First round of changes after testing

markc · markc · commit b7e2c5c99602 · 2025-01-28T20:12:18.000+10:00
diff --git a/php/db.php b/php/db.php
@@ -1,8 +1,8 @@
 <?php
 
 declare(strict_types=1);
-// lib/php/db.php 20150225 - 20180512
-// Copyright (C) 2015-2018 Mark Constable <markc@renta.net> (AGPL-3.0)
+// lib/php/db.php 20150225 - 20250128
+// Copyright (C) 2015-2025 Mark Constable <markc@renta.net> (AGPL-3.0)
 
 class Db extends \PDO
 {
@@ -13,11 +13,12 @@ public function __construct(array $dbcfg)
     {
         elog(__METHOD__);
 
+        dbg($dbcfg);
         if (is_null(self::$dbh)) {
             extract($dbcfg);
             $dsn = 'mysql' === $type
-                ? 'mysql:'.($sock ? 'unix_socket='.$sock : 'host='.$host.';port='.$port).';dbname='.$name
-                : 'sqlite:'.$path;
+                ? 'mysql:' . ($sock ? 'unix_socket=' . $sock : 'host=' . $host . ';port=' . $port) . ';dbname=' . $name
+                : 'sqlite:' . $path;
             $pass = file_exists($pass) ? trim(file_get_contents($pass)) : $pass;
 
             try {
@@ -27,7 +28,7 @@ public function __construct(array $dbcfg)
                     \PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC,
                 ]);
             } catch (\PDOException $e) {
-                exit(__FILE__.' '.__LINE__."<br>\n".$e->getMessage());
+                exit(__FILE__ . ' ' . __LINE__ . "<br>\n" . $e->getMessage());
             }
         }
     }
@@ -47,7 +48,7 @@ public static function create(array $ary)
         $values = rtrim($values, ',');
 
         $sql = '
- INSERT INTO `'.self::$tbl."` ({$fields})
+ INSERT INTO `' . self::$tbl . "` ({$fields})
  VALUES ({$values})";
 
         elog("sql={$sql}");
@@ -59,7 +60,7 @@ public static function create(array $ary)
 
             return self::$dbh->lastInsertId();
         } catch (\PDOException $e) {
-            exit(__FILE__.' '.__LINE__."<br>\n".$e->getMessage());
+            exit(__FILE__ . ' ' . __LINE__ . "<br>\n" . $e->getMessage());
         }
     }
 
@@ -69,8 +70,7 @@ public static function read(
         string $wval = '',
         string $extra = '',
         string $type = 'all'
-    )
-    {
+    ) {
         elog(__METHOD__);
 
         $w = $where ? "
@@ -80,7 +80,7 @@ public static function read(
 
         $sql = "
  SELECT {$field}
-   FROM `".self::$tbl."`{$w} {$extra}";
+   FROM `" . self::$tbl . "`{$w} {$extra}";
 
         elog("sql={$sql}");
 
@@ -101,13 +101,13 @@ public static function update(array $set, array $where)
         $where_str = '';
         $where_ary = [];
         foreach ($where as $k => $v) {
-            $where_str .= ' '.$v[0].' '.$v[1].' :'.$v[0];
+            $where_str .= ' ' . $v[0] . ' ' . $v[1] . ' :' . $v[0];
             $where_ary[$v[0]] = $v[2];
         }
         $ary = array_merge($set, $where_ary);
 
         $sql = '
- UPDATE `'.self::$tbl."` SET{$set_str}
+ UPDATE `' . self::$tbl . "` SET{$set_str}
   WHERE{$where_str}";
 
         elog("sql={$sql}");
@@ -118,7 +118,7 @@ public static function update(array $set, array $where)
 
             return $stm->execute();
         } catch (\PDOException $e) {
-            exit(__FILE__.' '.__LINE__."<br>\n".$e->getMessage());
+            exit(__FILE__ . ' ' . __LINE__ . "<br>\n" . $e->getMessage());
         }
     }
 
@@ -129,12 +129,12 @@ public static function delete(array $where)
         $where_str = '';
         $where_ary = [];
         foreach ($where as $k => $v) {
-            $where_str .= ' '.$v[0].' '.$v[1].' :'.$v[0];
+            $where_str .= ' ' . $v[0] . ' ' . $v[1] . ' :' . $v[0];
             $where_ary[$v[0]] = $v[2];
         }
 
         $sql = '
- DELETE FROM `'.self::$tbl."`
+ DELETE FROM `' . self::$tbl . "`
   WHERE {$where_str}";
 
         elog("sql={$sql}");
@@ -145,7 +145,7 @@ public static function delete(array $where)
 
             return $stm->execute();
         } catch (\PDOException $e) {
-            exit(__FILE__.' '.__LINE__."<br>\n".$e->getMessage());
+            exit(__FILE__ . ' ' . __LINE__ . "<br>\n" . $e->getMessage());
         }
     }
 
