allerta-vvf
/
allerta-vvf
mirror of https://github.com/allerta-vvf/allerta-vvf
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' into dependabot/npm_and_yarn/server/resources/webpack-assets-manifest-5.0.6

This commit is contained in:
Matteo Gheza 2021-05-05 20:23:44 +02:00 committed by GitHub
parent 797d09de7c 51a773ed41
commit bf4fee9785
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
28 changed files with 470 additions and 341 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
server/api.php
View File

@ -22,11 +22,14 @@ $dispatcher = FastRoute\simpleDispatcher(
);
$r->addRoute(
'POST', '/login', function ($vars) {
global $tools, $database, $user;
global $tools, $db, $user;
try {
$user->auth->loginWithUsername($_POST['username'], $_POST['password']);
$apiKey = $tools->createKey();
$database->exec("INSERT INTO `%PREFIX%_api_keys` (`apikey`, `user`, `permissions`) VALUES (:apiKey, :userId, 'ALL');", true, [":apiKey" => $apiKey, ":userId" => $user->auth->getUserId()]);
$db->insert(
DB_PREFIX."_api_keys",
["apikey" => $apiKey, "user" => $user->auth->getUserId(), "permissions" => "all"]
);
return ["status" => "ok", "apiKey" => $apiKey];
}
catch (\Delight\Auth\UnknownUsernameException $e) {
@ -54,9 +57,9 @@ $dispatcher = FastRoute\simpleDispatcher(
$r->addRoute(
'GET', '/users', function ($vars) {
requireToken();
global $database;
$users = $database->exec("SELECT * FROM `%PREFIX%_users`;", true);
$users_profiles = $database->exec("SELECT * FROM `%PREFIX%_profiles`;", true);
global $db;
$users = $db->select("SELECT * FROM `".DB_PREFIX."_users`");
$users_profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles`");
foreach ($users_profiles as $key=>$value){
if(is_null($users_profiles[$key]["name"])) {
$users_profiles[$key]["name"] = $users[$key]["username"];
@ -69,9 +72,9 @@ $dispatcher = FastRoute\simpleDispatcher(
$r->addRoute(
'GET', '/user', function ($vars) {
requireToken();
global $database, $user_info;
$users = $database->exec("SELECT * FROM `%PREFIX%_users` WHERE id = :id;", true, [":id" => $user_info["id"]])[0];
$users_profiles = $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $user_info["id"]])[0];
global $db, $user_info;
$users = $db->select("SELECT * FROM `".DB_PREFIX."_users` WHERE id = :id", ["id" => $user_info["id"]])[0];
$users_profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $user_info["id"]])[0];
if(is_null($users_profiles["name"])) {
$users_profiles["name"] = $users["username"];
}
@ -82,9 +85,9 @@ $dispatcher = FastRoute\simpleDispatcher(
$r->addRoute(
'GET', '/user/{id:\d+}', function ($vars) {
requireToken();
global $database;
$users = $database->exec("SELECT * FROM `%PREFIX%_users` WHERE id = :id;", true, [":id" => $vars["id"]])[0];
$users_profiles = $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $vars["id"]])[0];
global $db;
$users = $db->select("SELECT * FROM `".DB_PREFIX."_users` WHERE id = :id", ["id" => $vars["id"]])[0];
$users_profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $vars["id"]])[0];
if(is_null($users_profiles["name"])) {
$users_profiles["name"] = $users["username"];
}
@ -133,40 +136,40 @@ $dispatcher = FastRoute\simpleDispatcher(
$r->addRoute(
'GET', '/availability', function ($vars) {
requireToken();
global $database, $user_info;
return $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $user_info["id"]])[0]["available"];
global $db, $user_info;
return $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $user_info["id"]])[0]["available"];
}
);
$r->addRoute(
'GET', '/availability/{id:\d+}', function ($vars) {
requireToken();
global $database;
return $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $vars["id"]])[0]["available"];
global $db;
return $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $vars["id"]])[0]["available"];
}
);
$r->addRoute(
'GET', '/changeAvailability/{available:\d+}', function ($vars) {
requireToken();
global $user, $database, $user_info;
global $user, $db, $user_info;
$vars["available"] = (int) $vars["available"];
if($vars["available"] !== 0 && $vars["available"] !== 1) {
return ["status" => "error", "message" => "Availability code not allowed"];
}
$log_message = $vars["available"] ? "Status changed to 'available'" : "Status changed to 'not available'";
$database->exec("UPDATE `%PREFIX%_profiles` SET `available` = :available WHERE `id` = :id;", true, [":id" => $user_info["id"], ":available" => $vars["available"]]);
$db->select("UPDATE `".DB_PREFIX."_profiles` SET `available` = :available WHERE `id` = :id", ["id" => $user_info["id"], "available" => $vars["available"]]);
$user->log($log_message);
}
);
$r->addRoute(
'GET', '/changeAvailability/{id:\d+}/{available:\d+}', function ($vars) {
requireToken();
global $user, $database, $user_info;
global $user, $db, $user_info;
$vars["available"] = (int) $vars["available"];
if($vars["available"] !== 0 && $vars["available"] !== 1) {
return ["status" => "error", "message" => "Availability code not allowed"];
}
$log_message = $vars["available"] ? "Status changed to 'available'" : "Status changed to 'not available'";
$database->exec("UPDATE `%PREFIX%_profiles` SET `available` = :available WHERE `id` = :id;", true, [":id" => $vars["id"], ":available" => $vars["available"]]);
$db->select("UPDATE `".DB_PREFIX."_profiles` SET `available` = :available WHERE `id` = :id", ["id" => $vars["id"], "available" => $vars["available"]]);
$user->log($log_message, $vars["id"], $user_info["id"]);
}
);
@ -230,13 +233,13 @@ function responseApi($content, $status_code=200)
function validToken()
{
global $database, $user_info;
global $db, $user_info;
$token = isset($_REQUEST['apiKey']) ? $_REQUEST['apiKey'] : (isset($_REQUEST['apikey']) ? $_REQUEST['apikey'] : (isset($_SERVER['HTTP_APIKEY']) ? $_SERVER['HTTP_APIKEY'] : false));
if($token == false) {
return false;
}
if(!empty($api_key_row = $database->exec("SELECT * FROM `%PREFIX%_api_keys` WHERE apikey = :apikey;", true, [":apikey" => $token]))) {
$user_info["id"] = $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $api_key_row[0]["user"]])[0]["id"];
if(!empty($api_key_row = $db->select("SELECT * FROM `".DB_PREFIX."_api_keys` WHERE apikey = :apikey", ["apikey" => $token]))) {
$user_info["id"] = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", ["id" => $api_key_row[0]["user"]])[0]["id"];
return true;
} else {
return false;

3
server/composer.json
View File

@ -20,7 +20,8 @@
"maximebf/debugbar": "^1.16",
"azuyalabs/yasumi": "^2.3",
"ministryofweb/php-osm-tiles": "^2.0",
"jenstornell/tiny-html-minifier": "dev-master"
"jenstornell/tiny-html-minifier": "dev-master",
"delight-im/db": "^1.3"
},
"license": "GPL-3.0-or-later",
"authors": [

16
server/composer.lock generated
View File

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "ae7c144f55a8641ac68db46c3943d7ec",
"content-hash": "492606c03730f891878c2eddc0bffee0",
"packages": [
{
"name": "azuyalabs/yasumi",
@ -1653,16 +1653,16 @@
},
{
"name": "psr/log",
"version": "1.1.3",
"version": "1.1.4",
"source": {
"type": "git",
"url": "https://github.com/php-fig/log.git",
"reference": "0f73288fd15629204f9d42b7055f72dacbe811fc"
"reference": "d49695b909c3b7628b6289db5479a1c204601f11"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/log/zipball/0f73288fd15629204f9d42b7055f72dacbe811fc",
"reference": "0f73288fd15629204f9d42b7055f72dacbe811fc",
"url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11",
"reference": "d49695b909c3b7628b6289db5479a1c204601f11",
"shasum": ""
},
"require": {
@ -1686,7 +1686,7 @@
"authors": [
{
"name": "PHP-FIG",
"homepage": "http://www.php-fig.org/"
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interface for logging libraries",
@ -1697,9 +1697,9 @@
"psr-3"
],
"support": {
"source": "https://github.com/php-fig/log/tree/1.1.3"
"source": "https://github.com/php-fig/log/tree/1.1.4"
},
"time": "2020-03-23T09:12:05+00:00"
"time": "2021-05-03T11:20:27+00:00"
},
{
"name": "ralouphie/getallheaders",

