diff --git a/application/config/config.php b/application/config/config.php index 16216a27c..c9c598fde 100755 --- a/application/config/config.php +++ b/application/config/config.php @@ -108,7 +108,7 @@ $config['enable_hooks'] = FALSE; | http://codeigniter.com/user_guide/general/creating_libraries.html | */ -$config['subclass_prefix'] = 'MY_'; +$config['subclass_prefix'] = 'FHC_'; /* |-------------------------------------------------------------------------- @@ -502,3 +502,17 @@ $config['rewrite_short_tags'] = FALSE; | Array: array('10.0.1.200', '192.168.5.0/24') */ $config['proxy_ips'] = ''; + +/* +|-------------------------------------------------------------------------- +| Autoload Custom Controllers +|-------------------------------------------------------------------------- +| +*/ +function __autoload($class) { + if (substr($class,0,3) !== 'CI_' && substr($class,0,4) !== 'FHC_') { + if (file_exists($file = APPPATH . 'core/' . $class . '.php')) { + require_once $file; + } + } +} diff --git a/application/controllers/api/v1/Person.php b/application/controllers/api/v1/Person.php index 5e052cf5f..170bce57e 100644 --- a/application/controllers/api/v1/Person.php +++ b/application/controllers/api/v1/Person.php @@ -39,7 +39,7 @@ class Person extends API_Controller if (!is_null($code)) $result = $this->person_model->getPersonByCode($code); else - $result = $this->person_model->getPersonen(); + $result = $this->person_model->getPerson(); // var_dump($result[0]); if (empty($result)) @@ -65,305 +65,4 @@ class Person extends API_Controller $this->response($payload, $httpstatus); } - /** - * Creates a new location for whisper or returns all available locations - * within a certain radius - * @return string JSON that indicates success/failure of creating location - * @example http://wsp.fortyseeds.at/backend/api/whisper/location/name/Foo/latitude/37.37888785004527/longitude/-120.333251953125/session_id/55afab8ba6f1b/device_id/abcdef123 - */ - public function location_get() - { - if (!$this->session_model->validate($this->get('session_id'), $this->get('device_id'))) - $this->response(array(['success' => false, 'message' => 'access denied']), REST_Controller::HTTP_UNAUTHORIZED); - - $name = urldecode($this->get('name')); - $latitude = $this->get('latitude'); - $longitude = $this->get('longitude'); - - if (!empty($name) && !empty($latitude) && !empty($longitude)) - { - // check available locations - $locsWithinRadius = $this->location_model->getLocationsWithinRadius($latitude, $longitude); - - if (empty($locsWithinRadius)) - { - // create new location - $locId = $this->location_model->create($name, $latitude, $longitude); - - if ($locId !== false) - { - $payload = [ - 'success' => true, - 'message' => 'location created successfully', - 'location_id' => $locId - ]; - $httpstatus = REST_Controller::HTTP_CREATED; - } - else - { - $payload = [ - 'success' => false, - 'message' => 'location could not be created' - ]; - $httpstatus = REST_Controller::HTTP_INTERNAL_SERVER_ERROR; - } - } - else - { - // return all available locations - $payload = [ - 'success' => true, - 'message' => '1 or more locations available', - 'location_id' => $locsWithinRadius - ]; - $httpstatus = REST_Controller::HTTP_OK; - } - } - else - { - $payload = [ - 'success' => false, - 'message' => "name, latitude or longitude missing" - ]; - $httpstatus = REST_Controller::HTTP_BAD_REQUEST; - } - - // Set the response and exit - $this->response($payload, $httpstatus); - } - - /** - * Creates a new whisper - * @return string JSON that indicates success/failure of creating location - * @example http://wsp.fortyseeds.at/backend/api/whisper/create/session_id/55afab8ba6f1b/device_id/abcdef123 - */ - public function create_post() - { - if (!$this->session_model->validate($this->get('session_id'), $this->get('device_id'))) - $this->response(array(['success' => false, 'message' => 'access denied']), REST_Controller::HTTP_UNAUTHORIZED); - - $data = $this->post('whisper'); - - // perform checks if whisper can be created - $errormsg = ""; - $notNull = array('location_id', 'name', 'type', 'description', 'scenery', 'price', 'sportiness', 'address', 'category'); - foreach ($notNull as $key) - { - if (empty($data[$key])) - { - $errormsg = "missing data"; - break; - } - } - - if (empty($errormsg)) - { - if (!empty($data['picture'])) - { - // save file name in the profile - $data['picture'] = $this->_savePicture($data['picture']); - } - - // add user ID to data - $session = $this->session_model->load($this->get('session_id')); - $data['user_id'] = $session->user_id; - - // create new whisper - $whisperId = $this->whisper_model->create($data); - - if ($whisperId !== false) - { - // check if user status change is necessary - if ($this->status_model->current($session->user_id) != 'full' && - $this->whisper_model->count($session->user_id) >= $this->config->item('userstatus_full_whisperer')) - { - $this->status_model->set($session->user_id, 'full'); - } - - $payload = [ - 'success' => true, - 'message' => 'whisper created successfully', - 'whisper_id' => $whisperId - ]; - $httpstatus = REST_Controller::HTTP_CREATED; - } - else - { - $payload = [ - 'success' => false, - 'message' => 'whisper could not be created' - ]; - $httpstatus = REST_Controller::HTTP_INTERNAL_SERVER_ERROR; - } - } - else - { - $payload = [ - 'success' => false, - 'message' => $errormsg - ]; - $httpstatus = REST_Controller::HTTP_BAD_REQUEST; - } - - // Set the response and exit - $this->response($payload, $httpstatus); - } - - /** - * Edits a whisper - * @return string JSON that indicates success/failure of editing whisper - * @example http://wsp.fortyseeds.at/backend/api/whisper/edit/whisper_id/1/session_id/55afab8ba6f1b/device_id/abcdef123 - */ - public function edit_post() - { - if (!$this->session_model->validate($this->get('session_id'), $this->get('device_id'))) - $this->response(array(['success' => false, 'message' => 'access denied']), REST_Controller::HTTP_UNAUTHORIZED); - - $data = $this->post('whisper'); - $whisperId = $this->get('whisper_id'); - - // perform checks if whisper can be edited - $errormsg = ""; - $notNull = array('location_id', 'name', 'type', 'description', 'scenery', 'price', 'sportiness', 'address', 'category'); - foreach ($notNull as $key) - { - if (isset($data[$key]) && empty($data[$key])) - { - $errormsg = "missing data"; - break; - } - } - - if (empty($errormsg)) - { - if (!empty($data['picture'])) - { - $data['picture'] = $this->_savePicture($data['picture']); - } - - // load user session - $session = $this->session_model->load($this->get('session_id')); - - // save changes - $result = $this->whisper_model->edit($whisperId, $data, $session->user_id); - - if ($result === 1) - { - $payload = [ - 'success' => true, - 'message' => 'whisper edited successfully' - ]; - $httpstatus = REST_Controller::HTTP_OK; - } - else - { - $payload = [ - 'success' => false, - 'message' => 'whisper does not exist or does not belong to user' - ]; - $httpstatus = REST_Controller::HTTP_BAD_REQUEST; - } - } - else - { - $payload = [ - 'success' => false, - 'message' => $errormsg - ]; - $httpstatus = REST_Controller::HTTP_BAD_REQUEST; - } - - // Set the response and exit - $this->response($payload, $httpstatus); - } - - /** - * Returns all whispers of a user - * @return string JSON with whisper data - * @example http://wsp.fortyseeds.at/backend/api/whisper/personal/session_id/55afab8ba6f1b/device_id/abcdef123 - */ - public function personal_get() - { - if (!$this->session_model->validate($this->get('session_id'), $this->get('device_id'))) - $this->response(array(['success' => false, 'message' => 'access denied']), REST_Controller::HTTP_UNAUTHORIZED); - - $profile = $this->profile_model->loadBySession($this->get('session_id')); - $whispers = $this->whisper_model->getByUser($profile->user_id); - - $payload = [ - 'success' => true, - 'message' => 'whispers returned successfully', - 'whispers' => $whispers - ]; - $httpstatus = REST_Controller::HTTP_OK; - - // Set the response and exit - $this->response($payload, $httpstatus); - } - - /** - * Deletes a whisper - * @return string JSON that indicates success/failure of deleting whisper - * @example http://wsp.fortyseeds.at/backend/api/whisper/delete/session_id/d05434b3728bd2a525a1947c3ec4d754/device_id/abcdef123/whisper_id/7/reason/Gef%C3%A4llt%20mir%20nicht%20mehr - */ - public function delete_get() - { - if (!$this->session_model->validate($this->get('session_id'), $this->get('device_id'))) - $this->response(array(['success' => false, 'message' => 'access denied']), REST_Controller::HTTP_UNAUTHORIZED); - - $whisperId = $this->get('whisper_id'); - $this->get('reason') == '' ? $reason = 'null' : $reason = "'" . urldecode($this->get('reason')) . "'"; - $profile = $this->profile_model->loadBySession($this->get('session_id')); - - $result = $this->whisper_model->delete($whisperId, $profile->user_id, $reason); - - if ($result === 0) - { - $payload = [ - 'success' => false, - 'message' => 'whisper does not exist or does not belong to user' - ]; - $httpstatus = REST_Controller::HTTP_BAD_REQUEST; - } - else - { - $payload = [ - 'success' => true, - 'message' => 'whisper deleted successfully' - ]; - $httpstatus = REST_Controller::HTTP_OK; - } - - // Set the response and exit - $this->response($payload, $httpstatus); - } - - /** - * Decodes base64 image data and saves file to disk - * @param string $base64data - * @return string path and file name of picture - */ - private function _savePicture($base64data) - { - // decode data and get file type - $imgdata = base64_decode($base64data); - $fileinfo = finfo_open(); - $mimetype = finfo_buffer($fileinfo, $imgdata, FILEINFO_MIME_TYPE); - $ext = str_replace('image/', '.', $mimetype); - - $tmpfname = tempnam($this->config->item('whisperpic_path'), "wsp"); - $picfname = $tmpfname . $ext; - - // save pic to disk - $handle = fopen($picfname, "w"); - fwrite($handle, $imgdata); - fclose($handle); - - // delete tmp file - if (is_file($tmpfname)) - unlink($tmpfname); - - // return file name - return $picfname; - } } diff --git a/application/controllers/person/Person.php b/application/controllers/person/Person.php index 24ba3a959..50eeb404c 100644 --- a/application/controllers/person/Person.php +++ b/application/controllers/person/Person.php @@ -1,5 +1,5 @@ load->database(); + + // UID must be set in Production Mode + if (ENVIRONMENT=='production' && is_null($uid)) + log_message('error', 'UID must be set in Production Mode.'); + elseif (is_null($uid)) + log_message('info', 'UID is not set.'); + // Loading Tools for Access Control (Benutzerberechtigungen) $this->load->library('FHC_DB_ACL',array('uid' => $uid)); } - } diff --git a/application/libraries/FHC_DB_ACL.php b/application/libraries/FHC_DB_ACL.php index cd79d438d..db906384e 100644 --- a/application/libraries/FHC_DB_ACL.php +++ b/application/libraries/FHC_DB_ACL.php @@ -10,14 +10,14 @@ * @since Version 1.0.0 * @filesource */ -defined('BASEPATH') OR exit('No direct script access allowed'); -require_once('include/basis_db.class.php'); -require_once('include/organisationseinheit.class.php'); -require_once('include/studiengang.class.php'); -require_once('include/fachbereich.class.php'); -require_once('include/functions.inc.php'); -require_once('include/wawi_kostenstelle.class.php'); -require_once('include/benutzerberechtigung.class.php'); +defined('FCPATH') OR exit('No direct script access allowed'); +require_once(FCPATH.'include/basis_db.class.php'); +require_once(FCPATH.'include/organisationseinheit.class.php'); +require_once(FCPATH.'include/studiengang.class.php'); +require_once(FCPATH.'include/fachbereich.class.php'); +require_once(FCPATH.'include/functions.inc.php'); +require_once(FCPATH.'include/wawi_kostenstelle.class.php'); +require_once(FCPATH.'include/benutzerberechtigung.class.php'); /** * FHC-Auth Helpers diff --git a/application/models/person/Person_model.php b/application/models/person/Person_model.php index 77c0f1f3e..5a01c29e2 100644 --- a/application/models/person/Person_model.php +++ b/application/models/person/Person_model.php @@ -6,9 +6,9 @@ class Person_model extends DB_Model parent::__construct($uid); } - public function getPersonen($person_id = FALSE) + public function getPerson($person_id = null) { - if ($person_id === FALSE) + if (is_null($person_id)) { $query = $this->db->get_where('public.tbl_person', array('vorname' => 'Christian')); return $query->result_object(); diff --git a/ci_hack.php b/ci_hack.php index 7baffee0e..410df75c9 100755 --- a/ci_hack.php +++ b/ci_hack.php @@ -53,7 +53,7 @@ * * NOTE: If you change these, also change the error_reporting() code below */ - define('ENVIRONMENT', isset($_SERVER['CI_ENV']) ? $_SERVER['CI_ENV'] : 'development'); + define('ENVIRONMENT', isset($_SERVER['CI_ENV']) ? $_SERVER['CI_ENV'] : 'production'); /* *--------------------------------------------------------------- * ERROR REPORTING @@ -304,6 +304,7 @@ $loader=new CI_Loader(); require_once(dirname(__FILE__).'/vendor/codeigniter/framework/system/core/Controller.php'); $controller=new CI_Controller(); require_once(dirname(__FILE__).'/vendor/codeigniter/framework/system/core/Model.php'); +require_once(dirname(__FILE__).'/application/core/MY_Model.php'); $model=new CI_Model(); // Traits diff --git a/include/person.class.php b/include/person.class.php index 614326f42..e5a46b3bd 100644 --- a/include/person.class.php +++ b/include/person.class.php @@ -27,7 +27,7 @@ require_once(dirname(__FILE__).'/datum.class.php'); // CI require_once(dirname(__FILE__).'/../ci_hack.php'); -require_once(dirname(__FILE__).'/../application/models/Person_model.php'); +require_once(dirname(__FILE__).'/../application/models/person/Person_model.php'); class person extends Person_model { diff --git a/index.php b/index.ci.php similarity index 100% rename from index.php rename to index.ci.php