Project-Pro/kobcrane-montaze.pl
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add author management functionality and update routing rules

Browse Source 
- Updated .htaccess rules to allow trailing slashes for specific routes.
- Introduced a new .gitignore file to exclude the cache directory.
- Created project configuration file for Serena with language and tool settings.
- Implemented Authors class for managing author data, including methods for saving, deleting, and editing authors.
- Added factory class for Authors to handle database interactions related to authors.
- Developed Article class to manage article data and interactions, including fetching articles and updating views.
- Created Page class with a placeholder method for sorting pages.
- Added front factory class for fetching author details with caching.
This commit is contained in:
Jacek Pyziak
2026-02-27 11:28:56 +01:00
parent 146bdb0b14
commit c9ed7b5d5d
29 changed files with 2996 additions and 1844 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
autoload/admin/factory/class.Articles.php
View File

@@ -86,6 +86,24 @@ class Articles
return true;
}
static public function files_order_save( $article_id, $order )
{
global $mdb;
$order = explode( ';', $order );
if ( is_array( $order ) and !empty( $order ) ) foreach ( $order as $file_id )
{
$mdb -> update( 'pp_articles_files', [
'o' => (int)$i++
], [
'AND' => [
'article_id' => $article_id,
'id' => $file_id
]
] );
}
}
public static function gallery_order_save( $article_id, $order )
{
global $mdb;
@@ -222,7 +240,7 @@ class Articles
$article['languages'][ $row['lang_id'] ] = $row;
$article['images'] = $mdb -> select( 'pp_articles_images', '*', [ 'article_id' => (int)$article_id, 'ORDER' => [ 'o' => 'ASC', 'id' => 'ASC' ] ] );
$article['files'] = $mdb -> select( 'pp_articles_files', '*', [ 'article_id' => (int)$article_id ] );
$article['files'] = $mdb -> select( 'pp_articles_files', '*', [ 'article_id' => (int)$article_id, 'ORDER' => [ 'o' => 'ASC', 'id' => 'ASC' ] ] );
$article['pages'] = $mdb -> select( 'pp_articles_pages', 'page_id', [ 'article_id' => (int)$article_id ] );
$article['tags'] = $mdb -> select( 'pp_tags', [ '[><]pp_articles_tags' => [ 'id' => 'tag_id' ] ], 'name', [ 'article_id' => (int)$article_id ] );
$article['params'] = $mdb -> select( 'pp_articles_additional_values', [ 'param_id', 'value', 'language_id' ], [ 'article_id' => (int)$article_id ] );
@@ -238,9 +256,9 @@ class Articles
}
public static function article_save(
$article_id, $title, $entry, $text, $status, $show_title, $show_date_add, $date_add, $show_date_modify, $seo_link, $meta_title, $meta_description,
$article_id, $title, $main_image, $entry, $text, $table_of_contents, $status, $show_title, $show_table_of_contents, $show_date_add, $date_add, $show_date_modify, $date_modify, $seo_link, $meta_title, $meta_description,
$meta_keywords, $layout_id, $pages, $noindex, $repeat_entry, $copy_from, $social_icons, $event_date, $tags, $block_direct_access, $priority,
$password, $pixieset, $params )
$password, $pixieset, $id_author, $params )
{
global $mdb, $user;
@@ -251,10 +269,11 @@ class Articles
{
$mdb -> insert( 'pp_articles', [
'show_title' => $show_title == 'on' ? 1 : 0,
'show_table_of_contents' => $show_table_of_contents == 'on' ? 1 : 0,
'show_date_add' => $show_date_add == 'on' ? 1 : 0,
'show_date_modify' => $show_date_modify == 'on' ? 1 : 0,
'date_add' => $date_add ? $date_add : date( 'Y-m-d H:i:s' ),
'date_modify' => $date_add ? $date_add : date( 'Y-m-d H:i:s' ),
'date_add' => date( 'Y-m-d H:i:s' ),
'date_modify' => date( 'Y-m-d H:i:s' ),
'modify_by' => $user['id'],
'layout_id' => $layout_id ? (int)$layout_id : null,
'status' => $status == 'on' ? 1 : 0,
@@ -264,7 +283,8 @@ class Articles
'date_end' => $event_date[1] ? $event_date[1] : null,
'priority' => $priority == 'on' ? 1 : 0,
'password' => $password ? $password : null,
'pixieset' => $pixieset
'pixieset' => $pixieset,
'id_author' => $id_author ? $id_author : null
] );
$id = $mdb -> id();
@@ -281,8 +301,10 @@ class Articles
'article_id' => (int)$id,
'lang_id' => $row['id'],
'title' => $title[ $i ] != '' ? $title[ $i ] : null,
'main_image' => $main_image[$i] != '' ? $main_image[$i] : null,
'entry' => $entry[ $i ] != '' ? $entry[ $i ] : null,
'text' => $text[ $i ] != '' ? $text[ $i ] : null,
'table_of_contents' => $table_of_contents[$i] != '' ? $table_of_contents[$i] : null,
'meta_title' => $meta_title[ $i ] != '' ? $meta_title[ $i ] : null,
'meta_description' => $meta_description[ $i ] != '' ? $meta_description[ $i ] : null,
'meta_keywords' => $meta_keywords[ $i ] != '' ? $meta_keywords[ $i ] : null,
@@ -299,8 +321,10 @@ class Articles
'article_id' => (int)$id,
'lang_id' => $row['id'],
'title' => $title != '' ? $title : null,
'main_image' => $main_image != '' ? $main_image : null,
'entry' => $entry != '' ? $entry : null,
'text' => $text != '' ? $text : null,
'table_of_contents' => $table_of_contents != '' ? $table_of_contents : null,
'meta_title' => $meta_title != '' ? $meta_title : null,
'meta_description' => $meta_description != '' ? $meta_description : null,
'meta_keywords' => $meta_keywords != '' ? $meta_keywords : null,
@@ -430,9 +454,11 @@ class Articles
{
$mdb -> update( 'pp_articles', [
'show_title' => $show_title == 'on' ? 1 : 0,
'show_table_of_contents' => $show_table_of_contents == 'on' ? 1 : 0,
'show_date_add' => $show_date_add == 'on' ? 1 : 0,
'date_add' => $date_add,
'show_date_modify' => $show_date_modify == 'on' ? 1 : 0,
'date_modify' => date( 'Y-m-d H:i:s' ),
'date_modify' => $date_modify ? $date_modify : date( 'Y-m-d H:i:s' ),
'modify_by' => $user['id'],
'layout_id' => $layout_id ? (int)$layout_id : null,
'status' => $status == 'on' ? 1 : 0,
@@ -442,7 +468,8 @@ class Articles
'date_end' => $event_date[1] ? $event_date[1] : null,
'priority' => $priority == 'on' ? 1 : 0,
'password' => $password ? $password : null,
'pixieset' => $pixieset
'pixieset' => $pixieset,
'id_author' => $id_author ? $id_author : null
], [
'id' => (int)$article_id
] );
@@ -462,8 +489,10 @@ class Articles
'article_id' => (int)$article_id,
'lang_id' => $row['id'],
'title' => $title[ $i ] != '' ? $title[ $i ] : null,
'main_image' => $main_image[$i] != '' ? $main_image[$i] : null,
'entry' => $entry[ $i ] != '' ? $entry[ $i ] : null,
'text' => $text[ $i ] != '' ? $text[ $i ] : null,
'table_of_contents' => $table_of_contents[$i] != '' ? $table_of_contents[$i] : null,
'meta_title' => $meta_title[ $i ] != '' ? $meta_title[ $i ] : null,
'meta_description' => $meta_description[ $i ] != '' ? $meta_description[ $i ] : null,
'meta_keywords' => $meta_keywords[ $i ] != '' ? $meta_keywords[ $i ] : null,
@@ -480,8 +509,10 @@ class Articles
'article_id' => (int)$article_id,
'lang_id' => $row['id'],
'title' => $title != '' ? $title : null,
'main_image' => $main_image != '' ? $main_image : null,
'entry' => $entry != '' ? $entry : null,
'text' => $text != '' ? $text : null,
'table_of_contents' => $table_of_contents != '' ? $table_of_contents : null,
'meta_title' => $meta_title != '' ? $meta_title : null,
'meta_description' => $meta_description != '' ? $meta_description : null,
'meta_keywords' => $meta_keywords != '' ? $meta_keywords : null,

117
autoload/admin/factory/class.Authors.php Normal file
View File

@@ -0,0 +1,117 @@
<?
namespace admin\factory;
class Authors
{
// prosta lista autorów
static public function get_simple_list()
{
global $mdb;
return $mdb -> select( 'pp_authors', '*', [ 'ORDER' => [ 'author' => 'ASC' ] ] );
}
// usunięcie autora
static public function delete_author( $id_author )
{
global $mdb;
$result = $mdb -> delete( 'pp_authors', [ 'id' => (int)$id_author ] );
\S::delete_cache();
return $result;
}
// zapis autora
static public function save_author( $id_author, $author, $image, $description )
{
global $mdb;
if ( !$id_author )
{
$mdb -> insert( 'pp_authors', [
'author' => $author,
'image' => $image
] );
$id = $mdb -> id();
if ( $id )
{
$i = 0;
$results = $mdb -> select( 'pp_langs', [ 'id' ], [ 'status' => 1, 'ORDER' => [ 'o' => 'ASC' ] ] );
if ( is_array( $results ) and count( $results ) > 1 ) foreach ( $results as $row )
{
$mdb -> insert( 'pp_authors_langs', [
'id_author' => (int)$id,
'id_lang' => $row['id'],
'description' => $description[ $i ]
] );
$i++;
}
else if ( is_array( $results ) and count( $results ) == 1 ) foreach ( $results as $row )
{
$mdb -> insert( 'pp_authors_langs', [
'id_author' => (int)$id,
'id_lang' => $row['id'],
'description' => $description
] );
}
\S::delete_cache();
return $id;
}
}
else
{
$mdb -> update( 'pp_authors', [
'author' => $author,
'image' => $image
], [
'id' => (int)$id_author
] );
$mdb -> delete( 'pp_authors_langs', [ 'id_author' => (int)$id_author ] );
$i = 0;
$results = $mdb -> select( 'pp_langs', [ 'id' ], [ 'status' => 1, 'ORDER' => [ 'o' => 'ASC' ] ] );
if ( is_array( $results ) and count( $results ) > 1 ) foreach ( $results as $row )
{
$mdb -> insert( 'pp_authors_langs', [
'id_author' => (int)$id_author,
'id_lang' => $row['id'],
'description' => $description[ $i ]
] );
$i++;
}
else if ( is_array( $results ) and count( $results ) == 1 ) foreach ( $results as $row )
{
$mdb -> insert( 'pp_authors_langs', [
'id_author' => (int)$id_author,
'id_lang' => $row['id'],
'description' => $description
] );
}
\S::delete_cache();
return $id_author;
}
return false;
}
// szczególy autora
static public function get_single_author( $id_author )
{
global $mdb;
$author = $mdb -> get( 'pp_authors', '*', [ 'id' => (int)$id_author ] );
$results = $mdb -> select( 'pp_authors_langs', '*', [ 'id_author' => (int)$id_author ] );
if ( is_array( $results ) ) foreach ( $results as $row )
$author['languages'][$row['id_lang']] = $row;
return $author;
}
}

83
autoload/admin/factory/class.Pages.php
View File

@@ -123,7 +123,7 @@ class Pages
)
{
global $mdb;
if ( !$parent_id )
$parent_id = null;
@@ -131,60 +131,55 @@ class Pages
{
$order = self::max_order() + 1;
$mdb -> insert( 'pp_pages',
[
'menu_id' => (int) $menu_id,
'page_type' => $page_type,
'sort_type' => $sort_type,
$mdb -> insert( 'pp_pages', [
'menu_id' => (int) $menu_id,
'page_type' => $page_type,
'sort_type' => $sort_type,
'articles_limit' => $articles_limit,
'show_title' => $show_title == 'on' ? 1 : 0,
'status' => $status == 'on' ? 1 : 0,
'o' => (int) $order,
'parent_id' => $parent_id,
'start' => $start == 'on' ? 1 : 0,
'cache' => $cache == 'on' ? 1 : 0
] );
'show_title' => $show_title == 'on' ? 1 : 0,
'status' => $status == 'on' ? 1 : 0,
'o' => (int) $order,
'parent_id' => $parent_id,
'start' => $start == 'on' ? 1 : 0,
'cache' => $cache == 'on' ? 1 : 0
] );
$id = $mdb -> id();
if ( $id )
{
if ( $start )
$mdb -> update( 'pp_pages', [ 'start' => 0 ], [ 'id[!]' => (int) $id ] );
$mdb -> update( 'pp_pages', [ 'start' => 0 ], [ 'id[!]' => (int)$id ] );
if ( $layout_id )
$mdb -> insert( 'pp_layouts_pages',
[ 'page_id' => (int) $id, 'layout_id' => (int) $layout_id ] );
$mdb -> insert( 'pp_layouts_pages', [ 'page_id' => (int) $id, 'layout_id' => (int)$layout_id ] );
$i = 0;
$results = $mdb -> select( 'pp_langs', [ 'id' ],
[ 'status' => 1, 'ORDER' => [ 'o' => 'ASC' ] ] );
if ( is_array( $results ) and count( $results ) > 1 )
foreach ( $results as $row )
{
$mdb -> insert( 'pp_pages_langs',
[
'page_id' => (int) $id,
'lang_id' => $row['id'],
'title' => $title[$i] != '' ? $title[$i] : null,
'meta_description' => $meta_description[$i] != '' ? $meta_description[$i] : null,
'meta_keywords' => $meta_keywords[$i] != '' ? $meta_keywords[$i] : null,
'meta_title' => $meta_title[$i] != '' ? $meta_title[$i] : null,
'seo_link' => \S::seo( $seo_link[$i] ) != '' ? \S::seo( $seo_link[$i] ) : null,
'noindex' => $noindex[$i],
'site_title' => $site_title[$i] != '' ? $site_title[$i] : null,
'link' => $link[$i] != '' ? $link[$i] : null,
'block_direct_access' => $block_direct_access[$i],
'canonical' => $canonical[$i] != '' ? $canonical[$i] : null
] );
$i++;
}
$results = $mdb -> select( 'pp_langs', [ 'id' ], [ 'status' => 1, 'ORDER' => [ 'o' => 'ASC' ] ] );
if ( is_array( $results ) and count( $results ) > 1 ) foreach ( $results as $row )
{
$mdb -> insert( 'pp_pages_langs', [
'page_id' => (int) $id,
'lang_id' => $row['id'],
'title' => $title[$i] != '' ? $title[$i] : null,
'meta_description' => $meta_description[$i] != '' ? $meta_description[$i] : null,
'meta_keywords' => $meta_keywords[$i] != '' ? $meta_keywords[$i] : null,
'meta_title' => $meta_title[$i] != '' ? $meta_title[$i] : null,
'seo_link' => \S::seo( $seo_link[$i] ) != '' ? \S::seo( $seo_link[$i] ) : null,
'noindex' => $noindex[$i],
'site_title' => $site_title[$i] != '' ? $site_title[$i] : null,
'link' => $link[$i] != '' ? $link[$i] : null,
'block_direct_access' => $block_direct_access[$i],
'canonical' => $canonical[$i] != '' ? $canonical[$i] : null
] );
$i++;
}
else if ( is_array( $results ) and count( $results ) == 1 )
{
foreach ( $results as $row )
{
$mdb -> insert( 'pp_pages_langs',
[
$mdb -> insert( 'pp_pages_langs', [
'page_id' => (int) $id,
'lang_id' => $row['id'],
'title' => $title != '' ? $title : null,
@@ -197,11 +192,11 @@ class Pages
'link' => $link != '' ? $link : null,
'block_direct_access' => $block_direct_access,
'canonical' => $canonical != '' ? $canonical : null
] );
] );
}
}
\S::htacces();
\S::delete_cache();
return $id;
@@ -381,10 +376,10 @@ class Pages
else
$seo = $seo . $seo_link;
}
if ( $prefix )
$seo = $prefix . $seo;
return $seo;
}

27
autoload/admin/factory/class.Settings.php
View File

@@ -5,20 +5,20 @@ class Settings
public static function settings_update( $param, $value )
{
global $mdb;
$mdb -> delete( 'pp_settings', [ 'param' => $param ] );
$mdb -> insert( 'pp_settings', [ 'param' => $param, 'value' => $value ] );
return true;
if ( $mdb -> count( 'pp_settings', [ 'param' => $param ] ) )
return $mdb -> update( 'pp_settings', [ 'value' => $value ], [ 'param' => $param ] );
else
return $mdb -> insert( 'pp_settings', [ 'param' => $param, 'value' => $value ] );
}
public static function settings_save(
$firm_name, $firm_adress, $additional_info, $contact_form, $contact_email, $email_host, $email_port, $email_login, $email_password, $google_maps,
$facebook_link, $statistic_code, $htaccess, $robots, $newsletter_header, $newsletter_footer_1, $newsletter_footer_2, $google_map_key, $google_search_console, $update, $devel,
$news_limit, $visit_counter, $calendar, $tags, $ssl, $mysql_debug, $htaccess_cache, $visits, $links_structure, $link_version, $widget_phone, $update_key, $newsletter_cron )
$news_limit, $visit_counter, $calendar, $tags, $ssl, $mysql_debug, $htaccess_cache, $visits, $links_structure, $link_version, $widget_phone, $update_key )
{
global $mdb;
$mdb -> query( 'TRUNCATE pp_settings' );
$mdb -> insert( 'pp_settings', [
@@ -33,7 +33,7 @@ class Settings
'value' => $additional_info
], [
'param' => 'contact_form',
'value' => $contact_form == 'on' ? 1 : 0
'value' => $contact_form
], [
'param' => 'contact_email',
'value' => $contact_email
@@ -111,7 +111,7 @@ class Settings
'value' => $visits
], [
'param' => 'links_structure',
'value' => $links_structure
'value' => $links_structure
], [
'param' => 'link_version',
'value' => $link_version
@@ -121,9 +121,6 @@ class Settings
], [
'param' => 'update_key',
'value' => $update_key
], [
'param' => 'newsletter_cron',
'value' => $newsletter_cron
]
]
);
@@ -138,11 +135,11 @@ class Settings
public static function settings_details()
{
global $mdb;
$results = $mdb -> select( 'pp_settings', '*', [ 'ORDER' => [ 'id' => 'ASC' ] ] );
if ( is_array( $results ) ) foreach ( $results as $row )
$settings[$row['param']] = $row['value'];
return $settings;
}

166
autoload/admin/factory/class.Update.php
View File

@@ -6,12 +6,12 @@ class Update
public static function update()
{
global $mdb, $settings;
\S::delete_session( 'new-version' );
$versions = file_get_contents( 'http://www.cmspro.project-dc.pl/updates/versions.php?key=' . $settings['update_key'] );
$versions = file_get_contents( 'http://www.cmspro.project-dc.pl/updates/versions.php?key=' . $settings['update_key'] );
$versions = explode( PHP_EOL, $versions );
foreach ( $versions as $ver )
{
$ver = trim( $ver );
@@ -21,68 +21,136 @@ class Update
$dir = substr( $ver, 0, strlen( $ver ) - 2 ) . 0;
else
$dir = substr( $ver, 0, strlen( $ver ) - 1 ) . 0;
$file = file_get_contents( 'http://www.cmspro.project-dc.pl/updates/' . $dir . '/ver_' . $ver . '.zip' );
$baseUrl = 'http://www.cmspro.project-dc.pl/updates/' . $dir;
/* pobranie paczki ZIP */
$file = file_get_contents( $baseUrl . '/ver_' . $ver . '.zip' );
$dlHandler = fopen( 'update.zip' , 'w' );
if ( !fwrite( $dlHandler, $file ) )
return false;
fclose( $dlHandler );
if ( !file_exists( 'update.zip' ) )
return false;
/* pobranie manifestu JSON (nowy system) lub fallback na legacy _sql.txt / _files.txt */
$manifest = null;
$manifestJson = @file_get_contents( $baseUrl . '/ver_' . $ver . '_manifest.json' );
if ( $manifestJson )
{
if ( substr( $manifestJson, 0, 3 ) === "\xEF\xBB\xBF" )
$manifestJson = substr( $manifestJson, 3 );
$manifest = @json_decode( $manifestJson, true );
}
if ( is_array( $manifest ) )
{
/* weryfikacja checksum SHA256 */
if ( !empty( $manifest['checksum_zip'] ) )
{
$expectedHash = str_replace( 'sha256:', '', $manifest['checksum_zip'] );
$actualHash = hash_file( 'sha256', 'update.zip' );
if ( $expectedHash !== $actualHash )
{
unlink( 'update.zip' );
return false;
}
}
/* aktualizacja bazy danych z manifestu */
if ( !empty( $manifest['sql'] ) && is_array( $manifest['sql'] ) )
{
foreach ( $manifest['sql'] as $query )
{
$query = trim( $query );
if ( $query )
$mdb -> query( $query );
}
}
/* usuwanie plikow z manifestu */
if ( !empty( $manifest['files']['deleted'] ) && is_array( $manifest['files']['deleted'] ) )
{
foreach ( $manifest['files']['deleted'] as $filePath )
{
$fullPath = '../' . $filePath;
if ( file_exists( $fullPath ) )
unlink( $fullPath );
}
}
/* usuwanie katalogow z manifestu */
if ( !empty( $manifest['directories_deleted'] ) && is_array( $manifest['directories_deleted'] ) )
{
foreach ( $manifest['directories_deleted'] as $dirPath )
{
$fullPath = '../' . $dirPath;
if ( is_dir( $fullPath ) )
\S::delete_dir( $fullPath );
}
}
}
else
{
/* aktualizacja bazy danych */
$sql = file_get_contents( 'http://www.cmspro.project-dc.pl/updates/' . $dir . '/ver_' . $ver . '_sql.txt' );
$sql = explode( PHP_EOL, $sql );
if ( is_array( $sql ) and !empty( $sql ) ) foreach ( $sql as $query )
/* legacy: aktualizacja bazy danych z _sql.txt */
$sql = @file_get_contents( $baseUrl . '/ver_' . $ver . '_sql.txt' );
if ( $sql )
{
if ( $sql )
$result = $mdb -> query( $query );
}
/* usuwanie zbędnych plików */
$lines = file_get_contents( 'http://www.cmspro.project-dc.pl/updates/' . $dir . '/ver_' . $ver . '_files.txt' );
$lines = explode( PHP_EOL, $lines );
if ( is_array( $lines ) ) foreach ( $lines as $line )
{
if ( strpos( $line, 'F: ' ) !== false )
$sql = explode( PHP_EOL, $sql );
if ( is_array( $sql ) ) foreach ( $sql as $query )
{
$file = substr( $line, 3, strlen( $line ) );
if ( file_exists( $file ) )
unlink( $file );
}
if ( strpos( $line, 'D: ' ) !== false )
{
$dir = substr( $line, 3, strlen( $line ) );
if ( is_dir( $dir ) )
\S::delete_dir( $dir );
$query = trim( $query );
if ( $query )
$mdb -> query( $query );
}
}
/* wgrywanie nowych plików */
$file_name = 'update.zip';
$path = pathinfo( realpath( $file_name ), PATHINFO_DIRNAME );
$path = substr( $path, 0, strlen( $path ) - 5 );
$zip = new \ZipArchive;
$res = $zip -> open( $file_name );
if ( $res === TRUE )
/* legacy: usuwanie zbednych plikow z _files.txt */
$lines = @file_get_contents( $baseUrl . '/ver_' . $ver . '_files.txt' );
if ( $lines )
{
$zip -> extractTo( $path );
$zip -> close();
unlink( $file_name );
}
$lines = explode( PHP_EOL, $lines );
if ( is_array( $lines ) ) foreach ( $lines as $line )
{
if ( strpos( $line, 'F: ' ) !== false )
{
$delFile = substr( $line, 3, strlen( $line ) );
if ( file_exists( $delFile ) )
unlink( $delFile );
}
$updateThis = fopen( '../libraries/version.ini', 'w' );
fwrite( $updateThis, $ver );
fclose( $updateThis );
return true;
if ( strpos( $line, 'D: ' ) !== false )
{
$delDir = substr( $line, 3, strlen( $line ) );
if ( is_dir( $delDir ) )
\S::delete_dir( $delDir );
}
}
}
}
/* wgrywanie nowych plikow */
$file_name = 'update.zip';
$path = pathinfo( realpath( $file_name ), PATHINFO_DIRNAME );
$path = substr( $path, 0, strlen( $path ) - 5 );
$zip = new \ZipArchive;
$res = $zip -> open( $file_name );
if ( $res === TRUE )
{
$zip -> extractTo( $path );
$zip -> close();
unlink( $file_name );
}
$updateThis = fopen( '../libraries/version.ini', 'w' );
fwrite( $updateThis, $ver );
fclose( $updateThis );
return true;
}
}
}
}
}

339
autoload/admin/factory/class.Users.php
View File

@@ -1,185 +1,306 @@
<?php
namespace admin\factory;
class Users
class Users
{
public static function user_delete( $user_id )
public static function user_delete($user_id)
{
global $mdb;
return $mdb -> delete( 'pp_users', [ 'id' => (int)$user_id ] );
return $mdb->delete('pp_users', ['id' => (int)$user_id]);
}
public static function user_details( $user_id )
public static function user_details($user_id)
{
global $mdb;
return $mdb -> get( 'pp_users', '*', [ 'id' => (int)$user_id ] );
return $mdb->get('pp_users', '*', ['id' => (int)$user_id]);
}
public static function user_privileges( $user_id )
public static function user_privileges($user_id)
{
global $mdb;
return $mdb -> select( 'pp_users_privileges', '*', ['id_user' => (int)$user_id]);
return $mdb->select('pp_users_privileges', '*', ['id_user' => (int)$user_id]);
}
public static function user_save( $user_id, $login, $status, $active_to, $password, $password_re, $admin, $privileges )
public static function user_save($user_id, $login, $status, $active_to, $password, $password_re, $admin, $privileges, $twofa_enabled = 0, $twofa_email = '' )
{
global $mdb, $lang;
$mdb -> delete( 'pp_users_privileges', [ 'id_user' => (int) $user_id ] );
$mdb->delete('pp_users_privileges', ['id_user' => (int) $user_id]);
if ( !$user_id )
if (!$user_id)
{
if ( strlen( $password ) < 5 )
return $response = [ 'status' => 'error', 'msg' => 'Podane hasło jest zbyt krótkie.' ];
if (strlen($password) < 5)
return $response = ['status' => 'error', 'msg' => 'Podane hasło jest zbyt krótkie.'];
if ( $password != $password_re )
return $response = [ 'status' => 'error', 'msg' => 'Podane hasła są różne' ];
if ($password != $password_re)
return $response = ['status' => 'error', 'msg' => 'Podane hasła są różne'];
if ( $mdb -> insert( 'pp_users',
[
'login' => $login,
'status' => $status == 'on' ? 1 : 0,
'active_to' => $active_to == '' ? NULL : $active_to,
'admin' => $admin,
'password' => md5( $password ),
] ) )
$id_user = $mdb -> get( 'pp_users', 'id', [ 'ORDER' => [ 'id' => 'DESC' ] ] );
if ($mdb->insert(
'pp_users',
[
'login' => $login,
'status' => $status == 'on' ? 1 : 0,
'active_to' => $active_to == '' ? NULL : $active_to,
'admin' => $admin,
'password' => md5($password),
'twofa_enabled' => $twofa_enabled == 'on' ? 1 : 0,
'twofa_email' => $twofa_email
]
))
$id_user = $mdb->get('pp_users', 'id', ['ORDER' => ['id' => 'DESC']]);
if ( is_array( $privileges ) )
if (is_array($privileges))
{
foreach ( $privileges as $pri )
foreach ($privileges as $pri)
{
$mdb -> insert( 'pp_users_privileges',
[
'name' => $pri,
'id_user' => $id_user
] );
$mdb->insert(
'pp_users_privileges',
[
'name' => $pri,
'id_user' => $id_user
]
);
}
}
else
{
$mdb -> insert( 'pp_users_privileges',
[
'name' => $privileges,
'id_user' => $id_user
] );
$mdb->insert(
'pp_users_privileges',
[
'name' => $privileges,
'id_user' => $id_user
]
);
}
return $response = [ 'status' => 'ok', 'msg' => 'Użytkownik został zapisany.' ];
return $response = ['status' => 'ok', 'msg' => 'Użytkownik został zapisany.'];
}
else
{
if ( $password and strlen( $password ) < 5 )
return $response = [ 'status' => 'error', 'msg' => 'Podane hasło jest zbyt krótkie.' ];
if ($password and strlen($password) < 5)
return $response = ['status' => 'error', 'msg' => 'Podane hasło jest zbyt krótkie.'];
if ( $password and $password != $password_re )
return $response = [ 'status' => 'error', 'msg' => 'Podane hasła są różne' ];
if ($password and $password != $password_re)
return $response = ['status' => 'error', 'msg' => 'Podane hasła są różne'];
if ( $password )
$mdb -> update( 'pp_users', [
'password' => md5( $password )
], [
'id' => (int) $user_id
] );
if ($password)
$mdb->update('pp_users', [
'password' => md5($password)
], [
'id' => (int) $user_id
]);
$mdb -> update( 'pp_users', [
'login' => $login,
'admin' => $admin,
'status' => $status == 'on' ? 1 : 0,
'active_to' => $active_to == '' ? NULL : $active_to,
'error_logged_count' => 0
], [
'id' => (int) $user_id
] );
$mdb->update('pp_users', [
'login' => $login,
'admin' => $admin,
'status' => $status == 'on' ? 1 : 0,
'active_to' => $active_to == '' ? NULL : $active_to,
'error_logged_count' => 0,
'twofa_enabled' => $twofa_enabled == 'on' ? 1 : 0,
'twofa_email' => $twofa_email
], [
'id' => (int) $user_id
]);
if ( is_array( $privileges ) )
if (is_array($privileges))
{
foreach ( $privileges as $pri )
foreach ($privileges as $pri)
{
$mdb -> insert( 'pp_users_privileges', [
'name' => $pri,
'id_user' => $user_id
] );
$mdb->insert('pp_users_privileges', [
'name' => $pri,
'id_user' => $user_id
]);
}
}
else
{
$mdb -> insert( 'pp_users_privileges', [
'name' => $privileges,
'id_user' => $user_id
] );
$mdb->insert('pp_users_privileges', [
'name' => $privileges,
'id_user' => $user_id
]);
}
return $response = [ 'status' => 'ok', 'msg' => 'Uzytkownik został zapisany.' ];
return $response = ['status' => 'ok', 'msg' => 'Uzytkownik został zapisany.'];
}
\S::delete_cache();
}
public static function check_login( $login, $user_id )
public static function check_login($login, $user_id)
{
global $mdb;
if ( $mdb -> get( 'pp_users', 'login', [ 'AND' => [ 'login' => $login, 'id[!]' => (int)$user_id ] ] ) )
return $response = [ 'status' => 'error', 'msg' => 'Podany login jest już zajęty.' ];
return $response = [ 'status' => 'ok' ];
if ($mdb->get('pp_users', 'login', ['AND' => ['login' => $login, 'id[!]' => (int)$user_id]]))
return $response = ['status' => 'error', 'msg' => 'Podany login jest już zajęty.'];
return $response = ['status' => 'ok'];
}
public static function logon( $login, $password )
public static function logon($login, $password)
{
global $mdb;
if ( !$mdb -> get( 'pp_users', '*', [ 'login' => $login ] ) )
if (!$mdb->get('pp_users', '*', ['login' => $login]))
return 0;
if ( !$mdb -> get( 'pp_users', '*', [ 'AND' => [ 'login' => $login, 'status' => 1, 'error_logged_count[<]' => 5 ] ] ) )
return -1;
if ( $mdb -> get( 'pp_users', '*', [
'AND' => [
'login' => $login, 'status' => 1, 'password' => md5( $password ),
'OR' => [ 'active_to[>=]' => date('Y-m-d'), 'active_to' => null ]
]
] ) )
if (!$mdb->get('pp_users', '*', ['AND' => ['login' => $login, 'status' => 1, 'error_logged_count[<]' => 5]]))
return -1;
if ($mdb->get('pp_users', '*', [
'AND' => [
'login' => $login,
'status' => 1,
'password' => md5($password),
'OR' => ['active_to[>=]' => date('Y-m-d'), 'active_to' => null]
]
]))
{
$mdb -> update( 'pp_users', [ 'last_logged' => date( 'Y-m-d H:i:s' ), 'error_logged_count' => 0 ], [ 'login' => $login ] );
$mdb->update('pp_users', ['last_logged' => date('Y-m-d H:i:s'), 'error_logged_count' => 0], ['login' => $login]);
return 1;
}
else
{
$mdb -> update( 'pp_users', [ 'last_error_logged' => date( 'Y-m-d H:i:s' ), 'error_logged_count[+]' => 1 ], [ 'login' => $login ] );
