diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..3f7036b
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,13 @@
+/.git
+/.settings
+README.*
+LICENSE
+CHANGELOG.*
+/docs
+*.md
+/.buildpath
+/.project
+/.gitignore
+/.dockerignore
+/temp-test
+/build.sh
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..1b0acdf
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,7 @@
+/modules/*
+!/modules/README.md
+/storage/*
+!/storage/README.md
+/temp-test
+/composer.lock
+/vendor
diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..74ae122
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1,41 @@
+
+ SetEnv TZ Europe/Moscow
+
+ServerSignature Off
+AddDefaultCharset UTF-8
+Options -Indexes
+DirectoryIndex index.php
+
+# Bad Rquest
+#ErrorDocument 400 /400.html
+# Authorization Required
+#ErrorDocument 401 /401.html
+# Forbidden
+ErrorDocument 403 /error.php?code=403
+# Not found
+ErrorDocument 404 /error.php?code=404
+# Method Not Allowed
+ErrorDocument 405 /error.php?code=405
+# Request Timed Out
+#ErrorDocument 408 /408.html
+# Request URI Too Long
+#ErrorDocument 414 /414.html
+# Internal Server Error
+ErrorDocument 500 /error.php?code=500
+# Not Implemented
+ErrorDocument 501 /error.php?code=501
+# Bad Gateway
+#ErrorDocument 502 /502.html
+# Service Unavailable
+#ErrorDocument 503 /503.html
+# Gateway Timeout
+#ErrorDocument 504 /504.html
+
+IndexIgnore *
+
+## Mod_rewrite in use.
+
+RewriteEngine On
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteRule . /index.php [L]
+
diff --git a/Autoloader.php b/Autoloader.php
new file mode 100644
index 0000000..735f858
--- /dev/null
+++ b/Autoloader.php
@@ -0,0 +1,24 @@
+
\ No newline at end of file
diff --git a/Dockerfile.sample b/Dockerfile.sample
new file mode 100644
index 0000000..4f4f87e
--- /dev/null
+++ b/Dockerfile.sample
@@ -0,0 +1,36 @@
+FROM mxfox.ru/chimera/fox-web-basic:latest AS prepare
+
+RUN apt-get update \
+ && apt-get install curl -y \
+ && cd /tmp \
+ && curl -sS https://getcomposer.org/installer -o composer-setup.php \
+ && php composer-setup.php --install-dir=/usr/local/bin --filename=composer \
+ && DEBIAN_FRONTEND=noninteractive TZ=Europe/Moscow apt-get -y install tzdata \
+ && cd /var/www/html
+
+COPY . /var/www/html
+
+RUN composer install
+
+RUN find . -name "*~" -prune -exec rm -rf '{}' \; \
+ && find . -name "*.bak" -prune -exec rm -rf '{}' \; \
+ && find . -name "*.old" -prune -exec rm -rf '{}' \; \
+ && find . -name ".git" -prune -exec rm -rf '{}' \; \
+ && find . -name ".settings" -prune -exec rm -rf '{}' \; \
+ && find . -name ".buildpath" -prune -exec rm -rf '{}' \; \
+ && find . -name ".project" -prune -exec rm -rf '{}' \; \
+ && find . -name "README.*" -prune -exec rm -rf '{}' \; \
+ && find . -name "*.md" -prune -exec rm -rf '{}' \; \
+ && find . -name "composer.*" -prune -exec rm -rf '{}' \; \
+ && find . -name ".travis*" -prune -exec rm -rf '{}' \; \
+ && find . -name "installed.json" -prune -exec rm -rf '{}' \;
+
+RUN find . -type d ! -path './.git/**' ! -path './static/**' ! -path "./static" ! -path ./*/modules/*/static* -exec bash -c 'test -f {}/.htaccess && echo -n "[ SKIP ] " || (cp ./docker-build/.htaccess {} && echo -n "[ ADD ] ") && echo {}/.htaccess' \;
+
+RUN rm -f composer.* \
+ && rm -rf docker-build
+
+
+FROM mxfox.ru/chimera/fox-web-basic:latest as build
+COPY --from=prepare /var/www/html /var/www/html
+COPY docker-build/rootfs /
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..61d1860
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,674 @@
+GNU GENERAL PUBLIC LICENSE
+ Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc.
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
+
+ The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works. By contrast,
+the GNU General Public License is intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users. We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors. You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+ To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights. Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received. You must make sure that they, too, receive
+or can get the source code. And you must show them these terms so they
+know their rights.
+
+ Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
+
+ For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software. For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+ Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so. This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software. The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable. Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products. If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+ Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary. To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ TERMS AND CONDITIONS
+
+ 0. Definitions.
+
+ "This License" refers to version 3 of the GNU General Public License.
+
+ "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+ "The Program" refers to any copyrightable work licensed under this
+License. Each licensee is addressed as "you". "Licensees" and
+"recipients" may be individuals or organizations.
+
+ To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy. The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+ A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+ To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+ To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+ An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+ 1. Source Code.
+
+ The "source code" for a work means the preferred form of the work
+for making modifications to it. "Object code" means any non-source
+form of a work.
+
+ A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+ The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+ The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+ The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+ The Corresponding Source for a work in source code form is that
+same work.
+
+ 2. Basic Permissions.
+
+ All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+ You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force. You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright. Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+ Conveying under any other circumstances is permitted solely under
+the conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+ No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+ When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+ 4. Conveying Verbatim Copies.
+
+ You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+ You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+ 5. Conveying Modified Source Versions.
+
+ You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+
+ A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+ 6. Conveying Non-Source Forms.
+
+ You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+
+ A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+ A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling. In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage. For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product. A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+ "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source. The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+ If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+ The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed. Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+ Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+ 7. Additional Terms.
+
+ "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+ When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+ Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+
+ All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+ If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+ Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+ 8. Termination.
+
+ You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+ However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+ Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+ Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+ 9. Acceptance Not Required for Having Copies.
+
+ You are not required to accept this License in order to receive or
+run a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+ 10. Automatic Licensing of Downstream Recipients.
+
+ Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+ An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+ You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+ 11. Patents.
+
+ A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's "contributor version".
+
+ A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+ In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+ If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+ If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+ A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License. You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+ Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+ 12. No Surrender of Others' Freedom.
+
+ If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all. For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+ 13. Use with the GNU Affero General Public License.
+
+ Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU Affero General Public License into a single
+combined work, and to convey the resulting work. The terms of this
+License will continue to apply to the part which is the covered work,
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
+
+ 14. Revised Versions of this License.
+
+ The Free Software Foundation may publish revised and/or new versions of
+the GNU General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Program specifies that a certain numbered version of the GNU General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation. If the Program does not specify a version number of the
+GNU General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+ If the Program specifies that a proxy can decide which future
+versions of the GNU General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+ Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+ 15. Disclaimer of Warranty.
+
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. Limitation of Liability.
+
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+ 17. Interpretation of Sections 15 and 16.
+
+ If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+
+ Copyright (C)
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+
+Also add information on how to contact you by electronic and paper mail.
+
+ If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+ Copyright (C)
+ This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
+
+ You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU GPL, see
+.
+
+ The GNU General Public License does not permit incorporating your program
+into proprietary programs. If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library. If this is what you want to do, use the GNU Lesser General
+Public License instead of this License. But first, please read
+.
\ No newline at end of file
diff --git a/README.md b/README.md
index e69de29..edf412f 100644
--- a/README.md
+++ b/README.md
@@ -0,0 +1,9 @@
+# Chimera Fox Platform Mark2
+
+Полностью новая версия платформы Chimera Fox.
+
+Предыдущие версии будут поддерживаться только в качестве обновлений безопасности.
+
+Обратная совместимость с предыдущими версиями отсутствует - это основная причина выхода новой платформы - совместимость со старыми версиями занимает слишком много ресурсов на поддержку, а фактически она уже не нужна.
