mirror of
https://github.com/xevidos/codiad.git
synced 2024-12-22 13:52:16 +01:00
Refactored user class, Users can now only see projects owned by \'nobody\' or themselves to get ready for permissions update.
This commit is contained in:
parent
84cfb3d9ad
commit
42a87590ac
9 changed files with 603 additions and 466 deletions
77
common.php
77
common.php
|
@ -108,11 +108,6 @@ class Common {
|
||||||
exit( $output );
|
exit( $output );
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case( "json" ):
|
|
||||||
|
|
||||||
exit( '{"status":"error","message":"' . $output . '<script>window.location.href = window.location.protocol + `' . "//" . Common::getConstant( 'BASE_URL' ) . '`</script>"}' );
|
|
||||||
break;
|
|
||||||
|
|
||||||
case( "return" ):
|
case( "return" ):
|
||||||
|
|
||||||
return( $output );
|
return( $output );
|
||||||
|
@ -129,10 +124,45 @@ class Common {
|
||||||
if( ! self::check_session() ) {
|
if( ! self::check_session() ) {
|
||||||
|
|
||||||
session_destroy();
|
session_destroy();
|
||||||
self::return( "Access Denied", "json" );
|
self::return( formatJSEND( "error", "Error fetching project information." ), "exit" );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//////////////////////////////////////////////////////////////////
|
||||||
|
// Check access to a project
|
||||||
|
//////////////////////////////////////////////////////////////////
|
||||||
|
public static function check_project_access( $project_name, $project_path, $action ) {
|
||||||
|
|
||||||
|
$sql = "SELECT * FROM `projects` WHERE `name`=? AND `path`=? AND ( `owner`=? OR `owner`='nobody' );";
|
||||||
|
$bind = "sss";
|
||||||
|
$bind_variables = array( $project_name, $project_path, $_SESSION["user"] );
|
||||||
|
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error checking project access." ) );
|
||||||
|
|
||||||
|
if( mysqli_num_rows( $return ) > 0 ) {
|
||||||
|
|
||||||
|
$return = mysqli_fetch_assoc( $return );
|
||||||
|
|
||||||
|
try {
|
||||||
|
|
||||||
|
$users = json_decode( $return["access"] );
|
||||||
|
} catch( exception $e ) {
|
||||||
|
|
||||||
|
$users = array();
|
||||||
|
}
|
||||||
|
|
||||||
|
if( $return["owner"] == 'nobody' || $return["owner"] == $_SESSION["user"] || ( in_array( $_SESSION["user"], $users ) && ! empty( $users ) ) ) {
|
||||||
|
|
||||||
|
$return = true;
|
||||||
|
} else {
|
||||||
|
|
||||||
|
$return = false;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
|
||||||
|
$return = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
self::return( $return, $action );
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
@ -213,7 +243,7 @@ class Common {
|
||||||
session_save_path( SESSIONS_PATH );
|
session_save_path( SESSIONS_PATH );
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
if(! defined( 'SESSION_ID' ) ) {
|
if( ! defined( 'SESSION_ID' ) ) {
|
||||||
|
|
||||||
define( "SESSION_ID", session_id() );
|
define( "SESSION_ID", session_id() );
|
||||||
}
|
}
|
||||||
|
@ -410,26 +440,29 @@ class Common {
|
||||||
|
|
||||||
public static function checkPath( $path ) {
|
public static function checkPath( $path ) {
|
||||||
|
|
||||||
if( file_exists( DATA . "/" . $_SESSION['user'] . '_acl.php' ) ) {
|
$sql = "SELECT * FROM `projects` WHERE LOCATE( `path`, ? ) > 0 LIMIT 1;";
|
||||||
|
$bind = "s";
|
||||||
|
$bind_variables = array( $path );
|
||||||
|
$result = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching project information." ) );
|
||||||
|
|
||||||
foreach ( getJSON( $_SESSION['user'] . '_acl.php' ) as $projects => $data ) {
|
if( mysqli_num_rows( $result ) > 0 ) {
|
||||||
|
|
||||||
if ( strpos( $path, $data ) === 0) {
|
$result = mysqli_fetch_assoc( $result );
|
||||||
|
|
||||||
return true;
|
try {
|
||||||
|
|
||||||
|
$users = json_decode( $result["access"] );
|
||||||
|
} catch( exception $e ) {
|
||||||
|
|
||||||
|
$users = array();
|
||||||
|
}
|
||||||
|
|
||||||
|
if( $result["owner"] == 'nobody' || $result["owner"] == $_SESSION["user"] || ( in_array( $_SESSION["user"], $users ) && ! empty( $users ) ) ) {
|
||||||
|
|
||||||
|
return( true );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
return( false );
|
||||||
|
|
||||||
foreach( getJSON( 'projects.php' ) as $project => $data ) {
|
|
||||||
|
|
||||||
if ( strpos( $path, $data['path'] ) === 0 ) {
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -406,6 +406,14 @@ class Filemanager extends Common {
|
||||||
|
|
||||||
public function delete( $keep_parent = false ) {
|
public function delete( $keep_parent = false ) {
|
||||||
|
|
||||||
|
if( Common::checkPath( $path ) ) {
|
||||||
|
|
||||||
|
$this->status = "error";
|
||||||
|
$this->message = "No access.";
|
||||||
|
$this->respond();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
function rrmdir( $path, $follow, $keep_parent = false ) {
|
function rrmdir( $path, $follow, $keep_parent = false ) {
|
||||||
|
|
||||||
if ( is_file( $path ) ) {
|
if ( is_file( $path ) ) {
|
||||||
|
|
|
@ -42,24 +42,85 @@ class Project extends Common {
|
||||||
// NEW METHODS
|
// NEW METHODS
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function add_project() {
|
public function add_project( $project_name, $project_path, $owner = null ) {
|
||||||
|
|
||||||
|
if( $owner == null ) {
|
||||||
|
|
||||||
|
$owner = $_SESSION["user"];
|
||||||
|
} else {
|
||||||
|
|
||||||
|
$owner = 'nobody';
|
||||||
}
|
}
|
||||||
|
|
||||||
public function delete_project() {
|
$sql = "INSERT INTO `projects`( `name`, `path`, `owner` ) VALUES ( ?, ?, ? );";
|
||||||
|
$bind = "sss";
|
||||||
|
$bind_variables = array( $project_name, $project_path, $owner );
|
||||||
|
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error creating project $project_name." ) );
|
||||||
|
|
||||||
|
return( $return );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function delete_project( $project_name, $project_path, $owner = null ) {
|
||||||
|
|
||||||
|
if( $owner == null ) {
|
||||||
|
|
||||||
|
$owner = $_SESSION["user"];
|
||||||
|
} else {
|
||||||
|
|
||||||
|
$owner = 'nobody';
|
||||||
|
}
|
||||||
|
|
||||||
|
$owner = $_SESSION["user"];
|
||||||
|
$sql = "DELETE FROM `projects` WHERE `name`=? AND `path`=? AND ( `owner`=? OR `owner`='nobody' );";
|
||||||
|
$bind = "sss";
|
||||||
|
$bind_variables = array( $project_name, $project_path, $owner );
|
||||||
|
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error deleting project $project_name." ) );
|
||||||
|
|
||||||
|
try {
|
||||||
|
|
||||||
|
$json = json_decode( $return, true );
|
||||||
|
exit( $return );
|
||||||
|
} catch( exception $e ) {
|
||||||
|
|
||||||
|
exit( formatJSEND( "success", "Successfully deleted project $project_name." ) );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function get_projects() {
|
public function get_projects() {
|
||||||
|
|
||||||
|
$sql = "SELECT * FROM `projects` WHERE `owner`=? OR `owner`='nobody' ORDER BY `name`;";
|
||||||
|
$bind = "s";
|
||||||
|
$bind_variables = array( $_SESSION["user"] );
|
||||||
|
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching projects." ) );
|
||||||
|
|
||||||
|
if( mysqli_num_rows( $return ) > 0 ) {
|
||||||
|
|
||||||
|
$return = mysqli_fetch_all( $return, MYSQLI_ASSOC );
|
||||||
|
} else {
|
||||||
|
|
||||||
|
$return = formatJSEND( "error", "Error fetching projects." );
|
||||||
}
|
}
|
||||||
|
|
||||||
public function rename_project() {
|
return( $return );
|
||||||
|
}
|
||||||
|
|
||||||
|
public function rename_project( $old_name, $new_name, $path ) {
|
||||||
|
|
||||||
|
$sql = "SELECT * FROM `projects` WHERE `name`=? AND `path`=? AND ( `owner`=? OR `owner`='nobody' );";
|
||||||
|
$bind = "sss";
|
||||||
|
$bind_variables = array( $old_name, $path, $_SESSION["user"] );
|
||||||
|
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching projects." ) );
|
||||||
|
|
||||||
|
if( mysqli_num_rows( $return ) > 0 ) {
|
||||||
|
|
||||||
|
$sql = "UPDATE `projects` SET `name`=? WHERE `name`=? AND `path`=? AND ( `owner`=? OR `owner`='nobody' );";
|
||||||
|
$bind = "ssss";
|
||||||
|
$bind_variables = array( $new_name, $old_name, $path, $_SESSION["user"] );
|
||||||
|
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error renaming project." ) );
|
||||||
|
} else {
|
||||||
|
|
||||||
|
exit( formatJSEND( "error", "Error renaming project, could not find specified project." ) );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
@ -234,10 +295,13 @@ class Project extends Common {
|
||||||
if ( $data['path'] != $this->path ) {
|
if ( $data['path'] != $this->path ) {
|
||||||
|
|
||||||
$revised_array[] = array( "name" => $data['name'], "path" => $data['path'] );
|
$revised_array[] = array( "name" => $data['name'], "path" => $data['path'] );
|
||||||
|
} else {
|
||||||
|
|
||||||
|
$this->rename_project( $data['name'], $_GET['project_name'], $data['path'] );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$revised_array[] = $this->projects[] = array( "name" => $_GET['project_name'], "path" => $this->path );
|
$revised_array[] = $this->projects[] = array( "name" => $_GET['project_name'], "path" => $this->path );
|
||||||
$this->rename_project( $data['name'], );
|
|
||||||
// Response
|
// Response
|
||||||
echo formatJSEND("success", null);
|
echo formatJSEND("success", null);
|
||||||
}
|
}
|
||||||
|
@ -254,14 +318,12 @@ class Project extends Common {
|
||||||
if ( $data['path'] != $this->path ) {
|
if ( $data['path'] != $this->path ) {
|
||||||
|
|
||||||
$revised_array[] = array( "name" => $data['name'], "path" => $data['path'] );
|
$revised_array[] = array( "name" => $data['name'], "path" => $data['path'] );
|
||||||
}
|
} else {
|
||||||
}
|
|
||||||
// Save array back to JSON
|
|
||||||
$this->delete_project( , );
|
|
||||||
// Response
|
|
||||||
echo formatJSEND( "success", null );
|
|
||||||
}
|
|
||||||
|
|
||||||
|
$this->delete_project( $data['name'], $data['path'] );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Check Duplicate
|
// Check Duplicate
|
||||||
|
@ -287,7 +349,7 @@ class Project extends Common {
|
||||||
public function SanitizePath() {
|
public function SanitizePath() {
|
||||||
|
|
||||||
$sanitized = str_replace( " ", "_", $this->path );
|
$sanitized = str_replace( " ", "_", $this->path );
|
||||||
return preg_replace( '/[^\w-]/', '', $sanitized );
|
return preg_replace( '/[^\w-]/', '', strtolower( $sanitized ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
|
@ -1,113 +1,114 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) Codiad & Kent Safranski (codiad.com), distributed
|
* Copyright (c) Codiad & Kent Safranski (codiad.com), distributed
|
||||||
* as-is and without warranty under the MIT License. See
|
* as-is and without warranty under the MIT License. See
|
||||||
* [root]/license.txt for more. This information must remain intact.
|
* [root]/license.txt for more. This information must remain intact.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
require_once('../../common.php');
|
require_once('../../common.php');
|
||||||
require_once('class.project.php');
|
require_once('./class.project.php');
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Verify Session or Key
|
// Verify Session or Key
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
checkSession();
|
checkSession();
|
||||||
|
|
||||||
$Project = new Project();
|
$Project = new Project();
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Get Current Project
|
// Get Current Project
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
$no_return = false;
|
$no_return = false;
|
||||||
if (isset($_GET['no_return'])) {
|
if (isset($_GET['no_return'])) {
|
||||||
$no_return = true;
|
$no_return = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_GET['action']=='get_current') {
|
if ($_GET['action']=='get_current') {
|
||||||
if (!isset($_SESSION['project'])) {
|
|
||||||
// Load default/first project
|
if ( ! isset($_SESSION['project'])) {
|
||||||
if ($no_return) {
|
// Load default/first project
|
||||||
$Project->no_return = true;
|
if ($no_return) {
|
||||||
}
|
$Project->no_return = true;
|
||||||
$Project->GetFirst();
|
}
|
||||||
} else {
|
$Project->GetFirst();
|
||||||
// Load current
|
} else {
|
||||||
$Project->path = $_SESSION['project'];
|
// Load current
|
||||||
$project_name = $Project->GetName();
|
$Project->path = $_SESSION['project'];
|
||||||
if (!$no_return) {
|
$project_name = $Project->GetName();
|
||||||
echo formatJSEND("success", array("name"=>$project_name,"path"=>$_SESSION['project']));
|
if (!$no_return) {
|
||||||
}
|
echo formatJSEND("success", array("name"=>$project_name,"path"=>$_SESSION['project']));
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Open Project
|
// Open Project
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
if ($_GET['action']=='open') {
|
if ($_GET['action']=='open') {
|
||||||
if (!checkPath($_GET['path'])) {
|
if (!checkPath($_GET['path'])) {
|
||||||
die(formatJSEND("error", "No Access"));
|
die(formatJSEND("error", "No Access to path " . $_GET['path']));
|
||||||
}
|
}
|
||||||
$Project->path = $_GET['path'];
|
$Project->path = $_GET['path'];
|
||||||
$Project->Open();
|
$Project->Open();
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Create Project
|
// Create Project
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
if ($_GET['action']=='create') {
|
if ($_GET['action']=='create') {
|
||||||
if (checkAccess()) {
|
if (checkAccess()) {
|
||||||
$Project->name = $_GET['project_name'];
|
$Project->name = $_GET['project_name'];
|
||||||
if ($_GET['project_path'] != '') {
|
if ($_GET['project_path'] != '') {
|
||||||
$Project->path = $_GET['project_path'];
|
$Project->path = $_GET['project_path'];
|
||||||
} else {
|
} else {
|
||||||
$Project->path = $_GET['project_name'];
|
$Project->path = $_GET['project_name'];
|
||||||
}
|
}
|
||||||
// Git Clone?
|
// Git Clone?
|
||||||
if (!empty($_GET['git_repo'])) {
|
if (!empty($_GET['git_repo'])) {
|
||||||
$Project->gitrepo = $_GET['git_repo'];
|
$Project->gitrepo = $_GET['git_repo'];
|
||||||
$Project->gitbranch = $_GET['git_branch'];
|
$Project->gitbranch = $_GET['git_branch'];
|
||||||
}
|
}
|
||||||
$Project->Create();
|
$Project->Create();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Rename Project
|
// Rename Project
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
if ($_GET['action']=='rename') {
|
if ($_GET['action']=='rename') {
|
||||||
if (!checkPath($_GET['project_path'])) {
|
if (!checkPath($_GET['project_path'])) {
|
||||||
die(formatJSEND("error", "No Access"));
|
die(formatJSEND("error", "No Access"));
|
||||||
}
|
}
|
||||||
$Project->path = $_GET['project_path'];
|
$Project->path = $_GET['project_path'];
|
||||||
$Project->Rename();
|
$Project->Rename();
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Delete Project
|
// Delete Project
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
if ($_GET['action']=='delete') {
|
if ($_GET['action']=='delete') {
|
||||||
if (checkAccess()) {
|
if (checkAccess()) {
|
||||||
$Project->path = $_GET['project_path'];
|
$Project->path = $_GET['project_path'];
|
||||||
$Project->Delete();
|
$Project->Delete();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Return Current
|
// Return Current
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
if ($_GET['action']=='current') {
|
if ($_GET['action']=='current') {
|
||||||
if (isset($_SESSION['project'])) {
|
if (isset($_SESSION['project'])) {
|
||||||
echo formatJSEND("success", $_SESSION['project']);
|
echo formatJSEND("success", $_SESSION['project']);
|
||||||
} else {
|
} else {
|
||||||
echo formatJSEND("error", "No Project Returned");
|
echo formatJSEND("error", "No Project Returned");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,12 +8,14 @@
|
||||||
|
|
||||||
|
|
||||||
require_once('../../common.php');
|
require_once('../../common.php');
|
||||||
|
require_once('./class.project.php');
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Verify Session or Key
|
// Verify Session or Key
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
checkSession();
|
checkSession();
|
||||||
|
$Project = new Project;
|
||||||
|
|
||||||
switch( $_GET['action'] ) {
|
switch( $_GET['action'] ) {
|
||||||
|
|
||||||
|
@ -23,11 +25,11 @@ switch( $_GET['action'] ) {
|
||||||
case 'sidelist':
|
case 'sidelist':
|
||||||
|
|
||||||
// Get projects data
|
// Get projects data
|
||||||
$projects = Project::get_projects();
|
$projects = $Project->get_projects();
|
||||||
?>
|
?>
|
||||||
<ul>
|
<ul>
|
||||||
<?php
|
<?php
|
||||||
sort( $projects, SORT_NATURAL );
|
//natcasesort( $projects );
|
||||||
foreach( $projects as $project => $data ) {
|
foreach( $projects as $project => $data ) {
|
||||||
|
|
||||||
if( $_GET['trigger'] == 'true' ) {
|
if( $_GET['trigger'] == 'true' ) {
|
||||||
|
@ -53,48 +55,48 @@ switch( $_GET['action'] ) {
|
||||||
|
|
||||||
case 'list':
|
case 'list':
|
||||||
|
|
||||||
// Get access control data
|
//Get projects data
|
||||||
$projects_assigned = false;
|
$projects = $Project->get_projects();
|
||||||
if(file_exists(BASE_PATH . "/data/" . $_SESSION['user'] . '_acl.php')){
|
|
||||||
$projects_assigned = getJSON($_SESSION['user'] . '_acl.php');
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<label><?php i18n("Project List"); ?></label>
|
<label><?php i18n("Project List"); ?></label>
|
||||||
<div id="project-list">
|
<div id="project-list">
|
||||||
<table width="100%">
|
<table width="100%">
|
||||||
<tr>
|
<tr>
|
||||||
<th width="70"><?php i18n("Open"); ?></th>
|
<th width="70"><?php i18n( "Open");?></th>
|
||||||
<th width="150"><?php i18n("Project Name"); ?></th>
|
<th width="150"><?php i18n( "Project Name" );?></th>
|
||||||
<th width="250"><?php i18n("Path"); ?></th>
|
<th width="250"><?php i18n( "Path" );?></th>
|
||||||
<?php if(checkAccess()){ ?><th width="70"><?php i18n("Delete"); ?></th><?php } ?>
|
<?php if( checkAccess() ) { ?><th width="70"><?php i18n("Delete");?></th><?php } ?>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
<div class="project-wrapper">
|
<div class="project-wrapper">
|
||||||
<table width="100%" style="word-wrap: break-word;word-break: break-all;">
|
<table width="100%" style="word-wrap: break-word;word-break: break-all;">
|
||||||
<?php
|
<?php
|
||||||
|
foreach( $projects as $project => $data ) {
|
||||||
|
|
||||||
// Get projects JSON data
|
|
||||||
$projects = getJSON('projects.php');
|
|
||||||
sort($projects);
|
|
||||||
foreach($projects as $project=>$data){
|
|
||||||
$show = true;
|
$show = true;
|
||||||
if($projects_assigned && !in_array($data['path'],$projects_assigned)){ $show=false; }
|
if( $projects_assigned && ! in_array( $data['path'], $projects_assigned ) ) {
|
||||||
if($show){
|
|
||||||
|
$show = false;
|
||||||
|
}
|
||||||
|
if( $show ) {
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
<td width="70"><a onclick="codiad.project.open('<?php echo($data['path']); ?>');" class="icon-folder bigger-icon"></a></td>
|
<td width="70"><a onclick="codiad.project.open('<?php echo( $data['path'] );?>');" class="icon-folder bigger-icon"></a></td>
|
||||||
<td width="150"><?php echo($data['name']); ?></td>
|
<td width="150"><?php echo($data['name']);?></td>
|
||||||
<td width="250"><?php echo($data['path']); ?></td>
|
<td width="250"><?php echo($data['path']);?></td>
|
||||||
<?php
|
<?php
|
||||||
if(checkAccess()){
|
if( checkAccess() ) {
|
||||||
if($_SESSION['project'] == $data['path']){
|
|
||||||
|
if( $_SESSION['project'] == $data['path'] ) {
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<td width="70"><a onclick="codiad.message.error(i18n('Active Project Cannot Be Removed'));" class="icon-block bigger-icon"></a></td>
|
<td width="70"><a onclick="codiad.message.error(i18n('Active Project Cannot Be Removed'));" class="icon-block bigger-icon"></a></td>
|
||||||
<?php
|
<?php
|
||||||
}else{
|
} else {
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<td width="70"><a onclick="codiad.project.delete('<?php echo($data['name']); ?>','<?php echo($data['path']); ?>');" class="icon-cancel-circled bigger-icon"></a></td>
|
<td width="70"><a onclick="codiad.project.delete('<?php echo($data['name']);?>','<?php echo($data['path']);?>');" class="icon-cancel-circled bigger-icon"></a></td>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -110,7 +112,6 @@ switch( $_GET['action'] ) {
|
||||||
<?php if(checkAccess()){ ?><button class="btn-left" onclick="codiad.project.create();"><?php i18n("New Project"); ?></button><?php } ?>
|
<?php if(checkAccess()){ ?><button class="btn-left" onclick="codiad.project.create();"><?php i18n("New Project"); ?></button><?php } ?>
|
||||||
<button class="<?php if(checkAccess()){ echo('btn-right'); } ?>" onclick="codiad.modal.unload();return false;"><?php i18n("Close"); ?></button>
|
<button class="<?php if(checkAccess()){ echo('btn-right'); } ?>" onclick="codiad.modal.unload();return false;"><?php i18n("Close"); ?></button>
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////////
|
||||||
|
|
|
@ -57,7 +57,7 @@ class Settings {
|
||||||
|
|
||||||
if( $user_setting == null ) {
|
if( $user_setting == null ) {
|
||||||
|
|
||||||
$sql = "SELECT `value` FROM `options` WHERE `option_name`=?;";
|
$sql = "SELECT `value` FROM `options` WHERE `name`=?;";
|
||||||
$bind = "s";
|
$bind = "s";
|
||||||
$bind_variables = array( $option );
|
$bind_variables = array( $option );
|
||||||
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching option: $option" ) );
|
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching option: $option" ) );
|
||||||
|
@ -71,7 +71,7 @@ class Settings {
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
$sql = "SELECT `value` FROM `user_options` WHERE `option_name`=? AND `username`=?;";
|
$sql = "SELECT `value` FROM `user_options` WHERE `name`=? AND `username`=?;";
|
||||||
$bind = "ss";
|
$bind = "ss";
|
||||||
$bind_variables = array( $option, $this->username );
|
$bind_variables = array( $option, $this->username );
|
||||||
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching option: $option" ) );
|
$return = sql::sql( $sql, $bind, $bind_variables, formatJSEND( "error", "Error fetching option: $option" ) );
|
||||||
|
@ -130,7 +130,7 @@ class Settings {
|
||||||
|
|
||||||
public function update_option( $option, $value, $user_setting = null ) {
|
public function update_option( $option, $value, $user_setting = null ) {
|
||||||
|
|
||||||
$query = "INSERT INTO user_options ( `option_name`, `username`, `value` ) VALUES ( ?, ?, ? );";
|
$query = "INSERT INTO user_options ( `name`, `username`, `value` ) VALUES ( ?, ?, ? );";
|
||||||
$bind = "sss";
|
$bind = "sss";
|
||||||
$bind_variables = array(
|
$bind_variables = array(
|
||||||
$option,
|
$option,
|
||||||
|
@ -141,7 +141,7 @@ class Settings {
|
||||||
|
|
||||||
if( $result !== true ) {
|
if( $result !== true ) {
|
||||||
|
|
||||||
$query = "UPDATE user_options SET `value`=? WHERE `option_name`=? AND `username`=?;";
|
$query = "UPDATE user_options SET `value`=? WHERE `name`=? AND `username`=?;";
|
||||||
$bind = "sss";
|
$bind = "sss";
|
||||||
$bind_variables = array(
|
$bind_variables = array(
|
||||||
$value,
|
$value,
|
||||||
|
|
|
@ -6,7 +6,7 @@ error_reporting(E_ALL);
|
||||||
|
|
||||||
require_once('../../common.php');
|
require_once('../../common.php');
|
||||||
require_once('../settings/class.settings.php');
|
require_once('../settings/class.settings.php');
|
||||||
|
require_once('../project/class.project.php');
|
||||||
checkSession();
|
checkSession();
|
||||||
if ( ! checkAccess() ) {
|
if ( ! checkAccess() ) {
|
||||||
echo "Error, you do not have access to update Codiad.";
|
echo "Error, you do not have access to update Codiad.";
|
||||||
|
@ -14,8 +14,13 @@ if ( ! checkAccess() ) {
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_settings_file = DATA . "/settings.php";
|
$user_settings_file = DATA . "/settings.php";
|
||||||
|
$projects_file = DATA . "/projects.php";
|
||||||
|
$projects_file = DATA . "/users.php";
|
||||||
|
|
||||||
$system_settings_file = null;
|
$system_settings_file = null;
|
||||||
$Settings = new Settings();
|
$Settings = new Settings();
|
||||||
|
$Common = new Common();
|
||||||
|
$Project = new Project();
|
||||||
|
|
||||||
if( file_exists( $user_settings_file ) ) {
|
if( file_exists( $user_settings_file ) ) {
|
||||||
|
|
||||||
|
@ -25,9 +30,18 @@ if( file_exists( $user_settings_file ) ) {
|
||||||
$Settings->username = $user;
|
$Settings->username = $user;
|
||||||
foreach( $settings as $setting => $value ) {
|
foreach( $settings as $setting => $value ) {
|
||||||
|
|
||||||
//echo var_dump( $setting, $value );
|
$Settings->update_option( $setting, $value, true );
|
||||||
$Settings->add_option( $setting, $value, true );
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
unlink( $user_settings_file );
|
unlink( $user_settings_file );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( file_exists( $projects_file ) ) {
|
||||||
|
|
||||||
|
$projects = getJSON( 'projects.php' );
|
||||||
|
foreach( $projects as $project => $data ) {
|
||||||
|
|
||||||
|
$Project->add_project( $data["name"], $data["path"], true );
|
||||||
|
}
|
||||||
|
unlink( $projects_file );
|
||||||
|
}
|
|
@ -6,8 +6,7 @@
|
||||||
* [root]/license.txt for more. This information must remain intact.
|
* [root]/license.txt for more. This information must remain intact.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
class User
|
class User {
|
||||||
{
|
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// PROPERTIES
|
// PROPERTIES
|
||||||
|
@ -32,20 +31,19 @@ class User
|
||||||
// Construct
|
// Construct
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function __construct()
|
public function __construct() {
|
||||||
{
|
|
||||||
$this->users = getJSON('users.php');
|
$this->users = getJSON( 'users.php' );
|
||||||
$this->actives = getJSON('active.php');
|
$this->actives = getJSON( 'active.php' );
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Authenticate
|
// Authenticate
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function Authenticate()
|
public function Authenticate() {
|
||||||
{
|
|
||||||
|
|
||||||
if ( ! is_dir( SESSIONS_PATH ) ) {
|
if( ! is_dir( SESSIONS_PATH ) ) {
|
||||||
|
|
||||||
mkdir( SESSIONS_PATH, 00755 );
|
mkdir( SESSIONS_PATH, 00755 );
|
||||||
}
|
}
|
||||||
|
@ -59,13 +57,11 @@ class User
|
||||||
$sessions_permissions = substr( sprintf( '%o', fileperms( SESSIONS_PATH ) ), -4 );
|
$sessions_permissions = substr( sprintf( '%o', fileperms( SESSIONS_PATH ) ), -4 );
|
||||||
$sessions_owner = posix_getpwuid( fileowner( SESSIONS_PATH ) );
|
$sessions_owner = posix_getpwuid( fileowner( SESSIONS_PATH ) );
|
||||||
|
|
||||||
if ( ! ( $sessions_owner === $server_user ) ) {
|
if( ! ( $sessions_owner === $server_user ) ) {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
|
||||||
chown( SESSIONS_PATH, $server_user );
|
chown( SESSIONS_PATH, $server_user );
|
||||||
echo( formatJSEND("error", "Error, incorrect owner of sessions folder. The sessions folder owner has been sucessfully changed. Please log in again." ) );
|
|
||||||
return;
|
|
||||||
} catch( Exception $e ) {
|
} catch( Exception $e ) {
|
||||||
|
|
||||||
echo( formatJSEND("error", "Error, incorrect owner of sessions folder. Expecting: $server_user, Recieved: " . $sessions_owner ) );
|
echo( formatJSEND("error", "Error, incorrect owner of sessions folder. Expecting: $server_user, Recieved: " . $sessions_owner ) );
|
||||||
|
@ -73,13 +69,11 @@ class User
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( ! in_array( $sessions_permissions, $permissions ) ) {
|
if( ! in_array( $sessions_permissions, $permissions ) ) {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
|
||||||
chmod( SESSIONS_PATH, 00755 );
|
chmod( SESSIONS_PATH, 00755 );
|
||||||
echo( formatJSEND("error", "Error, incorrect permissions on sessions folder. The sessions folder permissions have been sucessfully changed. Please log in again." ) );
|
|
||||||
return;
|
|
||||||
} catch( Exception $e ) {
|
} catch( Exception $e ) {
|
||||||
|
|
||||||
echo( formatJSEND("error", "Error, incorrect permissions on sessions folder. Expecting: 0755, Recieved: " . $sessions_permissions ) );
|
echo( formatJSEND("error", "Error, incorrect permissions on sessions folder. Expecting: 0755, Recieved: " . $sessions_permissions ) );
|
||||||
|
@ -88,10 +82,12 @@ class User
|
||||||
}
|
}
|
||||||
|
|
||||||
$pass = false;
|
$pass = false;
|
||||||
|
|
||||||
$this->EncryptPassword();
|
$this->EncryptPassword();
|
||||||
$users = getJSON('users.php');
|
$users = getJSON('users.php');
|
||||||
foreach ($users as $user) {
|
foreach( $users as $user ) {
|
||||||
if ($user['username']==$this->username && $user['password']==$this->password) {
|
|
||||||
|
if( $user['username'] == $this->username && $user['password'] == $this->password ) {
|
||||||
|
|
||||||
$pass = true;
|
$pass = true;
|
||||||
$_SESSION['id'] = SESSION_ID;
|
$_SESSION['id'] = SESSION_ID;
|
||||||
|
@ -100,7 +96,8 @@ class User
|
||||||
$_SESSION['theme'] = $this->theme;
|
$_SESSION['theme'] = $this->theme;
|
||||||
$_SESSION["login_session"] = true;
|
$_SESSION["login_session"] = true;
|
||||||
|
|
||||||
if ($user['project']!='') {
|
if($user['project']!='') {
|
||||||
|
|
||||||
$_SESSION['project'] = $user['project'];
|
$_SESSION['project'] = $user['project'];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -108,11 +105,12 @@ class User
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($pass) {
|
if( $pass ) {
|
||||||
|
|
||||||
echo formatJSEND("success", array("username"=>$this->username));
|
echo formatJSEND( "success", array( "username" => $this->username ) );
|
||||||
} else {
|
} else {
|
||||||
echo formatJSEND("error", "Incorrect Username or Password");
|
|
||||||
|
echo formatJSEND( "error", "Incorrect Username or Password" );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -127,20 +125,15 @@ class User
|
||||||
|
|
||||||
public static function checkDuplicateSessions( $username ) {
|
public static function checkDuplicateSessions( $username ) {
|
||||||
|
|
||||||
//ini_set('display_errors', 1);
|
|
||||||
//ini_set('display_startup_errors', 1);
|
|
||||||
//error_reporting(E_ALL);
|
|
||||||
session_write_close();
|
session_write_close();
|
||||||
$all_sessions = array();
|
$all_sessions = array();
|
||||||
$sessions = glob( SESSIONS_PATH . "/*" );
|
$sessions = glob( SESSIONS_PATH . "/*" );
|
||||||
session_id( SESSION_ID );
|
session_id( SESSION_ID );
|
||||||
// session_save_path( SESSIONS_PATH );
|
|
||||||
|
|
||||||
foreach( $sessions as $session ) {
|
foreach( $sessions as $session ) {
|
||||||
|
|
||||||
//echo var_dump( $session ) . "\n\n";
|
if( strpos( $session, "sess_") == false ) {
|
||||||
|
|
||||||
if ( strpos( $session, "sess_") == false ) {
|
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -154,7 +147,7 @@ class User
|
||||||
$_SESSION["id"] = $session;
|
$_SESSION["id"] = $session;
|
||||||
array_push( $all_sessions, $_SESSION );
|
array_push( $all_sessions, $_SESSION );
|
||||||
|
|
||||||
if ( isset( $_SESSION["user"] ) && $_SESSION["user"] === $username && isset( $_SESSION["login_session"] ) && $_SESSION["login_session"] === true && SESSION_ID !== session_id() ) {
|
if( isset( $_SESSION["user"] ) && $_SESSION["user"] === $username && isset( $_SESSION["login_session"] ) && $_SESSION["login_session"] === true && SESSION_ID !== session_id() ) {
|
||||||
|
|
||||||
session_destroy();
|
session_destroy();
|
||||||
} else {
|
} else {
|
||||||
|
@ -163,8 +156,6 @@ class User
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
//echo '{"status":"error","message":"' . print_r( $all_sessions ) . '"}';
|
|
||||||
|
|
||||||
session_id( SESSION_ID );
|
session_id( SESSION_ID );
|
||||||
session_start();
|
session_start();
|
||||||
}
|
}
|
||||||
|
@ -173,16 +164,18 @@ class User
|
||||||
// Create Account
|
// Create Account
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function Create()
|
public function Create() {
|
||||||
{
|
|
||||||
$this->EncryptPassword();
|
$this->EncryptPassword();
|
||||||
$pass = $this->checkDuplicate();
|
$pass = $this->checkDuplicate();
|
||||||
if ($pass) {
|
if( $pass ) {
|
||||||
$this->users[] = array("username"=>$this->username,"password"=>$this->password,"project"=>"");
|
|
||||||
saveJSON('users.php', $this->users);
|
$this->users[] = array( "username" => $this->username, "password" => $this->password, "project" => "" );
|
||||||
echo formatJSEND("success", array("username"=>$this->username));
|
saveJSON( 'users.php', $this->users );
|
||||||
|
echo formatJSEND( "success", array( "username" => $this->username ) );
|
||||||
} else {
|
} else {
|
||||||
echo formatJSEND("error", "The Username is Already Taken");
|
|
||||||
|
echo formatJSEND( "error", "The Username is Already Taken" );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -190,105 +183,121 @@ class User
|
||||||
// Delete Account
|
// Delete Account
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function Delete()
|
public function Delete() {
|
||||||
{
|
|
||||||
// Remove User
|
// Remove User
|
||||||
$revised_array = array();
|
$revised_array = array();
|
||||||
foreach ($this->users as $user => $data) {
|
foreach( $this->users as $user => $data ) {
|
||||||
if ($data['username']!=$this->username) {
|
|
||||||
$revised_array[] = array("username"=>$data['username'],"password"=>$data['password'],"project"=>$data['project']);
|
if( $data['username'] != $this->username ) {
|
||||||
|
|
||||||
|
$revised_array[] = array( "username" => $data['username'], "password" => $data['password'], "project" => $data['project'] );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Save array back to JSON
|
// Save array back to JSON
|
||||||
saveJSON('users.php', $revised_array);
|
saveJSON( 'users.php', $revised_array );
|
||||||
|
|
||||||
// Remove any active files
|
// Remove any active files
|
||||||
foreach ($this->actives as $active => $data) {
|
foreach( $this->actives as $active => $data ) {
|
||||||
if ($this->username==$data['username']) {
|
|
||||||
unset($this->actives[$active]);
|
if( $this->username == $data['username'] ) {
|
||||||
|
|
||||||
|
unset( $this->actives[$active] );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
saveJSON('active.php', $this->actives);
|
saveJSON( 'active.php', $this->actives );
|
||||||
|
|
||||||
// Remove access control list (if exists)
|
// Remove access control list (if exists)
|
||||||
if (file_exists(BASE_PATH . "/data/" . $this->username . '_acl.php')) {
|
if( file_exists( BASE_PATH . "/data/" . $this->username . '_acl.php' ) ) {
|
||||||
|
|
||||||
unlink(BASE_PATH . "/data/" . $this->username . '_acl.php');
|
unlink(BASE_PATH . "/data/" . $this->username . '_acl.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Response
|
// Response
|
||||||
echo formatJSEND("success", null);
|
echo formatJSEND( "success", null );
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Change Password
|
// Change Password
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function Password()
|
public function Password() {
|
||||||
{
|
|
||||||
$this->EncryptPassword();
|
$this->EncryptPassword();
|
||||||
$revised_array = array();
|
$revised_array = array();
|
||||||
foreach ($this->users as $user => $data) {
|
foreach( $this->users as $user => $data ) {
|
||||||
if ($data['username']==$this->username) {
|
|
||||||
$revised_array[] = array("username"=>$data['username'],"password"=>$this->password,"project"=>$data['project']);
|
if( $data['username'] == $this->username ) {
|
||||||
|
|
||||||
|
$revised_array[] = array( "username" => $data['username'], "password" => $this->password, "project" => $data['project'] );
|
||||||
} else {
|
} else {
|
||||||
$revised_array[] = array("username"=>$data['username'],"password"=>$data['password'],"project"=>$data['project']);
|
|
||||||
|
$revised_array[] = array( "username" => $data['username'], "password" => $data['password'], "project" => $data['project'] );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Save array back to JSON
|
// Save array back to JSON
|
||||||
saveJSON('users.php', $revised_array);
|
saveJSON( 'users.php', $revised_array );
|
||||||
// Response
|
// Response
|
||||||
echo formatJSEND("success", null);
|
echo formatJSEND( "success", null );
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Set Project Access
|
// Set Project Access
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function Project_Access()
|
public function Project_Access() {
|
||||||
{
|
|
||||||
// Access set to all projects
|
// Access set to all projects
|
||||||
if ($this->projects==0) {
|
if( $this->projects == 0 ) {
|
||||||
if (file_exists(BASE_PATH . "/data/" . $this->username . '_acl.php')) {
|
|
||||||
unlink(BASE_PATH . "/data/" . $this->username . '_acl.php');
|
|
||||||
}
|
|
||||||
// Access set to restricted list
|
// Access set to restricted list
|
||||||
|
if( file_exists( BASE_PATH . "/data/" . $this->username . '_acl.php' ) ) {
|
||||||
|
|
||||||
|
unlink( BASE_PATH . "/data/" . $this->username . '_acl.php' );
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
// Save array back to JSON
|
// Save array back to JSON
|
||||||
saveJSON($this->username . '_acl.php', $this->projects);
|
saveJSON( $this->username . '_acl.php', $this->projects );
|
||||||
}
|
}
|
||||||
// Response
|
// Response
|
||||||
echo formatJSEND("success", null);
|
echo formatJSEND( "success", null );
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Set Current Project
|
// Set Current Project
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function Project()
|
public function Project() {
|
||||||
{
|
|
||||||
$revised_array = array();
|
$revised_array = array();
|
||||||
foreach ($this->users as $user => $data) {
|
foreach( $this->users as $user => $data ) {
|
||||||
if ($this->username==$data['username']) {
|
|
||||||
$revised_array[] = array("username"=>$data['username'],"password"=>$data['password'],"project"=>$this->project);
|
if( $this->username == $data['username'] ) {
|
||||||
|
|
||||||
|
$revised_array[] = array( "username" => $data['username'], "password" => $data['password'], "project" => $this->project );
|
||||||
} else {
|
} else {
|
||||||
$revised_array[] = array("username"=>$data['username'],"password"=>$data['password'],"project"=>$data['project']);
|
|
||||||
|
$revised_array[] = array( "username" => $data['username'], "password" => $data['password'], "project" => $data['project'] );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Save array back to JSON
|
// Save array back to JSON
|
||||||
saveJSON('users.php', $revised_array);
|
saveJSON( 'users.php', $revised_array );
|
||||||
// Response
|
// Response
|
||||||
echo formatJSEND("success", null);
|
echo formatJSEND( "success", null );
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Check Duplicate
|
// Check Duplicate
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function CheckDuplicate()
|
public function CheckDuplicate() {
|
||||||
{
|
|
||||||
$pass = true;
|
$pass = true;
|
||||||
foreach ($this->users as $user => $data) {
|
foreach( $this->users as $user => $data ) {
|
||||||
if ($data['username']==$this->username) {
|
|
||||||
|
if( $data['username'] == $this->username ) {
|
||||||
|
|
||||||
$pass = false;
|
$pass = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -299,32 +308,34 @@ class User
|
||||||
// Verify Account Exists
|
// Verify Account Exists
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public function Verify()
|
public function Verify() {
|
||||||
{
|
|
||||||
$pass = 'false';
|
$pass = 'false';
|
||||||
foreach ($this->users as $user => $data) {
|
foreach( $this->users as $user => $data ) {
|
||||||
if ($this->username==$data['username']) {
|
|
||||||
|
if( $this->username == $data['username'] ) {
|
||||||
|
|
||||||
$pass = 'true';
|
$pass = 'true';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
echo($pass);
|
echo( $pass );
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Encrypt Password
|
// Encrypt Password
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
private function EncryptPassword()
|
private function EncryptPassword() {
|
||||||
{
|
|
||||||
$this->password = sha1(md5($this->password));
|
$this->password = sha1( md5( $this->password ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
// Clean username
|
// Clean username
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
public static function CleanUsername($username)
|
public static function CleanUsername( $username ) {
|
||||||
{
|
|
||||||
return preg_replace('#[^A-Za-z0-9'.preg_quote('-_@. ').']#', '', $username);
|
return preg_replace( '#[^A-Za-z0-9' . preg_quote( '-_@. ').']#', '', $username );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -183,7 +183,14 @@ if( defined( "SITE_NAME" ) && ! ( SITE_NAME === "" || SITE_NAME === null ) ) {
|
||||||
// AUTHENTICATED
|
// AUTHENTICATED
|
||||||
//////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
}else{
|
} else {
|
||||||
|
|
||||||
|
define( "USER_WORKSPACE", WORKSPACE . "/" . $_SESSION["user"] );
|
||||||
|
|
||||||
|
if( ! is_dir( USER_WORKSPACE ) ) {
|
||||||
|
|
||||||
|
mkdir( USER_WORKSPACE, 0755 );
|
||||||
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue