Index: /trunk/service.php =================================================================== --- /trunk/service.php (revision 179) +++ /trunk/service.php (revision 180) @@ -15,77 +15,77 @@ $database = Core::getDatabase(); $user = Core::getUser(); - + if ($start == null) { - $start = mktime(0, 0, 0); - } - + $start = mktime(0, 0, 0); + } + if ($end) { - $cond = " AND t.date < " . $database->quote($end); - } - + $cond = " AND t.date < " . $database->quote($end); + } + $database->setQuery("SELECT t.*, COUNT(c.userid) AS comments" . ($user->authenticated() ? ", FIND_IN_SET(" . $database->quote($user->id) . ", t.commentsreadby) AS commentsread " : " ") . "FROM #__tasks AS t LEFT JOIN #__comments AS c ON t.id = c.taskid " . "WHERE t.date >= " . $database->quote($start) . $cond . " GROUP BY t.id ORDER BY t.date"); - + $taskResponse = $database->loadAssocList(); - + if (!$database->success()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + $tasks = Array(); - + foreach ($taskResponse as $task) { - $tasks[] = Array( - "id" => (int) $task["id"], - "date" => (int) $task["date"], - "subject" => (int) $task["subject"], - "important" => (bool) $task["important"], - "text" => (string) $task["text"], - "userid" => (int) $task["userid"], - "added" => (int) $task["added"], - "removed" => (bool) $task["removed"], + $tasks[] = Array( + "id" => (int) $task["id"], + "date" => (int) $task["date"], + "subject" => (int) $task["subject"], + "important" => (bool) $task["important"], + "text" => (string) $task["text"], + "userid" => (int) $task["userid"], + "added" => (int) $task["added"], + "removed" => (bool) $task["removed"], "comments" => (int) $task["comments"], "newcomments" => ($user->authenticated() && (int) $task["comments"] && !(bool) $task["commentsread"] ? true : false), - ); - } - - return $tasks; + ); + } + + return $tasks; } function removetask($taskid) { - $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - + $user = Core::getUser(); + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + $task = Table::getInstance("tasks"); - + if (!$task->load($taskid)) { return new JSONRPCErrorResponse("INCORRECT_PARAMS", $task->getError()); } - + if (!$task->save(Array("removed" => true))) { return new JSONRPCErrorResponse("SERVER_ERROR", $task->getError()); } - + $subject = getsubject($task->subject); - + shoutbox_say_system("hat die " . $subject["short"] . "-Aufgabe \"" . $task->text . "\" gelöscht."); - - return true; + + return true; } function createtask($subject, $date, $text, $important = false) { $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + $task = Table::getInstance("tasks"); - + if (!$task->save(Array( "date" => $date, @@ -97,11 +97,11 @@ return new JSONRPCErrorResponse("SERVER_ERROR", $task->getError()); } - + $subject = getsubject($task->subject); - + shoutbox_say_system("hat eine neue " . $subject["short"] . "-Aufgabe für den " . localizedDate("j. F", $task->date) . " eingetragen:[BR /]\"" . $task->text . "\""); - - return $task->id; + + return $task->id; } @@ -109,7 +109,7 @@ $user = Core::getUser(); - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } $task = Table::getInstance("tasks"); @@ -132,6 +132,6 @@ $subjectsResponse = $database->loadAssocList(); - if (!$database->success()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + if (!$database->success()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); } @@ -139,8 +139,8 @@ foreach ($subjectsResponse as $subject) { - $subjects[] = Array( - "id" => (int) $subject["id"], - "long" => (string) $subject["long"], - "short" => (string) $subject["short"] + $subjects[] = Array( + "id" => (int) $subject["id"], + "long" => (string) $subject["long"], + "short" => (string) $subject["short"] ); } @@ -164,9 +164,9 @@ function getcomments($taskid) { - $database = Core::getDatabase(); - $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + $database = Core::getDatabase(); + $user = Core::getUser(); + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); } @@ -187,54 +187,54 @@ } - $database->setQuery("SELECT * FROM #__comments WHERE taskid = " . $database->quote($taskid) . " ORDER BY date"); - + $database->setQuery("SELECT * FROM #__comments WHERE taskid = " . $database->quote($taskid) . " ORDER BY date"); + $commentsResponse = $database->loadAssocList(); - - if (!$database->success()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - - $comments = Array(); - + + if (!$database->success()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + + $comments = Array(); + foreach ($commentsResponse as $comment) { - $comments[] = Array( - "id" => (int) $comment["id"], - "taskid" => (int) $comment["taskid"], - "userid" => (int) $comment["userid"], - "date" => (int) $comment["date"], - "text" => (string) $comment["comment"] + $comments[] = Array( + "id" => (int) $comment["id"], + "taskid" => (int) $comment["taskid"], + "userid" => (int) $comment["userid"], + "date" => (int) $comment["date"], + "text" => (string) $comment["comment"] ); } - - return $comments; + + return $comments; } function createcomment($taskid, $text) { $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + $task = Table::getInstance("tasks"); - + if (!$task->load($taskid)) { return new JSONRPCErrorResponse("INCORRECT_PARAMS", $task->getError()); } - + if ($task->date < mktime(0, 0, 0)) { return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Aufgaben in der Vergangenheit können leider nicht mehr kommentiert werden."); } - + $comment = Table::getInstance("comments"); - + if (!$comment->save(Array("taskid" => $task->id, "userid" => $user->id, "date" => time(), "comment" => $text))) { return new JSONRPCErrorResponse("SERVER_ERROR", $comment->getError()); } - + $task->save(Array("commentsreadby" => $user->id)); - $user->save(Array("posts" => $user->posts + 1)); - - return $comment->id; + $user->save(Array("posts" => $user->posts + 1)); + + return $comment->id; } @@ -242,6 +242,6 @@ $user = Core::getUser(); - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); } @@ -264,60 +264,60 @@ function getcontacts() { - $database = Core::getDatabase(); - $user = Core::getUser(); - - $database->setQuery("SELECT u.*, COUNT(t.userid) AS tasks FROM #__users AS u LEFT JOIN #__tasks AS t ON u.id = t.userid GROUP BY u.id"); - - $contactsResponse = $database->loadAssocList(); - - if (!$database->success()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - - $contacts = Array(); + $database = Core::getDatabase(); + $user = Core::getUser(); + + $database->setQuery("SELECT u.*, COUNT(t.userid) AS tasks FROM #__users AS u LEFT JOIN #__tasks AS t ON u.id = t.userid GROUP BY u.id"); + + $contactsResponse = $database->loadAssocList(); + + if (!$database->success()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + + $contacts = Array(); foreach ($contactsResponse as $contact) { $lastcontact = (double) $contact["lastcontact"]; $state = (int) $contact["state"]; - + if ($lastcontact < time() - 100) { $state = 0; } - - $contacts[] = Array( - "id" => (int) $contact["id"], - "firstname" => (string) $contact["firstname"], - "surname" => (string) $contact["surname"], - "nickname" => (string) $contact["nickname"], - "mail" => (string) ($user->authenticated()) ? $contact["mail"] : (($contact["mail"]) ? "hidden" : ""), - "address" => (string) ($user->authenticated()) ? $contact["address"] : (($contact["address"]) ? "hidden" : ""), - "plz" => (int) ($user->authenticated()) ? $contact["plz"] : 0, - "location" => (string) ($user->authenticated()) ? $contact["location"] : (($contact["location"]) ? "hidden" : ""), - "phone" => (string) ($user->authenticated()) ? $contact["phone"] : (($contact["phone"]) ? "hidden" : ""), - "mobile" => (string) ($user->authenticated()) ? $contact["mobile"] : (($contact["mobile"]) ? "hidden" : ""), - "mainsubject" => (string) $contact["mainsubject"], - "posts" => (int) $contact["posts"], - "tasks" => (int) $contact["tasks"], - "classmember" => (bool) $contact["classmember"], - "lastcontact" => $lastcontact, - "state" => $state + + $contacts[] = Array( + "id" => (int) $contact["id"], + "firstname" => (string) $contact["firstname"], + "surname" => (string) $contact["surname"], + "nickname" => (string) $contact["nickname"], + "mail" => (string) ($user->authenticated()) ? $contact["mail"] : (($contact["mail"]) ? "hidden" : ""), + "address" => (string) ($user->authenticated()) ? $contact["address"] : (($contact["address"]) ? "hidden" : ""), + "plz" => (int) ($user->authenticated()) ? $contact["plz"] : 0, + "location" => (string) ($user->authenticated()) ? $contact["location"] : (($contact["location"]) ? "hidden" : ""), + "phone" => (string) ($user->authenticated()) ? $contact["phone"] : (($contact["phone"]) ? "hidden" : ""), + "mobile" => (string) ($user->authenticated()) ? $contact["mobile"] : (($contact["mobile"]) ? "hidden" : ""), + "mainsubject" => (string) $contact["mainsubject"], + "posts" => (int) $contact["posts"], + "tasks" => (int) $contact["tasks"], + "classmember" => (bool) $contact["classmember"], + "lastcontact" => $lastcontact, + "state" => $state ); } - - return $contacts; + + return $contacts; } function getfiles() { - $database = Core::getDatabase(); - - $database->setQuery("SELECT * FROM #__files ORDER BY uploaded"); - $filesResponse = $database->loadAssocList(); - - if (!