add bootstrap

inc/auth.php

@@ -6,6 +6,7 @@ class Auth extends PhpObject
 	const COST = 12;
 	const TOKEN_SEP = '|';
 	const USER_COOKIE_PASS = 'checksum';
+	const DEFAULT_ERROR = 'Unknown error';
 	
 	/**
 	 * Database Connection
@@ -42,29 +43,70 @@ class Auth extends PhpObject
 	public function logMeIn($sToken)
 	{
 		$sDesc = '';
+		$asUser = $this->getUserFromToken($sToken);
+		if($asUser['success'])
+		{
+			if(self::CheckPassword($asUser['http_pass'], $asUser['pass']))
+			{
+				$this->setUserId($asUser[Db::getId(MyThoughts::USER_TABLE)]);
+				$this->resetAuthCookie($this->getUserId());
+			}
+			else $sDesc = 'wrong password';
+		}
+		else $sDesc = $asUser['desc'];
+		
+		return array('success'=>$this->isLoggedIn(), 'desc'=>$sDesc);
+	}
+	
+	public function register($sToken, $sNickName, $bLogMeIn=false)
+	{
+		$bSuccess = false;
+		$sDesc = self::DEFAULT_ERROR;
+		$asUser = $this->getUserFromToken($sToken);
+		
+		if(array_key_exists('unknown_user', $asUser))
+		{
+			$iUserId = $this->addUser($asUser['username'], $sNickName, $asUser['pass'], $bLogMeIn);
+			if($iUserId > 0) $bSuccess = true;
+			else $sDesc = 'Error: Could not add user';
+		}
+		else $sDesc = 'Someone is already using this nickname, sorry!';
+			
+		$asResult = array('success'=>$bSuccess, 'desc'=>$sDesc);
+		return $asResult;
+	}
+	
+	private function getUserFromToken($sToken)
+	{
+		$asResult = array();
+		$bSuccess = false;
+		$sDesc = self::DEFAULT_ERROR;
+		
 		if($sToken!='')
 		{
-			$sLoginToken = addslashes(strstr($sToken, self::TOKEN_SEP, true));
-			$sPassToken = substr(strstr($sToken, self::TOKEN_SEP), strlen(self::TOKEN_SEP));
-			if($sLoginToken!='' && $sPassToken!='')
+			$asResult['username'] = addslashes(strstr($sToken, self::TOKEN_SEP, true));
+			$asResult['http_pass'] = substr(strstr($sToken, self::TOKEN_SEP), strlen(self::TOKEN_SEP));
+			if($asResult['username']!='' && $asResult['http_pass']!='')
 			{
-				$asEmpl = $this->oDb->selectRow(MyThoughts::USER_TABLE, array("MD5(".Db::getText(MyThoughts::USER_TABLE).")"=>$sLoginToken));
-				if(!empty($asEmpl))
+				$asUser = $this->oDb->selectRow(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$asResult['username']));
+				if(!empty($asUser))
 				{
-					if(self::CheckPassword($sPassToken, $asEmpl['pass']))
-					{
-						$this->setUserId($asEmpl[Db::getId(MyThoughts::USER_TABLE)]);
-						$this->resetAuthCookie($this->getUserId());
-					}
-					else $sDesc = 'wrong password';
+					$asResult = $asUser;
+					$bSuccess = true;
+				}
+				else
+				{
+					$asResult['unknown_user'] = true;
+					$sDesc = 'unknown nickname';
 				}
-				else $sDesc = 'unknown nickname';
 			}
 			else $sDesc = 'corrupted token, please login again';
 		}
 		else $sDesc = 'no credentials has been received by the server';
 		
-		return MyThoughts::getJsonResult($this->isLoggedIn(), $sDesc);
+		$asResult['success'] = $bSuccess;
+		$asResult['desc'] = $sDesc;
+		return $asResult;
 	}
 	
