path: root/app (unfollow)
AgeCommit message (Collapse)AuthorFilesLines
2018-10-23Fix bug in various form handlersMalf Furious2-4/+24
Some form handlers use the current logged in user (user::getCurrent()), however do so without asserting that we are _actually_ logged in. This is probably due to that fact that index.php (usually) catches all page requests that are logged out and diverts control before any other handler can be invoked. But a few handlers sneak through the cracks. In the future, the app will be better about supportting logged out browsing, the alpha was not written with this in the forground. Signed-off-by: Malf Furious <>
2018-10-23datamods: Implement new issue modal form handlerMalf Furious1-0/+38
POSTs to the dm-issue-add form are handled by this new handler. Pad data is passed via the form, we create the new issue in the pad's first stage, crediting the current logged in user. New issue is unassigned. I call `location()` at the bottom, since not doing so leaves the page in a weird state. The reason being that most of the page rendering logic operates off of the 'pageObj', which is instanciated and assigned prior to the invocation of this handler. This is to be fleshed-out during the v0.2-v0.3 development iteration. Signed-off-by: Malf Furious <>
2018-10-22pad: Add on-page button to open new issueMalf Furious1-0/+4
First button added to the header of pad views is to open new issues. This interface is still very crude and subject to change in the near future. Signed-off-by: Malf Furious <>
2018-10-22stdpage: Add 'New Issue' option to navbarMalf Furious1-0/+9
When viewing a pad, offer the 'New Issue' option under the additions menu in the navbar. Will will display the just-added new issue modal, for the user to open a new issue on the first stage of the pad being viewed. Signed-off-by: Malf Furious <>
2018-10-22datamods: Add new issue modalMalf Furious1-0/+47
This datamods modal is accessable from pad views to open a new issue on the pad in question. This is a simplistic version of this interface, subject to improvements once I start on the v0.2-v0.3 development iteration. Suffice it to say, any frills we will want to use in the initial draft will be accessible from the issue view modal, as options to modify the open issue. Signed-off-by: Malf Furious <>
2018-10-22formctrl: Add textarea form controlMalf Furious1-0/+8
Adds a parameterized text area to the collection of controls. Signed-off-by: Malf Furious <>
2018-10-22stdpage: Display issue modal when clicked on pad viewMalf Furious1-2/+1
Updated the javascript to wire-up the issue list items shown on pad views. When these are clicked the associated issue modal is displayed in the foreground.
2018-10-22pad: Render issue modals on pad viewMalf Furious2-0/+13
This logic instanciates an issue modal view for each issue to be accessable from a pad view.
2018-10-22issue: Add start of issue modal viewMalf Furious1-0/+118
2018-10-21Revert "mesg: Update function makeIssue()"Malf Furious1-4/+3
This reverts commit 62872702dc413b7abab94d8a5a7bd21770b5d241.
2018-10-21agent: Add function isAssignedTo()Malf Furious1-0/+15
2018-10-21issue: Rewrite issue classMalf Furious1-54/+125
Revised implementation of redesigned data model.
2018-10-20mesg: Update function makeIssue()Malf Furious1-3/+4
This function is patched to co-operate with structural changes to the issue class.
2018-10-20issue: Add function isOpen()Malf Furious1-0/+8
2018-10-20issue: Add assigned timestampMalf Furious1-0/+2
2018-10-20issue: Add open/close dataMalf Furious1-1/+30
2018-10-20issue: Add author and authored fieldsMalf Furious1-0/+29
2018-09-26df: Address class cyclic require loopMalf Furious1-0/+1
A dependency loop exists between class/agent.class.php and class/group.class.php. Due to specific `require_once` ordering within the app, this problem was not surfaced until now. These two classes depend on eachother, but strictly speaking, the interpreter needs to read the agent class first. This is because group directly inherits from agent. It is only one of agent's functions which references group. Group has a `require_once "class/agent.class.php"` at its top, so requiring group first will read both classes, in the correct order, and provide their definition's for the remainder of the runtime. The main entry-point, index.php, did not have this problem since it was explicitly requiring group itself (it actually needs group, though). The df.php entry-point wasn't and was relying on requires in the class/ directory to resolve this issue. In a more-sane language, I could patch this more easily directly in the affected file; rather, this patch updates the df entry-point to explicitly require group, solving the issue up front. Hopefully this can be fleshed out in the future as it should not consern the entry-points that this specific evaluation order needs to take place. The third and final entry-point, cron.php, is already fine at the time of this commit. Its require tree is much simplier, and does not even include either of the affected classes.
