webcraftmedia/system
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

#125 token system, security rework, system.js reflect all calls

Browse Source
This commit is contained in:
Ulf Gebhardt 2016-06-05 06:47:19 +02:00
parent e647ed4082
commit 9f712a52c1
50 changed files with 734 additions and 383 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
api/api.php
View File

@ -1,12 +1,36 @@
<?php
/**
* System - PHP Framework
*
* PHP Version 5.6
*
* @copyright 2016 Ulf Gebhardt (http://www.webcraft-media.de)
* @license http://www.opensource.org/licenses/mit-license.php MIT
* @link https://github.com/webcraftmedia/system
* @package system_api
*/
namespace SYSTEM\API;
/**
* API Class provided by System for Smart API's.
*/
class api {
const ROOT_PARENTID = -1;
const DEFAULT_GROUP = 0;
const DEFAULT_STRICT = true;
const DEFAULT_DEFAULT = false;
/**
* Run the API Mechanism with your Data.
*
* @param Class $verifyclassname
* @param Class $apiclassname
* @param array $params
* @param int $group
* @param bool $strict
* @param bool $default
*/
public static function run( $verifyclassname,$apiclassname,
$params,$group = self::DEFAULT_GROUP,
$strict = self::DEFAULT_STRICT,$default = self::DEFAULT_DEFAULT){

42
api/api_login.php
View File

@ -1,30 +1,26 @@
<?php
namespace SYSTEM\API;
class api_login {
/*
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (0, 0, -1, NULL, 'call', NULL);
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (60, 0, 0, 'account', 'action', NULL);
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (61,1,60,'login','username','USERNAME');
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (62,1,60,'login','password_sha','PASSHASH');
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (63,1,60,'login','password_md5','PASSHASH');
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (64,1,60,'check','rightid','UINT');
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (65,1,60,'create','username','USERNAME');
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (66,1,60,'create','password_sha','PASSHASH');
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (67,1,60,'create','email','EMAIL');
INSERT INTO `system_api_calls` (`ID`, `Flag`, `ParentID`, `ParentValue`, `Name`, `AllowedValues`) VALUES (68,1,60,'create','locale','LANG');
*/
public static function call_account_action_login($username, $password_sha, $password_md5){
return \SYSTEM\SECURITY\Security::login($username, $password_sha, $password_md5);}
public static function call_account_action_login($username, $password_sha1,$locale = null){
return \SYSTEM\SECURITY\security::login($username, $password_sha1,$locale,true);}
public static function call_account_action_logout(){
return \SYSTEM\SECURITY\Security::logout();}
return \SYSTEM\SECURITY\security::logout(true);}
public static function call_account_action_isloggedin(){
return \SYSTEM\SECURITY\Security::isLoggedIn();}
return \SYSTEM\SECURITY\security::isLoggedIn(true);}
public static function call_account_action_check($rightid){
return \SYSTEM\SECURITY\Security::check($rightid);}
public static function call_account_action_create($username, $password_sha, $email, $locale){
return \SYSTEM\SECURITY\Security::create($username, $password_sha, $email, $locale);}
return \SYSTEM\SECURITY\security::check($rightid,true);}
public static function call_account_action_create($username, $password_sha1, $email, $locale){
return \SYSTEM\SECURITY\security::create($username, $password_sha1, $email, $locale,true);}
public static function call_account_action_confirm_email($username){
return \SYSTEM\SECURITY\security::confirm_email($username);}
public static function call_account_action_confirm($token){
return \SYSTEM\SECURITY\security::confirm($token);}
public static function call_account_action_reset_password($username){
return \SYSTEM\SECURITY\security::resetpassword($username);}
public static function call_account_action_change_password($username,$old_password_sha1,$new_password_sha1){
return \SYSTEM\SECURITY\security::changepassword($username,$old_password_sha1,$new_password_sha1);}
public static function call_account_action_change_email($username,$new_email){
return \SYSTEM\SECURITY\security::changeemail($username,$new_email);}
}

199
lib/system/lib/system.js
View File

@ -251,6 +251,205 @@ SYSTEM.prototype.language = function(lang){
window.location.href = window.location.pathname +'?' + search + location.hash;
};
SYSTEM.prototype.account_login = function(username,password,success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'login',
username: username,
password_sha1: $.sha1(password)
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
SYSTEM.prototype.account_logout = function(success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'logout',
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
SYSTEM.prototype.account_isloggedin = function(success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'isloggedin',
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
SYSTEM.prototype.account_check = function(right_id,success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'check',
right_id: right_id,
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
SYSTEM.prototype.account_create = function(username,password,email,success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'create',
username: username,
password_sha1: $.sha1(password),
email: email,
locale: 'enUS'
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
SYSTEM.prototype.account_confirm_email = function(username,success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'confirm_email',
username: username,
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
SYSTEM.prototype.account_confirm = function(token,success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'confirm',
token: token,
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
SYSTEM.prototype.account_reset_password = function(username,success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'reset_password',
username: username,
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
SYSTEM.prototype.account_change_password = function(username,old_password,new_password,success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'change_password',
username: username,
old_password_sha1: $.sha1(old_password),
new_password_sha1: $.sha1(new_password)
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
SYSTEM.prototype.account_change_email = function(username,new_email,success){
$.ajax({
async: true,
url: this.endpoint,
type: 'GET',
dataType: 'JSON',
data: {
call: 'account',
action: 'change_email',
username: username,
new_email: new_email
},
success: success,
error: function(XMLHttpRequest, textStatus, errorThrown){
system.log_error(this.endpoint+' '+textStatus);
console.log(XMLHttpRequest);
console.log(errorThrown);
}
});
};
//SYSTEM.prototype.text($request,$lang)
//SYSTEM.prototype.call_files($cat,$id = null)
//SYSTEM.prototype.call_bug($message,$data)
/*
* jQuery MD5 Plugin 1.2.1
* https://github.com/blueimp/jQuery-MD5

4
log/error_handler/error_handler_dbwriter.php
View File

@ -14,13 +14,13 @@ class error_handler_dbwriter extends \SYSTEM\LOG\error_handler {
$_SERVER["SERVER_NAME"],$_SERVER["SERVER_PORT"],$_SERVER['REQUEST_URI'], serialize($_POST),
array_key_exists('HTTP_REFERER', $_SERVER) ? $_SERVER['HTTP_REFERER'] : null,
array_key_exists('HTTP_USER_AGENT',$_SERVER) ? $_SERVER['HTTP_USER_AGENT'] : null,
($user = \SYSTEM\SECURITY\Security::getUser()) ? $user->id : null, $thrown ? 1 : 0),*/
($user = \SYSTEM\SECURITY\security::getUser()) ? $user->id : null, $thrown ? 1 : 0),*/
array( get_class($E), $E->getMessage(), $E->getCode(), $E->getFile(), $E->getLine(), $E->getTraceAsString(),
getenv('REMOTE_ADDR'),round(microtime(true) - \SYSTEM\time::getStartTime(),5),
$_SERVER["SERVER_NAME"],$_SERVER["SERVER_PORT"],$_SERVER['REQUEST_URI'], serialize($_POST),
array_key_exists('HTTP_REFERER', $_SERVER) ? $_SERVER['HTTP_REFERER'] : null,
array_key_exists('HTTP_USER_AGENT',$_SERVER) ? $_SERVER['HTTP_USER_AGENT'] : null,
($user = \SYSTEM\SECURITY\Security::getUser()) ? $user->id : null,$thrown ? 1 : 0));
($user = \SYSTEM\SECURITY\security::getUser()) ? $user->id : null,$thrown ? 1 : 0));
if(\property_exists(get_class($E), 'logged')){
$E->logged = true;} //we just did log

4
page/State.php
View File

@ -19,8 +19,8 @@ class State {
while($row = $res->next()){
if(!self::is_loaded($row,$substate,$state_name,$row['parent_id'])){
continue;}
if( ($row['login'] == 1 && !\SYSTEM\SECURITY\Security::isLoggedIn()) ||
($row['login'] == 2 && \SYSTEM\SECURITY\Security::isLoggedIn())){
if( ($row['login'] == 1 && !\SYSTEM\SECURITY\security::isLoggedIn()) ||
($row['login'] == 2 && \SYSTEM\SECURITY\security::isLoggedIn())){
continue;}
$row['url'] = \SYSTEM\PAGE\replace::replace($row['url'], $vars);
$row['url'] = \SYSTEM\PAGE\replace::clean($row['url']);

2
page/text.php
View File

@ -92,7 +92,7 @@ class text {
if($new_id == self::NEW_ENTRY){
return false;}
//Insert
if(!\SYSTEM\SQL\SYS_TEXT_SAVE::QI(array($id,$lang,$text, \SYSTEM\SECURITY\Security::getUser()->id,\SYSTEM\SECURITY\Security::getUser()->id))){
if(!\SYSTEM\SQL\SYS_TEXT_SAVE::QI(array($id,$lang,$text, \SYSTEM\SECURITY\security::getUser()->id,\SYSTEM\SECURITY\security::getUser()->id))){
return false;}
//delete all tags
\SYSTEM\SQL\SYS_TEXT_DELETE_TAGS::QI(array($id));

6
sai/modules/saimod_sys_api/saimod_sys_api.php
View File

@ -36,7 +36,7 @@ class saimod_sys_api extends \SYSTEM\SAI\SaiModule {
return \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_api/tpl/new_dialog.tpl'))->SERVERPATH(),\SYSTEM\PAGE\text::tag(\SYSTEM\SQL\system_text::TAG_SAI_API));}
public static function sai_mod__system_sai_saimod_sys_api_action_addcall($ID,$group,$type,$parentID,$parentValue,$name,$verify){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API)){
throw new \SYSTEM\LOG\ERROR("You dont have edit Rights - Cant proceeed");}
if($parentValue == ''){ $parentValue = NULL;}
if($verify == ''){ $verify = NULL;}
@ -45,7 +45,7 @@ class saimod_sys_api extends \SYSTEM\SAI\SaiModule {
}
public static function sai_mod__system_sai_saimod_sys_api_action_deletecall($ID,$group){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API)){
throw new \SYSTEM\LOG\ERROR("You dont have edit Rights - Cant proceeed");}
\SYSTEM\SQL\SYS_SAIMOD_API_DEL::QI(array($ID,$group));
return \SYSTEM\LOG\JsonResult::ok();
@ -74,7 +74,7 @@ class saimod_sys_api extends \SYSTEM\SAI\SaiModule {
//public static function html_li_menu(){return '<li><a id="menu_api" href="#!api">${sai_menu_api}</a></li>';}
public static function html_li_menu(){return '<li><a id="menu_api" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_api}" href="#!api"><span class="glyphicon glyphicon-console" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API);}
public static function css(){
return array(new \SYSTEM\PSAI('modules/saimod_sys_api/css/saimod_sys_api.css'));}

2
sai/modules/saimod_sys_cache/saimod_sys_cache.php
View File

@ -23,7 +23,7 @@ class saimod_sys_cache extends \SYSTEM\SAI\SaiModule {
public static function html_li_menu(){return '<li><a id="menu_cache" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_cache}" href="#!cache"><span class="glyphicon glyphicon-level-up" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
//public static function css(){}
public static function js(){

2
sai/modules/saimod_sys_config/saimod_sys_config.php
View File

@ -141,7 +141,7 @@ class saimod_sys_config extends \SYSTEM\SAI\SaiModule {
}
public static function html_li_menu(){return '<li><a id="menu_config" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_config}" href="#!config"><span class="glyphicon glyphicon-info-sign" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
public static function js(){
return array(new \SYSTEM\PSAI('modules/saimod_sys_config/js/saimod_sys_config.js'));}
//public static function css(){}

8
sai/modules/saimod_sys_cron/saimod_sys_cron.php
View File

@ -18,14 +18,14 @@ class saimod_sys_cron extends \SYSTEM\SAI\SaiModule {
}
public static function sai_mod__system_sai_saimod_sys_cron_action_change($cls,$status){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_CRON)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_CRON)){
throw new \SYSTEM\LOG\ERROR("You dont have edit Rights - Cant proceeed");}
\SYSTEM\SQL\SYS_SAIMOD_CRON_CHANGE::QI(array($status, $cls));
return \SYSTEM\LOG\JsonResult::ok();
}
public static function sai_mod__system_sai_saimod_sys_cron_action_add($cls,$min,$hour,$day,$day_week,$month){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_CRON)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_CRON)){
throw new \SYSTEM\LOG\ERROR("You dont have edit Rights - Cant proceeed");}
if(!\SYSTEM\CRON\cron::check($cls)){
throw new \SYSTEM\LOG\ERROR("Given Class is not a CronJob");}
@ -34,7 +34,7 @@ class saimod_sys_cron extends \SYSTEM\SAI\SaiModule {
}
public static function sai_mod__system_sai_saimod_sys_cron_action_del($cls){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_CRON)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_CRON)){
throw new \SYSTEM\LOG\ERROR("You dont have edit Rights - Cant proceeed");}
\SYSTEM\SQL\SYS_SAIMOD_CRON_DEL::QI(array($cls));
return \SYSTEM\LOG\JsonResult::ok();}
@ -42,7 +42,7 @@ class saimod_sys_cron extends \SYSTEM\SAI\SaiModule {
//public static function html_li_menu(){return '<li><a id="menu_cron" href="#!cron">${sai_menu_cron}</a></li>';}
public static function html_li_menu(){return '<li><a id="menu_cron" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_cron}" href="#!cron"><span class="glyphicon glyphicon-time" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_CRON);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_CRON);}
public static function css(){
return array(new \SYSTEM\PSAI('modules/saimod_sys_cron/css/saimod_sys_cron.css'));}

2
sai/modules/saimod_sys_docu/saimod_sys_docu.php
View File

@ -39,7 +39,7 @@ class saimod_sys_docu extends \SYSTEM\SAI\SaiModule {
//public static function html_li_menu(){return '<li><a id="menu_docu" href="#!docu"><span class="glyphicon glyphicon-book" aria-hidden="true"></span> ${sai_menu_docu}</a></li>';}
public static function html_li_menu(){return '<li><a id="menu_docu" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_docu}" href="#!docu"><span class="glyphicon glyphicon-book" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
//public static function css(){}
public static function js(){

2
sai/modules/saimod_sys_files/saimod_sys_files.php
View File

@ -46,7 +46,7 @@ class saimod_sys_files extends \SYSTEM\SAI\SaiModule {
//public static function html_li_menu(){return '<li><a id="menu_files" href="#!files">${sai_menu_files}</a></li>';}
public static function html_li_menu(){return '<li><a id="menu_files" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_files}" href="#!files"><span class="glyphicon glyphicon-duplicate" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_FILES);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_FILES);}
//public static function css(){}
public static function js(){

2
sai/modules/saimod_sys_git/saimod_sys_git.php
View File

@ -41,7 +41,7 @@ class saimod_sys_git extends \SYSTEM\SAI\SaiModule {
//public static function html_li_menu(){return '<li><a id="menu_git" href="#!git"><span class="glyphicon glyphicon-saved" aria-hidden="true"></span>${sai_menu_git}</a></li>';}
public static function html_li_menu(){return '</ul><ul class="nav navbar-nav navbar-right sai_divider_left"><li><a id="menu_git" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_git}" href="#!git"><span class="glyphicon glyphicon-saved" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
//public static function css(){}
//public static function js(){}

2
sai/modules/saimod_sys_log/saimod_sys_log.php
View File

@ -354,7 +354,7 @@ class saimod_sys_log extends \SYSTEM\SAI\SaiModule {
//public static function html_li_menu(){return '<li><a id="menu_log" href="#!log">${sai_menu_log}</a></li>';}
public static function html_li_menu(){return '<li><a id="menu_log" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_log}" href="#!log"><span class="glyphicon glyphicon-alert" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
//public static function css(){}
public static function js(){

43
sai/modules/saimod_sys_login/js/sai_sys_login_submit.js
View File

@ -4,12 +4,12 @@ function init_saimod_sys_login() {
preventSubmit: true,
submitError: function($form, event, errors) {},
submitSuccess: function($form, event){
$.get('./sai.php?sai_mod=.SYSTEM.SAI.saimod_sys_login&action=login&username='+$('#bt_login_user').val()+'&password_sha='+$.sha1($('#bt_login_password').val())+'&password_md5='+$.md5($('#bt_login_password').val()), function (data) {
if(data == 1){
system.account_login($('#bt_login_user').val(),$('#bt_login_password').val(),function(data){
if(data.status){
$('.help-block').html("Login successfull.</br>");
location.reload(true);
} else {
$('.help-block').html("Login not successfull.</br> User & Password combination wrong.")
$('.help-block').html("Login not successfull.</br> User & Password combination wrong.");
}
});
event.preventDefault();
@ -20,8 +20,8 @@ function init_saimod_sys_login() {
preventSubmit: true,
submitError: function($form, event, errors) {},
submitSuccess: function($form, event){
$.get('./sai.php?sai_mod=.SYSTEM.SAI.saimod_sys_login&action=logout', function (data) {
if(data == 1){
system.account_logout(function (data) {
if(data.status){
$('.help-block').html("Logout successfull.</br>");
location.reload(true);
} else {
@ -49,38 +49,23 @@ function init_saimod_sys_register(){
$('#btn_user_registration_cancel').click(function(){
system.load('login');
});
//jqBootstrapValidation
$("#register_user_form input").not("[type=submit]").jqBootstrapValidation({
preventSubmit: true,
submitError: function (form, event, errors) {},
submitSuccess: function($form, event){
var username = document.getElementById('register_username').value;
var email = document.getElementById('register_email').value;
var password = document.getElementById('user_register_password2').value;
var username = $('#register_username').val();
var email = $('#register_email').val();
var password = $('#user_register_password2').val();
var select_locale = document.getElementById('register_locale_select');
var locale = "";
for (var i = 0; i < select_locale.options.length; i++) {
if(select_locale.options[i].selected ){
locale = select_locale.options[i].value;
}
}
$.ajax({
dataType: "json",
url: './sai.php?sai_mod=.SYSTEM.SAI.saimod_sys_login&action=register&username='+username+'&password='+$.sha1(password)+'&email='+email+'&locale='+locale,
data: null,
success: function (dataCreate) {
if(dataCreate === 1){ // reload -> user will be loged in
location.reload();
system.account_create(username,password,email,
function (data) {
if(data.status){
system.load('login');
}else{ // show errors
alert('Not successfull: '+dataCreate);
alert('Not successfull: '+data);
}
}
});
});
event.preventDefault();
}
});

14
sai/modules/saimod_sys_login/saimod_sys_login.php
View File

@ -9,22 +9,16 @@ class saimod_sys_login extends \SYSTEM\SAI\SaiModule {
$vars['loginPassword'] = 'Password';
$vars['login_username_too_short'] = 'Username to short.';
$vars['login_password_too_short'] = 'Password to short.';
$vars['isadmin'] = \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) ? "yes" : "no";
$vars['isadmin'] = \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) ? "yes" : "no";
if(\SYSTEM\SECURITY\Security::isLoggedIn()){
if(\SYSTEM\SECURITY\security::isLoggedIn()){
return \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_login/tpl/logout.tpl'))->SERVERPATH(), $vars);
} else {
return \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_login/tpl/login.tpl'))->SERVERPATH(), $vars);}
}
public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_logout(){
return \SYSTEM\SECURITY\Security::logout();}
public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_login($username,$password_sha,$password_md5){
return \SYSTEM\SECURITY\Security::login($username, $password_sha, $password_md5);}
public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_register($username,$password,$email, $locale = 'deDE'){
return \SYSTEM\SECURITY\Security::create($username, $password, $email, $locale);}
public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_userinfo(){
$user = \SYSTEM\SECURITY\Security::getUser();
$user = \SYSTEM\SECURITY\security::getUser();
if(!$user){
return;}
return json_encode(array( 'username' => $user->username,
@ -38,7 +32,7 @@ class saimod_sys_login extends \SYSTEM\SAI\SaiModule {
$vars = \SYSTEM\PAGE\text::tag(\SYSTEM\SQL\system_text::TAG_SAI_LOGIN);
return \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_login/tpl/register.tpl'))->SERVERPATH(), $vars);}
public static function html_li_menu(){return '<li class="sai_divider_left"><a id="menu_login" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_login}" href="#!login">'.(\SYSTEM\SECURITY\Security::isLoggedIn() ? '<span class="glyphicon glyphicon-log-out" aria-hidden="true"></span>' : '<span class="glyphicon glyphicon-log-in" aria-hidden="true"></span>').'</a></li>';}
public static function html_li_menu(){return '<li class="sai_divider_left"><a id="menu_login" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_login}" href="#!login">'.(\SYSTEM\SECURITY\security::isLoggedIn() ? '<span class="glyphicon glyphicon-log-out" aria-hidden="true"></span>' : '<span class="glyphicon glyphicon-log-in" aria-hidden="true"></span>').'</a></li>';}
public static function right_public(){return true;}
public static function right_right(){return true;}

11
sai/modules/saimod_sys_login/tpl/register.tpl
View File

@ -68,17 +68,6 @@
</div>
</td>
</tr>
<tr>
<th>${basic_locale}</th>
<td>
<div id="change_user_locale">
<select size="1" id="register_locale_select">
<option value="deDE">deDE</option>
<option value="enUS">enUS</option>
</select>
</div>
</td>
</tr>
</tbody>
</table>
<button class="btn-sm btn-primary" type="submit"><i class="icon-ok icon-white"></i> ${basic_register}</button>

2
sai/modules/saimod_sys_mod/saimod_sys_mod.php
View File

@ -61,7 +61,7 @@ class saimod_sys_mod extends \SYSTEM\SAI\SaiModule {
//public static function html_li_menu(){return '<li><a id="menu_mod" href="#!mod">${sai_menu_mod}</a></li>';}
public static function html_li_menu(){return '<li><a id="menu_mod" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_mod}" href="#!mod"><span class="glyphicon glyphicon-plus" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
//public static function css(){}
public static function js(){

6
sai/modules/saimod_sys_page/saimod_sys_page.php
View File

@ -35,7 +35,7 @@ class saimod_sys_page extends \SYSTEM\SAI\SaiModule {
return \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_page/tpl/new_dialog.tpl'))->SERVERPATH(),\SYSTEM\PAGE\text::tag(\SYSTEM\SQL\system_text::TAG_SAI_PAGE));}
public static function sai_mod__system_sai_saimod_sys_page_action_addcall($ID,$group,$type,$parentID,$parentValue,$name,$verify){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API)){
throw new \SYSTEM\LOG\ERROR("You dont have edit Rights - Cant proceeed");}
if($parentValue == ''){ $parentValue = NULL;}
if($verify == ''){ $verify = NULL;}
@ -44,7 +44,7 @@ class saimod_sys_page extends \SYSTEM\SAI\SaiModule {
}
public static function sai_mod__system_sai_saimod_sys_page_action_deletecall($ID,$group){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API)){
throw new \SYSTEM\LOG\ERROR("You dont have edit Rights - Cant proceeed");}
\SYSTEM\SQL\SYS_SAIMOD_PAGE_DEL::QI(array($ID,$group));
return \SYSTEM\LOG\JsonResult::ok();
@ -69,7 +69,7 @@ class saimod_sys_page extends \SYSTEM\SAI\SaiModule {
//public static function html_li_menu(){return '<li><a id="menu_page" href="#!page">${sai_menu_page}</a></li>';}
public static function html_li_menu(){return '<li><a id="menu_page" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_page}" href="#!page"><span class="glyphicon glyphicon-blackboard" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_API);}
public static function css(){
return array(new \SYSTEM\PSAI('modules/saimod_sys_page/css/saimod_sys_page.css'));}

8
sai/modules/saimod_sys_security/js/saimod_sys_security.js
View File

@ -45,7 +45,7 @@ function init_saimod_sys_security_user() {
});
});
$('#btn_confirm_email').click(function(){
$.get( './sai.php?call=account&action=requestemail&account='+$(this).attr('user'),function(data){
$.get( './sai.php?call=account&action=requestconfirm&username='+$(this).attr('user'),function(data){
if(data==1){
alert('Email sent');
} else {
@ -54,7 +54,7 @@ function init_saimod_sys_security_user() {
});
});
$('#btn_change_password').click(function(){
$.get( './sai.php?call=account&action=changepassword&account='+$(this).attr('user')+'&old_password_sha1='+'&new_password_sha1=',function(data){
$.get( './sai.php?call=account&action=changepassword&username='+$(this).attr('user')+'&old_password_sha1='+'&new_password_sha1=',function(data){
if(data==1){
alert('Password Changed');
} else {
@ -72,7 +72,7 @@ function init_saimod_sys_security_user() {
});
});
$('#btn_change_email').click(function(){
$.get( './sai.php?call=account&action=changeemail&account='+$(this).attr('user')+'&new_email=',function(data){
$.get( './sai.php?call=account&action=changeemail&username='+$(this).attr('user')+'&new_email=',function(data){
if(data==1){
alert('Email sent');
} else {
@ -81,7 +81,7 @@ function init_saimod_sys_security_user() {
});
});
$('#btn_rename_account').click(function(){
$.get( './sai.php?call=account&action=renameaccount&account='+$(this).attr('user')+'&new_account=',function(data){
$.get( './sai.php?saimod...&action=renameaccount&username='+$(this).attr('user')+'&new_username=',function(data){
if(data==1){
alert('Accountname changed');
} else {

20
sai/modules/saimod_sys_security/saimod_sys_security.php
View File

@ -13,12 +13,12 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
$rows = '';
$res = \SYSTEM\SQL\SYS_SAIMOD_SECURITY_RIGHTS::QQ();
while($r = $res->next()){
$r['right_edit_btn'] = \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT) ?
$r['right_edit_btn'] = \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT) ?
\SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/right_edit.tpl'))->SERVERPATH(),array('id' => $r['ID'])) :
\SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/missing_edit_right.tpl'))->SERVERPATH());
$rows .= \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/saimod_sys_security_right.tpl'))->SERVERPATH(),$r);}
$vars['rows'] = $rows;
$vars['addright_btn'] = \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT) ?
$vars['addright_btn'] = \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT) ?
\SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/right_add.tpl'))->SERVERPATH()):
\SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/missing_remove_right.tpl'))->SERVERPATH());
$vars = array_merge($vars, \SYSTEM\PAGE\text::tag(\SYSTEM\SQL\system_text::TAG_SAI_SECURITY));
@ -26,7 +26,7 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_deleterightuser($rightid,$userid){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
return false;}
$res = \SYSTEM\SQL\SYS_SAIMOD_SECURITY_USER_RIGHT_CHECK::Q1(array($rightid,$userid));
if(!$res || $res['count'] == 0){
@ -34,7 +34,7 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
return \SYSTEM\SQL\SYS_SAIMOD_SECURITY_USER_RIGHT_DELETE::QI(array($rightid,$userid));}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_addrightuser($rightid,$userid){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
return false;}
$res = \SYSTEM\SQL\SYS_SAIMOD_SECURITY_USER_RIGHT_CHECK::Q1(array($rightid,$userid));
if(!$res || $res['count'] != 0){
@ -42,17 +42,17 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
return \SYSTEM\SQL\SYS_SAIMOD_SECURITY_USER_RIGHT_INSERT::QI(array($rightid,$userid));}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_addright($id,$name,$description){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
return false;}
return \SYSTEM\SQL\SYS_SAIMOD_SECURITY_RIGHT_INSERT::QI(array($id,$name,$description));}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_deleterightconfirm($id){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
return false;}
$vars = \SYSTEM\SQL\SYS_SAIMOD_SECURITY_RIGHT_CHECK::Q1(array($id));
return \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/saimod_sys_security_deleteright.tpl'))->SERVERPATH(),$vars);}
public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_deleteright($id){
if(!\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
if(!\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
return false;}
return \SYSTEM\SQL\SYS_SAIMOD_SECURITY_RIGHT_DELETE::QI(array($id));}
@ -79,13 +79,13 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
$res = \SYSTEM\SQL\SYS_SAIMOD_SECURITY_USER_RIGHTS::QQ(array($userid));
while($r = $res->next()){
$r['user_id'] = $userid;
$r['remove_btn'] = \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT) ?
$r['remove_btn'] = \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT) ?
\SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/right_remove.tpl'))->SERVERPATH(),array('id' => $r['ID'], 'userid' => $userid)) :
\SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/missing_edit_right.tpl'))->SERVERPATH());
$vars['user_rights_table'] .= \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/saimod_sys_security_user_right.tpl'))->SERVERPATH(), $r);}
$vars['user_rights_add'] = \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/missing_add_right.tpl'))->SERVERPATH());
if(\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
if(\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT)){
$opts = '';
$res = \SYSTEM\SQL\SYS_SAIMOD_SECURITY_RIGHTS::QQ();
$b = true;
@ -172,7 +172,7 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule {
public static function html_li_menu(){return '<li><a id="menu_security" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_security}" href="#!security"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY);}
public static function css(){
return array(new \SYSTEM\PSAI('modules/saimod_sys_security/css/saimod_sys_security.css'));}

2
sai/modules/saimod_sys_text/saimod_sys_text.php
View File

@ -119,7 +119,7 @@ class saimod_sys_text extends \SYSTEM\SAI\SaiModule {
//public static function html_li_menu(){return '<li><a id="menu_text" href="#!text">${sai_menu_text}</a></li>';}
public static function html_li_menu(){return '<li><a id="menu_text" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_text}" href="#!text"><span class="glyphicon glyphicon-text-size" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_LOCALE);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) && \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_LOCALE);}
public static function css(){
return array(new \SYSTEM\PSAI('modules/saimod_sys_text/css/saimod_sys_text.css'));}

12
sai/modules/saimod_sys_todo/saimod_sys_todo.php
View File

@ -17,10 +17,10 @@ class saimod_sys_todo extends \SYSTEM\SAI\SaiModule {
array_push(self::$stats,$stats);}
public static function sai_mod__SYSTEM_SAI_saimod_sys_todo_action_assign($todo){
\SYSTEM\SQL\SYS_SAIMOD_TODO_ASSIGN::QI(array($todo,\SYSTEM\SECURITY\Security::getUser()->id));
\SYSTEM\SQL\SYS_SAIMOD_TODO_ASSIGN::QI(array($todo,\SYSTEM\SECURITY\security::getUser()->id));
return \SYSTEM\LOG\JsonResult::ok();}
public static function sai_mod__SYSTEM_SAI_saimod_sys_todo_action_deassign($todo){
\SYSTEM\SQL\SYS_SAIMOD_TODO_DEASSIGN::QI(array($todo,\SYSTEM\SECURITY\Security::getUser()->id));
\SYSTEM\SQL\SYS_SAIMOD_TODO_DEASSIGN::QI(array($todo,\SYSTEM\SECURITY\security::getUser()->id));
return \SYSTEM\LOG\JsonResult::ok();}
public static function sai_mod__SYSTEM_SAI_saimod_sys_todo_action_close($todo){
\SYSTEM\SQL\SYS_SAIMOD_TODO_CLOSE::QI(array($todo));
@ -64,7 +64,7 @@ class saimod_sys_todo extends \SYSTEM\SAI\SaiModule {
$vars['todo_list_elements'] = $vars['filter_mine'] =
$vars['filter_free'] = $vars['filter_others'] = $vars['filter_gen'] =
$vars['filter_user'] = $vars['filter_report'] = '';
$userid = \SYSTEM\SECURITY\Security::getUser()->id;
$userid = \SYSTEM\SECURITY\security::getUser()->id;
switch($filter){
case 'mine':
$count = \SYSTEM\SQL\SYS_SAIMOD_TODO_COUNT_MINE::Q1(array($state,$userid,$search,$search,$search))['count'];
@ -211,7 +211,7 @@ class saimod_sys_todo extends \SYSTEM\SAI\SaiModule {
}
public static function sai_mod__SYSTEM_SAI_saimod_sys_todo_action_todo($todo){
$userid = \SYSTEM\SECURITY\Security::getUser()->id;
$userid = \SYSTEM\SECURITY\security::getUser()->id;
$vars = \SYSTEM\SQL\SYS_SAIMOD_TODO_TODO::Q1(array($todo,$userid));
$vars['trace'] = implode('</br>', array_slice(explode('#', $vars['trace']), 1, -1));
$vars['display_assign'] = $vars['assignee_id'] != $userid ? '' : 'display: none;';
@ -228,7 +228,7 @@ class saimod_sys_todo extends \SYSTEM\SAI\SaiModule {
public static function html_li_menu(){return '<li><a id="menu_todo" data-toggle="tooltip" data-placement="bottom" title="${sai_menu_todo}" href="#!todo"><span class="glyphicon glyphicon-list" aria-hidden="true"></span></a></li>';}
public static function right_public(){return false;}
public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
public static function right_right(){return \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);}
//public static function css(){}
public static function js(){
@ -248,7 +248,7 @@ class saimod_sys_todo extends \SYSTEM\SAI\SaiModule {
$_SERVER["SERVER_NAME"],$_SERVER["SERVER_PORT"],$_SERVER['REQUEST_URI'], serialize($_POST),
array_key_exists('HTTP_REFERER', $_SERVER) ? $_SERVER['HTTP_REFERER'] : null,
array_key_exists('HTTP_USER_AGENT',$_SERVER) ? $_SERVER['HTTP_USER_AGENT'] : null,
($user = \SYSTEM\SECURITY\Security::getUser()) ? $user->id : null,$thrown ? 1 : 0,$E->getMessage(),$type));
($user = \SYSTEM\SECURITY\security::getUser()) ? $user->id : null,$thrown ? 1 : 0,$E->getMessage(),$type));
if(\property_exists(get_class($E), 'logged')){
$E->todo_logged = true;} //we just did log
} catch (\Exception $E){return false;} //Error -> Ignore

10
sai/modules/saistart_sys_sai/js/saistart_sys_sai.js
View File

@ -11,12 +11,12 @@ function init_saistart_sys_sai() {
preventSubmit: true,
submitError: function($form, event, errors) {},
submitSuccess: function($form, event){
$.get('./sai.php?sai_mod=.SYSTEM.SAI.saimod_sys_login&action=login&username='+$('#bt_login_user').val()+'&password_sha='+$.sha1($('#bt_login_password').val())+'&password_md5='+$.md5($('#bt_login_password').val()), function (data) {
if(data == 1){
system.account_login($('#bt_login_user').val(),$('#bt_login_password').val(),function(data){
if(data.status){
$('.help-block').html("Login successfull.</br>");
location.reload(true);
} else {
$('.help-block').html("Login not successfull.</br> User & Password combination wrong.")
$('.help-block').html("Login not successfull.</br> User & Password combination wrong.");
}
});
event.preventDefault();
@ -27,8 +27,8 @@ function init_saistart_sys_sai() {
preventSubmit: true,
submitError: function($form, event, errors) {},
submitSuccess: function($form, event){
$.get('./sai.php?sai_mod=.SYSTEM.SAI.saimod_sys_login&action=logout', function (data) {
if(data == 1){
system.account_logout(function (data) {
if(data.status){
$('.help-block').html("Logout successfull.</br>");
location.reload(true);
} else {

6
sai/modules/saistart_sys_sai/saistart_sys_sai.php
View File

@ -25,7 +25,7 @@ class saistart_sys_sai extends \SYSTEM\SAI\SaiModule {
$week_number = date("W", time());
$date = date("l M Y", time());
if(!\SYSTEM\SECURITY\Security::isLoggedIn() || !\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI)){
if(!\SYSTEM\SECURITY\security::isLoggedIn() || !\SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI)){
return \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saistart_sys_sai/tpl/content.tpl'))->SERVERPATH());}
$vars = array();
$vars['week_number'] = $week_number;
@ -33,10 +33,10 @@ class saistart_sys_sai extends \SYSTEM\SAI\SaiModule {
$vars['project_name'] = \SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_SAI_CONFIG_PROJECT);
$vars['project_url'] = \SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL);
$vars['analytics'] = \SYSTEM\SAI\saimod_sys_log::analytics();
$user = \SYSTEM\SECURITY\Security::getUser();
$user = \SYSTEM\SECURITY\security::getUser();
$vars['username'] = $user->username;
$vars['locale'] = $user->locale;
$vars['isadmin'] = \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) ? "yes" : "no";
$vars['isadmin'] = \SYSTEM\SECURITY\security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) ? "yes" : "no";
$vars['userstats'] = '';
$userstats = \SYSTEM\SQL\SYS_SAIMOD_TODO_STATS_USERS::QQ();
while($stat = $userstats->next()){

1
sai/sai/sai.php
View File

@ -1,5 +1,4 @@
<?php
namespace SYSTEM\SAI;
class sai {

2
sai/sai/saigui.php
View File

@ -31,7 +31,7 @@ class saigui extends \SYSTEM\PAGE\Page {
'parseprivate' => false,
'title' => 'SYSTEM - PHP Framework'));
\SYSTEM\SECURITY\Security::isLoggedIn(); // refresh session
\SYSTEM\SECURITY\security::isLoggedIn(); // refresh session
//Direct JSON Input
$pg = json_decode(file_get_contents("php://input"), true);
if(!$pg){

150
security/Security.php
View File

@ -1,57 +1,26 @@
<?php
namespace SYSTEM\SECURITY;
class Security {
const FAIL = false;
const OK = true;
public static function create($username, $password, $email, $locale, $advancedResult=false, $checkAvailable = true){
class security {
public static function create($username, $password_sha1, $email, $locale = 'enUS',$json_result = false){
self::startSession();
// check availability of username (in non-compatibility mode, otherwise it is already checked in DasenseAccount)
if($checkAvailable && !self::available($username)){
return self::FAIL;}
$result = \SYSTEM\SQL\SYS_SECURITY_CREATE::QI(array( $username , $password, $email, $locale, 1 ));
if(!$result || !self::login($username, $password, $locale)){
return self::FAIL;}
return ($advancedResult ? \SYSTEM\SQL\SYS_SECURITY_LOGIN_SHA1::Q1(array($username, $username, $password)) : self::OK);
}
public static function changePassword($username, $password_sha_old, $password_sha_new){
$row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_SHA1::Q1(array($username, $username, $password_sha_old));
if(!$row){
return self::FAIL;} // old password wrong
$userID = $row['id'];
$result = \SYSTEM\SQL\SYS_SECURITY_UPDATE_PW::QI(array($password_sha_new, $userID));
return $result ? self::OK : self::FAIL;
if(!self::available($username)){
throw new \SYSTEM\LOG\ERROR("Username unavailable");}
$result = \SYSTEM\SQL\SYS_SECURITY_CREATE::QI(array( $username , $password_sha1, $email, $locale));
$row = true;
if(!$result || !($row = self::login($username, $password_sha1, $locale))){
throw new \SYSTEM\LOG\ERROR("Error during Registration process.");}
return $json_result ? \SYSTEM\LOG\JsonResult::ok() : $row;
}
public static function login($username, $password_sha, $password_md5, $locale=NULL, $advancedResult=false, $password_sha_new=NULL){
self::startSession();
public static function login($username, $password_sha1, $locale=NULL,$json_result = false){
self::startSession();
$_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)] = NULL;
//Database check
if(isset($password_md5)){
$row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_MD5::Q1(array($username, $username, $password_sha, $password_md5));
}else{
$row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_SHA1::Q1(array($username, $username, $password_sha));}
$row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_USER_EMAIL_SHA1::Q1(array($username, $username, $password_sha1));
if(!$row){
new \SYSTEM\LOG\WARNING("Login Failed, User was not found in db");
return self::FAIL;}
//todo: move to da-sense
// set password_sha if it is empty or if it length is < 40 -> SHA1 Androidappbugfix
if( !$row[\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA] ||
strlen($row[\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA]) < 40){
if($password_sha_new != NULL){
$pw = $password_sha_new;
}else{
$pw = $password_sha;
}
\SYSTEM\SQL\SYS_SECURITY_UPDATE_PW::QQ(array($pw,$row[\SYSTEM\SQL\system_user::FIELD_ID]));
$row[\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA] = $pw;
}
throw new \SYSTEM\LOG\WARNING("Login Failed, User was not found in db");}
// set session variables
$_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)] =
new User( $row[\SYSTEM\SQL\system_user::FIELD_ID],
@ -67,49 +36,91 @@ class Security {
if(isset($locale)){
\SYSTEM\locale::set($locale);}
\SYSTEM\SQL\SYS_SECURITY_UPDATE_LASTACTIVE::QI(array($row[\SYSTEM\SQL\system_user::FIELD_ID]));
return ($advancedResult ? $row : self::OK);
return $json_result ? \SYSTEM\LOG\JsonResult::ok() : $row;
}
public static function getUser(){
if(!self::isLoggedIn()){
return NULL;}
return $_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)];}
// Determine if username exists
public static function available($username,$email=null){
public static function available($username,$email=null,$json_result=false){
if($email){
$res = \SYSTEM\SQL\SYS_SECURITY_AVAILABLE_EMAIL::Q1(array($username,$email));
} else {
$res = \SYSTEM\SQL\SYS_SECURITY_AVAILABLE::Q1(array($username));}
if(!$res){
throw new \SYSTEM\LOG\ERRROR("Cannot determine the availability of username!");}
if($json_result){
throw new \SYSTEM\LOG\ERRROR("Cannot determine the availability of username!");
} else{ return false;}
}
if($res['count'] != 0){
return self::FAIL;}
return self::OK;
if($json_result){
throw new \SYSTEM\LOG\ERRROR("Username or Email is not avilable.");
} else{ return false;}
}
return $json_result ? \SYSTEM\LOG\JsonResult::ok() : true;
}
//checks for a right for a logged in user
public static function check($rightid){
public static function check($rightid,$json_result=false){
//Not logged in? Go away.
//If you think you need rights for your guests ur doing smth wrong ;-)
$user = null;
if(!($user = self::getUser())){
return false;}
return $json_result ? \SYSTEM\LOG\JsonResult::fail() : false;}
$res = \SYSTEM\SQL\SYS_SECURITY_CHECK::Q1(array($user->id, $rightid));
if(!$res){
throw new \SYSTEM\LOG\ERROR("Cannot determine if you have the required rights!");}
if($res['count'] == 0){
return false;}
return true;
if(!$res || $res['count'] == 0){
return $json_result ? \SYSTEM\LOG\JsonResult::fail() : false;}
return $json_result ? \SYSTEM\LOG\JsonResult::ok() : true;
}
public static function change_password($username,$old_password_sha1,$new_password_sha1){
$row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_USER_EMAIL_SHA1::Q1(array($username, $username, $old_password_sha1));
if(!$row){
throw new \SYSTEM\LOG\ERROR("No such User Password combination.");}
$result = \SYSTEM\SQL\SYS_SECURITY_UPDATE_PW::QI(array($new_password_sha1, $row['id']));
return $result ? \SYSTEM\LOG\JsonResult::ok() : \SYSTEM\LOG\JsonResult::fail();
}
public static function change_email($username, $new_email) {
$vars = array();
//find all userdata
//generate token
$vars['token'] = \SYSTEM\TOKEN\token::request('\SYSTEM\TOKEN\token_change_email', $new_email);
//mail
}
public static function reset_password($username) {
$vars = array();
//find all userdata
//generate token
$vars['token'] = \SYSTEM\TOKEN\token::request('\SYSTEM\TOKEN\token_reset_password', $new_pw_generated);
//mail
}
public static function confirm_email($username) {
$vars = array();
//find all userdata
//generate token
$vars['token'] = \SYSTEM\TOKEN\token::request('\SYSTEM\TOKEN\token_confirm_email');
//mail
}
public static function confirm($token,$json_result = false) {
return \SYSTEM\TOKEN\token::confirm($token) ?
($json_result ? \SYSTEM\LOG\JsonResult::ok() : true) :
($json_result ? \SYSTEM\LOG\JsonResult::fail() : false);}
public static function getUser(){
if(!self::isLoggedIn(false)){
return NULL;}
return $_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)];
}
//Session
public static function logout(){
public static function logout($json_result = false){
self::startSession();
session_destroy();
return self::OK;}
return $json_result ? \SYSTEM\LOG\JsonResult::ok() : true;}
public static function save($key,$value){
self::startSession();
@ -121,10 +132,11 @@ class Security {
return NULL;}
return $_SESSION['values'][$key];}
public static function isLoggedIn(){
public static function isLoggedIn($json_result = false){
self::startSession();
return (isset($_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)]) &&
$_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)] instanceof User);}
$_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)] instanceof User) ?
($json_result ? \SYSTEM\LOG\JsonResult::ok() : true) : ($json_result ? \SYSTEM\LOG\JsonResult::fail() : false);}
protected static function startSession(){
if(!isset($_SESSION) && !headers_sent()){
@ -133,5 +145,5 @@ class Security {
if( isset($_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)]) &&
$_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)] instanceof User){
$_SESSION['values'][\SYSTEM\locale::SESSION_KEY] = $_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)]->locale;}
}
}
}

8
security/qq/SYS_SECURITY_CREATE.php
View File

@ -5,13 +5,13 @@ class SYS_SECURITY_CREATE extends \SYSTEM\DB\QP {
public static function pgsql(){return
'INSERT INTO '.\SYSTEM\SQL\system_user::NAME_PG.
' ('.\SYSTEM\SQL\system_user::FIELD_USERNAME.','.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.','
.\SYSTEM\SQL\system_user::FIELD_EMAIL.','.\SYSTEM\SQL\system_user::FIELD_LOCALE.','.\SYSTEM\SQL\system_user::FIELD_ACCOUNT_FLAG.')'.
' VALUES ($1, $2, $3, $4, $5);';
.\SYSTEM\SQL\system_user::FIELD_EMAIL.','.\SYSTEM\SQL\system_user::FIELD_LOCALE.')'.
' VALUES ($1, $2, $3, $4);';
}
public static function mysql(){return
'INSERT INTO '.\SYSTEM\SQL\system_user::NAME_MYS.
' ('.\SYSTEM\SQL\system_user::FIELD_USERNAME.','.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.','
.\SYSTEM\SQL\system_user::FIELD_EMAIL.','.\SYSTEM\SQL\system_user::FIELD_LOCALE.','.\SYSTEM\SQL\system_user::FIELD_ACCOUNT_FLAG.')'.
' VALUES (?, ?, ?, ?, ?);';
.\SYSTEM\SQL\system_user::FIELD_EMAIL.','.\SYSTEM\SQL\system_user::FIELD_LOCALE.')'.
' VALUES (?, ?, ?, ?);';
}
}

15
security/qq/SYS_SECURITY_LOGIN_MD5.php
View File

@ -1,15 +0,0 @@
<?php
namespace SYSTEM\SQL;
class SYS_SECURITY_LOGIN_MD5 extends \SYSTEM\DB\QP {
public static function get_class(){return \get_class();}
public static function pgsql(){return
'SELECT * FROM '.\SYSTEM\SQL\system_user::NAME_PG.
' WHERE (lower('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE lower($1) OR lower('.\SYSTEM\SQL\system_user::FIELD_EMAIL.') LIKE lower($2))'.
' AND ('.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.' = $3 OR '.\SYSTEM\SQL\system_user::FIELD_PASSWORD_MD5.' = $4 );';
}
public static function mysql(){return
'SELECT * FROM '.\SYSTEM\SQL\system_user::NAME_MYS.
' WHERE (lower('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE lower(?) OR lower('.\SYSTEM\SQL\system_user::FIELD_EMAIL.') LIKE lower(?))'.
' AND ('.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.' = ? OR '.\SYSTEM\SQL\system_user::FIELD_PASSWORD_MD5.' = ? );';
}
}

15
security/qq/SYS_SECURITY_LOGIN_USER_EMAIL_SHA1.php Normal file
View File

@ -0,0 +1,15 @@
<?php
namespace SYSTEM\SQL;
class SYS_SECURITY_LOGIN_USER_EMAIL_SHA1 extends \SYSTEM\DB\QP {
public static function get_class(){return \get_class();}
public static function pgsql(){return
'SELECT * FROM '.\SYSTEM\SQL\system_user::NAME_PG.
' WHERE (UPPER('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE UPPER($1) OR UPPER('.\SYSTEM\SQL\system_user::FIELD_EMAIL.') LIKE UPPER($2))'.
' AND '.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.' = $3;';
}
public static function mysql(){return
'SELECT * FROM '.\SYSTEM\SQL\system_user::NAME_MYS.
' WHERE (UPPER('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE UPPER(?) OR UPPER('.\SYSTEM\SQL\system_user::FIELD_EMAIL.') LIKE UPPER(?))'.
' AND '.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.' = ?;';
}
}

6
security/qq/SYS_SECURITY_LOGIN_SHA1.php → security/qq/SYS_SECURITY_LOGIN_USER_SHA1.php
View File

@ -1,15 +1,15 @@
<?php
namespace SYSTEM\SQL;
class SYS_SECURITY_LOGIN_SHA1 extends \SYSTEM\DB\QP {
class SYS_SECURITY_LOGIN_USER_SHA1 extends \SYSTEM\DB\QP {
public static function get_class(){return \get_class();}
public static function pgsql(){return
'SELECT * FROM '.\SYSTEM\SQL\system_user::NAME_PG.
' WHERE (lower('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE lower($1) OR lower('.\SYSTEM\SQL\system_user::FIELD_EMAIL.') LIKE lower($2))'.
' WHERE (UPPER('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE UPPER($1)'.
' AND '.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.' = $3;';
}
public static function mysql(){return
'SELECT * FROM '.\SYSTEM\SQL\system_user::NAME_MYS.
' WHERE (lower('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE lower(?) OR lower('.\SYSTEM\SQL\system_user::FIELD_EMAIL.') LIKE lower(?))'.
' WHERE (UPPER('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE UPPER(?)'.
' AND '.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.' = ?;';
}
}

1
sql/qt/SCHEMA_SYSTEM.php
View File

@ -27,6 +27,7 @@ class SCHEMA_SYSTEM extends \SYSTEM\DB\QI {
(new \SYSTEM\PSQL('/qt/mysql/schema/system_text_tag.sql'))->SERVERPATH(),
(new \SYSTEM\PSQL('/qt/mysql/schema/system_todo.sql'))->SERVERPATH(),
(new \SYSTEM\PSQL('/qt/mysql/schema/system_todo_assign.sql'))->SERVERPATH(),
(new \SYSTEM\PSQL('/qt/mysql/schema/system_token.sql'))->SERVERPATH(),
(new \SYSTEM\PSQL('/qt/mysql/schema/system_user.sql'))->SERVERPATH(),
(new \SYSTEM\PSQL('/qt/mysql/schema/system_user_to_rights.sql'))->SERVERPATH());
}

6
sql/qt/mysql/data/system_api.sql
View File

@ -2,13 +2,13 @@ REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `na
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (11, 0, 0, 10, NULL, 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (20, 0, 2, 11, 'login', 'username', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (21, 0, 2, 11, 'login', 'password_sha', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (22, 0, 2, 11, 'login', 'password_md5', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (21, 0, 2, 11, 'login', 'password_sha1', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (22, 0, 3, 11, 'login', 'locale', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (23, 0, 2, 11, 'check', 'rightid', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (24, 0, 2, 11, 'create', 'username', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (25, 0, 2, 11, 'create', 'password_sha', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (25, 0, 2, 11, 'create', 'password_sha1', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (26, 0, 2, 11, 'create', 'email', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (27, 0, 2, 11, 'create', 'locale', 'LANG');

302
sql/qt/mysql/data/system_sai_api.sql
View File

@ -1,198 +1,198 @@
DELETE FROM `system_api` WHERE `group` = 42;
-- basic
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (0, 42, 0, -1, NULL, 'sai_mod', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1, 42, 1, 0, NULL, 'js', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (2, 42, 1, 0, NULL, 'css', NULL);
-- INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (3, 42, 0, 0, NULL, 'page', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (0, 42, 0, -1, NULL, 'sai_mod', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1, 42, 1, 0, NULL, 'js', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (2, 42, 1, 0, NULL, 'css', NULL);
-- REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (3, 42, 0, 0, NULL, 'page', NULL);
-- system_api
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (10, 42, 0, -1, NULL, 'call', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (11, 42, 0, 10, NULL, 'action', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (20, 42, 2, 11, 'login', 'username', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (21, 42, 2, 11, 'login', 'password_sha', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (22, 42, 2, 11, 'login', 'password_md5', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (23, 42, 2, 11, 'check', 'rightid', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (24, 42, 2, 11, 'create', 'username', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (25, 42, 2, 11, 'create', 'password_sha', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (26, 42, 2, 11, 'create', 'email', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (27, 42, 2, 11, 'create', 'locale', 'LANG');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (30, 42, 2, 10, 'files', 'cat', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (31, 42, 3, 10, 'files', 'id', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (40, 42, 2, 10, 'text', 'request', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (41, 42, 2, 40, 'text', 'lang', 'LANG');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (50, 42, 2, 10, 'pages', 'group', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (51, 42, 2, 10, 'pages', 'state', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (52, 42, 1, 50, NULL, 'js', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (53, 42, 2, 51, NULL, 'group', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (55, 42, 1, 50, NULL, 'css', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (56, 42, 2, 55, NULL, 'group', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (60, 42, 2, 10, 'bug', 'message', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (61, 42, 2, 10, 'bug', 'data', 'JSON');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (70, 42, 2, 10, 'cache', 'id', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (71, 42, 2, 10, 'cache', 'ident', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (90, 42, 4, -1, NULL, '_lang', 'LANG');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (91, 42, 4, -1, NULL, '_result', 'RESULT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (92, 42, 4, -1, NULL, '_escaped_fragment_', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (93, 42, 4, -1, NULL, '_', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (10, 42, 0, -1, NULL, 'call', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (11, 42, 0, 10, NULL, 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (20, 42, 2, 11, 'login', 'username', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (21, 42, 2, 11, 'login', 'password_sha1', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (22, 42, 3, 11, 'login', 'locale', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (23, 42, 2, 11, 'check', 'rightid', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (24, 42, 2, 11, 'create', 'username', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (25, 42, 2, 11, 'create', 'password_sha1', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (26, 42, 2, 11, 'create', 'email', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (27, 42, 2, 11, 'create', 'locale', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (30, 42, 2, 10, 'files', 'cat', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (31, 42, 3, 10, 'files', 'id', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (40, 42, 2, 10, 'text', 'request', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (41, 42, 2, 40, 'text', 'lang', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (50, 42, 2, 10, 'pages', 'group', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (51, 42, 2, 10, 'pages', 'state', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (52, 42, 1, 50, NULL, 'js', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (53, 42, 2, 51, NULL, 'group', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (55, 42, 1, 50, NULL, 'css', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (56, 42, 2, 55, NULL, 'group', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (60, 42, 2, 10, 'bug', 'message', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (61, 42, 2, 10, 'bug', 'data', 'JSON');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (70, 42, 2, 10, 'cache', 'id', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (71, 42, 2, 10, 'cache', 'ident', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (90, 42, 4, -1, NULL, '_lang', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (91, 42, 4, -1, NULL, '_result', 'RESULT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (92, 42, 4, -1, NULL, '_escaped_fragment_', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (93, 42, 4, -1, NULL, '_', 'STRING');
-- specific stuff for mods
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (100, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_login', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (100, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_login', 'action', NULL);
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (101, 42, 2, 100, 'login', 'username', 'ALL');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (102, 42, 2, 100, 'login', 'password_sha', 'ALL');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (103, 42, 2, 100, 'login', 'password_md5', 'ALL');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (101, 42, 2, 100, 'login', 'username', 'ALL');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (102, 42, 2, 100, 'login', 'password_sha', 'ALL');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (103, 42, 2, 100, 'login', 'password_md5', 'ALL');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (110, 42, 2, 100, 'register', 'username', 'ALL');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (111, 42, 2, 100, 'register', 'password', 'ALL');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (112, 42, 2, 100, 'register', 'email', 'ALL');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (113, 42, 3, 100, 'register', 'locale', 'ALL');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (110, 42, 2, 100, 'register', 'username', 'ALL');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (111, 42, 2, 100, 'register', 'password', 'ALL');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (112, 42, 2, 100, 'register', 'email', 'ALL');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (113, 42, 3, 100, 'register', 'locale', 'ALL');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (200, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_log', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (200, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_log', 'action', NULL);
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (201, 42, 3, 200, 'filter', 'filter', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (202, 42, 3, 200, 'filter', 'search', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (203, 42, 3, 200, 'filter', 'page', 'UINT0');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (201, 42, 3, 200, 'filter', 'filter', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (202, 42, 3, 200, 'filter', 'search', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (203, 42, 3, 200, 'filter', 'page', 'UINT0');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (210, 42, 3, 200, 'error', 'error', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (210, 42, 3, 200, 'error', 'error', 'INT');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (220, 42, 0, 200, 'stats', 'name', null);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (221, 42, 3, 220, null, 'filter', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (222, 42, 3, 220, null, 'db', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (220, 42, 0, 200, 'stats', 'name', null);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (221, 42, 3, 220, null, 'filter', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (222, 42, 3, 220, null, 'db', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (300, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_security', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (300, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_security', 'action', NULL);
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (301, 42, 2, 300, 'user', 'username', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (302, 42, 3, 300, 'users', 'filter', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (303, 42, 3, 300, 'users', 'search', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (304, 42, 3, 300, 'users', 'page', 'UINT0');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (301, 42, 2, 300, 'user', 'username', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (302, 42, 3, 300, 'users', 'filter', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (303, 42, 3, 300, 'users', 'search', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (304, 42, 3, 300, 'users', 'page', 'UINT0');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (310, 42, 2, 300, 'addright', 'id', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (311, 42, 2, 300, 'addright', 'name', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (312, 42, 2, 300, 'addright', 'description', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (310, 42, 2, 300, 'addright', 'id', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (311, 42, 2, 300, 'addright', 'name', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (312, 42, 2, 300, 'addright', 'description', 'STRING');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (320, 42, 2, 300, 'deleteright', 'id', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (321, 42, 2, 300, 'deleterightconfirm', 'id', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (320, 42, 2, 300, 'deleteright', 'id', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (321, 42, 2, 300, 'deleterightconfirm', 'id', 'UINT');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (330, 42, 2, 300, 'addrightuser', 'rightid', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (331, 42, 2, 300, 'addrightuser', 'userid', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (330, 42, 2, 300, 'addrightuser', 'rightid', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (331, 42, 2, 300, 'addrightuser', 'userid', 'UINT');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (340, 42, 2, 300, 'deleterightuser', 'rightid', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (341, 42, 2, 300, 'deleterightuser', 'userid', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (340, 42, 2, 300, 'deleterightuser', 'rightid', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (341, 42, 2, 300, 'deleterightuser', 'userid', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (400, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_mod', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (400, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_mod', 'action', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (500, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_config', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (500, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_config', 'action', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (600, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_api', 'action', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (601, 42, 2, 600, 'addcall', 'ID', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (602, 42, 2, 600, 'addcall', 'group', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (603, 42, 2, 600, 'addcall', 'type', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (604, 42, 2, 600, 'addcall', 'parentID', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (605, 42, 2, 600, 'addcall', 'parentValue', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (606, 42, 2, 600, 'addcall', 'name', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (607, 42, 2, 600, 'addcall', 'verify', 'ALL');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (608, 42, 2, 600, 'deletecall', 'ID', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (609, 42, 2, 600, 'deletecall', 'group', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (610, 42, 2, 600, 'deletedialog', 'ID', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (611, 42, 2, 600, 'deletedialog', 'group', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (620, 42, 3, 600, 'list', 'group', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (600, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_api', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (601, 42, 2, 600, 'addcall', 'ID', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (602, 42, 2, 600, 'addcall', 'group', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (603, 42, 2, 600, 'addcall', 'type', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (604, 42, 2, 600, 'addcall', 'parentID', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (605, 42, 2, 600, 'addcall', 'parentValue', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (606, 42, 2, 600, 'addcall', 'name', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (607, 42, 2, 600, 'addcall', 'verify', 'ALL');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (608, 42, 2, 600, 'deletecall', 'ID', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (609, 42, 2, 600, 'deletecall', 'group', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (610, 42, 2, 600, 'deletedialog', 'ID', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (611, 42, 2, 600, 'deletedialog', 'group', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (620, 42, 3, 600, 'list', 'group', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (700, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_text', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (700, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_text', 'action', NULL);
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (703, 42, 3, 700, 'tag', 'tag', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (704, 42, 3, 700, 'tag', 'filter', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (705, 42, 3, 700, 'tag', 'search', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (706, 42, 3, 700, 'tag', 'page', 'UINT0');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (710, 42, 2, 700, 'loadByTag', 'lang', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (703, 42, 3, 700, 'tag', 'tag', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (704, 42, 3, 700, 'tag', 'filter', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (705, 42, 3, 700, 'tag', 'search', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (706, 42, 3, 700, 'tag', 'page', 'UINT0');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (710, 42, 2, 700, 'loadByTag', 'lang', 'LANG');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (712, 42, 2, 700, 'edittext', 'id', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (713, 42, 2, 700, 'edittext', 'lang', 'LANG');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (715, 42, 2, 700, 'editor', 'id', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (716, 42, 2, 700, 'editor', 'lang', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (712, 42, 2, 700, 'edittext', 'id', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (713, 42, 2, 700, 'edittext', 'lang', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (715, 42, 2, 700, 'editor', 'id', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (716, 42, 2, 700, 'editor', 'lang', 'LANG');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (720, 42, 2, 700, 'delete', 'id', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (721, 42, 3, 700, 'delete', 'lang', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (720, 42, 2, 700, 'delete', 'id', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (721, 42, 3, 700, 'delete', 'lang', 'LANG');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (730, 42, 2, 700, 'save', 'id', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (731, 42, 2, 700, 'save', 'new_id', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (732, 42, 2, 700, 'save', 'lang', 'LANG');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (733, 42, 2, 700, 'save', 'tags', 'JSON');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (734, 42, 2, 700, 'save', 'text', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (730, 42, 2, 700, 'save', 'id', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (731, 42, 2, 700, 'save', 'new_id', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (732, 42, 2, 700, 'save', 'lang', 'LANG');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (733, 42, 2, 700, 'save', 'tags', 'JSON');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (734, 42, 2, 700, 'save', 'text', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (800, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_files', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (800, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_files', 'action', NULL);
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (801, 42, 2, 800, 'upload', 'cat', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (801, 42, 2, 800, 'upload', 'cat', 'STRING');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (810, 42, 2, 800, 'del', 'cat', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (811, 42, 2, 800, 'del', 'id', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (810, 42, 2, 800, 'del', 'cat', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (811, 42, 2, 800, 'del', 'id', 'STRING');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (820, 42, 2, 800, 'rn', 'cat', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (821, 42, 2, 800, 'rn', 'id', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (822, 42, 2, 800, 'rn', 'newid', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (820, 42, 2, 800, 'rn', 'cat', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (821, 42, 2, 800, 'rn', 'id', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (822, 42, 2, 800, 'rn', 'newid', 'STRING');
--
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (830, 42, 3, 800, 'tab', 'name', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (830, 42, 3, 800, 'tab', 'name', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (900, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_cache', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (900, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_cache', 'action', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1000, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_todo', 'action', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1001, 42, 2, 1000, 'todo', 'todo', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1002, 42, 2, 1000, 'open', 'todo', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1003, 42, 2, 1000, 'close', 'todo', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1004, 42, 2, 1000, 'add', 'todo', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1005, 42, 2, 1000, 'assign', 'todo', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1006, 42, 2, 1000, 'deassign', 'todo', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1007, 42, 3, 1000, 'deassign', 'user', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1010, 42, 2, 1000, 'edit', 'todo', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1011, 42, 2, 1000, 'edit', 'message', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1015, 42, 2, 1000, 'priority_up', 'todo', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1016, 42, 2, 1000, 'priority_down', 'todo', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1020, 42, 3, 1000, 'todolist', 'filter', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1021, 42, 3, 1000, 'todolist', 'search', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1022, 42, 3, 1000, 'todolist', 'page', 'UINT0');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1025, 42, 3, 1000, 'dotolist', 'filter', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1026, 42, 3, 1000, 'dotolist', 'search', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1027, 42, 3, 1000, 'dotolist', 'page', 'UINT0');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1030, 42, 0, 1000, 'stats', 'name', null);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1031, 42, 3, 1030, null, 'filter', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1000, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_todo', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1001, 42, 2, 1000, 'todo', 'todo', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1002, 42, 2, 1000, 'open', 'todo', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1003, 42, 2, 1000, 'close', 'todo', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1004, 42, 2, 1000, 'add', 'todo', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1005, 42, 2, 1000, 'assign', 'todo', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1006, 42, 2, 1000, 'deassign', 'todo', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1007, 42, 3, 1000, 'deassign', 'user', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1010, 42, 2, 1000, 'edit', 'todo', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1011, 42, 2, 1000, 'edit', 'message', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1015, 42, 2, 1000, 'priority_up', 'todo', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1016, 42, 2, 1000, 'priority_down', 'todo', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1020, 42, 3, 1000, 'todolist', 'filter', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1021, 42, 3, 1000, 'todolist', 'search', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1022, 42, 3, 1000, 'todolist', 'page', 'UINT0');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1025, 42, 3, 1000, 'dotolist', 'filter', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1026, 42, 3, 1000, 'dotolist', 'search', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1027, 42, 3, 1000, 'dotolist', 'page', 'UINT0');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1030, 42, 0, 1000, 'stats', 'name', null);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1031, 42, 3, 1030, null, 'filter', 'UINT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1100, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_docu', 'action', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1101, 42, 3, 1100, 'cat', 'cat', 'STRING');
-- INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1110, 42, 3, 1100, 'doc', 'cat', 'STRING');
-- INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1111, 42, 3, 1100, 'doc', 'doc', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1100, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_docu', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1101, 42, 3, 1100, 'cat', 'cat', 'STRING');
-- REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1110, 42, 3, 1100, 'doc', 'cat', 'STRING');
-- REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1111, 42, 3, 1100, 'doc', 'doc', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1200, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_cron', 'action', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1201, 42, 2, 1200, 'add', 'cls', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1202, 42, 2, 1200, 'add', 'min', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1203, 42, 2, 1200, 'add', 'hour', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1204, 42, 2, 1200, 'add', 'day', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1205, 42, 2, 1200, 'add', 'day_week', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1206, 42, 2, 1200, 'add', 'month', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1208, 42, 2, 1200, 'del', 'cls', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1209, 42, 2, 1200, 'deldialog', 'cls', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1210, 42, 2, 1200, 'change', 'cls', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1211, 42, 2, 1200, 'change', 'status', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1200, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_cron', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1201, 42, 2, 1200, 'add', 'cls', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1202, 42, 2, 1200, 'add', 'min', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1203, 42, 2, 1200, 'add', 'hour', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1204, 42, 2, 1200, 'add', 'day', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1205, 42, 2, 1200, 'add', 'day_week', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1206, 42, 2, 1200, 'add', 'month', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1208, 42, 2, 1200, 'del', 'cls', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1209, 42, 2, 1200, 'deldialog', 'cls', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1210, 42, 2, 1200, 'change', 'cls', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1211, 42, 2, 1200, 'change', 'status', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1300, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_page', 'action', NULL);
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1301, 42, 2, 1300, 'addcall', 'ID', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1302, 42, 2, 1300, 'addcall', 'group', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1303, 42, 2, 1300, 'addcall', 'type', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1304, 42, 2, 1300, 'addcall', 'parentID', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1305, 42, 2, 1300, 'addcall', 'parentValue', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1306, 42, 2, 1300, 'addcall', 'name', 'STRING');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1307, 42, 2, 1300, 'addcall', 'verify', 'ALL');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1308, 42, 2, 1300, 'deletecall', 'ID', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1309, 42, 2, 1300, 'deletecall', 'group', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1310, 42, 2, 1300, 'deletedialog', 'ID', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1311, 42, 2, 1300, 'deletedialog', 'group', 'INT');
INSERT INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1320, 42, 3, 1300, 'list', 'group', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1300, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_page', 'action', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1301, 42, 2, 1300, 'addcall', 'ID', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1302, 42, 2, 1300, 'addcall', 'group', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1303, 42, 2, 1300, 'addcall', 'type', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1304, 42, 2, 1300, 'addcall', 'parentID', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1305, 42, 2, 1300, 'addcall', 'parentValue', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1306, 42, 2, 1300, 'addcall', 'name', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1307, 42, 2, 1300, 'addcall', 'verify', 'ALL');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1308, 42, 2, 1300, 'deletecall', 'ID', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1309, 42, 2, 1300, 'deletecall', 'group', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1310, 42, 2, 1300, 'deletedialog', 'ID', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1311, 42, 2, 1300, 'deletedialog', 'group', 'INT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (1320, 42, 3, 1300, 'list', 'group', 'INT');

14
sql/qt/mysql/schema/system_token.sql Normal file
View File

@ -0,0 +1,14 @@
CREATE TABLE `system_token` (
`token` CHAR(40) NOT NULL,
`class` CHAR(255) NOT NULL,
`expire` TIMESTAMP NULL DEFAULT NULL,
`data` TEXT NULL,
`request_user` INT(11) NULL DEFAULT NULL,
`request_time` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
`confirm_user` INT(11) NULL DEFAULT NULL,
`confirm_time` TIMESTAMP NULL DEFAULT NULL,
PRIMARY KEY (`token`)
)
COLLATE='utf8_general_ci'
ENGINE=InnoDB
;

10
sql/qt/mysql/schema/system_user.sql
View File

@ -1,15 +1,15 @@
CREATE TABLE `system_user` (
`id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`username` CHAR(32) NOT NULL,
`password_sha` CHAR(255) NULL DEFAULT NULL,
`password_md5` CHAR(255) NULL DEFAULT NULL,
`password_sha1` CHAR(40) NULL DEFAULT NULL,
`email` CHAR(255) NOT NULL,
`joindate` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
`locale` CHAR(6) NOT NULL DEFAULT 'enUS',
`last_active` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
`email_confirmed` INT(11) NULL DEFAULT NULL,
`last_active` TIMESTAMP NOT NULL DEFAULT '0000-00-00 00:00:00',
`email_confirmed` INT(11) NULL DEFAULT NULL,
PRIMARY KEY (`id`)
)
COLLATE='utf8_general_ci'
ENGINE=InnoDB
AUTO_INCREMENT=1;
AUTO_INCREMENT=1
;

3
sql/tbl/system_user.php
View File

@ -9,8 +9,7 @@ class system_user {
const FIELD_ID = 'id';
const FIELD_USERNAME = 'username';
const FIELD_PASSWORD_SHA = 'password_sha';
const FIELD_PASSWORD_MD5 = 'password_md5';
const FIELD_PASSWORD_SHA = 'password_sha1';
const FIELD_EMAIL = 'email';
const FIELD_JOINDATE = 'joindate';
const FIELD_LOCALE = 'locale';

8
system/locale.php
View File

@ -8,9 +8,9 @@ class locale {
if(!self::isLang($lang)){
return false;}
\SYSTEM\SECURITY\Security::save(self::SESSION_KEY, $lang);
if(\SYSTEM\SECURITY\Security::isLoggedIn()){
$user = \SYSTEM\SECURITY\Security::getUser();
\SYSTEM\SECURITY\security::save(self::SESSION_KEY, $lang);
if(\SYSTEM\SECURITY\security::isLoggedIn()){
$user = \SYSTEM\SECURITY\security::getUser();
$user->locale = $lang;
\SYSTEM\SQL\SYS_LOCALE_SET_LOCALE::Q1(array($lang, $user->id));
}
@ -19,7 +19,7 @@ class locale {
}
public static function get(){
$value = \SYSTEM\SECURITY\Security::load(self::SESSION_KEY);
$value = \SYSTEM\SECURITY\security::load(self::SESSION_KEY);
if($value == NULL){
return \SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_DEFAULT_LANG);}

7
token/autoload.inc Normal file
View File

@ -0,0 +1,7 @@
<?php
\SYSTEM\autoload::registerFolder(dirname(__FILE__),'SYSTEM\TOKEN');
\SYSTEM\autoload::registerFolder(dirname(__FILE__).'/qq','SYSTEM\SQL');
\SYSTEM\TOKEN\token::register('\SYSTEM\TOKEN\token_change_email');
\SYSTEM\TOKEN\token::register('\SYSTEM\TOKEN\token_confirm_email');
\SYSTEM\TOKEN\token::register('\SYSTEM\TOKEN\token_reset_password');

8
token/qq/BETA_CHECK_CODE.php Normal file
View File

@ -0,0 +1,8 @@
<?php
namespace SQL;
class BETA_CHECK_CODE extends \SYSTEM\DB\QP {
public static function get_class(){return \get_class();}
public static function mysql(){return
'SELECT COUNT(*) as count FROM mojotrollz_beta WHERE code = ? AND user_new IS NULL';
}
}

9
token/qq/BETA_DELETE_CODE.php Normal file
View File

@ -0,0 +1,9 @@
<?php
namespace SQL;
class BETA_DELETE_CODE extends \SYSTEM\DB\QP {
public static function get_class(){return \get_class();}
public static function mysql(){return
'DELETE FROM `mojotrollz_beta`'.
' WHERE code = ?;';
}
}

8
token/qq/SYS_TOKEN_CONFIRM.php Normal file
View File

@ -0,0 +1,8 @@
<?php
namespace SYSTEM\SQL;
class SYS_TOKEN_CONFIRM extends \SYSTEM\DB\QP {
public static function get_class(){return \get_class();}
public static function mysql(){return
'UPDATE system_token SET expire = null, confirm_time = NOW(), confirm_user = ? WHERE token = ?;';
}
}

8
token/qq/SYS_TOKEN_GET.php Normal file
View File

@ -0,0 +1,8 @@
<?php
namespace SYSTEM\SQL;
class SYS_TOKEN_GET extends \SYSTEM\DB\QP {
public static function get_class(){return \get_class();}
public static function mysql(){return
'SELECT * FROM system_token WHERE token = ?;';
}
}

9
token/qq/SYS_TOKEN_INSERT.php Normal file
View File

@ -0,0 +1,9 @@
<?php
namespace SYSTEM\SQL;
class SYS_TOKEN_INSERT extends \SYSTEM\DB\QP {
public static function get_class(){return \get_class();}
public static function mysql(){return
'INSERT INTO system_token (token, class, expire, data, request_user)'.
' VALUES (?, ?, FROM_UNIXTIME(?), ?, ?);';
}
}

45
token/token.php Normal file
View File

@ -0,0 +1,45 @@
<?php
namespace SYSTEM\TOKEN;
class token{
private static $type_handlers = array();
private static function check_handler($handler){
if( !\class_exists($handler) ||
!\is_array($parents = \class_parents($handler)) ||
!\array_search('SYSTEM\TOKEN\token_handler', $handler)){
return false;}
return true;}
public static function register($class){
if(!self::check_handler($class)){
throw new \SYSTEM\LOG\ERROR('Problem with your Token class: '.$class.'; it might not be available or inherits from the wrong class!');}
array_push(self::$type_handlers,$class);}
public static function request($class,$data=null){
if(!\array_search($class, self::$type_handlers)){
throw new \SYSTEM\LOG\ERROR("Token_handler class not known to Token class. Please register it first.");}
$token = \call_user_func(array($class, 'token'));
$res = \SYSTEM\SQL\SYS_TOKEN_INSERT::QI( array( $token, $type,
\call_user_func(array($class, 'expire')),
\call_user_func(array($class, array('data',$data))),
\SYSTEM\SECURITY\security::isLoggedIn() ? \SYSTEM\SECURITY\security::getUser()->id : null));
return $token;
}
public static function confirm($token){
$res = self::get($token);
if(!$res){
throw new \SYSTEM\LOG\ERROR('Token invalid.');}
if(!$res['expire'] || strtotime($res['expire']) < time()){
throw new \SYSTEM\LOG\ERROR('Token has expired!');}
if(!\array_search($res['class'], self::$type_handlers)){
throw new \SYSTEM\LOG\ERROR('Token_handler class not known to Token class. Please register it first.');}
if(!\call_user_func(array($res['class'], array('confirm',$res)))){
throw new \SYSTEM\LOG\ERROR('Token_handler rejected Token.');}
return \SYSTEM\SQL\SYS_TOKEN_CONFIRM::QI(array( \SYSTEM\SECURITY\security::isLoggedIn() ? \SYSTEM\SECURITY\security::getUser()->id : null,
$token));
}
public static function get($token){
return \SYSTEM\SQL\SYS_TOKEN_GET::Q1($token);}
}

12
token/token_change_email.php Normal file
View File

@ -0,0 +1,12 @@
<?php
namespace SYSTEM\TOKEN;
class token_change_email extends token_handler{
public function token(){
return sha1(time().rand(0, 3000));}
public function expire(){
time() + (60 * 60 * 12);}
public function data($data){
return $data;}
public function confirm($token_data){
return true;}
}

12
token/token_confirm_email.php Normal file
View File

@ -0,0 +1,12 @@
<?php
namespace SYSTEM\TOKEN;
class token_confirm_email extends token_handler{
public function token(){
return sha1(time().rand(0, 1000));}
public function expire(){
time() + (60 * 60 * 24 * 3);}
public function data($data){
return $data;}
public function confirm($token_data){
return true;}
}

9
token/token_handler.php Normal file
View File

@ -0,0 +1,9 @@
<?php
namespace SYSTEM\TOKEN;
abstract class token_handler {
abstract public function token();
abstract public function expire();
abstract public function data($data);
abstract public function confirm($token_data);
}

12
token/token_reset_password.php Normal file
View File

@ -0,0 +1,12 @@
<?php
namespace SYSTEM\TOKEN;
class token_reset_password extends token_handler{
public function token(){
return sha1(time().rand(0, 2000));}
public function expire(){
time() + (60 * 60 * 1);}
public function data($data){
return $data;}
public function confirm($token_data){
return true;}
}