From ace3bd673611366039c2ebddd0b360cfd3b8ceaf Mon Sep 17 00:00:00 2001
From: cgfhtw <christopher.gerbrich@technikum-wien.at>
Date: Thu, 27 Jul 2023 10:57:53 +0200
Subject: [PATCH] Verbesserungen

---
 application/controllers/Cis/Pub.php           | 167 ++++++++++++++++++
 application/controllers/CisVue/Cms.php        |   9 +-
 application/controllers/components/CisVue.php |  10 +-
 application/views/lehre/Antrag/Create.php     |   6 +-
 .../views/lehre/Antrag/Student/List.php       |   4 +-
 .../lehre/Antrag/Wiederholung/Student.php     |   2 +-
 .../views/templates/CISHMVC-Header.php        |  11 +-
 .../views/templates/CISHTML-Header.php        |   7 +-
 application/views/templates/CISVUE-Header.php |  10 +-
 application/views/templates/FHC-Header.php    |   2 +-
 public/css/Cis4/Cis.css                       |  14 ++
 public/css/cis4.css                           |   0
 12 files changed, 221 insertions(+), 21 deletions(-)
 create mode 100644 application/controllers/Cis/Pub.php
 create mode 100644 public/css/cis4.css

diff --git a/application/controllers/Cis/Pub.php b/application/controllers/Cis/Pub.php
new file mode 100644
index 000000000..34a71b85d
--- /dev/null
+++ b/application/controllers/Cis/Pub.php
@@ -0,0 +1,167 @@
+<?php
+
+if (! defined('BASEPATH')) exit('No direct script access allowed');
+ 
+/**
+ * 
+ */
+class Pub extends FHC_Controller
+{
+	/**
+	 * Constructor
+	 */
+	public function __construct()
+	{
+		parent::__construct();
+
+		// Load Libraries
+		$this->load->library('AuthLib');
+		$this->load->library('PermissionLib');
+	}
+
+	// -----------------------------------------------------------------------------------------------------------------
+	// Public methods
+
+	/**
+	 * @param string	$source [person|akte]
+	 * @param integer	$id
+	 * @return void
+	 */
+	public function bild($source, $id)
+	{
+		$this->load->model('person/Person_model', 'PersonModel');
+
+		$person_id_user = '';
+		$serverzugriff = false;
+
+		// Wenn das Bild direkt aufgerufen wird, ist eine Authentifizierung erforderlich
+		// Wenn es vom Server selbst aufgerufen wird, ist keine Auth. notwendig
+		// (z.B. fuer die Erstellung von PDFs)
+		if ($_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) {
+			// Wenn Session gesetzt ist, keine Abfrage, da diese Personen noch keine UID haben
+			
+			if (isset($_SESSION['incoming/user'])) { // Von Incomingtool
+				$result = $this->PersonModel->loadWhere([
+					'zugangscode' => $_SESSION['incoming/user']
+				]);
+				if (hasData($result))
+					$person_id_user = current(getData($result))->person_id;
+			} elseif (isset($_SESSION['prestudent/user'])) { // Von Prestudententool
+				$result = $this->PersonModel->loadWhere([
+					'zugangscode' => $_SESSION['prestudent/user']
+				]);
+				if (hasData($result))
+					$person_id_user = current(getData($result))->person_id;
+			} elseif (isset($_SESSION['bewerbung/personId'])) { // Von Bewerbungstool
+				$person_id_user = $_SESSION['bewerbung/personId'];
+			} else {
+				$person_id_user = getAuthPersonId();
+			}
+		} else {
+			$serverzugriff = true;
+		}
+
+		// Default Bild (Dummy Profilbild)
+		$cTmpHEX = base64_encode(file_get_contents(FHCPATH . 'skin/images/profilbild_dummy.jpg'));
+
+		if ($source == 'person' && $id) {
+			$foto_gesperrt = false;
+			// Person laden und Fotosperre überprüfen
+			$result = $this->PersonModel->load($id);
+			if (hasData($result)) {
+				$person = current(getData($result));
+				if ($person->foto_sperre) {
+					// Wenn der User selbst darauf zugreift darf er das Bild sehen
+					$foto_gesperrt = ($person_id_user != $id);
+				} elseif (!$person_id_user && !$serverzugriff) {
+					$foto_gesperrt = true;
+				}
+
+				if ($person->foto && !$foto_gesperrt) {
+					$cTmpHEX = base64_decode($person->foto);
+				}
+			}
+		}
+		if($source == 'akte' && $id != '')
+		{
+			$this->load->model('crm/Akte_model', 'AkteModel');
+
+			$this->AkteModel->addJoin('public.tbl_person', 'person_id');
+			$result = $this->AkteModel->loadWhere([
+				'person_id' => $id,
+				'dokument_kurzbz' => 'Lichtbil'
+			]);
+
+			if (hasData($result)) {
+				$foto_gesperrt = false;
+
+				$akte = current(getData($result));
+				if ($akte->foto_sperre) {
+					// Wenn der User selbst darauf zugreift darf er das Bild sehen
+					$foto_gesperrt = ($person_id_user != $id);
+				} elseif (!$person_id_user && !$serverzugriff) {
+					$foto_gesperrt = true;
+				}
+
+				// Wenn das Foto nicht im Inhalt steht wird aus aus dem DMS geladen
+				if (!$akte->inhalt && $akte->dms_id) {
+					$this->load->model('content/Dms_model', 'DmsModel');
+					$this->load->model('content/DmsVersion_model', 'DmsVersionModel');
+
+					$this->DmsModel->addJoin('campus.tbl_dms_version', 'dms_id');
+					$this->DmsModel->addOrder('version', 'DESC');
+					$this->DmsModel->addLimit(1);
+					$result = $this->DmsModel->load($akte->dms_id);
+
+					if (!hasData($result))
+						die('Kein Dokument vorhanden');
+
+					$dms = current(getData($result));
+
+					$filename = DMS_PATH . $dms->filename;
+
+					$this->DmsVersionModel->update([
+						'dms_id' => $dms->dms_id,
+						'version' => $dms->version
+					], [
+						'letzterzugriff' => date('c')
+					]);
+
+					if (file_exists($filename)) {
+						if ($handle = fopen($filename, "r")) {
+							while (!feof($handle)) {
+								$akte->inhalt .= fread($handle, 8192);
+							}
+							fclose($handle);
+						} else {
+							echo 'Fehler: Datei konnte nicht geoeffnet werden';
+						}
+					} else {
+						echo 'Die Datei existiert nicht';
+					}
+				}
+
+				if ($akte->inhalt && !$foto_gesperrt) {
+					$cTmpHEX = $akte->inhalt;
+				}
+
+			}
+		}
+
+		// die bilder werden, sofern es funktioniert, in jpg umgewandelt da es sonst zu fehlern beim erstellen
+		// von pdfs kommen kann.
+
+		$im = @imagecreatefromstring(base64_decode($cTmpHEX));
+		if ($im) {
+			@ob_clean();
+			header("Content-type: image/jpeg");
+			exit(imagejpeg($im));
+		} else {
+			// bei manchen Bildern funktioniert die konvertierung nicht
+			// diese werden dann einfach so angezeigt.
+			@ob_clean();
+			header("Content-type: image/gif");
+			exit($cTmpHEX);
+		}
+	}
+}
diff --git a/application/controllers/CisVue/Cms.php b/application/controllers/CisVue/Cms.php
index 9ec22bea0..fa6f0e980 100644
--- a/application/controllers/CisVue/Cms.php
+++ b/application/controllers/CisVue/Cms.php
@@ -5,19 +5,18 @@ if (! defined('BASEPATH')) exit('No direct script access allowed');
 /**
  * 
  */
-class Cms extends Auth_Controller
+class Cms extends FHC_Controller
 {
 	/**
 	 * Constructor
 	 */
 	public function __construct()
 	{
-		parent::__construct([
-			'content' => 'user:r',
-			'news' => 'user:r'
-		]);
+		parent::__construct();
 
 		// Loads Libraries
+		$this->load->library('AuthLib');
+		$this->load->library('PermissionLib');
 		$this->load->library('CmsLib');
 
 		// Loads phrases system
diff --git a/application/controllers/components/CisVue.php b/application/controllers/components/CisVue.php
index b8b7f98cc..537537f08 100644
--- a/application/controllers/components/CisVue.php
+++ b/application/controllers/components/CisVue.php
@@ -5,7 +5,7 @@ if (! defined('BASEPATH')) exit('No direct script access allowed');
 /**
  *
  */
-class CisVue extends Auth_Controller
+class CisVue extends FHC_Controller
 {
 
 	/**
@@ -13,12 +13,14 @@ class CisVue extends Auth_Controller
 	 */
 	public function __construct()
 	{
-		parent::__construct([
-			'Menu' => 'user:r'
-		]);
+		parent::__construct();
 
 		// Loads authentication library and starts authentication
 		$this->load->library('AuthLib');
+		$this->load->library('PermissionLib');
+
+		if (!isLogged())
+			show_404();
 	}
 
 	//------------------------------------------------------------------------------------------------------------------
diff --git a/application/views/lehre/Antrag/Create.php b/application/views/lehre/Antrag/Create.php
index 87c9c3af6..e1b80958c 100644
--- a/application/views/lehre/Antrag/Create.php
+++ b/application/views/lehre/Antrag/Create.php
@@ -18,13 +18,13 @@ $sitesettings = array(
 );
 
 $this->load->view(
-	'templates/FHC-Header',
+	'templates/CISHTML-Header',
 	$sitesettings
 );
 ?>
 
 <div id="wrapper">
-	<div class="fhc-header">
+	<div class="fhc-header hide-in-frame">
 		<h1 class="h2"><?= $this->p->t('studierendenantrag', 'antrag_header'); ?></h1>
 	</div>
 
@@ -49,6 +49,6 @@ $this->load->view(
 
 <?php
 $this->load->view(
-	'templates/FHC-Footer',
+	'templates/CISHTML-Footer',
 	$sitesettings
 );
diff --git a/application/views/lehre/Antrag/Student/List.php b/application/views/lehre/Antrag/Student/List.php
index 52242d7d6..c7b6676b9 100644
--- a/application/views/lehre/Antrag/Student/List.php
+++ b/application/views/lehre/Antrag/Student/List.php
@@ -17,7 +17,7 @@ $sitesettings = array(
 );
 
 $this->load->view(
-	'templates/FHC-Header',
+	'templates/CISHTML-Header',
 	$sitesettings
 );
 ?>
@@ -131,6 +131,6 @@ $this->load->view(
 
 <?php
 $this->load->view(
-	'templates/FHC-Footer',
+	'templates/CISHTML-Footer',
 	$sitesettings
 );
diff --git a/application/views/lehre/Antrag/Wiederholung/Student.php b/application/views/lehre/Antrag/Wiederholung/Student.php
index 9c2db040e..5a9fc2fb4 100644
--- a/application/views/lehre/Antrag/Wiederholung/Student.php
+++ b/application/views/lehre/Antrag/Wiederholung/Student.php
@@ -26,7 +26,7 @@ $this->load->view(
 ?>
 
 <div id="wrapper" class="overflow-hidden">
-	<div class="fhc-header" v-if="notinframe">
+	<div class="fhc-header hide-in-frame" v-if="notinframe">
 		<h1 class="h2"><?= $this->p->t('studierendenantrag', 'title_lvzuweisen', ['name' => $antrag->name]);?></h1>
 	</div>
 	<div class="fhc-container row mt-3">
diff --git a/application/views/templates/CISHMVC-Header.php b/application/views/templates/CISHMVC-Header.php
index a9b429217..7e4b8cea3 100644
--- a/application/views/templates/CISHMVC-Header.php
+++ b/application/views/templates/CISHMVC-Header.php
@@ -6,11 +6,17 @@
 		}
 	}
 ?>
+
+<script type="text/javascript">
+	if (window.self !== window.top)
+		document.body.classList.add("in-frame");
+</script>
+
 <header id="cis-header" class="navbar-dark">
 	<button id="nav-main-btn" class="navbar-toggler" type="button" data-bs-toggle="offcanvas" data-bs-target="#nav-main" aria-controls="nav-main" aria-expanded="false" aria-label="Toggle navigation">
 		<span class="navbar-toggler-icon"></span>
 	</button>
-	<a id="nav-logo" href="<?= site_url('CisHmvc'); ?>">
+	<a id="nav-logo" href="<?= site_url(''); ?>">
 		<img src="<?= base_url('/public/images/logo-300x160.png'); ?>" alt="Logo">
 	</a>
 	<nav id="nav-main" class="offcanvas offcanvas-start bg-dark" tabindex="-1" aria-labelledby="nav-main-btn" data-bs-backdrop="false">
@@ -24,7 +30,7 @@
 		<div class="offcanvas-body p-0">
 			<fhc-searchbar id="nav-search" class="fhc-searchbar w-100" :searchoptions="searchbaroptions" :searchfunction="searchfunction"></fhc-searchbar>
 			<button id="nav-user-btn" class="btn btn-link rounded-0" type="button" data-bs-toggle="collapse" data-bs-target="#nav-user-menu" aria-expanded="false" aria-controls="nav-user-menu">
-				<img src="<?= base_url('/cis/public/bild.php?src=person&person_id=' . getAuthPersonId()); ?>" class="avatar rounded-circle"/>
+				<img src="<?= site_url('Cis/Pub/bild/person/' . getAuthPersonId()); ?>" class="avatar rounded-circle"/>
 			</button>
 			<ul id="nav-user-menu" class="collapse list-unstyled" aria-labelledby="nav-user-btn">
 				<li><a class="btn btn-level-2 rounded-0 d-block" href="#" id="menu-profil">Profil</a></li>
@@ -46,4 +52,5 @@
 		</div>
 	</nav>
 </header>
+
 <main id="cis-main" class="flex-grow-1 overflow-scroll p-4">
diff --git a/application/views/templates/CISHTML-Header.php b/application/views/templates/CISHTML-Header.php
index fe2d69b28..2ae90bda8 100644
--- a/application/views/templates/CISHTML-Header.php
+++ b/application/views/templates/CISHTML-Header.php
@@ -23,6 +23,10 @@ if (!isset($menu)) {
 }
 ?>
 
+<script type="text/javascript">
+	if (window.self !== window.top)
+		document.body.classList.add("in-frame");
+</script>
 <header id="cis-header" class="navbar-dark">
 	<button id="nav-main-btn" class="navbar-toggler" type="button" data-bs-toggle="offcanvas" data-bs-target="#nav-main" aria-controls="nav-main" aria-expanded="false" aria-label="Toggle navigation">
 		<span class="navbar-toggler-icon"></span>
@@ -39,7 +43,7 @@ if (!isset($menu)) {
 		<div class="offcanvas-body p-0">
 			<fhc-searchbar id="nav-search" class="fhc-searchbar w-100" :searchoptions="searchbaroptions" :searchfunction="searchfunction"></fhc-searchbar>
 			<button id="nav-user-btn" class="btn btn-link rounded-0" type="button" data-bs-toggle="collapse" data-bs-target="#nav-user-menu" aria-expanded="false" aria-controls="nav-user-menu">
-				<img src="<?= base_url('/cis/public/bild.php?src=person&person_id=' . getAuthPersonId()); ?>" class="avatar rounded-circle"/>
+				<img src="<?= site_url('Cis/Pub/bild/person/' . getAuthPersonId()); ?>" class="avatar rounded-circle"/>
 			</button>
 			<ul id="nav-user-menu" class="collapse list-unstyled" aria-labelledby="nav-user-btn">
 				<li><a class="btn btn-level-2 rounded-0 d-block" href="#" id="menu-profil">Profil</a></li>
@@ -57,4 +61,5 @@ if (!isset($menu)) {
 		</div>
 	</nav>
 </header>
+
 <main id="cis-main" class="flex-grow-1 overflow-scroll p-4">
diff --git a/application/views/templates/CISVUE-Header.php b/application/views/templates/CISVUE-Header.php
index bd4afa012..b65e02e13 100644
--- a/application/views/templates/CISVUE-Header.php
+++ b/application/views/templates/CISVUE-Header.php
@@ -17,13 +17,19 @@ $this->load->view('templates/FHC-Header', $includesArray);
 
 ?>
 
+<script type="text/javascript">
+	if (window.self !== window.top)
+		document.body.classList.add("in-frame");
+</script>
+
 <header id="cis-header" class="navbar-dark">
 	<cis-menu 
-		root-url="<?= site_url('CisVue'); ?>" 
+		root-url="<?= site_url(''); ?>" 
 		logo-url="<?= base_url('/public/images/logo-300x160.png'); ?>" 
-		avatar-url="<?= base_url('/cis/public/bild.php?src=person&person_id=' . getAuthPersonId()); ?>" 
+		avatar-url="<?= site_url('Cis/Pub/bild/person/' . getAuthPersonId()); ?>" 
 		logout-url="<?= site_url('Cis/Auth/logout'); ?>" 
 		:searchbaroptions="searchbaroptions" 
 		:searchfunction="searchfunction" />
 </header>
+
 <main id="cis-main" class="flex-grow-1 overflow-scroll p-4">
diff --git a/application/views/templates/FHC-Header.php b/application/views/templates/FHC-Header.php
index b87a6e6d0..c891f432f 100644
--- a/application/views/templates/FHC-Header.php
+++ b/application/views/templates/FHC-Header.php
@@ -119,7 +119,7 @@
 			if ($widgets === true) generateCSSsInclude('public/css/Widgets.css');
 
 			// CIS
-			if ($cis === true) generateCSSsInclude('public/css/cis_bs5.css');
+			if ($cis === true) generateCSSsInclude(defined('CIS4') ? 'public/css/cis4.css' : 'public/css/cis_bs5.css');
 
 			// Eventually required CSS
 			generateCSSsInclude($customCSSs); // Eventually required CSS
diff --git a/public/css/Cis4/Cis.css b/public/css/Cis4/Cis.css
index c698ff6e5..0ed8ecf62 100644
--- a/public/css/Cis4/Cis.css
+++ b/public/css/Cis4/Cis.css
@@ -174,6 +174,15 @@
   width: 100% !important;
 }
 
+/* frame */
+.in-frame {
+  --fhc-cis-header-height: 0;
+}
+.in-frame #cis-header,
+.in-frame .hide-in-frame {
+  display: none;
+}
+
 /* desktop */
 @media (min-width: 992px) {
   body {
@@ -218,11 +227,16 @@
     width: 0;
     z-index: 1;
   }
+  #nav-main-toggle .btn,
   #nav-main-toggle .fa-arrow-circle-left {
     transition: all 0.5s ease-in-out;
   }
+  #nav-main-toggle .collapsed.btn {
+    background-color: transparent !important;
+  }
   #nav-main-toggle .collapsed .fa-arrow-circle-left {
     transform: scaleX(-1);
+    color: var(--bs-dark);
   }
   #nav-search {
     position: fixed;
diff --git a/public/css/cis4.css b/public/css/cis4.css
new file mode 100644
index 000000000..e69de29bb