summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2018-09-24agent: Fix bug in function canAccess()Malf Furious1-1/+1
This is probabally more of an oops than a bug, although was causing unexpected behavior. When falling back to checking whether the agent has access to the object's owner, it was wrongly accessing through $this->owner, rather than $obj->owner (which is the function argument). This was probabally left over from how this function _used_ to be implemented (you would call on the object and pass in the user).
2018-09-24Add missing requireMalf Furious1-0/+1
2018-09-23dashboard: Remove extra thingsMalf Furious1-3/+1
2018-09-23admin: Add empty admin panelMalf Furious2-0/+47
2018-09-23form: Fix bug in populate()Malf Furious1-1/+1
There was a problem with processing enum type fields. The way all other field types are asserted to be 'defined' is via: isset($field) && $field != "" Which works perfectly fine, and is exactly what we want. However, with enums the second part of that && can bite us if "" is in the list of acceptable values. This commit removed that half of the check (only for enum values) so that the empty string may be an acceptable enum value. If "" is not in the values array, then the check is implicitly reinstated.
2018-09-23settings: Implement admin tab form handlerMalf Furious1-0/+40
2018-09-22database: Fix bug in function checkConfig()Malf Furious1-7/+4
Because of how this function was implemented, any failure during database instance construction is treated the same way. IE. we cannot tell the difference between 'no db config' (as is the initial default state) and a 'bad db config' (either bogus data, or the server happens to be down). Because of this, if, after the database access is initially set up, access to the db becomes unavailable or someone makes a bad edit to the dbconfig.php file, Scrott behaves as if it is being configured for the first time. This is *dangerous* behavior! (unexpected, at the least) The implication of this is that if Scrott's database access is ever incidentially interrupted, the very next visitor to the site is offered the chance to (silently) reconfigure the server to point to any database of his choosing. This patch updates the checkConfig() function to only 'soft fail' (return false) in the case where the configuration is _actually_ missing. IE. $_SCROTT['conf'] is not defined. This function will otherwise passthrough any and all exceptions which result from instanciating the database instance and will only return true if both of these steps succeed.
2018-09-21settings: Add admin-only settings tab to settings modalMalf Furious1-0/+71
This is an interface to alter the settings stored in the 'settings' database table. Typically restricted to administrators only.
2018-09-21settings: Add key 'smtpResult'Malf Furious1-0/+8
This is not meant to be a user (admin) configurable key. Rather, this is a mechanism for success/failure results from interactions with PHPMailer to make their way back to the UI. Down the road, email sending functions should publish their true/false return value to this configuration key. The initial default value of "NULL" means no mail send attempts have taken place.
2018-09-21deleteaccount: Implement form handlerMalf Furious2-0/+48
2018-09-21Remove old contentMalf Furious5-219/+0
2018-09-21deleteaccount: Add viewMalf Furious2-0/+64
2018-09-20stdpage: Add assertconfirm() functionMalf Furious1-0/+4
2018-09-20index: Enforce access permission when viewing object by URLMalf Furious1-0/+8
The controller now (again) prevents browsing to objects the user is not allowed to access.
2018-09-20mysql: Move schema file into srvs/Malf Furious1-0/+0
This places all (both) of the service configuration files together and cleans up the top-level directory. The file is renamed to 'mysql.sql' to indicate the particular service it corresponds to.
2018-09-20Merge branch 'bug/schema-defaults' into devMalf Furious1-7/+7
2018-09-20mysql: Add various default valuesMalf Furious1-4/+4
I was experiencing problems on Mysql proper with the way Scrott interacts with the database when forming new objects. It attempts some writeback querries before all attributes are applied to the new objects. This makes sense if you understand how many initNew and helper functions are implemented. As a convenience a function which mutates an object will also apply its changes to the database automatically. These function are used instead of directly settings PHP object properties because there are additional pieces of logic performed to ensure everything remains valid in the datamodel. As was the case for a few types of objects, cirtain functions which behave this way were being called during an object's initNew(), causing DB writebacks to occur before some other 'default-less' field had been defined for that object. This patch provides some 'not so invalid' default states for database table columns which were previously undefined. This should also mitigate some issues I may have not run unto yet.
2018-09-20mysql: Change issue.tags type to 'text'Malf Furious1-1/+1
I don't mean to impose a character limit here, so I am changing this type to 'text'. As per the previous commit, the default value is also removed.
2018-09-20mysql: Remove defaults from 'text' datatypesMalf Furious1-2/+2
It is an error in Mysql for columns of type 'text' to have a default value. Removing these resolves Mysql errors and MariaDB warnings.
2018-09-20Restore old example content to working examples directoryMalf Furious1-31/+78
2018-09-20Add start of single-pad viewMalf Furious5-0/+130
2018-09-20pad: Fix bug in function getStages()Malf Furious1-0/+3
In cases where the pad had no stages beneath it, `new stage($this->stage)` would construct an invalid object. As it turns out, calling ->getArray() on an uninitialized stage object yeilds bad results. Instead of patching the stage::getArray() function, I add a check to harden pad::getStages(). My reasoning for this is as follows: The bug in getArray() manifests from a domain error, ie. it's only because we are calling it on an uninitialized object. The object is already in a bad state prior to caling getArray(). Rather, I opt to patch getStages() so that we never create a bad object in the first place. Now, for no-stage pads, getStages() will return early an empty array.
2018-09-20table: Fix bug in constructorMalf Furious1-2/+2
This particular flaw was dampening (and could popentially be hiding) the effects of other bugs. For instance, in this case, a GUID of "" was invalidly being used to construct an object. This should obviously be considered an error, but since "" evaluates to false, the construction was treated as default (no GUID) construction and succedded. It wasn't until later when missing properties were accessed that random PHP error messages clued me into what was happening. Now, when any sort of explicit value is used to construct an object (not NULL), an object load will be attempted, giving bad input more chances to fail outright and trigger an exception. In addition, the 'no such guid' exception message is updated to place quotes ('') around the GUID string to make it more obvious when "" is used in the future.
2018-09-19stdpage: Update user button appearanceMalf Furious1-1/+8
Removed placholder text and now displaying the logged-in user's display name. This is accopanied by the user icon and (conditionally) the 'cool' sunglasses icon for admins. This is similar, but not identical, to the markup of my old archived code I'm clearing out.
2018-09-19stdpage: Add additional spacing to "Not Logged In" textMalf Furious1-1/+1
This additional spacing is added to the navbar text to improve its appearance in the browser.
2018-09-19datamods: Add default stages to new padsMalf Furious1-0/+6
As a convenience, I'm adding a basic set of stages to new pads. These stages are "To Do", "In Progress" ('Done' being closed issues). This implements a very simple workflow for new pads.
2018-09-19table: Change function visibilities to publicMalf Furious1-2/+2
These two functions, 'getCurrentTimestamp()' and 'isGUID()' are updated to be public. There is actually no good reason for them to be private; I originally just never antisipated their use outside this class. I need isGUID() in index.php to help with page routing. Neither of these two functions have side effects of any kind nor any unexpected behavior, so there is no harm in going public.
2018-09-19globals: Remove single call assertions for setPage...() functionsMalf Furious1-12/+2
Removing these unnecessary checks. They are not protecting us from anything, only inconveniencing me in index.php.
2018-09-19settings: Implement user tab form submissionMalf Furious2-0/+103
2018-09-19Update all usage of saveFile()Malf Furious2-10/+9
Update all usage of saveFile() to use added saveIfFile() function, forwarding on the convenience to model code. Model code can pass in file field names, rather than $_FILES arrays directly.
2018-09-19globals: Add function saveIfFile()Malf Furious1-0/+15
This is an alternative function to globals' saveFile(), which allows model code to just pass in the name of the expected uploaded file, rather than requiring them to look up the file themselves. This is in line with my preference to encapsulate PHP superglobals access away from most of the codebase. Note that even if the user opts not to upload optional files, the associated file <input> field will still be present in $_FILES, with a special error code set (meaning 'no file uploaded') which setFile() ignores. It is only in the case of a malformed form submission that $_FILES will be missing the requested file field, prompting Scrott to throw an exception.
2018-09-19formctrl: Hidden field name should be in 'input' arrayMalf Furious1-1/+1
The input[ ] portion of the hidden field name had been left off. This commit fixes this bug.
2018-09-16Remove old contentMalf Furious3-373/+1
2018-09-16Remove old contentMalf Furious1-49/+0
2018-09-16Add settings modal and user settings tabMalf Furious2-3/+151
Updated old settings modal design, to incorporate added Scrott features. Reimplemented this modal in Scrott from archived code and have included it in the navbar.
2018-09-16Add hidden formctrlMalf Furious1-0/+5
2018-09-16Add object background preview widgetMalf Furious2-0/+46
Similar to objHeadCircle() but for displaying a bg img on page, rather than as the actual background.
2018-09-16Add function obj::hasHeadImg()Malf Furious1-0/+10
We can check for the existence of an object's background image by calling getBgImg(), since it returns NULL when there is no such image. But getHeadImg() behaves differently, returning a path to 'static/img/null.jpg' (via df.php) when there is no image, making it more difficult to tell. This function addresses this concern.
2018-09-15Add file formctrlMalf Furious1-0/+8
This ctrl is not POSTed as part of the input[] array, but as a standalone name.
2018-09-15Add checkbox formctrlMalf Furious1-0/+9
2018-09-15Add css class and help-block to text formctrlMalf Furious1-2/+6
2018-09-15Form ctrls should use the 'control-label' classMalf Furious1-2/+2
2018-09-15Add function oneStr()Malf Furious1-0/+15
The initial intended use case for this is applying the "active" and "in active" classes to the first tab to appear in the settings modal.
2018-09-15Add 'my pads' pageMalf Furious2-0/+60
2018-09-15Implement dm-pad-add form handlerMalf Furious1-0/+27
2018-09-12Add function agent::getAgentObj()Malf Furious1-0/+17
This is basically a constructor for agent. The actual type returned is a contrete agent.
2018-09-08Add 'New Pad' modalMalf Furious2-1/+61
2018-09-08Add owner dropdown to 'New Group' modalMalf Furious1-0/+14
2018-09-07Fix typoMalf Furious1-1/+1
2018-09-07Fix bug in function table->loadObj()Malf Furious1-1/+7
If a table query yeilds zero rows, we would still attempt to load the first (index zero) into $this, causing an error to be thrown by PHP. We are now checking the size of the results array first.