From c0b489a98d1bed1adea7567953f2a5ad41b97549 Mon Sep 17 00:00:00 2001 From: Olusesan Amaeye Date: Wed, 2 Oct 2019 10:48:28 -0400 Subject: [PATCH] fix --- jubabox/etc/jubabox_api.conf | 17 +- jubabox/src/include/jubabox_api.h | 11 + jubabox/src/shared_tool/jubabox_api_main.cc | 11 +- jubabox/src/shared_tool/members.cc | 15 +- wwwjuba/.htaccess | 12 +- wwwjuba/.htaccess-bak | 37 +++ wwwjuba/application/config/autoload.php | 7 +- wwwjuba/application/config/config.php | 4 +- wwwjuba/application/config/constants.php | 13 ++ wwwjuba/application/config/facebook.php | 29 +++ wwwjuba/application/controllers/Auth.php | 92 +++++--- wwwjuba/application/controllers/Page.php | 18 +- wwwjuba/application/controllers/Startwww.php | 41 +++- wwwjuba/application/core/JUB_Controller.php | 13 +- wwwjuba/application/libraries/Lib_login.php | 217 ++++++++++++++++++ .../libraries/Member_Controller.php | 2 +- wwwjuba/application/models/Backend_model.php | 39 ++++ wwwjuba/application/views/home/view_home.php | 147 ++++++++++++ wwwjuba/application/views/home/view_login.php | 7 +- wwwjuba/backend.php | 11 + wwwjuba/index.html | 0 21 files changed, 643 insertions(+), 100 deletions(-) create mode 100644 wwwjuba/.htaccess-bak create mode 100644 wwwjuba/application/config/facebook.php create mode 100644 wwwjuba/application/libraries/Lib_login.php create mode 100644 wwwjuba/application/models/Backend_model.php create mode 100644 wwwjuba/application/views/home/view_home.php create mode 100644 wwwjuba/backend.php delete mode 100644 wwwjuba/index.html diff --git a/jubabox/etc/jubabox_api.conf b/jubabox/etc/jubabox_api.conf index 1913a81..394fa8f 100644 --- a/jubabox/etc/jubabox_api.conf +++ b/jubabox/etc/jubabox_api.conf @@ -15,9 +15,9 @@ system: database: { host = "127.0.0.1"; - name = "savvy"; - user = "savvy"; - pass = "savvy001!"; + name = "jubabox"; + user = "jubabox"; + pass = "jubabox001"; port = 5432; }; @@ -28,18 +28,9 @@ mailsend: domain = "chiefsoft.com"; user = "savvy@chiefsoft.com"; pass = "may12002!"; - name = "Savvy Demo"; + name = "Jubabox Beta"; }; -mailsendOLD: -{ - from = "support@wrenchboard.com"; - server = "smtp.gmail.com"; - domain = "kleenapp.com"; - user = "support@wrenchboard.com"; - pass = "may12002!"; - name = "Kleen Demo Support"; -}; stripe: { diff --git a/jubabox/src/include/jubabox_api.h b/jubabox/src/include/jubabox_api.h index 3d00c71..f0ef55b 100644 --- a/jubabox/src/include/jubabox_api.h +++ b/jubabox/src/include/jubabox_api.h @@ -39,10 +39,21 @@ enum { #define INVOICE_PREVIEW 100 #define INVOICE_FINAL 200 +#define USER_START 100000 + + +#define USER_LOGIN 100011 + +#define USER_END 199999 + + + #define TRNASPORTER 1 #define TRANSLATOR 2 + + #define MODE_CONFIRM_ASSIGNMENT 100 #define MODE_REJECT_ASSIGNMENT 200 #define MODE_CANCEL_ASSIGNMENT 210 diff --git a/jubabox/src/shared_tool/jubabox_api_main.cc b/jubabox/src/shared_tool/jubabox_api_main.cc index 7652cf1..f36b6c9 100644 --- a/jubabox/src/shared_tool/jubabox_api_main.cc +++ b/jubabox/src/shared_tool/jubabox_api_main.cc @@ -15,6 +15,7 @@ main entry point for API calls Chiefsoft July 2017 */ #include "medTEmails.h" #include "medTUpload.h" #include "mobile.h" +#include "members.h" long jubabox_api_main(CVars in, CVars &out) { logfmt(logINFO, "long jubabox_api_main(CVars in, CVars &out)"); @@ -22,14 +23,12 @@ long jubabox_api_main(CVars in, CVars &out) { long action = REQ_LONG(in, "action", 0, -1); REQ_LONG(in, "pid", 0, -1); // global implementation - who is calling try { - if (action == MEDTRANS_UPLOADS) { - return medtrans_upload(in, out); - } - if (action == MEDTRANS_DOWNLOAD) { - return medtrans_download(in, out); - } + if (action >= USER_START && action <= USER_END) { + return members_calls(in, out); + } + if (action >= MEDTRANS_BKO_START && action <= MEDTRANS_BKO_END) { return backoffice_calls(in, out); } diff --git a/jubabox/src/shared_tool/members.cc b/jubabox/src/shared_tool/members.cc index bfca5b5..b6843c6 100644 --- a/jubabox/src/shared_tool/members.cc +++ b/jubabox/src/shared_tool/members.cc @@ -12,16 +12,25 @@ /* -- */ #include "members.h" +#include "function_members.h" long members_calls(CVars in, CVars &out) { long ret = PHP_API_BAD_PARAM; try { - REQ_LONG(in, "action", 0, -1); + long action = REQ_LONG(in, "action", 0, -1); + switch (action) { + case USER_LOGIN: + ret = medTMemberLogin(in, out); + break; + } + + } catch (bad_parameter) { + logfmt(logINFO, "ERROR CALL long members_calls(CVars in, CVars &out)"); + } + return ret; } - - diff --git a/wwwjuba/.htaccess b/wwwjuba/.htaccess index 60ae62f..94a7f1b 100644 --- a/wwwjuba/.htaccess +++ b/wwwjuba/.htaccess @@ -1,22 +1,21 @@ RewriteEngine On -# RewriteBase /home/oameye/jubaboxweb/wwwjuba/ +RewriteBase / #Removes access to the system folder by users. #Additionally this will allow you to create a System.php controller, #previously this would not have been possible. #'system' can be replaced if you have renamed your system folder. -#RewriteCond %{REQUEST_URI} ^system.* -#RewriteRule ^(.*)$ /index.php?/$1 [L] +RewriteCond %{REQUEST_URI} ^system.* +RewriteRule ^(.*)$ /index.php?/$1 [L] #When your application folder isn't in the system folder #This snippet prevents user access to the application folder #Submitted by: Fabdrol #Rename 'application' to your applications folder name. - -#RewriteCond %{REQUEST_URI} ^application.* -#RewriteRule ^(.*)$ /index.php?/$1 [L] +RewriteCond %{REQUEST_URI} ^application.* +RewriteRule ^(.*)$ /index.php?/$1 [L] #Checks to RewriteCond %{REQUEST_FILENAME} !-f @@ -33,4 +32,3 @@ RewriteRule ^(.*)$ index.php?/$1 [L] ErrorDocument 404 /index.php - diff --git a/wwwjuba/.htaccess-bak b/wwwjuba/.htaccess-bak new file mode 100644 index 0000000..79815c9 --- /dev/null +++ b/wwwjuba/.htaccess-bak @@ -0,0 +1,37 @@ + + +RewriteEngine On +# RewriteBase /home/oameye/jubaboxweb/wwwjuba/ +RewriteBase / + +#Removes access to the system folder by users. +#Additionally this will allow you to create a System.php controller, +#previously this would not have been possible. +#'system' can be replaced if you have renamed your system folder. +RewriteCond %{REQUEST_URI} ^system.* +RewriteRule ^(.*)$ /index.php?/$1 [L] + +#When your application folder isn't in the system folder +#This snippet prevents user access to the application folder +#Submitted by: Fabdrol +#Rename 'application' to your applications folder name. + +RewriteCond %{REQUEST_URI} ^application.* +RewriteRule ^(.*)$ /index.php?/$1 [L] + +#Checks to +RewriteCond %{REQUEST_FILENAME} !-f +RewriteCond %{REQUEST_FILENAME} !-d +RewriteRule ^(.*)$ index.php?/$1 [L] + + + + + # If we don't have mod_rewrite installed, all 404's + # can be sent to index.php, and everything works as normal. + # Submitted by: ElliotHaughin + +ErrorDocument 404 /index.php + + + diff --git a/wwwjuba/application/config/autoload.php b/wwwjuba/application/config/autoload.php index a2b3c46..ca3db64 100644 --- a/wwwjuba/application/config/autoload.php +++ b/wwwjuba/application/config/autoload.php @@ -59,8 +59,8 @@ $autoload['packages'] = array(); | | $autoload['libraries'] = array('user_agent' => 'ua'); */ -$autoload['libraries'] = array(); - +//$autoload['libraries'] = array(); +$autoload['libraries'] = array('session','form_validation'); /* | ------------------------------------------------------------------- | Auto-load Drivers @@ -90,8 +90,7 @@ $autoload['drivers'] = array(); | | $autoload['helper'] = array('url', 'file'); */ -$autoload['helper'] = array('url', 'file'); - +$autoload['helper'] = array('form','url', 'file'); /* | ------------------------------------------------------------------- | Auto-load Config files diff --git a/wwwjuba/application/config/config.php b/wwwjuba/application/config/config.php index 057b622..a296c28 100644 --- a/wwwjuba/application/config/config.php +++ b/wwwjuba/application/config/config.php @@ -126,7 +126,7 @@ $config['enable_hooks'] = FALSE; | https://codeigniter.com/user_guide/general/creating_libraries.html | */ -$config['subclass_prefix'] = 'MY_'; +$config['subclass_prefix'] = 'JUB_'; /* |-------------------------------------------------------------------------- @@ -235,7 +235,7 @@ $config['allow_get_array'] = TRUE; | your log files will fill up very fast. | */ -$config['log_threshold'] = 0; +$config['log_threshold'] = 4; /* |-------------------------------------------------------------------------- diff --git a/wwwjuba/application/config/constants.php b/wwwjuba/application/config/constants.php index 18d3b4b..8a90051 100644 --- a/wwwjuba/application/config/constants.php +++ b/wwwjuba/application/config/constants.php @@ -83,3 +83,16 @@ defined('EXIT_USER_INPUT') OR define('EXIT_USER_INPUT', 7); // invalid user defined('EXIT_DATABASE') OR define('EXIT_DATABASE', 8); // database error defined('EXIT__AUTO_MIN') OR define('EXIT__AUTO_MIN', 9); // lowest automatically-assigned error code defined('EXIT__AUTO_MAX') OR define('EXIT__AUTO_MAX', 125); // highest automatically-assigned error code + +define('SITE_NAME','JubaBox'); +define('SITE_EMAIL','support@jubabox.com'); +define('SITE_PHONE','+1 911 9110'); +define('SITE_FAX','+1 9FX 9110'); + +define('PHP_API_OK', 0); +define('MAX_ADMIN_SESSION',1200); + + + + +define('USER_LOGIN', 100011); diff --git a/wwwjuba/application/config/facebook.php b/wwwjuba/application/config/facebook.php new file mode 100644 index 0000000..718c419 --- /dev/null +++ b/wwwjuba/application/config/facebook.php @@ -0,0 +1,29 @@ +testLoginInput($username, $password, $error_message, $valid_entry); + + if ( true == $valid_entry ) + { + if ($username!='' && $password !=''){ + + $data["page_title"] = ""; + $data["username"] = $username; //"auxsupport"; + $data["password"] = "may12002"; + $this->jubabox_webapi(USER_LOGIN, $data, $out); + //print_r( $data ); + //print_r( $out ); + if ( count($out) > 0 && isset($out[0]) ){ + $this->getSessionData($out[0], $session_data); // just for testing + + $this->buildUserSession(PHP_API_OK,$session_data); + $valid_login = true; + } + else + { + $error_message ="Invalid Username/Password"; + } + + } + } + + + + $this->load->view('home/view_login'); + } + + public function forgotpass() { + $this->index(); + } + + public function register() { + $this->index(); + } + + public function logout() { + $this->index(); + } + + public function login() { + $this->index(); + } - /** - * Index Page for this controller. - * - * Maps to the following URL - * http://example.com/index.php/welcome - * - or - - * http://example.com/index.php/welcome/index - * - or - - * Since this controller is set as the default controller in - * config/routes.php, it's displayed at http://example.com/ - * - * So any other public methods not prefixed with an underscore will - * map to /index.php/welcome/ - * @see