load(array('token'=>$_['token'])); if(isset($myUser) && $myUser!=false) $myUser->loadRight(); } $myUser = (!$myUser?new User():$myUser); //Execution du code en fonction de l'action switch ($_['action']){ case 'login': global $conf; $user = $userManager->exist($_['login'],$_['password']); $error = '?init=1'; if($user==false){ $error .= '&error='.urlencode('le compte spécifié est inexistant'); }else{ $_SESSION['currentUser'] = serialize($user); if(isset($_['rememberMe'])){ $expire_time = time() + $conf->get('COOKIE_LIFETIME')*86400; //Jour en secondes //On crée un cookie dans la bd uniquement si aucun autre cookie n'existe sinon //On rend inutilisable le cookie utilisé par un autre navigateur //On ne veut que cela soit le cas uniquement si on clique sur déconnexion (et que l'on a demandé Se souvenir de moi) $actual_cookie = $user->getCookie(); if ($actual_cookie == "") { $cookie_token = sha1(time().rand(0,1000)); $user->setCookie($cookie_token); $user->save(); } else { $cookie_token = $actual_cookie; } Functions::makeCookie($conf->get('COOKIE_NAME'),$cookie_token,$expire_time); } } header('location: ./index.php'.$error); break; case 'GET_TOKEN': $user = $userManager->load(array('login'=>$_['login'],'password'=>sha1(md5($_['password'])))); $response['token'] = $user->getToken(); echo json_encode($response); break; case 'user_add_user': $right_toverify = isset($_['id']) ? 'u' : 'c'; if($myUser->can('user',$right_toverify)){ $user = new User(); //Si modification on charge la ligne au lieu de la créer if ($right_toverify == "u"){$user = $user->load(array("id"=>$_['id']));} $user->setMail($_['mailUser']); $user->setName($_['nameUser']); $user->setFirstName($_['firstNameUser']); $user->setPassword($_['passwordUser']); $user->setLogin($_['loginUser']); $user->setRank($_['rankUser']); $user->setState(1); $user->setToken(sha1(time().rand(0,1000))); $user->save(); Functions::goback("setting","user"); } else { Functions::goback("setting","user","&error=Vous n'avez pas le droit de faire ça!"); } break; case 'delete_user': if(!$myUser->can('user','d')) exit('ERREUR: Permissions insuffisantes.'); $userManager = new User(); $NbUsers = $userManager->rowCount(); if(isset($_['id']) && $NbUsers > 1){ $userManager->delete(array('id'=>$_['id'])); Functions::goback("setting","user"); } else { Functions::goback("setting","user","&error=Impossible de supprimer le dernier utilisateur."); } break; case 'access_delete_rank': if(!$myUser->can('configuration','d')) exit('ERREUR: Permissions insuffisantes.'); $rankManager = new Rank(); $Nbrank = $rankManager->rowCount(); if(isset($_['id']) && $Nbrank > 1){ $rankManager->delete(array('id'=>$_['id'])); Functions::goback("setting","access"); header('location:setting.php?section=access'); } else { Functions::goback("setting","access","&error=Impossible de supprimer le dernier rang."); } break; case 'access_add_rank': $right_toverify = isset($_['id']) ? 'u' : 'c'; if(!$myUser->can('configuration',$right_toverify)) exit('ERREUR: Permissions insuffisantes.'); $rank = new Rank(); if ($right_toverify == "u"){$rank = $rank->load(array("id"=>$_['id']));} $rank->setLabel($_['labelRank']); $rank->setDescription($_['descriptionRank']); $rank->save(); Functions::goback("setting","access"); break; case 'set_rank_access': if(!$myUser->can('configuration','c')) exit('ERREUR: Permissions insuffisantes.'); $right = new Right(); $right = $right->load(array('section'=>$_['section'],'rank'=>$_['rank'])); $right = (!$right?new Right():$right); $right->setSection($_['section']); $_['state'] = ($_['state']==1?true:false); switch($_['access']){ case 'c': $right->setCreate($_['state']); break; case 'r': $right->setRead($_['state']); break; case 'u': $right->setUpdate($_['state']); break; case 'd': $right->setDelete($_['state']); break; } $right->setRank($_['rank']); $right->save(); break; if(!$myUser->can('configuration','d')) exit('ERREUR: Permissions insuffisantes.'); case 'access_delete_right': $rankManager = new Right(); $rankManager->delete(array('id'=>$_['id'])); Functions::goback("setting","right","&id=".$_['rank']); break; case 'logout': global $conf; //Détruire le cookie uniquement s'il existe sur cette ordinateur //Afin de le garder dans la BD pour les autres ordinateurs/navigateurs if(isset($_COOKIE[$conf->get('COOKIE_NAME')])){ $user = new User(); $user = $userManager->load(array("id"=>$myUser->getId())); $user->setCookie(""); $user->save(); Functions::destroyCookie($conf->get('COOKIE_NAME')); } $_SESSION = array(); session_unset(); session_destroy(); Functions::goback(" ./index"); break; case 'save_sentence': global $conf; $conf->put('last_sentence',$_['sentence']); break; case 'ENABLE_DASHBOARD': Plugin::enabled('dashboard-dashboard'); Plugin::enabled('dashboard-monitoring-dashboard-monitoring'); header('location: index.php'); break; case 'changePluginState': if($myUser==false) exit('Vous devez vous connecter pour cette action.'); if(!$myUser->can('plugin','u')) exit('ERREUR: Permissions insuffisantes.'); if($_['state']=='0'){ Plugin::enabled($_['plugin']); }else{ Plugin::disabled($_['plugin']); } Functions::goback("setting","plugin","&block=".$_['block']); break; case 'crontab': Plugin::callHook("cron", array()); break; case 'GET_SPEECH_COMMAND': if($myUser->getId()=='') exit('{"error":"invalid or missing token"}'); if(!$myUser->can('vocal','r')) exit('{"error":"insufficient permissions for this account"}'); list($host,$port) = explode(':',$_SERVER['HTTP_HOST']); $actionUrl = 'http://'.$host.':'.$_SERVER['SERVER_PORT'].$_SERVER['REQUEST_URI']; $actionUrl = substr($actionUrl,0,strpos($actionUrl , '?')); Plugin::callHook("vocal_command", array(&$response,$actionUrl)); $json = json_encode($response); echo ($json=='[]'?'{}':$json); break; case 'GET_EVENT': if($myUser->getId()=='') exit('{"error":"invalid or missing token"}'); if(!$myUser->can('vocal','r')) exit('{"error":"insufficient permissions for this account"}'); $response = array('responses'=>array()); Plugin::callHook("get_event", array(&$response)); $checker = (isset($_['checker'])?$_['checker']:'client'); $eventManager = new Event(); $events = $eventManager->loadAll(array(),'id'); $time = date('i-H-d-m-Y'); list($minut,$hour,$day,$month,$year) = explode('-',$time); foreach ($events as $event) { if(in_array($checker,$event->getRecipients()) && $event->getState()=='1'){ if( ($event->getMinut() == '*' || in_array($minut,explode(',',$event->getMinut())) ) && ($event->getHour() == '*' || in_array($hour,explode(',',$event->getHour())) ) && ($event->getDay()== '*' || in_array($day,explode(',',$event->getDay())) ) && ($event->getMonth() == '*' || in_array($month,explode(',',$event->getMonth())) ) && ($event->getYear() == '*' || in_array($year,explode(',',$event->getYear())) ) ){ if($event->getRepeat()!=$time){ if(in_array($checker, $event->getRecipients())){ $event->setRepeat($time); $response['responses'][]= $event->getContent(); //Le serveur ne peux qu'executer des commandes programme if($checker=='server'){ $content = $event->getContent(); switch($content['type']){ case 'command': exec(htmlspecialchars_decode($content['program'])); break; case 'gpio': foreach(explode(',',$content['gpios']) as $info){ list($gpio,$state) = explode(':',$info); exec('gpio mode '.$gpio.' out'); exec('gpio write '.$gpio.' '.$state); } break; } } $event->save(); } } } } } $json = json_encode($response); echo ($json=='[]'?'{}':$json); break; case 'installPlugin': try{ if($myUser==false) throw new Exception('Vous devez vous connecter pour cette action.'); $tempZipName = 'plugins'.SLASH.md5(microtime()); echo '
Téléchargement du plugin...'; file_put_contents($tempZipName,file_get_contents(urldecode($_['zip']))); if(!file_exists($tempZipName)) throw new Exception("Echec du téléchargement"); echo '
Plugin téléchargé OK'; echo '
Extraction du plugin...'; $zip = new ZipArchive; $res = $zip->open($tempZipName); if ($res !== TRUE) throw new Exception("Echec de l\'extraction"); $tempZipFolder = $tempZipName.'_'; $zip->extractTo($tempZipFolder); $zip->close(); echo '
Plugin extrait '.$tempZipFolder.' OK'; $i = 0; $pluginName = array(); while(count($pluginName)==0 && $i<10){ $pluginName = glob($tempZipFolder.SLASH.( str_repeat('*'.SLASH, $i) ).'*.plugin*.php'); $i++; } if(count($pluginName)==0) throw new Exception("Plugin invalide, fichier principal manquant"); $pluginName = str_replace(array($tempZipFolder.'/','.enabled','.disabled','.plugin','.php'),'',$pluginName[0]); $finalPath = __DIR__.SLASH.'plugins'.SLASH.basename(dirname($pluginName)); if(file_exists($finalPath)){ echo '
Plugin déjà installé, il sera écrasé par la derniere version OK'; Functions::rmFullDir($finalPath); } echo '
Renommage...'; if(rename(__DIR__.SLASH.dirname($pluginName),$finalPath )){ echo '
Plugin installé, pensez à l\'activer'; }else{ //Functions::rmFullDir(__DIR__.SLASH.$tempZipFolder); echo '
Impossible de renommer le plugin '.__DIR__.SLASH.$tempZipFolder.' Erreur'; } unlink($tempZipName); if(file_exists($tempZipFolder)) Functions::rmFullDir($tempZipFolder); }catch(Exception $e){ if($tempZipFolder!=null && file_exists($tempZipFolder)) Functions::rmFullDir($tempZipFolder); if($tempZipName!=null && file_exists($tempZipName)) unlink($tempZipName); echo '
'.$e->getMessage().' Erreur'; } break; case 'CHANGE_GPIO_STATE': if($myUser==false) { exit('Vous devez vous connecter pour cette action.'); } else { Gpio::write($_["pin"],$_["state"],true); } break; case 'GPIO_HAS_CHANGED': list($program,$action,$pin,$state) = $_SERVER['argv']; Gpio::emit($pin,$state); break; // Gestion des interfaces de seconde génération case 'ADD_CLIENT': Action::write(function($_,&$response){ global $myUser,$conf,$client; if(!isset($_SERVER['argv'][2])) throw new Exception("Type client invalide"); file_put_contents('filename', $_SERVER['argv'][2]); }); break; default: Plugin::callHook("action_post_case", array()); break; } ?>