janis/system0-2.0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding updated code

Browse Source
This commit is contained in:
Janis Steiner
2024-06-18 09:36:11 +01:00
parent 0aaa1964fb
commit 0d7038c4b6
29 changed files with 4350 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
sys0-code/app/bugreport.php Normal file
View File

@@ -0,0 +1,74 @@
<!DOCTYPE html>
<html>
<?php
// Initialize the session
session_start();
include "../config/config.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: /login/login.php");
exit;
}
$username=htmlspecialchars($_SESSION["username"]);
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
$(document).ready(function(){
$('#footer').load("/assets/html/footer.html");
});
}
</script>
<?php
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<?php echo(" <body style='background-color:$color'> ");?>
<div id="content"></div>
<head>
<title>Bug report</title>
</head>
<body>
<div class="center-container" style="min-height: 95vh;">
<div class="container">
<div class="container mt-5 text-center">
<h1>Fehler melden</h1>
<form method="post" action="bugreport.php?sent">
<div class="form-group">
<label class="my-3" for="bugDescription">Beschreibung des Fehlers:</label>
<textarea class="form-control mx-auto" id="bugDescription" name="bug" rows="5" style="width:50%;" required></textarea>
</div>
<div class="form-group">
<label class="my-3" for="email">Deine Email für weitere Nachfragen (optional)</label>
<input type="text" class="form-control mx-auto" id="email" name="email" style="width:50%;" value="<?php echo($_SESSION["username"]); ?>">
</div>
<button type="submit" class="btn btn-dark my-5">abschicken</button>
</form>
<?php
if(isset($_GET["sent"]))
{
$email = htmlspecialchars($_POST["email"]);
$bug = htmlspecialchars($_POST["bug"]);
$text = urlencode("JWAF INFORMATION:\nuser: $username;\nemail: $email\nbug: $bug\nEND");
exec("curl \"https://api.telegram.org/$api/sendMessage?chat_id=$chat_id&text=$text\"");
echo '<div class="alert alert-success" role="alert">Vielen Dank, deine Fehlermeldung ist bei uns angekommen und wir kümmern uns darum.</div>';
}
?>
</div>
</div>
</div>
<div id="footer"></div>
</body>
</html>

199
sys0-code/app/cloud.php Normal file
View File

@@ -0,0 +1,199 @@
<!DOCTYPE html>
<html>
<?php
// Initialize the session
session_start();
include "../config/config.php";
include "../api/queue.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true or $_SESSION["role"][1]!="1"){
header("location: /login/login.php");
exit;
}
$username=htmlspecialchars($_SESSION["username"]);
$id=$_SESSION["id"];
$username=$_SESSION["username"];
$file_upload_err="nan";
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
}
</script>
<?php
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<?php $color=$_SESSION["color"]; ?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
function get_base64_preview($filename){
$base64="";
$file=fopen($filename,"r");
$start=-1;
while(!feof($file)&&$start!=0){
$buf=fgets($file);
if(stripos($buf,"thumbnail end")!==false)
$start=0;
if($start==1)
$base64.=$buf;
if(stripos($buf,"thumbnail begin")!==false)
$start=1;
}
fclose($file);
$base64=str_replace(";","",$base64);
$base64=str_replace(" ","",$base64);
return $base64;
}
if(isset($_GET["delete"])){
$path="/var/www/html/user_files/$username/".str_replace("..","",htmlspecialchars($_GET["delete"]));
unlink($path);
}
if(isset($_GET["public"])){
$path="/var/www/html/user_files/$username/".str_replace("..","",htmlspecialchars($_GET["public"]));
$public_path="/var/www/html/user_files/public/".str_replace("..","",htmlspecialchars($_GET["public"]));
copy($path,$public_path);
}
if(!empty($_FILES['file']))
{
$ok_ft=array("gcode","");
$unwanted_chr=[' ','(',')','/','\\','<','>',':',';','?','*','"','|','%'];
$filetype = strtolower(pathinfo($_FILES['file']['name'],PATHINFO_EXTENSION));
$path = "/var/www/html/user_files/$username/";
$filename=basename( $_FILES['file']['name']);
$filename=str_replace($unwanted_chr,"_",$filename);
$path = $path . $filename;
if(!in_array($filetype,$ok_ft))
{
$file_upload_err="Dieser Dateityp wird nicht unterstüzt.";
}
else
{
if(move_uploaded_file($_FILES['file']['tmp_name'], $path)) {
$file_upload_err="ok";
}
else
{
$file_upload_err="Ein Fehler beim Uploaden der Datei ist aufgetreten! Versuche es erneut!";
}
}
unset($_FILES['file']);
}
?>
<div id="content"></div>
<head>
<title>Eigene Dateien</title>
</head>
<body>
<div class="container mt-4" style="height: auto;min-height:100vh">
<div class="row justify-content-center">
<!--<div style="width: 90vh">-->
<?php
if(!empty($file_upload_err)&&$file_upload_err!="nan"&&$file_upload_err!="ok")
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>$file_upload_err</div></center>");
else if($file_upload_err!="nan")
echo("<center><div style='width:50%' class='alert alert-success' role='alert'>Datei wurde hochgeladen</div></center>");
?>
<h1>Eigene Dateien</h1>
<div class="container">
<button type="button" class="btn btn-link" data-bs-toggle="modal" data-bs-target="#upoload_file" id="lnk_1">Datei Hochladen</button>
<form action="cloud.php" method="POST">
<input type="text" name="search" placeholder="Suchbegriff">
<button type="submit" class="btn btn-dark my-5">Suchen</button>
</form>
<div style="overflow-y:auto;overflow-x:auto">
<table class="table">
<thead>
<tr>
<th>Preview</th>
<th>File Name</th>
<th>Print File</th>
<th>Delete File</th>
<th>Download File</th>
<th>Make Public</th>
</tr>
</thead>
<tbody>
<?php
$directory = "/var/www/html/user_files/$username/"; // Replace with the actual path to your directory
// Check if the directory exists
if (is_dir($directory)) {
$files = glob($directory . '/*.gcode');
// Iterate through the files and display them in the table
$count = 1;
foreach ($files as $file) {
if(isset($_POST["search"])){
if (stripos(basename($file), $_POST["search"]) !== false) {
echo '<tr>';
echo '<td><img style="display:block; width:100px;height:100px;" id="base64image" src="data:image;base64,' . get_base64_preview($file) . '"/></td>';
echo '<td>' . basename($file) . '</td>';
echo '<td><a href="print.php?cloudprint='.basename($file).'">Drucken</a></td>';
echo "<td><a href='cloud.php?delete=".basename($file)."' >" . "Löschen" . '</a></td>';
echo "<td><a href='/user_files/$username/".basename($file)."' download>" . "Herunterladen" . '</a></td>';
echo "<td><a href='cloud.php?public=".basename($file)."'>Öffentlich verfügbar machen</a></td>";
echo '</tr>';
}
}else{
echo '<tr>';
echo '<td><img style="display:block; width:100px;height:100px;" id="base64image" src="data:image;base64,' . get_base64_preview($file) . '"/></td>';
echo '<td>' . basename($file) . '</td>';
echo '<td><a href="print.php?cloudprint='.basename($file).'">Drucken</a></td>';
echo "<td><a href='cloud.php?delete=".basename($file)."' >" . "Löschen" . '</a></td>';
echo "<td><a href='/user_files/$username/".basename($file)."' download>" . "Herunterladen" . '</a></td>';
echo "<td><a href='cloud.php?public=".basename($file)."'>Öffentlich verfügbar machen</a></td>";
echo '</tr>';
}
}
} else {
echo '<tr><td colspan="2">Directory not found</td></tr>';
}
?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div class="modal fade" id="upoload_file" tabindex="1" role="dialog" aria-labelledby="upoload_file" aria-hidden="false">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="exampleModalLabel">Datei Hochladen</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<form action="cloud.php" method="post" enctype="multipart/form-data">
<div class="mb-3">
<label for="file" class="form-label">Datei wählen:</label>
<input type="file" class="form-control" id="file" name="file" required accept=".gcode">
</div>
<button type="submit" class="btn btn-dark">Upload</button> <br>
</form>
</div>
</div>
</form>
</div>
</div>
<div id="footer"></div>
</body>
</html>

232
sys0-code/app/create_admin.php Normal file
View File

@@ -0,0 +1,232 @@
<?php
// Initialize the session
session_start();
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][5]!== "1"){
header("location: /login/login.php");
exit;
}
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
$(document).ready(function(){
$('#footer').load("/assets/html/footer.html");
});
}
load_user();
</script>
<?php
// Include config file
require_once "../config/config.php";
include "../log/log.php";
include "permission_functions.php";
// Define variables and initialize with empty values
$username = $password = $confirm_password = "";
$role="admin";
$username_err = $password_err = $confirm_password_err = "";
$err="";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Validate username
if(empty(trim($_POST["username"]))){
$err = "Please enter a username.";
} elseif(!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))){
$err = "Username can only contain letters, numbers, and underscores.";
$username = htmlspecialchar(trim($_POST["username"]));
log_("User tried to create new account with illegal characters: $username","ACCOUNT_CREATE:FAILURE");
} else{
// Prepare a select statement
$sql = "SELECT id FROM users WHERE username = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = trim($_POST["username"]);
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
/* store result */
mysqli_stmt_store_result($stmt);
if(mysqli_stmt_num_rows($stmt) == 1){
$err = "This username is already taken.";
$username = htmlspecialchars(trim($_POST["username"]));
log_("User tried to create new account with allready taken username $username","ACCOUNT_CREATE:FAILURE");
} else{
$username = htmlspecialchars(trim($_POST["username"]));
}
} else{
log_("$username tried to create account. Undefind failure","ACCOUNT_CREATE:FAILURE");
echo "<div class='alert alert-danger' role='alert'>Oops! Something went wrong. Please try again later.</div>";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Validate password
if(empty(trim($_POST["password"]))){
$err = "Please enter a password.";
} elseif(strlen(trim($_POST["password"])) < 6){
$err = "Password must have atleast 6 characters.";
} else if(strlen(trim($_POST["new_password"])) > 96)
{
$login_err = "Password cannot have more than 96 characters.";
}else{
$password = trim($_POST["password"]);
}
// Validate confirm password
if(empty(trim($_POST["confirm_password"]))){
$err = "Please confirm password.";
} else{
$confirm_password = trim($_POST["confirm_password"]);
if(empty($err) && ($password != $confirm_password)){
$err = "Password did not match.";
}
}
// Check input errors before inserting in database
if(empty($err)){
// Prepare an insert statement
$sql = "INSERT INTO users (username, password, role,notification_telegram,notification_mail) VALUES (?, ?, ?,?,?)";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
$tel=0;
$mail=1;
mysqli_stmt_bind_param($stmt, "sssii", $param_username, $param_password, $role,$tel,$mail);
// Set parameters
$tel=0;
$mail=1;
$param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash
$role=get_perm_string();
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Redirect to login page
mkdir("/var/www/html/user_files/$username");
header("LOCATION: /app/overview.php");
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($link);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Sign Up</title>
</head>
<?php echo(" <body style='background-color:$color'> ");
echo("<div id='content'></div>");?>
<div class="container">
<div class="d-flex align-items-center justify-content-center vh-100">
<div class="container">
<div class="row justify-content-center">
<div class="col-md-6">
<h3 class="text-center">Account erstellen</h3>
<form action="" method="post">
<div class="form-group mb-3">
<label for="username">Neuer Benutzername:</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="form-group mb-3">
<label for="pwd">Neues Passwort:</label>
<input type="password" class="form-control" id="pwd" name="password" required>
</div>
<div class="form-group mb-3">
<label for="pwd">Neues Passwort bestätigen:</label>
<input type="password" class="form-control" id="pwd" name="confirm_password" required>
</div>
<div class="form-group mb-3">
<h5>Berechtigungen</h5>
<table class="table">
<thead><tr><td>Berechtigung</td><td>Berechtigung erteilen</td></tr></thead>
<tbody>
<tr>
<td>Datei Drucken</td>
<td><input class="form-check-input" type="checkbox" value="" name="print"></td>
</tr>
<tr>
<td>Private Cloud</td>
<td><input class="form-check-input" type="checkbox" value="" name="private_cloud"></td>
</tr>
<tr>
<td>Öffentliche Cloud</td>
<td><input class="form-check-input" type="checkbox" value="" name="public_cloud"></td>
</tr>
<tr>
<td>Alle Drucker abbrechen / freigeben</td>
<td><input class="form-check-input" type="checkbox" value="" name="printer_ctr_all"></td>
</tr>
<tr>
<td>Benutzereinstellungen ändern</td>
<td><input class="form-check-input" type="checkbox" value="" name="change_user_perm"></td>
</tr>
<tr>
<td>Administratoren erstellen</td>
<td><input class="form-check-input" type="checkbox" value="" name="create_admin"></td>
</tr>
<tr>
<td>Log ansehen</td>
<td><input class="form-check-input" type="checkbox" value="" name="view_log"></td>
</tr>
<tr>
<td>System0 APIkey ansehen</td>
<td><input class="form-check-input" type="checkbox" value="" name="view_apikey"></td>
</tr>
<tr>
<td>Druckschlüssel erstellen</td>
<td><input class="form-check-input" type="checkbox" value="" name="create_key"></td>
</tr>
<tr>
<td>Debug</td>
<td><input class="form-check-input" type="checkbox" value="" name="debug"></td>
</tr>
<tr>
<td>Alle Dateien von Öffentlicher Cloud Löschen</td>
<td><input class="form-check-input" type="checkbox" value="" name="delete_from_public_cloud"></td>
</tr>
</tbody>
</table>
</div>
<button type="submit" name="submit" class="btn btn-dark">Create Account</button><br><br>
</form>
<?php
if(!empty($err)){
echo '<div class="alert alert-danger">' . $err . '</div>';
}
?>
</div>
</div>
</div>
</div>
</div>
<div id="footer"></div>
</body>
</html>

84
sys0-code/app/create_key.php Normal file
View File

@@ -0,0 +1,84 @@
<?php
// Initialize the session
session_start();
require_once "../config/config.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][8]!=="1"){
header("location: /login/login.php");
exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Account Einstellungen</title>
</head>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<?php echo(" <body style='background-color:$color'> ");?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
}
</script>
<?php
$username=$_SESSION["username"];
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<?php
function generate_key($length = 12) {
$characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$password = '';
for ($i = 0; $i < $length; $i++) {
$randomIndex = rand(0, strlen($characters) - 1);
$password .= $characters[$randomIndex];
}
return $password;
}
?>
<div id="content"></div>
<!--Account things-->
<div class="container mt-5" style="min-height: 95vh;">
<div class="row justify-content-center">
<div class="col-md-6 p-4">
<h1 class="mb-2">Druckschlüssel Generieren</h1>
<br>
<p>
Ein Druckschlüssel ist ein Code, welcher ein Benutzer benutzen kann, um einen Druckauftrag zu starten.
</p>
<form action="create_key.php?create=true" method="post">
<button type="submit" value="create_key" class="btn btn-dark">Neuen Druckschlüssel generieren</button>
</form>
</div>
<?php
if (isset($_GET["create"])){
$key=generate_key();
$sql = "INSERT INTO print_key (print_key) VALUES (?)";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "s", $key);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
echo("<center>You key got added to the database, it can now be used to print files.<br>key: $key</center>");
}
?>
</div>
</div>
<div class="mt-5" id="footer"></div>
</html>

267
sys0-code/app/debug.php Normal file
View File

@@ -0,0 +1,267 @@
<!DOCTYPE html>
<html>
<?php
// Initialize the session
session_start();
include "../config/config.php";
include "./api/queue.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][9]!=="1"){
header("location: /login/login.php");
exit;
}
$username=htmlspecialchars($_SESSION["username"]);
$id=$_SESSION["id"];
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
}
function update_input(input,action,id){
var selector=document.getElementById(input);
var selector_value=selector.value;
fetch("/api/printer_settings.php?action="+action+"&value="+selector.value+"&id="+id);
}
function delete_input(input,action,id,row){
var selector=document.getElementById(input);
var selector_value=selector.value;
fetch("/api/printer_settings.php?action="+action+"&value="+selector.value+"&id="+id);
document.getElementById("table1").deleteRow(row);
}
</script>
<?php
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<?php $color=$_SESSION["color"]; ?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<div id="content"></div>
<head>
<title>Drucker Einstellungen</title>
</head>
<body>
<div class="container mt-5" style="min-height: 95vh;">
<div class="row justify-content-center">
<div style="width: 100hh">
<h1>Druckerfreigabe erzwingen (falls beim freigeben Fehlermeldungen angezeigt werden)</h1>
<?php
if(isset($_POST['free']))
{
$printer_id=htmlspecialchars($_GET['free']);
$sql="select used_by_userid from printer where id=$printer_id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
$sql="update printer set free=1,printing=0,cancel=0 ,used_by_userid=0 where id=$printer_id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
}
if($_GET["action"]=="add_filament"){
$name=$_POST["filament_name"];
$id=$_POST["filament_id"];
$sql="INSERT INTO filament (internal_id,name) VALUES ($id,'$name')";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
}
$cnt=0;
$url="";
$apikey="";
$sql="select count(*) from printer where free=0";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
//echo($cnt);
echo("<div class='container'><div class='row'><div class='col'><div class='overflow-auto'><table class='table'><thead><tr><th>Druckerid</th><th>Freigeben</th></tr></thead><tbody>");
$last_id=0;
while($cnt!=0)
{
$userid=0;
$sql="select id,printer_url,apikey,cancel,used_by_userid from printer where free=0 and id>$last_id ORDER BY id";
$cancel=0;
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $printer_id,$url,$apikey,$cancel,$userid);
mysqli_stmt_fetch($stmt);
$last_id=$printer_id;
$used_by_user="";
$sql="select username from users where id=$userid";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $used_by_user);
mysqli_stmt_fetch($stmt);
echo("<tr><td>$printer_id</td><td><form method='POST' action='?free=$printer_id'><button type='submit' value='free' name='free' class='btn btn-dark'>Free</button></form></tr>");
$cnt--;
}
echo("</tbody></table></div></div></div></div>");
?>
<br><br>
<!-- Rotation der Druckerkameras: -->
<h1>Rotation der Druckerkameras</h1>
<?php
//list printers => form => action=rot&rot=180
$cnt=0;
$url="";
$apikey="";
$sql="select count(*) from printer";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
//echo($cnt);
echo("<div class='container'><div class='row'><div class='col'><div class='overflow-auto'><table class='table'><thead><tr><th>Druckerid</th><th>Rotation</th></tr></thead><tbody>");
$last_id=0;
$rotation=0;
while($cnt!=0)
{
$userid=0;
$sql="select rotation,id from printer where id>$last_id ORDER BY id";
$cancel=0;
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $rotation,$printer_id);
mysqli_stmt_fetch($stmt);
$last_id=$printer_id;
$used_by_user="";
echo("<tr><td>$printer_id</td><td><form method='POST' action='?id=$printer_id'><input type='number' value='$rotation' id='rotation$printer_id' name='rotation' placeholder='rotation (deg)' oninput='update_input(\"rotation$printer_id\",\"update_rotation\",\"$printer_id\");'></input></td></form></tr>");
$cnt--;
}
echo("</tbody></table></div></div></div>");
?>
<br><br>
<h1>Filamentfarbe</h1>
<?php
//list printers => form => color
$cnt=0;
$url="";
$apikey="";
$sql="select count(*) from printer";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
//echo($cnt);
echo("<div class='container'><div class='row'><div class='col'><div class='overflow-auto'><table class='table'><thead><tr><th>Druckerid</th><th>Rotation</th></tr></thead><tbody>");
$last_id=0;
$color="";
while($cnt!=0)
{
$userid=0;
$sql="select color,id from printer where id>$last_id ORDER BY id";
$cancel=0;
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $color,$printer_id);
mysqli_stmt_fetch($stmt);
$last_id=$printer_id;
$used_by_user="";
echo("<tr><td>$printer_id</td><td><form method='POST' action='?id=$printer_id'><input type='text' id='color$printer_id' value='$color' name='color' placeholder='Filamentfarbe' oninput='update_input(\"color$printer_id\",\"update_color\",\"$printer_id\");'></input></td></form></tr>");
$cnt--;
}
echo("</tbody></table></div></div></div>");
echo("</div>");
?>
<h1>Filamente</h1>
<?php
//list printers => form => color
$cnt=0;
$url="";
$apikey="";
$sql="select count(*) from filament";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
//echo($cnt);
echo("<div class='container'><div class='row'><div class='col'><div class='overflow-auto'><table class='table' id='table1'><thead><tr><th>Filamente</th><th>Farbe</th><th>Hinzufügen/Löschen</th></tr></thead><tbody>");
//form to add a color
echo("<form action='debug.php?action=add_filament' method='post'>");
echo("<td><input type='number' placeholder='Filament id' name='filament_id' required></input></td>");
echo("<td><input type='text' placeholder='filament Farbe' name='filament_name' required></input></td>");
echo("<td><button type='submit' value='add' class='btn btn-primary'>Hinzufügen</button></td>");
echo("</form>");
$last_id=0;
$color="";
$id=0;
$row=1;
while($cnt!=0)
{
$userid=0;
$sql="select id,name,internal_id from filament where id>$last_id ORDER BY id";
$cancel=0;
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt,$id, $color,$printer_id);
mysqli_stmt_fetch($stmt);
$last_id=$id;
$used_by_user="";
$row++;
echo("<tr><td>$printer_id</td><td><form method='POST' action='?id=$printer_id'><input type='text' id='filament$printer_id' value='$color' name='color' placeholder='Filamentfarbe' oninput='update_input(\"filament$printer_id\",\"update_filament\",\"$printer_id\");'></input></td></form><td><button class='btn btn-danger' onclick='delete_input(\"filament$printer_id\",\"delete_filament\",\"$printer_id\",$row);'>Löschen</button></td></tr>");
$cnt--;
}
echo("</tbody></table></div></div></div>");
echo("</div>");
?>
<?php
test_queue($link);
?>
</div>
</div>
</div>
</div>
<div id="footer"></div>
</body>
</html>

87
sys0-code/app/disclaimer.php Normal file
View File

@@ -0,0 +1,87 @@
<?php
session_start();
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
$auth=false;
}
else
{
$auth=true;
}
?>
<head>
<title>Privacy Policy</title>
</head>
<?php
include "../assets/components.php";
?>
<?php $color=$_SESSION["color"]; ?>
<?php echo(" <body style='background-color:$color'> ");?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
$(document).ready(function(){
$('#footer').load("/assets/html/footer.html");
});
}
</script>
<?php
$username=$_SESSION["username"];
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<div id="content"></div>
<div class="m-3">
<h1>Disclaimer</h1>
<p>Last updated: December 18, 2023</p>
<h1>Interpretation and Definitions</h1>
<h2>Interpretation</h2>
<p>The words of which the initial letter is capitalized have meanings defined under the following conditions.
The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.</p>
<h2>Definitions</h2>
<p>For the purposes of this Disclaimer:</p>
<ul>
<li><strong>Company</strong> (referred to as either &quot;the Company&quot;, &quot;We&quot;, &quot;Us&quot; or &quot;Our&quot; in this Disclaimer) refers to jakach.</li>
<li><strong>Service</strong> refers to the Website.</li>
<li><strong>You</strong> means the individual accessing the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.</li>
<li><strong>Website</strong> refers to system0, accessible from <a href="https://app.ksw3d.ch" rel="external nofollow noopener" target="_blank">app.ksw3d.ch</a></li>
</ul>
<h1>Disclaimer</h1>
<p>The information contained on the Service is for general information purposes only.</p>
<p>The Company assumes no responsibility for errors or omissions in the contents of the Service.</p>
<p>In no event shall the Company be liable for any special, direct, indirect, consequential, or incidental damages or any damages whatsoever, whether in an action of contract, negligence or other tort, arising out of or in connection with the use of the Service or the contents of the Service. The Company reserves the right to make additions, deletions, or modifications to the contents on the Service at any time without prior notice. This Disclaimer has been created with the help of the <a href="https://www.privacypolicies.com/disclaimer-generator/" target="_blank">Disclaimer Generator</a>.</p>
<p>The Company does not warrant that the Service is free of viruses or other harmful components.</p>
<h1>External Links Disclaimer</h1>
<p>The Service may contain links to external websites that are not provided or maintained by or in any way affiliated with the Company.</p>
<p>Please note that the Company does not guarantee the accuracy, relevance, timeliness, or completeness of any information on these external websites.</p>
<h1>Errors and Omissions Disclaimer</h1>
<p>The information given by the Service is for general guidance on matters of interest only. Even if the Company takes every precaution to insure that the content of the Service is both current and accurate, errors can occur. Plus, given the changing nature of laws, rules and regulations, there may be delays, omissions or inaccuracies in the information contained on the Service.</p>
<p>The Company is not responsible for any errors or omissions, or for the results obtained from the use of this information.</p>
<h1>Fair Use Disclaimer</h1>
<p>The Company may use copyrighted material which has not always been specifically authorized by the copyright owner. The Company is making such material available for criticism, comment, news reporting, teaching, scholarship, or research.</p>
<p>The Company believes this constitutes a &quot;fair use&quot; of any such copyrighted material as provided for in section 107 of the United States Copyright law.</p>
<p>If You wish to use copyrighted material from the Service for your own purposes that go beyond fair use, You must obtain permission from the copyright owner.</p>
<h1>Views Expressed Disclaimer</h1>
<p>The Service may contain views and opinions which are those of the authors and do not necessarily reflect the official policy or position of any other author, agency, organization, employer or company, including the Company.</p>
<p>Comments published by users are their sole responsibility and the users will take full responsibility, liability and blame for any libel or litigation that results from something written in or as a direct result of something written in a comment. The Company is not liable for any comment published by users and reserves the right to delete any comment for any reason whatsoever.</p>
<h1>No Responsibility Disclaimer</h1>
<p>The information on the Service is provided with the understanding that the Company is not herein engaged in rendering legal, accounting, tax, or other professional advice and services. As such, it should not be used as a substitute for consultation with professional accounting, tax, legal or other competent advisers.</p>
<p>In no event shall the Company or its suppliers be liable for any special, incidental, indirect, or consequential damages whatsoever arising out of or in connection with your access or use or inability to access or use the Service.</p>
<h1>&quot;Use at Your Own Risk&quot; Disclaimer</h1>
<p>All information in the Service is provided &quot;as is&quot;, with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose.</p>
<p>The Company will not be liable to You or anyone else for any decision made or action taken in reliance on the information given by the Service or for any consequential, special or similar damages, even if advised of the possibility of such damages.</p>
<h1>Contact Us</h1>
<p>If you have any questions about this Disclaimer, You can contact Us:</p>
<ul>
<li>By email: info.jakach@gmail.com</li>
</ul>
</div>
<div id="footer"></div>
</body>

38
sys0-code/app/load.php Normal file
View File

@@ -0,0 +1,38 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Server Stats</title>
</head>
<body>
<div id="stats"></div>
<script>
function refreshStats() {
location.reload();
}
// Refresh stats every 1 second
setInterval(refreshStats, 1000);
</script>
<?php
// Get server load
$load = sys_getloadavg();
// Get CPU usage
$cpu_usage = shell_exec("top -bn1 | grep 'Cpu(s)' | sed 's/.*, *\\([0-9.]*\\)%* id.*/\\1/' | awk '{print 100 - $1\"%\"}'");
// Get RAM usage
$ram_usage = shell_exec("free | grep Mem | awk '{print $3/$2 * 100.0\"%\"}'");
// Display results
echo "Server Load: " . implode(", ", $load) . "<br>";
echo "CPU Usage: " . $cpu_usage . "<br>";
echo "RAM Usage: " . $ram_usage . "<br>";
?>
</body>
</html>

395
sys0-code/app/overview.php Normal file
View File

@@ -0,0 +1,395 @@
<!DOCTYPE html>
<html>
<head>
<?php
// Initialize the session
session_start();
include "../config/config.php";
include "../api/queue.php";
$role=$_SESSION["role"];
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: /login/login.php");
exit;
}
$username=htmlspecialchars($_SESSION["username"]);
$id=$_SESSION["id"];
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
}
</script>
<?php
echo "<script type='text/javascript' >load_user()</script>";
?>
<?php $color=$_SESSION["color"]; ?>
<?php
function seconds_to_time($seconds) {
// Convert seconds to hours
$hours = floor($seconds / 3600);
// Convert remaining seconds to minutes
$minutes = floor(($seconds % 3600) / 60);
if($hours!=0){
if($hours==1)
return sprintf("%d Stunde %d Minuten", $hours, $minutes);
else
return sprintf("%d Stunden %d Minuten", $hours, $minutes);
}
else
return sprintf("%d Minuten", $minutes);
}
function short_path($filePath, $firstCharsCount, $lastCharsCount) {
// Get the first few characters of the path
$filePath=str_replace(".gcode","",$filePath);
if(strlen($filePath)>=$firstCharsCount+$lastCharsCount+3){
$firstChars = substr($filePath, 0, $firstCharsCount);
// Get the last few characters of the path
$lastChars = substr($filePath, -$lastCharsCount);
// Return the shortened path
return $firstChars . "..." . $lastChars;
}
else{
return $filePath;
}
}
$color=$_SESSION["color"];
include "../assets/components.php";
if(!isset($_SESSION["rid"]))
$_SESSION["rid"]=0;
$_SESSION["rid"]++;
?>
<title>Alle Drucker</title>
<style>
/* Style for the description */
.description {
display: none; /* Hide the description by default */
position: absolute;
background-color: rgba(0, 0, 0, 0.7);
color: #fff;
padding: 10px;
border-radius: 5px;
width: 200px;
}
/* Style for the element to trigger hover */
.hover-element {
position: relative;
/* Add some space below the element */
}
/* Style for the element to trigger hover when hovered */
.hover-element:hover .description {
display: block; /* Show the description on hover */
}
</style>
</head>
<body>
<div id="content"></div>
<div>
<div class="row justify-content-center">
<div style="width: 100%;min-height:95vh">
<?php
if(isset($_GET['free'])&&$_GET["rid"]==($_SESSION["rid"]-1))
{
$printer_id=htmlspecialchars($_GET['free']);
$sql="select used_by_userid from printer where id=$printer_id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
$sql="update printer set free=1,printing=0,cancel=0 ,used_by_userid=0 where id=$printer_id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
}
if(isset($_GET['remove_queue'])&&$_GET["rid"]==($_SESSION["rid"]-1))
{
$id=htmlspecialchars($_GET['remove_queue']);
$sql="delete from queue where id=$id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
}
if(isset($_GET['cancel'])&&$_GET["rid"]==($_SESSION["rid"]-1))
{
$apikey="";
$printer_url="";
$printer_id=htmlspecialchars($_GET['cancel']);
$sql="select used_by_userid,apikey,printer_url from printer where id=$printer_id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt,$apikey,$printer_url);
mysqli_stmt_fetch($stmt);
exec("curl -k -H \"X-Api-Key: $apikey\" -H \"Content-Type: application/json\" --data '{\"command\":\"cancel\"}' \"$printer_url/api/job\" > /var/www/html/user_files/$username/json.json");
$fg=file_get_contents("/var/www/html/user_files/$username/json.json");
$json=json_decode($fg,true);
if($json["error"]!="")
{
echo("<div class='alert alert-danger' role='alert'>Beim abbrechen ist es zu einem Fehler gekommen. Bitte versuche es später erneut.</div>");
}
else
{
$sql="update printer set cancel=1 where id=$printer_id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
}
}
$cnt=0;
$url="";
$apikey="";
if(isset($_GET["private"]))
$sql="select count(*) from printer where used_by_userid=".$_SESSION["id"];
else
$sql="select count(*) from printer";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
//echo($cnt);
$is_free=0;
echo("<div><div class='row'>");
echo("<div class='d-flex flex-wrap justify-content-center align-items-stretch'>");
echo("<div style='width:100%;margin-left:5px'>");
if(isset($_GET["private"]))
echo("<br><a class='btn btn-dark' href='overview.php'>Alle Drucker anzeigen</a>");
else
echo("<br><a class='btn btn-dark' href='overview.php?private'>Nur eigene Aufträge anzeigen</a>");
echo("</div>");
$last_id=0;
$system_status=0;
$rotation=0;
while($cnt!=0)
{
$userid=0;
if(isset($_GET["private"]))
$sql="select rotation,free,id,printer_url,apikey,cancel,used_by_userid,system_status,color from printer where id>$last_id and used_by_userid=".$_SESSION["id"]." ORDER BY id";
else
$sql="select rotation,free,id,printer_url,apikey,cancel,used_by_userid,system_status,color from printer where id>$last_id ORDER BY id";
$cancel=0;
$filament_color="";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $rotation,$is_free,$printer_id,$url,$apikey,$cancel,$userid,$system_status,$filament_color);
mysqli_stmt_fetch($stmt);
$last_id=$printer_id;
$filament_color=intval($filament_color);
//get the real color
$sql="select name from filament where internal_id=$filament_color";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt,$filament_color);
mysqli_stmt_fetch($stmt);
if($is_free==0){
//printer is printing
exec("curl --max-time 10 $url/api/job?apikey=$apikey > /var/www/html/user_files/$username/json.json");
$fg=file_get_contents("/var/www/html/user_files/$username/json.json");
$json=json_decode($fg,true);
$used_by_user="";
$sql="select username from users where id=$userid";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $used_by_user);
mysqli_stmt_fetch($stmt);
$username2=explode("@",$used_by_user);
$progress=(int) $json['progress']['completion'];
if($progress<0)
$progress=-$progress;
$file=$json['job']['file']['name'];
if($progress==100){
$print_time=seconds_to_time(intval($json["progress"]["printTime"]));
$print_time_left=seconds_to_time(intval($json["progress"]["printTimeLeft"]));
$print_time_total=seconds_to_time(intval($json["job"]["estimatedPrintTime"]));
echo("<div class='card m-4 align-self-start'>");
echo("<div class='card-body'>");
echo("<h5 class='card-title'>Drucker $printer_id</h5>");
echo("</div>");
echo("<div class='card-body'>");
echo("<iframe height='230px' scrolling='no' width='100%' src='/app/webcam.php?printer_id=$printer_id&username=".$_SESSION["username"]."&url=$url&rotation=$rotation'></iframe>");
echo("<div class='progress'>");
echo("<div class='progress-bar' role='progressbar' style='width: $progress%' aria-valuenow='$progress' aria-valuemin='0' aria-valuemax='100'>$progress%</div>");
echo("</div>");
echo("<table class='table table-borderless'>");
echo("<thead>");
echo("<tr><td>Status</td><td style='color:green'>Fertig</td></tr>");
echo("<tr><td>Genutzt von</td><td>".$username2[0]."</td></tr>");
if(!empty($filament_color) && $filament_color!=NULL)
echo("<tr><td>Filamentfarbe</td><td >$filament_color</td></tr>");
echo("<tr><td>Erwartete Druckzeit</td><td>$print_time_total</td></tr>");
echo("<tr><td>Verbleibende Druckzeit</td><td>$print_time_left</td></tr>");
echo("<tr><td>Vergangene Druckzeit</td><td>$print_time</td></tr>");
echo("<tr><td>Datei</td><td><div class='hover-element'>".short_path($json["job"]["file"]["name"],10,10)."<div class='description'>".$json["job"]["file"]["name"]."</div></div></td></tr>");
echo("</div>");
if($userid==$_SESSION["id"] or $role[3]==="1"){
echo("<tr><td><a class='btn btn-success' href='overview.php?free=$printer_id&rid=".$_SESSION["rid"]."'>Freigeben</a></td></tr>");
}
echo("</thead>");
echo("</table>");
echo("</div>");
echo("</div>");
}
else if($cancel==1){
$print_time=seconds_to_time(intval($json["progress"]["printTime"]));
$print_time_left=seconds_to_time(intval($json["progress"]["printTimeLeft"]));
$print_time_total=seconds_to_time(intval($json["job"]["estimatedPrintTime"]));
echo("<div class='card m-4 align-self-start'>");
echo("<div class='card-body'>");
echo("<h5 class='card-title'>Drucker $printer_id</h5>");
echo("</div>");
echo("<div class='card-body'>");
echo("<iframe height='230px' scrolling='no' width='100%' src='/app/webcam.php?printer_id=$printer_id&username=".$_SESSION["username"]."&url=$url&rotation=$rotation'></iframe>");
echo("<div class='progress'>");
echo("<div class='progress-bar' role='progressbar' style='width: $progress%' aria-valuenow='$progress' aria-valuemin='0' aria-valuemax='100'>$progress%</div>");
echo("</div>");
echo("<table class='table table-borderless'>");
echo("<thead>");
echo("<tr><td>Status</td><td style='color:red'>Druck Abgebrochen</td></tr>");
echo("<tr><td>Genutzt von</td><td>".$username2[0]."</td></tr>");
if(!empty($filament_color) && $filament_color!=NULL)
echo("<tr><td>Filamentfarbe</td><td >$filament_color</td></tr>");
echo("<tr><td>Erwartete Druckzeit</td><td>$print_time_total</td></tr>");
echo("<tr><td>Verbleibende Druckzeit</td><td>$print_time_left</td></tr>");
echo("<tr><td>Vergangene Druckzeit</td><td>$print_time</td></tr>");
echo("<tr><td>Datei</td><td><div class='hover-element'>".short_path($json["job"]["file"]["name"],10,10)."<div class='description'>".$json["job"]["file"]["name"]."</div></div></td></tr>");
if($userid==$_SESSION["id"] or $role[3]=="1"){
echo("<tr><td><a class='btn btn-success' href='overview.php?free=$printer_id&rid=".$_SESSION["rid"]."'>Freigeben</a></td></tr>");
}
echo("</thead>");
echo("</table>");
echo("</div>");
echo("</div>");
}
else{
$print_time=seconds_to_time(intval($json["progress"]["printTime"]));
$print_time_left=seconds_to_time(intval($json["progress"]["printTimeLeft"]));
$print_time_total=seconds_to_time(intval($json["job"]["estimatedPrintTime"]));
echo("<div class='card m-4 align-self-start'>");
echo("<div class='card-body'>");
echo("<h5 class='card-title'>Drucker $printer_id</h5>");
echo("</div>");
echo("<div class='card-body'>");
echo("<iframe height='230px' scrolling='no' width='100%' src='/app/webcam.php?printer_id=$printer_id&username=".$_SESSION["username"]."&url=$url&rotation=$rotation'></iframe>");
echo("<div class='progress'>");
echo("<div class='progress-bar' role='progressbar' style='width: $progress%' aria-valuenow='$progress' aria-valuemin='0' aria-valuemax='100'>$progress%</div>");
echo("</div>");
echo("<table class='table table-borderless'>");
echo("<thead>");
echo("<tr><td>Status</td><td style='color:orange'>Drucken</td></tr>");
echo("<tr><td>Genutzt von</td><td>".$username2[0]."</td></tr>");
if(!empty($filament_color) && $filament_color!=NULL)
echo("<tr><td>Filamentfarbe</td><td >$filament_color</td></tr>");
echo("<tr><td>Erwartete Druckzeit</td><td>$print_time_total</td></tr>");
echo("<tr><td>Verbleibende Druckzeit</td><td>$print_time_left</td></tr>");
echo("<tr><td>Vergangene Druckzeit</td><td>$print_time</td></tr>");
echo("<tr><td>Datei</td><td><div class='hover-element'>".short_path($json["job"]["file"]["name"],10,10)."<div class='description'>".$json["job"]["file"]["name"]."</div></div></td></tr>");
if($userid==$_SESSION["id"] or $role[3]==="1"){
echo("<tr><td><a class='btn btn-danger' href='overview.php?cancel=$printer_id&rid=".$_SESSION["rid"]."'>Abbrechen</a></td></tr>");
}
echo("</thead>");
echo("</table>");
echo("</div>");
echo("</div>");
}
}else{
//printer is free
echo("<div class='card m-4 align-self-start'>");
echo("<div class='card-body'>");
echo("<h5 class='card-title'>Drucker $printer_id</h5>");
echo("</div>");
echo("<div class='card-body'>");
echo("<iframe height='230px' scrolling='no' width='100%' src='/app/webcam.php?printer_id=$printer_id&username=".$_SESSION["username"]."&url=$url&rotation=$rotation'></iframe>");
echo("<table class='table table-borderless'>");
echo("<thead>");
echo("<tr><td>Status</td><td style='color:green'>Bereit</td></tr>");
if(!empty($filament_color) && $filament_color!=NULL)
echo("<tr><td>Filamentfarbe</td><td >$filament_color</td></tr>");
echo("<tr><td><a class='btn btn-dark' href='print.php?preselect=$printer_id'>Drucken</a></td></tr>");
echo("</thead>");
echo("</table>");
echo("</div>");
echo("</div>");
}
$cnt--;
}
echo("</div></div>");
?>
<br><br>
<?php
test_queue($link);
?>
</div>
</div>
</div>
</div>
<!-- We currently do not show the queue -->
<div style="width: 100hh">
<center><h3>Warteschlange</h3></center>
<?php
$userid=$_SESSION["id"];
$cnt=0;
$filepath="";
$sql="select count(*) from queue";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
//echo($cnt);
echo("<div class='container'><div class='row'><div class='col'><div class='overflow-auto'><table class='table'><thead><tr><th>Datei</th><th>Drucken auf Drucker</th><th>aus der Warteschlange entfernen</th></tr></thead><tbody>");
$last_id=0;
$form_userid=0;
$print_on=0;
while($cnt!=0)
{
$sql="select id,filepath,from_userid,print_on from queue where id>$last_id order by id";
$cancel=0;
$stmt = mysqli_prepare($link, $sql);
echo mysqli_error($link);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $queue_id,$filepath,$from_userid,$print_on);
mysqli_stmt_fetch($stmt);
$filepath=basename($filepath);
$last_id=$queue_id;
echo("<tr><td>$filepath</td>");
if($print_on==-1)
echo("<td>Erster verfügbarer Drucker</td>");
else
echo("<td>$print_on</td>");
if($_SESSION["role"][3]==="1" or $_SESSION["id"]==$from_userid)
echo("<td><form method='POST' action='?remove_queue=$queue_id&rid=".$_SESSION["rid"]."'><button type='submit' value='remove' name='remove' class='btn btn-danger'>Löschen</button></form></td></tr>");
$cnt--;
}
echo("</tbody></table></div></div></div></div>");
?>
<br><br>
</div>
<div id="footer"></div>
</body>
</html>

50
sys0-code/app/permission_functions.php Normal file
View File

@@ -0,0 +1,50 @@
<?php
function get_perm_string(){
$perm_str="";
if(isset($_POST["print"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["private_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["public_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["printer_ctrl_all"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["change_user_perm"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["create_admin"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["view_log"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["view_apikey"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["create_key"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["debug"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["delete_from_public_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
return $perm_str;
}
?>

523
sys0-code/app/print.php Normal file
View File

@@ -0,0 +1,523 @@
<?php
function extract_param($gcode) {
// Match the pattern S followed by digits, capturing the digits
$matches = [];
$pattern = '/[S|T]([0-9]+)/';
if (preg_match($pattern, $gcode, $matches)) {
return (int)$matches[1]; // Return the first capture group as an integer
} else {
return false; // No match found
}
}
function check_file($path){//check file for temperature which are to high
$file = fopen($path, 'r');
$cnt=0;
while (!feof($file)&&$cnt!=2) {
$line = fgets($file);
// Extract parameter from lines with specific commands
if (strpos($line, 'M104') !== false || strpos($line, 'M140') !== false) {
$cnt++;
$parameter = extract_param($line);
if(strpos($line, 'M104') !== false){ //extruder_temp
$ex_temp=$parameter;
}
if(strpos($line, 'M140') !== false){ //bed temp
$bed_temp=$parameter;
}
}
}
//echo("bed:$bed_temp;ex:$ex_temp");
if($bed_temp>75 or $ex_temp>225){
return 0;
}else{
return 1;
}
}
function is_time_between($startTime, $endTime, $checkTime) {
// Convert times to timestamps
$startTimestamp = strtotime($startTime);
$endTimestamp = strtotime($endTime);
$checkTimestamp = strtotime($checkTime);
// If end time is less than start time, it means the range crosses midnight
if ($endTimestamp < $startTimestamp) {
// Check if the time is between start time and midnight or between midnight and end time
return ($checkTimestamp >= $startTimestamp || $checkTimestamp <= $endTimestamp);
} else {
// Normal case: check if the time is between start and end time
return ($checkTimestamp >= $startTimestamp && $checkTimestamp <= $endTimestamp);
}
}
?>
<!DOCTYPE html>
<html>
<?php
// Initialize the session
$warning=false;
session_start();
include "../config/config.php";
require_once "../log/log.php";
include "../api/queue.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true or $_SESSION["role"][0]!=="1"){
header("location: /login/login.php");
exit;
}
$username=htmlspecialchars($_SESSION["username"]);
?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
$(document).ready(function(){
$('#footer').load("/assets/html/footer.html");
});
}
</script>
<?php
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
test_queue($link);
?>
<?php $userid=$_SESSION["id"]; ?>
<?php echo(" <body style='background-color:$color'> ");?>
<div id="content"></div>
<head>
<title>Datei drucken</title>
</head>
<body>
<br><br>
<?php
if(isset($_POST["printer"]))
{
$status=0;
$free=0;
$url="";
$apikey="";
$printer_url="";
$printer_id=htmlspecialchars($_POST["printer"]);
if($printer_id=="queue")
{
//send file to queue because no printer is ready!
if(!empty($_FILES['file_upload']))
{
$ok_ft=array("gcode","");
$unwanted_chr=[' ','(',')','/','\\','<','>',':',';','?','*','"','|','%'];
$filetype = strtolower(pathinfo($_FILES['file_upload']['name'],PATHINFO_EXTENSION));
$path = "/var/www/html/user_files/$username/";
$print_on=$_POST["queue_printer"];
$filename=basename( $_FILES['file_upload']['name']);
$filename=str_replace($unwanted_chr,"_",$filename);
$path = $path . $filename;
if(!in_array($filetype,$ok_ft))
{
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Dieser Dateityp wird nicht unterstüzt.</div></center>");
sys0_log("Could not upload file for ".$_SESSION["username"]." because of unknown file extension",$_SESSION["username"],"PRINT::UPLOAD::FILE::FAILED");//notes,username,type
}
else
{
if(move_uploaded_file($_FILES['file_upload']['tmp_name'], $path)) {
$sql="INSERT INTO queue (from_userid,filepath,print_on) VALUES (?,?,?)";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "isi", $userid,$path,$print_on);
mysqli_stmt_execute($stmt);
echo("<center><div style='width:50%' class='alert alert-success' role='alert'>Datei ". basename( $_FILES['file_upload']['name']). " wurde hochgeladen und an die Warteschlange gesendet</div></center>");
sys0_log("user ".$_SESSION["username"]." uploaded ".basename($path)." to the queue",$_SESSION["username"],"PRINT::UPLOAD::QUEUE");//notes,username,type
}
else
{
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Datei ". basename( $_FILES['file_upload']['name']). " konnte hochgeladen werden</div></center>");
}
}
unset($_FILES['file']);
}
if(isset($_GET["cloudprint"])){
$print_on=$_POST["queue_printer"];
if(!isset($_GET["pc"]))
$path = "/var/www/html/user_files/$username/".$_GET["cloudprint"];
else
$path = "/var/www/html/user_files/public/".$_GET["cloudprint"];
$sql="INSERT INTO queue (from_userid,filepath,print_on) VALUES (?,?,?)";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "isi", $userid,$path,$print_on);
mysqli_stmt_execute($stmt);
echo("<center><div style='width:50%' class='alert alert-success' role='alert'>Datei ". basename( $_FILES['file_upload']['name']). " wurde hochgeladen und an die Warteschlange gesendet</div></center>");
sys0_log("user ".$_SESSION["username"]." uploaded ".basename($path)." to the queue",$_SESSION["username"],"PRINT::UPLOAD::QUEUE");
}
}
else
{
$sql="select printer_url, free, system_status,apikey,printer_url from printer where id=$printer_id";
//echo $sql;
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $url,$free,$status,$apikey,$printer_url);
mysqli_stmt_fetch($stmt);
if($free!=1 or $status!=0)
{
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Der Drucker ist zur Zeit nicht verfügbar. Warte einen Moment oder versuche es mit einem anderen Drucker erneut.</div></center>");
sys0_log("Could not start job for ".$_SESSION["username"]." with file ".basename($path)."",$_SESSION["username"],"PRINT::JOB::START::FAILED");//notes,username,type
exit;
}
if(!empty($_FILES['file_upload']))
{
$ok_ft=array("gcode","");
$unwanted_chr=[' ','(',')','/','\\','<','>',':',';','?','*','"','|','%'];
$filetype = strtolower(pathinfo($_FILES['file_upload']['name'],PATHINFO_EXTENSION));
$path = "/var/www/html/user_files/$username/";
$filename=basename( $_FILES['file_upload']['name']);
$filename=str_replace($unwanted_chr,"_",$filename);
$path = $path . $filename;
//if(in_array($filetype,$unwanted_ft))
if(!in_array($filetype,$ok_ft))
{
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Dieser Dateityp wird nicht unterstüzt.</div></center>");
sys0_log("Could not upload file for ".$_SESSION["username"]." because of unknown file extension",$_SESSION["username"],"PRINT::UPLOAD::FILE::FAILED");//notes,username,type
}
else
{
//check if print key is valid:
$print_key=htmlspecialchars($_POST["print_key"]);
$sql="SELECT id from print_key where print_key='$print_key'";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
//if(mysqli_stmt_num_rows($stmt) == 1){ turned off because user does not need to have a printer key
if(true){
mysqli_stmt_close($stmt);
if(move_uploaded_file($_FILES['file_upload']['tmp_name'], $path)) {
echo("<center><div style='width:50%' class='alert alert-success' role='alert'>Erfolg! Die Datei ". basename( $_FILES['file_upload']['name']). " wurde hochgeladen.</div></center>");
echo("<center><div style='width:50%' class='alert alert-success' role='alert'>Datei wird an den 3D-Drucker gesendet...</div></center>");
if(check_file($path) or isset($_POST["ignore_unsafe"])){
exec('curl -k -H "X-Api-Key: '.$apikey.'" -F "select=true" -F "print=true" -F "file=@'.$path.'" "'.$printer_url.'/api/files/local" > /var/www/html/user_files/'.$username.'/json.json');
//file is on printer and ready to be printed
$userid=$_SESSION["id"];
echo("<center><div style='width:50%' class='alert alert-success' role='alert'>Datei gesendet und Auftrag wurde gestartet.</div></center>");
sys0_log("user ".$_SESSION["username"]." uploaded ".basename($path)." to printer ".$_POST["printer"]."",$_SESSION["username"],"PRINT::UPLOAD::PRINTER");//notes,username,type
$fg=file_get_contents("/var/www/html/user_files/$username/json.json");
$json=json_decode($fg,true);
if($json['effectivePrint']==false or $json["effectiveSelect"]==false)
{
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Ein Fehler ist aufgetreten und der Vorgang konnte nicht gestartet werden. Warte einen Moment und versuche es dann erneut.</div></center>");
sys0_log("Could not start job for ".$_SESSION["username"]."with file ".basename($path)."",$_SESSION["username"],"PRINT::JOB::START::FAILED");//notes,username,type
}
else
{
$sql="update printer set free=0, printing=1,mail_sent=0, used_by_userid=$userid where id=$printer_id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
//delete printer key:
$sql="DELETE from print_key where print_key='$print_key'";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
}else{
$warning=true;
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Achtung, deine Bett oder Extruder Temperatur ist sehr hoch eingestellt. Dies wird zur zerstörung des Druckes und somit zu Müll führen. Bitte setze diese Temperaturen tiefer in den Einstellungen deines Slicers.</div></center>");
}
}
else
{
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Ein Fehler beim Uploaden der Datei ist aufgetreten! Versuche es erneut! </div></center>");
}
}
else{
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Der Druckschlüssel ist nicht gültig. Evtl. wurde er bereits benutzt. Versuche es erneut! </div></center>");
}
}
unset($_FILES['file']);
}
if(isset($_GET["cloudprint"])){
if(!isset($_GET["pc"]))
$path = "/var/www/html/user_files/$username/".$_GET["cloudprint"];
else
$path = "/var/www/html/user_files/public/".$_GET["cloudprint"];
//check if print key is valid:
$print_key=htmlspecialchars($_POST["print_key"]);
$sql="SELECT id from print_key where print_key='$print_key'";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
//if(mysqli_stmt_num_rows($stmt) == 1){ turned off because user does not need to have a printer key
if(true){
mysqli_stmt_close($stmt);
echo("<center><div style='width:50%' class='alert alert-success' role='alert'>Datei wird an den 3D-Drucker gesendet...</div></center>");
if(check_file($path) or isset($_POST["ignore_unsafe"])){
exec('curl -k -H "X-Api-Key: '.$apikey.'" -F "select=true" -F "print=true" -F "file=@'.$path.'" "'.$printer_url.'/api/files/local" > /var/www/html/user_files/'.$username.'/json.json');
//file is on printer and ready to be printed
$userid=$_SESSION["id"];
echo("<center><div style='width:50%' class='alert alert-success' role='alert'>Datei gesendet und Auftrag wurde gestartet.</div></center>");
sys0_log("user ".$_SESSION["username"]." uploaded ".basename($path)." to printer ".$_POST["printer"]."",$_SESSION["username"],"PRINT::UPLOAD::PRINTER");//notes,username,type
$fg=file_get_contents("/var/www/html/user_files/$username/json.json");
$json=json_decode($fg,true);
//echo('curl -k -H "X-Api-Key: '.$apikey.'" -F "select=true" -F "print=true" -F "file=@'.$path.'" "'.$printer_url.'/api/files/local" > /var/www/html/system0/html/user_files/'.$username.'/json.json');
//echo("<br><br><br>");
//var_dump($json);
if($json['effectivePrint']==false or $json["effectiveSelect"]==false)
{
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Ein Fehler ist aufgetreten und der Vorgang konnte nicht gestartet werden. Warte einen Moment und versuche es dann erneut.</div></center>");
sys0_log("Could not start job for ".$_SESSION["username"]."with file ".basename($path)."",$_SESSION["username"],"PRINT::JOB::START::FAILED");//notes,username,type
}
else
{
$sql="update printer set free=0, printing=1,mail_sent=0, used_by_userid=$userid where id=$printer_id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
//delete printer key:
$sql="DELETE from print_key where print_key='$print_key'";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
}else{
$warning=true;
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Achtung, deinen Bett oder Extruder Temperatur ist sehr hoch eingestellt. Dies wird zur zerstörung des Druckes und somit zu Müll führen. Bitte setze diese Temperaturen tiefer in den Einstellungen deines Slicers.</div></center>");
}
}
else{
echo("<center><div style='width:50%' class='alert alert-danger' role='alert'>Der Druckschlüssel ist nicht gültig. Evtl. wurde er bereits benutzt. Versuche es erneut! </div></center>");
}
}
}
}
?>
<div class="text-center mt-5" style="min-height: 95vh">
<h1>Datei drucken</h1>
<!-- Reservations notice -->
<?php
date_default_timezone_set('Europe/Zurich');
$reservation_conflict=false;
$today=date("Y-m-d");
$sql="select time_from, time_to from reservations where day='$today';";
$stmt = $link->prepare($sql);
$stmt->execute();
$result = $stmt->get_result();
//$row = $result->fetch_assoc();
$time_now=date("H:i");
while ($row = $result->fetch_assoc()) {
if (is_time_between($row["time_from"], $row["time_to"], $time_now)) {
$reservation_conflict = true;
break;
}
}
if ($reservation_conflict) {
echo "<center><div style='width:50%' class='alert alert-danger' role='alert'>Die Drucker sind zurzeit reserviert! Bitte drucke nur, wenn du gerade im Informatik Unterricht bist!</div></center>";
}
?>
<div class="container d-flex align-items-center justify-content-center" >
<form class="mt-5" enctype="multipart/form-data" method="POST" action="">
<?php if(!isset($_GET["cloudprint"])){
echo ('<div class="form-group">');
echo('<div class="custom-file">');
echo('<label for="file_upload" class="form-label">Zu druckende Datei</label>');
echo('<input type="file" class="form-control" type="file" name="file_upload" required accept=".gcode"> ');
echo('</div>');
echo('</div>');
}
else{
echo ('<div class="form-group">');
echo('<div class="custom-file">');
echo("<p>Cloudfile: ".$_GET["cloudprint"]."</p>");
echo('</div>');
echo('</div>');
}
?>
<br><br>
<div class="form-group">
<label class="my-3" for="printer">Druckerauswahl</label>
<select class="form-control selector" name="printer" required>
<!-- PHP to retrieve printers -->
<?php
//get number of printers
$num_of_printers=0;
$sql="select count(*) from printer where free=1";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $num_of_printers);
mysqli_stmt_fetch($stmt);
//echo("test1:".$num_of_printers);
$last_id=0;
$printers_av=0;
if(isset($_GET["preselect"])){
$preselect=$_GET["preselect"];
}else{
$preselect=1;
}
if(!isset($_GET["send_to_queue"])){
while($num_of_printers!=0)
{
$id=0;
$sql="Select id,color from printer where id>$last_id and free=1 order by id";
//echo $sql;
$color="";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $id,$color);
mysqli_stmt_fetch($stmt);
$color=intval($color);
//get the real color
$sql="select name from filament where internal_id=$color";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt,$color);
mysqli_stmt_fetch($stmt);
if($id!=0 && $id!=$last_id)
{
if($id==$preselect)
echo("<option printer='$id' value='$id' selected>Printer $id - $color</option>");
else
echo("<option printer='$id' value='$id'>Printer $id - $color</option>");
$printers_av++;
}
$last_id=$id;
$num_of_printers--;
}
}
if($printers_av==0 or isset($_GET["send_to_queue"])){
echo("<option printer='queue' value='queue'>an Warteschlange senden</option>");
}
?>
</select>
</div>
<!-- if we send to queue, the user should be able to choose which printer prints it afterwards -->
<?php
if($printers_av==0 or isset($_GET["send_to_queue"])){
echo('<div class="form-group">');
echo('<label class="my-3" for="printer">Auf diesem Drucker wird deine Datei gedruckt, sobald er frei ist.</label>');
echo('<select class="form-control selector" name="queue_printer" required>');
//get number of printers
$num_of_printers=0;
$sql="select count(*) from printer";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $num_of_printers);
mysqli_stmt_fetch($stmt);
$last_id=0;
$printers_av=0;
if(isset($_GET["preselect"])){
$preselect=$_GET["preselect"];
}else{
$preselect=-1;
}
echo("<option printer='-1' value='-1' selected selected>erster verfügbarer Drucker</option>");
while($num_of_printers!=0)
{
$id=0;
$sql="Select id,color from printer where id>$last_id order by id";
//echo $sql;
$color="";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $id,$color);
mysqli_stmt_fetch($stmt);
$color=intval($color);
//get the real color
$sql="select name from filament where internal_id=$color";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt,$color);
mysqli_stmt_fetch($stmt);
if($id!=0 && $id!=$last_id)
{
if($id==$preselect)
echo("<option printer='$id' value='$id' selected>Drucker $id - $color</option>");
else
echo("<option printer='$id' value='$id'>Drucker $id - $color</option>");
$printers_av++;
}
$last_id=$id;
$num_of_printers--;
}
echo('</select>');
echo('</div>');
}
?>
<br><br>
<!--<label class="my-3" for="print_key">Druckschlüssel (Kann im Sekretariat gekauft werden)</label>
<input type="text" class="form-control text" id="print_key" name="print_key" placeholder="z.B. A3Rg4Hujkief"><br>-->
<?php
if($warning==true){
echo("<input type='checkbox' id='ignore_unsafe' name='ignore_unsafe' value='true'>");
echo("<label for='ignore_unsafe'>Temperaturbeschränkungen Ignorieren und Drucken</label><br>");
}
?>
<input type="submit" class="btn btn-dark mb-5" value="Datei drucken" onclick="show_loader();" id="button">
<div class="d-flex align-items-center">
<strong role="status" style="display:none" id="spinner">Hochladen...</strong>
<div class="spinner-border ms-auto" aria-hidden="true" style="display:none" id="spinner2"></div>
<a href="print.php?send_to_queue">Auf einem Drucker Drucken, welcher besetzt ist.</a>
</div>
</form>
</div>
</div>
<br>
<div id="footer"></div>
<script>
function show_loader(){
var spinner=document.getElementById("spinner");
spinner.style.display="block";
var spinner=document.getElementById("spinner2");
spinner.style.display="block";
var spinner=document.getElementById("button");
spinner.style.display="none";
}
</script>
</body>
</html>

212
sys0-code/app/privacy-policy.php Normal file
View File

@@ -0,0 +1,212 @@
<?php
session_start();
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
$auth=false;
}
else
{
$auth=true;
}
?>
<head>
<title>Privacy Policy</title>
</head>
<?php
include "../assets/components.php";
?>
<?php $color=$_SESSION["color"]; ?>
<?php echo(" <body style='background-color:$color'> ");?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
$(document).ready(function(){
$('#footer').load("/assets/html/footer.html");
});
}
</script>
<?php
$username=$_SESSION["username"];
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<div id="content"></div>
<div class="m-3">
<h1>Privacy Policy</h1>
<p>Last updated: December 18, 2023</p>
<p>This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.</p>
<p>We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy. This Privacy Policy has been created with the help of the <a href="https://www.privacypolicies.com/privacy-policy-generator/" target="_blank">Privacy Policy Generator</a>.</p>
<h1>Interpretation and Definitions</h1>
<h2>Interpretation</h2>
<p>The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.</p>
<h2>Definitions</h2>
<p>For the purposes of this Privacy Policy:</p>
<ul>
<li>
<p><strong>Account</strong> means a unique account created for You to access our Service or parts of our Service.</p>
</li>
<li>
<p><strong>Affiliate</strong> means an entity that controls, is controlled by or is under common control with a party, where &quot;control&quot; means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.</p>
</li>
<li>
<p><strong>Company</strong> (referred to as either &quot;the Company&quot;, &quot;We&quot;, &quot;Us&quot; or &quot;Our&quot; in this Agreement) refers to Jakach.</p>
</li>
<li>
<p><strong>Cookies</strong> are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.</p>
</li>
<li>
<p><strong>Country</strong> refers to: Switzerland</p>
</li>
<li>
<p><strong>Device</strong> means any device that can access the Service such as a computer, a cellphone or a digital tablet.</p>
</li>
<li>
<p><strong>Personal Data</strong> is any information that relates to an identified or identifiable individual.</p>
</li>
<li>
<p><strong>Service</strong> refers to the Website.</p>
</li>
<li>
<p><strong>Service Provider</strong> means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.</p>
</li>
<li>
<p><strong>Usage Data</strong> refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).</p>
</li>
<li>
<p><strong>Website</strong> refers to system0, accessible from <a href="https://app.ksw3d.ch" rel="external nofollow noopener" target="_blank">app.ksw3d.ch</a></p>
</li>
<li>
<p><strong>You</strong> means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.</p>
</li>
</ul>
<h1>Collecting and Using Your Personal Data</h1>
<h2>Types of Data Collected</h2>
<h3>Personal Data</h3>
<p>While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:</p>
<ul>
<li>Usage Data</li>
</ul>
<h3>Usage Data</h3>
<p>Usage Data is collected automatically when using the Service.</p>
<p>Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.</p>
<p>When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.</p>
<p>We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.</p>
<h3>Tracking Technologies and Cookies</h3>
<p>We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:</p>
<ul>
<li><strong>Cookies or Browser Cookies.</strong> A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. Unless you have adjusted Your browser setting so that it will refuse Cookies, our Service may use Cookies.</li>
<li><strong>Web Beacons.</strong> Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).</li>
</ul>
<p>Cookies can be &quot;Persistent&quot; or &quot;Session&quot; Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. Learn more about cookies on the <a href="https://www.privacypolicies.com/blog/privacy-policy-template/#Use_Of_Cookies_Log_Files_And_Tracking" target="_blank">Privacy Policies website</a> article.</p>
<p>We use both Session and Persistent Cookies for the purposes set out below:</p>
<ul>
<li>
<p><strong>Necessary / Essential Cookies</strong></p>
<p>Type: Session Cookies</p>
<p>Administered by: Us</p>
<p>Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.</p>
</li>
<li>
<p><strong>Cookies Policy / Notice Acceptance Cookies</strong></p>
<p>Type: Persistent Cookies</p>
<p>Administered by: Us</p>
<p>Purpose: These Cookies identify if users have accepted the use of cookies on the Website.</p>
</li>
<li>
<p><strong>Functionality Cookies</strong></p>
<p>Type: Persistent Cookies</p>
<p>Administered by: Us</p>
<p>Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.</p>
</li>
</ul>
<p>For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy or the Cookies section of our Privacy Policy.</p>
<h2>Use of Your Personal Data</h2>
<p>The Company may use Personal Data for the following purposes:</p>
<ul>
<li>
<p><strong>To provide and maintain our Service</strong>, including to monitor the usage of our Service.</p>
</li>
<li>
<p><strong>To manage Your Account:</strong> to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.</p>
</li>
<li>
<p><strong>For the performance of a contract:</strong> the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.</p>
</li>
<li>
<p><strong>To contact You:</strong> To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.</p>
</li>
<li>
<p><strong>To provide You</strong> with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.</p>
</li>
<li>
<p><strong>To manage Your requests:</strong> To attend and manage Your requests to Us.</p>
</li>
<li>
<p><strong>For business transfers:</strong> We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.</p>
</li>
<li>
<p><strong>For other purposes</strong>: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.</p>
</li>
</ul>
<p>We may share Your personal information in the following situations:</p>
<ul>
<li><strong>With Service Providers:</strong> We may share Your personal information with Service Providers to monitor and analyze the use of our Service, to contact You.</li>
<li><strong>For business transfers:</strong> We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.</li>
<li><strong>With Affiliates:</strong> We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.</li>
<li><strong>With business partners:</strong> We may share Your information with Our business partners to offer You certain products, services or promotions.</li>
<li><strong>With other users:</strong> when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside.</li>
<li><strong>With Your consent</strong>: We may disclose Your personal information for any other purpose with Your consent.</li>
</ul>
<h2>Retention of Your Personal Data</h2>
<p>The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.</p>
<p>The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.</p>
<h2>Transfer of Your Personal Data</h2>
<p>Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.</p>
<p>Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.</p>
<p>The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.</p>
<h2>Delete Your Personal Data</h2>
<p>You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You.</p>
<p>Our Service may give You the ability to delete certain information about You from within the Service.</p>
<p>You may update, amend, or delete Your information at any time by signing in to Your Account, if you have one, and visiting the account settings section that allows you to manage Your personal information. You may also contact Us to request access to, correct, or delete any personal information that You have provided to Us.</p>
<p>Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.</p>
<h2>Disclosure of Your Personal Data</h2>
<h3>Business Transactions</h3>
<p>If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.</p>
<h3>Law enforcement</h3>
<p>Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).</p>
<h3>Other legal requirements</h3>
<p>The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:</p>
<ul>
<li>Comply with a legal obligation</li>
<li>Protect and defend the rights or property of the Company</li>
<li>Prevent or investigate possible wrongdoing in connection with the Service</li>
<li>Protect the personal safety of Users of the Service or the public</li>
<li>Protect against legal liability</li>
</ul>
<h2>Security of Your Personal Data</h2>
<p>The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.</p>
<h1>Children's Privacy</h1>
<p>Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.</p>
<p>If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent's consent before We collect and use that information.</p>
<h1>Links to Other Websites</h1>
<p>Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit.</p>
<p>We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.</p>
<h1>Changes to this Privacy Policy</h1>
<p>We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.</p>
<p>We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the &quot;Last updated&quot; date at the top of this Privacy Policy.</p>
<p>You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.</p>
<h1>Contact Us</h1>
<p>If you have any questions about this Privacy Policy, You can contact us:</p>
<ul>
<li>By email: <a href="mailto:info.jakach@gmail.com" >info.jakach@gmail.com</a></li>
</ul>
</div>
<br><br><br><br>
<div id="footer"></div>div>

146
sys0-code/app/public_cloud.php Normal file
View File

@@ -0,0 +1,146 @@
<!DOCTYPE html>
<html>
<?php
// Initialize the session
session_start();
include "../config/config.php";
include "../api/queue.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true or$_SESSION["role"][2]!="1"){
header("location: /login/login.php");
exit;
}
$username=htmlspecialchars($_SESSION["username"]);
$id=$_SESSION["id"];
$username=$_SESSION["username"];
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
}
</script>
<?php
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<?php $color=$_SESSION["color"]; ?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
function get_base64_preview($filename){
$base64="";
$file=fopen($filename,"r");
$start=-1;
while(!feof($file)&&$start!=0){
$buf=fgets($file);
if(stripos($buf,"thumbnail end")!==false)
$start=0;
if($start==1)
$base64.=$buf;
if(stripos($buf,"thumbnail begin")!==false)
$start=1;
}
fclose($file);
$base64=str_replace(";","",$base64);
$base64=str_replace(" ","",$base64);
return $base64;
}
if(isset($_GET["delete"]) && $role[10]=="1"){
$path="/var/www/html/user_files/public/".str_replace("..","",htmlspecialchars($_GET["delete"]));
unlink($path);
}
?>
<div id="content"></div>
<head>
<title>Alle öffentlichen Dateien</title>
</head>
<body>
<div class="container mt-4" style="height: auto;min-height:100vh">
<div class="row justify-content-center">
<!--<div style="width: 90vh">-->
<h1>Öffentliche Dateien</h1>
<div class="container">
<form action="public_cloud.php" method="POST">
<input type="text" name="search" placeholder="Suchbegriff">
<button type="submit" class="btn btn-dark my-5">Suchen</button>
</form>
<div style="overflow-y:auto;overflow-x:auto">
<table class="table">
<thead>
<tr>
<th>Preview</th>
<th>File Name</th>
<th>Print File</th>
<th>Delete File</th>
<th>Download File</th>
</tr>
</thead>
<tbody>
<?php
$directory = "/var/www/html/user_files/public/";
// Check if the directory exists
if (is_dir($directory)) {
$files = glob($directory . '/*.gcode');
// Iterate through the files and display them in the table
$count = 1;
foreach ($files as $file) {
if(isset($_POST["search"])){
if (stripos(basename($file), $_POST["search"]) !== false) {
echo '<tr>';
echo '<td><img style="display:block; width:100px;height:100px;" id="base64image" src="data:image;base64,' . get_base64_preview($file) . '"/></td>';
echo '<td>' . basename($file) . '</td>';
echo '<td><a href="print.php?pc=1&cloudprint='.basename($file).'">Drucken</a></td>';
if($role[10]=="1"){
echo "<td><a href='public_cloud.php?delete=".basename($file)."' >" . "Löschen" . '</a></td>';
}else{
echo "<td></td>";
}
echo "<td><a href='/user_files/public/".basename($file)."' download>" . "Herunterladen" . '</a></td>';
echo '</tr>';
}
}else{
echo '<tr>';
echo '<td><img style="display:block; width:100px;height:100px;" id="base64image" src="data:image;base64,' . get_base64_preview($file) . '"/></td>';
echo '<td>' . basename($file) . '</td>';
echo '<td><a href="print.php?pc=1&cloudprint='.basename($file).'">Drucken</a></td>';
if($role[10]=="1"){
echo "<td><a href='public_cloud.php?delete=".basename($file)."' >" . "Löschen" . '</a></td>';
}else{
echo "<td></td>";
}
echo "<td><a href='/user_files/public/".basename($file)."' download>" . "Herunterladen" . '</a></td>';
echo '</tr>';
}
}
} else {
echo '<tr><td colspan="2">Directory not found</td></tr>';
}
?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div id="footer"></div>
</body>
</html>

487
sys0-code/app/remove_user.php Normal file
View File

@@ -0,0 +1,487 @@
<!DOCTYPE html>
<html>
<?php
// Initialize the session
session_start();
require_once "../log/log.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][3]!== "1"){
header("location: /login/login.php");
exit;
}
$_SESSION["rid"]++;
?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
}
</script>
<?php $color=$_SESSION["color"]; ?>
<?php echo(" <body style='background-color:$color'> ");?>
<div id="content"></div>
<?php
function get_perm_string(){
$perm_str="";
if(isset($_POST["print"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["private_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["public_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["printer_ctrl_all"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["change_user_perm"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["create_admin"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["view_log"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["view_apikey"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["create_key"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["debug"]))
$perm_str.="1";
else
$perm_str.="0";
if(isset($_POST["delete_from_public_cloud"]))
$perm_str.="1";
else
$perm_str.="0";
return $perm_str;
}
function deleteDirectory($dir) {
if (!is_dir($dir)) {
return;
}
// Get list of files and directories inside the directory
$files = scandir($dir);
foreach ($files as $file) {
// Skip current and parent directory links
if ($file == '.' || $file == '..') {
continue;
}
$path = $dir . '/' . $file;
if (is_dir($path)) {
// Recursively delete sub-directory
deleteDirectory($path);
} else {
// Delete file
unlink($path);
}
}
// Delete the empty directory
rmdir($dir);
}
echo ("<script type='text/javascript' >load_user()</script>");
require_once "../config/config.php";
if(isset($_GET["update_id"]) && $_GET["rid"]==$_SESSION["rid"]-1){
$tid=$_GET["update_id"];
$perms=get_perm_string();
$sql="UPDATE users SET role = '$perms' WHERE id=$tid";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
}
if(isset($_POST['username']))
{
$username_td=$_POST['username'];
$username_td=htmlspecialchars($username_td);
$sql="DELETE FROM users WHERE username = '$username_td';";
//echo($sql);
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
deleteDirectory("/var/www/html/user_files/$username_td/");
log_("Deleted $username_td","BAN:DELETION");
}
else if(isset($_POST["ban"]))
{
$username_td=htmlspecialchars($_POST["ban"]);
$reason=htmlspecialchars($_POST["reason"]);
$sql="UPDATE users SET banned = 1, banned_reason='$reason' WHERE username='$username_td'";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
log_("Banned $username_td","BAN:BAN");
}
else if(isset($_POST["unban"]))
{
$username_td=htmlspecialchars($_POST["unban"]);
$sql="UPDATE users SET banned = 0 WHERE username='$username_td'";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
log_("Unanned $username_td","BAN:UNBAN");
}
//how many users do we have?
$cnt=0;
$sql="SELECT COUNT(*) FROM users";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
if(mysqli_stmt_fetch($stmt)){
}
} else{
echo "<div class='alert alert-danger' role='alert'>Oops! Something went wrong. Please try again later.</div>";
}
// Close statement
mysqli_stmt_close($stmt);
}
echo('<div>');
echo('<div class="container mt-5" >
<div class="d-flex justify-content-center mb-3">
<h3>Benutzer zum löschen auswählen:</h3>
</div>
<form action="" method="post" style="width: 40%;" class="mx-auto">
<div class="mb-3">
<div class="row">
<div class="col">
<label for="lang">Benutzer:</label>
</div>
<div class="col">
<select name="username" id="username" class="form-select">
');
//now get those users
$cnt2=1;
$id=0;
$last_id=0;
while($cnt2!==$cnt+1)
{
$sql = "SELECT id, username FROM users WHERE id > $last_id ORDER BY id;";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $id,$username);
if(mysqli_stmt_fetch($stmt)){
//data retrieved
$last_id=$id;
echo('<option username="'.$username.'">'.$username.'</option>');
}
} else{
echo "<div class='alert alert-danger' role='alert'>Oops! Something went wrong. Please try again later.</div>";
}
// Close statement
mysqli_stmt_close($stmt);
}
$cnt2++;
}
echo('</select>
</div>
<div class="col">
<div class="d-flex justify-content-center">
<button type="submit" class="btn btn-danger" id="ban" ban="ban">Benutzer löschen</button>
</div>
</div>
</div>
</div>
</form>
</div>');
echo('<br><br>
<div class="container mt-5">
<div class="d-flex justify-content-center mb-3">
<h3>User zum Bannen auswählen:</h3>
</div>
<form action="" method="post" style="width: 40%;" class="mx-auto">
<div class="mb-3">
<div class="row">
<div class="col">
<label for="lang">Benutzername:</label>
</div>
<div class="col">
<select name="ban" id="ban" class="form-select">');
//now get those users
$cnt2=1;
$id=0;
$last_id=0;
while($cnt2!==$cnt+1)
{
$sql = "SELECT id, username FROM users WHERE id > $last_id AND (banned = 0 or banned IS NULL ) ORDER BY id;";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $id,$username);
if(mysqli_stmt_fetch($stmt)){
//data retrieved
$last_id=$id;
echo('<option ban="'.$username.'">'.$username.'</option>');
}
} else{
echo "<div class='alert alert-danger' role='alert'>Oops! Something went wrong. Please try again later.</div>";
}
// Close statement
mysqli_stmt_close($stmt);
}
$cnt2++;
}
echo('</select>');
//echo('<br><input type="text" value="ban reason" id="reason" name="reason" />');
echo('<select name="reason" id="reason" class="form-select">');
echo('<option reason="Hacking">Hacken</option>');
echo('<option reason="Illegal activities">Illegale aktivitäten</option>');
echo('<option reason="Misuse of service">Missbrauch der Website</option>');
echo('<option reason="Bad behaviour>Schlechtes Verhalten</option>');
echo('<option reason="inappropriate behaviour">Unangemessenes Verhalten</option>');
echo('<option reason="inappropriate username">Unangemessener Benutzername</option>');
echo('<option reason="Illegal files">Illegale Dateien</option>');
echo('<option reason="Unspecified">Andere</option>');
echo('</select>
</div>
<div class="col">
<div class="d-flex justify-content-center">
<button type="submit" class="btn btn-danger">Senden</button>
</div>
</div>
</div>
</div>
</form>
</div>');
echo("<br><br>");
echo('<div class="container mt-5">
<div class="d-flex justify-content-center mb-3">
<h3>Please select a user to unban:</h3>
</div>
<form action="" method="post" style="width: 40%;" class="mx-auto">
<div class="mb-3">
<div class="row">
<div class="col">
<label for="lang">Benutzer:</label>
</div>
<div class="col">
<select name="unban" id="unban" class="form-select">');
//now get those users
$cnt2=1;
$id=0;
$last_id=0;
while($cnt2!==$cnt+1)
{
$sql = "SELECT id, username FROM users WHERE id > $last_id AND banned=1 ORDER BY id;";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $id,$username);
if(mysqli_stmt_fetch($stmt)){
//data retrieved
$last_id=$id;
echo('<option unban="'.$username.'">'.$username.'</option>');
}
} else{
echo "<div class='alert alert-danger' role='alert'>Huch! Ein Fehler ist aufgetreten. Bitte versuchen Sie es später noch einmal.</div>";
}
// Close statement
mysqli_stmt_close($stmt);
}
$cnt2++;
}
echo('</select>
</div>
<div class="col">
<div class="d-flex justify-content-center">
<button type="submit" class="btn btn-danger" id="unban" unban="unban">Senden</button>
</div>
</div>
</div>
</div>
</form>
</div>
</div>');
?>
<div class="container" style="min-height:95vh">
<div class="row">
<div class="col-mt-12">
<!-- list users and their permissions -->
<?php
echo("<table class='table'>");
echo("<thead>");
echo("<tr>");
echo("<td>Nutzer</td>");
echo("<td>Drucken</td>");
echo("<td>Cloud</td>");
echo("<td>Öffentliche Cloud</td>");
echo("<td>Alle Drucker abbrechen / freigeben</td>");
echo("<td>Benutzereinstellungen ändern</td>");
echo("<td>Administratoren erstellen</td>");
echo("<td>Log ansehen</td>");
echo("<td>APIkey ansehen</td>");
echo("<td>Druckschlüssel erstellen</td>");
echo("<td>Debug</td>");
echo("<td>Alle Dateien von Öffentlicher Cloud löschen</td>");
echo("<td>Aktualisieren</td>");
echo("<td>Benutzer löschen</td>");
echo("</tr>");
echo("</thead>");
echo("<tbody>");
echo("<tr>");
//how many users do we have?
$cnt=0;
$sql="SELECT COUNT(*) FROM users";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
//now we know how many users we have.
$last_id=0;
while($cnt!=0){
$tusername="";
$trole="";
$tid=0;
$sql="select id,username,role from users where id>$last_id ORDER BY id";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
// Store result
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $tid,$tusername,$trole);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
echo("<tr><form action='remove_user.php?update_id=$tid&rid=".$_SESSION["rid"]."' method='post'>");
echo("<td>$tusername</td>");
if($trole[0]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="print" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="print" ></td>');
if($trole[1]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="private_cloud" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="private_cloud" ></td>');
if($trole[2]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="public_cloud" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="public_cloud" ></td>');
if($trole[3]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="printer_ctrl_all" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="printer_ctrl_all" ></td>');
if($trole[4]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="change_user_perm" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="change_user_perm" ></td>');
if($trole[5]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_admin" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_admin" ></td>');
if($trole[6]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_log" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_log" ></td>');
if($trole[7]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_apikey" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="view_apikey" ></td>');
if($trole[8]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_key" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="create_key" ></td>');
if($trole[9]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="debug" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="debug" ></td>');
if($trole[10]==="1")
echo('<td><input class="form-check-input" type="checkbox" value="" name="delete_from_public_cloud" checked></td>');
else
echo('<td><input class="form-check-input" type="checkbox" value="" name="delete_from_public_cloud" ></td>');
echo('<td><input type="submit" class="btn btn-dark mb-5" value="Aktualisieren" id="button"></td>');
echo('<td><button type="button" class="btn btn-danger" data-bs-toggle="modal" data-bs-target="#accept">Benutzer löschen</button></td>');
echo("</form></tr>");
$last_id=$tid;
$cnt--;
}
echo("</tr>");
echo("</tbody>");
echo("</table>");
mysqli_close($link);
?>
</div
</div>
</div>
<div class="modal fade" id="accept" tabindex="-1" aria-labelledby="accept" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="exampleModalLabel">Benutzer wirklich löschen?</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<div class="d-flex flex-row bd-highlight m-3">
<div class="p-2 bd-highlight">
<button type="button" class="btn-success">Bestätigen</button>
</div>
<div class="p-2 bd-highlight">
<button type="button" class="btn-danger" data-bs-dismiss="modal" aria-label="Close">Nein</button>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div id="footer"></div>
</body>
</html>

109
sys0-code/app/reservations.php Normal file
View File

@@ -0,0 +1,109 @@
<!DOCTYPE html>
<html>
<?php
// Initialize the session
session_start();
include "../config/config.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][9]!=="1"){
header("location: /login/login.php");
exit;
}
$username=htmlspecialchars($_SESSION["username"]);
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
$(document).ready(function(){
$('#footer').load("/assets/html/footer.html");
});
}
</script>
<?php
$role=$_SESSION["role"];
$userid=$_SESSION["id"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<?php
//delete reservations that are not valid anymore.
date_default_timezone_set('Europe/Zurich');
$yesterday = new DateTime('yesterday');
$formattedYesterday = $yesterday->format('Y-m-d');
$sql = "DELETE FROM reservations WHERE day <= ?";
$stmt = $link->prepare($sql);
if ($stmt) {
$stmt->bind_param("s", $formattedYesterday);
$stmt->execute();
$stmt->close();
}
if(isset($_POST["res"])){
$time_from=htmlspecialchars($_POST["time_from"]);
$time_to=htmlspecialchars($_POST["time_to"]);
$day=htmlspecialchars($_POST["date"]);
$sql="INSERT INTO reservations (time_from,time_to,day,set_by_userid) VALUES (?, ?, ?, ?);";
$stmt = $link->prepare($sql);
$stmt->bind_param("sssi",$time_from, $time_to, $day,$userid);
$stmt->execute();
}
if(isset($_GET["del"])){
$id=htmlspecialchars($_GET["del"]);
$sql="delete from reservations where id=$id";
$stmt = $link->prepare($sql);
$stmt->execute();
}
?>
<?php echo(" <body style='background-color:$color'> ");?>
<div id="content"></div>
<head>
<title>Drucker Reservationen</title>
</head>
<body>
<div class="center-container" style="min-height: 95vh;">
<div class="container">
<div class="container mt-5 text-center">
<!-- Add reservation -->
<h4>Reservation hinzufügen</h4>
<form action="reservations.php?set_reservation" method="post">
<input type="text" placeholder="von (z.B. 14:00)" name="time_from">
<input type="text" placeholder="Bis (z.B. 15:00)" name="time_to">
<input type="date" name="date">
<button type="submit" value="res" name ="res" class="btn btn-primary">Reservieren</button>
</form>
<br><br>
<!-- List reservations -->
<h4>Reservationen (Alte Reservationen werden automatisch gelöscht)</h4>
<?php
$sql="select * from reservations order by id desc;";
$stmt = $link->prepare($sql);
$stmt->execute();
$result = $stmt->get_result();
echo("<table class='table'>");
echo("<tr><th>Zeit von</th><th>Zeit bis</th><th>Datum</th><th>Reservation löschen</th></tr>");
while($row = $result->fetch_assoc()) {
echo("<tr><td>".$row["time_from"]."</td><td>".$row["time_to"]."</td><td>".$row["day"]."</td><td><a href='reservations.php?del=".$row["id"]."'>Löschen</a></td><tr>");
}
echo("</table>");
?>
</div>
</div>
</div>
<div id="footer"></div>
</body>
</html>

65
sys0-code/app/view_apikey.php Normal file
View File

@@ -0,0 +1,65 @@
<!DOCTYPE html>
<html>
<?php
// Initialize the session
session_start();
include "../config/config.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][7]!=="1"){
header("location: /login/login.php");
exit;
}
$username=htmlspecialchars($_SESSION["username"]);
$id=$_SESSION["id"];
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
}
</script>
<?php
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<?php echo(" <body style='background-color:$color'> ");?>
<div id="content"></div>
<head>
<title>Api viewer</title>
</head>
<body>
<div class="container m-5" style="height: 95vh;">
<div class="row justify-content-center">
<div class="col-md-6">
<h1>Dein system0 APIkey:</h1>
<?php
$apikey_fromdb="";
$sql="select apikey from api where id=1";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $apikey_fromdb);
mysqli_stmt_fetch($stmt);
echo("<b>".$apikey_fromdb."</b>");
echo("<br><br>Behandle diesen Schlüssel wie ein Passwort.<br>Es ist wichtig, dass niemand diesen Schlüssel erfährt!");
?>
</div>
</div>
</div>
<div id="footer"></div>
</body>
</html>

142
sys0-code/app/view_log.php Normal file
View File

@@ -0,0 +1,142 @@
<!DOCTYPE html>
<html>
<?php
// Initialize the session
session_start();
include "../config/config.php";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true || $_SESSION["role"][6]!=="1"){
header("location: /login/login.php");
exit;
}
$username=htmlspecialchars($_SESSION["username"]);
$id=$_SESSION["id"];
?>
<script src="/assets/js/load_page.js"></script>
<script>
function load_user()
{
$(document).ready(function(){
$('#content').load("/assets/php/user_page.php");
});
}
</script>
<?php
$role=$_SESSION["role"];
echo "<script type='text/javascript' >load_user()</script>";
?>
<?php
$color=$_SESSION["color"];
include "../assets/components.php";
?>
<?php echo(" <body style='background-color:$color'> ");?>
<div id="content"></div>
<head>
<title>Log viewer</title>
</head>
<body>
<div class="container m-3">
<div class="row justify-content-center">
<div class="col-md-auto">
<h1>Alle Einträge</h1>
<div class="overflow-auto">
<table class="table">
<thead>
<tr>
<th>Datum & Zeit</th>
<th>IP Adresse</th>
<th>Typ</th>
<th>Benutzername</th>
<th>Info</th>
</tr>
<form method="GET" action="?search=true">
<tr>
<td>---</td>
<td>---</td>
<td>
<select class="form-select" name="type_">
<option type_="All_types">All_types</option>
<option type_="PRINT::UPLOAD::PRINTER">PRINT::UPLOAD::PRINTER</option>
<option type_="PRINT:JOB:START:FAILED">PRINT:JOB:START:FAILED</option>
<option type_="PRINT::UPLOAD::QUEUE">PRINT::UPLOAD::QUEUE</option>
<option type_="PRINT::UPLOAD::FILE::FAILED">PRINT::UPLOAD::FILE::FAILED</option>
<option type_="JOB_INFO::PRINTERCTRL::FREE">JOB::PRINTERCTRL::FREE</option>
<option type_="JOB_INFO::QUEUECTRL::REMOVE">JOB::QUEUECTRL::REMOVE</option>
<option type_="JOB::PRINTERCTRL::CANCEL::FAILED">JOB::PRINTERCTRL::CANCEL::FAILED</option>
<option type_="JOB::PRINTERCTRL::CANCEL">JOB::PRINTERCTRL::CANCEL</option>
</select>
</td>
<td>
<?php //insert all the usernames
$cnt=0;
$sql="SELECT COUNT(*) FROM users";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $cnt);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
echo('<select class="form-select" id="username" name="username">');
echo('<option username="All_usernames">All_usernames</option>');
//now get those users
$cnt2=1;
$id=0;
$last_id=0;
while($cnt2!==$cnt+1)
{
$sql = "SELECT id, username FROM users WHERE id > $last_id ORDER BY id;";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $id,$username);
mysqli_stmt_fetch($stmt);
$last_id=$id;
echo('<option username="'.$username.'">'.$username.'</option>');
mysqli_stmt_close($stmt);
$cnt2++;
}
?>
</td><!-- username -->
<td><button type="submit" class="btn btn-primary">Apply filter</button>
</tr></form>
<?php
$fp=fopen("../log/sys0.log","r");
while(!feof($fp))
{
$content=fgets($fp);
$data=explode(";",$content);
if(!feof($fp))
{
if($data[2]==$_GET["type_"] or $_GET["type_"]=="All_types" or !isset($_GET["type_"]))
{
if($data[3]==$_GET["username"] or $_GET["username"]=="All_usernames" or !isset($_GET["username"]))
echo("<tr><td>".$data[0]."</td><td>".$data[1]."</td><td>".$data[2]."</td><td>".$data[3]."</td><td>".$data[4]."</td></tr>");
}
}
}
fclose($fp);
?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div id="footer"></div>
</body>
</html>

26
sys0-code/app/webcam.php Normal file
View File

@@ -0,0 +1,26 @@
<!DOCTYPE html>
<html>
<?php
$username=htmlspecialchars($_GET["username"]);
$printer_url=$_GET["url"];
$rotation=$_GET["rotation"];
?>
<head>
<title>Webcam</title>
</head>
<body>
<?php
$path = "/var/www/html/user_files/$username/$printer_url.jpeg";
unlink($path);
exec("wget --quiet \"http://$printer_url/webcam/?action=snapshot\" -O $path");
echo("<img style='transform: rotate(".$rotation."deg);' loading='lazy' width='100%' src='/user_files/$username/$printer_url.jpeg'>");
?>
<script>
setInterval(function() {
location.reload();
}, 5000);
</script>
</body>
</html>