big changes hehe

This commit is contained in:
Bruno Rybársky 2024-01-18 11:49:38 +01:00
parent b785babb3f
commit e4bb8f10a3
9 changed files with 155 additions and 94 deletions

@ -0,0 +1,22 @@
<?php
require_once "lib/account.php";
function endpoint($endpoint_data)
{
switch ($endpoint_data["action"]){
case "login":
return doLogin($endpoint_data["email"], $endpoint_data["password"]);
break;
case "logout":
return doLogout();
break;
case "register":
return doRegister($endpoint_data["firstname"], $endpoint_data["lastname"], $endpoint_data["nickname"], $endpoint_data["email"], $endpoint_data["password"], $endpoint_data["minecraftnick"], $endpoint_data["activation_token"]);
break;
}
}

@ -1,9 +1,11 @@
<?php
/** @noinspection PhpIncludeInspection */
require_once "secrets/config.php";
require_once "lib/navpages.php";
require_once "lib/routing.php";
require_once "lib/config.php";
require_once "lib/navigation.php";
require_once "lib/router.php";
require_once "lib/page.php";
require_once "lib/endpoint.php";
$routerConfig = array();
$routerRequest = array();
@ -13,8 +15,16 @@ if(initRouter()) {
/** @noinspection PhpArrayIsAlwaysEmptyInspection */
session_set_cookie_params(0, '/', "." . $routerRequest["domain"] . "." . $routerRequest["tld"], true, true);
session_start();
/** @noinspection PhpArrayIsAlwaysEmptyInspection */
echo getPage($routerRequest["page_name"]);
if($routerRequest["type"] == "api") {
echo getEndpoint($routerRequest["page_name"], $_REQUEST);
}elseif ($routerRequest["type"] == "page") {
/** @noinspection PhpArrayIsAlwaysEmptyInspection */
echo getPage($routerRequest["page_name"]);
}
else{
echo "Unknown request";
}
}
else{
exit();

@ -4,29 +4,25 @@ function isLoggedIn(){
return $_SESSION["ID"] > 0 && !empty($_SESSION["email"]);
}
function doLogin(){
function doLogin($email, $password){
global $mysqli;
if(!empty($_POST["email"]) && !empty($_POST["password"])){
$email = $_POST["email"];
$pass = $_POST["password"];
/* prepare statement */
if(!empty($email) && !empty($password)){
$stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, isAdmin FROM Users WHERE EMAIL = ? AND isActive = 1");
$stmt->bind_param("s", $email);
$stmt->execute();
$idcko = 0;
$fname = "";
$lname = "";
$nickname = "";
$pwdhash = "";
$mcnick = "";
/* bind variables to prepared statement */
$stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, false);
/* fetch values */
$found = false;
if($stmt->num_rows() > 0){
$stmt->fetch();
if (password_verify($pass, $pwdhash)){
if (password_verify($password, $pwdhash)){
$_SESSION["ID"] = $idcko;
$_SESSION["first_name"] = $fname;
$_SESSION["last_name"] = $lname;
@ -38,51 +34,32 @@ function doLogin(){
}
}
$stmt->close();
if($found){
$status = ["status" => "success"];
}
else{
$status = ["status" => "fail"];
}
echo json_encode($status);
return $found ? ["status" => "success"] : ["status" => "fail"];
}
}
function doLogout(){
if(isLoggedIn()){
session_destroy();
$status = ["status" => "success"];
return ["status" => "success"];
} else {
return ["status" => "fail"];
}
else{
$status = ["status" => "fail"];
}
echo json_encode($status);
}
function doRegister(){
function doRegister($firstname, $lastname, $nickname, $email, $password, $minecraftnick, $activationtoken){
global $mysqli;
$status = ["status" => "fail"];
if (!empty($_POST["activationtoken"])){
global $mysqli;
$firstName = $_POST["firstname"];
$lastName = $_POST["lastname"];
$nickname = $_POST["nickname"];
$email = $_POST["email"];
$password = $_POST["password"];
$minecraftNick = $_POST["minecraftnick"];
$activationToken = $_POST["activationtoken"];
if (!empty($firstName) && !empty($lastName) && !empty($nickname) && !empty($email) && !empty($password)) {
$passwordHash = password_hash($password, PASSWORD_DEFAULT);
$stmt = $mysqli->prepare("UPDATE Users SET FirstName = ?, LastName = ?, Nickname = ?, Email = ?, PasswordHash = ?, MinecraftNick = ?, isAdmin = 0, isActivated = 1 WHERE isActivated = 0 AND ActivationToken = ?");
$stmt->bind_param("ssssss", $firstName, $lastName, $nickname, $email, $passwordHash, $minecraftNick, $activationToken);
$stmt->execute();
if ($stmt->affected_rows > 0) {
$status["status"] = "success";
}
$stmt->close();
if (!empty($activationtoken)){
$passwordHash = password_hash($password, PASSWORD_DEFAULT);
$stmt = $mysqli->prepare("UPDATE Users SET FirstName = ?, LastName = ?, Nickname = ?, Email = ?, PasswordHash = ?, MinecraftNick = ?, isAdmin = 0, isActivated = 1 WHERE isActivated = 0 AND ActivationToken = ?");
$stmt->bind_param("sssssss", $firstname, $lastname, $nickname, $email, $passwordHash, $minecraftnick, $activationtoken);
$stmt->execute();
if ($stmt->affected_rows > 0) {
$status["status"] = "success";
}
$stmt->close();
}
echo json_encode($status);
return $status;
}

@ -8,6 +8,8 @@
$routerConfig["template_dir"] = "templates/";
$routerConfig["endpoint_dir"] = "endpoints/";
$routerConfig["page_dir"] = "pages/";
$routerConfig["protocol"] = "https://";

41
lib/endpoint.php Normal file

@ -0,0 +1,41 @@
<?php
function runEndpoint($endpoint_file)
{
global $routerRequest;
$endpoint_data = $_POST
require_once $endpoint_file;
return endpoint($endpoint_data);
}
function getEndpoint($endpoint_name)
{
$output = array();
$output["status"] = "fail";
global $routerConfig;
global $routerRequest;
if(!$endpoint_name){
$endpoint_name = $routerRequest["page_name"];
}
$endpoint_file = $routerConfig["endpoint_dir"] . $routerRequest["subdomain"] . "/" . $endpoint_name . ".php";
$endpoint_file_global = $routerConfig["endpoint_dir"] . "global/" . $endpoint_name . ".php";
if (file_exists($endpoint_file_global)){
$output = runEndpoint($endpoint_file_global);
}
elseif (file_exists($endpoint_file)){
$output = runEndpoint($endpoint_file);
}
else{
$output["error"] = "Not found";
http_response_code(404);
}
return json_encode($output);
}

@ -1,49 +1,4 @@
<?php
function initRouter(){
global $routerRequest;
global $routerConfig;
$routerRequest["requestAddress"] = array_slice(explode('.', $_SERVER['HTTP_HOST']), -3, 3); //get the last 3 elements
$needsRedirect = false;
if(count($routerRequest["requestAddress"]) < 3){
// Root domain accessed directly
$needsRedirect = true;
$routerRequest["subdomain"] = $routerConfig["default_site"];
$routerRequest["domain"] = basename($routerRequest["requestAddress"][0]);
$routerRequest["tld"] = basename($routerRequest["requestAddress"][1]);
} else {
$routerRequest["subdomain"] = basename($routerRequest["requestAddress"][0]);
$routerRequest["domain"] = basename($routerRequest["requestAddress"][1]);
$routerRequest["tld"] = basename($routerRequest["requestAddress"][2]);
$routerRequest["page_name"] = basename($_SERVER["QUERY_STRING"]);
if (empty($routerRequest["page_name"])) {
// Page name is empty
$needsRedirect = true;
$routerRequest["page_name"] = $routerConfig["default_page"];
}
}
if ($needsRedirect) {
$redirectAddress = $routerConfig["protocol"] .
$routerRequest["subdomain"] . "." .
$routerRequest["domain"] . "." .
$routerRequest["tld"] . "/" .
$routerRequest["page_name"];
// Redirect with default page name
header("Location: $redirectAddress");
}
return !$needsRedirect;
}
function renderDynamicPage($page_file)
{
require_once $page_file;
@ -91,4 +46,3 @@ function getPage($page_name = null){
$out = str_replace("__TEMPLATE__PAGE__", $page, $out);
return str_replace("__TEMPLATE_PAGE_NAME__", $page_name, $out);
}

55
lib/router.php Normal file

@ -0,0 +1,55 @@
<?php
function initRouter(){
global $routerRequest;
global $routerConfig;
$routerRequest["requestAddress"] = array_slice(explode('.', $_SERVER['HTTP_HOST']), -3, 3); //get the last 3 elements
$needsRedirect = false;
if(count($routerRequest["requestAddress"]) < 3){
// Root domain accessed directly
$needsRedirect = true;
$routerRequest["subdomain"] = $routerConfig["default_site"];
$routerRequest["domain"] = basename($routerRequest["requestAddress"][0]);
$routerRequest["tld"] = basename($routerRequest["requestAddress"][1]);
} else {
$routerRequest["subdomain"] = basename($routerRequest["requestAddress"][0]);
$routerRequest["domain"] = basename($routerRequest["requestAddress"][1]);
$routerRequest["tld"] = basename($routerRequest["requestAddress"][2]);
$routerRequest["page_name"] = basename($_SERVER["QUERY_STRING"]);
if (empty($routerRequest["page_name"])) {
// Page name is empty
$needsRedirect = true;
$routerRequest["page_name"] = $routerConfig["default_page"];
}
}
if ($needsRedirect) {
$redirectAddress = $routerConfig["protocol"] .
$routerRequest["subdomain"] . "." .
$routerRequest["domain"] . "." .
$routerRequest["tld"] . "/" .
$routerRequest["page_name"];
// Redirect with default page name
header("Location: $redirectAddress");
}
else{
if($_SERVER["REQUEST_METHOD"] == "POST"){
$routerRequest["type"] = "api";
}
if(empty($routerRequest["type"])){
$routerRequest["type"] = "page";
}
}
return !$needsRedirect;
}

@ -1,6 +1,6 @@
<?php
require_once "lib/routing.php";
require_once "lib/router.php";
function render()
{