From 2040b7be3925693f544ec2217a58d7de6ceb8d16 Mon Sep 17 00:00:00 2001
From: root <root@cloud.caribana.ch>
Date: Wed, 27 Feb 2019 17:39:20 +0100
Subject: [PATCH] Read database connection from config file

---
 accred_form.php      |  3 ++-
 accred_list.php      | 12 ++++++------
 ajax/data/arrays.php | 11 +++++++++--
 index.php            | 12 +++++++++---
 tokensignin.php      |  7 +++++--
 5 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/accred_form.php b/accred_form.php
index 6fd92f8b..179b9cc4 100644
--- a/accred_form.php
+++ b/accred_form.php
@@ -23,6 +23,7 @@ require_once 'vendor/autoload.php';
                 die();
         }
 
+        $cfg = include('accred_config.php');
 
 	$uname = $_SESSION['name'];
 	if($_POST['btncancel']) {
@@ -71,8 +72,8 @@ require_once 'vendor/autoload.php';
 
 
 
+$mysqli = new mysqli($cfg['host'], $cfg['user'],$cfg['pass'], $cfg['name']);
 
-$mysqli = new mysqli("localhost", "caribanaaccred", "welcome99", "caribanaaccred");
 if ($mysqli->connect_errno) {
     echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
 }
diff --git a/accred_list.php b/accred_list.php
index 019665bf..66d32b43 100644
--- a/accred_list.php
+++ b/accred_list.php
@@ -1,8 +1,9 @@
 <?php
-        ini_set('display_errors', 0);
-        ini_set('display_startup_errors', 0);
-        error_reporting(E_ALL & ~E_NOTICE );
 
+	ini_set('display_errors', 1);
+        ini_set('display_startup_errors', 1);
+        error_reporting(E_ALL & ~E_NOTICE );
+	$cfg = include('accred_config.php');
 	//  start session
 	if (session_status() == PHP_SESSION_NONE) {
 	    session_start();
@@ -45,7 +46,7 @@ $objPHPExcel->getProperties()->setDescription("Accréditations 2017.");
 $objPHPExcel->setActiveSheetIndex(0);
 
 $query = "select * from submissions";
-$mysqli = new mysqli("localhost", "caribanaaccred", "welcome99", "caribanaaccred");
+$mysqli = new mysqli($cfg['host'], $cfg['user'],$cfg['pass'], $cfg['name']);
 if ($mysqli->connect_errno) {
     echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
 }
@@ -232,8 +233,7 @@ readfile($filename);
 <?php
 
 
-
-$mysqli = new mysqli("localhost", "caribanaaccred", "welcome99", "caribanaaccred");
+$mysqli = new mysqli($cfg['host'], $cfg['user'],$cfg['pass'], $cfg['name']);
 if ($mysqli->connect_errno) {
     echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
 }
diff --git a/ajax/data/arrays.php b/ajax/data/arrays.php
index add1cf86..41fd074f 100644
--- a/ajax/data/arrays.php
+++ b/ajax/data/arrays.php
@@ -5,12 +5,19 @@
         error_reporting(E_ALL & ~E_NOTICE );
   // Returns data to display list of entries to authenticated user
   $uid = $_SESSION['uid'];
-  if(!$uid) {
+//  if(!$uid) {
  //   die("User not authenticated!");
+ // }
+  try {
+   $cfg = include($_SERVER['DOCUMENT_ROOT'].'/accred_config.php');
+  }
+  catch(Exception $e) {
+     die("Unable to load configuration file!");
   }
   $aid = $_GET['aid'];
   $isAdmin = $_SESSION['admin']==1;
-  $mysqli = new mysqli("localhost", "caribanaaccred", "welcome99", "caribanaaccred");
+ 
+  $mysqli = new mysqli($cfg['host'], $cfg['user'],$cfg['pass'], $cfg['name']);
   if ($mysqli->connect_errno) {
     echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
   }
diff --git a/index.php b/index.php
index 54c0431c..43f8e0b7 100644
--- a/index.php
+++ b/index.php
@@ -3,12 +3,11 @@ ini_set('display_errors', 1);
 ini_set('display_startup_errors', 1);
 error_reporting(E_ALL & ~E_NOTICE );
 //  start session
+$cfg = include('accred_config.php');
 if (session_status() == PHP_SESSION_NONE) {
     session_start();
     $userid = $_SESSION['uid'];
 }
-
-
 // If we are logged-in, redirect to the list page.
 if($userid) {
     header("location: accred_list");
@@ -58,13 +57,20 @@ function onSignIn(googleUser) {
   console.log('Image URL: ' + profile.getImageUrl());
   console.log('Email: ' + profile.getEmail()); // This is null if the 'email' scope is not present.
   console.log('Token: ' + id_token);
+console.log("Preparing to call tokensignin");
 var xhr = new XMLHttpRequest();
-xhr.open('POST', 'https://ml.caribana.ch/accred/tokensignin');
+
+xhr.open('POST', 'https://accred.caribana-festival.ch/tokensignin');
 xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
 xhr.onload = function() {
   console.log('Signed in as: ' + xhr.responseText);
   self.location = 'accred_list';
 };
+xhr.onerror = function() {
+  console.log("ERROR");
+  alert("Error");
+};
+console.log(xhr);
 xhr.send('idtoken=' + id_token);
 }
 </script>
diff --git a/tokensignin.php b/tokensignin.php
index 2cd5308b..8a975bbe 100644
--- a/tokensignin.php
+++ b/tokensignin.php
@@ -1,10 +1,13 @@
 <?php
 require_once 'vendor/autoload.php';
+$cfg = include('accred_config.php');
 session_start();
 $mode = $_POST['mode'];
+
 openlog('ACCRED', LOG_PID, LOG_LOCAL0);
 if($mode=='logout') {
-$mysqli = new mysqli("localhost", "caribanaaccred", "welcome99", "caribanaaccred");
+
+$mysqli = new mysqli($cfg['host'], $cfg['user'],$cfg['pass'], $cfg['name']);
 if ($mysqli->connect_errno) {
     echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
 }
@@ -42,7 +45,7 @@ if ($payload) {
     // Is this user admin 
     $_SESSION['admin'] = '';
     // Set to 1 to allow normal users to add new entries en edit existing
-    // $_SESSION['allowedit'] = 1;
+    $_SESSION['allowedit'] = 1;
     if( array_key_exists($userid, $admins)) {
   	$_SESSION['admin'] = 1;
     }