diff --git a/index.php b/index.php index 147ba6f..4b72012 100644 --- a/index.php +++ b/index.php @@ -8,102 +8,168 @@ define('DATA_FILE', __DIR__ . DIRECTORY_SEPARATOR . 'data.php'); if (file_exists(CONFIG_FILE)) require_once CONFIG_FILE; if (!isset($config)) $config = []; +$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null; + +$hasSupplier = isset($_REQUEST['supplier']) and !empty($_REQUEST['supplier']); $supplier = $_REQUEST['supplier']; -if (!isset($config[$supplier])) - $config[$supplier] = []; +if ($hasSupplier) { + + if (!isset($config[$supplier])) + $config[$supplier] = []; -$config[$supplier] = array_merge( - [ - 'title' => '%supplier% %event%', - 'description' => '', - 'choices' => [], - 'start' => 'now 00:00:00', - 'end' => '+1 year', - 'frequency' => '1 day', + $config[$supplier] = array_merge( + [ + 'title' => '%supplier% %event%', + 'description' => '', + 'choices' => [], + 'start' => 'now 00:00:00', + 'frequency' => '1 day', + 'password' => '', - ], - $config[$supplier] -); + ], + $config[$supplier] + ); -$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null; + $hasPassword = !empty($config[$supplier]['password']); -$hasEvent = isset($_REQUEST['event']); -if (!$hasEvent) { - $now = new \DateTime('now'); - $current = new \DateTime($config[$supplier]['start']); - $frequency = \DateInterval::createFromDateString($config[$supplier]['frequency']); - $maxIterations = 1000; - while ( - ($current->getTimestamp() < $now->getTimestamp()) - and ($maxIterations-- > 0) - ) $current->add($frequency); - $nextEvent = $current->format('Y-m-d'); - header(sprintf('Location: %s?supplier=%s&event=%s', $requestUrl, $supplier, $nextEvent)); - die(); -} + if ($action === 'config') { + if ($hasPassword) { + if (!isset($_SERVER['PHP_AUTH_USER'])) { + header(sprintf('WWW-Authenticate: Basic realm="mon-panier-bio config %s"', $supplier)); + header('HTTP/1.0 401 Unauthorized'); + printf('Cette config est protégée par mot de passe !'); + exit; + } elseif ( + ($_SERVER['PHP_AUTH_USER'] !== $supplier) + or ($_SERVER['PHP_AUTH_PW'] !== $config[$supplier]['password']) + ) { + header('HTTP/1.0 403 Forbidden'); + printf('Cette config est protégée par mot de passe !'); + exit; + } + } -$event = $_REQUEST['event']; - -switch ($action) { -case 'insert' : -case 'delete' : - $isBeginning = (!file_exists(DATA_FILE) or in_array(filesize(DATA_FILE), [ false, 0 ])); - $output = fopen(DATA_FILE, 'a+'); - if (!$output) break; - if (!flock($output, LOCK_EX)) break; - if ($isBeginning) - fwrite($output, ' $prevItem) - if ($prevItem['hash'] === $item['hash']) - unset($items[$index]); + $config[$supplier]['choices'] = array_map('trim', $config[$supplier]['choices']); +} + +$isConfig = false; +if ($action === 'config') { + $output = fopen(CONFIG_FILE, 'w+'); + if ($output) { + if (flock($output, LOCK_EX)) { + fwrite($output, 'getTimestamp() < $now->getTimestamp()) + and ($maxIterations-- > 0) + ) $current->add($frequency); + $nextEvent = $current->format('Y-m-d'); + header(sprintf('Location: %s?supplier=%s&event=%s', $requestUrl, $supplier, $nextEvent)); + die(); + } + + $event = $_REQUEST['event']; + + switch ($action) { + case 'insert' : + case 'delete' : + $isBeginning = (!file_exists(DATA_FILE) or in_array(filesize(DATA_FILE), [ false, 0 ])); + $output = fopen(DATA_FILE, 'a+'); + if (!$output) break; + if (!flock($output, LOCK_EX)) break; + if ($isBeginning) + fwrite($output, ' $prevItem) + if ($prevItem['hash'] === $item['hash']) + unset($items[$index]); + } + } + + while (preg_match('/%([^%]+)%/i', $config[$supplier]['title'], $match)) + $config[$supplier]['title'] = str_replace( + $match[0], + ${$match[1]}, + $config[$supplier]['title'] + ); +} ?> @@ -113,44 +179,82 @@ while (preg_match('/%([^%]+)%/i', $config[$supplier]['title'], $match)) <?php echo strip_tags($config[$supplier]['title']); ?> -

- -

- - + + config +

+ +

+ + + +