query( $query, $bind_variables, formatJSEND( "error", "Error checking project access." ) ); if( ! empty( $return ) ) { try { $users = json_decode( $return["access"] ); } catch( exception $e ) { $users = array(); } if( $return["owner"] == 'nobody' || $return["owner"] == $_SESSION["user"] || ( in_array( $_SESSION["user"], $users ) && ! empty( $users ) ) ) { $return = true; } else { $return = false; } } else { $return = false; } self::return( $return, $action ); } public static function get_user_id( $username ) { global $sql; $user_id = false; $query = "SELECT id FROM users WHERE username = ? LIMIT 1;"; $bind_variables = array( $username ); $return = $sql->query( $query, $bind_variables, array(), "fetch" ); if( ! empty( $return ) ) { $user_id = $return["id"]; } return $user_id; } public static function get_users( $return = "return", $exclude_current = false ) { global $sql; $query = "SELECT * FROM users"; $bind = ""; $bind_variables = array(); if( $exclude_current ) { $query .= " WHERE username!=?"; $bind .= "s"; array_push( $bind_variables, $_SESSION["user"] ); } $result = $sql->query( $query, $bind_variables, formatJSEND( "error", "Error checking users." ) ); if( ! empty( $result ) ) { switch( $return ) { case( "json" ): $return = json_encode( $result ); break; case( "return" ): $return = $result; break; } } else { $return = formatJSEND( "error", "Error selecting user information." ); } return( $return ); } public static function get_version() { return Update::VERSION; } public static function is_admin() { global $sql; $query = "SELECT COUNT( * ) FROM users WHERE username=? AND access=?;"; $bind_variables = array( $_SESSION["user"], "admin" ); $return = $sql->query( $query, $bind_variables, -1, 'fetchColumn' ); $admin = ( $return > 0 ); return $admin; } public static function logout() { if( isset( $_SESSION["user"] ) ) { global $sql; $query = "UPDATE users SET token=? WHERE username=?;"; $bind_variables = array( null, $_SESSION["user"] ); $return = $sql->query( $query, $bind_variables, formatJSEND( "error", "Error updating user information." ), 'fetchColumn' ); if( ! $return > 0 ) { $json = json_decode( $return, true ); echo( $return ); } } session_unset(); session_destroy(); session_start(); } ////////////////////////////////////////////////////////////////// // Search Users ////////////////////////////////////////////////////////////////// public static function search_users( $username, $return = "return", $exclude_current = false ) { global $sql; $query = "SELECT username FROM users WHERE username LIKE ?"; $bind_variables = array( "%{$username}%" ); if( $exclude_current ) { $query .= " AND username != ?"; array_push( $bind_variables, $_SESSION["user"] ); } $result = $sql->query( $query, $bind_variables, array() ); if( ! empty( $result ) ) { switch( $return ) { case( "exit" ): exit( formatJSEND( "success", $result ) ); break; case( "json" ): $return = json_encode( $result ); break; case( "return" ): $return = $result; break; } } else { switch( $return ) { case( "exit" ): exit( formatJSEND( "error", "Error selecting user information." ) ); break; case( "json" ): $return = formatJSEND( "error", "Error selecting user information." ); break; case( "return" ): $return = null; break; } } return( $return ); } ////////////////////////////////////////////////////////////////// // Start Sessions ////////////////////////////////////////////////////////////////// public static function start_session() { Common::construct(); //Set a Session Name session_name( md5( BASE_PATH ) ); session_save_path( SESSIONS_PATH ); session_start(); if( ! defined( 'SESSION_ID' ) ) { define( "SESSION_ID", session_id() ); } //Check for external authentification if( defined( 'AUTH_PATH' ) ) { require_once( AUTH_PATH ); } global $lang; if ( isset( $_SESSION['lang'] ) ) { include BASE_PATH . "/languages/{$_SESSION['lang']}.php"; } else { include BASE_PATH . "/languages/" . LANGUAGE . ".php"; } } public static function return( $output, $action = "return" ) { switch( $action ) { case( "exit" ): exit( $output ); break; case( "return" ): return( $output ); break; } } ////////////////////////////////////////////////////////////////// // Old Methods ////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////// // SESSIONS ////////////////////////////////////////////////////////////////// public static function startSession() { Common::construct(); //Set a Session Name session_name( md5( BASE_PATH ) ); session_save_path( SESSIONS_PATH ); session_start(); if( ! defined( 'SESSION_ID' ) ) { define( "SESSION_ID", session_id() ); } //Check for external authentification if( defined( 'AUTH_PATH' ) ) { require_once( AUTH_PATH ); } global $lang; if ( isset( $_SESSION['lang'] ) ) { include BASE_PATH . "/languages/{$_SESSION['lang']}.php"; } else { include BASE_PATH . "/languages/" . LANGUAGE . ".php"; } } ////////////////////////////////////////////////////////////////// // Read Content of directory ////////////////////////////////////////////////////////////////// public static function readDirectory( $foldername ) { $tmp = array(); $allFiles = scandir( $foldername ); foreach ( $allFiles as $fname ) { if( $fname == '.' || $fname == '..' ) { continue; } if( is_dir( $foldername . '/' . $fname ) ) { $tmp[] = $fname; } } return $tmp; } ////////////////////////////////////////////////////////////////// // Log debug message // Messages will be displayed in the console when the response is // made with the formatJSEND function. ////////////////////////////////////////////////////////////////// public static function debug( $message ) { Common::$debugMessageStack[] = $message; } ////////////////////////////////////////////////////////////////// // URLs ////////////////////////////////////////////////////////////////// public static function getConstant( $key, $default = null ) { return defined( $key ) ? constant( $key ) : $default; } ////////////////////////////////////////////////////////////////// // Localization ////////////////////////////////////////////////////////////////// public static function i18n( $key, $args = array() ) { echo Common::get_i18n( $key, $args ); } public static function get_i18n( $key, $args = array() ) { global $lang; $key = ucwords( strtolower( $key ) ); //Test, test TeSt and tESt are exacly the same $return = isset( $lang[$key] ) ? $lang[$key] : $key; foreach( $args as $k => $v ) { $return = str_replace( "%{" . $k . "}%", $v, $return ); } return $return; } ////////////////////////////////////////////////////////////////// // Check Session / Key ////////////////////////////////////////////////////////////////// public static function checkSession() { $pass = false; if( isset( $_SESSION["token"] ) && isset( $_SESSION["user"] ) ) { global $sql; $query = "SELECT COUNT( * ) FROM users WHERE username=? AND token=?;"; $bind_variables = array( $_SESSION["user"], sha1( $_SESSION["token"] ) ); $return = $sql->query( $query, $bind_variables, formatJSEND( "error", "Error checking access." ), "fetchColumn" ); if( $return > 0 ) { $pass = true; } } if( ! $pass ) { logout(); exit( '{"status":"error","message":"Authentication Error"}' ); } } ////////////////////////////////////////////////////////////////// // Get JSON ////////////////////////////////////////////////////////////////// public static function getJSON( $file, $namespace = "" ) { $path = DATA . "/"; if( $namespace != "" ) { $path = $path . $namespace . "/"; $path = preg_replace( '#/+#', '/', $path ); } $json = file_get_contents( $path . $file ); $json = str_replace( ["\n\r", "\r", "\n"], "", $json ); $json = str_replace( "|*/?>", "", str_replace( ""; $write = fopen( $path . $file, 'w' ) or die( "can't open file " . $path . $file ); fwrite( $write, $data ); fclose( $write ); } ////////////////////////////////////////////////////////////////// // Format JSEND Response ////////////////////////////////////////////////////////////////// public static function formatJSEND( $status, $data = false ) { /// Debug ///////////////////////////////////////////////// $debug = ""; if( count( Common::$debugMessageStack ) > 0 ) { $debug .= ',"debug":'; $debug .= json_encode( Common::$debugMessageStack ); } if( $status == "success" ) { // Success /////////////////////////////////////////////// if( $data ) { $jsend = '{"status":"success","data":' . json_encode( $data ) . $debug . '}'; } else { $jsend = '{"status":"success","data":null' . $debug . '}'; } } else { // Error ///////////////////////////////////////////////// $jsend = '{"status":"' . $status . '","message":"' . $data . '"' . $debug . '}'; } // Return //////////////////////////////////////////////// return $jsend; } ////////////////////////////////////////////////////////////////// // Check Function Availability ////////////////////////////////////////////////////////////////// public static function checkAccess() { return self::is_admin(); } ////////////////////////////////////////////////////////////////// // Check Path ////////////////////////////////////////////////////////////////// public static function checkPath( $path ) { return Permissions::has_manager( $path ); } ////////////////////////////////////////////////////////////////// // Check Function Availability ////////////////////////////////////////////////////////////////// public static function isAvailable( $func ) { if ( ini_get( 'safe_mode' ) ) { return false; } $disabled = ini_get( 'disable_functions' ); if ( $disabled ) { $disabled = explode( ',', $disabled ); $disabled = array_map( 'trim', $disabled ); return ! in_array( $func, $disabled ); } return true; } ////////////////////////////////////////////////////////////////// // Check If Path is absolute ////////////////////////////////////////////////////////////////// public static function isAbsPath( $path ) { return( ( isset( $path[0] ) && $path[0] === '/' ) || ( isset( $path[1] ) && $path[1] === ':' ) ) ? true : false; } ////////////////////////////////////////////////////////////////// // Check If WIN based system ////////////////////////////////////////////////////////////////// public static function isWINOS( ) { return( strtoupper( substr( PHP_OS, 0, 3 ) ) === 'WIN' ); } } ////////////////////////////////////////////////////////////////// // Wrapper for old method names ////////////////////////////////////////////////////////////////// function checkAccess() { return Common::checkAccess(); } function checkPath( $path ) { return Common::checkPath($path); } function checkSession() { Common::checkSession(); } function debug( $message ) { Common::debug( $message ); } function formatJSEND( $status, $data=false ){ return Common::formatJSEND($status,$data); } function get_i18n( $key, $args = array() ) { return Common::get_i18n($key, $args); } function get_user_id( $username ) { return Common::get_user_id( $username ); } function get_users( $return = "return", $exclude_current = false ) { return Common::get_users( $return, $exclude_current ); } function get_version() { return Common::get_version(); } function getJSON( $file,$namespace=""){ return Common::getJSON( $file, $namespace ); } function i18n( $key, $args = array() ) { echo Common::i18n( $key, $args ); } function is_admin() { return Common::is_admin(); } function isAvailable( $func ) { return Common::isAvailable( $func ); } function logout() { return Common::logout(); } function saveJSON( $file, $data, $namespace="" ){ Common::saveJSON( $file, $data, $namespace ); } function search_users( $username, $return = "return", $exclude_current = false ) { return Common::search_users( $username, $return, $exclude_current ); } ?>