archives/FHeD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 40 Activity

Merge branch 'main' into issue-10

Browse Source
This commit is contained in:
Luke Tainton
2020-08-05 19:12:22 +01:00
committed by GitHub
parent 0900c3ba08 d7b86e6a38
commit 8360ea3815
187 changed files with 21248 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/includes/header.php
View File

@@ -1,4 +1,5 @@
<?php
require_once __DIR__ . "/prereqs.php";
$PAGE_TITLE = $PAGE_NAME . " :: " . $_ENV['APP_NAME'];
?>
@@ -33,7 +34,7 @@
<a class="nav-link <?php if (!is_signed_in()) {echo(' disabled');} ?>" href="/new">New request</a>
</li>
<li class="nav-item">
<a class="nav-link <?php if (!is_signed_in()) {echo(' disabled');} ?>" href="/open">Existing requests</a>
<a class="nav-link <?php if (!is_signed_in()) {echo(' disabled');} ?>" href="/existing">Existing requests</a>
</li>
</ul>
<div class="mt-2 mt-md-0">

38
app/includes/prereqs.php
View File

@@ -7,6 +7,19 @@ require_once __DIR__ . "/../vendor/autoload.php";
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . "/..");
$dotenv->load();
// Database auto-generation
if (file_exists("/../includes/install.php")) {
return;
add_action('run_db_populate')
}
function run_db_populate() {
// all my glorious one-time-magic.
include( "/../includes/install.php" );
// after all execution rename your file;
rename( "/../includes/install.php", "/../includes/install-backup.php");
}
// Session
session_start();
@@ -22,6 +35,7 @@ if ($_ENV['OIDC_DISABLE_SSL'] == "true") {
$oidc->setVerifyPeer(false);
}
// Custom functions
function oidc_set_vars($sub, $uid, $fname, $lname, $email) {
$_SESSION['uuid'] = $sub;
@@ -40,14 +54,22 @@ function is_signed_in() {
}
}
if (file_exists("/../includes/install.php")) {
return;
add_action( 'run_db_populate')
function create_alert($type, $msg) {
$thisAlert = array($type, $msg);
array_push($_SESSION['alerts'], $thisAlert);
}
function run_db_populate() {
// all my glorious one-time-magic.
include( "/../includes/install.php" );
// after all execution rename your file;
rename( "/../includes/install.php", "/../includes/install-backup.php");
function get_user_name($db, $user_uuid) {
try {
$stmt = "SELECT given_name, family_name FROM users WHERE uuid=:uuid";
$sql = $db->prepare($stmt);
$sql->bindParam(':uuid', $user_uuid);
$sql->execute();
$sql->setFetchMode(PDO::FETCH_ASSOC);
$result = $sql->fetchAll();
$usr = $result[0]['given_name'] . " " . $result[0]['family_name'];
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
return $usr;
}

39
app/public/existing.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
$PAGE_NAME = "Existing requests";
require_once __DIR__ . "/../includes/header.php";
?>
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<?php if (is_signed_in()) { ?>
<section class="jumbotron text-center">
<div class="container">
<h1>Open requests</h1>
<p class="lead text-muted">
Here you can find all of your requests, and other requests that you are subscribed to.
</p>
</div>
</section>
<section>
<p>This page is currently under construction.</p>
</section>
<?php } else { ?>
<section>
<div class='alert alert-danger alert-dismissible fade show' role='alert'>
You need to log in to access this page.
<button type='button' class='close' data-dismiss='alert' aria-label='Close'>
<span aria-hidden='true'>&times;</span>
</button>
</div>
</section>
<?php } ?>
</main>
<?php
require_once __DIR__ . "/../includes/footer.php";
?>