328
server/core.php
View File

@ -31,13 +31,13 @@ function bdump($message){
class tools
{
public $database;
public $db;
public $profiler_enabled;
public $profiler_last_name = "";
public function __construct($database, $profiler_enabled)
public function __construct($db, $profiler_enabled)
{
$this->database = $database;
$this->db = $db;
$this->profiler_enabled = $profiler_enabled;
}
@ -65,7 +65,7 @@ class tools
}else{
$ip = $_SERVER['REMOTE_ADDR'];
}
if($this->database->get_option("check_cf_ip")) {
if(get_option("check_cf_ip")) {
if(!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) {
$ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
}
@ -203,7 +203,7 @@ class tools
}
public function convertMapAddressToUrl($lat, $lng, $zoom){
switch ($this->database->get_option("map_preview_generator")) {
switch (get_option("map_preview_generator")) {
case 'osm':
$converter = new Converter();
$point = new LatLng($lat, $lng);
@ -214,10 +214,10 @@ class tools
case 'custom':
default:
if($this->database->get_option("map_preview_generator_add_marker") && $this->database->get_option("map_preview_generator_url_marker") && $this->database->get_option("map_preview_generator_url_marker") !== ""){
$url = $this->database->get_option("map_preview_generator_url_marker");
if(get_option("map_preview_generator_add_marker") && get_option("map_preview_generator_url_marker") && get_option("map_preview_generator_url_marker") !== ""){
$url = get_option("map_preview_generator_url_marker");
} else {
$url = $this->database->get_option("map_preview_generator_url");
$url = get_option("map_preview_generator_url");
}
$url = str_replace("{{LAT}}", $lat, $url);
$url = str_replace("{{LNG}}", $lng, $url);
@ -241,12 +241,12 @@ class tools
$filePath = "resources/images/map_cache/".$filename.".png";
file_put_contents($filePath, $data);
if(extension_loaded('gd')){
$img = imagecreatefrompng($filePath);
if($this->database->get_option("map_preview_generator_add_marker") && (!$this->database->get_option("map_preview_generator_url_marker") || $this->database->get_option("map_preview_generator_url_marker") == "")){
$img = imagecreatefromstring(file_get_contents($filePath));
if(get_option("map_preview_generator_add_marker") && (!get_option("map_preview_generator_url_marker") || get_option("map_preview_generator_url_marker") == "")){
$marker = imagecreatefromgif("resources/images/marker.gif");
imagecopy($img, $marker, 120, 87, 0, 0, 25, 41);
}
if($this->database->get_option("map_preview_generator") == "osm"){
if(get_option("map_preview_generator") == "osm"){
$textcolor = imagecolorallocate($img, 0, 0, 0);
imagestring($img, 5, 0, 236, ' OpenStreetMap contributors', $textcolor);
}
@ -259,7 +259,7 @@ class tools
}
public function checkPlaceParam($place){
if($this->database->get_option("generate_map_preview")){
if(get_option("generate_map_preview")){
if(preg_match('/[+-]?\d+([.]\d+)?[;][+-]?\d+([.]\d+)?/', $place)){
$lat = explode(";", $place)[0];
$lng = explode(";", $place)[1];
@ -270,45 +270,36 @@ class tools
}
return $place;
}
public function savePlaceReverse($place){
if(strpos($place, ";") === false) return 0;
$lat = explode(";", $place)[0];
$lng = explode("#", explode(";", $place)[1])[0];
$url = sprintf("https://nominatim.openstreetmap.org/reverse?format=jsonv2&lat=%s&lon=%s", $lat, $lng);
$options = ['http' => [
'user_agent' => 'AllertaVVF dev version (place info downloader)'
]];
$context = stream_context_create($options);
$data = file_get_contents($url, false, $context);
$this->db->insert(
DB_PREFIX."_places_info",
["reverse_json" => $data]
);
return $this->db->getLastInsertId();
}
}
class database
class options
{
protected $db_host = DB_HOST;
protected $db_dbname = DB_NAME;
protected $db_username = DB_USER;
protected $db_password = DB_PASSWORD;
public $connection = null;
public $query = null;
public $stmt = null;
protected $db;
public $load_from_file = true;
public $options = [];
public $options_cache_file = null;
public function connect()
{
try {
$this->connection = new DebugBar\DataCollector\PDO\TraceablePDO(new PDO("mysql:host=" . $this->db_host . ";dbname=" . $this->db_dbname, $this->db_username, $this->db_password));
$this->connection->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$this->connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e)
{
exit($e->getMessage());
}
}
public function isOptionsEmpty()
{
return empty($this->exec("SELECT * FROM `%PREFIX%_options`;", true));
}
public function __construct()
{
$this->connect();
if($this->isOptionsEmpty()) {
header('Location: install/install.php');
}
public function __construct($db){
$this->db = $db;
$file_infos = pathinfo(array_reverse(debug_backtrace())[0]['file']);
if(strpos($file_infos['dirname'], 'resources') !== false) {
$this->options_cache_file = "../../options.txt";
@ -319,68 +310,20 @@ class database
if(file_exists($this->options_cache_file)/* && time()-@filemtime($this->options_cache_file) < 604800*/) {
$this->options = json_decode(file_get_contents($this->options_cache_file), true);
} else {
$this->options = $this->exec("SELECT * FROM `%PREFIX%_options` WHERE `enabled` = 1", true);
$this->options = $db->select("SELECT * FROM `".DB_PREFIX."_options` WHERE `enabled` = 1");
file_put_contents($this->options_cache_file, json_encode($this->options));
}
} else {
$this->options = $this->exec("SELECT * FROM `%PREFIX%_options` WHERE `enabled` = 1", true);
$this->options = $db->select("SELECT * FROM `".DB_PREFIX."_options` WHERE `enabled` = 1");
}
if(empty($this->options)) header('Location: install/install.php');
}
public function close()
{
$this->connection = null;
}
public function exec($sql1, $fetch=false, $param=null, ...$others_params)
{
try{
//$this->connection->beginTransaction();
array_unshift($others_params, $sql1);
bdump($others_params);
$toReturn = [];
foreach($others_params as $sql){
$sql = str_replace("%PREFIX%", DB_PREFIX, $sql);
bdump($sql);
$this->stmt = $this->connection->prepare($sql);
if(!is_null($param)) {
$this->query = $this->stmt->execute($param);
} else {
$this->query = $this->stmt->execute();
}
bdump($this->query);
if($fetch == true) {
if(count($others_params) > 1) {
$toReturn[] = $this->stmt->fetchAll(PDO::FETCH_ASSOC);
} else {
$toReturn = $this->stmt->fetchAll(PDO::FETCH_ASSOC);
}
}
}
//$this->connection->commit();
//$this->stmt->closeCursor();
return $toReturn;
} catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "<br/>";
//$this->connection->rollBack();
die();
}
}
public function exists($table, $id)
{
$result = $this->exec("SELECT :table FROM `%PREFIX%_services` WHERE id = :id;", true, [":table" => $table, ":id" => $id]);
return !empty($result);
}
public function get_option($name)
public function get($name)
{
if(defined($name)) {
return constant($name);
} else {
//$option = $this->exec("SELECT `value` FROM `%PREFIX%_options` WHERE `name` = :name AND `enabled` = 1;", true, [":name" => $name]);
//return empty($option) ? "" : $option[0]["value"];
foreach($this->options as $option){
if($name == $option["name"]) {
return empty($option["value"]) ? false : $option["value"];
@ -413,23 +356,25 @@ final class Role
class user
{
private $database = null;
private $db = null;
private $tools = null;
private $profile_names = null;
public $auth = null;
public $authenticated = false;
public $holidays = null;
public function __construct($database, $tools)
public function __construct($db, $tools)
{
$this->database = $database;
$this->db = $db;
$this->tools = $tools;
$this->auth = new \Delight\Auth\Auth($database->connection, $tools->get_ip(), DB_PREFIX."_", false);
$this->auth = new \Delight\Auth\Auth($this->db, $tools->get_ip(), DB_PREFIX."_", false);
\header_remove('X-Frame-Options');
if(isset($_REQUEST["apiKey"]) && !is_null($_REQUEST["apiKey"])){
$api_key_row = $this->database->exec("SELECT * FROM `%PREFIX%_api_keys` WHERE apikey = :apikey;", true, [":apikey" => $_REQUEST["apiKey"]]);
//var_dump("SELECT * FROM \`".DB_PREFIX."_api_keys\` WHERE apikey = :apikey");
//exit();
$api_key_row = $this->db->select("SELECT * FROM `".DB_PREFIX."_api_keys` WHERE apikey = :apikey", [":apikey" => $_REQUEST["apiKey"]]);
if(!empty($api_key_row)){
$user = $this->database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $api_key_row[0]["user"]]);
$user = $this->db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", [":id" => $api_key_row[0]["user"]]);
$user_id = $user[0]["id"];
$this->auth->admin()->logInAsUserById($user_id);
if(!empty($user)) {
@ -446,9 +391,9 @@ class user
}
}
$this->authenticated = $this->auth->isLoggedIn();
$this->profile_names = $this->database->exec("SELECT `id`, `name` FROM `%PREFIX%_profiles`;", true);
$this->user_names = $this->database->exec("SELECT `id`, `username` FROM `%PREFIX%_users`;", true);
$this->holidays = Yasumi\Yasumi::create($this->database->get_option("holidays_provider") ?: "USA", date("Y"), $this->database->get_option("holidays_language") ?: "en_US");
$this->profile_names = $this->db->select("SELECT `id`, `name` FROM `".DB_PREFIX."_profiles`");
$this->user_names = $this->db->select("SELECT `id`, `username` FROM `".DB_PREFIX."_users`");
$this->holidays = Yasumi\Yasumi::create(get_option("holidays_provider") ?: "USA", date("Y"), get_option("holidays_language") ?: "en_US");
}
public function authenticated()
@ -460,17 +405,19 @@ class user
{
$this->tools->profiler_start("Require login");
if(!$this->authenticated()) {
if($this->database->get_option("intrusion_save")) {
if($this->database->get_option("intrusion_save_info")) {
$params = [":page" => $this->tools->get_page_url(), ":ip" => $this->tools->get_ip(), ":date" => date("d/m/Y"), ":hour" => date("H:i.s"), ":server_var" => json_encode($_SERVER)];
if(get_option("intrusion_save")) {
if(get_option("intrusion_save_info")) {
$params = ["page" => $this->tools->get_page_url(), "ip" => $this->tools->get_ip(), "date" => date("d/m/Y"), "hour" => date("H:i.s"), "server_var" => json_encode($_SERVER)];
} else {
$params = [":page" => $this->tools->get_page_url(), ":ip" => "redacted", ":date" => date("d/m/Y"), ":hour" => date("H:i.s"), ":server_var" => json_encode(["redacted" => "true"])];
$params = ["page" => $this->tools->get_page_url(), "ip" => "redacted", "date" => date("d/m/Y"), "hour" => date("H:i.s"), "server_var" => json_encode(["redacted" => "true"])];
}
$sql = "INSERT INTO `%PREFIX%_intrusions` (`id`, `page`, `date`, `hour`, `ip`, `server_var`) VALUES (NULL, :page, :date, :hour, :ip, :server_var)";
$this->database->exec($sql, false, $params);
$this->db->insert(
"intrusions",
$params
);
}
if($redirect) {
$this->tools->redirect($this->database->get_option("web_url"));
$this->tools->redirect(get_option("web_url"));
} else {
exit();
}
@ -526,16 +473,16 @@ class user
if(is_null($user)){
$user = $this->auth->getUserId();
}
$result = $this->database->exec("SELECT `hidden` FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $user]);
$result = $this->db->select("SELECT `hidden` FROM `".DB_PREFIX."_profiles` WHERE id = :id", [":id" => $user]);
if(isset($result[0]) && isset($result[0]["hidden"])){
return boolval($result[0]["hidden"]);
}
return false;
}
public function available($name)
public function available($id)
{
$user = $this->database->exec("SELECT available FROM `%PREFIX%_users` WHERE name = :name;", true, [":name" => $name]);
$user = $this->db->select("SELECT available FROM `".DB_PREFIX."_users` WHERE id = :id", [":id" => $id]);
if(empty($user)) {
return false;
} else {
