Skip to content

Commit

Permalink
v2.0.00
Browse files Browse the repository at this point in the history
  • Loading branch information
@rossdotparker
rossdotparker committed Jun 5, 2016
1 parent 0377461 commit 4d5cb16
Show file tree
Hide file tree
Showing 20 changed files with 1,194 additions and 120 deletions.
17 changes: 17 additions & 0 deletions Credentials/CHANGEDB.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,3 +27,20 @@
++$count;
$sql[$count][0] = '1.0.04';
$sql[$count][1] = '';

//v2.0.00
++$count;
$sql[$count][0] = '2.0.00';
$sql[$count][1] = "
ALTER TABLE `credentialsCredential` DROP `title`, DROP `url`;end
ALTER TABLE `credentialsCredential` ADD `credentialsWebsiteID` INT(4) UNSIGNED ZEROFILL NULL DEFAULT NULL AFTER `credentialsCredentialID`;end
ALTER TABLE `credentialsCredential` ADD `notes` TEXT NOT NULL AFTER `password`;end
CREATE TABLE `credentialsWebsite` (`credentialsWebsiteID` int(4) unsigned zerofill NOT NULL AUTO_INCREMENT, `title` varchar(100) NOT NULL, `active` enum('Y','N') NOT NULL DEFAULT 'Y', `url` varchar(255) NOT NULL, `logo` varchar(255) NOT NULL, `notes` text NOT NULL, `gibbonPersonIDCreator` int(10) unsigned zerofill NOT NULL, `timestampCreator` datetime NOT NULL, PRIMARY KEY (`credentialsWebsiteID`)) ENGINE=MyISAM DEFAULT CHARSET=utf8;end
INSERT INTO `gibbonAction` (`gibbonModuleID`, `name`, `precedence`, `category`, `description`, `URLList`, `entryURL`, `entrySidebar`, `menuShow`, `defaultPermissionAdmin`, `defaultPermissionTeacher`, `defaultPermissionStudent`, `defaultPermissionParent`, `defaultPermissionSupport`, `categoryPermissionStaff`, `categoryPermissionStudent`, `categoryPermissionParent`, `categoryPermissionOther`) VALUES ((SELECT gibbonModuleID FROM gibbonModule WHERE name='Credentials'), 'Manage Websites', 0, 'Websites', 'Allows privileged users to manage website details.', 'websites.php, websites_add.php, websites_edit.php, websites_delete.php', 'websites.php', 'Y', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N') ;end
INSERT INTO `gibbonPermission` (`permissionID` ,`gibbonRoleID` ,`gibbonActionID`) VALUES (NULL , '1', (SELECT gibbonActionID FROM gibbonAction JOIN gibbonModule ON (gibbonAction.gibbonModuleID=gibbonModule.gibbonModuleID) WHERE gibbonModule.name='Credentials' AND gibbonAction.name='Manage Websites'));end
UPDATE gibbonAction SET category='Credentials' WHERE (name='Manage Credentials' OR name='Import Credentials') AND gibbonModuleID=(SELECT gibbonModuleID FROM gibbonModule WHERE name='Credentials');end
INSERT INTO `gibbonAction` (`gibbonModuleID`, `name`, `precedence`, `category`, `description`, `URLList`, `entryURL`, `entrySidebar`, `menuShow`, `defaultPermissionAdmin`, `defaultPermissionTeacher`, `defaultPermissionStudent`, `defaultPermissionParent`, `defaultPermissionSupport`, `categoryPermissionStaff`, `categoryPermissionStudent`, `categoryPermissionParent`, `categoryPermissionOther`) VALUES ((SELECT gibbonModuleID FROM gibbonModule WHERE name='Credentials'), 'View Credentials in Parent Dashboard', 0, '', 'Allows parents to see login details, including passwords, for their children in their family.', 'hook_parentDashboard_credentials.php', '', 'Y', 'N', 'N', 'N', 'N', 'Y', 'N', 'N', 'N', 'Y', 'N') ;end
INSERT INTO `gibbonPermission` (`permissionID` ,`gibbonRoleID` ,`gibbonActionID`) VALUES (NULL , '4', (SELECT gibbonActionID FROM gibbonAction JOIN gibbonModule ON (gibbonAction.gibbonModuleID=gibbonModule.gibbonModuleID) WHERE gibbonModule.name='Credentials' AND gibbonAction.name='View Credentials in Parent Dashboard'));end
INSERT INTO `gibbonHook` (`gibbonHookID`, `name`, `type`, `options`, gibbonModuleID) VALUES (NULL, 'Credentials', 'Parental Dashboard', 'a:3:{s:16:\"sourceModuleName\";s:11:\"Credentials\";s:18:\"sourceModuleAction\";s:36:\"View Credentials in Parent Dashboard\";s:19:\"sourceModuleInclude\";s:36:\"hook_parentDashboard_credentials.php\";}', (SELECT gibbonModuleID FROM gibbonModule WHERE name='Credentials'));end
";
7 changes: 7 additions & 0 deletions Credentials/CHANGELOG.txt
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,12 @@
CHANGELOG
=========
v2.0.00
-------
Added predefinition of sites for easier data entry
Added visual grid layout to credential list
Added hook to parent dashboard
Not directly upgradable from v1.0.04

v1.0.04
-------
Fixed indentation in beautified PHP code
Expand Down
6 changes: 5 additions & 1 deletion Credentials/credentials_student.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,11 @@

try {
$data = array('gibbonPersonID' => $gibbonPersonID);
$sql = 'SELECT * FROM credentialsCredential WHERE gibbonPersonID=:gibbonPersonID ORDER BY title';
$sql = 'SELECT *
FROM credentialsCredential
JOIN credentialsWebsite ON (credentialsCredential.credentialsWebsiteID=credentialsWebsite.credentialsWebsiteID)
WHERE gibbonPersonID=:gibbonPersonID
ORDER BY title';
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
Expand Down
45 changes: 27 additions & 18 deletions Credentials/credentials_student_add.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,27 +84,30 @@
<table class='smallIntBorder' cellspacing='0' style="width: 100%">
<tr>
<td style='width: 275px'>
<b><?php echo __($guid, 'Site Title') ?> *</b><br/>
<b><?php echo __($guid, 'Website') ?> *</b><br/>
<span style="font-size: 90%"><i></i></span>
</td>
<td class="right">
<input name="title" id="title" maxlength=100 value="" type="text" style="width: 300px">
<script type="text/javascript">
var title=new LiveValidation('title');
title.add(Validate.Presence);
</script>
</td>
</tr>
<tr>
<td>
<b><?php echo __($guid, 'URL') ?></b><br/>
</td>
<td class="right">
<input name="url" id="url" maxlength=255 value="" type="text" style="width: 300px">
<script type="text/javascript">
var url=new LiveValidation('url');
url.add( Validate.Format, { pattern: /(http|https):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/, failureMessage: "Must start with http:// or https://" } );
</script>
<select name="credentialsWebsiteID" id="credentialsWebsiteID" class="standardWidth">
<?php
//List gibbon units
try {
$dataSelect = array();
$sqlSelect = "SELECT * FROM credentialsWebsite WHERE active='Y' ORDER BY title";
$resultSelect = $connection2->prepare($sqlSelect);
$resultSelect->execute($dataSelect);
} catch (PDOException $e) {
}
echo "<option value='Please select...'>".__($guid, 'Please select...').'</option>';
while ($rowSelect = $resultSelect->fetch()) {
echo "<option value='".$rowSelect['credentialsWebsiteID']."'>".htmlPrep($rowSelect['title']).'</option>';
}
?>
</select>
<script type="text/javascript">
var credentialsWebsiteID=new LiveValidation('credentialsWebsiteID');
credentialsWebsiteID.add(Validate.Exclusion, { within: ['Please select...'], failureMessage: "<?php echo __($guid, 'Select something!') ?>"});
</script>
</td>
</tr>
<tr>
Expand All @@ -124,6 +127,12 @@
<input name="password" id="password" maxlength=50 value="" type="text" style="width: 300px">
</td>
</tr>
<tr>
<td colspan=2>
<b><?php echo __($guid, 'Notes') ?></b>
<textarea name='notes' id='notes' rows=5 class='standardWidth'></textarea>
</td>
</tr>
<tr>
<td>
<span style="font-size: 90%"><i>* <?php echo __($guid, 'denotes a required field'); ?></i></span>
Expand Down
10 changes: 5 additions & 5 deletions Credentials/credentials_student_addProcess.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,9 +55,9 @@
} else {
//Proceed!
//Validate Inputs
$title = $_POST['title'];
$url = $_POST['url'];
$credentialsWebsiteID = $_POST['credentialsWebsiteID'];
$username = $_POST['username'];
$notes = $_POST['notes'];

//Encrypt password
$passwordFinal = null;
Expand All @@ -78,15 +78,15 @@
$passwordFinal = base64_encode($initVector).ENCRYPTION_DIVIDER_TOKEN.base64_encode($encrypted);
}

if ($title == '') {
if ($credentialsWebsiteID == '') {
//Fail 3
$URL .= '&return=error3';
header("Location: {$URL}");
} else {
//Write to database
try {
$data = array('gibbonPersonID' => $gibbonPersonID, 'title' => $title, 'url' => $url, 'username' => $username, 'password' => $passwordFinal, 'gibbonPersonID' => $gibbonPersonID, 'gibbonPersonIDCreator' => $_SESSION[$guid]['gibbonPersonID'], 'timestampCreator' => date('Y-m-d H:i:s', time()));
$sql = 'INSERT INTO credentialsCredential SET title=:title, url=:url, username=:username, password=:password, gibbonPersonID=:gibbonPersonID, gibbonPersonIDCreator=:gibbonPersonIDCreator, timestampCreator=:timestampCreator';
$data = array('gibbonPersonID' => $gibbonPersonID, 'credentialsWebsiteID' => $credentialsWebsiteID, 'username' => $username, 'password' => $passwordFinal, 'notes' => $notes, 'gibbonPersonID' => $gibbonPersonID, 'gibbonPersonIDCreator' => $_SESSION[$guid]['gibbonPersonID'], 'timestampCreator' => date('Y-m-d H:i:s', time()));
$sql = 'INSERT INTO credentialsCredential SET credentialsWebsiteID=:credentialsWebsiteID, username=:username, password=:password, notes=:notes, gibbonPersonID=:gibbonPersonID, gibbonPersonIDCreator=:gibbonPersonIDCreator, timestampCreator=:timestampCreator';
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
Expand Down
50 changes: 31 additions & 19 deletions Credentials/credentials_student_edit.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,27 +101,33 @@
<table class='smallIntBorder' cellspacing='0' style="width: 100%">
<tr>
<td style='width: 275px'>
<b><?php echo __($guid, 'Site Title') ?> *</b><br/>
<b><?php echo __($guid, 'Website') ?> *</b><br/>
<span style="font-size: 90%"><i></i></span>
</td>
<td class="right">
<input name="title" id="title" maxlength=100 value="<?php echo $row['title'] ?>" type="text" style="width: 300px">
<script type="text/javascript">
var title=new LiveValidation('title');
title.add(Validate.Presence);
</script>
</td>
</tr>
<tr>
<td>
<b><?php echo __($guid, 'URL') ?></b><br/>
</td>
<td class="right">
<input name="url" id="url" maxlength=255 value="<?php echo $row['url'] ?>" type="text" style="width: 300px">
<script type="text/javascript">
var url=new LiveValidation('url');
url.add( Validate.Format, { pattern: /(http|https):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/, failureMessage: "Must start with http:// or https://" } );
</script>
<select name="credentialsWebsiteID" id="credentialsWebsiteID" class="standardWidth">
<?php
//List gibbon units
try {
$dataSelect = array();
$sqlSelect = "SELECT * FROM credentialsWebsite WHERE active='Y' ORDER BY title";
$resultSelect = $connection2->prepare($sqlSelect);
$resultSelect->execute($dataSelect);
} catch (PDOException $e) {
}
echo "<option value='Please select...'>".__($guid, 'Please select...').'</option>';
while ($rowSelect = $resultSelect->fetch()) {
$selected = '';
if ($rowSelect['credentialsWebsiteID'] == $row['credentialsWebsiteID'])
$selected = 'selected';
echo "<option $selected value='".$rowSelect['credentialsWebsiteID']."'>".htmlPrep($rowSelect['title']).'</option>';
}
?>
</select>
<script type="text/javascript">
var credentialsWebsiteID=new LiveValidation('credentialsWebsiteID');
credentialsWebsiteID.add(Validate.Exclusion, { within: ['Please select...'], failureMessage: "<?php echo __($guid, 'Select something!') ?>"});
</script>
</td>
</tr>
<tr>
Expand All @@ -142,7 +148,7 @@
$passwordPrint = '';
if ($row['password'] != '') {
//Defines
define('SAFETY_CIPHER', MCRYPT_RIJNDAEL_256);
define('SAFETY_CIPHER', MCRYPT_RIJNDAEL_256);
define('SAFETY_MODE', MCRYPT_MODE_CFB);
define('APPLICATION_WIDE_PASSPHRASE', $guid);
define('ENCRYPTION_DIVIDER_TOKEN', '$$');
Expand All @@ -157,6 +163,12 @@
<input name="password" id="password" maxlength=50 value="<?php echo $passwordPrint ?>" type="text" style="width: 300px">
</td>
</tr>
<tr>
<td colspan=2>
<b><?php echo __($guid, 'Notes') ?></b>
<textarea name='notes' id='notes' rows=5 class='standardWidth'><?php echo htmlPrep($row['notes']) ?></textarea>
</td>
</tr>
<tr>
<td>
<span style="font-size: 90%"><i>* <?php echo __($guid, 'denotes a required field'); ?></i></span>
Expand Down
10 changes: 5 additions & 5 deletions Credentials/credentials_student_editProcess.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,9 +74,9 @@
header("Location: {$URL}");
} else {
//Validate Inputs
$title = $_POST['title'];
$url = $_POST['url'];
$credentialsWebsiteID = $_POST['credentialsWebsiteID'];
$username = $_POST['username'];
$notes = $_POST['notes'];

//Encrypt password
$passwordFinal = null;
Expand All @@ -97,15 +97,15 @@
$passwordFinal = base64_encode($initVector).ENCRYPTION_DIVIDER_TOKEN.base64_encode($encrypted);
}

if ($title == '') {
if ($credentialsWebsiteID == '') {
//Fail 3
$URL .= '&return=error3';
header("Location: {$URL}");
} else {
//Write to database
try {
$data = array('gibbonPersonID' => $gibbonPersonID, 'title' => $title, 'url' => $url, 'username' => $username, 'password' => $passwordFinal, 'gibbonPersonID' => $gibbonPersonID, 'credentialsCredentialID' => $credentialsCredentialID);
$sql = 'UPDATE credentialsCredential SET title=:title, url=:url, username=:username, password=:password, gibbonPersonID=:gibbonPersonID WHERE credentialsCredentialID=:credentialsCredentialID';
$data = array('gibbonPersonID' => $gibbonPersonID, 'credentialsWebsiteID' => $credentialsWebsiteID, 'username' => $username, 'password' => $passwordFinal, 'notes' => $notes, 'gibbonPersonID' => $gibbonPersonID, 'credentialsCredentialID' => $credentialsCredentialID);
$sql = 'UPDATE credentialsCredential SET credentialsWebsiteID=:credentialsWebsiteID, username=:username, password=:password, notes=:notes, gibbonPersonID=:gibbonPersonID WHERE credentialsCredentialID=:credentialsCredentialID';
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
Expand Down
45 changes: 45 additions & 0 deletions Credentials/hook_parentDashboard_credentials.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
<?php
/*
Gibbon, Flexible & Open School System
Copyright (C) 2010, Ross Parker
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/

@session_start();

$returnInt = null;

//Module includes
$included = false;
$includes = get_included_files();
foreach ($includes as $include) {
if (strpos(str_replace('\\', '/', $include), '/modules/Credentials/moduleFunctions.php') !== false) {
$included = true;
}
}
if ($included == false) {
require $_SESSION[$guid]['absolutePath'].'/modules/Credentials/moduleFunctions.php';
}

if (isActionAccessible($guid, $connection2, '/modules/Credentials/hook_parentDashboard_credentials.php') == false) {
//Acess denied
$returnInt .= "<div class='error'>";
$returnInt .= 'You do not have access to this action.';
$returnInt .= '</div>';
} else {
$returnInt .= getCredentialGrid($guid, $connection2, $gibbonPersonID, true);
}

return $returnInt;
67 changes: 1 addition & 66 deletions Credentials/hook_studentProfile_credentials.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,70 +28,5 @@
echo 'You do not have access to this action.';
echo '</div>';
} else {
try {
$data = array('gibbonPersonID' => $gibbonPersonID);
$sql = 'SELECT * FROM credentialsCredential WHERE gibbonPersonID=:gibbonPersonID ORDER BY title';
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) { echo "<div class='error'>".$e->getMessage().'</div>';
}

if ($result->rowCount() < 1) { echo "<div class='error'>";
echo __($guid, 'There are no records to display.');
echo '</div>';
} else {
echo "<table class='smallIntBorder' cellspacing='0' style='width: 100%'>";
echo "<tr class='head'>";
echo '<th>';
echo __($guid, 'Title').'<br/>';
echo '</th>';
echo '<th>';
echo __($guid, 'Username');
echo '</th>';
echo '<th>';
echo __($guid, 'Password').'<br/>';
echo '</th>';
echo '</tr>';

//Decryption defines
define('SAFETY_CIPHER', MCRYPT_RIJNDAEL_256);
define('SAFETY_MODE', MCRYPT_MODE_CFB);
define('APPLICATION_WIDE_PASSPHRASE', $guid);
define('ENCRYPTION_DIVIDER_TOKEN', '$$');

$count = 0;
$rowNum = 'odd';
while ($row = $result->fetch()) {
if ($count % 2 == 0) {
$rowNum = 'even';
} else {
$rowNum = 'odd';
}
++$count;

//COLOR ROW BY STATUS!
echo "<tr class=$rowNum>";
echo '<td>';
if ($row['url'] != '') {
echo "<a href='".$row['url']."' target='_blank'>".$row['title'].'</a>';
} else {
echo $row['title'];
}
echo '</td>';
echo '<td>';
echo $row['username'];
echo '</td>';
echo '<td>';
if ($row['password'] != '') {
//Key, etc.
$key = substr(md5(APPLICATION_WIDE_PASSPHRASE), 0, mcrypt_get_key_size(SAFETY_CIPHER, SAFETY_MODE));

//Decrypt
echo mcrypt_decrypt(SAFETY_CIPHER, $key, base64_decode(substr($row['password'], (strpos($row['password'], '$$') + 2))), SAFETY_MODE, base64_decode(substr($row['password'], 0, strpos($row['password'], '$$')))).'<br/>';
}
echo '</td>';
echo '</tr>';
}
echo '</table>';
}
print getCredentialGrid($guid, $connection2, $gibbonPersonID);
}
Loading

0 comments on commit 4d5cb16

Please sign in to comment.