$database->success()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - - $files = Array(); - + $database = Core::getDatabase(); + + $database->setQuery("SELECT * FROM #__files ORDER BY uploaded"); + $filesResponse = $database->loadAssocList(); + + if (!$database->success()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + + $files = Array(); + foreach ($filesResponse as $file) { if ((bool) $file["forcedarchiving"] || time() - (int) $file["uploaded"] >= 2592000) { @@ -326,43 +326,43 @@ $archived = false; } - - $files[] = Array( - "id" => (int) $file["id"], - "name" => (string) $file["name"], - "description" => (string) $file["description"], - "size" => (int) $file["size"], - "userid" => (int) $file["userid"], - "uploaded" => (int) $file["uploaded"], - "archived" => $archived + + $files[] = Array( + "id" => (int) $file["id"], + "name" => (string) $file["name"], + "description" => (string) $file["description"], + "size" => (int) $file["size"], + "userid" => (int) $file["userid"], + "uploaded" => (int) $file["uploaded"], + "archived" => $archived ); } - - return $files; + + return $files; } function archivefile($id) { $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + $file = Table::getInstance("files"); - + if (!$file->load($id)) { return new JSONRPCErrorResponse("INCORRECT_PARAMS", $file->getError()); } - + if ($file->userid !== $user->id) { return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Du darfst diese Datei leider nicht archivieren. " . - "Dies ist dem Benutzer vorbehalten, der die Datei hochgeladen hat."); - } - + "Dies ist dem Benutzer vorbehalten, der die Datei hochgeladen hat."); + } + if (!$file->save(Array("forcedarchiving" => true))) { return new JSONRPCErrorResponse("SERVER_ERROR", $file->getError()); } - + shoutbox_say_system("hat die Datei \"" . $file->name . "\" archiviert."); - + return true; } @@ -371,47 +371,47 @@ $user = Core::getUser(); $settings = Core::getSettings(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - - if (!$_FILES["Filedata"]) { + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + + if (!$_FILES["Filedata"]) { return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Keine Datei hochgeladen"); } - + $fnParts = parseFileName(utf8_decode(sanitizeFileName($_FILES["Filedata"]["name"]))); - + if (in_array(strtolower($fnParts["ext"]), $settings->get("upload_extblacklist"))) { return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Aus Sicherheitsgründen sind keine " . - strtoupper($fnParts["ext"]) . "-Dateien erlaubt"); - } - + strtoupper($fnParts["ext"]) . "-Dateien erlaubt"); + } + $fnPartsNew = $fnParts; $i = 1; - + while (is_file("files/" . $fnPartsNew["base"] . "." . $fnPartsNew["ext"])) { $fnPartsNew["base"] = $fnParts["base"] . "_(" . ++$i .")"; } - + $newFileName = $fnPartsNew["base"] . "." . $fnPartsNew["ext"]; $fileSize = $_FILES["Filedata"]["size"]; - + if (!move_uploaded_file($_FILES["Filedata"]["tmp_name"], "files/" . $newFileName)) { return new JSONRPCErrorResponse("SERVER_ERROR"); } - + $file = Table::getInstance("files"); - + if (!$file->save(Array( - "name" => $newFileName, + "name" => $newFileName, "description" => $description, - "size" => $fileSize, + "size" => $fileSize, "userid" => $user->id, "uploaded" => time()))) { return new JSONRPCErrorResponse("SERVER_ERROR", $file->getError()); } - + shoutbox_say_system("hat die Datei \"" . $newFileName . "\" hochgeladen."); - + return Array("id" => $file->id, "filename" => $file->name); } @@ -420,36 +420,36 @@ $user = Core::getUser(); - if (!$user->signIn($nickname, $password)) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - - return getuserdata(); + if (!$user->signIn($nickname, $password)) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + + return getuserdata(); } function requestpassword($username, $password) { - $database = Core::getDatabase(); + $database = Core::getDatabase(); $settings = Core::getSettings(); - - if (!$username) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Keinen Benutzernamen angegeben."); - } - - if (!$password) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Passwort angegeben."); - } - - $database->setQuery("SELECT * FROM #__users WHERE nickname = " . $database->quote($username)); + + if (!