2018-07-13 18:39:55 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/*
|
2019-02-04 22:42:12 +01:00
|
|
|
* Copyright (c) Codiad & Kent Safranski (codiad.com), Isaac Brown
|
|
|
|
* distributed as-is and without warranty under the MIT License. See
|
2018-07-13 18:39:55 +02:00
|
|
|
* [root]/license.txt for more. This information must remain intact.
|
|
|
|
*/
|
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
require_once( '../../common.php' );
|
2019-12-22 08:57:43 +01:00
|
|
|
require_once( '../filemanager/class.filemanager.php' );
|
2018-07-13 18:39:55 +02:00
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
class Project extends Common {
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// PROPERTIES
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
public $access = Permissions::LEVELS["read"];
|
2019-07-01 15:24:34 +02:00
|
|
|
public $name = '';
|
|
|
|
public $path = '';
|
|
|
|
public $gitrepo = false;
|
|
|
|
public $gitbranch = '';
|
|
|
|
public $projects = array();
|
|
|
|
public $no_return = false;
|
|
|
|
public $assigned = false;
|
2018-10-09 22:04:48 +02:00
|
|
|
public $command_exec = '';
|
2018-11-19 19:30:49 +01:00
|
|
|
public $user = '';
|
2018-10-09 22:04:48 +02:00
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// METHODS
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
// -----------------------------||----------------------------- //
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Construct
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public function __construct() {
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// NEW METHODS
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
public function add_project( $project_name, $project_path, $owner ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
|
|
|
$query = "INSERT INTO projects( name, path, owner ) VALUES ( ?, ?, ? );";
|
2018-10-11 16:17:41 +02:00
|
|
|
$bind_variables = array( $project_name, $project_path, $owner );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
2019-10-25 18:46:23 +02:00
|
|
|
return $return;
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
public function add_user( $path, $user_id, $access ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-10-25 18:46:23 +02:00
|
|
|
$return = array(
|
|
|
|
"status" => null,
|
|
|
|
"message" => null,
|
|
|
|
);
|
2019-07-02 22:46:32 +02:00
|
|
|
$query = "SELECT * FROM projects WHERE path=? AND owner=? LIMIT 1";
|
2019-10-25 18:46:23 +02:00
|
|
|
$bind_variables = array( $path, $_SESSION["user_id"] );
|
2019-07-02 22:46:32 +02:00
|
|
|
$project = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2019-07-01 15:24:34 +02:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
if( empty( $project ) ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "Error fetching projects.";
|
2019-07-02 22:46:32 +02:00
|
|
|
} else {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2020-02-26 05:11:22 +01:00
|
|
|
$user = $sql->query( array(
|
|
|
|
"*" => "SELECT * FROM access WHERE project = ? AND user = ? LIMIT 1",
|
2020-02-26 05:22:17 +01:00
|
|
|
"pgsql" => 'SELECT * FROM access WHERE project = ? AND "user" = ? LIMIT 1',
|
2020-02-26 05:11:22 +01:00
|
|
|
), array( $project["id"], $user_id ), array(), "fetch" );
|
2019-02-04 22:42:12 +01:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if( ! empty( $user ) ) {
|
|
|
|
|
2020-02-26 05:11:22 +01:00
|
|
|
$query = array(
|
|
|
|
"*" => "UPDATE access SET level=? WHERE project=? AND user=?;",
|
|
|
|
"pgsql" => 'UPDATE access SET level=? WHERE project=? AND "user"=?;',
|
|
|
|
);
|
2019-10-25 18:46:23 +02:00
|
|
|
$bind_variables = array( $access, $project["id"], $user_id );
|
|
|
|
$result = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
2019-07-02 22:46:32 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if( $result > 0 ) {
|
|
|
|
|
|
|
|
$return["status"] = "success";
|
|
|
|
$return["message"] = "Successfully updated access.";
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "Error setting access for project.";
|
|
|
|
}
|
2018-11-19 19:30:49 +01:00
|
|
|
} else {
|
|
|
|
|
2020-02-26 05:11:22 +01:00
|
|
|
$query = array(
|
|
|
|
"*" => "INSERT INTO access ( project, user, level ) VALUES ( ?,?,? );",
|
