From eabca6bb0c720fad89947e7f2198695b66be1def Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 10:06:02 +0200 Subject: [PATCH 001/138] database modifications --- install.sql | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/install.sql b/install.sql index 8045e1d..32652af 100644 --- a/install.sql +++ b/install.sql @@ -33,6 +33,18 @@ CREATE TABLE `users` ( `permission` int(11) NOT NULL DEFAULT '0', `active` tinyint(1) NOT NULL DEFAULT '1' ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci; +CREATE TABLE `subscribers` ( + `subscriberID` int(11) NOT NULL, + `telegramID` int(50) NOT NULL, + `firstname` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL, + `lastname` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; +CREATE TABLE `services_subscriber` ( + `comboID` int(11) NOT NULL, + `subscriberIDFK` int(11) NOT NULL, + `serviceIDFK` int(11) NOT NULL +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; + ALTER TABLE `services` ADD PRIMARY KEY (`id`); ALTER TABLE `services_status` @@ -57,6 +69,17 @@ ALTER TABLE `status` MODIFY `id` int(11) NOT NULL AUTO_INCREMENT; ALTER TABLE `users` MODIFY `id` int(11) NOT NULL AUTO_INCREMENT; +ALTER TABLE `services_subscriber` + ADD PRIMARY KEY (`comboID`), + ADD UNIQUE KEY `unique_subscription` (`subscriberIDFK`,`serviceIDFK`), + ADD KEY `serviceIDFK` (`serviceIDFK`); +ALTER TABLE `subscribers` + ADD PRIMARY KEY (`subscriberID`), + ADD UNIQUE KEY `telegramID` (`telegramID`); +ALTER TABLE `services_subscriber` + MODIFY `comboID` int(11) NOT NULL AUTO_INCREMENT; +ALTER TABLE `subscribers` + MODIFY `subscriberID` int(11) NOT NULL AUTO_INCREMENT; ALTER TABLE `services_status` ADD CONSTRAINT `service_id` FOREIGN KEY (`service_id`) REFERENCES `services` (`id`), ADD CONSTRAINT `status_id` FOREIGN KEY (`status_id`) REFERENCES `status` (`id`); @@ -64,3 +87,7 @@ ALTER TABLE `status` ADD CONSTRAINT `user_id` FOREIGN KEY (`user_id`) REFERENCES `users` (`id`); ALTER TABLE `tokens` ADD CONSTRAINT `user` FOREIGN KEY (`user`) REFERENCES `users` (`id`); +ALTER TABLE `services_subscriber` + ADD CONSTRAINT `services_subscriber_ibfk_1` FOREIGN KEY (`subscriberIDFK`) REFERENCES `subscribers` (`subscriberID`) ON DELETE CASCADE ON UPDATE CASCADE, + ADD CONSTRAINT `services_subscriber_ibfk_2` FOREIGN KEY (`serviceIDFK`) REFERENCES `services` (`id`) ON DELETE CASCADE ON UPDATE CASCADE; +COMMIT; From bc92eea65102646af0ec9fe634bb8b6d6042dc8b Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 10:33:59 +0200 Subject: [PATCH 002/138] added tg values to config file --- config.php.template | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config.php.template b/config.php.template index 0e571ab..70436cf 100644 --- a/config.php.template +++ b/config.php.template @@ -13,6 +13,8 @@ define("POLICY_MAIL", "##policy_mail##"); //contact email in policy define("POLICY_PHONE", "##policy_phone##"); define("WHO_WE_ARE","##who_we_are##"); define("POLICY_URL","##policy_url##"); +define("TG_BOT_API_TOKEN", "##tg_bot_token##"); //Telegram Bot Token +define("TG_BOT_USERNAME", "##tg_bot_username##"); //Telegram Bot username define("INSTALL_OVERRIDE", false); define("DEFAULT_LANGUAGE", "en_GB"); From 781c9381189e80e91b70f0dce9f15b95d08fb5c1 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 10:44:42 +0200 Subject: [PATCH 003/138] added telegram to install.php --- install.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/install.php b/install.php index 2c1b407..b497da9 100644 --- a/install.php +++ b/install.php @@ -130,6 +130,8 @@ if(isset($_POST['server']) && empty($message)) $config = str_replace("##who_we_are##", $_POST['who_we_are'], $config); $policy_url_conf = ( ! empty($_POST['policy_url']) ) ? $_POST['policy_url'] : POLICY_URL; $config = str_replace("##policy_url##", $policy_url_conf, $config); + $config = str_replace("##tg_bot_token##", $_POST['tgtoken'], $config); + $config = str_replace("##tg_bot_username##", $_POST['tgbot'], $config); file_put_contents("config.php", $config); @@ -245,6 +247,19 @@ if (!empty($message))
+ + +
+

+ + +
+
" class="form-control" required>
+
" class="form-control" required>
+
+
+ +
From d02ebc25ab2d27ef72893aef4cc4e4b402634d42 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 11:20:53 +0200 Subject: [PATCH 004/138] send new incident to subscriber --- classes/incident.php | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/classes/incident.php b/classes/incident.php index 4ced1db..19f5e73 100644 --- a/classes/incident.php +++ b/classes/incident.php @@ -159,8 +159,22 @@ class Incident implements JsonSerializable $stmt->bind_param("ii", $service, $status_id); $stmt->execute(); $query = $stmt->get_result(); + + $query = $mysqli->query("SELECT * FROM services_subscriber WHERE serviceIDFK=" . $service); + while($subscriber = $query->fetch_assoc()){ + $subscriberQuery = $mysqli->query("SELECT * FROM subscribers WHERE userID=" . $subscriber['userIDFK']); + while($subscriberData = $subscriberQuery->fetch_assoc()){ + $telegramID = $subscriberData['telegramID']; + $firstname = $subscriberData['firstname']; + $lastname = $subscriberData['lastname']; + + $tg_message = urlencode('Hi ' . $firstname . chr(10) . 'There is a status update on a service that you have subscribed. View online'); + $response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $telegramID . "&parse_mode=HTML&text=" . $tg_message)); + + } + } - header("Location: ".WEB_URL."/admin"); + // header("Location: ".WEB_URL."/admin"); } } From 8c305d8a931f745cfc3bff8249607036bffecb76 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 11:29:28 +0200 Subject: [PATCH 005/138] bug fixes and debuging stuff removed --- classes/incident.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/classes/incident.php b/classes/incident.php index 19f5e73..b1d4f62 100644 --- a/classes/incident.php +++ b/classes/incident.php @@ -162,7 +162,7 @@ class Incident implements JsonSerializable $query = $mysqli->query("SELECT * FROM services_subscriber WHERE serviceIDFK=" . $service); while($subscriber = $query->fetch_assoc()){ - $subscriberQuery = $mysqli->query("SELECT * FROM subscribers WHERE userID=" . $subscriber['userIDFK']); + $subscriberQuery = $mysqli->query("SELECT * FROM subscribers WHERE subscriberID=" . $subscriber['subscriberIDFK']); while($subscriberData = $subscriberQuery->fetch_assoc()){ $telegramID = $subscriberData['telegramID']; $firstname = $subscriberData['firstname']; @@ -170,14 +170,14 @@ class Incident implements JsonSerializable $tg_message = urlencode('Hi ' . $firstname . chr(10) . 'There is a status update on a service that you have subscribed. View online'); $response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $telegramID . "&parse_mode=HTML&text=" . $tg_message)); - + print_r($response); } } - // header("Location: ".WEB_URL."/admin"); + header("Location: ".WEB_URL."/admin"); } } - + } /** * Renders incident From 8e1ae46564f254c14ea714836c743c3846b61ad7 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 11:46:15 +0200 Subject: [PATCH 006/138] add login with telegram button --- template.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/template.php b/template.php index 782f19e..286ac36 100644 --- a/template.php +++ b/template.php @@ -61,7 +61,13 @@ class Template{

-
+
+
+
    +
    • +
+
+ From 65f6de72891ce419bd801df6ea53e934aa71c1dd Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 11:48:28 +0200 Subject: [PATCH 007/138] add telegram User Data reader --- telegram.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 telegram.php diff --git a/telegram.php b/telegram.php new file mode 100644 index 0000000..f1ac554 --- /dev/null +++ b/telegram.php @@ -0,0 +1,21 @@ + Date: Thu, 7 Jun 2018 13:21:35 +0200 Subject: [PATCH 008/138] login and logout with telegram --- check.php | 12 ++++++++++++ index.php | 6 ++++++ telegram.php | 44 +++++++++++++++++++++++++++++++++++++++++++- template.php | 12 +++++++++++- 4 files changed, 72 insertions(+), 2 deletions(-) create mode 100644 check.php diff --git a/check.php b/check.php new file mode 100644 index 0000000..4553a06 --- /dev/null +++ b/check.php @@ -0,0 +1,12 @@ +getMessage()); + } + header('Location: index.php'); + ?> \ No newline at end of file diff --git a/index.php b/index.php index de155b0..c1df4f1 100644 --- a/index.php +++ b/index.php @@ -21,6 +21,12 @@ if (isset($_GET['ajax'])) $offset = $_GET['offset']; } +if (isset($_GET['subscriber_logout'])){ + setcookie('tg_user', ''); + setcookie('referer', '', time() - 3600); + header('Location: index.php'); +} + Template::render_header("Status"); ?>
diff --git a/telegram.php b/telegram.php index f1ac554..bf25641 100644 --- a/telegram.php +++ b/telegram.php @@ -18,4 +18,46 @@ function getTelegramUserData() { return $auth_data; } return false; -} \ No newline at end of file +} +/** + * Check if data is from telegram + * + * This checks if the data provides is from telegram. It includes a Fix for firefox + * + * @param mixed $auth_data The Authentication Data + * + * @return $auth_data + * +*/ +function checkTelegramAuthorization($auth_data) { + $check_hash = $auth_data['hash']; + unset($auth_data['hash']); + $data_check_arr = []; + foreach ($auth_data as $key => $value) { + // $data_check_arr[] = $key . '=' . $value; + $data_check_arr[] = $key . '=' . str_replace('https:/t', 'https://t', $value); + } + sort($data_check_arr); + $data_check_string = implode("\n", $data_check_arr); + $secret_key = hash('sha256', TG_BOT_API_TOKEN, true); + $hash = hash_hmac('sha256', $data_check_string, $secret_key); + if (strcmp($hash, $check_hash) !== 0) { + throw new Exception('Data is NOT from Telegram'); + } + if ((time() - $auth_data['auth_date']) > 86400) { + throw new Exception('Data is outdated'); + } + return $auth_data; + } + + +/** + * Save telegram userdata + * + * Save the telegram user data in a cookie + * @return void + */ +function saveTelegramUserData($auth_data) { + $auth_data_json = json_encode($auth_data); + setcookie('tg_user', $auth_data_json); + } \ No newline at end of file diff --git a/template.php b/template.php index 286ac36..57a2178 100644 --- a/template.php +++ b/template.php @@ -1,3 +1,4 @@ +<<<<<<< HEAD
    -
    • + Logout'; + } else { + echo '
    • '; + } + ?>
From cea55bd2b858ae36b86d544364faa697fea94fdd Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 13:56:05 +0200 Subject: [PATCH 009/138] show my subscriptions --- index.php | 4 ++++ subscriptions.php | 30 ++++++++++++++++++++++++++++++ template.php | 1 + 3 files changed, 35 insertions(+) create mode 100644 subscriptions.php diff --git a/index.php b/index.php index c1df4f1..84da6ef 100644 --- a/index.php +++ b/index.php @@ -4,6 +4,10 @@ require_once("template.php"); if (!file_exists("config.php")) { require_once("install.php"); +} elseif(isset($_GET['do'])){ // we can add other actions with $_GET['do'] later. + if($_GET['do'] == "subscriptions"){ + require_once("subscriptions.php"); + } } else{ diff --git a/subscriptions.php b/subscriptions.php new file mode 100644 index 0000000..cd319d7 --- /dev/null +++ b/subscriptions.php @@ -0,0 +1,30 @@ +query("SELECT services.id, services.name, subscribers.subscriberID, subscribers.telegramID + FROM services + LEFT JOIN services_subscriber ON services_subscriber.serviceIDFK = services.id + LEFT JOIN subscribers ON services_subscriber.subscriberIDFK = subscribers.subscriberID + WHERE subscribers.telegramID =" . $tg_user['id']); +//$query = $mysqli->query("SELECT id, name FROM services"); +if ($query->num_rows){ + $timestamp = time(); + echo '

' . _("Your subscriptions") . "

"; + echo '
    '; + while($result = $query->fetch_assoc()) + { + echo '
  • ' . $result['name'] . '
    • '; + } + echo "
"; +} +} else{ + header('Location: index.php'); +} + +Template::render_footer(); \ No newline at end of file diff --git a/template.php b/template.php index 57a2178..73cf67d 100644 --- a/template.php +++ b/template.php @@ -70,6 +70,7 @@ class Template{ Subscriptions'; echo '
  • Logout
    • '; } else { echo '
    • '; From efe4c3d42f7f64d0ffd59644a7c15641a70f7aba Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 15:36:57 +0200 Subject: [PATCH 010/138] mange subscriptions --- classes/incident.php | 1 - subscriptions.php | 53 ++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 49 insertions(+), 5 deletions(-) diff --git a/classes/incident.php b/classes/incident.php index b1d4f62..be08731 100644 --- a/classes/incident.php +++ b/classes/incident.php @@ -170,7 +170,6 @@ class Incident implements JsonSerializable $tg_message = urlencode('Hi ' . $firstname . chr(10) . 'There is a status update on a service that you have subscribed. View online'); $response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $telegramID . "&parse_mode=HTML&text=" . $tg_message)); - print_r($response); } } diff --git a/subscriptions.php b/subscriptions.php index cd319d7..ef6eb58 100644 --- a/subscriptions.php +++ b/subscriptions.php @@ -7,22 +7,67 @@ $tg_user = getTelegramUserData(); if($tg_user !== false){ + if(isset($_GET['add'])){ + $service = $_GET['add']; + $query = $mysqli->query("SELECT * FROM subscribers WHERE telegramID=" . $tg_user['id']); + while($subscriber = $query->fetch_assoc()){ + $subscriberID = $subscriber['subscriberID']; + } + $stmt = $mysqli->prepare("INSERT INTO services_subscriber VALUES (NULL,?, ?)"); + $stmt->bind_param("ii", $subscriberID, $service); + $stmt->execute(); + $query = $stmt->get_result(); + header("Location: index.php?do=subscriptions"); + } + + if(isset($_GET['remove'])){ + $service = $_GET['remove']; + $query = $mysqli->query("SELECT * FROM subscribers WHERE telegramID=" . $tg_user['id']); + while($subscriber = $query->fetch_assoc()){ + $subscriberID = $subscriber['subscriberID']; + } + $stmt = $mysqli->prepare("DELETE FROM services_subscriber WHERE subscriberIDFK = ? AND serviceIDFK = ?"); + $stmt->bind_param("ii", $subscriberID, $service); + $stmt->execute(); + $query = $stmt->get_result(); + header("Location: index.php?do=subscriptions"); + } + $query = $mysqli->query("SELECT services.id, services.name, subscribers.subscriberID, subscribers.telegramID FROM services LEFT JOIN services_subscriber ON services_subscriber.serviceIDFK = services.id LEFT JOIN subscribers ON services_subscriber.subscriberIDFK = subscribers.subscriberID WHERE subscribers.telegramID =" . $tg_user['id']); -//$query = $mysqli->query("SELECT id, name FROM services"); if ($query->num_rows){ $timestamp = time(); echo '

    ' . _("Your subscriptions") . "

    "; - echo '
      '; + echo '
      '; + $subs = array(); while($result = $query->fetch_assoc()) { - echo '
    • ' . $result['name'] . '
      • '; + echo '' . $result['name'] . ''; + $subs[] = $result['name']; } - echo "
    "; + echo "
    "; } + +echo '

    ' . _("Add new subscription") . '

    '; + +$query = $mysqli->query("SELECT services.id, services.name from services"); +if ($query->num_rows){ + echo '
    '; + + while($result = $query->fetch_assoc()){ + if(empty($subs)){ + echo '' . $result['name'] . ''; + + } elseif(!in_array($result['name'], $subs)){ + echo '' . $result['name'] . ''; + } + } + echo '
    '; +} + } else{ header('Location: index.php'); } From d0d0572b829cefa804de299eb72307c683574246 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 16:17:28 +0200 Subject: [PATCH 011/138] removed unused lastname --- classes/incident.php | 1 - 1 file changed, 1 deletion(-) diff --git a/classes/incident.php b/classes/incident.php index be08731..f381cdd 100644 --- a/classes/incident.php +++ b/classes/incident.php @@ -166,7 +166,6 @@ class Incident implements JsonSerializable while($subscriberData = $subscriberQuery->fetch_assoc()){ $telegramID = $subscriberData['telegramID']; $firstname = $subscriberData['firstname']; - $lastname = $subscriberData['lastname']; $tg_message = urlencode('Hi ' . $firstname . chr(10) . 'There is a status update on a service that you have subscribed. View online'); $response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $telegramID . "&parse_mode=HTML&text=" . $tg_message)); From b005e77664d892b95290022bd5b1219842efe587 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 16:30:24 +0200 Subject: [PATCH 012/138] use unused value --- classes/incident.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/classes/incident.php b/classes/incident.php index f381cdd..8a1fbc9 100644 --- a/classes/incident.php +++ b/classes/incident.php @@ -168,11 +168,19 @@ class Incident implements JsonSerializable $firstname = $subscriberData['firstname']; $tg_message = urlencode('Hi ' . $firstname . chr(10) . 'There is a status update on a service that you have subscribed. View online'); - $response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $telegramID . "&parse_mode=HTML&text=" . $tg_message)); + $response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $telegramID . "&parse_mode=HTML&text=" . $tg_message), true); + if($response['ok'] == true){ + $tgsent = true; + } } } - header("Location: ".WEB_URL."/admin"); + if($tgsent){ + header("Location: ".WEB_URL."/admin?sent=true"); + + } else { + header("Location: ".WEB_URL."/admin?sent=false"); + } } } } From db6f705b6af2a53f7350889ed0168d1734b9a504 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 7 Jun 2018 20:20:39 +0200 Subject: [PATCH 013/138] show telegram menu in mobile --- template.php | 36 +++++++++++++++++++++++------------- 1 file changed, 23 insertions(+), 13 deletions(-) diff --git a/template.php b/template.php index 73cf67d..c4f00b3 100644 --- a/template.php +++ b/template.php @@ -55,10 +55,16 @@ class Template{ -
    -

    -
    " class="form-control" required>
    " class="form-control" required>
    -
    - +
    diff --git a/policy.php b/policy.php index 8b1d41a..d595653 100644 --- a/policy.php +++ b/policy.php @@ -38,5 +38,26 @@ echo "

    " . _("Contact") . "

    "; echo "##name##
    "; echo "##email##
    "; + echo '

    ' . _("Privacy Policy") . '

    '; + echo '

    ' . _("General") . "

    "; + echo _("General + Based on article 13 of the Swiss Federal Constitution and the and the data protection provisions of the Swiss Confederation + (Federal Act on Data Protection, FADP), every person has the right to be protected against the misuse of their personal + data and privacy. We stick to this law. Personal information is kept strictly confidential and will not passed or sold to third parties. + ") . "

    "; + echo _("In collaboration with our hosting provider we try our best to protect our + databases against access from third parties, losses, misuse or forgery. + ") . "

    "; + echo _("If you access our websites, the following informations will be saved: IP-address, Date, Time, Browser queries, + General informations about your browser, operating system and all search queries on the sites. + This user data will be used for anonym user statistics to recognize trends and improve our content. + ") . "

    "; + echo "

    " . _("Cookies") . "

    "; + echo _("This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. + In general, cookies are used to retain user preferences, store information for things like shopping carts, + and provide anonymised tracking data to third party applications like Google Analytics. + As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. + The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser + or taking a look at the About Cookies website which offers guidance for all modern browsers"); Template::render_footer(); From 1172eeaf1b2e052a28128ce2c4e0caf94e2f141a Mon Sep 17 00:00:00 2001 From: jhuesser Date: Tue, 12 Jun 2018 19:00:46 +0200 Subject: [PATCH 016/138] fix text --- install.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install.php b/install.php index 3e148bb..5e6ee76 100644 --- a/install.php +++ b/install.php @@ -118,7 +118,7 @@ if(isset($_POST['server']) && empty($message)) $config = str_replace("##name##", $_POST['servername'], $config); $config = str_replace("##title##", $_POST['title'], $config); $config = str_replace("##url##", $_POST['url'], $config); - $policy = str_replace("##mailer##", $_POST['mailer'], $policy); + $policy = str_replace("##email##", $_POST['mailer_email'], $policy); $config = str_replace("##mailer_email##", $_POST['mailer_email'], $config); $config = str_replace("##server##", $_POST['server'], $config); $config = str_replace("##database##", $_POST['database'], $config); @@ -136,7 +136,7 @@ if(isset($_POST['server']) && empty($message)) $config = str_replace("##tg_bot_username##", $_POST['tgbot'], $config); $policy = str_replace("##name##", $fullname, $policy); file_put_contents("config.php", $config); - + file_put_contents("policy.php", $policy); unlink("config.php.template"); unlink("install.sql"); From ecaf5aa58b9e52f160bab0b903f2367529067fd7 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Wed, 13 Jun 2018 10:44:02 +0200 Subject: [PATCH 017/138] add some conflicts --- template.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/template.php b/template.php index c4f00b3..f241b44 100644 --- a/template.php +++ b/template.php @@ -1,4 +1,3 @@ -<<<<<<< HEAD
    -
      +
        Subscriptions'; - echo '
      • Logout
        • '; + echo '
      • Logout
        • '; } else { echo '
        • '; }?> From b8daf45ac914eee77baa3b5aad44369cd27a5a02 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Sat, 16 Jun 2018 14:25:50 +0200 Subject: [PATCH 018/138] removed swiss law, added EU law --- policy.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/policy.php b/policy.php index d595653..68520af 100644 --- a/policy.php +++ b/policy.php @@ -41,9 +41,10 @@ echo '

        ' . _("Privacy Policy") . '

        '; echo '

        ' . _("General") . "

        "; echo _("General - Based on article 13 of the Swiss Federal Constitution and the and the data protection provisions of the Swiss Confederation - (Federal Act on Data Protection, FADP), every person has the right to be protected against the misuse of their personal - data and privacy. We stick to this law. Personal information is kept strictly confidential and will not passed or sold to third parties. + Based on regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons + with regard to the processing of personal data and on the free movement of such data, every person has the right to be protected against + the misuse of their personal data and privacy. We stick to this law. Personal information is kept strictly confidential and + will not passed or sold to third parties. ") . "

        "; echo _("In collaboration with our hosting provider we try our best to protect our databases against access from third parties, losses, misuse or forgery. From 51926b37b7dee11981932a93073e09e1e8e65fcf Mon Sep 17 00:00:00 2001 From: jhuesser Date: Sat, 16 Jun 2018 14:26:03 +0200 Subject: [PATCH 019/138] spelling --- policy.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/policy.php b/policy.php index 68520af..f21b7f7 100644 --- a/policy.php +++ b/policy.php @@ -49,8 +49,8 @@ echo _("In collaboration with our hosting provider we try our best to protect our databases against access from third parties, losses, misuse or forgery. ") . "

        "; - echo _("If you access our websites, the following informations will be saved: IP-address, Date, Time, Browser queries, - General informations about your browser, operating system and all search queries on the sites. + echo _("If you access our websites, the following information will be saved: IP-address, Date, Time, Browser queries, + General information about your browser, operating system and all search queries on the sites. This user data will be used for anonym user statistics to recognize trends and improve our content. ") . "

        "; echo "

        " . _("Cookies") . "

        "; From df4c08d8c863821f3b67cbd09df3bb7db749c56e Mon Sep 17 00:00:00 2001 From: jhuesser Date: Sat, 16 Jun 2018 14:42:40 +0200 Subject: [PATCH 020/138] added titles + third party --- policy.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/policy.php b/policy.php index f21b7f7..5a9f6b3 100644 --- a/policy.php +++ b/policy.php @@ -46,13 +46,17 @@ the misuse of their personal data and privacy. We stick to this law. Personal information is kept strictly confidential and will not passed or sold to third parties. ") . "

        "; + echo "

        " . _("How we protect your data") . "

        "; echo _("In collaboration with our hosting provider we try our best to protect our databases against access from third parties, losses, misuse or forgery. ") . "

        "; + echo "

        " . _("Personal data we collect") . "

        "; echo _("If you access our websites, the following information will be saved: IP-address, Date, Time, Browser queries, General information about your browser, operating system and all search queries on the sites. This user data will be used for anonym user statistics to recognize trends and improve our content. ") . "

        "; + echo "

        " . _("Third party that receive your personal data") . "

        "; + echo "We don't share any of your data with a third party."; echo "

        " . _("Cookies") . "

        "; echo _("This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, From 8ffd5f99068021e8de2d91d5dd8845b7c0867753 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Fri, 13 Jul 2018 10:00:40 +0200 Subject: [PATCH 021/138] added policy form --- install.php | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/install.php b/install.php index 5e6ee76..c5e515a 100644 --- a/install.php +++ b/install.php @@ -111,14 +111,12 @@ if(isset($_POST['server']) && empty($message)) if (empty($message)) { - $fullname = $_POST['surname'] . " " . $_POST['name']; - //Create config & privacy policy + //Create config $config = file_get_contents("config.php.template"); - $policy = file_get_contents("policy.php"); $config = str_replace("##name##", $_POST['servername'], $config); $config = str_replace("##title##", $_POST['title'], $config); $config = str_replace("##url##", $_POST['url'], $config); - $policy = str_replace("##email##", $_POST['mailer_email'], $policy); + $config = str_replace("##mailer##", $_POST['mailer'], $config); $config = str_replace("##mailer_email##", $_POST['mailer_email'], $config); $config = str_replace("##server##", $_POST['server'], $config); $config = str_replace("##database##", $_POST['database'], $config); @@ -137,7 +135,7 @@ if(isset($_POST['server']) && empty($message)) $policy = str_replace("##name##", $fullname, $policy); file_put_contents("config.php", $config); file_put_contents("policy.php", $policy); - + unlink("config.php.template"); unlink("install.sql"); unlink(__FILE__); From 66c13a32cc9c02db6dbe619da135064e9eb9038d Mon Sep 17 00:00:00 2001 From: jhuesser Date: Fri, 13 Jul 2018 10:22:06 +0200 Subject: [PATCH 022/138] created default policy --- policy.php | 33 ++++++++++++++++----------------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/policy.php b/policy.php index 5a9f6b3..08b11c0 100644 --- a/policy.php +++ b/policy.php @@ -35,28 +35,27 @@ or taking a look at the About Cookies website which offers guidance for all modern browsers"); echo "

        " . _("Contact & Privacy Policy") . "

        "; + echo "

        " . _("Privcacy Policy") . "

        "; + echo "

        " . _("Who we are") . "

        "; + echo WHO_WE_ARE; echo "

        " . _("Contact") . "

        "; - echo "##name##
        "; - echo "##email##
        "; - echo '

        ' . _("Privacy Policy") . '

        '; - echo '

        ' . _("General") . "

        "; - echo _("General - Based on regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons - with regard to the processing of personal data and on the free movement of such data, every person has the right to be protected against - the misuse of their personal data and privacy. We stick to this law. Personal information is kept strictly confidential and - will not passed or sold to third parties. - ") . "

        "; - echo "

        " . _("How we protect your data") . "

        "; - echo _("In collaboration with our hosting provider we try our best to protect our - databases against access from third parties, losses, misuse or forgery. - ") . "

        "; - echo "

        " . _("Personal data we collect") . "

        "; + echo POLICY_NAME . "
        "; + echo ADDRESS . "
        "; + echo POLICY_MAIL . "
        "; + echo POLICY_PHONE . "
        "; + + echo '

        ' . _("What personal data we collect and why") . '

        '; + echo '

        ' . _("Global") . "

        "; echo _("If you access our websites, the following information will be saved: IP-address, Date, Time, Browser queries, General information about your browser, operating system and all search queries on the sites. This user data will be used for anonym user statistics to recognize trends and improve our content. ") . "

        "; - echo "

        " . _("Third party that receive your personal data") . "

        "; - echo "We don't share any of your data with a third party."; + echo "

        " . _("How we protect your data") . "

        "; + echo _("In collaboration with our hosting provider we try our best to protect our + databases against access from third parties, losses, misuse or forgery. + ") . "

        "; + echo "

        " . _("Third party that receive your personal data") . ""; + echo "Our hosting provider can access the date we store on their server. We have a data processing agreement with them."; echo "

        " . _("Cookies") . "

