Skip to content

Commit ae18f08

Browse files
Maxhu787Maxhu787
committed
update
1 parent ce618d8 commit ae18f08

File tree

6 files changed

+208
-24
lines changed

6 files changed

+208
-24
lines changed

index.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -29,13 +29,13 @@
2929

3030
if ($user_status_log != null) {
3131
$stmt = $pdo->prepare("UPDATE user_status_log SET account=?, last_active_date_time=? WHERE user_id=?");
32-
$stmt->execute([$_SESSION['name'], date(DATE_RFC2822), $_SESSION['user_id']]);
32+
$stmt->execute([$_SESSION['username'], date(DATE_RFC2822), $_SESSION['user_id']]);
3333
} else {
3434
$stmt = $pdo->prepare('INSERT INTO user_status_log (user_id, account, last_active_date_time) VALUES (:usr, :acc, :date)');
3535
$stmt->execute(
3636
array(
3737
':usr' => $_SESSION['user_id'],
38-
':acc' => $_SESSION['name'],
38+
':acc' => $_SESSION['username'],
3939
':date' => date(DATE_RFC2822)
4040
)
4141
);
@@ -156,7 +156,7 @@
156156
echo ($account['user_id']);
157157
echo $pfp;
158158
echo ("</td><td>");
159-
echo "<a href='./profile.php?user={$account['user_id']}' >" . $account['name'] . "</a>";
159+
echo "<a href='./profile.php?user={$account['user_id']}' >" . htmlentities($account['username']) . "</a>";
160160
echo "<td>";
161161
if ($account['show_email'] === "True") {
162162
echo ($account['email']);
@@ -171,7 +171,7 @@
171171
echo "</table>";
172172

173173
$pfp = "<a class='pfp-link' href='./profile.php?user={$_SESSION['user_id']}'><img class='profile-img-large' src='$userpfp'></a>";
174-
$main = "<p id='profile-name'>{$_SESSION['name']}</p><p id='profile-email'>{$_SESSION['email']}</p>";
174+
$main = "<p id='profile-name'>{$_SESSION['username']}</p><p id='profile-email'>{$_SESSION['email']}</p>";
175175
$profileLink = "<a href='./profile.php?user={$_SESSION['user_id']}'>Your public profile</a>";
176176
$actions = '<a href="edit-account.php">Account Settings</a> | <a href="logout.php">Logout</a>';
177177
echo "<div id='profile'><button id='close-btn' onclick='closeProfile()'>&times;</button>{$pfp}{$main}{$actions}<br />{$profileLink}</div>";

new-g4o2-chat/account-settings.php

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,15 @@
6767
}
6868

6969
if ($emailCheck != false) {
70+
$statement = $pdo->prepare("SELECT user_id FROM account where username = :username");
71+
$statement->execute(array(':username' => $_POST['username']));
72+
$checkUsername = $statement->fetch();
73+
if ($checkUsername['user_id'] == $_SESSION['user_id'] || $checkUsername['user_id'] == "") {
74+
$usernameCheck = true;
75+
} else {
76+
$usernameCheck = false;
77+
}
78+
if($usernameCheck != false) {
7079
if (isset($_POST['password'])) {
7180
$salt = getenv('SALT');
7281
$newPassword = $_POST['password'];
@@ -98,6 +107,9 @@
98107
':showEmail' => $show_email
99108
));
100109
$_SESSION['success'] = 'Account details updated.';
110+
} else {
111+
$_SESSION['error'] = 'Username taken';
112+
}
101113
} else {
102114
$_SESSION['error'] = 'Email taken';
103115
}
@@ -174,7 +186,7 @@
174186
<body>
175187
<form class="form-signin" action="account-settings.php" method="post" enctype="multipart/form-data" autocomplete="off">
176188
<h1 class="h3 mb-3 font-weight-normal">Account Settings</h1>
177-
Select image to upload for <?= $_SESSION['username'] ?>
189+
Select image to upload for <?=htmlentities($_SESSION['username']) ?>
178190
<input type="file" name="fileToUpload" id="fileToUpload">
179191
<label for="name" class="sr-only">Username</label>
180192
<input type="text" name="username" class="form-control" placeholder="" required="" autofocus="" value="<?= htmlentities($response['username']) ?>">

new-g4o2-chat/login.php

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -124,7 +124,7 @@
124124

125125
<body class="text-center">
126126
<form class="form-signin" method="post">
127-
<img class="mb-4" src="./assets/images/g4o2.jpeg" alt="" width="72" height="72">
127+
<img class="mb-4" src="./favicon.ico" alt="" width="72" height="72">
128128
<h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
129129
<p>
130130
<?php
@@ -151,7 +151,6 @@
151151
<p class="mt-5 mb-3 text-muted">© <?= date("Y") ?></p>
152152
<p>Don't have an account yet? <a href='./signup.php'>register</a></p>
153153
</form>
154-
</form>
155154
<script>
156155
function doValidate() {
157156
console.log("Validating...");

new-g4o2-chat/logs/logs.log

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,4 @@ Logout success g4o2@protonmail.com (Thu, 02 Feb 2023 09:54:59 +0800)
44
Logout success g4o2@protonmail.com (Thu, 02 Feb 2023 10:47:26 +0800)
55
Login fail wrong password g4o2@protonmail.com 45c4fd97cdd8eb4e85749cf13b518cea (Thu, 02 Feb 2023 10:47:36 +0800)
66
Logout success g4o2@protonmail.com (Thu, 02 Feb 2023 11:13:20 +0800)
7+
Logout success g4o2@protonmail.com (Thu, 02 Feb 2023 12:19:53 +0800)

new-g4o2-chat/pdo.php

Lines changed: 17 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -3,27 +3,27 @@
33
ob_start();
44
ini_set('display_errors', 0);
55

6-
$HOST = 'sql12.freemysqlhosting.net';
7-
$PORT = 3306;
8-
$DB_NAME = 'sql12561191';
9-
$DB_USER = 'sql12561191';
10-
$DB_PASSWORD = getenv('DB_PASSWORD');
11-
$pdo = new PDO(
12-
"mysql:host=$HOST;port=$PORT;dbname=$DB_NAME",
13-
$DB_USER,
14-
$DB_PASSWORD
15-
);
16-
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
17-
18-
19-
// $HOST = 'localhost';
6+
// $HOST = 'sql12.freemysqlhosting.net';
207
// $PORT = 3306;
21-
// $DB_NAME = 'g4o2-chat';
22-
// $DB_USER = 'g4o2';
23-
// $DB_PASSWORD = 'g4o2';
8+
// $DB_NAME = 'sql12561191';
9+
// $DB_USER = 'sql12561191';
10+
// $DB_PASSWORD = getenv('DB_PASSWORD');
2411
// $pdo = new PDO(
2512
// "mysql:host=$HOST;port=$PORT;dbname=$DB_NAME",
2613
// $DB_USER,
2714
// $DB_PASSWORD
2815
// );
2916
// $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
17+
18+
19+
$HOST = 'localhost';
20+
$PORT = 3306;
21+
$DB_NAME = 'g4o2-chat';
22+
$DB_USER = 'g4o2';
23+
$DB_PASSWORD = 'g4o2';
24+
$pdo = new PDO(
25+
"mysql:host=$HOST;port=$PORT;dbname=$DB_NAME",
26+
$DB_USER,
27+
$DB_PASSWORD
28+
);
29+
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

new-g4o2-chat/signup.php

Lines changed: 172 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,172 @@
1+
<?php
2+
require_once "pdo.php";
3+
require_once "head.php";
4+
date_default_timezone_set('Asia/Taipei');
5+
6+
if (isset($_SESSION["email"])) {
7+
header('Location: index.php');
8+
}
9+
10+
if (isset($_POST["submit"])) {
11+
$statement = $pdo->prepare("SELECT * FROM account where email = :em");
12+
$statement->execute(array(':em' => $_POST['email']));
13+
$response = $statement->fetch();
14+
15+
if ($response == "") {
16+
$statement = $pdo->prepare("SELECT * FROM account where username = :username");
17+
$statement->execute(array(':username' => $_POST['username']));
18+
$response = $statement->fetch();
19+
20+
if ($response == "") {
21+
$username = $_POST['username'];
22+
$email = $_POST['email'];
23+
24+
$salt = getenv('SALT');
25+
$check = hash("md5", $salt . $_POST['password']);
26+
$password = $check;
27+
28+
$stmt = $pdo->prepare('INSERT INTO account
29+
(username, email, password) VALUES ( :username, :em, :pw)');
30+
$stmt->execute(
31+
array(
32+
':username' => $username,
33+
':em' => $email,
34+
':pw' => $password
35+
)
36+
);
37+
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
38+
$_SESSION['success'] = "Account Created. Please login." . " ip: " . $ip;
39+
header('Location:login.php');
40+
} else {
41+
$_SESSION['error'] = "Username taken.";
42+
header('Location:signup.php');
43+
}
44+
} else {
45+
$_SESSION['error'] = "Email taken.";
46+
header('Location:signup.php');
47+
}
48+
return;
49+
}
50+
?>
51+
52+
<head>
53+
<title>Create Account</title>
54+
<style>
55+
html,
56+
body {
57+
height: 100%;
58+
background-color: #fff !important;
59+
}
60+
61+
body {
62+
display: -ms-flexbox;
63+
display: -webkit-box;
64+
display: flex;
65+
-ms-flex-align: center;
66+
-ms-flex-pack: center;
67+
-webkit-box-align: center;
68+
align-items: center;
69+
-webkit-box-pack: center;
70+
justify-content: center;
71+
padding-top: 40px;
72+
padding-bottom: 40px;
73+
background-color: #f5f5f5;
74+
}
75+
76+
.form-signin {
77+
width: 100%;
78+
max-width: 330px;
79+
padding: 15px;
80+
margin: 0 auto;
81+
}
82+
83+
.form-signin .checkbox {
84+
font-weight: 400;
85+
}
86+
87+
.form-signin .form-control {
88+
position: relative;
89+
box-sizing: border-box;
90+
height: auto;
91+
padding: 10px;
92+
font-size: 16px;
93+
}
94+
95+
.form-signin .form-control:focus {
96+
z-index: 2;
97+
}
98+
99+
.form-signin input[type="email"] {
100+
margin-bottom: -1px;
101+
border-bottom-right-radius: 0;
102+
border-bottom-left-radius: 0;
103+
}
104+
105+
.form-signin input[type="password"] {
106+
margin-bottom: 10px;
107+
border-top-left-radius: 0;
108+
border-top-right-radius: 0;
109+
}
110+
</style>
111+
</head>
112+
<form class="form-signin" method="post" action="./signup.php" enctype="multipart/form-data">
113+
<img class="mb-4" src="./favicon.ico" alt="" width="72" height="72">
114+
<h1 class="h3 mb-3 font-weight-normal">Signup</h1>
115+
<?php
116+
if (isset($_SESSION["error"])) {
117+
echo ('<p class="text-danger">' . htmlentities($_SESSION["error"]) . "</p>");
118+
unset($_SESSION["error"]);
119+
}
120+
if (isset($_SESSION["success"])) {
121+
echo ('<p class="text-success">' . htmlentities($_SESSION["success"]) . "</p>");
122+
unset($_SESSION["success"]);
123+
}
124+
?>
125+
<label for="username" class="sr-only">Username</label>
126+
<input type="text" class="form-control" name="username" placeholder="Username" required="" autofocus="" maxlength=128>
127+
<label for="" class="sr-only">Email</label>
128+
<input type="email" id="id_email" class="form-control" name="email" placeholder="Email address" required="">
129+
<label for="inputPassword" class="sr-only">Password</label>
130+
<input type="password" id="id_1723" class="form-control" name="password" placeholder="Password" required="">
131+
<div class="checkbox mb-3">
132+
<label>
133+
<input type="checkbox" name="spamemail" value="spam my email"> Spam my email
134+
</label>
135+
</div>
136+
<button class="btn btn-lg btn-primary btn-block" name="submit" type="submit" onclick="return doValidate();">Signup</button>
137+
<br />Already have an account? please <a href="./login.php">log in</a>
138+
<p class="mt-5 mb-3 text-muted">© <?= date("Y") ?></p>
139+
By registering, you agree to our <a href="./terms-of-service.php" target="_blank">Terms</a>, <a href="./privacy-policy.php" target="_blank">Privacy Policy</a> and <a href="./cookie-policy.php" target="_blank">Cookie Policy</a>.<br />
140+
</form>
141+
142+
<script src="./particles/particles.js"></script>
143+
<script>
144+
function doValidate() {
145+
console.log("Validating...");
146+
try {
147+
email = document.getElementById("id_email").value;
148+
pw = document.getElementById("id_1723").value;
149+
console.log("Validating email=" + email);
150+
console.log("Validating pw=" + pw);
151+
if (pw == null || pw == "" || email == null || email == "") {
152+
alert("Both fields must be filled out");
153+
return false;
154+
}
155+
if (email.search("@") === -1) {
156+
alert("Email address must contain @");
157+
return false;
158+
}
159+
return true;
160+
} catch (e) {
161+
return false;
162+
}
163+
return false;
164+
}
165+
particlesJS.load('particles-js', './particles/particles.json', function() {
166+
console.log('callback - particles.js config loaded');
167+
});
168+
setTimeout(function() {
169+
document.querySelector('.popup-msg').style.display = "none";
170+
document.querySelector('.error').style.display = "none";
171+
}, 2200);
172+
</script>

0 commit comments

Comments
 (0)