diff options
Diffstat (limited to 'examples/model')
| -rw-r--r-- | examples/model/auth.mod.php | 115 | ||||
| -rw-r--r-- | examples/model/common.mod.php | 497 | ||||
| -rw-r--r-- | examples/model/dashboard.mod.php | 29 | ||||
| -rw-r--r-- | examples/model/deauth.mod.php | 31 | ||||
| -rw-r--r-- | examples/model/deleteacct.mod.php | 63 | ||||
| -rw-r--r-- | examples/model/except.mod.php | 30 | ||||
| -rw-r--r-- | examples/model/master.mod.php | 56 | ||||
| -rw-r--r-- | examples/model/obj.mod.php | 30 | ||||
| -rw-r--r-- | examples/model/sysconf.mod.php | 93 |
9 files changed, 944 insertions, 0 deletions
diff --git a/examples/model/auth.mod.php b/examples/model/auth.mod.php new file mode 100644 index 0000000..000db95 --- /dev/null +++ b/examples/model/auth.mod.php @@ -0,0 +1,115 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "model/common.mod.php"; +require_once "class/user.class.php"; +require_once "class/form.class.php"; +require_once "class/setting.class.php"; + +class AuthModel extends CommonModel +{ + /* + * Default action + */ + function deflt() + { + $userTbl = new User(); + + if (count($userTbl->getAllUsers_orderByName()) == 0) + { + $this->noaccounts = true; + $this->activeTab['signup'] = "in active"; + $this->tabSwap = false; + } + + else + { + $this->activeTab['login'] = "in active"; + $this->tabSwap = Setting::allowPublicSignup(); + } + } + + /* + * Attempt to register a new account + */ + function signup($input) + { + $userTbl = new User(); + + if (!Setting::allowPublicSignup() && count($userTbl->getAllUsers_orderByName()) > 0) + { + $this->logError("You may not signup at this time"); + return; + } + + $form = new Form(); + $form->field_text("username"); + $form->field_text("password", null, false); + $form->field_text("cPassword", null, false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + if ($form->password != $form->cPassword) + { + $this->logError("Passwords do not match"); + return; + } + + $user = new User(); + + if (!$user->createNewUser($form->username, $form->password)) + { + $this->logError("Your requested username is already in use"); + return; + } + + $this->setCurrentUser($user); + $this->redirectTo($this->ap() . "/"); + } + + /* + * Attempt to login + */ + function login($input) + { + $form = new Form(); + $form->field_text("username"); + $form->field_text("password", null, false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = new User(); + + if (!($user->initByUsername($form->username) && $user->validatePassword($form->password))) + { + $this->logError("Username or password is incorrect"); + return; + } + + $this->setCurrentUser($user); + $this->redirectTo($this->ap() . "/"); + } +} + +?> diff --git a/examples/model/common.mod.php b/examples/model/common.mod.php new file mode 100644 index 0000000..6cba871 --- /dev/null +++ b/examples/model/common.mod.php @@ -0,0 +1,497 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "model/master.mod.php"; +require_once "class/form.class.php"; +require_once "class/setting.class.php"; +require_once "class/object.class.php"; +require_once "class/user.class.php"; +require_once "class/group.class.php"; + +class CommonModel extends MasterModel +{ + var $HEAD_IMG_MAX_SIZE = 1048576; // 1MB + var $HEAD_IMG_MIME = array( + "image/jpg", + "image/jpeg" + ); + + /* + * Constructor + */ + function __construct($guid = null) + { + parent::__construct(); + $this->first_setting_tab_active = 0; + $this->first_setting_tab_disp = 0; + $this->common_handleFormSubmissions($_REQUEST['input'], $_FILES['attachment']); + + if (!is_null($guid)) + { + $this->obj = new DBObject($guid); + $this->owner = $this->obj->getOwner(); + $this->members = $this->obj->getMembers(); + } + + $this->common_deflt(); + } + + /* + * Default action + */ + function common_deflt() + { + global $_SCROTT; + + /* Admin settings tab */ + if ($_SCROTT['settSSL'] != "neither") + { + $this->common_settingAdminSettSSLChecked[$_SCROTT['settSSL']] = "checked"; + $this->common_settingAdminSettSSLDisabled = "disabled"; + } + else + $this->common_settingAdminSettSSLChecked[Setting::settSSL()] = "checked"; + + if (Setting::allowPublicSignup()) + $this->common_settingAdminAllowPublicSignupChecked = "checked"; + + /* Admin all-users settings tab */ + $userTbl = new User(); + $this->common_settingAllUsers = $userTbl->getAllUsers_orderByAdminByName(); + + /* Setting modal - what tabs to display? */ + if (isset($this->obj)) + { + if ($this->obj->type == "group") + { + $this->group = new Group($this->obj->guid); + $this->common_settingShowTab['group'] = true; + } + } + } + + /* + * Handle