code-igniter-v3-giggi: update release v2
diff --git a/application/config/autoload.php b/application/config/autoload.php
index 7cdc901..c730abd 100644
--- a/application/config/autoload.php
+++ b/application/config/autoload.php
@@ -58,7 +58,7 @@
|
| $autoload['libraries'] = array('user_agent' => 'ua');
*/
-$autoload['libraries'] = array();
+$autoload['libraries'] = array('database', 'session', 'form_validation');
/*
| -------------------------------------------------------------------
@@ -89,7 +89,7 @@
|
| $autoload['helper'] = array('url', 'file');
*/
-$autoload['helper'] = array();
+$autoload['helper'] = array('form', 'url');
/*
| -------------------------------------------------------------------
diff --git a/application/config/config.php b/application/config/config.php
index 5e82e23..a028c9d 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -23,7 +23,8 @@
| a PHP script and you can easily do that on your own.
|
*/
-$config['base_url'] = 'https://www.giggi.me/';
+$__host_name = getenv('HOST_NAME');
+$config['base_url'] = 'https://' . $__host_name . '/';
/*
|--------------------------------------------------------------------------
@@ -377,13 +378,13 @@
| except for 'cookie_prefix' and 'cookie_httponly', which are ignored here.
|
*/
-$config['sess_driver'] = 'files';
+$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 7200;
-$config['sess_save_path'] = NULL;
+$config['sess_save_path'] = 'sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
-$config['sess_regenerate_destroy'] = FALSE;
+$config['sess_regenerate_destroy'] = TRUE;
/*
|--------------------------------------------------------------------------
@@ -403,8 +404,8 @@
$config['cookie_prefix'] = '';
$config['cookie_domain'] = '';
$config['cookie_path'] = '/';
-$config['cookie_secure'] = FALSE;
-$config['cookie_httponly'] = FALSE;
+$config['cookie_secure'] = TRUE;
+$config['cookie_httponly'] = TRUE;
/*
|--------------------------------------------------------------------------
diff --git a/application/config/database.php b/application/config/database.php
index 01eb5b4..eda78bb 100644
--- a/application/config/database.php
+++ b/application/config/database.php
@@ -82,13 +82,19 @@
'dbdriver' => 'mysqli',
'dbprefix' => '',
'pconnect' => FALSE,
- 'db_debug' => TRUE,
+ 'db_debug' => FALSE,
'cache_on' => FALSE,
'cachedir' => '',
'char_set' => 'utf8',
'dbcollat' => 'utf8_general_ci',
'swap_pre' => '',
- 'encrypt' => TRUE,
+ 'encrypt' => [
+ 'ssl_capath' => getenv('MYSQL_SSL_CAPATH'),
+ 'ssl_cert' => getenv('MYSQL_SSL_CERT'),
+ 'ssl_key' => getenv('MYSQL_SSL_KEY'),
+ 'ssl_ca' => getenv('MYSQL_SSL_CA'),
+ 'ssl_verify' => FALSE
+ ],
'compress' => FALSE,
'stricton' => FALSE,
'failover' => array(),
@@ -97,10 +103,10 @@
$db['default'] = array(
'dsn' => '',
- 'hostname' => 'localhost',
- 'username' => '',
- 'password' => '',
- 'database' => '',
+ 'hostname' => getenv('MYSQL_HOSTNAME'),
+ 'username' => getenv('MYSQL_USER'),
+ 'password' => getenv('MYSQL_PASSWORD'),
+ 'database' => getenv('MYSQL_DATABASE'),
'dbdriver' => 'mysqli',
'dbprefix' => '',
'pconnect' => FALSE,
@@ -110,7 +116,13 @@
'char_set' => 'utf8',
'dbcollat' => 'utf8_general_ci',
'swap_pre' => '',
- 'encrypt' => FALSE,
+ 'encrypt' => [
+ 'ssl_capath' => getenv('MYSQL_SSL_CAPATH'),
+ 'ssl_cert' => getenv('MYSQL_SSL_CERT'),
+ 'ssl_key' => getenv('MYSQL_SSL_KEY'),
+ 'ssl_ca' => getenv('MYSQL_SSL_CA'),
+ 'ssl_verify' => FALSE
+ ],
'compress' => FALSE,
'stricton' => FALSE,
'failover' => array(),
diff --git a/application/config/routes.php b/application/config/routes.php
index ec2e36c..5aadce0 100644
