Compare commits

..

54 Commits

Author SHA1 Message Date
50d6166067 1.2.4 release 2026-06-21 13:26:17 +02:00
ebf44f5152 fix table column sizing issue 2026-06-21 12:32:26 +02:00
6682b974a3 Made the user groups table sortable and searchable. 2026-06-21 12:32:12 +02:00
433ed86f7e minor css and js improvements 2026-06-20 23:30:20 +02:00
55cc1be52f css warning fixes 2026-06-20 23:22:04 +02:00
229d2b4a15 Content Security Policy (CSP) Improvements. 2026-06-20 22:52:21 +02:00
e96d6b9a70 config.php changed 2026-06-20 00:32:01 +02:00
d781078c0d A lot of code cleanup and code sanitation done. 2026-06-20 00:31:32 +02:00
be392b8149 Validation added of the portal_uuid when configuring mail settings and portal settings. 2026-06-20 00:22:07 +02:00
8b742d997c Content Security Policy (CSP) compatibility beta. 2026-06-20 00:21:19 +02:00
0b76255cfa security.txt added and + PGP key. 2026-06-20 00:01:12 +02:00
89ea170798 fixed an issue where existing subscriptions wont be updated with new licenses. 2026-06-19 23:20:42 +02:00
16be5448be Small code fixes in API code 2026-06-15 16:04:21 +02:00
7429cd367d Typos in API code fixed 2026-06-15 15:20:33 +02:00
9dfb60fb9a v.1.2.3 released 2026-06-14 23:35:02 +02:00
c918884a79 Fixed some invalid characters in permissions table. 2026-06-14 23:16:13 +02:00
f2383e1c86 Code cleanup on different API GET calls. 2026-06-14 23:15:24 +02:00
db377bcc08 Added GET API call for users. 2026-06-14 23:14:10 +02:00
b7dcbaf290 Added GET API call for user-groups. 2026-06-14 23:13:59 +02:00
b227cfb2c5 Added GET API call for servers. 2026-06-14 23:13:04 +02:00
b93f4d2e9c Added GET API call for portal-settings. 2026-06-14 23:12:51 +02:00
b088314c38 Added GET API call for group-permissions 2026-06-14 23:12:17 +02:00
a7e3c54a89 Fixed the ofice typo in the permission names to office 2026-06-13 23:25:27 +02:00
98d5d1cb18 GET stomp API call added 2026-06-13 23:21:17 +02:00
c408e43283 SQL-Injection vulnerability in GET function resolved. 2026-06-13 23:17:12 +02:00
9de2fc0ad1 Users are not able to change their own name. 2026-06-13 15:16:43 +02:00
ec82b2add0 Change all the forms from _method to X-HTTP-Method-Override fix 2026-06-13 14:27:10 +02:00
3b200d30cb Change all the forms from _method to X-HTTP-Method-Override 2026-06-13 00:11:56 +02:00
1374ba2f13 Module enablement toggle feedback is fixed 2026-06-13 00:05:19 +02:00
bc8976c18e API user creation does not set the user_full_name. 2026-06-12 23:34:24 +02:00
d6079878c4 user_pref_language users field value changed to enum. user_phone_number optional. 2026-06-12 23:32:50 +02:00
aece25439b Inserve configuration API call does not longer require the obsolete source_name field. 2026-06-12 23:27:55 +02:00
a60ebadd60 added support for the HTTP_X_HTTP_METHOD_OVERRIDE headder in the API 2026-05-31 00:29:46 +02:00
d00108db3c v1.2.2 release 2026-05-29 23:37:50 +02:00
f69385300b Fixed a bug where new server licenses have "0" as a name. 2026-05-28 23:41:53 +02:00
b22d0c3105 Server licences are now updated with the name of the server. 2026-05-28 23:39:18 +02:00
da64e632a6 added light and dark gruvbox themes. fixed css issues. 2026-05-28 23:38:05 +02:00
4eba391e7f changes to login page styling, added dark and light mode and fixed some layout. 2026-05-22 23:41:57 +02:00
3d6e3c376f changes to login page styling before dark and light theme 2026-05-21 22:58:44 +02:00
fa5459df56 Apply group weight system to API token modifications 2026-05-19 22:30:38 +02:00
995eca4111 Add names to API tokens. 2026-05-18 22:22:14 +02:00
30cbb0e1c7 minor graphic change to the login screen 2026-05-17 22:47:20 +02:00
65a3137a40 minor graphic changes to the login screen 2026-05-17 21:59:16 +02:00
6a8680b5ed show hostname if available 2026-05-17 21:29:54 +02:00
758f07b689 changed login page colors 2026-05-17 17:20:19 +02:00
369657a622 moved different api calls 2026-05-17 17:20:06 +02:00
776342d595 added update query for 1.2 > 1.2.1 update 2026-05-17 14:19:48 +02:00
d3885a577e Deleted double sessions_start() 2026-05-17 14:19:27 +02:00
ab214e958e Issue with the companies not showing in the server overview. 2026-05-17 14:19:05 +02:00
1e1e7a6be0 v.1.2.1 release 2026-05-17 13:55:03 +02:00
62cdeb6767 Send test email feature added to email settings. 2026-05-17 13:49:45 +02:00
ff3a15fd09 Sidebar text not showing when sidebar is wrapped. 2026-05-17 13:06:41 +02:00
ae24479e06 Severs page wont show an json error message. 2026-05-17 12:44:52 +02:00
39b903261c Display user group weight in user groups view 2026-05-16 23:52:01 +02:00
184 changed files with 13818 additions and 72602 deletions

3
.gitignore vendored
View File

@@ -1,6 +1,9 @@
pub/.well-known/security.txt.sig
pub/data/devices/*/documents/* pub/data/devices/*/documents/*
pub/data/devices/*/firmware/* pub/data/devices/*/firmware/*
.idea/* .idea/*
composer.* composer.*
CAcert.crt CAcert.crt
pub/config.php pub/config.php
pub/bin/pages/pageThemeTest.php
pub/colors.html

View File

@@ -126,13 +126,13 @@ INSERT INTO `system_pages` (`page_uuid`, `module_uuid`, `page_name`, `page_icon`
('4d2bb0f5-62c9-417e-a9ba-f673124f6a3a', 'f535daf2-a1fb-4e8e-acf1-009233cf97a2', 'phonebooks', 'fas fa-address-book', 'dashboard_text_phonebooks', '/autop/pagePhonebooks.php', '/phonebooks', 'primary'), ('4d2bb0f5-62c9-417e-a9ba-f673124f6a3a', 'f535daf2-a1fb-4e8e-acf1-009233cf97a2', 'phonebooks', 'fas fa-address-book', 'dashboard_text_phonebooks', '/autop/pagePhonebooks.php', '/phonebooks', 'primary'),
('53c2bb43-afb7-46a1-9eb1-a3376d629d8e', '247aa89e-2ffa-4cba-8672-3fef451255b7', 'companies', 'fas fa-building', 'dashboard_text_organizations', '/customers/pageCompanies.php', '/companies', 'success'), ('53c2bb43-afb7-46a1-9eb1-a3376d629d8e', '247aa89e-2ffa-4cba-8672-3fef451255b7', 'companies', 'fas fa-building', 'dashboard_text_organizations', '/customers/pageCompanies.php', '/companies', 'success'),
('558df250-d6bd-4b81-b23d-99b472b2c72a', '0f044275-1744-444c-9627-736310d7997e', 'systemconfig', 'fas fa-cogs', 'dashboard_text_systemconfig', '/portal-management/pageSystemConfig.php', '/systemconfig', 'danger'), ('558df250-d6bd-4b81-b23d-99b472b2c72a', '0f044275-1744-444c-9627-736310d7997e', 'systemconfig', 'fas fa-cogs', 'dashboard_text_systemconfig', '/portal-management/pageSystemConfig.php', '/systemconfig', 'danger'),
('5b167631-ba04-4452-bb8f-3ae0be8bccb0', '0f044275-1744-444c-9627-736310d7997e', 'inserve_source', NULL, 'source_inserve', '/portal-management/sources/pageSourceInserve.php', '/portal-management/sources/inserve', 'secondary'), ('5b167631-ba04-4452-bb8f-3ae0be8bccb0', '0f044275-1744-444c-9627-736310d7997e', 'inserve_source', NULL, 'source_inserve', '/portal-management/sources/pageSourceInserve.php', '/portal-management/sources/inserve', 'warning'),
('94ba750f-4a0a-46ea-830b-07b86fd0ed47', 'f535daf2-a1fb-4e8e-acf1-009233cf97a2', 'device_settings', 'fas fa-terminal', 'dashboard_text_device_settings', '/autop/pageDevicesSettings.php', '/devicesettings', 'primary'), ('94ba750f-4a0a-46ea-830b-07b86fd0ed47', 'f535daf2-a1fb-4e8e-acf1-009233cf97a2', 'device_settings', 'fas fa-terminal', 'dashboard_text_device_settings', '/autop/pageDevicesSettings.php', '/devicesettings', 'primary'),
('a9e542a7-be1e-4e93-a924-7f43ef974e16', '0f044275-1744-444c-9627-736310d7997e', 'monitoring', 'fa-solid fa-magnifying-glass', 'dashboard_text_monitoring', '/portal-management/pageMonitoring.php', '/monitoring', 'info'), ('a9e542a7-be1e-4e93-a924-7f43ef974e16', '0f044275-1744-444c-9627-736310d7997e', 'monitoring', 'fa-solid fa-magnifying-glass', 'dashboard_text_monitoring', '/portal-management/pageMonitoring.php', '/monitoring', 'info'),
('aa4a31ba-6da6-4449-a39a-08d161663346', '0f044275-1744-444c-9627-736310d7997e', 'dashboard', 'fas fa-tachometer-alt', NULL, 'pageDashboard.php', '/', NULL), ('aa4a31ba-6da6-4449-a39a-08d161663346', '0f044275-1744-444c-9627-736310d7997e', 'dashboard', 'fas fa-tachometer-alt', NULL, 'pageDashboard.php', '/', NULL),
('ac9eca38-5d4a-4e08-a85a-4f56775f1861', '0f044275-1744-444c-9627-736310d7997e', 'userprofile', 'fa-solid fa-address-card', NULL, 'pageUserProfile.php', '/userprofile', NULL), ('ac9eca38-5d4a-4e08-a85a-4f56775f1861', '0f044275-1744-444c-9627-736310d7997e', 'userprofile', 'fa-solid fa-address-card', NULL, 'pageUserProfile.php', '/userprofile', NULL),
('b3e7b4a9-c108-4761-83cf-a2fc6ad624db', '46f0a6d8-21be-4f76-8a95-2e22be8f3878', 'stompjeslist', 'fa-solid fa-hand-fist', 'dashboard_text_stompjes', '/office/pageStompjes.php', '/stompjes', 'primary'), ('b3e7b4a9-c108-4761-83cf-a2fc6ad624db', '46f0a6d8-21be-4f76-8a95-2e22be8f3878', 'stompjeslist', 'fa-solid fa-hand-fist', 'dashboard_text_stompjes', '/office/pageStompjes.php', '/stompjes', 'primary'),
('c14362c2-7db2-4047-aed2-9569c0b4febf', '0f044275-1744-444c-9627-736310d7997e', 'access_control', 'fa-solid fa-user-group', 'dashboard_text_access_control', '/portal-management/pageAccessControl.php', '/accesscontrol', 'secondary'), ('c14362c2-7db2-4047-aed2-9569c0b4febf', '0f044275-1744-444c-9627-736310d7997e', 'access_control', 'fa-solid fa-user-group', 'dashboard_text_access_control', '/portal-management/pageAccessControl.php', '/accesscontrol', 'warning'),
('cc6ef77a-79b2-4e65-af27-978c33a39bfe', '0f044275-1744-444c-9627-736310d7997e', 'changelog', 'fa-solid fa-table-list', NULL, 'pageChangelog.php', '/changelog', NULL), ('cc6ef77a-79b2-4e65-af27-978c33a39bfe', '0f044275-1744-444c-9627-736310d7997e', 'changelog', 'fa-solid fa-table-list', NULL, 'pageChangelog.php', '/changelog', NULL),
('d0f9e1b4-9584-40d7-a6c1-f397ea030b14', 'f535daf2-a1fb-4e8e-acf1-009233cf97a2', 'platforms', 'fas fa-layer-group', 'dashboard_text_platforms', '/autop/pagePlatforms.php', '/platforms', 'primary'), ('d0f9e1b4-9584-40d7-a6c1-f397ea030b14', 'f535daf2-a1fb-4e8e-acf1-009233cf97a2', 'platforms', 'fas fa-layer-group', 'dashboard_text_platforms', '/autop/pagePlatforms.php', '/platforms', 'primary'),
('f851bc6f-564e-4689-813b-84e56e99ee1f', 'f535daf2-a1fb-4e8e-acf1-009233cf97a2', 'devices', 'fas fa-fax', 'dashboard_text_devices', '/autop/pageDevices.php', '/devices', 'primary'); ('f851bc6f-564e-4689-813b-84e56e99ee1f', 'f535daf2-a1fb-4e8e-acf1-009233cf97a2', 'devices', 'fas fa-fax', 'dashboard_text_devices', '/autop/pageDevices.php', '/devices', 'primary');
@@ -164,6 +164,7 @@ CREATE TABLE `system_api_tokens` (
`api_token_uuid` char(36) NOT NULL, `api_token_uuid` char(36) NOT NULL,
`user_uuid` char(36) NOT NULL, `user_uuid` char(36) NOT NULL,
`api_token` char(64) NOT NULL, `api_token` char(64) NOT NULL,
`api_token_name` char(64),
`api_token_expiration_timestamp` int(10) DEFAULT NULL, `api_token_expiration_timestamp` int(10) DEFAULT NULL,
`api_token_created_timestamp` int(10) DEFAULT NULL, `api_token_created_timestamp` int(10) DEFAULT NULL,
`api_token_last_used_timestamp` int(10) DEFAULT NULL, `api_token_last_used_timestamp` int(10) DEFAULT NULL,
@@ -353,18 +354,18 @@ CREATE TABLE `system_permissions` (
-- --
INSERT INTO `system_permissions` (`permission_uuid`, `permission_name`, `permission_slugify`, `permission_description`, `permission_create_timestamp`, `permission_modified_timestamp`, `module_uuid`) VALUES INSERT INTO `system_permissions` (`permission_uuid`, `permission_name`, `permission_slugify`, `permission_description`, `permission_create_timestamp`, `permission_modified_timestamp`, `module_uuid`) VALUES
('11abc93d-c265-11f0-95da-7e99ed98b725', 'ofice-stompjes', 'ofice-stompjes', 'When a user has RW permissions, they can view, add, modify, and delete stomps. When a user has RO permissions, they can only view stomps.', 1763239979, NULL, '46f0a6d8-21be-4f76-8a95-2e22be8f3878'), ('11abc93d-c265-11f0-95da-7e99ed98b725', 'office-stompjes', 'office-stompjes', 'When a user has RW permissions, they can view, add, modify, and delete stomps. When a user has RO permissions, they can only view stomps.', 1763239979, NULL, '46f0a6d8-21be-4f76-8a95-2e22be8f3878'),
('1425fa24-2b6b-11f0-9300-7e99ed98b725', 'admin-access-control-permissions', 'admin-access-control-permissions', 'superuser can create or delete permissions, regardless of a groups Read-Write (RW) access. While RW access allows a group to modify all existing permissions, it does not permit the creation or deletion of them. Use caution when assigning RW accessonly the highest-level administrative group should be granted this permission, as it effectively provides control over the entire portal.', 1749933229, 1749933229, '0f044275-1744-444c-9627-736310d7997e'), ('1425fa24-2b6b-11f0-9300-7e99ed98b725', 'admin-access-control-permissions', 'admin-access-control-permissions', 'superuser can create or delete permissions, regardless of a groups Read-Write (RW) access. While RW access allows a group to modify all existing permissions, it does not permit the creation or deletion of them. Use caution when assigning RW access only the highest-level administrative group should be granted this permission, as it effectively provides control over the entire portal.', 1749933229, 1749933229, '0f044275-1744-444c-9627-736310d7997e'),
('19795051-302e-11f0-9300-7e99ed98b725', 'admin-vendors', 'admin-vendors', 'Grants access to manage support for various VoIP phone vendors. It is recommended that only top-level administrators have Read/Write (RW) access, while all other administrators are granted Read-Only (RO) access.', 1749933229, NULL, 'f535daf2-a1fb-4e8e-acf1-009233cf97a2'), ('19795051-302e-11f0-9300-7e99ed98b725', 'admin-vendors', 'admin-vendors', 'Grants access to manage support for various VoIP phone vendors. It is recommended that only top-level administrators have Read/Write (RW) access, while all other administrators are granted Read-Only (RO) access.', 1749933229, NULL, 'f535daf2-a1fb-4e8e-acf1-009233cf97a2'),
('1d018159-3109-11f0-9300-7e99ed98b725', 'admin-portalsettings', 'admin-portalsettings', 'Grants access to modify the portals global settings. It is advisable to restrict this permission to only the highest-level administrators.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'), ('1d018159-3109-11f0-9300-7e99ed98b725', 'admin-portalsettings', 'admin-portalsettings', 'Grants access to modify the global settings. It is advisable to restrict this permission to only the highest-level administrators.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'),
('32541357-3814-11f0-9300-7e99ed98b725', 'admin-access-control-user-groups', 'admin-access-control-user-groups', 'Grants access to manage groups. 'Read/Write' (RW) access allows users to create, modify, and delete groups. 'Read-Only' (RO) access permits viewing groups without making changes.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'), ('32541357-3814-11f0-9300-7e99ed98b725', 'admin-access-control-user-groups', 'admin-access-control-user-groups', 'Grants access to manage groups. Read/Write (RW) access allows users to create, modify, and delete groups. Read-Only (RO) access permits viewing groups without making changes.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'),
('36a615b1-374d-11f0-9300-7e99ed98b725', 'admin-devices-files', 'admin-devices-files', 'Grants permission to upload and remove files on the device, including firmware and document files.', 1749933229, NULL, 'f535daf2-a1fb-4e8e-acf1-009233cf97a2'), ('36a615b1-374d-11f0-9300-7e99ed98b725', 'admin-devices-files', 'admin-devices-files', 'Grants permission to upload and remove files on the device, including firmware and document files.', 1749933229, NULL, 'f535daf2-a1fb-4e8e-acf1-009233cf97a2'),
('5f284b11-de7c-11f0-9d57-00155d00153f', 'ofice-stompjes-canstomp', 'ofice-stompjes-canstomp', 'Users with read–write (RW) permissions can stomp other users’ content but cannot delete stomps. Read-only (RO) permissions have no effect.', 1766328621, 1766328688, '46f0a6d8-21be-4f76-8a95-2e22be8f3878'), ('5f284b11-de7c-11f0-9d57-00155d00153f', 'office-stompjes-canstomp', 'office-stompjes-canstomp', 'Users with read-write (RW) permissions can stomp other users content but cannot delete stomps. Read-only (RO) permissions have no effect.', 1766328621, 1766328688, '46f0a6d8-21be-4f76-8a95-2e22be8f3878'),
('6846e77f-31c8-11f0-9300-7e99ed98b725', 'admin-devices', 'admin-devices', 'Grants access to view and manage devices within the portal. Read/Write (RW) access allows creating, editing, and deleting devices, while Read-Only (RO) access permits viewing devices only.', 1749933229, NULL, 'f535daf2-a1fb-4e8e-acf1-009233cf97a2'), ('6846e77f-31c8-11f0-9300-7e99ed98b725', 'admin-devices', 'admin-devices', 'Grants access to view and manage devices within the portal. Read/Write (RW) access allows creating, editing, and deleting devices, while Read-Only (RO) access permits viewing devices only.', 1749933229, NULL, 'f535daf2-a1fb-4e8e-acf1-009233cf97a2'),
('6b434bee-3a73-11f0-9300-7e99ed98b725', 'admin-access-admins-resetpassword', 'admin-access-admins-resetpassword', 'Grants permission to initiate a password reset for administrator users. This action sends a reset code to the administrator's email, allowing them to set a new password. Only users with Read/Write (RW) access can perform this action.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'), ('6b434bee-3a73-11f0-9300-7e99ed98b725', 'admin-access-admins-resetpassword', 'admin-access-admins-resetpassword', 'Grants permission to initiate a password reset for administrator users. This action sends a reset code to the administrator's email, allowing them to set a new password. Only users with Read/Write (RW) access can perform this action.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'),
('7172efaa-2c35-11f0-9300-7e99ed98b725', 'user-apitoken-others', 'user-apitoken-others', 'Grants the ability to view, create, update, or revoke API tokens belonging to other users. It is recommended to assign Read-Only (RO) or Read-Write (RW) access for this permission only to administrators, due to its sensitive nature.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'), ('7172efaa-2c35-11f0-9300-7e99ed98b725', 'user-apitoken-others', 'user-apitoken-others', 'Grants the ability to view, create, update, or revoke API tokens belonging to other users. It is recommended to assign Read-Only (RO) or Read-Write (RW) access for this permission only to administrators, due to its sensitive nature.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'),
('755c8a22-2f60-11f0-9300-7e99ed98b725', 'admin-platforms', 'admin-platforms', 'Grants access to manage the support of various VoIP platforms. It is recommended that only top-level administrators have Read/Write (RW) access, while other administrators should have Read-Only (RO) access.', 1749933229, 1762637524, 'f535daf2-a1fb-4e8e-acf1-009233cf97a2'), ('755c8a22-2f60-11f0-9300-7e99ed98b725', 'admin-platforms', 'admin-platforms', 'Grants access to manage the support of various VoIP platforms. It is recommended that only top-level administrators have Read/Write (RW) access, while other administrators should have Read-Only (RO) access.', 1749933229, 1762637524, 'f535daf2-a1fb-4e8e-acf1-009233cf97a2'),
('7588d486-3100-11f0-9300-7e99ed98b725', 'admin-mailsettings', 'admin-mailsettings', 'Grants access to modify the portals mail settings. It is advisable to restrict this permission to only the highest-level administrators.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'), ('7588d486-3100-11f0-9300-7e99ed98b725', 'admin-mailsettings', 'admin-mailsettings', 'Grants access to modify the mail settings. It is advisable to restrict this permission to only the highest-level administrators.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'),
('9cf47631-d371-11f0-9d03-00155d00153f', 'servers', 'servers', 'Allow access to the server overview. Users with read-only (RO) permissions can view all servers, while users with read-write (RW) permissions can also modify, add or remove them.', 1765114538, 1765118618, 'ce86cab5-fb45-4e7c-8733-e9eb516bf3f5'), ('9cf47631-d371-11f0-9d03-00155d00153f', 'servers', 'servers', 'Allow access to the server overview. Users with read-only (RO) permissions can view all servers, while users with read-write (RW) permissions can also modify, add or remove them.', 1765114538, 1765118618, 'ce86cab5-fb45-4e7c-8733-e9eb516bf3f5'),
('b21a0915-3a62-11f0-9300-7e99ed98b725', 'admin-access-admins-mfa', 'admin-access-admins-mfa', 'Grants permission to disable multi-factor authentication (MFA) for other administrator users. Users with Read/Write (RW) access can perform this action. Read-Only (RO) access does not permit changes.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'), ('b21a0915-3a62-11f0-9300-7e99ed98b725', 'admin-access-admins-mfa', 'admin-access-admins-mfa', 'Grants permission to disable multi-factor authentication (MFA) for other administrator users. Users with Read/Write (RW) access can perform this action. Read-Only (RO) access does not permit changes.', 1749933229, NULL, '0f044275-1744-444c-9627-736310d7997e'),
('b816b7e8-38d8-11f0-9300-7e99ed98b725', 'admin-access-admins', 'admin-access-admins', 'Grants permissions for managing administrator accounts. Users with Read/Write (RW) access can create, modify, and delete administrator users. Users with Read-Only (RO) access can view administrator accounts and read their details, but cannot make changes. ', 1749933229, 1766327515, '0f044275-1744-444c-9627-736310d7997e'), ('b816b7e8-38d8-11f0-9300-7e99ed98b725', 'admin-access-admins', 'admin-access-admins', 'Grants permissions for managing administrator accounts. Users with Read/Write (RW) access can create, modify, and delete administrator users. Users with Read-Only (RO) access can view administrator accounts and read their details, but cannot make changes. ', 1749933229, 1766327515, '0f044275-1744-444c-9627-736310d7997e'),
@@ -463,7 +464,7 @@ CREATE TABLE `system_users` (
`user_modified_timestamp` int(10) DEFAULT NULL, `user_modified_timestamp` int(10) DEFAULT NULL,
`user_last_login_timestamp` int(10) DEFAULT NULL, `user_last_login_timestamp` int(10) DEFAULT NULL,
`user_login_attempts` int(11) DEFAULT 0, `user_login_attempts` int(11) DEFAULT 0,
`user_pref_language` varchar(10) DEFAULT 'en', `user_pref_language` enum('en','nl') NOT NULL DEFAULT 'en',
`user_stompable` int(1) NOT NULL DEFAULT 0 `user_stompable` int(1) NOT NULL DEFAULT 0
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;

View File

@@ -0,0 +1,52 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGoxoXgBEADBpSGILyhWLl5vranPqbVtcReBxeleHArepBBfsbS8GGLXaSjS
1kVITSjeg90D4hog7XE+ryyXgYpLugXzUc/FF2Oh0XKN0s64bXd6K8EOrzB9HCz6
n8nCk3SctG6TbQPT6i8OS3mNCWslQ2iLU7o9P0UCbB0NO0/m9qp+K3UplWCoMbUd
f7qtnP4As+TTHQqiXoqADbLFf4fyJdnJXAa6fD75yWDejz3KIPNvhV/3+VBVcSjo
bMhYeriW43fZNRHVrJkQBWhtkwGylOIk8v3Zrlgd2YolmOJQNQKiAI3+r6qy8TXM
oqU4ymdXazFm1E9ivxPz17G4k76pfnhw4cZBdPRXVVYXFuqBDbCRB4lnqZjkYHoo
N/iYHlCfSZe06dplZ5jW+1hADO663OJHjXRKBKHusBHIYgFHYeoS6866upoymFMz
Mq+kdaMZwDQEeAyrDUZ535Qvish6TqGuJVtCveNksL0pKNnWuwKsMKtxQJTXYLth
jD8lRfw+4fhnbtvFd7oDCIWY1BRsCR2gZuUul1nuaBEImKdOjyuCA/SOua3Yym9x
H1cfJ54tlcQtWprpTG2eNXpMeQkw3CCGeg8JxbrghSgPEIWU2Pz5iVlrDZcyj8rU
Zqtt8JXRTb7BlRSBiiNY7R9AeJ6Zu0g9LSiwzvMbZAqBRf9S9eSaNTSjowARAQAB
tB1NYXJjbyBNb29paiA8c2VudHJpQG1vb2lqLm1lPokCVwQTAQgAQRYhBJYGP73G
HZjbernuF+V8Pv4rstmMBQJqMaF4AhsDBQkDwmcABQsJCAcCAiICBhUKCQgLAgQW
AgMBAh4HAheAAAoJEOV8Pv4rstmMfloQALthZY4nWV3OFUnqWvUgjjbvBcbOe6Rp
HNGOCFie72OrFbAiU8arH5benwblXOvUtMZHXL73KyVFLd9dnqbUyGaAtN+2wL+1
et76RW/dUvT0ILSSjHI595SrWv2XJN7Z6ruEHwzcrzvjhp6sLMu+QX78cHAnbz9S
0QGr5jBjsfUE7ty0bJFu4Ex7HMlO1ShJShRxnfV3iwCHlBWzr2wlhkVOayKJxXmO
iICpKFsWAQNDNhxu/G/U+CA6S0B1h2g99fiJ5t1bjvwjR1om4aPSljETzaJff0Dr
9Jp3ZxzcxA16MFHAOJPB5lRYIMHAbW3YGpIbOVyMFUc/rhL8sCP7nHOfKx448WPQ
zuc8/KU77WbRRZgNa8P6nWdLf9gmNKxt1y38OlsYWpH+qfdWsKRh/i1hiJmDwSHR
4BsgDBRsZ/ugYaEO9WGxoZdCb/muPO7jjqkieIZq7Lyadu61jW5tzzCrFOtQnzT+
DgddhuhwvW/neRnUowRseuheoSCEtz61y72jjbXAw/SQWWG3JX5kBYMLLclOnZ0O
huo85pWJKuxzvYuxrbQ0zFIWVQRLaTq7peP//9DubsUihtbl9bxBMAvt7JxyAE8V
VHxL+ZDP24Ju7UiZJmcDvgK+P4EiNLd+MN/xHP2WFEIzNiaySyXObI+X7Qr3+/d/
O5qcWL/GyS02uQINBGoxoXgBEADGjxwhIsOWcIJCZM+3sDyeO+soH2T0/a8FXKk6
4qvJ1KfPhTovkPhDdaKe+iYgP1oP2rRk6Yp4+fjOwVEbCcuKYHD3v8iNwUj8OFiS
armVWCg/AYFiPPv5OtJ/U6laMkBCQ2Li6EpTV7BbI+HUhk00yHk7Of1GnYPDWJwB
UUdVCd13hGuTBhIlftUUe11MeCzrQBiWEauHiU+/0mToJ+ePEalGaWud7BCg6K9b
lAh+I+9KqtfYejBCOGpwxUNXkPp26SM726Nag6hsAWJXFOusEyAOh6NvKcfDkFlP
nndRWjfHGfIzBLxBK69DgEMRFA2WmEnCZ/QTDtnFPFg5QUbfxtf2MwHtRswK7Ze5
uvqH5Eh7Mik2W8jtwtpgkHz/04uGjth0Ur7SIPyg6pqeP0YPDujIPl70h4PDFLfu
fms994Y4FUcdPIIVaSHUxPBqLTsIHdDs9ymucYsWBEKPUg/yqQkXitMLQ+eTYi12
ZqnY/XrBHmQI62zljQSbZ6Sga+IHdm0zjEtg0G/3bKbc1n7GDfRZqe3QxkBACXtn
HMwy6ea+rWEHng9GjzGXhesfSrUqK7QUJuE5BpkAhSPZIkeu3lM4WnwkCVaKvhDa
p/MN9TXG/sJ918NHIiXvwXPndbmx9FHa36QoL/407EKzMAdGU8R593XSJfotVVFH
SNqcHQARAQABiQI8BBgBCAAmFiEElgY/vcYdmNt6ue4X5Xw+/iuy2YwFAmoxoXgC
GwwFCQPCZwAACgkQ5Xw+/iuy2YxirhAAtikJT72KwXfeBxE4fpkfI+raS0EsVkHo
Z7JEDOaPJSS5RzgaV3BmiINctnC6KpteMk2q7HoRzfEmd22lVr5IIpn0ugNCKdQq
363SfqzLzNF2Nxyykdy4IB94upN2K/UqXnkk6f/xj7TaXRWw+IIrrg/Il9Ba3xck
LPG30i43OgZdoS3Rfl9UzKmnHpOIyCr41XxP3/UXCghE/UE7rFv/ZE6kGhwMccRO
L5/EUSGo4I7TpTtJRagCxglk/r54ypBpXZm4WopKKNnA71jfKDnRSmL6v3XR7IS4
BGK81MlkpAbG3WQMA9G656YHjcNshge4p81C5je1i4CLZHtbDd4mTROHMm9OeWtN
5r4EsC1ZL0RKplXfV8kvvNUa33QOBx8dAO2qJkeaRiDkJhzK7nOa28RQ/FoMtKMw
6dmDPzfM7oqizDZHtQ7O2Ik8oNai03VLP9rKcZb63WEmTRVSunqL/KFbWDFMsZCN
0av9zhUTu6uC1c4Wh9goOEIdV5qbzBM2Wj46yCnfLz0+YUsXe2BplKuP3AvCeTKG
ShXH02LR570z4b/Tddps2r0uAuLB3d1hzaeGOFO2VVBIbkW44Ag+j0rteSOfDHGf
Jwvh55GwStzQBZCkPkGYVKaPuljZpe0KeCIsINpMUAniPOriXENGyOHqurTUNJ55
Zcn2v7WN+iY=
=pjNF
-----END PGP PUBLIC KEY BLOCK-----

View File

@@ -0,0 +1,8 @@
Contact: mailto:sentri@mooij.me
Expires: 2027-06-14T00:00:00Z
Encryption: https://sentri.mooij.me/.well-known/openpgp.asc
Canonical: https://sentri.mooij.me/.well-known/security.txt
Preferred-Languages: en, nl

View File

@@ -1,14 +1,18 @@
<?php <?php
namespace api\classes; namespace api\classes;
use JetBrains\PhpStorm\NoReturn;
class API class API
{ {
public $conn; public mixed $conn;
public mixed $pdo;
# The user uuid that requested the API # The user uuid that requested the API
protected $user_uuid; protected $user_uuid;
# $user_type is either an API call (api) or an call from the frontend (frontend) # $user_type is either an API call (api) or a call from the frontend (frontend)
protected $user_type; protected $user_type;
# Either GET POST PUT or DELETE # Either GET POST PUT or DELETE
@@ -17,7 +21,7 @@ class API
protected $content_type; protected $content_type;
# The original posted data to the API, this data is NOT sanitized and validated, never use this data for queries! # The original posted data to the API, this data is NOT sanitized and validated, never use this data for queries!
public $postedData; public mixed $postedData;
# The validated and sanitized data can be uses for the API actions # The validated and sanitized data can be uses for the API actions
public $data; public $data;
@@ -28,28 +32,26 @@ class API
# The return url that the frontend request will forward to after the api call is done. if set to false it will only output # The return url that the frontend request will forward to after the api call is done. if set to false it will only output
# the json response with an http code. API calls always respond with json. $return_url can be set to supply the form with an input # the json response with an http code. API calls always respond with json. $return_url can be set to supply the form with an input
# with the name _return and value of the url to return to. # with the name _return and value of the url to return to.
public $return_url; public mixed $return_url;
# Required fields & optional fields set by the API actions. This is an array like:
# Example:
# 'user_uuid' => ['type' => 'string', 'min' => 5, 'max' => 36],
# 'user_enabled' => ['type' => 'int', 'min' => 0, 'max' => 99],
# 'user_active' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned']],
# 'user_email' => ['type' => 'string', 'format' => 'email'],
private $requiredFields = [];
private $optionalFields = [];
# Used for the query builder base # Used for the query builder base
public $baseQuery = false; public $baseQuery = false;
# Used for the general get function, this prevents SQL injecting by only allowing these columns instead of
# Whatever the user inputs straight into the query.
public $allowedGetColumns = false;
# Cache the columns of the tables for some small performance improvements.
private static array $columnCache = [];
public function __construct() public function __construct()
{ {
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/db_connect.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/db_connect.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Functions/globalFunctions.php";
include_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Functions/globalFunctions.php';
# Setup Database connection # Setup Database connection
$this->conn = $GLOBALS['conn']; $this->conn = $GLOBALS['conn'];
$this->pdo = $GLOBALS['pdo'];
if (!empty($_SESSION['user']['user_uuid'])) { if (!empty($_SESSION['user']['user_uuid'])) {
$this->InitUserTypeFrontend(); $this->InitUserTypeFrontend();
@@ -98,7 +100,7 @@ class API
} }
private function InitUserTypeFrontend() private function InitUserTypeFrontend(): void
{ {
$this->user_uuid = $_SESSION['user']['user_uuid']; $this->user_uuid = $_SESSION['user']['user_uuid'];
$this->user_type = 'frontend'; $this->user_type = 'frontend';
@@ -188,11 +190,9 @@ class API
{ {
$inputData = $this->postedData; $inputData = $this->postedData;
$this->requiredFields = $requiredFields;
$this->optionalFields = $optionalFields;
$sanitizedData = []; $sanitizedData = [];
foreach ($this->requiredFields as $field => $rules) { foreach ($requiredFields as $field => $rules) {
if (!array_key_exists($field, $inputData)) { if (!array_key_exists($field, $inputData)) {
$this->apiOutput(400, ['error' => "Missing required field: $field"]); $this->apiOutput(400, ['error' => "Missing required field: $field"]);
@@ -209,7 +209,7 @@ class API
// Check optional fields // Check optional fields
foreach ($this->optionalFields as $field => $rules) { foreach ($optionalFields as $field => $rules) {
if (isset($inputData[$field])) { if (isset($inputData[$field])) {
$value = $inputData[$field]; $value = $inputData[$field];
@@ -265,8 +265,11 @@ class API
{ {
switch ($rules['type']) { switch ($rules['type']) {
case 'string': case 'string':
case 'password':
case 'html':
if (!is_string($value)) return false; if (!is_string($value)) return false;
return $this->isValidLength($value, $rules); return $this->isValidLength($value, $rules);
case 'slugify': case 'slugify':
if (!is_string($value) || !preg_match('/^[a-z0-9]+(-[a-z0-9]+)*$/', $value)) return false; if (!is_string($value) || !preg_match('/^[a-z0-9]+(-[a-z0-9]+)*$/', $value)) return false;
return $this->isValidLength($value, $rules); return $this->isValidLength($value, $rules);
@@ -290,14 +293,6 @@ class API
if (!filter_var($value, FILTER_VALIDATE_EMAIL)) return false; if (!filter_var($value, FILTER_VALIDATE_EMAIL)) return false;
return $this->isValidLength($value, $rules); return $this->isValidLength($value, $rules);
case 'password':
if (!is_string($value)) return false;
return $this->isValidLength($value, $rules);
case 'html':
if (!is_string($value)) return false;
return $this->isValidLength($value, $rules);
case 'int': case 'int':
if (!is_int($value) && !ctype_digit($value)) return false; if (!is_int($value) && !ctype_digit($value)) return false;
$value = (int)$value; $value = (int)$value;
@@ -332,14 +327,9 @@ class API
if (!is_string($value)) return false; if (!is_string($value)) return false;
return base64_encode(base64_decode($value, true)) === $value; return base64_encode(base64_decode($value, true)) === $value;
case 'uuid':
if (!is_string($value)) return false;
return preg_match('/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i', $value);
case 'json': case 'json':
if (!is_string($value)) return false; if (!is_string($value)) return false;
json_decode($value); return json_validate($value);
return json_last_error() === JSON_ERROR_NONE;
case 'array': case 'array':
if (!is_array($value)) return false; if (!is_array($value)) return false;
@@ -382,7 +372,7 @@ class API
case 'boolean': case 'boolean':
if (is_string($value)) { if (is_string($value)) {
$value = strtolower(trim($value)); $value = strtolower(trim($value));
return in_array($value, ['true', '1'], true) ? true : false; return in_array($value, ['true', '1'], true);
} }
return (bool)$value; return (bool)$value;
@@ -442,6 +432,8 @@ class API
if ($returnBoolean) { if ($returnBoolean) {
return true; return true;
} }
return false;
} }
protected function setReturnUrl() protected function setReturnUrl()
@@ -474,19 +466,25 @@ class API
$allowedMethods = ['GET', 'POST', 'PUT', 'DELETE']; $allowedMethods = ['GET', 'POST', 'PUT', 'DELETE'];
$method = $_SERVER['REQUEST_METHOD'] ?? ''; $method = $_SERVER['REQUEST_METHOD'] ?? '';
if (!in_array($method, $allowedMethods)) { # The X-HTTP-Method-Override header is allowed for API requests because
return false; # some web servers do not support PUT or DELETE methods by default.
# This override is only applied when the request method is POST and the header is present.
if ($method === 'POST') {
# $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] is from API calls
# $_POST['X-HTTP-Method-Override'] if from API calls from the frontend.
$override = $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] ?? $_POST['X-HTTP-Method-Override'] ?? null;
if (is_string($override)) {
$override = strtoupper($override);
if (in_array($override, $allowedMethods, true)) {
$method = $override;
}
}
} }
# Since browser doesnt allow DELETE or PUTs from the frontend forms (apart from some javascript/ajax fuckery) if (!in_array($method, $allowedMethods, true)) {
# we need to check the _method POST value. return false;
if ($this->user_type === 'frontend' && $method === 'POST' && isset($_POST['_method'])) {
$overrideMethod = strtoupper($_POST['_method']);
if (in_array($overrideMethod, ['PUT', 'DELETE'])) {
$this->request_method = $overrideMethod;
return true;
}
} }
$this->request_method = $method; $this->request_method = $method;
@@ -500,8 +498,7 @@ class API
return false; return false;
} }
json_decode($rawInput, true); if (!json_validate($rawInput)) {
if (json_last_error() !== JSON_ERROR_NONE) {
return false; return false;
} }
@@ -559,7 +556,7 @@ class API
# api will need to post with an application/json type Content type. # api will need to post with an application/json type Content type.
# frontend will post with application/x-www-form-urlencoded content type but also is capable of application/json # frontend will post with application/x-www-form-urlencoded content type but also is capable of application/json
# frontend can also post multipart/form-data # frontend can also post multipart/form-data
# GET requests dont have an content type # GET requests don't have a content type
$contentType = $_SERVER['CONTENT_TYPE'] ?? ''; $contentType = $_SERVER['CONTENT_TYPE'] ?? '';
@@ -573,17 +570,17 @@ class API
return true; return true;
} }
if (strpos($contentType, 'application/json') !== false) { if (str_contains($contentType, 'application/json')) {
$this->content_type = 'application/json'; $this->content_type = 'application/json';
return true; return true;
} }
if (strpos($contentType, 'application/x-www-form-urlencoded') !== false) { if (str_contains($contentType, 'application/x-www-form-urlencoded')) {
$this->content_type = 'application/x-www-form-urlencoded'; $this->content_type = 'application/x-www-form-urlencoded';
return true; return true;
} }
if (strpos($contentType, 'multipart/form-data') !== false) { if (str_contains($contentType, 'multipart/form-data')) {
$this->content_type = 'multipart/form-data'; $this->content_type = 'multipart/form-data';
return true; return true;
} }
@@ -596,6 +593,7 @@ class API
return $this->user_uuid; return $this->user_uuid;
} }
#[NoReturn]
public function apiOutput($code = 200, $data = [], $frontendMessage = false) public function apiOutput($code = 200, $data = [], $frontendMessage = false)
{ {
if ($this->user_type === 'api') { if ($this->user_type === 'api') {
@@ -615,10 +613,10 @@ class API
if (in_array($this->request_method, ['POST', 'PUT', 'DELETE'])) { if (in_array($this->request_method, ['POST', 'PUT', 'DELETE'])) {
http_response_code($code); http_response_code($code);
if ($this->return_url) { # sometimes the PUT doesnt need an return or response set (Think of js actions to api from frontend) if ($this->return_url) { # sometimes the PUT doesn't need a return or response set (Think of js actions to api from frontend)
$_SESSION['response'] = json_encode($data); $_SESSION['response'] = json_encode($data);
# When a request is successfull the api will recieve the data, the frontend needs a friendly message # When a request is successfully the api will receive the data, the frontend needs a friendly message
if ($frontendMessage) { if ($frontendMessage) {
$_SESSION['response'] = json_encode([key($data) => __($frontendMessage)]); $_SESSION['response'] = json_encode([key($data) => __($frontendMessage)]);
} }
@@ -644,10 +642,9 @@ class API
try { try {
$stmt = $this->conn->prepare($query); $stmt = $this->conn->prepare($query);
} catch (mysqli_sql_exception $e) { } catch (\mysqli_sql_exception $e) {
// If an error occurs during prepare, catch it and return a proper response // If an error occurs during prepare, catch it and return a proper response
$this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]); $this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]);
return null;
} }
return $stmt; return $stmt;
@@ -661,13 +658,12 @@ class API
try { try {
$stmt->execute(); $stmt->execute();
return true; return true;
} catch (mysqli_sql_exception $e) { } catch (\mysqli_sql_exception $e) {
if ($e->getCode() === 1451) { if ($e->getCode() === 1451) {
$this->apiOutput(409, ['error' => 'Cannot delete record: dependent data exists.']); $this->apiOutput(409, ['error' => 'Cannot delete record: dependent data exists.']);
} else { } else {
$this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]); $this->apiOutput(500, ['error' => 'Database error: ' . $e->getMessage()]);
} }
return null;
} }
} }
@@ -688,7 +684,8 @@ class API
protected function buildDynamicQuery(string $tableName): array protected function buildDynamicQuery(string $tableName): array
{ {
$this->baseQuery = ''; $this->allowedGetColumns = $this->loadTableColumns($tableName);
if (!$this->baseQuery) { if (!$this->baseQuery) {
$this->baseQuery = "SELECT * FROM " . $tableName; $this->baseQuery = "SELECT * FROM " . $tableName;
} }
@@ -709,6 +706,10 @@ class API
$column = $builder['where'][0]; $column = $builder['where'][0];
$value = $builder['where'][1]; $value = $builder['where'][1];
if (!in_array($column, $this->allowedGetColumns, true)) {
$this->apiOutput(400, ['error' => 'The column ' . $column . ' is not allowed.']);
}
$whereClauses[] = "$column = ?"; $whereClauses[] = "$column = ?";
$types .= 's'; $types .= 's';
$values[] = $value; $values[] = $value;
@@ -721,6 +722,20 @@ class API
return [$this->baseQuery, $types, $values]; return [$this->baseQuery, $types, $values];
} }
protected function loadTableColumns(string $tableName): array
{
if (isset(self::$columnCache[$tableName])) {
return self::$columnCache[$tableName];
}
$sql = "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = ?";
$stmt = $this->pdo->prepare($sql);
$stmt->execute([$tableName]);
return self::$columnCache[$tableName] = $stmt->fetchAll(\PDO::FETCH_COLUMN);
}
protected function generalGetFunction($query, $types, $params, $returnBoolean, $itemName) protected function generalGetFunction($query, $types, $params, $returnBoolean, $itemName)
{ {
$stmt = $this->prepareStatement($query); $stmt = $this->prepareStatement($query);

View File

@@ -3,6 +3,8 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use api\classes\API_users;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -25,19 +27,61 @@ class API_apitoken extends API
return $tokens; return $tokens;
} }
public function getUserTokens($returnBoolean = false)
{
list($query, $types, $params) = $this->buildDynamicQuery('system_api_tokens');
$items = $this->generalGetFunction($query, $types, $params, $returnBoolean, 'User');
return $items;
}
public function checkTokenPermissions()
{
# First we need to find to what user the api_token belongs to if it's not given.
# If the user_uuid is unknown, get the user_uuid based on the api_token_being.
if (!$this->data['user_uuid']) {
$_GET['builder'] = [1 => ['where' => [0 => 'api_token_uuid', 1 => $this->data['api_token_uuid']]]];
$this->data['user_uuid'] = $this->getUserTokens()[0]['user_uuid'];
}
if ($this->getUserUuid() === $this->data['user_uuid']) {
# The user is modifying its own api_token
$this->checkPermissions('user-apitoken-self', 'RW');
} else {
# An API token is being modified owned by another user. We need to make sure the current user is allowed to
# modify tokens of others.
$this->checkPermissions('user-apitoken-others', 'RW');
# Now get the user_group_uuid and then retrieve the group_weight
require_once 'API_users.php';
$API_users = new API_users();
$_GET['builder'] = [1 => ['where' => [0 => 'user_uuid', 1 => $this->data['user_uuid']]]];
$user_group_uuid = $API_users->getUser()[0]['user_group_uuid'];
$user_group_weight = $API_users->getUserGroupWeight($user_group_uuid);
if ($user_group_weight < $_SESSION['user']['user_group_weight']) {
$this->apiOutput(401, ['error' => 'You are not authorized to access this resource.']);
}
}
}
#[NoReturn]
public function createNewToken() public function createNewToken()
{ {
$api_token = bin2hex(random_bytes(64 / 2)); $api_token = bin2hex(random_bytes(64 / 2));
$api_token_hash = password_hash($api_token, PASSWORD_BCRYPT, ["cost" => 12]); $api_token_hash = password_hash($api_token, PASSWORD_BCRYPT, ["cost" => 12]);
$api_token_expiration_timestamp = strtotime('+1 year'); $api_token_expiration_timestamp = strtotime('+1 year');
$query = "INSERT INTO system_api_tokens (api_token_uuid, user_uuid, api_token, api_token_expiration_timestamp, api_token_created_timestamp) VALUES (UUID(), ?, ?, ?, ?)"; $api_token_name = $this->data['api_token_name'] ?? null;
$query = "INSERT INTO system_api_tokens (api_token_uuid, user_uuid, api_token, api_token_name, api_token_expiration_timestamp, api_token_created_timestamp) VALUES (UUID(), ?, ?, ?, ?, ?)";
$stmt = $this->prepareStatement($query); $stmt = $this->prepareStatement($query);
$stmt->bind_param('ssii', $this->data['user_uuid'], $api_token_hash, $api_token_expiration_timestamp, time()); $created_timestamp = time();
$stmt->bind_param('sssii', $this->data['user_uuid'], $api_token_hash, $api_token_name, $api_token_expiration_timestamp, $created_timestamp);
$this->executeStatement($stmt); $this->executeStatement($stmt);
@@ -102,7 +146,7 @@ class API_apitoken extends API
$stmt->bind_param('is', $api_token_revoked, $this->data['api_token_uuid']); $stmt->bind_param('is', $api_token_revoked, $this->data['api_token_uuid']);
if ($this->executeStatement($stmt)) { if ($this->executeStatement($stmt)) {
$this->apiOutput(200, ['success' => 'API token ' . ($api_token_revoked ? 're' : 'en') . 'voked successfully.']); $this->apiOutput(200, ['success' => 'API token ' . ($api_token_revoked ? 'revoked' : 'envoked') . ' successfully.']);
} }
} }
} }

View File

@@ -4,6 +4,7 @@ namespace api\classes;
use api\classes\API; use api\classes\API;
use api\classes\imageProcessor; use api\classes\imageProcessor;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -36,13 +37,14 @@ class API_devices extends API
$imageProcessor->imageRestrictions = $imageRestrictions; $imageProcessor->imageRestrictions = $imageRestrictions;
$imageProcessor->validateAndProcess(); $imageProcessor->validateAndProcess();
$ImageData = $imageProcessor->returnBase64image(); $ImageData = $imageProcessor->returnBase64image();
} catch (Exception $e) { } catch (\RuntimeException $e) {
$this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]); $this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]);
} }
return $ImageData; return $ImageData;
} }
#[NoReturn]
public function createDevice() public function createDevice()
{ {
@@ -108,6 +110,7 @@ class API_devices extends API
} }
} }
#[NoReturn]
public function deleteDevice() public function deleteDevice()
{ {
# check if the device exists # check if the device exists

View File

@@ -3,19 +3,20 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
class API_inserve extends API class API_inserve extends API
{ {
private $inserve_url; private string $inserve_url;
private $inserve_token; private string $inserve_token;
public $inserve_source_uuid; public string $inserve_source_uuid;
public $inserve_custom_data; public array $inserve_custom_data;
private $ch; private $ch;
@@ -23,7 +24,7 @@ class API_inserve extends API
public $response = false; public $response = false;
private $cloudDistrubutor = false; private $cloudDistributor = false;
public function setupConnection() public function setupConnection()
{ {
@@ -44,11 +45,6 @@ class API_inserve extends API
curl_close($this->ch); curl_close($this->ch);
} }
public function returnResponse()
{
$this->apiOutput($this->httpCode, json_decode($this->response, true));
}
public function authMe() public function authMe()
{ {
$this->ch = curl_init($this->inserve_url . 'auth/me'); $this->ch = curl_init($this->inserve_url . 'auth/me');
@@ -60,18 +56,19 @@ class API_inserve extends API
] ]
]); ]);
$this->execCurl(); $this->execCurl();
return true;
} }
public function getLinkedCompanies() public function getLinkedCompanies()
{ {
# init the clouddistrubutor name # init the cloudDistributor name
if (!isset($this->inserve_custom_data['clouddistrubutor']) || $this->inserve_custom_data['clouddistrubutor'] === '') { if (!isset($this->inserve_custom_data['cloudDistributor']) || $this->inserve_custom_data['cloudDistributor'] === '') {
$this->apiOutput(400, ['error' => 'missing clouddistrubutor in custom source data']); $this->apiOutput(400, ['error' => 'missing cloudDistributor in custom source data']);
} else { } else {
$this->cloudDistrubutor = $this->inserve_custom_data['clouddistrubutor']; $this->cloudDistributor = $this->inserve_custom_data['cloudDistributor'];
} }
$this->ch = curl_init($this->inserve_url . 'cloud-distributors/' . $this->cloudDistrubutor . '/companies'); $this->ch = curl_init($this->inserve_url . 'cloud-distributors/' . $this->cloudDistributor . '/companies');
curl_setopt_array($this->ch, [ curl_setopt_array($this->ch, [
CURLOPT_RETURNTRANSFER => true, CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [ CURLOPT_HTTPHEADER => [
@@ -128,11 +125,11 @@ class API_inserve extends API
public function syncCompaniesFromSentri() public function syncCompaniesFromSentri()
{ {
# init the clouddistrubutor name # init the cloudDistributor name
if (!isset($this->inserve_custom_data['clouddistrubutor']) || $this->inserve_custom_data['clouddistrubutor'] === '') { if (!isset($this->inserve_custom_data['cloudDistributor']) || $this->inserve_custom_data['cloudDistributor'] === '') {
$this->apiOutput(400, ['error' => 'missing clouddistrubutor in custom source data']); $this->apiOutput(400, ['error' => 'missing cloudDistributor in custom source data']);
} else { } else {
$this->cloudDistrubutor = $this->inserve_custom_data['clouddistrubutor']; $this->cloudDistributor = $this->inserve_custom_data['cloudDistributor'];
} }
# First retrieve all the active companies to sync to the Inserve cloud distributor # First retrieve all the active companies to sync to the Inserve cloud distributor
@@ -148,7 +145,7 @@ class API_inserve extends API
]; ];
} }
$url = $this->inserve_url . 'cloud-distributors/' . $this->cloudDistrubutor . '/companies'; $url = $this->inserve_url . 'cloud-distributors/' . $this->cloudDistributor . '/companies';
$this->ch = curl_init($url); $this->ch = curl_init($url);
@@ -246,7 +243,7 @@ class API_inserve extends API
]; ];
if (!in_array($type, $allowedColumns, true)) { if (!in_array($type, $allowedColumns, true)) {
throw new Exception('Invalid column name'); throw new \RuntimeException('Invalid column name');
} }
$query = "SELECT `$type` FROM servers"; $query = "SELECT `$type` FROM servers";
@@ -256,7 +253,7 @@ class API_inserve extends API
$servers = []; $servers = [];
while ($row = $result->fetch_assoc()) { while ($row = $result->fetch_assoc()) {
array_push($servers, $row); $servers[] = $row;
} }
$allTypes = []; $allTypes = [];
@@ -430,7 +427,7 @@ class API_inserve extends API
$item['subscriptionInserveCompanyId'] = $inserveLookup[$item['md5']]['cloud_distribution_company_id']; $item['subscriptionInserveCompanyId'] = $inserveLookup[$item['md5']]['cloud_distribution_company_id'];
$item['subscriptionInserveName'] = $inserveLookup[$item['md5']]['name']; $item['subscriptionInserveName'] = $inserveLookup[$item['md5']]['name'];
//$item['subscriptionInserveStatus'] = $inserveLookup[$item['md5']]['status']; //$item['subscriptionInserveStatus'] = $inserveLookup[$item['md5']]['status'];
} else { # Subscription does not exists in Inserve } else { # Subscription does not exist in Inserve
$item['sentriCompanyId'] = (int)$allCompaniesIds[$row['company_source_id']] ?? 0; $item['sentriCompanyId'] = (int)$allCompaniesIds[$row['company_source_id']] ?? 0;
$item['subscriptionInserveExists'] = false; $item['subscriptionInserveExists'] = false;
$item['subscriptionInserveId'] = false; $item['subscriptionInserveId'] = false;
@@ -451,15 +448,15 @@ class API_inserve extends API
$namePart = substr($key, 7, -6); $namePart = substr($key, 7, -6);
$namePart = ucfirst($namePart); $namePart = ucfirst($namePart);
} // Handle keys with "." } // Handle keys with "."
elseif (strpos($key, '.') !== false) { elseif (str_contains($key, '.')) {
[$first, $second] = explode('.', $key, 2); [$first, $second] = explode('.', $key, 2);
if ($first === $second || strtolower($second) === 'yes') { if ($first === $second || strtolower($second) === 'yes') {
$namePart = ucfirst($first); $namePart = ucfirst($first);
} else { } else {
$namePart = ucfirst($first) . ' - ' . $second; $namePart = ucfirst($first) . ' - ' . $second;
} }
} //Handle keys without . but with a space (expmale directadmin.Standard Discounted) } //Handle keys without . but with a space (example directadmin.Standard Discounted)
elseif (strpos($key, ' ') !== false) { elseif (str_contains($key, ' ')) {
// explode on first . // explode on first .
$parts = explode('.', $key, 2); $parts = explode('.', $key, 2);
if (count($parts) === 2) { if (count($parts) === 2) {
@@ -487,13 +484,13 @@ class API_inserve extends API
// if subscriptionInserveExists is false create a new subscription // if subscriptionInserveExists is false create a new subscription
if ($item['subscriptionInserveExists'] === false) { if ($item['subscriptionInserveExists'] === false) {
$payload = [ $payload = [
"cloud_distribution_id" => $item['md5'], #md5 hash based on the server_uuid from sentri and the subscription name (eg. server_cpu_count) "cloud_distribution_id" => $item['md5'], #md5 hash based on the server_uuid from sentri and the subscription name (e.g. server_cpu_count)
"cloud_subscription_id" => "sentri-servers", # Mark all the sentri-servers subscriptions so we can filter the subscriptions better "cloud_subscription_id" => "sentri-servers", # Mark all the sentri-servers subscriptions so we can filter the subscriptions better
"name" => $item['subscriptionInserveName'], "name" => $item['subscriptionSentriName'],
"quantity" => ($row['server_state'] === 'deleted') ? 0 : $item['countSentri'], "quantity" => ($row['server_state'] === 'deleted') ? 0 : $item['countSentri'],
"cloud_distribution_company_id" => $item['sentriCompanyId'], # this is generated by inserve "cloud_distribution_company_id" => $item['sentriCompanyId'], # this is generated by inserve
"status" => $item['SentriStatus'], "status" => $item['SentriStatus'],
"period_type" => 0, # 0 = monthly, 1 = anual, 2 = one time cost "period_type" => 0, # 0 = monthly, 1 = annual, 2 = one time cost
"start_date" => date('Y-m-d') "start_date" => date('Y-m-d')
]; ];
@@ -502,27 +499,25 @@ class API_inserve extends API
continue; continue;
} }
// update the subscription if the countInserve and countSentri dont match // update the subscription if the countInserve and countSentri don't match
// Or when sentriCompanyId and subscriptionInserveCompanyId dont match // Or when sentriCompanyId and subscriptionInserveCompanyId don't match
if (( if ((
(int)$item['countInserve'] !== (int)$item['countSentri'] || (int)$item['countInserve'] !== (int)$item['countSentri'] ||
(int)$item['sentriCompanyId'] !== (int)$item['subscriptionInserveCompanyId'] || (int)$item['sentriCompanyId'] !== (int)$item['subscriptionInserveCompanyId'] ||
(int)$item['SentriStatus'] !== (int)$item['subscriptionInserveStatus'] (int)$item['SentriStatus'] !== (int)$item['subscriptionInserveStatus'] ||
// || $item['subscriptionSentriName'] !== $item['subscriptionInserveName'] # use this when names are fucked $item['subscriptionSentriName'] !== $item['subscriptionInserveName']
) )
&& $item['subscriptionInserveExists'] !== false && $item['subscriptionInserveExists'] !== false
) { ) {
$payload = [ $payload = [
"quantity" => (int)$item['countSentri'], "quantity" => ($row['server_state'] === 'deleted') ? 0 : $item['countSentri'],
"cloud_distribution_company_id" => (int)$item['sentriCompanyId'], "cloud_distribution_company_id" => (int)$item['sentriCompanyId'],
"name" => $item['subscriptionSentriName'], "name" => $item['subscriptionSentriName'],
"status" => $item['SentriStatus'], "status" => $item['SentriStatus']
"quantity" => ($row['server_state'] === 'deleted') ? 0 : $item['countSentri']
]; ];
$this->updateCloudSubscription($item['subscriptionInserveId'], $payload); $this->updateCloudSubscription($item['subscriptionInserveId'], $payload);
continue;
} }
} }
} }
@@ -670,7 +665,6 @@ class API_inserve extends API
$subscriptionId = $subscriptionFound; $subscriptionId = $subscriptionFound;
$existingLines = []; $existingLines = [];
$missingLines = []; $missingLines = [];
$subscriptionLines = [];
# Get the subscription lines from the specific subscriptionId # Get the subscription lines from the specific subscriptionId
$this->getSubscriptionsLines($subscriptionId); $this->getSubscriptionsLines($subscriptionId);
@@ -680,7 +674,7 @@ class API_inserve extends API
$existingLines[$item['product_code']] = $item; $existingLines[$item['product_code']] = $item;
} }
# Check if there are products that dont exists yet or have different descriptions # Check if there are products that don't exist yet or have different descriptions
foreach ($subscriptionLines['lines'] as $subscriptionLine) { foreach ($subscriptionLines['lines'] as $subscriptionLine) {
$product_code = $subscriptionLine['product_code']; $product_code = $subscriptionLine['product_code'];

View File

@@ -6,6 +6,7 @@ use api\classes\API;
require_once 'API.php'; require_once 'API.php';
class API_mailsettings extends API class API_mailsettings extends API
{ {
public function updateMailSettings($updatePassword) public function updateMailSettings($updatePassword)
@@ -27,4 +28,19 @@ class API_mailsettings extends API
} }
} }
public function testSendMail($mailBuilder)
{
$mailBuilder->subject = "Test mail";
$mailBuilder->addAddress($this->data['mail_to'], $this->data['mail_to']);
$mailBuilder->mailText = '
Hello,<br><br>
This is a test email sent through Sentri.<br><br>
If you received this email, your Sentri mail settings are configured correctly.
';
$mailBuilder->sendMail();
}
} }

View File

@@ -3,11 +3,13 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
class API_mfa extends API class API_mfa extends API
{ {
#[NoReturn]
public function disableMFA() public function disableMFA()
{ {
# Users cannot, by default disable MFA of other users # Users cannot, by default disable MFA of other users
@@ -23,6 +25,7 @@ class API_mfa extends API
$this->apiOutput(200, ['success' => 'mfa is disabled']); $this->apiOutput(200, ['success' => 'mfa is disabled']);
} }
#[NoReturn]
public function enableMFA() public function enableMFA()
{ {
# Users cannot, create MFA of other users # Users cannot, create MFA of other users

View File

@@ -3,11 +3,13 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
class API_office_stompjes extends API class API_office_stompjes extends API
{ {
#[NoReturn]
public function addStomp() public function addStomp()
{ {
$query = "INSERT INTO office_stompjes (stomp_uuid, user_uuid, stomp_timestamp) VALUES (UUID(), ?, ?)"; $query = "INSERT INTO office_stompjes (stomp_uuid, user_uuid, stomp_timestamp) VALUES (UUID(), ?, ?)";
@@ -19,6 +21,7 @@ class API_office_stompjes extends API
$this->apiOutput(200, ['success' => 'Stomp added.']); $this->apiOutput(200, ['success' => 'Stomp added.']);
} }
#[NoReturn]
public function deleteStomp() public function deleteStomp()
{ {
$query = "DELETE FROM office_stompjes WHERE stomp_uuid = ?"; $query = "DELETE FROM office_stompjes WHERE stomp_uuid = ?";
@@ -29,4 +32,42 @@ class API_office_stompjes extends API
$this->apiOutput(200, ['success' => 'Stomp removed.']); $this->apiOutput(200, ['success' => 'Stomp removed.']);
} }
public function getStomp($frontend = false)
{
if (!$frontend) {
list($query, $types, $params) = $this->buildDynamicQuery('office_stompjes');
$items = $this->generalGetFunction($query, $types, $params, false, 'Stompjes');
return ($items);
} else {
if (!isset($_GET['fd'])) {
$SelectFromDate = strtotime(date('Y-m-01'));
} else {
$date = str_replace('/', '-', htmlspecialchars($_GET['fd'], ENT_QUOTES, 'UTF-8'));
$SelectFromDate = strtotime($date . ' 00:00:00');
}
if (!isset($_GET['td'])) {
$SelectTillDate = time();
} else {
$date = str_replace('/', '-', htmlspecialchars($_GET['td'], ENT_QUOTES, 'UTF-8'));
$SelectTillDate = strtotime($date . ' 23:59:59');
}
$stompjes = [];
$stmt = $this->conn->query("SELECT stomp_uuid, office_stompjes.user_uuid, user_full_name, user_first_name, stomp_timestamp
FROM office_stompjes
INNER JOIN system_users ON office_stompjes.user_uuid = system_users.user_uuid
WHERE stomp_timestamp BETWEEN '$SelectFromDate' AND '$SelectTillDate'
AND user_stompable = '1'
ORDER BY stomp_timestamp DESC");
while ($row = $stmt->fetch_assoc()) {
$stompjes[] = $row;
}
return $stompjes;
}
}
} }

View File

@@ -3,6 +3,7 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -27,6 +28,7 @@ class API_permissions extends API
} }
} }
#[NoReturn]
public function createPermission() public function createPermission()
{ {
# Check if permission slugify already exists # Check if permission slugify already exists
@@ -53,7 +55,7 @@ class API_permissions extends API
$sql = "SELECT * FROM system_user_groups"; $sql = "SELECT * FROM system_user_groups";
$stmt = $this->conn->query($sql); $stmt = $this->conn->query($sql);
while ($user_group = $stmt->fetch_assoc()) { while ($user_group = $stmt->fetch_assoc()) {
array_push($user_groups, $user_group); $user_groups[] = $user_group;
} }
# Update all the groups with the newly added permission # Update all the groups with the newly added permission
@@ -120,4 +122,13 @@ class API_permissions extends API
return $access_rights; return $access_rights;
} }
public function getUserGroupPermissions()
{
list($query, $types, $params) = $this->buildDynamicQuery('system_user_group_permissions');
$items = $this->generalGetFunction($query, $types, $params, false, 'userGroupPermissions');
return ($items);
}
} }

View File

@@ -3,6 +3,7 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -18,6 +19,7 @@ class API_platforms extends API
} }
#[NoReturn]
public function createPlatforms() public function createPlatforms()
{ {
if (isset($this->data['platform_image'])) { if (isset($this->data['platform_image'])) {

View File

@@ -18,4 +18,14 @@ class API_portalsettings extends API
$this->apiOutput(200, ['success' => 'portal settings updated successfully.']); $this->apiOutput(200, ['success' => 'portal settings updated successfully.']);
} }
} }
public function getPortalSettings()
{
list($query, $types, $params) = $this->buildDynamicQuery('system_settings');
$items = $this->generalGetFunction($query, $types, $params, false, 'Settings');
return ($items);
}
} }

View File

@@ -11,6 +11,7 @@ class API_servers extends API
{ {
public function getServers($returnBoolean = false) public function getServers($returnBoolean = false)
{ {
list($query, $types, $params) = $this->buildDynamicQuery('servers'); list($query, $types, $params) = $this->buildDynamicQuery('servers');
$items = $this->generalGetFunction($query, $types, $params, $returnBoolean, 'Server'); $items = $this->generalGetFunction($query, $types, $params, $returnBoolean, 'Server');
@@ -122,7 +123,7 @@ class API_servers extends API
VALUES (" . implode(',', $insertValues) . ") VALUES (" . implode(',', $insertValues) . ")
ON DUPLICATE KEY UPDATE "; ON DUPLICATE KEY UPDATE ";
# Build the ON DUPLICATE KEY UPDATE, only foor fields that exist # Build the ON DUPLICATE KEY UPDATE, only for fields that exist
$updateParts = []; $updateParts = [];
foreach ($insertFields as $field) { foreach ($insertFields as $field) {
if (!in_array($field, ['server_create_timestamp', 'server_uuid'])) { if (!in_array($field, ['server_create_timestamp', 'server_uuid'])) {
@@ -240,7 +241,7 @@ class API_servers extends API
public function processServerData($server, $requiredFields, $optionalFields) public function processServerData($server, $requiredFields, $optionalFields)
{ {
// since the disk data is sent as an array we need to check it seperatly from the other data validations // since the disk data is sent as an array we need to check it separately from the other data validations
if (!empty($server['server_disks']) && is_array($server['server_disks'])) { if (!empty($server['server_disks']) && is_array($server['server_disks'])) {
$server['server_disks'] = $this->validateDiskData($server['server_disks']); $server['server_disks'] = $this->validateDiskData($server['server_disks']);

View File

@@ -12,7 +12,7 @@ class API_system_modules extends API
{ {
list($query, $types, $params) = $this->buildDynamicQuery('system_modules'); list($query, $types, $params) = $this->buildDynamicQuery('system_modules');
$items = $this->generalGetFunction($query, $types, $params, $returnBoolean, 'Permission'); $items = $this->generalGetFunction($query, $types, $params, $returnBoolean, 'Modules');
return $items; return $items;
} }
@@ -20,7 +20,7 @@ class API_system_modules extends API
public function enableModule() public function enableModule()
{ {
$module_uuid_enabled = ($this->data['module_enabled']) ? 0 : 1; $module_uuid_enabled = ($this->data['module_enabled']) ? 1 : 0;
# Module 'system cannot be disabled' # Module 'system cannot be disabled'
$query = "UPDATE system_modules SET module_enabled = ? WHERE module_uuid = ? AND module_slugify != 'system'"; $query = "UPDATE system_modules SET module_enabled = ? WHERE module_uuid = ? AND module_slugify != 'system'";

View File

@@ -3,11 +3,13 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
class API_system_sources extends API class API_system_sources extends API
{ {
#[NoReturn]
public function inserveUpdate() public function inserveUpdate()
{ {
$query = "INSERT INTO system_sources ( $query = "INSERT INTO system_sources (
@@ -20,14 +22,15 @@ class API_system_sources extends API
source_custom_data, source_custom_data,
source_create_timestamp, source_create_timestamp,
source_modified_timestamp) source_modified_timestamp)
VALUES (UUID(), ?, ?, '', '', ?, ?, ?, NULL) VALUES (UUID(), 'inserve', ?, '', '', ?, ?, ?, NULL)
ON DUPLICATE KEY UPDATE ON DUPLICATE KEY UPDATE
source_url = VALUES(source_url), source_url = VALUES(source_url),
source_auth_token = VALUES(source_auth_token), source_auth_token = VALUES(source_auth_token),
source_custom_data = VALUES(source_custom_data), source_custom_data = VALUES(source_custom_data),
source_modified_timestamp = VALUES(source_create_timestamp)"; source_modified_timestamp = VALUES(source_create_timestamp)";
$stmt = $this->prepareStatement($query); $stmt = $this->prepareStatement($query);
$stmt->bind_param('ssssi', $this->data['source_name'], $this->data['source_url'], $this->data['source_auth_token'], $this->data['source_custom_data'], time()); $source_modified_timestamp = time();
$stmt->bind_param('sssi', $this->data['source_url'], $this->data['source_auth_token'], $this->data['source_custom_data'], $source_modified_timestamp);
$this->executeStatement($stmt); $this->executeStatement($stmt);
$stmt->close(); $stmt->close();

