Clean up archive.php a little.

2025-03-12 06:30:07 +01:00 · 2021-07-10 17:36:15 -04:00 · 2021-07-10 17:36:15 -04:00 · a1025a514e
commit a1025a514e
parent a20fff770b
2 changed files with 94 additions and 91 deletions
--- a/archive.php
+++ b/archive.php
@ -14,126 +14,61 @@
 */
 session_start();

+define('IN_PONEPASTE', 1);
+require_once('includes/common.php');
 require_once('config.php');
-require_once('includes/functions.php');

 // UTF-8
 header('Content-Type: text/html; charset=utf-8');

 $date    = date('jS F Y');
-$ip      = $_SERVER['REMOTE_ADDR'];
 $data_ip = file_get_contents('tmp/temp.tdata');
-$conn = new PDO(
-    "mysql:host=$db_host;dbname=$db_schema;charset=utf8",
-    $db_user,
-    $db_pass,
-    $db_opts
-);

-// Get site info
-$site_info_rows = $conn->query('SELECT * FROM site_info');
-while ($row = $site_info_rows->fetch()) {
-    $title				= Trim($row['title']);
-    $des				= Trim($row['des']);
-    $baseurl    		= Trim($row['baseurl']);
-    $keyword			= Trim($row['keyword']);
-    $site_name			= Trim($row['site_name']);
-    $email				= Trim($row['email']);
-    $twit				= Trim($row['twit']);
-    $face				= Trim($row['face']);
-    $gplus				= Trim($row['gplus']);
-    $ga					= Trim($row['ga']);
-    $additional_scripts	= Trim($row['additional_scripts']);
-}
+// Temp count for untagged pastes
+$total_untagged = intval($conn->query("SELECT COUNT(*) from pastes WHERE tagsys IS NULL")->fetch(PDO::FETCH_NUM)[0]);

-
-//Temp count for untagged pastes
-$untagged = $conn->query("SELECT COUNT(id) from pastes WHERE tagsys is null");
-    while ($row = $untagged->fetch()) {
-    $total_untagged = $row['COUNT(id)'];
-}
-
-
-// Set theme and language
-$site_theme_rows = $conn->query('SELECT * FROM interface WHERE id="1"');
-while ($row = $site_theme_rows->fetch()) {
-    $default_lang  = Trim($row['lang']);
-    $default_theme = Trim($row['theme']);
-}
-require_once("langs/$default_lang");
-
-$p_title = $lang['archive']; // "Pastes Archive";
-
-// Check if IP is banned
-if ( is_banned($conn, $ip) ) die($lang['banned']); // "You have been banned from ".$site_name;
-
-// Logout
-if (isset($_GET['logout'])) {
-	header('Location: ' . $_SERVER['HTTP_REFERER']);
-    unset($_SESSION['token']);
-    unset($_SESSION['oauth_uid']);
-    unset($_SESSION['username']);
-    session_destroy();
-}
-
-// Page views 
-$site_view_rows = $conn->query("SELECT @last_id := MAX(id) FROM page_view");
-while ($row = $site_view_rows->fetch()) {
-    $last_id = $row['@last_id := MAX(id)'];
-}
-
-$site_view_last = $conn->query("SELECT * FROM page_view WHERE id = ? ");
-$site_view_last->execute([$last_id]);      
-while ($row = $site_view_last->fetch()) {
-    $last_date = $row['date'];
-}
+// Page views
+$last_page_view = $conn->query('SELECT * FROM page_view ORDER BY id DESC LIMIT 1')->fetch();
+$last_date = $last_page_view['date'];

 if ($last_date == $date) {
    if (str_contains($data_ip, $ip)) {
-        $statement = $conn->prepare("SELECT * FROM page_view WHERE id = ?");
-        $statement->execute([$last_id]);        
-        while ($row = $statement->fetch()) {
-            $last_tpage = Trim($row['tpage']);
-        }
-        $last_tpage = $last_tpage + 1;
-        
+        $last_tpage = intval($last_page_view['tpage']) + 1;
+
        // IP already exists, Update view count
-        $statement = $conn->prepare("UPDATE page_view SET tpage=? WHERE id= ?");
-        $statement->execute([$last_tpage,$last_id]);  
+        $statement = $conn->prepare("UPDATE page_view SET tpage = ? WHERE id = ?");
+        $statement->execute([$last_tpage, $last_page_view['id']]);
    } else {
-        $statement = $conn->prepare("SELECT * FROM page_view WHERE id = ?");
-        $statement->execute([$last_id]);  
-        while ($row = $statement->fetch()) {
-            $last_tpage  = Trim($row['tpage']);
-            $last_tvisit = Trim($row['tvisit']);
-        }
-        $last_tpage  = $last_tpage + 1;
-        $last_tvisit = $last_tvisit + 1;
-      
+        $last_tpage  = intval($last_page_view['tpage']) + 1;
+        $last_tvisit = intval($last_page_view['tvisit']) + 1;
+
        // Update both tpage and tvisit.
-        $statement = $conn->prepare("UPDATE page_view SET tpage=?,tvisit=? WHERE id = ?");
-        $statement->execute([$last_tpage,$last_tvisit,$last_id]); 
+        $statement = $conn->prepare("UPDATE page_view SET tpage = ?,tvisit = ? WHERE id = ?");
+        $statement->execute([$last_tpage, $last_tvisit, $last_page_view['id']]);
        file_put_contents('tmp/temp.tdata', $data_ip . "\r\n" . $ip);
    }
 } else {
    // Delete the file and clear data_ip
    unlink("tmp/temp.tdata");
-    $data_ip = "";
-    
+
    // New date is created
-    $statement = $conn->prepare("INSERT INTO page_view (date,tpage,tvisit) VALUES (?,'1','1')");
-    $statement->execute([$date]); 
+    $statement = $conn->prepare("INSERT INTO page_view (date, tpage, tvisit) VALUES (?, '1', '1')");
+    $statement->execute([$date]);
+
    // Update the IP
-    file_put_contents('tmp/temp.tdata', $data_ip . "\r\n" . $ip);
-    
+    file_put_contents('tmp/temp.tdata', $ip);
 }
+
 // Ads
-$site_ads_rows = $conn->query('SELECT * FROM ads WHERE id="1"');
+$site_ads_rows = $conn->query('SELECT * FROM ads WHERE id = 1');
 while ($row = $site_ads_rows->fetch()) {
    $text_ads = Trim($row['text_ads']);
    $ads_1    = Trim($row['ads_1']);
    $ads_2    = Trim($row['ads_2']);
 }
+
+$p_title = $lang['archive']; // "Pastes Archive";
+
 // Theme
 require_once('theme/' . $default_theme . '/header.php');
 require_once('theme/' . $default_theme . '/archive.php');
--- a/includes/common.php
+++ b/includes/common.php
@ -0,0 +1,68 @@
+<?php
+if (!defined('IN_PONEPASTE')) {
+    die();
+}
+
+require_once('config.php');
+require_once('includes/functions.php');
+
+
+function getSiteInfo($conn) {
+    return $conn->query('SELECT * FROM site_info LIMIT 1')->fetch();
+}
+
+function getSiteLangAndTheme($conn) {
+    return $conn->query('SELECT lang, theme FROM interface LIMIT 1')->fetch();
+}
+
+$conn = new PDO(
+    "mysql:host=$db_host;dbname=$db_schema;charset=utf8",
+    $db_user,
+    $db_pass,
+    $db_opts
+);
+
+// Setup site info
+$row = getSiteInfo($conn);
+$title				= Trim($row['title']);
+$des				= Trim($row['des']);
+$baseurl    		= Trim($row['baseurl']);
+$keyword			= Trim($row['keyword']);
+$site_name			= Trim($row['site_name']);
+$email				= Trim($row['email']);
+$twit				= Trim($row['twit']);
+$face				= Trim($row['face']);
+$gplus				= Trim($row['gplus']);
+$ga					= Trim($row['ga']);
+$additional_scripts	= Trim($row['additional_scripts']);
+
+
+// Setup theme and language
+
+$lang_and_theme = getSiteLangAndTheme($conn);
+
+if ($lang_and_theme) {
+    $default_lang = $lang_and_theme['lang'];
+    $default_theme = $lang_and_theme['theme'];
+} else {
+    $default_lang = 'en.php';
+    $default_theme = 'bulma';
+}
+
+// Prevent a potential LFI (you never know :p)
+if (in_array($default_lang, scandir('langs/'))) {
+    require_once("langs/$default_lang");
+}
+
+// Check if IP is banned
+$ip      = $_SERVER['REMOTE_ADDR'];
+if ( is_banned($conn, $ip) ) die($lang['banned']); // "You have been banned from ".$site_name;
+
+// Logout
+if (isset($_GET['logout'])) {
+    header('Location: ' . $_SERVER['HTTP_REFERER']);
+    unset($_SESSION['token']);
+    unset($_SESSION['oauth_uid']);
+    unset($_SESSION['username']);
+    session_destroy();
+}