Continued work on sql library, started refactor of install process to support new library.

This commit is contained in:
xevidos 2019-04-07 20:58:53 -04:00
parent 2d0f4e0286
commit 5bfe7ea545
9 changed files with 497 additions and 42 deletions

View File

@ -559,12 +559,32 @@ class Common {
public static function checkPath( $path ) {
global $sql;
$query = "SELECT * FROM projects WHERE LOCATE( path, ? ) > 0 LIMIT 1;";
$bind_variables = array( $path );
$result = $sql->query( $query, $bind_variables, array() )[0];
//$query = "SELECT * FROM projects WHERE LOCATE( path, ? ) > 0 LIMIT 1;";
//$bind_variables = array( $path );
//$result = $sql->query( $query, $bind_variables, array() )[0];
$result = $sql->select(
"projects",
array(),
array(
array(
"find",
"[path]",
$path,
array(
"more than",
0
)
),
array(
"limit",
1
)
)
);
if( ! empty( $result ) ) {
$result = $result[0];
try {
$users = json_decode( $result["access"] );

View File

@ -54,6 +54,8 @@
//}
/* Notify listeners. */
amplify.publish('active.onFileWillAppear', {path: path});
if (focus === undefined) {
focus = true;
@ -376,6 +378,9 @@
moveToTabList = true;
}
/* Notify listeners. */
amplify.publish('active.onWillFocus', path);
this.highlightEntry(path, moveToTabList);
if(path != this.getPath()) {

View File

@ -440,6 +440,10 @@
//////////////////////////////////////////////////////////////////
openFile: function(path, focus) {
/* Notify listeners. */
amplify.publish('filemanager.onFileWillOpen', {path: path});
if (focus === undefined) {
focus = true;
}

View File

@ -5,7 +5,9 @@ class Install {
public $active = "";
public $config = "";
public $db_types = array();
public $path = "";
public $projects = "";
public $rel = "";
public $sessions = "";
public $sql = null;
public $users = "";
@ -14,13 +16,15 @@ class Install {
function __construct() {
$path = $_POST['path'];
$rel = str_replace( '/components/install/process.php', '', $_SERVER['REQUEST_URI'] );
$rel = str_replace( '/components/install/install.php', '', $_SERVER['REQUEST_URI'] );
$this->active = $path . "/data/active.php";
$this->config = $path . "/config.php";
$this->projects = $path . "/data/projects.php";
$this->path = $path;
$this->sessions = $path . "/data/sessions";
$this->users = $path . "/data/users.php";
$this->rel = $rel;
$this->workspace = $path . "/workspace";
$this->db_types = sql::db_types;
@ -28,6 +32,7 @@ class Install {
require_once( "../sql/class.sql.php" );
$this->sql = new sql();
$this->install();
}
function check() {
@ -50,6 +55,263 @@ class Install {
}
}
function clean_path( $path ) {
// prevent Poison Null Byte injections
$path = str_replace( chr( 0 ), '', $path );
// prevent go out of the workspace
while ( strpos( $path, '../' ) !== false ) {
$path = str_replace( '../', '', $path );
}
return $path;
}
function clean_username( $username ) {
return strtolower( preg_replace( '#[^A-Za-z0-9' . preg_quote( '-_@. ').']#', '', $username ) );
}
function create_config() {
$config_data = '<?php
/*
* Copyright (c) Codiad & Kent Safranski (codiad.com), Isaac Brown (telaaedifex.com),
* distributed as-is and without warranty under the MIT License. See
* [root]/license.txt for more. This information must remain intact.
*/
//////////////////////////////////////////////////////////////////
// CONFIG
//////////////////////////////////////////////////////////////////
// PATH TO CODIAD
define("BASE_PATH", "' . $this->path . '");
// BASE URL TO CODIAD (without trailing slash)
define("BASE_URL", "' . $_SERVER["HTTP_HOST"] . $this->rel . '");
// THEME : default, modern or clear (look at /themes)
define("THEME", "default");
// ABSOLUTE PATH
define("WHITEPATHS", BASE_PATH . ",/home");
// SESSIONS (e.g. 7200)
$cookie_lifetime = "0";
// TIMEZONE
date_default_timezone_set("' . $_POST['timezone'] . '");
// External Authentification
//define("AUTH_PATH", "/path/to/customauth.php");
// Site Name
define("SITE_NAME", "' . $_POST['site_name'] . '");
// Database Information
define( "DBHOST", "' . $_POST['dbhost'] . '" );
define( "DBNAME", "' . $_POST['dbname'] . '" );
define( "DBUSER", "' . $_POST['dbuser'] . '" );
define( "DBPASS", "' . $_POST['dbpass'] . '" );
define( "DBTYPE", "' . $_POST['dbtype'] . '" );
//////////////////////////////////////////////////////////////////
// ** DO NOT EDIT CONFIG BELOW **
//////////////////////////////////////////////////////////////////
// PATHS
define("COMPONENTS", BASE_PATH . "/components");
define("PLUGINS", BASE_PATH . "/plugins");
define("THEMES", BASE_PATH . "/themes");
define("DATA", BASE_PATH . "/data");
define("WORKSPACE", BASE_PATH . "/workspace");
// URLS
define("WSURL", BASE_URL . "/workspace");
// Marketplace
//define("MARKETURL", "http://market.codiad.com/json");
';
saveFile( $config, $config_data );
echo( "success" );
}
function create_project() {
$project_path = $this->clean_path( $project_path );
if ( ! $this->is_abs_path( $project_path ) ) {
$project_path = str_replace( " ", "_", preg_replace( '/[^\w-\.]/', '', $project_path ) );
if( ! is_dir( $workspace . "/" . $project_path ) ) {
mkdir( $workspace . "/" . $project_path );
}
} else {
if ( substr( $project_path, -1 ) == '/' ) {
$project_path = substr( $project_path, 0, strlen( $project_path ) - 1 );
}
if ( ! file_exists( $project_path ) ) {
if ( ! mkdir( $project_path . '/', 0755, true ) ) {
die( '{"message": "Unable to create Absolute Path"}' );
}
} else {
if ( ! is_writable( $project_path ) || ! is_readable( $project_path ) ) {
die( '{"message": "No Read/Write Permission"}' );
}
}
}
$bind_variables = array(
$project_name,
$project_path,
$username
);
$query = "INSERT INTO projects(name, path, owner) VALUES (?,?,?);";
$statement = $connection->prepare( $query );
$statement->execute( $bind_variables );
$error = $statement->errorInfo();
if( ! $error[0] == "00000" ) {
die( '{"message":"Could not create project in database.","error":"' . addslashes(json_encode( $error )) .'"}' );
}
}
function create_tables() {
$this->sql->create_tables(
array(
"options" => array(
"fields" => array(
"id" => "int",
"name" => "string",
"value" => "text",
),
"attributes" => array(
"id" => array( "id" ),
"name" => array( "not null", "unique" ),
"value" => array( "not null" ),
)
),
"projects" => array(
"fields" => array(
"id" => "int",
"name" => "string",
"path" => "text",
"owner" => "string",
"access" => "string",
),
"attributes" => array(
"id" => array( "id" ),
"name" => array( "not null" ),
"path" => array( "not null", "unique" ),
"owner" => array( "not null", "unique" ),
"access" => array( "not null" ),
)
),
"users" => array(
"fields" => array(
"id" => "int",
"first_name" => "string",
"last_name" => "string",
"username" => "string",
"password" => "text",
"email" => "string",
"project" => "string",
"access" => "string",
"groups" => "string",
"token" => "string",
),
"attributes" => array(
"id" => array( "id" ),
"username" => array( "not null", "unique" ),
"password" => array( "not null" ),
"access" => array( "not null" ),
)
),
"user_options" => array(
"fields" => array(
"id" => "int",
"name" => "string",
"username" => "string",
"value" => "text",
),
"attributes" => array(
"id" => array( "id" ),
"name" => array( "not null", "unique" ),
"username" => array( "not null", "unique" ),
"value" => array( "not null" ),
)
),
)
);
}
function create_user() {
$bind_variables = array(
"",
"",
$username,
$password,
"",
$project_path,
"admin",
"",
""
);
$query = "INSERT INTO users(first_name, last_name, username, password, email, project, access, groups, token) VALUES (?,?,?,?,?,?,?,?,?)";
$statement = $connection->prepare( $query );
$statement->execute( $bind_variables );
$error = $statement->errorInfo();
if( ! $error[0] == "00000" ) {
die( '{"message":"Could not create user in database.","error":"' . addslashes(json_encode( $error )) .'"}' );
}
}
function is_abs_path( $path ) {
return $path[0] === '/';
}
function install() {
$project_name = $_POST['project_name'];
if ( isset( $_POST['project_path'] ) ) {
$project_path = $_POST['project_path'];
} else {
$project_path = $project_name;
}
$timezone = $_POST['timezone'];
$dbtype = $_POST['dbtype'];
$dbhost = $_POST['dbhost'];
$dbname = $_POST['dbname'];
$dbuser = $_POST['dbuser'];
$dbpass = $_POST['dbpass'];
$connection = $this->sql->connect();
$this->create_tables();
$this->create_project();
$this->create_user();
$this->create_config();
}
function JSEND( $message, $error=null ) {
$message = array(

View File

@ -7,6 +7,8 @@
* [root]/license.txt for more. This information must remain intact.
*/
require_once( "./install.php" );
$path = rtrim(str_replace("index.php", "", $_SERVER['SCRIPT_FILENAME']), "/");
$workspace = is_writable($path . "/workspace");
@ -49,14 +51,6 @@ $autocomplete = array(
'dbtype' => 'mysql',
);
//Valid databases Codiad is able to use
$aValidDBType = [
'MySQL'=>'mysql'
,'PostgreSQL'=>'pgsql'
,'SQLite'=>'sqlite'
];
if (!empty($query)) {
$params = explode('&', $query);
foreach ($params as $param) {

View File

@ -77,10 +77,6 @@ class Settings {
"name" => "codiad.settings.autosave",
"value" => "true",
),
array(
"name" => "codiad.settings.plugin.sync",
"value" => "true",
),
);
//////////////////////////////////////////////////////////////////
@ -211,7 +207,6 @@ class Settings {
public function update_option( $option, $value, $user_setting = true ) {
global $sql;
if( $user_setting == null ) {
$query = "INSERT INTO options ( name, username, value ) VALUES ( ?, ? );";

View File

@ -140,6 +140,19 @@
option: option,
value: value
},
success: function( data ) {
console.log( "Data: " + data )
},
error: function(jqXHR, textStatus, errorThrown) {
console.log('jqXHR:');
console.log(jqXHR);
console.log('textStatus:');
console.log(textStatus);
console.log('errorThrown:');
console.log(errorThrown);
},
});
},

View File

@ -76,6 +76,13 @@ class sql_conversions {
"pgsql" => "!=",
"sqlite" => "!=",
),
"where" => array(
"mysql" => "WHERE",
"pgsql" => "WHERE",
"sqlite" => "WHERE",
),
);
public $data_types = array(
@ -109,6 +116,16 @@ class sql_conversions {
),
);
public $general = array(
"from" => array(
"mysql" => "FROM",
"pgsql" => "FROM",
"sqlite" => "FROM",
),
);
public $specials = array(
"id" => array(
@ -148,9 +165,9 @@ class sql_conversions {
"unique" => array(
"mysql" => "CONSTRAINT %constraint_name% UNIQUE ( %field_names% )",
"pgsql" => "UNIQUE",
"sqlite" => "UNIQUE",
"mysql" => "CONSTRAINT '%constraint_name%' UNIQUE ( %field_names% )",
"pgsql" => "CONSTRAINT '%constraint_name%' UNIQUE ( %field_names% )",
"sqlite" => "CONSTRAINT '%constraint_name%' UNIQUE ( %field_names% )",
),
);
@ -173,11 +190,33 @@ class sql_conversions {
),
);
public function find( $string, $substring ) {
public function check_field( $needle, $haystack ) {
$field = preg_replace_callback(
// Matches parts to be replaced: '[field]'
'/(\[.*?\])/',
// Callback function. Use 'use()' or define arrays as 'global'
function( $matches ) use ( $haystack ) {
// Remove square brackets from the match
// then use it as variable name
$match = trim( $matches[1], "[]" );
return $match;
},
// Input string to search in.
$needle
);
if( $field === $needle ) {
$field = false;
}
return $field;
}
public function find( $substring, $string ) {
$dbtype = DBTYPE;
$id_close = $this->wraps["close"][$dbtype];
$id_open = $this->wraps["open"][$dbtype];
$find_string = $this->actions["find"][$dbtype];
$find_string = str_replace( "%string%", $string, $find_string );
$find_string = str_replace( "%substring%", $substring, $find_string );
@ -185,6 +224,108 @@ class sql_conversions {
return $find_string;
}
public function select( $table, $fields, $where ) {
$dbtype = DBTYPE;
$id_close = $this->wraps["close"][$dbtype];
$id_open = $this->wraps["open"][$dbtype];
$query = $this->actions["select"][$dbtype] . " ";
$bind_vars = array();
if( empty( $fields ) ) {
$query .= " * ";
}
foreach( $fields as $field ) {
$query .= $field . ",";
}
$query = substr( $query, 0, -1 );
$query .= " {$this->general["from"][$dbtype]} {$table} ";
if( ! empty( $where ) ) {
$query .= " {$this->comparisons["where"][$dbtype]} ";
}
foreach( $where as $comparison ) {
$comparison_string = "";
//Put a replace of %% symbols with fields and open / close
if( $comparison[0] == "find" ) {
$c1 = $this->check_field( $comparison[1], $fields );
$c2 = $this->check_field( $comparison[2], $fields );
$c3 = $this->check_field( $comparison[3][1], $fields );
if( ! $c1 === FALSE ) {
$c1 = $id_open . $c1 . $id_close;
} else {
$c1 = "?";
array_push( $bind_vars, $comparison[1] );
}
if( ! $c2 === FALSE ) {
$c2 = $id_open . $c2 . $id_close;
} else {
$c2 = "?";
array_push( $bind_vars, $comparison[2] );
}
if( ! $c3 === FALSE ) {
$c3 = $id_open . $c3 . $id_close;
} else {
$c3 = "?";
array_push( $bind_vars, $comparison[3][1] );
}
$c0 = $this->find( $c1, $c2 );
$comparison_string .= "{$c0} {$this->comparisons[$comparison[3][0]][$dbtype]} {$c3}";
} elseif( $comparison[0] == "in" ) {
} elseif( $comparison[0] == "limit" ) {
} else {
if( in_array( $fields, $comparison[1] ) ) {
$comparison[1] = $id_open . $comparison[1] . $id_close;
}
if( in_array( $fields, $comparison[3] ) ) {
$comparison[3] = $id_open . $comparison[3] . $id_close;
}
$comparison_string .= "{$comparison[1]} {$this->$comparisons[$comparison[0]][$dbtype]} {$comparison[2]}";
}
$index = array_search( $comparison, $where );
if( $index ) {
} else {
$query .= "{$comparison_string} ";
}
}
//$query = substr( $query, 0, -1 );
$query .= ";";
return array( $query, $bind_vars );
}
public function table( $table_name, $fields, $attributes ) {
$dbtype = DBTYPE;
@ -201,7 +342,7 @@ class sql_conversions {
$attribute_string = $this->specials["$attribute"][$dbtype];
if( $attribute == "unique" && $dbtype == "mysql" ) {
if( $attribute == "unique" ) {
continue;
}
@ -228,9 +369,6 @@ class sql_conversions {
$query .= ",";
}
if( $dbtype == "mysql" ) {
$constraint_name = "";
$id_close = $this->wraps["close"][$dbtype];
$id_open = $this->wraps["open"][$dbtype];
$fields_string = "";
@ -247,10 +385,10 @@ class sql_conversions {
$fields_string .= "{$id_open}{$id}{$id_close},";
}
}
$unique_string = str_replace( "%constraint_name%", $constraint_name, $unique_string );
$unique_string = str_replace( "%constraint_name%", $fields_string, $unique_string );
$unique_string = str_replace( "%field_names%", $fields_string, $unique_string );
$query .= $unique_string;
}
$query = substr( $query, 0, -1 );
$query .= ");";
@ -267,6 +405,11 @@ class sql_conversions {
}
return( $query );
}
public function update( $table, $fields, $where ) {
}
}
?>

View File

@ -77,7 +77,8 @@ class sql {
*/
$query = $this->conversions->tables( $table );
echo var_dump( $query );
//echo var_dump( $query ) . "<br>";
$result = $this->query( $query, array(), array() );
}
public static function escape_identifier( $i ) {
@ -109,6 +110,22 @@ class sql {
return self::$instance;
}
public function select( $table, $fields=array(), $where=array() ) {
$array = $this->conversions->select( $table, $fields, $where );
$query = $array[0];
$bind_vars = $array[1];
$result = $this->query( $query, $bind_vars, array() );
//echo var_dump( $query, $bind_vars ) . "<br>";
return $result;
}
public function update( $table, $fields=array(), $where=array() ) {
$query = $this->conversions->update( $table, $fields, $where );
//echo var_dump( $query ) . "<br>";
}
public function query( $query, $bind_variables, $default, $action='fetchAll' ) {
$connection = $this->connect();
@ -146,6 +163,8 @@ class sql {
$return = $default;
}
//echo var_dump( $error, $return );
$this->close();
return( $return );
}