A slow-burn existential crisis
This commit is contained in:
parent
7001dee230
commit
1714e5b80d
14
README.txt
14
README.txt
|
@ -21,6 +21,7 @@ PRE-REQUISITES
|
||||||
----------------------------------------
|
----------------------------------------
|
||||||
* PHP 7.0
|
* PHP 7.0
|
||||||
* Webserver with CGI enabled
|
* Webserver with CGI enabled
|
||||||
|
* Composer
|
||||||
* A paper-clip and soldering-iron
|
* A paper-clip and soldering-iron
|
||||||
* Also a lighter
|
* Also a lighter
|
||||||
|
|
||||||
|
@ -30,9 +31,16 @@ PRE-REQUISITES
|
||||||
INSTALLATION
|
INSTALLATION
|
||||||
----------------------------------------
|
----------------------------------------
|
||||||
Drop Blagoblag in any directory on your webserver, then create an SQL
|
Drop Blagoblag in any directory on your webserver, then create an SQL
|
||||||
database for Blagoblag. Make sure to make a "config.ini" file (from
|
database for Blagoblag-- UTF-8 character encoding, preferably.
|
||||||
"config.ini.example")-- at the minimum, you need to configure the SQL
|
|
||||||
connection settings.
|
Then, make a "config.ini" file (from "config.ini.example")-- at the
|
||||||
|
minimum, you need to configure the SQL connection settings.
|
||||||
|
|
||||||
|
After that, just run "composer intall", then you should be running!
|
||||||
|
|
||||||
|
As for setup, you should make your own user-account, then use the "root"
|
||||||
|
account to elevate your account to archmage (highest login class)-- after
|
||||||
|
that, delete the "root" account. :)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
{ "require":
|
{ "require":
|
||||||
{
|
{
|
||||||
"twig/twig": "1.*",
|
"twig/twig": "1.*",
|
||||||
"falseclock/dbd-php": "1.*"
|
"erusev/parsedown": "*.*",
|
||||||
|
"consoletvs/profanity": "*.*"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
<?php
|
<?php
|
||||||
|
// -------------------------------------
|
||||||
|
// REQUIRED
|
||||||
|
|
||||||
|
// -----------------
|
||||||
|
// database stuff
|
||||||
$db_type = "mysql";
|
$db_type = "mysql";
|
||||||
$db_host = "host=localhost;";
|
$db_host = "host=localhost;";
|
||||||
$db_port = "port=3306;";
|
$db_port = "port=3306;";
|
||||||
|
@ -9,6 +14,28 @@ $db_name = "dbname=blagoblag;";
|
||||||
$db_user = "USERNAME";
|
$db_user = "USERNAME";
|
||||||
$db_pass = "PASSWORD";
|
$db_pass = "PASSWORD";
|
||||||
|
|
||||||
|
// -----------------
|
||||||
|
// etc
|
||||||
|
$root = "blagoblag/"; // where blagoblag is, relative to the web-root
|
||||||
|
// AKA, the path you put in URLs
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
// OPTIONAL
|
||||||
|
|
||||||
|
// -----------------
|
||||||
|
// branding
|
||||||
|
$instance_title = "Blagoblag"; // your site's name, for branding <3
|
||||||
|
$theme = "default"; // the theme you wanna use
|
||||||
|
|
||||||
|
// -----------------
|
||||||
|
// the url's relative to blagoblag's root, used to make a bunch of urls
|
||||||
|
// these should change only if you use some URL rewriting in your webserver
|
||||||
|
// (I.E., "/u/USERNAME" --> "/u/?name=USERNAME")
|
||||||
|
|
||||||
|
$user_prefix_name = "u/?name=";
|
||||||
|
$user_prefix_id = "u/?id=";
|
||||||
|
|
||||||
|
$post_prefix_name = "p/?name=";
|
||||||
|
$post_prefix_id = "p/?id=";
|
||||||
|
|
||||||
$theme = "default";
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
Last time on blagoblag!!
|
||||||
|
* USER planted a post and failed to hold central dogma
|
|
@ -0,0 +1,45 @@
|
||||||
|
<?php
|
||||||
|
/* This file is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of version 3 of the GNU Affero General Public
|
||||||
|
License as published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This file is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details. */
|
||||||
|
|
||||||
|
$title = "Control Panel";
|
||||||
|
$depth = "../../";
|
||||||
|
$mark = "u_edit_index";
|
||||||
|
include $depth . "res/lib/load.php";
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
$cur_id = user_logged_in();
|
||||||
|
$edit_id = $_GET['id'] ?? $cur_id;
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
$local_exports = array('user_id' => $edit_id,
|
||||||
|
'user_full_name' => unscrub(user_full_name($edit_id)),
|
||||||
|
'user_name' => user_name($edit_id),
|
||||||
|
'user_bio' => unscrub(user_biography($edit_id)),
|
||||||
|
'user_email' => user_email($edit_id),
|
||||||
|
'user_website' => user_website($edit_id));
|
||||||
|
|
||||||
|
|
||||||
|
// --------------------------------------
|
||||||
|
|
||||||
|
switch (1) {
|
||||||
|
case (user_logged_in() == false):
|
||||||
|
general_error("You're not even logged in, fool! >;c");
|
||||||
|
break;
|
||||||
|
case ($cur_id != $edit_id):
|
||||||
|
auth_enforce($cur_id, array("wizard", "archmage"), "edit other
|
||||||
|
people's accounts");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
display_page($mark, $depth, $title, $local_exports);
|
||||||
|
|
||||||
|
?>
|
|
@ -0,0 +1,54 @@
|
||||||
|
<?php
|
||||||
|
/* This file is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of version 3 of the GNU Affero General Public
|
||||||
|
License as published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This file is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details. */
|
||||||
|
|
||||||
|
$depth = "../../../";
|
||||||
|
include $depth . "res/lib/load.php";
|
||||||
|
|
||||||
|
$cur_id = user_logged_in();
|
||||||
|
$edit_id = $_GET['id'] ?? user_logged_in();
|
||||||
|
|
||||||
|
$full = scrub($_POST['full_name']);
|
||||||
|
$bio = scrub($_POST['bio']);
|
||||||
|
$email = scrub($_POST['email']);
|
||||||
|
$url = scrub($_POST['url']);
|
||||||
|
$class = scrub($_POST['login']) ?? false;
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
input_enforce(array($full, $bio, $email, $url),
|
||||||
|
array("Full name", "Biography", "E-mail", "URL"),
|
||||||
|
array("string", "string", "email", "url"));
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
switch (1) {
|
||||||
|
case (user_logged_in() == false):
|
||||||
|
general_error("Guests can't edit accounts, nerd!");
|
||||||
|
break;
|
||||||
|
case ($cur_id != $edit_id):
|
||||||
|
auth_enforce($cur_id, array("wizard", "archmage"), "edit other
|
||||||
|
people's accounts");
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($class != false) {
|
||||||
|
$auth = auth_enforce($cur_id, array("archmage"),
|
||||||
|
"edit other people's classes");
|
||||||
|
if ($auth != false) {
|
||||||
|
$user_set($edit_id, "class", $class);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
user_set($edit_id, "full_name", $full);
|
||||||
|
user_set($edit_id, "biography", $bio);
|
||||||
|
user_set($edit_id, "email", $email);
|
||||||
|
user_set($edit_id, "website", $url);
|
||||||
|
|
||||||
|
?>
|
33
p/index.php
33
p/index.php
|
@ -8,42 +8,31 @@
|
||||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
GNU Affero General Public License for more details. */
|
GNU Affero General Public License for more details. */
|
||||||
|
|
||||||
|
$title = "Control Panel";
|
||||||
$depth = "../";
|
$depth = "../";
|
||||||
$title = "";
|
|
||||||
$mark = "p_index";
|
$mark = "p_index";
|
||||||
include "../res/lib/load.php";
|
include $depth . "res/lib/load.php";
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
||||||
|
|
||||||
$id = $_GET['id'] ?? post_title_to_id($_GET['name']);
|
$id = $_GET['id'] ?? post_title_to_id($_GET['name']);
|
||||||
$name = post_title($id);
|
$name = post_title($id);
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
||||||
if (empty($_GET['id']) && empty($_GET['name'])) {
|
if (empty($name)) {
|
||||||
root_redirect('p/list/');
|
root_redirect("p/list/");
|
||||||
} else if (!is_post_id($_GET['id']) && !is_post_title($_GET['name'])) {
|
|
||||||
general_error("We can't find that post! :(");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$local_exports = array('post_id' => $id,
|
||||||
|
'post_title' => unscrub($name),
|
||||||
|
'post_author' => post_author($id),
|
||||||
|
'post_date' => post_date($id),
|
||||||
|
'post_text' => markdown(post_text($id)));
|
||||||
|
|
||||||
|
|
||||||
// --------------------------------------
|
// --------------------------------------
|
||||||
|
|
||||||
$post_text = markdown(post_text($id));
|
|
||||||
$post_date = post_date($id);
|
|
||||||
$post_data = post_data($id);
|
|
||||||
|
|
||||||
$user_id = post_author($id);
|
|
||||||
$username = user_name($user_id);
|
|
||||||
$full_name = user_full_name($user_id);
|
|
||||||
|
|
||||||
$local_exports = array('post_id' => $id, 'post_text' => $post_text,
|
|
||||||
'post_author' => $user_id,
|
|
||||||
'post_data' => $post_data, 'post_title' => $name,
|
|
||||||
'post_date' => $date);
|
|
||||||
|
|
||||||
// -------------------------------------
|
|
||||||
|
|
||||||
display_page($mark, $depth, $title, $local_exports);
|
display_page($mark, $depth, $title, $local_exports);
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -15,6 +15,12 @@ include "../../res/lib/load.php";
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
||||||
display_page($mark, $depth, $title);
|
$order = $_GET['order'] ?? "desc";
|
||||||
|
|
||||||
|
$local_exports = array('order' => $order);
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
display_page($mark, $depth, $title, $local_exports);
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -11,17 +11,13 @@
|
||||||
$depth = "../../../";
|
$depth = "../../../";
|
||||||
include "../../../res/lib/load.php";
|
include "../../../res/lib/load.php";
|
||||||
|
|
||||||
$auth_user = scrub($_POST['auth_user']);
|
|
||||||
$auth_pass = scrub($_POST['auth_pass']);
|
|
||||||
$auth_id = user_name_to_id($auth_user);
|
|
||||||
|
|
||||||
$title = scrub($_POST['title']);
|
$title = scrub($_POST['title']);
|
||||||
$desc = scrub($_POST['desc']);
|
$desc = scrub($_POST['desc']);
|
||||||
$text = scrub($_POST['text']);
|
$text = scrub($_POST['text']);
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
||||||
auth_enforce($auth_id, $auth_pass,
|
auth_enforce(user_logged_in(),
|
||||||
array("contributor", "wizard", "archmage"), "make posts");
|
array("contributor", "wizard", "archmage"), "make posts");
|
||||||
|
|
||||||
input_enforce(array($title, $desc, $text),
|
input_enforce(array($title, $desc, $text),
|
||||||
|
@ -30,9 +26,8 @@ input_enforce(array($title, $desc, $text),
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
||||||
echo $auth_user . $auth_user_id;
|
post_create($title, user_logged_in(), $desc, $text);
|
||||||
post_create($title, $auth_id, $desc, $text);
|
|
||||||
|
|
||||||
root_redirect("post.php?name=" . $title);
|
root_redirect($GLOBALS['post_prefix_title'] . $title);
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -7,6 +7,9 @@
|
||||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
GNU Affero General Public License for more details. */
|
GNU Affero General Public License for more details. */
|
||||||
|
|
||||||
|
/* note: should really make variable-naming more SQL-adherent and consistent
|
||||||
|
* also rethink a lot fo these abstractions
|
||||||
|
* also use prepared statements (as in http://bobby-tables.com/php) */
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// connection setup
|
// connection setup
|
||||||
|
@ -115,7 +118,13 @@ function db_get_rows($table, $identifier, $value) {
|
||||||
// Return the value of a specific column in a given row, identified by an
|
// Return the value of a specific column in a given row, identified by an
|
||||||
// 'identifier' column set to the given value
|
// 'identifier' column set to the given value
|
||||||
function db_get_cell($table, $identifier, $value, $cell) {
|
function db_get_cell($table, $identifier, $value, $cell) {
|
||||||
return db_get_rows($table, $identifier, $value)[0][$cell];
|
$results = db_get_rows($table, $identifier, $value);
|
||||||
|
|
||||||
|
if (count($results) > 0) {
|
||||||
|
return $results[0][$cell];
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// !!!
|
// !!!
|
||||||
|
@ -143,7 +152,7 @@ function db_set_cell($table, $identifier, $value, $cell, $new_value) {
|
||||||
|
|
||||||
return db_cmd("update " . $table
|
return db_cmd("update " . $table
|
||||||
. " set " . $cell . " = " . $new_value
|
. " set " . $cell . " = " . $new_value
|
||||||
. " where " . $identifier . " = " . $value) . ";";
|
. " where " . $identifier . " = " . $value . ";");
|
||||||
}
|
}
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
|
|
||||||
// PATH --> PATH
|
// PATH --> PATH
|
||||||
// Take a path from root and turn it into a relative path.
|
// Take a path from root and turn it into a relative path.
|
||||||
|
error_reporting(0);
|
||||||
function root($path) {
|
function root($path) {
|
||||||
return $GLOBALS['depth'] . $path;
|
return $GLOBALS['depth'] . $path;
|
||||||
}
|
}
|
||||||
|
@ -30,12 +31,24 @@ include(root("res/lib/db.php"));
|
||||||
include(root("res/lib/url.php"));
|
include(root("res/lib/url.php"));
|
||||||
include(root("res/lib/post.php"));
|
include(root("res/lib/post.php"));
|
||||||
include(root("res/lib/blagoblag.php"));
|
include(root("res/lib/blagoblag.php"));
|
||||||
|
include(root("res/lib/token.php"));
|
||||||
|
|
||||||
$loader= new Twig_Loader_Filesystem(root("res/themes/default/html"));
|
$loader= new Twig_Loader_Filesystem(root("res/themes/default/html"));
|
||||||
$twig = new Twig_Environment($loader, ['cache' =>
|
$twig = new Twig_Environment($loader, ['cache' =>
|
||||||
root('cache/'), 'autoescape' => false]);
|
root('cache/'), 'autoescape' => false]);
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
// authentication
|
||||||
|
|
||||||
|
global $logged_id;
|
||||||
|
global $logged_in; $logged_in = false;
|
||||||
|
|
||||||
|
$test_id = user_logged_in();
|
||||||
|
|
||||||
|
$logged_id = $test_id ?? 0;
|
||||||
|
if ($logged_id != 0) {
|
||||||
|
$logged_in = true;
|
||||||
|
}
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// global variable declaration
|
// global variable declaration
|
||||||
|
@ -67,6 +80,12 @@ $twig_exports = array('theme' => $GLOBALS['theme'],
|
||||||
'user' => $GLOBALS['user'],
|
'user' => $GLOBALS['user'],
|
||||||
'posts' => $GLOBALS['posts'],
|
'posts' => $GLOBALS['posts'],
|
||||||
'post' => $GLOBALS['post'],
|
'post' => $GLOBALS['post'],
|
||||||
'instance_title' => $GLOBALS['instance_title']);
|
'user_prefix_id' => $GLOBALS['user_prefix_id'],
|
||||||
|
'user_prefix_name' => $GLOBALS['user_prefix_name'],
|
||||||
|
'post_prefix_id' => $GLOBALS['post_prefix_id'],
|
||||||
|
'post_prefix_name' => $GLOBALS['post_prefix_name'],
|
||||||
|
'instance_title' => $GLOBALS['instance_title'],
|
||||||
|
'logged_id' => $GLOBALS['logged_id'],
|
||||||
|
'logged_in' => $GLOBALS['logged_in']);
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -12,9 +12,9 @@
|
||||||
// NUMBER STRING ARRAY [STRING] --> NIL
|
// NUMBER STRING ARRAY [STRING] --> NIL
|
||||||
// Make sure a user is both authenticated *and* permitted to do a given task,
|
// Make sure a user is both authenticated *and* permitted to do a given task,
|
||||||
// aka in the right login-class.
|
// aka in the right login-class.
|
||||||
function auth_enforce($id, $password, $permitted, $message="do that") {
|
function auth_enforce($id, $permitted, $message="do that") {
|
||||||
if (!user_valid_password($id, $password)) {
|
if (!user_logged_in()) {
|
||||||
input_error("Sorry, your user-name or password is wrong.");
|
input_error("Sorry, you're not logged in!");
|
||||||
}
|
}
|
||||||
|
|
||||||
$class = user_class($id);
|
$class = user_class($id);
|
||||||
|
@ -22,6 +22,7 @@ function auth_enforce($id, $password, $permitted, $message="do that") {
|
||||||
perm_error("Mate, only a " . comma_sep($permitted, " or ")
|
perm_error("Mate, only a " . comma_sep($permitted, " or ")
|
||||||
. " can " . $message . "-- you hecking "
|
. " can " . $message . "-- you hecking "
|
||||||
. $class . "!");
|
. $class . "!");
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -25,4 +25,11 @@ function string_wrap($value) {
|
||||||
function strings_wrap($array) {
|
function strings_wrap($array) {
|
||||||
return array_map("string_wrap", $array);
|
return array_map("string_wrap", $array);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// STRING NUMBER --> STRING
|
||||||
|
// Return the nth word of a given string (space-seperated)
|
||||||
|
function word_nth($string, $number) {
|
||||||
|
return explode(" ", $string)[$number];
|
||||||
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -0,0 +1,91 @@
|
||||||
|
<?php
|
||||||
|
/* This file is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of version 3 of the GNU Affero General Public
|
||||||
|
License as published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This file is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details. */
|
||||||
|
|
||||||
|
|
||||||
|
function user_token_generate($id) {
|
||||||
|
return crypt($id . rand(0, 5000000));
|
||||||
|
}
|
||||||
|
|
||||||
|
// NUMBER --> NUMBER
|
||||||
|
// Generate a new login-token and associate it with the user's account.
|
||||||
|
// Returns the token number.
|
||||||
|
function user_token_set($id, $token) {
|
||||||
|
setcookie("token", $token, time() + 60*60*24*30, "/");
|
||||||
|
setcookie("id", $id, time() + 60*60*24*30, "/");
|
||||||
|
echo "token" . $token;
|
||||||
|
db_set_cell("lusers", "id", $id, "token", $token);
|
||||||
|
return $token;
|
||||||
|
}
|
||||||
|
|
||||||
|
// NUMBER NUMBER --> BOOLEAN
|
||||||
|
// Return whether or not a token is valid for a certain user account
|
||||||
|
function user_token_validate($id, $token) {
|
||||||
|
$valid_token = db_get_cell("lusers", "id", $id, "token");
|
||||||
|
|
||||||
|
if (html_entity_decode($token) == $valid_token) {
|
||||||
|
return true;
|
||||||
|
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
// NUMBER --> NIL
|
||||||
|
// Log a user in
|
||||||
|
function user_log_in($id) {
|
||||||
|
$token = user_token_generate($id);
|
||||||
|
user_token_set($id, $token);
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// NUMBER --> NIL
|
||||||
|
// Log out a user, by burning the DB-token, and eating the log-in cookies
|
||||||
|
function user_log_out($id) {
|
||||||
|
user_token_set($id, "escapee");
|
||||||
|
setcookie("token", "escapee", time(), "/");
|
||||||
|
setcookie("id", "death, the destroyer", time(), "/");
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
// NIL --> NUMBER/BOOLEAN
|
||||||
|
// Return whether or not a user is logged in-- if yes, return user ID
|
||||||
|
function user_logged_in() {
|
||||||
|
$id = $_COOKIE['id'] ?? 1;
|
||||||
|
$token = $_COOKIE['token'] ?? 1;
|
||||||
|
|
||||||
|
if (user_token_validate($id, $token)) {
|
||||||
|
return $id;
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
// NUMBER STRING --> BOOLEAN
|
||||||
|
// Return whether or not a given password is valid.
|
||||||
|
function user_valid_password($id, $password) {
|
||||||
|
if (password_verify($password, user_get($id, "hash"))) {
|
||||||
|
return true;
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
?>
|
|
@ -131,64 +131,13 @@ function user_posts($id) {
|
||||||
// Return an array filled with all of a user's relevant data.
|
// Return an array filled with all of a user's relevant data.
|
||||||
function user_data($id) {
|
function user_data($id) {
|
||||||
return array('full_name' => user_full_name($id),
|
return array('full_name' => user_full_name($id),
|
||||||
|
'first_name' => word_nth(user_full_name($id), 0),
|
||||||
'name' => user_name($id),
|
'name' => user_name($id),
|
||||||
'bio' => user_biography($id),
|
'bio' => user_biography($id),
|
||||||
|
'class' => user_class($id),
|
||||||
'email' => user_email($id),
|
'email' => user_email($id),
|
||||||
'website' => user_website($id),
|
'website' => user_website($id),
|
||||||
'posts' => user_posts($id));
|
'posts' => user_posts($id));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// -------------------------------------
|
|
||||||
|
|
||||||
|
|
||||||
// NUMBER --> NUMBER
|
|
||||||
// Generate a new login-token and associate it with the user's account.
|
|
||||||
// Returns the token number.
|
|
||||||
function user_token_create($id) {
|
|
||||||
$token = rand(0, 5000000);
|
|
||||||
db_set_cell("lusers", "id", $id, "token", rand(0, 5000000));
|
|
||||||
return $token;
|
|
||||||
}
|
|
||||||
|
|
||||||
// NUMBER NUMBER --> BOOLEAN
|
|
||||||
// Return whether or not a token is valid for a certain user account
|
|
||||||
function user_token_validate($id, $token) {
|
|
||||||
$valid_token = db_get_cell("lusers", "id", $id, "token");
|
|
||||||
|
|
||||||
if ($token == $valid_token) {
|
|
||||||
return true;
|
|
||||||
|
|
||||||
} else {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
// -------------------------------------
|
|
||||||
|
|
||||||
|
|
||||||
// NUMBER --> NIL
|
|
||||||
// Log a user in-- create a token, then make a cookie with said token.
|
|
||||||
function user_log_in($id) {
|
|
||||||
$token = user_token_create($id);
|
|
||||||
setcookie("token", $token, 2628000);
|
|
||||||
setcookie("id", $id, 2628000);
|
|
||||||
}
|
|
||||||
|
|
||||||
function logged() {
|
|
||||||
if (user_token_validate($id, $_COOKIE['token'])) {
|
|
||||||
return $id;
|
|
||||||
} else {
|
|
||||||
return "no";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// -------------------------------------
|
|
||||||
// NUMBER STRING --> BOOLEAN
|
|
||||||
// Return whether or not a given password is valid.
|
|
||||||
function user_valid_password($id, $password) {
|
|
||||||
return password_verify($password, user_get($id, "hash"));
|
|
||||||
}
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -1,35 +1,91 @@
|
||||||
/* The color-combo we're using:
|
|
||||||
* https://www.colorcombos.com/color-schemes/116/ColorCombo116.html */
|
|
||||||
body {
|
body {
|
||||||
background-color: #CECFCE;
|
background-color: #FFFFFF;
|
||||||
font-family: sans-serif;
|
font-family: sans-serif;
|
||||||
font-size: 17px;
|
font-size: 17px;
|
||||||
color: #073642;
|
color: #073642;
|
||||||
width: 100%;
|
width: 100%;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
p {
|
||||||
|
max-width: 700px;
|
||||||
|
padding-left: 10%;
|
||||||
|
}
|
||||||
|
|
||||||
|
form {
|
||||||
|
background-color: #EFEFEF;
|
||||||
|
margin: 10px;
|
||||||
|
border-radius: 5px;
|
||||||
|
max-width: 900px;
|
||||||
|
padding: 10px;
|
||||||
|
}
|
||||||
|
|
||||||
|
form label {
|
||||||
|
width: 100px;
|
||||||
|
display: inline-block;
|
||||||
|
font-weight: bold;
|
||||||
|
align: left;
|
||||||
|
}
|
||||||
|
|
||||||
|
.button {
|
||||||
|
background-color: #993232;
|
||||||
|
color: #FFFFFF;
|
||||||
|
padding: 10px;
|
||||||
|
border-radius: 5px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.button a {
|
||||||
|
color: inherit;
|
||||||
|
text-decoration: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
.button:hover {
|
||||||
|
background-color: #AFB170;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/* -------------------------------------
|
||||||
|
* navbar
|
||||||
|
* -----------------------------------*/
|
||||||
nav {
|
nav {
|
||||||
background-color: #84596B;
|
background-color: #993232;
|
||||||
|
color: #FFFFFF;
|
||||||
width: 100%;
|
width: 100%;
|
||||||
margin: 0;
|
margin: 0;
|
||||||
padding: 0;
|
padding: 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
nav ul {
|
nav ul {
|
||||||
background-color: #84596B;
|
background-color: inherit;
|
||||||
|
color: inherit;
|
||||||
overflow: hidden;
|
overflow: hidden;
|
||||||
color: #FFFFFF;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
nav li {
|
nav li {
|
||||||
|
background-color: inherit;
|
||||||
|
color: inherit;
|
||||||
display: block;
|
display: block;
|
||||||
margin-left: 20px;
|
margin-left: 20px;
|
||||||
margin-right: 20px;
|
margin-right: 20px;
|
||||||
background-color: #84596B;
|
|
||||||
float: left;
|
float: left;
|
||||||
padding: 10px;
|
padding: 10px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
nav li a {
|
||||||
|
background-color: inherit;
|
||||||
|
color: inherit;
|
||||||
|
text-decoration: none;
|
||||||
|
color: #FFFFFF;
|
||||||
|
}
|
||||||
|
|
||||||
|
nav li:hover {
|
||||||
|
background-color: #AFB170;
|
||||||
|
}
|
||||||
|
|
||||||
|
.right {
|
||||||
|
float: right;
|
||||||
|
}
|
||||||
|
|
||||||
#star {
|
#star {
|
||||||
margin-left: 1px;
|
margin-left: 1px;
|
||||||
margin-right: 1px;
|
margin-right: 1px;
|
||||||
|
@ -43,32 +99,38 @@ nav li {
|
||||||
background-color: inherit;
|
background-color: inherit;
|
||||||
}
|
}
|
||||||
|
|
||||||
nav li:hover {
|
|
||||||
background-color: #AFB170;
|
|
||||||
}
|
|
||||||
|
|
||||||
nav li a {
|
|
||||||
text-decoration: none;
|
|
||||||
color: #FFFFFF;
|
|
||||||
}
|
|
||||||
|
|
||||||
.right {
|
|
||||||
float: right;
|
|
||||||
}
|
|
||||||
|
|
||||||
p {
|
|
||||||
max-width: 700px;
|
|
||||||
padding-left: 10%;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
.post_card {
|
/* -------------------------------------
|
||||||
height: 200px;
|
* meta_post_card_*
|
||||||
display: inline-block;
|
* -----------------------------------*/
|
||||||
overflow: hidden;
|
|
||||||
max-width: 200px;
|
.card {
|
||||||
border-style: solid;
|
float: left;
|
||||||
|
max-width: 370px;
|
||||||
|
border-style: dotted;
|
||||||
border-width: 2px;
|
border-width: 2px;
|
||||||
border-color: #B58AA5;
|
border-color: #B58AA5;
|
||||||
border-radius: 5px;
|
border-radius: 5px;
|
||||||
|
margin: 10px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.card p {
|
||||||
|
padding-right: 30px;
|
||||||
|
padding-left: 30px;
|
||||||
|
padding-bottom: 30px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.title {
|
||||||
|
text-align: center;
|
||||||
|
}
|
||||||
|
|
||||||
|
.date {
|
||||||
|
font-size: 17px;
|
||||||
|
text-align: center;
|
||||||
|
}
|
||||||
|
|
||||||
|
.author {
|
||||||
|
font-size: 15px;
|
||||||
|
text-align: center;
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,11 @@
|
||||||
|
article {
|
||||||
|
max-width: 900px;
|
||||||
|
border-width: 2px;
|
||||||
|
border-style: dotted;
|
||||||
|
border-color: #B58AA5;
|
||||||
|
border-radius: 5px;
|
||||||
|
|
||||||
|
}
|
||||||
|
.title .author .date {
|
||||||
|
text-align: center;
|
||||||
|
}
|
|
@ -1 +0,0 @@
|
||||||
/* This is the CSS file for the post page *only* */
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
.user_info {
|
||||||
|
max-width: 900px;
|
||||||
|
border-width: 2px;
|
||||||
|
border-style: dotted;
|
||||||
|
border-color: #B58AA5;
|
||||||
|
border-radius: 5px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.text {
|
||||||
|
margin: 20px;
|
||||||
|
}
|
||||||
|
|
||||||
|
.title .author .date {
|
||||||
|
text-align: center;
|
||||||
|
}
|
|
@ -28,7 +28,6 @@
|
||||||
|
|
||||||
<hr />
|
<hr />
|
||||||
|
|
||||||
|
|
||||||
<p><label>Login Group</label>
|
<p><label>Login Group</label>
|
||||||
<select name="login">
|
<select name="login">
|
||||||
<option value="contributor">Contributor</option>
|
<option value="contributor">Contributor</option>
|
||||||
|
@ -71,3 +70,11 @@
|
||||||
<p><input type="submit" /></p>
|
<p><input type="submit" /></p>
|
||||||
</form>
|
</form>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
<section>
|
||||||
|
<form action="private/post_delete.php" method="post">
|
||||||
|
<label>Post ID</label> <input type="number" name="id" />
|
||||||
|
<input type="submit" />
|
||||||
|
</form>
|
||||||
|
</section>
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,8 @@
|
||||||
<html lang="en">
|
<html lang="en">
|
||||||
<head>
|
<head>
|
||||||
<meta charset="UTF-8" />
|
<meta charset="UTF-8" />
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
|
|
||||||
<link rel="stylesheet" type="text/css"
|
<link rel="stylesheet" type="text/css"
|
||||||
href="{{ depth }}res/themes/{{ theme }}/css/global.css">
|
href="{{ depth }}res/themes/{{ theme }}/css/global.css">
|
||||||
<link rel="stylesheet" type="text/css"
|
<link rel="stylesheet" type="text/css"
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{% for post_id in posts %}
|
{% for post_id in posts %}
|
||||||
{% set post_id = post_id %}
|
{% set post_id = post_id %}
|
||||||
{{ include('meta_post_card.twig.html') }}
|
{{ include('meta_post_card_big.twig.html') }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
|
|
|
@ -1,15 +1,15 @@
|
||||||
<ul class="post_card">
|
<article class="card">
|
||||||
<li>
|
<h2 class="title">
|
||||||
<a href="{{ depth }}p/index.php?id={{ post_id }}">
|
<a href="{{ depth }}p/index.php?id={{ post_id }}">
|
||||||
{{ post[post_id]['title'] }}
|
{{ post[post_id]['title'] }}
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</h2>
|
||||||
{% set author = post[post_id]['author'] %}
|
{% set author = post[post_id]['author'] %}
|
||||||
<li>
|
<h3 class="date">{{ post[post_id]['date'] }}</h3>
|
||||||
|
<h4 class="author">
|
||||||
<a href="{{ depth }}u/index.php?id={{ author }}">
|
<a href="{{ depth }}u/index.php?id={{ author }}">
|
||||||
{{ user[author]['full_name'] }}
|
{{ user[author]['full_name'] }}
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</h4>
|
||||||
<li>{{ post[post_id]['date'] }}</li>
|
<p>{{ post[post_id]['text'] }}</p>
|
||||||
<li><p>{{ post[post_id]['desc'] }}</p></li>
|
</article>
|
||||||
</ul>
|
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
{{ include('meta_post_card_header.twig.html') }}
|
||||||
|
{{ include('meta_post_card_big_body.twig.html') }}
|
|
@ -0,0 +1,2 @@
|
||||||
|
<p>{{ post[post_id]['text'] }}</p>
|
||||||
|
</article>
|
|
@ -0,0 +1,13 @@
|
||||||
|
<article class="card">
|
||||||
|
<h2 class="title">
|
||||||
|
<a href="{{ depth }}p/index.php?id={{ post_id }}">
|
||||||
|
{{ post[post_id]['title'] }}
|
||||||
|
</a>
|
||||||
|
</h2>
|
||||||
|
{% set author = post[post_id]['author'] %}
|
||||||
|
<h3 class="date">{{ post[post_id]['date'] }}</h3>
|
||||||
|
<h4 class="author">
|
||||||
|
<a href="{{ depth }}u/index.php?id={{ author }}">
|
||||||
|
{{ user[author]['full_name'] }}
|
||||||
|
</a>
|
||||||
|
</h4>
|
|
@ -0,0 +1,2 @@
|
||||||
|
{{ include('meta_post_card_header.twig.html') }}
|
||||||
|
{{ include('meta_post_card_mini_body.twig.html') }}
|
|
@ -0,0 +1,2 @@
|
||||||
|
<p>{{ post[post_id]['desc'] }}</p>
|
||||||
|
</article>
|
|
@ -0,0 +1,8 @@
|
||||||
|
<article class="card">
|
||||||
|
<h2 class="title">
|
||||||
|
<a href="{{ depth }}u/?id={{ user_id }}">
|
||||||
|
{{ user[user_id]['full_name'] }}
|
||||||
|
</a>
|
||||||
|
</h2>
|
||||||
|
<p>{{ user[user_id]['bio'] }}</p>
|
||||||
|
</article>
|
|
@ -10,8 +10,22 @@
|
||||||
<li id="nav_users">
|
<li id="nav_users">
|
||||||
<a href="{{ depth }}u/list/">Users</a>
|
<a href="{{ depth }}u/list/">Users</a>
|
||||||
</li>
|
</li>
|
||||||
|
{% if logged_in %}
|
||||||
|
<li class="right" id="nav_logout">
|
||||||
|
<a href="{{ depth }}u/out/">Logout</a>
|
||||||
|
</li>
|
||||||
|
<li class="right" id="nav_user">
|
||||||
|
<a href="{{ depth }}{{ user_prefix_id}}{{ logged_id }}">
|
||||||
|
{{ user[logged_id]['first_name'] }}
|
||||||
|
</a>
|
||||||
|
</li>
|
||||||
|
{% else %}
|
||||||
|
<li class="right" id="nav_login">
|
||||||
|
<a href="{{ depth }}u/old/">Login</a>
|
||||||
|
</li>
|
||||||
<li class="right" id="nav_register">
|
<li class="right" id="nav_register">
|
||||||
<a href="{{ depth }}u/new/">Register</a>
|
<a href="{{ depth }}u/new/">Register</a>
|
||||||
</li>
|
</li>
|
||||||
|
{% endif %}
|
||||||
</ul>
|
</ul>
|
||||||
</nav>
|
</nav>
|
||||||
|
|
|
@ -1,9 +1,23 @@
|
||||||
<h1>{{ post_title }}</h1>
|
<article>
|
||||||
<h2>By
|
<h1 class="title">{{ post_title }}</h1>
|
||||||
<a href="{{ depth }}u/index.php?name={{ user[post_author]['name'] }}">
|
<h2 class="author">By
|
||||||
|
<a href="{{ depth }}{{ user_prefix_name}}{{ user[post_author]['name'] }}">
|
||||||
{{ user[post_author]['full_name'] }}
|
{{ user[post_author]['full_name'] }}
|
||||||
</a>
|
</a>
|
||||||
</h2>
|
</h2>
|
||||||
|
|
||||||
<h3>{{ post_date }}</h3>
|
<h3 class="date">{{ post_date }} - {{ post_id }}</h3>
|
||||||
<p>{{ post_text }}</p>
|
|
||||||
|
{% set logged_class = user[logged_id]['class'] %}
|
||||||
|
{% if (post_author == logged_id) or (logged_class == "archmage")
|
||||||
|
or (logged_class == "wizard") %}
|
||||||
|
<p>
|
||||||
|
<a class="button" href="edit/?id={{ post_id }}">Edit post</a>
|
||||||
|
<a class="button" href="oust/?id={{ post_id }}">Delete post</a>
|
||||||
|
</p>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
<!-- ====================================================================== -->
|
||||||
|
|
||||||
|
<div class="text">{{ post_text }}</div>
|
||||||
|
</article>
|
||||||
|
|
|
@ -1,19 +1,9 @@
|
||||||
<table>
|
{% if logged_in == true %}
|
||||||
{% for id in posts %}
|
<p><a class="button" href="new">New post</a></p>
|
||||||
<tr>
|
{% endif %}
|
||||||
<td>
|
|
||||||
<a href="{{ depth }}p/index.php?id={{ id }}">
|
{% for post_id in posts %}
|
||||||
{{ post[id]['title'] }}
|
{% set post_id = post_id %}
|
||||||
</a>
|
{{ include('meta_post_card_mini.twig.html') }}
|
||||||
</td>
|
{% endfor %}
|
||||||
<td>
|
|
||||||
<a href="{{ depth }}u/?id={{ post[id]['author'] }}">
|
|
||||||
{{ user[post[id]['author']]['full_name'] }}
|
|
||||||
</a>
|
|
||||||
</td>
|
|
||||||
<td>
|
|
||||||
{{ post[id]['date'] }}
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
{% endfor %}
|
|
||||||
</table>
|
|
||||||
|
|
|
@ -1,17 +1,5 @@
|
||||||
<section id="creation">
|
<section id="creation">
|
||||||
<form id="post_creation" action="private/post_create.php" method="post">
|
<form id="post_creation" action="private/post_create.php" method="post">
|
||||||
|
|
||||||
<section class="authentication">
|
|
||||||
<p><label>Username</label>
|
|
||||||
<input name="auth_user" type="text" />
|
|
||||||
</p>
|
|
||||||
<p><label>Password</label>
|
|
||||||
<input name="auth_pass" type="password">
|
|
||||||
</p>
|
|
||||||
</section>
|
|
||||||
|
|
||||||
<hr />
|
|
||||||
|
|
||||||
<section class="post_metadata">
|
<section class="post_metadata">
|
||||||
<p><label>Title</label><input name="title" type="text" /></p>
|
<p><label>Title</label><input name="title" type="text" /></p>
|
||||||
<p><label>Desc</label><input name="desc" type="text" /></p>
|
<p><label>Desc</label><input name="desc" type="text" /></p>
|
||||||
|
@ -23,6 +11,8 @@
|
||||||
<textarea name="text" rows="20" cols="80"></textarea>
|
<textarea name="text" rows="20" cols="80"></textarea>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
<p><input type="submit" /></p>
|
<hr />
|
||||||
|
|
||||||
|
<p><input class="button" type="submit" /></p>
|
||||||
</form>
|
</form>
|
||||||
</section>
|
</section>
|
||||||
|
|
|
@ -0,0 +1,49 @@
|
||||||
|
<form id="user_redaction" action="private/user_edit.php?id={{ user_id }}"
|
||||||
|
method="post">
|
||||||
|
<p><label>Full Name</label><input name="full_name" type="text"
|
||||||
|
value="{{ user_full_name }}" /> </p>
|
||||||
|
<p><label>E-mail</label><input name="email" type="email"
|
||||||
|
value="{{ user_email }}" /></p>
|
||||||
|
<p><label>Website</label><input name="url" type="url"
|
||||||
|
value="{{ user_website }}" /></p>
|
||||||
|
<p><label>Biography</label>
|
||||||
|
<textarea cols=80 rows=5 name="bio">{{ user_bio }}</textarea>
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<hr />
|
||||||
|
|
||||||
|
{% if user[logged_id]['class'] == "archmage" %}
|
||||||
|
<p><label>Login Group</label>
|
||||||
|
<select name="login">
|
||||||
|
<option value="{{ user[user_id]['class'] }}">
|
||||||
|
Current</option>
|
||||||
|
<option value="contributor">Contributor</option>
|
||||||
|
<option value="spectator">Spectator</option>
|
||||||
|
<option value="wizard">Wizard</option>
|
||||||
|
<option value="archmage">Archmage</option>
|
||||||
|
</select>
|
||||||
|
</p>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
<p><input class="button" type="submit" /></p>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
{% if user_id == logged_id %}
|
||||||
|
<form id="user_new_password" action="private/new_password.php" method="post">
|
||||||
|
<p><label>Old Password</label>
|
||||||
|
<input name="password" type="password" /></p>
|
||||||
|
|
||||||
|
<hr />
|
||||||
|
|
||||||
|
<p><label>New Password</label>
|
||||||
|
<input name="new_password" type="password" /></p>
|
||||||
|
|
||||||
|
<p><label>Repeat Password</label>
|
||||||
|
<input name="new_password_repeat" type="password" /></p>
|
||||||
|
|
||||||
|
<hr />
|
||||||
|
|
||||||
|
<p><input class="button" type="submit" /></p>
|
||||||
|
</form>
|
||||||
|
{% endif %}
|
|
@ -1,11 +1,21 @@
|
||||||
<h1>{{ user_full_name }}</h1>
|
<article class="user_info">
|
||||||
<h3>{{ user_website }} <{{ user_email }}></h3>
|
<h1 class="title">{{ user_full_name }}</h1>
|
||||||
<h3>({{ user_name }})</h3>
|
<h3 class="author">{{ user_website }} <{{ user_email }}></h3>
|
||||||
<p>{{ user_bio }}</p>
|
<h3 class="date">({{ user_name }})</h3>
|
||||||
|
<div class="text">{{ user_bio }}</div>
|
||||||
|
</article>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
{% if (logged_id == user_id) or (user[logged_id]['class'] == "archmage")
|
||||||
|
or (user[logged_id]['class'] == "wizard") %}
|
||||||
|
<a class="button" href="edit/?id={{ user_id }}">Edit profile</a>
|
||||||
|
<a class="button" href="delete">Delete user</a>
|
||||||
|
{% endif %}
|
||||||
|
</p>
|
||||||
|
|
||||||
{% for post_id in user_posts %}
|
{% for post_id in user_posts %}
|
||||||
{% set post_id = post_id %}
|
{% set post_id = post_id %}
|
||||||
|
|
||||||
{{ include ('meta_post_card.twig.html') }}
|
{{ include ('meta_post_card_mini.twig.html') }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
</ul>
|
</ul>
|
||||||
|
|
|
@ -1,7 +1,3 @@
|
||||||
<ul id="user_list">
|
{% for user_id in users %}
|
||||||
{% for user_id in users %}
|
{{ include('meta_user_card.twig.html') }}
|
||||||
<a href="{{ depth }}u/index.php?id={{ user_id }}">
|
{% endfor %}
|
||||||
<li class="user_name">{{ user[user_id]['full_name'] }}</li>
|
|
||||||
</a>
|
|
||||||
{% endfor %}
|
|
||||||
</ul>
|
|
||||||
|
|
|
@ -1,15 +1,24 @@
|
||||||
<form id="user_creation" action="private/user_create.php" method="post">
|
<form id="user_creation" action="private/user_create.php" method="post">
|
||||||
<p><label>Username</label><input name="name" type="text" /></p>
|
<p><label>Username</label> <input name="username" type="text" /></p>
|
||||||
<p><label>Password</label> <input name="password" type="password" /></p>
|
<p><label>Password</label> <input name="password" type="password" /></p>
|
||||||
|
<p><label>Repeat Password</label>
|
||||||
|
<input name="password_repeat" type="password" /></p>
|
||||||
|
|
||||||
<hr />
|
<hr />
|
||||||
|
|
||||||
<p><label>Full Name</label><input name="full_name" type="text"/> </p>
|
<p><label>Full Name</label><input name="full_name" type="text" /></p>
|
||||||
<p><label>Biography</label><input name="bio" type="text" /> </p>
|
<p><label>E-mail</label>
|
||||||
<p><label>E-mail</label><input name="email" type="email" /></p>
|
<input name="email" type="email"
|
||||||
<p><label>Website</label><input name="url" type="url" /></p>
|
placeholder="user@domain.tld" /></p>
|
||||||
|
<p><label>Website</label>
|
||||||
|
<input name="url" type="url"
|
||||||
|
placeholder="https://domain.tld" /></p>
|
||||||
|
<p><label>Biography</label>
|
||||||
|
<textarea cols=80 rows=5 name="bio"
|
||||||
|
placeholder="Say something about yourself!"></textarea>
|
||||||
|
</p>
|
||||||
|
|
||||||
<hr />
|
<hr />
|
||||||
|
|
||||||
<p><input type="submit" /></p>
|
<p><input class="button" type="submit" /></p>
|
||||||
</form>
|
</form>
|
||||||
|
|
|
@ -0,0 +1,45 @@
|
||||||
|
<?php
|
||||||
|
/* This file is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of version 3 of the GNU Affero General Public
|
||||||
|
License as published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This file is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details. */
|
||||||
|
|
||||||
|
$title = "Control Panel";
|
||||||
|
$depth = "../../";
|
||||||
|
$mark = "u_edit_index";
|
||||||
|
include $depth . "res/lib/load.php";
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
$cur_id = user_logged_in();
|
||||||
|
$edit_id = $_GET['id'] ?? $cur_id;
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
$local_exports = array('user_id' => $edit_id,
|
||||||
|
'user_full_name' => unscrub(user_full_name($edit_id)),
|
||||||
|
'user_name' => user_name($edit_id),
|
||||||
|
'user_bio' => unscrub(user_biography($edit_id)),
|
||||||
|
'user_email' => user_email($edit_id),
|
||||||
|
'user_website' => user_website($edit_id));
|
||||||
|
|
||||||
|
|
||||||
|
// --------------------------------------
|
||||||
|
|
||||||
|
switch (1) {
|
||||||
|
case (user_logged_in() == false):
|
||||||
|
general_error("You're not even logged in, fool! >;c");
|
||||||
|
break;
|
||||||
|
case ($cur_id != $edit_id):
|
||||||
|
auth_enforce($cur_id, array("wizard", "archmage"), "edit other
|
||||||
|
people's accounts");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
display_page($mark, $depth, $title, $local_exports);
|
||||||
|
|
||||||
|
?>
|
|
@ -0,0 +1,42 @@
|
||||||
|
<?php
|
||||||
|
/* This file is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of version 3 of the GNU Affero General Public
|
||||||
|
License as published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This file is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details. */
|
||||||
|
|
||||||
|
$depth = "../../../";
|
||||||
|
include $depth . "res/lib/load.php";
|
||||||
|
|
||||||
|
$id = user_logged_in();
|
||||||
|
|
||||||
|
$old_password = $_POST['password'];
|
||||||
|
$password = $_POST['new_password'];
|
||||||
|
$password_repeat = $_POST['new_password_repeat'];
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
input_enforce(array($password),
|
||||||
|
array("Password"),
|
||||||
|
array("string"));
|
||||||
|
|
||||||
|
if ($password != $password_repeat) {
|
||||||
|
general_error("Your passwords don't match.");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!user_valid_password($id, $old_password)) {
|
||||||
|
general_error("Your old password was wrong.");
|
||||||
|
}
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
$password = password_hash($password, PASSWORD_BCRYPT, array('cost' => 11));
|
||||||
|
|
||||||
|
user_set($id, "hash", $password);
|
||||||
|
|
||||||
|
root_redirect("");
|
||||||
|
|
||||||
|
?>
|
|
@ -0,0 +1,54 @@
|
||||||
|
<?php
|
||||||
|
/* This file is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of version 3 of the GNU Affero General Public
|
||||||
|
License as published by the Free Software Foundation.
|
||||||
|
|
||||||
|
This file is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details. */
|
||||||
|
|
||||||
|
$depth = "../../../";
|
||||||
|
include $depth . "res/lib/load.php";
|
||||||
|
|
||||||
|
$cur_id = user_logged_in();
|
||||||
|
$edit_id = $_GET['id'] ?? user_logged_in();
|
||||||
|
|
||||||
|
$full = scrub($_POST['full_name']);
|
||||||
|
$bio = scrub($_POST['bio']);
|
||||||
|
$email = scrub($_POST['email']);
|
||||||
|
$url = scrub($_POST['url']);
|
||||||
|
$class = scrub($_POST['login']) ?? false;
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
input_enforce(array($full, $bio, $email, $url),
|
||||||
|
array("Full name", "Biography", "E-mail", "URL"),
|
||||||
|
array("string", "string", "email", "url"));
|
||||||
|
|
||||||
|
// -------------------------------------
|
||||||
|
|
||||||
|
switch (1) {
|
||||||
|
case (user_logged_in() == false):
|
||||||
|
general_error("Guests can't edit accounts, nerd!");
|
||||||
|
break;
|
||||||
|
case ($cur_id != $edit_id):
|
||||||
|
auth_enforce($cur_id, array("wizard", "archmage"), "edit other
|
||||||
|
people's accounts");
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($class != false) {
|
||||||
|
$auth = auth_enforce($cur_id, array("archmage"),
|
||||||
|
"edit other people's classes");
|
||||||
|
if ($auth != false) {
|
||||||
|
$user_set($edit_id, "class", $class);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
user_set($edit_id, "full_name", $full);
|
||||||
|
user_set($edit_id, "biography", $bio);
|
||||||
|
user_set($edit_id, "email", $email);
|
||||||
|
user_set($edit_id, "website", $url);
|
||||||
|
|
||||||
|
?>
|
|
@ -47,7 +47,7 @@ array_map($push_post_data, $user_posts);
|
||||||
$local_exports = array('user_id' => $id,
|
$local_exports = array('user_id' => $id,
|
||||||
'user_full_name' => unscrub(user_full_name($id)),
|
'user_full_name' => unscrub(user_full_name($id)),
|
||||||
'user_name' => $name,
|
'user_name' => $name,
|
||||||
'usr_bio' => unscrub(user_biography($id)),
|
'user_bio' => unscrub(user_biography($id)),
|
||||||
'user_email' => user_email($id),
|
'user_email' => user_email($id),
|
||||||
'user_website' => user_website($id),
|
'user_website' => user_website($id),
|
||||||
'user_posts' => $user_posts,
|
'user_posts' => $user_posts,
|
||||||
|
|
|
@ -15,10 +15,17 @@ include "../../res/lib/load.php";
|
||||||
|
|
||||||
// --------------------------------------
|
// --------------------------------------
|
||||||
|
|
||||||
if ($GLOBALS['registration'] == true) {
|
switch (1) {
|
||||||
|
case (user_logged_in() != false):
|
||||||
|
general_error("You can't make an account… while using another
|
||||||
|
account. LOL");
|
||||||
|
break;
|
||||||
|
case ($GLOBALS['registration'] == true):
|
||||||
display_page($mark, $depth, $title);
|
display_page($mark, $depth, $title);
|
||||||
} else {
|
break;
|
||||||
|
default:
|
||||||
general_error("Sorry, registration's disabled on this server!");
|
general_error("Sorry, registration's disabled on this server!");
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -20,10 +20,6 @@ $pass = scrub($_POST['password']);
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
||||||
if ($GLOBALS['registration'] != true) {
|
|
||||||
general_error("Sorry, registration's disabled on this server!");
|
|
||||||
}
|
|
||||||
|
|
||||||
input_enforce(array($name, $full, $bio, $email, $url, $pass),
|
input_enforce(array($name, $full, $bio, $email, $url, $pass),
|
||||||
array("Username", "Full name", "Biography", "E-mail",
|
array("Username", "Full name", "Biography", "E-mail",
|
||||||
"URL", "Password"),
|
"URL", "Password"),
|
||||||
|
@ -32,8 +28,19 @@ input_enforce(array($name, $full, $bio, $email, $url, $pass),
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
||||||
user_create($name, $pass, "contributor", $full, $email, $url, $bio);
|
switch (1) {
|
||||||
|
case (user_logged_in() != false):
|
||||||
root_redirect("u/index.php?name=" . $name);
|
general_error("You can't make an account… while logged in to
|
||||||
|
another account. LOL");
|
||||||
|
break;
|
||||||
|
case ($GLOBALS['registration'] != true):
|
||||||
|
general_error("Sorry, registration's disabled on this server!");
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
user_create($name, $pass, "contributor", $full, $email, $url,
|
||||||
|
$bio);
|
||||||
|
root_redirect("u/index.php?name=" . $name);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -15,6 +15,14 @@ include "../../res/lib/load.php";
|
||||||
|
|
||||||
// --------------------------------------
|
// --------------------------------------
|
||||||
|
|
||||||
display_page($mark, $depth, $title);
|
switch (1) {
|
||||||
|
case (user_logged_in() != false):
|
||||||
|
general_error("You've already done that, you know. Log in, I
|
||||||
|
mean. You OK there, friend?");
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
display_page($mark, $depth, $title);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -11,21 +11,32 @@
|
||||||
$depth = "../../../";
|
$depth = "../../../";
|
||||||
include "../../../res/lib/load.php";
|
include "../../../res/lib/load.php";
|
||||||
|
|
||||||
$user = scrub($_POST['name']);
|
$user = $_POST['name'];
|
||||||
$pass = scrub($_POST['password']);
|
$pass = $_POST['password'];
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
||||||
|
$user_id = user_name_to_id($user);
|
||||||
input_enforce(array($user, $pass),
|
input_enforce(array($user, $pass),
|
||||||
array("Username", "Password"),
|
array("Username", "Password"),
|
||||||
array("user_name", "string"));
|
array("user_name", "string"));
|
||||||
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
|
||||||
if (user_valid_password(user_name_to_id($user), $pass)) {
|
switch (1) {
|
||||||
user_log_in(user_name_to_id($user));
|
case (user_logged_in() != false):
|
||||||
|
general_error("You've already done that, you know. Log in, I
|
||||||
|
mean. You OK there, friend?");
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
if (user_valid_password($user_id, $pass)) {
|
||||||
|
user_log_in($user_id);
|
||||||
|
root_redirect($GLOBALS['user_prefix_id'] . $user_id);
|
||||||
|
} else {
|
||||||
|
general_error("Sorry, it looks like you have the
|
||||||
|
wrong username or password!");
|
||||||
|
}
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
root_redirect("u/index.php?name=" . $user);
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
Reference in New Issue