forked from Adleraci/adlerka.top
		
	Add some more account actions,
Add return types,
This commit is contained in:
		| @@ -1,6 +1,6 @@ | |||||||
| function login() { | function login() { | ||||||
|     var email = document.getElementById("email").value; |     const email = document.getElementById("email").value; | ||||||
|     var password = document.getElementById("password").value; |     const password = document.getElementById("password").value; | ||||||
|  |  | ||||||
|     // Assuming you use fetch API to send data to the server |     // Assuming you use fetch API to send data to the server | ||||||
|     fetch('https://home.adlerka.top/account', { |     fetch('https://home.adlerka.top/account', { | ||||||
|   | |||||||
							
								
								
									
										182
									
								
								lib/account.php
									
									
									
									
									
								
							
							
						
						
									
										182
									
								
								lib/account.php
									
									
									
									
									
								
							| @@ -1,14 +1,41 @@ | |||||||
| <?php | <?php | ||||||
|  |  | ||||||
| function isLoggedIn(){ | use Random\RandomException; | ||||||
|     return $_SESSION["ID"] > 0 && !empty($_SESSION["email"]); |  | ||||||
|  | function isLoggedIn(): bool | ||||||
|  | { | ||||||
|  |     global $routerConfig; | ||||||
|  |     return $_SESSION["ID"] > 0 && !empty($_SESSION["email"]) && $_SESSION["privilegelevel"] >= $routerConfig["logged_in_default_permission_level"]; | ||||||
| } | } | ||||||
|  |  | ||||||
| function doLogin($email, $password){ | function generateActivationToken(): string | ||||||
|  | { | ||||||
|  |     try { | ||||||
|  |         return bin2hex(random_bytes(16)); | ||||||
|  |     } catch (RandomException $e) { | ||||||
|  |         return "error_generating_code_because_of_$e"; | ||||||
|  |     } // Adjust the length of the token as needed | ||||||
|  | } | ||||||
|  | function verifyPassword($userID, $password): bool | ||||||
|  | { | ||||||
|     global $mysqli; |     global $mysqli; | ||||||
|  |     $stmt = $mysqli->prepare("SELECT PasswordHash FROM Users WHERE ID = ?"); | ||||||
|  |     $stmt->bind_param("i", $userID); | ||||||
|  |     $stmt->execute(); | ||||||
|  |     $pwdhash = ""; | ||||||
|  |     $stmt->bind_result($pwdhash); | ||||||
|  |     $stmt->fetch(); | ||||||
|  |     $stmt->close(); | ||||||
|  |  | ||||||
|  |     return !empty($pwdhash) && password_verify($password, $pwdhash); | ||||||
|  | } | ||||||
|  |  | ||||||
|  | function doLogin($email, $password): array | ||||||
|  | { | ||||||
|  |     global $mysqli, $routerConfig; | ||||||
|     $found = false; |     $found = false; | ||||||
|     if(!empty($email) && !empty($password)){ |     if(!empty($email) && !empty($password)){ | ||||||
|         $stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, isAdmin FROM Users WHERE EMAIL = ? AND isActive = 1"); |         $stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, privilegeLevel FROM Users WHERE EMAIL = ? AND isActive = 1"); | ||||||
|         $stmt->bind_param("s", $email); |         $stmt->bind_param("s", $email); | ||||||
|         $stmt->execute(); |         $stmt->execute(); | ||||||
|  |  | ||||||
| @@ -18,27 +45,29 @@ function doLogin($email, $password){ | |||||||
|         $nickname = ""; |         $nickname = ""; | ||||||
|         $pwdhash = ""; |         $pwdhash = ""; | ||||||
|         $mcnick = ""; |         $mcnick = ""; | ||||||
|         $stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, false); |         $privilegelevel = 0; | ||||||
|  |         $stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, $privilegelevel); | ||||||
|  |  | ||||||
|         if($stmt->num_rows() > 0){ |         if($stmt->num_rows() > 0){ | ||||||
|             $stmt->fetch(); |             $stmt->fetch(); | ||||||
|             if (password_verify($password, $pwdhash)){ |             if (password_verify($password, $pwdhash) && $privilegelevel >= $routerConfig["logged_in_default_permission_level"]){ | ||||||
|                 $_SESSION["ID"] = $idcko; |  | ||||||
|                 $_SESSION["first_name"] = $fname; |  | ||||||
|                 $_SESSION["last_name"] = $lname; |  | ||||||
|                 $_SESSION["nickname"] = $nickname; |  | ||||||
|                 $_SESSION["email"] = $email; |  | ||||||
|                 $_SESSION["mcnick"] = $mcnick; |  | ||||||
|                 $_SESSION["isadmin"] = false; |  | ||||||
|                 $found = true; |                 $found = true; | ||||||
|             } |             } | ||||||
|         } |         } | ||||||
|  |         $_SESSION["ID"] = $idcko; | ||||||
|  |         $_SESSION["first_name"] = $fname; | ||||||
|  |         $_SESSION["last_name"] = $lname; | ||||||
|  |         $_SESSION["nickname"] = $nickname; | ||||||
|  |         $_SESSION["email"] = $email; | ||||||
|  |         $_SESSION["mcnick"] = $mcnick; | ||||||
|  |         $_SESSION["privilegelevel"] = $privilegelevel; | ||||||
|         $stmt->close(); |         $stmt->close(); | ||||||
|     } |     } | ||||||
|     return $found ? ["status" => "success"] : ["status" => "fail"]; |     return $found ? ["status" => "success"] : ["status" => "fail"]; | ||||||
| } | } | ||||||
|  |  | ||||||
| function doLogout(){ | function doLogout(): array | ||||||
|  | { | ||||||
|     if(isLoggedIn()){ |     if(isLoggedIn()){ | ||||||
|         session_destroy(); |         session_destroy(); | ||||||
|         return ["status" => "success"]; |         return ["status" => "success"]; | ||||||
| @@ -47,7 +76,8 @@ function doLogout(){ | |||||||
|     } |     } | ||||||
| } | } | ||||||
|  |  | ||||||
| function doRegister($firstname, $lastname, $nickname, $email, $password, $minecraftnick, $activationtoken){ | function doRegister($firstname, $lastname, $nickname, $email, $password, $minecraftnick, $activationtoken): array | ||||||
|  | { | ||||||
|     global $mysqli; |     global $mysqli; | ||||||
|     $status = ["status" => "fail"]; |     $status = ["status" => "fail"]; | ||||||
|     if (!empty($activationtoken)){ |     if (!empty($activationtoken)){ | ||||||
| @@ -63,3 +93,125 @@ function doRegister($firstname, $lastname, $nickname, $email, $password, $minecr | |||||||
|     return $status; |     return $status; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | function changePassword($userID, $newPassword): array | ||||||
|  | { | ||||||
|  |     global $mysqli, $routerConfig; | ||||||
|  |     $status = ["status" => "fail"]; | ||||||
|  |     if(!empty($userID) && !empty($newPassword) && verifyPassword($userID, $newPassword) && $_SESSION["privilegelevel"] >= $routerConfig["logged_in_default_permission_level"]){ | ||||||
|  |         $passwordHash = password_hash($newPassword, PASSWORD_DEFAULT); | ||||||
|  |         $stmt = $mysqli->prepare("UPDATE Users SET PasswordHash = ? WHERE ID = ?"); | ||||||
|  |         $stmt->bind_param("si", $passwordHash, $userID); | ||||||
|  |         $stmt->execute(); | ||||||
|  |         if ($stmt->affected_rows > 0) { | ||||||
|  |             $status["status"] = "success"; | ||||||
|  |         } | ||||||
|  |         $stmt->close(); | ||||||
|  |     } | ||||||
|  |     return $status; | ||||||
|  | } | ||||||
|  |  | ||||||
|  |  | ||||||
|  | function updateUserProfile($userID, $firstName, $lastName, $nickname, $minecraftNick): array | ||||||
|  | { | ||||||
|  |     global $mysqli; | ||||||
|  |     $status = ["status" => "fail"]; | ||||||
|  |     if (!empty($userID)) { | ||||||
|  |         $stmt = $mysqli->prepare("UPDATE Users SET FirstName = ?, LastName = ?, Nickname = ?, MinecraftNick = ? WHERE ID = ?"); | ||||||
|  |         $stmt->bind_param("ssssi", $firstName, $lastName, $nickname, $minecraftNick, $userID); | ||||||
|  |         $stmt->execute(); | ||||||
|  |         if ($stmt->affected_rows > 0) { | ||||||
|  |             $status["status"] = "success"; | ||||||
|  |         } | ||||||
|  |         $stmt->close(); | ||||||
|  |     } | ||||||
|  |     return $status; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | function getUserInfo($userID): array | ||||||
|  | { | ||||||
|  |     global $mysqli; | ||||||
|  |     $userInfo = []; | ||||||
|  |     if (!empty($userID)) { | ||||||
|  |         $stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, Email, MinecraftNick, privilegeLevel FROM Users WHERE ID = ?"); | ||||||
|  |         $stmt->bind_param("i", $userID); | ||||||
|  |         $stmt->execute(); | ||||||
|  |         $id = 0; | ||||||
|  |         $firstName = ""; | ||||||
|  |         $lastName = ""; | ||||||
|  |         $nickname = ""; | ||||||
|  |         $email = ""; | ||||||
|  |         $minecraftNick = ""; | ||||||
|  |         $privilegeLevel = 0; | ||||||
|  |  | ||||||
|  |         $stmt->bind_result($id, $firstName, $lastName, $nickname, $email, $minecraftNick, $privilegeLevel); | ||||||
|  |         $stmt->fetch(); | ||||||
|  |         $stmt->close(); | ||||||
|  |  | ||||||
|  |         $userInfo = [ | ||||||
|  |             "ID" => $id, | ||||||
|  |             "FirstName" => $firstName, | ||||||
|  |             "LastName" => $lastName, | ||||||
|  |             "Nickname" => $nickname, | ||||||
|  |             "Email" => $email, | ||||||
|  |             "MinecraftNick" => $minecraftNick, | ||||||
|  |             "PrivilegeLevel" => $privilegeLevel | ||||||
|  |         ]; | ||||||
|  |     } | ||||||
|  |     return $userInfo; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | function isEmailAvailable($email): bool | ||||||
|  | { | ||||||
|  |     global $mysqli; | ||||||
|  |     $stmt = $mysqli->prepare("SELECT COUNT(*) FROM Users WHERE Email = ?"); | ||||||
|  |     $stmt->bind_param("s", $email); | ||||||
|  |     $stmt->execute(); | ||||||
|  |     $count = -1; | ||||||
|  |     $stmt->bind_result($count); | ||||||
|  |     $stmt->fetch(); | ||||||
|  |     $stmt->close(); | ||||||
|  |  | ||||||
|  |     return $count === 0; | ||||||
|  | } | ||||||
|  |  | ||||||
|  |  | ||||||
|  | function addActivationCodes($adminID, $count): array | ||||||
|  | { | ||||||
|  |     global $mysqli; | ||||||
|  |     $activationCodes = []; | ||||||
|  |     if (!empty($adminID) && is_numeric($count) && $count > 0) { | ||||||
|  |         $stmt = $mysqli->prepare("INSERT INTO ActivationCodes (AdminID, Code) VALUES (?, ?)"); | ||||||
|  |         for ($i = 0; $i < $count; $i++) { | ||||||
|  |             $activationCode = generateActivationToken(); | ||||||
|  |             $stmt->bind_param("is", $adminID, $activationCode); | ||||||
|  |             $stmt->execute(); | ||||||
|  |             if ($stmt->affected_rows > 0) { | ||||||
|  |                 $activationCodes[] = $activationCode; | ||||||
|  |             } | ||||||
|  |         } | ||||||
|  |         $stmt->close(); | ||||||
|  |     } | ||||||
|  |     return $activationCodes; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | function listUsers(): array | ||||||
|  | { | ||||||
|  |     global $mysqli; | ||||||
|  |     $users = []; | ||||||
|  |     $result = $mysqli->query("SELECT ID, FirstName, LastName, Nickname, Email, MinecraftNick, privilegeLevel FROM Users"); | ||||||
|  |     while ($row = $result->fetch_assoc()) { | ||||||
|  |         $users[] = $row; | ||||||
|  |     } | ||||||
|  |     return $users; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | function listActivationCodes(): array | ||||||
|  | { | ||||||
|  |     global $mysqli; | ||||||
|  |     $activationCodes = []; | ||||||
|  |     $result = $mysqli->query("SELECT Code FROM ActivationCodes"); | ||||||
|  |     while ($row = $result->fetch_assoc()) { | ||||||
|  |         $activationCodes[] = $row['Code']; | ||||||
|  |     } | ||||||
|  |     return $activationCodes; | ||||||
|  | } | ||||||
|   | |||||||
| @@ -1,5 +1,6 @@ | |||||||
| <?php | <?php | ||||||
|     function loadRouterConfig(){ |     function loadRouterConfig(): void | ||||||
|  |     { | ||||||
|         global $routerConfig; |         global $routerConfig; | ||||||
|          |          | ||||||
|         $routerConfig["default_page"] = "domov"; |         $routerConfig["default_page"] = "domov"; | ||||||
| @@ -13,4 +14,16 @@ | |||||||
|         $routerConfig["page_dir"] = "pages/"; |         $routerConfig["page_dir"] = "pages/"; | ||||||
|  |  | ||||||
|         $routerConfig["protocol"] = "https://"; |         $routerConfig["protocol"] = "https://"; | ||||||
|  |  | ||||||
|  |         $routerConfig["logged_out_permission_level"] = 0; | ||||||
|  |  | ||||||
|  |         $routerConfig["logged_in_default_permission_level"] = 1; | ||||||
|  |  | ||||||
|  |         $routerConfig["verified_permission_level"] = 2; | ||||||
|  |  | ||||||
|  |         $routerConfig["trustworthy_permission_level"] = 3; | ||||||
|  |  | ||||||
|  |         $routerConfig["moderator_permission_level"] = 4; | ||||||
|  |  | ||||||
|  |         $routerConfig["adminpermissionlevel"] = 255; | ||||||
|     } |     } | ||||||
|   | |||||||
| @@ -1,6 +1,6 @@ | |||||||
| <?php | <?php | ||||||
|  |  | ||||||
| function runEndpoint($endpoint_file) | function runEndpoint($endpoint_file): ?array | ||||||
| { | { | ||||||
|  |  | ||||||
|     $endpoint_data = $_POST; |     $endpoint_data = $_POST; | ||||||
| @@ -10,7 +10,7 @@ function runEndpoint($endpoint_file) | |||||||
| } | } | ||||||
|  |  | ||||||
|  |  | ||||||
| function getEndpoint($endpoint_name) | function getEndpoint($endpoint_name): false|string | ||||||
| { | { | ||||||
|     $output = array(); |     $output = array(); | ||||||
|     $output["status"] = "fail"; |     $output["status"] = "fail"; | ||||||
|   | |||||||
| @@ -1,6 +1,6 @@ | |||||||
| <?php | <?php | ||||||
|  |  | ||||||
| function generateNavigation() | function generateNavigation(): string | ||||||
| { | { | ||||||
|     global $routerConfig; |     global $routerConfig; | ||||||
|     global $routerRequest; |     global $routerRequest; | ||||||
|   | |||||||
| @@ -1,11 +1,12 @@ | |||||||
| <?php | <?php | ||||||
| function renderDynamicPage($page_file) | function renderDynamicPage($page_file): false|string | ||||||
| { | { | ||||||
|     require_once $page_file; |     require_once $page_file; | ||||||
|     return render(); |     return render(); | ||||||
| } | } | ||||||
|  |  | ||||||
| function getPage($page_name = null){ | function getPage($page_name = null): array|false|string | ||||||
|  | { | ||||||
|     global $routerConfig; |     global $routerConfig; | ||||||
|     global $routerRequest; |     global $routerRequest; | ||||||
|  |  | ||||||
|   | |||||||
| @@ -1,7 +1,8 @@ | |||||||
| <?php | <?php | ||||||
|  |  | ||||||
|  |  | ||||||
| function initRouter(){ | function initRouter(): bool | ||||||
|  | { | ||||||
|     global $routerRequest; |     global $routerRequest; | ||||||
|     global $routerConfig; |     global $routerConfig; | ||||||
|  |  | ||||||
|   | |||||||
| @@ -2,7 +2,7 @@ | |||||||
|  |  | ||||||
| require_once "lib/router.php"; | require_once "lib/router.php"; | ||||||
|  |  | ||||||
| function render() | function render(): false|string | ||||||
| { | { | ||||||
|     global $routerConfig; |     global $routerConfig; | ||||||
|  |  | ||||||
|   | |||||||
| @@ -1,5 +1,6 @@ | |||||||
|  | <page minpermissionlevel="0" name="Domov"></page> | ||||||
| <header> | <header> | ||||||
|     <h1 class="title">Vitaj na tejto úžasnej stránke</h1> |     <h1 class="title">Vitaj na tejto úžasnej stránke</h1> | ||||||
|     <p>Oficiálna stránka pre adlerka.top</p> |     <p>Neoficiálna študentská stránka pre adlerku</p> | ||||||
|     <hr> |     <hr> | ||||||
| </header> | </header> | ||||||
		Reference in New Issue
	
	Block a user