2018-07-13 18:39:55 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
/*
|
2019-02-04 22:42:12 +01:00
|
|
|
* Copyright (c) Codiad & Kent Safranski (codiad.com), Isaac Brown
|
|
|
|
|
* distributed as-is and without warranty under the MIT License. See
|
2018-07-13 18:39:55 +02:00
|
|
|
* [root]/license.txt for more. This information must remain intact.
|
|
|
|
|
*/
|
|
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
require_once( '../../common.php' );
|
2018-07-13 18:39:55 +02:00
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
class Project extends Common {
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// PROPERTIES
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
public $access = Permissions::LEVELS["read"];
|
2019-07-01 15:24:34 +02:00
|
|
|
public $name = '';
|
|
|
|
|
public $path = '';
|
|
|
|
|
public $gitrepo = false;
|
|
|
|
|
public $gitbranch = '';
|
|
|
|
|
public $projects = array();
|
|
|
|
|
public $no_return = false;
|
|
|
|
|
public $assigned = false;
|
2018-10-09 22:04:48 +02:00
|
|
|
public $command_exec = '';
|
2018-11-19 19:30:49 +01:00
|
|
|
public $user = '';
|
2018-10-09 22:04:48 +02:00
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// METHODS
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
// -----------------------------||----------------------------- //
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Construct
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function __construct() {
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// NEW METHODS
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
2018-10-11 16:17:41 +02:00
|
|
|
public function add_project( $project_name, $project_path, $owner = null ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-10-24 14:56:24 +02:00
|
|
|
if( $owner == null ) {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2019-10-24 14:56:24 +02:00
|
|
|
$owner = -1;
|
2018-10-11 16:17:41 +02:00
|
|
|
} else {
|
|
|
|
|
|
2019-10-24 14:56:24 +02:00
|
|
|
$owner = $_SESSION["user_id"];
|
2018-10-11 16:17:41 +02:00
|
|
|
}
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$query = "INSERT INTO projects( name, path, owner ) VALUES ( ?, ?, ? );";
|
2018-10-11 16:17:41 +02:00
|
|
|
$bind_variables = array( $project_name, $project_path, $owner );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
2018-10-11 16:17:41 +02:00
|
|
|
|
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
|
|
|
if( ! ( $return > 0 ) ) {
|
2019-02-04 22:42:12 +01:00
|
|
|
|
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
|
|
|
exit( formatJSEND( "error", "Error creating project $project_name" ) );
|
2019-02-04 22:42:12 +01:00
|
|
|
}
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
|
2018-11-19 19:30:49 +01:00
|
|
|
public function add_user() {
|
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-07-02 22:46:32 +02:00
|
|
|
$query = "SELECT * FROM projects WHERE path=? AND owner=? LIMIT 1";
|
2019-10-24 14:56:24 +02:00
|
|
|
$bind_variables = array( $this->path, $_SESSION["user_id"] );
|
2019-07-02 22:46:32 +02:00
|
|
|
$project = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2019-07-01 15:24:34 +02:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
if( empty( $project ) ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
exit( formatJSEND( "error", "Error fetching projects." ) );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$user_id = get_user_id( $this->user );
|
|
|
|
|
|
|
|
|
|
if( $user_id === false ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
exit( formatJSEND( "error", "Error fetching user information." ) );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$user = $sql->query( "SELECT * FROM access WHERE project = ? AND user = ?", array( $project["id"], $user_id ), array(), "fetch" );
|
|
|
|
|
|
|
|
|
|
if( ! empty( $user ) ) {
|
|
|
|
|
|
|
|
|
|
$query = "UPDATE access SET level=? WHERE project=? AND user=?;";
|
|
|
|
|
$bind_variables = array( $this->access, $project["id"], $user_id );
|
|
|
|
|
$result = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
|
|
|
|
|
|
|
|
|
if( $result > 0 ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
echo formatJSEND( "success", "Successfully updated {$this->user}." );
|
2018-11-19 19:30:49 +01:00
|
|
|
} else {
|
|
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
echo formatJSEND( "error", "Error setting access for project." );
|
2018-11-19 19:30:49 +01:00
