ShaYmez
/
FreeSTAR-Status-Engine
mirror of https://github.com/ShaYmez/FreeSTAR-Status-Engine.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Bugfixes

This commit is contained in:
Vojtěch Sajdl 2018-01-03 14:15:45 +01:00
parent e7df74cad8
commit 9820686776
No known key found for this signature in database
GPG Key ID: 082BC82518E5F32E
9 changed files with 50 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
admin/dashboard.php
View File

@ -9,7 +9,7 @@ if (isset($_GET['ajax']))
$offset = $_GET['offset'];
}
if ($_GET['new']=="incident")
if (isset($_GET['new']) && $_GET['new']=="incident")
{
Incident::add();
}
@ -19,8 +19,6 @@ if (isset($_GET['delete']))
Incident::delete($_GET['delete']);
}
//TODO: Pamatovat si data
render_header(_("Dashboard"), true);
?>
@ -48,14 +46,16 @@ render_header(_("Dashboard"), true);
} ?>
<div id="status-container" class="clearfix">
<?php
if (!is_array($_POST['services']))
if (isset($_POST['services']) && !is_array($_POST['services']))
{
$_POST['services'] = array($_POST['services']);
$post_services = array($_POST['services']);
}else{
$post_services = array();
}
foreach($services as $service){
?>
<div class="item clearfix">
<div class="service"><?php if ($service->get_status()!=-1){?><input type="checkbox" name="services[]" value="<?php echo $service->get_id(); ?>" <?php echo (in_array($service->get_id(), $_POST['services']))?"checked":'';?> id="service-<?php echo $service->get_id(); ?>"><?php } ?><label for="service-<?php echo $service->get_id(); ?>"><?php echo $service->get_name(); ?></label></div>
<div class="service"><?php if ($service->get_status()!=-1){?><input type="checkbox" name="services[]" value="<?php echo $service->get_id(); ?>" <?php echo (in_array($service->get_id(), $post_services))?"checked":'';?> id="service-<?php echo $service->get_id(); ?>"><?php } ?><label for="service-<?php echo $service->get_id(); ?>"><?php echo $service->get_name(); ?></label></div>
<div class="status <?php echo $classes[$service->get_status()];?>"><?php echo $statuses[$service->get_status()];?></div>
</div>
<?php
@ -68,13 +68,13 @@ render_header(_("Dashboard"), true);
<i class="glyphicon glyphicon-info-sign"></i>
</div>
<div class="panel-heading clearfix">
<input type="text" name="title" id="title" placeholder="<?php echo _("Title");?>" value="<?php echo htmlspecialchars($_POST['title']); ?>" required> <span id="time"><input id="time_input" type="text" pattern="(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d\.\d+([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))" name="time" value="<?php echo htmlspecialchars($_POST['time']); ?>" class="pull-right" title="Use ISO 8601 format (e.g. 2017-11-23T19:50:51+00:00)" placeholder="<?php echo _("Time");?>"></span>
<input type="text" name="title" id="title" placeholder="<?php echo _("Title");?>" value="<?php echo (isset($_POST['title'])?htmlspecialchars($_POST['title']):''); ?>" required> <span id="time"><input id="time_input" type="text" pattern="(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d\.\d+([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))" name="time" value="<?php echo (isset($_POST['time'])?htmlspecialchars($_POST['time']):''); ?>" class="pull-right" title="Use ISO 8601 format (e.g. 2017-11-23T19:50:51+00:00)" placeholder="<?php echo _("Time");?>"></span>
</div>
<div class="panel-body">
<textarea name="text" placeholder="<?php echo _("Here goes your text...");?>" required><?php echo htmlspecialchars($_POST['text']); ?></textarea>
<textarea name="text" placeholder="<?php echo _("Here goes your text...");?>" required><?php echo (isset($_POST['text'])?htmlspecialchars($_POST['text']):''); ?></textarea>
</div>
<div class="panel-footer clearfix">
<small><?php echo _("Posted by");?>: <?php echo $user->get_username();?> <span class="pull-right" id="end_time_wrapper"><?php echo _("Ending");?>:&nbsp;<input id="end_time" title="Use ISO 8601 format (e.g. 2017-11-23T19:50:51+00:00)" type="text" pattern="(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d\.\d+([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))" name="end_time" class="pull-right" placeholder="<?php echo _("End time");?>" value="<?php echo htmlspecialchars($_POST['end_time']); ?>"></span></small>
<small><?php echo _("Posted by");?>: <?php echo $user->get_username();?> <span class="pull-right" id="end_time_wrapper"><?php echo _("Ending");?>:&nbsp;<input id="end_time" title="Use ISO 8601 format (e.g. 2017-11-23T19:50:51+00:00)" type="text" pattern="(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d\.\d+([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))|(\d{4}-[01]\d-[0-3]\dT[0-2]\d:[0-5]\d([+-][0-2]\d:[0-5]\d|Z))" name="end_time" class="pull-right" placeholder="<?php echo _("End time");?>" value="<?php echo (isset($_POST['end_time'])?htmlspecialchars($_POST['end_time']):''); ?>"></span></small>
</div>
</article>
<select class="form-control pull-left" id="type" name="type">

