Only god knows what I've done.
This commit is contained in:
parent
d230e857f4
commit
4060b1c913
13
about.php
13
about.php
|
@ -12,17 +12,8 @@ $depth = "";
|
|||
$title = "About";
|
||||
include "res/lib/load.php";
|
||||
|
||||
// ------------------------------------
|
||||
|
||||
echo $GLOBALS['twig']->render('head.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth,
|
||||
'title' =>$title]);
|
||||
|
||||
echo $GLOBALS['twig']->render('index.twig.html',
|
||||
['animal'=> "cat"]);
|
||||
|
||||
echo $GLOBALS['twig']->render('foot.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth]);
|
||||
display_page("about.twig.html", $depth, $title);
|
||||
|
||||
?>
|
||||
|
|
|
@ -12,18 +12,8 @@ $title = "Control Panel";
|
|||
$depth = "../";
|
||||
include "../res/lib/load.php";
|
||||
|
||||
echo $GLOBALS['twig']->render('head.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth,
|
||||
'title' =>$title]);
|
||||
|
||||
|
||||
echo $GLOBALS['twig']->render('admin_index.twig.html', []);
|
||||
|
||||
echo $GLOBALS['twig']->render('foot.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth]);
|
||||
|
||||
// --------------------------------------
|
||||
|
||||
display_page("admin_index.twig.html", $depth, $title);
|
||||
|
||||
?>
|
||||
|
|
|
@ -11,7 +11,11 @@
|
|||
$depth = "../../";
|
||||
include "../../res/lib/load.php";
|
||||
|
||||
$id = $_POST['id'];
|
||||
$auth_user = $_POST['auth_user'];
|
||||
$auth_pass = $_POST['auth_pass'];
|
||||
$auth_user_id = user_name_to_id($auth_user);
|
||||
|
||||
$id = intval($_POST['id']);
|
||||
$name = $_POST['name'];
|
||||
$full_name = $_POST['full_name'];
|
||||
$bio = $_POST['bio'];
|
||||
|
@ -19,26 +23,31 @@ $email = $_POST['email'];
|
|||
$url = $_POST['url'];
|
||||
$password = $_POST['password'];
|
||||
$login = $_POST['login'];
|
||||
$password = password_hash($password, PASSWORD_BCRYPT, array('cost' => 11));
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
auth_enforce($auth_user_id, $auth_pass,
|
||||
array("wizard", "archmage"), "make accounts");
|
||||
|
||||
$invalid = input_enforce(array($id, $name, $full_name, $bio, $email, $url,
|
||||
$password, $login),
|
||||
array("ID", "username", "full name", "biography", "email",
|
||||
"url", "password", "login"),
|
||||
array("int", "string", "string", "string", "email",
|
||||
"url", "password",
|
||||
array("contributor", "spectator", "wizard",
|
||||
"admin")));
|
||||
array("ID", "Username", "Full name", "Biography", "E-mail",
|
||||
"URL", "Password", "Login class"),
|
||||
array("free_user_id", "free_user_name", "string", "string",
|
||||
"email", "url", "ne_string",
|
||||
array("spectator", "wizard", "archmage",
|
||||
"contributor")));
|
||||
|
||||
if (!is_bool($invalid)) {
|
||||
input_error("Some input is invalid: " . $invalid);
|
||||
if (!empty($invalid)) {
|
||||
input_error("Some input is invalid: " . comma_sep($invalid));
|
||||
}
|
||||
|
||||
$result = user_create($id, $name, $password, $login,
|
||||
// -------------------------------------
|
||||
|
||||
user_create($id, $name, $password, $login,
|
||||
$full_name, $email, $url, $bio);
|
||||
if ($result) {
|
||||
header('Location: http://localhost/blagoblag/user.php?id=' . $id);
|
||||
} else {
|
||||
general_error("<em>Something</em> went wrong.");
|
||||
}
|
||||
|
||||
root_redirect("user.php?name=" . $name);
|
||||
|
||||
?>
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
<?php
|
||||
/* This file is free software: you can redistribute it and/or modify
|
||||
it under the terms of version 3 of the GNU Affero General Public
|
||||
License as published by the Free Software Foundation.