        "; echo _("This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, From a57f6e2f86e1860f3cf83e72b485c478443616ba Mon Sep 17 00:00:00 2001 From: jhuesser Date: Fri, 13 Jul 2018 17:10:03 +0200 Subject: [PATCH 023/138] after work commit [not working] not working, but i need to push it to have it on my other locations --- install.php | 8 ++++++++ policy.php | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/install.php b/install.php index c5e515a..87ed869 100644 --- a/install.php +++ b/install.php @@ -242,6 +242,7 @@ if (!empty($message))
        " class="form-control" required>
    +<<<<<<< HEAD
    " class="form-control" required>
    " class="form-control">
    @@ -255,6 +256,13 @@ if (!empty($message))
    " class="form-control" required>
    " class="form-control" required>
    +======= +
    " class="form-control" required>
    +
    " class="form-control">
    +
    +
    +
    +>>>>>>> after work commit [not working]
    diff --git a/policy.php b/policy.php index 08b11c0..3c40361 100644 --- a/policy.php +++ b/policy.php @@ -54,7 +54,7 @@ echo _("In collaboration with our hosting provider we try our best to protect our databases against access from third parties, losses, misuse or forgery. ") . "

    "; - echo "

    " . _("Third party that receive your personal data") . ""; + echo "

    " . _("Third party that receive your personal data") . "

    "; echo "Our hosting provider can access the date we store on their server. We have a data processing agreement with them."; echo "

    " . _("Cookies") . "

    "; echo _("This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. From cbc5fd2854d145c50259e8c7793ea2488a8ea96a Mon Sep 17 00:00:00 2001 From: jhuesser Date: Tue, 31 Jul 2018 11:17:33 +0200 Subject: [PATCH 024/138] some fixes (still dont work) --- install.php | 9 --------- 1 file changed, 9 deletions(-) diff --git a/install.php b/install.php index 87ed869..a9d0c06 100644 --- a/install.php +++ b/install.php @@ -242,7 +242,6 @@ if (!empty($message))
    " class="form-control" required>
    -<<<<<<< HEAD
    " class="form-control" required>
    " class="form-control">
    @@ -256,14 +255,6 @@ if (!empty($message))
    " class="form-control" required>
    " class="form-control" required>
    -======= -
    " class="form-control" required>
    -
    " class="form-control">
    -
    -
    -
    ->>>>>>> after work commit [not working] -
    From ba6e3f41443791f97be23f50b2e9e401f49ad633 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 2 Aug 2018 10:07:59 +0200 Subject: [PATCH 025/138]
    handler for POLICY_PHONE --- policy.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/policy.php b/policy.php index 3c40361..d847c1a 100644 --- a/policy.php +++ b/policy.php @@ -42,7 +42,9 @@ echo POLICY_NAME . "
    "; echo ADDRESS . "
    "; echo POLICY_MAIL . "
    "; - echo POLICY_PHONE . "
    "; + if(defined('POLICY_PHONE') && POLICY_PHONE != ""){ + echo POLICY_PHONE . "
    "; + } echo '

    ' . _("What personal data we collect and why") . '

    '; echo '

    ' . _("Global") . "

    "; From 1431964afc40f74ff9fddc7455dcf1836dbebd34 Mon Sep 17 00:00:00 2001 From: jhuesser Date: Thu, 2 Aug 2018 13:58:32 +0200 Subject: [PATCH 026/138] added telegram to privacy policy --- policy.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/policy.php b/policy.php index d847c1a..0759b83 100644 --- a/policy.php +++ b/policy.php @@ -19,7 +19,18 @@ echo _("If you access our websites, the following information will be saved: IP-address, Date, Time, Browser queries, General information about your browser, operating system and all search queries on the sites. This user data will be used for anonym user statistics to recognize trends and improve our content. - ") . "

    "; + ") . "
    "; + echo '

    ' . _("Telegram") . "

    "; + echo _("If you use the Telegram Login Widget (The blue \"Login with Telegram\" button), we recive the following data from the service \"Telegram\" (telegram.org):"); + echo '
      +
    • ' . _("Your Telegram-User-ID") . "
      • +
    • " . _("Your Telegram username") . '
      • +
    • ' . _("The name you provided when registering with Telegram.") . '
      • +
    • ' . _("Your telegram profile picture") . '
      • +
    '; + echo _("Although we are receiving this data, we only save your telegram ID, your telegram username and the first and last name you provided telegram when registred for their service."); + echo _("We are saving this data, to provide a subscription service which alerts you about status update via our telegram bot. With this data we know who we need to send the alert to. Also we know your name, so we can say hi to you."); + echo _("Because of this, we also save who has subscribed which service."); echo "

    " . _("How we protect your data") . "

    "; echo _("In collaboration with our hosting provider we try our best to protect our databases against access from third parties, losses, misuse or forgery. From 23cf02f608cd62a21c5c39a627eff728f7c5607e Mon Sep 17 00:00:00 2001 From: thnilsen Date: Thu, 8 Nov 2018 20:08:11 +0100 Subject: [PATCH 027/138] Replace hardcoded urls with constants from config. --- subscriptions.php | 8 ++++---- template.php | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/subscriptions.php b/subscriptions.php index ef6eb58..ee7dec1 100644 --- a/subscriptions.php +++ b/subscriptions.php @@ -45,7 +45,7 @@ if ($query->num_rows){ $subs = array(); while($result = $query->fetch_assoc()) { - echo '' . $result['name'] . ''; + echo '' . $result['name'] . ''; $subs[] = $result['name']; } echo "
    "; @@ -59,10 +59,10 @@ if ($query->num_rows){ while($result = $query->fetch_assoc()){ if(empty($subs)){ - echo '' . $result['name'] . ''; + echo '' . $result['name'] . ''; } elseif(!in_array($result['name'], $subs)){ - echo '' . $result['name'] . ''; + echo '' . $result['name'] . ''; } } echo ''; @@ -72,4 +72,4 @@ if ($query->num_rows){ header('Location: index.php'); } -Template::render_footer(); \ No newline at end of file +Template::render_footer(); diff --git a/template.php b/template.php index f241b44..764f3c7 100644 --- a/template.php +++ b/template.php @@ -76,9 +76,9 @@ class Template{ $tg_user = getTelegramUserData(); if($tg_user !== false){ echo'
  • Subscriptions
    • '; - echo '
  • Logout
    • '; + echo '
  • Logout
    • '; } else { - echo '
    • '; + echo '
    • '; }?> @@ -201,4 +201,4 @@ class Template{ Date: Thu, 8 Nov 2018 21:05:38 +0100 Subject: [PATCH 028/138] Fix formating/repeat issue for install form --- install.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/install.php b/install.php index a9d0c06..75ca5e6 100644 --- a/install.php +++ b/install.php @@ -234,8 +234,18 @@ if (!empty($message))
    +

    + + +
    +
    " class="form-control" required>
    +
    " class="form-control" required>
    +
    +
    + +

    - +
    " class="form-control" required>
    From 3ff19c0be563bf593c447634988da88b261fbf7d Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Fri, 23 Nov 2018 23:23:19 +0100 Subject: [PATCH 029/138] Added parsedown support libraries based on paresedown.org --- libs/parsedown/LICENSE.txt | 20 + libs/parsedown/Parsedown.php | 1980 ++++++++++++++++++++++++++++++++++ libs/parsedown/README.md | 97 ++ 3 files changed, 2097 insertions(+) create mode 100644 libs/parsedown/LICENSE.txt create mode 100644 libs/parsedown/Parsedown.php create mode 100644 libs/parsedown/README.md diff --git a/libs/parsedown/LICENSE.txt b/libs/parsedown/LICENSE.txt new file mode 100644 index 0000000..8e7c764 --- /dev/null +++ b/libs/parsedown/LICENSE.txt @@ -0,0 +1,20 @@ +The MIT License (MIT) + +Copyright (c) 2013-2018 Emanuil Rusev, erusev.com + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/libs/parsedown/Parsedown.php b/libs/parsedown/Parsedown.php new file mode 100644 index 0000000..b8adb05 --- /dev/null +++ b/libs/parsedown/Parsedown.php @@ -0,0 +1,1980 @@ +textElements($text); + + # convert to markup + $markup = $this->elements($Elements); + + # trim line breaks + $markup = trim($markup, "\n"); + + return $markup; + } + + protected function textElements($text) + { + # make sure no definitions are set + $this->DefinitionData = array(); + + # standardize line breaks + $text = str_replace(array("\r\n", "\r"), "\n", $text); + + # remove surrounding line breaks + $text = trim($text, "\n"); + + # split text into lines + $lines = explode("\n", $text); + + # iterate through lines to identify blocks + return $this->linesElements($lines); + } + + # + # Setters + # + + function setBreaksEnabled($breaksEnabled) + { + $this->breaksEnabled = $breaksEnabled; + + return $this; + } + + protected $breaksEnabled; + + function setMarkupEscaped($markupEscaped) + { + $this->markupEscaped = $markupEscaped; + + return $this; + } + + protected $markupEscaped; + + function setUrlsLinked($urlsLinked) + { + $this->urlsLinked = $urlsLinked; + + return $this; + } + + protected $urlsLinked = true; + + function setSafeMode($safeMode) + { + $this->safeMode = (bool) $safeMode; + + return $this; + } + + protected $safeMode; + + function setStrictMode($strictMode) + { + $this->strictMode = (bool) $strictMode; + + return $this; + } + + protected $strictMode; + + protected $safeLinksWhitelist = array( + 'http://', + 'https://', + 'ftp://', + 'ftps://', + 'mailto:', + 'tel:', + 'data:image/png;base64,', + 'data:image/gif;base64,', + 'data:image/jpeg;base64,', + 'irc:', + 'ircs:', + 'git:', + 'ssh:', + 'news:', + 'steam:', + ); + + # + # Lines + # + + protected $BlockTypes = array( + '#' => array('Header'), + '*' => array('Rule', 'List'), + '+' => array('List'), + '-' => array('SetextHeader', 'Table', 'Rule', 'List'), + '0' => array('List'), + '1' => array('List'), + '2' => array('List'), + '3' => array('List'), + '4' => array('List'), + '5' => array('List'), + '6' => array('List'), + '7' => array('List'), + '8' => array('List'), + '9' => array('List'), + ':' => array('Table'), + '<' => array('Comment', 'Markup'), + '=' => array('SetextHeader'), + '>' => array('Quote'), + '[' => array('Reference'), + '_' => array('Rule'), + '`' => array('FencedCode'), + '|' => array('Table'), + '~' => array('FencedCode'), + ); + + # ~ + + protected $unmarkedBlockTypes = array( + 'Code', + ); + + # + # Blocks + # + + protected function lines(array $lines) + { + return $this->elements($this->linesElements($lines)); + } + + protected function linesElements(array $lines) + { + $Elements = array(); + $CurrentBlock = null; + + foreach ($lines as $line) + { + if (chop($line) === '') + { + if (isset($CurrentBlock)) + { + $CurrentBlock['interrupted'] = (isset($CurrentBlock['interrupted']) + ? $CurrentBlock['interrupted'] + 1 : 1 + ); + } + + continue; + } + + while (($beforeTab = strstr($line, "\t", true)) !== false) + { + $shortage = 4 - mb_strlen($beforeTab, 'utf-8') % 4; + + $line = $beforeTab + . str_repeat(' ', $shortage) + . substr($line, strlen($beforeTab) + 1) + ; + } + + $indent = strspn($line, ' '); + + $text = $indent > 0 ? substr($line, $indent) : $line; + + # ~ + + $Line = array('body' => $line, 'indent' => $indent, 'text' => $text); + + # ~ + + if (isset($CurrentBlock['continuable'])) + { + $methodName = 'block' . $CurrentBlock['type'] . 'Continue'; + $Block = $this->$methodName($Line, $CurrentBlock); + + if (isset($Block)) + { + $CurrentBlock = $Block; + + continue; + } + else + { + if ($this->isBlockCompletable($CurrentBlock['type'])) + { + $methodName = 'block' . $CurrentBlock['type'] . 'Complete'; + $CurrentBlock = $this->$methodName($CurrentBlock); + } + } + } + + # ~ + + $marker = $text[0]; + + # ~ + + $blockTypes = $this->unmarkedBlockTypes; + + if (isset($this->BlockTypes[$marker])) + { + foreach ($this->BlockTypes[$marker] as $blockType) + { + $blockTypes []= $blockType; + } + } + + # + # ~ + + foreach ($blockTypes as $blockType) + { + $Block = $this->{"block$blockType"}($Line, $CurrentBlock); + + if (isset($Block)) + { + $Block['type'] = $blockType; + + if ( ! isset($Block['identified'])) + { + if (isset($CurrentBlock)) + { + $Elements[] = $this->extractElement($CurrentBlock); + } + + $Block['identified'] = true; + } + + if ($this->isBlockContinuable($blockType)) + { + $Block['continuable'] = true; + } + + $CurrentBlock = $Block; + + continue 2; + } + } + + # ~ + + if (isset($CurrentBlock) and $CurrentBlock['type'] === 'Paragraph') + { + $Block = $this->paragraphContinue($Line, $CurrentBlock); + } + + if (isset($Block)) + { + $CurrentBlock = $Block; + } + else + { + if (isset($CurrentBlock)) + { + $Elements[] = $this->extractElement($CurrentBlock); + } + + $CurrentBlock = $this->paragraph($Line); + + $CurrentBlock['identified'] = true; + } + } + + # ~ + + if (isset($CurrentBlock['continuable']) and $this->isBlockCompletable($CurrentBlock['type'])) + { + $methodName = 'block' . $CurrentBlock['type'] . 'Complete'; + $CurrentBlock = $this->$methodName($CurrentBlock); + } + + # ~ + + if (isset($CurrentBlock)) + { + $Elements[] = $this->extractElement($CurrentBlock); + } + + # ~ + + return $Elements; + } + + protected function extractElement(array $Component) + { + if ( ! isset($Component['element'])) + { + if (isset($Component['markup'])) + { + $Component['element'] = array('rawHtml' => $Component['markup']); + } + elseif (isset($Component['hidden'])) + { + $Component['element'] = array(); + } + } + + return $Component['element']; + } + + protected function isBlockContinuable($Type) + { + return method_exists($this, 'block' . $Type . 'Continue'); + } + + protected function isBlockCompletable($Type) + { + return method_exists($this, 'block' . $Type . 'Complete'); + } + + # + # Code + + protected function blockCode($Line, $Block = null) + { + if (isset($Block) and $Block['type'] === 'Paragraph' and ! isset($Block['interrupted'])) + { + return; + } + + if ($Line['indent'] >= 4) + { + $text = substr($Line['body'], 4); + + $Block = array( + 'element' => array( + 'name' => 'pre', + 'element' => array( + 'name' => 'code', + 'text' => $text, + ), + ), + ); + + return $Block; + } + } + + protected function blockCodeContinue($Line, $Block) + { + if ($Line['indent'] >= 4) + { + if (isset($Block['interrupted'])) + { + $Block['element']['element']['text'] .= str_repeat("\n", $Block['interrupted']); + + unset($Block['interrupted']); + } + + $Block['element']['element']['text'] .= "\n"; + + $text = substr($Line['body'], 4); + + $Block['element']['element']['text'] .= $text; + + return $Block; + } + } + + protected function blockCodeComplete($Block) + { + return $Block; + } + + # + # Comment + + protected function blockComment($Line) + { + if ($this->markupEscaped or $this->safeMode) + { + return; + } + + if (strpos($Line['text'], '') !== false) + { + $Block['closed'] = true; + } + + return $Block; + } + } + + protected function blockCommentContinue($Line, array $Block) + { + if (isset($Block['closed'])) + { + return; + } + + $Block['element']['rawHtml'] .= "\n" . $Line['body']; + + if (strpos($Line['text'], '-->') !== false) + { + $Block['closed'] = true; + } + + return $Block; + } + + # + # Fenced Code + + protected function blockFencedCode($Line) + { + $marker = $Line['text'][0]; + + $openerLength = strspn($Line['text'], $marker); + + if ($openerLength < 3) + { + return; + } + + $infostring = trim(substr($Line['text'], $openerLength), "\t "); + + if (strpos($infostring, '`') !== false) + { + return; + } + + $Element = array( + 'name' => 'code', + 'text' => '', + ); + + if ($infostring !== '') + { + $Element['attributes'] = array('class' => "language-$infostring"); + } + + $Block = array( + 'char' => $marker, + 'openerLength' => $openerLength, + 'element' => array( + 'name' => 'pre', + 'element' => $Element, + ), + ); + + return $Block; + } + + protected function blockFencedCodeContinue($Line, $Block) + { + if (isset($Block['complete'])) + { + return; + } + + if (isset($Block['interrupted'])) + { + $Block['element']['element']['text'] .= str_repeat("\n", $Block['interrupted']); + + unset($Block['interrupted']); + } + + if (($len = strspn($Line['text'], $Block['char'])) >= $Block['openerLength'] + and chop(substr($Line['text'], $len), ' ') === '' + ) { + $Block['element']['element']['text'] = substr($Block['element']['element']['text'], 1); + + $Block['complete'] = true; + + return $Block; + } + + $Block['element']['element']['text'] .= "\n" . $Line['body']; + + return $Block; + } + + protected function blockFencedCodeComplete($Block) + { + return $Block; + } + + # + # Header + + protected function blockHeader($Line) + { + $level = strspn($Line['text'], '#'); + + if ($level > 6) + { + return; + } + + $text = trim($Line['text'], '#'); + + if ($this->strictMode and isset($text[0]) and $text[0] !== ' ') + { + return; + } + + $text = trim($text, ' '); + + $Block = array( + 'element' => array( + 'name' => 'h' . $level, + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $text, + 'destination' => 'elements', + ) + ), + ); + + return $Block; + } + + # + # List + + protected function blockList($Line, array $CurrentBlock = null) + { + list($name, $pattern) = $Line['text'][0] <= '-' ? array('ul', '[*+-]') : array('ol', '[0-9]{1,9}+[.\)]'); + + if (preg_match('/^('.$pattern.'([ ]++|$))(.*+)/', $Line['text'], $matches)) + { + $contentIndent = strlen($matches[2]); + + if ($contentIndent >= 5) + { + $contentIndent -= 1; + $matches[1] = substr($matches[1], 0, -$contentIndent); + $matches[3] = str_repeat(' ', $contentIndent) . $matches[3]; + } + elseif ($contentIndent === 0) + { + $matches[1] .= ' '; + } + + $markerWithoutWhitespace = strstr($matches[1], ' ', true); + + $Block = array( + 'indent' => $Line['indent'], + 'pattern' => $pattern, + 'data' => array( + 'type' => $name, + 'marker' => $matches[1], + 'markerType' => ($name === 'ul' ? $markerWithoutWhitespace : substr($markerWithoutWhitespace, -1)), + ), + 'element' => array( + 'name' => $name, + 'elements' => array(), + ), + ); + $Block['data']['markerTypeRegex'] = preg_quote($Block['data']['markerType'], '/'); + + if ($name === 'ol') + { + $listStart = ltrim(strstr($matches[1], $Block['data']['markerType'], true), '0') ?: '0'; + + if ($listStart !== '1') + { + if ( + isset($CurrentBlock) + and $CurrentBlock['type'] === 'Paragraph' + and ! isset($CurrentBlock['interrupted']) + ) { + return; + } + + $Block['element']['attributes'] = array('start' => $listStart); + } + } + + $Block['li'] = array( + 'name' => 'li', + 'handler' => array( + 'function' => 'li', + 'argument' => !empty($matches[3]) ? array($matches[3]) : array(), + 'destination' => 'elements' + ) + ); + + $Block['element']['elements'] []= & $Block['li']; + + return $Block; + } + } + + protected function blockListContinue($Line, array $Block) + { + if (isset($Block['interrupted']) and empty($Block['li']['handler']['argument'])) + { + return null; + } + + $requiredIndent = ($Block['indent'] + strlen($Block['data']['marker'])); + + if ($Line['indent'] < $requiredIndent + and ( + ( + $Block['data']['type'] === 'ol' + and preg_match('/^[0-9]++'.$Block['data']['markerTypeRegex'].'(?:[ ]++(.*)|$)/', $Line['text'], $matches) + ) or ( + $Block['data']['type'] === 'ul' + and preg_match('/^'.$Block['data']['markerTypeRegex'].'(?:[ ]++(.*)|$)/', $Line['text'], $matches) + ) + ) + ) { + if (isset($Block['interrupted'])) + { + $Block['li']['handler']['argument'] []= ''; + + $Block['loose'] = true; + + unset($Block['interrupted']); + } + + unset($Block['li']); + + $text = isset($matches[1]) ? $matches[1] : ''; + + $Block['indent'] = $Line['indent']; + + $Block['li'] = array( + 'name' => 'li', + 'handler' => array( + 'function' => 'li', + 'argument' => array($text), + 'destination' => 'elements' + ) + ); + + $Block['element']['elements'] []= & $Block['li']; + + return $Block; + } + elseif ($Line['indent'] < $requiredIndent and $this->blockList($Line)) + { + return null; + } + + if ($Line['text'][0] === '[' and $this->blockReference($Line)) + { + return $Block; + } + + if ($Line['indent'] >= $requiredIndent) + { + if (isset($Block['interrupted'])) + { + $Block['li']['handler']['argument'] []= ''; + + $Block['loose'] = true; + + unset($Block['interrupted']); + } + + $text = substr($Line['body'], $requiredIndent); + + $Block['li']['handler']['argument'] []= $text; + + return $Block; + } + + if ( ! isset($Block['interrupted'])) + { + $text = preg_replace('/^[ ]{0,'.$requiredIndent.'}+/', '', $Line['body']); + + $Block['li']['handler']['argument'] []= $text; + + return $Block; + } + } + + protected function blockListComplete(array $Block) + { + if (isset($Block['loose'])) + { + foreach ($Block['element']['elements'] as &$li) + { + if (end($li['handler']['argument']) !== '') + { + $li['handler']['argument'] []= ''; + } + } + } + + return $Block; + } + + # + # Quote + + protected function blockQuote($Line) + { + if (preg_match('/^>[ ]?+(.*+)/', $Line['text'], $matches)) + { + $Block = array( + 'element' => array( + 'name' => 'blockquote', + 'handler' => array( + 'function' => 'linesElements', + 'argument' => (array) $matches[1], + 'destination' => 'elements', + ) + ), + ); + + return $Block; + } + } + + protected function blockQuoteContinue($Line, array $Block) + { + if (isset($Block['interrupted'])) + { + return; + } + + if ($Line['text'][0] === '>' and preg_match('/^>[ ]?+(.*+)/', $Line['text'], $matches)) + { + $Block['element']['handler']['argument'] []= $matches[1]; + + return $Block; + } + + if ( ! isset($Block['interrupted'])) + { + $Block['element']['handler']['argument'] []= $Line['text']; + + return $Block; + } + } + + # + # Rule + + protected function blockRule($Line) + { + $marker = $Line['text'][0]; + + if (substr_count($Line['text'], $marker) >= 3 and chop($Line['text'], " $marker") === '') + { + $Block = array( + 'element' => array( + 'name' => 'hr', + ), + ); + + return $Block; + } + } + + # + # Setext + + protected function blockSetextHeader($Line, array $Block = null) + { + if ( ! isset($Block) or $Block['type'] !== 'Paragraph' or isset($Block['interrupted'])) + { + return; + } + + if ($Line['indent'] < 4 and chop(chop($Line['text'], ' '), $Line['text'][0]) === '') + { + $Block['element']['name'] = $Line['text'][0] === '=' ? 'h1' : 'h2'; + + return $Block; + } + } + + # + # Markup + + protected function blockMarkup($Line) + { + if ($this->markupEscaped or $this->safeMode) + { + return; + } + + if (preg_match('/^<[\/]?+(\w*)(?:[ ]*+'.$this->regexHtmlAttribute.')*+[ ]*+(\/)?>/', $Line['text'], $matches)) + { + $element = strtolower($matches[1]); + + if (in_array($element, $this->textLevelElements)) + { + return; + } + + $Block = array( + 'name' => $matches[1], + 'element' => array( + 'rawHtml' => $Line['text'], + 'autobreak' => true, + ), + ); + + return $Block; + } + } + + protected function blockMarkupContinue($Line, array $Block) + { + if (isset($Block['closed']) or isset($Block['interrupted'])) + { + return; + } + + $Block['element']['rawHtml'] .= "\n" . $Line['body']; + + return $Block; + } + + # + # Reference + + protected function blockReference($Line) + { + if (strpos($Line['text'], ']') !== false + and preg_match('/^\[(.+?)\]:[ ]*+?(?:[ ]+["\'(](.+)["\')])?[ ]*+$/', $Line['text'], $matches) + ) { + $id = strtolower($matches[1]); + + $Data = array( + 'url' => $matches[2], + 'title' => isset($matches[3]) ? $matches[3] : null, + ); + + $this->DefinitionData['Reference'][$id] = $Data; + + $Block = array( + 'element' => array(), + ); + + return $Block; + } + } + + # + # Table + + protected function blockTable($Line, array $Block = null) + { + if ( ! isset($Block) or $Block['type'] !== 'Paragraph' or isset($Block['interrupted'])) + { + return; + } + + if ( + strpos($Block['element']['handler']['argument'], '|') === false + and strpos($Line['text'], '|') === false + and strpos($Line['text'], ':') === false + or strpos($Block['element']['handler']['argument'], "\n") !== false + ) { + return; + } + + if (chop($Line['text'], ' -:|') !== '') + { + return; + } + + $alignments = array(); + + $divider = $Line['text']; + + $divider = trim($divider); + $divider = trim($divider, '|'); + + $dividerCells = explode('|', $divider); + + foreach ($dividerCells as $dividerCell) + { + $dividerCell = trim($dividerCell); + + if ($dividerCell === '') + { + return; + } + + $alignment = null; + + if ($dividerCell[0] === ':') + { + $alignment = 'left'; + } + + if (substr($dividerCell, - 1) === ':') + { + $alignment = $alignment === 'left' ? 'center' : 'right'; + } + + $alignments []= $alignment; + } + + # ~ + + $HeaderElements = array(); + + $header = $Block['element']['handler']['argument']; + + $header = trim($header); + $header = trim($header, '|'); + + $headerCells = explode('|', $header); + + if (count($headerCells) !== count($alignments)) + { + return; + } + + foreach ($headerCells as $index => $headerCell) + { + $headerCell = trim($headerCell); + + $HeaderElement = array( + 'name' => 'th', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $headerCell, + 'destination' => 'elements', + ) + ); + + if (isset($alignments[$index])) + { + $alignment = $alignments[$index]; + + $HeaderElement['attributes'] = array( + 'style' => "text-align: $alignment;", + ); + } + + $HeaderElements []= $HeaderElement; + } + + # ~ + + $Block = array( + 'alignments' => $alignments, + 'identified' => true, + 'element' => array( + 'name' => 'table', + 'elements' => array(), + ), + ); + + $Block['element']['elements'] []= array( + 'name' => 'thead', + ); + + $Block['element']['elements'] []= array( + 'name' => 'tbody', + 'elements' => array(), + ); + + $Block['element']['elements'][0]['elements'] []= array( + 'name' => 'tr', + 'elements' => $HeaderElements, + ); + + return $Block; + } + + protected function blockTableContinue($Line, array $Block) + { + if (isset($Block['interrupted'])) + { + return; + } + + if (count($Block['alignments']) === 1 or $Line['text'][0] === '|' or strpos($Line['text'], '|')) + { + $Elements = array(); + + $row = $Line['text']; + + $row = trim($row); + $row = trim($row, '|'); + + preg_match_all('/(?:(\\\\[|])|[^|`]|`[^`]++`|`)++/', $row, $matches); + + $cells = array_slice($matches[0], 0, count($Block['alignments'])); + + foreach ($cells as $index => $cell) + { + $cell = trim($cell); + + $Element = array( + 'name' => 'td', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $cell, + 'destination' => 'elements', + ) + ); + + if (isset($Block['alignments'][$index])) + { + $Element['attributes'] = array( + 'style' => 'text-align: ' . $Block['alignments'][$index] . ';', + ); + } + + $Elements []= $Element; + } + + $Element = array( + 'name' => 'tr', + 'elements' => $Elements, + ); + + $Block['element']['elements'][1]['elements'] []= $Element; + + return $Block; + } + } + + # + # ~ + # + + protected function paragraph($Line) + { + return array( + 'type' => 'Paragraph', + 'element' => array( + 'name' => 'p', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $Line['text'], + 'destination' => 'elements', + ), + ), + ); + } + + protected function paragraphContinue($Line, array $Block) + { + if (isset($Block['interrupted'])) + { + return; + } + + $Block['element']['handler']['argument'] .= "\n".$Line['text']; + + return $Block; + } + + # + # Inline Elements + # + + protected $InlineTypes = array( + '!' => array('Image'), + '&' => array('SpecialCharacter'), + '*' => array('Emphasis'), + ':' => array('Url'), + '<' => array('UrlTag', 'EmailTag', 'Markup'), + '[' => array('Link'), + '_' => array('Emphasis'), + '`' => array('Code'), + '~' => array('Strikethrough'), + '\\' => array('EscapeSequence'), + ); + + # ~ + + protected $inlineMarkerList = '!*_&[:<`~\\'; + + # + # ~ + # + + public function line($text, $nonNestables = array()) + { + return $this->elements($this->lineElements($text, $nonNestables)); + } + + protected function lineElements($text, $nonNestables = array()) + { + # standardize line breaks + $text = str_replace(array("\r\n", "\r"), "\n", $text); + + $Elements = array(); + + $nonNestables = (empty($nonNestables) + ? array() + : array_combine($nonNestables, $nonNestables) + ); + + # $excerpt is based on the first occurrence of a marker + + while ($excerpt = strpbrk($text, $this->inlineMarkerList)) + { + $marker = $excerpt[0]; + + $markerPosition = strlen($text) - strlen($excerpt); + + $Excerpt = array('text' => $excerpt, 'context' => $text); + + foreach ($this->InlineTypes[$marker] as $inlineType) + { + # check to see if the current inline type is nestable in the current context + + if (isset($nonNestables[$inlineType])) + { + continue; + } + + $Inline = $this->{"inline$inlineType"}($Excerpt); + + if ( ! isset($Inline)) + { + continue; + } + + # makes sure that the inline belongs to "our" marker + + if (isset($Inline['position']) and $Inline['position'] > $markerPosition) + { + continue; + } + + # sets a default inline position + + if ( ! isset($Inline['position'])) + { + $Inline['position'] = $markerPosition; + } + + # cause the new element to 'inherit' our non nestables + + + $Inline['element']['nonNestables'] = isset($Inline['element']['nonNestables']) + ? array_merge($Inline['element']['nonNestables'], $nonNestables) + : $nonNestables + ; + + # the text that comes before the inline + $unmarkedText = substr($text, 0, $Inline['position']); + + # compile the unmarked text + $InlineText = $this->inlineText($unmarkedText); + $Elements[] = $InlineText['element']; + + # compile the inline + $Elements[] = $this->extractElement($Inline); + + # remove the examined text + $text = substr($text, $Inline['position'] + $Inline['extent']); + + continue 2; + } + + # the marker does not belong to an inline + + $unmarkedText = substr($text, 0, $markerPosition + 1); + + $InlineText = $this->inlineText($unmarkedText); + $Elements[] = $InlineText['element']; + + $text = substr($text, $markerPosition + 1); + } + + $InlineText = $this->inlineText($text); + $Elements[] = $InlineText['element']; + + foreach ($Elements as &$Element) + { + if ( ! isset($Element['autobreak'])) + { + $Element['autobreak'] = false; + } + } + + return $Elements; + } + + # + # ~ + # + + protected function inlineText($text) + { + $Inline = array( + 'extent' => strlen($text), + 'element' => array(), + ); + + $Inline['element']['elements'] = self::pregReplaceElements( + $this->breaksEnabled ? '/[ ]*+\n/' : '/(?:[ ]*+\\\\|[ ]{2,}+)\n/', + array( + array('name' => 'br'), + array('text' => "\n"), + ), + $text + ); + + return $Inline; + } + + protected function inlineCode($Excerpt) + { + $marker = $Excerpt['text'][0]; + + if (preg_match('/^(['.$marker.']++)[ ]*+(.+?)[ ]*+(? strlen($matches[0]), + 'element' => array( + 'name' => 'code', + 'text' => $text, + ), + ); + } + } + + protected function inlineEmailTag($Excerpt) + { + $hostnameLabel = '[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?'; + + $commonMarkEmail = '[a-zA-Z0-9.!#$%&\'*+\/=?^_`{|}~-]++@' + . $hostnameLabel . '(?:\.' . $hostnameLabel . ')*'; + + if (strpos($Excerpt['text'], '>') !== false + and preg_match("/^<((mailto:)?$commonMarkEmail)>/i", $Excerpt['text'], $matches) + ){ + $url = $matches[1]; + + if ( ! isset($matches[2])) + { + $url = "mailto:$url"; + } + + return array( + 'extent' => strlen($matches[0]), + 'element' => array( + 'name' => 'a', + 'text' => $matches[1], + 'attributes' => array( + 'href' => $url, + ), + ), + ); + } + } + + protected function inlineEmphasis($Excerpt) + { + if ( ! isset($Excerpt['text'][1])) + { + return; + } + + $marker = $Excerpt['text'][0]; + + if ($Excerpt['text'][1] === $marker and preg_match($this->StrongRegex[$marker], $Excerpt['text'], $matches)) + { + $emphasis = 'strong'; + } + elseif (preg_match($this->EmRegex[$marker], $Excerpt['text'], $matches)) + { + $emphasis = 'em'; + } + else + { + return; + } + + return array( + 'extent' => strlen($matches[0]), + 'element' => array( + 'name' => $emphasis, + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $matches[1], + 'destination' => 'elements', + ) + ), + ); + } + + protected function inlineEscapeSequence($Excerpt) + { + if (isset($Excerpt['text'][1]) and in_array($Excerpt['text'][1], $this->specialCharacters)) + { + return array( + 'element' => array('rawHtml' => $Excerpt['text'][1]), + 'extent' => 2, + ); + } + } + + protected function inlineImage($Excerpt) + { + if ( ! isset($Excerpt['text'][1]) or $Excerpt['text'][1] !== '[') + { + return; + } + + $Excerpt['text']= substr($Excerpt['text'], 1); + + $Link = $this->inlineLink($Excerpt); + + if ($Link === null) + { + return; + } + + $Inline = array( + 'extent' => $Link['extent'] + 1, + 'element' => array( + 'name' => 'img', + 'attributes' => array( + 'src' => $Link['element']['attributes']['href'], + 'alt' => $Link['element']['handler']['argument'], + ), + 'autobreak' => true, + ), + ); + + $Inline['element']['attributes'] += $Link['element']['attributes']; + + unset($Inline['element']['attributes']['href']); + + return $Inline; + } + + protected function inlineLink($Excerpt) + { + $Element = array( + 'name' => 'a', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => null, + 'destination' => 'elements', + ), + 'nonNestables' => array('Url', 'Link'), + 'attributes' => array( + 'href' => null, + 'title' => null, + ), + ); + + $extent = 0; + + $remainder = $Excerpt['text']; + + if (preg_match('/\[((?:[^][]++|(?R))*+)\]/', $remainder, $matches)) + { + $Element['handler']['argument'] = $matches[1]; + + $extent += strlen($matches[0]); + + $remainder = substr($remainder, $extent); + } + else + { + return; + } + + if (preg_match('/^[(]\s*+((?:[^ ()]++|[(][^ )]+[)])++)(?:[ ]+("[^"]*+"|\'[^\']*+\'))?\s*+[)]/', $remainder, $matches)) + { + $Element['attributes']['href'] = $matches[1]; + + if (isset($matches[2])) + { + $Element['attributes']['title'] = substr($matches[2], 1, - 1); + } + + $extent += strlen($matches[0]); + } + else + { + if (preg_match('/^\s*\[(.*?)\]/', $remainder, $matches)) + { + $definition = strlen($matches[1]) ? $matches[1] : $Element['handler']['argument']; + $definition = strtolower($definition); + + $extent += strlen($matches[0]); + } + else + { + $definition = strtolower($Element['handler']['argument']); + } + + if ( ! isset($this->DefinitionData['Reference'][$definition])) + { + return; + } + + $Definition = $this->DefinitionData['Reference'][$definition]; + + $Element['attributes']['href'] = $Definition['url']; + $Element['attributes']['title'] = $Definition['title']; + } + + return array( + 'extent' => $extent, + 'element' => $Element, + ); + } + + protected function inlineMarkup($Excerpt) + { + if ($this->markupEscaped or $this->safeMode or strpos($Excerpt['text'], '>') === false) + { + return; + } + + if ($Excerpt['text'][1] === '/' and preg_match('/^<\/\w[\w-]*+[ ]*+>/s', $Excerpt['text'], $matches)) + { + return array( + 'element' => array('rawHtml' => $matches[0]), + 'extent' => strlen($matches[0]), + ); + } + + if ($Excerpt['text'][1] === '!' and preg_match('/^/s', $Excerpt['text'], $matches)) + { + return array( + 'element' => array('rawHtml' => $matches[0]), + 'extent' => strlen($matches[0]), + ); + } + + if ($Excerpt['text'][1] !== ' ' and preg_match('/^<\w[\w-]*+(?:[ ]*+'.$this->regexHtmlAttribute.')*+[ ]*+\/?>/s', $Excerpt['text'], $matches)) + { + return array( + 'element' => array('rawHtml' => $matches[0]), + 'extent' => strlen($matches[0]), + ); + } + } + + protected function inlineSpecialCharacter($Excerpt) + { + if (substr($Excerpt['text'], 1, 1) !== ' ' and strpos($Excerpt['text'], ';') !== false + and preg_match('/^&(#?+[0-9a-zA-Z]++);/', $Excerpt['text'], $matches) + ) { + return array( + 'element' => array('rawHtml' => '&' . $matches[1] . ';'), + 'extent' => strlen($matches[0]), + ); + } + + return; + } + + protected function inlineStrikethrough($Excerpt) + { + if ( ! isset($Excerpt['text'][1])) + { + return; + } + + if ($Excerpt['text'][1] === '~' and preg_match('/^~~(?=\S)(.+?)(?<=\S)~~/', $Excerpt['text'], $matches)) + { + return array( + 'extent' => strlen($matches[0]), + 'element' => array( + 'name' => 'del', + 'handler' => array( + 'function' => 'lineElements', + 'argument' => $matches[1], + 'destination' => 'elements', + ) + ), + ); + } + } + + protected function inlineUrl($Excerpt) + { + if ($this->urlsLinked !== true or ! isset($Excerpt['text'][2]) or $Excerpt['text'][2] !== '/') + { + return; + } + + if (strpos($Excerpt['context'], 'http') !== false + and preg_match('/\bhttps?+:[\/]{2}[^\s<]+\b\/*+/ui', $Excerpt['context'], $matches, PREG_OFFSET_CAPTURE) + ) { + $url = $matches[0][0]; + + $Inline = array( + 'extent' => strlen($matches[0][0]), + 'position' => $matches[0][1], + 'element' => array( + 'name' => 'a', + 'text' => $url, + 'attributes' => array( + 'href' => $url, + ), + ), + ); + + return $Inline; + } + } + + protected function inlineUrlTag($Excerpt) + { + if (strpos($Excerpt['text'], '>') !== false and preg_match('/^<(\w++:\/{2}[^ >]++)>/i', $Excerpt['text'], $matches)) + { + $url = $matches[1]; + + return array( + 'extent' => strlen($matches[0]), + 'element' => array( + 'name' => 'a', + 'text' => $url, + 'attributes' => array( + 'href' => $url, + ), + ), + ); + } + } + + # ~ + + protected function unmarkedText($text) + { + $Inline = $this->inlineText($text); + return $this->element($Inline['element']); + } + + # + # Handlers + # + + protected function handle(array $Element) + { + if (isset($Element['handler'])) + { + if (!isset($Element['nonNestables'])) + { + $Element['nonNestables'] = array(); + } + + if (is_string($Element['handler'])) + { + $function = $Element['handler']; + $argument = $Element['text']; + unset($Element['text']); + $destination = 'rawHtml'; + } + else + { + $function = $Element['handler']['function']; + $argument = $Element['handler']['argument']; + $destination = $Element['handler']['destination']; + } + + $Element[$destination] = $this->{$function}($argument, $Element['nonNestables']); + + if ($destination === 'handler') + { + $Element = $this->handle($Element); + } + + unset($Element['handler']); + } + + return $Element; + } + + protected function handleElementRecursive(array $Element) + { + return $this->elementApplyRecursive(array($this, 'handle'), $Element); + } + + protected function handleElementsRecursive(array $Elements) + { + return $this->elementsApplyRecursive(array($this, 'handle'), $Elements); + } + + protected function elementApplyRecursive($closure, array $Element) + { + $Element = call_user_func($closure, $Element); + + if (isset($Element['elements'])) + { + $Element['elements'] = $this->elementsApplyRecursive($closure, $Element['elements']); + } + elseif (isset($Element['element'])) + { + $Element['element'] = $this->elementApplyRecursive($closure, $Element['element']); + } + + return $Element; + } + + protected function elementApplyRecursiveDepthFirst($closure, array $Element) + { + if (isset($Element['elements'])) + { + $Element['elements'] = $this->elementsApplyRecursiveDepthFirst($closure, $Element['elements']); + } + elseif (isset($Element['element'])) + { + $Element['element'] = $this->elementsApplyRecursiveDepthFirst($closure, $Element['element']); + } + + $Element = call_user_func($closure, $Element); + + return $Element; + } + + protected function elementsApplyRecursive($closure, array $Elements) + { + foreach ($Elements as &$Element) + { + $Element = $this->elementApplyRecursive($closure, $Element); + } + + return $Elements; + } + + protected function elementsApplyRecursiveDepthFirst($closure, array $Elements) + { + foreach ($Elements as &$Element) + { + $Element = $this->elementApplyRecursiveDepthFirst($closure, $Element); + } + + return $Elements; + } + + protected function element(array $Element) + { + if ($this->safeMode) + { + $Element = $this->sanitiseElement($Element); + } + + # identity map if element has no handler + $Element = $this->handle($Element); + + $hasName = isset($Element['name']); + + $markup = ''; + + if ($hasName) + { + $markup .= '<' . $Element['name']; + + if (isset($Element['attributes'])) + { + foreach ($Element['attributes'] as $name => $value) + { + if ($value === null) + { + continue; + } + + $markup .= " $name=\"".self::escape($value).'"'; + } + } + } + + $permitRawHtml = false; + + if (isset($Element['text'])) + { + $text = $Element['text']; + } + // very strongly consider an alternative if you're writing an + // extension + elseif (isset($Element['rawHtml'])) + { + $text = $Element['rawHtml']; + + $allowRawHtmlInSafeMode = isset($Element['allowRawHtmlInSafeMode']) && $Element['allowRawHtmlInSafeMode']; + $permitRawHtml = !$this->safeMode || $allowRawHtmlInSafeMode; + } + + $hasContent = isset($text) || isset($Element['element']) || isset($Element['elements']); + + if ($hasContent) + { + $markup .= $hasName ? '>' : ''; + + if (isset($Element['elements'])) + { + $markup .= $this->elements($Element['elements']); + } + elseif (isset($Element['element'])) + { + $markup .= $this->element($Element['element']); + } + else + { + if (!$permitRawHtml) + { + $markup .= self::escape($text, true); + } + else + { + $markup .= $text; + } + } + + $markup .= $hasName ? '' : ''; + } + elseif ($hasName) + { + $markup .= ' />'; + } + + return $markup; + } + + protected function elements(array $Elements) + { + $markup = ''; + + $autoBreak = true; + + foreach ($Elements as $Element) + { + if (empty($Element)) + { + continue; + } + + $autoBreakNext = (isset($Element['autobreak']) + ? $Element['autobreak'] : isset($Element['name']) + ); + // (autobreak === false) covers both sides of an element + $autoBreak = !$autoBreak ? $autoBreak : $autoBreakNext; + + $markup .= ($autoBreak ? "\n" : '') . $this->element($Element); + $autoBreak = $autoBreakNext; + } + + $markup .= $autoBreak ? "\n" : ''; + + return $markup; + } + + # ~ + + protected function li($lines) + { + $Elements = $this->linesElements($lines); + + if ( ! in_array('', $lines) + and isset($Elements[0]) and isset($Elements[0]['name']) + and $Elements[0]['name'] === 'p' + ) { + unset($Elements[0]['name']); + } + + return $Elements; + } + + # + # AST Convenience + # + + /** + * Replace occurrences $regexp with $Elements in $text. Return an array of + * elements representing the replacement. + */ + protected static function pregReplaceElements($regexp, $Elements, $text) + { + $newElements = array(); + + while (preg_match($regexp, $text, $matches, PREG_OFFSET_CAPTURE)) + { + $offset = $matches[0][1]; + $before = substr($text, 0, $offset); + $after = substr($text, $offset + strlen($matches[0][0])); + + $newElements[] = array('text' => $before); + + foreach ($Elements as $Element) + { + $newElements[] = $Element; + } + + $text = $after; + } + + $newElements[] = array('text' => $text); + + return $newElements; + } + + # + # Deprecated Methods + # + + function parse($text) + { + $markup = $this->text($text); + + return $markup; + } + + protected function sanitiseElement(array $Element) + { + static $goodAttribute = '/^[a-zA-Z0-9][a-zA-Z0-9-_]*+$/'; + static $safeUrlNameToAtt = array( + 'a' => 'href', + 'img' => 'src', + ); + + if ( ! isset($Element['name'])) + { + unset($Element['attributes']); + return $Element; + } + + if (isset($safeUrlNameToAtt[$Element['name']])) + { + $Element = $this->filterUnsafeUrlInAttribute($Element, $safeUrlNameToAtt[$Element['name']]); + } + + if ( ! empty($Element['attributes'])) + { + foreach ($Element['attributes'] as $att => $val) + { + # filter out badly parsed attribute + if ( ! preg_match($goodAttribute, $att)) + { + unset($Element['attributes'][$att]); + } + # dump onevent attribute + elseif (self::striAtStart($att, 'on')) + { + unset($Element['attributes'][$att]); + } + } + } + + return $Element; + } + + protected function filterUnsafeUrlInAttribute(array $Element, $attribute) + { + foreach ($this->safeLinksWhitelist as $scheme) + { + if (self::striAtStart($Element['attributes'][$attribute], $scheme)) + { + return $Element; + } + } + + $Element['attributes'][$attribute] = str_replace(':', '%3A', $Element['attributes'][$attribute]); + + return $Element; + } + + # + # Static Methods + # + + protected static function escape($text, $allowQuotes = false) + { + return htmlspecialchars($text, $allowQuotes ? ENT_NOQUOTES : ENT_QUOTES, 'UTF-8'); + } + + protected static function striAtStart($string, $needle) + { + $len = strlen($needle); + + if ($len > strlen($string)) + { + return false; + } + else + { + return strtolower(substr($string, 0, $len)) === strtolower($needle); + } + } + + static function instance($name = 'default') + { + if (isset(self::$instances[$name])) + { + return self::$instances[$name]; + } + + $instance = new static(); + + self::$instances[$name] = $instance; + + return $instance; + } + + private static $instances = array(); + + # + # Fields + # + + protected $DefinitionData; + + # + # Read-Only + + protected $specialCharacters = array( + '\\', '`', '*', '_', '{', '}', '[', ']', '(', ')', '>', '#', '+', '-', '.', '!', '|', '~' + ); + + protected $StrongRegex = array( + '*' => '/^[*]{2}((?:\\\\\*|[^*]|[*][^*]*+[*])+?)[*]{2}(?![*])/s', + '_' => '/^__((?:\\\\_|[^_]|_[^_]*+_)+?)__(?!_)/us', + ); + + protected $EmRegex = array( + '*' => '/^[*]((?:\\\\\*|[^*]|[*][*][^*]+?[*][*])+?)[*](?![*])/s', + '_' => '/^_((?:\\\\_|[^_]|__[^_]*__)+?)_(?!_)\b/us', + ); + + protected $regexHtmlAttribute = '[a-zA-Z_:][\w:.-]*+(?:\s*+=\s*+(?:[^"\'=<>`\s]+|"[^"]*+"|\'[^\']*+\'))?+'; + + protected $voidElements = array( + 'area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'link', 'meta', 'param', 'source', + ); + + protected $textLevelElements = array( + 'a', 'br', 'bdo', 'abbr', 'blink', 'nextid', 'acronym', 'basefont', + 'b', 'em', 'big', 'cite', 'small', 'spacer', 'listing', + 'i', 'rp', 'del', 'code', 'strike', 'marquee', + 'q', 'rt', 'ins', 'font', 'strong', + 's', 'tt', 'kbd', 'mark', + 'u', 'xm', 'sub', 'nobr', + 'sup', 'ruby', + 'var', 'span', + 'wbr', 'time', + ); +} diff --git a/libs/parsedown/README.md b/libs/parsedown/README.md new file mode 100644 index 0000000..cdf0167 --- /dev/null +++ b/libs/parsedown/README.md @@ -0,0 +1,97 @@ +> I also make [Caret](https://caret.io?ref=parsedown) - a Markdown editor for Mac and PC. + +## Parsedown + +[![Build Status](https://img.shields.io/travis/erusev/parsedown/master.svg?style=flat-square)](https://travis-ci.org/erusev/parsedown) + + +Better Markdown Parser in PHP + +[Demo](http://parsedown.org/demo) | +[Benchmarks](http://parsedown.org/speed) | +[Tests](http://parsedown.org/tests/) | +[Documentation](https://github.com/erusev/parsedown/wiki/) + +### Features + +* One File +* No Dependencies +* Super Fast +* Extensible +* [GitHub flavored](https://help.github.com/articles/github-flavored-markdown) +* Tested in 5.3 to 7.2 and in HHVM +* [Markdown Extra extension](https://github.com/erusev/parsedown-extra) + +### Installation +#### Composer +Install the [composer package] by running the following command: + + composer require erusev/parsedown + +#### Manual +1. Download the "Source code" from the [latest release] +2. Include `Parsedown.php` + +[composer package]: https://packagist.org/packages/erusev/parsedown "The Parsedown package on packagist.org" +[latest release]: https://github.com/erusev/parsedown/releases/latest "The latest release of Parsedown" + +### Example + +``` php +$Parsedown = new Parsedown(); + +echo $Parsedown->text('Hello _Parsedown_!'); # prints:

    Hello Parsedown!

    +// you can also parse inline markdown only +echo $Parsedown->line('Hello _Parsedown_!'); # prints: Hello Parsedown! +``` + +More examples in [the wiki](https://github.com/erusev/parsedown/wiki/) and in [this video tutorial](http://youtu.be/wYZBY8DEikI). + +### Security + +Parsedown is capable of escaping user-input within the HTML that it generates. Additionally Parsedown will apply sanitisation to additional scripting vectors (such as scripting link destinations) that are introduced by the markdown syntax itself. + +To tell Parsedown that it is processing untrusted user-input, use the following: +```php +$parsedown = new Parsedown; +$parsedown->setSafeMode(true); +``` + +If instead, you wish to allow HTML within untrusted user-input, but still want output to be free from XSS it is recommended that you make use of a HTML sanitiser that allows HTML tags to be whitelisted, like [HTML Purifier](http://htmlpurifier.org/). + +In both cases you should strongly consider employing defence-in-depth measures, like [deploying a Content-Security-Policy](https://scotthelme.co.uk/content-security-policy-an-introduction/) (a browser security feature) so that your page is likely to be safe even if an attacker finds a vulnerability in one of the first lines of defence above. + +#### Security of Parsedown Extensions + +Safe mode does not necessarily yield safe results when using extensions to Parsedown. Extensions should be evaluated on their own to determine their specific safety against XSS. + +### Escaping HTML +> ⚠️  **WARNING:** This method isn't safe from XSS! + +If you wish to escape HTML **in trusted input**, you can use the following: +```php +$parsedown = new Parsedown; +$parsedown->setMarkupEscaped(true); +``` + +Beware that this still allows users to insert unsafe scripting vectors, such as links like `[xss](javascript:alert%281%29)`. + +### Questions + +**How does Parsedown work?** + +It tries to read Markdown like a human. First, it looks at the lines. It’s interested in how the lines start. This helps it recognise blocks. It knows, for example, that if a line starts with a `-` then perhaps it belongs to a list. Once it recognises the blocks, it continues to the content. As it reads, it watches out for special characters. This helps it recognise inline elements (or inlines). + +We call this approach "line based". We believe that Parsedown is the first Markdown parser to use it. Since the release of Parsedown, other developers have used the same approach to develop other Markdown parsers in PHP and in other languages. + +**Is it compliant with CommonMark?** + +It passes most of the CommonMark tests. Most of the tests that don't pass deal with cases that are quite uncommon. Still, as CommonMark matures, compliance should improve. + +**Who uses it?** + +[Laravel Framework](https://laravel.com/), [Bolt CMS](http://bolt.cm/), [Grav CMS](http://getgrav.org/), [Herbie CMS](http://www.getherbie.org/), [Kirby CMS](http://getkirby.com/), [October CMS](http://octobercms.com/), [Pico CMS](http://picocms.org), [Statamic CMS](http://www.statamic.com/), [phpDocumentor](http://www.phpdoc.org/), [RaspberryPi.org](http://www.raspberrypi.org/), [Symfony demo](https://github.com/symfony/symfony-demo) and [more](https://packagist.org/packages/erusev/parsedown/dependents). + +**How can I help?** + +Use it, star it, share it and if you feel generous, [donate](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=528P3NZQMP8N2). From 3fec45442e19989aec1a28c7d5d90ec523933bd9 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sat, 24 Nov 2018 21:13:57 +0100 Subject: [PATCH 030/138] Added warning/success alert render function --- classes/constellation.php | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/classes/constellation.php b/classes/constellation.php index d977cf9..c4fc58e 100644 --- a/classes/constellation.php +++ b/classes/constellation.php @@ -156,6 +156,40 @@ class Constellation "incidents" => $array ]; } -} + + + function render_warning($header, $message, $show_link = false, $url = null, $link_text = null) + { + $this->render_alert('alert-warning', $header, $message, $show_link, $url, $link_text); + } + function render_success($header, $message, $show_link = false, $url = null, $link_text = null) + { + $this->render_alert('alert-success', $header, $message, $show_link, $url, $link_text); + } + + /** + * Renders an alert on screen with an optional button to return to a given URL + * @param string alert_type - Type of warning to render alert-danger, alert-warning, alert-success etc + * @param string header - Title of warning + * @param string message - Message to display + * @param boolean show_link - True if button is to be displayed + * @param string url - URL for button + * @param string link_txt - Text for button + * @return void + */ + function render_alert($alert_type, $header, $message, $show_link = false, $url = null, $link_text = null) + { + echo '

    +
    '; + if ( $show_link ) { + echo '
    '.$link_text.'
    '; + } + + } +} $constellation = new Constellation(); \ No newline at end of file From cd6ce3c8d8a8101b5c56da2c7eef1cc9b8ef9ead Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sat, 24 Nov 2018 22:19:06 +0100 Subject: [PATCH 031/138] Added additional config definitions In preparation for adding subscription notification a number of new configuration options has been added. These are as follows: - SUBSCRIBE_EMAIL : True/False to allow email subscription - SUBSCRIBE_TELEGRAM : True/False to allow Telegram subscription - GOOGLE_RECAPTCHA : True/False to enable reCapthca for e-mail signup form - GOOGLE_RECAPTCHA_SITEKEY : Google reCaptcha sitekey - GOOGLE_RECAPTCHA_SECRET : Google reCaptcha secret - PHP_MAILER : True/False to allow the use of PHPMailer() library for emails. - PHP_MAILER_PATH: Path to where PHPMailer() class is located on the system - PHP_MAILER_SMTP : True/False if SMTP is to be used with PHPmailer(). Default will be mail(). - PHP_MAILER_HOST : SMTP Host to use if PHP_MAILER_SMTP is enabled. - PHP_MAILER_PORT : SMTP Port - PHP_MAILER_SECURE : tls/ssl option for PHPMailer() - PHP_MAILER_USER : Username for SMTP - PHP_MAILER_PASS : Password for SMTP --- config.php.template | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/config.php.template b/config.php.template index 70436cf..daacfe0 100644 --- a/config.php.template +++ b/config.php.template @@ -13,10 +13,23 @@ define("POLICY_MAIL", "##policy_mail##"); //contact email in policy define("POLICY_PHONE", "##policy_phone##"); define("WHO_WE_ARE","##who_we_are##"); define("POLICY_URL","##policy_url##"); +define('SUBSCRIBE_EMAIL', true); +define('SUBSCRIBE_TELEGRAM', false); define("TG_BOT_API_TOKEN", "##tg_bot_token##"); //Telegram Bot Token define("TG_BOT_USERNAME", "##tg_bot_username##"); //Telegram Bot username define("INSTALL_OVERRIDE", false); define("DEFAULT_LANGUAGE", "en_GB"); +define("GOOGLE_RECAPTCHA", false); +define("GOOGLE_RECAPTCHA_SITEKEY", "##google_site_key##"); +define("GOOGLE_RECAPTCHA_SECRET", "##google_secret##"); +define("PHP_MAILER", false); // Enable if we are to use extenral PHPMailer() library +define("PHP_MAILER_PATH", "##phpmailer_path##"); // Path to src folder of PHPMailer() library - without ending / +define("PHP_MAILER_SMTP", false); // Set to true if we are to use SMTP +define("PHP_MAILER_HOST", "##phpmailer_host##"); // SMTP host +define("PHP_MAILER_PORT", "##phpmailer_port##"); // SMTP Port +define("PHP_MAILER_SECURE", ""); // Set to TLS or SSL or leave blank for plaintext +define("PHP_MAILER_USER", "##phpmailer_user##"); // SMTP Authentication user +define("PHP_MAILER_PASS", "##phpmailer_pass##"); // SMTP authenticatin password require("classes/locale-negotiator.php"); From d504b0a4cc1360db65a9088d23d95004caeb7853 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 17:06:03 +0100 Subject: [PATCH 032/138] Add php_idn lib to support IDN/punycode emails MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This external library adds functions to encode and decode email addresses using extended utf-8 character sets. Example examlpe@bånnibøtta.no The library is written as simple functions rather than a class. Original code at https://github.com/IgorVBelousov/php_idn --- libs/php_idn/LICENSE | 504 +++++++++++++++++++++++++++++++++++++++++ libs/php_idn/README.md | 31 +++ libs/php_idn/idna.php | 320 ++++++++++++++++++++++++++ 3 files changed, 855 insertions(+) create mode 100644 libs/php_idn/LICENSE create mode 100644 libs/php_idn/README.md create mode 100644 libs/php_idn/idna.php diff --git a/libs/php_idn/LICENSE b/libs/php_idn/LICENSE new file mode 100644 index 0000000..8000a6f --- /dev/null +++ b/libs/php_idn/LICENSE @@ -0,0 +1,504 @@ + GNU LESSER GENERAL PUBLIC LICENSE + Version 2.1, February 1999 + + Copyright (C) 1991, 1999 Free Software Foundation, Inc. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +[This is the first released version of the Lesser GPL. It also counts + as the successor of the GNU Library Public License, version 2, hence + the version number 2.1.] + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +Licenses are intended to guarantee your freedom to share and change +free software--to make sure the software is free for all its users. + + This license, the Lesser General Public License, applies to some +specially designated software packages--typically libraries--of the +Free Software Foundation and other authors who decide to use it. You +can use it too, but we suggest you first think carefully about whether +this license or the ordinary General Public License is the better +strategy to use in any particular case, based on the explanations below. + + When we speak of free software, we are referring to freedom of use, +not price. Our General Public Licenses are designed to make sure that +you have the freedom to distribute copies of free software (and charge +for this service if you wish); that you receive source code or can get +it if you want it; that you can change the software and use pieces of +it in new free programs; and that you are informed that you can do +these things. + + To protect your rights, we need to make restrictions that forbid +distributors to deny you these rights or to ask you to surrender these +rights. These restrictions translate to certain responsibilities for +you if you distribute copies of the library or if you modify it. + + For example, if you distribute copies of the library, whether gratis +or for a fee, you must give the recipients all the rights that we gave +you. You must make sure that they, too, receive or can get the source +code. If you link other code with the library, you must provide +complete object files to the recipients, so that they can relink them +with the library after making changes to the library and recompiling +it. And you must show them these terms so they know their rights. + + We protect your rights with a two-step method: (1) we copyright the +library, and (2) we offer you this license, which gives you legal +permission to copy, distribute and/or modify the library. + + To protect each distributor, we want to make it very clear that +there is no warranty for the free library. Also, if the library is +modified by someone else and passed on, the recipients should know +that what they have is not the original version, so that the original +author's reputation will not be affected by problems that might be +introduced by others. + + Finally, software patents pose a constant threat to the existence of +any free program. We wish to make sure that a company cannot +effectively restrict the users of a free program by obtaining a +restrictive license from a patent holder. Therefore, we insist that +any patent license obtained for a version of the library must be +consistent with the full freedom of use specified in this license. + + Most GNU software, including some libraries, is covered by the +ordinary GNU General Public License. This license, the GNU Lesser +General Public License, applies to certain designated libraries, and +is quite different from the ordinary General Public License. We use +this license for certain libraries in order to permit linking those +libraries into non-free programs. + + When a program is linked with a library, whether statically or using +a shared library, the combination of the two is legally speaking a +combined work, a derivative of the original library. The ordinary +General Public License therefore permits such linking only if the +entire combination fits its criteria of freedom. The Lesser General +Public License permits more lax criteria for linking other code with +the library. + + We call this license the "Lesser" General Public License because it +does Less to protect the user's freedom than the ordinary General +Public License. It also provides other free software developers Less +of an advantage over competing non-free programs. These disadvantages +are the reason we use the ordinary General Public License for many +libraries. However, the Lesser license provides advantages in certain +special circumstances. + + For example, on rare occasions, there may be a special need to +encourage the widest possible use of a certain library, so that it becomes +a de-facto standard. To achieve this, non-free programs must be +allowed to use the library. A more frequent case is that a free +library does the same job as widely used non-free libraries. In this +case, there is little to gain by limiting the free library to free +software only, so we use the Lesser General Public License. + + In other cases, permission to use a particular library in non-free +programs enables a greater number of people to use a large body of +free software. For example, permission to use the GNU C Library in +non-free programs enables many more people to use the whole GNU +operating system, as well as its variant, the GNU/Linux operating +system. + + Although the Lesser General Public License is Less protective of the +users' freedom, it does ensure that the user of a program that is +linked with the Library has the freedom and the wherewithal to run +that program using a modified version of the Library. + + The precise terms and conditions for copying, distribution and +modification follow. Pay close attention to the difference between a +"work based on the library" and a "work that uses the library". The +former contains code derived from the library, whereas the latter must +be combined with the library in order to run. + + GNU LESSER GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License Agreement applies to any software library or other +program which contains a notice placed by the copyright holder or +other authorized party saying it may be distributed under the terms of +this Lesser General Public License (also called "this License"). +Each licensee is addressed as "you". + + A "library" means a collection of software functions and/or data +prepared so as to be conveniently linked with application programs +(which use some of those functions and data) to form executables. + + The "Library", below, refers to any such software library or work +which has been distributed under these terms. A "work based on the +Library" means either the Library or any derivative work under +copyright law: that is to say, a work containing the Library or a +portion of it, either verbatim or with modifications and/or translated +straightforwardly into another language. (Hereinafter, translation is +included without limitation in the term "modification".) + + "Source code" for a work means the preferred form of the work for +making modifications to it. For a library, complete source code means +all the source code for all modules it contains, plus any associated +interface definition files, plus the scripts used to control compilation +and installation of the library. + + Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running a program using the Library is not restricted, and output from +such a program is covered only if its contents constitute a work based +on the Library (independent of the use of the Library in a tool for +writing it). Whether that is true depends on what the Library does +and what the program that uses the Library does. + + 1. You may copy and distribute verbatim copies of the Library's +complete source code as you receive it, in any medium, provided that +you conspicuously and appropriately publish on each copy an +appropriate copyright notice and disclaimer of warranty; keep intact +all the notices that refer to this License and to the absence of any +warranty; and distribute a copy of this License along with the +Library. + + You may charge a fee for the physical act of transferring a copy, +and you may at your option offer warranty protection in exchange for a +fee. + + 2. You may modify your copy or copies of the Library or any portion +of it, thus forming a work based on the Library, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) The modified work must itself be a software library. + + b) You must cause the files modified to carry prominent notices + stating that you changed the files and the date of any change. + + c) You must cause the whole of the work to be licensed at no + charge to all third parties under the terms of this License. + + d) If a facility in the modified Library refers to a function or a + table of data to be supplied by an application program that uses + the facility, other than as an argument passed when the facility + is invoked, then you must make a good faith effort to ensure that, + in the event an application does not supply such function or + table, the facility still operates, and performs whatever part of + its purpose remains meaningful. + + (For example, a function in a library to compute square roots has + a purpose that is entirely well-defined independent of the + application. Therefore, Subsection 2d requires that any + application-supplied function or table used by this function must + be optional: if the application does not supply it, the square + root function must still compute square roots.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Library, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Library, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote +it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Library. + +In addition, mere aggregation of another work not based on the Library +with the Library (or with a work based on the Library) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may opt to apply the terms of the ordinary GNU General Public +License instead of this License to a given copy of the Library. To do +this, you must alter all the notices that refer to this License, so +that they refer to the ordinary GNU General Public License, version 2, +instead of to this License. (If a newer version than version 2 of the +ordinary GNU General Public License has appeared, then you can specify +that version instead if you wish.) Do not make any other change in +these notices. + + Once this change is made in a given copy, it is irreversible for +that copy, so the ordinary GNU General Public License applies to all +subsequent copies and derivative works made from that copy. + + This option is useful when you wish to copy part of the code of +the Library into a program that is not a library. + + 4. You may copy and distribute the Library (or a portion or +derivative of it, under Section 2) in object code or executable form +under the terms of Sections 1 and 2 above provided that you accompany +it with the complete corresponding machine-readable source code, which +must be distributed under the terms of Sections 1 and 2 above on a +medium customarily used for software interchange. + + If distribution of object code is made by offering access to copy +from a designated place, then offering equivalent access to copy the +source code from the same place satisfies the requirement to +distribute the source code, even though third parties are not +compelled to copy the source along with the object code. + + 5. A program that contains no derivative of any portion of the +Library, but is designed to work with the Library by being compiled or +linked with it, is called a "work that uses the Library". Such a +work, in isolation, is not a derivative work of the Library, and +therefore falls outside the scope of this License. + + However, linking a "work that uses the Library" with the Library +creates an executable that is a derivative of the Library (because it +contains portions of the Library), rather than a "work that uses the +library". The executable is therefore covered by this License. +Section 6 states terms for distribution of such executables. + + When a "work that uses the Library" uses material from a header file +that is part of the Library, the object code for the work may be a +derivative work of the Library even though the source code is not. +Whether this is true is especially significant if the work can be +linked without the Library, or if the work is itself a library. The +threshold for this to be true is not precisely defined by law. + + If such an object file uses only numerical parameters, data +structure layouts and accessors, and small macros and small inline +functions (ten lines or less in length), then the use of the object +file is unrestricted, regardless of whether it is legally a derivative +work. (Executables containing this object code plus portions of the +Library will still fall under Section 6.) + + Otherwise, if the work is a derivative of the Library, you may +distribute the object code for the work under the terms of Section 6. +Any executables containing that work also fall under Section 6, +whether or not they are linked directly with the Library itself. + + 6. As an exception to the Sections above, you may also combine or +link a "work that uses the Library" with the Library to produce a +work containing portions of the Library, and distribute that work +under terms of your choice, provided that the terms permit +modification of the work for the customer's own use and reverse +engineering for debugging such modifications. + + You must give prominent notice with each copy of the work that the +Library is used in it and that the Library and its use are covered by +this License. You must supply a copy of this License. If the work +during execution displays copyright notices, you must include the +copyright notice for the Library among them, as well as a reference +directing the user to the copy of this License. Also, you must do one +of these things: + + a) Accompany the work with the complete corresponding + machine-readable source code for the Library including whatever + changes were used in the work (which must be distributed under + Sections 1 and 2 above); and, if the work is an executable linked + with the Library, with the complete machine-readable "work that + uses the Library", as object code and/or source code, so that the + user can modify the Library and then relink to produce a modified + executable containing the modified Library. (It is understood + that the user who changes the contents of definitions files in the + Library will not necessarily be able to recompile the application + to use the modified definitions.) + + b) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (1) uses at run time a + copy of the library already present on the user's computer system, + rather than copying library functions into the executable, and (2) + will operate properly with a modified version of the library, if + the user installs one, as long as the modified version is + interface-compatible with the version that the work was made with. + + c) Accompany the work with a written offer, valid for at + least three years, to give the same user the materials + specified in Subsection 6a, above, for a charge no more + than the cost of performing this distribution. + + d) If distribution of the work is made by offering access to copy + from a designated place, offer equivalent access to copy the above + specified materials from the same place. + + e) Verify that the user has already received a copy of these + materials or that you have already sent this user a copy. + + For an executable, the required form of the "work that uses the +Library" must include any data and utility programs needed for +reproducing the executable from it. However, as a special exception, +the materials to be distributed need not include anything that is +normally distributed (in either source or binary form) with the major +components (compiler, kernel, and so on) of the operating system on +which the executable runs, unless that component itself accompanies +the executable. + + It may happen that this requirement contradicts the license +restrictions of other proprietary libraries that do not normally +accompany the operating system. Such a contradiction means you cannot +use both them and the Library together in an executable that you +distribute. + + 7. You may place library facilities that are a work based on the +Library side-by-side in a single library together with other library +facilities not covered by this License, and distribute such a combined +library, provided that the separate distribution of the work based on +the Library and of the other library facilities is otherwise +permitted, and provided that you do these two things: + + a) Accompany the combined library with a copy of the same work + based on the Library, uncombined with any other library + facilities. This must be distributed under the terms of the + Sections above. + + b) Give prominent notice with the combined library of the fact + that part of it is a work based on the Library, and explaining + where to find the accompanying uncombined form of the same work. + + 8. You may not copy, modify, sublicense, link with, or distribute +the Library except as expressly provided under this License. Any +attempt otherwise to copy, modify, sublicense, link with, or +distribute the Library is void, and will automatically terminate your +rights under this License. However, parties who have received copies, +or rights, from you under this License will not have their licenses +terminated so long as such parties remain in full compliance. + + 9. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Library or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Library (or any work based on the +Library), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Library or works based on it. + + 10. Each time you redistribute the Library (or any work based on the +Library), the recipient automatically receives a license from the +original licensor to copy, distribute, link with or modify the Library +subject to these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties with +this License. + + 11. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Library at all. For example, if a patent +license would not permit royalty-free redistribution of the Library by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Library. + +If any portion of this section is held invalid or unenforceable under any +particular circumstance, the balance of the section is intended to apply, +and the section as a whole is intended to apply in other circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 12. If the distribution and/or use of the Library is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Library under this License may add +an explicit geographical distribution limitation excluding those countries, +so that distribution is permitted only in or among countries not thus +excluded. In such case, this License incorporates the limitation as if +written in the body of this License. + + 13. The Free Software Foundation may publish revised and/or new +versions of the Lesser General Public License from time to time. +Such new versions will be similar in spirit to the present version, +but may differ in detail to address new problems or concerns. + +Each version is given a distinguishing version number. If the Library +specifies a version number of this License which applies to it and +"any later version", you have the option of following the terms and +conditions either of that version or of any later version published by +the Free Software Foundation. If the Library does not specify a +license version number, you may choose any version ever published by +the Free Software Foundation. + + 14. If you wish to incorporate parts of the Library into other free +programs whose distribution conditions are incompatible with these, +write to the author to ask for permission. For software which is +copyrighted by the Free Software Foundation, write to the Free +Software Foundation; we sometimes make exceptions for this. Our +decision will be guided by the two goals of preserving the free status +of all derivatives of our free software and of promoting the sharing +and reuse of software generally. + + NO WARRANTY + + 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO +WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. +EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR +OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY +KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE +LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME +THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY +AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU +FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR +CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE +LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING +RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A +FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF +SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Libraries + + If you develop a new library, and you want it to be of the greatest +possible use to the public, we recommend making it free software that +everyone can redistribute and change. You can do so by permitting +redistribution under these terms (or, alternatively, under the terms of the +ordinary General Public License). + + To apply these terms, attach the following notices to the library. It is +safest to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least the +"copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 + USA + +Also add information on how to contact you by electronic and paper mail. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the library, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the + library `Frob' (a library for tweaking knobs) written by James Random + Hacker. + + , 1 April 1990 + Ty Coon, President of Vice + +That's all there is to it! diff --git a/libs/php_idn/README.md b/libs/php_idn/README.md new file mode 100644 index 0000000..d1d368e --- /dev/null +++ b/libs/php_idn/README.md @@ -0,0 +1,31 @@ +PHP IDN Punycode +================ + +Encode and decode IDN Punycode if not exists internal php functions `idn_to_ascii` and `idn_to_utf8`. +Functions use algorithm by rfc 3492. + +[![Build Status](https://travis-ci.org/IgorVBelousov/php_idn.svg?branch=master)](https://travis-ci.org/IgorVBelousov/php_idn) + +**function EncodePunycodeIDN( $value )** string + +Encode UTF-8 domain name to IDN Punycode + +Parameters: + +string **$value** Domain name + +Returns: + +Encoded Domain name + +**function DecodePunycodeIDN( $value )** string + +Decode IDN Punycode to UTF-8 domain name + +Parameters: + +string **$value** Punycode + +Returns: + +Domain name in UTF-8 charset \ No newline at end of file diff --git a/libs/php_idn/idna.php b/libs/php_idn/idna.php new file mode 100644 index 0000000..bac2b63 --- /dev/null +++ b/libs/php_idn/idna.php @@ -0,0 +1,320 @@ + + * @copyright 2008 Nicolas Thouvenin + * @license http://opensource.org/licenses/LGPL-2.1 LGPL v2.1 + */ +function ordUTF8($c, $index = 0, &$bytes = null) + { + $len = strlen($c); + $bytes = 0; + if ($index >= $len) + return false; + $h = ord($c{$index}); + if ($h <= 0x7F) { + $bytes = 1; + return $h; + } + else if ($h < 0xC2) + return false; + else if ($h <= 0xDF && $index < $len - 1) { + $bytes = 2; + return ($h & 0x1F) << 6 | (ord($c{$index + 1}) & 0x3F); + } + else if ($h <= 0xEF && $index < $len - 2) { + $bytes = 3; + return ($h & 0x0F) << 12 | (ord($c{$index + 1}) & 0x3F) << 6 + | (ord($c{$index + 2}) & 0x3F); + } + else if ($h <= 0xF4 && $index < $len - 3) { + $bytes = 4; + return ($h & 0x0F) << 18 | (ord($c{$index + 1}) & 0x3F) << 12 + | (ord($c{$index + 2}) & 0x3F) << 6 + | (ord($c{$index + 3}) & 0x3F); + } + else + return false; + } + +/** + * Encode UTF-8 domain name to IDN Punycode + * + * @param string $value Domain name + * @return string Encoded Domain name + * + * @author Igor V Belousov + * @copyright 2013, 2015 Igor V Belousov + * @license http://opensource.org/licenses/LGPL-2.1 LGPL v2.1 + * @link http://belousovv.ru/myscript/phpIDN + */ +function EncodePunycodeIDN( $value ) + { + if ( function_exists( 'idn_to_ascii' ) ) { + return idn_to_ascii( $value ); + } + + /* search subdomains */ + $sub_domain = explode( '.', $value ); + if ( count( $sub_domain ) > 1 ) { + $sub_result = ''; + foreach ( $sub_domain as $sub_value ) { + $sub_result .= '.' . EncodePunycodeIDN( $sub_value ); + } + return substr( $sub_result, 1 ); + } + + /* http://tools.ietf.org/html/rfc3492#section-6.3 */ + $n = 0x80; + $delta = 0; + $bias = 72; + $output = array(); + + $input = array(); + $str = $value; + while ( mb_strlen( $str , 'UTF-8' ) > 0 ) + { + array_push( $input, mb_substr( $str, 0, 1, 'UTF-8' ) ); + $str = (version_compare(PHP_VERSION, '5.4.8','<'))?mb_substr( $str, 1, mb_strlen($str, 'UTF-8') , 'UTF-8' ):mb_substr( $str, 1, null, 'UTF-8' ); + } + + /* basic symbols */ + $basic = preg_grep( '/[\x00-\x7f]/', $input ); + $b = $basic; + + if ( $b == $input ) + { + return $value; + } + $b = count( $b ); + if ( $b > 0 ) { + $output = $basic; + /* add delimeter */ + $output[] = '-'; + } + unset($basic); + /* add prefix */ + array_unshift( $output, 'xn--' ); + + $input_len = count( $input ); + $h = $b; + + $ord_input = array(); + + while ( $h < $input_len ) { + $m = 0x10FFFF; + for ( $i = 0; $i < $input_len; ++$i ) + { + $ord_input[ $i ] = ordUtf8( $input[ $i ] ); + if ( ( $ord_input[ $i ] >= $n ) && ( $ord_input[ $i ] < $m ) ) + { + $m = $ord_input[ $i ]; + } + } + if ( ( $m - $n ) > ( 0x10FFFF / ( $h + 1 ) ) ) + { + return $value; + } + $delta += ( $m - $n ) * ( $h + 1 ); + $n = $m; + + for ( $i = 0; $i < $input_len; ++$i ) + { + $c = $ord_input[ $i ]; + if ( $c < $n ) + { + ++$delta; + if ( $delta == 0 ) + { + return $value; + } + } + if ( $c == $n ) + { + $q = $delta; + for ( $k = 36;; $k += 36 ) + { + if ( $k <= $bias ) + { + $t = 1; + } + elseif ( $k >= ( $bias + 26 ) ) + { + $t = 26; + } + else + { + $t = $k - $bias; + } + if ( $q < $t ) + { + break; + } + $tmp_int = $t + ( $q - $t ) % ( 36 - $t ); + $output[] = chr( ( $tmp_int + 22 + 75 * ( $tmp_int < 26 ) ) ); + $q = ( $q - $t ) / ( 36 - $t ); + } + + $output[] = chr( ( $q + 22 + 75 * ( $q < 26 ) ) ); + /* http://tools.ietf.org/html/rfc3492#section-6.1 */ + $delta = ( $h == $b ) ? $delta / 700 : $delta>>1; + + $delta += intval( $delta / ( $h + 1 ) ); + + $k2 = 0; + while ( $delta > 455 ) + { + $delta /= 35; + $k2 += 36; + } + $bias = intval( $k2 + 36 * $delta / ( $delta + 38 ) ); + /* end section-6.1 */ + $delta = 0; + ++$h; + } + } + ++$delta; + ++$n; + } + return implode( '', $output ); + } + +/** + * Decode IDN Punycode to UTF-8 domain name + * + * @param string $value Punycode + * @return string Domain name in UTF-8 charset + * + * @author Igor V Belousov + * @copyright 2013, 2015 Igor V Belousov + * @license http://opensource.org/licenses/LGPL-2.1 LGPL v2.1 + * @link http://belousovv.ru/myscript/phpIDN + */ +function DecodePunycodeIDN( $value ) + { + if ( function_exists( 'idn_to_utf8' ) ) { + return idn_to_utf8( $value ); + } + + /* search subdomains */ + $sub_domain = explode( '.', $value ); + if ( count( $sub_domain ) > 1 ) { + $sub_result = ''; + foreach ( $sub_domain as $sub_value ) { + $sub_result .= '.' . DecodePunycodeIDN( $sub_value ); + } + return substr( $sub_result, 1 ); + } + + /* search prefix */ + if ( substr( $value, 0, 4 ) != 'xn--' ) + { + return $value; + } + else + { + $bad_input = $value; + $value = substr( $value, 4 ); + } + + $n = 0x80; + $i = 0; + $bias = 72; + $output = array(); + + /* search delimeter */ + $d = strrpos( $value, '-' ); + + if ( $d > 0 ) { + for ( $j = 0; $j < $d; ++$j) { + $c = $value[ $j ]; + $output[] = $c; + if ( $c > 0x7F ) + { + return $bad_input; + } + } + ++$d; + } else { + $d = 0; + } + + while ($d < strlen( $value ) ) + { + $old_i = $i; + $w = 1; + + for ($k = 36;; $k += 36) + { + if ( $d == strlen( $value ) ) + { + return $bad_input; + } + $c = $value[ $d++ ]; + $c = ord( $c ); + + $digit = ( $c - 48 < 10 ) ? $c - 22 : + ( + ( $c - 65 < 26 ) ? $c - 65 : + ( + ( $c - 97 < 26 ) ? $c - 97 : 36 + ) + ); + if ( $digit > ( 0x10FFFF - $i ) / $w ) + { + return $bad_input; + } + $i += $digit * $w; + + if ( $k <= $bias ) + { + $t = 1; + } + elseif ( $k >= $bias + 26 ) + { + $t = 26; + } + else + { + $t = $k - $bias; + } + if ( $digit < $t ) { + break; + } + + $w *= 36 - $t; + + } + + $delta = $i - $old_i; + + /* http://tools.ietf.org/html/rfc3492#section-6.1 */ + $delta = ( $old_i == 0 ) ? $delta/700 : $delta>>1; + + $count_output_plus_one = count( $output ) + 1; + $delta += intval( $delta / $count_output_plus_one ); + + $k2 = 0; + while ( $delta > 455 ) + { + $delta /= 35; + $k2 += 36; + } + $bias = intval( $k2 + 36 * $delta / ( $delta + 38 ) ); + /* end section-6.1 */ + if ( $i / $count_output_plus_one > 0x10FFFF - $n ) + { + return $bad_input; + } + $n += intval( $i / $count_output_plus_one ); + $i %= $count_output_plus_one; + array_splice( $output, $i, 0, + html_entity_decode( '&#' . $n . ';', ENT_NOQUOTES, 'UTF-8' ) + ); + ++$i; + } + + return implode( '', $output ); + } + From 82e3dcb11eec9161fa3fbdc72b7f95649c70f3bb Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 17:18:09 +0100 Subject: [PATCH 033/138] Add new classes This implements the following new classes - mailer.php Class to handle smtp/mail related tasks. This implements support for PHPMailer() - notification.php Class to handle notification to subscribers. - subscriber.php Class to handle the self-managment of subscribers. - subscriptions.php Class to handle subscription to services for subscribers. --- classes/mailer.php | 175 ++++++++++++++++++++ classes/notification.php | 139 ++++++++++++++++ classes/subscriber.php | 328 ++++++++++++++++++++++++++++++++++++++ classes/subscriptions.php | 94 +++++++++++ 4 files changed, 736 insertions(+) create mode 100644 classes/mailer.php create mode 100644 classes/notification.php create mode 100644 classes/subscriber.php create mode 100644 classes/subscriptions.php diff --git a/classes/mailer.php b/classes/mailer.php new file mode 100644 index 0000000..d8f4eb7 --- /dev/null +++ b/classes/mailer.php @@ -0,0 +1,175 @@ +is_utf8($to) ) { + $elements = explode('@', $to); + $domainpart = EncodePunycodeIDN(array_pop($elements)); // Convert domain part to ascii + $to = $elements[0] . '@' . $domainpart; // Reassemble tge full email address + syslog(1,"email: " .$to); + } + + // Send using PHP mailer if it is enabled + if ( PHP_MAILER ) { + require_once(PHP_MAILER_PATH .'/Exception.php'); /* Exception class. */ + require_once(PHP_MAILER_PATH .'/PHPMailer.php'); /* The main PHPMailer class. */ + + if ( PHP_MAILER_SMTP ) { + require_once(PHP_MAILER_PATH .'/SMTP.php'); /* SMTP class, needed if you want to use SMTP. */ + } + + $phpmail = new PHPMailer(false); + + $phpmail->setFrom(MAILER_ADDRESS, MAILER_NAME); + $phpmail->addReplyTo(MAILER_ADDRESS, MAILER_NAME); + //$phpmail->Debugoutput = error_log; + + // Define SMTP parameters if enabled + if ( PHP_MAILER_SMTP ) { + + $phpmail->isSMTP(); + $phpmail->Host = PHP_MAILER_HOST; + $phpmail->Port = PHP_MAILER_PORT; + $phpmail->SMTPSecure = PHP_MAILER_SECURE; + //$phpmail->SMTPDebug = 2; // Enable for debugging + + // Handle authentication for SMTP if enabled + if ( !empty(PHP_MAILER_USER) ) { + $phpmail->SMTPAuth = true; + $phpmail->Username = PHP_MAILER_USER; + $phpmail->Password = PHP_MAILER_PASS; + } + } + + $phpmail->addAddress($to); + $phpmail->Subject = $subject; + // Send HMTL mail + if ( $html ) { + $phpmail->msgHtml($message); + $phpmail->AltBody = $this->convert_html_to_plain_txt($message, false); + } else { + $phpmail->Body = $message; // Send plain text + } + + $phpmail->isHtml($html); // use htmlmail if enabled + if ( ! $phpmail->send() ) { + // TODO Log error message $phpmail->ErrorInfo; + return false; + } + return true; + + } else { + // Use standard PHP mail() function + $headers = "Content-Type: $content_type; \"charset=utf-8\" ".PHP_EOL; + $headers .= "MIME-Version: 1.0 ".PHP_EOL; + $headers .= "From: ".MAILER_NAME.' <'.MAILER_ADDRESS.'>'.PHP_EOL; + $headers .= "Reply-To: ".MAILER_NAME.' <'.MAILER_ADDRESS.'>'.PHP_EOL; + + mail($to, $subject, $message, $headers); + // TODO log error message if mail fails + return true; + } + + } + /** + * Tries to verify the domain using dns request against an MX record of the domain part + * of the passed email address. The code also handles IDN/Punycode formatted addresses which + * contains utf8 characters. + * Original code from https://stackoverflow.com/questions/19261987/how-to-check-if-an-email-address-is-real-or-valid-using-php/19262381 + * @param String $email Email address to check + * @return boolean True if MX record exits, false if otherwise + */ + public function verify_domain($email){ + // TODO - Handle idn/punycode domain names without being dependent on PHP native libs. + $domain = explode('@', $email); + $domain = EncodePunycodeIDN(array_pop($domain).'.'); // Add dot at end of domain to avoid local domain lookups + syslog(1,$domain); + return checkdnsrr($domain, 'MX'); + } + + + /** + * Check if string contains non-english characters (detect IDN/Punycode enabled domains) + * Original code from: https://stackoverflow.com/questions/13120475/detect-non-english-chars-in-a-string + * @param String $str String to check for extended characters + * @return boolean True if extended characters, false otherwise + */ + public function is_utf8($str) + { + if (strlen($str) == strlen(utf8_decode($str))) { + return false; + } else { + return true; + } + } + + /** + * Takes the input from an HTML email and convert it to plain text + * This is commonly used when sending HTML emails as a backup for email clients who can only view, or who choose to only view, + * Original code from https://github.com/DukeOfMarshall/PHP---JSON-Email-Verification/blob/master/EmailVerify.class.php + * plain text emails + * @param string $content The body part of the email to convert to plain text. + * @param boolean $remove_links Set to true if links should be removed from email + * @return String pain text version + */ + public function convert_html_to_plain_txt($content, $remove_links=false){ + // TODO does not handle unsubscribe/manage subscription text very well. + // Replace HTML line breaks with text line breaks + $plain_text = str_ireplace(array("
    ","
    "), "\n\r", $content); + + // Remove the content between the tags that wouldn't normally get removed with the strip_tags function + $plain_text = preg_replace(array('@]*?>.*?@siu', + '@]*?>.*?@siu', + '@]*?.*?@siu', + '@]*?.*?@siu', + ), "", $plain_text); // Remove everything from between the tags that doesn't get removed with strip_tags function + + // If the user has chosen to preserve the addresses from links + if(!$remove_links){ + $plain_text = strip_tags(preg_replace('//', ' $1 ', $plain_text)); + } + + // Remove HTML spaces + $plain_text = str_replace(" ", "", $plain_text); + + // Replace multiple line breaks with a single line break + $plain_text = preg_replace("/(\s){3,}/","\r\n\r\n",trim($plain_text)); + + return $plain_text; + } + +} \ No newline at end of file diff --git a/classes/notification.php b/classes/notification.php new file mode 100644 index 0000000..51b3a3c --- /dev/null +++ b/classes/notification.php @@ -0,0 +1,139 @@ +prepare("SELECT services.id, services.name FROM services INNER JOIN services_status on services.id = services_status.service_id WHERE services_status.status_id = ?"); + $stmt->bind_param("i", $status_id); + $stmt->execute(); + $query = $stmt->get_result(); + $arrServicesNames = array(); + $arrServicesId = array(); + while ($result = $query->fetch_assoc()) { + $arrServicesNames[] = $result['name']; + $arrServicesId[] = (int) $result['id']; + } + $this->status_id = $status_id; + $this->servicenames = implode(",", $arrServicesNames); + $this->serviceids = implode(",", $arrServicesId); + return true; + } else { + return false; + } + } + + /** + * Loop over the list of subscribers to notify depending on impacted service(s) and + * call the differnet notification handles. + * @return void + */ + public function notify_subscribers() + { + global $mysqli; + // Fetch list of unique subscribers for given service + // Direct inclusion of variable withour using prepare justified by the fact that + // this->serviceids are not user submitted + $sql = "SELECT DISTINCT subscriberIDFK FROM services_subscriber WHERE serviceIDFK IN (" . $this->serviceids . ")"; + $query = $mysqli->query($sql); + + while ($subscriber = $query->fetch_assoc()) { + // Fetch list of subscriber details for already found subscriber IDs + $stmt = $mysqli->prepare("SELECT typeID, userID, firstname, token FROM subscribers WHERE subscriberID = ? AND active=1"); + $stmt->bind_param("i", $subscriber['subscriberIDFK']); + $stmt->execute(); + $subscriberQuery = $stmt->get_result(); + + while ($subscriberData = $subscriberQuery->fetch_assoc()) { + $typeID = $subscriberData['typeID']; // Telegram = 1, email = 2 + $userID = $subscriberData['userID']; + $firstname = $subscriberData['firstname']; + $token = $subscriberData['token']; + + // Handle telegram + if ($typeID == 1) { + $this->submit_telegram($userID, $firstname, $token); + } + + // Handle email + if ($typeID == 2) { + $this->submit_email($userID, $token); + } + } + } + } + + /** + * Sends Telegram notification message using their web api. + * @param string $userID The Telegram userid to send to + * @param string $firstname The users firstname + * @param string $uthkey Token used for managing subscription + * @return void + */ + public function submit_telegram($userID, $firstname, $token) + { + // TODO Handle limitations (Max 30 different subscribers per second) + // TODO Error handling + $msg = _("Hi %s!\nThere is a status update for service(s): %s\nThe new status is: %s\nTitle: %s\n\n%s\n\nView online"); + $msg = sprintf($msg, $firstname, $this->servicenames, $this->status, $this->title, $this->text, WEB_URL); + + $tg_message = urlencode($msg); + $response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $userID . "&parse_mode=HTML&text=" . $tg_message), true); + } + + /** + * Sends email notifications to a subscriber. + * Function depends on Parsedown and Mailer class being loaded. + * @param String $userID The email address to send to + * @param String $uthkey Users token for managing subscription + * @return void + */ + public function submit_email($userID, $token) + { + // TODO Error handling + $Parsedown = new Parsedown(); + $mailer = new Mailer(); + + $str_mail = file_get_contents("../libs/templates/email_status_update.html"); + $str_mail = str_replace("%name%", NAME, $str_mail); + // $smtp_mail = str_replace("%email%", $userID, $smtp_mail); + $str_mail = str_replace("%url%", WEB_URL, $str_mail); + $str_mail = str_replace("%service%", $this->servicenames, $str_mail); + $str_mail = str_replace("%status%", $this->status, $str_mail); + $str_mail = str_replace("%time%", date("c", $this->time), $str_mail); + $str_mail = str_replace("%comment%", $Parsedown->setBreaksEnabled(true)->text($this->text), $str_mail); + $str_mail = str_replace("%token%", $token, $str_mail); + + $str_mail = str_replace("%service_status_update_from%", _("Service status update from"), $str_mail); + $str_mail = str_replace("%services_impacted%", _("Service(s) Impacted"), $str_mail); + $str_mail = str_replace("%status_label%", _("Status"), $str_mail); + $str_mail = str_replace("%time_label%", _("Time"), $str_mail); + $str_mail = str_replace("%manage_subscription%", _("Manage subscription"), $str_mail); + $str_mail = str_replace("%unsubscribe%", _("Unsubscribe"), $str_mail); + $str_mail = str_replace("%powered_by%", _("Powered by"), $str_mail); + $subject = _('Status update from') . ' - ' . NAME . ' [ ' . $this->status . ' ]'; + $mailer->send_mail($userID, $subject, $str_mail); + } +} \ No newline at end of file diff --git a/classes/subscriber.php b/classes/subscriber.php new file mode 100644 index 0000000..bdc8b92 --- /dev/null +++ b/classes/subscriber.php @@ -0,0 +1,328 @@ +firstname = null; + $this->lastname = null; + $this->userID = ""; + $this->token = null; + $this->active = 0; + $this->typeID = null; + } + + /** + * Gets authentcation token for specified subscriberID + * @param Integer $subscriberID - specifies which subscriber we are looking up + * @param Integer $typeID - specifies which type of subscription we are refering (1 = telegram, 2 = email) + * @return String $token - 32 bytes HEX string + */ + public function get_token($subscriberID, $typeID) + { + global $mysqli; + $stmt = $mysqli->prepare("SELECT token FROM subscribers WHERE subscriberID = ? and typeID=? and active = 1 LIMIT 1"); + $stmt->bind_param("ii", $subscriberID, $typeID); + $stmt->execute(); + $result = $stmt->get_result(); + if ($result->num_rows > 0) { + $row = $result->fetch_assoc(); + $this->token = $row['token']; + //$this->get_subscriber_by_token($this->token); + return $row['token']; + } + return false; + + } + public function get_subscriber_by_token($token) + { + global $mysqli; + $stmt = $mysqli->prepare("SELECT subscriberID FROM subscribers WHERE token=? and typeID=?"); + $stmt->bind_param("si", $token, $this->typeID); + $stmt->execute(); + $result = $stmt->get_result(); + if ($result->num_rows > 0) { + $row = $result->fetch_assoc(); + $this->id = $row['subscriberID']; + $this->populate(); // + return true; + } + return false; + } + + public function get_subscriber_by_userid($create = false) + { + global $mysqli; + $stmt = $mysqli->prepare("SELECT subscriberID FROM subscribers WHERE userID LIKE ? AND typeID = ? LIMIT 1"); + $stmt->bind_param("si", $this->userID, $this->typeID ); + $stmt->execute(); + $result = $stmt->get_result(); + + if ($result->num_rows > 0) { + $row = $result->fetch_assoc(); + $this->id = $row['subscriberID']; + $this->populate(); + return $row['subscriberID']; + } else { + // User is not registered in DB, so add if $create = true + if ( $create ) { + $subscriber_id = $this->add($this->typeID, $this->userID, $this->active, $this->firstname, $this->lastname); + return $subscriber_id; + } + return false; + } + } + + public function populate() + { + global $mysqli; + $stmt = $mysqli->prepare("SELECT typeID, userID, firstname, lastname, token, active FROM subscribers WHERE subscriberID = ?"); + $stmt->bind_param("i", $this->id); + $stmt->execute(); + $result = $stmt->get_result(); + if ($result->num_rows > 0) { + $row = $result->fetch_assoc(); + $this->userID = $row['userID']; + $this->typeID = $row['typeID']; + $this->firstname = $row['firstname']; + $this->lastname = $row['lastname']; + $this->token = $row['token']; + $this->active = $row['active']; + return true; + } + return false; + } + + public function add($typeID, $userID, $active = null, $firstname = null, $lastname = null) + { + global $mysqli; + $expireTime = strtotime("+2 hours"); + $updateTime = strtotime("now"); + $token = $this->generate_token(); + syslog(1,"token". $token); + $stmt = $mysqli->prepare("INSERT INTO subscribers (typeID, userID, firstname, lastname, token, active, expires, create_time) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"); + $stmt->bind_param("issssiii", $typeID, $userID, $firstname, $lastname, $token, $active, $expireTime, $updateTime); + $stmt->execute(); + $query = $stmt->get_result(); + + $this->id = $mysqli->insert_id; + $this->typeID = $typeID; + $this->userID = $userID; + $this->token = $token; + $this->firstname = $firstname; + $this->lastname = $lastname; + $this->active = $active; + return $this->id; + } + + public function update($subscriberID) + { + global $mysqli; + $updateTime = strtotime("now"); + $stmt = $mysqli->prepare("UPDATE subscribers SET update_time = ? WHERE subscriberID=?"); + $stmt->bind_param("ii", $updateTime, $subscriberId); + $stmt->execute(); + return true; + + } + + public function activate($subscriberID) + { + global $mysqli; + $updateTime = strtotime("now"); + + $stmt = $mysqli->prepare("UPDATE subscribers SET update_time = ?, expires = ? WHERE subscriberID = ?"); + $tmp = null; + $stmt->bind_param("iii", $updateTime, $tmp, $subscriberId); + $stmt->execute(); + return true; + } + + public function delete($id) + { + global $mysqli; + + $stmt = $mysqli->prepare("DELETE FROM services_subscriber WHERE subscriberIDFK = ?"); + $stmt->bind_param("i", $this->id); + $stmt->execute(); + $query = $stmt->get_result(); + + $stmt = $mysqli->prepare("DELETE FROM subscribers WHERE subscriberID = ?"); + $stmt->bind_param("i", $this->id); + $stmt->execute(); + $query = $stmt->get_result(); + + } + + public function check_userid_exist() + { + global $mysqli; + + $stmt = $mysqli->prepare("SELECT subscriberID, userID, token, active FROM subscribers WHERE typeID=? AND userID=? LIMIT 1"); + + $stmt->bind_param("is", $this->typeID, $this->userID); + $stmt->execute(); + $result = $stmt->get_result(); + + if($result->num_rows > 0) { + $row = $result->fetch_assoc(); + $this->id = $row['subscriberID']; + $this->populate(); + return true; + } + return false; + } + + public function is_active_subscriber($token) + { + global $mysqli; + + + $stmt = $mysqli->prepare("SELECT subscriberID, token, userID, active, expires FROM subscribers WHERE token LIKE ? LIMIT 1"); + $stmt->bind_param("s", $token ); + $stmt->execute(); + $result = $stmt->get_result(); + + if ($result->num_rows > 0) { + $row = $result->fetch_assoc(); + } else { + // No data found, fail gently... + return false; + } + + // If account is not already active, check if we are within timeframe of exipre +2h + // and active if so, otherwise,delete account and return falsev + if ( $row['active'] <> 1 ) { + + // Calculate time range for when subscription need to be validated + $time_end = $row['expires']; + $time_start = $time_end - (3600*2); // TODO - make this interval configurable via a config option + $time_now = time(); + + if ( ($time_now > $time_start) && ($time_now < $time_end) ) { + // Timefram is within range, active user.. + $stmt2 = $mysqli->prepare("UPDATE subscribers SET active=1, expires=null WHERE subscriberID = ?"); + $stmt2->bind_param("i", $row['subscriberID']); + $stmt2->execute(); + $result = $stmt2->get_result(); + $this->active = 1; + $this->id = $row['subscriberID']; + $this->userID = $row['userID']; + $this->token = $row['token']; + return true; + + } else { + // Timeframe outside of given scope -> delete account + $stmt2 = $mysqli->prepare("DELETE FROM subscribers WHERE subscriberID = ?"); + $stmt2->bind_param("i", $row['subscriberID']); + $stmt2->execute(); + $result = $stmt2->get_result(); + $this->active = 0; + return false; + } + } + + // if we get here, account should already be active + $this->active = 1; + $this->id = $row['subscriberID']; + $this->userID = $row['userID']; + $this->token = $row['token']; + return true; + } + + /** + * Generate a new 64 byte token (32 bytes converted from bin2hex = 64 bytes) + * @return string token + */ + public function generate_token() + { + global $mysqli; + + if ( function_exists('openssl_random_pseudo_bytes') ) { + $token = openssl_random_pseudo_bytes(32); //Generate a random string. + $token = bin2hex($token); //Convert the binary data into hexadecimal representation. + } else { + // Use alternative token generator if openssl isn't available... + $token = make_alt_token(32, 32); + } + + // Make sure token doesn't already exist in db + $stmt = $mysqli->prepare("SELECT subscriberID FROM subscribers WHERE token LIKE ?"); + echo $mysqli->error; + $stmt->bind_param("s", $token); + $stmt->execute(); + $result = $stmt->get_result(); + if ($result->num_rows > 0 ) { + // token already exists, call self again + $token = $this->generate_token(); + } + + return $token; + } + + /** + * Alternative token generator if openssl_random_pseudo_bytes is not available + * Original code by jsheets at shadonet dot com from http://php.net/manual/en/function.mt-rand.php + * @params int min_length Minimum length of token + * @params int max_length Maximum length of token + * @return String token + */ + public function make_alt_token($min_length = 32, $max_length = 64) + { + $key = ''; + + // build range and shuffle range using ASCII table + for ($i=0; $i<=255; $i++) { + $range[] = chr($i); + } + + // shuffle our range 3 times + for ($i=0; $i<=3; $i++) { + shuffle($range); + } + + // loop for random number generation + for ($i = 0; $i < mt_rand($min_length, $max_length); $i++) { + $key .= $range[mt_rand(0, count($range)-1)]; + } + + $return = bin2hex($key); + + if (!empty($return)) { + return $return; + } else { + return 0; + } + } + + public function set_logged_in() + { + $_SESSION['subscriber_valid'] = true; + $_SESSION['subscriber_id'] = $this->id; + $_SESSION['subscriber_userid'] = $this->userID; + $_SESSION['subscriber_typeid'] = $this->typeID; //email + $_SESSION['subscriber_token'] = $this->token; + } + + public function set_logged_off() + { + unset($_SESSION['subscriber_valid']); + unset($_SESSION['subscriber_userid']); + unset($_SESSION['subscriber_typeid']); + unset($_SESSION['subscriber_id']); + unset($_SESSION['subscriber_token']); + } + +} \ No newline at end of file diff --git a/classes/subscriptions.php b/classes/subscriptions.php new file mode 100644 index 0000000..d1cf6e4 --- /dev/null +++ b/classes/subscriptions.php @@ -0,0 +1,94 @@ +prepare("INSERT INTO services_subscriber (subscriberIDFK, serviceIDFK) VALUES (?, ?)"); + $stmt->bind_param("ii", $userID, $service); + $stmt->execute(); + $query = $stmt->get_result(); + } + + public function remove($userID, $service) + { + global $mysqli; + + $stmt = $mysqli->prepare("DELETE FROM services_subscriber WHERE subscriberIDFK = ? AND serviceIDFK = ?"); + $stmt->bind_param("ii", $userID, $service); + $stmt->execute(); + $query = $stmt->get_result(); + } + + function render_subscribed_services($typeID, $subscriberID, $userID, $token) + { + global $mysqli; + $stmt = $mysqli->prepare("SELECT services.id, services.name, subscribers.subscriberID, subscribers.userID, subscribers.token + FROM services + LEFT JOIN services_subscriber ON services_subscriber.serviceIDFK = services.id + LEFT JOIN subscribers ON services_subscriber.subscriberIDFK = subscribers.subscriberID + WHERE subscribers.typeID = ? AND subscribers.subscriberID = ?"); + $stmt->bind_param("ii", $typeID, $subscriberID); + $stmt->execute(); + $query = $stmt->get_result(); + + $timestamp = time(); + + $strNotifyType = _('E-mail Notification subscription'); + if ( $typeID == 1 ) { $strNotifyType = _('Telegram Notification subscription'); } + + ?> +
    +
    +
    +

    +

    + ')){return true;}else{event.stopPropagation(); event.preventDefault();};" class="confirmation" href="index.php?do=unsubscribe&type=&token="> +
    +
    +
    + ' . _("Your subscriptions") . ""; + echo '
    '; + $subs = array(); // Will be used to hold IDs of services already selected + + if ($query->num_rows){ + while($result = $query->fetch_assoc()) + { + echo ' ' . $result['name'] . ''; + $subs[] = $result['id']; + } + + } else { + echo '
    '._("You do not currently subscribe to any services. Please add services from the list below.").'
    '; + } + echo "
    "; + + echo '

    ' . _("Add new subscription") . '

    '; + + // Prepare to query for unselect services. If none are selected, query for all + $subsExp = null; + if (count($subs) > 0 ) { + $subsExp = 'NOT IN ('. implode(",", $subs) .')'; + } + + $query = $mysqli->query("SELECT services.id, services.name from services WHERE services.id $subsExp"); + echo '
    '; + if ($query->num_rows){ + while($result = $query->fetch_assoc()){ + echo ' ' . $result['name'] . ''; + } + } else { + echo '
    '._("No further services available for subscriptions.").'
    '; + } + echo '
    '; + } + +} \ No newline at end of file From cf1f00e9b5fa3e5b99da45b54331f60973854fd9 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 17:23:07 +0100 Subject: [PATCH 034/138] Frontend for handling subscription changes. --- subscriptions.php | 90 +++++++++++++++-------------------------------- 1 file changed, 29 insertions(+), 61 deletions(-) diff --git a/subscriptions.php b/subscriptions.php index ee7dec1..23da9bc 100644 --- a/subscriptions.php +++ b/subscriptions.php @@ -1,74 +1,42 @@ query("SELECT * FROM subscribers WHERE telegramID=" . $tg_user['id']); - while($subscriber = $query->fetch_assoc()){ - $subscriberID = $subscriber['subscriberID']; - } - $stmt = $mysqli->prepare("INSERT INTO services_subscriber VALUES (NULL,?, ?)"); - $stmt->bind_param("ii", $subscriberID, $service); - $stmt->execute(); - $query = $stmt->get_result(); - header("Location: index.php?do=subscriptions"); - } - - if(isset($_GET['remove'])){ - $service = $_GET['remove']; - $query = $mysqli->query("SELECT * FROM subscribers WHERE telegramID=" . $tg_user['id']); - while($subscriber = $query->fetch_assoc()){ - $subscriberID = $subscriber['subscriberID']; - } - $stmt = $mysqli->prepare("DELETE FROM services_subscriber WHERE subscriberIDFK = ? AND serviceIDFK = ?"); - $stmt->bind_param("ii", $subscriberID, $service); - $stmt->execute(); - $query = $stmt->get_result(); - header("Location: index.php?do=subscriptions"); - } - - $query = $mysqli->query("SELECT services.id, services.name, subscribers.subscriberID, subscribers.telegramID - FROM services - LEFT JOIN services_subscriber ON services_subscriber.serviceIDFK = services.id - LEFT JOIN subscribers ON services_subscriber.subscriberIDFK = subscribers.subscriberID - WHERE subscribers.telegramID =" . $tg_user['id']); -if ($query->num_rows){ - $timestamp = time(); - echo '

    ' . _("Your subscriptions") . "

    "; - echo '
    '; - $subs = array(); - while($result = $query->fetch_assoc()) - { - echo '' . $result['name'] . ''; - $subs[] = $result['name']; - } - echo "
    "; +if ( SUBSCRIBE_TELEGRAM && $_SESSION['subscriber_typeid'] == 2 ) { + $tg_user = $telegram->getTelegramUserData(); // TODO: Do we need this any longer? } -echo '

    ' . _("Add new subscription") . '

    '; +if( $_SESSION['subscriber_valid'] ){ + + $typeID = $_SESSION['subscriber_typeid']; + $subscriberID = $_SESSION['subscriber_id']; + $userID = $_SESSION['subscriber_userid']; + $token = $_SESSION['subscriber_token']; + + if(isset($_GET['add'])){ + $subscription->add($subscriberID, $_GET['add']); + } -$query = $mysqli->query("SELECT services.id, services.name from services"); -if ($query->num_rows){ - echo '
    '; + if(isset($_GET['remove'])){ + $subscription->remove($subscriberID, $_GET['remove']); + } - while($result = $query->fetch_assoc()){ - if(empty($subs)){ - echo '' . $result['name'] . ''; + $subscription->render_subscribed_services($typeID, $subscriberID, $userID, $token); - } elseif(!in_array($result['name'], $subs)){ - echo '' . $result['name'] . ''; - } - } - echo '
    '; -} - -} else{ +} else { + + $header = _("Your session has expired or you tried something we don't suppprt"); + $message = _('If your session expired, retry your link or in case of Telegram use the login button in the top menu.'); + $constellation->render_warning($header, $message); + header('Location: index.php'); } From b5c5a2c8cffb3e4bff0c05c9eb4c88458cf2ecee Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 17:25:44 +0100 Subject: [PATCH 035/138] Moved, renamed and modified Telegram related files. - Made functions from ./telegram.php into a class and moved to classes/telegram.php - Renamed check.php to telegram_check.php to make it easier to understand what the file belongs to. - SESSIONS used to control if user is logged on or not - Telegram users will be identified as typeID = 2 in the subscribers table. --- check.php | 12 ------- classes/telegram.php | 82 ++++++++++++++++++++++++++++++++++++++++++++ telegram.php | 63 ---------------------------------- telegram_check.php | 33 ++++++++++++++++++ 4 files changed, 115 insertions(+), 75 deletions(-) delete mode 100644 check.php create mode 100644 classes/telegram.php delete mode 100644 telegram.php create mode 100644 telegram_check.php diff --git a/check.php b/check.php deleted file mode 100644 index 4553a06..0000000 --- a/check.php +++ /dev/null @@ -1,12 +0,0 @@ -getMessage()); - } - header('Location: index.php'); - ?> \ No newline at end of file diff --git a/classes/telegram.php b/classes/telegram.php new file mode 100644 index 0000000..5d506c7 --- /dev/null +++ b/classes/telegram.php @@ -0,0 +1,82 @@ + $value) { + // $data_check_arr[] = $key . '=' . $value; + $data_check_arr[] = $key . '=' . str_replace('https:/t', 'https://t', $value); + } + sort($data_check_arr); + $data_check_string = implode("\n", $data_check_arr); + $secret_key = hash('sha256', TG_BOT_API_TOKEN, true); + $hash = hash_hmac('sha256', $data_check_string, $secret_key); + if (strcmp($hash, $check_hash) !== 0) { + throw new Exception('Data is NOT from Telegram'); + } + if ((time() - $auth_data['auth_date']) > 86400) { + throw new Exception('Data is outdated'); + } + return $auth_data; + } + + + /** + * Save telegram userdata + * + * Save the telegram user data in a cookie + * @return void + */ + function saveTelegramUserData($auth_data) { + $auth_data_json = json_encode($auth_data); + setcookie('tg_user', $auth_data_json); + } + + function get_telegram_subscriberid($user) + { + global $mysqli; + $stmt = $mysqli->prepare("SELECT subscriberID FROM subscribers WHERE typeID=1 AND userID LIKE ? LIMIT 1"); + $stmt->bind_param("s", $user); + $stmt->execute(); + $result = $stmt->get_result(); + if ( $result->num_rows) { + $row = $result->fetch_assoc(); + $subscriberID = $row['subscriberID']; + return $subscriberID; + } + return null; // Return null on false + } +} \ No newline at end of file diff --git a/telegram.php b/telegram.php deleted file mode 100644 index bf25641..0000000 --- a/telegram.php +++ /dev/null @@ -1,63 +0,0 @@ - $value) { - // $data_check_arr[] = $key . '=' . $value; - $data_check_arr[] = $key . '=' . str_replace('https:/t', 'https://t', $value); - } - sort($data_check_arr); - $data_check_string = implode("\n", $data_check_arr); - $secret_key = hash('sha256', TG_BOT_API_TOKEN, true); - $hash = hash_hmac('sha256', $data_check_string, $secret_key); - if (strcmp($hash, $check_hash) !== 0) { - throw new Exception('Data is NOT from Telegram'); - } - if ((time() - $auth_data['auth_date']) > 86400) { - throw new Exception('Data is outdated'); - } - return $auth_data; - } - - -/** - * Save telegram userdata - * - * Save the telegram user data in a cookie - * @return void - */ -function saveTelegramUserData($auth_data) { - $auth_data_json = json_encode($auth_data); - setcookie('tg_user', $auth_data_json); - } \ No newline at end of file diff --git a/telegram_check.php b/telegram_check.php new file mode 100644 index 0000000..ccb4dc2 --- /dev/null +++ b/telegram_check.php @@ -0,0 +1,33 @@ +checkTelegramAuthorization($_GET); + $telegram->saveTelegramUserData($auth_data); +} catch (Exception $e) { + die($e->getMessage()); +} + +// Check if user is registered in DB +$subscriber->firstname = $auth_data['first_name']; +$subscriber->lastname = $auth_data['last_name']; +$subscriber->typeID = 1; +$subscriber->userID = $auth_data['id']; +$subscriber->active = 1; // Telegram user should always be active if they can be validated + +$subscriber_id = $subscriber->get_subscriber_by_userid(true); // If user does not exists, create it +$subscriber->id = $subscriber_id; + +// make sure we don't have a logged in email subscriber +$subscriber->set_logged_in(); +//$_SESSION['subscriber_valid'] = true; +//$_SESSION['subscriber_typeid'] = 1; +//$_SESSION['subscriber_userid'] = $auth_data['id']; +//$_SESSION['subscriber_id'] = $subscriber_id; + +header('Location: subscriptions.php'); From 528cb779521bb7686857d9da451623db232ced55 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 18:26:30 +0100 Subject: [PATCH 036/138] Reverses partial changes commited in PR #63 - Removes not needed re-translation of statuses. These fails to be translated due to index.php calling config.php after performing the translation. See #64 for details - Amend SQL query to use named fields to prevent potential failure in future upgrades if table should change. --- classes/service.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/classes/service.php b/classes/service.php index 3f0f68c..f116cc4 100644 --- a/classes/service.php +++ b/classes/service.php @@ -71,7 +71,7 @@ class Service implements JsonSerializable { global $mysqli; $name = $_POST['service']; - $stmt = $mysqli->prepare("INSERT INTO services VALUES(NULL,?)"); + $stmt = $mysqli->prepare("INSERT INTO services ( name ) VALUES ( ? )"); $stmt->bind_param("s", $name); $stmt->execute(); $stmt->get_result(); @@ -146,9 +146,9 @@ class Service implements JsonSerializable if ($statuses[$worst] == count($array)) { - echo _($all[$worst]); + echo $all[$worst]; }else{ - echo _($some[$worst]); + echo $some[$worst]; } echo '
    '; } From 3eccbf529e374db78e87625909b2b8d63eeea6f8 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 18:33:25 +0100 Subject: [PATCH 037/138] Add handling of email subscriptions - Translation issue fixes #64 - Adds handler for email subscription requests --- index.php | 40 +++++++++++++++++++++++++++++++--------- 1 file changed, 31 insertions(+), 9 deletions(-) diff --git a/index.php b/index.php index 84da6ef..87fa0f6 100644 --- a/index.php +++ b/index.php @@ -1,17 +1,35 @@ Date: Sun, 25 Nov 2018 18:39:57 +0100 Subject: [PATCH 038/138] Adds new class dependencies - Mailer class for mail handler - Notification class for all notifications - Parsedown class for implenting support for Markdown when adding new incidents #8. --- admin/index.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/admin/index.php b/admin/index.php index 005a7ea..a665ba1 100644 --- a/admin/index.php +++ b/admin/index.php @@ -7,7 +7,10 @@ if (!file_exists("../config.php")) else{ require_once("../config.php"); require_once("../classes/constellation.php"); + require_once("../classes/mailer.php"); + require_once("../classes/notification.php"); require_once("../template.php"); + require_once("../libs/parsedown/Parsedown.php"); if(isset($_COOKIE['user'])&&!isset($_SESSION['user'])) { From e98b4da6491f2d1db499ab49d8693ca547f1eb50 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 18:45:54 +0100 Subject: [PATCH 039/138] Use new notification class --- classes/incident.php | 43 ++++++++++++++++++++----------------------- 1 file changed, 20 insertions(+), 23 deletions(-) diff --git a/classes/incident.php b/classes/incident.php index 8a1fbc9..c71b74b 100644 --- a/classes/incident.php +++ b/classes/incident.php @@ -1,4 +1,6 @@ bind_param("ii", $service, $status_id); $stmt->execute(); $query = $stmt->get_result(); - - $query = $mysqli->query("SELECT * FROM services_subscriber WHERE serviceIDFK=" . $service); - while($subscriber = $query->fetch_assoc()){ - $subscriberQuery = $mysqli->query("SELECT * FROM subscribers WHERE subscriberID=" . $subscriber['subscriberIDFK']); - while($subscriberData = $subscriberQuery->fetch_assoc()){ - $telegramID = $subscriberData['telegramID']; - $firstname = $subscriberData['firstname']; - - $tg_message = urlencode('Hi ' . $firstname . chr(10) . 'There is a status update on a service that you have subscribed. View online'); - $response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $telegramID . "&parse_mode=HTML&text=" . $tg_message), true); - if($response['ok'] == true){ - $tgsent = true; - } - } - } - if($tgsent){ - header("Location: ".WEB_URL."/admin?sent=true"); + + // Perform notification to subscribers + $notify = new Notification(); + $notify->get_service_details($status_id); - } else { - header("Location: ".WEB_URL."/admin?sent=false"); - } + $notify->type = $type; + $notify->time = $time; + $notify->title = $title; + $notify->text = $text; + $notify->status = $statuses[$type]; + + $notify->notify_subscribers(); + + header("Location: ".WEB_URL."/admin?sent=true"); } } - } /** * Renders incident @@ -194,7 +191,7 @@ class Incident implements JsonSerializable global $icons; global $classes, $user; $admin = $admin && (($user->get_rank()<=1) || ($user->get_username() == $this->username)); - + $Parsedown = new Parsedown(); ?>
    @@ -208,7 +205,7 @@ class Incident implements JsonSerializable
    - text; ?> + setBreaksEnabled(true)->text($this->text); ?>
    From a74ce9ad33558dd092b28b95dc08465f2268e75b Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 18:48:38 +0100 Subject: [PATCH 040/138] Remove commented code --- telegram_check.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/telegram_check.php b/telegram_check.php index ccb4dc2..dfa11d7 100644 --- a/telegram_check.php +++ b/telegram_check.php @@ -25,9 +25,5 @@ $subscriber->id = $subscriber_id; // make sure we don't have a logged in email subscriber $subscriber->set_logged_in(); -//$_SESSION['subscriber_valid'] = true; -//$_SESSION['subscriber_typeid'] = 1; -//$_SESSION['subscriber_userid'] = $auth_data['id']; -//$_SESSION['subscriber_id'] = $subscriber_id; header('Location: subscriptions.php'); From 39e53ab1f4b6ae635c17c647a990afa8e1ec66df Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 18:50:31 +0100 Subject: [PATCH 041/138] Adds dropdown for subscription options to menu - Modifies menu to include email subscription in addition to Telegram subscription --- template.php | 88 +++++++++++++++++++++++++++++++++++----------------- 1 file changed, 60 insertions(+), 28 deletions(-) diff --git a/template.php b/template.php index 764f3c7..25b673c 100644 --- a/template.php +++ b/template.php @@ -1,6 +1,7 @@ -getTelegramUserData(); // TODO Is this needed any longer? + + // Create subscriber menu sections for later inclusion + // Check if we are on admin menu, if so do not display + $arr_url = explode("/", $_SERVER['PHP_SELF']); + $str_url = strtolower($arr_url[count($arr_url)-2]); + if ( 'admin' == $str_url ) { + $strSubsMenu = ''; + } else { + // Subscriber menu is to be shown... + $strSubsMenu = '
      '; + // If subscriber is not logged on, display subscriber menus + if ( (!isset($_SESSION['subscriber_valid'])) || false == $_SESSION['subscriber_valid'] ) { + $strSubsMenu .= '
    • +  '. _('Subscribe').' +
        '; + + if ( SUBSCRIBE_EMAIL ) { + $strSubsMenu .= '
      •  '._('Subscribe via email').'
        • '; + } + if ( SUBSCRIBE_TELEGRAM ) { + $strSubsMenu .= '
        • '; + } + $strSubsMenu .= '
      '; + } + // If subscriber is logged on, display unsub and logoff menu points + if ( (isset($_SESSION['subscriber_valid'])) && $_SESSION['subscriber_valid'] ) { + $strSubsMenu .= '
    • '._('Subscriptions').'
      • '; + $strSubsMenu .= '
    • '._('Logout').'
      • '; + } + $strSubsMenu .= '
    '; + } + + + ?> @@ -57,36 +95,27 @@ class Template{ -
    +
    +
    +
    - + + + Date: Sun, 25 Nov 2018 18:54:10 +0100 Subject: [PATCH 042/138] Implementes email subscription handler to front - Adds handler for email subscription. #65 --- email_subscriptions.php | 196 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 196 insertions(+) create mode 100644 email_subscriptions.php diff --git a/email_subscriptions.php b/email_subscriptions.php new file mode 100644 index 0000000..2174a3d --- /dev/null +++ b/email_subscriptions.php @@ -0,0 +1,196 @@ +verify_domain($_POST['emailaddress']) ) { + $messages[] = _("Domain does not apper to be a valid email domain. (Check MX record)"); + } + + if (GOOGLE_RECAPTCHA) { + // Validate recaptcha + $response = $_POST["g-recaptcha-response"]; + $url = 'https://www.google.com/recaptcha/api/siteverify'; + $data = array( + 'secret' => GOOGLE_RECAPTCHA_SECRET, + 'response' => $_POST["g-recaptcha-response"] + ); + $options = array( + 'http' => array ( + 'header' => 'Content-Type: application/x-www-form-urlencoded\r\n', + 'method' => 'POST', + 'content' => http_build_query($data) + ) + ); + $context = stream_context_create($options); + $verify = file_get_contents($url, false, $context); + $captcha_success = json_decode($verify); + + if ( $captcha_success->success==false ) { + $messages[] = _("reChaptcha validation failed"); + } + } + if ( isset($messages) ) { + $message = _("Please check
    "); + $message .= implode("
    ", $messages); + } + + } + + if(isset($_POST['emailaddress']) && empty($message)) + { + + // Check if email is already registered + $boolUserExist = false; + $subscriber->userID = $_POST['emailaddress']; + $subscriber->typeID = 2; // Email + $boolUserExist = $subscriber->check_userid_exist(); + + $url = WEB_URL."/index.php?do=manage&token=".$subscriber->token; + + if ( ! $boolUserExist ) { + // Create a new subscriber as it does not exist + $subscriber->add($subscriber->typeID, $_POST['emailaddress']); + $url = WEB_URL."/index.php?do=manage&token=".$subscriber->token; // Needed again after adding subscriber since token did not exist before add + $msg = sprintf(_("Thank you for registering to receive status updates via email.

    Click on the following link to confirm and manage your subcription: %s. New subscriptions must be confirmed within 2 hours"), $url, NAME .' - ' . _("Validate subscription")); + + } else { + if ( ! $subscriber->active ) { + // Subscriber is registered, but has not been activated yet... + $msg = sprintf(_("Thank you for registering to receive status updates via email.

    Click on the following link to confirm and manage your subcription: %s. New subscriptions must be confirmed within 2 hours"), $url, NAME .' - ' . _("Validate subscription")); + $subscriber->activate($subscriber->id); + + } else { + // subscriber is registered and active + $msg = sprintf(_("Click on the following link to update your existing subscription: %s"), $url, NAME .' - ' . _("Manage subscription")); + $subscriber->update($subscriber->id); + } + } + // Show success message + $header = _("Thank you for subscribing"); + $message = _("You will receive an email shortly with an activation link. Please click on the link to activate and/or manage your subscription."); + $constellation->render_success($header, $message, true, WEB_URL, _('Go back')); + + // Send email about new registration + $subject = _('Email subscription registered').' - '.NAME; + $mailer->send_mail($_POST['emailaddress'], $subject, $msg); + + $boolRegistered = true; + } + + // Add a new email subscriber - display form + if ( isset($_GET['new']) && (! $boolRegistered) ) { + + if (!empty($message)) { + echo '

    '.$message.'

    '; + } + $strPostedEmail = (isset($_POST['emailaddress'])) ? $_POST['emailaddress'] : ""; + ?> + + +
    +

    +
    + + +
    + +
    +
    +
    +
    +
    +
    +
    + + + Privacy Policy'), POLICY_URL); + echo $msg; + ?> + +
    +
    + + +
    + typeID = 2; //EMAIL + if ( $subscriber->is_active_subscriber($_GET['token']) ) { + // forward user to subscriber list.... + $subscriber->set_logged_in(); + header('Location: subscriptions.php'); + exit; + } else { + Template :: render_header(_("Email Subscription")); + + $header = _("We cannot find a valid subscriber account matching those details"); + $message = _("If you have recently subscribed, please make sure you activate the account within two hours of doing so. You are welcome to try and re-subscribe."); + $constellation->render_warning($header, $message, true, WEB_URL, _('Go back')); + } + + +} else if (isset($_GET['do']) && $_GET['do'] == 'unsubscribe') { + // Handle unsubscriptions + // TODO This function is universal and should probably live elsewhere?? + if (isset($_GET['token'])) { + $subscriber->typeID = (int) $_GET['type']; + + if ( $subscriber->get_subscriber_by_token($_GET['token'])) { + $subscriber->delete($subscriber->id); + $subscriber->set_logged_off(); + Template :: render_header(_("Email Subscription")); + + $header = _("You have been unsubscribed from our system"); + $message = _("We are sorry to see you go. If you want to subscribe again at a later date please feel free to re-subscribe."); + $constellation->render_success($header, $message, true, WEB_URL, _('Go back')); + + } else { + // TODO Log token for troubleshooting ? + // Cannot find subscriber - show alert + Template :: render_header(_("Email Subscription")); + $header = _("We are unable to find any valid subscriber detail matching your submitted data!"); + $message = _("If you believe this to be an error, please contact the system admininistrator."); + $constellation->render_warning($header, $message, true, WEB_URL, _('Go back')); + + // + } + } else { + // TODO Log $_GET[] for troubleshooting ? + $header = _("We are unable to find any valid subscriber detail matching your submitted data!"); + $message = _("If you believe this to be an error, please contact the system admininistrator."); + $constellation->render_warning($header, $message, true, WEB_URL, _('Go back')); + } +} +Template :: render_footer(); From 4903c3bb89155f418657b85d240f26e0eba6dd8b Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 18:56:23 +0100 Subject: [PATCH 043/138] HTML template for status updates to subscribers - Initial HTML template used to generate HTML emails when status notifications is sent to subscribers. TODO: Should probably be located in a different directory structure --- libs/templates/email_status_update.html | 56 +++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 libs/templates/email_status_update.html diff --git a/libs/templates/email_status_update.html b/libs/templates/email_status_update.html new file mode 100644 index 0000000..dea833e --- /dev/null +++ b/libs/templates/email_status_update.html @@ -0,0 +1,56 @@ + + + + + + + + + +

    %service_status_update_from% %name%

    +
    + + + + + + + + + + + + + + + + + + + +
    %services_impacted%:%service%
    %status_label%:%status%
    %time_label%:%time%
     %comment%
    +
    + + + + + + +
    +

    %unsubscribe%

    +

     %powered_by% Server-Status

    \ No newline at end of file From c57171add57cfb0870b475688110ffe80bd6379e Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 18:58:42 +0100 Subject: [PATCH 044/138] Reverts changes done by a rebase merge gone wrong --- install.php | 9 --------- 1 file changed, 9 deletions(-) diff --git a/install.php b/install.php index 75ca5e6..c11fec8 100644 --- a/install.php +++ b/install.php @@ -258,15 +258,6 @@ if (!empty($message))
    -
    -
    -

    - -
    -
    " class="form-control" required>
    -
    " class="form-control" required>
    -
    -
    From fe812d5b7829bf8f2c6391fb331f243aebd13853 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 19:18:38 +0100 Subject: [PATCH 045/138] Reverts changes done by a rebase merge gone wrong --- policy.php | 34 +--------------------------------- 1 file changed, 1 insertion(+), 33 deletions(-) diff --git a/policy.php b/policy.php index 0759b83..9379583 100644 --- a/policy.php +++ b/policy.php @@ -3,7 +3,7 @@ require_once("config.php"); Template::render_header("Privacy Policy"); - echo "

    " . _("Privacy Policy") . "

    "; + echo "

    " . _("Privacy Policy") . "

    "; echo "

    " . _("Who we are") . "

    "; echo WHO_WE_ARE; echo "

    " . _("Contact") . "

    "; @@ -45,36 +45,4 @@ The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers"); - echo "

    " . _("Contact & Privacy Policy") . "

    "; - echo "

    " . _("Privcacy Policy") . "

    "; - echo "

    " . _("Who we are") . "

    "; - echo WHO_WE_ARE; - echo "

    " . _("Contact") . "

    "; - echo POLICY_NAME . "
    "; - echo ADDRESS . "
    "; - echo POLICY_MAIL . "
    "; - if(defined('POLICY_PHONE') && POLICY_PHONE != ""){ - echo POLICY_PHONE . "
    "; - } - - echo '

    ' . _("What personal data we collect and why") . '

    '; - echo '

    ' . _("Global") . "

    "; - echo _("If you access our websites, the following information will be saved: IP-address, Date, Time, Browser queries, - General information about your browser, operating system and all search queries on the sites. - This user data will be used for anonym user statistics to recognize trends and improve our content. - ") . "

    "; - echo "

    " . _("How we protect your data") . "

    "; - echo _("In collaboration with our hosting provider we try our best to protect our - databases against access from third parties, losses, misuse or forgery. - ") . "

    "; - echo "

    " . _("Third party that receive your personal data") . "

    "; - echo "Our hosting provider can access the date we store on their server. We have a data processing agreement with them."; - echo "

    " . _("Cookies") . "

    "; - echo _("This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. - In general, cookies are used to retain user preferences, store information for things like shopping carts, - and provide anonymised tracking data to third party applications like Google Analytics. - As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. - The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser - or taking a look at the About Cookies website which offers guidance for all modern browsers"); - Template::render_footer(); From b90fab434ca046f240f6d45ed83562870f50e032 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 20:04:59 +0100 Subject: [PATCH 046/138] Changes to SQL schema In order to handle multiple subscription types using the same tables some changes from the schema as implemented by PR #1 are needed. A typeID field will be the indicator for which type of notification to use. Additional notification types must be assinged unique typeIDs. Assigned typeID for now are: - 1 = Telegram - 2 = email --- install.sql | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/install.sql b/install.sql index 32652af..e6c8a58 100644 --- a/install.sql +++ b/install.sql @@ -91,3 +91,16 @@ ALTER TABLE `services_subscriber` ADD CONSTRAINT `services_subscriber_ibfk_1` FOREIGN KEY (`subscriberIDFK`) REFERENCES `subscribers` (`subscriberID`) ON DELETE CASCADE ON UPDATE CASCADE, ADD CONSTRAINT `services_subscriber_ibfk_2` FOREIGN KEY (`serviceIDFK`) REFERENCES `services` (`id`) ON DELETE CASCADE ON UPDATE CASCADE; COMMIT; + +ALTER TABLE `subscribers` CHANGE COLUMN lastname lastname varchar(255) DEFAULT NULL; # was varchar(255) NOT NULL +ALTER TABLE `subscribers` CHANGE COLUMN firstname firstname varchar(255) DEFAULT NULL; # was varchar(255) NOT NULL +ALTER TABLE `subscribers` CHANGE COLUMN telegramID userID varchar(200) COLLATE utf8mb4_unicode_ci NOT NULL; +ALTER TABLE `subscribers` ADD COLUMN typeID tinyint(1) NOT NULL AFTER subscriberID; +ALTER TABLE `subscribers` ADD COLUMN token varchar(100) COLLATE utf8mb4_unicode_ci DEFAULT NULL AFTER lastname; +ALTER TABLE `subscribers` ADD COLUMN expires int(11) DEFAULT NULL; +ALTER TABLE `subscribers` ADD COLUMN active tinyint(1) DEFAULT NULL; +ALTER TABLE `subscribers` ADD COLUMN create_time int(11) DEFAULT NULL; +ALTER TABLE `subscribers` ADD COLUMN update_time int(11) DEFAULT NULL; +ALTER TABLE `subscribers` DROP INDEX telegramID; # was UNIQUE (telegramID) +ALTER TABLE `subscribers` ADD UNIQUE userID (userID); +COMMIT; From c08264f4f7d5030e0b8f001b6f6357860141f939 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Sun, 25 Nov 2018 21:33:18 +0100 Subject: [PATCH 047/138] Minor code cleanup suggested by codacy service --- classes/notification.php | 5 ++--- classes/subscriber.php | 15 ++++++++------- classes/subscriptions.php | 10 +++++----- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/classes/notification.php b/classes/notification.php index 51b3a3c..e28c86e 100644 --- a/classes/notification.php +++ b/classes/notification.php @@ -74,7 +74,7 @@ class Notification // Handle telegram if ($typeID == 1) { - $this->submit_telegram($userID, $firstname, $token); + $this->submit_telegram($userID, $firstname); } // Handle email @@ -89,10 +89,9 @@ class Notification * Sends Telegram notification message using their web api. * @param string $userID The Telegram userid to send to * @param string $firstname The users firstname - * @param string $uthkey Token used for managing subscription * @return void */ - public function submit_telegram($userID, $firstname, $token) + public function submit_telegram($userID, $firstname) { // TODO Handle limitations (Max 30 different subscribers per second) // TODO Error handling diff --git a/classes/subscriber.php b/classes/subscriber.php index bdc8b92..1e8e92a 100644 --- a/classes/subscriber.php +++ b/classes/subscriber.php @@ -132,7 +132,7 @@ Class Subscriber global $mysqli; $updateTime = strtotime("now"); $stmt = $mysqli->prepare("UPDATE subscribers SET update_time = ? WHERE subscriberID=?"); - $stmt->bind_param("ii", $updateTime, $subscriberId); + $stmt->bind_param("ii", $updateTime, $subscriberID); $stmt->execute(); return true; @@ -145,24 +145,25 @@ Class Subscriber $stmt = $mysqli->prepare("UPDATE subscribers SET update_time = ?, expires = ? WHERE subscriberID = ?"); $tmp = null; - $stmt->bind_param("iii", $updateTime, $tmp, $subscriberId); + $stmt->bind_param("iii", $updateTime, $tmp, $subscriberID); $stmt->execute(); return true; } - public function delete($id) + public function delete($subscriberID) { global $mysqli; $stmt = $mysqli->prepare("DELETE FROM services_subscriber WHERE subscriberIDFK = ?"); - $stmt->bind_param("i", $this->id); + $stmt->bind_param("i", $subscriberID); $stmt->execute(); - $query = $stmt->get_result(); + //$query = $stmt->get_result(); $stmt = $mysqli->prepare("DELETE FROM subscribers WHERE subscriberID = ?"); - $stmt->bind_param("i", $this->id); + $stmt->bind_param("i", $subscriberID); $stmt->execute(); - $query = $stmt->get_result(); + //$query = $stmt->get_result(); + return true; } diff --git a/classes/subscriptions.php b/classes/subscriptions.php index d1cf6e4..59507d2 100644 --- a/classes/subscriptions.php +++ b/classes/subscriptions.php @@ -13,7 +13,8 @@ Class Subscriptions $stmt = $mysqli->prepare("INSERT INTO services_subscriber (subscriberIDFK, serviceIDFK) VALUES (?, ?)"); $stmt->bind_param("ii", $userID, $service); $stmt->execute(); - $query = $stmt->get_result(); + //$query = $stmt->get_result(); + return true; } public function remove($userID, $service) @@ -23,7 +24,8 @@ Class Subscriptions $stmt = $mysqli->prepare("DELETE FROM services_subscriber WHERE subscriberIDFK = ? AND serviceIDFK = ?"); $stmt->bind_param("ii", $userID, $service); $stmt->execute(); - $query = $stmt->get_result(); + //$query = $stmt->get_result(); + return true; } function render_subscribed_services($typeID, $subscriberID, $userID, $token) @@ -37,9 +39,7 @@ Class Subscriptions $stmt->bind_param("ii", $typeID, $subscriberID); $stmt->execute(); $query = $stmt->get_result(); - - $timestamp = time(); - + $strNotifyType = _('E-mail Notification subscription'); if ( $typeID == 1 ) { $strNotifyType = _('Telegram Notification subscription'); } From 7ee0aa354007b63c01416e0b083c75a10a8e5a93 Mon Sep 17 00:00:00 2001 From: thnilsen Date: Fri, 7 Dec 2018 22:41:23 +0100 Subject: [PATCH 048/138] Removed redundant code - $tg_user was no longer used for validating if a subscriber was logged in or not, as this has been moved to a $_SESSION variable. --- template.php | 6 ------ 1 file changed, 6 deletions(-) diff --git a/template.php b/template.php index 25b673c..98d8361 100644 --- a/template.php +++ b/template.php @@ -9,8 +9,6 @@ $some = array(_("Some systems are experiencing major outages"), _("Some systems $all = array(_("Our systems are experiencing major outages."), _("Our systems are experiencing minor outages"), _("Our systems are under maintenance"), _("All systems operational")); $permissions = array(_("Super admin"), _("Admin"), _("Editor")); -require_once("classes/telegram.php"); - /** * Class that encapsulates methods to render header and footer */ @@ -23,10 +21,6 @@ class Template{ public static function render_header($page_name, $admin = false){ if (!$admin) { - - $telegram = new Telegram(); - $tg_user = $telegram->getTelegramUserData(); // TODO Is this needed any longer? - // Create subscriber menu sections for later inclusion // Check if we are on admin menu, if so do not display $arr_url = explode("/", $_SERVER['PHP_SELF']); From 62e6f08e4fdced8e1e557245cd2fafc72a979d91 Mon Sep 17 00:00:00 2001 From: thnilsen Date: Fri, 7 Dec 2018 22:46:16 +0100 Subject: [PATCH 049/138] Code cleanup as suggested by the codacy service. - Renamed get_service_details to populate_impacted_services - Removed unused variables --- classes/incident.php | 4 ++-- classes/notification.php | 10 +++++++--- classes/subscriber.php | 2 +- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/classes/incident.php b/classes/incident.php index c71b74b..2190f46 100644 --- a/classes/incident.php +++ b/classes/incident.php @@ -168,7 +168,7 @@ class Incident implements JsonSerializable // Perform notification to subscribers $notify = new Notification(); - $notify->get_service_details($status_id); + $notify->populate_impacted_services($status_id); $notify->type = $type; $notify->time = $time; @@ -210,7 +210,7 @@ class Incident implements JsonSerializable
    service_name as $key => $value ) { + foreach ( $this->service_name as $value ) { echo ''.$value . ' '; } diff --git a/classes/notification.php b/classes/notification.php index e28c86e..6b4b6d1 100644 --- a/classes/notification.php +++ b/classes/notification.php @@ -18,10 +18,10 @@ class Notification /** * Generate an array of servicenames and service IDs affected by a given incident - * @param int $statsus_id The incident to query + * @param int $status_id The incident to query * @return boolean */ - public function get_service_details($status_id) + public function populate_impacted_services($status_id) { global $mysqli; if (! empty($status_id)) { @@ -89,7 +89,7 @@ class Notification * Sends Telegram notification message using their web api. * @param string $userID The Telegram userid to send to * @param string $firstname The users firstname - * @return void + * @return boolean */ public function submit_telegram($userID, $firstname) { @@ -100,6 +100,10 @@ class Notification $tg_message = urlencode($msg); $response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $userID . "&parse_mode=HTML&text=" . $tg_message), true); + if (! array_key_exists("ok", $response) || $response['ok'] != 1 ) { + return false; + } + return true; } /** diff --git a/classes/subscriber.php b/classes/subscriber.php index 1e8e92a..e122070 100644 --- a/classes/subscriber.php +++ b/classes/subscriber.php @@ -115,7 +115,7 @@ Class Subscriber $stmt = $mysqli->prepare("INSERT INTO subscribers (typeID, userID, firstname, lastname, token, active, expires, create_time) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"); $stmt->bind_param("issssiii", $typeID, $userID, $firstname, $lastname, $token, $active, $expireTime, $updateTime); $stmt->execute(); - $query = $stmt->get_result(); + //$query = $stmt->get_result(); $this->id = $mysqli->insert_id; $this->typeID = $typeID; From e3d8e3ecf89373d6b1cc7daf3508b4819bfe72ba Mon Sep 17 00:00:00 2001 From: thnilsen Date: Tue, 16 Jun 2020 20:11:25 +0200 Subject: [PATCH 050/138] Added queue to handle sending of subscribers notifications --- admin/dashboard.php | 11 ++- classes/mailer.php | 75 +++++++++--------- classes/notification.php | 162 +++++++++++++++++++++++++++++++++----- classes/queue.php | 163 +++++++++++++++++++++++++++++++++++++++ classes/service.php | 4 +- 5 files changed, 351 insertions(+), 64 deletions(-) create mode 100644 classes/queue.php diff --git a/admin/dashboard.php b/admin/dashboard.php index b6dec52..665540d 100644 --- a/admin/dashboard.php +++ b/admin/dashboard.php @@ -1,4 +1,4 @@ -
    @@ -45,7 +48,7 @@ Template::render_header(_("Dashboard"), true);
    -
    " class="form-control" required>
    +
    +

    + + +
    +
    " class="form-control">
    +
    " class="form-control">
    +
    +

    From 0bc924e39a87a3b50d123b83c2b11d81275f2726 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 16:39:41 +0300 Subject: [PATCH 107/138] Fix crash while trying to send notifications --- install.sql | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/install.sql b/install.sql index 659876d..f073762 100644 --- a/install.sql +++ b/install.sql @@ -48,7 +48,46 @@ CREATE TABLE `services_subscriber` ( `subscriberIDFK` int(11) NOT NULL, `serviceIDFK` int(11) NOT NULL ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; +CREATE TABLE queue_notify ( + id int(11) NOT NULL AUTO_INCREMENT, + task_id int(11) NOT NULL, + status tinyint(1) NOT NULL, + subscriber_id int(11) NOT NULL, + retries tinyint(1) DEFAULT NULL, + PRIMARY KEY (id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci; +CREATE TABLE queue_task ( + id int(11) NOT NULL AUTO_INCREMENT, + type_id int(11) NOT NULL, + status tinyint(1) NOT NULL, + template_data1 text COLLATE utf8_czech_ci, + template_data2 text COLLATE utf8_czech_ci, + created_time int(11) NOT NULL, + completed_time int(11) DEFAULT NULL, + num_errors int(11) DEFAULT NULL, + user_id int(11) NOT NULL, + PRIMARY KEY (id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci;CREATE TABLE queue_notify ( + id int(11) NOT NULL AUTO_INCREMENT, + task_id int(11) NOT NULL, + status tinyint(1) NOT NULL, + subscriber_id int(11) NOT NULL, + retries tinyint(1) DEFAULT NULL, + PRIMARY KEY (id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci; +CREATE TABLE queue_task ( + id int(11) NOT NULL AUTO_INCREMENT, + type_id int(11) NOT NULL, + status tinyint(1) NOT NULL, + template_data1 text COLLATE utf8_czech_ci, + template_data2 text COLLATE utf8_czech_ci, + created_time int(11) NOT NULL, + completed_time int(11) DEFAULT NULL, + num_errors int(11) DEFAULT NULL, + user_id int(11) NOT NULL, + PRIMARY KEY (id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci; ALTER TABLE `services` ADD PRIMARY KEY (`id`); ALTER TABLE `services_status` From 7aed1d2580d5c6437a96657a9883d09e0e47dc0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 16:40:59 +0300 Subject: [PATCH 108/138] Delete duplicate --- install.sql | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/install.sql b/install.sql index f073762..8432510 100644 --- a/install.sql +++ b/install.sql @@ -57,25 +57,6 @@ CREATE TABLE queue_notify ( PRIMARY KEY (id) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci; -CREATE TABLE queue_task ( - id int(11) NOT NULL AUTO_INCREMENT, - type_id int(11) NOT NULL, - status tinyint(1) NOT NULL, - template_data1 text COLLATE utf8_czech_ci, - template_data2 text COLLATE utf8_czech_ci, - created_time int(11) NOT NULL, - completed_time int(11) DEFAULT NULL, - num_errors int(11) DEFAULT NULL, - user_id int(11) NOT NULL, - PRIMARY KEY (id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci;CREATE TABLE queue_notify ( - id int(11) NOT NULL AUTO_INCREMENT, - task_id int(11) NOT NULL, - status tinyint(1) NOT NULL, - subscriber_id int(11) NOT NULL, - retries tinyint(1) DEFAULT NULL, - PRIMARY KEY (id) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci; CREATE TABLE queue_task ( id int(11) NOT NULL AUTO_INCREMENT, type_id int(11) NOT NULL, From a40d2f134ee29f93941496eb1f123d1a8eae430a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 16:43:48 +0300 Subject: [PATCH 109/138] Change menu text --- template.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/template.php b/template.php index 3455762..fcc7ece 100644 --- a/template.php +++ b/template.php @@ -155,7 +155,7 @@ class Template{ From 57dd2b261593ec383e40b0a0cd7925ea54d09d9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 16:45:03 +0300 Subject: [PATCH 110/138] Add options button to menu --- template.php | 1 + 1 file changed, 1 insertion(+) diff --git a/template.php b/template.php index fcc7ece..a1c1947 100644 --- a/template.php +++ b/template.php @@ -156,6 +156,7 @@ class Template{
  • get_username());?>
    • +
    • From 827b96c49ba4bc6119f9bb469a0ced211198d2c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 16:45:54 +0300 Subject: [PATCH 111/138] add css for toggle buttons --- css/main.css | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/css/main.css b/css/main.css index e530914..4a5f87b 100644 --- a/css/main.css +++ b/css/main.css @@ -624,3 +624,66 @@ label.form-name .panel .panel-footer .label{ display: inline-block; } +/* The switch - the box around the slider */ +.switch { + position: relative; + display: inline-block; + width: 60px; + height: 34px; +} + +/* Hide default HTML checkbox */ +.switch input { + opacity: 0; + width: 0; + height: 0; +} + +/* The slider */ +.slider { + position: absolute; + cursor: pointer; + top: 0; + left: 0; + right: 0; + bottom: 0; + background-color: #ccc; + -webkit-transition: .4s; + transition: .4s; +} + +.slider:before { + position: absolute; + content: ""; + height: 26px; + width: 26px; + left: 4px; + bottom: 4px; + background-color: white; + -webkit-transition: .4s; + transition: .4s; +} + +input:checked + .slider { + background-color: #2196F3; +} + +input:focus + .slider { + box-shadow: 0 0 1px #2196F3; +} + +input:checked + .slider:before { + -webkit-transform: translateX(26px); + -ms-transform: translateX(26px); + transform: translateX(26px); +} + +/* Rounded sliders */ +.slider.round { + border-radius: 34px; +} + +.slider.round:before { + border-radius: 50%; +} + From 169b165b5d5f10c3c7f98635c718bd2e3660da8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 16:52:20 +0300 Subject: [PATCH 112/138] Create options.php --- admin/options.php | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 admin/options.php diff --git a/admin/options.php b/admin/options.php new file mode 100644 index 0000000..b028bde --- /dev/null +++ b/admin/options.php @@ -0,0 +1,26 @@ +getSetting($mysqli,"name")); + define("TITLE", $db->getSetting($mysqli,"title")); + define("WEB_URL", $db->getSetting($mysqli,"url")); + define("MAILER_NAME", $db->getSetting($mysqli,"mailer")); + define("MAILER_ADDRESS", $db->getSetting($mysqli,"mailer_email")); + Template::render_header(_("Options"), true); +?> +
    +

