pk
/
palm-paste
mirror of https://github.com/pikami/palm-paste.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

People can now signup and users can post private and unlisted pastes

This commit is contained in:
pikami 2016-06-12 15:32:25 +00:00
parent beb9cdd9ec
commit df2eabccb0
9 changed files with 159 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
NewPastePanel.php
View File

@ -13,6 +13,10 @@
<div class="container-fluid"> <div class="container-fluid">
<div class="row"> <div class="row">
<div class="col-sm-6"> <div class="col-sm-6">
<!-- Posting as guest -->
<div class="checkbox">
<label><input type="checkbox" name="asguest">Post as guest</label>
</div>
<!-- Submit --> <!-- Submit -->
<button type="submit" class="btn btn-default">Submit</button> <button type="submit" class="btn btn-default">Submit</button>
</div> </div>
@ -27,7 +31,24 @@
<option value="86400">1 Day</option> <option value="86400">1 Day</option>
</select> </select>
</div> </div>
<!-- END Expiry --> <!-- Type -->
<div class="form-group">
<label for="exposure">Type:</label>
<select class="form-control" id="exposure" name="exposure">
<option value="0">Public</option>
<option value="1">Unlisted</option>
<?php
include_once "includes/user.php";
$userID = -1;
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
if($userID==-1)
print '<option value="2" disabled>Private (Members only)</option>';
else print '<option value="2" >Private</option>';
?>
</select>
</div>
<!-- END Type -->
</div> </div>
</div> </div>
</div> </div>

2
NewestPastes.php
View File

@ -4,7 +4,7 @@
<div class="list-group"> <div class="list-group">
<?php <?php
include "config/config.php"; include "config/config.php";
$stmt = $conn->query('SELECT * FROM pastes ORDER BY id DESC LIMIT 5'); $stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5');
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title']; $title = $row['title'];
if(strlen($title)>25)$title = substr($title,0,25)."..."; if(strlen($title)>25)$title = substr($title,0,25)."...";

15
ViewPaste.php
View File

@ -1,15 +1,24 @@
<div class="panel panel-default"> <div class="container">
<div class="panel-body"> <div class="panel panel-default">
<div class="panel-body">
<?php <?php
if(isset($uid)){ if(isset($uid)){
include "config/config.php"; include "config/config.php";
include_once "includes/user.php";
$stmt = $conn->query('SELECT * FROM pastes WHERE uid="'.$uid.'"'); $stmt = $conn->query('SELECT * FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){ if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$conn = null;
if($result["exposure"]==2 && $result["owner"]!=GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"])){
echo "<h1>This paste is private</h1>";
die();
}
echo "<h1>".$result["title"]."</h1>"; echo "<h1>".$result["title"]."</h1>";
echo "<textarea class=\"form-control\" rows=\"5\" disabled=\"true\">".$result["text"]."</textarea>"; echo "<textarea class=\"form-control\" rows=\"5\" disabled=\"true\">".$result["text"]."</textarea>";
} }
else echo "Paste does not exist"; else echo "Paste does not exist";
$conn = null;
} else echo "Error: id not set"; } else echo "Error: id not set";
?> ?>
</div> </div>
</div>
</div> </div>

2
css/bootstrap.css vendored
View File

@ -6757,4 +6757,4 @@ button.close {
display: none !important; display: none !important;
} }
} }
/*# sourceMappingURL=bootstrap.css.map */ /*# sourceMappingURL=bootstrap.css.map */

15
includes/user.php
View File

@ -1,7 +1,6 @@
<?php <?php
function GetUsersIDBySession($sid,$skey){ function GetUsersIDBySession($sid,$skey){
include "config/config.php"; include "config/config.php";
//SELECT * FROM pastes WHERE uid=
$stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey"); $stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey");
$stmt->bindParam(':skey', $skey); $stmt->bindParam(':skey', $skey);
$stmt->bindParam(':sid', $sid); $stmt->bindParam(':sid', $sid);
@ -27,7 +26,17 @@ function UnsetBrowserCookies(){
setcookie("pp_sid", '', time() - 3600); setcookie("pp_sid", '', time() - 3600);
setcookie("pp_skey", '', time() - 3600); setcookie("pp_skey", '', time() - 3600);
} }
function GetUsernameByID(){ function GetUserByID($id){
//Placeholder include "config/config.php";
$stmt = $conn->prepare("SELECT * FROM users WHERE id=:id");
$stmt->bindParam(':id', $id);
$stmt->execute();
if($result = $stmt->fetch()){
$conn = null;
return $result;
} else {
$conn = null;
return array(-1,-1,-1,-1);
}
} }
?> ?>

21
index.php
View File

@ -11,7 +11,7 @@
<body> <body>
<!-- NavBar --> <!-- NavBar -->
<nav class="navbar navbar-inverse"> <nav class="navbar navbar-inverse">
<div class="container-fluid"> <div class="container">
<div class="navbar-header"> <div class="navbar-header">
<a class="navbar-brand" href="index.php">Palm-Paste</a> <a class="navbar-brand" href="index.php">Palm-Paste</a>
</div> </div>
@ -27,10 +27,20 @@
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])) if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]); $userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
if($userID == -1){ if($userID == -1){
echo "<li><a href=\"#\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>"; echo "<li><a href=\"signup\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>"; echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>";
} else { } else {
echo "<li><a href=\"login.php?logout=1\"><span class=\"glyphicon glyphicon-log-out\"></span> Logout</a></li>"; $user = GetUserByID($userID);
echo '
<li class="dropdown">
<a class="dropdown-toggle glyphicon glyphicon-user" data-toggle="dropdown" href="#"> '.$user[1].'<span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#">Placeholder</a></li>
<li><a href="#">Placeholder</a></li>
<li><a href="logout">Logout</a></li>
</ul>
</li>
';
} }
?> ?>
</ul> </ul>
@ -78,6 +88,11 @@ if (isset($_GET["page"])){
include "NewPaste.php"; include "NewPaste.php";
} else if($_GET["page"] == "login"){ } else if($_GET["page"] == "login"){
include "login.php"; include "login.php";
} else if($_GET["page"] == "logout"){
header("Location: login.php?logout=1");
die();
} else if($_GET["page"] == "signup"){
include "signup.php";
} else { } else {
$uid = $_GET["page"]; $uid = $_GET["page"];
include "ViewPaste.php"; include "ViewPaste.php";

52
login.php
View File

@ -14,8 +14,7 @@ if(isset($_GET["logout"])){
UnsetBrowserCookies(); UnsetBrowserCookies();
} }
header("Location: index.php"); header("Location: index.php");
} } else if(isset($_POST["type"])) {
if(isset($_POST["type"])){
if($_POST["type"]=="login" && isset($_POST["user"]) && isset($_POST["pwd"])){ if($_POST["type"]=="login" && isset($_POST["user"]) && isset($_POST["pwd"])){
//Get options //Get options
$user = $_POST["user"]; $user = $_POST["user"];
@ -28,7 +27,7 @@ if(isset($_POST["type"])){
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?'); $stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
$stmt->execute(array($user)); $stmt->execute(array($user));
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){ if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
if (password_verify($pwd, $result["password"])){ //$hash = password_hash($pwd ,CRYPT_BLOWFISH); if (password_verify($pwd, $result["password"])){
$skey = generate_skey(); $skey = generate_skey();
$stmt = $conn->prepare("INSERT INTO sessions (skey, uid) $stmt = $conn->prepare("INSERT INTO sessions (skey, uid)
VALUES (:skey, :uid)"); VALUES (:skey, :uid)");
@ -51,5 +50,52 @@ if(isset($_POST["type"])){
} else echo "Fail!"; //TODO: No user or SQL fail. } else echo "Fail!"; //TODO: No user or SQL fail.
$conn = null; $conn = null;
} }
if($_POST["type"]=="register" && isset($_POST["user"]) && isset($_POST["pwd"])){
//Get options
$user = $_POST["user"];
$pwd = $_POST["pwd"];
$hash = password_hash($pwd ,CRYPT_BLOWFISH);
//Register the user
include "config/config.php";
$stmt = $conn->prepare("INSERT INTO users (user,password)
VALUES (:user, :pwd)");
$stmt->bindParam(':user', $user);
$stmt->bindParam(':pwd', $hash);
if($stmt->execute()){
header("Location: login");
} else {
echo "Fail!";
}
$conn = null;
}
} else {
echo '
<div class="container">
<div class="panel panel-default">
<div class="panel-heading">Login</div>
<div class="panel-body">
';
echo '
<form role="form" method="POST" action="login">
<div class="form-group">
<label for="user">Username:</label>
<input type="user" class="form-control" id="user" name="user">
</div>
<div class="form-group">
<label for="pwd">Password:</label>
<input type="password" class="form-control" id="pwd" name="pwd">
</div>
<div class="checkbox">
<label><input type="checkbox" name="remember"> Remember me</label>
</div>
<input type=\'hidden\' name=\'type\' value=\'login\'></input>
<button type="submit" class="btn btn-default">Submit</button>
</form>
';
echo '
</div>
</div>
</div>
';
} }
?> ?>

22
post.php
View File

@ -31,26 +31,34 @@ if(isset($_POST["type"])){
/* Set paste details */ /* Set paste details */
$title = "Untitled"; $title = "Untitled";
$text = $_POST["text"]; $text = $_POST["text"];
$exposure = 0;
if(isset($_POST["title"])) if(isset($_POST["title"]))
$title = $_POST["title"]; $title = $_POST["title"];
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
$$exposure = $_POST["exposure"];
$uid = generate_uid(); $uid = generate_uid();
$created = time(); $created = time();
$expire = 0; $expire = 0;
if(isset($_POST["expire"]) && is_numeric($_POST["expire"])) if(isset($_POST["expire"]) && is_numeric($_POST["expire"]))
$expire = $created + $_POST["expire"]; $expire = $created + $_POST["expire"];
$owner = 0;
if(isset($_POST["asguest"]) && $_POST["asguest"]=="on")
$owner = 0;
else if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
include "includes/user.php";
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
}
/* Add paste to database */ /* Add paste to database */
$QuerySTR = "INSERT INTO pastes (uid,title,text,created) $QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire,exposure,owner)
VALUES (:uid, :tit, :txt, :cre)"; VALUES (:uid, :tit, :txt, :cre, :exp, :exposure, :own)";
if($expire!=0)
$QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire)
VALUES (:uid, :tit, :txt, :cre, :exp)";
$stmt = $conn->prepare($QuerySTR); $stmt = $conn->prepare($QuerySTR);
if($expire!=0) $stmt->bindParam(':exp', $expire);
$stmt->bindParam(':exp', $expire);
$stmt->bindParam(':uid', $uid); $stmt->bindParam(':uid', $uid);
$stmt->bindParam(':tit', $title); $stmt->bindParam(':tit', $title);
$stmt->bindParam(':txt', $text); $stmt->bindParam(':txt', $text);
$stmt->bindParam(':cre', $created); $stmt->bindParam(':cre', $created);
$stmt->bindParam(':exposure', $exposure);
$stmt->bindParam(':own', $owner);
$stmt->execute(); $stmt->execute();
$conn = null; //close connection to database $conn = null; //close connection to database
header("Location: ".$uid); header("Location: ".$uid);

29
signup.php Normal file
View File

@ -0,0 +1,29 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-heading">Register</div>
<div class="panel-body">
<!-- Panel Content -->
<form class="form-horizontal" role="form" method="POST" action="login">
<div class="form-group">
<label class="control-label col-sm-2" for="user">Username:</label>
<div class="col-sm-10">
<input type="user" class="form-control" id="user" placeholder="Enter username" name="user">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="pwd">Password:</label>
<div class="col-sm-10">
<input type="password" class="form-control" id="pwd" placeholder="Enter password" name="pwd">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<input type='hidden' name='type' value='register'></input>
<button type="submit" class="btn btn-default" >Submit</button>
</div>
</div>
</form>
<!-- END Panel Content -->
</div>
</div>
</div>