$username) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Keinen Benutzernamen angegeben."); + } + + if (!$password) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Passwort angegeben."); + } + + $database->setQuery("SELECT * FROM #__users WHERE nickname = " . $database->quote($username)); $user = $database->loadAssoc(); - - if (!$database->success()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - - if ($database->getNumRows() != 1) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Benutzer existiert nicht."); - } - - $requestKey = generateRandomString(); - + + if (!$database->success()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + + if ($database->getNumRows() != 1) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Benutzer existiert nicht."); + } + + $requestKey = generateRandomString(); + $database->setQuery("UPDATE #__users SET " . "newpassword = " . $database->quote(md5($password)) . ", " . @@ -457,40 +457,40 @@ "nickname = " . $database->quote($username) ); - - if (!$database->query()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - - if (!mail($user["mail"], "Neues Klassenbuchpasswort bestätigen", + + if (!$database->query()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + + if (!mail($user["mail"], "Neues Klassenbuchpasswort bestätigen", "Hallo " . $user["firstname"] . ",\n\n" . - "Du hast im Klassenbuch ein neues Passwort angefordert. Klicke auf den foldenden Link, " . - "damit dein Passwort endgültig auf \"$password\" gewechselt wird. Wenn du kein Passwort angefordert hast, " . - "solltest du nicht auf diesen Link klicken, sondern diese E-Mail gleich löschen!\n\n" . - $settings->get("domain") . "index.php?passwordverification=$requestKey", - "From: Klassenbuch <" . $settings->get("mail") . ">")) { - return new JSONRPCErrorResponse("SERVER_ERROR"); - } - - return true; + "Du hast im Klassenbuch ein neues Passwort angefordert. Klicke auf den foldenden Link, " . + "damit dein Passwort endgültig auf \"$password\" gewechselt wird. Wenn du kein Passwort angefordert hast, " . + "solltest du nicht auf diesen Link klicken, sondern diese E-Mail gleich löschen!\n\n" . + $settings->get("domain") . "index.php?passwordverification=$requestKey", + "From: Klassenbuch <" . $settings->get("mail") . ">")) { + return new JSONRPCErrorResponse("SERVER_ERROR"); + } + + return true; } function verifynewpassword($key) { - $database = Core::getDatabase(); - - if (!$key) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Bestätigungsschlussel angegeben"); - } - - $database->setQuery("SELECT * FROM #__users WHERE newpasswordkey = " . $database->quote($key)); + $database = Core::getDatabase(); + + if (!$key) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Bestätigungsschlussel angegeben"); + } + + $database->setQuery("SELECT * FROM #__users WHERE newpasswordkey = " . $database->quote($key)); $user = $database->loadAssoc(); - - if (!$database->success()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - - if ($database->getNumRows() != 1) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Ungültiger Bestätigungsschlüssel."); - } - + + if (!$database->success()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + + if ($database->getNumRows() != 1) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Ungültiger Bestätigungsschlüssel."); + } + $database->setQuery("UPDATE #__users SET " . "password = " . $database->quote($user["newpassword"]) . ", " . @@ -499,28 +499,28 @@ "id = " . $database->quote($user["id"]) ); - - if (!$database->query()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - - return true; + + if (!$database->query()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + + return true; } function changepassword($newpassword, $currentpassword) { $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - - if (!$newpassword || !$currentpassword || md5($currentpassword) !== $user->password) { + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + + if (!$newpassword || !$currentpassword || md5($currentpassword) !== $user->password) { return new JSONRPCErrorResponse("INCORRECT_PARAMS"); } - + if (!$user->save(Array("password" => md5($newpassword)))) { return new JSONRPCErrorResponse("SERVER_ERROR", $comment->getError()); }; - - return true; + + return true; } @@ -528,9 +528,9 @@ $user = Core::getUser(); - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - - return Array( + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + + return Array( "id" => $user->id, "nickname" => $user->nickname, @@ -539,18 +539,18 @@ "settings" => $user->getSettings(), "isadmin" => $user->isadmin - ); + ); } function updateuserprofile($profileInformation) { $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - - if (!$user->updateProfile($profileInformation)) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", $user->getError()); - } - + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + + if (!$user->updateProfile($profileInformation)) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", $user->getError()); + } + return true; } @@ -558,19 +558,19 @@ function changeusersettings($settings) { $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - - $currentSettings = $user->getSettings(); - - foreach ($settings as $key => $value) { + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + + $currentSettings = $user->getSettings(); + + foreach ($settings as $key => $value) { $currentSettings[$key] = $value; } - + if (!$user->save(Array("settings" => $currentSettings))) { return new JSONRPCErrorResponse("SERVER_ERROR", $user->getError()); } - + return true; } @@ -578,9 +578,9 @@ function setuserstate($state) { $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + if ($state == User::OFFLINE || $state == User::AWAY || $state == User::ONLINE) { return $user->setState($state); @@ -605,23 +605,23 @@ $mail = trim(strip_tags($mail)); - if (!$nickname) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Nickname angegeben."); - } - - if (!$firstname) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Vorname angegeben."); - } - - if (!$surname) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Nachname angegeben."); - } - - if (!$mail) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Keine E-Mail-Adresse angegeben."); - } - - if (!$password) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Keine Passwort angegeben."); - } + if (!$nickname) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Nickname angegeben."); + } + + if (!$firstname) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Vorname angegeben."); + } + + if (!$surname) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Nachname angegeben."); + } + + if (!$mail) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Keine E-Mail-Adresse angegeben."); + } + + if (!$password) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Keine Passwort angegeben."); + } /* $database->setQuery("SELECT * FROM #__users WHERE nickname = " . $database->quote($nickname) . " OR mail = " . @@ -656,25 +656,27 @@ function gallery_getalbums() { - $database = Core::getDatabase(); - - $database->setQuery("SELECT a.*, COUNT(p.albumid) AS pictures FROM #__gallery_albums AS a LEFT JOIN #__gallery_pictures AS p ON a.id = p.albumid GROUP BY a.id"); + $database = Core::getDatabase(); + + $database->setQuery("SELECT a.*, COUNT(p.albumid) AS pictures " . + "FROM #__gallery_albums AS a LEFT JOIN #__gallery_pictures AS p ON a.id = p.albumid GROUP BY a.id"); + $albumsResponse = $database->loadAssocList(); - - if (!$database->success()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - - $albums = Array(); - + + if (!$database->success()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + + $albums = Array(); + foreach ($albumsResponse as $album) { - $albums[] = Array( - "id" => (int) $album["id"], - "name" => (string) $album["name"], - "description" => (string) $album["description"], - "pictures" => (int) $album["pictures"] + $albums[] = Array( + "id" => (int) $album["id"], + "name" => (string) $album["name"], + "description" => (string) $album["description"], + "pictures" => (int) $album["pictures"] ); } - - return $albums; + + return $albums; } @@ -682,6 +684,6 @@ $user = Core::getUser(); - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); } @@ -703,7 +705,7 @@ $user = Core::getUser(); - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } $albumTable = Table::getInstance("albums"); @@ -728,5 +730,5 @@ } - $fileName = "files/" . sanitizeFilename(strtolower($album->name)) . ".zip"; + $fileName = "files/" . sanitizeFilename(strtolower($album->name)) . ".zip"; $rebuild = true; @@ -780,5 +782,5 @@ } - $database->setQuery("SELECT * FROM #__gallery_pictures WHERE albumid = " . $database->quote($albumid) . + $database->setQuery("SELECT * FROM #__gallery_pictures WHERE albumid = " . $database->quote($albumid) . " ORDER BY taken ASC"); @@ -789,14 +791,14 @@ } - $pictures = Array(); + $pictures = Array(); foreach ($picturesResponse as $picture) { - $pictures[] = Array( - "id" => (int) $picture["id"], - "filename" => (string) $picture["filename"], - "caption" => (string) $picture["caption"], - "userid" => (int) $picture["userid"], - "submitted" => (int) $picture["submitted"], - "taken" => (int) $picture["taken"]); + $pictures[] = Array( + "id" => (int) $picture["id"], + "filename" => (string) $picture["filename"], + "caption" => (string) $picture["caption"], + "userid" => (int) $picture["userid"], + "submitted" => (int) $picture["submitted"], + "taken" => (int) $picture["taken"]); } @@ -808,7 +810,7 @@ $database = Core::getDatabase(); - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } $album = Table::getInstance("albums"); @@ -818,8 +820,8 @@ } - if (!