Commit 486d463b authored by root's avatar root

Initial commit.

parents
<?php
include "base.php";
global $mysql;
global $authenticated;
if ($authenticated) {
$stmt = $mysql->prepare(
"INSERT INTO times (name, time, performance_date)
VALUES (?, ?, ?)") or die($mysql->error);
$time = $_REQUEST["time"] * 1000;
$stmt->bind_param("sss", $_REQUEST["name"], $time, $_REQUEST["when"]);
$stmt->execute() or die($mysql->error);
$stmt->close();
} else {
die("Not logged in");
}
header("Location: /");
die();
<?php include "head.php"; ?>
<article>
<?php if (! $authenticated) { ?>
<form method="POST" action="login.php" class="loginform">
<label>Username:</label><input type="text" name="username"/>
<label>Password:</label><input type="password" name="password">
<input type="hidden" name="returnaddr" value="<?= $url ?>"/>
<input type="submit" value="Log in"/>
</form>
<?php } else { ?>
<h2>Create User</h2>
<form method="POST" action="create_user.php" class="loginform">
<label>Username:</label><input type="text" name="username"/>
<label>Real Name:</label><input type="text" name="real_name"/>
<label>Password:</label><input type="password" name="password">
<label>Repeat Password:</label><input type="password" name="password2">
<input type="hidden" name="returnaddr" value="<?= $url ?>"/>
<input type="submit" value="Create"/>
</form>
<?php } ?>
</article>
<?php include "tail.php"; ?>
<?php
ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
error_reporting(E_ALL);
// error_reporting(~E_STRICT);
$mysql = new mysqli("localhost", "drain", "securepassword", "drain")
or die(mysqli_connect_error());
$url = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
function create_user($username, $real_name, $password) {
global $mysql;
$salt = substr(md5(rand()), 0, 64);
$hash = hash ("sha256", $salt . $password);
$stmt = $mysql->prepare(
"INSERT INTO users (username, full_name, salt, hash)
VALUES (?, ?, ?, ?)") or die($mysql->error);
$stmt->bind_param("ssss", $username, $real_name, $salt, $hash);
$stmt->execute() or die($mysql->error);
$stmt->close();
}
function login_user($name, $password) {
global $mysql;
$stmt = $mysql->prepare(
"SELECT sha2(concat(salt, ?), 256), hash
FROM users WHERE username = ?") or die($mysql->error);
$stmt->bind_param("ss", $password, $name);
$stmt->execute() or die($mysql->error);
$stmt->bind_result($h1, $h2);
$stmt->fetch() or die($mysql->error);
$stmt->close();
if ($h1 === $h2) {
$stmt = $mysql->prepare(
"INSERT INTO session_cookies (username, best_before, hash)
VALUES (?, ?, ?)") or die($mysql->error);
// next month
$best_before = date("Y-m-d H:i:s", time() + 3600 * 24 * 7 * 4);
$stmt->bind_param("sss", $name, $best_before, $h1);
$stmt->execute() or die($mysql->error);
$stmt->close();
return "name=$name&hash=$h1";
} else {
return False;
}
}
function auth_cookie($cookie) {
global $mysql;
parse_str($cookie, $output);
$stmt = $mysql->prepare(
"SELECT hash FROM session_cookies
WHERE username = ?
") or die($mysql->error);
$stmt->bind_param ("s", $output["name"]);
$stmt->bind_result($hash);
$stmt->execute() or die($mysql->error);
$row = $stmt->fetch();
$stmt->close();
if ($output["hash"] === $hash) {
$stmt = $mysql->prepare("SELECT full_name FROM users WHERE username = ?") or die($mysql->error);
$stmt->bind_param("s", $output["name"]);
$stmt->execute() or die($mysql->error);
$stmt->bind_result($name);
$stmt->fetch() or die($mysql->error);
return array(
"name" => $name,
"username" => $output["name"]);
} else {
return False;
}
}
$authenticated = False;
if (array_key_exists("login", $_COOKIE)) {
$authenticated = auth_cookie($_COOKIE["login"]);
}
<?php
include "base.php";
// $cookie = $_COOKIE["login"] or die("No cookie");
//
// auth_cookie($cookie) or die("Bad cookie");
($_REQUEST["password"] === $_REQUEST["password2"]) or die("passwords don't match");
create_user($_REQUEST["username"], $_REQUEST["real_name"], $_REQUEST["password"]);
header("Location: /");
die();
<?php include "base.php" ?>
<!doctype html>
<html>
<head>
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width; initial-scale=1.0"/>
<link rel="stylesheet" href="style.css"/>
<title>Häfvfakultet</title>
</head>
<body>
<header>
<div class="left">
<h2>Häfv nollan, nollan häfv!</h2>
<?php
global $authenticated;
if ($authenticated) {
?>
<p>Välkommen, <?= $authenticated["name"] ?></p>
<?php } ?>
</div>
<img src="hf-logo.png" alt="HF Logo"/>
</header>
<nav>
<ul>
<li><a href="/">Startsidan</a></li>
<li><a href="medlem.php">Bli medlem</a></li>
<li><a href="/stadgar.php">Stadgar</a></li>
<li><a href="/regler.php">Reglemente</a></li>
<li>Facebook</li>
<hr/>
<?php if($authenticated) { ?>
<li><a href="/logout.php">Log Out</a></li>
<?php } else { ?>
<li><a href="/admin.php">Log in</a></li>
<?php } ?>
<li><a href="/admin.php">Admin</a></li>
</ul>
</nav>
<main>
<?php include "head.php"; ?>
<article>
<h2>Häfvbastu!</h2>
Den 14 septemebr är det dags för terminens första häfvbastu!
</article>
<hr/>
<article>
<h2>Bästa Häfvtiderna!</h2>
<table style="width:100%;">
<thead>
<tr>
<th>#</th>
<th>Namn</th>
<th>Tid</th>
<th>När</th>
</tr>
</thead>
<tbody>
<?php
$times = $mysql->query(
"SELECT name, time, performance_date FROM times
ORDER BY time ASC")
or die($mysql->error);
$i = 1;
while ($row = $times->fetch_assoc()) { ?>
<tr>
<td><?= $i++ ?>
<td><?= $row["name"] ?></td>
<td><?= sprintf("%.2f", $row["time"] / 1000) ?></td>
<td><?= substr($row["performance_date"], 0, 10) ?></td>
</tr>
<?php } ?>
</tbody>
<?php if ($authenticated) { ?>
<tfoot>
<form method="POST" action="add_time.php">
<tr>
<td></td>
<td><input name="name" type="text" placeholder="Namn"/></td>
<td><input name="time" type="number" min="0" max="10" step="0.01" placeholder="Tid" /></td>
<td><input name="when" type="date" value="<?php echo date('Y-m-d'); ?>" /></td>
</tr>
<td></td><td colspan="3"><input style="width: 100%" type="submit"/></td>
<tr>
</tr>
</form>
</tfoot>
<?php } ?>
</table>
</article>
<?php include "tail.php"; ?>
<?php
include "base.php";
$auth = login_user($_REQUEST["username"], $_REQUEST["password"]);
if ($auth) {
setcookie ("login", $auth);
}
header("Location: /");
die();
<?php
include "base.php";
global $authenticated;
if ($authenticated) {
global $mysql;
unset($_COOKIE["login"]);
setcookie("login", null);
$stmt = $mysql->prepare("DELETE FROM session_cookies WHERE username = ?") or die($mysql->error);
$stmt->bind_param("s", $authenticated["username"]);
$stmt->execute() or die($mysql->error);
header("Location: /");
die();
}
<?php include "head.php"; ?>
<article>
You don't.
</article>
<?php include "tail.php"; ?>
<!doctype html>
<html>
<head>
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width; initial-scale=1.0"/>
<link rel="stylesheet" href="style.css"/>
<title>Bli medlemm­- Häfvfakultet</title>
</head>
<body>
</body>
<?php include "head.php"; ?>
<article>
Reglerna kommer snart.
</article>
<?php include "tail.php"; ?>
CREATE TABLE times (
id INT(11) AUTO_INCREMENT,
name VARCHAR(1023) NOT NULL,
time INTEGER NOT NULL,
performance_date TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id)
);
CREATE TABLE users (
id INT(11) AUTO_INCREMENT,
username varchar(1023) NOT NULL,
full_name varchar(1023),
salt char(64) NOT NULL,
hash char(64) NOT NULL,
PRIMARY KEY (id),
UNIQUE (username)
);
CREATE TABLE session_cookies (
id INT(11) AUTO_INCREMENT,
username varchar(1023) NOT NULL,
best_before TIMESTAMP NOT NULL,
hash char(64) NOT NULL,
PRIMARY KEY (id)
);
<?php include "head.php"; ?>
<article>
Stadgarna kommer snart.
</article>
<?php include "tail.php"; ?>
body {
padding: 0;
margin: 0;
min-height: 100vh;
display: flex;
flex-direction: column;
font-family: arial;
}
nav {
border-bottom: 2px dotted gray;
}
@media (min-width: 768px) {
body {
display: grid;
grid-template-columns: 200px 1fr 200px;
grid-template-rows: auto 1fr auto;
grid-template-areas:
"header header header"
"sidebar main main"
"footer footer footer";
}
nav {
border-right: 2px dotted gray;
border-bottom: none;
}
}
header {
grid-area: header;
background-color: red;
background-image: url("white-plaster.png");
height: 100px;
}
header .left {
display: flex;
flex-direction: column;
float: left;
justify-content: space-evenly;
height: 100%;
}
.left > * {
margin: 0;
padding-left: 1em;
}
.left > p {
padding-left: 4em;
color: #333;
}
header img {
float: right;
height: 100%;
}
main {
grid-area: main;
flex: 1;
font-family: times;
}
nav {
grid-area: sidebar;
}
footer { grid-area: footer; }
article {
margin: 1em;
}
/* häfv times */
table {
border: 1px solid black;
border-collapse: collapse;
}
thead, tbody tr:nth-child(even) {
background-color: lightgray;
}
tbody tr:hover {
background-color: #FF67677F;
}
td {
padding: 0.5em;
text-align: center;
}
form td {
padding: 0;
}
.loginform {
display: grid;
grid-template-columns: 8em auto;
}
.loginform input[type=submit] {
grid-column-end: span 2;
}
nav ul {
list-style-type: none;
padding: 0;
}
nav li {
width: 100%;
height: 2em;
display: flex;
align-items: center;
justify-content: center;
}
nav li a {
text-decoration: none;
color: black !important;
}
nav li:hover {
background-color: red;
}
</main>
<footer>
Is there supposed to be something in the footer?
</footer>
</body>
</html>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment