<?php
require_once('event_handler_web.class.php');
require_once('system_object.class.php');
/**
* Class responsible for responding to all index.php (standard) requests.
*
*/
class IndexEventHandler extends WebEventHandler {
function __construct() {
parent::__construct();
// add allowances for any operations included in this subclass
$this->allow(array(
'browse_files',
'get_download',
'login',
'account',
));
$this->default_operation = 'browse_files';
}
/**
* Login page
*/
protected function login() {
// is there a login to process?
if (isset($_REQUEST['u']) && isset($_REQUEST['p'])) {
// log the person in (will reroute to authFailed() if it fails)
$auth_object = Auth::getInstance();
$auth_object->authenticate($_REQUEST['u'], $_REQUEST['p']);
// show the page they requested before hitting the login page
$op = @$_REQUEST['returnpage'];
$this->handle($op);
}
else {
// get request values
$returnpage = '';
if (isset($_REQUEST['returnpage'])) {
$returnpage = urlencode($_REQUEST['returnpage']); // the urlencode() is overkill but keeps html clean (below).
}
$message = '';
if (isset($_REQUEST['m'])) $message = base64_decode($_REQUEST['m']); // the base64 encoding just makes the URL less tacky
$this->body_onload = 'document.getElementById("username_input").focus();';
$this->output = "
<script src='includes/javascript/forms.js' type='text/javascript'></script>
<div class='login'>
<!-- see note at submit button
<form id='loginForm' action='?op=login' onkeypress=\"processKey('loginForm');\" method='POST'>
-->
<form id='loginForm' action='?op=login' method='POST'>
<div class='bigwords'>
Please log in
</div>
<div class='errormessage'>
$message
</div>
<div class='input'>
<div class='fieldlabel'>Username:</div><input type='text' name='u' id='username_input'>
</div>
<div class='input'>
<div class='fieldlabel'>Password:</div><input type='password' name='p'>
</div>
<input type='hidden' name='returnpage' value='$returnpage'>
<!-- the submit button here means that pressing enter in any field will auto-submit the form. -->
<input type='submit' value='Submit'>
</form>
</div>
";
}
}
/**
* Generates HTML page structure for the file browser interface. (does not actually show any contents)
*
* Contents are shown by telling the browser to initiate an AJAX request for the root folder
* when the page loads (see onload_handler)
*
*/
protected function browse_files() {
// user must be logged in
$auth_object = Auth::getInstance();
$auth_object->requireUserRole('user'); // will auto-show login page if auth fails
// set the onload handler javascript
$skin = $this->getSkin();
if (USE_DB) { // only open the saved folders if we're using a DB, because the mechanism uses folder ID's
$this->body_onload = "toggledir(0,-1,'$skin') // always show the root dir at the start. \n";
} else {
$this->body_onload = "toggledir(0,".urlencode($this->backupid).",'$skin'); // always show the root dir at the start. \n";
}
$this->setAccountLinks();
// Show the page elements
// NOTE: body.onload will fire the ajax call to populate this - we don't worry about it here
$this->output = "
<div class='leftcontent'>
<div class='bigwords'>
1. Choose a Date
</div>".
$this->get_calendar()."
</div>
<div class='rightcontent'>
<div class='bigwords'>
2. Choose a File
</div>".
$this->get_file_chooser().
$this->get_backup_root()."
</div>";
}
/**
* Generates HTML code for the drop-down used to select which backup set the user would like to view
*
* @return string HTML code generated
*/
protected function get_file_chooser() {
$system_object = SystemObject::getInstance();
// Start the <form> and <select> tags
$result = "
<div class='chooser'>
<form id='form1' action='./'>
<input type='hidden' name='op' value='browse_files'>
<input type='hidden' name='year' value='".$this->year."'>
<input type='hidden' name='month' value='".$this->month."'>
<input type='hidden' name='day' value='".$this->day."'>
<input type='hidden' name='hour' value='".$this->hour."'>
Backup Set:
<select name='backupid' onchange='form1.submit();'>\n";
// open backup directory to see what's been backed up
$id_list = $system_object->get_subdirs(BACKUP_STORE_DIR);
// were there any results?
if(count($id_list)) {
natcasesort($id_list);
foreach($id_list as $this_id) {
// make sure the user has permissions to view this dir
if (!$this->enforceFilePermissions(BACKUP_STORE_DIR.$this_id)) continue;
// If no backup set was selected, then select the first one in the list.
if($this->backupid == ""){
$this->backupid = $this_id;
$_SESSION['backupid'] = $this_id;
}
// Write the <option> tag, and select it if necessary
$result .= "<option name=$this_id value=$this_id";
if($this_id == $this->backupid) {
$result .= " selected";
}
$result .= ">$this_id</option>\n";
}
} else {
// If no backup sets were found then show a helpful message
$result .= "<option name='' value=''>--- No backup sets found ---</option>\n";
}
$result .= "</select>";
// Create a link to show/hide hidden files
if($this->show_hidden) {
$showlabel = "Don't show hidden files";
$showlink = "0";
} else {
$showlabel = "Show hidden files";
$showlink = "1";
}
$result .= "
<div class='hiddenlink'>
<a href='./?op=browse_files&month=".$this->month."&year=".$this->year
."&day=".$this->day."&hour=".$this->hour."&backupid=".$this->backupid."&show_hidden=$showlink'>
$showlabel
</a>
</div>";
// close the outermost form & div
$result .= "
</form>
</div>";
return $result;
}
/**
* Generates HTML code for the root node of the backup set tree browser
*
* @return string the HTML code that was generated
*/
protected function get_backup_root() {
$result = "";
// don't show anything if there's no backup id
if($this->backupid != "") {
$skin = $this->getSkin();
$result = "
<div class='filebrowser'>
<a id='a_0'href='javascript:void(0);'
onclick=\"toggledir(0,'". (USE_DB ? "-1" : htmlspecialchars($this->backupid)) ."','$skin');\"
onmouseover=\"mouseovericon(0,'$skin');\"
onmouseout=\"mouseouticon(0,'$skin');\"
>
<img id='expand_0' src='skins/$skin/images/expand_button.gif'>
<img id='icon_0' src='skins/$skin/images/folder.png'>
<b>".htmlspecialchars($this->backupid)."</b>
</a>
<a id='downloadlink_0' href='./?op=get_download"
."&backupid=".$this->backupid
."&year=".$this->year
."&month=".$this->month
."&day=".$this->day
."&hour=".$this->hour
."&link_to_file=".urlencode($this->backupid)."'
>
<img id='dir_downloadicon_0'
src='skins/$skin/images/download_bw.png'
style='display:none;'
title='Download this directory in a single archive file'
onmouseover=\"mouseoverdownload(0,'$skin');\"
onmouseout=\"mouseoutdownload(0,'$skin');\"
>
</a>
<br>
<div id='div_0' class='foldercontents' style='display:none'></div>
</div>\n
";
}
return $result;
}
protected function failed_download() {
$this->output .= "
<h1>Download Failed</h1>
<p>
File: <b>{$_REQUEST['link_to_file']}</b><br>
File date: {$this->year}.{$this->month}.{$this->day} {$this->hour}:00<br><br>
You do not have permissions to view this file.
</p>
";
}
protected function account() {
// set up the page
$this->setAccountLinks();
$username = $_SESSION['username'];
$user = Doctrine::getTable('User')->findOneByUsername($username);
// process the form data if any
$alerts = '';
if ($_REQUEST['form_submitted']) {
if ($_REQUEST['p'] || $_REQUEST['p2']) {
if ($_REQUEST['p'] != $_REQUEST['p2']) {
$alerts = $this->createAlertsHTML($e->getMessage());
}
else {
$new_data = array('password' => @$_REQUEST['p']);
$user = $this->processUserChanges($user, $new_data);
$alerts = 'Updated user successfully.';
}
}
}
// start the output
$this->output .= "
<script src='includes/javascript/forms.js' type='text/javascript'></script>
<div class='form'>
<form id='userForm' onkeypress=\"processKey('userForm');\" method='POST'>
<div class='bigwords'>
Editing user '$username'
</div>
$alerts
";
// TODO show group checkboxes (do this after the refactor from users.user_group field to user_group link table)
// show password change
$this->output .= "
<div class='userlist_name' >
Change Password
<div class='useradd_password tabular_input'>
<div class='fieldlabel userlist_fieldlabel'>Password:</div>
<input type='password' name='p'>
<div class='clear'></div>
<div class='fieldlabel userlist_fieldlabel'>Re-Enter Password:</div>
<input type='password' name='p2'>
</div>
</div>
";
// close up the output
$this->output .= "
<input type='hidden' name='form_submitted' value='1'>
<input type='submit' value='Submit'>
</form>
</div>
";
}
}