WebSVN - taios - Blame - Rev 514

Rev	Author	Line No.	Line
297	freddie	1	<?php
		2
		3	require '_config.php';
		4
		5	class Taios_Page
		6	{
		7	function __construct($title, $url = "")
		8	{
		9	$this->title = $title;
		10	$this->url = $url;
		11
		12	$this->drawnHeader = false;
		13	$this->drawnMiddle = false;
		14	$this->drawnFooter = false;
		15
487	tom	16	try {
		17	$this->db = new PDO("mysql:dbname=Tim32;host=" . MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD,
		18	array( PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'UTF8'" ));
		19	} catch (PDOException $e) {
		20	$this->drawError("Failed to connect to database!");
		21	}
297	freddie	22	}
		23
		24	function drawHeader()
		25	{
		26	if (!$this->drawnHeader)
		27	{
		28	write('<!DOCTYPE html>');
490	tom	29	write('<html lang="en">');
297	freddie	30	write('<head>');
		31	write('<meta http-equiv="Content-Type" content="text/html;charset=utf-8">');
		32	write('<title>Tim32 · ' . $this->title . '</title>');
490	tom	33	write('<link href="' . $this->url . 'styles.css" rel="stylesheet" type="text/css" media="all" />');
463	tom	34	write('<link rel="shortcut icon" href="' . $this->url . 'data/favicon.png" />');
485	muzer	35	write('<script type="text/javascript" src="http://code.jquery.com/jquery-1.9.0.min.js"></script>');
		36	write('<script type="text/javascript" src="' . $this->url . 'tcp.js"></script>');
297	freddie	37	write('</head>');
		38	write('<body>');
		39	write('<div class="sidebar">');
		40	write('<div class="sidebar-header">');
483	muzer	41	write('<a href="' . $this->url . '"><h1>Tim32</h1></a>');
297	freddie	42	write('</div>');
		43	write('<div class="sidebar-menu">');
		44	$this->drawMenuItem('Home', 'index.php');
		45	$this->drawMenuItem('Blog', 'blog/');
		46	$this->drawMenuItem('Projects', 'projects/');
		47	$this->drawMenuItem('Forums', 'forums/');
		48	$this->drawMenuItem('Wiki', 'wiki/');
		49	$this->drawMenuItem('Photos', 'photos/');
		50	write('<br />');
485	muzer	51
		52	if ($this->isLoggedIn() && $this->isUserNormal($this->getLoggedInUser())) {
297	freddie	53	$this->drawMenuItem('Administration', 'admin/');
		54	$this->drawMenuItem('Logout', 'logout-do.php');
485	muzer	55	} else if ($this->isLoggedIn()) {
471	muzer	56	$this->drawMenuItem('Logout', 'logout-do.php');
485	muzer	57
		58	if ($this->getLoggedInUser()->username != "cake") {
471	muzer	59	$this->drawMenuItem('You are banned', NULL);
485	muzer	60	} else {
472	tom	61	$this->drawMenuItem('<span style="color:#032865">#undefined</span>', '/challenge/cakefolder');
485	muzer	62	}
		63	} else {
297	freddie	64	$this->drawMenuItem('Login', 'login.php');
		65	$this->drawMenuItem('Register', 'register.php');
		66	}
485	muzer	67
297	freddie	68	write('<br />');
		69	$this->drawnHeader = true;
		70	}
		71	}
		72
485	muzer	73	function drawMenuItem($t, $u) {
		74	if ($u == NULL) {
471	muzer	75	write('<p style="color:red">' . $t . '</p>');
485	muzer	76	} else {
471	muzer	77	write('<p><a href="' . $this->url . $u . '">' . $t . '</a></p>');
		78	}
297	freddie	79	}
		80
		81	function drawMiddle()
		82	{
485	muzer	83	if (!$this->drawnMiddle) {
297	freddie	84	write('</div>');
		85	write('</div>');
		86	write('<div class="content">');
483	muzer	87	write('<a href="./"><h2>' . $this->title . '</h2></a>');
297	freddie	88
		89	$this->drawnMiddle = true;
		90	}
		91	}
		92
		93	function drawFooter()
		94	{
		95	if (!$this->drawnFooter)
		96	{
		97	write('</div>');
		98	write('</body>');
		99	write('</html>');
		100
		101	$this->drawnFooter = true;
		102	}
		103
		104	die();
		105	}
		106
		107	function drawError($text, $die = true)
		108	{
		109	$this->drawHeader();
		110	$this->drawMiddle();
		111
		112	write('<h4 style="color: red;">Error: ' . $text . '</h4>');
		113
490	tom	114	if ($die) {
297	freddie	115	$this->drawFooter();
		116	die();
		117	}
		118	}
		119
		120	function drawBlogPostTree($id, $first = false)
		121	{
		122	$post = $this->getBlogPost($id);
		123	if ($first)
		124	{
		125	write('<h3><a href="post.php?id=' . $id . '">' . $post->title. '</a> <a href="post.php?id=' . $post->parent->ID . '">^</a></h3>');
		126	}
		127	else
		128	{
		129	write('<a href="post.php?id=' . $id . '"><h3>' . $post->title. '</h3></a>');
		130	}
		131	write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
		132	write('<p>' . $this->replaceBBCode($post->content) . '</p>');
		133
		134	if ($this->isUserNormal($this->getLoggedInUser()))
		135	{
		136	echo '<p class="bold"><a href="add-post.php?id=' . $id . '">Add Comment</a>';
		137	if ($this->isUserAdmin($this->getLoggedInUser()) \|\| $this->getLoggedInUser()->ID == $post->author->ID)
		138	{
		139	echo '   &middot   <a href="edit-post.php?id=' . $id . '">Edit Post</a>';
		140	echo '   &middot   <a href="del-post.php?id=' . $id . '">Delete Post</a>';
		141	}
		142	write('</p><br />');
		143	}
		144
497	muzer	145	$ids = $this->findIDs('BlogPosts', 'WHERE ParentID=?', array($id));
297	freddie	146	for ($i = 0; $i < count($ids); $i++)
		147	{
		148	write('<div class="indent">');
		149	$this->drawBlogPostTree($ids[$i]);
		150	write('</div>');
		151	}
		152	}
		153
		154	function drawBlogCategoriesMenu()
		155	{
		156	$cats = array();
		157
		158	$ids = $this->findIDs('BlogPosts', 'WHERE ParentID = -1');
		159	for ($i = 0; $i < count($ids); $i++)
		160	{
		161	$cat = $this->getBlogPost($ids[$i])->category;
483	muzer	162	if (!in_array($cat, $cats) && ($cat != "Drafts" \|\| $this->isUserGM($this->getLoggedInUser())))
297	freddie	163	{
		164	array_push($cats, $cat);
		165	}
		166	}
		167
		168	write('<h3>Categories</h3>');
		169	for ($i = 0; $i < count($cats); $i++)
		170	{
		171	$this->drawMenuItem($cats[$i], 'blog/index.php?cat=' . $cats[$i]);
		172	}
		173	}
		174
		175	function replaceBBCode($str)
		176	{
437	tom	177	$newstr = $str;
484	muzer	178	$newstr = str_replace("<", "<", $newstr);
		179	$newstr = str_replace(">", ">", $newstr);
481	muzer	180	$newstr = str_replace("\n", "<br />", $newstr);
362	tom	181	$newstr = str_replace("\\'", "'", $newstr);
		182	$newstr = str_replace("\\\"",'"', $newstr);
297	freddie	183	$newstr = str_replace(' ', '  ', $newstr);
		184
		185	$bbcode = array(
485	muzer	186	'/\[b\](.+?)\[\/b\]/is',
		187	'/\[i\](.+?)\[\/i\]/is',
		188	'/\[u\](.+?)\[\/u\]/is',
495	muzer	189	'/\[s\](.+?)\[\/s\]/is',
485	muzer	190	'/\[url\](.+?)\[\/url\]/is',
486	muzer	191	'/\[w\](.+?)\[\/w\]/is',
485	muzer	192	'/\[url=(?:")?(.+?)(?:")?\](.+?)\[\/url\]/is',
486	muzer	193	'/\[w=(?:")?(.+?)(?:")?\](.+?)\[\/w\]/is',
485	muzer	194	'/\[code\](.+?)\[\/code\]/is',
		195	'/\[img\](.+?)\[\/img\]/is',
		196	'/\[ul\](.+?)\[\/ul\]/is',
		197	'/\[ol\](.+?)\[\/ol\]/is',
		198	'/\[li\](.+?)\[\/li\]/is',
		199	'/\[mono\](.+?)\[\/mono\]/is',
		200	'/\[tcp\](.+?)\[\/tcp\]/is'
297	freddie	201	);
		202
		203	$html = array(
485	muzer	204	'<b>$1</b>',
