2018-10-03 21:41:31 +02:00
|
|
|
<?php
|
|
|
|
/*
|
|
|
|
* Copyright (c) Codiad & Kent Safranski (codiad.com), and Isaac Brown (telaaedifex.com), distributed
|
|
|
|
* as-is and without warranty under the MIT License. See
|
|
|
|
* [root]/license.txt for more. This information must remain intact.
|
|
|
|
*/
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
|
|
|
|
$sql = null;
|
2018-10-03 21:41:31 +02:00
|
|
|
Common::startSession();
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Common Class
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
class Common {
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// PROPERTIES
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static $debugMessageStack = array();
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// METHODS
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
// -----------------------------||----------------------------- //
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Construct
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function construct() {
|
|
|
|
|
|
|
|
global $cookie_lifetime;
|
|
|
|
$path = str_replace( "index.php", "", $_SERVER['SCRIPT_FILENAME'] );
|
|
|
|
foreach ( array( "components", "plugins" ) as $folder ) {
|
|
|
|
|
|
|
|
if( strpos( $_SERVER['SCRIPT_FILENAME'], $folder ) ) {
|
|
|
|
|
|
|
|
$path = substr( $_SERVER['SCRIPT_FILENAME'], 0, strpos( $_SERVER['SCRIPT_FILENAME'], $folder ) );
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
|
|
|
if( file_exists( __DIR__ . '/config.php' ) ) {
|
2018-10-03 21:41:31 +02:00
|
|
|
|
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
|
|
|
require_once( __DIR__ . '/config.php' );
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if( ! defined( 'BASE_PATH' ) ) {
|
|
|
|
|
2018-10-09 21:30:00 +02:00
|
|
|
define( 'BASE_PATH', __DIR__ );
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if( ! defined( 'COMPONENTS' ) ) {
|
|
|
|
|
|
|
|
define( 'COMPONENTS', BASE_PATH . '/components' );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( ! defined( 'PLUGINS' ) ) {
|
|
|
|
|
|
|
|
define( 'PLUGINS', BASE_PATH . '/plugins' );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( ! defined( 'DATA' ) ) {
|
|
|
|
|
|
|
|
define( 'DATA', BASE_PATH . '/data' );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( ! defined( 'SESSIONS_PATH' ) ) {
|
|
|
|
|
|
|
|
define( 'SESSIONS_PATH', BASE_PATH . '/data/sessions' );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( ! defined( 'SITE_ID' ) ) {
|
|
|
|
|
2018-10-09 21:30:00 +02:00
|
|
|
define( 'SITE_ID', $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if( ! defined( 'THEMES' ) ) {
|
|
|
|
|
|
|
|
define( "THEMES", BASE_PATH . "/themes" );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( ! defined( 'THEME' ) ) {
|
|
|
|
|
|
|
|
define( "THEME", "default" );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( ! defined( 'LANGUAGE' ) ) {
|
|
|
|
|
|
|
|
define( "LANGUAGE", "en" );
|
|
|
|
}
|
2018-10-09 21:30:00 +02:00
|
|
|
|
|
|
|
require_once( COMPONENTS . "/sql/class.sql.php" );
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
|
|
|
$sql = sql::get_instance();
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
|
2018-10-09 21:30:00 +02:00
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// New Methods
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2018-10-09 21:30:00 +02:00
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Check access to application
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function check_access( $action = "return" ) {
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
/*if( ! self::check_session() ) {
|
2018-10-09 21:30:00 +02:00
|
|
|
|
|
|
|
session_destroy();
|
2018-10-11 16:17:41 +02:00
|
|
|
self::return( formatJSEND( "error", "Error fetching project information." ), "exit" );
|
2018-11-10 06:41:28 +01:00
|
|
|
}*/
|
2018-10-11 16:17:41 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Check access to a project
|
|
|
|
//////////////////////////////////////////////////////////////////
|
2018-11-19 19:30:49 +01:00
|
|
|
public static function check_project_access( $project_path, $action ) {
|
2018-10-09 21:30:00 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-02-04 23:35:54 +01:00
|
|
|
$query = "SELECT * FROM projects WHERE name=? AND path=? AND ( owner=? OR owner='nobody' );";
|
2018-10-11 16:17:41 +02:00
|
|
|
$bind_variables = array( $project_name, $project_path, $_SESSION["user"] );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, formatJSEND( "error", "Error checking project access." ) );
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $return ) ) {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
|
|
|
try {
|
|
|
|
|
|
|
|
$users = json_decode( $return["access"] );
|
|
|
|
} catch( exception $e ) {
|
|
|
|
|
|
|
|
$users = array();
|
|
|
|
}
|
|
|
|
|
|
|
|
if( $return["owner"] == 'nobody' || $return["owner"] == $_SESSION["user"] || ( in_array( $_SESSION["user"], $users ) && ! empty( $users ) ) ) {
|
|
|
|
|
|
|
|
$return = true;
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$return = false;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$return = false;
|
|
|
|
}
|
2018-10-09 21:30:00 +02:00
|
|
|
|
2018-10-11 16:17:41 +02:00
|
|
|
self::return( $return, $action );
|
2018-10-09 21:30:00 +02:00
|
|
|
}
|
|
|
|
|
2018-11-19 19:30:49 +01:00
|
|
|
public static function get_users( $return = "return", $exclude_current = false ) {
|
2018-10-09 21:30:00 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-02-04 23:35:54 +01:00
|
|
|
$query = "SELECT username FROM users";
|
2018-11-10 06:41:28 +01:00
|
|
|
$bind = "";
|
|
|
|
$bind_variables = array();
|
2018-10-09 21:30:00 +02:00
|
|
|
|
2018-11-19 19:30:49 +01:00
|
|
|
if( $exclude_current ) {
|
|
|
|
|
2019-02-04 23:35:54 +01:00
|
|
|
$query .= " WHERE username!=?";
|
2018-11-19 19:30:49 +01:00
|
|
|
$bind .= "s";
|
|
|
|
array_push( $bind_variables, $_SESSION["user"] );
|
|
|
|
}
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$result = $sql->query( $query, $bind_variables, formatJSEND( "error", "Error checking users." ) );
|
2018-11-10 06:41:28 +01:00
|
|
|
$user_list = array();
|
2018-10-09 21:30:00 +02:00
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
foreach( $result as $row ) {
|
2018-10-09 21:30:00 +02:00
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
array_push( $user_list, $row["username"] );
|
|
|
|
}
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $result ) ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
switch( $return ) {
|
|
|
|
|
|
|
|
case( "json" ):
|
|
|
|
|
|
|
|
$return = json_encode( $user_list );
|
|
|
|
break;
|
|
|
|
|
|
|
|
case( "return" ):
|
|
|
|
|
|
|
|
$return = $user_list;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$return = formatJSEND( "error", "Error selecting user information." );
|
|
|
|
}
|
|
|
|
return( $return );
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function is_admin() {
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-02-04 23:35:54 +01:00
|
|
|
$query = "SELECT COUNT( * ) FROM users WHERE username=? AND access=?;";
|
2018-11-10 06:41:28 +01:00
|
|
|
$bind_variables = array( $_SESSION["user"], "admin" );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, formatJSEND( "error", "Error checking user acess." ), 'fetchColumn' );
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( $return > 0 ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
return( true );
|
|
|
|
} else {
|
|
|
|
|
|
|
|
return( false );
|
2018-10-09 21:30:00 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
public static function logout() {
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( isset( $_SESSION["user"] ) ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-02-04 23:35:54 +01:00
|
|
|
$query = "UPDATE users SET token=? WHERE username=?;";
|
2019-02-04 22:42:12 +01:00
|
|
|
$bind_variables = array( null, $_SESSION["user"] );
|
|
|
|
$return = $sql->query( $query, $bind_variables, formatJSEND( "error", "Error updating user information." ), 'fetchColumn' );
|
|
|
|
|
|
|
|
if( ! $return > 0 ) {
|
|
|
|
|
|
|
|
$json = json_decode( $return, true );
|
|
|
|
echo( $return );
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
2018-11-10 06:41:28 +01:00
|
|
|
session_unset();
|
|
|
|
session_destroy();
|
|
|
|
session_start();
|
|
|
|
}
|
|
|
|
|
2018-11-19 19:30:49 +01:00
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Search Users
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
public static function search_users( $username, $return = "return", $exclude_current = false ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
|
|
|
$query = "SELECT username FROM users WHERE username LIKE ?";
|
2018-11-19 19:30:49 +01:00
|
|
|
$bind_variables = array( "%{$username}%" );
|
|
|
|
|
|
|
|
if( $exclude_current ) {
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$query .= " AND username != ?";
|
2018-11-19 19:30:49 +01:00
|
|
|
array_push( $bind_variables, $_SESSION["user"] );
|
|
|
|
}
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$result = $sql->query( $query, $bind_variables, array() );
