diff options
| author | Camil Staps | 2016-07-28 10:09:30 +0200 |
|---|---|---|
| committer | Camil Staps | 2016-07-28 10:12:10 +0200 |
| commit | 127d8394eda517cbe9f1a0b94e6f5ac303786c1a (patch) | |
| tree | a83f62e8ce880d7440f1939293ba963715f6bd29 /classes | |
| parent | Braintree integration: first version (diff) | |
v0.5.1 secret files
Diffstat (limited to 'classes')
| -rw-r--r-- | classes/BusinessAdmin.php | 46 | ||||
| -rw-r--r-- | classes/Constants.php | 4 | ||||
| -rw-r--r-- | classes/File.php | 14 |
3 files changed, 59 insertions, 5 deletions
diff --git a/classes/BusinessAdmin.php b/classes/BusinessAdmin.php index 3e654a2..be6f1a4 100644 --- a/classes/BusinessAdmin.php +++ b/classes/BusinessAdmin.php @@ -76,6 +76,52 @@ class BusinessAdmin { } /** + * Get all file ids + * + * @see BusinessAdmin::getFiles() This funtion returns instances of the file class instead of just the ids + * + * @param PDO $pdo The PDO class for database connection + * @param string[] $where An array of WHERE clauses that will be AND-ed into a prepared statement + * @param mixed[] $variables An array of variables that should go into the prepared statement + * + * @throws PDOException Is something went wrong with the database + * + * @return int[] The ids + */ + public static function getFileIds($pdo, $where = [], $variables = []) { + $ids = []; + $files = $pdo->prepare("SELECT `id` FROM `".Constants::db_prefix."file`" . ((count($where) > 0) ? (" WHERE (" . implode(') AND (', $where) . ")") : "")); + $files->execute($variables); + $files = $files->fetchAll(PDO::FETCH_ASSOC); + foreach ($files as $file) { + $ids[] = $file['id']; + } + return $ids; + } + + /** + * Get all files + * + * @see BusinessAdmin::getFileIds() This function returns just the ids of the files, and not instances of the file class + * + * @param PDO $pdo The PDO class for database connection + * @param string[] $where An array of WHERE clauses that will be AND-ed into a prepared statement + * @param mixed[] $variables An array of variables that should go into the prepared statement + * + * @throws PDOException If something went wrong with the database + * + * @return file[] An array indexed by id of instances of the file class + */ + public static function getFiles($pdo, $where = [], $variables = []) { + $ids = self::getFileIds($pdo, $where, $variables); + $files = []; + foreach ($ids as $id) { + $files[$id] = new File($pdo, $id); + } + return $files; + } + + /** * Get all client ids * * @see BusinessAdmin::getClients() This funtion returns instances of the client class instead of just the ids diff --git a/classes/Constants.php b/classes/Constants.php index fb2435d..fbac6cf 100644 --- a/classes/Constants.php +++ b/classes/Constants.php @@ -30,8 +30,6 @@ class Constants { /** @const files_folder The folder to store all files (appendices, invoices, etc.) in; with a trailing slash */ const files_folder = '/var/www/localhost/BusinessAdmin/files/'; - /** @const files_folder_external The external URI to this folder; with a trailing slash */ - const files_folder_external = 'http://localhost/BusinessAdmin/files/'; /** @const files_folder_trash The folder inside files_folder to use a trash, without any trailing slashes */ const files_folder_trash = 'trash'; @@ -80,5 +78,5 @@ class Constants { const password_cost = 10; /** @const version Version of BusinessAdmin. Don't change this yourself! */ - const version = '0.5'; + const version = '0.5.1'; } diff --git a/classes/File.php b/classes/File.php index 2545dc9..4a28f80 100644 --- a/classes/File.php +++ b/classes/File.php @@ -27,7 +27,17 @@ class File extends Model { public $table = 'file', - $fillable_columns = ['filename']; + $fillable_columns = ['filename', 'secret_key']; + + /** + * A random max-63-char string that can be used as secret_key + * + * @return string The random string + */ + public static function getRandomSecretKey() { + return preg_replace('/[^\w]+/', '', + base64_encode(openssl_random_pseudo_bytes(45))); + } /** * Get the full internal path to the file @@ -48,7 +58,7 @@ class File extends Model { * @return string The URI */ public function getFilenameURI() { - return Constants::files_folder_external . $this->filename; + return Constants::url_external . 'file/get?name=' . $this->filename . '&key=' . $this->secret_key; } //------------------------------------------------------------------------------ |