Another big codebase change
This commit is contained in:
parent
2a39c4ba98
commit
bfdbd6dc1a
|
@ -152,8 +152,9 @@ $dispatcher = FastRoute\simpleDispatcher(
|
|||
if($vars["available"] !== 0 && $vars["available"] !== 1) {
|
||||
return ["status" => "error", "message" => "Availability code not allowed"];
|
||||
}
|
||||
$user->log("Cambiamento disponibilita' a ".$vars["available"], $user_info["id"], $user_info["id"]);
|
||||
$log_message = $vars["available"] ? "Status changed to 'available'" : "Status changed to 'not available'";
|
||||
$database->exec("UPDATE `%PREFIX%_profiles` SET `available` = :available WHERE `id` = :id;", true, [":id" => $user_info["id"], ":available" => $vars["available"]]);
|
||||
$user->log($log_message);
|
||||
}
|
||||
);
|
||||
$r->addRoute(
|
||||
|
@ -164,8 +165,9 @@ $dispatcher = FastRoute\simpleDispatcher(
|
|||
if($vars["available"] !== 0 && $vars["available"] !== 1) {
|
||||
return ["status" => "error", "message" => "Availability code not allowed"];
|
||||
}
|
||||
$user->log("Cambiamento disponibilita' a ".$vars["available"], $vars["id"], $user_info["id"]);
|
||||
$log_message = $vars["available"] ? "Status changed to 'available'" : "Status changed to 'not available'";
|
||||
$database->exec("UPDATE `%PREFIX%_profiles` SET `available` = :available WHERE `id` = :id;", true, [":id" => $vars["id"], ":available" => $vars["available"]]);
|
||||
$user->log($log_message, $vars["id"], $user_info["id"]);
|
||||
}
|
||||
);
|
||||
}
|
||||
|
|
244
server/core.php
244
server/core.php
|
@ -4,6 +4,7 @@ use DebugBar\StandardDebugBar;
|
|||
|
||||
if(!file_exists("config.php") && !file_exists("../../config.php")) {
|
||||
header('Location: install/install.php');
|
||||
exit();
|
||||
}
|
||||
|
||||
require_once 'config.php';
|
||||
|
@ -102,7 +103,8 @@ class tools
|
|||
}
|
||||
}
|
||||
|
||||
public function rickroll(){
|
||||
public function rickroll()
|
||||
{
|
||||
$rickrolls = [
|
||||
"https://www.youtube.com/watch?v=dQw4w9WgXcQ",
|
||||
"https://www.youtube.com/watch?v=ub82Xb1C8os",
|
||||
|
@ -112,6 +114,7 @@ class tools
|
|||
];
|
||||
$this->redirect($rickrolls[array_rand($rickrolls)]); //Dear attacker/bot, have fun!
|
||||
}
|
||||
|
||||
function extract_unique($data)
|
||||
{
|
||||
$this->profiler_start("Extract unique");
|
||||
|
@ -182,7 +185,8 @@ class tools
|
|||
}
|
||||
}
|
||||
|
||||
public function ajax_page_response($response){
|
||||
public function ajax_page_response($response)
|
||||
{
|
||||
global $debugbar;
|
||||
$json_response = json_encode($response);
|
||||
$response_data = substr(crc32($json_response), 0, 10);
|
||||
|
@ -295,8 +299,8 @@ class database
|
|||
|
||||
public function exists($table, $id)
|
||||
{
|
||||
$risultato = $this->exec("SELECT :table FROM `%PREFIX%_services` WHERE id = :id;", true, [":table" => $table, ":id" => $id]);
|
||||
return !empty($risultato);
|
||||
$result = $this->exec("SELECT :table FROM `%PREFIX%_services` WHERE id = :id;", true, [":table" => $table, ":id" => $id]);
|
||||
return !empty($result);
|
||||
}
|
||||
|
||||
public function get_option($name)
|
||||
|
@ -314,104 +318,6 @@ class database
|
|||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public function increment($increment)
|
||||
{
|
||||
bdump($increment);
|
||||
$sql = "UPDATE `%PREFIX%_profiles` SET `services`= services + 1 WHERE id IN ($increment);";
|
||||
$this->exec($sql, false);
|
||||
}
|
||||
|
||||
public function getIncrement($id)
|
||||
{
|
||||
bdump($id);
|
||||
$sql = "SELECT `increment` FROM `%PREFIX%_services` WHERE `id` = :id";
|
||||
$increment = $this->exec($sql, true, [":id" => $id])[0]['increment'];
|
||||
bdump($increment);
|
||||
return $increment;
|
||||
}
|
||||
|
||||
public function decrease($id)
|
||||
{
|
||||
$sql = "UPDATE `%PREFIX%_profiles` SET `services`= services - 1 WHERE id IN ({$this->getIncrement($id)});";
|
||||
$this->exec($sql, false);
|
||||
}
|
||||
|
||||
public function increment_trainings($increment)
|
||||
{
|
||||
bdump($increment);
|
||||
$sql = "UPDATE `%PREFIX%_profiles` SET `trainings`= trainings + 1 WHERE id IN ($increment);";
|
||||
$this->exec($sql, false);
|
||||
}
|
||||
|
||||
public function getIncrement_trainings($id)
|
||||
{
|
||||
bdump($id);
|
||||
$sql = "SELECT `increment` FROM `%PREFIX%_trainings` WHERE `id` = :id";
|
||||
$increment = $this->exec($sql, true, [":id" => $id])[0]['increment'];
|
||||
bdump($increment);
|
||||
return $increment;
|
||||
}
|
||||
|
||||
public function decrease_trainings($id)
|
||||
{
|
||||
$sql = "UPDATE `%PREFIX%_profiles` SET `trainings`= trainings - 1 WHERE id IN ({$this->getIncrement_trainings($id)});";
|
||||
$this->exec($sql, false);
|
||||
}
|
||||
|
||||
public function add_service($date, $code, $beginning, $end, $chief, $drivers, $crew, $place, $notes, $type, $increment, $inserted_by)