|
|
|
}
|
2019-07-02 22:46:32 +02:00
|
|
|
} else {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
$query = "INSERT INTO access ( project, user, level ) VALUES ( ?,?,? );";
|
|
|
|
|
$bind_variables = array( $project["id"], $user_id, $this->access );
|
|
|
|
|
$result = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
2019-02-04 22:42:12 +01:00
|
|
|
|
|
|
|
|
if( $result > 0 ) {
|
2019-07-02 22:46:32 +02:00
|
|
|
|
|
|
|
|
echo formatJSEND( "success", "Successfully added {$this->user}." );
|
2018-11-19 19:30:49 +01:00
|
|
|
} else {
|
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
echo formatJSEND( "error", "Error setting access for project." );
|
2018-11-19 19:30:49 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
public function check_duplicate( $full_path ) {
|
|
|
|
|
|
2019-07-08 19:44:17 +02:00
|
|
|
global $sql;
|
2019-07-04 07:50:29 +02:00
|
|
|
$pass = true;
|
|
|
|
|
$query = "SELECT id, path, owner FROM projects;";
|
|
|
|
|
$result = $sql->query( $query, array(), array(), "fetchAll" );
|
|
|
|
|
|
|
|
|
|
if( ! empty( $result ) ) {
|
|
|
|
|
|
|
|
|
|
foreach( $result as $row => $project ) {
|
|
|
|
|
|
|
|
|
|
$full_project_path = Common::isAbsPath( $project["path"] ) ? $project["path"] : WORKSPACE . "/{$project["path"]}";
|
|
|
|
|
|
|
|
|
|
if( ! ( strpos( $full_path, $full_project_path ) === FALSE ) ) {
|
|
|
|
|
|
|
|
|
|
$pass = false;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $pass;
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
public function check_owner( $path = null, $exclude_public = false ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
if( $path === null ) {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
$path = $this->path;
|
|
|
|
|
}
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
|
|
|
|
$query = "SELECT owner FROM projects WHERE path=?";
|
2018-11-10 06:41:28 +01:00
|
|
|
$bind_variables = array( $path );
|
2019-07-02 22:46:32 +02:00
|
|
|
$result = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2018-11-10 06:41:28 +01:00
|
|
|
$return = false;
|
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $result ) ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$owner = $result["owner"];
|
2018-11-10 06:41:28 +01:00
|
|
|
if( $exclude_public ) {
|
|
|
|
|
|
2019-10-16 16:20:09 +02:00
|
|
|
if( $owner == $_SESSION["user_id"] ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
|
$return = true;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
|
2019-10-16 16:20:09 +02:00
|
|
|
if( $owner == $_SESSION["user_id"] || $owner == 'nobody' ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
|
$return = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return( $return );
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
public function get_access( $project_id = null ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-07-02 22:46:32 +02:00
|
|
|
$query = "SELECT * FROM access WHERE project=?";
|
|
|
|
|
$bind_variables = array( $project_id );
|
|
|
|
|
$return = $sql->query( $query, $bind_variables, array() );
|
2018-11-10 06:41:28 +01:00
|
|
|
return( $return );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function get_owner( $path = null ) {
|
|
|
|
|
|
|
|
|
|
if( $path === null ) {
|
|
|
|
|
|
|
|
|
|
$path = $this->path;
|
|
|
|
|
}
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
|
|
|
|
$query = "SELECT owner FROM projects WHERE path=?";
|
2018-11-10 06:41:28 +01:00
|
|
|
$bind_variables = array( $path );
|
2019-07-02 22:46:32 +02:00
|
|
|
$return = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $return ) ) {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $return["owner"];
|
2018-11-10 06:41:28 +01:00
|
|
|
} else {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2018-11-10 06:41:28 +01:00
|
|
|
$return = formatJSEND( "error", "Error fetching project info." );
|
2018-10-11 16:17:41 +02:00
|
|
|
}
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
|
return( $return );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function get_project( $project = null ) {
|
|
|
|
|
|
|
|
|
|
if( $project === null ) {
|
|
|
|
|
|
|
|
|
|
$project = $this->path;
|
|
|
|
|
}
|
2019-07-02 22:46:32 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-07-02 00:22:33 +02:00
|
|
|
$query = "
|
|
|
|
|
SELECT * FROM projects
|
2019-07-02 22:46:32 +02:00
|
|
|
WHERE path = ?
|
2019-07-02 00:22:33 +02:00
|
|
|
AND (
|
|
|
|
|
owner=?
