From: Nicolas Boisselier Date: Mon, 11 Dec 2017 04:02:23 +0000 (+0000) Subject: www/dbq/etc/nginx.conf X-Git-Url: https://git.nbdom.net/?a=commitdiff_plain;h=f7d5616a87222752bd79acc8a4f9f26d0c142c43;p=nb.git www/dbq/etc/nginx.conf --- diff --git a/www/dbq/dbq.php b/www/dbq/dbq.php index 1b50030f..0a7498dc 100644 --- a/www/dbq/dbq.php +++ b/www/dbq/dbq.php @@ -23,10 +23,10 @@ class DbQ extends nb { const ACTIONS_NO_TITLE = ['ls','vi']; const PARAM_DB_DEFAULT = 'ls'; - const ADMIN = 9; - const DELETE = 4; - const WRITE = 3; const READ = 1; + const WRITE = 3; + const DELETE = 4; + const ADMIN = 9; public $perm = self::ADMIN; public $perms = [ # keys in lowercase !!!! 'admin' => self::ADMIN, @@ -85,7 +85,7 @@ class DbQ extends nb { // // Init - $this->parse_uri(); + $this->uri_init(); // Envs -> var foreach ([ @@ -352,6 +352,7 @@ class DbQ extends nb { return (1 and ($this->perm >= self::READ) and !empty($this->table) + and !empty($this->table->type()) and ( strpos('table view',$this->table->type()) !== false ) ); } @@ -519,7 +520,7 @@ class DbQ extends nb { #bye($_POST); } - public function parse_uri() { + private function uri_init() { $this->method_post_accept(); # # Parse path, respect params order @@ -652,6 +653,14 @@ EOF; return $this->perm; } +# NB 11.12.17 public function can($perm) { +# NB 11.12.17 if ($perm == 'read') return ($this->perm >= self::READ); +# NB 11.12.17 if ($perm == 'write') return ($this->perm >= self::WRITE); +# NB 11.12.17 if ($perm == 'delete') return ($this->perm >= self::DELETE); +# NB 11.12.17 if ($perm == 'admin') return ($this->perm >= self::ADMIN); +# NB 11.12.17 return null; +# NB 11.12.17 } + public function status() { #$this->perm--; $rows = []; @@ -1107,12 +1116,12 @@ EOF; } elseif ($action == 'status') { $this->page($this->table->status()+$this->table->status(['fields'])); - } elseif ($action == 'add' and $this->perm >= self::WRITE) { - $this->page($this,'add'); - } elseif ($action == 'vi' and $this->perm >= self::READ) { $this->page($this,'vi'); + } elseif ($action == 'add' and $this->perm >= self::WRITE) { + $this->page($this,'add'); + } elseif ($action == 'insert' and $this->perm >= self::WRITE) { if (!$this->table->insert($_POST,$info)) $this->error('insert: '.print_r($info,true)); header('Location: '.$this->table->base.'/'); @@ -1170,6 +1179,6 @@ EOF; return true; } -} +} # < Class Dbq $DBQ = new DbQ(['run'=>true]); ?> diff --git a/www/dbq/etc/nginx.conf b/www/dbq/etc/nginx.conf index b17427d2..d9061008 100644 --- a/www/dbq/etc/nginx.conf +++ b/www/dbq/etc/nginx.conf @@ -13,29 +13,31 @@ location = /robots.txt { access_log off; log_not_found off; } #--------------------------------------------------------------# # Deny -location ~ /\.ht { deny all; } +location ~ /\. { deny all; } #--------------------------------------------------------------# # All to index.php location @dbq { - try_files $uri /index.php?$query_string; + rewrite ^(.*)$ /index.php?$query_string last; + return 500; + #try_files $uri /index.php?$query_string; } #--------------------------------------------------------------# # FastCGI location ~ /index\.php$ { - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass php-handler; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_intercept_errors off; - fastcgi_buffer_size 16k; - fastcgi_buffers 4 16k; - - if ($DBQ_CONF_FILE = "") { set $DBQ_CONF_FILE $document_root/../../../etc/dbq/000-local.php; } - fastcgi_param DBQ_TITLE $DBQ_TITLE; - fastcgi_param DBQ_CONF_FILE $DBQ_CONF_FILE; - fastcgi_param DBQ_PERM $DBQ_PERM; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php-handler; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_intercept_errors off; + fastcgi_buffer_size 16k; + fastcgi_buffers 4 16k; + + if ($DBQ_CONF_FILE = "") { set $DBQ_CONF_FILE $document_root/../../../etc/dbq/000-local.php; } + fastcgi_param DBQ_TITLE $DBQ_TITLE; + fastcgi_param DBQ_CONF_FILE $DBQ_CONF_FILE; + fastcgi_param DBQ_PERM $DBQ_PERM; }