Improve Cabalization
[L-seed.git] / web / php / communication.php
1 <?php
2         header("Content-type: text/html; charset=utf-8");
3
4         session_start();
5         if (get_magic_quotes_gpc()) { $_POST = array_map( 'stripslashes', $_POST ); }
6
7         // DB
8         function CreateConnection() {
9                 $db = @new mysqli( 'localhost', 'lseed', 'GCp:rtAaN8nwTFMP', 'lseed' );;
10                 if (mysqli_connect_errno() != 0) {
11                         die( "Argh what did you do? -> SERVERERR=0");
12                 }
13                 return $db;
14         }
15         function CreateUser($user, $md5pw) {
16                 $result = false;
17                 $db = CreateConnection();
18
19                 $stmt = $db -> prepare("INSERT INTO user (Name, Password, IsAdmin) VALUES (?, ?, ?)");
20                 $isadmin = false;
21                 $stmt->bind_param("ssb", $user, $md5pw, $isadmin);
22                 $stmt->execute();
23
24                 if ($stmt->affected_rows == 1) {
25                         $result = true;
26                 }
27
28                 $db->close();
29
30                 return $result;
31         }
32         function GetUser($user) {
33                 $result = null;
34                 $db = CreateConnection();
35
36                 $stmt = $db->prepare("SELECT ID, Name, Password, IsAdmin FROM user WHERE Name=?");
37                 $stmt->bind_param("s", $user);
38                 $stmt->execute();
39                 $stmt->bind_result( $id, $name, $pw, $isadmin);
40
41                 if ($stmt->fetch()) {
42                         $result = new User($id, $name, $pw, $isadmin);
43                 }
44
45         $db->close();
46
47                 return $result;
48         }
49         function InsertNewPlant($userid, $name, $code) {
50                 $result = false;
51                 $db = CreateConnection();
52
53                 $stmt = $db -> prepare("INSERT INTO plant (UserID, Name, Code) VALUES (?, ?, ?)");
54                 $stmt->bind_param("dss", $userid, $name, $code);
55                 $stmt->execute();
56
57                 if ($stmt->affected_rows == 1) {
58                         $result = true;
59                 }
60
61                 $db->close();
62
63                 return $result;
64         }
65         function UpdatePlant($plant) {
66                 $result = false;
67                 $db = CreateConnection();
68
69                 $stmt = $db->prepare("UPDATE plant SET Code=? WHERE ID=?");
70                 $stmt->bind_param("sd", $code, $plant->ID);
71                 $stmt->execute();
72
73                 if ($stmt->affected_rows == 1) {
74                         $result = true;
75                 }
76
77                 $db->close();
78
79                 return $result;
80         }
81         function DropPlant($plant) {
82                 $result = false;
83                 $db = CreateConnection();
84
85                 $stmt = $db->prepare("DELETE FROM plant WHERE ID=?");
86                 $stmt->bind_param("d", $plant->ID);
87                 $stmt->execute();
88
89                 if ($stmt->affected_rows == 1) {
90                         $result = true;
91                 }
92
93                 $db->close();
94
95                 return $result;
96         }
97         function GetPlant($userid, $name) {
98                 $result = null;
99                 $db = CreateConnection();
100
101                 $stmt = $db->prepare("SELECT ID, UserID, Name, Code FROM plant WHERE UserID=? AND Name=?");
102                 $stmt->bind_param("ds", $userid, $name);
103                 $stmt->execute();
104                 $stmt->bind_result( $id, $userid, $name, $code);
105
106                 if ($stmt->fetch()) {
107                         $result = new Plant($id, $userid, $name, $code);
108                 }
109
110                 $db->close();
111
112                 return $result;
113         }
114         function GetPlantsForUser($userid) {
115                 $result = array();
116                 $db = CreateConnection();
117
118                 $stmt = $db->prepare("SELECT ID, UserID, Name, Code FROM plant WHERE UserID=?");
119                 $stmt->bind_param("d", $userid);
120                 $stmt->execute();
121                 $stmt->bind_result( $id, $userid, $name, $code);
122
123                 while ($stmt->fetch()) {
124                         $plant = new Plant($id, $userid, $name, $code);
125                         $result[] = $plant;
126                 }
127
128                 $db->close();
129                 //echo count($result);
130
131                 return $result;
132
133         }
134
135         //Plant management
136
137         function SavePlant($name, $code) {
138                 $result = "{ success: true, msg: '' }";
139
140                 $user = GetUser($_SESSION['user']);
141                 $plant = GetPlant($user->ID, $name);
142                 if ($plant == null) {
143                         if (!InsertNewPlant($user->ID, $name, $code)) {
144                                 $result = "{ success: false, msg: 'Pflanze konnte nicht erstellt werden.' }";
145                         }
146                 } else {
147                         $plant->Code = $code;
148                         if (!UpdatePlant($plant)) {
149                                 $result = "{ success: false, msg: 'Pflanze konnte nicht aktualisiert werden.' }";
150                         }
151                 }
152
153                 return $result;
154         }
155
156         function GetPlantList() {
157                 $result = "{ list: [] }";
158
159                 $userid = GetUser($_SESSION['user'])->ID;
160                 $list = GetPlantsForUser($userid);
161
162                 if (count($list) > 0) {
163                         $result = "{ list: [";
164                         $first = true;
165                         foreach ($list as $plant) {
166                                 if (!$first) {
167                                         $result .= ", ";
168                                 }
169                                 //$result .= "{ ID: " . $plant->ID . ", Name: '" . $plant->Name . "', Code: '" . $plant->Code . "' }";
170                                 $result .= $plant->ToJson();
171                                 $first = false;
172                         }
173                         $result .= "] }";
174                 }
175
176                 return $result;
177         }
178         
179         function GetPlantById($id) {
180                 $result = null;
181                 
182                 $userid = GetUser($_SESSION['user'])->ID;
183                 $list = GetPlantsForUser($userid);
184
185                 foreach ($list as $plant) {
186                         if ($plant->ID == $id) {
187                                 $result = $plant;
188                                 break;
189                         }
190                 }
191                 
192                 return $result;
193         }
194         
195         function DeletePlant($id) {
196                 $result = "{ success: false }";
197
198                 $plantToBeDeleted = GetPlantById($id);
199                 if ($plantToBeDeleted != null) {
200                         if (DropPlant($plantToBeDeleted)) {
201                                 $result = "{ success: true }";
202                         }
203                 }
204
205                 return $result;
206         }
207         
208         function ValidatePlant($id) {
209                 $plantToBeValidated = GetPlantById($id);
210                 
211                 return ValidatePlantCode($plantToBeValidated->Code);
212         }
213         
214         function ValidatePlantCode($code) {
215                 $result = "{valid: false, line: 0, column: 0, msg: 'Internal Server Error'}";
216                 
217                 $descriptorspec = array(
218                    0 => array("pipe", "r"),  // STDIN ist eine Pipe, von der das Child liest
219                    1 => array("pipe", "w"),  // STDOUT ist eine Pipe, in die das Child schreibt
220                    2 => array("pipe", "w")   // STDERR
221                 );
222
223                 $cwd = realpath("..\\cgi");
224
225
226                 $process = proc_open('validate.exe', $descriptorspec, $pipes, $cwd, array());
227
228                 if (is_resource($process)) {
229                         // $pipes sieht nun so aus:
230                         // 0 => Schreibhandle, das auf das Child STDIN verbunden ist
231                         // 1 => Lesehandle, das auf das Child STDOUT verbunden ist
232                         // Jedwede Fehlerausgaben werden an /tmp/error-output.txt angefĆ¼gt
233
234                         fwrite($pipes[0], $code);
235                         fclose($pipes[0]);
236
237                         $output = stream_get_contents($pipes[1]);
238                         fclose($pipes[1]);
239
240                         //echo stream_get_contents($pipes[2]);
241                         fclose($pipes[2]);
242
243                         $return_value = proc_close($process);
244                         
245                         //echo $return_value;
246                         if ($return_value == 0) {
247                                 $result = $output;
248                         }
249                 }
250
251                 return $result;
252         }
253
254         //Communication
255
256         function RPCAnswer($calledFunc, $data) {
257                 echo "{ cmd: 'RPC-Response', calledFunc: '".$calledFunc."', data: ".$data." }";
258         }
259
260         function ReturnContent($content) {
261                 switch ($content) {
262                         case "myplants":
263                         case "createplant":
264                         case "testplant":
265                                 LoadContent($content);
266                                 break;
267                         case "nav":
268                                 if (IsAdmin() != "false") {
269                                         LoadContent("adminnav");
270                                 } else {
271                                         LoadContent($content);
272                                 }
273                         break;
274                         case "debug":
275                                 if (IsAdmin() != "false") {
276                                         LoadContent($content);
277                                 }
278                         break;
279                 }
280         }
281
282         function LoadContent($content) {
283                         echo "{ cmd: 'Content', contentname: '".$content."', content: ";
284                         readfile( "page/".$content.".pg" );
285                         echo "}";
286         }
287
288         function ReturnMessage($msg, $type) {
289                 echo "{ cmd: 'Message', type: '".$type."', msg: '".$msg."' }";
290         }
291
292         function ReturnRequest($func) {
293                 echo "{ cmd: 'RPC', func: ".$func." }";
294         }
295
296         function IsLoggedIn() {
297                 $result = "false";
298                 if (isset($_SESSION['user']) and isset($_SESSION['pw'])) {
299                         $user = $_SESSION['user'];
300                         $md5pw = $_SESSION['pw'];
301
302                         $userobj = GetUser($user);
303                         if ($userobj != null and $userobj->Password == $md5pw) {
304                                 $result = "true";
305                         }
306                 }
307
308                 return $result;
309         }
310
311         function IsAdmin() {
312                 $result = "false";
313                 if (isset($_SESSION['user']) and isset($_SESSION['pw'])) {
314                         $user = $_SESSION['user'];
315
316                         $userobj = GetUser($user);
317                         if ($userobj != null and $userobj->IsAdmin) {
318                                 $result = "true";
319                         }
320                 }
321
322                 return $result;
323         }
324
325         function LogIn($user, $md5pw) {
326                 $result = "false";
327                 $userobj = GetUser($user);
328
329                 if ($userobj != null and $userobj->Password == $md5pw) {
330                         $_SESSION['user'] = $user;
331                         $_SESSION['pw'] = $md5pw;
332
333                         $result = "true";
334                 }
335
336                 return $result;
337         }
338
339         function LogOut() {
340                 $_SESSION['user'] = "";
341                 $_SESSION['pw'] = "";
342         }
343
344         function Register($user, $md5pw) {
345                 $result = "{ success: true, msg: '' }";
346                 $userobj = GetUser($user);
347
348                 if ($userobj == null) {
349                         if (!CreateUser($user, $md5pw)) {
350                                 $result = "{ success: false, msg: 'Benutzer konnte nicht erstellt werden.' }";
351                         } else {
352                                 LogIn($user, $md5pw);
353                         }
354                 } else {
355                         $result = "{ success: false, msg: 'Benutzername bereits vergeben.' }";
356                 }
357
358                 return $result;
359         }
360
361         switch ($_POST["cmd"]) {
362                 case "RPC":
363                         switch ($_POST["func"]) {
364                                 case "IsLoggedIn":
365                                         $res = IsLoggedIn();
366                                         RPCAnswer($_POST["func"], $res);
367                                         break;
368
369                                 case "Auth":
370                                         $res = LogIn($_POST["user"], $_POST["pw"]);
371                                         RPCAnswer($_POST["func"], $res);
372                                         break;
373
374                                 case "Logout":
375                                         LogOut();
376                                         echo "{}";
377                                         break;
378
379                                 case "Register":
380                                         $res = Register($_POST["user"], $_POST["pw"]);
381                                         RPCAnswer($_POST["func"], $res);
382                                         break;
383
384                                 case "SavePlant":
385                                         $res = SavePlant($_POST["name"], $_POST["code"]);
386                                         RPCAnswer($_POST["func"], $res);
387                                         break;
388
389                                 case "CreatePlant":
390                                         break;
391
392                                 case "GetPlantList":
393                                         $res = GetPlantList();
394                                         RPCAnswer($_POST["func"], $res);
395                                         break;
396
397                                 case "DeletePlant":
398                                         $res = DeletePlant($_POST["id"]);
399                                         RPCAnswer($_POST["func"], $res);
400                                         break;
401
402                                 case "TestPlant":
403                                         break;
404
405                                 case "ValidatePlant":
406                                         $res = null;
407                                         if (isset($_POST["id"])) {
408                                                 $res = ValidatePlant($_POST["id"]);
409                                         } else {
410                                                 $res = ValidatePlantCode($_POST["code"]);
411                                         }
412                                         RPCAnswer($_POST["func"], $res);
413                                         break;
414                         }
415                         break;
416
417                 case "ContentRequest":
418                         if (IsLoggedIn() != "false") {
419                                 ReturnContent($_POST["content"]);
420                         } else {
421                                 $func = <<<EOS
422 function() {
423         this.showLoginDialog();
424         this.showMessage('Sie sind nicht eingeloggt bitte einloggen', 'error');
425 }
426 EOS;
427                                 ReturnRequest($func);
428                         }
429                         break;
430         }
431
432         class User
433         {
434             public $ID;
435             public $Name;
436             public $Password;
437             public $IsAdmin;
438
439                 public function __construct($id, $user, $md5pw, $isadmin) {
440                         $this->ID = $id;
441                         $this->Name = $user;
442                         $this->Password = $md5pw;
443                         $this->IsAdmin = $isadmin;
444                 }
445         }
446
447         class Plant
448         {
449             public $ID;
450             public $UserID;
451             public $Name;
452             public $Code;
453
454                 public function __construct($id, $userid, $name, $code) {
455                         $this->ID = $id;
456                         $this->UserID = $userid;
457                         $this->Name = $name;
458                         $this->Code = $code;
459                 }
460
461                 public function ToJson() {
462                         return "{ ID: " . $this->ID . ", Name: '" . $this->Name . "', Code: '" . $this->Code . "' }";
463                 }
464
465                 public function ToJsonArray() {
466                         return "[ " . $this->ID . ", '" . $this->Name . "', '" . $this->Code . "' ]";
467                 }
468         }
469
470
471 ?>