|
||||
{
|
||||
$drivers = implode(",", $drivers);
|
||||
bdump($drivers);
|
||||
$crew = implode(",", $crew);
|
||||
bdump($crew);
|
||||
$increment = implode(",", $increment);
|
||||
bdump($increment);
|
||||
$date = date('Y-m-d H:i:s', strtotime($date));
|
||||
$sql = "INSERT INTO `%PREFIX%_services` (`id`, `date`, `code`, `beginning`, `end`, `chief`, `drivers`, `crew`, `place`, `notes`, `type`, `increment`, `inserted_by`) VALUES (NULL, :date, :code, :beginning, :end, :chief, :drivers, :crew, :place, :notes, :type, :increment, :inserted_by);";
|
||||
$this->exec($sql, false, [":date" => $date, ":code" => $code, "beginning" => $beginning, ":end" => $end, ":chief" => $chief, ":drivers" => $drivers, ":crew" => $crew, ":place" => $place, ":notes" => $notes, ":type" => $type, ":increment" => $increment, ":inserted_by" => $inserted_by]);
|
||||
$this->increment($increment);
|
||||
}
|
||||
|
||||
public function remove_service($id)
|
||||
{
|
||||
$this->decrease($id);
|
||||
$this->exec("DELETE FROM `%PREFIX%_services` WHERE `id` = :id", true, [":id" => $id]);
|
||||
}
|
||||
|
||||
|
||||
public function change_service($id, $date, $code, $beginning, $end, $chief, $drivers, $crew, $place, $notes, $type, $increment, $inserted_by)
|
||||
{
|
||||
$this->remove_service($id); // TODO: update, instead of removing and re-adding (with another id)
|
||||
$this->add_service($date, $code, $beginning, $end, $chief, $drivers, $crew, $place, $notes, $type, $increment, $inserted_by);
|
||||
}
|
||||
|
||||
public function add_training($date, $name, $start_time, $end_time, $chief, $crew, $place, $notes, $increment, $inserted_by)
|
||||
{
|
||||
$crew = implode(",", $crew);
|
||||
bdump($crew);
|
||||
$increment = implode(",", $increment);
|
||||
bdump($increment);
|
||||
$date = date('Y-m-d H:i:s', strtotime($date));
|
||||
$sql = "INSERT INTO `%PREFIX%_trainings` (`id`, `date`, `name`, `beginning`, `end`, `chief`, `crew`, `place`, `notes`, `increment`, `inserted_by`) VALUES (NULL, :date, :name, :start_time, :end_time, :chief, :crew, :place, :notes, :increment, :inserted_by);";
|
||||
$this->exec($sql, false, [":date" => $date, ":name" => $name, "start_time" => $start_time, ":end_time" => $end_time, ":chief" => $chief, ":crew" => $crew, ":place" => $place, ":notes" => $notes, ":increment" => $increment, ":inserted_by" => $inserted_by]);
|
||||
$this->increment_trainings($increment);
|
||||
}
|
||||
|
||||
public function remove_training($id)
|
||||
{
|
||||
$this->decrease_trainings($id);
|
||||
bdump($id);
|
||||
$this->exec("DELETE FROM `%PREFIX%_trainings` WHERE `id` = :id", true, [":id" => $id]);
|
||||
}
|
||||
|
||||
|
||||
public function change_training($id, $date, $name, $start_time, $end_time, $chief, $crew, $place, $notes, $increment, $inserted_by)
|
||||
{
|
||||
$this->remove_training($id); // TODO: update, instead of removing and re-adding (with another id)
|
||||
bdump("removed");
|
||||
$this->add_training($date, $name, $start_time, $end_time, $chief, $crew, $place, $notes, $increment, $inserted_by);
|
||||
}
|
||||
}
|
||||
|
||||
final class Role
|
||||
|
@ -598,7 +504,7 @@ class user
|
|||
return ["status" => "error", "code" => 020, "text" => "Too many requests"];
|
||||
}
|
||||
if($this->auth->isLoggedIn()) {
|
||||
$this->log("Login", $this->auth->getUserId(), $this->auth->getUserId());
|
||||
$this->log("Login", $this->auth->getUserId());
|
||||
$user = $this->database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $this->auth->getUserId()]);
|
||||
if(!empty($user)) {
|
||||
if(is_null($user[0]["name"])) {
|
||||
|
@ -623,13 +529,19 @@ class user
|
|||
return ["status" => "error", "code" => 001];
|
||||
}
|
||||
}
|
||||
public function log($action, $changed, $editor, $timestamp=null)
|
||||
public function log($action, $changed=null, $editor=null, $timestamp=null)
|
||||
{
|
||||
$this->tools->profiler_start("Log");
|
||||
if(is_null($timestamp)){
|
||||
$date = new Datetime('now');
|
||||
$timestamp = $date->format('Y-m-d H:i:s');
|
||||
}
|
||||
if(is_null($changed)){
|
||||
$changed = $this->auth->getUserId();
|
||||
}
|
||||
if(is_null($editor)){
|
||||
$editor = $changed;
|
||||
}
|
||||
if($this->database->get_option("log_save_ip")){
|
||||
$ip = $this->tools->get_ip();
|
||||
} else {
|
||||
|
@ -646,7 +558,7 @@ class user
|
|||
public function logout()
|
||||
{
|
||||
try {
|
||||
$this->log("Logout", $this->auth->getUserId(), $this->auth->getUserId());
|
||||
$this->log("Logout");
|
||||
$this->auth->logOut();
|
||||
$this->auth->destroySession();
|
||||
setcookie("authenticated", false, time() - 3600);
|
||||
|
@ -670,7 +582,7 @@ class user
|
|||
if($chief == 1) {
|
||||
$this->auth->admin()->addRoleForUserById($userId, Role::FULL_VIEWER);