https://codeigniter.com/user_guide/general/urls.html - */ - public function index() - { - $this->load->view('home/view_login'); - } - - public function forgotpass(){ - $this->index(); - } - public function register(){ - $this->index(); - } - public function logout(){ - $this->index(); - } - public function login(){ - $this->index(); - } } diff --git a/wwwjuba/application/controllers/Page.php b/wwwjuba/application/controllers/Page.php index 956bbbf..535623d 100644 --- a/wwwjuba/application/controllers/Page.php +++ b/wwwjuba/application/controllers/Page.php @@ -1,23 +1,9 @@ - * @see https://codeigniter.com/user_guide/general/urls.html - */ public function index() { $this->load->view('members/view_page'); diff --git a/wwwjuba/application/controllers/Startwww.php b/wwwjuba/application/controllers/Startwww.php index cfddda0..5af9ee6 100644 --- a/wwwjuba/application/controllers/Startwww.php +++ b/wwwjuba/application/controllers/Startwww.php @@ -1,11 +1,44 @@ + * @see https://codeigniter.com/user_guide/general/urls.html + */ + public function index() { + // echo "lslslsls"; + $this->load->view('home/view_home'); + } + + public function forgotpass() { + $this->index(); + } + + public function register() { + $this->index(); + } + + public function logout() { + $this->index(); + } + + public function login() { + $this->index(); + } - public function index() - { - $this->load->view('home/view_login'); - } } diff --git a/wwwjuba/application/core/JUB_Controller.php b/wwwjuba/application/core/JUB_Controller.php index 1a380fb..b0afb1f 100644 --- a/wwwjuba/application/core/JUB_Controller.php +++ b/wwwjuba/application/core/JUB_Controller.php @@ -27,6 +27,7 @@ class JUB_Controller extends CI_Controller { function __construct() { parent::__construct(); + $this->load->library(array('session')); } protected function smart_htmlspecialchars($str) { @@ -49,14 +50,10 @@ class JUB_Controller extends CI_Controller { } protected function jubabox_webapi($action, $in, &$out) { - global $savvyext; - $ret = -1; - $in['pid'] = 115; - - error_log("ret = $ret"); - error_log(json_encode($out)); - - return $ret; + $this->load->model('backend_model'); + $in["action"] = $action; + $in["pid"] = 100; + return $this->backend_model->jubabox_api($in, $out); } function formatedMesage($msgType, $theMessage) { diff --git a/wwwjuba/application/libraries/Lib_login.php b/wwwjuba/application/libraries/Lib_login.php new file mode 100644 index 0000000..57c0669 --- /dev/null +++ b/wwwjuba/application/libraries/Lib_login.php @@ -0,0 +1,217 @@ +ci =& get_instance(); + $this->ci->load->library('session'); + $this->ci->config->load('facebook'); + $this->ci->load->helper('url'); + if (! isset($_SESSION)) { + session_start(); + } + $this->facebook_default_scope = explode(',', $this->ci->config->item("facebook_default_scope")); + $facebook_app_id = $this->ci->config->item("facebook_app_id"); + $facebook_app_secret = $this->ci->config->item("facebook_app_secret"); + $this->facebook_login_url = base_url() . $this->ci->config->item("facebook_login_redirect_url").'/'; + $this->facebook_logout_url = base_url() . $this->ci->config->item("facebook_logout_redirect_url").'