@@ -177,7 +177,7 @@ public static function qry(string $sql, array $ary = [], string $type = 'all')
 
             return false;
         } catch (\PDOException $e) {
-            exit(__FILE__.' '.__LINE__."<br>\n".$e->getMessage());
+            exit(__FILE__ . ' ' . __LINE__ . "<br>\n" . $e->getMessage());
         }
     }
 
@@ -213,7 +213,7 @@ public static function simple($request, $table, $primaryKey, $columns, $extra =
         elog(__METHOD__);
 
         $db = self::$dbh;
-        $cols = '`'.implode('`, `', self::pluck($columns, 'db')).'`';
+        $cols = '`' . implode('`, `', self::pluck($columns, 'db')) . '`';
         $bind = [];
 
         $limit = self::limit($request, $columns);
@@ -283,7 +283,7 @@ public static function limit($request, $columns)
         $limit = '';
 
         if (isset($request['start']) && -1 != $request['length']) {
-            $limit = 'LIMIT '.intval($request['start']).', '.intval($request['length']);
+            $limit = 'LIMIT ' . intval($request['start']) . ', ' . intval($request['length']);
         }
 
         return $limit;
@@ -297,23 +297,23 @@ public static function order($request, $columns)
 
         if (isset($request['order']) && count($request['order'])) {
             $orderBy = [];
-//            $dtColumns = self::pluck($columns, 'dt');
+            //            $dtColumns = self::pluck($columns, 'dt');
 
             for ($i = 0, $ien = count($request['order']); $i < $ien; ++$i) {
                 $columnIdx = intval($request['order'][$i]['column']);
                 $requestColumn = $request['columns'][$columnIdx];
-//                $columnIdx = array_search($requestColumn['data'], $dtColumns); // don't use $dtColumns
+                //                $columnIdx = array_search($requestColumn['data'], $dtColumns); // don't use $dtColumns
                 $columnIdx = array_search($requestColumn['data'], array_column($columns, 'dt'));
                 $column = $columns[$columnIdx];
 
                 if ('true' == $requestColumn['orderable']) {
                     $dir = 'asc' === $request['order'][$i]['dir'] ? 'ASC' : 'DESC';
-                    $orderBy[] = '`'.$column['db'].'` '.$dir;
+                    $orderBy[] = '`' . $column['db'] . '` ' . $dir;
                 }
             }
 
             if (count($orderBy)) {
-                $order = 'ORDER BY '.implode(', ', $orderBy);
+                $order = 'ORDER BY ' . implode(', ', $orderBy);
             }
         }
 
@@ -336,8 +336,8 @@ public static function filter($request, $columns, &$bindings)
                 $column = $columns[$columnIdx];
 
                 if ('true' == $requestColumn['searchable'] && $column['db']) {
-                    $binding = self::bind($bindings, '%'.$str.'%', PDO::PARAM_STR);
-                    $globalSearch[] = '`'.$column['db'].'` LIKE '.$binding;
+                    $binding = self::bind($bindings, '%' . $str . '%', PDO::PARAM_STR);
+                    $globalSearch[] = '`' . $column['db'] . '` LIKE ' . $binding;
                 }
             }
         }
@@ -352,9 +352,9 @@ public static function filter($request, $columns, &$bindings)
                 $str = $requestColumn['search']['value'];
 
                 if ('true' == $requestColumn['searchable'] && '' != $str && null !== $column['db']) {
-                    $binding = self::bind($bindings, '%'.$str.'%', PDO::PARAM_STR);
+                    $binding = self::bind($bindings, '%' . $str . '%', PDO::PARAM_STR);
                     if ($column['db']) {
-                        $columnSearch[] = '`'.$column['db'].'` LIKE '.$binding;
+                        $columnSearch[] = '`' . $column['db'] . '` LIKE ' . $binding;
                     }
                 }
             }
@@ -364,17 +364,17 @@ public static function filter($request, $columns, &$bindings)
         $where = '';
 
         if (count($globalSearch)) {
-            $where = '('.implode(' OR ', $globalSearch).')';
+            $where = '(' . implode(' OR ', $globalSearch) . ')';
         }
 
         if (count($columnSearch)) {
             $where = '' === $where ?
                 implode(' AND ', $columnSearch) :
-                $where.' AND '.implode(' AND ', $columnSearch);
+                $where . ' AND ' . implode(' AND ', $columnSearch);
         }
 
         if ('' !== $where) {
-            $where = 'WHERE '.$where;
+            $where = 'WHERE ' . $where;
         }
 
         return $where;
@@ -405,7 +405,7 @@ public static function sql_exec($db, $bindings, $sql = null, string $type = 'all
         try {
             $stmt->execute();
         } catch (PDOException $e) {
-            self::fatal('An SQL error occurred: '.$e->getMessage());
+            self::fatal('An SQL error occurred: ' . $e->getMessage());
         }
 
         if ('all' === $type) {
@@ -435,7 +435,7 @@ private static function bind(&$a, $val, $type)
     {
         elog(__METHOD__);
 