2018-09-25group: Add group page viewMalf Furious3-0/+86
2018-09-24agent: Fix bug in function canAccess()Malf Furious1-1/+1
This is probabally more of an oops than a bug, although was causing unexpected behavior. When falling back to checking whether the agent has access to the object's owner, it was wrongly accessing through $this->owner, rather than $obj->owner (which is the function argument). This was probabally left over from how this function _used_ to be implemented (you would call on the object and pass in the user).
2018-09-24Add missing requireMalf Furious1-0/+1
2018-09-23dashboard: Remove extra thingsMalf Furious1-3/+1
2018-09-23admin: Add empty admin panelMalf Furious2-0/+47
2018-09-23form: Fix bug in populate()Malf Furious1-1/+1
There was a problem with processing enum type fields. The way all other field types are asserted to be 'defined' is via: isset($field) && $field != "" Which works perfectly fine, and is exactly what we want. However, with enums the second part of that && can bite us if "" is in the list of acceptable values. This commit removed that half of the check (only for enum values) so that the empty string may be an acceptable enum value. If "" is not in the values array, then the check is implicitly reinstated.
2018-09-23settings: Implement admin tab form handlerMalf Furious1-0/+40
2018-09-22database: Fix bug in function checkConfig()Malf Furious1-7/+4
Because of how this function was implemented, any failure during database instance construction is treated the same way. IE. we cannot tell the difference between 'no db config' (as is the initial default state) and a 'bad db config' (either bogus data, or the server happens to be down). Because of this, if, after the database access is initially set up, access to the db becomes unavailable or someone makes a bad edit to the dbconfig.php file, Scrott behaves as if it is being configured for the first time. This is *dangerous* behavior! (unexpected, at the least) The implication of this is that if Scrott's database access is ever incidentially interrupted, the very next visitor to the site is offered the chance to (silently) reconfigure the server to point to any database of his choosing. This patch updates the checkConfig() function to only 'soft fail' (return false) in the case where the configuration is _actually_ missing. IE. $_SCROTT['conf'] is not defined. This function will otherwise passthrough any and all exceptions which result from instanciating the database instance and will only return true if both of these steps succeed.
2018-09-21settings: Add admin-only settings tab to settings modalMalf Furious1-0/+71
This is an interface to alter the settings stored in the 'settings' database table. Typically restricted to administrators only.
2018-09-21settings: Add key 'smtpResult'Malf Furious1-0/+8
This is not meant to be a user (admin) configurable key. Rather, this is a mechanism for success/failure results from interactions with PHPMailer to make their way back to the UI. Down the road, email sending functions should publish their true/false return value to this configuration key. The initial default value of "NULL" means no mail send attempts have taken place.
2018-09-21deleteaccount: Implement form handlerMalf Furious2-0/+48
2018-09-21deleteaccount: Add viewMalf Furious2-0/+64
2018-09-20stdpage: Add assertconfirm() functionMalf Furious1-0/+4
2018-09-20index: Enforce access permission when viewing object by URLMalf Furious1-0/+8
The controller now (again) prevents browsing to objects the user is not allowed to access.
2018-09-20Add start of single-pad viewMalf Furious5-0/+130
2018-09-20pad: Fix bug in function getStages()Malf Furious1-0/+3
In cases where the pad had no stages beneath it, `new stage($this->stage)` would construct an invalid object. As it turns out, calling ->getArray() on an uninitialized stage object yeilds bad results. Instead of patching the stage::getArray() function, I add a check to harden pad::getStages(). My reasoning for this is as follows: The bug in getArray() manifests from a domain error, ie. it's only because we are calling it on an uninitialized object. The object is already in a bad state prior to caling getArray(). Rather, I opt to patch getStages() so that we never create a bad object in the first place. Now, for no-stage pads, getStages() will return early an empty array.
2018-09-20table: Fix bug in constructorMalf Furious1-2/+2
This particular flaw was dampening (and could popentially be hiding) the effects of other bugs. For instance, in this case, a GUID of "" was invalidly being used to construct an object. This should obviously be considered an error, but since "" evaluates to false, the construction was treated as default (no GUID) construction and succedded. It wasn't until later when missing properties were accessed that random PHP error messages clued me into what was happening. Now, when any sort of explicit value is used to construct an object (not NULL), an object load will be attempted, giving bad input more chances to fail outright and trigger an exception. In addition, the 'no such guid' exception message is updated to place quotes ('') around the GUID string to make it more obvious when "" is used in the future.
2018-09-19stdpage: Update user button appearanceMalf Furious1-1/+8
Removed placholder text and now displaying the logged-in user's display name. This is accopanied by the user icon and (conditionally) the 'cool' sunglasses icon for admins. This is similar, but not identical, to the markup of my old archived code I'm clearing out.
2018-09-19stdpage: Add additional spacing to "Not Logged In" textMalf Furious1-1/+1
This additional spacing is added to the navbar text to improve its appearance in the browser.
2018-09-19datamods: Add default stages to new padsMalf Furious1-0/+6
As a convenience, I'm adding a basic set of stages to new pads. These stages are "To Do", "In Progress" ('Done' being closed issues). This implements a very simple workflow for new pads.
2018-09-19table: Change function visibilities to publicMalf Furious1-2/+2
These two functions, 'getCurrentTimestamp()' and 'isGUID()' are updated to be public. There is actually no good reason for them to be private; I originally just never antisipated their use outside this class. I need isGUID() in index.php to help with page routing. Neither of these two functions have side effects of any kind nor any unexpected behavior, so there is no harm in going public.
2018-09-19globals: Remove single call assertions for setPage...() functionsMalf Furious1-12/+2
Removing these unnecessary checks. They are not protecting us from anything, only inconveniencing me in index.php.
2018-09-19settings: Implement user tab form submissionMalf Furious2-0/+103
2018-09-19Update all usage of saveFile()Malf Furious2-10/+9
Update all usage of saveFile() to use added saveIfFile() function, forwarding on the convenience to model code. Model code can pass in file field names, rather than $_FILES arrays directly.
2018-09-19globals: Add function saveIfFile()Malf Furious1-0/+15
This is an alternative function to globals' saveFile(), which allows model code to just pass in the name of the expected uploaded file, rather than requiring them to look up the file themselves. This is in line with my preference to encapsulate PHP superglobals access away from most of the codebase. Note that even if the user opts not to upload optional files, the associated file <input> field will still be present in $_FILES, with a special error code set (meaning 'no file uploaded') which setFile() ignores. It is only in the case of a malformed form submission that $_FILES will be missing the requested file field, prompting Scrott to throw an exception.
2018-09-19formctrl: Hidden field name should be in 'input' arrayMalf Furious1-1/+1
The input[ ] portion of the hidden field name had been left off. This commit fixes this bug.
2018-09-16Add settings modal and user settings tabMalf Furious2-3/+151
Updated old settings modal design, to incorporate added Scrott features. Reimplemented this modal in Scrott from archived code and have included it in the navbar.
2018-09-16Add hidden formctrlMalf Furious1-0/+5
2018-09-16Add object background preview widgetMalf Furious2-0/+46
Similar to objHeadCircle() but for displaying a bg img on page, rather than as the actual background.
2018-09-16Add function obj::hasHeadImg()Malf Furious1-0/+10
We can check for the existence of an object's background image by calling getBgImg(), since it returns NULL when there is no such image. But getHeadImg() behaves differently, returning a path to 'static/img/null.jpg' (via df.php) when there is no image, making it more difficult to tell. This function addresses this concern.
2018-09-15Add file formctrlMalf Furious1-0/+8
This ctrl is not POSTed as part of the input[] array, but as a standalone name.
2018-09-15Add checkbox formctrlMalf Furious1-0/+9