Webdev project

Author: rmvavilov

.gitignore

@@ -0,0 +1,20 @@
+config.ini
+
+vendor/
+node_modules/
+
+# Laravel 4 specific
+bootstrap/compiled.php
+app/storage/
+
+# Laravel 5 & Lumen specific
+bootstrap/cache/
+.env.*.php
+.env.php
+.env
+
+# Rocketeer PHP task runner and deployment package. https://github.com/rocketeers/rocketeer
+.rocketeer/
+
+# PHPStorm
+.idea

.htaccess

@@ -0,0 +1,7 @@
+# remove file extension from url
+RewriteRule ^(([^/]+/)*[^.]+)$ /$1.php [L]
+
+<FilesMatch "\.(?:ini)$">
+Order allow,deny
+Deny from all
+</FilesMatch>

adminer.php

@@ -0,0 +1,96 @@
+<?php
+session_start();
+
+set_error_handler('errorHandler');
+function errorHandler($error_number, $error_message, $filename, $error_line_number)
+{
+    $date = date('Y-m-d H:i:s (T)');
+    $f = fopen('error.txt', 'a');
+    if (!empty($f)) {
+        $filename = str_replace($_SERVER['DOCUMENT_ROOT'], '', $filename);
+        $err = "$date: $error_message = $filename = $error_line_number\r\n";
+        fwrite($f, $err);
+        fclose($f);
+    }
+}
+
+// read main config file
+$config_file = 'config.ini';
+$config = parse_ini_file($config_file);
+if (!$config) {
+    echo 'Could not read config file - please check the config file';
+    die();
+}
+
+// DB PARAMETERS
+define('DB_HOST', $config['db_host']);
+define('DB_USERNAME', $config['db_username']);
+define('DB_PASSWORD', $config['db_password']);
+define('DB_NAME', $config['db_name']);
+
+class DB
+{
+    private static $instance = null;
+
+    static public function getInstance()
+    {
+        if (self::$instance == null) {
+            self::$instance = mysqli_connect(DB_HOST, DB_USERNAME, DB_PASSWORD, DB_NAME);
+            mysqli_set_charset(self::$instance, "utf8");
+        }
+        return self::$instance;
+    }
+
+    private function __construct()
+    {
+    }
+
+    private function __clone()
+    {
+    }
+}
+
+// VK API parameters
+$vk_app_id = $config['vk_app_id'];
+$vk_api_secure_key = $config['vk_api_secure_key'];
+$vk_api_redirect_uri = $config['vk_api_redirect_uri'];
+$vk_api_url = $config['vk_api_url'];
+$vk_api_token_url = $config['vk_api_token_url'];
+$vk_api_user_info_url = $config['vk_api_user_info_url'];
+$vk_api_parameters = array(
+    'client_id' => $vk_app_id,
+    'redirect_uri' => $vk_api_redirect_uri,
+    'response_type' => 'code'
+);
+
+// Facebook API parameters
+$facebook_app_id = $config['facebook_app_id'];
+$facebook_api_secure_key = $config['facebook_api_secure_key'];
+$facebook_api_redirect_uri = $config['facebook_api_redirect_uri'];
+$facebook_api_url = $config['facebook_api_url'];
+$facebook_api_token_url = $config['facebook_api_token_url'];
+$facebook_api_user_info_url = $config['facebook_api_user_info_url'];
+$facebook_api_parameters = array(
+    'client_id' => $facebook_app_id,
+    'redirect_uri' => $facebook_api_redirect_uri,
+    'response_type' => 'code',
+    'scope' => 'public_profile'
+);
+
+// Google API parameters
+$google_app_id = $config['google_app_id'];
+$google_api_secure_key = $config['google_api_secure_key'];
+$google_api_redirect_uri = $config['google_api_redirect_uri'];
+$google_api_url = $config['google_api_url'];
+$google_api_token_url = $config['google_api_token_url'];
+$google_api_user_info_url = $config['google_api_user_info_url'];
+
+$google_api_profile_scope = ' https://www.googleapis.com/auth/userinfo.profile';
+$google_api_email_scope = 'https://www.googleapis.com/auth/userinfo.email';
+
+$google_api_parameters = array(
+    'redirect_uri'  => $google_api_redirect_uri,
+    'response_type' => 'code',
+    'client_id'     => $google_app_id,
+    'scope'         => $google_api_profile_scope
+);

app/config.php

@@ -0,0 +1,15 @@
+<?php
+function buildTree(array $messages, $parent_id)
+{
+    $result = array();
+    foreach ($messages as $message) {
+        if ($message['parent_id'] == $parent_id) {
+            $children = buildTree($messages, $message['id']);
+            if ($children) {
+                $message['children'] = $children;
+            }
+            $result[] = $message;
+        }
+    }
+    return $result;
+}

app/lib.php

@@ -0,0 +1,71 @@
+<?php
+require_once('config.php');
+
+class Message
+{
+    const MESSAGE_TYPE = 0; // message
+    const COMMENT_TYPE = 1; // comment of message/comment of comment
+
+    function __construct($user_id, $type, $parent_id, $text)
+    {
+        $created_at = date('Y-m-d H:i:s');
+
+        $this->id = 0;
+        $this->user_id = $user_id;
+        $this->type = $type;
+        $this->parent_id = $parent_id;
+        $this->text = $text;
+        $this->created_at = $created_at;
+    }
+
+    public function save()
+    {
+        $sql_query = "INSERT INTO messages (user_id,type,parent_id,text,created_at) VALUES (?,?,?,?,?)";
+        $stmt = mysqli_prepare(DB::getInstance(), $sql_query);
+        mysqli_stmt_bind_param($stmt, 'iiiss', $this->user_id, $this->type, $this->parent_id, $this->text, $this->created_at);
+        if (mysqli_stmt_execute($stmt)) {
+            $id = mysqli_stmt_insert_id($stmt);
+            $this->id = $id;
+        }
+    }
+
+    public static function get($message_id)
+    {
+        $result = [];
+        $query_result = mysqli_query(DB::getInstance(), "SELECT * FROM messages where id = $message_id LIMIT 1");
+        $rows = mysqli_fetch_assoc($query_result);
+        if ($rows) {
+            $result = $rows;
+        }
+        return $result;
+    }
+
+    public static function getAll()
+    {
+        $result = [];
+        $query_result = mysqli_query(DB::getInstance(), "select messages.*, users.first_name, users.last_name from messages" .
+            " left join users on messages.user_id = users.id" .
+            " ORDER BY messages.created_at ASC");
+        while ($row = mysqli_fetch_assoc($query_result)) {
+            $rows[] = $row;
+        }
+        if ($rows) {
+            $result = $rows;
+        }
+
+        return $result;
+    }
+
+    public static function updateText($id, $text)
+    {
+        $message = self::get($id);
+        $user = User::getAttributes();
+        if ($message AND $user AND $message['user_id'] == $user['user_id']) {
+            $sql_query = "UPDATE messages SET text = ? where id = ?";
+            $stmt = mysqli_prepare(DB::getInstance(), $sql_query);
+            mysqli_stmt_bind_param($stmt, 'ss', $text, $id);
+            mysqli_stmt_execute($stmt);
+            mysqli_stmt_close($stmt);
+        }
+    }
+}

