diff --git a/README.md b/README.md
index ca62fa1..3e54c9b 100644
--- a/README.md
+++ b/README.md
@@ -5,8 +5,7 @@
* Status: Dev
* Object : Massive LXC CT deploy system for proxmox hypervisor.
-
-## Quick start (testings)
+## Quick start
### Requirement:
* A proxmox server
diff --git a/code/scripts/main/api/v1/__pycache__/api.cpython-35.pyc b/code/scripts/main/api/v1/__pycache__/api.cpython-35.pyc
index 18113a7..2ae54dc 100644
Binary files a/code/scripts/main/api/v1/__pycache__/api.cpython-35.pyc and b/code/scripts/main/api/v1/__pycache__/api.cpython-35.pyc differ
diff --git a/code/scripts/main/core/__pycache__/core.cpython-35.pyc b/code/scripts/main/core/__pycache__/core.cpython-35.pyc
index d2b943c..adbbb06 100644
Binary files a/code/scripts/main/core/__pycache__/core.cpython-35.pyc and b/code/scripts/main/core/__pycache__/core.cpython-35.pyc differ
diff --git a/code/scripts/main/core/libs/__pycache__/hcrypt.cpython-35.pyc b/code/scripts/main/core/libs/__pycache__/hcrypt.cpython-35.pyc
index a2ad868..5579b14 100644
Binary files a/code/scripts/main/core/libs/__pycache__/hcrypt.cpython-35.pyc and b/code/scripts/main/core/libs/__pycache__/hcrypt.cpython-35.pyc differ
diff --git a/code/scripts/main/core/modules/__pycache__/mod_access.cpython-35.pyc b/code/scripts/main/core/modules/__pycache__/mod_access.cpython-35.pyc
index ab66529..82923a1 100644
Binary files a/code/scripts/main/core/modules/__pycache__/mod_access.cpython-35.pyc and b/code/scripts/main/core/modules/__pycache__/mod_access.cpython-35.pyc differ
diff --git a/code/scripts/main/core/modules/__pycache__/mod_analyst.cpython-35.pyc b/code/scripts/main/core/modules/__pycache__/mod_analyst.cpython-35.pyc
index be218d8..c15385f 100644
Binary files a/code/scripts/main/core/modules/__pycache__/mod_analyst.cpython-35.pyc and b/code/scripts/main/core/modules/__pycache__/mod_analyst.cpython-35.pyc differ
diff --git a/code/scripts/main/core/modules/__pycache__/mod_database.cpython-35.pyc b/code/scripts/main/core/modules/__pycache__/mod_database.cpython-35.pyc
index a7a3964..9117709 100644
Binary files a/code/scripts/main/core/modules/__pycache__/mod_database.cpython-35.pyc and b/code/scripts/main/core/modules/__pycache__/mod_database.cpython-35.pyc differ
diff --git a/code/scripts/main/core/modules/__pycache__/mod_proxmox.cpython-35.pyc b/code/scripts/main/core/modules/__pycache__/mod_proxmox.cpython-35.pyc
index 3b67846..5d0c521 100644
Binary files a/code/scripts/main/core/modules/__pycache__/mod_proxmox.cpython-35.pyc and b/code/scripts/main/core/modules/__pycache__/mod_proxmox.cpython-35.pyc differ
diff --git a/code/scripts/main/core/modules/mod_access.py b/code/scripts/main/core/modules/mod_access.py
index 5499a53..78c825a 100644
--- a/code/scripts/main/core/modules/mod_access.py
+++ b/code/scripts/main/core/modules/mod_access.py
@@ -8,7 +8,6 @@ Minimum version require: 3.4
import os
from Crypto.PublicKey import RSA
import hashlib
-import codecs
def encodepassphrase(passphrase):
return hashlib.sha512(passphrase.encode("UTF-8")).hexdigest()
@@ -97,7 +96,7 @@ class CryticalData:
else:
result_encrypt = {
"result": "OK",
- "data": codecs.encode(self.public_key.encrypt(mutable_bytes, 32)[0], 'base64')
+ "data": self.public_key.encrypt(data.encode("utf-8"), 64)
}
except BaseException as e:
result_encrypt = {
diff --git a/code/scripts/main/startup.py b/code/scripts/main/startup.py
index 81f4257..6a6242c 100644
--- a/code/scripts/main/startup.py
+++ b/code/scripts/main/startup.py
@@ -62,12 +62,7 @@ if __name__ == "__main__":
exit(1)
key_pub = CritConf.read_public_key(localconf['system']['key_pub'])
- """
- crypttest=CritConf.data_encryption("ploopp")
- print(type(crypttest['data']))
- print(CritConf.data_decryption(crypttest['data']))
- exit(0)
- """
+
# URL MAPPING
urls = \
(
@@ -81,7 +76,7 @@ if __name__ == "__main__":
'/api/v1/instance/([0-9]+)/vhost(?:/([0-9]+))', 'vhost',
'/api/v1/instance/([0-9]+)/database(?:/([0-9]+))', 'database',
- # MAPPIN NODES
+ # MAPPING NODES
'/api/v1/node(?:/([0-9]+))', 'node',
# MAPPING SERVICES
diff --git a/code/web/backend/.htaccess b/code/web/backend/.htaccess
deleted file mode 100644
index 874120d..0000000
--- a/code/web/backend/.htaccess
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is - if you set up HUGE correctly - not needed.
-# But, for fallback reasons (if you don't route your vhost to /public), it will stay here.
-RewriteEngine on
-RewriteRule ^(.*) public/$1 [L]
diff --git a/code/web/backend/.scrutinizer.yml b/code/web/backend/.scrutinizer.yml
deleted file mode 100644
index 2bbc927..0000000
--- a/code/web/backend/.scrutinizer.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-# This file just tells the wonderful code quality analyzer Scrutinizer (https://scrutinizer-ci.com/g/panique/huge/)
-# that we are using external services (Travis) to generate code coverage stats
-# TODO is this correct ?
-tools:
- external_code_coverage: true
\ No newline at end of file
diff --git a/code/web/backend/.travis.yml b/code/web/backend/.travis.yml
deleted file mode 100644
index 45ab715..0000000
--- a/code/web/backend/.travis.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-language: php
-
-php:
- - 5.5
- - 5.6
- - hhvm
-
-before_install:
-- sudo apt-get update > /dev/null
-
-before_script:
- - sudo apt-get install apache2
- - sudo a2enmod rewrite
- # configure apache virtual hosts, create vhost via travis-ci-apache file template
- - sudo cp -f travis-ci-apache /etc/apache2/sites-available/default
- - sudo sed -e "s?%TRAVIS_BUILD_DIR%?$(pwd)?g" --in-place /etc/apache2/sites-available/default
- - sudo service apache2 restart
- # composer
- - composer self-update
- - composer install --prefer-source --no-interaction --dev
- # go to tests folder
- - cd tests
-
-# run unit tests, create result file
-script: phpunit --configuration phpunit.xml --coverage-text --coverage-clover=coverage.clover
-
-# gets tools from Scrutinizer, uploads unit tests results to Scrutinizer (?)
-after_script:
- - wget https://scrutinizer-ci.com/ocular.phar
- - php ocular.phar code-coverage:upload --format=php-clover coverage.clover
\ No newline at end of file
diff --git a/code/web/backend/CHANGELOG.md b/code/web/backend/CHANGELOG.md
deleted file mode 100644
index 656016f..0000000
--- a/code/web/backend/CHANGELOG.md
+++ /dev/null
@@ -1,72 +0,0 @@
-# CHANGE LOG
-
-For the newest (und unstable) version always check the develop branch.
