mirror of https://github.com/pikami/palm-paste.git
People can now signup and users can post private and unlisted pastes
This commit is contained in:
parent
beb9cdd9ec
commit
df2eabccb0
|
@ -13,6 +13,10 @@
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-sm-6">
|
<div class="col-sm-6">
|
||||||
|
<!-- Posting as guest -->
|
||||||
|
<div class="checkbox">
|
||||||
|
<label><input type="checkbox" name="asguest">Post as guest</label>
|
||||||
|
</div>
|
||||||
<!-- Submit -->
|
<!-- Submit -->
|
||||||
<button type="submit" class="btn btn-default">Submit</button>
|
<button type="submit" class="btn btn-default">Submit</button>
|
||||||
</div>
|
</div>
|
||||||
|
@ -27,7 +31,24 @@
|
||||||
<option value="86400">1 Day</option>
|
<option value="86400">1 Day</option>
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
<!-- END Expiry -->
|
<!-- Type -->
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="exposure">Type:</label>
|
||||||
|
<select class="form-control" id="exposure" name="exposure">
|
||||||
|
<option value="0">Public</option>
|
||||||
|
<option value="1">Unlisted</option>
|
||||||
|
<?php
|
||||||
|
include_once "includes/user.php";
|
||||||
|
$userID = -1;
|
||||||
|
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
||||||
|
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||||
|
if($userID==-1)
|
||||||
|
print '<option value="2" disabled>Private (Members only)</option>';
|
||||||
|
else print '<option value="2" >Private</option>';
|
||||||
|
?>
|
||||||
|
</select>
|
||||||
|
</div>
|
||||||
|
<!-- END Type -->
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
<div class="list-group">
|
<div class="list-group">
|
||||||
<?php
|
<?php
|
||||||
include "config/config.php";
|
include "config/config.php";
|
||||||
$stmt = $conn->query('SELECT * FROM pastes ORDER BY id DESC LIMIT 5');
|
$stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5');
|
||||||
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
|
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
|
||||||
$title = $row['title'];
|
$title = $row['title'];
|
||||||
if(strlen($title)>25)$title = substr($title,0,25)."...";
|
if(strlen($title)>25)$title = substr($title,0,25)."...";
|
||||||
|
|
|
@ -1,15 +1,24 @@
|
||||||
|
<div class="container">
|
||||||
<div class="panel panel-default">
|
<div class="panel panel-default">
|
||||||
<div class="panel-body">
|
<div class="panel-body">
|
||||||
<?php
|
<?php
|
||||||
if(isset($uid)){
|
if(isset($uid)){
|
||||||
include "config/config.php";
|
include "config/config.php";
|
||||||
|
include_once "includes/user.php";
|
||||||
$stmt = $conn->query('SELECT * FROM pastes WHERE uid="'.$uid.'"');
|
$stmt = $conn->query('SELECT * FROM pastes WHERE uid="'.$uid.'"');
|
||||||
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
|
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
|
||||||
|
$conn = null;
|
||||||
|
if($result["exposure"]==2 && $result["owner"]!=GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"])){
|
||||||
|
echo "<h1>This paste is private</h1>";
|
||||||
|
die();
|
||||||
|
}
|
||||||
echo "<h1>".$result["title"]."</h1>";
|
echo "<h1>".$result["title"]."</h1>";
|
||||||
echo "<textarea class=\"form-control\" rows=\"5\" disabled=\"true\">".$result["text"]."</textarea>";
|
echo "<textarea class=\"form-control\" rows=\"5\" disabled=\"true\">".$result["text"]."</textarea>";
|
||||||
}
|
}
|
||||||
else echo "Paste does not exist";
|
else echo "Paste does not exist";
|
||||||
|
$conn = null;
|
||||||
} else echo "Error: id not set";
