gregorio/lepisi-pengumuman
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Mithril as main method

Browse Source
This commit is contained in:
Gregorio Chiko Putra
2017-10-25 12:08:41 +07:00
parent 6040809710
commit d1d5ee1b0c
157 changed files with 19593 additions and 716 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
App/Controllers/Home.php
View File

@@ -3,20 +3,23 @@ namespace App\Controllers;
use Core\View;
use App\Models\Access;
use App\Models\ClientSession;
use Core\Token;
use Core\Session;
use Core\Redirect;
use Core\Hash;
use Core\XSS;
use Defuse\Crypto\Crypto;
use Defuse\Crypto\Key;
class Home
{
public $model;
public function __construct()
{
$this->model = new Access();
}
// public $model;
//
// public function __construct()
// {
// $this->model = new Access();
// }
/* Routes */
public function index()
@@ -27,14 +30,16 @@ class Home
public function login($args = [])
{
if (Session::exists('userid')) {
Session::flash('info', 'Anda telah masuk');
Redirect::to('/');
die();
}
// if (Session::exists('userid')) {
// Session::flash('info', 'Anda telah masuk');
// Redirect::to('/');
// die();
// }
// Login
if ($args) {
$logged_in = ['status' => false];
// Avoid XSS
$args['exclude'] = [
'password'
@@ -44,31 +49,44 @@ class Home
$username = $args['username'];
$password = $args['password'];
$user = $this->model->showAll([
['username', '=', $username]
$user = Access::showAll([
['username', '=', $username],
['flag', '=', 0]
]);
if ($user == false) {
$info = "Username/password salah";
$logged_in['status'] = $info;
} else {
$hash = Hash::compare($password, $user['salt'], $user['password']);
if ($hash == true) {
if ($user['max_user'] <= 0) {
$info = "Telah mencapai maksimal user yang diizinkan - Silahkan logout pada perangkat lain terlebih dahulu";
if ($user['flag'] != 0) {
$info = "User telah login";
} else {
$max_user = $user['max_user'] - 1;
if ($this->model->update(['max_user' => $max_user], $user['id']) == true) {
Session::put('userid', $user['id']);
Session::put('username', $user['username']);
Session::put('full_name', $user['full_name']);
Session::put('privilege', $user['privilege']);
if (Access::update(['flag' => 1], $user['id'])) {
$ip_address = isset($_SERVER['HTTP_X_FORWADED_FOR']) ? $_SERVER['HTTP_X_FORWADED_FOR'] : $_SERVER['REMOTE_ADDR'];
ClientSession::entry([
'ip_address' => $ip_address,
'uid' => $user['id']
]);
$session = ClientSession::fetch(['uid' => $user['id']]);
setcookie('signal', $user['privilege']);
$info = "Berhasil masuk";
$logged_in['status'] = true;
$logged_in['redirect_to'] = '/?s='.$session['id']."&u=".$session['uid'];
}
}
} else {
$info = "Username/password salah";
$logged_in['status'] = $info;
}
}
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($logged_in); die();
}
Session::flash('info', $info);
Redirect::to('/');
die();
@@ -79,16 +97,27 @@ class Home
}
}
public function logout() {
if ($this->delete() != true) {
$info = "Terjadi kesalahan. Silahkan coba lagi dalam beberapa saat";
} else {
Session::delete('userid');
Session::delete('username');
Session::delete('full_name');
Session::delete('privilege');
public function logout($id = '') {
$logged_out = ['status' => false];
try {
if ($id) {
$this->delete($id);
} else {
$this->delete();
}
session_destroy();
header('X-Token: ');
setcookie('signal', '', time()-3600);
$info = "Berhasil keluar";
$logged_out['status'] = true;
$logged_out['redirect_to'] = '/';
} catch (\Exception $e) {
$logged_out['status'] = $e->getMessage();
}
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($logged_out);die();
}
Session::flash('info', $info);
Redirect::to('/');
@@ -108,9 +137,16 @@ class Home
/* Methods */
public function post($args = [])
{
$registered = [];
foreach ($args as $value) {
if ($value == '') {
Session::flash('info', 'Semua data harus diisi');
$info = 'Semua data harus diisi';
$registered['status'] = 'false';
$registered['message'] = $info;
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($registered);die();
}
Session::flash('info', $info);
Redirect::to('./register');
die();
}
@@ -133,7 +169,7 @@ class Home
];
$args = XSS::avoid($args);
$data = $this->model->showAll();
$data = Access::showAll();
foreach ($data as $users) {
if (is_array($users)) {
$known_uname = $users['username'];
@@ -141,38 +177,71 @@ class Home
$known_uname = $data['username'];
}
if ($args['username'] == $known_uname) {
Session::flash('info', 'Username telah digunakan. Silahkan gunakan username lain');
$info = 'Username telah digunakan. Silahkan gunakan username lain';
$registered['status'] = false;
$registered['message'] = $info;
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode($registered);die();
}
Session::flash('info', $info);
Redirect::to('./register');
die();
}
}
$this->model->entry($args);
Access::entry($args);
if (isset($_SERVER['HTTP_CLIENT']) && $_SERVER['HTTP_CLIENT'] == 'api') {
echo json_encode([
'status' => true,
'route_to' => ''
]);die();
}
Session::flash('info', 'Registrasi berhasil');
Redirect::to('/');
die();
}
public function delete()
public function delete($id = '')
{
if (Session::exists('userid') == false) {
throw new \Exception("Bad request but thrown as 404", 404);
}
$userid = Session::get('userid');
// if (Session::exists('userid') == false) {
// throw new \Exception("Bad request but thrown as 404", 404);
// }
// $client = ClientSession::fetch([
//
// ])
// $userid = Session::get('userid');
//
// $user = Access::showAll([
// ['id', '=', $userid]
// ]);
// $max_user = $user['max_user'] + 1;
//
// if (Access::update(
// [
// 'max_user' => $max_user
// ],
// $userid
// ) != true) {
// throw new \Exception("Bad request", 400);
// }
// return true;
$user = $this->model->showAll([
['id', '=', $userid]
]);
$max_user = $user['max_user'] + 1;
if ($this->model->update(
[
'max_user' => $max_user
],
$userid
) != true) {
throw new \Exception("Bad request", 400);
if ($id) {
$uid = $id;
} elseif (isset($_SERVER['HTTP_X_TOKEN'])) {
$token = Token::fetch($_SERVER['HTTP_X_TOKEN']);
if ($token == '') {
throw new \Exception("Token invalid");
}
$uid = $token['uid'];
} elseif (isset($_SERVER['HTTP_X_QUERY'])) {
$query_string = $_SERVER['HTTP_X_QUERY'];
$exploded = explode('&', $query_string);
$uid = $exploded[1];
}
ClientSession::remove($uid);
Access::update(['flag' => 0], $uid);
return true;
}
@@ -186,7 +255,7 @@ class Home
} else {
$user = false;
}
View::render('Data/mithril.html', [
'user' => $user
]);