config_file, true); $this->db = new mysqli( $config[database]['domain'], $config[database]['user'], $config[database]['password'], $config[database]['database']); if (mysqli_connect_errno()) { echo "Problem connecting to database: "; echo mysqli_connect_error(); exit(); } $this->recaptcha_publickey = $config['recaptcha']['publickey']; $this->recaptcha_privatekey = $config['recaptcha']['privatekey']; $this->title = $config['site']['default_title']; $this->home_link = $config['site']['home_link']; ob_start(); } public static function determine_type() { if (isset($_GET['page']) && is_numeric($_GET['page'])) { return 'page'; } else if (isset($_GET['year'])) { return 'archive'; } else if (isset($_GET['note'])) { return 'note'; } else if ($_SERVER['REQUEST_URI'] == '/') { return 'index'; } else if (isset($_GET['project'])) { return 'project'; } else if (isset($_GET['rss'])) { return 'rss'; } else if (isset($_GET['challenge'])) { return 'captcha'; } } public function query() { $args = func_get_args(); $statement = $this->db->prepare($args[0]); $args = array_slice($args, 1); call_user_func_array(array($statement, 'bind_param'), &$args); $statement->execute(); $return = array(); $statement->store_result(); $row = array(); $data = $statement->result_metadata(); $fields = array(); $fields[0] = &$statement; while($field = $data->fetch_field()) { $fields[] = &$row[$field->name]; } call_user_func_array("mysqli_stmt_bind_result", $fields); $i = 0; while ($statement->fetch()) { foreach ($row as $key=>$value) $return[$i][$key] = $value; $i++; } $statement->free_result(); return $return; } public function display_head($title = "dylansserver", $home_link = "/") { $scripts = $this->scripts; $stylesheets = ""; $home_link = "http://validator.w3.org/unicorn/check?ucn_uri=dylansserver.com&ucn_task=conformance#"; echo << $this->title $stylesheets $scripts
END_OF_HEAD; } public function display_contact() { echo <<

dylan

@psu.edu
END_OF_CONTACT; } public function display_close($show_contact = true) { if ($show_contact) { $this->display_contact(); } echo <<

END_OF_CLOSE; ob_flush(); } } class index extends cms { public function display() { $this->scripts = ""; $this->display_head(); $this->display_exhibits(); echo ""; $this->display_close($show_contact = false); } protected function display_exhibits() { echo "
"; $sql = "SELECT text FROM projects"; $result = $this->db->query($sql); while ($entry = $result->fetch_object()) { echo $entry->text; } echo "
"; } private function list_projects() { echo <<

my projects:

HEREDOC; $sql = "SELECT title FROM projects"; $result = $this->db->query($sql); while ($entry = $result->fetch_object()) { echo "
  • $entry->title
  • "; } } } class project extends index { protected function display_exhibits() { echo "
    "; $sql = "SELECT text FROM projects WHERE title = ?"; $result = $this->query($sql, "s", $_GET['project']); if ($result = $result[0]['text']) { $text = str_replace("class='exhibit'", "class='exhibit' style='display:block;'", $result); echo $text; echo "
    "; } else { throw new notFound(); } } } class page extends cms { private $page = 1; private $offset = 0; private $notes_per_page = 4; private $number_of_pages = 1; public function __construct() { parent::__construct(); $this->page_offset(); $this->scripts = " "; } private function page_offset() { $sql = "SELECT COUNT(*) FROM notes"; $result = $this->db->query($sql); $result = $result->fetch_array(); $this->number_of_pages = ceil($result[0] / $this->notes_per_page); if (isset($_GET['page']) && is_numeric($_GET['page'])) { $this->page = (int) $_GET['page']; } else { throw new notFound(); } if ($this->page > $this->number_of_pages) { throw new notFound(); } if ($this->page < 1) { throw new notFound(); } $this->offset = ($this->page - 1) * $this->notes_per_page; } public function display() { $this->display_head(); echo "
    "; $sql = "SELECT date_posted, title, url, text FROM notes ORDER BY date_posted DESC LIMIT ?, ?"; $result = $this->query($sql, "ii", $this->offset, $this->notes_per_page); foreach ($result as $row => $entry) { $title = $entry['title']; $url = '/note/' . $entry['url']; $date_posted = explode("-", $entry['date_posted']); $year_posted = $date_posted[0]; $month_posted = $date_posted[1]; $datetime_posted = explode(' ', $date_posted[2]); $day_posted = $datetime_posted[0]; $text = $entry['text']; echo <<

    $year_posted/$month_posted/$day_posted/$title

    $text
    END_NOTE; } echo ""; $this->write_navigation(); $this->display_close(); } private function write_navigation() { echo ""; } } class note extends cms { private $id; private $comments_enabled = false; private $failed_captcha; public $url; public $title; public $year_posted; public $month_posted; public $day_posted; public $text; public $number_of_comments; public function __construct() { $this->scripts = " "; if (isset($_GET['comments'])) { $this->scripts .= " "; } parent::__construct(); if (isset($_GET['comments'])) { $this->comments_enabled = true; } $url = htmlspecialchars($_SERVER['REQUEST_URI']); if (isset($_GET['verify'])) { $url = substr($url, 0, (strlen($url)-6)); } $this->url = $url; $sql = "SELECT title, date_posted, text, id FROM notes WHERE url = ?"; $result = $this->query($sql, "s", $_GET['note']); if ($result) { $entry = $result[0]; $this->id = $entry["id"]; $this->title = $entry["title"]; $date_posted = explode("-", $entry["date_posted"]); $this->year_posted = $date_posted[0]; $this->month_posted = $date_posted[1]; $datetime_posted = explode(' ', $date_posted[2]); $this->day_posted = $datetime_posted[0]; $this->text = $entry["text"]; } else { throw new notFound(); } $sql = "SELECT COUNT(*) FROM comments WHERE note = $this->id"; $result = $this->db->query($sql); $result = $result->fetch_array(); $this->number_of_comments = $result[0]; if (isset($_GET['verify'])) { $this->verify(); } } public function display() { $this->display_head(); $this->display_note(); if ($this->comments_enabled) { $this->display_comments(); $this->display_comment_form(); } $this->write_navigation(); $this->display_close(); } private function verify() { if (!isset($_POST['captcha'])) { require_once('includes/recaptchalib.php'); echo "
    "; $resp = recaptcha_check_answer ($this->recaptcha_privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $this->failed_captcha = true; } } if (isset($_POST['captcha']) || $resp->is_valid) { $sql = ("INSERT INTO comments (date_posted, author, text, note) VALUES(NOW(), ?, ?, ?)"); $stmt = $this->db->prepare($sql); // Checks are needed here (no blank text, // and a default author needs to be set // for no-javascript users. $stmt->bind_param('sss', htmlspecialchars($_POST['name']), htmlspecialchars($_POST['text']), $this->id); $stmt->execute(); } } private function display_note() { echo <<

    $this->year_posted/$this->month_posted/$this->day_posted/$this->title

    $this->text END_OF_NOTE; } private function write_navigation() { echo <<


    END_OF_NAVIGATION; } private function display_comment_link() { if ($this->number_of_comments > 0) { $anchor_text = "comments($this->number_of_comments)/"; } else { $anchor_text = "comment?"; } if (substr($this->url, (strlen($this->url)-1), strlen($this->url)) == '/') { $url = $this->url . 'comments/'; } else { $url = $this->url . '/comments/'; } echo "$anchor_text"; } private function display_comments() { echo "
    "; $sql= "SELECT date_posted, author, text FROM comments WHERE note = ? ORDER BY date_posted DESC"; $result = $this->query($sql, 'd', $this->id); foreach ($result as $row => $entry) { $date_posted = $entry['date_posted']; $author = $entry['author']; $text = htmlspecialchars($entry['text']); $head = "

    $author

    "; echo << $head $text
    END_OF_COMMENT; } echo ""; } private function display_comment_form() { $publickey = $this->recaptcha_publickey; echo << Recaptcha.create("$publickey", "recaptcha_div", { theme : 'custom', custom_theme_widget: 'recaptcha_widget', callback: Recaptcha.focus_response_field }); END_CAPTCHA_STYLE; require_once('includes/recaptchalib.php'); $url = $this->url . "verify"; echo "
    "; echo <<

    comment:

    name:


    what's this say?










    enter the numbers you hear:

    another? / audio? / image?help?
    END_OF_FORM; echo recaptcha_get_html($this->recaptcha_publickey); if ($this->failed_captcha) { echo << reCAPTCHA said you're not human,
    try again? END_OF_ERRORS; } else { echo << reCAPTCHA said you're not human,
    try again?
    but you didn't write anything!
    END_OF_ERRORS; } echo << END_OF_FORM; } } class archive extends cms { public function __construct() { parent::__construct(); } private function check_exists() { $sql = "SELECT COUNT(*) FROM notes WHERE url = ?"; $results = $this->query($sql, "s", $_GET['note']); if ($results[0]["COUNT(*)"] != 1) { $this->not_found(); } } public function display() { $this->display_head(); switch (true) { case (isset($_GET['year']) && !isset($_GET['month']) && !isset($_GET['day'])): $sql = "SELECT title, url, date_posted, text FROM notes WHERE YEAR(date_posted) = ? ORDER BY date_posted DESC"; $result = $this->query($sql, "d", $_GET['year']); break; case (isset($_GET['year']) && isset($_GET['month']) && !isset($_GET['day'])): $sql = "SELECT title, url, date_posted, text FROM notes WHERE YEAR(date_posted) = ? AND MONTH(date_posted) = ? ORDER BY date_posted DESC"; $result = $this->query($sql, "dd", $_GET['year'], $_GET['month']); break; case (isset($_GET['year']) && isset($_GET['month']) && isset($_GET['day'])): $sql = "SELECT title, url, date_posted, text FROM notes WHERE YEAR(date_posted) = ? AND MONTH(date_posted) = ? AND DAY(date_posted) = ? ORDER BY date_posted DESC"; $result = $this->query($sql, "ddd", $_GET['year'], $_GET['month'], $_GET['day']); break; } if (count($result) >= 1) { echo "
    "; foreach ($result as $row => $entry) { $title = $entry['title']; $url = '/note/' . $entry['url']; $date_posted = explode("-", $entry['date_posted']); $year_posted = $date_posted[0]; $month_posted = $date_posted[1]; $datetime_posted = explode(' ', $date_posted[2]); $day_posted = $datetime_posted[0]; echo "
    "; echo "

    "; echo "$year_posted/$month_posted/$day_posted/"; echo "$title

    "; echo $entry['text']; echo "
    "; } echo "
    "; $this->write_navigation(); } else { echo "
    "; echo "

    sorry, nothing here

    "; echo "
    Empty set (0.00 sec)
    "; } $this->display_close(); } private function write_navigation() { echo "
    "; echo ""; } } class rss extends cms { public function display() { $result = $this->db->query("SELECT date_posted, title, text, url FROM notes ORDER BY date_posted DESC LIMIT 5"); echo << dylanstestserver.com/notes/rss http://dylanstestserver.com/notes dylanstestserver.com/notes/rss END_OF_ENTRY; while ($entry = $result->fetch_object()) { $title = $entry->title; $date_posted = $entry->date_posted; $url = "http://dylanstestserver.com/note/" . $entry->url; $text = $entry->text; $text = strip_tags($text); $end_of_first_sentence = strpos($text, '.'); if ($end_of_first_sentence) { $end_of_second_sentence = strpos($text, '.', ($end_of_first_sentence + 1)); if ($end_of_second_sentence) { $description = substr($text, '0', ($end_of_second_sentence + 1)); } else { $description = substr($text, '0', ($end_of_first_sentence + 1)); } } echo << $title $url $url $description END_OF_ENTRY; } echo ""; echo ""; } } class notFound extends Exception { public function __construct() { header('HTTP/1.0 404 Not Found'); ob_end_clean(); include('404.php'); exit(); } } class captcha extends cms { public function display() { $challenge = $_GET['challenge']; $response = $_GET['response']; $remoteip = $_SERVER['REMOTE_ADDR']; $curl = curl_init('http://api-verify.recaptcha.net/verify?'); curl_setopt ($curl, CURLOPT_POST, 4); curl_setopt ($curl, CURLOPT_POSTFIELDS, "privatekey=$this->recaptcha_privatekey&remoteip=$remoteip&challenge=$challenge&response=$response"); $result = curl_exec ($curl); curl_close ($curl); } } ## now actually do something: switch (cms::determine_type()) { case 'index': $index = new index(); $index->display(); break; case 'project': $project = new project(); $project->display(); break; case 'note': $note = new note; $note->display(); break; case 'page': $page = new page; $page->display(); break; case "rss": $rss = new rss(); $rss->display(); case 'archive': $archive = new archive; $archive->display(); break; case "captcha": $captcha = new captcha; $captcha->display(); break; } ?>