--- a/application/config/routes.php
+++ b/application/config/routes.php
@@ -49,41 +49,28 @@
| Examples: my-controller/index -> my_controller/index
| my-controller/my-method -> my_controller/my_method
*/
-/* Requested URI is empty - https://www.giggi.me */
-$route['default_controller'] = 'pelican/index';
+/* Requested URI is empty */
+$route['default_controller'] = 'pelican/public_root';
-/* Requested URI is 'about' - https://www.giggi.me/about */
-$route['(^about$|page/about)'] = 'pelican/view/about';
+$route['^archive$'] = 'pelican/public_root/archives';
+$route['^(author|a)$'] = 'pelican/public_root/authors';
+$route['^(blog|b)$'] = 'pelican/public_root/blog';
+$route['^(category|c)$'] = 'pelican/public_root/categories';
+$route['^gitles$'] = 'pelican/public_gitles';
+$route['^(home|h)$'] = 'pelican/public_root/index';
+$route['^(/|index|i)$'] = 'pelican/public_root/index';
+$route['^(tag|t)$'] = 'pelican/public_root/tags';
-/* Requested URI is 'blog' - https://www.giggi.me/blog */
-$route['^blog$'] = 'pelican/view/blog';
+$route['^(author|a)/(.+)'] = 'pelican/public_author/$2';
+$route['(blog|b)/(.+)'] = 'pelican/public_blog/$2';
+$route['^(category|c)/(.+)'] = 'pelican/public_category/$2';
+$route['^(draft|d)/(.+)'] = 'pelican/public_draft/$2';
-/* Requested URI is 'blog' - https://www.giggi.me/blog/foo.html */
-$route['^blog/(.+)'] = 'pelican/view/$1';
-
-/* Requested URI is 'category' - https://www.giggi.me/category/bar.html */
-$route['^category/(.+)'] = 'pelican/view/$1';
-
-/* Requested URI is 'ftp' - https://www.giggi.me/ftp */
-$route['(^ftp$|page/ftp)'] = 'pelican/view/ftp';
-
-/* Requested URI is 'git' - https://www.giggi.me/gerrit */
-$route['gerrit'] = 'pelican/view/index';
-
-/* Requested URI is 'git' - https://www.giggi.me/git */
-$route['(^git$|page/git)'] = 'pelican/view/git';
-
-/* Requested URI is 'home' - https://www.giggi.me/home */
-$route['home'] = 'pelican/index';
-
-/* Requested URI is 'invite' - https://www.giggi.me/invite */
+$route['(^about$|page/about)'] = 'pelican/public_page/about';
+$route['(^ftp$|page/ftp)'] = 'pelican/public_page/ftp';
+$route['(^git$|page/git)'] = 'pelican/public_page/git';
$route['(^invite$|page/invite)'] = 'invite/view/invite';
-
-/* Requested URI is 'login' - https://www.giggi.me/login */
-$route['(^login$|page/login)'] = 'login/view/login';
-
-/* Requested URI is 'mail' - https://www.giggi.me/mail */
-$route['(^mail$|page/mail)'] = 'pelican/view/mail';
+$route['(^mail$|page/mail)'] = 'pelican/public_page/mail';
$route['404_override'] = '';
$route['translate_uri_dashes'] = FALSE;
diff --git a/application/controllers/Invite.php b/application/controllers/Invite.php
index 9c98621..064bd45 100644
--- a/application/controllers/Invite.php
+++ b/application/controllers/Invite.php
@@ -20,13 +20,6 @@
$file_html = $file_name.'.html';
if ($this->is_valid_file('views/page/', $file_html))
{
- /* Got to open a connection here as validation may require one */
- if (!$this->load->database())
- redirect(base_url('index.html'));
-
- $this->load->helper(array('form', 'url'));
- $this->load->library('form_validation');
-
$this->form_validation->set_rules('username', 'Username',
'required|min_length[5]|max_length[12]|is_unique[users.username]',
array(
@@ -66,7 +59,11 @@
$stmt = "INSERT INTO users (username, email, password) VALUES (?, ?, ?)";
$data = $this->input->post(array('username', 'email'));
$password = $this->input->post('password');
- $hash_password = password_hash($password, PASSWORD_DEFAULT);
+
+ $pepp = getenv('HOST_PEPPER');
+ $pepp_password = hash_hmac("sha256", $password, $pepp);
