lychee/php/modules/Settings.php

<?php

###
# @name			Settings Module
# @copyright	2015 by Tobias Reich
###

if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');

final class Settings extends Module {

	private static $cache = null;

	public static function get() {

		if (self::$cache) return self::$cache;

		# Execute query
		$query		= Database::prepare(Database::get(), "SELECT * FROM ?", array(LYCHEE_TABLE_SETTINGS));
		$settings	= Database::get()->query($query);

		# Add each to return
		while ($setting = $settings->fetch_object()) $return[$setting->key] = $setting->value;

		# Convert plugins to array
		$return['plugins'] = explode(';', $return['plugins']);

		self::$cache = $return;

		return $return;

	}

	public static function setLogin($oldPassword = '', $username, $password) {

		# Check dependencies
		self::dependencies(isset($oldPassword, $username, $password));

		if ($oldPassword===self::get()['password']||self::get()['password']===crypt($oldPassword, self::get()['password'])) {

			# Save username
			if (self::setUsername($username)!==true) exit('Error: Updating username failed!');

			# Save password
			if (self::setPassword($password)!==true) exit('Error: Updating password failed!');

			return true;

		}

		exit('Error: Current password entered incorrectly!');

	}

	private static function setUsername($username) {

		# Check dependencies
		self::dependencies(isset($username));

		# Hash username
		$username = getHashedString($username);

		# Execute query
		# Do not prepare $username because it is hashed and save
		# Preparing (escaping) the username would destroy the hash
		$query	= Database::prepare(Database::get(), "UPDATE ? SET value = '$username' WHERE `key` = 'username'", array(LYCHEE_TABLE_SETTINGS));
		$result	= Database::get()->query($query);

		if (!$result) {
			Log::error(__METHOD__, __LINE__, Database::get()->error);
			return false;
		}
		return true;

	}

	private static function setPassword($password) {

		# Check dependencies
		self::dependencies(isset($password));

		# Hash password
		$password = getHashedString($password);

		# Execute query
		# Do not prepare $password because it is hashed and save
		# Preparing (escaping) the password would destroy the hash
		$query	= Database::prepare(Database::get(), "UPDATE ? SET value = '$password' WHERE `key` = 'password'", array(LYCHEE_TABLE_SETTINGS));
		$result	= Database::get()->query($query);

		if (!$result) {
			Log::error(__METHOD__, __LINE__, Database::get()->error);
			return false;
		}
		return true;

	}

	public static function setDropboxKey($key) {

		# Check dependencies
		self::dependencies(isset($key));

		if (strlen($key)<1||strlen($key)>50) {
			Log::notice(__METHOD__, __LINE__, 'Dropbox key is either too short or too long');
			return false;
		}

		# Execute query
		$query	= Database::prepare(Database::get(), "UPDATE ? SET value = '?' WHERE `key` = 'dropboxKey'", array(LYCHEE_TABLE_SETTINGS, $key));
		$result = Database::get()->query($query);

		if (!$result) {
			Log::error(__METHOD__, __LINE__, Database::get()->error);
			return false;
		}
		return true;

	}

	public static function setSortingPhotos($type, $order) {

		# Check dependencies
		self::dependencies(isset($type, $order));

		$sorting = 'ORDER BY ';

		# Set row
		switch ($type) {

			case 'id':			$sorting .= 'id';
								break;

			case 'title':		$sorting .= 'title';
								break;

			case 'description':	$sorting .= 'description';
								break;

			case 'public':		$sorting .= 'public';
								break;

			case 'type':		$sorting .= 'type';
								break;

			case 'star':		$sorting .= 'star';
								break;

			case 'takestamp':	$sorting .= 'takestamp';
								break;

			default:			exit('Error: Unknown type for sorting!');

		}

		$sorting .= ' ';

		# Set order
		switch ($order) {

			case 'ASC':		$sorting .= 'ASC';
							break;

			case 'DESC':	$sorting .= 'DESC';
							break;

			default:		exit('Error: Unknown order for sorting!');

		}

		# Execute query
		# Do not prepare $sorting because it is a true statement
		# Preparing (escaping) the sorting would destroy it
		# $sorting is save and can't contain user-input
		$query	= Database::prepare(Database::get(), "UPDATE ? SET value = '$sorting' WHERE `key` = 'sortingPhotos'", array(LYCHEE_TABLE_SETTINGS));
		$result	= Database::get()->query($query);

		if (!$result) {
			Log::error(__METHOD__, __LINE__, Database::get()->error);
			return false;
		}
		return true;

	}

	public static function setSortingAlbums($type, $order) {

		# Check dependencies
		self::dependencies(isset($type, $order));

		$sorting = 'ORDER BY ';

		# Set row
		switch ($type) {

			case 'id':			$sorting .= 'id';
								break;

			case 'title':		$sorting .= 'title';
								break;

			case 'description':	$sorting .= 'description';
								break;

			case 'public':		$sorting .= 'public';
								break;

			default:			exit('Error: Unknown type for sorting!');

		}

		$sorting .= ' ';

		# Set order
		switch ($order) {

			case 'ASC':		$sorting .= 'ASC';
							break;

			case 'DESC':	$sorting .= 'DESC';
							break;

			default:		exit('Error: Unknown order for sorting!');

		}

		# Execute query
		# Do not prepare $sorting because it is a true statement
		# Preparing (escaping) the sorting would destroy it
		# $sorting is save and can't contain user-input
		$query	= Database::prepare(Database::get(), "UPDATE ? SET value = '$sorting' WHERE `key` = 'sortingAlbums'", array(LYCHEE_TABLE_SETTINGS));
		$result	= Database::get()->query($query);

		if (!$result) {
			Log::error(__METHOD__, __LINE__, Database::get()->error);
			return false;
		}
		return true;

	}

}

?>
Fixed view and added Settings class 10 years ago			`<?php`

			`###`
Comment cleanup 10 years ago			`# @name Settings Module`
Updated copyright 9 years ago			`# @copyright 2015 by Tobias Reich`
Fixed view and added Settings class 10 years ago			`###`

			`if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');`

Added abstract/final to classes to be more strict 8 years ago			`final class Settings extends Module {`
Fixed view and added Settings class 10 years ago
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`private static $cache = null;`
Fixed view and added Settings class 10 years ago
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`public static function get() {`
Fixed view and added Settings class 10 years ago
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`if (self::$cache) return self::$cache;`
Fixed view and added Settings class 10 years ago
			`# Execute query`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`$query = Database::prepare(Database::get(), "SELECT * FROM ?", array(LYCHEE_TABLE_SETTINGS));`
			`$settings = Database::get()->query($query);`
Fixed view and added Settings class 10 years ago
			`# Add each to return`
			`while ($setting = $settings->fetch_object()) $return[$setting->key] = $setting->value;`

Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`# Convert plugins to array`
			`$return['plugins'] = explode(';', $return['plugins']);`

			`self::$cache = $return;`
Improved update to v2.5 - Removed `sysdate` and `systime`(#115) - Add `plugins` - Convert to utf-8 (#111) 10 years ago
Fixed view and added Settings class 10 years ago			`return $return;`

			`}`

Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`public static function setLogin($oldPassword = '', $username, $password) {`
Fixed view and added Settings class 10 years ago
Improved error handling by checking the dependencies (e.g. vars and parameters) 10 years ago			`# Check dependencies`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`self::dependencies(isset($oldPassword, $username, $password));`
Fixed view and added Settings class 10 years ago
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`if ($oldPassword===self::get()['password']\|\|self::get()['password']===crypt($oldPassword, self::get()['password'])) {`
Fixed view and added Settings class 10 years ago
			`# Save username`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`if (self::setUsername($username)!==true) exit('Error: Updating username failed!');`
Fixed view and added Settings class 10 years ago
			`# Save password`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`if (self::setPassword($password)!==true) exit('Error: Updating password failed!');`
Fixed view and added Settings class 10 years ago
			`return true;`

			`}`

			`exit('Error: Current password entered incorrectly!');`

			`}`

Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`private static function setUsername($username) {`
Fixed view and added Settings class 10 years ago
Improved error handling by checking the dependencies (e.g. vars and parameters) 10 years ago			`# Check dependencies`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`self::dependencies(isset($username));`
Fixed view and added Settings class 10 years ago
Removed useless md5 hashing in front-end and added username hashing in back-end 9 years ago			`# Hash username`
			`$username = getHashedString($username);`
Fixed view and added Settings class 10 years ago
			`# Execute query`
Removed useless md5 hashing in front-end and added username hashing in back-end 9 years ago			`# Do not prepare $username because it is hashed and save`
			`# Preparing (escaping) the username would destroy the hash`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			$query = Database::prepare(Database::get(), "UPDATE ? SET value = '$username' WHERE `key` = 'username'", array(LYCHEE_TABLE_SETTINGS));
			`$result = Database::get()->query($query);`
Fixed view and added Settings class 10 years ago
Added Log to Settings 10 years ago			`if (!$result) {`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`Log::error(__METHOD__, __LINE__, Database::get()->error);`
Added Log to Settings 10 years ago			`return false;`
			`}`
Fixed view and added Settings class 10 years ago			`return true;`

			`}`

Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`private static function setPassword($password) {`
Fixed view and added Settings class 10 years ago
Improved error handling by checking the dependencies (e.g. vars and parameters) 10 years ago			`# Check dependencies`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`self::dependencies(isset($password));`
Fixed view and added Settings class 10 years ago
Removed useless md5 hashing in front-end and added username hashing in back-end 9 years ago			`# Hash password`
			`$password = getHashedString($password);`
Fixed view and added Settings class 10 years ago
			`# Execute query`
Converted Settings to prepared statements (#38 #214 #196) 10 years ago			`# Do not prepare $password because it is hashed and save`
			`# Preparing (escaping) the password would destroy the hash`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			$query = Database::prepare(Database::get(), "UPDATE ? SET value = '$password' WHERE `key` = 'password'", array(LYCHEE_TABLE_SETTINGS));
			`$result = Database::get()->query($query);`
Fixed view and added Settings class 10 years ago
Added Log to Settings 10 years ago			`if (!$result) {`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`Log::error(__METHOD__, __LINE__, Database::get()->error);`
Added Log to Settings 10 years ago			`return false;`
			`}`
Fixed view and added Settings class 10 years ago			`return true;`

			`}`

Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`public static function setDropboxKey($key) {`
Fixed view and added Settings class 10 years ago
Improved error handling by checking the dependencies (e.g. vars and parameters) 10 years ago			`# Check dependencies`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`self::dependencies(isset($key));`
Fixed view and added Settings class 10 years ago
Added Log to Settings 10 years ago			`if (strlen($key)<1\|\|strlen($key)>50) {`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`Log::notice(__METHOD__, __LINE__, 'Dropbox key is either too short or too long');`
Added Log to Settings 10 years ago			`return false;`
			`}`
Fixed view and added Settings class 10 years ago
			`# Execute query`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			$query = Database::prepare(Database::get(), "UPDATE ? SET value = '?' WHERE `key` = 'dropboxKey'", array(LYCHEE_TABLE_SETTINGS, $key));
			`$result = Database::get()->query($query);`
Fixed view and added Settings class 10 years ago
Added Log to Settings 10 years ago			`if (!$result) {`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`Log::error(__METHOD__, __LINE__, Database::get()->error);`
Added Log to Settings 10 years ago			`return false;`
			`}`
Fixed view and added Settings class 10 years ago			`return true;`

