failed-galleries/php-gallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2024-12-29 10:56:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Browse source
This commit is contained in:
Michał 2022-08-07 12:57:13 +01:00
parent dba8379a0c
commit 8da2aff265
16 changed files with 270 additions and 401 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
app/account/get_info.php Normal file
View file

@ -0,0 +1,16 @@
<?php
/*
Get full user info from database
Returns array with user info
*/
function get_user_info($conn, $id) {
// Setting SQL query
$sql = "SELECT * FROM users WHERE id = ".$id;
// Getting results
$query = mysqli_query($conn, $sql);
// Fetching associated info
$user_array = mysqli_fetch_assoc($query);
return($user_array);
}

18
app/account/is_admin.php Normal file
View file

@ -0,0 +1,18 @@
<?php
/*
Check if user is admin
Returns True if user is privilaged
Returns False if user is NOT privilaged
*/
function is_admin($id) {
if (isset($id) || !empty($id)) {
if ($id == 1) {
return True;
} else {
return False;
}
} else {
return False;
}
}

14
app/account/login_status.php Normal file
View file

@ -0,0 +1,14 @@
<?php
/*
Check if user is loggedin
Returns True if user is
Returns False if user is NOT
*/
function loggedin() {
if (isset($_SESSION["loggedin"]) == true && $_SESSION["loggedin"] == true) {
return True;
} else {
return False;
}
}

18
app/format/string_to_tags.php Normal file
View file

@ -0,0 +1,18 @@
<?php
/*
Clean up long text input and turn into an array for tags
Returns clean string of words with equal white space between it
*/
function tag_clean($string) {
// Replace hyphens
$string = str_replace('-', '_', $string);
// Regex
$string = preg_replace('/[^A-Za-z0-9\_ ]/', '', $string);
// Change to lowercase
$string = strtolower($string);
// Removing extra spaces
$string = preg_replace('/ +/', ' ', $string);
return $string;
}

27
app/image/delete_image.php
View file

@ -0,0 +1,27 @@
/*
Confirm deleting user
user must be privilaged to do this action this the privilaged == true
*/
if (isset($_POST['delete_confirm']) && $privilaged) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
// Delete from table
$image_delete_request = "DELETE FROM swag_table WHERE id =".$image['id'];
$image_delete = mysqli_query($conn,$image_delete_request);
if ($image_delete) {
// See if image is in the directory
if (is_file("images/".$image['imagename'])) {
unlink("images/".$image['imagename']);
}
// Delete thumbnail if exitsts
if (is_file("images/thumbnails/".$image['imagename'])) {
unlink("images/thumbnails/".$image['imagename']);
}
header("Location:index.php?del=true&id=".$image['id']);
} else {
header("Location: image.php?id=".$image['id']."&del=fail>");
}
}

26
app/image/edit_author.php
View file

@ -0,0 +1,26 @@
/*
Author confirm
*/
if (isset($_POST['author_confirm']) && is_admin($_SESSION['id'])) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET author=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Setting parameters
$param_author = $_POST['update_author'];
$param_id = $image["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
header("Location:image.php?id=".$image["id"]."&update=success");
} else {
header("Location:image.php?id=".$image["id"]."&update=error");
}
}
}

1
app/image/edit_description.php
View file

@ -30,4 +30,3 @@ if (isset($_POST['submit'])) {
} }
} }
} }
?>

41
app/image/edit_tags.php
View file

@ -0,0 +1,41 @@
/*
Tags Confirm
*/
if (isset($_POST['tags_confirm']) && $privilaged) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
// Clean tags before adding
function clean($string) {
// Change to lowercase
$string = strtolower($string);
// Replace hyphens
$string = str_replace('-', '_', $string);
// Regex
$string = preg_replace('/[^A-Za-z0-9\_ ]/', '', $string);
// Return string
return preg_replace('/ +/', ' ', $string);
}
// Clean input
$tags_string = tag_clean(trim($_POST['add_tags']));
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $image["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
header("Location:image.php?id=".$image["id"]."&update=success");
} else {
header("Location:image.php?id=".$image["id"]."&update=error");
}
}
}

16
app/image/get_image_info.php Normal file
View file

@ -0,0 +1,16 @@
<?php
/*
Get full image info from database
Returns array with image info
*/
function get_image_info($conn, $id) {
// Setting SQL query
$sql = "SELECT * FROM swag_table WHERE id = ".$id;
// Getting results
$query = mysqli_query($conn, $sql);
// Fetching associated info
$image_array = mysqli_fetch_assoc($query);
return($image_array);
}

19
app/image/image_privilage.php Normal file
View file

@ -0,0 +1,19 @@
<?php
/*
Check if user is image owner
Returns True if user is privilaged
Returns False if user is NOT privilaged
*/
function image_privilage($id) {
$session_id = $_SESSION['id'];
if (isset($session_id) || !empty($session_id)) {
if ($session_id == $id) {
return True;
} else {
return False;
}
} else {
return False;
}
}

2
app/server/conn.php
View file

@ -13,5 +13,5 @@ $conn_database = "swag";
$conn = mysqli_connect($conn_ip, $conn_username, $conn_password , $conn_database); $conn = mysqli_connect($conn_ip, $conn_username, $conn_password , $conn_database);
if ($conn->connect_error) { if ($conn->connect_error) {
// Send notification that connection couldn't be made echo "<script>sniffleAdd('Error','Could not make a connection to the server, please try again later','var(--red)','".$root_dir."../../assets/icons/warning.svg')</script>";
} }

0
app/server/secrete.php Normal file
View file

235
image.php
View file

@ -1,57 +1,10 @@
<?php <?php
include "ui/required.php"; function info_check($string){
if (isset($string) && !empty($string)) {
/* return $string;
Get image ID
Image ID should be written in the URL of the page as ?id=69
If ID cannot be obtained, give error. ID going here ^^
*/
if (isset($_GET['id'])) {
// Get all image info
$image = get_image_info($conn, $_GET['id']);
// Check if image is avalible
if (isset($image['imagename'])) {
// Display image
$image_path = "images/".$image['imagename'];
$image_alt = $image['alt'];
} else { } else {
// ID not avalible toast return "No information provided.";
echo "<p class='alert alert-low space-bottom-large'>Could not find image with ID: ".$_GET['id']."</p>";
// Replacement "no image" image and description
$image_path = "assets/no_image.png";
$image_alt = "No image could be found, sowwy";
} }
} else {
// No ID toast
//echo "<p class='alert alert-low space-bottom-large'>No ID present</p>";
// Replacement "no image" image and description
//$image_path = "assets/no_image.png";
//$image_alt = "No image could be found, sowwy";
}
/*
Get all user details
This gets the user info from the image
*/
if (isset($image['author'])) {
$user = get_user_info($conn, $image['author']);
}
/*
Check user privilge
This requires the user to be logged in or an admin
*/
if (image_privilage($image['author']) || is_admin($_SESSION['id'])) {
$privilaged = True;
} else {
$privilaged = False;
} }
?> ?>
@ -79,7 +32,63 @@ if (image_privilage($image['author']) || is_admin($_SESSION['id'])) {
<link rel='stylesheet' href='Flyout/flyout.css'> <link rel='stylesheet' href='Flyout/flyout.css'>
</head> </head>
<body> <body>
<?php include"ui/nav.php"; ?> <?php
include "ui/required.php";
/*
Get image ID
Image ID should be written in the URL of the page as ?id=69
If ID cannot be obtained, give error. ID going here ^^
*/
if (isset($_GET['id'])) {
// Get all image info
$image = get_image_info($conn, $_GET['id']);
// Check if image is avalible
if (isset($image['imagename'])) {
// Display image
$image_path = "images/".$image['imagename'];
$image_alt = $image['alt'];
} else {
// ID not avalible toast
echo "<p class='alert alert-low space-bottom-large'>Could not find image with ID: ".$_GET['id']."</p>";
// Replacement "no image" image and description
$image_path = "assets/no_image.png";
$image_alt = "No image could be found, sowwy";
}
} else {
// No ID toast
//echo "<p class='alert alert-low space-bottom-large'>No ID present</p>";
// Replacement "no image" image and description
//$image_path = "assets/no_image.png";
//$image_alt = "No image could be found, sowwy";
}
/*
Get all user details
This gets the user info from the image
*/
if (isset($image['author'])) {
$user = get_user_info($conn, $image['author']);
}
/*
Check user privilge
This requires the user to be logged in or an admin
*/
if (image_privilage($image['author']) || is_admin($_SESSION['id'])) {
$privilaged = True;
} else {
$privilaged = False;
}
include"ui/nav.php"; ?>
<script> <script>
if (params.update == "success") { if (params.update == "success") {
@ -90,123 +99,8 @@ if (image_privilage($image['author']) || is_admin($_SESSION['id'])) {
} }
</script> </script>
<?php
/*
Confirm deleting user
user must be privilaged to do this action this the privilaged == true
*/
if (isset($_POST['delete_confirm']) && $privilaged) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
// Delete from table
$image_delete_request = "DELETE FROM swag_table WHERE id =".$image['id'];
$image_delete = mysqli_query($conn,$image_delete_request);
if ($image_delete) {
// See if image is in the directory
if (is_file("images/".$image['imagename'])) {
unlink("images/".$image['imagename']);
}
// Delete thumbnail if exitsts
if (is_file("images/thumbnails/".$image['imagename'])) {
unlink("images/thumbnails/".$image['imagename']);
}
header("Location:index.php?del=true&id=".$image['id']);
} else {
header("Location: image.php?id=".$image['id']."&del=fail>");
}
}
/*
Tags Confirm
*/
if (isset($_POST['tags_confirm']) && $privilaged) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
// Clean tags before adding
function clean($string) {
// Change to lowercase
$string = strtolower($string);
// Replace hyphens
$string = str_replace('-', '_', $string);
// Regex
$string = preg_replace('/[^A-Za-z0-9\_ ]/', '', $string);
// Return string
return preg_replace('/ +/', ' ', $string);
}
// Clean input
$tags_string = tag_clean(trim($_POST['add_tags']));
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $image["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
header("Location:image.php?id=".$image["id"]."&update=success");
} else {
header("Location:image.php?id=".$image["id"]."&update=error");
}
}
}
/*
Description athor
*/
if (isset($_POST['author_flyout']) && is_admin($_SESSION['id'])) {
$header = "Who owns the image?????";
$content = "Enter ID of image owner";
$action = "<form class='flex-down between' method='POST' enctype='multipart/form-data'>
<input class='btn alert-default space-bottom' type='text' name='update_author' placeholder='New user ID'>
<button class='btn alert-low' type='submit' name='author_confirm' value='".$image["id"]."'><img class='svg' src='assets/icons/edit.svg'>Update information</button>
</form>";
flyout($header, $content, $action);
}
/*
Author confirm
*/
if (isset($_POST['author_confirm']) && is_admin($_SESSION['id'])) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET author=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Setting parameters
$param_author = $_POST['update_author'];
$param_id = $image["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
header("Location:image.php?id=".$image["id"]."&update=success");
} else {
header("Location:image.php?id=".$image["id"]."&update=error");
}
}
}
?>
<div class="image-container space-bottom-large"> <div class="image-container space-bottom-large">
<?php <img class='image' id='<?php echo $image['id']; ?>' src='<?php echo $image_path; ?>' alt='<?php echo $image_alt; ?>'>
// Displaying image
echo "<img class='image' id='".$image['id']."' src='".$image_path."' alt='".$image_alt."'>";
?>
</div> </div>
@ -314,13 +208,12 @@ if (image_privilage($image['author']) || is_admin($_SESSION['id'])) {
var header = "Enter new Description/Alt"; var header = "Enter new Description/Alt";
var description = "Whatcha gonna put in there 👀"; var description = "Whatcha gonna put in there 👀";
var actionBox = "<form id='descriptionConfirm'>\ var actionBox = "<form id='descriptionConfirm'>\
<input id='descriptionInput' class='btn alert-default space-bottom' type='text' name='descriptionInput' placeholder='Description/Alt for image'>\ <input id='descriptionInput' class='btn alert-default space-bottom' type='text' placeholder='Description/Alt for image'>\
<button id='descriptionSubmit' class='btn alert-low' type='submit name='descriptionSubmit''><img class='svg' src='assets/icons/edit.svg'>Update information</button>\ <button id='descriptionSubmit' class='btn alert-low' type='submit'><img class='svg' src='assets/icons/edit.svg'>Update information</button>\
</form>\ </form>\
<div id='descriptionErrorHandling'></div>"; <div id='descriptionErrorHandling'></div>";
flyoutShow(header, description, actionBox); flyoutShow(header, description, actionBox);
}); });
$("#descriptionConfirm").submit(function(event) { $("#descriptionConfirm").submit(function(event) {
event.preventDefault(); event.preventDefault();
var descriptionInput = $("#descriptionInput").val(); var descriptionInput = $("#descriptionInput").val();

31
index.php
View file

@ -43,35 +43,6 @@
} }
</script> </script>
<?php
// Show search
if ($_GET["srch"] == "show") {
$header = "Search for a tags!";
$content = "Here you can search for funnies! Like raccoons!!!!!!!!!";
$action = "<form class='flex-down between' method='POST' enctype='multipart/form-data'>
<input class='btn alert-default space-bottom' type='text' name='search' placeholder='👀'>
<button class='btn alert-high' type='submit' name='search_confirm' value=''><img class='svg' src='assets/icons/binoculars.svg'>Search</button>
</form>";
flyout($header, $content, $action);
}
/*
Search Confirm
*/
if (isset($_POST['search_confirm'])) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
// Clean input
$tags_string = tag_clean(trim($_POST['search']));
header("Location:index.php?q=".$tags_string);
}
if (isset($_GET["q"])) {
echo "<p class='alert alert-default space-bottom'>Search results for: ".$_GET['q']."</p>";
}
?>
<div class="info-text center"> <div class="info-text center">
<?php <?php
// Welcome depending on if user is logged in or not // Welcome depending on if user is logged in or not
@ -82,7 +53,7 @@
} }
// Random welcome message // Random welcome message
$welcome_message = array("*internal screaming*", "Sussy Wussy", "What is this world?", "Don't forget to drink water!", "Bruh", "This is so poorly programmed", "Sorry", "Fluffy made this!", "maybe", "I'm gay"); $welcome_message = array("*internal screaming*", "Sussy Wussy", "What is this world?", "Don't forget to drink water!", "Bruh", "This is so poorly programmed", "Sorry", "Fluffy made this!", "maybe", "I'm gay", "I wish we were better strangers.");
echo "<p>".$welcome_message[array_rand($welcome_message, 1)]."</p>"; echo "<p>".$welcome_message[array_rand($welcome_message, 1)]."</p>";
?> ?>
</div> </div>

189
ui/functions.php
View file

@ -1,190 +1 @@
<?php <?php
/*
Get full image info from database
Returns array with image info
*/
function get_image_info($conn, $id) {
// Setting SQL query
$sql = "SELECT * FROM swag_table WHERE id = ".$id;
// Getting results
$query = mysqli_query($conn, $sql);
// Fetching associated info
$image_array = mysqli_fetch_assoc($query);
return($image_array);
}
/*
Get full user info from database
Returns array with user info
*/
function get_user_info($conn, $id) {
// Setting SQL query
$sql = "SELECT * FROM users WHERE id = ".$id;
// Getting results
$query = mysqli_query($conn, $sql);
// Fetching associated info
$user_array = mysqli_fetch_assoc($query);
return($user_array);
}
/*
Clean up long text input and turn into an array for tags
Returns clean string of words with equal white space between it
*/
function tag_clean($string) {
// Replace hyphens
$string = str_replace('-', '_', $string);
// Regex
$string = preg_replace('/[^A-Za-z0-9\_ ]/', '', $string);
// Change to lowercase
$string = strtolower($string);
// Removing extra spaces
$string = preg_replace('/ +/', ' ', $string);
return $string;
}
/*
Check if user is loggedin
Returns True if user is
Returns False if user is NOT
*/
function loggedin() {
if (isset($_SESSION["loggedin"]) == true && $_SESSION["loggedin"] == true) {
return True;
} else {
return False;
}
}
/*
Check if user is image owner
Returns True if user is privilaged
Returns False if user is NOT privilaged
*/
function image_privilage($id) {
$session_id = $_SESSION['id'];
if (isset($session_id) || !empty($session_id)) {
if ($session_id == $id) {
return True;
} else {
return False;
}
} else {
return False;
}
}
/*
Check if user is admin
Returns True if user is privilaged
Returns False if user is NOT privilaged
*/
function is_admin($id) {
if (isset($id) || !empty($id)) {
if ($id == 1) {
return True;
} else {
return False;
}
} else {
return False;
}
}
/*
Takes in max 3 min 2 inputs:
Header is displayed ontop of the flyout
Takes in text input
Description is displayed in the center of the flyout
Takes in text input
Action is displayed above the cancel button
Takes in any HTML input
Returns nothing but must include:
<script src='scripts/flyout.js'></script>
At the bottom of the HTML document
*/
function flyout($header, $content, $action) {
// Used for background dimming
echo "<div class='flyout-dim'></div>";
// Div Start
echo "<div class='flyout flex-down default-window between'>";
// Header for the flyout, must be included
if (isset($header) && !empty($header)) {
echo "<h2 class='space-bottom'>".$header."</h2>";
} else {
echo "<h2 class='space-bottom'>Header</h2>";
}
// Flyout content, must be included!!!!
if (isset($content) && !empty($content)) {
echo "<p class='space-bottom'>".$content."</p>";
} else {
echo "<h2 class='space-bottom'>Description</h2>";
}
// Flyout button, not required so must need more information when added
if (isset($action) && !empty($action)) {
echo $action;
}
// Exit button + Div End
echo "<button class='btn alert-default space-top flyout-close'>Close</button>
</div>";
// Must be included with flyout.php
echo "<script src='scripts/flyout.js'></script>";
}
/*
Notification of an action done, takes in min 3 inputs:
Text is the text that shows up on the notification
Takes in string input
Level is the level of the notification
high is a good response or the colour green
low is a bad response or the colour red
default is a neutral response or the colour black/gray
returns notification html including classes
===== Programmers note ==============================
I made this so I didn't have to remake the html
portion of the notification, it was annoying.
This also allows for expanding the system later on!
=====================================================
*/
function notify($text, $level) {
if ($level == "high") {
$text_string = "<p class='alert alert-high space-bottom-large' onclick='closeAlert(this)'>".$text."</p>";
} elseif ($level == "low") {
$text_string = "<p class='alert alert-low space-bottom-large' onclick='closeAlert(this)'>".$text."</p>";
} elseif ($level == "default") {
$text_string = "<p class='alert alert-default space-bottom-large' onclick='closeAlert(this)'>".$text."</p>";
} else {
$text_string = "<p class='alert alert-default space-bottom-large' onclick='closeAlert(this)'>".$text."</p>";
}
return $text_string;
}

18
ui/required.php
View file

@ -25,18 +25,18 @@ if (is_file("index.php")) {
include $root_dir."app/server/conn.php"; include $root_dir."app/server/conn.php";
/* /*
Include functions Add functions
Maybe I should put all the functions in this file? Dunno
*/ */
include $root_dir."ui/functions.php"; include $root_dir."app/account/get_info.php";
include $root_dir."app/account/is_admin.php";
include $root_dir."app/account/login_status.php";
/* include $root_dir."app/format/string_to_tags.php";
Notification system
This is the notification system used by the website. Probably a little too much for what its used for include $root_dir."app/image/get_image_info.php";
*/ include $root_dir."app/image/image_privilage.php";
echo "<div id='notify-root' class='notify-root'></div>";
include $root_dir."app/server/secrete.php";
?> ?>
<script> <script>
/* /*