diff options
Diffstat (limited to 'app/model')
| -rw-r--r-- | app/model/auth.mod.php | 115 | ||||
| -rw-r--r-- | app/model/common.mod.php | 497 | ||||
| -rw-r--r-- | app/model/dashboard.mod.php | 29 | ||||
| -rw-r--r-- | app/model/deauth.mod.php | 31 | ||||
| -rw-r--r-- | app/model/deleteacct.mod.php | 63 | ||||
| -rw-r--r-- | app/model/except.mod.php | 30 | ||||
| -rw-r--r-- | app/model/master.mod.php | 56 | ||||
| -rw-r--r-- | app/model/obj.mod.php | 30 | ||||
| -rw-r--r-- | app/model/sysconf.mod.php | 93 |
9 files changed, 0 insertions, 944 deletions
diff --git a/app/model/auth.mod.php b/app/model/auth.mod.php deleted file mode 100644 index 000db95..0000000 --- a/app/model/auth.mod.php +++ /dev/null @@ -1,115 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "model/common.mod.php"; -require_once "class/user.class.php"; -require_once "class/form.class.php"; -require_once "class/setting.class.php"; - -class AuthModel extends CommonModel -{ - /* - * Default action - */ - function deflt() - { - $userTbl = new User(); - - if (count($userTbl->getAllUsers_orderByName()) == 0) - { - $this->noaccounts = true; - $this->activeTab['signup'] = "in active"; - $this->tabSwap = false; - } - - else - { - $this->activeTab['login'] = "in active"; - $this->tabSwap = Setting::allowPublicSignup(); - } - } - - /* - * Attempt to register a new account - */ - function signup($input) - { - $userTbl = new User(); - - if (!Setting::allowPublicSignup() && count($userTbl->getAllUsers_orderByName()) > 0) - { - $this->logError("You may not signup at this time"); - return; - } - - $form = new Form(); - $form->field_text("username"); - $form->field_text("password", null, false); - $form->field_text("cPassword", null, false); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - if ($form->password != $form->cPassword) - { - $this->logError("Passwords do not match"); - return; - } - - $user = new User(); - - if (!$user->createNewUser($form->username, $form->password)) - { - $this->logError("Your requested username is already in use"); - return; - } - - $this->setCurrentUser($user); - $this->redirectTo($this->ap() . "/"); - } - - /* - * Attempt to login - */ - function login($input) - { - $form = new Form(); - $form->field_text("username"); - $form->field_text("password", null, false); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - $user = new User(); - - if (!($user->initByUsername($form->username) && $user->validatePassword($form->password))) - { - $this->logError("Username or password is incorrect"); - return; - } - - $this->setCurrentUser($user); - $this->redirectTo($this->ap() . "/"); - } -} - -?> diff --git a/app/model/common.mod.php b/app/model/common.mod.php deleted file mode 100644 index 6cba871..0000000 --- a/app/model/common.mod.php +++ /dev/null @@ -1,497 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "model/master.mod.php"; -require_once "class/form.class.php"; -require_once "class/setting.class.php"; -require_once "class/object.class.php"; -require_once "class/user.class.php"; -require_once "class/group.class.php"; - -class CommonModel extends MasterModel -{ - var $HEAD_IMG_MAX_SIZE = 1048576; // 1MB - var $HEAD_IMG_MIME = array( - "image/jpg", - "image/jpeg" - ); - - /* - * Constructor - */ - function __construct($guid = null) - { - parent::__construct(); - $this->first_setting_tab_active = 0; - $this->first_setting_tab_disp = 0; - $this->common_handleFormSubmissions($_REQUEST['input'], $_FILES['attachment']); - - if (!is_null($guid)) - { - $this->obj = new DBObject($guid); - $this->owner = $this->obj->getOwner(); - $this->members = $this->obj->getMembers(); - } - - $this->common_deflt(); - } - - /* - * Default action - */ - function common_deflt() - { - global $_SCROTT; - - /* Admin settings tab */ - if ($_SCROTT['settSSL'] != "neither") - { - $this->common_settingAdminSettSSLChecked[$_SCROTT['settSSL']] = "checked"; - $this->common_settingAdminSettSSLDisabled = "disabled"; - } - else - $this->common_settingAdminSettSSLChecked[Setting::settSSL()] = "checked"; - - if (Setting::allowPublicSignup()) - $this->common_settingAdminAllowPublicSignupChecked = "checked"; - - /* Admin all-users settings tab */ - $userTbl = new User(); - $this->common_settingAllUsers = $userTbl->getAllUsers_orderByAdminByName(); - - /* Setting modal - what tabs to display? */ - if (isset($this->obj)) - { - if ($this->obj->type == "group") - { - $this->group = new Group($this->obj->guid); - $this->common_settingShowTab['group'] = true; - } - } - } - - /* - * Handle form submissions from common views - */ - function common_handleFormSubmissions($input, $attachment) - { - switch ($input['action']) - { - case "common-group-add": $this->addNewGroup($input); break; - case "common-setting-group": $this->saveSettingGroup($input, $attachment); break; - case "common-setting-user": $this->saveSettingUser($input, $attachment); break; - case "common-setting-admin": $this->saveSettingAdmin($input); break; - case "common-setting-allusers-adduser": $this->saveSettingAllusersAdduser($input); break; - case "common-setting-allusers-edituser": $this->saveSettingAllusersEdituser($input, $attachment); break; - case "common-setting-allusers-deluser": $this->saveSettingAllusersDeluser($input); break; - } - } - - /* - * Create a new user group - */ - function addNewGroup($input) - { - $form = new Form(); - $form->field_text("name"); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - $group = new Group(); - $group->createNewGroup($form->name, $this->getCurrentUser()); - } - - /* - * Save changes to user group settings - */ - function saveSettingGroup($input, $attachment) - { - $form = new Form(); - $form->field_text("guid"); - $form->field_text("name"); - $form->field_bool("perm0"); - $form->field_bool("perm1"); - $form->field_bool("perm2"); - $form->field_bool("perm3"); - $form->field_bool("perm4"); - $form->field_bool("perm5"); - $form->field_bool("perm6"); - $form->field_bool("perm7"); - $form->field_bool("perm8"); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - $user = $this->getCurrentUser(); - $group = new Group($form->guid); - - if (!$user || $group->type != "group" || !$group->canModify($user)) - { - $this->logError("You do not have permission to modify this group"); - return; - } - - if (isset($input['rmImage'])) - { - if ($group->rmHeadImage()) - $this->logNotice("Image removed"); - else - $this->logError("Error removing group image"); - - return; - } - - $group->name = $form->name; - - if ($group->canModifyPermissions($user)) - { - $perms = 0; - - if ($form->perm0) - $perms |= 0x100; - if ($form->perm1) - $perms |= 0x080; - if ($form->perm2) - $perms |= 0x040; - if ($form->perm3) - $perms |= 0x020; - if ($form->perm4) - $perms |= 0x010; - if ($form->perm5) - $perms |= 0x008; - if ($form->perm6) - $perms |= 0x004; - if ($form->perm7) - $perms |= 0x002; - if ($form->perm8) - $perms |= 0x001; - - $group->perms = $perms; - } - - $group->saveObj(); - - if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $group->guid)) - $this->logNotice("Image uploaded"); - else - $this->logFormErrors($form); - } - - /* - * Save changes to user account settings - */ - function saveSettingUser($input, $attachment) - { - $form = new Form(); - $form->field_bool("setPasswd"); - $form->field_text("curPasswd", null, false); - $form->field_text("newPasswd", null, false); - $form->field_text("confPasswd", null, false); - $form->field_text("alias", "", false); - $form->field_text("email", "", false); - $form->field_text("emailConfKey", null, false); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - $user = $this->getCurrentUser(); - - if (!$user) - { - $this->logError("Not logged in"); - return; - } - - if (isset($input['rmImage'])) - { - if ($user->rmHeadImage()) - $this->logNotice("Image removed"); - else - $this->logError("Error removing user image"); - - return; - } - - if ($form->setPasswd) - { - if ($user->validatePassword($form->curPasswd)) - { - if ($form->newPasswd == $form->confPasswd) - { - $user->setPassword($form->newPasswd); - $this->logNotice("Password updated successfully"); - } - else - $this->logWarning("Password not changed -- Passwords did not match"); - } - - else - $this->logWarning("Password not changed -- Current password was incorrect"); - } - - $user->alias = $form->alias; - - if ($form->email != $user->email) - $user->setEmail($form->email); - - else if ($form->emailConfKey != "") - { - if (!$user->confirmEmailKey($form->emailConfKey)) - $this->logWarning("Email not confirmed -- Key was incorrect"); - } - - $user->saveObj(); - - if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $user->guid)) - $this->logNotice("Image uploaded"); - else - $this->logFormErrors($form); - } - - /* - * Save changes to admin settings - */ - function saveSettingAdmin($input) - { - $form = new Form(); - $form->field_enum("settSSL", array("force", "neither", "forbid"), Setting::settSSL()); - $form->field_bool("allowPublicSignup"); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - $user = $this->getCurrentUser(); - - if (!$user || $user->admin == 0) - { - $this->logError("Admin permissions required"); - return; - } - - Setting::settSSL($form->settSSL); - Setting::allowPublicSignup($form->allowPublicSignup); - } - - /* - * Allow an admin to create a new user account - */ - function saveSettingAllusersAdduser($input) - { - $form = new Form(); - $form->field_text("username"); - $form->field_text("password", null, false); - $form->field_text("cPassword", null, false); - $form->field_bool("admin"); - $form->field_text("alias", "", false); - $form->field_text("email", "", false); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - $user = $this->getCurrentUser(); - - if (!$user || $user->admin == 0) - { - $this->logError("Admin permissions required"); - return; - } - - if ($form->password != $form->cPassword) - { - $this->logError("Passwords do not match"); - return; - } - - $user = new User(); - - if (!$user->createNewUser($form->username, $form->password)) - { - $this->logError("Username " . $form->username . " is not available"); - return; - } - - if ($form->admin) - $user->admin = 1; - - $user->alias = $form->alias; - $user->setEmail($form->email); - $user->saveObj(); - - $this->logNotice("Created new user " . $form->username); - } - - /* - * Allow an admin to edit user accounts - */ - function saveSettingAllusersEdituser($input, $attachment) - { - $form = new Form(); - $form->field_text("guid"); - $form->field_bool("setPasswd"); - $form->field_text("newPasswd", null, false); - $form->field_text("confPasswd", null, false); - $form->field_bool("admin"); - $form->field_text("alias", "", false); - $form->field_text("email", "", false); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - $user = $this->getCurrentUser(); - - if (!$user || $user->admin == 0) - { - $this->logError("Admin permissions required"); - return; - } - - $user = new User($form->guid); - - if ($user->type != "user") - { - $this->logError("Invalid user GUID"); - return; - } - - if (isset($input['rmImage'])) - { - if ($user->rmHeadImage()) - $this->logNotice("Image removed"); - else - $this->logError("Error removing user image"); - - return; - } - - if ($form->setPasswd) - { - if ($form->newPasswd == $form->confPasswd) - { - $user->setPassword($form->newPasswd); - $this->logNotice("Password for " . $user->name . " updated successfully"); - } - else - $this->logWarning("Password not changed -- Passwords did not match"); - } - - $user->admin = $form->admin; - $user->alias = $form->alias; - - if ($form->email != $user->email) - $user->setEmail($form->email); - - $user->saveObj(); - - if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $user->guid)) - $this->logNotice("Image uploaded"); - else - $this->logFormErrors($form); - } - - /* - * Allow admin to remove user accounts - */ - function saveSettingAllusersDeluser($input) - { - $form = new Form(); - $form->field_text("guid"); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - $user = $this->getCurrentUser(); - - if (!$user || $user->admin == 0) - { - $this->logError("Admin permissions required"); - return; - } - - $user = new User($form->guid); - - if ($user->type != "user") - { - $this->logError("Invalid user GUID"); - return; - } - - if ($user->admin && $user->getNumAdmins() == 1) - { - $this->logError("Account not deleted - Cannot remove the last admin account"); - return; - } - - $user->delObj(); - - if (!$this->getCurrentUser()) - { - /* did user delete their own account? */ - $this->redirectTo($this->ar() . "/"); - } - } - - /* - * Set CSS class for the first tab title in the setting modal only - */ - function getSettingModalTabActiveClass() - { - if (!$this->first_setting_tab_active) - { - $this->first_setting_tab_active = 1; - return "active"; - } - - return ""; - } - - /* - * Set CSS classes for the first tab in the setting modal only - */ - function getSettingModalTabDispClasses() - { - if (!$this->first_setting_tab_disp) - { - $this->first_setting_tab_disp = 1; - return "in active"; - } - - return ""; - } -} - -?> diff --git a/app/model/dashboard.mod.php b/app/model/dashboard.mod.php deleted file mode 100644 index 00fb759..0000000 --- a/app/model/dashboard.mod.php +++ /dev/null @@ -1,29 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "model/common.mod.php"; - -class DashboardModel extends CommonModel -{ - /* - * Default action - */ - function deflt() - { - } -} - -?> diff --git a/app/model/deauth.mod.php b/app/model/deauth.mod.php deleted file mode 100644 index 8991606..0000000 --- a/app/model/deauth.mod.php +++ /dev/null @@ -1,31 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "class/model.class.php"; - -class DeauthModel extends Model -{ - /* - * Default action - */ - function deflt() - { - $this->setCurrentUser(); - $this->redirectTo($this->ar() . "/"); - } -} - -?> diff --git a/app/model/deleteacct.mod.php b/app/model/deleteacct.mod.php deleted file mode 100644 index 0178c95..0000000 --- a/app/model/deleteacct.mod.php +++ /dev/null @@ -1,63 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "model/common.mod.php"; -require_once "class/form.class.php"; -require_once "class/user.class.php"; - -class DeleteacctModel extends CommonModel -{ - /* - * Default action - */ - function deflt() - { - } - - /* - * Delete current user's account - */ - function del($input) - { - $form = new Form(); - $form->field_text("password", null, false); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - $user = $this->getCurrentUser(); - - if (!$user->validatePassword($form->password)) - { - $this->logError("Account not deleted - Password was incorrect"); - return; - } - - if ($user->admin && $user->getNumAdmins() == 1) - { - $this->logError("Account not deleted - Cannot remove the last admin account"); - return; - } - - $user->delObj(); - $this->redirectTo($this->ar() . "/"); - } -} - -?> diff --git a/app/model/except.mod.php b/app/model/except.mod.php deleted file mode 100644 index fb81315..0000000 --- a/app/model/except.mod.php +++ /dev/null @@ -1,30 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "model/master.mod.php"; - -class ExceptModel extends MasterModel -{ - /* - * Default action - */ - function deflt($message) - { - $this->message = $message; - } -} - -?> diff --git a/app/model/master.mod.php b/app/model/master.mod.php deleted file mode 100644 index 5aaafa8..0000000 --- a/app/model/master.mod.php +++ /dev/null @@ -1,56 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "class/model.class.php"; - -class MasterModel extends Model -{ - /* - * Get the appropriate alert class to use when showing the notice modal - */ - function getNoticeModalAlertClass() - { - if ($this->isError()) - return "alert-danger"; - - if ($this->isWarning()) - return "alert-warning"; - - if ($this->isNotice()) - return "alert-info"; - - return ""; - } - - /* - * Get the appropriate glyphicon to use when showing the notice modal - */ - function getNoticeModalGlyphicon() - { - if ($this->isError()) - return "glyphicon glyphicon-remove-sign"; - - if ($this->isWarning()) - return "glyphicon glyphicon-exclamation-sign"; - - if ($this->isNotice()) - return "glyphicon glyphicon-info-sign"; - - return ""; - } -} - -?> diff --git a/app/model/obj.mod.php b/app/model/obj.mod.php deleted file mode 100644 index 159c962..0000000 --- a/app/model/obj.mod.php +++ /dev/null @@ -1,30 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "model/common.mod.php"; - -class ObjModel extends CommonModel -{ - /* - * Constructor - */ - function __construct($guid) - { - parent::__construct($guid); - } -} - -?> diff --git a/app/model/sysconf.mod.php b/app/model/sysconf.mod.php deleted file mode 100644 index cfbed42..0000000 --- a/app/model/sysconf.mod.php +++ /dev/null @@ -1,93 +0,0 @@ -<?php - -/* - * SCROTT Copyright (C) 2016 Malf Furious - * - * Scrott is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation, either version 3 of the License, - * or (at your option) any later version. - * - * Scrott is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public - * License for more details. - */ - -require_once "model/master.mod.php"; -require_once "class/form.class.php"; - -class SysconfModel extends MasterModel -{ - var $CONF_FILE = "scrott.conf.php"; - - /* - * Default action - */ - function deflt() - { - } - - /* - * Save the submitted data to the config file - */ - function save($input) - { - global $_SCROTT; - - $form = new Form(); - $form->field_text("dbAddress"); - $form->field_text("dbName"); - $form->field_text("dbUser"); - $form->field_text("dbPass", null, false); - $form->field_enum("settSSL", array("force", "neither", "forbid")); - - if (!$form->populate($input)) - { - $this->logFormErrors($form); - return; - } - - /* test database connection (set global vars and try to get a db object) */ - $_SCROTT['conf'] = 'conf'; - $_SCROTT['dbEngine'] = 'mysql'; - $_SCROTT['dbAddress'] = $form->dbAddress; - $_SCROTT['dbName'] = $form->dbName; - $_SCROTT['dbUser'] = $form->dbUser; - $_SCROTT['dbPass'] = $form->dbPass; - - try - { - $db = $this->getDbConnection(); - } - catch (Exception $e) - { - $this->logError($e->getMessage()); - return; - } - - /* write file */ - $f = fopen($this->CONF_FILE, "w"); - - if (!$f) - { - $this->logError("Can not create configuration file"); - return; - } - - fwrite($f, "<?php\n"); - fwrite($f, "\$_SCROTT['conf'] = 'conf';\n"); - fwrite($f, "\$_SCROTT['dbEngine'] = 'mysql';\n"); - fwrite($f, "\$_SCROTT['dbAddress'] = '" . $form->dbAddress . "';\n"); - fwrite($f, "\$_SCROTT['dbName'] = '" . $form->dbName . "';\n"); - fwrite($f, "\$_SCROTT['dbUser'] = '" . $form->dbUser . "';\n"); - fwrite($f, "\$_SCROTT['dbPass'] = '" . $form->dbPass . "';\n"); - fwrite($f, "\$_SCROTT['settSSL'] = '" . $form->settSSL . "';\n"); - fwrite($f, "?>\n"); - - fclose($f); - $this->redirectTo($this->ar() . "/"); - } -} - -?> |