@ -585,7 +532,7 @@ class user
}
if($this->auth->isLoggedIn()) {
$this->log("Login", $this->auth->getUserId());
$user = $this->database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $this->auth->getUserId()]);
$user = $this->db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id", [":id" => $this->auth->getUserId()]);
if(!empty($user)) {
if(is_null($user[0]["name"])) {
$_SESSION['_user_name'] = $this->auth->getUsername();
@ -623,16 +570,17 @@ class user
$editor = $changed;
}
if(!$this->hidden($editor)){
if($this->database->get_option("log_save_ip")){
if(get_option("log_save_ip")){
$ip = $this->tools->get_ip();
} else {
$ip = null;
}
$source_type = defined("REQUEST_USING_API") ? "api" : "web";
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? mb_strimwidth($_SERVER['HTTP_USER_AGENT'], 0, 200, "...") : null;
$params = [":action" => $action, ":changed" => $changed, ":editor" => $editor, ":timestamp" => $timestamp, ":ip" => $ip, "source_type" => $source_type, "user_agent" => $user_agent];
$sql = "INSERT INTO `%PREFIX%_log` (`id`, `action`, `changed`, `editor`, `timestamp`, `ip`, `source_type`, `user_agent`) VALUES (NULL, :action, :changed, :editor, :timestamp, :ip, :source_type, :user_agent)";
$this->database->exec($sql, false, $params);
$this->db->insert(
DB_PREFIX."_log",
["action" => $action, "changed" => $changed, "editor" => $editor, "timestamp" => $timestamp, "ip" => $ip, "source_type" => $source_type, "user_agent" => $user_agent]
);
}
$this->tools->profiler_stop();
}
@ -661,8 +609,10 @@ class user
$disabled = $disabled ? 1 : 0;
$chief = $chief ? 1 : 0;
$driver = $driver ? 1 : 0;
$sql = "INSERT INTO `%PREFIX%_profiles` (`hidden`, `disabled`, `name`, `phone_number`, `chief`, `driver`) VALUES (:hidden, :disabled, :name, :phone_number, :chief, :driver)";
$this->database->exec($sql, false, [":hidden" => $hidden, ":disabled" => $disabled, ":name" => $name, ":phone_number" => $phone_number, ":chief" => $chief, ":driver" => $driver]);
$this->db->insert(
DB_PREFIX."_profiles",
["hidden" => $hidden, "disabled" => $disabled, "name" => $name, "phone_number" => $phone_number, "chief" => $chief, "driver" => $driver]
);
if($chief == 1) {
$this->auth->admin()->addRoleForUserById($userId, Role::FULL_VIEWER);
}
@ -678,7 +628,14 @@ class user
public function remove_user($id, $removed_by)
{
$this->tools->profiler_start("Remove user");
$this->database->exec("DELETE FROM `%PREFIX%_users` WHERE `id` = :id", true, [":id" => $id], "DELETE FROM `%PREFIX%_profiles` WHERE `id` = :id");
$this->db->delete(
DB_PREFIX."_users",
["id" => $id]
);
$this->db->delete(
DB_PREFIX."_profiles",
["id" => $id]
);
$this->log("User removed", null, $removed_by);
$this->tools->profiler_stop();
}
@ -687,8 +644,11 @@ class user
$this->tools->profiler_start("Update online timestamp");
if(is_null($id)) $id = $this->auth->getUserId();
$time = time();
$sql = "UPDATE `%PREFIX%_profiles` SET online_time = '$time' WHERE id = '" . $id ."'";
$this->database->exec($sql, true);
$this->db->update(
DB_PREFIX."_profiles",
["online_time" => $time],
["id" => $id]
);
bdump(["id" => $id, "time" => $time]);
$this->tools->profiler_stop();
}
@ -697,58 +657,68 @@ class user
class crud
{
public $tools = null;
public $database = null;
public $db = null;
public $user = null;
public function __construct($tools, $database, $user)
public function __construct($tools, $db, $user)
{
$this->tools = $tools;
$this->database = $database;
$this->db = $db;
$this->user = $user;
}
public function increment($increment)
public function increment_services($increment)
{
bdump($increment);
$sql = "UPDATE `%PREFIX%_profiles` SET `services`= services + 1 WHERE id IN ($increment);";
$this->database->exec($sql, false);
$this->db->exec(
"UPDATE `".DB_PREFIX."_profiles` SET `services`= services + 1 WHERE id IN ($increment)"
);
}
public function getIncrement($id)
public function getIncrement_services($id)
{
bdump($id);
$sql = "SELECT `increment` FROM `%PREFIX%_services` WHERE `id` = :id";
$increment = $this->database->exec($sql, true, [":id" => $id])[0]['increment'];
$increment = $this->db->selectValue(
"SELECT `increment` FROM `".DB_PREFIX."_services` WHERE `id` = :id LIMIT 0, 1",
["id" => $id]
);
bdump($increment);
return $increment;
}
public function decrease($id)
public function decrease_services($id)
{
$sql = "UPDATE `%PREFIX%_profiles` SET `services`= services - 1 WHERE id IN ({$this->getIncrement($id)});";
$this->database->exec($sql, false);
$increment = $this->getIncrement_services($id);
$this->db->exec(
"UPDATE `".DB_PREFIX."_profiles` SET `services`= services - 1 WHERE id IN ($increment)"
);
}
public function increment_trainings($increment)
{
bdump($increment);
$sql = "UPDATE `%PREFIX%_profiles` SET `trainings`= trainings + 1 WHERE id IN ($increment);";
$this->database->exec($sql, false);
$this->db->exec(
"UPDATE `".DB_PREFIX."_profiles` SET `trainings`= trainings + 1 WHERE id IN ($increment)"
);
}
public function getIncrement_trainings($id)
{
bdump($id);
$sql = "SELECT `increment` FROM `%PREFIX%_trainings` WHERE `id` = :id";
$increment = $this->database->exec($sql, true, [":id" => $id])[0]['increment'];
$increment = $this->db->selectValue(
"SELECT `increment` FROM `".DB_PREFIX."_trainings` WHERE `id` = :id LIMIT 0, 1",
["id" => $id]
);
bdump($increment);
return $increment;
}
public function decrease_trainings($id)
{
$sql = "UPDATE `%PREFIX%_profiles` SET `trainings`= trainings - 1 WHERE id IN ({$this->getIncrement_trainings($id)});";
$this->database->exec($sql, false);
$increment = $this->getIncrement_trainings($id);
$this->db->exec(
"UPDATE `".DB_PREFIX."_profiles` SET `trainings`= trainings - 1 WHERE id IN ($increment)"
);
}
public function add_service($date, $code, $beginning, $end, $chief, $drivers, $crew, $place, $notes, $type, $increment, $inserted_by)
@ -760,16 +730,21 @@ class crud
$increment = implode(",", $increment);
bdump($increment);
$date = date('Y-m-d H:i:s', strtotime($date));
$sql = "INSERT INTO `%PREFIX%_services` (`id`, `date`, `code`, `beginning`, `end`, `chief`, `drivers`, `crew`, `place`, `notes`, `type`, `increment`, `inserted_by`) VALUES (NULL, :date, :code, :beginning, :end, :chief, :drivers, :crew, :place, :notes, :type, :increment, :inserted_by);";
$this->database->exec($sql, false, [":date" => $date, ":code" => $code, "beginning" => $beginning, ":end" => $end, ":chief" => $chief, ":drivers" => $drivers, ":crew" => $crew, ":place" => $place, ":notes" => $notes, ":type" => $type, ":increment" => $increment, ":inserted_by" => $inserted_by]);
$this->increment($increment);
$this->db->insert(
DB_PREFIX."_services",
["date" => $date, "code" => $code, "beginning" => $beginning, "end" => $end, "chief" => $chief, "drivers" => $drivers, "crew" => $crew, "place" => $place, "place_reverse" => $this->tools->savePlaceReverse($place), "notes" => $notes, "type" => $type, "increment" => $increment, "inserted_by" => $inserted_by]
);
$this->increment_services($increment);
$this->user->log("Service added");
}
public function remove_service($id)
{
$this->decrease($id);
$this->database->exec("DELETE FROM `%PREFIX%_services` WHERE `id` = :id", true, [":id" => $id]);
$this->decrease_services($id);
$this->db->delete(
DB_PREFIX."_services",
["id" => $id]
);
$this->user->log("Service removed");
}
@ -788,8 +763,10 @@ class crud
$increment = implode(",", $increment);
bdump($increment);
$date = date('Y-m-d H:i:s', strtotime($date));
$sql = "INSERT INTO `%PREFIX%_trainings` (`id`, `date`, `name`, `beginning`, `end`, `chief`, `crew`, `place`, `notes`, `increment`, `inserted_by`) VALUES (NULL, :date, :name, :start_time, :end_time, :chief, :crew, :place, :notes, :increment, :inserted_by);";
$this->database->exec($sql, false, [":date" => $date, ":name" => $name, "start_time" => $start_time, ":end_time" => $end_time, ":chief" => $chief, ":crew" => $crew, ":place" => $place, ":notes" => $notes, ":increment" => $increment, ":inserted_by" => $inserted_by]);
$this->db->insert(
DB_PREFIX."_trainings",
["date" => $date, "name" => $name, "beginning" => $start_time, "end" => $end_time, "chief" => $chief, "crew" => $crew, "place" => $place, "place_reverse" => $this->tools->savePlaceReverse($place), "notes" => $notes, "increment" => $increment, "inserted_by" => $inserted_by]
);
$this->increment_trainings($increment);
$this->user->log("Training added");
}
@ -798,7 +775,10 @@ class crud
{
$this->decrease_trainings($id);
bdump($id);
$this->database->exec("DELETE FROM `%PREFIX%_trainings` WHERE `id` = :id", true, [":id" => $id]);
$this->db->delete(
DB_PREFIX."_trainings",
["id" => $id]
);
$this->user->log("Training removed");
}
@ -809,6 +789,12 @@ class crud
$this->add_training($date, $name, $start_time, $end_time, $chief, $crew, $place, $notes, $increment, $inserted_by);
$this->user->log("Training edited");
}
public function exists($table, $id)
{
$result = $this->db->select("SELECT id FROM `".DB_PREFIX."_{$table}` WHERE id = :id", [":id" => $id]);
return !empty($result);
}
}
class translations
@ -897,17 +883,31 @@ class translations
}
}
}
function init_db(){
global $db;
$dataSource = new \Delight\Db\PdoDataSource('mysql');
$dataSource->setHostname(DB_HOST);
$dataSource->setPort(3306);
$dataSource->setDatabaseName(DB_NAME);
$dataSource->setCharset('utf8mb4');
$dataSource->setUsername(DB_USER);
$dataSource->setPassword(DB_PASSWORD);
$db = \Delight\Db\PdoDatabase::fromDataSource($dataSource);
}
$webpack_manifest_path = realpath("resources/dist/assets-manifest.json");
function init_class($enableDebugger=true, $headers=true)
{
global $tools, $database, $user, $crud, $translations, $debugbar;
if(!isset($tools) && !isset($database) && !isset($translations)) {
$database = new database();
$tools = new tools($database, $enableDebugger);
$user = new user($database, $tools);
$crud = new crud($tools, $database, $user);
$translations = new translations($database->get_option("force_language"));
}
global $tools, $options, $db, $user, $crud, $translations, $debugbar;
init_db();
$options = new options($db);
$tools = new tools($db, $enableDebugger);
$user = new user($db, $tools);
$crud = new crud($tools, $db, $user);
$translations = new translations(get_option("force_language"));
if($headers) {
//TODO adding require-trusted-types-for 'script';
$csp = "default-src 'self' data: *.tile.openstreetmap.org nominatim.openstreetmap.org; connect-src 'self' *.sentry.io nominatim.openstreetmap.org; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.tile.openstreetmap.org; object-src; style-src 'self' 'unsafe-inline';";
@ -948,8 +948,9 @@ function init_class($enableDebugger=true, $headers=true)
bdump(__DIR__);
$dir = str_replace("resources\ajax\\", "", __DIR__).DIRECTORY_SEPARATOR.'debug_storage';
$debugbar->setStorage(new DebugBar\Storage\FileStorage($dir));
$debugbar->addCollector(new DebugBar\DataCollector\PDO\PDOCollector($database->connection));
$debugbar->addCollector(new DebugBar\DataCollector\ConfigCollector($database->options));
//TODO: debug PDO
//$debugbar->addCollector(new DebugBar\DataCollector\PDO\PDOCollector($database->connection));
$debugbar->addCollector(new DebugBar\DataCollector\ConfigCollector($options->options));
} else {
$debugbar = null;
}
@ -999,6 +1000,11 @@ function s($string, $echo=true, $htmlAllowed=false, $htmlPurifierOptions=[])
}
}
function get_option($option){
global $options;
return $options->get($option);
}
function p_start($name=null)
{
global $tools;