/'; + // init app with app id and secret + $this->fb = new Facebook([ + 'app_id' => $facebook_app_id, // Replace {app-id} with your app id + 'app_secret' => $facebook_app_secret, + 'default_graph_version' => 'v2.2', + ]); + $this->helper = $this->fb->getRedirectLoginHelper(); + } + + /** + * @return FB + */ + public function object() + { + return $this->fb; + } + + /** + * Check if user are logged in by checking if we have a Facebook + * session active. + * + * @return mixed|boolean + */ + public function is_authenticated() + { + $access_token = $this->authenticate(); + if (isset($access_token)) + { + return $access_token; + } + return false; + } + + /** + * Destroy our local Facebook session + */ + public function destroy_session() + { + $this->session->unset_userdata('fb_access_token'); + } + + public function getLoginUrl() { + return $this->helper->getLoginUrl($this->facebook_login_url, $this->facebook_default_scope); + } + + public function getLogoutUrl() { + return $this->helper->getLogoutUrl($this->get_access_token(), $this->facebook_logout_url); + } + + public function get_access_token() { + return $this->session->userdata('fb_access_token'); + } + + /** + * @return mixed + */ + private function get_expire_time() + { + return $this->session->userdata('fb_expire'); + } + /** + * @param DateTime $time + */ + private function set_expire_time(DateTime $time = null) + { + if ($time) { + $this->session->set_userdata('fb_expire', $time->getTimestamp()); + } + } + + public function authenticate() + { + $accessToken = $this->get_access_token(); + if ($accessToken && $this->get_expire_time() > (time() + 30) || $accessToken && !$this->get_expire_time()) + { + $this->fb->setDefaultAccessToken($accessToken); + return $accessToken; + } + // If we did not have a stored access token or if it has expired, try get a new access token + try { + $accessToken = $this->helper->getAccessToken($this->facebook_login_url); + } catch(Facebook\Exceptions\FacebookResponseException $e) { + // When Graph returns an error + return $this->constructResult(NULL, 'Graph returned an error: ' . $e->getMessage()); + } catch(Facebook\Exceptions\FacebookSDKException $e) { + // When validation fails or other local issues + return $this->constructResult(NULL, 'Facebook SDK returned an error: ' . $e->getMessage()); + } + + if (! isset($accessToken)) { + if ($this->helper->getError()) { + /*header('HTTP/1.0 401 Unauthorized'); + echo "Error: " . $helper->getError() . "\n"; + echo "Error Code: " . $helper->getErrorCode() . "\n"; + echo "Error Reason: " . $helper->getErrorReason() . "\n"; + echo "Error Description: " . $helper->getErrorDescription() . "\n"; + */ + return $this->constructResult(NULL, 'Unauthorized: '.$this->helper->getErrorDescription()); + } else { + return $this->constructResult(NULL, 'Bad request'); + } + } + // The OAuth 2.0 client handler helps us manage access tokens + $oAuth2Client = $this->fb->getOAuth2Client(); + // Get the access token metadata from /debug_token + ///$tokenMetadata = $oAuth2Client->debugToken($accessToken); + + if (! $accessToken->isLongLived()) { + // Exchanges a short-lived access token for a long-lived one + try { + $accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken); + $this->set_expire_time($accessToken->getExpiresAt()); + $this->set_access_token($accessToken); + $this->fb->setDefaultAccessToken($accessToken); + } catch (Facebook\Exceptions\FacebookSDKException $e) { + return $this->constructResult(NULL, "

Error getting long-lived access token: " . $this->helper->getMessage() . "

