failed-galleries/php-gallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2025-01-15 02:55:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5 from Fluffy-Bean/beta

Browse source 
Beta
This commit is contained in:
Michal 2022-09-20 19:41:46 +01:00 committed by GitHub
parent 4ce9723ef8 6fee1e3b57
commit c5285f2fac
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
50 changed files with 2730 additions and 1692 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
Flyout/.flyout.css.swp
View file

Binary file not shown.

8
Flyout/flyout.css
View file

@ -10,7 +10,7 @@
position: fixed; z-index: 999;
background-color: var(--bg);
backdrop-filter: blur(8px);
backdrop-filter: blur(15px);
opacity: 0;
@ -67,3 +67,9 @@
.flyout-actionbox * * * {
width: auto;
}
.flyout-actionbox > button {
margin-bottom: 0.5rem;
}
.flyout-actionbox > button > * {
width: auto;
}

0
GitHub/LICENSE.md → LICENSE.md
View file

64
README.md
View file

@ -1,11 +1,63 @@
# OnlyLegs!
Welcome little one, this is the start of something great
The only gallery made by a maned wolf.
Hey Fluffy! Why is this open source when there could still be security issues with all of this?
So people who know what they are doing can help me fix this shit? :'3
## How to setup
### Downloading & installing
#### Path
Download this project and move it into your website(s) folder. Usually under ```/var/www/html/``` on Linux.
# How do I use this!
First of all, I don't recommend anyone using this at this time. Though I want this to get to a state where its usable for anyone to setup and host themselves, its just not anywhere near a state where this is usable. Also, security is just not upto my standards
#### Imagik
You will need to install the image-magik PHP plugin for thumbnail creation, on Ubuntu its as easy as ```apt install php-imagik```.
# License
#### PHP
This project also requires PHP 8 and was made with Ubuntu 22.04 LTS in mind, so I reccommend running this gallery on such.
### Database setup
If you made it this far, congrats! We're not even close to done. Next you will need to setup your database. If you're running a seperate server for databases, that'll also work.
You first need to head over to ```app/server/conn.php``` and set the correct information, if you're using localhost, this should be the following details:
- localhost
- (username)
- (password)
- Gallery
I recommend using a database name such as Gallery, but others should work just as well.
I also recommend not using root for this and setting up a user specifically for this, but I will not go through the process of making a such user here.
You will next need to setup the following 5 tables:
#### Images
```CREATE TABLE images ( id INT NOT NULL PRIMARY KEY AUTO_INCREMENT, imagename VARCHAR(50) UNIQUE, alt VARCHAR(255), tags VARCHAR(255), alt VARCHAR(50), last_modified TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, upload_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP );```
#### Users
```CREATE TABLE users ( id INT NOT NULL PRIMARY KEY AUTO_INCREMENT, usernname VARCHAR(50) NOT NULL UNIQUE, password VARCHAR(255) NOT NULL, admin bool, last_modified TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP );```
#### Tokens
```CREATE TABLE tokens ( id INT NOT NULL PRIMARY KEY AUTO_INCREMENT, code VARCHAR(50) NOT NULL, used BOOL, used_at VARCHAR(50) NOT NULL );```
#### Logs
```CREATE TABLE logs ( id INT NOT NULL PRIMARY KEY AUTO_INCREMENT, ipaddress VARCHAR(16) NOT NULL, action VARCHAR(255), time TIMESTAMP DEFAULT CURRENT_TIMESTAMP );```
#### Bans
```CREATE TABLE bans ( id INT NOT NULL PRIMARY KEY AUTO_INCREMENT, ipaddress VARCHAR(16) NOT NULL, reason VARCHAR(255), time TIMESTAMP DEFAULT CURRENT_TIMESTAMP, length VARCHAR(255) NOT NULL, permanent BOOL NOT NULL ); ```
### Manifest
In the ```app/settings/manifest.json``` you have a list of infomation about your website. You must change ```user_name``` to your prefered name, ```is_testing``` to false (or anything else) as that is used for development and ```upload_max``` to your prefered file size max in MBs.
### Creating an account
For now, there is no automated way of doing this, so you will have to go into your database on a terminal and type the following command ```INSERT INTO tokens (code, used) VALUES('UserToken', False)```. You have now made a token that you can use to make an account with.
Head over to the Login section off the app and click the Need an account button, from there you can enter your own details. Once you get to the token section enter ```UserToken```. And with that, you have now set up your own image gallery!
## Usage
### Admin
As an admin, you can do things such as modifying other people's posts, reseting users passwords and checking logs for sussy behaviour. With that, use these tools with respect to others and don't abuse them.
If you trust someone enough, you can set them to a moderator through the settings > users > toggle admin. You can tell who is an admin by the green highlight to the left of their name.
### Images
Uploading images is as simple as choosing the image you want to upload, then clicking upload! Keep in mind that not all formats play well as this gallery uses Imagik to generate thumbnails and preview images, so images such as GIFs do not work as of now. Supported file formats include JPG, JPEG, PNG and WEBP.
You should also keep in mind the file size, by default images of 20MBs should be able to get uploaded. But if you run into issues, either raise the file size in the ```manifest.json``` or locate your ```php.ini``` on your webserver and raise the ```upload_max_filesize``` and ```post_max_size``` to a same or greater value.
## License
This project is under the GNU v3 License

61
Sniffle/sniffle.css
View file

@ -15,7 +15,7 @@
.sniffle {
margin: 0; padding: 0 1rem;
max-width: 621px; width: calc(100% - 1rem);
max-width: 569px; width: calc(100% - 1rem);
top: 0.5rem; left: 50%;
transform: translateX(-50%);
@ -31,28 +31,65 @@
and a text div .sniffle-content
*/
.sniffle-notification {
margin-bottom: 0.5rem; padding: 0.5rem;
margin-bottom: 0.5rem; padding: 0;
max-width: calc(100% - 1rem); min-height: 2.5rem;
max-width: 100%; min-height: 2.5rem;
display: flex; flex-direction: row; overflow-y: hidden;
z-index: 999;
position: relative;
background-color: #151515;
box-shadow: var(--shadow);
transition: transform 1s cubic-bezier(.19,1,.22,1), opacity 0.2s cubic-bezier(.19,1,.22,1);
border-radius: var(--rad);
transition: margin-top 1s cubic-bezier(.19,1,.22,1);
-webkit-touch-callout: none;
-webkit-user-select: none;
-khtml-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
}
.sniffle-notification:hover {
transform: scale(1.05);
cursor: pointer;
}
.sniffle-notification:not(:nth-of-type(1), :nth-of-type(2), :nth-of-type(3), :nth-of-type(4)) {
display: none;
opacity: 0;
}
.sniffle-notification:nth-of-type(1) {
z-index: 1;
transform: scale(1);
opacity: 1;
transition: transform 1s cubic-bezier(.19,1,.22,1), opacity 0.25s cubic-bezier(.19,1,.22,1);
}
.sniffle-notification:nth-of-type(2) {
z-index: -1;
transform: scale(0.95);
margin-top: -4.8rem;
opacity: 1;
transition: transform 1.25s, opacity 0.5s;
}
.sniffle-notification:nth-of-type(3) {
z-index: -2;
transform: scale(0.9);
margin-top: -4.8rem;
opacity: 1;
transition: transform 1.5s, opacity 0.75s;
}
.sniffle-notification:nth-of-type(4) {
z-index: -3;
transform: scale(0.85);
margin-top: -4.8rem;
opacity: 0;
transition: transform 1.75s, opacity 1s;
}
/*
Notification content Root
@ -60,9 +97,9 @@
And to prevent text from overflowing the notification
*/
.sniffle-content {
margin: 0 auto;
margin: 0 auto; padding: 0.5rem;
width: calc(100% - 3.5rem);
width: 100%;
flex-direction: column; flex-wrap: wrap;
overflow-y: hidden;
@ -72,12 +109,14 @@
Notification icon/image
*/
.sniffle-img {
margin-right: 1rem;
padding: 0 0.5rem;
max-width: 2.5rem; width: auto;
height: auto;
object-fit: contain;
background-color: #15151533;
}
/*
Notification header

49
about.php
View file

@ -2,44 +2,43 @@
<html>
<head>
<?php include __DIR__."/ui/header.php"; ?>
<?php require_once __DIR__."/ui/header.php"; ?>
</head>
<body>
<?php
include __DIR__."/ui/required.php";
include __DIR__."/ui/nav.php";
require_once __DIR__."/ui/required.php";
require_once __DIR__."/ui/nav.php";
?>
<div class="about-root">
<h2 id="about">What is Fluffys Amazing Gallery?</h2>
<p>Fluffys Amazing Gallery is a smol project I originally started to control the images on my main page, but quickly turned into something much bigger...</p>
<p>What Do I want this to become in the future? No clue, but I do want this to be usable by others, if its a file they download a docker image they setup on your own web server.</p>
<p>Will it become that any time soon? No, but. I am going to work on this untill it becomes what I want it to be!</p>
<h1><?php echo $user_settings['website_name']; ?></h1>
<p><?php echo $user_settings['website_description']; ?></p>
<p>Version <?php echo $user_settings['version']; ?></p>
<br>
<h2>TOS</h2>
<p><?php echo $user_settings['tos']; ?></p>
<p>This project is protected under the <?php echo $user_settings['license']; ?> license by <?php echo $user_settings['user_name']; ?></p>
<br>
<h2>Credits to development</h2>
<p>Carty: Kickstarting development and SQL/PHP development</p>
<p>Jeetix: Helping patch holes in some features</p>
<p>mrHDash, Verg, Fennec, Carty, Jeetix and everyone else for helping with early bug testing</p>
<p><a class='link' href="https://phosphoricons.com/">Phosphor</a> for providing nice SVG icons</p>
<br>
<h2 class="space-top-large" id="add-this">Can you add "A" or "B"?</h2>
<p>No.</p>
<br>
<h2 class="space-top-large" id="guide">How do I use this!</h2>
<p>First you must obtain the invite code. If you don't have one and are interested in trying this, feel free to DM me on Telegram!</p>
<p>But once you're done doing that, you can start making your account <a class='link' href="https://superdupersecteteuploadtest.fluffybean.gay/account/signup.php">at the signup page here</a>.</p>
<p>From there you should be able to go and login <a class='link' href="https://superdupersecteteuploadtest.fluffybean.gay/account/login.php">at this fancy page here</a>!</p>
<p>Now you should see "Welcome (your username)" at the homepage. From there navigate to the navbar and click on the upload button. Choose your file, enter the description and your image is up!</p>
<br>
<h2 class="space-top-large">Credits!</h2>
<p>To Carty for being super cool again and helping me get started with SQL and PHP!</p>
<p>To <a class='link' href="https://phosphoricons.com/">Phosphor</a> for providing nice SVG icons.</p>
<p>To mrHDash...</p>
<h2>Development</h2>
<a href="https://github.com/Fluffy-Bean/image-gallery" class="link">Project Github</a>
<a href="https://twitter.com/fluffybeanUwU" class="link">Creators Twitter</a>
</div>
<?php include __DIR__."/ui/footer.php"; ?>
<?php require_once __DIR__."/ui/footer.php"; ?>
</body>
</html>

404
account.php Normal file
View file

@ -0,0 +1,404 @@
<!DOCTYPE html>
<html>
<head>
<?php require_once __DIR__."/ui/header.php"; ?>
</head>
<body>
<?php
require_once __DIR__."/ui/required.php";
require_once __DIR__."/ui/nav.php";
use App\Account;
use App\Diff;
$user_info = new Account();
$diff = new Diff();
?>
<?php
if ($user_info->is_loggedin()) {
?>
<div class="account-root">
<h2>Settings</h2>
<a class='btn btn-bad' href='password-reset.php'><img class='svg' src='assets/icons/password.svg'>Reset Password</a>
<button class="btn btn-bad" onclick="deleteAccount()"><img class='svg' src='assets/icons/trash.svg'>Delete account</button>
<br>
<p>Don't leave! I'm with the science team!</p>
<a class='btn btn-bad' href='app/account/logout.php'><img class='svg' src='assets/icons/sign-out.svg'>Logout</a>
</div>
<script>
function deleteAccount() {
var header = "Are you very very sure?";
var description = "This CANNOT be undone, be very carefull with your decition!!!";
var actionBox = "<button class='btn btn-bad' onclick='deleteAccountConfirm()'><img class='svg' src='assets/icons/trash.svg'>Delete account (keep posts)</button>\
<button class='btn btn-bad' onclick='deleteAccountConfirmFull()'><img class='svg' src='assets/icons/trash.svg'>Delete account (delete posts)</button>";
flyoutShow(header, description, actionBox);
}
function deleteAccountConfirm () {
var header = "Deleting just your account!";
var description = "This is your last warning, so enter your password now.";
var actionBox = "<form id='accountDelete' method='POST'>\
<input id='accountDeletePassword' class='btn btn-neutral' type='password' name='password' placeholder='Password'>\
<button id='accountDeleteSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/trash.svg'>Delete account (keep posts)</button>\
</form>";
flyoutShow(header, description, actionBox);
$("#accountDelete").submit(function(event) {
event.preventDefault();
var accountDeletePassword = $("#accountDeletePassword").val();
var accountDeleteSubmit = $("#accountDeleteSubmit").val();
$("#sniffle").load("app/account/account.php", {
delete_id: <?php echo $_SESSION['id']; ?>,
full: 'false',
account_password: accountDeletePassword,
account_delete_submit: accountDeleteSubmit
});
});
}
function deleteAccountConfirmFull () {
var header = "Deleting EVERYTHINGGGGG";
var description = "This is your last warning, so enter your password now.";
var actionBox = "<form id='accountDeleteFull' method='POST'>\
<input id='accountDeletePassword' class='btn btn-neutral' type='password' name='password' placeholder='Password'>\
<button id='accountDeleteSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/trash.svg'>Delete account (delete posts)</button>\
</form>";
flyoutShow(header, description, actionBox);
$("#accountDeleteFull").submit(function(event) {
event.preventDefault();
var accountDeletePassword = $("#accountDeletePassword").val();
var accountDeleteSubmit = $("#accountDeleteSubmit").val();
$("#sniffle").load("app/account/account.php", {
delete_id: <?php echo $_SESSION['id']; ?>,
full: 'true',
account_password: accountDeletePassword,
account_delete_submit: accountDeleteSubmit
});
});
}
</script>
<?php
if ($user_info->is_admin($conn, $_SESSION['id'])) {
?>
<div class="admin-root">
<h2>Admin controlls</h2>
<h3>Invite Codes</h3>
<?php
$token_request = mysqli_query($conn, "SELECT * FROM tokens WHERE used = 0");
while ($token = mysqli_fetch_array($token_request)) {
?>
<button onclick='copyCode()' class='btn btn-neutral'><?php echo $token['code']; ?></button>
<script>
function copyCode() {
navigator.clipboard.writeText("<?php echo $token['code']; ?>");
sniffleAdd("Info", "Invite code has been copied!", "var(--green)", "assets/icons/clipboard-text.svg");
}
</script>
<?php
}
?>
<br>
<div class="tabs">
<button class="btn btn-neutral tablinks" onclick="openTab(event, 'logs')">Logs</button>
<button class="btn btn-neutral tablinks" onclick="openTab(event, 'bans')">Bans</button>
<button class="btn btn-neutral tablinks" onclick="openTab(event, 'users')">Users</button>
</div>
<div id="logs" class="logs tabcontent">
<div class="log">
<p>ID</p>
<p>User IP</p>
<p>Action</p>
<p>Time</p>
</div>
<?php
// Reading images from table
$logs_request = mysqli_query($conn, "SELECT * FROM logs ORDER BY id DESC");
while ($log = mysqli_fetch_array($logs_request)) {
?>
<div class="log">
<p><?php echo $log['id']; ?></p>
<p><?php echo $log['ipaddress']; ?></p>
<p><?php echo $log['action']; ?></p>
<?php
$log_time = new DateTime($log['time']);
echo "<p>" . $log_time->format('Y-m-d H:i:s T') . " | " . $diff->time($log['time']) . "</p>";
?>
</div>
<?php
}
?>
</div>
<div id="bans" class="bans tabcontent">
<div class="ban">
<p>ID</p>
<p>User IP</p>
<p>Reason</p>
<p>Lenght</p>
<p>Time</p>
</div>
<?php
// Reading images from table
$bans_request = mysqli_query($conn, "SELECT * FROM bans ORDER BY id DESC");
while ($ban = mysqli_fetch_array($bans_request)) {
if ($ban['permanent']) {
echo "<div class='ban perm'>";
} else {
echo "<div class='ban'>";
}
?>
<p><?php echo $ban['id']; ?></p>
<p><?php echo $ban['ipaddress']; ?></p>
<p><?php echo $ban['reason']; ?></p>
<p><?php echo $ban['length']; ?> mins</p>
<?php
$log_time = new DateTime($ban['time']);
echo "<p>" . $log_time->format('Y-m-d H:i:s T') . " | " . $diff->time($ban['time']) . "</p>";
?>
</div>
<?php
}
?>
</div>
<div id="users" class="user-settings tabcontent">
<div class="user">
<p>ID</p>
<p>Username</p>
<p>Last Modified</p>
<p>User Options</p>
<p></p>
<p></p>
</div>
<?php
// Reading images from table
$user_request = mysqli_query($conn, "SELECT * FROM users");
while ($user = mysqli_fetch_array($user_request)) {
if ($user['admin'] || $user['id'] == 1) {
echo "<div class='user is-admin'>";
} else {
echo "<div class='user'>";
}
?>
<p><?php echo $user['id']; ?></p>
<p><?php echo $user['username']; ?></p>
<?php
$user_time = new DateTime($user['created_at']);
echo "<p>" . $user_time->format('Y-m-d H:i:s T') . " | " . $diff->time($user['last_modified']) . "</p>";
if ($user['id'] == 1) {
?>
<button class="btn btn-neutral" style="outline: none;">Reset Password</button>
<button class="btn btn-neutral" style="outline: none;">Delete user</button>
<button class="btn btn-neutral" style="outline: none;">Toggle admin</button>
<?php
} else {
?>
<button id="userResetPassword" class="btn btn-bad" onclick="userResetPassword('<?php echo $user['id']; ?>', '<?php echo $user['username']; ?>')">Reset Password</button>
<button id="userDeleteButton" class="btn btn-bad" onclick="userDelete('<?php echo $user['id']; ?>', '<?php echo $user['username']; ?>')">Delete user</button>
<button id="userToggleAdmin" class="btn btn-bad" onclick="userToggleAdmin('<?php echo $user['id']; ?>', '<?php echo $user['username']; ?>')">Toggle admin</button>
<?php
}
?>
</div>
<?php
}
?>
<script>
function userResetPassword(id, username) {
var header = "UwU whats the new passywassy code?";
var description = "Do this only if "+username+" has forgotten their password, DO NOT abuse this power";
var actionBox = "<form id='userResetPasswordForm' method='POST' enctype='multipart/form-data'>\
<input id='userNewPassword' class='btn btn-neutral' type='password' name='new_password' placeholder='New Password'>\
<input id='userConfirmPassword' class='btn btn-neutral' type='password' name='confirm_password' placeholder='Confirm Password'>\
<br>\
<button id='userPasswordSubmit' class='btn btn-bad' type='submit' name='reset' value='"+id+"'><img class='svg' src='assets/icons/password.svg'>Reset</button>\
</form>";
flyoutShow(header, description, actionBox);
$("#userResetPasswordForm").submit(function(event) {
event.preventDefault();
var new_password = $("#userNewPassword").val();
var confirm_password = $("#userConfirmPassword").val();
var submit = $("#userPasswordSubmit").val();
var userId = $("#userPasswordSubmit").val();
$("#sniffle").load("app/account/account.php", {
new_password: new_password,
confirm_password: confirm_password,
id: userId,
password_reset_submit: submit
});
});
}
function userDelete(id, username) {
var header = "Are you very very sure?";
var description = "This CANNOT be undone, be very carefull with your decition... There is no second warning!";
var actionBox = "<form id='userDelete' method='POST'>\
<button id='userDeleteSubmit' class='btn btn-bad' type='submit' value='"+id+"'><img class='svg' src='assets/icons/trash.svg'>Delete user "+username+" (keep posts)</button>\
</form>\
<form id='userDeleteFull' method='POST'>\
<button id='userDeleteSubmit' class='btn btn-bad' type='submit' value='"+id+"'><img class='svg' src='assets/icons/trash.svg'>Delete user "+username+" (delete posts)</button>\
</form>";
flyoutShow(header, description, actionBox);
$("#userDelete").submit(function(event) {
event.preventDefault();
var id = $("#userDeleteSubmit").val();
var userDeleteSubmit = $("#userDeleteSubmit").val();
$("#sniffle").load("app/account/account.php", {
delete_id: id,
full: false,
account_delete_submit: userDeleteSubmit
});
});
$("#userDeleteFull").submit(function(event) {
event.preventDefault();
var id = $("#userDeleteSubmit").val();
var userDeleteSubmit = $("#userDeleteSubmit").val();
$("#sniffle").load("app/account/account.php", {
delete_id: id,
full: true,
account_delete_submit: userDeleteSubmit
});
});
}
function userToggleAdmin(id, username) {
var header = "With great power comes great responsibility...";
var description = "Do you trust this user? With admin permitions they can cause a whole lot of damage to this place, so make sure you're very very sure";
var actionBox = "<form id='toggleAdminConfirm' method='POST'>\
<button id='toggleAdminSubmit' class='btn btn-bad' type='submit' value='"+id+"'>Make "+username+" powerfull!</button>\
</form>";
flyoutShow(header, description, actionBox);
$("#toggleAdminConfirm").submit(function(event) {
event.preventDefault();
var toggleAdminSubmit = $("#toggleAdminSubmit").val();
$("#sniffle").load("app/account/account.php", {
id: toggleAdminSubmit,
toggle_admin: toggleAdminSubmit
});
});
}
</script>
</div>
<script>
function openTab(evt, tabName) {
var i, tabcontent, tablinks;
tabcontent = document.getElementsByClassName("tabcontent");
for (i = 0; i < tabcontent.length; i++) {
tabcontent[i].style.display = "none";
}
tablinks = document.getElementsByClassName("tablinks");
for (i = 0; i < tablinks.length; i++) {
tablinks[i].className = tablinks[i].className.replace(" active-tab", "");
}
document.getElementById(tabName).style.display = "flex";
evt.currentTarget.className += " active-tab";
}
</script>
</div>
<?php // UwU
}
} else {
?>
<div class="login-root">
<h2>Login</h2>
<p>Passwords are important to keep safe. Don't tell anyone your password, not even Fluffy!</p>
<br>
<form id="loginForm" method="POST" enctype="multipart/form-data">
<input id="loginUsername" class="btn btn-neutral" type="text" name="username" placeholder="Username">
<input id="loginPassword" class="btn btn-neutral" type="password" name="password" placeholder="Password">
<br>
<button id="loginSubmit" class="btn btn-good" type="submit" name="login"><img class="svg" src="assets/icons/sign-in.svg">Login</button>
</form>
<button class='btn btn-neutral' onclick="signupShow()"><img class="svg" src="assets/icons/sign-in.svg">Need an account?</button>
</div>
<script>
$("#loginForm").submit(function(event) {
event.preventDefault();
var username = $("#loginUsername").val();
var password = $("#loginPassword").val();
var submit = $("#loginSubmit").val();
$("#sniffle").load("app/account/account.php", {
username: username,
password: password,
submit_login: submit
});
});
</script>
<div class="signup-root">
<h2>Make account</h2>
<p>And amazing things happened here...</p>
<br>
<form id="signupForm" method="POST" action="signup.php" enctype="multipart/form-data">
<input id="signupUsername" class="btn btn-neutral" type="text" name="username" placeholder="Username">
<br>
<input id="signupPassword" class="btn btn-neutral" type="password" name="password" placeholder="Password">
<input id="signupPasswordConfirm" class="btn btn-neutral" type="password" name="confirm_password" placeholder="Re-enter Password">
<br>
<input id="signupToken" class="btn btn-neutral" type="text" name="token" placeholder="Invite Code">
<br>
<button id="signupSubmit" class="btn btn-good" type="submit" name="signup"><img class="svg" src="assets/icons/sign-in.svg">Sign Up</button>
</form>
<button class='btn btn-neutral' onclick="loginShow()"><img class="svg" src="assets/icons/sign-in.svg">I already got an account!</button>
</div>
<script>
$("#signupForm").submit(function(event) {
event.preventDefault();
var username = $("#signupUsername").val();
var password = $("#signupPassword").val();
var confirm_password = $("#signupPasswordConfirm").val();
var token = $("#signupToken").val();
var submit = $("#signupSubmit").val();
$("#sniffle").load("app/account/account.php", {
username: username,
password: password,
confirm_password: confirm_password,
token: token,
submit_signup: submit
});
});
</script>
<script>
function loginShow() {
document.querySelector(".login-root").style.display = "block";
document.querySelector(".signup-root").style.display = "none";
};
function signupShow() {
document.querySelector(".signup-root").style.display = "block";
document.querySelector(".login-root").style.display = "none";
};
</script>
<?php
}
?>
<?php require_once __DIR__."/ui/footer.php"; ?>
</body>
</html>

126
account/account.php
View file

@ -1,126 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<?php include "../ui/header.php"; ?>
</head>
<body>
<?php
include "../ui/required.php";
include "../ui/nav.php";
?>
<?php
if (isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
?>
<div class="account-root">
<h2>Account settings</h2>
<br>
<?php
if ($_SESSION["id"] == 1) {
echo "<h3>Invite Codes</h3>";
$token_request = mysqli_query($conn, "SELECT * FROM tokens WHERE used = 0");
while ($token = mysqli_fetch_array($token_request)) {
?>
<!-- Button that's displayed with the invite code -->
<button onclick='copyCode()' class='btn btn-neutral'><?php echo $token['code']; ?></button>
<script>
function copyCode() {
navigator.clipboard.writeText("<?php echo $token['code']; ?>");
sniffleAdd("Info", "Invite code has been copied!", "var(--green)", "<?php echo $root_dir; ?>assets/icons/clipboard-text.svg");
}
</script>
<?php
}
}
?>
<br>
<h3 class='space-top'>Danger ahead</h3>
<p>Resetting your password regularly is a good way of keeping your account safe</p>
<a class='btn btn-bad' href='https://superdupersecteteuploadtest.fluffybean.gay/account/password-reset.php'><img class='svg' src='../assets/icons/password.svg'>Reset Password</a>
<br>
<p>Don't leave! I'm with the science team!</p>
<a class='btn btn-bad' href='https://superdupersecteteuploadtest.fluffybean.gay/account/logout.php'><img class='svg' src='../assets/icons/sign-out.svg'>Logout</a>
</div>
<?php
} else {
?>
<div class="login-root">
<h2>Login</h2>
<p>Passwords are important to keep safe. Don't tell anyone your password, not even Fluffy!</p>
<br>
<form id="loginForm" method="POST" enctype="multipart/form-data">
<input id="loginUsername" class="btn btn-neutral" type="text" name="username" placeholder="Username">
<input id="loginPassword" class="btn btn-neutral" type="password" name="password" placeholder="Password">
<br>
<button id="loginSubmit" class="btn btn-good" type="submit" name="login"><img class="svg" src="../assets/icons/sign-in.svg">Login</button>
</form>
<button class='btn btn-neutral' onclick="signupShow()"><img class="svg" src="../assets/icons/sign-in.svg">Need an account?</button>
</div>
<script>
$("#loginForm").submit(function(event) {
event.preventDefault();
var username = $("#loginUsername").val();
var password = $("#loginPassword").val();
var submit = $("#loginSubmit").val();
$("#sniffle").load("../app/account/account.php", {
username: username,
password: password,
submit_login: submit
});
});
</script>
<div class="signup-root">
<h2>Make account</h2>
<p>And amazing things happened here...</p>
<br>
<form id="signupForm" method="POST" action="signup.php" enctype="multipart/form-data">
<input id="signupUsername" class="btn btn-neutral" type="text" name="username" placeholder="Username">
<br>
<input id="signupPassword" class="btn btn-neutral" type="password" name="password" placeholder="Password">
<input id="signupPasswordConfirm" class="btn btn-neutral" type="password" name="confirm_password" placeholder="Re-enter Password">
<br>
<input id="signupToken" class="btn btn-neutral" type="text" name="token" placeholder="Invite Code">
<br>
<button id="signupSubmit" class="btn btn-good" type="submit" name="signup"><img class="svg" src="../assets/icons/sign-in.svg">Sign Up</button>
</form>
<button class='btn btn-neutral' onclick="loginShow()"><img class="svg" src="../assets/icons/sign-in.svg">I already got an account!</button>
</div>
<script>
$("#signupForm").submit(function(event) {
event.preventDefault();
var username = $("#signupUsername").val();
var password = $("#signupPassword").val();
var confirm_password = $("#signupPasswordConfirm").val();
var token = $("#signupToken").val();
var submit = $("#signupSubmit").val();
$("#sniffle").load("../app/account/account.php", {
username: username,
password: password,
confirm_password: confirm_password,
token: token,
submit_signup: submit
});
});
</script>
<script>
function loginShow() {
document.querySelector(".login-root").style.display = "block";
document.querySelector(".signup-root").style.display = "none";
};
function signupShow() {
document.querySelector(".signup-root").style.display = "block";
document.querySelector(".login-root").style.display = "none";
};
</script>
<?php
}
?>
<?php include "../ui/footer.php"; ?>
</body>
</html>

758
app/account/account.php
View file

@ -1,7 +1,12 @@
<?php
// Include server connection
include "../server/conn.php";
include dirname(__DIR__)."/server/conn.php";
include dirname(__DIR__)."/app.php";
use App\Account;
$user_info = new Account();
$user_ip = $user_info->get_ip();
/*
|-------------------------------------------------------------
@ -14,38 +19,75 @@ include "../server/conn.php";
|-------------------------------------------------------------
*/
if (isset($_POST['submit_login'])) {
/*
|-------------------------------------------------------------
| Set error status to 0
|-------------------------------------------------------------
| if there are more than 0 error, then they cannot submit a
| request
|-------------------------------------------------------------
*/
$error = 0;
$ban_query = mysqli_query($conn, "SELECT * FROM bans WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 1");
// Checking if Username is empty
if (empty(trim($_POST["username"]))) {
?>
<script>
sniffleAdd('Who dis?', 'You must enter a username to login!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$username = trim($_POST["username"]);
while ($ban_check = mysqli_fetch_assoc($ban_query)) {
$ban_time = $ban_check['time'];
$ban_perm = $ban_check['permanent'];
}
// Check if Password is empty
if (empty(trim($_POST["password"]))) {
$ban_diff = time() - strtotime($ban_time);
if ($ban_perm) {
?>
<script>
sniffleAdd('Whats the magic word?', 'Pls enter the super duper secrete word(s) to login!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('Bye bye!', 'You have been banned, contact the owner if you feel that this was a mistake', 'var(--red)', 'assets/icons/warning.svg');
</script>
<?php
$error = $error + 1;
$error += 1;
} elseif (($ban_diff / 60) <= 60) {
?>
<script>
sniffleAdd('Slow down!', 'You have attempted to login/signup too many times in 10 minutes. Come back in <?php echo round(60-($ban_diff/60)); ?> minutes', 'var(--red)', 'assets/icons/warning.svg');
</script>
<?php
$error += 1;
} else {
$password = trim($_POST["password"]);
$attemps = 0;
$log_query = mysqli_query($conn, "SELECT * FROM logs WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 5");
while ($log_array = mysqli_fetch_assoc($log_query)) {
$log_diff = time() - strtotime($log_array['time']);
if ($log_array['action'] == 'Failed to enter correct Password' && ($log_diff / 60) <= 10) {
$attemps += 1;
} elseif ($log_array['action'] == 'Failed to enter correct Invite Code' && ($log_diff / 60) <= 10) {
$attemps += 1;
}
}
if ($attemps >= 5) {
mysqli_query($conn,"INSERT INTO bans (ipaddress, reason, length, permanent) VALUES('$user_ip','Attempted password too many times', '60', '0')");
}
}
if ($error <= 0) {
// Checking if Username is empty
if (empty(trim($_POST["username"]))) {
?>
<script>
sniffleAdd('Who dis?', 'You must enter a username to login!', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error += 1;
} else {
$username = trim($_POST["username"]);
}
// Check if Password is empty
if (empty(trim($_POST["password"]))) {
?>
<script>
sniffleAdd('Whats the magic word?', 'Pls enter the super duper secrete word(s) to login!', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error += 1;
} else {
$password = trim($_POST["password"]);
}
}
if ($error <= 0) {
@ -80,32 +122,40 @@ if (isset($_POST['submit_login'])) {
// let the user know
?>
<script>
//sniffleAdd('O hi <?php echo $_SESSION["username"]; ?>', 'You are now logged in! You will be redirected in a few seconds', 'var(--green)', '../assets/icons/hand-waving.svg');
//setTimeout(function(){window.location.href = "../index.php?login=success";}, 2000);
window.location.href = "../index.php?login=success";
</script>
<script>
sniffleAdd('O hi <?php echo $_SESSION["username"]; ?>', 'You are now logged in! You will be redirected in a few seconds', 'var(--green)', 'assets/icons/hand-waving.svg');
setTimeout(function(){window.location.href = "index.php";}, 2000);
</script>
<?php
mysqli_query($conn,"INSERT INTO logs (ipaddress, action) VALUES('$user_ip','New loggin to ".$_SESSION['username']."')");
// This is a terrible way of doing this, but is has to be done
if ($id == 1 && $user_info->is_admin($conn, $id) == false) {
mysqli_query($conn,"UPDATE users SET admin = 1 WHERE id = 1");
}
} else {
?>
<script>
sniffleAdd('Sus', 'Username or Password WRONG, please try again :3', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('Sus', 'Username or Password WRONG, please try again :3', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
mysqli_query($conn,"INSERT INTO logs (ipaddress, action) VALUES('$user_ip','Failed to enter correct Password')");
}
}
} else {
?>
<script>
sniffleAdd('Sus', 'Username or Password WRONG, please try again :3', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('Sus', 'Username or Password WRONG, please try again :3', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
mysqli_query($conn,"INSERT INTO logs (ipaddress, action) VALUES('$user_ip','Failed to enter correct Username')");
}
} else {
?>
<script>
sniffleAdd('woops...', 'Sowwy, something went wrong on our end :c', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('woops...', 'Sowwy, something went wrong on our end :c', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
}
// Close statement
@ -123,149 +173,97 @@ if (isset($_POST['submit_login'])) {
|-------------------------------------------------------------
*/
if (isset($_POST['submit_signup'])) {
/*
|-------------------------------------------------------------
| Set error status to 0
|-------------------------------------------------------------
| if there are more than 0 error, then they cannot submit a
| request
|-------------------------------------------------------------
*/
$error = 0;
$ban_query = mysqli_query($conn, "SELECT * FROM bans WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 1");
if (empty(trim($_POST["username"]))) {
// Username not entered
while ($ban_check = mysqli_fetch_assoc($ban_query)) {
$ban_time = $ban_check['time'];
$ban_perm = $ban_check['permanent'];
}
$ban_diff = time() - strtotime($ban_time);
if ($ban_perm) {
?>
<script>
sniffleAdd('Hmmm', 'You must enter a username!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('Bye bye!', 'You have been banned, contact the owner if you feel that this was a mistake', 'var(--red)', 'assets/icons/warning.svg');
</script>
<?php
$error = $error + 1;
} elseif (!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))) {
// Username entered contains illegal characters
$error += 1;
} elseif (($ban_diff / 60) <= 60) {
?>
<script>
sniffleAdd('Sussy Wussy', 'Very sus. Username can only contain letters, numbers, and underscores', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('Slow down!', 'You have attempted to login/signup too many times in 10 minutes. Come back in <?php echo round(60-($ban_diff/60)); ?> minutes', 'var(--red)', 'assets/icons/warning.svg');
</script>
<?php
$error = $error + 1;
$error += 1;
} else {
// Prepare sql for sus
$sql = "SELECT id FROM users WHERE username = ?";
$attemps = 0;
$log_query = mysqli_query($conn, "SELECT * FROM logs WHERE ipaddress = '$user_ip' ORDER BY id DESC LIMIT 5");
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $username_request);
$username_request = trim($_POST["username"]);
if (mysqli_stmt_execute($stmt)) {
// Ask sql nicely if other usernames exist and store info
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
// Username taken
?>
<script>
sniffleAdd('A clone?', 'Sorry, but username was already taken by someone else', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$username = trim($_POST["username"]);
}
} else {
?>
<script>
sniffleAdd('Reee', 'We had a problem on our end, sowwy', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
while ($log_array = mysqli_fetch_assoc($log_query)) {
$log_diff = time() - strtotime($log_array['time']);
if ($log_array['action'] == 'Failed to enter correct Password' && ($log_diff / 60) <= 10) {
$attemps += 1;
} elseif ($log_array['action'] == 'Failed to enter correct Invite Code' && ($log_diff / 60) <= 10) {
$attemps += 1;
}
// Outa here with this
mysqli_stmt_close($stmt);
}
if ($attemps >= 5) {
mysqli_query($conn,"INSERT INTO bans (ipaddress, reason, length, permanent) VALUES('$user_ip','Attempted password too many times', '60', '0')");
}
}
// Validate sussness of Password
if (empty(trim($_POST["password"]))) {
// No password entered
?>
<script>
sniffleAdd('What', 'You must enter a password, dont want just anyone seeing your stuff uwu', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} elseif(strlen(trim($_POST["password"])) < 6){
// Password not long enough 👀
?>
<script>
sniffleAdd('👀', 'Nice (Password) but its not long enough 👀', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$password = trim($_POST["password"]);
}
// Validate sussiness of the other Password
if (empty(trim($_POST["confirm_password"]))) {
// Did not confirm passowrd
?>
<script>
sniffleAdd('Eh?', 'Confirm the password pls, its very important you remember what it issss', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$confirm_password = trim($_POST["confirm_password"]);
if (empty($error) && $confirm_password != $password) {
// Password and re-entered Password does not match
if ($error <= 0) {
if (empty(trim($_POST["username"]))) {
// Username not entered
?>
<script>
sniffleAdd('Try again', 'Passwords need to be the same, smelly smelly', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('Hmmm', 'You must enter a username!', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
}
}
// Check for invite code
if (isset($_POST['token'])) {
// Check if invite code is empty
if (empty($_POST['token'])) {
} elseif (!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))) {
// Username entered contains illegal characters
?>
<script>
sniffleAdd('smelly', 'Enter Invite Code ;3', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('Sussy Wussy', 'Very sus. Username can only contain letters, numbers, and underscores', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
// Prepare sql for sus
$sql = "SELECT id FROM tokens WHERE code = ? AND used = 0";
$sql = "SELECT id FROM users WHERE username = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $param_code);
mysqli_stmt_bind_param($stmt, "s", $username_request);
$param_code = $_POST['token'];
$username_request = trim($_POST["username"]);
// Ask sql nicely if other usernames exist and store info
if (mysqli_stmt_execute($stmt)) {
// Ask sql nicely if other usernames exist and store info
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
$token = trim($_POST["token"]);
} else {
// Username taken
?>
<script>
sniffleAdd('Argh', 'Your invite code/token did not check out, woopsie!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('A clone?', 'Sorry, but username was already taken by someone else', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$username = trim($_POST["username"]);
}
} else {
?>
<script>
sniffleAdd('Woops', 'The server or website died inside and could not process your information, sowwy!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('Reee', 'We had a problem on our end, sowwy', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
}
@ -273,6 +271,96 @@ if (isset($_POST['submit_signup'])) {
mysqli_stmt_close($stmt);
}
}
// Validate sussness of Password
if (empty(trim($_POST["password"]))) {
// No password entered
?>
<script>
sniffleAdd('What', 'You must enter a password, dont want just anyone seeing your stuff uwu', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} elseif(strlen(trim($_POST["password"])) < 6){
// Password not long enough 👀
?>
<script>
sniffleAdd('👀', 'Nice (Password) but its not long enough 👀', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$password = trim($_POST["password"]);
}
// Validate sussiness of the other Password
if (empty(trim($_POST["confirm_password"]))) {
// Did not confirm passowrd
?>
<script>
sniffleAdd('Eh?', 'Confirm the password pls, its very important you remember what it issss', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$confirm_password = trim($_POST["confirm_password"]);
if (empty($error) && $confirm_password != $password) {
// Password and re-entered Password does not match
?>
<script>
sniffleAdd('Try again', 'Passwords need to be the same, smelly smelly', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
}
}
// Check for invite code
if (isset($_POST['token'])) {
// Check if invite code is empty
if (empty($_POST['token'])) {
?>
<script>
sniffleAdd('smelly', 'Enter Invite Code ;3', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
mysqli_query($conn,"INSERT INTO logs (ipaddress, action) VALUES('$user_ip','Failed to enter correct Invite Code')");
$error = $error + 1;
} else {
// Prepare sql for sus
$sql = "SELECT id FROM tokens WHERE code = ? AND used = 0";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $param_code);
$param_code = $_POST['token'];
// Ask sql nicely if other usernames exist and store info
if (mysqli_stmt_execute($stmt)) {
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
$token = trim($_POST["token"]);
} else {
?>
<script>
sniffleAdd('Argh', 'Your invite code/token did not check out, woopsie!', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
}
} else {
?>
<script>
sniffleAdd('Woops', 'The server or website died inside and could not process your information, sowwy!', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
}
// Outa here with this
mysqli_stmt_close($stmt);
}
}
}
}
// Checking for errors
@ -319,19 +407,369 @@ if (isset($_POST['submit_signup'])) {
// Yupeee! Account was made
?>
<script>
sniffleAdd('Success!', 'You account made for <?php echo $username; ?>!!!!! You must now login', 'var(--green)', '../assets/icons/hand-waving.svg');
//setTimeout(function(){window.location.href = "../account/login.php";}, 2000);
loginShow();
</script>
<script>
sniffleAdd('Success!', 'You account made for <?php echo $username; ?>!!!!! You must now login', 'var(--green)', 'assets/icons/hand-waving.svg');
//setTimeout(function(){window.location.href = "../account/login.php";}, 2000);
loginShow();
</script>
<?php
mysqli_query($conn,"INSERT INTO logs (ipaddress, action) VALUES('$user_ip','New account (".$username.") has been made')");
} else {
?>
<script>
sniffleAdd('Bruh', 'Something went fuckywucky, please try later', 'var(--red)', '../assets/icons/cross.svg');
</script>
<script>
sniffleAdd('Bruh', 'Something went fuckywucky, please try later', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
}
}
}
}
/*
|-------------------------------------------------------------
| Toggle Admin
|-------------------------------------------------------------
| Please save me
|-------------------------------------------------------------
*/
if (isset($_POST['toggle_admin'])) {
if ($user_info->is_admin($conn, $_SESSION['id'])) {
$is_admin = mysqli_query($conn, "SELECT * FROM users WHERE id = " . $_POST['id'] . " ORDER BY id DESC LIMIT 1");
while ($user_info = mysqli_fetch_assoc($is_admin)) {
$admin_status = $user_info['admin'];
$username = $user_info['username'];
}
$sql = "UPDATE users SET admin = ? WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ii", $param_admin_status, $param_user_id);
// Set parameters
if ($admin_status) {
$param_admin_status = 0;
$admin_update_message = "removed from the admins list";
} elseif (!$admin_status) {
$param_admin_status = 1;
$admin_update_message = "added to the admins list";
}
$param_user_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Bap!', '<?php echo $username; ?> has been <?php echo $admin_update_message; ?>!', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
mysqli_query($conn,"INSERT INTO logs (ipaddress, action) VALUES('$user_ip','$username has been $admin_update_message')");
} else {
?>
<script>
sniffleAdd('Bruh', 'Something went fuckywucky, please try later', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Bruh', 'Something went fuckywucky, please try later', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Bruh', 'You\'re not an admin, you cannot!!!!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Password Reset
|-------------------------------------------------------------
| I want to make it possible to reset the password without
| access to the account directly with an email reset link or
| something. I also want to confirm the password change with
| the old password in the future, as people forget passwords
| and people can get onto accounts. For now this is a shitty
| little system thats inplace for those who need it. Hopefully
| I can make something better in the future...
|-------------------------------------------------------------
*/
if (isset($_POST['password_reset_submit'])) {
$error = 0;
// Validate new password
if (empty(trim($_POST["new_password"]))) {
?>
<script>
sniffleAdd('Meep', 'Enter a new password!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
} elseif(strlen(trim($_POST["new_password"])) < 6) {
?>
<script>
sniffleAdd('Not long enough...', 'Password, must be 6 or more characters in length uwu', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
} else {
$new_password = trim($_POST["new_password"]);
}
// Validate confirm password
if (empty(trim($_POST["confirm_password"]))) {
?>
<script>
sniffleAdd('Meep', 'You must confirm the password!!!!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
} else {
$confirm_password = trim($_POST["confirm_password"]);
if(empty($error) && ($new_password != $confirm_password)) {
?>
<script>
sniffleAdd('AAAA', 'Passwords do not match!!!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
}
if (isset($_POST['id']) && $user_info->is_admin($conn, $_SESSION["id"])) {
$user_id = $_POST['id'];
} elseif (empty($_POST['id'])) {
$user_id = $_SESSION["id"];
} else {
?>
<script>
sniffleAdd('Oopsie', 'An error occured while figuring out which user to change the password of... Are you an admin?', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
// Check for errors
if ($error <= 0) {
// Prepare for wack
$sql = "UPDATE users SET password = ? WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_password, $param_id);
// Setting up Password parameters
$param_password = password_hash($new_password, PASSWORD_DEFAULT);
$param_id = $user_id;
// Attempt to execute (sus)
if (mysqli_stmt_execute($stmt)) {
// Password updated!!!! Now goodbye
if ($user_id == $_SESSION["id"]) {
// Check if password reset was done by user
session_destroy();
?>
<script>
sniffleAdd('Password updated', 'Now goodbye.... you will be redirected in a moment', 'var(--green)', 'assets/icons/check.svg');
setTimeout(function(){window.location.href = "account/login.php";}, 2000);
</script>
<?php
} else {
// An admin has changed the password
?>
<script>
sniffleAdd('Password updated', 'Password has been reset for user! But their session may still be active', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Bruh', 'Something happened on our end, sowwy', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
}
}
/*
Account deletion
I hate dealing with stuffs being deleted
*/
if (isset($_POST['account_delete_submit'])) {
$error = 0;
if (isset($_POST['delete_id'])) {
if ($_POST['delete_id'] == 1) {
?>
<script>
sniffleAdd('Sussy', 'You cannot delete the owners account!!!!!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
} elseif ($_POST['delete_id'] == $_SESSION['id'] && $_POST['delete_id'] != 1) {
if (isset($_POST['account_password']) && !empty($_POST['account_password'])) {
$sql = "SELECT id, username, password FROM users WHERE username = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind dis shit
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = $_SESSION['username'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// Store result
mysqli_stmt_store_result($stmt);
// Check if username exists, if yes then verify password
if (mysqli_stmt_num_rows($stmt) == 1) {
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $_SESSION['username'], $hashed_password);
if (mysqli_stmt_fetch($stmt)) {
if (password_verify($_POST['account_password'], $hashed_password)) {
$delete_id = $_SESSION['id'];
} else {
?>
<script>
sniffleAdd('Sus', 'Try again! ;3', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
}
} else {
?>
<script>
sniffleAdd('Sus', 'Try again! ;3', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
} else {
?>
<script>
sniffleAdd('AAA', 'Something went wrong on our end, sowwy', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
}
} else {
?>
<script>
sniffleAdd('oof', 'You did not enter a password!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
} elseif ($_POST['delete_id'] != $_SESSION['id'] && $_SESSION['id'] == 1) {
$delete_id = $_POST['delete_id'];
} else {
?>
<script>
sniffleAdd('Ono', 'You aren\'t privilaged enough to delete accounts!', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
} else {
?>
<script>
sniffleAdd('Oopsie', 'We couldn\'t find the account that was requested to be deleted', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
if (empty($_POST['full']) || !isset($_POST['full'])) {
?>
<script>
sniffleAdd('Oopsie', 'Some error occured, unsure what to delete', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error += 1;
}
if ($error <= 0) {
if ($_POST['full'] == "true") {
$image_request = mysqli_query($conn, "SELECT id, imagename FROM images WHERE author = '$delete_id'");
while ($image = mysqli_fetch_array($image_request)) {
if (is_file(dirname(__DIR__)."/images/".$image['imagename'])) {
unlink(dirname(__DIR__)."/images/".$image['imagename']);
}
if (is_file(dirname(__DIR__)."/images/thumbnails/".$image['imagename'])) {
unlink(dirname(__DIR__)."/images/thumbnails/".$image['imagename']);
}
if (is_file(dirname(__DIR__)."/images/previews/".$image['imagename'])) {
unlink(dirname(__DIR__)."/images/previews/".$image['imagename']);
}
mysqli_query($conn, "DELETE FROM images WHERE id = ".$image['id']);
}
?>
<script>
sniffleAdd('Progress', 'Deleted all images from the user', 'var(--green)', 'assets/icons/warning.svg');
flyoutClose();
</script>
<?php
}
mysqli_query($conn, "DELETE FROM users WHERE id = ".$delete_id);
if ($_POST['full'] == "true") {
mysqli_query($conn,"INSERT INTO logs (ipaddress, action) VALUES('$user_ip','Deleted a user account and all their posts')");
} else {
mysqli_query($conn,"INSERT INTO logs (ipaddress, action) VALUES('$user_ip','Deleted a user account')");
}
if ($_POST['delete_id'] == $_SESSION['id']) {
?>
<script>
sniffleAdd('Goodbye!', 'Successfully deleted your account! You will be redirected in a few seconds...', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
setTimeout(function(){window.location.href = "app/account/logout.php";}, 2000);
</script>
<?php
} else {
?>
<script>
sniffleAdd('Goodbye!', 'Successfully deleted the user!', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
}
}
}

16
app/account/get_info.php
View file

@ -1,16 +0,0 @@
<?php
/*
Get full user info from database
Returns array with user info
*/
function get_user_info($conn, $id) {
// Setting SQL query
$sql = "SELECT * FROM users WHERE id = ".$id;
// Getting results
$query = mysqli_query($conn, $sql);
// Fetching associated info
$user_array = mysqli_fetch_assoc($query);
return($user_array);
}

18
app/account/is_admin.php
View file

@ -1,18 +0,0 @@
<?php
/*
Check if user is admin
Returns True if user is privilaged
Returns False if user is NOT privilaged
*/
function is_admin($id) {
if (isset($id) || !empty($id)) {
if ($id == 1) {
return True;
} else {
return False;
}
} else {
return False;
}
}

14
app/account/login_status.php
View file

@ -1,14 +0,0 @@
<?php
/*
Check if user is loggedin
Returns True if user is
Returns False if user is NOT
*/
function loggedin() {
if (isset($_SESSION["loggedin"]) == true && $_SESSION["loggedin"] == true) {
return True;
} else {
return False;
}
}

4
account/logout.php → app/account/logout.php
View file

@ -9,6 +9,6 @@ $_SESSION = array();
session_destroy();
// Redirect to login page
header("location: https://superdupersecteteuploadtest.fluffybean.gay");
header("location: ../../index.php");
exit;
?>

106
app/account/password_reset.php
View file

@ -1,106 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Password Reset
|-------------------------------------------------------------
| I want to make it possible to reset the password without
| access to the account directly with an email reset link or
| something. I also want to confirm the password change with
| the old password in the future, as people forget passwords
| and people can get onto accounts. For now this is a shitty
| little system thats inplace for those who need it. Hopefully
| I can make something better in the future...
|-------------------------------------------------------------
*/
// Initialize the session
session_start();
// Include server connection
include "../server/conn.php";
if (isset($_POST['submit'])) {
/*
|-------------------------------------------------------------
| Set error status to 0
|-------------------------------------------------------------
| if there are more than 0 error, then they cannot submit a
| request
|-------------------------------------------------------------
*/
$error = 0;
// Validate new password
if (empty(trim($_POST["new_password"]))) {
?>
<script>
sniffleAdd('Meep', 'Enter a new password!', 'var(--red)', '../assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error = $error + 1;
} elseif(strlen(trim($_POST["new_password"])) < 6) {
?>
<script>
sniffleAdd('Not long enough...', 'Password, must be 6 or more characters in length uwu', 'var(--red)', '../assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error = $error + 1;
} else {
$new_password = trim($_POST["new_password"]);
}
// Validate confirm password
if (empty(trim($_POST["confirm_password"]))) {
?>
<script>
sniffleAdd('Meep', 'You must confirm the password!!!!', 'var(--red)', '../assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error = $error + 1;
} else {
$confirm_password = trim($_POST["confirm_password"]);
if(empty($error) && ($new_password != $confirm_password)) {
?>
<script>
sniffleAdd('AAAA', 'Passwords do not match!!!', 'var(--red)', '../assets/icons/cross.svg');
flyoutClose();
</script>
<?php
$error = $error + 1;
}
}
// Check for errors
if ($error <= 0) {
// Prepare for wack
$sql = "UPDATE users SET password = ? WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_password, $param_id);
// Setting up Password parameters
$param_password = password_hash($new_password, PASSWORD_DEFAULT);
$param_id = $_SESSION["id"];
// Attempt to execute (sus)
if (mysqli_stmt_execute($stmt)) {
// Password updated!!!! Now goodbye
session_destroy();
?>
<script>
sniffleAdd('Password updated', 'Now goodbye.... you will be redirected in a moment', 'var(--green)', '../assets/icons/check.svg');
setTimeout(function(){window.location.href = "../account/login.php";}, 4000);
</script>
<?php
} else {
?>
<script>
sniffleAdd('Bruh', 'Something happened on our end, sowwy', 'var(--red)', '../assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
}
}

178
app/app.php Normal file
View file

@ -0,0 +1,178 @@
<?php
namespace App;
class Make {
/*
|-------------------------------------------------------------
| Create Thumbnails
|-------------------------------------------------------------
| Default resolution for a preview image is 300px (max-width)
| ** Not yet implemented **
|-------------------------------------------------------------
*/
function thumbnail($image_path, $thumbnail_path, $resolution) {
try {
$thumbnail = new \Imagick($image_path);
$thumbnail->resizeImage($resolution,null,null,1,null);
$thumbnail->writeImage($thumbnail_path);
return "success";
} catch (\Exception $e) {
return $e;
}
}
/*
Clean up long text input and turn into an array for tags
Returns clean string of words with equal white space between it
*/
function tags($string) {
// Replace hyphens
$string = str_replace('-', '_', $string);
// Regex
$string = preg_replace('/[^A-Za-z0-9\_ ]/', '', $string);
// Change to lowercase
$string = strtolower($string);
// Removing extra spaces
$string = preg_replace('/ +/', ' ', $string);
return $string;
}
}
class Account {
/*
Check if user is loggedin
Returns True if user is
Returns False if user is NOT
*/
function is_loggedin() {
if (isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
return True;
} else {
return False;
}
}
/*
Get full user info from database
Returns array with user info
*/
function get_user_info($conn, $id) {
// Setting SQL query
$sql = "SELECT id, username FROM users WHERE id = ".$id;
// Getting results
$query = mysqli_query($conn, $sql);
// Fetching associated info
$user_array = mysqli_fetch_assoc($query);
return($user_array);
}
/*
Check if user is admin
Returns True if user is privilaged
Returns False if user is NOT privilaged
*/
function is_admin($conn, $id) {
if (isset($id) || !empty($id)) {
// Setting SQL query
$sql = "SELECT admin FROM users WHERE id = ".$id;
// Getting results
$query = mysqli_query($conn, $sql);
// Fetching associated info
$user_array = mysqli_fetch_assoc($query);
if ($user_array['admin'] || $id == 1) {
return True;
} else {
return False;
}
} else {
return False;
}
}
/*
Get target IP, used for logging
*/
function get_ip() {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$target_ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$target_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$target_ip = $_SERVER['REMOTE_ADDR'];
}
return $target_ip;
}
}
class Image {
/*
Get full image info from database
Returns array with image info
*/
function get_image_info($conn, $id) {
// Setting SQL query
$sql = "SELECT * FROM images WHERE id = ".$id;
// Getting results
$query = mysqli_query($conn, $sql);
// Fetching associated info
$image_array = mysqli_fetch_assoc($query);
return($image_array);
}
/*
Check if user is image owner
Returns True if user is privilaged
Returns False if user is NOT privilaged
*/
function image_privilage($id) {
$session_id = $_SESSION['id'];
if (isset($session_id) || !empty($session_id)) {
if ($session_id == $id) {
return True;
} else {
return False;
}
} else {
return False;
}
}
}
class Diff {
function time($past_time, $full_date = false) {
$now = new \DateTime;
$ago = new \DateTime($past_time);
$diff = $now->diff($ago);
$diff->w = floor($diff->d / 7);
$diff->d -= $diff->w * 7;
$string = array(
'y' => 'year',
'm' => 'month',
'w' => 'week',
'd' => 'day',
'h' => 'hour',
'i' => 'minute',
's' => 'second',
);
foreach ($string as $k => &$v) {
if ($diff->$k) {
$v = $diff->$k . ' ' . $v . ($diff->$k > 1 ? 's' : '');
} else {
unset($string[$k]);
}
}
if (!$full_date) $string = array_slice($string, 0, 1);
return $string ? implode(', ', $string) . ' ago' : 'just now';
}
}

18
app/format/string_to_tags.php
View file

@ -1,18 +0,0 @@
<?php
/*
Clean up long text input and turn into an array for tags
Returns clean string of words with equal white space between it
*/
function tag_clean($string) {
// Replace hyphens
$string = str_replace('-', '_', $string);
// Regex
$string = preg_replace('/[^A-Za-z0-9\_ ]/', '', $string);
// Change to lowercase
$string = strtolower($string);
// Removing extra spaces
$string = preg_replace('/ +/', ' ', $string);
return $string;
}

73
app/image/delete_image.php
View file

@ -1,73 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Delete image
|-------------------------------------------------------------
| This is the scarries code I written. I hate writing anything
| like this, please help
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Delete from table
$sql = "DELETE FROM swag_table WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Setting parameters
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// See if image is in the directory
if (is_file("../../images/".$image_array['imagename'])) {
unlink("../../images/".$image_array['imagename']);
}
// Delete thumbnail if exitsts
if (is_file("../../images/thumbnails/".$image_array['imagename'])) {
unlink("../../images/thumbnails/".$image_array['imagename']);
}
// TP user to the homepage with a success message
?>
<script>
window.location.replace("index.php?del=true&id=<?php echo $_POST['id']; ?>");
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie', 'The image failed to delete off of the servers, contact Fluffy about his terrible programming', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
// nice uwu

52
app/image/edit_author.php
View file

@ -1,52 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Edit Author
|-------------------------------------------------------------
| If this has security problems I'm so fucked
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
if (isset($_POST['submit'])) {
// If user has the ID of 1
if ($_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET author=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Setting parameters
$param_author = $_POST['input'];
$param_id = $_POST["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'The Author has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', '<?php echo $root_dir; ?>assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie....', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Denied', 'Sussy wussy.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

71
app/image/edit_description.php
View file

@ -1,71 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET alt=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_alt, $param_id);
// Setting parameters
$param_alt = $_POST['input'];
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Description has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', '<?php echo $root_dir; ?>assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

76
app/image/edit_tags.php
View file

@ -1,76 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
// Tag cleaning
include "../format/string_to_tags.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Clean input
$tags_string = tag_clean(trim($_POST['input']));
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Tags have been modified successfully! You may need to refresh the page to see the new information.', 'var(--green)', '<?php echo $root_dir; ?>assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to modify tags here.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

16
app/image/get_image_info.php
View file

@ -1,16 +0,0 @@
<?php
/*
Get full image info from database
Returns array with image info
*/
function get_image_info($conn, $id) {
// Setting SQL query
$sql = "SELECT * FROM swag_table WHERE id = ".$id;
// Getting results
$query = mysqli_query($conn, $sql);
// Fetching associated info
$image_array = mysqli_fetch_assoc($query);
return($image_array);
}

258
app/image/image.php Normal file
View file

@ -0,0 +1,258 @@
<?php
session_start();
// Include server connection
include dirname(__DIR__)."/server/conn.php";
include dirname(__DIR__)."/app.php";
use App\Account;
use App\Image;
use App\Make;
$user_info = new Account();
$image_info = new Image();
$make_stuff = new Make();
$user_ip = $user_info->get_ip();
/*
|-------------------------------------------------------------
| Delete image
|-------------------------------------------------------------
| This is the scarries code I written. I hate writing anything
| like this, please help
|-------------------------------------------------------------
*/
if (isset($_POST['submit_delete'])) {
// Get all image info
$image_array = $image_info->get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if ($image_info->image_privilage($image_array['author']) || $user_info->is_admin($conn, $_SESSION['id'])) {
// Delete from table
$sql = "DELETE FROM images WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Setting parameters
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// See if image is in the directory
if (is_file(dirname(__DIR__)."/images/".$image_array['imagename'])) {
unlink(dirname(__DIR__)."/images/".$image_array['imagename']);
}
// Delete thumbnail if exitsts
if (is_file(dirname(__DIR__)."/images/thumbnails/".$image_array['imagename'])) {
unlink(dirname(__DIR__)."/images/thumbnails/".$image_array['imagename']);
}
// Delete preview if exitsts
if (is_file(dirname(__DIR__)."/images/previews/".$image_array['imagename'])) {
unlink(dirname(__DIR__)."/images/previews/".$image_array['imagename']);
}
// TP user to the homepage with a success message
mysqli_query($conn,"INSERT INTO logs (ipaddress, action) VALUES('$user_ip','Deleted image ".$_POST['id']."')");
?>
<script>
window.location.replace("index.php?del=true&id=<?php echo $_POST['id']; ?>");
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie', 'The image failed to delete off of the servers, contact Fluffy about his terrible programming', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
if (isset($_POST['submit_description'])) {
// Get all image info
$image_array = $image_info->get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if ($image_info->image_privilage($image_array['author']) || $user_info->is_admin($conn, $_SESSION['id'])) {
// getting ready forSQL asky asky
$sql = "UPDATE images SET alt=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_alt, $param_id);
// Setting parameters
$param_alt = $_POST['input'];
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Description has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Edit Tags
|-------------------------------------------------------------
| This is so garbage lmfao
|-------------------------------------------------------------
*/
if (isset($_POST['submit_tags'])) {
// Get all image info
$image_array = $image_info->get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if ($image_info->image_privilage($image_array['author']) || $user_info->is_admin($conn, $_SESSION['id'])) {
// Clean input
$tags_string = $make_stuff->tags(trim($_POST['input']));
// getting ready forSQL asky asky
$sql = "UPDATE images SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Tags have been modified successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to modify tags here.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Edit Author
|-------------------------------------------------------------
| If this has security problems I'm so fucked
|-------------------------------------------------------------
*/
if (isset($_POST['submit_author'])) {
// If user has the ID of 1
if ($user_info->is_admin($conn, $_SESSION['id'])) {
// getting ready forSQL asky asky
$sql = "UPDATE images SET author=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Setting parameters
$param_author = $_POST['input'];
$param_id = $_POST["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'The Author has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie....', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Denied', 'Sussy wussy.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

19
app/image/image_privilage.php
View file

@ -1,19 +0,0 @@
<?php
/*
Check if user is image owner
Returns True if user is privilaged
Returns False if user is NOT privilaged
*/
function image_privilage($id) {
$session_id = $_SESSION['id'];
if (isset($session_id) || !empty($session_id)) {
if ($session_id == $id) {
return True;
} else {
return False;
}
} else {
return False;
}
}

170
app/image/upload_image.php
View file

@ -1,90 +1,108 @@
<?php
/*
|-------------------------------------------------------------
| Uploading Images
|-------------------------------------------------------------
| gwa gwa
|-------------------------------------------------------------
|-------------------------------------------------------------
| Uploading Images
|-------------------------------------------------------------
| gwa gwa
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
include dirname(__DIR__)."/server/conn.php";
include dirname(__DIR__)."/app.php";
use App\Make;
$make_stuff = new Make();
if (isset($_POST['submit'])) {
if (isset($_SESSION['id'])) {
// Root paths
$dir = "../../images/";
$thumb_dir = $dir."thumbnails/";
if (isset($_SESSION['id'])) {
// Root paths
$dir = "../../images/";
$thumb_dir = $dir."thumbnails/";
$preview_dir = $dir."previews/";
// File paths
$image_basename = basename($_FILES['image']['name']);
$image_path = $dir.$image_basename;
$file_type = pathinfo($image_path,PATHINFO_EXTENSION);
// File name updating
$file_type = pathinfo($dir.$_FILES['image']['name'],PATHINFO_EXTENSION);
$image_newname = "IMG_".$_SESSION["username"]."_".round(microtime(true)).".".$file_type;
$image_path = $dir.$image_newname;
// Allowed file types
$allowed_types = array('jpg', 'jpeg', 'png', 'webp');
if (in_array($file_type, $allowed_types)) {
// Move file to server
if (move_uploaded_file($_FILES['image']['tmp_name'], $image_path)) {
// Attempt making a thumbnail
try {
$image_thumbnail = new Imagick($image_path);
$image_thumbnail->resizeImage(300,null,null,1,null);
$image_thumbnail->writeImage($thumb_dir.$image_basename);
} catch (Exception $e) {
?>
<script>
sniffleAdd('Gwha!', 'We hit a small roadbump during making of the thumbail. We will continue anyway!', 'var(--black)', '".$root_dir."assets/icons/bug.svg');
</script>
<?php
}
// Clean tags
$tags = $make_stuff->tags(trim($_POST['tags']));
// Prepare sql for destruction and filtering the sus
$sql = "INSERT INTO swag_table (imagename, alt, author) VALUES (?, ?, ?)";
// Allowed file types
$allowed_types = array('jpg', 'jpeg', 'png', 'webp');
if (in_array($file_type, $allowed_types)) {
// Move file to server
if (move_uploaded_file($_FILES['image']['tmp_name'], $image_path)) {
// Attempt making a thumbnail
list($width, $height) = getimagesize($image_path);
if ($width > 300) {
if ($make_stuff->thumbnail($image_path, $thumb_dir.$image_newname, 300) != "success") {
?>
<script>
sniffleAdd('Gwha!', 'We hit a small roadbump during making of the thumbail. We will continue anyway! \n Full Error: <?php echo $make_thumbnail; ?>', 'var(--black)', 'assets/icons/bug.svg');
</script>
<?php
}
}
if ($width > 1100) {
if ($make_stuff->thumbnail($image_path, $preview_dir.$image_newname, 900) != "success") {
?>
<script>
sniffleAdd('Gwha!', 'We hit a small roadbump during making of the preview. We will continue anyway! \n Full Error: <?php echo $make_preview; ?>', 'var(--black)', 'assets/icons/bug.svg');
</script>
<?php
}
}
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind the smelly smelly
mysqli_stmt_bind_param($stmt, "sss", $param_image_name, $param_alt_text, $param_user_id);
// Prepare sql for destruction and filtering the sus
$sql = "INSERT INTO images (imagename, alt, tags, author) VALUES (?, ?, ?, ?)";
// Setting up parameters
$param_image_name = $_FILES['image']['name'];
$param_alt_text = $_POST['alt'];
$param_user_id = $_SESSION['id'];
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind the smelly smelly
mysqli_stmt_bind_param($stmt, "ssss", $param_image_name, $param_alt_text, $param_tags, $param_user_id);
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd(':3', 'Your Image uploaded successfully!', 'var(--green)', '".$root_dir."assets/icons/check.svg');
</script>
<?php
} else {
?>
<script>
sniffleAdd(':c', 'Something went fuckywucky, please try later', 'var(--red)', '".$root_dir."assets/icons/cross.svg');
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Hmmff', 'Something happened when moving the file to the server. This may just been a 1-off so try again', 'var(--red)', '".$root_dir."assets/icons/bug.svg');
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Woopsie', 'The file type you are trying to upload is not supported. Supported files include: JPEG, JPG, PNG and WEBP', 'var(--red)', '".$root_dir."assets/icons/cross.svg');
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied!!!', 'As you are not loggedin, your upload has been stopped, L', 'var(--red)', '".$root_dir."assets/icons/cross.svg');
</script>
<?php
}
// Setting up parameters
$param_image_name = $image_newname;
$param_alt_text = $_POST['alt'];
$param_user_id = $_SESSION['id'];
$param_tags = $tags;
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd(':3', 'Your Image uploaded successfully!', 'var(--green)', 'assets/icons/check.svg');
</script>
<?php
} else {
?>
<script>
sniffleAdd(':c', 'Something went fuckywucky, please try later', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Hmmff', 'Something happened when moving the file to the server. This may just been a 1-off so try again', 'var(--red)', 'assets/icons/bug.svg');
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Woopsie', 'The file type you are trying to upload is not supported. Supported files include: JPEG, JPG, PNG and WEBP', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied!!!', 'As you are not loggedin, your upload has been stopped, L', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
}
}

17
app/server/conn.php
View file

@ -1,17 +1,20 @@
<?php
/*
Connect to database
Connect to database
In the future I want this section to be configurable, but that'll require some work to be done.
For now it's hard-coded, shouldn't be an issue as most people wont be changing this often anyway
Make sure to enter your correct database details,
else it may cause issues with loading the page
*/
// Setting up connection variables
$conn_ip = "192.168.0.79:3306";
$conn_username = "uwu";
$conn_password = "fennec621";
$conn_database = "gallery";
$conn = mysqli_connect($conn_ip, $conn_username, $conn_password , $conn_database);
if ($conn->connect_error) {
echo "<script>sniffleAdd('Error','Could not make a connection to the server, please try again later','var(--red)','".$root_dir."../../assets/icons/warning.svg')</script>";
try {
$conn = @mysqli_connect($conn_ip, $conn_username, $conn_password , $conn_database);
} catch (Exception $e) {
header("location: error.php?e=conn");
}
session_start();

34
app/server/secrete.php
View file

@ -1,13 +1,25 @@
<script>
console.log("⣿⣿⣿⣿⣿⡿⠿⠻⠿⠿⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠿⠿⠻⠻⠟⠻⢿⣿⣿⣿⣿");
console.log("⣿⣿⡟⠁⢀⣠⣤⣤⣤⣤⣄⣀⣀⣀⣹⣿⣿⣷⣄⣀⣀⣀⣀⣤⣤⣤⣤⣀⠐⢽⣿⣿⣿");
console.log("⣿⣿⣿⣶⣿⡿⣛⡒⠒⠒⢒⠒⣲⠙⣿⣿⣿⣿⠟⣵⡒⢒⠒⠒⡀⣘⡻⣿⣿⣾⣿⣿⣿");
console.log("⣿⣿⣿⣿⣏⣞⡛⠃⠀⠀⠸⠷⢿⣧⣿⣿⣿⣿⣧⣿⣷⣛⣀⣀⣁⣛⣛⣮⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⢏⣾⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡿⢻⣿⠏⣼⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⡿⢿⣿⣿⣿⣿⣿⣿⡿⠿⠿⠿⠟⢛⣉⣴⣿⡏⣸⣿⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣧⣠⣤⣤⣤⣤⣤⣤⣶⣶⣶⣶⣿⣿⣿⣿⣿⠃⣿⣿⣿⣿⣿⣿⣿");
console.log("⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣾⣿⣿⣿⣿⣿⣿⣿");
console.log(". . /|/| . . . . . . .\n\
.. /0 0 \\ . . . . . ..\n\
(III% . \\________, . .\n\
.. .\\_, .%###%/ \\'\\,..\n\
. . . .||#####| |'\\ \\.\n\
.. . . ||. . .|/. .\\V.\n\
. . . .|| . . || . . .\n\
.. . . ||. . .||. . ..\n\
. . . .|| . . || . . .\n\
.. . . ||. . .||. . ..\n\
. . . .|| . . || . . .\n\
.. . . ||. . .||. . ..\n\
. . . .|| . . || . . .\n\
.. . . ||. . .||. . ..\n\
. . . .|| . . || . . .\n\
.. . . ||. . .||. . ..\n\
. . . .|| . . || . . .\n\
.. . . ||. . .||. . ..\n\
. . . .|| . . || . . .\n\
.. . . ||. . .||. . ..\n\
. . . .|| . . || . . .\n\
.. . . ||. . .||. . ..\n\
. . . cc/ . .cc/ . . .");
</script>

23
default.json → app/settings/manifest.json
View file

@ -1,6 +1,7 @@
{
"name": "Only Legs",
"description": "A simple gallery with multiple users in mind",
"website_name": "Only Legs",
"website_description": "A simple PHP gallery with multiple users in mind",
"tos": "When making an account and interacting with the login/signup page, you agree to have your IP logged for banning purposes.",
"welcome_msg": [
"*internal screaming*",
"Don't forget to drink water!",
@ -21,16 +22,12 @@
"The weather is dry",
"Need me a man 👀",
"Gods die too.",
"Eat hotchip and lie"
"Eat hotchip and lie",
"The world will not be destroyed by those who do evil, but by those who watch them and do nothing."
],
"database": {
"ip": "192.168.0.79",
"port": "3306",
"username": "uwu",
"password": "fennec621",
"database": "gallery"
},
"testing": true,
"version": "15.08.22",
"license":"GPL 3.0"
"license":"GPL 3.0",
"version": "22.09.20",
"user_name": "Michal",
"is_testing": "true",
"upload_max": "20"
}

20
app/settings/settings.php Normal file
View file

@ -0,0 +1,20 @@
<?php
/*
|-------------------------------------------------------------
| Settings (decode)
|-------------------------------------------------------------
| This is for decoding the settings Json, used throughout
| most of the website. Used for settings things such as
| the default background and accent colour
|-------------------------------------------------------------
*/
$user_import = file_get_contents(__DIR__."/manifest.json");
$user_settings = json_decode($user_import, true);
foreach ($user_settings->data as $website) {
foreach ($website->debug as $debug) {
}
}
$debug = $user_settings["website"]["debug"];

1
assets/icons/arrow-clockwise.svg Normal file
View file

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="192" height="192" fill="#e8e3e3" viewBox="0 0 256 256"><rect width="256" height="256" fill="none"></rect><polyline points="176.2 99.7 224.2 99.7 224.2 51.7" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></polyline><path d="M190.2,190.2a88,88,0,1,1,0-124.4l34,33.9" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></path></svg>
Side by side

After

Width:  |  Height:  |  Size: 467 B

1
assets/icons/arrows-out-simple.svg Normal file
View file

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="192" height="192" fill="#e8e3e3" viewBox="0 0 256 256"><rect width="256" height="256" fill="none"></rect><polyline points="160 48 208 48 208 96" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></polyline><line x1="152" y1="104" x2="208" y2="48" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></line><polyline points="96 208 48 208 48 160" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></polyline><line x1="104" y1="152" x2="48" y2="208" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></line></svg>
Side by side

After

Width:  |  Height:  |  Size: 732 B

1
assets/icons/crown-simple.svg Normal file
View file

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="192" height="192" fill="#e8e3e3" viewBox="0 0 256 256"><rect width="256" height="256" fill="none"></rect><path d="M45.1,196a8.1,8.1,0,0,0,10,5.9,273,273,0,0,1,145.7,0,8.1,8.1,0,0,0,10-5.9L236.3,87.7a8,8,0,0,0-11-9.2L174.7,101a8.1,8.1,0,0,1-10.3-3.4L135,44.6a8,8,0,0,0-14,0l-29.4,53A8.1,8.1,0,0,1,81.3,101L30.7,78.5a8,8,0,0,0-11,9.2Z" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></path></svg>
Side by side

After

Width:  |  Height:  |  Size: 488 B

1
assets/icons/scan.svg Normal file
View file

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="192" height="192" fill="#e8e3e3" viewBox="0 0 256 256"><rect width="256" height="256" fill="none"></rect><polyline points="176 40 216 40 216 80" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></polyline><polyline points="80 216 40 216 40 176" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></polyline><polyline points="216 176 216 216 176 216" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></polyline><polyline points="40 80 40 40 80 40" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></polyline><rect x="80" y="80" width="96" height="96" rx="8" fill="none" stroke="#e8e3e3" stroke-linecap="round" stroke-linejoin="round" stroke-width="16"></rect></svg>
Side by side

After

Width:  |  Height:  |  Size: 889 B

451
css/main.css
View file

@ -8,7 +8,7 @@
|-------------------------------------------------------------
*/
:root {
--bg: #151515bb;
--bg: rgba(21, 21, 21, 0.7333333333);
--bg-1: #242621;
--bg-2: #1D1E1C;
--bg-3: #151515;
@ -19,6 +19,9 @@
--green: #8C977D;
--black: #151515;
--white: #E8E3E3;
--accent: #8C977D;
--shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
--rad: 0.25rem;
}
/*
@ -28,18 +31,19 @@
*/
nav {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
display: flex;
flex-direction: row;
flex-wrap: wrap;
justify-content: space-between;
margin: 0 auto 1rem;
padding: 0.5rem;
width: calc(100% - 1.4rem);
height: 2.5rem;
position: -webkit-sticky;
@ -171,6 +175,31 @@ nav .btn {
margin-bottom: 1rem;
}
.gallery-order {
margin-bottom: 1rem;
display: flex;
flex-direction: row;
}
.gallery-order h1,
.gallery-order h2,
.gallery-order h3,
.gallery-order h4,
.gallery-order h5 {
font-family: "Lexend Deca", sans-serif;
}
.gallery-order p,
.gallery-order a,
.gallery-order button,
.gallery-order input {
font-family: "Secular One", sans-serif;
}
.gallery-order > * {
margin-right: 0.5rem;
}
.gallery-order > *:last-child {
margin-right: 0;
}
.gallery-root {
margin-bottom: 1rem;
padding: 0.25rem;
@ -180,8 +209,8 @@ nav .btn {
flex-direction: row;
flex-wrap: wrap;
border: 0.2rem solid #8C977D;
border-radius: 0rem;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
border-radius: 0.25rem;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.gallery-item {
@ -190,7 +219,7 @@ nav .btn {
height: auto;
max-width: calc(33.33% - 0.5rem);
background-color: #151515;
border-radius: -0.5rem;
border-radius: -0.25rem;
position: relative;
overflow: hidden;
flex: 1 0 150px;
@ -198,7 +227,7 @@ nav .btn {
}
.gallery-item:hover {
transform: scale(1.1) rotate(5deg);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
z-index: 9;
}
.gallery-item:after {
@ -221,7 +250,7 @@ nav .btn {
object-fit: cover;
-o-object-position: center;
object-position: center;
border-radius: -0.5rem;
border-radius: -0.25rem;
}
.nsfw-blur {
@ -272,13 +301,14 @@ nav .btn {
margin: 1rem 0 2rem 0;
padding: 0;
width: 100%;
max-height: 69vh;
max-height: 50vh;
height: auto;
min-height: 30vh;
display: flex;
background-color: rgba(21, 21, 21, 0.7333333333);
-webkit-backdrop-filter: blur(8px);
backdrop-filter: blur(8px);
border-radius: 0rem;
border-radius: 0.25rem;
transition: max-height 0.15s cubic-bezier(0.19, 1, 0.22, 1);
}
@ -288,23 +318,52 @@ nav .btn {
}
}
.image {
margin: 0 auto;
margin: auto;
max-width: 100%;
width: auto;
max-height: inherit;
height: auto;
border-radius: 0rem;
border-radius: 0.25rem;
transition: opacity 0.5s;
}
.preview-button {
width: 1.5rem;
padding: 0;
position: absolute;
bottom: 0.5rem;
right: 0.5rem;
display: block;
box-sizing: border-box;
font-size: 14px;
font-weight: 500;
font-family: "Secular One", sans-serif;
text-decoration: none;
border: none;
border-radius: calc(0.25rem - (0.5rem + 3px));
transition: outline 0.1s cubic-bezier(0.19, 1, 0.22, 1);
background-color: #151515;
opacity: 0.8;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.preview-button img {
width: 1.5rem;
display: block;
}
.preview-button:hover {
outline: #E8E3E3 0.2rem solid;
color: #E8E3E3;
}
.image-description {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.image-description > * {
margin-top: 0;
@ -326,13 +385,13 @@ nav .btn {
.image-detail {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.image-detail > * {
margin-top: 0;
@ -351,16 +410,39 @@ nav .btn {
.image-detail input {
font-family: "Secular One", sans-serif;
}
.image-detail > div {
width: 100%;
display: flex;
flex-direction: row;
}
.image-detail > div > div {
width: 50%;
}
.image-detail > div > div * {
margin-top: 0;
margin-bottom: 0.5rem;
text-overflow: ellipsis;
white-space: nowrap;
overflow: hidden;
}
@media (max-width: 669px) {
.image-detail > div {
flex-direction: column;
}
.image-detail > div > div {
width: auto;
}
}
.tags-root {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.tags-root > * {
margin-top: 0;
@ -393,7 +475,7 @@ nav .btn {
padding: 0.5rem;
display: block;
background-color: #8C977D;
border-radius: 0rem;
border-radius: calc(0.25rem - (0.5rem + 3px));
font-family: "Secular One", sans-serif;
}
.tag::before {
@ -402,13 +484,13 @@ nav .btn {
.danger-zone {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #B66467;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.danger-zone > * {
margin-top: 0;
@ -435,13 +517,13 @@ nav .btn {
*/
.about-root {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.about-root > * {
margin-top: 0;
@ -468,13 +550,13 @@ nav .btn {
*/
.upload-root {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.upload-root > * {
margin-top: 0;
@ -501,13 +583,13 @@ nav .btn {
*/
.account-root {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.account-root > * {
margin-top: 0;
@ -527,20 +609,217 @@ nav .btn {
font-family: "Secular One", sans-serif;
}
/*
|-------------------------------------------------------------
| SIGNUP
|-------------------------------------------------------------
*/
.signup-root {
.admin-root {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.admin-root > * {
margin-top: 0;
margin-bottom: 0.5rem;
}
.admin-root h1,
.admin-root h2,
.admin-root h3,
.admin-root h4,
.admin-root h5 {
font-family: "Lexend Deca", sans-serif;
}
.admin-root p,
.admin-root a,
.admin-root button,
.admin-root input {
font-family: "Secular One", sans-serif;
}
.tabs {
display: flex;
flex-direction: row;
}
.tabs > button {
margin-right: 0.5rem;
width: 33.33%;
}
.tabs > button:last-child {
margin-right: 0;
}
.active-tab {
background-color: #8C977D !important;
}
.logs {
width: 100%;
height: 21rem;
padding: 0;
overflow-y: scroll;
display: none;
flex-direction: column;
background-color: #151515;
border-radius: calc(0.25rem - (0.5rem + 3px));
}
.log {
min-width: 769px;
padding: 0.5rem;
display: flex;
flex-direction: row;
justify-content: space-between;
}
.log:nth-child(even) {
background-color: rgba(255, 255, 255, 0.0666666667);
}
.log > * {
margin: 0 0.5rem 0 0;
padding: 0;
word-wrap: break-word;
}
.log > *:nth-child(1) {
width: 5%;
}
.log > *:nth-child(2) {
width: 17%;
}
.log > *:nth-child(3) {
width: 38%;
}
.log > *:nth-child(4) {
width: 40%;
margin: 0;
}
.log:first-of-type {
background-color: #151515;
position: -webkit-sticky;
position: sticky;
top: 0;
}
.bans {
width: 100%;
height: 21rem;
padding: 0;
overflow-y: scroll;
display: none;
flex-direction: column;
background-color: #151515;
border-radius: calc(0.25rem - (0.5rem + 3px));
}
.ban {
min-width: 769px;
padding: 0.5rem;
display: flex;
flex-direction: row;
justify-content: space-between;
}
.ban:nth-child(even) {
background-color: rgba(255, 255, 255, 0.0666666667);
}
.ban > * {
margin: 0 0.5rem 0 0;
padding: 0;
word-wrap: break-word;
}
.ban > *:nth-child(1) {
width: 5%;
}
.ban > *:nth-child(2) {
width: 17%;
}
.ban > *:nth-child(3) {
width: 34%;
}
.ban > *:nth-child(4) {
width: 10%;
}
.ban > *:nth-child(5) {
width: 34%;
margin: 0;
}
.perm {
border-left: #B66467 0.2rem solid;
}
.ban:first-of-type {
background-color: #151515;
position: -webkit-sticky;
position: sticky;
top: 0;
}
.user-settings {
width: 100%;
height: 21rem;
padding: 0;
overflow-y: scroll;
display: none;
flex-direction: column;
background-color: #151515;
border-radius: calc(0.25rem - (0.5rem + 3px));
}
.user {
min-width: 769px;
padding: 0.5rem;
display: flex;
flex-direction: row;
justify-content: space-between;
}
.user:nth-child(even) {
background-color: rgba(255, 255, 255, 0.0666666667);
}
.user > * {
margin: 0 0.5rem 0 0;
padding: 0;
word-wrap: break-word;
}
.user > *:nth-child(1) {
width: 5%;
}
.user > *:nth-child(2) {
width: 15%;
}
.user > *:nth-child(3) {
width: 35%;
}
.user > *:nth-child(4) {
width: 15%;
}
.user > *:nth-child(5) {
width: 15%;
}
.user > *:nth-child(6) {
width: 15%;
margin: 0;
}
.is-admin {
border-left: #8C977D 0.2rem solid;
}
.user:first-of-type {
background-color: #151515;
position: -webkit-sticky;
position: sticky;
top: 0;
}
.signup-root {
margin-bottom: 1rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
display: none;
}
.signup-root > * {
@ -561,20 +840,15 @@ nav .btn {
font-family: "Secular One", sans-serif;
}
/*
|-------------------------------------------------------------
| LOGIN
|-------------------------------------------------------------
*/
.login-root {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.login-root > * {
margin-top: 0;
@ -601,13 +875,13 @@ nav .btn {
*/
.password-reset-root {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #B66467;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.password-reset-root > * {
margin-top: 0;
@ -629,34 +903,34 @@ nav .btn {
/*
|-------------------------------------------------------------
| SEARCH
| ERROR PAGE
|-------------------------------------------------------------
*/
.search-root {
.error-root {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border-radius: 0.25rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
}
.search-root > * {
.error-root > * {
margin-top: 0;
margin-bottom: 0.5rem;
}
.search-root h1,
.search-root h2,
.search-root h3,
.search-root h4,
.search-root h5 {
.error-root h1,
.error-root h2,
.error-root h3,
.error-root h4,
.error-root h5 {
font-family: "Lexend Deca", sans-serif;
}
.search-root p,
.search-root a,
.search-root button,
.search-root input {
.error-root p,
.error-root a,
.error-root button,
.error-root input {
font-family: "Secular One", sans-serif;
}
@ -666,25 +940,9 @@ nav .btn {
|-------------------------------------------------------------
*/
footer {
margin-bottom: 1rem;
padding: 0.5rem;
width: calc(100% - 1.4rem);
background-color: #151515;
color: #E8E3E3;
border-radius: 0rem;
border: 0.2rem solid #8C977D;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
display: flex;
flex-direction: row;
flex-wrap: wrap;
justify-content: space-around;
margin: 0 auto;
bottom: 0;
width: calc(100% - 1.4rem);
}
footer > * {
margin-top: 0;
margin-bottom: 0.5rem;
text-align: center;
}
footer p {
margin: 0 0.5rem;
@ -752,12 +1010,13 @@ body * {
font-family: "Secular One", sans-serif;
text-decoration: none;
border: none;
border-radius: calc(0rem - (0.5rem + 3px));
border-radius: calc(0.25rem - (0.5rem + 3px));
transition: outline 0.1s cubic-bezier(0.19, 1, 0.22, 1);
}
.btn:hover {
outline: #E8E3E3 0.2rem solid;
color: #E8E3E3;
cursor: pointer;
}
.btn:where(input[type=file])::-webkit-file-upload-button {
margin: -0.25rem 0.5rem -0.25rem -0.25rem;
@ -767,7 +1026,7 @@ body * {
text-decoration: none;
background-color: #E8E3E3;
border: none;
border-radius: 0rem;
border-radius: 0.25rem;
}
.btn:where(input[type=file])::file-selector-button {
margin: -0.25rem 0.5rem -0.25rem -0.25rem;
@ -777,7 +1036,7 @@ body * {
text-decoration: none;
background-color: #E8E3E3;
border: none;
border-radius: 0rem;
border-radius: 0.25rem;
}
a.btn {
@ -809,6 +1068,10 @@ form > * {
margin-bottom: 0.5rem;
}
textarea {
resize: none;
}
/*
|-------------------------------------------------------------
| SVG
@ -850,7 +1113,7 @@ br {
-webkit-backdrop-filter: blur(8px);
backdrop-filter: blur(8px);
border-radius: 50%;
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.5333333333);
box-shadow: 6px 6px 2px rgba(21, 21, 21, 0.4);
transition: right 0.15s cubic-bezier(0.19, 1, 0.22, 1);
}
#back-to-top:hover {
@ -864,4 +1127,10 @@ br {
display: block;
-o-object-position: center;
object-position: center;
}
@media (prefers-reduced-motion) {
* {
transition: none !important;
}
}/*# sourceMappingURL=main.css.map */

13
css/main.scss
View file

@ -85,6 +85,8 @@ body {
&:hover {
outline: $white 0.2rem solid;
color: $fg;
cursor: pointer;
}
&:where(input[type="file"])::file-selector-button {
@ -109,7 +111,7 @@ a.btn {
}
.btn-good {
background-color: $green;
background-color: $page-accent;
}
.btn-bad {
@ -134,6 +136,9 @@ form {
}
}
textarea {
resize: none;
}
/*
|-------------------------------------------------------------
| SVG
@ -199,4 +204,10 @@ br {
object-position: center;
}
}
@media(prefers-reduced-motion){
* {
transition: none !important;
}
}

349
css/normalize.css vendored
View file

@ -1,349 +0,0 @@
/*! normalize.css v8.0.1 | MIT License | github.com/necolas/normalize.css */
/* Document
========================================================================== */
/**
* 1. Correct the line height in all browsers.
* 2. Prevent adjustments of font size after orientation changes in iOS.
*/
html {
line-height: 1.15; /* 1 */
-webkit-text-size-adjust: 100%; /* 2 */
}
/* Sections
========================================================================== */
/**
* Remove the margin in all browsers.
*/
body {
margin: 0;
}
/**
* Render the `main` element consistently in IE.
*/
main {
display: block;
}
/**
* Correct the font size and margin on `h1` elements within `section` and
* `article` contexts in Chrome, Firefox, and Safari.
*/
h1 {
font-size: 2em;
margin: 0.67em 0;
}
/* Grouping content
========================================================================== */
/**
* 1. Add the correct box sizing in Firefox.
* 2. Show the overflow in Edge and IE.
*/
hr {
box-sizing: content-box; /* 1 */
height: 0; /* 1 */
overflow: visible; /* 2 */
}
/**
* 1. Correct the inheritance and scaling of font size in all browsers.
* 2. Correct the odd `em` font sizing in all browsers.
*/
pre {
font-family: monospace, monospace; /* 1 */
font-size: 1em; /* 2 */
}
/* Text-level semantics
========================================================================== */
/**
* Remove the gray background on active links in IE 10.
*/
a {
background-color: transparent;
}
/**
* 1. Remove the bottom border in Chrome 57-
* 2. Add the correct text decoration in Chrome, Edge, IE, Opera, and Safari.
*/
abbr[title] {
border-bottom: none; /* 1 */
text-decoration: underline; /* 2 */
text-decoration: underline dotted; /* 2 */
}
/**
* Add the correct font weight in Chrome, Edge, and Safari.
*/
b,
strong {
font-weight: bolder;
}
/**
* 1. Correct the inheritance and scaling of font size in all browsers.
* 2. Correct the odd `em` font sizing in all browsers.
*/
code,
kbd,
samp {
font-family: monospace, monospace; /* 1 */
font-size: 1em; /* 2 */
}
/**
* Add the correct font size in all browsers.
*/
small {
font-size: 80%;
}
/**
* Prevent `sub` and `sup` elements from affecting the line height in
* all browsers.
*/
sub,
sup {
font-size: 75%;
line-height: 0;
position: relative;
vertical-align: baseline;
}
sub {
bottom: -0.25em;
}
sup {
top: -0.5em;
}
/* Embedded content
========================================================================== */
/**
* Remove the border on images inside links in IE 10.
*/
img {
border-style: none;
}
/* Forms
========================================================================== */
/**
* 1. Change the font styles in all browsers.
* 2. Remove the margin in Firefox and Safari.
*/
button,
input,
optgroup,
select,
textarea {
font-family: inherit; /* 1 */
font-size: 100%; /* 1 */
line-height: 1.15; /* 1 */
margin: 0; /* 2 */
}
/**
* Show the overflow in IE.
* 1. Show the overflow in Edge.
*/
button,
input { /* 1 */
overflow: visible;
}
/**
* Remove the inheritance of text transform in Edge, Firefox, and IE.
* 1. Remove the inheritance of text transform in Firefox.
*/
button,
select { /* 1 */
text-transform: none;
}
/**
* Correct the inability to style clickable types in iOS and Safari.
*/
button,
[type="button"],
[type="reset"],
[type="submit"] {
-webkit-appearance: button;
}
/**
* Remove the inner border and padding in Firefox.
*/
button::-moz-focus-inner,
[type="button"]::-moz-focus-inner,
[type="reset"]::-moz-focus-inner,
[type="submit"]::-moz-focus-inner {
border-style: none;
padding: 0;
}
/**
* Restore the focus styles unset by the previous rule.
*/
button:-moz-focusring,
[type="button"]:-moz-focusring,
[type="reset"]:-moz-focusring,
[type="submit"]:-moz-focusring {
outline: 1px dotted ButtonText;
}
/**
* Correct the padding in Firefox.
*/
fieldset {
padding: 0.35em 0.75em 0.625em;
}
/**
* 1. Correct the text wrapping in Edge and IE.
* 2. Correct the color inheritance from `fieldset` elements in IE.
* 3. Remove the padding so developers are not caught out when they zero out
* `fieldset` elements in all browsers.
*/
legend {
box-sizing: border-box; /* 1 */
color: inherit; /* 2 */
display: table; /* 1 */
max-width: 100%; /* 1 */
padding: 0; /* 3 */
white-space: normal; /* 1 */
}
/**
* Add the correct vertical alignment in Chrome, Firefox, and Opera.
*/
progress {
vertical-align: baseline;
}
/**
* Remove the default vertical scrollbar in IE 10+.
*/
textarea {
overflow: auto;
}
/**
* 1. Add the correct box sizing in IE 10.
* 2. Remove the padding in IE 10.
*/
[type="checkbox"],
[type="radio"] {
box-sizing: border-box; /* 1 */
padding: 0; /* 2 */
}
/**
* Correct the cursor style of increment and decrement buttons in Chrome.
*/
[type="number"]::-webkit-inner-spin-button,
[type="number"]::-webkit-outer-spin-button {
height: auto;
}
/**
* 1. Correct the odd appearance in Chrome and Safari.
* 2. Correct the outline style in Safari.
*/
[type="search"] {
-webkit-appearance: textfield; /* 1 */
outline-offset: -2px; /* 2 */
}
/**
* Remove the inner padding in Chrome and Safari on macOS.
*/
[type="search"]::-webkit-search-decoration {
-webkit-appearance: none;
}
/**
* 1. Correct the inability to style clickable types in iOS and Safari.
* 2. Change font properties to `inherit` in Safari.
*/
::-webkit-file-upload-button {
-webkit-appearance: button; /* 1 */
font: inherit; /* 2 */
}
/* Interactive
========================================================================== */
/*
* Add the correct display in Edge, IE 10+, and Firefox.
*/
details {
display: block;
}
/*
* Add the correct display in all browsers.
*/
summary {
display: list-item;
}
/* Misc
========================================================================== */
/**
* Add the correct display in IE 10+.
*/
template {
display: none;
}
/**
* Add the correct display in IE 10.
*/
[hidden] {
display: none;
}

320
css/scss/_body.scss
View file

@ -26,6 +26,22 @@
}
}
.gallery-order {
@include defaultFont();
margin-bottom: 1rem;
display: flex;
flex-direction: row;
& > * {
margin-right: 0.5rem;
}
& > *:last-child {
margin-right: 0;
}
}
.gallery-root {
margin-bottom: 1rem;
padding: 0.25rem;
@ -37,7 +53,7 @@
flex-direction: row;
flex-wrap: wrap;
border: 0.2rem solid $green;
border: 0.2rem solid $page-accent;
border-radius: $rad;
box-shadow: $shadow;
@ -157,8 +173,9 @@
padding: 0;
width: 100%;
max-height: 69vh;
max-height: 50vh;
height: auto;
min-height: 30vh;
display: flex;
@ -177,7 +194,7 @@
}
.image {
margin: 0 auto;
margin: auto;
max-width: 100%;
width: auto;
@ -185,24 +202,96 @@
height: auto;
border-radius: $rad;
transition: opacity 0.5s;
}
.preview-button {
width: 1.5rem;
padding: 0;
position: absolute;
bottom: 0.5rem;
right: 0.5rem;
display: block;
box-sizing: border-box;
font-size: 14px;
font-weight: 500;
font-family: $font-body;
text-decoration: none;
border: none;
border-radius: calc($rad - (0.5rem + 3px));
transition: outline 0.1s cubic-bezier(.19, 1, .22, 1);
background-color: $black;
opacity: 0.8;
box-shadow: $shadow;
img {
width: 1.5rem;
display: block;
}
&:hover {
outline: $white 0.2rem solid;
color: $fg;
}
}
// DESCRIPTION
.image-description {
@include defaultDecoration($green);
@include defaultDecoration($page-accent);
@include defaultFont();
}
// DETAILS
.image-detail {
@include defaultDecoration($green);
@include defaultDecoration($page-accent);
@include defaultFont();
&>div {
width: 100%;
display: flex;
flex-direction: row;
&>div {
width: 50%;
* {
margin-top: 0;
margin-bottom: 0.5rem;
text-overflow: ellipsis;
white-space: nowrap;
overflow: hidden;
}
}
}
}
@media (max-width: 669px) {
.image-detail {
&>div {
flex-direction: column;
&>div {
width: auto;
}
}
}
}
// TAGS
.tags-root {
@include defaultDecoration($green);
@include defaultDecoration($page-accent);
@include defaultFont();
}
@ -219,7 +308,7 @@
background-color: $page-accent;
border-radius: $rad;
border-radius: calc($rad - (0.5rem + 3px));
font-family: $font-body;
@ -240,7 +329,7 @@
|-------------------------------------------------------------
*/
.about-root {
@include defaultDecoration($green);
@include defaultDecoration($page-accent);
@include defaultFont();
}
@ -250,7 +339,7 @@
|-------------------------------------------------------------
*/
.upload-root {
@include defaultDecoration($green);
@include defaultDecoration($page-accent);
@include defaultFont();
}
@ -260,29 +349,208 @@
|-------------------------------------------------------------
*/
.account-root {
@include defaultDecoration($green);
@include defaultDecoration($page-accent);
@include defaultFont();
}
.admin-root {
@include defaultDecoration($page-accent);
@include defaultFont();
}
/*
|-------------------------------------------------------------
| SIGNUP
|-------------------------------------------------------------
*/
.tabs {
display: flex; flex-direction: row;
& > button {
margin-right: 0.5rem;
width: 33.33%;
}
& > button:last-child {
margin-right: 0;
}
}
.active-tab {
background-color: $page-accent !important;
}
.logs {
width: 100%;
height: 21rem;
padding: 0;
overflow-y: scroll;
display: none; flex-direction: column;
background-color: $bg;
border-radius: calc($rad - (0.5rem + 3px));
}
.log {
min-width: 769px;
padding: 0.5rem;
display: flex; flex-direction: row;
justify-content: space-between;
&:nth-child(even) {
background-color: #ffffff11;
}
& > * {
margin: 0 0.5rem 0 0;
padding: 0;
word-wrap: break-word;
&:nth-child(1) {
width: 5%;
}
&:nth-child(2) {
width: 17%;
}
&:nth-child(3) {
width: 38%;
}
&:nth-child(4) {
width: 40%;
margin: 0;
}
}
}
.log:first-of-type {
background-color: $bg;
position: sticky;
top: 0;
}
.bans {
width: 100%;
height: 21rem;
padding: 0;
overflow-y: scroll;
display: none; flex-direction: column;
background-color: $bg;
border-radius: calc($rad - (0.5rem + 3px));
}
.ban {
min-width: 769px;
padding: 0.5rem;
display: flex; flex-direction: row;
justify-content: space-between;
&:nth-child(even) {
background-color: #ffffff11;
}
& > * {
margin: 0 0.5rem 0 0;
padding: 0;
word-wrap: break-word;
&:nth-child(1) {
width: 5%;
}
&:nth-child(2) {
width: 17%;
}
&:nth-child(3) {
width: 34%;
}
&:nth-child(4) {
width: 10%;
}
&:nth-child(5) {
width: 34%;
margin: 0;
}
}
}
.perm {
border-left: $red 0.2rem solid;
}
.ban:first-of-type {
background-color: $bg;
position: sticky;
top: 0;
}
.user-settings {
width: 100%;
height: 21rem;
padding: 0;
overflow-y: scroll;
display: none; flex-direction: column;
background-color: $bg;
border-radius: calc($rad - (0.5rem + 3px));
}
.user {
min-width: 769px;
padding: 0.5rem;
display: flex; flex-direction: row;
justify-content: space-between;
&:nth-child(even) {
background-color: #ffffff11;
}
& > * {
margin: 0 0.5rem 0 0;
padding: 0;
word-wrap: break-word;
&:nth-child(1) {
width: 5%;
}
&:nth-child(2) {
width: 15%;
}
&:nth-child(3) {
width: 35%;
}
&:nth-child(4) {
width: 15%;
}
&:nth-child(5) {
width: 15%;
}
&:nth-child(6) {
width: 15%;
margin: 0;
}
}
}
.is-admin {
border-left: $page-accent 0.2rem solid;
}
.user:first-of-type {
background-color: $bg;
position: sticky;
top: 0;
}
.signup-root {
@include defaultDecoration($green);
@include defaultDecoration($page-accent);
@include defaultFont();
// By default its hidden, in place is login
display: none;
}
/*
|-------------------------------------------------------------
| LOGIN
|-------------------------------------------------------------
*/
.login-root {
@include defaultDecoration($green);
@include defaultDecoration($page-accent);
@include defaultFont();
}
@ -298,10 +566,10 @@
/*
|-------------------------------------------------------------
| SEARCH
| ERROR PAGE
|-------------------------------------------------------------
*/
.search-root {
@include defaultDecoration($green);
.error-root {
@include defaultDecoration($page-accent);
@include defaultFont();
}

6
css/scss/_footer.scss
View file

@ -4,15 +4,11 @@
|-------------------------------------------------------------
*/
footer {
@include defaultDecoration($page-accent);
@include flexLeft(space-around);
margin: 0 auto;
bottom: 0;
width: calc(100% - 1.4rem);
text-align: center;
p {
margin: 0 0.5rem;

4
css/scss/_mixin.scss
View file

@ -1,6 +1,6 @@
@mixin defaultDecoration($border) {
margin-bottom: 1rem;
padding: 0.5rem;
padding: 0.5rem 0.5rem 0 0.5rem;
width: calc(100% - 1.4rem);
@ -12,6 +12,8 @@
box-shadow: $shadow;
>* {
margin-top: 0;
margin-bottom: 0.5rem;

1
css/scss/_navigation.scss
View file

@ -8,6 +8,7 @@ nav {
@include flexLeft(space-between);
margin: 0 auto 1rem;
padding: 0.5rem;
width: calc(100% - 1.4rem);
height: 2.5rem;

28
css/scss/_variables.scss
View file

@ -12,8 +12,8 @@ $white: #E8E3E3;
$page-accent: #8C977D;
$shadow: 6px 6px 2px #15151588;
$rad: 0rem;
$shadow: 6px 6px 2px #15151566;
$rad: 0.25rem;
$weight-bold: 621;
$weight-normal: 400;
@ -25,17 +25,23 @@ sans-serif;
// Fallback for items that do not yet support the new sass stylesheet system
:root {
--bg: #151515bb;
--bg: #{$bg-alt};
--bg-1: #242621;
--bg-2: #1D1E1C;
--bg-3: #151515;
--bg-3: #{$bg};
--fg: #E8E3E3;
--fg-dark: #151515;
--fg: #{$fg};
--fg-dark: #{$fg-alt};
--red: #B66467;
--orange: #FF7700;
--green: #8C977D;
--black: #151515;
--white: #E8E3E3;
--red: #{$red};
--orange: #{$orange};
--green: #{$green};
--black: #{$black};
--white: #{$white};
--accent: #{$page-accent};
--shadow: #{$shadow};
--rad: #{$rad};
}

26
error.php Normal file
View file

@ -0,0 +1,26 @@
<!DOCTYPE html>
<html>
<head>
<?php require_once __DIR__."/ui/header.php"; ?>
</head>
<body>
<div></div>
<div class="error-root">
<h2>Woops...</h2>
<?php
if ($_GET["e"] == "conn") {
echo "<p>An error occured while connecting to the server. If you're an admin, check the database configuration and/or make sure the database is alive</p>";
} else {
echo "<p>An error occured! But no description was provided.</p>";
}
?>
</div>
<?php require_once __DIR__."/ui/footer.php"; ?>
</body>
</html>

201
image.php
View file

@ -2,7 +2,7 @@
<html>
<head>
<?php include __DIR__."/ui/header.php"; ?>
<?php require_once __DIR__."/ui/header.php"; ?>
</head>
@ -18,9 +18,16 @@
| many rewrites and hours of learning....
|-------------------------------------------------------------
*/
include __DIR__."/ui/required.php";
include __DIR__."/ui/nav.php";
require_once __DIR__."/ui/required.php";
require_once __DIR__."/ui/nav.php";
use App\Account;
use App\Image;
use App\Diff;
$image_info = new Image;
$user_info = new Account;
$diff = new Diff();
/*
|-------------------------------------------------------------
@ -32,7 +39,7 @@
*/
if (isset($_GET['id']) && is_numeric($_GET['id'])) {
// Get all image info
$image = get_image_info($conn, $_GET['id']);
$image = $image_info->get_image_info($conn, $_GET['id']);
// Check if image is avalible
if (isset($image['imagename'])) {
@ -40,17 +47,17 @@
} else {
?>
<script>
sniffleAdd('Woops', 'Something happened, either image with the ID <?php echo $_GET['id']; ?> was deleted or never existed, either way it could not be found!', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
sniffleAdd('Woops', 'Something happened, either image with the ID <?php echo $_GET['id']; ?> was deleted or never existed, either way it could not be found!', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
<?php
$image_present = False;
}
} else {
?>
<script>
sniffleAdd('Where is da image?', 'The link you followed seems to be broken, or there was some other error, who knows!', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
sniffleAdd('Where is da image?', 'The link you followed seems to be broken, or there was some other error, who knows!', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
<?php
$image_present = False;
}
@ -71,7 +78,7 @@
*/
if (isset($image['author'])) {
// Get all information on the user
$user = get_user_info($conn, $image['author']);
$user = $user_info->get_user_info($conn, $image['author']);
if (isset($user['username'])) {
$image_author = $user['username'];
@ -88,7 +95,7 @@
|-------------------------------------------------------------
*/
if (isset($image['imagename'])) {
$image_path = "images/" . $image['imagename'];
$image_path = "images/".$image['imagename'];
$image_alt = $image['alt'];
} else {
$image_path = "assets/no_image.png";
@ -118,18 +125,36 @@
| Check user privilge
|-------------------------------------------------------------
*/
if (image_privilage($image['author']) || is_admin($_SESSION['id'])) {
if ($image_info->image_privilage($image['author']) || $user_info->is_admin($conn, $_SESSION['id'])) {
$privilaged = True;
} else {
$privilaged = False;
}
?>
<div class="image-container">
<img class='image' id='<?php echo $image['id']; ?>' src='<?php echo $image_path; ?>' alt='<?php echo $image_alt; ?>'>
</div>
if (is_file("images/previews/".$image['imagename'])) {
echo "<div class='image-container'>
<img class='image' id='".$image['id']."' src='images/previews/".$image['imagename']."' alt='".$image_alt."'>
<button class='preview-button' onclick='showFull()'><img src='assets/icons/scan.svg'></button>
</div>";
?>
<script>
function showFull() {
document.querySelector(".image").style.opacity = 0;
document.querySelector(".preview-button").style.display = "none";
setTimeout(function(){
document.querySelector(".image").src = "<?php echo $image_path;?>";
document.querySelector(".image").style.opacity = 1;
}, 500);
}
</script>
<?php
} else {
echo "<div class='image-container'>
<img class='image' id='".$image['id']."' src='".$image_path."' alt='".$image_alt."'>
</div>";
}
<?php
/*
|-------------------------------------------------------------
| Start of displaying all info on image
@ -140,43 +165,82 @@
<div class="image-description default-window">
<h2>Description</h2>
<p><?php echo $image_alt; ?></p>
<p><?php echo htmlentities($image_alt, ENT_QUOTES); ?></p>
</div>
<div class="image-detail flex-down default-window">
<div class="image-detail">
<h2>Details</h2>
<?php
// User
echo "<p>Author: " . $image_author . "</p>";
<div>
<div>
<?php
// User
if ($user_info->is_admin($conn, $image['author'])) {
echo "<p>Author: ".$image_author."<img class='svg' style='margin: 0 0 0.1rem 0.2rem;' src='assets/icons/crown-simple.svg'></p>";
} else {
echo "<p>Author: ".$image_author."</p>";
}
// Image ID
echo "<p>ID: " . $image['id'] . "</p>";
// Image ID
if ($image['id'] == 69) {
echo "<p>ID: ".$image['id'].", nice</p>";
} else {
echo "<p>ID: ".$image['id']."</p>";
}
// File name
if (strlen($image['imagename']) > 30) {
echo "<p>File Name: " . substr($image['imagename'], 0, 30) . "...</p>";
} else {
echo "<p>File Name: " . $image['imagename'] . "</p>";
}
$upload_time = new DateTime($image['upload_date']);
echo "<p id='updateTime'>Uploaded at: ".$upload_time->format('d/m/Y H:i:s T')."</p>";
?>
<script>
// Updating time to Viewers local
var updateDate = new Date('<?php echo $upload_time->format('m/d/Y H:i:s T'); ?>');
var format = {year: 'numeric',
month: 'short',
day: 'numeric',
hour: '2-digit',
minute: '2-digit'
};
updateDate = updateDate.toLocaleDateString('en-GB', format);
// File extention
echo "<p>File Type: " . pathinfo($image['imagename'], PATHINFO_EXTENSION) . "</p>";
$("#updateTime").html("Uploaded at: "+updateDate);
</script>
// Image resolution
list($width, $height) = getimagesize($image_path);
echo "<p>Image resolution: " . $width . "x" . $height . "</p>";
<p>Last Modified: <?php echo $diff->time($image['last_modified']); ?></p>
</div>
<div>
<?php
// File name
$image_pathinfo = pathinfo($image['imagename']);
echo "<p>File Name: ".$image_pathinfo['filename']."</p>";
// Image Upload date
echo "<p>Last updated: +0 " . $image['upload'] . "</p>";
// File extention
echo "<p>File Type: ".pathinfo($image['imagename'], PATHINFO_EXTENSION)."</p>";
echo "<br>";
// Image resolution
list($width, $height) = getimagesize($image_path);
echo "<p>Image resolution: ".$width."x".$height."</p>";
// Image download
echo "<a class='btn btn-good' href='images/" . $image['imagename'] . "' download='" . $image['imagename'] . "'><img class='svg' src='assets/icons/download.svg'>Download image</a>";
function human_filesize($bytes, $decimals = 2) {
$sz = 'BKMGTP';
$factor = floor((strlen($bytes) - 1) / 3);
return sprintf("%.{$decimals}f", $bytes / pow(1024, $factor)) . @$sz[$factor];
}
echo "<p>File size: ".human_filesize(filesize($image_path), 2)."</p>";
?>
</div>
</div>
<!-- Download Image -->
<a id='download' class='btn btn-good' href='<?php echo "images/".$image['imagename']; ?>' download='<?php echo $image['imagename']; ?>'><img class='svg' src='assets/icons/download.svg'>Download image</a>
<script>
$("#download").click(function() {
sniffleAdd("Info", "Image download started!", "var(--green)", "assets/icons/download.svg");
});
</script>
// Copy image
?>
<!-- Copy link -->
<button class='btn btn-good' onclick='copyLink()'><img class='svg' src='assets/icons/clipboard-text.svg'>Copy image link</button>
<script>
function copyLink() {
navigator.clipboard.writeText(window.location.href);
@ -184,9 +248,6 @@
sniffleAdd("Info", "Link has been copied!", "var(--green)", "assets/icons/clipboard-text.svg");
}
</script>
<?php
echo "<button class='btn btn-good' onclick='copyLink()'><img class='svg' src='assets/icons/clipboard-text.svg'>Copy image link</button>";
?>
</div>
<div class="tags-root default-window">
@ -198,9 +259,9 @@
$image_tags_array = explode(" ", $image['tags']);
foreach ($image_tags_array as $tag) {
if ($tag == "nsfw") {
echo "<p id='tag' class='tag btn-bad'>" . $tag . "</p>";
echo "<p id='tag' class='tag btn-bad'>".$tag."</p>";
} else {
echo "<p id='tag' class='tag btn-good'>" . $tag . "</p>";
echo "<p id='tag' class='tag btn-good'>".$tag."</p>";
}
}
} else {
@ -239,16 +300,16 @@
var header = "Are you sure?";
var description = "Deleting this image is pernament, there is no going back after this!!!!!";
var actionBox = "<form id='deleteConfirm' method='POST'>\
<button id='deleteSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/trash.svg'>Delete image</button>\
</form>";
<button id='deleteSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/trash.svg'>Delete image</button>\
</form>";
flyoutShow(header, description, actionBox);
$("#deleteConfirm").submit(function(event) {
event.preventDefault();
var deleteSubmit = $("#deleteSubmit").val();
$("#sniffle").load("app/image/delete_image.php", {
$("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>,
submit: deleteSubmit
submit_delete: deleteSubmit
});
});
});
@ -269,19 +330,21 @@
var header = "Enter new Description/Alt";
var description = "Whatcha gonna put in there 👀";
var actionBox = "<form id='descriptionConfirm' action='app/image/edit_description.php' method='POST'>\
<input id='descriptionInput' class='btn btn-neutral space-bottom' type='text' placeholder='Description/Alt for image'>\
<button id='descriptionSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/edit.svg'>Update information</button>\
</form>";
<textarea id='descriptionInput' class='btn btn-neutral space-bottom' placeholder='Description/Alt for image' rows='3'></textarea>\
<button id='descriptionSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/edit.svg'>Update information</button>\
</form>";
flyoutShow(header, description, actionBox);
$('#descriptionInput').val("<?php if ($image_alt != "No description avalible") echo str_replace('"', '\"', $image_alt); ?>");
$("#descriptionConfirm").submit(function(event) {
event.preventDefault();
var descriptionInput = $("#descriptionInput").val();
var descriptionSubmit = $("#descriptionSubmit").val();
$("#sniffle").load("app/image/edit_description.php", {
$("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>,
input: descriptionInput,
submit: descriptionSubmit
submit_description: descriptionSubmit
});
});
});
@ -301,21 +364,23 @@
<script>
$('#tagsButton').click(function() {
var header = "Tags";
var description = "Add image tags here! This is still being tested so your tags may be removed later on. Tags ONLY accept, letters, numbers and underscores. Hyphens will be stitched to underscores and spaces will seperate the different tags from eachother";
var description = "Tags are seperated by spaces, only alowed characters are a-z and underscores, all hyphens are converted to underscores. There are also special tags such as nsfw that'll blur images in the overview";
var actionBox = "<form id='tagsConfirm' action='app/image/edit_tags.php' method='POST'>\
<input id='tagsInput' class='btn btn-neutral space-bottom' type='text' placeholder='Tags are seperated by spaces'>\
<button id='tagsSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/edit.svg'>Edit tags</button>\
</form>";
<textarea id='tagsInput' class='btn btn-neutral space-bottom' placeholder='Tags are seperated by spaces' row='3'></textarea>\
<button id='tagsSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/edit.svg'>Edit tags</button>\
</form>";
flyoutShow(header, description, actionBox);
$('#tagsInput').val("<?php echo $image['tags']; ?>");
$("#tagsConfirm").submit(function(event) {
event.preventDefault();
var tagsInput = $("#tagsInput").val();
var tagsSubmit = $("#tagsSubmit").val();
$("#sniffle").load("app/image/edit_tags.php", {
$("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>,
input: tagsInput,
submit: tagsSubmit
submit_tags: tagsSubmit
});
});
});
@ -329,7 +394,7 @@
|-------------------------------------------------------------
-->
<?php
if (is_admin($_SESSION['id'])) {
if ($user_info->is_admin($conn, $_SESSION['id'])) {
?>
<button id='authorButton' class='btn btn-bad'><img class='svg' src='assets/icons/edit.svg'>Edit author</button>
<script>
@ -337,19 +402,19 @@
var header = "Who owns the image?????";
var description = "Enter ID of image owner";
var actionBox = "<form id='authorConfirm' action='app/image/edit_author.php' method='POST'>\
<input id='authorInput' class='btn btn-neutral space-bottom' type='text' placeholder='le author'>\
<button id='authorSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/edit.svg'>Edit author</button>\
</form>";
<input id='authorInput' class='btn btn-neutral space-bottom' type='text' placeholder='le author'>\
<button id='authorSubmit' class='btn btn-bad' type='submit'><img class='svg' src='assets/icons/edit.svg'>Edit author</button>\
</form>";
flyoutShow(header, description, actionBox);
$("#authorConfirm").submit(function(event) {
event.preventDefault();
var authorInput = $("#authorInput").val();
var authorSubmit = $("#authorSubmit").val();
$("#sniffle").load("app/image/edit_author.php", {
$("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>,
input: authorInput,
submit: authorSubmit
submit_author: authorSubmit
});
});
});
@ -367,7 +432,7 @@
}
?>
<?php include __DIR__."/ui/footer.php"; ?>
<?php require_once __DIR__."/ui/footer.php"; ?>
</body>
</html>

85
index.php
View file

@ -2,23 +2,22 @@
<html>
<head>
<?php include __DIR__."/ui/header.php"; ?>
<?php require_once __DIR__."/ui/header.php"; ?>
</head>
<body>
<?php
include __DIR__."/ui/required.php";
include __DIR__."/ui/nav.php";
?>
require_once __DIR__."/ui/required.php";
require_once __DIR__."/ui/nav.php";
<script>
if (params.del == "true") {
sniffleAdd("Image Deleted", "Successfully deleted image: <?php echo $_GET['id']; ?>", "var(--green)", "<?php echo $root_dir ?>assets/icons/trash.svg");
if ($_GET['del']) {
?>
<script>
sniffleAdd("Image Deleted", "Successfully deleted image: <?php echo $_GET['id']; ?>", "var(--green)", "assets/icons/trash.svg");
</script>
<?php
}
if (params.login == "success") {
sniffleAdd("Logged in", "O hi <?php echo $_SESSION['username']; ?>", "var(--green)", "<?php echo $root_dir ?>assets/icons/hand-waving.svg");
}
</script>
?>
<div class="info-text">
<?php
@ -43,45 +42,49 @@ include __DIR__."/ui/nav.php";
}
// Random welcome message
$import_welcome = file_get_contents("default.json");
$import_decode = json_decode($import_welcome, true);
$welcome_message = $import_decode['welcome_msg'];
$welcome_message = $user_settings['welcome_msg'];
echo "<p>".$welcome_message[array_rand($welcome_message, 1)]."</p>";
?>
</div>
<div class="gallery-root flex-left">
<!--
<div class="gallery-order">
<button class="btn btn-neutral">Grid</button>
<button class="btn btn-neutral">List</button>
</div>
-->
<div class="gallery-root">
<?php
// Reading images from table
$image_request = mysqli_query($conn, "SELECT * FROM swag_table ORDER BY id DESC");
// Reading images from table
$image_request = mysqli_query($conn, "SELECT * FROM images ORDER BY id DESC");
while ($image = mysqli_fetch_array($image_request)) {
// Getting thumbnail
if (file_exists("images/thumbnails/".$image['imagename'])) {
$image_path = "images/thumbnails/".$image['imagename'];
} else {
$image_path = "images/".$image['imagename'];
while ($image = mysqli_fetch_array($image_request)) {
// Getting thumbnail
if (file_exists("images/thumbnails/".$image['imagename'])) {
$image_path = "images/thumbnails/".$image['imagename'];
} else {
$image_path = "images/".$image['imagename'];
}
// Check for NSFW tag
if (str_contains($image['tags'], "nsfw")) {
$image_nsfw = "nsfw-blur";
$nsfw_warning = "<a href='image.php?id=".$image['id']."' class='nsfw-warning'><img class='svg' src='assets/icons/warning_red.svg'><span>NSFW</span></a>";
} else {
$image_nsfw = "";
$nsfw_warning = "";
}
// Image loading
echo "<div class='gallery-item'>";
echo $nsfw_warning;
echo "<a href='image.php?id=".$image['id']."'><img class='gallery-image ".$image_nsfw."' loading='lazy' src='".$image_path."' id='".$image['id']."'></a>";
echo "</div>";
}
// Check for NSFW tag
if (str_contains($image['tags'], "nsfw")) {
$image_nsfw = "nsfw-blur";
$nsfw_warning = "<a href='image.php?id=".$image['id']."' class='nsfw-warning'><img class='svg' src='assets/icons/warning_red.svg'><span>NSFW</span></a>";
} else {
$image_nsfw = "";
$nsfw_warning = "";
}
// Image loading
echo "<div class='gallery-item'>";
echo $nsfw_warning;
echo "<a href='image.php?id=".$image['id']."'><img class='gallery-image ".$image_nsfw."' loading='lazy' src='".$image_path."' id='".$image['id']."'></a>";
echo "</div>";
}
?>
</div>
<?php include __DIR__."/ui/footer.php"; ?>
<?php require_once __DIR__."/ui/footer.php"; ?>
</body>
</html>

30
account/password-reset.php → password-reset.php
View file

@ -2,18 +2,22 @@
<html>
<head>
<?php include "../ui/header.php"; ?>
<?php require_once __DIR__."/ui/header.php"; ?>
</head>
<body>
<?php
include "../ui/required.php";
include "../ui/nav.php";
require_once __DIR__."/ui/required.php";
require_once __DIR__."/ui/nav.php";
use App\Account;
$user_info = new Account();
// Check if the user is logged in, otherwise redirect to login page
if (!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true) {
header("location: https://superdupersecteteuploadtest.fluffybean.gay/account/login.php");
if ($user_info->is_loggedin() != true) {
header("location: account.php");
exit;
}
?>
@ -24,27 +28,27 @@
<br>
<form id="passwordForm" method="POST" enctype="multipart/form-data">
<input id="newPassword" class="btn btn-neutral" type="password" name="new_password" placeholder="New Password">
<input id="confirmSassword" class="btn btn-neutral" type="password" name="confirm_password" placeholder="Confirm Password">
<input id="confirmPassword" class="btn btn-neutral" type="password" name="confirm_password" placeholder="Confirm Password">
<br>
<button id="passwordSubmit" class="btn btn-bad" type="submit" name="reset"><img class="svg" src="../assets/icons/sign-in.svg">Reset</button>
<button id="passwordSubmit" class="btn btn-bad" type="submit" name="reset"><img class="svg" src="assets/icons/sign-in.svg">Reset</button>
</form>
</div>
<script>
$("#passwordForm").submit(function(event) {
event.preventDefault();
var new_passowrd = $("#newPassword").val();
var confirm_password = $("#confirmSassword").val();
var new_password = $("#newPassword").val();
var confirm_password = $("#confirmPassword").val();
var submit = $("#passwordSubmit").val();
$("#sniffle").load("../app/account/password_reset.php", {
new_passowrd: new_passowrd,
$("#sniffle").load("app/account/account.php", {
new_password: new_password,
confirm_password: confirm_password,
submit: submit
password_reset_submit: submit
});
});
</script>
<?php include "../ui/footer.php"; ?>
<?php require_once __DIR__."/ui/footer.php"; ?>
</body>
</html>

48
search.php
View file

@ -1,48 +0,0 @@
<?php
/*if (isset($_GET['q']) && !empty($_GET['q'])) {
// Make search into an array
$search_array = explode(" ", $_GET['q']);
// Get images tags for comparing
$image_tag_array = explode(" ", $image['tags']);
// Compare arrays
$compare_results = array_intersect($image_tag_array, $search_array);
if (count($compare_results) > 0) {
// Getting thumbnail
if (file_exists("images/thumbnails/".$image['imagename'])) {
$image_path = "images/thumbnails/".$image['imagename'];
} else {
$image_path = "images/".$image['imagename'];
}
// Image loading
echo "<div class='gallery-item'>";
echo "<a href='image.php?id=".$image['id']."'><img class='gallery-image' loading='lazy' src='".$image_path."' id='".$image['id']."'></a>";
echo "</div>";
}
}*/
?>
<!DOCTYPE html>
<html>
<head>
<?php include "ui/header.php"; ?>
</head>
<body>
<?php
include "ui/required.php";
include "ui/nav.php";
?>
<div class="search-root">
<h2>Where did the search go!</h2>
<p>Due to how it was implemented originally, it was hard to handle and work with. So I removed it.</p>
<p>It'll be coming back, but since it's going to be a lot of work it'll have to be much later.</p>
</div>
<?php include "ui/footer.php"; ?>
</body>
</html>

25
ui/footer.php
View file

@ -1,22 +1,5 @@
<footer class="flex-left around">
<a class='link' href="https://t.me/Fluffy_Bean">
<img class='svg' src='<?php echo $root_dir; ?>assets/icons/telegram-logo.svg'>
Telegram
</a>
<a class='link' href="https://twitter.com/fluffybeanUwU">
<img class='svg' src='<?php echo $root_dir; ?>assets/icons/twitter-logo.svg'>
Twitter
</a>
<a class='link' href="https://github.com/Fluffy-Bean">
<img class='svg' src='<?php echo $root_dir; ?>assets/icons/github-logo.svg'>
Github
</a>
<a class='link' href="<?php echo $root_dir; ?>about.php">
<img class='svg' src='<?php echo $root_dir; ?>assets/icons/scroll.svg'>
About
</a>
<a class='link' href="https://gay.fluffybean.gay">
<img class='svg' src='<?php echo $root_dir; ?>assets/icons/link.svg'>
My website!
</a>
<footer>
<p>Hosted by <?php echo $user_settings['user_name']; ?> under <?php echo $user_settings['license']; ?></p>
<p>Version <?php echo $user_settings['version']; ?></p>
<a class='link' href="about.php">About</a>
</footer>

20
ui/header.php
View file

@ -1,18 +1,8 @@
<?php
if (is_file("index.php")) {
$root_dir = "";
} else {
$root_dir = "../";
}
?>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php echo $setup_json['website']['name']; ?></title>
<!-- Stylesheets -->
<link rel="stylesheet" href="<?php echo $root_dir; ?>css/main.css">
<link rel="stylesheet" href="<?php echo $root_dir; ?>css/normalise.css">
<link rel="stylesheet" href="css/main.css">
<!-- Google Fonts -->
@ -27,9 +17,9 @@ if (is_file("index.php")) {
</script>
<!-- Sniffle script! -->
<script src="<?php echo $root_dir; ?>Sniffle/sniffle.js"></script>
<link rel='stylesheet' href='<?php echo $root_dir; ?>Sniffle/sniffle.css'>
<script src="Sniffle/sniffle.js"></script>
<link rel='stylesheet' href='Sniffle/sniffle.css'>
<!-- Flyout script! -->
<script src="<?php echo $root_dir; ?>Flyout/flyout.js"></script>
<link rel='stylesheet' href='<?php echo $root_dir; ?>Flyout/flyout.css'>
<script src="Flyout/flyout.js"></script>
<link rel='stylesheet' href='Flyout/flyout.css'>

26
ui/nav.php
View file

@ -1,19 +1,27 @@
<?php
use App\Account;
$loggedin = new Account();
?>
<nav class="nav-root flex-left">
<div class="nav-name flex-left">
<p><?php echo $setup_json['name']; ?></p>
<p><?php echo $user_settings['website_name']; ?></p>
</div>
<div class="nav-links flex-left">
<a class='btn' href='<?php echo $root_dir; ?>index.php'><img class='svg' src='<?php echo $root_dir; ?>assets/icons/house.svg'><span class='nav-hide'>Home</span></a>
<hr>
<a class='btn' href='<?php echo $root_dir; ?>search.php'><img class='svg' src='<?php echo $root_dir; ?>assets/icons/binoculars.svg'><span class='nav-hide'>Search</span></a>
<a class='btn' href='index.php'><img class='svg' src='assets/icons/house.svg'><span class='nav-hide'>Home</span></a>
<hr>
<?php
if (loggedin()) {
echo "<a class='btn' href='".$root_dir."upload.php'><img class='svg' src='".$root_dir."assets/icons/upload.svg'><span class='nav-hide'>Upload</span></a>";
echo "<hr>";
echo "<a class='btn' href='".$root_dir."/account/account.php'><img class='svg' src='".$root_dir."assets/icons/user-circle.svg'><span class='nav-hide'>".substr($_SESSION["username"], 0, 15)."</span></a>";
if ($loggedin->is_loggedin()) {
?>
<a class='btn' href='upload.php'><img class='svg' src='assets/icons/upload.svg'><span class='nav-hide'>Upload</span></a>
<hr>
<a class='btn' href='account.php'><img class='svg' src='assets/icons/gear.svg'><span class='nav-hide'><?php echo substr($_SESSION["username"], 0, 15); ?></span></a>
<?php
} else {
echo "<a class='btn' href='".$root_dir."/account/account.php'><img class='svg' src='".$root_dir."assets/icons/sign-in.svg'><span class='nav-hide'>Login</span></a>";
?>
<a class='btn' href='account.php'><img class='svg' src='assets/icons/sign-in.svg'><span class='nav-hide'>Login</span></a>
<?php
}
?>
</div>

98
ui/required.php
View file

@ -1,64 +1,3 @@
<?php
/*
Used for testing, do not use this in production
*/
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ERROR | E_PARSE | E_NOTICE);;
/*
Start session
This is important as most pages use the PHP session and will complain if its not possible to access.
*/
session_start();
/*
Check which directory user is in
I don't know if theres a better way of doing this? If there is please let me know
*/
if (is_file("index.php")) {
$root_dir = "";
} else {
$root_dir = "../";
}
$import_json = file_get_contents($root_dir."default.json");
$setup_json = json_decode($import_json, true);
/*
Connect to the server
*/
include $root_dir."app/server/conn.php";
/*
Add functions
*/
include $root_dir."app/account/get_info.php";
include $root_dir."app/account/is_admin.php";
include $root_dir."app/account/login_status.php";
include $root_dir."app/format/string_to_tags.php";
include $root_dir."app/image/get_image_info.php";
include $root_dir."app/image/image_privilage.php";
include $root_dir."app/server/secrete.php";
?>
<script>
/*
Gets Querys from the URL the user is at
Used by Sniffle to display notificaions
*/
const params = new Proxy(new URLSearchParams(window.location.search), {
get: (searchParams, prop) => searchParams.get(prop),
});
</script>
<!--
Used by Sniffle to add Notifications
Div can be displayed all time as it has no width or height initself
@ -86,7 +25,7 @@ include $root_dir."app/server/secrete.php";
everything can always be accessed
-->
<a id="back-to-top" href="#">
<img src="<?php echo $root_dir; ?>assets/icons/caret-up.svg">
<img src="assets/icons/caret-up.svg">
</a>
<script>
button = document.getElementById("back-to-top");
@ -106,4 +45,37 @@ include $root_dir."app/server/secrete.php";
Required so main objects are centered when NAV
is in mobile view
-->
<div class="nav-mobile"></div>
<div class="nav-mobile"></div>
<?php
/*
User defined settings
*/
require_once dirname(__DIR__)."/app/settings/settings.php";
ini_set('post_max_size', $user_settings['upload_max']."M");
ini_set('upload_max_filesize', ($user_settings['upload_max'] + 1)."M");
if ($user_settings['is_testing'] == "true") {
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ERROR | E_PARSE | E_NOTICE);
?>
<script>
sniffleAdd('Notice', 'This website is currently in a testing state', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
}
/*
Connect to the server
*/
require_once dirname(__DIR__)."/app/server/conn.php";
require_once dirname(__DIR__)."/app/server/secrete.php";
/*
Classes
*/
require_once dirname(__DIR__)."/app/app.php";
?>

34
upload.php
View file

@ -2,7 +2,7 @@
<html>
<head>
<?php include __DIR__."/ui/header.php"; ?>
<?php require_once __DIR__."/ui/header.php"; ?>
<!-- Upload Script -->
<script>
@ -21,7 +21,10 @@
// Get ALT
var alt = $("#alt").val();
formData.append("alt", alt);
// Get ALT
// Get TAGS
var tags = $("#tags").val();
formData.append("tags", tags);
// Submit data
var submit = $("#submit").val();
formData.append("submit", submit);
@ -40,9 +43,10 @@
// Empty values
$("#image").val("");
$("#alt").val("");
$("#tags").val("");
$("#submit").val("");
} else {
sniffleAdd('Gwha!', 'Pls provide image', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/file-search.svg');
sniffleAdd('Gwha!', 'Pls provide image', 'var(--red)', 'assets/icons/file-search.svg');
}
});
});
@ -51,16 +55,19 @@
<body>
<?php
include __DIR__."/ui/required.php";
include __DIR__."/ui/nav.php";
require_once __DIR__."/ui/required.php";
require_once __DIR__."/ui/nav.php";
use App\Account;
$user_info = new Account();
// Check if user is logged in
if (!loggedin()) {
echo "
<script>
sniffleAdd('Who are you!', 'You must be loggedin to upload things, sowwy!', 'var(--red)', '" . $root_dir . "assets/icons/cross.svg');
</script>
";
if (!$user_info->is_loggedin()) {
?>
<script>
sniffleAdd('Who are you!', 'You must be loggedin to upload things, sowwy!', 'var(--red)', 'assets/icons/cross.svg');
</script>
<?php
}
?>
@ -70,13 +77,14 @@
<br>
<form id="uploadSubmit" class="flex-down between" method="POST" enctype="multipart/form-data">
<input id="image" class="btn btn-neutral" type="file" placeholder="select image UwU">
<input id="alt" class="btn btn-neutral" type="text" placeholder="Description/Alt for image">
<textarea id="alt" class="btn btn-neutral" placeholder="Description/Alt for image" rows="3"></textarea>
<textarea id="tags" class="btn btn-neutral" placeholder="Tags, seperated by white-space" rows="3"></textarea>
<br>
<button id="submit" class="btn btn-good" type="submit"><img class="svg" src="assets/icons/upload.svg">Upload Image</button>
</form>
</div>
<?php include __DIR__."/ui/footer.php"; ?>
<?php require_once __DIR__."/ui/footer.php"; ?>
</body>
</html>