Kevin Day [Thu, 31 Aug 2017 07:19:37 +0000 (02:19 -0500)]
Bugfix: preserve current login path instead of always redirecting to /u/dashboard
If at a given path, such as '/u/view', on login, the default behavior should be to login at that location instead of redirecting to the dashboard.
Add missing include file.
Use c_standard_paths::URI_DASHBOARD_USER instead of the string '/u/dashboard'.
Kevin Day [Wed, 26 Jul 2017 22:13:09 +0000 (17:13 -0500)]
Progress: continue working on user view and related
Add missing functions to relevant tag generation functions.
Add additional text and translations.
Add user access history.
Error handling in user view generation is incomplete.
Kevin Day [Wed, 26 Jul 2017 17:24:58 +0000 (12:24 -0500)]
Progress: continued work on user and login, also miscellaneous fixes
Be sure to write to the connection log only after the session information has been loaded so that a valid session expires value is used.
The public user log table needs to have database-specific role and not standard role for insert access checks.
Process the database password failure string on login.
The table caption and caption tag code was not fully completed.
Style cleanups.
Kevin Day [Wed, 26 Jul 2017 02:17:47 +0000 (21:17 -0500)]
Progress: add table markup, populate user history information, fix time-related issues, and other fixes
Add basic support for generating table markup.
- This might be extra unnecessary code, but then again it allows for the functions to be extended so that <table> could potentially be replaced with <div>.
- Some of the markup tags are being renamed to improve readability.
Build a basic history information using the table markup.
- This is initially created as an example/concept and I intend to come back and finish it in the future.
Functions like s_get_date() should render localtime from a UTC timestamp, instead of UTC time from a UTC timestamp.
Kevin Day [Tue, 25 Jul 2017 21:30:32 +0000 (16:30 -0500)]
Cleanup: rename and relocate request path statistics database table
The context of the statistics is misleading, so rename the database and all related content to have HTTP in the name.
Move the code into the standard statistics sql file.
Kevin Day [Tue, 25 Jul 2017 18:11:06 +0000 (13:11 -0500)]
Bugfix: problems with cookies and related functions
The get_max_age() and get_expires() functions should support returning NULL.
The set_expires() function parameter tests are incorrect.
Try to return 0 for max age and expires.
- My documentation states that if both expires and max age are 0, then a session cookie is used.
- Therefore, avoid that until I have to double check the standards and my code.
I missed a few underscore to dash conversions in the HTTP header processing code.
Added a 'response_encoding' parameter so that I could quickly test and confirm if the encoding is causing any problems.
Kevin Day [Thu, 13 Jul 2017 03:04:23 +0000 (22:04 -0500)]
Bugfix: The global s_get_timestamp() function is returning current time instead of requested time
It looks like I copied the s_get_date() function and forgot to properly updated it (or got confused and forgot what I was working on).
Either way, the implementation is incorrect and does not produce the correct timestamp.
The function is rewritten to only support a time string to be formatted into a unix timestamp float.
The base_defaults_global implementation is also not consistent with the one in reservation_defaults_global.
The base_defaults_global is intended to be a default example implementation where reservation_defaults_global is an implementation specific to the reservation system.
The postgresql default datetime string format is provided as a global constant in the database class for consistency.
Kevin Day [Thu, 13 Jul 2017 02:07:38 +0000 (21:07 -0500)]
Update: Do not force '-' into '_' in HTTP Header names, handle extra names, update comments
Apache may provide header names with '_' in place of '-', causing problems.
The standard allows for '_' and as such '_' and '-' should be mutually exclusive.
My previous behavior is to force all '-' to '_', but I believe this to be bad practice as a default behavior.
I may come back and either provide commented out code, apache-specific tests, or an example patch to apache source code.
Each approach has its problems and advantages.
I will address that issue at a later time.
Handle additional known PHP-provided HTTP headers when getallheaders() is unavailable.
Update the comments in the header processing function.
Kevin Day [Thu, 15 Jun 2017 05:08:11 +0000 (00:08 -0500)]
Update: provide breadcrumbs at current path and plan on having login-specific path handling
This provides breadcrumbs 'at feet' instead of 'behind feet'.
The idea is that the breadcrumbs will show the current path as well as the path history (based on site structure, not browser/navigation history).
Plan on having the login handler provide (and possibly conditionally so) the path of the current page instead of the login page.
The login handler will show up on different pages than just 'u/login'.
Those pages should display their breadcrumb path instead of the login path (unless otherwise hidden).
One possible method is to pass the parent handler's path to the child path.
Kevin Day [Sat, 27 May 2017 02:40:52 +0000 (21:40 -0500)]
Progress: rolling out the roler, the "can manage roles" role
Using "can manage roles" was inconsistent with how I use the "is_X" role behavior but it is also similar enough that I feel that it should be an "is_X".
To try to make it consistent, I decided to invent a new word that fits the behavior: roler (Not to be confused with roller).
Just like how I abused the word "administrator" as "administer", I am abusing the words "role manager" as "roler".
Kevin Day [Sat, 27 May 2017 02:05:41 +0000 (21:05 -0500)]
Progress: further work on user view page, documentation changes, more global constants, try to get more consistent return types
One of the downsides of my design is the complex return type handling.
The code because easier when tests do not have to be performed.
I want to provide a way to return a class as a default but provide a way to say that there was no value stored.
Instead of returning the NULL return type class, return the preferred class with an error flag set to "not defined".
This simplifies the code, especially some of the code used on the user view page.
Kevin Day [Tue, 23 May 2017 02:15:10 +0000 (21:15 -0500)]
Bugfix: add missing column 'can_manage_roles' in public.v_users_self
I originally intended to only provide the necessary columns.
However, in an attempt to simplify the PHP end of this, I decided to add NULL columns for such cases.
When I did this, I overlooked the 'can_manage_roles' column.
Looking at this, I might also be better of setting the values to FALSE instead of null::bool where is can be easily determined to be FALSE.
I ended up creating a new class called c_base_array when implementing the breadcrumb functionality.
I plan to eventually convert all related/similar types into this class.
User setting pages have some initial work completed.
Kevin Day [Wed, 3 May 2017 21:01:21 +0000 (16:01 -0500)]
Progress: standard path structure and functionality and other changes
Made changes to the standard path structure and functionality.
It should be more extensible because the create html function has been exploded into multiple sub-parts via protected functions.
Kevin Day [Wed, 3 May 2017 02:54:16 +0000 (21:54 -0500)]
Cleanup: re-structure the database sql for standard and reservation
To avoid having duplicate queries, I moved all the permission related information for standard into a separate sql file.
- This allows for referencing the standard sql files as part of the install, without having to modify them for name changes.
The only files that should need to be replaced from standard are standard-first.sql, standard-permissions.sql, and standard-last.sql.
I changed all references of u_standard and r_standard to u_reservation and r_reservation to generate the reservation specific versions of standard-first.sql, standard-permissions.sql, and standard-last.
- These changes were saved in their respective reservation equivalent files: reservation-first.sql, reservation-permissions.sql, and reservation-last.
While making these changes, I noticed that there is a way to disable all triggers for a table so that I can alter content without a trigger being 'triggered'.
- This made it easy for me to move some special cases to the standard-permissions.sql file.
Kevin Day [Tue, 2 May 2017 21:42:03 +0000 (16:42 -0500)]
Progress: standard path design, database accounts, database logging, and other fixes
Move all of the execute parameters into the c_standard_path class so that it does not have to be passed to every function.
- Down the road, I may just have the execution function without parameters and use a separate function for assigning the parameters to the class.
Make sure the database accounts exist in the user table.
- Ldap synchronization on login is now functioning.
- Non-LDAP does not synchronize or change account settings on login.
- There is currently no 3rd-party database/structure/design to use as a basis for auto-assigning roles, therefore roles must be manually assigned to the each user.
- This manual assignment will still auto-update the postgresql roles, so only the is_* columns need to be altered and postgresql roles will automatically follow via triggers.
The first part of the database logging is setup and working.
- There is much more work to do.
Kevin Day [Tue, 2 May 2017 19:12:14 +0000 (14:12 -0500)]
Progress: log tables and related code out of sync and other fixes
The log settings became noticably out of date between the code and the database.
Significant changes are made, dealing with the database and its usage.
Switched to timezone that supports timezone by default and then set standard behavior to use UTC timezone.
Kevin Day [Tue, 2 May 2017 05:08:52 +0000 (00:08 -0500)]
Progress: move code from reservation to standard and other fixes
I've now determined what would be a good basis for using a 'standard' structure.
Standard would be a minimal website used by most of my projects here, but it is not part of the base so that other developers do not have to use it at all.
This allows for more development flexibility while still providing a common default.
Most of the reservation example program code was moved into standard, including sql code.
Kevin Day [Fri, 28 Apr 2017 03:28:43 +0000 (22:28 -0500)]
Progress: more development with paths, additional html processing,
More work with paths.
Add additional data to HTML, restructuring code as necessary.
- Now includes class names by date and path (assigned to <body>).
- Add sanitizer, I used drupal 7's css sanitizer as a reference (just their preg_replace() part).
Functions like get_is_root() is a bit awkward, change the behavior and name to be more suitable.
- get_is_root() and set_is_root() are both now is_root() such that is_root() functions as get_is_root() when no parameters are specified and functions as set_is_root() when parameters are specified.
- this is repeated for all other similar functions.
I decided to separate /a/ paths into two paths:
- /a/ - administrative paths (for advanced and technical administration).
- /m/ - management paths (which is where most of the non-user related website logged in access will be involved in).
Kevin Day [Wed, 26 Apr 2017 13:21:32 +0000 (08:21 -0500)]
Bugfix: internal pages were not processing language after redesign and use fix paths output handling
When I wrote the language handling into the initial setting load function and then changed the output handling to be more dynamic, I forgot to update p_include_path().
Get rid of the loop when deciding the language include file suffix and only use the last entry in the aliases array (generally the shortest).
There were some cases where I was still using $this->html instead of $this->content.
Be more consistent by using $this->output instead of $this->content.
Kevin Day [Wed, 26 Apr 2017 03:25:00 +0000 (22:25 -0500)]
Progress: more path management changes, imrpove languages support, and other fixes
Continue developing path handling functionality.
I've decided to implement language handling as sub-classes, using japanese as the first language to test with.
Other bugfixes and tweaks.
Kevin Day [Wed, 19 Apr 2017 18:53:47 +0000 (13:53 -0500)]
Progress: improve language support when using global data, add headers in some tests programs, and fix language related issues
When I moved languages into the global defaults class, I missed a few chunks of code that needed to be updated.
I noticed that some of the tests were not printing any headers.
Allow for setting content-language with multiple languages, as is the case with one of the tests using japanese and english.
Kevin Day [Wed, 19 Apr 2017 14:52:33 +0000 (09:52 -0500)]
Update: implement and use more global values, simplify http response return values, implement content-range, other changes/fixes
The time functions have been moved into the global default class.
The http language class has been moved into the global default class.
The return values for HTTP response functions have been set to their specific type, instead of always FALSE.
This makes it easier to handle the return value without caring about errors.
Any unsupported functionality continues to return FALSE until such time I read the appropriate part of the standards and implement the functionality.
Content-Range response is now implemented.
I noticed that I have been inconsistently using $ps_ and $s_ for private static class variables.
I removed $ps_ that in favor of $s_ only because it was the simpler change.
I may end up coming back later and changing all private static to $ps_ (or not..).
While making the time values global, I noticed that PHP does not always guarantee microseconds to be populated.
Special handling is necessary and so I created more global static functions to handle this complicated situation.
I've observed and fixed some simple mistakes, bugs, typos, etc...
Kevin Day [Fri, 7 Apr 2017 05:32:59 +0000 (00:32 -0500)]
Progress: work on path handling, other minor changes
I changed my approach half-way through this and will need to come back and clean out a lot of unecessary code.
Some decisions still need to be made on certain aspects.
Kevin Day [Wed, 5 Apr 2017 02:52:23 +0000 (21:52 -0500)]
Update: improve return values used in c_base_utf8 class functions (and related)
I believe I was returning TRUE/FALSE types out of habit and for consistency.
For string processing functions, it makes far more sense to always return a c_base_return_string.
This simplifies the code the caller has to write.
The caller can still identify errors using the c_base_return::s_has_error() function.
The caller need only to call ->get_value_exact() if they do not care whether an error occured.
This will always return a string (and on error, it returns an empty string).
Kevin Day [Sat, 1 Apr 2017 06:05:11 +0000 (01:05 -0500)]
Update: rework access control to be automatic based on is_* roles in the t_users table
Instead of trying to use select queries on every statement based on a users role, have the database automatical grant/revoke roles based on column settings in the s_tables.t_users table.
u_public and r_public have been renamed to be u_reservation_public and r_reservation_public to keep all roles self-contained.
name_machine fields should now only allow word characters.
Kevin Day [Thu, 30 Mar 2017 17:34:35 +0000 (12:34 -0500)]
Progress: improve access control database structure and other changes
Numerous changes, but there has been a huge focus on access control changes.
It occurred to me that if an account was locked or deleted, then they should be denied access to all of the views (with exception of the current user views).
This required a notable structural change.
The tables are now stored in the s_table schema.
In case accounts get locked, even administer accounts, access should be disabled.
I did not get the time to convert all of the administer and manager roles to be restricted to views but will eventually do so.
Kevin Day [Sat, 4 Mar 2017 04:45:15 +0000 (22:45 -0600)]
Progress: continuing development, http headers work
There is still a lot more to go, but this resolves some of the @todo's in the http headers class.
I have noticed that in some cases I called a prepare_token function and the return value has parsed in the name.
- The parsed name is used for parsing functions and generally returns an array.
- Based on the name, I could easily mistake the purpose of the return value for the prepare_token (or similar) functions.
- These prepare functions now use prepared in place of parsed to make reading the code more consistent.
- There are some functions that make this incorrect interpretation and they must be rewritten accordingly.
Kevin Day [Fri, 3 Mar 2017 07:23:53 +0000 (01:23 -0600)]
Progress: continuing development, updated test example, added language testing, miscellaneous fixes
Did some testing and made sure the test example was working.
Added some languages for testing.
- I specifically added japanese as a language to test for error messages because it is so different from english.
- It is not practical to implement the error messages class for many languages right now because I expect major refactoring as I continue coding.
- Another simple language test is added, testing the languages: russian, spanish, japanese, and english.
Kevin Day [Sat, 25 Feb 2017 01:18:28 +0000 (19:18 -0600)]
Progress: continuing development, database work, use c_base_return on more classes, and fix inconsistencies
Further work on building the database structure.
Added some missing roles:
- Requester
- Editor
A number of inconsistencies have been identified and resolved.
After reviewing my use of c_base_cookie as extending the class c_base_return, I have decided that to do that everywhere possible.
This simplifies the return structure that I complicated when I decided to use the c_base_return return type development design.
I noticed that there is still some cookie functionality that I could implement.
This adds support for 'same site' and 'host only'.
These are functionally equivalent except that I think 'same site' is a little more granular.
This also adds one of my test scripts under examples.
It is very likely not completely up to date with the database changes.
Kevin Day [Wed, 22 Feb 2017 04:55:04 +0000 (22:55 -0600)]
Progress: continuing development, more http header support, implemented error reporting
I noticed that there are a lot of incomplete functions in the http class.
This, in particular, implements cookie support.
There is still a lot more incomplete code in the http class.
My initial error reporting work is done.
Expect major refactoring as I continue developing.
After some testing, I have foind the php-xz module to be lacking and defunct.
I also noticed that there are multiple relevant repositories to choose from (added both to documentation).
Kevin Day [Sat, 18 Feb 2017 22:41:18 +0000 (16:41 -0600)]
Progress: continuing development, adding examples and example program: reservation
For the sake of functionality and time, I implemented a straight-forward HTML class.
I will come back later to work on CML that will be an attempt to separate the context from the content, even in the code.
There is a (currently) experimental program called reservation.
This is a reservation/scheduling system that is currently under design and will be used as a functional example for using this site.
It currently requires LDAP and a few other custom/experimental software that is to follow.
The sql code is postgresql-specific.
Other examples are included in the example direction.
There are some theme files that I am probably not going to use and may remove in the future.
Kevin Day [Sat, 17 Dec 2016 20:24:08 +0000 (14:24 -0600)]
Update: initial import, including incomplete work
I wanted to complete all of the common/base work first, but I ended up getting side-tracked.
With the holidays, I realize that I would not finish this in time and I needed to at the very least ensure all of my hard work is not lost.
Much of the base work is complete except for the following:
- HTML and HTML tag related processing.
- Form processing.
I have not decided how I want to design forms and I expect this to be the weakest part of my code design.
How this will end up being developed will directly affect how the HTML processing code is built.