Settings modification working

This commit is contained in:
Phyks 2013-08-12 09:52:50 +02:00
parent 7226890aa1
commit 2f2d17a4f6
15 changed files with 180 additions and 51 deletions

2
TODO
View File

@ -3,7 +3,7 @@
* tokens + ban system * tokens + ban system
* remember me * remember me
* Display names * Display names
* htmlspecialchars * htmlspecialchars => on users objects
install.php : install.php :
============= =============

0
data/notice Executable file
View File

View File

@ -1,5 +1,5 @@
<?php <?php
require_once('config.php'); require_once('data/config.php');
class Storage { class Storage {
private $connection = null; private $connection = null;

View File

@ -1,5 +1,5 @@
<?php <?php
require_once('config.php'); require_once('data/config.php');
require_once('Storage.class.php'); require_once('Storage.class.php');
class User extends Storage { class User extends Storage {

View File

@ -1,10 +0,0 @@
<?php
define('VERSION_NUMBER', '2.0');
define('MYSQL_HOST', 'localhost');
define('MYSQL_LOGIN', 'root');
define('MYSQL_PASSWORD', 'lv:05/02/93-mariadb');
define('MYSQL_DB', 'Bouffe@Ulm');
define('MYSQL_PREFIX', 'bouffeatulm_');
define('INSTANCE_TITLE', 'Bouffe@Ulm');
define('BASE_URL', 'http://localhost/Bouffe@Ulm/');
define('SALT', '$2a$10$Cg7T08hTORaxZgfCua1xyQ==');

12
inc/functions.php Normal file
View File

@ -0,0 +1,12 @@
<?php
function getNotice() {
if(!file_exists('data/notice')) {
file_put_contents('data/notice');
}
return file_get_contents('data/notice');
}
function setNotice($notice) {
return file_put_contents('data/notice', $notice);
}

View File

@ -1,9 +1,10 @@
<?php <?php
// Include necessary files // Include necessary files
if(!file_exists('inc/config.php')) header('location: install.php'); if(!file_exists('data/config.php')) header('location: install.php');
require_once('inc/config.php'); require_once('data/config.php');
require_once('inc/User.class.php'); require_once('inc/User.class.php');
require_once('inc/rain.tpl.class.php'); require_once('inc/rain.tpl.class.php');
require_once('inc/functions.php');
raintpl::$tpl_dir = 'tpl/'; raintpl::$tpl_dir = 'tpl/';
raintpl::$cache_dir = 'tmp/'; raintpl::$cache_dir = 'tmp/';
@ -11,8 +12,10 @@
$tpl = new raintpl(); $tpl = new raintpl();
$tpl->assign('instance_title', htmlspecialchars(INSTANCE_TITLE)); $tpl->assign('instance_title', htmlspecialchars(INSTANCE_TITLE));
$tpl->assign('connection', false); $tpl->assign('connection', false);
$tpl->assign('notice', ''); $tpl->assign('notice', nl2br(getNotice()));
$tpl->assign('error', ''); $tpl->assign('error', '');
$tpl->assign('base_url', htmlspecialchars(BASE_URL));
$tpl->assign('currency', htmlspecialchars(CURRENCY));
// Handle current user status // Handle current user status
session_start(); session_start();
@ -42,8 +45,10 @@
header('location: index.php'); header('location: index.php');
} }
if(!empty($_POST['login']) && !empty($_POST['password'])) { if(!empty($_POST['login']) && !empty($_POST['password'])) {
if($current_user->exists($_POST['login']) && $current_user->checkPassword($_POST['password'])) { $user = new User();
$_SESSION['current_user'] = $current_user->sessionStore(); $user->setLogin($_POST['login']);
if($user->exists($_POST['login']) && $user->checkPassword($_POST['password'])) {
$_SESSION['current_user'] = $user->sessionStore();
header('location: index.php'); header('location: index.php');
exit(); exit();
} }
@ -109,7 +114,7 @@
$user->load_user(array('id'=>$user_id)); $user->load_user(array('id'=>$user_id));
$tpl->assign('user_data', $user); $tpl->assign('user_data', $user);
} }
$tpl->assign('user_id', (!empty($user_id) ? $user_id : -1)); $tpl->assign('user_id', (!empty($user_id) ? (int) $user_id : -1));
$tpl->assign('view', 'edit_user'); $tpl->assign('view', 'edit_user');
} }
else { else {
@ -135,6 +140,62 @@
} }
break; break;
case 'edit_notice':
if(isset($_POST['notice'])) {
setNotice($_POST['notice']);
header('location: index.php');
exit();
}
$tpl->assign('notice', getNotice());
$tpl->assign('show_settings', false);
$tpl->draw('settings');
break;
case 'settings':
if(!empty($_POST['mysql_host']) && !empty($_POST['mysql_login']) && !empty($_POST['mysql_db']) && !empty($_POST['currency']) && !empty($_POST['instance_title']) && !empty($_POST['base_url'])) {
if(!is_writable('data/')) {
$tpl>assign('error', 'The script can\'t write in data/ dir, check permissions set on this folder.');
}
$config = file('data/config.php');
foreach($config as $line_number=>$line) {
if(strpos($line, "MYSQL_HOST") !== FALSE)
$config[$line_number] = "\tdefine('".$_POST['mysql_host']."');\n";
elseif(strpos($line, "MYSQL_LOGIN") !== FALSE)
$config[$line_number] = "\tdefine('".$_POST['mysql_login']."');\n";
elseif(strpos($line, "MYSQL_PASSWORD") !== FALSE && !empty($_POST['mysql_password']))
$config[$line_number] = "\tdefine('".$_POST['mysql_password']."');\n";
elseif(strpos($line, "MYSQL_DB") !== FALSE)
$config[$line_number] = "\tdefine('".$_POST['mysql_db']."');\n";
elseif(strpos($line, "MYSQL_PREFIX") !== FALSE && !empty($_POST['mysql_prefix']))
$config[$line_number] = "\tdefine('".$_POST['mysql_prefix']."');\n";
elseif(strpos($line, "INSTANCE_TITLE") !== FALSE)
$config[$line_number] = "\tdefine('".$_POST['instance_title']."');\n";
elseif(strpos($line, "BASE_URL") !== FALSE)
$config[$line_number] = "\tdefine('".$_POST['base_url']."');\n";
elseif(strpos($line, "CURRENCY") !== FALSE)
$config[$line_number] = "\tdefine('".$_POST['currency']."');\n";
}
if(file_put_contents("data/config.php", $config)) {
header('location: index.php');
exit();
}
else {
$tpl->assign('error', 'Unable to write data/config.php file.');
}
}
$tpl->assign('mysql_host', MYSQL_HOST);
$tpl->assign('mysql_login', MYSQL_LOGIN);
$tpl->assign('mysql_db', MYSQL_DB);
$tpl->assign('mysql_prefix', MYSQL_PREFIX);
$tpl->assign('show_settings', true);
$tpl->draw('settings');
break;
default: default:
$users_list = new User(); $users_list = new User();
$users_list = $users_list->load_users(); $users_list = $users_list->load_users();

View File

@ -1,17 +1,17 @@
<?php <?php
if(file_exists('inc/config.php')) exit("Your Bouffe@Ulm instance is already configured. You should either delete inc/config.php to access this page or delete the install.php for security reasons if you are ok with the configuration."); if(file_exists('data/config.php')) exit("Your Bouffe@Ulm instance is already configured. You should either delete data/config.php to access this page or delete the install.php for security reasons if you are ok with the configuration.");
if(!function_exists("file_get_contents") && !function_exists("file_put_contents")) { if(!function_exists("file_get_contents") && !function_exists("file_put_contents")) {
$error = "Functions <em>file_get_contents</em> and <em>file_put_contents</em> seems to not be available on your PHP installation. You should enable them first."; $error = "Functions <em>file_get_contents</em> and <em>file_put_contents</em> seems to not be available on your PHP installation. You should enable them first.";
$block_form = true; $block_form = true;
} }
if(!is_writable('inc/')) { if(!is_writable('data/')) {
$error = "The script seems to be unable to write to <em>inc/</em> folder (to write the <em>inc/config.php</em> configuration file). You should give write access during install and disable them after (chmod 777 -R inc/ to install and chmod 755 -R inc/ after installation for example)."; $error = "The script seems to be unable to write to <em>data/</em> folder (to write the <em>data/config.php</em> configuration file). You should give write access during install and disable them after (chmod 777 -R data/ to install and chmod 755 -R data/ after installation for example).";
$block_form = true; $block_form = true;
} }
if(!empty($_POST['mysql_host']) && !empty($_POST['mysql_login']) && !empty($_POST['mysql_db']) && !empty($_POST['admin_login']) && !empty($_POST['admin_password']) && !empty($_POST['currency'])) { if(!empty($_POST['mysql_host']) && !empty($_POST['mysql_login']) && !empty($_POST['mysql_db']) && !empty($_POST['admin_login']) && !empty($_POST['admin_password']) && !empty($_POST['currency']) && !empty($_POST['instance_title']) && !empty($_POST['base_url'])) {
$mysql_host = $_POST['mysql_host']; $mysql_host = $_POST['mysql_host'];
$mysql_login = $_POST['mysql_login']; $mysql_login = $_POST['mysql_login'];
$mysql_db = $_POST['mysql_db']; $mysql_db = $_POST['mysql_db'];
@ -53,7 +53,7 @@
define('SALT', '".$salt."'); define('SALT', '".$salt."');
define('CURRENCY', '".$_POST['currency']."');"; define('CURRENCY', '".$_POST['currency']."');";
if(file_put_contents("inc/config.php", $config)) { if(file_put_contents("data/config.php", $config) && file_put_contents("data/notice", '')) {
try { try {
require_once('inc/User.class.php'); require_once('inc/User.class.php');
$admin = new User(); $admin = new User();
@ -68,7 +68,7 @@
} }
} }
else else
$error = 'Unable to write configuration to config file inc/config.php.'; $error = 'Unable to write configuration to config file data/config.php.';
} }
} }
?> ?>

View File

@ -9,13 +9,7 @@
<body> <body>
<?php if( !$connection ){ ?> <?php if( !$connection ){ ?>
<h1 id="title"><?php echo $instance_title;?></h1> <h1 id="title"><a href="<?php echo $base_url;?>"><?php echo $instance_title;?></a></h1>
<?php if( $notice != '' ){ ?>
<p><?php echo $notice;?></p>
<?php } ?>
<div id="menu"> <div id="menu">
<ul> <ul>
@ -29,7 +23,8 @@
<ul> <ul>
<li><a href="index.php?do=manage_paybacks">Manage paybacks</a></li> <li><a href="index.php?do=manage_paybacks">Manage paybacks</a></li>
<li><a href="index.php?do=edit_users">Edit users</a></li> <li><a href="index.php?do=edit_users">Edit users</a></li>
<li><a href="index.php?do=edit_notics">Edit notice on homepage</a></li> <li><a href="index.php?do=edit_notice">Edit notice on homepage</a></li>
<li><a href="index.php?do=settings">Settings</a></li>
</ul> </ul>
<?php } ?> <?php } ?>

View File

@ -1,9 +1,15 @@
<?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?> <?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?>
<?php if( $notice != '' ){ ?>
<div id="notice"><p><?php echo $notice;?></p></div>
<?php } ?>
<div id="quick_summary"> <div id="quick_summary">
<h2>Balance</h2> <h2>Balance</h2>
<p class="center">Read <em>line</em> owes <em>case</em> to <em>column</em>. You can click on links to confirm the payback. <p class="center">Read <em>line</em> owes <em>case</em><?php echo $currency;?> to <em>column</em>. You can click on links to confirm the payback.
<table> <table>
<tr> <tr>
<th>Owes\To</th> <th>Owes\To</th>
@ -50,3 +56,6 @@
</table> </table>
</div> </div>
<?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("footer") . ( substr("footer",-1,1) != "/" ? "/" : "" ) . basename("footer") );?>

View File

@ -7,3 +7,5 @@
<p><label for="password" class="label-block">Password : </label><input type="password" name="password" id="password"/></p> <p><label for="password" class="label-block">Password : </label><input type="password" name="password" id="password"/></p>
<p><input type="submit" value="Connect"/></p> <p><input type="submit" value="Connect"/></p>
</form> </form>
{include="footer"}

View File

@ -47,7 +47,7 @@ input[type=submit] {
border-radius: 10px; border-radius: 10px;
} }
#title { #title, #title a:visited, #install h1 {
background-color: #333; background-color: #333;
border-bottom: 0.3em solid green; border-bottom: 0.3em solid green;
color: white; color: white;
@ -56,6 +56,10 @@ input[type=submit] {
text-align: center; text-align: center;
} }
#title a {
text-decoration: none;
}
#menu ul { #menu ul {
text-align: center; text-align: center;
} }
@ -66,6 +70,13 @@ input[type=submit] {
margin-right: 1em; margin-right: 1em;
} }
#notice {
text-align: center;
font-size: 1.5em;
background-color: green;
padding: 0.1em;
}
#connexion_form { #connexion_form {
margin: auto; margin: auto;
width: 67%; width: 67%;
@ -81,23 +92,19 @@ input[type=submit] {
text-align: center; text-align: center;
} }
#textarea_notice {
width: 50%;
}
#install { #install {
margin: 0; margin: 0;
} }
#install form { #install form, #settings_form {
width: 67%; width: 67%;
margin: auto; margin: auto;
} }
#install h1 {
background-color: #333;
border-bottom: 0.3em solid green;
color: white;
padding: 0.5em;
margin: 0;
}
.error { .error {
font-size: 1.5em; font-size: 1.5em;
color: red; color: red;

View File

@ -8,11 +8,7 @@
</head> </head>
<body> <body>
{if condition="!$connection"} {if condition="!$connection"}
<h1 id="title">{$instance_title}</h1> <h1 id="title"><a href="{$base_url}">{$instance_title}</a></h1>
{if condition="$notice != ''"}
<p>{$notice}</p>
{/if}
<div id="menu"> <div id="menu">
<ul> <ul>
@ -25,7 +21,8 @@
<ul> <ul>
<li><a href="index.php?do=manage_paybacks">Manage paybacks</a></li> <li><a href="index.php?do=manage_paybacks">Manage paybacks</a></li>
<li><a href="index.php?do=edit_users">Edit users</a></li> <li><a href="index.php?do=edit_users">Edit users</a></li>
<li><a href="index.php?do=edit_notics">Edit notice on homepage</a></li> <li><a href="index.php?do=edit_notice">Edit notice on homepage</a></li>
<li><a href="index.php?do=settings">Settings</a></li>
</ul> </ul>
{/if} {/if}
</div> </div>

View File

@ -1,8 +1,12 @@
{include="header"} {include="header"}
{if condition="$notice != ''"}
<div id="notice"><p>{$notice}</p></div>
{/if}
<div id="quick_summary"> <div id="quick_summary">
<h2>Balance</h2> <h2>Balance</h2>
<p class="center">Read <em>line</em> owes <em>case</em>€ to <em>column</em>. You can click on links to confirm the payback. <p class="center">Read <em>line</em> owes <em>case</em>{$currency} to <em>column</em>. You can click on links to confirm the payback.
<table> <table>
<tr> <tr>
<th>Owes\To</th> <th>Owes\To</th>
@ -43,3 +47,5 @@
{/loop} {/loop}
</table> </table>
</div> </div>
{include="footer"}

50
tpl/settings.html Normal file
View File

@ -0,0 +1,50 @@
{include="header"}
{if condition="!$show_settings"}
<h2>Edit homepage notice</h2>
<form method="post" id="notice_form" action="index.php?do=edit_notice">
<p>
<label for="textarea_notice">Homepage notice :</label><br/>
<textarea name="notice" rows="15" id="textarea_notice">{$notice}</textarea>
</p>
<p><em>Note :</em> You can use HTML formatting in this form.</p>
<input type="submit" value="Submit"/>
</form>
{else}
<h2>Change settings of your Bouffe@Ulm installation</h2>
<form method="post" action="index.php?do=settings" id="settings_form">
<fieldset>
<legend>Database</legend>
<p><em>Note :</em> Use these settings carefully. Your database won't be updated by the script as it was during install and you'll have to manually update it.</p>
<p><label for="mysql_host">MySQL host : </label><input type="text" name="mysql_host" id="mysql_host" value="{$mysql_host}"/></p>
<p><label for="mysql_login">MySQL login : </label><input type="text" name="mysql_login" id="mysql_login" value="{$mysql_login}"/></p>
<p>
<label for="mysql_password">MySQL password : </label><input type="password" name="mysql_password" id="mysql_password"/><br/>
<em>Note :</em> Leave the above field blank if you don't want to change your password.
</p>
<p>
<label for="mysql_db">Name of the MySQL database to use : </label><input type="text" name="mysql_db" id="mysql_db" value="{$mysql_db}"/><br/>
<em>Note :</em> You <em>must</em> create this database first.
</p>
<p>
<label for="mysql_prefix">Prefix for the created tables : </label><input type="text" name="mysql_prefix" id="mysql_prefix" value="{$mysql_prefix}"/><br/>
<em>Note :</em> Leave the field blank to not use any.</p>
</fieldset>
<fieldset>
<legend>General options</legend>
<p><label for="instance_title">Title to display in pages : </label><input type="text" name="instance_title" id="instance_title" value="{$instance_title}"/></p>
<p>
<label for="base_url">Base URL : </label><input type="text" size="30" name="base_url" id="base_url" value="{$base_url}"/><br/>
<em>Note :</em> This is the base URL from which you access this page. You must keep the trailing "/" in the above address.
</p>
<p><label for="currency">Currency : </label><input type="text" name="currency" id="currency" size="3" value="{$currency}"/></p>
</fieldset>
<p class="center"><input type="submit" value="Update settings"></p>
</form>
{/if}
{include="footer"}