Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Godshell
Skynet
Commits
66969895
Commit
66969895
authored
Oct 20, 2014
by
Jason Frisvold
Browse files
- index with current changes for login/out
- necessary templates
parent
6893fdea
Changes
4
Hide whitespace changes
Inline
Side-by-side
gui/index.php
View file @
66969895
...
...
@@ -25,30 +25,26 @@
// Load the configuration file
require_once
(
"config.php"
);
// Global
s
$data
=
array
(
'skynet_favicon'
=>
$skynet_favicon
,
'skynet_stylesheet'
=>
$skynet_stylesheet
,
'skynet_homepage'
=>
$skynet_homepage
,
'skynet_version'
=>
$skynet_version
,
);
// Global
array for Smarty data
$data
=
array
(
'skynet_favicon'
=>
$skynet_favicon
,
'skynet_stylesheet'
=>
$skynet_stylesheet
,
'skynet_homepage'
=>
$skynet_homepage
,
'skynet_version'
=>
$skynet_version
,
);
// Connect to the database server
$sqlhdlr
=
new
mysqli
(
$skynet_dbHost
,
$skynet_dbUser
,
$skynet_dbPass
,
$skynet_dbName
);
// Make sure we have a connection
// TODO : This should be slimified (whatever that means)
if
(
mysqli_connect_errno
())
{
die
(
'<p>Unable to connect to the database server at this time: '
.
mysqli_connect_error
()
.
' </p>'
);
}
function
prep_smarty
(
$app
)
{
$smarty
=
$app
->
view
()
->
getInstance
();
$smarty
->
loadFilter
(
"pre"
,
'whitespace_control'
);
$smarty
->
debugging
=
true
;
}
// Instantiate a slim instance
$app
=
new
\
Slim\Slim
(
array
(
'view'
=>
new
\
Slim\Views\Smarty
(),
'debug'
=>
true
,
...
...
@@ -58,6 +54,8 @@
'mode'
=>
'development'
));
// We want to use Smarty for templates, this sets up the necessary Smarty
// configuration within Slim
$view
=
$app
->
view
();
$view
->
parserDirectory
=
$skynet_smarty_dir
;
$view
->
parserCompileDirectory
=
"
$skynet_work_dir
/templates_c"
;
...
...
@@ -66,27 +64,18 @@
dirname
(
__FILE__
)
.
'/libs'
,
);
$authenticateForRole
=
function
(
$role
=
'member'
)
{
return
function
()
use
(
$role
)
{
$user
=
User
::
fetchFromDatabaseSomehow
();
if
(
$user
->
belongsToRole
(
$role
)
===
false
)
{
$app
=
\
Slim\Slim
::
getInstance
();
$app
->
flash
(
'error'
,
'Login required'
);
$app
->
redirect
(
'/login'
);
}
};
};
$isauthenticated
=
function
()
{
return
function
()
{
$app
->
hook
(
'slim.before'
,
function
()
use
(
$app
)
{
$app
->
view
()
->
appendData
(
array
(
'baseUrl'
=>
'/index.php/'
));
});
$isauthenticated
=
function
(
$role
=
'user'
)
{
return
function
()
use
(
$role
)
{
// Globalize the phptodo variables needed
global
$skynet_dbHost
,
$skynet_dbUser
,
$skynet_dbPass
,
$skynet_dbName
,
$skynet_sessTime
,
$sqlhdlr
,
$data
;
// Globalize the user variables
//global $smarty;
$skynet_sessTime
,
$skynet_serveruri
,
$sqlhdlr
,
$data
;
// Try and get the id, last time, and user if from the sessions database
// Try and get the id, last time, and user id from the sessions
// database
$query
=
sprintf
(
'SELECT id, last, user_id FROM sessions WHERE '
.
'phpsessid = "%s"'
,
session_id
());
...
...
@@ -97,48 +86,49 @@
die
(
'Error: '
.
$sqlhdlr
->
error
);
}
// Check to see if an id was set, and if the time is
goo
d
// Check to see if an id was set, and if the time is
vali
d
if
((
isset
(
$id
))
&&
((
$last
+
$skynet_sessTime
)
>=
time
()))
{
// Good session, update the timestamp
$query
=
sprintf
(
"UPDATE sessions SET last = %d WHERE id = %d"
,
time
(),
$id
);
$query
=
sprintf
(
"UPDATE sessions SET last = %d WHERE id = %d"
,
time
(),
$id
);
$sqlhdlr
->
query
(
$query
)
or
die
(
'Error: '
.
