) VALUES (?, ?)'; + $params_pass = array('password', $password); + $query = $this->executeQuery($sql_pass, $params_pass); + } + + return TRUE; + } + + public function getLogin() { + $sql = "SELECT value FROM config WHERE name=?"; + $query = $this->executeQuery($sql, array('login')); + $login = $query->fetchAll(); + + return isset($login[0]['value']) ? $login[0]['value'] : FALSE; + } + + public function getPassword() { + $sql = "SELECT value FROM config WHERE name=?"; + $query = $this->executeQuery($sql, array('password')); + $pass = $query->fetchAll(); + + return isset($pass[0]['value']) ? $pass[0]['value'] : FALSE; + } + private function executeQuery($sql, $params) { try { diff --git a/inc/store/store.class.php b/inc/store/store.class.php index 360ff7c2..dd7d4cfe 100644 --- a/inc/store/store.class.php +++ b/inc/store/store.class.php @@ -13,6 +13,14 @@ class Store { } + public function getLogin() { + + } + + public function getPassword() { + + } + public function add() { } diff --git a/index.php b/index.php index 829d5513..1522a2ec 100644 --- a/index.php +++ b/index.php @@ -25,9 +25,14 @@ $ref = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER']; if (isset($_GET['login'])) { // Login if (!empty($_POST['login']) && !empty($_POST['password'])) { - if (Session::login('poche', 'poche', $_POST['login'], $_POST['password'])) { +// echo $_SESSION['login']."
"; +// echo $_SESSION['pass']."
"; +// echo $_POST['login']."
"; +// echo encode_string($_POST['password'] . $_POST['login']); +// die; + if (Session::login($_SESSION['login'], $_SESSION['pass'], $_POST['login'], encode_string($_POST['password'] . $_POST['login']))) { logm('login successful'); - $msg->add('s', 'welcome in your pocket!'); + $msg->add('s', 'welcome in your poche!'); if (!empty($_POST['longlastingsession'])) { $_SESSION['longlastingsession'] = 31536000; $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; diff --git a/tpl/install.html b/tpl/install.html new file mode 100644 index 00000000..d11a7810 --- /dev/null +++ b/tpl/install.html @@ -0,0 +1,30 @@ +{include="head"} + +
+

logo pochepoche

+
+
+
+
+

install your poche

+
+ + +
+
+ + +
+
+ + +
+
+ +
+
+ + +
+ +{include="footer"} diff --git a/tpl/login.html b/tpl/login.html index ebe4b5e5..69c17a55 100644 --- a/tpl/login.html +++ b/tpl/login.html @@ -12,7 +12,7 @@
- +
-- 2.41.0