+
+*Актуальные модули старой версии будут портированы на Mark2*
\ No newline at end of file
diff --git a/api/.htaccess b/api/.htaccess
new file mode 100644
index 0000000..5f39d91
--- /dev/null
+++ b/api/.htaccess
@@ -0,0 +1,5 @@
+RewriteEngine On
+RewriteRule '^v2/' v2.php [END]
+RewriteRule '^v2$' v2.php [END]
+RewriteRule . - [END,R=404]
+
diff --git a/api/404.html b/api/404.html
new file mode 100644
index 0000000..563324f
--- /dev/null
+++ b/api/404.html
@@ -0,0 +1 @@
+0000404
\ No newline at end of file
diff --git a/api/v2.php b/api/v2.php
new file mode 100644
index 0000000..dbe6164
--- /dev/null
+++ b/api/v2.php
@@ -0,0 +1,112 @@
+module !== 'api') {
+ throw new foxException("Invalid request",400);
+ }
+
+ $request->shift();
+
+ if ($request->module !== "v2") {
+ throw new foxException("Invalid API version",400);
+ }
+ $request->shift();
+ $modules=moduleInfo::getAll();
+ if (!array_key_exists(request::get()->module, $modules)) {
+ if (request::get()->authOK) {
+ throw new foxException("Invalid module",404);
+ } else {
+ throw new foxException("Unauthorized",401);
+ }
+ }
+
+ if ($modules[request::get()->module]->authRequired && !request::get()->authOK) {
+ throw new foxException("Unauthorized",401);
+ }
+
+ $modNS=$modules[request::get()->module]->namespace;
+ request::get()->shift();
+ $className=$modNS."\\".request::get()->module;
+ if (!class_exists($className)) {
+ throw new foxException("Not found",404);
+ }
+
+ if(!is_a($className, fox\externalCallable::class,true)) {
+ throw new foxException("Not found",404);
+ }
+
+ ob_clean();
+ $apiMethod=fox\common::clearInput($request->method,"A-Z");
+ $apiFunction=fox\common::clearInput($request->function,"a-zA-Z0-9");
+ $apiXFunction=empty($request->parameters[0])?NULL:fox\common::clearInput($request->parameters[0],"a-zA-Z0-9");
+
+ $apiCallMethod="API_".$apiMethod."_".$apiFunction;
+ $apiXCallMethod="APIX_".$apiMethod."_".$apiXFunction;
+ $apiZCallMethod="API_".$apiMethod;
+
+ if (method_exists($className, $apiCallMethod)) {
+ $rv=$className::$apiCallMethod($request);
+ } else if (($apiXFunction!==null) && method_exists($className, $apiXCallMethod)) {
+ $rv=$className::$apiXCallMethod($request);
+ } else if (method_exists($className, $apiZCallMethod)) {
+ $rv=$className::$apiZCallMethod($request);
+ } else if (method_exists($className, "APICall")) {
+ $rv=$className::apiCall(request::get());
+ } else {
+ throw new foxException("Method not allowed", 405);
+ }
+
+ foxRequestResult::throw("200", "OK", $rv);
+
+} catch (fox\foxRequestResult $e) {
+ ob_clean();
+ header('HTTP/1.0 '.$e->getCode().' '.$e->getMessage(), true, $e->getCode());
+ if ($e->retVal===null) {
+ print json_encode(["status"=>$e->getMessage()]);
+ } else {
+ print json_encode($e->retVal);
+ }
+ exit;
+} catch (fox\foxException $e) {
+ if (($e->getCode()>=400 && $e->getCode()<500) || ($e->getCode() == 501) || ($e->getCode() >= 600 && $e->getCode()<900)) {
+ trigger_error($e->getStatus().": ".$e->getCode().": ".$e->getMessage()." in ".$e->getFile()." at line ".$e->getLine(), E_USER_WARNING);
+ print(json_encode(["error"=>["code"=>$e->getCode(),"message"=>$e->getMessage(), "xCode"=>$e->getXCode()]]));
+ if ($e->getCode()>=400 && $e->getCode()<502) {
+ header('HTTP/1.0 '.$e->getCode().' '.$e->getMessage(), true, $e->getCode());
+ } else {
+ header('HTTP/1.0 501 '.$e->getMessage(), true, $e->getCode());
+ }
+ } else {
+ trigger_error($e->getStatus().": ".$e->getCode().": ".$e->getMessage()." in ".$e->getFile()." at line ".$e->getLine(), E_USER_WARNING);
+ print(json_encode(["error"=>["errCode"=>500,"message"=>"Internal server error","xCode"=>$e->getXCode()]]));
+ header('HTTP/1.0 500 Internal server error', true, 500);
+ }
+ exit;
+} catch (Exception $e) {
+ trigger_error($e->getCode().": ".$e->getMessage()." in ".$e->getFile()." at line ".$e->getLine(), E_USER_WARNING);
+ print(json_encode(["error"=>["errCode"=>500,"message"=>"Internal server error", "xCode"=>"ERR"]]));
+ header('HTTP/1.0 500 Internal server error', true, 500);
+ throw($e);
+ exit;
+}
+exit;
+
+?>
\ No newline at end of file
diff --git a/build.sh b/build.sh
new file mode 100755
index 0000000..575639a
--- /dev/null
+++ b/build.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+# Not implemented yet
+source config
+docker build . -t x
diff --git a/cli/.htaccess b/cli/.htaccess
new file mode 100644
index 0000000..93169e4
--- /dev/null
+++ b/cli/.htaccess
@@ -0,0 +1,2 @@
+Order deny,allow
+Deny from all
diff --git a/cli/initialize.php b/cli/initialize.php
new file mode 100755
index 0000000..697182b
--- /dev/null
+++ b/cli/initialize.php
@@ -0,0 +1,77 @@
+#!/usr/bin/php
+name, modules::pseudoModules) && !$mod->getInstances()) {
+ print "Install module ".$mod->name."...";
+ $mod->save();
+ print "OK\n";
+ }
+ }
+//}
+
+if (company::getCount()==0) {
+
+ $c = new fox\company();
+ $c->name="Default company";
+ $c->qName="Company";
+ print "Create company ".$c->name."...";
+ $c->save();
+ print "OK\n";
+}
+
+// create user
+if (user::getCount()==0 && userGroup::getCount()==0) {
+ $u = new fox\user();
+ $u->fullName="Administrator";
+ $u->login=$initUser;
+ $u->setPassword($initPass);
+ $u->authType="internal";
+ print "Create user ".$u->login."...";
+ $u->save();
+
+ print "OK\n";
+
+ $ug = new fox\userGroup();
+ $ug->name="Administrators";
+ $ug->addAccessRule("isRoot");
+ print "Create usergroup ".$ug->name."...";
+ $ug->save();
+ print "OK\n";
+ print "Join user into ".$u->login." group ".$ug->name."...";
+ $ug->join($u);
+ print "OK\n";
+}
+
+
+
+
+
+?>
\ No newline at end of file
diff --git a/cli/migration.php b/cli/migration.php
new file mode 100755
index 0000000..5c6b7b4
--- /dev/null
+++ b/cli/migration.php
@@ -0,0 +1,28 @@
+#!/usr/bin/php
+name="core";
+ $module->instanceOf="core";
+ $module->namespace="fox";
+}
+
+fox\sql::doMigration($module,__DIR__."/../core/fox");
+
+?>
\ No newline at end of file
diff --git a/composer.json b/composer.json
new file mode 100644
index 0000000..f2df9ba
--- /dev/null
+++ b/composer.json
@@ -0,0 +1,7 @@
+{
+ "require" : {
+ "aws/aws-sdk-php" : "^3.208",
+ "html2text/html2text" : "^4.3",
+ "phpmailer/phpmailer" : "~6.5.3"
+ }
+}
\ No newline at end of file
diff --git a/core/.htaccess b/core/.htaccess
new file mode 100644
index 0000000..e69de29
diff --git a/core/fox/.htaccess b/core/fox/.htaccess
new file mode 100644
index 0000000..93169e4
--- /dev/null
+++ b/core/fox/.htaccess
@@ -0,0 +1,2 @@
+Order deny,allow
+Deny from all
diff --git a/core/fox/UID.php b/core/fox/UID.php
new file mode 100644
index 0000000..09f51d0
--- /dev/null
+++ b/core/fox/UID.php
@@ -0,0 +1,133 @@
+ [
+ "type" => "VARCHAR(255)",
+ "nullable" => false,
+ "index" => "INDEX"
+ ],
+ "class" => [
+ "type" => "VARCHAR(255)",
+ "nullable" => false
+ ]
+ ];
+
+ public function __get($key)
+ {
+ if (! empty($this->id) && $this->__loaded == false) {
+ $this->fill($this->id);
+ }
+
+ return parent::__get($key);
+ }
+
+ public function __fromString($val)
+ {
+ if (! static::check($val)) {
+ throw new Exception("Invalid UID format");
+ }
+ $uid = substr(static::clear($val), 0, 9);
+ $this->id = $uid - $this->getOffset();
+ }
+
+ public static function clear($code)
+ {
+ return preg_replace('![^0-9]+!', '', $code);
+ }
+
+ public function print()
+ {
+ return (substr($this->__toString(), 0, 4) . "-" . substr($this->__toString(), 4, 4) . "-" . substr($this->__toString(), 8, 2));
+ }
+
+ public static function check($code)
+ {
+ $code = static::clear($code);
+ if (strlen($code) != 10) {
+ return false;
+ }
+ return (substr($code, 9, 1) == self::checksum($code));
+ }
+
+ protected static function checksum($code)
+ {
+ $sum1 = substr($code, 1, 1) + substr($code, 3, 1) + substr($code, 5, 1) + substr($code, 7, 1);
+ $sum1 = $sum1 * 3;
+ $sum2 = substr($code, 0, 1) + substr($code, 2, 1) + substr($code, 4, 1) + substr($code, 6, 1) + substr($code, 8, 1);
+ $sum = $sum1 + $sum2;
+ $ceil = ceil(($sum / 10)) * 10;
+ $delta = $ceil - $sum;
+ return $delta;
+ }
+
+ public static $sqlTable = "tblRegistry";
+
+ protected function getOffset()
+ {
+ $offset = config::get("UIDOffset");
+ if (! is_numeric($offset)) {
+ $offset = 0;
+ } elseif ($offset > 90) {
+ $offset = 90;
+ }
+ $offset = 100000000 + ($offset * 1000000);
+ return $offset;
+ }
+
+ public function __toString(): string
+ {
+ if (empty($this->id)) {
+ return "";
+ } else {
+ $code = $this->getOffset() + $this->id;
+ return $code . static::checksum($code);
+ }
+ }
+
+ public function isNull(): bool
+ {
+ return ($this->id === null);
+ }
+
+ public function issue($instance, $class)
+ {
+ $this->instance = $instance;
