beenull/XBackBone
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Upgrade to slim 4

Browse source
This commit is contained in:
Sergio Brighenti 2019-11-13 00:13:23 +01:00
parent f898f4fbd4
commit d8df60040a
26 changed files with 2607 additions and 1955 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

136
app/Controllers/AdminController.php
View file

@ -4,90 +4,92 @@ namespace App\Controllers;
use League\Flysystem\FileNotFoundException; use League\Flysystem\FileNotFoundException;
use Slim\Http\Request; use Psr\Http\Message\ResponseInterface as Response;
use Slim\Http\Response; use Psr\Http\Message\ServerRequestInterface as Request;
class AdminController extends Controller class AdminController extends Controller
{ {
/** /**
* @param Request $request * @param Response $response
* @param Response $response * @return Response
* @return Response * @throws FileNotFoundException
* @throws FileNotFoundException * @throws \Twig\Error\LoaderError
*/ * @throws \Twig\Error\RuntimeError
public function system(Request $request, Response $response): Response * @throws \Twig\Error\SyntaxError
{ */
$usersCount = $this->database->query('SELECT COUNT(*) AS `count` FROM `users`')->fetch()->count; public function system(Response $response): Response
$mediasCount = $this->database->query('SELECT COUNT(*) AS `count` FROM `uploads`')->fetch()->count; {
$orphanFilesCount = $this->database->query('SELECT COUNT(*) AS `count` FROM `uploads` WHERE `user_id` IS NULL')->fetch()->count; $usersCount = $this->database->query('SELECT COUNT(*) AS `count` FROM `users`')->fetch()->count;
$mediasCount = $this->database->query('SELECT COUNT(*) AS `count` FROM `uploads`')->fetch()->count;
$orphanFilesCount = $this->database->query('SELECT COUNT(*) AS `count` FROM `uploads` WHERE `user_id` IS NULL')->fetch()->count;
$medias = $this->database->query('SELECT `uploads`.`storage_path` FROM `uploads`')->fetchAll(); $medias = $this->database->query('SELECT `uploads`.`storage_path` FROM `uploads`')->fetchAll();
$totalSize = 0; $totalSize = 0;
$filesystem = $this->storage; $filesystem = $this->storage;
foreach ($medias as $media) { foreach ($medias as $media) {
$totalSize += $filesystem->getSize($media->storage_path); $totalSize += $filesystem->getSize($media->storage_path);
} }
return $this->view->render($response, 'dashboard/system.twig', [ return view()->render($response, 'dashboard/system.twig', [
'usersCount' => $usersCount, 'usersCount' => $usersCount,
'mediasCount' => $mediasCount, 'mediasCount' => $mediasCount,
'orphanFilesCount' => $orphanFilesCount, 'orphanFilesCount' => $orphanFilesCount,
'totalSize' => humanFileSize($totalSize), 'totalSize' => humanFileSize($totalSize),
'post_max_size' => ini_get('post_max_size'), 'post_max_size' => ini_get('post_max_size'),
'upload_max_filesize' => ini_get('upload_max_filesize'), 'upload_max_filesize' => ini_get('upload_max_filesize'),
'installed_lang' => $this->lang->getList(), 'installed_lang' => $this->lang->getList(),
]); ]);
} }
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param Response $response
* @return Response * @return Response
*/ */
public function deleteOrphanFiles(Request $request, Response $response): Response public function deleteOrphanFiles(Response $response): Response
{ {
$orphans = $this->database->query('SELECT * FROM `uploads` WHERE `user_id` IS NULL')->fetchAll(); $orphans = $this->database->query('SELECT * FROM `uploads` WHERE `user_id` IS NULL')->fetchAll();
$filesystem = $this->storage; $filesystem = $this->storage;
$deleted = 0; $deleted = 0;
foreach ($orphans as $orphan) { foreach ($orphans as $orphan) {
try { try {
$filesystem->delete($orphan->storage_path); $filesystem->delete($orphan->storage_path);
$deleted++; $deleted++;
} catch (FileNotFoundException $e) { } catch (FileNotFoundException $e) {
} }
} }
$this->database->query('DELETE FROM `uploads` WHERE `user_id` IS NULL'); $this->database->query('DELETE FROM `uploads` WHERE `user_id` IS NULL');
$this->session->alert(lang('deleted_orphans', [$deleted])); $this->session->alert(lang('deleted_orphans', [$deleted]));
return redirect($response, 'system'); return redirect($response, route('system'));
} }
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param Response $response
* @return Response * @return Response
*/ */
public function applyLang(Request $request, Response $response): Response public function applyLang(Request $request, Response $response): Response
{ {
$config = require BASE_DIR . 'config.php'; $config = require BASE_DIR.'config.php';
if ($request->getParam('lang') !== 'auto') { if (param($request,'lang') !== 'auto') {
$config['lang'] = $request->getParam('lang'); $config['lang'] = param($request,'lang');
} else { } else {
unset($config['lang']); unset($config['lang']);
} }
file_put_contents(BASE_DIR . 'config.php', '<?php' . PHP_EOL . 'return ' . var_export($config, true) . ';'); file_put_contents(BASE_DIR.'config.php', '<?php'.PHP_EOL.'return '.var_export($config, true).';');
$this->session->alert(lang('lang_set', [$request->getParam('lang')])); $this->session->alert(lang('lang_set', [param($request, 'lang')]));
return redirect($response, 'system'); return redirect($response, route('system'));
} }
} }

82
app/Controllers/Controller.php
View file

@ -5,63 +5,67 @@ namespace App\Controllers;
use App\Database\DB; use App\Database\DB;
use App\Web\Lang; use App\Web\Lang;
use App\Web\Session; use App\Web\Session;
use DI\Container;
use DI\DependencyException;
use DI\NotFoundException;
use League\Flysystem\FileNotFoundException; use League\Flysystem\FileNotFoundException;
use League\Flysystem\Filesystem; use League\Flysystem\Filesystem;
use Monolog\Logger; use Monolog\Logger;
use Slim\Container; use Twig\Environment;
/** /**
* @property Session|null session * @property Session|null session
* @property mixed|null view * @property Environment view
* @property DB|null database * @property DB|null database
* @property Logger|null logger * @property Logger|null logger
* @property Filesystem|null storage * @property Filesystem|null storage
* @property Lang lang * @property Lang lang
* @property array settings * @property array config
*/ */
abstract class Controller abstract class Controller
{ {
/** @var Container */ /** @var Container */
protected $container; protected $container;
public function __construct(Container $container) public function __construct(Container $container)
{ {
$this->container = $container; $this->container = $container;
} }
/** /**
* @param $name * @param $name
* @return mixed|null * @return mixed|null
* @throws \Interop\Container\Exception\ContainerException * @throws DependencyException
*/ * @throws NotFoundException
public function __get($name) */
{ public function __get($name)
if ($this->container->has($name)) { {
return $this->container->get($name); if ($this->container->has($name)) {
} return $this->container->get($name);
return null; }
} return null;
}
/** /**
* @param $id * @param $id
* @return int * @return int
*/ */
protected function getUsedSpaceByUser($id): int protected function getUsedSpaceByUser($id): int
{ {
$medias = $this->database->query('SELECT `uploads`.`storage_path` FROM `uploads` WHERE `user_id` = ?', $id); $medias = $this->database->query('SELECT `uploads`.`storage_path` FROM `uploads` WHERE `user_id` = ?', $id);
$totalSize = 0; $totalSize = 0;
$filesystem = $this->storage; $filesystem = $this->storage;
foreach ($medias as $media) { foreach ($medias as $media) {
try { try {
$totalSize += $filesystem->getSize($media->storage_path); $totalSize += $filesystem->getSize($media->storage_path);
} catch (FileNotFoundException $e) { } catch (FileNotFoundException $e) {
$this->logger->error('Error calculating file size', ['exception' => $e]); $this->logger->error('Error calculating file size', ['exception' => $e]);
} }
} }
return $totalSize; return $totalSize;
} }
} }

127
app/Controllers/DashboardController.php
View file

@ -3,78 +3,79 @@
namespace App\Controllers; namespace App\Controllers;
use App\Database\Queries\MediaQuery; use App\Database\Queries\MediaQuery;
use Slim\Http\Request; use Psr\Http\Message\ResponseInterface as Response;
use Slim\Http\Response; use Psr\Http\Message\ServerRequestInterface as Request;
class DashboardController extends Controller class DashboardController extends Controller
{ {
/** /**
* @param Request $request * @Inject
* @param Response $response * @param Request $request
* @return Response * @param Response $response
*/ * @return Response
public function redirects(Request $request, Response $response): Response */
{ public function redirects(Request $request, Response $response): Response
if ($request->getParam('afterInstall') !== null && !is_dir(BASE_DIR . 'install')) { {
$this->session->alert(lang('installed'), 'success'); if (param($request, 'afterInstall') !== null && !is_dir(BASE_DIR.'install')) {
} $this->session->alert(lang('installed'), 'success');
}
return redirect($response, 'home'); return redirect($response, route('home'));
} }
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param Response $response
* @param $args * @param int|null $page
* @return Response * @return Response
*/ * @throws \Twig\Error\LoaderError
public function home(Request $request, Response $response, $args): Response * @throws \Twig\Error\RuntimeError
{ * @throws \Twig\Error\SyntaxError
$page = isset($args['page']) ? (int)$args['page'] : 0; */
$page = max(0, --$page); public function home(Request $request, Response $response, int $page = 0): Response
{
$page = max(0, --$page);
$query = new MediaQuery($this->database, $this->session->get('admin', false), $this->storage); $query = new MediaQuery($this->database, $this->session->get('admin', false), $this->storage);
switch ($request->getParam('sort', 'time')) { switch (param($request, 'sort', 'time')) {
case 'size': case 'size':
$order = MediaQuery::ORDER_SIZE; $order = MediaQuery::ORDER_SIZE;
break; break;
case 'name': case 'name':
$order = MediaQuery::ORDER_NAME; $order = MediaQuery::ORDER_NAME;
break; break;
default: default:
case 'time': case 'time':
$order = MediaQuery::ORDER_TIME; $order = MediaQuery::ORDER_TIME;
break; break;
} }
$query->orderBy($order, $request->getParam('order', 'DESC')) $query->orderBy($order, param($request, 'order', 'DESC'))
->withUserId($this->session->get('user_id')) ->withUserId($this->session->get('user_id'))
->search($request->getParam('search', null)) ->search(param($request, 'search', null))
->run($page); ->run($page);
return $this->view->render( return view()->render(
$response, $response,
($this->session->get('admin', false) && $this->session->get('gallery_view', true)) ? 'dashboard/admin.twig' : 'dashboard/home.twig', ($this->session->get('admin', false) && $this->session->get('gallery_view', true)) ? 'dashboard/admin.twig' : 'dashboard/home.twig',
[ [
'medias' => $query->getMedia(), 'medias' => $query->getMedia(),
'next' => $page < floor($query->getPages()), 'next' => $page < floor($query->getPages()),
'previous' => $page >= 1, 'previous' => $page >= 1,
'current_page' => ++$page, 'current_page' => ++$page,
] ]
); );
} }
/** /**
* @param Request $request * @param Response $response
* @param Response $response * @return Response
* @param $args */
* @return Response public function switchView(Response $response): Response
*/ {
public function switchView(Request $request, Response $response, $args): Response $this->session->set('gallery_view', !$this->session->get('gallery_view', true));
{ return redirect($response, route('home'));
$this->session->set('gallery_view', !$this->session->get('gallery_view', true)); }
return redirect($response, 'home');
}
} }

119
app/Controllers/LoginController.php
View file

@ -3,77 +3,78 @@
namespace App\Controllers; namespace App\Controllers;
use Slim\Http\Request; use Psr\Http\Message\ResponseInterface as Response;
use Slim\Http\Response; use Psr\Http\Message\ServerRequestInterface as Request;
class LoginController extends Controller class LoginController extends Controller
{ {
/** /**
* @param Request $request * @param Response $response
* @param Response $response * @return Response
* @return Response * @throws \Twig\Error\LoaderError
*/ * @throws \Twig\Error\RuntimeError
public function show(Request $request, Response $response): Response * @throws \Twig\Error\SyntaxError
{ */
if ($this->session->get('logged', false)) { public function show(Response $response): Response
return redirect($response, 'home'); {
} if ($this->session->get('logged', false)) {
return $this->view->render($response, 'auth/login.twig'); return redirect($response, route('home'));
} }
return view()->render($response, 'auth/login.twig');
}
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param Response $response
* @return Response * @return Response
*/ */
public function login(Request $request, Response $response): Response public function login(Request $request, Response $response): Response
{ {
$username = param($request, 'username');
$result = $this->database->query('SELECT `id`, `email`, `username`, `password`,`is_admin`, `active` FROM `users` WHERE `username` = ? OR `email` = ? LIMIT 1', [$username, $username])->fetch();
$result = $this->database->query('SELECT `id`, `email`, `username`, `password`,`is_admin`, `active` FROM `users` WHERE `username` = ? OR `email` = ? LIMIT 1', [$request->getParam('username'), $request->getParam('username')])->fetch(); if (!$result || !password_verify(param($request, 'password'), $result->password)) {
$this->session->alert(lang('bad_login'), 'danger');
return redirect($response, route('login'));
}
if (!$result || !password_verify($request->getParam('password'), $result->password)) { if (isset($this->config['maintenance']) && $this->config['maintenance'] && !$result->is_admin) {
$this->session->alert(lang('bad_login'), 'danger'); $this->session->alert(lang('maintenance_in_progress'), 'info');
return redirect($response, 'login'); return redirect($response, route('login'));
} }
if (isset($this->settings['maintenance']) && $this->settings['maintenance'] && !$result->is_admin) { if (!$result->active) {
$this->session->alert(lang('maintenance_in_progress'), 'info'); $this->session->alert(lang('account_disabled'), 'danger');
return redirect($response, 'login'); return redirect($response, route('login'));
} }
if (!$result->active) { $this->session->set('logged', true);
$this->session->alert(lang('account_disabled'), 'danger'); $this->session->set('user_id', $result->id);
return redirect($response, 'login'); $this->session->set('username', $result->username);
} $this->session->set('admin', $result->is_admin);
$this->session->set('used_space', humanFileSize($this->getUsedSpaceByUser($result->id)));
$this->session->set('logged', true); $this->session->alert(lang('welcome', [$result->username]), 'info');
$this->session->set('user_id', $result->id); $this->logger->info("User $result->username logged in.");
$this->session->set('username', $result->username);
$this->session->set('admin', $result->is_admin);
$this->session->set('used_space', humanFileSize($this->getUsedSpaceByUser($result->id)));
$this->session->alert(lang('welcome', [$result->username]), 'info'); if ($this->session->has('redirectTo')) {
$this->logger->info("User $result->username logged in."); return redirect($response, $this->session->get('redirectTo'));
}
if ($this->session->has('redirectTo')) { return redirect($response, route('home'));
return $response->withRedirect($this->session->get('redirectTo')); }
}
return redirect($response, 'home'); /**
} * @param Response $response
* @return Response
/** */
* @param Request $request public function logout(Response $response): Response
* @param Response $response {
* @return Response $this->session->clear();
*/ $this->session->set('logged', false);
public function logout(Request $request, Response $response): Response $this->session->alert(lang('goodbye'), 'warning');
{ return redirect($response, route('login.show'));
$this->session->clear(); }
$this->session->set('logged', false);
$this->session->alert(lang('goodbye'), 'warning');
return redirect($response, 'login.show');
}
} }