|
||||
}
|
||||
$this->log("User created", $userId, $inserted_by);
|
||||
$this->log("User added", $userId, $inserted_by);
|
||||
$this->tools->profiler_stop();
|
||||
return $userId;
|
||||
} else {
|
||||
|
@ -698,6 +610,123 @@ class user
|
|||
}
|
||||
}
|
||||
|
||||
class crud
|
||||
{
|
||||
public $tools = null;
|
||||
public $database = null;
|
||||
public $user = null;
|
||||
|
||||
public function __construct($tools, $database, $user)
|
||||
{
|
||||
$this->tools = $tools;
|
||||
$this->database = $database;
|
||||
$this->user = $user;
|
||||
}
|
||||
|
||||
public function increment($increment)
|
||||
{
|
||||
bdump($increment);
|
||||
$sql = "UPDATE `%PREFIX%_profiles` SET `services`= services + 1 WHERE id IN ($increment);";
|
||||
$this->database->exec($sql, false);
|
||||
}
|
||||
|
||||
public function getIncrement($id)
|
||||
{
|
||||
bdump($id);
|
||||
$sql = "SELECT `increment` FROM `%PREFIX%_services` WHERE `id` = :id";
|
||||
$increment = $this->database->exec($sql, true, [":id" => $id])[0]['increment'];
|
||||
bdump($increment);
|
||||
return $increment;
|
||||
}
|
||||
|
||||
public function decrease($id)
|
||||
{
|
||||
$sql = "UPDATE `%PREFIX%_profiles` SET `services`= services - 1 WHERE id IN ({$this->getIncrement($id)});";
|
||||
$this->database->exec($sql, false);
|
||||
}
|
||||
|
||||
public function increment_trainings($increment)
|
||||
{
|
||||
bdump($increment);
|
||||
$sql = "UPDATE `%PREFIX%_profiles` SET `trainings`= trainings + 1 WHERE id IN ($increment);";
|
||||
$this->database->exec($sql, false);
|
||||
}
|
||||
|
||||
public function getIncrement_trainings($id)
|
||||
{
|
||||
bdump($id);
|
||||
$sql = "SELECT `increment` FROM `%PREFIX%_trainings` WHERE `id` = :id";
|
||||
$increment = $this->database->exec($sql, true, [":id" => $id])[0]['increment'];
|
||||
bdump($increment);
|
||||
return $increment;
|
||||
}
|
||||
|
||||
public function decrease_trainings($id)
|
||||
{
|
||||
$sql = "UPDATE `%PREFIX%_profiles` SET `trainings`= trainings - 1 WHERE id IN ({$this->getIncrement_trainings($id)});";
|
||||
$this->database->exec($sql, false);
|
||||
}
|
||||
|
||||
public function add_service($date, $code, $beginning, $end, $chief, $drivers, $crew, $place, $notes, $type, $increment, $inserted_by)
|
||||
{
|
||||
$drivers = implode(",", $drivers);
|
||||
bdump($drivers);
|
||||
$crew = implode(",", $crew);
|
||||
bdump($crew);
|
||||
$increment = implode(",", $increment);
|
||||
bdump($increment);
|
||||
$date = date('Y-m-d H:i:s', strtotime($date));
|
||||
$sql = "INSERT INTO `%PREFIX%_services` (`id`, `date`, `code`, `beginning`, `end`, `chief`, `drivers`, `crew`, `place`, `notes`, `type`, `increment`, `inserted_by`) VALUES (NULL, :date, :code, :beginning, :end, :chief, :drivers, :crew, :place, :notes, :type, :increment, :inserted_by);";
|
||||
$this->database->exec($sql, false, [":date" => $date, ":code" => $code, "beginning" => $beginning, ":end" => $end, ":chief" => $chief, ":drivers" => $drivers, ":crew" => $crew, ":place" => $place, ":notes" => $notes, ":type" => $type, ":increment" => $increment, ":inserted_by" => $inserted_by]);
|
||||
$this->increment($increment);
|
||||
$this->user->log("Service added");
|
||||
}
|
||||
|
||||
public function remove_service($id)
|
||||
{
|
||||
$this->decrease($id);
|
||||
$this->database->exec("DELETE FROM `%PREFIX%_services` WHERE `id` = :id", true, [":id" => $id]);
|
||||
$this->user->log("Service removed");
|
||||
}
|
||||
|
||||
|
||||
public function edit_service($id, $date, $code, $beginning, $end, $chief, $drivers, $crew, $place, $notes, $type, $increment, $inserted_by)
|
||||
{
|
||||
$this->remove_service($id);
|
||||
$this->add_service($date, $code, $beginning, $end, $chief, $drivers, $crew, $place, $notes, $type, $increment, $inserted_by);
|
||||
$this->user->log("Service edited");
|
||||
}
|
||||
|
||||
public function add_training($date, $name, $start_time, $end_time, $chief, $crew, $place, $notes, $increment, $inserted_by)
|
||||
{
|
||||
$crew = implode(",", $crew);
|
||||
bdump($crew);
|
||||
$increment = implode(",", $increment);
|
||||
bdump($increment);
|
||||
$date = date('Y-m-d H:i:s', strtotime($date));
|
||||
$sql = "INSERT INTO `%PREFIX%_trainings` (`id`, `date`, `name`, `beginning`, `end`, `chief`, `crew`, `place`, `notes`, `increment`, `inserted_by`) VALUES (NULL, :date, :name, :start_time, :end_time, :chief, :crew, :place, :notes, :increment, :inserted_by);";
|
||||
$this->database->exec($sql, false, [":date" => $date, ":name" => $name, "start_time" => $start_time, ":end_time" => $end_time, ":chief" => $chief, ":crew" => $crew, ":place" => $place, ":notes" => $notes, ":increment" => $increment, ":inserted_by" => $inserted_by]);
|
||||
$this->increment_trainings($increment);
|
||||
$this->user->log("Training added");
|
||||
}
|
||||
|
||||
public function remove_training($id)
|
||||
{
|
||||
$this->decrease_trainings($id);
|
||||
bdump($id);
|
||||
$this->database->exec("DELETE FROM `%PREFIX%_trainings` WHERE `id` = :id", true, [":id" => $id]);
|
||||
$this->user->log("Training removed");
|
||||
}
|
||||
|
||||
|
||||
public function edit_training($id, $date, $name, $start_time, $end_time, $chief, $crew, $place, $notes, $increment, $inserted_by)
|
||||
{
|
||||
$this->remove_training($id);
|
||||
$this->add_training($date, $name, $start_time, $end_time, $chief, $crew, $place, $notes, $increment, $inserted_by);
|
||||
$this->user->log("Training edited");
|
||||
}
|
||||
}
|
||||
|
||||
class translations
|
||||
{
|
||||
public $loaded_languages = ["en", "it"];
|
||||
|
@ -787,11 +816,12 @@ class translations
|
|||
|
||||
function init_class($enableDebugger=true, $headers=true)
|
||||
{
|
||||
global $tools, $database, $user, $translations, $debugbar;
|
||||
global $tools, $database, $user, $crud, $translations, $debugbar;
|
||||
if(!isset($tools) && !isset($database) && !isset($translations)) {
|
||||
$database = new database();
|
||||
$tools = new tools($database->get_option("check_cf_ip"), $enableDebugger);
|
||||
$user = new user($database, $tools);
|
||||
$crud = new crud($tools, $database, $user);
|
||||
$translations = new translations($database->get_option("force_language"));
|
||||
}
|
||||
if($headers) {
|
||||
|
|
|
@ -10,7 +10,7 @@ describe("Availability", () => {
|
|||
cy.get(".fa-check").should('be.visible')
|
||||
cy.visit("/log.php")
|
||||
cy.wait("@ajax_log")
|
||||
cy.contains("Attivazione disponibilita'")
|
||||
cy.contains("Status changed to 'available'")
|
||||
cy.visit("/")
|
||||
})
|
||||
|
||||
|
@ -22,7 +22,7 @@ describe("Availability", () => {
|
|||
cy.get(".fa-times").should('be.visible')
|
||||
cy.visit("/log.php")
|
||||
cy.wait("@ajax_log")
|
||||
cy.contains("Rimozione disponibilita'")
|
||||
cy.contains("Status changed to 'not available'")
|
||||
cy.visit("/")
|
||||
})
|
||||
});
|
|
@ -55,7 +55,7 @@ describe("User management", () => {
|
|||
cy.contains(user.name)
|
||||
cy.visit("/log.php")
|
||||
cy.wait('@ajax_log')
|
||||
cy.contains("User created")
|
||||
cy.contains("User added")
|
||||
cy.contains(user.name)
|
||||
cy.visit("/")
|
||||
} else {
|
||||
|
@ -80,7 +80,7 @@ describe("User management", () => {
|
|||
expect(response.body).to.have.property('userId')
|
||||
cy.visit("/log.php")
|
||||
cy.wait('@ajax_log')
|
||||
cy.contains("User created")
|
||||
cy.contains("User added")
|
||||
cy.contains(user.name)
|
||||
})
|
||||
}
|
||||
|
|
|
@ -44,7 +44,7 @@ describe("Service management", () => {
|
|||
cy.contains("1234/5");
|
||||
cy.visit("/log.php");
|
||||
cy.wait('@ajax_log');
|
||||
cy.contains("Aggiunto intervento");
|
||||
cy.contains("Service added");
|
||||
cy.visit("/list.php");
|
||||
cy.wait('@ajax_list');
|
||||
cy.get('tr:has(> td:has(> a[id="username-11"])) > :nth-child(6)').should('contain', '1');
|
||||
|
@ -78,7 +78,7 @@ describe("Service management", () => {
|
|||
cy.contains("4321/5");
|
||||
cy.visit("/log.php");
|
||||
cy.wait('@ajax_log');
|
||||
cy.contains("Modificato intervento");
|
||||
cy.contains("Service edited");
|
||||
cy.visit("/list.php");
|
||||
cy.wait('@ajax_list');
|
||||
cy.get('tr:has(> td:has(> a[id="username-11"])) > :nth-child(6)').should('contain', '0');
|
||||
|
@ -98,7 +98,7 @@ describe("Service management", () => {
|
|||
cy.wait('@ajax_services');
|
||||
cy.visit("/log.php");
|
||||
cy.wait('@ajax_log');
|
||||
cy.contains("Rimosso intervento");
|
||||
cy.contains("Service removed");
|
||||
cy.visit("/list.php");
|
||||
cy.wait('@ajax_list');
|
||||
cy.get('tr:has(> td:has(> a[id="username-8"])) > :nth-child(6)').should('contain', '0');
|
||||
|
|
|
@ -34,7 +34,7 @@ describe("Training management", () => {
|
|||
cy.contains("Test Training");
|
||||
cy.visit("/log.php");
|
||||
cy.wait('@ajax_log');
|
||||
cy.contains("Aggiunta esercitazione");
|
||||
cy.contains("Training added");
|
||||
cy.visit("/list.php");
|
||||
cy.wait('@ajax_list');
|
||||
});
|
||||
|
@ -62,7 +62,7 @@ describe("Training management", () => {
|
|||
cy.contains("Training 1 test");
|
||||
cy.visit("/log.php");
|
||||
cy.wait('@ajax_log');
|
||||
cy.contains("Modificata esercitazione");
|
||||
cy.contains("Training edited");
|
||||
});
|
||||
|
||||
it('Delete Training', function() {
|
||||
|
@ -74,7 +74,7 @@ describe("Training management", () => {
|
|||
cy.wait('@ajax_trainings');
|
||||
cy.visit("/log.php");
|
||||
cy.wait('@ajax_log');
|
||||
cy.contains("Rimossa esercitazione");
|
||||
cy.contains("Training removed");
|
||||
});
|
||||
|
||||
})
|
|
@ -7,8 +7,7 @@ if($tools->validate_form("mod", "add")) {
|
|||
if($tools->validate_form(['date', 'code', 'beginning', 'end', 'place', 'notes', 'type', 'token'])) {
|
||||
if($_POST["token"] == $_SESSION['token']) {
|
||||
bdump("adding service");
|
||||
$database->add_service($_POST["date"], $_POST["code"], $_POST["beginning"], $_POST["end"], $_POST["chief"][0], $tools->extract_unique($_POST["drivers"]), $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $_POST["type"], $tools->extract_unique([$_POST["chief"],$_POST["drivers"],$_POST["crew"]]), $user->name());
|
||||
$user->log("Aggiunto intervento", $user->auth->getUserId(), $user->auth->getUserId());
|
||||
$crud->add_service($_POST["date"], $_POST["code"], $_POST["beginning"], $_POST["end"], $_POST["chief"][0], $tools->extract_unique($_POST["drivers"]), $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $_POST["type"], $tools->extract_unique([$_POST["chief"],$_POST["drivers"],$_POST["crew"]]), $user->name());
|
||||
$tools->redirect("services.php");
|
||||
} else {
|
||||
debug(); //TODO: remove debug info
|
||||
|
@ -21,8 +20,7 @@ if($tools->validate_form("mod", "add")) {
|
|||
if($_POST["token"] == $_SESSION['token']) {
|
||||
bdump($_POST);
|
||||
bdump("editing service");
|
||||
$database->change_service($_POST["id"], $_POST["date"], $_POST["code"], $_POST["beginning"], $_POST["end"], $_POST["chief"][0], $tools->extract_unique($_POST["drivers"]), $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $_POST["type"], $tools->extract_unique([$_POST["chief"],$_POST["drivers"],$_POST["crew"]]), $user->name());
|
||||
$user->log("Modificato intervento", $user->auth->getUserId(), $user->auth->getUserId());
|
||||
$crud->edit_service($_POST["id"], $_POST["date"], $_POST["code"], $_POST["beginning"], $_POST["end"], $_POST["chief"][0], $tools->extract_unique($_POST["drivers"]), $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $_POST["type"], $tools->extract_unique([$_POST["chief"],$_POST["drivers"],$_POST["crew"]]), $user->name());
|
||||
$tools->redirect("services.php");
|
||||
} else {
|
||||
debug();
|
||||
|
@ -35,8 +33,7 @@ if($tools->validate_form("mod", "add")) {
|
|||
if($tools->validate_form(['id', 'increment', 'token'])) {
|
||||
if($_POST["token"] == $_SESSION['token']) {
|
||||
bdump("removing service");
|
||||
$database->remove_service($_POST["id"], $_POST["increment"]);
|
||||
$user->log("Rimosso intervento", $user->auth->getUserId(), $user->auth->getUserId());
|
||||
$crud->remove_service($_POST["id"], $_POST["increment"]);
|
||||
$tools->redirect("services.php");
|
||||
} else {
|
||||
echo("1");
|
||||
|
|
|
@ -7,8 +7,7 @@ if($tools->validate_form("mod", "add")) {
|
|||
if($tools->validate_form(['date', 'name', 'start_time', 'end_time', 'place', 'notes', 'token'])) {
|
||||
if($_POST["token"] == $_SESSION['token']) {
|
||||
bdump("adding training");
|
||||
$database->add_training($_POST["date"], $_POST["name"], $_POST["start_time"], $_POST["end_time"], $_POST["chief"][0], $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $tools->extract_unique([$_POST["chief"],$_POST["crew"]]), $user->name());
|
||||
$user->log("Aggiunta esercitazione", $user->auth->getUserId(), $user->auth->getUserId());
|
||||
$crud->add_training($_POST["date"], $_POST["name"], $_POST["start_time"], $_POST["end_time"], $_POST["chief"][0], $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $tools->extract_unique([$_POST["chief"],$_POST["crew"]]), $user->name());
|
||||
$tools->redirect("trainings.php");
|
||||
} else {
|
||||
debug(); //TODO: remove debug info
|
||||
|
@ -21,8 +20,7 @@ if($tools->validate_form("mod", "add")) {
|
|||
if($_POST["token"] == $_SESSION['token']) {
|
||||
bdump($_POST);
|
||||
bdump("editing training");
|
||||
$database->change_training($_POST["id"], $_POST["date"], $_POST["name"], $_POST["start_time"], $_POST["end_time"], $_POST["chief"][0], $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $tools->extract_unique([$_POST["chief"],$_POST["crew"]]), $user->name());
|
||||
$user->log("Modificata esercitazione", $user->auth->getUserId(), $user->auth->getUserId());
|
||||
$crud->edit_training($_POST["id"], $_POST["date"], $_POST["name"], $_POST["start_time"], $_POST["end_time"], $_POST["chief"][0], $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $tools->extract_unique([$_POST["chief"],$_POST["crew"]]), $user->name());
|
||||
$tools->redirect("trainings.php");
|
||||
} else {
|
||||
debug();
|
||||
|
@ -35,8 +33,7 @@ if($tools->validate_form("mod", "add")) {
|
|||
if($tools->validate_form(['id', 'increment', 'token'])) {
|
||||
if($_POST["token"] == $_SESSION['token']) {
|
||||
bdump("removing training");
|
||||
$database->remove_training($_POST["id"], $_POST["increment"]);
|
||||
$user->log("Rimossa esercitazione", $user->auth->getUserId(), $user->auth->getUserId());
|
||||
$crud->remove_training($_POST["id"], $_POST["increment"]);
|
||||
$tools->redirect("trainings.php");
|
||||
} else {
|
||||
debug();
|
||||
|
|
|
@ -28,8 +28,6 @@ if($tools->validate_form("mod", "add")) {
|
|||
exit();
|
||||
}
|
||||
$user->add_user($_POST["mail"], $_POST["name"], $_POST["username"], $_POST["password"], $phone_number, $_POST["birthday"], $chief, $driver, $hidden, $disabled, $user->name());
|
||||
//TODO: move and translate logs
|
||||
//$user->log("Aggiunto utente", $user->auth->getUserId(), $user->auth->getUserId());
|
||||
$tools->redirect("list.php");
|
||||
} else {
|
||||
debug();
|
||||
|
@ -42,7 +40,7 @@ if($tools->validate_form("mod", "add")) {
|
|||
if($_POST["token"] == $_SESSION['token']){
|
||||
bdump($_POST);
|
||||
bdump("editing service");
|
||||
$database->change_service($_POST["id"], $_POST["date"], $_POST["code"], $_POST["beginning"], $_POST["end"], $_POST["chief"], $tools->extract_unique($_POST["drivers"]), $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $_POST["type"], $tools->extract_unique([$_POST["chief"],$_POST["drivers"],$_POST["crew"]]), $user->name());
|
||||
$crud->edit_service($_POST["id"], $_POST["date"], $_POST["code"], $_POST["beginning"], $_POST["end"], $_POST["chief"], $tools->extract_unique($_POST["drivers"]), $tools->extract_unique($_POST["crew"]), $_POST["place"], $_POST["notes"], $_POST["type"], $tools->extract_unique([$_POST["chief"],$_POST["drivers"],$_POST["crew"]]), $user->name());
|
||||
$tools->redirect("services.php");
|
||||
} else {
|
||||
$tools->redirect("accessdenied.php");
|
||||
|
@ -55,7 +53,6 @@ if($tools->validate_form("mod", "add")) {
|
|||
if($_POST["token"] == $_SESSION['token']) {
|
||||
bdump("removing user");
|
||||
$user->remove_user($_POST["id"]);
|
||||
$user->log("Rimosso utente", $user->auth->getUserId(), $user->auth->getUserId());
|
||||
$tools->redirect("list.php");
|
||||
} else {
|
||||
debug();
|
||||
|
|
|
@ -8,7 +8,7 @@ $time = time();
|
|||
|
||||
if(!is_null($id)) {
|
||||
$sql = "UPDATE `%PREFIX%_profiles` SET online_time = '$time' WHERE id = '" . $id ."'";
|
||||
$risultato = $database->exec($sql, true);
|
||||
$database->exec($sql, true);
|
||||
echo(json_encode(["id" => $id, "time" => $time, "sql" => $sql]));
|
||||
}
|
||||
?>
|
||||
|
|
|
@ -5,6 +5,6 @@ $user->requirelogin(false);
|
|||
|
||||
if(isset($_POST["type"])){
|
||||
$type = $_POST["type"];
|
||||
$risultato = $database->exec("INSERT INTO `%PREFIX%_type` (`name`) VALUES (:name);", false, [":name" => $type]);
|
||||
$user->log("Aggiunta tipologia intervento", $user->auth->getUserId(), $user->auth->getUserId());
|
||||
$database->exec("INSERT INTO `%PREFIX%_type` (`name`) VALUES (:name);", false, [":name" => $type]);
|
||||
$user->log("Added service type");
|
||||
}
|
|
@ -5,10 +5,10 @@ $user->requirelogin(false);
|
|||
$user->online_time_update();
|
||||
|
||||
if(isset($_POST["change_id"]) && $_POST["dispo"] == 1 /* && $_POST["token_list"] == $_SESSION['token_list'] */){
|
||||
$risultato = $database->exec("UPDATE `%PREFIX%_profiles` SET `available` = '1' WHERE `%PREFIX%_profiles`.`id` = :id;", false, [":id" => $_POST["change_id"]]);
|
||||
$user->log("Attivazione disponibilita'", $_POST["change_id"], $user->auth->getUserId());
|
||||
$database->exec("UPDATE `%PREFIX%_profiles` SET `available` = '1' WHERE `%PREFIX%_profiles`.`id` = :id;", false, [":id" => $_POST["change_id"]]);
|
||||
$user->log("Status changed to 'available'", $_POST["change_id"], $user->auth->getUserId());
|
||||
} else if(isset($_POST["change_id"]) && $_POST["dispo"] == 0 /* && $_POST["token_list"] == $_SESSION['token_list'] */){
|
||||
$risultato = $database->exec("UPDATE `%PREFIX%_profiles` SET `available` = '0' WHERE `%PREFIX%_profiles`.`id` = :id;", false, [":id" => $_POST["change_id"]]);
|
||||
$user->log("Rimozione disponibilita'", $_POST["change_id"], $user->auth->getUserId());
|
||||
$database->exec("UPDATE `%PREFIX%_profiles` SET `available` = '0' WHERE `%PREFIX%_profiles`.`id` = :id;", false, [":id" => $_POST["change_id"]]);
|
||||
$user->log("Status changed to 'not available'", $_POST["change_id"], $user->auth->getUserId());
|
||||
}
|
||||
?>
|
||||
|
|
|
@ -4,60 +4,39 @@ init_class();
|
|||
$user->requirelogin(false);
|
||||
$user->online_time_update();
|
||||
|
||||
$risultato = $database->exec("SELECT * FROM `%PREFIX%_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC;", true);
|
||||
$result = $database->exec("SELECT * FROM `%PREFIX%_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC;", true);
|
||||
|
||||
$hidden = $user->hidden();
|
||||
|
||||
$response = [];
|
||||
foreach($risultato as $row){
|
||||
foreach($result as $row){
|
||||
if(!in_array($row['name'], $hidden) && ($row['hidden'] == 0 && $row['disabled'] == 0)){