-
-## 3.1
-
-Code Quality at Scrutinizer 9.7/10, at Code Climate 3.9/4
-
-**February 2015**
-
-- [panique] several code quality improvements (and line reductions :) ) all over the project
-- [PR](https://github.com/panique/huge/pull/620) [owenr88] view rending now possible with multiple view files
-- [panique] lots of code refactorings and simplifications all over the project
-- [PR](https://github.com/panique/huge/pull/615) [Dominic28] Avatar can now be deleted by the user
-- [panique] First Unit tests :)
-- [panique] several code quality improvements all over the project
-- [panique] avatarModel code improvements
-- [panique] renamed AccountType stuff to UserRole, minor changes
-
-## 3.0
-
-Code Quality at Scrutinizer 9.3/10, at Code Climate 3.9/4
-
-**February 2015**
-
-- [panique] removed duplicate code in AccountTypeModel
-- [PR](https://github.com/panique/huge/pull/587) [upperwood] Facebook stuff completely removed from SQL
-- [panique] tiny text changes
-
-**January 2015**
-
-- [panique] added static Text class (gets the messages etc)
-- [panique] added static Environment class (get the environment)
-- [panique] added static Config class (gets config easily and according to environment)
-- [panique] new styling of the entire project: login/index has new look now
-- [panique] massive refactoring of all model classes: lots of methods have been organized into other model classes
-- [panique] massive refactoring of all model classes: all methods are static now
-- [panique] EXPERIMENTAL: added static database call / DatabaseFactory, rebuild NoteModel with static methods
-- [panique] massive refactoring of mail sending, (chose between PHPMailer, SwiftMailer, native / SMTP or no SMTP)
-
-**December 2014**
-
-- [panique] lots of refactorings
-- [panique] refactored LoginModel'S login() method / LoginController's login() method
-- [panique] removed COOKIE_DOMAIN (cookie is now valid on the domain/IP it has been created on)
-- [panique] Abstracting super-globals like $_POST['x'] into Request::post('x')
-- [panique] entirely removed all the Facebook stuff [will be replaced by new proper Oauth2 solution soon]
-- [panique] lots of code refactorings and cleaning, deletions of duplicate code
-- [panique] moving nearly all hardcoded values to config
-- [panique] new View handling: you'll have to pass vars to the view renderer now
-- [panique] completely removed Facebook login process from controller (incomplete) [will be replaced by new solution]
-- [panique] less config, URL/IP is auto-detected now
-- [panique] added loadConfig() to load a specific config according to environment setting (fallback: development)
-- [panique] added getEnvironment() to fetch (potential) environment setting
-- [panique] replaced native super-globals access by wrapper access (Session:get instead of $_SESSION)
-- [panique] complete frontend rebuilding (incomplete yet)
-- [panique] massive cleaning of all controllers
-- [panique] added Session::add() to allow stacking of elements (useful for collecting feedback, errors etc)
-- [panique] complete rebuild of model handling
-- [panique] View can now render(), renderWithoutHeaderFooter() and renderJSON
-- [panique] using Composer's PSR-4 autoloader (in a very basic way currently)
-- [panique] DB construction needs now port by default
-- [panique] removed (semi-optional) hashing cost factor (as it's redundant usually)
-- [panique] email max limit increased to 254/255 (official number)
-- [panique] simpler and improved core
-- [panique] improved architecture, controllers are now named like "IndexController"
-- [panique] moved index.php to /public folder, new .htaccess, new installation guideline
-- [panique] MVC naming fixes
-- [nerdalertdk] betters paths, automatic paths
-- [panique] removed legacy PHP stuff: 5.5.x is now the minimum
-- [PR](https://github.com/panique/php-login/pull/503) [Malkleth] allow users to request password reset by inputting email as well as user names
-- [PR](https://github.com/panique/php-login/pull/516) [pein0119] cookie runtime calculation fix
diff --git a/code/web/backend/README.md b/code/web/backend/README.md
deleted file mode 100644
index bb50a7f..0000000
--- a/code/web/backend/README.md
+++ /dev/null
@@ -1,353 +0,0 @@
-[](http://www.php-login.net)
-
-# HUGE
-
-[](https://scrutinizer-ci.com/g/panique/huge/?branch=master)
-[](https://codeclimate.com/github/panique/huge)
-[](https://travis-ci.org/panique/huge)
-[](https://www.versioneye.com/user/projects/54ca11fbde7924f81a000010)
-
-Just a simple user authentication solution inside a super-simple framework skeleton that works out-of-the-box
-(and comes with an auto-installer), using the future-proof official bcrypt password hashing/salting implementation of
-PHP 5.5+, plus some nice features that will speed up the time from idea to first usable prototype application
-dramatically. Nothing more. This project has its focus on hardcore simplicity. Everything is as simple as possible,
-made for smaller projects, typical agency work and quick pitch drafts. If you want to build massive corporate
-applications with all the features modern frameworks have, then have a look at [Laravel](http://laravel.com),
-[Symfony](http://symfony.com) or [Yii](http://www.yiiframework.com), but if you just want to quickly create something
-that just works, then this script might be interesting for you.
-
-HUGE's simple-as-possible architecture was inspired by several conference talks, slides and articles about huge
-applications that - surprisingly and intentionally - go back to the basics of programming, using procedural programming,
-static classes, extremely simple constructs, not-totally-DRY code etc. while keeping the code extremely readable
-([StackOverflow](http://www.dev-metal.com/architecture-stackoverflow/), Wikipedia, SoundCloud).
-
-Buzzwords: [KISS](http://en.wikipedia.org/wiki/KISS_principle), [YASNI](http://en.wikipedia.org/wiki/You_aren%27t_gonna_need_it).
-
-#### Quick-Index
-
-+ [Features](#features)
-+ [Live-Demo](#live-demo)
-+ [Support](#support)
-+ [Follow the project](#follow)
-+ [License](#license)
-+ [Requirements](#requirements)
-+ [Auto-Installation](#auto-installation)
- - [Auto-Installation in Vagrant](#auto-installation-vagrant)
- - [Auto-Installation in Ubuntu 14.04 LTS server](#auto-installation-ubuntu)
-+ [Installation (Ubuntu 14.04 LTS)](#installation)
- - [Quick Installation](#quick-installation)
- - [Detailed Installation](#detailed-installation)
-+ [Documentation](#documentation)
-+ [Why is there no support forum anymore ?](#why-no-support-forum)
-+ [Zero tolerance for idiots, trolls and vandals](#zero-tolerance)
-+ [Contribute](#contribute)
-+ [Report a bug](#bug-report)
-
-### The History of HUGE
-
-This script was formerly named "php-login" and by far the most popular version of the 4 simple PHP user auth
-scripts of [The PHP Login Project](http://www.php-login.net) (a collection of simple login scripts, made to prevent
-people from using totally outdated and insecure MD5 password hashing, which was still very popular in the PHP world
-back in 2012).
-
-Why the name "HUGE" ? It's a nice combination to
-[TINY](https://github.com/panique/tiny),
-[MINI](https://github.com/panique/mini) and
-[MINI2](https://github.com/panique/mini2), my other projects :)
-
-### Features
-* built with the official PHP password hashing functions, fitting the most modern password hashing/salting web standards
-* users can register, login, logout (with username, email, password)
-* [planned: OAuth2 implementation for proper future-proof 3rd party auth]
-* password-forget / reset
-* remember-me (login via cookie)
-* account verification via mail
-* captcha
-* failed-login-throttling
-* user profiles
-* account upgrade / downgrade
-* supports local avatars and remote Gravatars
-* supports native mail and SMTP sending (via PHPMailer and other tools)
-* uses PDO for database access for sure, has nice DatabaseFactory (in case your project goes big)
-* uses URL rewriting ("beautiful URLs")
-* proper split of application and public files (requests only go into /public)
-* uses Composer to load external dependencies (PHPMailer, Captcha-Generator, etc.)
