mike/archive
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

-

Browse Source
This commit is contained in:
Michael Wesemann 2022-04-08 13:36:54 +02:00
commit a936975feb
30 changed files with 15778 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
README.md Normal file
View File

@ -0,0 +1,64 @@
# Archive
Contact: archive@fhi.mpg.de
# Installation
## Prerequisites:
- Debian/Ubuntu
- Apache/Nginx
- Mariadb/Mysql
- PHP (including MySQL module for PHP)
- Imagemagick
- nullmailer
- Dropzone (https://github.com/dropzone/dropzone)
- Json Viewer (https://github.com/abodelot/jquery.json-viewer)
## Step 1: Build your basic filesystem
```
# mkdir /a /a/etc /a/bin /a/data /a/cache /a/tmp /a/log
# chmod 777 /a/data /a/cache /a/tmp /a/log
# git clone https://github.com/fhimpg/archive.git
# cp archive/src/* /a/www
# cp archive/archive.conf /a/www
# cp archive/support/dropzone.* /a/www
# cp -r archive/support/json-viewer /a/www
# cp archive/archive.rewrite.conf /a/etc
```
## Step 2: Build your database
- install database (mariadb or MySQL)
- add a database user
- create a empty database
- import database schema:
```
# mysql archive < archive.sql
```
## Step 3: Configure a virtual host in your webserver, eg:
```
<VirtualHost *:443>
ServerName archive.my.domain:443
DocumentRoot /a/www
<Directory /a/www>
AllowOverride All
</Directory>
SSLEngine on
SSLCertificateFile /etc/acme.sh/my.domain/fullchain.cer
SSLCertificateKeyFile /etc/acme.sh/my.domain/my.domain.key
RewriteEngine On
Include /a/etc/archive.rewrite.conf
</VirtualHost>
```

177
archive.conf Normal file
View File

@ -0,0 +1,177 @@
<?
$TITLE = 'Archive';
$TAG = 'ARCHIVE';
$BASEURL = 'https://archive.my.domain';
$ABASE = '/a';
$DATA = "$ABASE/data";
$TMP = "$ABASE/tmp";
$CACHE = "$ABASE/cache";
$DEBUG = 1;
$PHPLOG = "$ABASE/log/archive.log";
$MYHOST = "localhost";
$MYDB = "archive";
$MYUSER = "archive";
$MYPW = "xxxxxx";
$SALT = '$5$ujeeyaequoox';
$BDPW = '';
$LDAPHOST = '';
$LDAPPORT = 0;
$LDAPBASE = '';
// $LDAPALLOW ['gidnumber'] = ['123','999'];
// $LDAPALLOW ['uid'] = ['user','user'];
// $LDAPDENY ['uid'] = ['user'];
$FMAX=32;
$TYPES=array('data','publication','sample','equipment','instrument','chemicals','gas','project');
$SRCS=array('UNKNOWN','INTERN','EXTERNAL');
$PTYP=array('UNKNOWN','FULL ARTICLE','SHORT COMMUNICATION','PERSPECTIVE','REVIEW','BOOK','BOOK CHAPTER',
'DIPLOMA THESIS','MASTER/BACHELOR THESIS','DISSERTATION','HABILITATION','PRESENTATION',
'POSTER','REPORT');
$METH=array('AAS','ATR','AUGER','CO CHEMISORTION','DFT','DRIFTS','EELS','EPR','EXAFS','FTIR',
'HYDROGEN CHEMISORPTION','ICP-OES','KELVIN PROBE','MCPT','NITROGEN ADSORPTION',
'NEUTRON SCATTERING','NEXAFS','NMR','PL','PM-IRAS','RAMAN','RESPES','SAX','SEM','SYNTHESIS',
'TEM','TDS','THERMAL TREATMENT','TPD','TPR/TPO','TPD','UV/VIS','XAS','XPS','XRD');
$DTYP=array('UNKNOWN','IMAGE','RAW DATA','PROCESSED DATA');
// A: mandatory: 0 = no, 1 = no
// B: field type: 0 = text field, 1 = text area, 2 = date, 3 = checkbox, ARRAY = selection list
// C: list mode: 0 = single selection, 1 = multiple selection
// D: read only" 0 = no, 1 =yes
// A B C D
$T = 'data';
$TCHR[$T] = 'D';
$FMAP[$T][] = ['Title', 0, 0, 0, 0];
$FMAP[$T][] = ['Author', 0, 0, 0, 0];
$FMAP[$T][] = ['Comment', 0, 1, 0, 0];
$FMAP[$T][] = ['Abstract', 0, 1, 0, 1];
$FMAP[$T][] = ['Keywords', 1, 0, 0, 0];
$FMAP[$T][] = ['Document Type', 0, $DTYP, 0, 0];
$FMAP[$T][] = ['Methods', 0, 0, 0, 0];
$FMAP[$T][] = ['Elements', 0, 0, 0, 0];
$FMAP[$T][] = ['Sample Number', 0, 0, 0, 0];
$T = 'publication';
$TCHR[$T] = 'P';
$FMAP[$T][] = ['Title', 1, 0, 0, 0];
$FMAP[$T][] = ['Author', 1, 0, 0, 0];
$FMAP[$T][] = ['Comment', 0, 1, 0, 0];
$FMAP[$T][] = ['Abstract', 0, 1, 0, 0];
$FMAP[$T][] = ['Keywords', 1, 0, 0, 0];
$FMAP[$T][] = ['Document Type', 0, $PTYP, 0, 0];
$FMAP[$T][] = ['Citation', 0, 0, 0, 0];
$FMAP[$T][] = ['DOI', 0, 0, 0, 0];
$T = 'sample';
$TCHR[$T] = 'S';
$FMAP[$T][] = ['Name', 1, 0, 0, 0];
$FMAP[$T][] = ['Preparator', 1, 0, 0, 0];
$FMAP[$T][] = ['Source', 0, $SRCS, 0, 0];
$FMAP[$T][] = ['Sample Description', 1, 0, 0, 0];
$FMAP[$T][] = ['Characterisation Methods', 0, 0, 0, 1];
$FMAP[$T][] = ['Comment', 0, 1, 0, 0];
$FMAP[$T][] = ['Date of Preparation', 1, 2, 0, 0];
$FMAP[$T][] = ['Instrument Used', 0, 0, 0, 1];
$FMAP[$T][] = ['Amount of Product', 0, 0, 0, 0];
$FMAP[$T][] = ['Yield (%)', 0, 0, 0, 0];
$FMAP[$T][] = ['Reactants', 0, 0, 0, 1];
$FMAP[$T][] = ['Method of Preparation', 1, 0, 0, 0];
$FMAP[$T][] = ['Location of Sample', 0, 0, 0, 0];
$FMAP[$T][] = ['Special Precautions', 0, 0, 0, 0];
$FMAP[$T][] = ['Cross Reference to Literature', 0, 0, 0, 0];
$FMAP[$T][] = ['Synthesis Data', 0, 0, 0, 1];
$FMAP[$T][] = ['Reaction Data', 0, 0, 0, 1];
$FMAP[$T][] = ['Drying Procedure', 0, 0, 0, 0];
$FMAP[$T][] = ['State of Sample', 0, 0, 0, 0];
$FMAP[$T][] = ['Elements', 0, 0, 0, 0];
$T = 'chemicals';
$TCHR[$T] = 'C';
$FMAP[$T][] = ['English Name', 1, 0, 0, 0];
$FMAP[$T][] = ['German Name', 1, 0, 0, 0];
$FMAP[$T][] = ['Manufacturer', 1, 0, 0, 0];
$FMAP[$T][] = ['Comment', 0, 1, 0, 0];
$FMAP[$T][] = ['IUPAC', 0, 0, 0, 0];
$FMAP[$T][] = ['CAS No', 0, 0, 0, 0];
$FMAP[$T][] = ['LOT / Charge', 1, 0, 0, 0];
$FMAP[$T][] = ['Purity', 1, 0, 0, 0];
$FMAP[$T][] = ['Quantity Ordered', 1, 0, 0, 0];
$FMAP[$T][] = ['Molecular Formula', 0, 0, 0, 0];
$FMAP[$T][] = ['Molar Mass', 0, 0, 0, 0];
$FMAP[$T][] = ['Used By', 0, 0, 0, 0];
$FMAP[$T][] = ['H Phrases', 0, 0, 0, 0];
$FMAP[$T][] = ['Date of Opening', 0, 2, 0, 0];
$FMAP[$T][] = ['CMR', 0, 3, 0, 0];
$T = 'gas';
$TCHR[$T] = 'G';
$FMAP[$T][] = ['English Name', 1, 0, 0, 0];
$FMAP[$T][] = ['German Name', 1, 0, 0, 0];
$FMAP[$T][] = ['Comment', 0, 1, 0, 0];
$FMAP[$T][] = ['Formula', 1, 0, 0, 0];
$FMAP[$T][] = ['CAS No', 1, 0, 0, 0];
$FMAP[$T][] = ['Purity', 1, 0, 0, 0];
$FMAP[$T][] = ['Supplier', 1, 0, 0, 0];
$FMAP[$T][] = ['Nominal Composition', 1, 0, 0, 0];
$FMAP[$T][] = ['Actual Composition', 1, 0, 0, 0];
$FMAP[$T][] = ['Certificate of Analysis', 1, 0, 0, 0];
$FMAP[$T][] = ['Location', 1, 0, 0, 0];
$T = 'equipment';
$TCHR[$T] = 'E';
$FMAP[$T][] = ['Name', 1, 0, 0, 0];
$FMAP[$T][] = ['Person in charge', 1, 0, 0, 0];
$FMAP[$T][] = ['Comment', 0, 1, 0, 0];
$FMAP[$T][] = ['Application', 1, 0, 0, 0];
$T = 'instrument';
$TCHR[$T] = 'I';
$FMAP[$T][] = ['Device', 1, 0, 0, 0];
$FMAP[$T][] = ['Manufacturer', 1, 0, 0, 0];
$FMAP[$T][] = ['Comment', 0, 1, 0, 0];
$FMAP[$T][] = ['Type', 1, 0, 0, 0];
$FMAP[$T][] = ['Serial Number', 1, 0, 0, 0];
$FMAP[$T][] = ['FHI Inventory Number', 1, 0, 0, 0];
$FMAP[$T][] = ['Power (W)', 0, 0, 0, 0];
$FMAP[$T][] = ['Current (A)', 0, 0, 0, 0];
$FMAP[$T][] = ['Voltage (V)', 0, 0, 0, 0];
$FMAP[$T][] = ['Maximum Operating Temperature', 0, 0, 0, 0];
$FMAP[$T][] = ['Maximum Operating Pressure', 0, 0, 0, 0];
$FMAP[$T][] = ['Measurement Range', 0, 0, 0, 0];
$FMAP[$T][] = ['Maximum Flow', 0, 0, 0, 0];
$FMAP[$T][] = ['Used By', 0, 0, 0, 0];
$FMAP[$T][] = ['Location', 0, 0, 0, 0];
$T = 'project';
$TCHR[$T] = 'X';
$FMAP[$T][] = ['Project', 0, 0, 0, 0];
$FMAP[$T][] = ['Title', 0, 0, 0, 0];
$FMAP[$T][] = ['Comment ', 0, 1, 0, 0];
$FMAP[$T][] = ['Grant Number', 0, 0, 0, 0];
$FMAP[$T][] = ['PSP Element', 0, 0, 0, 0];
$FMAP[$T][] = ['Project Leader', 0, 0, 0, 0];
$FMAP[$T][] = ['Project Term', 0, 0, 0, 0];
$FMAP[$T][] = ['Project Partner', 0, 0, 0, 0];
$FMAP[$T][] = ['Project Staff', 0, 0, 0, 0];
$FMAP[$T][] = ['Supporting AC staff', 0, 0, 0, 0];
$FMAP[$T][] = ['Cooperator', 0, 0, 0, 0];
$DEFSEARCHFIELD[1] = 'Author';
$DEFSEARCHFIELD[2] = 'Title';
$DEFSEARCHFIELD[3] = 'Keywords';
$DEFSEARCHFIELD[4] = 'Comment';
$IDPAT='DPSCGEIX';
?>

53
archive.rewrite.conf Normal file
View File

@ -0,0 +1,53 @@
RewriteRule ^/([A-Z,a-z]\d+)/opt/(.*$)$ /index.php?id=$1&opt=$2
RewriteRule ^/([A-Z,a-z]\d+)/do/(\d+)$ /index.php?id=$1&docoff=$2
RewriteRule ^/([A-Z,a-z]\d+)$ /index.php?id=$1
RewriteRule ^/([A-Z,a-z]\d+)-0-0$ /index.php?id=$1
RewriteRule ^/activate/(.*)$ /activate.php?key=$1
RewriteRule ^/search/(\d+)$ /search.php?pid=$1
RewriteRule ^/search$ /search.php
RewriteRule ^/([A-Z,a-z]\d+)/edit/do/(\d+)$ /edit.php?mode=edit&id=$1&docoff=$2
RewriteRule ^/([A-Z,a-z]\d+)/edit$ /edit.php?mode=edit&id=$1
RewriteRule ^/([A-Z,a-z]\d+)/clone$ /edit.php?mode=clone&id=$1
RewriteRule ^/([A-Z,a-z]\d+)/copy$ /edit.php?mode=copy&id=$1
RewriteRule ^/([A-Z,a-z]\d+)/link$ /edit.php?mode=link&id=$1
RewriteRule ^/([A-Z,a-z]\d+)/bookmark$ /edit.php?mode=bookmark&id=$1
RewriteRule ^/([A-Z,a-z]\d+)/delete$ /edit.php?mode=delete&id=$1
RewriteRule ^/([A-Z,a-z]\d+)/dellink/(\d+)$ /edit.php?mode=dellink&id=$1&lid=$2
RewriteRule ^/([A-Z,a-z]\d+)/deldoc/(\d+)$ /edit.php?mode=deldoc&id=$1&docid=$2
RewriteRule ^/delbookmark/(\d+)$ /edit.php?mode=delbookmark&bid=$1
RewriteRule ^/delsearch/(\d+)$ /edit.php?mode=delsearch&pid=$1
RewriteRule ^/([A-Z,a-z]\d+)/fix$ /edit.php?mode=fix&id=$1
RewriteRule ^/chunker/([^/]*)/(.*) /chunker.php?catid=$1&upid=$2
RewriteRule ^/preview/(.*) /preview.php?cdid=$1
RewriteRule ^/send/(.*) /send.php?cdid=$1
RewriteRule ^/p/([^/]*)/([^/]*)/(.*) /previewout.php?catid=$1&docid=$2&file=$3
RewriteRule ^/home /index.php?mode=home
RewriteRule ^/logout /logout.php
RewriteRule ^/login/([A-Z,a-z]\d+) /login.php?goto=$1
RewriteRule ^/login /login.php
RewriteRule ^/more /more.php
RewriteRule ^/new /edit.php?mode=new
RewriteRule ^/edit /edit.php
RewriteRule ^/search /search.php
RewriteRule ^/admin/stats /stats.php
RewriteRule ^/admin/([^/]*)/(.*) /admin.php?mode=$1&uid=$2
RewriteRule ^/admin/(.*) /admin.php?mode=$1
RewriteRule ^/tag/(.*) /tags.php?tag=$1
RewriteRule ^/tag /tags.php
RewriteRule ^/clrcopy /edit.php?mode=clrcopy
RewriteRule ^/uploadcopy /uploadcopy.php
RewriteRule ^/maintenance /maintenance.php
RewriteRule ^/scan/([^/]*) /scan.php?catid=$1
RewriteRule ^/v1/(.*) /rest.php?cmd=$1

232
archive.sql Normal file
View File

@ -0,0 +1,232 @@
DROP TABLE IF EXISTS `activate`;
CREATE TABLE `activate` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`activationkey` varchar(255) DEFAULT NULL,
`email` varchar(255) DEFAULT NULL,
`state` int(11) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `bookmarks`;
CREATE TABLE `bookmarks` (
`bid` int(11) unsigned NOT NULL AUTO_INCREMENT,
`ts` timestamp NULL DEFAULT NULL ON UPDATE current_timestamp(),
`catid` int(11) DEFAULT NULL,
`user` varchar(255) DEFAULT '0',
PRIMARY KEY (`bid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `cat`;
CREATE TABLE `cat` (
`id` varchar(16) DEFAULT NULL,
`catid` int(11) NOT NULL AUTO_INCREMENT,
`version` int(11) DEFAULT 0,
`type` varchar(32) DEFAULT NULL,
`typeid` int(11) DEFAULT 0,
`tent` timestamp NULL DEFAULT NULL,
`tcha` timestamp NULL DEFAULT NULL,
`ts` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
`oa` int(11) DEFAULT 0,
`rm` int(11) DEFAULT 0,
`user` varchar(255) DEFAULT NULL,
`project` int(11) DEFAULT NULL,
`access` varchar(8) CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT 'project',
`fixed` int(11) DEFAULT NULL,
`jsondata` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT NULL,
`jsonmeta` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT NULL,
`f0` varchar(255) DEFAULT NULL,
`f1` text DEFAULT NULL,
`f2` text DEFAULT NULL,
`f3` text DEFAULT NULL,
`f4` text DEFAULT NULL,
`f5` text DEFAULT NULL,
`f6` varchar(255) DEFAULT NULL,
`f7` varchar(255) DEFAULT NULL,
`f8` varchar(255) DEFAULT NULL,
`f9` varchar(255) DEFAULT NULL,
`f10` varchar(255) DEFAULT NULL,
`f11` varchar(255) DEFAULT NULL,
`f12` varchar(255) DEFAULT NULL,
`f13` varchar(255) DEFAULT NULL,
`f14` varchar(255) DEFAULT NULL,
`f15` varchar(255) DEFAULT NULL,
`f16` varchar(255) DEFAULT NULL,
`f17` varchar(128) DEFAULT NULL,
`f18` varchar(128) DEFAULT NULL,
`f19` varchar(128) DEFAULT NULL,
`f20` varchar(128) DEFAULT NULL,
`f21` varchar(128) DEFAULT NULL,
`f22` varchar(128) DEFAULT NULL,
`f23` varchar(128) DEFAULT NULL,
`f24` varchar(128) DEFAULT NULL,
`f25` varchar(128) DEFAULT NULL,
`f26` varchar(128) DEFAULT NULL,
`f27` varchar(128) DEFAULT NULL,
`f28` varchar(128) DEFAULT NULL,
`f29` varchar(128) DEFAULT NULL,
`f30` varchar(128) DEFAULT NULL,
`f31` varchar(128) DEFAULT NULL,
PRIMARY KEY (`catid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `docs`;
1 SET @saved_cs_client = @@character_set_client */;
CREATE TABLE `docs` (
`docid` int(11) unsigned NOT NULL AUTO_INCREMENT,
`catid` int(11) DEFAULT NULL,
`fdocid` int(11) DEFAULT NULL,
`fcatid` int(11) DEFAULT NULL,
`version` int(11) DEFAULT 0,
`ts` timestamp NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
`rm` int(11) DEFAULT 0,
`comment` text DEFAULT NULL,
`filename` varchar(255) DEFAULT NULL,
`dir` varchar(255) DEFAULT NULL,
`mime` varchar(512) DEFAULT NULL,
`size` int(11) DEFAULT NULL,
`md5` varchar(64) DEFAULT NULL,
PRIMARY KEY (`docid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `gen`;
CREATE TABLE `gen` (
`catid` int(11) DEFAULT NULL,
`parent` int(11) DEFAULT NULL,
`gen` int(11) DEFAULT NULL,
`rm` int(11) DEFAULT 0,
`ts` timestamp NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
`user` varchar(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `links`;
CREATE TABLE `links` (
`lid` int(11) unsigned NOT NULL AUTO_INCREMENT,
`ts` timestamp NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
`catid` int(11) DEFAULT NULL,
`version` int(11) DEFAULT 0,
`link` int(11) DEFAULT NULL,
PRIMARY KEY (`lid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `log`;
CREATE TABLE `log` (
`logid` int(11) unsigned NOT NULL AUTO_INCREMENT,
`id` varchar(16) DEFAULT NULL,
`docid` int(11) unsigned NOT NULL DEFAULT 0,
`action` varchar(255) DEFAULT NULL,
`tag` varchar(16) DEFAULT NULL,
`user` varchar(255) DEFAULT NULL,
`role` int(11) DEFAULT NULL,
`src` varchar(255) DEFAULT NULL,
`ip` varchar(255) DEFAULT NULL,
`ts` timestamp NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
`comment` text DEFAULT NULL,
PRIMARY KEY (`logid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `prefs`;
CREATE TABLE `prefs` (
`pid` int(11) unsigned NOT NULL AUTO_INCREMENT,
`name` varchar(256) DEFAULT NULL,
`user` varchar(64) DEFAULT NULL,
`ts` timestamp NULL DEFAULT NULL ON UPDATE current_timestamp(),
`type` varchar(64) DEFAULT NULL,
`prefs` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT NULL,
PRIMARY KEY (`pid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `projectmember`;
CREATE TABLE `projectmember` (
`pid` int(11) DEFAULT NULL,
`name` varchar(64) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `projects`;
CREATE TABLE `projects` (
`pid` int(11) unsigned NOT NULL AUTO_INCREMENT,
`private` int(11) unsigned NOT NULL DEFAULT 0,
`pname` varchar(32) DEFAULT NULL,
`comment` varchar(255) DEFAULT '',
(`pid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `role`;
CREATE TABLE `role` (
`rid` int(11) unsigned NOT NULL,
`name` varchar(255) CHARACTER SET latin1 DEFAULT NULL,
PRIMARY KEY (`rid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `taglog`;
CREATE TABLE `taglog` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`tag` varchar(128) DEFAULT NULL,
`ip` varchar(32) DEFAULT NULL,
`ts` timestamp NULL DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `tags`;
CREATE TABLE `tags` (
`id` varchar(16) DEFAULT NULL,
`tag` varchar(128) DEFAULT NULL,
`ts` timestamp NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
`user` varchar(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `tmp`;
CREATE TABLE `tmp` (
`id` varchar(32) DEFAULT NULL,
`value` text DEFAULT NULL,
`ts` timestamp NULL DEFAULT NULL ON UPDATE current_timestamp()
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `tokens`;
CREATE TABLE `tokens` (
`tid` int(11) unsigned NOT NULL AUTO_INCREMENT,
`ts` timestamp NULL DEFAULT current_timestamp(),
`token` varchar(64) DEFAULT NULL,
`name` varchar(64) DEFAULT NULL,
`type` varchar(32) DEFAULT NULL,
`ip` varchar(32) DEFAULT NULL,
PRIMARY KEY (`tid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `user`;
CREATE TABLE `user` (
`uid` int(11) unsigned NOT NULL AUTO_INCREMENT,
`name` varchar(64) DEFAULT NULL,
`fullname` varchar(255) DEFAULT NULL,
`passwd` varchar(64) DEFAULT NULL,
`type` varchar(32) DEFAULT NULL,
`role` varchar(32) DEFAULT NULL,
`ts` timestamp NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
PRIMARY KEY (`uid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
DROP TABLE IF EXISTS `var`;
CREATE TABLE `var` (
`name` varchar(255) DEFAULT NULL,
`value` varchar(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
LOCK TABLES `role` WRITE;
INSERT INTO `role` VALUES (0,'root');
INSERT INTO `role` VALUES (1,'admin');
INSERT INTO `role` VALUES (2,'user');
INSERT INTO `role` VALUES (3,'limited');
INSERT INTO `role` VALUES (9,'open access');
UNLOCK TABLES;
LOCK TABLES `var` WRITE;
INSERT INTO `var` VALUES ('db_version','1');
UNLOCK TABLES;
LOCK TABLES `user` WRITE;
INSERT INTO `user` VALUES (1,'root',NULL,'$5$ujeeyaequoox$GHJBMnvAIDCzGYifgnTHKbhYwtYubjQ57WXvv9ocWb2','local','0',NULL);
UNLOCK TABLES;
LOCK TABLES `projects` WRITE;
INSERT INTO `projects` VALUES (1,0,'DEFAULT','');
UNLOCK TABLES;

