Galleries/PHPGallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2025-06-26 19:36:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Moved files around and fixed bugs that caused me suffering due to it

Browse source
This commit is contained in:
Michał Gdula 2022-07-26 14:52:41 +01:00
parent 4d2afac053
commit 182892b172
11 changed files with 51 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

34
account/account.php Normal file
View file

@ -0,0 +1,34 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Account</title>
<link rel="stylesheet" href="../css/master.css">
<link href="https://fonts.googleapis.com/css2?family=Rubik" rel="stylesheet">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@600&amp;display=swap">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Fira+Code:wght@500&amp;display=swap">
</head>
<body>
<?php include("../ui/header.php"); ?>
<div class="account-root">
<h2>Account settings</h2>
<?php
if (isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
echo "<p>O hi ".$_SESSION["username"].".</p>";
echo "<a class='btn alert-low space-top' href='https://superdupersecteteuploadtest.fluffybean.gay/account/password-reset.php'><img class='svg' src='../assets/icons/password.svg'>Reset Password</a>";
echo "<a class='btn alert-low space-top' href='https://superdupersecteteuploadtest.fluffybean.gay/account/logout.php'><img class='svg' src='../assets/icons/sign-out.svg'>Logout</a>";
} else {
echo "<p class='space-bottom-large'>You must be logged in to change your account settings!</p>";
echo "<a class='btn alert-high space-top-large' href='https://superdupersecteteuploadtest.fluffybean.gay/account/login.php'>Login!</a>";
}
?>
</div>
<?php
include("../ui/top.html");
include("../ui/footer.php");
?>
</body>
</html>

119
account/login.php Normal file
View file

@ -0,0 +1,119 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
<link rel="stylesheet" href="../css/master.css">
<link href="https://fonts.googleapis.com/css2?family=Rubik" rel="stylesheet">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@600&amp;display=swap">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Fira+Code:wght@500&amp;display=swap">
</head>
<body>
<?php
include("../ui/header.php");
require_once("../ui/conn.php");
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
$success = "You're already logged in! No need to try this again";
}
if (isset($_POST['login'])) {
// Checking if Username is empty
if (empty(trim($_POST["username"]))) {
$error = "Who are you?";
} else {
$username = trim($_POST["username"]);
}
// Check if Password is empty
if (empty(trim($_POST["password"]))) {
$error = "Pls enter super duper secrete password";
} else {
$password = trim($_POST["password"]);
}
// Check if no errors occured
if (empty($error)) {
// Prepare so SQL doesnt get spooked
$sql = "SELECT id, username, password FROM users WHERE username = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind dis shit
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = $username;
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// Store result
mysqli_stmt_store_result($stmt);
// Check if username exists, if yes then verify password
if (mysqli_stmt_num_rows($stmt) == 1) {
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
if (mysqli_stmt_fetch($stmt)) {
if (password_verify($password, $hashed_password)) {
// Password is correct, so start a new session
session_start();
// Store data in session variables
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["username"] = $username;
// let the user know
$success = "Yupee! You are now logged in";
header("Location:https://superdupersecteteuploadtest.fluffybean.gay/index.php?login=success");
} else {
$error = "Username or Password sus, please try again :3";
}
}
} else {
$error = "Username or Password sus, please try again :3";
}
} else {
$error = "Sowwy, something went wrong on our end :c";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($conn);
}
?>
<div class="login-root">
<h2 class="space-bottom">Login</h2>
<p class="space-bottom">Passwords are important to keep safe. Don't tell anyone your password, not even Fluffy!</p>
<form class="flex-down between" method="POST" action="login.php" enctype="multipart/form-data">
<input class="btn alert-default space-bottom" type="text" name="username" placeholder="Username">
<input class="btn alert-default space-bottom-large" type="password" name="password" placeholder="Password">
<button class="btn alert-high" type="submit" name="login"><img class="svg" src="../assets/icons/sign-in.svg">Login</button>
</form>
<?php
if (isset($error)) {
echo "<p class='alert alert-low space-top'>".$error."</p>";
}
if (isset($success)) {
echo "<p class='alert alert-high space-top'>".$success."</p>";
}
?>
<a class='btn alert-default space-top-large' href='https://superdupersecteteuploadtest.fluffybean.gay/account/signup.php'><img class="svg" src="../assets/icons/sign-in.svg">Need an account? Sign up!</a>
</div>
<?php
include("../ui/top.html");
include("../ui/footer.php");
?>
</body>
</html>

14
account/logout.php Normal file
View file

@ -0,0 +1,14 @@
<?php
// Initialize the session
session_start();
// Unset all of the session variables
$_SESSION = array();
// Destroy the session.
session_destroy();
// Redirect to login page
header("location: https://superdupersecteteuploadtest.fluffybean.gay");
exit;
?>

