From d89446c6360d272fdd307a40a9acc412d1eb630b Mon Sep 17 00:00:00 2001
From: Olusesan Ameye <ses66181@gmail.com>
Date: Sat, 25 Jan 2020 13:11:19 -0500
Subject: [PATCH] fix

---
 www/application/config/autoload.php           |  7 +-
 www/application/config/config.php             | 20 ++++-
 www/application/controllers/Auth.php          |  2 +-
 www/application/core/COR_Controller.php       | 82 +++++++++++++++++++
 .../libraries/Member_Controller.php           | 21 +++++
 .../libraries/Start_Controller.php            | 56 +++++++++++++
 www/application/models/Backend_model.php      | 48 +++++++++++
 .../views/member/view_securehead.php          |  1 +
 8 files changed, 228 insertions(+), 9 deletions(-)
 create mode 100644 www/application/core/COR_Controller.php
 create mode 100644 www/application/libraries/Member_Controller.php
 create mode 100644 www/application/libraries/Start_Controller.php
 create mode 100644 www/application/models/Backend_model.php

diff --git a/www/application/config/autoload.php b/www/application/config/autoload.php
index 7cdc901..cca0149 100644
--- a/www/application/config/autoload.php
+++ b/www/application/config/autoload.php
@@ -58,8 +58,8 @@ $autoload['packages'] = array();
 |
 |	$autoload['libraries'] = array('user_agent' => 'ua');
 */
-$autoload['libraries'] = array();
-
+//$autoload['libraries'] = array();
+$autoload['libraries'] = array('session','form_validation');
 /*
 | -------------------------------------------------------------------
 |  Auto-load Drivers
@@ -89,8 +89,7 @@ $autoload['drivers'] = array();
 |
 |	$autoload['helper'] = array('url', 'file');
 */
-$autoload['helper'] = array();
-
+$autoload['helper'] = array('form','url', 'file');
 /*
 | -------------------------------------------------------------------
 |  Auto-load Config files
diff --git a/www/application/config/config.php b/www/application/config/config.php
index 1031522..8d90e52 100644
--- a/www/application/config/config.php
+++ b/www/application/config/config.php
@@ -1,6 +1,17 @@
 <?php
 defined('BASEPATH') OR exit('No direct script access allowed');
+//COREGRADE
+//function __autoload($classname) {
+function my_autoload($classname) {
 
+    if (strpos($classname, 'CL_') !== 0) {
+        $file = APPPATH . 'libraries/' . $classname . '.php';
+        if (file_exists($file) && is_file($file)) {
+            @include_once($file);
+        }
+    }
+}
+spl_autoload_register('my_autoload');
 /*
 |--------------------------------------------------------------------------
 | Base Site URL
@@ -23,7 +34,8 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 | a PHP script and you can easily do that on your own.
 |
 */
-$config['base_url'] = '';
+//$config['base_url'] = '';
+$config['base_url'] = 'https://'.$_SERVER['SERVER_NAME'].'/';
 
 /*
 |--------------------------------------------------------------------------
@@ -35,7 +47,7 @@ $config['base_url'] = '';
 | variable so that it is blank.
 |
 */
-$config['index_page'] = 'index.php';
+$config['index_page'] = '';
 
 /*
 |--------------------------------------------------------------------------
@@ -114,7 +126,7 @@ $config['enable_hooks'] = FALSE;
 | https://codeigniter.com/user_guide/general/creating_libraries.html
 |
 */
-$config['subclass_prefix'] = 'MY_';
+$config['subclass_prefix'] = 'COR_';
 
 /*
 |--------------------------------------------------------------------------
@@ -223,7 +235,7 @@ $config['allow_get_array'] = TRUE;
 | your log files will fill up very fast.
 |
 */
-$config['log_threshold'] = 0;
+$config['log_threshold'] = 4;
 
 /*
 |--------------------------------------------------------------------------
diff --git a/www/application/controllers/Auth.php b/www/application/controllers/Auth.php
index b460495..6d1bd2d 100644
--- a/www/application/controllers/Auth.php
+++ b/www/application/controllers/Auth.php
@@ -2,7 +2,7 @@
 
 defined('BASEPATH') OR exit('No direct script access allowed');
 
-class Auth extends CI_Controller {
+class Auth extends Start_Controller {
 
     public function index() {
         $login_done = false;
diff --git a/www/application/core/COR_Controller.php b/www/application/core/COR_Controller.php
new file mode 100644
index 0000000..5ab952d
--- /dev/null
+++ b/www/application/core/COR_Controller.php
@@ -0,0 +1,82 @@
+<?php
+
+class COR_Controller extends CI_Controller {
+
+    var $template = array(
+        'table_open' => "<table class='table-responsive table-striped table-hover table-bordered table-condensed'>",
+        'thead_open' => '<thead class=\'bg-indigo\'>',
+        'thead_close' => '</thead>',
+        'heading_row_start' => '<tr style=\'padding:1px;\'>',
+        'heading_row_end' => '</tr>',
+        'heading_cell_start' => '<th>',
+        'heading_cell_end' => '</th>',
+        'tbody_open' => '<tbody>',
+        'tbody_close' => '</tbody>',
+        'row_start' => '<tr style=\'padding:0px;\'>',
+        'row_end' => '</tr>',
+        'cell_start' => '<td>',
+        'cell_end' => '</td>',
+        'row_alt_start' => '<tr>',
+        'row_alt_end' => '</tr>',
+        'cell_alt_start' => '<td>',
+        'cell_alt_end' => '</td>',
+        'table_close' => '</table>'
+    );
+    public $data = array();
+
+    function __construct() {
+        parent::__construct();
+        $this->load->library(array('session'));
+    }
+
+    protected function smart_htmlspecialchars($str) {
+        if (substr($str, 0, 1) == '<')
+            return $str;
+        return htmlspecialchars($str);
+    }
+
+    protected function sql_escape_func($inp) {
+        if (is_array($inp)) {
+            return array_map(__METHOD__, $inp);
+        }
+
+
+        if (!empty($inp) && is_string($inp)) {
+            return str_replace(array('\\', "\0", "\n", "\r", "'", '"', "\x1a"), array('\\\\', '\\0', '\\n', '\\r', "\\'", '\\"', '\\Z'), $inp);
+        }
+
+        return $inp;
+    }
+
+    protected function coregrade_webapi($action, $in, &$out) {
+        $this->load->model('backend_model');
+        $in["action"] = $action;
+        $in["pid"] = 100;
+        $ret = $this->backend_model->coregrade_api($in, $out);
+        //echo $ret;
+        return $ret;
+    }
+
+    function formatedMesage($msgType, $theMessage) {
+        return "<div class=\"text-left\"><div class=\"alert alert-danger no-border\">" . $theMessage . "</div></div>";
+    }
+
+    protected function renderMemberPage($page_name, $data = array()) {
+        $this->load->view('templ/member_header', $data);
+        $this->load->view('members/' . $page_name, $data);
+        $this->load->view('templ/member_footer', $data);
+    }
+
+    protected function renderPracticePage($page_name, $data) {
+        $this->load->view('secure/view_practice_header', $data);
+        $this->load->view('secure/' . $page_name, $data);
+        $this->load->view('secure/view_practice_footer', $data);
+    }
+
+    protected function renderAdminPage($page_name, $data) {
+        $this->load->view('admin/view_admin_header', $data);
+        $this->load->view('admin/' . $page_name, $data);
+        $this->load->view('admin/view_admin_footer', $data);
+    }
+
+}
diff --git a/www/application/libraries/Member_Controller.php b/www/application/libraries/Member_Controller.php
new file mode 100644
index 0000000..6d090ef
--- /dev/null
+++ b/www/application/libraries/Member_Controller.php
@@ -0,0 +1,21 @@
+<?php
+
+defined('BASEPATH') OR exit('No direct script access allowed');
+
+class Member_Controller extends JUB_Controller {
+
+    public $data = array();
+
+    function __construct() {
+        parent::__construct();
+        if (!isset($_SESSION['username']) or $_SESSION['username'] == '') {
+            redirect('/');
+        } else {
+            // erase the session properly if here 
+           // redirect('dash');
+        }
+    }
+
+ 
+	 
+}
diff --git a/www/application/libraries/Start_Controller.php b/www/application/libraries/Start_Controller.php
new file mode 100644
index 0000000..fb21629
--- /dev/null
+++ b/www/application/libraries/Start_Controller.php
@@ -0,0 +1,56 @@
+<?php
+
+defined('BASEPATH') OR exit('No direct script access allowed');
