aboutsummaryrefslogtreecommitdiffstats
path: root/php
diff options
context:
space:
mode:
Diffstat (limited to 'php')
-rw-r--r--php/configuration.php16
-rw-r--r--php/database.php8
-rw-r--r--php/login.php7
-rw-r--r--php/logout.php10
-rw-r--r--php/misc.php5
-rw-r--r--php/register.php11
-rw-r--r--php/upload.php1
7 files changed, 41 insertions, 17 deletions
diff --git a/php/configuration.php b/php/configuration.php
index 90face8..425dd10 100644
--- a/php/configuration.php
+++ b/php/configuration.php
@@ -3,15 +3,29 @@
$domain_name="localhost";
+<<<<<<< HEAD
+=======
+if (file_exists("/home/alex")) {
+ $database_name="alex";
+ $database_username="alex";
+ $database_password="lol";
+ $database_location="127.0.0.1";
+>>>>>>> f1cd0085cd8dba8b25818fc998d315b28e6c13a5
+
+ $storage_root = "/home/alex/fileup_storage";
+}
+else {
+
$database_name="fileup_testing";
$database_username="outsider";
$database_password="parola123";
$database_location="localhost";
+ $storage_root = "/tmp/fileup_storage";
+}
$password_hash_algo=PASSWORD_BCRYPT;
-
$has_email_verification=false;
?>
diff --git a/php/database.php b/php/database.php
index ef2b825..f472cbf 100644
--- a/php/database.php
+++ b/php/database.php
@@ -16,14 +16,8 @@ require_once "misc.php";
global $database_username;
global $database_password;
global $database_location;
- try
- {
+
$this->pdo=new PDO("mysql:dbname={$database_name};host={$database_location}",$database_username,$database_password);
- }catch(PDOException $e)
- {
- error_log("Could not get database {$database_name} from {$database_location}, {$e} ");
- die("The cow bought the farm");
- }
}
/*returns false if this isn't a user, otherwise returns the user*/
diff --git a/php/login.php b/php/login.php
index e6d44dc..536a5bf 100644
--- a/php/login.php
+++ b/php/login.php
@@ -3,6 +3,8 @@ require_once "user.php";
require_once "database.php";
require_once "misc.php";
+session_start();
+
$username=$_POST["username"];
$password=$_POST["password"];
/*server side verification*/
@@ -18,8 +20,7 @@ if(!$user)
die("Password or username is incorrect");
}
-echo "Username: {$user->username}\n";
-echo "Email: {$user->email_address}";
-
+$_SESSION['username'] = $user->username;
+header('Location: /');
?>
diff --git a/php/logout.php b/php/logout.php
new file mode 100644
index 0000000..9a4cdd7
--- /dev/null
+++ b/php/logout.php
@@ -0,0 +1,10 @@
+<?php
+// TODO
+// This is dangerous and stupid
+// Right now every webpage can redirect any of its users to http://shady.upload/logout
+// which will log the user out of our webpage
+
+session_start();
+unset($_SESSION['username']);
+header('Location: /');
+?>
diff --git a/php/misc.php b/php/misc.php
index 3ab0277..69cd654 100644
--- a/php/misc.php
+++ b/php/misc.php
@@ -1,11 +1,6 @@
<?php
require_once "user.php";
-function validate_credentials(string $username,string $email,string $password,string $password2) : bool
-{
- return true;
-}
-
function generate_email_verification_link()
{
/*TODO*/
diff --git a/php/register.php b/php/register.php
index b6b164c..1d31a91 100644
--- a/php/register.php
+++ b/php/register.php
@@ -8,6 +8,13 @@ $password=$_POST["password"];
$password2=$_POST["password2"];
$email=$_POST["email"];
+
+function validate_credentials(string $username,string $email,string $password,string $password2) : bool
+{
+ return true;
+}
+
+
/*check if we are given shady credentials*/
if(!validate_credentials($username,$email,$password,$password2))
{
@@ -24,4 +31,8 @@ if($database->register_user($username,$password,$email))
echo "didn't register";
}
+
+$_SESSION['username'] = $username;
+header('Location: /');
+
?>
diff --git a/php/upload.php b/php/upload.php
index 93fa778..d9110c7 100644
--- a/php/upload.php
+++ b/php/upload.php
@@ -5,7 +5,6 @@ if (!array_key_exists('uf', $_FILES)) {
exit();
}
-
$file = $_FILES['uf'];