phyks
/
bouffeatulm
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added a check that tables don't exist in install.php + don't version tmp/

This commit is contained in:
Phyks 2013-08-26 09:29:30 +02:00
parent 8272ffb725
commit 2e2233eb81
9 changed files with 33 additions and 270 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,3 +2,4 @@
.*.sw*
old
data/
tmp/

6
TODO
View File

@ -5,10 +5,6 @@
* Refactor load method to avoir load_* methods !
* Test remember_me
install.php :
=============
* TRUNCATE before CREATE TABLE in install.php
inc/Invoices.class.php :
========================
* Better way to store users in ? => reprendre cette partie
@ -24,7 +20,6 @@ Tests :
* Remember me ?
* Add a bill
* Edit a bill
* Change settings
Tests passed (quick tests) :
============================
@ -32,3 +27,4 @@ Tests passed (quick tests) :
* Edit notice
* Add / Edit user
* Change password
* Change settings

36
install.php
View File

@ -26,16 +26,36 @@
//Create table "Users"
$db->query('CREATE TABLE IF NOT EXISTS '.$mysql_prefix.'Users (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, login VARCHAR(255), display_name VARCHAR(255), password VARCHAR(130), admin TINYINT(1)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci');
$count_users = $db->query('SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = "'.$mysql_db.'" AND table_name = "'.$mysql_prefix.'"Users');
$count_users = $count_users->fetch();
if($count_users[0] > 0) {
$warning = 'Table '.$mysql_prefix.'Users already exists. Not doing anything on this table. Please check manually that this table is correct.<br/>';
}
//Create table "Invoices"
$db->query('CREATE TABLE IF NOT EXISTS '.$mysql_prefix.'Invoices (id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, date INT(11), users_in VARCHAR(255), buyer INT(11), amount FLOAT, what TEXT) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci');
//Create table "Users_in_invoice"
$count_invoices = $db->query('SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = "'.$mysql_db.'" AND table_name = "'.$mysql_prefix.'"Invoices');
$count_invoices = $count_users->fetch();
if($count_invoices[0] > 0) {
$warning .= 'Table '.$mysql_prefix.'Users already exists. Not doing anything on this table. Please check manually that this table is correct.<br/>';
}
//Create table "Users_in_invoices"
$db->query('CREATE TABLE IF NOT EXISTS '.$mysql_prefix.'Users_in_invoices (invoice_id INT(11) NOT NULL, KEY invoice_id (invoice_id), user_id INT(11), KEY user_id (user_id), guests INT(11)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci');
$count_users_in_invoices = $db->query('SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = "'.$mysql_db.'" AND table_name = "'.$mysql_prefix.'"Users_in_invoices');
$count_users_in_invoices = $count_users_in_invoices->fetch();
if($count_users_in_invoices[0] > 0) {
$warning .= 'Table '.$mysql_prefix.'Users_in_invoices already exists. Not doing anything on this table. Please check manually that this table is correct.<br/>';
}
//Create table "Payback" - TODO
} catch (PDOException $e) {
$error = 'Unable to connect to database, check your credentials and config.<br/>Error message : '.$e->getMessage().'.';
$error = 'Unable to connect to database and create database, check your credentials and config.<br/>Error message : '.$e->getMessage().'.';
}
if(!filter_var($_POST['email_webmaster'], FILTER_VALIDATE_EMAIL)) {
@ -53,7 +73,7 @@
$salt = sprintf("$2a$%02d$", 10) . $salt; //prefix for blowfish
$config = "<?php
define('VERSION_NUMBER', '2.0');
define('VERSION_NUMBER', '0.1beta');
define('MYSQL_HOST', '".$mysql_host."');
define('MYSQL_LOGIN', '".$mysql_login."');
define('MYSQL_PASSWORD', '".$mysql_password."');
@ -77,8 +97,14 @@
$admin->setPassword($admin->encrypt($_POST['admin_password']));
$admin->setAdmin(true);
$admin->save();
header('location: index.php');
exit();
if(empty($warning)) {
header('location: index.php');
exit();
}
else {
echo '<p>'.$warning.'<a href="index.php">Go to your instance.</a></p>';
}
} catch (Exception $e) {
$erreur = 'An error occurred when inserting user in the database.<br/> Error message : '.$e->getMessage().'.';
}

15
tmp/connexion.af3906cfde643ae7f290cfdc51cc9342.rtpl.php
View File

@ -1,15 +0,0 @@
<?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?>
<h1 id="title"><?php echo $instance_title;?> - Connexion</h1>
<form method="post" action="index.php?do=connect" id="connexion_form">
<p><label for="login" class="label-block">Username : </label><input type="text" name="login" id="login" value="<?php echo $user_post;?>"/></p>
<p><label for="password" class="label-block">Password : </label><input type="password" name="password" id="password"/></p>
<p><input type="checkbox" name="remember_me" id="remember_me"/><label for="remember_me"> Remember me ?</label></p>
<p><input type="submit" value="Connect"/></p>
<p><a href="mailto:<?php echo $email_webmaster;?>?subject=<?php echo $instance_title;?>%20password">Forgotten password ?</a></p>
</form>
<?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("footer") . ( substr("footer",-1,1) != "/" ? "/" : "" ) . basename("footer") );?>

76
tmp/edit_users.af3906cfde643ae7f290cfdc51cc9342.rtpl.php
View File

@ -1,76 +0,0 @@
<?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?>
<?php if( $error != '' ){ ?>
<p class="error"><?php echo $error;?></p>
<?php } ?>
<?php if( $view == 'list_users' ){ ?>
<h2>List of users</h2>
<p>You can also <a href="?do=add_user">add a user</a>.</p>
<table>
<tr>
<th>Id</th>
<th>Login</th>
<th>Display Name</th>
<th>Is admin ?</th>
<th>Edit</th>
<th>Delete</th>
</tr>
<?php $counter1=-1; if( isset($users) && is_array($users) && sizeof($users) ) foreach( $users as $key1 => $value1 ){ $counter1++; ?>
<tr>
<td><?php echo $value1->getId();?></td>
<td><?php echo $value1->getLogin();?></td>
<td><?php echo $value1->getDisplayName();?></td>
<td><?php echo $value1->getAdmin() ? "Yes" : "No";?></td>
<td><a href="index.php?do=edit_users&user_id=<?php echo $value1->getId();?>">Edit</a></td>
<td><?php if( $value1->getId() != $current_user->getId() ){ ?><a href="index.php?do=delete_user&user_id=<?php echo $value1->getId();?>">Delete</a><?php } ?></td>
</tr>
<?php } ?>
</table>
<?php }elseif( $view == 'edit_user' ){ ?>
<h2><?php echo $user_id != -1 ? 'Edit' : 'Add';?> a user</h2>
<form method="post" action="index.php?do=<?php echo $user_id != -1 ? 'edit_users' : 'add_user';?>" id="edit_user_form">
<p>
<label for="login" class="label-block">Login : </label><input type="text" name="login" id="login" <?php if( $login_post != '' ){ ?> value="<?php echo $login_post;?>" <?php }else{ ?> <?php echo $user_id != -1 ? 'value="'.$user_data->getLogin().'"' : '';?> <?php } ?>/>
</p>
<p>
<label for="display_name" class="label-block">Displayed name : </label><input type="text" name="display_name" id="display_name" <?php if( $display_name_post != '' ){ ?> value="<?php echo $display_name_post;?>" <?php }else{ ?> <?php echo $user_id != -1 ? 'value="'.$user_data->getDisplayName().'"' : '';?> <?php } ?>/>
</p>
<p>
<label for="password" class="label-block">Password : </label><input type="password" name="password" id="password"/>
<?php if( $user_id != -1 ){ ?>
<br/><em>Note :</em> Leave blank this field if you don't want to edit password.
<?php } ?>
</p>
<p id="edit_user_admin_rights">
Give admin rights to this user ?<br/>
<input type="radio" id="admin_yes" value="1" name="admin" <?php if( $admin_post == 1 || ($admin_post == -1 && $user_id != -1 && $user_data->getAdmin()) ){ ?> checked<?php } ?>/><label for="admin_yes">Yes</label><br/>
<input type="radio" id="admin_no" value="0" name="admin" <?php if( $admin_post == 0 || ($admin_post == -1 && ($user_id == -1 || !$user_data->getAdmin())) ){ ?> checked<?php } ?>/><label for="admin_no">No</label>
</p>
<p class="center">
<input type="submit" value="<?php echo $user_id != -1 ? 'Edit' : 'Add';?>"/>
<?php if( $user_id != -1 ){ ?><input type="hidden" name="user_id" value="<?php echo $user_id;?>"/><?php } ?>
<input type="hidden" name="token" value="<?php echo $token;?>"/>
</p>
</form>
<?php }elseif( $view == 'password' ){ ?>
<h2>Edit your password</h2>
<form method="post" action="index.php?do=password" id="edit_password_form">
<p><label for="password" class="label-block">New password : </label><input type="password" id="password" name="password"/></p>
<p><label for="password_confirm" class="label-block">Confirm new password : </label><input type="password" id="password_confirm" name="password_confirm"/></p>
<p class="center"><input type="submit" value="Update"/><input type="hidden" name="token" value="<?php echo $token;?>"</p>
</form>
<?php } ?>

4
tmp/footer.36ba0f7e771a8681573a91518b54b424.rtpl.php
View File

@ -1,4 +0,0 @@
<?php if(!class_exists('raintpl')){exit;}?> <script type="text/javascript" src="tpl/./js/main.js"></script>
<script type="text/javascript" src="tpl/./js/jquery-1.10.2.min.js"></script>
</body>
</html>

33
tmp/header.36ba0f7e771a8681573a91518b54b424.rtpl.php
View File

@ -1,33 +0,0 @@
<?php if(!class_exists('raintpl')){exit;}?><!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="utf-8">
<title><?php echo $instance_title;?></title>
<link rel="stylesheet" media="screen" type="text/css" href="tpl/./css/style.css" />
<link rel="icon" href="tpl/./favicon.ico" />
</head>
<body>
<?php if( !$connection ){ ?>
<h1 id="title"><a href="<?php echo $base_url;?>"><?php echo $instance_title;?></a></h1>
<div id="menu">
<ul>
<li><a href="index.php?do=new_invoice">Add a bill</a></li>
<li><a href="index.php?do=password">Change your password</a></li>
<li><a href="index.php?do=paybacks">See paybacks</a></li>
<li><a href="index.php?do=disconnect">Disconnect</a></li>
</ul>
<?php if( $current_user->getAdmin() == 1 ){ ?>
<ul>
<li><a href="index.php?do=manage_paybacks">Manage paybacks</a></li>
<li><a href="index.php?do=edit_users">Edit users</a></li>
<li><a href="index.php?do=edit_notice">Edit notice on homepage</a></li>
<li><a href="index.php?do=settings">Settings</a></li>
</ul>
<?php } ?>
</div>
<?php } ?>

66
tmp/index.af3906cfde643ae7f290cfdc51cc9342.rtpl.php
View File

@ -1,66 +0,0 @@
<?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?>
<?php if( $notice != '' ){ ?>
<div id="notice"><p><?php echo $notice;?></p></div>
<?php } ?>
<div id="quick_summary">
<h2>Balance</h2>
<p class="center">Read <em>line</em> owes <em>case</em> <?php echo $currency;?> to <em>column</em>. You can click on links to confirm the payback.
<table>
<tr>
<th>Owes\To</th>
<?php $counter1=-1; if( isset($users) && is_array($users) && sizeof($users) ) foreach( $users as $key1 => $value1 ){ $counter1++; ?>
<th><?php echo $value1->getDisplayName();?></th>
<?php } ?>
</tr>
<?php $counter1=-1; if( isset($users) && is_array($users) && sizeof($users) ) foreach( $users as $key1 => $value1 ){ $counter1++; ?>
<tr>
<th><?php echo $value1->getDisplayName();?></th>
<?php $counter2=-1; if( isset($users) && is_array($users) && sizeof($users) ) foreach( $users as $key2 => $value2 ){ $counter2++; ?>
<td><a href=""><?php echo $value2->getDisplayName();?></a></td>
<?php } ?>
</tr>
<?php } ?>
</table>
</div>
<div id="detailed_summary">
<h2>Detailed list of bills for last month</h2>
<table>
<tr>
<th>Date</th>
<th>Paid by</th>
<th>Users in</th>
<th>Amount</th>
<th>What ?</th>
<th>Edit</th>
<th>Delete</th>
</tr>
<?php $counter1=-1; if( isset($invoices) && is_array($invoices) && sizeof($invoices) ) foreach( $invoices as $key1 => $value1 ){ $counter1++; ?>
<tr>
<td><?php echo $value1->getDate();?></td>
<td><?php echo $value1->getBuyer();?></td>
<td><?php echo $value1->getUsersIn();?></td>
<td><?php echo $value1->getAmount();?></td>
<td><?php echo $value1->getWhat();?></td>
<td><a href="index.php?do=edit_invoice&id=<?php echo $value1->getId();?>">Edit</a></td>
<td><a href="index.php?do=delete_invoice&id=<?php echo $value1->getId();?>">Delete</a></td>
</tr>
<?php } ?>
</table>
</div>
<?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("footer") . ( substr("footer",-1,1) != "/" ? "/" : "" ) . basename("footer") );?>

66
tmp/settings.af3906cfde643ae7f290cfdc51cc9342.rtpl.php
View File

@ -1,66 +0,0 @@
<?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?>
<?php if( !$show_settings ){ ?>
<h2>Edit homepage notice</h2>
<?php if( $error ){ ?><p class="error"><?php echo $error;?></p><?php } ?>
<form method="post" id="notice_form" action="index.php?do=edit_notice">
<p>
<label for="textarea_notice">Homepage notice :</label><br/>
<textarea name="notice" rows="15" id="textarea_notice"><?php echo $notice;?></textarea>
</p>
<p><em>Note :</em> You can use HTML formatting in this form.</p>
<p>
<input type="submit" value="Submit"/>
<input type="hidden" name="token" value="<?php echo $token;?>"/>
</p>
</form>
<?php }else{ ?>
<h2>Change settings of your Bouffe@Ulm installation</h2>
<?php if( $error ){ ?><p class="error"><?php echo $error;?></p><?php } ?>
<form method="post" action="index.php?do=settings" id="settings_form">
<fieldset>
<legend>Database</legend>
<p><em>Note :</em> Use these settings carefully. Your database won't be updated by the script as it was during install and you'll have to manually update it.</p>
<p><label for="mysql_host">MySQL host : </label><input type="text" name="mysql_host" id="mysql_host" value="<?php echo $mysql_host;?>"/></p>
<p><label for="mysql_login">MySQL login : </label><input type="text" name="mysql_login" id="mysql_login" value="<?php echo $mysql_login;?>"/></p>
<p>
<label for="mysql_password">MySQL password : </label><input type="password" name="mysql_password" id="mysql_password"/> <a href="" onclick="toggle_password('mysql_password'); return false;"><img src="tpl/tpl/img/toggle_password.jpg" alt="Toggle visible"/></a><br/>
<em>Note :</em> Leave the above field blank if you don't want to change your password.
</p>
<p>
<label for="mysql_db">Name of the MySQL database to use : </label><input type="text" name="mysql_db" id="mysql_db" value="<?php echo $mysql_db;?>"/><br/>
<em>Note :</em> You <em>must</em> create this database first.
</p>
<p>
<label for="mysql_prefix">Prefix for the created tables : </label><input type="text" name="mysql_prefix" id="mysql_prefix" value="<?php echo $mysql_prefix;?>"/><br/>
<em>Note :</em> Leave the field blank to not use any.</p>
</fieldset>
<fieldset>
<legend>General options</legend>
<p><label for="instance_title">Title to display in pages : </label><input type="text" name="instance_title" id="instance_title" value="<?php echo $instance_title;?>"/></p>
<p>
<label for="base_url">Base URL : </label><input type="text" size="30" name="base_url" id="base_url" value="<?php echo $base_url;?>"/><br/>
<em>Note :</em> This is the base URL from which you access this page. You must keep the trailing "/" in the above address.
</p>
<p><label for="currency">Currency : </label><input type="text" name="currency" id="currency" size="3" value="<?php echo $currency;?>"/></p>
<p>
<label for="timezone">Timezone : </label><input type="text" name="timezone" id="timezone" value="<?php echo $timezone;?>"/><br/>
<em>For example :</em> Europe/Paris. See the doc for more info.
</p>
<p><label for="email_webmaster">Webmaster's email : </label><input type="text" name="email_webmaster" id="email_webmaster" value="<?php echo $email_webmaster;?>"/></p>
</fieldset>
<p class="center"><input type="submit" value="Update settings"><input type="hidden" name="token" value="<?php echo $token;?>"/></p>
</form>
<?php } ?>
<?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("footer") . ( substr("footer",-1,1) != "/" ? "/" : "" ) . basename("footer") );?>