Remplace of netId in users settings

20194953 · Sofiane Lasri · 3ec337db · 20194953 · 20194953 · 20194953
Commit 20194953 authored Sep 18, 2021 by Sofiane Lasri
--- a/vbcms-admin/backTasks.php
+++ b/vbcms-admin/backTasks.php
@@ -144,9 +144,9 @@ if (isset($_GET["getNotifications"])) {
 		$fixedAssoc = $bdd->prepare("UPDATE `vbcms-baseModulesAssoc` SET extensionName = ? WHERE name = ?");
 		$fixedAssoc->execute([$extName, $assocName]);
 	}
-} elseif (isset($_GET["getNetIdLocalAccount"])&&!empty($_GET["getNetIdLocalAccount"]) && verifyUserPermission($_SESSION['user_id'], "vbcms", 'manageUsersSettings')){
-	$localAccountExist = $bdd->prepare("SELECT * FROM `vbcms-localAccounts` WHERE netIdAssoc = ?");
-	$localAccountExist->execute([$_GET["getNetIdLocalAccount"]]);
+} elseif (isset($_GET["getLocalAccount"])&&!empty($_GET["getLocalAccount"]) && verifyUserPermission($_SESSION['user_id'], "vbcms", 'manageUsersSettings')){
+	$localAccountExist = $bdd->prepare("SELECT * FROM `vbcms-localAccounts` WHERE userIdAssoc = ?");
+	$localAccountExist->execute([$_GET["getLocalAccount"]]);
 	$localAccountExist = $localAccountExist->fetch(PDO::FETCH_ASSOC);
 	echo json_encode($localAccountExist);
 	
@@ -219,17 +219,17 @@ if (isset($_GET["getNotifications"])) {
 	} else {
 		echo translate('error').': '.translate('thisIsNotJSON');
 	}
-} elseif (isset($_GET["setNetIdLocalAccount"])&&!empty($_GET["setNetIdLocalAccount"]) && (isset($_POST)&&!empty($_POST)) && verifyUserPermission($_SESSION['user_id'], "vbcms", 'manageUsersSettings')) {
-	$localAccountExist = $bdd->prepare("SELECT * FROM `vbcms-localAccounts` WHERE netIdAssoc = ?");
-	$localAccountExist->execute([$_GET["setNetIdLocalAccount"]]);
+} elseif (isset($_GET["setLocalAccount"])&&!empty($_GET["setLocalAccount"]) && (isset($_POST)&&!empty($_POST)) && verifyUserPermission($_SESSION['user_id'], "vbcms", 'manageUsersSettings')) {
+	$localAccountExist = $bdd->prepare("SELECT * FROM `vbcms-localAccounts` WHERE userIdAssoc = ?");
+	$localAccountExist->execute([$_GET["setLocalAccount"]]);
 	$localAccountExist = $localAccountExist->fetch(PDO::FETCH_ASSOC);
 	
 	if(!empty($localAccountExist)){
-		$modify = $bdd->prepare("UPDATE `vbcms-localAccounts` SET username = ?, password = ? WHERE netIdAssoc = ?");
-		$modify->execute([$_POST['localUserUsername'], password_hash($_POST['localUserPassword1'], PASSWORD_DEFAULT), $_GET["setNetIdLocalAccount"]]);
+		$modify = $bdd->prepare("UPDATE `vbcms-localAccounts` SET username = ?, password = ? WHERE userIdAssoc = ?");
+		$modify->execute([$_POST['localUserUsername'], password_hash($_POST['localUserPassword1'], PASSWORD_DEFAULT), $_GET["setLocalAccount"]]);
 	}else{
-		$query = $bdd->prepare('INSERT INTO `vbcms-localAccounts` (`netIdAssoc`, `username`, `password`, `profilePic`) VALUES (?,?,?,?)');
-		$query->execute([$_GET["setNetIdLocalAccount"], $_POST['localUserUsername'], password_hash($_POST['localUserPassword1'], PASSWORD_DEFAULT), VBcmsGetSetting("websiteUrl")."vbcms-admin/images/misc/programmer.png"]);
+		$query = $bdd->prepare('INSERT INTO `vbcms-localAccounts` (`userIdAssoc`, `username`, `password`, `profilePic`) VALUES (?,?,?,?)');
+		$query->execute([$_GET["setLocalAccount"], $_POST['localUserUsername'], password_hash($_POST['localUserPassword1'], PASSWORD_DEFAULT), VBcmsGetSetting("websiteUrl")."vbcms-admin/images/misc/programmer.png"]);
 	}
 } elseif(isset($_GET)&&!empty($_GET)){
 	echo "Commande \"".array_key_first($_GET)."(".$_GET[array_key_first($_GET)].")\" non reconnue.";

--- a/vbcms-admin/includes/settings/users.php
+++ b/vbcms-admin/includes/settings/users.php
@@ -2,6 +2,7 @@
    <div class="flex-grow-1 d-flex flex-column">
        <div class="mt-2">
            <button class="btn btn-sm btn-brown" data-toggle="modal" data-target="#inviteUserModal"><i class="fas fa-envelope"></i> <?=translate('inviteUser')?></button>
+            <button class="btn btn-outline-brown btn-sm" data-toggle="modal" data-target="#createUserModal"><i class="fas fa-user-plus"></i> <?=translate('localAccountCreation')?></button>
            <!--<a href="#" class="btn btn-outline-brown btn-sm"><i class="fas fa-user-plus"></i> <?=translate('localAccountCreation')?></a>-->
        </div>
        <?php
@@ -58,8 +59,8 @@
                                    if($user['id']!=$_SESSION['user_id']){
                                        echo ('<a href="#" onclick="toogle(\'edit-'.$user['username'].'\')" class="text-brown">'.translate("modifyUser").'</a>');
                                    }
-                                    if($user['auth']=='vbcms.net'){
-                                        echo('<a href="#" onclick="editLocalAccount(\''.$user['authId'].'\')" class="text-brown">'.translate("modifyLocalAccount").'</a>');
+                                    if($user['auth']=='vbcms'){
+                                        echo('<a href="#" onclick="editLocalAccount(\''.$user['id'].'\')" class="text-brown">'.translate("modifyLocalAccount").'</a>');
                                    }
                                echo('</small></div>
                        </div>');
@@ -210,8 +211,8 @@ window.addEventListener('load', function() {
 }, false);
 })();

-function editLocalAccount(netId) {
-    $.get("<?=VBcmsGetSetting("websiteUrl")?>vbcms-admin/backTasks/?getNetIdLocalAccount="+netId, function(data) {
+function editLocalAccount(id) {
+    $.get("<?=VBcmsGetSetting("websiteUrl")?>vbcms-admin/backTasks/?getNetIdLocalAccount="+id, function(data) {
        var json = JSON.parse(data);
        if(!jQuery.isEmptyObject(json)){
            $("#localUserUsername").val(json.username);
@@ -219,7 +220,7 @@ function editLocalAccount(netId) {
            $("#localUserUsername").val("");
        }
    });
-    $("#registerBtn").attr("onclick", "sendLocalAccountInfos('"+netId+"')");
+    $("#registerBtn").attr("onclick", "sendLocalAccountInfos('"+id+"')");
    $('#localAccountCreationModal').modal('show');
 }

@@ -230,8 +231,8 @@ $("#localUserPassword2").change(function() {
    checkPassword();
 });

-function sendLocalAccountInfos(netId){
-    $.post( "<?=VBcmsGetSetting("websiteUrl")?>vbcms-admin/backTasks?setNetIdLocalAccount="+netId, $( "#localAccountCreationForm" ).serialize() )
+function sendLocalAccountInfos(id){
+    $.post( "<?=VBcmsGetSetting("websiteUrl")?>vbcms-admin/backTasks?setLocalAccount="+id, $( "#localAccountCreationForm" ).serialize() )
    .done(function( data ) {
        if(data!=""){
            SnackBar({

--- a/vbcms-admin/login.php
+++ b/vbcms-admin/login.php
@@ -19,15 +19,15 @@ if (isset($_POST['login'])) { // Ne s'éxécute que si le formulaire de connexio
 		$user = $response->fetch(PDO::FETCH_ASSOC);
 		if(!empty($user)){
 			if(hash_equals($user["password"], crypt($_POST["password"], $user["password"]))){
-				$_SESSION['auth'] = "vbcms.net";
+				$_SESSION['auth'] = "vbcms";
 				$_SESSION['loginType'] = "local";

-				$userDetails = $bdd->prepare("SELECT * FROM `vbcms-users` WHERE authId=? AND auth='vbcms.net'");
-				$userDetails->execute([$user["netIdAssoc"]]);
+				$userDetails = $bdd->prepare("SELECT * FROM `vbcms-users` WHERE id=? AND auth='vbcms.net'");
+				$userDetails->execute([$user["userIdAssoc"]]);
 				$userDetails = $userDetails->fetch(PDO::FETCH_ASSOC);

 				$_SESSION['user_id'] = $userDetails['id'];
-				$_SESSION['netId'] = $user['netIdAssoc'];
+				$_SESSION['netId'] = null;
 				$_SESSION['user_username'] = $user['username'];

 				$userProfilPic = $bdd->prepare("SELECT value FROM `vbcms-usersSettings` WHERE userId = ? AND name = 'profilPic'");

--- a/vbcms-core/adminHandler.php
+++ b/vbcms-core/adminHandler.php
@@ -16,10 +16,7 @@ if (!isset($_SESSION["user_id"]) && $urlPath[2]!="login") { // Si l'utilisateur
 	// On va vérifier qu'il a accès au panel admin

 	if ($_SESSION['accessAdmin']!= 1){
-		if ($_SERVER['HTTP_HOST'] != "vbcms.net") {
 		session_destroy(); // On détruit la session
-		}
-
 		// Le message d'erreur sera à changer, je ne l'ai pas encore fait car je dois refaire le drm
 		header("Location: ".$url["scheme"]."://".$url["host"]."/vbcms-admin/login?err=403");
 		exit(); // Pour être sûr qu'il n'y ai pas de problèmes