A better way to make a connection to the database

This commit is contained in:
pikami 2016-06-16 15:33:16 +00:00
parent 4c1f18c593
commit e9ccb5c919
11 changed files with 48 additions and 32 deletions

View File

@ -2,8 +2,9 @@
<div class="panel panel-default"> <div class="panel panel-default">
<div class="panel-body"> <div class="panel-body">
<?php <?php
include "config/config.php"; include_once "config/config.php";
include_once "includes/user.php"; include_once "includes/user.php";
$conn = GetConnectionToDB();
if(GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]) == -1){ if(GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]) == -1){
printf('<h2>You must be loged in to see your pastes!</h2>'); printf('<h2>You must be loged in to see your pastes!</h2>');
$conn = null; $conn = null;

View File

@ -3,13 +3,15 @@
<h4>Newest pastes:</h4> <h4>Newest pastes:</h4>
<div class="list-group"> <div class="list-group">
<?php <?php
include "config/config.php"; include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5'); $stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5');
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) { while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8'); $title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8');
if(strlen($title)>25)$title = substr($title,0,25)."..."; if(strlen($title)>25)$title = substr($title,0,25)."...";
echo "<a href=\"".htmlspecialchars($row['uid'], ENT_QUOTES, 'UTF-8')."\" class=\"list-group-item\">".$title."</a>"; echo "<a href=\"".htmlspecialchars($row['uid'], ENT_QUOTES, 'UTF-8')."\" class=\"list-group-item\">".$title."</a>";
} }
$conn = null;
?> ?>
</div> </div>
</div> </div>

View File

@ -3,18 +3,20 @@
<div class="panel-body"> <div class="panel-body">
<?php <?php
if(isset($uid)){ if(isset($uid)){
include "config/config.php"; include_once "config/config.php";
include_once "includes/user.php"; include_once "includes/user.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE uid="'.$uid.'"'); $stmt = $conn->query('SELECT * FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){ if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$conn = null; $conn = null;
if($result["expire"]!=0 && $result["expire"]<time()){ if($result["expire"]!=0 && $result["expire"]<time()){
//This paste is expired but not removed //This paste is expired but not removed
include "cronjob.php"; echo "<h1>This paste just expired</h1>";
include_once "cronjob.php";
RemoveExpiredPastes(); RemoveExpiredPastes();
die(); die();
} }
if($result["exposure"]==2 && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]) && $result["owner"]!=GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"])){ if($result["exposure"]==2 && $result["owner"]!=0 && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]) && $result["owner"]!=GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"])){
echo "<h1>This paste is private</h1>"; echo "<h1>This paste is private</h1>";
die(); die();
} }

View File

@ -1,11 +1,14 @@
<?php <?php
function GetConnectionToDB(){
//========SQL_CONFIG========// //========SQL_CONFIG========//
$SQL_Host = "localhost"; $SQL_Host = "localhost";
$SQL_Database = "palm-paste"; $SQL_Database = "palm-paste";
$SQL_User = "paste"; $SQL_User = "paste";
$SQL_Password = "ckQgRJRhib74XMgVpzmn38uj1MrCcNnK7L9bc7zu"; $SQL_Password = "ckQgRJRhib74XMgVpzmn38uj1MrCcNnK7L9bc7zu";
//========CRON_JOBS=========//
$CRON_ExpireKey = "b1g51bf6g";
//========CONNECTION========// //========CONNECTION========//
$conn = new PDO('mysql:host='.$SQL_Host.';dbname='.$SQL_Database.';charset=utf8mb4', $SQL_User, $SQL_Password); $conn = new PDO('mysql:host='.$SQL_Host.';dbname='.$SQL_Database.';charset=utf8mb4', $SQL_User, $SQL_Password);
return $conn;
}
//========CRON_JOBS=========//
$CRON_ExpireKey = "b1g51bf6g";
?> ?>

View File

@ -1,6 +1,7 @@
<?php <?php
include_once "config/config.php"; include_once "config/config.php";
function RemoveExpiredPastes(){ function RemoveExpiredPastes(){
$conn = GetConnectionToDB();
$time = time(); $time = time();
$stmt = $conn->prepare("DELETE from `pastes` where `expire`<:time and `expire`>0"); $stmt = $conn->prepare("DELETE from `pastes` where `expire`<:time and `expire`>0");
$stmt->bindValue(':time', $time); $stmt->bindValue(':time', $time);

View File

@ -6,7 +6,8 @@
$uid = $_GET["page"]; $uid = $_GET["page"];
echo '<script type="text/javascript" src="js/SyntaxHighlighter/shCore.js"></script>'; echo '<script type="text/javascript" src="js/SyntaxHighlighter/shCore.js"></script>';
// //
include "config/config.php"; include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT highlight FROM pastes WHERE uid="'.$uid.'"'); $stmt = $conn->query('SELECT highlight FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){ if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$conn = null; $conn = null;

View File

@ -1,6 +1,7 @@
<?php <?php
function GetUsersIDBySession($sid,$skey){ function GetUsersIDBySession($sid,$skey){
include "config/config.php"; include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey"); $stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey");
$stmt->bindParam(':skey', $skey); $stmt->bindParam(':skey', $skey);
$stmt->bindParam(':sid', $sid); $stmt->bindParam(':sid', $sid);
@ -14,7 +15,8 @@ function GetUsersIDBySession($sid,$skey){
} }
} }
function LogOutUserBySession($sid,$skey){ function LogOutUserBySession($sid,$skey){
include "config/config.php"; include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare("DELETE FROM sessions WHERE id=:sid AND skey=:skey"); $stmt = $conn->prepare("DELETE FROM sessions WHERE id=:sid AND skey=:skey");
$stmt->bindParam(':skey', $skey); $stmt->bindParam(':skey', $skey);
$stmt->bindParam(':sid', $sid); $stmt->bindParam(':sid', $sid);
@ -27,7 +29,8 @@ function UnsetBrowserCookies(){
setcookie("pp_skey", '', time() - 3600); setcookie("pp_skey", '', time() - 3600);
} }
function GetUserByID($id){ function GetUserByID($id){
include "config/config.php"; include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare("SELECT * FROM users WHERE id=:id"); $stmt = $conn->prepare("SELECT * FROM users WHERE id=:id");
$stmt->bindParam(':id', $id); $stmt->bindParam(':id', $id);
$stmt->execute(); $stmt->execute();

View File

@ -20,7 +20,7 @@
});</script> });</script>
<!-- Highlight scripts --> <!-- Highlight scripts -->
<?php include "includes/highlight.php"; ?> <?php include_once "includes/highlight.php"; ?>
</head> </head>
<body> <body>
<!-- NavBar --> <!-- NavBar -->
@ -36,7 +36,7 @@
</ul> </ul>
<ul class="nav navbar-nav navbar-right"> <ul class="nav navbar-nav navbar-right">
<?php <?php
include "includes/user.php"; include_once "includes/user.php";
$userID = -1; $userID = -1;
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])) if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]); $userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
@ -98,22 +98,22 @@
<?php <?php
if (isset($_GET["page"])){ if (isset($_GET["page"])){
if($_GET["page"] == "create"){ if($_GET["page"] == "create"){
include "NewPaste.php"; include_once "NewPaste.php";
} else if($_GET["page"] == "mypastes"){ } else if($_GET["page"] == "mypastes"){
include "MyPastes.php"; include_once "MyPastes.php";
} else if($_GET["page"] == "login"){ } else if($_GET["page"] == "login"){
include "login.php"; include_once "login.php";
} else if($_GET["page"] == "logout"){ } else if($_GET["page"] == "logout"){
header("Location: login.php?logout=1"); header("Location: login.php?logout=1");
die(); die();
} else if($_GET["page"] == "signup"){ } else if($_GET["page"] == "signup"){
include "signup.php"; include_once "signup.php";
} else { } else {
$uid = $_GET["page"]; $uid = $_GET["page"];
include "ViewPaste.php"; include_once "ViewPaste.php";
} }
} else { } else {
include "NewPaste.php"; include_once "NewPaste.php";
} }
?> ?>
</body> </body>

View File

@ -8,7 +8,7 @@ function generate_skey(){
return $key; return $key;
} }
if(isset($_GET["logout"])){ if(isset($_GET["logout"])){
include "includes/user.php"; include_once "includes/user.php";
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){ if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
LogOutUserBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]); LogOutUserBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
UnsetBrowserCookies(); UnsetBrowserCookies();
@ -23,7 +23,8 @@ if(isset($_GET["logout"])){
if(isset($_POST["remember"]) && $_POST["remember"]=="on") if(isset($_POST["remember"]) && $_POST["remember"]=="on")
$remember = 1; $remember = 1;
//Try to login //Try to login
include "config/config.php"; include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?'); $stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
$stmt->execute(array($user)); $stmt->execute(array($user));
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){ if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
@ -56,7 +57,8 @@ if(isset($_GET["logout"])){
$pwd = $_POST["pwd"]; $pwd = $_POST["pwd"];
$hash = password_hash($pwd ,CRYPT_BLOWFISH); $hash = password_hash($pwd ,CRYPT_BLOWFISH);
//Does this user exist //Does this user exist
include "config/config.php"; include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?'); $stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
$stmt->execute(array($user)); $stmt->execute(array($user));
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){ if($result = $stmt->fetch(PDO::FETCH_ASSOC)){

View File

@ -1,8 +1,8 @@
<?php <?php
include "config/config.php"; include_once "config/config.php";
function generate_uid () { function generate_uid () {
global $conn; $conn = GetConnectionToDB();
$name = ''; $name = '';
// We start at N retries, and --N until we give up // We start at N retries, and --N until we give up
$tries = 500; $tries = 500;
@ -22,6 +22,7 @@ function generate_uid () {
$result = $q->fetchColumn(); $result = $q->fetchColumn();
// If it does, generate a new uid // If it does, generate a new uid
} while($result > 0); } while($result > 0);
$conn = null;
return $name; return $name;
} }
@ -35,7 +36,7 @@ if(isset($_POST["type"])){
if(isset($_POST["title"])) if(isset($_POST["title"]))
$title = $_POST["title"]; $title = $_POST["title"];
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"])) if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
$$exposure = $_POST["exposure"]; $exposure = $_POST["exposure"];
$uid = generate_uid(); $uid = generate_uid();
$created = time(); $created = time();
$expire = 0; $expire = 0;
@ -52,6 +53,7 @@ if(isset($_POST["type"])){
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]); $owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
} }
/* Add paste to database */ /* Add paste to database */
$conn = GetConnectionToDB();
$QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire,exposure,owner,highlight) $QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire,exposure,owner,highlight)
VALUES (:uid, :tit, :txt, :cre, :exp, :exposure, :own, :hl)"; VALUES (:uid, :tit, :txt, :cre, :exp, :exposure, :own, :hl)";
$stmt = $conn->prepare($QuerySTR); $stmt = $conn->prepare($QuerySTR);
@ -69,5 +71,4 @@ if(isset($_POST["type"])){
die(); die();
} }
} }
$conn = null;
?> ?>