diff options
Diffstat (limited to 'src/controllers')
| -rw-r--r-- | src/controllers/AuthPage.class.php | 57 | ||||
| -rw-r--r-- | src/controllers/Config.class.php | 30 | ||||
| -rw-r--r-- | src/controllers/Groups.class.php | 11 | ||||
| -rw-r--r-- | src/controllers/Http404.class.php | 7 | ||||
| -rw-r--r-- | src/controllers/Main.class.php | 9 | ||||
| -rw-r--r-- | src/controllers/Messages.class.php | 100 | ||||
| -rw-r--r-- | src/controllers/NewMessage.class.php | 37 | ||||
| -rw-r--r-- | src/controllers/Plugins.class.php | 75 | ||||
| -rw-r--r-- | src/controllers/Users.class.php | 371 |
9 files changed, 0 insertions, 697 deletions
diff --git a/src/controllers/AuthPage.class.php b/src/controllers/AuthPage.class.php deleted file mode 100644 index 1f46f72..0000000 --- a/src/controllers/AuthPage.class.php +++ /dev/null @@ -1,57 +0,0 @@ -<?php -require_once('Login.class.php'); -require_once('Auth.class.php'); - -Router::register('auth', 'AuthPage'); - -class AuthPage extends Controller { - public function index($routed, $remainder) { - // So if $_POST['action'] isn't set, it will trip on '', which - // is great, so we don't have to handle GET and PUT separately. - @$action = $_POST['action']; - switch ($action) { - case 'login' : $this->login(); break; - case 'logout': $this->logout(); break; - case '' : $this->maybe_login(); break; - default : $this->badrequest(); break; - } - } - private function login() { - $username = ''; - $password = ''; - - $login = -1; - if ( isset($_POST['username']) && isset($_POST['password'])) { - $username = $_POST['username']; - $password = $_POST['password']; - $login = Login::login($username, $password); - } - - $vars = array(); - $vars['login_code'] = $login; - $vars['username'] = $username; - $vars['password'] = $password; - if (isset($_POST['url'])) { - $vars['url'] = $_POST['url']; - } - - $this->showView('auth/login', $vars); - } - private function logout() { - Login::logout(); - $this->showView('auth/logout'); - } - private function maybe_login() { - $uid = Login::isLoggedIn(); - if ($uid===false) { - $this->login(); - } else { - $username = Auth::getInstance($uid)->getName(); - $this->showView('auth/index', - array('username'=>$username)); - } - } - private function badrequest() { - $this->showView('auth/badrequest'); - } -} diff --git a/src/controllers/Config.class.php b/src/controllers/Config.class.php deleted file mode 100644 index dc6a884..0000000 --- a/src/controllers/Config.class.php +++ /dev/null @@ -1,30 +0,0 @@ -<?php -require_once('Auth.class.php'); - -Router::register('config', 'Config', 'index'); - -class Config extends Controller { - public function index($routed, $remainder) { - $uid = Login::isLoggedIn(); - if ($uid===false || !Auth::getInstance($uid)->isAdmin()) { - $this->http401($routed, $remainder); - return; - } - - $method = $_SERVER['REQUEST_METHOD']; - switch ($method) { - case 'PUT': $_POST = $_PUT; - case 'POST': - // We're PUTing an updated configuration. - $this->update(); - break; - } - $this->show_index(); - } - private function show_index() { - - } - private function update() { - - } -} diff --git a/src/controllers/Groups.class.php b/src/controllers/Groups.class.php deleted file mode 100644 index 9d99d99..0000000 --- a/src/controllers/Groups.class.php +++ /dev/null @@ -1,11 +0,0 @@ -<?php - -Router::register('groups/new' , 'Groups', 'new_group'); -Router::register('groups/index', 'Groups', 'index_file'); -Router::register('groups' , 'Groups', 'index_dir'); -Router::register('groups/*' , 'Groups', 'individual'); - -class Groups extends Controller { - public static $illegal_names = array('', 'new', 'index'); - // TODO -} diff --git a/src/controllers/Http404.class.php b/src/controllers/Http404.class.php deleted file mode 100644 index 322feaa..0000000 --- a/src/controllers/Http404.class.php +++ /dev/null @@ -1,7 +0,0 @@ -<?php - -class Http404 extends Controller { - public function index($routed, $remainder) { - $this->http404($routed, $remainder); - } -} diff --git a/src/controllers/Main.class.php b/src/controllers/Main.class.php deleted file mode 100644 index 7651b62..0000000 --- a/src/controllers/Main.class.php +++ /dev/null @@ -1,9 +0,0 @@ -<?php - -Router::register('index', 'Main', 'index'); - -class Main extends Controller { - public function index($routed, $remainder) { - $this->showView('index'); - } -} diff --git a/src/controllers/Messages.class.php b/src/controllers/Messages.class.php deleted file mode 100644 index 717e18e..0000000 --- a/src/controllers/Messages.class.php +++ /dev/null @@ -1,100 +0,0 @@ -<?php -require_once('Login.class.php'); -require_once('Auth.class.php'); - -Router::register('messages', 'Messages', 'index'); -Router::register('messages/index', 'Messages', 'index'); -Router::register('messages/*', 'Messages', 'message'); - -class Messages extends Controller { - public static $msgdir; - - public function __construct() { - require_once('MimeMailParser.class.php'); - $this->msgdir = BASEPATH.'/msg'; - } - - public function index($routed, $remainder) { - $parser = new MimeMailParser(); - $messages = array(); - $dh = opendir($this->msgdir); - while (($file = readdir($dh)) !== false) { - $path = $this->msgdir."/$file"; - if (is_file($path)) { - $parser->setPath($path); - - $date_string = $parser->getHeader('date'); - $date = strtotime($date_string); - if (!isset($messages[$date])) { - $messages[$date] = array(); - } - $messages[$date][] = - array('id'=>$file, - 'subject'=>$parser->getHeader('subject'), - 'from'=>$parser->getHeader('from')); - } - } - closedir($dh); - - $this->showView('messages/index', array('messages' => $messages)); - exit(); - } - - public function message($routed, $remainder) { - $uid = Login::isLoggedIn(); - if ($uid===false || !Auth::getInstance($uid)->isUser()) { - $this->http401($routed, $remainder); - return; - } - - $msg_id = $remainder[0];// We can trust the router that this is set - $msg_file = $this->msgdir."/$msg_id"; - if (!is_file($msg_file)) { - $this->http404($routed, $remainder); - return; - } - - @$part = $remainder[1]; - @$subpart = $remainder[2]; - $parser = new MimeMailParser(); - $parser->setPath($msg_file); - - switch ($part) { - case '': - $this->showView('messages/frame', - array('msg_id'=>$msg_id, - 'parser'=>$parser, - 'msgdir'=>$this->msgdir, - )); - break; - case 'body': - require_once('Mime.class.php'); - header('Content-type: '.Mime::ext2mime(PAGE_EXT)); - $map = array('html'=>'html', - 'txt' =>'text'); - echo $parser->getMessageBody($map[PAGE_EXT]); - break; - case 'attachment': - $attachment_id = $subpart; - $attachments = $parser->getAttachments(); - $attachment = $attachments[$attachment_id]; - - $type = $attachment->getContentType(); - $filename = $attachment->getFilename(); - - header('Content-Type: '.$type); - header('Content-Disposition: attachment; filename='.$filename ); - while($bytes = $attachment->read()) { - echo $bytes; - } - break; - default: - array_push($routed, array_shift($remainder)); - $this->http404($routed, $remainder); - } - } - - public function http401($routed, $remainder) { - $this->showView('messages/401', array('uid'=>Login::isLoggedIn())); - } -}
\ No newline at end of file diff --git a/src/controllers/NewMessage.class.php b/src/controllers/NewMessage.class.php deleted file mode 100644 index e778385..0000000 --- a/src/controllers/NewMessage.class.php +++ /dev/null @@ -1,37 +0,0 @@ -<?php - /* -class NewMessage extends Controller { -$cmdline = isset($argv[0]); // called from the command line -@$method = $_SERVER['REQUEST_METHOD']; // What HTTP method was used -if ( ($method=='PUT') || ($method=='POST') || $cmdline ) { - // We're going to be uploading a new message. - - // so uniqid isn't 'secure', it doesn't need to be, it's to prevent - // random collisions. - $tmpfile = "$BASE/tmp/".uniqid(getmypid().'.'); - $infile = ($cmdline?'php://stdin':'php://input'); - $out = fopen($tmpfile, "w"); - $in = fopen($infile, "r"); - while ($data = fread($in, 1024)) - fwrite($out, $data); - fclose($out); - fclose($in); - //apache_request_headers() - require_once('MimeMailParser.class.php'); - $parser = new MimeMailParser(); - $parser->setPath($tmpfile); - $id = preg_replace('/<(.*)>/', '$1', - $parser->getHeader('message-id')); - $id = str_replace('/', '', $id); // for security reasons - $msg_file = "$BASE/msg/$id"; - rename($tmpfile, $msg_file); - - if (!$cmdline) { - $m->status('201 Created'); - header("Location: ".$m->baseUrl().'messages/'.$id); - } - exit(); -} - -} - */
\ No newline at end of file diff --git a/src/controllers/Plugins.class.php b/src/controllers/Plugins.class.php deleted file mode 100644 index 2ed6e7a..0000000 --- a/src/controllers/Plugins.class.php +++ /dev/null @@ -1,75 +0,0 @@ -<?php -require_once('Login.class.php'); -require_once('Plugin.class.php'); -require_once('PluginManager.class.php'); -require_once('Auth.class.php'); -require_once('Database.class.php'); - -Router::register('plugins', 'Plugins'); - -class Plugins extends Controller { - public function index($routed, $remainder) { - $uid = Login::isLoggedIn(); - if ($uid===false || !Auth::getInstance($uid)->isAdmin()) { - $this->http401($routed, $remainder); - return; - } - - $method = $_SERVER['REQUEST_METHOD']; - switch ($method) { - case 'PUT': $_POST = $_PUT; - case 'POST': - // We're PUTing an updated user index. - $this->update(); - break; - } - $this->show_index(); - } - - private function update() { - $db = Database::getInstance(); - - if (isset($_POST['plugins'])) { - $string = $db->arrayToValue($_POST['plugins']); - $db->setSysConf('plugins', $string); - } - - if (isset($_POST['config'])) { - foreach ($_POST['config'] as $plugin_name => $plugin) { - foreach ($plugin as $param => $value) { - $db->setPluginConf($plugin_name, - $param, - $value); - } - } - } - } - - private function show_index() { - $pm = PluginManager::getInstance(); - $all_plugins = $pm->listPlugins(); - $enabled_plugins = $pm->getActivePlugins(); - - $plugin_data = array(); - foreach ($all_plugins as $plugin_name) { - $plugin = array(); - $plugin['name'] = $plugin_name; - $plugin['key'] = 'config['.$plugin_name.']'; - $plugin['active'] = - in_array($plugin_name, $enabled_plugins); - $plugin['description'] = - $pm->staticHook($plugin_name, 'description'); - $plugin['config'] = - $pm->staticHook($plugin_name, 'configList'); - $plugin_data[] = $plugin; - } - - $vars = array(); - $vars['plugins'] = $plugin_data; - $this->showView('plugins/index', $vars); - } - - public function http401($routed, $remainder) { - $this->showView('plugins/401'); - } -} diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php deleted file mode 100644 index 9978ef8..0000000 --- a/src/controllers/Users.class.php +++ /dev/null @@ -1,371 +0,0 @@ -<?php -require_once('Login.class.php'); -require_once('Auth.class.php'); -require_once('DB.class.php'); -require_once('PluginManager.class.php'); -require_once('Database.class.php'); - -Router::register('users/new' , 'Users', 'new_user'); -Router::register('users/index', 'Users', 'index_file'); -Router::register('users' , 'Users', 'index_dir'); -Router::register('users/*' , 'Users', 'individual'); - -class Users extends Controller { - // Index Views /////////////////////////////////////////////// - - public function index($routed, $remainder) { - return $this->index_dir($routed, $remainder); - } - - /** - * Handle POSTing a new user, or GETing the index. - */ - public function index_dir($routed, $remainder) { - $method = $_SERVER['REQUEST_METHOD']; - switch ($method) { - case 'POST': - // We're POSTing a new user. - if ($this->registrationOpen()) { - $this->create_user(); - } else { - $this->showView('users/new-locked', array()); - exit(); - } - break; - case 'HEAD': // fall-through to GET - case 'GET': - // We're GETing the index. - $this->show_index($routed, $remainder); - break; - } - } - - /** - * Handle PUTing an updated user index, or GETing the index. - */ - public function index_file($routed, $remainder) { - $method = $_SERVER['REQUEST_METHOD']; - switch ($method) { - case 'PUT': $_POST = $_PUT; - case 'POST': - // We're PUTing an updated user index. - $this->update_users(); - break; - } - $this->show_index($routed, $remainder); - } - - // Other Views /////////////////////////////////////////////// - - /** - * Handle GETing the new user form. - * - * I would have named this `new', but that's a keyword. - */ - public function new_user($routed, $vars) { - // since there will never be a remainder to `users/new', we can - // use that parameter to pass in some data. - if (Login::isLoggedIn()) { - $this->showView('users/new-logged-in', array()); - exit(); - } - if (!$this->registrationOpen()) { - $this->showView('users/new-locked', array()); - exit(); - } - if (!isset($vars['errors'])) $vars['errors'] = array(); - - $db = Database::getInstance(); - $pm = PluginManager::getInstance(); - - $vars['antispam_html'] = $pm->callHook('antispam_html'); - $vars['userlist'] = $db->getSysConf('anon_userlist'); - $this->showView('users/new', $vars); - } - - public function individual($routed, $remainder) { - $db = Database::getInstance(); - $pm = PluginManager::getInstance(); - - $username = implode('/', $remainder); - if ($username == 'all') { - $uids = $db->listUsers(); - } else { - $uids = array($db->getUID($username)); - } - - $vars = array(); - - if (count($uids)<2) { - $user = Auth::getInstance($uid); - - if ($user->isGroup()) $uid = false; // ignore groups. - - if ($uid===false) { - $this->http404($routed, $remainder); - exit(); - } - if (!$user->canRead()) { - $this->http401($routed, $remainder); - exit(); - } - - $method = $_SERVER['REQUEST_METHOD']; - switch ($method) { - case 'PUT': $_POST = $_PUT; - case 'POST': - // We're PUTing updated user info. - if ($user->canEdit()) { - $vars = $this->update_user($user); - } - break; - } - } - - $config_options = array(); - $pm->callHook('userConfig', &$config_options); - - $vars['users'] = array(); - foreach ($uids as $uid) { - $vars['users'][] = Auth::getInstance($uid); - } - $vars['username'] = $username; - $vars['config_options'] = $config_options; - $vars['groups'] = $db->listGroupNames(); - require_once('ContactMethod.class.php'); - $this->showView('users/individual', $vars); - } - - public function http404($routed, $remainder) { - $username = implode('/', $remainder); - $this->showView('users/404', - array('username'=>$username)); - } - - public function http401($routed, $remainder) { - $this->showView('users/401', array('uid'=>Login::isLoggedIn())); - } - - // Other Functions /////////////////////////////////////////// - - /** - * This will parse POST data to create a new user. - * If successfull it will show a message saying so. - * If not successfull, it will re-show the new-user form with errors - * explained. - */ - private function create_user() { - $db = Database::getInstance(); - $pm = PluginManager::getInstance(); - - $vars = array(); - @$vars['username' ] = $_POST['auth_name']; - @$vars['password1'] = $_POST['auth_password' ]; - @$vars['password2'] = $_POST['auth_password_verify']; - @$vars['email'] = $_POST['user_email']; - - $vars['errors'] = array(); - if ($db->getUID($vars['username'])!==false) - $vars['errors'][] = 'user exists'; - if (!Auth::isNameLegal($vars['username'])) - $vars['errors'][] = 'illegal name'; - $matches = ($vars['password1'] == $vars['password2']); - if (!$matches) { - $vars['errors'][] = 'pw mixmatch'; - } - if ($matches && $vars['password2'] == '') { - $vars['errors'][] = 'no pw'; - } - if ($vars['email'] == '') { - $vars['errors'][] = 'no email'; - } - foreach ($pm->callHook('antispam_verify') as $plugin=>$valid) { - if (!$valid) $vars['errors'][] = 'plugin_'.$plugin; - } - - if (count($vars['errors']) > 0) { - $this->new_user($routed, $vars); - } else { - $username = $vars['username']; - $password = $vars['password1']; - $uid = $db->addUser($username, $password); - if ($uid===false) { - $this->showView('users/500'); - } else { - Login::login($username, $password); - DB::set('users', $uid, 'email', $vars['email']); - $this->showView('users/created', - array('username'=>$username)); - } - } - } - - /** - * This will parse POST (really, PUT) data to update a single user - */ - private function update_user($user) { - $vars = array(); - - $username = $user->getName(); - // Change the username ///////////////////////////////////////// - if (isset($_POST['auth_name'])) { - $new_name = $_POST['auth_name']; - if ($new_name != $username) { - $changed_name = $user->setName($new_name); - $username = $user->getName(); - $vars['changed name'] = $changed_name; - } - } - - // Change the password ///////////////////////////////////////// - @$password1 = $_POST['auth_password' ]; - @$password2 = $_POST['auth_password'.'_verify']; - - // Check the verify box, not main box, so that we don't get - // tripped by browsers annoyingly autocompleting the password. - $is_set = ($password2 != ''); - - if ($is_set) { - $matches = ( $password1 == $password2 ); - if ($matches) { - $user->setPassword($password1); - $vars['pw updated'] = true; - } else { - $vars['pw mixmatch'] = true; - } - } - - // Change information ////////////////////////////////////////// - $config_options = array(); - $pm = PluginManager::getInstance(); - $pm->callHook('userConfig', &$config_options); - - foreach ($config_options as $group=>$options) { - foreach ($options as $option) { - $this->confText($user, $option[0]); - } - } - - // Change contact info ///////////////////////////////////////// - global $CONTACT_METHODS; - foreach ($CONTACT_METHODS as $method) { - $this->confText($user, $method->addr_slug); - } - $this->confArray($user, 'use'); - - // Change groups /////////////////////////////////////////////// - $this->confArray($user, 'groups'); - - return $vars; - } - - private function confArray($user, $key) { - if (isset($_POST[$key]) && is_array($_POST[$key])) { - $user->setConfArray($key, $_POST[$key]); - } - } - - private function confText($user, $name) { - if (isset($_POST["user_$name"])) { - $user->setConf($name, $_POST["user_$name"]); - } - } - - - /** - * This will parse POST (really, PUT) data to update multiple users. - */ - private function update_users() { - $attribs = $this->getIndexAttribs(); - $form = new Form(null, null); - foreach ($attribs as $attrib) { - $key = $attrib['key']; - if (isset($_POST[$key]) && is_array($_POST[$key])) { - $old = $_POST['_old'][$key]; - foreach ($_POST[$key] as $uid => $value) { - @$value_base = $old[$uid]; - $set = DB::set('users', $uid, $key, $value, $value_base); - if (is_string($set)) { - echo "<pre>\n"; - echo "Error: Value changed elsewhere, ". - "and I don't have real handling ". - "for this yet.\n"; - echo "UID: $uid\n"; - echo "Name: ".$user->getName()."\n"; - echo "Key: $key\n"; - echo "Value: Original : "; - var_dump($value_base); - echo "Value: Other edit: "; - var_dump($value_fork); - echo "Value: This edit : "; - var_dump($value); - echo "</pre>"; - } - } - } - } - } - - /** - * This will show the user index. - */ - private function show_index($routed, $remainder) { - $db = Database::getInstance(); - - $logged_in_user = Auth::getInstance(Login::isLoggedIn()); - $anon_userlist = $db->getSysConf('anon_userlist')=='true'; - if (!$anon_userlist && !$logged_in_user->isUser()) { - $this->http401($routed, $remainder); - exit(); - } - - $vars = array(); - $vars['attribs'] = $this->getIndexAttribs(); - $vars['users'] = array(); - $uids = $db->listUsers(); - foreach ($uids as $uid) { - $vars['users'][$uid] = array(); - foreach ($vars['attribs'] as $attrib) { - $key = $attrib['key']; - $props = DB::get('users', $uid, $key); - $vars['users'][$uid][$key] = $props; - } - } - $this->showView('users/index', $vars); - } - - function attrib($key, $name, $type='string') { - return array('key'=>$key, 'name'=>$name, 'type'=>$type); - } - private function getIndexAttribs() { - $user = Auth::getInstance(Login::isLoggedIn()); - - $attribs = array(); - $attribs[] = $this->attrib('auth_uid', 'UID'); - if ($user->isUser()) { - $attribs[] = $this->attrib('auth_user', 'Active', 'bool'); - if ($user->isAdmin()) { - $attribs[] = $this->attrib('auth_admin', 'Admin', 'bool'); - $attribs[] = $this->attrib('auth_delete', 'Delete', 'bool'); - } - $attribs[] = $this->attrib('lastname','Last'); - $attribs[] = $this->attrib('firstname','First'); - $attribs[] = $this->attrib('hsclass','Class of'); - $attribs[] = $this->attrib('phone','Phone number'); - $attribs[] = $this->attrib('email','Email'); - } - $attribs[] = $this->attrib('auth_name', 'Username'); - - return $attribs; - } - - private function registrationOpen() { - $db = Database::getInstance(); - $val = $db->getSysConf('registration_open'); - switch ($val) { - case 'true': return true; - case 'false': return false; - default: return true; - } - } -} |