Migrated db to PHP-DB and lots of fixes
This commit is contained in:
parent
c5903b16eb
commit
0ad5e542c1
|
@ -22,11 +22,14 @@ $dispatcher = FastRoute\simpleDispatcher(
|
||||||
);
|
);
|
||||||
$r->addRoute(
|
$r->addRoute(
|
||||||
'POST', '/login', function ($vars) {
|
'POST', '/login', function ($vars) {
|
||||||
global $tools, $database, $user;
|
global $tools, $db, $user;
|
||||||
try {
|
try {
|
||||||
$user->auth->loginWithUsername($_POST['username'], $_POST['password']);
|
$user->auth->loginWithUsername($_POST['username'], $_POST['password']);
|
||||||
$apiKey = $tools->createKey();
|
$apiKey = $tools->createKey();
|
||||||
$database->exec("INSERT INTO `%PREFIX%_api_keys` (`apikey`, `user`, `permissions`) VALUES (:apiKey, :userId, 'ALL');", true, [":apiKey" => $apiKey, ":userId" => $user->auth->getUserId()]);
|
$db->insert(
|
||||||
|
DB_PREFIX."_api_keys",
|
||||||
|
["apikey" => $apiKey, "user" => $user->auth->getUserId(), "permissions" => "all"]
|
||||||
|
);
|
||||||
return ["status" => "ok", "apiKey" => $apiKey];
|
return ["status" => "ok", "apiKey" => $apiKey];
|
||||||
}
|
}
|
||||||
catch (\Delight\Auth\UnknownUsernameException $e) {
|
catch (\Delight\Auth\UnknownUsernameException $e) {
|
||||||
|
@ -54,9 +57,9 @@ $dispatcher = FastRoute\simpleDispatcher(
|
||||||
$r->addRoute(
|
$r->addRoute(
|
||||||
'GET', '/users', function ($vars) {
|
'GET', '/users', function ($vars) {
|
||||||
requireToken();
|
requireToken();
|
||||||
global $database;
|
global $db;
|
||||||
$users = $database->exec("SELECT * FROM `%PREFIX%_users`;", true);
|
$users = $db->select("SELECT * FROM `".DB_PREFIX."_users`");
|
||||||
$users_profiles = $database->exec("SELECT * FROM `%PREFIX%_profiles`;", true);
|
$users_profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles`");
|
||||||
foreach ($users_profiles as $key=>$value){
|
foreach ($users_profiles as $key=>$value){
|
||||||
if(is_null($users_profiles[$key]["name"])) {
|
if(is_null($users_profiles[$key]["name"])) {
|
||||||
$users_profiles[$key]["name"] = $users[$key]["username"];
|
$users_profiles[$key]["name"] = $users[$key]["username"];
|
||||||
|
@ -69,9 +72,9 @@ $dispatcher = FastRoute\simpleDispatcher(
|
||||||
$r->addRoute(
|
$r->addRoute(
|
||||||
'GET', '/user', function ($vars) {
|
'GET', '/user', function ($vars) {
|
||||||
requireToken();
|
requireToken();
|
||||||
global $database, $user_info;
|
global $db, $user_info;
|
||||||
$users = $database->exec("SELECT * FROM `%PREFIX%_users` WHERE id = :id;", true, [":id" => $user_info["id"]])[0];
|
$users = $db->select("SELECT * FROM `".DB_PREFIX."_users` WHERE id = :id", ["id" => $user_info["id"]])[0];
|
||||||
$users_profiles = $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $user_info["id"]])[0];
|
$users_profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $user_info["id"]])[0];
|
||||||
if(is_null($users_profiles["name"])) {
|
if(is_null($users_profiles["name"])) {
|
||||||
$users_profiles["name"] = $users["username"];
|
$users_profiles["name"] = $users["username"];
|
||||||
}
|
}
|
||||||
|
@ -82,9 +85,9 @@ $dispatcher = FastRoute\simpleDispatcher(
|
||||||
$r->addRoute(
|
$r->addRoute(
|
||||||
'GET', '/user/{id:\d+}', function ($vars) {
|
'GET', '/user/{id:\d+}', function ($vars) {
|
||||||
requireToken();
|
requireToken();
|
||||||
global $database;
|
global $db;
|
||||||
$users = $database->exec("SELECT * FROM `%PREFIX%_users` WHERE id = :id;", true, [":id" => $vars["id"]])[0];
|
$users = $db->select("SELECT * FROM `".DB_PREFIX."_users` WHERE id = :id", ["id" => $vars["id"]])[0];
|
||||||
$users_profiles = $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $vars["id"]])[0];
|
$users_profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $vars["id"]])[0];
|
||||||
if(is_null($users_profiles["name"])) {
|
if(is_null($users_profiles["name"])) {
|
||||||
$users_profiles["name"] = $users["username"];
|
$users_profiles["name"] = $users["username"];
|
||||||
}
|
}
|
||||||
|
@ -133,40 +136,40 @@ $dispatcher = FastRoute\simpleDispatcher(
|
||||||
$r->addRoute(
|
$r->addRoute(
|
||||||
'GET', '/availability', function ($vars) {
|
'GET', '/availability', function ($vars) {
|
||||||
requireToken();
|
requireToken();
|
||||||
global $database, $user_info;
|
global $db, $user_info;
|
||||||
return $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $user_info["id"]])[0]["available"];
|
return $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $user_info["id"]])[0]["available"];
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
$r->addRoute(
|
$r->addRoute(
|
||||||
'GET', '/availability/{id:\d+}', function ($vars) {
|
'GET', '/availability/{id:\d+}', function ($vars) {
|
||||||
requireToken();
|
requireToken();
|
||||||
global $database;
|
global $db;
|
||||||
return $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $vars["id"]])[0]["available"];
|
return $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $vars["id"]])[0]["available"];
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
$r->addRoute(
|
$r->addRoute(
|
||||||
'GET', '/changeAvailability/{available:\d+}', function ($vars) {
|
'GET', '/changeAvailability/{available:\d+}', function ($vars) {
|
||||||
requireToken();
|
requireToken();
|
||||||
global $user, $database, $user_info;
|
global $user, $db, $user_info;
|
||||||
$vars["available"] = (int) $vars["available"];
|
$vars["available"] = (int) $vars["available"];
|
||||||
if($vars["available"] !== 0 && $vars["available"] !== 1) {
|
if($vars["available"] !== 0 && $vars["available"] !== 1) {
|
||||||
return ["status" => "error", "message" => "Availability code not allowed"];
|
return ["status" => "error", "message" => "Availability code not allowed"];
|
||||||
}
|
}
|
||||||
$log_message = $vars["available"] ? "Status changed to 'available'" : "Status changed to 'not available'";
|
$log_message = $vars["available"] ? "Status changed to 'available'" : "Status changed to 'not available'";
|
||||||
$database->exec("UPDATE `%PREFIX%_profiles` SET `available` = :available WHERE `id` = :id;", true, [":id" => $user_info["id"], ":available" => $vars["available"]]);
|
$db->select("UPDATE `".DB_PREFIX."_profiles` SET `available` = :available WHERE `id` = :id", ["id" => $user_info["id"], "available" => $vars["available"]]);
|
||||||
$user->log($log_message);
|
$user->log($log_message);
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
$r->addRoute(
|
$r->addRoute(
|
||||||
'GET', '/changeAvailability/{id:\d+}/{available:\d+}', function ($vars) {
|
'GET', '/changeAvailability/{id:\d+}/{available:\d+}', function ($vars) {
|
||||||
requireToken();
|
requireToken();
|
||||||
global $user, $database, $user_info;
|
global $user, $db, $user_info;
|
||||||
$vars["available"] = (int) $vars["available"];
|
$vars["available"] = (int) $vars["available"];
|
||||||
if($vars["available"] !== 0 && $vars["available"] !== 1) {
|
if($vars["available"] !== 0 && $vars["available"] !== 1) {
|
||||||
return ["status" => "error", "message" => "Availability code not allowed"];
|
return ["status" => "error", "message" => "Availability code not allowed"];
|
||||||
}
|
}
|
||||||
$log_message = $vars["available"] ? "Status changed to 'available'" : "Status changed to 'not available'";
|
$log_message = $vars["available"] ? "Status changed to 'available'" : "Status changed to 'not available'";
|
||||||
$database->exec("UPDATE `%PREFIX%_profiles` SET `available` = :available WHERE `id` = :id;", true, [":id" => $vars["id"], ":available" => $vars["available"]]);
|
$db->select("UPDATE `".DB_PREFIX."_profiles` SET `available` = :available WHERE `id` = :id", ["id" => $vars["id"], "available" => $vars["available"]]);
|
||||||
$user->log($log_message, $vars["id"], $user_info["id"]);
|
$user->log($log_message, $vars["id"], $user_info["id"]);
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
@ -230,13 +233,13 @@ function responseApi($content, $status_code=200)
|
||||||
|
|
||||||
function validToken()
|
function validToken()
|
||||||
{
|
{
|
||||||
global $database, $user_info;
|
global $db, $user_info;
|
||||||
$token = isset($_REQUEST['apiKey']) ? $_REQUEST['apiKey'] : (isset($_REQUEST['apikey']) ? $_REQUEST['apikey'] : (isset($_SERVER['HTTP_APIKEY']) ? $_SERVER['HTTP_APIKEY'] : false));
|
$token = isset($_REQUEST['apiKey']) ? $_REQUEST['apiKey'] : (isset($_REQUEST['apikey']) ? $_REQUEST['apikey'] : (isset($_SERVER['HTTP_APIKEY']) ? $_SERVER['HTTP_APIKEY'] : false));
|
||||||
if($token == false) {
|
if($token == false) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if(!empty($api_key_row = $database->exec("SELECT * FROM `%PREFIX%_api_keys` WHERE apikey = :apikey;", true, [":apikey" => $token]))) {
|
if(!empty($api_key_row = $db->select("SELECT * FROM `".DB_PREFIX."_api_keys` WHERE apikey = :apikey", ["apikey" => $token]))) {
|
||||||
$user_info["id"] = $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $api_key_row[0]["user"]])[0]["id"];
|
$user_info["id"] = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $api_key_row[0]["user"]])[0]["id"];
|
||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -20,7 +20,8 @@
|
||||||
"maximebf/debugbar": "^1.16",
|
"maximebf/debugbar": "^1.16",
|
||||||
"azuyalabs/yasumi": "^2.3",
|
"azuyalabs/yasumi": "^2.3",
|
||||||
"ministryofweb/php-osm-tiles": "^2.0",
|
"ministryofweb/php-osm-tiles": "^2.0",
|
||||||
"jenstornell/tiny-html-minifier": "dev-master"
|
"jenstornell/tiny-html-minifier": "dev-master",
|
||||||
|
"delight-im/db": "^1.3"
|
||||||
},
|
},
|
||||||
"license": "GPL-3.0-or-later",
|
"license": "GPL-3.0-or-later",
|
||||||
"authors": [
|
"authors": [
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||||
"This file is @generated automatically"
|
"This file is @generated automatically"
|
||||||
],
|
],
|
||||||
"content-hash": "ae7c144f55a8641ac68db46c3943d7ec",
|
"content-hash": "492606c03730f891878c2eddc0bffee0",
|
||||||
"packages": [
|
"packages": [
|
||||||
{
|
{
|
||||||
"name": "azuyalabs/yasumi",
|
"name": "azuyalabs/yasumi",
|
||||||
|
@ -1653,16 +1653,16 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "psr/log",
|
"name": "psr/log",
|
||||||
"version": "1.1.3",
|
"version": "1.1.4",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/php-fig/log.git",
|
"url": "https://github.com/php-fig/log.git",
|
||||||
"reference": "0f73288fd15629204f9d42b7055f72dacbe811fc"
|
"reference": "d49695b909c3b7628b6289db5479a1c204601f11"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/php-fig/log/zipball/0f73288fd15629204f9d42b7055f72dacbe811fc",
|
"url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11",
|
||||||
"reference": "0f73288fd15629204f9d42b7055f72dacbe811fc",
|
"reference": "d49695b909c3b7628b6289db5479a1c204601f11",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
|
@ -1686,7 +1686,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
{
|
{
|
||||||
"name": "PHP-FIG",
|
"name": "PHP-FIG",
|
||||||
"homepage": "http://www.php-fig.org/"
|
"homepage": "https://www.php-fig.org/"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"description": "Common interface for logging libraries",
|
"description": "Common interface for logging libraries",
|
||||||
|
@ -1697,9 +1697,9 @@
|
||||||
"psr-3"
|
"psr-3"
|
||||||
],
|
],
|
||||||
"support": {
|
"support": {
|
||||||
"source": "https://github.com/php-fig/log/tree/1.1.3"
|
"source": "https://github.com/php-fig/log/tree/1.1.4"
|
||||||
},
|
},
|
||||||