2020-02-26 05:22:17 +01:00
|
|
|
"pgsql" => 'INSERT INTO access ( project, "user", level ) VALUES ( ?,?,? );',
|
2020-02-26 05:11:22 +01:00
|
|
|
);
|
2019-10-25 18:46:23 +02:00
|
|
|
$bind_variables = array( $project["id"], $user_id, $access );
|
|
|
|
$result = $sql->query( $query, $bind_variables, 0, "rowCount", "exception" );
|
|
|
|
|
|
|
|
if( $result > 0 ) {
|
|
|
|
|
|
|
|
$return["status"] = "success";
|
|
|
|
$return["message"] = "Successfully updated access.";
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "Error setting access for project.";
|
|
|
|
}
|
2018-11-19 19:30:49 +01:00
|
|
|
}
|
|
|
|
}
|
2019-10-25 18:46:23 +02:00
|
|
|
return $return;
|
2018-11-19 19:30:49 +01:00
|
|
|
}
|
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
public function check_duplicate( $full_path ) {
|
|
|
|
|
2019-07-08 19:44:17 +02:00
|
|
|
global $sql;
|
2019-07-04 07:50:29 +02:00
|
|
|
$pass = true;
|
|
|
|
$query = "SELECT id, path, owner FROM projects;";
|
|
|
|
$result = $sql->query( $query, array(), array(), "fetchAll" );
|
|
|
|
|
|
|
|
if( ! empty( $result ) ) {
|
|
|
|
|
|
|
|
foreach( $result as $row => $project ) {
|
|
|
|
|
|
|
|
$full_project_path = Common::isAbsPath( $project["path"] ) ? $project["path"] : WORKSPACE . "/{$project["path"]}";
|
|
|
|
|
|
|
|
if( ! ( strpos( $full_path, $full_project_path ) === FALSE ) ) {
|
|
|
|
|
|
|
|
$pass = false;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $pass;
|
|
|
|
}
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
public function check_owner( $path = null, $exclude_public = false ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
if( $path === null ) {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
$path = $this->path;
|
|
|
|
}
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
|
|
|
$query = "SELECT owner FROM projects WHERE path=?";
|
2018-11-10 06:41:28 +01:00
|
|
|
$bind_variables = array( $path );
|
2019-07-02 22:46:32 +02:00
|
|
|
$result = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2018-11-10 06:41:28 +01:00
|
|
|
$return = false;
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $result ) ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$owner = $result["owner"];
|
2018-11-10 06:41:28 +01:00
|
|
|
if( $exclude_public ) {
|
|
|
|
|
2019-10-16 16:20:09 +02:00
|
|
|
if( $owner == $_SESSION["user_id"] ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
$return = true;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
2019-10-16 16:20:09 +02:00
|
|
|
if( $owner == $_SESSION["user_id"] || $owner == 'nobody' ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
$return = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return( $return );
|
|
|
|
}
|
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
public function get_access( $project_id = null ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-07-02 22:46:32 +02:00
|
|
|
$query = "SELECT * FROM access WHERE project=?";
|
|
|
|
$bind_variables = array( $project_id );
|
|
|
|
$return = $sql->query( $query, $bind_variables, array() );
|
2018-11-10 06:41:28 +01:00
|
|
|
return( $return );
|
|
|
|
}
|
|
|
|
|
|
|
|
public function get_owner( $path = null ) {
|
|
|
|
|
|
|
|
if( $path === null ) {
|
|
|
|
|
|
|
|
$path = $this->path;
|
|
|
|
}
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
|
|
|
$query = "SELECT owner FROM projects WHERE path=?";
|
2018-11-10 06:41:28 +01:00
|
|
|
$bind_variables = array( $path );
|
2019-07-02 22:46:32 +02:00
|
|
|
$return = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $return ) ) {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $return["owner"];
|
2018-11-10 06:41:28 +01:00
|
|
|
} else {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
$return = formatJSEND( "error", "Error fetching project info." );
|
2018-10-11 16:17:41 +02:00
|
|
|
}
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
return( $return );
|
|
|
|
}
|
|
|
|
|
|
|
|
public function get_project( $project = null ) {
|
|
|
|
|
|
|
|
if( $project === null ) {
|
|
|
|
|
|
|
|
$project = $this->path;
|
|
|
|
}
|
2019-07-02 22:46:32 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2020-02-26 05:11:22 +01:00
|
|
|
$query = array(
|
|
|
|
"*" => "
|
|
|
|
SELECT * FROM projects
|
|
|
|
WHERE path = ?
