diff --git a/php/access/admin.php b/php/access/admin.php index d283aa6..61a6c1c 100644 --- a/php/access/admin.php +++ b/php/access/admin.php @@ -124,17 +124,20 @@ switch ($_POST['function']) { // Settings Function - case 'setLogin': if (isset($_POST['username'], $_POST['password'])) - if (!isset($_POST['oldPassword'])) $_POST['oldPassword'] = ''; - echo setLogin($_POST['oldPassword'], $_POST['username'], $_POST['password']); + case 'setLogin': if (!isset($_POST['username'], $_POST['password'])) exit(); + if (!isset($_POST['oldPassword'])) $_POST['oldPassword'] = ''; + $settings = new Settings($database); + echo $settings->setLogin($_POST['oldPassword'], $_POST['username'], $_POST['password']); break; - case 'setSorting': if (isset($_POST['type'], $_POST['order'])) - echo setSorting($_POST['type'], $_POST['order']); + case 'setSorting': if (!isset($_POST['type'], $_POST['order'])) exit(); + $settings = new Settings($database); + echo $settings->setSorting($_POST['type'], $_POST['order']); break; - case 'setDropboxKey': if (isset($_POST['key'])) - echo setDropboxKey($_POST['key']); + case 'setDropboxKey': if (!isset($_POST['key'])) exit(); + $settings = new Settings($database); + echo $settings->setDropboxKey($_POST['key']); break; // Miscellaneous diff --git a/php/api.php b/php/api.php index 708dc6b..a70f1df 100755 --- a/php/api.php +++ b/php/api.php @@ -24,7 +24,7 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) { // Load modules require('modules/misc.php'); require('modules/photo.php'); - require('modules/settings.php'); + require('modules/_settings.php'); require('modules/upload.php'); if (file_exists('../data/config.php')) require('../data/config.php'); @@ -41,9 +41,12 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) { } - // Connect and get settings + // Connect to database $database = Database::connect($dbHost, $dbUser, $dbPassword, $dbName); - $settings = getSettings(); + + // Load settings + $settings = new Settings($database); + $settings = $settings->get(); // Init plugins $plugins = explode(';', $settings['plugins']); diff --git a/php/modules/Album.php b/php/modules/Album.php index 37fac4b..dbb60f1 100644 --- a/php/modules/Album.php +++ b/php/modules/Album.php @@ -155,7 +155,7 @@ class Album extends Module { if (($public===true&&$album['password']===false)||($public===false)) { # Execute query - $thumbs = $this->database->query("SELECT thumbUrl FROM lychee_photos WHERE album = '" . $album['id'] . "' ORDER BY star DESC, " . substr($this->settings['sorting'], 9) . " LIMIT 0, 3"); + $thumbs = $this->database->query("SELECT thumbUrl FROM lychee_photos WHERE album = '" . $album['id'] . "' ORDER BY star DESC, " . substr($this->settings['sorting'], 9) . " LIMIT 3"); # For each thumb $k = 0; diff --git a/php/modules/_settings.php b/php/modules/_settings.php new file mode 100755 index 0000000..8aee2a8 --- /dev/null +++ b/php/modules/_settings.php @@ -0,0 +1,164 @@ +database = $database; + + return true; + + } + + public function get() { + + if (!isset($this->database)) return false; + + # Execute query + $settings = $this->database->query('SELECT * FROM lychee_settings;'); + + # Add each to return + while ($setting = $settings->fetch_object()) $return[$setting->key] = $setting->value; + + return $return; + + } + + public function setLogin($oldPassword = '', $username, $password) { + + if (!isset($this->database)) return false; + + # Load settings + $settings = $this->get(); + + if ($oldPassword==$settings['password']) { + + # Save username + if (!$this->setUsername($username)) exit('Error: Updating username failed!'); + + # Save password + if (!$this->setPassword($password)) exit('Error: Updating password failed!'); + + return true; + + } + + exit('Error: Current password entered incorrectly!'); + + } + + private function setUsername($username) { + + if (!isset($this->database)) return false; + + # Parse + $username = htmlentities($username); + if (strlen($username)>50) return false; + + # Execute query + $result = $this->database->query("UPDATE lychee_settings SET value = '$username' WHERE `key` = 'username';"); + + if (!$result) return false; + return true; + + } + + private function setPassword($password) { + + if (!isset($this->database)) return false; + + if (strlen($password)<1||strlen($password)>50) return false; + + # Execute query + $result = $this->database->query("UPDATE lychee_settings SET value = '$password' WHERE `key` = 'password';"); + + if (!$result) return false; + return true; + + } + + public function setDropboxKey($key) { + + if (!isset($this->database, $key)) return false; + + if (strlen($key)<1||strlen($key)>50) return false; + + # Execute query + $result = $this->database->query("UPDATE lychee_settings SET value = '$key' WHERE `key` = 'dropboxKey';"); + + if (!$result) return false; + return true; + + } + + public function setSorting($type, $order) { + + if (!isset($this->database, $type, $order)) return false; + + $sorting = 'ORDER BY '; + + # Set row + switch ($type) { + + case 'id': $sorting .= 'id'; + break; + + case 'title': $sorting .= 'title'; + break; + + case 'description': $sorting .= 'description'; + break; + + case 'public': $sorting .= 'public'; + break; + + case 'type': $sorting .= 'type'; + break; + + case 'star': $sorting .= 'star'; + break; + + case 'take': $sorting .= 'UNIX_TIMESTAMP(STR_TO_DATE(CONCAT(takedate,"-",taketime),"%d.%m.%Y-%H:%i:%S"))'; + break; + + default: exit('Error: Unknown type for sorting!'); + + } + + $sorting .= ' '; + + # Set order + switch ($order) { + + case 'ASC': $sorting .= 'ASC'; + break; + + case 'DESC': $sorting .= 'DESC'; + break; + + default: exit('Error: Unknown order for sorting!'); + + } + + # Execute query + $result = $this->database->query("UPDATE lychee_settings SET value = '$sorting' WHERE `key` = 'sorting';"); + + if (!$result) return false; + return true; + + } + +} + +?> \ No newline at end of file diff --git a/php/modules/misc.php b/php/modules/misc.php index 8ede984..9494ce0 100755 --- a/php/modules/misc.php +++ b/php/modules/misc.php @@ -9,9 +9,9 @@ if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!'); -function openGraphHeader($photoID) { +function getGraphHeader($database, $photoID) { - global $database; + if (!isset($database, $photoID)) return false; $photoID = mysqli_real_escape_string($database, $photoID); diff --git a/php/modules/settings.php b/php/modules/settings.php deleted file mode 100755 index 2a7b4e0..0000000 --- a/php/modules/settings.php +++ /dev/null @@ -1,136 +0,0 @@ -query('SELECT * FROM lychee_settings;'); - - while ($row = $result->fetch_object()) { - $return[$row->key] = $row->value; - } - - return $return; - -} - -function setLogin($oldPassword = '', $username, $password) { - - global $settings; - - if ($oldPassword==$settings['password']) { - - if (!setUsername($username)) exit('Error: Updating username failed!'); - if (!setPassword($password)) exit('Error: Updating password failed!'); - - return true; - - } - - exit('Error: Current password entered incorrectly!'); - -} - -function setUsername($username) { - - global $database; - - $username = htmlentities($username); - if (strlen($username)>50) return false; - - $result = $database->query("UPDATE lychee_settings SET value = '$username' WHERE `key` = 'username';"); - - if (!$result) return false; - return true; - -} - -function setPassword($password) { - - global $database; - - if (strlen($password)<1||strlen($password)>50) return false; - - $result = $database->query("UPDATE lychee_settings SET value = '$password' WHERE `key` = 'password';"); - - if (!$result) return false; - return true; - -} - -function setDropboxKey($key) { - - global $database; - - if (strlen($key)<1||strlen($key)>50) return false; - - $result = $database->query("UPDATE lychee_settings SET value = '$key' WHERE `key` = 'dropboxKey';"); - - if (!$result) return false; - return true; - -} - -function setSorting($type, $order) { - - global $database; - - $sorting = 'ORDER BY '; - - switch ($type) { - - case 'id': $sorting .= 'id'; - break; - - case 'title': $sorting .= 'title'; - break; - - case 'description': $sorting .= 'description'; - break; - - case 'public': $sorting .= 'public'; - break; - - case 'type': $sorting .= 'type'; - break; - - case 'star': $sorting .= 'star'; - break; - - case 'take': $sorting .= 'UNIX_TIMESTAMP(STR_TO_DATE(CONCAT(takedate,"-",taketime),"%d.%m.%Y-%H:%i:%S"))'; - break; - - default: exit('Error: Unknown type for sorting!'); - - } - - $sorting .= ' '; - - switch ($order) { - - case 'ASC': $sorting .= 'ASC'; - break; - - case 'DESC': $sorting .= 'DESC'; - break; - - default: exit('Error: Unknown order for sorting!'); - - } - - $result = $database->query("UPDATE lychee_settings SET value = '$sorting' WHERE `key` = 'sorting';"); - - if (!$result) return false; - return true; - -} - -?> \ No newline at end of file diff --git a/view.php b/view.php index dfc0dc0..7d962f4 100644 --- a/view.php +++ b/view.php @@ -27,12 +27,13 @@ define("LYCHEE", true); require("data/config.php"); - require("php/modules/db.php"); + require("php/modules/Module.php"); + require("php/modules/Database.php"); require("php/modules/misc.php"); - $database = dbConnect(); + $database = Database::connect($dbHost, $dbUser, $dbPassword, $dbName); - echo openGraphHeader($_GET['p']); + echo getGraphHeader($database, $_GET['p']); }