View File

@@ -3,6 +3,7 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -17,6 +18,7 @@ class API_usergroups extends API
return $items; return $items;
} }
#[NoReturn]
public function createUsergroups() public function createUsergroups()
{ {
# check if the user_group already exists # check if the user_group already exists
@@ -25,6 +27,7 @@ class API_usergroups extends API
if ($this->getUsergroup(true)) { if ($this->getUsergroup(true)) {
$this->apiOutput(409, ['error' => 'Usergroup already exists.']); $this->apiOutput(409, ['error' => 'Usergroup already exists.']);
} }
$this->baseQuery = ''; # reset the base query set $_GET['builder']
$this->data['user_group_weight'] = $this->get_next_available_user_group_weight($this->data['user_group_weight']); $this->data['user_group_weight'] = $this->get_next_available_user_group_weight($this->data['user_group_weight']);
@@ -37,6 +40,7 @@ class API_usergroups extends API
$timestamp = time(); $timestamp = time();
$stmt->bind_param("ssisi", $this->data['user_group_name'], $this->data['user_group_slugify'], $this->data['user_group_weight'], $this->data['user_group_type'], $timestamp); $stmt->bind_param("ssisi", $this->data['user_group_name'], $this->data['user_group_slugify'], $this->data['user_group_weight'], $this->data['user_group_type'], $timestamp);
$this->executeStatement($stmt); $this->executeStatement($stmt);
$_GET['builder'] = [1 => ['where' => [0 => 'user_group_slugify', 1 => $this->data['user_group_slugify']]]];
$user_group = $this->getUsergroup(); $user_group = $this->getUsergroup();
$user_group_uuid = $user_group[0]['user_group_uuid']; $user_group_uuid = $user_group[0]['user_group_uuid'];
@@ -68,6 +72,7 @@ class API_usergroups extends API
} }
} }
#[NoReturn]
public function deleteUsergroup() public function deleteUsergroup()
{ {
# check if the user group exists # check if the user group exists
@@ -75,7 +80,7 @@ class API_usergroups extends API
$user_group = $this->getUsergroup(); $user_group = $this->getUsergroup();
# superuser cannot be deleted # superuser cannot be deleted
if ($user_group[0]['user_group_slufigy'] === 'superuser') { if ($user_group[0]['user_group_slugify'] === 'superuser') {
$this->apiOutput(400, ['error' => 'superuser cannot be deleted.']); $this->apiOutput(400, ['error' => 'superuser cannot be deleted.']);
} }
@@ -111,6 +116,7 @@ class API_usergroups extends API
return $weight; return $weight;
} }
#[NoReturn]
public function updateUserGroup() public function updateUserGroup()
{ {
# check if the user group exists # check if the user group exists
@@ -118,7 +124,7 @@ class API_usergroups extends API
$user_group = $this->getUsergroup(); $user_group = $this->getUsergroup();
# superuser cannot be modified # superuser cannot be modified
if ($user_group[0]['user_group_slufigy'] === 'superuser') { if ($user_group[0]['user_group_slugify'] === 'superuser') {
$this->apiOutput(500, ['error' => 'superuser cannot be modified']); $this->apiOutput(500, ['error' => 'superuser cannot be modified']);
} }

View File

@@ -5,9 +5,10 @@ namespace api\classes;
use api\classes\API; use api\classes\API;
use api\classes\API_usergroups; use api\classes\API_usergroups;
use bin\php\Classes\mailBuilder; use bin\php\Classes\mailBuilder;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/mailBuilder.php";
class API_users extends API class API_users extends API
{ {
@@ -20,6 +21,7 @@ class API_users extends API
return $items; return $items;
} }
#[NoReturn]
public function createUser() public function createUser()
{ {
# check if the user already exists # check if the user already exists
@@ -90,47 +92,63 @@ The Sentri gnomes';
$this->apiOutput(200, ['success' => 'User created successfully. mail has been sent']); $this->apiOutput(200, ['success' => 'User created successfully. mail has been sent']);
} }
private function getUserGroupWeight() public function getUserGroupWeight($user_group_uuid = false)
{ {
require_once 'API_usergroups.php'; require_once 'API_usergroups.php';
$API_usergroups = new API_usergroups(); $API_usergroups = new API_usergroups();
$_GET['builder'] = [1 => ['where' => [0 => 'user_group_uuid', 1 => $this->data['user_group_uuid']]]];
$uuid = $user_group_uuid ?: $this->data['user_group_uuid'];
$_GET['builder'] = [1 => ['where' => [0 => 'user_group_uuid', 1 => $uuid]]];
return $API_usergroups->getUserGroup()[0]['user_group_weight']; return $API_usergroups->getUserGroup()[0]['user_group_weight'];
} }
#[NoReturn]
public function updateUser() public function updateUser()
{ {
# check if the user exists # check if the user exists
$_GET['builder'] = [1 => ['where' => [0 => 'user_uuid', 1 => $this->data['user_uuid']]]]; $_GET['builder'] = [1 => ['where' => [0 => 'user_uuid', 1 => $this->data['user_uuid']]]];
$this->getUser(); $this->getUser();
if ($this->getUserGroupWeight() < $_SESSION['user']['user_group_weight']) { if (!isset($this->postedData['user_profile_change']) && $this->getUserGroupWeight() < $_SESSION['user']['user_group_weight']) {
$this->apiOutput(400, ['error' => 'You cannot edit a user with an lower weight then yourself!']); $this->apiOutput(400, ['error' => 'You cannot edit a user with a lower weight than yourself!']);
} }
$query = "UPDATE system_users SET user_group_uuid = ?, user_email = ?, user_first_name = ?, user_last_name = ?, user_full_name = ?, user_phone_number = ?, user_status = ?, user_pref_language = ?, user_modified_timestamp = ?, user_stompable = ? WHERE user_uuid = ?"; $data = $this->data;
$stmt = $this->prepareStatement($query);
$stmt->bind_param('ssssssssiis', $this->data['user_group_uuid'], $this->data['user_email'], $this->data['user_first_name'], $this->data['user_last_name'], $this->data['user_full_name'], $this->data['user_phone_number'], $this->data['user_status'], $this->data['user_pref_language'], time(), $this->data['user_stompable'], $this->data['user_uuid']);
$this->executeStatement($stmt); $userUuid = $data['user_uuid'];
unset($data['user_uuid']);
# always set timestamp
$data['user_modified_timestamp'] = time();
$set = [];
foreach ($data as $key => $value) {
$set[] = "$key = :$key";
}
$sql = sprintf("UPDATE system_users SET %s WHERE user_uuid = :user_uuid", implode(', ', $set));
$stmt = $GLOBALS['pdo']->prepare($sql);
$data['user_uuid'] = $userUuid;
$stmt->execute($data);
$this->apiOutput(200, ['success' => 'User successfully updated.']); $this->apiOutput(200, ['success' => 'User successfully updated.']);
} }
#[NoReturn]
public function deleteUser() public function deleteUser()
{ {
# delete an user # delete an user
# chect if the user exists # check if the user exists
$_GET['builder'] = [1 => ['where' => [0 => 'user_uuid', 1 => $this->data['user_uuid']]]]; $_GET['builder'] = [1 => ['where' => [0 => 'user_uuid', 1 => $this->data['user_uuid']]]];
$user_data = $this->getUser()[0]; $user_data = $this->getUser()[0];
$this->data['user_group_uuid'] = $user_data['user_group_uuid']; $this->data['user_group_uuid'] = $user_data['user_group_uuid'];
# check group weigth # check group weight
if ($this->getUserGroupWeight() < $_SESSION['user']['user_group_weight']) { if ($this->getUserGroupWeight() < $_SESSION['user']['user_group_weight']) {
$this->apiOutput(400, ['error' => 'You cannot delete a user with an lower weight then yourself!']); $this->apiOutput(400, ['error' => 'You cannot delete a user with an lower weight then yourself!']);
} }

View File

@@ -18,7 +18,7 @@ class API_usersavatar extends API
$imageProcessor->imageRestrictions = $imageRestrictions; $imageProcessor->imageRestrictions = $imageRestrictions;
$imageProcessor->validateAndProcess(); $imageProcessor->validateAndProcess();
$ImageData = $imageProcessor->returnBase64image(); $ImageData = $imageProcessor->returnBase64image();
} catch (Exception $e) { } catch (\RuntimeException $e) {
$this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]); $this->apiOutput(401, ['error' => 'Error: ' . $e->getMessage()]);
} }
@@ -32,7 +32,7 @@ class API_usersavatar extends API
user_profile_picture_thumbnail = ? user_profile_picture_thumbnail = ?
WHERE user_uuid = ?"; WHERE user_uuid = ?";
$stmt = $stmt = $this->prepareStatement($query); $stmt = $this->prepareStatement($query);
$stmt->bind_param("sss", $stmt->bind_param("sss",
$this->data['user_profile_picture'], $this->data['user_profile_picture'],
$this->data['user_profile_picture_thumbnail'], $this->data['user_profile_picture_thumbnail'],

View File

@@ -3,6 +3,7 @@
namespace api\classes; namespace api\classes;
use api\classes\API; use api\classes\API;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php'; require_once 'API.php';
@@ -17,6 +18,7 @@ class API_vendors extends API
return $items; return $items;
} }
#[NoReturn]
public function createVendor() public function createVendor()
{ {
if (isset($this->data['vendor_image'])) { if (isset($this->data['vendor_image'])) {

View File

@@ -2,6 +2,9 @@
namespace api\classes; namespace api\classes;
use http\Exception\RuntimeException;
class imageProcessor class imageProcessor
{ {
public $postedFile = null; public $postedFile = null;
@@ -34,18 +37,18 @@ class imageProcessor
$mimeType = $matches[1]; $mimeType = $matches[1];
$base64 = substr($base64, strpos($base64, ',') + 1); $base64 = substr($base64, strpos($base64, ',') + 1);
} else { } else {
throw new Exception('Invalid image data.'); throw new \RuntimeException('Invalid image data.');
} }
$imageData = base64_decode($base64); $imageData = base64_decode($base64);
if ($imageData === false) { if ($imageData === false) {
throw new Exception('Invalid base64 image data.'); throw new \RuntimeException('Invalid base64 image data.');
} }
# Create image directly from string (no file) # Create image directly from string (no file)
$srcImage = imagecreatefromstring($imageData); $srcImage = imagecreatefromstring($imageData);
if (!$srcImage) { if (!$srcImage) {
throw new Exception('Failed to create image from string.'); throw new \RuntimeException('Failed to create image from string.');
} }
# Now you can get dimensions directly # Now you can get dimensions directly
@@ -53,7 +56,6 @@ class imageProcessor
$height = imagesy($srcImage); $height = imagesy($srcImage);
# Store $srcImage in a class property, continue processing in-memory # Store $srcImage in a class property, continue processing in-memory
$this->imageResource = $srcImage;
$this->imageInfo = [ $this->imageInfo = [
'mime' => $mimeType, 'mime' => $mimeType,
'width' => $width, 'width' => $width,
@@ -74,11 +76,11 @@ class imageProcessor
$fileSizeKB = filesize($this->imageTmpPath) / 1024; $fileSizeKB = filesize($this->imageTmpPath) / 1024;
if (!in_array($mime, $this->imageRestrictions['allowed_types'])) { if (!in_array($mime, $this->imageRestrictions['allowed_types'])) {
throw new Exception("Invalid image type: $mime"); throw new \RuntimeException("Invalid image type: $mime");
} }
if ($fileSizeKB > $this->imageRestrictions['max_size_kb']) { if ($fileSizeKB > $this->imageRestrictions['max_size_kb']) {
throw new Exception("Image exceeds max file size."); throw new \RuntimeException("Image exceeds max file size.");
} }
# Resize to fit within min/max bounds # Resize to fit within min/max bounds
@@ -113,7 +115,7 @@ class imageProcessor
return in_array($mime, ['image/png', 'image/webp']); return in_array($mime, ['image/png', 'image/webp']);
} }
private function setTransparentCanvas($image, $width, $height) private function setTransparentCanvas($image, $width, $height): void
{ {
// Enable alpha blending and preserve alpha channel // Enable alpha blending and preserve alpha channel
imagealphablending($image, false); imagealphablending($image, false);
@@ -123,7 +125,6 @@ class imageProcessor
$transparent = imagecolorallocatealpha($image, 0, 0, 0, 127); $transparent = imagecolorallocatealpha($image, 0, 0, 0, 127);
imagefilledrectangle($image, 0, 0, $width, $height, $transparent); imagefilledrectangle($image, 0, 0, $width, $height, $transparent);
return $image;
} }
private function resizeToFitRestrictions($mime, $width, $height) private function resizeToFitRestrictions($mime, $width, $height)
@@ -137,7 +138,7 @@ class imageProcessor
'image/jpeg' => imagecreatefromjpeg($this->imageTmpPath), 'image/jpeg' => imagecreatefromjpeg($this->imageTmpPath),
'image/png' => imagecreatefrompng($this->imageTmpPath), 'image/png' => imagecreatefrompng($this->imageTmpPath),
'image/webp' => imagecreatefromwebp($this->imageTmpPath), 'image/webp' => imagecreatefromwebp($this->imageTmpPath),
default => throw new Exception("Unsupported image type.") default => throw new \RuntimeException("Unsupported image type.")
}; };
# Determine new size # Determine new size

View File

@@ -3,7 +3,7 @@
use api\classes\API_devices; use api\classes\API_devices;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
$API_devices = new API_devices(); $API_devices = new API_devices();
@@ -11,7 +11,7 @@ if ($API_devices->request_method === 'POST') {
$API_devices->checkPermissions('admin-devices-files', 'RW'); $API_devices->checkPermissions('admin-devices-files', 'RW');
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
$API_devices->return_url = false; $API_devices->return_url = false;
$device_slugify = isset($_POST['device_slugify']) ? preg_replace('/[^a-zA-Z0-9_-]/', '_', $_POST['device_slugify']) : ''; $device_slugify = isset($_POST['device_slugify']) ? preg_replace('/[^a-zA-Z0-9_-]/', '_', $_POST['device_slugify']) : '';
@@ -27,7 +27,7 @@ if ($API_devices->request_method === 'POST') {
} }
$filename = basename($_FILES['file']['name']); $filename = basename($_FILES['file']['name']);
$filename = preg_replace('/[^a-zA-Z0-9_\.\-]/', '_', $filename); $filename = preg_replace('/[^a-zA-Z0-9_.-]/', '_', $filename);
$file_extension = strtolower(pathinfo($filename, PATHINFO_EXTENSION)); $file_extension = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
$expectedExtension = $allowedFiletypes[$filetype]; $expectedExtension = $allowedFiletypes[$filetype];
@@ -61,7 +61,7 @@ if ($API_devices->request_method === 'POST') {
if (move_uploaded_file($_FILES['file']['tmp_name'], $destination)) { if (move_uploaded_file($_FILES['file']['tmp_name'], $destination)) {
chmod($destination, 0644); // Set safe permissions chmod($destination, 0644); // Set safe permissions
$API_devices->apiOutput(200, ['success' => 'File uploaded succcessfully']); $API_devices->apiOutput(200, ['success' => 'File uploaded successfully']);
} else { } else {
$API_devices->apiOutput(500, ['error' => 'Failed to move uploaded file']); $API_devices->apiOutput(500, ['error' => 'Failed to move uploaded file']);
} }
@@ -70,7 +70,7 @@ if ($API_devices->request_method === 'POST') {
$API_devices->checkPermissions('admin-devices-files', 'RW'); $API_devices->checkPermissions('admin-devices-files', 'RW');
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
$API_devices->return_url = false; $API_devices->return_url = false;
$relativePath = $_POST['file_name'] ?? ''; $relativePath = $_POST['file_name'] ?? '';
@@ -94,7 +94,7 @@ if ($API_devices->request_method === 'POST') {
$requestedPath = realpath($_SERVER['DOCUMENT_ROOT'] . $relativePath); $requestedPath = realpath($_SERVER['DOCUMENT_ROOT'] . $relativePath);
// Validate resolved path // Validate resolved path
if (!$requestedPath || strpos($requestedPath, $root) !== 0) { if (!$requestedPath || !str_starts_with($requestedPath, $root)) {
http_response_code(403); http_response_code(403);
echo json_encode(['status' => 'error', 'message' => 'Access denied']); echo json_encode(['status' => 'error', 'message' => 'Access denied']);
exit; exit;

View File

@@ -3,8 +3,8 @@
use api\classes\API_devices; use api\classes\API_devices;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
$API_devices = new API_devices(); $API_devices = new API_devices();
@@ -16,7 +16,7 @@ if ($API_devices->request_method === 'GET') {
} elseif ($API_devices->request_method === 'POST') { } elseif ($API_devices->request_method === 'POST') {
# create an new device # create a new device
$API_devices->checkPermissions('admin-devices', 'RW'); $API_devices->checkPermissions('admin-devices', 'RW');
@@ -106,7 +106,7 @@ if ($API_devices->request_method === 'GET') {
$API_devices->checkPermissions('admin-devices', 'RW'); $API_devices->checkPermissions('admin-devices', 'RW');
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
$API_devices->return_url = false; $API_devices->return_url = false;
$requiredFields = ['device_uuid' => ['type' => 'uuid']]; $requiredFields = ['device_uuid' => ['type' => 'uuid']];

View File

@@ -4,8 +4,8 @@ use api\classes\API_platforms;
use api\classes\imageProcessor; use api\classes\imageProcessor;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_platforms.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_platforms.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
$API_platforms = new API_platforms(); $API_platforms = new API_platforms();

View File

@@ -4,8 +4,8 @@ use api\classes\API_vendors;
use api\classes\imageProcessor; use api\classes\imageProcessor;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_vendors.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_vendors.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
$API_vendors = new API_vendors(); $API_vendors = new API_vendors();

View File

@@ -4,8 +4,7 @@ use api\classes\API_companies;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_companies.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_companies.php";
# Check permissions # Check permissions
$API_companies = new API_companies(); $API_companies = new API_companies();
@@ -18,7 +17,7 @@ if (!$GLOBALS['modules_enabled']['customers']) {
if ($API_companies->request_method === 'PUT') { if ($API_companies->request_method === 'PUT') {
$API_companies->checkPermissions('customer-companies', 'RW'); $API_companies->checkPermissions('customer-companies', 'RW');
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
$API_companies->return_url = false; $API_companies->return_url = false;
$requiredFields = [ $requiredFields = [

View File

@@ -0,0 +1,24 @@
<?php
use api\classes\API;
session_start();
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
$API = new API();
if ($API->request_method === 'GET') {
$breadcrumbJson = '[]';
if (isset($_SESSION['breadCrumbArray'])) {
try {
$breadcrumbJson = json_encode($_SESSION['breadCrumbArray'] ?? [], JSON_THROW_ON_ERROR);
} catch (JsonException $e) {
error_log($e->getMessage());
$breadcrumbJson = '[]';
}
$_SESSION['breadCrumbArray'] = [];
}
echo $breadcrumbJson;
}

View File

@@ -0,0 +1,21 @@
<?php
use api\classes\API;
session_start();
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
$API = new API();
if ($API->request_method === 'GET') {
# this is used by js scripts to get the locale of the user
$locale = getPreferredLocale();
$translations = require $_SERVER['DOCUMENT_ROOT'] . "/bin/locales/{$locale}.php";
header("Cache-Control: public, max-age=3600");
header('Content-Type: application/json; charset=utf-8');
echo json_encode($translations, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
}

View File

@@ -0,0 +1,18 @@
<?php
use api\classes\API;
session_start();
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
$API = new API();
if ($API->request_method === 'GET') {
ini_set('display_errors', 1);
if (isset($_SESSION['response'])) {
echo $_SESSION['response'];
unset($_SESSION['response']);
} else {
echo '[]';
}
}

View File

@@ -4,7 +4,7 @@ use api\classes\API_office_stompjes;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_office_stompjes.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_office_stompjes.php";
$API_office_stompjes = new API_office_stompjes(); $API_office_stompjes = new API_office_stompjes();
@@ -12,9 +12,20 @@ if (!$GLOBALS['modules_enabled']['office']) {
echo '405 Not Allowed'; echo '405 Not Allowed';
exit; exit;
} }
if ($API_office_stompjes->request_method === 'GET') {
$API_office_stompjes->checkPermissions('office-stompjes', 'RO');
if ($API_office_stompjes->request_method === 'POST') { if (isset($_GET['frontend'])) {
$API_office_stompjes->checkPermissions('ofice-stompjes-canstomp', 'RW'); # This one is used by the frontend and is filtered by date.
$stompjes = $API_office_stompjes->getStomp(true);
} else {
$stompjes = $API_office_stompjes->getStomp();
}
$API_office_stompjes->apiOutput($code = 200, ['success' => $stompjes]);
} elseif ($API_office_stompjes->request_method === 'POST') {
$API_office_stompjes->checkPermissions('office-stompjes-canstomp', 'RW');
$API_office_stompjes->return_url = false; $API_office_stompjes->return_url = false;
@@ -24,15 +35,14 @@ if ($API_office_stompjes->request_method === 'POST') {
$API_office_stompjes->validateData($requiredFields); $API_office_stompjes->validateData($requiredFields);
$modules = $API_office_stompjes->addStomp(); $API_office_stompjes->addStomp();
$API_office_stompjes->apiOutput($code = 200, ['success' => 'stomp added successfully.']);
} elseif ($API_office_stompjes->request_method === 'DELETE') { } elseif ($API_office_stompjes->request_method === 'DELETE') {
# Only superuser can delete permission due to fact that the backend needs programming when setting a permission # Only superuser can delete permission due to fact that the backend needs programming when setting a permission
$API_office_stompjes->checkPermissions('ofice-stompjes', 'RW'); $API_office_stompjes->checkPermissions('office-stompjes', 'RW');
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
$API_office_stompjes->return_url = false; $API_office_stompjes->return_url = false;
$requiredFields = ['stomp_uuid' => ['type' => 'uuid']]; $requiredFields = ['stomp_uuid' => ['type' => 'uuid']];

View File

@@ -0,0 +1,41 @@
<?php
use api\classes\API_portalsettings;
session_start();
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_portalsettings.php";
$API_portalsettings = new API_portalsettings();
if ($API_portalsettings->request_method === 'GET') {
$API_portalsettings->checkPermissions('admin-portalsettings', 'RO');
$portalSettings = $API_portalsettings->getPortalSettings();
if ($portalSettings !== null) {
unset($portalSettings[0]["mail_smtp_pass"]);
}
$API_portalsettings->apiOutput($code = 200, ['success' => $portalSettings]);
} elseif ($API_portalsettings->request_method === 'PUT') {
# Edit the portal settings of the platform
$API_portalsettings->checkPermissions('admin-portalsettings', 'RW');
$requiredFields = [
'portal_uuid' => ['type' => 'uuid'],
'portal_name' => ['type' => 'string'],
'portal_provider_name' => ['type' => 'string'],
'admin_auth_methods' => ['type' => 'string']
];
if (count($API_portalsettings->getPortalSettings()) !== 1) {
$API_portalsettings->apiOutput(400, ['error' => 'Invalid portal_uuid']);
}
$API_portalsettings->validateData($requiredFields);
# Update the permission
$API_portalsettings->updatePortalSettings();
}

View File

@@ -4,17 +4,21 @@ use api\classes\API_permissions;
use api\classes\API_usergroups; use api\classes\API_usergroups;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usergroups.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usergroups.php";
$API_permissions = new API_permissions(); $API_permissions = new API_permissions();
$API_usergroups = new API_usergroups(); $API_usergroups = new API_usergroups();
if ($API_permissions->request_method === 'GET') { if ($API_permissions->request_method === 'GET') {
# to be made, get all the access-rights and implement the builder $API_usergroups->checkPermissions('admin-access-control-permissions', 'RO');
$permissions = $API_permissions->getUserGroupPermissions();
$API_permissions->apiOutput($code = 200, ['success' => $permissions]);
} elseif ($API_permissions->request_method === 'PUT') { } elseif ($API_permissions->request_method === 'PUT') {
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
$API_permissions->return_url = false; $API_permissions->return_url = false;
$API_permissions->checkPermissions('admin-access-control-permissions', 'RW'); $API_permissions->checkPermissions('admin-access-control-permissions', 'RW');

View File

@@ -1,9 +1,11 @@
<?php <?php
use api\classes\API_mailsettings; use api\classes\API_mailsettings;
use api\classes\API_portalsettings;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_mailsettings.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_mailsettings.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_portalsettings.php";
$API_mailsettings = new API_mailsettings(); $API_mailsettings = new API_mailsettings();
@@ -24,7 +26,7 @@ if ($API_mailsettings->request_method === 'PUT') {
'mail_smtp_pass' => ['type' => 'string'] 'mail_smtp_pass' => ['type' => 'string']
]; ];
# check if the password is changed # check if the password is changed
$updatePassword = str_contains($API_mailsettings->postedData['mail_smtp_pass'], '******') ? false : true; $updatePassword = !str_contains($API_mailsettings->postedData['mail_smtp_pass'], '******');
if ($updatePassword) { if ($updatePassword) {
if (strlen($API_mailsettings->postedData['mail_smtp_pass']) < 12) { if (strlen($API_mailsettings->postedData['mail_smtp_pass']) < 12) {
$API_mailsettings->apiOutput(400, ['error' => 'Password too short']); $API_mailsettings->apiOutput(400, ['error' => 'Password too short']);
@@ -35,6 +37,11 @@ if ($API_mailsettings->request_method === 'PUT') {
} }
} }
$API_portalsettings = new API_portalsettings();
if (count($API_portalsettings->getPortalSettings()) !== 1) {
$API_mailsettings->apiOutput(400, ['error' => 'Invalid portal_uuid']);
}
$API_mailsettings->validateData($requiredFields); $API_mailsettings->validateData($requiredFields);
# Update the permission # Update the permission

View File

@@ -0,0 +1,30 @@
<?php
use api\classes\API_mailsettings;
use bin\php\Classes\mailBuilder;
session_start();
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_mailsettings.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/mailBuilder.php";
$API_mailsettings = new API_mailsettings();
if ($API_mailsettings->request_method === 'POST') {
# Send a test email to an address
$API_mailsettings->checkPermissions('admin-mailsettings', 'RO');
$requiredFields = [
'mail_to' => ['type' => 'email'],
];
$API_mailsettings->validateData($requiredFields);
# Send the test email
$mailBuilder = new mailBuilder();
$API_mailsettings->testSendMail($mailBuilder);
$API_mailsettings->apiOutput(200, ['success' => 'The test email was sent.']);
}

View File

@@ -3,21 +3,16 @@
use api\classes\API_system_modules; use api\classes\API_system_modules;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_system_modules.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_system_modules.php";
$API_system_modules = new API_system_modules(); $API_system_modules = new API_system_modules();
if ($API_system_modules->request_method === 'GET') { if ($API_system_modules->request_method === 'GET') {
# this part here is not tested (the whole GET part)
$API_system_modules->checkPermissions('admin-modules', 'RO'); $API_system_modules->checkPermissions('admin-modules', 'RO');
$requiredFields = [];
$API_system_modules->validateData($requiredFields);
$modules = $API_system_modules->getModules(); $modules = $API_system_modules->getModules();
$API_system_modules->apiOutput($code = 200, ['success' => $modules], ''); $API_system_modules->apiOutput($code = 200, ['success' => $modules], '');
} elseif ($API_system_modules->request_method === 'PUT') { } elseif ($API_system_modules->request_method === 'PUT') {
# Enable or disable a module # Enable or disable a module
$API_system_modules->checkPermissions('admin-modules', 'RW'); $API_system_modules->checkPermissions('admin-modules', 'RW');

View File

@@ -4,29 +4,16 @@ use api\classes\API_permissions;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
$API_permissions = new API_permissions(); $API_permissions = new API_permissions();
if ($API_permissions->request_method === 'GET') { if ($API_permissions->request_method === 'GET') {
# Retrieve all the permissions a user and return them.
$API_permissions->checkPermissions('admin-access-control-permissions', 'RO'); $API_permissions->checkPermissions('admin-access-control-permissions', 'RO');
$requiredFields = [];
$optionalFields = [
'permission_uuid' => ['type' => 'uuid'],
'permission_name' => ['type' => 'string'],
'permission_slugify' => ['type' => 'slugify'],
'permission_description' => ['type' => 'string'],
'permission_create_timestamp' => ['type' => 'timestamp'],
'permission_modified_timestamp' => ['type' => 'timestamp']
];
$API_permissions->validateData($requiredFields, $optionalFields);
$permissions = $API_permissions->getPermission(); $permissions = $API_permissions->getPermission();
$API_permissions->apiOutput($code = 200, ['success' => $permissions], 'permission_retrieved'); $API_permissions->apiOutput($code = 200, ['success' => $permissions], 'permission_retrieved');
} elseif ($API_permissions->request_method === 'POST') { } elseif ($API_permissions->request_method === 'POST') {
# Only superuser can create permission due to fact that the backend needs programming when setting a permission # Only superuser can create permission due to fact that the backend needs programming when setting a permission
@@ -74,7 +61,7 @@ if ($API_permissions->request_method === 'GET') {
$API_permissions->apiOutput(401, ['error' => 'You are not authorized to access this resource.']); $API_permissions->apiOutput(401, ['error' => 'You are not authorized to access this resource.']);
} }
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
$API_permissions->return_url = false; $API_permissions->return_url = false;
$requiredFields = ['permission_uuid' => ['type' => 'uuid']]; $requiredFields = ['permission_uuid' => ['type' => 'uuid']];

View File

@@ -3,7 +3,7 @@
use api\classes\API_system_sources; use api\classes\API_system_sources;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_system_sources.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_system_sources.php";
$API_system_sources = new API_system_sources(); $API_system_sources = new API_system_sources();
@@ -11,21 +11,14 @@ if ($API_system_sources->request_method === 'POST') {
# Enable or disable a module # Enable or disable a module
$API_system_sources->checkPermissions('admin-sources', 'RW'); $API_system_sources->checkPermissions('admin-sources', 'RW');
if ($_POST['source_name'] == 'inserve') { $requiredFields = [
$requiredFields = [ 'source_url' => ['type' => 'string'],
'source_name' => ['type' => 'string'], 'source_auth_token' => ['type' => 'string'],
'source_url' => ['type' => 'string'], 'source_custom_data' => ['type' => 'json'],
'source_auth_token' => ['type' => 'string'], ];
'source_custom_data' => ['type' => 'json'],
];
} else {
$API_system_sources->apiOutput(400, ['error' => 'Error: no valid source_name posted']);
}
$API_system_sources->validateData($requiredFields); $API_system_sources->validateData($requiredFields);
if ($_POST['source_name'] == 'inserve') { $API_system_sources->inserveUpdate();
$API_system_sources->inserveUpdate();
}
} }

View File

@@ -3,15 +3,17 @@
use api\classes\API_usergroups; use api\classes\API_usergroups;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usergroups.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usergroups.php";
$API_usergroups = new API_usergroups(); $API_usergroups = new API_usergroups();
if ($API_usergroups->request_method === 'GET') { if ($API_usergroups->request_method === 'GET') {
$API_usergroups->checkPermissions('admin-access-control-user-groups', 'RO');
# GET a user group(s) $userGroups = $API_usergroups->getUserGroup();
$API_usergroups->apiOutput($code = 200, ['success' => $userGroups], '');
} elseif ($API_usergroups->request_method === 'POST') { } elseif ($API_usergroups->request_method === 'POST') {
# Create a new user group # Create a new user group
@@ -55,7 +57,7 @@ if ($API_usergroups->request_method === 'GET') {
$API_usergroups->checkPermissions('admin-access-control-user-groups', 'RW'); $API_usergroups->checkPermissions('admin-access-control-user-groups', 'RW');
# when called from the frontend will not be forwarding to a url since when its called from the frontend it doesnt need a redirection # when called from the frontend will not be forwarding to a url since when it's called from the frontend it doesn't need a redirection
$API_usergroups->return_url = false; $API_usergroups->return_url = false;
$requiredFields = ['user_group_uuid' => ['type' => 'uuid']]; $requiredFields = ['user_group_uuid' => ['type' => 'uuid']];

View File

@@ -0,0 +1,128 @@
<?php
use api\classes\API_users;
session_start();
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_users.php";
$API_users = new API_users();
if ($API_users->request_method === 'GET') {
$API_users->checkPermissions('admin-access-admins', 'RO');
$users = $API_users->getUser();
$removeFields = [
'user_profile_picture_thumbnail',
'user_password',
'user_password_reset_token',
'user_two_factor_secret',
'user_profile_picture',
'user_profile_picture_thumbnail'
];
foreach ($users as &$user) {
foreach ($removeFields as $field) {
unset($user[$field]);
}
}
unset($user);
$API_users->apiOutput($code = 200, ['success' => $users], '');
} elseif ($API_users->request_method === 'POST') {
# create a new user
$API_users->checkPermissions('admin-access-admins', 'RW');
$requiredFields = [
'user_group_uuid' => ['type' => 'uuid'],
'user_email' => ['type' => 'email'],
'user_first_name' => ['type' => 'string'],
'user_last_name' => ['type' => 'string'],
'user_full_name' => ['type' => 'string'], # Does not need to be posted, set later
'user_status' => ['type' => 'enum', 'values' => ['inactive', 'banned', 'pending']],
'user_password' => ['type' => 'string'], # Does not need to be posted, set later
'user_pref_language' => ['type' => 'enum', 'values' => ['en', 'nl']],
'user_password_reset_token' => ['type' => 'string'], # Does not need to be posted, set later
'user_password_reset_expires' => ['type' => 'int'], # Does not need to be posted, set later
];
$optionalFields = [
'user_phone_number' => ['type' => 'string']
];
# The user will need to verify their email, the password field cannot be NULL so set a random password for now till the user resets it on when verifying there email
$random_string = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01', 64)), 0, rand(50, 64));
$user_password = password_hash($random_string, PASSWORD_BCRYPT, ["cost" => 12]);
$API_users->postedData['user_password'] = $user_password;
$API_users->postedData['user_full_name'] = trim($API_users->postedData['user_first_name'] . ' ' . $API_users->postedData['user_last_name']);
$API_users->postedData['user_pref_language'] = $API_users->postedData['user_pref_language'] ?? 'en';
# Password reset token that will be sent to the newly created user
$API_users->postedData['user_password_reset_token'] = bin2hex(random_bytes(32));
$API_users->postedData['user_password_reset_expires'] = time() + 86400;
$API_users->validateData($requiredFields, $optionalFields);
$API_users->createUser();
} elseif ($API_users->request_method === 'PUT') {
# Edit a user
if (isset($API_users->postedData['user_profile_change'])) { # If the user is changing their own profile
$API_users->postedData['user_uuid'] = $_SESSION['user']['user_uuid']; # Make sure the user being changed is always its own user_uuid
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
'user_email' => ['type' => 'email'],
'user_first_name' => ['type' => 'string'],
'user_last_name' => ['type' => 'string'],
'user_full_name' => ['type' => 'string'],
'user_pref_language' => ['type' => 'enum', 'values' => ['en', 'nl']],
];
$optionalFields = [
'user_phone_number' => ['type' => 'string']
];
} else {
$API_users->checkPermissions('admin-access-admins', 'RW');
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
'user_group_uuid' => ['type' => 'uuid'],
'user_email' => ['type' => 'email'],
'user_first_name' => ['type' => 'string'],
'user_last_name' => ['type' => 'string'],
'user_full_name' => ['type' => 'string'],
'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
'user_pref_language' => ['type' => 'enum', 'values' => ['en', 'nl']],
];
$optionalFields = [
'user_phone_number' => ['type' => 'string'],
'user_stompable' => ['type' => 'boolean']
];
$API_users->postedData['user_stompable'] = (bool)$API_users->postedData['user_stompable'];
}
$API_users->postedData['user_full_name'] = trim($API_users->postedData['user_first_name'] . ' ' . $API_users->postedData['user_last_name']);
$API_users->postedData['user_pref_language'] = $API_users->postedData['user_pref_language'] ?? 'en';
$API_users->validateData($requiredFields, $optionalFields);
$API_users->updateUser();
} elseif ($API_users->request_method === 'DELETE') {
$API_users->return_url = false;
$API_users->checkPermissions('admin-access-admins', 'RW');
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
];
$API_users->validateData($requiredFields);
$API_users->deleteUser();
}

