"skús to commitnúť, počkaj toto ../ dám ešte preč aby to nevypadalo tak..."

2024-01-20 19:53:33 +01:00
parent ba03dd7cd8
commit 2b4012bc6b
11 changed files with 98 additions and 119 deletions
--- a/index.php
+++ b/index.php
@@ -1,4 +1,16 @@
 <?php
+
+function include_ob($file){
+    ob_start();
+    include $file;
+    return ob_get_clean();
+}
+
+function sanitize_template_strings($indata){
+    $sanit_pattern = '/<template.*>/is';
+    return preg_replace($sanit_pattern, '', $indata);
+}
+
 session_start();
 require_once 'config.php';

@@ -7,7 +19,19 @@ $paths_to_check[] = "pages/global";


 $page = basename($_SERVER['QUERY_STRING']);
-$nav = file_get_contents("$template_dir/navigation.html");
+
+$nav = include_ob("$template_dir/navigation.html");
+
+$page_regex = '/<!--PAGENAME=(.*?)-->/';
+
+if(preg_match($page_regex, $htmlWithComments, $matches)){
+    $page_name = $matches[1];
+}
+else{
+    $page_name = ucfirst($page);
+}
+
+

 if(empty($page)){
    $page = 'index';
@@ -20,12 +44,6 @@ if (isset($_SESSION['user_id'])) {
    }

    $paths_to_check[] = "pages/user";
-
-    // Fetch user details
-    $user_id = $_SESSION['user_id'];
-    $query = "SELECT * FROM users WHERE id = $user_id";
-    $result = mysqli_query($mysqli, $query);
-    $user = mysqli_fetch_assoc($result);
 }

 $page_file = "$template_dir/404.html";
@@ -41,7 +59,22 @@ ob_start();
 include $page_file;
 $page_data = ob_get_clean();

-$page_data = str_replace("__NAV_TEMPLATE__", $nav, $page_data);
+$page_data = preg_replace($page_regex, '', $page_data);
+
+$output = file_get_contents("$template_dir/skeleton.html");
+$output = str_replace('<template name="navigation">', $nav, $output);
+$output = str_replace('<template name="page content">', $page_data, $output);
+
+if (isset($_SESSION['user_id'])) {
+    $hash = md5(strtolower(trim($_SESSION['user_email'])));
+    $gravatarUrl = "https://www.gravatar.com/avatar/$hash?s=100";
+    $gravatarTag = "<img src='$gravatarUrl' alt='Gravatar Profile Picture'>";
+    $page_data = str_replace('<template name="gravatar image">', $gravatarTag, $page_data);
+
+    $page_data = str_replace('<template name="username">', $_SESSION['user_username'], $page_data);
+}
+
+$output = str_replace('<template name="page name">', $page_name, $output);

 echo $page_data;
 ?>
--- a/login.php
+++ b/login.php
@@ -8,15 +8,18 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $password = $_POST['password'];

    // Validate login credentials and fetch user details
-    $query = "SELECT id, username, password, isAdmin FROM users WHERE email = ?";
+    $query = "SELECT id, username, password, email, isAdmin FROM users WHERE email = ?";
    $stmt = $mysqli->prepare($query);
    $stmt->bind_param("s", $email);
    $stmt->execute();
-    $stmt->bind_result($user_id, $user_username, $user_password, $user_isAdmin);
+    $stmt->bind_result($user_id, $user_username, $user_password, $user_email, $user_isAdmin);

    // Fetch the result
    if ($stmt->fetch() && password_verify($password, $user_password)) {
        $_SESSION['user_id'] = $user_id;
+        $_SESSION['user_username'] = $user_username;
+        $_SESSION['user_email'] = $user_email;
+        $_SESSION['user_isAdmin'] = $user_isAdmin;

        // Redirect to the main domain after successful login
        header('Location: http://watch.twip-network.org');
@@ -28,5 +31,4 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
    // Close the statement
    $stmt->close();
 }
-include "pages/login.html";
 ?>
--- a/pages/admin/index.html
+++ b/pages/admin/index.html
@@ -1,36 +1,4 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Welcome Admin</title>
-    <link rel="stylesheet" href="../styles/pages/style.css">
-    <link rel="stylesheet" href="../styles/global.css">
-</head>
-<nav>
-    <ul>
-        <li><a href=""><i class="ri-settings-4-fill"></i></a></li>
-        <div class="links">
-            <li><a href=""></a></li>
-            <li><a href=""></a></li>
-            <li><a href=""></a></li>
-        </div>
-    </ul>
-</nav>
-<body>
-    <h2>Welcome</h2>
-    <?php
-    echo "Logged in as Admin: " . $user['username'];
-    ?>
-
-    <!-- Display Gravatar image -->
-    <?php
-    $email = $user['email'];
-    $hash = md5(strtolower(trim($email)));
-    $gravatarUrl = "https://www.gravatar.com/avatar/$hash?s=100";
-    echo "<img src='$gravatarUrl' alt='Gravatar Profile Picture'>";
-    ?>
-
-    <a href="logout.php">Logout</a>
-</body>
-</html>
+<!--PAGENAME=You have rights-->
+<h2>Welcome</h2>
+<p>Logged in as an admin: <template name="username"></p>
+<template name="gravatar_image">
--- a/pages/global/index.html
+++ b/pages/global/index.html
@@ -0,0 +1,2 @@
+<!--PAGENAME=You dont have any rights-->
+<h1>Watch something</h1>
--- a/pages/global/login.html
+++ b/pages/global/login.html
@@ -1,19 +1,7 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Login</title>
-    <link rel="stylesheet" href="../styles/pages/login.css">
-    <link rel="stylesheet" href="../styles/global.css">
-</head>
-<body>
-    <h2>Login</h2>
-    <form action="../login.php" method="post">
+<h2>Login</h2>
+<form action="login.php" method="post">
    <input type="email" name="email" id="email-field" placeholder="E-Mail" required>
    <input type="password" name="password" id="password-field" pattern=".{3,32}" placeholder="Password" required>
    <input type="submit" name="login" value="Login">
    <a href="/register.php">Don't have an account?</a>
-    </form>
-</body>
-</html>
+</form>
--- a/pages/global/register.html
+++ b/pages/global/register.html
@@ -1,26 +1,8 @@
-<!DOCTYPE html>
-<html lang="en">
-
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Register</title>
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/remixicon/4.1.0/remixicon.css"
-        integrity="sha512-dUOcWaHA4sUKJgO7lxAQ0ugZiWjiDraYNeNJeRKGOIpEq4vroj1DpKcS3jP0K4Js4v6bXk31AAxAxaYt3Oi9xw=="
-        crossorigin="anonymous" referrerpolicy="no-referrer" />
-    <link rel="stylesheet" href="../styles/pages/register.css">
-    <link rel="stylesheet" href="../styles/global.css">
-</head>
-
-<body>
-    <h2>Register</h2>
-    <form action="../register.php" method="post">
+<h2>Register</h2>
+<form action="register.php" method="post">
    <input type="text" name="username" id="username-field" pattern=".{3,32}" placeholder="Username" required>
    <input type="email" name="email" id="email-field" placeholder="E-Mail" required>
    <input type="password" name="password" id="password-field" pattern=".{8,128}" placeholder="Password" required>
    <input type="submit" value="Register">
    <a href="/">Already have an account?</a>
-    </form>
-</body>
-
-</html>
+</form>
--- a/pages/user/index.html
+++ b/pages/user/index.html
@@ -1,26 +1,5 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Welcome User</title>
-    <link rel="stylesheet" href="../styles/pages/style.css">
-    <link rel="stylesheet" href="../styles/global.css">
-</head>
-<body>
-    <h2>Welcome</h2>
-    <?php
-    echo "Logged in as: " . $user['username'];
-    ?>
+<!--PAGENAME=You do not have all rights-->
+<h2>Welcome</h2>
+<p>Logged in as: <template name="username"></p>

-    <!-- Display Gravatar image -->
-    <?php
-    $email = $user['email'];
-    $hash = md5(strtolower(trim($email)));
-    $gravatarUrl = "https://www.gravatar.com/avatar/$hash?s=100";
-    echo "<img src='$gravatarUrl' alt='Gravatar Profile Picture'>";
-    ?>
-
-    <a href="logout.php">Logout</a>
-</body>
-</html>
+<template name="gravatar image">
--- a/register.php
+++ b/register.php
@@ -59,6 +59,4 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
    }
 }

-include "pages/register.html";
-
 ?>
--- a/templates/404.html
+++ b/templates/404.html
@@ -0,0 +1,2 @@
+<!--PAGENAME=You stupid-->
+<h1>How can a human being be this dumb?</h1>
--- a/templates/navigation.html
+++ b/templates/navigation.html
@@ -0,0 +1,10 @@
+<nav>
+    <ul>
+        <li><a href=""><i class="ri-settings-4-fill"></i></a></li>
+        <div class="links">
+            <li><a href=""></a></li>
+            <li><a href=""></a></li>
+            <li><a href=""></a></li>
+        </div>
+    </ul>
+</nav>
--- a/templates/skeleton.html
+++ b/templates/skeleton.html
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/remixicon/4.0.1/remixicon.min.css" integrity="sha512-dTsohxprpcruDm4sjU92K0/Gf1nTKVVskNHLOGMqxmokBSkfOAyCzYSB6+5Z9UlDafFRpy5xLhvpkOImeFbX6A==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+    <link rel="stylesheet" href="/styles/global.css">
+    <link rel="stylesheet" href='/styles/pages/<template name="page name">.css'>
+    <title><template name="page name"></title>
+</head>
+<body>
+    <template name="navigation">
+    <template name="page content">
+</body>
+</html>