Skip to content
Snippets Groups Projects
Commit d5fc41d8 authored by Sibidharan's avatar Sibidharan :speech_balloon:
Browse files

labs continuity

parent 72044cb8
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
README.md
+ 1
1
View file @ d5fc41d8
...@@ -83,7 +83,7 @@ Enter the password you have given for root during `mysql_secure_installation` an ...@@ -83,7 +83,7 @@ Enter the password you have given for root during `mysql_secure_installation` an
mysql> mysql>
``` ```
From here, we need to create a database called `apis`. From here, we need to create a database called
``` ```
mysql> CREATE DATABASE apis; mysql> CREATE DATABASE apis;
......
api/lib/Folder.class.php
+ 51
36
View file @ d5fc41d8
...@@ -6,41 +6,49 @@ require_once $_SERVER['DOCUMENT_ROOT'].'/vendor/autoload.php'; ...@@ -6,41 +6,49 @@ require_once $_SERVER['DOCUMENT_ROOT'].'/vendor/autoload.php';
use Carbon\Carbon; use Carbon\Carbon;
class Folder extends Share{ class Folder extends Share
{
private $db; private $db;
private $data = null; private $data = null;
private $id = null; private $id = null;
public function __construct($id = null){ public function __construct($id = null)
{
parent::__construct($id, 'folder'); parent::__construct($id, 'folder');
$this->db = Database::getConnection(); $this->db = Database::getConnection();
if($id!=null){ if ($id!=null) {
$this->id = $id; $this->id = $id;
$this->refresh(); $this->refresh();
} }
} }
public function getName(){ public function getName()
if($this->data and isset($this->data['name'])){ {
if ($this->data and isset($this->data['name'])) {
return $this->data['name']; return $this->data['name'];
} }
} }
public function getId(){ public function getId()
if($this->id) return $this->id; {
if ($this->id) {
return $this->id;
}
} }
public function createdAt(){ public function createdAt()
if($this->data and isset($this->data['created_at'])){ {
if ($this->data and isset($this->data['created_at'])) {
$c = new Carbon($this->data['created_at'], date_default_timezone_get()); $c = new Carbon($this->data['created_at'], date_default_timezone_get());
return $c->diffForHumans(); return $c->diffForHumans();
} }
} }
public function createNew($name='Default Folder'){ public function createNew($name='Default Folder')
if(isset($_SESSION['username']) and strlen($name) >= 5 and strlen($name) <=45){ {
$query = "INSERT INTO `apis`.`folders` (`name`, `owner`) VALUES ('$name', '$_SESSION[username]');"; if (isset($_SESSION['username']) and strlen($name) >= 5 and strlen($name) <=45) {
if(mysqli_query($this->db, $query)){ $query = "INSERT INTO `folders` (`name`, `owner`) VALUES ('$name', '$_SESSION[username]');";
if (mysqli_query($this->db, $query)) {
$this->id = mysqli_insert_id($this->db); $this->id = mysqli_insert_id($this->db);
return $this->id; return $this->id;
} }
...@@ -49,13 +57,14 @@ class Folder extends Share{ ...@@ -49,13 +57,14 @@ class Folder extends Share{
} }
} }
public function refresh(){ public function refresh()
if($this->id != null){ {
if ($this->id != null) {
$query = "SELECT * FROM folders WHERE id=$this->id"; $query = "SELECT * FROM folders WHERE id=$this->id";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
if($result && mysqli_num_rows($result) == 1){ if ($result && mysqli_num_rows($result) == 1) {
$this->data = mysqli_fetch_assoc($result); $this->data = mysqli_fetch_assoc($result);
if($this->getOwner() != $_SESSION['username']){ if ($this->getOwner() != $_SESSION['username']) {
throw new Exception("Unauthorized"); throw new Exception("Unauthorized");
} }
$this->id = $this->data['id']; $this->id = $this->data['id'];
...@@ -65,15 +74,17 @@ class Folder extends Share{ ...@@ -65,15 +74,17 @@ class Folder extends Share{
} }
} }
public function getOwner(){ public function getOwner()
if($this->data and isset($this->data['owner'])){ {
if ($this->data and isset($this->data['owner'])) {
return $this->data['owner']; return $this->data['owner'];
} }
} }
public function rename($name){ public function rename($name)
if($this->id){ {
$query = "UPDATE `apis`.`folders` SET `name` = '$name' WHERE (`id` = '$this->id');"; if ($this->id) {
$query = "UPDATE `folders` SET `name` = '$name' WHERE (`id` = '$this->id');";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
$this->refresh(); $this->refresh();
return $result; return $result;
...@@ -82,12 +93,13 @@ class Folder extends Share{ ...@@ -82,12 +93,13 @@ class Folder extends Share{
} }
} }
public function getAllNotes(){ public function getAllNotes()
{
$query = "SELECT * FROM notes WHERE folder_id=$this->id"; $query = "SELECT * FROM notes WHERE folder_id=$this->id";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
if($result){ if ($result) {
$data = mysqli_fetch_all($result, MYSQLI_ASSOC); $data = mysqli_fetch_all($result, MYSQLI_ASSOC);
for($i=0; $i<count($data); $i++){ for ($i=0; $i<count($data); $i++) {
$c_at = $data[$i]['created_at']; $c_at = $data[$i]['created_at'];
$u_at = $data[$i]['updated_at']; $u_at = $data[$i]['updated_at'];
$c_c = new Carbon($c_at); $c_c = new Carbon($c_at);
...@@ -101,25 +113,27 @@ class Folder extends Share{ ...@@ -101,25 +113,27 @@ class Folder extends Share{
} }
} }
public function countNotes(){ public function countNotes()
{
$query = "SELECT COUNT(*) FROM notes WHERE folder_id=$this->id"; $query = "SELECT COUNT(*) FROM notes WHERE folder_id=$this->id";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
if($result){ if ($result) {
$data = mysqli_fetch_assoc($result); $data = mysqli_fetch_assoc($result);
return $data['COUNT(*)']; return $data['COUNT(*)'];
} }
} }
public function delete(){ public function delete()
if(isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']){ {
if (isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']) {
$notes = $this->getAllNotes(); $notes = $this->getAllNotes();
foreach($notes as $note){ foreach ($notes as $note) {
$n = new Notes($note['id']); $n = new Notes($note['id']);
$n->delete(); $n->delete();
} }
if($this->id){ if ($this->id) {
$query = "DELETE FROM `apis`.`folders` WHERE (`id` = '$this->id');"; $query = "DELETE FROM `folders` WHERE (`id` = '$this->id');";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
return $result; return $result;
} else { } else {
...@@ -130,13 +144,14 @@ class Folder extends Share{ ...@@ -130,13 +144,14 @@ class Folder extends Share{
} }
} }
public static function getAllFolders(){ public static function getAllFolders()
{
$db = Database::getConnection(); $db = Database::getConnection();
$query = "SELECT * FROM folders WHERE owner='$_SESSION[username]'"; $query = "SELECT * FROM folders WHERE owner='$_SESSION[username]'";
$result = mysqli_query($db, $query); $result = mysqli_query($db, $query);
if($result){ if ($result) {
$data = mysqli_fetch_all($result, MYSQLI_ASSOC); $data = mysqli_fetch_all($result, MYSQLI_ASSOC);
for($i=0; $i<count($data); $i++){ for ($i=0; $i<count($data); $i++) {
$date = $data[$i]['created_at']; $date = $data[$i]['created_at'];
$c = new Carbon($date); $c = new Carbon($date);
$data[$i]['created'] = $c->diffForHumans(); $data[$i]['created'] = $c->diffForHumans();
...@@ -148,4 +163,4 @@ class Folder extends Share{ ...@@ -148,4 +163,4 @@ class Folder extends Share{
return []; return [];
} }
} }
} }
\ No newline at end of file
api/lib/Notes.class.php
+ 60
46
View file @ d5fc41d8
...@@ -6,23 +6,26 @@ require_once $_SERVER['DOCUMENT_ROOT'].'/vendor/autoload.php'; ...@@ -6,23 +6,26 @@ require_once $_SERVER['DOCUMENT_ROOT'].'/vendor/autoload.php';
use Carbon\Carbon; use Carbon\Carbon;
class Notes extends Share{ class Notes extends Share
public function __construct($id=null){ {
public function __construct($id=null)
{
parent::__construct($id, 'note'); parent::__construct($id, 'note');
$this->db = Database::getConnection(); $this->db = Database::getConnection();
if($id!=null){ if ($id!=null) {
$this->id = $id; $this->id = $id;
$this->refresh(); $this->refresh();
} }
} }
public function refresh(){ public function refresh()
if($this->id != null){ {
if ($this->id != null) {
$query = "SELECT * FROM notes WHERE id=$this->id"; $query = "SELECT * FROM notes WHERE id=$this->id";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
if($result && mysqli_num_rows($result) == 1){ if ($result && mysqli_num_rows($result) == 1) {
$this->data = mysqli_fetch_assoc($result); $this->data = mysqli_fetch_assoc($result);
if($this->getOwner() != $_SESSION['username']){ if ($this->getOwner() != $_SESSION['username']) {
throw new Exception("Unauthorized"); throw new Exception("Unauthorized");
} }
$this->id = $this->data['id']; $this->id = $this->data['id'];
...@@ -32,52 +35,60 @@ class Notes extends Share{ ...@@ -32,52 +35,60 @@ class Notes extends Share{
} }
} }
public function getOwner(){ public function getOwner()
if($this->data and isset($this->data['owner'])){ {
if ($this->data and isset($this->data['owner'])) {
return $this->data['owner']; return $this->data['owner'];
} }
} }
public function getID(){ public function getID()
{
return $this->id; return $this->id;
} }
public function getBody(){ public function getBody()
if($this->data and isset($this->data['body'])){ {
if ($this->data and isset($this->data['body'])) {
return $this->data['body']; return $this->data['body'];
} }
} }
public function getFolderID(){ public function getFolderID()
if($this->data and isset($this->data['folder_id'])){ {
if ($this->data and isset($this->data['folder_id'])) {
return $this->data['folder_id']; return $this->data['folder_id'];
} }
} }
public function getTitle(){ public function getTitle()
if($this->data and isset($this->data['title'])){ {
if ($this->data and isset($this->data['title'])) {
return $this->data['title']; return $this->data['title'];
} }
} }
public function createdAt(){ public function createdAt()
if($this->data and isset($this->data['created_at'])){ {
if ($this->data and isset($this->data['created_at'])) {
$c = new Carbon($this->data['created_at'], date_default_timezone_get()); $c = new Carbon($this->data['created_at'], date_default_timezone_get());
return $c->diffForHumans(); return $c->diffForHumans();
} }
} }
public function updatedAt(){ public function updatedAt()
if($this->data and isset($this->data['updated_at'])){ {
if ($this->data and isset($this->data['updated_at'])) {
$c = new Carbon($this->data['updated_at'], date_default_timezone_get()); $c = new Carbon($this->data['updated_at'], date_default_timezone_get());
return $c->diffForHumans(); return $c->diffForHumans();
} }
} }
public function setBody($body){ public function setBody($body)
if(isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']){ {
if($this->id){ if (isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']) {
$query = "UPDATE `apis`.`notes` SET `body` = '$body' WHERE (`id` = '$this->id');"; if ($this->id) {
$query = "UPDATE `notes` SET `body` = '$body' WHERE (`id` = '$this->id');";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
$this->setUpdated(); $this->setUpdated();
$this->refresh(); $this->refresh();
...@@ -90,10 +101,11 @@ class Notes extends Share{ ...@@ -90,10 +101,11 @@ class Notes extends Share{
} }
} }
public function setTitle($title){ public function setTitle($title)