$sqlhdlr
->
error
);
// Create the user object
$user_obj
=
new
skynetUser
(
$skynet_dbHost
,
$skynet_dbUser
,
$skynet_dbPass
,
$skynet_dbName
,
$user_id
);
$skynet_dbPass
,
$skynet_dbName
,
$user_id
);
// Assign the appropriate data to the smarty $data array
$data
[
'username'
]
=
$user_obj
->
username
();
$data
[
'adminflag'
]
=
$user_obj
->
adminflag
();
// Assign the username to the smarty template
//$smarty->assign('username', $user_obj->username());
//$smarty->assign('adminflag', $user_obj->adminflag());
if
(
get_magic_quotes_gpc
())
{
$data
[
'fullname'
]
=
stripslashes
(
htmlentities
(
$user_obj
->
fullname
(),
ENT_QUOTES
));
// $smarty->assign('fullname',
// stripslashes(htmlentities($user_obj->fullname(),
// ENT_QUOTES)));
}
else
{
$data
[
'fullname'
]
=
htmlentities
(
$user_obj
->
fullname
(),
ENT_QUOTES
);
// $smarty->assign('fullname', htmlentities($user_obj->fullname(),
// ENT_QUOTES));
}
return
(
$user_obj
);
}
else
{
// If a guest role, then bypass the login redirect
if
(
$role
==
'guest'
)
{
$data
[
'username'
]
=
'guest'
;
return
;
}
// Return a 0 to indicate that authentication was not successful
$app
=
\
Slim\Slim
::
getInstance
();
$app
->
flash
(
'error'
,
'Login required'
);
//
$app->redirect('/login');
$app
->
redirect
(
'/login'
);
}
// Return a 0 to indicate that authentication was not successful
$app
=
\
Slim\Slim
::
getInstance
();
$app
->
flash
(
'error'
,
'Login required'
);
//
$app->redirect('/login');
$app
->
redirect
(
'/login'
);
};
};
...
...
@@ -147,77 +137,95 @@
global
$data
;
prep_smarty
(
$app
);
print_r
(
$data
);
$app
->
render
(
'index.tpl'
,
$data
);
$app
->
render
(
'main.tpl'
,
$data
);
});
// GET route
$app
->
post
(
'/'
,
function
()
use
(
$app
)
{
// Login routine
// TODO: Add a redirect here for users already logged in
$app
->
get
(
'/login'
,
function
()
use
(
$app
)
{
global
$data
;
prep_smarty
(
$app
);
$app
->
render
(
'
index
.tpl'
,
$data
);
$app
->
render
(
'
login
.tpl'
,
$data
);
});
$app
->
run
();
// Login routine
$app
->
post
(
'/login'
,
function
()
use
(
$app
)
{
// Some global variables
$skynet_nameRegex
=
'/^[a-zA-Z0-9_\-]{1,15}\z/'
;
$skynet_pwdRegex
=
'/^[a-zA-Z0-9@#$%\^&\*\/]{4,15}\z/'
;
// Check to see if this is a login attempt
if
(
isset
(
$_REQUEST
[
'username'
])
&&
isset
(
$_REQUEST
[
'password'
]))
{
if
(
preg_match
(
$skynet_nameRegex
,
$_REQUEST
[
'username'
])
&&
preg_match
(
$skynet_pwdRegex
,
$_REQUEST
[
'password'
]))
{
$authenticated
=
login
(
$_REQUEST
[
'username'
],
$_REQUEST
[
'password'
]);
}
else
{
$app
->
flash
(
'error'
,
'Invalid Username or Password'
);
$app
->
redirect
(
'/login'
);
}
}
else
{
$app
->
flash
(
'error'
,
'Username or Password missing'
);
$app
->
redirect
(
'/login'
);
}
// If the user is authenticated, jump them to the main page
if
((
isset
(
$authenticated
)
&&
(
$authenticated
==
1
))
||
(
$user_obj
=
authenticate
()))
{
if
(
isset
(
$_SESSION
[
'redirect'
]))
{
$app
->
redirect
(
$_SESSION
[
'redirect'
]);
}
else
{
$app
->
redirect
(
'/'
);
}
unset
(
$_SESSION
[
'redirect'
]);
// Define usesmarty (to indicate that config needs to load smarty)
define
(
'usesmarty'
,
1
);
// Otherwise show the login page
}
else
{
$app
->
flash
(
'error'
,
'Invalid Username or Password'
);
$app
->
redirect
(
'/login'
);
}
// Connect to the database server
$sqlhdlr
=
new
mysqli
(
$skynet_dbHost
,
$skynet_dbUser
,
$skynet_dbPass
,
$skynet_dbName
);
// Make sure we have a connection
if
(
mysqli_connect_errno
())
{
die
(
'<p>Unable to connect to the database server at this time: '
.
mysqli_connect_error
()
.
' </p>'
);
}
$app
->
flash
(
'error'
,
'Critical Failure'
);
$app
->
redirect
(
'/login'
);
// Some global variables
$skynet_nameRegex
=
'/^[a-zA-Z0-9_\-]{1,15}\z/'
;
$skynet_pwdRegex
=
'/^[a-zA-Z0-9@#$%\^&\*\/]{4,15}\z/'
;
});
// Check to see if this is a login attempt
if
(
isset
(
$_REQUEST
[
'username'
])
&&
isset
(
$_REQUEST
[
'password'
]))
{
if
(
preg_match
(
$skynet_nameRegex
,
$_REQUEST
[
'username'
])
&&
preg_match
(
$skynet_pwdRegex
,
$_REQUEST
[
'password'
]))
{
$authenticated
=
login
(
$_REQUEST
[
'username'
],
$_REQUEST
[
'password'
]);
}
else
{
$authenticated
=
0
;
}
}
// Login routine
$app
->
get
(
'/logout'
,
function
()
use
(
$app
)
{
// If the user is authenticated, jump them to the main page
if
((
isset
(
$authenticated
)
&&
(
$authenticated
==
1
))
||
(
$user_obj
=
authenticate
()))
{
if
(
isset
(
$_SESSION
[
'redirect'
]))
{
header
(
'Location: '
.
$_SESSION
[
'redirect'
]);
}
else
{
//header('Location: ' . $skynet_serveruri .
// dirname($_SERVER['PHP_SELF']) . '/main.php');
header
(
'Location: '
.
$skynet_serveruri
.
join_paths
(
dirname
(
$_SERVER
[
'PHP_SELF'
]),
'/main.php'
));
}
unset
(
$_SESSION
[
'redirect'
]);
logout
();
$app
->
flash
(
'success'
,
'Logout successful'
);
$app
->
redirect
(
'/login'
);
});
// Otherwise show the login page
}
else
{
// If the previous attempt was a failure, show it properly
if
(
isset
(
$authenticated
)
&&
(
$authenticated
==
0
))
{
$smarty
->
assign
(
'failed'
,
1
);
}
// GET route
$app
->
get
(
'/about'
,
$isauthenticated
(
'guest'
),
function
()
use
(
$app
)
{
global
$data
;
prep_smarty
(
$app
);
// Display the template
//$smarty->display('index.tpl');
}
$app
->
render
(
'about.tpl'
,
$data
);
});
$app
->
run
();
$sqlhdlr
->
close
();
?>
// Loads the whitespace_control filter for handling comments within the
// Smarty templates
function
prep_smarty
(
$app
)
{
global
$skynet_debug
;
$smarty
=
$app
->
view
()
->
getInstance
();
$smarty
->
loadFilter
(
"pre"
,
'whitespace_control'
);
$smarty
->
debugging
=
$skynet_debug
;
}
?>
\ No newline at end of file
gui/templates/about.tpl
View file @
66969895
...
...
@@ -20,7 +20,8 @@
<head>
<meta
http-equiv=
'content-type'
content=
'text/html; charset=ISO-8859-1'
/>
<link
rel=
'shortcut icon'
type=
'image/x-icon'
href=
'
{
$skynet_favicon
}
'
>
<link
rel=
'stylesheet'
href=
'css/reset.css'
type=
'text/css'
/>
<link
href=
"/bootstrap/css/bootstrap.min.css"
rel=
"stylesheet"
>
<link
href=
"/bootstrap/css/bootstrap-theme.min.css"
rel=
"stylesheet"
>
<link
rel=
'stylesheet'
href=
'
{
$skynet_stylesheet
}
'
type=
'text/css'
/>
<title>
Skynet Automated Security Scanner
</title>
</head>
...