-        $key = ':binding_'.count($a);
+        $key = ':binding_' . count($a);
         $a[] = ['key' => $key, 'val' => $val, 'type' => $type];
 
         return $key;
diff --git a/php/init.php b/php/init.php
@@ -11,11 +11,12 @@ class Init
     public function __construct(object $g)
     {
         elog(__METHOD__);
+
         session_start();
 
-        elog('GET=' . var_export($_GET, true));
-        elog('POST=' . var_export($_POST, true));
-        elog('SESSION=' . var_export($_SESSION, true));
+        //        elog('GET=' . var_export($_GET, true));
+        //        elog('POST=' . var_export($_POST, true));
+        //        elog('SESSION=' . var_export($_SESSION, true));
 
         //$_SESSION = []; // to reset session for testing
 
@@ -67,6 +68,9 @@ public function __toString(): string
         elog(__METHOD__);
 
         $g = $this->t->g;
+
+        dbg($g);
+
         $x = $g->in['x'];
         if ('text' === $x) {
             return preg_replace('/^\h*\v+/m', '', strip_tags($g->out['main']));
diff --git a/php/plugins/auth.php b/php/plugins/auth.php
@@ -1,8 +1,8 @@
 <?php
 
 declare(strict_types=1);
-// lib/php/plugins/auth.php 20150101 - 20230604
-// Copyright (C) 2015-2023 Mark Constable <markc@renta.net> (AGPL-3.0)
+// lib/php/plugins/auth.php 20150101 - 20250118
+// Copyright (C) 2015-2025 Mark Constable <markc@renta.net> (AGPL-3.0)
 
 class Plugins_Auth extends Plugin
 {
@@ -33,6 +33,10 @@ public function create(): string
             if (filter_var($u, FILTER_VALIDATE_EMAIL)) {
                 if ($usr = db::read('id,acl', 'login', $u, '', 'one')) {
                     if (9 != $usr['acl']) {
+                        if (!isset($this->g->cfg['email']) || !filter_var($this->g->cfg['email'], FILTER_VALIDATE_EMAIL)) {
+                            util::log('System email address is not valid', 'danger');
+                            util::redirect($this->g->cfg['self'] . '?o=' . $this->g->in['o'] . '&m=list');
+                        }
                         $newpass = util::genpw(self::OTP_LENGTH);
                         if ($this->mail_forgotpw($u, $newpass, 'From: ' . $this->g->cfg['email'])) {
                             db::update([
@@ -66,6 +70,21 @@ public function list(): string
         $u = $this->in['login'];
         $p = $this->in['webpw'];
 
+        if (filter_var($this->g->cfg['email'], FILTER_VALIDATE_EMAIL) ?? '') {
+            $_SESSION['usr'] = [
+                'id' => 0,
+                'grp' => 0,
+                'acl' => 0,
+                'login' => $this->g->cfg['email'],
+                'fname' => 'Admin',
+                'lname' => 'User'
+            ];
+            $_SESSION['adm'] = 0;
+            util::log($u . ' is now logged in', 'success');
+            $_SESSION['m'] = 'list';
+            util::redirect($this->g->cfg['self']);
+        }
+
         if ($u) {
             if ($usr = db::read('id,grp,acl,login,fname,lname,webpw,cookie', 'login', $u, '', 'one')) {
                 extract($usr);
diff --git a/php/plugins/processes.php b/php/plugins/processes.php
@@ -1,15 +1,16 @@
 <?php
 
 declare(strict_types=1);
-// plugins/processes.php 20170225 - 20180430
-// Copyright (C) 2015-2018 Mark Constable <markc@renta.net> (AGPL-3.0)
+// plugins/processes.php 20170225 - 20260128
+// Copyright (C) 2015-2025 Mark Constable <markc@renta.net> (AGPL-3.0)
 
 class Plugins_Processes extends Plugin
 {
     public function list(): string
     {
         elog(__METHOD__);
 