 	public function autoLogIn()
@@ -91,18 +133,17 @@ class Auth extends PhpObject
 		}
 	}
 	
-	public function addUser($sSafeNickName, $sNickName, $bLogMeIn=false)
+	public function addUser($sUserName, $sNickName, $sPass, $bLogMeIn=false)
 	{
-		$sPass = self::HashPassword(self::getLoginToken($sSafeNickName));
-		$bExist = $this->oDb->pingValue(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sSafeNickName));
+		$sPass = self::HashPassword($sPass);
+		$bExist = $this->oDb->pingValue(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sUserName));
 		if($bExist) return -1;
 		else
 		{
-			$iUserId = $this->oDb->insertRow(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sSafeNickName, 'nickname'=>$sNickName, 'pass'=>$sPass));
-			if($iUserId>0)
+			$iUserId = $this->oDb->insertRow(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sUserName, 'nickname'=>$sNickName, 'pass'=>$sPass));
+			if($iUserId>0 && $bLogMeIn)
 			{
-				$this->resetPass($iUserId);
-				if($bLogMeIn) $this->logMeIn(md5($sSafeNickName).self::TOKEN_SEP.$this->getLoginToken($sSafeNickName));
+				$this->logMeIn($sUserName.self::TOKEN_SEP.$sPass);
 			}
 		}
 		return $iUserId;

inc/mythoughts.php

@@ -1,246 +1,237 @@
-<?php
-
-/**
- * Main Class
- * @author franzz
- * @version 2.0
- */
-class MyThoughts extends Main
-{
-	//Interface keywords
-	const SUCCESS = 'success';
-	const ERROR = 'error';
-	const UNAUTHORIZED = 'unauthorized';
-	const NOT_FOUND = 'unknown action';
-	
-	//SQL tables
-	const USER_TABLE = 'users';
-	const SETTINGS_TABLE = 'settings';
-	
-	//Mythoughts
-	const URL_DATE_FORMAT = 'Ymd';
-	const LAYOUT_DATE_FORMAT = 'F \t\h\e jS, Y';
-	const MYSQL_DATE_FORMAT = 'Y-m-d';
-	const LAYOUT_TIME_FORMAT = 'G:i';
-	const WELCOME_MSG_FILE = 'welcome';
-	const SETTING_LAYOUT = 'layout';
-	const LAYOUT_ONE_PAGE = '1';
-	const LAYOUT_TWO_PAGES = '2';
-	const SETTING_FONT = 'font';
-	const FONT_THOUGHTS = 'thoughts';
-	const FONT_ARIAL = 'Arial';
-	const FONT_VERDANA = 'Verdana';
-	const SETTING_SIZE = 'Size';
-	const SIZE_16 = '16';
-	const SIZE_18 = '18';
-	const SIZE_20 = '20';
-	
-	//Format
-	const OBJ = 'object';
-	const ARRAY = 'array';
-	const JSON = 'json';
-	
-	/**
-	 * Auth Object
-	 * @var Auth
-	 */
-	private $oAuth;	
-	
-	/**
-	 * Main constructor [to be called from index.php]
-	 * @param ClassManagement $oClassManagement
-	 * @param string $sLang
-	 */
-	public function __construct($oClassManagement, $sProcessPage)
-	{
-		//Load classes
-		//$this->oClassManagement->incClass('calendar', true);
-		$asClasses = array(	array('name'=>'auth', 'project'=>true),
-							array('name'=>'thought', 'project'=>true));
-		
-		parent::__construct($oClassManagement, $sProcessPage, $asClasses);
-		
-		//Init objects
-		if($this->oDb->sDbState == Db::DB_PEACHY) $this->oAuth = new Auth($this->oDb, Settings::API_KEY);
-	}
-	
-	protected function install()
-	{
-		$this->oAuth = new Auth($this->oDb, Settings::API_KEY, false);
-		
-		//Install DB