"time": "2020-03-23T09:12:05+00:00"
|
"time": "2021-05-03T11:20:27+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "ralouphie/getallheaders",
|
"name": "ralouphie/getallheaders",
|
||||||
|
|
309
server/core.php
309
server/core.php
|
@ -31,13 +31,13 @@ function bdump($message){
|
||||||
|
|
||||||
class tools
|
class tools
|
||||||
{
|
{
|
||||||
public $database;
|
public $db;
|
||||||
public $profiler_enabled;
|
public $profiler_enabled;
|
||||||
public $profiler_last_name = "";
|
public $profiler_last_name = "";
|
||||||
|
|
||||||
public function __construct($database, $profiler_enabled)
|
public function __construct($db, $profiler_enabled)
|
||||||
{
|
{
|
||||||
$this->database = $database;
|
$this->db = $db;
|
||||||
$this->profiler_enabled = $profiler_enabled;
|
$this->profiler_enabled = $profiler_enabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -65,7 +65,7 @@ class tools
|
||||||
}else{
|
}else{
|
||||||
$ip = $_SERVER['REMOTE_ADDR'];
|
$ip = $_SERVER['REMOTE_ADDR'];
|
||||||
}
|
}
|
||||||
if($this->database->get_option("check_cf_ip")) {
|
if(get_option("check_cf_ip")) {
|
||||||
if(!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) {
|
if(!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) {
|
||||||
$ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
|
$ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
|
||||||
}
|
}
|
||||||
|
@ -203,7 +203,7 @@ class tools
|
||||||
}
|
}
|
||||||
|
|
||||||
public function convertMapAddressToUrl($lat, $lng, $zoom){
|
public function convertMapAddressToUrl($lat, $lng, $zoom){
|
||||||
switch ($this->database->get_option("map_preview_generator")) {
|
switch (get_option("map_preview_generator")) {
|
||||||
case 'osm':
|
case 'osm':
|
||||||
$converter = new Converter();
|
$converter = new Converter();
|
||||||
$point = new LatLng($lat, $lng);
|
$point = new LatLng($lat, $lng);
|
||||||
|
@ -214,10 +214,10 @@ class tools
|
||||||
|
|
||||||
case 'custom':
|
case 'custom':
|
||||||
default:
|
default:
|
||||||
if($this->database->get_option("map_preview_generator_add_marker") && $this->database->get_option("map_preview_generator_url_marker") && $this->database->get_option("map_preview_generator_url_marker") !== ""){
|
if(get_option("map_preview_generator_add_marker") && get_option("map_preview_generator_url_marker") && get_option("map_preview_generator_url_marker") !== ""){
|
||||||
$url = $this->database->get_option("map_preview_generator_url_marker");
|
$url = get_option("map_preview_generator_url_marker");
|
||||||
} else {
|
} else {
|
||||||
$url = $this->database->get_option("map_preview_generator_url");
|
$url = get_option("map_preview_generator_url");
|
||||||
}
|
}
|
||||||
$url = str_replace("{{LAT}}", $lat, $url);
|
$url = str_replace("{{LAT}}", $lat, $url);
|
||||||
$url = str_replace("{{LNG}}", $lng, $url);
|
$url = str_replace("{{LNG}}", $lng, $url);
|
||||||
|
@ -241,12 +241,12 @@ class tools
|
||||||
$filePath = "resources/images/map_cache/".$filename.".png";
|
$filePath = "resources/images/map_cache/".$filename.".png";
|
||||||
file_put_contents($filePath, $data);
|
file_put_contents($filePath, $data);
|
||||||
if(extension_loaded('gd')){
|
if(extension_loaded('gd')){
|
||||||
$img = imagecreatefrompng($filePath);
|
$img = imagecreatefromstring(file_get_contents($filePath));
|
||||||
if($this->database->get_option("map_preview_generator_add_marker") && (!$this->database->get_option("map_preview_generator_url_marker") || $this->database->get_option("map_preview_generator_url_marker") == "")){
|
if(get_option("map_preview_generator_add_marker") && (!get_option("map_preview_generator_url_marker") || get_option("map_preview_generator_url_marker") == "")){
|
||||||
$marker = imagecreatefromgif("resources/images/marker.gif");
|
$marker = imagecreatefromgif("resources/images/marker.gif");
|
||||||
imagecopy($img, $marker, 120, 87, 0, 0, 25, 41);
|
imagecopy($img, $marker, 120, 87, 0, 0, 25, 41);
|
||||||
}
|
}
|
||||||
if($this->database->get_option("map_preview_generator") == "osm"){
|
if(get_option("map_preview_generator") == "osm"){
|
||||||
$textcolor = imagecolorallocate($img, 0, 0, 0);
|
$textcolor = imagecolorallocate($img, 0, 0, 0);
|
||||||
imagestring($img, 5, 0, 236, ' OpenStreetMap contributors', $textcolor);
|
imagestring($img, 5, 0, 236, ' OpenStreetMap contributors', $textcolor);
|
||||||
}
|
}
|
||||||
|
@ -259,7 +259,7 @@ class tools
|
||||||
}
|
}
|
||||||
|
|
||||||
public function checkPlaceParam($place){
|
public function checkPlaceParam($place){
|
||||||
if($this->database->get_option("generate_map_preview")){
|
if(get_option("generate_map_preview")){
|
||||||
if(preg_match('/[+-]?\d+([.]\d+)?[;][+-]?\d+([.]\d+)?/', $place)){
|
if(preg_match('/[+-]?\d+([.]\d+)?[;][+-]?\d+([.]\d+)?/', $place)){
|
||||||
$lat = explode(";", $place)[0];
|
$lat = explode(";", $place)[0];
|
||||||
$lng = explode(";", $place)[1];
|
$lng = explode(";", $place)[1];
|
||||||
|
@ -272,43 +272,15 @@ class tools
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class database
|
class options
|
||||||
{
|
{
|
||||||
protected $db_host = DB_HOST;
|
protected $db;
|
||||||
protected $db_dbname = DB_NAME;
|
|
||||||
protected $db_username = DB_USER;
|
|
||||||
protected $db_password = DB_PASSWORD;
|
|
||||||
public $connection = null;
|
|
||||||
public $query = null;
|
|
||||||
public $stmt = null;
|
|
||||||
public $load_from_file = true;
|
public $load_from_file = true;
|
||||||
public $options = [];
|
public $options = [];
|
||||||
public $options_cache_file = null;
|
public $options_cache_file = null;
|
||||||
|
|
||||||
public function connect()
|
public function __construct($db){
|
||||||
{
|
$this->db = $db;
|
||||||
try {
|
|
||||||
$this->connection = new DebugBar\DataCollector\PDO\TraceablePDO(new PDO("mysql:host=" . $this->db_host . ";dbname=" . $this->db_dbname, $this->db_username, $this->db_password));
|
|
||||||
$this->connection->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
|
|
||||||
$this->connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
||||||
}
|
|
||||||
catch(PDOException $e)
|
|
||||||
{
|
|
||||||
exit($e->getMessage());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public function isOptionsEmpty()
|
|
||||||
{
|
|
||||||
return empty($this->exec("SELECT * FROM `%PREFIX%_options`;", true));
|
|
||||||
}
|
|
||||||
|
|
||||||
public function __construct()
|
|
||||||
{
|
|
||||||
$this->connect();
|
|
||||||
if($this->isOptionsEmpty()) {
|
|
||||||
header('Location: install/install.php');
|
|
||||||
}
|
|
||||||
$file_infos = pathinfo(array_reverse(debug_backtrace())[0]['file']);
|
$file_infos = pathinfo(array_reverse(debug_backtrace())[0]['file']);
|
||||||
if(strpos($file_infos['dirname'], 'resources') !== false) {
|
if(strpos($file_infos['dirname'], 'resources') !== false) {
|
||||||
$this->options_cache_file = "../../options.txt";
|
$this->options_cache_file = "../../options.txt";
|
||||||
|
@ -319,68 +291,20 @@ class database
|
||||||
if(file_exists($this->options_cache_file)/* && time()-@filemtime($this->options_cache_file) < 604800*/) {
|
if(file_exists($this->options_cache_file)/* && time()-@filemtime($this->options_cache_file) < 604800*/) {
|
||||||
$this->options = json_decode(file_get_contents($this->options_cache_file), true);
|
$this->options = json_decode(file_get_contents($this->options_cache_file), true);
|
||||||
} else {
|
} else {
|
||||||
$this->options = $this->exec("SELECT * FROM `%PREFIX%_options` WHERE `enabled` = 1", true);
|
$this->options = $db->select("SELECT * FROM `".DB_PREFIX."_options` WHERE `enabled` = 1");
|
||||||
file_put_contents($this->options_cache_file, json_encode($this->options));
|
file_put_contents($this->options_cache_file, json_encode($this->options));
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$this->options = $this->exec("SELECT * FROM `%PREFIX%_options` WHERE `enabled` = 1", true);
|
$this->options = $db->select("SELECT * FROM `".DB_PREFIX."_options` WHERE `enabled` = 1");
|
||||||
}
|
}
|
||||||
|
if(empty($this->options)) header('Location: install/install.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function close()
|
public function get($name)
|
||||||
{
|
|
||||||
$this->connection = null;
|
|
||||||
}
|
|
||||||
|
|
||||||
public function exec($sql1, $fetch=false, $param=null, ...$others_params)
|
|
||||||
{
|
|
||||||
try{
|
|
||||||
//$this->connection->beginTransaction();
|
|
||||||
array_unshift($others_params, $sql1);
|
|
||||||
bdump($others_params);
|
|
||||||
$toReturn = [];
|
|
||||||
foreach($others_params as $sql){
|
|
||||||
$sql = str_replace("%PREFIX%", DB_PREFIX, $sql);
|
|
||||||
bdump($sql);
|
|
||||||
$this->stmt = $this->connection->prepare($sql);
|
|
||||||
if(!is_null($param)) {
|
|
||||||
$this->query = $this->stmt->execute($param);
|
|
||||||
} else {
|
|
||||||
$this->query = $this->stmt->execute();
|
|
||||||
}
|
|
||||||
bdump($this->query);
|
|
||||||
|
|
||||||
if($fetch == true) {
|
|
||||||
if(count($others_params) > 1) {
|
|
||||||
$toReturn[] = $this->stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
||||||
} else {
|
|
||||||
$toReturn = $this->stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
//$this->connection->commit();
|
|
||||||
//$this->stmt->closeCursor();
|
|
||||||
return $toReturn;
|
|
||||||
} catch (PDOException $e) {
|
|
||||||
print "Error!: " . $e->getMessage() . "<br/>";
|
|
||||||
//$this->connection->rollBack();
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public function exists($table, $id)
|
|
||||||
{
|
|
||||||
$result = $this->exec("SELECT :table FROM `%PREFIX%_services` WHERE id = :id;", true, [":table" => $table, ":id" => $id]);
|
|
||||||
return !empty($result);
|
|
||||||
}
|
|
||||||
|
|
||||||
public function get_option($name)
|
|
||||||
{
|
{
|
||||||
if(defined($name)) {
|
if(defined($name)) {
|
||||||
return constant($name);
|
return constant($name);
|
||||||
} else {
|
} else {
|
||||||
//$option = $this->exec("SELECT `value` FROM `%PREFIX%_options` WHERE `name` = :name AND `enabled` = 1;", true, [":name" => $name]);
|
|
||||||
//return empty($option) ? "" : $option[0]["value"];
|
|
||||||
foreach($this->options as $option){
|
foreach($this->options as $option){
|
||||||
if($name == $option["name"]) {
|
if($name == $option["name"]) {
|
||||||
return empty($option["value"]) ? false : $option["value"];
|
return empty($option["value"]) ? false : $option["value"];
|
||||||
|
@ -413,23 +337,25 @@ final class Role
|
||||||
|
|
||||||
class user
|
class user
|
||||||
{
|
{
|
||||||
private $database = null;
|
private $db = null;
|
||||||
private $tools = null;
|
private $tools = null;
|
||||||
private $profile_names = null;
|
private $profile_names = null;
|
||||||
public $auth = null;
|
public $auth = null;
|
||||||
public $authenticated = false;
|
public $authenticated = false;
|
||||||
public $holidays = null;
|
public $holidays = null;
|
||||||
|
|
||||||
public function __construct($database, $tools)
|
public function __construct($db, $tools)
|
||||||
{
|
{
|
||||||
$this->database = $database;
|
$this->db = $db;
|
||||||
$this->tools = $tools;
|
$this->tools = $tools;
|
||||||
$this->auth = new \Delight\Auth\Auth($database->connection, $tools->get_ip(), DB_PREFIX."_", false);
|
$this->auth = new \Delight\Auth\Auth($this->db, $tools->get_ip(), DB_PREFIX."_", false);
|
||||||
\header_remove('X-Frame-Options');
|
\header_remove('X-Frame-Options');
|
||||||
if(isset($_REQUEST["apiKey"]) && !is_null($_REQUEST["apiKey"])){
|
if(isset($_REQUEST["apiKey"]) && !is_null($_REQUEST["apiKey"])){
|
||||||
$api_key_row = $this->database->exec("SELECT * FROM `%PREFIX%_api_keys` WHERE apikey = :apikey;", true, [":apikey" => $_REQUEST["apiKey"]]);
|
//var_dump("SELECT * FROM \`".DB_PREFIX."_api_keys\` WHERE apikey = :apikey");
|
||||||
|
//exit();
|
||||||
|
$api_key_row = $this->db->select("SELECT * FROM `".DB_PREFIX."_api_keys` WHERE apikey = :apikey", [":apikey" => $_REQUEST["apiKey"]]);
|
||||||
if(!empty($api_key_row)){
|
if(!empty($api_key_row)){
|
||||||
$user = $this->database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $api_key_row[0]["user"]]);
|
$user = $this->db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", [":id" => $api_key_row[0]["user"]]);
|
||||||
$user_id = $user[0]["id"];
|
$user_id = $user[0]["id"];
|
||||||
$this->auth->admin()->logInAsUserById($user_id);
|
$this->auth->admin()->logInAsUserById($user_id);
|
||||||
if(!empty($user)) {
|
if(!empty($user)) {
|
||||||
|
@ -446,9 +372,9 @@ class user
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$this->authenticated = $this->auth->isLoggedIn();
|
$this->authenticated = $this->auth->isLoggedIn();
|
||||||
$this->profile_names = $this->database->exec("SELECT `id`, `name` FROM `%PREFIX%_profiles`;", true);
|
$this->profile_names = $this->db->select("SELECT `id`, `name` FROM `".DB_PREFIX."_profiles`");
|
||||||
$this->user_names = $this->database->exec("SELECT `id`, `username` FROM `%PREFIX%_users`;", true);
|
$this->user_names = $this->db->select("SELECT `id`, `username` FROM `".DB_PREFIX."_users`");
|
||||||
$this->holidays = Yasumi\Yasumi::create($this->database->get_option("holidays_provider") ?: "USA", date("Y"), $this->database->get_option("holidays_language") ?: "en_US");
|
$this->holidays = Yasumi\Yasumi::create(get_option("holidays_provider") ?: "USA", date("Y"), get_option("holidays_language") ?: "en_US");
|
||||||
}
|
}
|
||||||
|
|
||||||
public function authenticated()
|
public function authenticated()
|
||||||
|
@ -460,17 +386,19 @@ class user
|
||||||
{
|
{
|
||||||
$this->tools->profiler_start("Require login");
|
$this->tools->profiler_start("Require login");
|
||||||
if(!$this->authenticated()) {
|
if(!$this->authenticated()) {
|
||||||
if($this->database->get_option("intrusion_save")) {
|
if(get_option("intrusion_save")) {
|
||||||
if($this->database->get_option("intrusion_save_info")) {
|
if(get_option("intrusion_save_info")) {
|
||||||
$params = [":page" => $this->tools->get_page_url(), ":ip" => $this->tools->get_ip(), ":date" => date("d/m/Y"), ":hour" => date("H:i.s"), ":server_var" => json_encode($_SERVER)];
|
$params = ["page" => $this->tools->get_page_url(), "ip" => $this->tools->get_ip(), "date" => date("d/m/Y"), "hour" => date("H:i.s"), "server_var" => json_encode($_SERVER)];
|
||||||
} else {
|
} else {
|
||||||
$params = [":page" => $this->tools->get_page_url(), ":ip" => "redacted", ":date" => date("d/m/Y"), ":hour" => date("H:i.s"), ":server_var" => json_encode(["redacted" => "true"])];
|
$params = ["page" => $this->tools->get_page_url(), "ip" => "redacted", "date" => date("d/m/Y"), "hour" => date("H:i.s"), "server_var" => json_encode(["redacted" => "true"])];
|
||||||
}
|
}
|
||||||
$sql = "INSERT INTO `%PREFIX%_intrusions` (`id`, `page`, `date`, `hour`, `ip`, `server_var`) VALUES (NULL, :page, :date, :hour, :ip, :server_var)";
|
$this->db->insert(
|
||||||
$this->database->exec($sql, false, $params);
|
"intrusions",
|
||||||
|
$params
|
||||||
|
);
|
||||||
}
|
}
|
||||||
if($redirect) {
|
if($redirect) {
|
||||||
$this->tools->redirect($this->database->get_option("web_url"));
|
$this->tools->redirect(get_option("web_url"));
|
||||||
} else {
|
} else {
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
@ -526,16 +454,16 @@ class user
|
||||||
if(is_null($user)){
|
if(is_null($user)){
|
||||||
$user = $this->auth->getUserId();
|
$user = $this->auth->getUserId();
|
||||||
}
|
}
|
||||||
$result = $this->database->exec("SELECT `hidden` FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $user]);
|
$result = $this->db->select("SELECT `hidden` FROM `".DB_PREFIX."_profiles` WHERE id = :id", [":id" => $user]);
|
||||||
if(isset($result[0]) && isset($result[0]["hidden"])){
|
if(isset($result[0]) && isset($result[0]["hidden"])){
|
||||||
return boolval($result[0]["hidden"]);
|
return boolval($result[0]["hidden"]);
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function available($name)
|
public function available($id)
|
||||||
{
|
{
|
||||||
$user = $this->database->exec("SELECT available FROM `%PREFIX%_users` WHERE name = :name;", true, [":name" => $name]);
|
$user = $this->db->select("SELECT available FROM `".DB_PREFIX."_users` WHERE id = :id", [":id" => $id]);
|
||||||
if(empty($user)) {
|
if(empty($user)) {
|
||||||
return false;
|
return false;
|
||||||
} else {
|
} else {
|
||||||
|
@ -585,7 +513,7 @@ class user
|
||||||
}
|
}
|
||||||
if($this->auth->isLoggedIn()) {
|
if($this->auth->isLoggedIn()) {
|
||||||
$this->log("Login", $this->auth->getUserId());
|
$this->log("Login", $this->auth->getUserId());
|
||||||
$user = $this->database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $this->auth->getUserId()]);
|
$user = $this->db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", [":id" => $this->auth->getUserId()]);
|
||||||
if(!empty($user)) {
|
if(!empty($user)) {
|
||||||
if(is_null($user[0]["name"])) {
|
if(is_null($user[0]["name"])) {
|
||||||
$_SESSION['_user_name'] = $this->auth->getUsername();
|
$_SESSION['_user_name'] = $this->auth->getUsername();
|
||||||
|
@ -623,16 +551,17 @@ class user
|
||||||
$editor = $changed;
|
$editor = $changed;
|
||||||
}
|
}
|
||||||
if(!$this->hidden($editor)){
|
if(!$this->hidden($editor)){
|
||||||
if($this->database->get_option("log_save_ip")){
|
if(get_option("log_save_ip")){
|
||||||
$ip = $this->tools->get_ip();
|
$ip = $this->tools->get_ip();
|
||||||
} else {
|
} else {
|
||||||
$ip = null;
|
$ip = null;
|
||||||
}
|
}
|
||||||
$source_type = defined("REQUEST_USING_API") ? "api" : "web";
|
$source_type = defined("REQUEST_USING_API") ? "api" : "web";
|
||||||
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? mb_strimwidth($_SERVER['HTTP_USER_AGENT'], 0, 200, "...") : null;
|
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? mb_strimwidth($_SERVER['HTTP_USER_AGENT'], 0, 200, "...") : null;
|
||||||
$params = [":action" => $action, ":changed" => $changed, ":editor" => $editor, ":timestamp" => $timestamp, ":ip" => $ip, "source_type" => $source_type, "user_agent" => $user_agent];
|
$this->db->insert(
|
||||||
$sql = "INSERT INTO `%PREFIX%_log` (`id`, `action`, `changed`, `editor`, `timestamp`, `ip`, `source_type`, `user_agent`) VALUES (NULL, :action, :changed, :editor, :timestamp, :ip, :source_type, :user_agent)";
|
DB_PREFIX."_log",
|
||||||
$this->database->exec($sql, false, $params);
|
["action" => $action, "changed" => $changed, "editor" => $editor, "timestamp" => $timestamp, "ip" => $ip, "source_type" => $source_type, "user_agent" => $user_agent]
|
||||||
|
);
|
||||||
}
|
}
|
||||||
$this->tools->profiler_stop();
|
$this->tools->profiler_stop();
|
||||||
}
|
}
|
||||||
|
@ -661,8 +590,10 @@ class user
|
||||||
$disabled = $disabled ? 1 : 0;
|
$disabled = $disabled ? 1 : 0;
|
||||||
$chief = $chief ? 1 : 0;
|
$chief = $chief ? 1 : 0;
|
||||||
$driver = $driver ? 1 : 0;
|
$driver = $driver ? 1 : 0;
|
||||||
$sql = "INSERT INTO `%PREFIX%_profiles` (`hidden`, `disabled`, `name`, `phone_number`, `chief`, `driver`) VALUES (:hidden, :disabled, :name, :phone_number, :chief, :driver)";
|
$this->db->insert(
|
||||||
$this->database->exec($sql, false, [":hidden" => $hidden, ":disabled" => $disabled, ":name" => $name, ":phone_number" => $phone_number, ":chief" => $chief, ":driver" => $driver]);
|
DB_PREFIX."_profiles",
|
||||||
|
["hidden" => $hidden, "disabled" => $disabled, "name" => $name, "phone_number" => $phone_number, "chief" => $chief, "driver" => $driver]
|
||||||
|
);
|
||||||
if($chief == 1) {
|
if($chief == 1) {
|
||||||
$this->auth->admin()->addRoleForUserById($userId, Role::FULL_VIEWER);
|
$this->auth->admin()->addRoleForUserById($userId, Role::FULL_VIEWER);
|
||||||
}
|
}
|
||||||
|
@ -678,7 +609,14 @@ class user
|
||||||
public function remove_user($id, $removed_by)
|
public function remove_user($id, $removed_by)
|
||||||
{
|
{
|
||||||
$this->tools->profiler_start("Remove user");
|
$this->tools->profiler_start("Remove user");
|
||||||
$this->database->exec("DELETE FROM `%PREFIX%_users` WHERE `id` = :id", true, [":id" => $id], "DELETE FROM `%PREFIX%_profiles` WHERE `id` = :id");
|
$this->db->delete(
|
||||||
|
DB_PREFIX."_users",
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
|
$this->db->delete(
|
||||||
|
DB_PREFIX."_profiles",
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
$this->log("User removed", null, $removed_by);
|
$this->log("User removed", null, $removed_by);
|
||||||
$this->tools->profiler_stop();
|
$this->tools->profiler_stop();
|
||||||
}
|
}
|
||||||
|
@ -687,8 +625,11 @@ class user
|
||||||
$this->tools->profiler_start("Update online timestamp");
|
$this->tools->profiler_start("Update online timestamp");
|
||||||
if(is_null($id)) $id = $this->auth->getUserId();
|
if(is_null($id)) $id = $this->auth->getUserId();
|
||||||
$time = time();
|
$time = time();
|
||||||
$sql = "UPDATE `%PREFIX%_profiles` SET online_time = '$time' WHERE id = '" . $id ."'";
|
$this->db->update(
|
||||||
$this->database->exec($sql, true);
|
DB_PREFIX."_profiles",
|
||||||
|
["online_time" => $time],
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
bdump(["id" => $id, "time" => $time]);
|
bdump(["id" => $id, "time" => $time]);
|
||||||
$this->tools->profiler_stop();
|
$this->tools->profiler_stop();
|
||||||
}
|
}
|
||||||
|
@ -697,58 +638,68 @@ class user
|
||||||
class crud
|
class crud
|
||||||
{
|
{
|
||||||
public $tools = null;
|
public $tools = null;
|
||||||
public $database = null;
|
public $db = null;
|
||||||
public $user = null;
|
public $user = null;
|
||||||
|
|
||||||
public function __construct($tools, $database, $user)
|
public function __construct($tools, $db, $user)
|
||||||
{
|
{
|
||||||
$this->tools = $tools;
|
$this->tools = $tools;
|
||||||
$this->database = $database;
|
$this->db = $db;
|
||||||
$this->user = $user;
|
$this->user = $user;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function increment($increment)
|
public function increment_services($increment)
|
||||||
{
|
{
|
||||||
bdump($increment);
|
bdump($increment);
|
||||||
$sql = "UPDATE `%PREFIX%_profiles` SET `services`= services + 1 WHERE id IN ($increment);";
|
$this->db->exec(
|
||||||
$this->database->exec($sql, false);
|
"UPDATE `".DB_PREFIX."_profiles` SET `services`= services + 1 WHERE id IN ($increment)"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getIncrement($id)
|
public function getIncrement_services($id)
|
||||||
{
|
{
|
||||||
bdump($id);
|
bdump($id);
|
||||||
$sql = "SELECT `increment` FROM `%PREFIX%_services` WHERE `id` = :id";
|
$increment = $this->db->selectValue(
|
||||||
$increment = $this->database->exec($sql, true, [":id" => $id])[0]['increment'];
|
"SELECT `increment` FROM `".DB_PREFIX."_services` WHERE `id` = :id LIMIT 0, 1",
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
bdump($increment);
|
bdump($increment);
|
||||||
return $increment;
|
return $increment;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function decrease($id)
|
public function decrease_services($id)
|
||||||
{
|
{
|
||||||
$sql = "UPDATE `%PREFIX%_profiles` SET `services`= services - 1 WHERE id IN ({$this->getIncrement($id)});";
|
$increment = $this->getIncrement_services($id);
|
||||||
$this->database->exec($sql, false);
|
$this->db->exec(
|
||||||
|
"UPDATE `".DB_PREFIX."_profiles` SET `services`= services - 1 WHERE id IN ($increment)"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function increment_trainings($increment)
|
public function increment_trainings($increment)
|
||||||
{
|
{
|
||||||
bdump($increment);
|
bdump($increment);
|
||||||
$sql = "UPDATE `%PREFIX%_profiles` SET `trainings`= trainings + 1 WHERE id IN ($increment);";
|
$this->db->exec(
|
||||||
$this->database->exec($sql, false);
|
"UPDATE `".DB_PREFIX."_profiles` SET `trainings`= trainings + 1 WHERE id IN ($increment)"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getIncrement_trainings($id)
|
public function getIncrement_trainings($id)
|
||||||
{
|
{
|
||||||
bdump($id);
|
bdump($id);
|
||||||
$sql = "SELECT `increment` FROM `%PREFIX%_trainings` WHERE `id` = :id";
|
$increment = $this->db->selectValue(
|
||||||
$increment = $this->database->exec($sql, true, [":id" => $id])[0]['increment'];
|
"SELECT `increment` FROM `".DB_PREFIX."_trainings` WHERE `id` = :id LIMIT 0, 1",
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
bdump($increment);
|
bdump($increment);
|
||||||
return $increment;
|
return $increment;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function decrease_trainings($id)
|
public function decrease_trainings($id)
|
||||||
{
|
{
|
||||||
$sql = "UPDATE `%PREFIX%_profiles` SET `trainings`= trainings - 1 WHERE id IN ({$this->getIncrement_trainings($id)});";
|
$increment = $this->getIncrement_trainings($id);
|
||||||
$this->database->exec($sql, false);
|
$this->db->exec(
|
||||||
|
"UPDATE `".DB_PREFIX."_profiles` SET `trainings`= trainings - 1 WHERE id IN ($increment)"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function add_service($date, $code, $beginning, $end, $chief, $drivers, $crew, $place, $notes, $type, $increment, $inserted_by)
|
public function add_service($date, $code, $beginning, $end, $chief, $drivers, $crew, $place, $notes, $type, $increment, $inserted_by)
|
||||||
|
@ -760,16 +711,21 @@ class crud
|
||||||
$increment = implode(",", $increment);
|
$increment = implode(",", $increment);
|
||||||
bdump($increment);
|
bdump($increment);
|
||||||
$date = date('Y-m-d H:i:s', strtotime($date));
|
$date = date('Y-m-d H:i:s', strtotime($date));
|
||||||
$sql = "INSERT INTO `%PREFIX%_services` (`id`, `date`, `code`, `beginning`, `end`, `chief`, `drivers`, `crew`, `place`, `notes`, `type`, `increment`, `inserted_by`) VALUES (NULL, :date, :code, :beginning, :end, :chief, :drivers, :crew, :place, :notes, :type, :increment, :inserted_by);";
|
$this->db->insert(
|
||||||
$this->database->exec($sql, false, [":date" => $date, ":code" => $code, "beginning" => $beginning, ":end" => $end, ":chief" => $chief, ":drivers" => $drivers, ":crew" => $crew, ":place" => $place, ":notes" => $notes, ":type" => $type, ":increment" => $increment, ":inserted_by" => $inserted_by]);
|
DB_PREFIX."_services",
|
||||||
$this->increment($increment);
|
["date" => $date, "code" => $code, "beginning" => $beginning, "end" => $end, "chief" => $chief, "drivers" => $drivers, "crew" => $crew, "place" => $place, "notes" => $notes, "type" => $type, "increment" => $increment, "inserted_by" => $inserted_by]
|
||||||
|
);
|
||||||
|
$this->increment_services($increment);
|
||||||
$this->user->log("Service added");
|
$this->user->log("Service added");
|
||||||
}
|
}
|
||||||
|
|
||||||
public function remove_service($id)
|
public function remove_service($id)
|
||||||
{
|
{
|
||||||
$this->decrease($id);
|
$this->decrease_services($id);
|
||||||
$this->database->exec("DELETE FROM `%PREFIX%_services` WHERE `id` = :id", true, [":id" => $id]);
|
$this->db->delete(
|
||||||
|
DB_PREFIX."_services",
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
$this->user->log("Service removed");
|
$this->user->log("Service removed");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -788,8 +744,10 @@ class crud
|
||||||
$increment = implode(",", $increment);
|
$increment = implode(",", $increment);
|
||||||
bdump($increment);
|
bdump($increment);
|
||||||
$date = date('Y-m-d H:i:s', strtotime($date));
|
$date = date('Y-m-d H:i:s', strtotime($date));
|
||||||
$sql = "INSERT INTO `%PREFIX%_trainings` (`id`, `date`, `name`, `beginning`, `end`, `chief`, `crew`, `place`, `notes`, `increment`, `inserted_by`) VALUES (NULL, :date, :name, :start_time, :end_time, :chief, :crew, :place, :notes, :increment, :inserted_by);";
|
$this->db->insert(
|
||||||
$this->database->exec($sql, false, [":date" => $date, ":name" => $name, "start_time" => $start_time, ":end_time" => $end_time, ":chief" => $chief, ":crew" => $crew, ":place" => $place, ":notes" => $notes, ":increment" => $increment, ":inserted_by" => $inserted_by]);
|
DB_PREFIX."_trainings",
|
||||||
|
["date" => $date, "name" => $name, "beginning" => $start_time, "end" => $end_time, "chief" => $chief, "crew" => $crew, "place" => $place, "notes" => $notes, "increment" => $increment, "inserted_by" => $inserted_by]
|
||||||
|
);
|
||||||
$this->increment_trainings($increment);
|
$this->increment_trainings($increment);
|
||||||
$this->user->log("Training added");
|
$this->user->log("Training added");
|
||||||
}
|
}
|
||||||
|
@ -798,7 +756,10 @@ class crud
|
||||||
{
|
{
|
||||||
$this->decrease_trainings($id);
|
$this->decrease_trainings($id);
|
||||||
bdump($id);
|
bdump($id);
|
||||||
$this->database->exec("DELETE FROM `%PREFIX%_trainings` WHERE `id` = :id", true, [":id" => $id]);
|
$this->db->delete(
|
||||||
|
DB_PREFIX."_trainings",
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
$this->user->log("Training removed");
|
$this->user->log("Training removed");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -809,6 +770,12 @@ class crud
|
||||||
$this->add_training($date, $name, $start_time, $end_time, $chief, $crew, $place, $notes, $increment, $inserted_by);
|
$this->add_training($date, $name, $start_time, $end_time, $chief, $crew, $place, $notes, $increment, $inserted_by);
|
||||||
$this->user->log("Training edited");
|
$this->user->log("Training edited");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function exists($table, $id)
|
||||||
|
{
|
||||||
|
$result = $this->db->select("SELECT id FROM `".DB_PREFIX."_{$table}` WHERE id = :id", [":id" => $id]);
|
||||||
|
return !empty($result);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class translations
|
class translations
|
||||||
|
@ -897,17 +864,31 @@ class translations
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function init_db(){
|
||||||
|
global $db;
|
||||||
|
|
||||||
|
$dataSource = new \Delight\Db\PdoDataSource('mysql');
|
||||||
|
$dataSource->setHostname(DB_HOST);
|
||||||
|
$dataSource->setPort(3306);
|
||||||
|
$dataSource->setDatabaseName(DB_NAME);
|
||||||
|
$dataSource->setCharset('utf8mb4');
|
||||||
|
$dataSource->setUsername(DB_USER);
|
||||||
|
$dataSource->setPassword(DB_PASSWORD);
|
||||||
|
$db = \Delight\Db\PdoDatabase::fromDataSource($dataSource);
|
||||||
|
}
|
||||||
|
|
||||||
$webpack_manifest_path = realpath("resources/dist/manifest.json");
|
$webpack_manifest_path = realpath("resources/dist/manifest.json");
|
||||||
function init_class($enableDebugger=true, $headers=true)
|
function init_class($enableDebugger=true, $headers=true)
|
||||||
{
|
{
|
||||||
global $tools, $database, $user, $crud, $translations, $debugbar;
|
global $tools, $options, $db, $user, $crud, $translations, $debugbar;
|
||||||
if(!isset($tools) && !isset($database) && !isset($translations)) {
|
init_db();
|
||||||
$database = new database();
|
$options = new options($db);
|
||||||
$tools = new tools($database, $enableDebugger);
|
$tools = new tools($db, $enableDebugger);
|
||||||
$user = new user($database, $tools);
|
$user = new user($db, $tools);
|
||||||
$crud = new crud($tools, $database, $user);
|
$crud = new crud($tools, $db, $user);
|
||||||
$translations = new translations($database->get_option("force_language"));
|
$translations = new translations(get_option("force_language"));
|
||||||
}
|
|
||||||
if($headers) {
|
if($headers) {
|
||||||
//TODO adding require-trusted-types-for 'script';
|
//TODO adding require-trusted-types-for 'script';
|
||||||
$csp = "default-src 'self' data: *.tile.openstreetmap.org nominatim.openstreetmap.org; connect-src 'self' *.sentry.io nominatim.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.tile.openstreetmap.org; object-src; style-src 'self' 'unsafe-inline';";
|
$csp = "default-src 'self' data: *.tile.openstreetmap.org nominatim.openstreetmap.org; connect-src 'self' *.sentry.io nominatim.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.tile.openstreetmap.org; object-src; style-src 'self' 'unsafe-inline';";
|
||||||
|
@ -948,8 +929,9 @@ function init_class($enableDebugger=true, $headers=true)
|
||||||
bdump(__DIR__);
|
bdump(__DIR__);
|
||||||
$dir = str_replace("resources\ajax\\", "", __DIR__).DIRECTORY_SEPARATOR.'debug_storage';
|
$dir = str_replace("resources\ajax\\", "", __DIR__).DIRECTORY_SEPARATOR.'debug_storage';
|
||||||
$debugbar->setStorage(new DebugBar\Storage\FileStorage($dir));
|
$debugbar->setStorage(new DebugBar\Storage\FileStorage($dir));
|
||||||
$debugbar->addCollector(new DebugBar\DataCollector\PDO\PDOCollector($database->connection));
|
//TODO: debug PDO
|
||||||
$debugbar->addCollector(new DebugBar\DataCollector\ConfigCollector($database->options));
|
//$debugbar->addCollector(new DebugBar\DataCollector\PDO\PDOCollector($database->connection));
|
||||||
|
$debugbar->addCollector(new DebugBar\DataCollector\ConfigCollector($options->options));
|
||||||
} else {
|
} else {
|
||||||
$debugbar = null;
|
$debugbar = null;
|
||||||
}
|
}
|
||||||
|
@ -999,6 +981,11 @@ function s($string, $echo=true, $htmlAllowed=false, $htmlPurifierOptions=[])
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function get_option($option){
|
||||||
|
global $options;
|
||||||
|
return $options->get($option);
|
||||||
|
}
|
||||||
|
|
||||||
function p_start($name=null)
|
function p_start($name=null)
|
||||||
{
|
{
|
||||||
global $tools;
|
global $tools;
|
||||||
|
|
|
@ -5,7 +5,7 @@ init_class(false);
|
||||||
header('Content-Type: application/json');
|
header('Content-Type: application/json');
|
||||||
error_reporting(-1);
|
error_reporting(-1);
|
||||||
|
|
||||||
list($cronJobDay, $cronJobTime) = explode(";", $database->get_option("cron_job_time"));
|
list($cronJobDay, $cronJobTime) = explode(";", get_option("cron_job_time"));
|
||||||
|
|
||||||
$execDateTime = [
|
$execDateTime = [
|
||||||
"day" => date("d"),
|
"day" => date("d"),
|
||||||
|
@ -23,7 +23,7 @@ $cronJobDateTime = [
|
||||||
"minutes" => explode(":", $cronJobTime)[1]
|
"minutes" => explode(":", $cronJobTime)[1]
|
||||||
];
|
];
|
||||||
|
|
||||||
$start = $database->get_option("cron_job_enabled") && ((isset($_POST['cron']) && $_POST['cron'] == "cron_job-".$database->get_option("cron_job_code")) || (isset($_SERVER['HTTP_CRON']) && $_SERVER['HTTP_CRON'] == "cron_job-".$database->get_option("cron_job_code")));
|
$start = get_option("cron_job_enabled") && ((isset($_POST['cron']) && $_POST['cron'] == "cron_job-".get_option("cron_job_code")) || (isset($_SERVER['HTTP_CRON']) && $_SERVER['HTTP_CRON'] == "cron_job-".get_option("cron_job_code")));
|
||||||
$start_reset = ( $execDateTime["day"] == $cronJobDateTime["day"] &&
|
$start_reset = ( $execDateTime["day"] == $cronJobDateTime["day"] &&
|
||||||
$execDateTime["day"] == $cronJobDateTime["day"] &&
|
$execDateTime["day"] == $cronJobDateTime["day"] &&
|
||||||
$execDateTime["month"] == $cronJobDateTime["month"] &&
|
$execDateTime["month"] == $cronJobDateTime["month"] &&
|
||||||
|
@ -35,21 +35,25 @@ $action = "Availability Minutes ";
|
||||||
if($start) {
|
if($start) {
|
||||||
if($start_reset) {
|
if($start_reset) {
|
||||||
$action .= "reset and ";
|
$action .= "reset and ";
|
||||||
$sql = "SELECT * FROM `%PREFIX%_profiles` WHERE `available` = 1 ";
|
$profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE `available` = 1 ");
|
||||||
$profiles = $database->exec($sql, true);
|
|
||||||
if(count($profiles) > 0) {
|
if(count($profiles) > 0) {
|
||||||
$list = [];
|
$list = [];
|
||||||
foreach($profiles as $profile){
|
foreach($profiles as $profile){
|
||||||
$list[] = [$profile["id"] => $profile["availability_minutes"]];
|
$list[] = [$profile["id"] => $profile["availability_minutes"]];
|
||||||
}
|
}
|
||||||
$database->exec("INSERT INTO `%PREFIX%_minutes` (`id`, `month`, `year`, `list`) VALUES (NULL, :month, :year, :list)", false, [":month" => $execDateTime["month"],":year" => $execDateTime["year"],":list"=>json_encode($list)]);
|
$db->insert(
|
||||||
$database->exec("UPDATE %PREFIX%_profiles SET availability_minutes = 0");
|
DB_PREFIX."_minutes",
|
||||||
|
["month" => $execDateTime["month"], "year" => $execDateTime["year"], "list"=>json_encode($list)]
|
||||||
|
);
|
||||||
|
$db->update(
|
||||||
|
DB_PREFIX."_profiles",
|
||||||
|
["availability_minutes" => 0]
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$action .= "update";
|
$action .= "update";
|
||||||
|
|
||||||
$sql = "SELECT * FROM `%PREFIX%_profiles` WHERE `available` = 1 ";
|
$profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE `available` = 1");
|
||||||
$profiles = $database->exec($sql, true);
|
|
||||||
if(count($profiles) > 0) {
|
if(count($profiles) > 0) {
|
||||||
$output = [];
|
$output = [];
|
||||||
$output[] = $profiles;
|
$output[] = $profiles;
|
||||||
|
@ -59,9 +63,13 @@ if($start) {
|
||||||
$value = (int)$row["availability_minutes"]+5;
|
$value = (int)$row["availability_minutes"]+5;
|
||||||
$id = $row["id"];
|
$id = $row["id"];
|
||||||
$increment[$id] = $value;
|
$increment[$id] = $value;
|
||||||
$database->exec("UPDATE %PREFIX%_profiles SET availability_minutes = :value WHERE id = :id", true, [":value" => $value, ":id" => $id]);
|
$count = $db->update(
|
||||||
|
DB_PREFIX."_profiles",
|
||||||
|
["availability_minutes" => $value],
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
$tmp = $id . " - " . $value . " ";
|
$tmp = $id . " - " . $value . " ";
|
||||||
$tmp .= $database->stmt->rowCount() == 1 ? "success" : "fail";
|
$tmp .= $count == 1 ? "success" : "fail";
|
||||||
$queries[] = $tmp;
|
$queries[] = $tmp;
|
||||||
}
|
}
|
||||||
$output[] = $queries;
|
$output[] = $queries;
|
||||||
|
@ -70,7 +78,7 @@ if($start) {
|
||||||
$output_status = "ok";
|
$output_status = "ok";
|
||||||
}
|
}
|
||||||
|
|
||||||
$result = $database->exec("SELECT * FROM `%PREFIX%_schedules`;", true);
|
$result = $db->select("SELECT * FROM `".DB_PREFIX."_schedules`;");
|
||||||
$schedules_check = [];
|
$schedules_check = [];
|
||||||
$schedules_users = [];
|
$schedules_users = [];
|
||||||
$schedules_check["schedules"] = [];
|
$schedules_check["schedules"] = [];
|
||||||
|
@ -115,8 +123,16 @@ if($start) {
|
||||||
if(!in_array($user_id,$schedules_users)) $schedules_users[] = $user_id;
|
if(!in_array($user_id,$schedules_users)) $schedules_users[] = $user_id;
|
||||||
if($schedule["hour"] == $last_exec["hour"] ? $schedule["minutes"] !== $last_exec["minutes"] : true && !in_array(date('Y-m-d'), $selected_holidays_dates)){
|
if($schedule["hour"] == $last_exec["hour"] ? $schedule["minutes"] !== $last_exec["minutes"] : true && !in_array(date('Y-m-d'), $selected_holidays_dates)){
|
||||||
$last_exec_new = $schedule["day"].";".sprintf("%02d", $schedule["hour"]).":".sprintf("%02d", $schedule["minutes"]);
|
$last_exec_new = $schedule["day"].";".sprintf("%02d", $schedule["hour"]).":".sprintf("%02d", $schedule["minutes"]);
|
||||||
$database->exec("UPDATE `%PREFIX%_schedules` SET `last_exec` = :last_exec WHERE `id` = :id;", false, [":id" => $id, ":last_exec" => $last_exec_new]);
|
$db->update(
|
||||||
$database->exec("UPDATE `%PREFIX%_profiles` SET available = '1', availability_last_change = 'cron' WHERE `id` = :user_id;", false, [":user_id" => $user_id]);
|
DB_PREFIX."_schedules",
|
||||||
|
["last_exec" => $last_exec_new],
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
|
$db->update(
|
||||||
|
DB_PREFIX."_profiles",
|
||||||
|
["available" => '1', "availability_last_change" => "cron"],
|
||||||
|
["id" => $user_id]
|
||||||
|
);
|
||||||
$schedules_check["schedules"][] = [
|
$schedules_check["schedules"][] = [
|
||||||
"schedule" => $schedule,
|
"schedule" => $schedule,
|
||||||
"now" => $now,
|
"now" => $now,
|
||||||
|
@ -129,10 +145,14 @@ if($start) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$schedules_check["users"] = $schedules_users;
|
$schedules_check["users"] = $schedules_users;
|
||||||
$profiles = $database->exec("SELECT id FROM `%PREFIX%_profiles`", true);
|
$profiles = $db->select("SELECT id FROM `".DB_PREFIX."_profiles`");
|
||||||
foreach ($profiles as $profile) {
|
foreach ($profiles as $profile) {
|
||||||
if(!in_array($profile["id"],$schedules_users)){
|
if(!in_array($profile["id"],$schedules_users)){
|
||||||
$database->exec("UPDATE `%PREFIX%_profiles` SET available = '0' WHERE availability_last_change = 'cron' AND id = :id;", false, [":id" => $profile["id"]]);
|
$db->update(
|
||||||
|
DB_PREFIX."_profiles",
|
||||||
|
["available" => 0],
|
||||||
|
["availability_last_change" => "cron", "id" => $profile["id"]]
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -49,8 +49,8 @@ if($tools->validate_form("mod", "add")) {
|
||||||
if(isset($_GET["add"])||isset($_GET["edit"])||isset($_GET["delete"])||isset($_GET["mod"])) {
|
if(isset($_GET["add"])||isset($_GET["edit"])||isset($_GET["delete"])||isset($_GET["mod"])) {
|
||||||
$_SESSION["token"] = bin2hex(random_bytes(64));
|
$_SESSION["token"] = bin2hex(random_bytes(64));
|
||||||
}
|
}
|
||||||
$crew = $database->exec("SELECT * FROM `%PREFIX%_profiles` ORDER BY name ASC;", true);
|
$crew = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` ORDER BY name ASC");
|
||||||
$types = $database->exec("SELECT `name` FROM `%PREFIX%_type` ORDER BY name ASC", true);
|
$types = $db->select("SELECT `name` FROM `".DB_PREFIX."_type` ORDER BY name ASC");
|
||||||
$modalità = (isset($_GET["add"])) ? "add" : ((isset($_GET["edit"])) ? "edit" : ((isset($_GET["delete"])) ? "delete" : "add"));
|
$modalità = (isset($_GET["add"])) ? "add" : ((isset($_GET["edit"])) ? "edit" : ((isset($_GET["delete"])) ? "delete" : "add"));
|
||||||
bdump($modalità, "modalità");
|
bdump($modalità, "modalità");
|
||||||
bdump($types, "types");
|
bdump($types, "types");
|
||||||
|
@ -58,8 +58,8 @@ if($tools->validate_form("mod", "add")) {
|
||||||
$id = "";
|
$id = "";
|
||||||
if(isset($_GET["id"])) {
|
if(isset($_GET["id"])) {
|
||||||
$id = $_GET["id"];
|
$id = $_GET["id"];
|
||||||
bdump($database->exists("services", $id));
|
bdump($crud->exists("services", $id));
|
||||||
$values = $database->exec("SELECT * FROM `%PREFIX%_services` WHERE `id` = :id", true, [":id" => $id])[0];
|
$values = $db->select("SELECT * FROM `".DB_PREFIX."_services` WHERE `id` = :id", [":id" => $id])[0];
|
||||||
bdump($values);
|
bdump($values);
|
||||||
} else {
|
} else {
|
||||||
$values = [];
|
$values = [];
|
||||||
|
@ -67,7 +67,7 @@ if($tools->validate_form("mod", "add")) {
|
||||||
if($modalità=="edit" || $modalità=="delete") {
|
if($modalità=="edit" || $modalità=="delete") {
|
||||||
if(empty($id)) {
|
if(empty($id)) {
|
||||||
echo("<pre>"); var_dump($_POST); echo("</pre>");
|
echo("<pre>"); var_dump($_POST); echo("</pre>");
|
||||||
} elseif (!$database->exists("services", $id)) {
|
} elseif (!$crud->exists("services", $id)) {
|
||||||
echo("<pre>"); var_dump($_POST); echo("</pre>");
|
echo("<pre>"); var_dump($_POST); echo("</pre>");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -47,15 +47,15 @@ if($tools->validate_form("mod", "add")) {
|
||||||
if(isset($_GET["add"])||isset($_GET["edit"])||isset($_GET["delete"])||isset($_GET["mod"])) {
|
if(isset($_GET["add"])||isset($_GET["edit"])||isset($_GET["delete"])||isset($_GET["mod"])) {
|
||||||
$_SESSION["token"] = bin2hex(random_bytes(64));
|
$_SESSION["token"] = bin2hex(random_bytes(64));
|
||||||
}
|
}
|
||||||
$crew = $database->exec("SELECT * FROM `%PREFIX%_profiles` ORDER BY name ASC;", true);
|
$crew = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` ORDER BY name ASC");
|
||||||
$modalità = (isset($_GET["add"])) ? "add" : ((isset($_GET["edit"])) ? "edit" : ((isset($_GET["delete"])) ? "delete" : "add"));
|
$modalità = (isset($_GET["add"])) ? "add" : ((isset($_GET["edit"])) ? "edit" : ((isset($_GET["delete"])) ? "delete" : "add"));
|
||||||
bdump($modalità, "modalità");
|
bdump($modalità, "modalità");
|
||||||
bdump($crew, "crew");
|
bdump($crew, "crew");
|
||||||
$id = "";
|
$id = "";
|
||||||
if(isset($_GET["id"])) {
|
if(isset($_GET["id"])) {
|
||||||
$id = $_GET["id"];
|
$id = $_GET["id"];
|
||||||
bdump($database->exists("trainings", $id));
|
bdump($crud->exists("trainings", $id));
|
||||||
$values = $database->exec("SELECT * FROM `%PREFIX%_trainings` WHERE `id` = :id", true, [":id" => $id])[0];
|
$values = $db->select("SELECT * FROM `".DB_PREFIX."_trainings` WHERE `id` = :id", [":id" => $id])[0];
|
||||||
bdump($values);
|
bdump($values);
|
||||||
} else {
|
} else {
|
||||||
$values = [];
|
$values = [];
|
||||||
|
@ -63,7 +63,7 @@ if($tools->validate_form("mod", "add")) {
|
||||||
if($modalità=="edit" || $modalità=="delete") {
|
if($modalità=="edit" || $modalità=="delete") {
|
||||||
if(empty($id)) {
|
if(empty($id)) {
|
||||||
$tools->redirect("accessdenied.php");
|
$tools->redirect("accessdenied.php");
|
||||||
} elseif (!$database->exists("trainings", $id)) {
|
} elseif (!$crud->exists("trainings", $id)) {
|
||||||
//$tools->redirect("accessdenied.php");
|
//$tools->redirect("accessdenied.php");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -69,8 +69,8 @@ if($tools->validate_form("mod", "add")) {
|
||||||
$id = "";
|
$id = "";
|
||||||
if(isset($_GET["id"])) {
|
if(isset($_GET["id"])) {
|
||||||
$id = $_GET["id"];
|
$id = $_GET["id"];
|
||||||
bdump($database->exists("profiles", $id));
|
bdump($crud->exists("profiles", $id));
|
||||||
$values = $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE `id` = :id", true, [":id" => $id])[0];
|
$values = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE `id` = :id", [":id" => $id])[0];
|
||||||
bdump($values);
|
bdump($values);
|
||||||
} else {
|
} else {
|
||||||
$values = [];
|
$values = [];
|
||||||
|
@ -78,7 +78,7 @@ if($tools->validate_form("mod", "add")) {
