123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614 |
- <?php
- require_once __DIR__.DIRECTORY_SEPARATOR."common.php";
- if(!isset($_['action'])) throw new Exception('Action inexistante');
- //Execution du code en fonction de l'action
- switch ($_['action']){
-
-
- case 'login':
- global $myUser;
- try{
- $myUser = User::check($_['login'],$_['password']);
-
- if(!$myUser->connected()) throw new Exception('Utilisateur inexistant');
- $_SESSION['currentUser'] = serialize($myUser);
-
- }catch(Exception $e){
- $_SESSION['error'] = $e->getMessage();
- }
- header('location: index.php');
- break;
-
- case 'logout':
- unset($_SESSION['currentUser']);
- session_destroy();
- header('location: index.php');
- break;
- case 'save_user':
- try{
- global $myUser;
- if(!$myUser->connected()) throw new Exception("Permission refusée, seul un connecté peux faire ça");
- if($myUser->id!=$_['id']) throw new Exception("Permission refusée, seul le propriétaire du compte peux faire ça");
- if($_['password']!=$_['confirmPassword']) throw new Exception("Les deux mot de passe ne correspondent pas");
- $myUser->password = User::password_encrypt($_['password']);
- $myUser->save();
- $_SESSION['success'] = "Mot de passe modifié avec succès";
- }catch(Exception $e){
- $_SESSION['error'] = $e->getMessage();
- }
- header('location: account.php');
- break;
-
- // SKETCH
- case 'create_sketch':
- Action::write(function($_,&$response){
- global $myUser;
- if(!$myUser->connected()) throw new Exception("Permission refusée, seul un connecté peux faire ça");
- $sketch = new Sketch();
- $sketch->fromArray($_);
- $sketch->owner = $myUser->id;
- $sketch->save();
- $resource = new Resource();
- $resource->label = 'README';
- $resource->type = 'readme';
- $resource->sketch = $sketch->id;
- $resource->content = 'Décrivez votre projet ici...';
- $resource->sort = 0;
- $resource->save();
- $response = $sketch->toArray();
- });
- break;
-
- case 'export_sketch':
-
- global $myUser;
- $response = array();
- try{
-
- $sketch = Sketch::getById($_['id']);
-
- if(!$sketch->public && $myUser->id!=$sketch->owner)throw new Exception('Ce sketch est privé');
-
- $response['sketch'] = $sketch->toArray();
- $response['resources'] = array();
-
- foreach(Resource::loadAll(array('sketch'=>$_['id'])) as $resource)
- $response['resources'][] = Type::toExport($resource);
-
- }catch(Exception $e){
- $response['error'] = $e->getMessage();
- }
-
- $response = gzdeflate(json_encode($response));
-
- if(!isset($_['api'])){
- $filename = slugify($sketch->label).('.export.').date('d-m-Y_H-i').'.json';
- header("Content-Type: application/json");
- header("Content-Length: " . strlen($response));
- header('Expires: Sun, 01 Jan 2014 00:00:00 GMT');
- header('Cache-Control: no-store, no-cache, must-revalidate');
- header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
- header('Cache-Control: post-check=0, pre-check=0', FALSE);
- header('Pragma: no-cache');
- header("Content-Disposition: attachment; filename=\"".$filename."\"");
- }
- echo $response;
- break;
-
- case 'import_sketch':
- Action::write(function($_,&$response){
- global $myUser;
- if(!$myUser->connected()) throw new Exception("Permission refusée, seul un connecté peux faire ça");
-
- if($_['from'] == 'url'){
- if(!isset($_['url']) || empty($_['url'])) throw new Exception("Adresse du sketch invalide");
- $url = parse_url($_['url']);
- parse_str($url['query'], $parameters);
- if(!isset($parameters['id']) || empty($parameters['id']) || !is_numeric($parameters['id'])) throw new Exception("ID du sketch invalide");
- $contentPath = $url['scheme'].'://'.$url['host'].'/'.substr($url['path'],0,-11).'/action.php?action=export_sketch&id='.$parameters['id'].'&api=true';
- }else{
- $ext = getExt($_FILES['file']['name']);
- if($ext!='json') throw new Exception('Extension JSON autorisée uniquement');
- $contentPath = $_FILES['file']['tmp_name'];
- }
-
- $stream = false;
- try{ $stream = @file_get_contents($contentPath); }catch(Exception $a){}
- if($stream === false) throw new Exception("Impossible d'atteindre le contenu hackpoint : $contentPath ");
- $stream = gzinflate($stream);
- if($stream === false) throw new Exception('Impossible de décompresser le sketch...');
- $json = json_decode($stream,true);
- if($json == false) throw new Exception('Impossible de parser la réponse du hackpoint, json invalide :'.$stream);
-
-
-
- if(isset($json['error'])) throw new Exception($json['error']);
- $sketch = new Sketch();
- $sketch->fromArray($json['sketch']);
- $sketch->id = null;
- $sketch->owner = $myUser->id;
- $sketch->public = 0;
- $sketch->label = $sketch->label .='-import-'.date('d/m/Y H:i');
- $sketch->save();
-
-
-
- foreach($json['resources'] as $res)
- Type::fromImport($res,$sketch);
- });
- break;
- case 'search_sketch':
- Action::write(function($_,&$response){
- global $myUser;
- $sketchs = Sketch::loadAll(array('owner'=>$myUser->id));
- foreach($sketchs as $sketch){
- $sketch->label = html_entity_decode($sketch->label);
- $response['rows'][] = $sketch->toArray();
- }
- });
- break;
- case 'delete_sketch':
- Action::write(function($_,&$response){
- global $myUser;
- $sketch = Sketch::getById($_['id']);
- if($myUser->id != $sketch->owner) throw new Exception("Permission refusée, seul l'auteur du sketch peux faire ça");
- Part::staticQuery("delete FROM ".ResourcePart::tableName()." WHERE resource IN(SELECT id FROM ".Resource::tableName()." WHERE sketch=".$_['id'].") ");
- foreach(Resource::loadAll(array('sketch'=>$_['id'])) as $resource):
- $resource->remove();
- endforeach;
- Sketch::deleteById($_['id']);
- });
- break;
- case 'save_sketch_title':
- Action::write(function($_,&$response){
- global $myUser;
- $sketch = Sketch::getById($_['id']);
- if($myUser->id != $sketch->owner) return;
- $sketch->fromArray($_);
- $sketch->save();
- });
- break;
- case 'toggle_share_sketch':
- Action::write(function($_,&$response){
- global $myUser;
- $sketch = Sketch::getById($_['id']);
- if($myUser->id != $sketch->owner) throw new Exception("Permission refusée, seul l'auteur du sketch peux faire ça");
- $sketch->public = $_['state'];
- $sketch->save();
- });
- break;
- case 'download_sketch':
- $sketch = Sketch::getByid($_['id']);
- $resources = Resource::loadAll(array('sketch'=>$sketch->id),'sort');
-
- $filename = $sketch->slug.'-'.time().'.zip';
- $filepath = sys_get_temp_dir().DIRECTORY_SEPARATOR.$filename;
- $zip = new ZipArchive;
- $res = $zip->open($filepath, ZipArchive::CREATE);
- if ($res === TRUE) {
- foreach($resources as $resource){
- $type = Type::get($resource->type);
- $file = Type::toFileStream($resource);
- $zip->addFromString($file->name, $file->content);
- }
- $zip->close();
- }
- header("Content-Type: application/zip");
- header("Content-Length: " . filesize($filepath));
- header('Expires: Sun, 01 Jan 2014 00:00:00 GMT');
- header('Cache-Control: no-store, no-cache, must-revalidate');
- header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
- header('Cache-Control: post-check=0, pre-check=0', FALSE);
- header('Pragma: no-cache');
- header("Content-Disposition: attachment; filename=\"".$filename."\"");
- readfile($filepath);
- unlink($filepath);
- break;
-
- // RESOURCES
- case 'upload_resource':
- Action::write(function($_,&$response){
- global $myUser;
- $resource = Resource::getByid($_['id']);
- $sketch = Sketch::getById($resource->sketch);
- $ext = getExt($_FILES['file']['name']);
- if($myUser->id != $sketch->owner) throw new Exception("Seul le propriétaire du sketch peux faire ça");
- if(!in_array($ext,explode(',',ALLOWED_RESOURCE_IMAGE))) throw new Exception('Extensions autorisées '.ALLOWED_RESOURCE_IMAGE);
- if($_FILES['file']['size']>ALLOWED_RESOURCE_SIZE) throw new Exception('Taille maximum autorisée '.ALLOWED_RESOURCE_SIZE.' o');
- $name = $resource->id.'.'.$ext;
- $path = SKETCH_PATH.$name;
- move_uploaded_file($_FILES['file']['tmp_name'], $path);
- $resource->content = $name;
- $resource->save();
- $response = array_merge(Type::get($resource->type));
- $response['url'] = $path.'?v='.time();
- });
- break;
-
- case 'upload_resource_file':
- Action::write(function($_,&$response){
- global $myUser;
- $resource = Resource::getByid($_['id']);
- $sketch = Sketch::getById($resource->sketch);
- $ext = getExt($_FILES['file']['name']);
- if($myUser->id != $sketch->owner) throw new Exception("Seul le propriétaire du sketch peux faire ça");
- if(ALLOWED_RESOURCE_FILE!='' && !in_array($ext,explode(',',ALLOWED_RESOURCE_FILE))) throw new Exception('Extensions autorisées '.ALLOWED_RESOURCE_FILE);
- if($_FILES['file']['size']>ALLOWED_RESOURCE_SIZE) throw new Exception('Taille maximum autorisée '.ALLOWED_RESOURCE_SIZE.' o');
- $name = $resource->id;
- $folder = SKETCH_PATH.$name;
- if(!file_exists($folder)) mkdir($folder);
-
- $path = $folder.'/'.$_FILES['file']['name'];
-
- move_uploaded_file($_FILES['file']['tmp_name'], $path);
- $response = array_merge(Type::get($resource->type));
- $response['url'] = $path.'?v='.time();
- });
- break;
-
- case 'search_resources':
-
-
- Action::write(function($_,&$response){
-
- if(!isset($_['id']) || !is_numeric($_['id'])) throw new Exception("Sketch non spécifié");
- $resources = Resource::loadAll(array('sketch'=>$_['id']),'sort');
-
- foreach($resources as $resource){
- $resource->label = html_entity_decode($resource->label);
- $resource->content = null;
- $response['rows'][] = $resource->toArray();
- }
-
- });
- break;
-
- case 'import_resource':
- global $myUser;
- $sketch = Sketch::getByid($_['id']);
- if($myUser->id != $sketch->owner) return;
- $ext = explode('.',$_FILES['file']['name']);
- $ext = strtolower(array_pop($ext));
- $types = Type::all();
- $type = 'readme';
- foreach($types as $uid=>$tp)
- if(isset($tp['extension']) && $ext == $tp['extension']) $type = $uid;
-
- Type::fromFileImport($_FILES['file'],$sketch,$type);
-
- break;
-
- //COMPONENT
- case 'upload_component_image':
- global $myUser;
- $ext = explode('.',$_FILES['file']['name']);
- $ext = strtolower(array_pop($ext));
- if(!in_array($ext,explode(',',ALLOWED_RESOURCE_IMAGE))) exit();
- imageResize($_FILES['file']['tmp_name'],100,100);
- echo 'data:image/png;base64,'.base64_encode(file_get_contents($_FILES['file']['tmp_name']));
- break;
-
-
-
- case 'search_component':
- Action::write(function($_,&$response){
- global $myUser;
- $parts = Part::populate();
- foreach($parts as $part){
- $part->label = html_entity_decode($part->label);
- $part->link = html_entity_decode($part->link);
- if($part->image==''){
- $part->image = 'img/default_image.png';
- }else{
- $part->image = PART_PATH.html_entity_decode($part->image);
- }
- $response['rows'][] = $part->toArray();
- }
- });
- break;
-
- case 'delete_component':
- Action::write(function($_,&$response){
- global $myUser;
- $part = Part::getById($_['id']);
- if($myUser->id!=$part->owner) throw new Exception('Seul le propriétaire du composant peux faire ça');
- $part->remove();
- });
- break;
- case 'save_component':
- Action::write(function($_,&$response){
- global $myUser;
- if(!$myUser->connected()) throw new Exception("Permission refusée, seul un connecté peux faire ça");
- $part = isset($_['id']) && is_numeric($_['id'])?Part::getById($_['id']):new Part();
- $part->fromArray($_);
- $part->owner = $myUser->id;
- $part->save();
- if(substr($part->image,0,10) == 'data:image'){
- $imageName = $part->id.'.png';
- base64_to_image($part->image,PART_PATH.$imageName);
- $part->image = $imageName;
- $part->save();
- }
- $response = $part->toArray();
- });
- break;
- case 'edit_component':
- Action::write(function($_,&$response){
- $part = isset($_['id'])? Part::getById($_['id']):new Part;
- $part->label = html_entity_decode($part->label);
- $part->link = html_entity_decode($part->link);
- $part->brand = html_entity_decode($part->brand);
- if($part->image==''){
- $part->image = 'img/default_image.png';
- }else{
- $part->image = PART_PATH.html_entity_decode($part->image);
- }
- $part->image.='?t='.time();
- $response = $part->toArray();
- });
- break;
- //RESOURCE
- case 'save_resource':
- Action::write(function($_,&$response){
- global $myUser;
- $sketch = Sketch::getById($_['sketch']);
- if($myUser->id != $sketch->owner) throw new Exception("Permission refusée, seul l'auteur du sketch peux faire ça");
- $resource = isset($_['id']) && is_numeric($_['id']) && !empty($_['id']) ? Resource::getByid($_['id']) : new Resource();
- $resource->fromArray($_);
- $resource->sort = 10;
- if($resource->type=='readme' && $resource->id==0) $resource->sort = 0;
- $resource->label = $resource->label == ''?'Sans titre '.date('d-m-Y H:i'):$resource->label;
- $resource->save();
-
- $response = $resource->toArray();
- });
- break;
- case 'save_resource_content':
- Action::write(function($_,&$response){
- global $myUser;
-
- $resource = Resource::getByid($_['id']);
- $sketch = Sketch::getById($resource->sketch);
- if($myUser->id != $sketch->owner) return;
- $resource->fromArray($_);
- $resource->save();
- });
- break;
-
- case 'get_resource_file':
- global $myUser;
- $resource = Resource::getById($_['id']);
- $sketch =$resource->sketch_object;
- if($myUser->id != $sketch->owner && !$sketch->public){
- echo 'Désolé, vous n\'avez pas d\'accès à cette ressource...';
- return;
- }
- $filepath = SKETCH_PATH.$resource->id.'/'.$_['file'];
- $finfo = finfo_open(FILEINFO_MIME_TYPE);
-
- $mime = finfo_file($finfo, $filepath);
-
- header('Content-Type: '.$mime);
- header("Content-Length: " . filesize($filepath));
- header('Expires: Sun, 01 Jan 2014 00:00:00 GMT');
- header('Cache-Control: no-store, no-cache, must-revalidate');
- header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
- header('Cache-Control: post-check=0, pre-check=0', FALSE);
- header('Pragma: no-cache');
- header("Content-Disposition: attachment; filename=\"".basename($filepath)."\"");
-
- echo file_get_contents($filepath);
- finfo_close($finfo);
- break;
-
- case 'get_resource_image':
- global $myUser;
-
- $resource = Resource::getById($_['id']);
- $sketch =$resource->sketch_object;
- if($myUser->id != $sketch->owner && !$sketch->public){
- readfile('img/default_image.png');
- return;
- }
- $finfo = finfo_open(FILEINFO_MIME_TYPE);
- $filepath = SKETCH_PATH.$resource->content;
- $mime = finfo_file($finfo, $filepath);
- header('Content-Type: '.$mime);
- readfile($filepath);
- break;
-
- case 'edit_resource':
- Action::write(function($_,&$response){
-
- $resource = Resource::getById($_['id']);
- global $myUser;
- $sketch = Sketch::getById($resource->sketch);
- $resource->label = html_entity_decode($resource->label);
- $response = Type::toHtml($resource,$sketch);
- });
- break;
- case 'delete_resource':
- Action::write(function($_,&$response){
- global $myUser;
- $resource = Resource::getById($_['id']);
- $sketch = Sketch::getById($resource->sketch);
- if($myUser->id != $sketch->owner) throw new Exception("Permission refusée, seul l'auteur du sketch peux faire ça");
- Resource::getById($_['id']);
- $resource->remove();
- });
- break;
-
- /*FILES*/
- case 'search_file':
-
- Action::write(function($_,&$response){
- global $myUser;
- if(!isset($_['id']) || !is_numeric($_['id'])) throw new Exception("Ressource non spécifiée");
-
- $resource = Resource::getById($_['id']);
- $sketch = $resource->sketch_object;
-
- if($myUser->id != $sketch->owner && !$sketch->public) throw new Exception("Désolé, le sketch est privé");
-
- foreach(glob(SKETCH_PATH.'/'.$_['id'].'/*') as $file):
- $icon = getExtIcon(getExt($file));
-
- $response['rows'][] = array('id'=>basename($file),'icon'=>$icon,'label'=>basename($file),'resource'=>$resource->id);
- endforeach;
- });
- break;
-
- case 'download_file':
-
- global $myUser;
- $path = SKETCH_PATH.'/'.$_['resource'];
-
-
- $resource = Resource::getById($_['resource']);
- $sketch = $resource->sketch_object;
- if($myUser->id != $sketch->owner && !$sketch->public) throw new Exception("Permission refusée, le sketch est privé");
-
-
-
- $filename = $resource->label.'-'.time().'.zip';
- $filepath = sys_get_temp_dir().DIRECTORY_SEPARATOR.$filename;
- $zip = new ZipArchive;
- if(file_exists($filepath))unlink($filepath);
- $res = $zip->open($filepath, ZipArchive::CREATE);
- if ($res === TRUE) {
- foreach(glob($path.'/*') as $file)
- $zip->addFile($file,basename($file));
-
-
- $zip->close();
- }
-
- header("Content-Type: application/zip");
- header("Content-Length: " . filesize($filepath));
- header('Expires: Sun, 01 Jan 2014 00:00:00 GMT');
- header('Cache-Control: no-store, no-cache, must-revalidate');
- header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
- header('Cache-Control: post-check=0, pre-check=0', FALSE);
- header('Pragma: no-cache');
- header("Content-Disposition: attachment; filename=\"".$filename."\"");
- readfile($filepath);
- unlink($filepath);
-
- break;
-
- case 'delete_file':
- Action::write(function($_,&$response){
- global $myUser;
- $path = SKETCH_PATH.'/'.$_['resource'].'/'.$_['id'];
- $resource = Resource::getById($_['resource']);
- $sketch = $resource->sketch_object;
- if($myUser->id != $sketch->owner) throw new Exception("Permission refusée, seul l'auteur du sketch peux faire ça");
- if(file_exists($path)) unlink($path);
- });
- break;
-
- /*PART*/
-
- case 'search_part':
-
- Action::write(function($_,&$response){
- if(!isset($_['id']) || !is_numeric($_['id'])) throw new Exception("Ressource non spécifiée");
- $resourceParts = ResourcePart::loadAll(array('resource'=>$_['id']),'sort');
- foreach($resourceParts as $resourcePart):
- $part = $resourcePart->part_object;
- $part->label = html_entity_decode($part->label);
- $part->link = html_entity_decode($part->link);
- if($part->image == '') {
- $part->image = 'img/default_image.png';
- }else{
- $part->image = PART_PATH.$part->image;
- }
- $line = $part->toArray();
- $line['id'] = $resourcePart->id;
- $response['rows'][] = $line;
- endforeach;
- });
- break;
-
- case 'delete_part':
- Action::write(function($_,&$response){
- global $myUser;
- $part = ResourcePart::getById($_['id']);
-
- $resource = $part->resource_object;
- $sketch = $resource->sketch_object;
- if($myUser->id != $sketch->owner) throw new Exception("Permission refusée, seul l'auteur du sketch peux faire ça");
- ResourcePart::deleteById($_['id']);
- });
- break;
- case 'save_part':
- Action::write(function($_,&$response){
- global $myUser;
- $model = isset($_['model']) && is_numeric($_['model']) && !empty($_['model']) ? Part::getByid($_['model']) : new Part();
- if($model->id==0){
- $model->fromArray($_);
- $model->save();
- }
-
- $resourcePart = new ResourcePart();
- $resourcePart->fromArray($_);
- $resourcePart->part = $model->id;
- $resourcePart->save();
-
- });
- break;
-
- case 'autocomplete_part':
- global $myUser;
- $parts = Part::staticQuery("SELECT DISTINCT label,* FROM ".Part::tableName()." WHERE label LIKE ? GROUP BY label ORDER BY price ASC ",array('%'.$_['term'].'%'),true);
- $rows = array();
- levenshtein_deduplication($parts);
- foreach($parts as $part):
- $part->image = PART_PATH.$part->image;
- $rows[] = array('label'=>$part->label.' ('.$part->price.'€)','value'=>$part->toArray());
- endforeach;
- echo json_encode($rows);
- break;
-
- default:
-
- break;
- }
- function levenshtein_deduplication(&$objs){
- foreach($objs as $obj1):
- foreach($objs as $u=>$obj2):
- if($obj1->id==$obj2->id) continue;
- if(levenshtein($obj1->label,$obj2->label) < 5 )
- unset($objs[$u]);
- endforeach;
- endforeach;
- }
- ?>
|