$_FILES["Filedata"]) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Foto hochgeladen"); - } - + if (!$_FILES["Filedata"]) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein Foto hochgeladen"); + } + $allowedExtensions = Array("jpg", "bmp", "gif", "png"); @@ -897,15 +899,15 @@ $user = Core::getUser(); - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - - if (!$id) { - return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein gültiges Bild angegeben."); - } - - if ($degree % 90 != 0) { + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + + if (!$id) { + return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein gültiges Bild angegeben."); + } + + if ($degree % 90 != 0) { return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein gültiger Winkel angegeben."); - } + } $picture = Table::getInstance("pictures"); @@ -914,15 +916,15 @@ return new JSONRPCErrorResponse("INCORRECT_PARAMS", "Kein gültiges Bild angegeben."); } - - if (!($user->isadmin || $picture->userid == $user->id)) { + + if (!($user->isadmin || $picture->userid == $user->id)) { return new JSONRPCErrorResponse("AUTHENTICATION_FAILED", "Fotos dürfen nur von demjenigen Benutzer bearbeitet werden, " . - "der das betreffende Foto hochgeladen hat. Ansonsten hat nur der Administrator das Recht dazu."); - } - - if (!function_exists("gd_info")) { + "der das betreffende Foto hochgeladen hat. Ansonsten hat nur der Administrator das Recht dazu."); + } + + if (!function_exists("gd_info")) { return new JSONRPCErrorResponse("SERVER_ERROR", "Der Server nicht über eine benötigte Grafikbibliothek zu verfügen."); - } - - $path = "gallery/originals/" . $picture->filename; + } + + $path = "gallery/originals/" . $picture->filename; $source = imagecreatefromjpeg($path); @@ -983,26 +985,26 @@ $messagesResponse = $database->loadAssocList(); - if (!$database->success()) { - return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); - } - - $messages = Array(); + if (!$database->success()) { + return new JSONRPCErrorResponse("INVALID_DATABASE_QUERY", "MySQL-Fehlermeldung: " . $database->getErrorMsg()); + } + + $messages = Array(); foreach ($messagesResponse as $message) { - $messages[] = Array( - "id" => (int) $message["id"], - "userid" => (int) $message["userid"], - "date" => (int) $message["date"], - "text" => (string) $message["text"], - "system" => (bool) $message["system"] + $messages[] = Array( + "id" => (int) $message["id"], + "userid" => (int) $message["userid"], + "date" => (int) $message["date"], + "text" => (string) $message["text"], + "system" => (bool) $message["system"] ); } - + if (count($messages)) { $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } } @@ -1012,11 +1014,11 @@ function shoutbox_say($text, $startAfter, $system = false) { $user = Core::getUser(); - - if (!$user->authenticated()) { - return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); - } - + + if (!$user->authenticated()) { + return new JSONRPCErrorResponse("AUTHENTICATION_FAILED"); + } + $message = Table::getInstance("messages"); - + if (!$message->save(Array( "userid" => $user->id, @@ -1026,5 +1028,5 @@ return new JSONRPCErrorResponse("SERVER_ERROR", $message->getError()); } - + if ($startAfter) { return shoutbox_poll($startAfter); @@ -1260,17 +1262,17 @@ if ($_POST["jsonrpc"]) { - $service->service(strip_tags(stripcslashes($_POST["jsonrpc"])), true); + $service->service(strip_tags(stripcslashes($_POST["jsonrpc"])), true); } elseif (!(defined("INTERNAL_REQUEST") && INTERNAL_REQUEST)) { - $service->service(null, true); + $service->service(null, true); } function doInternalRequest($method = "", $params = Array()) { - global $service; - - $json = new Services_JSON(); + global $service; + + $json = new Services_JSON(); return $service->service($json->encode(Array( "method" => $method, "params" => $params - )), false); + )), false); }