typicalname0 /
4grounds
@@ -12,18 +12,18 @@ |
||
| 12 | 12 | <body> |
| 13 | 13 | <?php require(__DIR__ . "/important/header.php"); |
| 14 | 14 | |
| 15 | - if(isset($_GET['id'])) { |
|
| 15 | + if (isset($_GET['id'])) { |
|
| 16 | 16 | $stmt = $conn->prepare("SELECT * FROM files WHERE author = ? AND id = ?"); |
| 17 | 17 | $stmt->bind_param("si", $_SESSION['user'], $_GET['id']); |
| 18 | 18 | $stmt->execute(); |
| 19 | 19 | $result = $stmt->get_result(); |
| 20 | - if($result->num_rows === 0) die('Item doesnt exist or item isnt made by you.'); |
|
| 20 | + if ($result->num_rows === 0) die('Item doesnt exist or item isnt made by you.'); |
|
| 21 | 21 | } else { |
| 22 | 22 | header("Location: index.php"); |
| 23 | 23 | } |
| 24 | 24 | |
| 25 | - if(@$_POST['submit']) { |
|
| 26 | - if(isset($_SESSION['user'])) { |
|
| 25 | + if (@$_POST['submit']) { |
|
| 26 | + if (isset($_SESSION['user'])) { |
|
| 27 | 27 | $stmt = $conn->prepare("UPDATE files SET title = ?, extrainfo = ? WHERE id = ?"); |
| 28 | 28 | $stmt->bind_param("ssi", $title, $description, $_GET['id']); |
| 29 | 29 | $title = htmlspecialchars($_POST['title']); |
@@ -17,7 +17,9 @@ |
||
| 17 | 17 | $stmt->bind_param("si", $_SESSION['user'], $_GET['id']); |
| 18 | 18 | $stmt->execute(); |
| 19 | 19 | $result = $stmt->get_result(); |
| 20 | - if($result->num_rows === 0) die('Item doesnt exist or item isnt made by you.'); |
|
| 20 | + if($result->num_rows === 0) { |
|
| 21 | + die('Item doesnt exist or item isnt made by you.'); |
|
| 22 | + } |
|
| 21 | 23 | } else { |
| 22 | 24 | header("Location: index.php"); |
| 23 | 25 | } |
@@ -12,8 +12,8 @@ |
||
| 12 | 12 | <body> |
| 13 | 13 | <?php require(__DIR__ . "/important/header.php"); |
| 14 | 14 | |
| 15 | - if(@$_POST['submit']) { |
|
| 16 | - if(isset($_SESSION['user'])) { |
|
| 15 | + if (@$_POST['submit']) { |
|
| 16 | + if (isset($_SESSION['user'])) { |
|
| 17 | 17 | $stmt = $conn->prepare("INSERT INTO files (type, title, extrainfo, author, filename) VALUES ('news', ?, ?, ?, '')"); |
| 18 | 18 | $stmt->bind_param("sss", $title, $description, $_SESSION['user']); |
| 19 | 19 | |
@@ -2,13 +2,13 @@ |
||
| 2 | 2 | require(__DIR__ . "/func/func.php"); |
| 3 | 3 | require(__DIR__ . "/func/conn.php"); |
| 4 | 4 | |
| 5 | -if(isset($_SESSION['user'])) { |
|
| 6 | - if(isset($_GET['id'])) { |
|
| 5 | +if (isset($_SESSION['user'])) { |
|
| 6 | + if (isset($_GET['id'])) { |
|
| 7 | 7 | $stmt = $conn->prepare("SELECT * FROM `groups` WHERE id = ?"); |
| 8 | 8 | $stmt->bind_param("i", $_GET['id']); |
| 9 | 9 | $stmt->execute(); |
| 10 | 10 | $result = $stmt->get_result(); |
| 11 | - if($result->num_rows === 0) { |
|
| 11 | + if ($result->num_rows === 0) { |
|
| 12 | 12 | die("Group doesn't exist"); |
| 13 | 13 | } |
| 14 | 14 | $stmt->close(); |
@@ -12,8 +12,8 @@ |
||
| 12 | 12 | <body> |
| 13 | 13 | <?php require("important/header.php"); |
| 14 | 14 | |
| 15 | - if(@$_POST['submit']) { |
|
| 16 | - if(isset($_SESSION['user'])) { |
|
| 15 | + if (@$_POST['submit']) { |
|
| 16 | + if (isset($_SESSION['user'])) { |
|
| 17 | 17 | $stmt = $conn->prepare("INSERT INTO `groups` (title, description, author) VALUES (?, ?, ?)"); |
| 18 | 18 | $stmt->bind_param("sss", $name, $text, $_SESSION['user']); |
| 19 | 19 | $text = htmlspecialchars($_POST['description']); |
@@ -9,7 +9,9 @@ |
||
| 9 | 9 | $stmt->bind_param("s", $_SESSION['user']); |
| 10 | 10 | $stmt->execute(); |
| 11 | 11 | $result = $stmt->get_result(); |
| 12 | - if($result->num_rows === 0) header('Location: index.php'); |
|
| 12 | + if($result->num_rows === 0) { |
|
| 13 | + header('Location: index.php'); |
|
| 14 | + } |
|
| 13 | 15 | while($row = $result->fetch_assoc()) { |
| 14 | 16 | $username = $row['username']; |
| 15 | 17 | $id = $row['id']; |
@@ -9,8 +9,8 @@ discard block |
||
| 9 | 9 | $stmt->bind_param("s", $_SESSION['user']); |
| 10 | 10 | $stmt->execute(); |
| 11 | 11 | $result = $stmt->get_result(); |
| 12 | - if($result->num_rows === 0) header('Location: index.php'); |
|
| 13 | - while($row = $result->fetch_assoc()) { |
|
| 12 | + if ($result->num_rows === 0) header('Location: index.php'); |
|
| 13 | + while ($row = $result->fetch_assoc()) { |
|
| 14 | 14 | $username = $row['username']; |
| 15 | 15 | $id = $row['id']; |
| 16 | 16 | $date = $row['date']; |
@@ -28,21 +28,21 @@ discard block |
||
| 28 | 28 | <body> |
| 29 | 29 | <?php require(__DIR__ . "/important/header.php"); |
| 30 | 30 | |
| 31 | - if(@$_POST['bioset']) { |
|
| 31 | + if (@$_POST['bioset']) { |
|
| 32 | 32 | $stmt = $conn->prepare("UPDATE users SET bio = ? WHERE `users`.`username` = ?;"); |
| 33 | 33 | $stmt->bind_param("ss", $text, $_SESSION['user']); |
| 34 | 34 | $text = $_POST['bio']; |
| 35 | 35 | $stmt->execute(); |
| 36 | 36 | $stmt->close(); |
| 37 | 37 | header("Location: home.php"); |
| 38 | - } else if(@$_POST['css']) { |
|
| 38 | + } else if (@$_POST['css']) { |
|
| 39 | 39 | $stmt = $conn->prepare("UPDATE users SET css = ? WHERE `users`.`username` = ?;"); |
| 40 | 40 | $stmt->bind_param("ss", $validatedcss, $_SESSION['user']); |
| 41 | 41 | $validatedcss = validateCSS($_POST['css']); |
| 42 | 42 | $stmt->execute(); |
| 43 | 43 | $stmt->close(); |
| 44 | 44 | header("Location: home.php"); |
| 45 | - } else if(@$_POST['submit']) { |
|
| 45 | + } else if (@$_POST['submit']) { |
|
| 46 | 46 | $target_dir = "dynamic/pfp/"; |
| 47 | 47 | $imageFileType = strtolower(pathinfo($_FILES["fileToUpload"]["name"], PATHINFO_EXTENSION)); |
| 48 | 48 | $target_name = md5_file($_FILES["fileToUpload"]["tmp_name"]) . "." . $imageFileType; |
@@ -52,8 +52,8 @@ discard block |
||
| 52 | 52 | $uploadOk = true; |
| 53 | 53 | $movedFile = false; |
| 54 | 54 | |
| 55 | - if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" |
|
| 56 | - && $imageFileType != "gif" ) { |
|
| 55 | + if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" |
|
| 56 | + && $imageFileType != "gif") { |
|
| 57 | 57 | echo 'unsupported file type. must be jpg, png, jpeg, or gif<hr>'; |
| 58 | 58 | $uploadOk = false; |
| 59 | 59 | } |
@@ -74,7 +74,7 @@ discard block |
||
| 74 | 74 | echo 'fatal error<hr>'; |
| 75 | 75 | } |
| 76 | 76 | } |
| 77 | - } else if(@$_POST['photoset']) { |
|
| 77 | + } else if (@$_POST['photoset']) { |
|
| 78 | 78 | $uploadOk = true; |
| 79 | 79 | $movedFile = false; |
| 80 | 80 | |
@@ -85,7 +85,7 @@ discard block |
||
| 85 | 85 | |
| 86 | 86 | $target_file = $target_dir . $target_name; |
| 87 | 87 | |
| 88 | - if($songFileType != "ogg" && $songFileType != "mp3") { |
|
| 88 | + if ($songFileType != "ogg" && $songFileType != "mp3") { |
|
| 89 | 89 | echo 'unsupported file type. must be mp3 or ogg<hr>'; |
| 90 | 90 | $uploadOk = false; |
| 91 | 91 | } |