		205	'<i>$1</i>',
		206	'<u>$1</u>',
495	muzer	207	'<del>$1</del>',
485	muzer	208	'<a href="$1">$1</a>',
486	muzer	209	'<a href="/wiki/index.php?page=$1">$1</a>',
485	muzer	210	'<a href="$1">$2</a>',
486	muzer	211	'<a href="/wiki/index.php?page=$1">$2</a>',
485	muzer	212	'</p><div class="code">$1</div><p>',
		213	'<img src="$1" alt="BBCode-included image" />',
		214	'<ul>$1</ul>',
		215	'<ol>$1</ol>',
		216	'<li>$1</li>',
		217	'<span style="font-family: Droid Sans Mono, monospace, fixed; margin-left: 1em; margin-right: 1em;">$1</span>',
		218	'<span class="tcp" data-status="closed" data-text="$1">$1<img title="Open TCP Editor" class="tcp_button" src="http://tim32.org/~freddie/timlan/goTCP.png" alt="Open TCP Editor" /></span>'
297	freddie	219	);
		220
		221	$newstr = preg_replace($bbcode, $html, $newstr);
		222
		223	return $newstr;
		224	}
		225
		226	function redirect($u)
		227	{
		228	header('Location: ' . $u);
		229	die();
		230	}
		231
		232	function isLoggedIn()
		233	{
		234	$cookie = $_COOKIE['Tim32_Login'];
		235	if (!empty($cookie))
		236	{
		237	$clist = explode('\|~\|', $cookie);
		238	$user = $this->getUserByUsername($clist[0]);
		239	if ($user)
		240	{
		241	if ($user->password == $clist[1])
		242	{
		243	return true;
		244	}
		245	}
		246	}
		247
		248	return false;
		249	}
		250
		251	function isUserAdmin()
		252	{
		253	if ($this->isLoggedIn())
		254	{
		255	if ($this->getLoggedInUser()->accessID <= 0)
		256	{
		257	return true;
		258	}
		259	}
		260
		261	return false;
		262	}
		263
		264	function isUserGM()
		265	{
		266	if ($this->isLoggedIn())
		267	{
		268	if ($this->getLoggedInUser()->accessID <= 1)
		269	{
		270	return true;
		271	}
		272	}
		273
		274	return false;
		275	}
		276
		277	function isUserNormal()
		278	{
		279	if ($this->isLoggedIn())
		280	{
		281	if ($this->getLoggedInUser()->accessID <= 2)
		282	{
		283	return true;
		284	}
		285	}
		286
		287	return false;
		288	}
		289
471	muzer	290	function isUserBanned()
		291	{
		292	if ($this->isLoggedIn())
		293	{
		294	if ($this->getLoggedInUser()->accessID >= 3)
		295	{
		296	return true;
		297	}
		298	}
		299
		300	return false;
		301	}
		302
384	tom	303	function checkChallengeStatus($challengeID, $previous, $next)
		304	{
		305	$currentChallengeID = $this->getLoggedInUser()->challengeID;
		306
		307	if (!$this->isLoggedIn())
		308	{
		309	$this->redirect('index.php');
		310	}
		311	else if ($currentChallengeID > $challengeID)
		312	{
		313	$this->redirect($next . '.php');
		314	}
		315	else if ($currentChallengeID < $challengeID)
		316	{
		317	$this->redirect($previous . '.php');
		318	}
		319	}
		320
297	freddie	321	function checkLoggedIn()
		322	{
		323	if (!$this->isLoggedIn())
		324	{
		325	$this->drawError('You need to be logged in.');
		326	}
		327	}
		328
489	tom	329	function query($query, $args = array())
297	freddie	330	{
487	tom	331	$statement = $this->db->prepare($query);
		332	if (!$statement->execute($args)) {
		333	$this->drawError("Query Failed! MySQL Error: " . $statement->errorInfo());
		334	}
		335
		336	return $statement->fetchAll();
297	freddie	337	}
		338
490	tom	339	function findIDs($table, $query = '', $args = array())
297	freddie	340	{
		341	$array = array();
		342
490	tom	343	$results = $this->query('SELECT ID FROM ' . $table . ' ' . $query, $args);
487	tom	344	foreach ($results as $row) {
297	freddie	345	array_push($array, $row['ID']);
