From 044470512171bff64f5e1103ae01c9dc4e3a0e3b Mon Sep 17 00:00:00 2001 From: Sergio Brighenti Date: Thu, 15 Nov 2018 17:10:43 +0100 Subject: [PATCH] Added warn when try do download an invalid config --- app/Controllers/Controller.php | 2 +- app/Controllers/LoginController.php | 4 +- app/Controllers/UserController.php | 50 +++++++++++++---------- install/templates/install.twig | 23 +---------- resources/templates/base.twig | 8 +--- resources/templates/comp/footer.twig | 4 +- resources/templates/dashboard/admin.twig | 2 - resources/templates/dashboard/home.twig | 2 - resources/templates/dashboard/system.twig | 2 - resources/templates/errors/500.twig | 2 - resources/templates/user/create.twig | 1 - resources/templates/user/edit.twig | 1 - resources/templates/user/index.twig | 2 +- src/js/app.js | 4 +- 14 files changed, 37 insertions(+), 70 deletions(-) diff --git a/app/Controllers/Controller.php b/app/Controllers/Controller.php index 0774509..05bc587 100644 --- a/app/Controllers/Controller.php +++ b/app/Controllers/Controller.php @@ -7,7 +7,6 @@ use League\Flysystem\Adapter\Local; use League\Flysystem\FileNotFoundException; use League\Flysystem\Filesystem; use Slim\Container; -use Slim\Http\Response; abstract class Controller { @@ -57,6 +56,7 @@ abstract class Controller try { $totalSize += $filesystem->getSize($media->storage_path); } catch (FileNotFoundException $e) { + $this->logger->error('Error calculating file size', [$e->getTraceAsString()]); } } diff --git a/app/Controllers/LoginController.php b/app/Controllers/LoginController.php index 6bcb3d2..1d5593f 100644 --- a/app/Controllers/LoginController.php +++ b/app/Controllers/LoginController.php @@ -57,7 +57,7 @@ class LoginController extends Controller return $response->withRedirect(Session::get('redirectTo')); } - return redirect($response,'/home'); + return redirect($response, '/home'); } /** @@ -70,7 +70,7 @@ class LoginController extends Controller Session::clear(); Session::set('logged', false); Session::alert('Goodbye!', 'warning'); - return redirect($response,'/login'); + return redirect($response, '/login'); } } \ No newline at end of file diff --git a/app/Controllers/UserController.php b/app/Controllers/UserController.php index 0465136..c4aff23 100644 --- a/app/Controllers/UserController.php +++ b/app/Controllers/UserController.php @@ -58,22 +58,22 @@ class UserController extends Controller { if ($request->getParam('email') === null) { Session::alert('The email is required.', 'danger'); - return redirect($response,'/user/create'); + return redirect($response, '/user/create'); } if ($request->getParam('username') === null) { Session::alert('The username is required.', 'danger'); - return redirect($response,'/user/create'); + return redirect($response, '/user/create'); } if ($request->getParam('password') === null) { Session::alert('The password is required.', 'danger'); - return redirect($response,'/user/create'); + return redirect($response, '/user/create'); } if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `username` = ?', $request->getParam('username'))->fetch()->count > 0) { Session::alert('The username already taken.', 'danger'); - return redirect($response,'/user/create'); + return redirect($response, '/user/create'); } do { @@ -89,13 +89,13 @@ class UserController extends Controller $request->getParam('is_admin') !== null, $request->getParam('is_active') !== null, $userCode, - $token + $token, ]); Session::alert("User '{$request->getParam('username')}' created!", 'success'); $this->logger->info('User ' . Session::get('username') . ' created a new user.', [array_diff($request->getParams(), ['password'])]); - return redirect($response,'/users'); + return redirect($response, '/users'); } /** @@ -115,7 +115,7 @@ class UserController extends Controller return $this->view->render($response, 'user/edit.twig', [ 'profile' => false, - 'user' => $user + 'user' => $user, ]); } @@ -136,22 +136,22 @@ class UserController extends Controller if ($request->getParam('email') === null) { Session::alert('The email is required.', 'danger'); - return redirect($response,'/user/' . $args['id'] . '/edit'); + return redirect($response, '/user/' . $args['id'] . '/edit'); } if ($request->getParam('username') === null) { Session::alert('The username is required.', 'danger'); - return redirect($response,'/user/' . $args['id'] . '/edit'); + return redirect($response, '/user/' . $args['id'] . '/edit'); } if ($this->database->query('SELECT COUNT(*) AS `count` FROM `users` WHERE `username` = ? AND `username` <> ?', [$request->getParam('username'), $user->username])->fetch()->count > 0) { Session::alert('The username already taken.', 'danger'); - return redirect($response,'/user/' . $args['id'] . '/edit'); + return redirect($response, '/user/' . $args['id'] . '/edit'); } if ($user->id === Session::get('user_id') && $request->getParam('is_admin') === null) { Session::alert('You cannot demote yourself.', 'danger'); - return redirect($response,'/user/' . $args['id'] . '/edit'); + return redirect($response, '/user/' . $args['id'] . '/edit'); } if ($request->getParam('password') !== null && !empty($request->getParam('password'))) { @@ -161,7 +161,7 @@ class UserController extends Controller password_hash($request->getParam('password'), PASSWORD_DEFAULT), $request->getParam('is_admin') !== null, $request->getParam('is_active') !== null, - $user->id + $user->id, ]); } else { $this->database->query('UPDATE `users` SET `email`=?, `username`=?, `is_admin`=?, `active`=? WHERE `id` = ?', [ @@ -169,14 +169,14 @@ class UserController extends Controller $request->getParam('username'), $request->getParam('is_admin') !== null, $request->getParam('is_active') !== null, - $user->id + $user->id, ]); } Session::alert("User '{$request->getParam('username')}' updated!", 'success'); $this->logger->info('User ' . Session::get('username') . " updated $user->id.", [$user, array_diff($request->getParams(), ['password'])]); - return redirect($response,'/users'); + return redirect($response, '/users'); } @@ -197,7 +197,7 @@ class UserController extends Controller if ($user->id === Session::get('user_id')) { Session::alert('You cannot delete yourself.', 'danger'); - return redirect($response,'/users'); + return redirect($response, '/users'); } $this->database->query('DELETE FROM `users` WHERE `id` = ?', $user->id); @@ -205,7 +205,7 @@ class UserController extends Controller Session::alert('User deleted.', 'success'); $this->logger->info('User ' . Session::get('username') . " deleted $user->id."); - return redirect($response,'/users'); + return redirect($response, '/users'); } /** @@ -229,7 +229,7 @@ class UserController extends Controller return $this->view->render($response, 'user/edit.twig', [ 'profile' => true, - 'user' => $user + 'user' => $user, ]); } @@ -255,26 +255,26 @@ class UserController extends Controller if ($request->getParam('email') === null) { Session::alert('The email is required.', 'danger'); - return redirect($response,'/profile'); + return redirect($response, '/profile'); } if ($request->getParam('password') !== null && !empty($request->getParam('password'))) { $this->database->query('UPDATE `users` SET `email`=?, `password`=? WHERE `id` = ?', [ $request->getParam('email'), password_hash($request->getParam('password'), PASSWORD_DEFAULT), - $user->id + $user->id, ]); } else { $this->database->query('UPDATE `users` SET `email`=? WHERE `id` = ?', [ $request->getParam('email'), - $user->id + $user->id, ]); } Session::alert('Profile updated successfully!', 'success'); $this->logger->info('User ' . Session::get('username') . " updated profile of $user->id."); - return redirect($response,'/profile'); + return redirect($response, '/profile'); } /** @@ -301,7 +301,7 @@ class UserController extends Controller $this->database->query('UPDATE `users` SET `token`=? WHERE `id` = ?', [ $token, - $user->id + $user->id, ]); $this->logger->info('User ' . Session::get('username') . " refreshed token of user $user->id."); @@ -331,6 +331,11 @@ class UserController extends Controller throw new UnauthorizedException(); } + if ($user->token === null || $user->token === '') { + Session::alert('You don\'t have a personal upload token. (Click the update token button and try again)', 'danger'); + return $response->withRedirect($request->getHeaderLine('HTTP_REFERER')); + } + $base_url = $this->settings['base_url']; $json = [ 'DestinationType' => 'ImageUploader, TextUploader, FileUploader', @@ -343,6 +348,7 @@ class UserController extends Controller ], 'URL' => '$json:url$', 'ThumbnailURL' => '$json:url$/raw', + 'DeletionURL' => '$json:url$/delete', ]; return $response diff --git a/install/templates/install.twig b/install/templates/install.twig index 5c58f9c..2f23916 100644 --- a/install/templates/install.twig +++ b/install/templates/install.twig @@ -1,7 +1,7 @@ - Installing XBackBone | XBackBone + Installing XBackBone @@ -16,27 +16,6 @@ -
diff --git a/resources/templates/base.twig b/resources/templates/base.twig index 0bebf37..c89ec62 100644 --- a/resources/templates/base.twig +++ b/resources/templates/base.twig @@ -5,12 +5,10 @@ - - @@ -19,11 +17,7 @@ - + {% block head %}{% endblock %} diff --git a/resources/templates/comp/footer.twig b/resources/templates/comp/footer.twig index 3443dcf..03293f3 100644 --- a/resources/templates/comp/footer.twig +++ b/resources/templates/comp/footer.twig @@ -1,7 +1,5 @@ \ No newline at end of file diff --git a/resources/templates/dashboard/admin.twig b/resources/templates/dashboard/admin.twig index a8652f5..fb512ad 100644 --- a/resources/templates/dashboard/admin.twig +++ b/resources/templates/dashboard/admin.twig @@ -3,9 +3,7 @@ {% block title %}Admin Home{% endblock %} {% block content %} - {% include 'comp/navbar.twig' %} -
{% include 'comp/alert.twig' %} {% if medias|length > 0 %} diff --git a/resources/templates/dashboard/home.twig b/resources/templates/dashboard/home.twig index 6571e29..04ee31a 100644 --- a/resources/templates/dashboard/home.twig +++ b/resources/templates/dashboard/home.twig @@ -3,9 +3,7 @@ {% block title %}Home{% endblock %} {% block content %} - {% include 'comp/navbar.twig' %} -
{% include 'comp/alert.twig' %} {% if medias|length > 0 %} diff --git a/resources/templates/dashboard/system.twig b/resources/templates/dashboard/system.twig index 73f72e6..0707429 100644 --- a/resources/templates/dashboard/system.twig +++ b/resources/templates/dashboard/system.twig @@ -3,9 +3,7 @@ {% block title %}System{% endblock %} {% block content %} - {% include 'comp/navbar.twig' %} -
diff --git a/resources/templates/errors/500.twig b/resources/templates/errors/500.twig index 9cd6308..80dc5de 100644 --- a/resources/templates/errors/500.twig +++ b/resources/templates/errors/500.twig @@ -13,7 +13,6 @@
{% if config.displayErrorDetails %} -
@@ -27,5 +26,4 @@
{% endif %}
- {% endblock %} \ No newline at end of file diff --git a/resources/templates/user/create.twig b/resources/templates/user/create.twig index 2103824..f5362fa 100644 --- a/resources/templates/user/create.twig +++ b/resources/templates/user/create.twig @@ -4,7 +4,6 @@ {% block content %} {% include 'comp/navbar.twig' %} -
{% include 'comp/alert.twig' %}
diff --git a/resources/templates/user/edit.twig b/resources/templates/user/edit.twig index 7f96cc2..c5a854a 100644 --- a/resources/templates/user/edit.twig +++ b/resources/templates/user/edit.twig @@ -4,7 +4,6 @@ {% block content %} {% include 'comp/navbar.twig' %} -
{% include 'comp/alert.twig' %}
diff --git a/resources/templates/user/index.twig b/resources/templates/user/index.twig index ef19721..2d92639 100644 --- a/resources/templates/user/index.twig +++ b/resources/templates/user/index.twig @@ -9,7 +9,7 @@
- Add User + Add User
diff --git a/src/js/app.js b/src/js/app.js index 6fb4d79..6c06b6e 100644 --- a/src/js/app.js +++ b/src/js/app.js @@ -9,7 +9,7 @@ var app = { $('.refresh-token').click(app.refreshToken); $('#themes').mousedown(app.loadThemes); - $('.alert').fadeTo(2000, 500).slideUp(500, function () { + $('.alert').fadeTo(4000, 500).slideUp(500, function () { $('.alert').slideUp(500); }); @@ -82,7 +82,7 @@ var app = { $themes.unbind('mousedown'); }, telegramShare: function () { - $("").attr("href", $('#telegram-share-button').data('url') + $('#telegram-share-text').val()).attr("target", "_blank")[0].click(); + window.open($('#telegram-share-button').data('url') + $('#telegram-share-text').val(), '_blank'); } };