arno/lychee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Namespaces, Plugins via Namespaces, API entry file renamned, Settings::set()

Browse Source
This commit is contained in:
Tobias Reich 2016-01-26 15:31:53 +01:00
parent dc35658ddc
commit 145c3f5147
31 changed files with 329 additions and 370 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@ -7,12 +7,13 @@ uploads/big/*
uploads/import/*
uploads/medium/*
uploads/thumb/*
plugins/*
!uploads/big/index.html
!uploads/import/index.html
!uploads/medium/index.html
!uploads/thumb/index.html
!plugins/check/
!plugins/displaylog/
plugins/*
!plugins/Diagnostics/
!plugins/Log/

BIN
dist/main.js vendored
View File

Binary file not shown.

BIN
dist/view.js vendored
View File

Binary file not shown.

11
php/access/Access.php
View File

@ -1,15 +1,10 @@
<?php
###
# @name Access
# @copyright 2015 by Tobias Reich
###
namespace Lychee\Access;
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
interface Access {
abstract class Access {
abstract protected function check($fn);
public function check($fn);
}

14
php/access/Admin.php
View File

@ -1,13 +1,15 @@
<?php
###
# @name Admin Access
# @copyright 2015 by Tobias Reich
###
namespace Lychee\Access;
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
use Lychee\Modules\Album;
use Lychee\Modules\Import;
use Lychee\Modules\Module;
use Lychee\Modules\Photo;
use Lychee\Modules\Session;
use Lychee\Modules\Settings;
final class Admin extends Access {
final class Admin implements Access {
public function check($fn) {

12
php/access/Guest.php
View File

@ -1,13 +1,13 @@
<?php
###
# @name Guest Access (Public Mode)
# @copyright 2015 by Tobias Reich
###
namespace Lychee\Access;
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
use Lychee\Modules\Album;
use Lychee\Modules\Module;
use Lychee\Modules\Photo;
use Lychee\Modules\Session;
final class Guest extends Access {
final class Guest implements Access {
public function check($fn) {

10
php/access/Installation.php
View File

@ -1,13 +1,11 @@
<?php
###
# @name Installation Access
# @copyright 2015 by Tobias Reich
###
namespace Lychee\Access;
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
use Lychee\Modules\Config;
use Lychee\Modules\Module;
final class Installation extends Access {
final class Installation implements Access {
public function check($fn) {

22
php/autoload.php
View File

@ -1,15 +1,11 @@
<?php
###
# @name Autoload
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
spl_autoload_register(function($class) {
$file = LYCHEE . 'php/modules/' . $class . '.php';
$classPath = str_replace('Lychee\\', '', $class);
$classPath = str_replace('\\', DIRECTORY_SEPARATOR, $classPath);
$file = LYCHEE . 'php/' . $classPath . '.php';
if (file_exists($file)===true) require $file;
@ -17,15 +13,9 @@ spl_autoload_register(function($class) {
spl_autoload_register(function($class) {
$file = LYCHEE . 'php/access/' . $class . '.php';
$classPath = str_replace('\\', DIRECTORY_SEPARATOR, $class);
if (file_exists($file)===true) require $file;
});
spl_autoload_register(function($class) {
$file = LYCHEE . 'plugins/' . $class . '/' . $class . '.php';
$file = LYCHEE . 'plugins/' . $classPath . '.php';
if (file_exists($file)===true) require $file;

5
php/define.php
View File

@ -1,10 +1,5 @@
<?php
###
# @name Define
# @copyright 2015 by Tobias Reich
###
# Define root
define('LYCHEE', substr(__DIR__, 0, -3));

35
php/helpers/fastImageCopyResampled.php Normal file
View File

@ -0,0 +1,35 @@
<?php
function fastImageCopyResampled(&$dst_image, $src_image, $dst_x, $dst_y, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h, $quality = 4) {
###
# Plug-and-Play fastImageCopyResampled function replaces much slower imagecopyresampled.
# Just include this function and change all "imagecopyresampled" references to "fastImageCopyResampled".
# Typically from 30 to 60 times faster when reducing high resolution images down to thumbnail size using the default quality setting.
# Author: Tim Eckel - Date: 09/07/07 - Version: 1.1 - Project: FreeRingers.net - Freely distributable - These comments must remain.
#
# Optional "quality" parameter (defaults is 3). Fractional values are allowed, for example 1.5. Must be greater than zero.
# Between 0 and 1 = Fast, but mosaic results, closer to 0 increases the mosaic effect.
# 1 = Up to 350 times faster. Poor results, looks very similar to imagecopyresized.
# 2 = Up to 95 times faster. Images appear a little sharp, some prefer this over a quality of 3.
# 3 = Up to 60 times faster. Will give high quality smooth results very close to imagecopyresampled, just faster.
# 4 = Up to 25 times faster. Almost identical to imagecopyresampled for most images.
# 5 = No speedup. Just uses imagecopyresampled, no advantage over imagecopyresampled.
###
if (empty($src_image) || empty($dst_image) || $quality <= 0) { return false; }
if ($quality < 5 && (($dst_w * $quality) < $src_w || ($dst_h * $quality) < $src_h)) {
$temp = imagecreatetruecolor($dst_w * $quality + 1, $dst_h * $quality + 1);
imagecopyresized($temp, $src_image, 0, 0, $src_x, $src_y, $dst_w * $quality + 1, $dst_h * $quality + 1, $src_w, $src_h);
imagecopyresampled($dst_image, $temp, $dst_x, $dst_y, 0, 0, $dst_w, $dst_h, $dst_w * $quality, $dst_h * $quality);
imagedestroy($temp);
} else imagecopyresampled($dst_image, $src_image, $dst_x, $dst_y, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h);
return true;
}
?>

13
php/helpers/getExtension.php Normal file
View File

@ -0,0 +1,13 @@
<?php
function getExtension($filename) {
$extension = strpos($filename, '.') !== false
? strrchr($filename, '.')
: '';
return $extension;
}
?>

47
php/helpers/getGraphHeader.php Normal file
View File

@ -0,0 +1,47 @@
<?php
function getGraphHeader($photoID) {
$photo = new Photo($photoID);
if ($photo->getPublic('')===false) return false;
$query = Database::prepare(Database::get(), "SELECT title, description, url, medium FROM ? WHERE id = '?'", array(LYCHEE_TABLE_PHOTOS, $photoID));
$result = Database::get()->query($query);
$row = $result->fetch_object();
if (!$result||!$row) return false;
if ($row->medium==='1') $dir = 'medium';
else $dir = 'big';
$parseUrl = parse_url('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
$url = $parseUrl['scheme'] . '://' . $parseUrl['host'] . $parseUrl['path'] . '?' . $parseUrl['query'];
$picture = $parseUrl['scheme'] . '://' . $parseUrl['host'] . $parseUrl['path'] . '/../uploads/' . $dir . '/' . $row->url;
$url = htmlentities($url);
$picture = htmlentities($picture);
$row->title = htmlentities($row->title);
$row->description = htmlentities($row->description);
$return = '<!-- General Meta Data -->';
$return .= '<meta name="title" content="' . $row->title . '">';
$return .= '<meta name="description" content="' . $row->description . ' - via Lychee">';
$return .= '<link rel="image_src" type="image/jpeg" href="' . $picture . '">';
$return .= '<!-- Twitter Meta Data -->';
$return .= '<meta name="twitter:card" content="photo">';
$return .= '<meta name="twitter:title" content="' . $row->title . '">';
$return .= '<meta name="twitter:image:src" content="' . $picture . '">';
$return .= '<!-- Facebook Meta Data -->';
$return .= '<meta property="og:title" content="' . $row->title . '">';
$return .= '<meta property="og:description" content="' . $row->description . ' - via Lychee">';
$return .= '<meta property="og:image" content="' . $picture . '">';
$return .= '<meta property="og:url" content="' . $url . '">';
return $return;
}
?>

31
php/helpers/getHashedString.php Normal file
View File

@ -0,0 +1,31 @@
<?php
function getHashedString($password) {
# Inspired by http://alias.io/2010/01/store-passwords-safely-with-php-and-mysql/
# A higher $cost is more secure but consumes more processing power
$cost = 10;
# Create a random salt
if (extension_loaded('openssl')) {
$salt = strtr(substr(base64_encode(openssl_random_pseudo_bytes(17)),0,22), '+', '.');
} elseif (extension_loaded('mcrypt')) {
$salt = strtr(substr(base64_encode(mcrypt_create_iv(17, MCRYPT_DEV_URANDOM)),0,22), '+', '.');
} else {
$salt = "";
for ($i = 0; $i < 22; $i++) {
$salt .= substr("./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", mt_rand(0, 63), 1);
}
}
# Prefix information about the hash so PHP knows how to verify it later.
# "$2a$" Means we're using the Blowfish algorithm. The following two digits are the cost parameter.
$salt = sprintf("$2a$%02d$", $cost) . $salt;
# Hash the password with the salt
return crypt($password, $salt);
}
?>

14
php/helpers/hasPermissions.php Normal file
View File

@ -0,0 +1,14 @@
<?php
function hasPermissions($path) {
// Check if the given path is readable and writable
// Both functions are also verifying that the path exists
if (is_readable($path)===true&&
is_writeable($path)===true) return true;
return false;
}
?>

63
php/helpers/search.php Executable file
View File

@ -0,0 +1,63 @@
<?php
function search($term) {
$return['albums'] = '';
# Initialize return var
$return = array(
'photos' => null,
'albums' => null,
'hash' => ''
);
###
# Photos
###
$query = Database::prepare(Database::get(), "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE title LIKE '%?%' OR description LIKE '%?%' OR tags LIKE '%?%'", array(LYCHEE_TABLE_PHOTOS, $term, $term, $term));
$result = Database::get()->query($query);
while($photo = $result->fetch_assoc()) {
$photo = Photo::prepareData($photo);
$return['photos'][$photo['id']] = $photo;
}
###
# Albums
###
$query = Database::prepare(Database::get(), "SELECT id, title, public, sysstamp, password FROM ? WHERE title LIKE '%?%' OR description LIKE '%?%'", array(LYCHEE_TABLE_ALBUMS, $term, $term));
$result = Database::get()->query($query);
while($album = $result->fetch_assoc()) {
# Turn data from the database into a front-end friendly format
$album = Album::prepareData($album);
# Thumbs
$query = Database::prepare(Database::get(), "SELECT thumbUrl FROM ? WHERE album = '?' " . Settings::get()['sortingPhotos'] . " LIMIT 0, 3", array(LYCHEE_TABLE_PHOTOS, $album['id']));
$thumbs = Database::get()->query($query);
# For each thumb
$k = 0;
while ($thumb = $thumbs->fetch_object()) {
$album['thumbs'][$k] = LYCHEE_URL_UPLOADS_THUMB . $thumb->thumbUrl;
$k++;
}
# Add to return
$return['albums'][$album['id']] = $album;
}
# Hash
$return['hash'] = md5(json_encode($return));
return $return;
}
?>

25
php/api.php → php/index.php
View File

@ -2,9 +2,29 @@
###
# @name API
# @author Tobias Reich
# @copyright 2015 by Tobias Reich
###
namespace Lychee;
use Lychee\Modules\Config;
use Lychee\Modules\Settings;
use Lychee\Access\Installation;
use Lychee\Access\Admin;
use Lychee\Access\Guest;
require(__DIR__ . '/define.php');
require(__DIR__ . '/autoload.php');
require(__DIR__ . '/helpers/fastImageCopyResampled.php');
require(__DIR__ . '/helpers/getExtension.php');
require(__DIR__ . '/helpers/getGraphHeader.php');
require(__DIR__ . '/helpers/getHashedString.php');
require(__DIR__ . '/helpers/hasPermissions.php');
require(__DIR__ . '/helpers/search.php');
# Define the called function
if (isset($_POST['function'])) $fn = $_POST['function'];
else if (isset($_GET['function'])) $fn = $_GET['function'];
@ -17,11 +37,6 @@ if (!empty($fn)) {
session_start();
date_default_timezone_set('UTC');
# Load required files
require(__DIR__ . '/define.php');
require(__DIR__ . '/autoload.php');
require(__DIR__ . '/misc.php');
# Validate parameters
if (isset($_POST['albumIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['albumIDs'])!==1) exit('Error: Wrong parameter type for albumIDs!');
if (isset($_POST['photoIDs'])&&preg_match('/^[0-9\,]{1,}$/', $_POST['photoIDs'])!==1) exit('Error: Wrong parameter type for photoIDs!');

195
php/misc.php
View File

@ -1,195 +0,0 @@
<?php
###
# @name Misc Module
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
function search($term) {
$return['albums'] = '';
# Initialize return var
$return = array(
'photos' => null,
'albums' => null,
'hash' => ''
);
###
# Photos
###
$query = Database::prepare(Database::get(), "SELECT id, title, tags, public, star, album, thumbUrl, takestamp, url FROM ? WHERE title LIKE '%?%' OR description LIKE '%?%' OR tags LIKE '%?%'", array(LYCHEE_TABLE_PHOTOS, $term, $term, $term));
$result = Database::get()->query($query);
while($photo = $result->fetch_assoc()) {
$photo = Photo::prepareData($photo);
$return['photos'][$photo['id']] = $photo;
}
###
# Albums
###
$query = Database::prepare(Database::get(), "SELECT id, title, public, sysstamp, password FROM ? WHERE title LIKE '%?%' OR description LIKE '%?%'", array(LYCHEE_TABLE_ALBUMS, $term, $term));
$result = Database::get()->query($query);
while($album = $result->fetch_assoc()) {
# Turn data from the database into a front-end friendly format
$album = Album::prepareData($album);
# Thumbs
$query = Database::prepare(Database::get(), "SELECT thumbUrl FROM ? WHERE album = '?' " . Settings::get()['sortingPhotos'] . " LIMIT 0, 3", array(LYCHEE_TABLE_PHOTOS, $album['id']));
$thumbs = Database::get()->query($query);
# For each thumb
$k = 0;
while ($thumb = $thumbs->fetch_object()) {
$album['thumbs'][$k] = LYCHEE_URL_UPLOADS_THUMB . $thumb->thumbUrl;
$k++;
}
# Add to return
$return['albums'][$album['id']] = $album;
}
# Hash
$return['hash'] = md5(json_encode($return));
return $return;
}
function getGraphHeader($photoID) {
$photo = new Photo($photoID);
if ($photo->getPublic('')===false) return false;
$query = Database::prepare(Database::get(), "SELECT title, description, url, medium FROM ? WHERE id = '?'", array(LYCHEE_TABLE_PHOTOS, $photoID));
$result = Database::get()->query($query);
$row = $result->fetch_object();
if (!$result||!$row) return false;
if ($row->medium==='1') $dir = 'medium';
else $dir = 'big';
$parseUrl = parse_url('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
$url = $parseUrl['scheme'] . '://' . $parseUrl['host'] . $parseUrl['path'] . '?' . $parseUrl['query'];
$picture = $parseUrl['scheme'] . '://' . $parseUrl['host'] . $parseUrl['path'] . '/../uploads/' . $dir . '/' . $row->url;
$url = htmlentities($url);
$picture = htmlentities($picture);
$row->title = htmlentities($row->title);
$row->description = htmlentities($row->description);
$return = '<!-- General Meta Data -->';
$return .= '<meta name="title" content="' . $row->title . '">';
$return .= '<meta name="description" content="' . $row->description . ' - via Lychee">';
$return .= '<link rel="image_src" type="image/jpeg" href="' . $picture . '">';
$return .= '<!-- Twitter Meta Data -->';
$return .= '<meta name="twitter:card" content="photo">';
$return .= '<meta name="twitter:title" content="' . $row->title . '">';
$return .= '<meta name="twitter:image:src" content="' . $picture . '">';
$return .= '<!-- Facebook Meta Data -->';
$return .= '<meta property="og:title" content="' . $row->title . '">';
$return .= '<meta property="og:description" content="' . $row->description . ' - via Lychee">';
$return .= '<meta property="og:image" content="' . $picture . '">';
$return .= '<meta property="og:url" content="' . $url . '">';
return $return;
}
function getExtension($filename) {
$extension = strpos($filename, '.') !== false
? strrchr($filename, '.')
: '';
return $extension;