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $result ) ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
|
|
|
switch( $return ) {
|
|
|
|
|
|
|
|
case( "exit" ):
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
exit( formatJSEND( "success", $result ) );
|
2018-11-19 19:30:49 +01:00
|
|
|
break;
|
|
|
|
|
|
|
|
case( "json" ):
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = json_encode( $result );
|
2018-11-19 19:30:49 +01:00
|
|
|
break;
|
|
|
|
|
|
|
|
case( "return" ):
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $result;
|
2018-11-19 19:30:49 +01:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
|
|
|
switch( $return ) {
|
|
|
|
|
|
|
|
case( "exit" ):
|
|
|
|
|
|
|
|
exit( formatJSEND( "error", "Error selecting user information." ) );
|
|
|
|
break;
|
|
|
|
|
|
|
|
case( "json" ):
|
|
|
|
|
|
|
|
$return = formatJSEND( "error", "Error selecting user information." );
|
|
|
|
break;
|
|
|
|
|
|
|
|
case( "return" ):
|
|
|
|
|
|
|
|
$return = null;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return( $return );
|
|
|
|
}
|
|
|
|
|
2018-10-09 21:30:00 +02:00
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Start Sessions
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function start_session() {
|
|
|
|
|
|
|
|
Common::construct();
|
|
|
|
global $cookie_lifetime;
|
|
|
|
|
|
|
|
if( isset( $cookie_lifetime ) && $cookie_lifetime != "" ) {
|
|
|
|
|
|
|
|
ini_set( "session.cookie_lifetime", $cookie_lifetime );
|
|
|
|
}
|
|
|
|
|
|
|
|
//Set a Session Name
|
|
|
|
session_name( md5( BASE_PATH ) );
|
|
|
|
session_save_path( SESSIONS_PATH );
|
|
|
|
session_start();
|
|
|
|
|
|
|
|
if( ! defined( 'SESSION_ID' ) ) {
|
|
|
|
|
|
|
|
define( "SESSION_ID", session_id() );
|
|
|
|
}
|
|
|
|
|
|
|
|
//Check for external authentification
|
|
|
|
if( defined( 'AUTH_PATH' ) ) {
|
|
|
|
|
|
|
|
require_once( AUTH_PATH );
|
|
|
|
}
|
|
|
|
|
|
|
|
global $lang;
|
|
|
|
if ( isset( $_SESSION['lang'] ) ) {
|
|
|
|
|
|
|
|
include BASE_PATH . "/languages/{$_SESSION['lang']}.php";
|
|
|
|
} else {
|
|
|
|
|
|
|
|
include BASE_PATH . "/languages/" . LANGUAGE . ".php";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
public static function return( $output, $action = "return" ) {
|
|
|
|
|
|
|
|
switch( $action ) {
|
|
|
|
|
|
|
|
case( "exit" ):
|
|
|
|
|
|
|
|
exit( $output );
|
|
|
|
break;
|
|
|
|
|
|
|
|
case( "return" ):
|
|
|
|
|
|
|
|
return( $output );
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-10-09 21:30:00 +02:00
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Old Methods
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
2018-10-03 21:41:31 +02:00
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// SESSIONS
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function startSession() {
|
|
|
|
|
|
|
|
Common::construct();
|
|
|
|
global $cookie_lifetime;
|
|
|
|
|
|
|
|
if( isset( $cookie_lifetime ) && $cookie_lifetime != "" ) {
|
|
|
|
|
|
|
|
ini_set( "session.cookie_lifetime", $cookie_lifetime );
|
|
|
|
}
|
|
|
|
|
|
|
|
//Set a Session Name
|
|
|
|
session_name( md5( BASE_PATH ) );
|
|
|
|
session_save_path( SESSIONS_PATH );
|
|
|
|
session_start();
|
|
|
|
|
2018-10-11 16:17:41 +02:00
|
|
|
if( ! defined( 'SESSION_ID' ) ) {
|
2018-10-03 21:41:31 +02:00
|
|
|
|
2018-10-09 21:30:00 +02:00
|
|
|
define( "SESSION_ID", session_id() );
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
//Check for external authentification
|
|
|
|
if( defined( 'AUTH_PATH' ) ) {
|
|
|
|
|
|
|
|
require_once( AUTH_PATH );
|
|
|
|
}
|
|
|
|
|
|
|
|
global $lang;
|
|
|
|
if ( isset( $_SESSION['lang'] ) ) {
|
|
|
|
|
|
|
|
include BASE_PATH . "/languages/{$_SESSION['lang']}.php";
|
|
|
|
} else {
|
|
|
|
|
|
|
|
include BASE_PATH . "/languages/" . LANGUAGE . ".php";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Read Content of directory
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function readDirectory( $foldername ) {
|
|
|
|
|
|
|
|
$tmp = array();
|
|
|
|
$allFiles = scandir( $foldername );
|
|
|
|
foreach ( $allFiles as $fname ) {
|
|
|
|
|
|
|
|
if( $fname == '.' || $fname == '..' ) {
|
|
|
|
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if( is_dir( $foldername . '/' . $fname ) ) {
|
|
|
|
|
|
|
|
$tmp[] = $fname;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $tmp;
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Log debug message
|
|
|
|
// Messages will be displayed in the console when the response is
|
|
|
|
// made with the formatJSEND function.