		346	}
		347
		348	return $array;
		349	}
		350
		351	function getUserByID($id)
		352	{
490	tom	353	foreach ($this->query("SELECT * FROM Users WHERE ID = ?", array($id)) as $row) {
		354	$user = new User();
297	freddie	355	$user->ID = $row['ID'];
		356	$user->accessID = $row['AccessID'];
		357	$user->username = $row['Username'];
		358	$user->password = $row['Password'];
508	freddie	359	$user->salt = $row['Salt'];
297	freddie	360	$user->emailAddress = $row['EmailAddress'];
		361	$user->name = $row['Name'];
507	freddie	362	$user->csrftoken = $row['CSRFToken'];
297	freddie	363	$user->challengeID = $row['ChallengeID'];
		364
		365	return $user;
		366	}
		367
		368	return false;
		369	}
		370
490	tom	371	function getUserByUsername($username) {
		372	foreach ($this->query("SELECT * FROM Users WHERE Username = ?", array($username)) as $row) {
297	freddie	373	return $this->getUserByID($row['ID']);
		374	}
		375
		376	return false;
		377	}
		378
491	tom	379	function getLoggedInUser() {
		380	if ($this->isLoggedIn()) {
297	freddie	381	$clist = explode('\|~\|', $_COOKIE['Tim32_Login']);
		382	return $this->getUserByUsername($clist[0]);
		383	}
		384
		385	return false;
		386	}
		387
491	tom	388	function getBlogPost($id) {
		389	foreach ($this->query("SELECT * FROM BlogPosts WHERE ID = ?", array($id)) as $row) {
297	freddie	390	$post = new BlogPost;
		391	$post->ID = $row['ID'];
491	tom	392
		393	if ($row['ParentID'] == -1) {
297	freddie	394	$post->parent = -1;
491	tom	395	} else {
297	freddie	396	$post->parent = $this->getBlogPost($row['ParentID']);
		397	}
491	tom	398
297	freddie	399	$post->author = $this->getUserByID($row['AuthorID']);
		400	$post->user = $this->getUserByID($row['AuthorID']); // For some older pages
485	muzer	401	$post->title = htmlspecialchars($row['Title']);
		402	$post->content = htmlspecialchars($row['Content']);
297	freddie	403	$post->datePosted = strtotime($row['DatePosted']);
		404	$post->category = $row['Category'];
		405	$post->spam = $row['Spam'];
		406
		407	return $post;
		408	}
		409
		410	$this->drawError('Cannot find blog post, #' . $id);
		411	}
		412
491	tom	413	function getProject($id) {
		414	foreach ($this->query("SELECT * FROM Projects WHERE ID = ?", array($id)) as $row) {
297	freddie	415	$project = new Project;
		416
		417	$project->ID = $row['ID'];
		418	$project->author = $this->getUserByID($row['AuthorID']);
		419	$project->title = $row['Title'];
		420	$project->description = $row['Description'];
		421	$project->logoURL = $row['LogoURL'];
		422	$project->downloadURL = $row['DownloadURL'];
		423	$project->websiteURL = $row['WebsiteURL'];
		424	$project->latestVersion = $row['LatestVersion'];
		425	$project->lastUpdate = strtotime($row['LastUpdate']);
		426
		427	return $project;
		428	}
		429
		430	return false;
		431	}
		432
491	tom	433	function getForumCategory($id) {
		434	foreach ($this->query("SELECT * FROM ForumCategories WHERE ID = ?", array($id)) as $row) {
297	freddie	435	$f = new ForumCategory;
		436
		437	$f->ID = $row['ID'];
		438	$f->parent = $this->getForumCategory($row['ParentID']);
		439	$f->title = $row['Title'];
		440	$f->description = $row['Description'];
		441
		442	return $f;
		443	}
		444
		445	return false;
		446	}
		447
491	tom	448	function getForumPost($id) {
		449	foreach ($this->query("SELECT * FROM ForumPosts WHERE ID = ?", array($id)) as $row) {
297	freddie	450	$f = new ForumPost;
		451
		452	$f->ID = $row['ID'];
		453	$f->author = $this->getUserByID($row['AuthorID']);
		454	$f->category = $this->getForumCategory($row['CategoryID']);
		455	$f->parent = $this->getForumPost($row['ParentID']);
		456	$f->title = $row['Title'];
		457	$f->content = $row['Content'];
		458	$f->datePosted = strtotime($row['DatePosted']);
		459	$f->spam = $row['Spam'];
		460
		461	return $f;
		462	}
		463
		464	return false;
		465	}
		466
491	tom	467	function delBlogPost($id) {
		468	foreach ($this->findIDs("BlogPosts", "WHERE ParentID = ?", array($id)) as $i) {
		469	$this->delBlogPost($i);
297	freddie	470	}
491	tom	471
		472	$this->query("DELETE FROM BlogPosts WHERE ID = ?", array($id));
297	freddie	473	}
		474
500	freddie	475	function saltAndBurn($pass, $salt) {
503	freddie	476	return sha1($salt . $pass);
500	freddie	477	}
		478
508	freddie	479	function rndString($len = 8) {
		480	$chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZlolphp';
514	freddie	481	$clen = strlen($chars);
508	freddie	482
		483	$res = '';
		484	for ($i = $len - 1; $i >= 0; $i--) {
513	freddie	485	$res .= $chars[rand(0, $clen - 1)];
508	freddie	486	}
		487
		488	return $res;
		489	}
		490
510	freddie	491	function getCSRFToken($id) {
508	freddie	492	$token = $this->rndString();
512	freddie	493	$this->query("UPDATE Users Set CSRFToken = ? WHERE ID = ?", array($token, $id));
508	freddie	494	return $token;
		495	}
		496
510	freddie	497	function checkCSRFToken($id, $token) {
508	freddie	498	$user = $this->getUserByID($id);
		499	if ($token !== $user->csrftoken) {
		500	die("a death");
		501	}
		502
510	freddie	503	$this->getCSRFToken($id); // change to something else so we can't re-use it
508	freddie	504	}
		505
491	tom	506	function getGetID() {
297	freddie	507	$id = $_GET['id'];
491	tom	508	if (empty($id)) {
297	freddie	509	$id = 1;
		510	}
		511
		512	return $id;
		513	}
		514
491	tom	515	function getPostID() {
297	freddie	516	$id = $_POST['id'];
491	tom	517	if (empty($id)) {
297	freddie	518	$id = 1;
		519	}
		520
		521	return $id;
		522	}
		523
		524	}
		525
		526	class User
		527	{
		528	public $ID;
		529	public $accessID;
		530	public $username;
		531	public $password;
508	freddie	532	public $salt;
297	freddie	533	public $emailAddress;
		534	public $name;
507	freddie	535	public $csrftoken;
443	tom	536
297	freddie	537	public $challengeID;
		538	}
		539
		540	class BlogPost
		541	{
		542	public $ID;
		543	public $parent;
		544	public $author;
		545	public $title;
		546	public $content;
		547	public $datePosted;
		548	public $category;
		549	public $spam;
		550	}
		551
		552	class Project
		553	{
		554	public $ID;
		555	public $author;
		556	public $title;
		557	public $description;
426	tom	558
434	tom	559
297	freddie	560	public $logoURL;
		561	public $downloadURL;
		562	public $websiteURL;
		563	public $latestVersion;
		564	public $lastUpdate;
		565	}
		566
		567	class ForumCategory
		568	{
		569	public $ID;
		570	public $parent;
		571	public $title;
		572	public $description;
401	tom	573
297	freddie	574	}
		575
		576	class ForumPost
		577	{
		578	public $id;
		579	public $author;
		580	public $category;
		581	public $parent;
		582	public $title;
		583	public $content;
		584	public $datePosted;
		585	public $spam;
		586	}
		587
		588	function write($str)
		589	{
		590	echo $str;
		591	echo "\n";
		592	}
		593
		594	?>

Subversion Repositories taios

(root)/_taios.php - Rev 514