}
function getHashedString($password) {
# Inspired by http://alias.io/2010/01/store-passwords-safely-with-php-and-mysql/
# A higher $cost is more secure but consumes more processing power
$cost = 10;
# Create a random salt
if (extension_loaded('openssl')) {
$salt = strtr(substr(base64_encode(openssl_random_pseudo_bytes(17)),0,22), '+', '.');
} elseif (extension_loaded('mcrypt')) {
$salt = strtr(substr(base64_encode(mcrypt_create_iv(17, MCRYPT_DEV_URANDOM)),0,22), '+', '.');
} else {
$salt = "";
for ($i = 0; $i < 22; $i++) {
$salt .= substr("./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", mt_rand(0, 63), 1);
}
}
# Prefix information about the hash so PHP knows how to verify it later.
# "$2a$" Means we're using the Blowfish algorithm. The following two digits are the cost parameter.
$salt = sprintf("$2a$%02d$", $cost) . $salt;
# Hash the password with the salt
return crypt($password, $salt);
}
function hasPermissions($path) {
// Check if the given path is readable and writable
// Both functions are also verifying that the path exists
if (is_readable($path)===true&&
is_writeable($path)===true) return true;
return false;
}
function fastimagecopyresampled(&$dst_image, $src_image, $dst_x, $dst_y, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h, $quality = 4) {
###
# Plug-and-Play fastimagecopyresampled function replaces much slower imagecopyresampled.
# Just include this function and change all "imagecopyresampled" references to "fastimagecopyresampled".
# Typically from 30 to 60 times faster when reducing high resolution images down to thumbnail size using the default quality setting.
# Author: Tim Eckel - Date: 09/07/07 - Version: 1.1 - Project: FreeRingers.net - Freely distributable - These comments must remain.
#
# Optional "quality" parameter (defaults is 3). Fractional values are allowed, for example 1.5. Must be greater than zero.
# Between 0 and 1 = Fast, but mosaic results, closer to 0 increases the mosaic effect.
# 1 = Up to 350 times faster. Poor results, looks very similar to imagecopyresized.
# 2 = Up to 95 times faster. Images appear a little sharp, some prefer this over a quality of 3.
# 3 = Up to 60 times faster. Will give high quality smooth results very close to imagecopyresampled, just faster.
# 4 = Up to 25 times faster. Almost identical to imagecopyresampled for most images.
# 5 = No speedup. Just uses imagecopyresampled, no advantage over imagecopyresampled.
###
if (empty($src_image) || empty($dst_image) || $quality <= 0) { return false; }
if ($quality < 5 && (($dst_w * $quality) < $src_w || ($dst_h * $quality) < $src_h)) {
$temp = imagecreatetruecolor($dst_w * $quality + 1, $dst_h * $quality + 1);
imagecopyresized($temp, $src_image, 0, 0, $src_x, $src_y, $dst_w * $quality + 1, $dst_h * $quality + 1, $src_w, $src_h);
imagecopyresampled($dst_image, $temp, $dst_x, $dst_y, 0, 0, $dst_w, $dst_h, $dst_w * $quality, $dst_h * $quality);
imagedestroy($temp);
} else imagecopyresampled($dst_image, $src_image, $dst_x, $dst_y, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h);
return true;
}
?>

7
php/modules/Album.php
View File

@ -1,11 +1,6 @@
<?php
###
# @name Album Module
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
namespace Lychee\Modules;
final class Album extends Module {

7
php/modules/Config.php
View File

@ -1,11 +1,6 @@
<?php
###
# @name Database Module
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
namespace Lychee\Modules;
final class Config extends Module {

9
php/modules/Database.php
View File

@ -1,11 +1,8 @@
<?php
###
# @name Database Module
# @copyright 2015 by Tobias Reich
###
namespace Lychee\Modules;
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
use Mysqli;
final class Database extends Module {
@ -71,7 +68,7 @@ final class Database extends Module {
public static function connect($host = 'localhost', $user, $password) {
# Open a new connection to the MySQL server
$connection = new mysqli($host, $user, $password);
$connection = new Mysqli($host, $user, $password);
# Check if the connection was successful
if ($connection->connect_errno) return false;

7
php/modules/Import.php
View File

@ -1,11 +1,6 @@
<?php
###
# @name Import Module
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
namespace Lychee\Modules;
final class Import extends Module {

7
php/modules/Log.php
View File

@ -1,11 +1,6 @@
<?php
###
# @name Log Module
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
namespace Lychee\Modules;
final class Log extends Module {

7
php/modules/Module.php
View File

@ -1,11 +1,6 @@
<?php
###
# @name Module
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
namespace Lychee\Modules;
abstract class Module {

11
php/modules/Photo.php
View File

@ -1,11 +1,6 @@
<?php
###
# @name Photo Module
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
namespace Lychee\Modules;
final class Photo extends Module {
@ -361,12 +356,12 @@ final class Photo extends Module {
}
# Create thumb
fastimagecopyresampled($thumb, $sourceImg, 0, 0, $startWidth, $startHeight, $newWidth, $newHeight, $newSize, $newSize);
fastImageCopyResampled($thumb, $sourceImg, 0, 0, $startWidth, $startHeight, $newWidth, $newHeight, $newSize, $newSize);
imagejpeg($thumb, $newUrl, Settings::get()['thumbQuality']);
imagedestroy($thumb);
# Create retina thumb
fastimagecopyresampled($thumb2x, $sourceImg, 0, 0, $startWidth, $startHeight, $newWidth*2, $newHeight*2, $newSize, $newSize);
fastImageCopyResampled($thumb2x, $sourceImg, 0, 0, $startWidth, $startHeight, $newWidth*2, $newHeight*2, $newSize, $newSize);
imagejpeg($thumb2x, $newUrl2x, Settings::get()['thumbQuality']);
imagedestroy($thumb2x);

9
php/modules/Plugins.php
View File

@ -1,13 +1,10 @@
<?php
###
# @name Plugins Module
# @copyright 2015 by Tobias Reich
###
namespace Lychee\Modules;
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
use SplSubject;
final class Plugins implements \SplSubject {
final class Plugins implements SplSubject {
private static $instance = null;

7
php/modules/Session.php
View File

@ -1,11 +1,6 @@
<?php
###
# @name Session Module
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
namespace Lychee\Modules;
final class Session extends Module {

66
php/modules/Settings.php
View File

@ -1,11 +1,6 @@
<?php
###
# @name Settings Module
# @copyright 2015 by Tobias Reich
###
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
namespace Lychee\Modules;
final class Settings extends Module {
@ -31,6 +26,30 @@ final class Settings extends Module {
}
private static function set($key, $value, $row = false) {
if ($row===false) {
$query = Database::prepare(Database::get(), "UPDATE ? SET value = '?' WHERE `key` = '?'", array(LYCHEE_TABLE_SETTINGS, $value, $key));
} elseif ($row===true) {
# Do not prepare $value because it has already been escaped or is a true statement
$query = Database::prepare(Database::get(), "UPDATE ? SET value = '$value' WHERE `key` = '?'", array(LYCHEE_TABLE_SETTINGS, $key));
} else {
return false;
}
$result = Database::get()->query($query);
if (!$result) return false;
return true;
}
public static function setLogin($oldPassword = '', $username, $password) {
# Check dependencies
@ -63,10 +82,7 @@ final class Settings extends Module {
# Execute query
# Do not prepare $username because it is hashed and save
# Preparing (escaping) the username would destroy the hash
$query = Database::prepare(Database::get(), "UPDATE ? SET value = '$username' WHERE `key` = 'username'", array(LYCHEE_TABLE_SETTINGS));
$result = Database::get()->query($query);
if (!$result) {
if (self::set('username', $username, true)===false) {
Log::error(__METHOD__, __LINE__, Database::get()->error);
return false;
}
@ -82,13 +98,9 @@ final class Settings extends Module {
# Hash password
$password = getHashedString($password);
# Execute query
# Do not prepare $password because it is hashed and save
# Preparing (escaping) the password would destroy the hash
$query = Database::prepare(Database::get(), "UPDATE ? SET value = '$password' WHERE `key` = 'password'", array(LYCHEE_TABLE_SETTINGS));
$result = Database::get()->query($query);
if (!$result) {
if (self::set('password', $password, true)===false) {
Log::error(__METHOD__, __LINE__, Database::get()->error);
return false;
}
@ -96,21 +108,17 @@ final class Settings extends Module {
}
public static function setDropboxKey($key) {
public static function setDropboxKey($dropboxKey) {
# Check dependencies
self::dependencies(isset($key));
self::dependencies(isset($dropboxKey));
if (strlen($key)<1||strlen($key)>50) {
if (strlen($dropboxKey)<1||strlen($dropboxKey)>50) {
Log::notice(__METHOD__, __LINE__, 'Dropbox key is either too short or too long');
return false;
}
# Execute query
$query = Database::prepare(Database::get(), "UPDATE ? SET value = '?' WHERE `key` = 'dropboxKey'", array(LYCHEE_TABLE_SETTINGS, $key));
$result = Database::get()->query($query);
if (!$result) {
if (self::set('dropboxKey', $dropboxKey)===false) {
Log::error(__METHOD__, __LINE__, Database::get()->error);
return false;
}
@ -168,14 +176,10 @@ final class Settings extends Module {
}
# Execute query
# Do not prepare $sorting because it is a true statement
# Preparing (escaping) the sorting would destroy it
# $sorting is save and can't contain user-input
$query = Database::prepare(Database::get(), "UPDATE ? SET value = '$sorting' WHERE `key` = 'sortingPhotos'", array(LYCHEE_TABLE_SETTINGS));
$result = Database::get()->query($query);
if (!$result) {
if (self::set('sortingPhotos', $sorting, true)===false) {
Log::error(__METHOD__, __LINE__, Database::get()->error);
return false;
}
@ -224,14 +228,10 @@ final class Settings extends Module {
}
# Execute query
# Do not prepare $sorting because it is a true statement
# Preparing (escaping) the sorting would destroy it
# $sorting is save and can't contain user-input
$query = Database::prepare(Database::get(), "UPDATE ? SET value = '$sorting' WHERE `key` = 'sortingAlbums'", array(LYCHEE_TABLE_SETTINGS));
$result = Database::get()->query($query);
if (!$result) {
if (self::set('sortingAlbums', $sorting, true)===false) {
Log::error(__METHOD__, __LINE__, Database::get()->error);
return false;
}

18
plugins/check/index.php → plugins/Diagnostics/index.php
View File

@ -7,13 +7,17 @@
# @description This file takes a look at your Lychee-configuration and displays all errors it can find.
###
# Location
namespace Diagnostics;
use Mysqli;
use Lychee\Modules\Settings;
$lychee = __DIR__ . '/../../';
# Load requirements
require($lychee . 'php/define.php');
require($lychee . 'php/autoload.php');
require($lychee . 'php/misc.php');
require($lychee . 'php/helpers/hasPermissions.php');
# Start the session
session_start();
@ -59,18 +63,18 @@ if (!file_exists(LYCHEE_CONFIG_FILE)) exit('Error: Configuration not found. Plea
else require(LYCHEE_CONFIG_FILE);
# Database
$database = new mysqli($dbHost, $dbUser, $dbPassword, $dbName);
$database = new Mysqli($dbHost, $dbUser, $dbPassword, $dbName);
if (mysqli_connect_errno()!=0) $error .= ('Error: ' . mysqli_connect_errno() . ': ' . mysqli_connect_error() . '' . PHP_EOL);
# Load settings
$settings = Settings::get();
# Config
if (!isset($dbName)||$dbName==='') $error .= ('Error: No property for $dbName in config.php' . PHP_EOL);
if (!isset($dbUser)||$dbUser==='') $error .= ('Error: No property for $dbUser in config.php' . PHP_EOL);
if (!isset($dbPassword)) $error .= ('Error: No property for $dbPassword in config.php' . PHP_EOL);
if (!isset($dbHost)||$dbHost==='') $error .= ('Error: No property for $dbHost in config.php' . PHP_EOL);
# Load settings
$settings = Settings::get();
# Settings
if (!isset($settings['username'])||$settings['username']=='') $error .= ('Error: Username empty or not set in database' . PHP_EOL);
if (!isset($settings['password'])||$settings['password']=='') $error .= ('Error: Password empty or not set in database' . PHP_EOL);

