CoreLibs/development
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update Core Login/Backend for correnct db class reference

Browse Source 
ACL\Login and Admin\Backend do not extend DB\IO anymore which was a hold
over from old extend Class\Basic usage.
The old DB_CONFIG parameter has been replaced with DB\IO Object.
Also Admin\Backend has a language class overide loder like ACL\Login
This commit is contained in:
Clemens Schwaighofer
2022-03-16 10:27:55 +09:00
parent 7d1d795b29
commit b13f84b7ed
7 changed files with 196 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
www/configs/config.php
View File

@@ -52,8 +52,8 @@ if (!defined('DS')) {
} }
// find trigger name "admin/" or "frontend/" in the getcwd() folder // find trigger name "admin/" or "frontend/" in the getcwd() folder
foreach (['admin', 'frontend'] as $folder) { foreach (['admin', 'frontend'] as $folder) {
if (strstr(getcwd() ?: '', DS . $folder)) { if (strstr(getcwd() ?: '', DIRECTORY_SEPARATOR . $folder)) {
define('CONTENT_PATH', $folder . DS); define('CONTENT_PATH', $folder . DIRECTORY_SEPARATOR);
break; break;
} }
} }

13
www/includes/Date.Vars.php
View File

@@ -10,6 +10,19 @@
declare(strict_types=1); declare(strict_types=1);
/******
All moved to CoreLibs\Combined\DateTime
DAY_SHORT
DAY_LONG
MONTH_LONG
MONTH_SHORT
*******/
trigger_error(
'Date.VArs.php is deprecated. '
. 'Use CoreLibs\Combined\DateTime:: with upper case old variable name',
E_USER_DEPRECATED
);
$day_short = [ $day_short = [
1 => 'Mon', 1 => 'Mon',
2 => 'Tue', 2 => 'Tue',

20
www/includes/admin_header.php
View File

@@ -43,6 +43,8 @@ if (isset($_POST['action']) && $_POST['action'] != 'download_csv' && !$AJAX_PAGE
if ($AJAX_PAGE && !$ZIP_STREAM) { if ($AJAX_PAGE && !$ZIP_STREAM) {
header("Content-Type: application/json; charset=UTF-8"); header("Content-Type: application/json; charset=UTF-8");
} }
// start session
CoreLibs\Create\Session::startSession();
//------------------------------ basic variable settings start //------------------------------ basic variable settings start
//------------------------------ class init start //------------------------------ class init start
@@ -51,7 +53,6 @@ $log = new CoreLibs\Debug\Logging([
'log_folder' => BASE . LOG, 'log_folder' => BASE . LOG,
'file_id' => LOG_FILE_ID, 'file_id' => LOG_FILE_ID,
'print_file_date' => true, 'print_file_date' => true,
'per_class' => true,
'debug_all' => $DEBUG_ALL ?? false, 'debug_all' => $DEBUG_ALL ?? false,
'echo_all' => $ECHO_ALL ?? false, 'echo_all' => $ECHO_ALL ?? false,
'print_all' => $PRINT_ALL ?? false, 'print_all' => $PRINT_ALL ?? false,
@@ -68,22 +69,21 @@ if (
$log->setLogLevelAll($target, false); $log->setLogLevelAll($target, false);
} }
} }
// start session // db config with logger
CoreLibs\Create\Session::startSession(); $db = new CoreLibs\DB\IO(DB_CONFIG, $log);
// login & page access check // login & page access check
$login = new CoreLibs\ACL\Login(DB_CONFIG, $log); $login = new CoreLibs\ACL\Login($db, $log);
// create smarty object // create smarty object
$smarty = new CoreLibs\Template\SmartyExtend(); $smarty = new CoreLibs\Template\SmartyExtend();
// create new DB class // create new Backend class with db and loger attached
$log->setLogPer('class', false); $cms = new CoreLibs\Admin\Backend($db, $log);
$cms = new CoreLibs\Admin\Backend(DB_CONFIG, $log);
// the menu show flag (what menu to show) // the menu show flag (what menu to show)
$cms->menu_show_flag = 'main'; $cms->menu_show_flag = 'main';
// db nfo // db info
$cms->dbInfo(); $cms->db->dbInfo();
// set acl // set acl
$cms->setACL($login->acl); $cms->setACL($login->acl);
// flush // flush (can we move that to header block above)
ob_end_flush(); ob_end_flush();
//------------------------------ class init end //------------------------------ class init end

4
www/includes/edit_base.php
View File

@@ -57,8 +57,10 @@ $log = new CoreLibs\Debug\Logging([
'echo_all' => $ECHO_ALL, 'echo_all' => $ECHO_ALL,
'print_all' => $PRINT_ALL, 'print_all' => $PRINT_ALL,
]); ]);
// db connection
$db = new CoreLibs\DB\IO(DB_CONFIG, $log);
// login page // login page
$login = new CoreLibs\ACL\Login(DB_CONFIG, $log); $login = new CoreLibs\ACL\Login($db, $log);
// flush and start // flush and start
ob_end_flush(); ob_end_flush();
// turn off set log per class // turn off set log per class

110
www/lib/CoreLibs/ACL/Login.php
View File

@@ -71,7 +71,7 @@ namespace CoreLibs\ACL;
use CoreLibs\Check\Password; use CoreLibs\Check\Password;
use CoreLibs\Create\Session; use CoreLibs\Create\Session;
class Login extends \CoreLibs\DB\IO class Login
{ {
/** @var string */ /** @var string */
private $euid; // the user id var private $euid; // the user id var
@@ -156,29 +156,35 @@ class Login extends \CoreLibs\DB\IO
/** @var bool */ /** @var bool */
private $login_is_ajax_page = false; private $login_is_ajax_page = false;
// language /** @var \CoreLibs\Debug\Logging logger */
/** @var \CoreLibs\Language\L10n */ public $log;
/** @var \CoreLibs\DB\IO database */
public $db;
/** @var \CoreLibs\Language\L10n language */
public $l; public $l;
/** /**
* constructor, does ALL, opens db, works through connection checks, closes itself * constructor, does ALL, opens db, works through connection checks, closes itself
* @param array<mixed> $db_config db config array * @param \CoreLibs\DB\IO $db Database connection class
* @param \CoreLibs\Debug\Logging|null $log Logging class, if null, auto set * @param \CoreLibs\Debug\Logging $log Logging class
* @param \CoreLibs\Language\L10n|null $l10n l10n language class, if null, auto set * @param \CoreLibs\Language\L10n|null $l10n l10n language class
* if null, auto set
*/ */
public function __construct( public function __construct(
array $db_config, \CoreLibs\DB\IO $db,
?\CoreLibs\Debug\Logging $log = null, \CoreLibs\Debug\Logging $log,
?\CoreLibs\Language\L10n $l10n = null ?\CoreLibs\Language\L10n $l10n = null
) { ) {
// create db connection and init base class
parent::__construct($db_config, $log ?? new \CoreLibs\Debug\Logging());
// log login data for this class only // log login data for this class only
$this->log->setLogPer('class', true); $log->setLogPer('class', true);
// attach logger
$this->log = $log;
// attach db class
$this->db = $db;
// set internal page name // set internal page name
$this->page_name = \CoreLibs\Get\System::getPageName(); $this->page_name = \CoreLibs\Get\System::getPageName();
// set db special errors // set db special errors
if (!$this->dbGetConnectionStatus()) { if (!$this->db->dbGetConnectionStatus()) {
echo 'Could not connect to DB<br>'; echo 'Could not connect to DB<br>';
// if I can't connect to the DB to auth exit hard. No access allowed // if I can't connect to the DB to auth exit hard. No access allowed
exit; exit;
@@ -225,8 +231,8 @@ class Login extends \CoreLibs\DB\IO
/** @phpstan-ignore-next-line */ /** @phpstan-ignore-next-line */
if (defined('LOGIN_DB_SCHEMA') && !empty(LOGIN_DB_SCHEMA)) { if (defined('LOGIN_DB_SCHEMA') && !empty(LOGIN_DB_SCHEMA)) {
$SCHEMA = LOGIN_DB_SCHEMA; $SCHEMA = LOGIN_DB_SCHEMA;
} elseif (isset($db_config['db_schema']) && $db_config['db_schema']) { } elseif (!empty($this->db->dbGetSchema(true))) {
$SCHEMA = $db_config['db_schema']; $SCHEMA = $this->db->dbGetSchema(true);
} elseif (defined('PUBLIC_SCHEMA')) { } elseif (defined('PUBLIC_SCHEMA')) {
$SCHEMA = PUBLIC_SCHEMA; $SCHEMA = PUBLIC_SCHEMA;
} else { } else {
@@ -234,8 +240,8 @@ class Login extends \CoreLibs\DB\IO
} }
// echo "<h1>*****SCHEMA******</h1>: $SCHEMA<br>"; // echo "<h1>*****SCHEMA******</h1>: $SCHEMA<br>";
// set schema if schema differs to schema set in db conneciton // set schema if schema differs to schema set in db conneciton
if ($this->dbGetSchema() && $this->dbGetSchema() != $SCHEMA) { if ($this->db->dbGetSchema() != $SCHEMA) {
$this->dbExec("SET search_path TO " . $SCHEMA); $this->db->dbExec("SET search_path TO " . $SCHEMA);
} }
// if there is none, there is none, saves me POST/GET check // if there is none, there is none, saves me POST/GET check
$this->euid = array_key_exists('EUID', $_SESSION) ? $_SESSION['EUID'] : 0; $this->euid = array_key_exists('EUID', $_SESSION) ? $_SESSION['EUID'] : 0;
@@ -273,7 +279,7 @@ class Login extends \CoreLibs\DB\IO
$_SESSION['DEFAULT_ACL_LIST'] = []; $_SESSION['DEFAULT_ACL_LIST'] = [];
// read the current edit_access_right list into an array // read the current edit_access_right list into an array
$q = "SELECT level, type, name FROM edit_access_right WHERE level >= 0 ORDER BY level"; $q = "SELECT level, type, name FROM edit_access_right WHERE level >= 0 ORDER BY level";
while (is_array($res = $this->dbReturn($q))) { while (is_array($res = $this->db->dbReturn($q))) {
// level to description format (numeric) // level to description format (numeric)
$this->default_acl_list[$res['level']] = [ $this->default_acl_list[$res['level']] = [
'type' => $res['type'], 'type' => $res['type'],
@@ -344,7 +350,7 @@ class Login extends \CoreLibs\DB\IO
*/ */
public function __destruct() public function __destruct()
{ {
parent::__destruct(); // NO OP
} }
/** /**
@@ -440,12 +446,12 @@ class Login extends \CoreLibs\DB\IO
. "eu.edit_access_right_id = eareu.edit_access_right_id AND " . "eu.edit_access_right_id = eareu.edit_access_right_id AND "
. "eg.edit_access_right_id = eareg.edit_access_right_id AND " . "eg.edit_access_right_id = eareg.edit_access_right_id AND "
// password match is done in script, against old plain or new blowfish encypted // password match is done in script, against old plain or new blowfish encypted
. "(LOWER(username) = '" . $this->dbEscapeString(strtolower($this->username)) . "') "; . "(LOWER(username) = '" . $this->db->dbEscapeString(strtolower($this->username)) . "') ";
$res = $this->dbReturn($q); $res = $this->db->dbReturn($q);
if (!is_array($res)) { if (!is_array($res)) {
$this->login_error = 1009; $this->login_error = 1009;
$this->permission_okay = false; $this->permission_okay = false;
} elseif (empty($this->dbGetCursorNumRows($q))) { } elseif (empty($this->db->dbGetCursorNumRows($q))) {
// username is wrong, but we throw for wrong username // username is wrong, but we throw for wrong username
// and wrong password the same error // and wrong password the same error
$this->login_error = 1010; $this->login_error = 1010;
@@ -476,9 +482,9 @@ class Login extends \CoreLibs\DB\IO
if (Password::passwordRehashCheck($res['password'])) { if (Password::passwordRehashCheck($res['password'])) {
// update password hash to new one now // update password hash to new one now
$q = "UPDATE edit_user " $q = "UPDATE edit_user "
. "SET password = '" . $this->dbEscapeString(Password::passwordSet($this->password)) . "SET password = '" . $this->db->dbEscapeString(Password::passwordSet($this->password))
. "' WHERE edit_user_id = " . $res['edit_user_id']; . "' WHERE edit_user_id = " . $res['edit_user_id'];
$this->dbExec($q); $this->db->dbExec($q);
} }
// normal user processing // normal user processing
// set class var and session var // set class var and session var
@@ -487,8 +493,8 @@ class Login extends \CoreLibs\DB\IO
$this->loginCheckPermissions(); $this->loginCheckPermissions();
if ($this->login_error == 0) { if ($this->login_error == 0) {
// now set all session vars and read page permissions // now set all session vars and read page permissions
$_SESSION['DEBUG_ALL'] = $this->dbBoolean($res['debug']); $_SESSION['DEBUG_ALL'] = $this->db->dbBoolean($res['debug']);
$_SESSION['DB_DEBUG'] = $this->dbBoolean($res['db_debug']); $_SESSION['DB_DEBUG'] = $this->db->dbBoolean($res['db_debug']);
// general info for user logged in // general info for user logged in
$_SESSION['USER_NAME'] = $res['username']; $_SESSION['USER_NAME'] = $res['username'];
$_SESSION['ADMIN'] = $res['admin']; $_SESSION['ADMIN'] = $res['admin'];
@@ -512,7 +518,7 @@ class Login extends \CoreLibs\DB\IO
. "SET login_error_count = 0, login_error_date_last = NULL, " . "SET login_error_count = 0, login_error_date_last = NULL, "
. "login_error_date_first = NULL " . "login_error_date_first = NULL "
. "WHERE edit_user_id = " . $res['edit_user_id']; . "WHERE edit_user_id = " . $res['edit_user_id'];
$this->dbExec($q); $this->db->dbExec($q);
} }
$edit_page_ids = []; $edit_page_ids = [];
$pages = []; $pages = [];
@@ -529,7 +535,7 @@ class Login extends \CoreLibs\DB\IO
. "AND ear.edit_access_right_id = epa.edit_access_right_id " . "AND ear.edit_access_right_id = epa.edit_access_right_id "
. "AND epa.enabled = 1 AND epa.edit_group_id = " . $res["edit_group_id"] . " " . "AND epa.enabled = 1 AND epa.edit_group_id = " . $res["edit_group_id"] . " "
. "ORDER BY ep.order_number"; . "ORDER BY ep.order_number";
while ($res = $this->dbReturn($q)) { while ($res = $this->db->dbReturn($q)) {
if (!is_array($res)) { if (!is_array($res)) {
break; break;
} }
@@ -564,7 +570,7 @@ class Login extends \CoreLibs\DB\IO
. "WHERE evp.edit_visible_group_id = epvg.edit_visible_group_id " . "WHERE evp.edit_visible_group_id = epvg.edit_visible_group_id "
. "AND epvg.edit_page_id IN (" . join(', ', array_keys($edit_page_ids)) . ") " . "AND epvg.edit_page_id IN (" . join(', ', array_keys($edit_page_ids)) . ") "
. "ORDER BY epvg.edit_page_id"; . "ORDER BY epvg.edit_page_id";
while (is_array($res = $this->dbReturn($q))) { while (is_array($res = $this->db->dbReturn($q))) {
$pages[$edit_page_ids[$res['edit_page_id']]]['visible'][$res['name']] = $res['flag']; $pages[$edit_page_ids[$res['edit_page_id']]]['visible'][$res['name']] = $res['flag'];
} }
// get the same for the query strings // get the same for the query strings
@@ -572,7 +578,7 @@ class Login extends \CoreLibs\DB\IO
. "WHERE enabled = 1 AND edit_page_id " . "WHERE enabled = 1 AND edit_page_id "
. "IN (" . join(', ', array_keys($edit_page_ids)) . ") " . "IN (" . join(', ', array_keys($edit_page_ids)) . ") "
. "ORDER BY eqs.edit_page_id"; . "ORDER BY eqs.edit_page_id";
while (is_array($res = $this->dbReturn($q))) { while (is_array($res = $this->db->dbReturn($q))) {
$pages[$edit_page_ids[$res['edit_page_id']]]['query'][] = [ $pages[$edit_page_ids[$res['edit_page_id']]]['query'][] = [
'name' => $res['name'], 'name' => $res['name'],
'value' => $res['value'], 'value' => $res['value'],
@@ -586,7 +592,7 @@ class Login extends \CoreLibs\DB\IO
. "WHERE epc.edit_access_right_id = ear.edit_access_right_id AND " . "WHERE epc.edit_access_right_id = ear.edit_access_right_id AND "
. "epc.edit_page_id IN (" . join(', ', array_keys($edit_page_ids)) . ") " . "epc.edit_page_id IN (" . join(', ', array_keys($edit_page_ids)) . ") "
. "ORDER BY epc.order_number"; . "ORDER BY epc.order_number";
while (is_array($res = $this->dbReturn($q))) { while (is_array($res = $this->db->dbReturn($q))) {
$pages[$edit_page_ids[$res['edit_page_id']]]['content'][$res['uid']] = [ $pages[$edit_page_ids[$res['edit_page_id']]]['content'][$res['uid']] = [
'name' => $res['name'], 'name' => $res['name'],
'uid' => $res['uid'], 'uid' => $res['uid'],
@@ -610,13 +616,13 @@ class Login extends \CoreLibs\DB\IO
$unit_access = []; $unit_access = [];
$eauid = []; $eauid = [];
$unit_acl = []; $unit_acl = [];
while (is_array($res = $this->dbReturn($q))) { while (is_array($res = $this->db->dbReturn($q))) {
// read edit access data fields and drop them into the unit access array // read edit access data fields and drop them into the unit access array
$q_sub = "SELECT name, value " $q_sub = "SELECT name, value "
. "FROM edit_access_data " . "FROM edit_access_data "
. "WHERE enabled = 1 AND edit_access_id = " . $res['edit_access_id']; . "WHERE enabled = 1 AND edit_access_id = " . $res['edit_access_id'];
$ea_data = []; $ea_data = [];
while (is_array($res_sub = $this->dbReturn($q_sub))) { while (is_array($res_sub = $this->db->dbReturn($q_sub))) {
$ea_data[$res_sub['name']] = $res_sub['value']; $ea_data[$res_sub['name']] = $res_sub['value'];
} }
// build master unit array // build master unit array
@@ -653,7 +659,7 @@ class Login extends \CoreLibs\DB\IO
. "SET login_error_count = login_error_count + 1, " . "SET login_error_count = login_error_count + 1, "
. "login_error_date_last = NOW() " . $login_error_date_first . " " . "login_error_date_last = NOW() " . $login_error_date_first . " "
. "WHERE edit_user_id = " . $res['edit_user_id']; . "WHERE edit_user_id = " . $res['edit_user_id'];
$this->dbExec($q); $this->db->dbExec($q);
// totally lock the user if error max is reached // totally lock the user if error max is reached
if ( if (
$this->max_login_error_count != -1 && $this->max_login_error_count != -1 &&
@@ -692,7 +698,7 @@ class Login extends \CoreLibs\DB\IO
. "AND eu.edit_user_id = " . $this->euid . " " . "AND eu.edit_user_id = " . $this->euid . " "
. "AND filename = '" . $this->page_name . "' " . "AND filename = '" . $this->page_name . "' "
. "AND eg.enabled = 1 AND epa.enabled = 1"; . "AND eg.enabled = 1 AND epa.enabled = 1";
$res = $this->dbReturnRow($q); $res = $this->db->dbReturnRow($q);
if (!is_array($res)) { if (!is_array($res)) {
$this->login_error = 109; $this->login_error = 109;
$this->permission_okay = false; $this->permission_okay = false;
@@ -957,8 +963,8 @@ class Login extends \CoreLibs\DB\IO
$q = "SELECT edit_user_id " $q = "SELECT edit_user_id "
. "FROM edit_user " . "FROM edit_user "
. "WHERE enabled = 1 " . "WHERE enabled = 1 "
. "AND username = '" . $this->dbEscapeString($this->pw_username) . "'"; . "AND username = '" . $this->db->dbEscapeString($this->pw_username) . "'";
$res = $this->dbReturnRow($q); $res = $this->db->dbReturnRow($q);
if ( if (
!is_array($res) || !is_array($res) ||
(is_array($res) && empty($res['edit_user_id'])) (is_array($res) && empty($res['edit_user_id']))
@@ -973,9 +979,9 @@ class Login extends \CoreLibs\DB\IO
$q = "SELECT edit_user_id, password " $q = "SELECT edit_user_id, password "
. "FROM edit_user " . "FROM edit_user "
. "WHERE enabled = 1 " . "WHERE enabled = 1 "
. "AND username = '" . $this->dbEscapeString($this->pw_username) . "'"; . "AND username = '" . $this->db->dbEscapeString($this->pw_username) . "'";
$edit_user_id = ''; $edit_user_id = '';
$res = $this->dbReturnRow($q); $res = $this->db->dbReturnRow($q);
if (is_array($res)) { if (is_array($res)) {
$edit_user_id = $res['edit_user_id']; $edit_user_id = $res['edit_user_id'];
} }
@@ -1016,9 +1022,9 @@ class Login extends \CoreLibs\DB\IO
// update the user (edit_user_id) with the new password // update the user (edit_user_id) with the new password
$q = "UPDATE edit_user " $q = "UPDATE edit_user "
. "SET password = " . "SET password = "
. "'" . $this->dbEscapeString(Password::passwordSet($this->pw_new_password)) . "' " . "'" . $this->db->dbEscapeString(Password::passwordSet($this->pw_new_password)) . "' "
. "WHERE edit_user_id = " . $edit_user_id; . "WHERE edit_user_id = " . $edit_user_id;
$this->dbExec($q); $this->db->dbExec($q);
$data = 'Password change for user "' . $this->pw_username . '"'; $data = 'Password change for user "' . $this->pw_username . '"';
$this->password_change_ok = true; $this->password_change_ok = true;
} }
@@ -1158,7 +1164,7 @@ class Login extends \CoreLibs\DB\IO
// get user from user table // get user from user table
$q = "SELECT username FROM edit_user WHERE edit_user_id = " . $this->euid; $q = "SELECT username FROM edit_user WHERE edit_user_id = " . $this->euid;
$username = ''; $username = '';
if (is_array($res = $this->dbReturnRow($q))) { if (is_array($res = $this->db->dbReturnRow($q))) {
$username = $res['username']; $username = $res['username'];
} }
} // if euid is set, get username (or try) } // if euid is set, get username (or try)
@@ -1378,7 +1384,7 @@ EOM;
'_FILES' => $_FILES, '_FILES' => $_FILES,
'error' => $this->login_error 'error' => $this->login_error
]; ];
$data_binary = $this->dbEscapeBytea((string)bzcompress(serialize($_data_binary))); $data_binary = $this->db->dbEscapeBytea((string)bzcompress(serialize($_data_binary)));
// SQL querie for log entry // SQL querie for log entry
$q = "INSERT INTO edit_log " $q = "INSERT INTO edit_log "
. "(username, password, euid, event_date, event, error, data, data_binary, page, " . "(username, password, euid, event_date, event, error, data, data_binary, page, "
@@ -1386,11 +1392,11 @@ EOM;
. "http_accept, http_accept_charset, http_accept_encoding, session_id, " . "http_accept, http_accept_charset, http_accept_encoding, session_id, "
. "action, action_id, action_yes, action_flag, action_menu, action_loaded, " . "action, action_id, action_yes, action_flag, action_menu, action_loaded, "
. "action_value, action_error) " . "action_value, action_error) "
. "VALUES ('" . $this->dbEscapeString($username) . "', 'PASSWORD', " . "VALUES ('" . $this->db->dbEscapeString($username) . "', 'PASSWORD', "
. ($this->euid ? $this->euid : 'NULL') . ", " . ($this->euid ? $this->euid : 'NULL') . ", "
. "NOW(), '" . $this->dbEscapeString($event) . "', " . "NOW(), '" . $this->db->dbEscapeString($event) . "', "
. "'" . $this->dbEscapeString((string)$error) . "', " . "'" . $this->db->dbEscapeString((string)$error) . "', "
. "'" . $this->dbEscapeString($data) . "', '" . $data_binary . "', " . "'" . $this->db->dbEscapeString($data) . "', '" . $data_binary . "', "
. "'" . $this->page_name . "', "; . "'" . $this->page_name . "', ";
foreach ( foreach (
[ [
@@ -1400,20 +1406,20 @@ EOM;
] as $server_code ] as $server_code
) { ) {
if (array_key_exists($server_code, $_SERVER)) { if (array_key_exists($server_code, $_SERVER)) {
$q .= "'" . $this->dbEscapeString($_SERVER[$server_code]) . "', "; $q .= "'" . $this->db->dbEscapeString($_SERVER[$server_code]) . "', ";
} else { } else {
$q .= "NULL, "; $q .= "NULL, ";
} }
} }
$q .= "'" . Session::getSessionId() . "', "; $q .= "'" . Session::getSessionId() . "', ";
$q .= "'" . $this->dbEscapeString($this->action) . "', "; $q .= "'" . $this->db->dbEscapeString($this->action) . "', ";
$q .= "'" . $this->dbEscapeString($this->username) . "', "; $q .= "'" . $this->db->dbEscapeString($this->username) . "', ";
$q .= "NULL, "; $q .= "NULL, ";
$q .= "'" . $this->dbEscapeString((string)$this->login_error) . "', "; $q .= "'" . $this->db->dbEscapeString((string)$this->login_error) . "', ";
$q .= "NULL, NULL, "; $q .= "NULL, NULL, ";
$q .= "'" . $this->dbEscapeString((string)$this->permission_okay) . "', "; $q .= "'" . $this->db->dbEscapeString((string)$this->permission_okay) . "', ";
$q .= "NULL)"; $q .= "NULL)";
$this->dbExec($q, 'NULL'); $this->db->dbExec($q, 'NULL');
} }
/** /**

109
www/lib/CoreLibs/Admin/Backend.php
View File

@@ -31,7 +31,7 @@ declare(strict_types=1);
namespace CoreLibs\Admin; namespace CoreLibs\Admin;
class Backend extends \CoreLibs\DB\IO class Backend
{ {
// page name // page name
/** @var array<mixed> */ /** @var array<mixed> */
@@ -93,8 +93,11 @@ class Backend extends \CoreLibs\DB\IO
public $lang_short; public $lang_short;
/** @var string */ /** @var string */
public $encoding; public $encoding;
// language /** @var \CoreLibs\Debug\Logging logger */
/** @var \CoreLibs\Language\L10n */ public $log;
/** @var \CoreLibs\DB\IO database */
public $db;
/** @var \CoreLibs\Language\L10n language */
public $l; public $l;
// smarty publics [end processing in smarty class] // smarty publics [end processing in smarty class]
/** @var array<mixed> */ /** @var array<mixed> */
@@ -109,23 +112,26 @@ class Backend extends \CoreLibs\DB\IO
// CONSTRUCTOR / DECONSTRUCTOR |====================================> // CONSTRUCTOR / DECONSTRUCTOR |====================================>
/** /**
* main class constructor * main class constructor
* @param array<mixed> $db_config db config array * @param \CoreLibs\DB\IO $db Database connection class
* @param \CoreLibs\Debug\Logging|null $log Logging class, default set if not set * @param \CoreLibs\Debug\Logging $log Logging class, default set if not set
* @param \CoreLibs\Language\L10n|null $l10n l10n language class
* if null, auto set
*/ */
public function __construct( public function __construct(
array $db_config, \CoreLibs\DB\IO $db,
?\CoreLibs\Debug\Logging $log = null \CoreLibs\Debug\Logging $log,
?\CoreLibs\Language\L10n $l10n = null
) { ) {
// set to log not per class // set to log not per class
if ($log !== null) { $log->setLogPer('class', false);
$log->setLogPer('class', false); // attach logger
} $this->log = $log;
// attach db class
$this->db = $db;
// TODO lang create outside of class
$this->setLangEncoding(); $this->setLangEncoding();
// get the language sub class & init it // get the language sub class & init it
$this->l = new \CoreLibs\Language\L10n($this->lang); $this->l = $l10n ?? new \CoreLibs\Language\L10n($this->lang);
// init the database class
parent::__construct($db_config, $log ?? new \CoreLibs\Debug\Logging());
// set the page name // set the page name
$this->page_name = \CoreLibs\Get\System::getPageName(); $this->page_name = \CoreLibs\Get\System::getPageName();
@@ -148,7 +154,7 @@ class Backend extends \CoreLibs\DB\IO
*/ */
public function __destruct() public function __destruct()
{ {
parent::__destruct(); // NO OP
} }
// INTERNAL METHODS |===============================================> // INTERNAL METHODS |===============================================>
@@ -206,16 +212,19 @@ class Backend extends \CoreLibs\DB\IO
* @param string $write_type write type can bei STRING or BINARY * @param string $write_type write type can bei STRING or BINARY
* @return void * @return void
*/ */
public function adbEditLog(string $event = '', $data = '', string $write_type = 'STRING'): void public function adbEditLog(
{ string $event = '',
$data = '',
string $write_type = 'STRING'
): void {
$data_binary = ''; $data_binary = '';
if ($write_type == 'BINARY') { if ($write_type == 'BINARY') {
$data_binary = $this->dbEscapeBytea((string)bzcompress(serialize($data))); $data_binary = $this->db->dbEscapeBytea((string)bzcompress(serialize($data)));
$data = 'see bzip compressed data_binary field'; $data = 'see bzip compressed data_binary field';
} }
if ($write_type == 'STRING') { if ($write_type == 'STRING') {
$data_binary = ''; $data_binary = '';
$data = $this->dbEscapeString(serialize($data)); $data = $this->db->dbEscapeString(serialize($data));
} }
// check schema // check schema
@@ -223,8 +232,8 @@ class Backend extends \CoreLibs\DB\IO
/** @phpstan-ignore-next-line */ /** @phpstan-ignore-next-line */
if (defined('LOGIN_DB_SCHEMA') && !empty(LOGIN_DB_SCHEMA)) { if (defined('LOGIN_DB_SCHEMA') && !empty(LOGIN_DB_SCHEMA)) {
$SCHEMA = LOGIN_DB_SCHEMA; $SCHEMA = LOGIN_DB_SCHEMA;
} elseif ($this->dbGetSchema()) { } elseif ($this->db->dbGetSchema()) {
$SCHEMA = $this->dbGetSchema(); $SCHEMA = $this->db->dbGetSchema();
} elseif (defined('PUBLIC_SCHEMA')) { } elseif (defined('PUBLIC_SCHEMA')) {
$SCHEMA = PUBLIC_SCHEMA; $SCHEMA = PUBLIC_SCHEMA;
} }
@@ -235,36 +244,36 @@ class Backend extends \CoreLibs\DB\IO
. "http_accept, http_accept_charset, http_accept_encoding, session_id, " . "http_accept, http_accept_charset, http_accept_encoding, session_id, "
. "action, action_id, action_yes, action_flag, action_menu, action_loaded, action_value, action_error) " . "action, action_id, action_yes, action_flag, action_menu, action_loaded, action_value, action_error) "
. "VALUES " . "VALUES "
. "(" . $this->dbEscapeString(isset($_SESSION['EUID']) && is_numeric($_SESSION['EUID']) ? . "(" . $this->db->dbEscapeString(isset($_SESSION['EUID']) && is_numeric($_SESSION['EUID']) ?
$_SESSION['EUID'] : $_SESSION['EUID'] :
'NULL') 'NULL')
. ", " . ", "
. "NOW(), " . "NOW(), "
. "'" . $this->dbEscapeString((string)$event) . "', '" . $data . "', " . "'" . $this->db->dbEscapeString((string)$event) . "', '" . $data . "', "
. "'" . $data_binary . "', '" . $this->dbEscapeString((string)$this->page_name) . "', " . "'" . $data_binary . "', '" . $this->db->dbEscapeString((string)$this->page_name) . "', "
. "'" . @$_SERVER["REMOTE_ADDR"] . "', " . "'" . @$_SERVER["REMOTE_ADDR"] . "', "
. "'" . $this->dbEscapeString(@$_SERVER['HTTP_USER_AGENT']) . "', " . "'" . $this->db->dbEscapeString(@$_SERVER['HTTP_USER_AGENT']) . "', "
. "'" . $this->dbEscapeString($_SERVER['HTTP_REFERER'] ?? '') . "', " . "'" . $this->db->dbEscapeString($_SERVER['HTTP_REFERER'] ?? '') . "', "
. "'" . $this->dbEscapeString($_SERVER['SCRIPT_FILENAME'] ?? '') . "', " . "'" . $this->db->dbEscapeString($_SERVER['SCRIPT_FILENAME'] ?? '') . "', "
. "'" . $this->dbEscapeString($_SERVER['QUERY_STRING'] ?? '') . "', " . "'" . $this->db->dbEscapeString($_SERVER['QUERY_STRING'] ?? '') . "', "
. "'" . $this->dbEscapeString($_SERVER['SERVER_NAME'] ?? '') . "', " . "'" . $this->db->dbEscapeString($_SERVER['SERVER_NAME'] ?? '') . "', "
. "'" . $this->dbEscapeString($_SERVER['HTTP_HOST'] ?? '') . "', " . "'" . $this->db->dbEscapeString($_SERVER['HTTP_HOST'] ?? '') . "', "
. "'" . $this->dbEscapeString($_SERVER['HTTP_ACCEPT'] ?? '') . "', " . "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT'] ?? '') . "', "
. "'" . $this->dbEscapeString($_SERVER['HTTP_ACCEPT_CHARSET'] ?? '') . "', " . "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT_CHARSET'] ?? '') . "', "
. "'" . $this->dbEscapeString($_SERVER['HTTP_ACCEPT_ENCODING'] ?? '') . "', " . "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT_ENCODING'] ?? '') . "', "
. (\CoreLibs\Create\Session::getSessionId() === false ? . (\CoreLibs\Create\Session::getSessionId() === false ?
"NULL" : "NULL" :
"'" . \CoreLibs\Create\Session::getSessionId() . "'") "'" . \CoreLibs\Create\Session::getSessionId() . "'")
. ", " . ", "
. "'" . $this->dbEscapeString($this->action) . "', " . "'" . $this->db->dbEscapeString($this->action) . "', "
. "'" . $this->dbEscapeString($this->action_id) . "', " . "'" . $this->db->dbEscapeString($this->action_id) . "', "
. "'" . $this->dbEscapeString($this->action_yes) . "', " . "'" . $this->db->dbEscapeString($this->action_yes) . "', "
. "'" . $this->dbEscapeString($this->action_flag) . "', " . "'" . $this->db->dbEscapeString($this->action_flag) . "', "
. "'" . $this->dbEscapeString($this->action_menu) . "', " . "'" . $this->db->dbEscapeString($this->action_menu) . "', "
. "'" . $this->dbEscapeString($this->action_loaded) . "', " . "'" . $this->db->dbEscapeString($this->action_loaded) . "', "
. "'" . $this->dbEscapeString($this->action_value) . "', " . "'" . $this->db->dbEscapeString($this->action_value) . "', "
. "'" . $this->dbEscapeString($this->action_error) . "')"; . "'" . $this->db->dbEscapeString($this->action_error) . "')";
$this->dbExec($q, 'NULL'); $this->db->dbExec($q, 'NULL');
} }
/** /**
@@ -530,8 +539,8 @@ class Backend extends \CoreLibs\DB\IO
/** @phpstan-ignore-next-line */ /** @phpstan-ignore-next-line */
if (defined('GLOBAL_DB_SCHEMA') && !empty(GLOBAL_DB_SCHEMA)) { if (defined('GLOBAL_DB_SCHEMA') && !empty(GLOBAL_DB_SCHEMA)) {
$SCHEMA = GLOBAL_DB_SCHEMA; $SCHEMA = GLOBAL_DB_SCHEMA;
} elseif ($this->dbGetSchema()) { } elseif ($this->db->dbGetSchema()) {
$SCHEMA = $this->dbGetSchema(); $SCHEMA = $this->db->dbGetSchema();
} elseif (defined('PUBLIC_SCHEMA')) { } elseif (defined('PUBLIC_SCHEMA')) {
$SCHEMA = PUBLIC_SCHEMA; $SCHEMA = PUBLIC_SCHEMA;
} else { } else {
@@ -540,13 +549,13 @@ class Backend extends \CoreLibs\DB\IO
$q = "INSERT INTO " . $SCHEMA . ".live_queue (" $q = "INSERT INTO " . $SCHEMA . ".live_queue ("
. "queue_key, key_value, key_name, type, target, data, group_key, action, associate, file" . "queue_key, key_value, key_name, type, target, data, group_key, action, associate, file"
. ") VALUES (" . ") VALUES ("
. "'" . $this->dbEscapeString($queue_key) . "', '" . $this->dbEscapeString($key_value) . "', " . "'" . $this->db->dbEscapeString($queue_key) . "', '" . $this->db->dbEscapeString($key_value) . "', "
. "'" . $this->dbEscapeString($key_name) . "', '" . $this->dbEscapeString($type) . "', " . "'" . $this->db->dbEscapeString($key_name) . "', '" . $this->db->dbEscapeString($type) . "', "
. "'" . $this->dbEscapeString($target) . "', '" . $this->dbEscapeString($data) . "', " . "'" . $this->db->dbEscapeString($target) . "', '" . $this->db->dbEscapeString($data) . "', "
. "'" . $this->queue_key . "', '" . $this->action . "', " . "'" . $this->queue_key . "', '" . $this->action . "', "
. "'" . $this->dbEscapeString((string)$associate) . "', " . "'" . $this->db->dbEscapeString((string)$associate) . "', "
. "'" . $this->dbEscapeString((string)$file) . "')"; . "'" . $this->db->dbEscapeString((string)$file) . "')";
$this->dbExec($q); $this->db->dbExec($q);
} }
/** /**

51
www/lib/CoreLibs/Combined/DateTime.php
View File

@@ -12,6 +12,57 @@ use Exception;
class DateTime class DateTime
{ {
/** @var array<int,string> */
public const DAY_SHORT = [
1 => 'Mon',
2 => 'Tue',
3 => 'Wed',
4 => 'Thu',
5 => 'Fri',
6 => 'Sat',
7 => 'Sun'
];
/** @var array<int,string> */
public const DAY_LONG = [
1 => 'Monday',
2 => 'Tuesday',
3 => 'Wednesday',
4 => 'Thursday',
5 => 'Friday',
6 => 'Saturday',
7 => 'Sunday'
];
/** @var array<int,string> */
public const MONTH_LONG = [
1 => 'January',
2 => 'February',
3 => 'March',
4 => 'April',
5 => 'May',
6 => 'June',
7 => 'July',
8 => 'August',
9 => 'September',
10 => 'October',
11 => 'November',
12 => 'December'
];
/** @var array<int,string> */
public const MONTH_SHORT = [
1 => 'Jan',
2 => 'Feb',
3 => 'Mar',
4 => 'Apr',
5 => 'May',
6 => 'Jun',
7 => 'Jul',
8 => 'Aug',
9 => 'Sep',
10 => 'Oct',
11 => 'Nov',
12 => 'Dec'
];
/** /**
* a simple wrapper for the date format * a simple wrapper for the date format
* if an invalid timestamp is give zero timestamp unix time is used * if an invalid timestamp is give zero timestamp unix time is used