    Server Status Options

    +
    From a07ee2131a9e644ff1fd10d331c1134cfec17c9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 16:54:12 +0300 Subject: [PATCH 113/138] add options to index --- admin/index.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/admin/index.php b/admin/index.php index 932c8ed..47d5c3d 100644 --- a/admin/index.php +++ b/admin/index.php @@ -95,7 +95,11 @@ else{ case 'logout': User::logout(); break; - + + case 'options': + require_once("options.php"); + break; + default: require_once("dashboard.php"); break; From 46e5af20b9991a0e5fde34cea19af0ed048c5ce4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 17:00:20 +0300 Subject: [PATCH 114/138] Add function render_toggle --- template.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/template.php b/template.php index a1c1947..08b5b03 100644 --- a/template.php +++ b/template.php @@ -166,7 +166,20 @@ class Template{ +
    +

    + +
    + } /** * Renders footer * @param Boolean $admin decides whether to load admin scripts From 51895e3a664d7651063c11acf6baa4faddc153b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 17:01:52 +0300 Subject: [PATCH 115/138] Test new toggle function --- admin/options.php | 1 + 1 file changed, 1 insertion(+) diff --git a/admin/options.php b/admin/options.php index b028bde..5820dac 100644 --- a/admin/options.php +++ b/admin/options.php @@ -24,3 +24,4 @@ else{

    Server Status Options

    + Date: Mon, 17 Aug 2020 17:08:35 +0300 Subject: [PATCH 116/138] Fix tpyo --- template.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/template.php b/template.php index 08b5b03..140d3d4 100644 --- a/template.php +++ b/template.php @@ -170,7 +170,7 @@ class Template{ * Renders a toggle switch * Created by Yigit Kerem Oktay */ - public static fuction render_toggle($toggletext,$input_name){ + public static function render_toggle($toggletext,$input_name){ ?>

    From 990462cece4f429e349f82c670ff218fc9d92d63 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 17:14:47 +0300 Subject: [PATCH 117/138] Add new functionality --- template.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/template.php b/template.php index 140d3d4..0934874 100644 --- a/template.php +++ b/template.php @@ -170,12 +170,12 @@ class Template{ * Renders a toggle switch * Created by Yigit Kerem Oktay */ - public static function render_toggle($toggletext,$input_name){ + public static function render_toggle($toggletext,$input_name,$checked=false){ ?>

    From 8a916058690110fd4f0d5a77c68bdf268cc3d43d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 17:18:46 +0300 Subject: [PATCH 118/138] try a fix --- admin/options.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin/options.php b/admin/options.php index 5820dac..76416d4 100644 --- a/admin/options.php +++ b/admin/options.php @@ -24,4 +24,4 @@ else{

    Server Status Options

    - From b164d66df5d9092694bcba219e8d2d517986142d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 17:20:43 +0300 Subject: [PATCH 119/138] another attempt --- admin/index.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/admin/index.php b/admin/index.php index 47d5c3d..f4b69aa 100644 --- a/admin/index.php +++ b/admin/index.php @@ -92,13 +92,13 @@ else{ require_once("new-user.php"); break; - case 'logout': - User::logout(); - break; - case 'options': require_once("options.php"); break; + + case 'logout': + User::logout(); + break; default: require_once("dashboard.php"); From 0e1a5634495d5642cada67959a3beace85721276 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 17:23:58 +0300 Subject: [PATCH 120/138] Fixed it now --- admin/options.php | 1 + 1 file changed, 1 insertion(+) diff --git a/admin/options.php b/admin/options.php index 76416d4..aae0fa1 100644 --- a/admin/options.php +++ b/admin/options.php @@ -13,6 +13,7 @@ else{ require_once("../libs/parsedown/Parsedown.php"); require_once("../classes/queue.php"); require_once("../classes/db-class.php"); +} $db = new SSDB(); define("NAME", $db->getSetting($mysqli,"name")); define("TITLE", $db->getSetting($mysqli,"title")); From 675662db128dbad2a38d9d30faba70eb7e0e33bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 17 Aug 2020 17:31:22 +0300 Subject: [PATCH 121/138] Add something pretty required --- template.php | 1 + 1 file changed, 1 insertion(+) diff --git a/template.php b/template.php index 0934874..a1f3cfc 100644 --- a/template.php +++ b/template.php @@ -179,6 +179,7 @@ class Template{
    + Date: Mon, 17 Aug 2020 17:32:05 +0300 Subject: [PATCH 122/138] that's better --- template.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/template.php b/template.php index a1f3cfc..4629dea 100644 --- a/template.php +++ b/template.php @@ -173,7 +173,7 @@ class Template{ public static function render_toggle($toggletext,$input_name,$checked=false){ ?>
    -

    +

    -
    -

    - - -
    -
    " class="form-control">
    -
    " class="form-control">
    -
    -

    From c84f985d0175e7e7286657cfae1c5c98050c3759 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Thu, 20 Aug 2020 23:11:42 +0200 Subject: [PATCH 129/138] Fix bug with misspelt function update_notification_retries --- classes/queue.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/classes/queue.php b/classes/queue.php index 9d04ca9..dd8187c 100644 --- a/classes/queue.php +++ b/classes/queue.php @@ -98,7 +98,7 @@ class Queue $this->set_task_status($this->all_status['ready']); // Make task available for release } - public function update_notfication_retries($task_id, $subscriber_id) { + public function update_notification_retries($task_id, $subscriber_id) { global $mysqli; $stmt = $mysqli->prepare("UPDATE queue_notify SET retries = retries+1 WHERE task_id = ? AND subscriber_id = ?"); $stmt->bind_param("ii", $task_id, $subscriber_id); @@ -126,12 +126,12 @@ class Queue $tmp = $stmt2->get_result(); $result2 = $tmp->fetch_assoc(); $typeID = $result2['type_id']; - + // Handle telegram if ($typeID == 1) { $msg = str_replace("#s", $result['firstname'], $result2['template_data2']); if ( ! Notification::submit_queue_telegram($result['userID'], $result['firstname'], $msg) ) { - Queue::update_notfication_retries($result['task_id'], $result['subscriber_id']); // Sent + Queue::update_notification_retries($result['task_id'], $result['subscriber_id']); // Sent } else { Queue::delete_notification($result['task_id'], $result['subscriber_id']); // Failed } From 3c6f2f272cf792cf357c43d4be5af6fc11e6429f Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Thu, 20 Aug 2020 23:16:20 +0200 Subject: [PATCH 130/138] Added getBooleanSetting and updateSetting functions --- classes/db-class.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/classes/db-class.php b/classes/db-class.php index 914d8c0..b9fe130 100644 --- a/classes/db-class.php +++ b/classes/db-class.php @@ -40,4 +40,16 @@ class SSDB } } + function updateSetting($conn, $settingname, $settingvalue){ + $this->deleteSetting($conn, $settingname); + $this->setSetting($conn, $settingname, $settingvalue); + return true; + } + + function getBooleanSetting($conn, $setting) { + if (trim($this->getSetting($conn, $setting)) == "yes"){ + return true; + } + return false; + } } From 46dbbd35d599b99f5e9efbd7b62fd5f2e695a504 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Thu, 20 Aug 2020 23:27:41 +0200 Subject: [PATCH 131/138] Moved notification settings to db. The following define() are now loaded via the db class: - SUBSCRIBE_TELEGRAM - SUBSCRIBE_EMAIL - TG_BOT_API_TOKEN - TG_BOT_USERNAME - GOOGLE_RECAPTCHA - GOOGLE_RECAPTCHA_SITEKEY - GOOGLE_RECAPTCHA_SECRET - PHP_MAILER - PHP_MAILER_PATH - PHP_MAILER_SMTP - PHP_MAILER_HOST - PHP_MAILER_PORT - PHP_MAILER_SECURE - PHP_MAILER_USER - PHP_MAILER_PASS - CRON_SERVER_IP --- admin/options.php | 153 ++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 140 insertions(+), 13 deletions(-) diff --git a/admin/options.php b/admin/options.php index 9931b80..3ebdb16 100644 --- a/admin/options.php +++ b/admin/options.php @@ -1,4 +1,9 @@ getSetting($mysqli,"notifyUpdates")) == "yes"){ - $notifyUpdates_status = true; - } else { - $notifyUpdates_status = false; - } + $notifyUpdates_status = $db->getBooleanSetting($mysqli, "notifyUpdates"); + $emailSubscription_status = $db->getBooleanSetting($mysqli, "subscribe_email"); + $telegramSubscription_status = $db->getBooleanSetting($mysqli, "subscribe_telegram"); + $tg_bot_api_token = $db->getSetting($mysqli, "tg_bot_api_token"); + $tg_bot_username = $db->getSetting($mysqli, "tg_bot_username"); + $php_mailer_status = $db->getBooleanSetting($mysqli, "php_mailer"); + $php_mailer_smtp_status = $db->getBooleanSetting($mysqli, "php_mailer_smtp"); + $php_mailer_secure_status = $db->getBooleanSetting($mysqli, "php_mailer_secure"); + $php_mailer_path = $db->getSetting($mysqli, "php_mailer_path"); + $php_mailer_host = $db->getSetting($mysqli, "php_mailer_host"); + $php_mailer_port = $db->getSetting($mysqli, "php_mailer_port"); + $php_mailer_user = $db->getSetting($mysqli, "php_mailer_user"); + $php_mailer_pass = $db->getSetting($mysqli, "php_mailer_pass"); + $cron_server_ip = $db->getSetting($mysqli, "cron_server_ip"); + $google_rechaptcha_status = $db->getBooleanSetting($mysqli, "google_recaptcha"); + $google_recaptcha_sitekey = $db->getSetting($mysqli, "google_recaptcha_sitekey"); + $google_recaptcha_secret = $db->getSetting($mysqli, "google_recaptcha_secret"); + + $db->getSetting($mysqli, ""); $set_post = false; if(!empty($_POST)){ - if($_POST["nu_toggle"] == "on"){ $nu_toggle = "yes"; } else { $nu_toggle = "no"; } - $db->deleteSetting($mysqli,"notifyUpdates"); - $db->setSetting($mysqli,"notifyUpdates",$nu_toggle); - $db->deleteSetting($mysqli,"name"); - $db->setSetting($mysqli,"name",$_POST["sitename"]); + $db->updateSetting($mysqli, "notifyUpdates", getToggle($_POST["nu_toggle"])); + $db->updateSetting($mysqli, "name",htmlspecialchars($_POST["sitename"], ENT_QUOTES)); + $db->updateSetting($mysqli, "subscribe_email", getToggle($_POST["email_subscription_toggle"])); + $db->updateSetting($mysqli, "subscribe_telegram", getToggle($_POST["telegram_subscription_toggle"])); + $db->updateSetting($mysqli, "tg_bot_api_token", htmlspecialchars($_POST["tg_bot_api_token"], ENT_QUOTES)); + $db->updateSetting($mysqli, "tg_bot_username", htmlspecialchars($_POST["tg_bot_username"], ENT_QUOTES)); + $db->updateSetting($mysqli, "php_mailer", getToggle($_POST["php_mailer_toggle"])); + $db->updateSetting($mysqli, "php_mailer_smtp", getToggle($_POST["php_mailer_smtp_toggle"])); + $db->updateSetting($mysqli, "php_mailer_secure", getToggle($_POST["php_mailer_secure_toggle"])); + $db->updateSetting($mysqli, "php_mailer_path", htmlspecialchars($_POST["php_mailer_path"], ENT_QUOTES)); + $db->updateSetting($mysqli, "php_mailer_host", htmlspecialchars($_POST["php_mailer_host"], ENT_QUOTES)); + $db->updateSetting($mysqli, "php_mailer_port", htmlspecialchars($_POST["php_mailer_port"], ENT_QUOTES)); + $db->updateSetting($mysqli, "php_mailer_user", htmlspecialchars($_POST["php_mailer_user"], ENT_QUOTES)); + $db->updateSetting($mysqli, "php_mailer_pass", htmlspecialchars($_POST["php_mailer_pass"], ENT_QUOTES)); + $db->updateSetting($mysqli, "cron_server_ip", htmlspecialchars($_POST["cron_server_ip"], ENT_QUOTES)); + $db->updateSetting($mysqli, "google_recaptcha", getToggle($_POST["google_rechaptcha_toggle"])); + $db->updateSetting($mysqli, "google_recaptcha_sitekey", htmlspecialchars($_POST["google_recaptcha_sitekey"], ENT_QUOTES)); + $db->updateSetting($mysqli, "google_recaptcha_secret", htmlspecialchars($_POST["google_recaptcha_secret"], ENT_QUOTES)); + $set_post = true; - if($nu_toggle == "yes"){ + /*if($nu_toggle == "yes"){ $notifyUpdates_status = true; } else { $notifyUpdates_status = false; - } - define("NAME", $db->getSetting($mysqli,"name")); + }*/ + // TODO - Reload page to prevent showing old values! or update variables being displayed + header("Location: " .$uri = $_SERVER['REQUEST_URI']); + // TODO - The code below will not happen ... + + /*define("NAME", $db->getSetting($mysqli,"name")); define("TITLE", $db->getSetting($mysqli,"title")); define("WEB_URL", $db->getSetting($mysqli,"url")); define("MAILER_NAME", $db->getSetting($mysqli,"mailer")); define("MAILER_ADDRESS", $db->getSetting($mysqli,"mailer_email")); + define("SUBSCRIBER_EMAIL", $db->getSetting($mysqli,"subscriber_email")); + define("SUBSCRIBER_TELEGRAM", $db->getSetting($mysqli,"subscriber_telegram")); + define("TG_BOT_API_TOKEN", $db->getSetting($mysqli,"tg_bot_api_token")); + define("TG_BOT_USERNAME", $db->getSetting($mysqli,"tg_bot_username")); + define("GOOGLE_RECAPTCHA", $db->getSetting($mysqli,"google_recaptcha")); + define("GOOGLE_RECAPTCHA_SITEKEY", $db->getSetting($mysqli,"google_recaptcha_sitekey")); + define("GOOGLE_RECAPTCHA_SECRET", $db->getSetting($mysqli,"google_recaptcha_secret")); + define("PHP_MAILER", $db->getSetting($mysqli,"php_mailer")); + define("PHP_MAILER_PATH", $db->getSetting($mysqli,"php_mailer_path")); + define("PHP_MAILER_SMTP", $db->getSetting($mysqli,"php_mailer_smtp")); + define("PHP_MAILER_HOST", $db->getSetting($mysqli,"php_mailer_host")); + define("PHP_MAILER_PORT", $db->getSetting($mysqli,"php_mailer_port")); + define("PHP_MAILER_SECURE", $db->getSetting($mysqli,"php_mailer_secure")); + define("PHP_MAILER_USER", $db->getSetting($mysqli,"php_mailer_user")); + define("PHP_MAILER_PASS", $db->getSetting($mysqli,"php_mailer_pass")); + define("CRON_SERVER_IP", $db->getSetting($mysqli,"cron_server_ip")); + */ } Template::render_header(_("Options"), true); ?> @@ -52,5 +106,78 @@ else{ + + + + +
    +
    + Telegram BOT API Token +
    + +
    +
    +
    + Telegram BOT Username +
    + +
    + + + + +
    +
    + PHPMailer Path +
    + +
    +
    +
    + PHPMailer SMTP Host +
    + +
    +
    +
    + PHPMailer SMTP Port +
    + +
    +
    +
    + PHPMailer Username +
    + +
    +
    +
    + PHPMailer Password +
    + +
    +
    +
    + Cron Server IP +
    + +
    + + +
    +
    + Google reChaptcha Sitekey +
    + +
    +
    +
    + Google reChaptcha Secret +
    + +
    + + + From 78bb717b0dc31281b215bbf7d8a6fcc77094dda6 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Thu, 20 Aug 2020 23:40:20 +0200 Subject: [PATCH 132/138] Updated install with new db options --- install.php | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/install.php b/install.php index 84a3ab8..e101347 100644 --- a/install.php +++ b/install.php @@ -139,12 +139,28 @@ if(isset($_POST['server']) && empty($message)) $config = str_replace("##who_we_are##", htmlspecialchars($_POST['who_we_are'], ENT_QUOTES), $config); $policy_url_conf = ( ! empty($_POST['policy_url']) ) ? htmlspecialchars($_POST['policy_url'], ENT_QUOTES) : $_POST['url']."/policy.php"; $config = str_replace("##policy_url##", $policy_url_conf, $config); - + file_put_contents("config.php", $config); include_once "create-server-config.php"; $db->setSetting($mysqli,"dbConfigVersion","Version2Beta7"); $db->setSetting($mysqli,"notifyUpdates","yes"); + $db->setSetting($mysqli,"subscribe_email","no"); + $db->setSetting($mysqli,"subscribe_telegram","no"); + $db->setSetting($mysqli,"tg_bot_api_token",""); + $db->setSetting($mysqli,"tg_bot_username",""); + $db->setSetting($mysqli,"php_mailer","no"); + $db->setSetting($mysqli,"php_mailer_host",""); + $db->setSetting($mysqli,"php_mailer_smtp","no"); + $db->setSetting($mysqli,"php_mailer_path",""); + $db->setSetting($mysqli,"php_mailer_port",""); + $db->setSetting($mysqli,"php_mailer_secure","no"); + $db->setSetting($mysqli,"php_mailer_user",""); + $db->setSetting($mysqli,"php_mailer_pass",""); + $db->setSetting($mysqli,"google_recaptcha","no"); + $db->setSetting($mysqli,"google_recaptcha_secret",""); + $db->setSetting($mysqli,"google_recaptcha_sitekey",""); + $db->setSetting($mysqli,"cron_server_ip",""); unlink("create-server-config.php"); unlink("config.php.template"); unlink("install.sql"); From a2e0cab819c7b41d9da638f5275bb4f541e85a61 Mon Sep 17 00:00:00 2001 From: Thomas Nilsen Date: Thu, 20 Aug 2020 23:42:29 +0200 Subject: [PATCH 133/138] Update to read relevant options from DB --- admin/index.php | 22 +++++++++++-- email_subscriptions.php | 71 +++++++++++++++++++++++++---------------- index.php | 8 +++++ subscriptions.php | 20 ++++++++---- telegram_check.php | 11 +++++++ 5 files changed, 97 insertions(+), 35 deletions(-) diff --git a/admin/index.php b/admin/index.php index f4b69aa..274e286 100644 --- a/admin/index.php +++ b/admin/index.php @@ -19,6 +19,24 @@ else{ define("WEB_URL", $db->getSetting($mysqli,"url")); define("MAILER_NAME", $db->getSetting($mysqli,"mailer")); define("MAILER_ADDRESS", $db->getSetting($mysqli,"mailer_email")); + + define("GOOGLE_RECAPTCHA", $db->getBooleanSetting($mysqli, "google_recaptcha")); + define("GOOGLE_RECAPTCHA_SECRET", $db->getSetting($mysqli, "google_recaptcha_secret")); + define("GOOGLE_RECAPTCHA_SITEKEY", $db->getSetting($mysqli, "google_recaptcha_sitekey")); + define("SUBSCRIBE_EMAIL", $db->getBooleanSetting($mysqli, "subscribe_email")); + define("SUBSCRIBE_TELEGRAM", $db->getBooleanSetting($mysqli, "subscribe_telegram")); + define("TG_BOT_USERNAME", $db->getSetting($mysqli, "tg_bot_username")); + define("TG_BOT_API_TOKEN", $db->getSetting($mysqli, "tg_bot_api_token")); + define("PHP_MAILER", $db->getBooleanSetting($mysqli, "php_mailer")); + define("PHP_MAILER_SMTP", $db->getBooleanSetting($mysqli, "php_mailer_smtp")); + define("PHP_MAILER_PATH", $db->getSetting($mysqli, "php_mailer_path")); + define("PHP_MAILER_HOST", $db->getSetting($mysqli, "php_mailer_host")); + define("PHP_MAILER_PORT", $db->getSetting($mysqli, "php_mailer_port")); + define("PHP_MAILER_SECURE", $db->getBooleanSetting($mysqli, "php_mailer_secure")); + define("PHP_MAILER_USER", $db->getSetting($mysqli, "php_mailer_user")); + define("PHP_MAILER_PASS", $db->getSetting($mysqli, "php_mailer_pass")); + define("CRON_SERVER_IP", $db->getSetting($mysqli, "cron_server_ip")); + // Process the subscriber notification queue // If CRON_SERVER_IP is not set, call notification once incident has been saved if ( empty(CRON_SERVER_IP) ) @@ -95,11 +113,11 @@ else{ case 'options': require_once("options.php"); break; - + case 'logout': User::logout(); break; - + default: require_once("dashboard.php"); break; diff --git a/email_subscriptions.php b/email_subscriptions.php index bd35da9..366c2be 100644 --- a/email_subscriptions.php +++ b/email_subscriptions.php @@ -13,6 +13,23 @@ define("TITLE", $db->getSetting($mysqli,"title")); define("WEB_URL", $db->getSetting($mysqli,"url")); define("MAILER_NAME", $db->getSetting($mysqli,"mailer")); define("MAILER_ADDRESS", $db->getSetting($mysqli,"mailer_email")); +define("GOOGLE_RECAPTCHA", $db->getBooleanSetting($mysqli, "google_recaptcha")); +//define("", $db->getSettings($mysqli, "")); +define("GOOGLE_RECAPTCHA_SECRET", $db->getSetting($mysqli, "google_recaptcha_secret")); +define("GOOGLE_RECAPTCHA_SITEKEY", $db->getSetting($mysqli, "google_recaptcha_sitekey")); +define("SUBSCRIBE_EMAIL", $db->getBooleanSetting($mysqli, "subscribe_email")); +define("SUBSCRIBE_TELEGRAM", $db->getBooleanSetting($mysqli, "subscribe_telegram")); +define("TG_BOT_USERNAME", $db->getSetting($mysqli, "tg_bot_username")); +define("TG_BOT_API_TOKEN", $db->getSetting($mysqli, "tg_bot_api_token")); +define("PHP_MAILER", $db->getBooleanSetting($mysqli, "php_mailer")); +define("PHP_MAILER_SMTP", $db->getBooleanSetting($mysqli, "php_mailer_smtp")); +define("PHP_MAILER_PATH", $db->getSetting($mysqli, "php_mailer_path")); +define("PHP_MAILER_HOST", $db->getSetting($mysqli, "php_mailer_host")); +define("PHP_MAILER_PORT", $db->getSetting($mysqli, "php_mailer_port")); +define("PHP_MAILER_SECURE", $db->getBooleanSetting($mysqli, "php_mailer_secure")); +define("PHP_MAILER_USER", $db->getSetting($mysqli, "php_mailer_user")); +define("PHP_MAILER_PASS", $db->getSetting($mysqli, "php_mailer_pass")); + $mailer = new Mailer(); $subscriber = new Subscriber(); $subscription = new Subscriptions(); @@ -25,18 +42,18 @@ if ( isset($_GET['new']) ) { // Form validation for subscribers signing up $message = ""; Template :: render_header(_("Email Subscription")); - + if (isset($_POST['emailaddress'])) { - + if (0 == strlen(trim($_POST['emailaddress']))){ $messages[] = _("Email address"); } - + // Perform DNS domain validation on if ( ! $mailer->verify_domain($_POST['emailaddress']) ) { $messages[] = _("Domain does not apper to be a valid email domain. (Check MX record)"); } - + if (GOOGLE_RECAPTCHA) { // Validate recaptcha $response = $_POST["g-recaptcha-response"]; @@ -70,7 +87,7 @@ if ( isset($_GET['new']) ) { if(isset($_POST['emailaddress']) && empty($message)) { - // Check if email is already registered + // Check if email is already registered $boolUserExist = false; $subscriber->userID = $_POST['emailaddress']; $subscriber->typeID = 2; // Email @@ -82,17 +99,17 @@ if ( isset($_GET['new']) ) { // Create a new subscriber as it does not exist $subscriber->add($subscriber->typeID, $_POST['emailaddress']); $url = WEB_URL."/index.php?do=manage&token=".$subscriber->token; // Needed again after adding subscriber since token did not exist before add - $msg = sprintf(_("Thank you for registering to receive status updates via email.

    Click on the following link to confirm and manage your subcription: %s. New subscriptions must be confirmed within 2 hours"), $url, NAME .' - ' . _("Validate subscription")); - + $msg = sprintf(_("Thank you for registering to receive status updates via email.

    Click on the following link to confirm and manage your subcription: %s. New subscriptions must be confirmed within 2 hours"), $url, NAME .' - ' . _("Validate subscription")); + } else { if ( ! $subscriber->active ) { // Subscriber is registered, but has not been activated yet... $msg = sprintf(_("Thank you for registering to receive status updates via email.

    Click on the following link to confirm and manage your subcription: %s. New subscriptions must be confirmed within 2 hours"), $url, NAME .' - ' . _("Validate subscription")); $subscriber->activate($subscriber->id); - + } else { // subscriber is registered and active - $msg = sprintf(_("Click on the following link to update your existing subscription: %s"), $url, NAME .' - ' . _("Manage subscription")); + $msg = sprintf(_("Click on the following link to update your existing subscription: %s"), $url, NAME .' - ' . _("Manage subscription")); $subscriber->update($subscriber->id); } } @@ -101,10 +118,10 @@ if ( isset($_GET['new']) ) { $message = _("You will receive an email shortly with an activation link. Please click on the link to activate and/or manage your subscription."); $constellation->render_success($header, $message, true, WEB_URL, _('Go back')); - // Send email about new registration + // Send email about new registration $subject = _('Email subscription registered').' - '.NAME; $mailer->send_mail($_POST['emailaddress'], $subject, $msg); - + $boolRegistered = true; } @@ -116,8 +133,8 @@ if ( isset($_GET['new']) ) { } $strPostedEmail = (isset($_POST['emailaddress'])) ? $_POST['emailaddress'] : ""; ?> - - + +

    @@ -154,7 +171,7 @@ if ( isset($_GET['new']) ) { // check if userid/token combo is valid, active or expired $subscriber->typeID = 2; //EMAIL if ( $subscriber->is_active_subscriber($_GET['token']) ) { - // forward user to subscriber list.... + // forward user to subscriber list.... $subscriber->set_logged_in(); header('Location: subscriptions.php'); exit; @@ -165,38 +182,38 @@ if ( isset($_GET['new']) ) { $message = _("If you have recently subscribed, please make sure you activate the account within two hours of doing so. You are welcome to try and re-subscribe."); $constellation->render_warning($header, $message, true, WEB_URL, _('Go back')); } - - + + } else if (isset($_GET['do']) && $_GET['do'] == 'unsubscribe') { // Handle unsubscriptions // TODO This function is universal and should probably live elsewhere?? if (isset($_GET['token'])) { - $subscriber->typeID = (int) $_GET['type']; - + $subscriber->typeID = (int) $_GET['type']; + if ( $subscriber->get_subscriber_by_token($_GET['token'])) { $subscriber->delete($subscriber->id); $subscriber->set_logged_off(); Template :: render_header(_("Email Subscription")); - + $header = _("You have been unsubscribed from our system"); $message = _("We are sorry to see you go. If you want to subscribe again at a later date please feel free to re-subscribe."); - $constellation->render_success($header, $message, true, WEB_URL, _('Go back')); - + $constellation->render_success($header, $message, true, WEB_URL, _('Go back')); + } else { // TODO Log token for troubleshooting ? // Cannot find subscriber - show alert Template :: render_header(_("Email Subscription")); $header = _("We are unable to find any valid subscriber detail matching your submitted data!"); - $message = _("If you believe this to be an error, please contact the system admininistrator."); + $message = _("If you believe this to be an error, please contact the system admininistrator."); $constellation->render_warning($header, $message, true, WEB_URL, _('Go back')); - - // + + // } } else { // TODO Log $_GET[] for troubleshooting ? $header = _("We are unable to find any valid subscriber detail matching your submitted data!"); - $message = _("If you believe this to be an error, please contact the system admininistrator."); - $constellation->render_warning($header, $message, true, WEB_URL, _('Go back')); - } + $message = _("If you believe this to be an error, please contact the system admininistrator."); + $constellation->render_warning($header, $message, true, WEB_URL, _('Go back')); + } } Template :: render_footer(); diff --git a/index.php b/index.php index 4ab36b9..cd38b59 100644 --- a/index.php +++ b/index.php @@ -40,6 +40,14 @@ define("TITLE", $db->getSetting($mysqli,"title")); define("WEB_URL", $db->getSetting($mysqli,"url")); define("MAILER_NAME", $db->getSetting($mysqli,"mailer")); define("MAILER_ADDRESS", $db->getSetting($mysqli,"mailer_email")); + +define("SUBSCRIBE_EMAIL", $db->getBooleanSetting($mysqli,"subscribe_email")); +define("SUBSCRIBE_TELEGRAM", $db->getBooleanSetting($mysqli,"subscribe_telegram")); +define("TG_BOT_USERNAME", $db->getSetting($mysqli,"tg_bot_username")); +define("TG_BOT_API_TOKEN", $db->getSetting($mysqli,"tg_bot_api_token")); +define("GOOGLE_RECAPTCHA", $db->getBooleanSetting($mysqli,"google_recaptcha")); +define("GOOGLE_RECAPTCHA_SITEKEY", $db->getSetting($mysqli,"google_recaptcha_sitekey")); +define("GOOGLE_RECAPTCHA_SECRET", $db->getSetting($mysqli,"google_recaptcha_secret")); $offset = 0; if (isset($_GET['ajax'])) diff --git a/subscriptions.php b/subscriptions.php index 5197768..ad9435b 100644 --- a/subscriptions.php +++ b/subscriptions.php @@ -1,4 +1,4 @@ -getSetting($mysqli,"title")); define("WEB_URL", $db->getSetting($mysqli,"url")); define("MAILER_NAME", $db->getSetting($mysqli,"mailer")); define("MAILER_ADDRESS", $db->getSetting($mysqli,"mailer_email")); +define("SUBSCRIBE_EMAIL", $db->getBooleanSetting($mysqli, "subscribe_email")); +define("SUBSCRIBE_TELEGRAM", $db->getBooleanSetting($mysqli, "subscribe_telegram")); +define("GOOGLE_RECAPTCHA", $db->getSetting($mysqli, "google_recaptcha")); +define("GOOGLE_RECAPTCHA_SECRET", $db->getSetting($mysqli, "google_recaptcha_secret")); +define("GOOGLE_RECAPTCHA_SITEKEY", $db->getSetting($mysqli, "google_recaptcha_sitekey")); +define("TG_BOT_API_TOKEN", $db->getSetting($mysqli, "tg_bot_api_token")); +define("TG_BOT_USERNAME", $db->getSetting($mysqli, "tg_bot_username")); + $subscription = new Subscriptions(); $telegram = new Telegram(); @@ -21,12 +29,12 @@ if ( SUBSCRIBE_TELEGRAM && $_SESSION['subscriber_typeid'] == 2 ) { } if( $_SESSION['subscriber_valid'] ){ - + $typeID = $_SESSION['subscriber_typeid']; - $subscriberID = $_SESSION['subscriber_id']; + $subscriberID = $_SESSION['subscriber_id']; $userID = $_SESSION['subscriber_userid']; $token = $_SESSION['subscriber_token']; - + if(isset($_GET['add'])){ $subscription->add($subscriberID, $_GET['add']); } @@ -38,11 +46,11 @@ if( $_SESSION['subscriber_valid'] ){ $subscription->render_subscribed_services($typeID, $subscriberID, $userID, $token); } else { - + $header = _("Your session has expired or you tried something we don't suppprt"); $message = _('If your session expired, retry your link or in case of Telegram use the login button in the top menu.'); $constellation->render_warning($header, $message); - + header('Location: index.php'); } diff --git a/telegram_check.php b/telegram_check.php index dfa11d7..595670f 100644 --- a/telegram_check.php +++ b/telegram_check.php @@ -2,6 +2,17 @@ require_once ("config.php"); require_once ("classes/telegram.php"); require_once ("classes/subscriber.php"); +require_once ("classes/db-class.php"); +$db = new SSDB(); +define("NAME", $db->getSetting($mysqli,"name")); +define("TITLE", $db->getSetting($mysqli,"title")); +define("WEB_URL", $db->getSetting($mysqli,"url")); +define("MAILER_NAME", $db->getSetting($mysqli,"mailer")); +define("MAILER_ADDRESS", $db->getSetting($mysqli,"mailer_email")); +define("SUBSCRIBE_TELEGRAM", $db->getBooleanSetting($mysqli, "subscribe_telegram")); +define("SUBSCRIBE_TELEGRAM", $db->getBooleanSetting($mysqli, "subscribe_telegram")); +define("TG_BOT_API_TOKEN", $db->getSetting($mysqli, "tg_bot_api_token")); +define("TG_BOT_USERNAME", $db->getSetting($mysqli, "tg_bot_username")); $telegram = new Telegram(); $subscriber = new Subscriber(); From 86a36e38323f230be4e16590fd0129b5356630f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Mon, 24 Aug 2020 22:43:09 +0300 Subject: [PATCH 134/138] Update versionfile for beta 8 --- versionfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versionfile b/versionfile index bfa644d..4516af6 100644 --- a/versionfile +++ b/versionfile @@ -1 +1 @@ -Version2Beta7 +Version2Beta8 From 48b9cbbc82251d8c3a51e61e95bce8509da9c71e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Thu, 27 Aug 2020 16:43:41 +0300 Subject: [PATCH 135/138] Update README.md --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 52ce29a..f12a935 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ # Server Status Beta (Official) ## This is the official beta fork of Server Status by the contributors. ![License](https://img.shields.io/github/license/Pryx/server-status.svg) ![Current release](https://img.shields.io/badge/version-2-blue) -![Beta-Build](https://img.shields.io/badge/latest_beta-Developmet_Beta_6-black) -![Beta-Stability](https://img.shields.io/badge/Beta_Stability-Unusable-red) -![Stability](https://img.shields.io/badge/master_stability-Unstable-red) +![Beta-Build](https://img.shields.io/badge/latest_beta-Developmet_Beta_7-black) +![Beta-Stability](https://img.shields.io/badge/Beta_Stability-Fully_Stable_with_Visual_Imperfections-red) +![Stability](https://img.shields.io/badge/master_stability-Stable-red) ![Build](https://img.shields.io/badge/build-success-green) ## What does **contributor beta** mean? From 93d1491aac54cbad1b278e4dc4cfcc040ed44cf4 Mon Sep 17 00:00:00 2001 From: thnilsen Date: Sun, 27 Sep 2020 14:01:54 +0200 Subject: [PATCH 136/138] Add functionality to services in backend. - Add functionallity to categorize a one or more services under one service group. Partial fix for #7 and #90. (Frontend code to be done) - Add description field to service to be displayed as a help text on front page. Partial fix for #51 (Frontend code to be done) --- admin/index.php | 12 ++- admin/service-group.php | 99 ++++++++++++++++++++++ admin/service.php | 97 ++++++++++++++++++++++ admin/settings.php | 93 ++++++++++++++++----- classes/constellation.php | 29 +++---- classes/service-group.php | 167 ++++++++++++++++++++++++++++++++++++++ classes/service.php | 45 +++++++++- install.sql | 12 +++ template.php | 3 +- 9 files changed, 515 insertions(+), 42 deletions(-) create mode 100644 admin/service-group.php create mode 100644 admin/service.php create mode 100644 classes/service-group.php diff --git a/admin/index.php b/admin/index.php index 274e286..345f89c 100644 --- a/admin/index.php +++ b/admin/index.php @@ -36,7 +36,7 @@ else{ define("PHP_MAILER_USER", $db->getSetting($mysqli, "php_mailer_user")); define("PHP_MAILER_PASS", $db->getSetting($mysqli, "php_mailer_pass")); define("CRON_SERVER_IP", $db->getSetting($mysqli, "cron_server_ip")); - + // Process the subscriber notification queue // If CRON_SERVER_IP is not set, call notification once incident has been saved if ( empty(CRON_SERVER_IP) ) @@ -110,6 +110,16 @@ else{ require_once("new-user.php"); break; + case 'new-service': + case 'edit-service': + require_once('service.php'); + break; + + case 'new-service-group': + case 'edit-service-group': + require_once('service-group.php'); + break; + case 'options': require_once("options.php"); break; diff --git a/admin/service-group.php b/admin/service-group.php new file mode 100644 index 0000000..23f3293 --- /dev/null +++ b/admin/service-group.php @@ -0,0 +1,99 @@ +prepare("SELECT * FROM services_groups WHERE id LIKE ?"); + $stmt->bind_param("i", $group_id); + $stmt->execute(); + $query = $stmt->get_result(); + $data = $query->fetch_assoc(); + $group_value = $data['name']; + $description_value = $data['description']; + $visibility_id_value = $data['visibility']; +} + + +if (!$boolEdit) { + +Template::render_header(_("New service group"), true); ?> +
    +

    +
    + +
    +

    +
    + + + + +

    + +
    +
    " class="form-control" required>
    +
    " class="form-control">
    +
    +
    +
    + + +
    +
    + '; + } + ?> + + diff --git a/admin/service.php b/admin/service.php new file mode 100644 index 0000000..1f51d70 --- /dev/null +++ b/admin/service.php @@ -0,0 +1,97 @@ +prepare("SELECT * FROM services WHERE id LIKE ?"); + $stmt->bind_param("i", $service_id); + $stmt->execute(); + $query = $stmt->get_result(); + $data = $query->fetch_assoc(); + //print_r($data); + $service_value = $data['name']; + $description_value = $data['description']; + $group_id_value = $data['group_id']; +} + + +if (!$boolEdit) { + +Template::render_header(_("New service"), true); ?> +
    +

    +
    + +
    +

    +
    + +
    + +

    + +
    +
    " class="form-control" required>
    +
    " class="form-control">
    +
    +
    +
    + + +
    +
    + '; + } + ?> + +
    diff --git a/admin/settings.php b/admin/settings.php index a3f58d8..bd93f10 100644 --- a/admin/settings.php +++ b/admin/settings.php @@ -1,12 +1,12 @@

    Settings

    -

    @@ -24,19 +24,18 @@ if (isset($message)){ get_rank() <= 1){?>
    - - - - +
    - + - + + + get_rank()<=1) {?> @@ -44,16 +43,66 @@ if (isset($message)){ - query("SELECT * FROM services"); + query("SELECT services.*, services_groups.name AS group_name FROM `services` LEFT JOIN services_groups ON services.group_id = services_groups.id ORDER BY services.name ASC"); while($result = $query->fetch_assoc()) { echo ""; - echo ""; - echo ""; + //echo ""; + echo '"; + echo ""; + if ($user->get_rank()<=1) { - echo ''; + echo ''; + } + echo ""; + }?> + +
    ".$result['id']."".$result['name']."".$result['id']."'.$result['name'].''; + echo "".$result['description']."".$result['group_name']."
    +
    +
    + +
    +

    + get_rank() <= 1){?> +
    +
    + +
    +
    + +
    + + + + + + + + + get_rank()<=1) + {?> + + + + + + query("SELECT sg.* , (SELECT COUNT(*) FROM services WHERE services.group_id = sg.id) AS counter FROM services_groups AS sg ORDER BY sg.id ASC"); + while($result = $query->fetch_assoc()) + { + echo ""; + //echo ""; + echo '"; + echo ""; + + if ($user->get_rank()<=1) + { + echo ''; } echo ""; }?> @@ -68,10 +117,10 @@ if (isset($message)){ get_rank() == 0){?>
    ".$result['id']."'.$result['name'].''; + echo ' '.$result['counter'].''; + echo "".$result['description']."".$visibility[$result['visibility']]."
    - + - query("SELECT * FROM users"); while($result = $query->fetch_assoc()) { @@ -89,4 +138,4 @@ if (isset($message)){
    Active
    -
    \ No newline at end of file + diff --git a/classes/constellation.php b/classes/constellation.php index c4fc58e..b8b7b16 100644 --- a/classes/constellation.php +++ b/classes/constellation.php @@ -2,6 +2,7 @@ //DIR Because of include problems require_once(__DIR__ . "/incident.php"); require_once(__DIR__ . "/service.php"); +require_once(__DIR__ . "/service-group.php"); require_once(__DIR__ . "/user.php"); require_once(__DIR__ . "/token.php"); /** @@ -20,7 +21,7 @@ class Constellation public function render_incidents($future=false, $offset=0, $limit = 5, $admin = 0){ if ($offset<0) { - $offset = 0; + $offset = 0; } $limit = (isset($_GET['limit'])?$_GET['limit']:5); @@ -37,7 +38,7 @@ class Constellation } else if (count($incidents["incidents"]) &&!$ajax) { - if ($offset) + if ($offset) { echo ''; } @@ -66,11 +67,11 @@ class Constellation /** * Renders service status - in admin page it returns array so it can be processed further. * @param boolean $admin - * @return array of services + * @return array of services */ public function render_status($admin = false, $heading = true){ global $mysqli; - + $query = $mysqli->query("SELECT id, name FROM services"); $array = array(); if ($query->num_rows){ @@ -91,7 +92,7 @@ class Constellation else{ $array[] = new Service($result['id'], $result['name']); } - } + } if ($heading) { echo Service::current_status($array); @@ -131,14 +132,14 @@ class Constellation $limit--; $more = false; if ($query->num_rows>$limit){ - $more = true; + $more = true; } if ($query->num_rows){ while(($result = $query->fetch_assoc()) && $limit-- > 0) { // Add service id and service names to an array in the Incident class - $stmt_service = $mysqli->prepare("SELECT services.id,services.name FROM services - INNER JOIN services_status ON services.id = services_status.service_id + $stmt_service = $mysqli->prepare("SELECT services.id,services.name FROM services + INNER JOIN services_status ON services.id = services_status.service_id WHERE services_status.status_id = ?"); $stmt_service->bind_param("i", $result['status_id']); $stmt_service->execute(); @@ -156,17 +157,17 @@ class Constellation "incidents" => $array ]; } - - + + function render_warning($header, $message, $show_link = false, $url = null, $link_text = null) { - $this->render_alert('alert-warning', $header, $message, $show_link, $url, $link_text); + $this->render_alert('alert-warning', $header, $message, $show_link, $url, $link_text); } function render_success($header, $message, $show_link = false, $url = null, $link_text = null) { $this->render_alert('alert-success', $header, $message, $show_link, $url, $link_text); } - + /** * Renders an alert on screen with an optional button to return to a given URL * @param string alert_type - Type of warning to render alert-danger, alert-warning, alert-success etc @@ -188,8 +189,8 @@ class Constellation if ( $show_link ) { echo '
    '.$link_text.'
    '; } - + } } -$constellation = new Constellation(); \ No newline at end of file +$constellation = new Constellation(); diff --git a/classes/service-group.php b/classes/service-group.php new file mode 100644 index 0000000..933571a --- /dev/null +++ b/classes/service-group.php @@ -0,0 +1,167 @@ +id = $id; + $this->name = $name; + $this->description = $description; + $this->visibility_id = $visibility_id; + $this->status = $status; + } + + /** + * Returns id of this servicegroup + * @return int id + */ + public function get_id() + { + return $this->id; + } + + /** + * Returns name of this servicegroup + * @return String name + */ + public function get_name() + { + return $this->name; + } + + /** + * Returns description of this servicegroup + * @return String description + */ + public function get_description() + { + return $this->description; + } + + /** + * Processes submitted form and adds service unless problem is encountered, + * calling this is possible only for admin or higher rank. Also checks requirements + * for char limits. + * @return void + */ + public static function add() + { + global $user, $message; + if (strlen($_POST['group'])>50) + { + $message = _("Service group name is too long! Character limit is 50"); + return; + }else if (strlen(trim($_POST['group']))==0){ + $message = _("Please enter name!"); + return; + } + + if ($user->get_rank()<=1) + { + global $mysqli; + $name = $_POST["group"]; + $description = $_POST["description"]; + $visibility_id = $_POST["visibility_id"]; + $stmt = $mysqli->prepare("INSERT INTO services_groups VALUES(NULL,?,?,?)"); + $stmt->bind_param("ssi", $name, $description, $visibility_id); + $stmt->execute(); + $stmt->get_result(); + header("Location: ".WEB_URL."/admin/?do=settings"); + }else + { + $message = _("You don't have the permission to do that!"); + } + } + + public static function edit() + { + global $user, $message; + if (strlen($_POST['group'])>50) + { + $message = _("Service group name is too long! Character limit is 50"); + return; + }else if (strlen(trim($_POST['group']))==0){ + $message = _("Please enter name!"); + return; + } + + if ($user->get_rank()<=1) + { + global $mysqli; + $name = $_POST["group"]; + $description = $_POST["description"]; + $visibility_id = $_POST["visibility_id"]; + $group_id = $_POST["id"]; + $stmt = $mysqli->prepare("UPDATE services_groups SET name=?, description=?,visibility=? WHERE id LIKE ?"); + $stmt->bind_param("ssii", $name, $description, $visibility_id, $group_id); + $stmt->execute(); + $stmt->get_result(); + header("Location: ".WEB_URL."/admin/?do=settings"); + }else + { + $message = _("You don't have the permission to do that!"); + } + } + /** + * Deletes this service - first checks if user has permission to do that. + * @return void + */ + public static function delete() + { + global $user, $message; + if ($user->get_rank()<=1) + { + global $mysqli; + $id = $_GET['delete']; + + $stmt = $mysqli->prepare("DELETE FROM services_groups WHERE id = ?"); + $stmt->bind_param("i", $id); + $stmt->execute(); + $query = $stmt->get_result(); + + $stmt = $mysqli->prepare("UPDATE services SET group_id = NULL WHERE group_id = ?"); + $stmt->bind_param("i", $id); + $stmt->execute(); + $query = $stmt->get_result(); + + header("Location: ".WEB_URL."/admin/?do=settings"); + } + else + { + $message = _("You don't have the permission to do that!"); + } + } + + + /** + * Get list of services groups. + * @return array $groups + */ + public function get_groups() { + global $mysqli; + $stmt = $mysqli->query("SELECT id, name FROM services_groups ORDER by name ASC"); + + $groups = array(); + $groups[0] = ''; + while ($res = $stmt->fetch_assoc()) { + $groups[$res['id']] = $res['name']; + } + return $groups; + } +} diff --git a/classes/service.php b/classes/service.php index ae1ca94..d86383b 100644 --- a/classes/service.php +++ b/classes/service.php @@ -70,9 +70,11 @@ class Service implements JsonSerializable if ($user->get_rank()<=1) { global $mysqli; - $name = $_POST['service']; - $stmt = $mysqli->prepare("INSERT INTO services ( name ) VALUES ( ? )"); - $stmt->bind_param("s", $name); + $name = htmlspecialchars($_POST['service']); + $description = htmlspecialchars($_POST['description']); + $group_id = $_POST['group_id']; + $stmt = $mysqli->prepare("INSERT INTO services ( name, description, group_id ) VALUES ( ?, ?, ? )"); + $stmt->bind_param("ssi", $name, $description, $group_id); $stmt->execute(); $stmt->get_result(); header("Location: ".WEB_URL."/admin/?do=settings"); @@ -81,6 +83,41 @@ class Service implements JsonSerializable $message = _("You don't have the permission to do that!"); } } + /** + * Processes submitted form and adds service unless problem is encountered, + * calling this is possible only for admin or higher rank. Also checks requirements + * for char limits. + * @return void + */ + public static function edit() + { + global $user, $message; + if (strlen($_POST['service'])>50) + { + $message = _("Service name is too long! Character limit is 50"); + return; + }else if (strlen(trim($_POST['service']))==0){ + $message = _("Please enter name!"); + return; + } + + if ($user->get_rank()<=1) + { + global $mysqli; + $service_id = $_POST["id"]; + $name = htmlspecialchars($_POST['service']); + $description = htmlspecialchars($_POST["description"]); + $group_id = $_POST["group_id"]; + $stmt = $mysqli->prepare("UPDATE services SET name=?, description=?, group_id=? WHERE id = ?"); + $stmt->bind_param("ssii", $name, $description, $group_id, $service_id); + $stmt->execute(); + $stmt->get_result(); + header("Location: ".WEB_URL."/admin/?do=settings"); + }else + { + $message = _("You don't have the permission to do that!"); + } + } /** * Deletes this service - first checks if user has permission to do that. @@ -139,7 +176,7 @@ class Service implements JsonSerializable { $worst = $service->get_status(); } - $statuses[$service->get_status()]++; + $statuses[$service->get_status()]++; } echo '
    '; diff --git a/install.sql b/install.sql index 8432510..cd3b013 100644 --- a/install.sql +++ b/install.sql @@ -57,6 +57,14 @@ CREATE TABLE queue_notify ( PRIMARY KEY (id) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci; +CREATE TABLE services_groups ( + id int(11) NOT NULL AUTO_INCREMENT, + name varchar(50) NOT NULL, + description varchar(50) DEFAULT NULL, + visibility tinyint(4) NOT NULL, + PRIMARY KEY (id) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; + CREATE TABLE queue_task ( id int(11) NOT NULL AUTO_INCREMENT, type_id int(11) NOT NULL, @@ -128,3 +136,7 @@ ALTER TABLE `subscribers` ADD COLUMN update_time int(11) DEFAULT NULL; ALTER TABLE `subscribers` DROP INDEX telegramID; # was UNIQUE (telegramID) ALTER TABLE `subscribers` ADD UNIQUE userID (userID); COMMIT; + +ALTER TABLE services ADD COLUMN description varchar(200) COLLATE utf8_czech_ci NOT NULL; +ALTER TABLE services ADD COLUMN group_id int(11) DEFAULT NULL; +COMMIT; diff --git a/template.php b/template.php index 5d0d1e7..b66b8dc 100644 --- a/template.php +++ b/template.php @@ -7,6 +7,7 @@ $icons = array("fa fa-times", "fa fa-exclamation", "fa fa-info", "fa fa-check" ) $some = array(_("Some systems are experiencing major outages"), _("Some systems are experiencing minor outages"), _("Some systems are under maintenance")); $all = array(_("Our systems are experiencing major outages."), _("Our systems are experiencing minor outages"), _("Our systems are under maintenance"), _("All systems operational")); $permissions = array(_("Super admin"), _("Admin"), _("Editor")); +$visibility = array(_("Collapsed"), _("Expanded"), _("Expand on events")); /** * Class that encapsulates methods to render header and footer @@ -56,7 +57,7 @@ class Template{ - From 887a197033ba07b8c999e17bb665a4dcbde218b8 Mon Sep 17 00:00:00 2001 From: thnilsen Date: Wed, 14 Oct 2020 19:54:32 +0200 Subject: [PATCH 137/138] Initial code for front-end categorization status view --- classes/constellation.php | 27 +++++++++++++--- classes/service.php | 68 +++++++++++++++++++++++++++++++++++---- css/main.css | 5 ++- 3 files changed, 87 insertions(+), 13 deletions(-) diff --git a/classes/constellation.php b/classes/constellation.php index b8b7b16..f7ab8d0 100644 --- a/classes/constellation.php +++ b/classes/constellation.php @@ -72,7 +72,8 @@ class Constellation public function render_status($admin = false, $heading = true){ global $mysqli; - $query = $mysqli->query("SELECT id, name FROM services"); + //$query = $mysqli->query("SELECT id, name, description FROM services"); + $query = $mysqli->query("SELECT services.id, services.name, services.description, services_groups.name as group_name FROM services LEFT JOIN services_groups ON services.group_id=services_groups.id ORDER BY services_groups.name "); $array = array(); if ($query->num_rows){ $timestamp = time(); @@ -87,10 +88,10 @@ class Constellation $tmp = $sql->get_result(); if ($tmp->num_rows) { - $array[] = new Service($result['id'], $result['name'], $tmp->fetch_assoc()['type']); + $array[] = new Service($result['id'], $result['name'], $result['description'], $result['group_name'], $tmp->fetch_assoc()['type']); } else{ - $array[] = new Service($result['id'], $result['name']); + $array[] = new Service($result['id'], $result['name'], $result['description'], $result['group_name']); } } if ($heading) @@ -103,11 +104,27 @@ class Constellation } if (!$admin) { - echo '
    '; + ?> + + '; + //$arrCompletedGroups = array(); foreach($array as $service){ + //print_r($service); + //if ( !empty($service->group_name) && !in_array($service->group_name, $arrCompletedGroups)) { +//print $service->name; + // $arrCompletedGroups[] = $service['group_name']; + // $service->render(true); + //} else { $service->render(); + //} } - echo '
    '; + echo ''; + //echo '
    '; } else{ return $array; diff --git a/classes/service.php b/classes/service.php index d86383b..268715c 100644 --- a/classes/service.php +++ b/classes/service.php @@ -6,19 +6,24 @@ class Service implements JsonSerializable { private $id; private $name; + private $description; + private $group_name; private $status; /** * Constructs service from its data. * @param int $id service ID * @param String $name service name + * @param String $descriotion service description for tooltip * @param int $status current service status */ - function __construct($id, $name, $status=3) + function __construct($id, $name, $description=null, $group_name='', $status=3) { //TODO: Maybe get data from ID? $this->id = $id; $this->name = $name; + $this->description = $description; + $this->group_name = $group_name; $this->status = $status; } @@ -49,6 +54,15 @@ class Service implements JsonSerializable return $this->name; } + /** + * Returns description of this service + * @return String description + */ + public function get_description() + { + return $this->description; + } + /** * Processes submitted form and adds service unless problem is encountered, * calling this is possible only for admin or higher rank. Also checks requirements @@ -192,17 +206,56 @@ class Service implements JsonSerializable /** * Renders this service. + * @param $boolGroup set to true if the groups name is to be rendered * @return void */ public function render(){ global $statuses; global $classes; - ?> -
    -
    name; ?>
    - status!=-1){?>
    status]);?>
    -
    - group_name) || !in_array($this->group_name, $arrCompletedGroups) ) { + echo ''; + $boolOpened = false; + } + } + + // If no group exist or group is new, start a new UL + if ( !empty($this->group_name) && !in_array($this->group_name, $arrCompletedGroups)) { + echo '
      '; + //echo '
        '; + // Render the group status if it exists + echo '
      •  ' . $this->group_name .'
        '. _($statuses[$this->status]).'
        • '; + //echo '
      • ' . $this->group_name .'
        status]).'
        • '; + $arrCompletedGroups[] = $this->group_name; + $boolOpened = true; + } + + if ( empty($this->group_name)) { + echo '
          '; + +// echo '
            '; + $boolFinish = true; + } + + // Render the service status + echo '
          • ' . $this->name .''; + //echo '
          • ' . $this->name . ''; + if(!empty($this->description)) { + echo ' '; + } + if ($this->status!=-1){?>
            status]);?>
            + '; + if ( isset($boolFinish) && $boolFinish) { + echo '
          '; + } } public function jsonSerialize() { @@ -210,6 +263,7 @@ class Service implements JsonSerializable return [ "id" => $this->id, "name" => $this->name, + "description" => $this->description, "status" => $this->status, "status_string" => $statuses[$this->status] ]; diff --git a/css/main.css b/css/main.css index 4a5f87b..2854cde 100644 --- a/css/main.css +++ b/css/main.css @@ -27,6 +27,10 @@ a:focus { color:#f5f4f4; } +a.desc-tool-tip, a.desc-tool-tip:hover, a.desc-tool-tip:visited { + color: grey; +} + .centered { text-align: center } @@ -686,4 +690,3 @@ input:checked + .slider:before { .slider.round:before { border-radius: 50%; } - From 3edfd9dbe21f33d2ba094282f9598ca4bd36bf87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yi=C4=9Fit=20Kerem=20Oktay?= Date: Wed, 14 Oct 2020 22:30:12 +0300 Subject: [PATCH 138/138] Fix a UI bug --- css/main.css | 1 - 1 file changed, 1 deletion(-) diff --git a/css/main.css b/css/main.css index 2854cde..e49fccc 100644 --- a/css/main.css +++ b/css/main.css @@ -140,7 +140,6 @@ body a h1{ .status{ float: right; box-sizing: border-box; - padding: 15px 35px; text-align: right; font-size: 1.05em; font-family: 'Fira Sans', sans-serif;