|
||||||
if($modalità=="edit" || $modalità=="delete") {
|
if($modalità=="edit" || $modalità=="delete") {
|
||||||
if(empty($id)) {
|
if(empty($id)) {
|
||||||
$tools->redirect("accessdenied.php");
|
$tools->redirect("accessdenied.php");
|
||||||
} elseif (!$database->exists("profiles", $id)) {
|
} elseif (!$crud->exists("profiles", $id)) {
|
||||||
$tools->redirect("accessdenied.php");
|
$tools->redirect("accessdenied.php");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,12 +15,20 @@ function show_error_page($error=null, $error_message=null, $error_message_advanc
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$webpack_manifest = json_decode(
|
$main_script_url = null;
|
||||||
file_get_contents(isset($webpack_manifest_path) ? $webpack_manifest_path : realpath("resources/dist/manifest.json")),
|
$game_script_url = null;
|
||||||
true
|
try{
|
||||||
);
|
$webpack_manifest_path = isset($webpack_manifest_path) ? $webpack_manifest_path : realpath("resources/dist/manifest.json");
|
||||||
$main_script_url = "resources/dist/".$webpack_manifest["main.js"];
|
if(!empty($webpack_manifest_path)){
|
||||||
$game_script_url = "resources/dist/".$webpack_manifest["games.js"];
|
$webpack_manifest = json_decode(
|
||||||
|
file_get_contents($webpack_manifest_path),
|
||||||
|
true
|
||||||
|
);
|
||||||
|
$main_script_url = "resources/dist/".$webpack_manifest["main.js"];
|
||||||
|
$game_script_url = "resources/dist/".$webpack_manifest["games.js"];
|
||||||
|
}
|
||||||
|
} catch(\Exception $e) {
|
||||||
|
}
|
||||||
|
|
||||||
$error_templates = [
|
$error_templates = [
|
||||||
<<<EOT
|
<<<EOT
|
||||||
|
@ -59,6 +67,9 @@ function show_error_page($error=null, $error_message=null, $error_message_advanc
|
||||||
echo($error_templates[$key]);
|
echo($error_templates[$key]);
|
||||||
?>
|
?>
|
||||||
<br><br>
|
<br><br>
|
||||||
|
<?php
|
||||||
|
if(!is_null($game_script_url)){
|
||||||
|
?>
|
||||||
<div class="games_list" style="margin-left: 20px; text-align: left;">
|
<div class="games_list" style="margin-left: 20px; text-align: left;">
|
||||||
While you are waiting, you can play some games:
|
While you are waiting, you can play some games:
|
||||||
<ul>
|
<ul>
|
||||||
|
@ -73,6 +84,7 @@ function show_error_page($error=null, $error_message=null, $error_message_advanc
|
||||||
<script src="<?php echo($game_script_url); ?>"></script>
|
<script src="<?php echo($game_script_url); ?>"></script>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (basename(__FILE__) == basename($_SERVER["SCRIPT_FILENAME"])) {
|
if (basename(__FILE__) == basename($_SERVER["SCRIPT_FILENAME"])) {
|
||||||
show_error_page();
|
show_error_page();
|
||||||
|
|
|
@ -27,14 +27,24 @@ if (file_exists("../config.php")) {
|
||||||
if(checkConnection($dbhostValue, $unameValue, $pwdValue, $dbnameValue, true)) {
|
if(checkConnection($dbhostValue, $unameValue, $pwdValue, $dbnameValue, true)) {
|
||||||
$configOk = true;
|
$configOk = true;
|
||||||
try{
|
try{
|
||||||
$connection = new PDO("mysql:host=$dbhostValue;dbname=$dbnameValue", $unameValue, $pwdValue, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
|
$db = \Delight\Db\PdoDatabase::fromDsn(
|
||||||
$stmt = $connection->prepare(str_replace("%PREFIX%", DB_PREFIX, "SELECT * FROM `%PREFIX%_dbversion`;"));
|
new \Delight\Db\PdoDsn(
|
||||||
$query = $stmt->execute();
|
"mysql:host=$dbhostValue;dbname=$dbnameValue",
|
||||||
$populated = !empty($stmt->fetchAll(PDO::FETCH_ASSOC));
|
$unameValue,
|
||||||
$stmt2 = $connection->prepare(str_replace("%PREFIX%", DB_PREFIX, "SELECT * FROM `%PREFIX%_users`;"));
|
$pwdValue
|
||||||
$query2 = $stmt2->execute();
|
)
|
||||||
$userPopulated = !empty($stmt2->fetchAll(PDO::FETCH_ASSOC));
|
);
|
||||||
} catch (PDOException $e){
|
try{
|
||||||
|
$populated = !is_null($db->select("SELECT * FROM `".DB_PREFIX."_dbversion`"));
|
||||||
|
} catch (Delight\Db\Throwable\TableNotFoundError $e){
|
||||||
|
$populated = false;
|
||||||
|
}
|
||||||
|
try{
|
||||||
|
$userPopulated = !is_null($db->select("SELECT * FROM `".DB_PREFIX."_users`"));
|
||||||
|
} catch (Delight\Db\Throwable\TableNotFoundError $e){
|
||||||
|
$userPopulated = false;
|
||||||
|
}
|
||||||
|
} catch (Exception $e){
|
||||||
$populated = false;
|
$populated = false;
|
||||||
$userPopulated = false;
|
$userPopulated = false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -252,11 +252,16 @@ define('SENTRY_ENV', 'prod');<br>
|
||||||
function initDB()
|
function initDB()
|
||||||
{
|
{
|
||||||
try{
|
try{
|
||||||
$connection = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME, DB_USER, DB_PASSWORD, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
|
$db = \Delight\Db\PdoDatabase::fromDsn(
|
||||||
|
new \Delight\Db\PdoDsn(
|
||||||
|
"mysql:host=".DB_HOST.";dbname=".DB_NAME,
|
||||||
|
DB_USER,
|
||||||
|
DB_PASSWORD
|
||||||
|
)
|
||||||
|
);
|
||||||
$prefix = DB_PREFIX;
|
$prefix = DB_PREFIX;
|
||||||
$connection->exec(
|
$db->exec(<<<"EOL"
|
||||||
"
|
CREATE TABLE IF NOT EXISTS `{$prefix}_trainings` (
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_trainings` (
|
|
||||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||||
`date` date NOT NULL,
|
`date` date NOT NULL,
|
||||||
`name` varchar(999) NOT NULL,
|
`name` varchar(999) NOT NULL,
|
||||||
|
@ -270,7 +275,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_trainings` (
|
||||||
`inserted_by` varchar(200) NOT NULL,
|
`inserted_by` varchar(200) NOT NULL,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_services` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_services` (
|
||||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||||
`date` date NOT NULL,
|
`date` date NOT NULL,
|
||||||
`code` text NOT NULL,
|
`code` text NOT NULL,
|
||||||
|
@ -286,7 +293,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_services` (
|
||||||
`inserted_by` varchar(200) NOT NULL,
|
`inserted_by` varchar(200) NOT NULL,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_intrusions` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_intrusions` (
|
||||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||||
`page` varchar(999) COLLATE utf8mb4_unicode_ci NOT NULL,
|
`page` varchar(999) COLLATE utf8mb4_unicode_ci NOT NULL,
|
||||||
`date` varchar(100) COLLATE utf8mb4_unicode_ci NOT NULL,
|
`date` varchar(100) COLLATE utf8mb4_unicode_ci NOT NULL,
|
||||||
|
@ -295,7 +304,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_intrusions` (
|
||||||
`server_var` varchar(9999) COLLATE utf8mb4_unicode_ci NOT NULL,
|
`server_var` varchar(9999) COLLATE utf8mb4_unicode_ci NOT NULL,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_log` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_log` (
|
||||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||||
`action` varchar(100) NOT NULL,
|
`action` varchar(100) NOT NULL,
|
||||||
`changed` varchar(100),
|
`changed` varchar(100),
|
||||||
|
@ -306,20 +317,26 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_log` (
|
||||||
`user_agent` varchar(500),
|
`user_agent` varchar(500),
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_minutes` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_minutes` (
|
||||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||||
`month` int(2) NOT NULL,
|
`month` int(2) NOT NULL,
|
||||||
`year` int(2) NOT NULL,
|
`year` int(2) NOT NULL,
|
||||||
`list` mediumtext NOT NULL,
|
`list` mediumtext NOT NULL,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_type` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_type` (
|
||||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||||
`name` text NOT NULL,
|
`name` text NOT NULL,
|
||||||
PRIMARY KEY (`id`),
|
PRIMARY KEY (`id`),
|
||||||
UNIQUE KEY `type_name` (`name`(99))
|
UNIQUE KEY `type_name` (`name`(99))
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_users` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_users` (
|
||||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||||
`email` varchar(249) COLLATE utf8mb4_unicode_ci NOT NULL,
|
`email` varchar(249) COLLATE utf8mb4_unicode_ci NOT NULL,
|
||||||
`password` varchar(255) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
|
`password` varchar(255) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
|
||||||
|
@ -334,7 +351,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_users` (
|
||||||
PRIMARY KEY (`id`),
|
PRIMARY KEY (`id`),
|
||||||
UNIQUE KEY `email` (`email`)
|
UNIQUE KEY `email` (`email`)
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_profiles` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_profiles` (
|
||||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||||
`hidden` BOOLEAN NOT NULL DEFAULT FALSE,
|
`hidden` BOOLEAN NOT NULL DEFAULT FALSE,
|
||||||
`disabled` BOOLEAN NOT NULL DEFAULT FALSE,
|
`disabled` BOOLEAN NOT NULL DEFAULT FALSE,
|
||||||
|
@ -351,7 +370,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_profiles` (
|
||||||
`image` varchar(1000) DEFAULT NULL,
|
`image` varchar(1000) DEFAULT NULL,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_users_confirmations` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_users_confirmations` (
|
||||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||||
`user_id` int(10) unsigned NOT NULL,
|
`user_id` int(10) unsigned NOT NULL,
|
||||||
`email` varchar(249) COLLATE utf8mb4_unicode_ci NOT NULL,
|
`email` varchar(249) COLLATE utf8mb4_unicode_ci NOT NULL,
|
||||||
|
@ -363,7 +384,9 @@ UNIQUE KEY `selector` (`selector`),
|
||||||
KEY `email_expires` (`email`,`expires`),
|
KEY `email_expires` (`email`,`expires`),
|
||||||
KEY `user_id` (`user_id`)
|
KEY `user_id` (`user_id`)
|
||||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_users_remembered` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_users_remembered` (
|
||||||
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
|
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
|
||||||
`user` int(10) unsigned NOT NULL,
|
`user` int(10) unsigned NOT NULL,
|
||||||
`selector` varchar(24) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
|
`selector` varchar(24) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
|
||||||
|
@ -373,7 +396,9 @@ PRIMARY KEY (`id`),
|
||||||
UNIQUE KEY `selector` (`selector`),
|
UNIQUE KEY `selector` (`selector`),
|
||||||
KEY `user` (`user`)
|
KEY `user` (`user`)
|
||||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_users_resets` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_users_resets` (
|
||||||
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
|
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
|
||||||
`user` int(10) unsigned NOT NULL,
|
`user` int(10) unsigned NOT NULL,
|
||||||
`selector` varchar(20) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
|
`selector` varchar(20) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
|
||||||
|
@ -383,7 +408,9 @@ PRIMARY KEY (`id`),
|
||||||
UNIQUE KEY `selector` (`selector`),
|
UNIQUE KEY `selector` (`selector`),
|
||||||
KEY `user_expires` (`user`,`expires`)
|
KEY `user_expires` (`user`,`expires`)
|
||||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_users_throttling` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_users_throttling` (
|
||||||
`bucket` varchar(44) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
|
`bucket` varchar(44) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
|
||||||
