load(array('token'=>$_['token']));
if(isset($myUser) && $myUser!=false)
$myUser->loadRight();
}
$myUser = (!$myUser?new User():$myUser);
//Execution du code en fonction de l'action
switch ($_['action']){
case 'login':
global $conf;
$user = $userManager->exist($_['login'],$_['password']);
$error = '?init=1';
if($user==false){
$error .= '&error='.urlencode('le compte spécifié est inexistant');
}else{
$_SESSION['currentUser'] = serialize($user);
if(isset($_['rememberMe'])){
$expire_time = time() + $conf->get('COOKIE_LIFETIME')*86400; //Jour en secondes
//On crée un cookie dans la bd uniquement si aucun autre cookie n'existe sinon
//On rend inutilisable le cookie utilisé par un autre navigateur
//On ne veut que cela soit le cas uniquement si on clique sur déconnexion (et que l'on a demandé Se souvenir de moi)
$actual_cookie = $user->getCookie();
if ($actual_cookie == "")
{
$cookie_token = sha1(time().rand(0,1000));
$user->setCookie($cookie_token);
$user->save();
}
else
{
$cookie_token = $actual_cookie;
}
Functions::makeCookie($conf->get('COOKIE_NAME'),$cookie_token,$expire_time);
}
}
header('location: ./index.php'.$error);
break;
case 'GET_TOKEN':
$user = $userManager->load(array('login'=>$_['login'],'password'=>sha1(md5($_['password']))));
$response['token'] = $user->getToken();
echo json_encode($response);
break;
case 'user_add_user':
$right_toverify = isset($_['id']) ? 'u' : 'c';
if($myUser->can('user',$right_toverify)){
$user = new User();
//Si modification on charge la ligne au lieu de la créer
if ($right_toverify == "u"){$user = $user->load(array("id"=>$_['id']));}
$user->setMail($_['mailUser']);
$user->setName($_['nameUser']);
$user->setFirstName($_['firstNameUser']);
$user->setPassword($_['passwordUser']);
$user->setLogin($_['loginUser']);
$user->setRank($_['rankUser']);
$user->setState(1);
$user->setToken(sha1(time().rand(0,1000)));
$user->save();
Functions::goback("setting","user");
}
else
{
Functions::goback("setting","user","&error=Vous n'avez pas le droit de faire ça!");
}
break;
case 'delete_user':
if(!$myUser->can('user','d')) exit('ERREUR: Permissions insuffisantes.');
$userManager = new User();
$NbUsers = $userManager->rowCount();
if(isset($_['id']) && $NbUsers > 1){
$userManager->delete(array('id'=>$_['id']));
Functions::goback("setting","user");
}
else
{
Functions::goback("setting","user","&error=Impossible de supprimer le dernier utilisateur.");
}
break;
case 'access_delete_rank':
if(!$myUser->can('configuration','d')) exit('ERREUR: Permissions insuffisantes.');
$rankManager = new Rank();
$Nbrank = $rankManager->rowCount();
if(isset($_['id']) && $Nbrank > 1){
$rankManager->delete(array('id'=>$_['id']));
Functions::goback("setting","access");
header('location:setting.php?section=access');
}
else
{
Functions::goback("setting","access","&error=Impossible de supprimer le dernier rang.");
}
break;
case 'access_add_rank':
$right_toverify = isset($_['id']) ? 'u' : 'c';
if(!$myUser->can('configuration',$right_toverify)) exit('ERREUR: Permissions insuffisantes.');
$rank = new Rank();
if ($right_toverify == "u"){$rank = $rank->load(array("id"=>$_['id']));}
$rank->setLabel($_['labelRank']);
$rank->setDescription($_['descriptionRank']);
$rank->save();
Functions::goback("setting","access");
break;
case 'set_rank_access':
if(!$myUser->can('configuration','c')) exit('ERREUR: Permissions insuffisantes.');
$right = new Right();
$right = $right->load(array('section'=>$_['section'],'rank'=>$_['rank']));
$right = (!$right?new Right():$right);
$right->setSection($_['section']);
$_['state'] = ($_['state']==1?true:false);
switch($_['access']){
case 'c':
$right->setCreate($_['state']);
break;
case 'r':
$right->setRead($_['state']);
break;
case 'u':
$right->setUpdate($_['state']);
break;
case 'd':
$right->setDelete($_['state']);
break;
}
$right->setRank($_['rank']);
$right->save();
break;
if(!$myUser->can('configuration','d')) exit('ERREUR: Permissions insuffisantes.');
case 'access_delete_right':
$rankManager = new Right();
$rankManager->delete(array('id'=>$_['id']));
Functions::goback("setting","right","&id=".$_['rank']);
break;
case 'logout':
global $conf;
//Détruire le cookie uniquement s'il existe sur cette ordinateur
//Afin de le garder dans la BD pour les autres ordinateurs/navigateurs
if(isset($_COOKIE[$conf->get('COOKIE_NAME')])){
$user = new User();
$user = $userManager->load(array("id"=>$myUser->getId()));
$user->setCookie("");
$user->save();
Functions::destroyCookie($conf->get('COOKIE_NAME'));
}
$_SESSION = array();
session_unset();
session_destroy();
Functions::goback(" ./index");
break;
case 'save_sentence':
global $conf;
$conf->put('last_sentence',$_['sentence']);
break;
case 'ENABLE_DASHBOARD':
Plugin::enabled('dashboard-dashboard');
Plugin::enabled('dashboard-monitoring-dashboard-monitoring');
header('location: index.php');
break;
case 'changePluginState':
if($myUser==false) exit('Vous devez vous connecter pour cette action.');
if(!$myUser->can('plugin','u')) exit('ERREUR: Permissions insuffisantes.');
if($_['state']=='0'){
Plugin::enabled($_['plugin']);
}else{
Plugin::disabled($_['plugin']);
}
Functions::goback("setting","plugin","&block=".$_['block']);
break;
case 'crontab':
Plugin::callHook("cron", array());
break;
case 'GET_SPEECH_COMMAND':
if($myUser->getId()=='') exit('{"error":"invalid or missing token"}');
if(!$myUser->can('vocal','r')) exit('{"error":"insufficient permissions for this account"}');
list($host,$port) = explode(':',$_SERVER['HTTP_HOST']);
$actionUrl = 'http://'.$host.':'.$_SERVER['SERVER_PORT'].$_SERVER['REQUEST_URI'];
$actionUrl = substr($actionUrl,0,strpos($actionUrl , '?'));
Plugin::callHook("vocal_command", array(&$response,$actionUrl));
$json = json_encode($response);
echo ($json=='[]'?'{}':$json);
break;
case 'GET_EVENT':
if($myUser->getId()=='') exit('{"error":"invalid or missing token"}');
if(!$myUser->can('vocal','r')) exit('{"error":"insufficient permissions for this account"}');
$response = array('responses'=>array());
Plugin::callHook("get_event", array(&$response));
$checker = (isset($_['checker'])?$_['checker']:'client');
$eventManager = new Event();
$events = $eventManager->loadAll(array(),'id');
$time = date('i-H-d-m-Y');
list($minut,$hour,$day,$month,$year) = explode('-',$time);
foreach ($events as $event) {
if(in_array($checker,$event->getRecipients()) && $event->getState()=='1'){
if(
($event->getMinut() == '*' || in_array($minut,explode(',',$event->getMinut())) ) &&
($event->getHour() == '*' || in_array($hour,explode(',',$event->getHour())) ) &&
($event->getDay()== '*' || in_array($day,explode(',',$event->getDay())) ) &&
($event->getMonth() == '*' || in_array($month,explode(',',$event->getMonth())) ) &&
($event->getYear() == '*' || in_array($year,explode(',',$event->getYear())) )
){
if($event->getRepeat()!=$time){
if(in_array($checker, $event->getRecipients())){
$event->setRepeat($time);
$response['responses'][]= $event->getContent();
//Le serveur ne peux qu'executer des commandes programme
if($checker=='server'){
$content = $event->getContent();
switch($content['type']){
case 'command':
exec(htmlspecialchars_decode($content['program']));
break;
case 'gpio':
foreach(explode(',',$content['gpios']) as $info){
list($gpio,$state) = explode(':',$info);
exec('gpio mode '.$gpio.' out');
exec('gpio write '.$gpio.' '.$state);
}
break;
}
}
$event->save();
}
}
}
}
}
$json = json_encode($response);
echo ($json=='[]'?'{}':$json);
break;
case 'installPlugin':
try{
if($myUser==false) throw new Exception('Vous devez vous connecter pour cette action.');
$tempZipName = 'plugins'.SLASH.md5(microtime());
echo '
Téléchargement du plugin...';
file_put_contents($tempZipName,file_get_contents(urldecode($_['zip'])));
if(!file_exists($tempZipName)) throw new Exception("Echec du téléchargement");
echo '
Plugin téléchargé OK';
echo '
Extraction du plugin...';
$zip = new ZipArchive;
$res = $zip->open($tempZipName);
if ($res !== TRUE) throw new Exception("Echec de l\'extraction");
$tempZipFolder = $tempZipName.'_';
$zip->extractTo($tempZipFolder);
$zip->close();
echo '
Plugin extrait '.$tempZipFolder.' OK';
$i = 0;
$pluginName = array();
while(count($pluginName)==0 && $i<10){
$pluginName = glob($tempZipFolder.SLASH.( str_repeat('*'.SLASH, $i) ).'*.plugin*.php');
$i++;
}
if(count($pluginName)==0) throw new Exception("Plugin invalide, fichier principal manquant");
$pluginName = str_replace(array($tempZipFolder.'/','.enabled','.disabled','.plugin','.php'),'',$pluginName[0]);
$finalPath = __DIR__.SLASH.'plugins'.SLASH.basename(dirname($pluginName));
if(file_exists($finalPath)){
echo '
Plugin déjà installé, il sera écrasé par la derniere version OK';
Functions::rmFullDir($finalPath);
}
echo '
Renommage...';
if(rename(__DIR__.SLASH.dirname($pluginName),$finalPath )){
echo '
Plugin installé, pensez à l\'activer';
}else{
//Functions::rmFullDir(__DIR__.SLASH.$tempZipFolder);
echo '
Impossible de renommer le plugin '.__DIR__.SLASH.$tempZipFolder.' Erreur';
}
unlink($tempZipName);
if(file_exists($tempZipFolder)) Functions::rmFullDir($tempZipFolder);
}catch(Exception $e){
if($tempZipFolder!=null && file_exists($tempZipFolder)) Functions::rmFullDir($tempZipFolder);
if($tempZipName!=null && file_exists($tempZipName)) unlink($tempZipName);
echo '
'.$e->getMessage().' Erreur';
}
break;
case 'CHANGE_GPIO_STATE':
if($myUser==false) {
exit('Vous devez vous connecter pour cette action.');
}
else {
Gpio::write($_["pin"],$_["state"],true);
}
break;
case 'GPIO_HAS_CHANGED':
list($program,$action,$pin,$state) = $_SERVER['argv'];
Gpio::emit($pin,$state);
break;
// Gestion des interfaces de seconde génération
case 'ADD_CLIENT':
Action::write(function($_,&$response){
global $myUser,$conf,$client;
if(!isset($_SERVER['argv'][2])) throw new Exception("Type client invalide");
file_put_contents('filename', $_SERVER['argv'][2]);
});
break;
default:
Plugin::callHook("action_post_case", array());
break;
}
?>