From 6a8d4f817d2e9ecda61183142c71b44e83d15eb3 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 19 Apr 2017 11:24:58 +0200
Subject: [inc/Database] Support expanding nested arrays

In parametrized queries, you can now pass an array as an
argument. This will result in the arguments being expanded
to :a1,:a2,:a3 which is suitable for "IN (:slist)"
constructs.
---
 inc/database.inc.php | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

(limited to 'inc')

diff --git a/inc/database.inc.php b/inc/database.inc.php
index ff98f5ee..f3a90fe7 100644
--- a/inc/database.inc.php
+++ b/inc/database.inc.php
@@ -100,6 +100,8 @@ class Database
 	public static function simpleQuery($query, $args = array(), $ignoreError = false)
 	{
 		self::init();
+		// Support passing nested arrays for IN statements, automagically refactor
+		self::handleArrayArgument($query, $args);
 		try {
 			if (!isset(self::$statements[$query])) {
 				self::$statements[$query] = self::$dbh->prepare($query);
@@ -122,6 +124,46 @@ class Database
 		return false;
 	}
 
+	/**
+	 * Convert nested array argument to multiple arguments.
+	 * If you have:
+	 * $query = 'SELECT * FROM tbl WHERE bcol = :bool AND col IN (:list)
+	 * $args = ( 'bool' => 1, 'list' => ('foo', 'bar') )
+	 * it results in:
+	 * $query = '...WHERE bcol = :bool AND col IN (:list_0, :list_1)
+	 * $args = ( 'bool' => 1, 'list_0' => 'foo', 'list_1' => 'bar' )
+	 *
+	 * @param string $query sql query string
+	 * @param array $args query arguments
+	 */
+	private static function handleArrayArgument(&$query, &$args)
+	{
+		foreach (array_keys($args) as $key) {
+			if (is_numeric($key) || $key === '?')
+				continue;
+			if (is_array($args[$key])) {
+				if (empty($args[$key])) {
+					// Empty list - what to do? We try to generate a query string that will not yield any result
+					$args[$key] = 'asdf' . mt_rand(0,PHP_INT_MAX) . mt_rand(0,PHP_INT_MAX)
+							. mt_rand(0,PHP_INT_MAX) . '@' . microtime(true);
+					continue;
+				}
+				$newkey = $key;
+				if ($newkey{0} !== ':') {
+					$newkey = ":$newkey";
+				}
+				$new = array();
+				foreach ($args[$key] as $subIndex => $sub) {
+					$new[] = $newkey . '_' . $subIndex;
+					$args[$newkey . '_' . $subIndex] = $sub;
+				}
+				unset($args[$key]);
+				$new = implode(',', $new);
+				$query = preg_replace('/' . $newkey . '\b/', $new, $query);
+			}
+		}
+	}
+
 	/**
 	 * Simply calls PDO::prepare and returns the PDOStatement.
 	 * You must call PDOStatement::execute manually on it.
-- 
cgit v1.2.3-55-g7522


From ede3dc1d10f0ab1b901734a76c4c2cbccc2b202f Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 19 Apr 2017 23:49:27 +0200
Subject: [inc/Dictionary] Add $returnTagOnMissing to :translateFile()

---
 inc/dictionary.inc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'inc')

diff --git a/inc/dictionary.inc.php b/inc/dictionary.inc.php
index 634b1c3c..ca2811ff 100644
--- a/inc/dictionary.inc.php
+++ b/inc/dictionary.inc.php
@@ -81,11 +81,11 @@ class Dictionary
 		return $strings[$tag];
 	}
 	
-	public static function translateFile($path, $tag)
+	public static function translateFile($path, $tag, $returnTagOnMissing = false)
 	{
 		if (!class_exists('Page') || Page::getModule() === false)
 			return false; // We have no page - return false for now, as we're most likely running in api or install mode
-		return self::translateFileModule(Page::getModule()->getIdentifier(), $path, $tag);
+		return self::translateFileModule(Page::getModule()->getIdentifier(), $path, $tag, $returnTagOnMissing);
 	}
 
 	public static function translate($tag, $returnTagOnMissing = false)
-- 
cgit v1.2.3-55-g7522


From b68ef6e73547be686355e4c26037206c97162d51 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 24 Apr 2017 15:46:01 +0200
Subject: [inc/Database] Add ::queryAll()

---
 inc/database.inc.php | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'inc')

diff --git a/inc/database.inc.php b/inc/database.inc.php
index f3a90fe7..9153c688 100644
--- a/inc/database.inc.php
+++ b/inc/database.inc.php
@@ -53,6 +53,20 @@ class Database
 		return $res->fetch(PDO::FETCH_ASSOC);
 	}
 
+	/**
+	 * If you need all rows for a query as plain array you can use this.
+	 * Don't use this if you want to do further processing of the data, to save some
+	 * memory.
+	 *
+	 * @return array|bool List of associative arrays representing rows, or false on error
+	 */
+	public static function queryAll($query, $args = array(), $ignoreError = false)
+	{
+		$res = self::simpleQuery($query, $args, $ignoreError);
+		if ($res === false)
+			return false;
+		return $res->fetchAll(PDO::FETCH_ASSOC);
+	}
 
 	/**
 	 * Execute the given query and return the number of rows affected.
-- 
cgit v1.2.3-55-g7522


From f7900fa08276d2668221a1b4ce7462d68e6f2893 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 5 May 2017 13:04:19 +0200
Subject: [webinterface] Log user out when disabling HTTPS to prevent lockout

---
 inc/session.inc.php                         |  9 +++++++--
 index.php                                   |  2 +-
 modules-available/webinterface/page.inc.php | 14 ++++++++------
 3 files changed, 16 insertions(+), 9 deletions(-)

(limited to 'inc')

diff --git a/inc/session.inc.php b/inc/session.inc.php
index 26effa3f..24bf6ac0 100644
--- a/inc/session.inc.php
+++ b/inc/session.inc.php
@@ -74,10 +74,15 @@ class Session
 	{
 		if (self::$sid === false) return;
 		@unlink(self::getSessionFile());
-		@setcookie('sid', '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+		self::deleteCookie();
 		self::$sid = false;
 		self::$data = false;
 	}
+
+	public static function deleteCookie()
+	{
+		setcookie('sid', '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+	}
 	
 	private static function getSessionFile()
 	{
@@ -104,7 +109,7 @@ class Session
 		$sessionfile = self::getSessionFile();
 		$ret = @file_put_contents($sessionfile, @serialize(self::$data));
 		if (!$ret) Util::traceError('Storing session data  in ' . $sessionfile . ' failed.');
-		$ret = @setcookie('sid', self::$sid, time() + CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+		$ret = setcookie('sid', self::$sid, time() + CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
 		if (!$ret) Util::traceError('Error: Could not set Cookie for Client (headers already sent)');
 	}
 }
diff --git a/index.php b/index.php
index 7cbb3b40..a3f45ff3 100644
--- a/index.php
+++ b/index.php
@@ -116,7 +116,7 @@ if (defined('CONFIG_DEBUG') && CONFIG_DEBUG) {
 
 // Set HSTS Header if client is using HTTPS
 if(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
-	if (Request::any('hsts') === 'off' || Property::get('webinterface.https-hsts', 'False') !== 'True') {
+	if (Property::get('webinterface.https-hsts', 'False') !== 'True') {
 		Header('Strict-Transport-Security: max-age=0', true);
 	} else {
 		Header('Strict-Transport-Security: max-age=15768000', true);
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
index 5207420a..ae9a94fd 100644
--- a/modules-available/webinterface/page.inc.php
+++ b/modules-available/webinterface/page.inc.php
@@ -26,12 +26,10 @@ class Page_WebInterface extends Page
 
 	private function actionConfigureHttps()
 	{
-		$task = false;
-		$off = '';
-		switch (Request::post('mode')) {
+		$mode = Request::post('mode');
+		switch ($mode) {
 			case 'off':
 				$task = $this->setHttpsOff();
-				$off = '&hsts=off';
 				break;
 			case 'random':
 				$task = $this->setHttpsRandomCert();
@@ -43,10 +41,12 @@ class Page_WebInterface extends Page
 				$task = $this->setRedirectMode();
 				break;
 		}
-		Property::set(self::PROP_HSTS, Request::post('usehsts', false, 'string') === 'on' ? 'True' : 'False');
+		if ($mode !== 'off') {
+			Property::set(self::PROP_HSTS, Request::post('usehsts', false, 'string') === 'on' ? 'True' : 'False');
+		}
 		if (isset($task['id'])) {
 			Session::set('https-id', $task['id']);
-			Util::redirect('?do=WebInterface&show=httpsupdate' . $off);
+			Util::redirect('?do=WebInterface&show=httpsupdate');
 		}
 		Util::redirect('?do=WebInterface');
 	}
@@ -123,7 +123,9 @@ class Page_WebInterface extends Page
 	private function setHttpsOff()
 	{
 		Property::set(self::PROP_TYPE, 'off');
+		Property::set(self::PROP_HSTS, 'off');
 		Header('Strict-Transport-Security: max-age=0', true);
+		Session::deleteCookie();
 		return Taskmanager::submit('LighttpdHttps', array());
 	}
 
-- 
cgit v1.2.3-55-g7522


From 16dc9cfeea4bc060982f0b364ddaac98095ef654 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 9 May 2017 14:30:30 +0200
Subject: [webinterface] Allow customizing page title prefix and logo bgcolor

---
 inc/render.inc.php                                 | 19 +++++++++++++-
 modules-available/main/templates/main-menu.html    |  1 +
 modules-available/webinterface/page.inc.php        | 30 ++++++++++++++++++++++
 .../webinterface/templates/customization.html      | 30 ++++++++++++++++++++++
 4 files changed, 79 insertions(+), 1 deletion(-)
 create mode 100644 modules-available/webinterface/templates/customization.html

(limited to 'inc')

diff --git a/inc/render.inc.php b/inc/render.inc.php
index 5515c659..c34c285a 100644
--- a/inc/render.inc.php
+++ b/inc/render.inc.php
@@ -40,6 +40,11 @@ class Render
 		self::$mustache = new Mustache_Engine($options);
 	}
 
+	private static function cssEsc($str)
+	{
+		return str_replace(array('"', '&', '<', '>'), array('\\000022', '\\000026', '\\00003c', '\\00003e'), $str);
+	}
+
 	/**
 	 * Output the buffered, generated page
 	 */
@@ -47,12 +52,24 @@ class Render
 	{
 		Header('Content-Type: text/html; charset=utf-8');
 		$modules = array_reverse(Module::getActivated());
+		$title = Property::get('page-title-prefix', '');
+		$bgcolor = Property::get('logo-background', '');
+		if (!empty($bgcolor) || !empty($title)) {
+			self::$header .= '<style type="text/css">' . "\n";
+			if (!empty($bgcolor)) {
+				self::$header .= ".navbar-header { background-color: $bgcolor; }";
+			}
+			if (!empty($title)) {
+				self::$header .= '#navbar-sub:after { content: "' . self::cssEsc($title) . '";margin:0 }';
+			}
+			self::$header .= "\n</style>";
+		}
 		ob_start('ob_gzhandler');
 		echo
 		'<!DOCTYPE html>
 	<html>
 		<head>
-			<title>', self::$title, RENDER_DEFAULT_TITLE, '</title>
+			<title>', $title, self::$title, RENDER_DEFAULT_TITLE, '</title>
 			<meta charset="utf-8"> 
 			<meta http-equiv="X-UA-Compatible" content="IE=edge">
 			<meta name="viewport" content="width=device-width, initial-scale=1.0">
diff --git a/modules-available/main/templates/main-menu.html b/modules-available/main/templates/main-menu.html
index 2ede4f87..55b19833 100644
--- a/modules-available/main/templates/main-menu.html
+++ b/modules-available/main/templates/main-menu.html
@@ -20,6 +20,7 @@
 				<span class="icon-bar"></span>
 			</button>
 			<a class="navbar-brand" href="?do=Main">OpenSLX</a>
+			<div id="navbar-sub" class="gray small"></div>
 		</div>
 		<!-- Collect the nav links, forms, and other content for toggling -->
 		<div class="collapse navbar-collapse" id="bs-sidebar-navbar-collapse-1">
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
index ae9a94fd..e5a25834 100644
--- a/modules-available/webinterface/page.inc.php
+++ b/modules-available/webinterface/page.inc.php
@@ -21,6 +21,9 @@ class Page_WebInterface extends Page
 			case 'password':
 				$this->actionShowHidePassword();
 				break;
+			case 'customization':
+				$this->actionCustomization();
+				break;
 		}
 	}
 
@@ -57,6 +60,17 @@ class Page_WebInterface extends Page
 		Util::redirect('?do=WebInterface');
 	}
 
+	private function actionCustomization()
+	{
+		$prefix = Request::post('prefix', '', 'string');
+		if (!empty($prefix) && !preg_match('/[\]\)\}\-_\s\&\$\!\/\+\*\^\>]$/', $prefix)) {
+			$prefix .= ' ';
+		}
+		Property::set('page-title-prefix', $prefix);
+		Property::set('logo-background', Request::post('bgcolor', '', 'string'));
+		Util::redirect('?do=WebInterface');
+	}
+
 	protected function doRender()
 	{
 		//
@@ -118,6 +132,22 @@ class Page_WebInterface extends Page
 		else
 			$data['selected_hide'] = 'checked';
 		Render::addTemplate('passwords', $data);
+		$data = array('prefix' => Property::get('page-title-prefix'));
+		$data['colors'] = array_map(function ($i) { return array('color' => $i); },
+			array('', 'red', 'green', 'blue', 'black', 'white', 'orange', 'gray', 'lime', 'magenta', 'yellow'));
+		$color = Property::get('logo-background');
+		foreach ($data['colors'] as &$c) {
+			if ($c['color'] === $color) {
+				$c['selected'] = 'selected';
+				$color = false;
+				break;
+			}
+		}
+		unset($c);
+		if ($color) {
+			$data['colors'][] = array('color' => $color, 'selected' => 'selected');
+		}
+		Render::addTemplate('customization', $data);
 	}
 
 	private function setHttpsOff()
diff --git a/modules-available/webinterface/templates/customization.html b/modules-available/webinterface/templates/customization.html
new file mode 100644
index 00000000..447404a6
--- /dev/null
+++ b/modules-available/webinterface/templates/customization.html
@@ -0,0 +1,30 @@
+<form action="?do=WebInterface" method="post">
+	<input type="hidden" name="token" value="{{token}}">
+	<input type="hidden" name="action" value="customization">
+	<div class="panel panel-default">
+		<div class="panel-heading">{{lang_customization}}</div>
+		<div class="panel-body">
+			<p>{{lang_customizationDesc}}</p>
+			<div>
+				<label>
+					{{lang_pageTitlePrefix}}
+					<input type="text" class="form-control" name="prefix" value="{{prefix}}">
+				</label>
+
+			</div>
+			<div>
+				<label>
+					{{lang_logoBackground}}
+					<select class="form-control" name="bgcolor">
+						{{#colors}}
+							<option style="color:{{color}}" {{selected}}>{{color}}</option>
+						{{/colors}}
+					</select>
+				</label>
+			</div>
+			<div class="pull-right">
+				<button type="submit" class="btn btn-primary">{{lang_save}}</button>
+			</div>
+		</div>
+	</div>
+</form>
-- 
cgit v1.2.3-55-g7522


From e7fb2eafc44d0b5eab79b13432d3e7c4227fd83e Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 10 May 2017 11:03:40 +0200
Subject: [weninterface] Improve color list a bit

---
 inc/render.inc.php                                 | 23 ++++++++++++++++++++--
 modules-available/webinterface/page.inc.php        |  4 ++--
 .../webinterface/templates/customization.html      |  2 +-
 3 files changed, 24 insertions(+), 5 deletions(-)

(limited to 'inc')

diff --git a/inc/render.inc.php b/inc/render.inc.php
index c34c285a..72993ab5 100644
--- a/inc/render.inc.php
+++ b/inc/render.inc.php
@@ -57,10 +57,11 @@ class Render
 		if (!empty($bgcolor) || !empty($title)) {
 			self::$header .= '<style type="text/css">' . "\n";
 			if (!empty($bgcolor)) {
-				self::$header .= ".navbar-header { background-color: $bgcolor; }";
+				$fgcolor = self::readableColor($bgcolor);
+				self::$header .= ".navbar-header{background-color:$bgcolor}a.navbar-brand{color:$fgcolor!important}";
 			}
 			if (!empty($title)) {
-				self::$header .= '#navbar-sub:after { content: "' . self::cssEsc($title) . '";margin:0 }';
+				self::$header .= '#navbar-sub:after{content:"' . self::cssEsc($title) . '";margin:0}';
 			}
 			self::$header .= "\n</style>";
 		}
@@ -302,4 +303,22 @@ class Render
 		self::$dashboard = $params;
 	}
 
+	public static function readableColor($hex) {
+		if (strlen($hex) <= 4) {
+			$cnt = 1;
+		} else {
+			$cnt = 2;
+		}
+		if (preg_match('/^#?([a-f0-9]{'.$cnt.'})([a-f0-9]{'.$cnt.'})([a-f0-9]{'.$cnt.'})$/i', $hex, $out) != 1)
+			return '#000';
+		$chans = array();
+		$f = ($cnt === 1 ? 17 : 1);
+		for ($i = 1; $i <= 3; ++$i) {
+			$out[$i] = (hexdec($out[$i]) * $f);
+			$chans[] = $out[$i] ^ 0x80;
+		}
+		$b = (255 - (0.299 * $out[1] + 0.587 * $out[2] + 0.114 * $out[3])) * 2;
+		return sprintf("#%02x%02x%02x", ($chans[0] + $b) / 3, ($chans[1] + $b) / 3, ($chans[2] + $b) / 3);
+	}
+
 }
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
index e5a25834..e576807e 100644
--- a/modules-available/webinterface/page.inc.php
+++ b/modules-available/webinterface/page.inc.php
@@ -133,8 +133,8 @@ class Page_WebInterface extends Page
 			$data['selected_hide'] = 'checked';
 		Render::addTemplate('passwords', $data);
 		$data = array('prefix' => Property::get('page-title-prefix'));
-		$data['colors'] = array_map(function ($i) { return array('color' => $i); },
-			array('', 'red', 'green', 'blue', 'black', 'white', 'orange', 'gray', 'lime', 'magenta', 'yellow'));
+		$data['colors'] = array_map(function ($i) { return array('color' => $i ? '#' . $i : '', 'text' => Render::readableColor($i)); },
+			array('', 'f00', '0f0', '00f', 'ff0', 'f0f', '0ff', 'fff', '000', 'f90', '09f', '90f', 'f09', '9f0'));
 		$color = Property::get('logo-background');
 		foreach ($data['colors'] as &$c) {
 			if ($c['color'] === $color) {
diff --git a/modules-available/webinterface/templates/customization.html b/modules-available/webinterface/templates/customization.html
index 447404a6..7949f95b 100644
--- a/modules-available/webinterface/templates/customization.html
+++ b/modules-available/webinterface/templates/customization.html
@@ -17,7 +17,7 @@
 					{{lang_logoBackground}}
 					<select class="form-control" name="bgcolor">
 						{{#colors}}
-							<option style="color:{{color}}" {{selected}}>{{color}}</option>
+							<option style="color:{{text}};background:{{color}}" {{selected}}>{{color}}</option>
 						{{/colors}}
 					</select>
 				</label>
-- 
cgit v1.2.3-55-g7522


From c0878dbf4b226a097f6681e443159cccd16e07fe Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 10 May 2017 17:34:18 +0200
Subject: [inc/Database] Add slow query debugging output

---
 inc/database.inc.php | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

(limited to 'inc')

diff --git a/inc/database.inc.php b/inc/database.inc.php
index 9153c688..7adcf867 100644
--- a/inc/database.inc.php
+++ b/inc/database.inc.php
@@ -114,6 +114,9 @@ class Database
 	public static function simpleQuery($query, $args = array(), $ignoreError = false)
 	{
 		self::init();
+		if (CONFIG_DEBUG && preg_match('/^\s*SELECT/is', $query)) {
+			self::explainQuery($query, $args, $ignoreError);
+		}
 		// Support passing nested arrays for IN statements, automagically refactor
 		self::handleArrayArgument($query, $args);
 		try {
@@ -138,6 +141,51 @@ class Database
 		return false;
 	}
 
+	private static function explainQuery($query, $args, $ignoreError)
+	{
+		$res = self::simpleQuery('EXPLAIN ' . $query, $args, true);
+		if ($res === false)
+			return;
+		$rows = $res->fetchAll(PDO::FETCH_ASSOC);
+		if (empty($rows))
+			return;
+		$log = false;
+		$lens = array();
+		foreach (array_keys($rows[0]) as $key) {
+			$lens[$key] = strlen($key);
+		}
+		foreach ($rows as $row) {
+			if (!$log && preg_match('/filesort|temporary/i', $row['Extra'])) {
+				$log = true;
+			}
+			foreach ($row as $key => $col) {
+				$l = strlen($col);
+				if ($l > $lens[$key]) {
+					$lens[$key] = $l;
+				}
+			}
+		}
+		if (!$log)
+			return;
+		error_log('Possible slow query: ' . $query);
+		$border = $head = '';
+		foreach ($lens as $key => $len) {
+			$border .= '+' . str_repeat('-', $len + 2);
+			$head .= '| ' . str_pad($key, $len) . ' ';
+		}
+		$border .= '+';
+		$head .= '|';
+		error_log("\n" . $border . "\n" . $head . "\n" . $border);
+		foreach ($rows as $row) {
+			$line = '';
+			foreach ($lens as $key => $len) {
+				$line .= '| '. str_pad($row[$key], $len) . ' ';
+			}
+			error_log($line . "|");
+		}
+		error_log($border);
+	}
+
 	/**
 	 * Convert nested array argument to multiple arguments.
 	 * If you have:
-- 
cgit v1.2.3-55-g7522


From 47657731433248410e681640b2a53c0783651134 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 10 May 2017 17:36:05 +0200
Subject: Add support to declare multiple css/js per module with loading
 condition:

A css/js can be declared to only load if the module in question is the
page module being rendered, or to always be loaded even if the module
is just a dependency. The second case is useful for plugin type
modules. See one of the config.json files updated in this commit on
how to specify css/js to load. true = always load, false = only if page
module.
---
 inc/module.inc.php                                 | 39 ++++++++++++++++++++--
 inc/render.inc.php                                 | 14 ++++----
 modules-available/bootstrap_datepicker/config.json |  8 ++++-
 modules-available/bootstrap_dialog/config.json     |  8 ++++-
 .../bootstrap_multiselect/config.json              |  8 ++++-
 modules-available/bootstrap_switch/config.json     |  9 ++++-
 modules-available/bootstrap_timepicker/config.json |  8 ++++-
 modules-available/js_chart/config.json             |  9 ++++-
 modules-available/js_circles/config.json           |  9 ++++-
 modules-available/js_jqueryui/config.json          |  8 ++++-
 modules-available/js_moment/config.json            |  8 ++++-
 modules-available/js_selectize/config.json         |  8 ++++-
 modules-available/js_stupidtable/config.json       |  9 ++++-
 modules-available/js_vis/config.json               |  8 ++++-
 14 files changed, 133 insertions(+), 20 deletions(-)

(limited to 'inc')

diff --git a/inc/module.inc.php b/inc/module.inc.php
index 597cfb57..52646983 100644
--- a/inc/module.inc.php
+++ b/inc/module.inc.php
@@ -142,13 +142,23 @@ class Module
 	private $activated = false;
 	private $dependencies = array();
 	private $name;
+	/**
+	 * @var array assoc list of 'filename.css' => true|false (true = always load, false = only if module is main module)
+	 */
+	private $css = array();
+	/**
+	 * @var array assoc list of 'filename.js' => true|false (true = always load, false = only if module is main module)
+	 */
+	private $scripts = array();
 
 	private function __construct($name)
 	{
 		$file = 'modules/' . $name . '/config.json';
 		$json = @json_decode(@file_get_contents($file), true);
-		if (isset($json['dependencies']) && is_array($json['dependencies'])) {
-			$this->dependencies = $json['dependencies'];
+		foreach (['dependencies', 'css', 'scripts'] as $key) {
+			if (isset($json[$key]) && is_array($json[$key])) {
+				$this->$key = $json[$key];
+			}
 		}
 		if (isset($json['category']) && is_string($json['category'])) {
 			$this->category = $json['category'];
@@ -251,4 +261,29 @@ class Module
 		return 'modules/' . $this->name;
 	}
 
+	public function getScripts($externalOnly)
+	{
+		error_log($this->getIdentifier() . ' = ' . ($externalOnly ? 'true' : 'false'));
+		if (!$externalOnly) {
+			if (!isset($this->scripts['clientscript.js']) && file_exists($this->getDir() . '/clientscript.js')) {
+				$this->scripts['clientscript.js'] = false;
+			}
+			return array_keys($this->scripts);
+		}
+		error_log('Pre: ' . implode(', ', array_keys($this->scripts)));
+		error_log('Post: ' . implode(', ', array_keys(array_filter($this->scripts))));
+		return array_keys(array_filter($this->scripts));
+	}
+
+	public function getCss($externalOnly)
+	{
+		if (!$externalOnly) {
+			if (!isset($this->css['style.css']) && file_exists($this->getDir() . '/style.css')) {
+				$this->css['style.css'] = false;
+			}
+			return array_keys($this->css);
+		}
+		return array_keys(array_filter($this->css));
+	}
+
 }
diff --git a/inc/render.inc.php b/inc/render.inc.php
index 72993ab5..53e2f314 100644
--- a/inc/render.inc.php
+++ b/inc/render.inc.php
@@ -51,7 +51,9 @@ class Render
 	public static function output()
 	{
 		Header('Content-Type: text/html; charset=utf-8');
+		/* @var $modules Module[] */
 		$modules = array_reverse(Module::getActivated());
+		$pageModule = Page::getModule();
 		$title = Property::get('page-title-prefix', '');
 		$bgcolor = Property::get('logo-background', '');
 		if (!empty($bgcolor) || !empty($title)) {
@@ -79,9 +81,9 @@ class Render
 	';
 		// Include any module specific styles
 		foreach ($modules as $module) {
-			$file = $module->getDir() . '/style.css';
-			if (file_exists($file)) {
-				echo '<link href="', $file, '" rel="stylesheet" media="screen">';
+			$files = $module->getCss($module != $pageModule);
+			foreach ($files as $file) {
+				echo '<link href="', $module->getDir(), '/', $file, '" rel="stylesheet" media="screen">';
 			}
 		}
 		echo '	
@@ -109,9 +111,9 @@ class Render
 		<script src="script/collapse.js"></script>
 	';
 		foreach ($modules as $module) {
-			$file = $module->getDir() . '/clientscript.js';
-			if (file_exists($file)) {
-				echo '<script src="', $file, '"></script>';
+			$files = $module->getScripts($module != $pageModule);
+			foreach ($files as $file) {
+				echo '<script src="', $module->getDir(), '/', $file, '"></script>';
 			}
 		}
 		echo
diff --git a/modules-available/bootstrap_datepicker/config.json b/modules-available/bootstrap_datepicker/config.json
index d1261653..5a0c7960 100644
--- a/modules-available/bootstrap_datepicker/config.json
+++ b/modules-available/bootstrap_datepicker/config.json
@@ -1,3 +1,9 @@
 {
-	"dependencies" : []
+	"dependencies" : [],
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
 }
diff --git a/modules-available/bootstrap_dialog/config.json b/modules-available/bootstrap_dialog/config.json
index d1261653..5a0c7960 100644
--- a/modules-available/bootstrap_dialog/config.json
+++ b/modules-available/bootstrap_dialog/config.json
@@ -1,3 +1,9 @@
 {
-	"dependencies" : []
+	"dependencies" : [],
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
 }
diff --git a/modules-available/bootstrap_multiselect/config.json b/modules-available/bootstrap_multiselect/config.json
index d1261653..5a0c7960 100644
--- a/modules-available/bootstrap_multiselect/config.json
+++ b/modules-available/bootstrap_multiselect/config.json
@@ -1,3 +1,9 @@
 {
-	"dependencies" : []
+	"dependencies" : [],
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
 }
diff --git a/modules-available/bootstrap_switch/config.json b/modules-available/bootstrap_switch/config.json
index 9e26dfee..de4d37b4 100644
--- a/modules-available/bootstrap_switch/config.json
+++ b/modules-available/bootstrap_switch/config.json
@@ -1 +1,8 @@
-{}
\ No newline at end of file
+{
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
+}
\ No newline at end of file
diff --git a/modules-available/bootstrap_timepicker/config.json b/modules-available/bootstrap_timepicker/config.json
index d1261653..5a0c7960 100644
--- a/modules-available/bootstrap_timepicker/config.json
+++ b/modules-available/bootstrap_timepicker/config.json
@@ -1,3 +1,9 @@
 {
-	"dependencies" : []
+	"dependencies" : [],
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
 }
diff --git a/modules-available/js_chart/config.json b/modules-available/js_chart/config.json
index 9e26dfee..de4d37b4 100644
--- a/modules-available/js_chart/config.json
+++ b/modules-available/js_chart/config.json
@@ -1 +1,8 @@
-{}
\ No newline at end of file
+{
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
+}
\ No newline at end of file
diff --git a/modules-available/js_circles/config.json b/modules-available/js_circles/config.json
index 9e26dfee..de4d37b4 100644
--- a/modules-available/js_circles/config.json
+++ b/modules-available/js_circles/config.json
@@ -1 +1,8 @@
-{}
\ No newline at end of file
+{
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
+}
\ No newline at end of file
diff --git a/modules-available/js_jqueryui/config.json b/modules-available/js_jqueryui/config.json
index d1261653..5a0c7960 100644
--- a/modules-available/js_jqueryui/config.json
+++ b/modules-available/js_jqueryui/config.json
@@ -1,3 +1,9 @@
 {
-	"dependencies" : []
+	"dependencies" : [],
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
 }
diff --git a/modules-available/js_moment/config.json b/modules-available/js_moment/config.json
index d1261653..5a0c7960 100644
--- a/modules-available/js_moment/config.json
+++ b/modules-available/js_moment/config.json
@@ -1,3 +1,9 @@
 {
-	"dependencies" : []
+	"dependencies" : [],
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
 }
diff --git a/modules-available/js_selectize/config.json b/modules-available/js_selectize/config.json
index d1261653..5a0c7960 100644
--- a/modules-available/js_selectize/config.json
+++ b/modules-available/js_selectize/config.json
@@ -1,3 +1,9 @@
 {
-	"dependencies" : []
+	"dependencies" : [],
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
 }
diff --git a/modules-available/js_stupidtable/config.json b/modules-available/js_stupidtable/config.json
index 9e26dfee..cf932d7e 100644
--- a/modules-available/js_stupidtable/config.json
+++ b/modules-available/js_stupidtable/config.json
@@ -1 +1,8 @@
-{}
\ No newline at end of file
+{
+	"css": {
+	"style.css": true
+	},
+	"scripts": {
+	"clientscript.js": true
+	}
+}
\ No newline at end of file
diff --git a/modules-available/js_vis/config.json b/modules-available/js_vis/config.json
index ccdf64b7..3b027d31 100644
--- a/modules-available/js_vis/config.json
+++ b/modules-available/js_vis/config.json
@@ -1,3 +1,9 @@
 {
-	"dependencies" : ["js_moment"]
+	"dependencies" : ["js_moment"],
+	"css": {
+		"style.css": true
+	},
+	"scripts": {
+		"clientscript.js": true
+	}
 }
-- 
cgit v1.2.3-55-g7522


From d25fbbb304647219a5c7e62ee7c9216190848898 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 10 May 2017 17:47:43 +0200
Subject: Remove debug logging

---
 inc/module.inc.php | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'inc')

diff --git a/inc/module.inc.php b/inc/module.inc.php
index 52646983..7211c68c 100644
--- a/inc/module.inc.php
+++ b/inc/module.inc.php
@@ -263,15 +263,12 @@ class Module
 
 	public function getScripts($externalOnly)
 	{
-		error_log($this->getIdentifier() . ' = ' . ($externalOnly ? 'true' : 'false'));
 		if (!$externalOnly) {
 			if (!isset($this->scripts['clientscript.js']) && file_exists($this->getDir() . '/clientscript.js')) {
 				$this->scripts['clientscript.js'] = false;
 			}
 			return array_keys($this->scripts);
 		}
-		error_log('Pre: ' . implode(', ', array_keys($this->scripts)));
-		error_log('Post: ' . implode(', ', array_keys(array_filter($this->scripts))));
 		return array_keys(array_filter($this->scripts));
 	}
 
-- 
cgit v1.2.3-55-g7522


From faae75ed40d608d3fd734d5ffc2d786107c367a9 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 17 May 2017 11:56:43 +0200
Subject: cron: Clear stucklist on reboot

---
 apis/cron.inc.php    |  2 +-
 inc/event.inc.php    |  4 ++++
 inc/property.inc.php | 11 +++++++++++
 3 files changed, 16 insertions(+), 1 deletion(-)

(limited to 'inc')

diff --git a/apis/cron.inc.php b/apis/cron.inc.php
index b727b21f..7431e9ef 100644
--- a/apis/cron.inc.php
+++ b/apis/cron.inc.php
@@ -17,7 +17,7 @@ define('CRON_KEY_BLOCKED', 'cron.key.blocked');
 if (($report = Request::get('crashreport', false, 'string'))) {
 	$list = Property::getList(CRON_KEY_STATUS);
 	if (empty($list)) {
-		error_log('Cron crashreport triggered but no cronjob marked active.');
+		error_log('Cron crash report triggered but no cronjob marked active.');
 		exit(0);
 	}
 	$str = array();
diff --git a/inc/event.inc.php b/inc/event.inc.php
index 7a7c48b0..89e68650 100644
--- a/inc/event.inc.php
+++ b/inc/event.inc.php
@@ -20,6 +20,10 @@ class Event
 		EventLog::info('System boot...');
 		$everythingFine = true;
 
+		// Delete job entries that might have been running when system rebooted
+		Property::clearList('cron.key.status');
+		Property::clearList('cron.key.blocked');
+
 		// Tasks: fire away
 		$mountId = Trigger::mount();
 		$autoIp = Trigger::autoUpdateServerIp();
diff --git a/inc/property.inc.php b/inc/property.inc.php
index b33e1bff..0b4ea7b3 100644
--- a/inc/property.inc.php
+++ b/inc/property.inc.php
@@ -105,6 +105,17 @@ class Property
 		));
 	}
 
+	/**
+	 * Delete entire list with given key.
+	 *
+	 * @param string $key Key of list
+	 * @return int number of items removed
+	 */
+	public static function clearList($key)
+	{
+		return Database::exec("DELETE FROM property_list WHERE name = :key", compact('key'));
+	}
+
 	/*
 	 * Legacy getters/setters
 	 */
-- 
cgit v1.2.3-55-g7522


From 56b653126088a9a3f0423aa8eb1cd215e6ec0e73 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 7 Jun 2017 14:07:47 +0200
Subject: [inc/event] Retry mounting vmstore on bootup

---
 inc/event.inc.php | 26 ++++++++++++++++++++------
 1 file changed, 20 insertions(+), 6 deletions(-)

(limited to 'inc')

diff --git a/inc/event.inc.php b/inc/event.inc.php
index 89e68650..a16be97b 100644
--- a/inc/event.inc.php
+++ b/inc/event.inc.php
@@ -25,11 +25,12 @@ class Event
 		Property::clearList('cron.key.blocked');
 
 		// Tasks: fire away
+		$mountStatus = false;
 		$mountId = Trigger::mount();
 		$autoIp = Trigger::autoUpdateServerIp();
 		$ldadpId = Trigger::ldadp();
 		$ipxeId = Trigger::ipxe();
-		
+
 		Taskmanager::submit('DozmodLauncher', array(
 			'operation' => 'start'
 		));
@@ -40,11 +41,8 @@ class Event
 			EventLog::info('No VM store type defined.');
 			$everythingFine = false;
 		} else {
-			$res = Taskmanager::waitComplete($mountId, 5000);
-			if (Taskmanager::isFailed($res)) {
-				EventLog::failure('Mounting VM store failed', $res['data']['messages']);
-				$everythingFine = false;
-			}
+			$mountStatus = Taskmanager::waitComplete($mountId, 5000);
+
 		}
 		// LDAP AD Proxy
 		if ($ldadpId === false) {
@@ -74,6 +72,22 @@ class Event
 			}
 		}
 
+		if ($mountStatus !== false && !Taskmanager::isFinished($mountStatus)) {
+			$mountStatus = Taskmanager::waitComplete($mountStatus, 5000);
+		}
+		if (Taskmanager::isFailed($mountStatus)) {
+			// One more time, network could've been down before
+			sleep(10);
+			$mountId = Trigger::mount();
+			$mountStatus = Taskmanager::waitComplete($mountId, 10000);
+		}
+		if ($mountId !== false && Taskmanager::isFailed($mountStatus)) {
+			EventLog::failure('Mounting VM store failed', $mountStatus['data']['messages']);
+			$everythingFine = false;
+		} elseif ($mountId !== false && !Taskmanager::isFinished($mountStatus)) {
+			// TODO: Still running - create callback
+		}
+
 		// Just so we know booting is done (and we don't expect any more errors from booting up)
 		if ($everythingFine) {
 			EventLog::info('Bootup finished without errors.');
-- 
cgit v1.2.3-55-g7522


From a087ebf512dafe626179070d4c77e3e69473e424 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Sat, 10 Jun 2017 16:02:25 +0200
Subject: [inc/Util] Add randomUuid() function

---
 inc/util.inc.php | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'inc')

diff --git a/inc/util.inc.php b/inc/util.inc.php
index 5d1a4563..697ae3f9 100644
--- a/inc/util.inc.php
+++ b/inc/util.inc.php
@@ -434,4 +434,32 @@ SADFACE;
 		return $bytes;
 	}
 
+	/**
+	 * @return string a random UUID, v4.
+	 */
+	public static function randomUuid()
+	{
+		$b = unpack('h8a/h4b/h12c', self::randomBytes(12));
+		return sprintf('%08s-%04s-%04x-%04x-%012s',
+
+			// 32 bits for "time_low"
+			$b['a'],
+
+			// 16 bits for "time_mid"
+			$b['b'],
+
+			// 16 bits for "time_hi_and_version",
+			// four most significant bits holds version number 4
+			mt_rand(0, 0x0fff) | 0x4000,
+
+			// 16 bits, 8 bits for "clk_seq_hi_res",
+			// 8 bits for "clk_seq_low",
+			// two most significant bits holds zero and one for variant DCE1.1
+			mt_rand(0, 0x3fff) | 0x8000,
+
+			// 48 bits for "node"
+			$b['c']
+		);
+	}
+
 }
-- 
cgit v1.2.3-55-g7522


From afbecd9ac6a382d2d4f708c2ba0a2971cbe89882 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 23 Jun 2017 15:47:56 +0200
Subject: [inc/Database] Only fall back to global ignoreError setting if param
 was omitted

---
 inc/database.inc.php | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'inc')

diff --git a/inc/database.inc.php b/inc/database.inc.php
index 7adcf867..150f828a 100644
--- a/inc/database.inc.php
+++ b/inc/database.inc.php
@@ -45,7 +45,7 @@ class Database
 	 *
 	 * @return array|boolean Associative array representing row, or false if no row matches the query
 	 */
-	public static function queryFirst($query, $args = array(), $ignoreError = false)
+	public static function queryFirst($query, $args = array(), $ignoreError = null)
 	{
 		$res = self::simpleQuery($query, $args, $ignoreError);
 		if ($res === false)
@@ -60,7 +60,7 @@ class Database
 	 *
 	 * @return array|bool List of associative arrays representing rows, or false on error
 	 */
-	public static function queryAll($query, $args = array(), $ignoreError = false)
+	public static function queryAll($query, $args = array(), $ignoreError = null)
 	{
 		$res = self::simpleQuery($query, $args, $ignoreError);
 		if ($res === false)
@@ -77,7 +77,7 @@ class Database
 	 * @param boolean $ignoreError Ignore query errors and just return false
 	 * @return int|boolean Number of rows affected, or false on error
 	 */
-	public static function exec($query, $args = array(), $ignoreError = false)
+	public static function exec($query, $args = array(), $ignoreError = null)
 	{
 		$res = self::simpleQuery($query, $args, $ignoreError);
 		if ($res === false)
@@ -109,13 +109,13 @@ class Database
 	 * query again with different params, do not rely on the first PDOStatement
 	 * still being valid. If you need to do something fancy, use Database::prepare
 	 *
-	 * @return \PDOStatement The query result object
+	 * @return \PDOStatement|false The query result object
 	 */
-	public static function simpleQuery($query, $args = array(), $ignoreError = false)
+	public static function simpleQuery($query, $args = array(), $ignoreError = null)
 	{
 		self::init();
 		if (CONFIG_DEBUG && preg_match('/^\s*SELECT/is', $query)) {
-			self::explainQuery($query, $args, $ignoreError);
+			self::explainQuery($query, $args);
 		}
 		// Support passing nested arrays for IN statements, automagically refactor
 		self::handleArrayArgument($query, $args);
@@ -127,21 +127,21 @@ class Database
 			}
 			if (self::$statements[$query]->execute($args) === false) {
 				self::$lastError = implode("\n", self::$statements[$query]->errorInfo());
-				if ($ignoreError || self::$returnErrors)
+				if ($ignoreError === true || ($ignoreError === null && self::$returnErrors))
 					return false;
 				Util::traceError("Database Error: \n" . self::$lastError);
 			}
 			return self::$statements[$query];
 		} catch (Exception $e) {
 			self::$lastError = '(' . $e->getCode() . ') ' . $e->getMessage();
-			if ($ignoreError || self::$returnErrors)
+			if ($ignoreError === true || ($ignoreError === null && self::$returnErrors))
 				return false;
 			Util::traceError("Database Error: \n" . self::$lastError);
 		}
 		return false;
 	}
 
-	private static function explainQuery($query, $args, $ignoreError)
+	private static function explainQuery($query, $args)
 	{
 		$res = self::simpleQuery('EXPLAIN ' . $query, $args, true);
 		if ($res === false)
-- 
cgit v1.2.3-55-g7522


From 529680135a1c21797846dd9e5dfd5b66448c598d Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 23 Jun 2017 15:50:21 +0200
Subject: [inc/Util] Fix: Print trace in CLI mode again

---
 inc/util.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'inc')

diff --git a/inc/util.inc.php b/inc/util.inc.php
index 697ae3f9..9bcfdf13 100644
--- a/inc/util.inc.php
+++ b/inc/util.inc.php
@@ -12,7 +12,7 @@ class Util
 	 */
 	public static function traceError($message)
 	{
-		if ((defined('API') && API) || (defined('AJAX') && AJAX)) {
+		if ((defined('API') && API) || (defined('AJAX') && AJAX) || php_sapi_name() === 'cli') {
 			error_log('API ERROR: ' . $message);
 			error_log(self::formatBacktracePlain(debug_backtrace()));
 		}
-- 
cgit v1.2.3-55-g7522


From a9fefa7e6b1a33af8448a11520fb6eb9d933377a Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 25 Jul 2017 19:02:56 +0200
Subject: [inc/Download] Delete temp file for response header

---
 inc/download.inc.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'inc')

diff --git a/inc/download.inc.php b/inc/download.inc.php
index a2054f78..b3496e85 100644
--- a/inc/download.inc.php
+++ b/inc/download.inc.php
@@ -21,6 +21,7 @@ class Download
 		curl_setopt($ch, CURLOPT_MAXREDIRS, 6);
 		$tmpfile = tempnam('/tmp/', 'bwlp-');
 		$head = fopen($tmpfile, 'w+b');
+		unlink($tmpfile);
 		if ($head === false)
 			Util::traceError("Could not open temporary head file $tmpfile for writing.");
 		curl_setopt($ch, CURLOPT_WRITEHEADER, $head);
-- 
cgit v1.2.3-55-g7522