+
+class Start_Controller extends COR_Controller {
+
+    public $data = array();
+
+    function __construct() {
+        parent::__construct();
+        if (!isset($_SESSION['username']) or $_SESSION['username'] == '') {
+            //redirect('site');
+        } else {
+            // erase the session properly if here 
+            // redirect('dash');
+        }
+    }
+
+    protected function buildUserSession($ret, $out) {
+
+        //session_destroy();
+
+        if ($ret == PHP_API_OK) {
+
+
+            $_SESSION['session_id'] = $out["sessionid"];
+            $_SESSION['sessionid'] = $out["sessionid"];
+            $_SESSION['username'] = $out["username"]; // $this->input->post('username');
+            $_SESSION['firstname'] = $out["firstname"]; //  $ret->firstname;
+            $_SESSION['lastname'] = $out["lastname"]; //  $ret->lastname;
+            $_SESSION['email'] = $out["email"]; //  $ret->email;
+            $_SESSION['user_id'] = $out["member_id"]; // $ret->id;
+            $_SESSION['loc'] = $out["loc"];
+            $_SESSION['mypage'] = $out["mypage"];
+        }
+
+        if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
+            $_SESSION['loc'] = $_SERVER['HTTP_CLIENT_IP'];
+        } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+            $_SESSION['loc'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
+        } else {
+            $_SESSION['loc'] = $_SERVER['REMOTE_ADDR'];
+        }
+    }
+
+    protected function testLoginInput(&$username, &$password, &$error_message, &$valid_entry) {
+        $valid_entry = true;
+        $username = trim($this->input->post('username'));
+        $password = trim($this->input->post('password'));
+        if ($username == '' or $password == '') {
+            $valid_entry = false;
+            $error_message = 'Enter a Username/Password & PracticeID to continue';
+        }
+    }
+
+}
diff --git a/www/application/models/Backend_model.php b/www/application/models/Backend_model.php
new file mode 100644
index 0000000..fd5ce00
--- /dev/null
+++ b/www/application/models/Backend_model.php
@@ -0,0 +1,48 @@
+<?php
+
+class Backend_model extends CI_Model {
+
+    var $thisUser = 'oameye';
+    var $USER = '';
+    var $coregrade;
+
+    function __construct() {
+
+        $this->USER = $_SERVER['SCRIPT_FILENAME'];
+        $this->USER = str_replace('/home', '', $this->USER);
+        $this->USER = strtok($this->USER, '/');
+        if ($this->USER == 'opt') {
+            $this->USER = 'root';
+        }
+        $this->thisUser = $this->USER;
+    }
+
+    public function coregrade_api($in, &$out) {
+        if (!is_array($out))
+            return -1;
+        $this->coregrade_load();
+        $rrr = array();
+        $coregrade = $this->coregrade;
+        $ret = $coregrade->coregrade_api($in, $rrr);
+        //print_r( $in );
+        //echo "-----\n";
+        //print_r( $rrr );
+        $out = $rrr;
+        return $ret;
+    }
+
+    public function cfgReadChar($str) {
+        $this->coregrade_load();
+        $ret = $this->coregrade->cfgReadChar($str);
+        return $ret;
+    }
+
+    private function coregrade_load() {
+        // $this->$USER = $_SERVER['SCRIPT_FILENAME'];
+        $coregrade_class = 'coregrade_api_' . $this->USER . '\\coregrade';
+        if (!is_object($this->coregrade)) {
+            $this->coregrade = new $coregrade_class();
+        }
+    }
+
+}
diff --git a/www/application/views/member/view_securehead.php b/www/application/views/member/view_securehead.php
index 5da89a4..1aa86ff 100644
--- a/www/application/views/member/view_securehead.php
+++ b/www/application/views/member/view_securehead.php
@@ -13,6 +13,7 @@
         <link rel="apple-touch-icon" href="/assets2/images/ico/apple-icon-120.png">
         <link rel="shortcut icon" type="image/x-icon" href="/assets2/images/ico/favicon.ico">
         <link href="https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600" rel="stylesheet">
+        <meta http-equiv="refresh" content="1200;url=/auth?action=go_logout">
 
         <!-- BEGIN: Vendor CSS-->
         <link rel="stylesheet" type="text/css" href="/assets2/vendors/css/vendors.min.css">