From 994819e05d58e06c5edef5943735927ba34394dc Mon Sep 17 00:00:00 2001
From: xevidos <xevidos@gmail.com>
Date: Tue, 11 Dec 2018 17:58:01 -0500
Subject: [PATCH] Updated updater for database update.

---
 components/install/process.php | 204 +++++++++++++++++++++++++++++++--
 components/update/convert.php  |  27 -----
 components/update/update.php   | 154 +++++++++++++++++++++++++
 3 files changed, 348 insertions(+), 37 deletions(-)
 delete mode 100755 components/update/convert.php

diff --git a/components/install/process.php b/components/install/process.php
index a9abad6..b5f7c51 100755
--- a/components/install/process.php
+++ b/components/install/process.php
@@ -88,6 +88,163 @@ if ( ( file_exists( $user_settings_file ) || file_exists( $projects_file ) || fi
 	}
 	$timezone = $_POST['timezone'];
 	
+	$dbhost = $_POST['DBHOST'];
+	$dbname = $_POST['DBNAME'];
+	$dbuser = $_POST['DBUSER'];
+	$dbpass = $_POST['DBPASS'];
+	
+	$connection = mysqli_connect( $dbhost, $dbuser, $dbpass, $dbname ) or die ( formatJSEND( "error", 'Error connecting to mysql database.  Please contact the website administrator.' ) );
+	$bind_vars = array();
+	$bind = "";
+	$sql = "
+-- phpMyAdmin SQL Dump
+-- version 4.6.6deb5
+-- https://www.phpmyadmin.net/
+--
+-- Host: localhost:3306
+-- Generation Time: Dec 11, 2018 at 05:31 PM
+-- Server version: 5.7.24-0ubuntu0.18.04.1
+-- PHP Version: 7.2.10-0ubuntu0.18.04.1
+
+SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';
+SET time_zone = '+00:00';
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `code_test`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `options`
+--
+
+CREATE TABLE IF NOT EXISTS `options` (
+  `id` int(11) NOT NULL,
+  `name` varchar(255) NOT NULL,
+  `value` text NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `projects`
+--
+
+CREATE TABLE IF NOT EXISTS `projects` (
+  `id` int(11) NOT NULL,
+  `name` varchar(255) NOT NULL,
+  `path` varchar(255) NOT NULL,
+  `owner` varchar(255) NOT NULL,
+  `access` text
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE IF NOT EXISTS `users` (
+  `id` int(11) NOT NULL,
+  `first_name` varchar(255) DEFAULT NULL,
+  `last_name` varchar(255) DEFAULT NULL,
+  `username` varchar(255) NOT NULL,
+  `password` text NOT NULL,
+  `email` varchar(255) DEFAULT NULL,
+  `project` varchar(255) DEFAULT NULL,
+  `access` varchar(255) NOT NULL,
+  `groups` text,
+  `token` text
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Table structure for table `user_options`
+--
+
+CREATE TABLE IF NOT EXISTS `user_options` (
+  `id` int(11) NOT NULL,
+  `name` varchar(255) NOT NULL,
+  `username` varchar(255) NOT NULL,
+  `value` text NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `options`
+--
+ALTER TABLE `options`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `option_name` (`name`);
+
+--
+-- Indexes for table `projects`
+--
+ALTER TABLE `projects`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `project_path` (`path`,`owner`);
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `username` (`username`);
+
+--
+-- Indexes for table `user_options`
+--
+ALTER TABLE `user_options`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `option_name` (`name`,`username`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `options`
+--
+ALTER TABLE `options`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
+--
+-- AUTO_INCREMENT for table `projects`
+--
+ALTER TABLE `projects`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=41;
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=79;
+--
+-- AUTO_INCREMENT for table `user_options`
+--
+ALTER TABLE `user_options`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2541;
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
+";
+	$result = mysqli_prepare( $connection, $sql ) or die( $error );
+	
+	$result->bind_param( $bind, ...$bind_variables );
+	$result->execute();
+	
+	if( $connection->error ) {
+		
+		$return = formatJSEND( "error", $connection->error );
+	}
+	
 	//////////////////////////////////////////////////////////////////
 	// Create Projects files
 	//////////////////////////////////////////////////////////////////
@@ -119,9 +276,44 @@ if ( ( file_exists( $user_settings_file ) || file_exists( $projects_file ) || fi
 			}
 		}
 	}
-	$project_data = array("name"=>$project_name,"path"=>$project_path);
 	
-	saveJSON($projects, array($project_data));
+	$bind_vars = array(
+		$project_name,
+		$project_path,
+		$username
+	);
+	$bind = "sss";
+	$sql = "INSERT INTO `projects`(`name`, `path`, `owner`) VALUES (?,?,?)";
+	$result = mysqli_prepare( $connection, $sql ) or die( $error );
+	$result->bind_param( $bind, ...$bind_variables );
+	$result->execute();
+	
+	if( $connection->error ) {
+		
+		$return = formatJSEND( "error", $connection->error );
+	}
+	
+	$bind_vars = array(
+		"",
+		"",
+		$username,
+		$password,
+		"",
+		$project_path,
+		"admin",
+		"",
+		""
+	);
+	$bind = "sssssssss";
+	$sql = "INSERT INTO `users`(`first_name`, `last_name`, `username`, `password`, `email`, `project`, `access`, `groups`, `token`) VALUES (?,?,?,PASSWORD(?),?,?,?,?,?)";
+	$result = mysqli_prepare( $connection, $sql ) or die( $error );
+	$result->bind_param( $bind, ...$bind_variables );
+	$result->execute();
+	
+	if( $connection->error ) {
+		
+		$return = formatJSEND( "error", $connection->error );
+	}
 	
 	/**
 	* Create sessions path.
@@ -132,14 +324,6 @@ if ( ( file_exists( $user_settings_file ) || file_exists( $projects_file ) || fi
 		mkdir( $sessions, 00755 );
 	}
 	
-	//////////////////////////////////////////////////////////////////
-	// Create Users file
-	//////////////////////////////////////////////////////////////////
-	
-	$user_data = array("username"=>$username,"password"=>$password,"project"=>$project_path);
-	
-	saveJSON($users, array($user_data));
-	
 	//////////////////////////////////////////////////////////////////
 	// Create Active file
 	//////////////////////////////////////////////////////////////////
diff --git a/components/update/convert.php b/components/update/convert.php
deleted file mode 100755
index 75248b4..0000000
--- a/components/update/convert.php
+++ /dev/null
@@ -1,27 +0,0 @@
-<?php
-
-ini_set('display_errors', 1);
-ini_set('display_startup_errors', 1);
-error_reporting(E_ALL);
-
-require_once('../../common.php');
-require_once('../settings/class.settings.php');
-require_once('../project/class.project.php');
-require_once('../user/class.user.php');
-
-checkSession();
-if ( ! checkAccess() ) {
-	echo "Error, you do not have access to update Codiad.";
-	exit;
-}
-
-$user_settings_file = DATA . "/settings.php";
-$projects_file = DATA . "/projects.php";
-$users_file = DATA . "/users.php";
-
-$system_settings_file = null;
-$Settings = new Settings();
-$Common = new Common();
-$Project = new Project();
-$User = new User();
-
diff --git a/components/update/update.php b/components/update/update.php
index 4be7ee0..88c30b7 100755
--- a/components/update/update.php
+++ b/components/update/update.php
@@ -129,6 +129,160 @@ class updater {
 		require_once('../settings/class.settings.php');
 		require_once('../project/class.project.php');
 		require_once('../user/class.user.php');
+		$Settings = new Settings();
+		$Project = new Project();
+		$User = new User();
+		$connection = $Settings->connect();
+		
+			$sql = "
+-- phpMyAdmin SQL Dump
+-- version 4.6.6deb5
+-- https://www.phpmyadmin.net/
+--
+-- Host: localhost:3306
+-- Generation Time: Dec 11, 2018 at 05:31 PM
+-- Server version: 5.7.24-0ubuntu0.18.04.1
+-- PHP Version: 7.2.10-0ubuntu0.18.04.1
+
+SET SQL_MODE = 'NO_AUTO_VALUE_ON_ZERO';
+SET time_zone = '+00:00';
+
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+
+--
+-- Database: `code_test`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `options`
+--
+
+CREATE TABLE IF NOT EXISTS `options` (
+  `id` int(11) NOT NULL,
+  `name` varchar(255) NOT NULL,
+  `value` text NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `projects`
+--
+
+CREATE TABLE IF NOT EXISTS `projects` (
+  `id` int(11) NOT NULL,
+  `name` varchar(255) NOT NULL,
+  `path` varchar(255) NOT NULL,
+  `owner` varchar(255) NOT NULL,
+  `access` text
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE IF NOT EXISTS `users` (
+  `id` int(11) NOT NULL,
+  `first_name` varchar(255) DEFAULT NULL,
+  `last_name` varchar(255) DEFAULT NULL,
+  `username` varchar(255) NOT NULL,
+  `password` text NOT NULL,
+  `email` varchar(255) DEFAULT NULL,
+  `project` varchar(255) DEFAULT NULL,
+  `access` varchar(255) NOT NULL,
+  `groups` text,
+  `token` text
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Table structure for table `user_options`
+--
+
+CREATE TABLE IF NOT EXISTS `user_options` (
+  `id` int(11) NOT NULL,
+  `name` varchar(255) NOT NULL,
+  `username` varchar(255) NOT NULL,
+  `value` text NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+--
+-- Indexes for dumped tables
+--
+
+--
+-- Indexes for table `options`
+--
+ALTER TABLE `options`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `option_name` (`name`);
+
+--
+-- Indexes for table `projects`
+--
+ALTER TABLE `projects`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `project_path` (`path`,`owner`);
+
+--
+-- Indexes for table `users`
+--
+ALTER TABLE `users`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `username` (`username`);
+
+--
+-- Indexes for table `user_options`
+--
+ALTER TABLE `user_options`
+  ADD PRIMARY KEY (`id`),
+  ADD UNIQUE KEY `option_name` (`name`,`username`);
+
+--
+-- AUTO_INCREMENT for dumped tables
+--
+
+--
+-- AUTO_INCREMENT for table `options`
+--
+ALTER TABLE `options`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
+--
+-- AUTO_INCREMENT for table `projects`
+--
+ALTER TABLE `projects`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=41;
+--
+-- AUTO_INCREMENT for table `users`
+--
+ALTER TABLE `users`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=79;
+--
+-- AUTO_INCREMENT for table `user_options`
+--
+ALTER TABLE `user_options`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2541;
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
+";
+	$bind = "";
+	$bind_param = array();
+	$result = mysqli_prepare( $connection, $sql ) or die( $error );
+	$result->bind_param( $bind, ...$bind_variables );
+	$result->execute();
+	
+	if( $connection->error ) {
+		
+		$return = formatJSEND( "error", $connection->error );
+	}
 		
 		if( file_exists( $user_settings_file ) ) {