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function debug( $message ) {
|
|
|
|
|
|
|
|
Common::$debugMessageStack[] = $message;
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// URLs
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function getConstant( $key, $default = null ) {
|
|
|
|
|
|
|
|
return defined( $key ) ? constant( $key ) : $default;
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Localization
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function i18n( $key, $args = array() ) {
|
|
|
|
|
|
|
|
echo Common::get_i18n( $key, $args );
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function get_i18n( $key, $args = array() ) {
|
|
|
|
|
|
|
|
global $lang;
|
|
|
|
$key = ucwords( strtolower( $key ) ); //Test, test TeSt and tESt are exacly the same
|
|
|
|
$return = isset( $lang[$key] ) ? $lang[$key] : $key;
|
|
|
|
foreach( $args as $k => $v ) {
|
|
|
|
|
|
|
|
$return = str_replace( "%{" . $k . "}%", $v, $return );
|
|
|
|
}
|
|
|
|
return $return;
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Check Session / Key
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function checkSession() {
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
$pass = false;
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( isset( $_SESSION["token"] ) && isset( $_SESSION["user"] ) ) {
|
|
|
|
|
|
|
|
global $sql;
|
2019-02-04 23:35:54 +01:00
|
|
|
$query = "SELECT COUNT( * ) FROM users WHERE username=? AND token=?;";
|
|
|
|
$bind_variables = array( $_SESSION["user"], sha1( $_SESSION["token"] ) );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, formatJSEND( "error", "Error checking access." ), "fetchColumn" );
|
2018-10-03 21:41:31 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( $return > 0 ) {
|
|
|
|
|
|
|
|
$pass = true;
|
|
|
|
}
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
if( ! $pass ) {
|
2018-10-03 21:41:31 +02:00
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
logout();
|
2018-10-03 21:41:31 +02:00
|
|
|
exit( '{"status":"error","message":"Authentication Error<script>window.location.href = window.location.protocol + `' . "//" . Common::getConstant('BASE_URL') . '`</script>"}' );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Get JSON
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
public static function getJSON( $file, $namespace = "" ) {
|
2018-10-03 21:41:31 +02:00
|
|
|
|
|
|
|
$path = DATA . "/";
|
|
|
|
if( $namespace != "" ) {
|
|
|
|
|
|
|
|
$path = $path . $namespace . "/";
|
|
|
|
$path = preg_replace( '#/+#', '/', $path );
|
|
|
|
}
|
|
|
|
|
|
|
|
$json = file_get_contents( $path . $file );
|
|
|
|
$json = str_replace( ["\n\r", "\r", "\n"], "", $json );
|
|
|
|
$json = str_replace( "|*/?>", "", str_replace( "<?php/*|", "", $json ) );
|
|
|
|
$json = json_decode( $json, true );
|
|
|
|
return $json;
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Save JSON
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function saveJSON( $file, $data, $namespace = "" ) {
|
|
|
|
|
|
|
|
$path = DATA . "/";
|
|
|
|
if( $namespace != "" ) {
|
|
|
|
|
|
|
|
$path = $path . $namespace . "/";
|
|
|
|
$path = preg_replace( '#/+#', '/', $path );
|
|
|
|
if( ! is_dir( $path ) ) {
|
|
|
|
|
|
|
|
mkdir( $path );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$data = "<?php\r\n/*|" . json_encode( $data ) . "|*/\r\n?>";
|
|
|
|
$write = fopen( $path . $file, 'w' ) or die( "can't open file " . $path . $file );
|
|
|
|
fwrite( $write, $data );
|
|
|
|
fclose( $write );
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Format JSEND Response
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function formatJSEND( $status, $data = false ) {
|
|
|
|
|
|
|
|
/// Debug /////////////////////////////////////////////////
|
|
|
|
$debug = "";
|
|
|
|
if( count( Common::$debugMessageStack ) > 0 ) {
|
|
|
|
|
|
|
|
$debug .= ',"debug":';
|
|
|
|
$debug .= json_encode( Common::$debugMessageStack );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( $status == "success" ) {
|
|
|
|
|
|
|
|
// Success ///////////////////////////////////////////////
|
|
|
|
if( $data ) {
|
|
|
|
|
|
|
|
$jsend = '{"status":"success","data":' . json_encode( $data ) . $debug . '}';
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$jsend = '{"status":"success","data":null' . $debug . '}';