...
gui/templates/header.tpl
View file @
66969895
...
...
@@ -23,16 +23,16 @@
{
if
$page
==
'main'
}
[main]
{
else
}
[
<a
href=
'
main.php
'
>
main
</a>
]
[
<a
href=
'
/
'
>
main
</a>
]
{/
if
}
{
if
$page
==
'about'
}
[about]
{
else
}
[
<a
href=
'about
.php
'
>
about
</a>
]
[
<a
href=
'
/
about'
>
about
</a>
]
{/
if
}
[
<a
href=
'logout
.php
'
>
logout
</a>
]
[
<a
href=
'
/
logout'
>
logout
</a>
]
{
else
}
[
<a
href=
'
index.php
'
>
login
</a>
]
[
<a
href=
'
/login
'
>
login
</a>
]
{/
if
}
</span>
</p>
...
...
gui/templates/login.tpl
View file @
66969895
...
...
@@ -21,27 +21,39 @@
<meta
name=
'robots'
content=
'noindex, nofollow'
/>
<meta
http-equiv=
'content-type'
content=
'text/html; charset=ISO-8859-1'
/>
<link
rel=
'shortcut icon'
type=
'image/x-icon'
href=
'
{
$skynet_favicon
}
'
>
<link
rel=
'stylesheet'
href=
'css/reset.css'
type=
'text/css'
/>
<link
href=
"/bootstrap/css/bootstrap.min.css"
rel=
"stylesheet"
>
<link
href=
"/bootstrap/css/bootstrap-theme.min.css"
rel=
"stylesheet"
>
<link
rel=
'stylesheet'
href=
'
{
$skynet_stylesheet
}
'
type=
'text/css'
/>
<title>
Skynet Automated Security Scanner
</title>
</head>
<body>
<h1>
Welcome to Skynet
</h1>
<h3>
Please login :
</h3>
<form
action=
"index.php"
method=
"post"
>
<div
class=
"centered"
>
UserName :
<input
type=
"text"
name=
"username"
alt=
'Username'
size=
'15'
/>
Password :
<input
type=
"password"
name=
"password"
alt=
'Password'
size=
'15'
/>
<input
type=
"submit"
value=
"Log In"
/>
<form
action=
"login"
method=
"post"
>
<div
class=
"col-sm-8 col-sm-offset-2 col-md-10 col-md-offset-1"
>
<div
class=
"input-group"
>
<span
class=
"input-group-addon"
><span
class=
"glyphicon glyphicon-user"
></span></span>
<input
type=
"text"
class=
"form-control"
placeholder=
"username"
id=
"username"
name=
"username"
tabindex=
"1"
accesskey=
""
path=
"username"
autocomplete=
"false"
htmlEscape=
"true"
autofocus
/>
</div>
<div
class=
"input-group"
>
<span
class=
"input-group-addon"
><span
class=
"glyphicon glyphicon-lock"
></span></span>
<input
id=
"password"
name=
"password"
tabindex=
"2"
placeholder=
"password"
class=
"form-control"
type=
"password"
value=
""
autocomplete=
"off"
/>
</div>
<input
type=
"submit"
class=
"btn btn-primary btn-lg btn-block"
value=
"Log In"
/>
</div>
</form>
{
if
isset
(
$logout
)
}
<h3
class=
'alert'
>
Logout Successful
</h3>
<div
class=
"col-sm-8 col-sm-offset-2 col-md-10 col-md-offset-1"
>
{
if
isset
(
$smarty.session
[
'slim.flash'
].
error
)
}
<div
class=
'alert alert-danger'
>
{
$smarty.session
[
'slim.flash'
].
error
}
</div>
{/
if
}
{
if
isset
(
$
failed
)
}
<h3
class=
'alert
'
>
Login Failed
</h3
>
{
if
isset
(
$
smarty.session
[
'slim.flash'
].
success
)
}
<div
class=
'alert
alert-success'
>
{
$smarty.session
[
'slim.flash'
].
success
}
</div
>
{/
if
}
</div>
{
include
file
=
'footer.tpl'
}
</body>
</html>
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment