jilo-web/public_html/index.php

<?php

/**
 * Jilo web logs observer
 *
 * Description: A web interface to Jilo (JItsi Logs Observer), written in PHP
 * Author: Yasen Pramatarov
 * License: GPLv2
 * Project URL: https://lindeas.com/jilo
 * Year: 2024-2025
 * Version: 0.3
 */

// we start output buffering and.
// flush it later only when there is no redirect
ob_start();

// sanitize all input vars that may end up in URLs or forms
require '../app/includes/sanitize.php';

// Initialize message system
require_once '../app/classes/messages.php';
$messages = [];

//include '../app/includes/messages.php';

require '../app/includes/errors.php';

// error reporting, comment out in production
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

// list of available pages
// edit accordingly, add 'pages/PAGE.php'
$allowed_urls = [
    'dashboard',

    'conferences',
    'participants',
    'components',

    'graphs',
    'latest',
    'livejs',

    'agents',

    'config',

    'profile',

    'settings',
    'security',
    'status',
    'logs',
    'help',

    'login',
    'logout',
    'register',
];

// cnfig file
// possible locations, in order of preference
$config_file_locations = [
    __DIR__ . '/../app/config/jilo-web.conf.php',
    __DIR__ . '/../jilo-web.conf.php',
    '/srv/jilo-web/jilo-web.conf.php',
    '/opt/jilo-web/jilo-web.conf.php'
];
$config_file = null;
// try to find the config file
foreach ($config_file_locations as $location) {
    if (file_exists($location)) {
        $config_file = $location;
        break;
    }
}
// if found, use it
if ($config_file) {
    $localConfigPath = str_replace(__DIR__ . '/..', '', $config_file);
    $config = require $config_file;
} else {
    die('Config file not found');
}

$app_root = $config['folder'];

session_name('jilo');
session_start();

// check if logged in
unset($currentUser);
if (isset($_COOKIE['username'])) {
    if ( !isset($_SESSION['username']) ) {
        $_SESSION['username'] = $_COOKIE['username'];
    }
    $currentUser = htmlspecialchars($_SESSION['username']);
}

// redirect to login
if ( !isset($_COOKIE['username']) && ($page !== 'login' && $page !== 'register') ) {
    header('Location: ' . htmlspecialchars($app_root) . '?page=login');
    exit();
}

// connect to db of Jilo Web
require '../app/classes/database.php';
require '../app/includes/database.php';
try {
    $response = connectDB($config);
    if (!$response['db']) {
        throw new Exception('Could not connect to database: ' . $response['error']);
    }
    $dbWeb = $response['db'];
} catch (Exception $e) {
    Messages::flash('ERROR', 'DEFAULT', getError('Error connecting to the database.', $e->getMessage()));
    include '../app/templates/page-header.php';
    include '../app/includes/messages.php';
    include '../app/includes/messages-show.php';
    include '../app/templates/page-footer.php';
    exit();
}

// start logging
require '../app/classes/log.php';
include '../app/helpers/logs.php';
$logObject = new Log($dbWeb);
$user_IP = getUserIP();

// init rate limiter
require '../app/classes/ratelimiter.php';

// get platforms details
require '../app/classes/platform.php';
$platformObject = new Platform($dbWeb);
$platformsAll = $platformObject->getPlatformDetails();

// by default we connect ot the first configured platform
if ($platform_id == '') {
    $platform_id = $platformsAll[0]['id'];
}

$platformDetails = $platformObject->getPlatformDetails($platform_id);

// init user functions
require '../app/classes/user.php';
include '../app/helpers/profile.php';
$userObject = new User($dbWeb);

// logout is a special case, as we can't use session vars for notices
if ($page == 'logout') {

    // clean up session
    session_unset();
    session_destroy();
    setcookie('username', "", time() - 100, $config['folder'], $config['domain'], isset($_SERVER['HTTPS']), true);

    // Log successful logout
    $user_id = $userObject->getUserId($currentUser)[0]['id'];
    $logObject->insertLog($user_id, "Logout: User \"$currentUser\" logged out. IP: $user_IP", 'user');

    // Set success message
    Messages::flash('LOGIN', 'LOGOUT_SUCCESS');

    include '../app/templates/page-header.php';
    include '../app/templates/page-menu.php';
    include '../app/pages/login.php';

} else {

    // if user is logged in, we need user details and rights
    if (isset($currentUser)) {

        // If by error a logged in user requests the login page
        if ($page === 'login') {
            header('Location: ' . htmlspecialchars($app_root));
            exit();
        }
        $user_id = $userObject->getUserId($currentUser)[0]['id'];
        $userDetails = $userObject->getUserDetails($user_id);
        $userRights = $userObject->getUserRights($user_id);
        $userTimezone = isset($userDetails[0]['timezone']) ? $userDetails[0]['timezone'] : 'UTC'; // Default to UTC if no timezone is set


        // check if the Jilo Server is running
        require '../app/classes/server.php';
        $serverObject = new Server($dbWeb);

        $server_host = '127.0.0.1';
        $server_port = '8080';
        $server_endpoint = '/health';
        $server_status = $serverObject->getServerStatus($server_host, $server_port, $server_endpoint);
        if (!$server_status) {
            Messages::flash('ERROR', 'DEFAULT', 'The Jilo Server is not running. Some data may be old and incorrect.', false, true);
        }
    }

    // page building
    include '../app/templates/page-header.php';
    include '../app/templates/page-menu.php';
    if (isset($currentUser)) {
        include '../app/templates/page-sidebar.php';
    }
    if (in_array($page, $allowed_urls)) {
        // all normal pages
        include "../app/pages/{$page}.php";
    } else {
        // the page is not in allowed urls, loading "not found" page
        include '../app/templates/error-notfound.php';
    }
}
// end with the footer
include '../app/templates/page-footer.php';

// flush the output buffer and show the page
ob_end_flush();

// clear errors and notices before next page just in case
unset($_SESSION['error']);
unset($_SESSION['notice']);

?>
Initial code, moved here from the "jilo" repo. 2024-06-28 17:05:32 +00:00			`<?php`

Login/registration fixes 2024-07-01 09:45:07 +00:00			`/**`
			`* Jilo web logs observer`
			`*`
			`* Description: A web interface to Jilo (JItsi Logs Observer), written in PHP`
			`* Author: Yasen Pramatarov`
			`* License: GPLv2`
			`* Project URL: https://lindeas.com/jilo`
Prepares for release 0.3 2025-01-15 17:06:12 +00:00			`* Year: 2024-2025`
			`* Version: 0.3`
Login/registration fixes 2024-07-01 09:45:07 +00:00			`*/`

Adds platform editing code 2024-08-19 10:25:09 +00:00			`// we start output buffering and.`
			`// flush it later only when there is no redirect`
			`ob_start();`

Sanitize all output 2024-10-04 11:18:28 +00:00			`// sanitize all input vars that may end up in URLs or forms`
Reorganizes includes and helpers folders 2025-01-04 16:37:48 +00:00			`require '../app/includes/sanitize.php';`
Centralizes data sanitation 2024-10-04 08:36:45 +00:00
Implements and troubleshoots new messages system 2025-01-06 09:13:28 +00:00			`// Initialize message system`
Reorganizes includes and helpers folders 2025-01-04 16:37:48 +00:00			`require_once '../app/classes/messages.php';`
			`$messages = [];`
Moves the platforms config from flat file to SQLite DB 2024-09-04 09:53:02 +00:00
Messages system troubleshoot 2025-01-07 11:02:57 +00:00			`//include '../app/includes/messages.php';`
Implements and troubleshoots new messages system 2025-01-06 09:13:28 +00:00
			`require '../app/includes/errors.php';`

Fixes error handling and adds changelog 2024-07-04 19:14:12 +00:00			`// error reporting, comment out in production`
			`ini_set('display_errors', 1);`
			`ini_set('display_startup_errors', 1);`
			`error_reporting(E_ALL);`

Login/registration fixes 2024-07-01 09:45:07 +00:00			`// list of available pages`
			`// edit accordingly, add 'pages/PAGE.php'`
			`$allowed_urls = [`
Adds "not found" page 2024-09-13 11:02:59 +00:00			`'dashboard',`

Adds initial conferences search support 2024-07-04 09:04:27 +00:00			`'conferences',`
Adds participant search page and filters 2024-07-07 09:10:41 +00:00			`'participants',`
Adds component events search page 2024-07-08 09:17:35 +00:00			`'components',`
Adds "not found" page 2024-09-13 11:02:59 +00:00
Moves latest data to separate page 2025-01-28 19:18:20 +00:00			`'graphs',`
Adds graphs and latest data pages 2024-10-08 10:23:38 +00:00			`'latest',`
Moves latest data to separate page 2025-01-28 19:18:20 +00:00			`'livejs',`
Adds graphs and latest data pages 2024-10-08 10:23:38 +00:00
Adds "not found" page 2024-09-13 11:02:59 +00:00			`'agents',`

			`'config',`
Moves Jitsi platforms configs to settings 2025-01-23 10:41:29 +00:00
			`'profile',`

			`'settings',`
			`'security',`
Adds Jilo status page 2024-10-19 13:09:16 +00:00			`'status',`
Adds "not found" page 2024-09-13 11:02:59 +00:00			`'logs',`
Adds a help page 2024-10-07 07:00:15 +00:00			`'help',`
Adds "not found" page 2024-09-13 11:02:59 +00:00
			`'login',`
			`'logout',`
			`'register',`
Login/registration fixes 2024-07-01 09:45:07 +00:00			`];`

			`// cnfig file`
Searches for default config file 2024-08-01 08:20:31 +00:00			`// possible locations, in order of preference`
			`$config_file_locations = [`
Separates app code from public files. 2024-08-12 11:12:24 +00:00			`__DIR__ . '/../app/config/jilo-web.conf.php',`
Searches for default config file 2024-08-01 08:20:31 +00:00			`__DIR__ . '/../jilo-web.conf.php',`
			`'/srv/jilo-web/jilo-web.conf.php',`
			`'/opt/jilo-web/jilo-web.conf.php'`
			`];`
			`$config_file = null;`
			`// try to find the config file`
			`foreach ($config_file_locations as $location) {`
			`if (file_exists($location)) {`
			`$config_file = $location;`
			`break;`
			`}`
			`}`
			`// if found, use it`
			`if ($config_file) {`
Fix config page title 2025-01-26 16:32:29 +00:00			`$localConfigPath = str_replace(__DIR__ . '/..', '', $config_file);`
Fixes directory structure 2024-08-13 14:53:52 +00:00			`$config = require $config_file;`
Login/registration fixes 2024-07-01 09:45:07 +00:00			`} else {`
			`die('Config file not found');`
			`}`

bugfixes 2024-10-04 15:13:55 +00:00			`$app_root = $config['folder'];`
Adds search for a specific conference ID 2024-07-05 08:23:31 +00:00
Adds database helper functions 2024-08-10 18:42:44 +00:00			`session_name('jilo');`
Login/registration fixes 2024-07-01 09:45:07 +00:00			`session_start();`
Initial code, moved here from the "jilo" repo. 2024-06-28 17:05:32 +00:00
fixes login issues 2024-07-03 06:37:35 +00:00			`// check if logged in`
Adds access control to pages based on user rights 2024-09-13 09:13:00 +00:00			`unset($currentUser);`
fixes login issues 2024-07-03 06:37:35 +00:00			`if (isset($_COOKIE['username'])) {`
			`if ( !isset($_SESSION['username']) ) {`
			`$_SESSION['username'] = $_COOKIE['username'];`
			`}`
Adds access control to pages based on user rights 2024-09-13 09:13:00 +00:00			`$currentUser = htmlspecialchars($_SESSION['username']);`
Login/registration fixes 2024-07-01 09:45:07 +00:00			`}`
Initial code, moved here from the "jilo" repo. 2024-06-28 17:05:32 +00:00
Login/registration fixes 2024-07-01 09:45:07 +00:00			`// redirect to login`
Fixes login issues 2024-07-03 15:15:32 +00:00			`if ( !isset($_COOKIE['username']) && ($page !== 'login' && $page !== 'register') ) {`
Fixes bugs in URL redirects 2024-10-23 12:28:45 +00:00			`header('Location: ' . htmlspecialchars($app_root) . '?page=login');`
Initial code, moved here from the "jilo" repo. 2024-06-28 17:05:32 +00:00			`exit();`
			`}`

Moves the platforms config from flat file to SQLite DB 2024-09-04 09:53:02 +00:00			`// connect to db of Jilo Web`
			`require '../app/classes/database.php';`
Reorganizes includes and helpers folders 2025-01-04 16:37:48 +00:00			`require '../app/includes/database.php';`
Implements and troubleshoots new messages system 2025-01-06 09:13:28 +00:00			`try {`
			`$response = connectDB($config);`
			`if (!$response['db']) {`
			`throw new Exception('Could not connect to database: ' . $response['error']);`
			`}`
Fixes database connection 2024-11-09 11:06:43 +00:00			`$dbWeb = $response['db'];`
Implements and troubleshoots new messages system 2025-01-06 09:13:28 +00:00			`} catch (Exception $e) {`
			`Messages::flash('ERROR', 'DEFAULT', getError('Error connecting to the database.', $e->getMessage()));`
			`include '../app/templates/page-header.php';`
			`include '../app/includes/messages.php';`
			`include '../app/includes/messages-show.php';`
			`include '../app/templates/page-footer.php';`
			`exit();`
Fixes database connection 2024-11-09 11:06:43 +00:00			`}`
Moves the platforms config from flat file to SQLite DB 2024-09-04 09:53:02 +00:00
Adds initial support for logs 2024-09-16 14:09:37 +00:00			`// start logging`
			`require '../app/classes/log.php';`
Adds user IP to the logs. 2024-09-17 11:22:43 +00:00			`include '../app/helpers/logs.php';`
Adds initial support for logs 2024-09-16 14:09:37 +00:00			`$logObject = new Log($dbWeb);`
Adds user IP to the logs. 2024-09-17 11:22:43 +00:00			`$user_IP = getUserIP();`
Adds initial support for logs 2024-09-16 14:09:37 +00:00
Loads the ratelimiter class and fixes typos 2025-01-03 16:44:08 +00:00			`// init rate limiter`
			`require '../app/classes/ratelimiter.php';`

Moves the platforms config from flat file to SQLite DB 2024-09-04 09:53:02 +00:00			`// get platforms details`
			`require '../app/classes/platform.php';`
			`$platformObject = new Platform($dbWeb);`
			`$platformsAll = $platformObject->getPlatformDetails();`

Better error reporting 2024-08-17 08:20:08 +00:00			`// by default we connect ot the first configured platform`
Centralizes data sanitation 2024-10-04 08:36:45 +00:00			`if ($platform_id == '') {`
			`$platform_id = $platformsAll[0]['id'];`
			`}`

Moves the platforms config from flat file to SQLite DB 2024-09-04 09:53:02 +00:00			`$platformDetails = $platformObject->getPlatformDetails($platform_id);`
Better error reporting 2024-08-17 08:20:08 +00:00
Fixes to the logging system 2024-09-16 16:08:03 +00:00			`// init user functions`
			`require '../app/classes/user.php';`
			`include '../app/helpers/profile.php';`
			`$userObject = new User($dbWeb);`

Reorganizes the pages loading in index.php 2024-09-13 08:05:11 +00:00			`// logout is a special case, as we can't use session vars for notices`
			`if ($page == 'logout') {`
Initial code, moved here from the "jilo" repo. 2024-06-28 17:05:32 +00:00
Reorganizes the pages loading in index.php 2024-09-13 08:05:11 +00:00			`// clean up session`
			`session_unset();`
			`session_destroy();`
			`setcookie('username', "", time() - 100, $config['folder'], $config['domain'], isset($_SERVER['HTTPS']), true);`
Initial code, moved here from the "jilo" repo. 2024-06-28 17:05:32 +00:00
Implements and troubleshoots new messages system 2025-01-06 09:13:28 +00:00			`// Log successful logout`
Fixes logout 2024-09-30 09:52:06 +00:00			`$user_id = $userObject->getUserId($currentUser)[0]['id'];`
			`$logObject->insertLog($user_id, "Logout: User \"$currentUser\" logged out. IP: $user_IP", 'user');`

Implements and troubleshoots new messages system 2025-01-06 09:13:28 +00:00			`// Set success message`
			`Messages::flash('LOGIN', 'LOGOUT_SUCCESS');`
Adds a web interface for ratelimiter 2025-01-04 10:30:44 +00:00
			`include '../app/templates/page-header.php';`
			`include '../app/templates/page-menu.php';`
Implements and troubleshoots new messages system 2025-01-06 09:13:28 +00:00			`include '../app/pages/login.php';`
Adds a web interface for ratelimiter 2025-01-04 10:30:44 +00:00
Reorganizes the pages loading in index.php 2024-09-13 08:05:11 +00:00			`} else {`

Adds access control to pages based on user rights 2024-09-13 09:13:00 +00:00			`// if user is logged in, we need user details and rights`
Fixes bugs and cleans up the code 2024-09-13 10:49:17 +00:00			`if (isset($currentUser)) {`
Adds a Jilo Server check and notice. 2024-10-18 12:41:15 +00:00
Fixes bugs in URL redirects 2024-10-23 12:28:45 +00:00			`// If by error a logged in user requests the login page`
			`if ($page === 'login') {`
			`header('Location: ' . htmlspecialchars($app_root));`
			`exit();`
			`}`
Fixes login logic 2025-01-06 17:28:19 +00:00			`$user_id = $userObject->getUserId($currentUser)[0]['id'];`
			`$userDetails = $userObject->getUserDetails($user_id);`
			`$userRights = $userObject->getUserRights($user_id);`
			`$userTimezone = isset($userDetails[0]['timezone']) ? $userDetails[0]['timezone'] : 'UTC'; // Default to UTC if no timezone is set`

Fixes bugs in URL redirects 2024-10-23 12:28:45 +00:00
Checks jilo server only when logged in 2024-10-23 12:13:01 +00:00			`// check if the Jilo Server is running`
			`require '../app/classes/server.php';`
			`$serverObject = new Server($dbWeb);`

			`$server_host = '127.0.0.1';`
			`$server_port = '8080';`
			`$server_endpoint = '/health';`
			`$server_status = $serverObject->getServerStatus($server_host, $server_port, $server_endpoint);`
			`if (!$server_status) {`
Messages system troubleshoot 2025-01-07 11:02:57 +00:00			`Messages::flash('ERROR', 'DEFAULT', 'The Jilo Server is not running. Some data may be old and incorrect.', false, true);`
Checks jilo server only when logged in 2024-10-23 12:13:01 +00:00			`}`
Adds a Jilo Server check and notice. 2024-10-18 12:41:15 +00:00			`}`

Reorganizes the pages loading in index.php 2024-09-13 08:05:11 +00:00			`// page building`
Adds "not found" page 2024-09-13 11:02:59 +00:00			`include '../app/templates/page-header.php';`
			`include '../app/templates/page-menu.php';`
			`if (isset($currentUser)) {`
			`include '../app/templates/page-sidebar.php';`
			`}`
Reorganizes the pages loading in index.php 2024-09-13 08:05:11 +00:00			`if (in_array($page, $allowed_urls)) {`
			`// all normal pages`
			`include "../app/pages/{$page}.php";`
Login/registration fixes 2024-07-01 09:45:07 +00:00			`} else {`
Adds "not found" page 2024-09-13 11:02:59 +00:00			`// the page is not in allowed urls, loading "not found" page`
			`include '../app/templates/error-notfound.php';`
Cleans up login and register pages. 2024-08-06 07:40:52 +00:00			`}`
Initial code, moved here from the "jilo" repo. 2024-06-28 17:05:32 +00:00			`}`
Reorganizes the pages loading in index.php 2024-09-13 08:05:11 +00:00			`// end with the footer`
Separates app code from public files. 2024-08-12 11:12:24 +00:00			`include '../app/templates/page-footer.php';`
Initial code, moved here from the "jilo" repo. 2024-06-28 17:05:32 +00:00
Adds platform editing code 2024-08-19 10:25:09 +00:00			`// flush the output buffer and show the page`
			`ob_end_flush();`

Login/registration fixes 2024-07-01 09:45:07 +00:00			`// clear errors and notices before next page just in case`
			`unset($_SESSION['error']);`
			`unset($_SESSION['notice']);`

Initial code, moved here from the "jilo" repo. 2024-06-28 17:05:32 +00:00			`?>`