X-Git-Url: https://disinclined.org/git/?a=blobdiff_plain;f=index.php;h=e58f7372827636c539df32504df2a1c2b96925a0;hb=2cf7880d4afdde09707d4fc62e82597d6bfea7a0;hp=47a1ad4d6382e05aeda103f0ff369ca87140d38b;hpb=06268cf4dd5d7b6a1742077db3a5949144a4761f;p=dylansserver.git diff --git a/index.php b/index.php index 47a1ad4..e58f737 100644 --- a/index.php +++ b/index.php @@ -1 +1,764 @@ - +config_file, true); + $this->db = new mysqli( + $config[database]['domain'], + $config[database]['user'], + $config[database]['password'], + $config[database]['database']); + if (mysqli_connect_errno()) { + echo "Problem connecting to database: "; + echo mysqli_connect_error(); + exit(); + } + $this->recaptcha_publickey = $config['recaptcha']['publickey']; + $this->recaptcha_privatekey = $config['recaptcha']['privatekey']; + $this->title = $config['site']['default_title']; + $this->home_link = $config['site']['home_link']; + ob_start(); + } + + public static function determine_type() { + if (isset($_GET['page']) && is_numeric($_GET['page'])) { + return 'page'; + } else if (isset($_GET['year'])) { + return 'archive'; + } else if (isset($_GET['note'])) { + return 'note'; + } else if ($_SERVER['REQUEST_URI'] == '/') { + return 'index'; + } else if (isset($_GET['project'])) { + return 'project'; + } else if (isset($_GET['rss'])) { + return 'rss'; + } else if (isset($_GET['challenge'])) { + return 'captcha'; + } + } + + public function query() { + $args = func_get_args(); + $statement = $this->db->prepare($args[0]); + $args = array_slice($args, 1); + call_user_func_array(array($statement, 'bind_param'), &$args); + $statement->execute(); + $return = array(); + $statement->store_result(); + $row = array(); + $data = $statement->result_metadata(); + $fields = array(); + $fields[0] = &$statement; + while($field = $data->fetch_field()) { + $fields[] = &$row[$field->name]; + } + call_user_func_array("mysqli_stmt_bind_result", $fields); + $i = 0; + while ($statement->fetch()) { + foreach ($row as $key=>$value) $return[$i][$key] = $value; + $i++; + } + $statement->free_result(); + return $return; + } + + public function display_head($title = "dylansserver", + $home_link = "/") { + $scripts = $this->scripts; + $stylesheets = ""; + $home_link = "http://validator.w3.org/unicorn/check?ucn_uri=dylansserver.com&ucn_task=conformance#"; + echo << + + + + + + + $this->title + + $stylesheets + $scripts + + + +
+ + +
+END_OF_HEAD; + } + + public function display_contact() { + echo <<

dylan

@psu.edu +
+END_OF_CONTACT; + } + + public function display_close($show_contact = true) { + if ($show_contact) { + $this->display_contact(); + } + echo << +
+
+
+ + +END_OF_CLOSE; + ob_flush(); + } + +} + + +class index extends cms { + + public function display() { + $this->scripts = ""; + $this->display_head(); + $this->display_exhibits(); + echo ""; + $this->display_close($show_contact = false); + } + + protected function display_exhibits() { + echo "
"; + $sql = "SELECT text FROM projects"; + $result = $this->db->query($sql); + while ($entry = $result->fetch_object()) { + echo $entry->text; + } + echo "
"; + } + + private function list_projects() { + echo << +

my projects:

+ +HEREDOC; + $sql = "SELECT title FROM projects"; + $result = $this->db->query($sql); + while ($entry = $result->fetch_object()) { + echo "
  • $entry->title
    • "; + } + } + +} + + +class project extends index { + + protected function display_exhibits() { + echo "
    "; + $sql = "SELECT text FROM projects + WHERE title = ?"; + $result = $this->query($sql, "s", $_GET['project']); + if ($result = $result[0]['text']) { + $text = str_replace("class='exhibit'", "class='exhibit' style='display:block;'", $result); + echo $text; + echo "
    "; + } else { + throw new notFound(); + } + } + +} + + +class page extends cms { + + private $page = 1; + private $offset = 0; + private $notes_per_page = 4; + private $number_of_pages = 1; + + public function __construct() { + parent::__construct(); + $this->page_offset(); + $this->scripts = " + + + + + + "; + } + + private function page_offset() { + $sql = "SELECT COUNT(*) FROM notes"; + $result = $this->db->query($sql); + $result = $result->fetch_array(); + $this->number_of_pages = ceil($result[0] / $this->notes_per_page); + if (isset($_GET['page']) && is_numeric($_GET['page'])) { + $this->page = (int) $_GET['page']; + } else { + throw new notFound(); + } + if ($this->page > $this->number_of_pages) { + throw new notFound(); + } + if ($this->page < 1) { + throw new notFound(); + } + $this->offset = ($this->page - 1) * $this->notes_per_page; + } + + public function display() { + $this->display_head(); + echo "
    "; + $sql = "SELECT date_posted, title, url, text + FROM notes ORDER BY date_posted DESC + LIMIT ?, ?"; + $result = $this->query($sql, "ii", + $this->offset, + $this->notes_per_page); + foreach ($result as $row => $entry) { + $title = $entry['title']; + $url = '/note/' . $entry['url']; + $date_posted = explode("-", $entry['date_posted']); + $year_posted = $date_posted[0]; + $month_posted = $date_posted[1]; + $datetime_posted = explode(' ', $date_posted[2]); + $day_posted = $datetime_posted[0]; + $text = $entry['text']; + echo << +

    + $year_posted/$month_posted/$day_posted/$title +

    + $text +
    +END_NOTE; + } + echo ""; + $this->write_navigation(); + $this->display_close(); + } + + private function write_navigation() { + echo ""; + } + +} + + +class note extends cms { + + private $id; + private $comments_enabled = false; + private $failed_captcha; + public $url; + public $title; + public $year_posted; + public $month_posted; + public $day_posted; + public $text; + public $number_of_comments; + + public function __construct() { + $this->scripts = " + + + + + + "; + + if (isset($_GET['comments'])) { + $this->scripts .= " + + "; + } + parent::__construct(); + if (isset($_GET['comments'])) { + $this->comments_enabled = true; + } + $url = htmlspecialchars($_SERVER['REQUEST_URI']); + if (isset($_GET['verify'])) { + $url = substr($url, 0, (strlen($url)-6)); + } + $this->url = $url; + $sql = "SELECT title, date_posted, text, id + FROM notes WHERE url = ?"; + $result = $this->query($sql, "s", + $_GET['note']); + if ($result) { + $entry = $result[0]; + $this->id = $entry["id"]; + $this->title = $entry["title"]; + $date_posted = explode("-", $entry["date_posted"]); + $this->year_posted = $date_posted[0]; + $this->month_posted = $date_posted[1]; + $datetime_posted = explode(' ', $date_posted[2]); + $this->day_posted = $datetime_posted[0]; + $this->text = $entry["text"]; + } else { + throw new notFound(); + } + $sql = "SELECT COUNT(*) FROM comments + WHERE note = $this->id"; + $result = $this->db->query($sql); + $result = $result->fetch_array(); + $this->number_of_comments = $result[0]; + if (isset($_GET['verify'])) { + $this->verify(); + } + } + + public function display() { + $this->display_head(); + $this->display_note(); + if ($this->comments_enabled) { + $this->display_comments(); + $this->display_comment_form(); + } + $this->write_navigation(); + $this->display_close(); + } + + private function verify() { + if (!isset($_POST['captcha'])) { + require_once('includes/recaptchalib.php'); + echo "
    "; + $resp = recaptcha_check_answer ($this->recaptcha_privatekey, + $_SERVER["REMOTE_ADDR"], + $_POST["recaptcha_challenge_field"], + $_POST["recaptcha_response_field"]); + if (!$resp->is_valid) { + $this->failed_captcha = true; + } + } + if (isset($_POST['captcha']) || $resp->is_valid) { + $sql = ("INSERT INTO comments (date_posted, author, + text, note) + VALUES(NOW(), ?, ?, ?)"); + $stmt = $this->db->prepare($sql); + // Checks are needed here (no blank text, + // and a default author needs to be set + // for no-javascript users. + $stmt->bind_param('sss', + htmlspecialchars($_POST['name']), + htmlspecialchars($_POST['text']), + $this->id); + $stmt->execute(); + } + } + + private function display_note() { + echo << +

    $this->year_posted/$this->month_posted/$this->day_posted/$this->title

    + $this->text + +END_OF_NOTE; + } + + private function write_navigation() { + echo <<


    + +END_OF_NAVIGATION; + } + + private function display_comment_link() { + if ($this->number_of_comments > 0) { + $anchor_text = "comments($this->number_of_comments)/"; + } else { + $anchor_text = "comment?"; + } + if (substr($this->url, (strlen($this->url)-1), strlen($this->url)) == '/') { + $url = $this->url . 'comments/'; + } else { + $url = $this->url . '/comments/'; + } + echo "$anchor_text"; + } + + private function display_comments() { + echo "
    "; + $sql= "SELECT date_posted, author, text + FROM comments WHERE note = ? + ORDER BY date_posted DESC"; + $result = $this->query($sql, 'd', $this->id); + foreach ($result as $row => $entry) { + $date_posted = $entry['date_posted']; + $author = $entry['author']; + $text = htmlspecialchars($entry['text']); + $head = "

    $author

    "; + echo << + $head + $text +
    +END_OF_COMMENT; + } + echo ""; + } + + private function display_comment_form() { + $publickey = $this->recaptcha_publickey; + echo << +Recaptcha.create("$publickey", + "recaptcha_div", + { + theme : 'custom', + custom_theme_widget: 'recaptcha_widget', + callback: Recaptcha.focus_response_field + }); + +END_CAPTCHA_STYLE; + require_once('includes/recaptchalib.php'); + $url = $this->url . "verify"; + echo "
    "; + echo << +

    comment:

    + +

    name:

    + + + +
    +
    +

    what's this say?

    +
    +
    +


    +


    + +

    +

    enter the numbers you hear:

    + + another? / + audio? / + image?help? + +
    +END_OF_FORM; + echo recaptcha_get_html($this->recaptcha_publickey); + if ($this->failed_captcha) { + echo << + reCAPTCHA said you're not human,
    + try again? + + + + +END_OF_ERRORS; + } else { + echo << + reCAPTCHA said you're not human,
    + try again? + +
    + but you didn't write anything!
    +
    +END_OF_ERRORS; + } + echo << + + +END_OF_FORM; + } +} + + +class archive extends cms { + + public function __construct() { + parent::__construct(); + } + + private function check_exists() { + $sql = "SELECT COUNT(*) FROM notes + WHERE url = ?"; + $results = $this->query($sql, "s", $_GET['note']); + if ($results[0]["COUNT(*)"] != 1) { + $this->not_found(); + } + } + + public function display() { + $this->display_head(); + switch (true) { + case (isset($_GET['year']) && !isset($_GET['month']) + && !isset($_GET['day'])): + $sql = "SELECT title, url, date_posted, text + FROM notes WHERE YEAR(date_posted) = ? + ORDER BY date_posted DESC"; + $result = $this->query($sql, "d", + $_GET['year']); + break; + case (isset($_GET['year']) && isset($_GET['month']) + && !isset($_GET['day'])): + $sql = "SELECT title, url, date_posted, text + FROM notes WHERE YEAR(date_posted) = ? + AND MONTH(date_posted) = ? + ORDER BY date_posted DESC"; + $result = $this->query($sql, "dd", + $_GET['year'], $_GET['month']); + break; + case (isset($_GET['year']) && isset($_GET['month']) + && isset($_GET['day'])): + $sql = "SELECT title, url, date_posted, text + FROM notes WHERE YEAR(date_posted) = ? + AND MONTH(date_posted) = ? + AND DAY(date_posted) = ? + ORDER BY date_posted DESC"; + $result = $this->query($sql, "ddd", + $_GET['year'], $_GET['month'], + $_GET['day']); + break; + } + if (count($result) >= 1) { + echo "
    "; + foreach ($result as $row => $entry) { + $title = $entry['title']; + $url = '/note/' . $entry['url']; + $date_posted = explode("-", $entry['date_posted']); + $year_posted = $date_posted[0]; + $month_posted = $date_posted[1]; + $datetime_posted = explode(' ', $date_posted[2]); + $day_posted = $datetime_posted[0]; + echo "
    "; + echo "

    "; + echo "$year_posted/$month_posted/$day_posted/"; + echo "$title

    "; + echo $entry['text']; + echo "
    "; + } + echo "
    "; + $this->write_navigation(); + } else { + echo "
    "; + echo "

    sorry, nothing here

    "; + echo "
    Empty set (0.00 sec)
    "; + } + $this->display_close(); + } + + private function write_navigation() { + echo "
    "; + echo ""; + } + +} + + +class rss extends cms { + public function display() { + $result = $this->db->query("SELECT date_posted, title, text, url + FROM notes ORDER BY date_posted DESC + LIMIT 5"); + echo << + + dylanstestserver.com/notes/rss + http://dylanstestserver.com/notes + dylanstestserver.com/notes/rss + +END_OF_ENTRY; + while ($entry = $result->fetch_object()) { + $title = $entry->title; + $date_posted = $entry->date_posted; + $url = "http://dylanstestserver.com/note/" . $entry->url; + $text = $entry->text; + $text = strip_tags($text); + $end_of_first_sentence = strpos($text, '.'); + if ($end_of_first_sentence) { + $end_of_second_sentence = strpos($text, '.', ($end_of_first_sentence + 1)); + if ($end_of_second_sentence) { + $description = substr($text, '0', ($end_of_second_sentence + 1)); + } else { + $description = substr($text, '0', ($end_of_first_sentence + 1)); + } + } + echo << + $title + $url + $url + $description + +END_OF_ENTRY; + } + echo ""; + echo ""; + + } +} + + +class notFound extends Exception { + + public function __construct() { + header('HTTP/1.0 404 Not Found'); + ob_end_clean(); + include('404.php'); + exit(); + } + +} + + +class captcha extends cms { + + public function display() { + $challenge = $_GET['challenge']; + $response = $_GET['response']; + $remoteip = $_SERVER['REMOTE_ADDR']; + $curl = curl_init('http://api-verify.recaptcha.net/verify?'); + curl_setopt ($curl, CURLOPT_POST, 4); + curl_setopt ($curl, CURLOPT_POSTFIELDS, "privatekey=$this->recaptcha_privatekey&remoteip=$remoteip&challenge=$challenge&response=$response"); + $result = curl_exec ($curl); + curl_close ($curl); + } + +} + + +## now actually do something: +switch (cms::determine_type()) { + case 'index': + $index = new index(); + $index->display(); + break; + case 'project': + $project = new project(); + $project->display(); + break; + case 'note': + $note = new note; + $note->display(); + break; + case 'page': + $page = new page; + $page->display(); + break; + case "rss": + $rss = new rss(); + $rss->display(); + case 'archive': + $archive = new archive; + $archive->display(); + break; + case "captcha": + $captcha = new captcha; + $captcha->display(); + break; +} + +?>