p8/Bloggr
1
0
Fork 0
mirror of https://github.com/p08dev/Bloggr.git synced 2026-06-17 04:33:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixed minor bugs

Browse Source 
Fixed spelling
Fixed layout
This commit is contained in:
Furentes
2019-05-22 23:36:06 +02:00
parent cc3073803d
commit 76ea941123
9 changed files with 127 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
inc/nav.php
View File

@ -9,6 +9,7 @@
<label for="bmenub" class="burger pseudo button">&#8801;</label>
<div class="menu">
<a href="/" class="pseudo button"">Startseite</a>
<?php
if ($auth->hasRole([ \Bloggr\Roles::ADMIN ])){
?>
@ -17,8 +18,7 @@
<?php
} elseif($auth->hasRole([ \Bloggr\Roles::AUTHOR ])) {
?>
<a href="/settings.php" class="pseudo button">Einstellungen</a>
<a href="/logout.php" class="button">Logout</a>
<a href="/post.php?new" class="pseudo button">Neuer Post</a>
<?php
}
?>

10
index.php
View File

@ -17,13 +17,17 @@ require_once(__DIR__."/inc/head.php");
if ($posts) {
foreach($posts as $post) {
?>
<p>
<article class="card">
<header>
<h2><a href="/post.php?view=<?= $post['id'] ?>"><?= $post['title'] ?></a></h2>
</header>
<p>
<?= substr($post['text'], 0, 512) ?><?= (substr($post['text'], 0, 512) !== $post['text']) ? '... <br><a href="/post.php?view='.$post["id"].'">Weiterlesen...</a>' : '' ?>
</p>
<p><small>von <?= $post['user'] ?> am <?= date('H:i d.m.Y', $post['created_at']) ?></p>
</p>
<footer>
<p><small>von <?= $post['user'] ?> am <?= date('H:i d.m.Y', $post['created_at']) ?></small></p>
</footer>
</article>
<?php
}
} else {

93
lib/Bloggr/auth.php
View File

@ -16,19 +16,19 @@ class Auth
$password = filter_var($password, FILTER_SANITIZE_STRING);
$timestamp = time();
if (preg_replace('/\s+/', '', $username) !== $username) {
array_push($errors, 'Your username may not contain whitespaces!');
array_push($errors, 'Dein Benutzername darf keine Leerzeichen enthalten!');
}
if (strlen(trim($username)) < 3) {
array_push($errors, 'Username is too short! Min. 3');
array_push($errors, 'Der Benutzername ist zu kurz! Min. 3');
}
if (strlen(trim($username)) > 16) {
array_push($errors, 'Username is too long! Max. 16');
array_push($errors, 'Der Benutzername ist zu lang! Max. 16');
}
if (!$email) {
array_push($errors, 'Enter a valid email!');
array_push($errors, 'Ungültige E-Mail!');
}
if (strlen(trim($password)) < 8) {
array_push($errors, 'Password is too short! Min 8');
array_push($errors, 'Passwort zu kurz! Min 8');
}
if (count($errors) > 0) {
return $errors;
@ -41,14 +41,14 @@ class Auth
));
while ($row = $s->fetch()) {
if ($row['username'] === $username) {
array_push($errors, 'Username already exists!');
array_push($errors, 'Benutzer existiert bereits!');
}
if ($row['email'] === $email) {
array_push($errors, 'Email already exists!');
array_push($errors, 'E-Mail existiert bereits!');
}
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
@ -63,10 +63,10 @@ class Auth
':roles_mask' => $role
));
if(!$r) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
@ -78,10 +78,10 @@ class Auth
$password = filter_var($password, FILTER_SANITIZE_STRING);
$timestamp = time();
if (!$user || $user === '' || preg_replace('/\s+/', '', $user) !== $user) {
array_push($errors, 'Please enter a username or email!');
array_push($errors, 'Kein Benutzername oder E-Mail angegeben!');
}
if (!$password || $password === '') {
array_push($errors, 'Please enter a password!');
array_push($errors, 'Kein Passwort angegeben!');
}
if (count($errors) > 0) {
return $errors;
@ -93,17 +93,17 @@ class Auth
':user' => $user
));
if ($s->rowCount() <= 0) {
array_push($errors, 'Wrong username/email or password!');
array_push($errors, 'Falscher Benutzername/E-Mail oder Passwort!');
} else {
while ($row = $s->fetch()) {
if (!password_verify($password, $row['password'])) {
array_push($errors, 'Wrong username/email or password!');
array_push($errors, 'Falscher Benutzername/E-Mail oder Passwort!');
}
$userId = $row['id'];
}
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
@ -115,10 +115,10 @@ class Auth
':id' => $userId
));
if(!$r) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
@ -204,19 +204,19 @@ class Auth
$title = htmlspecialchars(trim(filter_var($title, FILTER_SANITIZE_STRING)));
$text = htmlspecialchars(trim($text, FILTER_SANITIZE_STRING));
$created_at = time();
$id = [ 'Something went wrong!' ];
$id = [ 'Da ist etwas schiefgelaufen!' ];
if (strlen($title) < 3) {
array_push($errors, 'Title is too short! Min. 3');
array_push($errors, 'Titel ist zu kurz! Min. 3');
}
if (strlen($title) > 64) {
array_push($errors, 'Title is too long! Max. 64');
array_push($errors, 'Titel ist zu lang! Max. 64');
}
if (strlen($text) < 8) {
array_push($errors, 'Text is too short! Min. 8');
array_push($errors, 'Text ist zu kurz! Min. 8');
}
if (strlen($text) > 12000000) {
array_push($errors, 'Text is too long! MAx. 10M');
array_push($errors, 'Text ist zu lang! Max. 10M');
}
if (count($errors) > 0) {
return $errors;
@ -231,10 +231,10 @@ class Auth
));
$id = $this->pdo->lastInsertId();
if(!$r) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
@ -272,9 +272,8 @@ class Auth
$updated_at = time();
try {
$s = $this->pdo->prepare("SELECT posts.* FROM posts INNER JOIN users ON posts.user = users.id WHERE posts.user = :user AND posts.id = :post LIMIT 1;");
$s = $this->pdo->prepare("SELECT posts.* FROM posts INNER JOIN users ON posts.user = users.id WHERE posts.id = :post LIMIT 1;");
$s->execute(array(
':user' => $this->getId(),
':post' => $id,
));
@ -282,20 +281,20 @@ class Auth
return false;
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (strlen($title) < 3) {
array_push($errors, 'Title is too short! Min. 3');
array_push($errors, 'Titel ist zu kurz! Min. 3');
}
if (strlen($title) > 64) {
array_push($errors, 'Title is too long! Max. 64');
array_push($errors, 'Titel ist zu lang! Max. 64');
}
if (strlen($text) < 8) {
array_push($errors, 'Text is too short! Min. 8');
array_push($errors, 'Text ist zu kurz! Min. 8');
}
if (strlen($text) > 12000000) {
array_push($errors, 'Text is too long! MAx. 10M');
array_push($errors, 'Text ist zu lang! Max. 10M');
}
if (count($errors) > 0) {
return $errors;
@ -310,10 +309,10 @@ class Auth
':id' => $id,
));
if(!$r) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
@ -351,7 +350,7 @@ class Auth
public function getAllPosts() {
try {
$posts = [];
$sql = "SELECT * FROM posts ORDER BY id ASC";
$sql = "SELECT * FROM posts ORDER BY id DESC";
$result = $this->pdo->query($sql);
if (!$result) {
@ -378,10 +377,10 @@ class Auth
$comment = htmlspecialchars(trim($comment, FILTER_SANITIZE_STRING));
$created_at = time();
if (strlen($comment) < 3) {
array_push($errors, 'Text is too short! Min. 3');
array_push($errors, 'Text ist zu kurz! Min. 3');
}
if (strlen($comment) > 256) {
array_push($errors, 'Text is too long! Max. 256');
array_push($errors, 'Text ist zu lang! Max. 256');
}
if (count($errors) > 0) {
return $errors;
@ -395,14 +394,14 @@ class Auth
':created_at' => $created_at,
));
if(!$r) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
}
return true;
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
@ -476,10 +475,10 @@ class Auth
':id' => $id,
));
if(!$r) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
@ -500,25 +499,25 @@ class Auth
':id' => $this->getId()
));
if ($s->rowCount() <= 0) {
array_push($errors, 'User not found!');
array_push($errors, 'Benutzer nicht gefunden!');
} else {
while ($row = $s->fetch()) {
if (!password_verify($old, $row['password'])) {
array_push($errors, 'Wrong password!');
array_push($errors, 'Falsches Passwort!');
}
}
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;
}
if ($new != $repeat) {
array_push($errors, 'Password repeat wrong!');
array_push($errors, 'Passwörter sind nicht gleich!');
}
if (strlen(trim($new)) < 8) {
array_push($errors, 'Password is too short! Min 8');
array_push($errors, 'Passwort zu kurz! Min. 8');
}
if (count($errors) > 0) {
return $errors;
@ -534,10 +533,10 @@ class Auth
':id' => $this->getId(),
));
if(!$r) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
} catch (\PDOException $e) {
array_push($errors, 'Something went wrong!');
array_push($errors, 'Da ist etwas schiefgelaufen!');
}
if (count($errors) > 0) {
return $errors;

1
login.php
View File

@ -24,7 +24,6 @@ require_once(__DIR__."/inc/head.php");
<?php require_once(__DIR__."/inc/nav.php"); ?>
<section class="main">
<h2>Login</h2>
<?php
foreach ($errors as $key=>$value):
?>

44
post.php
View File

@ -12,25 +12,32 @@ $errors = [];
$action = '';
$data = [];
$success = false;
$title = "404 Not Found";
if (isset($_GET['view'])) {
if (isset($_POST['comment'])) {
$result = $auth->commentPost($_GET['view'], $_POST['comment']);
if (is_array($result)) {
$errors = $result;
}
}
$result = $auth->getPost($_GET['view']);
$result_comments = $auth->getPostComments($_GET['view']);
if(!$result) {
array_push($errors, '404 Not Found');
} else {
$title = $result['title'];
$action = 'view';
$data = $result;
}
}
else if (isset($_GET['new'])) {
$action = 'new';
$title = "Neuer Beitrag";
}
else if (isset($_GET['edit'])) {
$action = 'edit';
$title = "Beitrag bearbeitem";
}
else {
array_push($errors, '404 Not Found');
@ -46,7 +53,7 @@ if ($action == 'new' && isset($_POST['new'])) {
}
}
$title = "";
$ptitle = "";
$text = "";
if ($action == 'edit' && isset($_POST['edit'])) {
@ -71,13 +78,18 @@ if ($action == 'edit') {
<!DOCTYPE html>
<html>
<?php
$title = "Neuer Beitrag";
require_once(__DIR__."/inc/head.php");
?>
<body>
<?php require_once(__DIR__."/inc/nav.php"); ?>
<section class="main">
<a href="/">Zurück</a>
<?php
if ($action == 'edit' && (count($errors) <= 0)) {
echo '<a href="/post.php?view='.$data["id"].'">Zurück</a>';
} else {
echo '<a href="/">Zurück</a>';
}
?>
<?php
foreach ($errors as $key=>$value):
?>
@ -92,9 +104,12 @@ require_once(__DIR__."/inc/head.php");
}
if ($action == 'view'):
?>
<h2><?= $data['title'] ?></h2>
<div>
<header><h2><?= $data['title'] ?></h2></header>
<section>
<p><?= nl2br($data['text']) ?></p>
<p><small>von <?= $data['user'] ?> am <?= date('H:i d.m.Y', $data['created_at']) ?><br>
</section>
<footer><small>von <?= $data['user'] ?> am <?= date('H:i d.m.Y', $data['created_at']) ?><br>
<?php
if($data['updated_by']):
?>
@ -102,9 +117,10 @@ require_once(__DIR__."/inc/head.php");
</small>
<?php
endif;
echo '</p>';
if ($auth->canEditPost($data["id"]) == true) echo '<a href="post.php?edit='.$data["id"].'">Edit Post</a>';
echo '</footer>';
?>
</div>
<?php
if ($auth->isLoggedIn()) {
?>
@ -120,10 +136,14 @@ require_once(__DIR__."/inc/head.php");
if(is_array($result_comments)) {
foreach($result_comments as $comment) {
?>
<p>
<b><?= $comment['user']; ?></b> am <?= date('H:i d.m.Y',$comment['created_at']) ?><br>
<article class="card">
<section>
<b><?= $comment['user']; ?></b> <small>am <?= date('H:i d.m.Y',$comment['created_at']) ?></small>
</section>
<footer>
<?= $comment['comment']; ?>
</p>
</footer>
</article>
<?php
}
}
@ -143,15 +163,15 @@ require_once(__DIR__."/inc/head.php");
<?php
endif;
if ($action == 'edit' && (count($errors) <= 0)):
if ($action == 'edit'):
?>
<h2>Beitrag Bearbeiten</h2>
<form action="<?= htmlspecialchars($_SERVER['REQUEST_URI']) ?>" method="post" class="clearfix">
<label for="title">Titel</label>
<input type="text" name="title" id="title" value="<?= (isset($data['title'])) ? $data['title'] : $title; ?>"><br>
<input type="text" name="title" id="title" value="<?= (isset($data['title'])) ? $data['title'] : $ptitle; ?>"><br>
<label for="text">Text</label>
<textarea rows="4" cols="50" name="text" id="text"><?= (isset($data['text'])) ? $data['text'] : $text; ?></textarea>
<input type="submit" name="edit" value="edit">
<input type="submit" name="edit" value="Speichern">
</form>
<?php
endif;

2
register.php
View File

@ -8,7 +8,7 @@ $errors = [];
$success = false;
if (isset($_POST['register'])) {
if ($_POST['password'] !== $_POST['password2']) {
array_push($errors, 'Passwörter sind nicht gleich');
array_push($errors, 'Passwörter sind nicht gleich!');
} else {
$register = $auth->register($_POST['username'], $_POST['email'], $_POST['password']);
if (is_array($register)) {

2
settings.php
View File

@ -33,7 +33,7 @@ require_once(__DIR__."/inc/head.php");
<body>
<?php require_once(__DIR__."/inc/nav.php"); ?>
<section class="main">
<h2>Change Password</h2>
<h2>Einstellungen</h2>
<?php
foreach ($errors as $key=>$value):
?>

55
setup.php
View File

@ -27,13 +27,13 @@ if (isset($_POST['check']) || isset($_POST['submit'])) {
$pass = $_POST['ADMIN_PASS'];
if($siteTitle == "" || strlen($siteTitle) < 1) {
array_push($error, "Please enter a site title");
array_push($error, "Bitte gib einen Seitentitel ein.");
}
if($dbHost == "") {
array_push($error, "Please enter a hostname");
array_push($error, "Bitte gib einen Hostnamen ein.");
}
if($dbName == "") {
array_push($error, "Please enter a database");
array_push($error, "Bitte gib eine Datenbank an.");
}
if (isset($_POST['submit'])) {
@ -62,7 +62,7 @@ if (isset($_POST['check'])) {
$sql = file_get_contents(__DIR__."/lib/sql/db.sql");
try {
$pdo->exec($sql);
array_push($successArray, 'Database setup complete...');
array_push($successArray, 'Tabellen erstellt...!');
} catch (PDOException $ex) {
array_push($error, $ex->getMessage());
}
@ -77,7 +77,7 @@ if (isset($_POST['check'])) {
array_push($error, $regErr);
}
} else {
array_push($successArray, 'Admin setup complete...');
array_push($successArray, 'Administrator Account erstellt...!');
$success = true;
$viewSubmit = true;
}
@ -99,6 +99,15 @@ if (isset($_POST['check'])) {
<link rel="stylesheet" href="/css/main.css">
</head>
<body>
<nav class="demo">
<a href="/setup.php" class="brand">
<span>Willkommen zu Bloggr!</span>
</a>
</nav>
<section class="main">
<h2>Seiteninformationen</h2>
<article class="card">
<header>
<p>
<?php
foreach($error as $err) {
@ -111,41 +120,40 @@ if (isset($_POST['check'])) {
</p>
<form action="" method="post">
<div <?= ($success) ? 'style="display: none;' : '' ?>>
<h2>Site info</h2>
<p>
<label for="SITE_TITLE">Title</label>
<input type="text" name="SITE_TITLE" id="SITE_TITLE" placeholder="A Bloggr Site" value="<?= $siteTitle ?>" >
<label for="SITE_TITLE">Seitentitel</label>
<input type="text" name="SITE_TITLE" id="SITE_TITLE" placeholder="z.B. Mein Blog" value="<?= $siteTitle ?>" >
</p>
<h2>Database info</h2>
<h2>Datenbankinformationen</h2>
<p>
<label for="DB_HOST">Host</label>
<input type="text" name="DB_HOST" id="DB_HOST" placeholder="localhost" value="<?= $dbHost ?>" >
<input type="text" name="DB_HOST" id="DB_HOST" placeholder="z.B. localhost" value="<?= $dbHost ?>" >
</p>
<p>
<label for="DB_NAME">Database</label>
<input type="text" name="DB_NAME" id="DB_NAME" placeholder="bloggr" value="<?= $dbName ?>" >
<label for="DB_NAME">Datenbank</label>
<input type="text" name="DB_NAME" id="DB_NAME" placeholder="z.B. bloggr" value="<?= $dbName ?>" >
</p>
<p>
<label for="DB_USER">Username</label>
<input type="text" name="DB_USER" id="DB_USER" placeholder="bloggr" value="<?= $dbUser ?>" >
<label for="DB_USER">Benutzername</label>
<input type="text" name="DB_USER" id="DB_USER" placeholder="z.B. root" value="<?= $dbUser ?>" >
</p>
<p>
<label for="DB_PASS">Password</label>
<input type="password" name="DB_PASS" id="DB_PASS" placeholder="s3cur3" value="<?= $dbPass ?>" >
<label for="DB_PASS">Passwort (min. 8)</label>
<input type="password" name="DB_PASS" id="DB_PASS" placeholder="" value="<?= $dbPass ?>" >
</p>
<br>
<h2>Create administrator</h2>
<h2>Administrator Konto</h2>
<p>
<label for="ADMIN_USER">Username</label>
<input type="text" name="ADMIN_USER" id="ADMIN_USER" placeholder="admin" value="<?= $user ?>" >
<label for="ADMIN_USER">Benutzername</label>
<input type="text" name="ADMIN_USER" id="ADMIN_USER" placeholder="z.B. admin" value="<?= $user ?>" >
</p>
<p>
<label for="ADMIN_EMAIL">E-Mail</label>
<input type="text" name="ADMIN_EMAIL" id="ADMIN_EMAIL" placeholder="bloggr" value="<?= $email ?>" >
<input type="text" name="ADMIN_EMAIL" id="ADMIN_EMAIL" placeholder="z.B. blog@example.com" value="<?= $email ?>" >
</p>
<p>
<label for="ADMIN_PASS">Password</label>
<input type="password" name="ADMIN_PASS" id="ADMIN_PASS" placeholder="s3cur3" value="<?= $pass ?>" >
<label for="ADMIN_PASS">Passwort </label>
<input type="password" name="ADMIN_PASS" id="ADMIN_PASS" placeholder="" value="<?= $pass ?>" >
</p>
</div>
<p>
@ -154,5 +162,8 @@ if (isset($_POST['check'])) {
<?= ($viewSubmit) ? '<input type="submit" value="Submit" name="submit">' : '' ?>
</p>
</form>
</header>
</article>
</section>
</body>
</html>

10
users.php
View File

@ -34,8 +34,8 @@ require_once(__DIR__."/inc/head.php");
<body>
<?php require_once(__DIR__."/inc/nav.php"); ?>
<section class="main">
<?= ($view) ? '<a href="/users.php">Zurück</a>' : '' ?>
<h2>Users</h2>
<h2>Benutzer</h2>
<?= ($view) ? '<a href="/users.php">Zurück</a><br><br>' : '' ?>
<?php
if($view) {
$found = false;
@ -45,9 +45,9 @@ require_once(__DIR__."/inc/head.php");
?>
<form action="<?= htmlspecialchars($_SERVER['REQUEST_URI']) ?>" method="post">
<label for="username"><?= $value['username'] ?></label><br>
<label for="email"><?= $value['email'] ?></label><br>
<label for="roles_mask">Role</label>
<label for="username"><b>Benutzername:</b> <?= $value['username'] ?></label><br>
<label for="email"><b>E-Mail:</b> <?= $value['email'] ?></label><br>
<label for="roles_mask"><b>Rolle</b></label>
<select name="role" id="role">
<option value="0" <?= ($value['roles_mask'] == 0) ? 'selected' : '' ?>>Gast</option>
<option value="1" <?= ($value['roles_mask'] == 1) ? 'selected' : '' ?>>Admin</option>