@@ -123,14 +123,14 @@ discard block |
||
| 123 | 123 | <button><a href="/2fa">Manage 2-Factor Authentication</a></button><br><br> |
| 124 | 124 | <b>Bio</b> |
| 125 | 125 | <form method="post" enctype="multipart/form-data"> |
| 126 | - <textarea required cols="58" placeholder="Bio" name="bio"><?php echo $bio;?></textarea><br> |
|
| 126 | + <textarea required cols="58" placeholder="Bio" name="bio"><?php echo $bio; ?></textarea><br> |
|
| 127 | 127 | <input name="bioset" type="submit" value="Set"> |
| 128 | 128 | <small>max limit: 500 characters | supports <a href="https://www.markdownguide.org/basic-syntax">Markdown</a></small> |
| 129 | 129 | </form><br> |
| 130 | 130 | <b>CSS</b> |
| 131 | 131 | <button onclick="loadpfwin()" id="prevbtn">Show Live CSS Preview</button> |
| 132 | 132 | <form method="post" enctype="multipart/form-data"> |
| 133 | - <textarea required rows="15" cols="58" placeholder="Your CSS" name="css" id="css_code"><?php echo $css;?></textarea><br> |
|
| 133 | + <textarea required rows="15" cols="58" placeholder="Your CSS" name="css" id="css_code"><?php echo $css; ?></textarea><br> |
|
| 134 | 134 | <input name="cssset" type="submit" value="Set"> <small>max limit: 5000 characters</small> |
| 135 | 135 | </form><br> |
| 136 | 136 | </div> |
@@ -5,7 +5,9 @@ |
||
| 5 | 5 | $stmt->execute(); |
| 6 | 6 | $result = $stmt->get_result(); |
| 7 | 7 | |
| 8 | - if($result->num_rows == 0) echo('welcome to gamestop how may i help you'); |
|
| 8 | + if($result->num_rows == 0) { |
|
| 9 | + echo('welcome to gamestop how may i help you'); |
|
| 10 | + } |
|
| 9 | 11 | } |
| 10 | 12 | ?> |
| 11 | 13 | |
@@ -1,11 +1,11 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | - if(isset($_SESSION['user'])) { |
|
| 2 | + if (isset($_SESSION['user'])) { |
|
| 3 | 3 | $stmt = $conn->prepare("SELECT * FROM `users` WHERE username = ?"); |
| 4 | 4 | $stmt->bind_param("s", $_SESSION['user']); |
| 5 | 5 | $stmt->execute(); |
| 6 | 6 | $result = $stmt->get_result(); |
| 7 | 7 | |
| 8 | - if($result->num_rows == 0) echo('welcome to gamestop how may i help you'); |
|
| 8 | + if ($result->num_rows == 0) echo('welcome to gamestop how may i help you'); |
|
| 9 | 9 | } |
| 10 | 10 | ?> |
| 11 | 11 | |
@@ -44,10 +44,10 @@ discard block |
||
| 44 | 44 | </div> |
| 45 | 45 | |
| 46 | 46 | <span style="float:right;"> |
| 47 | - <?php if(isset($_SESSION['user'])) {?> |
|
| 47 | + <?php if (isset($_SESSION['user'])) {?> |
|
| 48 | 48 | Logged in as |
| 49 | - <a href='/view/profile?id=<?php echo(getID($_SESSION['user'], $conn));?>'> |
|
| 50 | - <?php echo($_SESSION['user']);?> |
|
| 49 | + <a href='/view/profile?id=<?php echo(getID($_SESSION['user'], $conn)); ?>'> |
|
| 50 | + <?php echo($_SESSION['user']); ?> |
|
| 51 | 51 | </a> |
| 52 | 52 | • <a href='/home'>Manage</a> |
| 53 | 53 | • <a href='/logout'>Logout</a> |
@@ -12,8 +12,8 @@ |
||
| 12 | 12 | <body> |
| 13 | 13 | <?php require(__DIR__ . "/important/header.php"); |
| 14 | 14 | |
| 15 | - if(@$_POST['submit']) { |
|
| 16 | - if(isset($_SESSION['user'])) { |
|
| 15 | + if (@$_POST['submit']) { |
|
| 16 | + if (isset($_SESSION['user'])) { |
|
| 17 | 17 | $stmt = $conn->prepare("INSERT INTO files (type, title, extrainfo, author, filename) VALUES ('review', ?, ?, ?, '')"); |
| 18 | 18 | $stmt->bind_param("sss", $title, $description, $_SESSION['user']); |
| 19 | 19 | |
@@ -16,8 +16,8 @@ discard block |
||
| 16 | 16 | if ($_SERVER['REQUEST_METHOD'] == 'GET' && isset($_GET["r_login"])) { |
| 17 | 17 | $error = "The page you tried to access requires you to be logged in."; |
| 18 | 18 | } |
| 19 | - if($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['password'] && $_POST['username']) { |
|
| 20 | - if(isset($_POST['remember'])) { |
|
| 19 | + if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['password'] && $_POST['username']) { |
|
| 20 | + if (isset($_POST['remember'])) { |
|
| 21 | 21 | $rememberMe = true; |
| 22 | 22 | } else { |
| 23 | 23 | $rememberMe = false; |
@@ -26,12 +26,12 @@ discard block |
||
| 26 | 26 | $stmt->bind_param("s", $_POST['username']); |
| 27 | 27 | $stmt->execute(); |
| 28 | 28 | $result = $stmt->get_result(); |
| 29 | - if(!mysqli_num_rows($result)){ { $error = "incorrect username or password"; goto skip; } } |
|
| 29 | + if (!mysqli_num_rows($result)) { { $error = "incorrect username or password"; goto skip; } } |
|
| 30 | 30 | |
| 31 | 31 | $row = $result->fetch_assoc(); |
| 32 | 32 | $hash = $row['password']; |
| 33 | 33 | |
| 34 | - if(!password_verify($_POST['password'], $hash)) { |
|
| 34 | + if (!password_verify($_POST['password'], $hash)) { |
|
| 35 | 35 | $error = "incorrect username or password"; goto skip; |
| 36 | 36 | } |
| 37 | 37 | |
@@ -42,7 +42,7 @@ discard block |
||
| 42 | 42 | if (isset($result['otpsecret'])) { |
| 43 | 43 | $otp = true; |
| 44 | 44 | if (isset($_POST['totp'])) { |
| 45 | - if ($_POST['totp'] === $result['otpbackupcode']) {goto skip2fa;} |
|
| 45 | + if ($_POST['totp'] === $result['otpbackupcode']) {goto skip2fa; } |
|
| 46 | 46 | require("vendor/autoload.php"); |
| 47 | 47 | $totp = OTPHP\TOTP::create($result['otpsecret']); |
| 48 | 48 | if (!$totp->verify($_POST['totp'])) { |
@@ -56,7 +56,7 @@ discard block |
||
| 56 | 56 | } |
| 57 | 57 | skip2fa: |
| 58 | 58 | |
| 59 | - if($rememberMe) { |
|
| 59 | + if ($rememberMe) { |
|
| 60 | 60 | session_write_close(); |
| 61 | 61 | session_set_cookie_params("2678400"); |
| 62 | 62 | ini_set('session.gc_maxlifetime', 2678400); |
@@ -70,7 +70,7 @@ discard block |
||
| 70 | 70 | } |
| 71 | 71 | skip: |
| 72 | 72 | |
| 73 | - if(isset($error)) { echo "<small style='color:red'>".$error."</small>"; } |
|
| 73 | + if (isset($error)) { echo "<small style='color:red'>" . $error . "</small>"; } |
|
| 74 | 74 | ?> |
| 75 | 75 | <form method="post"> |
| 76 | 76 | <input required placeholder="Username" type="text" name="username"><br> |
@@ -18,32 +18,32 @@ discard block |
||
| 18 | 18 | ?> |
| 19 | 19 | <center><h1 style="display: inline-block;">4Grounds - Register</h1><br> |
| 20 | 20 | <?php |
| 21 | - if($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['password'] && $_POST['username']) |
|
| 21 | + if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['password'] && $_POST['username']) |
|
| 22 | 22 | { |
| 23 | 23 | $email = htmlspecialchars(@$_POST['email']); |
| 24 | 24 | $username = htmlspecialchars(@$_POST['username']); |
| 25 | 25 | $password = @$_POST['password']; |
| 26 | 26 | $passwordhash = password_hash(@$password, PASSWORD_DEFAULT); |
| 27 | 27 | |
| 28 | - if($_POST['password'] !== $_POST['confirm']){ $error = "password and confirmation password do not match"; goto skip; } |
|