View File

@@ -1,28 +0,0 @@
<?php
use api\classes\API_portalsettings;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_portalsettings.php';
$API_portalsettings = new API_portalsettings();
if ($API_portalsettings->request_method === 'PUT') {
# Edit the portal settings of the platform
$API_portalsettings->checkPermissions('admin-portalsettings', 'RW');
$requiredFields = [
'portal_uuid' => ['type' => 'uuid'],
'portal_name' => ['type' => 'string'],
'portal_provider_name' => ['type' => 'string'],
'admin_auth_methods' => ['type' => 'string']
];
$API_portalsettings->validateData($requiredFields);
# Update the permission
$API_portalsettings->updatePortalSettings();
}

View File

@@ -4,7 +4,7 @@ use api\classes\API_servers;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_servers.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_servers.php";
$API_servers = new API_servers(); $API_servers = new API_servers();
@@ -13,7 +13,13 @@ if (!$GLOBALS['modules_enabled']['servers']) {
exit; exit;
} }
if ($API_servers->request_method === 'POST') { if ($API_servers->request_method === 'GET') {
$API_servers->checkPermissions('servers', 'RO');
$servers = $API_servers->getServers();
$API_servers->apiOutput($code = 200, ['success' => $servers], '');
} elseif ($API_servers->request_method === 'POST') {
$API_servers->checkPermissions('servers', 'RW'); $API_servers->checkPermissions('servers', 'RW');
$requiredFields = [ $requiredFields = [

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve(); $API_inserve = new API_inserve();
$API_inserve->setupConnection(); $API_inserve->setupConnection();

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve(); $API_inserve = new API_inserve();

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve(); $API_inserve = new API_inserve();
$API_inserve->setupConnection(); $API_inserve->setupConnection();
@@ -20,7 +20,7 @@ if ($API_inserve->request_method === 'POST' || $API_inserve->request_method ===
do { do {
$result = $API_inserve->companies($page); $result = $API_inserve->companies($page);
if (!isset($result['data']) || empty($result['data'])) { if (empty($result['data'])) {
break; break;
} }

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve(); $API_inserve = new API_inserve();

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve(); $API_inserve = new API_inserve();

View File

@@ -0,0 +1,85 @@
<?php
use api\classes\API_apitoken;
use api\classes\API_users;
session_start();
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_apitoken.php";
$API_apitoken = new API_apitoken();
if ($API_apitoken->request_method === 'GET') {
# Retrieve all the API tokens from a user and return them.
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
];
$API_apitoken->validateData($requiredFields);
$API_apitoken->checkTokenPermissions();
$apitokens = $API_apitoken->getTokens();
$API_apitoken->apiOutput($code = 200, ['success' => $apitokens], 'api_token_created');
} elseif ($API_apitoken->request_method === 'POST') {
# Creates a new API Token. First check if the uuid is correct and then check the permission
# After that create a new token, retrieve the newly created api_token and give a response.
$requiredFields = [
'user_uuid' => ['type' => 'uuid']
];
$optionalFields = [
'api_token_name' => ['type' => 'string']
];
$API_apitoken->validateData($requiredFields, $optionalFields);
$API_apitoken->checkTokenPermissions();
$API_apitoken->createNewToken();
} elseif ($API_apitoken->request_method === 'PUT') {
# Change the revoked status of an API token
# This api call, when called from the frontend will not be forwarding to a url.
$API_apitoken->return_url = false;
$requiredFields = [
'api_token_uuid' => ['type' => 'uuid'],
'api_token_revoked' => ['type' => 'boolean'],
];
$API_apitoken->validateData($requiredFields);
$api_token_data = $API_apitoken->getToken();
$API_apitoken->checkTokenPermissions();
$API_apitoken->revokeToken();
} elseif ($API_apitoken->request_method === 'DELETE') {
# Deletes an API token, requires DELETE with 'api_token_uuid' first retrieve the uuid of the user with getToken then check
# if the user is another user or itself
# This api call, when called from the frontend will not be forwarding to a url.
$API_apitoken->return_url = false;
$requiredFields = [
'api_token_uuid' => ['type' => 'uuid'],
];
$API_apitoken->validateData($requiredFields);
$api_token_data = $API_apitoken->getToken();
$API_apitoken->checkTokenPermissions();
$API_apitoken->deleteToken();
}

View File

@@ -4,15 +4,13 @@
use api\classes\API_usersavatar; use api\classes\API_usersavatar;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usersavatar.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usersavatar.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
$API_usersavatar = new API_usersavatar(); $API_usersavatar = new API_usersavatar();
if ($API_usersavatar->request_method === 'GET') { if ($API_usersavatar->request_method === 'POST') {
# Reset a users password and send an email the user to set a new password
} elseif ($API_usersavatar->request_method === 'POST') {
# Reset a users password and send a email to the user to set a new password
$API_usersavatar->postedData['user_profile_picture'] = $API_usersavatar->createUserImage(['min_width' => 500, 'max_width' => 1000, 'min_height' => 500, 'max_height' => 1000, 'square' => true, 'allowed_types' => ['image/png'], 'max_size_kb' => 1024, 'transparent' => true]); $API_usersavatar->postedData['user_profile_picture'] = $API_usersavatar->createUserImage(['min_width' => 500, 'max_width' => 1000, 'min_height' => 500, 'max_height' => 1000, 'square' => true, 'allowed_types' => ['image/png'], 'max_size_kb' => 1024, 'transparent' => true]);
$API_usersavatar->postedData['user_profile_picture_thumbnail'] = $API_usersavatar->createUserImage(['min_width' => 64, 'max_width' => 64, 'min_height' => 64, 'max_height' => 64, 'square' => true, 'allowed_types' => ['image/png'], 'max_size_kb' => 1024, 'transparent' => true]); $API_usersavatar->postedData['user_profile_picture_thumbnail'] = $API_usersavatar->createUserImage(['min_width' => 64, 'max_width' => 64, 'min_height' => 64, 'max_height' => 64, 'square' => true, 'allowed_types' => ['image/png'], 'max_size_kb' => 1024, 'transparent' => true]);
@@ -34,8 +32,4 @@ if ($API_usersavatar->request_method === 'GET') {
$API_usersavatar->apiOutput(200, ['success' => 'Avatar was successfully changed.']); $API_usersavatar->apiOutput(200, ['success' => 'Avatar was successfully changed.']);
} elseif ($API_usersavatar->request_method === 'PUT') {
} elseif ($API_usersavatar->request_method === 'DELETE') {
} }

View File

@@ -1,8 +1,8 @@
<?php <?php
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_mfa.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}'/api/classes/API_mfa.php";
require $_SERVER['DOCUMENT_ROOT'] . '/../vendor/autoload.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/../vendor/autoload.php";
include_once $_SERVER['DOCUMENT_ROOT'] . '/login/php/authFunctions.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/login/php/authFunctions.php";
use api\classes\API_mfa; use api\classes\API_mfa;
@@ -11,10 +11,8 @@ use RobThree\Auth\Providers\Qr\EndroidQrCodeWithLogoProvider;
$API_mfa = new API_mfa(); $API_mfa = new API_mfa();
if ($API_mfa->request_method === 'GET') { if ($API_mfa->request_method === 'POST') {
# Set up a new MFA secret its posted from mfaSetup.php where it generated a secret
} elseif ($API_mfa->request_method === 'POST') {
# Setup a new MFA secret its posted from mfaSetup.php where it generated a secret
if (checkLoginAttempts() > 10) { if (checkLoginAttempts() > 10) {
echo 'too many attempts, please try again later.'; echo 'too many attempts, please try again later.';
@@ -30,7 +28,7 @@ if ($API_mfa->request_method === 'GET') {
$API_mfa->postedData['user_uuid'] = $_SESSION['user']['user_uuid']; $API_mfa->postedData['user_uuid'] = $_SESSION['user']['user_uuid'];
$API_mfa->postedData['user_two_factor_secret'] = $_SESSION['mfasetup']['secret']; $API_mfa->postedData['user_two_factor_secret'] = $_SESSION['mfasetup']['secret'];
$API_mfa->postedData['verificationCode'] = linkVerificationPosts(); # The code is entered in six loose posts this wil link it togheter $API_mfa->postedData['verificationCode'] = linkVerificationPosts(); # The code is entered in six loose posts this wil link it together
$requiredFields = [ $requiredFields = [
'user_uuid' => ['type' => 'uuid'], 'user_uuid' => ['type' => 'uuid'],
@@ -49,8 +47,6 @@ if ($API_mfa->request_method === 'GET') {
$API_mfa->enableMFA(); $API_mfa->enableMFA();
} elseif ($API_mfa->request_method === 'PUT') {
} elseif ($API_mfa->request_method === 'DELETE') { } elseif ($API_mfa->request_method === 'DELETE') {
# Delete a mfa code for a user # Delete a mfa code for a user

View File

@@ -5,26 +5,24 @@ use api\classes\API_users;
use bin\php\Classes\mailBuilder; use bin\php\Classes\mailBuilder;
session_start(); session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_resetpassword.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_resetpassword.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/mailBuilder.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_users.php";
$API_resetpassword = new API_resetpassword(); $API_resetpassword = new API_resetpassword();
if ($API_resetpassword->request_method === 'GET') { if ($API_resetpassword->request_method === 'POST') {
# Reset a users password and send a mail to the user to set a new password
} elseif ($API_resetpassword->request_method === 'POST') {
# Reset a users password and send a email to the user to set a new password
$API_resetpassword->checkPermissions('admin-access-admins-resetpassword', 'RW'); $API_resetpassword->checkPermissions('admin-access-admins-resetpassword', 'RW');
# The user will need to verify their email, the password field cannot be NULL so set an random password for now till the user resets it on when verifing there email # The user will need to verify their email, the password field cannot be NULL so set a random password for now till the user resets it on when verifying there email
$random_string = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01', 64)), 0, rand(50, 64)); $random_string = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01', 64)), 0, rand(50, 64));
$user_password = password_hash($random_string, PASSWORD_BCRYPT, ["cost" => 12]); $user_password = password_hash($random_string, PASSWORD_BCRYPT, ["cost" => 12]);
$API_resetpassword->postedData['user_password'] = $user_password; $API_resetpassword->postedData['user_password'] = $user_password;
# Password reset token that will be send to the user # Password reset token that will be sent to the user
$API_resetpassword->postedData['user_password_reset_token'] = bin2hex(random_bytes(32)); $API_resetpassword->postedData['user_password_reset_token'] = bin2hex(random_bytes(32));
$API_resetpassword->postedData['user_password_reset_expires'] = time() + 86400; $API_resetpassword->postedData['user_password_reset_expires'] = time() + 86400;
@@ -71,8 +69,4 @@ The Sentri gnomes
$mail->sendMail(); $mail->sendMail();
$API_resetpassword->apiOutput(200, ['success' => 'Password reset link sent successfully.']); $API_resetpassword->apiOutput(200, ['success' => 'Password reset link sent successfully.']);
} elseif ($API_resetpassword->request_method === 'PUT') {
} elseif ($API_resetpassword->request_method === 'DELETE') {
} }

View File

@@ -1,116 +0,0 @@
<?php
use api\classes\API_apitoken;
use api\classes\API_users;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_apitoken.php';
$API_apitoken = new API_apitoken();
if ($API_apitoken->request_method === 'GET') {
# Retrieve all the API tokens from a user and return them.
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
];
$API_apitoken->validateData($requiredFields);
if ($API_apitoken->getUserUuid() === $API_apitoken->data['user_uuid']) {
$API_apitoken->checkPermissions('user-apitoken-self', 'RW');
} else {
$API_apitoken->checkPermissions('user-apitoken-others', 'RO');
}
$apitokens = $API_apitoken->getTokens();
$API_apitoken->apiOutput($code = 200, ['success' => $apitokens], 'api_token_created');
} elseif ($API_apitoken->request_method === 'POST') {
# Creates a new API Token. First check if the uuid is correct and then check the permission
# After that create a new token, retrieve the newly created api_token and give a response.
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
];
$API_apitoken->validateData($requiredFields);
# First retrieve the user_uuid from the post and lookup the user
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php';
$API_users = new API_users();
$_GET['builder'] = [1 => ['where' => [0 => 'user_uuid', 1 => $API_apitoken->data['user_uuid']]]];
$user_data = $API_users->getUser()[0];
$API_apitoken->validateData($requiredFields);
if ($API_apitoken->getUserUuid() === $API_apitoken->data['user_uuid']) {
$API_apitoken->checkPermissions('user-apitoken-self', 'RW');
} else {
if ($user_data['user_email'] === 'superuser') {
$API_apitoken->apiOutput(401, ['error' => 'You are not authorized to access this resource.']);
}
$API_apitoken->checkPermissions('user-apitoken-others', 'RW');
}
$API_apitoken->createNewToken();
} elseif ($API_apitoken->request_method === 'PUT') {
# Change the revoked status of an API token
# This api call, when called from the frontend will not be forwarding to a url.
$API_apitoken->return_url = false;
$requiredFields = [
'api_token_uuid' => ['type' => 'uuid'],
'api_token_revoked' => ['type' => 'boolean'],
];
$API_apitoken->validateData($requiredFields);
$api_token_data = $API_apitoken->getToken();
if ($API_apitoken->getUserUuid() === $api_token_data['user_uuid']) {
$API_apitoken->checkPermissions('user-apitoken-self', 'RW');
} else {
if ($api_token_data['user_email'] === 'superuser') {
$API_apitoken->apiOutput(401, ['error' => 'You are not authorized to access this resource.']);
}
$API_apitoken->checkPermissions('user-apitoken-others', 'RW');
}
$API_apitoken->revokeToken();
} elseif ($API_apitoken->request_method === 'DELETE') {
# Deletes an API token, requies DELETE with 'api_token_uuid' first retrieve the uuid of the user with getToken then check
# if the user is another user or itself
# This api call, when called from the frontend will not be forwarding to a url.
$API_apitoken->return_url = false;
$requiredFields = [
'api_token_uuid' => ['type' => 'uuid'],
];
$API_apitoken->validateData($requiredFields);
$api_token_data = $API_apitoken->getToken();
if ($API_apitoken->getUserUuid() === $api_token_data['user_uuid']) {
$API_apitoken->checkPermissions('user-apitoken-self', 'RW');
} else {
if ($api_token_data['user_email'] === 'superuser') {
$API_apitoken->apiOutput(401, ['error' => 'You are not authorized to access this resource.']);
}
$API_apitoken->checkPermissions('user-apitoken-others', 'RW');
}
$API_apitoken->deleteToken();
}

View File

@@ -1,89 +0,0 @@
<?php
use api\classes\API_users;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php';
$API_users = new API_users();
if ($API_users->request_method === 'GET') {
#echo json_encode($api->getAllUsers());
} elseif ($API_users->request_method === 'POST') {
# create a new user
$API_users->checkPermissions('admin-access-admins', 'RW');
$requiredFields = [
'user_group_uuid' => ['type' => 'uuid'],
'user_email' => ['type' => 'email'],
'user_first_name' => ['type' => 'string'],
'user_last_name' => ['type' => 'string'],
'user_full_name' => ['type' => 'string'],
'user_phone_number' => ['type' => 'string'],
'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
'user_password' => ['type' => 'string'],
'user_pref_language' => ['type' => 'string'],
'user_password_reset_token' => ['type' => 'string'],
'user_password_reset_expires' => ['type' => 'int'],
];
# The user will need to verify their email, the password field cannot be NULL so set an random password for now till the user resets it on when verifing there email
$random_string = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01', 64)), 0, rand(50, 64));
$user_password = password_hash($random_string, PASSWORD_BCRYPT, ["cost" => 12]);
$API_users->postedData['user_password'] = $user_password;
$API_users->postedData['user_full_name'] = trim($_POST['user_first_name'] . ' ' . $_POST['user_last_name']);
$API_users->postedData['user_pref_language'] = $_POST['user_pref_language'] ?? 'en';
# Password reset token that will be send to the newly created user
$API_users->postedData['user_password_reset_token'] = bin2hex(random_bytes(32));
$API_users->postedData['user_password_reset_expires'] = time() + 86400;
$API_users->validateData($requiredFields);
$API_users->createUser();
} elseif ($API_users->request_method === 'PUT') {
# Edit a user
$API_users->checkPermissions('admin-access-admins', 'RW');
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
'user_group_uuid' => ['type' => 'uuid'],
'user_email' => ['type' => 'email'],
'user_first_name' => ['type' => 'string'],
'user_last_name' => ['type' => 'string'],
'user_full_name' => ['type' => 'string'],
'user_phone_number' => ['type' => 'string'],
'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
'user_pref_language' => ['type' => 'string'],
'user_stompable' => ['type' => 'boolean']
];
$API_users->postedData['user_full_name'] = trim($_POST['user_first_name'] . ' ' . $_POST['user_last_name']);
$API_users->postedData['user_pref_language'] = $_POST['user_pref_language'] ?? 'en';
$API_users->postedData['user_stompable'] = (bool)$_POST['user_stompable'];
$API_users->validateData($requiredFields);
$API_users->updateUser();
} elseif ($API_users->request_method === 'DELETE') {
$API_users->return_url = false;
$API_users->checkPermissions('admin-access-admins', 'RW');
$requiredFields = [
'user_uuid' => ['type' => 'uuid'],
];
$API_users->validateData($requiredFields);
$API_users->deleteUser();
}

View File

@@ -73,6 +73,7 @@ return [
'last_modified_date' => 'Last modified date', 'last_modified_date' => 'Last modified date',
'last_update' => 'Last update', 'last_update' => 'Last update',
'never' => 'Never', 'never' => 'Never',
'invalid_data' => 'Invalid date',
'save' => 'Save', 'save' => 'Save',
'add_vendor' => 'Add vendor', 'add_vendor' => 'Add vendor',
'edit_vendor' => 'Edit vendor', 'edit_vendor' => 'Edit vendor',
@@ -218,6 +219,10 @@ return [
'mfa_disabled' => 'Two factor authentication is disabled.', 'mfa_disabled' => 'Two factor authentication is disabled.',
'send_password_reset' => 'Send password reset email', 'send_password_reset' => 'Send password reset email',
'email_send' => 'Email sent', 'email_send' => 'Email sent',
'send_test_mail' => 'Send test email',
'send_test_mail_explanation' => 'This test will send an email to the given email address.',
'send_mail' => 'Sent',
'mail_to' => 'Mail to',
'api_token_created' => 'API token created', 'api_token_created' => 'API token created',
'permission_created' => 'Permission created', 'permission_created' => 'Permission created',
'permission_updated' => 'Permission updated', 'permission_updated' => 'Permission updated',
@@ -238,10 +243,11 @@ return [
'api_token' => 'API token', 'api_token' => 'API token',
'api_tokens' => 'API tokens', 'api_tokens' => 'API tokens',
'api_token_copy_new' => 'This token is visible only once. Make sure to copy and save it now if you plan to use it later.', 'api_token_copy_new' => 'This token is visible only once. Make sure to copy and save it now if you plan to use it later.',
'generate_new_api_token' => 'Generate new API token', 'generate_new_api_token' => 'Generate',
'inserve_url' => 'Inserve URL', 'inserve_url' => 'Inserve URL',
'inserve_source' => 'Inserve Configuration', 'inserve_source' => 'Inserve Configuration',
'test_connection' => 'Test Connection', 'test_connection' => 'Test Connection',
'test' => 'Test',
'connection_success_title' => 'Successful', 'connection_success_title' => 'Successful',
'connection_success_text' => 'Connection made successful', 'connection_success_text' => 'Connection made successful',
'connection_error_title' => 'Error', 'connection_error_title' => 'Error',

View File

@@ -73,6 +73,7 @@ return [
'last_modified_date' => 'Laatst gewijzigd datum', 'last_modified_date' => 'Laatst gewijzigd datum',
'last_update' => 'Laatste update', 'last_update' => 'Laatste update',
'never' => 'Nooit', 'never' => 'Nooit',
'invalid_data' => 'Ongeldige datum',
'save' => 'Opslaan', 'save' => 'Opslaan',
'add_vendor' => 'Vendor toevoegen', 'add_vendor' => 'Vendor toevoegen',
'edit_vendor' => 'Vendor bewerken', 'edit_vendor' => 'Vendor bewerken',
@@ -218,6 +219,10 @@ return [
'mfa_disabled' => 'Two factor authenticatie is uitgeschakeld', 'mfa_disabled' => 'Two factor authenticatie is uitgeschakeld',
'send_password_reset' => 'Wachtwoord herstel e-mail versturen', 'send_password_reset' => 'Wachtwoord herstel e-mail versturen',
'email_send' => 'Verstuur e-mail', 'email_send' => 'Verstuur e-mail',
'send_test_mail' => 'Verstuur test e-mail',
'send_test_mail_explanation' => 'Deze test verstuurd een e-mail naar het opgegeven adres.',
'send_mail' => 'Verstuur',
'mail_to' => 'Mail naar',
'api_token_created' => 'API token toegevoegd', 'api_token_created' => 'API token toegevoegd',
'permission_created' => 'Permission aangemaakt', 'permission_created' => 'Permission aangemaakt',
'permission_updated' => 'Permission bijgewerkt', 'permission_updated' => 'Permission bijgewerkt',
@@ -238,10 +243,11 @@ return [
'api_token' => 'API token', 'api_token' => 'API token',
'api_tokens' => 'API tokens', 'api_tokens' => 'API tokens',
'api_token_copy_new' => 'Deze token is alleen nu zichtbaar, kopieer hem nu als je hem later wilt gebruiken.', 'api_token_copy_new' => 'Deze token is alleen nu zichtbaar, kopieer hem nu als je hem later wilt gebruiken.',
'generate_new_api_token' => 'Genereer API token', 'generate_new_api_token' => 'Genereer',
'inserve_url' => 'Inserve URL', 'inserve_url' => 'Inserve URL',
'inserve_source' => 'Inserve Configuratie', 'inserve_source' => 'Inserve Configuratie',
'test_connection' => 'Test Connectie', 'test_connection' => 'Test Connectie',
'test' => 'Test',
'connection_success_title' => 'Success', 'connection_success_title' => 'Success',
'connection_success_text' => 'Connectie succesvol', 'connection_success_text' => 'Connectie succesvol',
'connection_error_title' => 'Error', 'connection_error_title' => 'Error',

View File

@@ -3,11 +3,11 @@ if (!defined('APP_INIT')) {
exit; exit;
} }
if (isset($_GET['add'])) { if (isset($_GET['add'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pageDevices_add.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pageDevices_add.php";
} elseif (isset($_GET['edit'])) { } elseif (isset($_GET['edit'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pageDevices_edit.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pageDevices_edit.php";
} elseif (isset($_GET['view'])) { } elseif (isset($_GET['view'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pageDevices_view.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pageDevices_view.php";
} else { } else {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pageDevices_list.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pageDevices_list.php";
} }

View File

@@ -10,10 +10,10 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -26,11 +26,11 @@ if (!$API->checkPermissions('admin-devices', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'] = true; $jsScriptLoadData['form'] = true;
$jsScriptLoadData['slugify'] = true; $jsScriptLoadData['/src/js/sentri/slugify.js'] = true;
$jsScriptLoadData['datepicker'] = true; $jsScriptLoadData['datepicker'] = true;
$jsScriptLoadData['multiple_select'] = true; $jsScriptLoadData['/src/js/sentri/multiple_select.js'] = true;
$jsScriptLoadData['validateJson'] = true; $jsScriptLoadData['/src/js/sentri/validateJson.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -58,7 +58,7 @@ if ($_GET['add'] == 'phone' || $_GET['add'] == 'base') {
$formInputs[] = 'device_extra'; $formInputs[] = 'device_extra';
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('add_device'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('add_device'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
@@ -145,7 +145,7 @@ $formBuilder->startForm();
<label for="device_image" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('device_image') ?></label> <label for="device_image" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('device_image') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<div class="input-file input-file-image"> <div class="input-file input-file-image">
<img class="img-upload-preview" width="200" src="/src/images/placeholder500x500.png" alt="preview"> <img class="img-upload-preview" width="200" src="/src/images/placeholder200x200.png" alt="preview">
<input type="file" class="form-control form-control-file" id="device_image" name="device_image" accept="image/png"> <input type="file" class="form-control form-control-file" id="device_image" name="device_image" accept="image/png">
<label for="device_image" class="label-input-file btn btn-black btn-round"> <label for="device_image" class="label-input-file btn btn-black btn-round">
<span class="btn-label"><i class="fa fa-file-image"></i></span> <span class="btn-label"><i class="fa fa-file-image"></i></span>

View File

@@ -10,10 +10,10 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -27,9 +27,9 @@ if (!$API->checkPermissions('admin-devices', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'][] = true; $jsScriptLoadData['form'][] = true;
$jsScriptLoadData['datepicker'] = true; $jsScriptLoadData['datepicker'] = true;
$jsScriptLoadData['multiple_select'] = true; $jsScriptLoadData['/src/js/sentri/multiple_select.js'] = true;
$jsScriptLoadData['validateJson'] = true; $jsScriptLoadData['/src/js/sentri/validateJson.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -56,8 +56,7 @@ $stmt->bind_param("s", $_GET['edit']);
$stmt->execute(); $stmt->execute();
$device_data_result = $stmt->get_result(); $device_data_result = $stmt->get_result();
$device_data = $device_data_result->fetch_assoc(); $device_data = $device_data_result->fetch_assoc();
array_push($GLOBALS['breadCrumbArray'], array('display' => $device_data['vendor_name'] . ' ' . $device_data['device_name'], 'href' => '?view=' . $device_data['device_uuid']));
array_push($GLOBALS['breadCrumbArray'], array('display' => __('edit'), 'href' => '?view=' . $device_data['device_uuid']));
if ($device_data_result->num_rows > 0) { if ($device_data_result->num_rows > 0) {
$device_found = true; $device_found = true;
} }
@@ -70,7 +69,9 @@ if ($device_data['device_type'] == 'phone' || $device_data['device_type'] == 'ba
$formInputs[] = 'device_extra'; $formInputs[] = 'device_extra';
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('devices'), 'href' => '/devices/')); $_SESSION['breadCrumbArray'][] = ['display' => $device_data['vendor_name'] . ' ' . $device_data['device_name'], 'href' => '?view=' . $device_data['device_uuid']];
$_SESSION['breadCrumbArray'][] = ['display' => __('edit'), 'href' => '?view=' . $device_data['device_uuid']];
$_SESSION['breadCrumbArray'][] = ['display' => __('devices'), 'href' => '/devices/'];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
@@ -79,7 +80,7 @@ if ($device_found) {
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/devices"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/devices">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/devices/?edit=<?php echo $device_data['device_uuid']; ?>"> <input type="hidden" name="_return" value="/devices/?edit=<?php echo $device_data['device_uuid']; ?>">
<input type="hidden" name="device_uuid" value="<?php echo $device_data['device_uuid'] ?>"> <input type="hidden" name="device_uuid" value="<?php echo $device_data['device_uuid'] ?>">
<div class="card-body"> <div class="card-body">

View File

@@ -9,9 +9,9 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -23,10 +23,10 @@ if (!$API->checkPermissions('admin-devices', 'RO', true)) {
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['multiFilterSelect'] = true; $jsScriptLoadData['/src/js/sentri/multiFilterSelect.js'] = true;
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['datatables'] = true; $jsScriptLoadData['/src/js/plugin/datatables/datatables.min.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(false, '<i class="fas fa-fax"></i> ' . __('devices')); $pageNavbar = new pageNavbar(false, '<i class="fas fa-fax"></i> ' . __('devices'));
@@ -48,7 +48,7 @@ if ($API->checkPermissions('admin-devices', 'RW', true)) {
$data = $GLOBALS['conn']->query("SELECT * FROM autop_devices INNER JOIN autop_vendors ON autop_devices.device_vendor_uuid = autop_vendors.vendor_uuid"); $data = $GLOBALS['conn']->query("SELECT * FROM autop_devices INNER JOIN autop_vendors ON autop_devices.device_vendor_uuid = autop_vendors.vendor_uuid");
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('devices'), 'href' => '/devices/')); $_SESSION['breadCrumbArray'][] = ['display' => __('devices'), 'href' => '/devices/'];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
@@ -79,7 +79,7 @@ $pageNavbar->outPutNavbar();
<tbody> <tbody>
<?php while ($row = $data->fetch_assoc()) { ?> <?php while ($row = $data->fetch_assoc()) { ?>
<tr data-item-id="<?php echo $row['device_uuid']; ?>"> <tr data-item-id="<?php echo $row['device_uuid']; ?>">
<td style="padding-top: 0px!important;padding-bottom: 0px!important;"> <td style="padding-top: 0!important;padding-bottom: 0!important;">
<img class="img-upload-preview" src="data:image/png;base64, <?php echo $row['device_image_thumbnail'] ?>" alt=""> <img class="img-upload-preview" src="data:image/png;base64, <?php echo $row['device_image_thumbnail'] ?>" alt="">
</td> </td>
<td><?php echo ucfirst($row['device_type']) ?></td> <td><?php echo ucfirst($row['device_type']) ?></td>
@@ -94,7 +94,7 @@ $pageNavbar->outPutNavbar();
<?php } ?> <?php } ?>
<a href="?view=<?php echo $row['device_uuid'] ?>" class="btn btn-info btn-sm btn-rounded"><i class="far fa-eye"></i></a> <a href="?view=<?php echo $row['device_uuid'] ?>" class="btn btn-info btn-sm btn-rounded"><i class="far fa-eye"></i></a>
<?php if ($API->checkPermissions('admin-devices', 'RW', true)) { ?> <?php if ($API->checkPermissions('admin-devices', 'RW', true)) { ?>
<a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $row['device_uuid'] ?>" data-api-url="/api/v1/devices/" data-item-name="device_uuid"><i class="fas fa-trash-alt"></i></a> <a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $row['device_uuid'] ?>" data-api-url="/api/v1/autop/devices/" data-item-name="device_uuid"><i class="fas fa-trash-alt"></i></a>
<?php } ?> <?php } ?>
</td> </td>
</tr> </tr>

View File

@@ -1,14 +1,19 @@
<?php <?php
use api\classes\API;
use bin\php\Classes\pageNavbar;
if (!defined('APP_INIT')) { if (!defined('APP_INIT')) {
exit; exit;
} }
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -18,7 +23,7 @@ if (!$API->checkPermissions('admin-devices', 'RO', true)) {
} }
# Page functions # Page functions
function showExtension($devicesLinked, $filter = false) function showExtension($devicesLinked, $filter = false): void
{ {
if (count($devicesLinked) > 0) { if (count($devicesLinked) > 0) {
foreach ($devicesLinked as $extension) { foreach ($devicesLinked as $extension) {
@@ -34,7 +39,7 @@ function showExtension($devicesLinked, $filter = false)
<?php } <?php }
} }
function makeFileTables($API, $dataFolder, $device_slugify) function makeFileTables($API, $dataFolder, $device_slugify): void
{ {
$device_data_dir = $_SERVER['DOCUMENT_ROOT'] . '/data/devices/' . $device_slugify . '/' . $dataFolder . '/'; $device_data_dir = $_SERVER['DOCUMENT_ROOT'] . '/data/devices/' . $device_slugify . '/' . $dataFolder . '/';
$documents = array_diff(scandir($device_data_dir), array('..', '.')); $documents = array_diff(scandir($device_data_dir), array('..', '.'));
@@ -58,10 +63,10 @@ function makeFileTables($API, $dataFolder, $device_slugify)
</td> </td>
<td> <td>
<?php if ($API->checkPermissions('admin-devices-files', 'RW', true)) { ?> <?php if ($API->checkPermissions('admin-devices-files', 'RW', true)) { ?>
<form action="/api/v1/devices/files" method="post"> <form action="/api/v1/autop/devices/files" method="post">
<input type="hidden" name="filePath" value=""> <input type="hidden" name="filePath" value="">
<input type="hidden" name="_method" value="DELETE"> <input type="hidden" name="X-HTTP-Method-Override" value="DELETE">
<a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $urlPath ?>" data-api-url="/api/v1/devices/files/" data-item-name="file_name"><i class="fas fa-trash-alt"></i></a> <a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $urlPath ?>" data-api-url="/api/v1/autop/devices/files/" data-item-name="file_name"><i class="fas fa-trash-alt"></i></a>
</form> </form>
<?php } ?> <?php } ?>
</td> </td>
@@ -70,7 +75,7 @@ function makeFileTables($API, $dataFolder, $device_slugify)
<?php } <?php }
} }
function render_template_controls($template_uuid, $device_uuid, $default_template, $platform_uuid) function render_template_controls($template_uuid, $device_uuid, $default_template, $platform_uuid): void
{ {
?> ?>
<div class="d-flex align-items-center gap-2"> <div class="d-flex align-items-center gap-2">
@@ -97,10 +102,10 @@ function render_template_controls($template_uuid, $device_uuid, $default_templat
} }
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['delete_confirmation'][] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['load_dropzone'] = true; $jsScriptLoadData['/src/js/sentri/load_dropzone.js'] = true;
$jsScriptLoadData['form'][] = true; $jsScriptLoadData['form'][] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -135,8 +140,8 @@ if ($device_data_result->num_rows == 0) {
} }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('devices'), 'href' => '/devices/')); $_SESSION['breadCrumbArray'][] = ['display' => __('devices'), 'href' => '/devices/'];
array_push($GLOBALS['breadCrumbArray'], array('display' => $device_data['vendor_name'] . ' ' . $device_data['device_name'], 'href' => '?view=' . $device_data['device_uuid'])); $_SESSION['breadCrumbArray'][] = ['display' => $device_data['vendor_name'] . ' ' . $device_data['device_name'], 'href' => '?view=' . $device_data['device_uuid']];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
@@ -198,6 +203,7 @@ $pageNavbar->outPutNavbar();
<tr> <tr>
<td class="align-top">device_extra:</td> <td class="align-top">device_extra:</td>
<td class="w-100"> <td class="w-100">
<label for="device_extra"></label>
<textarea class="form-control" id="device_extra" name="device_extra" rows="5" disabled><?php echo json_encode(json_decode($device_data['device_extra']), JSON_PRETTY_PRINT) ?></textarea> <textarea class="form-control" id="device_extra" name="device_extra" rows="5" disabled><?php echo json_encode(json_decode($device_data['device_extra']), JSON_PRETTY_PRINT) ?></textarea>
</td> </td>
</tr> </tr>
@@ -213,7 +219,7 @@ $pageNavbar->outPutNavbar();
<h4>Uses</h4> <h4>Uses</h4>
</div> </div>
<div class="card-body"> <div class="card-body">
To be made. Its going to be visible where the device is used (organisation/site). To be made. It's going to be visible where the device is used (organisation/site).
</div> </div>
</div> </div>
</div> </div>
@@ -235,7 +241,7 @@ $pageNavbar->outPutNavbar();
$device_extensions = array(); $device_extensions = array();
while ($row = $result->fetch_assoc()) { while ($row = $result->fetch_assoc()) {
array_push($device_extensions, $row['device_uuid']); $device_extensions[] = $row['device_uuid'];
} }
$stmt->close(); $stmt->close();
} }
@@ -252,7 +258,7 @@ $pageNavbar->outPutNavbar();
$result = $stmt->get_result(); $result = $stmt->get_result();
while ($row = $result->fetch_assoc()) { while ($row = $result->fetch_assoc()) {
array_push($devicesLinked, $row); $devicesLinked[] = $row;
} }
$stmt->close(); $stmt->close();
} }
@@ -325,7 +331,7 @@ $pageNavbar->outPutNavbar();
</table> </table>
</div> </div>
<?php if ($API->checkPermissions('admin-devices-files', 'RW', true)) { ?> <?php if ($API->checkPermissions('admin-devices-files', 'RW', true)) { ?>
<form action="/api/v1/devices/files" class="dropzone p-0" data-form-type="documents"> <form action="/api/v1/autop/devices/files" class="dropzone p-0" data-form-type="documents">
<input type="hidden" name="device_slugify" value="<?php echo $device_data['device_slugify'] ?>"> <input type="hidden" name="device_slugify" value="<?php echo $device_data['device_slugify'] ?>">
<input type="hidden" name="filetype" value="documents"> <input type="hidden" name="filetype" value="documents">
<div class="dz-message mt-1 mb-0" data-dz-message> <div class="dz-message mt-1 mb-0" data-dz-message>
@@ -356,7 +362,7 @@ $pageNavbar->outPutNavbar();
</tbody> </tbody>
</table> </table>
</div> </div>
<form action="/api/v1/devices/files" class="dropzone p-0" data-form-type="firmware"> <form action="/api/v1/autop/devices/files" class="dropzone p-0" data-form-type="firmware">
<input type="hidden" name="device_slugify" value="<?php echo $device_data['device_slugify'] ?>"> <input type="hidden" name="device_slugify" value="<?php echo $device_data['device_slugify'] ?>">
<input type="hidden" name="filetype" value="firmware"> <input type="hidden" name="filetype" value="firmware">
<div class="dz-message mt-1 mb-0" data-dz-message> <div class="dz-message mt-1 mb-0" data-dz-message>

