summaryrefslogtreecommitdiff
path: root/src/controllers
diff options
context:
space:
mode:
authorLuke Shumaker <LukeShu@sbcglobal.net>2012-01-07 08:21:00 -0800
committerLuke Shumaker <LukeShu@sbcglobal.net>2012-01-07 10:20:28 -0800
commit464f4d3497617fadb9d7752868f1175849cfa6d2 (patch)
tree0771bd935b30971bf2c244b6f158ed7496b644e5 /src/controllers
parent3d64793a1ee45857856be1cd71c3a0a040a3e869 (diff)
Refactor to separate the framework from the app; drop message stuff, this app is just user management. Add a json view for individual usersHEADmaster
Diffstat (limited to 'src/controllers')
-rw-r--r--src/controllers/AuthPage.class.php57
-rw-r--r--src/controllers/Config.class.php30
-rw-r--r--src/controllers/Groups.class.php11
-rw-r--r--src/controllers/Http404.class.php7
-rw-r--r--src/controllers/Main.class.php9
-rw-r--r--src/controllers/Messages.class.php100
-rw-r--r--src/controllers/NewMessage.class.php37
-rw-r--r--src/controllers/Plugins.class.php75
-rw-r--r--src/controllers/Users.class.php371
9 files changed, 0 insertions, 697 deletions
diff --git a/src/controllers/AuthPage.class.php b/src/controllers/AuthPage.class.php
deleted file mode 100644
index 1f46f72..0000000
--- a/src/controllers/AuthPage.class.php
+++ /dev/null
@@ -1,57 +0,0 @@
-<?php
-require_once('Login.class.php');
-require_once('Auth.class.php');
-
-Router::register('auth', 'AuthPage');
-
-class AuthPage extends Controller {
- public function index($routed, $remainder) {
- // So if $_POST['action'] isn't set, it will trip on '', which
- // is great, so we don't have to handle GET and PUT separately.
- @$action = $_POST['action'];
- switch ($action) {
- case 'login' : $this->login(); break;
- case 'logout': $this->logout(); break;
- case '' : $this->maybe_login(); break;
- default : $this->badrequest(); break;
- }
- }
- private function login() {
- $username = '';
- $password = '';
-
- $login = -1;
- if ( isset($_POST['username']) && isset($_POST['password'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- $login = Login::login($username, $password);
- }
-
- $vars = array();
- $vars['login_code'] = $login;
- $vars['username'] = $username;
- $vars['password'] = $password;
- if (isset($_POST['url'])) {
- $vars['url'] = $_POST['url'];
- }
-
- $this->showView('auth/login', $vars);
- }
- private function logout() {
- Login::logout();
- $this->showView('auth/logout');
- }
- private function maybe_login() {
- $uid = Login::isLoggedIn();
- if ($uid===false) {
- $this->login();
- } else {
- $username = Auth::getInstance($uid)->getName();
- $this->showView('auth/index',
- array('username'=>$username));
- }
- }
- private function badrequest() {
- $this->showView('auth/badrequest');
- }
-}
diff --git a/src/controllers/Config.class.php b/src/controllers/Config.class.php
deleted file mode 100644
index dc6a884..0000000
--- a/src/controllers/Config.class.php
+++ /dev/null
@@ -1,30 +0,0 @@
-<?php
-require_once('Auth.class.php');
-
-Router::register('config', 'Config', 'index');
-
-class Config extends Controller {
- public function index($routed, $remainder) {
- $uid = Login::isLoggedIn();
- if ($uid===false || !Auth::getInstance($uid)->isAdmin()) {
- $this->http401($routed, $remainder);
- return;
- }
-
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'PUT': $_POST = $_PUT;
- case 'POST':
- // We're PUTing an updated configuration.
- $this->update();
- break;
- }
- $this->show_index();
- }
- private function show_index() {
-
- }
- private function update() {
-
- }
-}
diff --git a/src/controllers/Groups.class.php b/src/controllers/Groups.class.php
deleted file mode 100644
index 9d99d99..0000000
--- a/src/controllers/Groups.class.php
+++ /dev/null
@@ -1,11 +0,0 @@
-<?php
-
-Router::register('groups/new' , 'Groups', 'new_group');
-Router::register('groups/index', 'Groups', 'index_file');
-Router::register('groups' , 'Groups', 'index_dir');
-Router::register('groups/*' , 'Groups', 'individual');
-
-class Groups extends Controller {
- public static $illegal_names = array('', 'new', 'index');
- // TODO
-}
diff --git a/src/controllers/Http404.class.php b/src/controllers/Http404.class.php
deleted file mode 100644
index 322feaa..0000000
--- a/src/controllers/Http404.class.php
+++ /dev/null
@@ -1,7 +0,0 @@
-<?php
-
-class Http404 extends Controller {
- public function index($routed, $remainder) {
- $this->http404($routed, $remainder);
- }
-}
diff --git a/src/controllers/Main.class.php b/src/controllers/Main.class.php
deleted file mode 100644
index 7651b62..0000000
--- a/src/controllers/Main.class.php
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php
-
-Router::register('index', 'Main', 'index');
-
-class Main extends Controller {
- public function index($routed, $remainder) {
- $this->showView('index');
- }
-}
diff --git a/src/controllers/Messages.class.php b/src/controllers/Messages.class.php
deleted file mode 100644
index 717e18e..0000000
--- a/src/controllers/Messages.class.php
+++ /dev/null
@@ -1,100 +0,0 @@
-<?php
-require_once('Login.class.php');
-require_once('Auth.class.php');
-
-Router::register('messages', 'Messages', 'index');
-Router::register('messages/index', 'Messages', 'index');
-Router::register('messages/*', 'Messages', 'message');
-
-class Messages extends Controller {
- public static $msgdir;
-
- public function __construct() {
- require_once('MimeMailParser.class.php');
- $this->msgdir = BASEPATH.'/msg';
- }
-
- public function index($routed, $remainder) {
- $parser = new MimeMailParser();
- $messages = array();
- $dh = opendir($this->msgdir);
- while (($file = readdir($dh)) !== false) {
- $path = $this->msgdir."/$file";
- if (is_file($path)) {
- $parser->setPath($path);
-
- $date_string = $parser->getHeader('date');
- $date = strtotime($date_string);
- if (!isset($messages[$date])) {
- $messages[$date] = array();
- }
- $messages[$date][] =
- array('id'=>$file,
- 'subject'=>$parser->getHeader('subject'),
- 'from'=>$parser->getHeader('from'));
- }
- }
- closedir($dh);
-
- $this->showView('messages/index', array('messages' => $messages));
- exit();
- }
-
- public function message($routed, $remainder) {
- $uid = Login::isLoggedIn();
- if ($uid===false || !Auth::getInstance($uid)->isUser()) {
- $this->http401($routed, $remainder);
- return;
- }
-
- $msg_id = $remainder[0];// We can trust the router that this is set
- $msg_file = $this->msgdir."/$msg_id";
- if (!is_file($msg_file)) {
- $this->http404($routed, $remainder);
- return;
- }
-
- @$part = $remainder[1];
- @$subpart = $remainder[2];
- $parser = new MimeMailParser();
- $parser->setPath($msg_file);
-
- switch ($part) {
- case '':
- $this->showView('messages/frame',
- array('msg_id'=>$msg_id,
- 'parser'=>$parser,
- 'msgdir'=>$this->msgdir,
- ));
- break;
- case 'body':
- require_once('Mime.class.php');
- header('Content-type: '.Mime::ext2mime(PAGE_EXT));
- $map = array('html'=>'html',
- 'txt' =>'text');
- echo $parser->getMessageBody($map[PAGE_EXT]);
- break;
- case 'attachment':
- $attachment_id = $subpart;
- $attachments = $parser->getAttachments();
- $attachment = $attachments[$attachment_id];
-
- $type = $attachment->getContentType();
- $filename = $attachment->getFilename();
-
- header('Content-Type: '.$type);
- header('Content-Disposition: attachment; filename='.$filename );
- while($bytes = $attachment->read()) {
- echo $bytes;
- }
- break;
- default:
- array_push($routed, array_shift($remainder));
- $this->http404($routed, $remainder);
- }
- }
-
- public function http401($routed, $remainder) {
- $this->showView('messages/401', array('uid'=>Login::isLoggedIn()));
- }
-} \ No newline at end of file
diff --git a/src/controllers/NewMessage.class.php b/src/controllers/NewMessage.class.php
deleted file mode 100644
index e778385..0000000
--- a/src/controllers/NewMessage.class.php
+++ /dev/null
@@ -1,37 +0,0 @@
-<?php
- /*
-class NewMessage extends Controller {
-$cmdline = isset($argv[0]); // called from the command line
-@$method = $_SERVER['REQUEST_METHOD']; // What HTTP method was used
-if ( ($method=='PUT') || ($method=='POST') || $cmdline ) {
- // We're going to be uploading a new message.
-
- // so uniqid isn't 'secure', it doesn't need to be, it's to prevent
- // random collisions.
- $tmpfile = "$BASE/tmp/".uniqid(getmypid().'.');
- $infile = ($cmdline?'php://stdin':'php://input');
- $out = fopen($tmpfile, "w");
- $in = fopen($infile, "r");
- while ($data = fread($in, 1024))
- fwrite($out, $data);
- fclose($out);
- fclose($in);
- //apache_request_headers()
- require_once('MimeMailParser.class.php');
- $parser = new MimeMailParser();
- $parser->setPath($tmpfile);
- $id = preg_replace('/<(.*)>/', '$1',
- $parser->getHeader('message-id'));
- $id = str_replace('/', '', $id); // for security reasons
- $msg_file = "$BASE/msg/$id";
- rename($tmpfile, $msg_file);
-
- if (!$cmdline) {
- $m->status('201 Created');
- header("Location: ".$m->baseUrl().'messages/'.$id);
- }
- exit();
-}
-
-}
- */ \ No newline at end of file
diff --git a/src/controllers/Plugins.class.php b/src/controllers/Plugins.class.php
deleted file mode 100644
index 2ed6e7a..0000000
--- a/src/controllers/Plugins.class.php
+++ /dev/null
@@ -1,75 +0,0 @@
-<?php
-require_once('Login.class.php');
-require_once('Plugin.class.php');
-require_once('PluginManager.class.php');
-require_once('Auth.class.php');
-require_once('Database.class.php');
-
-Router::register('plugins', 'Plugins');
-
-class Plugins extends Controller {
- public function index($routed, $remainder) {
- $uid = Login::isLoggedIn();
- if ($uid===false || !Auth::getInstance($uid)->isAdmin()) {
- $this->http401($routed, $remainder);
- return;
- }
-
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'PUT': $_POST = $_PUT;
- case 'POST':
- // We're PUTing an updated user index.