|
||||
if(isset($_GET["only_data"])){
|
||||
if($user->requireRole(Role::FULL_VIEWER)){
|
||||
$response[] = [
|
||||
"id" => $row["id"],
|
||||
"available" => $row["available"],
|
||||
"chief" => $row['chief'],
|
||||
"online" => (time()-$row["online_time"])<=30 ? 1 : 0,
|
||||
"driver" => $row['driver'],
|
||||
"phone" => $row['phone_number'],
|
||||
"services" => $row['services'],
|
||||
"availability_minutes" => $row['availability_minutes']
|
||||
];
|
||||
} else {
|
||||
$response[] = [
|
||||
"id" => $row["id"],
|
||||
"available" => $row["available"],
|
||||
"online" => (time()-$row["online_time"])<=30 ? 1 : 0
|
||||
];
|
||||
}
|
||||
if($user->requireRole(Role::FULL_VIEWER)){
|
||||
$name = $user->nameById($row["id"]);
|
||||
$name_encoded = urlencode($user->name());
|
||||
$functionName = $row["available"] ? "deactivate" : "activate";
|
||||
$helmet_colour = $row["chief"] ? "red" : "black";
|
||||
$firstCell = "<a id='username-{$row['id']}' style='text-align: left;' onclick='$functionName(".$row["id"].");'><img alt='{$helmet_colour} helmet' src='./resources/images/{$helmet_colour}_helmet.png' width='20px'>$name</a>";
|
||||
$secondCell = $row["available"] ? "<a onclick='$functionName(".$row["id"].");'><i class='fa fa-check' style='color:green'></i></a>" : "<a onclick='$functionName(".$row["id"].");'><i class='fa fa-times' style='color:red'></i></a>";
|
||||
$response[] = [
|
||||
(time()-$row["online_time"])<=30 ? "<u>".$firstCell."</u>" : $firstCell,
|
||||
$secondCell,
|
||||
$row['driver'] ? "<img alt='driver' src='./resources/images/wheel.png' width='20px'>" : "",
|
||||
!empty($row['phone_number']) ? "<a href='tel:".$row['phone_number']."'><i class='fa fa-phone'></i></a>" : "",
|
||||
!empty($row['phone_number']) ? "<a href='https://api.whatsapp.com/send?phone=".$row['phone_number']."&text=ALLERTA IN CORSO.%20Mettiti%20in%20contatto%20con%20$name_encoded'><i class='fa fa-whatsapp' style='color:green'></i></a>" : "",
|
||||
$row['services'],
|
||||
$row['availability_minutes'],
|
||||
//"<a href='user_details.php?user=".$row['id']."'><p>".t("Altri dettagli", false)."</p></a>" TODO: fix "Other" page
|
||||
];
|
||||
} else {
|
||||
if($user->requireRole(Role::FULL_VIEWER)){
|
||||
$name = $user->nameById($row["id"]);
|
||||
$name_encoded = urlencode($user->name());
|
||||
$functionName = $row["available"] ? "deactivate" : "activate";
|
||||
$helmet_colour = $row["chief"] ? "red" : "black";
|
||||
$firstCell = "<a id='username-{$row['id']}' style='text-align: left;' onclick='$functionName(".$row["id"].");'><img alt='{$helmet_colour} helmet' src='./resources/images/{$helmet_colour}_helmet.png' width='20px'>$name</a>";
|
||||
$secondCell = $row["available"] ? "<a onclick='$functionName(".$row["id"].");'><i class='fa fa-check' style='color:green'></i></a>" : "<a onclick='$functionName(".$row["id"].");'><i class='fa fa-times' style='color:red'></i></a>";
|
||||
$response[] = [
|
||||
(time()-$row["online_time"])<=30 ? "<u>".$firstCell."</u>" : $firstCell,
|
||||
$secondCell,
|
||||
$row['driver'] ? "<img alt='driver' src='./resources/images/wheel.png' width='20px'>" : "",
|
||||
!empty($row['phone_number']) ? "<a href='tel:".$row['phone_number']."'><i class='fa fa-phone'></i></a>" : "",
|
||||
!empty($row['phone_number']) ? "<a href='https://api.whatsapp.com/send?phone=".$row['phone_number']."&text=ALLERTA IN CORSO.%20Mettiti%20in%20contatto%20con%20$name_encoded'><i class='fa fa-whatsapp' style='color:green'></i></a>" : "",
|
||||
$row['services'],
|
||||
$row['availability_minutes'],
|
||||
//"<a href='user_details.php?user=".$row['id']."'><p>".t("Altri dettagli", false)."</p></a>" TODO: fix "Other" page
|
||||
];
|
||||
} else {
|
||||
$name = $user->nameById($row["id"]);
|
||||
$helmet_colour = $row["chief"] ? "red" : "black";
|
||||
$firstCell = "<a id='username-{$row['id']}' style='text-align: left;'><img alt='{$helmet_colour} helmet' src='./resources/images/{$helmet_colour}_helmet.png' width='20px'>$name</a>";
|
||||
$secondCell = $row["available"] ? "<a><i class='fa fa-check' style='color:green'></i></a>" : "<a><i class='fa fa-times' style='color:red'></i></a>";
|
||||
$response[] = [
|
||||
(time()-$row["online_time"])<=30 ? "<u>".$firstCell."</u>" : $firstCell,
|
||||
$secondCell
|
||||
];
|
||||
}
|
||||
$name = $user->nameById($row["id"]);
|
||||
$helmet_colour = $row["chief"] ? "red" : "black";
|
||||
$firstCell = "<a id='username-{$row['id']}' style='text-align: left;'><img alt='{$helmet_colour} helmet' src='./resources/images/{$helmet_colour}_helmet.png' width='20px'>$name</a>";
|
||||
$secondCell = $row["available"] ? "<a><i class='fa fa-check' style='color:green'></i></a>" : "<a><i class='fa fa-times' style='color:red'></i></a>";
|