-* fits PSR-0/1/2/4 coding guidelines
-* masses of comments
-* is actively developed, maintained and bug-fixed
-
-### Live-Demo
-
-See a [live demo here](http://demo-huge.php-login.net) and [the server's phpinfo() here](http://demo-huge.php-login.net/info.php).
-
-### Support the project
-
-There a lot of work behind this project. I might save you hundreds, maybe thousands of hours of work (calculate that
-in developer costs). So when you are earning money by using HUGE, be fair and give something back to open-source.
-HUGE is totally free to private and commercial use.
-
-TODO new banners
-
-[](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=P5YLUK4MW3LDG)
-[](https://affiliates.a2hosting.com/idevaffiliate.php?id=4471&url=579)
-
-You can also rent your next $5 server at [Virpus](http://my.virpus.com/aff.php?aff=1836) or [DigitalOcean](https://www.digitalocean.com/?refcode=40d978532a20)
-or donate via [PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=P5YLUK4MW3LDG).
-
-Also feel free to contribute to this project.
-
-### Follow the project
-
-Here on **[Twitter](https://twitter.com/simplephplogin)** or **[Facebook](https://www.facebook.com/pages/PHP-Login-Script/461306677235868)**.
-I'm also blogging at **[Dev Metal](http://www.dev-metal.com)**.
-
-### License
-
-Licensed under [MIT](http://www.opensource.org/licenses/mit-license.php).
-Totally free for private or commercial projects.
-
-### Requirements
-
-Make sure you know the basics of object-oriented programming and MVC, are able to use the command line and have
-used Composer before. This script is not for beginners.
-
-* **PHP 5.5+**
-* **MySQL 5** database (better use versions 5.5+ as very old versions have a [PDO injection bug](http://stackoverflow.com/q/134099/1114320)
-* installed PHP extensions: pdo, gd, openssl (the install guideline shows how to do)
-* installed tools on your server: git, curl, composer (the install guideline shows how to do)
-* for professional mail sending: an SMTP account (I use [SMTP2GO](http://www.smtp2go.com/?s=devmetal))
-* activated mod_rewrite on your server (the install guideline shows how to do)
-
-### Auto-Installations
-
-Yo, fully automatic. Why ? Because I always hated it to spend days trying to find out how to install a thing.
-This will save you masses of time and nerves. Donate a coffee if you like it.
-
-#### Auto-Installation (in Vagrant)
-
-If you are using Vagrant for your development, then simply
-
-1. Add the official Ubuntu 14.04 LTS box to your Vagrant: `vagrant box add ubuntu/trusty64`
-2. Move *Vagrantfile* and *bootstrap.sh* (from *_one-click-installation* folder) to a folder where you want to initialize your project.
-3. Do `vagrant up` in that folder.
-
-5 minutes later you'll have a fully installed HUGE inside Ubuntu 14.04 LTS. The full code will be auto-synced with
-the current folder. MySQL root password and the PHPMyAdmin root password are set to *12345678*. By default
-192.168.33.111 is the IP of your new box.
-
-#### Auto-Installation in a naked Ubuntu 14.04 LTS server
-
-Extremely simple installation in a fresh and naked typical Ubuntu 14.04 LTS server:
-
-Download the installer script
-```bash
-wget https://raw.githubusercontent.com/panique/huge/master/_one-click-installation/bootstrap.sh
-```
-
-Make it executable
-```bash
-chmod +x bootstrap.sh
-```
-
-Run it! Give it some minutes to perform all the tasks. And yes, you can thank me later :)
-```bash
-sudo ./bootstrap.sh
-```
-### Installation
-
-This script is very fresh, so the install guidelines are not perfect yet.
-
-#### Quick guide:
-
-0. Make sure you have Apache, PHP, MySQL installed. [Tutorial](http://www.dev-metal.com/installsetup-basic-lamp-stack-linux-apache-mysql-php-ubuntu-14-04-lts/).
-1. Clone the repo to a folder on your server
-2. Activate mod_rewrite, route all traffic to application's /public folder. [Tutorial](http://www.dev-metal.com/enable-mod_rewrite-ubuntu-14-04-lts/).
-3. Edit application/config: Set your database credentials
-4. Execute SQL statements from application/_installation to setup database tables
-5. [Install Composer](http://www.dev-metal.com/install-update-composer-windows-7-ubuntu-debian-centos/),
- run `Composer install` on application's root folder to install dependencies
-6. Make avatar folder (application/public/avatars) writable
-7. For proper email usage: Set SMTP credentials in config file, set EMAIL_USE_SMTP to true
-
-"Email does not work" ? See the troubleshooting below. TODO
-
-#### Detailed guide (Ubuntu 14.04 LTS):
-
-This is just a quick guideline for easy setup of a development environment!
-
-Make sure you have Apache, PHP 5.5+ and MySQL installed. [Tutorial here](http://www.dev-metal.com/installsetup-basic-lamp-stack-linux-apache-mysql-php-ubuntu-14-04-lts/).
-Nginx will work for sure too, but no install guidelines are available yet.
-
-Edit vhost to make clean URLs possible and route all traffic to /public folder of your project:
-```bash
-sudo nano /etc/apache2/sites-available/000-default.conf
-```
-
-and make the file look like
-```
-
- DocumentRoot "/var/www/html/public"
-
- AllowOverride All
- Require all granted
-
-
-```
-
-Enable mod_rewrite and restart apache.
-```bash
-sudo a2enmod rewrite
-service apache2 restart
-```
-
-Install curl (needed to use git), openssl (needed to clone from GitHub, as github is https only),
-PHP GD, the graphic lib (we create captchas and avatars), and git.
-```bash
-sudo apt-get -y install curl
-sudo apt-get -y install php5-curl
-sudo apt-get -y install openssl
-sudo apt-get -y install php5-gd
-sudo apt-get -y install git
-```
-
-git clone HUGE
-```bash
-sudo git clone https://github.com/panique/huge "/var/www/html"
-```
-
-Install Composer
-```bash
-curl -s https://getcomposer.org/installer | php
-mv composer.phar /usr/local/bin/composer
-```
-
-Go to project folder, load Composer packages (--dev is optional, you know the deal)
-```bash
-cd /var/www/html
-composer install --dev
-```
-
-Execute the SQL statements. Via phpmyadmin or via the command line for example. 12345678 is the example password.
-Note that this is written without a space.
-```bash
-sudo mysql -h "localhost" -u "root" "-p12345678" < "/var/www/html/application/_installation/01-create-database.sql"
-sudo mysql -h "localhost" -u "root" "-p12345678" < "/var/www/html/application/_installation/02-create-table-users.sql"
-sudo mysql -h "localhost" -u "root" "-p12345678" < "/var/www/html/application/_installation/03-create-table-notes.sql"
-```
-
-Make avatar folder writable
-```bash
-sudo chmod 0777 -R "/var/www/html/public/avatars"
-```
-
-Remove Apache's default demo file
-```bash
-sudo rm "/var/www/html/index.html"
-```
-
-Edit the application's config in application/config.development.php and put in your database credentials.
-
-Last part (not needed for a first test): Set your SMTP credentials in the same file and set EMAIL_USE_SMTP to true, so
-you can send proper emails. It's highly recommended to use SMTP for mail sending! Native sending via PHP's mail() will
-not work in nearly every case (spam blocking). I use [SMTP2GO](http://www.smtp2go.com/?s=devmetal).
-
-Then check your server's IP / domain. Everything should work fine.
-
-#### Testing with demo user
-
-By default HUGE has a demo-user: username is `demo`, password is `12345678`. The user is already activated.
-
-### What the hell are .travis.yml, .scrutinizer.yml etc. ?
-
-There are several files in the root folder of the project that might be irritating:
-
- - *.htaccess* (optionally) routes all traffic to /public/index.php! If you installed this project correctly, then this
- file is not necessary, but as lots of people have problems setting up the vhost correctly, .htaccess it still there
- to increase security, even on partly-broken-installations.
- - *.scrutinizer.yml* (can be deleted): Configs for the external code quality analyzer Scrutinizer, just used here on
- GitHub, you don't need this for your project.
- - *.travis.yml* (can be deleted): Same like above. Travis is an external service that creates installations of this
- repo after each code change to make sure everything runs fine. Also runs the unit tests. You don't need this inside
- your project.
- - *composer.json* (important): You should know what this does. ;) This file says what external dependencies are used.
- - *travis-ci-apache* (can be deleted): Config file for Travis, see above, so Travis knows how to setup the Apache.
-
-*README* and *CHANGELOG* are self-explaining.
-
-#### Documentation
-
-A real documentation is in the making. Until then, please have a look at the code and use your IDE's code completion
-features to get an idea how things work, it's quite obvious when you look at the controller files, the model files and
-how data is shown in the view files. A big sorry that there's no documentation yet, but time is rare :)
-
- TODO: Full documentation
- TODO: Basic examples on how to do things
-
-### Why is there no support forum (anymore) ?
-
-There were two (!) support forums for v1 and v2 of this project (HUGE is v3), and both were vandalized by people who
-didn't even read the readme and / or the install guidelines. Most asked question was "script does not work plz help"
-without giving any useful information (like code or server setup or even the version used). While I'm writing these
-lines somebody just asked via Twitter "how to install without Composer". You know what I mean :) ... Beside, 140
-characters on Twitter are not a clever way to ask for / describe a complex development situation. 99% of the questions
-were not necessary if the people would had read the guidelines, do a minimal research on their own or would stop making
-things so unnecessarily complicated. And even when writing detailed answers most of them still messed it up, resulting
-in rants and complaints (for free support for a free software!). It was just frustrating to deal with this every day,
-especially when people take it for totally granted that *it's the duty* of open-source developers to give detailed,
-free and personal support for every "plz help"-request.
-
-So I decided to completely stop any free support. For serious questions about real problems inside the script please
-use the GitHub issues feature.
-
-### Zero tolerance for idiots, trolls and vandals!
-
-Harsh words, but as basically every public internet project gets harassed, vandalized and trolled these days by very
-strange people it's necessary: Some simple rules.
-
-1. Respect that this is just a simple script written by unpaid volunteers in their free-time.
- This is NOT business-software you've bought for $10.000.
- There's no reason to complain (!) about free open-source software. The attitude against free software
- is really frustrating these days, people take everything for granted without realizing the work behind it, and the
- fact they they get serious software totally for free, saving thousands of dollars. If you don't like it, then don't
- use it. If you want a feature, try to take part in the process, maybe even build it by yourself and add it to the
- project! Be nice and respectful. Constructive criticism is for sure always welcome!
-
-2. Don't bash, don't hate, don't spam, don't vandalize. Don't ask for personal free support, don't ask if somebody
- could do your work for you. Before you ask something, make sure you've read the README, followed every tutorial,
- double-checked the code and tried to solve the problem by yourself.
-
-Trolls and very annoying people will get a permanent ban / block. GitHub has a very powerful anti-abuse team.
-
-### Contribute
-
-Please commit only in *develop* branch. The *master* branch will always contain the stable version.
-
-### Found a bug (Responsible Disclosure) ?
-
-Due to the possible consequences when publishing a bug on a public open-source project I'd kindly ask you to send really
-big bugs to my email address, not posting this here. If the bug is not interesting for attackers: Feel free to create
-an normal GitHub issue.
-
-### Current and further development
-
-See active issues and requested features here:
-https://github.com/panique/huge/issues?state=open
-
-### Useful links
-
-- [How to use PDO](http://wiki.hashphp.org/PDO_Tutorial_for_MySQL_Developers)
-- [A short guideline on how to use the PHP 5.5 password hashing functions and its PHP 5.3 & 5.4 implementations](http://www.dev-metal.com/use-php-5-5-password-hashing-functions/)
-- [How to setup latest version of PHP 5.5 on Ubuntu 12.04 LTS](http://www.dev-metal.com/how-to-setup-latest-version-of-php-5-5-on-ubuntu-12-04-lts/)
-- [How to setup latest version of PHP 5.5 on Debian Wheezy 7.0/7.1 (and how to fix the GPG key error)](http://www.dev-metal.com/setup-latest-version-php-5-5-debian-wheezy-7-07-1-fix-gpg-key-error/)
-- [Notes on password & hashing salting in upcoming PHP versions (PHP 5.5.x & 5.6 etc.)](https://github.com/panique/huge/wiki/Notes-on-password-&-hashing-salting-in-upcoming-PHP-versions-%28PHP-5.5.x-&-5.6-etc.%29)
-- [Some basic "benchmarks" of all PHP hash/salt algorithms](https://github.com/panique/huge/wiki/Which-hashing-&-salting-algorithm-should-be-used-%3F)
-- [How to prevent PHP sessions being shared between different apache vhosts / different applications](http://www.dev-metal.com/prevent-php-sessions-shared-different-apache-vhosts-different-applications/)
-
-### Side-facts
-
-1. Weird! When I renamed php-login to HUGE (to get rid off the too generic project name and to make it fitting nicely
- to MINI, TINY and MINI2, my other projects) I had a research if the word "huge" is already used in the php world for
- sure. Nothing came up. Then, weeks later, I stumbled upon this: https://github.com/ffremont/HugeRest
- I nice little framework in PHP, but it has only 1 star on Github, so it's obviously not so widely used. Looks very
- professional, too. Hmm.... The guy behind published the entire readme etc. in pure french (!), so it's hard to use
- for non-french-speaking people. However, I'm not related to him in any way, this is pure coincidence.
diff --git a/code/web/backend/_one-click-installation/Vagrantfile b/code/web/backend/_one-click-installation/Vagrantfile
deleted file mode 100644
index 0477872..0000000
--- a/code/web/backend/_one-click-installation/Vagrantfile
+++ /dev/null
@@ -1,22 +0,0 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
-VAGRANTFILE_API_VERSION = "2"
-
-Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
-
- # Every Vagrant virtual environment requires a box to build off of.
- config.vm.box = "ubuntu/trusty64"
-
- # Create a private network, which allows host-only access to the machine using a specific IP.
- config.vm.network "private_network", ip: "192.168.33.111"
-
- # Share an additional folder to the guest VM. The first argument is the path on the host to the actual folder.
- # The second argument is the path on the guest to mount the folder.
- config.vm.synced_folder "./", "/var/www/html"
-
- # Define the bootstrap file: A (shell) script that runs after first setup of your box (= provisioning)
- config.vm.provision :shell, path: "bootstrap.sh"
-
-end
diff --git a/code/web/backend/_one-click-installation/bootstrap.sh b/code/web/backend/_one-click-installation/bootstrap.sh
deleted file mode 100644
index f9b7533..0000000
--- a/code/web/backend/_one-click-installation/bootstrap.sh
+++ /dev/null
@@ -1,83 +0,0 @@
-#!/usr/bin/env bash
-
-# Use single quotes instead of double quotes to make it work with special-character passwords
-PASSWORD='12345678'
-PROJECTFOLDER='myproject'
-
-# create project folder
-sudo mkdir "/var/www/html/${PROJECTFOLDER}"
-
-sudo apt-get update
-sudo apt-get -y upgrade
-
-sudo apt-get install -y apache2
-sudo apt-get install -y php5
-
-sudo debconf-set-selections <<< "mysql-server mysql-server/root_password password $PASSWORD"
-sudo debconf-set-selections <<< "mysql-server mysql-server/root_password_again password $PASSWORD"
-sudo apt-get -y install mysql-server
-sudo apt-get install php5-mysql
-
-sudo debconf-set-selections <<< "phpmyadmin phpmyadmin/dbconfig-install boolean true"
-sudo debconf-set-selections <<< "phpmyadmin phpmyadmin/app-password-confirm password $PASSWORD"
-sudo debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/admin-pass password $PASSWORD"
-sudo debconf-set-selections <<< "phpmyadmin phpmyadmin/mysql/app-pass password $PASSWORD"
-sudo debconf-set-selections <<< "phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2"
-sudo apt-get -y install phpmyadmin
-
-# setup hosts file
-VHOST=$(cat <
- DocumentRoot "/var/www/html/${PROJECTFOLDER}/public"
-
- AllowOverride All
- Require all granted
-
-
-EOF
-)
-echo "${VHOST}" > /etc/apache2/sites-available/000-default.conf
-
-# enable mod_rewrite
-sudo a2enmod rewrite
-
-# restart apache
-service apache2 restart
-
-# install curl (needed to use git afaik)
-sudo apt-get -y install curl
-sudo apt-get -y install php5-curl
-
-# install openssl (needed to clone from GitHub, as github is https only)
-sudo apt-get -y install openssl
-
-# install PHP GD, the graphic lib (we create captchas and avatars)
-sudo apt-get -y install php5-gd
-
-# install git
-sudo apt-get -y install git
-
-# git clone HUGE
-sudo git clone https://github.com/panique/huge "/var/www/html/${PROJECTFOLDER}"
-
-# install Composer
-curl -s https://getcomposer.org/installer | php
-mv composer.phar /usr/local/bin/composer
-
-# go to project folder, load Composer packages
-cd "/var/www/html/${PROJECTFOLDER}"
-composer install --dev
-
-# run SQL statements from install folder
-sudo mysql -h "localhost" -u "root" "-p${PASSWORD}" < "/var/www/html/${PROJECTFOLDER}/application/_installation/01-create-database.sql"
-sudo mysql -h "localhost" -u "root" "-p${PASSWORD}" < "/var/www/html/${PROJECTFOLDER}/application/_installation/02-create-table-users.sql"
-sudo mysql -h "localhost" -u "root" "-p${PASSWORD}" < "/var/www/html/${PROJECTFOLDER}/application/_installation/03-create-table-notes.sql"
-
-# writing rights to avatar folder
-sudo chmod 0777 -R "/var/www/html/${PROJECTFOLDER}/public/avatars"
-
-# remove Apache's default demo file
-sudo rm "/var/www/html/index.html"
-
-# final feedback
-echo "Voila!"
diff --git a/code/web/backend/_pictures/huge-logo.png b/code/web/backend/_pictures/huge-logo.png
deleted file mode 100644
index 2cebaad..0000000
Binary files a/code/web/backend/_pictures/huge-logo.png and /dev/null differ
diff --git a/code/web/backend/_pictures/support-via-a2hosting.png b/code/web/backend/_pictures/support-via-a2hosting.png
deleted file mode 100644
index 33e70bd..0000000
Binary files a/code/web/backend/_pictures/support-via-a2hosting.png and /dev/null differ
diff --git a/code/web/backend/_pictures/support-via-paypal.png b/code/web/backend/_pictures/support-via-paypal.png
deleted file mode 100644
index c08885b..0000000
Binary files a/code/web/backend/_pictures/support-via-paypal.png and /dev/null differ
diff --git a/code/web/backend/application/_installation/01-create-database.sql b/code/web/backend/application/_installation/01-create-database.sql
deleted file mode 100644
index e0ffe92..0000000
--- a/code/web/backend/application/_installation/01-create-database.sql
+++ /dev/null
@@ -1 +0,0 @@
-CREATE DATABASE IF NOT EXISTS `huge`;
diff --git a/code/web/backend/application/_installation/02-create-table-users.sql b/code/web/backend/application/_installation/02-create-table-users.sql
deleted file mode 100644
index b39f832..0000000
--- a/code/web/backend/application/_installation/02-create-table-users.sql
+++ /dev/null
@@ -1,28 +0,0 @@
-CREATE TABLE IF NOT EXISTS `huge`.`users` (
- `user_id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'auto incrementing user_id of each user, unique index',
- `user_name` varchar(64) COLLATE utf8_unicode_ci NOT NULL COMMENT 'user''s name, unique',
- `user_password_hash` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL COMMENT 'user''s password in salted and hashed format',
- `user_email` varchar(64) COLLATE utf8_unicode_ci NOT NULL COMMENT 'user''s email, unique',
- `user_active` tinyint(1) NOT NULL DEFAULT '0' COMMENT 'user''s activation status',
- `user_account_type` tinyint(1) NOT NULL DEFAULT '1' COMMENT 'user''s account type (basic, premium, etc)',
- `user_has_avatar` tinyint(1) NOT NULL DEFAULT '0' COMMENT '1 if user has a local avatar, 0 if not',
- `user_remember_me_token` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL COMMENT 'user''s remember-me cookie token',
- `user_creation_timestamp` bigint(20) DEFAULT NULL COMMENT 'timestamp of the creation of user''s account',
- `user_last_login_timestamp` bigint(20) DEFAULT NULL COMMENT 'timestamp of user''s last login',
- `user_failed_logins` tinyint(1) NOT NULL DEFAULT '0' COMMENT 'user''s failed login attempts',
- `user_last_failed_login` int(10) DEFAULT NULL COMMENT 'unix timestamp of last failed login attempt',
- `user_activation_hash` varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL COMMENT 'user''s email verification hash string',
- `user_password_reset_hash` char(40) COLLATE utf8_unicode_ci DEFAULT NULL COMMENT 'user''s password reset code',
- `user_password_reset_timestamp` bigint(20) DEFAULT NULL COMMENT 'timestamp of the password reset request',
- `user_provider_type` text COLLATE utf8_unicode_ci,
- PRIMARY KEY (`user_id`),
- UNIQUE KEY `user_name` (`user_name`),
- UNIQUE KEY `user_email` (`user_email`)
-) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='user data';
-
-INSERT INTO `huge`.`users` (`user_id`, `user_name`, `user_password_hash`, `user_email`, `user_active`, `user_account_type`,
-`user_has_avatar`, `user_remember_me_token`, `user_creation_timestamp`, `user_last_login_timestamp`,
-`user_failed_logins`, `user_last_failed_login`, `user_activation_hash`, `user_password_reset_hash`,
-`user_password_reset_timestamp`, `user_provider_type`) VALUES
-(1, 'demo', '$2y$10$OvprunjvKOOhM1h9bzMPs.vuwGIsOqZbw88rzSyGCTJTcE61g5WXi', 'demo@demo.com', 1, 1, 0, NULL, 1422205178,
-1422209189, 0, NULL, NULL, NULL, NULL, 'DEFAULT');
diff --git a/code/web/backend/application/_installation/03-create-table-notes.sql b/code/web/backend/application/_installation/03-create-table-notes.sql
deleted file mode 100644
index 38d0368..0000000
--- a/code/web/backend/application/_installation/03-create-table-notes.sql
+++ /dev/null
@@ -1,6 +0,0 @@
-CREATE TABLE IF NOT EXISTS `huge`.`notes` (
- `note_id` int(11) unsigned NOT NULL AUTO_INCREMENT,
- `note_text` text NOT NULL,
- `user_id` int(11) unsigned NOT NULL,
- PRIMARY KEY (`note_id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='user notes';
diff --git a/code/web/backend/application/config/config.development.php b/code/web/backend/application/config/config.development.php
deleted file mode 100644
index 1ac7c5b..0000000
--- a/code/web/backend/application/config/config.development.php
+++ /dev/null
@@ -1,129 +0,0 @@
- 'http://' . $_SERVER['HTTP_HOST'] . str_replace('public', '', dirname($_SERVER['SCRIPT_NAME'])),
- /**
- * Configuration for: Folders
- * Usually there's no reason to change this.
- */
- 'PATH_CONTROLLER' => realpath(dirname(__FILE__).'/../../') . '/application/controller/',
- 'PATH_VIEW' => realpath(dirname(__FILE__).'/../../') . '/application/view/',
- /**
- * Configuration for: Avatar paths
- * Internal path to save avatars. Make sure this folder is writable. The slash at the end is VERY important!
- */
- 'PATH_AVATARS' => realpath(dirname(__FILE__).'/../../') . '/public/avatars/',
- 'PATH_AVATARS_PUBLIC' => 'avatars/',
- /**
- * Configuration for: Default controller and action
- */
- 'DEFAULT_CONTROLLER' => 'index',
- 'DEFAULT_ACTION' => 'index',
- /**
- * Configuration for: Database
- * DB_TYPE The used database type. Note that other types than "mysql" might break the db construction currently.
- * DB_HOST The mysql hostname, usually localhost or 127.0.0.1
- * DB_NAME The database name
- * DB_USER The username
- * DB_PASS The password
- * DB_PORT The mysql port, 3306 by default (?), find out via phpinfo() and look for mysqli.default_port.
- * DB_CHARSET The charset, necessary for security reasons. Check Database.php class for more info.
- */
- 'DB_TYPE' => 'mysql',
- 'DB_HOST' => '127.0.0.1',
- 'DB_NAME' => 'huge',
- 'DB_USER' => 'root',
- 'DB_PASS' => '12345678',
- 'DB_PORT' => '3306',
- 'DB_CHARSET' => 'utf8',
- /**
- * Configuration for: Additional login providers: Facebook
- * CURRENTLY REMOVED (as Facebook has removed support for the used API version).
- * Another, better and up-to-date implementation might come soon.
- */
- 'FACEBOOK_LOGIN' => false,
- /**
- * Configuration for: Captcha size
- * The currently used Captcha generator (https://github.com/Gregwar/Captcha) also runs without giving a size,
- * so feel free to use ->build(); inside CaptchaModel.
- */
- 'CAPTCHA_WIDTH' => 359,
- 'CAPTCHA_HEIGHT' => 100,
- /**
- * Configuration for: Cookies
- * 1209600 seconds = 2 weeks
- * COOKIE_PATH is the path the cookie is valid on, usually "/" to make it valid on the whole domain.
- * @see http://stackoverflow.com/q/9618217/1114320
- * @see php.net/manual/en/function.setcookie.php
- */
- 'COOKIE_RUNTIME' => 1209600,
- 'COOKIE_PATH' => '/',
- /**
- * Configuration for: Avatars/Gravatar support
- * Set to true if you want to use "Gravatar(s)", a service that automatically gets avatar pictures via using email
- * addresses of users by requesting images from the gravatar.com API. Set to false to use own locally saved avatars.
- * AVATAR_SIZE set the pixel size of avatars/gravatars (will be 44x44 by default). Avatars are always squares.
- * AVATAR_DEFAULT_IMAGE is the default image in public/avatars/
- */
- 'USE_GRAVATAR' => false,
- 'GRAVATAR_DEFAULT_IMAGESET' => 'mm',
- 'GRAVATAR_RATING' => 'pg',
- 'AVATAR_SIZE' => 44,
- 'AVATAR_JPEG_QUALITY' => 85,
- 'AVATAR_DEFAULT_IMAGE' => 'default.jpg',
- /**
- * Configuration for: Email server credentials
- *
- * Here you can define how you want to send emails.
- * If you have successfully set up a mail server on your linux server and you know
- * what you do, then you can skip this section. Otherwise please set EMAIL_USE_SMTP to true
- * and fill in your SMTP provider account data.
- *
- * EMAIL_USED_MAILER: Check Mail class for alternatives
- * EMAIL_USE_SMTP: Use SMTP or not
- * EMAIL_SMTP_AUTH: leave this true unless your SMTP service does not need authentication
- */
- 'EMAIL_USED_MAILER' => 'phpmailer',
- 'EMAIL_USE_SMTP' => false,
- 'EMAIL_SMTP_HOST' => 'yourhost',
- 'EMAIL_SMTP_AUTH' => true,
- 'EMAIL_SMTP_USERNAME' => 'yourusername',
- 'EMAIL_SMTP_PASSWORD' => 'yourpassword',
- 'EMAIL_SMTP_PORT' => 465,
- 'EMAIL_SMTP_ENCRYPTION' => 'ssl',
- /**
- * Configuration for: Email content data
- */
- 'EMAIL_PASSWORD_RESET_URL' => 'login/verifypasswordreset',
- 'EMAIL_PASSWORD_RESET_FROM_EMAIL' => 'no-reply@example.com',
- 'EMAIL_PASSWORD_RESET_FROM_NAME' => 'My Project',
- 'EMAIL_PASSWORD_RESET_SUBJECT' => 'Password reset for PROJECT XY',
- 'EMAIL_PASSWORD_RESET_CONTENT' => 'Please click on this link to reset your password: ',
- 'EMAIL_VERIFICATION_URL' => 'login/verify',
- 'EMAIL_VERIFICATION_FROM_EMAIL' => 'no-reply@example.com',
- 'EMAIL_VERIFICATION_FROM_NAME' => 'My Project',
- 'EMAIL_VERIFICATION_SUBJECT' => 'Account activation for PROJECT XY',
- 'EMAIL_VERIFICATION_CONTENT' => 'Please click on this link to activate your account: ',
-);
diff --git a/code/web/backend/application/config/texts.php b/code/web/backend/application/config/texts.php
deleted file mode 100644
index 6fd1c7c..0000000
--- a/code/web/backend/application/config/texts.php
+++ /dev/null
@@ -1,73 +0,0 @@
- "Unknown error occurred!",
- "FEEDBACK_PASSWORD_WRONG_3_TIMES" => "You have typed in a wrong password 3 or more times already. Please wait 30 seconds to try again.",
- "FEEDBACK_ACCOUNT_NOT_ACTIVATED_YET" => "Your account is not activated yet. Please click on the confirm link in the mail.",
- "FEEDBACK_PASSWORD_WRONG" => "Password was wrong.",
- "FEEDBACK_USER_DOES_NOT_EXIST" => "This user does not exist.",
- "FEEDBACK_LOGIN_FAILED" => "Login failed.",
- "FEEDBACK_USERNAME_FIELD_EMPTY" => "Username field was empty.",
- "FEEDBACK_PASSWORD_FIELD_EMPTY" => "Password field was empty.",
- "FEEDBACK_USERNAME_OR_PASSWORD_FIELD_EMPTY" => "Username or password field was empty.",
- "FEEDBACK_USERNAME_EMAIL_FIELD_EMPTY" => "Username / email field was empty.",
- "FEEDBACK_EMAIL_FIELD_EMPTY" => "Email field was empty.",
- "FEEDBACK_EMAIL_AND_PASSWORD_FIELDS_EMPTY" => "Email and password fields were empty.",
- "FEEDBACK_USERNAME_SAME_AS_OLD_ONE" => "Sorry, that username is the same as your current one. Please choose another one.",
- "FEEDBACK_USERNAME_ALREADY_TAKEN" => "Sorry, that username is already taken. Please choose another one.",
- "FEEDBACK_USER_EMAIL_ALREADY_TAKEN" => "Sorry, that email is already in use. Please choose another one.",
- "FEEDBACK_USERNAME_CHANGE_SUCCESSFUL" => "Your username has been changed successfully.",
- "FEEDBACK_USERNAME_AND_PASSWORD_FIELD_EMPTY" => "Username and password fields were empty.",
- "FEEDBACK_USERNAME_DOES_NOT_FIT_PATTERN" => "Username does not fit the name pattern: only a-Z and numbers are allowed, 2 to 64 characters.",
- "FEEDBACK_EMAIL_DOES_NOT_FIT_PATTERN" => "Sorry, your chosen email does not fit into the email naming pattern.",
- "FEEDBACK_EMAIL_SAME_AS_OLD_ONE" => "Sorry, that email address is the same as your current one. Please choose another one.",
- "FEEDBACK_EMAIL_CHANGE_SUCCESSFUL" => "Your email address has been changed successfully.",
- "FEEDBACK_CAPTCHA_WRONG" => "The entered captcha security characters were wrong.",
- "FEEDBACK_PASSWORD_REPEAT_WRONG" => "Password and password repeat are not the same.",
- "FEEDBACK_PASSWORD_TOO_SHORT" => "Password has a minimum length of 6 characters.",
- "FEEDBACK_USERNAME_TOO_SHORT_OR_TOO_LONG" => "Username cannot be shorter than 2 or longer than 64 characters.",
- "FEEDBACK_ACCOUNT_SUCCESSFULLY_CREATED" => "Your account has been created successfully and we have sent you an email. Please click the VERIFICATION LINK within that mail.",
- "FEEDBACK_VERIFICATION_MAIL_SENDING_FAILED" => "Sorry, we could not send you an verification mail. Your account has NOT been created.",
- "FEEDBACK_ACCOUNT_CREATION_FAILED" => "Sorry, your registration failed. Please go back and try again.",
- "FEEDBACK_VERIFICATION_MAIL_SENDING_ERROR" => "Verification mail could not be sent due to: ",
- "FEEDBACK_VERIFICATION_MAIL_SENDING_SUCCESSFUL" => "A verification mail has been sent successfully.",
- "FEEDBACK_ACCOUNT_ACTIVATION_SUCCESSFUL" => "Activation was successful! You can now log in.",
- "FEEDBACK_ACCOUNT_ACTIVATION_FAILED" => "Sorry, no such id/verification code combination here...",
- "FEEDBACK_AVATAR_UPLOAD_SUCCESSFUL" => "Avatar upload was successful.",
- "FEEDBACK_AVATAR_UPLOAD_WRONG_TYPE" => "Only JPEG and PNG files are supported.",
- "FEEDBACK_AVATAR_UPLOAD_TOO_SMALL" => "Avatar source file's width/height is too small. Needs to be 100x100 pixel minimum.",
- "FEEDBACK_AVATAR_UPLOAD_TOO_BIG" => "Avatar source file is too big. 5 Megabyte is the maximum.",
- "FEEDBACK_AVATAR_FOLDER_DOES_NOT_EXIST_OR_NOT_WRITABLE" => "Avatar folder does not exist or is not writable. Please change this via chmod 775 or 777.",
- "FEEDBACK_AVATAR_IMAGE_UPLOAD_FAILED" => "Something went wrong with the image upload.",
- "FEEDBACK_AVATAR_IMAGE_DELETE_SUCCESSFUL" => "You successfully deleted your avatar.",
- "FEEDBACK_AVATAR_IMAGE_DELETE_NO_FILE" => "You don't have a custom avatar.",
- "FEEDBACK_AVATAR_IMAGE_DELETE_FAILED" => "Something went wrong while deleting your avatar.",
- "FEEDBACK_PASSWORD_RESET_TOKEN_FAIL" => "Could not write token to database.",
- "FEEDBACK_PASSWORD_RESET_TOKEN_MISSING" => "No password reset token.",
- "FEEDBACK_PASSWORD_RESET_MAIL_SENDING_ERROR" => "Password reset mail could not be sent due to: ",
- "FEEDBACK_PASSWORD_RESET_MAIL_SENDING_SUCCESSFUL" => "A password reset mail has been sent successfully.",
- "FEEDBACK_PASSWORD_RESET_LINK_EXPIRED" => "Your reset link has expired. Please use the reset link within one hour.",
- "FEEDBACK_PASSWORD_RESET_COMBINATION_DOES_NOT_EXIST" => "Username/Verification code combination does not exist.",
- "FEEDBACK_PASSWORD_RESET_LINK_VALID" => "Password reset validation link is valid. Please change the password now.",
- "FEEDBACK_PASSWORD_CHANGE_SUCCESSFUL" => "Password successfully changed.",
- "FEEDBACK_PASSWORD_CHANGE_FAILED" => "Sorry, your password changing failed.",
- "FEEDBACK_ACCOUNT_TYPE_CHANGE_SUCCESSFUL" => "Account type change successful",
- "FEEDBACK_ACCOUNT_TYPE_CHANGE_FAILED" => "Account type change failed",
- "FEEDBACK_NOTE_CREATION_FAILED" => "Note creation failed.",
- "FEEDBACK_NOTE_EDITING_FAILED" => "Note editing failed.",
- "FEEDBACK_NOTE_DELETION_FAILED" => "Note deletion failed.",
- "FEEDBACK_COOKIE_INVALID" => "Your remember-me-cookie is invalid.",
- "FEEDBACK_COOKIE_LOGIN_SUCCESSFUL" => "You were successfully logged in via the remember-me-cookie.",
- "FEEDBACK_FACEBOOK_LOGIN_NOT_REGISTERED" => "Sorry, you don't have an account here. Please register first.",
- "FEEDBACK_FACEBOOK_EMAIL_NEEDED" => "Sorry, but you need to allow us to see your email address to register.",
- "FEEDBACK_FACEBOOK_UID_ALREADY_EXISTS" => "Sorry, but you have already registered here (your Facebook ID exists in our database).",
- "FEEDBACK_FACEBOOK_EMAIL_ALREADY_EXISTS" => "Sorry, but you have already registered here (your Facebook email exists in our database).",
- "FEEDBACK_FACEBOOK_USERNAME_ALREADY_EXISTS" => "Sorry, but you have already registered here (your Facebook username exists in our database).",
- "FEEDBACK_FACEBOOK_REGISTER_SUCCESSFUL" => "You have been successfully registered with Facebook.",
- "FEEDBACK_FACEBOOK_OFFLINE" => "We could not reach the Facebook servers. Maybe Facebook is offline (that really happens sometimes).",
-);
\ No newline at end of file
diff --git a/code/web/backend/application/controller/DashboardController.php b/code/web/backend/application/controller/DashboardController.php
deleted file mode 100644
index ef82923..0000000
--- a/code/web/backend/application/controller/DashboardController.php
+++ /dev/null
@@ -1,26 +0,0 @@
-View->render('dashboard/index');
- }
-}
diff --git a/code/web/backend/application/controller/ErrorController.php b/code/web/backend/application/controller/ErrorController.php
deleted file mode 100644
index 843a4b9..0000000
--- a/code/web/backend/application/controller/ErrorController.php
+++ /dev/null
@@ -1,25 +0,0 @@
-View->render('error/index');
- }
-}
diff --git a/code/web/backend/application/controller/IndexController.php b/code/web/backend/application/controller/IndexController.php
deleted file mode 100644
index 8dff4eb..0000000
--- a/code/web/backend/application/controller/IndexController.php
+++ /dev/null
@@ -1,21 +0,0 @@
-View->render('index/index');
- }
-}
diff --git a/code/web/backend/application/controller/LoginController.php b/code/web/backend/application/controller/LoginController.php
deleted file mode 100644
index 65aa7af..0000000
--- a/code/web/backend/application/controller/LoginController.php
+++ /dev/null
@@ -1,313 +0,0 @@
-View->render('login/index');
- }
- }
-
- /**
- * The login action, when you do login/login
- */
- public function login()
- {
- // perform the login method, put result (true or false) into $login_successful
- $login_successful = LoginModel::login(
- Request::post('user_name'), Request::post('user_password'), Request::post('set_remember_me_cookie')
- );
-
- // check login status: if true, then redirect user login/showProfile, if false, then to login form again
- if ($login_successful) {
- Redirect::to('login/showProfile');
- } else {
- Redirect::to('login/index');
- }
- }
-
- /**
- * The logout action
- * Perform logout, redirect user to main-page
- */
- public function logout()
- {
- LoginModel::logout();
- Redirect::home();
- }
-
- /**
- * Login with cookie
- */
- public function loginWithCookie()
- {
- // run the loginWithCookie() method in the login-model, put the result in $login_successful (true or false)
- $login_successful = LoginModel::loginWithCookie(Request::cookie('remember_me'));
-
- // if login successful, redirect to dashboard/index ...
- if ($login_successful) {
- Redirect::to('dashboard/index');
- } else {
- // if not, delete cookie (outdated? attack?) and route user to login form to prevent infinite login loops
- LoginModel::deleteCookie();
- Redirect::to('login/index');
- }
- }
-
- /**
- * Show user's PRIVATE profile
- * Auth::checkAuthentication() makes sure that only logged in users can use this action and see this page
- */
- public function showProfile()
- {
- Auth::checkAuthentication();
- $this->View->render('login/showProfile', array(
- 'user_name' => Session::get('user_name'),
- 'user_email' => Session::get('user_email'),
- 'user_gravatar_image_url' => Session::get('user_gravatar_image_url'),
- 'user_avatar_file' => Session::get('user_avatar_file'),
- 'user_account_type' => Session::get('user_account_type')
- ));
- }
-
- /**
- * Show edit-my-username page
- * Auth::checkAuthentication() makes sure that only logged in users can use this action and see this page
- */
- public function editUsername()
- {
- Auth::checkAuthentication();
- $this->View->render('login/editUsername');
- }
-
- /**
- * Edit user name (perform the real action after form has been submitted)
- * Auth::checkAuthentication() makes sure that only logged in users can use this action
- */
- public function editUsername_action()
- {
- Auth::checkAuthentication();
- UserModel::editUserName(Request::post('user_name'));
- Redirect::to('login/index');
- }
-
- /**
- * Show edit-my-user-email page
- * Auth::checkAuthentication() makes sure that only logged in users can use this action and see this page
- */
- public function editUserEmail()
- {
- Auth::checkAuthentication();
- $this->View->render('login/editUserEmail');
- }
-
- /**
- * Edit user email (perform the real action after form has been submitted)
- * Auth::checkAuthentication() makes sure that only logged in users can use this action and see this page
- */
- // make this POST
- public function editUserEmail_action()
- {
- Auth::checkAuthentication();
- UserModel::editUserEmail(Request::post('user_email'));
- Redirect::to('login/editUserEmail');
- }
-
- /**
- * Edit avatar
- * Auth::checkAuthentication() makes sure that only logged in users can use this action and see this page
- */
- public function editAvatar()
- {
- Auth::checkAuthentication();
- $this->View->render('login/editAvatar', array(
- 'avatar_file_path' => AvatarModel::getPublicUserAvatarFilePathByUserId(Session::get('user_id'))
- ));
- }
-
- /**
- * Perform the upload of the avatar
- * Auth::checkAuthentication() makes sure that only logged in users can use this action and see this page
- * POST-request
- */
- public function uploadAvatar_action()
- {
- Auth::checkAuthentication();
- AvatarModel::createAvatar();
- Redirect::to('login/editAvatar');
- }
-
- /**
- * Delete the current user's avatar
- * Auth::checkAuthentication() makes sure that only logged in users can use this action and see this page
- */
- public function deleteAvatar_action()
- {
- Auth::checkAuthentication();
- AvatarModel::deleteAvatar(Session::get("user_id"));
- Redirect::to('login/editAvatar');
- }
-
- /**
- * Show the change-account-type page
- * Auth::checkAuthentication() makes sure that only logged in users can use this action and see this page
- */
- public function changeUserRole()
- {
- Auth::checkAuthentication();
- $this->View->render('login/changeUserRole');
- }
-
- /**
- * Perform the account-type changing
- * Auth::checkAuthentication() makes sure that only logged in users can use this action
- * POST-request
- */
- public function changeUserRole_action()
- {
- Auth::checkAuthentication();
-
- if (Request::post('user_account_upgrade')) {
- // "2" is quick & dirty account type 2, something like "premium user" maybe. you got the idea :)
- UserRoleModel::changeUserRole(2);
- }
-
- if (Request::post('user_account_downgrade')) {
- // "1" is quick & dirty account type 1, something like "basic user" maybe.
- UserRoleModel::changeUserRole(1);
- }
-
- Redirect::to('login/changeUserRole');
- }
-
- /**
- * Register page
- * Show the register form, but redirect to main-page if user is already logged-in
- */
- public function register()
- {
- if (LoginModel::isUserLoggedIn()) {
- Redirect::home();
- } else {
- $this->View->render('login/register');
- }
- }
-
- /**
- * Register page action
- * POST-request after form submit
- */
- public function register_action()
- {
- $registration_successful = RegistrationModel::registerNewUser();
-
- if ($registration_successful) {
- Redirect::to('login/index');
- } else {
- Redirect::to('login/register');
- }
- }
-
- /**
- * Verify user after activation mail link opened
- * @param int $user_id user's id
- * @param string $user_activation_verification_code user's verification token
- */
- public function verify($user_id, $user_activation_verification_code)
- {
- if (isset($user_id) && isset($user_activation_verification_code)) {
- RegistrationModel::verifyNewUser($user_id, $user_activation_verification_code);
- $this->View->render('login/verify');
- } else {
- Redirect::to('login/index');
- }
- }
-
- /**
- * Show the request-password-reset page
- */
- public function requestPasswordReset()
- {
- $this->View->render('login/requestPasswordReset');
- }
-
- /**
- * The request-password-reset action
- * POST-request after form submit
- */
- public function requestPasswordReset_action()
- {
- PasswordResetModel::requestPasswordReset(Request::post('user_name_or_email'));
- Redirect::to('login/index');
- }
-
- /**
- * Verify the verification token of that user (to show the user the password editing view or not)
- * @param string $user_name username
- * @param string $verification_code password reset verification token
- */
- public function verifyPasswordReset($user_name, $verification_code)
- {
- // check if this the provided verification code fits the user's verification code
- if (PasswordResetModel::verifyPasswordReset($user_name, $verification_code)) {
- // pass URL-provided variable to view to display them
- $this->View->render('login/changePassword', array(
- 'user_name' => $user_name,
- 'user_password_reset_hash' => $verification_code
- ));
- } else {
- Redirect::to('login/index');
- }
- }
-
- /**
- * Set the new password
- * Please note that this happens while the user is not logged in. The user identifies via the data provided by the
- * password reset link from the email, automatically filled into the