This repository has been archived on 2024-09-05. You can view files and clone it, but cannot push or open issues or pull requests.
shimmie2/ext/admin/main.php

271 lines
8.7 KiB
PHP
Raw Normal View History

<?php
2010-01-05 10:11:53 +00:00
2009-07-21 04:18:40 +01:00
/**
* Sent when the admin page is ready to be added to
*/
class AdminBuildingEvent extends Event
{
2019-05-28 20:27:23 +01:00
/** @var Page */
public $page;
public function __construct(Page $page)
{
$this->page = $page;
}
}
class AdminActionEvent extends Event
{
/** @var string */
public $action;
/** @var bool */
public $redirect = true;
2014-04-27 19:29:36 -04:00
public function __construct(string $action)
{
$this->action = $action;
}
2012-03-10 12:57:13 +00:00
}
class AdminPage extends Extension
{
public function onPageRequest(PageRequestEvent $event)
{
global $page, $user;
if ($event->page_matches("admin")) {
2019-07-09 09:10:21 -05:00
if (!$user->can(Permissions::MANAGE_ADMINTOOLS)) {
$this->theme->display_permission_denied();
} else {
if ($event->count_args() == 0) {
send_event(new AdminBuildingEvent($page));
} else {
$action = $event->get_arg(0);
$aae = new AdminActionEvent($action);
if ($user->check_auth_token()) {
log_info("admin", "Util: $action");
set_time_limit(0);
send_event($aae);
}
if ($aae->redirect) {
2019-06-18 20:58:28 -05:00
$page->set_mode(PageMode::REDIRECT);
$page->set_redirect(make_link("admin"));
}
}
}
}
}
public function onCommand(CommandEvent $event)
{
if ($event->cmd == "help") {
2019-10-04 20:48:21 +01:00
print "\tget-page <query string>\n";
print "\t\teg 'get-page post/list'\n\n";
2019-11-27 16:10:12 +00:00
print "\tpost-page <query string> <urlencoded params>\n";
print "\t\teg 'post-page ip_ban/delete id=1'\n\n";
print "\tget-token\n";
print "\t\tget a CSRF auth token\n\n";
2019-10-04 20:48:21 +01:00
print "\tregen-thumb <id / hash>\n";
print "\t\tregenerate a thumbnail\n\n";
}
if ($event->cmd == "get-page") {
global $page;
2019-12-15 15:31:44 +00:00
if (isset($event->args[1])) {
parse_str($event->args[1], $_GET);
}
send_event(new PageRequestEvent($event->args[0]));
$page->display();
}
2019-11-27 16:10:12 +00:00
if ($event->cmd == "post-page") {
global $page;
$_SERVER['REQUEST_METHOD'] = "POST";
2019-12-15 15:31:44 +00:00
if (isset($event->args[1])) {
parse_str($event->args[1], $_POST);
}
2019-11-27 16:10:12 +00:00
send_event(new PageRequestEvent($event->args[0]));
$page->display();
}
if ($event->cmd == "get-token") {
global $user;
print($user->get_auth_token());
}
if ($event->cmd == "regen-thumb") {
2019-10-04 20:48:21 +01:00
$uid = $event->args[0];
$image = Image::by_id_or_hash($uid);
if ($image) {
send_event(new ThumbnailGenerationEvent($image->hash, $image->ext, true));
} else {
2019-10-04 20:48:21 +01:00
print("No post with ID '$uid'\n");
}
}
}
public function onAdminBuilding(AdminBuildingEvent $event)
{
$this->theme->display_page();
$this->theme->display_form();
}
public function onPageSubNavBuilding(PageSubNavBuildingEvent $event)
{
global $user;
2019-09-29 14:30:55 +01:00
if ($event->parent==="system") {
if ($user->can(Permissions::MANAGE_ADMINTOOLS)) {
$event->add_nav_link("admin", new Link('admin'), "Board Admin");
}
}
}
public function onUserBlockBuilding(UserBlockBuildingEvent $event)
{
global $user;
2019-07-09 09:10:21 -05:00
if ($user->can(Permissions::MANAGE_ADMINTOOLS)) {
$event->add_link("Board Admin", make_link("admin"));
}
}
public function onAdminAction(AdminActionEvent $event)
{
$action = $event->action;
if (method_exists($this, $action)) {
$event->redirect = $this->$action();
}
}
private function set_tag_case()
{
global $database;
$database->execute($database->scoreql_to_sql(
"UPDATE tags SET tag=:tag1 WHERE LOWER(tag) = LOWER(:tag2)"
), ["tag1" => $_POST['tag'], "tag2" => $_POST['tag']]);
log_info("admin", "Fixed the case of ".html_escape($_POST['tag']), "Fixed case");
return true;
}
private function lowercase_all_tags()
{
global $database;
$database->execute("UPDATE tags SET tag=lower(tag)");
log_warning("admin", "Set all tags to lowercase", "Set all tags to lowercase");
return true;
}
private function recount_tag_use()
{
global $database;
$database->Execute("
2009-07-28 01:19:40 +01:00
UPDATE tags
SET count = COALESCE(
(SELECT COUNT(image_id) FROM image_tags WHERE tag_id=tags.id GROUP BY tag_id),
2009-07-28 01:19:40 +01:00
0
2012-03-10 12:57:13 +00:00
)
");
$database->Execute("DELETE FROM tags WHERE count=0");
log_warning("admin", "Re-counted tags", "Re-counted tags");
return true;
}
private function database_dump()
{
global $page;
$matches = [];
preg_match("#^(?P<proto>\w+)\:(?:user=(?P<user>\w+)(?:;|$)|password=(?P<password>\w*)(?:;|$)|host=(?P<host>[\w\.\-]+)(?:;|$)|dbname=(?P<dbname>[\w_]+)(?:;|$))+#", DATABASE_DSN, $matches);
$software = $matches['proto'];
$username = $matches['user'];
$password = $matches['password'];
$hostname = $matches['host'];
$database = $matches['dbname'];
switch ($software) {
case DatabaseDriver::MYSQL:
$cmd = "mysqldump -h$hostname -u$username -p$password $database";
break;
case DatabaseDriver::PGSQL:
putenv("PGPASSWORD=$password");
$cmd = "pg_dump -h $hostname -U $username $database";
break;
case DatabaseDriver::SQLITE:
$cmd = "sqlite3 $database .dump";
break;
default:
$cmd = false;
}
//FIXME: .SQL dump is empty if cmd doesn't exist
if ($cmd) {
2019-06-18 20:58:28 -05:00
$page->set_mode(PageMode::DATA);
$page->set_type("application/x-unknown");
$page->set_filename('shimmie-'.date('Ymd').'.sql');
$page->set_data(shell_exec($cmd));
}
return false;
}
private function download_all_images()
{
global $database, $page;
$images = $database->get_all("SELECT hash, ext FROM images");
$filename = data_path('imgdump-'.date('Ymd').'.zip');
$zip = new ZipArchive;
if ($zip->open($filename, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE) === true) {
foreach ($images as $img) {
$img_loc = warehouse_path(Image::IMAGE_DIR, $img["hash"], false);
$zip->addFile($img_loc, $img["hash"].".".$img["ext"]);
}
$zip->close();
}
2019-06-18 20:58:28 -05:00
$page->set_mode(PageMode::REDIRECT);
$page->set_redirect(make_link($filename)); //TODO: Delete file after downloaded?
return false; // we do want a redirect, but a manual one
}
private function reset_image_ids()
{
global $database;
//TODO: Make work with PostgreSQL + SQLite
//TODO: Update score_log (Having an optional ID column for score_log would be nice..)
preg_match("#^(?P<proto>\w+)\:(?:user=(?P<user>\w+)(?:;|$)|password=(?P<password>\w*)(?:;|$)|host=(?P<host>[\w\.\-]+)(?:;|$)|dbname=(?P<dbname>[\w_]+)(?:;|$))+#", DATABASE_DSN, $matches);
if ($matches['proto'] == DatabaseDriver::MYSQL) {
$tables = $database->get_col("SELECT TABLE_NAME
FROM information_schema.KEY_COLUMN_USAGE
WHERE TABLE_SCHEMA = :db
AND REFERENCED_COLUMN_NAME = 'id'
AND REFERENCED_TABLE_NAME = 'images'", ["db" => $matches['dbname']]);
$i = 1;
$ids = $database->get_col("SELECT id FROM images ORDER BY images.id ASC");
foreach ($ids as $id) {
$sql = "SET FOREIGN_KEY_CHECKS=0;
UPDATE images SET id={$i} WHERE image_id={$id};";
foreach ($tables as $table) {
$sql .= "UPDATE {$table} SET image_id={$i} WHERE image_id={$id};";
}
$sql .= " SET FOREIGN_KEY_CHECKS=1;";
$database->execute($sql);
$i++;
}
$database->execute("ALTER TABLE images AUTO_INCREMENT=".(count($ids) + 1));
} elseif ($matches['proto'] == DatabaseDriver::PGSQL) {
2019-11-04 01:04:08 +00:00
throw new SCoreException("TODO: Make this work with PostgreSQL");
} elseif ($matches['proto'] == DatabaseDriver::SQLITE) {
2019-11-04 01:04:08 +00:00
throw new SCoreException("TODO: Make this work with SQLite");
}
return true;
}
}