||||
$response[] = [
|
||||
(time()-$row["online_time"])<=30 ? "<u>".$firstCell."</u>" : $firstCell,
|
||||
$secondCell
|
||||
];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -4,20 +4,20 @@ init_class();
|
|||
$user->requirelogin(false);
|
||||
$user->online_time_update();
|
||||
|
||||
$risultato = $database->exec("SELECT * FROM `%PREFIX%_log` ORDER BY `timestamp` DESC", true);
|
||||
$result = $database->exec("SELECT * FROM `%PREFIX%_log` ORDER BY `timestamp` DESC", true);
|
||||
|
||||
$hidden = $user->hidden();
|
||||
|
||||
//https://stackoverflow.com/a/2524761
|
||||
function isValidTimeStamp($timestamp)
|
||||
{
|
||||
return ((string) (int) $timestamp === $timestamp)
|
||||
&& ($timestamp <= PHP_INT_MAX)
|
||||
&& ($timestamp >= ~PHP_INT_MAX);
|
||||
return ((string) (int) $timestamp === $timestamp)
|
||||
&& ($timestamp <= PHP_INT_MAX)
|
||||
&& ($timestamp >= ~PHP_INT_MAX);
|
||||
}
|
||||
|
||||
$response = [];
|
||||
foreach($risultato as $row){
|
||||
foreach($result as $row){
|
||||
if(!in_array($row['changed'], $hidden) OR in_array($user->name(), $hidden)){
|
||||
if(isValidTimeStamp($row["timestamp"])){
|
||||
$date = new DateTime();
|
||||
|
@ -37,7 +37,7 @@ foreach($risultato as $row){
|
|||
$editorName = "N/A";
|
||||
}
|
||||
$response[] = [
|
||||
$row["action"],
|
||||
t($row["action"], false),
|
||||
$changedName,
|
||||
$editorName,
|
||||
$date
|
||||
|
|
|
@ -4,10 +4,10 @@ init_class();
|
|||
$user->requirelogin(false);
|
||||
$user->online_time_update();
|
||||
|
||||
$risultato = $database->exec("SELECT * FROM `%PREFIX%_services` ORDER BY date DESC, beginning DESC", true);
|
||||
$result = $database->exec("SELECT * FROM `%PREFIX%_services` ORDER BY date DESC, beginning DESC", true);
|
||||
|
||||
$response = [];
|
||||
foreach($risultato as $row){
|
||||
foreach($result as $row){
|
||||
$chief = $user->nameById($row["chief"]);
|
||||
|
||||
$drivers_array = explode(",", $row['drivers']);
|
||||
|
|
|
@ -4,10 +4,10 @@ init_class();
|
|||
$user->requirelogin(false);
|
||||
$user->online_time_update();
|
||||
|
||||
$risultato = $database->exec("SELECT * FROM `%PREFIX%_trainings` ORDER BY date DESC, beginning desc", true);
|
||||
$result = $database->exec("SELECT * FROM `%PREFIX%_trainings` ORDER BY date DESC, beginning desc", true);
|
||||
|
||||
$response = [];
|
||||
foreach($risultato as $row){
|
||||
foreach($result as $row){
|
||||
$chief = $user->nameById($row["chief"]);
|
||||
|
||||
$others_crew_array = explode(",", $row['crew']);
|
||||
|
|
|
@ -88,6 +88,18 @@ return [
|
|||
"Too many requests" => "Too many requests",
|
||||
"Add type..." => "Add type...",
|
||||
"Insert type name:" => "Insert type name:",
|
||||
"Added service type" => "Added service type",
|
||||
"Type '%s' added successfully." => "Type '%s' added successfully.",
|
||||
"You must select a valid service type!" => "You must select a valid service type!"
|
||||
"You must select a valid service type!" => "You must select a valid service type!",
|
||||
"Status changed to 'available'" => "Status changed to 'available'",
|
||||
"Status changed to 'not available'" => "Status changed to 'not available'",
|
||||
"Service added" => "Service added",
|
||||
"Service edited" => "Service edited",
|
||||
"Service removed" => "Service removed",
|
||||
"Training added" => "Training added",
|
||||
"Training edited" => "Training edited",
|
||||
"Training removed" => "Training removed",
|
||||
"User added" => "User added",
|
||||
"User edited" => "User edited",
|
||||
"User removed" => "User removed"
|
||||
];
|
||||
|
|
|
@ -88,6 +88,18 @@ return [
|
|||
"Too many requests" => "Troppi tentativi effettuati",
|
||||
"Add type..." => "Aggiungi tipologia...",
|
||||
"Insert type name:" => "Inserisci nome della tipologia:",
|
||||
"Added service type" => "Aggiunta tipologia intervento",
|
||||
"Type '%s' added successfully." => "Tipologia '%s' aggiunta con successo.",
|
||||
"You must select a valid service type!" => "Devi selezionare una tipologia di intervento valida!"
|
||||
"You must select a valid service type!" => "Devi selezionare una tipologia di intervento valida!",
|
||||
"Status changed to 'available'" => "Attivazione disponibilita'",
|
||||
"Status changed to 'not available'" => "Rimozione disponibilita'",
|
||||
"Service added" => "Intervento aggiunto",
|
||||
"Service edited" => "Intervento modificato",
|
||||
"Service removed" => "Intervento rimosso",
|
||||
"Training added" => "Esercitazione aggiunta",
|
||||
"Training edited" => "Esercitazione modificata",
|
||||
"Training removed" => "Esercitazione rimossa",
|
||||
"User added" => "Utente aggiunto",
|
||||
"User edited" => "Utente modificato",
|
||||
"User removed" => "Utente rimosso"
|
||||
];
|
||||
|
|
Loading…
Reference in New Issue