diff options
Diffstat (limited to 'php')
-rw-r--r-- | php/configuration.php | 16 | ||||
-rw-r--r-- | php/database.php | 8 | ||||
-rw-r--r-- | php/login.php | 7 | ||||
-rw-r--r-- | php/logout.php | 10 | ||||
-rw-r--r-- | php/misc.php | 5 | ||||
-rw-r--r-- | php/register.php | 11 | ||||
-rw-r--r-- | php/upload.php | 1 |
7 files changed, 41 insertions, 17 deletions
diff --git a/php/configuration.php b/php/configuration.php index 90face8..425dd10 100644 --- a/php/configuration.php +++ b/php/configuration.php @@ -3,15 +3,29 @@ $domain_name="localhost"; +<<<<<<< HEAD +======= +if (file_exists("/home/alex")) { + $database_name="alex"; + $database_username="alex"; + $database_password="lol"; + $database_location="127.0.0.1"; +>>>>>>> f1cd0085cd8dba8b25818fc998d315b28e6c13a5 + + $storage_root = "/home/alex/fileup_storage"; +} +else { + $database_name="fileup_testing"; $database_username="outsider"; $database_password="parola123"; $database_location="localhost"; + $storage_root = "/tmp/fileup_storage"; +} $password_hash_algo=PASSWORD_BCRYPT; - $has_email_verification=false; ?> diff --git a/php/database.php b/php/database.php index ef2b825..f472cbf 100644 --- a/php/database.php +++ b/php/database.php @@ -16,14 +16,8 @@ require_once "misc.php"; global $database_username; global $database_password; global $database_location; - try - { + $this->pdo=new PDO("mysql:dbname={$database_name};host={$database_location}",$database_username,$database_password); - }catch(PDOException $e) - { - error_log("Could not get database {$database_name} from {$database_location}, {$e} "); - die("The cow bought the farm"); - } } /*returns false if this isn't a user, otherwise returns the user*/ diff --git a/php/login.php b/php/login.php index e6d44dc..536a5bf 100644 --- a/php/login.php +++ b/php/login.php @@ -3,6 +3,8 @@ require_once "user.php"; require_once "database.php"; require_once "misc.php"; +session_start(); + $username=$_POST["username"]; $password=$_POST["password"]; /*server side verification*/ @@ -18,8 +20,7 @@ if(!$user) die("Password or username is incorrect"); } -echo "Username: {$user->username}\n"; -echo "Email: {$user->email_address}"; - +$_SESSION['username'] = $user->username; +header('Location: /'); ?> diff --git a/php/logout.php b/php/logout.php new file mode 100644 index 0000000..9a4cdd7 --- /dev/null +++ b/php/logout.php @@ -0,0 +1,10 @@ +<?php +// TODO +// This is dangerous and stupid +// Right now every webpage can redirect any of its users to http://shady.upload/logout +// which will log the user out of our webpage + +session_start(); +unset($_SESSION['username']); +header('Location: /'); +?> diff --git a/php/misc.php b/php/misc.php index 3ab0277..69cd654 100644 --- a/php/misc.php +++ b/php/misc.php @@ -1,11 +1,6 @@ <?php require_once "user.php"; -function validate_credentials(string $username,string $email,string $password,string $password2) : bool -{ - return true; -} - function generate_email_verification_link() { /*TODO*/ diff --git a/php/register.php b/php/register.php index b6b164c..1d31a91 100644 --- a/php/register.php +++ b/php/register.php @@ -8,6 +8,13 @@ $password=$_POST["password"]; $password2=$_POST["password2"]; $email=$_POST["email"]; + +function validate_credentials(string $username,string $email,string $password,string $password2) : bool +{ + return true; +} + + /*check if we are given shady credentials*/ if(!validate_credentials($username,$email,$password,$password2)) { @@ -24,4 +31,8 @@ if($database->register_user($username,$password,$email)) echo "didn't register"; } + +$_SESSION['username'] = $username; +header('Location: /'); + ?> diff --git a/php/upload.php b/php/upload.php index 93fa778..d9110c7 100644 --- a/php/upload.php +++ b/php/upload.php @@ -5,7 +5,6 @@ if (!array_key_exists('uf', $_FILES)) { exit(); } - $file = $_FILES['uf']; |