From 98faea2e35476cd0afa2d7f31bb71b742e7c3003 Mon Sep 17 00:00:00 2001
From: igor <irigm@mail.ru>
Date: Wed, 3 Jan 2024 01:24:04 +0600
Subject: [PATCH] =?UTF-8?q?=D0=9D=D0=B5=20=D0=B7=D0=BD=D0=B0=D1=8E=20?=
 =?UTF-8?q?=D1=87=D1=82=D0=BE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 metadata/dbms/DBMSRecords.java | 11 +++++++----
 metadata/dbms/editrecord.js    | 22 +---------------------
 metadata/dbms/login.js         |  2 ++
 metadata/dbms/session.php      |  2 +-
 metadata/dbms/showrecord.js    | 21 +--------------------
 metadata/dbms/tools.js         |  4 ++++
 metadata/include/captcha.php   |  2 +-
 metadata/tree/tree.php         |  2 +-
 metadata/update/set.php        |  2 +-
 9 files changed, 19 insertions(+), 49 deletions(-)

diff --git a/metadata/dbms/DBMSRecords.java b/metadata/dbms/DBMSRecords.java
index c177fb9..2225d61 100644
--- a/metadata/dbms/DBMSRecords.java
+++ b/metadata/dbms/DBMSRecords.java
@@ -99,15 +99,15 @@ public class DBMSRecords implements ServletContextAware {
 
 	public String sendError(int code, String message) {
 		JSONObject json = new JSONObject();
-		json.put("errorCode",code);
-		json.put("errorMessage",message);
+		json.put("error_code",code);
+		json.put("error_message",message);
 		return json.toString();
 	}
 
 	//Документация по @RequestBody http://javastudy.ru/spring-mvc/json-xml/ application/xml
-    @RequestMapping(value = "/records.php",method = {RequestMethod.POST,RequestMethod.GET},produces = "text/plain; charset=utf-8")
+    @RequestMapping(value = "/monitoring/records.php",method = {RequestMethod.POST,RequestMethod.GET},produces = "text/plain; charset=utf-8")
     @ResponseBody
-    public Object ajaxTamer(@ModelAttribute User user,@RequestBody byte[] reqData,@RequestParam(required=false,name="lng") String language_id) {
+    public Object ajaxTamer(@ModelAttribute User user,@RequestBody(required = false) byte[] reqData,@RequestParam(required=false,name="lng") String language_id) {
     	
     	if(language_id!=null && !language_id.equals("")) 
     		user.language_id=language_id;
@@ -115,6 +115,9 @@ public class DBMSRecords implements ServletContextAware {
 
     	boolean error=false;
     	String result=sendError(1,"Request not processed!");
+		if(reqData==null)
+			return result;
+
 		//response.setCharacterEncoding("UTF-8");
 
 		//response.getWriter().append("Served at: ").append(request.getContextPath());
diff --git a/metadata/dbms/editrecord.js b/metadata/dbms/editrecord.js
index c0454c6..229f834 100644
--- a/metadata/dbms/editrecord.js
+++ b/metadata/dbms/editrecord.js
@@ -1204,27 +1204,7 @@ class EdtRec
 		this.hideProgressBar();
 
 		if(node.errorCode>0) {
-			let fullText = node.errorMessage;
-			let smallText = '';
-			let pos1=fullText.indexOf('[[');
-			let pos2=fullText.indexOf(']]');
-			if(pos1>=0 && pos2>=0 && pos1<pos2) smallText=fullText.substring(pos1+2, pos2);
-
-			if(fullText.indexOf("id456[[")>=0){ //Если есть идентификатор того что это перезапись
-				let okFunc=()=>{
-					this.setValue('seq',0);
-					this.sendData(); //Применить ещё раз
-				};
-				if (smallText != '')
-					confirm2(trt('Warning'),smallText, fullText, okFunc, null);
-				else
-					confirm2(trt('Warning'),smallText, '', okFunc, null);
-			}else {
-				if (smallText != '')
-					alert2(trt('Alert'), smallText, fullText);
-				else
-					alert2(trt('Alert'), fullText);
-			}
+			alert2(trt('Alert'), node.errorMessage);
 			return;
 		}
 
diff --git a/metadata/dbms/login.js b/metadata/dbms/login.js
index a3ea1fa..cabee50 100644
--- a/metadata/dbms/login.js
+++ b/metadata/dbms/login.js
@@ -19,8 +19,10 @@ class DBMSUser
 	applyReq(req,fn,node)
 	{
 		this.showShadow(false);
+
 		if(node.errorCode>0) {
 			alert2(trt('Alert'), node.errorMessage);
+			return;
 		}
 
 		if(fn==7)
diff --git a/metadata/dbms/session.php b/metadata/dbms/session.php
index 1b1f4ec..6863dd6 100644
--- a/metadata/dbms/session.php
+++ b/metadata/dbms/session.php
@@ -22,7 +22,7 @@
 	}else
 	if($fn=='1')
 	{
-		@session_start();
+		@session_start(['cookie_lifetime' => 43200,'cookie_secure' => true,'cookie_httponly' => true]);
 		echo session_id();
 		exit;
 	}else
diff --git a/metadata/dbms/showrecord.js b/metadata/dbms/showrecord.js
index e87d4d0..ec0ce60 100644
--- a/metadata/dbms/showrecord.js
+++ b/metadata/dbms/showrecord.js
@@ -52,26 +52,7 @@ class SRec
 		this.hideProgressBar();
 
 		if(node.errorCode>0) {
-			let fullText = node.errorMessage;
-			let smallText = '';
-			let pos1=fullText.indexOf('[[');
-			let pos2=fullText.indexOf(']]');
-			if(pos1>=0 && pos2>=0 && pos1<pos2) smallText=fullText.substring(pos1+2, pos2);
-			if(fullText.indexOf("id456[[")>=0){ //Если есть идентификатор того что это перезапись
-				let okFunc=()=>{
-					this.setValue('seq',0);
-					this.sendData(); //Применить ещё раз
-				};
-				if (smallText != '')
-					confirm2(trt('Warning'),smallText, fullText, okFunc, null);
-				else
-					confirm2(trt('Warning'),smallText, '', okFunc, null);
-			}else {
-				if (smallText != '')
-					alert2(trt('Alert'), smallText, fullText);
-				else
-					alert2(trt('Alert'), fullText);
-			}
+			alert2(trt('Alert'), node.errorMessage);
 			return;
 		}
 
diff --git a/metadata/dbms/tools.js b/metadata/dbms/tools.js
index 486f359..300a11b 100644
--- a/metadata/dbms/tools.js
+++ b/metadata/dbms/tools.js
@@ -244,6 +244,10 @@ function alert2(title,smallText,fullText,okFunc=null)
 		smallText=fullText;
 		fullText='';
 	}
+	let pos1=smallText.indexOf('[[');
+	let pos2=smallText.indexOf(']]');
+	if(pos1>=0 && pos2>=0 && pos1<pos2) smallText=smallText.substring(pos1+2, pos2);
+
 	let win=new TWin(true);
 	win.BuildGUI(10,10);
 	win.setCaption(document.createTextNode(title));
diff --git a/metadata/include/captcha.php b/metadata/include/captcha.php
index da90e84..322fbee 100644
--- a/metadata/include/captcha.php
+++ b/metadata/include/captcha.php
@@ -1,5 +1,5 @@
 <?php
-@session_start();
+@session_start(['cookie_lifetime' => 43200,'cookie_secure' => true,'cookie_httponly' => true]);
 //if(isset($_SESSION['REMOTE_ADDR']) && $_SESSION['REMOTE_ADDR'] != $_SERVER['REMOTE_ADDR']) unset($_SESSION["USER_ID"]); //Делаемся не авторизованным если зашли с другого ip адреса
 if (isset($_REQUEST['id'])) $id = $_REQUEST['id']; else $id = '';
 
diff --git a/metadata/tree/tree.php b/metadata/tree/tree.php
index ed074e0..ac250a0 100644
--- a/metadata/tree/tree.php
+++ b/metadata/tree/tree.php
@@ -6,7 +6,7 @@
  */
 	if(isset($_GET[session_name()]) && $_GET[session_name()]!='') //Чтоб ID сессии переданная гетом был главней а не создавался заново
 		session_id($_GET[session_name()]);
-	@session_start();
+	@session_start(['cookie_lifetime' => 43200,'cookie_secure' => true,'cookie_httponly' => true]);
 	if(isset($_SESSION['REMOTE_ADDR']) && $_SESSION['REMOTE_ADDR'] != $_SERVER['REMOTE_ADDR']) unset($_SESSION["USER_ID"]); //Делаемся не авторизованным если зашли с другого ip адреса
 
 	//sleep(1); //Тестирование с задержкой
diff --git a/metadata/update/set.php b/metadata/update/set.php
index ac7ef87..fc947f7 100644
--- a/metadata/update/set.php
+++ b/metadata/update/set.php
@@ -6,7 +6,7 @@
  */
 	if(isset($_GET[session_name()]) && $_GET[session_name()]!='') //Чтоб сессия переданная гетом была главней
 		session_id($_GET[session_name()]);
-	@session_start();
+	@session_start(['cookie_lifetime' => 43200,'cookie_secure' => true,'cookie_httponly' => true]);
 	if(isset($_SESSION['REMOTE_ADDR']) && $_SESSION['REMOTE_ADDR'] != $_SERVER['REMOTE_ADDR']) unset($_SESSION["USER_ID"]); //Делаемся не авторизованным если зашли с другого ip адреса
 
 	require_once("../include/zip.lib.php");