aboutsummaryrefslogtreecommitdiff
path: root/admin/Application/Controllers
diff options
context:
space:
mode:
authorYuchen Pei <hi@ypei.me>2021-10-15 09:52:00 +1100
committerYuchen Pei <hi@ypei.me>2021-10-15 09:52:00 +1100
commit71b0e901f5fb1cfcd162d8acc23120d3f77a3152 (patch)
tree323c00faef1edc7dea2e88ff581cc2258b2b6432 /admin/Application/Controllers
parent72cce24864b064b5762f4fe97fdf40d8d2ad4b51 (diff)
parent07f5140771388c9e0c8a99b0dd2e5d950bdb173b (diff)
Merge branch 'development' into h-node
Diffstat (limited to 'admin/Application/Controllers')
-rw-r--r--admin/Application/Controllers/AdminboxesController.php78
-rw-r--r--admin/Application/Controllers/AdmindeletionController.php66
-rw-r--r--admin/Application/Controllers/AdminhardwareController.php121
-rw-r--r--admin/Application/Controllers/AdminhistoryController.php68
-rw-r--r--admin/Application/Controllers/AdminissuesController.php88
-rw-r--r--admin/Application/Controllers/AdminmessagesController.php86
-rw-r--r--admin/Application/Controllers/AdminnewsController.php78
-rw-r--r--admin/Application/Controllers/AdminparamsController.php68
-rw-r--r--admin/Application/Controllers/AdminpasswordController.php88
-rw-r--r--admin/Application/Controllers/AdminregusersController.php101
-rw-r--r--admin/Application/Controllers/AdmintalkController.php59
-rw-r--r--admin/Application/Controllers/AdminusersController.php200
-rwxr-xr-xadmin/Application/Controllers/PanelController.php43
13 files changed, 1144 insertions, 0 deletions
diff --git a/admin/Application/Controllers/AdminboxesController.php b/admin/Application/Controllers/AdminboxesController.php
new file mode 100644
index 0000000..65ba18c
--- /dev/null
+++ b/admin/Application/Controllers/AdminboxesController.php
@@ -0,0 +1,78 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminboxesController extends Controller {
+
+ function __construct($model, $controller, $queryString) {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('BoxesModel');
+
+ $this->modelName = 'BoxesModel';
+
+ $this->m['BoxesModel']->setFields('title,message','sanitizeAll');
+
+ $this->setArgKeys(array('page:forceNat'=>1,'token:sanitizeAll'=>'token'));
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main');
+
+ $this->scaffold->loadMain('boxes:id_box,boxes:title,smartDate|boxes:creation_date','boxes:id_box','edit,del');
+ $this->scaffold->setHead('NEWS ID,TITLE,DATE');
+ $this->scaffold->update('del');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->append($data);
+ $this->load('main');
+ }
+
+ public function form($queryType = 'insert')
+ {
+ $this->shift(1);
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->m['BoxesModel']->updateTable('insert,update');
+
+ $this->loadScaffold('form');
+ $this->scaffold->loadForm($queryType,"adminboxes/form/$queryType");
+ $this->scaffold->getFormValues('sanitizeHtml');
+ $data['scaffold'] = $this->scaffold->render();
+
+ $this->append($data);
+ $this->load('main');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdmindeletionController.php b/admin/Application/Controllers/AdmindeletionController.php
new file mode 100644
index 0000000..d5ee6fc
--- /dev/null
+++ b/admin/Application/Controllers/AdmindeletionController.php
@@ -0,0 +1,66 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdmindeletionController extends Controller {
+
+ function __construct($model, $controller, $queryString) {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('DeletionModel');
+
+ $this->modelName = 'DeletionModel';
+
+// $this->m['DeletionModel']->setFields('object,topic,status,priority,message,notice','sanitizeAll');
+
+ $this->setArgKeys(array('page:forceNat'=>1,'object:sanitizeAll'=>'undef','token:sanitizeAll'=>'token'));
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ Params::$nullQueryValue = 'undef';
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','mainMenu'=>'panel','recordPerPage'=>30));
+
+ $whereClauseArray = array(
+ 'object' => $this->viewArgs['object'],
+ );
+ $this->scaffold->setWhereQueryClause($whereClauseArray);
+
+ $this->scaffold->loadMain('deletion:id_del,deletion:object,deletion:id_duplicate,deletion:id_hard,getUserName|deletion:created_by,smartDate|deletion:creation_date','deletion:id_del','');
+ $this->scaffold->setHead('DEL ID,OBJECT,DUPLICATED,HARDWARE ID,CREATED BY,DATE');
+ $this->scaffold->update('del');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->append($data);
+ $this->load('main');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdminhardwareController.php b/admin/Application/Controllers/AdminhardwareController.php
new file mode 100644
index 0000000..c02a4c2
--- /dev/null
+++ b/admin/Application/Controllers/AdminhardwareController.php
@@ -0,0 +1,121 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminhardwareController extends Controller
+{
+
+ function __construct($model, $controller, $queryString)
+ {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('HardwareModel');
+ $this->model('DeletionModel');
+
+ $this->modelName = 'HardwareModel';
+
+ $this->m['HardwareModel']->setFields('deleted','sanitizeAll');
+
+ $this->setArgKeys(array('page:forceNat'=>1,'type:sanitizeAll'=>'undef','ask_for_del:sanitizeAll'=>'undef','-deleted:sanitizeAll'=>'undef','token:sanitizeAll'=>'token'));
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ Params::$nullQueryValue = 'undef';
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','mainMenu'=>'panel','recordPerPage'=>30));
+
+ $whereClauseArray = array(
+ 'type' => $this->viewArgs['type'],
+ 'ask_for_del' => $this->viewArgs['ask_for_del'],
+ '-deleted' => $this->viewArgs['-deleted'],
+ );
+ $this->scaffold->setWhereQueryClause($whereClauseArray);
+
+ $this->scaffold->loadMain('hardware:id_hard,hardware:model,hardware:type,getUserName|hardware:created_by,getUserName|hardware:updated_by,smartDate|hardware:creation_date,smartDate|hardware:update_date,hardware:ask_for_del,hardware:deleted','hardware:id_hard','edit');
+
+ $this->scaffold->addItem('simpleLink','adminhardware/ask/;hardware:id_hard;',null,'who asked for deletion');
+ $this->scaffold->setHead('HARD ID,MODEL,TYPE,CREATED BY,UPDATED BY,CREATION DATE,UPDATE DATE,ASK FOR DEL?,DELETED?,EDIT,VIEW');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->append($data);
+ $this->load('main');
+ }
+
+ public function ask($id_hard = 0)
+ {
+ $this->shift(1);
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $clean['id_hard'] = (int)$id_hard;
+
+ $this->helper('Menu','adminhardware','panel');
+ $this->h['Menu']->links['back']['text'] = 'Back';
+ $this->h['Menu']->links['back']['url'] = 'main';
+
+ $data["table"] = $this->m['DeletionModel']->select()->where(array("id_hard"=>$clean['id_hard']))->orderBy("id_del desc")->send();
+
+ $data['menu'] = $this->h['Menu']->render('panel,back');
+
+ $this->append($data);
+ $this->load('ask');
+
+ }
+
+ public function form($queryType = 'update')
+ {
+ $this->shift(1);
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ if (isset($_POST['updateAction']))
+ {
+ $clean['id_hard'] = $this->request->post('id_hard',0,'forceInt');
+ $clean['deleted'] = $this->request->post('deleted',0,'sanitizeAll');
+
+ $this->m['HardwareModel']->db->update('hardware','deleted',array($clean['deleted']),'id_hard='.$clean['id_hard']);
+
+ }
+
+ $this->loadScaffold('form');
+ $this->scaffold->loadForm($queryType,"adminhardware/form/$queryType");
+ $this->scaffold->getFormValues('sanitizeHtml');
+ $data['scaffold'] = $this->scaffold->render();
+
+ $this->append($data);
+ $this->load('main');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdminhistoryController.php b/admin/Application/Controllers/AdminhistoryController.php
new file mode 100644
index 0000000..849e432
--- /dev/null
+++ b/admin/Application/Controllers/AdminhistoryController.php
@@ -0,0 +1,68 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminhistoryController extends Controller
+{
+
+ function __construct($model, $controller, $queryString)
+ {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('HistoryModel');
+
+ $this->modelName = 'HistoryModel';
+
+ $this->setArgKeys(array('page:forceNat'=>1,'type:sanitizeAll'=>'undef','action:sanitizeAll'=>'undef','created_by:sanitizeAll'=>'undef','token:sanitizeAll'=>'token'));
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ Params::$nullQueryValue = 'undef';
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','mainMenu'=>'panel','recordPerPage'=>30));
+
+ $whereClauseArray = array(
+ 'type' => $this->viewArgs['type'],
+ 'action' => $this->viewArgs['action'],
+ 'created_by'=> $this->viewArgs['created_by'],
+ 'gr' => '!="registered"',
+ );
+ $this->scaffold->setWhereQueryClause($whereClauseArray);
+ $this->scaffold->model->orderBy('id_history desc');
+ $this->scaffold->loadMain('history:id_history,history:type,history:action,getUserName|history:created_by,history:id,smartDate|history:creation_date,history:gr,history:message','history:id_history','');
+ $this->scaffold->setHead('HISTORY ID,TYPE,ACTION,CREATED BY,OBJECT ID,CREATION DATE,GROUP,MESSAGE');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->append($data);
+ $this->load('main');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdminissuesController.php b/admin/Application/Controllers/AdminissuesController.php
new file mode 100644
index 0000000..476b69c
--- /dev/null
+++ b/admin/Application/Controllers/AdminissuesController.php
@@ -0,0 +1,88 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminissuesController extends Controller {
+
+ function __construct($model, $controller, $queryString) {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('IssuesModel');
+
+ $this->modelName = 'IssuesModel';
+
+ $this->m['IssuesModel']->setFields('deleted,status','sanitizeAll');
+
+ $this->setArgKeys(array('page:forceNat'=>1,'priority:sanitizeAll'=>'undef','status:sanitizeAll'=>'undef','topic:sanitizeAll'=>'undef','deleted:sanitizeAll'=>'undef','token:sanitizeAll'=>'token'));
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ Params::$nullQueryValue = 'undef';
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive'));
+
+ $whereClauseArray = array(
+ 'priority' => $this->viewArgs['priority'],
+ 'status' => $this->viewArgs['status'],
+ 'topic' => $this->viewArgs['topic'],
+ 'deleted' => $this->viewArgs['deleted'],
+ );
+ $this->scaffold->setWhereQueryClause($whereClauseArray);
+
+ $this->scaffold->loadMain('issues:id_issue,issues:title,issues:topic,getUserName|issues:created_by,issues:priority,issues:status,smartDate|issues:creation_date,issues:deleted','issues:id_issue','edit,del');
+ $this->scaffold->setHead('ISSUE ID,TITLE,TOPIC,CREATED BY,PRIORITY,STATUS,DATE');
+ $this->scaffold->update('del');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->append($data);
+ $this->load('main');
+ }
+
+ public function form($queryType = 'insert')
+ {
+ $this->shift(1);
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->m['IssuesModel']->updateTable('insert,update');
+
+ $this->loadScaffold('form');
+ $this->scaffold->loadForm($queryType,"adminissues/form/$queryType");
+ $this->scaffold->getFormValues('sanitizeHtml');
+ $data['scaffold'] = $this->scaffold->render();
+
+ $this->append($data);
+ $this->load('main');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdminmessagesController.php b/admin/Application/Controllers/AdminmessagesController.php
new file mode 100644
index 0000000..5a979c4
--- /dev/null
+++ b/admin/Application/Controllers/AdminmessagesController.php
@@ -0,0 +1,86 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminmessagesController extends Controller {
+
+ function __construct($model, $controller, $queryString) {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('MessagesModel');
+
+ $this->modelName = 'MessagesModel';
+
+ $this->m['MessagesModel']->setFields('deleted,has_read','sanitizeAll');
+
+ $this->setArgKeys(array('page:forceNat'=>1,'deleted:sanitizeAll'=>'undef','has_read:sanitizeAll'=>'undef','token:sanitizeAll'=>'token'));
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ Params::$nullQueryValue = 'undef';
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','recordPerPage'=>20));
+
+ $whereClauseArray = array(
+ 'deleted' => $this->viewArgs['deleted'],
+ 'has_read' => $this->viewArgs['has_read'],
+ );
+ $this->scaffold->setWhereQueryClause($whereClauseArray);
+ $this->scaffold->model->orderBy = "id_mes desc";
+
+ $this->scaffold->loadMain('messages:id_mes,messages:id_issue,getUserName|messages:created_by,smartDate|messages:creation_date,messages:deleted,messages:has_read','messages:id_mes','edit');
+ $this->scaffold->setHead('MESSAGE ID,ISSUE ID,CREATED BY,DATE,DELETED?,ALREADY READ?');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->append($data);
+ $this->load('main');
+ }
+
+ public function form($queryType = 'insert')
+ {
+ $this->shift(1);
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->m['MessagesModel']->updateTable('insert,update');
+
+ $this->loadScaffold('form');
+ $this->scaffold->loadForm($queryType,"adminmessages/form/$queryType");
+ $this->scaffold->getFormValues('sanitizeHtml');
+ $data['scaffold'] = $this->scaffold->render();
+
+ $this->append($data);
+ $this->load('main');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdminnewsController.php b/admin/Application/Controllers/AdminnewsController.php
new file mode 100644
index 0000000..d722ffe
--- /dev/null
+++ b/admin/Application/Controllers/AdminnewsController.php
@@ -0,0 +1,78 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminnewsController extends Controller {
+
+ function __construct($model, $controller, $queryString) {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('NewsModel');
+
+ $this->modelName = 'NewsModel';
+
+ $this->m['NewsModel']->setFields('title,message','sanitizeAll');
+
+ $this->setArgKeys(array('page:forceNat'=>1,'token:sanitizeAll'=>'token'));
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main');
+
+ $this->scaffold->loadMain('news:id_news,news:title,smartDate|news:creation_date','news:id_news','edit,del');
+ $this->scaffold->setHead('NEWS ID,TITLE,DATE');
+ $this->scaffold->update('del');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->append($data);
+ $this->load('main');
+ }
+
+ public function form($queryType = 'insert')
+ {
+ $this->shift(1);
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->m['NewsModel']->updateTable('insert,update');
+
+ $this->loadScaffold('form');
+ $this->scaffold->loadForm($queryType,"adminnews/form/$queryType");
+ $this->scaffold->getFormValues('sanitizeHtml');
+ $data['scaffold'] = $this->scaffold->render();
+
+ $this->append($data);
+ $this->load('main');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdminparamsController.php b/admin/Application/Controllers/AdminparamsController.php
new file mode 100644
index 0000000..62e58b6
--- /dev/null
+++ b/admin/Application/Controllers/AdminparamsController.php
@@ -0,0 +1,68 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminparamsController extends Controller {
+
+ function __construct($model, $controller, $queryString) {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('ParamsModel');
+
+ $this->modelName = 'ParamsModel';
+
+ $this->m['ParamsModel']->setFields('updating,boxes_xml','sanitizeAll');
+
+ $this->setArgKeys(array('token:sanitizeAll'=>'token'));
+ }
+
+ public function form()
+ {
+ $this->shift();
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->m['ParamsModel']->updateTable('update',1);
+ if ($this->m['ParamsModel']->queryResult)
+ {
+ if (strcmp($this->m['ParamsModel']->values['updating'],'yes') === 0)
+ {
+ $this->m['ParamsModel']->query("delete from regsessions;");
+ }
+ }
+// echo $this->m['ParamsModel']->getQuery();
+
+ $this->loadScaffold('form',array('formMenu'=>'panel'));
+ $this->scaffold->loadForm('update',"adminparams/form");
+ $this->scaffold->getFormValues('sanitizeHtml',1);
+ $data['scaffold'] = $this->scaffold->render();
+
+ $this->append($data);
+ $this->load('form');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdminpasswordController.php b/admin/Application/Controllers/AdminpasswordController.php
new file mode 100644
index 0000000..bcaca95
--- /dev/null
+++ b/admin/Application/Controllers/AdminpasswordController.php
@@ -0,0 +1,88 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminpasswordController extends Controller
+{
+
+ function __construct($model, $controller, $queryString)
+ {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->helper('Menu','users','panel/main');
+ $this->helper('Array');
+
+ $this->session('admin');
+ $this->model('AdminusersModel');
+
+ $this->m['AdminusersModel']->setFields('password:sha1','none');
+
+ $this->m['AdminusersModel']->strongConditions['update'] = array('checkEqual'=>'password,confirmation');
+ $this->m['AdminusersModel']->strongConditions['insert'] = array('checkEqual'=>'password,confirmation');
+
+ $this->m['AdminusersModel']->identifierName = 'id_user';
+
+ $this->setArgKeys(array('token:sanitizeAll'=>'token'));
+ }
+
+ public function form()
+ {
+ $this->shift(0);
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $data['notice'] = null;
+
+ $id = (int)$this->s['admin']->status['id_user'];
+ if (isset($_POST['updateAction'])) {
+ $pass = $this->s['admin']->getPassword();
+ if (sha1($_POST['old']) === $pass)
+ {
+ $this->m['AdminusersModel']->updateTable('update',$id);
+ $data['notice'] = $this->m['AdminusersModel']->notice;
+ }
+ else
+ {
+ $data['notice'] = "<div class='alert'>Vecchia password sbagliata</div>\n";
+ }
+ }
+ $data['menĂ¹'] = $this->h['Menu']->render('panel');
+
+ $values = $this->m['AdminusersModel']->selectId($id);
+
+ $action = array('updateAction'=>'save');
+ $form = new Form_Form('adminpassword/form'.$this->viewStatus,$action);
+ $form->setEntry('old','Password');
+ $form->entry['old']->labelString = 'old password:';
+ $form->setEntry('password','Password');
+ $form->setEntry('confirmation','Password');
+ $data['form'] = $form->render($values,'old,password,confirmation');
+
+ $this->append($data);
+ $this->load('form');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdminregusersController.php b/admin/Application/Controllers/AdminregusersController.php
new file mode 100644
index 0000000..b4ed6ed
--- /dev/null
+++ b/admin/Application/Controllers/AdminregusersController.php
@@ -0,0 +1,101 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminregusersController extends Controller {
+
+ function __construct($model, $controller, $queryString) {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('UsersModel');
+
+ $this->modelName = 'UsersModel';
+
+ $this->helper('Menu','adminregusers','panel/main');
+
+// $this->m['UsersModel']->setFields('username,e_mail,has_confirmed,deleted,creation_date','sanitizeAll');
+
+ $this->setArgKeys(array('page:forceNat'=>1,'has_confirmed:sanitizeAll'=>'undef','deleted:sanitizeAll'=>'undef','id_group:sanitizeAll'=>'undef','token:sanitizeAll'=>'token'));
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ Params::$nullQueryValue = 'undef';
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','mainMenu'=>'panel','recordPerPage'=>30));
+
+ $whereClauseArray = array(
+ 'has_confirmed' => $this->viewArgs['has_confirmed'],
+ 'deleted' => $this->viewArgs['deleted'],
+ 'id_group' => $this->viewArgs['id_group'],
+ );
+ $this->scaffold->setWhereQueryClause($whereClauseArray);
+
+ $this->scaffold->loadMain('regusers:id_user,regusers:username,regusers:e_mail,regusers:has_confirmed,regusers:deleted,smartDate|regusers:creation_date','regusers:id_user','link');
+ $this->scaffold->setHead('USER ID,USERNAME,E-MAIL,HAS CONFIRMED?,DELETED?,DATE');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->append($data);
+ $this->load('main');
+ }
+
+ public function associate()
+ {
+ $this->shift(0);
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->m['UsersModel']->printAssError = 'yes';
+ $this->m['UsersModel']->updateTable('associate,dissociate');
+
+ $data['notice'] = $this->m['UsersModel']->notice;
+
+ $data['menu'] = $this->h['Menu']->render('back');
+
+ $data['action'] = $this->baseUrl.'/adminregusers/associate'.$this->viewStatus;
+
+ $data['groups'] = $this->m['UsersModel']->getFieldArray('reggroups:id_group','reggroups:name');
+
+ //get the name of the user whose id is $_POST['id_user']
+ $users = $this->m['UsersModel']->db->select('regusers','username','id_user='.(int)$_POST['id_user']);
+ $data['user'] = $users[0]['regusers']['username'];
+
+ //get the groups inside which the user is inserted
+ $this->m['UsersModel']->setWhereQueryClause(array('id_user'=>(int)$_POST['id_user']));
+ $this->m['UsersModel']->orderBy = 'reggroups.id_group desc';
+ $data['groupsUser'] = $this->m['UsersModel']->getAll('Boxes');
+// echo $this->m['UsersModel']->getQuery();
+
+ $this->set($data);
+ $this->load('associate');
+ }
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdmintalkController.php b/admin/Application/Controllers/AdmintalkController.php
new file mode 100644
index 0000000..b91912a
--- /dev/null
+++ b/admin/Application/Controllers/AdmintalkController.php
@@ -0,0 +1,59 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdmintalkController extends Controller {
+
+ function __construct($model, $controller, $queryString) {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->session('admin');
+ $this->model('TalkModel');
+
+ $this->modelName = 'TalkModel';
+
+ $this->m['TalkModel']->setFields('title,message','sanitizeAll');
+
+ $this->setArgKeys(array('page:forceNat'=>1,'token:sanitizeAll'=>'token'));
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main',array('mainMenu'=>'panel'));
+
+ $this->scaffold->loadMain('talk:id_talk,talk:id_hard,talk:title,getUserName|talk:created_by,smartDate|talk:creation_date','talk:id_talk','del');
+ $this->scaffold->setHead('TALK ID,HARDWARE ID,TITLE,CREATED BY,DATE');
+ $this->scaffold->update('del');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->append($data);
+ $this->load('main');
+ }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/AdminusersController.php b/admin/Application/Controllers/AdminusersController.php
new file mode 100644
index 0000000..0154c0c
--- /dev/null
+++ b/admin/Application/Controllers/AdminusersController.php
@@ -0,0 +1,200 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class AdminusersController extends Controller
+{
+
+ function __construct($model, $controller, $queryString)
+ {
+ parent::__construct($model, $controller, $queryString);
+
+ $this->load('header_back');
+ $this->load('footer_back','last');
+
+ $this->helper('Menu','adminusers','panel/main');
+ $this->helper('Array');
+
+ $this->session('admin');
+ $this->model();
+
+ $this->m['AdminusersModel']->setFields('username:sanitizeAll,password:sha1','none');
+
+ $this->m['AdminusersModel']->strongConditions['update'] = array('checkAlphaNum'=>'username','checkEqual'=>'password,confirmation');
+ $this->m['AdminusersModel']->strongConditions['insert'] = array('checkAlphaNum'=>'username','checkEqual'=>'password,confirmation');
+
+ $this->m['AdminusersModel']->databaseConditions['insert'] = array('checkUnique'=>'username');
+ $this->m['AdminusersModel']->databaseConditions['update'] = array('checkUniqueCompl'=>'username');
+
+ $this->setArgKeys(array('page:forceNat'=>1,'id_group:forceInt'=>'0','token:sanitizeAll'=>'token'));
+ Params::$nullQueryValue = '0';
+ }
+
+ public function login()
+ {
+ $data['action'] = Url::getRoot('adminusers/login');
+ $data['notice'] = null;
+
+ $this->s['admin']->checkStatus();
+ if ($this->s['admin']->status['status']=='logged')
+ {
+ $this->s['admin']->redirect('logged');
+ }
+ if (isset($_POST['username']) and isset($_POST['password']))
+ {
+ $username = ctype_alnum($_POST['username']) ? sanitizeAll($_POST['username']) : '';
+ $choice = $this->s['admin']->login($username,$_POST['password']);
+
+ switch($choice)
+ {
+ case 'logged':
+ $this->redirect('panel/main',3,'You are already logged...');
+ break;
+ case 'accepted':
+ $this->redirect('panel/main',3,'Hi '.$this->s['admin']->status['user'].'...');
+ break;
+ case 'login-error':
+ $data['notice'] = '<div class="alert">Wrong username or password</div>';
+ break;
+ case 'wait':
+ $data['notice'] = '<div class="alert">You have to wait 5 seconds before you can try to login another time</div>';
+ break;
+ }
+ }
+ $this->set($data);
+ $this->load('login');
+ }
+
+ public function logout()
+ {
+ $res = $this->s['admin']->logout();
+ if ($res == 'not-logged') {
+ $data['notice'] = "<div class='alert'>You can't logout because you are not logged..</div>\n";
+
+ } else if ($res == 'was-logged') {
+ $data['notice'] = "<div class='executed'>Logout executed successfully!</div>\n";
+
+ } else if ($res == 'error') {
+
+ }
+
+ $data['login'] = Url::getRoot('adminusers/login');
+ $this->set($data);
+ $this->load('logout');
+ }
+
+ public function forceout($id)
+ {
+ $this->shift(1);
+
+ $this->s['admin']->check();
+ $data['menĂ¹'] = $this->h['Menu']->render('back');
+ $data['notice'] = null;
+ $id = (int)$id;
+ if (strcmp($this->s['admin']->status['id_user'],$id) !== 0)
+ {
+ if ($this->s['admin']->forceOut($id))
+ {
+ $data['notice'] = "<div class='executed'>User has been forced out..</div>\n";
+ }
+ else
+ {
+ $data['notice'] = "<div class='alert'>Error..</div>\n";
+ }
+ }
+
+ $this->set($data);
+ $this->load('forceout');
+ }
+
+ public function main()
+ {
+ $this->shift();
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->loadScaffold('main',array('popup'=>false));
+ $this->scaffold->setWhereQueryClause(array('id_group'=>$this->viewArgs['id_group']));
+ $this->scaffold->loadMain('adminusers:id_user,adminusers:username','adminusers:id_user','edit,del');
+ $this->scaffold->addItem('simpleLink','adminusers/forceout/;adminusers:id_user;',null,'ForceOut');
+ $this->scaffold->update('del');
+ $data['scaffold'] = $this->scaffold->render();
+ $this->set($data);
+ $this->load('main');
+ }
+
+ public function form($queryType = 'insert')
+ {
+ $this->shift(1);
+
+ $this->s['admin']->check();
+
+ if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+
+ $this->m['AdminusersModel']->updateTable('insert,update');
+
+ $this->loadScaffold('form');
+ $this->scaffold->loadForm($queryType,"adminusers/form/$queryType");
+ $this->scaffold->getFormValues('sanitizeHtml');
+ $this->scaffold->setFormEntries('model',array('password'=>'Password'));
+ $this->scaffold->form->setEntry('confirmation','Password');
+ $data['scaffold'] = $this->scaffold->render(null,'username,password,confirmation,id_user');
+
+ $this->set($data);
+ $this->load('main');
+ }
+
+// public function associate()
+// {
+// $this->shift(0);
+//
+// $this->s['admin']->check();
+//
+// if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..');
+//
+// $this->m['AdminusersModel']->printAssError = 'yes';
+// $this->m['AdminusersModel']->updateTable('associate,dissociate');
+//
+// $data['notice'] = $this->m['AdminusersModel']->notice;
+//
+// $data['menu'] = $this->h['Menu']->render('back');
+//
+// $data['action'] = $this->baseUrl.'/adminusers/associate'.$this->viewStatus;
+//
+// $data['groups'] = $this->m['AdminusersModel']->getFieldArray('admingroups:id_group','admingroups:name');
+//
+// //get the name of the user whose id is $_POST['id_user']
+// $users = $this->m['AdminusersModel']->db->select('adminusers','username','id_user='.(int)$_POST['id_user']);
+// $data['user'] = $users[0]['adminusers']['username'];
+//
+// //get the groups inside which the user is inserted
+// $this->m['AdminusersModel']->setWhereQueryClause(array('id_user'=>(int)$_POST['id_user']));
+// $this->m['AdminusersModel']->orderBy = 'admingroups.id_group desc';
+// $data['groupsUser'] = $this->m['AdminusersModel']->getAll('Boxes');
+// // echo $this->m['AdminusersModel']->getQuery();
+//
+// $this->set($data);
+// $this->load('associate');
+// }
+
+} \ No newline at end of file
diff --git a/admin/Application/Controllers/PanelController.php b/admin/Application/Controllers/PanelController.php
new file mode 100755
index 0000000..27eeacf
--- /dev/null
+++ b/admin/Application/Controllers/PanelController.php
@@ -0,0 +1,43 @@
+<?php
+
+// h-admin, a web software to build a community of people that want to share their hardware information.
+// Copyright (C) 2010 Antonio Gallo (h-admin-copyright.txt)
+//
+// This file is part of h-admin
+//
+// h-admin is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// h-admin is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with h-admin. If not, see <http://www.gnu.org/licenses/>.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class PanelController extends Controller {
+
+ public function __construct($model, $controller, $queryString) {
+ parent::__construct($model, $controller, $queryString);
+ $this->session('admin');
+ $this->load('header_back');
+ $this->load('footer_back','last');
+ }
+
+ public function main()
+ {
+ $this->s['admin']->check();
+ $data['logged'] = $this->s['admin']->getUsersLogged();
+
+ $data['token'] = $this->s['admin']->status['token'];
+
+ $this->set($data);
+ $this->load('panel');
+ }
+
+} \ No newline at end of file