- $this->update();
- break;
- }
- $this->show_index();
- }
-
- private function update() {
- $db = Database::getInstance();
-
- if (isset($_POST['plugins'])) {
- $string = $db->arrayToValue($_POST['plugins']);
- $db->setSysConf('plugins', $string);
- }
-
- if (isset($_POST['config'])) {
- foreach ($_POST['config'] as $plugin_name => $plugin) {
- foreach ($plugin as $param => $value) {
- $db->setPluginConf($plugin_name,
- $param,
- $value);
- }
- }
- }
- }
-
- private function show_index() {
- $pm = PluginManager::getInstance();
- $all_plugins = $pm->listPlugins();
- $enabled_plugins = $pm->getActivePlugins();
-
- $plugin_data = array();
- foreach ($all_plugins as $plugin_name) {
- $plugin = array();
- $plugin['name'] = $plugin_name;
- $plugin['key'] = 'config['.$plugin_name.']';
- $plugin['active'] =
- in_array($plugin_name, $enabled_plugins);
- $plugin['description'] =
- $pm->staticHook($plugin_name, 'description');
- $plugin['config'] =
- $pm->staticHook($plugin_name, 'configList');
- $plugin_data[] = $plugin;
- }
-
- $vars = array();
- $vars['plugins'] = $plugin_data;
- $this->showView('plugins/index', $vars);
- }
-
- public function http401($routed, $remainder) {
- $this->showView('plugins/401');
- }
-}
diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
deleted file mode 100644
index 9978ef8..0000000
--- a/src/controllers/Users.class.php
+++ /dev/null
@@ -1,371 +0,0 @@
-<?php
-require_once('Login.class.php');
-require_once('Auth.class.php');
-require_once('DB.class.php');
-require_once('PluginManager.class.php');
-require_once('Database.class.php');
-
-Router::register('users/new' , 'Users', 'new_user');
-Router::register('users/index', 'Users', 'index_file');
-Router::register('users' , 'Users', 'index_dir');
-Router::register('users/*' , 'Users', 'individual');
-
-class Users extends Controller {
- // Index Views ///////////////////////////////////////////////
-
- public function index($routed, $remainder) {
- return $this->index_dir($routed, $remainder);
- }
-
- /**
- * Handle POSTing a new user, or GETing the index.
- */
- public function index_dir($routed, $remainder) {
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'POST':
- // We're POSTing a new user.
- if ($this->registrationOpen()) {
- $this->create_user();
- } else {
- $this->showView('users/new-locked', array());
- exit();
- }
- break;
- case 'HEAD': // fall-through to GET
- case 'GET':
- // We're GETing the index.
- $this->show_index($routed, $remainder);
- break;
- }
- }
-
- /**
- * Handle PUTing an updated user index, or GETing the index.
- */
- public function index_file($routed, $remainder) {
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'PUT': $_POST = $_PUT;
- case 'POST':
- // We're PUTing an updated user index.
- $this->update_users();
- break;
- }
- $this->show_index($routed, $remainder);
- }
-
- // Other Views ///////////////////////////////////////////////
-
- /**
- * Handle GETing the new user form.
- *
- * I would have named this `new', but that's a keyword.
- */
- public function new_user($routed, $vars) {
- // since there will never be a remainder to `users/new', we can
- // use that parameter to pass in some data.
- if (Login::isLoggedIn()) {
- $this->showView('users/new-logged-in', array());
- exit();
- }
- if (!$this->registrationOpen()) {
- $this->showView('users/new-locked', array());
- exit();
- }
- if (!isset($vars['errors'])) $vars['errors'] = array();
-
- $db = Database::getInstance();
- $pm = PluginManager::getInstance();
-
- $vars['antispam_html'] = $pm->callHook('antispam_html');
- $vars['userlist'] = $db->getSysConf('anon_userlist');
- $this->showView('users/new', $vars);
- }
-
- public function individual($routed, $remainder) {
- $db = Database::getInstance();
- $pm = PluginManager::getInstance();
-
- $username = implode('/', $remainder);
- if ($username == 'all') {
- $uids = $db->listUsers();
- } else {
- $uids = array($db->getUID($username));
- }
-
- $vars = array();
-
- if (count($uids)<2) {
- $user = Auth::getInstance($uid);
-
- if ($user->isGroup()) $uid = false; // ignore groups.
-
- if ($uid===false) {
- $this->http404($routed, $remainder);
- exit();
- }
- if (!$user->canRead()) {
- $this->http401($routed, $remainder);
- exit();
- }
-
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'PUT': $_POST = $_PUT;
- case 'POST':
- // We're PUTing updated user info.
- if ($user->canEdit()) {
- $vars = $this->update_user($user);
- }
- break;
- }
- }
-
- $config_options = array();
- $pm->callHook('userConfig', &$config_options);
-
- $vars['users'] = array();
- foreach ($uids as $uid) {
- $vars['users'][] = Auth::getInstance($uid);
- }
- $vars['username'] = $username;
- $vars['config_options'] = $config_options;
- $vars['groups'] = $db->listGroupNames();
- require_once('ContactMethod.class.php');
- $this->showView('users/individual', $vars);
- }
-
- public function http404($routed, $remainder) {
- $username = implode('/', $remainder);
- $this->showView('users/404',
- array('username'=>$username));
- }
-
- public function http401($routed, $remainder) {
- $this->showView('users/401', array('uid'=>Login::isLoggedIn()));
- }
-
- // Other Functions ///////////////////////////////////////////
-
- /**
- * This will parse POST data to create a new user.
- * If successfull it will show a message saying so.
- * If not successfull, it will re-show the new-user form with errors
- * explained.
- */
- private function create_user() {
- $db = Database::getInstance();
- $pm = PluginManager::getInstance();
-
- $vars = array();
- @$vars['username' ] = $_POST['auth_name'];
- @$vars['password1'] = $_POST['auth_password' ];
- @$vars['password2'] = $_POST['auth_password_verify'];
- @$vars['email'] = $_POST['user_email'];
-
- $vars['errors'] = array();
- if ($db->getUID($vars['username'])!==false)
- $vars['errors'][] = 'user exists';
- if (!Auth::isNameLegal($vars['username']))
- $vars['errors'][] = 'illegal name';
- $matches = ($vars['password1'] == $vars['password2']);
- if (!$matches) {
- $vars['errors'][] = 'pw mixmatch';
- }
- if ($matches && $vars['password2'] == '') {
- $vars['errors'][] = 'no pw';
- }
- if ($vars['email'] == '') {
- $vars['errors'][] = 'no email';
- }
- foreach ($pm->callHook('antispam_verify') as $plugin=>$valid) {
- if (!$valid) $vars['errors'][] = 'plugin_'.$plugin;
- }
-
- if (count($vars['errors']) > 0) {
- $this->new_user($routed, $vars);
- } else {
- $username = $vars['username'];
- $password = $vars['password1'];
- $uid = $db->addUser($username, $password);
- if ($uid===false) {
- $this->showView('users/500');
- } else {
- Login::login($username, $password);
- DB::set('users', $uid, 'email', $vars['email']);
- $this->showView('users/created',
- array('username'=>$username));
- }
- }
- }
-
- /**
- * This will parse POST (really, PUT) data to update a single user
- */
- private function update_user($user) {
- $vars = array();
-
- $username = $user->getName();
- // Change the username /////////////////////////////////////////
- if (isset($_POST['auth_name'])) {
- $new_name = $_POST['auth_name'];
- if ($new_name != $username) {
- $changed_name = $user->setName($new_name);
- $username = $user->getName();
- $vars['changed name'] = $changed_name;
- }
- }
-
- // Change the password /////////////////////////////////////////
- @$password1 = $_POST['auth_password' ];
- @$password2 = $_POST['auth_password'.'_verify'];
-
- // Check the verify box, not main box, so that we don't get
- // tripped by browsers annoyingly autocompleting the password.
- $is_set = ($password2 != '');
-
- if ($is_set) {
- $matches = ( $password1 == $password2 );
- if ($matches) {
- $user->setPassword($password1);
- $vars['pw updated'] = true;
- } else {
- $vars['pw mixmatch'] = true;
- }
- }
-
- // Change information //////////////////////////////////////////
- $config_options = array();
- $pm = PluginManager::getInstance();
- $pm->callHook('userConfig', &$config_options);
-
- foreach ($config_options as $group=>$options) {
- foreach ($options as $option) {
- $this->confText($user, $option[0]);
- }
- }
-
- // Change contact info /////////////////////////////////////////
- global $CONTACT_METHODS;
- foreach ($CONTACT_METHODS as $method) {
- $this->confText($user, $method->addr_slug);
- }
- $this->confArray($user, 'use');
-
- // Change groups ///////////////////////////////////////////////
- $this->confArray($user, 'groups');
-
- return $vars;
- }
-
- private function confArray($user, $key) {
- if (isset($_POST[$key]) && is_array($_POST[$key])) {
- $user->setConfArray($key, $_POST[$key]);
- }
- }
-
- private function confText($user, $name) {
- if (isset($_POST["user_$name"])) {
- $user->setConf($name, $_POST["user_$name"]);
- }
- }
-
-
- /**
- * This will parse POST (really, PUT) data to update multiple users.
- */
- private function update_users() {
- $attribs = $this->getIndexAttribs();
- $form = new Form(null, null);
- foreach ($attribs as $attrib) {
- $key = $attrib['key'];
- if (isset($_POST[$key]) && is_array($_POST[$key])) {
- $old = $_POST['_old'][$key];
- foreach ($_POST[$key] as $uid => $value) {
- @$value_base = $old[$uid];
- $set = DB::set('users', $uid, $key, $value, $value_base);
- if (is_string($set)) {
- echo "<pre>\n";
- echo "Error: Value changed elsewhere, ".
- "and I don't have real handling ".
- "for this yet.\n";
- echo "UID: $uid\n";
- echo "Name: ".$user->getName()."\n";
- echo "Key: $key\n";
- echo "Value: Original : ";
- var_dump($value_base);
- echo "Value: Other edit: ";
- var_dump($value_fork);
- echo "Value: This edit : ";
- var_dump($value);
- echo "</pre>";
- }
- }
- }
- }
- }
-
- /**
- * This will show the user index.
- */
- private function show_index($routed, $remainder) {
- $db = Database::getInstance();
-
- $logged_in_user = Auth::getInstance(Login::isLoggedIn());
- $anon_userlist = $db->getSysConf('anon_userlist')=='true';
- if (!$anon_userlist && !$logged_in_user->isUser()) {
- $this->http401($routed, $remainder);
- exit();
- }
-
- $vars = array();
- $vars['attribs'] = $this->getIndexAttribs();
- $vars['users'] = array();
- $uids = $db->listUsers();
- foreach ($uids as $uid) {
- $vars['users'][$uid] = array();
- foreach ($vars['attribs'] as $attrib) {
- $key = $attrib['key'];
- $props = DB::get('users', $uid, $key);
- $vars['users'][$uid][$key] = $props;
- }
- }
- $this->showView('users/index', $vars);
- }
-
- function attrib($key, $name, $type='string') {
- return array('key'=>$key, 'name'=>$name, 'type'=>$type);
- }
- private function getIndexAttribs() {
- $user = Auth::getInstance(Login::isLoggedIn());
-
- $attribs = array();
- $attribs[] = $this->attrib('auth_uid', 'UID');
- if ($user->isUser()) {
- $attribs[] = $this->attrib('auth_user', 'Active', 'bool');
- if ($user->isAdmin()) {
- $attribs[] = $this->attrib('auth_admin', 'Admin', 'bool');
- $attribs[] = $this->attrib('auth_delete', 'Delete', 'bool');
- }
- $attribs[] = $this->attrib('lastname','Last');
- $attribs[] = $this->attrib('firstname','First');
- $attribs[] = $this->attrib('hsclass','Class of');
- $attribs[] = $this->attrib('phone','Phone number');
- $attribs[] = $this->attrib('email','Email');
- }
- $attribs[] = $this->attrib('auth_name', 'Username');
-
- return $attribs;
- }
-
- private function registrationOpen() {
- $db = Database::getInstance();
- $val = $db->getSysConf('registration_open');
- switch ($val) {
- case 'true': return true;
- case 'false': return false;
- default: return true;
- }
- }
-}