`tokens` float unsigned NOT NULL,
|
`tokens` float unsigned NOT NULL,
|
||||||
`replenished_at` int(10) unsigned NOT NULL,
|
`replenished_at` int(10) unsigned NOT NULL,
|
||||||
|
@ -391,7 +418,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_users_throttling` (
|
||||||
PRIMARY KEY (`bucket`),
|
PRIMARY KEY (`bucket`),
|
||||||
KEY `expires_at` (`expires_at`)
|
KEY `expires_at` (`expires_at`)
|
||||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
||||||
CREATE TABLE IF NOT EXISTS `".$prefix."_options` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE IF NOT EXISTS `{$prefix}_options` (
|
||||||
`id` INT NOT NULL AUTO_INCREMENT,
|
`id` INT NOT NULL AUTO_INCREMENT,
|
||||||
`name` TEXT NOT NULL, `value` MEDIUMTEXT NOT NULL,
|
`name` TEXT NOT NULL, `value` MEDIUMTEXT NOT NULL,
|
||||||
`enabled` BOOLEAN NOT NULL DEFAULT TRUE,
|
`enabled` BOOLEAN NOT NULL DEFAULT TRUE,
|
||||||
|
@ -400,26 +429,34 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_options` (
|
||||||
`user_id` INT NOT NULL,
|
`user_id` INT NOT NULL,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE `".$prefix."_dbversion` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE `{$prefix}_dbversion` (
|
||||||
`id` INT NOT NULL AUTO_INCREMENT,
|
`id` INT NOT NULL AUTO_INCREMENT,
|
||||||
`version` INT NOT NULL,
|
`version` INT NOT NULL,
|
||||||
`timestamp` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
`timestamp` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE `".$prefix."_api_keys` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE `{$prefix}_api_keys` (
|
||||||
`id` INT NOT NULL AUTO_INCREMENT,
|
`id` INT NOT NULL AUTO_INCREMENT,
|
||||||
`apikey` VARCHAR(128) NOT NULL,
|
`apikey` VARCHAR(128) NOT NULL,
|
||||||
`user` INT NOT NULL,
|
`user` INT NOT NULL,
|
||||||
`permissions` VARCHAR(128) NOT NULL DEFAULT 'ALL',
|
`permissions` VARCHAR(128) NOT NULL DEFAULT 'ALL',
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
|
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE `".$prefix."_bot_telegram` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE `{$prefix}_bot_telegram` (
|
||||||
`id` INT NOT NULL AUTO_INCREMENT,
|
`id` INT NOT NULL AUTO_INCREMENT,
|
||||||
`chat_id` VARCHAR(128) NOT NULL,
|
`chat_id` VARCHAR(128) NOT NULL,
|
||||||
`user` INT NOT NULL,
|
`user` INT NOT NULL,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
|
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
|
||||||
CREATE TABLE `".$prefix."_schedules` (
|
EOL);
|
||||||
|
$db->exec(<<<"EOL"
|
||||||
|
CREATE TABLE `{$prefix}_schedules` (
|
||||||
`id` INT NOT NULL AUTO_INCREMENT,
|
`id` INT NOT NULL AUTO_INCREMENT,
|
||||||
`user` INT NOT NULL,
|
`user` INT NOT NULL,
|
||||||
`profile_name` VARCHAR(500) NOT NULL DEFAULT 'default',
|
`profile_name` VARCHAR(500) NOT NULL DEFAULT 'default',
|
||||||
|
@ -429,8 +466,8 @@ CREATE TABLE `".$prefix."_schedules` (
|
||||||
`last_update` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
`last_update` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
|
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
|
||||||
INSERT INTO `".$prefix."_dbversion` (`version`, `timestamp`) VALUES('1', current_timestamp());"
|
EOL);
|
||||||
);
|
$db->exec("INSERT INTO `{$prefix}_dbversion` (`version`, `timestamp`) VALUES('1', current_timestamp());");
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
if(is_cli()) {
|
if(is_cli()) {
|
||||||
echo($e);
|
echo($e);
|
||||||
|
@ -471,27 +508,36 @@ function initOptions($name, $visible, $developer, $password, $report_email, $own
|
||||||
{
|
{
|
||||||
try{
|
try{
|
||||||
include_once "../config.php";
|
include_once "../config.php";
|
||||||
$connection = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME, DB_USER, DB_PASSWORD, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
|
$db = \Delight\Db\PdoDatabase::fromDsn(
|
||||||
|
new \Delight\Db\PdoDsn(
|
||||||
|
"mysql:host=".DB_HOST.";dbname=".DB_NAME,
|
||||||
|
DB_USER,
|
||||||
|
DB_PASSWORD
|
||||||
|
)
|
||||||
|
);
|
||||||
$prefix = DB_PREFIX;
|
$prefix = DB_PREFIX;
|
||||||
$auth = new \Delight\Auth\Auth($connection, $_SERVER['REMOTE_ADDR'], $prefix."_");
|
$auth = new \Delight\Auth\Auth($db, $_SERVER['REMOTE_ADDR'], $prefix."_");
|
||||||
$userId = $auth->register($report_email, $password, $name);
|
$userId = $auth->register($report_email, $password, $name);
|
||||||
$auth->admin()->addRoleForUserById($userId, \Delight\Auth\Role::SUPER_ADMIN);
|
$auth->admin()->addRoleForUserById($userId, \Delight\Auth\Role::SUPER_ADMIN);
|
||||||
if($developer) {
|
if($developer) {
|
||||||
$auth->admin()->addRoleForUserById($userId, \Delight\Auth\Role::DEVELOPER);
|
$auth->admin()->addRoleForUserById($userId, \Delight\Auth\Role::DEVELOPER);
|
||||||
}
|
}
|
||||||
|
if(is_null($url)){
|
||||||
|
$url = str_replace("install/install.php", "", full_path());
|
||||||
|
}
|
||||||
$options = [
|
$options = [
|
||||||
'check_cf_ip' => ':check_cf_ip',
|
'check_cf_ip' => empty($_SERVER['HTTP_CF_CONNECTING_IP']) ? 0 : 1,
|
||||||
'report_email' => ':report_email',
|
'report_email' => $report_email,
|
||||||
'owner' => ':owner',
|
'owner' => $owner,
|
||||||
'web_url' => ':web_url',
|
'web_url' => $url,
|
||||||
'use_custom_error_sound' => 0,
|
'use_custom_error_sound' => 0,
|
||||||
'use_custom_error_image' => 0,
|
'use_custom_error_image' => 0,
|
||||||
'intrusion_save' => 1,
|
'intrusion_save' => 1,
|
||||||
'intrusion_save_info' => 0,
|
'intrusion_save_info' => 0,
|
||||||
'log_save_ip' => 1,
|
'log_save_ip' => 1,
|
||||||
'cron_job_code' => ':cron_job_code',
|
'cron_job_code' => str_replace(".", "", bin2hex(random_bytes(10)).base64_encode(openssl_random_pseudo_bytes(30))),
|
||||||
'cron_job_enabled' => 1,
|
'cron_job_enabled' => 1,
|
||||||
'cron_job_time' => ':cron_job_time',
|
'cron_job_time' => '01;00:00',
|
||||||
'service_edit' => 1,
|
'service_edit' => 1,
|
||||||
'service_remove' => 1,
|
'service_remove' => 1,
|
||||||
'training_edit' => 1,
|
'training_edit' => 1,
|
||||||
|
@ -508,26 +554,16 @@ function initOptions($name, $visible, $developer, $password, $report_email, $own
|
||||||
'holidays_language' => 'en_US',
|
'holidays_language' => 'en_US',
|
||||||
'messages' => '{}'
|
'messages' => '{}'
|
||||||
];
|
];
|
||||||
$query = "";
|
|
||||||
foreach ($options as $key => $value) {
|
foreach ($options as $key => $value) {
|
||||||
$query .= "
|
$db->insert(
|
||||||
INSERT INTO `".$prefix."_options` (`id`, `name`, `value`, `enabled`, `created_time`, `last_edit`, `user_id`) VALUES (NULL, '".$key."', $value, 1, current_timestamp(), current_timestamp(), '1');";
|
$prefix."_options",
|
||||||
|
["name" => $key, "value" => $value, "enabled" => 1, "user_id" => 1]
|
||||||
|
);
|
||||||
}
|
}
|
||||||
$query = "
|
$db->insert(
|
||||||
INSERT INTO `".$prefix."_profiles` (`id`, `hidden`) VALUES (NULL, :hidden);".$query;
|
$prefix."_profiles",
|
||||||
$prep = $connection->prepare($query);
|
["hidden" => $visible ? 0 : 1]
|
||||||
mt_srand(10);
|
);
|
||||||
$prep->bindValue(':check_cf_ip', (empty($_SERVER['HTTP_CF_CONNECTING_IP']) ? 0 : 1), PDO::PARAM_INT);
|
|
||||||
$prep->bindValue(':hidden', ($visible ? 0 : 1), PDO::PARAM_INT);
|
|
||||||
$prep->bindValue(':report_email', $report_email, PDO::PARAM_STR);
|
|
||||||
$prep->bindValue(':owner', $owner, PDO::PARAM_STR);
|
|
||||||
if(is_null($url)){
|
|
||||||
$url = str_replace("install/install.php", "", full_path());
|
|
||||||
}
|
|
||||||
$prep->bindValue(':web_url', $url, PDO::PARAM_STR);
|
|
||||||
$prep->bindValue(':cron_job_code', str_replace(".", "", bin2hex(random_bytes(10)).base64_encode(openssl_random_pseudo_bytes(30))), PDO::PARAM_STR);
|
|
||||||
$prep->bindValue(':cron_job_time', "01;00:00", PDO::PARAM_STR);
|
|
||||||
$prep->execute();
|
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
if(is_cli()) {
|
if(is_cli()) {
|
||||||
echo($e);
|
echo($e);
|
||||||
|
|
|
@ -44,7 +44,7 @@ $days = [
|
||||||
];
|
];
|
||||||
|
|
||||||
$user_id = $user->auth->getUserId();
|
$user_id = $user->auth->getUserId();
|
||||||
$result = $database->exec("SELECT * FROM `%PREFIX%_schedules` WHERE `user`={$user_id};", true);
|
$result = $db->select("SELECT * FROM `".DB_PREFIX."_schedules` WHERE `user`={$user_id}");
|
||||||
if(!empty($result)){
|
if(!empty($result)){
|
||||||
$old_schedules_db = json_decode($result[0]["schedules"]);
|
$old_schedules_db = json_decode($result[0]["schedules"]);
|
||||||
foreach ($old_schedules_db as $schedule) {
|
foreach ($old_schedules_db as $schedule) {
|
||||||
|
|
|
@ -7,8 +7,11 @@ $id = $user->auth->getUserId();
|
||||||
$time = time();
|
$time = time();
|
||||||
|
|
||||||
if(!is_null($id)) {
|
if(!is_null($id)) {
|
||||||
$sql = "UPDATE `%PREFIX%_profiles` SET online_time = '$time' WHERE id = '" . $id ."'";
|
$db->update(
|
||||||
$database->exec($sql, true);
|
DB_PREFIX."_profiles",
|
||||||
|
["online_time" => $time],
|
||||||
|
["id" => $id]
|
||||||
|
);
|
||||||
echo(json_encode(["id" => $id, "time" => $time, "sql" => $sql]));
|
echo(json_encode(["id" => $id, "time" => $time, "sql" => $sql]));
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -5,6 +5,9 @@ $user->requirelogin(false);
|
||||||
|
|
||||||
if(isset($_POST["type"])){
|
if(isset($_POST["type"])){
|
||||||
$type = $_POST["type"];
|
$type = $_POST["type"];
|
||||||
$database->exec("INSERT INTO `%PREFIX%_type` (`name`) VALUES (:name);", false, [":name" => $type]);
|
$db->insert(
|
||||||
|
DB_PREFIX."_type",
|
||||||
|
["name" => $type]
|
||||||
|
);
|
||||||
$user->log("Added service type");
|
$user->log("Added service type");
|
||||||
}
|
}
|
|
@ -4,7 +4,7 @@ init_class(false);
|
||||||
$user->requirelogin(false);
|
$user->requirelogin(false);
|
||||||
|
|
||||||
$user_id = $user->auth->getUserId();
|
$user_id = $user->auth->getUserId();
|
||||||
$result = $database->exec("SELECT * FROM `%PREFIX%_schedules` WHERE `user`={$user_id};", true);
|
$result = $db->select("SELECT * FROM `".DB_PREFIX."_schedules` WHERE `user` = :id", ["id" => $user_id]);
|
||||||
if(!empty($result)){
|
if(!empty($result)){
|
||||||
$result[0]["schedules"] = json_decode($result[0]["schedules"]);
|
$result[0]["schedules"] = json_decode($result[0]["schedules"]);
|
||||||
$result[0]["holidays"] = json_decode($result[0]["holidays"]);
|
$result[0]["holidays"] = json_decode($result[0]["holidays"]);
|
||||||
|
@ -15,10 +15,17 @@ if(isset($_POST["hours"])){
|
||||||
$holidays = (string) json_encode($_POST["holidays"]);
|
$holidays = (string) json_encode($_POST["holidays"]);
|
||||||
echo($hours."-".$holidays);
|
echo($hours."-".$holidays);
|
||||||
if(!empty($result)){
|
if(!empty($result)){
|
||||||
$database->exec("UPDATE `%PREFIX%_schedules` SET schedules = :schedules, holidays = :holidays WHERE `id` = :id;", false, [":id" => $result[0]["id"], ":schedules" => $hours, ":holidays" => $holidays]);
|
$db->update(
|
||||||
|
DB_PREFIX."_schedules",
|
||||||
|
["schedules" => $hours, "holidays" => $holidays],
|
||||||
|
["id" => $result[0]["id"]]
|
||||||
|
);
|
||||||
} else {
|
} else {
|
||||||
$database->exec("INSERT INTO `%PREFIX%_schedules` (`user`, `schedules`, `holidays`) VALUES (:user, :schedules, :holidays);", false, [":user" => $user_id, ":schedules" => $hours, ":holidays" => $holidays]);
|
$db->insert(
|
||||||
|
DB_PREFIX."_schedules",
|
||||||
|
["schedules" => $hours, "holidays" => $holidays, "user" => $user_id]
|
||||||
|
