public function install() { // check install status $installed = false; try { $qres = $this->db->_db->query("SELECT 1 FROM `auth` LIMIT 1"); if ($qres !== false) { $installed = true; } $qres->closeCursor(); } catch (Exception $ex) { } // Check docs template $this->checkStorageTemplate(); if ($installed) { return "Database detected, skipping full installation."; } // Install database $schemapath = $_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . "library/installer/schemas/install.sql"; if (!file_exists($schemapath)) { return "Schema does not exist"; } $sql = file_get_contents($schemapath); try { $result = $this->db->_db->exec($sql); if ($result !== false) { // use setup var provided in request if (isset($_REQUEST['setupvars'])) { $setupvars = json_decode($_REQUEST['setupvars']); // set admin hash and disable staff user $authMdl = new AuthModel(); $authMdl->setDisabled(2, true); $authMdl->edit(1, null, $setupvars->adminhash); // Setup general info echo "Setup variables processed.\n"; } // start node server (restart to be safe) $socket = new WposSocketControl(); $socket->restartSocketServer(['error' => 'OK']); } } catch (Exception $e) { return $e->getMessage(); } return "Setup Completed Successfully!"; }
/** * Update user * @param $result * @return mixed */ public function updateUser($result) { // prevent updating of master admin username if ($this->data->id == 1 && !isset($this->data->pass)) { $result['error'] = "Only the master admin password may be updated."; return $result; } // validate input $jsonval = new JsonValidate($this->data, '{"id":1, "username":"", "admin":1}'); if (($errors = $jsonval->validate()) !== true) { $result['error'] = $errors; return $result; } $authMdl = new AuthModel(); if ($this->data->id == 1) { // Only rhe admin users password can be updated $qresult = $authMdl->edit($this->data->id, $this->data->username, $this->data->pass); unset($this->data->permissions); unset($this->data->admin); } else { $dupitems = $authMdl->get(0, 0, null, $this->data->username); if (sizeof($dupitems) > 0) { $dupitem = $dupitems[0]; if ($dupitem['id'] != $this->data->id) { $result['error'] = "The username specified is already taken"; return $result; } } // generate permissions object $permObj = ["sections" => $this->data->permissions, "apicalls" => []]; foreach ($this->data->permissions as $key => $value) { switch ($key) { case "access": if ($value != "no") { $permObj['apicalls'][] = "adminconfig/get"; } break; case "dashboard": if ($value == "both" || $value == "standard") { $permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['readapicalls']['dashboard']); } if ($value == "both" || $value == "realtime") { $permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['readapicalls']['realtime']); } break; default: switch ($value) { case 2: // add write api calls if (isset($this->permissionMap['editapicalls'][$key])) { $permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['editapicalls'][$key]); } case 1: // add read api calls if (isset($this->permissionMap['readapicalls'][$key])) { $permObj['apicalls'] = array_merge($permObj['apicalls'], $this->permissionMap['readapicalls'][$key]); } break; } } } if ($this->data->pass == "") { $qresult = $authMdl->edit($this->data->id, $this->data->username, null, $this->data->admin, json_encode($permObj)); } else { $qresult = $authMdl->edit($this->data->id, $this->data->username, $this->data->pass, $this->data->admin, json_encode($permObj)); } } if ($qresult === false) { $result['error'] = "Could not update the user"; } else { $result['data'] = true; // log data unset($this->data->pass); Logger::write("User updated with id:" . $this->data->id, "USER", json_encode($this->data)); } return $result; }