|
|
|
|
AND (
|
|
|
|
owner=?
|
|
|
|
OR owner=-1
|
|
|
|
OR id IN ( SELECT project FROM access WHERE user = ? )
|
|
|
|
) ORDER BY name;
|
|
|
|
",
|
|
|
|
"pgsql" => '
|
|
|
|
SELECT * FROM projects
|
|
|
|
WHERE path = ?
|
|
|
|
AND (
|
|
|
|
owner=?
|
|
|
|
OR owner=-1
|
|
|
|
OR id IN ( SELECT project FROM access WHERE "user" = ? )
|
|
|
|
) ORDER BY name;
|
|
|
|
',
|
|
|
|
);
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $project, $_SESSION["user_id"], $_SESSION["user_id"] );
|
2019-07-02 00:22:33 +02:00
|
|
|
//$query = "SELECT * FROM projects WHERE path=? AND ( owner=? OR owner='nobody' ) ORDER BY name;";
|
|
|
|
//$bind_variables = array( $project, $_SESSION["user"] );
|
2019-07-02 22:46:32 +02:00
|
|
|
$return = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $return ) ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
} else {
|
|
|
|
|
2019-07-09 04:34:39 +02:00
|
|
|
$return = formatJSEND( "error", "No projects found." );
|
2018-11-10 06:41:28 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return( $return );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
2019-07-08 19:44:17 +02:00
|
|
|
public function get_all_projects() {
|
|
|
|
|
|
|
|
if( is_admin() ) {
|
|
|
|
|
|
|
|
global $sql;
|
|
|
|
$query = "SELECT * FROM projects";
|
|
|
|
$bind_variables = array();
|
|
|
|
$return = $sql->query( $query, $bind_variables, array() );
|
|
|
|
|
|
|
|
if( empty( $return ) ) {
|
|
|
|
|
2019-07-09 04:34:39 +02:00
|
|
|
$return = formatJSEND( "error", "No projects found." );
|
2019-07-08 19:44:17 +02:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$return = formatJSEND( "error", "Only admins are allowed to view all projects." );
|
|
|
|
}
|
|
|
|
return( $return );
|
|
|
|
}
|
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
public function get_projects() {
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2020-02-26 05:11:22 +01:00
|
|
|
$query = array(
|
|
|
|
"*" => "SELECT * FROM projects
|
|
|
|
WHERE owner=?
|
|
|
|
OR owner=-1
|
|
|
|
OR id IN ( SELECT project FROM access WHERE user = ? );
|
|
|
|
",
|
|
|
|
"pgsql" => 'SELECT * FROM projects
|
|
|
|
WHERE owner=?
