diff --git a/.gitignore b/.gitignore
old mode 100644
new mode 100755
diff --git a/admin.php b/admin.php
index cd4b854..d74d3ee 100755
--- a/admin.php
+++ b/admin.php
@@ -1,172 +1,3 @@
-
-
-
-
-
- - Admin
- ' );
- } else {
-
- echo( '' );
- }
- }
-
- // Load Component CSS Files
- foreach( $components as $component ) {
-
- if( file_exists( THEMES . "/". $theme . "/" . $component . "/screen.css" ) ) {
-
- echo( '' );
- } else {
-
- if( file_exists( "themes/default/" . $component . "/screen.css" ) ){
-
- echo( '' );
- } else {
-
- if( file_exists( COMPONENTS . "/" . $component . "/screen.css" ) ){
-
- echo( '' );
- }
- }
- }
- }
-
- // Load Plugin CSS Files
- /*foreach( $plugins as $plugin ) {
-
- if( file_exists( THEMES . "/". $theme . "/" . $plugin . "/screen.css" ) ) {
-
- echo( '' );
- } else {
-
- if( file_exists( "themes/default/" . $plugin . "/screen.css" ) ){
-
- echo( '' );
- } else {
-
- if( file_exists( PLUGINS . "/" . $plugin . "/screen.css" ) ) {
-
- echo( '' );
- }
- }
- }
- }*/
- ?>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- ');
- }
- }
-
- foreach( $plugins as $plugin ) {
-
- if( file_exists( PLUGINS . "/" . $plugin . "/init.js" ) ) {
-
- echo( '' );
- }
- }
-
- */
- ?>
-
-
\ No newline at end of file
+//Silence is golden.
+?>
\ No newline at end of file
diff --git a/common.php b/common.php
index 4205de7..2a6968d 100755
--- a/common.php
+++ b/common.php
@@ -117,7 +117,7 @@ class Common {
//////////////////////////////////////////////////////////////////
// Check access to a project
//////////////////////////////////////////////////////////////////
- public static function check_project_access( $project_name, $project_path, $action ) {
+ public static function check_project_access( $project_path, $action ) {
$sql = "SELECT * FROM `projects` WHERE `name`=? AND `path`=? AND ( `owner`=? OR `owner`='nobody' );";
$bind = "sss";
@@ -151,13 +151,20 @@ class Common {
self::return( $return, $action );
}
- public static function get_users( $return = "return" ) {
+ public static function get_users( $return = "return", $exclude_current = false ) {
- $sql = "SELECT `username` FROM `users`;";
+ $sql = "SELECT `username` FROM `users`";
$bind = "";
$bind_variables = array();
- $result = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error checking users." ) );
+ if( $exclude_current ) {
+
+ $sql .= " WHERE `username`!=?";
+ $bind .= "s";
+ array_push( $bind_variables, $_SESSION["user"] );
+ }
+
+ $result = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error checking users." ) );
$user_list = array();
foreach( $result as $row ) {
@@ -220,6 +227,74 @@ class Common {
session_start();
}
+ //////////////////////////////////////////////////////////////////
+ // Search Users
+ //////////////////////////////////////////////////////////////////
+
+ public function search_users( $username, $return = "return", $exclude_current = false ) {
+
+ $sql = "SELECT `username` FROM `users` WHERE `username` LIKE ?";
+ $bind = "s";
+ $bind_variables = array( "%{$username}%" );
+
+ if( $exclude_current ) {
+
+ $sql .= " AND `username`!=?";
+ $bind .= "s";
+ array_push( $bind_variables, $_SESSION["user"] );
+ }
+
+ $result = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error selecting user information." ) );
+ $user_list = array();
+
+ foreach( $result as $row ) {
+
+ array_push( $user_list, $row["username"] );
+ }
+
+ if( mysqli_num_rows( $result ) > 0 ) {
+
+ switch( $return ) {
+
+ case( "exit" ):
+
+ exit( formatJSEND( "success", $user_list ) );
+ break;
+
+ case( "json" ):
+
+ $return = json_encode( $user_list );
+ break;
+
+ case( "return" ):
+
+ $return = $user_list;
+ break;
+ }
+ } else {
+
+ switch( $return ) {
+
+ case( "exit" ):
+
+ exit( formatJSEND( "error", "Error selecting user information." ) );
+ break;
+
+ case( "json" ):
+
+ $return = formatJSEND( "error", "Error selecting user information." );
+ break;
+
+ case( "return" ):
+
+ $return = null;
+ break;
+ }
+ }
+
+ return( $return );
+ }
+
//////////////////////////////////////////////////////////////////
// Start Sessions
//////////////////////////////////////////////////////////////////
@@ -580,5 +655,6 @@ function checkAccess() { return Common::checkAccess(); }
function checkPath($path) { return Common::checkPath($path); }
function isAvailable($func) { return Common::isAvailable($func); }
function logout() { return Common::logout(); }
-function get_users() { return Common::get_users(); }
+function get_users( $return = "return", $exclude_current = false ) { return Common::get_users( $return, $exclude_current ); }
+function search_users( $username, $return = "return", $exclude_current = false ) { return Common::search_users( $username, $return, $exclude_current ); }
?>
diff --git a/components/editor/dialog.php b/components/editor/dialog.php
index 7dbe71d..cede631 100755
--- a/components/editor/dialog.php
+++ b/components/editor/dialog.php
@@ -28,12 +28,12 @@ switch($_GET['action']){
$type = $_GET['type'];
?>
-
+
-
+
@@ -52,7 +52,7 @@ switch($_GET['action']){
diff --git a/components/project/class.project.php b/components/project/class.project.php
index e97cdfb..bdb5fed 100755
--- a/components/project/class.project.php
+++ b/components/project/class.project.php
@@ -23,6 +23,7 @@ class Project extends Common {
public $assigned = false;
public $command_exec = '';
public $public_project = false;
+ public $user = '';
//////////////////////////////////////////////////////////////////
// METHODS
@@ -61,6 +62,45 @@ class Project extends Common {
return( $return );
}
+ public function add_user() {
+
+ $sql = "SELECT `access` FROM `projects` WHERE `path`=? AND `owner`=?";
+ $bind = "ss";
+ $bind_variables = array( $this->path, $_SESSION["user"] );
+ $result = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching projects." ) );
+
+ if( mysqli_num_rows( $result ) > 0 ) {
+
+ $access = json_decode( mysqli_fetch_assoc( $result )["access"] );
+
+ if( is_array( $access ) ) {
+
+ if( ! in_array( $this->user, $access ) ) {
+
+ array_push( $access, $this->user );
+ }
+ } else {
+
+ $access = array(
+ $this->user
+ );
+ }
+
+ $access = json_encode( $access );
+ $sql = "UPDATE `projects` SET `access`=? WHERE `path`=? AND `owner`=?;";
+ $bind = "sss";
+ $bind_variables = array( $access, $this->path, $_SESSION["user"] );
+ $return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error setting access for project." ) );
+ if( sql::check_sql_error( $return ) ) {
+
+ echo( formatJSEND( "success", "Successfully added {$this->user}." ) );
+ } else {
+
+ echo $return;
+ }
+ }
+ }
+
public function check_owner( $path = null, $exclude_public = false ) {
if( $path === null ) {
@@ -162,9 +202,9 @@ class Project extends Common {
public function get_projects() {
- $sql = "SELECT * FROM `projects` WHERE `owner`=? OR `owner`='nobody' ORDER BY `name`;";
- $bind = "s";
- $bind_variables = array( $_SESSION["user"] );
+ $sql = "SELECT * FROM `projects` WHERE `owner`=? OR `owner`='nobody' OR `access` LIKE ? ORDER BY `name`;";
+ $bind = "ss";
+ $bind_variables = array( $_SESSION["user"], '%"' . $_SESSION["user"] . '"%' );
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching projects." ) );
if( mysqli_num_rows( $return ) > 0 ) {
@@ -178,6 +218,45 @@ class Project extends Common {
return( $return );
}
+ public function remove_user() {
+
+ $sql = "SELECT `access` FROM `projects` WHERE `path`=? AND `owner`=?";
+ $bind = "ss";
+ $bind_variables = array( $this->path, $_SESSION["user"] );
+ $result = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching projects." ) );
+
+ if( mysqli_num_rows( $result ) > 0 ) {
+
+ $access = json_decode( mysqli_fetch_assoc( $result )["access"] );
+
+ if( is_array( $access ) ) {
+
+ $key = array_search( $this->user, $access );
+
+ if ( $key !== false ) {
+
+ unset( $access[$key] );
+ } else {
+
+ echo( formatJSEND( "error", "{$this->user} is not in the access list." ) );
+ }
+ }
+
+ $access = json_encode( $access );
+ $sql = "UPDATE `projects` SET `access`=? WHERE `path`=? AND `owner`=?;";
+ $bind = "sss";
+ $bind_variables = array( $access, $this->path, $_SESSION["user"] );
+ $return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error setting access for project." ) );
+ if( sql::check_sql_error( $return ) ) {
+
+ echo( formatJSEND( "success", "Successfully removed {$this->user}." ) );
+ } else {
+
+ echo $return;
+ }
+ }
+ }
+
public function rename_project( $old_name, $new_name, $path ) {
$sql = "SELECT * FROM `projects` WHERE `name`=? AND `path`=? AND ( `owner`=? OR `owner`='nobody' );";
@@ -243,9 +322,9 @@ class Project extends Common {
public function Open() {
- $sql = "SELECT * FROM `projects` WHERE `path`=? AND ( `owner`=? OR `owner`='nobody' );";
- $bind = "ss";
- $bind_variables = array( $this->path, $_SESSION["user"] );
+ $sql = "SELECT * FROM `projects` WHERE `path`=? AND ( `owner`=? OR `owner`='nobody' OR `access` LIKE ? );";
+ $bind = "sss";
+ $bind_variables = array( $this->path, $_SESSION["user"], '%"' . $_SESSION["user"] . '"%' );
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching projects." ) );
if( mysqli_num_rows( $return ) > 0 ) {
diff --git a/components/project/controller.php b/components/project/controller.php
index 491f043..349e9d8 100755
--- a/components/project/controller.php
+++ b/components/project/controller.php
@@ -18,6 +18,42 @@ checkSession();
$Project = new Project();
+if( $_GET['action'] == 'add_user' ) {
+
+ $invalid_users = array(
+ "",
+ "null",
+ "undefined"
+ );
+
+ if( ! in_array( $_GET['username'], $invalid_users ) ) {
+
+ $Project->user = $_GET['username'];
+ } else {
+
+ echo formatJSEND( "error", "No username set." );
+ return;
+ }
+
+ if( $_GET['project_path'] != '' ) {
+
+ $Project->path = $_GET['project_path'];
+ } else {
+
+ echo formatJSEND( "error", "No project path set." );
+ return;
+ }
+
+ if( $Project->check_owner( $_GET["project_path"], true ) ) {
+
+ $Project->add_user();
+ } else {
+
+ echo formatJSEND( "error", "You can not manage this project." );
+ }
+}
+
+
//////////////////////////////////////////////////////////////////
// Create Project
//////////////////////////////////////////////////////////////////
@@ -150,6 +186,41 @@ if( $_GET['action'] == 'open' ) {
$Project->Open();
}
+if( $_GET['action'] == 'remove_user' ) {
+
+ $invalid = array(
+ "",
+ "null",
+ "undefined"
+ );
+
+ if( ! in_array( $_GET['username'], $invalid ) ) {
+
+ $Project->user = $_GET['username'];
+ } else {
+
+ echo formatJSEND( "error", "No username set." );
+ return;
+ }
+
+ if( ! in_array( $_GET['project_path'], $invalid ) ) {
+
+ $Project->path = $_GET['project_path'];
+ } else {
+
+ echo formatJSEND( "error", "No project path set." );
+ return;
+ }
+
+ if( $Project->check_owner( $_GET["project_path"], true ) ) {
+
+ $Project->remove_user();
+ } else {
+
+ echo formatJSEND( "error", "You can not manage this project." );
+ }
+}
+
//////////////////////////////////////////////////////////////////
// Rename Project
//////////////////////////////////////////////////////////////////
diff --git a/components/project/dialog.php b/components/project/dialog.php
index 1b019c1..c7de734 100755
--- a/components/project/dialog.php
+++ b/components/project/dialog.php
@@ -204,13 +204,13 @@ switch( $_GET['action'] ) {
$path = $_GET['path'];
$project = $Project->get_project( $path );
$access = json_decode( $project["access"], true );
- $users = get_users();
+ $users = get_users( "return", true );
?>