if ( $mdb -> get( 'pp_users', 'error_logged_count', [ 'login' => $login ] ) >= 5 )
$mdb->update('pp_users', ['last_error_logged' => date('Y-m-d H:i:s'), 'error_logged_count[+]' => 1], ['login' => $login]);
if ($mdb->get('pp_users', 'error_logged_count', ['login' => $login]) >= 5)
{
$mdb -> update( 'pp_users', [ 'status' => 0 ], [ 'login' => $login ] );
$mdb->update('pp_users', ['status' => 0], ['login' => $login]);
return -1;
}
}
return 0;
}
public static function details( $login )
public static function details($login)
{
global $mdb;
return $mdb -> get( 'pp_users', '*', [ 'login' => $login ] );
return $mdb->get('pp_users', '*', ['login' => $login]);
}
public static function check_privileges( $name, $user_id )
public static function check_privileges($name, $user_id)
{
global $mdb;
if ( $user_id == 1 )
if ($user_id == 1)
return true;
else
{
if ( !$privilages = \Cache::fetch( "check_privileges:$user_id:$name-tmp" ) )
{
$privilages = $mdb -> count( 'pp_users_privileges', [ 'AND' => ['name' => $name, 'id_user' => (int)$user_id ]]);
\Cache::store( "check_privileges:$user_id:$name", $privilages );
}
return $privilages;
}
if (!$privilages = \Cache::fetch("check_privileges:$user_id:$name-tmp"))
{
$privilages = $mdb->count('pp_users_privileges', ['AND' => ['name' => $name, 'id_user' => (int)$user_id]]);
\Cache::store("check_privileges:$user_id:$name", $privilages);
}
return $privilages;
}
}
static public function get_by_id(int $userId): ?array
{
global $mdb;
return $mdb->get('pp_users', '*', ['id' => $userId]) ?: null;
}
static public function send_twofa_code(int $userId, bool $resend = false): bool
{
$user = self::get_by_id($userId);
if (!$user)
return false;
if ((int)$user['twofa_enabled'] !== 1)
{
return false;
}
$to = $user['twofa_email'] ?: $user['login'];
if (!filter_var($to, FILTER_VALIDATE_EMAIL))
{
return false;
}
if ($resend && !empty($user['twofa_sent_at']))
{
$last = strtotime($user['twofa_sent_at']);
if ($last && (time() - $last) < 30)
{
return false;
}
}
$code = random_int(100000, 999999);
$hash = password_hash((string)$code, PASSWORD_DEFAULT);
self::update_by_id($userId, [
'twofa_code_hash' => $hash,
'twofa_expires_at' => date('Y-m-d H:i:s', time() + 10 * 60), // 10 minut
'twofa_sent_at' => date('Y-m-d H:i:s'),
'twofa_failed_attempts' => 0,
]);
$subject = 'Twój kod logowania 2FA';
$body = "Twój kod logowania do panelu administratora: {$code}. Kod jest ważny przez 10 minut. Jeśli to nie Ty inicjowałeś logowanie zignoruj tę wiadomość i poinformuj administratora.";
$sent = \S::send_email($to, $subject, $body);
if (!$sent) {
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/plain; charset=UTF-8\r\n";
$headers .= "From: no-reply@" . ($_SERVER['HTTP_HOST'] ?? 'localhost') . "\r\n";
$encodedSubject = mb_encode_mimeheader($subject, 'UTF-8');
$sent = mail($to, $encodedSubject, $body, $headers);
}
return $sent;
}
static public function update_by_id(int $userId, array $data): bool
{
global $mdb;
return (bool)$mdb->update('pp_users', $data, ['id' => $userId]);
}
static public function verify_twofa_code(int $userId, string $code): bool
{
$user = self::get_by_id( $userId );
if (!$user) return false;
if ((int)$user['twofa_failed_attempts'] >= 5)
{
return false; // zbyt wiele prób
}
// sprawdź ważność
if (empty($user['twofa_expires_at']) || time() > strtotime($user['twofa_expires_at']))
{
// wyczyść po wygaśnięciu
self::update_by_id($userId, [
'twofa_code_hash' => null,
'twofa_expires_at' => null,
]);
return false;
}
$ok = (!empty($user['twofa_code_hash']) && password_verify($code, $user['twofa_code_hash']));
if ($ok)
{
// sukces: czyścimy wszystko
self::update_by_id($userId, [
'twofa_code_hash' => null,
'twofa_expires_at' => null,
'twofa_sent_at' => null,
'twofa_failed_attempts' => 0,
'last_logged' => date('Y-m-d H:i:s'),
]);
return true;
}
// zła próba — inkrementacja
self::update_by_id($userId, [
'twofa_failed_attempts' => (int)$user['twofa_failed_attempts'] + 1,
'last_error_logged' => date('Y-m-d H:i:s'),
]);
return false;
}
}
?>