diff --git a/controllers/internals/Command.php b/controllers/internals/Command.php index e66b853..314b2fc 100755 --- a/controllers/internals/Command.php +++ b/controllers/internals/Command.php @@ -75,4 +75,77 @@ namespace controllers\internals; return $this->get_model()->update_for_user($id_user, $id, $datas); } + + + /** + * Analyse a message to check if it's a command and extract it + * @param int $id_user : User id to search a command for + * @param string $message : Text of the message to analyse + * @return mixed : false on error, array with new text and command to execute ['updated_text' => string, 'command' => string] + */ + public function check_for_command (int $id_user, string $message) : bool + { + $extracted_command = []; + + $decode_message = json_decode(trim($message)); + if ($decode_message === null) + { + return false; + } + + + if (!isset($decode_message['login'], $decode_message['password'])) + { + return false; + } + + + //Check for user + $internal_user = \controllers\internals\User($this->bdd); + $user = $internal_user->check_credentials($decode_message['login'], $decode_message['password']); + if (!$user || $user['id'] != $id_user) + { + return false; + } + + + //Check for admin rights + if ($command['admin'] && !$user['admin']) + { + return false; + } + + + //Find command + $commands = $this->gets_for_user($user['id']); + $find_command = false; + foreach ($commands as $command) + { + $command_name = $command['name']; + if (isset($decode_message[$command_name])) + { + $find_command = true; + break; + } + } + + if (!$find_command) + { + return false; + } + + + //Forge command and return + $decode_message['password'] = '******'; + $updated_text = json_encode($decode_message); + + $generated_command = PWD_SCRIPTS . '/' . $command['script']; + $args = $decode_message['args'] ?? ''; + $generated_command .= ' ' . escapeshellcmd($args); + + return [ + 'updated_text' => $updated_text, + 'command' => $generated_command, + ]; + } }