User updated, tcp helper, functions updated

This commit is contained in:
Diego Najar 2017-06-28 00:31:40 +02:00
parent c28688dd6e
commit 5f3ec04f46
31 changed files with 412 additions and 170 deletions

View File

@ -4,88 +4,6 @@
// Functions // Functions
// ============================================================================ // ============================================================================
function disableUser($username) {
global $dbUsers;
global $Language;
global $Login;
// The editors can't disable users
if($Login->role()!=='admin') {
return false;
}
if( $dbUsers->disableUser($username) ) {
// Add to syslog
$Syslog->add(array(
'dictionaryKey'=>'user-disabled',
'notes'=>$username
));
// Create an alert
Alert::set($Language->g('The changes have been saved'));
}
return true;
}
function editUser($args)
{
global $dbUsers;
global $Language;
if( $dbUsers->set($args) ) {
// Add to syslog
$Syslog->add(array(
'dictionaryKey'=>'user-edited',
'notes'=>$args['username']
));
// Create an alert
Alert::set($Language->g('The changes have been saved'));
}
return true;
}
function deleteUser($args, $deleteContent=false)
{
global $dbUsers;
global $dbPosts;
global $Language;
global $Login;
// The user admin cannot be deleted.
if($args['username']=='admin') {
return false;
}
// The editors cannot delete users.
if($Login->role()!=='admin') {
return false;
}
if($deleteContent) {
$dbPosts->deletePostsByUser($args['username']);
}
else {
$dbPosts->linkPostsToUser($args['username'], 'admin');
}
if( $dbUsers->delete($args['username']) ) {
// Add to syslog
$Syslog->add(array(
'dictionaryKey'=>'user-deleted',
'notes'=>$args['username']
));
// Create an alert
Alert::set($Language->g('User deleted'));
}
return true;
}
// ============================================================================ // ============================================================================
// Main before POST // Main before POST
// ============================================================================ // ============================================================================
@ -96,18 +14,17 @@ function deleteUser($args, $deleteContent=false)
if( $_SERVER['REQUEST_METHOD'] == 'POST' ) if( $_SERVER['REQUEST_METHOD'] == 'POST' )
{ {
// Prevent editors to administrate other users. // Prevent non-administrators to change other users
if($Login->role()!=='admin') if($Login->role()!=='admin') {
{
$_POST['username'] = $Login->username(); $_POST['username'] = $Login->username();
unset($_POST['role']); unset($_POST['role']);
} }
if(isset($_POST['delete-user-all'])) { if(isset($_POST['delete-user-all'])) {
deleteUser($_POST, true); deleteUser($_POST, $deleteContent=true);
} }
elseif(isset($_POST['delete-user-associate'])) { elseif(isset($_POST['delete-user-associate'])) {
deleteUser($_POST, false); deleteUser($_POST, $deleteContent=false);
} }
elseif(isset($_POST['disable-user'])) { elseif(isset($_POST['disable-user'])) {
disableUser($_POST['username']); disableUser($_POST['username']);
@ -115,19 +32,22 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' )
else { else {
editUser($_POST); editUser($_POST);
} }
Alert::set($Language->g('The changes have been saved'));
} }
// ============================================================================ // ============================================================================
// Main after POST // Main after POST
// ============================================================================ // ============================================================================
// Prevent non-administrators to change other users
if($Login->role()!=='admin') { if($Login->role()!=='admin') {
$layout['parameters'] = $Login->username(); $layout['parameters'] = $Login->username();
} }
$_User = $dbUsers->getUser($layout['parameters']); $User = $dbUsers->getUser($layout['parameters']);
// If the user doesn't exist, redirect to the users list. // If the user doesn't exist, redirect to the users list.
if($_User===false) { if($User===false) {
Redirect::page('users'); Redirect::page('users');
} }

View File

@ -16,7 +16,7 @@ HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal
// Security token // Security token
HTML::formInputHidden(array( HTML::formInputHidden(array(
'name'=>'username', 'name'=>'username',
'value'=>$_User->username() 'value'=>$User->username()
)); ));
HTML::legend(array('value'=>$L->g('Profile'), 'class'=>'first-child')); HTML::legend(array('value'=>$L->g('Profile'), 'class'=>'first-child'));
@ -24,7 +24,7 @@ HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'usernameDisable', 'name'=>'usernameDisable',
'label'=>$L->g('Username'), 'label'=>$L->g('Username'),
'value'=>$_User->username(), 'value'=>$User->username(),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'disabled'=>true, 'disabled'=>true,
'tip'=>'' 'tip'=>''
@ -33,7 +33,7 @@ HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'firstName', 'name'=>'firstName',
'label'=>$L->g('First name'), 'label'=>$L->g('First name'),
'value'=>$_User->firstName(), 'value'=>$User->firstName(),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>'' 'tip'=>''
)); ));
@ -41,7 +41,7 @@ HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'lastName', 'name'=>'lastName',
'label'=>$L->g('Last name'), 'label'=>$L->g('Last name'),
'value'=>$_User->lastName(), 'value'=>$User->lastName(),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>'' 'tip'=>''
)); ));
@ -49,7 +49,7 @@ HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal
echo '<div class="uk-form-row"> echo '<div class="uk-form-row">
<label class="uk-form-label">'.$L->g('password').'</label> <label class="uk-form-label">'.$L->g('password').'</label>
<div class="uk-form-controls"> <div class="uk-form-controls">
<a href="'.HTML_PATH_ADMIN_ROOT.'user-password/'.$_User->username().'">'.$L->g('Change password').'</a> <a href="'.HTML_PATH_ADMIN_ROOT.'user-password/'.$User->username().'">'.$L->g('Change password').'</a>
</div> </div>
</div>'; </div>';
@ -59,7 +59,7 @@ if($Login->role()==='admin') {
'name'=>'role', 'name'=>'role',
'label'=>$L->g('Role'), 'label'=>$L->g('Role'),
'options'=>array('editor'=>$L->g('Editor'), 'admin'=>$L->g('Administrator')), 'options'=>array('editor'=>$L->g('Editor'), 'admin'=>$L->g('Administrator')),
'selected'=>$_User->role(), 'selected'=>$User->role(),
'tip'=>'' 'tip'=>''
)); ));
@ -68,7 +68,7 @@ if($Login->role()==='admin') {
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'email', 'name'=>'email',
'label'=>$L->g('Email'), 'label'=>$L->g('Email'),
'value'=>$_User->email(), 'value'=>$User->email(),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>$L->g('email-will-not-be-publicly-displayed') 'tip'=>$L->g('email-will-not-be-publicly-displayed')
)); ));
@ -78,7 +78,7 @@ if($Login->role()==='admin') {
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'twitter', 'name'=>'twitter',
'label'=>'Twitter', 'label'=>'Twitter',
'value'=>$_User->twitter(), 'value'=>$User->twitter(),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>'' 'tip'=>''
)); ));
@ -86,7 +86,7 @@ if($Login->role()==='admin') {
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'facebook', 'name'=>'facebook',
'label'=>'Facebook', 'label'=>'Facebook',
'value'=>$_User->facebook(), 'value'=>$User->facebook(),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>'' 'tip'=>''
)); ));
@ -94,7 +94,7 @@ if($Login->role()==='admin') {
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'googlePlus', 'name'=>'googlePlus',
'label'=>'Google+', 'label'=>'Google+',
'value'=>$_User->googlePlus(), 'value'=>$User->googlePlus(),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>'' 'tip'=>''
)); ));
@ -102,7 +102,7 @@ if($Login->role()==='admin') {
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'instagram', 'name'=>'instagram',
'label'=>'Instagram', 'label'=>'Instagram',
'value'=>$_User->instagram(), 'value'=>$User->instagram(),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>'' 'tip'=>''
)); ));
@ -119,13 +119,13 @@ if($Login->role()==='admin') {
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'status', 'name'=>'status',
'label'=>$L->g('сurrent status'), 'label'=>$L->g('сurrent status'),
'value'=>$_User->enabled()?$L->g('Enabled'):$L->g('Disabled'), 'value'=>$User->enabled()?$L->g('Enabled'):$L->g('Disabled'),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'disabled'=>true, 'disabled'=>true,
'tip'=>$_User->enabled()?'':$L->g('To enable the user you have to set a new password') 'tip'=>$User->enabled()?'':$L->g('To enable the user you have to set a new password')
)); ));
if( $_User->enabled() ) { if( $User->enabled() ) {
echo '<div class="uk-form-row"> echo '<div class="uk-form-row">
<div class="uk-form-controls"> <div class="uk-form-controls">
<button type="submit" id="jsdisable-user" class="delete-button" name="disable-user"><i class="uk-icon-ban"></i> '.$L->g('Disable the user').'</button> <button type="submit" id="jsdisable-user" class="delete-button" name="disable-user"><i class="uk-icon-ban"></i> '.$L->g('Disable the user').'</button>
@ -133,7 +133,7 @@ if( $_User->enabled() ) {
</div>'; </div>';
} }
if( ($Login->role()==='admin') && ($_User->username()!='admin') ) { if( ($Login->role()==='admin') && ($User->username()!='admin') ) {
HTML::legend(array('value'=>$L->g('Delete'))); HTML::legend(array('value'=>$L->g('Delete')));
@ -152,7 +152,7 @@ echo '</div>';
echo '<div class="uk-width-3-10" style="margin-top: 50px; text-align: center;">'; echo '<div class="uk-width-3-10" style="margin-top: 50px; text-align: center;">';
HTML::profileUploader($_User->username()); HTML::profileUploader($User->username());
echo '</div>'; echo '</div>';
echo '</div>'; echo '</div>';

