Skip to content

Commit

Permalink
Merge pull request #746 from emoncms/master
Browse files Browse the repository at this point in the history 
Emoncms v9.8.24
  • Loading branch information
@TrystanLea
TrystanLea committed Nov 27, 2017
2 parents 2e27b23 + af2f0e7 commit b8a10f9
Show file tree
Hide file tree
Showing 8 changed files with 352 additions and 194 deletions.
115 changes: 85 additions & 30 deletions Modules/feed/feed_model.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -942,9 +942,8 @@ public function get_processlist($id)
}
}

// USES: redis feed
public function set_processlist($userid, $id, $processlist, $process_list)
{
{
$userid = (int) $userid;

// Validate processlist
Expand All @@ -955,51 +954,79 @@ public function set_processlist($userid, $id, $processlist, $process_list)
{
$inputprocess = explode(":", $pair);
if (count($inputprocess)==2) {

// Verify process id
$processid = (int) $inputprocess[0];
if ($processid==0) return array('success'=>false, 'message'=>_("Invalid process id"));
$processid = $inputprocess[0];
if (!isset($process_list[$processid])) return array('success'=>false, 'message'=>_("Invalid process"));

// Verify argument
if (!is_numeric($inputprocess[1])) return array('success'=>false, 'message'=>_("Invalid arg"));
$arg = $inputprocess[1];

// Check that feed exists and user has ownership
if (isset($process_list[$processid]) && $process_list[$processid][1]==ProcessArg::FEEDID) {
$feedid = (int) $arg;
if (!$this->access($userid,$feedid)) {
return array('success'=>false, 'message'=>_("Invalid feed"));
}
}

// Check that input exists and user has ownership
if (isset($process_list[$processid]) && $process_list[$processid][1]==ProcessArg::INPUTID) {
$inputid = (int) $arg;
$result = $this->mysqli->query("SELECT id FROM input WHERE `userid` = '$userid' AND `id` = '$inputid'");
if ($result->num_rows != 1) return array('success'=>false, 'message'=>_("Invalid input"));

// Check argument against process arg type
switch($process_list[$processid][1]){

case ProcessArg::FEEDID:
$feedid = (int) $arg;
if (!$this->access($userid,$feedid)) {
return array('success'=>false, 'message'=>_("Invalid feed"));
}
break;

case ProcessArg::INPUTID:
$inputid = (int) $arg;
if (!$this->input_access($userid,$inputid)) {
return array('success'=>false, 'message'=>_("Invalid input"));
}
break;

case ProcessArg::VALUE:
if (!is_numeric($arg)) {
return array('success'=>false, 'message'=>'Value is not numeric');
}
break;

case ProcessArg::TEXT:
if (preg_replace('/[^\p{N}\p{L}_\s.-]/u','',$arg)!=$arg)
return array('success'=>false, 'message'=>'Invalid characters in arg');
break;

case ProcessArg::SCHEDULEID:
$scheduleid = (int) $arg;
if (!$this->schedule_access($userid,$scheduleid)) { // This should really be in the schedule model
return array('success'=>false, 'message'=>'Invalid schedule');
}
break;

case ProcessArg::NONE:
$arg = false;
break;

default:
$arg = false;
break;
}

if ($processid>0) $pairs_out[] = implode(":",array($processid,$arg));
$pairs_out[] = implode(":",array($processid,$arg));
}
}

// rebuild processlist from verified content
$processlist_out = implode(",",$pairs_out);

$stmt = $this->mysqli->prepare("UPDATE feeds SET processList = ? WHERE id = ?");
$stmt->bind_param("si",$processlist_out,$id);
$stmt->execute();
$affected_rows = $stmt->affected_rows;
$stmt->close();
$stmt = $this->mysqli->prepare("UPDATE feeds SET processList=? WHERE id=?");
$stmt->bind_param("si", $processlist_out, $id);
if (!$stmt->execute()) {
return array('success'=>false, 'message'=>_("Error setting processlist"));
}

if ($affected_rows>0) {
if ($this->mysqli->affected_rows>0){
if ($this->redis) $this->redis->hset("feed:$id",'processList',$processlist_out);
return array('success'=>true, 'message'=>'Feed processlist updated');
} else {
return array('success'=>false, 'message'=>'Feed processlist was not updated');
}
}

public function reset_processlist($id)
{
$id = (int) $id;
Expand Down Expand Up @@ -1085,5 +1112,33 @@ private function get_user_timezone($userid)
}
return $timezone;
}

// ------------------------------------------

private function input_access($userid,$inputid)
{
$userid = (int) $userid;
$inputid = (int) $inputid;
$stmt = $this->mysqli->prepare("SELECT id FROM input WHERE userid=? AND id=?");
$stmt->bind_param("ii",$userid,$inputid);
$stmt->execute();
$stmt->bind_result($id);
$result = $stmt->fetch();
$stmt->close();
if ($result && $id>0) return true; else return false;
}

private function schedule_access($userid,$scheduleid)
{
$userid = (int) $userid;
$scheduleid = (int) $scheduleid;
$stmt = $this->mysqli->prepare("SELECT id FROM schedule WHERE userid=? AND id=?");
$stmt->bind_param("ii",$userid,$scheduleid);
$stmt->execute();
$stmt->bind_result($id);
$result = $stmt->fetch();
$stmt->close();
if ($result && $id>0) return true; else return false;
}
}

91 changes: 70 additions & 21 deletions Modules/input/input_model.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,14 @@ class Input
private $mysqli;
private $feed;
private $redis;
private $log;

public function __construct($mysqli,$redis,$feed)
{
$this->mysqli = $mysqli;
$this->feed = $feed;
$this->redis = $redis;
$this->log = new EmonLogger(__FILE__);
}

public function create_input($userid, $nodeid, $name)
Expand Down Expand Up @@ -474,8 +476,16 @@ public function get_processlist($id)
}
}

// Set_processlist is called from input_controller
// a processlist might look something like:
// 1:1,2:0.1,1:2,eventp__ifrategtequalskip:10
// Historically emoncms has used integer based processid's to reference the desired process function
// however emoncms also supports text based process reference and a number of processes
// are only available via the text based function reference.
// $process_list is a list of processes

public function set_processlist($userid, $id, $processlist, $process_list)
{
{
$userid = (int) $userid;

// Validate processlist
Expand All @@ -488,30 +498,57 @@ public function set_processlist($userid, $id, $processlist, $process_list)
if (count($inputprocess)==2) {

// Verify process id
$processid = (int) $inputprocess[0];
if ($processid==0) return array('success'=>false, 'message'=>_("Invalid process id"));
$processid = $inputprocess[0];
if (!isset($process_list[$processid])) return array('success'=>false, 'message'=>_("Invalid process"));

// Verify argument
if (!is_numeric($inputprocess[1])) return array('success'=>false, 'message'=>_("Invalid arg"));
$arg = $inputprocess[1];

// Check that feed exists and user has ownership
if (isset($process_list[$processid]) && $process_list[$processid][1]==ProcessArg::FEEDID) {
$feedid = (int) $arg;
if (!$this->feed->access($userid,$feedid)) {
return array('success'=>false, 'message'=>_("Invalid feed"));
}
}

// Check that input exists and user has ownership
if (isset($process_list[$processid]) && $process_list[$processid][1]==ProcessArg::INPUTID) {
$inputid = (int) $arg;
if (!$this->access($userid,$inputid)) {
return array('success'=>false, 'message'=>_("Invalid input"));
}
// Check argument against process arg type
switch($process_list[$processid][1]){

case ProcessArg::FEEDID:
$feedid = (int) $arg;
if (!$this->feed->access($userid,$feedid)) {
return array('success'=>false, 'message'=>_("Invalid feed"));
}
break;

case ProcessArg::INPUTID:
$inputid = (int) $arg;
if (!$this->access($userid,$inputid)) {
return array('success'=>false, 'message'=>_("Invalid input"));
}
break;

case ProcessArg::VALUE:
if (!is_numeric($arg)) {
return array('success'=>false, 'message'=>'Value is not numeric');
}
break;

case ProcessArg::TEXT:
if (preg_replace('/[^\p{N}\p{L}_\s.-]/u','',$arg)!=$arg)
return array('success'=>false, 'message'=>'Invalid characters in arg');
break;

case ProcessArg::SCHEDULEID:
$scheduleid = (int) $arg;
if (!$this->schedule_access($userid,$scheduleid)) { // This should really be in the schedule model
return array('success'=>false, 'message'=>'Invalid schedule');
}
break;

case ProcessArg::NONE:
$arg = false;
break;

default:
$arg = false;
break;
}

if ($processid>0) $pairs_out[] = implode(":",array($processid,$arg));
$pairs_out[] = implode(":",array($processid,$arg));
}
}

Expand Down Expand Up @@ -544,7 +581,7 @@ public function reset_processlist($id)
private function load_input_to_redis($inputid)
{
$inputid = (int) $inputid;
$result = $this->mysqli->query("SELECT id,nodeid,name,description,processList FROM input WHERE `id` = '$inputid' ORDER BY nodeid,name asc");
$result = $this->mysqli->query("SELECT id,userid,nodeid,name,description,processList FROM input WHERE `id` = '$inputid' ORDER BY nodeid,name asc");
if ($result->num_rows > 0) {
$row = $result->fetch_object();
$userid = $row->userid;
Expand All @@ -563,7 +600,7 @@ private function load_input_to_redis($inputid)
private function load_to_redis($userid)
{
$userid = (int) $userid;
$result = $this->mysqli->query("SELECT id,nodeid,name,description,processList FROM input WHERE `userid` = '$userid' ORDER BY nodeid,name asc");
$result = $this->mysqli->query("SELECT id,userid,nodeid,name,description,processList FROM input WHERE `userid` = '$userid' ORDER BY nodeid,name asc");
while ($row = $result->fetch_object())
{
$this->redis->sAdd("user:inputs:$userid", $row->id);
Expand All @@ -577,4 +614,16 @@ private function load_to_redis($userid)
}
}

private function schedule_access($userid,$scheduleid)
{
$userid = (int) $userid;
$scheduleid = (int) $scheduleid;
$stmt = $this->mysqli->prepare("SELECT id FROM schedule WHERE userid=? AND id=?");
$stmt->bind_param("ii",$userid,$scheduleid);
$stmt->execute();
$stmt->bind_result($id);
$result = $stmt->fetch();
$stmt->close();
if ($result && $id>0) return true; else return false;
}
}
46 changes: 29 additions & 17 deletions Modules/user/login_block.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
padding: 10px;
}
</style>
<script type="text/javascript" src="<?php echo $path; ?>Modules/user/user.js"></script>
<script type="text/javascript" src="<?php echo $path; ?>Modules/user/user.js?v=1"></script>
<br>
<div class="main">
<div class="well">
Expand Down Expand Up @@ -180,15 +180,21 @@ function login(){

var result = user.login(username,password,rememberme);

if (result.success)
{
$('#login-form').submit();
return true;
}
else
{
$("#loginmessage").html("<div class='alert alert-error'>"+result.message+"</div>");
if (result.success==undefined) {
$("#loginmessage").html("<div class='alert alert-error'>"+result+"</div>");
return false;

} else {
if (result.success)
{
$('#login-form').submit();
return true;
}
else
{
$("#loginmessage").html("<div class='alert alert-error'>"+result.message+"</div>");
return false;
}
}
}

Expand All @@ -206,17 +212,23 @@ function register(){
{
var result = user.register(username,password,email);

if (result.success)
{
result = user.login(username,password);
if (result.success==undefined) {
$("#loginmessage").html("<div class='alert alert-error'>"+result+"</div>");
return false;

} else {
if (result.success)
{
window.location.href = path+"user/view";
result = user.login(username,password);
if (result.success)
{
window.location.href = path+"user/view";
}
}
else
{
$("#loginmessage").html("<div class='alert alert-error'>"+result.message+"</div>");
}
}
else
{
$("#loginmessage").html("<div class='alert alert-error'>"+result.message+"</div>");
}
}
}
Expand Down

0 comments on commit b8a10f9

Please sign in to comment.