if(isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']){ {
if($this->id){ if (isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']) {
$query = "UPDATE `apis`.`notes` SET `title` = '$title' WHERE (`id` = '$this->id');"; if ($this->id) {
$query = "UPDATE `notes` SET `title` = '$title' WHERE (`id` = '$this->id');";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
$this->setUpdated(); $this->setUpdated();
$this->refresh(); $this->refresh();
...@@ -106,16 +118,16 @@ class Notes extends Share{ ...@@ -106,16 +118,16 @@ class Notes extends Share{
} }
} }
private function setUpdated(){ private function setUpdated()
if(isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']){ {
if($this->id){ if (isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']) {
$query = "UPDATE `apis`.`notes` SET `updated_at` = '".date("Y-m-d H:i:s")."' WHERE (`id` = '$this->id');"; if ($this->id) {
$query = "UPDATE `notes` SET `updated_at` = '".date("Y-m-d H:i:s")."' WHERE (`id` = '$this->id');";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
if($result) { if ($result) {
$this->refresh(); $this->refresh();
return $result; return $result;
} } else {
else {
throw new Exception("Something is not right"); throw new Exception("Something is not right");
} }
} else { } else {
...@@ -126,10 +138,11 @@ class Notes extends Share{ ...@@ -126,10 +138,11 @@ class Notes extends Share{
} }
} }
public function delete(){ public function delete()
if(isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']){ {
if($this->id){ if (isset($_SESSION['username']) and $this->getOwner() == $_SESSION['username']) {
$query = "DELETE FROM `apis`.`notes` WHERE (`id` = '$this->id');"; if ($this->id) {
$query = "DELETE FROM `notes` WHERE (`id` = '$this->id');";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
return $result; return $result;
} else { } else {
...@@ -139,13 +152,14 @@ class Notes extends Share{ ...@@ -139,13 +152,14 @@ class Notes extends Share{
throw new Exception("Unauthorized "); throw new Exception("Unauthorized ");
} }
} }
public function createNew($title, $body, $folder){ public function createNew($title, $body, $folder)
{
$f = new Folder($folder); $f = new Folder($folder);
if($f->getOwner() == $_SESSION['username']){ if ($f->getOwner() == $_SESSION['username']) {
if(isset($_SESSION['username']) and strlen($title) <= 45){ if (isset($_SESSION['username']) and strlen($title) <= 45) {
$query = "INSERT INTO `apis`.`notes` (`title`, `body`, `owner`, `folder_id`) VALUES ('$title', '$body', '$_SESSION[username]', '$folder');"; $query = "INSERT INTO `notes` (`title`, `body`, `owner`, `folder_id`) VALUES ('$title', '$body', '$_SESSION[username]', '$folder');";
if(mysqli_query($this->db, $query)){ if (mysqli_query($this->db, $query)) {
$this->id = mysqli_insert_id($this->db); $this->id = mysqli_insert_id($this->db);
$this->refresh(); $this->refresh();
return $this->id; return $this->id;
...@@ -157,4 +171,4 @@ class Notes extends Share{ ...@@ -157,4 +171,4 @@ class Notes extends Share{
throw new Exception("Unauthorized"); throw new Exception("Unauthorized");
} }
} }
} }
\ No newline at end of file
api/lib/OAuth.class.php
+ 31
23
View file @ d5fc41d8
...@@ -4,7 +4,8 @@ require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/Auth.class.php'); ...@@ -4,7 +4,8 @@ require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/Auth.class.php');
require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/Database.class.php'); require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/Database.class.php');
require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/User.class.php'); require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/User.class.php');