13
admin/index.php
View File

@ -30,7 +30,18 @@ if (!isset($_SESSION['user']))
else
{
$user = new User($_SESSION['user']);
switch ($_GET["do"]) {
if (!$user->is_active())
{
User::logout();
}
if (!isset($_GET['do'])){
$do = "";
}else{
$do = $_GET['do'];
}
switch ($do) {
case 'change-email':
$user = new User($_GET['id']);
$user->change_email();

10
admin/new-user.php
View File

@ -16,15 +16,15 @@ render_header(_("New user"), true); ?>
<?php
} ?>
<div class="form-group">
<div class="col-sm-6"><label for="name"><?php echo _("Name");?>: </label><input type="text" maxlength="50" name="name" value="<?php echo htmlspecialchars($_POST['name'],ENT_QUOTES);?>" id="name" placeholder="<?php echo _("Name");?>" class="form-control" required></div>
<div class="col-sm-6"><label for="surname"><?php echo _("Surname");?>: </label><input type="text" maxlength="50" name="surname" value="<?php echo htmlspecialchars($_POST['surname'],ENT_QUOTES);?>" id="surname" placeholder="<?php echo _("Surname");?>" class="form-control" required></div>
<div class="col-sm-6"><label for="name"><?php echo _("Name");?>: </label><input type="text" maxlength="50" name="name" value="<?php echo ((isset($_POST['name']))?htmlspecialchars($_POST['name'],ENT_QUOTES):'');?>" id="name" placeholder="<?php echo _("Name");?>" class="form-control" required></div>
<div class="col-sm-6"><label for="surname"><?php echo _("Surname");?>: </label><input type="text" maxlength="50" name="surname" value="<?php echo ((isset($_POST['surname']))?htmlspecialchars($_POST['surname'],ENT_QUOTES):'');?>" id="surname" placeholder="<?php echo _("Surname");?>" class="form-control" required></div>
</div>
<div class="form-group">
<div class="col-sm-6"><label for="username"><?php echo _("Username");?>:</label><input type="text" maxlength="50" name="username" value="<?php echo htmlspecialchars($_POST['username'],ENT_QUOTES);?>" id="username" placeholder="<?php echo _("Username");?>" class="form-control" required></div>
<div class="col-sm-6"><label for="email"><?php echo _("Email");?>:</label><input type="email" maxlength="60" name="email" value="<?php echo htmlspecialchars($_POST['email'],ENT_QUOTES);?>" id="email" placeholder="<?php echo _("Email");?>" class="form-control" required></div>
<div class="col-sm-6"><label for="username"><?php echo _("Username");?>:</label><input type="text" maxlength="50" name="username" value="<?php echo ((isset($_POST['username']))?htmlspecialchars($_POST['username'],ENT_QUOTES):'');?>" id="username" placeholder="<?php echo _("Username");?>" class="form-control" required></div>
<div class="col-sm-6"><label for="email"><?php echo _("Email");?>:</label><input type="email" maxlength="60" name="email" value="<?php echo ((isset($_POST['email']))?htmlspecialchars($_POST['email'],ENT_QUOTES):'');?>" id="email" placeholder="<?php echo _("Email");?>" class="form-control" required></div>
</div>
<div class="form-group">
<div class="col-sm-6"><label for="password"><?php echo _("Password");?>:</label><input type="password" name="password" value="<?php echo htmlspecialchars($_POST['password'],ENT_QUOTES);?>" id="password" placeholder="<?php echo _("Password");?>" class="form-control" required></div>
<div class="col-sm-6"><label for="password"><?php echo _("Password");?>:</label><input type="password" name="password" value="<?php echo ((isset($_POST['password']))?htmlspecialchars($_POST['password'],ENT_QUOTES):'');?>" id="password" placeholder="<?php echo _("Password");?>" class="form-control" required></div>
<div class="col-sm-6">
<label for="permission"><?php echo _("Permission");?>: </label>
<select name="permission" id="permission" class="form-control">

