Login works!

This commit is contained in:
flash 2015-04-17 22:14:31 +00:00
parent 085a9ce80b
commit 61c4076786
6 changed files with 128 additions and 13 deletions

View file

@ -19,8 +19,8 @@ class Session {
session_start(); session_start();
// Assign user and session IDs // Assign user and session IDs
self::$userId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id']) ? isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id']) : 0; self::$userId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id']) ? $_COOKIE[Configuration::getConfig('cookie_prefix') .'id'] : 0;
self::$sessionId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session']) ? isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session']) : ''; self::$sessionId = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session']) ? $_COOKIE[Configuration::getConfig('cookie_prefix') .'session'] : '';
} }
@ -49,7 +49,47 @@ class Session {
// Check session data (expiry, etc.) // Check session data (expiry, etc.)
public static function checkSession($userId, $sessionId) { public static function checkSession($userId, $sessionId) {
// Get session from database
$session = Database::fetch('sessions', true, ['userid' => [$userId, '='], 'skey' => [$sessionId, '=']]);
// Check if we actually got something in return
if(!count($session))
return false;
else
$session = $session[0];
// Check if the session expired
if($session['expire'] < time()) {
// If it is delete the session...
self::deleteSession($session['id']);
// ...and return false
return false;
}
// If the remember flag is set extend the session time
if($session['remember'])
Database::update('sessions', [['expire' => time() + 604800], ['id' => [$session['id'], '=']]]);
// Return 2 if the remember flag is set and return 1 if not
return $session['remember'] ? 2 : 1;
}
// Delete a session
public static function deleteSession($sessionId, $key = false) {
// Check if the session exists
if(!Database::fetch('sessions', [($key ? 'skey' : 'id'), true, [$sessionId, '=']]))
return false;
// Run the query
Database::delete('sessions', [($key ? 'skey' : 'id'), [$sessionId, '=']]);
// Return true if key was found and deleted
return true;
} }

View file

@ -45,11 +45,33 @@ class Users {
]; ];
// Check if a user is logged in // Check if a user is logged in
public static function loggedIn() { public static function checkLogin() {
// Just return false for now since we don't have a user system yet // Check if the cookies are set
if(
!isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id']) ||
!isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session'])
)
return false; return false;
// Check if the session exists
if(!$session = Session::checkSession(
Session::$userId,
Session::$sessionId
))
return false;
// Extend the cookie times if the remember flag is set
if($session == 2) {
setcookie(Configuration::getConfig('cookie_prefix') .'id', Session::$userId, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
setcookie(Configuration::getConfig('cookie_prefix') .'session', Session::$sessionId, time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
}
// If everything went through return true
return true;
} }
// Log a user in // Log a user in
@ -99,8 +121,20 @@ class Users {
// Logout and kill the session // Logout and kill the session
public static function logout() { public static function logout() {
// Check if user is logged in
if(!self::checkLogin())
return false;
// Remove the active session from the database // Remove the active session from the database
// Session::deleteSession($id, $key); if(!Session::deleteSession($id, true))
return false;
// Set cookies
setcookie(Configuration::getConfig('cookie_prefix') .'id', 0, time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
setcookie(Configuration::getConfig('cookie_prefix') .'session', '', time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
// Return true indicating a successful logout
return true;
} }

View file

@ -271,4 +271,45 @@ class Database {
} }
// Delete data from the database
public static function delete($table, $data) {
// Begin preparation of the statement
$prepare = 'DELETE FROM `' . Configuration::getLocalConfig('db', 'prefix') . $table . '`';
// If $data is set and is an array continue
if(is_array($data)) {
$prepare .= ' WHERE';
foreach($data as $key => $value) {
$prepare .= ' `'. $key .'` '. $value[1] .' :'. $key . ($key == key(array_slice($data, -1, 1, true)) ? '' : ' AND');
// Unset variables to be safe
unset($key);
unset($value);
}
}
// Actually prepare the preration
$query = self::$sql->prepare($prepare);
// Bind those parameters
foreach($data as $key => $value) {
$query->bindParam(':'. $key, $value[0]);
// Unset variables to be safe
unset($key);
unset($value);
}
// Execute the prepared statements with parameters bound
$result = $query->execute();
// Return whatever can be returned
return $result;
}
} }

View file

@ -8,7 +8,7 @@
namespace Sakura; namespace Sakura;
// Define Sakura version // Define Sakura version
define('SAKURA_VERSION', '20150412'); define('SAKURA_VERSION', '20150417');
// Define Sakura Path // Define Sakura Path
define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__))); define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__)));
@ -63,6 +63,6 @@ $renderData = array(
'time' => \time() 'time' => \time()
], ],
'user' => [ 'user' => [
'loggedin' => Users::loggedIn() 'checklogin' => Users::checkLogin()
] ]
); );

View file

@ -17,7 +17,7 @@
<!-- JS --> <!-- JS -->
<script type="text/javascript" src="{{ sakura.resources }}/js/yuuno.js"></script> <script type="text/javascript" src="{{ sakura.resources }}/js/yuuno.js"></script>
<script type="text/javascript"> <script type="text/javascript">
{% if user.loggedin != true %} {% if not user.checklogin %}
// Setting the shit so clicking the login link doesn't redirect to /login // Setting the shit so clicking the login link doesn't redirect to /login
function initLoginForm() { function initLoginForm() {
@ -65,7 +65,7 @@
</div> </div>
</div> </div>
<div id="contentwrapper"> <div id="contentwrapper">
{% if user.loggedin != true %} {% if not user.checklogin %}
<div class="hidden" id="headerLoginForm"> <div class="hidden" id="headerLoginForm">
<form method="post" action="/authenticate"> <form method="post" action="/authenticate">
<input type="hidden" name="redirect" value="{{ sakura.currentpage }}" /> <input type="hidden" name="redirect" value="{{ sakura.currentpage }}" />

View file

@ -36,7 +36,7 @@ if(
// Add page specific things // Add page specific things
$renderData['page'] = [ $renderData['page'] = [
'title' => 'Login', 'title' => 'Login',
'redirect' => ($login[0] ? ((strpos($_REQUEST['redirect'], '://') ? '' : '//') . $_REQUEST['redirect']) : '/authenticate'), 'redirect' => ($login[0] ? $_REQUEST['redirect'] : '/authenticate'),
'message' => $messages[$login[1]] 'message' => $messages[$login[1]]
]; ];