gregorio/lepisi-pengumuman
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Mithril as main method

Browse Source
This commit is contained in:
Gregorio Chiko Putra
2017-10-25 12:08:41 +07:00
parent 6040809710
commit d1d5ee1b0c
157 changed files with 19593 additions and 716 deletions
Download Patch File Download Diff File Expand all files Collapse all files

124
App/Controllers/Api.php
View File

@@ -1,16 +1,8 @@
<?php
namespace App\Controllers;
use App\Models\ApiModel;
class Api
{
private $model;
public function __construct()
{
$this->model = new ApiModel();
}
public function index()
{
@@ -27,48 +19,47 @@ class Api
echo json_encode($index, JSON_UNESCAPED_SLASHES);
}
// public function posts($args = ['id' => '1'])
// {
// $get = [];
//
// if ($args['id'] == 3) {
// $get['data'] = $this->model->showJoin();
// } else {
// $get['data'] = $this->model->showJoin([
// ['pengumuman.status', '=', $args['id']]
// ]);
// }
//
// if ($get['data'] == false) {
// $get['data']['content'] = 'Tidak ada pengumuman';
// $get['data']['valid_at'] = '';
// $get['data']['expired_at'] = '';
// $get['data']['status'] = 0;
// $get['data']['background'] = '#333';
// $get['data']['foreground'] = '#888';
// }
//
// if (array_key_exists(0, $get['data']) == false) {
// $temp_data = $get['data'];
// unset($get['data']);
// $get['data'][] = $temp_data;
// $temp_data = [];
// }
//
// header('Content-Type: application/json');
// echo json_encode($get);
// }
public function get($table, $id = "")
public function get($table, $id = "", $args = [])
{
$get = [];
$get['data'] = $this->model->showAll(
($id == "") ? [] : [
['id', '=', $id]
], $table
);
$model = 'App\Models\ApiModel';
if ($table == 'pengumuman') {
$model = 'App\Models\Pengumuman';
}
if ($args == []) {
$get['data'] = $id == "" ? $model::showAll($table) : $model::fetch(
$table,
[
[$table.'.id', '=', $id]
]);
} else {
if ($args['status'] != 3) {
$get['data'] = $model::showAll($table, [
["$table.status", '=', $args['status']]
]);
} else {
$get['data'] = $model::showAll($table);
}
}
$get['count'] = count($get['data']);
if ($table == 'kategori') {
if (isset($get['data'][0])) {
for ($i=0; $i < count($get['data']); $i++) {
$get['data'][$i]['posts'] = count(\App\Models\Pengumuman::showAll('pengumuman', [
['pengumuman.status', '=', 1],
['pengumuman.category', '=', $get['data'][$i]['id']]
]));
}
} else {
$get['data']['posts'] = count(\App\Models\Pengumuman::showAll('pengumuman', [
['pengumuman.status', '=', 1],
['pengumuman.category', '=', $get['data']['id']]
]));
}
}
header('Content-Type: application/json');
echo json_encode($get);
}
@@ -80,8 +71,17 @@ class Api
$args = file_get_contents("php://input");
$args = json_decode($args, true);
$put['data'] = $this->model->update($table, $args);
$put['count'] = count($put['data']);
if (isset($args['posts'])) unset($args['posts']);
$update = \App\Models\ApiModel::update($table, $args);
if (!is_array($update)) {
$put['status'] = false;
$put['message'] = $update;
} else {
$put['status'] = true;
$put['data'] = $update;
$put['count'] = count($put['data']);
}
header('Content-Type: application/json');
echo json_encode($put);
@@ -93,11 +93,18 @@ class Api
$args = file_get_contents("php://input");
$args = json_decode($args, true);
$post['data'] = $this->model->entry($table, $args);
$post['data'] = $this->model->showAll([
['id', '=', $post['data'][0]]
], $table);
$post['count'] = count($post['data']);
$entry = \App\Models\ApiModel::entry($table, $args);
$entry = \App\Models\ApiModel::showAll($table, [
['id', '=', $entry[0]]
]);
if (!is_array($entry)) {
$post['status'] = false;
$post['message'] = $entry;
} else {
$post['status'] = true;
$post['data'] = $entry;
$post['count'] = count($post['data']);
}
header('Content-Type: application/json');
echo json_encode($post);
@@ -109,8 +116,15 @@ class Api
$args = file_get_contents("php://input");
$args = json_decode($args, true);
$delete['data'] = $this->model->remove($table, $args['id']);
$delete['count'] = count($delete['data']);
$remove = \App\Models\ApiModel::remove($table, $args['id']);
if (!is_array($delete['data'])) {
$delete['status'] = false;
$delete['messsage'] = $remove;
} else {
$delete['status'] = true;
$delete['data'] = $remove;
$delete['count'] = count($delete['data']);
}
header('Content-Type: application/json');
echo json_encode($delete);

