/**
* create a token and give you the ouput
* actually it's a bit of cheating
* if a token already exist for the given path we return it
* otherwise, we create a new one
*/
public function create_token($path = NULL)
{
// default path is the token folder
if (!isset($path)) {
$path = Settings::$photos_dir . "/tokenfolder";
}
// do we already have a token ?
$tokens = GuestToken::find_for_path(File::a2r($path), true);
if (!empty($tokens)) {
return $tokens[0]['key'];
}
// No token found, Creating a token to allow guest view for the given path
$key = Guesttoken::generate_key();
if (!GuestToken::create($path, $key)) {
throw new Exception("Cannot create token for path " . $path . "\n");
}
return $key;
}
/**
* test delete
* @test
* @depends test_create
* @depends test_generate_key
* @depends test_exist
*/
public function test_delete()
{
self::login_as_admin();
self::delete_tokens_file();
$key = Guesttoken::generate_key();
$path = Settings::$photos_dir . "/tokenfolder";
$key2 = Guesttoken::generate_key();
$path2 = Settings::$photos_dir . "/subfolder";
GuestToken::create($path, $key);
GuestToken::create($path2, $key2);
$this->assertFalse(GuestToken::delete(GuestToken::generate_key()));
$this->assertCount(2, GuestToken::findAll());
$this->assertTrue(GuestToken::delete($key));
$this->assertCount(1, GuestToken::findAll());
$this->assertFalse(GuestToken::exist($key));
$this->assertTrue(GuestToken::exist($key2));
}
/**
* Retrieves info for the current user account
*
* @author Thibaud Rohmer
*/
public static function init()
{
CurrentUser::$accounts_file = Settings::$conf_dir . "/accounts.xml";
CurrentUser::$groups_file = Settings::$conf_dir . "/groups.xml";
CurrentUser::$tokens_file = Settings::$conf_dir . "/guest_tokens.xml";
if (isset($_GET['login']) && isset($_GET['pass'])) {
try {
CurrentUser::login(stripslashes($_GET['login']), stripslashes($_GET['pass']));
} catch (Exception $e) {
}
}
if (isset($_GET['token'])) {
$token = $_GET['token'];
if (GuestToken::exist($token)) {
if (isset($_SESSION['login']) || isset(CurrentUser::$account)) {
CurrentUser::logout();
}
CurrentUser::$token = $token;
$_SESSION['token'] = CurrentUser::$token;
}
} elseif (isset($_SESSION['token'])) {
CurrentUser::$token = $_SESSION['token'];
}
/// Set path
if (isset($_GET['f'])) {
if (is_array($_GET['f'])) {
if (sizeof($_GET['f']) > 1) {
foreach ($_GET['f'] as $file) {
CurrentUser::$path[] = stripslashes(File::r2a($file));
}
} else {
CurrentUser::$path = stripslashes(File::r2a($_GET['f'][0]));
}
} else {
CurrentUser::$path = stripslashes(File::r2a($_GET['f']));
}
if (isset($_GET['p'])) {
switch ($_GET['p']) {
case 'n':
CurrentUser::$path = File::next(CurrentUser::$path);
break;
case 'p':
CurrentUser::$path = File::prev(CurrentUser::$path);
break;
}
}
} else {
/// Path not defined in URL
CurrentUser::$path = Settings::$photos_dir;
}
/// Set CurrentUser account
if (isset($_SESSION['login'])) {
self::$account = new Account($_SESSION['login']);
// groups sometimes can be null
$groups = self::$account->groups === NULL ? array() : self::$account->groups;
self::$admin = in_array("root", $groups);
self::$uploader = in_array("uploaders", $groups);
Settings::set_lang(self::$account->language);
$_SESSION['token'] = "";
}
/// Set action (needed for page layout)
if (isset($_GET['t'])) {
switch ($_GET['t']) {
case "Rss":
case "Page":
case "Img":
case "Vid":
case "Thb":
CurrentUser::$action = $_GET['t'];
break;
case "Big":
case "BDl":
case "Zip":
if (!Settings::$nodownload) {
CurrentUser::$action = $_GET['t'];
}
break;
case "Reg":
if (isset($_POST['login']) && isset($_POST['password'])) {
if (!Account::create($_POST['login'], $_POST['password'], $_POST['verif'])) {
echo "Error creating account.";
}
}
case "Login":
if (isset($_POST['login']) && isset($_POST['password'])) {
try {
if (!CurrentUser::login($_POST['login'], $_POST['password'])) {
echo "Wrong password";
}
} catch (Exception $e) {
echo "Account not found";
}
}
if (!isset(CurrentUser::$account)) {
CurrentUser::$action = $_GET['t'];
}
break;
case "Logout":
if (isset($_SESSION['login'])) {
CurrentUser::logout();
echo "logged out";
}
break;
case "Log":
if (isset($_SESSION['login'])) {
CurrentUser::logout();
echo "logged out";
break;
}
if (isset($_POST['login']) && isset($_POST['password'])) {
try {
if (!CurrentUser::login($_POST['login'], $_POST['password'])) {
echo "Wrong password";
}
} catch (Exception $e) {
echo "Account not found";
}
}
if (!isset(CurrentUser::$account)) {
CurrentUser::$action = $_GET['t'];
}
break;
case "Acc":
if (isset($_POST['old_password'])) {
Account::edit($_POST['login'], $_POST['old_password'], $_POST['password'], $_POST['name'], $_POST['email'], NULL, $_POST['language']);
unset($_POST['old_password']);
CurrentUser::init();
return;
}
CurrentUser::$action = "Acc";
break;
case "Adm":
if (CurrentUser::$admin) {
CurrentUser::$action = "Adm";
}
break;
case "Com":
Comments::add(CurrentUser::$path, $_POST['content'], $_POST['login']);
break;
case "Rig":
Judge::edit(CurrentUser::$path, $_POST['users'], isset($_POST['groups']) ? $_POST['groups'] : null, true);
CurrentUser::$action = "Judge";
break;
case "CTk":
GuestToken::create(CurrentUser::$path);
CurrentUser::$action = "Judge";
break;
case "Pub":
Judge::edit(CurrentUser::$path);
CurrentUser::$action = "Judge";
break;
case "Pri":
Judge::edit(CurrentUser::$path, array(), array(), true);
CurrentUser::$action = "Judge";
break;
case "Inf":
CurrentUser::$action = "Inf";
break;
case "Fs":
if (is_file(CurrentUser::$path)) {
CurrentUser::$action = "Fs";
}
break;
default:
CurrentUser::$action = "Page";
break;
}
} else {
CurrentUser::$action = "Page";
}
if (isset($_GET['a']) && CurrentUser::$action != "Adm") {
if (CurrentUser::$admin || CurrentUser::$uploader) {
new Admin();
}
}
if (isset($_GET['j'])) {
CurrentUser::$action = "JS";
}
/// Set default action
if (!isset(CurrentUser::$action)) {
CurrentUser::$action = "Page";
}
/// Throw exception if accounts file is missing
if (!file_exists(CurrentUser::$accounts_file)) {
throw new Exception("Accounts file missing", 69);
}
/// Create Group File if it doesn't exist
if (!file_exists(CurrentUser::$groups_file)) {
Group::create_group_file();
}
if (isset(CurrentUser::$account)) {
CurrentUser::$admin = in_array("root", CurrentUser::$account->groups);
}
}
