Mirror/codiad
1
0
Fork 0
mirror of https://github.com/xevidos/codiad.git synced 2024-11-11 05:36:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
3d122eb296
codiad/components/user/class.user.php

430 lines
11 KiB
PHP
Raw Normal View History

Updated for PHP 7.2, modified save message function, Updated Collaboration for newer versions.
2018-07-13 18:39:55 +02:00
<?php
/*
* Copyright (c) Codiad & Kent Safranski (codiad.com), distributed
* as-is and without warranty under the MIT License. See
* [root]/license.txt for more. This information must remain intact.
*/
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
require_once( "../settings/class.settings.php" );
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
class User {
Updated ReadMe, Updated is admin check, Added initial change user access ability, Started updating update script for new sql methods, Reformatted user init.js indentation, Reformatted indentation on user dialog.
2019-02-10 06:35:15 +01:00
const ACCESS = array(
"admin",
"user"
);
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
//////////////////////////////////////////////////////////////////
// PROPERTIES
//////////////////////////////////////////////////////////////////
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
public $access = 'user';
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
public $username = '';
public $password = '';
public $project = '';
public $projects = '';
public $users = '';
public $actives = '';
public $lang = '';
public $theme = '';
//////////////////////////////////////////////////////////////////
// METHODS
//////////////////////////////////////////////////////////////////
// -----------------------------||----------------------------- //
//////////////////////////////////////////////////////////////////
// Construct
//////////////////////////////////////////////////////////////////
public function __construct() {
$this->actives = getJSON( 'active.php' );
}
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
public function add_user() {
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
global $sql;
$query = "INSERT INTO users( username, password, access, project ) VALUES ( ?, ?, ?, ? );";
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$bind_variables = array( $this->username, $this->password, $this->access, null );
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
if( $return > 0 ) {
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
$this->set_default_options();
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
echo formatJSEND( "success", array( "username" => $this->username ) );
} else {
echo formatJSEND( "error", "The Username is Already Taken" );
}
}
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
public function delete_user() {
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
global $sql;
$query = "DELETE FROM user_options WHERE username=?;";
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
$bind_variables = array( $this->username );
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
$return = $sql->query( $query, $bind_variables, -1, "rowCount" );
if( $return > -1 ) {
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
$query = "DELETE FROM projects WHERE owner=? AND access IN ( ?,?,?,?,? );";
$bind_variables = array(
$this->username,
"null",
null,
"[]",
"",
json_encode( array( $this->username ) )
);
$return = $sql->query( $query, $bind_variables, -1, "rowCount" );
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
if( $return > -1 ) {
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
$query = "DELETE FROM users WHERE username=?;";
$bind_variables = array( $this->username );
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
if( $return > 0 ) {
echo formatJSEND( "success", null );
} else {
echo formatJSEND( "error", "Error deleting user information." );
}
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
} else {
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
echo formatJSEND( "error", "Error deleting user project information." );
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
}
} else {
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
echo formatJSEND( "error", "Error deleting user option information." );
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
}
}
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
public function get_user( $username ) {
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
global $sql;
$query = "SELECT * FROM users WHERE username=?";
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$bind_variables = array( $username );
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
$return = $sql->query( $query, $bind_variables, array() );
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
if( ! empty( $return ) ) {
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
echo formatJSEND( "success", $return );
} else {
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
echo formatJSEND( "error", "Could not select user." );
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
}
}
public function list_users() {
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
global $sql;
$query = "SELECT * FROM users";
$return = $sql->query( $query, array(), array() );
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
if( ! empty( $return ) ) {
return $return;
} else {
echo formatJSEND( "error", "Error can not select users." );
return array();
}
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
}
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
public function set_default_options() {
foreach( Settings::DEFAULT_OPTIONS as $id => $option ) {
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
global $sql;
$query = "INSERT INTO user_options ( name, username, value ) VALUES ( ?, ?, ? );";
$bind_variables = array(
$option["name"],
$this->username,
$option["value"],
);
$result = $sql->query( $query, $bind_variables, 0, "rowCount" );
if( $result == 0 ) {
$query = "UPDATE user_options SET value=? WHERE name=? AND username=?;";
$bind_variables = array(
$option["value"],
$option["name"],
$this->username,
);
$result = $sql->query( $query, $bind_variables, 0, "rowCount" );
}
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
}
}
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
//////////////////////////////////////////////////////////////////
// Authenticate
//////////////////////////////////////////////////////////////////
public function Authenticate() {
Added site renaming, Added sessions folder checks, Updated wiki url, Updated readme
2018-07-27 19:59:08 +02:00
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
if( $this->username == "" || $this->password == "" ) {
echo( formatJSEND( "error", "Username or password can not be blank." ) );
return;
}
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
if( ! is_dir( SESSIONS_PATH ) ) {
Added site renaming, Added sessions folder checks, Updated wiki url, Updated readme
2018-07-27 19:59:08 +02:00
mkdir( SESSIONS_PATH, 00755 );
}
$permissions = array(
"755",
"0755"
);
$server_user = posix_getpwuid( posix_geteuid() );
$sessions_permissions = substr( sprintf( '%o', fileperms( SESSIONS_PATH ) ), -4 );
$sessions_owner = posix_getpwuid( fileowner( SESSIONS_PATH ) );
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
if( ! ( $sessions_owner === $server_user ) ) {
Added site renaming, Added sessions folder checks, Updated wiki url, Updated readme
2018-07-27 19:59:08 +02:00
try {
chown( SESSIONS_PATH, $server_user );
} catch( Exception $e ) {
echo( formatJSEND("error", "Error, incorrect owner of sessions folder. Expecting: $server_user, Recieved: " . $sessions_owner ) );
return;
}
}
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
if( ! in_array( $sessions_permissions, $permissions ) ) {
Added site renaming, Added sessions folder checks, Updated wiki url, Updated readme
2018-07-27 19:59:08 +02:00
try {
chmod( SESSIONS_PATH, 00755 );
} catch( Exception $e ) {
echo( formatJSEND("error", "Error, incorrect permissions on sessions folder. Expecting: 0755, Recieved: " . $sessions_permissions ) );
return;
}
}
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
global $sql;
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
$pass = false;
$this->EncryptPassword();
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
$query = "SELECT * FROM users WHERE username=? AND password=?;";
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$bind_variables = array( $this->username, $this->password );
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
$return = $sql->query( $query, $bind_variables, array() );
/**
* Check and make sure the user is not using the old encryption.
*/
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
if( ( strtolower( DBTYPE ) == "mysql" ) && empty( $return ) ) {
$query = "SELECT * FROM users WHERE username=? AND password=PASSWORD( ? );";
$bind_variables = array( $this->username, $this->password );
$return = $sql->query( $query, $bind_variables, array() );
if( ! empty( $return ) ) {
$query = "UPDATE users SET password=? WHERE username=?;";
$bind_variables = array( $this->password, $this->username );
$return = $sql->query( $query, $bind_variables, array() );
}
}
if( ! empty( $return ) ) {
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$pass = true;
$token = mb_strtoupper( strval( bin2hex( openssl_random_pseudo_bytes( 16 ) ) ) );
$_SESSION['id'] = SESSION_ID;
$_SESSION['user'] = $this->username;
$_SESSION['token'] = $token;
$_SESSION['lang'] = $this->lang;
$_SESSION['theme'] = $this->theme;
$_SESSION["login_session"] = true;
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
$user = $return;
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
$query = "UPDATE users SET token=? WHERE username=?;";
$bind_variables = array( sha1( $token ), $this->username );
$sql->query( $query, $bind_variables, 0, 'rowCount' );
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
if( isset( $user['project'] ) && $user['project'] != '' ) {
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$_SESSION['project'] = $user['project'];
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
}
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$this->checkDuplicateSessions( $this->username );
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
}
Fixed issue with sessions not timing out on firefox and removed CodeSettings from default plugins due to errors.
2018-07-24 20:27:53 +02:00
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
if( $pass ) {
echo formatJSEND( "success", array( "username" => $this->username ) );
} else {
echo formatJSEND( "error", "Incorrect Username or Password" );
}
}
Added site renaming, Added sessions folder checks, Updated wiki url, Updated readme
2018-07-27 19:59:08 +02:00
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
/**
* Check duplicate sessions
*
* This function checks to see if the user is currently logged in
* on any other machine and if they are then log them off. This
* will fix the issue with the new auto save attempting to save both
* users at the same time.