View File

@@ -3,9 +3,9 @@ if (!defined('APP_INIT')) {
exit; exit;
} }
if (isset($_GET['add'])) { if (isset($_GET['add'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pagePlatforms_add.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pagePlatforms_add.php";
} elseif (isset($_GET['edit'])) { } elseif (isset($_GET['edit'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pagePlatforms_edit.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pagePlatforms_edit.php";
} else { } else {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pagePlatforms_list.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pagePlatforms_list.php";
} }

View File

@@ -1,14 +1,18 @@
<?php <?php
use api\classes\API;
use bin\php\Classes\pageNavbar;
use bin\php\Classes\formBuilder;
if (!defined('APP_INIT')) { if (!defined('APP_INIT')) {
exit; exit;
} }
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -21,8 +25,8 @@ if (!$API->checkPermissions('admin-access-control-permissions', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'] = true; $jsScriptLoadData['form'] = true;
$jsScriptLoadData['slugify'] = true; $jsScriptLoadData['/src/js/sentri/slugify.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -34,14 +38,14 @@ $formBuilder->submitButtonIcon = '<i class="fas fa-save"></i>';
# Retrieve Information for the page # Retrieve Information for the page
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('platforms'), 'href' => '/platforms/')); $_SESSION['breadCrumbArray'][] = ['display' => __('platforms'), 'href' => '/platforms/'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('add_platform'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('add_platform'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/platforms"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/autop/platforms">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="platform_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('platform_name') ?></label> <label for="platform_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('platform_name') ?></label>

View File

@@ -11,10 +11,10 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_platforms.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_platforms.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -27,7 +27,7 @@ if (!$API->checkPermissions('admin-platforms', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'] = true; $jsScriptLoadData['form'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -47,8 +47,8 @@ $API_platforms->validateData($requiredFields);
$platform_data = $API_platforms->getPlatforms()[0]; $platform_data = $API_platforms->getPlatforms()[0];
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('platforms'), 'href' => '/platforms/')); $_SESSION['breadCrumbArray'][] = ['display' => __('platforms'), 'href' => '/platforms/'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('edit_platform'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('edit_platform'), 'href' => ''];
# Start page output # Start page output
if ($platform_data) { if ($platform_data) {
@@ -56,9 +56,9 @@ if ($platform_data) {
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/platforms"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/autop/platforms/">
<input type="hidden" name="platform_uuid" value="<?php echo $platform_data["platform_uuid"] ?>"> <input type="hidden" name="platform_uuid" value="<?php echo $platform_data["platform_uuid"] ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="platform_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('platform_name') ?></label> <label for="platform_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('platform_name') ?></label>

View File

@@ -9,8 +9,8 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();

View File

@@ -3,9 +3,9 @@ if (!defined('APP_INIT')) {
exit; exit;
} }
if (isset($_GET['add'])) { if (isset($_GET['add'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pageVendors_add.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pageVendors_add.php";
} elseif (isset($_GET['edit'])) { } elseif (isset($_GET['edit'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pageVendors_edit.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pageVendors_edit.php";
} else { } else {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/autop/pageVendors_list.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/autop/pageVendors_list.php";
} }

View File

@@ -10,10 +10,10 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_vendors.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_vendors.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -24,8 +24,8 @@ if (!$API->checkPermissions('admin-vendors', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'] = true; $jsScriptLoadData['form'] = true;
$jsScriptLoadData['slugify'] = true; $jsScriptLoadData['/src/js/sentri/slugify.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -34,7 +34,7 @@ $pageNavbar->AddHTMLButton('<a href="?add="><button class="btn btn-primary"><i c
$formBuilder = new formBuilder('add_vendor', '<i class="fas fa-plus"></i>', '/vendors/'); $formBuilder = new formBuilder('add_vendor', '<i class="fas fa-plus"></i>', '/vendors/');
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('add_vendor'), 'href' => '/vendors/')); $_SESSION['breadCrumbArray'][] = ['display' => __('add_vendor'), 'href' => '/vendors/'];
# Retrieve Information for the page # Retrieve Information for the page
@@ -43,7 +43,7 @@ array_push($GLOBALS['breadCrumbArray'], array('display' => __('add_vendor'), 'hr
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/vendors"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/autop/vendors/">
<input type="hidden" name="_return" value="/vendors/"> <input type="hidden" name="_return" value="/vendors/">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">

View File

@@ -11,10 +11,10 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_vendors.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_vendors.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -27,7 +27,7 @@ if (!$API->checkPermissions('admin-vendors', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'] = true; $jsScriptLoadData['form'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -47,25 +47,25 @@ $API_vendors->validateData($requiredFields);
$vendor_data = $API_vendors->getVendors()[0]; $vendor_data = $API_vendors->getVendors()[0];
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('edit_vendor'), 'href' => '/vendors/')); $_SESSION['breadCrumbArray'][] = ['display' => __('edit_vendor'), 'href' => '/vendors/'];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
$formBuilder->startForm(); $formBuilder->startForm();
if ($vendor_data) { ?> if ($vendor_data) { ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/vendors"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/autop/vendors">
<input type="hidden" name="vendor_uuid" value="<?php echo $vendor_data["vendor_uuid"] ?>"> <input type="hidden" name="vendor_uuid" value="<?php echo $vendor_data["vendor_uuid"] ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="vendor_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('vendor_name') ?></label> <label for="vendor_name_edit" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('vendor_name') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<input type="text" class="form-control" id="vendor_name_edit" name="vendor_name" placeholder="" value="<?php echo $vendor_data['vendor_name'] ?>" required> <input type="text" class="form-control" id="vendor_name_edit" name="vendor_name" placeholder="" value="<?php echo $vendor_data['vendor_name'] ?>" required>
</div> </div>
</div> </div>
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="vendor_slugify" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('vendor_slugify') ?></label> <label for="vendor_slugify_edit" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('vendor_slugify') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<input type="text" class="form-control" id="vendor_slugify_edit" name="vendor_slugify" placeholder="" value="<?php echo $vendor_data['vendor_slugify'] ?>" required disabled> <input type="text" class="form-control" id="vendor_slugify_edit" name="vendor_slugify" placeholder="" value="<?php echo $vendor_data['vendor_slugify'] ?>" required disabled>
</div> </div>

View File

@@ -11,9 +11,9 @@ if (!defined('APP_INIT')) {
// N/A // N/A
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_vendors.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_vendors.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();

View File

@@ -9,7 +9,7 @@ if (!$GLOBALS['modules_enabled']['customers']) {
} }
if (isset($_GET['view'])) { if (isset($_GET['view'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/customers/pageCompanies_company_view.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/customers/pageCompanies_company_view.php";
} else { } else {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/customers/pageCompanies_view.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/customers/pageCompanies_view.php";
} }

View File

@@ -15,9 +15,9 @@ if (!$GLOBALS['modules_enabled']['customers']) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/serverOverviewBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/serverOverviewBuilder.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_servers.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_servers.php";
# Check permissions # Check permissions
$API_servers = new API_servers(); $API_servers = new API_servers();
@@ -30,10 +30,10 @@ if (!$API_servers->checkPermissions('customer-companies', 'RO', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['datepicker'] = true; $jsScriptLoadData['datepicker'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['datatables'] = true; $jsScriptLoadData['/src/js/plugin/datatables/datatables.min.js'] = true;
$jsScriptLoadData['multiFilterSelectServers'] = true; $jsScriptLoadData['/src/js/sentri/multiFilterSelectServers.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -49,8 +49,8 @@ $result = $stmt->get_result();
$company_data = $result->fetch_assoc(); $company_data = $result->fetch_assoc();
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('companies'), 'href' => '/companies/')); $_SESSION['breadCrumbArray'][] = ['display' => __('companies'), 'href' => '/companies/'];
array_push($GLOBALS['breadCrumbArray'], array('display' => $company_data['company_name'], 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => $company_data['company_name'], 'href' => ''];
# Retrieve Information for the page # Retrieve Information for the page
$company_uuid = htmlspecialchars($_GET['view'], ENT_QUOTES, 'UTF-8'); $company_uuid = htmlspecialchars($_GET['view'], ENT_QUOTES, 'UTF-8');

View File

@@ -12,8 +12,8 @@ if (!$GLOBALS['modules_enabled']['customers']) {
# Includes Section # Includes Section
use api\classes\API; use api\classes\API;
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -25,11 +25,11 @@ if (!$API->checkPermissions('customer-companies', 'RO', true)) {
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['datatables'] = true; $jsScriptLoadData['/src/js/plugin/datatables/datatables.min.js'] = true;
$jsScriptLoadData['multiFilterSelect'] = true; $jsScriptLoadData['/src/js/sentri/multiFilterSelect.js'] = true;
$jsScriptLoadData['datepicker'] = true; $jsScriptLoadData['datepicker'] = true;
$jsScriptLoadData['activateCompany'] = true; $jsScriptLoadData['/src/js/sentri/activateCompany.js'] = true;
# PageClasses Setup # PageClasses Setup

View File

@@ -1,6 +1,6 @@
<?php <?php
use api\classes\API; use api\classes\API_office_stompjes;
if (!defined('APP_INIT')) { if (!defined('APP_INIT')) {
exit; exit;
@@ -14,12 +14,11 @@ if (!$GLOBALS['modules_enabled']['office']) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_office_stompjes.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php';
# Check permissions # Check permissions
$API = new API(); $API = new API_office_stompjes();
if (!$API->checkPermissions('ofice-stompjes', 'RO', true)) { if (!$API->checkPermissions('office-stompjes', 'RO', true)) {
echo 'error 401 unauthorized'; echo 'error 401 unauthorized';
exit; exit;
} }
@@ -27,15 +26,15 @@ if (!$API->checkPermissions('ofice-stompjes', 'RO', true)) {
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['stompjes'] = true; $jsScriptLoadData['/src/js/plugin/chart.js/chart.min.js'] = true;
$jsScriptLoadData['datatables'] = true; $jsScriptLoadData['/src/js/sentri/stompjes.js'] = true;
$jsScriptLoadData['multiFilterSelect'] = true; $jsScriptLoadData['/src/js/plugin/datatables/datatables.min.js'] = true;
$jsScriptLoadData['/src/js/sentri/multiFilterSelect.js'] = true;
$jsScriptLoadData['datepicker'] = true; $jsScriptLoadData['datepicker'] = true;
# PageClasses Setup # PageClasses Setup
# Retrieve Information for the page # Retrieve Information for the page
$stmt = $GLOBALS['conn']->query("SELECT user_uuid, user_full_name, user_first_name, user_profile_picture_thumbnail, user_stompable, user_email FROM system_users WHERE user_stompable = '1'"); $stmt = $GLOBALS['conn']->query("SELECT user_uuid, user_full_name, user_first_name, user_profile_picture_thumbnail, user_stompable, user_email FROM system_users WHERE user_stompable = '1'");
$administrators = []; $administrators = [];
@@ -50,6 +49,7 @@ if (!isset($_GET['fd'])) {
$date = str_replace('/', '-', htmlspecialchars($_GET['fd'], ENT_QUOTES, 'UTF-8')); $date = str_replace('/', '-', htmlspecialchars($_GET['fd'], ENT_QUOTES, 'UTF-8'));
$SelectFromDate = strtotime($date . ' 00:00:00'); $SelectFromDate = strtotime($date . ' 00:00:00');
} }
if (!isset($_GET['td'])) { if (!isset($_GET['td'])) {
$SelectTillDate = time(); $SelectTillDate = time();
} else { } else {
@@ -57,23 +57,14 @@ if (!isset($_GET['td'])) {
$SelectTillDate = strtotime($date . ' 23:59:59'); $SelectTillDate = strtotime($date . ' 23:59:59');
} }
$stompjes = array(); $stompjes = $API->getStomp(true);
$stmt = $GLOBALS['conn']->query("SELECT stomp_uuid, office_stompjes.user_uuid, user_full_name, user_first_name, stomp_timestamp FROM office_stompjes
INNER JOIN system_users ON office_stompjes.user_uuid = system_users.user_uuid foreach ($stompjes as $stompje) {
WHERE stomp_timestamp BETWEEN '$SelectFromDate' AND '$SelectTillDate' $administrators[$stompje['user_uuid']]['amount']++;
AND user_stompable = '1'
ORDER BY stomp_timestamp DESC");
while ($row = $stmt->fetch_assoc()) {
array_push($stompjes, $row);
$administrators[$row['user_uuid']]['amount']++;
} }
# Start page output # Start page output
?> ?>
<script>
const stompData = <?php echo json_encode($stompjes); ?>;
</script>
<div class="form-group form-show-validation row mb-3"> <div class="form-group form-show-validation row mb-3">
<div class="col-5"> <div class="col-5">
<h2> <h2>
@@ -81,24 +72,22 @@ while ($row = $stmt->fetch_assoc()) {
</h2> </h2>
</div> </div>
<div class="col d-flex justify-content-end px-1"> <div class="col d-flex justify-content-end px-1">
<div class="col-lg-auto col-md-auto col-sm-auto mt-sm-1 px-1"> <div class="d-flex align-items-center gap-2 justify-content-end">
<label> <h5><?php echo __('from') ?>: </h5>
<h5><?php echo __('from') ?>: </h5>
</label>
</div> </div>
<div class="col-lg-auto col-md-auto col-sm-auto"> <div class="col-lg-auto col-md-auto col-sm-auto">
<div class="input-group"> <div class="input-group">
<label for="fd"></label>
<input type="text" id="fd" class="form-control" data-datepicker="true" value="<?php echo date('d/m/Y', $SelectFromDate) ?>"/> <input type="text" id="fd" class="form-control" data-datepicker="true" value="<?php echo date('d/m/Y', $SelectFromDate) ?>"/>
<span class="input-group-text"><i class="fa fa-calendar-check"></i></span> <span class="input-group-text"><i class="fa fa-calendar-check"></i></span>
</div> </div>
</div> </div>
<div class="col-lg-auto col-md-auto col-sm-auto mt-sm-1 px-2"> <div class="col-lg-auto col-md-auto col-sm-auto mt-sm-1 px-2">
<label> <h5><?php echo __('to') ?>: </h5>
<h5><?php echo __('to') ?>: </h5>
</label>
</div> </div>
<div class="col-lg-auto col-md-auto col-sm-auto px-2"> <div class="col-lg-auto col-md-auto col-sm-auto px-2">
<div class="input-group"> <div class="input-group">
<label for="td"></label>
<input type="text" id="td" class="form-control" data-datepicker="true" value="<?php echo date('d/m/Y', $SelectTillDate) ?>"/> <input type="text" id="td" class="form-control" data-datepicker="true" value="<?php echo date('d/m/Y', $SelectTillDate) ?>"/>
<span class="input-group-text"><i class="fa fa-calendar-check"></i></span> <span class="input-group-text"><i class="fa fa-calendar-check"></i></span>
</div> </div>
@@ -135,7 +124,7 @@ while ($row = $stmt->fetch_assoc()) {
</div> </div>
</div> </div>
<div class="col col-stats ms-3 ms-sm-0"> <div class="col col-stats ms-3 ms-sm-0">
<a href="#" class="btn btn-warning btn-lg btn-rounded stomp-btn w-100 <?php echo (!$API->checkPermissions('ofice-stompjes-canstomp', 'RW', true)) ? 'disabled' : '' ?>" data-item-uuid="<?php echo $administrator['user_uuid'] ?>" data-item-name="user_uuid" data-api-url="/api/v1/office/stompjes/"><i class="fa-solid fa-hand-fist"></i></a> <a href="#" class="btn btn-warning btn-lg btn-rounded stomp-btn w-100 <?php echo (!$API->checkPermissions('office-stompjes-canstomp', 'RW', true)) ? 'disabled' : '' ?>" data-item-uuid="<?php echo $administrator['user_uuid'] ?>" data-item-name="user_uuid" data-api-url="/api/v1/office/stompjes/"><i class="fa-solid fa-hand-fist"></i></a>
</div> </div>
</div> </div>
</div> </div>
@@ -154,7 +143,7 @@ while ($row = $stmt->fetch_assoc()) {
<th></th> <th></th>
<th><?php echo __('first_name') ?></th> <th><?php echo __('first_name') ?></th>
<th><?php echo __('time') ?></th> <th><?php echo __('time') ?></th>
<?php if ($API->checkPermissions('ofice-stompjes', 'RW', true)) { ?> <?php if ($API->checkPermissions('office-stompjes', 'RW', true)) { ?>
<th><?php echo __('actions') ?></th> <th><?php echo __('actions') ?></th>
<?php } ?> <?php } ?>
</tr> </tr>
@@ -164,7 +153,7 @@ while ($row = $stmt->fetch_assoc()) {
<th></th> <th></th>
<th><?php echo __('first_name') ?></th> <th><?php echo __('first_name') ?></th>
<th><?php echo __('time') ?></th> <th><?php echo __('time') ?></th>
<?php if ($API->checkPermissions('ofice-stompjes', 'RW', true)) { ?> <?php if ($API->checkPermissions('office-stompjes', 'RW', true)) { ?>
<th><?php echo __('actions') ?></th> <th><?php echo __('actions') ?></th>
<?php } ?> <?php } ?>
</tr> </tr>
@@ -180,7 +169,7 @@ while ($row = $stmt->fetch_assoc()) {
</td> </td>
<td class="text-nowrap"><?php echo $administrators[$stompje['user_uuid']]['user_first_name'] ?></td> <td class="text-nowrap"><?php echo $administrators[$stompje['user_uuid']]['user_first_name'] ?></td>
<td class="text-nowrap"><?php echo date('d-m-y H:i:s', $stompje['stomp_timestamp']) ?></td> <td class="text-nowrap"><?php echo date('d-m-y H:i:s', $stompje['stomp_timestamp']) ?></td>
<?php if ($API->checkPermissions('ofice-stompjes', 'RW', true)) { ?> <?php if ($API->checkPermissions('office-stompjes', 'RW', true)) { ?>
<td> <td>
<a href="#" class="btn btn-danger btn-sm btn-rounded stomp-delete-btn" data-item-uuid="<?php echo $stompje['stomp_uuid'] ?>" data-api-url="/api/v1/office/stompjes/" data-item-name="stomp_uuid"><i class="fas fa-trash-alt"></i></a> <a href="#" class="btn btn-danger btn-sm btn-rounded stomp-delete-btn" data-item-uuid="<?php echo $stompje['stomp_uuid'] ?>" data-api-url="/api/v1/office/stompjes/" data-item-name="stomp_uuid"><i class="fas fa-trash-alt"></i></a>
</td> </td>

View File

@@ -2,11 +2,11 @@
<div class="card-body py-0 border"> <div class="card-body py-0 border">
<h5> <h5>
Sentri<br> Made by: Sentri<br> Made by:
<a class="text-decoration-none" href="https://marcomooij.net" target="_blank">Marco Mooij</a><br> Version 1.2 <a class="text-decoration-none" href="https://marcomooij.net" target="_blank">Marco Mooij</a><br> Version 1.2.4
</h5> </h5>
</div> </div>
</div> </div>
<hr> <hr>
<h4>Release notes and roadmap can be found <h4>Release notes and roadmap can be found
<a class="text-warning" href="https://docs.sentri.mooij.me/Release%20notes/">here</a>. <a class="text-warning" href="https://docs.sentri.mooij.me/Release%20notes/" target="_blank">here</a>.
</h4> </h4>

View File

@@ -8,10 +8,10 @@ if (!defined('APP_INIT')) {
# Includes Section # Includes Section
use api\classes\API; use api\classes\API;
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
$API = new API(); $API = new API();
function showCard($module_name, $page_name, $width = 3) function showCard($module_name, $page_name): void
{ {
$page = $GLOBALS['pages'][$module_name][$page_name]; $page = $GLOBALS['pages'][$module_name][$page_name];
?> ?>
@@ -40,14 +40,14 @@ function showCard($module_name, $page_name, $width = 3)
<div class="row row-cols-1 row-cols-md-3 row-cols-sm-2 g-3"> <div class="row row-cols-1 row-cols-md-3 row-cols-sm-2 g-3">
<?php <?php
if ($GLOBALS['modules_enabled']['customers'] && $API->checkPermissions('customer-companies', 'RO', true)) { if ($GLOBALS['modules_enabled']['customers'] && $API->checkPermissions('customer-companies', 'RO', true)) {
showCard('customers', 'companies', '6'); showCard('customers', 'companies');
} }
if ($GLOBALS['modules_enabled']['servers'] && $API->checkPermissions('servers', 'RO', true)) { if ($GLOBALS['modules_enabled']['servers'] && $API->checkPermissions('servers', 'RO', true)) {
showCard('servers', 'server_overview', '6'); showCard('servers', 'server_overview');
} }
if ($GLOBALS['modules_enabled']['office'] && $API->checkPermissions('ofice-stompjes', 'RO', true)) { if ($GLOBALS['modules_enabled']['office'] && $API->checkPermissions('office-stompjes', 'RO', true)) {
showCard('office', 'stompjeslist'); showCard('office', 'stompjeslist');
} }

View File

@@ -3,7 +3,7 @@ if (!defined('APP_INIT')) {
exit; exit;
} }
if (isset($_GET['edit'])) { if (isset($_GET['edit'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/pageUserProfile_edit.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/pageUserProfile_edit.php";
} else { } else {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/pageUserProfile_view.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/pageUserProfile_view.php";
} }

View File

@@ -9,16 +9,16 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['Generatepassword'] = true; $jsScriptLoadData['/src/js/sentri/Generatepassword.js'] = true;
$jsScriptLoadData['passwordShowHide'] = true; $jsScriptLoadData['/src/js/sentri/passwordShowHide.js'] = true;
$jsScriptLoadData['passwordRegen'] = true; $jsScriptLoadData['/src/js/sentri/passwordRegen.js'] = true;
$jsScriptLoadData['enableButtonOnImageUpload'] = true; $jsScriptLoadData['/src/js/sentri/enableButtonOnImageUpload.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -29,7 +29,7 @@ $user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups WH
$user_groups = array(); $user_groups = array();
$user_data = false; $user_data = false;
while ($user_group = $user_groups_data->fetch_assoc()) { while ($user_group = $user_groups_data->fetch_assoc()) {
array_push($user_groups, $user_group); $user_groups[] = $user_group;
$last_weight = $user_group['user_group_weight']; $last_weight = $user_group['user_group_weight'];
} }
@@ -43,22 +43,24 @@ if ($result->num_rows == 1) {
} }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('user_profile'), 'href' => '/userprofile/')); $_SESSION['breadCrumbArray'][] = ['display' => __('user_profile'), 'href' => '/userprofile/'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('edit'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('edit'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
if ($user_data) { if ($user_data) {
$formBuilder->startForm(); ?> $formBuilder->startForm(); ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/users/"> <form id="FormValidation" enctype="multipart/form-data" method="POST" action="/api/v1/portal-management/users/">
<input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="user_uuid" value="<?php echo $user_uuid; ?>"/> <input type="hidden" name="user_uuid" value="<?php echo $user_uuid; ?>"/>
<input type="hidden" name="user_profile_change" value="true"/>
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="user_email" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('user_email') ?></label> <label for="user_email" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('user_email') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<input type="email" class="form-control" id="user_email" name="user_email" value="<?php echo $user_data['user_email'] ?>" placeholder="user@example.xxx" required autofill="off" autocomplete="off"/> <input type="email" class="form-control" id="user_email" name="user_email" value="<?php echo $user_data['user_email'] ?>" placeholder="user@example.xxx" required autocomplete="off"/>
</div> </div>
</div> </div>

View File

@@ -9,8 +9,8 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_apitoken.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_apitoken.php";
# Check permissions # Check permissions
@@ -18,10 +18,10 @@ include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_apitoken.php');
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['enableButtonOnImageUpload'] = true; $jsScriptLoadData['/src/js/sentri/enableButtonOnImageUpload.js'] = true;
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['CopyTargetData'] = true; $jsScriptLoadData['/src/js/sentri/CopyTargetData.js'] = true;
$jsScriptLoadData['updateToggle'] = true; $jsScriptLoadData['/src/js/sentri/updateToggle.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(false, '<i class="fa-solid fa-address-card"></i> ' . $_SESSION['user']['user_full_name'] . ' ' . strtolower(__('user_profile'))); $pageNavbar = new pageNavbar(false, '<i class="fa-solid fa-address-card"></i> ' . $_SESSION['user']['user_full_name'] . ' ' . strtolower(__('user_profile')));
@@ -31,7 +31,7 @@ $user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups WH
$user_groups = array(); $user_groups = array();
$admin_data = false; $admin_data = false;
while ($user_group = $user_groups_data->fetch_assoc()) { while ($user_group = $user_groups_data->fetch_assoc()) {
array_push($user_groups, $user_group); $user_groups[] = $user_group;
$last_weight = $user_group['user_group_weight']; $last_weight = $user_group['user_group_weight'];
} }
@@ -59,7 +59,7 @@ if (isset($_SESSION['tmp_api_token'])) {
if ($API_token->checkPermissions('admin-access-admins', 'RW', true)) { if ($API_token->checkPermissions('admin-access-admins', 'RW', true)) {
$pageNavbar->AddHTMLButton('<a class="btn btn-primary mx-3" type="button" href="?edit=' . $_SESSION['user']['user_uuid'] . '"><i class="fas fa-edit"></i> ' . __('edit') . '</a>'); $pageNavbar->AddHTMLButton('<a class="btn btn-primary mx-3" type="button" href="?edit=' . $_SESSION['user']['user_uuid'] . '"><i class="fas fa-edit"></i> ' . __('edit') . '</a>');
}; }
# Set breadcrumb data # Set breadcrumb data
@@ -72,7 +72,7 @@ if ($user_data) { ?>
<div class="col-md-4 pb-4"> <div class="col-md-4 pb-4">
<div class="card h-100"> <div class="card h-100">
<div class="card-body"> <div class="card-body">
<form method="POST" action="/api/v1/users/avatar/" enctype="multipart/form-data"> <form method="POST" action="/api/v1/user/avatar/" enctype="multipart/form-data">
<input type="hidden" name="user_uuid" value="<?php echo $user_data['user_uuid'] ?>"> <input type="hidden" name="user_uuid" value="<?php echo $user_data['user_uuid'] ?>">
<h1 class="text-center"><?php echo $user_data['user_full_name'] ?></h1> <h1 class="text-center"><?php echo $user_data['user_full_name'] ?></h1>
<div class="form-group form-show-validation row align-items-center justify-content-center"> <div class="form-group form-show-validation row align-items-center justify-content-center">
@@ -207,19 +207,19 @@ if ($user_data) { ?>
<h4><?php echo __('user_management') ?></h4> <h4><?php echo __('user_management') ?></h4>
</div> </div>
<div class="card-body"> <div class="card-body">
<div id="mfa-enabled-row" class="row" style="display: <?php echo(($_SESSION['user']['user_two_factor_enabled'] == 1) ? '' : 'none') ?>"> <div id="mfa-enabled-row" class="row <?= ($_SESSION['user']['user_two_factor_enabled'] ? '' : 'd-none') ?>">
<div class="col-auto"> <div class="col-auto">
<a href="#" class="btn btn-danger delete-btn" data-item-uuid="<?php echo $user_uuid ?>" data-api-url="/api/v1/users/mfa/" data-delete-action='{"mfa-enabled-row":"hide", "mfa-disabled-row":"show"}' data-item-name='user_uuid'> <a href="#" class="btn btn-danger delete-btn" data-item-uuid="<?= $user_uuid ?>" data-api-url="/api/v1/user/mfa/" data-item-name="user_uuid" data-delete-action='{"mfa-enabled-row":"hide", "mfa-disabled-row":"show"}'>
<i class="fa-solid fa-lock"></i> <?php echo __('reset_mfa') ?> <i class="fa-solid fa-lock"></i> <?= __('reset_mfa') ?>
</a> </a>
</div> </div>
</div> </div>
<div id="mfa-disabled-row" class="row" style="display: <?php echo(($_SESSION['user']['user_two_factor_enabled'] == 1) ? 'none' : '') ?>"> <div id="mfa-disabled-row" class="row <?= ($_SESSION['user']['user_two_factor_enabled'] ? 'd-none' : '') ?>">
<div class="col-auto"> <div class="col-auto">
<a class="btn btn-primary" href="/login/mfaSetup.php"> <button class="btn btn-danger delete-btn" disabled>
<i class="fa-solid fa-lock"></i> <?php echo __('set_mfa') ?> <i class="fa-solid fa-lock"></i> <?= __('reset_mfa') ?>
</a> </button>
</div> </div>
</div> </div>
@@ -242,7 +242,7 @@ if ($user_data) { ?>
<h4 class="mb-0">User history</h4> <h4 class="mb-0">User history</h4>
</div> </div>
<div class="card-body"> <div class="card-body">
To be made. Its going show the history of the user. To be made. It's going show the history of the user.
</div> </div>
</div> </div>
</div> </div>
@@ -272,12 +272,15 @@ if ($user_data) { ?>
<div class="card-header d-flex justify-content-between align-items-center pt-2 pb-1"> <div class="card-header d-flex justify-content-between align-items-center pt-2 pb-1">
<h4 class="mb-0"><?php echo __('api_tokens') ?></h4> <h4 class="mb-0"><?php echo __('api_tokens') ?></h4>
<?php if ($API_token->checkPermissions('user-apitoken-self', 'RW', true)) { ?> <?php if ($API_token->checkPermissions('user-apitoken-self', 'RW', true)) { ?>
<form method="POST" action="/api/v1/users/apitoken/"> <form method="POST" action="/api/v1/user/apitoken/">
<input type="hidden" name="user_uuid" value="<?php echo $user_uuid ?>"> <input type="hidden" name="user_uuid" value="<?php echo $user_uuid ?>">
<input type="hidden" name="_return" value="/userprofile/"> <input type="hidden" name="_return" value="/userprofile/">
<button type="submit" href="#" class="btn btn-primary"> <div class="input-group mb-3">
<i class="fa-solid fa-plus"></i> <?php echo __('generate_new_api_token') ?> <input type="text" name="api_token_name" class="form-control" placeholder="API Token name..." aria-label="API Token name..." aria-describedby="button-addon2">
</button> <button type="submit" href="#" class="btn btn-success">
<i class="fa-solid fa-plus"></i> <?php echo __('generate_new_api_token') ?>
</button>
</div>
</form> </form>
<?php } ?> <?php } ?>
</div> </div>
@@ -286,6 +289,7 @@ if ($user_data) { ?>
<thead> <thead>
<tr> <tr>
<th>Token id</th> <th>Token id</th>
<th>Token Name</th>
<th>Expiration</th> <th>Expiration</th>
<th>Created</th> <th>Created</th>
<th>Last used</th> <th>Last used</th>
@@ -295,28 +299,29 @@ if ($user_data) { ?>
<tbody> <tbody>
<?php foreach ($apitokens as $token_data) { ?> <?php foreach ($apitokens as $token_data) { ?>
<tr> <tr>
<td class="text-nowrap" style="max-width: 100%;"> <td class="text-nowrap w-100">
<div class="d-flex align-items-center gap-2" style="max-width: 100%;"> <div class="d-flex align-items-center gap-2 w-100">
<div class="text-truncate" style="max-width: 200px;" id="<?php echo $token_data['api_token_uuid'] ?>" data-copy-data="<?php echo $token_data['api_token_uuid']; ?>"> <div class="text-truncate" id="<?php echo $token_data['api_token_uuid'] ?>" data-copy-data="<?php echo $token_data['api_token_uuid']; ?>">
<?php echo $token_data['api_token_uuid']; ?> <?php echo $token_data['api_token_uuid']; ?>
</div> </div>
<button type="button" class="btn btn-sm btn-outline-secondary" data-copy-target="<?php echo $token_data['api_token_uuid'] ?>" title="Copy Token"> <button type="button" class="btn btn-sm btn-outline-secondary" data-copy-target="<?php echo $token_data['api_token_uuid'] ?>" title="Copy ID">
<i class="fa-solid fa-copy"></i> <i class="fa-solid fa-copy"></i>
</button> </button>
</div> </div>
</td> </td>
<td><?php echo $token_data['api_token_name'] ?></td>
<td><?php showTime($token_data['api_token_expiration_timestamp']) ?></td> <td><?php showTime($token_data['api_token_expiration_timestamp']) ?></td>
<td><?php showTime($token_data['api_token_created_timestamp']) ?></td> <td><?php showTime($token_data['api_token_created_timestamp']) ?></td>
<td><?php showTime($token_data['api_token_last_used_timestamp']) ?></td> <td><?php showTime($token_data['api_token_last_used_timestamp']) ?></td>
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-api-data='<?php echo json_encode(['api_token_uuid' => $token_data['api_token_uuid'], 'api_token_revoked' => $token_data['api_token_revoked'] ? 1 : 0]) ?>' data-api-changevalue="api_token_revoked" data-api-url="/api/v1/users/apitoken/" <?php echo((($token_data['api_token_revoked'])) ? 'checked' : '') ?>> <input type="checkbox" class="checkbox" data-api-data='<?php echo json_encode(['api_token_uuid' => $token_data['api_token_uuid'], 'api_token_revoked' => $token_data['api_token_revoked'] ? 1 : 0]) ?>' data-api-changevalue="api_token_revoked" data-api-url="/api/v1/user/apitoken/" <?php echo((($token_data['api_token_revoked'])) ? 'checked' : '') ?>>
<div class="slider"></div> <span class="slider"></span>
</label> </label>
</td> </td>
<?php if ($API_token->checkPermissions('user-apitoken-self', 'RW', true)) { ?> <?php if ($API_token->checkPermissions('user-apitoken-self', 'RW', true)) { ?>
<td class="text-nowrap"> <td class="text-nowrap">
<a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $token_data['api_token_uuid'] ?>" data-item-name="api_token_uuid" data-api-url="/api/v1/users/apitoken/"><i class="fas fa-trash-alt"></i></a> <a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $token_data['api_token_uuid'] ?>" data-item-name="api_token_uuid" data-api-url="/api/v1/user/apitoken/"><i class="fas fa-trash-alt"></i></a>
</td> </td>
<?php } ?> <?php } ?>
</tr> </tr>

View File

@@ -9,11 +9,10 @@ if (!defined('APP_INIT')) {
} }
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -25,11 +24,11 @@ if (!$API->checkPermissions('admin-access-admins', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'] = true; $jsScriptLoadData['form'] = true;
$jsScriptLoadData['Generatepassword'] = true; $jsScriptLoadData['/src/js/sentri/Generatepassword.js'] = true;
$jsScriptLoadData['passwordGenOnLoad'] = true; $jsScriptLoadData['/src/js/sentri/passwordGenOnLoad.js'] = true;
$jsScriptLoadData['passwordShowHide'] = true; $jsScriptLoadData['/src/js/sentri/passwordShowHide.js'] = true;
$jsScriptLoadData['passwordRegen'] = true; $jsScriptLoadData['/src/js/sentri/passwordRegen.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -41,20 +40,20 @@ $formBuilder = new formBuilder('add_admin', '<i class="fas fa-plus"></i>', '/acc
$user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups WHERE user_group_type = 'admin' ORDER BY user_group_weight DESC"); $user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups WHERE user_group_type = 'admin' ORDER BY user_group_weight DESC");
$user_groups = array(); $user_groups = array();
while ($user_group = $user_groups_data->fetch_assoc()) { while ($user_group = $user_groups_data->fetch_assoc()) {
array_push($user_groups, $user_group); $user_groups[] = $user_group;
$last_weight = $user_group['user_group_weight']; $last_weight = $user_group['user_group_weight'];
} }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('administrators'), 'href' => '/accesscontrol/#administrators')); $_SESSION['breadCrumbArray'][] = ['display' => __('administrators'), 'href' => '/accesscontrol/#administrators'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('add_admin'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('add_admin'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" enctype="multipart/form-data" method="POST" action="/api/v1/users/"> <form id="FormValidation" enctype="multipart/form-data" method="POST" action="/api/v1/portal-management/users/">
<div class="card-body"> <div class="card-body">
<div class="col"> <div class="col">
<p><?php echo __('admin_creation_instruction') ?></p> <p><?php echo __('admin_creation_instruction') ?></p>
@@ -78,7 +77,7 @@ $formBuilder->startForm();
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="user_email" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('user_email') ?></label> <label for="user_email" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('user_email') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<input type="email" class="form-control" id="user_email" name="user_email" placeholder="user@example.xxx" required autofill="off" autofocus autocomplete="off"/> <input type="email" class="form-control" id="user_email" name="user_email" placeholder="user@example.xxx" required autofocus autocomplete="off"/>
</div> </div>
</div> </div>

View File

@@ -10,9 +10,9 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -25,7 +25,7 @@ if (!$API->checkPermissions('admin-access-admins', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'] = true; $jsScriptLoadData['form'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -38,7 +38,7 @@ $user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups WH
$user_groups = array(); $user_groups = array();
$admin_data = false; $admin_data = false;
while ($user_group = $user_groups_data->fetch_assoc()) { while ($user_group = $user_groups_data->fetch_assoc()) {
array_push($user_groups, $user_group); $user_groups[] = $user_group;
$last_weight = $user_group['user_group_weight']; $last_weight = $user_group['user_group_weight'];
} }
@@ -52,15 +52,15 @@ if ($result->num_rows == 1) {
} }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('administrators'), 'href' => '/accesscontrol/#administrators')); $_SESSION['breadCrumbArray'][] = ['display' => __('administrators'), 'href' => '/accesscontrol/#administrators'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('edit_admin'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('edit_admin'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
if ($admin_data) { if ($admin_data) {
$formBuilder->startForm(); ?> $formBuilder->startForm(); ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/users/"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/portal-management/users/">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/accesscontrol/?admin_view=<?php echo $user_uuid ?>"> <input type="hidden" name="_return" value="/accesscontrol/?admin_view=<?php echo $user_uuid ?>">
<input type="hidden" name="user_uuid" value="<?php echo $user_uuid; ?>"/> <input type="hidden" name="user_uuid" value="<?php echo $user_uuid; ?>"/>
<div class="card-body"> <div class="card-body">
@@ -82,7 +82,7 @@ if ($admin_data) {
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="user_email" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('user_email') ?></label> <label for="user_email" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('user_email') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<input type="email" class="form-control" id="user_email" name="user_email" value="<?php echo $admin_data['user_email'] ?>" placeholder="user@example.xxx" required autofill="off" autocomplete="off"/> <input type="email" class="form-control" id="user_email" name="user_email" value="<?php echo $admin_data['user_email'] ?>" placeholder="user@example.xxx" required autocomplete="off"/>
</div> </div>
</div> </div>

View File

@@ -10,8 +10,8 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_apitoken.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_apitoken.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -23,13 +23,13 @@ if (!$API->checkPermissions('admin-access-admins', 'RO', true)) {
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['Generatepassword'] = true; $jsScriptLoadData['/src/js/sentri/Generatepassword.js'] = true;
$jsScriptLoadData['passwordShowHide'] = true; $jsScriptLoadData['/src/js/sentri/passwordShowHide.js'] = true;
$jsScriptLoadData['passwordRegen'] = true; $jsScriptLoadData['/src/js/sentri/passwordRegen.js'] = true;
$jsScriptLoadData['enableButtonOnImageUpload'] = true; $jsScriptLoadData['/src/js/sentri/enableButtonOnImageUpload.js'] = true;
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
$jsScriptLoadData['updateToggle'] = true; $jsScriptLoadData['/src/js/sentri/updateToggle.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -45,7 +45,7 @@ $user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups WH
$user_groups = array(); $user_groups = array();
$admin_data = false; $admin_data = false;
while ($user_group = $user_groups_data->fetch_assoc()) { while ($user_group = $user_groups_data->fetch_assoc()) {
array_push($user_groups, $user_group); $user_groups[] = $user_group;
$last_weight = $user_group['user_group_weight']; $last_weight = $user_group['user_group_weight'];
} }
@@ -60,15 +60,19 @@ if ($result->num_rows == 1) {
$_GET['user_uuid'] = $user_uuid; $_GET['user_uuid'] = $user_uuid;
$userHashigherGroupWeight = false;
if ($admin_data['user_group_weight'] > $_SESSION['user']['user_group_weight']) {
$userHashigherGroupWeight = true;
}
$API_token = new API_apitoken(); $API_token = new API_apitoken();
$requiredFields = ['user_uuid' => ['type' => 'uuid']]; $requiredFields = ['user_uuid' => ['type' => 'uuid']];
$API_token->validateData($requiredFields); $API_token->validateData($requiredFields);
$apitokens = $API_token->getTokens(); $apitokens = $API_token->getTokens();
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('administrators'), 'href' => '/accesscontrol/#administrators')); $_SESSION['breadCrumbArray'][] = ['display' => __('administrators'), 'href' => '/accesscontrol/#administrators'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('view'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('view'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
@@ -78,7 +82,7 @@ if ($admin_data) { ?>
<div class="col-md-4 pb-4"> <div class="col-md-4 pb-4">
<div class="card h-100"> <div class="card h-100">
<div class="card-body"> <div class="card-body">
<form method="POST" action="/api/v1/users/avatar/" enctype="multipart/form-data"> <form method="POST" action="/api/v1/user/avatar/" enctype="multipart/form-data">
<input type="hidden" name="user_uuid" value="<?php echo $admin_data['user_uuid'] ?>"> <input type="hidden" name="user_uuid" value="<?php echo $admin_data['user_uuid'] ?>">
<h1 class="text-center"><?php echo $admin_data['user_full_name'] ?></h1> <h1 class="text-center"><?php echo $admin_data['user_full_name'] ?></h1>
<div class="form-group form-show-validation row align-items-center justify-content-center"> <div class="form-group form-show-validation row align-items-center justify-content-center">
@@ -218,30 +222,31 @@ if ($admin_data) { ?>
</div> </div>
<div class="card-body"> <div class="card-body">
<?php if ($API->checkPermissions('admin-access-admins-mfa', 'RW', true)) { ?> <?php if ($API->checkPermissions('admin-access-admins-mfa', 'RW', true)) { ?>
<div id="mfa-enabled-row" class="row" style="display: <?php echo(($admin_data['user_two_factor_enabled']) ? '' : 'none') ?>"> <div id="mfa-enabled-row" class="row <?= ($admin_data['user_two_factor_enabled'] ? '' : 'd-none') ?>">
<div class="col-auto"> <div class="col-auto">
<a href="#" class="btn btn-danger delete-btn" data-item-uuid="<?php echo $admin_data['user_uuid'] ?>" data-api-url="/api/v1/users/mfa/" data-item-name='user_uuid' data-delete-action='{"mfa-enabled-row":"hide", "mfa-disabled-row":"show"}'> <a href="#" class="btn btn-danger delete-btn" data-item-uuid="<?= $admin_data['user_uuid'] ?>" data-api-url="/api/v1/user/mfa/" data-item-name="user_uuid" data-delete-action='{"mfa-enabled-row":"hide", "mfa-disabled-row":"show"}'>
<i class="fa-solid fa-lock"></i> <?php echo __('reset_mfa') ?> <i class="fa-solid fa-lock"></i> <?= __('reset_mfa') ?>
</a> </a>
</div> </div>
</div> </div>
<div id="mfa-disabled-row" class="row" style="display: <?php echo(($admin_data['user_two_factor_enabled'] == 1) ? 'none' : '') ?>"> <div id="mfa-disabled-row" class="row <?= ($admin_data['user_two_factor_enabled'] ? 'd-none' : '') ?>">
<div class="col-auto"> <div class="col-auto">
<button class="btn btn-danger delete-btn" href="#" disabled> <button class="btn btn-danger delete-btn" disabled>
<i class="fa-solid fa-lock"></i> <?php echo __('reset_mfa') ?> <i class="fa-solid fa-lock"></i> <?= __('reset_mfa') ?>
</button> </button>
</div> </div>
</div> </div>
<?php } ?> <?php }
<?php if ($API->checkPermissions('admin-access-admins-resetpassword', 'RW', true)) { ?> if ($API->checkPermissions('admin-access-admins-resetpassword', 'RW', true)) { ?>
<form method="post" action="/api/v1/users/resetpassword/"> <form method="post" action="/api/v1/user/resetpassword/">
<input type="hidden" name="user_uuid" value="<?php echo $user_uuid ?>"> <input type="hidden" name="user_uuid" value="<?= $user_uuid ?>">
<button class="btn btn-primary mt-2"> <button class="btn btn-primary mt-2">
<i class="fa-solid fa-lock"></i> <?php echo __('send_password_reset') ?> <i class="fa-solid fa-lock"></i> <?= __('send_password_reset') ?>
</button> </button>
</form> </form>
<?php } ?> <?php } ?>
reset the verified email (to be made)<br> reset the verified email (to be made)<br>
</div> </div>
</div> </div>
@@ -256,12 +261,15 @@ if ($admin_data) { ?>
<div class="card-header d-flex justify-content-between align-items-center pt-2 pb-1"> <div class="card-header d-flex justify-content-between align-items-center pt-2 pb-1">
<h4 class="mb-0">API Tokens</h4> <h4 class="mb-0">API Tokens</h4>
<?php if ($API_token->checkPermissions('user-apitoken-others', 'RW', true)) { ?> <?php if ($API_token->checkPermissions('user-apitoken-others', 'RW', true)) { ?>
<form method="POST" action="/api/v1/users/apitoken/"> <form method="POST" action="/api/v1/user/apitoken/">
<input type="hidden" name="user_uuid" value="<?php echo $user_uuid ?>"> <input type="hidden" name="user_uuid" value="<?php echo $user_uuid ?>">
<input type="hidden" name="_return" value="/accesscontrol/?admin_view=<?php echo $user_uuid ?>"> <input type="hidden" name="_return" value="/userprofile/">
<button type="submit" href="#" class="btn btn-primary"> <div class="input-group mb-3">
<i class="fa-solid fa-plus"></i> Generate new token <input type="text" name="api_token_name" class="form-control" placeholder="API Token name..." aria-label="API Token name..." aria-describedby="button-addon2" <?php echo($userHashigherGroupWeight ? '' : 'disabled') ?>>
</button> <button type="submit" href="#" class="btn btn-success" <?php echo($userHashigherGroupWeight ? '' : 'disabled') ?>>
<i class="fa-solid fa-plus"></i> <?php echo __('generate_new_api_token') ?>
</button>
</div>
</form> </form>
<?php } ?> <?php } ?>
</div> </div>
@@ -269,7 +277,8 @@ if ($admin_data) { ?>
<table class="table table-hover table-striped"> <table class="table table-hover table-striped">
<thead> <thead>
<tr> <tr>
<th>token</th> <th>Token id</th>
<th>Token Name</th>
<th>Expiration</th> <th>Expiration</th>
<th>Created</th> <th>Created</th>
<th>Last used</th> <th>Last used</th>
@@ -279,25 +288,29 @@ if ($admin_data) { ?>
<tbody> <tbody>
<?php foreach ($apitokens as $token_data) { ?> <?php foreach ($apitokens as $token_data) { ?>
<tr> <tr>
<td class="text-nowrap" style="max-width: 100%;"> <td class="text-nowrap">
<div class="d-flex align-items-center gap-2" style="max-width: 100%;"> <div class="d-flex align-items-center gap-2">
<div class="text-truncate" style="max-width: 200px;"> <div class="text-truncate" id="<?php echo $token_data['api_token_uuid'] ?>" data-copy-data="<?php echo $token_data['api_token_uuid']; ?>">
<?php echo substr($token_data['api_token'], 0, 15) . '...'; ?> <?php echo $token_data['api_token_uuid']; ?>
</div> </div>
<button type="button" class="btn btn-sm btn-outline-secondary" data-copy-target="<?php echo $token_data['api_token_uuid'] ?>" title="Copy ID">
<i class="fa-solid fa-copy"></i>
</button>
</div> </div>
</td> </td>
<td><?php echo $token_data['api_token_name'] ?></td>
<td><?php showTime($token_data['api_token_expiration_timestamp']) ?></td> <td><?php showTime($token_data['api_token_expiration_timestamp']) ?></td>
<td><?php showTime($token_data['api_token_created_timestamp']) ?></td> <td><?php showTime($token_data['api_token_created_timestamp']) ?></td>
<td><?php showTime($token_data['api_token_last_used_timestamp']) ?></td> <td><?php showTime($token_data['api_token_last_used_timestamp']) ?></td>
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-api-data='<?php echo json_encode(['api_token_uuid' => $token_data['api_token_uuid'], 'api_token_revoked' => $token_data['api_token_revoked'] ? 1 : 0]) ?>' data-api-changevalue="api_token_revoked" data-api-url="/api/v1/users/apitoken/" <?php echo((($token_data['api_token_revoked'])) ? 'checked' : '') ?>> <input type="checkbox" class="checkbox" data-api-data='<?php echo json_encode(['api_token_uuid' => $token_data['api_token_uuid'], 'api_token_revoked' => $token_data['api_token_revoked'] ? 1 : 0]) ?>' data-api-changevalue="api_token_revoked" data-api-url="/api/v1/user/apitoken/" <?php echo((($token_data['api_token_revoked'])) ? 'checked' : '') ?> <?php echo($userHashigherGroupWeight ? '' : 'disabled') ?>>
<div class="slider"></div> <span class="slider"></span>
</label> </label>
</td> </td>
<?php if ($API_token->checkPermissions('user-apitoken-others', 'RW', true)) { ?> <?php if ($API_token->checkPermissions('user-apitoken-others', 'RW', true)) { ?>
<td class="text-nowrap"> <td class="text-nowrap">
<a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $token_data['api_token_uuid'] ?>" data-item-name="api_token_uuid" data-api-url="/api/v1/users/apitoken/"><i class="fas fa-trash-alt"></i></a> <a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn <?php echo($userHashigherGroupWeight ? '' : 'disabled') ?>" data-item-uuid="<?php echo $token_data['api_token_uuid'] ?>" data-item-name="api_token_uuid" data-api-url="/api/v1/user/apitoken/"><i class="fas fa-trash-alt"></i></a>
</td> </td>
<?php } ?> <?php } ?>
</tr> </tr>
@@ -317,7 +330,7 @@ if ($admin_data) { ?>
<h4>User history</h4> <h4>User history</h4>
</div> </div>
<div class="card-body"> <div class="card-body">
To be made. Its going show the history of the administrator. To be made. It's going show the history of the administrator.
</div> </div>
</div> </div>
</div> </div>

View File

@@ -10,9 +10,9 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -25,8 +25,8 @@ if (!$API->isSuperuser()) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'][] = true; $jsScriptLoadData['form'][] = true;
$jsScriptLoadData['slugify'] = true; $jsScriptLoadData['/src/js/sentri/slugify.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -36,19 +36,19 @@ $formBuilder = new formBuilder('add_permission', '<i class="fas fa-plus"></i>',
$system_modules_data = $GLOBALS['conn']->query("SELECT * FROM system_modules WHERE module_enabled = 1"); $system_modules_data = $GLOBALS['conn']->query("SELECT * FROM system_modules WHERE module_enabled = 1");
$system_modules = array(); $system_modules = array();
while ($module = $system_modules_data->fetch_assoc()) { while ($module = $system_modules_data->fetch_assoc()) {
array_push($system_modules, $module); $system_modules[] = $module;
} }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('permission'), 'href' => '/accesscontrol/#permissions')); $_SESSION['breadCrumbArray'][] = ['display' => __('permission'), 'href' => '/accesscontrol/#permissions'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('add_permission'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('add_permission'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" method="POST" action="/api/v1/permissions/"> <form id="FormValidation" method="POST" action="/api/v1/portal-management/permissions/">
<input type="hidden" name="_return" value="/accesscontrol/#permission"> <input type="hidden" name="_return" value="/accesscontrol/#permission">
<div class="card-body"> <div class="card-body">

View File

@@ -11,10 +11,10 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -28,7 +28,7 @@ if (!$API->isSuperuser()) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'][] = true; $jsScriptLoadData['form'][] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -47,21 +47,21 @@ $permission_data = $API_permissions->getPermission()[0];
$system_modules_data = $GLOBALS['conn']->query("SELECT * FROM system_modules WHERE module_enabled = 1"); $system_modules_data = $GLOBALS['conn']->query("SELECT * FROM system_modules WHERE module_enabled = 1");
$system_modules = array(); $system_modules = array();
while ($module = $system_modules_data->fetch_assoc()) { while ($module = $system_modules_data->fetch_assoc()) {
array_push($system_modules, $module); $system_modules[] = $module;
} }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('permission'), 'href' => '/accesscontrol/#permissions')); $_SESSION['breadCrumbArray'][] = ['display' => __('permission'), 'href' => '/accesscontrol/#permissions'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('edit_permission'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('edit_permission'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
if ($permission_data) { if ($permission_data) {
$formBuilder->startForm(); ?> $formBuilder->startForm(); ?>
<form id="FormValidation" method="post" action="/api/v1/permissions/"> <form id="FormValidation" method="post" action="/api/v1/portal-management/permissions/">
<input type="hidden" name="_return" value="/accesscontrol/?permission_view=<?php echo $permission_uuid ?>"> <input type="hidden" name="_return" value="/accesscontrol/?permission_view=<?php echo $permission_uuid ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="permission_uuid" value="<?php echo $permission_uuid ?>"> <input type="hidden" name="permission_uuid" value="<?php echo $permission_uuid ?>">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">

View File

@@ -10,9 +10,9 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -24,10 +24,10 @@ if (!$API->checkPermissions('admin-access-control-permissions', 'RO', true)) {
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['datatables'] = true; $jsScriptLoadData['/src/js/plugin/datatables/datatables.min.js'] = true;
$jsScriptLoadData['updatePermissions'] = true; $jsScriptLoadData['/src/js/sentri/updatePermissions.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -52,8 +52,8 @@ $API_permissions->validateData($requiredFields);
$permission_data = $API_permissions->getPermissionRights(); $permission_data = $API_permissions->getPermissionRights();
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('permission'), 'href' => '/accesscontrol/#permissions')); $_SESSION['breadCrumbArray'][] = ['display' => __('permission'), 'href' => '/accesscontrol/#permissions'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('view'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('view'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
@@ -123,23 +123,23 @@ if ($permission_data) { ?>
<td><?php echo $permission_data_group['user_group_slugify'] ?> </td> <td><?php echo $permission_data_group['user_group_slugify'] ?> </td>
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-permission-uuid="<?= $permission_data_group['permission_uuid'] ?>" data-user-group-uuid="<?= $permission_data_group['user_group_uuid'] ?>" data-value="NA" data-api-url="/api/v1/access-rights/" <?php echo(($permission_data_group['permission_value'] == 'NA') ? 'checked' : '') ?> <input type="checkbox" class="checkbox" data-permission-uuid="<?= $permission_data_group['permission_uuid'] ?>" data-user-group-uuid="<?= $permission_data_group['user_group_uuid'] ?>" data-value="NA" data-api-url="/api/v1/portal-management/group-permissions/" <?php echo(($permission_data_group['permission_value'] == 'NA') ? 'checked' : '') ?>
<?php echo ($API->checkPermissions('admin-access-control-permissions', 'RW', true)) ? '' : 'disabled' ?>> <?php echo ($API->checkPermissions('admin-access-control-permissions', 'RW', true)) ? '' : 'disabled' ?>>
<div class="slider"></div> <span class="slider"></span>
</label> </label>
</td> </td>
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-permission-uuid="<?= $permission_data_group['permission_uuid'] ?>" data-user-group-uuid="<?= $permission_data_group['user_group_uuid'] ?>" data-value="RO" data-api-url="/api/v1/access-rights/" <?php echo(($permission_data_group['permission_value'] == 'RO') ? 'checked' : '') ?> <input type="checkbox" class="checkbox" data-permission-uuid="<?= $permission_data_group['permission_uuid'] ?>" data-user-group-uuid="<?= $permission_data_group['user_group_uuid'] ?>" data-value="RO" data-api-url="/api/v1/portal-management/group-permissions/" <?php echo(($permission_data_group['permission_value'] == 'RO') ? 'checked' : '') ?>
<?php echo ($API->checkPermissions('admin-access-control-permissions', 'RW', true)) ? '' : 'disabled' ?>> <?php echo ($API->checkPermissions('admin-access-control-permissions', 'RW', true)) ? '' : 'disabled' ?>>
<div class="slider"></div> <span class="slider"></span>
</label> </label>
</td> </td>
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-permission-uuid="<?= $permission_data_group['permission_uuid'] ?>" data-user-group-uuid="<?= $permission_data_group['user_group_uuid'] ?>" data-value="RW" data-api-url="/api/v1/access-rights/" <?php echo(($permission_data_group['permission_value'] == 'RW') ? 'checked' : '') ?> <input type="checkbox" class="checkbox" data-permission-uuid="<?= $permission_data_group['permission_uuid'] ?>" data-user-group-uuid="<?= $permission_data_group['user_group_uuid'] ?>" data-value="RW" data-api-url="/api/v1/portal-management/group-permissions/" <?php echo(($permission_data_group['permission_value'] == 'RW') ? 'checked' : '') ?>
<?php echo ($API->checkPermissions('admin-access-control-permissions', 'RW', true)) ? '' : 'disabled' ?>> <?php echo ($API->checkPermissions('admin-access-control-permissions', 'RW', true)) ? '' : 'disabled' ?>>
<div class="slider"></div> <span class="slider"></span>
</label> </label>
</td> </td>
</tr> </tr>

View File

@@ -10,9 +10,9 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -25,8 +25,8 @@ if (!$API->checkPermissions('admin-access-control-user-groups', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'][] = true; $jsScriptLoadData['form'][] = true;
$jsScriptLoadData['slugify'] = true; $jsScriptLoadData['/src/js/sentri/slugify.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -36,19 +36,19 @@ $formBuilder = new formBuilder('add_user_groups', '<i class="fas fa-plus"></i>',
$user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups ORDER BY user_group_weight ASC"); $user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups ORDER BY user_group_weight ASC");
$user_groups = array(); $user_groups = array();
while ($user_group = $user_groups_data->fetch_assoc()) { while ($user_group = $user_groups_data->fetch_assoc()) {
array_push($user_groups, $user_group); $user_groups[] = $user_group;
$last_weight = $user_group['user_group_weight']; $last_weight = $user_group['user_group_weight'];
} }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('user_groups'), 'href' => '/accesscontrol/#user-groups')); $_SESSION['breadCrumbArray'][] = ['display' => __('user_groups'), 'href' => '/accesscontrol/#user-groups'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('add_user_groups'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('add_user_groups'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/user-groups/"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/portal-management/user-groups/">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="user_group_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('user_group_name') ?></label> <label for="user_group_name" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('user_group_name') ?></label>
@@ -80,7 +80,9 @@ $formBuilder->startForm();
<label for="user_group_slugify" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('weight') ?></label> <label for="user_group_slugify" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('weight') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<div class="mb-3"> <div class="mb-3">
<input type="number" class="form-control" name="user_group_weight" min="1" max="900" step="1" value="<?php echo $last_weight + 10 ?>"> <label>
<input type="number" class="form-control" name="user_group_weight" min="1" max="900" step="1" value="<?php echo $last_weight + 10 ?>">
</label>
</div> </div>
</div> </div>
</div> </div>

View File

@@ -11,10 +11,10 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/formBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/formBuilder.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usergroups.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usergroups.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -27,8 +27,8 @@ if (!$API->checkPermissions('admin-access-control-user-groups', 'RW', true)) {
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['form'] = true; $jsScriptLoadData['form'] = true;
$jsScriptLoadData['slugify'] = true; $jsScriptLoadData['/src/js/sentri/slugify.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -44,16 +44,16 @@ $API_usergroups->validateData($requiredFields);
$user_group = $API_usergroups->getUsergroup()[0]; $user_group = $API_usergroups->getUsergroup()[0];
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('user_groups'), 'href' => '/accesscontrol/#user-groups')); $_SESSION['breadCrumbArray'][] = ['display' => __('user_groups'), 'href' => '/accesscontrol/#user-groups'];
array_push($GLOBALS['breadCrumbArray'], array('display' => $user_group['user_group_name'], 'href' => '/accesscontrol/#user-groups')); $_SESSION['breadCrumbArray'][] = ['display' => $user_group['user_group_name'], 'href' => '/accesscontrol/#user-groups'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('edit'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('edit'), 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
$formBuilder->startForm(); $formBuilder->startForm();
?> ?>
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/user-groups/"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/portal-management/user-groups/">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="user_group_uuid" value="<?php echo $user_group['user_group_uuid'] ?>"/> <input type="hidden" name="user_group_uuid" value="<?php echo $user_group['user_group_uuid'] ?>"/>
<input type="hidden" name="user_group_slugify" value="<?php echo $user_group['user_group_slugify'] ?>"/> <input type="hidden" name="user_group_slugify" value="<?php echo $user_group['user_group_slugify'] ?>"/>
<div class="card-body"> <div class="card-body">
@@ -87,7 +87,9 @@ $formBuilder->startForm();
<label for="user_group_slugify" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('weight') ?></label> <label for="user_group_slugify" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('weight') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<div class="mb-3"> <div class="mb-3">
<input type="number" class="form-control" name="user_group_weight" min="1" max="900" step="1" value="<?php echo $user_group['user_group_weight'] ?>"> <label>
<input type="number" class="form-control" name="user_group_weight" min="1" max="900" step="1" value="<?php echo $user_group['user_group_weight'] ?>">
</label>
</div> </div>
</div> </div>
</div> </div>

View File

@@ -9,8 +9,8 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usergroups.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usergroups.php";
# Check permissions # Check permissions
$API = new API_usergroups(); $API = new API_usergroups();
@@ -22,8 +22,8 @@ if (!$API->checkPermissions('admin-access-control-user-groups', 'RO', true)) {
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
$jsScriptLoadData['updatePermissions'] = true; $jsScriptLoadData['/src/js/sentri/updatePermissions.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -56,8 +56,8 @@ if (!$API->checkPermissions('admin-access-control-permissions', 'RW', true)) {
} }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('user_groups'), 'href' => '/accesscontrol/#user-groups')); $_SESSION['breadCrumbArray'][] = ['display' => __('user_groups'), 'href' => '/accesscontrol/#user-groups'];
array_push($GLOBALS['breadCrumbArray'], array('display' => $user_group['user_group_name'], 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => $user_group['user_group_name'], 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
@@ -143,44 +143,44 @@ $pageNavbar->outPutNavbar();
<td><?php echo $group_permissions_data['permission_name'] ?> </td> <td><?php echo $group_permissions_data['permission_name'] ?> </td>
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-permission-uuid="<?= $group_permissions_data['permission_uuid'] ?>" data-user-group-uuid="<?= $group_permissions_data['user_group_uuid'] ?>" data-value="NA" data-api-url="/api/v1/access-rights/" <?php echo(($group_permissions_data['permission_value'] == 'NA') ? 'checked' : '') ?> <input type="checkbox" class="checkbox" data-permission-uuid="<?= $group_permissions_data['permission_uuid'] ?>" data-user-group-uuid="<?= $group_permissions_data['user_group_uuid'] ?>" data-value="NA" data-api-url="/api/v1/portal-management/group-permissions/" <?php echo(($group_permissions_data['permission_value'] == 'NA') ? 'checked' : '') ?>
<?php echo ($toggleDisabled) ? 'disabled' : '' ?>> <?php echo ($toggleDisabled) ? 'disabled' : '' ?>>
<div class="slider"></div> <span class="slider"></span>
</label> </label>
</td> </td>
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-permission-uuid="<?= $group_permissions_data['permission_uuid'] ?>" data-user-group-uuid="<?= $group_permissions_data['user_group_uuid'] ?>" data-value="RO" data-api-url="/api/v1/access-rights/" <?php echo(($group_permissions_data['permission_value'] == 'RO') ? 'checked' : '') ?> <input type="checkbox" class="checkbox" data-permission-uuid="<?= $group_permissions_data['permission_uuid'] ?>" data-user-group-uuid="<?= $group_permissions_data['user_group_uuid'] ?>" data-value="RO" data-api-url="/api/v1/portal-management/group-permissions/" <?php echo(($group_permissions_data['permission_value'] == 'RO') ? 'checked' : '') ?>
<?php echo ($toggleDisabled) ? 'disabled' : '' ?>> <?php echo ($toggleDisabled) ? 'disabled' : '' ?>>
<div class="slider"></div> <span class="slider"></span>
</label> </label>
</td> </td>
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-permission-uuid="<?= $group_permissions_data['permission_uuid'] ?>" data-user-group-uuid="<?= $group_permissions_data['user_group_uuid'] ?>" data-value="RW" data-api-url="/api/v1/access-rights/" <?php echo(($group_permissions_data['permission_value'] == 'RW') ? 'checked' : '') ?> <input type="checkbox" class="checkbox" data-permission-uuid="<?= $group_permissions_data['permission_uuid'] ?>" data-user-group-uuid="<?= $group_permissions_data['user_group_uuid'] ?>" data-value="RW" data-api-url="/api/v1/portal-management/group-permissions/" <?php echo(($group_permissions_data['permission_value'] == 'RW') ? 'checked' : '') ?>
<?php echo ($toggleDisabled) ? 'disabled' : '' ?>> <?php echo ($toggleDisabled) ? 'disabled' : '' ?>>
<div class="slider"></div> <span class="slider"></span>
</label> </label>
</td> </td>
<td> <td>
<a href="#" class="btn btn-info btn-sm btn-rounded" data-bs-toggle="modal" data-bs-target="#infoModal<?php echo $group_permissions_data['permission_uuid'] ?>"><i class="fa-solid fa-circle-info"></i></a> <a href="#" class="btn btn-info btn-sm btn-rounded" data-bs-toggle="modal" data-bs-target="#infoModal<?php echo $group_permissions_data['permission_uuid'] ?>"><i class="fa-solid fa-circle-info"></i></a>
</td> </td>
<div class="modal fade" id="infoModal<?php echo $group_permissions_data['permission_uuid'] ?>" tabindex="-1" aria-labelledby="infoModalLabel" aria-hidden="true"> </tr>
<div class="modal-dialog modal-dialog-centered modal-lg"> <div class="modal fade" id="infoModal<?php echo $group_permissions_data['permission_uuid'] ?>" tabindex="-1" aria-labelledby="infoModalLabel" aria-hidden="true">
<div class="modal-content bg-black2"> <div class="modal-dialog modal-dialog-centered modal-lg">
<div class="modal-header"> <div class="modal-content bg-black2">
<h5 class="modal-title" id="infoModalLabel"> <div class="modal-header">
<i class="fas fa-info-circle"></i> <?php echo __('information') ?> <h5 class="modal-title" id="infoModalLabel">
</h5> <i class="fas fa-info-circle"></i> <?php echo __('information') ?>
<button type="button" class="btn-close btn-close-white" data-bs-dismiss="modal" aria-label="Close"></button> </h5>
</div> <button type="button" class="btn-close btn-close-white" data-bs-dismiss="modal" aria-label="Close"></button>
<div class="modal-body"> </div>
<?php echo $group_permissions_data['permission_description'] ?> <div class="modal-body">
</div> <?php echo $group_permissions_data['permission_description'] ?>
</div> </div>
</div> </div>
</div> </div>
</tr> </div>
<?php } ?> <?php } ?>
</tbody> </tbody>
</table> </table>