169
App/Controllers/Home.php
View File

@@ -3,20 +3,23 @@ namespace App\Controllers;
use Core\View;
use App\Models\Access;
use App\Models\ClientSession;
use Core\Token;
use Core\Session;
use Core\Redirect;
use Core\Hash;
use Core\XSS;
use Defuse\Crypto\Crypto;
use Defuse\Crypto\Key;
class Home
{
public $model;
public function __construct()
{
$this->model = new Access();
}
// public $model;
//
// public function __construct()
// {
// $this->model = new Access();
// }
/* Routes */
public function index()
@@ -27,14 +30,16 @@ class Home
public function login($args = [])
{
if (Session::exists('userid')) {
Session::flash('info', 'Anda telah masuk');
Redirect::to('/');
die();
}
// if (Session::exists('userid')) {
// Session::flash('info', 'Anda telah masuk');
// Redirect::to('/');
// die();
// }
// Login
if ($args) {
$logged_in = ['status' => false];
// Avoid XSS
$args['exclude'] = [
'password'
@@ -44,31 +49,44 @@ class Home
$username = $args['username'];
$password = $args['password'];
$user = $this->model->showAll([
['username', '=', $username]
$user = Access::showAll([
['username', '=', $username],
['flag', '=', 0]
]);
if ($user == false) {
$info = "Username/password salah";
$logged_in['status'] = $info;
} else {
$hash = Hash::compare($password, $user['salt'], $user['password']);
if ($hash == true) {
if ($user['max_user'] <= 0) {
$info = "Telah mencapai maksimal user yang diizinkan - Silahkan logout pada perangkat lain terlebih dahulu";
if ($user['flag'] != 0) {
$info = "User telah login";
} else {
$max_user = $user['max_user'] - 1;
if ($this->model->update(['max_user' => $max_user], $user['id']) == true) {
Session::put('userid', $user['id']);
Session::put('username', $user['username']);
Session::put('full_name', $user['full_name']);
Session::put('privilege', $user['privilege']);
if (Access::update(['flag' => 1], $user['id'])) {
$ip_address = isset($_SERVER['HTTP_X_FORWADED_FOR']) ? $_SERVER['HTTP_X_FORWADED_FOR'] : $_SERVER['REMOTE_ADDR'];
ClientSession::entry([
'ip_address' => $ip_address,
'uid' => $user['id']
]);
$session = ClientSession::fetch(['uid' => $user['id']]);
setcookie('signal', $user['privilege']);
$info = "Berhasil masuk";
$logged_in['status'] = true;
$logged_in['redirect_to'] = '/?s='.$session['id']."&u=".$session['uid'];
}
}
} else {
$info = "Username/password salah";
$logged_in['status'] = $info;
}
}
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($logged_in); die();
}
Session::flash('info', $info);
Redirect::to('/');
die();
@@ -79,16 +97,27 @@ class Home
}
}
public function logout() {
if ($this->delete() != true) {
$info = "Terjadi kesalahan. Silahkan coba lagi dalam beberapa saat";
} else {
Session::delete('userid');
Session::delete('username');
Session::delete('full_name');
Session::delete('privilege');
public function logout($id = '') {
$logged_out = ['status' => false];
try {
if ($id) {
$this->delete($id);
} else {
$this->delete();
}
session_destroy();
header('X-Token: ');
setcookie('signal', '', time()-3600);
$info = "Berhasil keluar";
$logged_out['status'] = true;
$logged_out['redirect_to'] = '/';
} catch (\Exception $e) {
$logged_out['status'] = $e->getMessage();
}
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($logged_out);die();
}
Session::flash('info', $info);
Redirect::to('/');
@@ -108,9 +137,16 @@ class Home
/* Methods */
public function post($args = [])
{
$registered = [];
foreach ($args as $value) {
if ($value == '') {
Session::flash('info', 'Semua data harus diisi');
$info = 'Semua data harus diisi';
$registered['status'] = 'false';
$registered['message'] = $info;
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($registered);die();
}
Session::flash('info', $info);
Redirect::to('./register');
die();
}
@@ -133,7 +169,7 @@ class Home
];
$args = XSS::avoid($args);
$data = $this->model->showAll();
$data = Access::showAll();
foreach ($data as $users) {
if (is_array($users)) {
$known_uname = $users['username'];
@@ -141,38 +177,71 @@ class Home
$known_uname = $data['username'];
}
if ($args['username'] == $known_uname) {
Session::flash('info', 'Username telah digunakan. Silahkan gunakan username lain');
$info = 'Username telah digunakan. Silahkan gunakan username lain';
$registered['status'] = false;
$registered['message'] = $info;
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($registered);die();
}
Session::flash('info', $info);
Redirect::to('./register');
die();
}
}
$this->model->entry($args);
Access::entry($args);
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode([
'status' => true,
'route_to' => ''
]);die();
}
Session::flash('info', 'Registrasi berhasil');
Redirect::to('/');
die();
}
public function delete()
public function delete($id = '')
{
if (Session::exists('userid') == false) {
throw new \Exception("Bad request but thrown as 404", 404);
}
$userid = Session::get('userid');
// if (Session::exists('userid') == false) {
// throw new \Exception("Bad request but thrown as 404", 404);
// }
// $client = ClientSession::fetch([
//
// ])
// $userid = Session::get('userid');
//
// $user = Access::showAll([
// ['id', '=', $userid]
// ]);
// $max_user = $user['max_user'] + 1;
//
// if (Access::update(
// [
// 'max_user' => $max_user
// ],
// $userid
// ) != true) {
// throw new \Exception("Bad request", 400);
// }
// return true;
$user = $this->model->showAll([
['id', '=', $userid]
]);
$max_user = $user['max_user'] + 1;
if ($this->model->update(
[
'max_user' => $max_user
],
$userid
) != true) {
throw new \Exception("Bad request", 400);
if ($id) {
$uid = $id;
} elseif (isset($_SERVER['HTTP_X_TOKEN'])) {
$token = Token::fetch($_SERVER['HTTP_X_TOKEN']);
if ($token == '') {
throw new \Exception("Token invalid");
}
$uid = $token['uid'];
} elseif (isset($_SERVER['HTTP_X_QUERY'])) {
$query_string = $_SERVER['HTTP_X_QUERY'];
$exploded = explode('&', $query_string);
$uid = $exploded[1];
}
ClientSession::remove($uid);
Access::update(['flag' => 0], $uid);
return true;
}
@@ -186,7 +255,7 @@ class Home
} else {
$user = false;
}
View::render('Data/mithril.html', [
'user' => $user
]);

63
App/Controllers/Posts.php
View File

@@ -124,8 +124,7 @@ class Posts
View::render($url, [
'posts' => $datas,
'user' => $user,
'token' => Token::generate()
'user' => $user
]);
}
@@ -263,8 +262,26 @@ class Posts
}
/* Methods */
public function post($args = [])
public function post($args)
{
$post = [];
if ($args == [] || count($args) < 4) {
$post['status'] = false;
$post['message'] = 'Semua data harus diisi ya broo';
$post['data'] = $args;
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($post);
die();
}
Session::flash('info', 'Semua data harus diisi');
if (isset($table)) {
Redirect::to("/posts/category");
} else {
Redirect::to('/posts/entry');
}
die();
}
if (isset($args['_addon'])) {
$table = $args['_addon'];
unset($args['_addon']);
@@ -272,6 +289,12 @@ class Posts
foreach ($args as $value) {
if ($value == '') {
$post['status'] = false;
$post['message'] = 'Semua data harus diisi';
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($post);
die();
}
Session::flash('info', 'Semua data harus diisi');
if (isset($table)) {
Redirect::to("/posts/category");
@@ -282,6 +305,12 @@ class Posts
}
}
$query_string = $_SERVER['HTTP_X_QUERY'];
$exploded = explode('&', $query_string);
$args['creator'] = substr_replace($exploded[1], '', 0, 2);
$args['created_at'] = date('Y-m-d H:i:s');
$args['edited_at'] = $args['created_at'];
// Avoid XSS attack
$args = XSS::avoid($args);
@@ -297,16 +326,27 @@ class Posts
$length = strlen($args['content']);
$args['delay'] = $length * 84;
if ($this->model->entry($args)) {
Session::flash('info', 'Data berhasil diunggah');
Redirect::to('/');
try {
$this->model->entry($args);
} catch (Exception $e) {
$post['message'] = $e->getMessage();
}
$post['status'] = true;
$post['route_to'] = '';
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($post);
die();
}
Session::flash('info', 'Data berhasil diunggah');
Redirect::to('/');
}
die();
}
public function put($args)
{
$update = [];
if (isset($args['_addon'])) {
$table = $args['_addon'];
unset($args['_addon']);
@@ -318,6 +358,11 @@ class Posts
die();
}
if (isset($args['categoryName'])) { unset($args['categoryName']); }
if (isset($args['creatorName'])) { unset($args['creatorName']); }
if (isset($args['background'])) { unset($args['background']); }
if (isset($args['foreground'])) { unset($args['foreground']); }
// Avoid XSS attack
$args = XSS::avoid($args);
@@ -361,6 +406,12 @@ class Posts
$args['delay'] = $length * 84;
if ($this->model->update($args, $id)) {
$update['status'] = true;
$update['route_to'] = '';
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($update);
die();
}
Session::flash('info', 'Data berhasil diperbarui');
Redirect::to('/');
} else {