-		$this->oDb->install();
-		$this->addUser('franzz');
-	}
-	
-	private function setContext($sProcessPage)
-	{
-		//Browser <> PHP <> MySql synchronization
-		date_default_timezone_set(Settings::TIMEZONE);
-		ini_set('default_charset', Settings::TEXT_ENC);
-		header('Content-Type: text/html; charset='.Settings::TEXT_ENC);
-		mb_internal_encoding(Settings::TEXT_ENC);
-		mb_http_output(Settings::TEXT_ENC);
-		mb_http_input(Settings::TEXT_ENC);
-		mb_language('uni');
-		mb_regex_encoding(Settings::TEXT_ENC);
-		
-		$this->asContext['process_page'] = basename($sProcessPage);
-	
-		$sServerName = array_key_exists('SERVER_NAME', $_SERVER)?$_SERVER['SERVER_NAME']:$_SERVER['PWD'];
-		$sAppPath = 'http://'.str_replace('http://', '', $sServerName.dirname($_SERVER['SCRIPT_NAME']));
-		$this->asContext['serv_name'] = $sAppPath.(mb_substr($sAppPath, -1)!='/'?'/':'');
-	}
-	
-	public function addUncaughtError($sError)
-	{
-		$this->addError('Uncaught errors:'."\n".$sError);
-	}
-	
-	/* Authorizations handling */
-	
-	public function isLoggedIn()
-	{
-		return $this->oAuth->isLoggedIn();
-	}
-	
-	public function logMeIn($sToken)
-	{
-		return $this->oAuth->logMeIn($sToken);
-	}
-	
-	public function checkApiKey($sApiKey)
-	{
-		return $this->oAuth->checkApiKey($sApiKey);
-	}
-	
-	/* Building main pages */
-	
-	public function getPage()
-	{
-		/*$asMaskPaths = glob('masks/*.html');
-		$asMaskNames =  array_map('basename', $asMaskPaths, array_fill(1, count($asMaskPaths), '.html'));*/
-		
-		//Constants
-		$asPages = array('logon', 'write', 'settings', 'template');
-		foreach($asPages as $sPage) $asGlobalVars['consts']['pages'][$sPage] = $this->getPageContent($sPage);
-		$asGlobalVars['consts']['token_sep'] = Auth::TOKEN_SEP;
-		$asGlobalVars['consts']['error'] = self::ERROR;
-		$asGlobalVars['consts']['success'] = self::SUCCESS;
-		$asGlobalVars['consts']['context'] = $this->asContext;
-		$asGlobalVars['vars']['id'] = $this->oAuth->getUserId();
-		$asGlobalVars['vars']['log_in'] = $this->isLoggedIn();
-		
-		//Main Page
-		$sPage = $this->getPageContent('index');
-		$sPage = str_replace('asGlobalVars', json_encode($asGlobalVars), $sPage);
-		return $sPage;
-	}
-	
-	/* DB structure. See Db::__construct */
-	
-	protected function getSqlOptions()
-	{
-		return array(
-			'tables' =>	array(
-				self::USER_TABLE		=> array(Db::getText(self::USER_TABLE), 'nickname', 'pass', 'cookie'),
-				Thought::THOUGHT_TABLE	=> array(Db::getId(self::USER_TABLE), Db::getText(Thought::THOUGHT_TABLE)),
-				self::SETTINGS_TABLE	=> array(Db::getId(self::USER_TABLE), Db::getText(self::SETTINGS_TABLE), 'value')
-			),
-			'types'	=>	array(
-				Db::getText(self::USER_TABLE)		=> "varchar(50) NOT NULL",
-				'nickname'							=> "varchar(60) NOT NULL",
-				'pass'								=> "varchar(256)",
-				'cookie'							=> "varchar(255)",
-				Db::getText(Thought::THOUGHT_TABLE)	=> "longtext",
-				Db::getText(self::SETTINGS_TABLE)	=> "varchar(20) NOT NULL",
-				'value'								=> "varchar(20) NOT NULL"
-			),
-			'constraints' => array(
-				self::USER_TABLE	=> "UNIQUE KEY `username` (`".Db::getText(self::USER_TABLE)."`)"
-			),
-			'cascading_delete' => array(
-				self::USER_TABLE	=> array(self::SETTINGS_TABLE)
-			)
-		);
-	}
-	
-	/* My Thoughts public functions */
-	
-	public function register($sNickName)
-	{
-		$iUserId = $this->addUser($sNickName, true);
-		$bSuccess = false;
-		$sDesc = '';
-		switch($iUserId)
-		{
-			case -1:
-				$sDesc = 'There is already a user using this nickname, sorry!';
-				break;
-			case 0:
-				$sDesc = 'A database error occured. Contact admin';
-				break;
-			default:
-				$bSuccess = true;
-		}
-		return self::getJsonResult($bSuccess, $sDesc);
-	}
-	
-	public function getThought($iThoughtId, $sFormat=self::OBJ)
-	{
-		$oThought = new Thought($this->oDb);
-		
-		if($iThoughtId=='last')
-		{
-			$oThought->setUserId($this->oAuth->getUserId());
-			$oThought->openLast();
-		}
-		else $oThought->open($iThoughtId);
-		
-		switch($sFormat)
-		{
-			case self::OBJ:
-				return $oThought; break;
-			case self::ARRAY:
-				return $oThought->get(); break;
-			case self::JSON:
-				return self::getJsonResult(true, '', $oThought->get()); break;
-		}
-	}
-
-	public function updateThought($asOps, $iThoughtId=0, $iUserId=-1)
-	{
-		$oThought = new Thought($this->oDb, $iThoughtId);
-		
-		if($oThought->getId() == 0) {
-			if($iUserId==-1) $iUserId = $this->oAuth->getUserId();
-			if($iUserId!=0) $oThought->setUserId($iUserId);
-			else $this->addError('Adding a thought with no user id');
-		}
-		
-		$oThought->setOps($asOps);
-		$iThoughtId = $oThought->save();
-		
-		$bSuccess = ($iThoughtId>0);
-		$sDesc = 'thought '.($bSuccess?'':'not ').'saved';
-		return self::getJsonResult($bSuccess, $sDesc, $this->getThought($iThoughtId, self::ARRAY));
-	}
-	
-	/* My Thoughts private functions */
-	
-	private function addUser($sNickName, $bLogMeIn=false)
-	{
-		$iUserId = $this->oAuth->addUser(self::getSafeNickName($sNickName), $sNickName, $bLogMeIn);
-		//if($iUserId>0) $this->updateThought(file_get_contents(self::WELCOME_MSG_FILE), $iUserId);
-		return $iUserId;
-	}
-	
-	/* Static toolbox functions */
-
-	public static function getSafeNickName($sNickName)
-	{
-		return $sNickName;
-	}
-}
-
+<?php
+
+/**
+ * Main Class
+ * @author franzz
+ * @version 2.0
+ */
+class MyThoughts extends Main
+{
+	//Interface keywords
+	const SUCCESS = 'success';
+	const ERROR = 'error';
+	const UNAUTHORIZED = 'unauthorized';
+	const NOT_FOUND = 'unknown action';
+	
+	//SQL tables
+	const USER_TABLE = 'users';
+	const SETTINGS_TABLE = 'settings';
+	
+	//Mythoughts
+	const URL_DATE_FORMAT = 'Ymd';
+	const LAYOUT_DATE_FORMAT = 'F \t\h\e jS, Y';
+	const MYSQL_DATE_FORMAT = 'Y-m-d';
+	const LAYOUT_TIME_FORMAT = 'G:i';
+	const WELCOME_MSG_FILE = 'welcome';
+	const SETTING_LAYOUT = 'layout';
+	const LAYOUT_ONE_PAGE = '1';
+	const LAYOUT_TWO_PAGES = '2';
+	const SETTING_FONT = 'font';
+	const FONT_THOUGHTS = 'thoughts';
+	const FONT_ARIAL = 'Arial';
+	const FONT_VERDANA = 'Verdana';
+	const SETTING_SIZE = 'Size';
+	const SIZE_16 = '16';
+	const SIZE_18 = '18';
+	const SIZE_20 = '20';
+	
+	//Format
+	const OBJ = 'object';
+	const ARRAY = 'array';
+	const JSON = 'json';
+	
+	/**
+	 * Auth Object
+	 * @var Auth
+	 */
+	private $oAuth;	
+	
+	/**
+	 * Main constructor [to be called from index.php]
+	 * @param ClassManagement $oClassManagement
+	 * @param string $sLang
+	 */
+	public function __construct($oClassManagement, $sProcessPage)
+	{
+		//Load classes
+		//$this->oClassManagement->incClass('calendar', true);
+		$asClasses = array(	array('name'=>'auth', 'project'=>true),
+							array('name'=>'thought', 'project'=>true));
+		
+		parent::__construct($oClassManagement, $sProcessPage, $asClasses);
+		
+		//Init objects
+		if($this->oDb->sDbState == Db::DB_PEACHY) $this->oAuth = new Auth($this->oDb, Settings::API_KEY);
+	}
+	
+	protected function install()
+	{
+		$this->oAuth = new Auth($this->oDb, Settings::API_KEY, false);
+		
+		//Install DB
+		$this->oDb->install();
+		$this->oAuth->addUser('franzz', 'Franzz', '123456');
+	}
+	
+	private function setContext($sProcessPage)
+	{
+		//Browser <> PHP <> MySql synchronization
+		date_default_timezone_set(Settings::TIMEZONE);
+		ini_set('default_charset', Settings::TEXT_ENC);
+		header('Content-Type: text/html; charset='.Settings::TEXT_ENC);
+		mb_internal_encoding(Settings::TEXT_ENC);
+		mb_http_output(Settings::TEXT_ENC);
+		mb_http_input(Settings::TEXT_ENC);
+		mb_language('uni');
+		mb_regex_encoding(Settings::TEXT_ENC);
+		
+		$this->asContext['process_page'] = basename($sProcessPage);
+	
+		$sServerName = array_key_exists('SERVER_NAME', $_SERVER)?$_SERVER['SERVER_NAME']:$_SERVER['PWD'];
+		$sAppPath = 'http://'.str_replace('http://', '', $sServerName.dirname($_SERVER['SCRIPT_NAME']));
+		$this->asContext['serv_name'] = $sAppPath.(mb_substr($sAppPath, -1)!='/'?'/':'');
+	}
+	
+	public function addUncaughtError($sError)
+	{
+		$this->addError('Uncaught errors:'."\n".$sError);
+	}
+	
+	/* Authorizations handling */
+	
+	public function register($sToken, $sNickname)
+	{
+		$asResult = $this->oAuth->register($sToken, $sNickname);
+		
+		if($asResult['success']) return $this->logMeIn($sToken);
+		else return self::getJsonResult($asResult['success'], $asResult['desc']);
+	}
+	
+	public function isLoggedIn()
+	{
+		return $this->oAuth->isLoggedIn();
+	}
+	
+	public function logMeIn($sToken)
+	{
+		$asLogResult = $this->oAuth->logMeIn($sToken);
+		return MyThoughts::getJsonResult($asLogResult['success'], $asLogResult['desc'], $this->getVars());
+	}
+	
+	public function checkApiKey($sApiKey)
+	{
+		return $this->oAuth->checkApiKey($sApiKey);
+	}
+	
+	/* Building main pages */
+	
+	public function getPage()
+	{
+		//Constants
+		$asGlobalVars = array(
+			'consts'	=> array(
+				'token_sep'	=> Auth::TOKEN_SEP,
+				'error'		=> self::ERROR,
+				'success'	=> self::SUCCESS,
+				'context'	=> $this->asContext,
+				'cookie'	=> Auth::USER_COOKIE_PASS
+			),
+			'vars'		=> $this->getVars()
+		);
+		
+		//Pages
+		$asPages = array('logon', 'logoff', 'write', 'settings', 'template');
+		foreach($asPages as $sPage) $asGlobalVars['consts']['pages'][$sPage] = $this->getPageContent($sPage);
+		
+		//Main Page
+		$sPage = $this->getPageContent('index');
+		$sPage = str_replace('asGlobalVars', json_encode($asGlobalVars), $sPage);
+		return $sPage;
+	}
+	
+	private function getVars() {
+		return array(
+			'id'		=> $this->oAuth->getUserId(),
+			'log_in'	=> $this->isLoggedIn()
+		);
+	}
+	
+	/* DB structure. See Db::__construct */
+	
+	protected function getSqlOptions()
+	{
+		return array(
+			'tables' =>	array(
+				self::USER_TABLE		=> array(Db::getText(self::USER_TABLE), 'nickname', 'pass', 'cookie'),
+				Thought::THOUGHT_TABLE	=> array(Db::getId(self::USER_TABLE), Db::getText(Thought::THOUGHT_TABLE)),
+				self::SETTINGS_TABLE	=> array(Db::getId(self::USER_TABLE), Db::getText(self::SETTINGS_TABLE), 'value')
+			),
+			'types'	=>	array(
+				Db::getText(self::USER_TABLE)		=> "varchar(32) NOT NULL",
+				'nickname'							=> "varchar(60) NOT NULL",
+				'pass'								=> "varchar(256) NOT NULL",
+				'cookie'							=> "varchar(255)",
+				Db::getText(Thought::THOUGHT_TABLE)	=> "longtext",
+				Db::getText(self::SETTINGS_TABLE)	=> "varchar(20) NOT NULL",
+				'value'								=> "varchar(20) NOT NULL"
+			),
+			'constraints' => array(
+				self::USER_TABLE	=> "UNIQUE KEY `unique_username` (`".Db::getText(self::USER_TABLE)."`)"
+			),
+			'cascading_delete' => array(
+				self::USER_TABLE	=> array(self::SETTINGS_TABLE, Thought::THOUGHT_TABLE)
+			)
+		);
+	}
+	
+	/* Thoughts */
+	
+	public function getThought($iThoughtId, $sFormat=self::OBJ)
+	{
+		$oThought = new Thought($this->oDb);
+		
+		if($iThoughtId=='last')
+		{
+			$oThought->setUserId($this->oAuth->getUserId());
+			$oThought->openLast();
+		}
+		else $oThought->open($iThoughtId);
+		
+		switch($sFormat)
+		{
+			case self::OBJ:
+				return $oThought; break;
+			case self::ARRAY:
+				return $oThought->get(); break;
+			case self::JSON:
+				return self::getJsonResult(true, '', $oThought->get()); break;
+		}
+	}
+
+	public function updateThought($asOps, $iThoughtId=0, $iUserId=-1)
+	{
+		$oThought = new Thought($this->oDb, $iThoughtId);
+		
+		if($oThought->getId() == 0) {
+			if($iUserId==-1) $iUserId = $this->oAuth->getUserId();
+			if($iUserId!=0) $oThought->setUserId($iUserId);
+			else $this->addError('Adding a thought with no user id');
+		}
+		
+		$oThought->setOps($asOps);
+		$iThoughtId = $oThought->save();
+		
+		$bSuccess = ($iThoughtId>0);
+		$sDesc = 'thought '.($bSuccess?'':'not ').'saved';
+		return self::getJsonResult($bSuccess, $sDesc, $this->getThought($iThoughtId, self::ARRAY));
+	}
+	
+	/* Static toolbox functions */
+
+	public static function getSafeNickName($sNickName)
+	{
+		return $sNickName;
+	}
+}
+
 ?>