alpha 1.0.1 : stable

mikeNickaloff · mikeNickaloff · commit 7c94e349aa59 · 2018-07-08T15:40:15.000-07:00
diff --git a/res_html/index.html b/res_html/index.html
@@ -367,5 +367,25 @@ <h4>FOOTER</h4>
 </div>
 
 
+<div id="resultDialog" class="w3-modal">
+  <div class="w3-modal-content w3-card-4 w3-animate-zoom" style="max-width:600px">
+
+    <div class="w3-center"><br>
+    <span onclick="document.getElementById('resultDialog').style.display='none'" class="w3-button w3-xlarge w3-transparent w3-display-topright" title="Close Modal">�</span>
+    <img src="img_avatar4.png" alt="Avatar" style="width:30%" class="w3-circle w3-margin-top">
+    </div>
+
+   <pre id="resultBox"></pre>
+
+
+    </div>
+
+    <div class="w3-container w3-border-top w3-padding-16 w3-light-grey">
+    <button onclick="document.getElementById('resultDialog').style.display='none'" type="button" class="w3-button w3-red">Close</button>
+
+    </div>
+
+  </div>
+
 </body>
 </html>
diff --git a/res_html/main.js b/res_html/main.js
@@ -33,9 +33,11 @@ function submitForm(event) {
                                             function (arg) {
                                                 //console.log("DEBUG login response: " + arg)
                                                 if (arg === true) {
-                                                    $('#loginError').hide()
+                                                    $('#loginError').hide();
                                                     document.getElementById('loginDialog').style.display = 'none';
-                                                    window.scrollTo(0,document.getElementById("submodule-container").offsetTop);                                                   window.loggedin = true
+                                                    window.scrollTo(0,document.getElementById("submodule-container").offsetTop);
+                                                    window.loggedin = true;
+                                                    channel.objects.clientInteraction.request_token(function(targs) { localStorage.setItem("TOKEN", targs); });
                                                     display_all_submodules();
                                                     display_all_sites();
                                                 } else {
@@ -156,6 +158,6 @@ function executeCommand() {
        for (u=0; u<params2.length; u++) {
            channel.objects.clientInteraction.set_parameter_value(params2[u].name, params2[u].checked);
        }
-    channel.objects.clientInteraction.execute(function(args) { console.log(args); });
+    channel.objects.clientInteraction.execute(function(args) { console.log(args);  $("#resultBox").html(args); $("#resultDialog").show(); });
 
 }
diff --git a/src_interfaces/clientinteraction.cpp b/src_interfaces/clientinteraction.cpp
@@ -17,7 +17,7 @@
 #include <QDir>
 ClientInteraction::ClientInteraction(QObject *parent, LoginController *i_login, FirewallController* i_firewall, DatabaseController *i_db) : QObject(parent), loginController(i_login), firewallController(i_firewall), db(i_db)
 {
- this->websiteController = new WebsiteController(this, db);
+  this->websiteController = new WebsiteController(this, db);
 }
 
 bool ClientInteraction::login(QString username, QString password)
@@ -39,6 +39,37 @@ bool ClientInteraction::login(QString username, QString password)
   return false;
 }
 
+bool ClientInteraction::tokenLogin(QString token)
+{
+  if (!firewallController->isBanned(this->remoteIP)) {
+
+
+      if (loginController->loggedIn == false) {
+          if (loginController->check_token(token) == true) {
+              emit this->LoginSuccessful();
+              return true;
+            }
+        } else {
+
+          return true;
+        }
+    }
+  emit this->LoginFailed();
+  return false;
+}
+
+QVariant ClientInteraction::request_token()
+{
+  if (!loginController->loggedIn) { emit this->requireLogin(); return QVariant::fromValue(QString("")); } else {
+      if (this->loginController->loggedIn == true) {
+          QString newToken = this->loginController->new_token(loginController->current_token);
+          loginController->current_token = newToken;
+          return QVariant::fromValue(newToken);
+        }
+      return QVariant::fromValue(QString("You must first login"));
+    }
+}
+
 QVariant ClientInteraction::allowedSubmodules()
 {
   if (!loginController->loggedIn) { emit this->requireLogin(); return QVariant::fromValue(QString("")); } else {
@@ -225,7 +256,7 @@ QVariant ClientInteraction::execute()
   QByteArray output;
   output.append(processLauncher->run_internal_script("wp", (QStringList() << QString("--path=%1").arg(websiteController->currentWebsite) << rv.split(" ", QString::SkipEmptyParts))));
 
