From dbda11e9742202924ace5cd9b18b7ceb95b8621f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Ryb=C3=A1rsky?= Date: Tue, 16 Jan 2024 19:24:40 +0100 Subject: [PATCH 01/13] stuff --- index.php | 40 +++----------- lib/account.php | 93 +++++++++++++++++++++++++++++++++ {templates => lib}/navpages.php | 0 lib/routing.php | 40 ++++++++++++++ pages/global/account.php | 39 ++++++++++++++ pages/global/login.php | 56 -------------------- 6 files changed, 178 insertions(+), 90 deletions(-) create mode 100644 lib/account.php rename {templates => lib}/navpages.php (100%) create mode 100644 lib/routing.php create mode 100644 pages/global/account.php delete mode 100644 pages/global/login.php diff --git a/index.php b/index.php index bc8b76d..df030a1 100644 --- a/index.php +++ b/index.php @@ -1,8 +1,7 @@ 0 && !empty($_SESSION["email"]); +} + +function doLogin(){ + global $mysqli; + if(!empty($_POST["email"]) && !empty($_POST["password"])){ + $email = $_POST["email"]; + $pass = $_POST["password"]; + /* prepare statement */ + $stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, isAdmin FROM Users WHERE EMAIL = ? AND isActive = 1"); + $stmt->bind_param("s", $email); + $stmt->execute(); + $idcko = 0; + $fname = ""; + $lname = ""; + $nickname = ""; + $pwdhash = ""; + $mcnick = ""; + $isadmin = false; + /* bind variables to prepared statement */ + $stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, $isadmin); + + $found = false; + /* fetch values */ + while ($stmt->fetch()) { + if (password_verify($pass, $pwdhash)){ + $_SESSION["ID"] = $idcko; + $_SESSION["first_name"] = $fname; + $_SESSION["last_name"] = $lname; + $_SESSION["nickname"] = $nickname; + $_SESSION["email"] = $email; + $_SESSION["mcnick"] = $mcnick; + $_SESSION["isadmin"] = $isadmin; + $found = true; + break; + } + else{ + $found = false; + } + break; + } + $stmt->close(); + if($found){ + $status = ["status" => "success"]; + } + else{ + $status = ["status" => "fail"]; + } + echo json_encode($status); + } +} + +function doLogout(){ + if(isLoggedIn()){ + session_destroy(); + $status = ["status" => "success"]; + } + else{ + $status = ["status" => "fail"]; + } + echo json_encode($status); +} + +function doRegister(){ + $status = ["status" => "fail"]; + if (!empty($_POST["activationtoken"])){ + global $mysqli; + + $firstName = $_POST["firstname"]; + $lastName = $_POST["lastname"]; + $nickname = $_POST["nickname"]; + $email = $_POST["email"]; + $password = $_POST["password"]; + $minecraftNick = $_POST["minecraftnick"]; + $activationToken = $_POST["activationtoken"]; + if (!empty($firstName) && !empty($lastName) && !empty($nickname) && !empty($email) && !empty($password) && !empty($activationToken)){ + $passwordHash = password_hash($password, PASSWORD_DEFAULT); + + $stmt = $mysqli->prepare("UPDATE Users SET FirstName = ?, LastName = ?, Nickname = ?, Email = ?, PasswordHash = ?, MinecraftNick = ?, isAdmin = 0, isActivated = 1 WHERE isActivated = 0 AND ActivationToken = ?"); + $stmt->bind_param("ssssss", $firstName, $lastName, $nickname, $email, $passwordHash, $minecraftNick, $activationToken); + $stmt->execute(); + if ($stmt->affected_rows > 0) { + $status["status"] = "success"; + } + $stmt->close(); + } + } +} + +?> \ No newline at end of file diff --git a/templates/navpages.php b/lib/navpages.php similarity index 100% rename from templates/navpages.php rename to lib/navpages.php diff --git a/lib/routing.php b/lib/routing.php new file mode 100644 index 0000000..fbf1bf3 --- /dev/null +++ b/lib/routing.php @@ -0,0 +1,40 @@ + \ No newline at end of file diff --git a/pages/global/account.php b/pages/global/account.php new file mode 100644 index 0000000..ed323b1 --- /dev/null +++ b/pages/global/account.php @@ -0,0 +1,39 @@ + 0){ + $account_template = file_get_contents($template_dir . "account.html"); + echo $account_template; +} +else{ + $login_template = file_get_contents($template_dir . "login.html"); + echo $login_template; +} + +return ob_get_clean(); + +?> \ No newline at end of file diff --git a/pages/global/login.php b/pages/global/login.php deleted file mode 100644 index dd6e9e2..0000000 --- a/pages/global/login.php +++ /dev/null @@ -1,56 +0,0 @@ -prepare("SELECT ID, PSWD, IGN, ISADMIN FROM Users where EMAIL = ?"); - $stmt->bind_param("s", $email); - $stmt->execute(); - /* bind variables to prepared statement */ - $stmt->bind_result($idcko, $hash, $ign, $isadmin); - - $found = false; - /* fetch values */ - while ($stmt->fetch()) { - if (password_verify($pass, $hash)){ - $_SESSION["ID"] = $idcko; - $_SESSION["email"] = $email; - $_SESSION["ign"] = $ign; - $_SESSION["isadmin"] = $isadmin; - $found = true; - break; - } - else{ - $_SESSION["ID"] = 0; - $_SESSION["email"] = ""; - $_SESSION["ign"] = ""; - $_SESSION["isadmin"] = 0; - $found = false; - } - break; - } - if($found){ - echo "Login successful"; - } - else{ - echo "Login failed"; - } - } -} -if ($_SESSION["ID"] > 0){ - $account_template = file_get_contents($template_dir . "account.html"); - echo $account_template; -} -else{ - $login_template = file_get_contents($template_dir . "login.html"); - echo $login_template; -} - -return ob_get_clean(); - -?> \ No newline at end of file From e97fc554c75dab2db24c9416f00d9add0d22301c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Ryb=C3=A1rsky?= Date: Tue, 16 Jan 2024 19:27:10 +0100 Subject: [PATCH 02/13] test --- lib/navpages.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/navpages.php b/lib/navpages.php index e37f51f..35ce732 100644 --- a/lib/navpages.php +++ b/lib/navpages.php @@ -22,7 +22,7 @@ function generateNavigation($static_page_dir, $protocol, $subdomain, $domain, $t $site_location = "$protocol$site_dir.$domain.$tld/$default_page"; $navsite = str_replace("__CLASS__", $site_class, $navsite); $navsite = str_replace("__LOCATION__", $site_location, $navsite); - $navsite = str_replace("__NAME__", $site_name.ucfirst(), $navsite); + $navsite = str_replace("__NAME__", ucfirst($site_name), $navsite); if ($subdomain == $site_dir) { //this is the current page From f219adfa5f7db8c5f36d12448113c0918dc1db72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Ryb=C3=A1rsky?= Date: Tue, 16 Jan 2024 19:38:42 +0100 Subject: [PATCH 03/13] fix --- index.php | 11 +---------- lib/routing.php | 13 +++++++++++-- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/index.php b/index.php index df030a1..0273e43 100644 --- a/index.php +++ b/index.php @@ -32,15 +32,6 @@ if (empty($page_name)){ session_set_cookie_params(0, '/', ".$domain.$tld", true, true); session_start(); -$navpages = generateNavigation($static_page_dir, $protocol, $subdomain, $domain, $tld, $default_page, $page_name); - -$nav = str_replace("__NAV_PAGES__", $navpages, $nav); - -$out = $skeleton; -$out = str_replace("__TEMPLATE__NAV__", $nav, $out); -$out = str_replace("__TEMPLATE__PAGE__", $page, $out); -$out = str_replace("__TEMPLATE_PAGE_NAME__", $page_name, $out); - -echo $out; +echo getPage($routerConfig); ?> \ No newline at end of file diff --git a/lib/routing.php b/lib/routing.php index fbf1bf3..bcf7587 100644 --- a/lib/routing.php +++ b/lib/routing.php @@ -9,7 +9,7 @@ function getProtocol(){ } function getPage($routerConfig){ - $page_dir = $routerConfig['page_dir']; + $page_dir = "pages/"; $dynamic_page_file = $page_dir . $subdomain . "/" . $page_name . ".php"; $page_file = $page_dir . $subdomain . "/" . $page_name . ".html"; @@ -34,7 +34,16 @@ function getPage($routerConfig){ } else{ $page = file_get_contents($template_dir . "404.html"); -} + } + $navpages = generateNavigation($static_page_dir, $protocol, $subdomain, $domain, $tld, $default_page, $page_name); + + $nav = str_replace("__NAV_PAGES__", $navpages, $nav); + + $out = $skeleton; + $out = str_replace("__TEMPLATE__NAV__", $nav, $out); + $out = str_replace("__TEMPLATE__PAGE__", $page, $out); + $out = str_replace("__TEMPLATE_PAGE_NAME__", $page_name, $out); + return $out; } ?> \ No newline at end of file From ec725fd6894ba5ef06e486ce5dc2815c03192840 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Ryb=C3=A1rsky?= Date: Tue, 16 Jan 2024 19:39:54 +0100 Subject: [PATCH 04/13] test --- index.php | 26 -------------------------- lib/routing.php | 25 +++++++++++++++++++++++++ 2 files changed, 25 insertions(+), 26 deletions(-) diff --git a/index.php b/index.php index 0273e43..2e07b5a 100644 --- a/index.php +++ b/index.php @@ -3,32 +3,6 @@ require "secrets/config.php"; require "lib/navpages.php"; require "lib/routing.php"; -$default_page = "domov"; - -$default_site = "home"; - -$template_dir = "templates/"; - -$static_page_dir = "pages/"; - -$dynamic_page_dir = "dynamic/"; - -$subdomain = basename(explode('.', $_SERVER['HTTP_HOST'])[0]); -$domain = basename(explode('.', $_SERVER['HTTP_HOST'])[1]); -$tld = basename(explode('.', $_SERVER['HTTP_HOST'])[2]); -$page_name = basename($_SERVER["QUERY_STRING"]); -$protocol = getProtocol(); - -if (empty($tld)){ - header("Location: $protocol$default_site.$subdomain.$domain/$default_page"); - return; -} - -if (empty($page_name)){ - header("Location: $protocol$subdomain.$domain.$tld/$default_page"); - return; -} - session_set_cookie_params(0, '/', ".$domain.$tld", true, true); session_start(); diff --git a/lib/routing.php b/lib/routing.php index bcf7587..54b410b 100644 --- a/lib/routing.php +++ b/lib/routing.php @@ -9,6 +9,31 @@ function getProtocol(){ } function getPage($routerConfig){ + $default_page = "domov"; + + $default_site = "home"; + + $template_dir = "templates/"; + + $static_page_dir = "pages/"; + + $dynamic_page_dir = "dynamic/"; + + $subdomain = basename(explode('.', $_SERVER['HTTP_HOST'])[0]); + $domain = basename(explode('.', $_SERVER['HTTP_HOST'])[1]); + $tld = basename(explode('.', $_SERVER['HTTP_HOST'])[2]); + $page_name = basename($_SERVER["QUERY_STRING"]); + $protocol = getProtocol(); + + if (empty($tld)){ + header("Location: $protocol$default_site.$subdomain.$domain/$default_page"); + return; + } + + if (empty($page_name)){ + header("Location: $protocol$subdomain.$domain.$tld/$default_page"); + return; + } $page_dir = "pages/"; $dynamic_page_file = $page_dir . $subdomain . "/" . $page_name . ".php"; From 02d480d31a81b3a37069179b84e5b015c1d59604 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bruno=20Ryb=C3=A1rsky?= Date: Tue, 16 Jan 2024 20:43:57 +0100 Subject: [PATCH 05/13] Do some maintenance with phpstorm --- assets/style.css | 40 ++------------------ index.php | 24 ++++++++---- lib/account.php | 23 +++++------ lib/navpages.php | 32 +++++++++------- lib/routing.php | 82 ++++++++++++++++++++++++---------------- pages/global/account.php | 63 +++++++++++++++--------------- templates/login.html | 6 ++- templates/nav.html | 2 +- 8 files changed, 135 insertions(+), 137 deletions(-) diff --git a/assets/style.css b/assets/style.css index 4d7b6a0..876d503 100644 --- a/assets/style.css +++ b/assets/style.css @@ -11,9 +11,7 @@ } body { - background: linear-gradient(127deg, var(--secondary-bg), var(--primary-bg)); - background-repeat: no-repeat; - background-attachment: fixed; + background: linear-gradient(127deg, var(--secondary-bg), var(--primary-bg)) no-repeat fixed; background-size: cover; height: 100%; width: 100%; @@ -29,28 +27,9 @@ nav { justify-content: space-between; padding: 1.2rem 1rem; background-color: rgba(0, 0, 0, 0.2); - -webkit-box-shadow: 0px 20px 28px 0px rgba(0,0,0,0.2); - -moz-box-shadow: 0px 20px 28px 0px rgba(0,0,0,0.2); - box-shadow: 0px 20px 28px 0px rgba(0,0,0,0.2); -} - -nav #login { - color: var(--primary-text); - text-decoration: none; - background-color: #2a9dd6; - padding: 0.35rem 0.65rem; - transition: all 0.3s ease; - border-radius: 15px; -} - -nav #login:hover, nav #login.active{ - transition: all 0.3s ease; - background-color: var(--primary-hover); - color: var(--primary-text); -} - -nav #login:hover::after, nav #login.active::after { - width: 0; + -webkit-box-shadow: 0 20px 28px 0 rgba(0,0,0,0.2); + -moz-box-shadow: 0 20px 28px 0 rgba(0,0,0,0.2); + box-shadow: 0 20px 28px 0 rgba(0,0,0,0.2); } ul { @@ -89,11 +68,6 @@ li a:hover::after { width: 85%; } -li a:hover, li a.active { - color: var(--primary); - transition: all 0.3s ease; -} - .wrapper-404 { text-align: center; } @@ -162,7 +136,6 @@ header hr { } .navpage_list{ - margin-top: 8px; background-color: var(--third-bg); margin-top: 10px; display: flex; @@ -178,11 +151,6 @@ header hr { border: 4px solid var(--primary-hover) ; } -a.navpage_link{ - padding: 0; - margin: 0; -} - li.navpage_item{ padding-left: 20px; padding-right: 20px; diff --git a/index.php b/index.php index 2e07b5a..08eb6e3 100644 --- a/index.php +++ b/index.php @@ -1,11 +1,21 @@ \ No newline at end of file diff --git a/lib/account.php b/lib/account.php index d90f988..1aee7d6 100644 --- a/lib/account.php +++ b/lib/account.php @@ -19,13 +19,13 @@ function doLogin(){ $nickname = ""; $pwdhash = ""; $mcnick = ""; - $isadmin = false; /* bind variables to prepared statement */ - $stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, $isadmin); - - $found = false; + $stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, false); + /* fetch values */ - while ($stmt->fetch()) { + $found = false; + if($stmt->num_rows() > 0){ + $stmt->fetch(); if (password_verify($pass, $pwdhash)){ $_SESSION["ID"] = $idcko; $_SESSION["first_name"] = $fname; @@ -33,14 +33,9 @@ function doLogin(){ $_SESSION["nickname"] = $nickname; $_SESSION["email"] = $email; $_SESSION["mcnick"] = $mcnick; - $_SESSION["isadmin"] = $isadmin; - $found = true; - break; + $_SESSION["isadmin"] = false; + $found = true; } - else{ - $found = false; - } - break; } $stmt->close(); if($found){ @@ -76,7 +71,7 @@ function doRegister(){ $password = $_POST["password"]; $minecraftNick = $_POST["minecraftnick"]; $activationToken = $_POST["activationtoken"]; - if (!empty($firstName) && !empty($lastName) && !empty($nickname) && !empty($email) && !empty($password) && !empty($activationToken)){ + if (!empty($firstName) && !empty($lastName) && !empty($nickname) && !empty($email) && !empty($password)) { $passwordHash = password_hash($password, PASSWORD_DEFAULT); $stmt = $mysqli->prepare("UPDATE Users SET FirstName = ?, LastName = ?, Nickname = ?, Email = ?, PasswordHash = ?, MinecraftNick = ?, isAdmin = 0, isActivated = 1 WHERE isActivated = 0 AND ActivationToken = ?"); @@ -88,6 +83,6 @@ function doRegister(){ $stmt->close(); } } + echo json_encode($status); } -?> \ No newline at end of file diff --git a/lib/navpages.php b/lib/navpages.php index 35ce732..44e1699 100644 --- a/lib/navpages.php +++ b/lib/navpages.php @@ -1,44 +1,50 @@ __NAME__
    __NAVPAGES__
'; $navpage_template = '
  • __NAME__
    • '; - $site_dirs = array_diff(scandir($static_page_dir), array('.', '..')); + $site_dirs = array_diff(scandir($routerConfig["static_page_dir"]), array('.', '..')); $nav_out = ""; foreach ($site_dirs as $site_dir) { - $pages_dir = array_diff(scandir("$static_page_dir$site_dir"), array('.', '..')); + $pages_dir = array_diff(scandir($routerConfig["static_page_dir"] . $site_dir), array('.', '..')); $navsite = $navsite_template; - $site_class = "class=\"navsite_link\""; $site_name = str_replace("_", " ", $site_dir); if ($site_name == "global") { $site_name = "misc"; - $site_dir = $default_page; + $site_dir = $routerConfig["default_page"]; } - $site_location = "$protocol$site_dir.$domain.$tld/$default_page"; - $navsite = str_replace("__CLASS__", $site_class, $navsite); - $navsite = str_replace("__LOCATION__", $site_location, $navsite); - $navsite = str_replace("__NAME__", ucfirst($site_name), $navsite); + $site_location = $routerRequest["protocol"] . $site_dir . "." . $routerRequest["domain"] . "." . $routerRequest["tld"] . "/" . $routerConfig["default_page"]; - if ($subdomain == $site_dir) { + if ($routerRequest["subdomain"] == $site_dir) { //this is the current page $site_class = "class=\"navsite_link active\""; } + else{ + $site_class = "class=\"navsite_link\""; + } + + $navsite = str_replace("__CLASS__", $site_class, $navsite); + $navsite = str_replace("__LOCATION__", $site_location, $navsite); + $navsite = str_replace("__NAME__", ucfirst($site_name), $navsite); $navpages = ""; foreach ($pages_dir as $page_dir) { $page_dir = explode(".", $page_dir)[0]; $navpage = $navpage_template; $page_class = "class=\"navpage_link\""; - if ($subdomain == $site_dir && $page_name == $page_dir) { + if ($routerRequest["subdomain"] == $site_dir && $routerRequest["page_name"] == $page_dir) { $page_class = "class=\"navpage_link active\""; } - $page_location = "$protocol$site_dir.$domain.$tld/$page_dir"; + $page_location = $routerRequest["protocol"] . $site_dir . "." . $routerRequest["domain"] . "." . $routerRequest["tld"] . "/" . $page_dir; $page_name = str_replace("_", " ", $page_dir); $page_name = explode(".", $page_name)[0]; @@ -55,4 +61,4 @@ function generateNavigation($static_page_dir, $protocol, $subdomain, $domain, $t return $nav_out; } -?> + diff --git a/lib/routing.php b/lib/routing.php index 54b410b..5fe970d 100644 --- a/lib/routing.php +++ b/lib/routing.php @@ -1,74 +1,90 @@ \ No newline at end of file diff --git a/pages/global/account.php b/pages/global/account.php index ed323b1..143d200 100644 --- a/pages/global/account.php +++ b/pages/global/account.php @@ -1,39 +1,40 @@ 0){ - $account_template = file_get_contents($template_dir . "account.html"); - echo $account_template; -} -else{ - $login_template = file_get_contents($template_dir . "login.html"); - echo $login_template; -} + if ($_SESSION["ID"] > 0) { + $account_template = file_get_contents($routerConfig["template_dir"] . "account.html"); + echo $account_template; + } else { + $login_template = file_get_contents($routerConfig["template_dir"] . "login.html"); + echo $login_template; + } -return ob_get_clean(); - -?> \ No newline at end of file + return ob_get_clean(); +} \ No newline at end of file diff --git a/templates/login.html b/templates/login.html index de16d28..535db55 100644 --- a/templates/login.html +++ b/templates/login.html @@ -1,5 +1,7 @@
    - - +
    +
    +
    +
    \ No newline at end of file diff --git a/templates/nav.html b/templates/nav.html index 75684ab..2d9ce7c 100644 --- a/templates/nav.html +++ b/templates/nav.html @@ -1,5 +1,5 @@