*/
public static function checkDuplicateSessions( $username ) {
session_write_close();
$all_sessions = array();
$sessions = glob( SESSIONS_PATH . "/*" );
session_id( SESSION_ID );
foreach( $sessions as $session ) {
if( strpos( $session, "sess_") == false ) {
continue;
}
$session = str_replace( "sess_", "", $session );
$session = str_replace( SESSIONS_PATH . "/", "", $session );
//This skips temp files that aren't sessions
if( strpos( $session, "." ) == false ) {
session_id( $session );
session_start();
$_SESSION["id"] = $session;
array_push( $all_sessions, $_SESSION );
if( isset( $_SESSION["user"] ) && $_SESSION["user"] === $username && isset( $_SESSION["login_session"] ) && $_SESSION["login_session"] === true && SESSION_ID !== session_id() ) {
session_destroy();
} else {
session_abort();
}
}
}
session_id( SESSION_ID );
session_start();
}
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
//////////////////////////////////////////////////////////////////
// Check Duplicate
//////////////////////////////////////////////////////////////////
public function CheckDuplicate() {
$pass = true;
foreach( $this->users as $user => $data ) {
if( $data['username'] == $this->username ) {
$pass = false;
}
}
return $pass;
}
//////////////////////////////////////////////////////////////////
// Clean username
//////////////////////////////////////////////////////////////////
public static function CleanUsername( $username ) {
return preg_replace( '#[^A-Za-z0-9' . preg_quote( '-_@. ').']#', '', $username );
}
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
//////////////////////////////////////////////////////////////////
// Create Account
//////////////////////////////////////////////////////////////////
public function Create() {
$this->EncryptPassword();
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$this->add_user();
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
}
//////////////////////////////////////////////////////////////////
// Delete Account
//////////////////////////////////////////////////////////////////
public function Delete() {
Removed placeholder code for admin, Added sharing, Changed Git links away from local server, Made get and search user functions global.
2018-11-19 19:30:49 +01:00
$this->delete_user();
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
}
//////////////////////////////////////////////////////////////////
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
// Encrypt Password
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
//////////////////////////////////////////////////////////////////
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
private function EncryptPassword() {
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$this->password = sha1( md5( $this->password ) );
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
}
//////////////////////////////////////////////////////////////////
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
// Change Password
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
//////////////////////////////////////////////////////////////////
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
public function Password() {
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
global $sql;
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$this->EncryptPassword();
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
$query = "UPDATE users SET password=? WHERE username=?;";
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$bind_variables = array( $this->password, $this->username );
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
if( $return > 0 ) {
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
echo formatJSEND( "success", "Password changed" );
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
} else {
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
echo formatJSEND( "error", "Error changing password" );
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
}
}
//////////////////////////////////////////////////////////////////
// Set Current Project
//////////////////////////////////////////////////////////////////
public function Project() {
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
global $sql;
$query = "UPDATE users SET project=? WHERE username=?;";
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
$bind_variables = array( $this->project, $this->username );
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
if( $return > 0 ) {
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
SQL errors now return as formatted json errors, added sql result error check, removed admin requirement from project management, removed old access system dialog, added get user and get users functions, added common functions to global functions, testing change that will hopefully fix the inability to rename or delete strangely named files, refactored project init.js
2018-11-10 06:41:28 +01:00
echo formatJSEND( "success", null );
} else {
Removed misc dev files, changed over to PDO, added more functionality to the message object, Fixed absolute path issue, Updated autosaving to use built in save function, Changed duplicating file to have the same filename with a number afterwards, Refactored keybindings file so that we can start adding more in, Changed yes-no to on-off for autocomplete, Removed deprecated password function allowing the application to handle all password encryption instead of a mix of application and database.
2019-02-04 22:42:12 +01:00
echo formatJSEND( "error", "Error updating project" );
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
2018-10-11 16:17:41 +02:00
}
}
//////////////////////////////////////////////////////////////////
// Verify Account Exists
//////////////////////////////////////////////////////////////////
public function Verify() {
$pass = 'false';
foreach( $this->users as $user => $data ) {
if( $this->username == $data['username'] ) {
$pass = 'true';
}
}
echo( $pass );
}
Updated auto save, Updated install, Updated auto kick
2018-07-26 21:39:40 +02:00
}
Reference in New Issue Copy Permalink