|
} else echo "Error: id not set";
|
||||||
?>
|
?>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
</div>
|
|
@ -1,7 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
function GetUsersIDBySession($sid,$skey){
|
function GetUsersIDBySession($sid,$skey){
|
||||||
include "config/config.php";
|
include "config/config.php";
|
||||||
//SELECT * FROM pastes WHERE uid=
|
|
||||||
$stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey");
|
$stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey");
|
||||||
$stmt->bindParam(':skey', $skey);
|
$stmt->bindParam(':skey', $skey);
|
||||||
$stmt->bindParam(':sid', $sid);
|
$stmt->bindParam(':sid', $sid);
|
||||||
|
@ -27,7 +26,17 @@ function UnsetBrowserCookies(){
|
||||||
setcookie("pp_sid", '', time() - 3600);
|
setcookie("pp_sid", '', time() - 3600);
|
||||||
setcookie("pp_skey", '', time() - 3600);
|
setcookie("pp_skey", '', time() - 3600);
|
||||||
}
|
}
|
||||||
function GetUsernameByID(){
|
function GetUserByID($id){
|
||||||
//Placeholder
|
include "config/config.php";
|
||||||
|
$stmt = $conn->prepare("SELECT * FROM users WHERE id=:id");
|
||||||
|
$stmt->bindParam(':id', $id);
|
||||||
|
$stmt->execute();
|
||||||
|
if($result = $stmt->fetch()){
|
||||||
|
$conn = null;
|
||||||
|
return $result;
|
||||||
|
} else {
|
||||||
|
$conn = null;
|
||||||
|
return array(-1,-1,-1,-1);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
?>
|
?>
|
21
index.php
21
index.php
|
@ -11,7 +11,7 @@
|
||||||
<body>
|
<body>
|
||||||
<!-- NavBar -->
|
<!-- NavBar -->
|
||||||
<nav class="navbar navbar-inverse">
|
<nav class="navbar navbar-inverse">
|
||||||
<div class="container-fluid">
|
<div class="container">
|
||||||
<div class="navbar-header">
|
<div class="navbar-header">
|
||||||
<a class="navbar-brand" href="index.php">Palm-Paste</a>
|
<a class="navbar-brand" href="index.php">Palm-Paste</a>
|
||||||
</div>
|
</div>
|
||||||
|
@ -27,10 +27,20 @@
|
||||||
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
||||||
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||||
if($userID == -1){
|
if($userID == -1){
|
||||||
echo "<li><a href=\"#\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
|
echo "<li><a href=\"signup\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
|
||||||
echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>";
|
echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>";
|
||||||
} else {
|
} else {
|
||||||
echo "<li><a href=\"login.php?logout=1\"><span class=\"glyphicon glyphicon-log-out\"></span> Logout</a></li>";
|
$user = GetUserByID($userID);
|
||||||
|
echo '
|
||||||
|
<li class="dropdown">
|
||||||
|
<a class="dropdown-toggle glyphicon glyphicon-user" data-toggle="dropdown" href="#"> '.$user[1].'<span class="caret"></span></a>
|
||||||
|
<ul class="dropdown-menu">
|
||||||
|
<li><a href="#">Placeholder</a></li>
|
||||||
|
<li><a href="#">Placeholder</a></li>
|
||||||
|
<li><a href="logout">Logout</a></li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
';
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
</ul>
|
</ul>
|
||||||
|
@ -78,6 +88,11 @@ if (isset($_GET["page"])){
|
||||||
include "NewPaste.php";
|
include "NewPaste.php";
|
||||||
} else if($_GET["page"] == "login"){
|
} else if($_GET["page"] == "login"){
|
||||||
include "login.php";
|
include "login.php";
|
||||||
|
} else if($_GET["page"] == "logout"){
|
||||||
|
header("Location: login.php?logout=1");
|
||||||
|
die();
|
||||||
|
} else if($_GET["page"] == "signup"){
|
||||||
|
include "signup.php";
|
||||||
} else {
|
} else {
|
||||||
$uid = $_GET["page"];
|
$uid = $_GET["page"];
|
||||||
include "ViewPaste.php";
|
include "ViewPaste.php";
|
||||||
|
|
52
login.php
52
login.php
|
@ -14,8 +14,7 @@ if(isset($_GET["logout"])){
|
||||||
UnsetBrowserCookies();
|
UnsetBrowserCookies();
|
||||||
}
|
}
|
||||||
header("Location: index.php");
|
header("Location: index.php");
|
||||||
}
|
} else if(isset($_POST["type"])) {
|
||||||
if(isset($_POST["type"])){
|
|
||||||
if($_POST["type"]=="login" && isset($_POST["user"]) && isset($_POST["pwd"])){
|
if($_POST["type"]=="login" && isset($_POST["user"]) && isset($_POST["pwd"])){
|
||||||
//Get options
|
//Get options
|
||||||
$user = $_POST["user"];
|
$user = $_POST["user"];
|
||||||
|
@ -28,7 +27,7 @@ if(isset($_POST["type"])){
|
||||||
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
|
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
|
||||||
$stmt->execute(array($user));
|
$stmt->execute(array($user));
|
||||||
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
|
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
|
||||||
if (password_verify($pwd, $result["password"])){ //$hash = password_hash($pwd ,CRYPT_BLOWFISH);
|
if (password_verify($pwd, $result["password"])){
|
||||||
$skey = generate_skey();
|
$skey = generate_skey();
|
||||||
$stmt = $conn->prepare("INSERT INTO sessions (skey, uid)
|
$stmt = $conn->prepare("INSERT INTO sessions (skey, uid)
|
||||||
VALUES (:skey, :uid)");
|
VALUES (:skey, :uid)");
|
||||||
|
@ -51,5 +50,52 @@ if(isset($_POST["type"])){
|
||||||
} else echo "Fail!"; //TODO: No user or SQL fail.
|
} else echo "Fail!"; //TODO: No user or SQL fail.
|
||||||
$conn = null;
|
$conn = null;
|
||||||
}
|
}
|
||||||
|
if($_POST["type"]=="register" && isset($_POST["user"]) && isset($_POST["pwd"])){
|
||||||
|
//Get options
|
||||||
|
$user = $_POST["user"];
|
||||||
|
$pwd = $_POST["pwd"];
|
||||||
|
$hash = password_hash($pwd ,CRYPT_BLOWFISH);
|
||||||
|
//Register the user
|
||||||
|
include "config/config.php";
|
||||||
|
$stmt = $conn->prepare("INSERT INTO users (user,password)
|
||||||
|
VALUES (:user, :pwd)");
|
||||||
|
$stmt->bindParam(':user', $user);
|
||||||
|
$stmt->bindParam(':pwd', $hash);
|
||||||
|
if($stmt->execute()){
|
||||||
|
header("Location: login");
|
||||||
|
} else {
|
||||||
|
echo "Fail!";
|
||||||
|
}
|
||||||
|
$conn = null;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
echo '
|
||||||
|
<div class="container">
|
||||||
|
<div class="panel panel-default">
|
||||||
|
<div class="panel-heading">Login</div>
|
||||||
|
<div class="panel-body">
|
||||||
|
';
|
||||||
|
echo '
|
||||||
|
<form role="form" method="POST" action="login">
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="user">Username:</label>
|
||||||
|
<input type="user" class="form-control" id="user" name="user">
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="pwd">Password:</label>
|
||||||
|
<input type="password" class="form-control" id="pwd" name="pwd">
|
||||||
|
</div>
|
||||||
|
<div class="checkbox">
|
||||||
|
<label><input type="checkbox" name="remember"> Remember me</label>
|
||||||
|
</div>
|
||||||
|
<input type=\'hidden\' name=\'type\' value=\'login\'></input>
|
||||||
|
<button type="submit" class="btn btn-default">Submit</button>
|
||||||
|
</form>
|
||||||
|
';
|
||||||
|
echo '
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
';
|
||||||
}
|
}
|
||||||
?>
|
?>
|
20
post.php
20
post.php
|
@ -31,26 +31,34 @@ if(isset($_POST["type"])){
|
||||||
/* Set paste details */
|
/* Set paste details */
|
||||||
$title = "Untitled";
|
$title = "Untitled";
|
||||||
$text = $_POST["text"];
|
$text = $_POST["text"];
|
||||||
|
$exposure = 0;
|
||||||
if(isset($_POST["title"]))
|
if(isset($_POST["title"]))
|
||||||
$title = $_POST["title"];
|
$title = $_POST["title"];
|
||||||
|
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
|
||||||
|
$$exposure = $_POST["exposure"];
|
||||||
$uid = generate_uid();
|
$uid = generate_uid();
|
||||||
$created = time();
|
$created = time();
|
||||||
$expire = 0;
|
$expire = 0;
|
||||||
if(isset($_POST["expire"]) && is_numeric($_POST["expire"]))
|
if(isset($_POST["expire"]) && is_numeric($_POST["expire"]))
|
||||||
$expire = $created + $_POST["expire"];
|
$expire = $created + $_POST["expire"];
|
||||||
|
$owner = 0;
|
||||||
|
if(isset($_POST["asguest"]) && $_POST["asguest"]=="on")
|
||||||
|
$owner = 0;
|
||||||
|
else if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
|
||||||
|
include "includes/user.php";
|
||||||
|
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||||
|
}
|
||||||
/* Add paste to database */
|
/* Add paste to database */
|
||||||
$QuerySTR = "INSERT INTO pastes (uid,title,text,created)
|
$QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire,exposure,owner)
|
||||||
VALUES (:uid, :tit, :txt, :cre)";
|
VALUES (:uid, :tit, :txt, :cre, :exp, :exposure, :own)";
|
||||||
if($expire!=0)
|
|
||||||
$QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire)
|
|
||||||
VALUES (:uid, :tit, :txt, :cre, :exp)";
|
|
||||||
$stmt = $conn->prepare($QuerySTR);
|
$stmt = $conn->prepare($QuerySTR);
|
||||||
if($expire!=0)
|
|
||||||
$stmt->bindParam(':exp', $expire);
|
$stmt->bindParam(':exp', $expire);
|
||||||
$stmt->bindParam(':uid', $uid);
|
$stmt->bindParam(':uid', $uid);
|
||||||
$stmt->bindParam(':tit', $title);
|
$stmt->bindParam(':tit', $title);
|
||||||
$stmt->bindParam(':txt', $text);
|
$stmt->bindParam(':txt', $text);
|
||||||
$stmt->bindParam(':cre', $created);
|
$stmt->bindParam(':cre', $created);
|
||||||
|
$stmt->bindParam(':exposure', $exposure);
|
||||||
|
$stmt->bindParam(':own', $owner);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$conn = null; //close connection to database
|
$conn = null; //close connection to database
|
||||||
header("Location: ".$uid);
|
header("Location: ".$uid);
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
<div class="container">
|
||||||
|
<div class="panel panel-default">
|
||||||
|
<div class="panel-heading">Register</div>
|
||||||
|
<div class="panel-body">
|
||||||
|
<!-- Panel Content -->
|
||||||
|
<form class="form-horizontal" role="form" method="POST" action="login">
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="control-label col-sm-2" for="user">Username:</label>
|
||||||
|
<div class="col-sm-10">
|
||||||
|
<input type="user" class="form-control" id="user" placeholder="Enter username" name="user">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="control-label col-sm-2" for="pwd">Password:</label>
|
||||||
|
<div class="col-sm-10">
|
||||||
|
<input type="password" class="form-control" id="pwd" placeholder="Enter password" name="pwd">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<div class="col-sm-offset-2 col-sm-10">
|
||||||
|
<input type='hidden' name='type' value='register'></input>
|
||||||
|
<button type="submit" class="btn btn-default" >Submit</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
<!-- END Panel Content -->
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
Loading…
Reference in New Issue