34
plugins/displaylog/index.php → plugins/Log/index.php
View File

@ -1,23 +1,26 @@
<?php
###
# @name Display Log Plugin
# @name Log
# @author Tobias Reich
# @copyright 2015 by Tobias Reich
# @description This file queries the database for log messages and displays them if present.
###
# Location
namespace Log;
use Mysqli;
use Lychee\Modules\Database;
use Lychee\Modules\Settings;
$lychee = __DIR__ . '/../../';
require($lychee . 'php/define.php');
require($lychee . 'php/autoload.php');
# Start the session
session_start();
# Load requirements
require($lychee . 'php/define.php');
require($lychee . 'php/autoload.php');
require($lychee . 'php/misc.php');
# Set content
header('content-type: text/plain');
@ -25,24 +28,13 @@ header('content-type: text/plain');
if (!file_exists(LYCHEE_CONFIG_FILE)) exit('Error 001: Configuration not found. Please install Lychee first.');
require(LYCHEE_CONFIG_FILE);
# Database
$database = new mysqli($dbHost, $dbUser, $dbPassword, $dbName);
if (mysqli_connect_errno()!=0) {
echo 'Error 100: ' . mysqli_connect_errno() . ': ' . mysqli_connect_error() . '' . PHP_EOL;
exit();
}
# Load settings
$settings = Settings::get();
# Ensure that user is logged in
if ((isset($_SESSION['login'])&&$_SESSION['login']===true)&&
(isset($_SESSION['identifier'])&&$_SESSION['identifier']===$settings['identifier'])) {
(isset($_SESSION['identifier'])&&$_SESSION['identifier']===Settings::get()['identifier'])) {
# Result
$query = Database::prepare($database, "SELECT FROM_UNIXTIME(time), type, function, line, text FROM ?", array(LYCHEE_TABLE_LOG));
$result = $database->query($query);
$query = Database::prepare(Database::get(), "SELECT FROM_UNIXTIME(time), type, function, line, text FROM ?", array(LYCHEE_TABLE_LOG));
$result = Database::get()->query($query);
# Output
if ($result->num_rows===0) {

2
src/scripts/api.js
View File

@ -5,7 +5,7 @@
api = {
path : 'php/api.php',
path : 'php/index.php',
onError : null
}

4
src/scripts/contextMenu.js
View File

@ -31,8 +31,8 @@ contextMenu.settings = function(e) {
{ title: build.iconic('dropbox', 'ionicons') + 'Set Dropbox', fn: settings.setDropboxKey },
{ },
{ title: build.iconic('info') + 'About Lychee', fn: () => window.open(lychee.website) },
{ title: build.iconic('wrench') + 'Diagnostics', fn: () => window.open('plugins/check/') },
{ title: build.iconic('align-left') + 'Show Log', fn: () => window.open('plugins/displaylog/') },
{ title: build.iconic('wrench') + 'Diagnostics', fn: () => window.open('plugins/Diagnostics/') },
{ title: build.iconic('align-left') + 'Show Log', fn: () => window.open('plugins/Log/') },
{ },
{ title: build.iconic('account-logout') + 'Sign Out', fn: lychee.logout }
]