"skús to commitnúť, počkaj toto ../ dám ešte preč aby to nevypadalo tak..."

This commit is contained in:
Richard Mikloš 2024-01-20 19:53:33 +01:00
parent ba03dd7cd8
commit 2b4012bc6b
11 changed files with 98 additions and 119 deletions

@ -1,4 +1,16 @@
<?php <?php
function include_ob($file){
ob_start();
include $file;
return ob_get_clean();
}
function sanitize_template_strings($indata){
$sanit_pattern = '/<template.*>/is';
return preg_replace($sanit_pattern, '', $indata);
}
session_start(); session_start();
require_once 'config.php'; require_once 'config.php';
@ -7,7 +19,19 @@ $paths_to_check[] = "pages/global";
$page = basename($_SERVER['QUERY_STRING']); $page = basename($_SERVER['QUERY_STRING']);
$nav = file_get_contents("$template_dir/navigation.html");
$nav = include_ob("$template_dir/navigation.html");
$page_regex = '/<!--PAGENAME=(.*?)-->/';
if(preg_match($page_regex, $htmlWithComments, $matches)){
$page_name = $matches[1];
}
else{
$page_name = ucfirst($page);
}
if(empty($page)){ if(empty($page)){
$page = 'index'; $page = 'index';
@ -20,12 +44,6 @@ if (isset($_SESSION['user_id'])) {
} }
$paths_to_check[] = "pages/user"; $paths_to_check[] = "pages/user";
// Fetch user details
$user_id = $_SESSION['user_id'];
$query = "SELECT * FROM users WHERE id = $user_id";
$result = mysqli_query($mysqli, $query);
$user = mysqli_fetch_assoc($result);
} }
$page_file = "$template_dir/404.html"; $page_file = "$template_dir/404.html";
@ -41,7 +59,22 @@ ob_start();
include $page_file; include $page_file;
$page_data = ob_get_clean(); $page_data = ob_get_clean();
$page_data = str_replace("__NAV_TEMPLATE__", $nav, $page_data); $page_data = preg_replace($page_regex, '', $page_data);
$output = file_get_contents("$template_dir/skeleton.html");
$output = str_replace('<template name="navigation">', $nav, $output);
$output = str_replace('<template name="page content">', $page_data, $output);
if (isset($_SESSION['user_id'])) {
$hash = md5(strtolower(trim($_SESSION['user_email'])));
$gravatarUrl = "https://www.gravatar.com/avatar/$hash?s=100";
$gravatarTag = "<img src='$gravatarUrl' alt='Gravatar Profile Picture'>";
$page_data = str_replace('<template name="gravatar image">', $gravatarTag, $page_data);
$page_data = str_replace('<template name="username">', $_SESSION['user_username'], $page_data);
}
$output = str_replace('<template name="page name">', $page_name, $output);
echo $page_data; echo $page_data;
?> ?>

@ -8,15 +8,18 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$password = $_POST['password']; $password = $_POST['password'];
// Validate login credentials and fetch user details // Validate login credentials and fetch user details
$query = "SELECT id, username, password, isAdmin FROM users WHERE email = ?"; $query = "SELECT id, username, password, email, isAdmin FROM users WHERE email = ?";
$stmt = $mysqli->prepare($query); $stmt = $mysqli->prepare($query);
$stmt->bind_param("s", $email); $stmt->bind_param("s", $email);
$stmt->execute(); $stmt->execute();
$stmt->bind_result($user_id, $user_username, $user_password, $user_isAdmin); $stmt->bind_result($user_id, $user_username, $user_password, $user_email, $user_isAdmin);
// Fetch the result // Fetch the result
if ($stmt->fetch() && password_verify($password, $user_password)) { if ($stmt->fetch() && password_verify($password, $user_password)) {
$_SESSION['user_id'] = $user_id; $_SESSION['user_id'] = $user_id;
$_SESSION['user_username'] = $user_username;
$_SESSION['user_email'] = $user_email;
$_SESSION['user_isAdmin'] = $user_isAdmin;
// Redirect to the main domain after successful login // Redirect to the main domain after successful login
header('Location: http://watch.twip-network.org'); header('Location: http://watch.twip-network.org');
@ -28,5 +31,4 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Close the statement // Close the statement
$stmt->close(); $stmt->close();
} }
include "pages/login.html";
?> ?>

@ -1,36 +1,4 @@
<!DOCTYPE html> <!--PAGENAME=You have rights-->
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Welcome Admin</title>
<link rel="stylesheet" href="../styles/pages/style.css">
<link rel="stylesheet" href="../styles/global.css">
</head>
<nav>
<ul>
<li><a href=""><i class="ri-settings-4-fill"></i></a></li>
<div class="links">
<li><a href=""></a></li>
<li><a href=""></a></li>
<li><a href=""></a></li>
</div>
</ul>
</nav>
<body>
<h2>Welcome</h2> <h2>Welcome</h2>
<?php <p>Logged in as an admin: <template name="username"></p>
echo "Logged in as Admin: " . $user['username']; <template name="gravatar_image">
?>
<!-- Display Gravatar image -->
<?php
$email = $user['email'];
$hash = md5(strtolower(trim($email)));
$gravatarUrl = "https://www.gravatar.com/avatar/$hash?s=100";
echo "<img src='$gravatarUrl' alt='Gravatar Profile Picture'>";
?>
<a href="logout.php">Logout</a>
</body>
</html>

2
pages/global/index.html Normal file

@ -0,0 +1,2 @@
<!--PAGENAME=You dont have any rights-->
<h1>Watch something</h1>

@ -1,19 +1,7 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
<link rel="stylesheet" href="../styles/pages/login.css">
<link rel="stylesheet" href="../styles/global.css">
</head>
<body>
<h2>Login</h2> <h2>Login</h2>
<form action="../login.php" method="post"> <form action="login.php" method="post">
<input type="email" name="email" id="email-field" placeholder="E-Mail" required> <input type="email" name="email" id="email-field" placeholder="E-Mail" required>
<input type="password" name="password" id="password-field" pattern=".{3,32}" placeholder="Password" required> <input type="password" name="password" id="password-field" pattern=".{3,32}" placeholder="Password" required>
<input type="submit" name="login" value="Login"> <input type="submit" name="login" value="Login">
<a href="/register.php">Don't have an account?</a> <a href="/register.php">Don't have an account?</a>
</form> </form>
</body>
</html>

@ -1,26 +1,8 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Register</title>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/remixicon/4.1.0/remixicon.css"
integrity="sha512-dUOcWaHA4sUKJgO7lxAQ0ugZiWjiDraYNeNJeRKGOIpEq4vroj1DpKcS3jP0K4Js4v6bXk31AAxAxaYt3Oi9xw=="
crossorigin="anonymous" referrerpolicy="no-referrer" />
<link rel="stylesheet" href="../styles/pages/register.css">
<link rel="stylesheet" href="../styles/global.css">
</head>
<body>
<h2>Register</h2> <h2>Register</h2>
<form action="../register.php" method="post"> <form action="register.php" method="post">
<input type="text" name="username" id="username-field" pattern=".{3,32}" placeholder="Username" required> <input type="text" name="username" id="username-field" pattern=".{3,32}" placeholder="Username" required>
<input type="email" name="email" id="email-field" placeholder="E-Mail" required> <input type="email" name="email" id="email-field" placeholder="E-Mail" required>
<input type="password" name="password" id="password-field" pattern=".{8,128}" placeholder="Password" required> <input type="password" name="password" id="password-field" pattern=".{8,128}" placeholder="Password" required>
<input type="submit" value="Register"> <input type="submit" value="Register">
<a href="/">Already have an account?</a> <a href="/">Already have an account?</a>
</form> </form>
</body>
</html>

@ -1,26 +1,5 @@
<!DOCTYPE html> <!--PAGENAME=You do not have all rights-->
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Welcome User</title>
<link rel="stylesheet" href="../styles/pages/style.css">
<link rel="stylesheet" href="../styles/global.css">
</head>
<body>
<h2>Welcome</h2> <h2>Welcome</h2>
<?php <p>Logged in as: <template name="username"></p>
echo "Logged in as: " . $user['username'];
?>
<!-- Display Gravatar image --> <template name="gravatar image">
<?php
$email = $user['email'];
$hash = md5(strtolower(trim($email)));
$gravatarUrl = "https://www.gravatar.com/avatar/$hash?s=100";
echo "<img src='$gravatarUrl' alt='Gravatar Profile Picture'>";
?>
<a href="logout.php">Logout</a>
</body>
</html>

@ -59,6 +59,4 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
} }
} }
include "pages/register.html";
?> ?>

2
templates/404.html Normal file

@ -0,0 +1,2 @@
<!--PAGENAME=You stupid-->
<h1>How can a human being be this dumb?</h1>

@ -0,0 +1,10 @@
<nav>
<ul>
<li><a href=""><i class="ri-settings-4-fill"></i></a></li>
<div class="links">
<li><a href=""></a></li>
<li><a href=""></a></li>
<li><a href=""></a></li>
</div>
</ul>
</nav>

15
templates/skeleton.html Normal file

@ -0,0 +1,15 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/remixicon/4.0.1/remixicon.min.css" integrity="sha512-dTsohxprpcruDm4sjU92K0/Gf1nTKVVskNHLOGMqxmokBSkfOAyCzYSB6+5Z9UlDafFRpy5xLhvpkOImeFbX6A==" crossorigin="anonymous" referrerpolicy="no-referrer" />
<link rel="stylesheet" href="/styles/global.css">
<link rel="stylesheet" href='/styles/pages/<template name="page name">.css'>
<title><template name="page name"></title>
</head>
<body>
<template name="navigation">
<template name="page content">
</body>
</html>