BLIS 4.0

.devcontainer/Dockerfile

@@ -5,7 +5,7 @@ FROM ubuntu:noble
 # See the documentation here to see why devcontainers are awesome:
 # https://code.visualstudio.com/docs/remote/containers
 
-ARG PHP_VERSION="5.6"
+ARG PHP_VERSION="7.4"
 
 # Install a bunch of stuff from the standard repositories and a custom PHP repository
 RUN apt-get update && apt-get install -y software-properties-common && \

.devcontainer/docker-compose.yml

@@ -2,7 +2,7 @@ version: '3'
 
 services:
   app:
-    image: ghcr.io/c4g/blis-devcontainer:latest
+    image: ghcr.io/c4g/blis-devcontainer:unstable
     environment:
       - BLIS_LAB_BACKUPS_V2_ENABLED=1
       - BLIS_LAB_CONNECTION_ENABLED=1

.editorconfig

@@ -9,4 +9,7 @@ indent_size = 4
 end_of_line = lf
 charset = utf-8
 trim_trailing_whitespace = true
-insert_final_newline = true
+insert_final_newline = true
+
+[*.blis]
+insert_final_newline = false

.vscode/settings.json

@@ -1,4 +1,5 @@
 {
     // Uncomment if you are working with BLIS on Windows
     // "php.validate.executablePath": "server/php/php.exe"
+    "php.suggest.basic": false
 }

Dockerfile

@@ -1,6 +1,6 @@
 FROM ubuntu:noble
 
-ARG PHP_VERSION="5.6"
+ARG PHP_VERSION="7.4"
 
 # Install a bunch of stuff from the standard repositories
 RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \
@@ -68,4 +68,4 @@
 # Expose port 80 for HTTP
 EXPOSE 80
 
 CMD start-blis && tail -f /var/log/apache2/error.log

bin/crypto.php

@@ -0,0 +1,45 @@
+#!/usr/bin/env php
+<?php
+
+require_once(__DIR__."/../htdocs/encryption/encryption.php");
+
+if ($argc < 2) {
+    echo("You must specify at least \"encrypt\" or \"decrypt\".\n");
+    die(1);
+}
+
+$mode = strtolower($argv[1]);
+
+if ($mode == "encrypt") {
+    $input = $argv[2];
+    $output = $argv[3];
+    $keyfile = $argv[4];
+
+    $result = Encryption::encryptFile($input, $output, $keyfile);
+
+    if ($result) {
+        $log->info("Encryption succeeded.");
+    }
+}
+
+if ($mode == "decrypt") {
+    $input = $argv[2];
+    $output = $argv[3];
+    $keyfile = $argv[4];
+
+    $result = Encryption::decryptFile($input, $output, $keyfile);
+
+    if ($result) {
+        $log->info("Decryption succeeded.");
+    }
+}
+
+if ($mode == "gen") {
+    $filename = $argv[2];
+
+    $key = sodium_crypto_box_keypair();
+    file_put_contents($filename, base64_encode($key));
+
+    $pubkey = sodium_crypto_box_publickey($key);
+    file_put_contents($filename . ".pub", base64_encode($pubkey));
+}

composer.json

@@ -1,6 +1,6 @@
 {
     "require": {
-        "monolog/monolog": "^1.25",
+        "monolog/monolog": "< 3.0.0",
         "phpoffice/phpexcel": "= 1.8.2"
     }
 }

crypttest/readme_dec.md

@@ -0,0 +1,18 @@
+BLIS
+====
+
+C4G Basic Laboratory Information System
+
+#### How to run BLIS
+Clone the repository onto your machine. Download the BLIS runtime files from: [http://blis.cc.gatech.edu/files/BLISRuntime.zip]
+
+Unzip all files from BLISRuntime.zip into the the BLIS/  directory in your repository clone. 
+Run BLIS.exe to start BLIS.
+
+
+#### Documentation webpage
+
+We are hosting online documentations (most updated version) via github page: [https://c4g.github.io/BLIS/](https://c4g.github.io/BLIS/). You can access those files via following links:    
+- [Frequent Asked Questions](https://c4g.github.io/BLIS/faq/)
+- [User Guide](https://c4g.github.io/BLIS/)
+- [Developer Documentation](https://c4g.github.io/BLIS/developer_documentation/developer_guide_v0.1/)

crypttest/receiver.key

@@ -0,0 +1 @@
+FF7XkxihsLYI+5Fu8vMjC9lCNBHyn2/4Jo7brvuNtzFNT24jLOaNnGL3x7HjcxoDcdW+j8x3agwCGE9tjUDgbQ==

crypttest/receiver.key.pub

@@ -0,0 +1 @@
+TU9uIyzmjZxi98ex43MaA3HVvo/Md2oMAhhPbY1A4G0=

crypttest/sender.key

@@ -0,0 +1 @@
+GF5V8Eqlyu/BdrXEzOd5Fdlvk17UvKHkV+qG7K/+OKKmiaF1LMApshfNcF/aHa4KBq16UjJSGlj6GHsAzUb8Bw==

crypttest/sender.key.pub

@@ -0,0 +1 @@
+pomhdSzAKbIXzXBf2h2uCgatelIyUhpY+hh7AM1G/Ac=

crypttest/test.key

@@ -0,0 +1 @@
+vLT09EPg/B9MC0CpRW55KvoaxGp7tm7LgEE05vjekK9ydDpIxnbIT161/szlDOE5eBJMIeok9j9OXOL5ApvKLQ==

crypttest/test.key.pub

@@ -0,0 +1 @@
+cnQ6SMZ2yE9etf7M5QzhOXgSTCHqJPY/Tlzi+QKbyi0=

db/migrations/lab/20250915025855_add_keys_table.sql

@@ -0,0 +1,9 @@
+CREATE TABLE IF NOT EXISTS `keys` (
+  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
+  `name` varchar(100) NOT NULL,
+  `type` varchar(100) NOT NULL,
+  `data` varchar(100) NOT NULL,
+  `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `name` (`name`)
+);

db/migrations/revamp/20250916133257_add_enc_option_to_labconfig.sql

@@ -0,0 +1,3 @@
+ALTER TABLE `lab_config` ADD COLUMN `backup_encryption_enabled` TINYINT(1) NOT NULL DEFAULT 0;
+
+ALTER TABLE `lab_config` ADD COLUMN `backup_encryption_key_id` int(11) unsigned DEFAULT NULL;

htdocs/config/lab_config_add.php

@@ -219,7 +219,7 @@
 
 # Copy contents from langdata_revamp into this new folder
 if (is_dir($LOCAL_PATH."/langdata_".$lab_config_id)) {
-    $log->warn("$LOCAL_PATH/langdata_$lab_config_id already exists. Deleting it.");
+    $log->warning("$LOCAL_PATH/langdata_$lab_config_id already exists. Deleting it.");
     PlatformLib::removeDirectory($LOCAL_PATH."/langdata_".$lab_config_id);
 }
 chmod($LOCAL_PATH."/langdata_revamp", 0755);

htdocs/config/lab_config_resolver.php

@@ -49,6 +49,6 @@ public static function resolveId() {
             }
         }
 
-        $log->warn("Could not resolve lab_config_id. Logged in user ID: " . $_SESSION["user_id"]);
+        $log->warning("Could not resolve lab_config_id. Logged in user ID: " . $_SESSION["user_id"]);
     }
 }

htdocs/config/v2/blis_cloud_server.php

@@ -34,20 +34,20 @@
 $connection_code = str_replace("-", "", $_POST["connection_code"]);
 
 if ($action == "connect") {
-    $log->warn("Connection request received for lab $lab_config_id: $lab_name");
+    $log->warning("Connection request received for lab $lab_config_id: $lab_name");
 
     // look up connection
     $connection = LabConnection::find_by_lab_config_id($lab_config_id);
 
     if ($connection != null) {
         // Lab connection already exists, so this request is trying to re-connect.
-        $log->warn("Lab $lab_config_id is already connected. Re-connecting.");
+        $log->warning("Lab $lab_config_id is already connected. Re-connecting.");
     }
 
     $nrml_code = str_replace("-", "", $connection->connection_code);
 
     if ($connection_code != $nrml_code) {
-        $log->warn("Connection attempted with wrong connection code. Lab ID: $lab_config_id; Incorrect code: $connection_code");
+        $log->warning("Connection attempted with wrong connection code. Lab ID: $lab_config_id; Incorrect code: $connection_code");
         // Connection code does not match
         header(LangUtil::$generalTerms['404_BAD_REQUEST'], true, 400);
         exit;

htdocs/config/v2/connect_to_blis_cloud.php

@@ -109,7 +109,7 @@
         } else {
             $outstr = "Output: $output";
         }
-        $log->warn("Request failed. Curl exit code: $return_code. $outstr");
+        $log->warning("Request failed. Curl exit code: $return_code. $outstr");
         $failure = true;
     }
 }

htdocs/config/v2/lab_config_backup_create_keypair.php

@@ -0,0 +1,75 @@
+<?php
+#
+# (c) C4G, Santosh Vempala, Ruban Monu and Amol Shintre
+# Lists currently accessible lab configurations with options to modify/add
+# Check whether to redirect to lab configuration page
+# Called when the lab admin has only one lab under him/her
+#
+
+require_once(__DIR__."/../../users/accesslist.php");
+require_once(__DIR__."/../../includes/user_lib.php");
+require_once(__DIR__."/../../encryption/keys.php");
+
+global $log;
+
+$current_user_id = $_SESSION["user_id"];
+$current_user = get_user_by_id($current_user_id);
+$lab_config_id = $_REQUEST["id"];
+
+DbUtil::switchToGlobal();
+
+$lab_db_name_query = "SELECT lab_config_id, name, db_name FROM lab_config WHERE lab_config_id = '$lab_config_id';";
+$lab = query_associative_one($lab_db_name_query);
+db_change($lab["db_name"]);
+
+$lab_config_name = $lab["name"];
+
+$super_admin_or_country_dir = is_super_admin($current_user) || is_country_dir($current_user);
+
+$unauthorized = true;
+
+if ($super_admin_or_country_dir) {
+    $unauthorized = false;
+}
+
+if ($unauthorized) {
+    // If the user is not a super admin or country director, they should only
+    // be able to access data for their own lab, and only if they are an admin.
+    if ($lab_config_id == $current_user->labConfigId && is_admin($current_user)) {
+        $unauthorized = false;
+    }
+}
+
+if ($unauthorized) {
+    header(LangUtil::$generalTerms['401_UNAUTHORIZE'], true, 401);
+    header("Location: /home.php");
+    exit;
+}
+
+$keypair_name = trim($_POST['keypair_name']);
+if ($keypair_name == NULL || $keypair_name == "") {
+    $_SESSION['FLASH'] = "Must specify a name for the keypair.";
+    header("Bad Request", true, 400);
+    header("Location: lab_config_backup_settings.php?id=$lab_config_id");
+    exit;
+}
+
+$log->info("Generating new keypair for $lab_config_name ($lab_config_id)");
+
+$key = sodium_crypto_box_keypair();
+$key_b64 = base64_encode($key);
+sodium_memzero($key);
+
+try {
+    db_change($lab["db_name"]);
+    $db_key_id = Key::insert($keypair_name, Key::$KEYPAIR, $key_b64);
+    sodium_memzero($key_b64);
+} catch (Exception $e) {
+    $_SESSION['FLASH'] = "An error occurred generating the keypair: " . $e->getMessage();
+    header("Internal Server Error", true, 500);
+    header("Location: lab_config_backup_settings.php?id=$lab_config_id");
+    exit;
+}
+
+$_SESSION['FLASH'] = "Keypair generated successfully.";
+header("Location: lab_config_backup_settings.php?id=$lab_config_id");