Add PHPDocs generated by ChatGPT,

add additional clarification to some functions,
add addNewsComment function and API, currently untested and not implemented in the client,
fix a bunch of stuff that PHPStorm pointed out
This commit is contained in:
Bruno Rybársky 2024-04-28 22:37:23 +02:00
parent 6e7df7f034
commit 1c9f5cf3c0
17 changed files with 659 additions and 142 deletions

@ -9,7 +9,7 @@ let config =
function isLoggedIn() {
"use strict";
return UserInfo.Email && 0 < UserInfo.Email.length;
return UserInfo.Email && UserInfo.Email.length > 0;
}
async function handleResponse(data, successMessage, failureMessage) {
@ -19,7 +19,7 @@ async function handleResponse(data, successMessage, failureMessage) {
const statusMessage = document.createElement("div");
statusMessage.classList.add("status-message");
if ('Success' === data.Status) {
if (data.Status === 'Success') {
statusMessage.innerText = successMessage;
statusMessage.classList.add("success");
} else {
@ -104,10 +104,10 @@ async function displayList(data, elementId, deleteFunction) {
headerRow.appendChild(th);
}
if ("function" === typeof deleteFunction) {
if (typeof deleteFunction === "function") {
const th = document.createElement("th");
let deleteBtn = document.createElement('i');
deleteBtn.classList = ["ri-delete-bin-line"];
deleteBtn.classList.add("ri-delete-bin-line");
th.appendChild(deleteBtn);
headerRow.appendChild(th);
}
@ -119,7 +119,7 @@ async function displayList(data, elementId, deleteFunction) {
td.appendChild(document.createTextNode(line[key]));
dataRow.appendChild(td);
}
if ("function" === typeof deleteFunction) {
if (typeof deleteFunction === "function") {
const td = document.createElement("td");
const deleteButton = document.createElement('button');
deleteButton.innerHTML = "<i class='ri-delete-bin-line'></i>";
@ -234,13 +234,13 @@ async function articleInit() {
let articleContainerElement = document.getElementById("articlecreatecontainer");
let articleCreateOpenElement = document.getElementById("articlecreateopen");
articleContainerElement.addEventListener("keyup", function (ev) {
if ("Escape" === ev.key) {
if (ev.key === "Escape") {
togglearticlecreate();
}
});
PageIntervals.push(setInterval(renderarticles, config.articleRefresh));
document.getElementById("articleprivilegeinput").setAttribute("max", UserInfo.Privileges);
if (2 > UserInfo.Privileges) {
if (UserInfo.Privileges < 2) {
articleContainerElement.style.display = "none";
articleCreateOpenElement.style.display = "none";
} else {
@ -258,7 +258,7 @@ async function onPageLoad() {
clearInterval(interval);
}
if ("home" === currentSite && "settings" === currentPage) {
if (currentSite === "home" && currentPage === "settings") {
if (document.getElementById("user-settings")) {
await populateUserInfoFields(UserInfo);
}
@ -267,16 +267,16 @@ async function onPageLoad() {
await listUsers(true);
}
}
if ("account" === currentSite && "index" === currentPage && isLoggedIn()) {
if (currentSite === "account" && currentPage === "index" && isLoggedIn()) {
await showDashboardGreeting();
}
if ("news" === currentSite && "index" === currentPage) {
if (currentSite === "news" && currentPage === "index") {
await articleInit();
}
if ("account" === currentSite && "files" === currentPage) {
if (currentSite === "account" && currentPage === "files") {
await listFiles();
}
if ("memes" === currentSite && "index" === currentPage) {
if (currentSite === "memes" && currentPage === "index") {
await getMemeImages();
}
}
@ -461,7 +461,7 @@ async function getUserInfo() {
};
const result = await doAction('/account', data, "User info retrieved Successfully!", "User info retrieval failed.", true);
if (result && "Success" === result.Status) {
if (result && result.Status === "Success") {
Object.keys(result.UserInfo).forEach(index => {
let value = result.UserInfo[index];
localStorage.setItem("UserInfo_" + index, value);
@ -498,7 +498,7 @@ async function listUsers(silent) {
doAction('/account', data, "User list retrieved Successfully!", "User list retrieval failed.", silent).then((result) => {
if (result && "Success" === result.Status) {
if (result && result.Status === "Success") {
displayList(result.Users, "userListTable", deleteUser);
}
});
@ -541,7 +541,7 @@ async function deleteActivationCode(activationCode) {
//Admin settings end
if ("loading" === document.readyState) {
if (document.readyState === "loading") {
document.addEventListener("DOMContentLoaded", initAjax);
} else {
setTimeout(initAjax, 0);
@ -574,7 +574,7 @@ async function getFileList() {
action: "getAllFiles"
}, "Zoznam súborov bol úspešne stiahnutý", "Nastala chyba pri sťahovaní zoznamu súborov", true);
if ("Success" === resp.Status) {
if (resp.Status === "Success") {
return resp.Files;
} else {
return false;
@ -642,10 +642,10 @@ async function reloadMemeVotes(memeID) {
memeVoteCounterElement.innerText = memeVotes;
memeVoteCounterElement.classList.remove("positive", "negative", "neutral");
if (memeVotes > 0) {
if (0 < memeVotes) {
memeVoteCounterElement.classList.add("positive");
}
else if (memeVotes < 0) {
else if (0 > memeVotes) {
memeVoteCounterElement.classList.add("negative");
}
else {
@ -654,20 +654,15 @@ async function reloadMemeVotes(memeID) {
memeVoteUpvoteButtonElement.classList.remove('visual_hover');
memeVoteDownvoteButtonElement.classList.remove('visual_hover');
if (userVote > 0) {
let memeUpvoteVariant = "line";
let memeDownvoteVariant = "line";
if (0 < userVote) {
memeUpvoteVariant = "fill";
memeDownvoteVariant = "line";
memeVoteUpvoteButtonElement.classList.add('visual_hover');
}
else if (userVote < 0) {
memeUpvoteVariant = "line";
} else if (0 > userVote) {
memeDownvoteVariant = "fill";
memeVoteDownvoteButtonElement.classList.add('visual_hover');
}
else {
memeUpvoteVariant = "line";
memeDownvoteVariant = "line";
}
memeVoteUpvoteElement.classList = [`ri-arrow-up-circle-${memeUpvoteVariant}`];
memeVoteDownvoteElement.classList = [`ri-arrow-down-circle-${memeDownvoteVariant}`];
@ -680,13 +675,13 @@ async function voteMeme(memeID, isUpvote){
let memeVoteDelete = false;
if(isUpvote) {
if(memeVoteUpvoteElement.classList.contains("ri-arrow-up-circle-fill")){
deleteVoteMeme(memeID);
await deleteVoteMeme(memeID);
memeVoteDelete = true;
}
}
else {
if(memeVoteDownvoteElement.classList.contains("ri-arrow-down-circle-fill")){
deleteVoteMeme(memeID);
await deleteVoteMeme(memeID);
memeVoteDelete = true;
}
}