| 28 | + if ($_POST['password'] !== $_POST['confirm']) { $error = "password and confirmation password do not match"; goto skip; } |
|
| 29 | 29 | |
| 30 | - if(strlen($username) > 21) { $error = "your username must be shorter than 21 characters"; goto skip; } |
|
| 31 | - if(strlen($password) < 8) { $error = "your password must be at least 8 characters long"; goto skip; } |
|
| 32 | - if(!preg_match('/[A-Za-z].*[0-9]|[0-9].*[A-Za-z]/', $password)) { $error = "please include both letters and numbers in your password"; goto skip; } |
|
| 33 | - if(!isset($_POST['g-recaptcha-response'])){ $error = "captcha validation failed"; goto skip; } |
|
| 34 | - if($config['use_recaptcha'] && !validateCaptcha($config['recaptcha_secret'], $_POST['g-recaptcha-response'])) { $error = "captcha validation failed"; goto skip; } |
|
| 30 | + if (strlen($username) > 21) { $error = "your username must be shorter than 21 characters"; goto skip; } |
|
| 31 | + if (strlen($password) < 8) { $error = "your password must be at least 8 characters long"; goto skip; } |
|
| 32 | + if (!preg_match('/[A-Za-z].*[0-9]|[0-9].*[A-Za-z]/', $password)) { $error = "please include both letters and numbers in your password"; goto skip; } |
|
| 33 | + if (!isset($_POST['g-recaptcha-response'])) { $error = "captcha validation failed"; goto skip; } |
|
| 34 | + if ($config['use_recaptcha'] && !validateCaptcha($config['recaptcha_secret'], $_POST['g-recaptcha-response'])) { $error = "captcha validation failed"; goto skip; } |
|
| 35 | 35 | |
| 36 | 36 | $stmt = $conn->prepare("SELECT username FROM users WHERE username = ?"); |
| 37 | 37 | $stmt->bind_param("s", $username); |
| 38 | 38 | $stmt->execute(); |
| 39 | 39 | $result = $stmt->get_result(); |
| 40 | - if($result->num_rows) { $error = "there's already a user with that same name!"; goto skip; } |
|
| 40 | + if ($result->num_rows) { $error = "there's already a user with that same name!"; goto skip; } |
|
| 41 | 41 | |
| 42 | 42 | $stmt = $conn->prepare("SELECT email FROM users WHERE email = ?"); |
| 43 | 43 | $stmt->bind_param("s", $email); |
| 44 | 44 | $stmt->execute(); |
| 45 | 45 | $result = $stmt->get_result(); |
| 46 | - if($result->num_rows) { $error = "there's already a user with that same email!"; goto skip; } |
|
| 46 | + if ($result->num_rows) { $error = "there's already a user with that same email!"; goto skip; } |
|
| 47 | 47 | |
| 48 | 48 | //TODO: add cloudflare ip thing |
| 49 | 49 | $stmt = $conn->prepare("INSERT INTO `users` (`username`, `email`, `password`) VALUES (?, ?, ?)"); |
@@ -63,7 +63,7 @@ discard block |
||
| 63 | 63 | } |
| 64 | 64 | skip: |
| 65 | 65 | |
| 66 | - if(isset($error)) { echo "<small style='color:red'>".$error."</small>"; } ?> |
|
| 66 | + if (isset($error)) { echo "<small style='color:red'>" . $error . "</small>"; } ?> |
|
| 67 | 67 | <form method="post"> |
| 68 | 68 | <input required placeholder="Username" type="text" name="username"><br> |
| 69 | 69 | <input required placeholder="E-Mail" type="email" name="email"><br><br> |
@@ -14,7 +14,7 @@ |
||
| 14 | 14 | <body> |
| 15 | 15 | <?php |
| 16 | 16 | require(__DIR__ . "/important/header.php"); |
| 17 | - ?> |
|
| 17 | + ?> |
|
| 18 | 18 | <center><h1 style="display: inline-block;">4Grounds - Register</h1><br> |
| 19 | 19 | <?php |
| 20 | 20 | if($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['password'] && $_POST['username']) |
