Skip to content
This repository was archived by the owner on Sep 13, 2022. It is now read-only.

Login & automatic membership system#109

Open
mfaalk wants to merge 41 commits into
Glennmen:developfrom
mfaalk:loginbranch2
Open

Login & automatic membership system#109
mfaalk wants to merge 41 commits into
Glennmen:developfrom
mfaalk:loginbranch2

Conversation

@mfaalk

@mfaalk mfaalk commented Apr 4, 2018

Copy link
Copy Markdown
Contributor

This PR will add a login form to the website and create a self going membership system where your users pay through selly. No membership = no IV.
The moment after they pay they will instantly receives an account that's active for 31 days.(or more if they pay for more than one quantity).
The next time they pay they will keep their login credentials and 31 days will be added to their existing expire date.

If it's a new user the user will receive an email with login credentials and expire date.
If it's an existing user the user will receive an email with the new expire date. The credentials is the same as before.

When their expire date is due they can no longer see IV on the map.

Two database tables has to be created for this to work.

CREATE TABLE `users` (
  `id` bigint(20) NOT NULL,
  `user` varchar(250) NOT NULL,
  `password` varchar(250) DEFAULT NULL,
  `temp_password` varchar(250) DEFAULT NULL,
  `expire_timestamp` int(11) NOT NULL,
  `session_id` varchar(100) DEFAULT NULL,
  `login_system` varchar(40) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

ALTER TABLE `users`
  ADD PRIMARY KEY (`id`);

ALTER TABLE `users` MODIFY `id` bigint(20) NOT NULL AUTO_INCREMENT;

CREATE TABLE `payments` (
  `id` int(11) NOT NULL,
  `selly_id` varchar(100) NOT NULL,
  `product_id` int(30) NOT NULL,
  `email` varchar(250) NOT NULL,
  `value` int(11) NOT NULL,
  `quantity` int(11) NOT NULL,
  `timestamp` int(11) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

ALTER TABLE `payments`
  ADD PRIMARY KEY (`id`);

ALTER TABLE `payments`
  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
COMMIT;

Selly settings:
image

@hammydown4325 hammydown4325 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall not bad at all. Pretty well put together so i am impressed. Look through all my comments i left throughout as this is a purely code based review and not functionality at this point.

Remember security is important so never store passwords even if they are hashed in txt files.

Lots of translation updates and small type conversion. Remember we use camel case for variables.

The PR will never get get merged unless you fix styleci and travis errors though so keep that in mind. I know it can be a pain but following the guidelines is a good thing.

Comment thread config/default.php Outdated
// Composer is also needed. Type "composer install" to install the dependencies.
// Enter client_id, client_secret and callback uri from your discord bot to DiscordAuth.php
// https://discordapp.com/developers/applications/me
$discord_bot_client_id = 0;

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Convert to Camel Case Like $discordBotClientID = 0;

Comment thread config/default.php Outdated
// https://discordapp.com/developers/applications/me
$discord_bot_client_id = 0;
$discord_bot_client_secret = "";
$discord_bot_redirect_uri = "https://example.com/discord-callback.php";

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Convert to Camel Case Like $discordBotRedirectURI= "https://example.com/discord-callback.php";

Comment thread config/default.php Outdated
// Enter client_id, client_secret and callback uri from your discord bot to DiscordAuth.php
// https://discordapp.com/developers/applications/me
$discord_bot_client_id = 0;
$discord_bot_client_secret = "";

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Convert to Camel Case Like $discordBotClientSecret = '';

Comment thread discord-callback.php Outdated
"login_system" => 'discord'
]);

if ($count == 0) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

=== to prevent type conversion

Comment thread pre-index.php Outdated

$_SESSION['user']->expire_timestamp = $info['expire_timestamp'];

if (!empty($_SESSION['user']->updatePwd) && $_SESSION['user']->updatePwd == 1) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

=== to prevent type conversion.

Comment thread user.php Outdated
$message .= i8ln('New password:') . " {$randomPwd}<br><br>";

if ($discordUrl) {
$message .= i8ln('For support, ask your questions in the ') . "<a href='{$discordUrl}'>discord guild</a>!<br><br>";

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

discord guild needs to be translatable.

Comment thread user.php Outdated
if ($discordUrl) {
$message .= i8ln('For support, ask your questions in the ') . "<a href='{$discordUrl}'>discord guild</a>!<br><br>";
}
$message .= i8ln('Best Regards') . "<br>Admin";

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Admin needs to be translatable.

Comment thread user.php Outdated
}

$subject = "[{$title}] - Password Reset";
$headers = "From: no-reply@{$_SERVER['SERVER_NAME']}" . "\r\n" .

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs to be configurable in config for From and Reply to as some people use a different domain.

Comment thread user.php Outdated
<?php
} elseif (!empty($_SESSION['user']->updatePwd)) {
?>
<p><h2><?php echo "[<a href='.'>{$title}</a>] - "; echo i8ln('Change your password.'); ?></h2></p>

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Concatenate the echos into 1 with . Also remove the

tags.

Comment thread utils.php Outdated
"login_system" => 'native'
]);

$logMsg = "INSERT INTO users (id, user, temp_password, expire_timestamp, login_system) VALUES ('{$getId}', '{$user}', '{$hashedPwd}', '{$new_expire_timestamp}', 'native'); -- " . date('Y-m-d H:i:s') . "\r\n";

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove Hashed password and replace with ******

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants