Add support for downloading reports from mobile app, add HTML export format

database.sql

@@ -0,0 +1,34 @@
+-- MySQL Script generated by MySQL Workbench
+-- Wed 11 Oct 2017 12:49:43 PM MDT
+-- Model: New Model    Version: 1.0
+-- MySQL Workbench Forward Engineering
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+
+-- -----------------------------------------------------
+-- Schema managepanel
+-- -----------------------------------------------------
+
+-- -----------------------------------------------------
+-- Schema managepanel
+-- -----------------------------------------------------
+CREATE SCHEMA IF NOT EXISTS `managepanel` DEFAULT CHARACTER SET utf8 ;
+USE `managepanel` ;
+
+-- -----------------------------------------------------
+-- Table `managepanel`.`report_access_codes`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `managepanel`.`report_access_codes` (
+  `id` INT NOT NULL AUTO_INCREMENT,
+  `code` VARCHAR(45) NULL,
+  `expires` DATETIME NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE INDEX `id_UNIQUE` (`id` ASC))
+ENGINE = MEMORY;
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;

lang/en_us.php

@@ -101,6 +101,7 @@ define("STRINGS", [
     "choose an option" => "Choose an option",
     "csv file" => "CSV text file",
     "ods file" => "ODS spreadsheet",
+    "html file" => "HTML web page",
     "uid" => "User ID",
     "manager name" => "Manager",
     "manager username" => "Mgr. Username",

lib/reports.php

@@ -1,8 +1,16 @@
 <?php
 
+// Detect if loaded by the user or by PHP
+if (count(get_included_files()) == 1) {
+    define("LOADED", true);
+} else {
+    define("LOADED", false);
+}
+
 require_once __DIR__ . "/../required.php";
 
 use League\Csv\Writer;
+use League\Csv\HTMLConverter;
 use odsPhpGenerator\ods;
 use odsPhpGenerator\odsTable;
 use odsPhpGenerator\odsTableRow;
@@ -11,7 +19,27 @@ use odsPhpGenerator\odsTableCellString;
 use odsPhpGenerator\odsStyleTableColumn;
 use odsPhpGenerator\odsStyleTableCell;
 
-dieifnotloggedin();
+// Allow access with a one-time code, for mobile app and stuff
+if (isset($VARS['code']) && LOADED) {
+    $date = date("Y-m-d H:i:s");
+    if ($database2->has('report_access_codes', ["AND" => ['code' => $VARS['code'], 'expires[>]' => $date]])) {
+        $database2->delete('report_access_codes', ["OR" => ['code' => $VARS['code'], 'expires[<=]' => $date]]);
+    } else {
+        dieifnotloggedin();
+    }
+} else {
+    dieifnotloggedin();
+}
+
+if (LOADED) {
+    if (isset($VARS['type']) && isset($VARS['format'])) {
+        generateReport($VARS['type'], $VARS['format']);
+        die();
+    } else {
+        lang("invalid parameters");
+        die();
+    }
+}
 
 function getUserReport() {
     global $database;
@@ -144,7 +172,7 @@ function dataToCSV($data, $name = "report") {
     $csv = Writer::createFromString('');
     $csv->insertAll($data);
     header('Content-type: text/csv');
-    header('Content-Disposition: attachment; filename="' . $name . "_" . date("Y-m-d_Hm") . ".csv" . '"');
+    header('Content-Disposition: attachment; filename="' . $name . "_" . date("Y-m-d_Hi") . ".csv" . '"');
     echo $csv;
     die();
 }
@@ -175,7 +203,31 @@ function dataToODS($data, $name = "report") {
         $rowid++;
     }
     $ods->addTable($table);
-    $ods->downloadOdsFile($name . "_" . date("Y-m-d_Hm") . ".ods");
+    $ods->downloadOdsFile($name . "_" . date("Y-m-d_Hi") . ".ods");
+}
+
+function dataToHTML($data, $name = "report") {
+    header('Content-type: text/html');
+    $converter = new HTMLConverter();
+    $out = "<!DOCTYPE html>\n"
+            . "<meta charset=\"utf-8\">\n"
+            . "<meta name=\"viewport\" content=\"width=device-width\">\n"
+            . "<title>" . $name . "_" . date("Y-m-d_Hi") . "</title>\n"
+            . <<<STYLE
+<style>
+    .table-csv-data {
+        border-collapse: collapse;
+    }
+    .table-csv-data tr:first-child {
+        font-weight: bold;
+    }
+    .table-csv-data tr td {
+        border: 1px solid black;
+    }
+</style>
+STYLE
+            . $converter->convert($data);
+    echo $out;
 }
 
 function generateReport($type, $format) {
@@ -184,6 +236,9 @@ function generateReport($type, $format) {
         case "ods":
             dataToODS($data, $type);
             break;
+        case "html":
+            dataToHTML($data, $type);
+            break;
         case "csv":
         default:
             echo dataToCSV($data, $type);

pages/export.php

@@ -4,12 +4,11 @@ require_once __DIR__ . '/../required.php';
 redirectifnotloggedin();
 ?>
 
-<form action="action.php" method="POST" target="_BLANK">
+<form action="lib/reports.php" method="GET" target="_BLANK">
     <div class="row">
         <div class="col-xs-12 col-sm-6">
             <label for="type"><?php lang("report type"); ?></label>
             <select name="type" class="form-control" required>
-                <option selected><?php lang("choose an option") ?></option>
                 <option value="users"><?php lang("users") ?></option>
                 <option value="managers"><?php lang("managers") ?></option>
                 <option value="permissions"><?php lang("permissions") ?></option>
@@ -21,12 +20,18 @@ redirectifnotloggedin();
             <select name="format" class="form-control" required>
                 <option value="csv"><?php lang("csv file") ?></option>
                 <option value="ods"><?php lang("ods file") ?></option>
+                <option value="html"><?php lang("html file") ?></option>
             </select>
         </div>
     </div>
     <br />
     <input type="hidden" name="action" value="export" />
     <input type="hidden" name="source" value="export" />
+    <?php
+    $code = uniqid(rand(10000000,99999999), true);
+    $database2->insert('report_access_codes', ['code' => $code, 'expires' => date("Y-m-d H:i:s", strtotime("+5 minutes"))]);
+    ?>
+    <input type="hidden" name="code" value="<?php echo $code; ?>" />
     
-    <button type="submit" class="btn btn-success"><i class="fa fa-download"></i> <?php lang("generate report"); ?></button>
+    <button type="submit" class="btn btn-success" onclick="setTimeout(function () {window.location.reload();}, 1000)"><i class="fa fa-download"></i> <?php lang("generate report"); ?></button>
 </form>

required.php

@@ -53,9 +53,23 @@ try {
     ]);
 } catch (Exception $ex) {
     //header('HTTP/1.1 500 Internal Server Error');
-    sendError("Database error.  Try again later.  $ex");
+    sendError("Database error 1.  Try again later.  $ex");
 }
 
+$database2;
+try {
+    $database2 = new Medoo([
+        'database_type' => DB2_TYPE,
+        'database_name' => DB2_NAME,
+        'server' => DB2_SERVER,
+        'username' => DB2_USER,
+        'password' => DB2_PASS,
+        'charset' => DB2_CHARSET
+    ]);
+} catch (Exception $ex) {
+    //header('HTTP/1.1 500 Internal Server Error');
+    sendError("Database error 2.  Try again later.  $ex");
+}
 
 if (!DEBUG) {
     error_reporting(0);

settings.template.php

@@ -4,7 +4,7 @@
 // DO NOT SET TO TRUE IN PRODUCTION!!!
 define("DEBUG", false);
 
-// Portal database connection settings
+// AccountHub database connection settings
 // See http://medoo.in/api/new for info
 define("DB_TYPE", "mysql");
 define("DB_NAME", "sso");
@@ -13,6 +13,14 @@ define("DB_USER", "sso");
 define("DB_PASS", "");
 define("DB_CHARSET", "utf8");
 
+// ManagePanel DB connection
+define("DB2_TYPE", "mysql");
+define("DB2_NAME", "managepanel");
+define("DB2_SERVER", "localhost");
+define("DB2_USER", "managepanel");
+define("DB2_PASS", "");
+define("DB2_CHARSET", "utf8");
+
 // Name of the app.
 define("SITE_TITLE", "ManagePanel");