-        return $this->t->list(['procs' => shell_exec('sudo processes')]);
+        $cmd = "ps -eo rss:10,vsz:10,%cpu:5,cmd --sort=rss | grep -v \"^\s\+0\" | cut -c -79";
+        return $this->t->list(['procs' => shell_exec($cmd)]);
     }
 }
diff --git a/php/themes/bootstrap5/accounts.php b/php/themes/bootstrap5/accounts.php
@@ -29,7 +29,8 @@ public function update(array $in): string
 
     public function list(array $in): string
     {
-        elog(__METHOD__ . ' ' . var_export($in, true));
+        elog(__METHOD__);
+        //elog(__METHOD__ . ' ' . var_export($in, true));
 
         extract($in);
         $aclgrp_buf = '';
diff --git a/php/themes/bootstrap5/processes.php b/php/themes/bootstrap5/processes.php
@@ -26,8 +26,8 @@ public function list(array $in): string
         </div><!-- END UPPER ROW -->
         <div class="row">
           <div class="col-12">
-            <h5>Process List <small>(' . (count(explode("\n", $in['procs'])) - 1) . ')</small></h5>
-            <pre><code>' . $in['procs'] . '
+            <h5>Process List <small>(' . ($in['procs'] ? (count(explode("\n", $in['procs'])) - 1) : 0) . ')</small></h5>
+            <pre><code>' . ($in['procs'] ?? 'No process data available') . '
             </code></pre>
           </div>
         </div>';
diff --git a/public/index.php b/public/index.php
@@ -24,8 +24,9 @@
 echo new Init(new class()
 {
     public $cfg = [
-        'email' => 'markc@renta.net',
-        'file' => __DIR__ . DS . 'lib' . DS . '.ht_conf.php', // settings override
+        'email' => 'admin@example.com',
+        'admpw' => 'admin123',
+        'file' => '../php/.ht_conf.php', // settings override
         'hash' => 'SHA512-CRYPT',
         'host' => '',
         'perp' => 25,
@@ -39,7 +40,8 @@
         'l' => '',           // Log (message)
         'm' => 'list',       // Method (action)
         'o' => 'home',       // Object (content)
-        't' => 'bootstrap5', // Theme
+        'r' => 'local',      // Remotes (local)
+        't' => 'bootstrap5', // Theme (Default)
         'x' => '',           // XHR (request)
     ];
     public $out = [
@@ -58,8 +60,8 @@
     public $db = [
         'host' => '127.0.0.1', // DB site
         'name' => 'sysadm',    // DB name
-        'pass' => 'php' . DS . '.ht_pw', // MySQL password override
-        'path' => 'sysadm.db', // SQLite DB
+        'pass' => '../php/.ht_pw', // MySQL password override
+        'path' => '../sysadm/sysadm.db', // SQLite DB
         'port' => '3306',      // DB port
         'sock' => '',          // '/run/mysqld/mysqld.sock',
         'type' => 'sqlite',    // mysql | sqlite
@@ -114,8 +116,8 @@
         'db' => [
             'host' => '127.0.0.1', // Alt DNS DB site
             'name' => 'pdns',      // Alt DNS DB name
-            'pass' => 'lib' . DS . '.ht_dns_pw', // MySQL DNS password override
-            'path' => 'pdns.db',   // DNS SQLite DB
+            'pass' => '../php/.ht_dns_pw', // MySQL DNS password override
+            'path' => '../sysadm/pdns.db', // DNS SQLite DB
             'port' => '3306',      // Alt DNS DB port
             'sock' => '',          // '/run/mysqld/mysqld.sock',
             'type' => 'sqlite',    // mysql | sqlite | '' to disable

Original file line number	Diff line number	Diff line change
`@@ -1,15 +1,16 @@`
`1`	`1`	`<?php`
`2`	`2`
`3`	`3`	`declare(strict_types=1);`
`4`		`-// plugins/processes.php 20170225 - 20180430`
`5`		`-// Copyright (C) 2015-2018 Mark Constable <markc@renta.net> (AGPL-3.0)`
	`4`	`+// plugins/processes.php 20170225 - 20260128`
	`5`	`+// Copyright (C) 2015-2025 Mark Constable <markc@renta.net> (AGPL-3.0)`
`6`	`6`
`7`	`7`	`class Plugins_Processes extends Plugin`
`8`	`8`	`{`
`9`	`9`	`public function list(): string`
`10`	`10`	`{`
`11`	`11`	`elog(__METHOD__);`
`12`	`12`
`13`		`- return $this->t->list(['procs' => shell_exec('sudo processes')]);`
	`13`	`+ $cmd = "ps -eo rss:10,vsz:10,%cpu:5,cmd --sort=rss \| grep -v \"^\s\+0\" \| cut -c -79";`
	`14`	`+ return $this->t->list(['procs' => shell_exec($cmd)]);`
`14`	`15`	`}`
`15`	`16`	`}`
Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,8 @@ public function update(array $in): string`
`29`	`29`
`30`	`30`	`public function list(array $in): string`
`31`	`31`	`{`
`32`		`- elog(__METHOD__ . ' ' . var_export($in, true));`
	`32`	`+ elog(__METHOD__);`
	`33`	`+ //elog(__METHOD__ . ' ' . var_export($in, true));`
`33`	`34`
`34`	`35`	`extract($in);`
`35`	`36`	`$aclgrp_buf = '';`