|
2019-10-18 21:58:01 +02:00
|
|
|
OR owner=-1
|
2019-07-02 00:22:33 +02:00
|
|
|
OR id IN ( SELECT project FROM access WHERE user = ? )
|
|
|
|
|
) ORDER BY name;";
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $project, $_SESSION["user_id"], $_SESSION["user_id"] );
|
2019-07-02 00:22:33 +02:00
|
|
|
//$query = "SELECT * FROM projects WHERE path=? AND ( owner=? OR owner='nobody' ) ORDER BY name;";
|
|
|
|
|
//$bind_variables = array( $project, $_SESSION["user"] );
|
2019-07-02 22:46:32 +02:00
|
|
|
$return = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $return ) ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
2019-07-09 04:34:39 +02:00
|
|
|
$return = formatJSEND( "error", "No projects found." );
|
2018-11-10 06:41:28 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return( $return );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
|
2019-07-08 19:44:17 +02:00
|
|
|
public function get_all_projects() {
|
|
|
|
|
|
|
|
|
|
if( is_admin() ) {
|
|
|
|
|
|
|
|
|
|
global $sql;
|
|
|
|
|
$query = "SELECT * FROM projects";
|
|
|
|
|
$bind_variables = array();
|
|
|
|
|
$return = $sql->query( $query, $bind_variables, array() );
|
|
|
|
|
|
|
|
|
|
if( empty( $return ) ) {
|
|
|
|
|
|
2019-07-09 04:34:39 +02:00
|
|
|
$return = formatJSEND( "error", "No projects found." );
|
2019-07-08 19:44:17 +02:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
|
|
$return = formatJSEND( "error", "Only admins are allowed to view all projects." );
|
|
|
|
|
}
|
|
|
|
|
return( $return );
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
public function get_projects() {
|
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-07-02 00:22:33 +02:00
|
|
|
$query = "
|
|
|
|
|
SELECT * FROM projects
|
|
|
|
|
WHERE owner=?
|
2019-10-18 21:58:01 +02:00
|
|
|
OR owner=-1
|
2019-07-02 22:46:32 +02:00
|
|
|
OR id IN ( SELECT project FROM access WHERE user = ? );";
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $_SESSION["user_id"], $_SESSION["user_id"] );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, array() );
|
2018-10-11 16:17:41 +02:00
|
|
|
return( $return );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
|
2018-11-19 19:30:49 +01:00
|
|
|
public function remove_user() {
|
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-07-02 22:46:32 +02:00
|
|
|
|
|
|
|
|
$user_id = get_user_id( $this->user );
|
|
|
|
|
|
|
|
|
|
if( $user_id === false ) {
|
2019-02-04 22:42:12 +01:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
return formatJSEND( "error", "Error fetching user information." );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$query = "DELETE FROM access WHERE project=? AND user=?;";
|
|
|
|
|
$bind_variables = array( $this->project_id, $user_id );
|
|
|
|
|
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
|
|
|
|
|
|
|
|
|
if( $return > 0 ) {
|
2018-11-19 19:30:49 +01:00
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
echo( formatJSEND( "success", "Successfully removed {$this->user}." ) );
|
2019-02-04 22:42:12 +01:00
|
|
|
} else {
|
|
|
|
|
|
2019-07-02 22:46:32 +02:00
|
|
|
echo( formatJSEND( "error", "{$this->user} is not in the access list." ) );
|
2018-11-19 19:30:49 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-11 16:17:41 +02:00
|
|
|
public function rename_project( $old_name, $new_name, $path ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-10-18 21:58:01 +02:00
|
|
|
$query = "SELECT * FROM projects WHERE name=? AND path=? AND ( owner=? OR owner=-1 );";
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $old_name, $path, $_SESSION["user_id"] );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, array() );
|
2019-02-06 23:52:49 +01:00
|
|
|
$pass = false;
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $return ) ) {
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2019-10-18 21:58:01 +02:00
|
|
|
$query = "UPDATE projects SET name=? WHERE name=? AND path=? AND ( owner=? OR owner=-1 );";
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $new_name, $old_name, $path, $_SESSION["user_id"] );
|
2019-02-04 22:42:12 +01:00
|
|
|
$return = $sql->query( $query, $bind_variables, 0, "rowCount");
|
|
|
|
|
|
|
|
|
|
if( $return > 0 ) {
|
|
|
|
|
|
|
|
|
|
echo( formatJSEND( "success", "Renamed " . htmlentities( $old_name ) . " to " . htmlentities( $new_name ) ) );
|
2019-02-06 23:52:49 +01:00
|
|
|
$pass = true;
|
2019-02-04 22:42:12 +01:00
|
|
|
} else {
|
|
|
|
|
|
2019-02-06 23:52:49 +01:00
|
|
|
exit( formatJSEND( "error", "Error renaming project." ) );
|
2019-02-04 22:42:12 +01:00
|
|
|
}
|
2018-10-11 16:17:41 +02:00
|
|
|
} else {
|
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
echo( formatJSEND( "error", "Error renaming project, could not find specified project." ) );
|
2018-10-11 16:17:41 +02:00
|
|
|
}
|
2019-02-06 23:52:49 +01:00
|
|
|
|
|
|
|
|
return $pass;
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// OLD METHODS
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
// -----------------------------||----------------------------- //
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Get First (Default, none selected)
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function GetFirst() {
|
|
|
|
|
|
2019-09-23 03:35:26 +02:00
|
|
|
if( ! is_array( $this->projects ) || empty( $this->projects ) ) {
|
|
|
|
|
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
$this->name = $this->projects[0]['name'];
|
|
|
|
|
$this->path = $this->projects[0]['path'];
|
|
|
|
|
|
|
|
|
|
// Set Sessions
|
|
|
|
|
$_SESSION['project'] = $this->path;
|
2019-09-23 03:35:26 +02:00
|
|
|
return $this->projects[0];
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Get Name From Path
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function GetName() {
|
|
|
|
|
|
|
|
|
|
foreach ( $this->projects as $project => $data ) {
|
|
|
|
|
|
|
|
|
|
if ( $data['path'] == $this->path ) {
|
|
|
|
|
|
|
|
|
|
$this->name = $data['name'];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $this->name;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Open Project
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function Open() {
|
|
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
global $sql;
|
2019-07-02 00:22:33 +02:00
|
|
|
$query = "
|
|
|
|
|
SELECT * FROM projects
|
|
|
|
|
WHERE path = ?
|
|
|
|
|
AND (
|
|
|
|
|
owner=?
|
2019-10-18 21:58:01 +02:00
|
|
|
OR owner=-1
|
2019-07-02 00:22:33 +02:00
|
|
|
OR id IN ( SELECT project FROM access WHERE user = ? )
|
2019-07-04 07:50:29 +02:00
|
|
|
) ORDER BY name LIMIT 1;";
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $this->path, $_SESSION["user_id"], $_SESSION["user_id"] );
|
2019-07-04 07:50:29 +02:00
|
|
|
$return = $sql->query( $query, $bind_variables, array(), "fetch" );
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
if( ! empty( $return ) ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-02-04 22:42:12 +01:00
|
|
|
$query = "UPDATE users SET project=? WHERE username=?;";
|
2019-10-16 16:20:09 +02:00
|
|
|
$bind_variables = array( $return["id"], $_SESSION["user"] );
|
2019-02-04 22:42:12 +01:00
|
|
|
$sql->query( $query, $bind_variables, 0, "rowCount" );
|
2018-11-10 06:41:28 +01:00
|
|
|
$this->name = $return['name'];
|
|
|
|
|
$_SESSION['project'] = $return['path'];
|
2019-07-02 00:22:33 +02:00
|
|
|
$_SESSION['project_id'] = $return['id'];
|
2019-02-04 22:42:12 +01:00
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
echo formatJSEND( "success", array( "name" => $this->name, "path" => $this->path ) );
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
|
|
echo formatJSEND( "error", "Error Opening Project" );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Create
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function Create() {
|
2019-07-01 15:24:34 +02:00
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
if ( $this->name != '' && $this->path != '' ) {
|
|
|
|
|
|
|
|
|
|
$this->path = $this->cleanPath();
|
|
|
|
|
$this->name = htmlspecialchars( $this->name );
|
|
|
|
|
if ( ! $this->isAbsPath( $this->path ) ) {
|
|
|
|
|
|
|
|
|
|
$this->path = $this->SanitizePath();
|
|
|
|
|
}
|
|
|
|
|
if ( $this->path != '' ) {
|
|
|
|
|
|
2019-07-08 19:44:17 +02:00
|
|
|
$user_path = WORKSPACE . '/' . preg_replace( '/[^\w-]/', '', strtolower( $_SESSION["user"] ) );
|
|
|
|
|
|
|
|
|
|
if( ! $this->isAbsPath( $this->path ) ) {
|
2018-11-10 06:41:28 +01:00
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
$this->path = $_SESSION["user"] . '/' . $this->path;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-08 19:44:17 +02:00
|
|
|
$pass = $this->check_duplicate( $this->path );
|
2019-07-04 07:50:29 +02:00
|
|
|
if ( $pass ) {
|
Changed $path to __DIR__ for config location, Updated auto reload variables, Removed unload listener for auto reload, Changed project default to array so that if no projects exist the program does not crash, Updated autosave to use let instead of vars, Fixed capitalization for sideExpanded variable, Added try catch to pdo initialization on install, Added more error checks on install, Removed password function on install query, Changed default settings array, Added loading div to user delete, Updated queries that threw errors when a default value was zero, Added blank username and password check,
2019-02-09 22:14:27 +01:00
|
|
|
|
|
|
|
|
if( ! is_dir( $user_path ) ) {
|
|
|
|
|
|
|
|
|
|
mkdir( $user_path, 0755, true );
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
if ( ! $this->isAbsPath( $this->path ) ) {
|
|
|
|
|
|
2019-07-08 19:44:17 +02:00
|
|
|
if( ! is_dir( WORKSPACE . '/' . $this->path ) ) {
|
|
|
|
|
|
|
|
|
|
mkdir( WORKSPACE . '/' . $this->path );
|
|
|
|
|
}
|
2018-10-09 22:04:48 +02:00
|
|
|
} else {
|
|
|
|
|
|
2019-03-11 15:04:02 +01:00
|
|
|
if( ! is_admin() ) {
|
|
|
|
|
|
|
|
|
|
die( formatJSEND( "error", "Absolute Paths are only allowed for admins" ) );
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
if ( defined( 'WHITEPATHS' ) ) {
|
|
|
|
|
|
|
|
|
|
$allowed = false;
|
|
|
|
|
foreach ( explode( ",", WHITEPATHS ) as $whitepath ) {
|
|
|
|
|
|
|
|
|
|
if ( strpos( $this->path, $whitepath ) === 0 ) {
|
|
|
|
|
|
|
|
|
|
$allowed = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-07-04 07:50:29 +02:00
|
|
|
if ( ! $allowed ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
|
|
|
|
die( formatJSEND( "error", "Absolute Path Only Allowed for " . WHITEPATHS ) );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ( ! file_exists( $this->path ) ) {
|
|
|
|
|
|
|
|
|
|
if ( ! mkdir( $this->path . '/', 0755, true ) ) {
|
|
|
|
|
|
|
|
|
|
die( formatJSEND( "error", "Unable to create Absolute Path" ) );
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
|
|
if ( ! is_writable( $this->path ) || ! is_readable( $this->path ) ) {
|
|
|
|
|
|
|
|
|
|
die( formatJSEND( "error", "No Read/Write Permission" ) );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$this->projects[] = array( "name" => $this->name, "path" => $this->path );
|
|
|
|
|
$this->add_project( $this->name, $this->path );
|
|
|
|
|
|
|
|
|
|
// Pull from Git Repo?
