Controller/Member.php

@@ -18,6 +18,9 @@ class Member {
 		
 		$errors=array();
 		
+		if (isset($params['permission_error']) && $params['permission_error']==true)
+			$errors[]="You don't have permission to access this page.";
+		
 		if (isset($params['submit_form']) && $params['email']!=""){
 			$user=new User($params['email']);
 			if ($user->UserId!=null && $user->ValidatePassword($params['password'])){

DB Scripts/1/alter_user_groups.sql

@@ -0,0 +1,3 @@
+ALTER TABLE `user_groups` 
+CHANGE COLUMN `group_name` `group_name` VARCHAR(255) NULL DEFAULT NULL ,
+ADD UNIQUE INDEX `group_name_UNIQUE` (`group_name` ASC);

DB Scripts/1/insert_permissions_data.sql

@@ -0,0 +1,9 @@
+INSERT INTO permissions (permission_value,permission_default_grant) VALUES ('home/index',1);
+INSERT INTO permissions (permission_value,permission_default_grant) VALUES ('blog/index',1);
+INSERT INTO permissions (permission_value,permission_default_grant) VALUES ('blog/view',1);
+INSERT INTO permissions (permission_value,permission_default_grant) VALUES ('projects/index',1);
+INSERT INTO permissions (permission_value,permission_default_grant) VALUES ('gallery/index',1);
+INSERT INTO permissions (permission_value,permission_default_grant) VALUES ('gallery/view',1);
+INSERT INTO permissions (permission_value,permission_default_grant) VALUES ('member/index',1);
+INSERT INTO permissions (permission_value,permission_default_grant) VALUES ('member/login',1);
+INSERT INTO permissions (permission_value,permission_default_grant) VALUES ('member/manage',1);

DB Scripts/1/insert_user_groups_data.sql

@@ -0,0 +1 @@
+INSERT INTO user_groups (group_name,group_is_admin) VALUES ('admin',1);

DB Scripts/create_permissions.sql

@@ -0,0 +1,8 @@
+CREATE TABLE `permissions` (
+  `permission_id` INT NOT NULL AUTO_INCREMENT,
+  `permission_value` VARCHAR(255) NULL,
+  `permission_description` TEXT NULL,
+  `permission_default_grant` BIT NULL DEFAULT 0,
+  PRIMARY KEY (`permission_id`),
+  UNIQUE INDEX `permission_value_UNIQUE` (`permission_value` ASC));
+

DB Scripts/create_user_groups.sql

@@ -0,0 +1,6 @@
+CREATE TABLE `user_groups` (
+  `group_id` INT NOT NULL AUTO_INCREMENT,
+  `group_name` TEXT NULL,
+  `group_permissions` TEXT NULL,
+  `group_is_admin` BIT NULL DEFAULT 0,
+  PRIMARY KEY (`group_id`));

DB Scripts/create_users.sql

@@ -4,6 +4,7 @@ CREATE TABLE `users` (
   `user_password` VARCHAR(255) NULL,
   `user_created` INT NULL,
   `user_deleted` BIT NULL,
+  `group_id` INT NULL DEFAULT 0,
   PRIMARY KEY (`user_id`),
   UNIQUE INDEX `user_email_UNIQUE` (`user_email` ASC));
 

Model/Permission.php

@@ -0,0 +1,12 @@
+<?php
+class Permission extends DBObjectAutoCreate {
+	public function __construct($id) {
+		$field="permission_id";
+		if (!is_numeric($id)){
+			$field="permission_value";
+			$id=strtolower($id);
+		}
+		
+		parent::__construct("permissions", $field, $id);
+	}
+}

Model/User.php

@@ -1,5 +1,7 @@
 <?php
 class User extends DBObjectAutoCreate {
+	public $Group;
+	
 	public static function HashPassword($password) {
 		return hash("sha256",$password);
 	}
@@ -9,6 +11,8 @@ class User extends DBObjectAutoCreate {
 		if (!is_numeric($id))
 			$field="user_email";
 		parent::__construct("users", $field, $id);
+		
+		$this->Group=new UserGroup($this->GroupId);
 	}
 	
 	public function Save() {
@@ -21,7 +25,12 @@ class User extends DBObjectAutoCreate {
 		return self::HashPassword($password)==$this->UserPassword;
 	}
 	
-	public function HasAccess($page,$action) {
-		return true;
+	public function HasAccess($permission) {	
+		$perm=new Permission($permission);
+		$grant=$perm->PermissionDefaultGrant;
+		if ($perm->PermissionDefaultGrant==1)
+			return true;
+		
+		return $this->Group->HasPermission($permission);
 	}
 }

Model/UserGroup.php

@@ -0,0 +1,32 @@
+<?php
+class UserGroup extends DBObjectAutoCreate {
+	public $Permissions=array();
+	
+	public function __construct($id) {
+		parent::__construct("user_groups", "group_id", $id);
+		$permissions=explode(",", $this->GroupPermissions);
+		foreach ($permissions as $p)
+			$this->Permissions[]=new Permission($p);
+	}
+	
+	public function Save() {
+		$permissions=array();
+		foreach ($this->Permissions as $p)
+			$permissions[]=$p->PermissionId;
+		$this->GroupPermissions=implode(",", $permissions);
+		
+		parent::Save();
+	}
+	
+	public function HasPermission($permission) {
+//		/$arr=print_r($this,true);
+		if ($this->GroupIsAdmin==1)
+			return true;
+		
+		foreach ($this->Permissions as $p)
+			if ($p->PermissionValue==$permission)
+				return true;
+		
+		return false;
+	}
+}

base/Application.php

@@ -19,14 +19,14 @@ foreach ($files as $file)
 		require_once $file;
 
 class Application{
-	protected $_view, $_controller;
+	protected $_view, $_controller, $_url;
 	
 	protected function LoadPage($page,$action,$params){
 		$controller=self::FindControllerPath($page);
 		if ($controller===false){
 			$page="E404";
 			$controller="Controller/E404.php";
-			$params=array($url);
+			$params=array($this->_url);
 		}
 		
 		include_once $controller;
@@ -37,6 +37,7 @@ class Application{
 	}
 	
 	function __construct($url) {
+		$this->_url;
 //		session_start();
 		
 		$page=ApplicationSettings::GetSetting("general", "default_page");

base/UserRestrictedApplication.php

@@ -4,10 +4,10 @@ include_once("Application.php");
 class UserRestrictedApplication extends Application {
 	protected function LoadPage($page, $action, $params) {		
 		$user=Session::GetLoggedInUser();
-		if ($user->HasAccess($page,$action))
+		if ($user->HasAccess($page.'/'.$action))
 			parent::LoadPage($page, $action, $params);
 		else
-			parent::LoadPage("login", "index", array()/*Serialise URL, or something*/);
+			parent::LoadPage("member", "index", array("permission_error"=>true)/*Serialise URL, or something*/);
 	}
 	
 	public function __construct($url) {

setup.php

@@ -0,0 +1,42 @@
+<?php
+function RunFile($file){
+	
+}
+
+$settings=parse_ini_file("settings.ini",true);
+
+$host=$settings["database"]["host"];
+$db=$settings["database"][ "database"];
+$username=$settings["database"][ "username"];
+$password=$settings["database"][ "password"];
+$PDO=new PDO("mysql:host=$host;dbname=$db",$username,$password);
+
+$version=0;
+if (file_exists("db_version_info"))
+	$version=intval(file_get_contents("db_version_info"));
+
+$scriptsToRun=array();
+$items=glob("DB Scripts/*.sql");
+$scriptsToRun[0]=$items;
+
+$items=glob("DB Scripts/*");
+foreach ($items as $i){
+	if (!is_dir($i))
+		continue;
+	
+	$moreItems=glob($i.'/*');
+	if (count($moreItems)>0)
+		$scriptsToRun[intval(pathinfo($i)['basename'])]=$moreItems;
+}
+
+$total=count($scriptsToRun);
+$dbVersion=0;
+for ($v=$version;$v<$total;$v++){
+	foreach ($scriptsToRun[$v] as $s){
+		echo "Running $s";
+		$PDO->query(file_get_contents($s));
+		var_dump($PDO->errorInfo());
+	}
+}
+
+file_put_contents("db_version_info", $total);

template.php

@@ -20,9 +20,9 @@ function FormatURI(URI $uri, $base=""){
 		</title>
 		<meta charset="UTF-8">
 		<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0"/>
-		<link href="/style.css" rel="stylesheet" type="text/css" />
-		<link href="/style-med.css" rel="stylesheet" media="(max-width:1023px)" type="text/css" />
-		<link href="/style-small.css" rel="stylesheet" media="(max-width:680px)" type="text/css" />
+		<link href="/css/style.css" rel="stylesheet" type="text/css" />
+		<link href="/css/style-med.css" rel="stylesheet" media="(max-width:1023px)" type="text/css" />
+		<link href="/css/style-small.css" rel="stylesheet" media="(max-width:680px)" type="text/css" />
 		<style type="text/css">
 			{@CSS}
 		</style>