A better way to make a connection to the database

This commit is contained in:
pikami 2016-06-16 15:33:16 +00:00
parent 4c1f18c593
commit e9ccb5c919
11 changed files with 48 additions and 32 deletions

View File

@ -2,8 +2,9 @@
<div class="panel panel-default">
<div class="panel-body">
<?php
include "config/config.php";
include_once "config/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
if(GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]) == -1){
printf('<h2>You must be loged in to see your pastes!</h2>');
$conn = null;

View File

@ -3,13 +3,15 @@
<h4>Newest pastes:</h4>
<div class="list-group">
<?php
include "config/config.php";
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5');
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8');
if(strlen($title)>25)$title = substr($title,0,25)."...";
echo "<a href=\"".htmlspecialchars($row['uid'], ENT_QUOTES, 'UTF-8')."\" class=\"list-group-item\">".$title."</a>";
}
$conn = null;
?>
</div>
</div>

View File

@ -3,18 +3,20 @@
<div class="panel-body">
<?php
if(isset($uid)){
include "config/config.php";
include_once "config/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$conn = null;
if($result["expire"]!=0 && $result["expire"]<time()){
//This paste is expired but not removed
include "cronjob.php";
echo "<h1>This paste just expired</h1>";
include_once "cronjob.php";
RemoveExpiredPastes();
die();
}
if($result["exposure"]==2 && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]) && $result["owner"]!=GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"])){
if($result["exposure"]==2 && $result["owner"]!=0 && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]) && $result["owner"]!=GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"])){
echo "<h1>This paste is private</h1>";
die();
}

View File

@ -1,11 +1,14 @@
<?php
function GetConnectionToDB(){
//========SQL_CONFIG========//
$SQL_Host = "localhost";
$SQL_Database = "palm-paste";
$SQL_User = "paste";
$SQL_Password = "ckQgRJRhib74XMgVpzmn38uj1MrCcNnK7L9bc7zu";
//========CRON_JOBS=========//
$CRON_ExpireKey = "b1g51bf6g";
//========CONNECTION========//
$conn = new PDO('mysql:host='.$SQL_Host.';dbname='.$SQL_Database.';charset=utf8mb4', $SQL_User, $SQL_Password);
return $conn;
}
//========CRON_JOBS=========//
$CRON_ExpireKey = "b1g51bf6g";
?>

View File

@ -1,6 +1,7 @@
<?php
include_once "config/config.php";
function RemoveExpiredPastes(){
$conn = GetConnectionToDB();
$time = time();
$stmt = $conn->prepare("DELETE from `pastes` where `expire`<:time and `expire`>0");
$stmt->bindValue(':time', $time);

View File

@ -6,7 +6,8 @@
$uid = $_GET["page"];
echo '<script type="text/javascript" src="js/SyntaxHighlighter/shCore.js"></script>';
//
include "config/config.php";
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT highlight FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$conn = null;

View File

@ -1,6 +1,7 @@
<?php
function GetUsersIDBySession($sid,$skey){
include "config/config.php";
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey");
$stmt->bindParam(':skey', $skey);
$stmt->bindParam(':sid', $sid);
@ -14,7 +15,8 @@ function GetUsersIDBySession($sid,$skey){
}
}
function LogOutUserBySession($sid,$skey){
include "config/config.php";
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare("DELETE FROM sessions WHERE id=:sid AND skey=:skey");
$stmt->bindParam(':skey', $skey);
$stmt->bindParam(':sid', $sid);
@ -27,7 +29,8 @@ function UnsetBrowserCookies(){
setcookie("pp_skey", '', time() - 3600);
}
function GetUserByID($id){
include "config/config.php";
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare("SELECT * FROM users WHERE id=:id");
$stmt->bindParam(':id', $id);
$stmt->execute();

View File

@ -20,7 +20,7 @@
});</script>
<!-- Highlight scripts -->
<?php include "includes/highlight.php"; ?>
<?php include_once "includes/highlight.php"; ?>
</head>
<body>
<!-- NavBar -->
@ -36,7 +36,7 @@
</ul>
<ul class="nav navbar-nav navbar-right">
<?php
include "includes/user.php";
include_once "includes/user.php";
$userID = -1;
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
@ -98,22 +98,22 @@
<?php
if (isset($_GET["page"])){
if($_GET["page"] == "create"){
include "NewPaste.php";
include_once "NewPaste.php";
} else if($_GET["page"] == "mypastes"){
include "MyPastes.php";
include_once "MyPastes.php";
} else if($_GET["page"] == "login"){
include "login.php";
include_once "login.php";
} else if($_GET["page"] == "logout"){
header("Location: login.php?logout=1");
die();
} else if($_GET["page"] == "signup"){
include "signup.php";
include_once "signup.php";
} else {
$uid = $_GET["page"];
include "ViewPaste.php";
include_once "ViewPaste.php";
}
} else {
include "NewPaste.php";
include_once "NewPaste.php";
}
?>
</body>

View File

@ -8,7 +8,7 @@ function generate_skey(){
return $key;
}
if(isset($_GET["logout"])){
include "includes/user.php";
include_once "includes/user.php";
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
LogOutUserBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
UnsetBrowserCookies();
@ -23,7 +23,8 @@ if(isset($_GET["logout"])){
if(isset($_POST["remember"]) && $_POST["remember"]=="on")
$remember = 1;
//Try to login
include "config/config.php";
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
$stmt->execute(array($user));
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
@ -56,7 +57,8 @@ if(isset($_GET["logout"])){
$pwd = $_POST["pwd"];
$hash = password_hash($pwd ,CRYPT_BLOWFISH);
//Does this user exist
include "config/config.php";
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
$stmt->execute(array($user));
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){

View File

@ -1,8 +1,8 @@
<?php
include "config/config.php";
include_once "config/config.php";
function generate_uid () {
global $conn;
$conn = GetConnectionToDB();
$name = '';
// We start at N retries, and --N until we give up
$tries = 500;
@ -22,6 +22,7 @@ function generate_uid () {
$result = $q->fetchColumn();
// If it does, generate a new uid
} while($result > 0);
$conn = null;
return $name;
}
@ -35,7 +36,7 @@ if(isset($_POST["type"])){
if(isset($_POST["title"]))
$title = $_POST["title"];
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
$$exposure = $_POST["exposure"];
$exposure = $_POST["exposure"];
$uid = generate_uid();
$created = time();
$expire = 0;
@ -52,6 +53,7 @@ if(isset($_POST["type"])){
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
}
/* Add paste to database */
$conn = GetConnectionToDB();
$QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire,exposure,owner,highlight)
VALUES (:uid, :tit, :txt, :cre, :exp, :exposure, :own, :hl)";
$stmt = $conn->prepare($QuerySTR);
@ -69,5 +71,4 @@ if(isset($_POST["type"])){
die();
}
}
$conn = null;
?>