Kurk/adlerka.top
1
0
Fork 0
forked from Adleraci/adlerka.top
Code Pull Requests Activity

stuff

Browse Source
This commit is contained in:
Bruno Rybársky 2024-01-16 19:24:40 +01:00
parent 00208e3d03
commit dbda11e974
6 changed files with 178 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
index.php
View File

@ -1,8 +1,7 @@
<?php
require "secrets/config.php";
require "templates/navpages.php";
session_start();
require "lib/navpages.php";
require "lib/routing.php";
$default_page = "domov";
@ -17,12 +16,8 @@ $dynamic_page_dir = "dynamic/";
$subdomain = basename(explode('.', $_SERVER['HTTP_HOST'])[0]);
$domain = basename(explode('.', $_SERVER['HTTP_HOST'])[1]);
$tld = basename(explode('.', $_SERVER['HTTP_HOST'])[2]);
$page_name = basename($_SERVER["QUERY_STRING"]);;
$srvname = $_SERVER["SERVER_NAME"];
$protocol = $_SERVER['PROTOCOL'] = isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && !empty($_SERVER['HTTP_X_FORWARDED_PROTO']) ? "https://" : "http://";
$page_name = basename($_SERVER["QUERY_STRING"]);
$protocol = getProtocol();
if (empty($tld)){
header("Location: $protocol$default_site.$subdomain.$domain/$default_page");
@ -34,31 +29,8 @@ if (empty($page_name)){
return;
}
$dynamic_page_file = $static_page_dir . $subdomain . "/" . $page_name . ".php";
$page_file = $static_page_dir . $subdomain . "/" . $page_name . ".html";
$dynamic_page_file_global = $static_page_dir . "global/" . $page_name . ".php";
$page_file_global = $static_page_dir . "global/" . $page_name . ".html";
$skeleton = file_get_contents($template_dir . "skeleton.html");
$nav = file_get_contents($template_dir . "nav.html");
if (file_exists($dynamic_page_file_global)){
$page = include_once $dynamic_page_file_global;
}
elseif (file_exists($page_file_global)){
$page = file_get_contents($page_file_global);
}
elseif (file_exists($dynamic_page_file)){
$page = include_once $dynamic_page_file;
}
elseif (file_exists($page_file)){
$page = file_get_contents($page_file);
}
else{
$page = file_get_contents($template_dir . "404.html");
}
session_set_cookie_params(0, '/', ".$domain.$tld", true, true);
session_start();
$navpages = generateNavigation($static_page_dir, $protocol, $subdomain, $domain, $tld, $default_page, $page_name);

93
lib/account.php Normal file
View File

@ -0,0 +1,93 @@
<?php
function isLoggedIn(){
return $_SESSION["ID"] > 0 && !empty($_SESSION["email"]);
}
function doLogin(){
global $mysqli;
if(!empty($_POST["email"]) && !empty($_POST["password"])){
$email = $_POST["email"];
$pass = $_POST["password"];
/* prepare statement */
$stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, isAdmin FROM Users WHERE EMAIL = ? AND isActive = 1");
$stmt->bind_param("s", $email);
$stmt->execute();
$idcko = 0;
$fname = "";
$lname = "";
$nickname = "";
$pwdhash = "";
$mcnick = "";
$isadmin = false;
/* bind variables to prepared statement */
$stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, $isadmin);
$found = false;
/* fetch values */
while ($stmt->fetch()) {
if (password_verify($pass, $pwdhash)){
$_SESSION["ID"] = $idcko;
$_SESSION["first_name"] = $fname;
$_SESSION["last_name"] = $lname;
$_SESSION["nickname"] = $nickname;
$_SESSION["email"] = $email;
$_SESSION["mcnick"] = $mcnick;
$_SESSION["isadmin"] = $isadmin;
$found = true;
break;
}
else{
$found = false;
}
break;
}
$stmt->close();
if($found){
$status = ["status" => "success"];
}
else{
$status = ["status" => "fail"];
}
echo json_encode($status);
}
}
function doLogout(){
if(isLoggedIn()){
session_destroy();
$status = ["status" => "success"];
}
else{
$status = ["status" => "fail"];
}
echo json_encode($status);
}
function doRegister(){
$status = ["status" => "fail"];
if (!empty($_POST["activationtoken"])){
global $mysqli;
$firstName = $_POST["firstname"];
$lastName = $_POST["lastname"];
$nickname = $_POST["nickname"];
$email = $_POST["email"];
$password = $_POST["password"];
$minecraftNick = $_POST["minecraftnick"];
$activationToken = $_POST["activationtoken"];
if (!empty($firstName) && !empty($lastName) && !empty($nickname) && !empty($email) && !empty($password) && !empty($activationToken)){
$passwordHash = password_hash($password, PASSWORD_DEFAULT);
$stmt = $mysqli->prepare("UPDATE Users SET FirstName = ?, LastName = ?, Nickname = ?, Email = ?, PasswordHash = ?, MinecraftNick = ?, isAdmin = 0, isActivated = 1 WHERE isActivated = 0 AND ActivationToken = ?");
$stmt->bind_param("ssssss", $firstName, $lastName, $nickname, $email, $passwordHash, $minecraftNick, $activationToken);
$stmt->execute();
if ($stmt->affected_rows > 0) {
$status["status"] = "success";
}
$stmt->close();
}
}
}
?>

0
templates/navpages.php → lib/navpages.php
View File

40
lib/routing.php Normal file
View File

@ -0,0 +1,40 @@
<?php
function getProtocol(){
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && !empty($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
return "https://";
} else {
return "http://";
}
}
function getPage($routerConfig){
$page_dir = $routerConfig['page_dir'];
$dynamic_page_file = $page_dir . $subdomain . "/" . $page_name . ".php";
$page_file = $page_dir . $subdomain . "/" . $page_name . ".html";
$dynamic_page_file_global = $page_dir . "global/" . $page_name . ".php";
$page_file_global = $page_dir . "global/" . $page_name . ".html";
$skeleton = file_get_contents($template_dir . "skeleton.html");
$nav = file_get_contents($template_dir . "nav.html");
if (file_exists($dynamic_page_file_global)){
$page = include_once $dynamic_page_file_global;
}
elseif (file_exists($page_file_global)){
$page = file_get_contents($page_file_global);
}
elseif (file_exists($dynamic_page_file)){
$page = include_once $dynamic_page_file;
}
elseif (file_exists($page_file)){
$page = file_get_contents($page_file);
}
else{
$page = file_get_contents($template_dir . "404.html");
}
}
?>

39
pages/global/account.php Normal file
View File

@ -0,0 +1,39 @@
<?php
$template_dir = "templates/";
$diddoAjax = true;
switch($_POST["action"]){
case "login":
doLogin();
break;
case "register":
doRegister();
break;
case "logout":
doLogout();
break;
default:
$diddoAjax = false;
break;
}
if($diddoAjax){
return; // dont use templates on ajax calls
}
ob_start();
if ($_SESSION["ID"] > 0){
$account_template = file_get_contents($template_dir . "account.html");
echo $account_template;
}
else{
$login_template = file_get_contents($template_dir . "login.html");
echo $login_template;
}
return ob_get_clean();
?>

56
pages/global/login.php
View File

@ -1,56 +0,0 @@
<?php
ob_start();
$template_dir = "templates/";
if($_SERVER["REQUEST_METHOD"] == "POST"){
if(!empty($_POST["email"]) && !empty($_POST["password"])){
$email = $_POST["email"];
$pass = $_POST["password"];
/* prepare statement */
$stmt = $mysqli->prepare("SELECT ID, PSWD, IGN, ISADMIN FROM Users where EMAIL = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
/* bind variables to prepared statement */
$stmt->bind_result($idcko, $hash, $ign, $isadmin);
$found = false;
/* fetch values */
while ($stmt->fetch()) {
if (password_verify($pass, $hash)){
$_SESSION["ID"] = $idcko;
$_SESSION["email"] = $email;
$_SESSION["ign"] = $ign;
$_SESSION["isadmin"] = $isadmin;
$found = true;
break;
}
else{
$_SESSION["ID"] = 0;
$_SESSION["email"] = "";
$_SESSION["ign"] = "";
$_SESSION["isadmin"] = 0;
$found = false;
}
break;
}
if($found){
echo "Login successful";
}
else{
echo "Login failed";
}
}
}
if ($_SESSION["ID"] > 0){
$account_template = file_get_contents($template_dir . "account.html");
echo $account_template;
}
else{
$login_template = file_get_contents($template_dir . "login.html");
echo $login_template;
}
return ob_get_clean();
?>