-   qDebug() << output;
+  qDebug() << output;
   return QVariant::fromValue(output);
 
   //return QVariant::fromValue(rv);
@@ -272,18 +303,18 @@ QVariant ClientInteraction::websites()
 
 
 
-      i++;
-    }
-  main_array = QJsonArray::fromVariantList(rv);
+          i++;
+        }
+      main_array = QJsonArray::fromVariantList(rv);
 
-  QJsonObject mainObject;
+      QJsonObject mainObject;
 
 
-  mainObject.insert("websites", QJsonValue::fromVariant(rv));
-  doc.setObject(mainObject);
+      mainObject.insert("websites", QJsonValue::fromVariant(rv));
+      doc.setObject(mainObject);
 
-  return QVariant::fromValue(doc.toJson(QJsonDocument::Compact));
-}
+      return QVariant::fromValue(doc.toJson(QJsonDocument::Compact));
+    }
 }
 
 void ClientInteraction::set_parameter_value(int paramidx, QVariant val)
diff --git a/src_interfaces/clientinteraction.h b/src_interfaces/clientinteraction.h
@@ -22,6 +22,8 @@ class ClientInteraction : public QObject
     FirewallController* firewallController;
     DatabaseController* db;
     Q_INVOKABLE bool login(QString username, QString password);
+    Q_INVOKABLE bool tokenLogin(QString token);
+    Q_INVOKABLE QVariant request_token();
     QString remoteIP;
     Q_INVOKABLE QVariant allowedSubmodules();
     Q_INVOKABLE QVariant set_current_submodule(QString i_module);
diff --git a/src_interfaces/databasecontroller.cpp b/src_interfaces/databasecontroller.cpp
@@ -77,35 +77,27 @@ void DatabaseController::load_database(QString filepath)
                 << "cap"
                 << "cli"
                 << "comment"
-                << "config"
                 << "core"
                 << "cron"
                 << "db"
                 << "embed"
-                << "eval"
-                << "eval-file"
                 << "export"
-                << "help"
                 << "import"
                 << "language"
                 << "media"
                 << "menu"
                 << "network"
                 << "option"
-                << "package"
                 << "plugin"
                 << "post"
                 << "post-type"
                 << "rewrite"
                 << "role"
                 << "scaffold"
                 << "search-replace"
-                << "server"
-                << "shell"
                 << "sidebar"
                 << "site"
                 << "super-admin"
-                << "taxonomy"
                 << "term"
                 << "theme"
                 << "transient"
@@ -122,35 +114,27 @@ void DatabaseController::load_database(QString filepath)
                         << "Adds, removes, and lists capabilities of a user role."
                         << "Review current WP-CLI info, check for updates, or see defined aliases."
                         << "Creates, updates, deletes, and moderates comments."
-                        << "Generates and reads the wp-config.php file."
                         << "Downloads, installs, updates, and manages a WordPress installation."
                         << "Tests, runs, and deletes WP-Cron events; manages WP-Cron schedules."
                         << "Performs basic database operations using credentials stored in wp-config.php."
                         << "Inspects oEmbed providers, clears embed cache, and more."
-                        << "Executes arbitrary PHP code."
-                        << "Loads and executes a PHP file."
                         << "Exports WordPress content to a WXR file."
-                        << "Get help on WP-CLI, or on a specific command."
                         << "Imports content from a given WXR file."
                         << "Installs, activates, and manages language packs."
                         << "Imports files as attachments, regenerates thumbnails, or lists registered image sizes."
                         << "Lists, creates, assigns, and deletes the active theme's navigation menus."
                         << "Perform network-wide operations."
                         << "Retrieves and sets site options, including plugin and WordPress settings."
-                        << "Lists, installs, and removes WP-CLI packages."
                         << "Manages plugins, including installs, activations, and updates."
                         << "Manages posts, content, and meta."
                         << "Retrieves details on the site's registered post types."
                         << "Lists or flushes the site's rewrite rules, updates the permalink structure."
                         << "Manages user roles, including creating new roles and resetting to defaults."
                         << "Generates code for post types, taxonomies, plugins, child themes, etc."
                         << "Searches/replaces strings in the database."
-                        << "Launches PHP's built-in web server for a specific WordPress installation."
-                        << "Opens an interactive PHP console for running and testing PHP code."
                         << "Lists registered sidebars."
                         << "Creates, deletes, empties, moderates, and lists one or more sites on a multisite installation."
                         << "Lists, adds, or removes super admin users on a multisite installation."
-                        << "Retrieves information about registered taxonomies."
                         << "Manages taxonomy terms and term meta, with create, delete, and list commands."
                         << "Manages themes, including installs, activations, and updates."
                         << "Adds, gets, and deletes entries in the WordPress Transient Cache."
@@ -176,6 +160,10 @@ void DatabaseController::load_database(QString filepath)
       if (!db.tables().contains("WEBSITES")) {
           db.exec("CREATE table WEBSITES (ID int primary key, NAME text, PATH text)");
         }
+      if (!db.tables().contains("SESSIONS")) {
+          db.exec("CREATE table SESSIONS (ID int primary key, UID text, TOKEN text, SESSIONDATA text)");
+        }
+
     }
   // // qDebug() <<  executeSelectQuery("PERMSTATES", (QStringList() << "NAME" << "DESCRIPTION"), QString(""));
 }
diff --git a/src_interfaces/logincontroller.cpp b/src_interfaces/logincontroller.cpp
@@ -3,45 +3,77 @@
 #include <QVector>
 #include <QtDebug>
 #include <QVectorIterator>
+#include <QSqlQuery>
+#include <QSqlDatabase>
+#include <QVariant>
 LoginController::LoginController(QObject *parent, DatabaseController* i_db) : QObject(parent), m_db(i_db)
 {
-    this->hello_str = "hello, world!";
-    loggedIn = false;
+  this->hello_str = "hello, world!";
+  loggedIn = false;
 }
 
 bool LoginController::check_login(QString username, QString password)
 {
 
 
-    if (m_db->executeSelectQuery("USERS", (QStringList() << "USERNAME" << "PASSWORD"), QString("where USERNAME like '%1' and PASSWORD like '%2'").arg(m_db->toHex(username)).arg(m_db->toHex(m_db->sha512(password)))).count() > 0) {
-        loggedIn = true;
-
-
-        //populate permissions, descriptions, etc on a per user basis
-        // this will allow for future extending of the code if the need
-        // arises to have language support etc then the descriptions can
-        // be populated based on the selected language or the descriptions
-        // can be more specific for administrators than for operators etc
-        // it wastes about 2kb of total memory to store and is only requested
-        // once on login so i think its okay to keep
-
-        QVector<QVector<QString> > rv(m_db->executeSelectQuery("USERS", (QStringList() << "USERS.ID" << "USERNAME" << "ASSIGNMENTS.PERMISSION" << "ASSIGNMENTS.ASSIGNED" << "PERMSTATES.DESCRIPTION" << "PERMSTATES.NAME"), "inner join ASSIGNMENTS ON UID=USERS.ID inner join PERMSTATES on ASSIGNMENTS.PERMISSION=PERMSTATES.PERMISSION"));
-       QVectorIterator<QVector<QString > > i(rv);
-       while (i.hasNext()) {
-           QVector<QString> rowData(i.next());
-           this->assignments[rowData.at(2).toInt()] = static_cast<bool>(rowData.at(3).toInt());
-           this->assignment_names[rowData.at(2).toInt()] = rowData.at(5);
-           this->assignment_id_names[rowData.at(5)] = rowData.at(2).toInt();
-           this->assignment_descriptions[rowData.at(2).toInt()] = rowData.at(4);
-           this->m_uid = rowData.at(0).toInt();
-           this->m_username = m_db->fromHex(rowData.at(1));
-       }
-       //end of permission assignment population
-        // qDebug() << "Successful Login";
-        return true;
+  if (m_db->executeSelectQuery("USERS", (QStringList() << "USERNAME" << "PASSWORD"), QString("where USERNAME like '%1' and PASSWORD like '%2'").arg(m_db->toHex(username)).arg(m_db->toHex(m_db->sha512(password)))).count() > 0) {
+      loggedIn = true;
+
+
+      //populate permissions, descriptions, etc on a per user basis
+      // this will allow for future extending of the code if the need
+      // arises to have language support etc then the descriptions can
+      // be populated based on the selected language or the descriptions
+      // can be more specific for administrators than for operators etc
+      // it wastes about 2kb of total memory to store and is only requested
+      // once on login so i think its okay to keep
+
+      QVector<QVector<QString> > rv(m_db->executeSelectQuery("USERS", (QStringList() << "USERS.ID" << "USERNAME" << "ASSIGNMENTS.PERMISSION" << "ASSIGNMENTS.ASSIGNED" << "PERMSTATES.DESCRIPTION" << "PERMSTATES.NAME"), "inner join ASSIGNMENTS ON UID=USERS.ID inner join PERMSTATES on ASSIGNMENTS.PERMISSION=PERMSTATES.PERMISSION"));
+      QVectorIterator<QVector<QString > > i(rv);
+      while (i.hasNext()) {
+          QVector<QString> rowData(i.next());
+          this->assignments[rowData.at(2).toInt()] = static_cast<bool>(rowData.at(3).toInt());
+          this->assignment_names[rowData.at(2).toInt()] = rowData.at(5);
+          this->assignment_id_names[rowData.at(5)] = rowData.at(2).toInt();
+          this->assignment_descriptions[rowData.at(2).toInt()] = rowData.at(4);
+          this->m_uid = rowData.at(0).toInt();
+          this->m_username = m_db->fromHex(rowData.at(1));
+        }
+      //end of permission assignment population
+      // qDebug() << "Successful Login";
+      return true;
+    }
+  loggedIn = false;
+  return false;
+}
+
+bool LoginController::check_token(QString token)
+{
+  if (m_db->executeSelectQuery("SESSIONS", (QStringList() << "UID" << "TOKEN"), QString("where TOKEN like '%1'").arg(m_db->toHex(token))).count() > 0) {
+      loggedIn = true;
+      QSqlQuery query = m_db->db.exec(QString("delete from SESSIONS where TOKEN like '%1'").arg(m_db->toHex(token)));
+      query.finish();
+
+    } else {
+      loggedIn = false;
     }
-    loggedIn = false;
-    return false;
+  return loggedIn;
+}
+
+QString LoginController::new_token(QString oldToken)
+{
+  QSqlQuery query = m_db->db.exec(QString("delete from SESSIONS where TOKEN like '%1'").arg(m_db->toHex(oldToken)));
+  query.finish();
+  QVariantList v;
+  QUuid newTokenUUid;
+  QString newToken = newTokenUUid.createUuid().toString();
+  int newid = m_db->executeSelectQuery("SESSIONS", (QStringList() << "UID" << "TOKEN"), QString("")).count();
+  v.append(QVariant::fromValue(newid));
+  v.append(QVariant::fromValue(m_uid));
+  v.append(QVariant::fromValue(newToken));
+
+  m_db->executeInsert("SESSIONS", v);
+  return newToken;
 }
 
 void LoginController::hello()
diff --git a/src_interfaces/logincontroller.h b/src_interfaces/logincontroller.h
@@ -22,15 +22,19 @@ class LoginController : public QObject
     QHash<QString, int> assignment_id_names;
     int m_uid;
     QString m_username;
+    QString current_token;
+    bool check_token(QString token);
+    QString new_token(QString oldToken);
 signals:
 
 public slots:
 
+
 private:
     QString hello_str;
 private slots:
     void hello();
 
 };
 
-#endif // LOGINCONTROLLER_H
+#endif // LOGINCONTROLLER_H
