Login works!

2015-04-17 22:14:31 +00:00 · 2015-04-17 22:14:31 +00:00 · 61c4076786
commit 61c4076786
parent 085a9ce80b
6 changed files with 128 additions and 13 deletions
--- a/_sakura/components/Sessions.php
+++ b/_sakura/components/Sessions.php
@ -19,8 +19,8 @@ class Session {
            session_start();

        // Assign user and session IDs
-        self::$userId       = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id'])      ? isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id'])      : 0;
-        self::$sessionId    = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session']) ? isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session']) : '';
+        self::$userId       = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id'])      ? $_COOKIE[Configuration::getConfig('cookie_prefix') .'id']         : 0;
+        self::$sessionId    = isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session']) ? $_COOKIE[Configuration::getConfig('cookie_prefix') .'session']    : '';

    }

@ -49,7 +49,47 @@ class Session {
    // Check session data (expiry, etc.)
    public static function checkSession($userId, $sessionId) {

+        // Get session from database
+        $session = Database::fetch('sessions', true, ['userid' => [$userId, '='], 'skey' => [$sessionId, '=']]);

+        // Check if we actually got something in return
+        if(!count($session))
+            return false;
+        else
+            $session = $session[0];
+
+        // Check if the session expired
+        if($session['expire'] < time()) {
+
+            // If it is delete the session...
+            self::deleteSession($session['id']);
+
+            // ...and return false
+            return false;
+
+        }
+
+        // If the remember flag is set extend the session time
+        if($session['remember'])
+            Database::update('sessions', [['expire' => time() + 604800], ['id' => [$session['id'], '=']]]);
+
+        // Return 2 if the remember flag is set and return 1 if not
+        return $session['remember'] ? 2 : 1;
+
+    }
+
+    // Delete a session
+    public static function deleteSession($sessionId, $key = false) {
+
+        // Check if the session exists
+        if(!Database::fetch('sessions', [($key ? 'skey' : 'id'), true, [$sessionId, '=']]))
+            return false;
+
+        // Run the query
+        Database::delete('sessions', [($key ? 'skey' : 'id'), [$sessionId, '=']]);
+
+        // Return true if key was found and deleted
+        return true;

    }

--- a/_sakura/components/Users.php
+++ b/_sakura/components/Users.php
@ -45,10 +45,32 @@ class Users {
    ];

    // Check if a user is logged in
-    public static function loggedIn() {
+    public static function checkLogin() {

-        // Just return false for now since we don't have a user system yet
-        return false;
+        // Check if the cookies are set
+        if(
+            !isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'id']) ||
+            !isset($_COOKIE[Configuration::getConfig('cookie_prefix') .'session'])
+        )
+            return false;
+
+        // Check if the session exists
+        if(!$session = Session::checkSession(
+            Session::$userId,
+            Session::$sessionId
+        ))
+            return false;
+
+        // Extend the cookie times if the remember flag is set
+        if($session == 2) {
+
+            setcookie(Configuration::getConfig('cookie_prefix') .'id',      Session::$userId,       time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
+            setcookie(Configuration::getConfig('cookie_prefix') .'session', Session::$sessionId,    time() + 604800, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
+
+        }
+
+        // If everything went through return true
+        return true;

    }

@ -99,8 +121,20 @@ class Users {
    // Logout and kill the session
    public static function logout() {

+        // Check if user is logged in
+        if(!self::checkLogin())
+            return false;
+
        // Remove the active session from the database
-        // Session::deleteSession($id, $key);
+        if(!Session::deleteSession($id, true))
+            return false;
+
+        // Set cookies
+        setcookie(Configuration::getConfig('cookie_prefix') .'id',      0,  time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
+        setcookie(Configuration::getConfig('cookie_prefix') .'session', '', time() - 60, Configuration::getConfig('cookie_path'), Configuration::getConfig('cookie_domain'));
+
+        // Return true indicating a successful logout
+        return true;

    }

--- a/_sakura/components/database/mysql.php
+++ b/_sakura/components/database/mysql.php
@ -271,4 +271,45 @@ class Database {

    }

+    // Delete data from the database
+    public static function delete($table, $data) {
+
+        // Begin preparation of the statement
+        $prepare = 'DELETE FROM `' . Configuration::getLocalConfig('db', 'prefix') . $table . '`';
+
+        // If $data is set and is an array continue
+        if(is_array($data)) {
+
+            $prepare .= ' WHERE';
+
+            foreach($data as $key => $value) {
+                $prepare .= ' `'. $key .'` '. $value[1] .' :'. $key . ($key == key(array_slice($data, -1, 1, true)) ? '' : ' AND');
+
+                // Unset variables to be safe
+                unset($key);
+                unset($value);
+            }
+
+        }
+
+        // Actually prepare the preration
+        $query = self::$sql->prepare($prepare);
+
+        // Bind those parameters
+        foreach($data as $key => $value) {
+            $query->bindParam(':'. $key, $value[0]);
+
+            // Unset variables to be safe
+            unset($key);
+            unset($value);
+        }
+
+        // Execute the prepared statements with parameters bound
+        $result = $query->execute();
+
+        // Return whatever can be returned
+        return $result;
+
+    }
+
 }
--- a/_sakura/sakura.php
+++ b/_sakura/sakura.php
@ -8,7 +8,7 @@
 namespace Sakura;

 // Define Sakura version
-define('SAKURA_VERSION', '20150412');
+define('SAKURA_VERSION', '20150417');

 // Define Sakura Path
 define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__)));
@ -63,6 +63,6 @@ $renderData = array(
        'time'      => \time()
    ],
    'user' => [
-        'loggedin' => Users::loggedIn()
+        'checklogin' => Users::checkLogin()
    ]
 );
--- a/_sakura/templates/yuuno/global/header.tpl
+++ b/_sakura/templates/yuuno/global/header.tpl
@ -17,7 +17,7 @@
        <!-- JS -->
        <script type="text/javascript" src="{{ sakura.resources }}/js/yuuno.js"></script>
        <script type="text/javascript">
-        {% if user.loggedin != true %}
+        {% if not user.checklogin %}
            // Setting the shit so clicking the login link doesn't redirect to /login
            function initLoginForm() {

@ -65,7 +65,7 @@
                </div>
            </div>
            <div id="contentwrapper">
-                {% if user.loggedin != true %}
+                {% if not user.checklogin %}
                    <div class="hidden" id="headerLoginForm">
                        <form method="post" action="/authenticate">
                            <input type="hidden" name="redirect" value="{{ sakura.currentpage }}" />
--- a/main/authenticate.php
+++ b/main/authenticate.php
@ -36,7 +36,7 @@ if(
            // Add page specific things
            $renderData['page'] = [
                'title'     => 'Login',
-                'redirect'  => ($login[0] ? ((strpos($_REQUEST['redirect'], '://') ? '' : '//') . $_REQUEST['redirect']) : '/authenticate'),
+                'redirect'  => ($login[0] ? $_REQUEST['redirect'] : '/authenticate'),
                'message'   => $messages[$login[1]]
            ];