uni-days/ittech
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ittech/w12/index.php
Andrew nuark G 8680f03b91 Fixed W12
2023-03-26 16:58:46 +07:00

436 lines
13 KiB
PHP
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
require_once 'vendor/autoload.php';
require_once 'vendor/pecee/simple-router/helpers.php';
require_once 'src/database.php';
require_once 'src/helpers.php';
use Pecee\SimpleRouter\SimpleRouter;
$loader = new \Twig\Loader\FilesystemLoader('views');
$twig = new \Twig\Environment($loader, [
'cache' => false,
]);
// start session
session_start();
// create favicon route
SimpleRouter::get('/favicon.ico', function() {
return;
});
// create main page route
SimpleRouter::get('/', function() use($twig) {
if (getSessionVariable('user') !== null) {
$user = getSessionVariable('user');
echo $twig->render('index.twig', [
'user' => $user,
'menu' => json_decode(Database::getUserMenu($user)["data"]),
'gallery' => Database::getPublishedImages()
]);
} else {
echo $twig->render('propose-auth.twig');
}
});
// create register route
SimpleRouter::get('/register', function() use($twig) {
if (getSessionVariable('user') !== null) {
return response()->redirect('/');
}
// get error from get parameters
$error = input()->get('error', '');
echo $twig->render('register.twig', [
'error' => htmlspecialchars($error),
]);
});
// create register POST route
SimpleRouter::post('/register', function() {
$login = trim(input()->post('login', ''));
$password = trim(input()->post('password', ''));
// if login or password is empty, redirect to register page with error
if (empty($login) || empty($password)) {
return response()->redirect('/register?error=Проверьте данные формы!');
}
// try create user if ok - redirect to login page with message
try {
Database::createUser($login, $password);
$user = Database::getUser($login);
Database::createEmptyMenuForUser($user);
response()->redirect('/login?message=Пользователь создан');
} catch (PDOException $e) {
response()->redirect('/register?error=Пользователь уже существует!');
}
});
// create login route
SimpleRouter::get('/login', function() use($twig) {
if (getSessionVariable('user') !== null) {
return response()->redirect('/');
}
// get message from get parameters
$message = input()->get('message', '');
// get error from get parameters
$error = input()->get('error', '');
echo $twig->render('login.twig', [
'message' => htmlspecialchars($message),
'error' => htmlspecialchars($error),
]);
});
// create login POST route
SimpleRouter::post('/login', function() {
$login = trim(input()->post('login', ''));
$password = trim(input()->post('password', ''));
// if login or password is empty, redirect to register page with error
if (empty($login) || empty($password)) {
return response()->redirect('/login?error=Проверьте данные формы!');
}
if (!Database::userExists($login)) {
return response()->redirect('/login?error=Пользователь не существует!');
}
if (!Database::verifyUser($login, $password)) {
return response()->redirect('/login?error=Неправильный пароль!');
}
$user = Database::getUser($login);
// set session variables
setSessionVariable('user', $user);
// redirect to index page
response()->redirect('/');
});
// create logout route
SimpleRouter::get('/logout', function() {
// unset session variables
unsetSessionVariable('user');
// redirect to index page
response()->redirect('/');
});
// create menu editing route
SimpleRouter::get('/editMenu', function() use($twig) {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
$user = getSessionVariable('user');
echo $twig->render('edit-menu.twig', [
'user' => $user,
'menu' => json_decode(Database::getUserMenu($user)["data"]),
]);
});
// create menu save POST route
SimpleRouter::post('/editMenu', function() {
if (getSessionVariable('user') === null) {
return response()->json([
'error' => "Not authorized",
'code' => 403,
]);
}
try {
$user = getSessionVariable('user');
$menuData = [];
$menu = input()->post('menu', []);
for ($i = 0; $i < count($menu->value); $i++) {
array_push($menuData, [
'url' => $menu->value[$i]->value['url']->value,
'name' => $menu->value[$i]->value['name']->value,
]);
}
Database::setUserMenu($user, json_encode($menuData));
response()->json([
'data' => json_encode($menuData),
'code' => 200,
]);
} catch (PDOException $e) {
response()->json([
'error' => json_encode($e->getMessage()),
'code' => 500,
]);
}
});
// create tables lookup route
SimpleRouter::get('/lookupTables', function() use($twig) {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
$tables = [];
$tableData = [];
$user = getSessionVariable('user');
$table = input()->get('table', '');
$sort = input()->get('sort', 'DESC');
$col = input()->get('col', '');
if ($table !== '') {
$cols = Database::getTableColumns($table);
if ($col === '') {
$col = $cols[0]['column_name'];
} else {
$col = $col->value;
}
$tableData = [
"header" => $cols,
"data" => Database::getAnyTableSorted($table, $col, $sort),
];
} else {
$tables = array_map(function($tbl) {
return $tbl["table_name"];
}, Database::getAvailableTables());
}
echo $twig->render('lookup-tables.twig', [
'user' => $user,
'table' => $table,
'tables' => $tables,
'tableData' => $tableData
]);
});
// create POST router for image uploading
SimpleRouter::post('/uploadImage', function() {
if (getSessionVariable('user') === null) {
return response()->json([
'error' => "Not authorized",
'code' => 403,
]);
}
$user = getSessionVariable('user');
$file = input()->file('file');
$fileType = $file->type;
if ($fileType === 'image/jpeg') {
$filename = $user['login'] . '_' . time() . '.jpg';
$fullpath = 'data/full/' . $filename;
$file->move($fullpath);
$size = getimagesize($fullpath);
$ratio = $size[0]/$size[1]; // width/height
if( $ratio > 1) {
$width = 200;
$height = 200/$ratio;
}
else {
$width = 200*$ratio;
$height = 200;
}
$thumb = imagecreatetruecolor($width, $height);
$source = imagecreatefromjpeg($fullpath);
imagecopyresized($thumb, $source, 0, 0, 0, 0, $width, $height, $size[0], $size[1]);
$color = imagecolorallocate($thumb, 0, 255, 0);
$ulogin = getSessionVariable('user')['login'];
imagestring($thumb, 2, 2, 2, "$ulogin @ LABA", $color);
imagejpeg($thumb, 'data/thumb/' . $filename);
try {
Database::addImageToGallery($filename, $user);
} catch (PDOException $e) {
return response()->json([
'error' => json_encode($e->getMessage()),
'code' => 500,
]);
}
return response()->json([
'code' => 200,
]);
} else {
return response()->json([
'error' => "Wrong file type",
'code' => 400,
]);
}
});
// create gallery route
SimpleRouter::get('/gallery', function() use($twig) {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
$user = getSessionVariable('user');
$images = Database::getUsersImages($user);
echo $twig->render('gallery.twig', [
'user' => $user,
'images' => $images,
]);
});
// create image route
SimpleRouter::get('/image/{id}', function($id) use($twig) {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
$user = getSessionVariable('user');
$image = Database::getImage($id);
if ($image['user_id'] !== $user['id']) {
return response()->httpCode(403);
}
echo $twig->render('image.twig', [
'user' => $user,
'image' => $image,
]);
});
// create image info save POST route
SimpleRouter::post('/image/{id}', function($id) {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
$user = getSessionVariable('user');
$image = Database::getImage($id);
if ($image['user_id'] !== $user['id']) {
return response()->httpCode(403);
}
$description = input()->post('description', '')->value;
$published = boolval(input()->post('published', 0)->value)?"true":"false";
try {
Database::updateImage($id, $description, $published);
} catch (PDOException $e) {
return response()->json([
'error' => json_encode($e->getMessage()),
'code' => 500,
]);
}
response()->redirect('/');
});
// create image DELETE route
SimpleRouter::get('/image/{id}/delete', function($id) {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
$user = getSessionVariable('user');
$image = Database::getImage($id);
if ($image['user_id'] !== $user['id']) {
return response()->httpCode(403);
}
unlink('data/full/' . $image['filename']);
unlink('data/thumb/' . $image['filename']);
Database::deleteImage($id);
response()->redirect('/gallery');
});
// create image serving route
SimpleRouter::all('/images', function() {
$type = input()->get('type', 'thumb');
$filename = input()->get('filename', '');
if (file_exists("data/$type/$filename")) {
header("Content-type: image/jpeg");
return file_get_contents("data/$type/$filename");
} else {
response()->httpCode(404);
}
});
// create export route
SimpleRouter::get('/export', function() {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
header("Content-type: application/xml");
echo Database::exportUsersXML();
});
// create import route
// create gallery route
SimpleRouter::get('/import', function() use($twig) {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
$user = getSessionVariable('user');
$message = input()->get('message', '');
$error = input()->get('error', '');
echo $twig->render('import.twig', [
'user' => $user,
'message' => htmlspecialchars($message),
'error' => htmlspecialchars($error),
]);
});
// create import POST route
SimpleRouter::post('/import', function() {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
$xml = input()->post('xml')->value;
if ($xml) {
try {
list($ok, $fail) = Database::importUsersXML($xml);
response()->redirect("/import?message=OK: $ok, КРАХ: $fail");
} catch (Exception $e) {
response()->redirect("/import?error=" . $e->getMessage());
}
} else {
response()->redirect('/import?error=Произошла ошибка');
}
});
// create image search route
SimpleRouter::get('/search', function() use($twig) {
if (getSessionVariable('user') === null) {
return response()->redirect('/');
}
$user = getSessionVariable('user');
$search = input()->get('search', '')->value;
$author = input()->get('author', '')->value;
$authors = Database::getUsersList();
$images = [];
if ($search and $author) {
$images = Database::searchImages("%".$search."%", $author);
}
echo $twig->render('search.twig', [
'user' => $user,
'images' => $images,
'search' => $search,
'author' => $author,
'authors' => $authors,
]);
});
// create recover password route
SimpleRouter::get('/recover-password', function() use($twig) {
$message = input()->get('message', '');
$error = input()->get('error', '');
$mail = input()->get('mail', '');
echo $twig->render('recover-password.twig', [
'message' => htmlspecialchars($message),
'error' => htmlspecialchars($error),
'mail' => $mail,
]);
});
// create recover password POST route
SimpleRouter::post('/recover-password', function() use ($twig) {
$login = input()->post('login', '')->value;
if ($login) {
try {
$user = Database::getUser($login);
if ($user) {
$newPassword = Database::generateUserNewPassword($login);
$sentMail = $twig->render('recover-password-mail.twig', [
'login' => $login,
'password' => $newPassword,
]);
response()->redirect('/recover-password?message=Сообщение с паролем отправлено&mail=' . urlencode($sentMail));
} else {
response()->redirect('/recover-password?error=Пользователь не найден!');
}
} catch (PDOException $e) {
response()->redirect('/recover-password?error=' . $e->getMessage());
}
} else {
response()->redirect('/recover-password?error=Произошла ошибка');
}
});
SimpleRouter::start();
Reference in a new issue View git blame Copy permalink