mirror of
https://github.com/pikami/palm-paste.git
synced 2024-11-27 14:15:43 +00:00
People can now signup and users can post private and unlisted pastes
This commit is contained in:
parent
beb9cdd9ec
commit
df2eabccb0
@ -13,6 +13,10 @@
|
||||
<div class="container-fluid">
|
||||
<div class="row">
|
||||
<div class="col-sm-6">
|
||||
<!-- Posting as guest -->
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="asguest">Post as guest</label>
|
||||
</div>
|
||||
<!-- Submit -->
|
||||
<button type="submit" class="btn btn-default">Submit</button>
|
||||
</div>
|
||||
@ -27,7 +31,24 @@
|
||||
<option value="86400">1 Day</option>
|
||||
</select>
|
||||
</div>
|
||||
<!-- END Expiry -->
|
||||
<!-- Type -->
|
||||
<div class="form-group">
|
||||
<label for="exposure">Type:</label>
|
||||
<select class="form-control" id="exposure" name="exposure">
|
||||
<option value="0">Public</option>
|
||||
<option value="1">Unlisted</option>
|
||||
<?php
|
||||
include_once "includes/user.php";
|
||||
$userID = -1;
|
||||
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
||||
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||
if($userID==-1)
|
||||
print '<option value="2" disabled>Private (Members only)</option>';
|
||||
else print '<option value="2" >Private</option>';
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
<!-- END Type -->
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -4,7 +4,7 @@
|
||||
<div class="list-group">
|
||||
<?php
|
||||
include "config/config.php";
|
||||
$stmt = $conn->query('SELECT * FROM pastes ORDER BY id DESC LIMIT 5');
|
||||
$stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5');
|
||||
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
|
||||
$title = $row['title'];
|
||||
if(strlen($title)>25)$title = substr($title,0,25)."...";
|
||||
|
@ -1,15 +1,24 @@
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-body">
|
||||
<div class="container">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-body">
|
||||
<?php
|
||||
if(isset($uid)){
|
||||
include "config/config.php";
|
||||
include_once "includes/user.php";
|
||||
$stmt = $conn->query('SELECT * FROM pastes WHERE uid="'.$uid.'"');
|
||||
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
$conn = null;
|
||||
if($result["exposure"]==2 && $result["owner"]!=GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"])){
|
||||
echo "<h1>This paste is private</h1>";
|
||||
die();
|
||||
}
|
||||
echo "<h1>".$result["title"]."</h1>";
|
||||
echo "<textarea class=\"form-control\" rows=\"5\" disabled=\"true\">".$result["text"]."</textarea>";
|
||||
}
|
||||
else echo "Paste does not exist";
|
||||
$conn = null;
|
||||
} else echo "Error: id not set";
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
@ -1,7 +1,6 @@
|
||||
<?php
|
||||
function GetUsersIDBySession($sid,$skey){
|
||||
include "config/config.php";
|
||||
//SELECT * FROM pastes WHERE uid=
|
||||
$stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey");
|
||||
$stmt->bindParam(':skey', $skey);
|
||||
$stmt->bindParam(':sid', $sid);
|
||||
@ -27,7 +26,17 @@ function UnsetBrowserCookies(){
|
||||
setcookie("pp_sid", '', time() - 3600);
|
||||
setcookie("pp_skey", '', time() - 3600);
|
||||
}
|
||||
function GetUsernameByID(){
|
||||
//Placeholder
|
||||
function GetUserByID($id){
|
||||
include "config/config.php";
|
||||
$stmt = $conn->prepare("SELECT * FROM users WHERE id=:id");
|
||||
$stmt->bindParam(':id', $id);
|
||||
$stmt->execute();
|
||||
if($result = $stmt->fetch()){
|
||||
$conn = null;
|
||||
return $result;
|
||||
} else {
|
||||
$conn = null;
|
||||
return array(-1,-1,-1,-1);
|
||||
}
|
||||
}
|
||||
?>
|
21
index.php
21
index.php
@ -11,7 +11,7 @@
|
||||
<body>
|
||||
<!-- NavBar -->
|
||||
<nav class="navbar navbar-inverse">
|
||||
<div class="container-fluid">
|
||||
<div class="container">
|
||||
<div class="navbar-header">
|
||||
<a class="navbar-brand" href="index.php">Palm-Paste</a>
|
||||
</div>
|
||||
@ -27,10 +27,20 @@
|
||||
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
|
||||
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||
if($userID == -1){
|
||||
echo "<li><a href=\"#\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
|
||||
echo "<li><a href=\"signup\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
|
||||
echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>";
|
||||
} else {
|
||||
echo "<li><a href=\"login.php?logout=1\"><span class=\"glyphicon glyphicon-log-out\"></span> Logout</a></li>";
|
||||
$user = GetUserByID($userID);
|
||||
echo '
|
||||
<li class="dropdown">
|
||||
<a class="dropdown-toggle glyphicon glyphicon-user" data-toggle="dropdown" href="#"> '.$user[1].'<span class="caret"></span></a>
|
||||
<ul class="dropdown-menu">
|
||||
<li><a href="#">Placeholder</a></li>
|
||||
<li><a href="#">Placeholder</a></li>
|
||||
<li><a href="logout">Logout</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
';
|
||||
}
|
||||
?>
|
||||
</ul>
|
||||
@ -78,6 +88,11 @@ if (isset($_GET["page"])){
|
||||
include "NewPaste.php";
|
||||
} else if($_GET["page"] == "login"){
|
||||
include "login.php";
|
||||
} else if($_GET["page"] == "logout"){
|
||||
header("Location: login.php?logout=1");
|
||||
die();
|
||||
} else if($_GET["page"] == "signup"){
|
||||
include "signup.php";
|
||||
} else {
|
||||
$uid = $_GET["page"];
|
||||
include "ViewPaste.php";
|
||||
|
52
login.php
52
login.php
@ -14,8 +14,7 @@ if(isset($_GET["logout"])){
|
||||
UnsetBrowserCookies();
|
||||
}
|
||||
header("Location: index.php");
|
||||
}
|
||||
if(isset($_POST["type"])){
|
||||
} else if(isset($_POST["type"])) {
|
||||
if($_POST["type"]=="login" && isset($_POST["user"]) && isset($_POST["pwd"])){
|
||||
//Get options
|
||||
$user = $_POST["user"];
|
||||
@ -28,7 +27,7 @@ if(isset($_POST["type"])){
|
||||
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
|
||||
$stmt->execute(array($user));
|
||||
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
if (password_verify($pwd, $result["password"])){ //$hash = password_hash($pwd ,CRYPT_BLOWFISH);
|
||||
if (password_verify($pwd, $result["password"])){
|
||||
$skey = generate_skey();
|
||||
$stmt = $conn->prepare("INSERT INTO sessions (skey, uid)
|
||||
VALUES (:skey, :uid)");
|
||||
@ -51,5 +50,52 @@ if(isset($_POST["type"])){
|
||||
} else echo "Fail!"; //TODO: No user or SQL fail.
|
||||
$conn = null;
|
||||
}
|
||||
if($_POST["type"]=="register" && isset($_POST["user"]) && isset($_POST["pwd"])){
|
||||
//Get options
|
||||
$user = $_POST["user"];
|
||||
$pwd = $_POST["pwd"];
|
||||
$hash = password_hash($pwd ,CRYPT_BLOWFISH);
|
||||
//Register the user
|
||||
include "config/config.php";
|
||||
$stmt = $conn->prepare("INSERT INTO users (user,password)
|
||||
VALUES (:user, :pwd)");
|
||||
$stmt->bindParam(':user', $user);
|
||||
$stmt->bindParam(':pwd', $hash);
|
||||
if($stmt->execute()){
|
||||
header("Location: login");
|
||||
} else {
|
||||
echo "Fail!";
|
||||
}
|
||||
$conn = null;
|
||||
}
|
||||
} else {
|
||||
echo '
|
||||
<div class="container">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">Login</div>
|
||||
<div class="panel-body">
|
||||
';
|
||||
echo '
|
||||
<form role="form" method="POST" action="login">
|
||||
<div class="form-group">
|
||||
<label for="user">Username:</label>
|
||||
<input type="user" class="form-control" id="user" name="user">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="pwd">Password:</label>
|
||||
<input type="password" class="form-control" id="pwd" name="pwd">
|
||||
</div>
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="remember"> Remember me</label>
|
||||
</div>
|
||||
<input type=\'hidden\' name=\'type\' value=\'login\'></input>
|
||||
<button type="submit" class="btn btn-default">Submit</button>
|
||||
</form>
|
||||
';
|
||||
echo '
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
';
|
||||
}
|
||||
?>
|
22
post.php
22
post.php
@ -31,26 +31,34 @@ if(isset($_POST["type"])){
|
||||
/* Set paste details */
|
||||
$title = "Untitled";
|
||||
$text = $_POST["text"];
|
||||
$exposure = 0;
|
||||
if(isset($_POST["title"]))
|
||||
$title = $_POST["title"];
|
||||
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
|
||||
$$exposure = $_POST["exposure"];
|
||||
$uid = generate_uid();
|
||||
$created = time();
|
||||
$expire = 0;
|
||||
if(isset($_POST["expire"]) && is_numeric($_POST["expire"]))
|
||||
$expire = $created + $_POST["expire"];
|
||||
$owner = 0;
|
||||
if(isset($_POST["asguest"]) && $_POST["asguest"]=="on")
|
||||
$owner = 0;
|
||||
else if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
|
||||
include "includes/user.php";
|
||||
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
|
||||
}
|
||||
/* Add paste to database */
|
||||
$QuerySTR = "INSERT INTO pastes (uid,title,text,created)
|
||||
VALUES (:uid, :tit, :txt, :cre)";
|
||||
if($expire!=0)
|
||||
$QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire)
|
||||
VALUES (:uid, :tit, :txt, :cre, :exp)";
|
||||
$QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire,exposure,owner)
|
||||
VALUES (:uid, :tit, :txt, :cre, :exp, :exposure, :own)";
|
||||
$stmt = $conn->prepare($QuerySTR);
|
||||
if($expire!=0)
|
||||
$stmt->bindParam(':exp', $expire);
|
||||
$stmt->bindParam(':exp', $expire);
|
||||
$stmt->bindParam(':uid', $uid);
|
||||
$stmt->bindParam(':tit', $title);
|
||||
$stmt->bindParam(':txt', $text);
|
||||
$stmt->bindParam(':cre', $created);
|
||||
$stmt->bindParam(':exposure', $exposure);
|
||||
$stmt->bindParam(':own', $owner);
|
||||
$stmt->execute();
|
||||
$conn = null; //close connection to database
|
||||
header("Location: ".$uid);
|
||||
|
29
signup.php
Normal file
29
signup.php
Normal file
@ -0,0 +1,29 @@
|
||||
<div class="container">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">Register</div>
|
||||
<div class="panel-body">
|
||||
<!-- Panel Content -->
|
||||
<form class="form-horizontal" role="form" method="POST" action="login">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="user">Username:</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="user" class="form-control" id="user" placeholder="Enter username" name="user">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="pwd">Password:</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="pwd" placeholder="Enter password" name="pwd">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<input type='hidden' name='type' value='register'></input>
|
||||
<button type="submit" class="btn btn-default" >Submit</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<!-- END Panel Content -->
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
Loading…
Reference in New Issue
Block a user