Broken login (#122)

* Fixing Login Die

* Fix Broken Login 2

* Update footer

* Try Somethin New Today

.github/workflows/deploy.yml

@@ -8,6 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     outputs: 
       ver: ${{ steps.release.outputs.version }}
+      tag: ${{ steps.release.outputs.tag_name }}
     env:
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     steps:
@@ -30,14 +31,10 @@ jobs:
     - name: Login to DockerHub Registry
       run: echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
     - name: Build image for Docker Hub
-      env:
-        VERSION: ${{ needs.release-on-push.output.ver }}
-      run: docker build . --file Dockerfile --tag luketainton/fhed:$VERSION luketainton/fhed:latest
+      run: docker build . --file Dockerfile --build-arg VERSION=${{ needs.release-on-push.outputs.ver }} --tag luketainton/fhed:${{ needs.release-on-push.outputs.tag }} --tag luketainton/fhed:latest
     - name: Push image to Docker Hub
-      env:
-        VERSION: ${{ needs.release-on-push.output.ver }}
       run: |
-        docker push luketainton/fhed:$VERSION &&
+        docker push luketainton/fhed:${{ needs.release-on-push.outputs.tag }} &&
         docker push luketainton/fhed:latest
       
   docker-ghr:
@@ -49,14 +46,10 @@ jobs:
     - name: Login to DockerHub Registry
       run: echo ${{ secrets.GITHUB_TOKEN }} | docker login https://docker.pkg.github.com -u luketainton --password-stdin
     - name: Build image for GitHub Package Registry
-      env:
-        VERSION: ${{ needs.release-on-push.output.ver }}
-      run: docker build . --file Dockerfile --tag docker.pkg.github.com/luketainton/fhed/fhed:latest docker.pkg.github.com/luketainton/fhed/fhed:$VERSION
+      run: docker build . --file Dockerfile --build-arg VERSION=${{ needs.release-on-push.outputs.ver }} --tag docker.pkg.github.com/luketainton/fhed/fhed:latest --tag docker.pkg.github.com/luketainton/fhed/fhed:${{ needs.release-on-push.outputs.tag }}
     - name: Push image to GitHub Package Registry
-      env:
-        VERSION: ${{ needs.release-on-push.output.ver }}
       run: |
-        docker push docker.pkg.github.com/luketainton/fhed/fhed:$VERSION &&
+        docker push docker.pkg.github.com/luketainton/fhed/fhed:${{ needs.release-on-push.outputs.tag }} &&
         docker push docker.pkg.github.com/luketainton/fhed/fhed:latest
 
   deploy:

Dockerfile

@@ -4,6 +4,8 @@ RUN composer --working-dir=/srv install
 
 FROM php:apache
 LABEL maintainer="Luke Tainton <luke@tainton.uk>"
+ARG VERSION
 RUN docker-php-ext-install pdo_mysql && a2enmod rewrite remoteip
 COPY vhost.conf /etc/apache2/sites-enabled/000-default.conf
 COPY --from=build /srv /srv
+RUN echo $VERSION > /srv/includes/VERSION

app/includes/app_functions.php

@@ -1,5 +1,32 @@
 <?php
-  function get_all_users($db) {
+
+  function get_version()
+  {
+      $version = "v" . file_get_contents(__DIR__ . '/VERSION');
+      return $version;
+  }
+
+  function user_exists($db, $uuid)
+  {
+      try {
+          $sql = $db->prepare("SELECT uuid FROM users WHERE uuid=:uuid");
+          $sql->bindParam(':uuid', $uuid);
+          $sql->execute();
+          $sql->setFetchMode(PDO::FETCH_ASSOC);
+          $result = $sql->fetchAll();
+      } catch (PDOException $e) {
+          $alert = array("danger", "Error during check for user record: " . $e->getMessage());
+          die();
+      }
+      if (empty($result)) {
+         return false;
+      } else {
+         return true;
+      }
+  }
+
+  function get_all_users($db)
+  {
       try {
           $stmt = "SELECT * FROM users";
           $sql = $db->prepare($stmt);
@@ -12,7 +39,8 @@
       return $result;
   }
 
-  function get_user_name($db, $user_uuid) {
+  function get_user_name($db, $user_uuid)
+  {
       try {
           $stmt = "SELECT given_name, family_name FROM users WHERE uuid=:uuid";
           $sql = $db->prepare($stmt);
@@ -27,7 +55,8 @@
       return $usr;
   }
 
-  function get_my_open_requests($db) {
+  function get_my_open_requests($db)
+  {
       $ticket_stmt = "SELECT * FROM tickets WHERE created_by=:uuid AND status != 'Closed'";
       $ticket_sql = $db->prepare($ticket_stmt);
       $ticket_sql->bindParam(':uuid', $_SESSION['uuid']);
@@ -37,7 +66,8 @@
       return $ticket_result;
   }
 
-  function get_my_closed_requests($db) {
+  function get_my_closed_requests($db)
+  {
       $ticket_stmt = "SELECT * FROM tickets WHERE created_by=:uuid AND status = 'Closed'";
       $ticket_sql = $db->prepare($ticket_stmt);
       $ticket_sql->bindParam(':uuid', $_SESSION['uuid']);
@@ -47,7 +77,8 @@
       return $ticket_result;
   }
 
-  function get_subscribed_requests($db) {
+  function get_subscribed_requests($db)
+  {
       $requests = array();
       $sub_tickets_stmt = "SELECT ticket_uuid FROM ticket_subscribers WHERE user_uuid=:uuid";
       $sub_tickets_sql = $db->prepare($sub_tickets_stmt);
@@ -67,7 +98,8 @@
       return $requests;
   }
 
-  function get_open_subscribed_requests($db) {
+  function get_open_subscribed_requests($db)
+  {
       $requests = array();
       $all_subs = get_subscribed_requests($db);
       foreach ($all_subs as $sub) {
@@ -78,7 +110,8 @@
       return $requests;
   }
 
-  function get_closed_subscribed_requests($db) {
+  function get_closed_subscribed_requests($db)
+  {
       $requests = array();
       $all_subs = get_subscribed_requests($db);
       foreach ($all_subs as $sub) {
@@ -89,7 +122,8 @@
       return $requests;
   }
 
-  function get_request($db, $uuid) {
+  function get_request($db, $uuid)
+  {
       $ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
       $ticket_sql = $db->prepare($ticket_stmt);
       $ticket_sql->bindParam(':uuid', $uuid);
@@ -101,7 +135,8 @@
   }
 
 
-  function get_updates($db, $request) {
+  function get_updates($db, $request)
+  {
       $updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
       $updates_sql = $db->prepare($updates_stmt);
       $updates_sql->bindParam(':uuid', $request['uuid']);
@@ -111,7 +146,8 @@
       return $updates_result;
   }
 
-  function get_files($db, $request) {
+  function get_files($db, $request)
+  {
       $stmt = "SELECT * FROM ticket_uploads WHERE ticket=:uuid";
       $sql = $db->prepare($stmt);
       $sql->bindParam(':uuid', $request['uuid']);
@@ -121,7 +157,8 @@
       return $result;
   }
 
-  function get_single_file($db, $fileid) {
+  function get_single_file($db, $fileid)
+  {
       $stmt = "SELECT * FROM ticket_uploads WHERE id=:fileid";
       $sql = $db->prepare($stmt);
       $sql->bindParam(':fileid', $fileid);
@@ -132,7 +169,8 @@
       return $file;
   }
 
-  function get_subscribers($db, $request) {
+  function get_subscribers($db, $request)
+  {
       $subs = array();
       $users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
       $users_sql = $db->prepare($users_stmt);
@@ -146,6 +184,11 @@
       return $subs;
   }
 
-  function isAuthorised($user, $authorised_users, $request) {
-    if ( in_array($user, $authorised_users) || $_SESSION['uuid'] == $request['created_by']) { return true; } else { return false; }
+  function isAuthorised($user, $authorised_users, $request)
+  {
+      if (in_array($user, $authorised_users) || $_SESSION['uuid'] == $request['created_by']) {
+          return true;
+      } else {
+          return false;
+      }
   }

app/includes/footer.php

@@ -1,9 +1,9 @@
 <footer class="footer mt-auto py-3">
   <div class="text-center text-muted">
     <?php
-      echo($_ENV['APP_NAME'] . " v" . $_ENV['APP_VERSION']);
+      echo($_ENV['APP_NAME'] . " " . get_version() . "<br>");
       if ($_ENV['APP_NAME'] != "FHeD") {
-          echo(", powered by FHeD");
+          echo("Powered by FHeD.");
       };
     ?><br>
     <?php if (is_signed_in()) {

app/public/actions/login.php

@@ -17,16 +17,7 @@
         $alert = array("danger", "Error during OpenID Connect authentication: " . $e->getMessage());
     }
 
-    // Check if the user already exists
-    try {
-      $user_exist_sql = $db->prepare("SELECT uuid FROM users WHERE uuid=:uuid");
-      $user_exist_sql->bindParam(':uuid', $oidc_user['sub']);
-      $user_exist_sql->execute();
-    } catch (PDOException $e) {
-      $alert = array("danger", "Error during check for user record: " . $e->getMessage());
-    }
-
-    if (empty($user_exist_sql)) {
+    if (user_exists($db, $oidc_user['sub']) == false) {
         // User doesn't already exist
         try {
             $stmt = "INSERT INTO users (uuid, uid, given_name, family_name, email) VALUES (:sub, :username, :given, :family, :email)";
@@ -37,7 +28,9 @@
             $sql->bindParam(':family', $oidc_user['family_name']);
             $sql->bindParam(':email', $oidc_user['email']);
             $sql->execute();
-      } catch (Jumbojett\PDOException $e) {
+        } catch (PDOException $e) {
+            echo("Error during creation of new user record: " . $e->getMessage());
+            die();
             $alert = array("danger", "Error during creation of new user record: " . $e->getMessage());
         }
     } else {
@@ -51,7 +44,9 @@
             $sql->bindParam(':family', $oidc_user['family_name']);
             $sql->bindParam(':email', $oidc_user['email']);
             $sql->execute();
-      } catch (Jumbojett\PDOException $e) {
+        } catch (PDOException $e) {
+            echo("Error during existing user record update: " . $e->getMessage());
+            die();
             $alert = array("danger", "Error during existing user record update: " . $e->getMessage());
         }
     }
@@ -62,4 +57,3 @@
     $_SESSION['is_signed_in'] = "true";
 
     header('Location: /');
-?>