аэы

2023-08-12 01:39:17 +03:00 · 2023-08-12 01:39:17 +03:00 · 79a031401a
commit 79a031401a
parent e92f792640
13 changed files with 127 additions and 8 deletions
--- a/README.md
+++ b/README.md
@ -7,6 +7,6 @@ The newest generation imageboard.

 ## Remarks

- `sudo rm -R /etc/nginx/data/testing/E949/api && sudo cp -R api /etc/nginx/data/testing/E949/ && sudo chown -R http:http /etc/nginx/data/testing/E949/api/`
+- `sudo rm -r /usr/share/nginx/html/testing/E949 && sudo cp -R . /usr/share/nginx/html/testing/E949/ && sudo chown -R http:http /usr/share/nginx/html/testing`

 - `#049e59` -> `#094e59`
--- a/TODO.md
+++ b/TODO.md
@ -21,7 +21,7 @@
 		- Роли
 			- Новичок
 				- Может оценивать посты, но не более n в день
-				- Может создавать посты, но не более n в день
+				- Может создавать посты, но не более n в день и только с одобренными тегами
 				- Может удалять свои посты
 				- Может устанавливать себе аватарку
 			- Проверенный
@ -54,8 +54,10 @@
 		- Добавление нового
 		- Редактирование тегов существующего
 		- Удаление
-		- Комментарии
 		- Оценки
 		- Количество запросов картинки
 		- Статистика по всем картинкам
+	- Комментарии
+	- Теги
+		- Перечень одобренных
 	- Шаблонная разметка
--- a/api/_auth.php
+++ b/api/_auth.php
@ -0,0 +1,23 @@
+<?php
+
+require_once("_db.php"); //("api/_db.php");
+
+session_start();
+
+$LOGGED_IN = false;
+
+if (isset($_SESSION["userid"])) {
+	// Check if user still exist
+	$s = $db->prepare("SELECT * FROM users WHERE id = ?");
+	$s->bind_param("s", $_SESSION["userid"]);
+	$s->execute();
+	if (!(bool)$s->get_result()->fetch_assoc()) {
+		session_unset();
+		session_destroy();
+		echo "user id does not exist";
+		die("user id used in session does not exist");
+	}
+	$LOGGED_IN = true;
+}
+
+?>
--- a/api/_config.php
+++ b/api/_config.php
@ -0,0 +1,25 @@
+<?php
+
+$Config = array();
+$Config_FileName = "config.json";
+$Config_PossiblePaths = array(
+	"./" . $Config_FileName,
+	"../" . $Config_FileName,
+	"../../" . $Config_FileName,
+	"../../../" . $Config_FileName,
+	"./api/" . $Config_FileName,
+);
+
+foreach ($Config_PossiblePaths as $path) {
+	if (file_exists($path)) {
+		$content = file_get_contents($path);
+		$Config = json_decode($content, true);
+		break;
+	}
+}
+
+if (!$Config) {
+	die("invalid configuration file");
+}
+
+?>
--- a/api/_db.php
+++ b/api/_db.php
@ -1,3 +1,7 @@
 <?php

+require_once("_config.php"); //("api/_config.php");
+
+$db = new mysqli($Config["db"]["addr"], $Config["db"]["user"], $Config["db"]["pass"], $Config["db"]["name"]);
+
 ?>
--- a/api/_errors.php
+++ b/api/_errors.php
@ -0,0 +1,6 @@
+<?php
+
+// Internal errors
+$Err_Int_JSONEncodeError = "int.jsonencode";
+
+?>
--- a/api/_json.php
+++ b/api/_json.php
@ -0,0 +1,22 @@
+<?php
+
+require_once("_errors.php");
+
+function ReturnJSONData ($arr) {
+	$data = json_encode($arr);
+	if (!$data) {
+		$data = json_encode(array("error" => $Err_Int_JSONEncodeError));
+	}
+	header("Content-Type: application/json; charset=utf-8");
+	echo $data;
+	exit;
+}
+
+function ReturnJSONError ($err, $desc) {
+	ReturnJSONData(array(
+		"error" => $err,
+		"description" => $desc
+	));
+}
+
+?>
--- a/api/user/create.php
+++ b/api/user/create.php
@ -0,0 +1,5 @@
+<?php
+
+// TODO
+
+?>
--- a/api/user/index.php
+++ b/api/user/index.php
@ -0,0 +1,14 @@
+<?php
+
+require_once("../_auth.php");
+require_once("../_json.php");
+
+// TODO
+
+if ($LOGGED_IN) {
+	echo 1;
+} else {
+	echo 2;
+}
+
+?>
--- a/config.json
+++ b/config.json
@ -0,0 +1,8 @@
+{
+	"db": {
+		"addr": "localhost",
+		"name": "e949",
+		"user": "e949",
+		"pass": ""
+	}
+}
--- a/docs/API.md
+++ b/docs/API.md
@ -13,8 +13,12 @@ Files starting from "_" ("_example.php") are intended for internal use only.

 ## Version 1

+- _config.php:                         parses configuration file
 - _db.php:                             connection to database and all related
 - _auth.php:                           things related to authentification
+- _errors.php:                         error strings
+- _json.php:                           wrappers for JSON functions
+
 - stats.php (GET/POST):                all general statistics about this instance

 - admin/ (POST):                       private statistics about this instance
--- a/docs/DB.md
+++ b/docs/DB.md
@ -24,7 +24,7 @@ mysql -u e949 -p
 USE e949;
 CREATE TABLE users (
 	id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY COMMENT 'Unique identifier of user',
-	created_at TIMESTAMP NOT NULL ON UPDATE CURRENT_TIMESTAMP COMMENT 'When account was created',
+	created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'When account was created',
 	login VARCHAR(255) NOT NULL COMMENT 'User login',
 	email VARCHAR(255) NULL COMMENT 'User e-mail address',
 	password_hash BINARY(32) NOT NULL COMMENT 'User password hash',
@ -38,14 +38,14 @@ CREATE TABLE posts (
 	id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY COMMENT 'Unique identifier of post',
 	author_id INT UNSIGNED NOT NULL COMMENT 'Identifier of post author',
 	comment_section_id INT UNSIGNED NULL COMMENT 'Identifier of post comment section',
-	created_at TIMESTAMP NOT NULL ON UPDATE CURRENT_TIMESTAMP COMMENT 'When post was published',
+	created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'When post was published',
 	tags VARCHAR(2048) NOT NULL COMMENT 'Comma-delimited list of post tags',
 	title VARCHAR(8192) NULL COMMENT 'Caption for the post',
 	votes_up INT UNSIGNED NOT NULL DEFAULT 0 COMMENT 'Amount of positive reactions',
 	votes_down INT UNSIGNED NOT NULL DEFAULT 0 COMMENT 'Amount of negative reactions',
 	views INT UNSIGNED NOT NULL DEFAULT 0 COMMENT 'Amount of post views',
 	pic_path VARCHAR(255) NOT NULL COMMENT 'Path or URL of picture',
-	preview_path VARCHAR(255) NULL COMMENT 'Path or URL of preview version of picture'
+	preview_path VARCHAR(255) NULL COMMENT 'Path or URL of preview version of picture',
 	comments_enabled BOOL NOT NULL COMMENT 'If comments are enabled',
 	edit_lock BOOL NOT NULL DEFAULT FALSE COMMENT 'If redaction of post is locked for anyone, except mods and admins'
 );
@ -53,14 +53,14 @@ CREATE TABLE comments (
 	id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY COMMENT 'Unique identifier of comment',
 	author_id INT UNSIGNED NOT NULL COMMENT 'Identifier of comment author',
 	comment_section_id INT UNSIGNED NOT NULL COMMENT 'Identifier of comment section to which the comment belongs',
-	created_at TIMESTAMP NOT NULL ON UPDATE CURRENT_TIMESTAMP COMMENT 'When comment was published',
+	created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'When comment was published',
 	contents VARCHAR(8192) NOT NULL COMMENT 'Text of comment',
 	needs_check BOOL NOT NULL DEFAULT FALSE COMMENT 'If comment needs approval of moderation'
 );
 CREATE TABLE actions (
 	id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY COMMENT 'Unique identifier of action',
 	author_id INT UNSIGNED NULL COMMENT 'ID of user, who performed action',
-	created_at TIMESTAMP NOT NULL ON UPDATE CURRENT_TIMESTAMP COMMENT 'When action was performed',
+	created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT 'When action was performed',
 	category ENUM('acc_mod', 'publ_mod', 'post', 'comment', 'admin', 'other') NOT NULL COMMENT 'Category of performed action: accounts/publications moderation, etc.',
 	description VARCHAR(8192) NOT NULL COMMENT 'Description of action'
 );
--- a/CONFIGURATION.md
+++ b/CONFIGURATION.md
@ -0,0 +1,6 @@
+# Web-server configuration
+
+Restrict access to files:
+
+- Any file from `api` directory with prepended `_`
+- `config.json`