58
app/Controllers/ThemeController.php
View file

@ -2,40 +2,42 @@
namespace App\Controllers; namespace App\Controllers;
use Slim\Http\Request; use Psr\Http\Message\ResponseInterface as Response;
use Slim\Http\Response; use Psr\Http\Message\ServerRequestInterface as Request;
class ThemeController extends Controller class ThemeController extends Controller
{ {
/** /**
* @param Request $request * @param Response $response
* @param Response $response * @return Response
* @return Response */
*/ public function getThemes(Response $response): Response
public function getThemes(Request $request, Response $response): Response {
{ $apiJson = json_decode(file_get_contents('https://bootswatch.com/api/4.json'));
$apiJson = json_decode(file_get_contents('https://bootswatch.com/api/4.json'));
$out = []; $out = [];
$out['Default - Bootstrap 4 default theme'] = 'https://bootswatch.com/_vendor/bootstrap/dist/css/bootstrap.min.css'; $out['Default - Bootstrap 4 default theme'] = 'https://bootswatch.com/_vendor/bootstrap/dist/css/bootstrap.min.css';
foreach ($apiJson->themes as $theme) { foreach ($apiJson->themes as $theme) {
$out["{$theme->name} - {$theme->description}"] = $theme->cssMin; $out["{$theme->name} - {$theme->description}"] = $theme->cssMin;
} }
return $response->withJson($out); return json($response, $out);
} }
/**
* @param Request $request
* @param Response $response
* @return Response
*/
public function applyTheme(Request $request, Response $response): Response
{
if (!is_writable(BASE_DIR.'static/bootstrap/css/bootstrap.min.css')) {
$this->session->alert(lang('cannot_write_file'), 'danger');
return redirect($response, route('system'));
}
public function applyTheme(Request $request, Response $response): Response file_put_contents(BASE_DIR.'static/bootstrap/css/bootstrap.min.css', file_get_contents(param($request, 'css')));
{ return redirect($response, route('system'));
if (!is_writable(BASE_DIR . 'static/bootstrap/css/bootstrap.min.css')) { }
$this->session->alert(lang('cannot_write_file'), 'danger');
return redirect($response, 'system');
}
file_put_contents(BASE_DIR . 'static/bootstrap/css/bootstrap.min.css', file_get_contents($request->getParam('css')));
return redirect($response, 'system');
}
} }

31
app/Controllers/UpgradeController.php
View file

@ -3,8 +3,9 @@
namespace App\Controllers; namespace App\Controllers;
use Slim\Http\Request; use Psr\Http\Message\ResponseInterface as Response;
use Slim\Http\Response; use Psr\Http\Message\ServerRequestInterface as Request;
use RuntimeException;
use ZipArchive; use ZipArchive;
class UpgradeController extends Controller class UpgradeController extends Controller
@ -12,39 +13,38 @@ class UpgradeController extends Controller
const GITHUB_SOURCE_API = 'https://api.github.com/repos/SergiX44/XBackBone/releases'; const GITHUB_SOURCE_API = 'https://api.github.com/repos/SergiX44/XBackBone/releases';
/** /**
* @param Request $request
* @param Response $response * @param Response $response
* @return Response * @return Response
*/ */
public function upgrade(Request $request, Response $response): Response public function upgrade(Response $response): Response
{ {
if (!is_writable(BASE_DIR)) { if (!is_writable(BASE_DIR)) {
$this->session->alert(lang('path_not_writable', BASE_DIR), 'warning'); $this->session->alert(lang('path_not_writable', BASE_DIR), 'warning');
return redirect($response, 'system'); return redirect($response, route('system'));
} }
try { try {
$json = $this->getApiJson(); $json = $this->getApiJson();
} catch (\RuntimeException $e) { } catch (RuntimeException $e) {
$this->session->alert($e->getMessage(), 'danger'); $this->session->alert($e->getMessage(), 'danger');
return redirect($response, 'system'); return redirect($response, route('system'));
} }
if (version_compare($json[0]->tag_name, PLATFORM_VERSION, '<=')) { if (version_compare($json[0]->tag_name, PLATFORM_VERSION, '<=')) {
$this->session->alert(lang('already_latest_version'), 'warning'); $this->session->alert(lang('already_latest_version'), 'warning');
return redirect($response, 'system'); return redirect($response, route('system'));
} }
$tmpFile = sys_get_temp_dir().DIRECTORY_SEPARATOR.'xbackbone_update.zip'; $tmpFile = sys_get_temp_dir().DIRECTORY_SEPARATOR.'xbackbone_update.zip';
if (file_put_contents($tmpFile, file_get_contents($json[0]->assets[0]->browser_download_url)) === false) { if (file_put_contents($tmpFile, file_get_contents($json[0]->assets[0]->browser_download_url)) === false) {
$this->session->alert(lang('cannot_retrieve_file'), 'danger'); $this->session->alert(lang('cannot_retrieve_file'), 'danger');
return redirect($response, 'system'); return redirect($response, route('system'));
}; };
if (filesize($tmpFile) !== $json[0]->assets[0]->size) { if (filesize($tmpFile) !== $json[0]->assets[0]->size) {
$this->session->alert(lang('file_size_no_match'), 'danger'); $this->session->alert(lang('file_size_no_match'), 'danger');
return redirect($response, 'system'); return redirect($response, route('system'));
} }
$config = require BASE_DIR.'config.php'; $config = require BASE_DIR.'config.php';
@ -85,7 +85,7 @@ class UpgradeController extends Controller
$updateZip->close(); $updateZip->close();
unlink($tmpFile); unlink($tmpFile);
return redirect($response, '/install'); return redirect($response, urlFor('/install'));
} }
/** /**
@ -101,7 +101,7 @@ class UpgradeController extends Controller
'upgrade' => false, 'upgrade' => false,
]; ];
$acceptPrerelease = $request->getParam('prerelease', 'false') === 'true'; $acceptPrerelease = param($request, 'prerelease', 'false') === 'true';
try { try {
$json = $this->getApiJson(); $json = $this->getApiJson();
@ -120,11 +120,12 @@ class UpgradeController extends Controller
break; break;
} }
} }
} catch (\RuntimeException $e) { } catch (RuntimeException $e) {
$jsonResponse['status'] = 'ERROR'; $jsonResponse['status'] = 'ERROR';
$jsonResponse['message'] = $e->getMessage(); $jsonResponse['message'] = $e->getMessage();
} }
return $response->withJson($jsonResponse);
return json($response, $jsonResponse);
} }
protected function getApiJson() protected function getApiJson()
@ -142,7 +143,7 @@ class UpgradeController extends Controller
$data = @file_get_contents(self::GITHUB_SOURCE_API, false, stream_context_create($opts)); $data = @file_get_contents(self::GITHUB_SOURCE_API, false, stream_context_create($opts));
if ($data === false) { if ($data === false) {
throw new \RuntimeException('Cannot contact the Github API. Try again.'); throw new RuntimeException('Cannot contact the Github API. Try again.');
} }
return json_decode($data); return json_decode($data);

806
app/Controllers/UploadController.php
View file

@ -2,411 +2,419 @@
namespace App\Controllers; namespace App\Controllers;
use App\Exceptions\UnauthorizedException; use GuzzleHttp\Psr7\Stream;
use Intervention\Image\ImageManagerStatic as Image; use Intervention\Image\ImageManagerStatic as Image;
use League\Flysystem\FileExistsException; use League\Flysystem\FileExistsException;
use League\Flysystem\FileNotFoundException; use League\Flysystem\FileNotFoundException;
use League\Flysystem\Filesystem; use League\Flysystem\Filesystem;
use Slim\Exception\NotFoundException; use Psr\Http\Message\ResponseInterface as Response;
use Slim\Http\Request; use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\Http\Response; use Slim\Exception\HttpNotFoundException;
use Slim\Http\Stream; use Slim\Exception\HttpUnauthorizedException;
class UploadController extends Controller class UploadController extends Controller
{ {
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param Response $response
* @return Response * @return Response
* @throws FileExistsException * @throws FileExistsException
*/ */
public function upload(Request $request, Response $response): Response public function upload(Request $request, Response $response): Response
{ {
$json = [ $json = [
'message' => null, 'message' => null,
'version' => PLATFORM_VERSION, 'version' => PLATFORM_VERSION,
]; ];
if ($this->settings['maintenance']) { if ($this->config['maintenance']) {
$json['message'] = 'Endpoint under maintenance.'; $json['message'] = 'Endpoint under maintenance.';
return $response->withJson($json, 503); return json($response, $json, 503);
} }
if ($request->getServerParam('CONTENT_LENGTH') > stringToBytes(ini_get('post_max_size'))) { if ($request->getServerParams()['CONTENT_LENGTH'] > stringToBytes(ini_get('post_max_size'))) {
$json['message'] = 'File too large (post_max_size too low?).'; $json['message'] = 'File too large (post_max_size too low?).';
return $response->withJson($json, 400); return json($response, $json, 400);
} }
if (isset($request->getUploadedFiles()['upload']) && $request->getUploadedFiles()['upload']->getError() === UPLOAD_ERR_INI_SIZE) { if (isset($request->getUploadedFiles()['upload']) && $request->getUploadedFiles()['upload']->getError() === UPLOAD_ERR_INI_SIZE) {
$json['message'] = 'File too large (upload_max_filesize too low?).'; $json['message'] = 'File too large (upload_max_filesize too low?).';
return $response->withJson($json, 400); return json($response, $json, 400);
} }
if ($request->getParam('token') === null) { if (param($request, 'token') === null) {
$json['message'] = 'Token not specified.'; $json['message'] = 'Token not specified.';
return $response->withJson($json, 400); return json($response, $json, 400);
} }
$user = $this->database->query('SELECT * FROM `users` WHERE `token` = ? LIMIT 1', $request->getParam('token'))->fetch(); $user = $this->database->query('SELECT * FROM `users` WHERE `token` = ? LIMIT 1', param($request, 'token'))->fetch();
if (!$user) { if (!$user) {
$json['message'] = 'Token specified not found.'; $json['message'] = 'Token specified not found.';
return $response->withJson($json, 404); return json($response, $json, 404);
} }
if (!$user->active) { if (!$user->active) {
$json['message'] = 'Account disabled.'; $json['message'] = 'Account disabled.';
return $response->withJson($json, 401); return json($response, $json, 401);
} }
do { do {
$code = humanRandomString(); $code = humanRandomString();
} while ($this->database->query('SELECT COUNT(*) AS `count` FROM `uploads` WHERE `code` = ?', $code)->fetch()->count > 0); } while ($this->database->query('SELECT COUNT(*) AS `count` FROM `uploads` WHERE `code` = ?', $code)->fetch()->count > 0);
/** @var \Psr\Http\Message\UploadedFileInterface $file */ /** @var \Psr\Http\Message\UploadedFileInterface $file */
$file = $request->getUploadedFiles()['upload']; $file = $request->getUploadedFiles()['upload'];
$fileInfo = pathinfo($file->getClientFilename()); $fileInfo = pathinfo($file->getClientFilename());
$storagePath = "$user->user_code/$code.$fileInfo[extension]"; $storagePath = "$user->user_code/$code.$fileInfo[extension]";
$this->storage->writeStream($storagePath, $file->getStream()->detach()); $this->storage->writeStream($storagePath, $file->getStream()->detach());
$this->database->query('INSERT INTO `uploads`(`user_id`, `code`, `filename`, `storage_path`) VALUES (?, ?, ?, ?)', [ $this->database->query('INSERT INTO `uploads`(`user_id`, `code`, `filename`, `storage_path`) VALUES (?, ?, ?, ?)', [
$user->id, $user->id,
$code, $code,
$file->getClientFilename(), $file->getClientFilename(),
$storagePath, $storagePath,
]); ]);
$json['message'] = 'OK.'; $json['message'] = 'OK.';
$json['url'] = urlFor("/$user->user_code/$code.$fileInfo[extension]"); $json['url'] = urlFor("/$user->user_code/$code.$fileInfo[extension]");
$this->logger->info("User $user->username uploaded new media.", [$this->database->raw()->lastInsertId()]); $this->logger->info("User $user->username uploaded new media.", [$this->database->raw()->lastInsertId()]);
return $response->withJson($json, 201); return json($response, $json, 201);
} }
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param Response $response
* @param $args * @param string $userCode
* @return Response * @param string $mediaCode
* @throws FileNotFoundException * @param string|null $token
* @throws NotFoundException * @return Response
*/ * @throws HttpNotFoundException
public function show(Request $request, Response $response, $args): Response * @throws \Twig\Error\LoaderError
{ * @throws \Twig\Error\RuntimeError
$media = $this->getMedia($args['userCode'], $args['mediaCode']); * @throws \Twig\Error\SyntaxError
* @throws FileNotFoundException
if (!$media || (!$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false))) { */
throw new NotFoundException($request, $response); public function show(Request $request, Response $response, string $userCode, string $mediaCode, string $token = null): Response
} {
$media = $this->getMedia($userCode, $mediaCode);
$filesystem = $this->storage;
if (!$media || (!$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false))) {
if (isBot($request->getHeaderLine('User-Agent'))) { throw new HttpNotFoundException($request);
return $this->streamMedia($request, $response, $filesystem, $media); }
} else {
try { $filesystem = $this->storage;
$media->mimetype = $filesystem->getMimetype($media->storage_path);
$size = $filesystem->getSize($media->storage_path); if (isBot($request->getHeaderLine('User-Agent'))) {
return $this->streamMedia($request, $response, $filesystem, $media);
$type = explode('/', $media->mimetype)[0]; } else {
if ($type === 'image' && !isDisplayableImage($media->mimetype)) { try {
$type = 'application'; $media->mimetype = $filesystem->getMimetype($media->storage_path);
$media->mimetype = 'application/octet-stream'; $size = $filesystem->getSize($media->storage_path);
}
if ($type === 'text') { $type = explode('/', $media->mimetype)[0];
if ($size <= (200 * 1024)) { // less than 200 KB if ($type === 'image' && !isDisplayableImage($media->mimetype)) {
$media->text = $filesystem->read($media->storage_path); $type = 'application';
} else { $media->mimetype = 'application/octet-stream';
$type = 'application'; }
$media->mimetype = 'application/octet-stream'; if ($type === 'text') {
} if ($size <= (200 * 1024)) { // less than 200 KB
} $media->text = $filesystem->read($media->storage_path);
$media->size = humanFileSize($size); } else {
$type = 'application';
} catch (FileNotFoundException $e) { $media->mimetype = 'application/octet-stream';
throw new NotFoundException($request, $response); }
} }
$media->size = humanFileSize($size);
return $this->view->render($response, 'upload/public.twig', [
'delete_token' => isset($args['token']) ? $args['token'] : null, } catch (FileNotFoundException $e) {
'media' => $media, throw new HttpNotFoundException($request);
'type' => $type, }
'extension' => pathinfo($media->filename, PATHINFO_EXTENSION),
]); return view()->render($response, 'upload/public.twig', [
} 'delete_token' => $token,
} 'media' => $media,
'type' => $type,
/** 'extension' => pathinfo($media->filename, PATHINFO_EXTENSION),
* @param Request $request ]);
* @param Response $response }
* @param $args }
* @return Response
* @throws NotFoundException /**
* @throws UnauthorizedException * @param Request $request
*/ * @param Response $response
public function deleteByToken(Request $request, Response $response, $args): Response * @param string $userCode
{ * @param string $mediaCode
$media = $this->getMedia($args['userCode'], $args['mediaCode']); * @param string $token
* @return Response
if (!$media) { * @throws HttpNotFoundException
throw new NotFoundException($request, $response); * @throws HttpUnauthorizedException
} */
public function deleteByToken(Request $request, Response $response, string $userCode, string $mediaCode, string $token): Response
$user = $this->database->query('SELECT `id`, `active` FROM `users` WHERE `token` = ? LIMIT 1', $args['token'])->fetch(); {
$media = $this->getMedia($userCode, $mediaCode);
if (!$user) {
$this->session->alert(lang('token_not_found'), 'danger'); if (!$media) {
return $response->withRedirect($request->getHeaderLine('HTTP_REFERER')); throw new HttpNotFoundException($request);
} }
if (!$user->active) { $user = $this->database->query('SELECT `id`, `active` FROM `users` WHERE `token` = ? LIMIT 1', $token)->fetch();
$this->session->alert(lang('account_disabled'), 'danger');
return $response->withRedirect($request->getHeaderLine('HTTP_REFERER')); if (!$user) {
} $this->session->alert(lang('token_not_found'), 'danger');
return redirect($response, $request->getHeaderLine('HTTP_REFERER'));
if ($this->session->get('admin', false) || $user->id === $media->user_id) { }
try { if (!$user->active) {
$this->storage->delete($media->storage_path); $this->session->alert(lang('account_disabled'), 'danger');
} catch (FileNotFoundException $e) { return redirect($response, $request->getHeaderLine('HTTP_REFERER'));
throw new NotFoundException($request, $response); }
} finally {
$this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $media->mediaId); if ($this->session->get('admin', false) || $user->id === $media->user_id) {
$this->logger->info('User ' . $user->username . ' deleted a media via token.', [$media->mediaId]);
} try {
} else { $this->storage->delete($media->storage_path);
throw new UnauthorizedException(); } catch (FileNotFoundException $e) {
} throw new HttpNotFoundException($request);
} finally {
return redirect($response, 'home'); $this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $media->mediaId);
} $this->logger->info('User '.$user->username.' deleted a media via token.', [$media->mediaId]);
}
/** } else {
* @param Request $request throw new HttpUnauthorizedException($request);
* @param Response $response }
* @param $args
* @return Response return redirect($response, route('home'));
* @throws NotFoundException }
* @throws FileNotFoundException
*/ /**
public function getRawById(Request $request, Response $response, $args): Response * @param Request $request
{ * @param Response $response
* @param int $id
$media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @return Response
* @throws FileNotFoundException
if (!$media) { * @throws HttpNotFoundException
throw new NotFoundException($request, $response); */
} public function getRawById(Request $request, Response $response, int $id): Response
{
return $this->streamMedia($request, $response, $this->storage, $media);
} $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch();
/** if (!$media) {
* @param Request $request throw new HttpNotFoundException($request);
* @param Response $response }
* @param $args
* @return Response return $this->streamMedia($request, $response, $this->storage, $media);
* @throws NotFoundException }
* @throws FileNotFoundException
*/ /**
public function showRaw(Request $request, Response $response, $args): Response * @param Request $request
{ * @param Response $response
$media = $this->getMedia($args['userCode'], $args['mediaCode']); * @param string $userCode
* @param string $mediaCode
if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) { * @return Response
throw new NotFoundException($request, $response); * @throws FileNotFoundException
} * @throws HttpNotFoundException
return $this->streamMedia($request, $response, $this->storage, $media); */
} public function showRaw(Request $request, Response $response, string $userCode, string $mediaCode): Response
{
$media = $this->getMedia($userCode, $mediaCode);
/**
* @param Request $request if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) {
* @param Response $response throw new HttpNotFoundException($request);
* @param $args }
* @return Response return $this->streamMedia($request, $response, $this->storage, $media);
* @throws NotFoundException }
* @throws FileNotFoundException
*/
public function download(Request $request, Response $response, $args): Response /**
{ * @param Request $request
$media = $this->getMedia($args['userCode'], $args['mediaCode']); * @param Response $response
* @param string $userCode
if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) { * @param string $mediaCode
throw new NotFoundException($request, $response); * @return Response
} * @throws FileNotFoundException
return $this->streamMedia($request, $response, $this->storage, $media, 'attachment'); * @throws HttpNotFoundException
} */
public function download(Request $request, Response $response, string $userCode, string $mediaCode): Response
/** {
* @param Request $request $media = $this->getMedia($userCode, $mediaCode);
* @param Response $response
* @param $args if (!$media || !$media->published && $this->session->get('user_id') !== $media->user_id && !$this->session->get('admin', false)) {
* @return Response throw new HttpNotFoundException($request);
* @throws NotFoundException }
*/ return $this->streamMedia($request, $response, $this->storage, $media, 'attachment');
public function togglePublish(Request $request, Response $response, $args): Response }
{
if ($this->session->get('admin')) { /**
$media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @param Request $request
} else { * @param Response $response
$media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? AND `user_id` = ? LIMIT 1', [$args['id'], $this->session->get('user_id')])->fetch(); * @param int $id
} * @return Response
* @throws HttpNotFoundException
if (!$media) { */
throw new NotFoundException($request, $response); public function togglePublish(Request $request, Response $response, int $id): Response
} {
if ($this->session->get('admin')) {
$this->database->query('UPDATE `uploads` SET `published`=? WHERE `id`=?', [$media->published ? 0 : 1, $media->id]); $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch();
} else {
return $response->withStatus(200); $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? AND `user_id` = ? LIMIT 1', [$id, $this->session->get('user_id')])->fetch();
} }
/** if (!$media) {
* @param Request $request throw new HttpNotFoundException($request);
* @param Response $response }
* @param $args
* @return Response $this->database->query('UPDATE `uploads` SET `published`=? WHERE `id`=?', [$media->published ? 0 : 1, $media->id]);
* @throws NotFoundException
* @throws UnauthorizedException return $response->withStatus(200);
*/ }
public function delete(Request $request, Response $response, $args): Response
{ /**
$media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @param Request $request
* @param Response $response
if (!$media) { * @param int $id
throw new NotFoundException($request, $response); * @return Response
} * @throws HttpNotFoundException
* @throws HttpUnauthorizedException
if ($this->session->get('admin', false) || $media->user_id === $this->session->get('user_id')) { */
public function delete(Request $request, Response $response, int $id): Response
try { {
$this->storage->delete($media->storage_path); $media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $id)->fetch();
} catch (FileNotFoundException $e) {
throw new NotFoundException($request, $response); if (!$media) {
} finally { throw new HttpNotFoundException($request);
$this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $args['id']); }
$this->logger->info('User ' . $this->session->get('username') . ' deleted a media.', [$args['id']]);
$this->session->set('used_space', humanFileSize($this->getUsedSpaceByUser($this->session->get('user_id')))); if ($this->session->get('admin', false) || $media->user_id === $this->session->get('user_id')) {
}
} else { try {
throw new UnauthorizedException(); $this->storage->delete($media->storage_path);
} } catch (FileNotFoundException $e) {
throw new HttpNotFoundException($request);
return $response->withStatus(200); } finally {
} $this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $id);
$this->logger->info('User '.$this->session->get('username').' deleted a media.', [$id]);
/** $this->session->set('used_space', humanFileSize($this->getUsedSpaceByUser($this->session->get('user_id'))));
* @param $userCode }
* @param $mediaCode } else {
* @return mixed throw new HttpUnauthorizedException($request);
*/ }
protected function getMedia($userCode, $mediaCode)
{ return $response->withStatus(200);
$mediaCode = pathinfo($mediaCode)['filename']; }
$media = $this->database->query('SELECT `uploads`.*, `users`.*, `users`.`id` AS `userId`, `uploads`.`id` AS `mediaId` FROM `uploads` INNER JOIN `users` ON `uploads`.`user_id` = `users`.`id` WHERE `user_code` = ? AND `uploads`.`code` = ? LIMIT 1', [ /**
$userCode, * @param $userCode
$mediaCode, * @param $mediaCode
])->fetch(); * @return mixed
*/
return $media; protected function getMedia($userCode, $mediaCode)
} {
$mediaCode = pathinfo($mediaCode)['filename'];
/**
* @param Request $request $media = $this->database->query('SELECT `uploads`.*, `users`.*, `users`.`id` AS `userId`, `uploads`.`id` AS `mediaId` FROM `uploads` INNER JOIN `users` ON `uploads`.`user_id` = `users`.`id` WHERE `user_code` = ? AND `uploads`.`code` = ? LIMIT 1', [
* @param Response $response $userCode,
* @param Filesystem $storage $mediaCode,
* @param $media ])->fetch();
* @param string $disposition
* @return Response return $media;
* @throws FileNotFoundException }
*/
protected function streamMedia(Request $request, Response $response, Filesystem $storage, $media, string $disposition = 'inline'): Response /**
{ * @param Request $request
set_time_limit(0); * @param Response $response
$mime = $storage->getMimetype($media->storage_path); * @param Filesystem $storage
* @param $media
if ($request->getParam('width') !== null && explode('/', $mime)[0] === 'image') { * @param string $disposition
* @return Response
$image = Image::make($storage->readStream($media->storage_path)) * @throws FileNotFoundException
->resizeCanvas( */
$request->getParam('width'), protected function streamMedia(Request $request, Response $response, Filesystem $storage, $media, string $disposition = 'inline'): Response
$request->getParam('height'), {
'center') set_time_limit(0);
->encode('png'); $mime = $storage->getMimetype($media->storage_path);
return $response if (param($request, 'width') !== null && explode('/', $mime)[0] === 'image') {
->withHeader('Content-Type', 'image/png')
->withHeader('Content-Disposition', $disposition . ';filename="scaled-' . pathinfo($media->filename)['filename'] . '.png"') $image = Image::make($storage->readStream($media->storage_path))
->write($image); ->resizeCanvas(
} else { param($request, 'width'),
$stream = new Stream($storage->readStream($media->storage_path)); param($request, 'height'),
'center')
if (!in_array(explode('/', $mime)[0], ['image', 'video', 'audio']) || $disposition === 'attachment') { ->encode('png');
return $response->withHeader('Content-Type', $mime)
->withHeader('Content-Disposition', $disposition . '; filename="' . $media->filename . '"') $response->getBody()->write($image);
->withHeader('Content-Length', $stream->getSize()) return $response
->withBody($stream); ->withHeader('Content-Type', 'image/png')
} ->withHeader('Content-Disposition', $disposition.';filename="scaled-'.pathinfo($media->filename)['filename'].'.png"');
} else {
$end = $stream->getSize() - 1; $stream = new Stream($storage->readStream($media->storage_path));
if ($request->getServerParam('HTTP_RANGE') !== null) { if (!in_array(explode('/', $mime)[0], ['image', 'video', 'audio']) || $disposition === 'attachment') {
list(, $range) = explode('=', $request->getServerParam('HTTP_RANGE'), 2); return $response->withHeader('Content-Type', $mime)
->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"')
if (strpos($range, ',') !== false) { ->withHeader('Content-Length', $stream->getSize())
return $response->withHeader('Content-Type', $mime) ->withBody($stream);
->withHeader('Content-Disposition', $disposition . '; filename="' . $media->filename . '"') }
->withHeader('Content-Length', $stream->getSize())
->withHeader('Accept-Ranges', 'bytes') $end = $stream->getSize() - 1;
->withHeader('Content-Range', "0,{$stream->getSize()}") if (isset($request->getServerParams()['HTTP_RANGE'])) {
->withStatus(416) list(, $range) = explode('=', $request->getServerParams()['HTTP_RANGE'], 2);
->withBody($stream);
} if (strpos($range, ',') !== false) {
return $response->withHeader('Content-Type', $mime)
if ($range === '-') { ->withHeader('Content-Disposition', $disposition.'; filename="'.$media->filename.'"')
$start = $stream->getSize() - (int)substr($range, 1); ->withHeader('Content-Length', $stream->getSize())
} else { ->withHeader('Accept-Ranges', 'bytes')
$range = explode('-', $range); ->withHeader('Content-Range', "0,{$stream->getSize()}")
$start = (int)$range[0]; ->withStatus(416)
$end = (isset($range[1]) && is_numeric($range[1])) ? (int)$range[1] : $stream->getSize(); ->withBody($stream);
} }
$end = ($end > $stream->getSize() - 1) ? $stream->getSize() - 1 : $end; if ($range === '-') {
$stream->seek($start); $start = $stream->getSize() - (int)substr($range, 1);
} else {
header("Content-Type: $mime"); $range = explode('-', $range);
header('Content-Length: ' . ($end - $start + 1)); $start = (int)$range[0];
header('Accept-Ranges: bytes'); $end = (isset($range[1]) && is_numeric($range[1])) ? (int)$range[1] : $stream->getSize();
header("Content-Range: bytes $start-$end/{$stream->getSize()}"); }
http_response_code(206); $end = ($end > $stream->getSize() - 1) ? $stream->getSize() - 1 : $end;
ob_end_clean(); $stream->seek($start);
$buffer = 16348; header("Content-Type: $mime");
$readed = $start; header('Content-Length: '.($end - $start + 1));
while ($readed < $end) { header('Accept-Ranges: bytes');
if ($readed + $buffer > $end) { header("Content-Range: bytes $start-$end/{$stream->getSize()}");
$buffer = $end - $readed + 1;
} http_response_code(206);
echo $stream->read($buffer); ob_end_clean();
$readed += $buffer;
} $buffer = 16348;
$readed = $start;
exit(0); while ($readed < $end) {
} if ($readed + $buffer > $end) {
$buffer = $end - $readed + 1;
return $response->withHeader('Content-Type', $mime) }
->withHeader('Content-Length', $stream->getSize()) echo $stream->read($buffer);
->withHeader('Accept-Ranges', 'bytes') $readed += $buffer;
->withStatus(200) }
->withBody($stream);
} exit(0);
} }
return $response->withHeader('Content-Type', $mime)
->withHeader('Content-Length', $stream->getSize())
->withHeader('Accept-Ranges', 'bytes')
->withStatus(200)
->withBody($stream);
}
}
} }