\n\n"); + } + //var_dump($accessToken->getValue()); + } + $_SESSION['fb_access_token'] = (string) $accessToken; + + return $accessToken; + } + + public function getData($accessToken) { + $user = NULL; + try { + // Returns a `Facebook\FacebookResponse` object + if ($accessToken!="") { + $response = $this->fb->get('/me?fields=id,name,email', $accessToken); + $user = $response->getGraphUser(); + } + } catch(Facebook\Exceptions\FacebookResponseException $e) { + return $this->constructResult(NULL,'Graph returned an error: ' . $e->getMessage()); + } catch(Facebook\Exceptions\FacebookSDKException $e) { + return $this->constructResult(NULL,'Facebook SDK returned an error: ' . $e->getMessage()); + } + return $this->constructResult($user, NULL); + } + + private function constructResult($me,$error) { + $fb_data = array( + 'me' => $me, + 'error' => $error + ); + $this->ci->session->set_userdata('fb_data', $fb_data); + return $fb_data; + } + + /** + * Enables the use of CI super-global without having to define an extra variable. + * I can't remember where I first saw this, so thank you if you are the original author. + * + * Borrowed from the Ion Auth library (http://benedmunds.com/ion_auth/) + * + * @param $var + * + * @return mixed + */ + public function __get($var) + { + return get_instance()->$var; + } +} diff --git a/wwwjuba/application/libraries/Member_Controller.php b/wwwjuba/application/libraries/Member_Controller.php index 5b072da..23127eb 100644 --- a/wwwjuba/application/libraries/Member_Controller.php +++ b/wwwjuba/application/libraries/Member_Controller.php @@ -2,7 +2,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); -class Practice_Controller extends JUB_Controller { +class Member_Controller extends JUB_Controller { public $data = array(); diff --git a/wwwjuba/application/models/Backend_model.php b/wwwjuba/application/models/Backend_model.php new file mode 100644 index 0000000..bfecb0b --- /dev/null +++ b/wwwjuba/application/models/Backend_model.php @@ -0,0 +1,39 @@ +USER = $_SERVER['SCRIPT_FILENAME']; + $this->USER = str_replace('/home', '', $this->USER); + $this->USER = strtok($this->USER, '/'); + if ($this->USER == 'opt') { + $this->USER = 'root'; + } + $this->thisUser = $this->USER; + } + + public function jubabox_api($in, $out = array()) { + $this->jubabox_load(); + $ret = $this->jubabox->jubabox_api($in, $out); + return $ret; + } + + public function cfgReadChar($str) { + $this->jubabox_load(); + $ret = $this->jubabox->cfgReadChar($str); + return $ret; + } + + private function jubabox_load() { + // $this->$USER = $_SERVER['SCRIPT_FILENAME']; + $jubabox_class = 'jubabox_api_' . $this->USER . '\\jubabox'; + if (!is_object($this->jubabox)) { + $this->jubabox = new $jubabox_class(); + } + } +} diff --git a/wwwjuba/application/views/home/view_home.php b/wwwjuba/application/views/home/view_home.php new file mode 100644 index 0000000..2ffb982 --- /dev/null +++ b/wwwjuba/application/views/home/view_home.php @@ -0,0 +1,147 @@ + + + + + + + + + + + + JubaBox + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+
+
+
+
+
+
+
+ branding logo +
+
+
+
+
+

Login

+
+
+

Welcome back, please login to your account.

+
+
+
+
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+
+
+
+
+ + + + + + + Remember me +
+
+
+
Forgot Password?
+
+ Login + +
+
+
+ +
+
+
+
+
+
+ +
+
+
+ + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/wwwjuba/application/views/home/view_login.php b/wwwjuba/application/views/home/view_login.php index 2db5a00..66e5480 100644 --- a/wwwjuba/application/views/home/view_login.php +++ b/wwwjuba/application/views/home/view_login.php @@ -65,9 +65,9 @@

Welcome back, please login to your account.

-
+
- +
@@ -75,7 +75,7 @@
- +
@@ -99,6 +99,7 @@
Register +
diff --git a/wwwjuba/backend.php b/wwwjuba/backend.php new file mode 100644 index 0000000..a8c7678 --- /dev/null +++ b/wwwjuba/backend.php @@ -0,0 +1,11 @@ + diff --git a/wwwjuba/index.html b/wwwjuba/index.html deleted file mode 100644 index e69de29..0000000