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
|
|
|
|
// Error /////////////////////////////////////////////////
|
2019-02-04 22:42:12 +01:00
|
|
|
$jsend = '{"status":"' . $status . '","message":"' . $data . '"' . $debug . '}';
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
// Return ////////////////////////////////////////////////
|
|
|
|
return $jsend;
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Check Function Availability
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function checkAccess() {
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
return self::is_admin();
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Check Path
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function checkPath( $path ) {
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
|
|
|
$query = "SELECT * FROM projects WHERE LOCATE( path, ? ) > 0 LIMIT 1;";
|
2018-10-11 16:17:41 +02:00
|
|
|
$bind_variables = array( $path );
|
2019-02-04 22:42:12 +01:00
|
|
|
$result = $sql->query( $query, $bind_variables, array() )[0];
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $result ) ) {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
|
|
|
try {
|
|
|
|
|
|
|
|
$users = json_decode( $result["access"] );
|
|
|
|
} catch( exception $e ) {
|
2018-10-03 21:41:31 +02:00
|
|
|
|
2018-10-11 16:17:41 +02:00
|
|
|
$users = array();
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
|
2018-10-11 16:17:41 +02:00
|
|
|
if( $result["owner"] == 'nobody' || $result["owner"] == $_SESSION["user"] || ( in_array( $_SESSION["user"], $users ) && ! empty( $users ) ) ) {
|
2018-10-03 21:41:31 +02:00
|
|
|
|
2018-10-11 16:17:41 +02:00
|
|
|
return( true );
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
}
|
2018-10-11 16:17:41 +02:00
|
|
|
return( false );
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Check Function Availability
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function isAvailable( $func ) {
|
|
|
|
|
|
|
|
if ( ini_get( 'safe_mode' ) ) {
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
$disabled = ini_get( 'disable_functions' );
|
|
|
|
if ( $disabled ) {
|
|
|
|
|
|
|
|
$disabled = explode( ',', $disabled );
|
|
|
|
$disabled = array_map( 'trim', $disabled );
|
|
|
|
return ! in_array( $func, $disabled );
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Check If Path is absolute
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function isAbsPath( $path ) {
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
return( ( isset( $path[0] ) && $path[0] === '/' ) || ( isset( $path[1] ) && $path[1] === ':' ) ) ? true : false;
|
2018-10-03 21:41:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Check If WIN based system
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
public static function isWINOS( ) {
|
|
|
|
|
|
|
|
return( strtoupper( substr( PHP_OS, 0, 3 ) ) === 'WIN' );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
// Wrapper for old method names
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
function is_admin() { Common::is_admin(); }
|
2018-10-03 21:41:31 +02:00
|
|
|
function debug($message) { Common::debug($message); }
|
|
|
|
function i18n($key, $args = array()) { echo Common::i18n($key, $args); }
|
|
|
|
function get_i18n($key, $args = array()) { return Common::get_i18n($key, $args); }
|
|
|
|
function checkSession(){ Common::checkSession(); }
|
|
|
|
function getJSON($file,$namespace=""){ return Common::getJSON($file,$namespace); }
|
|
|
|
function saveJSON($file,$data,$namespace=""){ Common::saveJSON($file,$data,$namespace); }
|
|
|
|
function formatJSEND($status,$data=false){ return Common::formatJSEND($status,$data); }
|
|
|
|
function checkAccess() { return Common::checkAccess(); }
|
|
|
|
function checkPath($path) { return Common::checkPath($path); }
|
|
|
|
function isAvailable($func) { return Common::isAvailable($func); }
|
2018-11-10 06:41:28 +01:00
|
|
|
function logout() { return Common::logout(); }
|
2018-11-19 19:30:49 +01:00
|
|
|
function get_users( $return = "return", $exclude_current = false ) { return Common::get_users( $return, $exclude_current ); }
|
|
|
|
function search_users( $username, $return = "return", $exclude_current = false ) { return Common::search_users( $username, $return, $exclude_current ); }
|
2018-10-03 21:41:31 +02:00
|
|
|
?>
|