157
app/public/index.php
View File

@@ -1,6 +1,5 @@
<?php
$PAGE_NAME = "Home";
require_once __DIR__ . "/../includes/prereqs.php";
require_once __DIR__ . "/../includes/header.php";
if (is_signed_in()) {
@@ -27,8 +26,6 @@
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
$user_tickets_sub = 0; // Force 'no subbed tickets' msg until the code works
}
function get_sub_ticket($db, $ticket_uuid) {
@@ -46,20 +43,6 @@
return $tkt;
}
function get_user_name($db, $user_uuid) {
try {
$stmt = "SELECT given_name, family_name FROM users WHERE uuid=:uuid";
$sql = $db->prepare($stmt);
$sql->bindParam(':uuid', $user_uuid);
$sql->execute();
$sql->setFetchMode(PDO::FETCH_ASSOC);
$result = $sql->fetchAll();
$usr = $result[0]['given_name'] . " " . $result[0]['family_name'];
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
return $usr;
}
?>
@@ -76,84 +59,84 @@
?>
is the one-stop shop for all of your IT-related needs. Let us know how we can help you by opening a request.
</p>
<p>
<?php
if (is_signed_in()) {
echo("
<a href='/new' class='btn btn-primary my-2'>Create a request</a>
<a href='/open' class='btn btn-secondary my-2'>View existing requests</a>
");
} else {
echo("<b>Please log in to create or view tickets.</b>");
}
?>
</p>
<?php if (is_signed_in()) { ?>
<p>
<a href='/new' class='btn btn-primary my-2'>Create a request</a>
<a href='/open' class='btn btn-secondary my-2'>View existing requests</a>
</p>
<?php } else { ?>
<p><b>Please log in to create or view requests.</b></p>
<?php } ?>
</div>
</section>
<?php if (is_signed_in()) { ?>
<section>
<div class="card mx-auto" style="width: 80%;">
<div class="card-header">
<span class="mdi mdi-ticket-outline"></span> My Open Requests
</div>
<ul class="list-group list-group-flush">
<?php
if (count($user_tickets_result) == 0) {
echo("<center><b>No open tickets</b></center>");
} else {
foreach($user_tickets_result as $tkt) {
?>
<li class="list-group-item">
<div class="container">
<div class="row">
<div class="col-10">
<span style="display: inline;" class="text-muted">#<?php echo(sprintf("%'.05d\n", $tkt["id"])); ?> </span><span><b><?php echo($tkt['title']); ?></b></span>
<p class="m-0"><?php echo($tkt['description']); ?></p>
</div>
<div class="col-2">
<a class="btn btn-success float-right" href="view?rid=<?php echo($tkt["uuid"]); ?>" role="button">Go</a>
</div>
</div>
<div class="container" style="margin-top: -5%">
<div class="row">
<div class="col-sm">
<div class="card mx-auto">
<div class="card-header">
<span class="mdi mdi-ticket-outline"></span> My Open Requests
</div>
</li>
<?php } } ?>
</ul>
</div>
</section>
<ul class="list-group list-group-flush">
<?php
if (count($user_tickets_result) == 0) {
echo("<center><b>No open tickets</b></center>");
} else {
foreach($user_tickets_result as $tkt) {
?>
<li class="list-group-item">
<div class="container">
<div class="row">
<div class="col-10">
<span style="display: inline;" class="text-muted">#<?php echo(sprintf("%'.05d\n", $tkt["id"])); ?> </span><span><b><?php echo($tkt['title']); ?></b></span>
<p class="m-0"><?php echo($tkt['description']); ?></p>
</div>
<div class="col-2">
<a class="btn btn-success float-right" href="view?rid=<?php echo($tkt["uuid"]); ?>" role="button">Go</a>
</div>
</div>
</div>
</li>
<?php } } ?>
</ul>
</div>
</div>
<section style="margin-top: 1%;">
<div class="card mx-auto" style="width: 80%;">
<div class="card-header">
<span class="mdi mdi-rss"></span> My Subscribed Requests
</div>
<ul class="list-group list-group-flush">
<?php
// if ($user_tickets_sub == 0) {
if (count($sub_tickets_result) == 0) {
echo("<center><b>No subscribed tickets</b></center>");
} else {
foreach($sub_tickets_result as $sub) {
$tkt = get_sub_ticket($db, $sub['ticket_uuid']);
$tkt_creator = get_user_name($db, $tkt['created_by']);
?>
<li class="list-group-item">
<div class="container">
<div class="row">
<div class="col-10">
<span style="display: inline;" class="text-muted">#<?php echo sprintf("%'.05d\n", $tkt["id"]); ?> </span><span><b><?php echo($tkt['title']); ?></b></span> <span style="display: inline;" class="text-muted"><?php echo("(Creator: " . $tkt_creator . ")"); ?></span>
<p class="m-0"><?php echo($tkt['description']); ?></p>
</div>
<div class="col-2">
<a class="btn btn-success float-right" href="view?rid=<?php echo($tkt["uuid"]); ?>" role="button">Go</a>
</div>
</div>
<div class="col-sm">
<div class="card mx-auto">
<div class="card-header">
<span class="mdi mdi-rss"></span> My Subscribed Requests
</div>
</li>
<?php } } ?>
</ul>
<ul class="list-group list-group-flush">
<?php
if (count($sub_tickets_result) == 0) {
echo("<center><b>No subscribed tickets</b></center>");
} else {
foreach($sub_tickets_result as $sub) {
$tkt = get_sub_ticket($db, $sub['ticket_uuid']);
$tkt_creator = get_user_name($db, $tkt['created_by']);
?>
<li class="list-group-item">
<div class="container">
<div class="row">
<div class="col-10">
<span style="display: inline;" class="text-muted">#<?php echo sprintf("%'.05d\n", $tkt["id"]); ?> </span><span><b><?php echo($tkt['title']); ?></b></span> <span style="display: inline;" class="text-muted"><?php echo("(Creator: " . $tkt_creator . ")"); ?></span>
<p class="m-0"><?php echo($tkt['description']); ?></p>
</div>
<div class="col-2">
<a class="btn btn-success float-right" href="view?rid=<?php echo($tkt["uuid"]); ?>" role="button">Go</a>
</div>
</div>
</div>
</li>
<?php } } ?>
</ul>
</div>
</section>
</div>
</div>
</section>
</div>
<?php } ?>
</main>

98
app/public/new.php
View File

@@ -1,10 +1,50 @@
<?php
$PAGE_NAME = "New request";
require_once __DIR__ . "/../includes/prereqs.php";
require_once __DIR__ . "/../includes/header.php";
use Ramsey\Uuid\Uuid;
// If form submitted, save to database
if($_SERVER['REQUEST_METHOD'] == 'POST') {
try {
// Process ticket data
$tkt_uuid = Uuid::uuid4()->toString();
$stmt = "INSERT INTO tickets (uuid, title, description, created_by) VALUES (:tktuuid, :title, :description, :user)";
$sql = $db->prepare($stmt);
$sql->bindParam(':tktuuid', $tkt_uuid);
$sql->bindParam(':title', $_POST['title']);
$sql->bindParam(':description', $_POST['description']);
$sql->bindParam(':user', $_SESSION['uuid']);
$sql->execute();
} catch (PDOException $e) {
// echo("Error: <br>" . $e->getMessage() . "<br>");
$new_ticket_alert = array("danger", "Failed to save request: " . $e->getMessage());
}
// If file is uploaded, process that
if(isset($_FILES['file']) && $_FILES['file']['name'] != "") {
try {
$file_name = $_FILES['file']['name'];
$file_size = $_FILES['file']['size'];
$file_type = $_FILES['file']['type'];
$file_tmp = $_FILES['file']['tmp_name'];
move_uploaded_file($file_tmp,"/srv/attachments/".$file_name);
$stmt = "INSERT INTO ticket_uploads (ticket, user, filename) VALUES (:ticket, :user, :name)";
$sql = $db->prepare($stmt);
$sql->bindParam(':ticket', $tkt_uuid);
$sql->bindParam(':user', $_SESSION['uuid']);
$sql->bindParam(':name', $file_name);
$sql->execute();
} catch (PDOException $e) {
// echo("Error: <br>" . $e->getMessage() . "<br>");
$new_ticket_alert = array("danger", "Failed to upload file: " . $e->getMessage());
}
}
header('Location: /view?rid=' . $tkt_uuid, true);
}
if (!is_signed_in()) {
header('Location: /login');
$new_ticket_alert = array("danger", "You need to log in to access this page.");
}
?>
@@ -13,19 +53,55 @@
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<section class="jumbotron text-center">
<div class="container">
<h1>Create a new request</h1>
<p class="lead text-muted">
Fill in the form below to create a new request. We'll respond to it as soon as we can.
</p>
</div>
<section>
<?php
if(isset($new_ticket_alert)) {
echo("
<div class='container'>
<div class='alert alert-" . $new_ticket_alert[0] . " alert-dismissible fade show' role='alert'>
" . $new_ticket_alert[1] . "
<button type='button' class='close' data-dismiss='alert' aria-label='Close'>
<span aria-hidden='true'>&times;</span>
</button>
</div>
</div>
");
unset($new_ticket_alert);
}
?>
</section>
<section>
<p>This page is currently under construction.</p>
<?php if (is_signed_in()) { ?>
<section class="jumbotron text-center">
<div class="container">
<h1>Create a new request</h1>
<p class="lead text-muted">
Fill in the form below to create a new request. We'll respond to it as soon as we can.
</p>
</div>
</section>
<section>
<div class="card mx-auto" style="width: 50%;">
<form style="padding: 2%" action="/new" method="post" enctype="multipart/form-data">
<div class="form-group">
<label for="title">Title: </label>
<input type="text" class="form-control" id="title" name="title">
</div>
<div class="form-group">
<label for="description">Description: </label>
<textarea type="text" class="form-control" id="description" name="description" rows="3"></textarea>
</div>
<div class="form-group">
<label for="file">Upload file(s): </label>
<input type="file" class="form-control-file" id="file" name="file">
</div>
<button type="submit" class="btn btn-primary">Submit</button>
</form>
</div>
</section>
<?php } ?>
</main>
<?php

33
app/public/open.php
View File

@@ -1,33 +0,0 @@
<?php
$PAGE_NAME = "Open requests";
require_once __DIR__ . "/../includes/prereqs.php";
require_once __DIR__ . "/../includes/header.php";
if (!is_signed_in()) {
header('Location: /login');
}
?>
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<section class="jumbotron text-center">
<div class="container">
<h1>Open requests</h1>
<p class="lead text-muted">
Here you can find all of your requests, and other requests that you are subscribed to.
</p>
</div>
</section>
<section>
<p>This page is currently under construction.</p>
</section>
</main>
<?php
require_once __DIR__ . "/../includes/footer.php";
?>

239
app/public/view.php
View File

@@ -1,44 +1,53 @@
<?php
$PAGE_NAME = "View Request";
require_once __DIR__ . "/../includes/prereqs.php";
require_once __DIR__ . "/../includes/header.php";
if (is_signed_in()) {
// Get ticket
try {
$ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
$ticket_sql = $db->prepare($ticket_stmt);
$ticket_sql->bindParam(':uuid', $_GET['rid']);
$ticket_sql->execute();
$ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
$ticket_result = $ticket_sql->fetchAll();
$request = $ticket_result[0];
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
// Get ticket
try {
$ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
$ticket_sql = $db->prepare($ticket_stmt);
$ticket_sql->bindParam(':uuid', $_GET['rid']);
$ticket_sql->execute();
$ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
$ticket_result = $ticket_sql->fetchAll();
$request = $ticket_result[0];
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
// Get authorised subscribers
try {
$users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
$users_sql = $db->prepare($users_stmt);
$users_sql->bindParam(':uuid', $_GET['rid']);
$users_sql->execute();
$users_sql->setFetchMode(PDO::FETCH_ASSOC);
$users_result = $users_sql->fetchAll();
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
// Get ticket updates
try {
$updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
$updates_sql = $db->prepare($updates_stmt);
$updates_sql->bindParam(':uuid', $_GET['rid']);
$updates_sql->execute();
$updates_sql->setFetchMode(PDO::FETCH_ASSOC);
$updates_result = $updates_sql->fetchAll();
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
$authorised_users = array();
foreach($users_result as $user) {
array_push($authorised_users, $user['user_uuid']);
}
// Get authorised subscribers
try {
$users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
$users_sql = $db->prepare($users_stmt);
$users_sql->bindParam(':uuid', $_GET['rid']);
$users_sql->execute();
$users_sql->setFetchMode(PDO::FETCH_ASSOC);
$users_result = $users_sql->fetchAll();
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
if (in_array($_SESSION['uuid'], $authorised_users)) {
$is_authorised = true;
} else {
$is_authorised = false;
}
$authorised_users = array();
foreach($users_result as $user) {
array_push($authorised_users, $user['user_uuid']);
}
if (in_array($_SESSION['uuid'], $authorised_users) || $_SESSION['uuid'] == $request['created_by']) {
$is_authorised = true;
} else {
$is_authorised = false;
}
?>
@@ -48,35 +57,145 @@
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<?php if (is_signed_in() && $is_authorised == true) { ?>
<section class="jumbotron text-center">
<?php if (!is_signed_in()) { ?>
<section>
<div class="container">
<h1><?php echo($request['title']); ?></h1>
<p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
<p class="lead text-muted">
<?php echo($request['description']); ?>
</p>
<p>
<?php print_r($request); ?>
</p>
<p>
<?php print_r($users_result) ?>
</p>
<div class='alert alert-danger alert-dismissible fade show' role='alert'>
You need to log in to access this page.
<button type='button' class='close' data-dismiss='alert' aria-label='Close'>
<span aria-hidden='true'>&times;</span>
</button>
</div>
</div>
</section>
<?php } else if (is_signed_in() && $is_authorised == false) { ?>
<section class="jumbotron text-center">
<div class="container">
<h1>You are not authorised to see this page.</h1>
</div>
</section>
<?php } else { ?>
<section class="jumbotron text-center">
<div class="container">
<h1>You need to be logged in to see this page.</h1>
</div>
</section>
<?php } ?>
<?php } else {
if ($is_authorised == true) { ?>
<section class="jumbotron text-center">
<div class="container">
<h1><?php echo($request['title']); ?></h1>
<p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
<p class="lead text-muted"><?php echo($request['description']); ?></p>
</div>
</section>
<section>
<div class="container">
<div class="row">
<div class="col-sm">
<div class="card mx-auto">
<div class="card-header"><span class="mdi mdi-information-outline"></span> Information</div>
<ul class="list-group list-group-flush">
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;"><b>Status:</b></span>
<span style="display: inline; margin-left: 1%;"><?php echo($request['status']); ?></span>
</div>
</div>
</li>
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;"><b>Creator:</b></span>
<span style="display: inline; margin-left: 1%;"><?php echo(get_user_name($db, $request['created_by'])); ?></span>
</div>
</div>
</li>
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;"><b>Assignee:</b></span>
<?php if ($request['assignee'] != null) {
echo("<span style='display: inline; margin-left: 1%;'>" . get_user_name($db, $request['assignee']) . "</span>");
} else {
echo("<span class='text-muted' style='display: inline; margin-left: 1%;'>None</span>");
} ?>
</div>
</div>
</li>
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;"><b>Created:</b></span>
<span style="display: inline; margin-left: 1%;"><?php echo($request['created_on']); ?></span>
</div>
</div>
</li>
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;"><b>Updated:</b></span>
<span style="display: inline; margin-left: 1%;"><?php echo($request['last_updated']); ?></span>
</div>
</div>
</li>
</ul>
</div>
</div>
<div class="col-sm">
<div class="card mx-auto">
<div class="card-header"><span class="mdi mdi-update"></span> Updates</div>
<ul class="list-group list-group-flush">
<?php
if (count($updates_result) == 0) {
echo("<center><b>No updates</b></center>");
} else {
foreach($updates_result as $update) {
?>
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;"><b><?php echo(get_user_name($db, $update['user'])); ?></b></span><span class="text-muted"><i><?php echo(" " . $update['created']); ?></i></span>
</div>
<div class="row">
<span><?php echo($update['msg']); ?></span>
</div>
</div>
</li>
<?php } } ?>
</ul>
</div>
</div>
<div class="col-sm">
<div class="card mx-auto">
<div class="card-header"><span class="mdi mdi-comment-edit-outline"></span> Actions</div>
<ul class="list-group list-group-flush">
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;">Post an update</span>
</div>
</div>
</li>
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;">Upload file(s)</span>
</div>
</div>
</li>
<li class="list-group-item">
<div class="container">
<div class="row">
<span style="display: inline;">Manage request subscribers</span>
</div>
</div>
</li>
</ul>
</div>
</div>
</div>
</div>
</section>
<?php } else if ($is_authorised == false) { ?>
<section class="jumbotron text-center">
<div class="container">
<h1>You are not authorised to see this page.</h1>
</div>
</section>
<?php } } ?>
</main>