e367d00ce51d5120d8725c0f72d623a50d5bc7c1
[L-seed.git] / web / php / communication.php
1 <?php
2         header("Content-type: text/html; charset=utf-8");
3
4         session_start();
5         if (get_magic_quotes_gpc()) { $_POST = array_map( 'stripslashes', $_POST ); }
6
7         // DB
8         function CreateConnection() {
9                 $db = @new mysqli( 'localhost', 'lseed', 'GCp:rtAaN8nwTFMP', 'lseed' );;
10                 if (mysqli_connect_errno() != 0) {
11                         die( "Argh what did you do? -> SERVERERR=0");
12                 }
13                 return $db;
14         }
15         function CreateUser($user, $md5pw) {
16                 $result = false;
17                 $db = CreateConnection();
18
19                 $stmt = $db -> prepare("INSERT INTO user (Name, Password, IsAdmin) VALUES (?, ?, ?)");
20                 $isadmin = false;
21                 $stmt->bind_param("ssb", $user, $md5pw, $isadmin);
22                 $stmt->execute();
23
24                 if ($stmt->affected_rows == 1) {
25                         $result = true;
26                 }
27
28                 $db->close();
29
30                 return $result;
31         }
32         function GetUser($user) {
33                 $result = null;
34                 $db = CreateConnection();
35
36                 $stmt = $db->prepare("SELECT ID, Name, Password, IsAdmin FROM user WHERE Name=?");
37                 $stmt->bind_param("s", $user);
38                 $stmt->execute();
39                 $stmt->bind_result( $id, $name, $pw, $isadmin);
40
41                 if ($stmt->fetch()) {
42                         $result = new User($id, $name, $pw, $isadmin);
43                 }
44
45         $db->close();
46
47                 return $result;
48         }
49         function InsertNewPlant($userid, $name, $code) {
50                 $result = false;
51                 $db = CreateConnection();
52
53                 $stmt = $db -> prepare("INSERT INTO plant (UserID, Name, Code) VALUES (?, ?, ?)");
54                 $stmt->bind_param("dss", $userid, $name, $code);
55                 $stmt->execute();
56
57                 if ($stmt->affected_rows == 1) {
58                         $result = true;
59                 }
60
61                 $db->close();
62
63                 return $result;
64         }
65         function UpdatePlant($plant) {
66                 $result = false;
67                 $db = CreateConnection();
68
69                 $stmt = $db->prepare("UPDATE plant SET Code=? WHERE ID=?");
70                 $stmt->bind_param("sd", $code, $plant->ID);
71                 $stmt->execute();
72
73                 if ($stmt->affected_rows == 1) {
74                         $result = true;
75                 }
76
77                 $db->close();
78
79                 return $result;
80         }
81         function DropPlant($plant) {
82                 $result = false;
83                 $db = CreateConnection();
84
85                 $stmt = $db->prepare("DELETE FROM plant WHERE ID=?");
86                 $stmt->bind_param("d", $plant->ID);
87                 $stmt->execute();
88
89                 if ($stmt->affected_rows == 1) {
90                         $result = true;
91                 }
92
93                 $db->close();
94
95                 return $result;
96         }
97         function GetPlant($userid, $name) {
98                 $result = null;
99                 $db = CreateConnection();
100
101                 $stmt = $db->prepare("SELECT ID, UserID, Name, Code FROM plant WHERE UserID=? AND Name=?");
102                 $stmt->bind_param("ds", $userid, $name);
103                 $stmt->execute();
104                 $stmt->bind_result( $id, $userid, $name, $code);
105
106                 if ($stmt->fetch()) {
107                         $result = new Plant($id, $userid, $name, $code);
108                 }
109
110                 $db->close();
111
112                 return $result;
113         }
114         function GetPlantsForUser($userid) {
115                 $result = array();
116                 $db = CreateConnection();
117
118                 $stmt = $db->prepare("SELECT ID, UserID, Name, Code FROM plant WHERE UserID=?");
119                 $stmt->bind_param("d", $userid);
120                 $stmt->execute();
121                 $stmt->bind_result( $id, $userid, $name, $code);
122
123                 while ($stmt->fetch()) {
124                         $plant = new Plant($id, $userid, $name, $code);
125                         $result[] = $plant;
126                 }
127
128                 $db->close();
129                 //echo count($result);
130
131                 return $result;
132
133         }
134
135         //Plant management
136
137         function SavePlant($name, $code) {
138                 $result = "{ success: true, msg: '' }";
139
140                 $user = GetUser($_SESSION['user']);
141                 $plant = GetPlant($user->ID, $name);
142                 if ($plant == null) {
143                         if (!InsertNewPlant($user->ID, $name, $code)) {
144                                 $result = "{ success: false, msg: 'Pflanze konnte nicht erstellt werden.' }";
145                         }
146                 } else {
147                         $plant->Code = $code;
148                         if (!UpdatePlant($plant)) {
149                                 $result = "{ success: false, msg: 'Pflanze konnte nicht aktualisiert werden.' }";
150                         }
151                 }
152
153                 return $result;
154         }
155
156         function GetPlantList() {
157                 $result = "{ list: [] }";
158
159                 $userid = GetUser($_SESSION['user'])->ID;
160                 $list = GetPlantsForUser($userid);
161
162                 if (count($list) > 0) {
163                         $result = "{ list: [";
164                         $first = true;
165                         foreach ($list as $plant) {
166                                 if (!$first) {
167                                         $result .= ", ";
168                                 }
169                                 //$result .= "{ ID: " . $plant->ID . ", Name: '" . $plant->Name . "', Code: '" . $plant->Code . "' }";
170                                 $result .= $plant->ToJson();
171                                 $first = false;
172                         }
173                         $result .= "] }";
174                 }
175
176                 return $result;
177         }
178         
179         function DeletePlant($id) {
180                 $result = "{ success: false }";
181
182                 $userid = GetUser($_SESSION['user'])->ID;
183                 $list = GetPlantsForUser($userid);
184                 
185                 $plantToBeDeleted = null;
186                 foreach ($list as $plant) {
187                         if ($plant->ID == $id) {
188                                 $plantToBeDeleted = $plant;
189                                 break;
190                         }
191                 }
192                 if ($plantToBeDeleted != null) {
193                         if (DropPlant($plantToBeDeleted)) {
194                                 $result = "{ success: true }";
195                         }
196                 }
197
198                 return $result;
199         }
200
201         //Communication
202
203         function RPCAnswer($calledFunc, $data) {
204                 echo "{ cmd: 'RPC-Response', calledFunc: '".$calledFunc."', data: ".$data." }";
205         }
206
207         function ReturnContent($content) {
208                 switch ($content) {
209                         case "myplants":
210                         case "createplant":
211                         case "testplant":
212                                 LoadContent($content);
213                                 break;
214                         case "nav":
215                                 if (IsAdmin() != "false") {
216                                         LoadContent("adminnav");
217                                 } else {
218                                         LoadContent($content);
219                                 }
220                         break;
221                         case "debug":
222                                 if (IsAdmin() != "false") {
223                                         LoadContent($content);
224                                 }
225                         break;
226                 }
227         }
228
229         function LoadContent($content) {
230                         echo "{ cmd: 'Content', contentname: '".$content."', content: ";
231                         readfile( "page/".$content.".pg" );
232                         echo "}";
233         }
234
235         function ReturnMessage($msg, $type) {
236                 echo "{ cmd: 'Message', type: '".$type."', msg: '".$msg."' }";
237         }
238
239         function ReturnRequest($func) {
240                 echo "{ cmd: 'RPC', func: ".$func." }";
241         }
242
243         function IsLoggedIn() {
244                 $result = "false";
245                 if (isset($_SESSION['user']) and isset($_SESSION['pw'])) {
246                         $user = $_SESSION['user'];
247                         $md5pw = $_SESSION['pw'];
248
249                         $userobj = GetUser($user);
250                         if ($userobj != null and $userobj->Password == $md5pw) {
251                                 $result = "true";
252                         }
253                 }
254
255                 return $result;
256         }
257
258         function IsAdmin() {
259                 $result = "false";
260                 if (isset($_SESSION['user']) and isset($_SESSION['pw'])) {
261                         $user = $_SESSION['user'];
262
263                         $userobj = GetUser($user);
264                         if ($userobj != null and $userobj->IsAdmin) {
265                                 $result = "true";
266                         }
267                 }
268
269                 return $result;
270         }
271
272         function LogIn($user, $md5pw) {
273                 $result = "false";
274                 $userobj = GetUser($user);
275
276                 if ($userobj != null and $userobj->Password == $md5pw) {
