From 0be3d41b77a202e2321f9a4387bb8f45a65ca953 Mon Sep 17 00:00:00 2001 From: "DESKTOP-BC3NEC6\\chiefsoft" Date: Mon, 27 Feb 2023 07:31:26 -0500 Subject: [PATCH] Added to base model --- app/Controllers/Myfitauth.php | 2 +- app/Models/baseModel.php | 34 ++++++++- app/Models/myfitResetPass.php | 17 +++++ app/Models/userAccess.php | 16 ----- app/Models/userSignUp.php | 127 +++++++++++++++++++++++++++++++++- app/Models/usersResetPass.php | 64 ++++++++++++++--- 6 files changed, 231 insertions(+), 29 deletions(-) diff --git a/app/Controllers/Myfitauth.php b/app/Controllers/Myfitauth.php index e4fee46..0fb55a9 100644 --- a/app/Controllers/Myfitauth.php +++ b/app/Controllers/Myfitauth.php @@ -68,7 +68,7 @@ class Myfitauth extends BaseController case 'resetpass': $passReset = new \App\Models\usersResetPass(); - $res1 = $passReset->startPassReset($raw_array); + $res1 = $passReset->resetPass($raw_array); break; case 'signup-code': diff --git a/app/Models/baseModel.php b/app/Models/baseModel.php index 6209ab5..59988cb 100644 --- a/app/Models/baseModel.php +++ b/app/Models/baseModel.php @@ -65,7 +65,7 @@ class baseModel extends Model $fields = array_keys($UupdateDataArray); foreach ($fields as $field) { $UP_part .= $ic > 0 ? ',' : ''; - $UP_part .= $field="'" . $UupdateDataArray[$field] . "'"; + $UP_part .= $field."='" . $UupdateDataArray[$field] . "'"; $ic++; } @@ -82,6 +82,38 @@ class baseModel extends Model return 0; } +public function select_db($UupdateDataArray,$whereAray, $updateTable) +{ + // foreach ($UupdateDataArray as $arr) { + $ic = 0; + $UP_part = ''; + $val_part = ''; + $sqlQ = ''; + $fields = array_keys($UupdateDataArray); + foreach ($fields as $field) { + $UP_part .= $ic > 0 ? ',' : ''; + $UP_part .= $UupdateDataArray[$field]; + $ic++; + } + + $ic = 0; + $fields = array_keys($whereAray); + foreach ($fields as $field) { + $val_part .= $ic > 0 ? ' AND ' : ' WHERE '; + $val_part .= $field."='" . $whereAray[$field] . "'"; + $ic++; + } + $sqlQ = "SELECT $UP_part FROM $updateTable $val_part"; + $query = $this->db->query($sqlQ); + if($query && count($query->getResultArray())== 0 ){ + + } + else{ + + } + return 0; +} + public function getIPAddress() { //whether ip is from the share internet diff --git a/app/Models/myfitResetPass.php b/app/Models/myfitResetPass.php index 02bec51..0894f1a 100644 --- a/app/Models/myfitResetPass.php +++ b/app/Models/myfitResetPass.php @@ -25,6 +25,7 @@ class myfitResetPass extends baseModel switch ($change_state) { case START_PASS_CHANGE: + $this->startPassReset($in); break; case CONFIRM_PASS_PIN: @@ -46,4 +47,20 @@ class myfitResetPass extends baseModel 'raw_data' => $in, ]; } + + private startPassReset($in){ + $username = trim($in['username']); + $sqlQ = "SELECT * FROM members WHERE username='".$username."' "; + $query = $this->db->query($sqlQ); + if($query && count($query->getResultArray())== 0 ){ + + + } + else{ + $valid_call=false; + $error_msg='Unable to continue'; + $status=-1; + } + return 0; + } } diff --git a/app/Models/userAccess.php b/app/Models/userAccess.php index 1daed34..24c12e9 100644 --- a/app/Models/userAccess.php +++ b/app/Models/userAccess.php @@ -102,22 +102,6 @@ class userAccess extends baseModel return $tk; } - private function getIPAddress_old() - { - //whether ip is from the share internet - if (!empty($_SERVER['HTTP_CLIENT_IP'])) { - $ip = $_SERVER['HTTP_CLIENT_IP']; - } - //whether ip is from the proxy - elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { - $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; - } - //whether ip is from the remote address - else { - $ip = $_SERVER['REMOTE_ADDR']; - } - return $ip; - } } /* diff --git a/app/Models/userSignUp.php b/app/Models/userSignUp.php index 823b3a6..b8f0330 100644 --- a/app/Models/userSignUp.php +++ b/app/Models/userSignUp.php @@ -26,13 +26,136 @@ class userSignUp extends baseModel added timestamp without time zone DEFAULT now() ); */ - public function startSignUp($in) +public function startSignUp($in) +{ + $signup_mode = $in['mode']; + switch($signup_mode){ + case 'START': + return $this-> registerAccount($in); + break; + + case 'VERIFY': + return $this-> verifyAccount($in); + break; + + } + +} + +public function verifyAccount($in) +{ + $insert_id=0; + $error_msg=''; + $status=0; + $valid_call = true; + $sqlQ = ""; + $dat=[]; + + $username = $in['username']; + $uuid = $in['pend_uid']; + $randomText = $in['random_text']; + + log_message('critical', $username ); + + + + if( $username=='' || $uuid =='' || $randomText =='' ){ + $valid_call=false; + $error_msg='Invalid call for verify'; + $status=-1; + } + + $sqlQ = "SELECT * FROM members WHERE username='".$in["username"]."' "; + $query = $this->db->query($sqlQ); + if($query && count($query->getResultArray())== 0 ){ + + } + else{ + $valid_call=false; + $error_msg='Unable to continue'; + $status=-1; + } + if ($valid_call){ + $sqlQ = "SELECT * FROM members_pending WHERE username='".$username."' AND random_text='$randomText' AND uuid='$uuid' AND status IN(0,1)"; + $query = $this->db->query($sqlQ); + if($query){ + $dat = $query->getResultArray()[0]; + // let see if we already have this account + $inData =[ + 'username'=> $username, + 'email'=> $dat["email"], + 'password'=> $dat["password"], + 'firstname'=> $dat["firstname"], + 'lastname'=> $dat["lastname"] + ]; + $sqlQ = "UPDATE members_pending SET status = 1 WHERE username='".$username."' AND status IN(0)"; + $this->db->query($sqlQ); + $insert_id = $this->insert_db($inData, 'members'); + if( $insert_id>=0){ // for now + + $status=100; + $sqlQ = "UPDATE members_pending SET status = 5 WHERE username='".$username."' AND status IN(0,1)"; + $this->db->query($sqlQ); + } + + } + } + + // $passEnr = $this->encryptmd5($in["password"]); + // $randomText = rand(1010101,999999);// rand(1010101,999999); + // $inData =[ + // 'username'=> $in["username"], + // 'email'=> $in["email"], + // 'password'=> $passEnr, + // 'firstname'=> $in["firstname"], + // 'lastname'=> $in["lastname"], + // 'random_text' => $randomText + // ]; + + //$insert_id = $this->insert_db($inData, 'members_pending'); + // if( $insert_id>=0){ // for now + // $sqlQ = "SELECT id AS insert_id,uuid FROM members_pending WHERE username='".$in["username"]."' AND random_text='$randomText' AND password='$passEnr' LIMIT 1"; + // $query = $this->db->query($sqlQ); + // $dat = $query->getResultArray(); + // $insert_id = $dat[0]['insert_id']; + // $uuid = $dat[0]['uuid']; + // $status=1; + // } + /* + mermsemr_dev=> \d members + Table "public.members" + Column | Type | Collation | Nullable | Default +------------+-----------------------------+-----------+----------+------------------------------------- + id | integer | | not null | nextval('members_id_seq'::regclass) + username | character varying(50) | | not null | + firstname | character varying(50) | | | + lastname | character varying(50) | | | + email | character varying(50) | | | + phone | character varying(25) | | | + password | character varying(100) | | | + status | integer | | | 1 + added | timestamp without time zone | | | now() + loc | inet | | | + last_login | timestamp without time zone | | | + acc_link | character varying(15) | | | + gender | character varying(2) | | | 'U'::character varying + dob | timestamp without time zone | | | + uuid | uuid | | | gen_random_uui + */ + return $inx = [ + 'status' => $status, + 'error_msg' => $error_msg, + 'raw_data' => $in, + ]; + +} + public function registerAccount($in) { $insert_id=0; $uuid=''; $status=0; $passEnr = $this->encryptmd5($in["password"]); - $randomText = rand(1010101,999999);// rand(1010101,999999); + $randomText = rand(101010,999999);// rand(1010101,999999); $inData =[ 'username'=> $in["username"], 'email'=> $in["email"], diff --git a/app/Models/usersResetPass.php b/app/Models/usersResetPass.php index 918f39c..8b7b0b9 100644 --- a/app/Models/usersResetPass.php +++ b/app/Models/usersResetPass.php @@ -30,14 +30,53 @@ class usersResetPass extends baseModel added timestamp without time zone DEFAULT now() ); */ - public function startPassReset($in) +public function resetPass($in) +{ + $change_state = $in['stage']; + + switch ($change_state) { + case START_PASS_CHANGE: + return $this->startPassReset($in); + break; + + case CONFIRM_PASS_PIN: + return $this->verifyPassReset($in); + break; + + case CONFIRM_PASS_CHANGE: + break; + } + +return ['error_mode'=>-1]; +} + +private function verifyPassReset($in){ + + $username = isset($inx['username'])?$inx['username']:''; + $reset_uuid = isset($inx['reset_uuid'])?$inx['usereset_uuidrname']:''; + $random_text = isset($inx['random_text'])?$inx['random_text']:''; + // $random_text = isset($inx['random_text'])?$inx['random_text']:''; + + + + return $inx = [ + 'username' => '999999', + 'reset_uuid' => '999999', + 'uuid' => '00000', + 'member_uid' => '00000', + 'error_msg' => '', + 'raw_data' => $in, + ]; +} + private function startPassReset($in) { $insert_id=0; $uuid=''; $status=0; $passEnr = '';// $this->encryptmd5($in["password"]); - $randomText = rand(1010101,999999);// rand(1010101,999999); + $randomText = rand(101010,999999);// rand(1010101,999999); $pdata =[]; + $username= trim($in["username"]); $sqlQ = "SELECT id AS member_id,uuid FROM members WHERE username='".$in["username"]."' "; $query = $this->db->query($sqlQ); @@ -53,8 +92,17 @@ class usersResetPass extends baseModel ]; $insert_id = $this->insert_db($pdata, 'members_password_reset'); - if( $insert_id>=0){ // for now - + if( $insert_id>=0){ + // for now + $sqlQ = "SELECT * FROM members_password_reset WHERE username='$username' AND random_text='$randomText' "; + $query = $this->db->query($sqlQ); + $new_add = $query->getResultArray()[0]; + return $inx = [ + 'insert_id' => $new_add['id'], + 'uuid' => $new_add['uuid'], + 'error_msg' => '', + 'raw_data' => $in, + ]; } } @@ -92,11 +140,9 @@ class usersResetPass extends baseModel */ return $inx = [ - 'insert_id' => $insert_id, - 'uuid' => $uuid, - 'status' => $status, - 'pdata' => $pdata, - 'error_msg' => '', + 'insert_id' => '0', + 'uuid' => '', + 'error_msg' => 'Unable to continue', 'raw_data' => $in, ];