			`}`

Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`public static function setSortingPhotos($type, $order) {`
Fixed view and added Settings class 10 years ago
Improved error handling by checking the dependencies (e.g. vars and parameters) 10 years ago			`# Check dependencies`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`self::dependencies(isset($type, $order));`
Fixed view and added Settings class 10 years ago
			`$sorting = 'ORDER BY ';`

			`# Set row`
			`switch ($type) {`

			`case 'id': $sorting .= 'id';`
			`break;`

			`case 'title': $sorting .= 'title';`
			`break;`

			`case 'description': $sorting .= 'description';`
			`break;`

			`case 'public': $sorting .= 'public';`
			`break;`

			`case 'type': $sorting .= 'type';`
			`break;`

			`case 'star': $sorting .= 'star';`
			`break;`

Improved sorting by takestamp and reset for older version (#152) 10 years ago			`case 'takestamp': $sorting .= 'takestamp';`
Fixed view and added Settings class 10 years ago			`break;`

			`default: exit('Error: Unknown type for sorting!');`

			`}`

			`$sorting .= ' ';`

			`# Set order`
			`switch ($order) {`

			`case 'ASC': $sorting .= 'ASC';`
			`break;`

			`case 'DESC': $sorting .= 'DESC';`
			`break;`

			`default: exit('Error: Unknown order for sorting!');`

			`}`

			`# Execute query`
Converted Settings to prepared statements (#38 #214 #196) 10 years ago			`# Do not prepare $sorting because it is a true statement`
			`# Preparing (escaping) the sorting would destroy it`
Added album sorting #98 9 years ago			`# $sorting is save and can't contain user-input`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			$query = Database::prepare(Database::get(), "UPDATE ? SET value = '$sorting' WHERE `key` = 'sortingPhotos'", array(LYCHEE_TABLE_SETTINGS));
			`$result = Database::get()->query($query);`
Fixed view and added Settings class 10 years ago
Added Log to Settings 10 years ago			`if (!$result) {`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`Log::error(__METHOD__, __LINE__, Database::get()->error);`
Added Log to Settings 10 years ago			`return false;`
			`}`
Fixed view and added Settings class 10 years ago			`return true;`

			`}`

Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`public static function setSortingAlbums($type, $order) {`
Added album sorting #98 9 years ago
			`# Check dependencies`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`self::dependencies(isset($type, $order));`
Added album sorting #98 9 years ago
			`$sorting = 'ORDER BY ';`

			`# Set row`
			`switch ($type) {`

			`case 'id': $sorting .= 'id';`
			`break;`

			`case 'title': $sorting .= 'title';`
			`break;`

			`case 'description': $sorting .= 'description';`
			`break;`

			`case 'public': $sorting .= 'public';`
			`break;`

			`default: exit('Error: Unknown type for sorting!');`

			`}`

			`$sorting .= ' ';`

			`# Set order`
			`switch ($order) {`

			`case 'ASC': $sorting .= 'ASC';`
			`break;`

			`case 'DESC': $sorting .= 'DESC';`
			`break;`

			`default: exit('Error: Unknown order for sorting!');`

			`}`

			`# Execute query`
			`# Do not prepare $sorting because it is a true statement`
			`# Preparing (escaping) the sorting would destroy it`
			`# $sorting is save and can't contain user-input`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			$query = Database::prepare(Database::get(), "UPDATE ? SET value = '$sorting' WHERE `key` = 'sortingAlbums'", array(LYCHEE_TABLE_SETTINGS));
			`$result = Database::get()->query($query);`
Added album sorting #98 9 years ago
			`if (!$result) {`
Singleton pattern for Settings::get(), Database::get() and Plugins::get() What could properly go wrong? ¯\_(ツ)_/¯ 8 years ago			`Log::error(__METHOD__, __LINE__, Database::get()->error);`
Added album sorting #98 9 years ago			`return false;`
			`}`
			`return true;`

			`}`

Fixed view and added Settings class 10 years ago			`}`

			`?>`