50
server/cron.php
View File

@ -5,7 +5,7 @@ init_class(false);
header('Content-Type: application/json');
error_reporting(-1);
list($cronJobDay, $cronJobTime) = explode(";", $database->get_option("cron_job_time"));
list($cronJobDay, $cronJobTime) = explode(";", get_option("cron_job_time"));
$execDateTime = [
"day" => date("d"),
@ -23,7 +23,7 @@ $cronJobDateTime = [
"minutes" => explode(":", $cronJobTime)[1]
];
$start = $database->get_option("cron_job_enabled") && ((isset($_POST['cron']) && $_POST['cron'] == "cron_job-".$database->get_option("cron_job_code")) || (isset($_SERVER['HTTP_CRON']) && $_SERVER['HTTP_CRON'] == "cron_job-".$database->get_option("cron_job_code")));
$start = get_option("cron_job_enabled") && ((isset($_POST['cron']) && $_POST['cron'] == "cron_job-".get_option("cron_job_code")) || (isset($_SERVER['HTTP_CRON']) && $_SERVER['HTTP_CRON'] == "cron_job-".get_option("cron_job_code")));
$start_reset = ( $execDateTime["day"] == $cronJobDateTime["day"] &&
$execDateTime["day"] == $cronJobDateTime["day"] &&
$execDateTime["month"] == $cronJobDateTime["month"] &&
@ -35,21 +35,25 @@ $action = "Availability Minutes ";
if($start) {
if($start_reset) {
$action .= "reset and ";
$sql = "SELECT * FROM `%PREFIX%_profiles` WHERE `available` = 1 ";
$profiles = $database->exec($sql, true);
$profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE `available` = 1 ");
if(count($profiles) > 0) {
$list = [];
foreach($profiles as $profile){
$list[] = [$profile["id"] => $profile["availability_minutes"]];
}
$database->exec("INSERT INTO `%PREFIX%_minutes` (`id`, `month`, `year`, `list`) VALUES (NULL, :month, :year, :list)", false, [":month" => $execDateTime["month"],":year" => $execDateTime["year"],":list"=>json_encode($list)]);
$database->exec("UPDATE %PREFIX%_profiles SET availability_minutes = 0");
$db->insert(
DB_PREFIX."_minutes",
["month" => $execDateTime["month"], "year" => $execDateTime["year"], "list"=>json_encode($list)]
);
$db->update(
DB_PREFIX."_profiles",
["availability_minutes" => 0]
);
}
}
$action .= "update";
$sql = "SELECT * FROM `%PREFIX%_profiles` WHERE `available` = 1 ";
$profiles = $database->exec($sql, true);
$profiles = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE `available` = 1");
if(count($profiles) > 0) {
$output = [];
$output[] = $profiles;
@ -59,9 +63,13 @@ if($start) {
$value = (int)$row["availability_minutes"]+5;
$id = $row["id"];
$increment[$id] = $value;
$database->exec("UPDATE %PREFIX%_profiles SET availability_minutes = :value WHERE id = :id", true, [":value" => $value, ":id" => $id]);
$count = $db->update(
DB_PREFIX."_profiles",
["availability_minutes" => $value],
["id" => $id]
);
$tmp = $id . " - " . $value . " ";
$tmp .= $database->stmt->rowCount() == 1 ? "success" : "fail";
$tmp .= $count == 1 ? "success" : "fail";
$queries[] = $tmp;
}
$output[] = $queries;
@ -70,7 +78,7 @@ if($start) {
$output_status = "ok";
}
$result = $database->exec("SELECT * FROM `%PREFIX%_schedules`;", true);
$result = $db->select("SELECT * FROM `".DB_PREFIX."_schedules`;");
$schedules_check = [];
$schedules_users = [];
$schedules_check["schedules"] = [];
@ -115,8 +123,16 @@ if($start) {
if(!in_array($user_id,$schedules_users)) $schedules_users[] = $user_id;
if($schedule["hour"] == $last_exec["hour"] ? $schedule["minutes"] !== $last_exec["minutes"] : true && !in_array(date('Y-m-d'), $selected_holidays_dates)){
$last_exec_new = $schedule["day"].";".sprintf("%02d", $schedule["hour"]).":".sprintf("%02d", $schedule["minutes"]);
$database->exec("UPDATE `%PREFIX%_schedules` SET `last_exec` = :last_exec WHERE `id` = :id;", false, [":id" => $id, ":last_exec" => $last_exec_new]);
$database->exec("UPDATE `%PREFIX%_profiles` SET available = '1', availability_last_change = 'cron' WHERE `id` = :user_id;", false, [":user_id" => $user_id]);
$db->update(
DB_PREFIX."_schedules",
["last_exec" => $last_exec_new],
["id" => $id]
);
$db->update(
DB_PREFIX."_profiles",
["available" => '1', "availability_last_change" => "cron"],
["id" => $user_id]
);
$schedules_check["schedules"][] = [
"schedule" => $schedule,
"now" => $now,
@ -129,10 +145,14 @@ if($start) {
}
}
$schedules_check["users"] = $schedules_users;
$profiles = $database->exec("SELECT id FROM `%PREFIX%_profiles`", true);
$profiles = $db->select("SELECT id FROM `".DB_PREFIX."_profiles`");
foreach ($profiles as $profile) {
if(!in_array($profile["id"],$schedules_users)){
$database->exec("UPDATE `%PREFIX%_profiles` SET available = '0' WHERE availability_last_change = 'cron' AND id = :id;", false, [":id" => $profile["id"]]);
$db->update(
DB_PREFIX."_profiles",
["available" => 0],
["availability_last_change" => "cron", "id" => $profile["id"]]
);
}
}
}

10
server/edit_service.php
View File

@ -49,8 +49,8 @@ if($tools->validate_form("mod", "add")) {
if(isset($_GET["add"])||isset($_GET["edit"])||isset($_GET["delete"])||isset($_GET["mod"])) {
$_SESSION["token"] = bin2hex(random_bytes(64));
}
$crew = $database->exec("SELECT * FROM `%PREFIX%_profiles` ORDER BY name ASC;", true);
$types = $database->exec("SELECT `name` FROM `%PREFIX%_type` ORDER BY name ASC", true);
$crew = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` ORDER BY name ASC");
$types = $db->select("SELECT `name` FROM `".DB_PREFIX."_type` ORDER BY name ASC");
$modalità = (isset($_GET["add"])) ? "add" : ((isset($_GET["edit"])) ? "edit" : ((isset($_GET["delete"])) ? "delete" : "add"));
bdump($modalità, "modalità");
bdump($types, "types");
@ -58,8 +58,8 @@ if($tools->validate_form("mod", "add")) {
$id = "";
if(isset($_GET["id"])) {
$id = $_GET["id"];
bdump($database->exists("services", $id));
$values = $database->exec("SELECT * FROM `%PREFIX%_services` WHERE `id` = :id", true, [":id" => $id])[0];
bdump($crud->exists("services", $id));
$values = $db->select("SELECT * FROM `".DB_PREFIX."_services` WHERE `id` = :id", [":id" => $id])[0];
bdump($values);
} else {
$values = [];
@ -67,7 +67,7 @@ if($tools->validate_form("mod", "add")) {
if($modalità=="edit" || $modalità=="delete") {
if(empty($id)) {
echo("<pre>"); var_dump($_POST); echo("</pre>");
} elseif (!$database->exists("services", $id)) {
} elseif (!$crud->exists("services", $id)) {
echo("<pre>"); var_dump($_POST); echo("</pre>");
}
}

8
server/edit_training.php
View File

@ -47,15 +47,15 @@ if($tools->validate_form("mod", "add")) {
if(isset($_GET["add"])||isset($_GET["edit"])||isset($_GET["delete"])||isset($_GET["mod"])) {
$_SESSION["token"] = bin2hex(random_bytes(64));
}
$crew = $database->exec("SELECT * FROM `%PREFIX%_profiles` ORDER BY name ASC;", true);
$crew = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` ORDER BY name ASC");
$modalità = (isset($_GET["add"])) ? "add" : ((isset($_GET["edit"])) ? "edit" : ((isset($_GET["delete"])) ? "delete" : "add"));
bdump($modalità, "modalità");
bdump($crew, "crew");
$id = "";
if(isset($_GET["id"])) {
$id = $_GET["id"];
bdump($database->exists("trainings", $id));
$values = $database->exec("SELECT * FROM `%PREFIX%_trainings` WHERE `id` = :id", true, [":id" => $id])[0];
bdump($crud->exists("trainings", $id));
$values = $db->select("SELECT * FROM `".DB_PREFIX."_trainings` WHERE `id` = :id", [":id" => $id])[0];
bdump($values);
} else {
$values = [];
@ -63,7 +63,7 @@ if($tools->validate_form("mod", "add")) {
if($modalità=="edit" || $modalità=="delete") {
if(empty($id)) {
$tools->redirect("accessdenied.php");
} elseif (!$database->exists("trainings", $id)) {
} elseif (!$crud->exists("trainings", $id)) {
//$tools->redirect("accessdenied.php");
}
}

6
server/edit_user.php
View File

@ -69,8 +69,8 @@ if($tools->validate_form("mod", "add")) {
$id = "";
if(isset($_GET["id"])) {
$id = $_GET["id"];
bdump($database->exists("profiles", $id));
$values = $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE `id` = :id", true, [":id" => $id])[0];
bdump($crud->exists("profiles", $id));
$values = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` WHERE `id` = :id", [":id" => $id])[0];
bdump($values);
} else {
$values = [];
@ -78,7 +78,7 @@ if($tools->validate_form("mod", "add")) {
if($modalità=="edit" || $modalità=="delete") {
if(empty($id)) {
$tools->redirect("accessdenied.php");
} elseif (!$database->exists("profiles", $id)) {
} elseif (!$crud->exists("profiles", $id)) {
$tools->redirect("accessdenied.php");
}
}

24
server/error_page.php
View File

@ -15,12 +15,20 @@ function show_error_page($error=null, $error_message=null, $error_message_advanc
break;
}
}
$webpack_manifest = json_decode(
file_get_contents(isset($webpack_manifest_path) ? $webpack_manifest_path : realpath("resources/dist/assets-manifest.json")),
true
);
$main_script_url = "resources/dist/".$webpack_manifest["main.js"]["src"];
$game_script_url = "resources/dist/".$webpack_manifest["games.js"]["src"];
$main_script_url = null;
$game_script_url = null;
try{
$webpack_manifest_path = isset($webpack_manifest_path) ? $webpack_manifest_path : realpath("resources/dist/assets-manifest.json");
if(!empty($webpack_manifest_path)){
$webpack_manifest = json_decode(
file_get_contents($webpack_manifest_path),
true
);
$main_script_url = "resources/dist/".$webpack_manifest["main.js"];
$game_script_url = "resources/dist/".$webpack_manifest["games.js"];
}
} catch(\Exception $e) {
}
$error_templates = [
<<<EOT
@ -59,6 +67,9 @@ function show_error_page($error=null, $error_message=null, $error_message_advanc
echo($error_templates[$key]);
?>
<br><br>
<?php
if(!is_null($game_script_url)){
?>
<div class="games_list" style="margin-left: 20px; text-align: left;">
While you are waiting, you can play some games:
<ul>
@ -73,6 +84,7 @@ function show_error_page($error=null, $error_message=null, $error_message_advanc
<script src="<?php echo($game_script_url); ?>"></script>
<?php
}
}
if (basename(__FILE__) == basename($_SERVER["SCRIPT_FILENAME"])) {
show_error_page();

26
server/install/install.php
View File

@ -27,14 +27,24 @@ if (file_exists("../config.php")) {
if(checkConnection($dbhostValue, $unameValue, $pwdValue, $dbnameValue, true)) {
$configOk = true;
try{
$connection = new PDO("mysql:host=$dbhostValue;dbname=$dbnameValue", $unameValue, $pwdValue, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
$stmt = $connection->prepare(str_replace("%PREFIX%", DB_PREFIX, "SELECT * FROM `%PREFIX%_dbversion`;"));
$query = $stmt->execute();
$populated = !empty($stmt->fetchAll(PDO::FETCH_ASSOC));
$stmt2 = $connection->prepare(str_replace("%PREFIX%", DB_PREFIX, "SELECT * FROM `%PREFIX%_users`;"));
$query2 = $stmt2->execute();
$userPopulated = !empty($stmt2->fetchAll(PDO::FETCH_ASSOC));
} catch (PDOException $e){
$db = \Delight\Db\PdoDatabase::fromDsn(
new \Delight\Db\PdoDsn(
"mysql:host=$dbhostValue;dbname=$dbnameValue",
$unameValue,
$pwdValue
)
);
try{
$populated = !is_null($db->select("SELECT * FROM `".DB_PREFIX."_dbversion`"));
} catch (Delight\Db\Throwable\TableNotFoundError $e){
$populated = false;
}
try{
$userPopulated = !is_null($db->select("SELECT * FROM `".DB_PREFIX."_users`"));
} catch (Delight\Db\Throwable\TableNotFoundError $e){
$userPopulated = false;
}
} catch (Exception $e){
$populated = false;
$userPopulated = false;
}

141
server/install/installHelper.php
View File

@ -252,11 +252,16 @@ define('SENTRY_ENV', 'prod');<br>
function initDB()
{
try{
$connection = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME, DB_USER, DB_PASSWORD, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
$db = \Delight\Db\PdoDatabase::fromDsn(
new \Delight\Db\PdoDsn(
"mysql:host=".DB_HOST.";dbname=".DB_NAME,
DB_USER,
DB_PASSWORD
)
);
$prefix = DB_PREFIX;
$connection->exec(
"
CREATE TABLE IF NOT EXISTS `".$prefix."_trainings` (
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_trainings` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`date` date NOT NULL,
`name` varchar(999) NOT NULL,
@ -265,12 +270,15 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_trainings` (
`crew` text NOT NULL,
`chief` text NOT NULL,
`place` text NOT NULL,
`place_reverse` int(11) NOT NULL,
`notes` text NOT NULL,
`increment` varchar(999) NOT NULL,
`inserted_by` varchar(200) NOT NULL,
PRIMARY KEY (`id`)
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `".$prefix."_services` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_services` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`date` date NOT NULL,
`code` text NOT NULL,
@ -280,13 +288,16 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_services` (
`drivers` varchar(999) NOT NULL,
`crew` varchar(999) NOT NULL,
`place` varchar(999) NOT NULL,
`place_reverse` int(11) NOT NULL,
`notes` varchar(999) NOT NULL,
`type` text NOT NULL,
`increment` varchar(999) NOT NULL,
`inserted_by` varchar(200) NOT NULL,
PRIMARY KEY (`id`)
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `".$prefix."_intrusions` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_intrusions` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`page` varchar(999) COLLATE utf8mb4_unicode_ci NOT NULL,
`date` varchar(100) COLLATE utf8mb4_unicode_ci NOT NULL,
@ -295,7 +306,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_intrusions` (
`server_var` varchar(9999) COLLATE utf8mb4_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `".$prefix."_log` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_log` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`action` varchar(100) NOT NULL,
`changed` varchar(100),
@ -306,20 +319,26 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_log` (
`user_agent` varchar(500),
PRIMARY KEY (`id`)
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `".$prefix."_minutes` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_minutes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`month` int(2) NOT NULL,
`year` int(2) NOT NULL,
`list` mediumtext NOT NULL,
PRIMARY KEY (`id`)
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `".$prefix."_type` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_type` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` text NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `type_name` (`name`(99))
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `".$prefix."_users` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_users` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`email` varchar(249) COLLATE utf8mb4_unicode_ci NOT NULL,
`password` varchar(255) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
@ -334,7 +353,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_users` (
PRIMARY KEY (`id`),
UNIQUE KEY `email` (`email`)
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `".$prefix."_profiles` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_profiles` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`hidden` BOOLEAN NOT NULL DEFAULT FALSE,
`disabled` BOOLEAN NOT NULL DEFAULT FALSE,
@ -351,7 +372,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_profiles` (
`image` varchar(1000) DEFAULT NULL,
PRIMARY KEY (`id`)
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `".$prefix."_users_confirmations` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_users_confirmations` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`user_id` int(10) unsigned NOT NULL,
`email` varchar(249) COLLATE utf8mb4_unicode_ci NOT NULL,
@ -363,7 +386,9 @@ UNIQUE KEY `selector` (`selector`),
KEY `email_expires` (`email`,`expires`),
KEY `user_id` (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
CREATE TABLE IF NOT EXISTS `".$prefix."_users_remembered` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_users_remembered` (
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`user` int(10) unsigned NOT NULL,
`selector` varchar(24) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
@ -373,7 +398,9 @@ PRIMARY KEY (`id`),
UNIQUE KEY `selector` (`selector`),
KEY `user` (`user`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
CREATE TABLE IF NOT EXISTS `".$prefix."_users_resets` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_users_resets` (
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`user` int(10) unsigned NOT NULL,
`selector` varchar(20) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
@ -383,7 +410,9 @@ PRIMARY KEY (`id`),
UNIQUE KEY `selector` (`selector`),
KEY `user_expires` (`user`,`expires`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
CREATE TABLE IF NOT EXISTS `".$prefix."_users_throttling` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_users_throttling` (
`bucket` varchar(44) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL,
`tokens` float unsigned NOT NULL,
`replenished_at` int(10) unsigned NOT NULL,
@ -391,7 +420,9 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_users_throttling` (
PRIMARY KEY (`bucket`),
KEY `expires_at` (`expires_at`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
CREATE TABLE IF NOT EXISTS `".$prefix."_options` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE IF NOT EXISTS `{$prefix}_options` (
`id` INT NOT NULL AUTO_INCREMENT,
`name` TEXT NOT NULL, `value` MEDIUMTEXT NOT NULL,
`enabled` BOOLEAN NOT NULL DEFAULT TRUE,
@ -400,26 +431,34 @@ CREATE TABLE IF NOT EXISTS `".$prefix."_options` (
`user_id` INT NOT NULL,
PRIMARY KEY (`id`)
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE `".$prefix."_dbversion` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE `{$prefix}_dbversion` (
`id` INT NOT NULL AUTO_INCREMENT,
`version` INT NOT NULL,
`timestamp` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
)ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE `".$prefix."_api_keys` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE `{$prefix}_api_keys` (
`id` INT NOT NULL AUTO_INCREMENT,
`apikey` VARCHAR(128) NOT NULL,
`user` INT NOT NULL,
`permissions` VARCHAR(128) NOT NULL DEFAULT 'ALL',
PRIMARY KEY (`id`)
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE `".$prefix."_bot_telegram` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE `{$prefix}_bot_telegram` (
`id` INT NOT NULL AUTO_INCREMENT,
`chat_id` VARCHAR(128) NOT NULL,
`user` INT NOT NULL,
PRIMARY KEY (`id`)
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE `".$prefix."_schedules` (
EOL);
$db->exec(<<<"EOL"
CREATE TABLE `{$prefix}_schedules` (
`id` INT NOT NULL AUTO_INCREMENT,
`user` INT NOT NULL,
`profile_name` VARCHAR(500) NOT NULL DEFAULT 'default',
@ -429,8 +468,15 @@ CREATE TABLE `".$prefix."_schedules` (
`last_update` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
INSERT INTO `".$prefix."_dbversion` (`version`, `timestamp`) VALUES('1', current_timestamp());"
);
EOL);
$db->exec(<<<"EOL"
CREATE TABLE `{$prefix}_places_info` (
`id` INT NOT NULL AUTO_INCREMENT,
`reverse_json` VARCHAR(20000) NULL DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE = InnoDB DEFAULT CHARSET=latin1;
EOL);
$db->exec("INSERT INTO `{$prefix}_dbversion` (`version`, `timestamp`) VALUES('1', current_timestamp());");
} catch (Exception $e) {
if(is_cli()) {
echo($e);
@ -471,27 +517,36 @@ function initOptions($name, $visible, $developer, $password, $report_email, $own
{
try{
include_once "../config.php";
$connection = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME, DB_USER, DB_PASSWORD, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
$db = \Delight\Db\PdoDatabase::fromDsn(
new \Delight\Db\PdoDsn(
"mysql:host=".DB_HOST.";dbname=".DB_NAME,
DB_USER,
DB_PASSWORD
)
);
$prefix = DB_PREFIX;
$auth = new \Delight\Auth\Auth($connection, $_SERVER['REMOTE_ADDR'], $prefix."_");
$auth = new \Delight\Auth\Auth($db, $_SERVER['REMOTE_ADDR'], $prefix."_");
$userId = $auth->register($report_email, $password, $name);
$auth->admin()->addRoleForUserById($userId, \Delight\Auth\Role::SUPER_ADMIN);
if($developer) {
$auth->admin()->addRoleForUserById($userId, \Delight\Auth\Role::DEVELOPER);
}
if(is_null($url)){
$url = str_replace("install/install.php", "", full_path());
}
$options = [
'check_cf_ip' => ':check_cf_ip',
'report_email' => ':report_email',
'owner' => ':owner',
'web_url' => ':web_url',
'check_cf_ip' => empty($_SERVER['HTTP_CF_CONNECTING_IP']) ? 0 : 1,
'report_email' => $report_email,
'owner' => $owner,
'web_url' => $url,
'use_custom_error_sound' => 0,
'use_custom_error_image' => 0,
'intrusion_save' => 1,
'intrusion_save_info' => 0,
'log_save_ip' => 1,
'cron_job_code' => ':cron_job_code',
'cron_job_code' => str_replace(".", "", bin2hex(random_bytes(10)).base64_encode(openssl_random_pseudo_bytes(30))),
'cron_job_enabled' => 1,
'cron_job_time' => ':cron_job_time',
'cron_job_time' => '01;00:00',
'service_edit' => 1,
'service_remove' => 1,
'training_edit' => 1,
@ -508,26 +563,16 @@ function initOptions($name, $visible, $developer, $password, $report_email, $own
'holidays_language' => 'en_US',
'messages' => '{}'
];
$query = "";
foreach ($options as $key => $value) {
$query .= "
INSERT INTO `".$prefix."_options` (`id`, `name`, `value`, `enabled`, `created_time`, `last_edit`, `user_id`) VALUES (NULL, '".$key."', $value, 1, current_timestamp(), current_timestamp(), '1');";
$db->insert(
$prefix."_options",
["name" => $key, "value" => $value, "enabled" => 1, "user_id" => 1]
);
}
$query = "
INSERT INTO `".$prefix."_profiles` (`id`, `hidden`) VALUES (NULL, :hidden);".$query;
$prep = $connection->prepare($query);
mt_srand(10);
$prep->bindValue(':check_cf_ip', (empty($_SERVER['HTTP_CF_CONNECTING_IP']) ? 0 : 1), PDO::PARAM_INT);
$prep->bindValue(':hidden', ($visible ? 0 : 1), PDO::PARAM_INT);
$prep->bindValue(':report_email', $report_email, PDO::PARAM_STR);
$prep->bindValue(':owner', $owner, PDO::PARAM_STR);
if(is_null($url)){
$url = str_replace("install/install.php", "", full_path());
}
$prep->bindValue(':web_url', $url, PDO::PARAM_STR);
$prep->bindValue(':cron_job_code', str_replace(".", "", bin2hex(random_bytes(10)).base64_encode(openssl_random_pseudo_bytes(30))), PDO::PARAM_STR);
$prep->bindValue(':cron_job_time', "01;00:00", PDO::PARAM_STR);
$prep->execute();
$db->insert(
$prefix."_profiles",
["hidden" => $visible ? 0 : 1]
);
} catch (Exception $e) {
if(is_cli()) {
echo($e);

2
server/modal_availability_schedule.php
View File

@ -44,7 +44,7 @@ $days = [
];
$user_id = $user->auth->getUserId();
$result = $database->exec("SELECT * FROM `%PREFIX%_schedules` WHERE `user`={$user_id};", true);
$result = $db->select("SELECT * FROM `".DB_PREFIX."_schedules` WHERE `user`={$user_id}");
if(!empty($result)){
$old_schedules_db = json_decode($result[0]["schedules"]);
foreach ($old_schedules_db as $schedule) {

7
server/online_check.php
View File

@ -7,8 +7,11 @@ $id = $user->auth->getUserId();
$time = time();
if(!is_null($id)) {
$sql = "UPDATE `%PREFIX%_profiles` SET online_time = '$time' WHERE id = '" . $id ."'";
$database->exec($sql, true);
$db->update(
DB_PREFIX."_profiles",
["online_time" => $time],
["id" => $id]
);
echo(json_encode(["id" => $id, "time" => $time, "sql" => $sql]));
}
?>

5
server/resources/ajax/ajax_add_type.php
View File

@ -5,6 +5,9 @@ $user->requirelogin(false);
if(isset($_POST["type"])){
$type = $_POST["type"];
$database->exec("INSERT INTO `%PREFIX%_type` (`name`) VALUES (:name);", false, [":name" => $type]);
$db->insert(
DB_PREFIX."_type",
["name" => $type]
);
$user->log("Added service type");
}