View File

@ -55,6 +55,7 @@ define('DB_SITE', PATH_DATABASES.'site.php');
define('DB_CATEGORIES', PATH_DATABASES.'categories.php'); define('DB_CATEGORIES', PATH_DATABASES.'categories.php');
define('DB_TAGS', PATH_DATABASES.'tags.php'); define('DB_TAGS', PATH_DATABASES.'tags.php');
define('DB_SYSLOG', PATH_DATABASES.'syslog.php'); define('DB_SYSLOG', PATH_DATABASES.'syslog.php');
define('DB_USERS', PATH_DATABASES.'users.php');
// Log separator // Log separator
define('LOG_SEP', ' | '); define('LOG_SEP', ' | ');
@ -184,6 +185,7 @@ include(PATH_HELPERS.'filesystem.class.php');
include(PATH_HELPERS.'alert.class.php'); include(PATH_HELPERS.'alert.class.php');
include(PATH_HELPERS.'paginator.class.php'); include(PATH_HELPERS.'paginator.class.php');
include(PATH_HELPERS.'image.class.php'); include(PATH_HELPERS.'image.class.php');
include(PATH_HELPERS.'tcp.class.php');
// Session // Session
Session::start(); Session::start();

View File

@ -57,6 +57,9 @@ class dbSyslog extends dbJSON
// Insert at beggining of the database // Insert at beggining of the database
array_unshift($this->db, $data); array_unshift($this->db, $data);
// Keep just NOTIFICATIONS_AMOUNT notifications
$this->db = array_slice($this->db, 0, NOTIFICATIONS_AMOUNT);
// Save // Save
return $this->save(); return $this->save();
} }

View File

@ -23,15 +23,55 @@ class dbUsers extends dbJSON
function __construct() function __construct()
{ {
parent::__construct(PATH_DATABASES.'users.php'); parent::__construct(DB_USERS);
}
// Disable the user
public function disableUser($username)
{
$args['username'] = $username;
$args['password'] = '!';
return $this->set($args);
}
// Return TRUE if the user exists, FALSE otherwise
public function exists($username)
{
return isset($this->db[$username]);
}
// Set the parameters of a user
public function set($args)
{
// Current database of the user
$user = $this->db[$args['username']];
// Verify arguments with the database fields
foreach($args as $field=>$value) {
if( isset($this->dbFields[$field]) ) {
$value = Sanitize::html($value);
settype($value, gettype($this->dbFields[$field]['value']));
$user[$field] = $value;
}
}
// Save the database
$this->db[$args['username']] = $user;
return $this->save();
}
// Delete an user
public function delete($username)
{
unset($this->db[$username]);
return $this->save();
} }
public function getUser($username) public function getUser($username)
{ {
if($this->userExists($username)) {
$User = new User(); $User = new User();
if($this->userExists($username))
{
$User->setField('username', $username); $User->setField('username', $username);
foreach($this->db[$username] as $key=>$value) { foreach($this->db[$username] as $key=>$value) {
@ -44,16 +84,11 @@ class dbUsers extends dbJSON
return false; return false;
} }
public function getAll() // ---- OLD
{ // Returns array with the username databases filtered by username, FALSE otherwise
return $this->db;
}
// Return an array with the username databases, filtered by username.
public function getDb($username) public function getDb($username)
{ {
if($this->userExists($username)) if($this->userExists($username)) {
{
$user = $this->db[$username]; $user = $this->db[$username];
return $user; return $user;
@ -62,6 +97,14 @@ class dbUsers extends dbJSON
return false; return false;
} }
public function getAll()
{
return $this->db;
}
// Return the username associated to an email, if the email does not exists return FALSE. // Return the username associated to an email, if the email does not exists return FALSE.
public function getByEmail($email) public function getByEmail($email)
{ {
@ -121,63 +164,11 @@ class dbUsers extends dbJSON
return $this->set($args); return $this->set($args);
} }
// Disable the user
public function disableUser($username)
{
$args['username'] = $username;
$args['password'] = '!';
return $this->set($args);
}
public function set($args)
{
$dataForDb = array();
$user = $this->getDb($args['username']);
if($user===false)
{
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to get the username '.$args['username']);
return false;
}
// Verify arguments with the database fields.
foreach($args as $field=>$value)
{
if( isset($this->dbFields[$field]) )
{
// Sanitize.
$tmpValue = Sanitize::html($value);
// Set type.
settype($tmpValue, gettype($this->dbFields[$field]['value']));
$user[$field] = $tmpValue;
}
}
// Save the database
$this->db[$args['username']] = $user;
if( $this->save() === false ) {
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
return false;
}
return true;
}
public function delete($username)
{
unset($this->db[$username]);
if( $this->save() === false ) {
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
return false;
}
return true;
}
public function add($args) public function add($args)
{ {

View File

@ -251,3 +251,79 @@ function deletePage($key) {
return false; return false;
} }
function disableUser($username) {
global $dbUsers;
global $Login;
global $Syslog;
// The editors can't disable users
if($Login->role()!=='admin') {
return false;
}
if( $dbUsers->disableUser($username) ) {
// Add to syslog
$Syslog->add(array(
'dictionaryKey'=>'user-disabled',
'notes'=>$username
));
return true;
}
return false;
}
function editUser($args) {
global $dbUsers;
global $Syslog;
if( $dbUsers->set($args) ) {
// Add to syslog
$Syslog->add(array(
'dictionaryKey'=>'user-edited',
'notes'=>$args['username']
));
return true;
}
return false;
}
function deleteUser($args, $deleteContent=false)
{
global $dbUsers;
global $Login;
global $Syslog;
// The user admin cannot be deleted
if($args['username']=='admin') {
return false;
}
// The editors can't delete users
if($Login->role()!=='admin') {
return false;
}
if($deleteContent) {
//$dbPosts->deletePostsByUser($args['username']);
}
else {
//$dbPosts->linkPostsToUser($args['username'], 'admin');
}
if( $dbUsers->delete($args['username']) ) {
// Add to syslog
$Syslog->add(array(
'dictionaryKey'=>'user-deleted',
'notes'=>$args['username']
));
return true;
}
return false;
}

View File

@ -0,0 +1,40 @@
<?php defined('BLUDIT') or die('Bludit CMS.');
class TCP {
public static function http($url, $method='GET', $verifySSL=true)
{
if( function_exists('curl_version') ) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
// TRUE to include the header in the output
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $verifySSL);
if($method=='POST') {
curl_setopt($ch, CURLOPT_POST, true);
}
$output = curl_exec($ch);
if($output===false) {
Log::set('Curl error: '.curl_error($ch));
}
curl_close($ch);
}
else {
$options = array(
'http'=>array(
'method'=>$method
),
"ssl"=>array(
"verify_peer"=>$verifySSL,
"verify_peer_name"=>$verifySSL
)
);
$stream = stream_context_create($options);
$output = file_get_contents($url, false, $stream);
}
return $output;
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "За мен",
"description": "Кратко описание за вашия сайт или за себе си."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Über",
"description": "Kurzer Text über die Website oder zu dir."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Über",
"description": "Kurzer Text über die Website oder zu dir."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "About",
"description": "Little description about your site or yourself."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Acerca de",
"description": "Breve descripción de ti mismo o sobre tu sitio."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "About",
"description": "サイトやあなた自身についての概要を表示します。"
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Over mij",
"description": "Een korte beschrijving over je site of jezelf."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "О блоге",
"description": "Небольшое описание о вашем сайте или о себя."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Hakkında",
"description": "Senin veya siten hakkında kısa bilgiler"
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Про блог",
"description": "Невеликий опис вашого сайту або про Вас."
}
}

View File

@ -0,0 +1,10 @@
{
"author": "Bludit",
"email": "",
"website": "https://plugins.bludit.com",
"version": "2.0",
"releaseDate": "2017-05-26",
"license": "MIT",
"compatible": "2.0",
"notes": ""
}

View File

@ -0,0 +1,32 @@
<?php
class pluginPing extends Plugin {
private function ping()
{
$url = 'https://ping.bludit.com?url='.DOMAIN_BASE;
if( function_exists('curl_version') ) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
// TRUE to include the header in the output
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
$out = curl_exec($ch);
if($out===false) {
Log::set('Plugin Ping: Curl error: '.curl_error($ch));
}
curl_close($ch);
}
else {
$options = array(
"ssl"=>array(
"verify_peer"=>false,
"verify_peer_name"=>false
)
);
$stream = stream_context_create($options);
$out = file_get_contents($url, false, $stream);
}
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "За мен",
"description": "Кратко описание за вашия сайт или за себе си."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Über",
"description": "Kurzer Text über die Website oder zu dir."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Über",
"description": "Kurzer Text über die Website oder zu dir."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "About",
"description": "Little description about your site or yourself."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Acerca de",
"description": "Breve descripción de ti mismo o sobre tu sitio."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "About",
"description": "サイトやあなた自身についての概要を表示します。"
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Over mij",
"description": "Een korte beschrijving over je site of jezelf."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "О блоге",
"description": "Небольшое описание о вашем сайте или о себя."
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Hakkında",
"description": "Senin veya siten hakkında kısa bilgiler"
}
}

View File

@ -0,0 +1,7 @@
{
"plugin-data":
{
"name": "Про блог",
"description": "Невеликий опис вашого сайту або про Вас."
}
}

View File

@ -0,0 +1,10 @@
{
"author": "Bludit",
"email": "",
"website": "https://plugins.bludit.com",
"version": "2.0",
"releaseDate": "2017-05-26",
"license": "MIT",
"compatible": "2.0",
"notes": ""
}

View File

@ -0,0 +1,18 @@
<?php
class pluginVersion extends Plugin {
private function getVersion()
{
$url = 'https://version.bludit.com';
$output = TCP::http($url);
$json = json_decode($output, true);
if(empty($json)) {
return array('version'=>'');
}
return $json;
}
}