);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
echo(json_encode(empty($result) ? [] : $result[0]));
|
echo(json_encode(empty($result)||is_null($result) ? [] : $result[0]));
|
||||||
}
|
}
|
|
@ -5,10 +5,18 @@ $user->requirelogin(false);
|
||||||
$user->online_time_update();
|
$user->online_time_update();
|
||||||
|
|
||||||
if(isset($_POST["change_id"]) && $_POST["dispo"] == 1 /* && $_POST["token_list"] == $_SESSION['token_list'] */){
|
if(isset($_POST["change_id"]) && $_POST["dispo"] == 1 /* && $_POST["token_list"] == $_SESSION['token_list'] */){
|
||||||
$database->exec("UPDATE `%PREFIX%_profiles` SET available = '1', availability_last_change = 'manual' WHERE id = :id;", false, [":id" => $_POST["change_id"]]);
|
$db->update(
|
||||||
|
DB_PREFIX."_profiles",
|
||||||
|
["available" => 1, "availability_last_change" => "manual"],
|
||||||
|
["id" => $_POST["change_id"]]
|
||||||
|
);
|
||||||
$user->log("Status changed to 'available'", $_POST["change_id"], $user->auth->getUserId());
|
$user->log("Status changed to 'available'", $_POST["change_id"], $user->auth->getUserId());
|
||||||
} else if(isset($_POST["change_id"]) && $_POST["dispo"] == 0 /* && $_POST["token_list"] == $_SESSION['token_list'] */){
|
} else if(isset($_POST["change_id"]) && $_POST["dispo"] == 0 /* && $_POST["token_list"] == $_SESSION['token_list'] */){
|
||||||
$database->exec("UPDATE `%PREFIX%_profiles` SET available = '0', availability_last_change = 'manual' WHERE id = :id;", false, [":id" => $_POST["change_id"]]);
|
$db->update(
|
||||||
|
DB_PREFIX."_profiles",
|
||||||
|
["available" => 0, "availability_last_change" => "manual"],
|
||||||
|
["id" => $_POST["change_id"]]
|
||||||
|
);
|
||||||
$user->log("Status changed to 'not available'", $_POST["change_id"], $user->auth->getUserId());
|
$user->log("Status changed to 'not available'", $_POST["change_id"], $user->auth->getUserId());
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -4,10 +4,10 @@ init_class();
|
||||||
$user->requirelogin(false);
|
$user->requirelogin(false);
|
||||||
$user->online_time_update();
|
$user->online_time_update();
|
||||||
|
|
||||||
$result = $database->exec("SELECT * FROM `%PREFIX%_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC;", true);
|
$result = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC");
|
||||||
|
|
||||||
$response = [];
|
$response = [];
|
||||||
foreach($result as $row){
|
foreach(!is_null($result) ? $result : [] as $row){
|
||||||
if(!$user->hidden($row["id"])){
|
if(!$user->hidden($row["id"])){
|
||||||
if($user->requireRole(Role::FULL_VIEWER)){
|
if($user->requireRole(Role::FULL_VIEWER)){
|
||||||
$name = $user->nameById($row["id"]);
|
$name = $user->nameById($row["id"]);
|
||||||
|
|
|
@ -4,7 +4,7 @@ init_class();
|
||||||
$user->requirelogin(false);
|
$user->requirelogin(false);
|
||||||
$user->online_time_update();
|
$user->online_time_update();
|
||||||
|
|
||||||
$result = $database->exec("SELECT * FROM `%PREFIX%_log` ORDER BY `timestamp` DESC", true);
|
$result = $db->select("SELECT * FROM `".DB_PREFIX."_log` ORDER BY `timestamp` DESC");
|
||||||
|
|
||||||
//https://stackoverflow.com/a/2524761
|
//https://stackoverflow.com/a/2524761
|
||||||
function isValidTimeStamp($timestamp)
|
function isValidTimeStamp($timestamp)
|
||||||
|
@ -15,7 +15,7 @@ function isValidTimeStamp($timestamp)
|
||||||
}
|
}
|
||||||
|
|
||||||
$response = [];
|
$response = [];
|
||||||
foreach($result as $row){
|
foreach(!is_null($result) ? $result : [] as $row){
|
||||||
if(isValidTimeStamp($row["timestamp"])){
|
if(isValidTimeStamp($row["timestamp"])){
|
||||||
$date = new DateTime();
|
$date = new DateTime();
|
||||||
$date->setTimestamp($row["timestamp"]);
|
$date->setTimestamp($row["timestamp"]);
|
||||||
|
|
|
@ -4,10 +4,10 @@ init_class();
|
||||||
$user->requirelogin(false);
|
$user->requirelogin(false);
|
||||||
$user->online_time_update();
|
$user->online_time_update();
|
||||||
|
|
||||||
$result = $database->exec("SELECT * FROM `%PREFIX%_services` ORDER BY date DESC, beginning DESC", true);
|
$result = $db->select("SELECT * FROM `".DB_PREFIX."_services` ORDER BY date DESC, beginning DESC");
|
||||||
|
|
||||||
$response = [];
|
$response = [];
|
||||||
foreach($result as $row){
|
foreach(!is_null($result) ? $result : [] as $row){
|
||||||
$chief = $user->nameById($row["chief"]);
|
$chief = $user->nameById($row["chief"]);
|
||||||
|
|
||||||
$drivers_array = explode(",", $row['drivers']);
|
$drivers_array = explode(",", $row['drivers']);
|
||||||
|
@ -32,8 +32,8 @@ foreach($result as $row){
|
||||||
s($row['place'],false,true),
|
s($row['place'],false,true),
|
||||||
s($row['notes'],false,true),
|
s($row['notes'],false,true),
|
||||||
s($row['type'],false,true),
|
s($row['type'],false,true),
|
||||||
$database->get_option("service_edit") ? "<a class='pjax_disable' data-action='edit' href='edit_service.php?edit&id={$row['id']}'><i style='font-size: 40px' class='fa fa-edit'></i></a>" : null,
|
get_option("service_edit") ? "<a class='pjax_disable' data-action='edit' href='edit_service.php?edit&id={$row['id']}'><i style='font-size: 40px' class='fa fa-edit'></i></a>" : null,
|
||||||
$database->get_option("service_remove") ? "<a class='pjax_disable' data-action='delete' href='edit_service.php?delete&id={$row['id']}'><i style='font-size: 40px' class='fa fa-trash'></i></a>" : null
|
get_option("service_remove") ? "<a class='pjax_disable' data-action='delete' href='edit_service.php?delete&id={$row['id']}'><i style='font-size: 40px' class='fa fa-trash'></i></a>" : null
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
$tools->ajax_page_response($response);
|
$tools->ajax_page_response($response);
|
||||||
|
|
|
@ -4,10 +4,10 @@ init_class();
|
||||||
$user->requirelogin(false);
|
$user->requirelogin(false);
|
||||||
$user->online_time_update();
|
$user->online_time_update();
|
||||||
|
|
||||||
$result = $database->exec("SELECT * FROM `%PREFIX%_trainings` ORDER BY date DESC, beginning desc", true);
|
$result = $db->select("SELECT * FROM `".DB_PREFIX."_trainings` ORDER BY date DESC, beginning desc");
|
||||||
|
|
||||||
$response = [];
|
$response = [];
|
||||||
foreach($result as $row){
|
foreach(!is_null($result) ? $result : [] as $row){
|
||||||
$chief = $user->nameById($row["chief"]);
|
$chief = $user->nameById($row["chief"]);
|
||||||
|
|
||||||
$others_crew_array = explode(",", $row['crew']);
|
$others_crew_array = explode(",", $row['crew']);
|
||||||
|
@ -24,8 +24,8 @@ foreach($result as $row){
|
||||||
$others_crew,
|
$others_crew,
|
||||||
s($row['place'],false,true),
|
s($row['place'],false,true),
|
||||||
s($row['notes'],false,true),
|
s($row['notes'],false,true),
|
||||||
$database->get_option("training_edit") ? "<a class='pjax_disable' data-action='edit' href='edit_training.php?edit&id={$row['id']}'><i style='font-size: 40px' class='fa fa-edit'></i></a>" : null,
|
get_option("training_edit") ? "<a class='pjax_disable' data-action='edit' href='edit_training.php?edit&id={$row['id']}'><i style='font-size: 40px' class='fa fa-edit'></i></a>" : null,
|
||||||
$database->get_option("training_remove") ? "<a class='pjax_disable' data-action='delete' href='edit_training.php?delete&id={$row['id']}'><i style='font-size: 40px' class='fa fa-trash'></i></a>" : null
|
get_option("training_remove") ? "<a class='pjax_disable' data-action='delete' href='edit_training.php?delete&id={$row['id']}'><i style='font-size: 40px' class='fa fa-trash'></i></a>" : null
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
$tools->ajax_page_response($response);
|
$tools->ajax_page_response($response);
|
||||||
|
|
|
@ -37,10 +37,7 @@ $filter_translate = new \Twig\TwigFilter(
|
||||||
$twig->addFilter($filter_translate);
|
$twig->addFilter($filter_translate);
|
||||||
|
|
||||||
$function_option = new \Twig\TwigFunction(
|
$function_option = new \Twig\TwigFunction(
|
||||||
'option', function ($option) {
|
'option', "get_option"
|
||||||
global $database;
|
|
||||||
return $database->get_option($option);
|
|
||||||
}
|
|
||||||
);
|
);
|
||||||
$twig->addFunction($function_option);
|
$twig->addFunction($function_option);
|
||||||
|
|
||||||
|
@ -78,7 +75,7 @@ p_stop();
|
||||||
$template = null;
|
$template = null;
|
||||||
function loadtemplate($templatename, $data, $requirelogin=true)
|
function loadtemplate($templatename, $data, $requirelogin=true)
|
||||||
{
|
{
|
||||||
global $database, $user, $twig, $template, $enable_debugbar, $debugbarRenderer;
|
global $user, $twig, $template, $enable_debugbar, $debugbarRenderer;
|
||||||
p_start("Render Twig template");
|
p_start("Render Twig template");
|
||||||
if($requirelogin) {
|
if($requirelogin) {
|
||||||
$user->requirelogin();
|
$user->requirelogin();
|
||||||
|
@ -89,23 +86,23 @@ function loadtemplate($templatename, $data, $requirelogin=true)
|
||||||
$data['enable_debug_bar'] = $enable_debugbar;
|
$data['enable_debug_bar'] = $enable_debugbar;
|
||||||
$data['debug_bar_head'] = $enable_debugbar ? $debugbarRenderer->renderHead() : "";
|
$data['debug_bar_head'] = $enable_debugbar ? $debugbarRenderer->renderHead() : "";
|
||||||
$data['debug_bar'] = $enable_debugbar ? $debugbarRenderer->render() : "";
|
$data['debug_bar'] = $enable_debugbar ? $debugbarRenderer->render() : "";
|
||||||
$data['owner'] = $database->get_option("owner");
|
$data['owner'] = get_option("owner");
|
||||||
$data['urlsoftware'] = $database->get_option("web_url");
|
$data['urlsoftware'] = get_option("web_url");
|
||||||
$data['user'] = $user->info();
|
$data['user'] = $user->info();
|
||||||
$data['show_menu'] = !isset($_REQUEST["hide_menu"]);
|
$data['show_menu'] = !isset($_REQUEST["hide_menu"]);
|
||||||
$data['show_footer'] = !isset($_REQUEST["hide_footer"]);
|
$data['show_footer'] = !isset($_REQUEST["hide_footer"]);
|
||||||
if($database->get_option("use_custom_error_sound")) {
|
if(get_option("use_custom_error_sound")) {
|
||||||
$data['error_sound'] = "custom-error.mp3";
|
$data['error_sound'] = "custom-error.mp3";
|
||||||
} else {
|
} else {
|
||||||
$data['error_sound'] = "error.mp3";
|
$data['error_sound'] = "error.mp3";
|
||||||
}
|
}
|
||||||
if($database->get_option("use_custom_error_image")) {
|
if(get_option("use_custom_error_image")) {
|
||||||
$data['error_image'] = "custom-error.gif";
|
$data['error_image'] = "custom-error.gif";
|
||||||
} else {
|
} else {
|
||||||
$data['error_image'] = "error.gif";
|
$data['error_image'] = "error.gif";
|
||||||
}
|
}
|
||||||
//TODO: replace this
|
//TODO: replace this
|
||||||
if($messages = $database->get_option("messages")){
|
if($messages = get_option("messages")){
|
||||||
try {
|
try {
|
||||||
$messages = json_decode($messages, true);
|
$messages = json_decode($messages, true);
|
||||||
if(isset($messages[$templatename])){
|
if(isset($messages[$templatename])){
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
require_once 'ui.php';
|
require_once 'ui.php';
|
||||||
$row = $database->exec('SELECT * FROM `%PREFIX%_profiles` WHERE id = :id', true, array(":id" => $_GET['user']));
|
$row = $db->select('SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id', [":id" => $_GET['user']]);
|
||||||
loadtemplate('user_details.html', ['title' => t("Personal data", false), 'user' => $row[0]]);
|
loadtemplate('user_details.html', ['title' => t("Personal data", false), 'user' => $row[0]]);
|
||||||
?>
|
?>
|
||||||
|
|
Loading…
Reference in New Issue