miguel456/spacejewel-ipn-communication
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add all code files from IDE

Browse Source
This commit is contained in:
Miguel Nogueira
2018-06-07 10:56:13 +00:00
commit 06fc7e5360
28 changed files with 4956 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

103
source/dbtools/Application.php Normal file
View File

@@ -0,0 +1,103 @@
<?php
class Application
{
private $database = [];
private $db;
public function __construct()
{
$config = new Config();
$this->database['username'] = $config['core']['database']['username'];
$this->database['password'] = $config['core']['database']['password'];
$this->database['hostname'] = $config['core']['database']['hostname'];
$this->database['dbname'] = $config['core']['database']['dbname'];
$this->db = instDB();
}
protected function instDB()
{
return \ParagonIE\EasyDB\Factory::create(
'mysql:host=' . $this->database['hostname'] . ';dbname=' . $this->database['dbname'],
$this->database['username'],
$this->database['password']
);
}
//
public function Exists($Table, $IDRowColumnName, $SearchValue)
{
$exists = $db->cell(
"SELECT count(ID) FROM $Table WHERE $IDRowColumnName = ?",
$SearhValue
);
// Query might not return what we're looking for, an integer. Use vardump if otherwise.
return ($exists == 1) ? true : false;
}
public function adminExists($AdminID)
{
$this->Exists("Administrators", "ID", $ID);
}
public function addAdministrator($Username, $Name, $Email, $Password, $KeyID)
{
$this->db->insert('Administrators', [
'AdministratorName' => $Name,
'AdministratorUsername' => $Username,
'AdministratorEmail' => $Email,
'AdministratorPassword' => $Password
]);
}
public function listAdminsByName($AdminUsername)
{
$Admin = $this->db->row(
"SELECT * FROM Administrators WHERE Username = ?",
$Username
);
}
public function addKey($AdminID, $Keyname)
{
$key = password_hash(openssl_random_pseudo_bytes(32), PASSWORD_BCYPT);
$this->db->insert('APIKeys', [
'AdminID' => $AdminID,
'Keyname' => $Keyname,
'Keytext' => $key
]);
return $key;
}
public function ApiKeyExists($AdminID)
{
$this->Exists("APIKeys", "AdminID", $AdminID);
}
public function ApiKeyToAdminId($Key)
{
$apiKey = $this->db->row(
"SELECT * FROM APIKeys WHERE Keytext = ?",
$Key
);
// Expecting an array. Var dump if else
if ($apiKey == null && !is_array($apiKey))
{
throw new LogicException("Illegal data from DB: ApiKeyToAdminId");
}
}
}

56
source/dbtools/ApplicationApiTools.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
// Because the key is hashed in the database for security, we can't verify it directly.
// Without hashing, verifaction could've been done in one step, but GDPR makes this an obligation.
/*
So this is like an application behind a password wall. Usually, keys aren't hashed and
verified directly using only it's text.
Due to GDPR, we are forced to obscure sensitive data like the user's APIKey.
*/
class ApplicationAPI extends Application
{
private $gDatabase;
private $AdminID;
public function __construct($AdminID)
{
$this->AdminID = $AdminID;
$this->gDatabase = parent::instDB();
if (!$this->ApiKeyExists($AdminID))
{
throw new LogicException("This administrator doesn't have an API key.");
}
}
private function getKeyRecord()
{
$AdminID = $this->AdminID;
$record = $this->gDatabase->row(
"SELECT * FROM APIKeys WHERE AdminID = ?",
$AdminID
);
return $record;
}
public function keysMatch($givenKey)
{
return (password_verify($givenKey, $this->getKeyRecord()['Keytext'])) ? true : false;
}
}

97
source/dbtools/Customer.php Normal file
View File

@@ -0,0 +1,97 @@
<?php
class Customer extends Application
{
private $Virtualmin;
public function __construct()
{
parent::_construct();
$this->Virtualmin = new VirtualminHandler();
}
// By default, this function sets the customer as inactive (e.g. newly created, awating payment)
// Returns the customer's hosting password
public function newCustomer($Domain, $Name, $Email, $CheckoutID, $SubscriptionStatus, $Package, $PaddleSubscriptionID, $SystemStatus, $GDPRConsent, $hasVirtualServer = false, $attachedVServerID = null)
{
$passwordFactory = new RandomLib\Factory();
$pGen = $passwordFactory->getLowStrengthGenerator();
$this->db->insert('Customers', [
'CustomerName' => $Name,
'CustomerEmail' => $Email,
'CustomerCheckoutID' => $CheckoutID,
'Package' => $Package,
'SubscriptionStatus' => $SubscriptionStatus,
'PaddleSubscriptionID' => $PaddleSubscriptionID,
'SystemStatus' => $SystemStatus,
'GDPRConsent' => $GDPRConsent,
'hasVirtualServer' => $hasVirtualServer,
'attachedVServerID' => $attachedVServerID,
'PAC' => $pGen->generate(4)
]);
$cPassword = $pGen->generate(16);
$this->Virtualmin->CreateVirtualServer($Domain, $cPassword);
return $cPassword;
}
public function updateCustomerInformation($CustomerID, $UpdateField, $NewValue)
{
$db->update('Customers', [
$UpdateField => $NewValue
], [
'ID' => $CustomerID
]);
}
public function eraseCustomer($CustomerID)
{
// Virtualmin: Delete virutal server attached to customer
$db->delete('Customers', [
'ID' => $CustomerID
]);
}
public function listCustomersByEmail($CEmail)
{
$Customer = $this->db->row(
"SELECT * FROM Customers WHERE CustomerEmail = ?",
$CEmail
);
return $Customer
}
public function translateEmailToID($Email)
{
$Customer = $this->listCustomersByEmail($Email);
return $Customer['ID'];
}
public function customerExists($CustomerEmail)
{
return $this->Exists("Customers", "CustomerEmail", $CustomerEmail);
}
public function getCustomerGDPRConsent($CustomerEmail)
{
$Customer = $this->listCustomersByEmail($CustomerEmail);
// assume this returns an array. do var_dump($Customer) if not
return $Customer['GDPRConsent'];
}
public function populate
}