|
|
|
|
OR owner=-1
|
|
|
|
OR id IN ( SELECT project FROM access WHERE "user" = ? );
|
|
|
|
',
|
|
|
|
);
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $_SESSION["user_id"], $_SESSION["user_id"] );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, array() );
|
2018-10-11 16:17:41 +02:00
|
|
|
return( $return );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
2020-02-25 04:00:45 +01:00
|
|
|
public function remove_user( $user_id ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-07-02 22:46:32 +02:00
|
|
|
|
|
|
|
if( $user_id === false ) {
|
2019-02-04 22:42:12 +01:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
return formatJSEND( "error", "Error fetching user information." );
|
|
|
|
}
|
|
|
|
|
2020-02-26 05:11:22 +01:00
|
|
|
$query = array(
|
|
|
|
"*" => "DELETE FROM access WHERE project=? AND user=?;",
|
|
|
|
"pgsql" => 'DELETE FROM access WHERE project=? AND "user"=?;',
|
|
|
|
);
|
2019-07-02 22:46:32 +02:00
|
|
|
$bind_variables = array( $this->project_id, $user_id );
|
|
|
|
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
|
|
|
|
|
|
|
if( $return > 0 ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
echo( formatJSEND( "success", "Successfully removed {$this->user}." ) );
|
2019-02-04 22:42:12 +01:00
|
|
|
} else {
|
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
echo( formatJSEND( "error", "{$this->user} is not in the access list." ) );
|
2018-11-19 19:30:49 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-10-11 16:17:41 +02:00
|
|
|
public function rename_project( $old_name, $new_name, $path ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-10-18 21:58:01 +02:00
|
|
|
$query = "SELECT * FROM projects WHERE name=? AND path=? AND ( owner=? OR owner=-1 );";
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $old_name, $path, $_SESSION["user_id"] );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, array() );
|
2019-02-06 23:52:49 +01:00
|
|
|
$pass = false;
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $return ) ) {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2019-10-18 21:58:01 +02:00
|
|
|
$query = "UPDATE projects SET name=? WHERE name=? AND path=? AND ( owner=? OR owner=-1 );";
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $new_name, $old_name, $path, $_SESSION["user_id"] );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, 0, "rowCount");
|
|
|
|
|
|
|
|
if( $return > 0 ) {
|
|
|
|
|
|
|
|
echo( formatJSEND( "success", "Renamed " . htmlentities( $old_name ) . " to " . htmlentities( $new_name ) ) );
|
2019-02-06 23:52:49 +01:00
|
|
|
$pass = true;
|
2019-02-04 22:42:12 +01:00
|
|
|
} else {
|
|
|
|
|
2019-02-06 23:52:49 +01:00
|
|
|
exit( formatJSEND( "error", "Error renaming project." ) );
|
2019-02-04 22:42:12 +01:00
|
|
|
}
|
2018-10-11 16:17:41 +02:00
|
|
|
} else {
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
echo( formatJSEND( "error", "Error renaming project, could not find specified project." ) );
|
2018-10-11 16:17:41 +02:00
|
|
|
}
|
2019-02-06 23:52:49 +01:00
|
|
|
|
|
|
|
return $pass;
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// OLD METHODS
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
// -----------------------------||----------------------------- //
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Get First (Default, none selected)
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public function GetFirst() {
|
|
|
|
|
2019-09-23 03:35:26 +02:00
|
|
|
if( ! is_array( $this->projects ) || empty( $this->projects ) ) {
|
|
|
|
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
$this->name = $this->projects[0]['name'];
|
|
|
|
$this->path = $this->projects[0]['path'];
|
|
|
|
|
|
|
|
// Set Sessions
|
|
|
|
$_SESSION['project'] = $this->path;
|
2019-09-23 03:35:26 +02:00
|
|
|
return $this->projects[0];
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Get Name From Path
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public function GetName() {
|
|
|
|
|
|
|
|
foreach ( $this->projects as $project => $data ) {
|
|
|
|
|
|
|
|
if ( $data['path'] == $this->path ) {
|
|
|
|
|
|
|
|
$this->name = $data['name'];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $this->name;
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Open Project
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public function Open() {
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2020-02-26 05:11:22 +01:00
|
|
|
$query = array(
|
|
|
|
"*" => "SELECT * FROM projects
|
|
|
|
WHERE path = ?
|
|
|
|
AND (
|
|
|
|
owner=?
|
|
|
|
OR owner=-1
|
|
|
|
OR id IN ( SELECT project FROM access WHERE user = ? )
|
|
|
|
) ORDER BY name LIMIT 1;
|
|
|
|
",
|
|
|
|
"pgsql" => 'SELECT * FROM projects
|
|
|
|
WHERE path = ?
|
|
|
|
AND (
|
|
|
|
owner=?
