2022-09-13 13:14:49 +00:00
|
|
|
<?php
|
|
|
|
namespace Misuzu;
|
|
|
|
|
|
|
|
use ZipArchive;
|
2023-07-17 19:28:13 +00:00
|
|
|
use Index\XString;
|
|
|
|
use Index\IO\FileStream;
|
2022-09-13 13:14:49 +00:00
|
|
|
use Misuzu\Users\User;
|
|
|
|
use Misuzu\Users\UserSession;
|
|
|
|
|
|
|
|
if(!UserSession::hasCurrent()) {
|
|
|
|
echo render_error(401);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2023-07-17 19:28:13 +00:00
|
|
|
$dbConn = $msz->getDbConn();
|
2022-09-13 13:14:49 +00:00
|
|
|
|
2023-07-17 19:28:13 +00:00
|
|
|
function db_to_zip(ZipArchive $archive, int $userId, string $baseName, array $fieldInfos, string $userIdField = 'user_id'): string {
|
|
|
|
global $dbConn;
|
|
|
|
|
|
|
|
$fields = [];
|
|
|
|
|
|
|
|
foreach($fieldInfos as $key => $fieldInfo) {
|
|
|
|
$fieldInfo = explode(':', $fieldInfo);
|
|
|
|
$fieldInfo = [
|
|
|
|
'name' => $fieldInfo[0],
|
|
|
|
'type' => $fieldInfo[1] ?? 'n',
|
|
|
|
'nullable' => ($fieldInfo[2] ?? '') === 'n',
|
|
|
|
];
|
|
|
|
$fieldInfo['is_null'] = $fieldInfo['type'] === 'n';
|
|
|
|
|
|
|
|
if(!$fieldInfo['is_null']) {
|
|
|
|
$selectField = $fieldInfo['name'];
|
|
|
|
|
|
|
|
if($fieldInfo['type'] === 'a')
|
|
|
|
$selectField = sprintf('INET6_NTOA(%s)', $selectField);
|
|
|
|
elseif($fieldInfo['type'] === 't')
|
|
|
|
$selectField = sprintf('UNIX_TIMESTAMP(%s)', $selectField);
|
|
|
|
|
|
|
|
$fields[] = $selectField;
|
|
|
|
}
|
|
|
|
|
|
|
|
$fieldInfos[$key] = $fieldInfo;
|
|
|
|
}
|
|
|
|
|
|
|
|
$tmpName = sys_get_temp_dir() . DIRECTORY_SEPARATOR . sprintf('msz-user-data-%d-%s-%s.tmp', $userId, $baseName, XString::random(8));
|
|
|
|
$tmpStream = FileStream::newWrite($tmpName);
|
|
|
|
|
|
|
|
try {
|
|
|
|
$stmt = $dbConn->prepare(sprintf('SELECT %s FROM msz_%s WHERE %s = ?', implode(', ', $fields), $baseName, $userIdField));
|
|
|
|
$stmt->addParameter(1, $userId);
|
|
|
|
$stmt->execute();
|
|
|
|
$result = $stmt->getResult();
|
|
|
|
|
|
|
|
while($result->next()) {
|
|
|
|
$args = -1;
|
|
|
|
$row = [];
|
|
|
|
|
|
|
|
foreach($fieldInfos as $fieldInfo) {
|
|
|
|
$fieldValue = null;
|
|
|
|
|
|
|
|
if(!$fieldInfo['is_null']) {
|
|
|
|
++$args;
|
|
|
|
|
|
|
|
if(!$fieldInfo['nullable'] || !$result->isNull($args)) {
|
|
|
|
if($fieldInfo['type'] === 's' || $fieldInfo['type'] === 'a' || $fieldInfo['type'] === 'j') {
|
|
|
|
$fieldValue = $result->getString($args);
|
|
|
|
|
|
|
|
if($fieldInfo['type'] === 'j')
|
|
|
|
$fieldValue = json_decode($fieldValue);
|
|
|
|
} elseif($fieldInfo['type'] === 't' || $fieldInfo['type'] === 'b' || $fieldInfo['type'] === 'i') {
|
|
|
|
$fieldValue = $result->getInteger($args);
|
|
|
|
|
|
|
|
if($fieldInfo['type'] === 'b')
|
|
|
|
$fieldValue = $fieldValue !== 0;
|
|
|
|
elseif($fieldInfo['type'] === 't') {
|
|
|
|
$fieldValue = date(DATE_ATOM, $fieldValue);
|
|
|
|
if(str_ends_with($fieldValue, '+00:00'))
|
|
|
|
$fieldValue = substr($fieldValue, 0, -6) . 'Z';
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
$fieldValue = '?';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$row[$fieldInfo['name']] = $fieldValue;
|
|
|
|
}
|
|
|
|
|
|
|
|
$tmpStream->write(json_encode($row, JSON_INVALID_UTF8_SUBSTITUTE));
|
|
|
|
$tmpStream->write("\n");
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
2023-07-17 19:28:13 +00:00
|
|
|
} finally {
|
|
|
|
$tmpStream->flush();
|
|
|
|
$tmpStream->close();
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
2023-07-17 19:28:13 +00:00
|
|
|
$archive->addFile($tmpName, $baseName . '.jsonl');
|
|
|
|
|
|
|
|
return $tmpName;
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
$errors = [];
|
|
|
|
$currentUser = User::getCurrent();
|
|
|
|
$currentUserId = $currentUser->getId();
|
|
|
|
|
|
|
|
if(isset($_POST['action']) && is_string($_POST['action'])) {
|
|
|
|
if(isset($_POST['password']) && is_string($_POST['password'])
|
2023-07-17 19:28:13 +00:00
|
|
|
&& ($currentUser->checkPassword($_POST['password'] ?? ''))) {
|
2022-09-13 13:14:49 +00:00
|
|
|
switch($_POST['action']) {
|
|
|
|
case 'data':
|
2023-07-17 17:43:17 +00:00
|
|
|
$msz->createAuditLog('PERSONAL_DATA_DOWNLOAD');
|
2022-09-13 13:14:49 +00:00
|
|
|
|
|
|
|
$timeStamp = floor(time() / 3600) * 3600;
|
|
|
|
$fileName = sprintf('msz-user-data-%d-%d.zip', $currentUserId, $timeStamp);
|
|
|
|
$filePath = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $fileName;
|
|
|
|
$archive = new ZipArchive;
|
|
|
|
|
|
|
|
if(!is_file($filePath)) {
|
|
|
|
if($archive->open($filePath, ZipArchive::CREATE | ZIPARCHIVE::OVERWRITE) === true) {
|
2023-07-17 19:28:13 +00:00
|
|
|
$tmpFiles = [];
|
|
|
|
|
|
|
|
try {
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'audit_log', ['user_id:s:n', 'log_action:s', 'log_params:j', 'log_created:t', 'log_ip:a:n', 'log_country:s']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'auth_tfa', ['user_id:s', 'tfa_token:n', 'tfa_created:t']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'changelog_changes', ['change_id:s', 'user_id:s:n', 'change_action:s:n', 'change_created:t', 'change_log:s', 'change_text:s:n']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'comments_categories', ['category_id:s', 'category_name:s', 'owner_id:s:n', 'category_created:t', 'category_locked:t:n'], 'owner_id');
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'comments_posts', ['comment_id:s', 'category_id:s', 'user_id:s:n', 'comment_reply_to:s:n', 'comment_text:s', 'comment_created:t', 'comment_pinned:t:n', 'comment_edited:t:n', 'comment_deleted:t:n']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'comments_votes', ['comment_id:s', 'user_id:s', 'comment_vote:i']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'forum_permissions', ['user_id:s:n', 'role_id:s:n', 'forum_id:s', 'forum_perms_allow:i', 'forum_perms_deny:i']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'forum_posts', ['post_id:s', 'topic_id:s', 'forum_id:s', 'user_id:s:n', 'post_ip:a', 'post_text:s', 'post_parse:i', 'post_display_signature:b', 'post_created:t', 'post_edited:t:n', 'post_deleted:t:n']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'forum_topics', ['topic_id:s', 'forum_id:s', 'user_id:s:n', 'topic_type:i', 'topic_title:s', 'topic_count_views:i', 'topic_created:t', 'topic_bumped:t', 'topic_deleted:t:n', 'topic_locked:t:n']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'forum_topics_redirects', ['topic_id:s', 'user_id:s:n', 'topic_redir_url:s', 'topic_redir_created:t']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'forum_topics_track', ['user_id:s', 'topic_id:s', 'forum_id:s', 'track_last_read:t']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'login_attempts', ['user_id:s:n', 'attempt_success:b', 'attempt_ip:a', 'attempt_country:s', 'attempt_created:t', 'attempt_user_agent:s']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'news_posts', ['post_id:s', 'category_id:s', 'user_id:s:n', 'comment_section_id:s:n', 'post_is_featured:b', 'post_title:s', 'post_text:s', 'post_scheduled:t', 'post_created:t', 'post_updated:t', 'post_deleted:t:n']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'permissions', ['user_id:s:n', 'role_id:s:n', 'general_perms_allow:i', 'general_perms_deny:i', 'user_perms_allow:i', 'user_perms_deny:i', 'changelog_perms_allow:i', 'changelog_perms_deny:i', 'news_perms_allow:i', 'news_perms_deny:i', 'forum_perms_allow:i', 'forum_perms_deny:i', 'comments_perms_allow:i', 'comments_perms_deny:i']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'profile_fields_values', ['field_id:s', 'user_id:s', 'format_id:s', 'field_value:s']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'sessions', ['session_id:s', 'user_id:s', 'session_key:n', 'session_ip:a', 'session_ip_last:a:n', 'session_user_agent:s', 'session_country:s', 'session_expires:t', 'session_expires_bump:b', 'session_created:t', 'session_active:t:n']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'users', ['user_id:s', 'username:s', 'password:n', 'email:s', 'register_ip:a', 'last_ip:a', 'user_super:b', 'user_country:s', 'user_colour:i:n', 'user_created:t', 'user_active:t:n', 'user_deleted:t:n', 'display_role:s:n', 'user_totp_key:n', 'user_about_content:s:n', 'user_about_parser:i', 'user_signature_content:s:n', 'user_signature_parser:i', 'user_birthdate:s:n', 'user_background_settings:i:n', 'user_title:s:n']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'users_password_resets', ['user_id:s', 'reset_ip:a', 'reset_requested:t', 'verification_code:n']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'user_roles', ['user_id:s', 'role_id:s']);
|
|
|
|
$tmpFiles[] = db_to_zip($archive, $currentUserId, 'user_warnings', ['warning_id:s', 'user_id:s', 'user_ip:a', 'issuer_id:n', 'issuer_ip:n', 'warning_created:t', 'warning_duration:t:n', 'warning_type:i', 'warning_note:s', 'warning_note_private:s:n']);
|
|
|
|
|
|
|
|
$archive->close();
|
|
|
|
} finally {
|
|
|
|
foreach($tmpFiles as $tmpFile)
|
|
|
|
if(is_file($tmpFile))
|
|
|
|
unlink($tmpFile);
|
|
|
|
}
|
2022-09-13 13:14:49 +00:00
|
|
|
} else {
|
|
|
|
$errors[] = 'Something went wrong while creating your account archive.';
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
header('Content-Type: application/zip');
|
|
|
|
header(sprintf('Content-Disposition: inline; filename="%s"', $fileName));
|
|
|
|
echo file_get_contents($filePath);
|
|
|
|
return;
|
|
|
|
|
|
|
|
case 'deactivate':
|
|
|
|
// deactivation
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
$errors[] = 'Incorrect password.';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Template::render('settings.data', [
|
|
|
|
'errors' => $errors,
|
|
|
|
]);
|