Cyclone-Team/e949
2
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Регистрация

Browse Source 
Фронт (стили+страница), полировка стр. логина, микроправки и микрооптимизации
This commit is contained in:
Shr3dd3r 2024-01-15 04:58:29 +03:00
parent 4e1c36d670
commit c48f837738
11 changed files with 161 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
api/_auth.php
View File

@ -34,7 +34,7 @@ $THIS_USER = null; // ID of logged in user
if (session_status() === PHP_SESSION_ACTIVE && isset($_SESSION["userid"])) { // If there are active session if (session_status() === PHP_SESSION_ACTIVE && isset($_SESSION["userid"])) { // If there are active session
// Check if user still exist // Check if user still exist
$s = $db->prepare("SELECT * FROM users WHERE id = ?"); $s = $db->prepare("SELECT id FROM users WHERE id = ?");
$s->bind_param("s", $_SESSION["userid"]); $s->bind_param("s", $_SESSION["userid"]);
$s->execute(); $s->execute();
if (!(bool)$s->get_result()->fetch_assoc()) { // If not, then destroy session if (!(bool)$s->get_result()->fetch_assoc()) { // If not, then destroy session
@ -47,6 +47,7 @@ if (session_status() === PHP_SESSION_ACTIVE && isset($_SESSION["userid"])) { //
die("ERROR: please enable sessions in php config"); die("ERROR: please enable sessions in php config");
} }
// HACK
if ($Config["debug"] && isset($_REQUEST["debug"])) { // If there are not any session and debug mode is on if ($Config["debug"] && isset($_REQUEST["debug"])) { // If there are not any session and debug mode is on
// ATTENTION: FOR DEBUG PURPOSES ONLY! // ATTENTION: FOR DEBUG PURPOSES ONLY!
if ($_REQUEST["debug"] == "drop") { if ($_REQUEST["debug"] == "drop") {

10
api/user/create.php
View File

@ -63,7 +63,7 @@ function User_Create_Method (array $req): ReturnT {
// Input sanity checks // Input sanity checks
// If registration turned off // If registration is turned off
if (!$Config["registration"]["active"]) if (!$Config["registration"]["active"])
return new ReturnT(err_code: E_AUT_REGCLOSED); return new ReturnT(err_code: E_AUT_REGCLOSED);
@ -77,8 +77,8 @@ function User_Create_Method (array $req): ReturnT {
$password = $req["password"]; $password = $req["password"];
// If password is too weak // If password is too weak
if (strlen($password) < 8) if (strlen($password) < $Config["registration"]["min_passw_len"])
return new ReturnT(err_code: E_AUT_PWD2WEAK); return new ReturnT(err_code: E_AUT_PWD2WEAK, err_desc: "password must contain at least " . strval($Config["registration"]["min_passw_len"]) . " characters");
// If we need email but it isnt supplied // If we need email but it isnt supplied
if ($Config["registration"]["need_email"] && !isset($req["email"])) { if ($Config["registration"]["need_email"] && !isset($req["email"])) {
@ -95,13 +95,13 @@ function User_Create_Method (array $req): ReturnT {
} elseif (isset($req["invite_id"])) { } elseif (isset($req["invite_id"])) {
// TODO: check invite and reject if it invalid // TODO: check invite and reject if it invalid
//$invite_id = $req["invite_id"]; //$invite_id = $req["invite_id"];
return new ReturnT(err_code: E_UNS_NOTIMPL, err_desc: "invitations are not implemented"); return new ReturnT(err_code: E_UNS_NOTIMPL, err_desc: "invitations are not implemented yet");
} }
// Check login and password for pattern match // Check login and password for pattern match
$preg_str = "/[^" . $Config["registration"]["allowed_syms"] . "]/"; $preg_str = "/[^" . $Config["registration"]["allowed_syms"] . "]/";
if (preg_match($preg_str, $login) || preg_match($preg_str, $password)) if (preg_match($preg_str, $login) || preg_match($preg_str, $password))
return new ReturnT(err_code: E_UIN_BADARGS, err_desc: "only allowed symbols are: " . $Config["registration"]["allowed_syms"]); return new ReturnT(err_code: E_UIN_BADARGS, err_desc: "only allowed symbols in login and password are: " . $Config["registration"]["allowed_syms"]);
// Check if login already exists // Check if login already exists
if (User_LoginExist($login)) if (User_LoginExist($login))

2
api/user/login.php
View File

@ -43,7 +43,7 @@ function User_Login_Method (array $req): ReturnT {
return new ReturnT(err_code: E_AUT_WRONGCREDS, err_desc: "you must supply both login and password"); return new ReturnT(err_code: E_AUT_WRONGCREDS, err_desc: "you must supply both login and password");
// Checking if password is correct // Checking if password is correct
$s = $db->prepare("SELECT * FROM users WHERE login = ?"); $s = $db->prepare("SELECT id,password_hash,salt FROM users WHERE login = ?");
$s->bind_param("s", $login); $s->bind_param("s", $login);
$s->execute(); $s->execute();
$d = $s->get_result()->fetch_assoc(); $d = $s->get_result()->fetch_assoc();

3
config.json
View File

@ -10,7 +10,8 @@
"active": true, "active": true,
"need_email": false, "need_email": false,
"need_invite": false, "need_invite": false,
"allowed_syms": "a-zA-Z0-9_=+-" "allowed_syms": "a-zA-Z0-9_=+-",
"min_passw_len": 8
}, },
"accounts": { "accounts": {
"external_avatars": false "external_avatars": false

3
front/notifications.php
View File

@ -15,6 +15,9 @@ function NTFY_AddNotice (string $text, string $type = "fail") {
case "fail": case "fail":
$NTFY_NoticesStack[] = "<div class=\"notification_fail\"><p>$text</p></div>"; $NTFY_NoticesStack[] = "<div class=\"notification_fail\"><p>$text</p></div>";
break; break;
case "success":
$NTFY_NoticesStack[] = "<div class=\"notification_success\"><p>$text</p></div>";
break;
default: default:
die("invalid notification type: $type"); die("invalid notification type: $type");
} }

14
front/pages/login/page.php
View File

@ -9,14 +9,20 @@ require_once("front/notifications.php");
// Redirecting to main page if already logged in
if ($LOGGED_IN) {
header("Location: .");
exit();
}
// If there is attempt to login in // If there is attempt to login in
if (isset($_POST["login"]) || isset($_POST["password"])) { if (isset($_POST["login"]) || isset($_POST["password"])) {
$result = User_Login_Method($_POST); $result = User_Login_Method($_POST);
if ($result->IsError()) { if ($result->IsError()) { // Something happened
NTFY_AddNotice("Failed to log into account! Check your credentials and try again.<br>" . $result->GetError()); NTFY_AddNotice("Failed to log into account! Check your credentials and try again.<br>" . $result->GetError());
} else { } else { // All OK
header("Location: index.php"); header("Location: .");
exit(); exit();
} }
} }
@ -31,7 +37,7 @@ NTFY_EchoAllNotices();
<form class="login" action="./?do=login" accept-charset="UTF-8" method="post"> <form class="login" action="./?do=login" accept-charset="UTF-8" method="post">
<div> <div>
<label for="login">Username</label><br> <label for="login">Username</label><br>
<input type="text" name="login" id="login"> <input type="text" name="login" id="login" <?php if (isset($_POST["login"])) { echo "value=\"" . $_POST["login"] . "\""; } ?>>
</div> </div>
<div> <div>
<label for="password">Password</label><br> <label for="password">Password</label><br>

21
front/pages/main_nav.php
View File

@ -4,21 +4,28 @@
$MARKUP_CURRENT_PAGE = "class=\"current\""; $MARKUP_CURRENT_PAGE = "class=\"current\"";
$MARKUP_CURRENT_PAGE_LOGIN = ""; $MARKUP_CURRENT_PAGE_LOGIN = "";
$MARKUP_CURRENT_PAGE_REGISTER = "";
if ($WHAT_PAGE_IS_CURRENT["login"]) if ($WHAT_PAGE_IS_CURRENT["login"])
$MARKUP_CURRENT_PAGE_LOGIN = $MARKUP_CURRENT_PAGE; $MARKUP_CURRENT_PAGE_LOGIN = $MARKUP_CURRENT_PAGE;
if ($WHAT_PAGE_IS_CURRENT["register"])
$MARKUP_CURRENT_PAGE_REGISTER = $MARKUP_CURRENT_PAGE;
?> ?>
<nav class="main"> <nav class="main">
<ul> <ul>
<li>
<p><a title="Main site page" href="./?do=main">Index</p></a>
</li>
<span>|</span>
<li <?php echo $MARKUP_CURRENT_PAGE_LOGIN; ?>> <li <?php echo $MARKUP_CURRENT_PAGE_LOGIN; ?>>
<p><a title="Login in existing account" href="./?do=login">Login</p></a> <p><a title="Login in existing account" href="./?do=login">Login</p></a>
</li> </li>
<span>|</span> <span>|</span>
<li> <li <?php echo $MARKUP_CURRENT_PAGE_REGISTER; ?>>
<p><a title="Create new account" href="./?do=register">Register</p></a> <p><a title="Create new account" href="./?do=register">Register</p></a>
</li> </li>
<span>|</span> <span>|</span>
@ -38,14 +45,6 @@ if ($WHAT_PAGE_IS_CURRENT["login"])
<p><a title="Contacts" href="./?do=show_contacts">Contacts</p></a> <p><a title="Contacts" href="./?do=show_contacts">Contacts</p></a>
</li> </li>
<span>|</span> <span>|</span>
<li>
<p><a title="Terms of service" href="./?do=show_tos">ToS</p></a>
</li>
<span>|</span>
<li>
<p><a title="Privacy policy" href="./?do=there_are_my_data">Privacy</p></a>
</li>
<span>|</span>
<li> <li>
<p><a title="A site map" href="./?do=view_sitemap">Site map</p></a> <p><a title="A site map" href="./?do=view_sitemap">Site map</p></a>
</li> </li>

99
front/pages/register/page.php Normal file
View File

@ -0,0 +1,99 @@
<?php
// Registration page
// Includes
require_once("api/_config.php");
require_once("api/user/create.php");
require_once("front/pages/main_nav.php");
require_once("front/notifications.php");
$REGISTRATION_IS_OPEN = $Config["registration"]["active"];
// Redirecting to main page if already logged in
if ($LOGGED_IN) {
header("Location: .");
exit();
}
// If there is attempt to register
if ((isset($_POST["login"]) || isset($_POST["password"])) && $REGISTRATION_IS_OPEN) {
// If ToS arent accepted
if ($_POST["tos_check"] !== "tos_check") {
NTFY_AddNotice("You MUST accept Terms of Service!", "fail");
} else { // Ok, noice
if ($_POST["password"] === $_POST["password2"]) {
$result = User_Create_Method($_POST);
if ($result->IsError()) { // Something happened
NTFY_AddNotice("Failed to create account! Reason:<br>" . $result->GetError(), "fail");
} else { // All OK
NTFY_AddNotice("Account registered! You can log in <a href=\"./?do=login\">here</a>", "success");
}
} else {
NTFY_AddNotice("Password mismatch! Check and try again", "fail");
}
}
}
NTFY_EchoAllNotices();
?>
<div class="visualbox">
<h1>Register</h1>
<?php
if ($REGISTRATION_IS_OPEN) {
?>
<form class="login" action="./?do=register" accept-charset="UTF-8" method="post">
<div>
<label for="login">Your desired username:</label><br>
<input type="text" name="login" id="login" spellcheck="false" <?php if (isset($_POST["login"])) { echo "value=\"" . $_POST["login"] . "\""; } ?>>
</div>
<div>
<label for="password">Password:</label><br>
<input type="password" name="password" id="password"><br>
<label for="password2">Repeat password:</label><br>
<input type="password" name="password2" id="password2">
</div>
<?php
if ($Config["registration"]["need_email"]) { // TODO: move description to ToS
?>
<div>
<label for="email">E-Mail address <span style="font-size: 50%;">(we will send you penis enlargement ads)</span>:</label><br>
<input type="text" name="email" id="email" inputmode="email" <?php if (isset($_POST["email"])) { echo "value=\"" . $_POST["email"] . "\""; } ?>>
</div>
<?php
}
if ($Config["registration"]["need_invite"]) {
?>
<div>
<label for="invite_id">Invite code:</label><br>
<input type="text" name="invite_id" id="invite_id" spellcheck="false" <?php if (isset($_POST["invite_id"])) { echo "value=\"" . $_POST["invite_id"] . "\""; } ?>>
</div>
<?php
}
?>
<div>
<input type="checkbox" name="tos_check" id="tos_check" value="tos_check">
<label for="tos_check">I've read and accept your boring Terms of Service</label>
</div>
<div>
<input type="submit" value="Submit">
</div>
</form>
<div class="loginmisc">
<p>Already have an account? <a href="./?do=login">Login here</a></p>
</div>
<?php
} else {
echo "<h2 style=\"color: red;\">Registrations are closed!</h2>";
}
?>
</div>

15
front/styles/base.css
View File

@ -60,6 +60,10 @@ div.visualbox {
backdrop-filter: blur(6px); backdrop-filter: blur(6px);
} }
/* Notifications */
div.notification_fail { div.notification_fail {
margin: 10px; margin: 10px;
padding: 10px; padding: 10px;
@ -73,6 +77,16 @@ div.notification_fail p {
color: red; color: red;
} }
div.notification_success {
margin: 10px;
padding: 10px;
border-radius: 5px;
box-shadow: 0 0 5px green;
text-shadow: 0 0 2px black, 0 0 6px black;
backdrop-filter: blur(6px);
background-color: #0f03;
}
/* Input */ /* Input */
@ -124,5 +138,4 @@ input[type=submit]:focus {
/* Checkbox */ /* Checkbox */
input[type=checkbox] { input[type=checkbox] {
cursor: pointer; cursor: pointer;
background-color: red;
} }

8
front/styles/main.css
View File

@ -36,8 +36,8 @@ nav.main ul {
nav.main ul li { nav.main ul li {
display: inline-block; display: inline-block;
margin-left: 1.75vw; margin-left: 2.5vw;
margin-right: 1.75vw; margin-right: 2.5vw;
} }
nav.main ul li a { nav.main ul li a {
@ -72,6 +72,10 @@ form.login a {
font-size: 80%; font-size: 80%;
} }
form.login label[for="tos_check"] {
cursor: pointer;
}
div.loginmisc { div.loginmisc {
margin-top: 4px; margin-top: 4px;
margin-bottom: 4px; margin-bottom: 4px;

10
index.php
View File

@ -26,11 +26,19 @@ else
$WHAT_PAGE_IS_CURRENT = array( $WHAT_PAGE_IS_CURRENT = array(
"main" => false, "main" => false,
"login" => false "login" => false,
"register" => false
); );
// Picking current page // Picking current page
switch ($PICKED_PAGE) { switch ($PICKED_PAGE) {
// Registration page
case "register":
$WHAT_PAGE_IS_CURRENT["register"] = true;
$PAGE_TITLE = "Register";
$PAGE_STYLE = "front/styles/main.css";
$PAGE_FILE = "front/pages/register/page.php";
break;
// Login page // Login page
case "login": case "login":
$WHAT_PAGE_IS_CURRENT["login"] = true; $WHAT_PAGE_IS_CURRENT["login"] = true;