class OAuth { class OAuth
{
private $db; private $db;
private $refresh_token = null; private $refresh_token = null;
private $access_token = null; private $access_token = null;
...@@ -16,12 +17,13 @@ class OAuth { ...@@ -16,12 +17,13 @@ class OAuth {
* Can construct without refresh token for new session * Can construct without refresh token for new session
* Can construct with refresh token for refresh session * Can construct with refresh token for refresh session
*/ */
public function __construct($token = NULL){ public function __construct($token = null)
{
$this->db = Database::getConnection(); $this->db = Database::getConnection();
if($token != NULL){ if ($token != null) {
if($this->startsWith($token, 'a.')){ if ($this->startsWith($token, 'a.')) {
$this->access_token = $token; $this->access_token = $token;
} else if($this->startsWith($token, 'r.')){ } elseif ($this->startsWith($token, 'r.')) {
$this->refresh_token = $token; $this->refresh_token = $token;
} else { } else {
$this->setUsername($token); $this->setUsername($token);
...@@ -29,25 +31,28 @@ class OAuth { ...@@ -29,25 +31,28 @@ class OAuth {
} }
} }
public function setUsername($username){ public function setUsername($username)
{
$this->username = $username; $this->username = $username;
$this->user = new User($this->username); $this->user = new User($this->username);
} }
public function getUsername(){ public function getUsername()
{
return $this->username; return $this->username;
} }
public function authenticate(){ public function authenticate()
if($this->access_token != null){ {
if ($this->access_token != null) {
$query = "SELECT * FROM apis.session WHERE access_token = '$this->access_token';"; $query = "SELECT * FROM apis.session WHERE access_token = '$this->access_token';";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
if($result){ if ($result) {
$data = mysqli_fetch_assoc($result); $data = mysqli_fetch_assoc($result);
$created_at = strtotime($data['created_at']); $created_at = strtotime($data['created_at']);
$expires_at = $created_at + $data['valid_for']; $expires_at = $created_at + $data['valid_for'];
if(time() <= $expires_at){ if (time() <= $expires_at) {
if (session_status() === PHP_SESSION_NONE) { if (session_status() === PHP_SESSION_NONE) {
session_start(); session_start();
} }
...@@ -55,7 +60,7 @@ class OAuth { ...@@ -55,7 +60,7 @@ class OAuth {
$_SESSION['token'] = $this->access_token; $_SESSION['token'] = $this->access_token;
return true; return true;
} else { } else {
throw new Exception("Expired token"); throw new Exception("Expired token");
} }
} else { } else {
throw new Exception(mysqli_error($this->db)); throw new Exception(mysqli_error($this->db));
...@@ -63,20 +68,21 @@ class OAuth { ...@@ -63,20 +68,21 @@ class OAuth {
} }
} }
public function newSession($valid_for = 7200, $reference_token = 'auth_grant'){ public function newSession($valid_for = 7200, $reference_token = 'auth_grant')
if($this->username == NULL){ {
if ($this->username == null) {
throw new Exception("Username not set for OAuth"); throw new Exception("Username not set for OAuth");
} }
$this->valid_for = $valid_for; $this->valid_for = $valid_for;
$this->access_token = 'a.'.Auth::generateRandomHash(32); $this->access_token = 'a.'.Auth::generateRandomHash(32);
if($reference_token == 'auth_grant'){ if ($reference_token == 'auth_grant') {
$this->refresh_token = 'r.'.Auth::generateRandomHash(32); $this->refresh_token = 'r.'.Auth::generateRandomHash(32);
} else { } else {
$this->refresh_token = 'd.'.Auth::generateRandomHash(16); $this->refresh_token = 'd.'.Auth::generateRandomHash(16);
} }
