From cf87bea3f01223a58f54e6e9eabffb5faeadfe6d Mon Sep 17 00:00:00 2001 From: Johannes Kreutz Date: Mon, 25 May 2020 21:52:12 +0200 Subject: [PATCH] Many bug fixes --- clientapi/php/client.php | 27 ++++++++++++++------------- clientapi/php/functions.php | 14 +++++++------- clientapi/php/hash.php | 4 +--- 3 files changed, 22 insertions(+), 23 deletions(-) diff --git a/clientapi/php/client.php b/clientapi/php/client.php index 5b582f6..d112749 100644 --- a/clientapi/php/client.php +++ b/clientapi/php/client.php @@ -29,7 +29,7 @@ } else { // Update stored IP if changed if ($config['lastknownIPv4'] != $_POST['ip']) { - updateIp($_POST["machine"], $_POST["ip"]); + updateIp($config["id"], $_POST["ip"]); } } // Switch request @@ -40,7 +40,7 @@ foreach ($allowedGroups as $group) { $groupString .= $groupString == "" ? "(".$group : ",".$group; } - $groupString .= ")"; + if ($groupString != "") $groupString .= ")"; $stmt = $database->prepare("SELECT DISTINCT firstname, lastname, username FROM people P INNER JOIN people_has_groups PHG ON PHG.people_id = P.id WHERE PHG.group_id IN ".$groupString); if (!$stmt->execute()) { echo "error"; @@ -51,6 +51,7 @@ while ($row = $result->fetch_assoc()) { array_push($data, $row["firstname"]." ".$row["lastname"]." (".$row["username"].")"); } + sort($data); $data = (object)$data; echo json_encode($data); break; @@ -62,8 +63,8 @@ die; } $response = $stmt->get_result()->fetch_assoc(); - $updateStmt = $database->prepare("UPDATE devices SET networklock = ? WHERE id = ?"); - $updateStmt->bind_param("si", $response["networklockDefault"], $response["id"]); + $updateStmt = $database->prepare("UPDATE device SET networklock = ? WHERE id = ?"); + $updateStmt->bind_param("ii", $response["networklockDefault"], $response["id"]); if (!$updateStmt->execute()) { echo "error"; die; @@ -109,7 +110,7 @@ echo "notsame"; die; } - $stmt = $database->prepare("UPDATE userpassword SET unix_hash = ?, samba_hash = ? WHERE people_id = ?"); + $stmt = $database->prepare("UPDATE userpassword SET unix_hash = ?, smb_hash = ? WHERE people_id = ?"); $stmt->bind_param("sss", unix($_POST["newpw"]), samba($_POST["newpw"]), $id); if (!$stmt->execute()) { addPasswordChangeLog($id, $_POST["machine"], 1); @@ -156,7 +157,7 @@ echo "notsame"; die; } - $stmt = $database->prepare("UPDATE userpassword SET unix_hash = ?, samba_hash = ? WHERE people_id = ?"); + $stmt = $database->prepare("UPDATE userpassword SET unix_hash = ?, smb_hash = ? WHERE people_id = ?"); $stmt->bind_param("sss", unix($_POST["newpw"]), samba($_POST["newpw"]), $targetId); if (!$stmt->execute()) { addPasswordResetLog($targetId, $_POST["machine"], $id, 1); @@ -179,7 +180,7 @@ echo "error"; die; } - echo $stmt->get_result()->fetch_assoc()["infotext"]; + echo $stmt->get_result()->fetch_assoc()["comment"]; break; case "config": if ($config["devprofile_id"] == null) { @@ -244,10 +245,10 @@ $id = loadDeviceId($_POST["target"]); $lock = $_POST["lock"] == '1' ? 1 : 0; if ($_POST["task"] == "room") { - $stmt = $database->prepare("UPDATE devices SET networklock = ? WHERE room = ? AND teacher = 0"); + $stmt = $database->prepare("UPDATE device SET networklock = ? WHERE room = ? AND teacher = 0"); $stmt->bind_param("si", $_POST["roomlist"], $id); } else { - $stmt = $database->prepare("UPDATE devices SET networklock = ? WHERE id = ? AND teacher = 0"); + $stmt = $database->prepare("UPDATE device SET networklock = ? WHERE id = ? AND teacher = 0"); $stmt->bind_param("ii", $lock, $id); } if (!$stmt->execute()) { @@ -261,7 +262,7 @@ echo "noaccess"; die; } - $stmt = $database->prepare("SELECT room, machine, hardwareid, ip, ipfire FROM machines WHERE room = ? AND teacher = '0'"); + $stmt = $database->prepare("SELECT room, name, address, lastknownIPv4, networklock FROM device D INNER JOIN hardwareidentifier HWI ON HWI.device_id = D.id WHERE room = ? AND teacher = '0'"); $stmt->bind_param("s", $config["room"]); if (!$stmt->execute()) { echo "error"; @@ -270,7 +271,7 @@ $data = array(); $result = $stmt->get_result(); while ($response = $result->fetch_assoc()) { - $machineData = array($response['room'], $response['machine'], $response['ip'], $response['hardwareid'], $response['ipfire']); + $machineData = array($response['room'], $response['name'], $response['lastknownIPv4'], $response['hardwareid'], $response['networklock']); array_push($data, $machineData); } sort($data); @@ -285,7 +286,7 @@ } break; case "checkteacher": - $stmt = $database->prepare("SELECT teacher FROM devices WHERE lastknownIPv4 = ?"); + $stmt = $database->prepare("SELECT teacher FROM device WHERE lastknownIPv4 = ?"); $stmt->bind_param("s", $_POST["req"]); if (!$stmt->execute()) { echo "noaccess"; @@ -294,7 +295,7 @@ echo $response["teacher"] == 1 ? "success" : "noaccess"; break; case "checkinet": - $stmt = $database->prepare("SELECT networklock FROM devices D INNER JOIN hardwareidentifier HW ON D.id = HW.device_id WHERE HW.address = ?"); + $stmt = $database->prepare("SELECT networklock FROM device D INNER JOIN hardwareidentifier HW ON D.id = HW.device_id WHERE HW.address = ?"); $stmt->bind_param("s", $_POST["hwaddr"]); if (!$stmt->execute()) { echo "error"; diff --git a/clientapi/php/functions.php b/clientapi/php/functions.php index b1917b3..39e2dc1 100644 --- a/clientapi/php/functions.php +++ b/clientapi/php/functions.php @@ -58,7 +58,7 @@ function isMacRegistered($mac) { return $result["num"] == 1; } // Loads the user id for a given username - function loadUserId($suername) { + function loadUserId($username) { global $database; $stmt = $database->prepare("SELECT COUNT(*) AS num, id FROM people WHERE username = ?"); $stmt->bind_param("s", $username); @@ -84,7 +84,7 @@ function loadDeviceId($mac) { // Returns data for a given mac address function loadMachineData($mac) { global $database; - $stmt = $database->prepare("SELECT name, comment, registered, networklock, room, requiresLogin, lastknownIPv4, devprofile_id, teacher FROM devices D INNER JOIN hardwareidentifier HWI ON HWI.device_id = D.id WHERE HWI.address = ?"); + $stmt = $database->prepare("SELECT id, name, comment, registered, networklock, room, requiresLogin, lastknownIPv4, devprofile_id, teacher FROM device D INNER JOIN hardwareidentifier HWI ON HWI.device_id = D.id WHERE HWI.address = ?"); $stmt->bind_param("s", $mac); if (!$stmt->execute()) { return false; @@ -93,10 +93,10 @@ function loadMachineData($mac) { return $response->fetch_assoc(); } // Updates IP address for a given machine id - function updateIp($machine, $ip) { + function updateIp($id, $ip) { global $database; - $stmt = $database->prepare("UPDATE devices SET lastknownIPv4 = ? WHERE id = ?"); - $stmt->bind_param("si", $machine, $ip); + $stmt = $database->prepare("UPDATE device SET lastknownIPv4 = ? WHERE id = ?"); + $stmt->bind_param("si", $ip, $id); return $stmt->execute(); } // Returns all groups of a device profile @@ -124,7 +124,7 @@ function updateUser($uid) { ) ); $context = stream_context_create($options); - return file_get_contents("http://pc_admin:84/api/public/usercheck/".$id, false, $context) == "SUCCESS"; + return file_get_contents("http://pc_admin/api/public/usercheck/".$uid, false, $context) == "SUCCESS"; } // Calls ipfire update function on main backend function updateIpfire() { @@ -136,6 +136,6 @@ function updateIpfire() { ) ); $context = stream_context_create($options); - return file_get_contents("http://pc_admin:84/api/public/ipfire", false, $context) == "SUCCESS"; + return file_get_contents("http://pc_admin/api/public/ipfire", false, $context) == "SUCCESS"; } ?> diff --git a/clientapi/php/hash.php b/clientapi/php/hash.php index 467267a..f3b34c8 100644 --- a/clientapi/php/hash.php +++ b/clientapi/php/hash.php @@ -1,10 +1,8 @@