form submissions from common views + */ + function common_handleFormSubmissions($input, $attachment) + { + switch ($input['action']) + { + case "common-group-add": $this->addNewGroup($input); break; + case "common-setting-group": $this->saveSettingGroup($input, $attachment); break; + case "common-setting-user": $this->saveSettingUser($input, $attachment); break; + case "common-setting-admin": $this->saveSettingAdmin($input); break; + case "common-setting-allusers-adduser": $this->saveSettingAllusersAdduser($input); break; + case "common-setting-allusers-edituser": $this->saveSettingAllusersEdituser($input, $attachment); break; + case "common-setting-allusers-deluser": $this->saveSettingAllusersDeluser($input); break; + } + } + + /* + * Create a new user group + */ + function addNewGroup($input) + { + $form = new Form(); + $form->field_text("name"); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $group = new Group(); + $group->createNewGroup($form->name, $this->getCurrentUser()); + } + + /* + * Save changes to user group settings + */ + function saveSettingGroup($input, $attachment) + { + $form = new Form(); + $form->field_text("guid"); + $form->field_text("name"); + $form->field_bool("perm0"); + $form->field_bool("perm1"); + $form->field_bool("perm2"); + $form->field_bool("perm3"); + $form->field_bool("perm4"); + $form->field_bool("perm5"); + $form->field_bool("perm6"); + $form->field_bool("perm7"); + $form->field_bool("perm8"); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + $group = new Group($form->guid); + + if (!$user || $group->type != "group" || !$group->canModify($user)) + { + $this->logError("You do not have permission to modify this group"); + return; + } + + if (isset($input['rmImage'])) + { + if ($group->rmHeadImage()) + $this->logNotice("Image removed"); + else + $this->logError("Error removing group image"); + + return; + } + + $group->name = $form->name; + + if ($group->canModifyPermissions($user)) + { + $perms = 0; + + if ($form->perm0) + $perms |= 0x100; + if ($form->perm1) + $perms |= 0x080; + if ($form->perm2) + $perms |= 0x040; + if ($form->perm3) + $perms |= 0x020; + if ($form->perm4) + $perms |= 0x010; + if ($form->perm5) + $perms |= 0x008; + if ($form->perm6) + $perms |= 0x004; + if ($form->perm7) + $perms |= 0x002; + if ($form->perm8) + $perms |= 0x001; + + $group->perms = $perms; + } + + $group->saveObj(); + + if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $group->guid)) + $this->logNotice("Image uploaded"); + else + $this->logFormErrors($form); + } + + /* + * Save changes to user account settings + */ + function saveSettingUser($input, $attachment) + { + $form = new Form(); + $form->field_bool("setPasswd"); + $form->field_text("curPasswd", null, false); + $form->field_text("newPasswd", null, false); + $form->field_text("confPasswd", null, false); + $form->field_text("alias", "", false); + $form->field_text("email", "", false); + $form->field_text("emailConfKey", null, false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user) + { + $this->logError("Not logged in"); + return; + } + + if (isset($input['rmImage'])) + { + if ($user->rmHeadImage()) + $this->logNotice("Image removed"); + else + $this->logError("Error removing user image"); + + return; + } + + if ($form->setPasswd) + { + if ($user->validatePassword($form->curPasswd)) + { + if ($form->newPasswd == $form->confPasswd) + { + $user->setPassword($form->newPasswd); + $this->logNotice("Password updated successfully"); + } + else + $this->logWarning("Password not changed -- Passwords did not match"); + } + + else + $this->logWarning("Password not changed -- Current password was incorrect"); + } + + $user->alias = $form->alias; + + if ($form->email != $user->email) + $user->setEmail($form->email); + + else if ($form->emailConfKey != "") + { + if (!$user->confirmEmailKey($form->emailConfKey)) + $this->logWarning("Email not confirmed -- Key was incorrect"); + } + + $user->saveObj(); + + if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $user->guid)) + $this->logNotice("Image uploaded"); + else + $this->logFormErrors($form); + } + + /* + * Save changes to admin settings + */ + function saveSettingAdmin($input) + { + $form = new Form(); + $form->field_enum("settSSL", array("force", "neither", "forbid"), Setting::settSSL()); + $form->field_bool("allowPublicSignup"); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + Setting::settSSL($form->settSSL); + Setting::allowPublicSignup($form->allowPublicSignup); + } + + /* + * Allow an admin to create a new user account + */ + function saveSettingAllusersAdduser($input) + { + $form = new Form(); + $form->field_text("username"); + $form->field_text("password", null, false); + $form->field_text("cPassword", null, false); + $form->field_bool("admin"); + $form->field_text("alias", "", false); + $form->field_text("email", "", false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + if ($form->password != $form->cPassword) + { + $this->logError("Passwords do not match"); + return; + } + + $user = new User(); + + if (!$user->createNewUser($form->username, $form->password)) + { + $this->logError("Username " . $form->username . " is not available"); + return; + } + + if ($form->admin) + $user->admin = 1; + + $user->alias = $form->alias; + $user->setEmail($form->email); + $user->saveObj(); + + $this->logNotice("Created new user " . $form->username); + } + + /* + * Allow an admin to edit user accounts + */ + function saveSettingAllusersEdituser($input, $attachment) + { + $form = new Form(); + $form->field_text("guid"); + $form->field_bool("setPasswd"); + $form->field_text("newPasswd", null, false); + $form->field_text("confPasswd", null, false); + $form->field_bool("admin"); + $form->field_text("alias", "", false); + $form->field_text("email", "", false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + $user = new User($form->guid); + + if ($user->type != "user") + { + $this->logError("Invalid user GUID"); + return; + } + + if (isset($input['rmImage'])) + { + if ($user->rmHeadImage()) + $this->logNotice("Image removed"); + else + $this->logError("Error removing user image"); + + return; + } + + if ($form->setPasswd) + { + if ($form->newPasswd == $form->confPasswd) + { + $user->setPassword($form->newPasswd); + $this->logNotice("Password for " . $user->name . " updated successfully"); + } + else + $this->logWarning("Password not changed -- Passwords did not match"); + } + + $user->admin = $form->admin; + $user->alias = $form->alias; + + if ($form->email != $user->email) + $user->setEmail($form->email); + + $user->saveObj(); + + if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $user->guid)) + $this->logNotice("Image uploaded"); + else + $this->logFormErrors($form); + } + + /* + * Allow admin to remove user accounts + */ + function saveSettingAllusersDeluser($input) + { + $form = new Form(); + $form->field_text("guid"); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + $user = new User($form->guid); + + if ($user->type != "user") + { + $this->logError("Invalid user GUID"); + return; + } + + if ($user->admin && $user->getNumAdmins() == 1) + { + $this->logError("Account not deleted - Cannot remove the last admin account"); + return; + } + + $user->delObj(); + + if (!$this->getCurrentUser()) + { + /* did user delete their own account? */ + $this->redirectTo($this->ar() . "/"); + } + } + + /* + * Set CSS class for the first tab title in the setting modal only + */ + function getSettingModalTabActiveClass() + { + if (!$this->first_setting_tab_active) + { + $this->first_setting_tab_active = 1; + return "active"; + } + + return ""; + } + + /* + * Set CSS classes for the first tab in the setting modal only + */ + function getSettingModalTabDispClasses() + { + if (!$this->first_setting_tab_disp) + { + $this->first_setting_tab_disp = 1; + return "in active"; + } + + return ""; + } +} + +?> diff --git a/examples/model/dashboard.mod.php b/examples/model/dashboard.mod.php new file mode 100644 index 0000000..00fb759 --- /dev/null +++ b/examples/model/dashboard.mod.php @@ -0,0 +1,29 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "model/common.mod.php"; + +class DashboardModel extends CommonModel +{ + /* + * Default action + */ + function deflt() + { + } +} + +?> diff --git a/examples/model/deauth.mod.php b/examples/model/deauth.mod.php new file mode 100644 index 0000000..8991606 --- /dev/null +++ b/examples/model/deauth.mod.php @@ -0,0 +1,31 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "class/model.class.php"; + +class DeauthModel extends Model +{ + /* + * Default action + */ + function deflt() + { + $this->setCurrentUser(); + $this->redirectTo($this->ar() . "/"); + } +} + +?> diff --git a/examples/model/deleteacct.mod.php b/examples/model/deleteacct.mod.php new file mode 100644 index 0000000..0178c95 --- /dev/null +++ b/examples/model/deleteacct.mod.php @@ -0,0 +1,63 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "model/common.mod.php"; +require_once "class/form.class.php"; +require_once "class/user.class.php"; + +class DeleteacctModel extends CommonModel +{ + /* + * Default action + */ + function deflt() + { + } + + /* + * Delete current user's account + */ + function del($input) + { + $form = new Form(); + $form->field_text("password", null, false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user->validatePassword($form->password)) + { + $this->logError("Account not deleted - Password was incorrect"); + return; + } + + if ($user->admin && $user->getNumAdmins() == 1) + { + $this->logError("Account not deleted - Cannot remove the last admin account"); + return; + } + + $user->delObj(); + $this->redirectTo($this->ar() . "/"); + } +} + +?> diff --git a/examples/model/except.mod.php b/examples/model/except.mod.php new file mode 100644 index 0000000..fb81315 --- /dev/null +++ b/examples/model/except.mod.php @@ -0,0 +1,30 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "model/master.mod.php"; + +class ExceptModel extends MasterModel +{ + /* + * Default action + */ + function deflt($message) + { + $this->message = $message; + } +} + +?> diff --git a/examples/model/master.mod.php b/examples/model/master.mod.php new file mode 100644 index 0000000..5aaafa8 --- /dev/null +++ b/examples/model/master.mod.php @@ -0,0 +1,56 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "class/model.class.php"; + +class MasterModel extends Model +{ + /* + * Get the appropriate alert class to use when showing the notice modal + */ + function getNoticeModalAlertClass() + { + if ($this->isError()) + return "alert-danger"; + + if ($this->isWarning()) + return "alert-warning"; + + if ($this->isNotice()) + return "alert-info"; + + return ""; + } + + /* + * Get the appropriate glyphicon to use when showing the notice modal + */ + function getNoticeModalGlyphicon() + { + if ($this->isError()) + return "glyphicon glyphicon-remove-sign"; + + if ($this->isWarning()) + return "glyphicon glyphicon-exclamation-sign"; + + if ($this->isNotice()) + return "glyphicon glyphicon-info-sign"; + + return ""; + } +} + +?> diff --git a/examples/model/obj.mod.php b/examples/model/obj.mod.php new file mode 100644 index 0000000..159c962 --- /dev/null +++ b/examples/model/obj.mod.php @@ -0,0 +1,30 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "model/common.mod.php"; + +class ObjModel extends CommonModel +{ + /* + * Constructor + */ + function __construct($guid) + { + parent::__construct($guid); + } +} + +?> diff --git a/examples/model/sysconf.mod.php b/examples/model/sysconf.mod.php new file mode 100644 index 0000000..cfbed42 --- /dev/null +++ b/examples/model/sysconf.mod.php @@ -0,0 +1,93 @@ +<?php + +/* + * SCROTT Copyright (C) 2016 Malf Furious + * + * Scrott is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation, either version 3 of the License, + * or (at your option) any later version. + * + * Scrott is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + */ + +require_once "model/master.mod.php"; +require_once "class/form.class.php"; + +class SysconfModel extends MasterModel +{ + var $CONF_FILE = "scrott.conf.php"; + + /* + * Default action + */ + function deflt() + { + } + + /* + * Save the submitted data to the config file + */ + function save($input) + { + global $_SCROTT; + + $form = new Form(); + $form->field_text("dbAddress"); + $form->field_text("dbName"); + $form->field_text("dbUser"); + $form->field_text("dbPass", null, false); + $form->field_enum("settSSL", array("force", "neither", "forbid")); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + /* test database connection (set global vars and try to get a db object) */ + $_SCROTT['conf'] = 'conf'; + $_SCROTT['dbEngine'] = 'mysql'; + $_SCROTT['dbAddress'] = $form->dbAddress; + $_SCROTT['dbName'] = $form->dbName; + $_SCROTT['dbUser'] = $form->dbUser; + $_SCROTT['dbPass'] = $form->dbPass; + + try + { + $db = $this->getDbConnection(); + } + catch (Exception $e) + { + $this->logError($e->getMessage()); + return; + } + + /* write file */ + $f = fopen($this->CONF_FILE, "w"); + + if (!$f) + { + $this->logError("Can not create configuration file"); + return; + } + + fwrite($f, "<?php\n"); + fwrite($f, "\$_SCROTT['conf'] = 'conf';\n"); + fwrite($f, "\$_SCROTT['dbEngine'] = 'mysql';\n"); + fwrite($f, "\$_SCROTT['dbAddress'] = '" . $form->dbAddress . "';\n"); + fwrite($f, "\$_SCROTT['dbName'] = '" . $form->dbName . "';\n"); + fwrite($f, "\$_SCROTT['dbUser'] = '" . $form->dbUser . "';\n"); + fwrite($f, "\$_SCROTT['dbPass'] = '" . $form->dbPass . "';\n"); + fwrite($f, "\$_SCROTT['settSSL'] = '" . $form->settSSL . "';\n"); + fwrite($f, "?>\n"); + + fclose($f); + $this->redirectTo($this->ar() . "/"); + } +} + +?> |