From feb736e4f4902e2addac97e761a7c67f919ac2d0 Mon Sep 17 00:00:00 2001
From: xf0r3m <jakubstasinski@protonmail.com>
Date: Wed, 1 Nov 2023 12:52:00 +0100
Subject: [PATCH] =?utf8?q?Rozpocz=C4=99cie=20prac=20na=20lib.morketsmerke.?=
 =?utf8?q?org?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 db_conf.php       | 20 ++++++++++++
 index.php         | 56 ++++++++++++++++++++++++++++++++
 install.sql       | 41 +++++++++++++++++++++++
 library.php       | 83 +++++++++++++++++++++++++++++++++++++++++++++++
 modules/login.php | 27 +++++++++++++++
 style.css         | 54 ++++++++++++++++++++++++++++++
 6 files changed, 281 insertions(+)
 create mode 100644 db_conf.php
 create mode 100644 index.php
 create mode 100644 install.sql
 create mode 100644 library.php
 create mode 100644 modules/login.php
 create mode 100644 style.css

diff --git a/db_conf.php b/db_conf.php
new file mode 100644
index 0000000..47cc73a
--- /dev/null
+++ b/db_conf.php
@@ -0,0 +1,20 @@
+<?php
+  $db = 'library';
+  $db_user = 'library';
+  $db_passwd = 'Sup3rT4jn3H4s1087400';
+  $db_host = 'localhost';
+
+  $connection = mysqli_connect($db_host, $db_user, $db_passwd, $db);
+
+  if ( ! $connection ) {
+    echo "<script>console.log('Połaczenie nie powiodło się');
+          console.log(\"Nr błędu: " . mysqli_connect_errno() . "\");
+          console.log(\"Błąd: " . mysqli_connect_error() . "\");</script>";
+    exit;
+  } else {
+    if ( ! isset($_SERVER["SHELL"]) ) {
+      echo "<script>console.log('Połączenie powiodło się!');</script>";
+    }
+  }
+
+?>
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..7022797
--- /dev/null
+++ b/index.php
@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8" />
+    <title>Library of morketsmerke.org</title>
+    <link rel="stylesheet" type="text/css" href="style.css">
+  </head>
+  <body>
+    <?php
+      include('db_conf.php');
+      include('library.php');
+    ?>
+    <div id="root-container">
+      <div id="baner-container">
+        baner
+      </div>
+      <div id="menu-container">
+        <!--main-menu-->
+        <ul class="ul-menu">
+          <li class="main-menu-element"><a href="index.php">Strona główna</a></li>
+          <?php
+            if ( session_status() != 2 ) { session_start(); }
+            if ( isset($_SESSION['username']) ) {
+              echo "<li class=\"main-menu-element\" style=\"float: right;\">Witaj," . $_SESSION['username'] . "(<a href=\"?p=logout\">wyloguj się</a>)</li>";
+            } else {
+              echo "<li class=\"main-menu-element\" style=\"float: right;\"><a href=\"?p=login\">Zaloguj się</a></li>";
+            }
+          ?>
+        </ul>
+      </div>
+      <div id="main-content-container">
+        <div id="side-menu-container">
+          <!--side-menu-->
+          <ul class="ul-menu">
+            <li><a href="?p=lastadded">Ostatnio dodane</a></li>
+          </ul> 
+        </div>
+        <div id="content-container">
+          <!--content-->
+          <?php
+            if ( isset($_GET['p']) && ($_GET['p'] == 'login') ) {
+              include('modules/login.php');
+            } else {
+              echo "<h1>Główna filia biblioteki morketsmerke.org</h1>";
+              echo "<p>Tutaj może znaleźć wiele interesujących pozycji";
+              echo "czytelniczych, choć niektóre zasoby mogą być niedostępne.</p>";
+            }
+          ?>
+        </div>
+      </div>
+      <div id="footer-container">
+        2023 @ morketsmerke.org. All rights reversed.