|
||||
|
||||
This file is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details. */
|
||||
|
||||
$depth = "../../";
|
||||
include "../../res/lib/load.php";
|
||||
|
||||
$auth_user = $_POST['auth_user'];
|
||||
$auth_pass = $_POST['auth_pass'];
|
||||
$auth_user_id = user_name_to_id($auth_user);
|
||||
|
||||
$id = intval($_POST['id']);
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
auth_enforce($auth_user_id, $auth_pass,
|
||||
array("wizard", "archmage"), "destroy users");
|
||||
|
||||
$invalid = input_enforce(array($id), array("ID"), array("user_id"));
|
||||
|
||||
if (!empty($invalid)) {
|
||||
input_error("Some input is invalid: " . comma_sep($invalid));
|
||||
}
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
user_delete($id);
|
||||
|
||||
root_redirect("user.php?name=" . $name);
|
||||
|
||||
?>
|
18
index.php
18
index.php
|
@ -12,22 +12,8 @@ $depth = "";
|
|||
$title = "";
|
||||
include "res/lib/load.php";
|
||||
|
||||
// global variable declaration
|
||||
$users = user_ids();
|
||||
$user = array_map(user_data, $users);
|
||||
$posts = post_ids();
|
||||
$post = array_map(post_data, $posts);
|
||||
// -------------------------------------
|
||||
|
||||
echo $GLOBALS['twig']->render('head.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth,
|
||||
'title' =>$title]);
|
||||
|
||||
echo $GLOBALS['twig']->render('index.twig.html', []);
|
||||
|
||||
|
||||
echo $GLOBALS['twig']->render('foot.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth]);
|
||||
display_page("index.twig.html", $depth, $title);
|
||||
|
||||
?>
|
||||
|
|
30
post.php
30
post.php
|
@ -13,27 +13,17 @@ $title = "";
|
|||
include "res/lib/load.php";
|
||||
|
||||
// -------------------------------------
|
||||
// post environment
|
||||
$post_id = $_GET['id'];
|
||||
$text = post_text($post_id);
|
||||
$author = post_author($post_id);
|
||||
$date = post_data($post_id);
|
||||
|
||||
$id = $_GET['id'];
|
||||
$text = post_text($id);
|
||||
$author = post_author($id);
|
||||
$date = post_data($id);
|
||||
|
||||
$local_exports = array('id' => $id, 'text' => $text, 'author' => $author,
|
||||
'data' => $data);
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
echo $GLOBALS['twig']->render('head.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth,
|
||||
'title' =>$title]);
|
||||
|
||||
echo $GLOBALS['twig']->render('post.twig.html',
|
||||
['id'=> $post_id,
|
||||
'text' => $text,
|
||||
'author' => $author,
|
||||
'date' => $date]);
|
||||
|
||||
|
||||
echo $GLOBALS['twig']->render('foot.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth]);
|
||||
display_page("post.twig.html", $depth, $title, $local_exports);
|
||||
|
||||
?>
|
||||
|
|
|
@ -11,20 +11,35 @@
|
|||
|
||||
// ARRAY -- > STRING
|
||||
// Turn a 1D array into a comma-seperated string
|
||||
function comma_sep($array) {
|
||||
function comma_sep($array, $seperator=", ") {
|
||||
global $string;
|
||||
$string = $seperator;
|
||||
global $stack;
|
||||
$stack = "";
|
||||
|
||||
$comma_print = function($item) {
|
||||
$GLOBALS['stack'] = $GLOBALS['stack']
|
||||
. ", " . $item;
|
||||
. $GLOBALS['string'] . $item;
|
||||
};
|
||||
|
||||
array_map($comma_print, $array);
|
||||
|
||||
$stack = preg_replace('/^, /', '', $stack);
|
||||
$stack = preg_replace('/^' . $string . '/', '', $stack);
|
||||
|
||||
return $stack;
|
||||
}
|
||||
|
||||
|
||||
// STRING STRING [ARRAY] --> ARRAY
|
||||
// Return exports for Twig-- with the required global & local exports,
|
||||
// along with any optional local ones.
|
||||
function make_exports($depth, $title, $local = array()) {
|
||||
$exports = $GLOBALS['twig_exports'];
|
||||
|
||||
$exports['depth'] = $depth;
|
||||
$exports['title'] = $title;
|
||||
|
||||
return array_merge($exports, $local);
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
<?php
|
||||
/* This file is free software: you can redistribute it and/or modify
|
||||
it under the terms of version 3 of the GNU Affero General Public
|
||||
License as published by the Free Software Foundation.
|
||||
|
||||
This file is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details. */
|
||||
|
||||
|
||||
// STRING STRING STRING [ARRAY] --> BOOLEAN
|
||||
// Render and display a page, based on it's template-path, title, relative
|
||||
// depth, and an optional array of more Twig variable exports.
|
||||
function display_page($template, $depth, $title, $local_exports=array()) {
|
||||
echo $GLOBALS['twig']->render("head.twig.html",
|
||||
make_exports($depth, $title, $local_exports));
|
||||
echo $GLOBALS['twig']->render($template,
|
||||
make_exports($depth, $title, $local_exports));
|
||||
echo $GLOBALS['twig']->render("foot.twig.html",
|
||||
make_exports($depth, $title, $local_exports));
|
||||
return true;
|
||||
}
|
|
@ -30,8 +30,8 @@ if (!db_table_existant("lusers")) {
|
|||
db_create_table("lusers",
|
||||
array("id int primary key","username varchar(20)",
|
||||
"biography longtext","email varchar(50)","website varchar(50)",
|
||||
"password_hash varchar(80)","full_name varchar(50)",
|
||||
"login varchar(20)")); }
|
||||
"hash char(60)","full_name varchar(50)",
|
||||
"class varchar(20)")); }
|
||||
|
||||
if (!db_table_existant("posts")) {
|
||||
db_create_table("posts",
|
||||
|
@ -51,10 +51,12 @@ if (!db_table_existant("comments")) {
|
|||
// Execute a DB command
|
||||
function db_cmd($query) {
|
||||
$stmt = $GLOBALS['pdo']->query($query);
|
||||
$stack = array();
|
||||
|
||||
if (is_bool($stmt)) {
|
||||
return $stmt;
|
||||
} else {
|
||||
return $stmt->fetch();
|
||||
return $stmt->fetchAll();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -63,7 +65,17 @@ function db_cmd($query) {
|
|||
// STRING STRING --> ARRAY
|
||||
// Return all values of a specific column
|
||||
function db_get_columns($table, $column) {
|
||||
return db_cmd("select " . $column . " from " . $table);
|
||||
$result = db_cmd("select " . $column . " from " . $table);
|
||||
|
||||
$result_nest = function($array) {
|
||||
return $array[0];
|
||||
};
|
||||
|
||||
if (is_array($result)) {
|
||||
return array_map($result_nest, $result);
|
||||
} else {
|
||||
return $result;
|
||||
}
|
||||
}
|
||||
|
||||
// STRING STRING VARYING --> ARRAY
|
||||
|
@ -77,7 +89,7 @@ function db_get_rows($table, $identifier, $value) {
|
|||
// Return the value of a specific column in a given row, identified by an
|
||||
// 'identifier' column set to the given value
|
||||
function db_get_cell($table, $identifier, $value, $cell) {
|
||||
return db_get_rows($table, $identifier, $value)[$cell];
|
||||
return db_get_rows($table, $identifier, $value)[0][$cell];
|
||||
}
|
||||
|
||||
// --------------------------------------
|
||||
|
|
|
@ -25,4 +25,12 @@ function input_error($string) {
|
|||
exit;
|
||||
}
|
||||
|
||||
// STRING --> NIL
|
||||
// Print out a general error, with $string as it's error-message.
|
||||
function perm_error($string) {
|
||||
echo $GLOBALS['twig']->render('error.twig.html',
|
||||
['error_message'=>$string]);
|
||||
exit;
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
@ -15,6 +15,7 @@ function root($path) {
|
|||
return $GLOBALS['depth'] . $path;
|
||||
}
|
||||
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
include(root("config.php"));
|
||||
|
@ -23,12 +24,42 @@ require_once root("vendor/autoload.php");
|
|||
include(root("res/lib/string.php"));
|
||||
include(root("res/lib/array.php"));
|
||||
include(root("res/lib/user.php"));
|
||||
include(root("res/lib/post.php"));
|
||||
include(root("res/lib/comment.php"));
|
||||
include(root("res/lib/error.php"));
|
||||
include(root("res/lib/sterilize.php"));
|
||||
include(root("res/lib/db.php"));
|
||||
include(root("res/lib/url.php"));
|
||||
include(root("res/lib/blagoblag.php"));
|
||||
|
||||
$loader= new Twig_Loader_Filesystem(root("res/themes/default/html"));
|
||||
$twig = new Twig_Environment($loader, ['cache' =>
|
||||
root('cache/')]);
|
||||
|
||||
|
||||
|
||||
// -------------------------------------
|
||||
// global variable declaration
|
||||
global $users; $users = user_ids();
|
||||
global $user; $user = array();
|
||||
|
||||
$push_user_data = function($user_id) {
|
||||
$user_name = user_name($user_id);
|
||||
$GLOBALS['user'][$user_id] = user_data($user_id);
|
||||
$GLOBALS['user'][$user_name] = user_data($user_id);
|
||||
};
|
||||
|
||||
array_map($push_user_data, $users);
|
||||
|
||||
// global $posts; $posts = post_ids();
|
||||
// global $post; $post = array();
|
||||
// $post = array_map(post_data, $posts);
|
||||
|
||||
// -----------------
|
||||
|
||||
global $twig_exports;
|
||||
$twig_exports = array('theme' => $GLOBALS['theme'],
|
||||
'users' => $GLOBALS['users'],
|
||||
'user' => $GLOBALS['user']);
|
||||
//'posts' => $GLOBALS['posts'],
|
||||
//'post' => $GLOBALS['post']);
|
||||
|
||||
?>
|
||||
|
|
|
@ -9,8 +9,136 @@
|
|||
GNU Affero General Public License for more details. */
|
||||
|
||||
|
||||
function input_enforce($values, $names, $types) {
|
||||
$stack = "";
|
||||
// NUMBER STRING ARRAY [STRING] --> NIL
|
||||
// Make sure a user is both authenticated *and* permitted to do a given task,
|
||||
// aka in the right login-class.
|
||||
function auth_enforce($id, $password, $permitted, $message="do that") {
|
||||
if (!user_valid_password($id, $password)) {
|
||||
input_error("Sorry, your user-name or password is wrong.");
|
||||
}
|
||||
|
||||
while ($i < length($valuesw)) {
|
||||
if (function
|
||||
$class = user_class($id);
|
||||
if (!in_array($class, $permitted)) {
|
||||
perm_error("Mate, only a " . comma_sep($permitted, " or ")
|
||||
. " can " . $message . "-- you hecking "
|
||||
. $class . "!");
|
||||
}
|
||||
}
|
||||
|
||||
// ARRAY ARRAY ARRAY --> ARRAY
|
||||
// Validate a list of values against a corresponding list of types;
|
||||
// return a list of names (corresponding to the values) that don't
|
||||
// match their types. If an empty array is returned, then, all inputs are
|
||||
// valid.
|
||||
// Two non-existant "pseudo-types" are accepted-- "url" and "e-mail".
|
||||
// A "type" can also be an array of acceptable values.
|
||||
// Example:
|
||||
// input_enforce(["apple", 4, "ap@ap.co.uk", "never"],
|
||||
// ["Fruit", "Age", "E-mail", "Preference"],
|
||||
// ["string", "int", "email",
|
||||
// ["never", "always", "now"]]);
|
||||
//
|
||||
// ... it's an ugly, long function, I know...
|
||||
function input_enforce($values, $names, $types) {
|
||||
$stack = array();
|
||||
$i = 0;
|
||||
|
||||
while ($i < count($values)) {
|
||||
$value = $values[$i];
|
||||
$type = $types[$i];
|
||||
$name = $names[$i];
|
||||
$res = true;
|
||||
|
||||
switch ($type) {
|
||||
case (is_array($type)):
|
||||
if (!in_array($value, $type)) { $res = false; }
|
||||
break;
|
||||
|
||||
default:
|
||||
$type_check = "is_" . $type;
|
||||
if (!call_user_func($type_check, $value)) {
|
||||
$res = false;
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
if (!$res) {
|
||||
$stack[] = $name;
|
||||
}
|
||||
|
||||
$i++;
|
||||
}
|
||||
|
||||
|
||||
return $stack;
|
||||
}
|
||||
|
||||
|
||||
// -------------------------------------
|
||||
// pseudo-types
|
||||
|
||||
// STRING --> BOOLEAN
|
||||
// Return whether or not a given string is a valid e-mail.
|
||||
function is_email($string) {
|
||||
return filter_var($string, FILTER_VALIDATE_EMAIL);
|
||||
}
|
||||
|
||||
// STRING --> BOOLEAN
|
||||
// Return whether or not a given string is a valid url.
|
||||
function is_url($string) {
|
||||
return filter_var($string, FILTER_VALIDATE_URL);
|
||||
}
|
||||
|
||||
// VARYING --> BOOLEAN
|
||||
// Return whether or not a given value is a non-empty string
|
||||
function is_ne_string($value) {
|
||||
if (is_string($value) && !empty($value)) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
// STRING --> BOOLEAN
|
||||
// Return whether or not a string is already a username
|
||||
function is_user_name($username) {
|
||||
if (user_name_to_id($username)) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// NUMBER --> BOOLEAN
|
||||
// Return whether or not a number is already a user ID
|
||||
function is_user_id($id) {
|
||||
if (in_array($id, $GLOBALS['users'])) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
// STRING --> BOOLEAN
|
||||
// Return whether or not a given string is a valid (unused) username
|
||||
function is_free_user_name($username) {
|
||||
if (!is_user_name($username) && is_ne_string($username)) {
|
||||
return true; } else { return false; }
|
||||
}
|
||||
|
||||
// STRING --> BOOLEAN
|
||||
// Return whether or not a given number is a valid (unused) user ID
|
||||
function is_free_user_id($id) {
|
||||
if (!is_user_id($id) && is_int($id)) {
|
||||
return true; } else { return false; }
|
||||
}
|
||||
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
|
||||
?>
|
||||
|
|
|
@ -0,0 +1,40 @@
|
|||
<?php
|
||||
/* This file is free software: you can redistribute it and/or modify
|
||||
it under the terms of version 3 of the GNU Affero General Public
|
||||
License as published by the Free Software Foundation.
|
||||
|
||||
This file is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details. */
|
||||
|
||||
|
||||
// STRING -- > STRING
|
||||
// Turn a path (relative to root) into absolute URL
|
||||
function root_url($string) {
|
||||
return protocol() . "://" . $_SERVER['HTTP_HOST'] . "/"
|
||||
. $GLOBALS['root']
|
||||
. $string;
|
||||
}
|
||||
|
||||
|
||||
// NIL --> STRING
|
||||
// Return the current protocol (HTTP, HTTPS, etc)
|
||||
function protocol() {
|
||||
return explode('/', $_SERVER['SERVER_PROTOCOL'])[0];
|
||||
}
|
||||
|
||||
|
||||
// STRING --> NIL
|
||||
// Redirect to a regular URL (I.E., "https://duckduckgo.com")
|
||||
function redirect($url) {
|
||||
header('Location: ' . $url);
|
||||
return;
|
||||
}
|
||||
|
||||
// STRING --> NIL
|
||||
// Redirect to a URL relative to root (I.E., "res/img/")
|
||||
function root_redirect($path) {
|
||||
header('Location: ' . root_url($path));
|
||||
return;
|
||||
}
|
|
@ -28,16 +28,22 @@ function user_set($id, $variable, $new_value) {
|
|||
|
||||
// NUMBER STRING STRING [STRING STRING STRING STRING STRING] --> BOOLEAN
|
||||
// Create a user of the given specification.
|
||||
function user_create($id, $name, $password, $login="Spectator",
|
||||
function user_create($id, $name, $password, $class="Spectator",
|
||||
$full_name=NULL, $email=NULL, $url=NULL, $bio=NULL) {
|
||||
|
||||
return db_insert_row("lusers",
|
||||
array("id", "username", "password_hash", "login",
|
||||
array("id", "username", "hash", "class",
|
||||
"full_name", "email", "website", "biography"),
|
||||
array($id, $name, $password, $login,
|
||||
array($id, $name, $password, $class,
|
||||
$full_name, $email, $url, $bio));
|
||||
}
|
||||
|
||||
// NUMBER --> BOOLEAN
|
||||
// Delete a user by their ID.
|
||||
function user_delete($id) {
|
||||
return db_cmd("delete from lusers where id = " . $id);
|
||||
}
|
||||
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
|
@ -51,7 +57,7 @@ function user_id_to_name($id) {
|
|||
// STRING --> NUMBER
|
||||
// Get a user's ID from username.
|
||||
function user_name_to_id($username) {
|
||||
return db_get_cell("lusers", "username", $username, "id");
|
||||
return db_get_cell("lusers", "username", string_wrap($username), "id");
|
||||
}
|
||||
|
||||
|
||||
|
@ -61,13 +67,13 @@ function user_name_to_id($username) {
|
|||
// NUMBER --> STRING
|
||||
// Return a username from a user-ID
|
||||
function user_name($id) {
|
||||
return user_id_to_name($id, "username");
|
||||
return user_id_to_name($id);
|
||||
}
|
||||
|
||||
// NUMBER --> STRING
|
||||
// Return a user's login-class from ID
|
||||
function user_login($id) {
|
||||
return user_get($id, "login");
|
||||
function user_class($id) {
|
||||
return user_get($id, "class");
|
||||
}
|
||||
|
||||
// NUMBER --> STRING
|
||||
|
@ -96,10 +102,46 @@ function user_biography($id) {
|
|||
|
||||
// -------------------------------------
|
||||
|
||||
|
||||
// NUMBER --> ARRAY
|
||||
// Fetch an array of a user's IDs
|
||||
function user_ids() {
|
||||
return db_get_columns("lusers", "id");
|
||||
}
|
||||
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
|
||||
// NUMBER --> ARRAY
|
||||
// Fetch an array of a user's posts (by ID)
|
||||
function user_posts($user_id) {
|
||||
return db_get_cell("posts", "user", $user_id, "id");
|
||||
function user_posts($id) {
|
||||
return db_get_cell("posts", "user", $id, "id");
|
||||
}
|
||||
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
|
||||
// NUMBER --> ARRAY
|
||||
// Return an array filled with all of a user's relevant data.
|
||||
function user_data($id) {
|
||||
return array('full_name' => user_full_name($id),
|
||||
'name' => user_name($id),
|
||||
'bio' => user_biography($id),
|
||||
'email' => user_email($id),
|
||||
'website' => user_website($id),
|
||||
'posts' => user_posts($id));
|
||||
}
|
||||
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
|
||||
// NUMBER STRING --> BOOLEAN
|
||||
// Return whether or not a given password is valid.
|
||||
function user_valid_password($id, $password) {
|
||||
return password_verify($password, user_get($id, "hash"));
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
@ -1,5 +1,17 @@
|
|||
<section id="creation">
|
||||
<form id="user_creation" action="private/user_create.php" method="post">
|
||||
|
||||
<section id="authentication">
|
||||
<p><label>Your Username</label>
|
||||
<input name="auth_user" type="text" />
|
||||
</p>
|
||||
<p><label>Your Password</label>
|
||||
<input name="auth_pass" type="text">
|
||||
</p>
|
||||
|
||||
<hr />
|
||||
|
||||
<section id="user_details">
|
||||
<p><label>User ID</label><input name="id" type="number" /></p>
|
||||
<p><label>Full Name</label><input name="full_name" type="text"/>
|
||||
</p>
|
||||
|
@ -17,21 +29,46 @@
|
|||
|
||||
<hr />
|
||||
|
||||
|
||||
<p><label>Login Group</label>
|
||||
<select name="login">
|
||||
<option value="contributor">Contributor</option>
|
||||
<option value="spectator">Spectator</option>
|
||||
<option value="admin">Admin</option>
|
||||
<option value="wizard">Wizard</option>
|
||||
<option value="archmage">Archmage</option>
|
||||
</select>
|
||||
</p>
|
||||
</section>
|
||||
<p><input type="submit" /></p>
|
||||
</form>
|
||||
</section>
|
||||
|
||||
<hr />
|
||||
|
||||
<section id="destruction">
|
||||
<form id="user_destruction" action="private/user_destroy.php"
|
||||
method="post">
|
||||
|
||||
<section id="authentication">
|
||||
<p><label>Your Username</label>
|
||||
<input name="auth_user" type="text" />
|
||||
</p>
|
||||
<p><label>Your Password</label>
|
||||
<input name="auth_pass" type="text">
|
||||
</p>
|
||||
</section>
|
||||
|
||||
<hr />
|
||||
|
||||
<p><label>Target</label>
|
||||
<select name="id">
|
||||
{% for id in users %}
|
||||
<option value="{{ id }}">
|
||||
{{ user[id]['full_name'] }}
|
||||
</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</p>
|
||||
<p><input type="submit" /></p>
|
||||
</form>
|
||||
</section>
|
||||
|
||||
<section id="destruction">
|
||||
<form action="private/user_delete.php" method="post">
|
||||
</form>
|
||||
<form action="private/post_delete.php" method="post">
|
||||
</form>
|
||||
</section>
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
<h1>Eek!</h1>
|
||||
<h2>Something was hecked.</h2>
|
||||
<h3>{{ error_message }} Go back and try again.</h3>
|
||||
<h3>{{ error_message }}</h3>
|
||||
<h3>Go back and try again.</h3>
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<link rel="stylesheet" type="text/css" href="../css/global.css">
|
||||
<link rel="stylesheet" type="text/css" href="../css/navbar.css">
|
||||
<title>Index</title>
|
||||
</head>
|
||||
<body>
|
||||
</body>
|
||||
</html
|
|
@ -4,7 +4,4 @@
|
|||
<h3>{{ url }}</h3>
|
||||
<p>{{ bio }}</p>
|
||||
<ul>
|
||||
{% for post in posts %}
|
||||
<li>{{ post }}</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
|
|
31
user.php
31
user.php
|
@ -8,21 +8,32 @@
|
|||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details. */
|
||||
|
||||
|
||||
$depth = "";
|
||||
$title = "About";
|
||||
include "res/lib/load.php";
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
echo $GLOBALS['twig']->render('head.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth,
|
||||
'title' =>$title]);
|
||||
$id = $_GET['id'] ?? user_name_to_id($_GET['name']);
|
||||
$name = user_name($id);
|
||||
|
||||
echo $GLOBALS['twig']->render('index.twig.html',
|
||||
['animal'=> "cat"]);
|
||||
// -------------------------------------
|
||||
|
||||
echo $GLOBALS['twig']->render('foot.twig.html',
|
||||
['theme' => $GLOBALS['theme'],
|
||||
'depth' => $depth]);
|
||||
if (!is_user_id($id)) {
|
||||
general_error("It looks like that isn't a real user.");
|
||||
}
|
||||
if (empty($name)) {
|
||||
general_error("It looks like that isn't a real user...");
|
||||
}
|
||||
|
||||
// ------------------------------------
|
||||
|
||||
$local_exports = array('full_name' => user_full_name($id), 'name' => $name,
|
||||
'bio' => user_biography($id), 'email' =>
|
||||
user_email($id), 'website' => user_website($id));
|
||||
|
||||
// -------------------------------------
|
||||
|
||||
display_page("user.twig.html", $depth, $title, $local_exports);
|
||||
|
||||
?>
|
||||
|
|
Reference in New Issue