From ea352a045a75a4f12d7d7c0f56644217a63dad17 Mon Sep 17 00:00:00 2001
From: Nicolas Roman <nroman@evolix.fr>
Date: Tue, 30 Jul 2019 16:31:35 +0200
Subject: [PATCH] using a more flexible message system with types and content

---
 htdocs/inc/css/main.css          |  5 +++
 inc/webadmin-letsencrypt.php     | 46 ++++++++++++++++++++++++
 tpl/webadmin-letsencrypt.tpl.php | 62 ++++++++++++++++----------------
 3 files changed, 82 insertions(+), 31 deletions(-)

diff --git a/htdocs/inc/css/main.css b/htdocs/inc/css/main.css
index 39748c8..83f329f 100644
--- a/htdocs/inc/css/main.css
+++ b/htdocs/inc/css/main.css
@@ -144,6 +144,11 @@ span.form-warning {
     margin-left: 4px;
 }
 
+span.form-notice {
+    color: #009B85;
+    margin-left: 4px;
+}
+
 span.form-mandatory {
     color: red;
 }
diff --git a/inc/webadmin-letsencrypt.php b/inc/webadmin-letsencrypt.php
index d31580a..5b46c4a 100644
--- a/inc/webadmin-letsencrypt.php
+++ b/inc/webadmin-letsencrypt.php
@@ -32,14 +32,21 @@ $letsencrypt = new letsencryt();
 $errorMessage = '';
 $warningMessage = '';
 
+// it's an array if we want to display multiple messages in the future
+$messages = array();
+
 if (isset($_POST['submit'])) {
     while (true) {
         // check HTTP
         $isRemoteResourceAvailable = $letsencrypt->checkRemoteResourceAvailability($_SESSION['letsencrypt-domains'][0]);
 
         if (!$isRemoteResourceAvailable) {
+
             $errorMessage = "Erreur : Le challenge HTTP a échoué.<br>
                               Merci de vérifier que le dossier <code>/.well-known/evoacme-challenge/</code> est accessible.";
+
+            array_push($messages, ["type" => "error", "content" => $errorMessage]);
+            
             break;
         }
 
@@ -48,8 +55,12 @@ if (isset($_POST['submit'])) {
 
         $failed_domains = array_diff($_SESSION['letsencrypt-domains'], $valid_domains);
         if (!empty($failed_domains)) {
+
             $errorMessage = "Erreur : La vérification DNS a échoué.<br>
                               Merci de vérifier les enregistrements de type A et AAAA pour les domaine(s) suivant(s) :";
+
+            array_push($messages, ["type" => "error", "content" => $errorMessage]);
+
             break;
         }
 
@@ -57,8 +68,12 @@ if (isset($_POST['submit'])) {
         $isCsrGenerated = $letsencrypt->makeCsr($params[1], $_SESSION['letsencrypt-domains']);
 
         if (!$isCsrGenerated) {
+
             $errorMessage = "Erreur : La génération de demande de certificat a échoué.<br>
                               Merci de contacter un administrateur pour continuer.";
+
+            array_push($messages, ["type" => "error", "content" => $errorMessage]);
+
             break;
         }
 
@@ -66,8 +81,12 @@ if (isset($_POST['submit'])) {
         $testGenerateCert = $letsencrypt->generateSSLCertificate($params[1]);
 
         if (!$testGenerateCert) {
+
             $errorMessage = "Erreur : La génération de certificat en mode TEST a échoué.<br>
                               Merci de contacter un administrateur pour continuer.";
+
+            array_push($messages, ["type" => "error", "content" => $errorMessage]);
+
             break;
         }
 
@@ -75,8 +94,12 @@ if (isset($_POST['submit'])) {
         $generateCert = $letsencrypt->generateSSLCertificate($params[1], false);
 
         if (!$generateCert) {
+
             $errorMessage = "Erreur : La génération de certificat a échoué.<br>
                               Merci de contacter un administrateur pour continuer.";
+
+            array_push($messages, ["type" => "error", "content" => $errorMessage]);
+
             break;
         }
 
@@ -88,15 +111,23 @@ if (isset($_POST['submit'])) {
     while(true) {
         // check domains list
         if (empty($_SESSION['letsencrypt-domains'])) {
+
             $errorMessage = "Erreur : la liste des domaines est vide.";
+
+            array_push($messages, ["type" => "error", "content" => $errorMessage]);
+
             break;
         }
 
         // check if evoacme is installed
         $binaries_installed = $letsencrypt->isEvoacmeInstalled();
         if (!$binaries_installed) {
+
             $errorMessage = "Erreur : les binaires Evoacme ne sont pas installés.
                               Veuillez contacter un administrateur.";
+
+            array_push($messages, ["type" => "error", "content" => $errorMessage]);
+
             break;
         }
 
@@ -113,7 +144,11 @@ if (isset($_POST['submit'])) {
             // check if LE is the certificate issuer
             $isIssuerValid = $letsencrypt->isCertIssuedByLetsEncrypt($parsedCertificate["issuer"]);
             if (!$isIssuerValid) {
+
                 $errorMessage = "Erreur : le certificat existant n'est pas géré par Let's Encrypt.";
+
+                array_push($messages, ["type" => "error", "content" => $errorMessage]);
+
                 break 2; // break the foreach and the while
             }
 
@@ -121,8 +156,12 @@ if (isset($_POST['submit'])) {
 
             $isCertValid = $letsencrypt->isCertValid($parsedCertificate["validUntil"]);
             if (!$isCertValid && !isset($_POST['force_renew'])) {
+
                 $warningMessage = "Attention : le certificat existant n'est plus valide.
                                  Souhaitez-vous le renouveller ?";
+
+                array_push($messages, ["type" => "warning", "content" => $warningMessage]);
+
                 break 2;
             } else {
                 $validUntil = date("d/m/Y", $parsedCertificate["validUntil"]);
@@ -141,10 +180,15 @@ if (isset($_POST['submit'])) {
             $domainsNotIncluded = array_diff($_SESSION['letsencrypt-domains'], $domainsIncluded);
 
             if (empty($domainsNotIncluded)) {
+
                 $errorMessage = "Le certificat existant couvre déjà tous les domaines jusqu'au " . $validUntil . ".";
+
+                array_push($messages, ["type" => "notice", "content" => $errorMessage]);
+
                 break;
             }
 
+
             $warningMessage = "Attention : le certificat existant couvre déjà le(s) domaine(s) jusqu'au " . $validUntil . " :<br>";
 
             foreach ($domainsIncluded as $domainIncluded) {
@@ -156,6 +200,8 @@ if (isset($_POST['submit'])) {
             foreach ($domainsNotIncluded as $domainNotIncluded) {
                 $warningMessage .= $domainNotIncluded . "<br>";
             }
+
+            array_push($messages, ["type" => "warning", "content" => $warningMessage]);
         }
         break;
     }
diff --git a/tpl/webadmin-letsencrypt.tpl.php b/tpl/webadmin-letsencrypt.tpl.php
index 266ae2d..ab4653e 100644
--- a/tpl/webadmin-letsencrypt.tpl.php
+++ b/tpl/webadmin-letsencrypt.tpl.php
@@ -1,41 +1,39 @@
 <h2>Gestion Let's Encrypt</h2>
 
 <?php
-if (isset($_POST['submit'])) {
-    if (!empty($errorMessage)) {
-        echo '<span class="form-error">' . $errorMessage . '</span>';
+if (!empty($messages)) {
+    foreach($messages as $message) {
+        switch ($message["type"]) {
+            case "error":
+                echo '<span class="form-error">' . $message["content"] . '</span>';
 
-        if (count($failed_domains) > 0) {
-            echo '<p>';
-            foreach ($failed_domains as $failed_domain) {
-                echo $failed_domain . "<br>";
-            }
-            echo '</p>';
+                if (count($failed_domains) > 0) {
+                    echo '<p>';
+                    foreach ($failed_domains as $failed_domain) {
+                        echo $failed_domain . "<br>";
+                    }
+                    echo '</p>';
+                }
+                break;
+            case "warning":
+                echo '<span class="form-warning">' . $message["content"] . '</span>'; ?>
+                <form name="form-confirm-renew-cert" id="form-confirm-renew-cert" action="" method="POST">
+                    <p>
+                        <input type="hidden" name="force_renew">
+                        <input type="submit" name="submit" value="Confirmer l'installation" style="margin-left:0px;">
+                    </p>
+                </form>
+                <?php
+                break;
+            case "notice":
+                echo '<span class="form-notice">' . $message["content"] . '</span>';
+                break;
+            default:
+                break;
         }
-    } else {
-        echo "Votre certificat SSL a bien été installé !";
     }
 } else {
-    if (!empty($errorMessage)) {
-        echo '<span class="form-error">' . $errorMessage . '</span>';
-
-        if (count($failed_domains) > 0) {
-            echo '<p>';
-            foreach ($failed_domains as $failed_domain) {
-                echo $failed_domain . "<br>";
-            }
-            echo '</p>';
-        }
-    } elseif (!empty($warningMessage)) {
-        echo '<span class="form-warning">' . $warningMessage . '</span>'; ?>
-        <form name="form-confirm-renew-cert" id="form-confirm-renew-cert" action="" method="POST">
-            <p>
-                <input type="hidden" name="force_renew">
-                <input type="submit" name="submit" value="Confirmer l'installation" style="margin-left:0px;">
-            </p>
-        </form>
-        <?php
-    } else {
+    if (isset($_POST["submit"])) {
         echo "<p>Les domaines suivants seront intégrés au certificat : </p>";
         if (count($_SESSION['letsencrypt-domains']) > 0) {
             echo '<p>';
@@ -49,5 +47,7 @@ if (isset($_POST['submit'])) {
             </form>
             <?php
         }
+    } else {
+        echo "Votre certificat SSL a bien été installé !";
     }
 }