From 1714e5b80d732df0bb6db623ea99dd97609ed3cd Mon Sep 17 00:00:00 2001 From: Jenga Phoenix Date: Sat, 23 Feb 2019 01:15:14 -0600 Subject: [PATCH] A slow-burn existential crisis --- README.txt | 14 +- composer.json | 3 +- config.php.sample | 29 ++++- docs/last_time.txt | 2 + p/edit/index.php | 45 +++++++ p/edit/private/user_edit.php | 54 ++++++++ p/index.php | 33 ++--- p/list/index.php | 8 +- p/new/private/post_create.php | 13 +- res/lib/db.php | 13 +- res/lib/load.php | 21 ++- res/lib/sterilize.php | 7 +- res/lib/string.php | 7 + res/lib/token.php | 91 +++++++++++++ res/lib/user.php | 55 +------- res/themes/default/css/global.css | 122 +++++++++++++----- res/themes/default/css/p_index.css | 11 ++ res/themes/default/css/post.css | 1 - res/themes/default/css/u_index.css | 15 +++ res/themes/default/html/admin_index.twig.html | 9 +- res/themes/default/html/head.twig.html | 2 + res/themes/default/html/index.twig.html | 2 +- .../default/html/meta_post_card.twig.html | 16 +-- .../default/html/meta_post_card_big.twig.html | 2 + .../html/meta_post_card_big_body.twig.html | 2 + .../html/meta_post_card_header.twig.html | 13 ++ .../html/meta_post_card_mini.twig.html | 2 + .../html/meta_post_card_mini_body.twig.html | 2 + .../default/html/meta_user_card.twig.html | 8 ++ res/themes/default/html/navbar.twig.html | 14 ++ res/themes/default/html/p_index.twig.html | 24 +++- .../default/html/p_list_index.twig.html | 28 ++-- res/themes/default/html/p_new_index.twig.html | 16 +-- .../default/html/u_edit_index.twig.html | 49 +++++++ res/themes/default/html/u_index.twig.html | 20 ++- .../default/html/u_list_index.twig.html | 10 +- res/themes/default/html/u_new_index.twig.html | 21 ++- u/edit/index.php | 45 +++++++ u/edit/private/new_password.php | 42 ++++++ u/edit/private/user_edit.php | 54 ++++++++ u/index.php | 2 +- u/new/index.php | 15 ++- u/new/private/user_create.php | 21 ++- u/old/index.php | 10 +- u/old/private/user_login.php | 23 +++- 45 files changed, 785 insertions(+), 211 deletions(-) create mode 100644 docs/last_time.txt create mode 100644 p/edit/index.php create mode 100644 p/edit/private/user_edit.php create mode 100644 res/lib/token.php create mode 100644 res/themes/default/css/p_index.css delete mode 100644 res/themes/default/css/post.css create mode 100644 res/themes/default/css/u_index.css create mode 100644 res/themes/default/html/meta_post_card_big.twig.html create mode 100644 res/themes/default/html/meta_post_card_big_body.twig.html create mode 100644 res/themes/default/html/meta_post_card_header.twig.html create mode 100644 res/themes/default/html/meta_post_card_mini.twig.html create mode 100644 res/themes/default/html/meta_post_card_mini_body.twig.html create mode 100644 res/themes/default/html/meta_user_card.twig.html create mode 100644 res/themes/default/html/u_edit_index.twig.html create mode 100644 u/edit/index.php create mode 100644 u/edit/private/new_password.php create mode 100644 u/edit/private/user_edit.php diff --git a/README.txt b/README.txt index 05f2d4c..ccf6522 100644 --- a/README.txt +++ b/README.txt @@ -21,6 +21,7 @@ PRE-REQUISITES ---------------------------------------- * PHP 7.0 * Webserver with CGI enabled + * Composer * A paper-clip and soldering-iron * Also a lighter @@ -30,9 +31,16 @@ PRE-REQUISITES INSTALLATION ---------------------------------------- Drop Blagoblag in any directory on your webserver, then create an SQL -database for Blagoblag. Make sure to make a "config.ini" file (from -"config.ini.example")-- at the minimum, you need to configure the SQL -connection settings. +database for Blagoblag-- UTF-8 character encoding, preferably. + +Then, make a "config.ini" file (from "config.ini.example")-- at the +minimum, you need to configure the SQL connection settings. + +After that, just run "composer intall", then you should be running! + +As for setup, you should make your own user-account, then use the "root" +account to elevate your account to archmage (highest login class)-- after +that, delete the "root" account. :) diff --git a/composer.json b/composer.json index df2d1df..9b68600 100644 --- a/composer.json +++ b/composer.json @@ -1,6 +1,7 @@ { "require": { "twig/twig": "1.*", - "falseclock/dbd-php": "1.*" + "erusev/parsedown": "*.*", + "consoletvs/profanity": "*.*" } } diff --git a/config.php.sample b/config.php.sample index ea779f2..ba1459f 100644 --- a/config.php.sample +++ b/config.php.sample @@ -1,4 +1,9 @@ "/u/?name=USERNAME") + +$user_prefix_name = "u/?name="; +$user_prefix_id = "u/?id="; + +$post_prefix_name = "p/?name="; +$post_prefix_id = "p/?id="; -$theme = "default"; ?> diff --git a/docs/last_time.txt b/docs/last_time.txt new file mode 100644 index 0000000..2c7c40b --- /dev/null +++ b/docs/last_time.txt @@ -0,0 +1,2 @@ +Last time on blagoblag!! + * USER planted a post and failed to hold central dogma diff --git a/p/edit/index.php b/p/edit/index.php new file mode 100644 index 0000000..c79bc46 --- /dev/null +++ b/p/edit/index.php @@ -0,0 +1,45 @@ + $edit_id, + 'user_full_name' => unscrub(user_full_name($edit_id)), + 'user_name' => user_name($edit_id), + 'user_bio' => unscrub(user_biography($edit_id)), + 'user_email' => user_email($edit_id), + 'user_website' => user_website($edit_id)); + + +// -------------------------------------- + +switch (1) { + case (user_logged_in() == false): + general_error("You're not even logged in, fool! >;c"); + break; + case ($cur_id != $edit_id): + auth_enforce($cur_id, array("wizard", "archmage"), "edit other + people's accounts"); + break; +} + +display_page($mark, $depth, $title, $local_exports); + +?> diff --git a/p/edit/private/user_edit.php b/p/edit/private/user_edit.php new file mode 100644 index 0000000..0f0d033 --- /dev/null +++ b/p/edit/private/user_edit.php @@ -0,0 +1,54 @@ + diff --git a/p/index.php b/p/index.php index f28cd53..c70601b 100644 --- a/p/index.php +++ b/p/index.php @@ -8,42 +8,31 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. */ +$title = "Control Panel"; $depth = "../"; -$title = ""; $mark = "p_index"; -include "../res/lib/load.php"; +include $depth . "res/lib/load.php"; // ------------------------------------- - $id = $_GET['id'] ?? post_title_to_id($_GET['name']); $name = post_title($id); // ------------------------------------- -if (empty($_GET['id']) && empty($_GET['name'])) { - root_redirect('p/list/'); -} else if (!is_post_id($_GET['id']) && !is_post_title($_GET['name'])) { - general_error("We can't find that post! :("); +if (empty($name)) { + root_redirect("p/list/"); } +$local_exports = array('post_id' => $id, + 'post_title' => unscrub($name), + 'post_author' => post_author($id), + 'post_date' => post_date($id), + 'post_text' => markdown(post_text($id))); + + // -------------------------------------- -$post_text = markdown(post_text($id)); -$post_date = post_date($id); -$post_data = post_data($id); - -$user_id = post_author($id); -$username = user_name($user_id); -$full_name = user_full_name($user_id); - -$local_exports = array('post_id' => $id, 'post_text' => $post_text, - 'post_author' => $user_id, - 'post_data' => $post_data, 'post_title' => $name, - 'post_date' => $date); - -// ------------------------------------- - display_page($mark, $depth, $title, $local_exports); ?> diff --git a/p/list/index.php b/p/list/index.php index 183d309..673b663 100644 --- a/p/list/index.php +++ b/p/list/index.php @@ -15,6 +15,12 @@ include "../../res/lib/load.php"; // ------------------------------------- -display_page($mark, $depth, $title); +$order = $_GET['order'] ?? "desc"; + +$local_exports = array('order' => $order); + +// ------------------------------------- + +display_page($mark, $depth, $title, $local_exports); ?> diff --git a/p/new/private/post_create.php b/p/new/private/post_create.php index 396f858..a7d6086 100644 --- a/p/new/private/post_create.php +++ b/p/new/private/post_create.php @@ -11,18 +11,14 @@ $depth = "../../../"; include "../../../res/lib/load.php"; -$auth_user = scrub($_POST['auth_user']); -$auth_pass = scrub($_POST['auth_pass']); -$auth_id = user_name_to_id($auth_user); - $title = scrub($_POST['title']); $desc = scrub($_POST['desc']); $text = scrub($_POST['text']); // ------------------------------------- -auth_enforce($auth_id, $auth_pass, - array("contributor", "wizard", "archmage"), "make posts"); +auth_enforce(user_logged_in(), + array("contributor", "wizard", "archmage"), "make posts"); input_enforce(array($title, $desc, $text), array("Title", "Summary", "Text"), @@ -30,9 +26,8 @@ input_enforce(array($title, $desc, $text), // ------------------------------------- -echo $auth_user . $auth_user_id; -post_create($title, $auth_id, $desc, $text); +post_create($title, user_logged_in(), $desc, $text); -root_redirect("post.php?name=" . $title); +root_redirect($GLOBALS['post_prefix_title'] . $title); ?> diff --git a/res/lib/db.php b/res/lib/db.php index 6d735cf..9a93dd7 100644 --- a/res/lib/db.php +++ b/res/lib/db.php @@ -7,6 +7,9 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. */ +/* note: should really make variable-naming more SQL-adherent and consistent + * also rethink a lot fo these abstractions + * also use prepared statements (as in http://bobby-tables.com/php) */ // ------------------------------------- // connection setup @@ -115,7 +118,13 @@ function db_get_rows($table, $identifier, $value) { // Return the value of a specific column in a given row, identified by an // 'identifier' column set to the given value function db_get_cell($table, $identifier, $value, $cell) { - return db_get_rows($table, $identifier, $value)[0][$cell]; + $results = db_get_rows($table, $identifier, $value); + + if (count($results) > 0) { + return $results[0][$cell]; + } else { + return false; + } } // !!! @@ -143,7 +152,7 @@ function db_set_cell($table, $identifier, $value, $cell, $new_value) { return db_cmd("update " . $table . " set " . $cell . " = " . $new_value - . " where " . $identifier . " = " . $value) . ";"; + . " where " . $identifier . " = " . $value . ";"); } // ------------------------------------- diff --git a/res/lib/load.php b/res/lib/load.php index d4f9531..a1e84de 100644 --- a/res/lib/load.php +++ b/res/lib/load.php @@ -11,6 +11,7 @@ // PATH --> PATH // Take a path from root and turn it into a relative path. +error_reporting(0); function root($path) { return $GLOBALS['depth'] . $path; } @@ -30,12 +31,24 @@ include(root("res/lib/db.php")); include(root("res/lib/url.php")); include(root("res/lib/post.php")); include(root("res/lib/blagoblag.php")); +include(root("res/lib/token.php")); $loader= new Twig_Loader_Filesystem(root("res/themes/default/html")); $twig = new Twig_Environment($loader, ['cache' => root('cache/'), 'autoescape' => false]); +// ------------------------------------- +// authentication +global $logged_id; +global $logged_in; $logged_in = false; + +$test_id = user_logged_in(); + +$logged_id = $test_id ?? 0; +if ($logged_id != 0) { + $logged_in = true; +} // ------------------------------------- // global variable declaration @@ -67,6 +80,12 @@ $twig_exports = array('theme' => $GLOBALS['theme'], 'user' => $GLOBALS['user'], 'posts' => $GLOBALS['posts'], 'post' => $GLOBALS['post'], - 'instance_title' => $GLOBALS['instance_title']); + 'user_prefix_id' => $GLOBALS['user_prefix_id'], + 'user_prefix_name' => $GLOBALS['user_prefix_name'], + 'post_prefix_id' => $GLOBALS['post_prefix_id'], + 'post_prefix_name' => $GLOBALS['post_prefix_name'], + 'instance_title' => $GLOBALS['instance_title'], + 'logged_id' => $GLOBALS['logged_id'], + 'logged_in' => $GLOBALS['logged_in']); ?> diff --git a/res/lib/sterilize.php b/res/lib/sterilize.php index fbc4587..979b955 100644 --- a/res/lib/sterilize.php +++ b/res/lib/sterilize.php @@ -12,9 +12,9 @@ // NUMBER STRING ARRAY [STRING] --> NIL // Make sure a user is both authenticated *and* permitted to do a given task, // aka in the right login-class. -function auth_enforce($id, $password, $permitted, $message="do that") { - if (!user_valid_password($id, $password)) { - input_error("Sorry, your user-name or password is wrong."); +function auth_enforce($id, $permitted, $message="do that") { + if (!user_logged_in()) { + input_error("Sorry, you're not logged in!"); } $class = user_class($id); @@ -22,6 +22,7 @@ function auth_enforce($id, $password, $permitted, $message="do that") { perm_error("Mate, only a " . comma_sep($permitted, " or ") . " can " . $message . "-- you hecking " . $class . "!"); + return false; } } diff --git a/res/lib/string.php b/res/lib/string.php index 1594bc4..1a776af 100644 --- a/res/lib/string.php +++ b/res/lib/string.php @@ -25,4 +25,11 @@ function string_wrap($value) { function strings_wrap($array) { return array_map("string_wrap", $array); } + +// STRING NUMBER --> STRING +// Return the nth word of a given string (space-seperated) +function word_nth($string, $number) { + return explode(" ", $string)[$number]; +} + ?> diff --git a/res/lib/token.php b/res/lib/token.php new file mode 100644 index 0000000..ec30f4f --- /dev/null +++ b/res/lib/token.php @@ -0,0 +1,91 @@ + NUMBER +// Generate a new login-token and associate it with the user's account. +// Returns the token number. +function user_token_set($id, $token) { + setcookie("token", $token, time() + 60*60*24*30, "/"); + setcookie("id", $id, time() + 60*60*24*30, "/"); + echo "token" . $token; + db_set_cell("lusers", "id", $id, "token", $token); + return $token; +} + +// NUMBER NUMBER --> BOOLEAN +// Return whether or not a token is valid for a certain user account +function user_token_validate($id, $token) { + $valid_token = db_get_cell("lusers", "id", $id, "token"); + + if (html_entity_decode($token) == $valid_token) { + return true; + + } else { + return false; + } + +} + + +// ------------------------------------- + + +// NUMBER --> NIL +// Log a user in +function user_log_in($id) { + $token = user_token_generate($id); + user_token_set($id, $token); + + return true; +} + +// NUMBER --> NIL +// Log out a user, by burning the DB-token, and eating the log-in cookies +function user_log_out($id) { + user_token_set($id, "escapee"); + setcookie("token", "escapee", time(), "/"); + setcookie("id", "death, the destroyer", time(), "/"); + + return true; +} + +// ------------------------------------- + +// NIL --> NUMBER/BOOLEAN +// Return whether or not a user is logged in-- if yes, return user ID +function user_logged_in() { + $id = $_COOKIE['id'] ?? 1; + $token = $_COOKIE['token'] ?? 1; + + if (user_token_validate($id, $token)) { + return $id; + } else { + return false; + } +} + +// ------------------------------------- + +// NUMBER STRING --> BOOLEAN +// Return whether or not a given password is valid. +function user_valid_password($id, $password) { + if (password_verify($password, user_get($id, "hash"))) { + return true; + } else { + return false; + } +} + +?> diff --git a/res/lib/user.php b/res/lib/user.php index ab3b6ed..e280395 100644 --- a/res/lib/user.php +++ b/res/lib/user.php @@ -131,64 +131,13 @@ function user_posts($id) { // Return an array filled with all of a user's relevant data. function user_data($id) { return array('full_name' => user_full_name($id), + 'first_name' => word_nth(user_full_name($id), 0), 'name' => user_name($id), 'bio' => user_biography($id), + 'class' => user_class($id), 'email' => user_email($id), 'website' => user_website($id), 'posts' => user_posts($id)); } - -// ------------------------------------- - - -// NUMBER --> NUMBER -// Generate a new login-token and associate it with the user's account. -// Returns the token number. -function user_token_create($id) { - $token = rand(0, 5000000); - db_set_cell("lusers", "id", $id, "token", rand(0, 5000000)); - return $token; -} - -// NUMBER NUMBER --> BOOLEAN -// Return whether or not a token is valid for a certain user account -function user_token_validate($id, $token) { - $valid_token = db_get_cell("lusers", "id", $id, "token"); - - if ($token == $valid_token) { - return true; - - } else { - return false; - } -} - - -// ------------------------------------- - - -// NUMBER --> NIL -// Log a user in-- create a token, then make a cookie with said token. -function user_log_in($id) { - $token = user_token_create($id); - setcookie("token", $token, 2628000); - setcookie("id", $id, 2628000); -} - -function logged() { - if (user_token_validate($id, $_COOKIE['token'])) { - return $id; - } else { - return "no"; - } -} - -// ------------------------------------- -// NUMBER STRING --> BOOLEAN -// Return whether or not a given password is valid. -function user_valid_password($id, $password) { - return password_verify($password, user_get($id, "hash")); -} - ?> diff --git a/res/themes/default/css/global.css b/res/themes/default/css/global.css index 05eaefa..2b02855 100644 --- a/res/themes/default/css/global.css +++ b/res/themes/default/css/global.css @@ -1,35 +1,91 @@ -/* The color-combo we're using: - * https://www.colorcombos.com/color-schemes/116/ColorCombo116.html */ body { - background-color: #CECFCE; + background-color: #FFFFFF; font-family: sans-serif; font-size: 17px; color: #073642; width: 100%; } +p { + max-width: 700px; + padding-left: 10%; +} + +form { + background-color: #EFEFEF; + margin: 10px; + border-radius: 5px; + max-width: 900px; + padding: 10px; +} + +form label { + width: 100px; + display: inline-block; + font-weight: bold; + align: left; +} + +.button { + background-color: #993232; + color: #FFFFFF; + padding: 10px; + border-radius: 5px; +} + +.button a { + color: inherit; + text-decoration: none; +} + +.button:hover { + background-color: #AFB170; +} + + + +/* ------------------------------------- + * navbar + * -----------------------------------*/ nav { - background-color: #84596B; + background-color: #993232; + color: #FFFFFF; width: 100%; margin: 0; padding: 0; } nav ul { - background-color: #84596B; + background-color: inherit; + color: inherit; overflow: hidden; - color: #FFFFFF; } nav li { + background-color: inherit; + color: inherit; display: block; margin-left: 20px; margin-right: 20px; - background-color: #84596B; float: left; padding: 10px; } +nav li a { + background-color: inherit; + color: inherit; + text-decoration: none; + color: #FFFFFF; +} + +nav li:hover { + background-color: #AFB170; +} + +.right { + float: right; +} + #star { margin-left: 1px; margin-right: 1px; @@ -43,32 +99,38 @@ nav li { background-color: inherit; } -nav li:hover { - background-color: #AFB170; -} - -nav li a { - text-decoration: none; - color: #FFFFFF; -} - -.right { - float: right; -} - -p { - max-width: 700px; - padding-left: 10%; -} -.post_card { - height: 200px; - display: inline-block; - overflow: hidden; - max-width: 200px; - border-style: solid; +/* ------------------------------------- + * meta_post_card_* + * -----------------------------------*/ + +.card { + float: left; + max-width: 370px; + border-style: dotted; border-width: 2px; border-color: #B58AA5; border-radius: 5px; + margin: 10px; +} + +.card p { + padding-right: 30px; + padding-left: 30px; + padding-bottom: 30px; +} + +.title { + text-align: center; +} + +.date { + font-size: 17px; + text-align: center; +} + +.author { + font-size: 15px; + text-align: center; } diff --git a/res/themes/default/css/p_index.css b/res/themes/default/css/p_index.css new file mode 100644 index 0000000..15075b8 --- /dev/null +++ b/res/themes/default/css/p_index.css @@ -0,0 +1,11 @@ +article { + max-width: 900px; + border-width: 2px; + border-style: dotted; + border-color: #B58AA5; + border-radius: 5px; + +} +.title .author .date { + text-align: center; +} diff --git a/res/themes/default/css/post.css b/res/themes/default/css/post.css deleted file mode 100644 index 1d82875..0000000 --- a/res/themes/default/css/post.css +++ /dev/null @@ -1 +0,0 @@ -/* This is the CSS file for the post page *only* */ diff --git a/res/themes/default/css/u_index.css b/res/themes/default/css/u_index.css new file mode 100644 index 0000000..48e6872 --- /dev/null +++ b/res/themes/default/css/u_index.css @@ -0,0 +1,15 @@ +.user_info { + max-width: 900px; + border-width: 2px; + border-style: dotted; + border-color: #B58AA5; + border-radius: 5px; +} + +.text { + margin: 20px; +} + +.title .author .date { + text-align: center; +} diff --git a/res/themes/default/html/admin_index.twig.html b/res/themes/default/html/admin_index.twig.html index c945b89..9d6c600 100644 --- a/res/themes/default/html/admin_index.twig.html +++ b/res/themes/default/html/admin_index.twig.html @@ -28,7 +28,6 @@
-

+ +
+
+ + +
+
+ diff --git a/res/themes/default/html/head.twig.html b/res/themes/default/html/head.twig.html index 583b258..9053c4b 100644 --- a/res/themes/default/html/head.twig.html +++ b/res/themes/default/html/head.twig.html @@ -2,6 +2,8 @@ + + -
  • +
  • + {% set author = post[post_id]['author'] %} -
  • +

    {{ post[post_id]['date'] }}

    +

    {{ user[author]['full_name'] }} -

  • -
  • {{ post[post_id]['date'] }}
  • -
  • {{ post[post_id]['desc'] }}

  • - + +

    {{ post[post_id]['text'] }}

    + diff --git a/res/themes/default/html/meta_post_card_big.twig.html b/res/themes/default/html/meta_post_card_big.twig.html new file mode 100644 index 0000000..4651643 --- /dev/null +++ b/res/themes/default/html/meta_post_card_big.twig.html @@ -0,0 +1,2 @@ +{{ include('meta_post_card_header.twig.html') }} +{{ include('meta_post_card_big_body.twig.html') }} diff --git a/res/themes/default/html/meta_post_card_big_body.twig.html b/res/themes/default/html/meta_post_card_big_body.twig.html new file mode 100644 index 0000000..f89fa87 --- /dev/null +++ b/res/themes/default/html/meta_post_card_big_body.twig.html @@ -0,0 +1,2 @@ +

    {{ post[post_id]['text'] }}

    + diff --git a/res/themes/default/html/meta_post_card_header.twig.html b/res/themes/default/html/meta_post_card_header.twig.html new file mode 100644 index 0000000..d12dfaa --- /dev/null +++ b/res/themes/default/html/meta_post_card_header.twig.html @@ -0,0 +1,13 @@ +
    +

    + + {{ post[post_id]['title'] }} + +

    + {% set author = post[post_id]['author'] %} +

    {{ post[post_id]['date'] }}

    +

    + + {{ user[author]['full_name'] }} + +

    diff --git a/res/themes/default/html/meta_post_card_mini.twig.html b/res/themes/default/html/meta_post_card_mini.twig.html new file mode 100644 index 0000000..74b8f03 --- /dev/null +++ b/res/themes/default/html/meta_post_card_mini.twig.html @@ -0,0 +1,2 @@ +{{ include('meta_post_card_header.twig.html') }} +{{ include('meta_post_card_mini_body.twig.html') }} diff --git a/res/themes/default/html/meta_post_card_mini_body.twig.html b/res/themes/default/html/meta_post_card_mini_body.twig.html new file mode 100644 index 0000000..1eeee94 --- /dev/null +++ b/res/themes/default/html/meta_post_card_mini_body.twig.html @@ -0,0 +1,2 @@ +

    {{ post[post_id]['desc'] }}

    +
    diff --git a/res/themes/default/html/meta_user_card.twig.html b/res/themes/default/html/meta_user_card.twig.html new file mode 100644 index 0000000..f42d175 --- /dev/null +++ b/res/themes/default/html/meta_user_card.twig.html @@ -0,0 +1,8 @@ +
    +

    + + {{ user[user_id]['full_name'] }} + +

    +

    {{ user[user_id]['bio'] }}

    +
    diff --git a/res/themes/default/html/navbar.twig.html b/res/themes/default/html/navbar.twig.html index 70d2358..03df76e 100644 --- a/res/themes/default/html/navbar.twig.html +++ b/res/themes/default/html/navbar.twig.html @@ -10,8 +10,22 @@ + {% if logged_in %} + + + {% else %} + + {% endif %} diff --git a/res/themes/default/html/p_index.twig.html b/res/themes/default/html/p_index.twig.html index bb83acd..2491be9 100644 --- a/res/themes/default/html/p_index.twig.html +++ b/res/themes/default/html/p_index.twig.html @@ -1,9 +1,23 @@ -

    {{ post_title }}

    -

    By - + diff --git a/res/themes/default/html/p_list_index.twig.html b/res/themes/default/html/p_list_index.twig.html index c4a29d7..4960a88 100644 --- a/res/themes/default/html/p_list_index.twig.html +++ b/res/themes/default/html/p_list_index.twig.html @@ -1,19 +1,9 @@ - - {% for id in posts %} - - - - - - {% endfor %} -
    - - {{ post[id]['title'] }} - - - - {{ user[post[id]['author']]['full_name'] }} - - - {{ post[id]['date'] }} -
    +{% if logged_in == true %} +

    New post

    +{% endif %} + +{% for post_id in posts %} + {% set post_id = post_id %} + {{ include('meta_post_card_mini.twig.html') }} +{% endfor %} + diff --git a/res/themes/default/html/p_new_index.twig.html b/res/themes/default/html/p_new_index.twig.html index c9b7344..11e42d4 100644 --- a/res/themes/default/html/p_new_index.twig.html +++ b/res/themes/default/html/p_new_index.twig.html @@ -1,17 +1,5 @@
    - -
    -

    - -

    -

    - -

    -
    - -
    - -

    +
    + +

    diff --git a/res/themes/default/html/u_edit_index.twig.html b/res/themes/default/html/u_edit_index.twig.html new file mode 100644 index 0000000..74b310e --- /dev/null +++ b/res/themes/default/html/u_edit_index.twig.html @@ -0,0 +1,49 @@ +
    +

    +

    +

    +

    + +

    + +
    + + {% if user[logged_id]['class'] == "archmage" %} +

    + +

    + {% endif %} + + +

    +
    + +{% if user_id == logged_id %} +
    +

    +

    + +
    + +

    +

    + +

    +

    + +
    + +

    +
    +{% endif %} diff --git a/res/themes/default/html/u_index.twig.html b/res/themes/default/html/u_index.twig.html index d0d76a7..2b7b3bb 100644 --- a/res/themes/default/html/u_index.twig.html +++ b/res/themes/default/html/u_index.twig.html @@ -1,11 +1,21 @@ -

    {{ user_full_name }}

    -

    {{ user_website }} <{{ user_email }}>

    -

    ({{ user_name }})

    -

    {{ user_bio }}

    +
    +

    {{ user_full_name }}

    +

    {{ user_website }} <{{ user_email }}>

    +

    ({{ user_name }})

    +
    {{ user_bio }}
    +
    + +

    +{% if (logged_id == user_id) or (user[logged_id]['class'] == "archmage") + or (user[logged_id]['class'] == "wizard") %} +Edit profile +Delete user +{% endif %} +

    {% for post_id in user_posts %} {% set post_id = post_id %} - {{ include ('meta_post_card.twig.html') }} + {{ include ('meta_post_card_mini.twig.html') }} {% endfor %} diff --git a/res/themes/default/html/u_list_index.twig.html b/res/themes/default/html/u_list_index.twig.html index 4e2544e..6945a5d 100644 --- a/res/themes/default/html/u_list_index.twig.html +++ b/res/themes/default/html/u_list_index.twig.html @@ -1,7 +1,3 @@ - +{% for user_id in users %} + {{ include('meta_user_card.twig.html') }} +{% endfor %} diff --git a/res/themes/default/html/u_new_index.twig.html b/res/themes/default/html/u_new_index.twig.html index f5e7143..ec25586 100644 --- a/res/themes/default/html/u_new_index.twig.html +++ b/res/themes/default/html/u_new_index.twig.html @@ -1,15 +1,24 @@
    -

    +

    +

    +


    -

    -

    -

    -

    +

    +

    +

    +

    +

    +

    + +


    -

    +

    diff --git a/u/edit/index.php b/u/edit/index.php new file mode 100644 index 0000000..c79bc46 --- /dev/null +++ b/u/edit/index.php @@ -0,0 +1,45 @@ + $edit_id, + 'user_full_name' => unscrub(user_full_name($edit_id)), + 'user_name' => user_name($edit_id), + 'user_bio' => unscrub(user_biography($edit_id)), + 'user_email' => user_email($edit_id), + 'user_website' => user_website($edit_id)); + + +// -------------------------------------- + +switch (1) { + case (user_logged_in() == false): + general_error("You're not even logged in, fool! >;c"); + break; + case ($cur_id != $edit_id): + auth_enforce($cur_id, array("wizard", "archmage"), "edit other + people's accounts"); + break; +} + +display_page($mark, $depth, $title, $local_exports); + +?> diff --git a/u/edit/private/new_password.php b/u/edit/private/new_password.php new file mode 100644 index 0000000..f9e09e7 --- /dev/null +++ b/u/edit/private/new_password.php @@ -0,0 +1,42 @@ + 11)); + +user_set($id, "hash", $password); + +root_redirect(""); + +?> diff --git a/u/edit/private/user_edit.php b/u/edit/private/user_edit.php new file mode 100644 index 0000000..0f0d033 --- /dev/null +++ b/u/edit/private/user_edit.php @@ -0,0 +1,54 @@ + diff --git a/u/index.php b/u/index.php index 746a6a4..4a34e55 100644 --- a/u/index.php +++ b/u/index.php @@ -47,7 +47,7 @@ array_map($push_post_data, $user_posts); $local_exports = array('user_id' => $id, 'user_full_name' => unscrub(user_full_name($id)), 'user_name' => $name, - 'usr_bio' => unscrub(user_biography($id)), + 'user_bio' => unscrub(user_biography($id)), 'user_email' => user_email($id), 'user_website' => user_website($id), 'user_posts' => $user_posts, diff --git a/u/new/index.php b/u/new/index.php index 0124ee7..d3d5236 100644 --- a/u/new/index.php +++ b/u/new/index.php @@ -15,10 +15,17 @@ include "../../res/lib/load.php"; // -------------------------------------- -if ($GLOBALS['registration'] == true) { - display_page($mark, $depth, $title); -} else { - general_error("Sorry, registration's disabled on this server!"); +switch (1) { + case (user_logged_in() != false): + general_error("You can't make an account… while using another + account. LOL"); + break; + case ($GLOBALS['registration'] == true): + display_page($mark, $depth, $title); + break; + default: + general_error("Sorry, registration's disabled on this server!"); + break; } ?> diff --git a/u/new/private/user_create.php b/u/new/private/user_create.php index 22c0587..84dc2e4 100644 --- a/u/new/private/user_create.php +++ b/u/new/private/user_create.php @@ -20,10 +20,6 @@ $pass = scrub($_POST['password']); // ------------------------------------- -if ($GLOBALS['registration'] != true) { - general_error("Sorry, registration's disabled on this server!"); -} - input_enforce(array($name, $full, $bio, $email, $url, $pass), array("Username", "Full name", "Biography", "E-mail", "URL", "Password"), @@ -32,8 +28,19 @@ input_enforce(array($name, $full, $bio, $email, $url, $pass), // ------------------------------------- -user_create($name, $pass, "contributor", $full, $email, $url, $bio); - -root_redirect("u/index.php?name=" . $name); +switch (1) { + case (user_logged_in() != false): + general_error("You can't make an account… while logged in to + another account. LOL"); + break; + case ($GLOBALS['registration'] != true): + general_error("Sorry, registration's disabled on this server!"); + break; + default: + user_create($name, $pass, "contributor", $full, $email, $url, + $bio); + root_redirect("u/index.php?name=" . $name); + break; +} ?> diff --git a/u/old/index.php b/u/old/index.php index 5c6e46d..dbecc91 100644 --- a/u/old/index.php +++ b/u/old/index.php @@ -15,6 +15,14 @@ include "../../res/lib/load.php"; // -------------------------------------- -display_page($mark, $depth, $title); +switch (1) { + case (user_logged_in() != false): + general_error("You've already done that, you know. Log in, I + mean. You OK there, friend?"); + break; + default: + display_page($mark, $depth, $title); +} + ?> diff --git a/u/old/private/user_login.php b/u/old/private/user_login.php index be44002..a5cd4cf 100644 --- a/u/old/private/user_login.php +++ b/u/old/private/user_login.php @@ -11,21 +11,32 @@ $depth = "../../../"; include "../../../res/lib/load.php"; -$user = scrub($_POST['name']); -$pass = scrub($_POST['password']); +$user = $_POST['name']; +$pass = $_POST['password']; // ------------------------------------- +$user_id = user_name_to_id($user); input_enforce(array($user, $pass), array("Username", "Password"), array("user_name", "string")); // ------------------------------------- -if (user_valid_password(user_name_to_id($user), $pass)) { - user_log_in(user_name_to_id($user)); +switch (1) { + case (user_logged_in() != false): + general_error("You've already done that, you know. Log in, I + mean. You OK there, friend?"); + break; + default: + if (user_valid_password($user_id, $pass)) { + user_log_in($user_id); + root_redirect($GLOBALS['user_prefix_id'] . $user_id); + } else { + general_error("Sorry, it looks like you have the + wrong username or password!"); + } + break; } -root_redirect("u/index.php?name=" . $user); - ?>