+ $this->class = $class;
+ $this->save();
+ }
+
+ public static function qIssue($instance, $class) {
+ $uid = new static();
+ $uid->issue($instance, $class);
+ return $uid;
+ }
+
+ public function jsonSerialize() {
+ return $this->__toString();
+ }
+}
+?>
\ No newline at end of file
diff --git a/core/fox/auth.php b/core/fox/auth.php
new file mode 100644
index 0000000..039f46a
--- /dev/null
+++ b/core/fox/auth.php
@@ -0,0 +1,31 @@
+quickExec1Line("select * from `" . user::$sqlTable . "` where `login` = '" . common::clearInput($login) . "' and `secret` = '" . xcrypt::hash($password) . "'");
+ if ($res) {
+ $u = new user($res);
+ return $u;
+ } else {
+ return false;
+ }
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/core/fox/auth/.htaccess b/core/fox/auth/.htaccess
new file mode 100644
index 0000000..93169e4
--- /dev/null
+++ b/core/fox/auth/.htaccess
@@ -0,0 +1,2 @@
+Order deny,allow
+Deny from all
diff --git a/core/fox/auth/login.php b/core/fox/auth/login.php
new file mode 100644
index 0000000..40d8c26
--- /dev/null
+++ b/core/fox/auth/login.php
@@ -0,0 +1,56 @@
+method) {
+ case "POST":
+ if ($request->authOK) {
+ return;
+ }
+ if (! (gettype($request->requestBody) == "object" && property_exists($request->requestBody, "login") && property_exists($request->requestBody, "password"))) {
+ throw new foxException("Bad request", 400);
+ }
+
+ $type = "API";
+ if (property_exists($request->requestBody, "type")) {
+ $type = $request->requestBody->type;
+ }
+
+ if ($u = auth::doAuth($request->requestBody->login, $request->requestBody->password)) {
+ $t = authToken::issue($u, $type);
+ return [
+ "token" => $t->token,
+ "expire" => $t->expireStamp->isNull() ? "Never" : $t->expireStamp
+ ];
+ } else {
+ throw new foxException("Authorization failed", 401);
+ }
+ break;
+ default:
+ throw new foxException("Bad request", 400);
+ }
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/core/fox/auth/oauth.php b/core/fox/auth/oauth.php
new file mode 100644
index 0000000..0df4164
--- /dev/null
+++ b/core/fox/auth/oauth.php
@@ -0,0 +1,71 @@
+method) {
+ case "GET":
+ try {
+ $profile = new oAuthProfile(common::clearInput($request->function,"0-9"));
+ } catch (\Exception $e) {
+ if ($e->getCode()==691) {
+ throw new foxException("Not found",404);
+ } else {
+ throw $e;
+ }
+ }
+ if ($profile->deleted || !$profile->enabled) {
+ throw new foxException("Not found",404);
+ }
+ return [
+ "id"=>$profile->id,
+ "name"=>$profile->name,
+ "url"=>$profile->getClient(config::get("SITEPREFIX")."/auth/oauth")->getAuthURL(),
+ "icon"=>$profile->getClient(config::get("SITEPREFIX"))->getAuthIcon(),
+ ];
+ break;
+
+ case "POST":
+ $profile = oAuthProfile::getByHash(common::clearInput($request->requestBody->hash));
+ $oac = $profile->getClient(config::get("SITEPREFIX")."/auth/oauth");
+ $xTokens=$oac->getTokenByCode(common::clearInput($request->requestBody->code));
+ $userInfo=$oac->getUserInfo();
+ $userRefId=$profile->id.":".$userInfo->sub;
+ $u=user::getByRefID("oauth",$userRefId);
+
+ if (!$u) {
+ foxException::throw("ERR", "User not registered",401,"UNR");
+ }
+
+ $t = authToken::issue($u, "WEB");
+ return [
+ "token" => $t->token,
+ "expire" => $t->expireStamp->isNull() ? "Never" : $t->expireStamp
+ ];
+
+ return $u;
+ break;
+ }
+ }
+}
\ No newline at end of file
diff --git a/core/fox/auth/register.php b/core/fox/auth/register.php
new file mode 100644
index 0000000..268cd65
--- /dev/null
+++ b/core/fox/auth/register.php
@@ -0,0 +1,190 @@
+requestBody->email,"0-9A-Za-z_.@-");
+ $regCode = common::clearInput($request->requestBody->regCode,"0-9");
+
+ $authType = explode("_", $request->requestBody->authType)[0];
+ $ic=null;
+ if (!empty($regCode)) {
+ $ic=userInvitation::getByCode($regCode);
+ if (!$ic || ($ic->expireStamp->stamp>time())) {
+ $ic=null;
+ }
+ } else {
+ $ic =userInvitation::getByEMail($eMail);
+ }
+
+ if ($authType=="oauth") {
+ $profile = oAuthProfile::getByHash(common::clearInput($request->requestBody->oAuthHash));
+ $oac = $profile->getClient(config::get("SITEPREFIX")."/auth/oauth");
+ $oac->getTokenByCode(common::clearInput($request->requestBody->oAuthCode));
+ $userInfo=$oac->getUserInfo();
+ $userRefId=$profile->id.":".$userInfo->sub;
+ $u=user::getByRefID("oauth",$userRefId);
+
+ if (!$u) {
+
+ $u = new user();
+ // $u->login=uniqid();
+ $u->eMail=$eMail;
+ $u->authType="oauth";
+ $u->authRefId=$userRefId;
+ $u->fullName=$userInfo->name;
+ $u->save();
+ }
+
+ } elseif ($authType=="password") {
+ $login = common::clearInput($request->requestBody->login,"0-9A-Za-z_.-");
+ $passwd = $request->requestBody->password;
+ if (user::getByLogin($login)) {
+ foxException::throw("ERR","Login already registered","409","LAR");
+ }
+
+ if (preg_match("/^[0-9]/",$login)) {
+ foxException::throw("ERR","Invalid login format num","406","ILF");
+ }
+
+ if (strlen($login) < 5) {
+ foxException::throw("ERR","Invalid login format len","406","ILF");
+ }
+
+ if (strlen($passwd) < static::minPasswordLength) {
+ foxException::throw("ERR","Invalid password format len","406","IPF");
+ }
+
+ $u=new user();
+ $u->login=$login;
+ $u->fullName=common::clearInput($request->requestBody->fullName,"0-9A-Za-zА-Яа-я ._-");
+ $u->authType="internal";
+ $u->eMail=$eMail;
+ $u->setPassword($passwd);
+ $u->save();
+ }
+
+ if ($ic) {
+ if ($ic && ($ic->expireStamp->stamp<=time())) {
+ foreach ($ic->joinGroupsId as $grid) {
+ $group = new userGroup($grid);
+ $group->join($u);
+ }
+ }
+ if (!$ic->allowMultiUse) { $ic->delete(); }
+ }
+
+ try {
+ $u->sendEMailConfirmation();
+ } catch (\Exception $e) {
+ trigger_error($e->getMessage());
+ }
+
+ $t = authToken::issue($u, "WEB");
+ return [
+ "token" => $t->token,
+ "expire" => $t->expireStamp->isNull() ? "Never" : $t->expireStamp
+ ];
+ }
+
+ public static function API_POST_recovery(request $request) {
+ $eMail = common::clearInput($request->requestBody->email,"0-9A-Za-z_.@-");
+ if (!common::validateEMail($eMail)) { foxException::throw("ERR","Invalid eMail format",406,"IMF");}
+ $u=user::getByEmail($eMail);
+ if (!$u || $u->authType!=='internal' || !$u->eMailConfirmed) { foxException::throw("ERR","Not found",404,"URNF");}
+ $u->sendPasswordRecovery();
+ }
+
+ public static function API_POST_validateRecovery(request $request) {
+ $code = common::clearInput($request->requestBody->code,"0-9");
+ $eMail = common::clearInput($request->requestBody->email,"0-9A-Za-z_.@-");
+ if (!common::validateEMail($eMail)) { foxException::throw("ERR","Invalid eMail format",406,"IMF");}
+ $u=user::getByEmail($eMail);
+ if (!$u || $u->authType!=='internal' || !$u->eMailConfirmed) { foxException::throw("ERR","Not found",404,"URNF");}
+ if ($u->validateRecoveryCode($code)) {
+ return;
+ } else {
+ foxException::throw("ERR", "Validation failed", 400,"IVCC");
+ }
+ }
+
+ public static function API_POST_setNewPassword(request $request) {
+ $code = common::clearInput($request->requestBody->code,"0-9");
+ $eMail = common::clearInput($request->requestBody->email,"0-9A-Za-z_.@-");
+ $passwd=$request->requestBody->newPasswd;
+ if (strlen($passwd) < static::minPasswordLength) {
+ foxException::throw("ERR","Invalid password format len","406","IPF");
+ }
+ if (!common::validateEMail($eMail)) { foxException::throw("ERR","Invalid eMail format",406,"IMF");}
+ $u=user::getByEmail($eMail);
+ if (!$u || $u->authType!=='internal' || !$u->eMailConfirmed) { foxException::throw("ERR","Not found",404,"URNF");}
+ if ($u->validateRecoveryCode($code,true)) {
+
+ $u->setPassword($passwd);
+ $u->save();
+
+
+ $t = authToken::issue($u, "WEB");
+ return [
+ "token" => $t->token,
+ "expire" => $t->expireStamp->isNull() ? "Never" : $t->expireStamp
+ ];
+ } else {
+ foxException::throw("ERR", "Validation failed", 400,"IVCC");
+ }
+ }
+
+ protected static function validate(request $request) {
+ $eMail = common::clearInput($request->requestBody->email,"0-9A-Za-z_.@-");
+ $code = common::clearInput($request->requestBody->regCode,"0-9");
+ $ic=null;
+ if (!empty($code)) {
+ $ic=userInvitation::getByCode($code);
+
+ if (!$ic || (!$ic->expireStamp->isNull() && $ic->expireStamp->stamp
\ No newline at end of file
diff --git a/core/fox/auth/session.php b/core/fox/auth/session.php
new file mode 100644
index 0000000..b4ba632
--- /dev/null
+++ b/core/fox/auth/session.php
@@ -0,0 +1,64 @@
+method) {
+ case "DELETE":
+ if (! ($request->authOK)) {
+ throw new foxException("Bad request", 501);
+ }
+
+ $request->token->delete();
+ return;
+ case "GET":
+ if ($request->authOK) {
+ $modules=[];
+ $i = 0;
+ foreach (modules::listInstalled() as $mod) {
+ if (array_search("menu", $mod->features) !== false && $request->user->checkAccess($mod->globalAccessKey, $mod->name) && ! empty($mod->menuItem)) {
+ $i ++;
+ $modules[($mod->modPriority * 100) + $i] = [
+ "name" => $mod->name,
+ "instanceOf" => $mod->instanceOf,
+ "menu" => $mod->menuItem,
+ "globalAccesKey" => $mod->globalAccessKey,
+ "languages" => $mod->languages
+ ];
+ }
+ }
+
+ return [
+ "updated" => time(),
+ "user" => $request->token->user,
+ "acls" => $request->user->getAccessRules(),
+ "modules" => $modules
+ ];
+ }
+ ;
+ throw new foxException("Unauthorized", 401);
+ break;
+ }
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/core/fox/authToken.php b/core/fox/authToken.php
new file mode 100644
index 0000000..0c7bb56
--- /dev/null
+++ b/core/fox/authToken.php
@@ -0,0 +1,252 @@
+ [
+ "name" => "REST API",
+ "defaultTTL" => 10,
+ "allowLogin" => false,
+ "allowRenew" => true,
+ "renewTTL" => 30
+ ],
+ "WEB" => [
+ "name" => "WWW",
+ "defaultTTL" => 32,
+ "allowLogin" => true,
+ "allowRenew" => true,
+ "renewTTL" => 30
+ ],
+ "APP" => [
+ "name" => "Mobile APP",
+ "defaultTTL" => 10,
+ "allowLogin" => true,
+ "allowRenew" => true,
+ "renewTTL" => 30
+ ]
+ ];
+
+ public string $type = "API";
+
+ public static $allowDeleteFromDB = true;
+
+ public static $sqlTable = "tblAuthTokens";
+
+ public static $sqlColumns = [
+ "userId" => [
+ "type" => "INT",
+ "index" => "INDEX",
+ "nullable" => false
+ ],
+ "token1" => [
+ "type" => "CHAR(64)",
+ "index" => "UNIQUE",
+ "nullable" => true
+ ],
+ "token2" => [
+ "type" => "CHAR(64)",
+ "nullable" => false
+ ],
+ "token2b" => [
+ "type" => "CHAR(64)",
+ "nullable" => true
+ ]
+ ];
+
+ public function __xConstruct()
+ {
+ $this->issueStamp = new time(time());
+ $this->expireStamp = new time();
+ $this->renewStamp = new time();
+ }
+
+ public static function dropExpired()
+ {
+ $sql = sql::getConnection();
+ $sql->quickExec("delete from `" . static::$sqlTable . "` where `expireStamp` is not NULL and `expireStamp` < NOW()");
+ }
+
+ public static function getByToken(string $token)
+ {
+ if (strlen($token) != 128) {
+ return null;
+ }
+ $token1 = substr($token, 0, 64);
+ $token2 = substr($token, 64, 64);
+
+ $tx = new static();
+ $sql = $tx->getSql();
+ $sql->quickExec("START TRANSACTION");
+ $row = $sql->quickExec1Line($tx->__sqlSelectTemplate . " where `i`.`token1` = '" . $token1 . "' AND (`expireStamp` is NULL OR `expireStamp` >= NOW()) FOR UPDATE");
+
+ $t = new static($row, $sql);
+
+ $renewTTL = config::get("TOKEN_RENEW_" . $t->type) === null ? static::tokenTypes[$t->type]["renewTTL"] : config::get("TOKEN_RENEW_" . $t->type);
+
+ $rv=null;
+ if (time() > $t->expireStamp->stamp) {
+ // expired, delete
+ // $t->delete();
+ trigger_error("Token expired");
+ } else if (time() < $t->renewStamp->stamp && time() < $t->expireStamp->stamp && $token1 == $t->token1 && ($token2 == $t->token2 || $token2 == $t->token2b)) {
+ // token OK (not expired, match 2A or 2B
+ $rv= $t;
+ } else if (time() > $t->renewStamp->stamp && time() < $t->expireStamp->stamp && $t->token1 == $token1 && $t->token2 == $token2) {
+ // renew expired, 2A matched - renew
+ trigger_error("Token renew started");
+ $t->renew();
+ header("X-Fox-Token-Renew: " . $t->token);
+ trigger_error("Token renew completed");
+ $rv= $t;
+ } else if (time() < $t->expireStamp->stamp && time() > ($t->renewStamp->stamp + $renewTTL / 2) && $t->token1 == $token1 && $t->token2 != $token2 && $t->token2b == $token2) {
+ // RenewExpired, renew+renewTTL/2 - not expired, 2A failed, 2B matched - not update, void conflict, OK
+ trigger_error("Token2B used!");
+ $rv= $t;
+ } else if ($t->token1 == $token1 && $t->token2 != $token2 && $token2 != $t->token2b) {
+ // token2 failed - token are compromised
+ trigger_error("Token #".$t->id." are compromised!");
+ // $t->delete();
+ } else {
+
+ }
+
+ $sql->quickExec("COMMIT");
+
+ if ($rv===null) {
+ trigger_error("Token:: time: ".time()."; Expire: ".$t->expireStamp->stamp."dT(".(time() - $t->expireStamp->stamp)."); Renew: ".$t->renewStamp->stamp."dT(".(time() - $t->renewStamp->stamp).")");
+ }
+
+ return $rv;
+ }
+
+ public static function issue(user $user, $type = null, ?int $expireInDays = null)
+ {
+ static::dropExpired();
+ $t = new authToken();
+ $t->userId = $user->id;
+ $type = strtoupper($type);
+ if (array_key_exists($type, static::tokenTypes)) {
+ $t->type = $type;
+ } else {
+ throw new foxException("Invalid token type");
+ }
+
+ if ($expireInDays === null) {
+ $expireInDays = config::get("TOKEN_TTL_" . $type) === null ? static::tokenTypes[$type]["defaultTTL"] : config::get("TOKEN_TTL_" . $type);
+ }
+
+ $renewTTL = config::get("TOKEN_RENEW_" . $type) === null ? static::tokenTypes[$type]["renewTTL"] : config::get("TOKEN_RENEW_" . $type);
+
+ $t->expireStamp = empty($expireInDays) ? (new time()) : (new time(time() + ($expireInDays * 86400)));
+ $t->renewStamp = empty($renewTTL) ? (new time()) : (new time(time() + ($renewTTL * 60)));
+ ;
+
+ for ($i = 0; $i < 32; $i ++) {
+ $token = substr(preg_replace("/[-_+=\\/]/", "", base64_encode(random_bytes(64))), 0, 64);
+ if (static::getByToken($token) === null) {
+ break;
+ }
+ }
+
+ if ($i >= 32) {
+ throw new foxException("Unable to find token in $i iterations");
+ }
+ if ($i > 0) {
+ trigger_error("Token found in $i iterations");
+ }
+ $t->token1 = $token;
+ $t->token2 = substr(preg_replace("/[-_+=\\/]/", "", base64_encode(random_bytes(64))), 0, 64);
+ $t->save();
+ return $t;
+ }
+
+ public function renew()
+ {
+ $expireAllowRenew = config::get("TOKEN_ALLOW_RENEW_" . $this->type) === null ? static::tokenTypes[$this->type]["allowRenew"] : (config::get("TOKEN_ALLOW_RENEW_" . $this->type) == "true");
+
+ $renewTTL = config::get("TOKEN_RENEW_" . $this->type) === null ? static::tokenTypes[$this->type]["renewTTL"] : config::get("TOKEN_RENEW_" . $this->type);
+
+ $this->renewStamp = empty($renewTTL) ? (new time()) : (new time(time() + ($renewTTL * 60)));
+ ;
+ $this->token2b = $this->token2;
+ $this->token2 = substr(preg_replace("/[-_+=\\/]/", "", base64_encode(random_bytes(64))), 0, 64);
+
+ if ($expireAllowRenew) {
+ $expireInDays = config::get("TOKEN_TTL_" . $this->type) === null ? static::tokenTypes[$this->type]["defaultTTL"] : config::get("TOKEN_TTL_" . $this->type);
+ $this->expireStamp = empty($expireInDays) ? (new time()) : (new time(time() + ($expireInDays * 86400)));
+ } else {
+ if ($this->expireStamp < $this->renewStamp) {
+ $this->renewStamp = $this->expireStamp;
+ }
+ }
+ $this->save();
+ return $this->token;
+ }
+
+ public function __get($key)
+ {
+ switch ($key) {
+ case "token":
+ return $this->token1 . $this->token2;
+
+ case "user":
+ if (empty($this->__user) && ! empty($this->userId)) {
+ $this->__user = new user($this->userId);
+ }
+ return $this->__user;
+ default:
+ return parent::__get($key);
+ }
+ }
+}
+?>
\ No newline at end of file
diff --git a/core/fox/baseClass.php b/core/fox/baseClass.php
new file mode 100644
index 0000000..bac1134
--- /dev/null
+++ b/core/fox/baseClass.php
@@ -0,0 +1,586 @@
+ $conf) {
+ if ($conf["type"] !== "SKIP") {
+ $rv[$key] = static::$sqlColumns[$key];
+ }
+ }
+
+ foreach ($this as $key => $val) {
+ if (array_key_exists($key, static::$sqlColumns)) {
+ continue;
+ }
+ if (preg_match("/^[^_][^_].*/", $key) && (array_search($key, array_merge(static::$excludeProps, static::$excludePropsBase)) === false)) {
+ $type = null;
+ $idx = null;
+ $null = null;
+ switch (gettype($val)) {
+ case "NULL":
+ if ($key == static::$sqlIdx) {
+ $type = "INT";
+ $idx = "AI";
+ $null = false;
+ } else {
+ throw new \Exception("Invalid type conversion for key $key at " . get_class($this));
+ }
+ break;
+ case "array":
+ $type = "TEXT";
+ break;
+ case "integer":
+ $type = "INT";
+ break;
+ case "string":
+ $type = "VARCHAR(255)";
+ break;
+ case "boolean":
+ $type = "INT";
+ break;
+
+ case "object":
+ if (! empty($val::$SQLType)) {
+ $type = $val::$SQLType;
+ } elseif (($val instanceof stringExportable)) {
+ $type = "VARCHAR(255)";
+ } elseif ($val instanceof \JsonSerializable) {
+ $type = "VARCHAR(255)";
+ } else {
+ throw new \Exception("Invalid type conversion for key $key at " . get_class($this));
+ }
+ break;
+ default:
+ throw new \Exception("Invalid type conversion for key $key at " . get_class($this));
+ break;
+ }
+ $rv[$key]["type"] = $type;
+ if ($idx) {
+ $rv[$key]["index"] = $idx;
+ }
+ if ($null !== null) {
+ $rv[$key]["nullable"] = $null;
+ }
+ if ($key == static::$sqlIdx) {
+ $rv[$key]["first"] = true;
+ } else {
+ $rv[$key]["first"] = false;
+ }
+ }
+ }
+ return $rv;
+ }
+
+ protected function checkSql()
+ {
+ if ($this->sql === null) {
+ $this->sql = sql::getConnection();
+ }
+ return;
+ }
+
+ protected function __xConstruct()
+ {}
+
+ public function __construct($id = null, ?namespace\sql $sql = null, $prefix = null, $settings = null)
+ {
+ # How to call from child template:
+ # parent::__construct($id, $sql, $prefix, $settings);
+ $this->__settings = $settings;
+ if (empty($this::$sqlSelectTemplate) and ! empty($this::$sqlTable)) {
+ $this->__sqlSelectTemplate = "select * from `" . $this::$sqlTable . "` as `i`";
+ } else {
+ $this->__sqlSelectTemplate = $this::$sqlSelectTemplate;
+ }
+
+ if (isset($sql)) {
+ $this->sql = &$sql;
+ }
+ $this->fillPrefix = $prefix;
+
+ $this->__xId = $id;
+
+ if ($this->__xConstruct() === false) {
+ // stop autoload content if __xConstruct return FALSE;
+ return;
+ }
+
+ switch (gettype($id)) {
+ case "array":
+ $this->fillFromRow($id);
+ break;
+ case "string":
+ if ($this instanceof stringImportable) {
+ $this->__fromString($id);
+ } elseif (is_numeric($id)) {
+ $this->fill($id);
+ } elseif ($x = json_decode($id)) {
+ $this->fillFromRow($x);
+ } else {
+ throw new \Exception("Invalid input format", 597);
+ }
+ break;
+ case "integer":
+ $this->fill($id);
+ break;
+ case "NULL":
+ break;
+ default:
+ throw new \Exception("Invalid type " . gettype($id) . " for " . get_class($this) . "->__construct", 591);
+ break;
+ }
+ }
+
+ protected function fill($id)
+ {
+ if (! empty($this->__sqlSelectTemplate)) {
+ $this->checkSql();
+ $row = $this->sql->quickExec1Line($this->__sqlSelectTemplate . " where `i`." . $this::$sqlIdx . " = '" . $id . "'");
+ if (! empty($row)) {
+ $this->fillFromRow($row);
+ } else {
+ throw new \Exception("Record with " . (static::$sqlIdx) . " " . $id . " not found in " . get_class($this), 691);
+ }
+ } else {
+ throw new \Exception("Fill by ID not implemented in " . get_class($this), 592);
+ }
+ }
+
+ protected function fillFromRow($row)
+ {
+ foreach ($row as $key => $val) {
+ if (! empty($this->fillPrefix)) {
+ if (! preg_match("/^" . $this->fillPrefix . "/", $key)) {
+ continue;
+ }
+ $key = preg_replace("/^" . $this->fillPrefix . "/", "", $key);
+ }
+
+ if (property_exists($this, $key) || property_exists($this, "__" . $key)) {
+ if (property_exists($this, "__" . $key)) {
+ $key = "__" . $key;
+ }
+
+ if (gettype($this->{$key}) == 'boolean') {
+ $this->{$key} = $val == 1;
+ } elseif ((($this->{$key}) instanceof jsonImportable) || (($this->{$key}) instanceof stringImportable)) {
+ $typeof = get_class(($this->{$key}));
+ $this->{$key} = new $typeof($val);
+ } elseif (gettype($this->{$key}) == "array") {
+ if (gettype($val) == "string") {
+ $this->{$key} = (array) json_decode($val, true);
+ } elseif (gettype($val) == "array") {
+ $this->{$key} = $val;
+ } elseif ($val === null) {
+ $this->{$key} = [];
+ } elseif (gettype($val) == "object") {
+ $this->{$key} = (array) $val;
+ } else {
+ throw new Exception("Invalid type " . gettype($val) . " for " . $key . " in " . get_class($this));
+ }
+ } else {
+ $this->{$key} = $val;
+ }
+ }
+ }
+ }
+
+ public function save()
+ {
+ if (! $this->validateSave()) {
+ return false;
+ }
+ $this->checkSql();
+
+ if (property_exists($this, static::$sqlIdx) && ($this->{static::$sqlIdx} == null)) {
+ return $this->create();
+ } else {
+
+ $class = get_class($this);
+ if (is_numeric($this->{static::$sqlIdx})) {
+ $ref = new $class((int) $this->{static::$sqlIdx});
+ } else {
+ $ref = new $class($this->{static::$sqlIdx});
+ }
+
+ $this->changelog = "";
+ foreach ($this as $key => $val) {
+
+ if ((array_search($key, array_merge(static::$excludeProps, static::$excludePropsBase)) === false) && $ref->{$key} != $this->{$key}) {
+ $stringRef = (is_bool($ref->{$key}) || ! (is_object($ref->{$key}) || is_array($ref->{$key})));
+ $stringVal = (is_bool($val) || ! (is_object($val) || is_array($val)));
+
+ $this->changelog .= "key: " . $key . " changed from " . ($stringRef ? (is_bool($ref->{$key}) ? ($ref->{$key} ? "true" : "false") : $ref->{$key}) : "<" . gettype($ref->{$key}) . ">") . " to " . ($stringVal ? (is_bool($val) ? ($val ? "true" : "false") : $val) : "<" . gettype($val) . ">") . ";\n ";
+ }
+ }
+
+ if (empty($this->changelog)) {
+ return true;
+ }
+ return $this->update();
+ }
+ }
+
+ public function delete()
+ {
+ if (property_exists($this, static::$sqlIdx) && ($this->{static::$sqlIdx} == null)) {
+ return false;
+ }
+ if (static::$allowDeleteFromDB) {
+ if ($this->validateDelete()) {
+ $this->checkSql();
+ $this->sql->quickExec("DELETE FROM `" . static::$sqlTable . "` where " . static::$sqlIdx . " = '" . $this->{static::$sqlIdx} . "'");
+ if (! (empty(static::$deletedFieldName))) {
+ $this->{static::$deletedFieldName} = true;
+ }
+ $this->{static::$sqlIdx} = null;
+ } else {
+ throw new \Exception("ValidateDelete failed");
+ }
+ } elseif (! (empty(static::$deletedFieldName))) {
+ $this->checkSql();
+ $this->sql->quickExec("UPDATE `" . static::$sqlTable . "` set `" . static::$deletedFieldName . "`='1' where " . $this::$sqlIdx . " = '" . $this->{static::$sqlIdx} . "'");
+ $this->{static::$deletedFieldName} = true;
+ return true;
+ } else {
+ throw new \Exception("DELETE not implemented in " . get_class($this), 592);
+ }
+ }
+
+ protected function validateDelete()
+ {
+ return true;
+ }
+
+ protected function update()
+ {
+ if (! empty($this::$sqlTable)) {
+ $this->sql->prepareUpdate($this::$sqlTable);
+ }
+
+ if (empty($this::$sqlTable) || ! $this->updateAddParams()) {
+ throw new \Exception("Method update not implemented in " . get_class($this), 593);
+ }
+ $this->sql->paramClose($this::$sqlIdx . " = '" . $this->{static::$sqlIdx} . "'");
+ $this->sql->quickExecute();
+ return false;
+ }
+
+ protected function create()
+ {
+ if (! empty($this::$sqlTable)) {
+ $this->sql->prepareInsert($this::$sqlTable);
+ }
+
+ if (empty($this::$sqlTable) || ! $this->createAddParams()) {
+ throw new \Exception("Method create not implemented in " . get_class($this), 594);
+ }
+
+ $this->sql->paramClose();
+ $this->sql->quickExecute();
+ if (property_exists($this, static::$sqlIdx)) {
+ $this->{static::$sqlIdx} = $this->sql->getInsertId();
+ if (is_numeric($this->{static::$sqlIdx})) {
+ $this->fill((int) $this->{static::$sqlIdx});
+ } else {
+ $this->fill($this->{static::$sqlIdx});
+ }
+ }
+ return true;
+ }
+
+ protected function updateAddParams()
+ {
+ return $this->addParams();
+ }
+
+ protected function createAddParams()
+ {
+ return $this->addParams();
+ }
+
+ protected function addParams()
+ {
+ $this->checkSql();
+
+ foreach ($this->getSqlSchema() as $key => $conf) {
+ if ($key == static::$sqlIdx) {
+ continue;
+ }
+
+ if (property_exists($this, $key)) {
+ $val = $this->{$key};
+ } elseif (property_exists($this, "__" . $key)) {
+ $val = $this->{"__" . $key};
+ } else {
+ $val = null;
+ }
+
+ if (is_array($val)) {
+ $sqlVal = json_encode($val);
+ $sqlNull = empty($val);
+ } elseif (is_object($val) && ! ($val instanceof stringExportable)) {
+ if ($val instanceof \JsonSerializable) {
+ $sqlVal = json_encode($val);
+ $sqlNull = empty($val);
+ } else {
+ throw new Exception("Oups... $key is not jsonSerialiazable");
+ }
+ } elseif (is_object($val) && ($val instanceof stringExportable)) {
+ if ($val->isNull()) {
+ $sqlVal = null;
+ $sqlNull = true;
+ } else {
+ $sqlVal = (string) $val;
+ $sqlNull = ($val === null);
+ }
+ } elseif (is_bool($val)) {
+ $sqlVal = $val ? 1 : 0;
+ $sqlNull = false;
+ } else {
+ $sqlVal = (string) $val;
+ $sqlNull = ($val === null);
+ }
+
+ if ($sqlNull && array_key_exists("nullable", $conf) && $conf["nullable"] === false) {
+ throw new Exception("Field $key can't be null in " . get_class($this));
+ }
+
+ $this->sql->paramAdd($key, $sqlVal, $sqlNull);
+ }
+
+ return true;
+ }
+
+ protected function validateSave()
+ {
+ return true;
+ }
+
+ public function __get($key)
+ {
+ switch ($key) {
+ case "sqlSelectTemplate":
+ return $this->__sqlSelectTemplate;
+ break;
+ case "sql":
+ $this->checkSql();
+ return $this->sql;
+ case "changelog":
+ return $this->changelog;
+ break;
+ default:
+ if (property_exists($this, $key)) {
+ if ($this->{$key} instanceof stringExportable && !($this->{$key} instanceof \JsonSerializable)) {
+ return (string) $this->{$key};
+ } else {
+ return $this->{$key};
+ }
+ } else {
+ throw new \Exception("property $key not availiable for read in class " . get_class($this), 595);
+ break;
+ }
+ }
+ }
+
+ public function getSql() : sql
+ {
+ $this->checkSql();
+ return $this->sql;
+ }
+
+ public static function getCount($where = null)
+ {
+ $s = new static();
+ if (empty($s::$sqlTable)) {
+ throw new \Exception("Method getTotalCount not implemented in " . get_class($s), 691);
+ }
+
+ $sql = $s->getSql();
+ $res = $sql->quickExec1Line("select count(" . (empty(static::$sqlIdx) ? "*" : static::$sqlIdx) . ") as `cnt` from `" . static::$sqlTable . "`" . (empty($where) ? "" : " where $where"));
+ return $res["cnt"];
+ }
+
+ public function __set($key, $val)
+ {
+ switch ($key) {
+ case "settings":
+ $this->__settings = $val;
+ break;
+ default:
+ throw new \Exception("property $key not availiable for write in class " . get_class($this), 596);
+ break;
+ }
+ }
+
+ public function __debugInfo()
+ {
+ $rv = [];
+ foreach ($this as $key => $value) {
+ if (array_search($key, array_merge(static::$excludeProps, static::$excludePropsBase)) === false && ! preg_match("!^_!", $key)) {
+ if ($value instanceof stringExportable) {
+ if ($value->isNull()) {
+ $rv[$key] = null;
+ } else {
+ $rv[$key] = (string) $value;
+ }
+ } else {
+ $rv[$key] = $value;
+ }
+ }
+ }
+ return $rv;
+ }
+
+ public function export()
+ {
+ $rv = [];
+ foreach ($this as $key => $value) {
+ if (array_search($key, array_merge(static::$excludeProps, static::$excludePropsBase)) === false && ! preg_match("!^_!", $key)) {
+ if (($this->__get($key)) instanceof \JsonSerializable) {
+ $rv[$key] = $this->__get($key);
+ } elseif (($this->__get($key)) instanceof stringExportable) {
+ if (($this->__get($key)->isNull())) {
+ $rv[$key] = null;
+ } else {
+ $rv[$key] = (string) ($this->__get($key));
+ }
+ } else {
+ $rv[$key] = $this->__get($key);
+ }
+ }
+ }
+ return $rv;
+ }
+
+ public function jsonSerialize()
+ {
+ $rv = $this->export();
+ $rv["_type"] = get_class($this);
+ return $rv;
+ }
+
+ protected static function xSearch($where, $pattern, ?array $options, sql $sql) {
+
+ return ["where"=>$where, "join"=>null];
+ }
+
+ public static function search($pattern=null, $pageSize=null, $page=1, $options=[]) {
+ if (static::$sqlTable == null) {
+ throw new \Exception("Search not implemented for ".static::class);
+ }
+ $ref=new static();
+ $sql = $ref->getSql();
+
+ $where="";
+ if (!empty($pattern)) {
+ foreach (static::$sqlColumns as $key=>$val) {
+ if (!empty($val["search"])) {
+ switch (strtolower($val["search"])) {
+ case "strict":
+ $where.=(empty($where)?"":" OR ")."`$key`='".common::clearInput($pattern)."'";
+ break;
+
+ case "like":
+ $where.=(empty($where)?"":" OR ")."`$key` like '%".common::clearInput($pattern)."%'";
+ break;
+
+ case "start":
+ $where.=(empty($where)?"":" OR ")."`$key` like '%".common::clearInput($pattern)."'";
+ break;
+
+ case "invCode":
+ $where.=(empty($where)?"":" OR ")."`$key`='".UID::clear($pattern)."'";
+ break;
+
+ default:
+ continue 2;
+ }
+
+ }
+ }
+ }
+
+ if (static::$deletedFieldName && empty($options["showDeleted"])) {
+ $where = (empty($where)?"":"(".$where.") AND ")."`".static::$deletedFieldName."` = 0";
+ }
+
+ if ($pageSize!==null) {
+ if ($page<1) { $page=1;}
+ $limit = "LIMIT ".($pageSize*($page-1)).", ".$pageSize;
+ } else {
+ $limit="";
+ }
+
+ $xRes=static::xSearch($where, $pattern, $options, $sql);
+ $where = $xRes["where"];
+ $join=$xRes["join"];
+
+ $sqlQueryString=$ref->sqlSelectTemplate.(empty($join)?"":" ".$join).(empty($where)?"":" WHERE ".$where).(empty($limit)?"":" ".$limit);
+
+ $res=$sql->quickExec($sqlQueryString);
+ $rv=[];
+ while ($row=mysqli_fetch_assoc($res)) {
+ $rv[]=new static($row);
+ }
+ return $rv;
+ }
+}
\ No newline at end of file
diff --git a/core/fox/baseModule.php b/core/fox/baseModule.php
new file mode 100644
index 0000000..faef24f
--- /dev/null
+++ b/core/fox/baseModule.php
@@ -0,0 +1,103 @@
+title = static::$title;
+ $mi->modVersion = static::$version;
+ $mi->name = $mi->namespace = substr(static::class, 0, strrpos(static::class, '\\'));
+ $mi->features = static::$features;
+ $mi->isTemplate = true;
+ $mi->singleInstanceOnly = ! static::$allowAlias;
+ $mi->authRequired = static::$authRequred;
+ $mi->ACLRules = static::$ACLRules;
+ $mi->menuItem = static::$menuItem;
+ $mi->globalAccessKey = static::$globalAccessKey;
+ $mi->languages = static::$languages;
+ $mi->configKeys=static::$configKeys;
+
+ return $mi;
+ }
+
+ public static function doMigration() {
+ if (static::$allowAlias) {
+ throw new \Exception("Embedded migration not allowed for multi-instance modules");
+ }
+
+ $modInfo = static::getModInfo();
+ $instances = $modInfo->getInstances();
+
+ foreach ($instances as $module) {
+ \fox\sql::doMigration($module);
+ }
+
+ }
+}
diff --git a/core/fox/cache.php b/core/fox/cache.php
new file mode 100644
index 0000000..920ab13
--- /dev/null
+++ b/core/fox/cache.php
@@ -0,0 +1,124 @@
+connCheck()) {
+ return $mcd;
+ } else {
+ return false;
+ }
+ }
+
+ public function __construct($host = null, $port = null)
+ {
+ if (! class_exists("Memcached")) {
+ $this->mcd = null;
+ return;
+ }
+
+ if (empty($host) && ! empty(config::get("cacheHost"))) {
+ $this->mcd = new \Memcached();
+ $host = config::get("cacheHost");
+ if (empty($port)) {
+ $port = config::get("cachePort");
+ }
+ ;
+ if (empty($port)) {
+ $port = 11211;
+ }
+ }
+
+ if (gettype($host) == 'array') {
+ $this->mcd = new \Memcached();
+ $this->mcd->addServers($host);
+ } elseif (gettype($host) == "string") {
+ $this->mcd = new \Memcached();
+ $this->mcd->addServer($host, $port);
+ } else {
+ $this->mcd = null;
+ return;
+ }
+ $this->prefix = str_pad(strtolower(dechex(crc32(config::get("sitePrefix")))), 8, "0", STR_PAD_LEFT);
+ }
+
+ protected function pConnCheck()
+ {
+ if (! $this->connCheck()) {
+ throw new \Exception("MEMCACHED Not connected!");
+ }
+ }
+
+ public function connCheck()
+ {
+ if (empty($this->mcd)) {
+ return false;
+ }
+ return $this->mcd->getVersion() !== false;
+ }
+
+ public function set($key, $val, $TTL = 300,$encrypt=false)
+ {
+ try {
+ $this->pConnCheck();
+ } catch (\Exception $e) {
+ trigger_error($e->getMessage());
+ return false;
+ }
+ if ($encrypt) {
+ $this->mcd->set($this->prefix . "." . $key, xcrypt::encrypt(json_encode($val)), $TTL);
+ } else {
+ $this->mcd->set($this->prefix . "." . $key, json_encode($val), $TTL);
+ }
+ }
+
+ public function get($key, $array = false)
+ {
+ try {
+ $this->pConnCheck();
+ } catch (\Exception $e) {
+ trigger_error($e->getMessage());
+ return null;
+ }
+
+
+ $xval=$this->mcd->get($this->prefix . "." . $key);
+ if ($xval==null || $xval=="null") { return null; }
+ $rv= json_decode($this->mcd->get($this->prefix . "." . $key), $array);
+ if ($rv !== null) { return $rv; }
+ $rv= json_decode(xcrypt::decrypt($this->mcd->get($this->prefix . "." . $key)), $array);
+ return $rv;
+ }
+
+ public function del($key) {
+ try {
+ $this->pConnCheck();
+ } catch (\Exception $e) {
+ trigger_error($e->getMessage());
+ return false;
+ }
+
+ $this->mcd->delete($this->prefix . "." . $key);
+
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/core/fox/common.php b/core/fox/common.php
new file mode 100644
index 0000000..2236eb6
--- /dev/null
+++ b/core/fox/common.php
@@ -0,0 +1,209 @@
+', '>', $txt);
+ $txt = str_replace("\n", " ", $txt);
+
+ return $txt;
+ }
+
+ // получить значение с get или post
+ static function getVal($name, $regex = '', $skipQuotes = null, $allowEmptyString = true)
+ {
+ if ((! isset($_POST[$name])) && (! isset($_GET[$name]))) {
+ return null;
+ }
+ if ($regex != "") {
+ if (isset($_POST[$name])) {
+ $val = preg_replace('![^' . $regex . ']+!', '', $_POST[$name]);
+ } else {
+ $val = "";
+ }
+ if ($val == "") {
+ if (isset($_GET[$name])) {
+ $val = preg_replace('![^' . $regex . ']+!', '', $_GET[$name]);
+ }
+ ;
+ }
+ } else {
+
+ if (! isset($skipQuotes)) {
+ if (isset($_POST[$name])) {
+ $val = preg_replace("![\'\"]+!", '\"', $_POST[$name]);
+ } else {
+ $val = "";
+ }
+ if ($val == "") {
+ if (isset($_GET[$name])) {
+ $val = preg_replace("![\'\"]+!", '\"', $_GET[$name]);
+ }
+ }
+ } else {
+ if (isset($_POST[$name])) {
+ $val = $_POST[$name];
+ } else {
+ $val = $_GET[$name];
+ }
+ }
+ }
+ if (! $allowEmptyString && $val == "") {
+ $val = null;
+ }
+
+ return $val;
+ }
+
+ static function dropcslash($val)
+ {
+ $val = preg_replace("!\\\([\'\"])+!", "$1", $val);
+ return $val;
+ }
+
+ static function validateEMail($str) {
+ return preg_match("/[0-9A-Za-z_.-]*@[0-9A-Za-z_.-]/", $str);
+ }
+
+ /**
+ * проверяем, что функция mb_ucfirst не объявлена
+ * и включено расширение mbstring (Multibyte String Functions)
+ */
+ static function mbx_ucfirst($str, $encoding = 'UTF-8')
+ {
+ $str = mb_ereg_replace('^[\ ]+', '', $str);
+ $str = mb_strtoupper(mb_substr($str, 0, 1, $encoding), $encoding) . mb_substr($str, 1, mb_strlen($str), $encoding);
+ return $str;
+ }
+
+ static function getGUIDc()
+ {
+ mt_srand((double) microtime() * 10000); // optional for php 4.2.0 and up.
+ $charid = strtoupper(md5(uniqid(rand(), true)));
+ $hyphen = chr(45); // "-"
+ $uuid = substr($charid, 0, 8) . $hyphen . substr($charid, 8, 4) . $hyphen . substr($charid, 12, 4) . $hyphen . substr($charid, 16, 4) . $hyphen . substr($charid, 20, 12);
+
+ return $uuid;
+ }
+
+ static function getGUID()
+ {
+ $cUuid = getGUIDc();
+ $uuid = chr(123) . // "{"
+ $cUuid . chr(125); // "}"
+ return $uuid;
+ }
+
+ static function fullname2qname($first, $mid, $last)
+ {
+ return $last . " " . mb_substr($first, 0, 1) . ". " . mb_substr($mid, 0, 1) . ".";
+ }
+
+ static function text2html($src)
+ {
+ $src = preg_replace("/[\n]/", "", $src);
+ // $src=preg_replace("/[\cr\<\>]/"," ",$src);
+ return $src;
+ }
+
+ static function genPasswd($number, $arr = null)
+ {
+ if (! isset($arr)) {
+ $arr = array(
+ 'a',
+ 'b',
+ 'c',
+ 'd',
+ 'e',
+ 'f',
+ 'g',
+ 'h',
+ 'i',
+ 'j',
+ 'k',
+ 'l',
+ 'm',
+ 'n',
+ 'o',
+ 'p',
+ 'r',
+ 's',
+ 't',
+ 'u',
+ 'v',
+ 'x',
+ 'y',
+ 'z',
+ '1',
+ '2',
+ '3',
+ '4',
+ '5',
+ '6',
+ '7',
+ '8',
+ '9',
+ '0'
+ );
+ }
+ // Генерируем пароль
+ $pass = "";
+ for ($i = 0; $i < $number; $i ++) {
+ // Вычисляем случайный индекс массива
+ $index = rand(0, count($arr) - 1);
+ $pass .= $arr[$index];
+ }
+ return $pass;
+ }
+
+ static function clearInput($val, $regex = "")
+ {
+ if (empty($regex)) {
+ $regex = "[0-9a-zA-Z_.@-]";
+ }
+ return preg_replace('![^' . $regex . ']+!', '', $val);
+ }
+
+ static function replaceMessageFromArray($text, $ref, $template='\$\{([^}]*)\}', $delimiter=".") {
+ $match=[];
+ preg_match_all('/'.$template.'/', $text, $match);
+
+ foreach ($match[1] as $idx=>$val) {
+ $text=str_replace($match[0][$idx], static::getArrayKeyByPath($ref,explode($delimiter,$val)), $text);
+ }
+ return $text;
+ }
+
+ static function getArrayKeyByPath($arr, $path) {
+ if (gettype($path)=="NULL") {
+ return "undefined";
+ } elseif (gettype($path)=="string") { $path=[$path]; }
+
+ while ($key = array_shift($path)) {
+ if (array_key_exists($key, (array)$arr)) {
+ $arr=((array)$arr)[$key];
+ } else {
+ return "undefined";
+ }
+ }
+ return $arr;
+ }
+}
+?>
\ No newline at end of file
diff --git a/core/fox/company.php b/core/fox/company.php
new file mode 100644
index 0000000..fa5be09
--- /dev/null
+++ b/core/fox/company.php
@@ -0,0 +1,66 @@
+ [
+ "type" => "VARCHAR(255)",
+ "nullable" => false
+ ],
+ "qName" => [
+ "type" => "VARCHAR(255)",
+ "nullable" => false
+ ],
+ "description" => [
+ "type" => "VARCHAR(255)"
+ ],
+ "type" => [
+ "type" => "VARCHAR(255)",
+ "nullable" => false
+ ]
+ ];
+
+ public function __xConstruct()
+ {
+ $this->invCode = new UID();
+ }
+
+ protected function validateSave()
+ {
+ if ($this->invCode->isNull()) {
+ $this->invCode->issue("core", get_class($this));
+ }
+ return true;
+ }
+}
+?>
\ No newline at end of file
diff --git a/core/fox/config.php b/core/fox/config.php
new file mode 100644
index 0000000..bb3f616
--- /dev/null
+++ b/core/fox/config.php
@@ -0,0 +1,151 @@
+[
+ "type"=>"INT",
+ "index"=>"AI",
+ ],
+ "module" => [
+ "type" => "VARCHAR(128)",
+ "index" => "INDEX"
+ ],
+ "key" => [
+ "type" => "VARCHAR(128)",
+ "index" => "INDEX"
+ ],
+ "value" => [
+ "type" => "VARCHAR(128)"
+ ]
+ ];
+
+ // stop-list - never search this keys in SQL
+ private const envLockedKeys = [
+ "FOX_SQLSERVER",
+ "FOX_SQLUSER",
+ "FOX_SQLPASSWD",
+ "FOX_SQLDB",
+ "FOX_CACHEHOST",
+ "FOX_CACHEPORT",
+ "FOX_TITLE",
+ "FOX_SITEPREFIX",
+ "FOX_MASTERSECRET",
+ "FOX_UIDOFFSET",
+ "FOX_S3_ENDPOINT",
+ "FOX_S3_LOGIN",
+ "FOX_S3_SECRET",
+ "FOX_S3_REGION",
+ "FOX_INIT_PASSWORD",
+ "FOX_INIT_USERNAME",
+ "FOX_TOKEN_TTL_WEB",
+ "FOX_TOKEN_TTL_API",
+ "FOX_TOKEN_TTL_APP",
+ "FOX_TOKEN_ALLOW_RENEW_WEB",
+ "FOX_TOKEN_ALLOW_RENEW_API",
+ "FOX_TOKEN_ALLOW_RENEW_APP",
+ "FOX_TOKEN_RENEW_WEB",
+ "FOX_TOKEN_RENEW_API",
+ "FOX_TOKEN_RENEW_APP",
+ "FOX_DEFAULT_THEME",
+ "FOX_DEFAULT_PAGESIZE",
+ "FOX_DEFAULT_LANGUAGE",
+ "FOX_DEFAULT_MODULE",
+ "FOX_SESSION_RENEW_SEC",
+ "FOX_ALLOW_REGISTER"
+ ];
+
+ static function get($key, $module = "core")
+ {
+
+ // try serach in ENV
+ if (getenv("FOX_" . strtoupper($key)) !== false) {
+ return getenv("FOX_" . strtoupper($key));
+ }
+
+ // check stop-list
+ if (array_search("FOX_" . strtoupper($key), static::envLockedKeys) !== false) {
+ return null;
+ }
+
+ if (static::get("SQLSERVER")===null) {
+ throw new Exception("Error: SQL config not found");
+ }
+
+ $conf = static::getAll($module);
+ if (array_key_exists($key, $conf)) {
+ return $conf[$key];
+ } else {
+ return null;
+ }
+ }
+
+ static function getAll($module = "core", $forceDB = false, $sql = null)
+ {
+ $cache = new cache();
+ $conf = $cache->get("config." . $module);
+
+ if ($forceDB || $conf === null) {
+ if (empty($sql)) {
+ $sql = new sql();
+ }
+ $res = $sql->quickExec("select `key`,`value` from `tblSettings` where `module` = '$module'");
+ $conf = [];
+ while ($row = mysqli_fetch_assoc($res)) {
+ $conf[$row["key"]] = $row["value"];
+ }
+ $cache->set("config." . $module, $conf);
+ }
+ return (array) $conf;
+ }
+
+ static function set($key, $value, $module)
+ {
+ $sql = new sql();
+ if (static::get($key, $module) !== null) {
+ $sql->prepareUpdate("tblSettings");
+ $sql->paramAddUpdate("value", $value);
+ $sql->paramClose(" `module` = '" . $module . "' and `key` = '" . $key . "'");
+ $sql->execute();
+ } else {
+ $sql->prepareInsert("tblSettings");
+ $sql->paramAddInsert("module", $module);
+ $sql->paramAddInsert("key", $key);
+ $sql->paramAddInsert("value", $value);
+ $sql->paramClose();
+ $sql->execute();
+ }
+ static::getAll($module, true, $sql);
+ }
+
+ static function del($key, $module)
+ {
+ $sql = new sql();
+ $sql->quickExec("delete from `tblSettings` where `module` = '$module' and `key`='$key'");
+ static::getAll($module, true, $sql);
+ }
+
+ static function delAll($module)
+ {
+ $sql = new sql();
+ $sql->quickExec("delete from `tblSettings` where `module` = '$module'");
+ static::getAll($module, true, $sql);
+ }
+}
+?>
\ No newline at end of file
diff --git a/core/fox/confirmCode.php b/core/fox/confirmCode.php
new file mode 100644
index 0000000..8f431a3
--- /dev/null
+++ b/core/fox/confirmCode.php
@@ -0,0 +1,89 @@
+ [
+ "type" => "CHAR(4)",
+ "nullable" => false,
+ "index"=>"INDEX"
+ ],
+ "instance" => [
+ "type" => "VARCHAR(255)",
+ "nullable" => false,
+ ],
+ "class" => [
+ "type" => "VARCHAR(255)",
+ "nullable" => false,
+ ],
+ "operation" => [
+ "type" => "VARCHAR(255)",
+ "nullable" => false,
+ ],
+ "reference" => [
+ "type" => "VARCHAR(255)",
+ "nullable" => false,
+ ],
+ "hash" => [
+ "type" => "VARCHAR(255)",
+ "nullable" => false,
+ ],
+ ];
+
+ protected function __xConstruct()
+ {
+ $this->issueStamp=new time();
+ $this->expireStamp=new time();
+ }
+
+ protected function getHash() {
+ return xcrypt::hash(json_encode([
+ $this->instance,
+ $this->class,
+ $this->operation,
+ $this->reference,
+ $this->payload,
+ ]));
+ }
+
+ public function fillByHash() {
+ if (empty($this->hash)) { $this->hash=$this->getHash();}
+ $this->checkSql();
+ if ($row=$this->sql->quickExec1Line($this->__sqlSelectTemplate." WHERE `hash`='".$this->hash."'")) {
+ $this->fillFromRow($row);
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ protected function validateSave()
+ {
+ if ($this->issueStamp->isNull()) {$this->issueStamp=time::current();};
+ if ($this->expireStamp->isNull()) {$this->expireStamp=time::current()->addSec(static::defaultTTL);}
+ if ($this->code==null) { $this->code=(common::genPasswd(4,[0,1,2,3,4,5,6,7,8,9]));}
+ if (empty($this->instance) || empty($this->class) || empty($this->operation) || empty($this->reference)) {
+ throw new foxException("Empty refences not allowed here","400");
+ }
+ if (empty($this->hash)) {$this->hash = $this->getHash(); }
+
+ return !$this->fillByHash();
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/core/fox/cronDb.php b/core/fox/cronDb.php
new file mode 100644
index 0000000..8c213c3
--- /dev/null
+++ b/core/fox/cronDb.php
@@ -0,0 +1,84 @@
+dbfile));
+
+ $this->s=new SQLite3($this->dbfile);
+ $this->s->busyTimeout(100000);
+ } catch (\Exception $e) {
+ $this->__destruct();
+ throw $e;
+ }
+ if ($init) { $this->initialize();}
+ }
+
+ public function __destruct() {
+ $this->s->close();
+ }
+
+ public function initialize() {
+
+ try {
+ $this->s->exec("drop table if exists `tasks`");
+
+ $this->s->exec("create table if not exists `tasks` (
+ `pid` INTEGER PRIMARY KEY NOT NULL,
+ `hash` text default null,
+ `startStamp` int default 0,
+ `expireStamp` int default 0,
+ `method` text default null
+ )");
+ } catch (\Exception $e) {
+ $this->__destruct();
+ throw $e;
+ }
+ }
+
+ public function getRunningTasks() {
+ $r=$this->s->query("select * from `tasks`");
+ if (empty($r)) {
+ trigger_error("Query failed select * from `tasks`");
+ return null;
+ }
+ $rv=[];
+ while ($row = $r->fetchArray(SQLITE3_ASSOC)) {
+ array_push($rv, $row);;
+ }
+
+ return $rv;
+ }
+
+ public function addTask ($pid, $hash, $method, $TTL) {
+ $st=$this->s->prepare('insert into `tasks` (pid,hash,startStamp, method,expireStamp) values (:pid, :hash,:startStamp,:method,:expireStamp) on conflict(pid) do update set hash=:hash,startStamp=:startStamp, expireStamp=:expireStamp, method=:method');
+ $st->bindValue(':pid', $pid,SQLITE3_INTEGER);
+ $st->bindValue(':hash', $hash,SQLITE3_TEXT);
+ $st->bindValue(':startStamp', time(),SQLITE3_INTEGER);
+ $st->bindValue(':expireStamp', time()+($TTL),SQLITE3_INTEGER);
+ $st->bindValue(':method', $method,SQLITE3_TEXT);
+ $st->execute();
+ }
+
+ public function delTask($pid) {
+ return $this->s->exec("delete from `tasks` where `pid`='".$pid."'");
+ }
+
+}
+?>
\ No newline at end of file
diff --git a/core/fox/dbStoredBase.php b/core/fox/dbStoredBase.php
new file mode 100644
index 0000000..d7071dc
--- /dev/null
+++ b/core/fox/dbStoredBase.php
@@ -0,0 +1,38 @@
+
\ No newline at end of file
diff --git a/core/fox/errorPage.php b/core/fox/errorPage.php
new file mode 100644
index 0000000..45770da
--- /dev/null
+++ b/core/fox/errorPage.php
@@ -0,0 +1,58 @@
+ 'Unauthorized',
+ 402 => 'Unauthorized`',
+ 403 => "Forbidden",
+ 404 => 'Not found',
+ 500 => 'Internal server error'
+ ];
+
+ public static function show($error_code = null, $error_desc = null, $light = null, $json = false)
+ {
+ ob_clean();
+ $error_code_clean = explode(".", $error_code)[0];
+ if (empty($error_code)) {
+ $error_code = "404";
+ }
+ if (empty($error_desc)) {
+ $error_desc = static::defaultErrorDesc[$error_code_clean];
+ }
+
+ if ($light) {
+ if ($json) {
+ print json_encode([
+ "status" => "ERR",
+ "message" => $error_code . ' ' . $error_desc
+ ]);
+ } else {
+ print 'Error: ' . $error_code . ' ' . $error_desc;
+ }
+ header('HTTP/1.0 ' . $error_code . ' ' . $error_desc, true, $error_code_clean);
+ exit();
+ }
+
+ $mod_name = config::get("defaultLoginModule");
+ if (! $mod_name) {
+ $mod_name = "core";
+ }
+
+ static::show($error_code, $error_desc, true);
+ exit();
+ }
+}
+?>
\ No newline at end of file
diff --git a/core/fox/externalCallable.php b/core/fox/externalCallable.php
new file mode 100644
index 0000000..726c95f
--- /dev/null
+++ b/core/fox/externalCallable.php
@@ -0,0 +1,25 @@
+_(request $request);
+ * Example:
+ * public static function API_POST_members(request $request);
+ * public static function APICall(request $request);
+ *
+ */
+
+}
+?>
\ No newline at end of file
diff --git a/core/fox/file.php b/core/fox/file.php
new file mode 100644
index 0000000..4baa1d1
--- /dev/null
+++ b/core/fox/file.php
@@ -0,0 +1,57 @@
+expireStamp=new time();
+ }
+
+ public static $sqlColumns = [
+ "fileName" => [
+ "type" => "VARCHAR(255)",
+ ],
+ "module" => [
+ "type" => "VARCHAR(255)",
+ "index" => "INDEX"
+ ],
+ "class" => [
+ "type" => "VARCHAR(255)",
+ "index" => "INDEX"
+ ],
+ "ownerId" => [
+ "type" => "INT",
+ "index" => "INDEX",
+ "nullable"=>true
+ ],
+ "expireStamp" => [
+ "type" => "DATETIME",
+ "index" => "INDEX",
+ "nullable"=>true
+ ],
+ ];
+
+}
+
+
+?>
\ No newline at end of file
diff --git a/core/fox/fileConverter.php b/core/fox/fileConverter.php
new file mode 100644
index 0000000..e16a534
--- /dev/null
+++ b/core/fox/fileConverter.php
@@ -0,0 +1,95 @@
+ $type
+ ];
+ $files = [
+ "userfile" => $src
+ ];
+
+ // данные для отправки
+ foreach ($postData as $key => $val) {
+ $content .= '--' . $boundary . "\n";
+ $content .= 'Content-Disposition: form-data; name="' . $key . '"' . "\n\n" . $val . "\n";
+ }
+
+ // файлы для отправки
+ foreach ($files as $key => $file) {
+ $content .= '--' . $boundary . "\n";
+ $content .= 'Content-Disposition: form-data; name="' . $key . '"; filename="' . basename($file) . '"' . "\n";
+ $content .= 'Content-Type: ' . "text/xml" . "\n";
+ $content .= 'Content-Transfer-Encoding: binary' . "\n\n";
+ $content .= file_get_contents($file) . "\n";
+ }
+
+ // завершаем контент
+ $content .= "--$boundary--\n";
+
+ $params = array(
+ 'http' => array(
+ 'method' => 'POST',
+ 'content' => $content,
+ 'header' => array(
+ 'Content-Type: multipart/form-data; boundary=' . $boundary
+ )
+ )
+ );
+
+ $context = stream_context_create($params);
+
+ if ($remote = fopen($url, 'rb', false, $context)) {
+ $response = @stream_get_contents($remote);
+ } else {
+ throw new \Exception("Converter failed!");
+ }
+
+ $res = json_decode($response);
+ if ($res->status == 'OK') {
+ $raw = file_get_contents($url . $res->result);
+ if (empty($dst)) {
+ return $raw;
+ } else {
+ file_put_contents($dst, $raw);
+ return true;
+ }
+ } else {
+ throw new \ErrorException("Converter failed: " . $res->message);
+ }
+ }
+}
\ No newline at end of file
diff --git a/core/fox/foxException.php b/core/fox/foxException.php
new file mode 100644
index 0000000..dd329fc
--- /dev/null
+++ b/core/fox/foxException.php
@@ -0,0 +1,59 @@
+setStatus($status);
+ $e->setXCode($xCode);
+ throw $e;
+ }
+
+ public function setStatus($status)
+ {
+ $this->status = $status;
+ }
+
+ public function setXCode($xCode)
+ {
+ $this->xCode=$xCode;
+ }
+
+ public function getStatus()
+ {
+ return $this->status;
+ }
+
+ public function getXCode()
+ {
+ return empty($this->xCode)?$this->code:$this->xCode;
+ }
+
+}
+
+?>
\ No newline at end of file
diff --git a/core/fox/foxRequestResult.php b/core/fox/foxRequestResult.php
new file mode 100644
index 0000000..5bd2027
--- /dev/null
+++ b/core/fox/foxRequestResult.php
@@ -0,0 +1,30 @@
+code = $code;
+ $e->message = $message;
+ $e->retVal = $retVal;
+ throw $e;
+ }
+}
+
+?>
\ No newline at end of file
diff --git a/core/fox/jsonImportable.php b/core/fox/jsonImportable.php
new file mode 100644
index 0000000..d422613
--- /dev/null
+++ b/core/fox/jsonImportable.php
@@ -0,0 +1,18 @@
+
\ No newline at end of file
diff --git a/core/fox/lang/ru.php b/core/fox/lang/ru.php
new file mode 100644
index 0000000..d3ac282
--- /dev/null
+++ b/core/fox/lang/ru.php
@@ -0,0 +1,73 @@
+Приглашение пользователя на \${svcName}
+
+Добрый день!
+Вас пригласили для регистрации на сайте \${svcName}
+
+
+Для регистрации регистрации укажите код \${regCodePrint} в форме регистрации по адресу \${sitePrefix}/auth/register
+или перейдите по ссылке
+
+Если регистрация не требуется либо письмо было отправлено по ошибке - просто проигнориуйте его.
+
+
+Отвечать на это письмо не нужно, так как оно отправлено автоматически.
+
+
+С уважением,
+Команда \${svcName}
+
+
+Добрый день!
+
+Для подтверждения адреса электронной почты укажите код \${confCodePrint} в форме подтверждения по адресу \${sitePrefix}/core/userEmailConfirm
+или перейдите по ссылке
+
+Если Вы не запрашивали подтверждения адреса либо письмо отправлено по ошибке - просто проигнориуйте его.
+
+
+Отвечать на это письмо не нужно, так как оно отправлено автоматически.
+
+
+С уважением,
+Команда \${svcName}
+
+
+";
+
+ const accessRecoverMessageTitle="Восстановление доступа \${svcName}";
+ const accessRecoverMessage="
Код подтверждения \${confCodePrint}
+
+Добрый день!
+
+Для восстановления доступа укажите код \${confCodePrint} в форме восстановления по адресу \${sitePrefix}/auth/recover
+или перейдите по ссылке
+
+Если Вы не запрашивали восстановление доступа - просто проигнориуйте его либо сообщите нам.
+
+
+Отвечать на это письмо не нужно, так как оно отправлено автоматически.
+
+
+С уважением,
+Команда \${svcName}
+
+