lychee/php/modules/Settings.php

200 lines
4.5 KiB
PHP
Raw Normal View History

2014-04-04 21:17:54 +00:00
<?php
###
# @name Settings Module
# @author Tobias Reich
# @copyright 2014 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
class Settings extends Module {
private $database = null;
public function __construct($database) {
# Init vars
$this->database = $database;
return true;
}
public function get() {
# Check dependencies
2014-06-25 12:50:49 +00:00
self::dependencies(isset($this->database));
2014-04-04 21:17:54 +00:00
# Execute query
$query = Database::prepare($this->database, "SELECT * FROM ?", [LYCHEE_TABLE_SETTINGS]);
$settings = $this->database->query($query);
2014-04-04 21:17:54 +00:00
# Add each to return
while ($setting = $settings->fetch_object()) $return[$setting->key] = $setting->value;
# Fallback for versions below v2.5
if (!isset($return['plugins'])) $return['plugins'] = '';
2014-04-04 21:17:54 +00:00
return $return;
}
public function setLogin($oldPassword = '', $username, $password) {
# Check dependencies
2014-06-25 12:50:49 +00:00
self::dependencies(isset($this->database));
2014-04-04 21:17:54 +00:00
# Load settings
$settings = $this->get();
if ($oldPassword===$settings['password']||$settings['password']===crypt($oldPassword, $settings['password'])) {
2014-04-04 21:17:54 +00:00
# Save username
if (!$this->setUsername($username)) exit('Error: Updating username failed!');
# Save password
if (!$this->setPassword($password)) exit('Error: Updating password failed!');
return true;
}
exit('Error: Current password entered incorrectly!');
}
private function setUsername($username) {
# Check dependencies
2014-06-25 12:50:49 +00:00
self::dependencies(isset($this->database));
2014-04-04 21:17:54 +00:00
# Parse
$username = htmlentities($username);
2014-05-30 14:55:30 +00:00
if (strlen($username)>50) {
Log::notice($this->database, __METHOD__, __LINE__, 'Username is longer than 50 chars');
return false;
}
2014-04-04 21:17:54 +00:00
# Execute query
$query = Database::prepare($this->database, "UPDATE ? SET value = '?' WHERE `key` = 'username'", [LYCHEE_TABLE_SETTINGS, $username]);
$result = $this->database->query($query);
2014-04-04 21:17:54 +00:00
2014-05-30 14:55:30 +00:00
if (!$result) {
Log::error($this->database, __METHOD__, __LINE__, $this->database->error);
return false;
}
2014-04-04 21:17:54 +00:00
return true;
}
private function setPassword($password) {
# Check dependencies
2014-06-25 12:50:49 +00:00
self::dependencies(isset($this->database));
2014-04-04 21:17:54 +00:00
$password = get_hashed_password($password);
2014-04-04 21:17:54 +00:00
# Execute query
# Do not prepare $password because it is hashed and save
# Preparing (escaping) the password would destroy the hash
$query = Database::prepare($this->database, "UPDATE ? SET value = '$password' WHERE `key` = 'password'", [LYCHEE_TABLE_SETTINGS]);
$result = $this->database->query($query);
2014-04-04 21:17:54 +00:00
2014-05-30 14:55:30 +00:00
if (!$result) {
Log::error($this->database, __METHOD__, __LINE__, $this->database->error);
return false;
}
2014-04-04 21:17:54 +00:00
return true;
}
public function setDropboxKey($key) {
# Check dependencies
2014-06-25 12:50:49 +00:00
self::dependencies(isset($this->database, $key));
2014-04-04 21:17:54 +00:00
2014-05-30 14:55:30 +00:00
if (strlen($key)<1||strlen($key)>50) {
Log::notice($this->database, __METHOD__, __LINE__, 'Dropbox key is either too short or too long');
return false;
}
2014-04-04 21:17:54 +00:00
# Execute query
$query = Database::prepare($this->database, "UPDATE ? SET value = '?' WHERE `key` = 'dropboxKey'", [LYCHEE_TABLE_SETTINGS, $key]);
$result = $this->database->query($query);
2014-04-04 21:17:54 +00:00
2014-05-30 14:55:30 +00:00
if (!$result) {
Log::error($this->database, __METHOD__, __LINE__, $this->database->error);
return false;
}
2014-04-04 21:17:54 +00:00
return true;
}
public function setSorting($type, $order) {
# Check dependencies
2014-06-25 12:50:49 +00:00
self::dependencies(isset($this->database, $type, $order));
2014-04-04 21:17:54 +00:00
$sorting = 'ORDER BY ';
# Set row
switch ($type) {
case 'id': $sorting .= 'id';
break;
case 'title': $sorting .= 'title';
break;
case 'description': $sorting .= 'description';
break;
case 'public': $sorting .= 'public';
break;
case 'type': $sorting .= 'type';
break;
case 'star': $sorting .= 'star';
break;
case 'takestamp': $sorting .= 'takestamp';
2014-04-04 21:17:54 +00:00
break;
default: exit('Error: Unknown type for sorting!');
}
$sorting .= ' ';
# Set order
switch ($order) {
case 'ASC': $sorting .= 'ASC';
break;
case 'DESC': $sorting .= 'DESC';
break;
default: exit('Error: Unknown order for sorting!');
}
# Execute query
# Do not prepare $sorting because it is a true statement
# Preparing (escaping) the sorting would destroy it
$query = Database::prepare($this->database, "UPDATE ? SET value = '$sorting' WHERE `key` = 'sorting'", [LYCHEE_TABLE_SETTINGS]);
$result = $this->database->query($query);
2014-04-04 21:17:54 +00:00
2014-05-30 14:55:30 +00:00
if (!$result) {
Log::error($this->database, __METHOD__, __LINE__, $this->database->error);
return false;
}
2014-04-04 21:17:54 +00:00
return true;
}
}
?>