835
app/Controllers/UserController.php
View file

@ -3,419 +3,430 @@
namespace App\Controllers; namespace App\Controllers;
use App\Exceptions\UnauthorizedException; use Psr\Http\Message\ResponseInterface as Response;
use Slim\Exception\NotFoundException; use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\Http\Request; use Slim\Exception\HttpNotFoundException;
use Slim\Http\Response; use Slim\Exception\HttpUnauthorizedException;
class UserController extends Controller class UserController extends Controller
{ {
const PER_PAGE = 15; const PER_PAGE = 15;
/** /**
* @param Request $request * @param Response $response
* @param Response $response * @param int|null $page
* @param $args * @return Response
* @return Response * @throws \Twig\Error\LoaderError
*/ * @throws \Twig\Error\RuntimeError
public function index(Request $request, Response $response, $args): Response * @throws \Twig\Error\SyntaxError
{ */
$page = isset($args['page']) ? (int)$args['page'] : 0; public function index(Response $response, int $page = 0): Response
$page = max(0, --$page); {
$page = max(0, --$page);
$users = $this->database->query('SELECT * FROM `users` LIMIT ? OFFSET ?', [self::PER_PAGE, $page * self::PER_PAGE])->fetchAll();
$users = $this->database->query('SELECT * FROM `users` LIMIT ? OFFSET ?', [self::PER_PAGE, $page * self::PER_PAGE])->fetchAll();
$pages = $this->database->query('SELECT COUNT(*) AS `count` FROM `users`')->fetch()->count / self::PER_PAGE;
$pages = $this->database->query('SELECT COUNT(*) AS `count` FROM `users`')->fetch()->count / self::PER_PAGE;
return $this->view->render($response,
'user/index.twig', return view()->render($response,
[ 'user/index.twig',
'users' => $users, [
'next' => $page < floor($pages), 'users' => $users,
'previous' => $page >= 1, 'next' => $page < floor($pages),
'current_page' => ++$page, 'previous' => $page >= 1,
] 'current_page' => ++$page,
); ]
} );
}
/**
* @param Request $request /**
* @param Response $response * @param Response $response
* @return Response * @return Response
*/ * @throws \Twig\Error\LoaderError
public function create(Request $request, Response $response): Response * @throws \Twig\Error\RuntimeError
{ * @throws \Twig\Error\SyntaxError
return $this->view->render($response, 'user/create.twig'); */
} public function create(Response $response): Response
{
/** return view()->render($response, 'user/create.twig');
* @param Request $request }
* @param Response $response
* @return Response /**
*/ * @param Request $request
public function store(Request $request, Response $response): Response * @param Response $response
{ * @return Response
if ($request->getParam('email') === null) { */
$this->session->alert(lang('email_required'), 'danger'); public function store(Request $request, Response $response): Response
return redirect($response, 'user.create'); {
} if (param($request, 'email') === null) {
$this->session->alert(lang('email_required'), 'danger');
if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `email` = ?', $request->getParam('email'))->fetch()->count > 0) { return redirect($response, route('user.create'));
$this->session->alert(lang('email_taken'), 'danger'); }
return redirect($response, 'user.create');
} if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `email` = ?', param($request, 'email'))->fetch()->count > 0) {
$this->session->alert(lang('email_taken'), 'danger');
if ($request->getParam('username') === null) { return redirect($response, route('user.create'));
$this->session->alert(lang('username_required'), 'danger'); }
return redirect($response, 'user.create');
} if (param($request, 'username') === null) {
$this->session->alert(lang('username_required'), 'danger');
if ($request->getParam('password') === null) { return redirect($response, route('user.create'));
$this->session->alert(lang('password_required'), 'danger'); }
return redirect($response, 'user.create');
} if (param($request, 'password') === null) {
$this->session->alert(lang('password_required'), 'danger');
if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `username` = ?', $request->getParam('username'))->fetch()->count > 0) { return redirect($response, route('user.create'));
$this->session->alert(lang('username_taken'), 'danger'); }
return redirect($response, 'user.create');
} if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `username` = ?', param($request, 'username'))->fetch()->count > 0) {
$this->session->alert(lang('username_taken'), 'danger');
do { return redirect($response, route('user.create'));
$userCode = humanRandomString(5); }
} while ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `user_code` = ?', $userCode)->fetch()->count > 0);
do {
$token = $this->generateNewToken(); $userCode = humanRandomString(5);
} while ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `user_code` = ?', $userCode)->fetch()->count > 0);
$this->database->query('INSERT INTO `users`(`email`, `username`, `password`, `is_admin`, `active`, `user_code`, `token`) VALUES (?, ?, ?, ?, ?, ?, ?)', [
$request->getParam('email'), $token = $this->generateNewToken();
$request->getParam('username'),
password_hash($request->getParam('password'), PASSWORD_DEFAULT), $this->database->query('INSERT INTO `users`(`email`, `username`, `password`, `is_admin`, `active`, `user_code`, `token`) VALUES (?, ?, ?, ?, ?, ?, ?)', [
$request->getParam('is_admin') !== null ? 1 : 0, param($request, 'email'),
$request->getParam('is_active') !== null ? 1 : 0, param($request, 'username'),
$userCode, password_hash(param($request, 'password'), PASSWORD_DEFAULT),
$token, param($request, 'is_admin') !== null ? 1 : 0,
]); param($request, 'is_active') !== null ? 1 : 0,
$userCode,
$this->session->alert(lang('user_created', [$request->getParam('username')]), 'success'); $token,
$this->logger->info('User ' . $this->session->get('username') . ' created a new user.', [array_diff_key($request->getParams(), array_flip(['password']))]); ]);
return redirect($response, 'user.index'); $this->session->alert(lang('user_created', [param($request, 'username')]), 'success');
} $this->logger->info('User '.$this->session->get('username').' created a new user.', [array_diff_key($request->getParsedBody(), array_flip(['password']))]);
/** return redirect($response, route('user.index'));
* @param Request $request }
* @param Response $response
* @param $args /**
* @return Response * @param Request $request
* @throws NotFoundException * @param Response $response
*/ * @param $id
public function edit(Request $request, Response $response, $args): Response * @return Response
{ * @throws HttpNotFoundException
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @throws \Twig\Error\LoaderError
* @throws \Twig\Error\RuntimeError
if (!$user) { * @throws \Twig\Error\SyntaxError
throw new NotFoundException($request, $response); */
} public function edit(Request $request, Response $response, int $id): Response
{
return $this->view->render($response, 'user/edit.twig', [ $user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $id)->fetch();
'profile' => false,
'user' => $user, if (!$user) {
]); throw new HttpNotFoundException($request);
} }
/** return view()->render($response, 'user/edit.twig', [
* @param Request $request 'profile' => false,
* @param Response $response 'user' => $user,
* @param $args ]);
* @return Response }
* @throws NotFoundException
*/ /**
public function update(Request $request, Response $response, $args): Response * @param Request $request
{ * @param Response $response
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @param int $id
* @return Response
if (!$user) { * @throws HttpNotFoundException
throw new NotFoundException($request, $response); */
} public function update(Request $request, Response $response, int $id): Response
{
if ($request->getParam('email') === null) { $user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $id)->fetch();
$this->session->alert(lang('email_required'), 'danger');
return redirect($response, 'user.edit', ['id' => $args['id']]); if (!$user) {
} throw new HttpNotFoundException($request);
}
if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `email` = ? AND `email` <> ?', [$request->getParam('email'), $user->email])->fetch()->count > 0) {
$this->session->alert(lang('email_taken'), 'danger'); if (param($request, 'email') === null) {
return redirect($response, 'user.edit', ['id' => $args['id']]); $this->session->alert(lang('email_required'), 'danger');
} return redirect($response, route('user.edit', ['id' => $id]));
}
if ($request->getParam('username') === null) {
$this->session->alert(lang('username_required'), 'danger'); if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `email` = ? AND `email` <> ?', [param($request, 'email'), $user->email])->fetch()->count > 0) {
return redirect($response, 'user.edit', ['id' => $args['id']]); $this->session->alert(lang('email_taken'), 'danger');
} return redirect($response, route('user.edit', ['id' => $id]));
}
if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `username` = ? AND `username` <> ?', [$request->getParam('username'), $user->username])->fetch()->count > 0) {
$this->session->alert(lang('username_taken'), 'danger'); if (param($request, 'username') === null) {
return redirect($response, 'user.edit', ['id' => $args['id']]); $this->session->alert(lang('username_required'), 'danger');
} return redirect($response, route('user.edit', ['id' => $id]));
}
if ($user->id === $this->session->get('user_id') && $request->getParam('is_admin') === null) {
$this->session->alert(lang('cannot_demote'), 'danger'); if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `username` = ? AND `username` <> ?', [param($request, 'username'), $user->username])->fetch()->count > 0) {
return redirect($response, 'user.edit', ['id' => $args['id']]); $this->session->alert(lang('username_taken'), 'danger');
} return redirect($response, route('user.edit', ['id' => $id]));
}
if ($request->getParam('password') !== null && !empty($request->getParam('password'))) {
$this->database->query('UPDATE `users` SET `email`=?, `username`=?, `password`=?, `is_admin`=?, `active`=? WHERE `id` = ?', [ if ($user->id === $this->session->get('user_id') && param($request, 'is_admin') === null) {
$request->getParam('email'), $this->session->alert(lang('cannot_demote'), 'danger');
$request->getParam('username'), return redirect($response, route('user.edit', ['id' => $id]));
password_hash($request->getParam('password'), PASSWORD_DEFAULT), }
$request->getParam('is_admin') !== null ? 1 : 0,
$request->getParam('is_active') !== null ? 1 : 0, if (param($request, 'password') !== null && !empty(param($request, 'password'))) {
$user->id, $this->database->query('UPDATE `users` SET `email`=?, `username`=?, `password`=?, `is_admin`=?, `active`=? WHERE `id` = ?', [
]); param($request, 'email'),
} else { param($request, 'username'),
$this->database->query('UPDATE `users` SET `email`=?, `username`=?, `is_admin`=?, `active`=? WHERE `id` = ?', [ password_hash(param($request, 'password'), PASSWORD_DEFAULT),
$request->getParam('email'), param($request, 'is_admin') !== null ? 1 : 0,
$request->getParam('username'), param($request, 'is_active') !== null ? 1 : 0,
$request->getParam('is_admin') !== null ? 1 : 0, $user->id,
$request->getParam('is_active') !== null ? 1 : 0, ]);
$user->id, } else {
]); $this->database->query('UPDATE `users` SET `email`=?, `username`=?, `is_admin`=?, `active`=? WHERE `id` = ?', [
} param($request, 'email'),
param($request, 'username'),
$this->session->alert(lang('user_updated', [$request->getParam('username')]), 'success'); param($request, 'is_admin') !== null ? 1 : 0,
$this->logger->info('User ' . $this->session->get('username') . " updated $user->id.", [ param($request, 'is_active') !== null ? 1 : 0,
array_diff_key((array)$user, array_flip(['password'])), $user->id,
array_diff_key($request->getParams(), array_flip(['password'])), ]);
]); }
return redirect($response, 'user.index'); $this->session->alert(lang('user_updated', [param($request, 'username')]), 'success');
$this->logger->info('User '.$this->session->get('username')." updated $user->id.", [
} array_diff_key((array)$user, array_flip(['password'])),
array_diff_key($request->getParsedBody(), array_flip(['password'])),
/** ]);
* @param Request $request
* @param Response $response return redirect($response, route('user.index'));
* @param $args
* @return Response }
* @throws NotFoundException
*/ /**
public function delete(Request $request, Response $response, $args): Response * @param Request $request
{ * @param Response $response
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @param int $id
* @return Response
if (!$user) { * @throws HttpNotFoundException
throw new NotFoundException($request, $response); */
} public function delete(Request $request, Response $response, int $id): Response
{
if ($user->id === $this->session->get('user_id')) { $user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $id)->fetch();
$this->session->alert(lang('cannot_delete'), 'danger');
return redirect($response, 'user.index'); if (!$user) {
} throw new HttpNotFoundException($request, $response);
}
$this->database->query('DELETE FROM `users` WHERE `id` = ?', $user->id);
if ($user->id === $this->session->get('user_id')) {
$this->session->alert(lang('user_deleted'), 'success'); $this->session->alert(lang('cannot_delete'), 'danger');
$this->logger->info('User ' . $this->session->get('username') . " deleted $user->id."); return redirect($response, route('user.index'));
}
return redirect($response, 'user.index');
} $this->database->query('DELETE FROM `users` WHERE `id` = ?', $user->id);
/** $this->session->alert(lang('user_deleted'), 'success');
* @param Request $request $this->logger->info('User '.$this->session->get('username')." deleted $user->id.");
* @param Response $response
* @return Response return redirect($response, route('user.index'));
* @throws NotFoundException }
* @throws UnauthorizedException
*/ /**
public function profile(Request $request, Response $response): Response * @param Request $request
{ * @param Response $response
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $this->session->get('user_id'))->fetch(); * @return Response
* @throws HttpNotFoundException
if (!$user) { * @throws HttpUnauthorizedException
throw new NotFoundException($request, $response); * @throws \Twig\Error\LoaderError
} * @throws \Twig\Error\RuntimeError
* @throws \Twig\Error\SyntaxError
if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) { */
throw new UnauthorizedException(); public function profile(Request $request, Response $response): Response
} {
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $this->session->get('user_id'))->fetch();
return $this->view->render($response, 'user/edit.twig', [
'profile' => true, if (!$user) {
'user' => $user, throw new HttpNotFoundException($request);
]); }
}
if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) {
/** throw new HttpUnauthorizedException($request);
* @param Request $request }
* @param Response $response
* @param $args return view()->render($response, 'user/edit.twig', [
* @return Response 'profile' => true,
* @throws NotFoundException 'user' => $user,
* @throws UnauthorizedException ]);
*/ }
public function profileEdit(Request $request, Response $response, $args): Response
{ /**
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @param Request $request
* @param Response $response
if (!$user) { * @param int $id
throw new NotFoundException($request, $response); * @return Response
} * @throws HttpNotFoundException
* @throws HttpUnauthorizedException
if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) { */
throw new UnauthorizedException(); public function profileEdit(Request $request, Response $response, int $id): Response
} {
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $id)->fetch();
if ($request->getParam('email') === null) {
$this->session->alert(lang('email_required'), 'danger'); if (!$user) {
return redirect($response, 'profile'); throw new HttpNotFoundException($request, $response);
} }
if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `email` = ? AND `email` <> ?', [$request->getParam('email'), $user->email])->fetch()->count > 0) { if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) {
$this->session->alert(lang('email_taken'), 'danger'); throw new HttpUnauthorizedException($request);
return redirect($response, 'profile'); }
}
if (param($request, 'email') === null) {
if ($request->getParam('password') !== null && !empty($request->getParam('password'))) { $this->session->alert(lang('email_required'), 'danger');
$this->database->query('UPDATE `users` SET `email`=?, `password`=? WHERE `id` = ?', [ return redirect($response, route('profile'));
$request->getParam('email'), }
password_hash($request->getParam('password'), PASSWORD_DEFAULT),
$user->id, if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `email` = ? AND `email` <> ?', [param($request, 'email'), $user->email])->fetch()->count > 0) {
]); $this->session->alert(lang('email_taken'), 'danger');
} else { return redirect($response, route('profile'));
$this->database->query('UPDATE `users` SET `email`=? WHERE `id` = ?', [ }
$request->getParam('email'),
$user->id, if (param($request, 'password') !== null && !empty(param($request, 'password'))) {
]); $this->database->query('UPDATE `users` SET `email`=?, `password`=? WHERE `id` = ?', [
} param($request, 'email'),
password_hash(param($request, 'password'), PASSWORD_DEFAULT),
$this->session->alert(lang('profile_updated'), 'success'); $user->id,
$this->logger->info('User ' . $this->session->get('username') . " updated profile of $user->id."); ]);
} else {
return redirect($response, 'profile'); $this->database->query('UPDATE `users` SET `email`=? WHERE `id` = ?', [
} param($request, 'email'),
$user->id,
/** ]);
* @param Request $request }
* @param Response $response
* @param $args $this->session->alert(lang('profile_updated'), 'success');
* @return Response $this->logger->info('User '.$this->session->get('username')." updated profile of $user->id.");
* @throws NotFoundException
* @throws UnauthorizedException return redirect($response, route('profile'));
*/ }
public function refreshToken(Request $request, Response $response, $args): Response
{ /**
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @param Request $request
* @param Response $response
if (!$user) { * @param int $id
throw new NotFoundException($request, $response); * @return Response
} * @throws HttpNotFoundException
* @throws HttpUnauthorizedException
if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) { */
throw new UnauthorizedException(); public function refreshToken(Request $request, Response $response, int $id): Response
} {
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $id)->fetch();
$token = $this->generateNewToken();
if (!$user) {
$this->database->query('UPDATE `users` SET `token`=? WHERE `id` = ?', [ throw new HttpNotFoundException($request, $response);
$token, }
$user->id,
]); if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) {
throw new HttpUnauthorizedException($request);
$this->logger->info('User ' . $this->session->get('username') . " refreshed token of user $user->id."); }
$response->getBody()->write($token); $token = $this->generateNewToken();
return $response; $this->database->query('UPDATE `users` SET `token`=? WHERE `id` = ?', [
} $token,
$user->id,
/** ]);
* @param Request $request
* @param Response $response $this->logger->info('User '.$this->session->get('username')." refreshed token of user $user->id.");
* @param $args
* @return Response $response->getBody()->write($token);
* @throws NotFoundException
* @throws UnauthorizedException return $response;
*/ }
public function getShareXconfigFile(Request $request, Response $response, $args): Response
{ /**
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @param Request $request
* @param Response $response
if (!$user) { * @param int $id
throw new NotFoundException($request, $response); * @return Response
} * @throws HttpNotFoundException
* @throws HttpUnauthorizedException
if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) { */
throw new UnauthorizedException(); public function getShareXconfigFile(Request $request, Response $response, int $id): Response
} {
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $id)->fetch();
if ($user->token === null || $user->token === '') {
$this->session->alert('You don\'t have a personal upload token. (Click the update token button and try again)', 'danger'); if (!$user) {
return $response->withRedirect($request->getHeaderLine('HTTP_REFERER')); throw new HttpNotFoundException($request, $response);
} }
$json = [ if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) {
'DestinationType' => 'ImageUploader, TextUploader, FileUploader', throw new HttpUnauthorizedException($request);
'RequestURL' => route('upload'), }
'FileFormName' => 'upload',
'Arguments' => [ if ($user->token === null || $user->token === '') {
'file' => '$filename$', $this->session->alert('You don\'t have a personal upload token. (Click the update token button and try again)', 'danger');
'text' => '$input$', return redirect($response, $request->getHeaderLine('HTTP_REFERER'));
'token' => $user->token, }
],
'URL' => '$json:url$', $json = [
'ThumbnailURL' => '$json:url$/raw', 'DestinationType' => 'ImageUploader, TextUploader, FileUploader',
'DeletionURL' => '$json:url$/delete/' . $user->token, 'RequestURL' => route('upload'),
]; 'FileFormName' => 'upload',
'Arguments' => [
return $response 'file' => '$filename$',
->withHeader('Content-Disposition', 'attachment;filename="' . $user->username . '-ShareX.sxcu"') 'text' => '$input$',
->withJson($json, 200, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT); 'token' => $user->token,
} ],
'URL' => '$json:url$',
/** 'ThumbnailURL' => '$json:url$/raw',
* @param Request $request 'DeletionURL' => '$json:url$/delete/'.$user->token,
* @param Response $response ];
* @param $args
* @return Response return json($response, $json, 200, JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT)
* @throws NotFoundException ->withHeader('Content-Disposition', 'attachment;filename="'.$user->username.'-ShareX.sxcu"');
* @throws UnauthorizedException }
*/
public function getUploaderScriptFile(Request $request, Response $response, $args): Response /**
{ * @param Request $request
$user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $args['id'])->fetch(); * @param Response $response
* @param int $id
if (!$user) { * @return Response
throw new NotFoundException($request, $response); * @throws HttpNotFoundException
} * @throws HttpUnauthorizedException
* @throws \Twig\Error\LoaderError
if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) { * @throws \Twig\Error\RuntimeError
throw new UnauthorizedException(); * @throws \Twig\Error\SyntaxError
} */
public function getUploaderScriptFile(Request $request, Response $response, int $id): Response
if ($user->token === null || $user->token === '') { {
$this->session->alert('You don\'t have a personal upload token. (Click the update token button and try again)', 'danger'); $user = $this->database->query('SELECT * FROM `users` WHERE `id` = ? LIMIT 1', $id)->fetch();
return $response->withRedirect($request->getHeaderLine('HTTP_REFERER'));
} if (!$user) {
throw new HttpNotFoundException($request, $response);
return $this->view->render($response->withHeader('Content-Disposition', 'attachment;filename="xbackbone_uploader_' . $user->username . '.sh"'), }
'scripts/xbackbone_uploader.sh.twig',
[ if ($user->id !== $this->session->get('user_id') && !$this->session->get('admin', false)) {
'username' => $user->username, throw new HttpUnauthorizedException($request);
'upload_url' => route('upload'), }
'token' => $user->token,
] if ($user->token === null || $user->token === '') {
); $this->session->alert('You don\'t have a personal upload token. (Click the update token button and try again)', 'danger');
} return redirect($response, $request->getHeaderLine('HTTP_REFERER'));
}
/**
* @return string return view()->render($response->withHeader('Content-Disposition', 'attachment;filename="xbackbone_uploader_'.$user->username.'.sh"'),
*/ 'scripts/xbackbone_uploader.sh.twig',
protected function generateNewToken(): string [
{ 'username' => $user->username,
do { 'upload_url' => route('upload'),
$token = 'token_' . md5(uniqid('', true)); 'token' => $user->token,
} while ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `token` = ?', $token)->fetch()->count > 0); ]
);
return $token; }
}
/**
* @return string
*/
protected function generateNewToken(): string
{
do {
$token = 'token_'.md5(uniqid('', true));
} while ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `token` = ?', $token)->fetch()->count > 0);
return $token;
}
} }

14
app/Exceptions/Handlers/AppErrorHandler.php Normal file
View file

@ -0,0 +1,14 @@
<?php
namespace App\Exception\Handlers;
use Slim\Handlers\ErrorHandler;
class AppErrorHandler extends ErrorHandler
{
protected function logError(string $error): void
{
resolve('logger')->critical($error);
}
}

45
app/Exceptions/Handlers/Renderers/HtmlErrorRenderer.php Normal file
View file

@ -0,0 +1,45 @@
<?php
namespace App\Exception\Handlers\Renderers;
use App\Exceptions\UnderMaintenanceException;
use Slim\Exception\HttpForbiddenException;
use Slim\Exception\HttpMethodNotAllowedException;
use Slim\Exception\HttpNotFoundException;
use Slim\Exception\HttpUnauthorizedException;
use Slim\Interfaces\ErrorRendererInterface;
use Throwable;
class HtmlErrorRenderer implements ErrorRendererInterface
{
/**
* @param Throwable $exception
* @param bool $displayErrorDetails
* @return string
* @throws \Twig\Error\LoaderError
* @throws \Twig\Error\RuntimeError
* @throws \Twig\Error\SyntaxError
*/
public function __invoke(Throwable $exception, bool $displayErrorDetails): string
{
if ($exception instanceof UnderMaintenanceException) {
return view()->string( 'errors/maintenance.twig');
}
if ($exception instanceof HttpUnauthorizedException || $exception instanceof HttpForbiddenException) {
return view()->string( 'errors/403.twig');
}
if ($exception instanceof HttpMethodNotAllowedException) {
return view()->string( 'errors/405.twig');
}
if ($exception instanceof HttpNotFoundException) {
return view()->string( 'errors/404.twig');
}
return view()->string('errors/500.twig', ['exception' => $displayErrorDetails ? $exception : null]);
}
}

15
app/Exceptions/MaintenanceException.php
View file

@ -1,15 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
use Throwable;
class MaintenanceException extends Exception
{
public function __construct(string $message = 'Under Maintenance', int $code = 503, Throwable $previous = null)
{
parent::__construct($message, $code, $previous);
}
}

15
app/Exceptions/UnauthorizedException.php
View file

@ -1,15 +0,0 @@
<?php
namespace App\Exceptions;
use Exception;
use Throwable;
class UnauthorizedException extends Exception
{
public function __construct(string $message = 'Forbidden', int $code = 403, Throwable $previous = null)
{
parent::__construct($message, $code, $previous);
}
}

15
app/Exceptions/UnderMaintenanceException.php Normal file
View file

@ -0,0 +1,15 @@
<?php
namespace App\Exceptions;
use Slim\Exception\HttpSpecializedException;
class UnderMaintenanceException extends HttpSpecializedException
{
protected $code = 503;
protected $message = 'Platform Under Maintenance.';
protected $title = '503 Service Unavailable';
protected $description = 'We\'ll be back very soon! :)';
}

27
app/Middleware/AdminMiddleware.php
View file

@ -2,27 +2,28 @@
namespace App\Middleware; namespace App\Middleware;
use App\Exceptions\UnauthorizedException; use GuzzleHttp\Psr7\Response;
use Slim\Http\Request; use Psr\Http\Message\ResponseInterface;
use Slim\Http\Response; use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
use Slim\Exception\HttpUnauthorizedException;
class AdminMiddleware extends Middleware class AdminMiddleware extends Middleware
{ {
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param RequestHandler $handler
* @param callable $next * @return Response
* @return Response * @throws HttpUnauthorizedException
* @throws UnauthorizedException */
*/ public function __invoke(Request $request, RequestHandler $handler): ResponseInterface
public function __invoke(Request $request, Response $response, callable $next)
{ {
if (!$this->database->query('SELECT `id`, `is_admin` FROM `users` WHERE `id` = ? LIMIT 1', [$this->session->get('user_id')])->fetch()->is_admin) { if (!$this->database->query('SELECT `id`, `is_admin` FROM `users` WHERE `id` = ? LIMIT 1', [$this->session->get('user_id')])->fetch()->is_admin) {
$this->session->set('admin', false); $this->session->set('admin', false);
throw new UnauthorizedException(); throw new HttpUnauthorizedException($request);
} }
return $next($request, $response); return $handler->handle($request);
} }
} }

45
app/Middleware/AuthMiddleware.php
View file

@ -2,33 +2,34 @@
namespace App\Middleware; namespace App\Middleware;
use Slim\Http\Request;
use Slim\Http\Response; use GuzzleHttp\Psr7\Response;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
class AuthMiddleware extends Middleware class AuthMiddleware extends Middleware
{ {
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param RequestHandler $handler
* @param callable $next * @return ResponseInterface
* @return Response */
*/ public function __invoke(Request $request, RequestHandler $handler): ResponseInterface
public function __invoke(Request $request, Response $response, callable $next) {
{ if (!$this->session->get('logged', false)) {
if (!$this->session->get('logged', false)) { $this->session->set('redirectTo', (string)$request->getUri());
$this->session->set('redirectTo', (isset($_SERVER['HTTPS']) ? 'https' : 'http') . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"); return redirect(new Response(), route('login.show'));
return redirect($response, 'login.show'); }
}
if (!$this->database->query('SELECT `id`, `active` FROM `users` WHERE `id` = ? LIMIT 1', [$this->session->get('user_id')])->fetch()->active) { if (!$this->database->query('SELECT `id`, `active` FROM `users` WHERE `id` = ? LIMIT 1', [$this->session->get('user_id')])->fetch()->active) {
$this->session->alert('Your account is not active anymore.', 'danger'); $this->session->alert('Your account is not active anymore.', 'danger');
$this->session->set('logged', false); $this->session->set('logged', false);
$this->session->set('redirectTo', (isset($_SERVER['HTTPS']) ? 'https' : 'http') . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"); return redirect(new Response(), route('login.show'));
return redirect($response, 'login.show'); }
}
return $next($request, $response); return $handler->handle($request);
} }
} }

35
app/Middleware/CheckForMaintenanceMiddleware.php
View file

@ -2,25 +2,26 @@
namespace App\Middleware; namespace App\Middleware;
use App\Exceptions\MaintenanceException; use App\Exceptions\UnderMaintenanceException;
use Slim\Http\Request; use Psr\Http\Message\ResponseInterface as Response;
use Slim\Http\Response; use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
class CheckForMaintenanceMiddleware extends Middleware class CheckForMaintenanceMiddleware extends Middleware
{ {
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param RequestHandler $handler
* @param callable $next * @return Response
* @return Response * @throws UnderMaintenanceException
* @throws MaintenanceException */
*/ public function __invoke(Request $request, RequestHandler $handler): Response
public function __invoke(Request $request, Response $response, callable $next) {
{ if (isset($this->config['maintenance']) && $this->settings['maintenance'] && !$this->database->query('SELECT `id`, `is_admin` FROM `users` WHERE `id` = ? LIMIT 1', [$this->session->get('user_id')])->fetch()->is_admin) {
if (isset($this->settings['maintenance']) && $this->settings['maintenance'] && !$this->database->query('SELECT `id`, `is_admin` FROM `users` WHERE `id` = ? LIMIT 1', [$this->session->get('user_id')])->fetch()->is_admin) { throw new UnderMaintenanceException($request);
throw new MaintenanceException(); }
}
return $next($request, $response); $response = $handler->handle($request);
} return $response;
}
} }

57
app/Middleware/Middleware.php
View file

@ -2,37 +2,40 @@
namespace App\Middleware; namespace App\Middleware;
use Slim\Container;
use Slim\Http\Request; use DI\Container;
use Slim\Http\Response; use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
abstract class Middleware abstract class Middleware
{ {
/** @var Container */ /** @var Container */
protected $container; protected $container;
public function __construct(Container $container) public function __construct(Container $container)
{ {
$this->container = $container; $this->container = $container;
} }
/** /**
* @param $name * @param $name
* @return mixed|null * @return mixed|null
* @throws \Interop\Container\Exception\ContainerException * @throws \DI\DependencyException
*/ * @throws \DI\NotFoundException
public function __get($name) */
{ public function __get($name)
if ($this->container->has($name)) { {
return $this->container->get($name); if ($this->container->has($name)) {
} return $this->container->get($name);
return null; }
} return null;
}
/** /**
* @param Request $request * @param Request $request
* @param Response $response * @param RequestHandler $handler
* @param callable $next * @return Response
*/ */
public abstract function __invoke(Request $request, Response $response, callable $next); public abstract function __invoke(Request $request, RequestHandler $handler);
} }

100
app/Web/View.php Normal file
View file

@ -0,0 +1,100 @@
<?php
namespace App\Web;
use DI\Container;
use Psr\Http\Message\ResponseInterface as Response;
use Slim\Factory\ServerRequestCreatorFactory;
use Twig\Environment;
use Twig\Error\LoaderError;
use Twig\Error\RuntimeError;
use Twig\Error\SyntaxError;
use Twig\Loader\FilesystemLoader;
use Twig\TwigFunction;
class View
{
/**
* @var Container
*/
private $container;
/**
* @var Environment
*/
private $twig;
/**
* View constructor.
* @param Container $container
* @throws \DI\DependencyException
* @throws \DI\NotFoundException
*/
public function __construct(Container $container)
{
$this->container = $container;
$config = $container->get('config');
$loader = new FilesystemLoader(BASE_DIR.'resources/templates');
$twig = new Environment($loader, [
'cache' => BASE_DIR.'resources/cache/twig',
'autoescape' => 'html',
'debug' => $config['debug'],
'auto_reload' => $config['debug'],
]);
$serverRequestCreator = ServerRequestCreatorFactory::create();
$request = $serverRequestCreator->createServerRequestFromGlobals();
$twig->addGlobal('config', $config);
$twig->addGlobal('request', $request);
$twig->addGlobal('alerts', $container->get('session')->getAlert());
$twig->addGlobal('session', $container->get('session')->all());
$twig->addGlobal('current_lang', $container->get('lang')->getLang());
$twig->addGlobal('PLATFORM_VERSION', PLATFORM_VERSION);
$twig->addFunction(new TwigFunction('route', 'route'));
$twig->addFunction(new TwigFunction('lang', 'lang'));
$twig->addFunction(new TwigFunction('urlFor', 'urlFor'));
$twig->addFunction(new TwigFunction('asset', 'asset'));
$twig->addFunction(new TwigFunction('mime2font', 'mime2font'));
$twig->addFunction(new TwigFunction('queryParams', 'queryParams'));
$twig->addFunction(new TwigFunction('isDisplayableImage', 'isDisplayableImage'));
$this->twig = $twig;
}
/**
* @param Response $response
* @param string $view
* @param array|null $parameters
* @return Response
* @throws LoaderError
* @throws RuntimeError
* @throws SyntaxError
*/
public function render(Response $response, string $view, ?array $parameters = [])
{
$body = $this->twig->render($view, $parameters);
$response->getBody()->write($body);
return $response;
}
/**
* @param string $view
* @param array|null $parameters
* @return string
* @throws LoaderError
* @throws RuntimeError
* @throws SyntaxError
*/
public function string(string $view, ?array $parameters = [])
{
return $this->twig->render($view, $parameters);
}
}

579
app/helpers.php
View file

@ -1,318 +1,379 @@
<?php <?php
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\Factory\ServerRequestCreatorFactory;
if (!defined('HUMAN_RANDOM_CHARS')) { if (!defined('HUMAN_RANDOM_CHARS')) {
define('HUMAN_RANDOM_CHARS', 'bcdfghjklmnpqrstvwxyzBCDFGHJKLMNPQRSTVWXYZaeiouAEIOU'); define('HUMAN_RANDOM_CHARS', 'bcdfghjklmnpqrstvwxyzBCDFGHJKLMNPQRSTVWXYZaeiouAEIOU');
} }
if (!function_exists('humanFileSize')) { if (!function_exists('humanFileSize')) {
/** /**
* Generate a human readable file size * Generate a human readable file size
* @param $size * @param $size
* @param int $precision * @param int $precision
* @return string * @return string
*/ */
function humanFileSize($size, $precision = 2): string function humanFileSize($size, $precision = 2): string
{ {
for ($i = 0; ($size / 1024) > 0.9; $i++, $size /= 1024) { for ($i = 0; ($size / 1024) > 0.9; $i++, $size /= 1024) {
} }
return round($size, $precision) . ' ' . ['B', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'][$i]; return round($size, $precision).' '.['B', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'][$i];
} }
} }
if (!function_exists('humanRandomString')) { if (!function_exists('humanRandomString')) {
/** /**
* @param int $length * @param int $length
* @return string * @return string
*/ */
function humanRandomString(int $length = 13): string function humanRandomString(int $length = 13): string
{ {
$result = ''; $result = '';
$numberOffset = round($length * 0.2); $numberOffset = round($length * 0.2);
for ($x = 0; $x < $length - $numberOffset; $x++) { for ($x = 0; $x < $length - $numberOffset; $x++) {
$result .= ($x % 2) ? HUMAN_RANDOM_CHARS[rand(42, 51)] : HUMAN_RANDOM_CHARS[rand(0, 41)]; $result .= ($x % 2) ? HUMAN_RANDOM_CHARS[rand(42, 51)] : HUMAN_RANDOM_CHARS[rand(0, 41)];
} }
for ($x = 0; $x < $numberOffset; $x++) { for ($x = 0; $x < $numberOffset; $x++) {
$result .= rand(0, 9); $result .= rand(0, 9);
} }
return $result; return $result;
} }
} }
if (!function_exists('isDisplayableImage')) { if (!function_exists('isDisplayableImage')) {
/** /**
* @param string $mime * @param string $mime
* @return bool * @return bool
*/ */
function isDisplayableImage(string $mime): bool function isDisplayableImage(string $mime): bool
{ {
return in_array($mime, [ return in_array($mime, [
'image/apng', 'image/apng',
'image/bmp', 'image/bmp',
'image/gif', 'image/gif',
'image/x-icon', 'image/x-icon',
'image/jpeg', 'image/jpeg',
'image/png', 'image/png',
'image/svg', 'image/svg',
'image/svg+xml', 'image/svg+xml',
'image/tiff', 'image/tiff',
'image/webp', 'image/webp',
]); ]);
} }
} }
if (!function_exists('stringToBytes')) { if (!function_exists('stringToBytes')) {
/** /**
* @param $str * @param $str
* @return float * @return float
*/ */
function stringToBytes(string $str): float function stringToBytes(string $str): float
{ {
$val = trim($str); $val = trim($str);
if (is_numeric($val)) { if (is_numeric($val)) {
return (float)$val; return (float)$val;
} }
$last = strtolower($val[strlen($val) - 1]); $last = strtolower($val[strlen($val) - 1]);
$val = substr($val, 0, -1); $val = substr($val, 0, -1);
$val = (float)$val; $val = (float)$val;
switch ($last) { switch ($last) {
case 'g': case 'g':
$val *= 1024; $val *= 1024;
case 'm': case 'm':
$val *= 1024; $val *= 1024;
case 'k': case 'k':
$val *= 1024; $val *= 1024;
} }
return $val; return $val;
} }
} }
if (!function_exists('removeDirectory')) { if (!function_exists('removeDirectory')) {
/** /**
* Remove a directory and it's content * Remove a directory and it's content
* @param $path * @param $path
*/ */
function removeDirectory($path) function removeDirectory($path)
{ {
$files = glob($path . '/*'); $files = glob($path.'/*');
foreach ($files as $file) { foreach ($files as $file) {
is_dir($file) ? removeDirectory($file) : unlink($file); is_dir($file) ? removeDirectory($file) : unlink($file);
} }
rmdir($path); rmdir($path);
return; return;
} }
} }
if (!function_exists('cleanDirectory')) { if (!function_exists('cleanDirectory')) {
/** /**
* Removes all directory contents * Removes all directory contents
* @param $path * @param $path
*/ */
function cleanDirectory($path) function cleanDirectory($path)
{ {
$directoryIterator = new RecursiveDirectoryIterator($path, FilesystemIterator::SKIP_DOTS); $directoryIterator = new RecursiveDirectoryIterator($path, FilesystemIterator::SKIP_DOTS);
$iteratorIterator = new RecursiveIteratorIterator($directoryIterator, RecursiveIteratorIterator::CHILD_FIRST); $iteratorIterator = new RecursiveIteratorIterator($directoryIterator, RecursiveIteratorIterator::CHILD_FIRST);
foreach ($iteratorIterator as $file) { foreach ($iteratorIterator as $file) {
if ($file->getFilename() !== '.gitkeep') { if ($file->getFilename() !== '.gitkeep') {
$file->isDir() ? rmdir($file) : unlink($file); $file->isDir() ? rmdir($file) : unlink($file);
} }
} }
} }
} }
if (!function_exists('redirect')) { if (!function_exists('resolve')) {
/** /**
* Set the redirect response * Resolve a service from de DI container
* @param \Slim\Http\Response $response * @param string $service
* @param string $path * @return mixed
* @param array $args */
* @param null $status function resolve(string $service)
* @return \Slim\Http\Response {
*/ global $app;
function redirect(\Slim\Http\Response $response, string $path, $args = [], $status = null) return $app->getContainer()->get($service);
{ }
if (substr($path, 0, 1) === '/' || substr($path, 0, 3) === '../' || substr($path, 0, 2) === './') { }
$url = urlFor($path);
} else {
$url = route($path, $args);
}
return $response->withRedirect($url, $status); if (!function_exists('view')) {
} /**
* Render a view to the response body
* @return \App\Web\View
*/
function view()
{
return resolve('view');
}
}
if (!function_exists('redirect')) {
/**
* Set the redirect response
* @param Response $response
* @param string $url
* @param int $status
* @return Response
*/
function redirect(Response $response, string $url, $status = 302)
{
return $response
->withHeader('Location', $url)
->withStatus($status);
}
} }
if (!function_exists('asset')) { if (!function_exists('asset')) {
/** /**
* Get the asset link with timestamp * Get the asset link with timestamp
* @param string $path * @param string $path
* @return string * @return string
*/ */
function asset(string $path): string function asset(string $path): string
{ {
return urlFor($path, '?' . filemtime(realpath(BASE_DIR . $path))); return urlFor($path, '?'.filemtime(realpath(BASE_DIR.$path)));
} }
} }
if (!function_exists('urlFor')) { if (!function_exists('urlFor')) {
/** /**
* Generate the app url given a path * Generate the app url given a path
* @param string $path * @param string $path
* @param string $append * @param string $append
* @return string * @return string
*/ */
function urlFor(string $path, string $append = ''): string function urlFor(string $path, string $append = ''): string
{ {
global $app; $baseUrl = resolve('config')['base_url'];
$baseUrl = $app->getContainer()->get('settings')['base_url']; return $baseUrl.$path.$append;
return $baseUrl . $path . $append; }
}
} }
if (!function_exists('route')) { if (!function_exists('route')) {
/** /**
* Generate the app url given a path * Generate the app url given a path
* @param string $path * @param string $path
* @param array $args * @param array $args
* @param string $append * @param string $append
* @return string * @return string
*/ */
function route(string $path, array $args = [], string $append = ''): string function route(string $path, array $args = [], string $append = ''): string
{ {
global $app; global $app;
$uri = $app->getContainer()->get('router')->relativePathFor($path, $args); $uri = $app->getRouteCollector()->getRouteParser()->relativeUrlFor($path, $args);
return urlFor($uri, $append); return urlFor($uri, $append);
} }
}
if (!function_exists('param')) {
/**
* Get a parameter from the request
* @param Request $request
* @param string $name
* @param null $default
* @return string
*/
function param(Request $request, string $name, $default = null)
{
if ($request->getMethod() === 'GET') {
$params = $request->getQueryParams();
} else {
$params = $request->getParsedBody();
}
if (isset($params[$name])) {
return $params[$name];
}
return $default;
}
}
if (!function_exists('json')) {
/**
* Return a json response
* @param Response $response
* @param $data
* @param int $status
* @param int $options
* @return Response
*/
function json(Response $response, $data, int $status = 200, $options = 0): Response
{
$response->getBody()->write(json_encode($data, $options));
return $response
->withStatus($status)
->withHeader('Content-Type', 'application/json');
}
} }
if (!function_exists('lang')) { if (!function_exists('lang')) {
/** /**
* @param string $key * @param string $key
* @param array $args * @param array $args
* @return string * @return string
*/ */
function lang(string $key, $args = []): string function lang(string $key, $args = []): string
{ {
global $app; return resolve('lang')->get($key, $args);
return $app->getContainer()->get('lang')->get($key, $args); }
}
} }
if (!function_exists('isBot')) { if (!function_exists('isBot')) {
/** /**
* @param string $userAgent * @param string $userAgent
* @return boolean * @return boolean
*/ */
function isBot(string $userAgent) function isBot(string $userAgent)
{ {
$bots = [ $bots = [
'TelegramBot', 'TelegramBot',
'facebookexternalhit/', 'facebookexternalhit/',
'Discordbot/', 'Discordbot/',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Firefox/38.0', // The discord service bot? 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Firefox/38.0', // The discord service bot?
'Facebot', 'Facebot',
'curl/', 'curl/',
'wget/', 'wget/',
]; ];
foreach ($bots as $bot) { foreach ($bots as $bot) {
if (stripos($userAgent, $bot) !== false) { if (stripos($userAgent, $bot) !== false) {
return true; return true;
} }
} }
return false; return false;
} }
} }
if (!function_exists('mime2font')) { if (!function_exists('mime2font')) {
/** /**
* Convert get the icon from the file mimetype * Convert get the icon from the file mimetype
* @param $mime * @param $mime
* @return mixed|string * @return mixed|string
*/ */
function mime2font($mime) function mime2font($mime)
{ {
$classes = [ $classes = [
'image' => 'fa-file-image', 'image' => 'fa-file-image',
'audio' => 'fa-file-audio', 'audio' => 'fa-file-audio',
'video' => 'fa-file-video', 'video' => 'fa-file-video',
'application/pdf' => 'fa-file-pdf', 'application/pdf' => 'fa-file-pdf',
'application/msword' => 'fa-file-word', 'application/msword' => 'fa-file-word',
'application/vnd.ms-word' => 'fa-file-word', 'application/vnd.ms-word' => 'fa-file-word',
'application/vnd.oasis.opendocument.text' => 'fa-file-word', 'application/vnd.oasis.opendocument.text' => 'fa-file-word',
'application/vnd.openxmlformats-officedocument.wordprocessingml' => 'fa-file-word', 'application/vnd.openxmlformats-officedocument.wordprocessingml' => 'fa-file-word',
'application/vnd.ms-excel' => 'fa-file-excel', 'application/vnd.ms-excel' => 'fa-file-excel',
'application/vnd.openxmlformats-officedocument.spreadsheetml' => 'fa-file-excel', 'application/vnd.openxmlformats-officedocument.spreadsheetml' => 'fa-file-excel',
'application/vnd.oasis.opendocument.spreadsheet' => 'fa-file-excel', 'application/vnd.oasis.opendocument.spreadsheet' => 'fa-file-excel',
'application/vnd.ms-powerpoint' => 'fa-file-powerpoint', 'application/vnd.ms-powerpoint' => 'fa-file-powerpoint',
'application/vnd.openxmlformats-officedocument.presentationml' => 'fa-file-powerpoint', 'application/vnd.openxmlformats-officedocument.presentationml' => 'fa-file-powerpoint',
'application/vnd.oasis.opendocument.presentation' => 'fa-file-powerpoint', 'application/vnd.oasis.opendocument.presentation' => 'fa-file-powerpoint',
'text/plain' => 'fa-file-alt', 'text/plain' => 'fa-file-alt',
'text/html' => 'fa-file-code', 'text/html' => 'fa-file-code',
'text/x-php' => 'fa-file-code', 'text/x-php' => 'fa-file-code',
'application/json' => 'fa-file-code', 'application/json' => 'fa-file-code',
'application/gzip' => 'fa-file-archive', 'application/gzip' => 'fa-file-archive',
'application/zip' => 'fa-file-archive', 'application/zip' => 'fa-file-archive',
'application/octet-stream' => 'fa-file-alt', 'application/octet-stream' => 'fa-file-alt',
]; ];
foreach ($classes as $fullMime => $class) { foreach ($classes as $fullMime => $class) {
if (strpos($mime, $fullMime) === 0) { if (strpos($mime, $fullMime) === 0) {
return $class; return $class;
} }
} }
return 'fa-file'; return 'fa-file';
} }
} }
if (!function_exists('dd')) { if (!function_exists('dd')) {
/** /**
* Dumps all the given vars and halt the execution. * Dumps all the given vars and halt the execution.
*/ */
function dd() function dd()
{ {
array_map(function ($x) { array_map(function ($x) {
echo '<pre>'; echo '<pre>';
print_r($x); print_r($x);
echo '</pre>'; echo '</pre>';
}, func_get_args()); }, func_get_args());
die(); die();
} }
} }
if (!function_exists('queryParams')) { if (!function_exists('queryParams')) {
/** /**
* Get the query parameters of the current request. * Get the query parameters of the current request.
* @param array $replace * @param array $replace
* @return string * @return string
* @throws \Interop\Container\Exception\ContainerException */
*/ function queryParams(array $replace = [])
function queryParams(array $replace = []) {
{ $serverRequestCreator = ServerRequestCreatorFactory::create();
global $container; $request = $serverRequestCreator->createServerRequestFromGlobals();
/** @var \Slim\Http\Request $request */
$request = $container->get('request');
$params = array_replace_recursive($request->getQueryParams(), $replace); $params = array_replace_recursive($request->getQueryParams(), $replace);
return !empty($params) ? '?' . http_build_query($params) : ''; return !empty($params) ? '?'.http_build_query($params) : '';
} }
} }
if (!function_exists('glob_recursive')) { if (!function_exists('glob_recursive')) {
/** /**
* Does not support flag GLOB_BRACE * Does not support flag GLOB_BRACE
* @param $pattern * @param $pattern
* @param int $flags * @param int $flags
* @return array|false * @return array|false
*/ */
function glob_recursive($pattern, $flags = 0) function glob_recursive($pattern, $flags = 0)
{ {
$files = glob($pattern, $flags); $files = glob($pattern, $flags);
foreach (glob(dirname($pattern) . '/*', GLOB_ONLYDIR | GLOB_NOSORT) as $dir) { foreach (glob(dirname($pattern).'/*', GLOB_ONLYDIR | GLOB_NOSORT) as $dir) {
$files = array_merge($files, glob_recursive($dir . '/' . basename($pattern), $flags)); $files = array_merge($files, glob_recursive($dir.'/'.basename($pattern), $flags));
} }
return $files; return $files;
} }
} }

80
app/routes.php
View file

@ -10,59 +10,61 @@ use App\Controllers\UserController;
use App\Middleware\AdminMiddleware; use App\Middleware\AdminMiddleware;
use App\Middleware\AuthMiddleware; use App\Middleware\AuthMiddleware;
use App\Middleware\CheckForMaintenanceMiddleware; use App\Middleware\CheckForMaintenanceMiddleware;
use Slim\Routing\RouteCollectorProxy;
$app->group('', function () { global $app;
$this->get('/home[/page/{page}]', DashboardController::class . ':home')->setName('home'); $app->group('', function (RouteCollectorProxy $group) {
$group->get('/home[/page/{page}]', [DashboardController::class, 'home'])->setName('home');
$this->group('', function () { $group->group('', function (RouteCollectorProxy $group) {
$this->get('/home/switchView', DashboardController::class . ':switchView')->setName('switchView'); $group->get('/home/switchView', [DashboardController::class, 'switchView'])->setName('switchView');
$this->get('/system/deleteOrphanFiles', AdminController::class . ':deleteOrphanFiles')->setName('system.deleteOrphanFiles'); $group->get('/system/deleteOrphanFiles', [AdminController::class, 'deleteOrphanFiles'])->setName('system.deleteOrphanFiles');
$this->get('/system/themes', ThemeController::class . ':getThemes')->setName('theme'); $group->get('/system/themes', [ThemeController::class, 'getThemes'])->setName('theme');
$this->post('/system/theme/apply', ThemeController::class . ':applyTheme')->setName('theme.apply'); $group->post('/system/theme/apply', [ThemeController::class, 'applyTheme'])->setName('theme.apply');
$this->post('/system/lang/apply', AdminController::class . ':applyLang')->setName('lang.apply'); $group->post('/system/lang/apply', [AdminController::class, 'applyLang'])->setName('lang.apply');
$this->post('/system/upgrade', UpgradeController::class . ':upgrade')->setName('system.upgrade'); $group->post('/system/upgrade', [UpgradeController::class, 'upgrade'])->setName('system.upgrade');
$this->get('/system/checkForUpdates', UpgradeController::class . ':checkForUpdates')->setName('system.checkForUpdates'); $group->get('/system/checkForUpdates', [UpgradeController::class, 'checkForUpdates'])->setName('system.checkForUpdates');
$this->get('/system', AdminController::class . ':system')->setName('system'); $group->get('/system', [AdminController::class, 'system'])->setName('system');
$this->get('/users[/page/{page}]', UserController::class . ':index')->setName('user.index'); $group->get('/users[/page/{page}]', [UserController::class, 'index'])->setName('user.index');
})->add(AdminMiddleware::class); })->add(AdminMiddleware::class);
$this->group('/user', function () { $group->group('/user', function (RouteCollectorProxy $group) {
$this->get('/create', UserController::class . ':create')->setName('user.create'); $group->get('/create', [UserController::class, 'create'])->setName('user.create');
$this->post('/create', UserController::class . ':store')->setName('user.store'); $group->post('/create', [UserController::class, 'store'])->setName('user.store');
$this->get('/{id}/edit', UserController::class . ':edit')->setName('user.edit'); $group->get('/{id}/edit', [UserController::class, 'edit'])->setName('user.edit');
$this->post('/{id}', UserController::class . ':update')->setName('user.update'); $group->post('/{id}', [UserController::class, 'update'])->setName('user.update');
$this->get('/{id}/delete', UserController::class . ':delete')->setName('user.delete'); $group->get('/{id}/delete', [UserController::class, 'delete'])->setName('user.delete');
})->add(AdminMiddleware::class); })->add(AdminMiddleware::class);
$this->get('/profile', UserController::class . ':profile')->setName('profile'); $group->get('/profile', [UserController::class, 'profile'])->setName('profile');
$this->post('/profile/{id}', UserController::class . ':profileEdit')->setName('profile.update'); $group->post('/profile/{id}', [UserController::class, 'profileEdit'])->setName('profile.update');
$this->post('/user/{id}/refreshToken', UserController::class . ':refreshToken')->setName('refreshToken'); $group->post('/user/{id}/refreshToken', [UserController::class, 'refreshToken'])->setName('refreshToken');
$this->get('/user/{id}/config/sharex', UserController::class . ':getShareXconfigFile')->setName('config.sharex'); $group->get('/user/{id}/config/sharex', [UserController::class, 'getShareXconfigFile'])->setName('config.sharex');
$this->get('/user/{id}/config/script', UserController::class . ':getUploaderScriptFile')->setName('config.script'); $group->get('/user/{id}/config/script', [UserController::class, 'getUploaderScriptFile'])->setName('config.script');
$this->post('/upload/{id}/publish', UploadController::class . ':togglePublish')->setName('upload.publish'); $group->post('/upload/{id}/publish', [UploadController::class, 'togglePublish'])->setName('upload.publish');
$this->post('/upload/{id}/unpublish', UploadController::class . ':togglePublish')->setName('upload.unpublish'); $group->post('/upload/{id}/unpublish', [UploadController::class, 'togglePublish'])->setName('upload.unpublish');
$this->get('/upload/{id}/raw', UploadController::class . ':getRawById')->add(AdminMiddleware::class)->setName('upload.raw'); $group->get('/upload/{id}/raw', [UploadController::class, 'getRawById'])->add(AdminMiddleware::class)->setName('upload.raw');
$this->post('/upload/{id}/delete', UploadController::class . ':delete')->setName('upload.delete'); $group->post('/upload/{id}/delete', [UploadController::class, 'delete'])->setName('upload.delete');
})->add(App\Middleware\CheckForMaintenanceMiddleware::class)->add(AuthMiddleware::class); })->add(App\Middleware\CheckForMaintenanceMiddleware::class)->add(AuthMiddleware::class);
$app->get('/', DashboardController::class . ':redirects')->setName('root'); $app->get('/', [DashboardController::class, 'redirects'])->setName('root');
$app->get('/login', LoginController::class . ':show')->setName('login.show'); $app->get('/login', [LoginController::class, 'show'])->setName('login.show');
$app->post('/login', LoginController::class . ':login')->setName('login'); $app->post('/login', [LoginController::class, 'login'])->setName('login');
$app->map(['GET', 'POST'], '/logout', LoginController::class . ':logout')->setName('logout'); $app->map(['GET', 'POST'], '/logout', [LoginController::class, 'logout'])->setName('logout');
$app->post('/upload', UploadController::class . ':upload')->setName('upload'); $app->post('/upload', [UploadController::class, 'upload'])->setName('upload');
$app->get('/{userCode}/{mediaCode}', UploadController::class . ':show')->setName('public'); $app->get('/{userCode}/{mediaCode}', [UploadController::class, 'show'])->setName('public');
$app->get('/{userCode}/{mediaCode}/delete/{token}', UploadController::class . ':show')->setName('public.delete.show')->add(CheckForMaintenanceMiddleware::class); $app->get('/{userCode}/{mediaCode}/delete/{token}', [UploadController::class, 'show'])->setName('public.delete.show')->add(CheckForMaintenanceMiddleware::class);
$app->post('/{userCode}/{mediaCode}/delete/{token}', UploadController::class . ':deleteByToken')->setName('public.delete')->add(CheckForMaintenanceMiddleware::class); $app->post('/{userCode}/{mediaCode}/delete/{token}', [UploadController::class, 'deleteByToken'])->setName('public.delete')->add(CheckForMaintenanceMiddleware::class);
$app->get('/{userCode}/{mediaCode}/raw', UploadController::class . ':showRaw')->setName('public.raw')->setOutputBuffering(false); $app->get('/{userCode}/{mediaCode}/raw', [UploadController::class, 'showRaw'])->setName('public.raw');
$app->get('/{userCode}/{mediaCode}/download', UploadController::class . ':download')->setName('public.download')->setOutputBuffering(false); $app->get('/{userCode}/{mediaCode}/download', [UploadController::class, 'download'])->setName('public.download');

339
bootstrap/app.php
View file

@ -1,12 +1,18 @@
<?php <?php
use App\Database\DB; use App\Database\DB;
use App\Exceptions\MaintenanceException; use App\Exception\Handlers\AppErrorHandler;
use App\Exceptions\UnauthorizedException; use App\Exception\Handlers\Renderers\HtmlErrorRenderer;
use App\Web\Lang; use App\Web\Lang;
use App\Web\Session; use App\Web\Session;
use App\Web\View;
use Aws\S3\S3Client; use Aws\S3\S3Client;
use DI\Bridge\Slim\Bridge;
use DI\ContainerBuilder;
use Google\Cloud\Storage\StorageClient; use Google\Cloud\Storage\StorageClient;
use GuzzleHttp\Psr7\Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
use League\Flysystem\Adapter\Ftp as FtpAdapter; use League\Flysystem\Adapter\Ftp as FtpAdapter;
use League\Flysystem\Adapter\Local; use League\Flysystem\Adapter\Local;
use League\Flysystem\AwsS3v3\AwsS3Adapter; use League\Flysystem\AwsS3v3\AwsS3Adapter;
@ -14,212 +20,167 @@ use League\Flysystem\Filesystem;
use Monolog\Formatter\LineFormatter; use Monolog\Formatter\LineFormatter;
use Monolog\Handler\RotatingFileHandler; use Monolog\Handler\RotatingFileHandler;
use Monolog\Logger; use Monolog\Logger;
use Slim\App; use Psr\Container\ContainerInterface as Container;
use Slim\Container;
use Slim\Http\Environment;
use Slim\Http\Request;
use Slim\Http\Response;
use Slim\Http\Uri;
use Slim\Views\Twig;
use Spatie\Dropbox\Client as DropboxClient; use Spatie\Dropbox\Client as DropboxClient;
use Spatie\FlysystemDropbox\DropboxAdapter; use Spatie\FlysystemDropbox\DropboxAdapter;
use Superbalist\Flysystem\GoogleStorage\GoogleStorageAdapter; use Superbalist\Flysystem\GoogleStorage\GoogleStorageAdapter;
use Twig\TwigFunction; use function DI\factory;
use function DI\value;
if (!file_exists('config.php') && is_dir('install/')) { if (!file_exists('config.php') && is_dir('install/')) {
header('Location: ./install/'); header('Location: ./install/');
exit(); exit();
} else if (!file_exists('config.php') && !is_dir('install/')) { } else {
exit('Cannot find the config file.'); if (!file_exists('config.php') && !is_dir('install/')) {
exit('Cannot find the config file.');
}
} }
// Load the config // Load the config
$config = array_replace_recursive([ $config = array_replace_recursive([
'app_name' => 'XBackBone', 'app_name' => 'XBackBone',
'base_url' => isset($_SERVER['HTTPS']) ? 'https://' . $_SERVER['HTTP_HOST'] : 'http://' . $_SERVER['HTTP_HOST'], 'base_url' => isset($_SERVER['HTTPS']) ? 'https://'.$_SERVER['HTTP_HOST'] : 'http://'.$_SERVER['HTTP_HOST'],
'displayErrorDetails' => false, 'debug' => false,
'maintenance' => false, 'maintenance' => false,
'db' => [ 'db' => [
'connection' => 'sqlite', 'connection' => 'sqlite',
'dsn' => BASE_DIR . 'resources/database/xbackbone.db', 'dsn' => BASE_DIR.'resources/database/xbackbone.db',
'username' => null, 'username' => null,
'password' => null, 'password' => null,
], ],
'storage' => [ 'storage' => [
'driver' => 'local', 'driver' => 'local',
'path' => realpath(__DIR__ . '/') . DIRECTORY_SEPARATOR . 'storage', 'path' => realpath(__DIR__.'/').DIRECTORY_SEPARATOR.'storage',
], ],
], require BASE_DIR . 'config.php'); ], require BASE_DIR.'config.php');
if (!$config['displayErrorDetails']) { $builder = new ContainerBuilder();
$config['routerCacheFile'] = BASE_DIR . 'resources/cache/routes.cache.php';
if (!$config['debug']) {
$builder->enableCompilation(BASE_DIR.'/resources/cache/di/');
$builder->writeProxiesToFile(true, BASE_DIR.'/resources/cache/proxies');
}
$builder->addDefinitions([
'config' => value($config),
'logger' => factory(function (Container $container) {
$logger = new Logger('app');
$streamHandler = new RotatingFileHandler(BASE_DIR.'logs/log.txt', 10, Logger::DEBUG);
$lineFormatter = new LineFormatter("[%datetime%] %channel%.%level_name%: %message% %context% %extra%\n", "Y-m-d H:i:s");
$lineFormatter->includeStacktraces(true);
$streamHandler->setFormatter($lineFormatter);
$logger->pushHandler($streamHandler);
return $logger;
}),
'session' => factory(function (Container $container) {
return new Session('xbackbone_session', BASE_DIR.'resources/sessions');
}),
'database' => factory(function (Container $container) {
$config = $container->get('config');
$dsn = $config['db']['connection'] === 'sqlite' ? BASE_DIR.$config['db']['dsn'] : $config['db']['dsn'];
return new DB($config['db']['connection'].':'.$dsn, $config['db']['username'], $config['db']['password']);
}),
'storage' => factory(function (Container $container) {
$config = $container->get('config');
switch ($config['storage']['driver']) {
case 'local':
return new Filesystem(new Local($config['storage']['path']));
case 's3':
$client = new S3Client([
'credentials' => [
'key' => $config['storage']['key'],
'secret' => $config['storage']['secret'],
],
'region' => $config['storage']['region'],
'version' => 'latest',
]);
return new Filesystem(new AwsS3Adapter($client, $config['storage']['bucket'], $config['storage']['path']));
case 'dropbox':
$client = new DropboxClient($config['storage']['token']);
return new Filesystem(new DropboxAdapter($client), ['case_sensitive' => false]);
case 'ftp':
return new Filesystem(new FtpAdapter([
'host' => $config['storage']['host'],
'username' => $config['storage']['username'],
'password' => $config['storage']['password'],
'port' => $config['storage']['port'],
'root' => $config['storage']['path'],
'passive' => $config['storage']['passive'],
'ssl' => $config['storage']['ssl'],
'timeout' => 30,
]));
case 'google-cloud':
$client = new StorageClient([
'projectId' => $config['storage']['project_id'],
'keyFilePath' => $config['storage']['key_path'],
]);
return new Filesystem(new GoogleStorageAdapter($client, $client->bucket($config['storage']['bucket'])));
default:
throw new InvalidArgumentException('The driver specified is not supported.');
}
}),
'lang' => factory(function (Container $container) {
$config = $container->get('config');
if (isset($config['lang'])) {
return Lang::build($config['lang'], BASE_DIR.'resources/lang/');
}
return Lang::build(Lang::recognize(), BASE_DIR.'resources/lang/');
}),
'view' => factory(function ($container) {
return new View($container);
}),
]);
$app = Bridge::create($builder->build());
if (!$config['debug']) {
$app->getRouteCollector()->setCacheFile(BASE_DIR.'resources/cache/routes.cache.php');
} }
$container = new Container(['settings' => $config]); $app->addRoutingMiddleware();
$container['config'] = function ($container) use ($config) {
return $config;
};
$container['logger'] = function ($container) {
$logger = new Logger('app');
$streamHandler = new RotatingFileHandler(BASE_DIR . 'logs/log.txt', 10, Logger::DEBUG);
$lineFormatter = new LineFormatter("[%datetime%] %channel%.%level_name%: %message% %context% %extra%\n", "Y-m-d H:i:s");
$lineFormatter->includeStacktraces(true);
$streamHandler->setFormatter($lineFormatter);
$logger->pushHandler($streamHandler);
return $logger;
};
$container['session'] = function ($container) {
return new Session('xbackbone_session', BASE_DIR . 'resources/sessions');
};
$container['database'] = function ($container) use (&$config) {
$dsn = $config['db']['connection'] === 'sqlite' ? BASE_DIR . $config['db']['dsn'] : $config['db']['dsn'];
return new DB($config['db']['connection'] . ':' . $dsn, $config['db']['username'], $config['db']['password']);
};
$container['storage'] = function ($container) use (&$config) {
switch ($config['storage']['driver']) {
case 'local':
return new Filesystem(new Local($config['storage']['path']));
case 's3':
$client = new S3Client([
'credentials' => [
'key' => $config['storage']['key'],
'secret' => $config['storage']['secret'],
],
'region' => $config['storage']['region'],
'version' => 'latest',
]);
return new Filesystem(new AwsS3Adapter($client, $config['storage']['bucket'], $config['storage']['path']));
case 'dropbox':
$client = new DropboxClient($config['storage']['token']);
return new Filesystem(new DropboxAdapter($client), ['case_sensitive' => false]);
case 'ftp':
return new Filesystem(new FtpAdapter([
'host' => $config['storage']['host'],
'username' => $config['storage']['username'],
'password' => $config['storage']['password'],
'port' => $config['storage']['port'],
'root' => $config['storage']['path'],
'passive' => $config['storage']['passive'],
'ssl' => $config['storage']['ssl'],
'timeout' => 30,
]));
case 'google-cloud':
$client = new StorageClient([
'projectId' => $config['storage']['project_id'],
'keyFilePath' => $config['storage']['key_path'],
]);
return new Filesystem(new GoogleStorageAdapter($client, $client->bucket($config['storage']['bucket'])));
default:
throw new InvalidArgumentException('The driver specified is not supported.');
}
};
$container['lang'] = function ($container) use (&$config) {
if (isset($config['lang'])) {
return Lang::build($config['lang'], BASE_DIR . 'resources/lang/');
}
return Lang::build(Lang::recognize(), BASE_DIR . 'resources/lang/');
};
$container['view'] = function ($container) use (&$config) {
$view = new Twig(BASE_DIR . 'resources/templates', [
'cache' => BASE_DIR . 'resources/cache',
'autoescape' => 'html',
'debug' => $config['displayErrorDetails'],
'auto_reload' => $config['displayErrorDetails'],
]);
// Instantiate and add Slim specific extension
$router = $container->get('router');
$uri = Uri::createFromEnvironment(new Environment($_SERVER));
$view->addExtension(new Slim\Views\TwigExtension($router, $uri));
$view->getEnvironment()->addGlobal('config', $config);
$view->getEnvironment()->addGlobal('request', $container->get('request'));
$view->getEnvironment()->addGlobal('alerts', $container->get('session')->getAlert());
$view->getEnvironment()->addGlobal('session', $container->get('session')->all());
$view->getEnvironment()->addGlobal('current_lang', $container->get('lang')->getLang());
$view->getEnvironment()->addGlobal('PLATFORM_VERSION', PLATFORM_VERSION);
$view->getEnvironment()->addFunction(new TwigFunction('route', 'route'));
$view->getEnvironment()->addFunction(new TwigFunction('lang', 'lang'));
$view->getEnvironment()->addFunction(new TwigFunction('urlFor', 'urlFor'));
$view->getEnvironment()->addFunction(new TwigFunction('asset', 'asset'));
$view->getEnvironment()->addFunction(new TwigFunction('mime2font', 'mime2font'));
$view->getEnvironment()->addFunction(new TwigFunction('queryParams', 'queryParams'));
$view->getEnvironment()->addFunction(new TwigFunction('isDisplayableImage', 'isDisplayableImage'));
return $view;
};
$container['phpErrorHandler'] = function ($container) {
return function (Request $request, Response $response, Throwable $error) use (&$container) {
$container->logger->critical('Fatal runtime error during app execution', ['exception' => $error]);
return $container->view->render($response->withStatus(500), 'errors/500.twig', ['exception' => $error]);
};
};
$container['errorHandler'] = function ($container) {
return function (Request $request, Response $response, Exception $exception) use (&$container) {
if ($exception instanceof MaintenanceException) {
return $container->view->render($response->withStatus(503), 'errors/maintenance.twig');
}
if ($exception instanceof UnauthorizedException) {
return $container->view->render($response->withStatus(403), 'errors/403.twig');
}
$container->logger->critical('Fatal exception during app execution', ['exception' => $exception]);
return $container->view->render($response->withStatus(500), 'errors/500.twig', ['exception' => $exception]);
};
};
$container['notAllowedHandler'] = function ($container) {
return function (Request $request, Response $response, $methods) use (&$container) {
return $container->view->render($response->withStatus(405)->withHeader('Allow', implode(', ', $methods)), 'errors/405.twig');
};
};
$container['notFoundHandler'] = function ($container) {
return function (Request $request, Response $response) use (&$container) {
$response->withStatus(404)->withHeader('Content-Type', 'text/html');
return $container->view->render($response, 'errors/404.twig');
};
};
$app = new App($container);
// Permanently redirect paths with a trailing slash to their non-trailing counterpart // Permanently redirect paths with a trailing slash to their non-trailing counterpart
$app->add(function (Request $request, Response $response, callable $next) { $app->add(function (Request $request, RequestHandler $handler) {
$uri = $request->getUri(); $uri = $request->getUri();
$path = $uri->getPath(); $path = $uri->getPath();
if ($path !== '/' && substr($path, -1) === '/') { if ($path !== '/' && substr($path, -1) === '/') {
$uri = $uri->withPath(substr($path, 0, -1)); // permanently redirect paths with a trailing slash
// to their non-trailing counterpart
$uri = $uri->withPath(substr($path, 0, -1));
if ($request->getMethod() === 'GET') { if ($request->getMethod() == 'GET') {
return $response->withRedirect((string)$uri, 301); $response = new Response();
} else { return $response->withStatus(301)
return $next($request->withUri($uri), $response); ->withHeader('Location', (string)$uri);
} } else {
} $request = $request->withUri($uri);
}
}
return $next($request, $response); return $handler->handle($request);
}); });
// Load the application routes // Load the application routes
require BASE_DIR . 'app/routes.php'; require BASE_DIR.'app/routes.php';
// Configure the error handler
$errorHandler = new AppErrorHandler($app->getCallableResolver(), $app->getResponseFactory());
$errorHandler->registerErrorRenderer('text/html', HtmlErrorRenderer::class);
// Add Error Middleware
$errorMiddleware = $app->addErrorMiddleware($config['debug'], true, true);
$errorMiddleware->setDefaultErrorHandler($errorHandler);
return $app; return $app;

27
composer.json
View file

@ -1,26 +1,33 @@
{ {
"name": "sergix44/xbackbone", "name": "sergix44/xbackbone",
"version": "2.6.6", "version": "3.0",
"description": "A lightweight ShareX PHP backend", "description": "A lightweight ShareX PHP backend",
"type": "project", "type": "project",
"require": { "require": {
"php": ">=7.1", "php": ">=7.1",
"slim/slim": "^3.0", "ext-intl": "*",
"slim/twig-view": "^2.4", "ext-json": "*",
"ext-gd": "*",
"ext-pdo": "*",
"ext-zip": "*",
"slim/slim": "^4.0",
"php-di/slim-bridge": "^3.0",
"twig/twig": "^2.12",
"guzzlehttp/psr7": "^1.6",
"league/flysystem": "^1.0.45", "league/flysystem": "^1.0.45",
"monolog/monolog": "^1.23", "monolog/monolog": "^1.23",
"intervention/image": "^2.4", "intervention/image": "^2.4",
"league/flysystem-aws-s3-v3": "^1.0", "league/flysystem-aws-s3-v3": "^1.0",
"spatie/flysystem-dropbox": "^1.0", "spatie/flysystem-dropbox": "^1.0",
"superbalist/flysystem-google-storage": "^7.2", "superbalist/flysystem-google-storage": "^7.2",
"ext-intl": "*", "http-interop/http-factory-guzzle": "^1.0"
"ext-json": "*",
"ext-gd": "*", },
"ext-pdo": "*", "config": {
"ext-zip": "*" "optimize-autoloader": true,
"preferred-install": "dist",
"sort-packages": true
}, },
"prefer-stable": true,
"minimum-stability": "dev",
"autoload": { "autoload": {
"files": [ "files": [
"app/helpers.php" "app/helpers.php"

963
composer.lock generated
View file

File diff suppressed because it is too large Load diff

6
resources/templates/comp/navbar.twig
View file

@ -7,18 +7,18 @@
<div class="collapse navbar-collapse" id="navbarCollapse"> <div class="collapse navbar-collapse" id="navbarCollapse">
<ul class="navbar-nav mr-auto"> <ul class="navbar-nav mr-auto">
<li class="nav-item"> <li class="nav-item">
<a href="{{ route('home') }}" class="nav-link {{ is_current_path('home') ? 'active' }}"><i class="fas fa-fw fa-home"></i> <a href="{{ route('home') }}" class="nav-link {{ request.uri.path starts with '/home' ? 'active' }}"><i class="fas fa-fw fa-home"></i>
{{ lang('home') }} {{ lang('home') }}
</a> </a>
</li> </li>
{% if session.admin %} {% if session.admin %}
<li class="nav-item"> <li class="nav-item">
<a href="{{ route('user.index') }}" class="nav-link {{ is_current_path('user.index') ? 'active' }}"><i class="fas fa-fw fa-users"></i> <a href="{{ route('user.index') }}" class="nav-link {{ request.uri.path starts with '/user' ? 'active' }}"><i class="fas fa-fw fa-users"></i>
{{ lang('users') }} {{ lang('users') }}
</a> </a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a href="{{ route('system') }}" class="nav-link {{ is_current_path('system') ? 'active' }}"><i class="fas fa-fw fa-cog"></i> <a href="{{ route('system') }}" class="nav-link {{ request.uri.path starts with '/system' ? 'active' }}"><i class="fas fa-fw fa-cog"></i>
{{ lang('system') }} {{ lang('system') }}
</a> </a>
</li> </li>

2
resources/templates/errors/500.twig
View file

@ -12,7 +12,7 @@
</div> </div>
</div> </div>
</div> </div>
{% if config.displayErrorDetails %} {% if exception is not null %}
<div class="row"> <div class="row">
<div class="col-md-12"> <div class="col-md-12">
<div class="card"> <div class="card">

4
src/js/app.js
View file

@ -83,9 +83,9 @@ var app = {
var $themes = $('#themes'); var $themes = $('#themes');
$.get(window.AppConfig.base_url + '/system/themes', function (data) { $.get(window.AppConfig.base_url + '/system/themes', function (data) {
$themes.empty(); $themes.empty();
Object.keys(data).forEach(function (key) { $.each(data, function (key, value) {
var opt = document.createElement('option'); var opt = document.createElement('option');
opt.value = data[key]; opt.value = value;
opt.innerHTML = key; opt.innerHTML = key;
$themes.append(opt); $themes.append(opt);
}); });