From 77a32cec07795f0eaf2245877191ac9880018d3e Mon Sep 17 00:00:00 2001 From: Ilya Zverev Date: Sun, 16 Jun 2024 12:11:36 +0300 Subject: [PATCH] OAuth2, sqlite for data, small fixes all around --- .gitignore | 6 +- CHANGELOG.md | 4 +- composer.json | 3 + composer.lock | 769 +++++++++++++++++++++++++- test/CoreTest.php | 9 +- www/{config.php => config.php.sample} | 7 +- www/console_auth.php | 79 --- www/core.php | 129 +++-- www/index.php | 14 +- www/osmapi.php | 137 ++--- www/script.js | 2 +- 11 files changed, 965 insertions(+), 194 deletions(-) rename www/{config.php => config.php.sample} (71%) delete mode 100644 www/console_auth.php diff --git a/.gitignore b/.gitignore index 29107df..4dfa944 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,7 @@ www/data/ www/locale/ -locales/transifex_config - /vendor/ +locales/transifex_config +*.db +www/config.php +*.swp diff --git a/CHANGELOG.md b/CHANGELOG.md index 2ee0b0b..da0ca7b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,8 +2,10 @@ ## master -* Add `console_auth.php` for interacting with [pyLevel0](https://github.com/Zverik/pyLevel0). * Fixed user names with quotes. +* OAuth2 support. +* Data is now stored in a SQLite database instead of files. +* Unit tests (thanks @mtmail). ## 1.2, 9.02.2016 diff --git a/composer.json b/composer.json index ec20533..1c48952 100644 --- a/composer.json +++ b/composer.json @@ -2,6 +2,9 @@ "name": "zverik/level0", "description": "Web-based OpenStreetMap Editor", "type": "project", + "require": { + "jbelien/oauth2-openstreetmap": "^0.1.2" + }, "require-dev": { "phpunit/phpunit": "^11.2" }, diff --git a/composer.lock b/composer.lock index ca75f02..c78c126 100644 --- a/composer.lock +++ b/composer.lock @@ -4,8 +4,773 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "dd047b45236cf623ad90711b738423de", - "packages": [], + "content-hash": "c31154080b9231643944c534b5e3614f", + "packages": [ + { + "name": "guzzlehttp/guzzle", + "version": "7.8.1", + "source": { + "type": "git", + "url": "https://github.com/guzzle/guzzle.git", + "reference": "41042bc7ab002487b876a0683fc8dce04ddce104" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/guzzle/zipball/41042bc7ab002487b876a0683fc8dce04ddce104", + "reference": "41042bc7ab002487b876a0683fc8dce04ddce104", + "shasum": "" + }, + "require": { + "ext-json": "*", + "guzzlehttp/promises": "^1.5.3 || ^2.0.1", + "guzzlehttp/psr7": "^1.9.1 || ^2.5.1", + "php": "^7.2.5 || ^8.0", + "psr/http-client": "^1.0", + "symfony/deprecation-contracts": "^2.2 || ^3.0" + }, + "provide": { + "psr/http-client-implementation": "1.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.2", + "ext-curl": "*", + "php-http/client-integration-tests": "dev-master#2c025848417c1135031fdf9c728ee53d0a7ceaee as 3.0.999", + "php-http/message-factory": "^1.1", + "phpunit/phpunit": "^8.5.36 || ^9.6.15", + "psr/log": "^1.1 || ^2.0 || ^3.0" + }, + "suggest": { + "ext-curl": "Required for CURL handler support", + "ext-intl": "Required for Internationalized Domain Name (IDN) support", + "psr/log": "Required for using the Log middleware" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": false + } + }, + "autoload": { + "files": [ + "src/functions_include.php" + ], + "psr-4": { + "GuzzleHttp\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "Jeremy Lindblom", + "email": "jeremeamia@gmail.com", + "homepage": "https://github.com/jeremeamia" + }, + { + "name": "George Mponos", + "email": "gmponos@gmail.com", + "homepage": "https://github.com/gmponos" + }, + { + "name": "Tobias Nyholm", + "email": "tobias.nyholm@gmail.com", + "homepage": "https://github.com/Nyholm" + }, + { + "name": "Márk Sági-Kazár", + "email": "mark.sagikazar@gmail.com", + "homepage": "https://github.com/sagikazarmark" + }, + { + "name": "Tobias Schultze", + "email": "webmaster@tubo-world.de", + "homepage": "https://github.com/Tobion" + } + ], + "description": "Guzzle is a PHP HTTP client library", + "keywords": [ + "client", + "curl", + "framework", + "http", + "http client", + "psr-18", + "psr-7", + "rest", + "web service" + ], + "support": { + "issues": "https://github.com/guzzle/guzzle/issues", + "source": "https://github.com/guzzle/guzzle/tree/7.8.1" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://github.com/Nyholm", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/guzzle", + "type": "tidelift" + } + ], + "time": "2023-12-03T20:35:24+00:00" + }, + { + "name": "guzzlehttp/promises", + "version": "2.0.2", + "source": { + "type": "git", + "url": "https://github.com/guzzle/promises.git", + "reference": "bbff78d96034045e58e13dedd6ad91b5d1253223" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/promises/zipball/bbff78d96034045e58e13dedd6ad91b5d1253223", + "reference": "bbff78d96034045e58e13dedd6ad91b5d1253223", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.2", + "phpunit/phpunit": "^8.5.36 || ^9.6.15" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": false + } + }, + "autoload": { + "psr-4": { + "GuzzleHttp\\Promise\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "Tobias Nyholm", + "email": "tobias.nyholm@gmail.com", + "homepage": "https://github.com/Nyholm" + }, + { + "name": "Tobias Schultze", + "email": "webmaster@tubo-world.de", + "homepage": "https://github.com/Tobion" + } + ], + "description": "Guzzle promises library", + "keywords": [ + "promise" + ], + "support": { + "issues": "https://github.com/guzzle/promises/issues", + "source": "https://github.com/guzzle/promises/tree/2.0.2" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://github.com/Nyholm", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises", + "type": "tidelift" + } + ], + "time": "2023-12-03T20:19:20+00:00" + }, + { + "name": "guzzlehttp/psr7", + "version": "2.6.2", + "source": { + "type": "git", + "url": "https://github.com/guzzle/psr7.git", + "reference": "45b30f99ac27b5ca93cb4831afe16285f57b8221" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/psr7/zipball/45b30f99ac27b5ca93cb4831afe16285f57b8221", + "reference": "45b30f99ac27b5ca93cb4831afe16285f57b8221", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0", + "psr/http-factory": "^1.0", + "psr/http-message": "^1.1 || ^2.0", + "ralouphie/getallheaders": "^3.0" + }, + "provide": { + "psr/http-factory-implementation": "1.0", + "psr/http-message-implementation": "1.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.2", + "http-interop/http-factory-tests": "^0.9", + "phpunit/phpunit": "^8.5.36 || ^9.6.15" + }, + "suggest": { + "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": false + } + }, + "autoload": { + "psr-4": { + "GuzzleHttp\\Psr7\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "George Mponos", + "email": "gmponos@gmail.com", + "homepage": "https://github.com/gmponos" + }, + { + "name": "Tobias Nyholm", + "email": "tobias.nyholm@gmail.com", + "homepage": "https://github.com/Nyholm" + }, + { + "name": "Márk Sági-Kazár", + "email": "mark.sagikazar@gmail.com", + "homepage": "https://github.com/sagikazarmark" + }, + { + "name": "Tobias Schultze", + "email": "webmaster@tubo-world.de", + "homepage": "https://github.com/Tobion" + }, + { + "name": "Márk Sági-Kazár", + "email": "mark.sagikazar@gmail.com", + "homepage": "https://sagikazarmark.hu" + } + ], + "description": "PSR-7 message implementation that also provides common utility methods", + "keywords": [ + "http", + "message", + "psr-7", + "request", + "response", + "stream", + "uri", + "url" + ], + "support": { + "issues": "https://github.com/guzzle/psr7/issues", + "source": "https://github.com/guzzle/psr7/tree/2.6.2" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://github.com/Nyholm", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7", + "type": "tidelift" + } + ], + "time": "2023-12-03T20:05:35+00:00" + }, + { + "name": "jbelien/oauth2-openstreetmap", + "version": "0.1.2", + "source": { + "type": "git", + "url": "https://github.com/jbelien/oauth2-openstreetmap.git", + "reference": "84c992990a317cdfcdfb41dbce548273a502ed44" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/jbelien/oauth2-openstreetmap/zipball/84c992990a317cdfcdfb41dbce548273a502ed44", + "reference": "84c992990a317cdfcdfb41dbce548273a502ed44", + "shasum": "" + }, + "require": { + "league/oauth2-client": "^2.6" + }, + "require-dev": { + "mockery/mockery": "^1.4", + "phpunit/phpunit": "^9.5", + "squizlabs/php_codesniffer": "^3.6" + }, + "type": "library", + "autoload": { + "psr-4": { + "JBelien\\OAuth2\\Client\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "description": "OpenStreetMap OAuth 2.0 support for the PHP League's OAuth 2.0 Client ", + "keywords": [ + "OpenStreetMap", + "authorisation", + "authorization", + "client", + "oauth", + "oauth2", + "osm" + ], + "support": { + "issues": "https://github.com/jbelien/oauth2-openstreetmap/issues", + "source": "https://github.com/jbelien/oauth2-openstreetmap/tree/0.1.2" + }, + "time": "2021-10-18T09:46:22+00:00" + }, + { + "name": "league/oauth2-client", + "version": "2.7.0", + "source": { + "type": "git", + "url": "https://github.com/thephpleague/oauth2-client.git", + "reference": "160d6274b03562ebeb55ed18399281d8118b76c8" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/thephpleague/oauth2-client/zipball/160d6274b03562ebeb55ed18399281d8118b76c8", + "reference": "160d6274b03562ebeb55ed18399281d8118b76c8", + "shasum": "" + }, + "require": { + "guzzlehttp/guzzle": "^6.0 || ^7.0", + "paragonie/random_compat": "^1 || ^2 || ^9.99", + "php": "^5.6 || ^7.0 || ^8.0" + }, + "require-dev": { + "mockery/mockery": "^1.3.5", + "php-parallel-lint/php-parallel-lint": "^1.3.1", + "phpunit/phpunit": "^5.7 || ^6.0 || ^9.5", + "squizlabs/php_codesniffer": "^2.3 || ^3.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-2.x": "2.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "League\\OAuth2\\Client\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Alex Bilbie", + "email": "hello@alexbilbie.com", + "homepage": "http://www.alexbilbie.com", + "role": "Developer" + }, + { + "name": "Woody Gilk", + "homepage": "https://github.com/shadowhand", + "role": "Contributor" + } + ], + "description": "OAuth 2.0 Client Library", + "keywords": [ + "Authentication", + "SSO", + "authorization", + "identity", + "idp", + "oauth", + "oauth2", + "single sign on" + ], + "support": { + "issues": "https://github.com/thephpleague/oauth2-client/issues", + "source": "https://github.com/thephpleague/oauth2-client/tree/2.7.0" + }, + "time": "2023-04-16T18:19:15+00:00" + }, + { + "name": "paragonie/random_compat", + "version": "v9.99.100", + "source": { + "type": "git", + "url": "https://github.com/paragonie/random_compat.git", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", + "shasum": "" + }, + "require": { + "php": ">= 7" + }, + "require-dev": { + "phpunit/phpunit": "4.*|5.*", + "vimeo/psalm": "^1" + }, + "suggest": { + "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." + }, + "type": "library", + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com" + } + ], + "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", + "keywords": [ + "csprng", + "polyfill", + "pseudorandom", + "random" + ], + "support": { + "email": "info@paragonie.com", + "issues": "https://github.com/paragonie/random_compat/issues", + "source": "https://github.com/paragonie/random_compat" + }, + "time": "2020-10-15T08:29:30+00:00" + }, + { + "name": "psr/http-client", + "version": "1.0.3", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-client.git", + "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-client/zipball/bb5906edc1c324c9a05aa0873d40117941e5fa90", + "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90", + "shasum": "" + }, + "require": { + "php": "^7.0 || ^8.0", + "psr/http-message": "^1.0 || ^2.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Client\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "Common interface for HTTP clients", + "homepage": "https://github.com/php-fig/http-client", + "keywords": [ + "http", + "http-client", + "psr", + "psr-18" + ], + "support": { + "source": "https://github.com/php-fig/http-client" + }, + "time": "2023-09-23T14:17:50+00:00" + }, + { + "name": "psr/http-factory", + "version": "1.1.0", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-factory.git", + "reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-factory/zipball/2b4765fddfe3b508ac62f829e852b1501d3f6e8a", + "reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a", + "shasum": "" + }, + "require": { + "php": ">=7.1", + "psr/http-message": "^1.0 || ^2.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Message\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "PSR-17: Common interfaces for PSR-7 HTTP message factories", + "keywords": [ + "factory", + "http", + "message", + "psr", + "psr-17", + "psr-7", + "request", + "response" + ], + "support": { + "source": "https://github.com/php-fig/http-factory" + }, + "time": "2024-04-15T12:06:14+00:00" + }, + { + "name": "psr/http-message", + "version": "2.0", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-message.git", + "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71", + "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71", + "shasum": "" + }, + "require": { + "php": "^7.2 || ^8.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Message\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "Common interface for HTTP messages", + "homepage": "https://github.com/php-fig/http-message", + "keywords": [ + "http", + "http-message", + "psr", + "psr-7", + "request", + "response" + ], + "support": { + "source": "https://github.com/php-fig/http-message/tree/2.0" + }, + "time": "2023-04-04T09:54:51+00:00" + }, + { + "name": "ralouphie/getallheaders", + "version": "3.0.3", + "source": { + "type": "git", + "url": "https://github.com/ralouphie/getallheaders.git", + "reference": "120b605dfeb996808c31b6477290a714d356e822" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822", + "reference": "120b605dfeb996808c31b6477290a714d356e822", + "shasum": "" + }, + "require": { + "php": ">=5.6" + }, + "require-dev": { + "php-coveralls/php-coveralls": "^2.1", + "phpunit/phpunit": "^5 || ^6.5" + }, + "type": "library", + "autoload": { + "files": [ + "src/getallheaders.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Ralph Khattar", + "email": "ralph.khattar@gmail.com" + } + ], + "description": "A polyfill for getallheaders.", + "support": { + "issues": "https://github.com/ralouphie/getallheaders/issues", + "source": "https://github.com/ralouphie/getallheaders/tree/develop" + }, + "time": "2019-03-08T08:55:37+00:00" + }, + { + "name": "symfony/deprecation-contracts", + "version": "v3.5.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/deprecation-contracts.git", + "reference": "0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1", + "reference": "0e0d29ce1f20deffb4ab1b016a7257c4f1e789a1", + "shasum": "" + }, + "require": { + "php": ">=8.1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "3.5-dev" + }, + "thanks": { + "name": "symfony/contracts", + "url": "https://github.com/symfony/contracts" + } + }, + "autoload": { + "files": [ + "function.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "A generic function and convention to trigger deprecation notices", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/deprecation-contracts/tree/v3.5.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-04-18T09:32:20+00:00" + } + ], "packages-dev": [ { "name": "myclabs/deep-copy", diff --git a/test/CoreTest.php b/test/CoreTest.php index 7656828..ba85a97 100644 --- a/test/CoreTest.php +++ b/test/CoreTest.php @@ -20,22 +20,19 @@ public function test_store_and_read_base() { ] ]; - $filename = get_cache_filename('base'); - global $basedata; - clear_data(); - $this->assertFalse(file_exists($filename)); $basedata = $testdata; store_base(); - $this->assertTrue(file_exists($filename)); $basedata = []; read_base(); $this->assertEquals($basedata, $testdata); clear_data(); - $this->assertFalse(file_exists($filename)); + $this->assertEquals($basedata, []); + + read_base(); $this->assertEquals($basedata, []); } diff --git a/www/config.php b/www/config.php.sample similarity index 71% rename from www/config.php rename to www/config.php.sample index dae1f6d..915570a 100644 --- a/www/config.php +++ b/www/config.php.sample @@ -5,18 +5,15 @@ const CLIENT_SECRET = ''; // Just some OSM paths, if you want to switch to dev server -const OSM_OAUTH_URL = 'https://www.openstreetmap.org/oauth/'; const OSM_API_URL = 'https://api.openstreetmap.org/api/0.6/'; - -// dev -//const OSM_OAUTH_URL = 'http://api06.dev.openstreetmap.org/oauth/'; -//const OSM_API_URL = 'http://api06.dev.openstreetmap.org/api/0.6/'; +// const OSM_API_URL = 'http://api06.dev.openstreetmap.org/api/0.6/'; // Other settings const BBOX_RADIUS = 0.0003; // for downloading around a point const MAX_REQUEST_OBJECTS = 500; const DATA_DIR = 'data'; const TEXT_DOMAIN = 'messages'; +const SQLITE_DB = __DIR__.'/../level0.db'; const CONSOLE_DB = 'console.db'; // Where to store tokens for the console const DEBUG = false; diff --git a/www/console_auth.php b/www/console_auth.php deleted file mode 100644 index 7263073..0000000 --- a/www/console_auth.php +++ /dev/null @@ -1,79 +0,0 @@ - 8) { - // Create a table, or remove any old tokens for rid. - $db->exec('CREATE TABLE IF NOT EXISTS l0auth (rid STRING PRIMARY KEY, token STRING, secret STRING, when INTEGER'); - $st = $db->prepare('DELETE FROM l0auth WHERE rid = :rid'); - $st->bindValue(':rid', $_REQUEST['rid'], SQLITE3_TEXT); - $st->execute(); - - try { - $oauth = new OAuth(CLIENT_ID, CLIENT_SECRET, - OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_URI); - $request_token_info = $oauth->getRequestToken(OSM_OAUTH_URL.'request_token'); - $st = $db->prepare('INSERT INTO l0auth (rid, secret) VALUES (:rid, :secret)'); - $st->bindValue(':rid', $_REQUEST['rid'], SQLITE3_TEXT); - $st->bindValue(':token', $request_token_info['oauth_token'], SQLITE3_TEXT); - $st->bindValue(':secret', $request_token_info['oauth_token_secret'], SQLITE3_TEXT); - $st->execute(); - header('Location: '.OSM_OAUTH_URL."authorize?oauth_token=". - $request_token_info['oauth_token']); - } catch(OAuthException $E) { - echo('OAuth error '.$E->getCode().': '.$E->getMessage()); - } - exit; - -} elseif ($action == 'check' && isset($_REQUEST['rid'])) { - $st = $db->prepare('SELECT * FROM l0auth WHERE rid = :rid AND when IS NOT NULL'); - $st->bindValue(':rid', $_REQUEST['rid'], SQLITE3_TEXT); - $result = $st->execute(); - $row = $result ? $result->fetchArray(SQLITE3_ASSOC) : null; - if ($row && isset($row['rid'])) { - if ($row['when'] >= time() - 10) { - echo $row['token']; - echo $row['secret']; - } - $st = $db->prepare('DELETE FROM l0auth WHERE rid = :rid'); - $st->bindValue(':rid', $_REQUEST['rid']); - $st->execute(); - } - exit; - -} elseif ($action == 'callback') { - if(!isset($_GET['oauth_token'])) { - echo "Error! There is no OAuth token!"; - exit; - } - $st = $db->prepare('SELECT * FROM l0auth WHERE token = :token'); - $st->bindValue(':token', $_REQUEST['oauth_token'], SQLITE3_TEXT); - $result = $st->execute(); - $row = $result ? $result->fetchArray(SQLITE3_ASSOC) : null; - if (!$row || !isset($row['secret'])) { - echo "Error! There is no OAuth secret!"; - exit; - } - try { - $oauth = new OAuth(CLIENT_ID, CLIENT_SECRET, - OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_URI); - $oauth->setToken($_GET['oauth_token'], $row['secret']); - $access_token_info = $oauth->getAccessToken(OSM_OAUTH_URL.'access_token'); - - $st = $db->prepare('UPDATE l0auth SET token = :token, secret = :secret, when = '.time().' WHERE rid = :rid'); - $st->bindValue(':rid', $row['rid'], SQLITE3_TEXT); - $st->bindValue(':token', strval($access_token_info['oauth_token']), SQLITE3_TEXT); - $st->bindValue(':secret', strval($access_token_info['oauth_token_secret']), SQLITE3_TEXT); - $st->execute(); - - // TODO: close the window - echo('Please close this window.'); - } catch(OAuthException $E) { - echo("
Exception:\n");
-    print_r($E);
-    echo '
'; - } - exit; -} diff --git a/www/core.php b/www/core.php index 8d5915d..3b456c4 100644 --- a/www/core.php +++ b/www/core.php @@ -13,50 +13,117 @@ function parse_text( $str ) { $userdata = l0l_to_data($str); } -function get_cache_filename( $suffix ) { - global $l0id; - return DATA_DIR.'/'.$l0id.'.'.$suffix; +function open_db($readonly) { + try { + $mode = $readonly ? SQLITE3_OPEN_READONLY : SQLITE3_OPEN_READWRITE; + $db = new SQLite3(SQLITE_DB, $mode); + error_log('Opened db with mode '.$mode.' (readonly: '.$readonly.')'); + } catch (Exception) { + $db = new SQLite3(SQLITE_DB); + $db->exec( + "create table if not exists base ". + "(l0id integer primary key, content text, ". + "created datetime default current_timestamp);"); + $db->exec( + "create table if not exists user ". + "(l0id integer primary key, content text, ". + "created datetime default current_timestamp);"); + } + $db->exec('PRAGMA journal_mode = wal;'); + return $db; } function read_base() { - global $basedata; - $filename = get_cache_filename('base'); - $data = @file_get_contents($filename); - if( $data !== false ) - $basedata = @unserialize($data); - if( !is_array($basedata) ) - $basedata = array(); + global $basedata, $l0id, $error; + try { + $db = open_db(true); // should be true, but the next line invokes the ro error + $st = $db->prepare("select content from base where l0id = :id"); + if (!$st) { + $error = 'Failed to prepare sqlite statement'; + return; + } + $st->bindValue(':id', $l0id, SQLITE3_INTEGER); + $result = $st->execute(); + $row = $result ? $result->fetchArray(SQLITE3_NUM) : null; + if ($row) { + $basedata = @unserialize($row[0]); + if( !is_array($basedata) ) + $basedata = array(); + } + $db->close(); + } catch (Exception $e) { + // it's okay + $error = 'Error reading stored data: '.$e; + } } function store_base() { - global $basedata; - $filename = get_cache_filename('base'); - if( $basedata && count($basedata) > 0 ) { - if (!is_dir(dirname($filename))) - mkdir(dirname($filename)); - @file_put_contents($filename, serialize($basedata)); - } else { - // delete base - @unlink($filename); - } + global $basedata, $l0id, $error; + try { + $db = open_db(false); + if( $basedata && count($basedata) > 0 ) { + $st = $db->prepare( + "insert into base(l0id, content) values(:id, :cnt) ". + "on conflict do update set content = :cnt"); + $st->bindValue(':id', $l0id, SQLITE3_INTEGER); + $st->bindValue(':cnt', serialize($basedata), SQLITE3_TEXT); + $st->execute(); + error_log('written '.count($basedata).' objects to db'); + } else { + $st = $db->prepare("delete from base where l0id = :id"); + $st->bindValue(':id', $l0id, SQLITE3_INTEGER); + $st->execute(); + error_log('no data written'); + } + $db->close(); + } catch (Exception $e) { + $error = 'Error storing data: '.$e; + } } function read_user() { - $filename = get_cache_filename('user'); - $text = @file_get_contents($filename); - @unlink($filename); - return $text !== false && strlen($text) > 0 ? $text : ''; + global $l0id, $error; + $text = ''; + try { + $db = open_db(false); + $st = $db->prepare("select content from user where l0id = :id"); + $st->bindValue(':id', $l0id, SQLITE3_INTEGER); + $result = $st->execute(); + $row = $result ? $result->fetchArray(SQLITE3_NUM) : null; + if ($row) { + $text = row[0]; + $st = $db->prepare("delete from user where l0id = :id"); + $st->bindValue(':id', $l0id, SQLITE3_INTEGER); + $st->execute(); + } + $db->close(); + } catch (Exception $e) { + $error = 'Error reading stored user data: '.$e; + } + return $text; } // saves user data to a cache. function store_user( $text ) { - $filename = get_cache_filename('user'); - if( strlen($text) > 0 ) { - @file_put_contents($filename, $text); - } else { - // delete file - @unlink($filename); - } + global $l0id, $error; + try { + $db = open_db(false); + if(strlen($text) > 0) { + $st = $db->prepare( + "insert into user(l0id, content) values(:id, :cnt) ". + "on conflict do update set content = :cnt"); + $st->bindValue(':id', $l0id, SQLITE3_INTEGER); + $st->bindValue(':cnt', $text, SQLITE3_TEXT); + $st->execute(); + } else { + $st = $db->prepare("delete from user where l0id = :id"); + $st->bindValue(':id', $l0id, SQLITE3_INTEGER); + $st->execute(); + } + $db->close(); + } catch (Exception $e) { + $error = 'Error storing user data: '.$e; + } } function clear_data() { diff --git a/www/index.php b/www/index.php index 88ea9a0..705c6cc 100644 --- a/www/index.php +++ b/www/index.php @@ -1,18 +1,22 @@ $session_lifetime, + 'use_only_cookies' => true, + 'use_strict_mode' => true, +]); // Determine the locale $directory = dirname(__FILE__).'/locale'; diff --git a/www/osmapi.php b/www/osmapi.php index 78a141d..d24553e 100644 --- a/www/osmapi.php +++ b/www/osmapi.php @@ -1,113 +1,126 @@ CLIENT_ID, + 'clientSecret' => CLIENT_SECRET, + 'redirectUri' => 'http://127.0.0.1/level0/index.php?action=callback', + 'dev' => strpos(OSM_API_URL, 'dev.openstreetmap') !== false + ]); +} function oauth_login() { - global $error; - try { - $oauth = new OAuth(CLIENT_ID,CLIENT_SECRET,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI); - $request_token_info = $oauth->getRequestToken(OSM_OAUTH_URL.'request_token'); - $_SESSION['secret'] = $request_token_info['oauth_token_secret']; - header('Location: '.OSM_OAUTH_URL."authorize?oauth_token=".$request_token_info['oauth_token']); - exit; - } catch(OAuthException $E) { - $error = 'OAuth error '.$E->getCode().': '.$E->getMessage(); - } + $oauth = oauth_make(); + $options = ['scope' => 'read_prefs write_api']; + $auth_url = $oauth->getAuthorizationUrl($options); + + $_SESSION['oauth2state'] = $oauth->getState(); + header('Location: '.$auth_url); + exit; } function oauth_logout() { unset($_SESSION['osm_user']); unset($_SESSION['osm_langs']); unset($_SESSION['osm_token']); - unset($_SESSION['osm_secret']); } function oauth_callback() { global $php_self; - if(!isset($_GET['oauth_token'])) { - echo "Error! There is no OAuth token!"; - } elseif(!isset($_SESSION['secret'])) { - echo "Error! There is no OAuth secret!"; + if(empty($_GET['code'])) { + echo "Error: there is no OAuth code."; + } elseif(empty($_SESSION['oauth2state'])) { + echo "Error: there is no OAuth state."; + print_r($_SESSION); + } elseif(empty($_GET['state']) || $_GET['state'] != $_SESSION['oauth2state']) { + echo "Error: invalid state."; } else { + unset($_SESSION['oauth2state']); try { - $oauth = new OAuth(CLIENT_ID, CLIENT_SECRET, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_URI); - $oauth->setToken($_GET['oauth_token'], $_SESSION['secret']); - $access_token_info = $oauth->getAccessToken(OSM_OAUTH_URL.'access_token'); - unset($_SESSION['secret']); - - $_SESSION['osm_token'] = strval($access_token_info['oauth_token']); - $_SESSION['osm_secret'] = strval($access_token_info['oauth_token_secret']); - $oauth->setToken($_SESSION['osm_token'], $_SESSION['osm_secret']); - - try { - $oauth->fetch(OSM_API_URL.'user/details'); - $user_details = $oauth->getLastResponse(); - - $xml = simplexml_load_string($user_details); - $_SESSION['osm_user'] = strval($xml->user['display_name']); - - $langs = array(); - foreach( $xml->user->languages->lang as $lang ) - $langs[] = strval($lang); - $_SESSION['osm_langs'] = $langs; - } catch(OAuthException $E) { - // well, we don't need that - } + $oauth = oauth_make(); + $accessToken = $oauth->getAccessToken( + 'authorization_code', ['code' => $_GET['code']] + ); + $_SESSION['osm_token'] = $accessToken; + + $resourceOwner = $oauth->getResourceOwner($accessToken); + $osm_user = $resourceOwner->getDisplayName(); + $langs = $resourceOwner->getLanguages(); + $_SESSION['osm_user'] = $osm_user; + $_SESSION['osm_langs'] = $langs; header("Location: ".$php_self.'?action=remember'); - } catch(OAuthException $E) { + } catch (Exception $e) { echo("
Exception:\n");
-			print_r($E);
+			print_r($e);
 			echo '
'; - } + } } exit; } function oauth_upload( $comment, $data ) { global $messages, $error; - if( !isset($_SESSION['osm_token']) || !isset($_SESSION['osm_secret']) ) { + if(empty($_SESSION['osm_token'])) { $error = _('OAuth token was lost, please log in again.'); oauth_logout(); return false; } + $token = $_SESSION['osm_token']; try { $stage = 'login'; - $oauth = new OAuth(CLIENT_ID, CLIENT_SECRET, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_URI); - $oauth->setToken($_SESSION['osm_token'], $_SESSION['osm_secret']); + $oauth = oauth_make(); - $change_data = create_changeset($data, $comment); - $xml_content = array('Content-Type' => 'application/xml'); $stage = 'create'; - // note: this call works instead of returning 401 because of $xml_content - $oauth->fetch(OSM_API_URL.'changeset/create', $change_data, OAUTH_HTTP_METHOD_PUT, $xml_content); - if( !preg_match('/\\d+/', $oauth->getLastResponse(), $m) ) { + $xml_content = array('Content-Type' => 'application/xml'); + $ch_header = create_changeset($data, $comment); + $response = $oauth->getResponse($oauth->getAuthenticatedRequest( + 'PUT', OSM_API_URL.'changeset/create', $token, + ['body' => $ch_header, 'headers' => $xml_content] + )); + if ($response->getStatusCode() != 200) { + $error = 'Failed to create a changeset: '.$response->getBody(); + return false; + } + + // TODO: update everything from below. + if( !preg_match('/\\d+/', $response->getBody(), $m) ) { $error = _('Could not aquire changeset id for a new changeset.'); return false; } $changeset = $m[0]; - $osc = create_osc($data, $changeset); $stage = 'upload'; - $oauth->fetch(OSM_API_URL.'changeset/'.$changeset.'/upload', $osc, OAUTH_HTTP_METHOD_POST, $xml_content); + $osc = create_osc($data, $changeset); + $response = $oauth->getResponse($oauth->getAuthenticatedRequest( + 'POST', OSM_API_URL.'changeset/'.$changeset.'/upload', $token, + ['body' => $osc, 'headers' => $xml_content] + )); + if ($response->getStatusCode() == 409) { + $error = sprintf( + _('Conflict while uploading changeset %d: %s.'), + $changeset, $response->getBody()); + + // todo: process conflict + // http://wiki.openstreetmap.org/wiki/API_0.6#Error_codes_9 + return false; + } else if ($response->getStatusCode() != 200) { + $error = 'Failed to create a changeset: '.$response->getBody(); + return false; + } // todo: parse response and renumber created objects? $stage = 'close'; - $oauth->fetch(OSM_API_URL.'changeset/'.$changeset.'/close', array(), OAUTH_HTTP_METHOD_PUT); + $oauth->getResponse($oauth->getAuthenticatedRequest( + 'PUT', OSM_API_URL.'changeset/'.$changeset.'/close', $token)); $chlink = ''.$changeset.''; // todo: replace %d with %s and $chlink, removing str_replace $messages[] = '!'.str_replace($changeset, $chlink, sprintf(_('Changeset %d was uploaded successfully.'), $changeset)); return true; - } catch(OAuthException $E) { - if( $stage == 'upload' && $E->getCode() == 409 ) { - $error = sprintf(_('Conflict while uploading changeset %d: %s.'), $changeset, $oauth->getLastResponse()); - // todo: process conflict - // http://wiki.openstreetmap.org/wiki/API_0.6#Error_codes_9 - } else { - print_r($E); - $msg = $oauth->getLastResponse(); - $error = sprintf(_('OAuth error %d at stage "%s": %s.'), $E->getCode(), $stage, $msg ? $msg : $E->getMessage()); - } + } catch(Exception $E) { + print_r($E); + $error = sprintf(_('OAuth error %d at stage "%s": %s.'), $E->getCode(), $stage, $E->getMessage()); } return false; } diff --git a/www/script.js b/www/script.js index aef05ab..74d1053 100644 --- a/www/script.js +++ b/www/script.js @@ -52,7 +52,7 @@ document.addEventListener('DOMContentLoaded', () => { var map = L.map('map'); if (init_l0_map.force || !map.restoreView()) { - map.setView(init_l0_map.center.split(', '), init_l0_map.zoom); + map.setView(init_l0_map.center, init_l0_map.zoom); } L.tileLayer('https://tile.openstreetmap.org/{z}/{x}/{y}.png',