2
admin/settings.php
View File

@ -24,7 +24,7 @@ if (isset($message)){
<?php if ($user->get_rank() <= 1){?>
<form action="?do=settings&new=service" method="post">
<div class="input-group pull-right new-service">
<input class="form-control" name="service" placeholder="Name" type="text" value="<?php echo htmlspecialchars($_POST['service']); ?>" maxlength="50" required>
<input class="form-control" name="service" placeholder="Name" type="text" value="<?php echo ((isset($_POST['service']))?htmlspecialchars($_POST['service']):''); ?>" maxlength="50" required>
<span class="input-group-btn">
<button type="submit" class="btn btn-success pull-right"><?php echo _("Add service");?></button>
</span>

2
admin/user.php
View File

@ -27,7 +27,7 @@ if (isset($_POST['permission']))
}
if ($_GET['what']=='toggle')
if (isset($_GET['what']) && $_GET['what']=='toggle')
{
$displayed_user->toggle();
}

2
classes/token.php
View File

@ -8,7 +8,7 @@ class Token
{
global $mysqli;
$salt = uniqid(mt_rand(), true);
$token = hash('sha256', $seed.$salt);
$token = hash('sha256', $id.$salt);
$stmt = $mysqli->prepare("INSERT INTO tokens VALUES(?, ?, ?, ?)");
$stmt->bind_param("siis", $token, $id, $expire, $data);
$stmt->execute();

15
classes/user.php
View File

@ -41,6 +41,11 @@ class User
return $this->username;
}
public function is_active()
{
return $this->active;
}
public function get_rank()
{
return $this->rank;
@ -180,11 +185,9 @@ class User
if (isset($_POST['remember'])&&$_POST['remember'])
{
$year = strtotime('+356 days', time());
$salt = uniqid(mt_rand(), true);
$token = hash('sha256', $id.$salt);
$token = Token::new($id, 'remember', $year);
setcookie('token', $token, $year, "/");
setcookie('user', $id, $year, "/");
Token::new($id, 'remember', $year);
}
$_SESSION['user'] = $id;
header("Location: /admin");
@ -205,13 +208,11 @@ class User
$time = time();
if (Token::validate_token($token, $id, "remember"))
{
$year = strtotime('+356 days', $timestamp);
$year = strtotime('+356 days', time());
unset($_COOKIE['token']);
$_SESSION['user'] = $id;
$salt = uniqid(mt_rand(), true);
$token = hash('sha256', $id.$salt);
$token = Token::new($id, 'remember', $year);
setcookie('token', $token, $year);
Token::new($id, 'remember', $year);
}
else
{

4
header.php
View File

@ -66,8 +66,8 @@ else{
<div class="navbar-collapse collapse navbar-right navbar-admin">
<ul class="nav navbar-nav">
<li><a href="<?php echo WEB_URL;?>/admin/"><?php echo _("Dashboard");?></a></li>
<li><a href="<?php echo WEB_URL;?>/admin/?do=user"><?php echo printf(_("User (%s)"), $user->get_username());?></a></li>
<li><a href="<?php echo WEB_URL;?>/admin/?do=settings"><?php echo _("Settings");?>");?></a></li>
<li><a href="<?php echo WEB_URL;?>/admin/?do=user"><?php printf(_("User (%s)"), $user->get_username());?></a></li>
<li><a href="<?php echo WEB_URL;?>/admin/?do=settings"><?php echo _("Settings");?></a></li>
<li><a href="<?php echo WEB_URL;?>/admin/?do=logout"><?php echo _("Logout");?></a></li>
</ul>
</div><!--/.nav-collapse -->

20
locale.php
View File

@ -5,6 +5,17 @@ function mb_ucfirst($string)
return mb_strtoupper(mb_substr($string, 0, 1)).mb_strtolower(mb_substr($string, 1));
}
$accepted_langs = glob(__DIR__ . '/locale/*' , GLOB_ONLYDIR);
$lang_names = array();
foreach ($accepted_langs as $key => $value) {
$accepted_langs[$key] = basename($value);
}
foreach ($accepted_langs as $lang) {
$lang_names[$lang] = mb_ucfirst(locale_get_display_language($lang, $lang));
}
if (!isset($_SESSION['locale'])||isset($_GET['lang']))
{
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
@ -29,11 +40,6 @@ if (!isset($_SESSION['locale'])||isset($_GET['lang']))
$langs = array_flip($langs);
$accepted_langs = glob(__DIR__ . '/locale/*' , GLOB_ONLYDIR);
$lang_names = array();
foreach ($accepted_langs as $key => $value) {
$accepted_langs[$key] = basename($value);
}
$best_match = false;
@ -56,10 +62,6 @@ if (!isset($_SESSION['locale'])||isset($_GET['lang']))
}
}
foreach ($accepted_langs as $lang) {
$lang_names[$lang] = mb_ucfirst(locale_get_display_language($lang, $lang));
}
if ($best_match === false){
$best_match = DEFAULT_LANGUAGE;
}