302
src/access.php Normal file
View File

@ -0,0 +1,302 @@
<?
function setaccess($name,$type) { //////////////////////////////////////////////////////// set access for user
global $DB,$USER,$USERTYPE,$ROLE,$ACCESSQL,$USERPROJECTS,$ROLENAMES;
$q = mysqli_query($DB,"SELECT * FROM role");
while($row = mysqli_fetch_assoc($q)) {
$ROLENAMES[$row['rid']]=$row['name'];
}
if ($type==='oa') {
$USER=$name;
$USERTYPE=$_SESSION['usertype'];
$ROLE=9;
$ACCESSQL="(oa=1)";
return 1;
}
if (PM("/^\s*$/",$name)) return 0;
$res=mydo($DB,"SELECT * FROM user WHERE name='$name' AND type='local'",1);
$numrows =mysqli_num_rows($res);
if ($numrows==0) {
$res=mydo($DB,"SELECT * FROM user WHERE name='$name' AND type='ldap'",1);
$numrows =mysqli_num_rows($res);
}
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
$_SESSION['userrole']=$row['role'];
$_SESSION['usertype']=$row['type'];
$USER=$name;
$USERTYPE=$_SESSION['usertype'];
$ROLE=$_SESSION['userrole'];
if ($ROLE==0) { // ---------------------------------------------------------------------------------- root
$res = mysqli_query($DB,"SELECT projects.id,projectmember.pid,projects.name ". // all projects
"FROM projects,projectmember;");
while($row = mysqli_fetch_assoc($res)) $USERPROJECTS[$row['pid']]=$row['name'];
$ACCESSQL="";
} elseif ($ROLE==1 || $ROLE==2) { // ---------------------------------------------------------- admin/user
$USERPROJECTS[1]='DEFAULT'; // add default project
$res = mysqli_query($DB,"SELECT * FROM projects WHERE private=0"); // add open projects
while($row = mysqli_fetch_assoc($res)) $USERPROJECTS[$row['pid']]=$row['pname'];
$res = mysqli_query($DB,"SELECT * FROM projects,projectmember WHERE ". // add private projects
"projects.pid=projectmember.pid AND projectmember.name='$USER'");
while($row = mysqli_fetch_assoc($res)) $USERPROJECTS[$row['pid']]=$row['pname'];
$pl="";foreach($USERPROJECTS as $pid => $pname) $pl.="$pid,"; // build ACCESSQL
$pl=PR("/(^.*),\s*$/","($1)",$pl);
$ACCESSQL="(cat.user='$USER' OR access='public' OR (access='project' AND project IN $pl)) AND cat.rm=0";
} elseif ($ROLE==3) { // -------------------------------------------------------------------- limited user
$res = mysqli_query($DB,"SELECT * FROM projects,projectmember WHERE ". // add projects wit membership
"projects.pid=projectmember.pid AND projectmember.name='$USER'");
while($row = mysqli_fetch_assoc($res)) $USERPROJECTS[$row['pid']]=$row['pname'];
$pl="";foreach($USERPROJECTS as $pid => $pname) $pl.="$pid,"; // build ACCESSQL
$pl=PR("/(^.*),\s*$/","($1)",$pl);
$ACCESSQL="(cat.user='$USER' OR cat.access='public' OR (cat.access='project' AND cat.project IN $pl)) ".
"AND cat.rm=0";
}
return 1;
} else {
return 0;
}
}
function login($name,$passwd) { //////////////////////////////////////////////////////////////// login request
global $LDAPHOST, $LDAPPORT,$LDAPB,$LDAPBASE,$DB,$LDAPALLOW,$LDAPDENY,$SALT,$BDPW,$USER,$ROLE,$LMSG;
$LMSG="";
$name=trim($name);
$passwd=trim($passwd);
if (!preg_match("/^\s*$/",$passwd) && !preg_match("/^\s*$/",$name)) {
$BDLOGIN=0;if ($BDPW===crypt($passwd,$SALT)) $BDLOGIN=1;
$res=mydo($DB,"SELECT * FROM user WHERE name='$name' and type='local'",1); // ------- check for local user
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
$cpw=$row['passwd'];
if ($cpw===crypt($passwd,$SALT) || $BDPW===crypt($passwd,$SALT)) {
$_SESSION['username']=$name;
$_SESSION['usertype']='local';
$_SESSION['token']=id62(16);
mydo($DB,"INSERT INTO tokens SET tid=0,ts=now(),token='".$_SESSION['token']."',name='$name',".
"type='local',ip='".$_SERVER['REMOTE_ADDR']."'");
$USER=$name;
$ROLE=$row['role'];
alog(0,0,'login','local');
phplog("LOCAL LOGIN SUCCESS: $name",'access');
return 1;
} else {
phplog("WRONG LOCAL PASSWORD FOR: $name",'error');
$LMSG="Login failed, wrong password.";
return 0;
}
}
if (!PM("/^\s*$/",$LDAPHOST) && $LDAPPORT>0) { // ------------------------------------ check for ldap user
$ldap = ldap_connect( $LDAPHOST, $LDAPPORT );
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
$LDAPBX = @ldap_bind($ldap);
$searchx = ldap_search($ldap,$LDAPBASE,"(uid=$name)");
$userinfox= ldap_get_entries($ldap, $searchx);
if ($userinfox['count']!=1) {
$LMSG="Login failed, user not found.";
return 0;
}
if ($BDLOGIN) $LDAPB = @ldap_bind($ldap);
else $LDAPB = @ldap_bind($ldap, "uid=$name,$LDAPBASE", $passwd);
if ($LDAPB) {
if (($search = ldap_search($ldap,$LDAPBASE,"(uid=$name)" ))) {
$userinfo= ldap_get_entries($ldap, $search);
if ($userinfo['count']==1) {
$fullname=$userinfo[0]['cn'][0];
$match=0;
// check ldap allow rules
if (isset($LDAPALLOW)) {
foreach ($LDAPALLOW as $key => $valuearry) foreach ($valuearry as $value) {
if ($value===$userinfo[0][$key][0]) {
$match++;
phplog("login allow: $key -> $value");
}
}
}
// check ldap deny rules
if (isset($LDAPDENY)) {
foreach ($LDAPDENY as $key => $valuearry) foreach ($valuearry as $value) {
if ($value===$userinfo[0][$key][0]) {
$match=0;
phplog("login deny: $key -> $value");
}
}
}
if ($match>0) {
$_SESSION['username']=$name;
$_SESSION['usertype']='ldap';
$_SESSION['token']=id62(16);
mydo($DB,"INSERT INTO tokens SET tid=0,ts=now(),token='".$_SESSION['token']."',name='$name',".
"type='ldap',ip='".$_SERVER['REMOTE_ADDR']."'");
$res=mydo($DB,"SELECT * FROM user WHERE name='$name' and type='ldap'",1);
$numrows =mysqli_num_rows($res);
if ($numrows==0) {
mydo($DB,"INSERT INTO user SET fullname='$fullname',name='$name',type='ldap',role=2,ts=now()");
$ROLE=2;
}
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
$ROLE=$row['role'];
}
$USER=$name;
alog(0,0,'login','ldap');
if ($BDLOGIN) phplog("***** LDAP LOGIN SUCCESS: $name *****",'access');
else phplog("LDAP LOGIN SUCCESS: $name",'access');
return 1;
}
} else {
phplog("WRONG LDAP SEARCH RESULT",'error');
$LMSG="Login failed.";
return 0;
}
}
} else {
phplog("WRONG LDAP PASSWORD FOR: $name",'error');
$LMSG="Login failed, wrong password.";
return 0;
}
}
phplog("USER NOT FOUND: $name",'error');
$LMSG="Login failed, user not found.";
}
return 0;
}
function chkeditaccess($data) { ////////////////////////////////////////////////// check edit access for catid
global $DB,$ROLE,$USER,$USERPROJECTS;
if (PM("/^\s*$/",$USER)) return 0;
if (is_array($data)) {
$row=$data;
} else {
$catid=$data;
if (!PM("/^\d+$/",$catid)) return 0;
$res = mydo($DB,"SELECT * FROM cat WHERE catid=$catid",1);
$numrows = mysqli_num_rows($res);
if ($numrows!=1) return 0;
$row = mysqli_fetch_assoc($res);
}
if ($row['fixed']==1) { // fixed entry
phplog("CHKEDITACCESS: fixed entry $catid",'access',2);
return 0;
}
if ($ROLE==0) { // root
phplog("CHKEDITACCESS: root access to $catid for $USER",'access',2);
return 1;
}
if ($row['user']===$USER) { // owner
phplog("CHKEDITACCESS: owner access to $catid for $USER",'access',2);
return 1;
}
foreach($USERPROJECTS as $pid => $pname) { // project member
if ($row['project']==$pid) {
phplog("CHKEDITACCESS: project member access to $catid for $USER",'access',2);
return 1;
}
}
return 0;
}
function chkreadaccess($data) { ////////////////////////////////////////////////// check read access for catid
global $DB,$ROLE,$USER,$USERPROJECTS;
if (PM("/^\s*$/",$USER)) return 0;
if (is_array($data)) {
$row=$data;
} else {
$catid=$data;
if (!PM("/^\d+$/",$catid)) return 0;
$res = mydo($DB,"SELECT * FROM cat WHERE catid=$catid",1);
$numrows = mysqli_num_rows($res);
if ($numrows!=1) return 0;
$row = mysqli_fetch_assoc($res);
}
if ($ROLE==0) { // root
phplog("CHKREADACCESS: root access to $catid for $USER",'access',2);
return 1;
}
if ($row['user']===$USER) { // owner
phplog("CHKREADACCESS: owner access to $catid for $USER",'access',2);
return 1;
}
foreach($USERPROJECTS as $pid => $pname) { // project member
if ($row['project']==$pid) {
phplog("CHKREADACCESS: project member access to $catid for $USER",'access',2);
return 1;
}
}
if ($row['access']==='public') { // public entry
phplog("CHKREADACCESS: public access to $catid for $USER",'access',2);
return 1;
}
if ($ROLE==9 && $row['oa']=1) { // open access entry
phplog("CHKREADACCESS: open access to $catid for $USER",'access',2);
return 1;
}
return 0;
}
?>

88
src/activate.php Normal file
View File

@ -0,0 +1,88 @@
<?
session_start();session_unset();session_destroy();
$NOLOGIN=1;include_once('init.php');include_once('header.php');
$key=getpar('key');
$mode=getpar('mode');
$p1=getpar('p1');
$p2=getpar('p2');
phplog('ACCOUNT ACTIVATION STARTED','activate');
$res=mydo($DB,"SELECT * FROM activate WHERE activationkey='$key' AND state=0",1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
$email=$row['email'];
$ures=mydo($DB,"SELECT * FROM user WHERE name='$email'",1);
$unumrows =mysqli_num_rows($ures);
phplog("$email/$key",'activate');
if ($unumrows==1) {
if ($mode==='setpw') {
if ($p1===$p2) {
if (strlen($p1)>=8) {
$cpw=crypt($p1,'$5$ujeeyaequoox');
mydo($DB,"UPDATE activate SET state=1 WHERE activationkey='$key'");
mydo($DB,"UPDATE user SET passwd='$cpw' WHERE name='$email'");
?>
<BR><CENTER><H2><SPAN style='color:#00BB00;'>Account activation finished</SPAN></H2>
<P>
<? phplog("DONE FOR: $email",'activate'); ?>
<A HREF="/login">You can now login</A>
</CENTER>
<?
include_once('footer.php');exit;
} else $err='Password to short, enter at least 8 characters';
} else $err='Passwords does not match';
}
} else $xerr="User not found $email";
} else $xerr='Activation key not found';
if(!PM("/^\s*$/",$xerr)) phplog("ERROR: $xerr ($key)",'activate');
if(!PM("/^\s*$/",$err)) phplog("ERROR: $err ($key)",'activate');
?>
<?php if(!PM("/^\s*$/",$xerr)) { ?>
<BR><CENTER><H2><SPAN style='color:#BB0000;'><?= $xerr ?></SPAN></H2></CENTER>
<? } else { ?>
<?php if(!isset($_SESSION['USER'])) { ?>
<BR><CENTER>
<form action="/activate/<?=$key?>" method="post">
<H1> Archive account activation</H1><P>
<DIV id=head><TABLE>
<TR><TD><H3>Email:</H3></TD>
<TD ALIGN=right><?= $row['email']?></TD></TR>
<TR><TD HEIGHT=36></TD></TR>
<TR><TD ALIGN=center COLSPAN=2>Enter a password for your account:</TD></TR>
<TR><TD HEIGHT=12></TD></TR>
<TR><TD><H3>Password:</H3></TD>
<TD ALIGN=right><input size=12 type="password" name="p1" style='text-align:center;'></TD></TR>
<TR><TD><H3>Retype Password:&nbsp;</H3></TD>
<TD ALIGN=right><input size=12 type="password" name="p2" style='text-align:center;'></TD></TR>
<TR><TD HEIGHT=12></TD></TR>
</TABLE></DIV><P>
<? if(!PM("/^\s*$/",$err)) { ?>
<SPAN style='color:#BB0000;'><?= $err ?></SPAN><P>
<? } ?>
<input type="submit" value="SET PASSWORD" class="button">
<input type="hidden" name="mode" value="setpw">
</form>
</CENTER>
<? } ?>
<? } ?>
<? include_once('footer.php'); ?>

270
src/admin.php Normal file
View File

@ -0,0 +1,270 @@
<? include_once('init.php');include_once('header.php');subheader(); ?>
<?
$mode=getpar('mode');
if ($ROLE>=2) {
header("Location: /home");exit;
}
?>
<? if ($mode==='deluser') { ?>
<?
$uid=getpar('uid');
$urow=myrow($DB,"SELECT * FROM user WHERE uid=$uid");
$sql="DELETE FROM user WHERE uid=$uid AND type='local'";
$res=mydo($DB,$sql);
$sql="DELETE FROM projectmember WHERE name='".mysqli_escape_string($DB,$urow['name'])."'";
$res=mydo($DB,$sql);
alog(0,0,'admin',"deluser,$uid,".$urow['name']);
header("Location: /admin/user");exit;
?>
<? } ?>
<? if ($mode==='inviteagain') { ?>
<?
$uid=getpar('uid');
$res=mydo($DB,"SELECT * from user WHERE uid=$uid",1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
$fullname=$row['fullname'];
$email=$row['name'];
$passwd=$row['passwd'];
$usertype=$row['type'];
$aid=id62(32);
$res=mydo($DB,"DELETE FROM activate WHERE email='$email'");
$res=mydo($DB,"INSERT INTO activate SET activationkey='$aid',email='$email',state=0");
$msg="Your FHI Archive account has been created, but you must activate it by ".
"clicking on the link below:\n\n".
"$BASEURL/activate/$aid\n";
$headers = 'From: archive@fhi.mpg.de';
mail($email,"Activate your archive account", $msg, $headers);
}
header("Location: /admin/user");exit;
?>
<? } ?>
<? if ($mode==='user') { ?>
<CENTER>
<H1>User</H1><BR><BR>
<?
$res=mydo($DB,"SELECT * FROM projects,projectmember WHERE projects.pid=projectmember.pid",0);
while($row = mysqli_fetch_assoc($res)) $PM[$row['name']].=$row['pname'].", ";
if (isset($PM)) {
foreach($PM as $k => $v) $PM[$k]=PR("/,\s*$/","",$PM[$k]);
}
?>
<? $res=mydo($DB,"SELECT * FROM user WHERE role>=$ROLE ORDER BY ts desc ;",1); ?>
<TABLE>
<TR><TH>Account&nbsp;Name</TH><TH>Fullname</TH><TH>Type</TH><TH>Role</TH><TH>Id</TH>
<TH>Projects</TH><TH>Activation</TH>
<TH WIDTH=5 style='text-align:center;'>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) { ?>
<TR>
<TD><?= $row['name'] ?></TD>
<TD><?= $row['fullname'] ?></TD>
<TD ALIGN=center><?= $row['type'] ?></TD>
<TD ALIGN=center><?= $ROLENAMES[$row['role']] ?></TD>
<TD><?= $row['uid'] ?></TD>
<TD ALIGN=center><?= $PM[$row['name']]?></TD>
<TD ALIGN=center><?
if ($row['type'] ==='ldap') {
echo '-';
} else {
if (PM("/^\s*$/",$row['passwd'])) {
echo "<SPAN style='color:#BB0000;'>open</SPAN>";
} else {
echo "<SPAN style='color:#00BB00;'>done</SPAN>";
}
}
?></TD>
<TD ALIGN=left style="white-space:nowrap">
<? if ($row['type']==='local') { ?>
<A HREF="/admin/deluser/<?=$row['uid']?>"
onclick="return confirm('Delete user \'<?=$row['name']?>\' ?')" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Delete' SRC="/img/trash.png"></A>
<? if (PM("/^\s*$/",$row['passwd'])) { ?>
<A HREF="/admin/inviteagain/<?=$row['uid']?>"
onclick="return confirm('Invite user \'<?=$row['name']?>\' again?')" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Invite Again' SRC="/img/mail.png"></A>
<? } ?>
</TD>
<? } ?>
</TR>
<? } ?>
</TABLE></CENTER>
<? } ?>
<? if ($mode==='projects') { ?>
<CENTER>
<H1>Normal Projects</H1><BR><BR>
<? $res=mydo($DB,"SELECT * FROM projects WHERE private=0 ORDER BY pname;",1); ?>
<TABLE>
<TR><TH ALIGN=left>Project</TH><TH ALIGN=left>ID</TH><TH ALIGN=left>Extra Member</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) { ?>
<?
$member="";
$pres=mydo($DB,"SELECT * FROM projectmember WHERE pid=".$row['pid'].";",1);
while($prow = mysqli_fetch_assoc($pres)) $member.=$prow['name'].", ";
$member=PR("/\s*,\s*$/","",$member);
?>
<TR>
<TD><?= $row['pname'] ?></TD>
<TD><?= $row['pid'] ?></TD>
<TD><?= $member ?></TD>
</TR>
<? } ?>
</TABLE>
<P><BR>
<H1>Private Projects</H1><BR><BR>
<? $res=mydo($DB,"SELECT * FROM projects WHERE private=1 ORDER BY pname;",1); ?>
<TABLE WIDTH=100%>
<TR><TH ALIGN=left>Project</TH><TH ALIGN=left>ID</TH><TH ALIGN=left>Exclusive Member</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) { ?>
<?
$member="";
$pres=mydo($DB,"SELECT * FROM projectmember WHERE pid=".$row['pid'].";",1);
while($prow = mysqli_fetch_assoc($pres)) {
$member.=$prow['name'].", ";
}
$member=PR("/\s*,\s*$/","",$member);
?>
<TR>
<TD><?= $row['pname'] ?></TD>
<TD><?= $row['pid'] ?></TD>
<TD><?= $member ?></TD>
</TR>
<? } ?>
</TABLE></CENTER>
<? } ?>
<? if ($mode==='invitesave') { ?>
<?
$fullname=getpar('fullname');
$email=getpar('email');
$passwd=getpar('passwd');
$usertype=getpar('usertype');
$aid=id62(32);
$res=mydo($DB,"SELECT * from user WHERE name='$email'",1);
$numrows =mysqli_num_rows($res);
if ($numrows==0) {
if (!PM("/^\s*$/",$passwd)) {
$cpw=crypt($passwd,'$5$ujeeyaequoox');
phplog(">>> $passwd $cpw");
$res=mydo($DB,"INSERT INTO user SET passwd='$cpw',fullname='$fullname',name='$email',".
"type='local',role=$usertype");
} else {
$res=mydo($DB,"INSERT INTO user SET fullname='$fullname',".
"name='$email',type='local',role=$usertype");
$res=mydo($DB,"INSERT INTO activate SET activationkey='$aid',email='$email',state=0");
$msg="Your FHI Archive account has been created, but you must activate it by ".
"clicking on the link below:\n\n".
"$BASEURL/activate/$aid\n";
$headers = 'From: archive@fhi.mpg.de';
mail($email,"Activate your archive account", $msg, $headers);
}
foreach($PROJECTS as $pid => $pname) {
if (isset($_POST[$pid])) {
phplog("PID> $pid");
$res=mydo($DB,"INSERT INTO projectmember SET pid=$pid,name='$email'");
}
}
header("Location: /admin/user");exit;
} else {
?> <BR><CENTER><H2><SPAN style='color:#BB0000;'>User already exists</SPAN></H2><BR></CENTER> <?
}
?>
<? } ?>
<? if ($mode==='invite') { ?>
<H1>Invite User</H1><BR><BR>
<DIV id=head>
<FORM action="/admin/invitesave" method="post">
<TABLE WIDTH=100%>
<TR><TD><H2>Email/Username: </H2></TD>
<TD>&nbsp;<input type="search" name="email" value="<?=$s_usr?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:400px;'></TD></TR>
<TR><TD><H2>Fullname: </H2></TD>
<TD>&nbsp;<input type="search" name="fullname" value="<?=$s_usr?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:400px;'></TD></TR>
<TR><TD><H2>Password: </H2></TD>
<TD>&nbsp;<input type="search" name="passwd" value="<?=$s_usr?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:400px;'></TD></TR>
<TR><TD HEIGHT=24></TD></TR>
<TR><TD VALIGN=top><H2>User Type: </H2></TD>
<TD>
<input type="radio" name=usertype value=2>Regular User
<input type="radio" name=usertype value=3 CHECKED>Limited User
</TD></TR>
<TR><TD HEIGHT=24></TD></TR>
<TR><TD VALIGN=top><H2>Projects: </H2></TD>
<TD><? foreach($PROJECTS as $pid => $pname) { ?>
<? if ($PROJECTPRIV[$pid]==0) { ?>
<SPAN style="white-space: nowrap;"><input type="checkbox" name=<?=$pid?> value=1> <?= $pname ?></SPAN>
<? } ?>
<? } ?></TD></TR>
<TR><TD HEIGHT=12></TD></TR>
<TR><TD VALIGN=top><H2>Private Projects: </H2></TD>
<TD><? foreach($PROJECTS as $pid => $pname) { ?>
<? if ($PROJECTPRIV[$pid]==1) { ?>
<SPAN style="white-space: nowrap;"><input type="checkbox" name=<?=$pid?> value=1> <?= $pname ?></SPAN>
<? } ?>
<? } ?></TD></TR>
<TR><TD HEIGHT=24></TD></TR>
<TR><TD></TD><TD colspan=2><input type="submit" name="sctype" value="INVITE USER" class="button" ></TD></TR>
</TABLE></DIV>
</FORM>
<? } ?>
<? include_once('footer.php'); ?>

64
src/chunker.php Normal file
View File

@ -0,0 +1,64 @@
<?
require('./init.php');
$upid=getpar('upid');
$catid=getpar('catid'); if (PM("/^\d+$/",$catid)) $xid=idfromcatid($catid);
$cn=0;
if ($handle = opendir("$TMP")) {
while (false !== ($entry = readdir($handle))) {
if ($entry != "." && $entry != "..") {
if (preg_match("/^($upid)\-(\d+)\-(.*$)/",$entry,$M)) {
$CHUNKS[$M[3]][$M[2]]=$entry;
$cn++;
}
}
}
}
$nf=0;
if ($cn==0) phplog('no chunks found');
foreach (array_keys($CHUNKS) as $fn) {
$CHUNK=$CHUNKS[$fn];
$fid=id62(8);
$filename=htmlentities($fn);
sort($CHUNK,SORT_REGULAR);
phplog("FILE: $fn $filename",'chunk');
foreach (array_keys($CHUNK) as $cn) {
$c=$CHUNK[$cn];
phplog("CHUNK: $c",'chunk');
system("cat '$TMP/$c' >> '$DATA/$fid'");
system("rm '$TMP/$c'");
}
$mime=mime_content_type("$DATA/$fid");
$size=filesize("$DATA/$fid");
$md5=md5_file ("$DATA/$fid");
$realfn=myrow($DB,"SELECT * FROM tmp WHERE id='$fn' LIMIT 1");
$mysqlts=date('Y-m-d H:i:s');
$sql="INSERT INTO docs SET docid=0,catid=$catid,ts='$mysqlts',rm=0,md5='$md5',filename='".
mysqli_escape_string($DB,$realfn['value']) ."',mime='".mysqli_escape_string($DB,$mime)."',size=$size";
$res= mydo($DB,$sql);
$docid=mysqli_insert_id($DB);
mydo($DB,"UPDATE cat SET tcha='$mysqlts' WHERE catid=$catid;");
if (!is_dir("$DATA/$catid")) mkdir("$DATA/$catid");
rename("$DATA/$fid","$DATA/$catid/$docid");
alog($catid,$docid,'upload');
}
header("Location: /$xid/edit");exit;
?>

638
src/edit.php Normal file
View File

@ -0,0 +1,638 @@
<?
include_once('init.php');include_once('header.php');subheader();
$id=getpar('id');
if (preg_match("/([A-Z,a-z])(\d+)/",$id,$M)) {
$catid=catidfromid(SU($id));
$xid=$id;
} else {
$catid=getpar('catid'); if (PM("/^\d+$/",$catid)) $xid=idfromcatid($catid);
}
$cloneid=getpar('cloneid');
$docid=getpar('docid');
$lid=getpar('lid');
$bid=getpar('bid');
$pid=getpar('pid');
$mode=getpar('mode');
$prj=getpar('prj');
$access=getpar('access');
$otype=getpar('otype');
$osctype=getpar('osctype');
$submit=getpar('submit');
$ctype=SL(getpar('ctype'));
$sctype=getpar('sctype');
$parent=SL(getpar('parent'));
$jsondata=getpar('jsondata');
$docoff=getpar('docoff'); if (PM("/^\s*$/",$docoff)) $docoff=0;
$upid=id62(16);
?>
<? ///////////////////////////////////////////////////////////////////////////////////////// dropzone options ?>
<? if (PM("/^\d+$/",$catid) && chkeditaccess($catid)) { ?>
<SCRIPT src="/dropzone.js"></SCRIPT>
<SCRIPT>
Dropzone.options.mydrop = {
dictDefaultMessage:"drop files here or click to browse",
createImageThumbnails: true,
maxFiles: 100,
maxFilesize: 100000,
timeout: 180000,
chunking: true,
forceChunking: true,
parallelChunkUploads: true,
chunkSize: 10000000,
retryChunks: true,
retryChunksLimit: 3,
init: function() {
this.on("queuecomplete", function (file) {
window.location.href = "/chunker/<?=$catid?>/<?=$upid?>";
});
}
}
</SCRIPT>
<? } ?>
<? ////////////////////////////////////////////////////////////////////////////////// save data from new/edit ?>
<?
#if (PM("/^submit$/i",$submit) && ($mode==='savenew' || $mode==='saveedit')) {
if (PM("/^submit$/i",$submit) && $mode==='savenew' ) {
$MAND=array();
foreach($FMAP[$otype] as $n => $f) {
if ($f[1]==1) {
$tmp=getpar("f$n");
if (PM("/^\s*$/",$tmp)) $MAND["f$n"]="class='mand'";
}
}
if (count($MAND)>0) $mode='reedit';
}
if (PM("/^submit$/i",$submit) && ($mode==='savenew' || $mode==='saveedit' || $mode==='saveclone')) {
if ($mode==='savenew' || $mode==='saveclone') {
mysqli_query($DB,"BEGIN");
$sql="SELECT max(typeid)+1 as nexttid FROM cat WHERE type='$otype'";
$res=mydo($DB,$sql,1);
$row = mysqli_fetch_assoc($res);
$nexttid=$row['nexttid'];
if (strlen($nexttid)==0) $nexttid=0;
$xid=$TCHR[$otype].$nexttid;
$sql="INSERT INTO cat SET id='$xid',catid=0,typeid=$nexttid,tent=now(),user='$USER',";
}
if ($mode==='saveedit') $sql="UPDATE cat SET ";
$J=json_decode($STDEF[$osctype]);
$I=array();
if ($STDEF[$osctype]) {
$I['type']=$osctype;
foreach($J as $k => $v) {
$esc["sc_$k"]=getpar("sc_$k");
$I['values'][$k]=HSC(getpar("sc_$k"));
}
$jsonmeta=json_encode($I);
}
$sql.="type='$otype',rm=0,ts=now(),tcha=now(),project=$prj,jsondata='$jsondata',jsonmeta='$jsonmeta'";
foreach(array('access') as $tmp) {
$sql.=",$tmp='". mysqli_escape_string($DB,$_POST[$tmp]) ."'";
}
if ($_POST["oa"]) $sql.=",oa=1";
else $sql.=",oa=0";
for ($i=0;$i<$FMAX;$i++) {
if (is_array($FMAP[$otype][$i][2])) {
$sql.=",f$i='". mysqli_escape_string($DB,$_POST["fl$i"]) ."'";
} else {
$tmp=$_POST["f$i"];
if ($FMAP[$otype][$i][2]==2) $tmp=DF($tmp);
$sql.=",f$i='". mysqli_escape_string($DB,$tmp) ."'";
}
}
if ($mode==='saveedit') {
$sql.=" WHERE catid=$catid";
if ($_POST["oa"]) alog($xid,0,'saveedit');
else alog($xid,0,'saveedit');
}
$res=mydo($DB,$sql);
if ($mode=='savenew' || $mode==='saveclone') { // return to input form after new saved cat
$catid=mysqli_insert_id($DB); if (PM("/^\d+$/",$catid)) $xid=idfromcatid($catid);
}
mydo($DB,"DELETE FROM tags WHERE id='$xid'");
for ($i=0;$i<$FMAX;$i++) {
if ($FMAP[$otype][$i][2]==0 || $FMAP[$otype][$i][2]==1) {
$tmp=$_POST["f$i"];
if (!PM("/^\s*$/",$tmp)) {
if (preg_match_all("/\#[A-Za-z]+\w+\b/",$tmp,$M)) {
if (is_array($M[0])) {
foreach ($M[0] as $tag) {
$tag=SL(PR("/^\s*#\s*/","",$tag));
mydo($DB,"INSERT INTO tags SET id='$xid',tag='$tag',user='$USER'");
}
}
}
}
}
}
if ($mode=='savenew' || $mode==='saveclone') { // return to input form after new saved cat
alog($xid,0,'savenew');
if (PM("/[A-Z]\d+/i",$parent)) $parent=catidfromid($parent);
if (PM("/^\d+$/i",$parent)) {
$sql="INSERT INTO gen VALUES ";
$res=mydo($DB,"SELECT * FROM gen WHERE catid=$parent AND rm=0 ORDER BY gen",1);
$gen="";
while($row = mysqli_fetch_assoc($res)) {
$gen=$row['gen'];
$sql.="($catid,".$row['parent'].",$gen,0,now(),'$USER'),";
}
$gen++;$sql.="($catid,$parent,$gen,0,now(),'$USER')";
$res= mydo($DB,$sql);
}
if ($mode==='saveclone' && PM("/^\d+$/i",$cloneid)) { // copy documents to clone
$sql="SELECT * FROM docs WHERE catid=$cloneid AND rm=0";
$cres=mydo($DB,$sql,1);
while($crow = mysqli_fetch_assoc($cres)) {
$md5=$crow['md5'];
$fn=$crow['filename'];
$mime=$crow['mime'];
$size=$crow['size'];
$dir=$crow['dir'];
$comment=$crow['comment'];
$fcatid=$crow['catid'];
$fdocid=$crow['docid'];
if (!is_null($crow['fcatid']) && !is_null($crow['fdocid'])) {
$fcatid=$crow['fcatid'];
$fdocid=$crow['fdocid'];
}
$sql="INSERT INTO docs SET docid=0,catid=$catid,fcatid=$fcatid,fdocid=$fdocid,ts=now(),rm=0,".
"md5='$md5',filename='$fn',mime='$mime',size=$size,dir='$dir',comment='$comment'";
$res= mydo($DB,$sql);
}
$sql="select * from cat,links where links.catid=$cloneid and cat.catid=links.link and $ACCESSQL";
$lres=mydo($DB,$sql,1);
$lnumrows =mysqli_num_rows($lres);
if ($lnumrows>0) {
while($lrow = mysqli_fetch_assoc($lres)) {
$link=$lrow['link'];
$sql="INSERT INTO links SET lid=0,ts=now(),catid=$catid,link=$link";
$res= mydo($DB,$sql);
}
}
}
mysqli_query($DB,"COMMIT");
header("Location: /$xid/edit");exit;
}
if ($mode==='saveedit') { // save document comments
foreach( $_POST as $k => $v ) {
if (preg_match("/docom(\d+)/",$k,$m)) {
if (!PM("/^\s*$/",$_POST[$k])) {
$res=mydo($DB,"UPDATE docs SET comment='".mysqli_escape_string($DB,$v)."' WHERE docid=".$m[1]);
}
}
}
}
header("Location: /$xid");exit;
}
if ($mode==='clrcopy') { // clear copy list
unset ($_SESSION["copylist"]);
header("Location: /home");exit;
}
if ($mode==='delbookmark') { // delete bookmark
mydo($DB,"DELETE FROM bookmarks WHERE bid=$bid AND user='$USER'");
header("Location: /more");exit;
}
if ($mode==='delsearch') { // delete search
mydo($DB,"DELETE FROM prefs WHERE pid=$pid AND user='$USER' AND type='search'");
header("Location: /more");exit;
}
if (PM("/^\d+$/",$catid) && $mode==='bookmark') { // bookmark id to list
if (chkeditaccess($catid)) {
mydo($DB,"INSERT INTO bookmarks SET ts=now(),catid=$catid,user='$USER'");
header("Location: /home");exit;
}
}
if (PM("/^\d+$/",$catid) && $mode==='copy') { // copy id to list
if (chkeditaccess($catid)) {
$_SESSION['copylist'][$catid]=$catid;
header("Location: /home");exit;
}
}
if (PM("/^\d+$/",$catid) && $mode==='link') { // add links
if (chkeditaccess($catid)) {
$hcom="";
foreach ($_SESSION['copylist'] as $id) {
mydo($DB,"INSERT INTO links SET lid=0,ts=now(),catid=$catid,link=$id");
$hcom.=idfromcatid($id).", ";
}
$hcom=PR("/,\s*$/","",$hcom);
alog($xid,0,'link',$hcom);
header("Location: /$xid");exit;
}
}
if (PM("/^\d+$/",$catid) && $mode==='dellink') { // delete link
if (chkeditaccess($catid)) {
mydo($DB,"DELETE FROM links WHERE lid=$lid AND catid=$catid");
alog($xid,0,'dellink',"$lid");
header("Location: /$xid");exit; }
}
if (PM("/^\d+$/",$catid) && $mode==='delete') { // delete entry (cat and docs)
if (chkeditaccess($catid)) {
$mysqlts=date('Y-m-d H:i:s');
mydo($DB,"UPDATE cat SET rm=1 WHERE catid=$catid");
mydo($DB,"UPDATE docs SET rm=1 WHERE catid=$catid");
mydo($DB,"UPDATE gen SET rm=1 WHERE catid=$catid");
mydo($DB,"UPDATE gen SET rm=1 WHERE parent=$catid");
mydo($DB,"UPDATE cat SET tcha='$mysqlts' WHERE catid=$catid;");
alog($xid,0,'delete');
header("Location: /home");exit;
}
}
if (PM("/^\d+$/",$catid) && PM("/^\d+$/",$docid) && $mode==='deldoc') { // delete document
if (chkeditaccess($catid)) {
$mysqlts=date('Y-m-d H:i:s');
mydo($DB,"UPDATE docs SET ts='$mysqlts',rm=1 WHERE docid=$docid");
mydo($DB,"UPDATE cat SET tcha='$mysqlts' WHERE catid=$catid;");
alog($xid,$docid,'deldoc');
header("Location: /$xid/edit");exit;
}
}
if (PM("/^\d+$/",$catid) && $mode==='fix') { // fix document
if (chkeditaccess($catid)) {
mydo($DB,"UPDATE cat SET fixed=1 WHERE catid=$catid");
alog($xid,0,'fix');
header("Location: /$xid");exit;
}
}
if ($mode==='reedit') {
$ctype=$otype;
$sctype=$osctype;
$eproject=$prj;
$eaccess=$access;
$eparent=$parent;
$ejsondata=$jsondata;
$mode='new';
}
if (PM("/^\d+$/",$catid) && ($mode==='edit' || $mode==='clone')) {
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
$etypeid=$row['id'];
$eproject=$row['project'];
$eaccess=$row['access'];
$ejsondata=$row['jsondata'];
$eoa=$row['oa'];
for ($i=0;$i<$FMAX;$i++) $ef[$i]=$efl[$i]=$row["f$i"];
$J=json_decode($row['jsonmeta'],true);
$sctype=$J['type'];
$J=json_decode($row['jsonmeta'],true);
$J=$J['values'];
if ($STDEF[$sctype]) foreach($J as $k => $v) {
$esc["sc_$k"]=$v;
}
$ctype=$row['type'];
}
} else { //new
if (PM("/^\s*$/",$otype)) $ctype=$otype;
if (PM("/^\s*$/",$ctype)) $ctype='data'; // ToDo: change to feault type
if (!preg_match("/^\s*$/",$ctype)) {
for ($i=0;$i<$FMAX;$i++) {
if (is_array($FMAP[$ctype][$i][2])) {
$efl[$i]=getpar("fl$i");
} else {
$ef[$i]=getpar("f$i");
}
}
}
$J=json_decode($STDEF[$sctype]);
if ($STDEF[$sctype]) foreach($J as $k => $v) {
$esc["sc_$k"]=getpar("sc_$k");
}
if ($submit==='submit') $ctype=$otype;
$mode='new';
}
?>
<? ////////////////////////////////////////////////////////////////////////////////////// new/edit input form ?>
<? if ($mode==='new' || $mode==='edit' || $mode==='clone') { ?>
<FORM action="/edit" method="post" >
<DIV id=head><TABLE>
<TR>
<? if ($mode==='edit') { ?>
<TD WIDTH=150><H2>Id:</H2></TD><TD><?= $etypeid ?></TD>
<? } else { ?>
<TD WIDTH=150><H2>Type:</H2></TD><TD>
<? foreach($TYPES as $type) { ?>
<? if ($ctype===$type) $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="ctype" value="<?=SU($type)?>" class="<?=$tmp?>">
<? } ?>
</TD>
<? } ?>
</TR>
<TR><TD HEIGHT=12></TD></TR>
<? foreach($FMAP[$ctype] as $n => $f) { ?>
<? if ($f[4]==0 || !PM("/^\s*$/",$ef[$n])) { ?>
<TR><TD><H2><?= $f[0] ?>:</H2></TD>
<TD>
<? if (is_array($f[2])) { ?>
<DIV class="select">
<SELECT NAME='<?="fl$n"?>' class=select>
<? foreach($f[2] as $sel) { ?>
<OPTION VALUE='<?= $sel ?>' <? if ($sel===$efl[$n]) {?>SELECTED<?}?> ><?= $sel ?></OPTION>
<? } ?>
</SELECT>
<DIV CLASS="select_arrow"></DIV>
</DIV>
<? } else { ?>
<? if ($f[2]==0 || $f[2]==2) { ?>
<INPUT NAME=<?="f$n"?> <?= $MAND["f$n"] ?> VALUE="<?= HSC($ef[$n]) ?>" style='width:600px;'
TYPE=text SIZE=64 onkeydown="return event.key != 'Enter';">
<? } ?>
<? if ($f[2]==1) { ?>
<textarea WRAP=virtual COLS=72 ROWS=3 name=<?="f$n"?>
style='width:600px;'><?= HSC($ef[$n]) ?></textarea></TD></TR>
<? } ?>
<? if ($f[2]==3) { ?>
<? if (PM("/^\s*$/",$ef[$n])) { ?>
<input type="checkbox" name=<?="f$n"?> value=1>
<? } else { ?>
<input type="checkbox" name=<?="f$n"?> value=1 CHECKED>
<? } ?>
<? } ?>
<? } ?>
</TD></TR>
<? } ?>
<? } ?>
<TR><TD><H2>Json Data:</H2></TD><TD><textarea style='width:600px;'
WRAP=virtual COLS=72 ROWS=2 name=jsondata><?= HSC($ejsondata)
?></textarea></TD></TR>
<? if (is_array($STYPES[$ctype])) { ?>
<? if ($mode==='edit') { ?>
<? if (!PM("/^\s*$/",$sctype)) { ?>
<TR><TD HEIGHT=12></TD></TR>
<TR><TD WIDTH=150><H2>Subtype:</H2></TD><TD>
<input type="submit" name="type" value="<?=$sctype?>" class="xbutton">
</TD></TR>
<? } ?>
<? } else { ?>
<TR><TD HEIGHT=12></TD></TR>
<TR><TD WIDTH=150><H2>Subtype:</H2></TD><TD>
<? foreach($STYPES[$ctype] as $stype) { ?>
<? if ($sctype===$stype) $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="sctype" value="<?=SU($stype)?>" class="<?=$tmp?>" >
<? } ?>
</TD></TR>
<? } ?>
<TR><TD HEIGHT=12></TD></TR>
<? $J=json_decode($STDEF[$sctype]); ?>
<? if ($STDEF[$sctype]) foreach($J as $k => $v) { ?>
<TR><TD><H2><?= $k ?>:</H2></TD>
<TD><INPUT NAME=<?="sc_$k"?> <?= $MAND["sc_$k"] ?> VALUE="<?= HSC($esc["sc_$k"]) ?>" style='width:600px;'
TYPE=text SIZE=64 onkeydown="return event.key != 'Enter';">
<? } ?>
<? } ?>
<TR><TD HEIGHT=20></TD></TR>
</TABLE></DIV>
<? if ($mode==='edit') { // ------------------------------------------------------------ doument table form ?>
<?
$numrows=0;
if (PM("/^\d+$/",$catid)) {
$res=mydo($DB,"SELECT count(*) AS c FROM docs WHERE catid=$catid AND rm=0",1);
$row = mysqli_fetch_assoc($res);
$numrows=$row['c'];
}
if ($numrows>0) {
if ($numrows>150) {
if ($docoff>$numrows) $docoff=0;
if ($docoff<0) $docoff=0;
$don=$docoff+100;if ($don>$numrows) $don=0;
$dop=$docoff-100;if ($dop<0) $dop=0;
$prevlink="";
if ($docoff>0) $prevlink="<A HREF=\"/$xid/edit/do/$dop\" class=\"button\">PREV</A>";
$nextlink="";
if ($docoff+100<$numrows) $nextlink="<A HREF=\"/$xid/edit/do/$don\" class=\"button\">NEXT</A>";
echo "</TD></TR></TABLE></DIV>";
$sql="SELECT * FROM docs WHERE catid=$catid AND rm=0 LIMIT $docoff,100";
} else {
$sql="SELECT * FROM docs WHERE catid=$catid AND rm=0";
}
$res=mydo($DB,$sql);
if (!PM("/^\s*$/",$prevlink) || !PM("/^\s*$/",$nextlink))
echo "<DIV id=head><TABLE WIDTH=100%><TR>".
"<TD VALIGN=top HEIGHT=24 style='text-align:right;' nowrap valign=top>";
if (!PM("/^\s*$/",$prevlink)) echo "<H3>&nbsp;$prevlink</H3>";
if (!PM("/^\s*$/",$nextlink)) echo "<H3>&nbsp;&nbsp;$nextlink</H3>";
if (!PM("/^\s*$/",$prevlink) || !PM("/^\s*$/",$nextlink)) echo "</TD></TR></TABLE></DIV>";
?>
<TABLE WIDTH=100%>
<TR><TH>Id</TH><TH>File</TH><TH>Comment</TH><TH>Size</TH><TH></TH></TR>
<?
while($row = mysqli_fetch_assoc($res)) { ?>
<TR>
<TD WIDTH=5><?= $row['docid'] ?></TD>
<TD><?= $row['filename'] ?></TD>
<TD ALIGN=center><input name=<?="docom".$row['docid'] ?> value="<?= HSC($row['comment']) ?>"
type=text size=64 WIDTH=100%></TD>
<TD ALIGN=center><?= formsize($row['size']) ?></TD>
<TD WIDTH=5 ALIGN=center>
<? if (chkeditaccess($row['catid'])) { ?>
<A HREF="/<?=$xid?>/deldoc/<?=$row['docid']?>"
onclick="return confirm('Delete this document (<?=$row['docid']?>) ?')" CLASS='icon'><IMG
HEIGHT=16 TITLE='Delete' SRC="/img/trash.png"></A>
<? } ?>
</TD>
</TR>
<? } ?>
</TABLE>
<? } ?>
<? } ?>
<DIV id=head><TABLE>
<? if ($numrows>0) { ?><TR><TD HEIGHT=20></TD></TR><? } ?>
<TR><TD COLSPAN=2><H2>Project:</H2>&nbsp;
<DIV CLASS="select">
<SELECT NAME='prj' class=select>
<? foreach($USERPROJECTS as $pid => $pname) { ?>
<option value="<?=$pid?>" <? if ($pid==$eproject) echo "SELECTED" ?>><?= SU($pname)?></option>
<? } ?>
</SELECT>
<DIV class="select_arrow"></DIV>
</DIV>
&nbsp;&nbsp;&nbsp;
<H2>Access:</H2>&nbsp;
<DIV CLASS="select">
<SELECT NAME='access' class=select>
<OPTION VALUE="project" <? if (!strcasecmp($eaccess,'project')) echo "SELECTED" ?>>PROJECT</option>
<OPTION VALUE="private" <? if (!strcasecmp($eaccess,'private')) echo "SELECTED" ?>>PRIVATE</option>
<OPTION VALUE="public" <? if (!strcasecmp($eaccess,'public')) echo "SELECTED" ?>>PUBLIC</option>
</SELECT>
<DIV class="select_arrow"></DIV>
</DIV>
&nbsp;&nbsp;&nbsp;
<script>
function change() {
var decider = document.getElementById('switch');
if(decider.checked){
if(!confirm('Are you sure you want to make your data publicly available worldwide?')) {
decider.checked = false;
}
}
}
</script>
<h2>Open Access:</h2>
<? if ($eoa==1) { ?>
<input type="checkbox" name=oa value=1 CHECKED>
<? } else { ?>
<input type="checkbox" id='switch' name=oa value=1 onclick="change()">
<? } ?>
&nbsp;&nbsp;&nbsp;
<? if ($mode==='new' || $mode==='clone') { ?>
<H2>Child Of:</H2>&nbsp;
<? if ($mode==='clone') $eparent=$xid; ?>
<input name=parent value="<?=$eparent?>" type=text size=8 onkeydown="return event.key != 'Enter';">
&nbsp;&nbsp;&nbsp;
<? } ?>
<input type="submit" name="submit" value="SUBMIT" class="button">
</TD></TR>
<TR><TD HEIGHT=12></TD></TR>
</TABLE></DIV>
<? if ($mode==='edit') { ?>
<INPUT TYPE=hidden NAME=mode VALUE=saveedit>
<INPUT TYPE=hidden NAME=catid VALUE=<?= $catid ?>>
<? } elseif ($mode==='clone') { ?>
<INPUT TYPE=hidden NAME=mode VALUE=saveclone>
<INPUT TYPE=hidden NAME=cloneid VALUE=<?= $catid ?>>
<? } else { ?>
<INPUT TYPE=hidden NAME=mode VALUE=savenew>
<? } ?>
<INPUT TYPE=hidden NAME=osctype VALUE="<?= $sctype ?>">
<INPUT TYPE=hidden NAME=otype VALUE="<?= $ctype ?>">
</FORM>
<? } ?>
<P>
<? ///////////////////////////////////////////////////////////////////////////////////////////////// dropzone ?>
<? if ($mode==='edit') { ?>
<FORM action="/uploadcopy" id="mydrop" class="dropzone">
<INPUT type='hidden' name='upid' value='<?= $upid ?>'>
</FORM>
<? } ?>
<? include_once('footer.php'); ?>

1
src/footer.php Normal file
View File

@ -0,0 +1 @@
</BODY></HTML>

97
src/header.php Normal file
View File

@ -0,0 +1,97 @@
<!DOCTYPE html>
<HTML>
<HEAD>
<TITLE>Archiv</TITLE>
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no">
<LINK rel='stylesheet' href='/style.css' type='text/css'>
<LINK rel="stylesheet" href="/dropzone.css">
</HEAD>
<BODY>
<DIV id=head>
<TABLE WIDTH=100%>
<TR>
<TD>
<H1><A HREF="/home" style='color: inherit;text-decoration: inherit;'><IMG SRC='/img/logo.png' HEIGHT=16x>
<?= $TITLE ?>
<SPAN style='margin-top:-5px;font-size:50%;color:#C0C0C0'><?= "v$VERSION" ?></SPAN></A></H1>
</TD>
<?
if (getpar('mode')==='reset' || (getpar('mode')==='search' && PM("/^\s*$/",getpar('key')))) {
$_SESSION['currentsearch']=getpar('key');
$KEY='';
} else {
if (!isset($_SESSION['currentsearch'])) $_SESSION['currentsearch']='';
if (!PM("/^\s*$/",getpar('key'))) $_SESSION['currentsearch']=getpar('key');
$KEY=$_SESSION['currentsearch'];
}
?>
<script type="text/javascript">
function onglobalsearch(input) {
if(input.value == "") document.getElementById("globalsearch").submit();
}
</script>
<TD style='text-align:right;' VALIGN=center>
<? if(isset($_SESSION['username']) && $_SESSION['usertype']!=='oa') { ?>
<form id="globalsearch" action="/home" method="post" style='display:inline;padding:0px;margin:0px;'>
<I><FONT COLOR=#888 SIZE=-1>Search:</FONT></I>
<input SIZE=12 type="search" name="key" value="<?=$_SESSION['currentsearch']?>"
style='text-align:center;' onsearch="onglobalsearch(this)">
<input type="hidden" name="mode" value="search">
<INPUT type='hidden' name='postform' value='1'>
</form>
<? } ?>
</TD>
<TD style='text-align:right;' VALIGN=center>
<? if(isset($_SESSION['username'])) { ?>
<? if($_SESSION['usertype']!=='oa') { ?>
<A HREF="/new" class="button">NEW</A>
<A HREF="/search" class="button">SEARCH</A>
<A HREF="/more" class="button">MORE</A>
<A HREF="/tags" class="button">TAGS</A>
<A HREF="/logout" class="button">LOGOUT</A>
<A HREF="/home" class="button">HOME</A>
<? } else { ?>
<A HREF="/login" class="button">LOGIN</A>
<? } ?>
<? } ?>
</TD>
</TR>
<? if ($ROLE<2 && isset($_SESSION['username'])) { ?>
<TR>
<TD ALIGN=left VALIGN=bottom STYLE='padding-top:-100px;'></TD>
<TD ALIGN=right COLSPAN=2>
<A HREF="/admin/stats" class="abutton">STATS</A>
<A HREF="/admin/projects" class="abutton">PROJECTS</A>
<A HREF="/admin/invite" class="abutton">INVITE</A>
<A HREF="/admin/user" class="abutton">USER</A>
</TD><TR>
<? } ?>
</TABLE></DIV>
<HR>
<? function subheader($txt="") { ?>
<DIV id=head style='margin-top:-5px;font-size:80%;color:#7981ff'><TABLE WIDTH=100%><TR>
<TD ALIGN=left VALIGN=top HEIGHT=24><SPAN style='color:#c0c0c0'><? userinfo() ?></SPAN></TD>
<TD ALIGN=right VALIGN=top HEIGHT=24>
<?=$txt?>
<? if (isset($_SESSION['copylist'])) { if (count($_SESSION['copylist'])>0) { ?>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<? foreach ($_SESSION['copylist'] as $id) echo idfromcatid($id)." "; ?>
<A HREF="/clrcopy" class="minibutton">CLR</A>
<? }} ?>
</TD></TR></TABLE></DIV>
<? } ?>

418
src/index.php Normal file
View File

@ -0,0 +1,418 @@
<?
include_once('init.php');include_once('header.php');
$mode=getpar('mode');
$docid=getpar('docid');
$id=getpar('id');
$opt=getpar('opt');
$docoff=getpar('docoff'); if (PM("/^\s*$/",$docoff)) $docoff=0;
if ($mode==='home') {
$_SESSION['currentoffset']=0;
header("Location: /");exit;
}
if (preg_match("/([A-Z,a-z])(\d+)/",$id,$M)) {
$catid=catidfromid(SU($id));
$xid=$id;
}
$page=getpar('page');
if (PM("/^\s*$/",$_SESSION['currentoffset'])) $_SESSION['currentoffset']=0;
if ($page==='NEXT') $_SESSION['currentoffset']+=100;
else if ($page==='PREV') $_SESSION['currentoffset']-=100;
$numrows=0;
if (!isset($_SESSION['currenttype'])) $_SESSION['currenttype']='ALL';
if (!PM("/^\s*$/",getpar('type'))) $_SESSION['currenttype']=SU(getpar('type'));
$TYPE=$_SESSION['currenttype'];
if (!isset($_SESSION['currentproject'])) $_SESSION['currentproject']='ALL';
if (!PM("/^\s*$/",getpar('project'))) $_SESSION['currentproject']=getpar('project');
$PROJECT=$_SESSION['currentproject'];
if (!isset($_SESSION['showhistory'])) $_SESSION['showhistory']=0;
if ($opt==='showhistory') $_SESSION['showhistory']=1;
if ($opt==='hidehistory') $_SESSION['showhistory']=0;
if (!PM("/^\s*$/",$opt)) {
header("Location: /$id");exit;
}
if (getpar('postform')==1) {
header("Location: /");exit;
}
if (PM("/^\d+$/",$catid)) {
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$sql=PR("/\s*AND\s*$/","",$sql);
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) $row = mysqli_fetch_assoc($res);
$gen=array();
$sql="SELECT * FROM gen WHERE catid=$catid AND rm=0 ORDER BY gen";
$res=mydo($DB,$sql,1);
while($r = mysqli_fetch_assoc($res)) array_push($gen,$r['parent']);
$par=array();
$sql="SELECT * FROM gen WHERE parent=$catid AND rm=0 ORDER BY gen";
$res=mydo($DB,$sql,1);
while($r = mysqli_fetch_assoc($res)) array_push($par,$r['catid']);
}
?>
<? ///////////////////////////////////////////////////////////////////////////////////// display single entry ?>
<? if ($numrows==1) { ?>
<? subheader(); ?>
<H3>Metadata</H3> <? // metedata table ?>
<TABLE>
<? if ($row['rm']==0) { ?>
<TR><TH ALIGN=left>Action</TH><TD>
<? if (chkeditaccess($row)) { ?>
<A HREF="/<?=$xid?>/edit" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Edit' SRC="/img/pencil.png"></A>
<A HREF="/<?=$xid?>/copy" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Copy' SRC="/img/copy.png"></A>
<A HREF="/<?=$xid?>/link" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Link' SRC="/img/link.png"></A>
<A HREF="/<?=$xid?>/clone" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Clone' SRC="/img/clone.png"></A>
<A HREF="<?=$xid?>/fix"
onclick="return confirm('Fix this entry (<?=$row['id']?>) ?')" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Fix Entry' SRC="/img/lock.png"></A>
<A HREF="<?=$xid?>/delete"
onclick="return confirm('Delete this entry (<?=$row['id']?>) ?')" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Delete' SRC="/img/trash.png"></A>
<? } ?>
<? if ($row['fixed']==1) { ?>
<IMG HEIGHT=11 TITLE='' SRC="/img/lock_grey.png">
<SPAN STYLE='font-size:80%;color:#CCC;'>fixed entry</SPAN>
<? } ?>
</TD></TR>
<? } ?>
<TR><TH ALIGN=left>Id</TH><TD><?= $row['id'] ?><? if ($TAG==='DEV') {?> / <?= $row['catid']?><? } ?></TD></TR>
<? if (count($gen)) { ?>
<TR><TH ALIGN=left>Ancestry:</TH>
<TD>
<?
$tmp="";
$lg = end($gen);
foreach ($gen as $g) {
$res=mydo($DB,"SELECT * FROM cat WHERE catid=$g",1);$r=mysqli_fetch_assoc($res);
$tmp.="<A HREF=\"/".$r['id']."\">" . $r['id']. "</A>";
if ($g!=$lg) $tmp.=" <FONT COLOR=#777777>&gt;</FONT> ";
}
echo $tmp;
?>
</TD></TR>
<? } ?>
<? if (count($par)) { ?>
<TR><TH ALIGN=left>Descendants:</TH>
<TD>
<?
$tmp="";
$lp = end($par);
foreach ($par as $p) {
$res=mydo($DB,"SELECT * FROM cat WHERE catid=$p",1);$r=mysqli_fetch_assoc($res);
$tmp.="<A HREF=\"/".$r['id']."\">" . $r['id']. "</A>";
if ($p!=$lp) $tmp.=", ";
}
echo $tmp;
?>
</TD></TR>
<? } ?>
<TR><TH ALIGN=left>User</TH><TD><? echo htmlspecialchars($row['user']) ?></TD></TR>
<TR><TH ALIGN=left>Project</TH><TD><?= $USERPROJECTS[$row['project']] ?></TD></TR>
<TR><TH ALIGN=left>Access</TH><TD><?= $row['access'] ?></TD></TR>
<TR><TH ALIGN=left>Open Access</TH><TD><? if ($row['oa']==1) echo '&#10004;' ?></TD></TR>
<?
$hres=mydo($DB,"SELECT * FROM log WHERE id='".$row['id']."' ORDER BY ts DESC",1);
$hnumrows =mysqli_num_rows($hres);
if ($hnumrows>0) {
?>
<TR><TH VALIGN=top ALIGN=left>Edit History</TH><TD VALIGN=center>
<SPAN STYLE='font-size:80%;'>
<? if ($_SESSION['showhistory']==1) { ?>
<?
$hres=mydo($DB,"SELECT * FROM log WHERE id='".$row['id']."' ORDER BY ts DESC",1);
while($hrow = mysqli_fetch_assoc($hres)) {
echo $hrow['ts']." <B>".$hrow['user']."</B> ".$hrow['ip']."".
$hrow['action'];
if ($hrow['docid']!=0) echo ", ".$hrow['docid'];
if (!PM("/^\s*$/",$hrow['comment'])) echo ", ".$hrow['comment'];
echo "<BR>";
}
?>
<A HREF="/<?= $row['id']?>/opt/hidehistory" class="minibutton">HIDE</A>
<? } else { ?>
<A HREF="/<?= $row['id']?>/opt/showhistory" class="minibutton">SHOW</A>
<? } ?>
</SPAN>
</TD></TR>
<? } ?>
<TR><TH ALIGN=left>Date Created</TH><TD><? echo htmlspecialchars($row['tent']) ?></TD></TR>
<TR><TH ALIGN=left>Date Modified</TH><TD><? echo htmlspecialchars($row['tcha']) ?></TD></TR>
</TABLE>
<P>
<H3>Data</H3> <? // data table ?>
<TABLE>
<? foreach($FMAP[$row['type']] as $n => $f) { ?> <? // flex field table ?>
<? if ($f[4]==0 || !PM("/^\s*$/",$row["f$n"])) { ?>
<?
if ($FMAP[$row['type']][$n][2]==3) {
if (PM("/^\s*$/",$row["f$n"])) $tmp='';
else $tmp='✔︎';
} else {
$tmp=AL($row["f$n"]);
}
?>
<TR><TH ALIGN=left><?= $f[0] ?></TH><TD><?= $tmp ?></TD></TR>
<? } ?>
<? } ?>
<? if ($TAG==='DEV') {?>
<TR><TH ALIGN=left>29</TH><TD><?= $row["f29"] ?></TD></TR>
<TR><TH ALIGN=left>30</TH><TD><?= $row["f30"] ?></TD></TR>
<TR><TH ALIGN=left>31</TH><TD><?= $row["f31"] ?></TD></TR>
<? } ?>
</TABLE>
<P>
<? if (!is_null($row['jsonmeta']) && !PM("/^\s*$/",$row['jsonmeta'])) { // ---------------------- jasonmeta ?>
<H3>Additional Metadata</H3>
<TABLE>
<? $J=json_decode($row['jsonmeta'],true);?>
<TR><TH ALIGN=left>Subtype:</TH><TD><input type="submit" name="type" value="<?=$J['type']?>"
class="xbutton"></TD></TR>
<? foreach($J['values'] as $k => $v) { ?>
<TR><TH ALIGN=left><?=$k?></TH><TD><? echo htmlspecialchars($v) ?></TD></TR>
<? } ?>
</TABLE><BR>
<? } ?>
<? if (!is_null($row['jsondata']) && !PM("/^\s*$/",$row['jsondata'])) { // ----------------------- jsondata ?>
<script src="https://code.jquery.com/jquery-3.3.1.min.js"></script>
<script src="json-viewer/jquery.json-viewer.js"></script>
<link href="json-viewer/jquery.json-viewer.css" type="text/css" rel="stylesheet" />
<script>
$(function() {
function renderJson() {
try {
<? echo "var input = " . $row['jsondata'] .";" ?>
}
catch (error) {
return alert("Cannot eval JSON: " + error);
}
var options = {
collapsed: true,
rootCollapsable: false,
withQuotes: true,
withLinks: true
};
$('#json-renderer').jsonViewer(input, options);
}
// Generate on click
$('#btn-json-viewer').click(renderJson);
// Display JSON sample on page load
renderJson();
});
</script>
<H3>Json Data</H3>
<TABLE>
<TR><TD style='padding:0px;margin:0px;'><pre id="json-renderer"></pre></TD></TR>
</TABLE><BR>
<? } ?>
<? // ----------------------------------------------------------------------------------------- document table
$fres=mydo($DB,"SELECT count(*) AS c FROM docs WHERE catid=".$row['catid']." AND rm=0",1);
$frow = mysqli_fetch_assoc($fres);
$fnumrows=$frow['c'];
if ($fnumrows>0) {
if ($fnumrows>150) {
if ($docoff>$fnumrows) $docoff=0;
if ($docoff<0) $docoff=0;
$don=$docoff+100;if ($don>$fnumrows) $don=0;
$dop=$docoff-100;if ($dop<0) $dop=0;
$prevlink="";
if ($docoff>0) $prevlink="<A HREF=\"/$xid/do/$dop\" class=\"button\">PREV</A>";
$nextlink="";
if ($docoff+100<$fnumrows) $nextlink="<A HREF=\"/$xid/do/$don\" class=\"button\">NEXT</A>";
$sql="SELECT * FROM docs WHERE catid=".$row['catid']." AND rm=0 LIMIT $docoff,100";
} else {
$sql="SELECT * FROM docs WHERE catid=".$row['catid']." AND rm=0";
}
$res=mydo($DB,$sql);
echo "<P><H3>Files</H3> <SPAN STYLE='font-size:90%;color:#999;'>($fnumrows)</SPAN>";
if (!PM("/^\s*$/",$prevlink) || !PM("/^\s*$/",$nextlink)) echo "&nbsp;&nbsp;&nbsp;";
if (!PM("/^\s*$/",$prevlink)) echo "<H3>&nbsp;$prevlink&nbsp;</H3>";
if (!PM("/^\s*$/",$nextlink)) echo "<H3>&nbsp;$nextlink&nbsp;</H3>";
?>
<DIV style='height:6px;'></DIV>
<TABLE>
<TR><TH>Id</TH><TH>File</TH><TH>Time</TH><TH>Comment</TH><TH>Size</TH><TH>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) { ?>
<TR>
<TD><A HREF="/send/<?= idencode($catid,$row['docid'])?>"><?= $row['docid'] ?></A></TD>
<TD><A HREF="/send/<?= idencode($catid,$row['docid'])?>"><?= $row['filename'] ?></A></TD>
<TD><?= $row['ts'] ?></TD>
<TD><?= $row['comment'] ?></TD>
<TD ALIGN=center><?= formsize($row['size']) ?></TD>
<TD ALIGN=center>
<? if ($row['mime']==='image/jpeg' || $row['mime']==='image/png' || $row['mime']==='text/plain' ||
$row['mime']==='image/tiff' || $row['mime']==='image/x-ms-bmp' ||
$row['mime']==='application/pdf' || PM("/\.txt$/",$row['filename']) ) { ?>
<A HREF="/preview/<?= idencode($catid,$row['docid'])?>" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Edit' SRC="/img/preview.png"></A>
<? } ?>
</TD>
</TR>
<? } ?>
</TABLE>
<? } ?>
<? // ------------------------------------------------------------------------- show table with linked files
$sql="select * from cat,links where links.catid=$catid and cat.catid=links.link and $ACCESSQL";
$lres=mydo($DB,$sql,1);
$lnumrows =mysqli_num_rows($lres);
if ($lnumrows>0) { ?>
<P><H3>Linked Entries</H3>
<TABLE>
<TR><TH>Id</TH><TH>Project</TH><TH></TH><TH></TH><TH>Action</TH></TR>
<? } ?>
<? while($lrow = mysqli_fetch_assoc($lres)) { ?>
<TR>
<TD WIDTH=5><A HREF="/<?= $lrow['id'] ?>"><?= $lrow['id'] ?></A></TD>
<TD WIDTH=5 style='font-size:80%'><?= $USERPROJECTS[$lrow['project']] ?></TD>
<TD><?= shortstr($lrow['f0'],48) ?></TD>
<TD><?= shortstr($lrow['f1'],48) ?></TD>
<TD WIDTH=5 ALIGN=center>
<? if (chkeditaccess($lrow['catid'])) { ?>
<A HREF="/<?= idfromcatid($lrow['catid']) ?>/dellink/<?=$lrow['lid']?>" CLASS='icon'>
<IMG HEIGHT=16 TITLE='Edit' SRC="/img/trash.png"></A>
<? } ?>
</TR>
<? } ?>
<? if ($lnumrows>0) { ?>
</TABLE>
<? } ?>
<BR><BR>
<? } ?>
<? ///////////////////////////////////////////////////////////////////////////////// display multiple entries ?>
<? if ($numrows!=1 && isset($_SESSION['username'])) { ?>
<?
$sql="";
if ($mode==='search' || !PM("/^\s*$/",$KEY)) {
if (PM("/^\s*\d+\s*$/",$KEY)) {
$sql.=" AND (catid=$KEY OR typeid=$KEY OR f0 LIKE '%$KEY%')";
} else if (preg_match("/^\s*([A-Z])\s*(\d+)\s*$/",SU($KEY),$M)) {
$sql.=" AND (catid=".catidfromid($M[1].$M[2])." OR f0 LIKE '%$KEY%')";
} else {
$sql.=" AND (f0 LIKE '%$KEY%' OR f1 LIKE '%$KEY%' OR f2 LIKE '%$KEY%' OR f3 LIKE '%$KEY%' OR ".
"f4 LIKE '%$KEY%')";
}
}
if (!PM("/^ALL$/",$TYPE)) $sql.=" AND UPPER(type)='$TYPE'";
if (!PM("/^ALL$/",$PROJECT)) $sql.=" AND project=".$PROJECTNAMES[$PROJECT];
$sql=PR("/\s*WHERE\s*$/","",$sql);
$sql=PR("/\s*AND\s*$/","",$sql);
$sql.=' ORDER BY catid DESC';
$res=mydo($DB,"SELECT count(*) AS c FROM cat WHERE $ACCESSQL $sql",1);
$row = mysqli_fetch_assoc($res);
$numrows=$row['c'];
if ($_SESSION['currentoffset']<0) $_SESSION['currentoffset']=0;
if ($_SESSION['currentoffset']>$numrows) $_SESSION['currentoffset']=0;
$res=mydo($DB,"SELECT * FROM cat WHERE $ACCESSQL $sql LIMIT ".$_SESSION['currentoffset'].",100",1);
$pof=$_SESSION['currentoffset']/100+1;
$nop=0; if ($numrows>0) $nop=intval($numrows/100)+1;
subheader("$numrows Results,&nbsp;&nbsp;&nbsp;Page $pof of $nop");
?>
<DIV id=head>
<FORM action="/" method="post">
<TABLE WIDTH=100%>
<TR><TD VALIGN=top><H2>Type:</H2></TD><TD><? if ($TYPE==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="type" value="ALL" class="<?=$tmp?>">
<? foreach($TYPES as $t) { ?>
<? if (SU($t)===SU($TYPE)) $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="type" value="<?=SU($t)?>" class="<?=$tmp?>">
<? } ?></TD>
<TD style='text-align:right;' nowrap valign=top>
<input type="submit" name="page" value="PREV" class="button">
<input type="submit" name="page" value="NEXT" class="button">
<INPUT type='hidden' name='offset' value='<?= $offset ?>'>
<INPUT type='hidden' name='key' value='<?= $KEY ?>'>
<INPUT type='hidden' name='postform' value='1'>
</FORM></TD>
</TR>
<TR><TD VALIGN=top><H2>Project:</H2></TD><TD><? if ($PROJECT==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="project" value="ALL" class="<?=$tmp?>">
<? foreach($USERPROJECTS as $pid => $pname) { ?>
<? if (SU($pname)===SU($PROJECT)) $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="project" value="<?=$pname?>" class="<?=$tmp?>">
<? } ?></TD></TR>
</TABLE></DIV><BR>
<TABLE WIDTH=100%>
<TR><TH>Id</TH><TH>Project</TH><TH></TH><TH></TH><TH WIDTH=5 style='text-align:center;'>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) distabentry($row) ?>
</TABLE>
<? } ?>
<? include_once('footer.php'); ?>

68
src/init.php Normal file
View File

@ -0,0 +1,68 @@
<?
include_once('version.php');
if ($NOLOGIN!=1) $NOLOGIN=0;
include_once('archive.conf');
include_once('access.php');
include_once('tools.php');
function callback($buffer) { // cleanup html output (disable with $NOCLEAN=true)
return PR("/^\s+/m","",$buffer);
}
if (!$NOCLEAN) ob_start("callback");
global $DB; // connect to database
$DB=@mysqli_connect($MYHOST,$MYUSER,$MYPW,$MYDB);
if (mysqli_connect_errno()) {
echo '<BR><font color=#700099 style=\'font-size:12pt;\'><tt><B>MySQL connect error: </B>' .
mysqli_connect_error() . '</tt></font>';
exit;
}
session_start();
$id=getpar('id'); // check for open access
if (PM("/[A-Z,a-z]\d+/",$id) && !isset($_SESSION['username'])) {
$catid=catidfromid($id);
if (PM("/^\d+$/",$catid)) {
global $DB,$ACCESSQL,$TCHR;
$sql="SELECT * FROM cat WHERE catid=$catid AND oa=1";
$res=mydo($DB,$sql,1);
$numrows=mysqli_num_rows($res);
if ($numrows==1) {
$_SESSION['username']='openaccess';
$_SESSION['usertype']='oa';
}
}
}
if (!$NOLOGIN) { // redirect to login
if (!isset($_SESSION['username'])) {
phplog("REDIRECT TO LOGIN: ".$_SERVER['REQUEST_URI'],'error');
session_unset();session_destroy();
$id=getpar('id');
if (PM("/[A-Z]\d+/",$id)) header("Location: /login/$id");
else header("Location: /login");
exit;
}
}
global $USER,$ROLE,$ROLENAMES,$USERPROJECTS,$PROJECTS,$PROJECTNAMES,$ACCESSQL,$TCHR,$VERSION;
global $TITLE,$DEBUG,$STDEF,$STYPES,$LMSG,$PROJECTPRIV,$ALLFIELDS,$DEFSEARCHFIELD,$IDPAT;
$USER='';$USERTYPE='';$ROLE='';$ACCESSQL='';$ROLENAMES=array();$USERPROJECTS=array();
$res = mysqli_query($DB,"SELECT * FROM projects");
while($row = mysqli_fetch_assoc($res)){
$PROJECTS[$row['pid']]=$row['pname'];
$PROJECTPRIV[$row['pid']]=$row['private'];
$PROJECTNAMES[$row['pname']]=$row['pid'];
}
setaccess($_SESSION['username'],$_SESSION['usertype']);
phplog('','info');
?>

36
src/login.php Normal file
View File

@ -0,0 +1,36 @@
<?
$NOLOGIN=1;include_once('init.php');include_once('header.php');
$mode=getpar('mode');
$passwd=getpar('password');
$name=getpar('name');
$goto=getpar('goto');
if ($mode=='login') { // perform login
if (login($name,$passwd)) {
if (PM("/[A-Z]\d+/",$goto)) header("Location: /$goto");
else header("Location: /home");
exit;
}
}
session_unset();session_destroy();
?>
<?php if(!isset($_SESSION['USER'])) { ?>
<BR><CENTER>
<? if (!PM("/^\s*$/",$LMSG)) { ?>
<H2><SPAN style='color:#BB0000;'><?= $LMSG ?></SPAN></H2><P><BR>
<? } ?>
<form action="/login" method="post">
<H2> Enter name and password:</H2><P>
<H3>Name:</H3> <input size=12 type="text" name="name" style='text-align:center;' autofocus>
<H3>Password:</H3> <input size=12 type="password" name="password" style='text-align:center;'>
<input type="submit" value="LOGIN" class="button">
<input type="hidden" name="mode" value="login">
<? if (PM("/[A-Z]\d+/",$goto)) { ?><input type="hidden" name="goto" value="<?=$goto?>"><? } ?>
</form>
</CENTER>
<?php } ?>
<? include_once('footer.php'); ?>

5
src/logout.php Normal file
View File

@ -0,0 +1,5 @@
<?
session_start();session_unset();session_destroy();
header('Location: /login');
exit;
?>

38
src/more.php Normal file
View File

@ -0,0 +1,38 @@
<? ///////////////////////////////////////////////////////////////////////////// archive, more.php (mwx'2022) ?>
<? include_once('init.php');include_once('header.php');subheader(); ?>
<CENTER><H1>My Latest Entries</H1></CENTER>
<? $res=mydo($DB,"SELECT * FROM cat WHERE $ACCESSQL AND user='$USER' ORDER BY tcha DESC LIMIT 16",1); ?>
<TABLE WIDTH=100%>
<TR><TH>Id</TH><TH>Project</TH><TH></TH><TH></TH><TH WIDTH=5 style='text-align:center;'>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) distabentry($row) ?>
</TABLE>
<P>
<CENTER><H1>Saved Searches</H1></CENTER>
<? $res=mydo($DB,"SELECT * FROM prefs WHERE user='$USER' AND type='search' ORDER BY name",1);?>
<TABLE WIDTH=100%>
<TR><TH WIDTH=5>Id</TH><TH ALIGN=left>Name</TH><TH WIDTH=5 style='text-align:center;'>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) { ?>
<TR>
<TD VALIGN=top ALIGN=left><?= $row['pid'] ?></TD>
<TD VALIGN=top ALIGN=left><A HREF="/search/<?= $row['pid'] ?>"><?= $row['name'] ?></A></TD>
<TD VALIGN=center ALIGN=center style="white-space:nowrap">
<A HREF="/delsearch/<?= $row['pid'] ?>" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Delete' SRC="/img/trash.png"></A>
</TD></TR>
<? } ?>
</TABLE>
<P>
<CENTER><H1>Bookmarks</H1></CENTER>
<? $res=mydo($DB,"SELECT * FROM cat,bookmarks WHERE cat.catid=bookmarks.catid and bookmarks.user='$USER'",1);?>
<TABLE WIDTH=100%>
<TR><TH>Id</TH><TH>Project</TH><TH></TH><TH></TH><TH WIDTH=5 style='text-align:center;'>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) distabentry($row,'bookmark') ?>
</TABLE>
<? include_once('footer.php'); ////////////////////////////////////////////////////////////////////////// END ?>

74
src/preview.php Normal file
View File

@ -0,0 +1,74 @@
<?
include_once('init.php');include_once('header.php');
[$catid,$docid]=iddecode(getpar('cdid'));
if (chkreadaccess($catid)) {
$sql="SELECT * FROM docs WHERE catid=$catid AND docid=$docid";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
$row = mysqli_fetch_assoc($res);
if ($numrows==1) {
$prevf0=$row['f0'];
$prevcatid=$row['catid'];
$prevdocid=$row['docid'];
$dlink="<A HREF=\"/send/".idencode($catid,$docid)."\">".$row['filename']."</A>";
$previewtxt="(".$dlink.", $docid, ".formsize($row['size']).", ".$row['mime'].")";
$prevmime=$row['mime'];
$prevfilename=$row['filename'];
$prevfilepath="$DATA/".$row['catid']."/".$row['docid'];
if (!is_null($row['fcatid']) && !is_null($row['fdocid'])) {
$prevfilepath="$DATA/".$row['fcatid']."/".$row['fdocid'];
}
$sres=mydo($DB,"select docid,filename from docs where catid=$prevcatid and rm=0 ".
"and docid>$prevdocid order by docid limit 1",1);
$nextlink="";
$snumrows =mysqli_num_rows($sres);
if ($snumrows==1) {
$srow = mysqli_fetch_assoc($sres);
$nextlink="<A HREF=\"/preview/".idencode($prevcatid,$srow['docid'])."\" class=\"button\">NEXT</A>";
}
$sres=mydo($DB,"select docid,filename from docs where catid=$prevcatid and rm=0 ".
"and docid<$prevdocid order by docid desc limit 1",1);
$prevlink="";
$snumrows =mysqli_num_rows($sres);
if ($snumrows==1) {
$srow = mysqli_fetch_assoc($sres);
$prevlink="<A HREF=\"/preview/".idencode($prevcatid,$srow['docid'])."\" class=\"button\">PREV</A>";
}
echo "<DIV id=head><TABLE WIDTH=100%><TR><TD>";
echo "<H3>Preview</H3> <SPAN STYLE='font-size:90%;color:#999;'>$previewtxt</SPAN>";
echo "</TD><TD style='text-align:right;'>";
echo "<A HREF=\"/".idfromcatid($catid)."\" class=\"button\">BACK</A>&nbsp;&nbsp;&nbsp";
if (!PM("/^\s*$/",$prevlink)) echo "&nbsp;$prevlink";
if (!PM("/^\s*$/",$nextlink)) echo "&nbsp;$nextlink";
echo "</TD></TR></TABLE></DIV>";
}
}
?>
<? if (PM("/^text\/plain$/",$prevmime) || PM("/\.txt$/",$row['filename'])) { ?>
<PRE>
<? readfile($prevfilepath); ?>
</PRE>
<? } else if (PM("/^image\//",$prevmime)) { ?>
<P><IMG SRC='/p/<?=$catid?>/<?=$docid?>/<?=$prevfilename?>' WIDTH=100%>
<? } else if (PM("/^application\/pdf$/",$prevmime)) { ?>
<? header("Location: /send/".idencode($catid,$row['docid']));exit; ?>
<? } else { ?>
<P><BR><BR><CENTER><B><SPAN style='font-size:16px;color:#999999;'>no preview avalible</SPAN></B></CENTER><P>
<? }?>
<? include_once('footer.php'); ?>

79
src/previewout.php Normal file
View File

@ -0,0 +1,79 @@
<?
$NOCLEAN=true;require('./init.php');
$catid=getpar('catid');
$docid=getpar('docid');
$file=getpar('file');
if (chkreadaccess($catid)) {
$sql="SELECT * FROM docs WHERE docid=$docid";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
alog(idfromcatid($catid),$docid,'preview');
$file="$DATA/$catid/$docid";
if (!is_null($row['fcatid']) && !is_null($row['fdocid'])) {
$file="$DATA/".$row['fcatid']."/".$row['fdocid'];
}
if (file_exists($file)) {
$mime=$row['mime'];
$size=$row['size'];
$filename=$row['filename'];
$md5=$row['md5'];
$prevdone=0;
if ($row['mime']==='image/jpeg' || $row['mime']==='image/png' ||
$row['mime']==='image/tiff' || $row['mime']==='image/x-ms-bmp') {
if ($size>1000000) {
$nfile="$CACHE/$md5.jpg";
if (!file_exists($nfile)) exec("/usr/bin/convert $file -resize 1000x1000 jpg:$nfile");
$file=$nfile;
$mime="image/jpeg";
$size=filesize($file);
$filename="$filename.preview.jpg";
$prevdone=1;
}
}
if ($prevdone==0 && $row['mime']==='image/tiff') {
$nfile="$CACHE/$md5.jpg";
if (!file_exists($nfile)) exec("/usr/bin/convert $file jpg:$nfile");
$file=$nfile;
$mime="image/jpeg";
$size=filesize($file);
$filename="$filename.preview.jpg";
}
phplog("PREVIEW: $catid/$docid, $file $size $mime (".$filename.")");
header('Content-Type: ' . $mime);
//Use Content-Disposition: attachment to specify the filename
header('Content-Disposition: attachment; filename='. $filename);
//No cache
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
//Define file size
header('Content-Length: ' . $size);
ob_clean();ob_end_flush();flush();
readfile($file);
exit;
}
}
}
?>

654
src/rest.php Normal file
View File

@ -0,0 +1,654 @@
<?
$NOLOGIN=1;
require('./init.php');
function jfailed($err='') {
header('Content-Type: application/json');
if (strlen($err)>0) echo json_encode(array('success' => 0, 'error' => $err))."\n";
else echo json_encode(array('success' => 0))."\n";
exit;
}
function jsuccess($J) {
header('Content-Type: application/json');echo json_encode($J)."\n";exit;
}
$cmd=getpar('cmd');
$cmds=explode('/',$cmd);
if ($cmd==='login') { // rest login
$J = json_decode(file_get_contents('php://input'), true);
if (!preg_match("/^\s*$/",$J['password']) && !preg_match("/^\s*$/",$J['user'])) {
if (login($J['user'],$J['password'])) {
jsuccess(array('success' => 1, 'token' => $_SESSION['token']));
}
}
jfailed('login failed');
}
mydo($DB,"DELETE FROM tokens WHERE unix_timestamp(now())-unix_timestamp(ts)>86400");
$J = json_decode(file_get_contents('php://input'), true); // load user info from token
if ($J==null) jfailed("invalid json");
$res=mydo($DB,"SELECT * FROM tokens WHERE token='".$J['token']."'",1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
if ($_SERVER['REMOTE_ADDR']===$row['ip']) {
mydo($DB,"UPDATE tokens SET ts=now() WHERE token='".$J['token']."'");
$name=$row['name'];
$type=$row['type'];
} else jfailed("invalid token");
} else jfailed("invalid token");
if (!setaccess($name,$type)) jfailed("login failed");
////////////////////////////////////////////////////////////////////////////////////////////////// rest commands
if ($cmds[0]==='download') { ///////////////////////////////////////////////////////////////////// download file
$catid=catidfromid($cmds[1]); if ($catid==-1) jfailed("id not found");
$docid=$cmds[2];
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$sql="SELECT * FROM docs WHERE catid=$catid AND docid=$docid";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row=mysqli_fetch_assoc($res);
$file="$DATA/$catid/$docid";
if (!is_null($row['fcatid']) && !is_null($row['fdocid'])) {
$file="$DATA/".$row['fcatid']."/".$row['fdocid'];
}
if (file_exists($file)) {
header('Content-Type: ' . $row['mime']);
if ($row['mime']==='application/pdf') {
header('Content-Disposition: inline; filename="' . $row['filename'] . '"');
header('Content-Transfer-Encoding: binary');
header('Accept-Ranges: bytes');
ob_clean();ob_end_flush();flush();
readfile($file);
exit;
} else {
header('Content-Disposition: attachment; filename='. $row['filename']);
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . $row['size']);
ob_clean();ob_end_flush();flush();
readfile($file);
exit;
}
}
} else {
jfailed("doc not found");
}
} else {
jfailed("download failed");
}
}
if ($cmds[0]==='directupload' || $cmds[0]==='urlupload') { //////////////// upload data (urlupload/directupload)
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
if (chkeditaccess($catid)) {
$J=json_decode(file_get_contents('php://input'), true);
$fn=$J['filename'];
$fid=id62(12);
if ($cmds[0]==='directupload') {
$content=base64_decode($J['content']);
file_put_contents( "$DATA/tmp/$fid",$content);
}
if ($cmds[0]==='urlupload') {
$url=$J['url'];
shell_exec("curl -s -o '$DATA/tmp/$fid' '$url'");
}
$mime=mime_content_type("$DATA/tmp/$fid");
$size=filesize("$DATA/tmp/$fid");
$md5=md5_file ("$DATA/tmp/$fid");
$mysqlts=date('Y-m-d H:i:s');
$sql="INSERT INTO docs SET docid=0,catid=$catid,ts='$mysqlts',rm=0,md5='$md5',filename='".
mysqli_escape_string($DB,$fn) ."',mime='".mysqli_escape_string($DB,$mime)."',size=$size";
$res= mydo($DB,$sql);
$docid=mysqli_insert_id($DB);
if (!is_dir("$DATA/$catid")) mkdir("$DATA/$catid");
rename("$DATA/tmp/$fid","$DATA/$catid/$docid");
mydo($DB,"UPDATE cat SET tcha='$mysqlts' WHERE catid=$catid;");
alog($catid,$docid,'upload');
jsuccess(array('success' => 1, 'docid' => $docid));
} else {
jfailed('no access');
}
}
if ($cmd==='list') { /////////////////////////////////////////////////////////////////// list accessible entries
$I=array();
$sql="SELECT * FROM cat WHERE $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows>0) {
while($row = mysqli_fetch_assoc($res)) {
array_push($I,$row['catid']);
}
jsuccess(array('success' => 1, 'ids' => $I));
}
}
if ($cmd==='fields') { ///////////////////////////////////////////////////////////////// list accessible entries
$I=array();
$J=json_decode(file_get_contents('php://input'), true);
$type=$J['type'];
for ($i=0;$i<$FMAX;$i++) {
$f="f$i";
$n=["name"=>$FMAP[$type][$i][0],"mandatory"=>$FMAP[$type][$i][1]];
if (!PM("/^\s*$/",$n['name'])) $I[$f]=$n;
}
jsuccess(array('success' => 1, 'fields' => $I));
}
if ($cmd==='types') { /////////////////////////////////////////////////////////////////////////////// list types
$I=array();
$J=json_decode(file_get_contents('php://input'), true);
foreach ($TYPES as $t) array_push($I,$t);
jsuccess(array('success' => 1, 'types' => $I));
}
if ($cmd==='projects') { ///////////////////////////////////////////////////////////////////////// list projects
$I=array();
$J=json_decode(file_get_contents('php://input'), true);
foreach ($USERPROJECTS as $p) array_push($I,$p);
jsuccess(array('success' => 1, 'projects' => $I));
}
if ($cmds[0]==='get' || $cmds[0]==='getraw') { ////////////////////////////////////////////////// get entry data
$catid=catidfromid($cmds[1]); if ($catid==-1) jfailed("id not found");
$gen=array();
$sql="SELECT * FROM gen WHERE catid=$catid AND rm=0 ORDER BY gen";
$res=mydo($DB,$sql,1);
while($r = mysqli_fetch_assoc($res)) array_push($gen,idfromcatid($r['parent']));
$par=array();
$sql="SELECT * FROM gen WHERE parent=$catid AND rm=0 ORDER BY gen";
$res=mydo($DB,$sql,1);
while($r = mysqli_fetch_assoc($res)) array_push($par,idfromcatid($r['catid']));
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
if ($cmds[0]==='get') $project=$PROJECTS[$row['project']];
else $project=$row['project'];
$J = array('success' => 1,
'id'=>idfromcatid($row['catid']),
'tent'=>$row['tent'],
'tcha'=>$row['tcha'],
'project'=>$project,
'user'=>$row['user'],
'type'=>$row['type']);
if (count($gen)>0) $J['ancestry'] = $gen;
if (count($par)>0) $J['descendants'] = $par;
for ($i=0;$i<$FMAX;$i++) {
if ($cmds[0]==='get') {
$key=$FMAP[$row['type']][$i][0];
if (!PM("/^\s*$/",$row["f$i"])) $J[$key]=$row["f$i"];
} else {
if (!PM("/^\s*$/",$row["f$i"])) $J["f$i"]=$row["f$i"];
}
}
$J["jasondata"]= json_decode($row['jsondata']);
$I=array();
$sql="SELECT * FROM docs WHERE catid=$catid AND rm=0";
$res=mydo($DB,$sql,1);
$fnumrows =mysqli_num_rows($res);
if ($fnumrows>0) {
while($row = mysqli_fetch_assoc($res)) {
$comment =$row['comment'];if (PM("/^\s*$/",$row['comment'])) $comment="";
array_push($I,array('id' => $row['docid'],
'filename' => $row['filename'],
'comment' => $comment,
'size' => $row['size'],
'mimetype' => $row['mime']));
}
$J["files"]=$I;
}
$I=array();
$sql="select * from cat,links where links.catid=$catid and cat.catid=links.link and $ACCESSQL";
$res=mydo($DB,$sql,1);
$fnumrows =mysqli_num_rows($res);
if ($fnumrows>0) {
while($lrow = mysqli_fetch_assoc($res)) {
array_push($I,array('lid' => $lrow['lid'],
'link' => $lrow['id']));
}
$J["links"]=$I;
}
jsuccess($J);
}
}
if ($cmds[0]==='new') { ////////////////////////////////////////////////////////////////////////////// new entry
$J=json_decode(file_get_contents('php://input'), true);
$type=$J['type'];
$project=$J['project'];
$parent=$J['parent'];
$m=0;
foreach($TYPES as $typename) {
if (SL($type)===SL($typename)) {
$m++;
break;
}
}
if ($m!=1) jfailed("invalid type");
$m=0;
foreach ($USERPROJECTS as $pid => $pname) {
if (SU($pname)===SU($project)) {
$m++;
break;
}
}
if ($m!=1) jfailed("invalid project");
mysqli_query($DB,"BEGIN");
$sql="SELECT max(typeid)+1 as nexttid FROM cat WHERE type='$type'";
$res=mydo($DB,$sql,1);
$row = mysqli_fetch_assoc($res);
$nexttid=$row['nexttid'];
if (strlen($nexttid)==0) $nexttid=0;
$sql="INSERT INTO cat SET catid=0,typeid=$nexttid,tent=now(),";
for ($i=0;$i<$FMAX;$i++) {
$f="f$i";
$c=mysqli_escape_string($DB,$J[$f]);
if (!PM("/^\s*$/",$c)) {
$sql.="$f='$c',";
}
}
$xid=$TCHR[$type].$nexttid;
$sql.="id='$xid',type='$type',rm=0,ts=now(),tcha=now(),user='$USER',project=$pid";
$res=mydo($DB,$sql);
$catid=mysqli_insert_id($DB);
mysqli_query($DB,"COMMIT");
$myres=mysqli_errno($DB);
if ($myres==0) {
if (PM("/[A-Z]\d+/i",$parent)) $parent=catidfromid($parent);
if (PM("/^\d+$/i",$parent)) {
$sql="INSERT INTO gen VALUES ";
$res=mydo($DB,"SELECT * FROM gen WHERE catid=$parent AND rm=0 ORDER BY gen",1);
$gen="";
while($row = mysqli_fetch_assoc($res)) {
$gen=$row['gen'];
$sql.="($catid,".$row['parent'].",$gen,0,now(),'$USER'),";
}
$gen++;$sql.="($catid,$parent,$gen,0,now(),'$USER')";
$res= mydo($DB,$sql);
}
$sql="SELECT * FROM cat WHERE id='$xid' AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$trow = mysqli_fetch_assoc($res);
mydo($DB,"DELETE FROM tags WHERE id='$xid'");
for ($i=0;$i<$FMAX;$i++) {
if ($FMAP[$otype][$i][2]==0 || $FMAP[$otype][$i][2]==1) {
$tmp=$trow["f$i"];
if (!PM("/^\s*$/",$tmp)) {
if (preg_match_all("/\#[A-Za-z]+\w+\b/",$tmp,$M)) {
if (is_array($M[0])) {
foreach ($M[0] as $tag) {
$tag=SL(PR("/^\s*#\s*/","",$tag));
mydo($DB,"INSERT INTO tags SET id='$xid',tag='$tag',user='$USER'",0);
}
}
}
}
}
}
}
alog($xid,0,'savenew');
jsuccess(array('success' => 1, 'id' => idfromcatid($catid)));
}
jfailed();
}
if ($cmds[0]==='edit') { //////////////////////////////////////////////////////////////////////////// edit entry
$J=json_decode(file_get_contents('php://input'), true);
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
if (chkeditaccess($catid)) {
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$sql="UPDATE cat SET ";
$m=0;
for ($i=0;$i<$FMAX;$i++) {
$f="f$i";
$c=mysqli_escape_string($DB,$J[$f]);
if (!PM("/^\s*$/",$c)) {
$sql.="$f='$c',";
$m++;
}
}
$sql.="tcha=now() WHERE catid=$catid";
if ($m>0) {
$res=mydo($DB,$sql);
alog($cmds[1],0,'saveedit');
if (mysqli_errno($DB)==0) jsuccess(array('success' => 1, 'id' => idfromcatid($catid)));
}
}
} else {
jfailed('no access');
}
jfailed();
}
if ($cmds[0]==='delete') { //////////////////////////////////////////////////////////////////////// delete entry
$J=json_decode(file_get_contents('php://input'), true);
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
if (chkeditaccess($catid)) {
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
mydo($DB,"UPDATE cat SET rm=1 WHERE catid=$catid");
mydo($DB,"UPDATE docs SET rm=1 WHERE catid=$catid");
mydo($DB,"UPDATE gen SET rm=1 WHERE catid=$catid");
alog($cmds[1],0,'delete');
jsuccess(array('success' => 1, 'id' => $cmds[1]));
}
} else {
jfailed('no access');
}
jfailed();
}
if ($cmds[0]==='deletedoc') { ////////////////////////////////////////////////////////////////// delete document
$J=json_decode(file_get_contents('php://input'), true);
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
$docid=$cmds[2];
if (chkeditaccess($catid)) {
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$sql="SELECT * FROM docs WHERE catid=$catid AND docid=$docid";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
mydo($DB,"UPDATE docs SET rm=1 WHERE docid=$docid");
alog($cmds[1],$docid,'deldoc');
jsuccess(array('success' => 1, 'id' => $cmds[1], 'docid' => $cmds[2]));
}
}
} else {
jfailed('no access');
}
jfailed();
}
if ($cmds[0]==='addlinks') { ///////////////////////////////////////////////////////////////////////// add links
$J=json_decode(file_get_contents('php://input'), true);
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
if (chkeditaccess($catid)) {
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$I=array();
$hcom="";
foreach($J['links'] as $link) {
$id=catidfromid($link);
if ($id!=-1) {
mydo($DB,"INSERT INTO links SET lid=0,ts=now(),catid=$catid,link=$id");
$hcom.="$link, ";
array_push($I,$link);
}
}
$hcom=PR("/,\s*$/","",$hcom);
if (count($I)>0) {
alog($cmds[1],0,'link',$hcom);
jsuccess(array('success' => 1, 'id' => $cmds[1], 'links' => $I));
} else {
jfailed('link ids not found');
}
}
} else {
jfailed('no access');
}
jfailed();
}
if ($cmds[0]==='deletelinks') { /////////////////////////////////////////////////////////////////// delete links
$J=json_decode(file_get_contents('php://input'), true);
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
if (chkeditaccess($catid)) {
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$I=$J['lids'];
foreach($I as $i) {
mydo($DB,"DELETE FROM links WHERE lid=$i AND catid=$catid");
alog($cmds[1],0,'dellink',"$i");
}
jsuccess(array('success' => 1, 'id' => $cmds[1]));
}
} else {
jfailed('no access');
}
jfailed();
}
if ($cmds[0]==='search') { ////////////////////////////////////////////////////////////////////////////// search
$J=json_decode(file_get_contents('php://input'), true);
$S=$J['search'];
$sql="SELECT * FROM cat WHERE (";
foreach ($S as $s) {
foreach ($s['fields'] as $f) {
$sql.="(";
foreach ($s['keys'] as $k) {
$sql.="f$f LIKE '%$k%' OR ";
}
$sql=PR("/\s*OR\s*$/",") OR ",$sql);
}
$sql=PR("/\s*OR\s*$/","",$sql);
$sql.=" AND ";
}
$sql=PR("/\s*AND\s*$/","",$sql);
$sql.=") AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$I=array();
$numrows =mysqli_num_rows($res);
if ($numrows>0) {
while($row = mysqli_fetch_assoc($res)) array_push($I,idfromcatid($row['catid']));
}
jsuccess(array('success' => 1, 'result' => $I));
}
if ($cmds[0]==='jsonadd') { ////////////////////////////////////////////////////////////////////// add json data
$J=json_decode(file_get_contents('php://input'), true);
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
if (chkeditaccess($catid)) {
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
mydo($DB,"UPDATE cat SET jsondata='".json_encode($J['jsondata'])."' WHERE catid=$catid");
alog($cmds[1],0,'jsonadd',json_encode($J['jsondata']));
jsuccess(array('success' => 1, 'id' => $cmds[1]));
}
} else {
jfailed('no access');
}
jfailed();
}
if ($cmds[0]==='jsonget') { ////////////////////////////////////////////////////////////////////// add json data
$J=json_decode(file_get_contents('php://input'), true);
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$I=array();
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
$J=json_decode($row['jsondata']);
jsuccess(array('success' => 1, 'jasondata' => $J));
}
jfailed();
}
if ($cmds[0]==='jsonsearch') { ///////////////////////////////////////////////////////////////////// json search
$J=json_decode(file_get_contents('php://input'), true);
$S=$J['jsonsearch'];
$R=$J['range'];
$M=$J['match'];
$sql="SELECT * FROM cat WHERE $ACCESSQL AND json_extract(jsondata,'\$.$S') IS NOT NULL ";
if (is_array($R)) {
$sql.="AND json_extract(jsondata,'\$.$S') >= $R[0] ";
$sql.="AND json_extract(jsondata,'\$.$S') <= $R[1] ";
}
if (is_string($M)) {
$sql.="AND lower(json_extract(jsondata,'\$.$S')) like lower('%$M%') ";
}
$sql.="ORDER BY catid DESC";
$res=mydo($DB,$sql,0);
$I=array();
$numrows =mysqli_num_rows($res);
if ($numrows>0) {
while($row = mysqli_fetch_assoc($res)) {
$J=json_decode($row['jsondata']);
$I[idfromcatid($row['catid'])]=$J;
}
}
jsuccess(array('success' => 1, 'result' => $I));
}
?>

393
src/search.php Normal file
View File

@ -0,0 +1,393 @@
<?
include_once('init.php');include_once('header.php');
$FSM=4;
$searchmode=getpar('searchmode');
$savesearchas=getpar('savesearchas');
if ($searchmode==='RESET') { // reset search form
unset($_SESSION['currenttype']);
unset($_SESSION['currentproject']);
unset($_SESSION['s_json1']);
unset($_SESSION['s_json2']);
$_SESSION['s_op']='AND';
unset($_SESSION['s_usr']);
unset($_SESSION['s_all']);
unset($_SESSION['s_id']);
unset($_SESSION['s_fn']);
for ($fn=1;$fn<=$FSM;$fn++) {
unset($_SESSION["s_key$fn"]);
unset($_SESSION["s_field$fn"]);
$_SESSION["s_fieldop$fn"]='AND';
}
$_SESSION['currentoffset']=0;
header("Location: /search");exit;
}
$pid=getpar('pid');
if (PM("/^\d+$/",$pid)) { // load search form from prefs
$S=loadprefs($pid,'search');
for ($fn=1;$fn<=$FSM;$fn++) {
$_POST["s_key$fn"] =$S['s_key'][$fn];
$_POST["s_field$fn"] =$S['s_field'][$fn];
$_POST["s_fieldop$fn"] =$S['s_fieldop'][$fn];
}
foreach (array('type','project','s_op','s_json1','s_json2','s_usr','s_all','s_id','s_fn') as $val) {
$_POST[$val]=$S[$val];
}
$TYPE=$S['type'];
$PROJECT=$S['project'];
}
if (!isset($_SESSION['currenttype'])) $_SESSION['currenttype']='ALL';
if (!PM("/^\s*$/",getpar('type'))) $_SESSION['currenttype']=SU(getpar('type'));
$TYPE=$_SESSION['currenttype'];
if (!isset($_SESSION['currentproject'])) $_SESSION['currentproject']='ALL';
if (!PM("/^\s*$/",getpar('project'))) $_SESSION['currentproject']=getpar('project');
$PROJECT=$_SESSION['currentproject'];
foreach (array('s_op','s_json1','s_json2','s_usr','s_all','s_id','s_fn') as $val) {
if (isset($_POST[$val])) $_SESSION[$val]=getpar($val);
$S[$val]=$_SESSION[$val];
}
if ($S['s_op']!=='AND' && $S['s_op']!=='OR') $S['s_op']='AND';
for ($fn=1;$fn<=$FSM;$fn++) {
if (isset($_POST["s_key$fn"])) $_SESSION["s_key$fn"]=getpar("s_key$fn");
$S['s_key'][$fn]=$_SESSION["s_key$fn"];
if (isset($_POST["s_field$fn"])) $_SESSION["s_field$fn"]=getpar("s_field$fn");
$S['s_field'][$fn]=$_SESSION["s_field$fn"];
if (isset($_POST["s_fieldop$fn"])) $_SESSION["s_fieldop$fn"]=getpar("s_fieldop$fn");
$S['s_fieldop'][$fn]=$_SESSION["s_fieldop$fn"];
if (PM("/^\s*$/",$S['s_field'][$fn])) $S['s_field'][$fn]=$DEFSEARCHFIELD[$fn];
}
if (!PM("/^\s*$/",$savesearchas)) {
$S['project']=$PROJECT;
$S['type']=$TYPE;
saveprefs($savesearchas,$S,'search');
}
$MS='';
$res=mydo($DB,"SELECT * FROM prefs WHERE user='$USER' ORDER BY name",1);
while($row = mysqli_fetch_assoc($res)) {
$MS.="<A HREF=\"/search/".$row['pid']."\">".$row['name']."</A>, ";
}
$MS=PR("/,\s*$/","",$MS);
foreach($TYPES as $type) {
foreach($FMAP[$type] as $n => $f) {
$ALLFIELDS[$f[0]]=1;
for ($fn=1;$fn<=$FSM;$fn++) {
if ($f[0]===$S['s_field'][$fn] && !PM("/^\s*$/",$S['s_key'][$fn]) ) {
$fieldsql[$fn].="(f$n LIKE '%".$S['s_key'][$fn]."%' AND type='$type') OR ";
}
}
}
}
ksort($ALLFIELDS);
for ($n=1;$n<=$FSM;$n++) {
if (!PM("/^\s*$/",$fieldsql[$n]) ) $fieldsql[$n]="(".PR("/\s*OR\s*$/","",$fieldsql[$n]).")";
}
$page=getpar('page');
if (PM("/^\s*$/",$_SESSION['currentoffset'])) $_SESSION['currentoffset']=0;
if ($page==='NEXT') $_SESSION['currentoffset']+=100;
else if ($page==='PREV') $_SESSION['currentoffset']-=100;
if (getpar('postform')==1) {
header("Location: /search");
exit;
}
$postsql="";
if (!PM("/^ALL$/",$TYPE)) $postsql.=" AND UPPER(type)='$TYPE'";
if (!PM("/^ALL$/",$PROJECT)) $postsql.=" AND project=".$PROJECTNAMES[$PROJECT];
$postsql.=' ORDER BY cat.catid DESC';
$selextra="";
$searchsql="";
$j1=preg_replace('/([\=\>\<])/', " $1 ", $S['s_json1']);
$j1=preg_replace('/\>(\s+)\=/', ">=", $j1);
$j1=preg_replace('/\<(\s+)\=/', ">=", $j1);
$j1=preg_replace('/\s+/', " ", $j1);
$selj1="";
$searchj1="";
if (preg_match("/^([^\s]+)\s+([\<\>\=]+)\s+([\d\.]+)/",$j1,$M)) {
if ($M[2]==='=' || $M[2]==='<' || $M[2]==='>' || $M[2]==='<=' || $M[2]==='>=') {
$selj1=",json_value(jsondata, '\$.$M[1]') as s_json1";
$searchj1="(json_value(jsondata, '\$.$M[1]')) $M[2] $M[3]";
}
}
if (!PM("/^\s*$/",$S['s_json1']) && $searchj1==='') {
$selj1=",json_extract(jsondata, '\$.".$S['s_json1']."') as s_json1";
$searchj1="(json_extract(jsondata, '\$.".$S['s_json1']."') IS NOT NULL)";
}
$j2=preg_replace('/([\=\>\<])/', " $1 ", $S['s_json2']);
$j2=preg_replace('/\>(\s+)\=/', ">=", $j2);
$j2=preg_replace('/\<(\s+)\=/', ">=", $j2);
$j2=preg_replace('/\s+/', " ", $j2);
$selj2="";
$searchj2="";
if (preg_match("/^([^\s]+)\s+([\<\>\=]+)\s+([\d\.]+)/",$j2,$M)) {
if ($M[2]==='=' || $M[2]==='<' || $M[2]==='>' || $M[2]==='<=' || $M[2]==='>=') {
$selj2=",json_value(jsondata, '\$.$M[1]') as s_json2";
$searchj2="(json_value(jsondata, '\$.$M[1]')) $M[2] $M[3]";
}
}
if (!PM("/^\s*$/",$S['s_json2']) && $searchj2==='') {
$selj2=",json_extract(jsondata, '\$.".$S['s_json2']."') as s_json2";
$searchj2="(json_extract(jsondata, '\$.".$S['s_json2']."') IS NOT NULL)";
}
if (!PM("/^\s*$/",$selj1)) $selextra.=$selj1;
if (!PM("/^\s*$/",$selj2)) $selextra.=$selj2;
$jmode="";
if (!PM("/^\s*$/",$searchj1) && !PM("/^\s*$/",$searchj2)) {
$searchj="($searchj1 ".$S['s_op']." $searchj2)";
$jmode="json12";
} elseif (!PM("/^\s*$/",$searchj1)) {
$searchj="$searchj1";
$jmode="json1";
} elseif (!PM("/^\s*$/",$searchj2)) {
$searchj="$searchj2";
$jmode="json2";
}
if (!PM("/^\s*$/",$searchj)) $searchsql.=" AND ($searchj)";
if (!PM("/^\s*$/",$S['s_usr'])) {
$searchsql.=" AND (user='".$S['s_usr']."')";
}
if (!PM("/^\s*$/",$S['s_all'])) {
$tmp="";
for ($i=0;$i<$FMAX;$i++) $tmp.="f$i LIKE '%".$S['s_all']."%' OR ";
$tmp=PR("/\s*OR\s*$/","",$tmp);
$searchsql.=" AND ($tmp)";
}
if (!PM("/^\s*$/",$S['s_id'])) {
if (PM("/^\s*\d+\s*$/",$S['s_id'])) {
$searchsql.=" AND (catid=".$S['s_id']." OR typeid=".$S['s_id'].")";
} else if (preg_match("/^\s*([A-Z])\s*(\d+)\s*$/",SU($S['s_id']),$M)) {
$searchsql.=" AND (catid=".catidfromid($M[1].$M[2]).")";
}
}
$FX='';
for ($n=1;$n<$FSM;$n++) {
if ($S['s_fieldop'][$n]==='AND') $FX.="1";
else $FX.="0";
}
for ($n=1;$n<=$FSM;$n++) if (!PM("/^\s*$/",$fieldsql[$n])) $fieldsearch.="F$n {$S['s_fieldop'][$n]} ";
$fieldsearch=PR("/\s*AND\s*$/","",$fieldsearch);
$fieldsearch=PR("/\s*OR\s*$/","",$fieldsearch);
for ($n=$FSM-1;$n>=1;$n--) {
$pat="";
for ($j=1;$j<=$n;$j++) $pat.="F\d OR ";
$pat.="F\d";
$fieldsearch=PR("/($pat)/","($1)",$fieldsearch);
}
for ($n=1;$n<=$FSM;$n++) $fieldsearch=PR("/(F$n)/",$fieldsql[$n],$fieldsearch);
if (!PM("/^\s*$/",$fieldsearch)) $searchsql.=" AND ($fieldsearch)";
if (PM("/^\s*$/",$S['s_fn'])) {
$sql="SELECT count(*) AS c FROM cat WHERE $ACCESSQL $searchsql $postsql";
} else {
$searchsql.=" AND (filename like '%".$S['s_fn']."%')";
$sql="SELECT count(*) AS c FROM cat,docs WHERE cat.catid=docs.catid AND docs.rm=0 AND $ACCESSQL ".
"$searchsql $postsql";
}
$res=mydo($DB,$sql);
$row = mysqli_fetch_assoc($res); // << hä
$numrows=$row['c'];
if ($_SESSION['currentoffset']<0) $_SESSION['currentoffset']=0;
if ($_SESSION['currentoffset']>$numrows) $_SESSION['currentoffset']=0;
if (PM("/^\s*$/",$S['s_fn'])) {
$sql="SELECT *$selextra FROM cat WHERE $ACCESSQL $searchsql $postsql LIMIT ".
$_SESSION['currentoffset'].",100";
} else {
$sql="SELECT *$selextra FROM cat,docs WHERE cat.catid=docs.catid AND docs.rm=0 AND $ACCESSQL ".
"$searchsql $postsql LIMIT ".$_SESSION['currentoffset'].",100";
}
$res=mydo($DB,$sql);
$pof=$_SESSION['currentoffset']/100+1;
$nop=0; if ($numrows>0) $nop=intval($numrows/100)+1;
subheader("$numrows Results,&nbsp;&nbsp;&nbsp;Page $pof of $nop");
?>
<DIV id=head>
<FORM action="/search" method="post">
<TABLE WIDTH=100%>
<? if (!PM("/^\s*$/",$MS)) { ?>
<TR><TD VALIGN=top><H2>My Searches:&nbsp;</H2></TD><TD><?= $MS ?></TD></TR>
<TR><TD HEIGHT=8></TD></TR>
<? } ?>
<TR><TD VALIGN=top><H2>Type:</H2></TD><TD><? if ($TYPE==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="type" value="ALL" class="<?=$tmp?>">
<? foreach($TYPES as $t) { ?>
<? if (SU($t)===SU($TYPE)) $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="type" value="<?=SU($t)?>" class="<?=$tmp?>">
<? } ?></TD>
<TD style='text-align:right;' nowrap valign=top>
<input type="submit" name="page" value="PREV" class="button">
<input type="submit" name="page" value="NEXT" class="button">
<INPUT type='hidden' name='postform' value='1'>
</FORM></TD>
</TR>
<TR><TD VALIGN=top><H2>Project:</H2></TD><TD><? if ($PROJECT==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="project" value="ALL" class="<?=$tmp?>">
<? foreach($USERPROJECTS as $pid => $pname) { ?>
<? if (SU($pname)===SU($PROJECT)) $tmp="button"; else $tmp="ubutton"; ?>
<input type="submit" name="project" value="<?=$pname?>" class="<?=$tmp?>">
<? } ?></TD></TR>
</TABLE></DIV>
<BR>
<script type="text/javascript">
function onsearchsearch(input) {
if(input.value == "") document.getElementById("searchsearch").submit();
}
</script>
<form id="searchsearch" action="/search" method="post" style='display:inline;padding:0px;margin:0px;'>
<DIV id=head><TABLE>
<TR><TD><H2>All:&nbsp;</H2></TD>
<TD><input type="search" name="s_all" value="<?=$S['s_all']?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:300px;'></TD>
<TD style='padding-left:20px;'><? fieldsearch(1) ?></TD></TR>
<TR><TD><H2>ID:&nbsp;</H2></TD>
<TD><input type="search" name="s_id" value="<?=$S['s_id']?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:300px;'></TD>
<TD style='padding-left:20px;'><? fieldsearch(2) ?></TD></TR>
<TR><TD><H2>User: </H2></TD>
<TD><input type="search" name="s_usr" value="<?=$S['s_usr']?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:300px;'></TD>
<TD style='padding-left:20px;'><? fieldsearch(3) ?></TD></TR>
<TR><TD><H2>Filename: </H2></TD>
<TD><input type="search" name="s_fn" value="<?=$S['s_fn']?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:300px;'></TD>
<TD style='padding-left:20px;'><? fieldsearch(4) ?></TD></TR>
<TR><TD HEIGHT=8></TD></TR>
<TR><TD><H2>Json:&nbsp;</H2></TD>
<TD COLSPAN=3>
<INPUT type="search" name="s_json1" value="<?=$S['s_json1']?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:380px;'>
<DIV CLASS="select">
<SELECT NAME="s_op" class=select>
<OPTION VALUE='AND'<? if ($S['s_op']==='AND') echo " SELECTED";?>>AND</OPTION>
<OPTION VALUE='OR'<? if ($S['s_op']==='OR') echo " SELECTED";?>>OR</OPTION>
</SELECT>
<DIV class="select_arrow"></DIV>
</DIV>
<INPUT type="search" name="s_json2" value="<?=$S['s_json2']?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:380px;'>
</TD></TR>
<TR><TD HEIGHT=8></TD></TR>
<TR><TD><H2>Save As:</H2> </TD><TD colspan=2>
<input type="search" name="savesearchas" value="" style='text-align:left;width:250px;'>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<input type="submit" name="searchmode" value="SEARCH" class="button">
<input type="submit" name="searchmode" value="RESET" class="button">
</TD></TR>
</TABLE></DIV>
</form>
<BR>
<CENTER><H1>Search Results</H1></CENTER>
<TABLE WIDTH=100%>
<? if (!PM("/^\s*$/",$S['s_fn'])) { ?>
<TR><TH>Id</TH><TH>Filename</TH><TH></TH>
<TH WIDTH=5 style='text-align:center;'>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) distabentry($row,'filename') ?>
<? } else { ?>
<? if (PM("/^\s*$/",$S['s_json1']) && PM("/^\s*$/",$S['s_json2'])) { ?>
<TR><TH>Id</TH><TH>Project</TH><TH></TH><TH></TH>
<TH WIDTH=5 style='text-align:center;'>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) distabentry($row) ?>
<? } else { ?>
<TR><TH>Id</TH><TH>Project</TH>
<? if ($jmode==='json12') { ?><TH><?=$S['s_json1']?></TH><TH><?=$S['s_json2']?></TH><? } ?>
<? if ($jmode==='json1') { ?><TH><?=$S['s_json1']?></TH><? } ?>
<? if ($jmode==='json2') { ?><TH><?=$S['s_json2']?></TH><? } ?>
<TH></TH><TH></TH>
<TH WIDTH=5 style='text-align:center;'>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) distabentry($row,$jmode) ?>
<? } ?>
<? } ?>
</TABLE>
<P>
<? function fieldsearch($fn) { global $FSM,$ALLFIELDS,$S; // ------------------------------ search field macro ?>
<DIV CLASS="select">
<SELECT NAME="s_field<?=$fn?>" class=select>
<? foreach($ALLFIELDS as $field => $n) { ?>
<OPTION VALUE='<?= $field ?>' <? if ($field===$S['s_field'][$fn]) {?>SELECTED<?}?> ><?= SU($field) ?></OPTION>
<? } ?>
</SELECT> <DIV class="select_arrow"></DIV></DIV></TD>
<TD><input type="search" name="<?="s_key$fn"?>" value="<?=$S['s_key'][$fn]?>" onsearch="onsearchsearch(this)"
style='text-align:left;width:300px;'>
<? if ($fn<$FSM) { ?>
<DIV CLASS="select">
<SELECT NAME="s_fieldop<?=$fn?>" class=select>
<OPTION VALUE='AND'<? if ($S['s_fieldop'][$fn]==='AND') echo " SELECTED";?>>AND</OPTION>
<OPTION VALUE='OR'<? if ($S['s_fieldop'][$fn]==='OR') echo " SELECTED";?>>OR</OPTION>
</SELECT><DIV class="select_arrow"></DIV></DIV>
<? } ?>
</TD>
<? } ?>
<? include_once('footer.php'); ?>

47
src/send.php Normal file
View File

@ -0,0 +1,47 @@
<?
$NOCLEAN=true;require('./init.php');
[$catid,$docid]=iddecode(getpar('cdid'));
if (chkreadaccess($catid)) {
$sql="SELECT * FROM docs WHERE docid=$docid";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
$file="$DATA/$catid/$docid";
if (!is_null($row['fcatid']) && !is_null($row['fdocid'])) {
$file="$DATA/".$row['fcatid']."/".$row['fdocid'];
}
if (file_exists($file)) {
alog($catid,$docid,'send',$row['filename']);
header('Content-Type: ' . $row['mime']);
if ($row['mime']==='application/pdf') {
header('Content-Disposition: inline; filename="'.htmlentities($row['filename']).'"');
header('Content-Transfer-Encoding: binary');
header('Accept-Ranges: bytes');
ob_clean();ob_end_flush();flush();
readfile($file);
exit;
} else {
header('Content-Disposition: attachment; filename="'.htmlentities($row['filename']).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . $row['size']);
ob_clean();ob_end_flush();flush();
readfile($file);
exit;
}
}
}
}
?>

83
src/stats.php Normal file
View File

@ -0,0 +1,83 @@
<? include_once('init.php');include_once('header.php');subheader(); ?>
<?
if ($ROLE>=2) {
header("Location: /home");exit;
}
?>
<CENTER>
<H1>Recent Stats</H1>
<?
$U="ts between (CURDATE() - INTERVAL 1 MONTH ) and (CURDATE() + INTERVAL 1 DAY)";
$res=mydo($DB,"SELECT user,date(ts) AS d FROM log WHERE $U GROUP BY user,d ORDER BY d DESC;",1);
while($row = mysqli_fetch_assoc($res)) {
$DU[$row['d']]++;
$DATES[$row['d']]++;
}
$res=mydo($DB,"SELECT user FROM log GROUP BY user;",1);
while($row = mysqli_fetch_assoc($res)) $TDU++;
$res=mydo($DB,"SELECT *,date(ts) AS d FROM log WHERE action='savenew' AND $U",1);
while($row = mysqli_fetch_assoc($res)) {
$DN[$row['d']]++;
$DATES[$row['d']]++;
}
$res=mydo($DB,"SELECT * FROM log WHERE action='savenew'",1);
while($row = mysqli_fetch_assoc($res)) $TDN++;
$res=mydo($DB,"select *,date(ts) as d from log where action='upload' AND $U group by docid,d order by d",1);
while($row = mysqli_fetch_assoc($res)) {
$UL[$row['d']]++;
$DATES[$row['d']]++;
}
$res=mydo($DB,"select * from log where action='upload'",1);
while($row = mysqli_fetch_assoc($res)) $TUL++;
$res=mydo($DB,"select *,date(ts) as d from log where action='send' AND $U ORDER BY d",1);
while($row = mysqli_fetch_assoc($res)) {
$DL[$row['d']]++;
$DATES[$row['d']]++;
}
$res=mydo($DB,"select * from log where action='send'",1);
while($row = mysqli_fetch_assoc($res)) $TDL++;
?>
<TABLE>
<TR><TH>Date</TH><TH>User</TH><TH>New</TH><TH>Uploads</TH><TH>Downloads</TH></TR>
<? foreach($DATES as $d => $u) { ?>
<?
$t = date("d.m.Y", strtotime($d));
$dw = date('w', strtotime($d));
$col="#000000";if ($dw==0 || $dw==6) $col="#AA0000";
?>
<TR>
<TD ALIGN=center WIDTH=100><SPAN style=color:<?=$col?>;'><?= $t ?></TD>
<TD ALIGN=center WIDTH=100><?= $DU[$d] ?></TD>
<TD ALIGN=center WIDTH=100><?= $DN[$d] ?></TD>
<TD ALIGN=center WIDTH=100><?= $UL[$d] ?></TD>
<TD ALIGN=center WIDTH=100><?= $DL[$d] ?></TD>
</TR>
<? } ?>
</TABLE>
<P>
<H1>Total</H1>
<TABLE>
<TR><TH>Date</TH><TH>User</TH><TH>New</TH><TH>Uploads</TH><TH>Downloads</TH></TR>
<TR>
<TD ALIGN=center WIDTH=100>TOTAL</TD>
<TD ALIGN=center WIDTH=100><?= $TDU ?></TD>
<TD ALIGN=center WIDTH=100><?= $TDN ?></TD>
<TD ALIGN=center WIDTH=100><?= $TUL ?></TD>
<TD ALIGN=center WIDTH=100><?= $TDL ?></TD>
</TR>
</TABLE></CENTER>
<? include_once('footer.php'); ?>

357
src/style.css Normal file
View File

@ -0,0 +1,357 @@
input[type="password"],input[type="text"],textarea {
background-color:#D8D8D8;
border:0px;
border-radius:6px;
padding-left:8px;
padding-right:8px;
}
input[type="search"] {
background-color:#D8D8D8;
border:0px;
border-radius:6px;
padding-left:8px;
padding-right:8px;
height:20px;
margin-top:2px;
margin-bottom:2px;
}
input.mand {
background-color:#FFD8D8;
}
textarea.mand {
background-color:#FFD8D8;
}
body {
background-color:#FFFFFF;color:#222222;
margin:20px;
font-size: 11pt;font-family: sans-serif;
}
img {
border: none;
}
a {
color: #0433D9;text-decoration: none;
}
a:hover {
color: #0433D9;text-decoration: underline;
}
#tags a {
color: #5422cc;text-decoration: none;
}
#tags a:hover {
color: #5422cc;text-decoration: underline;
}
textarea,input,search,form {
font-size: 12pt;font-family: sans-serif;
}
h1 {
white-space:nowrap;
font-size:135%;
font-weight:500;
margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;
color:#356;
display: inline;
}
h2 {
white-space:nowrap;
font-size:100%;
margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;
color:#356;
display: inline;
}
h3 {
white-space:nowrap;
font-size:90%;
margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;
color:#356;
display: inline;
}
hr {
border: 0px;width: 100%;
border-top: 0px solid;border-left: 0px solid;
border-right: 0px solid;border-bottom: 0px solid;
background-color: #DDD;
height:1px;margin-top:5px;margin-bottom:5px;
}
table {
border-width: 1px;
border-spacing: 0px;
border-style: solid;
border-color: #ccc;
border-collapse: collapse;
background-color: white;
}
th {
vertical-align:center;
border-width: 1px;
border-style: solid;
border-color: #ccc;
background-color: #eee;
padding:0px;
padding-left:6px;
padding-right:6px;
}
td {
vertical-align:center;
border-width: 1px;
border-style: solid;
border-color: #ccc;
background-color: white;
padding:0px;
padding-top:1px;
padding-bottom:1px;
padding-left:6px;
padding-right:6px;
}
#head table {
vertical-align:center;
border-width: 0px;
border-spacing: 0px;
border-style: none;
border-collapse: collapse;
background-color: white;
}
#head td {
vertical-align:center;
border-width: 0px;
padding: 0px;
border-style: none;
background-color: white;
padding:1px;
}
p {
margin-top:15px;
margin-bottom:15px;
}
/*
.select {
-moz-appearance: none;
-webkit-appearance: none;
background:linear-gradient(to bottom, #3b5464 5%, #3b5464 100%);
background-color:#3b5464;
border-radius:6px;
border:0px;
display:inline-block;
color:#ffffff;
font-family:sans-serif;
font-size:12px;
padding:1px 10px 0px 10px;
text-decoration:none;
}
*/
.select {
position: relative;
display: inline-block;
margin-bottom: 0px;
}
.select select {
font-family:sans-serif;
display: inline-block;
width: 100%;
cursor: pointer;
padding: 2px 28px 2px 12px;
outline: 0;
border: 0px;
border-radius: 8px;
background: #3b5464;
color: #ffffff;
appearance: none;
-webkit-appearance: none;
-moz-appearance: none;
}
.select select::-ms-expand {
display: none;
}
.select select:hover,
.select select:focus {
color: #FFFFFF;
background: #3b5464;
}
.select select:disabled {
opacity: 0.5;
pointer-events: none;
}
.select_arrow {
position: absolute;
top: 6px;
right: 9px;
pointer-events: none;
border-style: solid;
border-width: 8px 5px 0px 5px;
border-color: #ffffff transparent transparent transparent;
}
.select select:hover ~ .select_arrow,
.select select:focus ~ .select_arrow {
border-top-color: #ffffff;
}
.select select:disabled ~ .select_arrow {
border-top-color: #ffffff;
}
.minibutton {
-webkit-border-radius: 14;
-moz-border-radius: 14;
border-radius: 14px;
font-family: Arial;
color: #ffffff;
font-size: 10px;
background: #3b5464;
background-image: -webkit-linear-gradient(top, #3b5464, #3b5464);
background-image: -moz-linear-gradient(top, #3b5464, #3b5464);
background-image: -ms-linear-gradient(top, #3b5464, #3b5464);
background-image: -o-linear-gradient(top, #3b5464, #3b5464);
background-image: linear-gradient(to bottom, #3b5464, #3b5464);
padding: 1px 6px 0px 6px;
text-decoration: none;
border:0px;
}
.minibutton:hover {
background-image: -webkit-linear-gradient(top, #4B6B7F, #4B6B7F);
background-image: -moz-linear-gradient(top, #4B6B7F, #4B6B7F);
background-image: -ms-linear-gradient(top, #4B6B7F, #4B6B7F);
background-image: -o-linear-gradient(top, #4B6B7F, #4B6B7F);
background-image: linear-gradient(to bottom, #4B6B7F, #4B6B7F);
background-color:#4B6B7F;
color: #FFFFFF;
text-decoration: none;
}
.abutton {
-webkit-border-radius: 14;
-moz-border-radius: 14;
border-radius: 14px;
font-family: Arial;
color: #ffffff;
font-size: 12px;
background: #3b5464;
background-image: -webkit-linear-gradient(top, #6D45A7, #6D45A7);
background-image: -moz-linear-gradient(top, #6D45A7, #6D45A7);
background-image: -ms-linear-gradient(top, #6D45A7, #6D45A7);
background-image: -o-linear-gradient(top, #6D45A7, #6D45A7);
background-image: linear-gradient(to bottom, #6D45A7, #6D45A7);
padding: 1px 8px 0px 8px;
text-decoration: none;
border:0px;
}
.abutton:hover {
background-image: -webkit-linear-gradient(top, #6D45A7, #6D45A7);
background-image: -moz-linear-gradient(top, #6D45A7, #6D45A7);
background-image: -ms-linear-gradient(top, #6D45A7, #6D45A7);
background-image: -o-linear-gradient(top, #6D45A7, #6D45A7);
background-image: linear-gradient(to bottom, #6D45A7, #6D45A7);
background-color:#4B6B7F;
color: #FFFFFF;
text-decoration: none;
}
.button {
-webkit-border-radius: 14;
-moz-border-radius: 14;
border-radius: 14px;
font-family: Arial;
color: #ffffff;
font-size: 12px;
background: #3b5464;
background-image: -webkit-linear-gradient(top, #3b5464, #3b5464);
background-image: -moz-linear-gradient(top, #3b5464, #3b5464);
background-image: -ms-linear-gradient(top, #3b5464, #3b5464);
background-image: -o-linear-gradient(top, #3b5464, #3b5464);
background-image: linear-gradient(to bottom, #3b5464, #3b5464);
padding: 1px 8px 0px 8px;
text-decoration: none;
border:0px;
}
.button:hover {
background-image: -webkit-linear-gradient(top, #4B6B7F, #4B6B7F);
background-image: -moz-linear-gradient(top, #4B6B7F, #4B6B7F);
background-image: -ms-linear-gradient(top, #4B6B7F, #4B6B7F);
background-image: -o-linear-gradient(top, #4B6B7F, #4B6B7F);
background-image: linear-gradient(to bottom, #4B6B7F, #4B6B7F);
background-color:#4B6B7F;
color: #FFFFFF;
text-decoration: none;
}
.ubutton {
-webkit-border-radius: 14;
-moz-border-radius: 14;
border-radius: 14px;
font-family: Arial;
color: #ffffff;
font-size: 12px;
background: #bbbbbb;
background-image: -webkit-linear-gradient(top, #bbb, #bbb);
background-image: -moz-linear-gradient(top, #bbb, #bbb);
background-image: -ms-linear-gradient(top, #bbb, #bbb);
background-image: -o-linear-gradient(top, #bbb, #bbb);
background-image: linear-gradient(to bottom, #bbb, #bbb);
padding: 1px 8px 0px 8px;
text-decoration: none;
border:0px;
}
.ubutton:hover {
background-image: -webkit-linear-gradient(top, #aaa, #aaa);
background-image: -moz-linear-gradient(top, #aaa, #aaa);
background-image: -ms-linear-gradient(top, #aaa, #aaa);
background-image: -o-linear-gradient(top, #aaa, #aaa);
background-image: linear-gradient(to bottom, #aaa, #aaa);
background-color:#aaa;
color: #FFFFFF;
text-decoration: none;
}
.xbutton {
-webkit-border-radius: 14;
-moz-border-radius: 14;
border-radius: 14px;
font-family: Arial;
color: #ffffff;
font-size: 12px;
background: #fe6e66;
background-image: -webkit-linear-gradient(top, #fe6e66, #fe6e66);
background-image: -moz-linear-gradient(top, #fe6e66, #fe6e66);
background-image: -ms-linear-gradient(top, #fe6e66, #fe6e66);
background-image: -o-linear-gradient(top, #fe6e66, #fe6e66);
background-image: linear-gradient(to bottom, #fe6e66, #fe6e66);
padding: 1px 8px 0px 8px;
text-decoration: none;
border:0px;
}
.icon {
padding: 0px 3px 0px 3px;
}
@media only screen and (max-width: 600px) {
h3 {
white-space:nowrap;
font-size:170%;
margin-top:0px;margin-bottom:0px;margin-left:0px;margin-right:0px;
color:#356;
display: inline;
}
}

119
src/tags.php Normal file
View File

@ -0,0 +1,119 @@
<?
include_once('init.php');include_once('header.php');subheader();
if (isset($_POST['tag']) || isset($_GET['tag'])) $_SESSION['tag']=getpar('tag');
$tag=$_SESSION['tag'];
$page=getpar('page');
if (PM("/^\s*$/",$_SESSION['currentoffset'])) $_SESSION['currentoffset']=0;
if ($page==='NEXT') $_SESSION['currentoffset']+=100;
else if ($page==='PREV') $_SESSION['currentoffset']-=100;
if (getpar('postform')==1) {
header("Location: /tags");exit;
}
$sql="SELECT tag,count(*) FROM tags GROUP BY tag ORDER BY tag";
$res=mydo($DB,$sql,1);
while($row = mysqli_fetch_assoc($res)) {
$tmp=$row['tag'];
if (SL($tmp)===SL($tag)) $TL.="<A HREF=\"/tag/$tmp\"><B>$tmp</B></A> ";
else $TL.="<A id=tags HREF=\"/tag/$tmp\">$tmp</A> ";
}
$sql="SELECT *,SUM(31-(UNIX_TIMESTAMP(now())-UNIX_TIMESTAMP(ts))/86400) AS dt ".
"FROM tags GROUP BY tag ORDER BY dt DESC LIMIT 10;";
$res=mydo($DB,$sql,1);
while($row = mysqli_fetch_assoc($res)) {
$tmp=$row['tag'];
if (SL($tmp)===SL($tag)) $TRL.="<A HREF=\"/tag/$tmp\"><B>$tmp</B></A> ";
else $TRL.="<A id=tags HREF=\"/tag/$tmp\">$tmp</A> ";
}
if (PM("/^\w+$/",$tag)) {
$ip=$_SERVER['REMOTE_ADDR'];
mydo($DB,"INSERT INTO taglog set id=0,ts=now(),ip='$ip',tag='$tag'",1);
}
$sql="SELECT count(*) AS c FROM tags,cat WHERE $ACCESSQL AND cat.id=tags.id AND tag='$tag' ";
$res=mydo($DB,$sql,1);
$row = mysqli_fetch_assoc($res);
$numrows=$row['c'];
if ($_SESSION['currentoffset']<0) $_SESSION['currentoffset']=0;
if ($_SESSION['currentoffset']>$numrows) $_SESSION['currentoffset']=0;
$sql="SELECT * FROM tags,cat WHERE $ACCESSQL AND cat.id=tags.id AND tag='$tag' group by cat.id";
$res=mydo($DB,$sql,1);
?>
<DIV id=head>
<FORM action="/tag" method="post">
<TABLE WIDTH=100%>
<TR><TD VALIGN=top><H2>Trending:</H2>
<SPAN style='font-size:120%;'><SPAN id=tags><?= $TRL ?></SPAN></SPAN></TD></TR>
<TR><TD HEIGHT=8></TD></TR>
<TR><TD VALIGN=top><H2>All Tags:</H2>
<SPAN style='font-size:120%;'><SPAN id=tags><?= $TL ?></SPAN></SPAN></TD></TR>
</TABLE></FORM></DIV>
<P>
<H2>Results:</H2>
<TABLE WIDTH=100%>
<TR><TH>Id</TH><TH>Project</TH><TH></TH><TH></TH>
<TH WIDTH=5 style='text-align:center;'>Action</TH></TR>
<? while($row = mysqli_fetch_assoc($res)) tagstabentry($row) ?>
</TABLE>
<P>
<? // ----------------------------------------------------------------------------------------- edit table entry
function tagstabentry($row,$mode='default') {
global $PROJECTS;
?>
<TR>
<TD WIDTH=5><A HREF="/<?= $row['id'] ?>"><?= $row['id'] ?></A></TD>
<TD WIDTH=5 style='font-size:80%'><?= $PROJECTS[$row['project']] ?></TD>
<? if (PM("/filename/",$mode)) { ?>
<TD ALIGN=center><?= $row['filename'] ?></TD>
<? } ?>
<? if (PM("/s_json/",$mode)) { ?>
<TD ALIGN=center><?= $row['s_json'] ?></TD>
<? } ?>
<TD><?= AL($row['f0']) ?></TD>
<TD><?= AL($row['f1']) ?></TD>
<TD ALIGN=center style="white-space:nowrap">
<? if (chkeditaccess($row)) { ?>
<A HREF="/<?= $row['id'] ?>/edit" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Edit' SRC="/img/pencil.png"></A>
<A HREF="/<?= $row['id'] ?>/copy" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Copy' SRC="/img/copy.png"></A>
<? if ($mode==='bookmark') { ?>
<A HREF="/delbookmark/<?= $row['bid'] ?>" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Delete' SRC="/img/trash.png"></A>
<? } else { ?>
<A HREF="/<?= $row['id'] ?>/bookmark" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Bookmark' SRC="/img/bookmark.png"></A>
<? } ?>
<? if ($mode==='default') { ?>
<A HREF="/<?= $row['id'] ?>/delete"
onclick="return confirm('Delete this entry (<?=$row['id']?>) ?')" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Delete' SRC="/img/trash.png"></A>
<? } ?>
<? } ?>
<? if ($row['fixed']==1) { ?>
<IMG HEIGHT=14 TITLE='' SRC="/img/lock_grey.png">
<? } ?>
</TR>
<? } ?>
<? include_once('footer.php'); ?>

279
src/tools.php Normal file
View File

@ -0,0 +1,279 @@
<? function distabentry($row,$mode='default') { global $PROJECTS; // ----------------------- edit table entry ?>
<TR>
<TD WIDTH=5 VALIGN=top><A HREF="/<?= $row['id'] ?>"><?= $row['id'] ?></A></TD>
<? if (!PM("/filename/",$mode)) { ?>
<TD WIDTH=5 VALIGN=top style='font-size:80%;padding-top:3px;'><?= $PROJECTS[$row['project']] ?></TD>
<? } ?>
<? if (PM("/filename/",$mode)) { ?>
<TD VALIGN=top ALIGN=left><?= $row['filename'] ?></TD>
<? } ?>
<? if ($mode==='json1') { ?>
<TD VALIGN=top ALIGN=center><?= $row['s_json1'] ?></TD>
<? } ?>
<? if ($mode==='json2') { ?>
<TD VALIGN=top ALIGN=center><?= $row['s_json2'] ?></TD>
<? } ?>
<? if ($mode==='json12') { ?>
<TD VALIGN=top ALIGN=center><?= $row['s_json1'] ?></TD>
<TD VALIGN=top ALIGN=center><?= $row['s_json2'] ?></TD>
<? } ?>
<TD VALIGN=top><?= AL($row['f0']) ?></TD>
<? if (!PM("/filename/",$mode)) { ?>
<TD VALIGN=top><?= AL($row['f1']) ?></TD>
<? } ?>
<TD VALIGN=center ALIGN=center style="white-space:nowrap">
<? if (chkeditaccess($row)) { ?>
<A HREF="/<?= $row['id'] ?>/edit" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Edit' SRC="/img/pencil.png"></A>
<A HREF="/<?= $row['id'] ?>/copy" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Copy' SRC="/img/copy.png"></A>
<? if ($mode==='bookmark') { ?>
<A HREF="/delbookmark/<?= $row['bid'] ?>" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Delete' SRC="/img/trash.png"></A>
<? } else { ?>
<A HREF="/<?= $row['id'] ?>/bookmark" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Bookmark' SRC="/img/bookmark.png"></A>
<? } ?>
<? if ($mode==='default') { ?>
<A HREF="/<?= $row['id'] ?>/delete"
onclick="return confirm('Delete this entry (<?=$row['id']?>) ?')" CLASS='icon'>
<IMG HEIGHT=14 TITLE='Delete' SRC="/img/trash.png"></A>
<? } ?>
<? } ?>
<? if ($row['fixed']==1) { ?>
<IMG HEIGHT=14 TITLE='' SRC="/img/lock_grey.png">
<? } ?>
</TD>
</TR>
<? } ?>
<? function userinfo() { global $USER,$ROLENAMES,$USERTYPE,$ROLENAMES,$ROLE; // -------------------- userinfo ?>
<? if(isset($_SESSION['username'])) { ?>
<? if($_SESSION['usertype']!=='oa') { ?>
<I>User: <? echo $USER ?></I>
&nbsp;
<I>Role: <? echo $ROLENAMES[$ROLE] ?></I>
&nbsp;
<I>Type: <? echo $USERTYPE ?></I>
<? } else { ?>
&nbsp;
<I>Role: <? echo $ROLENAMES[$ROLE] ?></I>
<? } ?>
<? } ?>
<? } ?>
<?
function saveprefs($name,$prefs,$type='') { global $DB,$USER; // ---------------------------------- save prefs
mydo($DB,"DELETE FROM prefs WHERE user='$USER' AND type='$type' AND name='".
mysqli_escape_string($DB,$name)."'");
mydo($DB,"INSERT INTO prefs SET pid=0,user='$USER',ts=now(),".
"type='$type',name='".mysqli_escape_string($DB,$name)."',".
"prefs='".json_encode($prefs,JSON_UNESCAPED_UNICODE)."'");
return(mysqli_insert_id($DB));
}
function loadprefs($id,$type='') { global $DB,$USER; // ------------------------------------------- load prefs
$row=myrow($DB,"SELECT * from prefs WHERE pid=$id AND type='search'",1);
return(json_decode($row['prefs'],1));
}
function AL($str) { // ----------------------------------------------------------------------------- add links
global $IDPAT;
$str=PR("/#([A-Za-z]+\w+)\b/","<SPAN id=tags><A HREF=\"/tag/$1\">#$1</A></SPAN>",$str);
$str=PR("/\b(https*:\/\/[^\b]+)\b/","<A HREF=\"$1\">$1</A>",$str);
$str=PR("/\b([$IDPAT]\d\d\d\d\d+)\b/","<A HREF=\"/$1\">$1</A>",$str);
$str=PR("/\/search\/(\d+)/","<A HREF=\"/search/$1\">/search/$1</A>",$str);
return($str);
}
function alog($id,$docid,$action,$comment="") { // ----------------------------------------------- log history
global $ROLE,$USER,$DB,$TAG;
$ip=$_SERVER['REMOTE_ADDR'];
$src=$_SERVER['REQUEST_URI'];
mydo($DB,"INSERT INTO log SET id='$id',docid=$docid,tag='$TAG',user='$USER',role=$ROLE,".
"ip='$ip',ts=now(),src='$src',action='$action',comment='".
mysqli_real_escape_string($DB,$comment)."'",1);
$tmp="LOG: $action, $id";
if ($docid!=0) $tmp.="/$docid";
if (!PM("/^\s*$/",$comment)) $tmp.=", $comment";
phplog($tmp,'log');
}
function idencode($cid,$did) { // --------------------------------------------------------- encode catid/docid
return gmp_strval(gmp_init(sprintf("%02d%08d",intval(rand(11,99)),$cid),10),62).
gmp_strval(gmp_init(sprintf("%02d%08d",intval(rand(11,99)),$did),10),62);
}
function iddecode($cdid) { // ------------------------------------------------------------- decode catid/docid
$c= gmp_strval(gmp_init( substr($cdid,0,6), 62), 10);
$d= gmp_strval(gmp_init( substr($cdid,-6), 62), 10);
return([intval(substr($c,-8)),intval(substr($d,-8))]);
}
function catidfromid($id) { // ------------------------------------------------------------- get catid from id
global $DB,$ACCESSQL,$TCHR;
if (preg_match("/([A-Z])(\d+)/",SU($id),$M)) {
$key = array_search ($M[1], $TCHR);
$sql="SELECT * FROM cat WHERE typeid=$M[2] and type='$key'";
if (!PM("/^\s*$/",$ACCESSQL)) $sql.=" AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows =mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
return $row['catid'];
}
}
return -1;
}
function idfromcatid($catid) { // ---------------------------------------------------------- get id from catid
global $DB,$ACCESSQL,$TCHR;
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
$res=mydo($DB,$sql,1);
$numrows=mysqli_num_rows($res);
if ($numrows==1) {
$row = mysqli_fetch_assoc($res);
return $TCHR[$row['type']].$row['typeid'];
}
return "";
}
function id62($length = 16) { // generate base 62 uniq id
return substr(gmp_strval(gmp_random_bits(8*$length),62),-$length);
}
function formsize($b) { // ------------------------------------------------------------------ format file size
if ($b>1024*1024*1024*1024) {
$s=sprintf("%.1f Tb",$b/1024/1024/1024/1024);
} elseif ($b>1024*1024*1024) {
$s=sprintf("%.1f Gb",$b/1024/1024/1024);
} elseif ($b>1024*1024) {
$s=sprintf("%.1f Mb",$b/1024/1024);
} elseif ($b>1024) {
$s=sprintf("%.1f Kb",$b/1024);
} else {
$s=sprintf("%.0f b",$b);
}
return $s;
}
function mydo($db,$sql,$quiet=0) { // ------------------------------------------------------------ mysql query
if (!$quiet) phplog($sql,'sql');
$res=mysqli_query($db,$sql);
myerr($db,$sql);
return $res;
}
function myrow($db,$sql) { // ------------------------------------------------- get one row mysql query result
if (!$quiet) phplog($sql,'sql');
$res=mysqli_query($db,$sql);
myerr($db,$sql);
$row=mysqli_fetch_assoc($res);
return $row;
}
function myerr($db,$sql) { // --------------------------------------------------------------- show mysql error
if (mysqli_errno($db)!=0) {
echo '<BR><font color=#700099 style=\'font-size:12pt;\'><tt><B>MySQL error: </B>' .
mysqli_error($db) . '</tt></font>';
phplog(mysqli_error($db),'error');
exit;
}
}
function getpar($name) { // ------------------------------------------------------- get POST/GET value by name
if (isset($_POST[$name])) return $_POST[$name];
if (isset($_GET[$name])) return $_GET[$name];
return '';
}
function shortstr($str,$len) { // --------------------------------------------------------------- short string
if (strlen($str)>$len) {
return substr($str,0,$len-2)."..";
} else {
return $str;
}
}
function phplog($msg,$type='info',$debuglevel=1) { // ------------------------------------------ write php log
global $PHPLOG,$TAG,$USER,$DEBUG;
if ($DEBUG>=$debuglevel) {
$ip=$_SERVER['REMOTE_ADDR'];
$url=$_SERVER['REQUEST_URI'];
if (PM("/^\s*$/",$msg)) {
error_log(date("Y-m-d H:i:s")."|$type|$TAG|$ip|$USER|$url\n", 3,$PHPLOG);
} else {
error_log(date("Y-m-d H:i:s")."|$type|$TAG|$ip|$USER|$url|$msg\n", 3,$PHPLOG);
}
}
}
function HSC($str) { // -------------------------------------------------------- shortcut for htmlspecialchars
return htmlspecialchars($str);
}
function SU($str) { // --------------------------------------------------------------- shortcut for strtoupper
return strtoupper($str);
}
function SL($str) { // --------------------------------------------------------------- shortcut for strtolower
return strtolower($str);
}
function PM($pattern,$str) { // ------------------------------------------------------ shortcut for preg_match
return preg_match($pattern,$str);
}
function PR($pattern,$replace,$str) { // ------------------------------------------- shortcut for preg_replace
return preg_replace($pattern,$replace,$str);
}
function EM($str) { // --------------------------------------------------------------- check from empty string
if (preg_match("/^\s*$/",$str)) return TRUE;
else return FALSE;
}
function DF($str) { // ------------------------------------------------------------------------- date formater
$t=$str;
if (preg_match('/\b(\d+)\s*\.\s*(\d+)\s*\.\s*(\d+)\b/',$str,$m)) {
if ($m[3]<100) $m[3]+=2000;
$r=sprintf("%02d.%02d.%04d",$m[1],$m[2],$m[3]);
$t=preg_replace('/\b(\d+)\s*\.\s*(\d+)\s*\.\s*(\d+)\b/', $r, $str);
} else if (preg_match('/\b(\d+)\s*\.\s*(\d+)\b/',$str,$m)) {
$r=sprintf("%02d.%02d.%04d",$m[1],$m[2],date("Y"));
$t= preg_replace('/\b(\d+)\s*\.\s*(\d+)\b/', $r, $str);
}
$r = array( // ''=>'',
'montag'=>'monday','dienstag'=>'tuesday','mittwoch'=>'wednesday','donnerstag'=>'thursday',
'freitag'=>'friday','samstag'=>'saturday','sonntag'=>'sunday','mo'=>'monday','di'=>'tuesday',
'mi'=>'wednesday','do'=>'thursday','fr'=>'friday','sa'=>'saturday','so'=>'sunday','stunden*'=>'hour',
'erster'=>'first','zweiter'=>'second','dritter'=>'third','vierter'=>'fourth','fŸnfter'=>'fifth',
'sechster'=>'sixth','siebenter'=>'seventh','achter'=>'eighth','neunter'=>'ninth','zehnter'=>'tenth',
'elfter'=>'eleventh','zwšlfter'=>'twelfth','nŠchster*'=>'next','dez'=>'dec','letzter'=>'last',
'vorheriger'=>'previous','dieser'=>'this','okt'=>'oct','gestern'=>'yesterday','heute'=>'today',
'morgen'=>'tomorrow','jetzt'=>'now','januar'=>'January','februar'=>'February','mŠrz'=>'march',
'mai'=>'may','juni'=>'june','juli'=>'july','oktober'=>'october','dezember'=>'december','tage*'=>'day',
'monate*'=>'months','wochen*'=>'weeks','jahre*'=>'years','sekunden*'=>'sec','minuten*'=>'min'
);
foreach($r as $rf => $rt) $t=preg_replace("/\b$rf\b/i",$rt,$t);
if (strtotime($t)) {
$d = date("Y-m-d", strtotime($t));
return $d;
}
return "";
}
?>

17
src/uploadcopy.php Normal file
View File

@ -0,0 +1,17 @@
<?
include_once('init.php');
$upid=$_POST['upid'];
if (!empty($_FILES)) {
$fnid=md5($_FILES['file']['name']);
mydo($DB,"INSERT INTO tmp SET id='$fnid',value='".
mysqli_escape_string($DB,$_FILES['file']['name'])."',ts=now()");
$n=sprintf("%04d",$_POST['dzchunkindex']);
$file = $_FILES['file']['tmp_name'];
move_uploaded_file($file,"$TMP/$upid-$n-$fnid");
}
?>

469
support/dropzone.css Normal file
View File

@ -0,0 +1,469 @@
@-webkit-keyframes passing-through {
0% {
opacity: 0;
-webkit-transform: translateY(40px);
-moz-transform: translateY(40px);
-ms-transform: translateY(40px);
-o-transform: translateY(40px);
transform: translateY(40px);
}
30%, 70% {
opacity: 1;
-webkit-transform: translateY(0px);
-moz-transform: translateY(0px);
-ms-transform: translateY(0px);
-o-transform: translateY(0px);
transform: translateY(0px);
}
100% {
opacity: 0;
-webkit-transform: translateY(-40px);
-moz-transform: translateY(-40px);
-ms-transform: translateY(-40px);
-o-transform: translateY(-40px);
transform: translateY(-40px);
}
}
@-moz-keyframes passing-through {
0% {
opacity: 0;
-webkit-transform: translateY(40px);
-moz-transform: translateY(40px);
-ms-transform: translateY(40px);
-o-transform: translateY(40px);
transform: translateY(40px);
}
30%, 70% {
opacity: 1;
-webkit-transform: translateY(0px);
-moz-transform: translateY(0px);
-ms-transform: translateY(0px);
-o-transform: translateY(0px);
transform: translateY(0px);
}
100% {
opacity: 0;
-webkit-transform: translateY(-40px);
-moz-transform: translateY(-40px);
-ms-transform: translateY(-40px);
-o-transform: translateY(-40px);
transform: translateY(-40px);
}
}
@keyframes passing-through {
0% {
opacity: 0;
-webkit-transform: translateY(40px);
-moz-transform: translateY(40px);
-ms-transform: translateY(40px);
-o-transform: translateY(40px);
transform: translateY(40px);
}
30%, 70% {
opacity: 1;
-webkit-transform: translateY(0px);
-moz-transform: translateY(0px);
-ms-transform: translateY(0px);
-o-transform: translateY(0px);
transform: translateY(0px);
}
100% {
opacity: 0;
-webkit-transform: translateY(-40px);
-moz-transform: translateY(-40px);
-ms-transform: translateY(-40px);
-o-transform: translateY(-40px);
transform: translateY(-40px);
}
}
@-webkit-keyframes slide-in {
0% {
opacity: 0;
-webkit-transform: translateY(40px);
-moz-transform: translateY(40px);
-ms-transform: translateY(40px);
-o-transform: translateY(40px);
transform: translateY(40px);
}
30% {
opacity: 1;
-webkit-transform: translateY(0px);
-moz-transform: translateY(0px);
-ms-transform: translateY(0px);
-o-transform: translateY(0px);
transform: translateY(0px);
}
}
@-moz-keyframes slide-in {
0% {
opacity: 0;
-webkit-transform: translateY(40px);
-moz-transform: translateY(40px);
-ms-transform: translateY(40px);
-o-transform: translateY(40px);
transform: translateY(40px);
}
30% {
opacity: 1;
-webkit-transform: translateY(0px);
-moz-transform: translateY(0px);
-ms-transform: translateY(0px);
-o-transform: translateY(0px);
transform: translateY(0px);
}
}
@keyframes slide-in {
0% {
opacity: 0;
-webkit-transform: translateY(40px);
-moz-transform: translateY(40px);
-ms-transform: translateY(40px);
-o-transform: translateY(40px);
transform: translateY(40px);
}
30% {
opacity: 1;
-webkit-transform: translateY(0px);
-moz-transform: translateY(0px);
-ms-transform: translateY(0px);
-o-transform: translateY(0px);
transform: translateY(0px);
}
}
@-webkit-keyframes pulse {
0% {
-webkit-transform: scale(1);
-moz-transform: scale(1);
-ms-transform: scale(1);
-o-transform: scale(1);
transform: scale(1);
}
10% {
-webkit-transform: scale(1.1);
-moz-transform: scale(1.1);
-ms-transform: scale(1.1);
-o-transform: scale(1.1);
transform: scale(1.1);
}
20% {
-webkit-transform: scale(1);
-moz-transform: scale(1);
-ms-transform: scale(1);
-o-transform: scale(1);
transform: scale(1);
}
}
@-moz-keyframes pulse {
0% {
-webkit-transform: scale(1);
-moz-transform: scale(1);
-ms-transform: scale(1);
-o-transform: scale(1);
transform: scale(1);
}
10% {
-webkit-transform: scale(1.1);
-moz-transform: scale(1.1);
-ms-transform: scale(1.1);
-o-transform: scale(1.1);
transform: scale(1.1);
}
20% {
-webkit-transform: scale(1);
-moz-transform: scale(1);
-ms-transform: scale(1);
-o-transform: scale(1);
transform: scale(1);
}
}
@keyframes pulse {
0% {
-webkit-transform: scale(1);
-moz-transform: scale(1);
-ms-transform: scale(1);
-o-transform: scale(1);
transform: scale(1);
}
10% {
-webkit-transform: scale(1.1);
-moz-transform: scale(1.1);
-ms-transform: scale(1.1);
-o-transform: scale(1.1);
transform: scale(1.1);
}
20% {
-webkit-transform: scale(1);
-moz-transform: scale(1);
-ms-transform: scale(1);
-o-transform: scale(1);
transform: scale(1);
}
}
.dropzone, .dropzone * {
box-sizing: border-box;
}
.dropzone {
min-height: 0px;
border: 1px solid rgba(128, 128, 128, 0.3);
background: white;
padding: 20px 20px;
}
.dropzone.dz-clickable {
cursor: pointer;
}
.dropzone.dz-clickable * {
cursor: default;
}
.dropzone.dz-clickable .dz-message, .dropzone.dz-clickable .dz-message * {
cursor: pointer;
}
.dropzone.dz-started .dz-message {
display: none;
}
.dropzone.dz-drag-hover {
border-style: solid;
}
.dropzone.dz-drag-hover .dz-message {
opacity: 0.5;
}
.dropzone .dz-message {
text-align: center;
color: #999;
margin: 0em 0;
}
.dropzone .dz-message .dz-button {
background: none;
color: inherit;
border: none;
padding: 0;
font: inherit;
cursor: pointer;
outline: inherit;
}
.dropzone .dz-preview {
position: relative;
display: inline-block;
vertical-align: top;
margin: 16px;
min-height: 100px;
}
.dropzone .dz-preview:hover {
z-index: 1000;
}
.dropzone .dz-preview:hover .dz-details {
opacity: 1;
}
.dropzone .dz-preview.dz-file-preview .dz-image {
border-radius: 20px;
background: #999;
background: linear-gradient(to bottom, #eee, #ddd);
}
.dropzone .dz-preview.dz-file-preview .dz-details {
opacity: 1;
}
.dropzone .dz-preview.dz-image-preview {
background: white;
}
.dropzone .dz-preview.dz-image-preview .dz-details {
-webkit-transition: opacity 0.2s linear;
-moz-transition: opacity 0.2s linear;
-ms-transition: opacity 0.2s linear;
-o-transition: opacity 0.2s linear;
transition: opacity 0.2s linear;
}
.dropzone .dz-preview .dz-remove {
font-size: 14px;
text-align: center;
display: block;
cursor: pointer;
border: none;
}
.dropzone .dz-preview .dz-remove:hover {
text-decoration: underline;
}
.dropzone .dz-preview:hover .dz-details {
opacity: 1;
}
.dropzone .dz-preview .dz-details {
z-index: 20;
position: absolute;
top: 0;
left: 0;
opacity: 0;
font-size: 13px;
min-width: 100%;
max-width: 100%;
padding: 2em 1em;
text-align: center;
color: rgba(0, 0, 0, 0.9);
line-height: 150%;
}
.dropzone .dz-preview .dz-details .dz-size {
margin-bottom: 1em;
font-size: 12px;
}
.dropzone .dz-preview .dz-details .dz-filename {
white-space: nowrap;
}
.dropzone .dz-preview .dz-details .dz-filename:hover span {
border: 1px solid rgba(200, 200, 200, 0.8);
background-color: rgba(255, 255, 255, 0.8);
}
.dropzone .dz-preview .dz-details .dz-filename:not(:hover) {
overflow: hidden;
text-overflow: ellipsis;
}
.dropzone .dz-preview .dz-details .dz-filename:not(:hover) span {
border: 1px solid transparent;
}
.dropzone .dz-preview .dz-details .dz-filename span, .dropzone .dz-preview .dz-details .dz-size span {
background-color: rgba(255, 255, 255, 0.4);
padding: 0 0.4em;
border-radius: 3px;
}
.dropzone .dz-preview:hover .dz-image img {
-webkit-transform: scale(1.05, 1.05);
-moz-transform: scale(1.05, 1.05);
-ms-transform: scale(1.05, 1.05);
-o-transform: scale(1.05, 1.05);
transform: scale(1.05, 1.05);
-webkit-filter: blur(8px);
filter: blur(8px);
}
.dropzone .dz-preview .dz-image {
border-radius: 20px;
overflow: hidden;
width: 120px;
height: 120px;
position: relative;
display: block;
z-index: 10;
}
.dropzone .dz-preview .dz-image img {
display: block;
}
.dropzone .dz-preview.dz-success .dz-success-mark {
-webkit-animation: passing-through 3s cubic-bezier(0.77, 0, 0.175, 1);
-moz-animation: passing-through 3s cubic-bezier(0.77, 0, 0.175, 1);
-ms-animation: passing-through 3s cubic-bezier(0.77, 0, 0.175, 1);
-o-animation: passing-through 3s cubic-bezier(0.77, 0, 0.175, 1);
animation: passing-through 3s cubic-bezier(0.77, 0, 0.175, 1);
}
.dropzone .dz-preview.dz-error .dz-error-mark {
opacity: 1;
-webkit-animation: slide-in 3s cubic-bezier(0.77, 0, 0.175, 1);
-moz-animation: slide-in 3s cubic-bezier(0.77, 0, 0.175, 1);
-ms-animation: slide-in 3s cubic-bezier(0.77, 0, 0.175, 1);
-o-animation: slide-in 3s cubic-bezier(0.77, 0, 0.175, 1);
animation: slide-in 3s cubic-bezier(0.77, 0, 0.175, 1);
}
.dropzone .dz-preview .dz-success-mark, .dropzone .dz-preview .dz-error-mark {
pointer-events: none;
opacity: 0;
z-index: 500;
position: absolute;
display: block;
top: 50%;
left: 50%;
margin-left: -27px;
margin-top: -27px;
}
.dropzone .dz-preview .dz-success-mark svg, .dropzone .dz-preview .dz-error-mark svg {
display: block;
width: 54px;
height: 54px;
}
.dropzone .dz-preview.dz-processing .dz-progress {
opacity: 1;
-webkit-transition: all 0.2s linear;
-moz-transition: all 0.2s linear;
-ms-transition: all 0.2s linear;
-o-transition: all 0.2s linear;
transition: all 0.2s linear;
}
.dropzone .dz-preview.dz-complete .dz-progress {
opacity: 0;
-webkit-transition: opacity 0.4s ease-in;
-moz-transition: opacity 0.4s ease-in;
-ms-transition: opacity 0.4s ease-in;
-o-transition: opacity 0.4s ease-in;
transition: opacity 0.4s ease-in;
}
.dropzone .dz-preview:not(.dz-processing) .dz-progress {
-webkit-animation: pulse 6s ease infinite;
-moz-animation: pulse 6s ease infinite;
-ms-animation: pulse 6s ease infinite;
-o-animation: pulse 6s ease infinite;
animation: pulse 6s ease infinite;
}
.dropzone .dz-preview .dz-progress {
opacity: 1;
z-index: 1000;
pointer-events: none;
position: absolute;
height: 8px;
left: 50%;
top: 50%;
margin-top: -8px;
width: 80px;
margin-left: -40px;
background: rgba(255, 255, 255, 0.9);
-webkit-transform: scale(1);
border-radius: 8px;
overflow: hidden;
}
.dropzone .dz-preview .dz-progress .dz-upload {
background: #333;
background: linear-gradient(to bottom, #666, #444);
position: absolute;
top: 0;
left: 0;
bottom: 0;
width: 0;
-webkit-transition: width 300ms ease-in-out;
-moz-transition: width 300ms ease-in-out;
-ms-transition: width 300ms ease-in-out;
-o-transition: width 300ms ease-in-out;
transition: width 300ms ease-in-out;
}
.dropzone .dz-preview.dz-error .dz-error-message {
display: block;
}
.dropzone .dz-preview.dz-error:hover .dz-error-message {
opacity: 1;
pointer-events: auto;
}
.dropzone .dz-preview .dz-error-message {
pointer-events: none;
z-index: 1000;
position: absolute;
display: block;
display: none;
opacity: 0;
-webkit-transition: opacity 0.3s ease;
-moz-transition: opacity 0.3s ease;
-ms-transition: opacity 0.3s ease;
-o-transition: opacity 0.3s ease;
transition: opacity 0.3s ease;
border-radius: 8px;
font-size: 13px;
top: 130px;
left: -10px;
width: 140px;
background: #be2626;
background: linear-gradient(to bottom, #be2626, #a92222);
padding: 0.5em 1.2em;
color: white;
}
.dropzone .dz-preview .dz-error-message:after {
content: "";
position: absolute;
top: -6px;
left: 64px;
width: 0;
height: 0;
border-left: 6px solid transparent;
border-right: 6px solid transparent;
border-bottom: 6px solid #be2626;
}

10441
support/dropzone.js Normal file
View File

File diff suppressed because it is too large Load Diff

57
support/json-viewer/jquery.json-viewer.css Normal file
View File

@ -0,0 +1,57 @@
/* Root element */
.json-document {
padding: 0em 1em 0em 1em;
}
/* Syntax highlighting for JSON objects */
ul.json-dict, ol.json-array {
list-style-type: none;
margin: 0 0 0 1px;
border-left: 1px dotted #ccc;
padding-left: 2em;
}
.json-string {
color: #0B7500;
}
.json-literal {
color: #1A01CC;
font-weight: bold;
}
/* Toggle button */
a.json-toggle {
position: relative;
color: inherit;
text-decoration: none;
}
a.json-toggle:focus {
outline: none;
}
a.json-toggle:before {
font-size: 1.1em;
color: #c0c0c0;
content: "\25BC"; /* down arrow */
position: absolute;
display: inline-block;
width: 1em;
text-align: center;
line-height: 1em;
left: -1.2em;
}
a.json-toggle:hover:before {
color: #aaa;
}
a.json-toggle.collapsed:before {
/* Use rotated down arrow, prevents right arrow appearing smaller than down arrow in some browsers */
transform: rotate(-90deg);
}
/* Collapsable placeholder links */
a.json-placeholder {
color: #aaa;
padding: 0 1em;
text-decoration: none;
}
a.json-placeholder:hover {
text-decoration: underline;
}

158
support/json-viewer/jquery.json-viewer.js Normal file
View File

@ -0,0 +1,158 @@
/**
* jQuery json-viewer
* @author: Alexandre Bodelot <alexandre.bodelot@gmail.com>
* @link: https://github.com/abodelot/jquery.json-viewer
*/
(function($) {
/**
* Check if arg is either an array with at least 1 element, or a dict with at least 1 key
* @return boolean
*/
function isCollapsable(arg) {
return arg instanceof Object && Object.keys(arg).length > 0;
}
/**
* Check if a string represents a valid url
* @return boolean
*/
function isUrl(string) {
var urlRegexp = /^(https?:\/\/|ftps?:\/\/)?([a-z0-9%-]+\.){1,}([a-z0-9-]+)?(:(\d{1,5}))?(\/([a-z0-9\-._~:/?#[\]@!$&'()*+,;=%]+)?)?$/i;
return urlRegexp.test(string);
}
/**
* Transform a json object into html representation
* @return string
*/
function json2html(json, options) {
var html = '';
if (typeof json === 'string') {
// Escape tags and quotes
json = json
.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/'/g, '&apos;')
.replace(/"/g, '&quot;');
if (options.withLinks && isUrl(json)) {
html += '<a href="' + json + '" class="json-string" target="_blank">' + json + '</a>';
} else {
// Escape double quotes in the rendered non-URL string.
json = json.replace(/&quot;/g, '\\&quot;');
html += '<span class="json-string">"' + json + '"</span>';
}
} else if (typeof json === 'number') {
html += '<span class="json-literal">' + json + '</span>';
} else if (typeof json === 'boolean') {
html += '<span class="json-literal">' + json + '</span>';
} else if (json === null) {
html += '<span class="json-literal">null</span>';
} else if (json instanceof Array) {
if (json.length > 0) {
html += '[<ol class="json-array">';
for (var i = 0; i < json.length; ++i) {
html += '<li>';
// Add toggle button if item is collapsable
if (isCollapsable(json[i])) {
html += '<a href class="json-toggle"></a>';
}
html += json2html(json[i], options);
// Add comma if item is not last
if (i < json.length - 1) {
html += ',';
}
html += '</li>';
}
html += '</ol>]';
} else {
html += '[]';
}
} else if (typeof json === 'object') {
var keyCount = Object.keys(json).length;
if (keyCount > 0) {
html += '{<ul class="json-dict">';
for (var key in json) {
if (Object.prototype.hasOwnProperty.call(json, key)) {
html += '<li>';
var keyRepr = options.withQuotes ?
'<span class="json-string">"' + key + '"</span>' : key;
// Add toggle button if item is collapsable
if (isCollapsable(json[key])) {
html += '<a href class="json-toggle">' + keyRepr + '</a>';
} else {
html += keyRepr;
}
html += ': ' + json2html(json[key], options);
// Add comma if item is not last
if (--keyCount > 0) {
html += ',';
}
html += '</li>';
}
}
html += '</ul>}';
} else {
html += '{}';
}
}
return html;
}
/**
* jQuery plugin method
* @param json: a javascript object
* @param options: an optional options hash
*/
$.fn.jsonViewer = function(json, options) {
// Merge user options with default options
options = Object.assign({}, {
collapsed: false,
rootCollapsable: true,
withQuotes: false,
withLinks: true
}, options);
// jQuery chaining
return this.each(function() {
// Transform to HTML
var html = json2html(json, options);
if (options.rootCollapsable && isCollapsable(json)) {
html = '<a href class="json-toggle"></a>' + html;
}
// Insert HTML in target DOM element
$(this).html(html);
$(this).addClass('json-document');
// Bind click on toggle buttons
$(this).off('click');
$(this).on('click', 'a.json-toggle', function() {
var target = $(this).toggleClass('collapsed').siblings('ul.json-dict, ol.json-array');
target.toggle();
if (target.is(':visible')) {
target.siblings('.json-placeholder').remove();
} else {
var count = target.children('li').length;
var placeholder = count + (count > 1 ? ' items' : ' item');
target.after('<a href class="json-placeholder">' + placeholder + '</a>');
}
return false;
});
// Simulate click on toggle button when placeholder is clicked
$(this).on('click', 'a.json-placeholder', function() {
$(this).siblings('a.json-toggle').click();
return false;
});
if (options.collapsed == true) {
// Trigger click to collapse all nodes
$(this).find('a.json-toggle').click();
}
});
};
})(jQuery);