277                         $_SESSION['user'] = $user;
278                         $_SESSION['pw'] = $md5pw;
279
280                         $result = "true";
281                 }
282
283                 return $result;
284         }
285
286         function LogOut() {
287                 $_SESSION['user'] = "";
288                 $_SESSION['pw'] = "";
289         }
290
291         function Register($user, $md5pw) {
292                 $result = "{ success: true, msg: '' }";
293                 $userobj = GetUser($user);
294
295                 if ($userobj == null) {
296                         if (!CreateUser($user, $md5pw)) {
297                                 $result = "{ success: false, msg: 'Benutzer konnte nicht erstellt werden.' }";
298                         } else {
299                                 LogIn($user, $md5pw);
300                         }
301                 } else {
302                         $result = "{ success: false, msg: 'Benutzername bereits vergeben.' }";
303                 }
304
305                 return $result;
306         }
307
308         switch ($_POST["cmd"]) {
309                 case "RPC":
310                         switch ($_POST["func"]) {
311                                 case "IsLoggedIn":
312                                         $res = IsLoggedIn();
313                                         RPCAnswer($_POST["func"], $res);
314                                         break;
315
316                                 case "Auth":
317                                         $res = LogIn($_POST["user"], $_POST["pw"]);
318                                         RPCAnswer($_POST["func"], $res);
319                                         break;
320
321                                 case "Logout":
322                                         LogOut();
323                                         echo "{}";
324                                         break;
325
326                                 case "Register":
327                                         $res = Register($_POST["user"], $_POST["pw"]);
328                                         RPCAnswer($_POST["func"], $res);
329                                         break;
330
331                                 case "SavePlant":
332                                         $res = SavePlant($_POST["name"], $_POST["code"]);
333                                         RPCAnswer($_POST["func"], $res);
334                                         break;
335
336                                 case "CreatePlant":
337                                         break;
338
339                                 case "GetPlantList":
340                                         $res = GetPlantList();
341                                         RPCAnswer($_POST["func"], $res);
342                                         break;
343
344                                 case "DeletePlant":
345                                         $res = DeletePlant($_POST["id"]);
346                                         RPCAnswer($_POST["func"], $res);
347                                         break;
348
349                                 case "TestPlant":
350                                         break;
351                         }
352                         break;
353
354                 case "ContentRequest":
355                         if (IsLoggedIn() != "false") {
356                                 ReturnContent($_POST["content"]);
357                         } else {
358                                 $func = <<<EOS
359 function() {
360         this.showLoginDialog();
361         this.showMessage('Sie sind nicht eingeloggt bitte einloggen', 'error');
362 }
363 EOS;
364                                 ReturnRequest($func);
365                         }
366                         break;
367         }
368
369         class User
370         {
371             public $ID;
372             public $Name;
373             public $Password;
374             public $IsAdmin;
375
376                 public function __construct($id, $user, $md5pw, $isadmin) {
377                         $this->ID = $id;
378                         $this->Name = $user;
379                         $this->Password = $md5pw;
380                         $this->IsAdmin = $isadmin;
381                 }
382         }
383
384         class Plant
385         {
386             public $ID;
387             public $UserID;
388             public $Name;
389             public $Code;
390
391                 public function __construct($id, $userid, $name, $code) {
392                         $this->ID = $id;
393                         $this->UserID = $userid;
394                         $this->Name = $name;
395                         $this->Code = $code;
396                 }
397
398                 public function ToJson() {
399                         return "{ ID: " . $this->ID . ", Name: '" . $this->Name . "', Code: '" . $this->Code . "' }";
400                 }
401
402                 public function ToJsonArray() {
403                         return "[ " . $this->ID . ", '" . $this->Name . "', '" . $this->Code . "' ]";
404                 }
405         }
406
407
408 ?>