app/message.php

@@ -0,0 +1,95 @@
+<?php
+require_once('config.php');
+require_once('lib.php');
+
+class User
+{
+    const ACCOUNT_TYPE_EMPTY = 0;
+    const ACCOUNT_TYPE_VK = 1;
+    const ACCOUNT_TYPE_FACEBOOK = 2;
+    const ACCOUNT_TYPE_GOOGLE = 3;
+
+    function __construct($account_type, $uid, $first_name, $last_name)
+    {
+        // ACCOUNT_TYPE_GOOGLE not implemented yet
+        if ($account_type != self::ACCOUNT_TYPE_VK AND 
+            $account_type != self::ACCOUNT_TYPE_FACEBOOK AND
+            $account_type != self::ACCOUNT_TYPE_GOOGLE) {
+            throw new Exception("Unsupported account type!");
+        }
+
+        $this->id = 0;
+        $this->uid = $uid;
+        $this->account_type = $account_type;
+        $this->first_name = $first_name;
+        $this->last_name = $last_name;
+
+        // save user to DB if user doesn't exist
+        if (!$this->isExist()) {
+            $this->saveToDb();
+        }
+    }
+
+    function authenticate()
+    {
+        $_SESSION['user'] = (array)$this;
+    }
+
+    static function isAuthenticate()
+    {
+        $result = false;
+        
+        if (isset($_SESSION['user']) && isset($_SESSION['user']['id'])) {
+            $result = true;
+        }
+        
+        return $result;
+    }
+
+    function isExist()
+    {
+        $result = false;
+        
+        $sql_query = "SELECT * FROM users where account_type = $this->account_type AND uid = $this->uid LIMIT 1";
+        $stmt = mysqli_prepare(DB::getInstance(), $sql_query);
+        $stmt->execute();
+        $res = $stmt->get_result();
+        $row = $res->fetch_assoc();
+        if ($row) {
+            $this->id = $row['id'];
+            // reset user name by db values
+            $this->first_name = $row['first_name'];
+            $this->last_name = $row['last_name'];
+            $result = true;
+        }
+        
+        return $result;
+    }
+
+    function saveToDb()
+    {
+        $sql_query = "INSERT INTO users (uid,account_type,first_name,last_name) VALUES (?,?,?,?)";
+        $stmt = mysqli_prepare(DB::getInstance(), $sql_query);
+        mysqli_stmt_bind_param($stmt, 'ssss', $this->uid, $this->account_type, $this->first_name, $this->last_name);
+        if (mysqli_stmt_execute($stmt)) {
+            $id = mysqli_stmt_insert_id($stmt);
+            $this->id = $id;
+        }
+    }
+    
+    static function getAttributes()
+    {
+        $result = [];
+        
+        if (isset($_SESSION['user'])) {
+            $user = $_SESSION['user'];
+            $result['user_id'] = $user['id'];
+            $result['account_type'] = $user['account_type'];
+            $result['full_name'] = $user['first_name'] . ' ' . $user['last_name'];
+            $result['first_name'] = $user['first_name'];
+            $result['last_name'] = $user['last_name'];
+        }
+        
+        return $result;
+    }
+}

app/user.php

@@ -0,0 +1,30 @@
+SET NAMES utf8;
+SET time_zone = '+00:00';
+SET foreign_key_checks = 0;
+SET sql_mode = 'NO_AUTO_VALUE_ON_ZERO';
+
+DROP TABLE IF EXISTS `messages`;
+CREATE TABLE `messages` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `user_id` int(11) NOT NULL,
+  `type` int(11) NOT NULL,
+  `parent_id` int(11) NOT NULL DEFAULT '0',
+  `text` text CHARACTER SET utf8 NOT NULL,
+  `created_at` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `updated_at` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf16;
+
+
+DROP TABLE IF EXISTS `users`;
+CREATE TABLE `users` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `uid` varchar(30) NOT NULL,
+  `account_type` int(11) NOT NULL,
+  `first_name` text NOT NULL,
+  `last_name` text NOT NULL,
+  `email` text NOT NULL,
+  `ip` text NOT NULL,
+  `hash` text NOT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;

app/webdev.sql

@@ -0,0 +1,49 @@
+<?php
+require_once('app/config.php');
+require_once('app/user.php');
+
+if( count($_GET) == 0){
+    header('Location: index.php');
+}
+
+if (isset($_GET['code'])) {
+    $result = false;
+    $params = array(
+        'client_id' => $facebook_app_id,
+        'client_secret' => $facebook_api_secure_key,
+        'code' => $_GET['code'],
+        'redirect_uri' => $facebook_api_redirect_uri
+    );
+    $url_with_params = $facebook_api_token_url . '?' . urldecode(http_build_query($params));
+    $content = file_get_contents($url_with_params);
+    // Warning: use only parse_str on get token step,
+    // because facebook return string NOT JSON
+    parse_str($content, $token);
+
+    if (isset($token['access_token'])) {
+        $params = array(
+            'access_token' => $token['access_token'],
+            'fields' => 'id,first_name,last_name'
+        );
+        $user_info_url = $facebook_api_user_info_url . '?' . urldecode(http_build_query($params));
+        $content = file_get_contents($user_info_url);
+        $user_info = json_decode($content, true);
+        if (isset($user_info['id'])) {
+            $result = true;
+        }
+    }
+
+    if ($result) {
+        try {
+            $user = new User(User::ACCOUNT_TYPE_FACEBOOK, $user_info['id'], $user_info['first_name'], $user_info['last_name']);
+        } catch (Exception $e) {
+            header('Location: index.php');
+        }
+        $user->authenticate();
+
+        // Redirect auth user to messages page
+        header('Location: messages.php');
+    } else {
+        header('Location: index.php');
+    }
+}