$query = "INSERT INTO `apis`.`session` (`username`, `access_token`, `refresh_token`, `valid_for`, `reference_token`) $query = "INSERT INTO `session` (`username`, `access_token`, `refresh_token`, `valid_for`, `reference_token`)
VALUES ('$this->username', '$this->access_token', '$this->refresh_token', $this->valid_for, '$reference_token');"; VALUES ('$this->username', '$this->access_token', '$this->refresh_token', $this->valid_for, '$reference_token');";
if(mysqli_query($this->db, $query)){ if (mysqli_query($this->db, $query)) {
return array( return array(
"access_token" => $this->access_token, "access_token" => $this->access_token,
"valid_for" => $this->valid_for, "valid_for" => $this->valid_for,
...@@ -89,14 +95,15 @@ class OAuth { ...@@ -89,14 +95,15 @@ class OAuth {
} }
} }
public function refreshAccess(){ public function refreshAccess()
if($this->refresh_token != NULL and !$this->startsWith($this->refresh_token, 'd.')){ {
if ($this->refresh_token != null and !$this->startsWith($this->refresh_token, 'd.')) {
$query = "SELECT * FROM apis.session WHERE refresh_token = '$this->refresh_token';"; $query = "SELECT * FROM apis.session WHERE refresh_token = '$this->refresh_token';";
$result = mysqli_query($this->db, $query); $result = mysqli_query($this->db, $query);
if($result){ if ($result) {
$data = mysqli_fetch_assoc($result); $data = mysqli_fetch_assoc($result);
$this->username = $data['username']; $this->username = $data['username'];
if($data['valid'] == 1){ if ($data['valid'] == 1) {
return $this->newSession(7200, $this->refresh_token); return $this->newSession(7200, $this->refresh_token);
} else { } else {
throw new Exception("Expired token"); throw new Exception("Expired token");
...@@ -109,8 +116,9 @@ class OAuth { ...@@ -109,8 +116,9 @@ class OAuth {
} }
} }
private function startsWith ($string, $startString){ private function startsWith($string, $startString)
{
$len = strlen($startString); $len = strlen($startString);
return (substr($string, 0, $len) === $startString); return (substr($string, 0, $len) === $startString);
} }
} }
\ No newline at end of file
api/lib/Signup.class.php
+ 51
44
View file @ d5fc41d8
...@@ -3,75 +3,82 @@ ...@@ -3,75 +3,82 @@
require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/Database.class.php'); require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/Database.class.php');
require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/Folder.class.php'); require_once($_SERVER['DOCUMENT_ROOT'].'/api/lib/Folder.class.php');
require $_SERVER['DOCUMENT_ROOT'].'/vendor/autoload.php'; require $_SERVER['DOCUMENT_ROOT'].'/vendor/autoload.php';
$config_json = file_get_contents($_SERVER['DOCUMENT_ROOT'].'/../env.json');
$config = json_decode($config_json, true);
//TODO Homework: find why ../vendor? it is the same reason why we use ../../env.json in config. //TODO Homework: find why ../vendor? it is the same reason why we use ../../env.json in config.
class Signup { class Signup
{
private $username; private $username;
private $password; private $password;
private $email; private $email;
private $db; private $db;
public function __construct($username, $password, $email){ public function __construct($username, $password, $email)
{
$this->db = Database::getConnection(); $this->db = Database::getConnection();
$this->username = $username; $this->username = $username;
$this->password = $password; $this->password = $password;
$this->email = $email; $this->email = $email;
if($this->userExists()){ if ($this->userExists()) {
throw new Exception("User already exists"); throw new Exception("User already exists");
} }
$bytes = random_bytes(16); $bytes = random_bytes(16);
$this->token = $token = bin2hex($bytes); //to verify users over email. $this->token = $token = bin2hex($bytes); //to verify users over email.
$password = $this->hashPassword(); $password = $this->hashPassword();
//Homework - make a proper flow to throw username already exists //Homework - make a proper flow to throw username already exists
$query = "INSERT INTO `apis`.`auth` (`username`, `password`, `email`, `active`, `token`) VALUES ('$username', '$password', '$email', 0, '$token');"; $query = "INSERT INTO `auth` (`username`, `password`, `email`, `active`, `token`) VALUES ('$username', '$password', '$email', 0, '$token');";
if(!mysqli_query($this->db, $query)){ if (!mysqli_query($this->db, $query)) {
throw new Exception("Unable to signup, user account might already exist."); throw new Exception("Unable to signup, user account might already exist.");
} else { } else {
$this->id = mysqli_insert_id($this->db); $this->id = mysqli_insert_id($this->db);
$this->sendVerificationMail(); // $this->sendVerificationMail();
$f = new Folder(); $f = new Folder();
session_start(); session_start();
$_SESSION['username'] = $this->username; $_SESSION['username'] = $this->username;
$f->createNew('Default Folder'); $f->createNew('Default Folder');
} }
} }
function sendVerificationMail(){ public function sendVerificationMail()
$config_json = file_get_contents($_SERVER['DOCUMENT_ROOT'].'/../env.json'); {
$config = json_decode($config_json, true); // $config_json = file_get_contents($_SERVER['DOCUMENT_ROOT'].'/../env.json');
$token = $this->token; // $config = json_decode($config_json, true);
$email = new \SendGrid\Mail\Mail(); // $token = $this->token;
$email->setFrom("noreply@selfmade.ninja", "API Course by Selfmade"); // $email = new \SendGrid\Mail\Mail();
$email->setSubject("Verify your account"); // $email->setFrom("noreply@selfmade.ninja", "API Course by Selfmade");
$email->addTo($this->email, $this->username); // $email->setSubject("Verify your account");
$email->addContent("text/plain", "Please verify your account at: https://api1.selfmade.ninja/verify?token=$token"); // $email->addTo($this->email, $this->username);
$email->addContent( // $email->addContent("text/plain", "Please verify your account at: https://api1.selfmade.ninja/verify?token=$token");
"text/html", "<strong>Please verify your account by <a href=\"https://api1.selfmade.ninja/verify?token=$token\">clicking here</a> or open this URL manually: <a href=\"https://api1.selfmade.ninja/verify?token=$token\">https://api1.selfmade.ninja/verify?token=$token</a></strong>" // $email->addContent(
); // "text/html",
$sendgrid = new \SendGrid($config['email_api_key']); // "<strong>Please verify your account by <a href=\"https://api1.selfmade.ninja/verify?token=$token\">clicking here</a> or open this URL manually: <a href=\"https://api1.selfmade.ninja/verify?token=$token\">https://api1.selfmade.ninja/verify?token=$token</a></strong>"
try { // );
$response = $sendgrid->send($email); // $sendgrid = new \SendGrid($config['email_api_key']);
// print $response->statusCode() . "\n"; // try {
// print_r($response->headers()); // $response = $sendgrid->send($email);
// print $response->body() . "\n"; // // print $response->statusCode() . "\n";
} catch (Exception $e) { // // print_r($response->headers());
echo 'Caught exception: '. $e->getMessage() ."\n"; // // print $response->body() . "\n";
} // } catch (Exception $e) {
// echo 'Caught exception: '. $e->getMessage() ."\n";
// }
} }
public function getInsertID(){ public function getInsertID()
{
return $this->id; return $this->id;
} }
public function userExists(){ public function userExists()
{
//TODO: Write the code to check if user exists. //TODO: Write the code to check if user exists.
return false; return false;
} }
public function hashPassword($cost = 10){ public function hashPassword($cost = 10)
{
//echo $this->password; //echo $this->password;
$options = [ $options = [
"cost" => $cost "cost" => $cost
...@@ -79,20 +86,20 @@ class Signup { ...@@ -79,20 +86,20 @@ class Signup {
return password_hash($this->password, PASSWORD_BCRYPT, $options); return password_hash($this->password, PASSWORD_BCRYPT, $options);
} }
public static function verifyAccount($token){ public static function verifyAccount($token)
{
$query = "SELECT * FROM apis.auth WHERE token='$token';"; $query = "SELECT * FROM apis.auth WHERE token='$token';";
$db = Database::getConnection(); $db = Database::getConnection();
$result = mysqli_query($db, $query); $result = mysqli_query($db, $query);
if($result and mysqli_num_rows($result) == 1){ if ($result and mysqli_num_rows($result) == 1) {
$data = mysqli_fetch_assoc($result); $data = mysqli_fetch_assoc($result);
if($data['active'] == 1){ if ($data['active'] == 1) {
throw new Exception("Already Verified"); throw new Exception("Already Verified");
} }
mysqli_query($db, "UPDATE `apis`.`auth` SET `active` = '1' WHERE (`token` = '$token');"); mysqli_query($db, "UPDATE `auth` SET `active` = '1' WHERE (`token` = '$token');");
return true; return true;
} else { } else {
return false; return false;
} }
} }
}
}
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment