From b3420b9f1686bbfb513d3017f86601ffbc01b7bb Mon Sep 17 00:00:00 2001 From: rylon Date: Wed, 25 Sep 2013 06:13:31 +0200 Subject: [PATCH] more stuff for sai todo, security, log, fixes for login, fixed security - now no more dbinfo required --- api/api_login.php | 6 +- .../saimod_sys_cache/saimod_sys_cache.php | 2 +- .../saimod_sys_calls/saimod_sys_calls.php | 2 +- .../saimod_sys_config/saimod_sys_config.php | 2 +- .../saimod_sys_docu/saimod_sys_docu.php | 2 +- .../saimod_sys_locale/saimod_sys_locale.php | 2 +- sai/modules/saimod_sys_log/saimod_sys_log.php | 37 ++++++-- .../saimod_sys_login/sai_sys_login_submit.js | 62 +++++-------- .../saimod_sys_login/saimod_sys_login.php | 18 +++- sai/modules/saimod_sys_mod/saimod_sys_mod.php | 2 +- .../saimod_sys_security.php | 32 ++++++- .../saimod_sys_todo/saimod_sys_todo.php | 88 +++++++++++++++++-- security/Security.php | 56 ++++++------ 13 files changed, 219 insertions(+), 92 deletions(-) diff --git a/api/api_login.php b/api/api_login.php index 14ca004..91918a3 100644 --- a/api/api_login.php +++ b/api/api_login.php @@ -18,13 +18,13 @@ class api_login { */ public static function call_account_action_login($username, $password_sha, $password_md5){ - return \SYSTEM\SECURITY\Security::login(\SYSTEM\system::getSystemDBInfo(), $username, $password_sha, $password_md5);} + return \SYSTEM\SECURITY\Security::login($username, $password_sha, $password_md5);} public static function call_account_action_logout(){ return \SYSTEM\SECURITY\Security::logout();} public static function call_account_action_isloggedin(){ return \SYSTEM\SECURITY\Security::isLoggedIn();} public static function call_account_action_check($rightid){ - return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(),$rightid);} + return \SYSTEM\SECURITY\Security::check($rightid);} public static function call_account_action_create($username, $password_sha, $email, $locale){ - return \SYSTEM\SECURITY\Security::create(\SYSTEM\system::getSystemDBInfo(), $username, $password_sha, $email, $locale);} + return \SYSTEM\SECURITY\Security::create($username, $password_sha, $email, $locale);} } \ No newline at end of file diff --git a/sai/modules/saimod_sys_cache/saimod_sys_cache.php b/sai/modules/saimod_sys_cache/saimod_sys_cache.php index ded95da..cdeb845 100644 --- a/sai/modules/saimod_sys_cache/saimod_sys_cache.php +++ b/sai/modules/saimod_sys_cache/saimod_sys_cache.php @@ -41,7 +41,7 @@ class saimod_sys_cache extends \SYSTEM\SAI\SaiModule { public static function html_li_menu(){return '
  • Cache
    • ';} public static function right_public(){return false;} - public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI);} + public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);} public static function sai_mod__SYSTEM_SAI_saimod_sys_cache_flag_css(){} public static function sai_mod__SYSTEM_SAI_saimod_sys_cache_flag_js(){} diff --git a/sai/modules/saimod_sys_calls/saimod_sys_calls.php b/sai/modules/saimod_sys_calls/saimod_sys_calls.php index c05d5e5..a500259 100644 --- a/sai/modules/saimod_sys_calls/saimod_sys_calls.php +++ b/sai/modules/saimod_sys_calls/saimod_sys_calls.php @@ -38,7 +38,7 @@ class saimod_sys_calls extends \SYSTEM\SAI\SaiModule { public static function html_li_menu(){return '
  • API Calls
    • ';} public static function right_public(){return false;} - public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI);} + public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);} public static function sai_mod__SYSTEM_SAI_saimod_sys_calls_flag_css(){} public static function sai_mod__SYSTEM_SAI_saimod_sys_calls_flag_js(){} diff --git a/sai/modules/saimod_sys_config/saimod_sys_config.php b/sai/modules/saimod_sys_config/saimod_sys_config.php index 98847b1..fef116e 100644 --- a/sai/modules/saimod_sys_config/saimod_sys_config.php +++ b/sai/modules/saimod_sys_config/saimod_sys_config.php @@ -30,7 +30,7 @@ class saimod_sys_config extends \SYSTEM\SAI\SaiModule { } public static function html_li_menu(){return '
  • Config
    • ';} public static function right_public(){return false;} - public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI);} + public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);} public static function sai_mod__SYSTEM_SAI_saimod_sys_config_flag_css(){} public static function sai_mod__SYSTEM_SAI_saimod_sys_config_flag_js(){} diff --git a/sai/modules/saimod_sys_docu/saimod_sys_docu.php b/sai/modules/saimod_sys_docu/saimod_sys_docu.php index 265fc13..8f8e73f 100644 --- a/sai/modules/saimod_sys_docu/saimod_sys_docu.php +++ b/sai/modules/saimod_sys_docu/saimod_sys_docu.php @@ -8,7 +8,7 @@ class saimod_sys_docu extends \SYSTEM\SAI\SaiModule { public static function html_li_menu(){return '
  • Docu
    • ';} public static function right_public(){return false;} - public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI);} + public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);} public static function sai_mod__SYSTEM_SAI_saimod_sys_docu_flag_css(){} public static function sai_mod__SYSTEM_SAI_saimod_sys_docu_flag_js(){} diff --git a/sai/modules/saimod_sys_locale/saimod_sys_locale.php b/sai/modules/saimod_sys_locale/saimod_sys_locale.php index 1b0dd78..fc789b8 100644 --- a/sai/modules/saimod_sys_locale/saimod_sys_locale.php +++ b/sai/modules/saimod_sys_locale/saimod_sys_locale.php @@ -88,7 +88,7 @@ class saimod_sys_locale extends \SYSTEM\SAI\SaiModule { public static function html_li_menu(){return '
  • DB Text
    • ';} public static function right_public(){return false;} - public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI);} + public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);} public static function sai_mod__SYSTEM_SAI_saimod_sys_locale_flag_css(){} public static function sai_mod__SYSTEM_SAI_saimod_sys_locale_flag_js(){ diff --git a/sai/modules/saimod_sys_log/saimod_sys_log.php b/sai/modules/saimod_sys_log/saimod_sys_log.php index 6bdd195..d6bb278 100644 --- a/sai/modules/saimod_sys_log/saimod_sys_log.php +++ b/sai/modules/saimod_sys_log/saimod_sys_log.php @@ -6,7 +6,7 @@ namespace SYSTEM\SAI; class saimod_sys_log extends \SYSTEM\SAI\SaiModule { private static function truncate_syslog(){ - if(\SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI)){ + if(\SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI)){ $con = new \SYSTEM\DB\Connection(\SYSTEM\system::getSystemDBInfo()); $res = $con->query('TRUNCATE system.sys_log;'); return true; @@ -41,13 +41,13 @@ class saimod_sys_log extends \SYSTEM\SAI\SaiModule { $now = microtime(true); $result = '
    '. - ''.''.''.''.''.''.''.''.''.''; + ''.''.''.''.''.''.''.''.''.''; while($r = $res->next()){ //TODO make time conversion on database if(\SYSTEM\system::isSystemDbInfoPG()){ - $result .= ''.''.''.''.''.''.''.''.''.''.''; + $result .= ''.''.''.''.''.''.''.''.''.''.''; } else { - $result .= ''.''.''.''.''.''.''.''.''.''.''; + $result .= ''.''.''.''.''.''.''.''.''.''.''; } } $result .= '
    '.'time ago in sec'.''.'time'.''.'class'.''.'message'.''.'code'.''.'file'.''.'line'.''.'ip'.''.'querytime'.'
    '.'time ago'.''.'time'.''.'class'.''.'message'.''.'code'.''.'file'.''.'line'.''.'ip'.''.'querytime'.'
    '.(int)($now - strtotime($r['time'])).''.$r['time'].''.$r['class'].''.$r['message'].''.$r['code'].''.$r['file'].''.$r['line'].''.$r['ip'].''.$r['querytime'].'
    '.self::time_elapsed_string(strtotime($r['time'])).''.$r['time'].''.$r['class'].''.$r['message'].''.$r['code'].''.$r['file'].''.$r['line'].''.$r['ip'].''.$r['querytime'].'
    '.(int)($now - $r['time']).''.$r['time'].''.$r['class'].''.$r['message'].''.$r['code'].''.$r['file'].''.$r['line'].''.$r['ip'].''.$r['querytime'].'
    '.self::time_elapsed_string($r['time']).''.$r['time'].''.$r['class'].''.$r['message'].''.$r['code'].''.$r['file'].''.$r['line'].''.$r['ip'].''.$r['querytime'].'
    '; @@ -56,6 +56,33 @@ class saimod_sys_log extends \SYSTEM\SAI\SaiModule { } + private static function time_elapsed_string($ptime) + { + $etime = time() - $ptime; + + if ($etime < 1) + { + return '0 seconds'; + } + + $a = array( 12 * 30 * 24 * 60 * 60 => 'year', + 30 * 24 * 60 * 60 => 'month', + 24 * 60 * 60 => 'day', + 60 * 60 => 'hour', + 60 => 'minute', + 1 => 'second' + ); + + foreach ($a as $secs => $str) + { + $d = $etime / $secs; + if ($d >= 1) + { + $r = round($d); + return $r . ' ' . $str . ($r > 1 ? 's' : '') . ' ago'; + } + } + } public static function sai_mod__SYSTEM_SAI_saimod_sys_log(){ @@ -124,7 +151,7 @@ class saimod_sys_log extends \SYSTEM\SAI\SaiModule { public static function html_li_menu(){return '
  • Log
    • ';} public static function right_public(){return false;} - public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI);} + public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);} public static function sai_mod__SYSTEM_SAI_saimod_sys_log_flag_css(){} public static function sai_mod__SYSTEM_SAI_saimod_sys_log_flag_js(){ diff --git a/sai/modules/saimod_sys_login/sai_sys_login_submit.js b/sai/modules/saimod_sys_login/sai_sys_login_submit.js index 2ee1d29..a3c5978 100644 --- a/sai/modules/saimod_sys_login/sai_sys_login_submit.js +++ b/sai/modules/saimod_sys_login/sai_sys_login_submit.js @@ -32,25 +32,27 @@ function init__SYSTEM_SAI_saimod_sys_login() { } }); - $.getJSON('./?module=user&action=area&getUserDetails=1', function(data){ - $('#user_email_input').attr('value', data.email); - $('span#user_username').text(data.username); - $('span#user_email').text(data.email); - $('span#user_joindate').text(data.joindate); - $('span#user_last_active').text(new Date(data.last_active * 1000).toString('yyyy-MM-dd h:mm:ss')); - $('span#user_locale').text(data.locale); + $.getJSON(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_login&action=userinfo', function(data){ + if(data){ + $('#user_email_input').attr('value', data.email); + $('span#user_username').text(data.username); + $('span#user_email').text(data.email); + $('span#user_joindate').text(data.joindate); + $('span#user_last_active').text(new Date(data.last_active * 1000).toString('yyyy-MM-dd h:mm:ss')); + $('span#user_locale').text(data.locale); + } }); $("#register_link").click(function(){ - $('div#content-wrapper').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_login&action=registerform'); + $('div#content-wrapper').load(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_login&action=registerform',function(){ + init__SYSTEM_SAI_saimod_sys_login_register(); + }); }); - - $('#btn_user_registration_cancel').click(function(){ - $('#site-content-wrapper').slideUp('slow'); - site_content_is_visible = false; - showNavbarControls(); - $('#navigation-left').children().children().removeClass('active'); - $("#map-link").parent().attr('class', 'active'); +}; + +function init__SYSTEM_SAI_saimod_sys_login_register(){ + $('#btn_user_registration_cancel').click(function(){ + loadModuleContent('.SYSTEM.SAI.saimod_sys_login'); }); @@ -58,7 +60,7 @@ function init__SYSTEM_SAI_saimod_sys_login() { $("#register_user_form input").not("[type=submit]").jqBootstrapValidation({ preventSubmit: true, submitError: function (form, event, errors) {}, - submitSuccess: function($form, event){ + submitSuccess: function($form, event){ var username = document.getElementById('register_username').value; var email = document.getElementById('register_email').value; var password = document.getElementById('user_register_password2').value; @@ -71,33 +73,17 @@ function init__SYSTEM_SAI_saimod_sys_login() { } } + //alert(SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_login&action=register&username='+username+'&password_sha='+$.sha1(password)+'&password_md5='+$.md5(password)+'&email='+email+'&locale='+locale); $.ajax({ dataType: "json", - url: SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_login&action=register&username='+username+'&password_sha='+$.sha1(password)+'&email='+email+'&locale='+locale, + url: SAI_ENDPOINT+'sai_mod=.SYSTEM.SAI.saimod_sys_login&action=register&username='+username+'&password='+$.sha1(password)+'&email='+email+'&locale='+locale, data: null, - success: function (dataCreate) { - if(dataCreate.status === true){ // reload -> user will be loged in + success: function (dataCreate) { + if(dataCreate === 1){ // reload -> user will be loged in window.location.href = location.href.replace(/#/g, ""); }else{ // show errors - var result = dataCreate.result; - var code = result.code; - var msg = result.message; - - switch (code){ - case 1: // username invalid - case 2: // username already exists - $('#register-help-block-username').html(''); - break; - case 3: // invalid email - $('#register-help-block-email').html(''); - break; - case 4: //registration failed - alert(msg); - break; - default: - break; - } + //todo } } }); @@ -105,4 +91,4 @@ function init__SYSTEM_SAI_saimod_sys_login() { event.preventDefault(); } }); -}; \ No newline at end of file +} \ No newline at end of file diff --git a/sai/modules/saimod_sys_login/saimod_sys_login.php b/sai/modules/saimod_sys_login/saimod_sys_login.php index 5a44e8a..4ecba1f 100644 --- a/sai/modules/saimod_sys_login/saimod_sys_login.php +++ b/sai/modules/saimod_sys_login/saimod_sys_login.php @@ -11,7 +11,7 @@ class saimod_sys_login extends \SYSTEM\SAI\SaiModule { $vars['loginPassword'] = 'Password'; $vars['login_username_too_short'] = 'Username to short.'; $vars['login_password_too_short'] = 'Password to short.'; - $vars['isadmin'] = \SYSTEM\SECURITY\Security::check(new \DBD\dasensePostgres(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI) ? "yes" : "no"; + $vars['isadmin'] = \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI) ? "yes" : "no"; $vars = array_merge($vars, \SYSTEM\locale::getStrings(\DBD\locale_string::VALUE_CATEGORY_DASENSE_USERSTATISTICS)); if(\SYSTEM\SECURITY\Security::isLoggedIn()){ @@ -23,9 +23,19 @@ class saimod_sys_login extends \SYSTEM\SAI\SaiModule { public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_logout(){ return \SYSTEM\SECURITY\Security::logout();} public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_login($username,$password_sha,$password_md5){ - return \SYSTEM\SECURITY\Security::login(new \DBD\dasensePostgres(), $username, $password_sha, $password_md5);} - public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_register($username,$password_sha,$password_md5,$email, $locale = 'deDE'){ - return \SYSTEM\SECURITY\Security::create(new \DBD\dasensePostgres(), $username, $password_sha, $password_md5, $email, $locale);} + return \SYSTEM\SECURITY\Security::login($username, $password_sha, $password_md5);} + public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_register($username,$password,$email, $locale = 'deDE'){ + return \SYSTEM\SECURITY\Security::create($username, $password, $email, $locale);} + public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_userinfo(){ + $user = \SYSTEM\SECURITY\Security::getUser(); + if(!$user){ + return;} + return json_encode(array( 'username' => $user->username, + 'email' => $user->email, + 'joindate' => $user->creationDate, + 'locale' => $user->locale, + 'last_active' => $user->lastLoginDate)); + } public static function sai_mod__SYSTEM_SAI_saimod_sys_login_action_registerform(){ $vars = \SYSTEM\locale::getStrings(\DBD\locale_string::VALUE_CATEGORY_DASENSE); diff --git a/sai/modules/saimod_sys_mod/saimod_sys_mod.php b/sai/modules/saimod_sys_mod/saimod_sys_mod.php index b974a90..2ea5133 100644 --- a/sai/modules/saimod_sys_mod/saimod_sys_mod.php +++ b/sai/modules/saimod_sys_mod/saimod_sys_mod.php @@ -37,7 +37,7 @@ class saimod_sys_mod extends \SYSTEM\SAI\SaiModule { public static function html_li_menu(){return '
  • SAI Mods
    • ';} public static function right_public(){return false;} - public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI);} + public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);} public static function sai_mod__SYSTEM_SAI_saimod_sys_mod_flag_css(){} public static function sai_mod__SYSTEM_SAI_saimod_sys_mod_flag_js(){ diff --git a/sai/modules/saimod_sys_security/saimod_sys_security.php b/sai/modules/saimod_sys_security/saimod_sys_security.php index ed07424..68b3aa7 100644 --- a/sai/modules/saimod_sys_security/saimod_sys_security.php +++ b/sai/modules/saimod_sys_security/saimod_sys_security.php @@ -38,7 +38,7 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule { $result = ''. ''.''.''.''.''.''.''.''.''.''; while($r = $res->next()){ - $result .= ''.''.''.''.''.''.''.''.''.''; + $result .= ''.''.''.''.''.''.''.''.''.''; } $result .= '
    '.'ID'.''.'Username'.''.'E-Mail'.''.'JoinDate'.''.'Locale'.''.'Last Active'.''.'Flag'.''.'Rights'.'reset password
    '.$r['id'].''.$r['username'].' '.''.$r['email'].''.$r['joindate'].''.$r['locale'].''.$r['last_active'].''.$r['account_flag'].''.''.'
    '.$r['id'].''.$r['username'].''.$r['email'].''.$r['joindate'].''.$r['locale'].''.self::time_elapsed_string($r['last_active']).''.$r['account_flag'].''.''.'
    '; return $result; @@ -65,9 +65,37 @@ class saimod_sys_security extends \SYSTEM\SAI\SaiModule { return 'error'; } + private static function time_elapsed_string($ptime) + { + $etime = time() - $ptime; + + if ($etime < 1) + { + return '0 seconds'; + } + + $a = array( 12 * 30 * 24 * 60 * 60 => 'year', + 30 * 24 * 60 * 60 => 'month', + 24 * 60 * 60 => 'day', + 60 * 60 => 'hour', + 60 => 'minute', + 1 => 'second' + ); + + foreach ($a as $secs => $str) + { + $d = $etime / $secs; + if ($d >= 1) + { + $r = round($d); + return $r . ' ' . $str . ($r > 1 ? 's' : '') . ' ago'; + } + } + } + public static function html_li_menu(){return '
  • Security
    • ';} public static function right_public(){return false;} - public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI);} + public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);} public static function sai_mod__SYSTEM_SAI_saimod_sys_security_flag_css(){return \SYSTEM\LOG\JsonResult::toString( array(\SYSTEM\WEBPATH(new \SYSTEM\PSAI(),'modules/saimod_sys_security/saimod_sys_security.css')));} diff --git a/sai/modules/saimod_sys_todo/saimod_sys_todo.php b/sai/modules/saimod_sys_todo/saimod_sys_todo.php index f44b727..8fb4341 100644 --- a/sai/modules/saimod_sys_todo/saimod_sys_todo.php +++ b/sai/modules/saimod_sys_todo/saimod_sys_todo.php @@ -2,20 +2,92 @@ namespace SYSTEM\SAI; class saimod_sys_todo extends \SYSTEM\SAI\SaiModule { - public static function sai_mod__SYSTEM_SAI_saimod_sys_todo(){ + public static function sai_mod__SYSTEM_SAI_saimod_sys_todo(){ + $con = new \SYSTEM\DB\Connection(\SYSTEM\system::getSystemDBInfo()); + if(\SYSTEM\system::isSystemDbInfoPG()){ + $res = $con->query('SELECT * FROM system.todo LEFT JOIN system_user ON system_todo.author = system_user.ID ORDER BY state, time DESC;'); + } else { + $res = $con->query('SELECT * FROM system_todo LEFT JOIN system_user ON system_todo.author = system_user.ID ORDER BY state, time DESC;'); + } $result = '
    '. - ''.''.''.''.''.''.''.''.''.''.''.''. - ''.''.''.''.''.''.''.''.''.''.''. - ''.''.''.''.''.''.''.''.''.''.''. - ''.''.''.''.''.''.''.''.''.''.''. - ''.''.''.''.''.''.''.''.''.''.''. - ''.''.''.''.''.''.''.''.''.''.''; + ''.''.''.''.''.''.''.''.''.''; + while($row = $res->next()){ + $result .= ''. + ''.''. + ''. + ''. + ''. + ''. + ''. + ''.''; + } + $result .= '
    '.'time ago in days'.''.'time'.''.'reporttype'.''.'message'.''.'suggestion'.''.'additional sources'.''.'author'.''.'assigned'.''.'state of todo(closed/in progress)'.''.'action'.'
    '.'5d'.''.'5days ago obviously'.''.'Feature Request'.''.'Do some new stuff the old stuff sucks.'.''.'not a valid field for this type of report(ment for error suggestions)'.''.'http:... here some fancy examples what i want'.''.'Mr. Pink'.''.'I_S and many more'.''.'in progress'.''.''.''.''.''.'
    '.'5d'.''.'5days ago obviously'.''.'Bugreport'.''.'Do some new stuff the old stuff sucks.'.''.'not a valid field for this type of report(ment for error suggestions)'.''.'http:... here some fancy examples what i want'.''.'Mr. Pink'.''.'I_S and many more'.''.'in progress'.''.''.''.''.''.'
    '.'5d'.''.'5days ago obviously'.''.'Unasigned Category - what is this?'.''.'Do some new stuff the old stuff sucks.'.''.'not a valid field for this type of report(ment for error suggestions)'.''.'http:... here some fancy examples what i want'.''.'Mr. Pink'.''.'I_S and many more'.''.'in progress'.''.''.''.''.''.'
    '.'5d'.''.'5days ago obviously'.''.'Closed FR/BR/OT'.''.'Do some new stuff the old stuff sucks.'.''.'not a valid field for this type of report(ment for error suggestions)'.''.'http:... here some fancy examples what i want'.''.'Mr. Pink'.''.'I_S and many more'.''.'in progress'.''.''.''.''.''.'
    '.'5d'.''.'5days ago obviously'.''.'Note/Reminder'.''.'Do some new stuff the old stuff sucks.'.''.'not a valid field for this type of report(ment for error suggestions)'.''.'http:... here some fancy examples what i want'.''.'Mr. Pink'.''.'I_S and many more'.''.'in progress'.''.''.''.''.''.'
    '.'Time ago'.''.'Time'.''.'Reporttype'.''.'Message'.''.'Author'.''.'Assigned'.''.'State'.''.'Action'.'
    '.self::time_elapsed_string(strtotime($row['time'])).''.$row['time'].''.self::reporttype($row['type']).''.$row['msg_1'].''.$row['username'].''.'I_S and many more'.''.self::state($row['state']).''. self::statebtn($row['state']). + ''. + ''. + ''.'
    '; return $result; } + private static function time_elapsed_string($ptime) + { + $etime = time() - $ptime; + + if ($etime < 1) + { + return '0 seconds'; + } + + $a = array( 12 * 30 * 24 * 60 * 60 => 'year', + 30 * 24 * 60 * 60 => 'month', + 24 * 60 * 60 => 'day', + 60 * 60 => 'hour', + 60 => 'minute', + 1 => 'second' + ); + + foreach ($a as $secs => $str) + { + $d = $etime / $secs; + if ($d >= 1) + { + $r = round($d); + return $r . ' ' . $str . ($r > 1 ? 's' : '') . ' ago'; + } + } + } + + private static function state($state){ + if($state == 1){ + return 'Closed';} + return 'Open';} + + private static function statebtn($state){ + if($state == 1){ + return '';} + return '';} + + private static function reporttype($type){ + switch($type){ + case 0: return 'Feature Request'; + case 1: return 'Error Report'; + case 2: return 'Unasigned Category'; + default: return 'Note'; + } + } + + private static function trclassbytype($type){ + switch($type){ + case 0: return 'info'; + case 1: return 'error'; + case 2: return 'warning'; + case 3: return 'success'; + default: return ''; + } + } + public static function html_li_menu(){return '
  • ToDo
    • ';} public static function right_public(){return false;} - public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\system::getSystemDBInfo(), \SYSTEM\SECURITY\RIGHTS::SYS_SAI);} + public static function right_right(){return \SYSTEM\SECURITY\Security::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI);} public static function sai_mod__SYSTEM_SAI_saimod_sys_todo_flag_css(){} public static function sai_mod__SYSTEM_SAI_saimod_sys_todo_flag_js(){} diff --git a/security/Security.php b/security/Security.php index ce421f5..61eb2ca 100644 --- a/security/Security.php +++ b/security/Security.php @@ -15,14 +15,14 @@ class Security { const AVAILABLE_FAIL = false; const AVAILABLE_OK = true; - public static function create(\SYSTEM\DB\DBInfo $dbinfo, $username, $password, $email, $locale, $advancedResult=false, $checkAvailable = true){ + public static function create($username, $password, $email, $locale, $advancedResult=false, $checkAvailable = true){ self::startSession(); // check availability of username (in non-compatibility mode, otherwise it is already checked in DasenseAccount) - if($checkAvailable && !self::available($dbinfo, $username)){ + if($checkAvailable && !self::available($username)){ return self::REGISTER_FAIL;} - $con = new \SYSTEM\DB\Connection($dbinfo); + $con = new \SYSTEM\DB\Connection(\SYSTEM\system::getSystemDBInfo()); if(\SYSTEM\system::isSystemDbInfoPG()){ $result = $con->prepare('createAccountStmt','INSERT INTO '.\SYSTEM\DBD\UserTable::NAME_PG. ' ('.\SYSTEM\DBD\UserTable::FIELD_USERNAME.','.\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA.',' @@ -37,16 +37,16 @@ class Security { array( $username , $password, $email, $locale, 1 )); } - if( !$result || !self::login($dbinfo, $username, $password, $locale)){ + if( !$result || !self::login($username, $password, $locale)){ return self::REGISTER_FAIL;} return ($advancedResult ? $result->next() : self::REGISTER_OK); } - public static function changePassword(\SYSTEM\DB\DBInfo $dbinfo, $username, $password_sha_old, $password_sha_new){ + public static function changePassword($username, $password_sha_old, $password_sha_new){ - $con = new \SYSTEM\DB\Connection($dbinfo); + $con = new \SYSTEM\DB\Connection(\SYSTEM\system::getSystemDBInfo()); if(\SYSTEM\system::isSystemDbInfoPG()){ $result = $con->prepare('', 'SELECT id FROM '.\SYSTEM\DBD\UserTable::NAME_PG. @@ -77,18 +77,16 @@ class Security { return 1; } - - - - public static function login(\SYSTEM\DB\DBInfo $dbinfo, $username, $password_sha, $password_md5, $locale=NULL, $advancedResult=false, $password_sha_new=NULL){ + + public static function login($username, $password_sha, $password_md5, $locale=NULL, $advancedResult=false, $password_sha_new=NULL){ self::startSession(); if(!isset($password_sha)){ - self::trackLogins($dbinfo, NULL, self::LOGIN_FAIL); + self::trackLogins(NULL, self::LOGIN_FAIL); $_SESSION['user'] = NULL; return self::LOGIN_FAIL;} - $con = new \SYSTEM\DB\Connection($dbinfo); + $con = new \SYSTEM\DB\Connection(\SYSTEM\system::getSystemDBInfo()); if(isset($password_md5)){ if(\SYSTEM\system::isSystemDbInfoPG()){ $result = $con->prepare('loginAccountStmt', @@ -141,12 +139,18 @@ class Security { }else{ $pw = $password_sha; } - - $res = $con->prepare( 'updatePasswordSHAStmt', - 'UPDATE '.\SYSTEM\DBD\UserTable::NAME_PG.' SET '.\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA.' = $1 WHERE '.\SYSTEM\DBD\UserTable::FIELD_ID.' = $2'.' RETURNING '.\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA.';', - array($pw,$row[\SYSTEM\DBD\UserTable::FIELD_ID])); + unset($result); + if(\SYSTEM\system::isSystemDbInfoPG()){ + $res = $con->prepare( 'updatePasswordSHAStmt', + 'UPDATE '.\SYSTEM\DBD\UserTable::NAME_PG.' SET '.\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA.' = $1 WHERE '.\SYSTEM\DBD\UserTable::FIELD_ID.' = $2'.' RETURNING '.\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA.';', + array($pw,$row[\SYSTEM\DBD\UserTable::FIELD_ID])); + }else{ + $res = $con->prepare( 'updatePasswordSHAStmt', + 'UPDATE '.\SYSTEM\DBD\UserTable::NAME_MYS.' SET '.\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA.' = ? WHERE '.\SYSTEM\DBD\UserTable::FIELD_ID.' = ?'.';', + array($pw,$row[\SYSTEM\DBD\UserTable::FIELD_ID])); + } $res = $res->next(); - $row[\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA] = $res[\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA]; + $row[\SYSTEM\DBD\UserTable::FIELD_PASSWORD_SHA] = $pw; } // set session variables @@ -163,12 +167,12 @@ class Security { if(isset($locale)){ \SYSTEM\locale::set($locale);} // track succesful user login - self::trackLogins($dbinfo, $row[\SYSTEM\DBD\UserTable::FIELD_ID]); + self::trackLogins($row[\SYSTEM\DBD\UserTable::FIELD_ID]); return ($advancedResult ? $row : self::LOGIN_OK); } - private static function trackLogins(\SYSTEM\DB\DBInfo $dbinfo, $userID){ - $con = new \SYSTEM\DB\Connection($dbinfo); + private static function trackLogins($userID){ + $con = new \SYSTEM\DB\Connection(\SYSTEM\system::getSystemDBInfo()); if(\SYSTEM\system::isSystemDbInfoPG()){ $con->prepare( 'trackLoginAccountStmt', 'UPDATE '.\SYSTEM\DBD\UserTable::NAME_PG.' SET '.\SYSTEM\DBD\UserTable::FIELD_LAST_ACTIVE.'= to_timestamp($1) '. @@ -192,8 +196,8 @@ class Security { * * @param String $username */ - public static function available(\SYSTEM\DB\DBInfo $dbinfo, $username){ - $con = new \SYSTEM\DB\Connection($dbinfo); + public static function available($username){ + $con = new \SYSTEM\DB\Connection(\SYSTEM\system::getSystemDBInfo()); if(\SYSTEM\system::isSystemDbInfoPG()){ $res = $con->prepare( 'availableStmt', 'SELECT COUNT(*) as count FROM '.\SYSTEM\DBD\UserTable::NAME_PG. @@ -215,14 +219,14 @@ class Security { } //checks for a right for a logged in user - public static function check(\SYSTEM\DB\DBInfo $dbinfo, $rightid){ + public static function check($rightid){ //Not logged in? Go away. //If you think you need rights for your guests ur doing smth wrong ;-) $user = null; if(!($user = self::getUser())){ return false;} - $con = new \SYSTEM\DB\Connection($dbinfo); + $con = new \SYSTEM\DB\Connection(\SYSTEM\system::getSystemDBInfo()); if(\SYSTEM\system::isSystemDbInfoPG()){ $res = $con->prepare( 'security_check', 'SELECT COUNT(*) as count FROM '.\SYSTEM\DBD\UserRightsTable::NAME_PG. @@ -271,12 +275,12 @@ class Security { } //This functions is called from \SYSTEM\locale::set() - public static function _db_setLocale($dbinfo, $lang){ + public static function _db_setLocale($lang){ $user = self::getUser(); if(!$user){ throw new \SYSTEM\LOG\ERROR("You need to be logged in");} - $con = new \SYSTEM\DB\Connection($dbinfo); + $con = new \SYSTEM\DB\Connection(\SYSTEM\system::getSystemDBInfo()); if(\SYSTEM\system::isSystemDbInfoPG()){ $res = $con->prepare( 'updateUserLocaleStmt', 'UPDATE '.\SYSTEM\DBD\UserTable::NAME_PG.' SET '.\SYSTEM\DBD\UserTable::FIELD_LOCALE.' = $1 '.