@ -371,11 +371,11 @@ div#articleslist>article{
}
.positive {
color: green;
color: #008000;
}
.negative {
color: red;
color: #ff0000;
}
.neutral {
@ -390,12 +390,12 @@ div#articleslist>article{
}
.visual_hover.meme_upvote {
--pico-background-color: green;
--pico-background-color: #008000;
--pico-border-color: unset;
}
.visual_hover.meme_downvote {
--pico-background-color: red;
--pico-background-color: #ff0000;
--pico-border-color: unset;
}

@ -11,6 +11,12 @@ function endpoint($endpoint_data): array
$endpoint_data["title"],
$endpoint_data["body"]
),
"addNewsComment" => addNewsComment(
$endpoint_data["user_id"],
$endpoint_data['news_article_id'],
$endpoint_data["comment_text"],
$endpoint_data["parent_id"]
),
default => ["Status" => "Fail", "message" => "Invalid action"],
};
}

@ -1,32 +1,40 @@
<?php
/** @noinspection PhpIncludeInspection */
require_once 'secrets/config.php';
require_once 'lib/config.php';
require_once 'lib/navigation.php';
require_once 'lib/router.php';
require_once 'lib/page.php';
require_once 'lib/endpoint.php';
require_once 'lib/account.php';
// Include essential configuration and function libraries.
require_once 'secrets/config.php'; // Load sensitive configuration such as database credentials.
require_once 'lib/config.php'; // Load general site configuration settings.
require_once 'lib/navigation.php'; // Include functions related to navigation generation.
require_once 'lib/router.php'; // Include routing functionality to manage URL routing.
require_once 'lib/page.php'; // Functions related to page content generation and management.
require_once 'lib/endpoint.php'; // Functions for handling API endpoints.
require_once 'lib/account.php'; // Include user account management functionality.
// Load configuration for the router from the configuration files.
$routerConfig = loadRouterConfig();
// Initialize the router to parse the request URI and determine the requested site/page.
$routerRequest = initRouter();
// Start or resume a session to manage user sessions across requests.
session_start();
// Set default session data if the user is not logged in.
if (!isLoggedIn()) {
setDefaultSessionData();
}
// Handle requests for the sitemap.
if ($routerRequest["site_name"] == "sitemap.xml") {
require "lib/sitemap.php";
generateSitemap();
exit();
require "lib/sitemap.php"; // Include sitemap generation functions.
echo generateSitemap(); // Generate and output the sitemap XML.
exit(); // Stop script execution after sitemap generation.
}
// Handle API type requests by fetching and outputting the endpoint response.
if ($routerRequest["type"] == "api") {
echo getEndpoint($routerRequest["site_name"]);
} elseif ($routerRequest["type"] == "page") {
}
// Handle page type requests by fetching and rendering the page content.
elseif ($routerRequest["type"] == "page") {
echo getPage($routerRequest["site_name"], $routerRequest["page_name"]);
}

@ -1,52 +1,95 @@
<?php
use Random\RandomException;
/**
* Checks if the current session represents a logged-in user.
*
* @global array $routerConfig Global configuration array containing permission thresholds.
* @return bool Returns true if the user is logged in and meets the minimum privilege level; otherwise, false.
*/
function isLoggedIn(): bool
{
global $routerConfig;
return $_SESSION["ID"] > 0 && !empty($_SESSION["email"]) && $_SESSION["privilege_level"] >= $routerConfig["permissions"]["logged_in_default"];
}
/**
* Checks if the logged-in user is verified.
*
* @global array $routerConfig Global configuration array containing permission thresholds.
* @return bool Returns true if the user is logged in and verified; otherwise, false.
*/
function isVerified(): bool
{
global $routerConfig;
return isLoggedIn() && $_SESSION["privilege_level"] >= $routerConfig["permissions"]["verified"];
}
/**
* Checks if the logged-in user is trustworthy.
*
* @global array $routerConfig Global configuration array containing permission thresholds.
* @return bool Returns true if the user is logged in and considered trustworthy; otherwise, false.
*/
function isTrustWorthy(): bool
{
global $routerConfig;
return isLoggedIn() && $_SESSION["privilege_level"] >= $routerConfig["permissions"]["trustworthy"];
}
/**
* Checks if the logged-in user is a moderator.
*
* @global array $routerConfig Global configuration array containing permission thresholds.
* @return bool Returns true if the user is logged in and a moderator; otherwise, false.
*/
function isModerator(): bool
{
global $routerConfig;
return isLoggedIn() && $_SESSION["privilege_level"] >= $routerConfig["permissions"]["moderator"];
}
/**
* Checks if the logged-in user is a user admin.
*
* @global array $routerConfig Global configuration array containing permission thresholds.
* @return bool Returns true if the user is logged in and a user admin; otherwise, false.
*/
function isUserAdmin(): bool
{
global $routerConfig;
return isLoggedIn() && $_SESSION["privilege_level"] >= $routerConfig["permissions"]["user_admin"];
}
/**
* Checks if the logged-in user is an admin.
*
* @global array $routerConfig Global configuration array containing permission thresholds.
* @return bool Returns true if the user is logged in and an admin; otherwise, false.
*/
function isAdmin(): bool
{
global $routerConfig;
return isLoggedIn() && $_SESSION["privilege_level"] >= $routerConfig["permissions"]["admin"];
}
function generateActivationToken(): string
/**
* Generates a secure token for account activation or other purposes using cryptographic methods.
*
* @return string|null Returns a hexadecimal token or null in case of an error.
*/
function generateActivationToken(): ?string
{
try {
return bin2hex(random_bytes(16));
} catch (RandomException) {
return null;
}
}
function isEmailAvailable($email): bool
/**
* Checks if an email address is available for registration.
*
* @param string $email The email address to check.
* @return bool Returns true if the email is not already registered; otherwise, false.
*@global mysqli $mysqli Global mysqli object for database access.
*/
function isEmailAvailable(string $email): bool
{
global $mysqli;
$stmt = $mysqli->prepare("SELECT COUNT(*) FROM Users WHERE Email = ?");
@ -59,7 +102,12 @@ function isEmailAvailable($email): bool
return $count === 0;
}
/**
* Sets default session data typically used for a logged-out user(includes users that have just visited the page).
*
* @global array $routerConfig Global configuration array used for setting initial privilege levels.
* @return void
*/
function setDefaultSessionData(): void
{
global $routerConfig;
@ -71,8 +119,15 @@ function setDefaultSessionData(): void
$_SESSION["minecraft_nickname"] = "";
$_SESSION["privilege_level"] = $routerConfig["permissions"]["logged_out"];
}
function verifyPassword($userID, $password): bool
/**
* Verifies if the provided password matches the stored hash for the user.
*
* @param int $userID The user ID whose password is to be verified.
* @param string $password The password to verify.
* @return bool Returns true if the password matches the stored hash; otherwise, false.
*@global mysqli $mysqli Global mysqli object for database access.
*/
function verifyPassword(int $userID, string $password): bool
{
global $mysqli;
$stmt = $mysqli->prepare("SELECT PasswordHash FROM Users WHERE ID = ?");
@ -85,7 +140,12 @@ function verifyPassword($userID, $password): bool
return !empty($password_hash) && !empty($password) && password_verify($password, $password_hash);
}
/**
* Updates session data from the database for the logged-in user.
*
* @global mysqli $mysqli Global mysqli object for database access.
* @return void
*/
function UpdateSession(): void
{
global $mysqli;
@ -118,8 +178,15 @@ function UpdateSession(): void
$_SESSION["favorite_color"] = $favorite_color;
}
function doLogin($email, $password): array
/**
* Attempts to log in a user with the given credentials.
*
* @param string $email The user's email address.
* @param string $password The user's password.
* @global mysqli $mysqli Global database connection object.
* @return array An array containing the status of the login attempt ('Success' or 'Fail').
*/
function doLogin(string $email, string $password): array
{
global $mysqli;
$found = false;
@ -149,7 +216,12 @@ function doLogin($email, $password): array
}
return $found ? ["Status" => "Success"] : ["Status" => "Fail"];
}
/**
* Logs out the current user by resetting session data.
* Fails when the user wasn't logged in
*
* @return array An array with the logout status ('Success' if logged out, 'Fail' otherwise).
*/
function doLogout(): array
{
if(isLoggedIn()){
@ -159,8 +231,19 @@ function doLogout(): array
return ["Status" => "Fail"];
}
}
function doRegister($firstname, $lastname, $email, $password, $activation_token): array
/**
* Registers a new user with provided personal details and activation token.
*
* @param string $firstname The user's first name.
* @param string $lastname The user's last name.
* @param string $email The user's email.
* @param string $password The user's password.
* @param string $activation_token The activation token to verify the registration.
* @global mysqli $mysqli Global database connection object.
* @global array $routerConfig Global configuration settings.
* @return array An array with the registration status ('Success' or 'Fail').
*/
function doRegister(string $firstname, string $lastname, string $email, string $password, string $activation_token): array
{
global $mysqli, $routerConfig;
$status = ["Status" => "Fail"];
@ -186,8 +269,15 @@ function doRegister($firstname, $lastname, $email, $password, $activation_token)
return $status;
}
function changePassword($oldPassword, $newPassword): array
/**
* Changes the user's password after verifying the old password.
*
* @param string $oldPassword The current password for verification.
* @param string $newPassword The new password to be set.
* @return array An array indicating whether the password change was successful ('Success' or 'Fail').
*@global mysqli $mysqli Global database connection object.
*/
function changePassword(string $oldPassword, string $newPassword): array
{
global $mysqli;
$status = ["Status" => "Fail"];
@ -206,8 +296,17 @@ function changePassword($oldPassword, $newPassword): array
}
// Function to update user profile
function updateUserProfile($firstName, $lastName, $nickname, $minecraft_nickname): array
/**
* Updates user profile information in the database.
*
* @param string $firstName The new first name.
* @param string $lastName The new last name.
* @param string $nickname The new nickname.
* @param string $minecraft_nickname The new Minecraft nickname.
* @return array Status of the profile update ('Success' or 'Fail').
*@global mysqli $mysqli Global database connection object.
*/
function updateUserProfile(string $firstName, string $lastName, string $nickname, string $minecraft_nickname): array
{
global $mysqli;
$status = ["Status" => "Fail"];
@ -230,8 +329,14 @@ function updateUserProfile($firstName, $lastName, $nickname, $minecraft_nickname
return $status;
}
// Function to update user email
function updateUserEmail($email): array
/**
* Updates the email address of the logged-in user after validation.
*
* @param string $email The new email address to update.
* @return array Status of the email update ('Success' or 'Fail').
*@global mysqli $mysqli Global database connection object.
*/
function updateUserEmail(string $email): array
{
global $mysqli;
$status = ["Status" => "Fail"];
@ -274,7 +379,11 @@ function updateUserEmail($email): array
return $status;
}
/**
* Retrieves and updates the current session with user information from the database.
*
* @return array Contains user information and status if the user is logged in.
*/
function getUserInfo(): array
{
$output = ["Status" => "Fail"];
@ -310,8 +419,14 @@ function getUserInfo(): array
return $output;
}
function addActivationCodes($count): array
/**
* Generates a specified number of activation codes for user registration and adds them to the database.
*
* @param int $count Number of activation codes to generate.
* @return array An array containing the generated codes and status ('Success' or 'Fail').
*@global mysqli $mysqli Global database connection object.
*/
function addActivationCodes(int $count): array
{
global $mysqli;
$activationCodes = [];
@ -342,7 +457,12 @@ function addActivationCodes($count): array
return $output;
}
/**
* Lists all registered users, available only to user admins.
*
* @global mysqli $mysqli Global database connection object.
* @return array An array containing user data and status.
*/
function listUsers(): array
{
global $mysqli;
@ -364,7 +484,12 @@ function listUsers(): array
return $output;
}
/**
* Lists activation codes available for assigning to new users, available only for user admins.
*
* @global mysqli $mysqli Global database connection object.
* @return array An array containing activation codes and status.
*/
function listActivationCodes(): array
{
global $mysqli;
@ -409,8 +534,14 @@ function listActivationCodes(): array
return $output;
}
function deleteUser($userID): array
/**
* Deletes a user by their ID, available only to user admins.
*
* @param int $userID The ID of the user to delete.
* @return array Status of the delete operation ('Success' or 'Fail').
*@global mysqli $mysqli Global database connection object.
*/
function deleteUser(int $userID): array
{
global $mysqli;
$status = ["Status" => "Fail"];
@ -425,8 +556,14 @@ function deleteUser($userID): array
}
return $status;
}
function deleteActivationCode($activationCode): array
/**
* Deletes an activation code, available only to user admins.
*
* @param string $activationCode The activation code to delete.
* @return array Status of the delete operation ('Success' or 'Fail').
*@global mysqli $mysqli Global database connection object.
*/
function deleteActivationCode(string $activationCode): array
{
global $mysqli;
$status = ["Status" => "Fail"];

@ -1,4 +1,28 @@
<?php
/**
* Loads and returns the configuration settings for the router.
*
* This configuration includes various paths, default settings, security levels, SEO settings,
* and other parameters essential for the operation of the router and the website's page management.
* The configuration array is structured to provide easy access to paths, protocols, permissions,
* and other critical settings that define how the router handles requests and serves content.
*
* @return array Returns an associative array containing all router configuration settings, such as:
* - 'inlining': Boolean value determining if CSS/JS should be inlined.
* - 'domain': The primary domain name of the website.
* - 'tld': Top-level domain for the website.
* - 'default_page': Default page to load if no specific page is requested.
* - 'default_site': Default site to load if no specific site is requested.
* - 'template_dir': Directory path where templates are stored.
* - 'endpoint_dir': Directory path for endpoint scripts.
* - 'page_dir': Directory path where site pages are stored.
* - 'protocol': Protocol to be used (e.g., 'https://').
* - 'site_prefix': Prefix for the site title.
* - 'permissions': Associative array of user permissions by role.
* - 'page': Default settings for pages including secret status and permissions.
* - 'newsarticle': Default permissions for news articles.
* - 'seo': Search engine optimization settings like author, description, and keywords.
*/
function loadRouterConfig(): array
{

@ -1,5 +1,11 @@
<?php
/**
* Generates dynamic CSS styling based on user preferences stored in the session.
* Specifically, it creates a CSS rule for the user's favorite color if it's specified in their session data.
*
* @return string Returns a string containing a `<style>` tag with custom CSS if a favorite color is set
* and the user is logged in. Returns an empty string if no conditions are met.
*/
function doDynamicStyling() :string
{
$dynamic_style = "";

@ -1,6 +1,16 @@
<?php
function runEndpoint($endpoint_file): ?array
/**
* Executes an endpoint script and returns the results.
*
* This function includes an endpoint PHP file that defines a function named `endpoint` which
* is expected to accept an array parameter and return an array result.
* It simply scopes an external file into a function to prevent variable conflicts.
*
* @param string $endpoint_file The path to the endpoint PHP file.
* @return array|null Returns the result of the endpoint function if successful, or null if the
* endpoint function or file does not behave as expected.
*/
function runEndpoint(string $endpoint_file): ?array
{
$endpoint_data = $_POST;
@ -9,8 +19,20 @@ function runEndpoint($endpoint_file): ?array
return endpoint($endpoint_data);
}
function getEndpoint($endpoint_name): string
/**
* Retrieves and processes the output of a specified endpoint.
*
* This function determines the appropriate endpoint PHP file based on the provided endpoint name,
* executes the endpoint, and returns its results as a JSON-encoded string. It handles and
* translates different return types into a JSON format and manages HTTP response codes based on
* success or failure of the endpoint execution.
*
* @param string $endpoint_name The name of the endpoint, which is used to construct the file path to the endpoint script.
* @return string A JSON-encoded string representing the result of the endpoint, including a status indicator and any relevant data or error messages.
*@global array $routerRequest Current request data that might influence the endpoint processing.
* @global array $routerConfig Global configuration that contains paths and settings.
*/
function getEndpoint(string $endpoint_name): string
{
$output = array();
$output["Status"] = "Fail";

@ -1,6 +1,13 @@
<?php
function inlineLocalStylesFromHref($inputString): string
/**
* Processes an HTML string to inline all linked stylesheets by replacing <link> tags
* with corresponding <style> tags containing the CSS content.
* Might be broken, currently disabled in the config
*
* @param string $inputString The HTML content containing <link> tags to stylesheets.
* @return string The modified HTML content with stylesheets inlined within <style> tags.
*/
function inlineLocalStylesFromHref(string $inputString): string
{
$pattern = '/<link[^>]*?\srel=["\']?stylesheet["\'].*?\shref=["\']?\/(.*?)["\'][^>]*?>/i';
@ -30,8 +37,15 @@ function inlineLocalStylesFromHref($inputString): string
return "<style>$cssContent</style>";
}, $inputString);
}
function inlineScriptFromSrc($inputString): string
/**
* Processes an HTML string to inline all external JavaScript files by replacing <script src="..."> tags
* with <script> tags containing the JavaScript content.
* Might be broken, currently disabled in the config
*
* @param string $inputString The HTML content containing <script src=""> tags.
* @return string The modified HTML content with external scripts inlined within <script> tags.
*/
function inlineScriptFromSrc(string $inputString): string
{
$pattern = '/<script.*?src=["\']\/(.*?)["\'].*?>\s*<\/script>/i';
@ -44,8 +58,14 @@ function inlineScriptFromSrc($inputString): string
return "<script>$jsContent</script>";
}, $inputString);
}
function minifyCss($css): string
/**
* Minifies CSS content by removing comments, unnecessary whitespaces, semicolons, and optimizing other aspects of the stylesheet.
* Might be broken, currently disabled in the config
*
* @param string $css The original CSS content.
* @return string The minified CSS content.
*/
function minifyCss(string $css): string
{
// Remove comments
$css = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!', '', $css);
@ -64,8 +84,14 @@ function minifyCss($css): string
return trim($css);
}
function minifyJs($js): string
/**
* Minifies JavaScript content by removing comments, unnecessary whitespaces, and optimizing spaces around operators.
* Might be broken, currently disabled in the config
*
* @param string $js The original JavaScript content.
* @return string The minified JavaScript content.
*/
function minifyJs(string $js): string
{
// Remove newlines and tabs

@ -2,7 +2,15 @@
require_once "lib/upload.php";
require_once "lib/account.php";
/**
* Adds a meme to the database with associated image and text content.
*
* @param string $title The title of the meme.
* @param string $memeText The text content of the meme.
* @param int $imageID The ID of the image associated with the meme.
* @global mysqli $mysqli The database connection object.
* @return array Returns an associative array with the operation status and a message.
*/
function addMeme(string $title, string $memeText, int $imageID): array
{
global $mysqli;
@ -17,7 +25,21 @@ function addMeme(string $title, string $memeText, int $imageID): array
}
return $output;
}
/**
* Renders a meme into HTML based on provided data and a template.
*
* @param int $id The ID of the meme.
* @param int $authorId The author's user ID.
* @param string $title The title of the meme.
* @param string $textContent The text content of the meme.
* @param string $createdAt The creation timestamp of the meme.
* @param string $filePath The file path of the associated image.
* @param int $imageWidth The width of the image.
* @param int $imageHeight The height of the image.
* @param string $userNickname The nickname of the meme's author.
* @param string $meme_template The HTML template for a meme. (used to not read the template over and over when rendering more memes)
* @return string Returns the rendered HTML of the meme.
*/
function renderMeme(int $id, int $authorId, string $title, string $textContent, string $createdAt, string $filePath, int $imageWidth, int $imageHeight, string $userNickname, string $meme_template): string
{
@ -64,7 +86,14 @@ function renderMeme(int $id, int $authorId, string $title, string $textContent,
return str_replace('__TEMPLATE_MEME_TEXT__', htmlspecialchars($textContent), $meme_out);
}
/**
* Generates an HTML representation of a gallery of memes from the database.
* Renders the memes using renderMeme.
*
* @global mysqli $mysqli The database connection object.
* @global array $routerConfig Configuration settings including paths to templates.
* @return string Returns the complete HTML content of the meme gallery.
*/
function renderMemeGallery(): string
{
global $mysqli;
@ -105,7 +134,13 @@ function renderMemeGallery(): string
$stmtlist->close();
return $meme_gallery_out;
}
/**
* Deletes a meme from the database if the current user has the right permissions.
*
* @param int $memeID The ID of the meme to delete.
* @global mysqli $mysqli The database connection object.
* @return array Returns an associative array with the status of the operation.
*/
function deleteMeme(int $memeID): array
{
global $mysqli;
@ -126,7 +161,14 @@ function deleteMeme(int $memeID): array
}
return $out;
}
/**
* Records or updates a vote on a meme by the current user.
*
* @param int $memeID The ID of the meme to be voted on.
* @param int $isUpvote Indicates whether the vote is an upvote (1) or downvote (0).
* @global mysqli $mysqli The database connection object.
* @return array Returns an associative array with the status of the vote operation.
*/
function voteMeme(int $memeID, int $isUpvote): array
{
global $mysqli;
@ -143,7 +185,13 @@ function voteMeme(int $memeID, int $isUpvote): array
$memeVoteConn->close();
return $out;
}
/**
* Deletes a vote previously made by the current user on a meme.
*
* @param int $memeID The ID of the meme whose vote is to be deleted.
* @global mysqli $mysqli The database connection object.
* @return array Returns an associative array with the status of the deletion.
*/
function deleteVoteMeme(int $memeID): array
{
global $mysqli;
@ -157,7 +205,14 @@ function deleteVoteMeme(int $memeID): array
$memeVoteConn->close();
return $out;
}
/**
* Calculates the net votes for a meme and determines if the current user has voted on it.
* The array has both the net votes and the user vote(0 when the user hasn't voted)
*
* @param int $memeID The ID of the meme for which votes are being calculated.
* @global mysqli $mysqli The database connection object.
* @return array Returns an array with net votes and the user's vote status.
*/
function calculateNetVotes(int $memeID): array
{
global $mysqli;
@ -193,7 +248,13 @@ function calculateNetVotes(int $memeID): array
];
}
/**
* Fetches the net votes and user's vote status for a specific meme.
* Essentially just a wrapper of getMemeVotes for an API call
*
* @param int $memeID The ID of the meme to fetch votes for.
* @return array Returns an array with the net votes and the user's vote status, along with operation status.
*/
function getMemeVotes(int $memeID): array
{
$voteData = calculateNetVotes($memeID);

@ -1,11 +1,24 @@
<?php
function getDynamicMetadata($file): array{
/**
* Includes a PHP file that returns metadata associated with a dynamic page.
* It simply scopes an external file into a function to prevent variable conflicts.
*
* @param string $file The file path to the PHP file that contains metadata.
* @return array Returns an associative array of metadata from the included PHP file.
*/
function getDynamicMetadata(string $file): array{
return include($file);
}
function getDynamicPermission($metadata): int {
/**
* Extracts and validates the minimal permission level required to access certain content,
* defaulting to system configuration if not properly set or in case of an error.
*
* @param array $metadata Metadata array that should include a 'parameters' key with 'minimal_permission_level'.
* @return int Returns the minimal permission level required to access a page.
*@global array $routerConfig Global router configuration settings.
*/
function getDynamicPermission(array $metadata): int {
global $routerConfig;
$params = $metadata["parameters"];
try {
@ -21,7 +34,14 @@ function getDynamicPermission($metadata): int {
return $permission_level;
}
}
/**
* Generates HTML navigation links for all sites and pages configured in the router,
* adjusting active states based on current request and filtering links by user permissions.
*
* @global array $routerConfig Global configuration that includes directory paths and default settings.
* @global array $routerRequest Current request details including site and page name.
* @return string Returns the HTML string of the navigation menu.
*/
function generateNavigation(): string
{
global $routerConfig;
@ -107,7 +127,12 @@ function generateNavigation(): string
return str_replace("__NAV_PAGES__", $nav_out, $nav);
}
/**
* Provides a simple API endpoint-like response for fetching generated navigation HTML.
* Wraps generateNavigation for an API.
*
* @return array Returns an associative array with the navigation HTML and a status indicating success.
*/
function getNavigationEndpoint() :array{
return [
"Status" => "Success",

@ -1,4 +1,15 @@
<?php
require_once "lib/account.php";
/**
* Retrieves news articles based on the current user's privilege level.
* The function queries the NewsArticles and Users tables to fetch articles
* that the user has the privilege to view. Articles are joined with user
* information to include the author's nickname.
*
* @global mysqli $mysqli The mysqli database connection object.
* @return array Returns an associative array with a status key indicating the success or failure,
* and an 'Articles' key containing an array of articles if successful.
*/
function getNewsArticles() :array
{
global $mysqli;
@ -39,7 +50,18 @@ function getNewsArticles() :array
return $output;
}
function addNewsArticle($title="Nazov", $body="Obsah", $privilegeLevel=0) :array
/**
* Adds a new news article to the database if the user is logged in and has the appropriate
* privilege level. The function sanitizes the title and body of the article to prevent XSS attacks.
*
* @global mysqli $mysqli The mysqli database connection object.
* @global array $routerConfig Configuration array that includes default permission settings.
* @param string $title The title of the news article. Default value is "Nazov".
* @param string $body The body of the news article. Default value is "Obsah".
* @param int $privilegeLevel The privilege level required to view the article. If set to 0, uses default from configuration.
* @return array Returns an associative array with a status key that indicates the success or failure of the operation.
*/
function addNewsArticle(string $title="Nazov", string $body="Obsah", int $privilegeLevel=0) :array
{
global $mysqli;
global $routerConfig;
@ -62,3 +84,47 @@ function addNewsArticle($title="Nazov", $body="Obsah", $privilegeLevel=0) :array
}
return $output;
}
/**
* Adds a comment to a news article.
*
* @param int $userId User who is commenting.
* @param int $newsArticleId ID of the news article.
* @param string $commentText The content of the comment.
* @param int|null $parentId ID of the parent comment if it's a reply.
* @return array Status array indicating success or failure.
* @global mysqli $mysqli The mysqli database connection object.
*/
function addNewsComment(int $userId, int $newsArticleId, string $commentText, ?int $parentId = null): array {
global $mysqli;
$output = ["Status" => "Fail"]; // Default Status is "Fail"
if (!isLoggedIn()) {
$output['Error'] = "User must be logged in.";
return $output;
}
// Prepare the SQL statement to prevent SQL injection
$stmt = $mysqli->prepare("INSERT INTO NewsComments (ParentID, UserID, NewsArticleID, CommentText) VALUES (?, ?, ?, ?);");
// Bind parameters. 'i' denotes an integer and 's' denotes a string.
$stmt->bind_param("iiis", $parentId, $userId, $newsArticleId, $commentText);
// Execute the query
if ($stmt->execute()) {
// Check if any rows were affected
if ($stmt->affected_rows > 0) {
$output["Status"] = "Success";
} else {
$output["Error"] = "No rows affected.";
}
} else {
$output["Error"] = $stmt->error;
}
// Close statement
$stmt->close();
return $output;
}

@ -1,16 +1,37 @@
<?php
require_once "lib/dynamic_style.php";
require_once "lib/script_data.php";
function renderDynamicPage($page_file): array
/**
* Loads and returns the result of a PHP file.
* This function is typically used to process dynamic content of a page.
* It simply scopes an external file into a function to prevent variable conflicts.
*
* @param string $page_file The file path to the dynamic page.
* @return array Returns the array of data generated by including the PHP file.
*/
function renderDynamicPage(string $page_file): array
{
return require $page_file;
}
function removeHtmlComments($content = '') :string {
/**
* Removes all HTML comments from the provided content string.
*
* @param string $content The HTML content from which to remove comments.
* @return string The content without any HTML comments.
*/
function removeHtmlComments(string $content = '') :string {
return preg_replace('/<!--(.|\s)*?-->/', '', $content);
}
function parsePageTag($input): array
/**
* Parses custom `<page>` tags from the given input string and extracts parameters.
* Returns the input string with `<page>` tags removed and a list of parameters.
*
* @param string $input The input HTML or text containing `<page>` tags.
* @return array Returns an associative array with 'parameters' (parsed from the tag)
* and 'output' (the modified input string with `<page>` tags removed).
*/
function parsePageTag(string $input): array
{
// Define the pattern for the tag
$pattern = '/<page\s+([^>]+)><\/page>/i';
@ -34,8 +55,15 @@ function parsePageTag($input): array
// If no match is found, return the original input
return ['parameters' => [], 'output' => $input];
}
function renderPage($page_name = null, $site_name = null): array
/**
* Renders a page based on specified page and site names, handling dynamic and static content,
* permissions, and error pages.
*
* @param string|null $page_name The name of the page to render. If null, uses default from request.
* @param string|null $site_name The name of the site to render. If null, uses default from request.
* @return array Returns an associative array containing the rendered page content, page name, site name, and page title.
*/
function renderPage(string $page_name = null, string $site_name = null): array
{
global $routerConfig;
global $routerRequest;
@ -138,8 +166,16 @@ function renderPage($page_name = null, $site_name = null): array
];
}
function getPage($site_name_in = null, $page_name_in = null): string
/**
* Compiles a complete web page by injecting dynamic elements into a template skeleton,
* including headers, footers, and SEO tags.
* It is used when not going to a page by AJAX to initialize everything.
*
* @param string|null $site_name_in The site name to be used; defaults from global configuration if null.
* @param string|null $page_name_in The page name to be used; defaults from global configuration if null.
* @return string The complete HTML content of the web page ready for display.
*/
function getPage(string $site_name_in = null, string $page_name_in = null): string
{
$page_tmp = renderPage($page_name_in, $site_name_in);
@ -223,8 +259,15 @@ function getPage($site_name_in = null, $page_name_in = null): string
}
return str_replace("__TEMPLATE_PAGE_TITLE__", $page_title, $out);
}
function getPageEndpoint($page_name, $site_name) :array
/**
* Provides an API interface to get page details including content and meta-information for routing purposes.
* This is what enables the page to never refresh.
*
* @param string $page_name The name of the page.
* @param string $site_name The name of the site.
* @return array Returns an array with status, page content, location URL, and title for the requested page.
*/
function getPageEndpoint(string $page_name, string $site_name) :array
{
$page_location = "/" . $site_name . "/" . $page_name;
$page_tmp = renderPage($page_name, $site_name);

@ -1,6 +1,14 @@
<?php
/**
* Initializes the routing system for a web application. This function processes the incoming
* URL and determines the site name and page name based on the configuration and the URL structure.
* It handles default configurations and supports different types of requests like API or page requests.
*
* @global array $routerConfig The global configuration array that includes default site and page settings.
* @return array Returns an associative array containing the routing information, including the site name,
* page name, request type, and parsed request address from the HTTP host.
*/
function initRouter(): array
{
global $routerConfig;

@ -1,5 +1,15 @@
<?php
function generateScriptData($phpArray):string {
/**
* Generates a JavaScript script tag containing commands to store PHP array key-value pairs in local storage.
* This function is designed to translate PHP associative array data into JavaScript local storage items.
* It ensures that the array is associative and single-level before proceeding with the JavaScript code generation.
* This is used when dumping session data into local storage for use by the client script.
*
* @param array $phpArray The associative array whose data will be converted into JavaScript local storage setItem calls.
* @return string Returns a script tag with JavaScript code. If the input is not a valid single-level associative array,
* it returns a script with an error logged to the console.
*/
function generateScriptData(array $phpArray):string {
// Check if the array is associative and single-level
if (is_array($phpArray) && count($phpArray) > 0 && count(array_filter(array_keys($phpArray), 'is_string')) === count($phpArray)) {
// Generate JavaScript code to save each array element to local storage

@ -1,8 +1,16 @@
<?php
require_once "lib/account.php";
function generateSitemap(): void{
/**
* Generates an XML sitemap as a string for a website, considering only pages that the current session
* has sufficient privileges to access. It scans directories specified in the router configuration
* for .html and .php files, and constructs a sitemap entry for each accessible page based on their
* required permission levels. This function returns the sitemap as a string and
* sets the appropriate header for XML content.
*
* @global array $routerConfig The global configuration array containing directory paths and default settings.
* @return string The XML sitemap content, properly formatted in accordance with the sitemap protocol.
*/
function generateSitemap(): string{
global $routerConfig;
$site_dirs = array_diff(scandir($routerConfig["page_dir"]), array('.', '..'));
@ -54,5 +62,5 @@ function generateSitemap(): void{
$sitemap .= '</urlset>' . PHP_EOL;
header('Content-type: application/xml');
echo $sitemap;
return $sitemap;
}

@ -1,6 +1,12 @@
<?php
function makePathSafe($userInput): string
/**
* Sanitizes user input to be used as a part of a file path to prevent security vulnerabilities such as directory traversal.
*
* @param string $userInput The input string to be sanitized.
* @return string Returns a safe string where only alphanumeric characters, underscores, and hyphens are retained.
* Special characters and potential path traversal payloads are removed or replaced.
*/
function makePathSafe(string $userInput): string
{
// Keep only alphanumeric characters, underscores, and hyphens
$safeString = preg_replace('/[^\w\-]/', '', $userInput);
@ -17,7 +23,12 @@ function makePathSafe($userInput): string
// Limit length for safety
return substr($safeString, 0, 255);
}
/**
* Automatically rotates an image based on its EXIF data to adjust its orientation.
*
* @param Imagick $imagick An Imagick object representing the image to be rotated.
* @return void
*/
function autoRotateImage(Imagick $imagick): void {
// Get the current orientation of the image
try {
@ -42,7 +53,11 @@ function autoRotateImage(Imagick $imagick): void {
}
}
/**
* Processes the global $_FILES array to normalize the structure and filter out any files with errors.
*
* @return array Returns an array of files that are ready for further processing, structured uniformly.
*/
function getIncomingFiles(): array
{
$files = $_FILES;
@ -67,7 +82,16 @@ function getIncomingFiles(): array
}
return $files3;
}
/**
* Saves file metadata in the database.
* This creates the only record of the file existing.
*
* @param string $filePath The path where the file is stored.
* @param string $fileType The MIME type of the file.
* @param int $width The width of the image file.
* @param int $height The height of the image file.
* @return bool Returns true if the file metadata was successfully saved to the database, false otherwise.
*/
function saveUploadedFileInDatabase(string $filePath, string $fileType, int $width, int $height): bool
{
global $mysqli;
@ -78,8 +102,14 @@ function saveUploadedFileInDatabase(string $filePath, string $fileType, int $wid
$stmt->close();
return $stat;
}
function doImageUpload($inFile, $outFile): bool
/**
* Handles the uploading process of an image, including its conversion to webp format, rotation based on orientation, and saving.
*
* @param string $inFile The temporary file path of the uploaded file.
* @param string $outFile The target file path where the processed image should be saved.
* @return bool Returns true if the file was successfully processed and saved, false otherwise.
*/
function doImageUpload(string $inFile, string $outFile): bool
{
// Create Imagick object
$width = 0;
@ -96,15 +126,22 @@ function doImageUpload($inFile, $outFile): bool
} catch (ImagickException) {
}
// Check if the reencoding was successful
// Check if the reencoding was successful, if yes, save into the database.
if (file_exists($outFile)) {
return saveUploadedFileInDatabase($outFile, 'image/webp', $width, $height);
} else {
return false;
}
}
/**
* Retrieves a list of files from the database, optionally filtered to include only files uploaded by the current user.
* Access to an unfiltered list (files of all users) is only available to moderators.
*
* @param bool $onlyMine Whether to retrieve only files uploaded by the logged-in user. If false, files from all users are returned if the user is a moderator.
* @return array Returns an array containing file data along with a status message.
*/
function listFiles($onlyMine = true): array
function listFiles(bool $onlyMine = true): array
{
$output = ["Status" => "Success"];
require_once "lib/account.php";
@ -156,6 +193,12 @@ function listFiles($onlyMine = true): array
return $output;
}
/**
* Processes incoming files from the $_FILES global (after processed by getIncomingFiles), performs checks, and attempts to upload a file based on its type.
* Currently only supports valid image files.
*
* @return array Returns an array indicating the success or failure ('Status' key) of the file processing operations.
*/
function parseIncomingFiles(): array
{
@ -183,8 +226,15 @@ function parseIncomingFiles(): array
}
return $output;
}
/**
* Generates a file path for uploading based on the type of the file, the ID of the uploader and the date and time of uploading.
*
* @param string $type The type of the file, typically used to categorize the file.
* @param string $filename The base name of the file, used in generating the final path.
* @return string Returns the full path for storing the file or an empty string if the type is not recognized.
*/
function getUploadPath($type = "unknown", $filename = "hehe"): string
function getUploadPath(string $type = "unknown", string $filename = "hehe"): string
{
$type = makePathSafe($type);
$id = makePathSafe($_SESSION["ID"]);
@ -202,6 +252,15 @@ function getUploadPath($type = "unknown", $filename = "hehe"): string
return "";
}
}
/**
* Checks if a file with a given ID exists in the database and does permission checks.
* Access is granted to only the user's files, in order to access all files the onlyMine parameter
* must be false and the user must be a moderator.
*
* @param int $fileId The ID of the file to check.
* @param bool $onlyMine Whether to limit the search to files uploaded by the logged-in user.
* @return bool|string Returns the path of the file if it exists and meets the criteria, false otherwise.
*/
function fileExists(int $fileId, bool $onlyMine = true): bool|string
{
@ -230,7 +289,14 @@ function fileExists(int $fileId, bool $onlyMine = true): bool|string
return false;
}
}
/**
* Adds a file to a specified group, if the user created the group or creates a new group if
* a group with a specified ID does not exist yet
*
* @param int $groupId The ID of the group to which the file should be added.
* @param int $fileId The ID of the file to add to the group.
* @return array Returns an associative array with a 'Status' key indicating success or failure.
*/
function addToGroup(int $groupId, int $fileId): array
{
$output = ["Status" => "Fail"];
@ -253,16 +319,22 @@ function addToGroup(int $groupId, int $fileId): array
}
return $output;
}
/**
* Deletes a file entry from the database and the file system, a user can only delete his own files,
* except when he is a moderator, in that case he can delete all files.
*
* @param int $fileID The ID of the file to be deleted.
* @return array Returns an array with a 'Status' key indicating the success or failure of the deletion operation.
*/
function deleteFile(int $fileID): array
{
global $mysqli;
$out = ["Status" => "Fail"];
if (isLoggedIn()) {
$file_location = fileExists($fileID, !isAdmin());
$query = !isAdmin() ? 'DELETE FROM Files WHERE ID = ? AND UploadedBy = ?' : 'DELETE FROM Files WHERE ID = ?';
$file_location = fileExists($fileID, !isModerator());
$query = !isModerator() ? 'DELETE FROM Files WHERE ID = ? AND UploadedBy = ?' : 'DELETE FROM Files WHERE ID = ?';
$stmtDelete = $mysqli->prepare($query);
if (!isAdmin()) {
if (!isModerator()) {
$stmtDelete->bind_param('ii', $fileID, $_SESSION['ID']);
} else {
$stmtDelete->bind_param('i', $fileID);