From: xf0r3m <jakubstasinski@protonmail.com>
Date: Mon, 22 Jul 2024 12:42:47 +0000 (+0200)
Subject: Synchronizacja public -> priv
X-Git-Url: https://gitweb.morketsmerke.org/?a=commitdiff_plain;h=24516c6d29fe03eb7440850be074495cc524e5dc;p=sc.git

Synchronizacja public -> priv
---

24516c6d29fe03eb7440850be074495cc524e5dc
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..d21b721
--- /dev/null
+++ b/README.md
@@ -0,0 +1,5 @@
+# SC - SiteCatalogue
+
+2.0
+
+Wymagania: LAMP Stack + jakieś dobre hasło do bazy.
diff --git a/db_conf.php b/db_conf.php
new file mode 100644
index 0000000..0955910
--- /dev/null
+++ b/db_conf.php
@@ -0,0 +1,20 @@
+<?php
+  $db = 'sc';
+  $db_user = 'sc';
+  $db_passwd = '';
+  $db_host = 'localhost';
+
+  $connection = mysqli_connect($db_host, $db_user, $db_passwd, $db);
+
+  if ( ! $connection ) {
+    echo "<script>console.log('Połaczenie nie powiodło się');
+          console.log(\"Nr błędu: " . mysqli_connect_errno() . "\");
+          console.log(\"Błąd: " . mysqli_connect_error() . "\");</script>";
+    exit;
+  } else {
+    if ( ! isset($_SERVER["SHELL"]) ) {
+      echo "<script>console.log('Połączenie powiodło się!');</script>";
+    }
+  }
+
+?>
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..2f68564
--- /dev/null
+++ b/index.php
@@ -0,0 +1,192 @@
+<?php
+  include('library.php');
+  include('db_conf.php');
+?>
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>Site Catalogue - morketsmerke.org</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous">
+    <link href="style.css" type="text/css" rel="stylesheet">
+  </head>
+  <body>
+    <nav class="navbar navbar-expand-lg navbar-light bg-light">
+  <div class="container-fluid">
+    <a class="navbar-brand" href="index.php">sc</a>
+    <div class="collapse navbar-collapse" id="navbarSupportedContent">
+      <ul class="navbar-nav me-auto mb-2 mb-lg-0">
+        <li class="nav-item">
+          <?php
+            if ( session_status() != 2 ) { session_start(); }
+            if ( ! empty($_SESSION['username']) ) {
+              echo "<a class=\"nav-link\" href=\"?a=logout\">Wyloguj się</a>";
+            } else {
+              echo "<a class=\"nav-link\" href=\"?a=login\">Zaloguj się</a>";
+            }
+          ?>
+        </li>
+      </ul>
+    </div>
+  </div>
+</nav>
+    <div id="main" class="container-lg">
+      <?php
+        if ( ! empty($_GET['a']) ) {
+          if ( $_GET['a'] == 'login' ) { include('login.php'); }
+          if ( $_GET['a'] == 'logout' ) { include('logout.php'); }
+        } else {
+      ?>
+      <div id="categories" class="container-sm">
+        <div class="card">
+          <div class="card-header">
+            Kategorie: 
+          </div>
+          <ul class="list-group list-group-flush">
+            <?php
+              # Usunięcie kategorii, a wraz znią przypisanych do niej site-ów
+              if ( isset($_POST['cateid']) ) {
+                $tableName = "sites";
+                $whereValue = "cateId = " . mysqli_real_escape_string($connection, $_POST['cateid']) . ";";
+                $result = dbDel($connection, $tableName, $whereValue);
+                
+                $tableName = "categories";
+                $whereValue = "id = " . mysqli_real_escape_string($connection, $_POST['cateid']) . ";";
+                $result = dbDel($connection, $tableName, $whereValue); 
+              }
+              # Dodanie kategorii
+              if ( isset($_POST['newcategory']) ) {
+                $tableName = "categories";
+                $columnScheme = "name";
+                $setValues = "'" . mysqli_real_escape_string($connection, $_POST['newcategory']) . "'";
+                $result = dbAdd($connection, $tableName, $columnScheme, $setValues);
+              }
+
+              # Wyświetlenie kategorii
+              $tableName = "categories";
+              $columnScheme = "id, name";
+              $whereValue = "1=1;";
+              $result = dbQuery($connection, $tableName, $columnScheme, $whereValue);
