Settings.php 5.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255
  1. <?php
  2. ###
  3. # @name Settings Module
  4. # @copyright 2015 by Tobias Reich
  5. ###
  6. if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
  7. class Settings extends Module {
  8. private $database = null;
  9. public function __construct($database) {
  10. # Init vars
  11. $this->database = $database;
  12. return true;
  13. }
  14. public function get() {
  15. # Check dependencies
  16. self::dependencies(isset($this->database));
  17. # Execute query
  18. $query = Database::prepare($this->database, "SELECT * FROM ?", array(LYCHEE_TABLE_SETTINGS));
  19. $settings = $this->database->query($query);
  20. # Add each to return
  21. while ($setting = $settings->fetch_object()) $return[$setting->key] = $setting->value;
  22. # Fallback for versions below v2.5
  23. if (!isset($return['plugins'])) $return['plugins'] = '';
  24. return $return;
  25. }
  26. public function setLogin($oldPassword = '', $username, $password) {
  27. # Check dependencies
  28. self::dependencies(isset($this->database));
  29. # Load settings
  30. $settings = $this->get();
  31. if ($oldPassword===$settings['password']||$settings['password']===crypt($oldPassword, $settings['password'])) {
  32. # Save username
  33. if ($this->setUsername($username)!==true) exit('Error: Updating username failed!');
  34. # Save password
  35. if ($this->setPassword($password)!==true) exit('Error: Updating password failed!');
  36. return true;
  37. }
  38. exit('Error: Current password entered incorrectly!');
  39. }
  40. private function setUsername($username) {
  41. # Check dependencies
  42. self::dependencies(isset($this->database));
  43. # Hash username
  44. $username = getHashedString($username);
  45. # Execute query
  46. # Do not prepare $username because it is hashed and save
  47. # Preparing (escaping) the username would destroy the hash
  48. $query = Database::prepare($this->database, "UPDATE ? SET value = '$username' WHERE `key` = 'username'", array(LYCHEE_TABLE_SETTINGS));
  49. $result = $this->database->query($query);
  50. if (!$result) {
  51. Log::error($this->database, __METHOD__, __LINE__, $this->database->error);
  52. return false;
  53. }
  54. return true;
  55. }
  56. private function setPassword($password) {
  57. # Check dependencies
  58. self::dependencies(isset($this->database));
  59. # Hash password
  60. $password = getHashedString($password);
  61. # Execute query
  62. # Do not prepare $password because it is hashed and save
  63. # Preparing (escaping) the password would destroy the hash
  64. $query = Database::prepare($this->database, "UPDATE ? SET value = '$password' WHERE `key` = 'password'", array(LYCHEE_TABLE_SETTINGS));
  65. $result = $this->database->query($query);
  66. if (!$result) {
  67. Log::error($this->database, __METHOD__, __LINE__, $this->database->error);
  68. return false;
  69. }
  70. return true;
  71. }
  72. public function setDropboxKey($key) {
  73. # Check dependencies
  74. self::dependencies(isset($this->database, $key));
  75. if (strlen($key)<1||strlen($key)>50) {
  76. Log::notice($this->database, __METHOD__, __LINE__, 'Dropbox key is either too short or too long');
  77. return false;
  78. }
  79. # Execute query
  80. $query = Database::prepare($this->database, "UPDATE ? SET value = '?' WHERE `key` = 'dropboxKey'", array(LYCHEE_TABLE_SETTINGS, $key));
  81. $result = $this->database->query($query);
  82. if (!$result) {
  83. Log::error($this->database, __METHOD__, __LINE__, $this->database->error);
  84. return false;
  85. }
  86. return true;
  87. }
  88. public function setSortingPhotos($type, $order) {
  89. # Check dependencies
  90. self::dependencies(isset($this->database, $type, $order));
  91. $sorting = 'ORDER BY ';
  92. # Set row
  93. switch ($type) {
  94. case 'id': $sorting .= 'id';
  95. break;
  96. case 'title': $sorting .= 'title';
  97. break;
  98. case 'description': $sorting .= 'description';
  99. break;
  100. case 'public': $sorting .= 'public';
  101. break;
  102. case 'type': $sorting .= 'type';
  103. break;
  104. case 'star': $sorting .= 'star';
  105. break;
  106. case 'takestamp': $sorting .= 'takestamp';
  107. break;
  108. default: exit('Error: Unknown type for sorting!');
  109. }
  110. $sorting .= ' ';
  111. # Set order
  112. switch ($order) {
  113. case 'ASC': $sorting .= 'ASC';
  114. break;
  115. case 'DESC': $sorting .= 'DESC';
  116. break;
  117. default: exit('Error: Unknown order for sorting!');
  118. }
  119. # Execute query
  120. # Do not prepare $sorting because it is a true statement
  121. # Preparing (escaping) the sorting would destroy it
  122. # $sorting is save and can't contain user-input
  123. $query = Database::prepare($this->database, "UPDATE ? SET value = '$sorting' WHERE `key` = 'sortingPhotos'", array(LYCHEE_TABLE_SETTINGS));
  124. $result = $this->database->query($query);
  125. if (!$result) {
  126. Log::error($this->database, __METHOD__, __LINE__, $this->database->error);
  127. return false;
  128. }
  129. return true;
  130. }
  131. public function setSortingAlbums($type, $order) {
  132. # Check dependencies
  133. self::dependencies(isset($this->database, $type, $order));
  134. $sorting = 'ORDER BY ';
  135. # Set row
  136. switch ($type) {
  137. case 'id': $sorting .= 'id';
  138. break;
  139. case 'title': $sorting .= 'title';
  140. break;
  141. case 'description': $sorting .= 'description';
  142. break;
  143. case 'public': $sorting .= 'public';
  144. break;
  145. default: exit('Error: Unknown type for sorting!');
  146. }
  147. $sorting .= ' ';
  148. # Set order
  149. switch ($order) {
  150. case 'ASC': $sorting .= 'ASC';
  151. break;
  152. case 'DESC': $sorting .= 'DESC';
  153. break;
  154. default: exit('Error: Unknown order for sorting!');
  155. }
  156. # Execute query
  157. # Do not prepare $sorting because it is a true statement
  158. # Preparing (escaping) the sorting would destroy it
  159. # $sorting is save and can't contain user-input
  160. $query = Database::prepare($this->database, "UPDATE ? SET value = '$sorting' WHERE `key` = 'sortingAlbums'", array(LYCHEE_TABLE_SETTINGS));
  161. $result = $this->database->query($query);
  162. if (!$result) {
  163. Log::error($this->database, __METHOD__, __LINE__, $this->database->error);
  164. return false;
  165. }
  166. return true;
  167. }
  168. }
  169. ?>