|
|
|
|
OR owner=-1
|
|
|
|
OR id IN ( SELECT project FROM access WHERE "user" = ? )
|
|
|
|
) ORDER BY name LIMIT 1;
|
|
|
|
',
|
|
|
|
);
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $this->path, $_SESSION["user_id"], $_SESSION["user_id"] );
|
2019-07-04 07:50:29 +02:00
|
|
|
$return = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $return ) ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$query = "UPDATE users SET project=? WHERE username=?;";
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $return["id"], $_SESSION["user"] );
|
2019-02-04 22:42:12 +01:00
|
|
|
$sql->query( $query, $bind_variables, 0, "rowCount" );
|
2018-11-10 06:41:28 +01:00
|
|
|
$this->name = $return['name'];
|
|
|
|
$_SESSION['project'] = $return['path'];
|
2019-07-02 00:22:33 +02:00
|
|
|
$_SESSION['project_id'] = $return['id'];
|
2019-02-04 22:42:12 +01:00
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
echo formatJSEND( "success", array( "name" => $this->name, "path" => $this->path ) );
|
|
|
|
} else {
|
|
|
|
|
|
|
|
echo formatJSEND( "error", "Error Opening Project" );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Create
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
public function Create( $path, $name, $public ) {
|
|
|
|
|
|
|
|
$return = array(
|
|
|
|
"status" => null,
|
|
|
|
"message" => null,
|
|
|
|
);
|
|
|
|
|
|
|
|
if( $public === true ) {
|
|
|
|
|
|
|
|
$owner = -1;
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$owner = $_SESSION["user_id"];
|
|
|
|
}
|
2019-07-01 15:24:34 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if ( $name != '' && $path != '' ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$path = $this->clean_path( $path );
|
|
|
|
$name = htmlspecialchars( $name );
|
|
|
|
if ( ! $this->isAbsPath( $path ) ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$path = $this->sanitize_path( $path );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
2019-10-25 18:46:23 +02:00
|
|
|
if ( $path != '' ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-12-11 17:23:33 +01:00
|
|
|
$user_path = WORKSPACE . '/' . preg_replace( Filemanager::PATH_REGEX, '', strtolower( $_SESSION["user"] ) );
|
2019-07-08 19:44:17 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if( ! $this->isAbsPath( $path ) ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$path = $_SESSION["user"] . '/' . $path;
|
2019-07-04 07:50:29 +02:00
|
|
|
}
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$pass = $this->check_duplicate( $path );
|
2019-07-04 07:50:29 +02:00
|
|
|
if ( $pass ) {
|
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
|
|
|
|
|
|
|
if( ! is_dir( $user_path ) ) {
|
|
|
|
|
|
|
|
mkdir( $user_path, 0755, true );
|
|
|
|
}
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if ( ! $this->isAbsPath( $path ) ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if( ! is_dir( WORKSPACE . '/' . $path ) ) {
|
2019-07-08 19:44:17 +02:00
|
|
|
|
2019-12-11 17:23:33 +01:00
|
|
|
mkdir( WORKSPACE . '/' . $path, 0755, true );
|
2019-07-08 19:44:17 +02:00
|
|
|
}
|
2018-10-09 22:04:48 +02:00
|
|
|
} else {
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if( is_admin() ) {
|
2019-03-11 15:04:02 +01:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if ( defined( 'WHITEPATHS' ) ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$allowed = false;
|
|
|
|
foreach ( explode( ",", WHITEPATHS ) as $whitepath ) {
|
|
|
|
|
|
|
|
if ( strpos( $path, $whitepath ) === 0 ) {
|
|
|
|
|
|
|
|
$allowed = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ( ! $allowed ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "Absolute Path Only Allowed for " . WHITEPATHS;
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
}
|
2019-10-25 18:46:23 +02:00
|
|
|
if ( ! file_exists( $path ) ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if ( ! mkdir( $path . '/', 0755, true ) ) {
|
|
|
|
|
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "Unable to create Absolute Path";
|
|
|
|
}
|
|
|
|
} else {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if ( ! is_writable( $path ) || ! is_readable( $path ) ) {
|
|
|
|
|
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "No Read/Write Permission";
|
|
|
|
}
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "Absolute Paths are only allowed for admins";
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
if( $return["status"] == null ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$this->projects[] = array( "name" => $name, "path" => $path );
|
|
|
|
$result = $this->add_project( $name, $path, $owner );
|
|
|
|
|
|
|
|
