archives/FHeD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 40 Activity

Working: Auth, DB, view ticket

Browse Source 
Signed-off-by: Luke Tainton <luke@tainton.uk>
This commit is contained in:
Luke Tainton
2020-08-04 14:19:10 +01:00
parent 184510e097
commit f64b585230
18 changed files with 1367 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/public/css/bootstrap.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

66
app/public/css/custom.css Normal file
View File

@@ -0,0 +1,66 @@
.bd-placeholder-img {
font-size: 1.125rem;
text-anchor: middle;
-webkit-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
}
@media (min-width: 768px) {
.bd-placeholder-img-lg {
font-size: 3.5rem;
}
}
main > .container {
padding: 60px 15px 0;
}
.footer {
background-color: #f5f5f5;
}
.footer > .container {
padding-right: 15px;
padding-left: 15px;
}
code {
font-size: 80%;
}
.jumbotron {
padding-top: 3rem;
padding-bottom: 3rem;
margin-bottom: 0;
background-color: #fff;
}
@media (min-width: 768px) {
.jumbotron {
padding-top: 6rem;
padding-bottom: 6rem;
}
}
.jumbotron p:last-child {
margin-bottom: 0;
}
.jumbotron h1 {
font-weight: 300;
}
.jumbotron .container {
max-width: 40rem;
}
footer {
padding-top: 3rem;
padding-bottom: 3rem;
}
footer p {
margin-bottom: .25rem;
}

3
app/public/css/mdi.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

131
app/public/index.php Normal file
View File

@@ -0,0 +1,131 @@
<?php
$PAGE_NAME = "Home";
require_once __DIR__ . "/../includes/prereqs.php";
require_once __DIR__ . "/../includes/header.php";
if (is_signed_in()) {
// Get user's own tickets
try {
$user_tickets_stmt = "SELECT uuid, id, title, description, status FROM tickets WHERE created_by=:uuid";
$user_tickets_sql = $db->prepare($user_tickets_stmt);
$user_tickets_sql->bindParam(':uuid', $_SESSION['uuid']);
$user_tickets_sql->execute();
$user_tickets_sql->setFetchMode(PDO::FETCH_ASSOC);
$user_tickets_result = $user_tickets_sql->fetchAll();
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
// Get tickets user has subscribed to
try {
$sub_tickets_stmt = "SELECT ticket_uuid FROM ticket_subscribers WHERE user_uuid=:uuid";
$sub_tickets_sql = $db->prepare($sub_tickets_stmt);
$sub_tickets_sql->bindParam(':uuid', $_SESSION['uuid']);
$sub_tickets_sql->execute();
$sub_tickets_sql->setFetchMode(PDO::FETCH_ASSOC);
$sub_tickets_result = $sub_tickets_sql->fetchAll();
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
$user_tickets_sub = 0; // Force 'no subbed tickets' msg until the code works
}
?>
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<section class="jumbotron text-center">
<div class="container">
<h1>Welcome to <?php echo($_ENV['APP_NAME']); ?></h1>
<p class="lead text-muted">
<?php
if ($_ENV['APP_NAME'] == "FHeD") {echo("The Free HelpDesk");} else {echo($_ENV['APP_NAME']);};
?>
is the one-stop shop for all of your IT-related needs. Let us know how we can help you by opening a request.
</p>
<p>
<?php
if (is_signed_in()) {
echo("
<a href='/new' class='btn btn-primary my-2'>Create a request</a>
<a href='/open' class='btn btn-secondary my-2'>View existing requests</a>
");
} else {
echo("<b>Please log in to create or view tickets.</b>");
}
?>
</p>
</div>
</section>
<?php if (is_signed_in()) { ?>
<section>
<div class="card mx-auto" style="width: 80%;">
<div class="card-header">
<span class="mdi mdi-ticket-outline"></span> My Open Requests
</div>
<ul class="list-group list-group-flush">
<?php
if (count($user_tickets_result) == 0) {
echo("<center><b>No open tickets</b></center>");
} else {
foreach($user_tickets_result as $tkt) {
?>
<li class="list-group-item">
<div class="container">
<div class="row">
<div class="col-10">
<span style="display: inline;" class="text-muted">#<?php echo(sprintf("%'.05d\n", $tkt["id"])); ?> </span><span><b><?php echo($tkt['title']); ?></b></span>
<p class="m-0"><?php echo($tkt['description']); ?></p>
</div>
<div class="col-2">
<a class="btn btn-success float-right" href="view?rid=<?php echo($tkt["uuid"]); ?>" role="button">Go</a>
</div>
</div>
</div>
</li>
<?php } } ?>
</ul>
</div>
</section>
<section style="margin-top: 1%;">
<div class="card mx-auto" style="width: 80%;">
<div class="card-header">
<span class="mdi mdi-rss"></span> My Subscribed Requests
</div>
<ul class="list-group list-group-flush">
<?php
if ($user_tickets_sub == 0) {
// if (count($sub_tickets_result) == 0) {
echo("<center><b>No subscribed tickets</b></center>");
} else {
foreach($sub_tickets_result as $tkt) {
?>
<li class="list-group-item">
<div class="container">
<div class="row">
<div class="col-10">
<span style="display: inline;" class="text-muted">#<?php echo sprintf("%'.05d\n", $tkt["id"]); ?> </span><span><b><?php echo($tkt['title']); ?></b></span>
<p class="m-0"><?php echo($tkt['description']); ?></p>
</div>
<div class="col-2">
<a class="btn btn-success float-right" href="view?rid=<?php echo($tkt["uuid"]); ?>" role="button">Go</a>
</div>
</div>
</div>
</li>
<?php } } ?>
</ul>
</div>
</section>
<?php } ?>
</main>
<?php
require_once __DIR__ . "/../includes/footer.php";
?>

65
app/public/login.php Normal file
View File

@@ -0,0 +1,65 @@
<?php
$PAGE_NAME = "Logging in...";
require_once __DIR__ . "/../includes/prereqs.php";
// Perform the OIDC authentication
try {
$oidc->authenticate();
$oidc_user = array(
'sub' => $oidc->requestUserInfo('sub'),
'username' => $oidc->requestUserInfo('preferred_username'),
'given_name' => $oidc->requestUserInfo('given_name'),
'family_name' => $oidc->requestUserInfo('family_name'),
'email' => $oidc->requestUserInfo('email'),
);
} catch (Jumbojett\OpenIDConnectClientException $e) {
echo("Error during OpenID Connect authentication: " . $e->getMessage() . "<br>");
}
// Check if the user already exists
try {
$user_exist_sql = $db->prepare("SELECT uuid FROM users WHERE uuid=:uuid");
$user_exist_sql->bindParam(':uuid', $oidc_user['sub']);
$user_exist_sql->execute();
$result = $user_exist_sql->setFetchMode(PDO::FETCH_ASSOC); // If user doesn't exist, $result will be null
} catch (PDOException $e) {
echo("Error: " . $e->getMessage() . "<br>");
}
if ($result != null) {
// User already exists
try {
$stmt = "UPDATE users SET uid=:username, given_name=:given, family_name=:family, email=:email WHERE uuid=:sub";
$sql = $db->prepare($stmt);
$sql->bindParam(':sub', $oidc_user['sub']);
$sql->bindParam(':username', $oidc_user['username']);
$sql->bindParam(':given', $oidc_user['given_name']);
$sql->bindParam(':family', $oidc_user['family_name']);
$sql->bindParam(':email', $oidc_user['email']);
$sql->execute();
} catch (PDOException $e) {
echo("Error running SQL (Update existing user): <br>" . $e->getMessage() . "<br>");
}
} else {
// User doesn't already exist
try {
$stmt = "INSERT INTO users (uuid, uid, given_name, family_name, email) VALUES (:sub, :username, :given, :family, :email)";
$sql = $db->prepare($stmt);
$sql->bindParam(':sub', $oidc_user['sub']);
$sql->bindParam(':username', $oidc_user['username']);
$sql->bindParam(':given', $oidc_user['given_name']);
$sql->bindParam(':family', $oidc_user['family_name']);
$sql->bindParam(':email', $oidc_user['email']);
$sql->execute();
} catch (PDOException $e) {
echo("Error running SQL (Add new user): <br>" . $e->getMessage() . "<br>");
}
}
oidc_set_vars($oidc_user['sub'], $oidc_user['username'], $oidc_user['given_name'], $oidc_user['family_name'], $oidc_user['email']);
unset($oidc_user);
$_SESSION['is_signed_in'] = "true";
header('Location: /');
?>

8
app/public/logout.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
$PAGE_NAME = "Logging out...";
require_once __DIR__ . "/../includes/prereqs.php";
session_destroy();
header('Location: /');
?>

33
app/public/new.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
$PAGE_NAME = "New request";
require_once __DIR__ . "/../includes/prereqs.php";
require_once __DIR__ . "/../includes/header.php";
if (!is_signed_in()) {
header('Location: /login');
}
?>
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<section class="jumbotron text-center">
<div class="container">
<h1>Create a new request</h1>
<p class="lead text-muted">
Fill in the form below to create a new request. We'll respond to it as soon as we can.
</p>
</div>
</section>
<section>
<p>This page is currently under construction.</p>
</section>
</main>
<?php
require_once __DIR__ . "/../includes/footer.php";
?>

33
app/public/open.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
$PAGE_NAME = "Open requests";
require_once __DIR__ . "/../includes/prereqs.php";
require_once __DIR__ . "/../includes/header.php";
if (!is_signed_in()) {
header('Location: /login');
}
?>
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<section class="jumbotron text-center">
<div class="container">
<h1>Open requests</h1>
<p class="lead text-muted">
Here you can find all of your requests, and other requests that you are subscribed to.
</p>
</div>
</section>
<section>
<p>This page is currently under construction.</p>
</section>
</main>
<?php
require_once __DIR__ . "/../includes/footer.php";
?>

53
app/public/view.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
$PAGE_NAME = "Home";
require_once __DIR__ . "/../includes/prereqs.php";
require_once __DIR__ . "/../includes/header.php";
if (is_signed_in()) {
try {
$user_tickets_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
$user_tickets_sql = $db->prepare($user_tickets_stmt);
$user_tickets_sql->bindParam(':uuid', $_GET['rid']);
$user_tickets_sql->execute();
$user_tickets_sql->setFetchMode(PDO::FETCH_ASSOC);
$user_tickets_result = $user_tickets_sql->fetchAll();
$request = $user_tickets_result[0];
} catch (PDOException $e) {
echo("Error: " . $e->getMessage());
}
}
?>
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<?php if (is_signed_in()) { ?>
<section class="jumbotron text-center">
<div class="container">
<h1><?php echo($request['title']); ?></h1>
<p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
<p class="lead text-muted">
<?php echo($request['description']); ?>
</p>
<p>
<?php print_r($request); ?>
</p>
</div>
</section>
<?php } else { ?>
<section class="jumbotron text-center">
<div class="container">
<h1>You need to be logged in to see this page.</h1>
</div>
</section>
<?php } ?>
</main>
<?php
require_once __DIR__ . "/../includes/footer.php";
?>