15
server/resources/ajax/ajax_availability_schedule.php
View File

@ -4,7 +4,7 @@ init_class(false);
$user->requirelogin(false);
$user_id = $user->auth->getUserId();
$result = $database->exec("SELECT * FROM `%PREFIX%_schedules` WHERE `user`={$user_id};", true);
$result = $db->select("SELECT * FROM `".DB_PREFIX."_schedules` WHERE `user` = :id", ["id" => $user_id]);
if(!empty($result)){
$result[0]["schedules"] = json_decode($result[0]["schedules"]);
$result[0]["holidays"] = json_decode($result[0]["holidays"]);
@ -15,10 +15,17 @@ if(isset($_POST["hours"])){
$holidays = (string) json_encode($_POST["holidays"]);
echo($hours."-".$holidays);
if(!empty($result)){
$database->exec("UPDATE `%PREFIX%_schedules` SET schedules = :schedules, holidays = :holidays WHERE `id` = :id;", false, [":id" => $result[0]["id"], ":schedules" => $hours, ":holidays" => $holidays]);
$db->update(
DB_PREFIX."_schedules",
["schedules" => $hours, "holidays" => $holidays],
["id" => $result[0]["id"]]
);
} else {
$database->exec("INSERT INTO `%PREFIX%_schedules` (`user`, `schedules`, `holidays`) VALUES (:user, :schedules, :holidays);", false, [":user" => $user_id, ":schedules" => $hours, ":holidays" => $holidays]);
$db->insert(
DB_PREFIX."_schedules",
["schedules" => $hours, "holidays" => $holidays, "user" => $user_id]
);
}
} else {
echo(json_encode(empty($result) ? [] : $result[0]));
echo(json_encode(empty($result)||is_null($result) ? [] : $result[0]));
}

12
server/resources/ajax/ajax_change_availability.php
View File

@ -5,10 +5,18 @@ $user->requirelogin(false);
$user->online_time_update();
if(isset($_POST["change_id"]) && $_POST["dispo"] == 1 /* && $_POST["token_list"] == $_SESSION['token_list'] */){
$database->exec("UPDATE `%PREFIX%_profiles` SET available = '1', availability_last_change = 'manual' WHERE id = :id;", false, [":id" => $_POST["change_id"]]);
$db->update(
DB_PREFIX."_profiles",
["available" => 1, "availability_last_change" => "manual"],
["id" => $_POST["change_id"]]
);
$user->log("Status changed to 'available'", $_POST["change_id"], $user->auth->getUserId());
} else if(isset($_POST["change_id"]) && $_POST["dispo"] == 0 /* && $_POST["token_list"] == $_SESSION['token_list'] */){
$database->exec("UPDATE `%PREFIX%_profiles` SET available = '0', availability_last_change = 'manual' WHERE id = :id;", false, [":id" => $_POST["change_id"]]);
$db->update(
DB_PREFIX."_profiles",
["available" => 0, "availability_last_change" => "manual"],
["id" => $_POST["change_id"]]
);
$user->log("Status changed to 'not available'", $_POST["change_id"], $user->auth->getUserId());
}
?>

4
server/resources/ajax/ajax_list.php
View File

@ -4,10 +4,10 @@ init_class();
$user->requirelogin(false);
$user->online_time_update();
$result = $database->exec("SELECT * FROM `%PREFIX%_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC;", true);
$result = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC");
$response = [];
foreach($result as $row){
foreach(!is_null($result) ? $result : [] as $row){
if(!$user->hidden($row["id"])){
if($user->requireRole(Role::FULL_VIEWER)){
$name = $user->nameById($row["id"]);

4
server/resources/ajax/ajax_log.php
View File

@ -4,7 +4,7 @@ init_class();
$user->requirelogin(false);
$user->online_time_update();
$result = $database->exec("SELECT * FROM `%PREFIX%_log` ORDER BY `timestamp` DESC", true);
$result = $db->select("SELECT * FROM `".DB_PREFIX."_log` ORDER BY `timestamp` DESC");
//https://stackoverflow.com/a/2524761
function isValidTimeStamp($timestamp)
@ -15,7 +15,7 @@ function isValidTimeStamp($timestamp)
}
$response = [];
foreach($result as $row){
foreach(!is_null($result) ? $result : [] as $row){
if(isValidTimeStamp($row["timestamp"])){
$date = new DateTime();
$date->setTimestamp($row["timestamp"]);

8
server/resources/ajax/ajax_services.php
View File

@ -4,10 +4,10 @@ init_class();
$user->requirelogin(false);
$user->online_time_update();
$result = $database->exec("SELECT * FROM `%PREFIX%_services` ORDER BY date DESC, beginning DESC", true);
$result = $db->select("SELECT * FROM `".DB_PREFIX."_services` ORDER BY date DESC, beginning DESC");
$response = [];
foreach($result as $row){
foreach(!is_null($result) ? $result : [] as $row){
$chief = $user->nameById($row["chief"]);
$drivers_array = explode(",", $row['drivers']);
@ -32,8 +32,8 @@ foreach($result as $row){
s($row['place'],false,true),
s($row['notes'],false,true),
s($row['type'],false,true),
$database->get_option("service_edit") ? "<a class='pjax_disable' data-action='edit' href='edit_service.php?edit&id={$row['id']}'><i style='font-size: 40px' class='fa fa-edit'></i></a>" : null,
$database->get_option("service_remove") ? "<a class='pjax_disable' data-action='delete' href='edit_service.php?delete&id={$row['id']}'><i style='font-size: 40px' class='fa fa-trash'></i></a>" : null
get_option("service_edit") ? "<a class='pjax_disable' data-action='edit' href='edit_service.php?edit&id={$row['id']}'><i style='font-size: 40px' class='fa fa-edit'></i></a>" : null,
get_option("service_remove") ? "<a class='pjax_disable' data-action='delete' href='edit_service.php?delete&id={$row['id']}'><i style='font-size: 40px' class='fa fa-trash'></i></a>" : null
];
}
$tools->ajax_page_response($response);

8
server/resources/ajax/ajax_trainings.php
View File

@ -4,10 +4,10 @@ init_class();
$user->requirelogin(false);
$user->online_time_update();
$result = $database->exec("SELECT * FROM `%PREFIX%_trainings` ORDER BY date DESC, beginning desc", true);
$result = $db->select("SELECT * FROM `".DB_PREFIX."_trainings` ORDER BY date DESC, beginning desc");
$response = [];
foreach($result as $row){
foreach(!is_null($result) ? $result : [] as $row){
$chief = $user->nameById($row["chief"]);
$others_crew_array = explode(",", $row['crew']);
@ -24,8 +24,8 @@ foreach($result as $row){
$others_crew,
s($row['place'],false,true),
s($row['notes'],false,true),
$database->get_option("training_edit") ? "<a class='pjax_disable' data-action='edit' href='edit_training.php?edit&id={$row['id']}'><i style='font-size: 40px' class='fa fa-edit'></i></a>" : null,
$database->get_option("training_remove") ? "<a class='pjax_disable' data-action='delete' href='edit_training.php?delete&id={$row['id']}'><i style='font-size: 40px' class='fa fa-trash'></i></a>" : null
get_option("training_edit") ? "<a class='pjax_disable' data-action='edit' href='edit_training.php?edit&id={$row['id']}'><i style='font-size: 40px' class='fa fa-edit'></i></a>" : null,
get_option("training_remove") ? "<a class='pjax_disable' data-action='delete' href='edit_training.php?delete&id={$row['id']}'><i style='font-size: 40px' class='fa fa-trash'></i></a>" : null
];
}
$tools->ajax_page_response($response);

46
server/resources/package-lock.json generated
View File

@ -11,7 +11,7 @@
"dependencies": {
"@babel/core": "^7.14.0",
"@babel/plugin-transform-runtime": "^7.13.15",
"@babel/preset-env": "^7.14.0",
"@babel/preset-env": "^7.14.1",
"@fiverr/afterbuild-webpack-plugin": "^1.0.0",
"@fortawesome/fontawesome-free": "^5.15.3",
"@sentry/browser": "^6.3.5",
@ -756,9 +756,9 @@
}
},
"node_modules/@babel/plugin-transform-block-scoping": {
"version": "7.13.16",
"resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.13.16.tgz",
"integrity": "sha512-ad3PHUxGnfWF4Efd3qFuznEtZKoBp0spS+DgqzVzRPV7urEBvPLue3y2j80w4Jf2YLzZHj8TOv/Lmvdmh3b2xg==",
"version": "7.14.1",
"resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.14.1.tgz",
"integrity": "sha512-2mQXd0zBrwfp0O1moWIhPpEeTKDvxyHcnma3JATVP1l+CctWBuot6OJG8LQ4DnBj4ZZPSmlb/fm4mu47EOAnVA==",
"dependencies": {
"@babel/helper-plugin-utils": "^7.13.0"
},
@ -1113,9 +1113,9 @@
}
},
"node_modules/@babel/preset-env": {
"version": "7.14.0",
"resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.14.0.tgz",
"integrity": "sha512-GWRCdBv2whxqqaSi7bo/BEXf070G/fWFMEdCnmoRg2CZJy4GK06ovFuEjJrZhDRXYgBsYtxVbG8GUHvw+UWBkQ==",
"version": "7.14.1",
"resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.14.1.tgz",
"integrity": "sha512-0M4yL1l7V4l+j/UHvxcdvNfLB9pPtIooHTbEhgD/6UGyh8Hy3Bm1Mj0buzjDXATCSz3JFibVdnoJZCrlUCanrQ==",
"dependencies": {
"@babel/compat-data": "^7.14.0",
"@babel/helper-compilation-targets": "^7.13.16",
@ -1154,7 +1154,7 @@
"@babel/plugin-transform-arrow-functions": "^7.13.0",
"@babel/plugin-transform-async-to-generator": "^7.13.0",
"@babel/plugin-transform-block-scoped-functions": "^7.12.13",
"@babel/plugin-transform-block-scoping": "^7.13.16",
"@babel/plugin-transform-block-scoping": "^7.14.1",
"@babel/plugin-transform-classes": "^7.13.0",
"@babel/plugin-transform-computed-properties": "^7.13.0",
"@babel/plugin-transform-destructuring": "^7.13.17",
@ -1184,7 +1184,7 @@
"@babel/plugin-transform-unicode-escapes": "^7.12.13",
"@babel/plugin-transform-unicode-regex": "^7.12.13",
"@babel/preset-modules": "^0.1.4",
"@babel/types": "^7.14.0",
"@babel/types": "^7.14.1",
"babel-plugin-polyfill-corejs2": "^0.2.0",
"babel-plugin-polyfill-corejs3": "^0.2.0",
"babel-plugin-polyfill-regenerator": "^0.2.0",
@ -1249,9 +1249,9 @@
}
},
"node_modules/@babel/types": {
"version": "7.14.0",
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.14.0.tgz",
"integrity": "sha512-O2LVLdcnWplaGxiPBz12d0HcdN8QdxdsWYhz5LSeuukV/5mn2xUUc3gBeU4QBYPJ18g/UToe8F532XJ608prmg==",
"version": "7.14.1",
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.14.1.tgz",
"integrity": "sha512-S13Qe85fzLs3gYRUnrpyeIrBJIMYv33qSTg1qoBwiG6nPKwUWAD9odSzWhEedpwOIzSEI6gbdQIWEMiCI42iBA==",
"dependencies": {
"@babel/helper-validator-identifier": "^7.14.0",
"to-fast-properties": "^2.0.0"
@ -7010,9 +7010,9 @@
}
},
"@babel/plugin-transform-block-scoping": {
"version": "7.13.16",
"resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.13.16.tgz",
"integrity": "sha512-ad3PHUxGnfWF4Efd3qFuznEtZKoBp0spS+DgqzVzRPV7urEBvPLue3y2j80w4Jf2YLzZHj8TOv/Lmvdmh3b2xg==",
"version": "7.14.1",
"resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.14.1.tgz",
"integrity": "sha512-2mQXd0zBrwfp0O1moWIhPpEeTKDvxyHcnma3JATVP1l+CctWBuot6OJG8LQ4DnBj4ZZPSmlb/fm4mu47EOAnVA==",
"requires": {
"@babel/helper-plugin-utils": "^7.13.0"
}
@ -7277,9 +7277,9 @@
}
},
"@babel/preset-env": {
"version": "7.14.0",
"resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.14.0.tgz",
"integrity": "sha512-GWRCdBv2whxqqaSi7bo/BEXf070G/fWFMEdCnmoRg2CZJy4GK06ovFuEjJrZhDRXYgBsYtxVbG8GUHvw+UWBkQ==",
"version": "7.14.1",
"resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.14.1.tgz",
"integrity": "sha512-0M4yL1l7V4l+j/UHvxcdvNfLB9pPtIooHTbEhgD/6UGyh8Hy3Bm1Mj0buzjDXATCSz3JFibVdnoJZCrlUCanrQ==",
"requires": {
"@babel/compat-data": "^7.14.0",
"@babel/helper-compilation-targets": "^7.13.16",
@ -7318,7 +7318,7 @@
"@babel/plugin-transform-arrow-functions": "^7.13.0",
"@babel/plugin-transform-async-to-generator": "^7.13.0",
"@babel/plugin-transform-block-scoped-functions": "^7.12.13",
"@babel/plugin-transform-block-scoping": "^7.13.16",
"@babel/plugin-transform-block-scoping": "^7.14.1",
"@babel/plugin-transform-classes": "^7.13.0",
"@babel/plugin-transform-computed-properties": "^7.13.0",
"@babel/plugin-transform-destructuring": "^7.13.17",
@ -7348,7 +7348,7 @@
"@babel/plugin-transform-unicode-escapes": "^7.12.13",
"@babel/plugin-transform-unicode-regex": "^7.12.13",
"@babel/preset-modules": "^0.1.4",
"@babel/types": "^7.14.0",
"@babel/types": "^7.14.1",
"babel-plugin-polyfill-corejs2": "^0.2.0",
"babel-plugin-polyfill-corejs3": "^0.2.0",
"babel-plugin-polyfill-regenerator": "^0.2.0",
@ -7409,9 +7409,9 @@
}
},
"@babel/types": {
"version": "7.14.0",
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.14.0.tgz",
"integrity": "sha512-O2LVLdcnWplaGxiPBz12d0HcdN8QdxdsWYhz5LSeuukV/5mn2xUUc3gBeU4QBYPJ18g/UToe8F532XJ608prmg==",
"version": "7.14.1",
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.14.1.tgz",
"integrity": "sha512-S13Qe85fzLs3gYRUnrpyeIrBJIMYv33qSTg1qoBwiG6nPKwUWAD9odSzWhEedpwOIzSEI6gbdQIWEMiCI42iBA==",
"requires": {
"@babel/helper-validator-identifier": "^7.14.0",
"to-fast-properties": "^2.0.0"

2
server/resources/package.json
View File

@ -13,7 +13,7 @@
"dependencies": {
"@babel/core": "^7.14.0",
"@babel/plugin-transform-runtime": "^7.13.15",
"@babel/preset-env": "^7.14.0",
"@babel/preset-env": "^7.14.1",
"@fiverr/afterbuild-webpack-plugin": "^1.0.0",
"@fortawesome/fontawesome-free": "^5.15.3",
"@sentry/browser": "^6.3.5",

6
server/resources/src/main.js
View File

@ -170,8 +170,10 @@ export async function loadTable ({ tablePage, setTableRefreshInterval = true, in
if (typeof fillTable === "undefined") {
if (useCustomTableEngine !== false) {
tableEngine = useCustomTableEngine;
} else if ("connection" in navigator && navigator.connection.saveData) {
tableEngine = "default";
/*} else if ("connection" in navigator && navigator.connection.saveData) {
tableEngine = "default";*/
} else {
tableEngine = "datatables";
}
fillTableLoaded = await import(`./table_engine_${tableEngine}.js`)
.then(({ default: _ }) => {

6
server/resources/src/maps.js
View File

@ -22,7 +22,7 @@ let marker;
let feature;
let map;
function setMarker (LatLng) {
export function setMarker (LatLng, move=false) {
if (marker) {
console.log("Marker exists");
// console.log(marker);
@ -33,6 +33,9 @@ function setMarker (LatLng) {
$("input[name='place']").val(LatLng.lat + ";" + LatLng.lng);
}
marker = L.marker(LatLng, { icon: iconDefault }).addTo(map);
if(move){
map.setView(LatLng, 17);
}
}
var mapsList = [];
@ -144,6 +147,7 @@ export function chooseAddr (addrLat, addrLng, zoom = undefined, lat1 = undefined
const loc4 = new L.LatLng(lat2, lng1);
feature = L.polyline([loc1, loc4, loc2, loc3, loc1], { color: "red" }).addTo(map);
map.fitBounds(bounds);
map.setZoom(16);
}
} else if (addrLat !== undefined && addrLng !== undefined) {
const loc = new L.LatLng(addrLat, addrLng);

4
server/templates/edit_service.html
View File

@ -152,6 +152,10 @@
}
});
{% if service.modalità == "edit" %}
{% if option('use_location_picker') %}
{% set place = values.place|split('#')[0] %}
allertaJS.maps.setMarker(new L.LatLng({{place|split(';')[0]}}, {{place|split(';')[1]}}), true);
{% endif %}
$.each('{{ values.chief }}'.split(','), function (index, value) {
$('.chief-' + value).prop('checked', true);
});

4
server/templates/edit_training.html
View File

@ -98,6 +98,10 @@
</form>
<script>
{% if training.modalità == "edit" %}
{% if option('use_location_picker') %}
{% set place = values.place|split('#')[0] %}
allertaJS.maps.setMarker(new L.LatLng({{place|split(';')[0]}}, {{place|split(';')[1]}}), true);
{% endif %}
$.each('{{ values.chief|striptags|e("js") }}'.split(','), function (index, value) {
$('.chief-' + value).prop('checked', true);
});

17
server/ui.php
View File

@ -12,7 +12,7 @@ if(!is_null($debugbar)){
$enable_debugbar = false;
}
$url_software = $database->get_option("web_url");
$url_software = get_option("web_url");
p_start("Load Twig");
$webpack_manifest = json_decode(
@ -39,10 +39,7 @@ $filter_translate = new \Twig\TwigFilter(
$twig->addFilter($filter_translate);
$function_option = new \Twig\TwigFunction(
'option', function ($option) {
global $database;
return $database->get_option($option);
}
'option', "get_option"
);
$twig->addFunction($function_option);
@ -96,7 +93,7 @@ p_stop();
$template = null;
function loadtemplate($templatename, $data, $requirelogin=true)
{
global $url_software, $database, $user, $twig, $template, $enable_debugbar, $debugbarRenderer;
global $url_software, $user, $twig, $template, $enable_debugbar, $debugbarRenderer;
p_start("Render Twig template");
if($requirelogin) {
$user->requirelogin();
@ -107,23 +104,23 @@ function loadtemplate($templatename, $data, $requirelogin=true)
$data['enable_debug_bar'] = $enable_debugbar;
$data['debug_bar_head'] = $enable_debugbar ? $debugbarRenderer->renderHead() : "";
$data['debug_bar'] = $enable_debugbar ? $debugbarRenderer->render() : "";
$data['owner'] = $database->get_option("owner");
$data['owner'] = get_option("owner");
$data['urlsoftware'] = $url_software;
$data['user'] = $user->info();
$data['show_menu'] = !isset($_REQUEST["hide_menu"]);
$data['show_footer'] = !isset($_REQUEST["hide_footer"]);
if($database->get_option("use_custom_error_sound")) {
if(get_option("use_custom_error_sound")) {
$data['error_sound'] = "custom-error.mp3";
} else {
$data['error_sound'] = "error.mp3";
}
if($database->get_option("use_custom_error_image")) {
if(get_option("use_custom_error_image")) {
$data['error_image'] = "custom-error.gif";
} else {
$data['error_image'] = "error.gif";
}
//TODO: replace this
if($messages = $database->get_option("messages")){
if($messages = get_option("messages")){
try {
$messages = json_decode($messages, true);
if(isset($messages[$templatename])){

2
server/user_details.php
View File

@ -1,5 +1,5 @@
<?php
require_once 'ui.php';
$row = $database->exec('SELECT * FROM `%PREFIX%_profiles` WHERE id = :id', true, array(":id" => $_GET['user']));
$row = $db->select('SELECT * FROM `".DB_PREFIX."_profiles` WHERE id = :id', [":id" => $_GET['user']]);
loadtemplate('user_details.html', ['title' => t("Personal data", false), 'user' => $row[0]]);
?>