Compare commits
13 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
23bf431c74 | ||
|
|
4bced68a09 | ||
|
4d3ace9d67 | ||
|
e9f1b8477a | ||
| 9809b028d4 | |||
| da5d7ffa53 | |||
| 02c397bca2 | |||
| a4ae987f94 | |||
|
|
26c4f801d3 | ||
|
|
49581da52c | ||
| 57faf21a67 | |||
| 5ff90e0d78 | |||
| 7a4a1074c5 |
2
.github/workflows/deploy.yml
vendored
2
.github/workflows/deploy.yml
vendored
@@ -15,7 +15,7 @@ jobs:
|
|||||||
- id: release
|
- id: release
|
||||||
uses: rymndhng/release-on-push-action@master
|
uses: rymndhng/release-on-push-action@master
|
||||||
with:
|
with:
|
||||||
bump_version_scheme: minor
|
bump_version_scheme: patch
|
||||||
|
|
||||||
- name: Check Output Parameters
|
- name: Check Output Parameters
|
||||||
run: |
|
run: |
|
||||||
|
|||||||
2
.github/workflows/stale.yml
vendored
2
.github/workflows/stale.yml
vendored
@@ -10,7 +10,7 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/stale@v1
|
- uses: actions/stale@v3
|
||||||
with:
|
with:
|
||||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
stale-issue-message: 'This issue has been marked as stale due to inactivity. If this issue is still ongoing, please leave a comment.'
|
stale-issue-message: 'This issue has been marked as stale due to inactivity. If this issue is still ongoing, please leave a comment.'
|
||||||
|
|||||||
@@ -4,6 +4,8 @@ RUN composer --working-dir=/srv install
|
|||||||
|
|
||||||
FROM php:apache
|
FROM php:apache
|
||||||
LABEL maintainer="Luke Tainton <luke@tainton.uk>"
|
LABEL maintainer="Luke Tainton <luke@tainton.uk>"
|
||||||
|
ARG VERSION
|
||||||
RUN docker-php-ext-install pdo_mysql && a2enmod rewrite remoteip
|
RUN docker-php-ext-install pdo_mysql && a2enmod rewrite remoteip
|
||||||
COPY vhost.conf /etc/apache2/sites-enabled/000-default.conf
|
COPY vhost.conf /etc/apache2/sites-enabled/000-default.conf
|
||||||
COPY --from=build /srv /srv
|
COPY --from=build /srv /srv
|
||||||
|
RUN echo $VERSION > /srv/includes/VERSION
|
||||||
|
|||||||
@@ -13,3 +13,5 @@ OIDC_HOST = ""
|
|||||||
OIDC_CLIENT_ID = ""
|
OIDC_CLIENT_ID = ""
|
||||||
OIDC_CLIENT_SECRET = ""
|
OIDC_CLIENT_SECRET = ""
|
||||||
OIDC_DISABLE_SSL = ""
|
OIDC_DISABLE_SSL = ""
|
||||||
|
|
||||||
|
SENTRY_ENVIRONMENT = ""
|
||||||
|
|||||||
@@ -1,7 +1,8 @@
|
|||||||
{
|
{
|
||||||
"require": {
|
"require": {
|
||||||
"ramsey/uuid": "^4.0",
|
"ramsey/uuid": "^4.0",
|
||||||
"vlucas/phpdotenv": "^5.0",
|
"vlucas/phpdotenv": "^5.0",
|
||||||
"jumbojett/openid-connect-php": "^0.9.0"
|
"jumbojett/openid-connect-php": "^0.9.0",
|
||||||
}
|
"sentry/sdk": "^3.0"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
1741
app/composer.lock
generated
1741
app/composer.lock
generated
File diff suppressed because it is too large
Load Diff
@@ -1,53 +1,105 @@
|
|||||||
<?php
|
<?php
|
||||||
function get_all_users($db) {
|
|
||||||
try {
|
function get_version()
|
||||||
$stmt = "SELECT * FROM users";
|
{
|
||||||
$sql = $db->prepare($stmt);
|
$version = "v" . file_get_contents(__DIR__ . '/VERSION');
|
||||||
$sql->execute();
|
return $version;
|
||||||
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
|
||||||
$result = $sql->fetchAll();
|
|
||||||
} catch (PDOException $e) {
|
|
||||||
echo("Error: " . $e->getMessage());
|
|
||||||
}
|
|
||||||
return $result;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_user_name($db, $user_uuid) {
|
function oidc_set_vars($sub, $uid, $fname, $lname, $email)
|
||||||
try {
|
{
|
||||||
$stmt = "SELECT given_name, family_name FROM users WHERE uuid=:uuid";
|
$_SESSION['uuid'] = $sub;
|
||||||
$sql = $db->prepare($stmt);
|
$_SESSION['username'] = $uid;
|
||||||
$sql->bindParam(':uuid', $user_uuid);
|
$_SESSION['given_name'] = $fname;
|
||||||
$sql->execute();
|
$_SESSION['family_name'] = $lname;
|
||||||
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
$_SESSION['full_name'] = $fname . " " . $lname;
|
||||||
$result = $sql->fetchAll();
|
$_SESSION['email'] = $email;
|
||||||
$usr = $result[0]['given_name'] . " " . $result[0]['family_name'];
|
|
||||||
} catch (PDOException $e) {
|
|
||||||
echo("Error: " . $e->getMessage());
|
|
||||||
}
|
|
||||||
return $usr;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_my_open_requests($db) {
|
function is_signed_in()
|
||||||
$ticket_stmt = "SELECT * FROM tickets WHERE created_by=:uuid AND status != 'Closed'";
|
{
|
||||||
$ticket_sql = $db->prepare($ticket_stmt);
|
if (isset($_SESSION['is_signed_in'])) {
|
||||||
$ticket_sql->bindParam(':uuid', $_SESSION['uuid']);
|
return true;
|
||||||
$ticket_sql->execute();
|
} else {
|
||||||
$ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
|
return false;
|
||||||
$ticket_result = $ticket_sql->fetchAll();
|
}
|
||||||
return $ticket_result;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_my_closed_requests($db) {
|
function user_exists($db, $uuid)
|
||||||
$ticket_stmt = "SELECT * FROM tickets WHERE created_by=:uuid AND status = 'Closed'";
|
{
|
||||||
$ticket_sql = $db->prepare($ticket_stmt);
|
try {
|
||||||
$ticket_sql->bindParam(':uuid', $_SESSION['uuid']);
|
$sql = $db->prepare("SELECT uuid FROM users WHERE uuid=:uuid");
|
||||||
$ticket_sql->execute();
|
$sql->bindParam(':uuid', $uuid);
|
||||||
$ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
|
$sql->execute();
|
||||||
$ticket_result = $ticket_sql->fetchAll();
|
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
return $ticket_result;
|
$result = $sql->fetchAll();
|
||||||
|
} catch (PDOException $e) {
|
||||||
|
throw new Exception("Error in user_exists(): " . $e->getMessage());
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
if (empty($result)) {
|
||||||
|
return false;
|
||||||
|
} else {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_subscribed_requests($db) {
|
function get_all_users($db)
|
||||||
|
{
|
||||||
|
try {
|
||||||
|
$stmt = "SELECT * FROM users";
|
||||||
|
$sql = $db->prepare($stmt);
|
||||||
|
$sql->execute();
|
||||||
|
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
|
$result = $sql->fetchAll();
|
||||||
|
} catch (PDOException $e) {
|
||||||
|
throw new Exception("Error in get_all_users(): " . $e->getMessage());
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_user_name($db, $user_uuid)
|
||||||
|
{
|
||||||
|
try {
|
||||||
|
$stmt = "SELECT given_name, family_name FROM users WHERE uuid=:uuid";
|
||||||
|
$sql = $db->prepare($stmt);
|
||||||
|
$sql->bindParam(':uuid', $user_uuid);
|
||||||
|
$sql->execute();
|
||||||
|
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
|
$result = $sql->fetchAll();
|
||||||
|
$usr = $result[0]['given_name'] . " " . $result[0]['family_name'];
|
||||||
|
} catch (PDOException $e) {
|
||||||
|
throw new Exception("Error in get_user_name(): " . $e->getMessage());
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
return $usr;
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_my_open_requests($db)
|
||||||
|
{
|
||||||
|
$ticket_stmt = "SELECT * FROM tickets WHERE created_by=:uuid AND status != 'Closed'";
|
||||||
|
$ticket_sql = $db->prepare($ticket_stmt);
|
||||||
|
$ticket_sql->bindParam(':uuid', $_SESSION['uuid']);
|
||||||
|
$ticket_sql->execute();
|
||||||
|
$ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
|
$ticket_result = $ticket_sql->fetchAll();
|
||||||
|
return $ticket_result;
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_my_closed_requests($db)
|
||||||
|
{
|
||||||
|
$ticket_stmt = "SELECT * FROM tickets WHERE created_by=:uuid AND status = 'Closed'";
|
||||||
|
$ticket_sql = $db->prepare($ticket_stmt);
|
||||||
|
$ticket_sql->bindParam(':uuid', $_SESSION['uuid']);
|
||||||
|
$ticket_sql->execute();
|
||||||
|
$ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
|
$ticket_result = $ticket_sql->fetchAll();
|
||||||
|
return $ticket_result;
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_subscribed_requests($db)
|
||||||
|
{
|
||||||
$requests = array();
|
$requests = array();
|
||||||
$sub_tickets_stmt = "SELECT ticket_uuid FROM ticket_subscribers WHERE user_uuid=:uuid";
|
$sub_tickets_stmt = "SELECT ticket_uuid FROM ticket_subscribers WHERE user_uuid=:uuid";
|
||||||
$sub_tickets_sql = $db->prepare($sub_tickets_stmt);
|
$sub_tickets_sql = $db->prepare($sub_tickets_stmt);
|
||||||
@@ -56,96 +108,108 @@
|
|||||||
$sub_tickets_sql->setFetchMode(PDO::FETCH_ASSOC);
|
$sub_tickets_sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
$sub_tickets_result = $sub_tickets_sql->fetchAll();
|
$sub_tickets_result = $sub_tickets_sql->fetchAll();
|
||||||
foreach ($sub_tickets_result as $tkt) {
|
foreach ($sub_tickets_result as $tkt) {
|
||||||
$stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
|
$stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
|
||||||
$sql = $db->prepare($stmt);
|
$sql = $db->prepare($stmt);
|
||||||
$sql->bindParam(':uuid', $tkt['ticket_uuid']);
|
$sql->bindParam(':uuid', $tkt['ticket_uuid']);
|
||||||
$sql->execute();
|
$sql->execute();
|
||||||
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
$result = $sql->fetchAll();
|
$result = $sql->fetchAll();
|
||||||
array_push($requests, $result[0]);
|
array_push($requests, $result[0]);
|
||||||
}
|
}
|
||||||
return $requests;
|
return $requests;
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_open_subscribed_requests($db) {
|
function get_open_subscribed_requests($db)
|
||||||
$requests = array();
|
{
|
||||||
$all_subs = get_subscribed_requests($db);
|
$requests = array();
|
||||||
foreach ($all_subs as $sub) {
|
$all_subs = get_subscribed_requests($db);
|
||||||
if ($sub['status'] != 'Closed') {
|
foreach ($all_subs as $sub) {
|
||||||
array_push($requests, $sub);
|
if ($sub['status'] != 'Closed') {
|
||||||
|
array_push($requests, $sub);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
return $requests;
|
||||||
return $requests;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_closed_subscribed_requests($db) {
|
function get_closed_subscribed_requests($db)
|
||||||
$requests = array();
|
{
|
||||||
$all_subs = get_subscribed_requests($db);
|
$requests = array();
|
||||||
foreach ($all_subs as $sub) {
|
$all_subs = get_subscribed_requests($db);
|
||||||
if ($sub['status'] == 'Closed') {
|
foreach ($all_subs as $sub) {
|
||||||
array_push($requests, $sub);
|
if ($sub['status'] == 'Closed') {
|
||||||
|
array_push($requests, $sub);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
return $requests;
|
||||||
return $requests;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_request($db, $uuid) {
|
function get_request($db, $uuid)
|
||||||
$ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
|
{
|
||||||
$ticket_sql = $db->prepare($ticket_stmt);
|
$ticket_stmt = "SELECT * FROM tickets WHERE uuid=:uuid";
|
||||||
$ticket_sql->bindParam(':uuid', $uuid);
|
$ticket_sql = $db->prepare($ticket_stmt);
|
||||||
$ticket_sql->execute();
|
$ticket_sql->bindParam(':uuid', $uuid);
|
||||||
$ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
|
$ticket_sql->execute();
|
||||||
$ticket_result = $ticket_sql->fetchAll();
|
$ticket_sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
$request = $ticket_result[0];
|
$ticket_result = $ticket_sql->fetchAll();
|
||||||
return $request;
|
$request = $ticket_result[0];
|
||||||
|
return $request;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
function get_updates($db, $request) {
|
function get_updates($db, $request)
|
||||||
$updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
|
{
|
||||||
$updates_sql = $db->prepare($updates_stmt);
|
$updates_stmt = "SELECT * FROM ticket_updates WHERE ticket=:uuid";
|
||||||
$updates_sql->bindParam(':uuid', $request['uuid']);
|
$updates_sql = $db->prepare($updates_stmt);
|
||||||
$updates_sql->execute();
|
$updates_sql->bindParam(':uuid', $request['uuid']);
|
||||||
$updates_sql->setFetchMode(PDO::FETCH_ASSOC);
|
$updates_sql->execute();
|
||||||
$updates_result = $updates_sql->fetchAll();
|
$updates_sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
return $updates_result;
|
$updates_result = $updates_sql->fetchAll();
|
||||||
|
return $updates_result;
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_files($db, $request) {
|
function get_files($db, $request)
|
||||||
$stmt = "SELECT * FROM ticket_uploads WHERE ticket=:uuid";
|
{
|
||||||
$sql = $db->prepare($stmt);
|
$stmt = "SELECT * FROM ticket_uploads WHERE ticket=:uuid";
|
||||||
$sql->bindParam(':uuid', $request['uuid']);
|
$sql = $db->prepare($stmt);
|
||||||
$sql->execute();
|
$sql->bindParam(':uuid', $request['uuid']);
|
||||||
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
$sql->execute();
|
||||||
$result = $sql->fetchAll();
|
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
return $result;
|
$result = $sql->fetchAll();
|
||||||
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_single_file($db, $fileid) {
|
function get_single_file($db, $fileid)
|
||||||
$stmt = "SELECT * FROM ticket_uploads WHERE id=:fileid";
|
{
|
||||||
$sql = $db->prepare($stmt);
|
$stmt = "SELECT * FROM ticket_uploads WHERE id=:fileid";
|
||||||
$sql->bindParam(':fileid', $fileid);
|
$sql = $db->prepare($stmt);
|
||||||
$sql->execute();
|
$sql->bindParam(':fileid', $fileid);
|
||||||
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
$sql->execute();
|
||||||
$result = $sql->fetchAll();
|
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
$file = $result[0];
|
$result = $sql->fetchAll();
|
||||||
return $file;
|
$file = $result[0];
|
||||||
|
return $file;
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_subscribers($db, $request) {
|
function get_subscribers($db, $request)
|
||||||
$subs = array();
|
{
|
||||||
$users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
|
$subs = array();
|
||||||
$users_sql = $db->prepare($users_stmt);
|
$users_stmt = "SELECT user_uuid FROM ticket_subscribers WHERE ticket_uuid=:uuid";
|
||||||
$users_sql->bindParam(':uuid', $request['uuid']);
|
$users_sql = $db->prepare($users_stmt);
|
||||||
$users_sql->execute();
|
$users_sql->bindParam(':uuid', $request['uuid']);
|
||||||
$users_sql->setFetchMode(PDO::FETCH_ASSOC);
|
$users_sql->execute();
|
||||||
$users_result = $users_sql->fetchAll();
|
$users_sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||||
foreach ($users_result as $u) {
|
$users_result = $users_sql->fetchAll();
|
||||||
array_push($subs, $u['user_uuid']);
|
foreach ($users_result as $u) {
|
||||||
}
|
array_push($subs, $u['user_uuid']);
|
||||||
return $subs;
|
}
|
||||||
|
return $subs;
|
||||||
}
|
}
|
||||||
|
|
||||||
function isAuthorised($user, $authorised_users, $request) {
|
function isAuthorised($user, $authorised_users, $request)
|
||||||
if ( in_array($user, $authorised_users) || $_SESSION['uuid'] == $request['created_by']) { return true; } else { return false; }
|
{
|
||||||
|
if (in_array($user, $authorised_users) || $_SESSION['uuid'] == $request['created_by']) {
|
||||||
|
return true;
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,9 +1,10 @@
|
|||||||
|
</main>
|
||||||
<footer class="footer mt-auto py-3">
|
<footer class="footer mt-auto py-3">
|
||||||
<div class="text-center text-muted">
|
<div class="text-center text-muted">
|
||||||
<?php
|
<?php
|
||||||
echo($_ENV['APP_NAME'] . " v" . $_ENV['APP_VERSION']);
|
echo($_ENV['APP_NAME'] . " " . get_version());
|
||||||
if ($_ENV['APP_NAME'] != "FHeD") {
|
if ($_ENV['APP_NAME'] != "FHeD") {
|
||||||
echo(", powered by FHeD");
|
echo("| Powered by FHeD");
|
||||||
};
|
};
|
||||||
?><br>
|
?><br>
|
||||||
<?php if (is_signed_in()) {
|
<?php if (is_signed_in()) {
|
||||||
|
|||||||
@@ -10,7 +10,7 @@
|
|||||||
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
|
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
|
||||||
<meta name="theme-color" content="#563d7c">
|
<meta name="theme-color" content="#563d7c">
|
||||||
<link rel="icon" type="image/png" href="/favicon.png">
|
<link rel="icon" type="image/png" href="/favicon.png">
|
||||||
<title><?php echo( $PAGE_TITLE ); ?></title>
|
<title><?php echo($PAGE_TITLE); ?></title>
|
||||||
|
|
||||||
<!-- Bootstrap core CSS -->
|
<!-- Bootstrap core CSS -->
|
||||||
<link rel="stylesheet" href="/css/bootstrap.min.css">
|
<link rel="stylesheet" href="/css/bootstrap.min.css">
|
||||||
@@ -19,6 +19,8 @@
|
|||||||
</head>
|
</head>
|
||||||
|
|
||||||
<body class="d-flex flex-column h-100">
|
<body class="d-flex flex-column h-100">
|
||||||
|
<!-- Begin page content -->
|
||||||
|
<main role="main" class="flex-shrink-0">
|
||||||
<header>
|
<header>
|
||||||
<!-- Fixed navbar -->
|
<!-- Fixed navbar -->
|
||||||
<nav class="navbar navbar-expand-md navbar-dark fixed-top bg-dark">
|
<nav class="navbar navbar-expand-md navbar-dark fixed-top bg-dark">
|
||||||
@@ -32,10 +34,14 @@
|
|||||||
<a class="nav-link" href="/">Home</a>
|
<a class="nav-link" href="/">Home</a>
|
||||||
</li>
|
</li>
|
||||||
<li class="nav-item">
|
<li class="nav-item">
|
||||||
<a class="nav-link <?php if (!is_signed_in()) {echo(' disabled');} ?>" href="/new">New request</a>
|
<a class="nav-link <?php if (!is_signed_in()) {
|
||||||
|
echo(' disabled');
|
||||||
|
} ?>" href="/new">New request</a>
|
||||||
</li>
|
</li>
|
||||||
<li class="nav-item">
|
<li class="nav-item">
|
||||||
<a class="nav-link <?php if (!is_signed_in()) {echo(' disabled');} ?>" href="/existing">Existing requests</a>
|
<a class="nav-link <?php if (!is_signed_in()) {
|
||||||
|
echo(' disabled');
|
||||||
|
} ?>" href="/existing">Existing requests</a>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
<div class="mt-2 mt-md-0">
|
<div class="mt-2 mt-md-0">
|
||||||
|
|||||||
@@ -7,17 +7,27 @@ require_once __DIR__ . "/../vendor/autoload.php";
|
|||||||
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . "/..");
|
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . "/..");
|
||||||
$dotenv->load();
|
$dotenv->load();
|
||||||
|
|
||||||
|
// Custom functions
|
||||||
|
require_once __DIR__ . "/app_functions.php";
|
||||||
|
|
||||||
|
// Sentry
|
||||||
|
Sentry\init([
|
||||||
|
'dsn' => 'https://7c4607ed5e804d08926cc0bbc0d3fbe9@app.glitchtip.com/59',
|
||||||
|
'release' => get_version(),
|
||||||
|
]);
|
||||||
|
|
||||||
// Database auto-generation
|
// Database auto-generation
|
||||||
if (file_exists("/../includes/install.php")) {
|
if (file_exists("/../includes/install.php")) {
|
||||||
return;
|
return;
|
||||||
add_action('run_db_populate');
|
add_action('run_db_populate');
|
||||||
}
|
}
|
||||||
|
|
||||||
function run_db_populate() {
|
function run_db_populate()
|
||||||
|
{
|
||||||
// all my glorious one-time-magic.
|
// all my glorious one-time-magic.
|
||||||
include( "/../includes/install.php" );
|
include("/../includes/install.php");
|
||||||
// after all execution rename your file;
|
// after all execution rename your file;
|
||||||
rename( "/../includes/install.php", "/../includes/install-backup.php");
|
rename("/../includes/install.php", "/../includes/install-backup.php");
|
||||||
}
|
}
|
||||||
|
|
||||||
// Session
|
// Session
|
||||||
@@ -29,30 +39,9 @@ $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|||||||
|
|
||||||
// OpenID Connect
|
// OpenID Connect
|
||||||
use Jumbojett\OpenIDConnectClient;
|
use Jumbojett\OpenIDConnectClient;
|
||||||
|
|
||||||
$oidc = new OpenIDConnectClient($_ENV['OIDC_HOST'], $_ENV['OIDC_CLIENT_ID'], $_ENV['OIDC_CLIENT_SECRET']);
|
$oidc = new OpenIDConnectClient($_ENV['OIDC_HOST'], $_ENV['OIDC_CLIENT_ID'], $_ENV['OIDC_CLIENT_SECRET']);
|
||||||
if ($_ENV['OIDC_DISABLE_SSL'] == "true") {
|
if ($_ENV['OIDC_DISABLE_SSL'] == "true") {
|
||||||
$oidc->setVerifyHost(false);
|
$oidc->setVerifyHost(false);
|
||||||
$oidc->setVerifyPeer(false);
|
$oidc->setVerifyPeer(false);
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
// Custom functions
|
|
||||||
|
|
||||||
require_once __DIR__ . "/app_functions.php";
|
|
||||||
|
|
||||||
function oidc_set_vars($sub, $uid, $fname, $lname, $email) {
|
|
||||||
$_SESSION['uuid'] = $sub;
|
|
||||||
$_SESSION['username'] = $uid;
|
|
||||||
$_SESSION['given_name'] = $fname;
|
|
||||||
$_SESSION['family_name'] = $lname;
|
|
||||||
$_SESSION['full_name'] = $fname . " " . $lname;
|
|
||||||
$_SESSION['email'] = $email;
|
|
||||||
}
|
|
||||||
|
|
||||||
function is_signed_in() {
|
|
||||||
if (isset($_SESSION['is_signed_in'])) {
|
|
||||||
return true;
|
|
||||||
} else {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -4,9 +4,9 @@
|
|||||||
|
|
||||||
// Perform the OIDC authentication
|
// Perform the OIDC authentication
|
||||||
try {
|
try {
|
||||||
$oidc->authenticate();
|
$oidc->authenticate();
|
||||||
$_SESSION['access_token'] = $oidc->requestClientCredentialsToken()->access_token;
|
$_SESSION['access_token'] = $oidc->requestClientCredentialsToken()->access_token;
|
||||||
$oidc_user = array(
|
$oidc_user = array(
|
||||||
'sub' => $oidc->requestUserInfo('sub'),
|
'sub' => $oidc->requestUserInfo('sub'),
|
||||||
'username' => $oidc->requestUserInfo('preferred_username'),
|
'username' => $oidc->requestUserInfo('preferred_username'),
|
||||||
'given_name' => $oidc->requestUserInfo('given_name'),
|
'given_name' => $oidc->requestUserInfo('given_name'),
|
||||||
@@ -14,46 +14,41 @@
|
|||||||
'email' => $oidc->requestUserInfo('email'),
|
'email' => $oidc->requestUserInfo('email'),
|
||||||
);
|
);
|
||||||
} catch (Jumbojett\OpenIDConnectClientException $e) {
|
} catch (Jumbojett\OpenIDConnectClientException $e) {
|
||||||
$alert = array("danger", "Error during OpenID Connect authentication: " . $e->getMessage());
|
$alert = array("danger", "Error during OpenID Connect authentication: " . $e->getMessage());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the user already exists
|
if (user_exists($db, $oidc_user['sub']) == false) {
|
||||||
try {
|
// User doesn't already exist
|
||||||
$user_exist_sql = $db->prepare("SELECT uuid FROM users WHERE uuid=:uuid");
|
try {
|
||||||
$user_exist_sql->bindParam(':uuid', $oidc_user['sub']);
|
$stmt = "INSERT INTO users (uuid, uid, given_name, family_name, email) VALUES (:sub, :username, :given, :family, :email)";
|
||||||
$user_exist_sql->execute();
|
$sql = $db->prepare($stmt);
|
||||||
} catch (PDOException $e) {
|
$sql->bindParam(':sub', $oidc_user['sub']);
|
||||||
$alert = array("danger", "Error during check for user record: " . $e->getMessage());
|
$sql->bindParam(':username', $oidc_user['username']);
|
||||||
}
|
$sql->bindParam(':given', $oidc_user['given_name']);
|
||||||
|
$sql->bindParam(':family', $oidc_user['family_name']);
|
||||||
if (empty($user_exist_sql)) {
|
$sql->bindParam(':email', $oidc_user['email']);
|
||||||
// User doesn't already exist
|
$sql->execute();
|
||||||
try {
|
} catch (PDOException $e) {
|
||||||
$stmt = "INSERT INTO users (uuid, uid, given_name, family_name, email) VALUES (:sub, :username, :given, :family, :email)";
|
echo("Error during creation of new user record: " . $e->getMessage());
|
||||||
$sql = $db->prepare($stmt);
|
die();
|
||||||
$sql->bindParam(':sub', $oidc_user['sub']);
|
$alert = array("danger", "Error during creation of new user record: " . $e->getMessage());
|
||||||
$sql->bindParam(':username', $oidc_user['username']);
|
}
|
||||||
$sql->bindParam(':given', $oidc_user['given_name']);
|
|
||||||
$sql->bindParam(':family', $oidc_user['family_name']);
|
|
||||||
$sql->bindParam(':email', $oidc_user['email']);
|
|
||||||
$sql->execute();
|
|
||||||
} catch (Jumbojett\PDOException $e) {
|
|
||||||
$alert = array("danger", "Error during creation of new user record: " . $e->getMessage());
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
// User already exists
|
// User already exists
|
||||||
try {
|
try {
|
||||||
$stmt = "UPDATE users SET uid=:username, given_name=:given, family_name=:family, email=:email WHERE uuid=:sub";
|
$stmt = "UPDATE users SET uid=:username, given_name=:given, family_name=:family, email=:email WHERE uuid=:sub";
|
||||||
$sql = $db->prepare($stmt);
|
$sql = $db->prepare($stmt);
|
||||||
$sql->bindParam(':sub', $oidc_user['sub']);
|
$sql->bindParam(':sub', $oidc_user['sub']);
|
||||||
$sql->bindParam(':username', $oidc_user['username']);
|
$sql->bindParam(':username', $oidc_user['username']);
|
||||||
$sql->bindParam(':given', $oidc_user['given_name']);
|
$sql->bindParam(':given', $oidc_user['given_name']);
|
||||||
$sql->bindParam(':family', $oidc_user['family_name']);
|
$sql->bindParam(':family', $oidc_user['family_name']);
|
||||||
$sql->bindParam(':email', $oidc_user['email']);
|
$sql->bindParam(':email', $oidc_user['email']);
|
||||||
$sql->execute();
|
$sql->execute();
|
||||||
} catch (Jumbojett\PDOException $e) {
|
} catch (PDOException $e) {
|
||||||
$alert = array("danger", "Error during existing user record update: " . $e->getMessage());
|
echo("Error during existing user record update: " . $e->getMessage());
|
||||||
}
|
die();
|
||||||
|
$alert = array("danger", "Error during existing user record update: " . $e->getMessage());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
oidc_set_vars($oidc_user['sub'], $oidc_user['username'], $oidc_user['given_name'], $oidc_user['family_name'], $oidc_user['email']);
|
oidc_set_vars($oidc_user['sub'], $oidc_user['username'], $oidc_user['given_name'], $oidc_user['family_name'], $oidc_user['email']);
|
||||||
@@ -62,4 +57,3 @@
|
|||||||
$_SESSION['is_signed_in'] = "true";
|
$_SESSION['is_signed_in'] = "true";
|
||||||
|
|
||||||
header('Location: /');
|
header('Location: /');
|
||||||
?>
|
|
||||||
|
|||||||
@@ -3,21 +3,17 @@
|
|||||||
require_once __DIR__ . "/../includes/header.php";
|
require_once __DIR__ . "/../includes/header.php";
|
||||||
|
|
||||||
if (is_signed_in()) {
|
if (is_signed_in()) {
|
||||||
$requests = get_my_open_requests($db);
|
$requests = get_my_open_requests($db);
|
||||||
$subscriptions = get_open_subscribed_requests($db);
|
$subscriptions = get_open_subscribed_requests($db);
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<!-- Begin page content -->
|
|
||||||
<main role="main" class="flex-shrink-0">
|
|
||||||
|
|
||||||
<section>
|
<section>
|
||||||
<?php
|
<?php
|
||||||
if(isset($alert)) {
|
if (isset($alert)) {
|
||||||
echo("
|
echo("
|
||||||
<div class='container'>
|
<div class='container'>
|
||||||
<div class='alert alert-" . $alert[0] . " alert-dismissible fade show' role='alert'>
|
<div class='alert alert-" . $alert[0] . " alert-dismissible fade show' role='alert'>
|
||||||
" . $alert[1] . "
|
" . $alert[1] . "
|
||||||
@@ -27,7 +23,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
");
|
");
|
||||||
unset($alert);
|
unset($alert);
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
</section>
|
</section>
|
||||||
@@ -37,7 +33,11 @@
|
|||||||
<h1>Welcome to <?php echo($_ENV['APP_NAME']); ?></h1>
|
<h1>Welcome to <?php echo($_ENV['APP_NAME']); ?></h1>
|
||||||
<p class="lead text-muted">
|
<p class="lead text-muted">
|
||||||
<?php
|
<?php
|
||||||
if ($_ENV['APP_NAME'] == "FHeD") {echo("The Free HelpDesk");} else {echo($_ENV['APP_NAME']);};
|
if ($_ENV['APP_NAME'] == "FHeD") {
|
||||||
|
echo("The Free HelpDesk");
|
||||||
|
} else {
|
||||||
|
echo($_ENV['APP_NAME']);
|
||||||
|
};
|
||||||
?>
|
?>
|
||||||
is the one-stop shop for all of your IT-related needs. Let us know how we can help you by opening a request.
|
is the one-stop shop for all of your IT-related needs. Let us know how we can help you by opening a request.
|
||||||
</p>
|
</p>
|
||||||
@@ -63,10 +63,10 @@
|
|||||||
<ul class="list-group list-group-flush">
|
<ul class="list-group list-group-flush">
|
||||||
<?php
|
<?php
|
||||||
if (count($requests) == 0) {
|
if (count($requests) == 0) {
|
||||||
echo("<center><b>No open tickets</b></center>");
|
echo("<center><b>No open tickets</b></center>");
|
||||||
} else {
|
} else {
|
||||||
foreach($requests as $tkt) {
|
foreach ($requests as $tkt) {
|
||||||
?>
|
?>
|
||||||
<li class="list-group-item">
|
<li class="list-group-item">
|
||||||
<div class="container">
|
<div class="container">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
@@ -80,7 +80,9 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</li>
|
</li>
|
||||||
<?php } } ?>
|
<?php
|
||||||
|
}
|
||||||
|
} ?>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
@@ -93,9 +95,9 @@
|
|||||||
<ul class="list-group list-group-flush">
|
<ul class="list-group list-group-flush">
|
||||||
<?php
|
<?php
|
||||||
if (count($subscriptions) == 0) {
|
if (count($subscriptions) == 0) {
|
||||||
echo("<center><b>No subscribed tickets</b></center>");
|
echo("<center><b>No subscribed tickets</b></center>");
|
||||||
} else {
|
} else {
|
||||||
foreach($subscriptions as $sub) { ?>
|
foreach ($subscriptions as $sub) { ?>
|
||||||
<li class="list-group-item">
|
<li class="list-group-item">
|
||||||
<div class="container">
|
<div class="container">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
@@ -109,7 +111,8 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</li>
|
</li>
|
||||||
<?php } } ?>
|
<?php }
|
||||||
|
} ?>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
</section>
|
</section>
|
||||||
@@ -118,8 +121,6 @@
|
|||||||
</div>
|
</div>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
|
|
||||||
</main>
|
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
require_once __DIR__ . "/../includes/footer.php";
|
require_once __DIR__ . "/../includes/footer.php";
|
||||||
?>
|
?>
|
||||||
|
|||||||
Reference in New Issue
Block a user