add option to disable debugging features for production installs, enh…

…ance receipt printing

README.md

@@ -73,49 +73,9 @@ Now import the schema into phpmyadmin, from maintenance/schema/auth.sql, and the
 
 Now cd /usr/share/auth.
 
-Under site/, create a file called bg.jpg, with some company artwork, and config.php. Remembering database and LDAP settings, this is a basic config example.
+Copy site.example/ to site/, and replace bg.jpg and logo.png with some company artwork, and config.php. Remembering database and LDAP settings, enter these in config.php.
 
-        <?php
-        /* Timezone for the ActionQueue */
-        date_default_timezone_set('UTC');
-
-        /* All other options */
-        $config = array(
-            'Database' =>
-                array(
-                    'name' => 'auth_main',
-                        'host' => 'localhost',
-                        'user' => 'auth',
-                        'password' => '...password here...'
-                ),
-                'Util' =>
-                    array(
-                        'Cleanup'     => 'Directory Cleanup Tools'
-                    ),
-                'pidfile' => '/var/run/lock/meta-auth.pid',
-                'logfile' => '/var/log/meta-auth.log',
-                'login' =>
-                    array(
-                        'url' => 'ldap://localhost',
-                            'domain' => "dc=example,dc=com",
-                            'service_id' => 'ldap1',
-                            'admin' => array('admin'),
-                            'assistant' => array(),
-                            'assist' =>
-                                array(
-                                    'domain_id' => 'default',
-                                    'service_id' => 'ldap1'	
-                                )
-		        )
-		'ReceiptPrinter' => array( // Receipt printer, or 0.0.0.0 for no printer
-				'ip' => '0.0.0.0',
-				'port' => '9100',
-				'header' => 'Example',
-				'footer' => 'Terms and conditions'
-			)
-        );
-
-Note: Debian 6 Uses /var/lock, not /var/run/lock.
+(Note for lock files: Debian 6 Uses /var/lock, not /var/run/lock)
 
 Open the database up and look at the 'service' table. If you are administering LDAP on localhost (this is the default set-up), then correct the domain name and password to make it work. 
 

lib/Auth.php

@@ -83,5 +83,13 @@ static public function alphanumeric($inp) {
 	static public function normaliseName($inp) {
 		return strtolower(preg_replace("#[^-a-zA-Z0-9.'_]+#", "", trim($inp)));
 	}
-
+
+	/**
+	 * Return true if debugging is enabled, false if not. Some functions log less
+	 * data and remove dangerous features when debugging is off (a good idea for production installs)
+	 */
+	static public function isDebug() {
+		$conf = Auth::getConfig("login");
+		return isset($conf['debug']) && $conf['debug'] == true;
+	}
 }

lib/misc/ReceiptPrinter.php

@@ -4,63 +4,77 @@ class ReceiptPrinter {
 	private static $conf; /* Config */
 
 	public static function init() {
-		require_once(dirname(__FILE__) . "/../vendor/escpos-php/escpos.php");
+		require_once(dirname(__FILE__) . "/../vendor/escpos-php/Escpos.php");
 		self::$conf = Auth::getConfig(__CLASS__);
 	}
 
 	public static function pwresetReceipt(AccountOwner_model $owner, $password) {
 		if(!isset(self::$conf['ip']) || self::$conf['ip'] == "0.0.0.0") {
 			return false;
 		}
-
-		if(!$fp = fsockopen(self::$conf['ip'], self::$conf['port'], $errno, $errstr, 2)) {
-			throw new Exception("Couldn't connect to receipt printer: $errno $errstr");
-		}
-
-		/* Header */
-		$printer = new escpos($fp);
-		$printer -> set_justification(escpos::JUSTIFY_CENTER);
-		$printer -> set_emphasis(true);
-		$printer -> text(self::$conf['header'] . "\n");
-		$printer -> set_emphasis(false);
-		$printer -> feed();
-		$printer -> text("User Account Information\n");
-		$printer -> feed(2);
-		$printer -> set_justification(escpos::JUSTIFY_LEFT);
-
-		/* User info */
-		$barcode = "";
-		$seen = array();
-		$printer -> text("User Account:\n  " . $owner -> owner_firstname . " " . $owner -> owner_surname . "\n\n");
-		$printer -> text("Login name(s):\n");
-		foreach($owner -> list_Account as $acct) {
-			if(!isset($seen[$acct -> account_login])) {
-				$printer -> text("  " . $acct -> account_login . "\n");
-				$seen[$acct -> account_login] = true;
-				if(is_numeric($acct -> account_login) && ($barcode == "" || strlen($acct -> account_login) < strlen($barcode))) {
-					$barcode = $acct -> account_login;
+		try {
+			$connector = new NetworkPrintConnector(self::$conf['ip'], self::$conf['port']);
+			$profile = SimpleCapabilityProfile::getInstance();
+			$printer = new Escpos($connector, $profile);
+
+			/* Header */
+			$printer -> setJustification(Escpos::JUSTIFY_CENTER);
+			if(isset(self::$conf['logo']) && file_exists(self::$conf['logo'])) {
+				/* Include top image if set & available */
+				$logofile = self::$conf['logo'];
+				$ser = $logofile . ".ser";
+				if(file_exists($ser)) {
+					$img = unserialize(file_get_contents($ser));
+				} else {
+					$img = new EscposImage($logofile);
+					@file_put_contents($ser, serialize($img)); // Attempt to cache
 				}
+				$printer -> bitImage($img);
 			}
-		}
-		$printer -> feed();
-		$printer -> text("Password:\n  $password\n");
-		$printer -> feed(2);
-
-		/* Footer */
-		$printer -> text(self::$conf['footer']  . "\n");
-		$printer -> feed();
-
-		/* Barcode */
-		if($barcode != "") {
-			$printer -> set_justification(escpos::JUSTIFY_CENTER);
-			$printer -> barcode($barcode, escpos::BARCODE_CODE39);
+			$printer -> setEmphasis(true);
+			$printer -> text(self::$conf['header'] . "\n");
+			$printer -> setEmphasis(false);
+			$printer -> feed();
+			$printer -> text("User Account Information\n");
+			$printer -> feed(2);
+			$printer -> setJustification(Escpos::JUSTIFY_LEFT);
+
+			/* User info */
+			$barcode = "";
+			$seen = array();
+			$printer -> text("User Account:\n  " . $owner -> owner_firstname . " " . $owner -> owner_surname . "\n\n");
+			$printer -> text("Login name(s):\n");
+			foreach($owner -> list_Account as $acct) {
+				if(!isset($seen[$acct -> account_login])) {
+					$printer -> text("  " . $acct -> account_login . "\n");
+					$seen[$acct -> account_login] = true;
+					if(is_numeric($acct -> account_login) && ($barcode == "" || strlen($acct -> account_login) < strlen($barcode))) {
+						$barcode = $acct -> account_login;
+					}
+				}
+			}
+			$printer -> feed();
+			$printer -> text("Password:\n  $password\n");
+			$printer -> feed(2);
+
+			/* Footer */
+			$printer -> text(self::$conf['footer']  . "\n");
 			$printer -> feed();
-			$printer -> text($barcode);
-			$printer -> feed(1);
-			$printer -> set_justification(escpos::JUSTIFY_LEFT);
+
+			/* Barcode */
+			if($barcode != "") {
+				$printer -> setJustification(Escpos::JUSTIFY_CENTER);
+				$printer -> barcode($barcode, Escpos::BARCODE_CODE39);
+				$printer -> feed();
+				$printer -> text($barcode);
+				$printer -> feed(1);
+				$printer -> setJustification(Escpos::JUSTIFY_LEFT);
+			}
+			$printer -> cut();
+			$printer -> close();
+		} catch(Exception $e) {
+			trigger_error($e -> getMessage()); // Should be logged some-place for troubleshooting.
+			return false;
 		}
-		$printer -> cut();
-
-		fclose($fp);
 	}
 }

lib/util/Cleanup_util/Cleanup_util.php

@@ -6,7 +6,9 @@
  *
  */
 class Cleanup_util extends util {
-	private static $config;
+	private static $config;
+
+	private static $debug;
 
 	/**
 	 * Initialise utility
@@ -16,7 +18,8 @@ public static function init() {
 		self::verifyEnabled();
 
 		Auth::loadClass("Ou_api");
-		Auth::loadClass("ActionQueue_api");
+		Auth::loadClass("ActionQueue_api");
+		self::$debug = Auth::isDebug();
 	}
 
 	/**
@@ -69,12 +72,20 @@ public static function admin() {
 						$data['message'] = "The queue has been emptied.";
 						break;
 					case 'eraseLocal':
-						self::eraseLocal();
-						$data['message'] = "All local entries have been erased.";
+						if(self::$debug) {
+							self::eraseLocal();
+							$data['message'] = "All local entries have been erased.";
+						} else {
+							$data['message'] = "This feature is disabled.";
+						}
 						break;
 					case 'dummyData':
-						self::dummyData();
-						$data['message'] = "Dummy data has been introduced.";
+						if(self::$debug) {
+							self::dummyData();
+							$data['message'] = "Dummy data has been introduced.";
+						} else {
+							$data['message'] = "This feature is disabled.";
+						}
 						break;
 					default:
 						throw new Exception("Unknown action: $action");
@@ -85,7 +96,8 @@ public static function admin() {
 		}		
 
 		$data['service-enabled'] = Service_model::list_by_service_enabled('1');
-		$data['service-disabled'] = Service_model::list_by_service_enabled('0');		
+		$data['service-disabled'] = Service_model::list_by_service_enabled('0');
+		$data['debug'] = self::$debug;
 		return $data;
 	}
 

lib/util/Cleanup_util/layout/main.inc

@@ -158,7 +158,7 @@
 					queue, you can clear the queue with this button:</p>
 				<a class="btn" href="#" onClick="emptyAq();">Empty the ActionQueue</a>
 			</div>
-
+<?php if($data['debug']) { ?>
 			<div class="alert alert-danger">
 				<h3>Danger zone</h3>
 				<h4>Erase local database</h4>
@@ -172,6 +172,7 @@
 				<a class="btn btn-danger" href="#" onClick="dummyData();">Add dummy
 					data</a>
 			</div>
+<?php } ?>
 		</div>
 	</div>
 </div>

maintenance/bin/authqueue.php

@@ -6,6 +6,7 @@
 try{
 	$pidfile = Auth::getConfig('pidfile');
 	$logfile = Auth::getConfig('logfile');
+	$isDebug = Auth::isDebug();
 	if(!$pf = fopen($pidfile, "w")) {
 		throw new Exception("Couldn't open PID file $pidfile. Check that it is write-able.");
 	}
@@ -46,9 +47,13 @@
 
 		try {
 			if(process($next)) {
-				try {
-					$next -> aq_complete = 1;
-					$next -> update();
+				try {
+					if($isDebug) {
+						$next -> aq_complete = 1;
+						$next -> update();
+					} else {
+						$next -> delete();
+					}
 				} catch(Exception $e) {
 					outp("\tProblem marking item as done; Was it cancelled while it was running?");
 				}

maintenance/schema/data/defaults.sql

@@ -59,4 +59,3 @@ INSERT INTO `Service` (`service_id`, `service_name`, `service_enabled`, `service
 INSERT INTO `ListServiceDomain` (`service_id`, `domain_id`, `sd_root`, `sd_secondary`) VALUES
 ('ldap1', 'default', '', 0);
 
-INSERT INTO `auth_main`.`ListServiceDomain` (`service_id`, `domain_id`, `sd_root`, `sd_secondary`) VALUES ('ldap1', 'default', '', '0');

site.example/config.php

@@ -28,12 +28,18 @@
 				array(
 					'domain_id' => 'default',
 					'service_id' => 'ldap1'	
-				)
+				),
+			// Leaves data in the database, enables the directory cleanup
+			// "Delete all local data" button. These are useful for initial
+			// setup, but should be disabled afterward.
+			'debug' => 'true'
 		),
 	'ReceiptPrinter' => array( // Receipt printer, or 0.0.0.0 for no printer
 			'ip' => '0.0.0.0',
 			'port' => '9100',
 			'header' => 'Example',
-			'footer' => 'Terms and conditions'
+			'footer' => 'Terms and conditions',
+			// Optional - printed at top of receipts if set
+			'logo' => dirname(__FILE__) . "/logo.png"
 		)
 );