mirror of
https://github.com/Neetpone/ponepaste.git
synced 2025-03-12 14:40:09 +01:00
Much work with regards to the database restructure
This commit is contained in:
Floorb
parent
a5e5d24884
commit
accc28ac75
6 changed files with 74 additions and 76 deletions
|
|
@ -45,8 +45,7 @@ $query->execute([$c_date]);
|
|||
$today_users_count = intval($query->fetch(PDO::FETCH_NUM)[0]);
|
||||
|
||||
/* Number of pastes today */
|
||||
$query = $conn->prepare('SELECT COUNT(*) FROM pastes where s_date = ?');
|
||||
$query->execute([$c_date]);
|
||||
$query = $conn->query('SELECT COUNT(*) FROM pastes where DATE(created_at) = DATE(NOW())');
|
||||
$today_pastes_count = intval($query->fetch(PDO::FETCH_NUM)[0]);
|
||||
|
||||
for ($loop = 0; $loop <= 6; $loop++) {
|
||||
|
|
@ -169,7 +168,7 @@ for ($loop = 0; $loop <= 6; $loop++) {
|
|||
foreach ($res as $row) {
|
||||
$title = Trim($row['title']);
|
||||
$p_id = Trim($row['id']);
|
||||
$p_date = Trim($row['s_date']);
|
||||
$p_date = $row['date']->format('jS F Y h:i:s A');
|
||||
$p_ip = Trim($row['ip']);
|
||||
$p_member = Trim($row['member']);
|
||||
$p_view = Trim($row['views']);
|
||||
|
|
|
|||
|
|
@ -47,6 +47,17 @@ function getSiteTotal_unique_views(PDO $conn) : int {
|
|||
return intval($conn->query('SELECT tvisit FROM page_view ORDER BY id DESC LIMIT 1')->fetch(PDO::FETCH_NUM)[0]);
|
||||
}
|
||||
|
||||
function getCurrentUser(PDO $conn) : array | null {
|
||||
if (empty($_SESSION['username'])) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$query = $conn->prepare('SELECT * FROM users WHERE username = ?');
|
||||
$query->execute($_SESSION['username']);
|
||||
|
||||
return $query->fetch();
|
||||
}
|
||||
|
||||
function updatePageViews(PDO $conn) : void {
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
$date = date('jS F Y');
|
||||
|
|
@ -129,7 +140,6 @@ if (isset($_SESSION['username'])) {
|
|||
$noguests = "off";
|
||||
}
|
||||
|
||||
|
||||
// Prevent a potential LFI (you never know :p)
|
||||
$lang_file = "${default_lang}.php";
|
||||
if (in_array($lang_file, scandir('langs/'))) {
|
||||
|
|
|
|||
|
|
@ -138,8 +138,11 @@ function getRecentreport($conn, $count) {
|
|||
|
||||
|
||||
function getUserRecom($conn, $p_member) {
|
||||
$query = $conn->prepare("SELECT id, member, title, visible
|
||||
FROM pastes where member= ? AND visible = '0'
|
||||
$query = $conn->prepare(
|
||||
"SELECT pastes.id AS id, users.username AS member, title, visible
|
||||
FROM pastes
|
||||
INNER JOIN users ON users.username = ?
|
||||
WHERE visible = '0'
|
||||
ORDER BY id DESC
|
||||
LIMIT 0, 5");
|
||||
$query->execute([$p_member]);
|
||||
|
|
@ -151,7 +154,7 @@ function recentupdate($conn, $count) {
|
|||
"SELECT pastes.id AS id, visible, title, created_at, users.username AS member, tagsys
|
||||
FROM pastes
|
||||
INNER JOIN users ON users.id = pastes.user_id
|
||||
WHERE visible = '0' ORDER BY timeedit DESC
|
||||
WHERE visible = '0' ORDER BY updated_at DESC
|
||||
LIMIT ?");
|
||||
$query->execute([$count]);
|
||||
return $query->fetchAll();
|
||||
|
|
@ -220,7 +223,7 @@ function getRecent($conn, $count) {
|
|||
}
|
||||
|
||||
function getRecentadmin($conn, $count = 5) {
|
||||
$query = $conn->prepare('SELECT id, ip title, date, now_time, s_date, views, member FROM pastes ORDER BY id DESC LIMIT 0, ?');
|
||||
$query = $conn->prepare('SELECT id, ip title, date, now_time, views, member FROM pastes ORDER BY id DESC LIMIT 0, ?');
|
||||
$query->execute([$count]);
|
||||
|
||||
return $query->fetchAll();
|
||||
|
|
@ -261,7 +264,7 @@ LIMIT 0 , ?");
|
|||
|
||||
|
||||
function getUserPastes($conn, $username) {
|
||||
$query = $conn->prepare("SELECT id, title, code, views, s_date, now_time, visible, date, tagsys, member FROM pastes where member=? ORDER by id DESC");
|
||||
$query = $conn->prepare("SELECT id, title, code, views, now_time, visible, date, tagsys, member FROM pastes where member=? ORDER by id DESC");
|
||||
$query->execute([$username]);
|
||||
return $query->fetchAll();
|
||||
}
|
||||
|
|
|
|||
43
index.php
43
index.php
|
|
@ -104,6 +104,8 @@ header('Content-Type: text/html; charset=utf-8');
|
|||
$date = date('jS F Y');
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
|
||||
$current_user = getCurrentUser($conn);
|
||||
|
||||
// Sitemap
|
||||
$site_sitemap_rows = $conn->query('SELECT * FROM sitemap_options LIMIT 1');
|
||||
if ($row = $site_sitemap_rows->fetch()) {
|
||||
|
|
@ -174,7 +176,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||
} else {
|
||||
$p_password = password_hash($p_password, PASSWORD_DEFAULT);
|
||||
}
|
||||
$p_encrypt = Trim(htmlspecialchars($_POST['encrypted']));
|
||||
$p_encrypt = trim(htmlspecialchars($_POST['encrypted']));
|
||||
|
||||
if (empty($p_encrypt)) {
|
||||
$p_encrypt = "0";
|
||||
|
|
@ -184,42 +186,32 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||
$p_content = encrypt($p_content);
|
||||
}
|
||||
|
||||
if (isset($_SESSION['token'])) {
|
||||
$p_member = Trim($_SESSION['username']);
|
||||
} else {
|
||||
$p_member = "Guest";
|
||||
}
|
||||
|
||||
// Set expiry time
|
||||
$expires = calculatePasteExpiry($p_expiry);
|
||||
|
||||
$p_date = date('jS F Y h:i:s A');
|
||||
$date = date('jS F Y');
|
||||
$now_time = mktime(date("H"), date("i"), date("s"), date("n"), date("j"), date("Y"));
|
||||
$timeedit = gmmktime(date("H"), date("i"), date("s"), date("n"), date("j"), date("Y"));
|
||||
|
||||
// Edit existing paste or create new?
|
||||
if ($editing) {
|
||||
if (isset($_SESSION['username'])) {
|
||||
if ($current_user && $current_user['id'] === $paste_id) {
|
||||
$paste_id = intval($_POST['paste_id']);
|
||||
$statement = $conn->prepare(
|
||||
"UPDATE pastes SET title = ?, content = ?, visible = ?, code = ?, expiry = ?, password = ?, encrypt = ?, member = ?, ip = ?, tagsys = ?, now_time = ?, timeedit = ?
|
||||
"UPDATE pastes SET title = ?, content = ?, visible = ?, code = ?, expiry = ?, password = ?, encrypt = ?,ip = ?, tagsys = ?, updated_at = NOW()
|
||||
WHERE id = ?"
|
||||
);
|
||||
|
||||
$statement->execute([
|
||||
$p_title, $p_content, $p_visible, $p_code, $expires, $p_password, $p_encrypt, $p_member, $ip, $p_tagsys, $now_time, $timeedit, $edit_paste_id
|
||||
$p_title, $p_content, $p_visible, $p_code, $expires, $p_password, $p_encrypt, $ip, $p_tagsys, $paste_id
|
||||
]);
|
||||
$success = $paste_id;
|
||||
} else {
|
||||
$error = $lang['loginwarning']; //"You must be logged in to do that."
|
||||
}
|
||||
} else {
|
||||
$paste_owner = $current_user ? $current_user['id'] : null;
|
||||
$statement = $conn->prepare(
|
||||
"INSERT INTO pastes (title, content, visible, code, expiry, password, encrypt, member, date, ip, now_time, views, s_date, tagsys) VALUES
|
||||
(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, '0', ?, ?)"
|
||||
"INSERT INTO pastes (title, content, visible, code, expiry, password, encrypt, user_id, created_at, ip, views, tagsys) VALUES
|
||||
(?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?, 0, ?)"
|
||||
);
|
||||
$statement->execute([$p_title, $p_content, $p_visible, $p_code, $expires, $p_password, $p_encrypt, $p_member, $p_date, $ip, $now_time, $date, $p_tagsys]);
|
||||
$statement->execute([$p_title, $p_content, $p_visible, $p_code, $expires, $p_password, $p_encrypt, $paste_owner, $ip, $p_tagsys]);
|
||||
$paste_id = intval($conn->lastInsertId()); /* returns the last inserted ID as per the query above */
|
||||
if ($p_visible == '0') {
|
||||
addToSitemap($paste_id, $priority, $changefreq, $mod_rewrite);
|
||||
|
|
@ -229,20 +221,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||
|
||||
// Redirect to paste on successful entry, or on successful edit redirect back to edited paste
|
||||
if (isset($success)) {
|
||||
if ($mod_rewrite == '1') {
|
||||
if ($editing) {
|
||||
$paste_url = "$edit_paste_id";
|
||||
} else {
|
||||
$paste_url = "$success";
|
||||
}
|
||||
} else {
|
||||
if ($editing) {
|
||||
$paste_url = "paste.php?id=$edit_paste_id";
|
||||
} else {
|
||||
$paste_url = "paste.php?id=$success";
|
||||
}
|
||||
}
|
||||
|
||||
$paste_url = urlForPaste($success);
|
||||
header("Location: ${paste_url}");
|
||||
die();
|
||||
}
|
||||
|
|
|
|||
45
paste.php
45
paste.php
|
|
@ -37,7 +37,7 @@ $fav_count = intval($query->fetch(PDO::FETCH_NUM)[0]);
|
|||
|
||||
// Get paste info
|
||||
$query = $conn->prepare(
|
||||
'SELECT title, content, visible, code, expiry, pastes.password AS password, created_at, encrypt, views, tagsys, users.username AS member
|
||||
'SELECT title, content, visible, code, expiry, pastes.password AS password, created_at, updated_at, encrypt, views, tagsys, users.username AS member
|
||||
FROM pastes
|
||||
INNER JOIN users ON users.id = pastes.user_id
|
||||
WHERE pastes.id = ?');
|
||||
|
|
@ -47,27 +47,35 @@ $row = $query->fetch();
|
|||
// This is used in the theme files.
|
||||
$totalpastes = getSiteTotalPastes($conn);
|
||||
|
||||
$current_user = getCurrentUser($conn);
|
||||
|
||||
if (!$row) {
|
||||
header('HTTP/1.1 404 Not Found');
|
||||
$notfound = $lang['notfound']; // "Not found";
|
||||
} else {
|
||||
$p_title = $row['title'];
|
||||
$paste_title = $row['title'];
|
||||
$paste_code = $row['code'];
|
||||
|
||||
$paste = [
|
||||
'title' => $paste_title,
|
||||
'created_at' => (new DateTime($row['created_at']))->format('jS F Y h:i:s A'),
|
||||
'updated_at' => (new DateTime($row['updated_at']))->format('jS F Y h:i:s A'),
|
||||
'member' => $row['member'],
|
||||
'tags' => $row['tagsys'],
|
||||
'views' => $row['views'],
|
||||
'code' => $paste_code
|
||||
];
|
||||
$p_content = $row['content'];
|
||||
$p_visible = $row['visible'];
|
||||
$p_code = $row['code'];
|
||||
$p_expiry = Trim($row['expiry']);
|
||||
$p_password = $row['password'];
|
||||
$p_member = $row['member'];
|
||||
$p_encrypt = $row['encrypt'];
|
||||
$p_views = $row['views'];
|
||||
$p_tagsys = $row['tagsys'];
|
||||
|
||||
$mod_date = date("jS F Y h:i:s A", $now_time);
|
||||
|
||||
$p_private_error = '0';
|
||||
if ($p_visible == "2") {
|
||||
if (isset($_SESSION['username'])) {
|
||||
if ($p_member !== trim($_SESSION['username'])) {
|
||||
if ($current_user) {
|
||||
if ($p_member !== $current_user['id']) {
|
||||
$notfound = $lang['privatepaste']; //" This is a private paste.";
|
||||
$p_private_error = '1';
|
||||
goto Not_Valid_Paste;
|
||||
|
|
@ -98,12 +106,12 @@ if (!$row) {
|
|||
// Download the paste
|
||||
if (isset($_GET['download'])) {
|
||||
if ($p_password == "NONE") {
|
||||
doDownload($paste_id, $p_title, $p_member, $op_content, $p_code);
|
||||
doDownload($paste_id, $paste_title, $p_member, $op_content, $paste_code);
|
||||
exit();
|
||||
} else {
|
||||
if (isset($_GET['password'])) {
|
||||
if (password_verify($_GET['password'], $p_password)) {
|
||||
doDownload($paste_id, $p_title, $p_member, $op_content, $p_code);
|
||||
doDownload($paste_id, $paste_title, $p_member, $op_content, $paste_code);
|
||||
exit();
|
||||
} else {
|
||||
$error = $lang['wrongpassword']; // 'Wrong password';
|
||||
|
|
@ -117,12 +125,12 @@ if (!$row) {
|
|||
// Raw view
|
||||
if (isset($_GET['raw'])) {
|
||||
if ($p_password == "NONE") {
|
||||
rawView($paste_id, $p_title, $op_content, $p_code);
|
||||
rawView($paste_id, $paste_title, $op_content, $paste_code);
|
||||
exit();
|
||||
} else {
|
||||
if (isset($_GET['password'])) {
|
||||
if (password_verify($_GET['password'], $p_password)) {
|
||||
rawView($paste_id, $p_title, $op_content, $p_code);
|
||||
rawView($paste_id, $paste_title, $op_content, $paste_code);
|
||||
exit();
|
||||
} else {
|
||||
$error = $lang['wrongpassword']; // 'Wrong password';
|
||||
|
|
@ -151,12 +159,12 @@ if (!$row) {
|
|||
|
||||
// Apply syntax highlight
|
||||
$p_content = htmlspecialchars_decode($p_content);
|
||||
if ($p_code === "pastedown") {
|
||||
if ($paste_code === "pastedown") {
|
||||
$Parsedown = new Parsedown();
|
||||
$Parsedown->setSafeMode(true);
|
||||
$p_content = $Parsedown->text($p_content);
|
||||
} else {
|
||||
$geshi = new GeSHi($p_content, $p_code, 'includes/geshi/');
|
||||
$geshi = new GeSHi($p_content, $paste_code, 'includes/geshi/');
|
||||
|
||||
$geshi->enable_classes();
|
||||
$geshi->set_header_type(GESHI_HEADER_DIV);
|
||||
|
|
@ -177,12 +185,12 @@ if (!$row) {
|
|||
// Embed view after GeSHI is applied so that $p_code is syntax highlighted as it should be.
|
||||
if (isset($_GET['embed'])) {
|
||||
if ($p_password == "NONE") {
|
||||
embedView($paste_id, $p_title, $p_content, $p_code, $title, $baseurl, $ges_style, $lang);
|
||||
embedView($paste_id, $paste_title, $p_content, $paste_code, $title, $baseurl, $ges_style, $lang);
|
||||
exit();
|
||||
} else {
|
||||
if (isset($_GET['password'])) {
|
||||
if (password_verify($_GET['password'], $p_password)) {
|
||||
embedView($paste_id, $p_title, $p_content, $p_code, $title, $p_baseurl, $ges_style, $lang);
|
||||
embedView($paste_id, $paste_title, $p_content, $paste_code, $title, $p_baseurl, $ges_style, $lang);
|
||||
exit();
|
||||
} else {
|
||||
$error = $lang['wrongpassword']; // 'Wrong password';
|
||||
|
|
@ -196,7 +204,6 @@ if (!$row) {
|
|||
|
||||
require_once('theme/' . $default_theme . '/header.php');
|
||||
if ($p_password == "NONE") {
|
||||
|
||||
// No password & diplay the paste
|
||||
|
||||
// Set download URL
|
||||
|
|
@ -262,4 +269,4 @@ if ($p_private_error == '1') {
|
|||
|
||||
// Footer
|
||||
require_once('theme/' . $default_theme . '/footer.php');
|
||||
?>
|
||||
|
||||
|
|
|
|||
|
|
@ -146,9 +146,9 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
|
|||
<div class="columns is-multiline">
|
||||
<div class="column is-4">
|
||||
<span class="tag is-normal"><i class="fa fa-code fa-lg"
|
||||
aria-hidden="true"></i> <?php echo strtoupper($p_code); ?></span>
|
||||
aria-hidden="true"></i> <?php echo strtoupper($paste['code']); ?></span>
|
||||
<span class="tag is-normal"><i class="fa fa-eye fa-lg"
|
||||
aria-hidden="true"></i> <?php echo $p_views; ?></span>
|
||||
aria-hidden="true"></i> <?php echo $paste['views']; ?></span>
|
||||
<span class="tag is-normal"><i class="fa fa-star fa-lg"
|
||||
aria-hidden="true"></i> <?php echo $fav_count; ?></span>
|
||||
<br>
|
||||
|
|
@ -160,7 +160,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
|
|||
<span class="tag is-normal"><i class="fa fa-list-ol fa-lg" aria-hidden="true"></i> <?php echo substr_count($op_content, "\n") + 1; ?></span>
|
||||
</div>
|
||||
<div class="column is-4 has-text-centered">
|
||||
<h1 class="title is-6" style="margin-bottom:0;"><?php echo($p_title); ?></h1>
|
||||
<h1 class="title is-6" style="margin-bottom:0;"><?= $paste['title'] ?></h1>
|
||||
<small class="title is-6 has-text-weight-normal has-text-grey">
|
||||
<?php if ($paste['member'] === NULL): ?>
|
||||
Guest
|
||||
|
|
@ -168,11 +168,11 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
|
|||
By <a href="<?= urlForMember($paste['member']) ?>"><?= $paste['member'] ?></a>
|
||||
<?php endif; ?>
|
||||
<br/>
|
||||
Created: <?php echo $p_date; ?>
|
||||
Created: <?= $paste['created_at'] ?>
|
||||
<br/>
|
||||
<?php if (strcmp($p_date, $mod_date) !== 0) { ?>
|
||||
Modified: <?php echo $mod_date; ?>
|
||||
<?php } ?>
|
||||
<?php if ($paste['updated_at'] != $paste['created_at']): ?>
|
||||
<?= $paste['updated_at'] ?>
|
||||
<?php endif; ?>
|
||||
</small>
|
||||
</div>
|
||||
<div class="column is-4 has-text-right">
|
||||
|
|
@ -185,7 +185,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
|
|||
?>
|
||||
<a class="icon tool-icon" class="flip" onclick="openreport()"><i
|
||||
class="far fa-flag fa-lg has-text-grey" title="Report Paste"></i></a>
|
||||
<?php if ($p_code != "pastedown") { ?>
|
||||
<?php if ($paste['code'] != "pastedown") { ?>
|
||||
<a class="icon tool-icon" href="javascript:togglev();"><i
|
||||
class="fas fa-list-ol fa-lg has-text-grey"
|
||||
title="Toggle Line Numbers"></i></a>
|
||||
|
|
@ -220,7 +220,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
|
|||
<!-- Tag display -->
|
||||
<div class="columns is-desktop is-centered">
|
||||
<?php
|
||||
$tagDisplay = htmlentities($p_tagsys, ENT_QUOTES, 'UTF-8');
|
||||
$tagDisplay = htmlentities($paste['tags'], ENT_QUOTES, 'UTF-8');
|
||||
$tagDisplay = rtrim($tagDisplay);
|
||||
$tagArray = explode(',', $tagDisplay);
|
||||
if (strlen($tagDisplay) > 0) {
|
||||
|
|
@ -238,7 +238,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
|
|||
<?php if (isset($error)) {
|
||||
echo '<p class="help is-danger subtitle is-6">' . $error . '</p>';
|
||||
} else {
|
||||
if ($p_code != "pastedown") {
|
||||
if ($paste['code'] != "pastedown") {
|
||||
echo '
|
||||
<div id="paste" style="line-height:1!important;">' . linkify($p_content) . '</div>';
|
||||
} else {
|
||||
|
|
@ -309,7 +309,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
|
|||
<?php // Show popular GeSHi formats
|
||||
foreach ($geshiformats as $code => $name) {
|
||||
if (in_array($code, $popular_formats)) {
|
||||
$sel = ($p_code == $code) ? 'selected="selected"' : ' ';
|
||||
$sel = ($paste['code'] == $code) ? 'selected="selected"' : ' ';
|
||||
echo '<option ' . $sel . ' value="' . $code . '">' . $name . '</option>';
|
||||
}
|
||||
}
|
||||
|
|
@ -317,7 +317,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
|
|||
// Show all GeSHi formats.
|
||||
foreach ($geshiformats as $code => $name) {
|
||||
if (!in_array($code, $popular_formats)) {
|
||||
$sel = ($p_code == $code) ? 'selected="selected"' : '';
|
||||
$sel = ($paste['code'] == $code) ? 'selected="selected"' : '';
|
||||
echo '<option ' . $sel . ' value="' . $code . '">' . $name . '</option>';
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue