diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000..a8f567e1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,112 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# TypeScript v1 declaration files
+typings/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Microbundle cache
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+#.env
+#.env.test
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+
+# Next.js build output
+.next
+
+# Nuxt.js build / generate output
+.nuxt
+#dist
+
+# Gatsby files
+.cache/
+# Comment in the public line in if your project uses Gatsby and *not* Next.js
+# https://nextjs.org/blog/next-9-1#public-directory-support
+# public
+
+# vuepress build output
+.vuepress/dist
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# TernJS port file
+.tern-port
+
+
+.DS_Store
+._.DS_Store
+
+
+
+
diff --git a/README.md b/README.md
new file mode 100644
index 00000000..f59fa10c
--- /dev/null
+++ b/README.md
@@ -0,0 +1,3 @@
+
+### Portal
+
diff --git a/portal/admin/.htaccess b/portal/admin/.htaccess
index b2b8acc6..2e4539b6 100644
--- a/portal/admin/.htaccess
+++ b/portal/admin/.htaccess
@@ -7,7 +7,7 @@
# RewriteCond %{REQUEST_FILENAME} !-d
# RewriteRule . /portal/admin/index.php [L]
-
+Options -Indexes
diff --git a/portal/admin/core/api/js/appfactory/afsdocuments.js b/portal/admin/core/api/js/appfactory/afsdocuments.js
index c737626e..de431fe0 100644
--- a/portal/admin/core/api/js/appfactory/afsdocuments.js
+++ b/portal/admin/core/api/js/appfactory/afsdocuments.js
@@ -8,7 +8,7 @@
} else {
root.AFSDocuments = factory();// browser global.
}
-})(function() {
+})(function() {
function AFSDocuments(documents, app, managed_domain){
this.files = documents;
@@ -31,8 +31,11 @@
let gen_nam = "d"+self.app.utils.randomGenerator(12) + "." + file.name.split('.').pop();
let content_type = self.getMimiType(file.name);
// let urlparams = `/portal/admin/core/api/php/request.php?getdoc=true&ref=${ref_num}&name=${gen_nam}&content_type=${content_type}`;
- let urlparams = `/portal/api/data/downloads?getdoc=true&ref=${ref_num}&name=${gen_nam}&content_type=${content_type}`;
- let doc_url = self.app.extra.config.managed_domain.Address + urlparams;
+ let urlparams = `?getdoc=true&ref=${ref_num}&name=${gen_nam}&content_type=${content_type}`;
+ let doc_url = `https://api.${self.app.extra.config.managed_domain.Domain}/v1/data/downloads${urlparams}`;
+ let doc_url2 = `${self.app.extra.config.managed_domain.Address2}/portal/admin/core/api/php/request.php${urlparams}`;
+ // https://www.appfactory.studio/portal/api/data/downloads?getdoc=true&ref=doc888072803282&name=djnUwMIfNWmiK.png&content_type=image/png
+ // https://api.appfactory.studio/v1/data/downloads?getdoc=true&ref=doc888072803282&name=djnUwMIfNWmiK.png&content_type=image/png
let fileobj = self._NewFileObject(
file.name,
@@ -40,15 +43,16 @@
file.size,
file.type,
new Date().toLocaleString(),
- "/mnt/"+self.app.extra.config.managed_domain.SystemUser+"/modules/documents",
+ "/mnt/node1/"+self.app.extra.config.managed_domain.SystemUser+"/modules/documents",
doc_url,
+ doc_url2,
ref_num,
catogery,
jsondata);
// console.log(fileobj);
let formData = new FormData();
- formData.append("fileuploadUrl", file);
+ formData.append("fileuploadUrl", file);
formData.append("datauploadUrl", JSON.stringify(fileobj));
let req = new XMLHttpRequest();
@@ -81,6 +85,8 @@
req.open("POST", requesturl);
req.send(formData);
+
+
});
},
@@ -88,7 +94,7 @@
},
- _NewFileObject: function(on,gn,fs,ft,ud,loc,url,ref,cat,jsondata){
+ _NewFileObject: function(on,gn,fs,ft,ud,loc,url,url2,ref,cat,jsondata){
return {
"original_name": on,
"generated_name": gn,
@@ -97,6 +103,7 @@
"upload_date": ud,
"directory": loc,
"url": url,
+ "url2": url2,
"reference_num": ref,
"catagory": cat,
"json": jsondata
@@ -220,6 +227,17 @@
+ },
+
+ getDocumentUrl(document,managed_domain){
+ let url = document.url;
+ if(window.location.href.includes(managed_domain.Domain)){
+ url = document.url;
+ }else{
+ url = document.url2;
+ }
+
+ return url;
}
diff --git a/portal/admin/core/api/js/pages/modules/imp_documents.js b/portal/admin/core/api/js/pages/modules/imp_documents.js
index 657dcefd..c5186c1c 100644
--- a/portal/admin/core/api/js/pages/modules/imp_documents.js
+++ b/portal/admin/core/api/js/pages/modules/imp_documents.js
@@ -13,6 +13,7 @@
})(function(bootstrap) {
+
function init(app){
app.extra.current.documents = {};
AFSSpinner.showFullScreen(true);
@@ -20,6 +21,7 @@
app.extra.extras.RequestDocuments(100,function(documents){
if(app.extra.documents==undefined){ app.extra.documents = documents; }
+ app.extra.instances.documents.setDocuments(documents);
AFSSpinner.showFullScreen(false);
_init(app);
},app.extra.documents,true,app);
@@ -32,7 +34,8 @@
function append_files(documents,app){
let ids = [];
let rowsHtml = "";
- for (let i = 0; i < documents.length; i++) {
+ // for (let i = 0; i < documents.length; i++) {
+ for (let i = documents.length - 1; i >= 0; i--) {
const index = i;
const document = documents[i];
const id = "m"+app.utils.randomGenerator(12);
@@ -70,7 +73,7 @@
console.log(params);
AFSSpinner.showFullScreen(false);
modal.toggle();
- let documents = app.extra.documents;
+ let documents = app.extra.instances.documents.files; // app.extra.documents;
append_files(documents,app);
});
});
@@ -122,14 +125,15 @@
});
});
});
-
+
function displayImageEditor(app){
// Image editor
+ let url = app.extra.instances.documents.getDocumentUrl(app.extra.current.documents.document.obj, app.extra.config.managed_domain);
var imageEditor = new tui.ImageEditor('#tui-image-editor-container2', {
includeUI: {
loadImage: {
- path: app.extra.current.documents.document.obj.url, //'img/sampleImage2.png',
+ path: url, //'img/sampleImage2.png',
name: 'SampleImage',
},
// theme: blackTheme, // or whiteTheme
@@ -150,7 +154,7 @@
}
-
+ // console.log(app.extra.current.documents);
if(app.utils.imageExists(app.extra.current.documents.document.obj.url)){
if(app.utils.isFileType("image",app.extra.current.documents.document.obj.generated_name)){
// console.log(imageExists(app.extra.current.documents.document.obj.url));
@@ -163,12 +167,6 @@
$("#document_status_message").text("File missing!");
}
-
-
- console.log(app.extra.current.documents.document);
- // console.log(imageEditor);
- // console.log(tui);
-
}
function UpdateDocuments(action,mydocument,app,cb){
@@ -210,7 +208,7 @@
|
-
+
${rows}
@@ -264,99 +262,6 @@
- $("#_______add_document_btn12121").on("click",function(e){
- e.preventDefault();
- let modal = new bootstrap.Modal("#modal_upload_document");
- modal.toggle();
-
- $("#modal_upload_new_file_btn").off();
- $("#modal_upload_new_file_btn").on("click",function(e){
- e.preventDefault();
- AFSSpinner.showFullScreen(true);
-
- let file = $('#modal_document_file_upload_input').prop('files')[0];
-
- let fileobj = NewFileObject(
- file.name,
- "d"+app.utils.randomGenerator(12) + "." + file.name.split('.').pop(),
- file.size,
- file.type,
- new Date().toLocaleString(),
- "/mnt/"+app.extra.config.managed_domain.SystemUser+"/modules/documents",
- "none");
-
- console.log(file);
- console.log(fileobj);
- app.extra.config.configurations.documents[0].json.files.push(fileobj);
-
- UploadDocument(file, fileobj, app, function(resp){
- console.log(resp);
- let senddata2 = {
- configurations_update: true,
- mysql_id: app.extra.config.configurations.documents[0].json.mysql_id,
- data: JSON.stringify(app.extra.config.configurations.documents[0].json)
- }
- $.post(app.extra.url,senddata2,function(resp2){
- AFSSpinner.showFullScreen(false);
- console.log(resp2);
- RemoveModal(modal);
-
- append_files(app);
- });
- });
- //
-
- // var form_data = new FormData();
- // form_data.append('file', file_data);
- // console.log(file_data);
-
-
- // let fi = document.getElementById('modal_document_file_upload_input');
- // const fsize = fi.files.item(0).size;
- // const file = Math.round((fsize / 1024));
- // // The size of the file.
- // if (file >= 4096) {
- // console.log("yes");
- // }else{
- // console.log("no");
- // }
-
-
- // $.ajax({
- // url: app.extra.url + "?upload=true", // <-- point to server-side PHP script
- // dataType: 'text', // <-- what to expect back from the PHP script, if anything
- // cache: false,
- // contentType: false,
- // processData: false,
- // data: form_data,
- // type: 'post',
- // success: function(php_script_response){
- // alert(php_script_response); // <-- display response from the PHP script, if any
- // }
- // });
-
- // RemoveModal(modal);
- // let senddata = {
- // configurations_update:true,
- // mysql_id: app.extra.config.configurations.documents[0].mysql_id,
- // data: JSON.stringify(app.extra.config.configurations.documents[0])
- // }
-
- // $.post(app.extra.url,senddata,function(resp){
- // console.log(resp);
- // });
- })
-
-
-
-
-
- });
-
-
-
-
-
}
@@ -391,53 +296,10 @@
$('body').css("overflow","");
$('body').css("padding-right","");
}
- function NewFileObject(on,gn,fs,ft,ud,loc,url){
- return {
- "original_name": on,
- "generated_name": gn,
- "file_size": fs,
- "file_type": ft,
- "upload_date": ud,
- "location": loc,
- "url": url
- }
- }
- // deprecated - used in afsdocuments
- function UploadDocument(file,obj,app,cb){
- let formData = new FormData();
- // these values are switched
- let datauploadUrl = "datauploadUrl";//sponsorship.json.request.dataupload;
- let fileuploadUrl = "fileuploadUrl";//sponsorship.json.request.fileupload;
- formData.append(fileuploadUrl, file);
- formData.append(datauploadUrl, JSON.stringify(obj));
-
- let req = new XMLHttpRequest();
- req.addEventListener('progress', function(e) {
- var done = e.position || e.loaded, total = e.totalSize || e.total;
- // console.log('---progress: ' + (Math.floor(done/total*1000)/10) + '%');
- }, false);
- if ( req.upload ) {
- // self.upload_in_progress = true;
- req.upload.onprogress = function(e) {
- var done = e.position || e.loaded, total = e.totalSize || e.total;
- // console.log(' req.upload progress: ' + done + ' / ' + total + ' = ' + (Math.floor(done/total*1000)/10) + '%');
- };
- }
- req.onreadystatechange = function(e) {
- if ( 4 == this.readyState ) {
- // console.log(e.target.responseText)
- if(cb!=undefined){
- cb(e.target.responseText,e);
- }
- }
- };
- let requesturl = app.extra.url;// afsconfig.managed_domain.Address + "/" + sponsorship.json.request.url
- req.open("POST", requesturl);
- req.send(formData);
- }
+
return {
init,
diff --git a/portal/admin/core/api/php/includes/functions.php b/portal/admin/core/api/php/includes/functions.php
index 8c057674..abd51346 100644
--- a/portal/admin/core/api/php/includes/functions.php
+++ b/portal/admin/core/api/php/includes/functions.php
@@ -679,6 +679,10 @@ function getSubdomain2($dboverride = false) {
}
$subdomain = str_replace("\n", "", $subdomain);
$subdomain = trim($subdomain, " ");
+
+ if($subdomain!="www" || $subdomain!="www15"){
+ $subdomain = "www";
+ }
return $subdomain;
}
function get_subdomain_managed_domain_new_way($subdomain,$dboverride = false){
@@ -8341,6 +8345,8 @@ function admin_documents_delete_document(){
}
+
+// rrrrr
function api_data_downloads(){
// if (Input::get('getdoc')) {
$subdomain = getSubdomain2();
@@ -8357,6 +8363,8 @@ function api_data_downloads(){
$content_type = Input::get("content_type");
$content_type = ($content_type) ? $content_type : "image/$ext";
$filename = $fileDir . $file;
+
+// https://api.appfactory.studio/v1/data/downloads?getdoc=true&ref=doc888072803282&name=djnUwMIfNWmiK.png&content_type=image/png
if (file_exists($filename))
{
header('Content-Description: File Transfer');
@@ -8374,7 +8382,9 @@ function api_data_downloads(){
die();
}else{
// echo $filename;
- echo "";
+ // echo "no file $subdomain $filename ";
+
+ // EchoJsonObject($managed_domain);
}
// }
@@ -8448,7 +8458,8 @@ function handleUploadFile(){
"file_type" => $data2["file_type"],
"upload_date" => $data2["upload_date"],
"directory" => $data2["directory"],
- "url" => $data2["url"]
+ "url" => $data2["url"],
+ "url2" => $data2["url2"]
));
// {
// "success" : 1,
diff --git a/portal/admin/core/api/php/request.php b/portal/admin/core/api/php/request.php
index 2ecf5e9d..128b9319 100644
--- a/portal/admin/core/api/php/request.php
+++ b/portal/admin/core/api/php/request.php
@@ -626,7 +626,7 @@ if(Input::get("admin_documents_get_documents")){
if(Input::get("admin_documents_delete_document")){
admin_documents_delete_document();
}
-if (Input::get('datauploadUrl')) {
+if (Input::get('datauploadUrl')) {
$handle = handleUploadFile();
echo json_encode($handle["message"]);
}
diff --git a/portal/admin/core/db/create-system-tables.sql b/portal/admin/core/db/create-system-tables.sql
index 4f04598d..99730af3 100644
--- a/portal/admin/core/db/create-system-tables.sql
+++ b/portal/admin/core/db/create-system-tables.sql
@@ -128,10 +128,14 @@ CREATE TABLE IF NOT EXISTS documents (
upload_date VARCHAR(255) NULL,
directory VARCHAR(255) NULL,
url VARCHAR(255) NULL,
+ url2 VARCHAR(255) NULL,
jsontext MEDIUMTEXT,
date TIMESTAMP DEFAULT CURRENT_TIMESTAMP()
);
+-- ALTER TABLE documents CREATE COLUMN url2 VARCHAR(255) NULL;
+
+
-- Forms
CREATE TABLE IF NOT EXISTS forms (
id INT AUTO_INCREMENT PRIMARY KEY,
diff --git a/portal/admin/core/scripts/remote/builder/app_install.sh b/portal/admin/core/scripts/remote/builder/app_install.sh
index 52fe8669..e454a84e 100644
--- a/portal/admin/core/scripts/remote/builder/app_install.sh
+++ b/portal/admin/core/scripts/remote/builder/app_install.sh
@@ -272,18 +272,18 @@ function run_install()
chmod 775 -R /home/$systemuser/
mkdir -p /home/$systemuser/gitfolder/
- if [ -d "${basedirectory}/www/.vscode" ]; then
- mv ${basedirectory}/www/.vscode /home/$systemuser/gitfolder/
- fi
- if [ -f "${basedirectory}/www/.gitignore" ]; then
- mv ${basedirectory}/www/.gitignore /home/$systemuser/gitfolder/
- fi
- if [ -d "${basedirectory}/www/.git" ]; then
- mv ${basedirectory}/www/.git /home/$systemuser/gitfolder/
- fi
- if [ -f "${basedirectory}/www/README.md" ]; then
- mv ${basedirectory}/www/README.md /home/$systemuser/gitfolder/
- fi
+ # if [ -d "${basedirectory}/www/.vscode" ]; then
+ # mv ${basedirectory}/www/.vscode /home/$systemuser/gitfolder/
+ # fi
+ # if [ -f "${basedirectory}/www/.gitignore" ]; then
+ # mv ${basedirectory}/www/.gitignore /home/$systemuser/gitfolder/
+ # fi
+ # if [ -d "${basedirectory}/www/.git" ]; then
+ # mv ${basedirectory}/www/.git /home/$systemuser/gitfolder/
+ # fi
+ # if [ -f "${basedirectory}/www/README.md" ]; then
+ # mv ${basedirectory}/www/README.md /home/$systemuser/gitfolder/
+ # fi
# TODO_1: Should I be using type.txt
echo $subdomain > ${basedirectory}/www/portal/type.txt
@@ -353,34 +353,6 @@ function run_mysql_database()
basedirectory="/home/$systemuser/websites"
log2="/mnt/node1/appfactorystudio/logs/remote_logger2.log"
- # sleep 5
- # echo "" &>> $log2
- # echo "===== mysql_password" &>> $log2
- # echo "$mysql_password" &>> $log2
-
- # echo "" &>> $log2
- # echo "===== CONFIG_JSON" &>> $log2
- # echo "$CONFIG_JSON" &>> $log2
-
- # echo "" 2>&1 >> $log2
- # echo "===== MAIN_DIR" &>> $log2
- # echo "$MAIN_DIR" &>> $log2
-
- # echo "" 2>&1 >> $log2
- # echo "===== db_username" &>> $log2
- # echo "$db_username" &>> $log2
-
- # echo "" 2>&1 >> $log2
- # echo "===== db_name" &>> $log2
- # echo "$db_name" &>> $log2
-
- # if [ -d "/home/${systemuser}/websites/www/portal/" ]; then
- # echo "DOES EXIST NOW 1 - $systemuser" &>> $log2
- # else
- # echo "DOES NOT EXIST NOW 2 - $systemuser" &>> $log2
- # fi
-
-
mysql -p"${mysql_password}" -u root -e "CREATE DATABASE IF NOT EXISTS ${db_name}"; 2>&1 >> $log2
mysql -p"${mysql_password}" -u root -e "CREATE USER '${db_username}'@'localhost' IDENTIFIED BY '${db_password}'"; 2>&1 >> $log2
mysql -p"${mysql_password}" -u root -e "GRANT ALL ON ${db_name}.* TO '${db_username}'@'localhost'"; 2>&1 >> $log2
diff --git a/portal/api/v1/data/.htaccess b/portal/api/v1/data/.htaccess
index 1042bff2..a1d636d0 100644
--- a/portal/api/v1/data/.htaccess
+++ b/portal/api/v1/data/.htaccess
@@ -1,3 +1,79 @@
+
+########## BEGIN RECOMMENDED RULES (COMMENT OUT OR UNCOMMENT AS NEEDED) ##########
+
+### htaccess (https://github.com/delight-im/htaccess)
+### Copyright (c) delight.im (https://www.delight.im/)
+### Licensed under the MIT License (https://opensource.org/licenses/MIT)
+
+Header set Access-Control-Allow-Origin "*"
+Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
+Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
+
+
+
+ # Turn off directory listings for folders without default documents
+ Options -Indexes
+
+
+
+
+
+ # Disable 'MultiViews' implicit filename pattern matches
+ Options -MultiViews
+
+
+
+# Serve "text/plain" and "text/html" documents as UTF-8 by default
+AddDefaultCharset utf-8
+
+# Disable "ETag" headers so that browsers rely on the "Cache-Control" and "Expires" headers
+FileETag None
+
+
+
+ # Enable HTTP Strict Transport Security (HSTS) with a duration of six months (Uncomment 1 line below)
+ # Header set Strict-Transport-Security max-age=15778800
+
+
+
+
+
+ # Force 'www' (i.e. prefix the "bare" domain and all subdomains with 'www' through permanent redirects) (Uncomment 6 lines below)
+ # RewriteCond %{HTTP_HOST} !^$
+ # RewriteCond %{HTTP_HOST} !^www\. [NC]
+ # RewriteCond %{HTTPS}s ^on(s)|
+ # # RewriteCond %{REQUEST_SCHEME} ^http(s)|
+ # # RewriteCond %{SERVER_PORT}s ^443(s)|
+ # RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
+
+ # Force HTTPS (Uncomment 4 lines below)
+ # RewriteCond %{HTTPS} off
+ # # RewriteCond %{REQUEST_SCHEME} http
+ # # RewriteCond %{SERVER_PORT} !443
+ # RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
+
+
+
+# Prevent access to non-minified CSS and JS (Uncomment 3 lines below)
+#
+# Require all denied
+#
+
+# Show a custom error document for "404 Not Found" errors (Uncomment 1 line below)
+# ErrorDocument 404 /notFound.html
+
+# Announce contact information for security issues (Uncomment 2 lines below)
+# Header set X-Vulnerability-Disclosure "https://www.example.com/security"
+# Header set X-Security-Contact "security@example.com"
+
+########## END RECOMMENDED RULES ##########
+
+########## BEGIN CUSTOM RULES (YOUR OWN RULES GO HERE) ##########
+
+# Add your rules here ...
+
+########## END CUSTOM RULES ##########
+
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
@@ -6,4 +82,33 @@
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /v1/data/index.php [L]
-
\ No newline at end of file
+
+
+ Header set Access-Control-Allow-Origin "*"
+
+
+ # Prevent clickjacking (forbids framing by third-party sites)
+ Header set X-Frame-Options sameorigin
+
+ # Prevent content sniffing (MIME sniffing)
+ Header set X-Content-Type-Options nosniff
+
+ # Attempt to enable XSS filters in browsers, if available, and block reflected XSS
+ Header set X-XSS-Protection "1; mode=block"
+
+ # Cache media files for a month
+
+ Header set Cache-Control max-age=2629800
+
+
+ # Remove response headers that provide no value but leak information
+ Header always unset X-Powered-By
+
+ Header unset Server
+
+ # Disable "ETag" headers so that browsers rely on the "Cache-Control" and "Expires" headers
+ Header unset ETag
+
+
+
+