1
0
Fork 0
Manager/pages/identities.php

147 lines
9.7 KiB
PHP

<?php
$statementCreateTable = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS `UserIdentitys` (`PrincipalID` CHAR(36) NOT NULL, `IdentityID` CHAR(36) NOT NULL, PRIMARY KEY (`PrincipalID`, `IdentityID`)) ENGINE=MyISAM CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci");
$statementCreateTable->execute();
$statementCreateTrigger = $RUNTIME['PDO']->prepare("CREATE TRIGGER IF NOT EXISTS del_id_trig AFTER DELETE ON UserAccounts FOR EACH ROW DELETE FROM UserIdentitys WHERE UserIdentitys.PrincipalID = OLD.PrincipalID OR UserIdentitys.IdentityID = OLD.PrincipalID");
$statementCreateTrigger->execute();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
include_once 'app/FormValidator.php';
if (isset($_POST['enableIdent'])) {
$validator = new FormValidator(array(
'uuid' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
));
if ($validator->isValid($_POST)) {
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = :PrincipalID AND IdentityID = :IdentityID LIMIT 1");
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_POST['uuid']]);
$statementPresence = $RUNTIME['PDO']->prepare("SELECT 1 FROM Presence WHERE UserID = :PrincipalID LIMIT 1");
$statementPresence->execute(['PrincipalID' => $_SESSION['UUID']]);
if ($statementPresence->rowCount() == 0) {
if ($statement->rowCount() == 1) {
$statementAuth = $RUNTIME['PDO']->prepare('UPDATE auth SET UUID = :IdentityID WHERE UUID = :PrincipalID');
$statementAuth->execute(['IdentityID' => $_POST['uuid'], 'PrincipalID' => $_SESSION['UUID']]);
$statementUserIdentitys = $RUNTIME['PDO']->prepare('UPDATE UserIdentitys SET PrincipalID = :IdentityID WHERE PrincipalID = :PrincipalID');
$statementUserIdentitys->execute(['IdentityID' => $_POST['uuid'], 'PrincipalID' => $_SESSION['UUID']]);
$statementFriends = $RUNTIME['PDO']->prepare('UPDATE Friends SET PrincipalID = :IdentityID WHERE PrincipalID = :PrincipalID');
$statementFriends->execute(['IdentityID' => $_POST['uuid'], 'PrincipalID' => $_SESSION['UUID']]);
//$statementReFriends = $RUNTIME['PDO']->prepare('UPDATE Friends SET Friend = :IdentityID WHERE Friend = :PrincipalID');
//$statementReFriends->execute(['IdentityID' => $_POST['uuid'], 'PrincipalID' => $_SESSION['UUID']]);
$statementInventoryFolders = $RUNTIME['PDO']->prepare('UPDATE inventoryfolders SET agentID = :IdentityID WHERE agentID = :PrincipalID AND type != :InventarTyp');
$statementInventoryFolders->execute(['IdentityID' => $_POST['uuid'], 'PrincipalID' => $_SESSION['UUID'], 'InventarTyp' => 46]);
$statementInventoryItems = $RUNTIME['PDO']->prepare('UPDATE inventoryitems SET avatarID = :IdentityID WHERE avatarID = :PrincipalID');
$statementInventoryItems->execute(['IdentityID' => $_POST['uuid'], 'PrincipalID' => $_SESSION['UUID']]);
$statementGroupMembership = $RUNTIME['PDO']->prepare('UPDATE os_groups_membership SET PrincipalID = :IdentityID WHERE PrincipalID = :PrincipalID');
$statementGroupMembership->execute(['IdentityID' => $_POST['uuid'], 'PrincipalID' => $_SESSION['UUID']]);
$statementGroupRoles = $RUNTIME['PDO']->prepare('UPDATE os_groups_rolemembership SET PrincipalID = :IdentityID WHERE PrincipalID = :PrincipalID');
$statementGroupRoles->execute(['IdentityID' => $_POST['uuid'], 'PrincipalID' => $_SESSION['UUID']]);
$statementGroupRoles = $RUNTIME['PDO']->prepare('DELETE FROM Presence WHERE UserID = :PrincipalID');
$statementGroupRoles->execute(['PrincipalID' => $_SESSION['UUID']]);
$_SESSION['LOGIN'] = 'false';
session_destroy();
}
} else {
$_SESSION['identities_err'] = 'Du kannst die Identität nicht ändern, während du angemeldet bist. Bitte schließe den Viewer.';
}
}
} elseif (isset($_POST['createIdent'])) {
$validator = new FormValidator(array(
'newName' => array('required' => true, 'regex' => '/^[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}$/')
));
if ($validator->isValid($_POST)) {
$avatarNameParts = explode(" ", trim($_POST['newName']));
if (count($avatarNameParts) == 2) {
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserAccounts WHERE FirstName = :FirstName AND LastName = :LastName LIMIT 1");
$statement->execute(['FirstName' => trim($avatarNameParts[0]), 'LastName' => trim($avatarNameParts[1])]);
if ($statement->rowCount() == 0) {
include_once 'app/OpenSim.php';
$avatarUUID = (new OpenSim())->gen_uuid();
$statementAccounts = $RUNTIME['PDO']->prepare('INSERT INTO UserAccounts (PrincipalID, ScopeID, FirstName, LastName, Email, ServiceURLs, Created, UserLevel, UserFlags, UserTitle, active) VALUES (:PrincipalID, :ScopeID, :FirstName, :LastName, :Email, :ServiceURLs, :Created, :UserLevel, :UserFlags, :UserTitle, :active )');
$statementAccounts->execute(['PrincipalID' => $avatarUUID, 'ScopeID' => "00000000-0000-0000-0000-000000000000", 'FirstName' => $avatarNameParts[0], 'LastName' => $avatarNameParts[1], 'Email' => $_SESSION['EMAIL'], 'ServiceURLs' => "HomeURI= GatekeeperURI= InventoryServerURI= AssetServerURI= ", 'Created' => time(), 'UserLevel' => 0, 'UserFlags' => 0, 'UserTitle' => "", 'active' => 1]);
$statementUserIdentitys = $RUNTIME['PDO']->prepare('INSERT INTO UserIdentitys (PrincipalID, IdentityID) VALUES (:PrincipalID, :IdentityID)');
$statementUserIdentitys->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $avatarUUID]);
} else {
$_SESSION['identities_err'] = 'Dieser Name ist schon in Benutzung.';
}
} else {
$_SESSION['identities_err'] = 'Der Name muss aus einem Vor und einem Nachnamen bestehen.';
}
}
}
elseif (isset($_POST['deleteIdent'])) {
$validator = new FormValidator(array(
'uuid' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
));
if ($validator->isValid($_POST)) {
$statementValidate = $RUNTIME['PDO']->prepare('SELECT 1 FROM UserIdentitys WHERE PrincipalID = ? AND IdentityID = ?');
$statementValidate->execute([$_SESSION['UUID'], $_POST['uuid']]);
if($statementValidate->fetch()) {
$statementDelete = $RUNTIME['PDO']->prepare('DELETE FROM UserAccounts WHERE PrincipalID = ?');
$statementDelete->execute([$_POST['uuid']]);
}
}
}
header('Location: index.php?page=identities');
die();
}
$HTML->setHTMLTitle("Identitäten");
$HTML->importSeitenInhalt("identities.html");
$statementCheckForEntry = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = ? LIMIT 1");
$statementCheckForEntry->execute(array($_SESSION['UUID']));
if ($statementCheckForEntry->rowCount() == 0) {
$statement = $RUNTIME['PDO']->prepare('INSERT INTO `UserIdentitys` (PrincipalID, IdentityID) VALUES (:PrincipalID, :IdentityID)');
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_SESSION['UUID']]);
}
$table = '<table class="table"><thead><tr><th scope="col">Name</th><th scope="col">Aktionen</th></thead><tbody>%%ENTRY%%</tbody></table>';
$statement = $RUNTIME['PDO']->prepare("SELECT IdentityID FROM UserIdentitys WHERE PrincipalID = ? ORDER BY IdentityID ASC");
$statement->execute(array($_SESSION['UUID']));
include_once 'app/OpenSim.php';
$opensim = new OpenSim();
while ($row = $statement->fetch()) {
if ($row['IdentityID'] == $_SESSION['UUID']) {
$entry = '<tr><td>'.htmlspecialchars(trim($opensim->getUserName($row['IdentityID']))).' <span class="badge badge-info">Aktiv</span></td><td>-</td></tr>';
} else {
$entry = '<tr><td>'.htmlspecialchars(trim($opensim->getUserName($row['IdentityID']))).'</td><td><form action="index.php?page=identities" method="post">%%CSRF%%<input type="hidden" name="uuid" value="'.htmlspecialchars($row['IdentityID']).'"><button type="submit" name="enableIdent" class="btn btn-success btn-sm">Aktivieren</button> <button type="submit" name="deleteIdent" class="btn btn-danger btn-sm">Löschen</button></form></td></tr>';
}
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
}
$table = str_replace("%%ENTRY%%", "", $table);
$HTML->ReplaceSeitenInhalt("%%IDENT-LIST%%", $table);
$HTML->ReplaceSeitenInhalt("%%link%%", ' ');
$message = '';
if (isset($_SESSION['identities_err'])) {
$message = '<div class="alert alert-danger" role="alert">'.$_SESSION['identities_err'].'</div>';
unset($_SESSION['identities_err']);
}
$HTML->ReplaceSeitenInhalt("%%MESSAGE%%", $message);
$HTML->build();
echo $HTML->ausgabe();