joomla/Component-Builder
39
25
Fork 11
Code Issues 76 Pull Requests Projects 4 Wiki Activity

Fixed gh-235 to insure that the public access switch for front-end views work. Resolved gh-236 to Auto save Name to System Name if blank. Added text area for private key of server. Fixed the getModel helper method. Fixed the batch methods. Maked a few tweaks to the compiler.

Browse Source
This commit is contained in:
Llewellyn van der Merwe
2018-02-27 14:17:38 +02:00
parent 61a8d6fe3f
commit 1b86f1539a
98 changed files with 1409 additions and 1169 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
site/controllers/api.php
View File

@ -49,7 +49,116 @@ class ComponentbuilderControllerApi extends JControllerForm
parent::__construct($config);
}
public function handshake()
{
// get input values
$input = JFactory::getApplication()->input;
// get Trust
$PUBLIC = $input->post->get('VDM_PUBLIC', null, 'STRING');
$SECRET = $input->post->get('VDM_SECRET', null, 'STRING');
$ID = $input->post->get('VDM_ID', null, 'STRING');
// check if correct value is given
if (ComponentbuilderHelper::checkString($PUBLIC) && ComponentbuilderHelper::checkString($SECRET) && ComponentbuilderHelper::checkString($ID))
{
// use the JCB open public protocol to open this
$opened = ComponentbuilderHelper::openPublicProtocol($SECRET, $ID, $PUBLIC);
// simple check to have a little more hoops
if (ComponentbuilderHelper::checkString($opened['public']) && ComponentbuilderHelper::checkString($opened['id'])
&& strpos($opened['public'], '-----BEGIN PUBLIC KEY-----') !== false
&& strpos($opened['public'], '-----END PUBLIC KEY-----') !== false
&& strpos($opened['id'], 'VDM_') !== false
&& strpos($opened['id'], '_SP') !== false)
&& ComponentbuilderHelper::checkObject(ComponentbuilderHelper::crypt('RSA')))
{
array('public' => ComponentbuilderHelper::getPublicKey($opened['id'], $opened['public']), 'id' => $opened['id']), $opened['public']
ComponentbuilderHelper::crypt();
// clear session
JFactory::getApplication()->getSession()->destroy();
jexit();
}
}
}
// die since have no trust
echo 12;
// clear session
JFactory::getApplication()->getSession()->destroy();
jexit();
}
public function trust()
{
// get input values
$input = JFactory::getApplication()->input;
// get Trust
$TRUST = $input->post->get('VDM_TRUST', null, 'STRING');
// check if correct value is given
if (ComponentbuilderHelper::checkString($TRUST))
{
$key = ComponentbuilderHelper::salt(1, 2);
// get the trust
$trustArray = ComponentbuilderHelper::unlock($TRUST, $key, null);
// check the array
if (ComponentbuilderHelper::checkArray($trustArray)
&& isset($trustArray['request_id']) && is_numeric($trustArray['request_id'])
&& isset($trustArray['chain']) && ComponentbuilderHelper::checkArray($trustArray['chain'])
&& isset($trustArray['url']) && ComponentbuilderHelper::checkString($trustArray['url'])
&& isset($trustArray['path']) && ComponentbuilderHelper::checkString($trustArray['path'])
&& isset($trustArray['email']) && ComponentbuilderHelper::checkString($trustArray['email'])
&& isset($trustArray['name']) && ComponentbuilderHelper::checkString($trustArray['name'])
&& isset($trustArray['method']) && is_numeric($trustArray['method']) && $trustArray['method'] > 0)
{
// send the request
echo ComponentbuilderHelper::requestTrust($trustArray);
// clear session
JFactory::getApplication()->getSession()->destroy();
jexit();
}
}
// die since have no trust
echo 12;
// clear session
JFactory::getApplication()->getSession()->destroy();
jexit();
}
public function itrust()
{
// get input values
$input = JFactory::getApplication()->input;
// get allowed string
$allow = $input->get('allow', null, 'STRING');
// check if correct value is given
if (ComponentbuilderHelper::checkString($allow))
{
// get the request ID
$request_id = ComponentbuilderHelper::unlock($allow, null, 4);
// check the array
if (ComponentbuilderHelper::checkString($request_id)
&& strpos($request_id, 'VDM_') !== false
&& strpos($request_id, '_SP') !== false)
{
$request_id = str_replace(array('VDM_', '_SP'), '', $request_id);
$request_id = (string) 'VDM_' . preg_replace("/[^0-9]/", "", $request_id) . '_SP';
if ($id = ComponentbuilderHelper::getVar('trust_site', $request_id, 'request_id', 'id'))
{
if ($message = ComponentbuilderHelper::confirmTrust($id))
{
// push out the message
echo $message;
// clear session
JFactory::getApplication()->getSession()->destroy();
jexit();
}
}
}
}
// clear session
JFactory::getApplication()->getSession()->destroy();
// die since have no trust
jexit('Restricted access');
}
public function backup()
{
// get params first
@ -209,7 +318,7 @@ class ComponentbuilderControllerApi extends JControllerForm
$this->setRedirect(JRoute::_('index.php?option=com_componentbuilder&view=joomla_components', false), JText::_('COM_COMPONENTBUILDER_ACCESS_DENIED'), 'Error');
return;
}
protected function getApiUser()
{
// return user object

242
site/helpers/componentbuilder.php
View File

@ -369,7 +369,7 @@ abstract class ComponentbuilderHelper
// load this for all
jimport('joomla.application');
}
/**
* Remove folders with files
*
@ -435,7 +435,7 @@ abstract class ComponentbuilderHelper
}
return false;
}
/**
* The dynamic builder of views, tables and fields
**/
@ -444,7 +444,7 @@ abstract class ComponentbuilderHelper
self::autoLoader('extrusion');
$extruder = new Extrusion($data);
}
/**
* The zipper method
*
@ -494,8 +494,8 @@ abstract class ComponentbuilderHelper
}
return false;
}
/**
* Write a file to the server
*
@ -527,7 +527,7 @@ abstract class ComponentbuilderHelper
}
return $klaar;
}
public static function getFieldOptions($value, $type, $settings = array())
{
// Get a db connection.
@ -729,7 +729,7 @@ abstract class ComponentbuilderHelper
// noting for now
return true;
}
/**
* the Butler
**/
@ -777,7 +777,7 @@ abstract class ComponentbuilderHelper
}
return self::$localSession[$key];
}
/**
* check if it is a new hash
**/
@ -801,7 +801,33 @@ abstract class ComponentbuilderHelper
}
return false;
}
/**
* prepare base64 string for url
**/
public static function base64_urlencode($string, $encode = false)
{
if ($encode)
{
$string = base64_encode($string);
}
return str_replace(array('+', '/'), array('-', '_'), $string);
}
/**
* prepare base64 string form url
**/
public static function base64_urldecode($string, $decode = false)
{
$string = str_replace(array('-', '_'), array('+', '/'), $string);
if ($decode)
{
$string = base64_decode($string);
}
return $string;
}
/**
* Check if the url exist
*
@ -843,8 +869,8 @@ abstract class ComponentbuilderHelper
}
}
return $exists;
}
}
/**
* Get the file path or url
*
@ -914,8 +940,8 @@ abstract class ComponentbuilderHelper
// sanitize the path
return '/' . trim( $filePath, '/' ) . '/' . $fileName;
}
/**
* Get the file path or url
*
@ -955,8 +981,8 @@ abstract class ComponentbuilderHelper
// sanitize the path
return '/' . trim( $folderPath, '/' ) . '/';
}
/**
* get the content of a file
*
@ -1008,17 +1034,28 @@ abstract class ComponentbuilderHelper
}
return $none;
}
/**
* Composer Switch
**/
protected static $composer = false;
/**
* Load the Composer Vendors
**/
public static function composerAutoload()
{
// load the autoloader
require_once JPATH_ADMINISTRATOR.'/components/com_componentbuilder/helpers/vendor/autoload.php';
}
// insure we load the composer vendors only once
if (!self::$composer)
{
// load the autoloader
require_once JPATH_ADMINISTRATOR.'/components/com_componentbuilder/helpers/vendor/autoload.php';
// do not load again
self::$composer = true;
}
}
/**
* Move File to Server
*
@ -1144,47 +1181,99 @@ abstract class ComponentbuilderHelper
}
break;
case 2: // private key file
$rsa = new phpseclib\Crypt\RSA();
// check if we have a passprase
if (self::checkString($server->secret))
if (self::checkObject(self::crypt('RSA')))
{
$rsa->setPassword($server->secret);
}
// now load the key file
if (!$rsa->loadKey(self::getFileContents($server->private, null)))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_PRIVATE_KEY_FILE_COULD_NOT_BE_LOADEDFOUND_FOR_BSB_SERVER', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
}
// now login
if (!self::$sftp[$server->cache]->login($server->username, $rsa))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_LOGIN_TO_BSB_HAS_FAILED_PLEASE_CHECK_THAT_YOUR_DETAILS_ARE_CORRECT', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
// check if we have a passprase
if (self::checkString($server->secret))
{
self::crypt('RSA')->setPassword($server->secret);
}
// now load the key file
if (!self::crypt('RSA')->loadKey(self::getFileContents($server->private, null)))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_PRIVATE_KEY_FILE_COULD_NOT_BE_LOADEDFOUND_FOR_BSB_SERVER', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
}
// now login
if (!self::$sftp[$server->cache]->login($server->username, self::crypt('RSA')))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_LOGIN_TO_BSB_HAS_FAILED_PLEASE_CHECK_THAT_YOUR_DETAILS_ARE_CORRECT', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
}
}
break;
case 3: // both password and private key file
$rsa = new phpseclib\Crypt\RSA();
// check if we have a passphrase
if (self::checkString($server->secret))
if (self::checkObject(self::crypt('RSA')))
{
$rsa->setPassword($server->secret);
// check if we have a passphrase
if (self::checkString($server->secret))
{
self::crypt('RSA')->setPassword($server->secret);
}
// now load the key file
if (!self::crypt('RSA')->loadKey(self::getFileContents($server->private, null)))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_PRIVATE_KEY_FILE_COULD_NOT_BE_LOADEDFOUND_FOR_BSB_SERVER', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
}
// now login
if (!self::$sftp[$server->cache]->login($server->username, $server->password, self::crypt('RSA')))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_LOGIN_TO_BSB_HAS_FAILED_PLEASE_CHECK_THAT_YOUR_DETAILS_ARE_CORRECT', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
}
}
// now load the key file
if (!$rsa->loadKey(self::getFileContents($server->private, null)))
break;
case 4: // private key field
if (self::checkObject(self::crypt('RSA')))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_PRIVATE_KEY_FILE_COULD_NOT_BE_LOADEDFOUND_FOR_BSB_SERVER', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
// check if we have a passprase
if (self::checkString($server->secret))
{
self::crypt('RSA')->setPassword($server->secret);
}
// now load the key field
if (!self::crypt('RSA')->loadKey($server->private_key))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_PRIVATE_KEY_FIELD_COULD_NOT_BE_LOADED_FOR_BSB_SERVER', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
}
// now login
if (!self::$sftp[$server->cache]->login($server->username, self::crypt('RSA')))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_LOGIN_TO_BSB_HAS_FAILED_PLEASE_CHECK_THAT_YOUR_DETAILS_ARE_CORRECT', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
}
}
// now login
if (!self::$sftp[$server->cache]->login($server->username, $server->password, $rsa))
break;
case 5: // both password and private key field
if (self::checkObject(self::crypt('RSA')))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_LOGIN_TO_BSB_HAS_FAILED_PLEASE_CHECK_THAT_YOUR_DETAILS_ARE_CORRECT', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
// check if we have a passphrase
if (self::checkString($server->secret))
{
self::crypt('RSA')->setPassword($server->secret);
}
// now load the key file
if (!self::crypt('RSA')->loadKey($server->private_key))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_PRIVATE_KEY_FIELD_COULD_NOT_BE_LOADED_FOR_BSB_SERVER', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
}
// now login
if (!self::$sftp[$server->cache]->login($server->username, $server->password, self::crypt('RSA')))
{
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_LOGIN_TO_BSB_HAS_FAILED_PLEASE_CHECK_THAT_YOUR_DETAILS_ARE_CORRECT', $server->name), 'Error');
unset(self::$sftp[$server->cache]);
return false;
}
}
break;
}
@ -1328,9 +1417,9 @@ abstract class ComponentbuilderHelper
if (2 == $protocol)
{
// SFTP
$query->select($db->quoteName(array('name','authentication','username','host','password','path','port','private','secret')));
$query->select($db->quoteName(array('name','authentication','username','host','password','path','port','private','private_key','secret')));
// cache builder
$cache = array('authentication','username','host','password','port','private','secret');
$cache = array('authentication','username','host','password','port','private','private_key','secret');
}
else
{
@ -1348,7 +1437,7 @@ abstract class ComponentbuilderHelper
{
$server = $db->loadObject();
// Get the basic encryption.
$basickey = self::getCryptKey('basic');
$basickey = self::getCryptKey('basic', 'Th1sMnsTbL0ck@d');
// Get the encryption object.
$basic = new FOFEncryptAes($basickey, 128);
// start cache keys
@ -1386,7 +1475,6 @@ abstract class ComponentbuilderHelper
JFactory::getApplication()->enqueueMessage(JText::sprintf('COM_COMPONENTBUILDER_THE_SERVER_DETAILS_FOR_BID_SB_COULD_NOT_BE_RETRIEVED', $serverID), 'Error');
return false;
}
public static function jsonToString($value, $sperator = ", ", $table = null)
{
@ -1559,23 +1647,43 @@ abstract class ComponentbuilderHelper
/**
* Get any component's model
**/
public static function getModel($name, $path = JPATH_COMPONENT_SITE, $component = 'componentbuilder')
public static function getModel($name, $path = JPATH_COMPONENT_SITE, $component = 'Componentbuilder', $config = array())
{
// fix the name
$name = self::safeString($name);
// full path
$fullPath = $path . '/models';
// set prefix
$prefix = $component.'Model';
// load the model file
JModelLegacy::addIncludePath($fullPath);
JModelLegacy::addIncludePath($fullPath, $prefix);
// get instance
$model = JModelLegacy::getInstance( $name, $component.'Model' );
// if model not found
$model = JModelLegacy::getInstance($name, $prefix, $config);
// if model not found (strange)
if ($model == false)
{
require_once $fullPath.'/'.strtolower($name).'.php';
// build class name
$class = $prefix.$name;
// initialize the model
new $class();
$model = JModelLegacy::getInstance($name, $prefix);
jimport('joomla.filesystem.file');
// get file path
$filePath = $path.'/'.$name.'.php';
$fullPath = $fullPath.'/'.$name.'.php';
// check if it exists
if (JFile::exists($filePath))
{
// get the file
require_once $filePath;
}
elseif (JFile::exists($fullPath))
{
// get the file
require_once $fullPath;
}
// build class names
$modelClass = $prefix.$name;
if (class_exists($modelClass))
{
// initialize the model
return new $modelClass($config);
}
}
return $model;
}

1
site/language/en-GB/en-GB.com_componentbuilder.ini
View File

@ -46,6 +46,7 @@ COM_COMPONENTBUILDER_THE_FTP_SIGNATURE_FOR_BSB_WAS_NOT_WELL_FORMED_PLEASE_CHECK_
COM_COMPONENTBUILDER_THE_LOGIN_TO_BSB_HAS_FAILED_PLEASE_CHECK_THAT_YOUR_DETAILS_ARE_CORRECT="The login to <b>%s</b> has failed, please check that your details are correct!"
COM_COMPONENTBUILDER_THE_PACKAGE_KEY_IS_CODESCODE="The package key is: <code>%s</code>"
COM_COMPONENTBUILDER_THE_PACKAGE_KEY_IS_S="The package key is: %s"
COM_COMPONENTBUILDER_THE_PRIVATE_KEY_FIELD_COULD_NOT_BE_LOADED_FOR_BSB_SERVER="The private key field could not be loaded for <b>%s</b> server!"
COM_COMPONENTBUILDER_THE_PRIVATE_KEY_FILE_COULD_NOT_BE_LOADEDFOUND_FOR_BSB_SERVER="The private key file could not be loaded/found for <b>%s</b> server!"
COM_COMPONENTBUILDER_THE_SERVER_DETAILS_FOR_BID_SB_COULD_NOT_BE_RETRIEVED="The server details for <b>(ID: %s)</b> could not be retrieved!"
COM_COMPONENTBUILDER_THIS_PACKAGE_HAS_NO_KEY="This package has no key."