if( $result > 0 ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$return["status"] = "success";
|
|
|
|
$return["message"] = "Created Project";
|
|
|
|
$return["data"] = array( "name" => $name, "path" => $path );
|
2018-10-09 22:04:48 +02:00
|
|
|
} else {
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "A Project With the Same Name or Path Exists";
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "A Project With the Same Name or Path Exists";
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "Project Name/Folder not allowed";
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$return["status"] = "error";
|
|
|
|
$return["message"] = "Project Name/Folder is empty";
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
2019-10-25 18:46:23 +02:00
|
|
|
|
|
|
|
return $return;
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Sanitize GitBranch
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public function SanitizeGitBranch() {
|
|
|
|
|
|
|
|
$sanitized = str_replace( array( "..", chr(40), chr(177), "~", "^", ":", "?", "*", "[", "@{", "\\" ), array( "" ), $this->gitbranch );
|
|
|
|
return $sanitized;
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Rename
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public function Rename() {
|
|
|
|
|
|
|
|
$revised_array = array();
|
|
|
|
foreach ( $this->projects as $project => $data ) {
|
|
|
|
|
|
|
|
if ( $data['path'] != $this->path ) {
|
|
|
|
|
|
|
|
$revised_array[] = array( "name" => $data['name'], "path" => $data['path'] );
|
2018-10-11 16:17:41 +02:00
|
|
|
} else {
|
|
|
|
|
2019-02-06 23:52:49 +01:00
|
|
|
$rename = $this->rename_project( $data['name'], $_GET['project_name'], $data['path'] );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
}
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
$revised_array[] = $this->projects[] = array( "name" => $_GET['project_name'], "path" => $this->path );
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Delete Project
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public function Delete() {
|
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
if( Permissions::has_owner( $this->path ) ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
global $sql;
|
|
|
|
$query = "DELETE FROM projects WHERE path=?";
|
2019-07-08 19:44:17 +02:00
|
|
|
$bind_variables = array( $this->path );
|
2019-07-04 07:50:29 +02:00
|
|
|
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
if( $return > 0 ) {
|
|
|
|
|
|
|
|
exit( formatJSEND( "success", "Successfully deleted project." ) );
|
|
|
|
} else {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
exit( formatJSEND( "error", "Error deleting project" ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
2019-07-04 07:50:29 +02:00
|
|
|
} else {
|
|
|
|
|
|
|
|
exit( formatJSEND( "error", "You do not have permission to delete this project" ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Sanitize Path
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public function SanitizePath() {
|
|
|
|
|
|
|
|
$sanitized = str_replace( " ", "_", $this->path );
|
2019-12-11 17:23:33 +01:00
|
|
|
return preg_replace( Filemanager::PATH_REGEX, '', strtolower( $sanitized ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
public function sanitize_path( $path ) {
|
|
|
|
|
|
|
|
$sanitized = str_replace( " ", "_", $path );
|
2019-12-11 17:23:33 +01:00
|
|
|
return preg_replace( Filemanager::PATH_REGEX, '', strtolower( $sanitized ) );
|
2019-10-25 18:46:23 +02:00
|
|
|
}
|
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Clean Path
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public function cleanPath() {
|
|
|
|
|
|
|
|
// prevent Poison Null Byte injections
|
|
|
|
$path = str_replace( chr( 0 ), '', $this->path );
|
|
|
|
|
|
|
|
// prevent go out of the workspace
|
|
|
|
while( strpos( $path, '../' ) !== false ) {
|
|
|
|
|
|
|
|
$path = str_replace( '../', '', $path );
|
|
|
|
}
|
|
|
|
|
|
|
|
return $path;
|
|
|
|
}
|
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
public function clean_path( $path ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
// prevent Poison Null Byte injections
|
|
|
|
$path = str_replace( chr( 0 ), '', $path );
|
|
|
|
|
|
|
|
// prevent go out of the workspace
|
|
|
|
while( strpos( $path, '../' ) !== false ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-10-25 18:46:23 +02:00
|
|
|
$path = str_replace( '../', '', $path );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
2019-10-25 18:46:23 +02:00
|
|
|
return $path;
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
2018-10-11 16:17:41 +02:00
|
|
|
}
|