|
|
|
|
|
if ( $this->gitrepo && filter_var( $this->gitrepo, FILTER_VALIDATE_URL ) !== false ) {
|
|
|
|
|
|
|
|
|
|
$this->gitbranch = $this->SanitizeGitBranch();
|
|
|
|
|
if ( ! $this->isAbsPath( $this->path ) ) {
|
|
|
|
|
|
|
|
|
|
$this->command_exec = "cd " . escapeshellarg( WORKSPACE . '/' . $this->path ) . " && git init && git remote add origin " . escapeshellarg( $this->gitrepo ) . " && git pull origin " . escapeshellarg( $this->gitbranch );
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
|
|
$this->command_exec = "cd " . escapeshellarg( $this->path ) . " && git init && git remote add origin " . escapeshellarg( $this->gitrepo ) . " && git pull origin " . escapeshellarg( $this->gitbranch );
|
|
|
|
|
}
|
|
|
|
|
$this->ExecuteCMD();
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
exit( formatJSEND( "success", array( "name" => $this->name, "path" => $this->path ) ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
} else {
|
|
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
exit( formatJSEND( "error", "A Project With the Same Name or Path Exists" ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
exit( formatJSEND( "error", "Project Name/Folder not allowed" ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
exit( formatJSEND( "error", "Project Name/Folder is empty" ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Sanitize GitBranch
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function SanitizeGitBranch() {
|
|
|
|
|
|
|
|
|
|
$sanitized = str_replace( array( "..", chr(40), chr(177), "~", "^", ":", "?", "*", "[", "@{", "\\" ), array( "" ), $this->gitbranch );
|
|
|
|
|
return $sanitized;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Rename
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function Rename() {
|
|
|
|
|
|
|
|
|
|
$revised_array = array();
|
|
|
|
|
foreach ( $this->projects as $project => $data ) {
|
|
|
|
|
|
|
|
|
|
if ( $data['path'] != $this->path ) {
|
|
|
|
|
|
|
|
|
|
$revised_array[] = array( "name" => $data['name'], "path" => $data['path'] );
|
2018-10-11 16:17:41 +02:00
|
|
|
} else {
|
|
|
|
|
|
2019-02-06 23:52:49 +01:00
|
|
|
$rename = $this->rename_project( $data['name'], $_GET['project_name'], $data['path'] );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
}
|
2018-10-11 16:17:41 +02:00
|
|
|
|
2018-10-09 22:04:48 +02:00
|
|
|
$revised_array[] = $this->projects[] = array( "name" => $_GET['project_name'], "path" => $this->path );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Delete Project
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function Delete() {
|
|
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
if( Permissions::has_owner( $this->path ) ) {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
global $sql;
|
|
|
|
|
$query = "DELETE FROM projects WHERE path=?";
|
2019-07-08 19:44:17 +02:00
|
|
|
$bind_variables = array( $this->path );
|
2019-07-04 07:50:29 +02:00
|
|
|
$return = $sql->query( $query, $bind_variables, 0, "rowCount" );
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
if( $return > 0 ) {
|
|
|
|
|
|
|
|
|
|
exit( formatJSEND( "success", "Successfully deleted project." ) );
|
|
|
|
|
} else {
|
2018-10-09 22:04:48 +02:00
|
|
|
|
2019-07-04 07:50:29 +02:00
|
|
|
exit( formatJSEND( "error", "Error deleting project" ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
2019-07-04 07:50:29 +02:00
|
|
|
} else {
|
|
|
|
|
|
|
|
|
|
exit( formatJSEND( "error", "You do not have permission to delete this project" ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Sanitize Path
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function SanitizePath() {
|
|
|
|
|
|
|
|
|
|
$sanitized = str_replace( " ", "_", $this->path );
|
2018-10-11 16:17:41 +02:00
|
|
|
return preg_replace( '/[^\w-]/', '', strtolower( $sanitized ) );
|
2018-10-09 22:04:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Clean Path
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function cleanPath() {
|
|
|
|
|
|
|
|
|
|
// prevent Poison Null Byte injections
|
|
|
|
|
$path = str_replace( chr( 0 ), '', $this->path );
|
|
|
|
|
|
|
|
|
|
// prevent go out of the workspace
|
|
|
|
|
while( strpos( $path, '../' ) !== false ) {
|
|
|
|
|
|
|
|
|
|
$path = str_replace( '../', '', $path );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $path;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
// Execute Command
|
|
|
|
|
//////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
|
|
public function ExecuteCMD() {
|
|
|
|
|
|
|
|
|
|
if ( function_exists( 'system' ) ) {
|
|
|
|
|
|
|
|
|
|
ob_start();
|
|
|
|
|
system( $this->command_exec );
|
|
|
|
|
ob_end_clean();
|
|
|
|
|
} elseif( function_exists( 'passthru' ) ) {
|
|
|
|
|
|
|
|
|
|
//passthru
|
|
|
|
|
ob_start();
|
|
|
|
|
passthru($this->command_exec);
|
|
|
|
|
ob_end_clean();
|
|
|
|
|
} elseif ( function_exists( 'exec' ) ) {
|
|
|
|
|
|
|
|
|
|
//exec
|
|
|
|
|
exec( $this->command_exec, $this->output );
|
|
|
|
|
} elseif ( function_exists( 'shell_exec' ) ) {
|
|
|
|
|
|
|
|
|
|
//shell_exec
|
|
|
|
|
shell_exec( $this->command_exec );
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-10-11 16:17:41 +02:00
|
|
|
}
|