+      </div>
+    </div>
+  </body>
+</html>
diff --git a/install.sql b/install.sql
new file mode 100644
index 0000000..7cb7f1f
--- /dev/null
+++ b/install.sql
@@ -0,0 +1,41 @@
+CREATE DATABASE library;
+CREATE USER 'library'@'localhost' IDENTIFIED BY 'Sup3rT4jn3H4s1087400';
+GRANT ALL on library.* TO 'library'@'localhost';
+
+USE library;
+
+CREATE TABLE users (
+  id int AUTO_INCREMENT PRIMARY KEY,
+  login varchar(30),
+  pass_hash text
+);
+
+CREATE TABLE books (
+  id int AUTO_INCREMENT PRIMARY KEY,
+  type int,
+  title text,
+  author text,
+  publisher text,
+  publishing int,
+  pubdate int,
+  category int,
+  ISBN text,
+  adnotes text,
+  description text
+);
+
+CREATE TABLE notes (
+  id int AUTO_INCREMENT PRIMARY KEY,
+  title text,
+  author text,
+  source text,
+  adnotes text,
+  description text
+);
+
+CREATE TABLE categories (
+  id int AUTO_INCREMENT PRIMARY KEY,
+  name text
+);
+
+INSERT INTO users (login, pass_hash) VALUES ('xf0r3m', '$2y$10$oIr8ekrD8z5AA1BK0Mqt0OBmgRwq6Mf3GCFRztade1YxlipQwr2AW');
diff --git a/library.php b/library.php
new file mode 100644
index 0000000..87bc33b
--- /dev/null
+++ b/library.php
@@ -0,0 +1,83 @@
+<?php
+
+function mysqliResult($connection, $result) {
+  if ( ($result === true) || (mysqli_num_rows($result) > 0) ) {
+    if ( ! isset($_SERVER["SHELL"]) ) {
+      echo "<script>console.log('Zapytanie powiodło się.')</script>";
+    }
+    return true;
+  } else {
+    echo "<script>console.log('Zapytanie nie powiodło się: " . mysqli_error($connection) . "');</script>";
+    return false;
+  }
+}
+
+function dbQuery($connection, $tableName, $columnScheme, $whereValue, $debug=0) {
+  $query = "SELECT " . $columnScheme . " FROM " . $tableName . " WHERE " . $whereValue;
+  if ( $debug == 1 ) { var_dump($query); }
+  $result = mysqli_query($connection, $query);
+ 
+  if ( mysqliResult($connection, $result) ) {
+    return $result;
+  } else {
+    echo "<script>console.log('Pobranie danych z bazy jest niemożliwe');</script>";
+  }
+
+}
+
+function getFieldValue($result) {
+  $row = mysqli_fetch_row($result);
+  return $row[0];
+}
+
+function dbUpdate($connection, $tableName, $setValue, $whereValue) {
+  $query = "UPDATE " . $tableName . " SET " . $setValue . " WHERE " . $whereValue;
+  $result = mysqli_query($connection, $query);
+ 
+  if ( mysqliResult($connection, $result) ) {
+    return $result;
+  } else {
+    echo "<script>console.log('Zmiana danych w bazie jest niemożliwa');</script>";
+  }
+
+}
+
+function dbAdd($connection, $tableName, $columnScheme, $setValues) {
+  $query = "INSERT INTO " . $tableName . " (" . $columnScheme . ") VALUES (" . $setValues . ");";
+  $result = mysqli_query($connection, $query);
+
+  if ( mysqliResult($connection, $result) ) {
+    return $result;
+  } else {
+    echo "<script>console.log('Dodanie danych do bazy jest niemożliwa');</script>";
+  }
+}
+
+function dbDel($connection, $tableName, $whereValue) {
+  $query = "DELETE FROM " . $tableName . " WHERE " . $whereValue;
+  $result = mysqli_query($connection, $query);
+
+  if ( mysqliResult($connection, $result) ) {
+    return $result;
+  } else {
+    echo "<script>console.log('Usunięcie danych z bazy jest niemożliwa');</script>";
+  }
+}
+
+function newFormatTo80Cols($long_string, $linePrefix, $eolSign) {
+  $content = array();
+  if ( strlen($long_string) > 80 ) { 
+    $toExplode = wordwrap($long_string, 80, "|", false);
+    $exploded = explode("|", $toExplode);
+    $i=0;
+    foreach ( $exploded as $line ) {
+      $content[$i] = $linePrefix . $line . $eolSign;
+      $i += 1;
+    }
+  } else {
+    $content[0] = $linePrefix . $long_string . $eolSign;
+  }
+  return $content;
+}
+
+?>
diff --git a/modules/login.php b/modules/login.php
new file mode 100644
index 0000000..d392e6b
--- /dev/null
+++ b/modules/login.php
@@ -0,0 +1,27 @@
+<?php
+  if ( isset($_POST['login']) ) {
+    $tableName = 'users';
+    $columnScheme = 'pass_hash';
+    $whereValue = "login = '" . mysqli_real_escape_string($connection, $_POST['login']) . "'";
+    $loginResult = dbQuery($connection, $tableName, $columnScheme, $whereValue);
+    if ( mysqliResult($connection, $loginResult) ) {
+      $passHash = getFieldValue($loginResult);
+      if ( password_verify($_POST['pass'], $passHash) ) {
+        session_start();
+        $_SESSION['username'] = $_POST['login'];
+        header("Location: index.php");
+      } else {
+        echo "<h3 style=\"color: red;\">Niepoprawny login lub hasło</h3>";
+      }
+    } else {
+      echo "<h3 style=\"color: red;\">Niepoprawny login lub hasło</h3>";
+    }
+  }
+?>
+<form action="?p=login" method="post">
+  <label for="lfield">Login:</label><br />
+  <input type="text" id="lfield" name="login"><br />
+  <label for="pfield">Hasło:</label><br />
+  <input type="password" id="pfield" name="pass"><br /><br />
+  <button type="submit">Zaloguj</button>
+</form>
diff --git a/style.css b/style.css
new file mode 100644
index 0000000..7f01ce0
--- /dev/null
+++ b/style.css
@@ -0,0 +1,54 @@
+#root-container {
+  width: 860px;
+  margin-right: auto;
+  margin-left: auto;
+}
+
+#baner-container {
+  width: inherit;
+  height: 200px;
+}
+
+#menu-container, #footer-container {
+  width: inherit;
+  height: 30px;
+}
+
+#main-content-container {
+  width: inherit;
+  float: left;
+  min-height: 300px;
+  margin-top: 10px;
+}
+
+#side-menu-container {
+  width: 172px;
+  float: left;
+}
+
+#content-container {
+  width: 683px;
+  float: left;
+  padding-left: 5px;
+}
+
+#footer-container {
+  float: left;
+  text-align: center;
+}
+
+.main-menu-element {
+  float: left;
+  margin-right: 5px;
+}
+
+.ul-menu {
+  list-style-type: none;
+  padding: 0;
+  margin: 0;
+}
+
+button {
+  border-radius: unset;
+  border: 1px solid;
+}
-- 
2.39.5