Merge develop

admin/cron/cron_user.phpsh

@@ -1,4 +1,4 @@
-#! /usr/bin/env php
+#! /usr/bin/php -q
 <?php
 /**
  * @author Alexander Rein <a.rein@be-clever-ag.de>, beclever werbeagentur AG <support@be-clever-ag.de>

classes/class.DBconn.php

@@ -12,14 +12,15 @@ class DBconn {
 	private $db, $result, $stmt;
 	private $params = array();
 	private $types = "";
+	public $num_rows;
 	public $error;
 
 	public function __construct($db_host = null, $db_user = null, $bd_pass = null, $db_name = null, $flag = null, $ca = null) {
 		$db_host = empty($db_host) ? DB_host : $db_host;
 		$db_user = empty($db_user) ? DB_user : $db_user;
 		$bd_pass = empty($bd_pass) ? DB_pass : $bd_pass;
 		$db_name = empty($db_name) ? DB_name : $db_name;
-		$this->db = new mysqli(); 
+		$this->db = new mysqli();
 		if (!empty($ca)) {
 			$this->db->ssl_set(NULL, NULL, $ca, NULL, NULL);
 		}
@@ -51,13 +52,17 @@ public function commit() {
 		$this->db->query("COMMIT");
 	}
 
-	public function query($sql) {
+	public function query($sql, $flush = TRUE) {
 		$this->stmt = $this->db->stmt_init();
 		if ($this->stmt->prepare($sql)) {
 			if (!empty($this->types)) {
 				call_user_func_array(array($this->stmt, 'bind_param'), array_merge(array($this->types), $this->params));
 			}
-			return $this->finalExecute();
+			if ($flush) {
+				return $this->finalExecute();
+			} else {
+				return $this->execute();
+			}
 		}
 		$this->exception($this->stmt->error);
 		return FALSE;
@@ -67,6 +72,7 @@ public function execute() {
 		$execute = $this->stmt->execute();
 		if (!$execute)
 			$this->exception($this->stmt->error);
+		$this->num_rows = $this->stmt->num_rows;
 		return $execute;
 	}
 

classes/class.Pagination.php

@@ -0,0 +1,87 @@
+<?php
+
+/**
+ * Pagination 
+ * 
+ * @author Alexander Rein <a.rein@be-clever-ag.de>, beclever werbeagentur AG <support@be-clever-ag.de>
+ * @copyright (c) 2017, Alexander Rein
+ * @license http://www.gnu.org/licenses/agpl-3.0.html GNU Affero General Public License
+ */
+class Pagination {
+
+	private $_resuilt;
+	private $_limit;
+	private $_page;
+	private $_query;
+	private $_total;
+
+	public function __construct($result) {
+
+		$this->_resuilt = $result;
+		$this->_total = count($this->_resuilt);
+	}
+
+	public function getPart($limit = 100, $page = 1) {
+
+		$this->_limit = $limit;
+		$this->_page = $page;
+
+		if ($this->_limit == 'all') {
+			$part = $this->_resuilt;
+		} else {
+			$temp = array_chunk($this->_resuilt, $limit);
+			if (isset($temp[$page - 1]) || array_key_exists($page - 1, $temp)) {
+				$part = $temp[$page - 1];
+			} else {
+				$part = $page < 1 ? $temp[0] : end($temp);
+			}
+		}
+
+		$result = new stdClass();
+		$result->page = $this->_page;
+		$result->limit = $this->_limit;
+		$result->total = $this->_total;
+		$result->part = $part;
+
+		return $result;
+	}
+
+	public function createLinks($links = 5, $list_class = "pagination") {
+		if ($this->_limit == 'all' || $this->_total <= $this->_limit) {
+			return '';
+		}
+
+		$last = ceil($this->_total / $this->_limit);
+
+		$start = ( ( $this->_page - $links ) > 0 ) ? $this->_page - $links : 1;
+		$end = ( ( $this->_page + $links ) < $last ) ? $this->_page + $links : $last;
+
+		$html = '<ul class="' . $list_class . '">';
+
+		$class = ( $this->_page == 1 ) ? "disabled" : "";
+		$html .= '<li class="' . $class . '"><a href="?limit=' . $this->_limit . '&page=' . ( $this->_page - 1 ) . '">&laquo;</a></li>';
+
+		if ($start > 1) {
+			$html .= '<li><a href="?limit=' . $this->_limit . '&page=1">1</a></li>';
+			$html .= '<li class="disabled"><span>...</span></li>';
+		}
+
+		for ($i = $start; $i <= $end; $i++) {
+			$class = ( $this->_page == $i ) ? "active" : "";
+			$html .= '<li class="' . $class . '"><a href="?limit=' . $this->_limit . '&page=' . $i . '">' . $i . '</a></li>';
+		}
+
+		if ($end < $last) {
+			$html .= '<li class="disabled"><span>...</span></li>';
+			$html .= '<li><a href="?limit=' . $this->_limit . '&page=' . $last . '">' . $last . '</a></li>';
+		}
+
+		$class = ( $this->_page == $last ) ? "disabled" : "";
+		$html .= '<li class="' . $class . '"><a href="?limit=' . $this->_limit . '&page=' . ( $this->_page + 1 ) . '">&raquo;</a></li>';
+
+		$html .= '</ul>';
+
+		return $html;
+	}
+
+}

classes/class.Subscription.php

@@ -65,6 +65,7 @@ public function add_subscription($user, $duration, $kID = "") {
 			} else {
 				$key = empty($kID) ? $user : "#{$kID}";
 				$return = $this->db->fetch_array_assoc();
+				$this->sync_external_user_table($return["sID"]);
 				$this->log("User #{$this->uID} create subscription #{$return["sID"]} (Key: '{$key}')");
 				return $return;
 			}
@@ -82,7 +83,7 @@ public function get_subscription($sID = "") {
 			$this->db->addParams("i", $sID);
 			$where[] = "s.sID = ?";
 		}
-		$where[] = "s.status = " . self::STATUS_NONE;
+		$where[] = "s.status <> " . self::STATUS_DELETED;
 		$sql = $sql . " WHERE " . implode(" AND ", $where) . " GROUP BY s.sID";
 		if ($this->db->query($sql) === FALSE) {
 			$this->exception($this->db->error);
@@ -97,7 +98,6 @@ public function get_subscription($sID = "") {
 
 	public function set_pass($sID, $pass) {
 		$password = crypt($pass, '$2y$10$' . PasswordGenerator::getAlphaNumericPassword(22));
-
 		$sql = "UPDATE subscription SET password = ? WHERE uID = ?";
 		$this->db->addParams("s", $password);
 		$this->db->addParams("i", $this->uID);
@@ -112,9 +112,7 @@ public function set_pass($sID, $pass) {
 			return FALSE;
 		} else {
 			if ($sID == "all") {
-				foreach ($this->get_sID() as $sub) {
-					$this->sync_external_user_table($sub["sID"]);
-				}
+				$this->sync_external_passwords($password);
 			} else {
 				$this->sync_external_user_table($sID);
 			}
@@ -138,7 +136,7 @@ public function set_description($sID, $descr) {
 	}
 
 	public function get_all_subscription_user_info($active = TRUE) {
-		$sql = "SELECT s.*, u.firstname, u.lastname, u.organization FROM subscription s JOIN user u ON s.uID = u.uID WHERE s.status = " . self::STATUS_NONE;
+		$sql = "SELECT s.*, u.firstname, u.lastname, u.organization FROM subscription s JOIN user u ON s.uID = u.uID WHERE s.status <> " . self::STATUS_DELETED;
 		if ($active) {
 			$sql .= " AND u.confirmed = 1";
 		}
@@ -151,7 +149,7 @@ public function get_all_subscription_user_info($active = TRUE) {
 	}
 
 	public function get_active_subscriptions($sID = "") {
-		$sql = "SELECT sID, uID, username, password, exp_time FROM subscription WHERE active = 1 AND exp_time > NOW() AND password IS NOT NULL AND status = " . self::STATUS_NONE;
+		$sql = "SELECT sID, uID, username, password, exp_time FROM subscription WHERE active = 1 AND exp_time > NOW() AND status <> " . self::STATUS_DELETED;
 		if (!empty($sID)) {
 			$this->db->addParams("i", $sID);
 			$sql .= " AND sID = ?";
@@ -209,6 +207,18 @@ public function set_notification($sID) {
 		}
 	}
 
+	public function set_status($sID, $status) {
+		$this->db->addParams("i", $status);
+		$this->db->addParams("i", $sID);
+		$sql = "UPDATE subscription SET status = ? WHERE sID = ?";
+		if ($this->db->query($sql) === FALSE) {
+			$this->exception($this->db->error);
+			return FALSE;
+		} else {
+			return TRUE;
+		}
+	}
+
 	public function add_expire($sID, $duration) {
 		$this->db->addParams("i", $duration);
 		$this->db->addParams("i", $this->uID);
@@ -238,15 +248,12 @@ public function toggle_subscription($sID) {
 	}
 
 	public function delete_subscription($sID) {
-		$this->db->addParams("i", $sID);
-		$sql = "UPDATE subscription SET status = " . self::STATUS_DELETED . " WHERE sID = ?";
-		if ($this->db->query($sql) === FALSE) {
-			$this->exception($this->db->error);
-			return FALSE;
-		} else {
+		if ($this->set_status($sID, self::STATUS_DELETED)) {
 			$this->sync_external_user_table($sID);
 			$this->log("Update subscription #{$sID} (Set as deleted)");
 			return TRUE;
+		} else {
+			return FALSE;
 		}
 	}
 
@@ -320,6 +327,21 @@ private function sync_external_user_table_all() {
 			}
 	}
 
+	private function sync_external_passwords($pass) {
+		if (sync_external_db) {
+			$ext_db = new DBconn(ext_DB_host, ext_DB_user, ext_DB_pass, ext_DB_name, ext_DB_flag, ext_DB_ca);
+			$ext_db->addParams("s", $pass);
+			$ext_db->addParams("i", $this->uID);
+			$sql = "UPDATE user_auth SET password = ? WHERE user_ID = ?";
+			if ($ext_db->query($sql) === FALSE) {
+				$this->exception($ext_db->error);
+				return FALSE;
+			}
+		} else {
+			return TRUE;
+		}
+	}
+
 	private function create_external_table(&$ext_db) {
 		$sql = "CREATE TABLE IF NOT EXISTS `user_auth` (
 				`ID` INT(11) NOT NULL AUTO_INCREMENT,

config/mainconf.php

@@ -26,6 +26,7 @@
 $CONF["user"]["expire"] = 24; // Time (h) after the user will be deleted if not confirmed
 $CONF["notification"] = ["twoMonth" => "2 months", "twoWeeks" => "2 weeks"]; // Notification settings
 $CONF["tc_required"] = TRUE; // terms and conditions have to be accepted
+$CONF["pass_filter"] = "A-Za-z0-9\-\._~"; // regular expression for subscription password filtering
 
 $PATH_htpasswd = "HTPASSWD"; // absolute filepath to .htpasswd which contains username and password
 

l10n/EN.php

@@ -263,12 +263,13 @@
 $LOCAL["subscription"]["table_head"]["create_date"] = "Create Date";
 $LOCAL["subscription"]["table_head"]["expire_date"] = "Expire Date";
 $LOCAL["subscription"]["dialog"]["key"]["title"] = "Register subscription keys";
-$LOCAL["subscription"]["dialog"]["key"]["label"] = "Subscription keys (one per line)";
+$LOCAL["subscription"]["dialog"]["key"]["label"] = "Subscription keys (one per line, max 500)";
 $LOCAL["subscription"]["dialog"]["key"]["submit"] = "Register keys";
 $LOCAL["subscription"]["dialog"]["extend"]["title"] = "Extend subscription duration";
 $LOCAL["subscription"]["dialog"]["extend"]["label_selected"] = "Selected subscriptions";
 $LOCAL["subscription"]["dialog"]["extend"]["label_keys"] = "Insert the same number of keys (one per line) as selected";
 $LOCAL["subscription"]["dialog"]["extend"]["label_termsconditions"] = "I accept the terms and conditions for <a href='https://samba.plus/tcsambaplus.pdf' target='_blank'>SAMBA+ <span class='ui-icon ui-icon-extlink'></span></a><br/>(German: Ich akzeptiere die AGB f&uuml;r <a href='https://samba.plus/agbsambaplus.pdf' target='_blank'>SAMBA+ <span class='ui-icon ui-icon-extlink'></span></a>)";
+$LOCAL["subscription"]["dialog"]["extend"]["selected_info"] = "subscriptions selected.";
 $LOCAL["subscription"]["dialog"]["extend"]["submit"] = "Extend subscriptions";
 $LOCAL["subscription"]["dialog"]["setpass"]["title"] = "Set password for subscription";
 $LOCAL["subscription"]["dialog"]["setpass"]["label_pass"] = "Password";
@@ -309,6 +310,7 @@
 $LOCAL["msg"]["error"]["empty_password"] = "Enter Password";
 $LOCAL["msg"]["error"]["email_auth"] = "Corresponding User not found.";
 $LOCAL["msg"]["error"]["invalid_password_confirm"] = "Enter Password (confirm) same as Password";
+$LOCAL["msg"]["error"]["invalid_password"] = "Allowed characters: A-Z, a-z, 0-9, -._~";
 $LOCAL["msg"]["error"]["empty_subscription_list"] = "Please select some subscriptions first";
 $LOCAL["msg"]["error"]["empty_termsconditions"] = "Please confirm the terms and conditions";
 $LOCAL["msg"]["error"]["user_register"] = "<b>User '###EMAIL###' could not be created:</b><br/>###ERRORMSG###";

layout/less/main.less

@@ -13,4 +13,7 @@ h2 {color: @colorPrimary}
 h3 {color: @colorSecondary}
 h4 {color: @colorPrimary}
 
-nav #navigation li a {border-left: 1px solid lighten(@colorPrimary, 20%); border-right: 1px solid lighten(@colorPrimary, 20%)}
+nav #navigation li a {border-left: 1px solid lighten(@colorPrimary, 20%); border-right: 1px solid lighten(@colorPrimary, 20%)}
+
+.pagination li a {border-color: @colorPrimary; color: @colorPrimary;}
+.pagination li.active a {background-color: @colorPrimary; color: #FFF; border-color: @colorPrimary}