Clear database after orphaned files removal

plaintext passwd not correctly removed from logs
Fixes #74

CHANGELOG.md

@@ -1,3 +1,8 @@
+## v2.6.5
++ Fixed error after orphaned files removal #74.
++ Fixed update password not correctly removed from log files #74.
++ Changed color to some buttons to address visibility with some themes.
+
 ## v2.6.4
 + Filter on displayable images.
 + Fixed during upload error on php compiled for 32 bit.

app/Controllers/AdminController.php

@@ -62,6 +62,8 @@ class AdminController extends Controller
 			}
 		}
 
+		$this->database->query('DELETE FROM `uploads` WHERE `user_id` IS NULL');
+
 		$this->session->alert(lang('deleted_orphans', [$deleted]));
 
 		return redirect($response, 'system');

app/Controllers/Controller.php

@@ -17,6 +17,7 @@ use Slim\Container;
  * @property Logger|null logger
  * @property Filesystem|null storage
  * @property Lang lang
+ * @property array settings
  */
 abstract class Controller
 {

app/Controllers/UserController.php

@@ -97,7 +97,7 @@ class UserController extends Controller
 		]);
 
 		$this->session->alert(lang('user_created', [$request->getParam('username')]), 'success');
-		$this->logger->info('User ' . $this->session->get('username') . ' created a new user.', [array_diff($request->getParams(), ['password'])]);
+		$this->logger->info('User ' . $this->session->get('username') . ' created a new user.', [array_diff_key($request->getParams(), array_flip(['password']))]);
 
 		return redirect($response, 'user.index');
 	}
@@ -183,7 +183,10 @@ class UserController extends Controller
 		}
 
 		$this->session->alert(lang('user_updated', [$request->getParam('username')]), 'success');
-		$this->logger->info('User ' . $this->session->get('username') . " updated $user->id.", [$user, array_diff($request->getParams(), ['password'])]);
+		$this->logger->info('User ' . $this->session->get('username') . " updated $user->id.", [
+			array_diff_key((array)$user, array_flip(['password'])),
+			array_diff_key($request->getParams(), array_flip(['password'])),
+		]);
 
 		return redirect($response, 'user.index');
 

app/routes.php

@@ -1,57 +1,68 @@
 <?php
 // Auth routes
+use App\Controllers\AdminController;
+use App\Controllers\DashboardController;
+use App\Controllers\LoginController;
+use App\Controllers\ThemeController;
+use App\Controllers\UpgradeController;
+use App\Controllers\UploadController;
+use App\Controllers\UserController;
+use App\Middleware\AdminMiddleware;
+use App\Middleware\AuthMiddleware;
+use App\Middleware\CheckForMaintenanceMiddleware;
+
 $app->group('', function () {
-	$this->get('/home[/page/{page}]', \App\Controllers\DashboardController::class . ':home')->setName('home');
+	$this->get('/home[/page/{page}]', DashboardController::class . ':home')->setName('home');
 
 	$this->group('', function () {
-		$this->get('/home/switchView', \App\Controllers\DashboardController::class . ':switchView')->setName('switchView');
+		$this->get('/home/switchView', DashboardController::class . ':switchView')->setName('switchView');
 
-		$this->get('/system/deleteOrphanFiles', \App\Controllers\AdminController::class . ':deleteOrphanFiles')->setName('system.deleteOrphanFiles');
+		$this->get('/system/deleteOrphanFiles', AdminController::class . ':deleteOrphanFiles')->setName('system.deleteOrphanFiles');
 
-		$this->get('/system/themes', \App\Controllers\ThemeController::class . ':getThemes')->setName('theme');
-		$this->post('/system/theme/apply', \App\Controllers\ThemeController::class . ':applyTheme')->setName('theme.apply');
+		$this->get('/system/themes', ThemeController::class . ':getThemes')->setName('theme');
+		$this->post('/system/theme/apply', ThemeController::class . ':applyTheme')->setName('theme.apply');
 
-		$this->post('/system/lang/apply', \App\Controllers\AdminController::class . ':applyLang')->setName('lang.apply');
+		$this->post('/system/lang/apply', AdminController::class . ':applyLang')->setName('lang.apply');
 
-		$this->post('/system/upgrade', \App\Controllers\UpgradeController::class . ':upgrade')->setName('system.upgrade');
-		$this->get('/system/checkForUpdates', \App\Controllers\UpgradeController::class . ':checkForUpdates')->setName('system.checkForUpdates');
+		$this->post('/system/upgrade', UpgradeController::class . ':upgrade')->setName('system.upgrade');
+		$this->get('/system/checkForUpdates', UpgradeController::class . ':checkForUpdates')->setName('system.checkForUpdates');
 
-		$this->get('/system', \App\Controllers\AdminController::class . ':system')->setName('system');
+		$this->get('/system', AdminController::class . ':system')->setName('system');
 
-		$this->get('/users[/page/{page}]', \App\Controllers\UserController::class . ':index')->setName('user.index');
-	})->add(\App\Middleware\AdminMiddleware::class);
+		$this->get('/users[/page/{page}]', UserController::class . ':index')->setName('user.index');
+	})->add(AdminMiddleware::class);
 
 	$this->group('/user', function () {
 
-		$this->get('/create', \App\Controllers\UserController::class . ':create')->setName('user.create');
-		$this->post('/create', \App\Controllers\UserController::class . ':store')->setName('user.store');
-		$this->get('/{id}/edit', \App\Controllers\UserController::class . ':edit')->setName('user.edit');
-		$this->post('/{id}', \App\Controllers\UserController::class . ':update')->setName('user.update');
-		$this->get('/{id}/delete', \App\Controllers\UserController::class . ':delete')->setName('user.delete');
-	})->add(\App\Middleware\AdminMiddleware::class);
-
-	$this->get('/profile', \App\Controllers\UserController::class . ':profile')->setName('profile');
-	$this->post('/profile/{id}', \App\Controllers\UserController::class . ':profileEdit')->setName('profile.update');
-	$this->post('/user/{id}/refreshToken', \App\Controllers\UserController::class . ':refreshToken')->setName('refreshToken');
-	$this->get('/user/{id}/config/sharex', \App\Controllers\UserController::class . ':getShareXconfigFile')->setName('config.sharex');
-	$this->get('/user/{id}/config/script', \App\Controllers\UserController::class . ':getUploaderScriptFile')->setName('config.script');
-
-	$this->post('/upload/{id}/publish', \App\Controllers\UploadController::class . ':togglePublish')->setName('upload.publish');
-	$this->post('/upload/{id}/unpublish', \App\Controllers\UploadController::class . ':togglePublish')->setName('upload.unpublish');
-	$this->get('/upload/{id}/raw', \App\Controllers\UploadController::class . ':getRawById')->add(\App\Middleware\AdminMiddleware::class)->setName('upload.raw');
-	$this->post('/upload/{id}/delete', \App\Controllers\UploadController::class . ':delete')->setName('upload.delete');
-
-})->add(App\Middleware\CheckForMaintenanceMiddleware::class)->add(\App\Middleware\AuthMiddleware::class);
-
-$app->get('/', \App\Controllers\DashboardController::class . ':redirects')->setName('root');
-$app->get('/login', \App\Controllers\LoginController::class . ':show')->setName('login.show');
-$app->post('/login', \App\Controllers\LoginController::class . ':login')->setName('login');
-$app->map(['GET', 'POST'], '/logout', \App\Controllers\LoginController::class . ':logout')->setName('logout');
-
-$app->post('/upload', \App\Controllers\UploadController::class . ':upload')->setName('upload');
-
-$app->get('/{userCode}/{mediaCode}', \App\Controllers\UploadController::class . ':show')->setName('public');
-$app->get('/{userCode}/{mediaCode}/delete/{token}', \App\Controllers\UploadController::class . ':show')->setName('public.delete.show')->add(\App\Middleware\CheckForMaintenanceMiddleware::class);;
-$app->post('/{userCode}/{mediaCode}/delete/{token}', \App\Controllers\UploadController::class . ':deleteByToken')->setName('public.delete')->add(\App\Middleware\CheckForMaintenanceMiddleware::class);;
-$app->get('/{userCode}/{mediaCode}/raw', \App\Controllers\UploadController::class . ':showRaw')->setName('public.raw')->setOutputBuffering(false);
-$app->get('/{userCode}/{mediaCode}/download', \App\Controllers\UploadController::class . ':download')->setName('public.download')->setOutputBuffering(false);
+		$this->get('/create', UserController::class . ':create')->setName('user.create');
+		$this->post('/create', UserController::class . ':store')->setName('user.store');
+		$this->get('/{id}/edit', UserController::class . ':edit')->setName('user.edit');
+		$this->post('/{id}', UserController::class . ':update')->setName('user.update');
+		$this->get('/{id}/delete', UserController::class . ':delete')->setName('user.delete');
+	})->add(AdminMiddleware::class);
+
+	$this->get('/profile', UserController::class . ':profile')->setName('profile');
+	$this->post('/profile/{id}', UserController::class . ':profileEdit')->setName('profile.update');
+	$this->post('/user/{id}/refreshToken', UserController::class . ':refreshToken')->setName('refreshToken');
+	$this->get('/user/{id}/config/sharex', UserController::class . ':getShareXconfigFile')->setName('config.sharex');
+	$this->get('/user/{id}/config/script', UserController::class . ':getUploaderScriptFile')->setName('config.script');
+
+	$this->post('/upload/{id}/publish', UploadController::class . ':togglePublish')->setName('upload.publish');
+	$this->post('/upload/{id}/unpublish', UploadController::class . ':togglePublish')->setName('upload.unpublish');
+	$this->get('/upload/{id}/raw', UploadController::class . ':getRawById')->add(AdminMiddleware::class)->setName('upload.raw');
+	$this->post('/upload/{id}/delete', UploadController::class . ':delete')->setName('upload.delete');
+
+})->add(App\Middleware\CheckForMaintenanceMiddleware::class)->add(AuthMiddleware::class);
+
+$app->get('/', DashboardController::class . ':redirects')->setName('root');
+$app->get('/login', LoginController::class . ':show')->setName('login.show');
+$app->post('/login', LoginController::class . ':login')->setName('login');
+$app->map(['GET', 'POST'], '/logout', LoginController::class . ':logout')->setName('logout');
+
+$app->post('/upload', UploadController::class . ':upload')->setName('upload');
+
+$app->get('/{userCode}/{mediaCode}', UploadController::class . ':show')->setName('public');
+$app->get('/{userCode}/{mediaCode}/delete/{token}', UploadController::class . ':show')->setName('public.delete.show')->add(CheckForMaintenanceMiddleware::class);
+$app->post('/{userCode}/{mediaCode}/delete/{token}', UploadController::class . ':deleteByToken')->setName('public.delete')->add(CheckForMaintenanceMiddleware::class);
+$app->get('/{userCode}/{mediaCode}/raw', UploadController::class . ':showRaw')->setName('public.raw')->setOutputBuffering(false);
+$app->get('/{userCode}/{mediaCode}/download', UploadController::class . ':download')->setName('public.download')->setOutputBuffering(false);

composer.json

@@ -1,6 +1,6 @@
 {
   "name": "sergix44/xbackbone",
-  "version": "2.6.4",
+  "version": "2.6.5",
   "description": "A lightweight ShareX PHP backend",
   "type": "project",
   "require": {

composer.lock

@@ -4,20 +4,20 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "4df20787f0e03ad691f0eb848cc7b25d",
+    "content-hash": "ebbdff1fa0c06d25785f6d437dc7e11f",
     "packages": [
         {
             "name": "aws/aws-sdk-php",
-            "version": "3.112.0",
+            "version": "3.112.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/aws/aws-sdk-php.git",
-                "reference": "1e21446c6780a3b9b5e4315bd6d4347d2c3381eb"
+                "reference": "0d7a3ecb5dca10d1872ee5106cb154cbef52cf1c"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/1e21446c6780a3b9b5e4315bd6d4347d2c3381eb",
-                "reference": "1e21446c6780a3b9b5e4315bd6d4347d2c3381eb",
+                "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/0d7a3ecb5dca10d1872ee5106cb154cbef52cf1c",
+                "reference": "0d7a3ecb5dca10d1872ee5106cb154cbef52cf1c",
                 "shasum": ""
             },
             "require": {
@@ -87,7 +87,7 @@
                 "s3",
                 "sdk"
             ],
-            "time": "2019-09-12T18:09:53+00:00"
+            "time": "2019-09-17T18:07:57+00:00"
         },
         {
             "name": "container-interop/container-interop",
@@ -2553,16 +2553,16 @@
         },
         {
             "name": "phpstan/phpstan",
-            "version": "0.11.15",
+            "version": "0.11.16",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpstan/phpstan.git",
-                "reference": "1be5b3a706db16ac472a4c40ec03cf4c810b118d"
+                "reference": "635cf20f3b92ce34ee94a8d2f282d62eb9dc6e1b"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpstan/phpstan/zipball/1be5b3a706db16ac472a4c40ec03cf4c810b118d",
-                "reference": "1be5b3a706db16ac472a4c40ec03cf4c810b118d",
+                "url": "https://api.github.com/repos/phpstan/phpstan/zipball/635cf20f3b92ce34ee94a8d2f282d62eb9dc6e1b",
+                "reference": "635cf20f3b92ce34ee94a8d2f282d62eb9dc6e1b",
                 "shasum": ""
             },
             "require": {
@@ -2614,8 +2614,7 @@
             "autoload": {
                 "psr-4": {
                     "PHPStan\\": [
-                        "src/",
-                        "build/PHPStan"
+                        "src/"
                     ]
                 }
             },
@@ -2624,7 +2623,7 @@
                 "MIT"
             ],
             "description": "PHPStan - PHP Static Analysis Tool",
-            "time": "2019-08-18T20:51:53+00:00"
+            "time": "2019-09-17T11:19:51+00:00"
         },
         {
             "name": "symfony/console",

resources/templates/dashboard/admin.twig

@@ -54,8 +54,8 @@
                                             <td class="text-right">
                                                 <div class="btn-group">
                                                     {% if media.username is not null %}
-                                                        <a href="{{ urlFor('/' ~ media.user_code ~ '/' ~ media.code ~ '.' ~ media.extension) }}" class="btn btn-sm btn-outline-dark" data-toggle="tooltip" title="{{ lang('open') }}" target="_blank"><i class="fas fa-external-link-alt"></i></a>
-                                                        <a href="{{ urlFor('/' ~ media.user_code ~ '/' ~ media.code ~ '.' ~ media.extension ~ '/download') }}" class="btn btn-sm btn-outline-secondary" data-toggle="tooltip" title="{{ lang('download') }}"><i class="fas fa-cloud-download-alt"></i></a>
+                                                        <a href="{{ urlFor('/' ~ media.user_code ~ '/' ~ media.code ~ '.' ~ media.extension) }}" class="btn btn-sm btn-outline-secondary" data-toggle="tooltip" title="{{ lang('open') }}" target="_blank"><i class="fas fa-external-link-alt"></i></a>
+                                                        <a href="{{ urlFor('/' ~ media.user_code ~ '/' ~ media.code ~ '.' ~ media.extension ~ '/download') }}" class="btn btn-sm btn-outline-primary" data-toggle="tooltip" title="{{ lang('download') }}"><i class="fas fa-cloud-download-alt"></i></a>
                                                         <a href="javascript:void(0)" class="btn btn-sm btn-outline-success btn-clipboard" data-toggle="tooltip" title="{{ lang('copy_link') }}" data-clipboard-text="{{ urlFor('/' ~ media.user_code ~ '/' ~ media.code ~ '.' ~ media.extension) }}"><i class="fas fa-link"></i></a>
                                                     {% else %}
                                                         <a href="{{ route('upload.raw', {'id': media.id}) }}" class="btn btn-sm btn-outline-dark" data-toggle="tooltip" title="{{ lang('raw') }}" target="_blank"><i class="fas fa-external-link-alt"></i></a>