98
account/password-reset.php Normal file
View file

@ -0,0 +1,98 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Account</title>
<link rel="stylesheet" href="../css/master.css">
<link href="https://fonts.googleapis.com/css2?family=Rubik" rel="stylesheet">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@600&amp;display=swap">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Fira+Code:wght@500&amp;display=swap">
</head>
<body>
<?php
include("../ui/header.php");
include_once("../ui/conn.php");
// Initialize the session
session_start();
// Check if the user is logged in, otherwise redirect to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: https://superdupersecteteuploadtest.fluffybean.gay/account/login.php");
exit;
}
if (isset($_POST['reset'])) {
// Validate new password
if (empty(trim($_POST["new_password"]))) {
$error = "Enter new password!";
} elseif(strlen(trim($_POST["new_password"])) < 6) {
$error = "Password not long enough, must be 6 or more characters!";
} else {
$new_password = trim($_POST["new_password"]);
}
// Validate confirm password
if (empty(trim($_POST["confirm_password"]))) {
$error = "Pls confirm the password";
} else {
$confirm_password = trim($_POST["confirm_password"]);
if(empty($error) && ($new_password != $confirm_password)) {
$error = "Password did not match!!!!";
}
}
// Check for errors
if (empty($error)) {
// Prepare for wack
$sql = "UPDATE users SET password = ? WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_password, $param_id);
// Setting up Password parameters
$param_password = password_hash($new_password, PASSWORD_DEFAULT);
$param_id = $_SESSION["id"];
// Attempt to execute (sus)
if (mysqli_stmt_execute($stmt)) {
// Password updated!!!! Now goodbye
session_destroy();
header("Location: https://superdupersecteteuploadtest.fluffybean.gay/account/login.php");
} else {
$error = "Oopsie woopsie, somthing brokie :c";
}
// Close connection
mysqli_close($stmt);
}
}
// Close connection
mysqli_close($conn);
}
?>
<div class="password-reset-root">
<h2 class="space-bottom">Reset Password</h2>
<p class="space-bottom">After reset, you will be kicked out to login again</p>
<form class="flex-down between" method="POST" action="password-reset.php" enctype="multipart/form-data">
<input class="btn alert-default space-bottom" type="password" name="new_password" placeholder="New Password">
<input class="btn alert-default space-bottom" type="password" name="confirm_password" placeholder="Confirm Password">
<button class="btn alert-low" type="submit" name="reset"><img class="svg" src="../assets/icons/sign-in.svg">Reset</button>
</form>
<?php
if (isset($error)) {
echo "<p class='alert alert-low space-top'>".$error."</p>";
}
?>
</div>
<?php
include("../ui/top.html");
include("../ui/footer.php");
?>
</body>
</html>

132
account/signup.php Normal file
View file

@ -0,0 +1,132 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Sign Up</title>
<link rel="stylesheet" href="../css/master.css">
<link href="https://fonts.googleapis.com/css2?family=Rubik" rel="stylesheet">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@600&amp;display=swap">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Fira+Code:wght@500&amp;display=swap">
</head>
<body>
<?php
include("../ui/header.php");
include_once("../ui/conn.php");
// Validate susness of Username
if (isset($_POST['signup'])) {
if (empty(trim($_POST["username"]))) {
// Username was taken
$error = "Enter a username reeeee";
} elseif (!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))) {
// Username entered contains ilegal characters
$error = "Very sus. Username can only contain letters, numbers, and underscores";
} else {
// Prepare sql for sus
$sql = "SELECT id FROM users WHERE username = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $username_request);
$username_request = trim($_POST["username"]);
if (mysqli_stmt_execute($stmt)) {
// Ask sql nicely if other usernames exist and store info
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
// Username not entered
$error = "Oopsie, username taken :c";
} else {
$username = trim($_POST["username"]);
}
} else {
$error = "Sussy things happened on our end, please try again later";
}
// Outa here with this
mysqli_stmt_close($stmt);
}
}
// Validate sussness of Password
if (empty(trim($_POST["password"]))) {
// No password entered
$error = "Bruh, enter a password";
} elseif(strlen(trim($_POST["password"])) < 6){
// Password not long enough 👀
$error = "(Password) Not long enough 👀";
} else {
$password = trim($_POST["password"]);
}
// Validate sussiness of the other Password
if (empty(trim($_POST["confirm_password"]))) {
// Did not confirm passowrd
$error = "You must confirm password!!!!!";
} else {
$confirm_password = trim($_POST["confirm_password"]);
if (empty($error) && $confirm_password != $password) {
// Password and re-entered Password does not match
$error = "Passwords need to be the same, smelly smelly";
}
}
// Check for invite code
if (isset($_POST['invite_code'])) {
if ($_POST['invite_code'] != "23R2pz33yDrb3Ry9") {
$error = "Seems that you don't have the right invite code, whatever shall you do";
}
} else {
$error = "Enter Invite Code ;3";
}
// Checking for errors
if (empty($error)) {
$sql = "INSERT INTO users (username, password) VALUES (?, ?)";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ss", $param_username, $param_password);
// Set parameters
$param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT);
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
$success = "Account made for ".$username."!!!!!!";
} else {
$error = "Something went fuckywucky, please try later";
}
}
}
}
?>
<div class="signup-root">
<h2 class="space-bottom">Make account</h2>
<p class="space-bottom">And amazing things happened here...</p>
<form class="flex-down between" method="POST" action="signup.php" enctype="multipart/form-data">
<input class="btn alert-default space-bottom-large" type="text" name="username" placeholder="Username">
<input class="btn alert-default space-bottom" type="password" name="password" placeholder="Password">
<input class="btn alert-default space-bottom-large" type="password" name="confirm_password" placeholder="Re-enter Password">
<input class="btn alert-default space-bottom-large" type="text" name="invite_code" placeholder="Invite Code">
<button class="btn alert-high" type="submit" name="signup"><img class="svg" src="../assets/icons/sign-in.svg">Sign Up</button>
<?php
if (isset($error)) {
echo "<p class='alert alert-low space-top'>".$error."</p>";
}
if (isset($success)) {
echo "<p class='alert alert-high space-top'>".$success."</p>";
}
?>
</form>
</div>
<?php
include("../ui/top.html");
include("../ui/footer.php");
?>
</body>
</html>