+ $hash_password = password_hash($pepp_password, PASSWORD_BCRYPT);
+
$data['password'] = $hash_password;
if (!$this->db->query($stmt, $data))
@@ -84,7 +81,6 @@
}
}
- $this->db->close();
$this->load->view('page/'.$file_html);
}
else
diff --git a/application/controllers/Login.php b/application/controllers/Login.php
index 91e1abe..9ff0c8c 100644
--- a/application/controllers/Login.php
+++ b/application/controllers/Login.php
@@ -28,38 +28,32 @@
if (!$password || !$db_password)
return false;
- return verify_password($password, $db_password);
+ $pepp = getenv('HOST_PEPPER');
+ $pepp_password = hash_hmac("sha256", $password, $pepp);
+
+ return password_verify($pepp_password, $db_password);
}
- private function is_login_valid($db_username = NULL, $db_password = NULL)
+ private function is_login_valid($db_username = NULL, $username = NULL,
+ $db_password = NULL, $password = NULL)
{
if (!$db_username || !$db_password)
return false;
- $username = $this->input->post('username');
- $password = $this->input->post('password');
-
if (!$this->is_username_valid($username, $db_username))
return false;
-
+
if (!$this->is_password_valid($password, $db_password))
return false;
return true;
}
- public function view($file_name = 'login')
+ private function view($file_name = 'login')
{
$file_html = $file_name.'.html';
if ($this->is_valid_file('views/page/', $file_html))
{
- /* Got to open a connection here as validation may require one */
- if (!$this->load->database())
- redirect(base_url('index.html'));
-
- $this->load->helper(array('form', 'url'));
- $this->load->library('form_validation');
-
$this->form_validation->set_rules('username', 'Username', 'required',
array('required' => 'You must provide a %s')
);
@@ -70,38 +64,49 @@
if ($this->is_post_valid())
{
+ $username = $this->input->post('username');
+ $password = $this->input->post('password');
+
/* Add backticks on ientifiers */
$this->db->protect_identifiers('users', TRUE);
+ $this->db->protect_identifiers('username', TRUE);
+ $this->db->protect_identifiers('password', TRUE);
/* Always use query bindings as they are automatically escaped */
- $stmt = "SELECT FROM users (username, password)";
- $data = $this->db->query($stmt, $data);
+ $stmt = "SELECT username,password FROM users WHERE username = ?";
+ $db_data = $this->db->query($stmt, $username);
/* Return an array of row objects, empty array on failure */
- $db_data = $data->result();
+ $db_data = $db_data->result();
if ($db_data && $db_data[0])
{
$db_username = $db_data[0]->username;
$db_password = $db_data[0]->password;
- if (is_login_valid($db_username, $db_passowrd))
+ if ($this->is_login_valid($db_username, $username,
+ $db_password, $password))
{
/* Initialize session data */
$this->form_validation->set_string('Login successful');
+ $_SESSION['username'] = $db_username;
}
else
{
- /* Debug:
- *
- * $error = $this->db->error();
- * var_dump($error);
- */
- $this->form_validation->set_message('submit_msg', 'Didn\'t work, :|');
+ //Debug:
+
+ //$error = $this->db->error();
+ //var_dump($error);
+
+ $this->form_validation->set_message(
+ 'submit_msg', 'Didn\'t work, :|');
}
}
+ else
+ {
+ $this->form_validation->set_string('I am empty, -.-');
+ }
}
/* Validation errors already set, if any */
- $this->db->close();
$this->load->view('page/'.$file_html);
}
else
@@ -109,4 +114,46 @@
redirect(base_url('index.html'));
}
}
+
+ public function auth($param = NULL)
+ {
+ $username = isset($_POST['username']) ? $_POST['username'] : NULL;
+ $password = isset($_POST['password']) ? $_POST['password'] : NULL;
+ if (!$username || !$password)
+ {
+ $this->output->set_status_header(404);
+ return;
+ }
+
+ /* 1 for active user */
+ $status = 1;
+
+ /* Add backticks on ientifiers */
+ $this->db->protect_identifiers('users', TRUE);
+ $this->db->protect_identifiers('username', TRUE);
+ $this->db->protect_identifiers('password', TRUE);
+
+ /* Always use query bindings as they are automatically escaped */
+ $stmt = "SELECT username,password FROM users WHERE username = ? AND status = ?";
+ $db_data = $this->db->query($stmt, [$username, $status]);
+
+ /* Return an array of row objects, empty array on failure */
+ $db_data = $db_data->result();
+ if ($db_data && $db_data[0])
+ {
+ $db_username = $db_data[0]->username;
+ $db_password = $db_data[0]->password;
+ if ($this->is_login_valid($db_username, $username,
+ $db_password, $password))
+ {
+ /* Initialize session data */
+ $this->output->set_status_header(204);
+ $_SESSION['username'] = $db_username;
+
+ return;
+ }
+ }
+
+ $this->output->set_status_header(404);
+ }
}
diff --git a/application/controllers/Pelican.php b/application/controllers/Pelican.php
index 35eeb2d..01ca772 100644
--- a/application/controllers/Pelican.php
+++ b/application/controllers/Pelican.php
@@ -1,42 +1,93 @@
<?php
class Pelican extends CI_Controller {
- private function is_valid_file($rel_path = '/', $file_html = 'home.html')
+ private function is_valid_file($rel_path = '/', $file_html = 'index.html')
{
$abs_path = APPPATH.$rel_path.$file_html;
- if (file_exists($abs_path))
- return true;
-
- return false;
+ return file_exists($abs_path);
}
- public function index()
+ public function public_author($file_name = 'index')
{
- $this->load->view('index.html');
+ $file_html = $file_name.'.html';
+ if ($this->is_valid_file('views/author/', $file_html))
+ {
+ $this->load->view('author/'.$file_html);
+ }
+ else
+ {
+ header('Location: https://'.$_SERVER['HTTP_HOST']);
+ }
}
- public function view($file_name = 'home')
+ public function public_blog($file_name = 'index')
{
$file_html = $file_name.'.html';
if ($this->is_valid_file('views/blog/', $file_html))
{
$this->load->view('blog/'.$file_html);
}
- else if ($this->is_valid_file('views/category/', $file_html))
+ else
+ {
+ header('Location: https://'.$_SERVER['HTTP_HOST']);
+ }
+ }
+
+ public function public_category($file_name = 'index')
+ {
+ $file_html = $file_name.'.html';
+ if ($this->is_valid_file('views/category/', $file_html))
{
$this->load->view('category/'.$file_html);
}
- else if ($this->is_valid_file('views/page/', $file_html))
+ else
+ {
+ header('Location: https://'.$_SERVER['HTTP_HOST']);
+ }
+ }
+
+ public function public_draft($file_name = 'index')
+ {
+ $file_html = $file_name.'.html';
+ if ($this->is_valid_file('views/draft/blog', $file_html))
+ {
+ $this->load->view('draft/blog/'.$file_html);
+ }
+ else
+ {
+ header('Location: https://'.$_SERVER['HTTP_HOST']);
+ }
+ }
+
+ public function public_gitles()
+ {
+ $gerrit_gitles = '/gerrit/plugins/gitiles/';
+ header('Location: https://'.$_SERVER['HTTP_HOST'].$gerrit_gitles);
+ }
+
+ public function public_page($file_name = 'index')
+ {
+ $file_html = $file_name.'.html';
+ if ($this->is_valid_file('views/page/', $file_html))
{
$this->load->view('page/'.$file_html);
}
- else if ($this->is_valid_file('views/', $file_html))
+ else
+ {
+ header('Location: https://'.$_SERVER['HTTP_HOST']);
+ }
+ }
+
+ public function public_root($file_name = 'index')
+ {
+ $file_html = $file_name.'.html';
+ if ($this->is_valid_file('views/', $file_html))
{
$this->load->view($file_html);
}
else
{
- $this->index();
+ header('Location: https://'.$_SERVER['HTTP_HOST']);
}
}
}