View File

@@ -8,8 +8,8 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -17,10 +17,10 @@ $API = new API();
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['activeTabOnRefresh'] = true;; $jsScriptLoadData['/src/js/sentri/activeTabOnRefresh.js'] = true;
$jsScriptLoadData['multiFilterSelect'] = true; $jsScriptLoadData['/src/js/sentri/multiFilterSelect.js'] = true;
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['datatables'] = true; $jsScriptLoadData['/src/js/plugin/datatables/datatables.min.js'] = true;
# PageClasses Setup # PageClasses Setup
@@ -28,7 +28,7 @@ $jsScriptLoadData['datatables'] = true;
$user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups ORDER BY user_group_weight ASC"); $user_groups_data = $GLOBALS['conn']->query("SELECT * FROM system_user_groups ORDER BY user_group_weight ASC");
$user_groups = array(); $user_groups = array();
while ($user_group = $user_groups_data->fetch_assoc()) { while ($user_group = $user_groups_data->fetch_assoc()) {
array_push($user_groups, $user_group); $user_groups[] = $user_group;
$last_weight = $user_group['user_group_weight']; $last_weight = $user_group['user_group_weight'];
} }
@@ -36,21 +36,21 @@ while ($user_group = $user_groups_data->fetch_assoc()) {
$stmt = $GLOBALS['conn']->query("SELECT * FROM system_users INNER JOIN system_user_groups ON system_users.user_group_uuid = system_user_groups.user_group_uuid WHERE user_group_type = 'admin'"); $stmt = $GLOBALS['conn']->query("SELECT * FROM system_users INNER JOIN system_user_groups ON system_users.user_group_uuid = system_user_groups.user_group_uuid WHERE user_group_type = 'admin'");
$administrators = array(); $administrators = array();
while ($row = $stmt->fetch_assoc()) { while ($row = $stmt->fetch_assoc()) {
array_push($administrators, $row); $administrators[] = $row;
} }
$stmt = $GLOBALS['conn']->query("SELECT * FROM system_permissions INNER JOIN system_modules ON system_permissions.module_uuid = system_modules.module_uuid WHERE system_modules.module_enabled = 1"); $stmt = $GLOBALS['conn']->query("SELECT * FROM system_permissions INNER JOIN system_modules ON system_permissions.module_uuid = system_modules.module_uuid WHERE system_modules.module_enabled = 1");
$permissions = array(); $permissions = array();
while ($row = $stmt->fetch_assoc()) { while ($row = $stmt->fetch_assoc()) {
array_push($permissions, $row); $permissions[] = $row;
} }
# Set breadcrumb data # Set breadcrumb data
# Start page output # Start page output
?> ?>
<div class="card-body activeTabOnRefresh" style="opacity: 0; transition: opacity 10ms;"> <div class="card-body activeTabOnRefresh">
<div class="row"> <div class="row">
<div class="col-md-1"> <div class="col-md-1">
<div class="nav flex-column nav-pills nav-secondary nav-pills-no-bd nav-pills-icons" id="v-pills-tab-with-icon" role="tablist" aria-orientation="vertical"> <div class="nav flex-column nav-pills nav-secondary nav-pills-no-bd nav-pills-icons" id="v-pills-tab-with-icon" role="tablist" aria-orientation="vertical">
@@ -141,7 +141,7 @@ while ($row = $stmt->fetch_assoc()) {
<a href="?admin_view=<?php echo $administrator['user_uuid'] ?>" class="btn btn-info btn-sm btn-rounded"><i class="far fa-eye"></i></a> <a href="?admin_view=<?php echo $administrator['user_uuid'] ?>" class="btn btn-info btn-sm btn-rounded"><i class="far fa-eye"></i></a>
<?php } ?> <?php } ?>
<?php if ($API->checkPermissions('admin-access-admins', 'RW', true)) { ?> <?php if ($API->checkPermissions('admin-access-admins', 'RW', true)) { ?>
<a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $administrator['user_uuid'] ?>" data-api-url="/api/v1/users/" data-item-name="user_uuid"><i class="fas fa-trash-alt"></i></a> <a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $administrator['user_uuid'] ?>" data-api-url="/api/v1/portal-management/users/" data-item-name="user_uuid"><i class="fas fa-trash-alt"></i></a>
<?php } ?> <?php } ?>
</td> </td>
</tr> </tr>
@@ -207,9 +207,8 @@ while ($row = $stmt->fetch_assoc()) {
<a href="?permission_view=<?php echo $permission['permission_uuid'] ?>" class="btn btn-info btn-sm btn-rounded"><i class="far fa-eye"></i></a> <a href="?permission_view=<?php echo $permission['permission_uuid'] ?>" class="btn btn-info btn-sm btn-rounded"><i class="far fa-eye"></i></a>
<?php if ($API->isSuperuser()) { ?> <?php if ($API->isSuperuser()) { ?>
<a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $permission['permission_uuid'] ?>" data-item-name="permission_uuid" data-api-url="/api/v1/permissions/"><i class="fas fa-trash-alt"></i></a> <a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $permission['permission_uuid'] ?>" data-item-name="permission_uuid" data-api-url="/api/v1/portal-management/permissions/"><i class="fas fa-trash-alt"></i></a>
<?php } ?> <?php } ?>
</td> </td>
</tr> </tr>
<?php } ?> <?php } ?>
@@ -247,6 +246,7 @@ while ($row = $stmt->fetch_assoc()) {
<table class="table table-striped"> <table class="table table-striped">
<thead> <thead>
<tr> <tr>
<th><?php echo __('weight') ?></th>
<th><?php echo __('user_group_name') ?></th> <th><?php echo __('user_group_name') ?></th>
<th><?php echo __('user_group_slugify') ?></th> <th><?php echo __('user_group_slugify') ?></th>
<th><?php echo __('user_group_type') ?></th> <th><?php echo __('user_group_type') ?></th>
@@ -255,6 +255,9 @@ while ($row = $stmt->fetch_assoc()) {
</thead> </thead>
<?php foreach ($user_groups as $user_group) { ?> <?php foreach ($user_groups as $user_group) { ?>
<tr> <tr>
<td>
<b><?php echo $user_group['user_group_weight']; ?></b>
</td>
<td><?php echo $user_group['user_group_name']; ?></td> <td><?php echo $user_group['user_group_name']; ?></td>
<td><?php echo $user_group['user_group_slugify']; ?></td> <td><?php echo $user_group['user_group_slugify']; ?></td>
<td><?php echo __($user_group['user_group_type']); ?></td> <td><?php echo __($user_group['user_group_type']); ?></td>
@@ -266,7 +269,7 @@ while ($row = $stmt->fetch_assoc()) {
<a href="?user_group_view=<?php echo $user_group['user_group_uuid'] ?>" class="btn btn-info btn-sm btn-rounded"><i class="far fa-eye"></i></a> <a href="?user_group_view=<?php echo $user_group['user_group_uuid'] ?>" class="btn btn-info btn-sm btn-rounded"><i class="far fa-eye"></i></a>
<?php } ?> <?php } ?>
<?php if ($API->checkPermissions('admin-access-control-user-groups', 'RW', true)) { ?> <?php if ($API->checkPermissions('admin-access-control-user-groups', 'RW', true)) { ?>
<a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $user_group['user_group_uuid'] ?>" data-api-url="/api/v1/user-groups/" data-item-name="user_group_uuid"><i class="fas fa-trash-alt"></i></a> <a href="#" class="btn btn-danger btn-sm btn-rounded delete-btn" data-item-uuid="<?php echo $user_group['user_group_uuid'] ?>" data-api-url="/api/v1/portal-management/user-groups/" data-item-name="user_group_uuid"><i class="fas fa-trash-alt"></i></a>
<?php } ?> <?php } ?>
</td> </td>
</tr> </tr>

View File

@@ -3,16 +3,16 @@ if (!defined('APP_INIT')) {
exit; exit;
} }
$jsScriptLoadData['activeTabOnRefresh'] = true; $jsScriptLoadData['/src/js/sentri/activeTabOnRefresh.js'] = true;
?> ?>
<div class="card-body activeTabOnRefresh" style="opacity: 0; transition: opacity 10ms;"> <div class="card-body activeTabOnRefresh">
<div class="row"> <div class="row">
<div class="col-md-1"> <div class="col-md-1">
<div class="nav flex-column nav-pills nav-secondary nav-pills-no-bd nav-pills-icons" id="v-pills-tab-with-icon" role="tablist" aria-orientation="vertical"> <div class="nav flex-column nav-pills nav-secondary nav-pills-no-bd nav-pills-icons" id="v-pills-tab-with-icon" role="tablist" aria-orientation="vertical">
<a class="nav-link active" id="overview-tab" data-bs-toggle="pill" href="#overview" role="tab" aria-controls="overview" aria-selected="true"> <a class="nav-link active" id="overview-tab" data-bs-toggle="pill" href="#overview" role="tab" aria-controls="overview" aria-selected="true">
<i class="fa-solid fa-ear-listen"></i></i><?php echo __('overview'); ?> <i class="fa-solid fa-ear-listen"></i><?php echo __('overview'); ?>
</a> </a>
<a class="nav-link" id="monitoring-tab" data-bs-toggle="pill" href="#monitoring" role="tab" aria-controls="monitoring"> <a class="nav-link" id="monitoring-tab" data-bs-toggle="pill" href="#monitoring" role="tab" aria-controls="monitoring">
<i class="fa-solid fa-magnifying-glass"></i><?php echo __('monitoring'); ?> <i class="fa-solid fa-magnifying-glass"></i><?php echo __('monitoring'); ?>
@@ -25,7 +25,7 @@ $jsScriptLoadData['activeTabOnRefresh'] = true;
<div class="row mb-3"> <div class="row mb-3">
<div class="col-4"> <div class="col-4">
<h2> <h2>
<i class="fa-solid fa-ear-listen"></i></i> &nbsp; <?php echo __('overview') ?> <i class="fa-solid fa-ear-listen"></i> &nbsp; <?php echo __('overview') ?>
</h2> </h2>
</div> </div>
</div> </div>

View File

@@ -9,7 +9,7 @@ if (!defined('APP_INIT')) {
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -18,9 +18,9 @@ $API = new API();
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['activeTabOnRefresh'] = true; $jsScriptLoadData['/src/js/sentri/activeTabOnRefresh.js'] = true;
$jsScriptLoadData['copyInputValue'] = true; $jsScriptLoadData['/src/js/sentri/copyInputValue.js'] = true;
$jsScriptLoadData['updateToggle'] = true; $jsScriptLoadData['/src/js/sentri/updateToggle.js'] = true;
# PageClasses Setup # PageClasses Setup
@@ -30,7 +30,7 @@ $portal_settings = $GLOBALS['conn']->query("SELECT * FROM system_settings")->fet
$system_modules_data = $GLOBALS['conn']->query("SELECT * FROM system_modules"); $system_modules_data = $GLOBALS['conn']->query("SELECT * FROM system_modules");
$system_modules = array(); $system_modules = array();
while ($module = $system_modules_data->fetch_assoc()) { while ($module = $system_modules_data->fetch_assoc()) {
array_push($system_modules, $module); $system_modules[] = $module;
} }
@@ -39,7 +39,7 @@ while ($module = $system_modules_data->fetch_assoc()) {
# Start page output # Start page output
?> ?>
<div class="card-body activeTabOnRefresh" style="opacity: 0; transition: opacity 10ms;"> <div class="card-body activeTabOnRefresh">
<div class="row"> <div class="row">
<div class="col-md-1 col-lg-1"> <div class="col-md-1 col-lg-1">
<div class="nav flex-column nav-pills nav-secondary nav-pills-no-bd nav-pills-icons" id="v-pills-tab-with-icon" role="tablist" aria-orientation="vertical"> <div class="nav flex-column nav-pills nav-secondary nav-pills-no-bd nav-pills-icons" id="v-pills-tab-with-icon" role="tablist" aria-orientation="vertical">
@@ -85,8 +85,8 @@ while ($module = $system_modules_data->fetch_assoc()) {
</div> </div>
</div> </div>
<div class="card"> <div class="card">
<form id="FormValidation" method="post" action="/api/v1/portalsettings/"> <form id="FormValidation" method="post" action="/api/v1/portal-management/configure/">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/systemconfig/#global-settings"> <input type="hidden" name="_return" value="/systemconfig/#global-settings">
<input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>"> <input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>">
<div class="card-body"> <div class="card-body">
@@ -128,7 +128,7 @@ while ($module = $system_modules_data->fetch_assoc()) {
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<div class="input-group"> <div class="input-group">
<input type="text" class="form-control" id="cacert_url" name="cacert_url" value="<?php echo $portal_settings['cacert_url'] ?>" placeholder="" disabled/> <input type="text" class="form-control" id="cacert_url" name="cacert_url" value="<?php echo $portal_settings['cacert_url'] ?>" placeholder="" disabled/>
<button class="btn btn-outline-secondary" type="button" onclick="copyToClipboard('cacert_url')"> <button class="btn btn-outline-secondary" type="button" data-copy-target="cacert_url">
<i class="fas fa-copy"></i> <i class="fas fa-copy"></i>
</button> </button>
</div> </div>
@@ -141,7 +141,7 @@ while ($module = $system_modules_data->fetch_assoc()) {
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<div class="input-group"> <div class="input-group">
<input type="text" class="form-control" id="autop_url" name="autop_url" value="<?php echo $portal_settings['autop_url'] ?>" placeholder="" disabled/> <input type="text" class="form-control" id="autop_url" name="autop_url" value="<?php echo $portal_settings['autop_url'] ?>" placeholder="" disabled/>
<button class="btn btn-outline-secondary" type="button" onclick="copyToClipboard('autop_url')"> <button class="btn btn-outline-secondary" type="button" data-copy-target="autop_url">
<i class="fas fa-copy"></i> <i class="fas fa-copy"></i>
</button> </button>
</div> </div>
@@ -173,9 +173,9 @@ while ($module = $system_modules_data->fetch_assoc()) {
</div> </div>
</div> </div>
<div class="card"> <div class="card">
<form id="FormValidation" method="post" action="/api/v1/mailsettings/"> <form id="FormValidation" method="post" action="/api/v1/portal-management/mail/configure/">
<input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>"> <input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/systemconfig/#mail-settings"> <input type="hidden" name="_return" value="/systemconfig/#mail-settings">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
@@ -187,13 +187,17 @@ while ($module = $system_modules_data->fetch_assoc()) {
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="mail_from_address" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('mail_from_address') ?></label> <label for="mail_from_address" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('mail_from_address') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<input type="email" class="form-control" name="mail_from_address" value="<?php echo $portal_settings['mail_from_address'] ?>" placeholder="" required/> <label>
<input type="email" class="form-control" name="mail_from_address" value="<?php echo $portal_settings['mail_from_address'] ?>" placeholder="" required/>
</label>
</div> </div>
</div> </div>
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">
<label for="mail_smtp_host" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('mail_smtp_host') ?></label> <label for="mail_smtp_host" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('mail_smtp_host') ?></label>
<div class="col-lg-9 col-md-12 col-sm-10"> <div class="col-lg-9 col-md-12 col-sm-10">
<input type="text" class="form-control" name="mail_smtp_host" value="<?php echo $portal_settings['mail_smtp_host'] ?>" placeholder="" required/> <label>
<input type="text" class="form-control" name="mail_smtp_host" value="<?php echo $portal_settings['mail_smtp_host'] ?>" placeholder="" required/>
</label>
</div> </div>
</div> </div>
@@ -244,6 +248,9 @@ while ($module = $system_modules_data->fetch_assoc()) {
<div class="card-footer py-4"> <div class="card-footer py-4">
<div class="row"> <div class="row">
<div class="col d-flex justify-content-end"> <div class="col d-flex justify-content-end">
<a href="#" class="btn btn-success mx-2" data-bs-toggle="modal" data-bs-target="#testMailModal">
<i class="fa-solid fa-envelope-circle-check"></i> <?php echo __('test') ?>
</a>
<?php if ($API->checkPermissions('admin-mailsettings', 'RW', true)) { ?> <?php if ($API->checkPermissions('admin-mailsettings', 'RW', true)) { ?>
<button type="submit" class="btn btn-primary"> <button type="submit" class="btn btn-primary">
<i class="fas fa-edit"></i> <?php echo __('edit') ?> <i class="fas fa-edit"></i> <?php echo __('edit') ?>
@@ -253,6 +260,42 @@ while ($module = $system_modules_data->fetch_assoc()) {
</div> </div>
</div> </div>
</form> </form>
<div class="modal fade" id="testMailModal" tabindex="-1" aria-labelledby="infoModalLabel" aria-hidden="true">
<div class="modal-dialog modal-dialog-centered modal-lg">
<div class="modal-content bg-black2">
<div class="modal-header">
<h5 class="modal-title" id="infoModalLabel">
<i class="fa-solid fa-envelope-circle-check"></i> <?php echo __('send_test_mail') ?>
</h5>
<button type="button" class="btn-close btn-close-white" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<p>
<?php echo __('send_test_mail_explanation') ?>
</p>
<form id="FormValidation" method="post" action="/api/v1/portal-management/mail/test/">
<input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>">
<input type="hidden" name="X-HTTP-Method-Override" value="POST">
<input type="hidden" name="_return" value="/systemconfig/#mail-settings">
<div class="form-group form-show-validation row">
<label for="mail_to" class="col-lg-3 col-md-3 col-sm-4 mt-sm-2"><?php echo __('mail_to') ?>:</label>
<div class="col-lg-9 col-md-12 col-sm-10">
<input type="email" class="form-control" id="mail_to" name="mail_to" value="" placeholder="Send test mail to..." required/>
</div>
</div>
<hr class="text-light">
<div class="row">
<div class="col d-flex justify-content-end">
<button type="submit" class="btn btn-success">
<i class="fa-solid fa-paper-plane"></i> <?php echo __('send_mail') ?>
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div> </div>
</div> </div>
<?php } ?> <?php } ?>
@@ -269,7 +312,7 @@ while ($module = $system_modules_data->fetch_assoc()) {
<div class="card p-3"> <div class="card p-3">
<form id="FormValidation" method="post" action="/api/v1/modules/"> <form id="FormValidation" method="post" action="/api/v1/modules/">
<input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>"> <input type="hidden" name="portal_uuid" value="<?php echo $portal_settings['portal_uuid']; ?>">
<input type="hidden" name="_method" value="PUT"> <input type="hidden" name="X-HTTP-Method-Override" value="PUT">
<input type="hidden" name="_return" value="/systemconfig/#modules"> <input type="hidden" name="_return" value="/systemconfig/#modules">
<table class="multi-filter-select display table table-striped table-hover" data-skip-columns="0,5"> <table class="multi-filter-select display table table-striped table-hover" data-skip-columns="0,5">
<thead> <thead>
@@ -292,11 +335,11 @@ while ($module = $system_modules_data->fetch_assoc()) {
<td> <td>
<label class="switch"> <label class="switch">
<input type="checkbox" class="checkbox" data-api-url="/api/v1/portal-management/modules/" data-api-data='<?php echo json_encode(['module_uuid' => $module['module_uuid'], 'module_enabled' => $module['module_enabled'] ? 0 : 1]) ?>' data-api-changevalue="module_enabled" <input type="checkbox" class="checkbox" data-api-url="/api/v1/portal-management/modules/" data-api-data='<?php echo json_encode(['module_uuid' => $module['module_uuid'], 'module_enabled' => $module['module_enabled'] ? 1 : 0]) ?>' data-api-changevalue="module_enabled"
<?php echo(($module['module_enabled']) ? 'checked' : '') ?> <?php echo(($module['module_enabled']) ? 'checked' : '') ?>
<?php echo ($API->checkPermissions('admin-modules', 'RW', true)) ? '' : 'disabled' ?> <?php echo ($API->checkPermissions('admin-modules', 'RW', true)) ? '' : 'disabled' ?>
<?php echo(($module['module_slugify'] == 'system') ? 'disabled' : '') ?>> <?php echo(($module['module_slugify'] == 'system') ? 'disabled' : '') ?>>
<div class="slider"></div> <span class="slider"></span>
</label> </label>
</td> </td>
</tr> </tr>

View File

@@ -9,8 +9,8 @@ if (!defined('APP_INIT')) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -20,12 +20,12 @@ $API->checkPermissions('admin-sources', 'RO');
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['activeTabOnRefresh'] = true; $jsScriptLoadData['/src/js/sentri/activeTabOnRefresh.js'] = true;
$jsScriptLoadData['copyInputValue'] = true; $jsScriptLoadData['/src/js/sentri/copyInputValue.js'] = true;
$jsScriptLoadData['updateToggle'] = true; $jsScriptLoadData['/src/js/sentri/updateToggle.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
$jsScriptLoadData['inserve_source'] = true; $jsScriptLoadData['/src/js/sentri/inserve_source.js'] = true;
$jsScriptLoadData['validateJson'] = true; $jsScriptLoadData['/src/js/sentri/validateJson.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -35,10 +35,9 @@ $inserve_settings = $GLOBALS['conn']->query("SELECT * FROM system_sources WHERE
$inserve_custom_data = ($inserve_settings['source_custom_data'] ? json_encode(json_decode($inserve_settings['source_custom_data']), JSON_PRETTY_PRINT) : "{}"); $inserve_custom_data = ($inserve_settings['source_custom_data'] ? json_encode(json_decode($inserve_settings['source_custom_data']), JSON_PRETTY_PRINT) : "{}");
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('portal_management'), 'href' => '/systemconfig')); $_SESSION['breadCrumbArray'][] = ['display' => __('portal_management'), 'href' => '/systemconfig'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('sources'), 'href' => '/systemconfig#sources')); $_SESSION['breadCrumbArray'][] = ['display' => __('sources'), 'href' => '/systemconfig#sources'];
array_push($GLOBALS['breadCrumbArray'], array('display' => 'Inserve', 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => 'Inserve', 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
@@ -56,9 +55,8 @@ $pageNavbar->outPutNavbar();
</div> </div>
<form id="FormValidation" method="post" action="/api/v1/portal-management/sources/inserve/"> <form id="FormValidation" method="post" action="/api/v1/portal-management/sources/inserve/">
<input type="hidden" name="_method" value="POST"> <input type="hidden" name="X-HTTP-Method-Override" value="POST">
<input type="hidden" name="_return" value="/portal-management/sources/inserve"> <input type="hidden" name="_return" value="/portal-management/sources/inserve">
<input type="hidden" name="source_name" value="inserve">
<div class="card-body"> <div class="card-body">
<div class="form-group form-show-validation row"> <div class="form-group form-show-validation row">

View File

@@ -9,7 +9,7 @@ if (!$GLOBALS['modules_enabled']['servers']) {
} }
if (isset($_GET['view'])) { if (isset($_GET['view'])) {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/servers/pageServerOverview_server_view.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/servers/pageServerOverview_server_view.php";
} else { } else {
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/servers/pageServerOverview_view.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/pages/servers/pageServerOverview_view.php";
} }

View File

@@ -14,8 +14,8 @@ if (!$GLOBALS['modules_enabled']['servers']) {
# IDE Section # IDE Section
# Includes Section # Includes Section
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/pageNavbar.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/pageNavbar.php";
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
# Check permissions # Check permissions
$API = new API(); $API = new API();
@@ -27,9 +27,10 @@ if (!$API->checkPermissions('servers', 'RO', true)) {
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['breadCrumbs'] = true; $jsScriptLoadData['/src/js/sentri/breadCrumbs.js'] = true;
$jsScriptLoadData['codeblocks'] = true; $jsScriptLoadData['codeblocks'] = true;
$jsScriptLoadData['/src/js/sentri/serverView.js'] = true;
# PageClasses Setup # PageClasses Setup
$pageNavbar = new pageNavbar(true); $pageNavbar = new pageNavbar(true);
@@ -46,7 +47,7 @@ if ($GLOBALS['modules_enabled']['customers']) {
$companies_data = $GLOBALS['conn']->query("SELECT company_uuid, company_name FROM companies WHERE company_state = 'active'"); $companies_data = $GLOBALS['conn']->query("SELECT company_uuid, company_name FROM companies WHERE company_state = 'active'");
$companies = array(); $companies = array();
while ($company_data = $companies_data->fetch_assoc()) { while ($company_data = $companies_data->fetch_assoc()) {
array_push($companies, $company_data); $companies[] = $company_data;
} }
} }
@@ -110,7 +111,7 @@ $logo = $logos[$baseos] ?? 'server';
if ($API->checkPermissions('servers', 'RW', true)) { if ($API->checkPermissions('servers', 'RW', true)) {
$pageNavbar->AddHTMLButton( $pageNavbar->AddHTMLButton(
'<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/servers/"> '<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/servers/">
<input type="hidden" name="_method" value="POST"> <input type="hidden" name="X-HTTP-Method-Override" value="POST">
<input type="hidden" name="_return" value="/servers?view=' . $server_data['server_uuid'] . '"> <input type="hidden" name="_return" value="/servers?view=' . $server_data['server_uuid'] . '">
<input type="hidden" name="server_vm_id" value="' . $server_data['server_vm_id'] . '"/>' . <input type="hidden" name="server_vm_id" value="' . $server_data['server_vm_id'] . '"/>' .
( (
@@ -126,11 +127,11 @@ if ($API->checkPermissions('servers', 'RW', true)) {
) . ) .
'</form>' '</form>'
); );
}; }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('server_overview'), 'href' => '/servers/')); $_SESSION['breadCrumbArray'][] = ['display' => __('server_overview'), 'href' => '/servers/'];
array_push($GLOBALS['breadCrumbArray'], array('display' => $server_data['server_vm_host_name'], 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => $server_data['server_vm_host_name'], 'href' => ''];
# Start page output # Start page output
$pageNavbar->outPutNavbar(); $pageNavbar->outPutNavbar();
@@ -149,13 +150,13 @@ $pageNavbar->outPutNavbar();
<div class="row pb-5"> <div class="row pb-5">
<div class="col-md-3 col-lg-3"> <div class="col-md-3 col-lg-3">
<h2><?php echo $server_data['server_os'] ?></h2> <h2><?php echo $server_data['server_os'] ?></h2>
<img class="img-fluid os-logo" src="/src/images/os/<?php echo $logo ?>.svg"> <img alt="os-logo" class="img-fluid os-logo" src="/src/images/os/<?php echo $logo ?>.svg">
</div> </div>
<div class="col-lg-auto col-md-auto"> <div class="col-lg-auto col-md-auto">
<table class="table table-borderless"> <form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/servers/">
<form id="FormValidation" enctype="multipart/form-data" method="post" action="/api/v1/servers/"> <table class="table table-borderless">
<input type="hidden" name="_method" value="POST"> <input type="hidden" name="X-HTTP-Method-Override" value="POST">
<input type="hidden" name="_return" value="/servers?view=<?php echo $server_data['server_uuid'] ?>"> <input type="hidden" name="_return" value="/servers?view=<?php echo $server_data['server_uuid'] ?>">
<input type="hidden" name="server_vm_id" value="<?php echo $server_data['server_vm_id'] ?>"/> <input type="hidden" name="server_vm_id" value="<?php echo $server_data['server_vm_id'] ?>"/>
<tr> <tr>
@@ -213,6 +214,7 @@ $pageNavbar->outPutNavbar();
<div class="input-group"> <div class="input-group">
<label for="company_uuid"></label>
<select id="company_uuid" name="company_uuid" class="form-control"> <select id="company_uuid" name="company_uuid" class="form-control">
<option></option> <option></option>
<?php foreach ($companies as $company) { ?> <?php foreach ($companies as $company) { ?>
@@ -242,14 +244,14 @@ $pageNavbar->outPutNavbar();
<?php if ($API->checkPermissions('servers', 'RW', true)) { <?php if ($API->checkPermissions('servers', 'RW', true)) {
if ($server_data['server_state'] != 'deleted') { ?> if ($server_data['server_state'] != 'deleted') { ?>
<div class="input-group"> <div class="input-group">
<select id="server_state" class="form-control" onchange="this.name = this.value ? 'server_state' : '';"> <label for="server_state"></label>
<select id="server_state" class="form-control">
<option></option> <option></option>
<option <?php echo ($server_data['server_state'] == 'active') ? 'selected' : '' ?> value="active">Active</option> <option <?php echo ($server_data['server_state'] == 'active') ? 'selected' : '' ?> value="active">Active</option>
<option <?php echo ($server_data['server_state'] == 'trial') ? 'selected' : '' ?> value="trial">Trial</option> <option <?php echo ($server_data['server_state'] == 'trial') ? 'selected' : '' ?> value="trial">Trial</option>
<option <?php echo ($server_data['server_state'] == 'disabled') ? 'selected' : '' ?> value="disabled">Disabled</option> <option <?php echo ($server_data['server_state'] == 'disabled') ? 'selected' : '' ?> value="disabled">Disabled</option>
</select> </select>
</div> </div>
<?php } else { ?> <?php } else { ?>
<h4> <h4>
<?php echo ucfirst($server_data['server_state']) ?> <?php echo ucfirst($server_data['server_state']) ?>
@@ -285,8 +287,8 @@ $pageNavbar->outPutNavbar();
</td> </td>
</tr> </tr>
<?php } ?> <?php } ?>
</form> </table>
</table> </form>
</div> </div>
</div> </div>

View File

@@ -14,8 +14,8 @@ if (!$GLOBALS['modules_enabled']['servers']) {
# IDE Section # IDE Section
# Includes Section # Includes Section
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_servers.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_servers.php";
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/serverOverviewBuilder.php'); require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/serverOverviewBuilder.php";
# Check permissions # Check permissions
$API_servers = new API_servers(); $API_servers = new API_servers();
@@ -27,9 +27,9 @@ if (!$API_servers->checkPermissions('servers', 'RO', true)) {
# Page functions # Page functions
# JS Scripts to load for this page # JS Scripts to load for this page
$jsScriptLoadData['delete_confirmation'] = true; $jsScriptLoadData['/src/js/sentri/delete_confirmation.js'] = true;
$jsScriptLoadData['datatables'] = true; $jsScriptLoadData['/src/js/plugin/datatables/datatables.min.js'] = true;
$jsScriptLoadData['multiFilterSelectServers'] = true; $jsScriptLoadData['/src/js/sentri/multiFilterSelectServers.js'] = true;
# PageClasses Setup # PageClasses Setup
$serverOverview = new serverOverviewBuilder(); $serverOverview = new serverOverviewBuilder();
@@ -50,7 +50,8 @@ if (!isset($_GET['del'])) {
} }
} }
$servers_data = $API_servers->getServers(); $servers_data = $API_servers->getServers(true);
$serverOverview->servers = $servers_data; $serverOverview->servers = $servers_data;
$serverOverview->processServerData(); $serverOverview->processServerData();
if (!$GLOBALS['modules_enabled']['customers']) { if (!$GLOBALS['modules_enabled']['customers']) {
@@ -58,10 +59,8 @@ if (!$GLOBALS['modules_enabled']['customers']) {
} }
# Set breadcrumb data # Set breadcrumb data
array_push($GLOBALS['breadCrumbArray'], array('display' => __('permission'), 'href' => '/accesscontrol/#permissions')); $_SESSION['breadCrumbArray'][] = ['display' => __('permission'), 'href' => '/accesscontrol/#permissions'];
array_push($GLOBALS['breadCrumbArray'], array('display' => __('view'), 'href' => '')); $_SESSION['breadCrumbArray'][] = ['display' => __('view'), 'href' => ''];
# Start page output # Start page output
$serverOverview->serverOverviewOutPut(); $serverOverview->serverOverviewOutPut();
?>

View File

@@ -3,19 +3,19 @@
namespace bin\php\Classes; namespace bin\php\Classes;
class formBuilder class formBuilder
{ {
public $title; public string $title;
public $icon; public string $icon;
public $submitButton; public mixed $submitButton;
public $closeButton; public mixed $closeButton;
public $closeButtonLocation; public string $closeButtonLocation;
public $submitButtonColor; public string $submitButtonColor;
public $submitButtonText; public mixed $submitButtonText;
public $submitButtonIcon; public string $submitButtonIcon;
private $extraButtonsArray = array(); private array $extraButtonsArray = array();
public function __construct($title, $icon, $closeButtonLocation, $submitButton = true, $closeButton = true) public function __construct($title, $icon, $closeButtonLocation, $submitButton = true, $closeButton = true)
{ {
@@ -29,7 +29,7 @@ class formBuilder
$this->submitButtonIcon = $icon; $this->submitButtonIcon = $icon;
} }
public function startForm() public function startForm(): void
{ ?> { ?>
<div class="row"><div class="col-md-8 ms-auto me-auto"><div class="card"> <div class="row"><div class="col-md-8 ms-auto me-auto"><div class="card">
<div class="card-header"> <div class="card-header">
@@ -52,12 +52,12 @@ class formBuilder
# 'buttonColor' => 'success' # 'buttonColor' => 'success'
# ) > next array # ) > next array
public function addExtraButtons($extraButtonsArray) public function addExtraButtons($extraButtonsArray): bool
{ {
foreach ($extraButtonsArray as $numb => $extraButtonArray) { foreach ($extraButtonsArray as $extraButtonArray) {
if (is_array($extraButtonArray)) { if (is_array($extraButtonArray)) {
if (array_key_exists('buttonIcon', $extraButtonArray) && array_key_exists('buttonText', $extraButtonArray) && array_key_exists('buttonHref', $extraButtonArray) && array_key_exists('buttonColor', $extraButtonArray)) { if (array_key_exists('buttonIcon', $extraButtonArray) && array_key_exists('buttonText', $extraButtonArray) && array_key_exists('buttonHref', $extraButtonArray) && array_key_exists('buttonColor', $extraButtonArray)) {
array_push($this->extraButtonsArray, $extraButtonArray); $this->extraButtonsArray[] = $extraButtonArray;
return true; return true;
} }
} }
@@ -65,7 +65,7 @@ class formBuilder
return false; return false;
} }
public function formFooter() public function formFooter(): void
{ ?> { ?>
<div class="card-footer pt-3"> <div class="card-footer pt-3">
<div class="row"> <div class="row">
@@ -74,7 +74,7 @@ class formBuilder
<button type="submit" class="btn btn-<?php echo $this->submitButtonColor ?>"><?php echo $this->submitButtonIcon ?>&nbsp;<?php echo $this->submitButtonText ?></button>&nbsp; &nbsp; <button type="submit" class="btn btn-<?php echo $this->submitButtonColor ?>"><?php echo $this->submitButtonIcon ?>&nbsp;<?php echo $this->submitButtonText ?></button>&nbsp; &nbsp;
<?php } <?php }
foreach ($this->extraButtonsArray as $numb => $extraButtonArray) { ?> foreach ($this->extraButtonsArray as $extraButtonArray) { ?>
<a href="<?php echo $extraButtonArray['buttonHref'] ?>" class="btn btn-<?php echo $extraButtonArray['buttonColor'] ?>"><?php echo $extraButtonArray['buttonIcon'] ?>&nbsp;<?php echo $extraButtonArray['buttonText'] ?></a>&nbsp; &nbsp; <a href="<?php echo $extraButtonArray['buttonHref'] ?>" class="btn btn-<?php echo $extraButtonArray['buttonColor'] ?>"><?php echo $extraButtonArray['buttonIcon'] ?>&nbsp;<?php echo $extraButtonArray['buttonText'] ?></a>&nbsp; &nbsp;
<?php } <?php }

View File

@@ -1,68 +0,0 @@
<?php
namespace bin\php\Classes;
if (!defined('APP_INIT')) {
exit;
}
class healthCheck
{
public function __construct()
{
include_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/db_connect.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/globalFunctions.php';
}
public function healthCheck()
{
echo 'Checking and creating device data folders...';
if ($this->checkDeviceDataFolders()) {
echo 'Success creating device data folders';
} else {
echo 'something went wrong creating device data folders!';
}
}
private function checkDeviceDataFolders()
{
try {
$sql = "SELECT device_slugify FROM autop_devices";
$stmt = $GLOBALS['conn']->prepare($sql);
if ($stmt === false) {
throw new Exception("Failed to prepare the SQL statement: " . $GLOBALS['conn']->error);
}
if (!$stmt->execute()) {
throw new Exception("Failed to execute the SQL statement: " . $stmt->error);
}
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
$device_slugify = $row['device_slugify'];
$dirsToCreate = array(
$_SERVER['DOCUMENT_ROOT'] . "/data/devices/" . $device_slugify,
$_SERVER['DOCUMENT_ROOT'] . "/data/devices/" . $device_slugify . "/firmware",
$_SERVER['DOCUMENT_ROOT'] . "/data/devices/" . $device_slugify . "/documents"
);
foreach ($dirsToCreate as $dir) {
if (!file_exists($dir)) {
if (!mkdir($dir)) {
throw new Exception("Failed to create the directory: " . $dir);
}
}
}
}
$stmt->close();
} catch (Exception $e) {
return $e->getMessage();
}
return true;
}
}

View File

@@ -5,15 +5,13 @@ namespace bin\php\Classes;
use PHPMailer\PHPMailer\Exception; use PHPMailer\PHPMailer\Exception;
use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\PHPMailer;
require $_SERVER['DOCUMENT_ROOT'] . '/../vendor/autoload.php'; require_once "{$_SERVER['DOCUMENT_ROOT']}/../vendor/autoload.php";
class mailBuilder class mailBuilder
{ {
public $mail; public PHPMailer $mail;
public $subject; public string $subject;
public $mailText; public string $mailText;
private $portal_uuid;
function __construct() function __construct()
{ {
@@ -44,38 +42,44 @@ class mailBuilder
$this->mail->CharSet = 'UTF-8'; $this->mail->CharSet = 'UTF-8';
$this->mail->Encoding = 'base64'; $this->mail->Encoding = 'base64';
$this->mail->setFrom($mail_settings['mail_from_address'], $mail_settings['mail_from_name']); try {
$this->mail->setFrom($mail_settings['mail_from_address'], $mail_settings['mail_from_name']
);
} catch (Exception $e) {
error_log($e->getMessage());
}
} }
function addAddress($address, $name) function addAddress($address, $name): void
{
$this->mail->addAddress($address, $name);
}
function sendMail()
{ {
try { try {
$this->mail->isHTML(true); $this->mail->addAddress($address, $name);
} catch (Exception $e) {
error_log($e->getMessage());
}
}
function sendMail(): bool
{
try {
$this->mail->isHTML();
$this->mail->Subject = $this->subject; $this->mail->Subject = $this->subject;
$this->mail->Body = $this->mailHtmlBody(); $this->mail->Body = $this->mailHtmlBody();
$this->mail->send(); $this->mail->send();
return true; return true;
} catch (Exception $e) { } catch (Exception) {
return false; return false;
} }
} }
function mailHtmlBody() function mailHtmlBody(): array|false|string
{ {
$body = file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/src/html/mailBody.html'); $body = file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/src/html/mailBody.html');
$bodyText = $this->mailText; $bodyText = $this->mailText;
$body = str_replace('{{bodyText}}', $bodyText, $body); return str_replace('{{bodyText}}', $bodyText, $body);
return $body;
} }
} }

View File

@@ -8,14 +8,12 @@ if (!defined('APP_INIT')) {
use api\classes\API; use api\classes\API;
session_start(); require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API.php";
require_once($_SERVER['DOCUMENT_ROOT'] . '/api/classes/API.php'); class pageBuilder
class pageBuilder extends API
{ {
private $jsScriptLoadData; private array $jsScriptLoadData;
public function __construct() public function __construct()
{ {
@@ -40,16 +38,16 @@ class pageBuilder extends API
$this->figureOutContent(); $this->figureOutContent();
} }
private function figureOutContent() private function figureOutContent(): void
{ {
$requestUri = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); $requestUri = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
// Remove trailing slash, but only if its not the root "/" // Remove trailing slash, but only if its not the root "/"
if ($requestUri !== '/' && substr($requestUri, -1) === '/') { if ($requestUri !== '/' && str_ends_with($requestUri, '/')) {
$requestUri = rtrim($requestUri, '/'); $requestUri = rtrim($requestUri, '/');
} }
$GLOBALS['breadCrumbArray'] = array(array('display' => '<i class="fas fa-home"></i>', 'href' => '/')); $_SESSION['breadCrumbArray'] = array(array('display' => '<i class="fas fa-home"></i>', 'href' => '/'));
$GLOBALS['pageContentToShow']['pageName'] = '404'; $GLOBALS['pageContentToShow']['pageName'] = '404';
$GLOBALS['pageContentToShow']['pageFile'] = 'pageNotFound.php'; $GLOBALS['pageContentToShow']['pageFile'] = 'pageNotFound.php';
@@ -68,12 +66,12 @@ class pageBuilder extends API
} }
} }
public function buildPage() public function buildPage(): void
{ ?> { ?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<?php $this->pageHeadContent(); ?> <?php $this->pageHeadContent(); ?>
<body data-background-color="dark"> <body>
<div class="wrapper<?= (($_COOKIE['sidebarMinimized'] ?? '') === 'true' ? ' sidebar_minimize' : '') . (($_COOKIE['sidebarHovered'] ?? '') === 'true' ? ' sidebar_minimize_hover' : '') ?>"> <div class="wrapper<?= (($_COOKIE['sidebarMinimized'] ?? '') === 'true' ? ' sidebar_minimize' : '') . (($_COOKIE['sidebarHovered'] ?? '') === 'true' ? ' sidebar_minimize_hover' : '') ?>">
<?php $this->pageSidebarContent(); ?> <?php $this->pageSidebarContent(); ?>
<div class="main-panel"> <div class="main-panel">
@@ -85,7 +83,6 @@ class pageBuilder extends API
if (isset($jsScriptLoadData)) { if (isset($jsScriptLoadData)) {
$this->jsScriptLoadData = $jsScriptLoadData; $this->jsScriptLoadData = $jsScriptLoadData;
} }
?> ?>
</div> </div>
</div> </div>
@@ -97,8 +94,7 @@ class pageBuilder extends API
</html> </html>
<?php } <?php }
private private function pageHeadContent(): void
function pageHeadContent()
{ ?> { ?>
<head> <head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta http-equiv="content-type" content="text/html; charset=UTF-8">
@@ -112,117 +108,12 @@ class pageBuilder extends API
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
<link href="https://fonts.googleapis.com/css?family=Public+Sans:300,400,500,600,700|Quicksand:300,400,500,600,700&display=swap" rel="stylesheet"> <link href="https://fonts.googleapis.com/css?family=Public+Sans:300,400,500,600,700|Quicksand:300,400,500,600,700&display=swap" rel="stylesheet">
<style>
body {
min-height: 100vh;
}
.custom-avatar {
width: 50px; /* Desired width */
height: 50px; /* Desired height */
display: inline-block; /* Ensure it behaves like an inline block */
background-size: cover; /* Stretch to cover the element */
background-position: center; /* Center the background image */
background-repeat: no-repeat; /* Prevent repetition */
border-radius: 50%; /* Circular shape */
overflow: hidden; /* Ensure no overflow for a clean circular look */
}
.flag-bg[data-flag="gb"] {
background-image: url('https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/6.6.6/flags/4x3/gb.svg'); /* Greece */
}
.flag-bg[data-flag="nl"] {
background-image: url('https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/6.6.6/flags/4x3/nl.svg'); /* Greece */
}
.dataTables_filter {
width: 100%;
text-align: left;
position: relative;
}
.dataTables_filter label {
width: 100%;
height: 40px;
display: flex;
}
.dataTables_filter input {
height: 40px;
width: 100% !important; /* Make the input field full width */
box-sizing: border-box; /* Ensure padding doesn't exceed the width */
}
.dataTables_filter .fa-search {
position: absolute;
top: 12px;
left: auto;
right: 10px;
}
.dataTables_length label {
display: flex;
align-items: center;
height: 40px;
}
.dataTables_length label::before {
display: inline-block;
height: 40px;
padding-top: 10px; /* Move "Entries" down */
}
.dataTables_length select {
flex: 1; /* Allow the select field to take the remaining space */
max-width: 100%; /* Ensure it doesn't exceed the container */
margin-left: 10px; /* Optional spacing between "Entries" and the select */
}
/* Change the border color of the entire dropdown options container */
.select2-container--bootstrap .select2-dropdown {
border: 0 solid rgba(80, 80, 80, 0.19) !important; /* Light gray border */
border-radius: 0.25rem; /* Optional: Add a border radius to match Bootstrap styles */
}
/* Optional: Remove white edges inside the dropdown */
.select2-container--bootstrap .select2-results {
padding: 0; /* Remove any extra padding inside the dropdown */
}
/* Change background color of selected items in the dropdown */
.select2-container--bootstrap .select2-results__option {
background-color: #282828 !important; /* Light green background */
color: #d5c4a1 !important; /* Dark green text */
}
/* Optional: Change border color on hover */
.select2-container--bootstrap .select2-results__option:hover {
background-color: #346b42 !important; /* Light blue background */
color: #d5c4a1 !important; /* Dark green text */
}
/* Change background color of selected items in the dropdown */
.select2-container--bootstrap .select2-results__option[aria-selected="true"] {
background-color: #1a3522 !important; /* Light green background */
color: #d5c4a1 !important; /* Dark green text */
}
/* Optional: Change the background color when hovering over selected items */
.select2-container--bootstrap .select2-results__option[aria-selected="true"]:hover {
background-color: #346b42 !important; /* Slightly darker green */
color: #d5c4a1 !important;
}
/* Custom Slider switch (on/off button) */
</style>
<!-- CSS Files --> <!-- CSS Files -->
<link rel="stylesheet" href="/src/css/bootstrap.gruvbox.min.css"/> <link rel="stylesheet" href="/src/css/bootstrap.gruvbox.min.css"/> <!-- Basic bootstrap and theming -->
<link rel="stylesheet" href="/src/css/plugins.min.css"/> <link rel="stylesheet" href="/src/css/sentri.min.css"/> <!-- Special css tricks for Sentri -->
<link rel="stylesheet" href="/src/css/kaiadmin.gruvbox.dark.css"/> <link rel="stylesheet" href="/src/css/plugins.min.css"/> <!-- need this for scroll bars and other small things -->
<link rel="stylesheet" href="/src/js/plugin/sweetalert2/sweetalert2.min.css"/> <!-- need this for scroll bars and other small things -->
<!--<link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/css/flag-icons.min.css"/> --> <!--<link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/lipis/flag-icons@7.2.3/css/flag-icons.min.css"/> -->
@@ -232,54 +123,43 @@ class pageBuilder extends API
<link rel="shortcut icon" href="/src/images/favicon/favicon.ico"/> <link rel="shortcut icon" href="/src/images/favicon/favicon.ico"/>
<link rel="apple-touch-icon" sizes="180x180" href="/src/images/favicon/apple-touch-icon.png"/> <link rel="apple-touch-icon" sizes="180x180" href="/src/images/favicon/apple-touch-icon.png"/>
<link rel="manifest" href="/src/images/favicon/site.webmanifest"/> <link rel="manifest" href="/src/images/favicon/site.webmanifest"/>
<style>
.fade-in {
opacity: 0;
transition: opacity 0.3s ease, transform 0.3s ease;
}
.fade-in.show {
opacity: 1;
transform: scale(1);
}
.transition-opacity {
transition: opacity 0.3s ease;
}
</style>
</head> </head>
<?php } <?php }
private function pageSidebarContent() private function pageSidebarContent(): void
{ {
$API = new API(); $API = new API();
function showSpan($module_name) function showSpan($module_name): void
{ {
?> ?>
<li class="nav-section"> <li class="nav-section">
<h4 class="text-section"><?php echo $module_name ?></h4> <span class="sidebar-mini-icon my-3">
>
</span>
<h4 class="text-section">
<i class="fa-solid fa-cubes"></i> <?php echo $module_name ?>
</h4>
</li> </li>
<?php } <?php }
function showPage($module_name, $page_name) function showPage($module_name, $page_name): void
{ {
$page = $GLOBALS['pages'][$module_name][$page_name]; $page = $GLOBALS['pages'][$module_name][$page_name];
?> ?>
<li class="nav-item <?php echo($_SERVER['REQUEST_URI'] == $page['page_url'] ? 'active' : '') ?>"> <li class="nav-item <?php echo($_SERVER['REQUEST_URI'] == $page['page_url'] ? 'active' : '') ?>">
<a href="<?php echo $page['page_url'] ?>"> <a href="<?php echo $page['page_url'] ?>">
<i class="<?php echo $page['page_icon'] ?>"></i> <?php echo __($page['page_name']) ?> <i class="<?php echo $page['page_icon'] ?>"></i>
<span><?php echo __($page['page_name']) ?></span>
</a> </a>
</li> </li>
<?php } ?> <?php } ?>
<div class="sidebar" data-background-color="dark"> <div class="sidebar">
<div class="sidebar-logo"> <div class="sidebar-logo">
<div class="logo-header" data-background-color="dark2"> <div class="logo-header">
<a href="/" class="logo"> <a href="/" class="logo">
<img src="/src/images/logo-sidebar-dark.webp" alt="navbar brand" class="navbar-brand" height="50"/> <img src="/src/images/logo-sidebar-dark.webp" alt="navbar brand" class="navbar-brand" height="60"/>
</a> </a>
<div class="nav-toggle"> <div class="nav-toggle">
<button class="btn btn-toggle toggle-sidebar"> <button class="btn btn-toggle toggle-sidebar">
@@ -296,12 +176,12 @@ class pageBuilder extends API
</div> </div>
<div class="sidebar-wrapper scrollbar scrollbar-inner"> <div class="sidebar-wrapper scrollbar scrollbar-inner">
<div class="sidebar-content"> <div class="sidebar-content">
<ul class="nav nav-secondary"> <ul class="nav nav-warning">
<?php <?php
showPage('portal-management', 'dashboard'); showPage('portal-management', 'dashboard');
if ($GLOBALS['modules_enabled']['office'] && $API->checkPermissions('ofice-stompjes', 'RO', true)) { if ($GLOBALS['modules_enabled']['office'] && $API->checkPermissions('office-stompjes', 'RO', true)) {
showSpan('office'); showSpan('office');
showPage('office', 'stompjeslist'); showPage('office', 'stompjeslist');
} }
@@ -337,16 +217,15 @@ class pageBuilder extends API
<?php <?php
} }
private private function pageNavbarContent(): void
function pageNavbarContent()
{ {
?> ?>
<div class="main-header"> <div class="main-header">
<div class="main-header-logo"> <div class="main-header-logo">
<!-- Logo Header --> <!-- Logo Header -->
<div class="logo-header" data-background-color="dark2"> <div class="logo-header">
<a href="/" class="logo"> <a href="/" class="logo">
<img src="/src/images/logo-sidebar-dark.webp" alt="navbar brand" class="navbar-brand" height="50"/> <img src="/src/images/logo-sidebar-dark.webp" alt="navbar brand" class="navbar-brand" height="60"/>
</a> </a>
<div class="nav-toggle"> <div class="nav-toggle">
<button class="btn btn-toggle toggle-sidebar"> <button class="btn btn-toggle toggle-sidebar">
@@ -363,7 +242,7 @@ class pageBuilder extends API
<!-- End Logo Header --> <!-- End Logo Header -->
</div> </div>
<!-- Navbar Header --> <!-- Navbar Header -->
<nav class="navbar navbar-header navbar-header-transparent navbar-expand-lg border-bottom" data-background-color="dark2"> <nav class="navbar navbar-header navbar-header-transparent navbar-expand-lg border-bottom">
<div class="container-fluid"> <div class="container-fluid">
<ul class="navbar-nav topbar-nav ms-md-auto align-items-center"> <ul class="navbar-nav topbar-nav ms-md-auto align-items-center">
<li class="nav-item topbar-icon dropdown hidden-caret d-flex d-lg-none"></li> <li class="nav-item topbar-icon dropdown hidden-caret d-flex d-lg-none"></li>
@@ -376,37 +255,34 @@ class pageBuilder extends API
<span class="op-7"> <?php echo __('hi') ?>,&nbsp;</span> <span class="op-7"> <?php echo __('hi') ?>,&nbsp;</span>
<span class="fw-bold"><?php echo $_SESSION['user']['user_first_name'] ?></span> <span class="fw-bold"><?php echo $_SESSION['user']['user_first_name'] ?></span>
</a> </a>
<ul class="dropdown-menu dropdown-user animated fadeIn"> <ul class="dropdown-menu dropdown-user animated fadeIn">
<div class="dropdown-user-scroll scrollbar-outer"> <li>
<li> <div class="user-box">
<div class="user-box"> <div class="avatar-lg">
<div class="avatar-lg"> <img src="<?php echo(($_SESSION['user']['user_profile_picture_thumbnail'] != null) ? 'data:image/png;base64, ' . $_SESSION['user']['user_profile_picture_thumbnail'] : '/src/images/user-avatar-default-small.png') ?>" alt="image profile" class="avatar-img rounded">
<img src="<?php echo(($_SESSION['user']['user_profile_picture_thumbnail'] != null) ? 'data:image/png;base64, ' . $_SESSION['user']['user_profile_picture_thumbnail'] : '/src/images/user-avatar-default-small.png') ?>" alt="image profile" class="avatar-img rounded">
</div>
<div class="u-text">
<h4><?php echo $_SESSION['user']['user_email'] ?></h4>
<p class="text-muted"><?php echo $_SESSION['user']['user_email'] ?></p>
</div>
</div> </div>
</li> <div class="u-text">
<li> <h4><?php echo $_SESSION['user']['user_email'] ?></h4>
<?php <p class="text-muted"><?php echo $_SESSION['user']['user_email'] ?></p>
if ($_SESSION['user']['user_group_type'] == 'user' || $_SESSION['user']['user_group_type'] == 'admin') { ?> </div>
<a class="dropdown-item" href="/userprofile/"><i class="fa-solid fa-address-card"></i> <?php echo __('user_profile') ?> </div>
</a> </li>
<div class="dropdown-divider"></div> <li>
<?php } else { ?> <?php
<div class="dropdown-divider"></div> if ($_SESSION['user']['user_group_type'] == 'user' || $_SESSION['user']['user_group_type'] == 'admin') { ?>
<?php } ?> <a class="dropdown-item" href="/userprofile/"><i class="fa-solid fa-address-card"></i> <?php echo __('user_profile') ?>
<form id="logoutform" class="form-inline logoutform" action="/login/logout.php" method="POST"> </a>
<input type="hidden" name="logout"> <div class="dropdown-divider"></div>
<a class="dropdown-item" href="#" onclick="document.getElementById('logoutform').submit()"> <?php } else { ?>
<i class="fas fa-sign-out-alt"></i> <?php echo __('logout') ?> <div class="dropdown-divider"></div>
</a> <?php } ?>
</form> <form id="logoutform" class="form-inline logoutform" action="/login/logout.php" method="POST">
</li> <input type="hidden" name="logout">
</div> <button type="submit" form="logoutform" class="dropdown-item">
<i class="fas fa-sign-out-alt"></i> Logout
</button>
</form>
</li>
</ul> </ul>
</li> </li>
</ul> </ul>
@@ -416,21 +292,20 @@ class pageBuilder extends API
</div> </div>
<?php } <?php }
private private function pageFooterContent(): void
function pageFooterContent()
{ ?> { ?>
<footer class="footer py-2"> <footer class="footer py-2">
<div class="container-fluid d-flex justify-content-between"> <div class="container-fluid d-flex justify-content-between">
<nav class="pull-left"> <nav class="pull-left">
<ul class="nav"> <ul class="nav">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" href="https://docs.sentri.mooij.me" target="_blank"><i class="far fa-question-circle"></i> Help</a> <a class="nav-link" href="https://docs.sentri.mooij.me" target="_blank"><i class="far fa-question-circle"></i> Docs</a>
</li> </li>
</ul> </ul>
</nav> </nav>
<div class="copyright"> <div class="copyright">
<?php echo __('version') ?> <?php echo __('version') ?>
<a href="/changelog/">1.2</a> <a class="text-primary" href="/changelog/">1.2.4</a>
</div> </div>
<div> <div>
<span class="navbar-text">Sentri</span> <span class="navbar-text">Sentri</span>
@@ -439,14 +314,16 @@ class pageBuilder extends API
</footer> </footer>
<?php } <?php }
private private function pageScriptContents(): void
function pageScriptContents()
{ ?> { ?>
<!-- always load these --> <!-- always load these -->
<script src="/src/js/core/jquery-3.7.1.min.js"></script> <script src="/src/js/core/jquery-3.7.1.min.js"></script>
<script src="/src/js/core/popper.min.js"></script> <script src="/src/js/core/popper.min.js"></script>
<script src="/src/js/core/bootstrap.min.js"></script> <script src="/src/js/core/bootstrap.min.js"></script>
<!-- Load the locales in js -->
<script src="/src/js/i18n-loader.js"></script>
<!-- Bootstrap Notify --> <!-- Bootstrap Notify -->
<script src="/src/js/plugin/bootstrap-notify/bootstrap-notify.min.js"></script> <script src="/src/js/plugin/bootstrap-notify/bootstrap-notify.min.js"></script>
@@ -459,60 +336,37 @@ class pageBuilder extends API
<!-- jQuery Scrollbar --> <!-- jQuery Scrollbar -->
<script src="/src/js/plugin/jquery-scrollbar/jquery.scrollbar.min.js"></script> <script src="/src/js/plugin/jquery-scrollbar/jquery.scrollbar.min.js"></script>
<!-- Load Other Js scripts -->
<!-- Chart JS
<script src="/src/js/plugin/chart.js/chart.min.js"></script>
-->
<!-- jQuery Sparkline
<script src="/src/js/plugin/jquery.sparkline/jquery.sparkline.min.js"></script>
-->
<!-- Chart Circle
<script src="/src/js/plugin/chart-circle/circles.min.js"></script>
-->
<!-- jQuery Vector Maps
<script src="/src/js/plugin/jsvectormap/jsvectormap.min.js"></script>
<script src="/src/js/plugin/jsvectormap/world.js"></script>
-->
<?php <?php
if (isset($this->jsScriptLoadData)) {
foreach ($this->jsScriptLoadData as $key => $script) {
if ($key === 'form') { ?>
<script src="/src/js/plugin/select2/select2.full.min.js"></script><!-- Bootstrap Tagsinput -->
<script src="/src/js/plugin/bootstrap-tagsinput/bootstrap-tagsinput.min.js"></script><!-- jQuery Moment.JS -->
<script src="/src/js/plugin/moment/moment.min.js"></script><!-- Bootstrap datetimepicker -->
<script src="/src/js/plugin/bootstrap-datetimepicker/bootstrap-datetimepicker.min.js"></script><!-- validate forms -->
<script src="/src/js/plugin/jquery.validate/jquery.validate.min.js"></script><!-- dropzone -->
<script src="/src/js/plugin/dropzone/dropzone.min.js"></script>
<script src="/src/js/sentri/form.js"></script>
<?php } elseif ($key === 'codeblocks') { ?>
<link rel="stylesheet" href="/src/css/prism.css">
<script src="https://cdn.jsdelivr.net/npm/prismjs/prism.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/prismjs/components/prism-json.min.js"></script>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/prismjs/plugins/toolbar/prism-toolbar.css">
<script src="https://cdn.jsdelivr.net/npm/prismjs/plugins/toolbar/prism-toolbar.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/prismjs/plugins/copy-to-clipboard/prism-copy-to-clipboard.min.js"></script>
<?php } elseif ($key === 'datepicker') { ?>
<script src="/src/js/plugin/moment/moment.min.js"></script>
<script src="/src/js/plugin/datepicker/bootstrap-datetimepicker.min.js"></script>
<script src="/src/js/sentri/datepicker.js"></script>
<?php } else { ?>
<script src="<?php echo $key ?>"></script>
<?php } ?><?php }
}
# keeps refreshing the timeZoneCookie # keeps refreshing the timeZoneCookie
setTimeZoneCookie(); setTimeZoneCookie();
if (isset($this->jsScriptLoadData)) {
include_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/jsScripts.php';
}
# process response from actions
if (isset($_SESSION['response'])) {
$ar = json_decode($_SESSION['response']);
$type = key($ar);
$text = reset($ar);
$title = $type;
if ($type == 'error') {
$type = 'danger';
}
unset($_SESSION['response']) ?>
<script>
var content = {};
content.message = '<?php echo __($text) ?>';
content.title = '<?php echo ucfirst($title) ?>';
content.icon = "fa fa-bell";
$.notify(content, {
type: '<?php echo $type ?>',
placement: {
from: 'top',
align: 'right',
},
time: 10,
delay: 3,
});
$('#multiple').select2({
theme: "bootstrap"
});
</script>
<?php }
} }
} }

View File

@@ -7,8 +7,9 @@ if (!defined('APP_INIT')) {
class pageNavbar class pageNavbar
{ {
public $breadCrumb; public bool $breadCrumb;
private $buttons = array(); private array $buttons = array();
private string $title;
public function __construct($showBreadCrumb, $title = false) public function __construct($showBreadCrumb, $title = false)
{ {
@@ -16,18 +17,18 @@ class pageNavbar
$this->title = $title; $this->title = $title;
} }
public function AddHTMLButton($html) public function AddHTMLButton($html): void
{ {
array_push($this->buttons, $html); $this->buttons[] = $html;
} }
public function outPutNavbar() public function outPutNavbar(): void
{ {
?> ?>
<div class="row"> <div class="row">
<div class="col d-flex justify-content-start"> <div class="col d-flex justify-content-start">
<?php if ($this->breadCrumb) { ?> <?php if ($this->breadCrumb) { ?>
<div class="pb-2" id="breadCrumb"></div> <div class="pb-2" id="breadCrumb">&nbsp;</div>
<?php } elseif ($this->title) { ?> <?php } elseif ($this->title) { ?>
<h2 class="px-4 mb-0"><?php echo $this->title ?></h2> <h2 class="px-4 mb-0"><?php echo $this->title ?></h2>
<?php } else { ?> <?php } else { ?>

View File

@@ -26,6 +26,7 @@ class serverOverviewBuilder
'server_licenses' => false, 'server_licenses' => false,
'server_backup' => false, 'server_backup' => false,
'server_description' => false, 'server_description' => false,
'server_modified_timestamp' => false,
); );
public array $allBackupTypes = []; public array $allBackupTypes = [];
@@ -36,7 +37,7 @@ class serverOverviewBuilder
public bool $showCompanies = true; public bool $showCompanies = true;
public function processServerData() public function processServerData(): void
{ {
foreach ($this->servers as $server) { foreach ($this->servers as $server) {
if (!empty($server['server_backup'])) { if (!empty($server['server_backup'])) {
@@ -83,10 +84,11 @@ class serverOverviewBuilder
$this->showColumns['server_memory_demand'] = true; $this->showColumns['server_memory_demand'] = true;
$this->showColumns['server_disks'] = true; $this->showColumns['server_disks'] = true;
$this->showColumns['server_state'] = true; $this->showColumns['server_state'] = true;
$this->showColumns['server_modified_timestamp'] = true;
} }
} }
private function cleanNumber($num) private function cleanNumber($num): string
{ {
// If integer value, return without formatting // If integer value, return without formatting
if (floor($num) == $num) { if (floor($num) == $num) {
@@ -97,7 +99,7 @@ class serverOverviewBuilder
return rtrim(rtrim(number_format($num, 10, '.', ''), '0'), '.'); return rtrim(rtrim(number_format($num, 10, '.', ''), '0'), '.');
} }
public function serverOverviewOutPut() public function serverOverviewOutPut(): void
{ ?> { ?>
<div class="form-group form-show-validation row mb-3"> <div class="form-group form-show-validation row mb-3">
<?php if ($this->showServerOverviewTitle) { ?> <?php if ($this->showServerOverviewTitle) { ?>
@@ -171,6 +173,10 @@ class serverOverviewBuilder
<input type="checkbox" name="value" value="server_power_state" class="selectgroup-input" <?php echo($this->showColumns['server_power_state'] ? 'checked=""' : '') ?>> <input type="checkbox" name="value" value="server_power_state" class="selectgroup-input" <?php echo($this->showColumns['server_power_state'] ? 'checked=""' : '') ?>>
<span class="selectgroup-button"><?php echo __('server_power_state') ?></span> <span class="selectgroup-button"><?php echo __('server_power_state') ?></span>
</label> </label>
<label class="selectgroup-item">
<input type="checkbox" name="value" value="server_modified_timestamp" class="selectgroup-input" <?php echo($this->showColumns['server_modified_timestamp'] ? 'checked=""' : '') ?>>
<span class="selectgroup-button"><?php echo __('last_modified_date') ?></span>
</label>
<label class="selectgroup-item"> <label class="selectgroup-item">
<input type="checkbox" name="value" value="server_description" class="selectgroup-input" <?php echo($this->showColumns['server_description'] ? 'checked=""' : '') ?>> <input type="checkbox" name="value" value="server_description" class="selectgroup-input" <?php echo($this->showColumns['server_description'] ? 'checked=""' : '') ?>>
<span class="selectgroup-button"><?php echo __('description') ?></span> <span class="selectgroup-button"><?php echo __('description') ?></span>
@@ -232,6 +238,7 @@ class serverOverviewBuilder
<?php } <?php }
?> ?>
<th data-column="server_power_state"><?php echo __('server_power_state') ?></th> <th data-column="server_power_state"><?php echo __('server_power_state') ?></th>
<th data-column="last_modified_date"><?php echo __('last_modified_date') ?></th>
<th data-column="server_description"><?php echo __('description') ?></th> <th data-column="server_description"><?php echo __('description') ?></th>
<th data-column="action"> <th data-column="action">
<?php echo __('action') ?> <?php echo __('action') ?>
@@ -280,10 +287,10 @@ class serverOverviewBuilder
} }
if (is_null($server['server_vm_host_name'])) { if (is_null($server['server_hostname'])) {
$hostname = $server['server_hostname'];
} else {
$hostname = $server['server_vm_host_name']; $hostname = $server['server_vm_host_name'];
} else {
$hostname = $server['server_hostname'];
} }
$mem = isset($server['server_memory']) ? (float)$server['server_memory'] : 0; $mem = isset($server['server_memory']) ? (float)$server['server_memory'] : 0;
@@ -308,7 +315,7 @@ class serverOverviewBuilder
$mem_demand_text_color = 'success'; $mem_demand_text_color = 'success';
} }
if ($mem_percent_numb > 89) { if ($mem_percent_numb > 89) {
$mem_demand_text_color = 'secondary'; $mem_demand_text_color = 'warning';
} }
if ($mem_percent_numb > 99) { if ($mem_percent_numb > 99) {
$mem_demand_text_color = 'danger'; $mem_demand_text_color = 'danger';
@@ -385,6 +392,8 @@ class serverOverviewBuilder
$server_state_color = returnServerStateColor($server['server_state']); $server_state_color = returnServerStateColor($server['server_state']);
$server_modified_timestamp = ($server['server_modified_timestamp']) ? date('Y-m-d H:i:s', $server['server_modified_timestamp']) : __('never');
?> ?>
<tr data-item-id="<?php echo $server['server_uuid'] ?>"> <tr data-item-id="<?php echo $server['server_uuid'] ?>">
@@ -424,7 +433,7 @@ class serverOverviewBuilder
} }
} }
?> ?>
data-sort="<?php echo htmlspecialchars($sortValue); ?>" data-filter="<?php echo htmlspecialchars($filterValue); ?>"> data-sort="<?php echo htmlspecialchars($sortValue); ?>" data-filter="<?php echo htmlspecialchars($filterValue); ?>">
<?php <?php
if (!empty($sortValue)) { if (!empty($sortValue)) {
if (count($sizes) === 1) { if (count($sizes) === 1) {
@@ -465,6 +474,9 @@ class serverOverviewBuilder
echo '<i class="fa-solid text-success fa-toggle-on"></i>'; echo '<i class="fa-solid text-success fa-toggle-on"></i>';
} ?> } ?>
</td> </td>
<td data-column="server_modified_timestamp" class="text-nowrap" data-sort="<?php echo $server['server_modified_timestamp']; ?>" data-filter="<?php echo $server_modified_timestamp; ?>">
<?php echo $server_modified_timestamp; ?>
</td>
<td data-column="server_description" class="text-nowrap" data-sort="<?php echo htmlspecialchars($server['server_description']); ?>" data-filter="<?php echo $server['server_description']; ?>"> <td data-column="server_description" class="text-nowrap" data-sort="<?php echo htmlspecialchars($server['server_description']); ?>" data-filter="<?php echo $server['server_description']; ?>">
<?php echo $server['server_description']; ?> <?php echo $server['server_description']; ?>
</td> </td>

View File

@@ -1,13 +1,5 @@
<?php <?php
function setResponse($type, $text) function checkIfUser(): bool
{
$value = json_encode([$type => $text]);
$_SESSION['response'] = $value;
header('location: ' . $_SERVER['HTTP_REFERER']);
exit;
}
function checkIfUser()
{ {
if ($_SESSION['user']['user_group_type'] == 'user') { if ($_SESSION['user']['user_group_type'] == 'user') {
return true; return true;
@@ -19,25 +11,31 @@ function checkIfUser()
function showTime($timestamp) function showTime($timestamp)
{ {
if (empty($timestamp)) { if (empty($timestamp)) {
echo __('never'); return __('never');
return;
} }
$dt = new DateTime("@$timestamp"); try {
$dt->setTimezone(new DateTimeZone($_SESSION['user']['user_timezone'])); $dt = new DateTime("@$timestamp");
echo $dt->format('Y-m-d H:i:s'); $timezone = $_SESSION['user']['user_timezone'] ?? 'UTC';
$dt->setTimezone(new DateTimeZone($timezone));
return $dt->format('Y-m-d H:i:s');
} catch (DateInvalidTimeZoneException) {
return __('invalid_date');
}
} }
function human_filesize($bytes, $decimals = 2) function human_filesize($bytes, $decimals = 2): string
{ {
$sizes = ['B', 'K', 'M', 'G', 'T', 'P']; // Array instead of string $sizes = ['B', 'K', 'M', 'G', 'T', 'P']; // Array instead of string
$factor = floor((strlen($bytes) - 1) / 3); $factor = floor((strlen($bytes) - 1) / 3);
return sprintf("%.{$decimals}f", $bytes / pow(1024, $factor)) . $sizes[$factor]; return sprintf("%.{$decimals}f", $bytes / pow(1024, $factor)) . $sizes[$factor];
} }
function retrieveAvailableLocales() function retrieveAvailableLocales(): array
{ {
$availableLocales = array(); $availableLocales = array();
$localeDir = $_SERVER['DOCUMENT_ROOT'] . "/bin/locales/"; $localeDir = $_SERVER['DOCUMENT_ROOT'] . "/bin/locales/";
@@ -58,10 +56,7 @@ function getPreferredLocale()
$availableLocales = retrieveAvailableLocales(); $availableLocales = retrieveAvailableLocales();
$defaultLocale = 'en'; $defaultLocale = 'en';
$selectedLocale = in_array($_SESSION['user']['user_pref_language'], $availableLocales) return in_array($_SESSION['user']['user_pref_language'], $availableLocales) ? $_SESSION['user']['user_pref_language'] : $defaultLocale;
? $_SESSION['user']['user_pref_language']
: $defaultLocale;
return $selectedLocale;
} }
function __(string $key, array $replacements = []) function __(string $key, array $replacements = [])
@@ -72,13 +67,13 @@ function __(string $key, array $replacements = [])
// Replace placeholders with dynamic values // Replace placeholders with dynamic values
foreach ($replacements as $placeholder => $value) { foreach ($replacements as $placeholder => $value) {
$translation = str_replace(":{$placeholder}", $value, $translation); $translation = str_replace(":$placeholder", $value, $translation);
} }
return $translation; return $translation;
} }
function get_enabled_platforms($conn) function get_enabled_platforms($conn): array
{ {
$platforms_enabled = []; $platforms_enabled = [];
$query = "SELECT * FROM autop_platforms WHERE platform_enabled = 1"; $query = "SELECT * FROM autop_platforms WHERE platform_enabled = 1";
@@ -98,7 +93,7 @@ function get_enabled_platforms($conn)
return $platforms_enabled; return $platforms_enabled;
} }
function getEnabledModules() function getEnabledModules(): array
{ {
$modules_enabled = []; $modules_enabled = [];
$query = "SELECT * FROM system_modules"; $query = "SELECT * FROM system_modules";
@@ -116,14 +111,14 @@ function getEnabledModules()
} }
function returnServerStateColor($serverState) function returnServerStateColor($serverState): string
{ {
$server_state_color = 'secondary'; $server_state_color = 'secondary';
if (strlen($serverState) > 0) { if (strlen($serverState) > 0) {
$server_state = ucfirst($serverState); $server_state = ucfirst($serverState);
switch ($server_state) { switch ($server_state) {
case 'New': case 'New':
$server_state_color = 'secondary'; $server_state_color = 'warning';
break; break;
case 'Deleted': case 'Deleted':
$server_state_color = 'danger'; $server_state_color = 'danger';

Some files were not shown because too many files have changed in this diff Show More