+              if ( ! is_null($result) ) {
+                while ( $row = mysqli_fetch_row($result) ) {
+                  if ( session_status() != 2 ) { session_start(); }
+                  if ( ! empty($_SESSION['username']) ) {
+                  echo "<li class=\"list-group-item\">
+                  <form class=\"delForms\" action=\"index.php\" method=\"post\">
+                  <input type=\"hidden\" name=\"cateid\" value=\"" . $row[0] . "\">
+                  <button type=\"submit\" class=\"btn btn-danger deleteButton\" title=\"Usuń\">&times;</button>
+                  </form>
+                  <a href=\"?cate=" . $row[0] . "\">" . $row[1] . "</a></li>";
+                  } else {
+                    echo "<li class=\"list-group-item\">
+                    <a href=\"?cate=" . $row[0] . "\">" . $row[1] . "</a></li>";
+                  }
+                }
+              } 
+              if ( session_status() != 2 ) { session_start(); }
+              if ( ! empty($_SESSION['username']) ) {
+            ?>
+                <li class="list-group-item">
+                  <form class="row g-2" action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
+                    <div class="col-auto">
+                      <input type="text" class="form-control" name="newcategory" placeholder="Nowa kategoria">
+                    </div>
+                    <div class="col-auto">
+                      <button type="submit" class="btn btn-primary">Dodaj</button>
+                    </div>
+                  </form>   
+                </li>
+            <?php
+              }
+            ?>
+          </ul>
+        </div>
+        <!-- <h1>Categories</h1> -->
+      </div>
+      <div id="catalogue" class="container-md">
+        <div class="card">
+          <div class="card-header">
+            <?php
+              if ( ! isset($_GET['cate']) ) { $cate = 1; }
+              else { $cate = $_GET['cate']; }
+                $tableName = "categories";
+                $columnScheme = "name";
+                $whereValue = "id = " . $cate . ";";
+                $result = dbQuery($connection, $tableName, $columnScheme, $whereValue);
+                if ( ! is_null($result) ) {
+                  $categoryName = getFieldValue($result);
+                  echo $categoryName . ": ";
+                } 
+            ?>
+          </div>
+          <ul class="list-group list-group-flush">
+            <?php
+              #Usunięcie strony
+              if ( isset($_POST['siteId']) ) {
+                $tableName = "sites";
+                $whereValue = "id = " . mysqli_real_escape_string($connection, $_POST['siteId']) . ";";
+                $result = dbDel($connection, $tableName, $whereValue);
+              }
+
+              #Dodanie strony
+              if ( isset($_POST['siteName']) ) {
+                $tableName = "sites";
+                $columnScheme = "cateId, name, href";
+                $setValues = mysqli_real_escape_string($connection, $_POST['siteCategoryId']) . ",'" . mysqli_real_escape_string($connection, $_POST['siteName']) . "','" . mysqli_real_escape_string($connection, $_POST['siteHref']) . "'";
+                $result = dbAdd($connection, $tableName, $columnScheme, $setValues);
+              }
+
+              #Wyświetlenie stron
+              $tableName = "sites";
+              $columnScheme = "id, name, href";
+              $whereValue = "cateId = " . $cate . ";";
+              $result = dbQuery($connection, $tableName, $columnScheme, $whereValue);
+              if ( ! is_null($result) ) {
+                while( $row = mysqli_fetch_row($result) ) {
+                  if ( session_status() != 2 ) { session_start(); }
+                  if ( ! empty($_SESSION['username']) ) {
+                  echo "<li class=\"list-group-item\">
+                  <form class=\"delForms\" action=\"" . $_SERVER['REQUEST_URI'] . "\" method=\"post\">
+                  <input type=\"hidden\" name=\"siteId\" value=\"" . $row[0] . "\">
+                  <button type=\"submit\" class=\"btn btn-danger deleteButton\" title=\"Usuń\">&times;</button>
+                  </form>
+                  <a href=\"" . $row[2] . "\">". $row[1] . "</a></li>";
+                  } else {
+                    echo "<li class=\"list-group-item\">
+                    <a href=\"" . $row[2] . "\">" . $row[1] . "</a></li>";
+                  }
+                }
+              }
+              if ( session_status() != 2 ) { session_start(); }
+              if ( ! empty($_SESSION['username']) ) {
+            ?>
+                <li class="list-group-item">
+                 <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post">
+                  <input type="hidden" name="siteCategoryId" value="<?php echo $cate ?>">
+                  <div class="mb-2 inputs">
+                    <label for="siteName" class="form-label">Nazwa/opis strony:</label>
+                    <input type="text" class="form-control" name="siteName">
+                  </div>
+                  <div class="mb-3 inputs">
+                    <label for="siteHref" class="form-label">Adres strony</label>
+                    <input type="text" class="form-control" name="siteHref">
+                  </div>
+                  <button type="submit" class="btn btn-primary buttons">Zapisz</button>
+                 </form>
+                </li>
+            <?php
+              }
+            ?>
+
+          </ul>
+        </div>
+      </div>
+      <?php
+        }
+      ?>
+    </div>
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz" crossorigin="anonymous"></script>
+  </body>
+</html>
+
diff --git a/install.sql b/install.sql
new file mode 100644
index 0000000..fd424be
--- /dev/null
+++ b/install.sql
@@ -0,0 +1,27 @@
+CREATE USER 'sc'@'localhost' IDENTIFIED BY '';
+CREATE DATABASE sc;
+GRANT ALL ON sc.* TO 'sc'@'localhost';
+
+USE sc;
+
+CREATE TABLE users (
+  id int AUTO_INCREMENT PRIMARY KEY,
+  username varchar(30),
+  hash text
+);
+
+CREATE TABLE categories (
+  id int AUTO_INCREMENT PRIMARY KEY,
+  name text
+);
+
+CREATE TABLE sites (
+  id int AUTO_INCREMENT PRIMARY KEY,
+  cateId int,
+  name text,
+  href text,
+  FOREIGN KEY (cateId) REFERENCES categories(id)
+);
+
+INSERT INTO users (username, hash) VALUES ('', "");
+INSERT INTO categories (name) VALUES ("Bez kategorii");
diff --git a/library.php b/library.php
new file mode 100644
index 0000000..893266a
--- /dev/null
+++ b/library.php
@@ -0,0 +1,67 @@
+<?php
+
+function mysqliResult($connection, $result) {
+  if ( ($result === true) || (mysqli_num_rows($result) > 0) ) {
+    if ( ! isset($_SERVER["SHELL"]) ) {
+      echo "<script>console.log('Zapytanie powiodło się.')</script>";
+    }
+    return true;
+  } else {
+    echo "<script>console.log('Zapytanie nie powiodło się: " . mysqli_error($connection) . "');</script>";
+    return false;
+  }
+}
+
+function dbQuery($connection, $tableName, $columnScheme, $whereValue, $debug=0) {
+  $query = "SELECT " . $columnScheme . " FROM " . $tableName . " WHERE " . $whereValue;
+  if ( $debug == 1 ) { var_dump($query); }
+  $result = mysqli_query($connection, $query);
+ 
+  if ( mysqliResult($connection, $result) ) {
+    return $result;
+  } else {
+    echo "<script>console.log('Pobranie danych z bazy jest niemożliwe');</script>";
+  }
+
+}
+
+function getFieldValue($result) {
+  $row = mysqli_fetch_row($result);
+  return $row[0];
+}
+
+function dbUpdate($connection, $tableName, $setValue, $whereValue) {
+  $query = "UPDATE " . $tableName . " SET " . $setValue . " WHERE " . $whereValue;
+  $result = mysqli_query($connection, $query);
+ 
+  if ( mysqliResult($connection, $result) ) {
+    return $result;
+  } else {
+    echo "<script>console.log('Zmiana danych w bazie jest niemożliwa');</script>";
+  }
+
+}
+
+function dbAdd($connection, $tableName, $columnScheme, $setValues) {
+  $query = "INSERT INTO " . $tableName . " (" . $columnScheme . ") VALUES (" . $setValues . ");";
+  $result = mysqli_query($connection, $query);
+
+  if ( mysqliResult($connection, $result) ) {
+    return $result;
+  } else {
+    echo "<script>console.log('Dodanie danych do bazy jest niemożliwa');</script>";
+  }
+}
+
+function dbDel($connection, $tableName, $whereValue) {
+  $query = "DELETE FROM " . $tableName . " WHERE " . $whereValue;
+  $result = mysqli_query($connection, $query);
+
+  if ( mysqliResult($connection, $result) ) {
+    return $result;
+  } else {
+    echo "<script>console.log('Usunięcie danych z bazy jest niemożliwa');</script>";
+  }
+}
+
+?>
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..c791d00
--- /dev/null
+++ b/login.php
@@ -0,0 +1,50 @@
+<?php
+
+  if ( ! empty($_POST) ) {
+    $tableName = "users";
+    $columnScheme = "hash";
+    $whereValue = "username = '" . mysqli_real_escape_string($connection, $_POST['user']) . "';";
+    $result = dbQuery($connection, $tableName, $columnScheme, $whereValue);
+    if ( ! is_null($result) ) {
+      $passHash = getFieldValue($result);
+    }
+    if ( isset($passHash) ) {
+      if ( password_verify($_POST['pass'], $passHash) ) {
+          session_start();
+          $_SESSION['username'] = $_POST['user'];
+          header("Location: index.php");
+      } else {
+        header("Location: index.php?a=login&result=1");
+      }
+    } else {
+      header("Location: index.php?a=login&result=1");
+    }
+  } else {
+?>
+    <?php
+      if ( isset($_GET['result']) ) {
+      ?>
+        <div class="alert alert-danger" role="alert">
+          Niepoprawna nazwa użytkownika lub hasło.
+        </div>
+      <?php
+      }
+    ?>
+    <div id="loginForm" class="card">
+      <div class="card-header">Logowanie: </div>
+      <form action="?a=login" method="post">
+        <div class="mb-2 inputs">
+          <label for="inputUsername" class="form-label">Nazwa użytkownika: </label>
+          <input type="text" class="form-control" name="user">
+        </div>
+        <div class="mb-3 inputs">
+          <label for="inputPassword" class="form-label">Hasło: </label>
+          <input type="password" class="form-control" name="pass">
+        </div>
+        <button type="submit" class="btn btn-primary buttons">Zaloguj się</button>
+      </form>
+    </div>
+<?php 
+  }
+
+?>
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..172eb7c
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,6 @@
+<?php
+  if ( session_status() != 2 ) { session_start(); }
+  unset($_SESSION["username"]);
+  session_destroy();
+  header("Location: index.php");
+?>
diff --git a/newcategory.php b/newcategory.php
new file mode 100644
index 0000000..fb24706
--- /dev/null
+++ b/newcategory.php
@@ -0,0 +1,8 @@
+<?php
+  if ( isset($_POST['newcategory']) ) {
+    $tableName = "categories";
+    $columnScheme = "name";
+    $setValues = "'" . mysqli_real_escape_string($connection, $_POST['newcategory']) . "'";
+    $result = dbAdd($connection, $tableName, $columnScheme, $setValues);
+  }
+?>
diff --git a/passwd.php b/passwd.php
new file mode 100644
index 0000000..855e8a5
--- /dev/null
+++ b/passwd.php
@@ -0,0 +1,10 @@
+
+<form action="passwd.php" method="post">
+	Password: <input type="password" name="pass" />
+	<input type="submit" value="Get pass hash" />
+</form>
+<?php
+  if (isset($_POST["pass"])) {
+    echo "<h2>" . password_hash($_POST["pass"], PASSWORD_DEFAULT) . "</h2>";
+  }
+?>
diff --git a/style.css b/style.css
new file mode 100644
index 0000000..daa7f3f
--- /dev/null
+++ b/style.css
@@ -0,0 +1,39 @@
+#categories {
+  width: 30%;
+  float: left;
+}
+
+#catalogue {
+  width: 68%;
+  float: left;
+}
+
+#main {
+  margin-top: 1%;
+}
+
+#loginForm {
+  width: 50%;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+.inputs {
+  padding-left: 5px;
+  padding-right: 5px;
+  padding-top: 5px;
+}
+
+.buttons {
+  margin-left: 5px;
+  margin-bottom: 5px;
+}
+
+.deleteButton {
+  margin-left: 5px;
+  margin-right: 15px;
+}
+
+.delForms {
+  display: inline;
+}