From 306cf55cc9b66d91655ff3ccb118068e98ed2523 Mon Sep 17 00:00:00 2001 From: Yasen Pramatarov Date: Mon, 1 Jul 2024 12:45:07 +0300 Subject: [PATCH] Login/registration fixes --- jilo-web.conf | 0 jilo-web.conf.php | 9 ++ public_html/index.php | 109 +++++++++++++++++------- public_html/pages/login.php | 13 ++- public_html/pages/logout.php | 10 --- public_html/pages/register.php | 12 ++- public_html/static/all.css | 23 +++++ public_html/templates/footer.php | 4 +- public_html/templates/form-login.php | 6 -- public_html/templates/form-register.php | 16 ++-- public_html/templates/header.php | 19 +---- public_html/templates/menu.php | 19 +++++ public_html/templates/message.php | 12 +++ 13 files changed, 176 insertions(+), 76 deletions(-) delete mode 100644 jilo-web.conf create mode 100644 jilo-web.conf.php delete mode 100644 public_html/pages/logout.php create mode 100644 public_html/templates/menu.php create mode 100644 public_html/templates/message.php diff --git a/jilo-web.conf b/jilo-web.conf deleted file mode 100644 index e69de29..0000000 diff --git a/jilo-web.conf.php b/jilo-web.conf.php new file mode 100644 index 0000000..65d1fe9 --- /dev/null +++ b/jilo-web.conf.php @@ -0,0 +1,9 @@ + 'localhost', + 'folder' => '/jilo-web/', + 'database' => '/home/yasen/work/code/git/lindeas-code/jilo-web/jilo-web.db', +]; + +?> diff --git a/public_html/index.php b/public_html/index.php index 1ea534d..90f044b 100644 --- a/public_html/index.php +++ b/public_html/index.php @@ -1,30 +1,18 @@ Error: $error"; -} +/** + * Jilo web logs observer + * + * Description: A web interface to Jilo (JItsi Logs Observer), written in PHP + * Author: Yasen Pramatarov + * License: GPLv2 + * Project URL: https://lindeas.com/jilo + * Year: 2024 + * Version: 0.1 + */ +// list of available pages +// edit accordingly, add 'pages/PAGE.php' $allowed_urls = [ 'front', 'login', @@ -34,14 +22,77 @@ $allowed_urls = [ 'config', ]; -include 'templates/header.php'; - -if (in_array($page, $allowed_urls)) { - include "pages/{$page}.php"; +// cnfig file +$config_file = '/home/yasen/work/code/git/lindeas-code/jilo-web/jilo-web.conf.php'; +if (file_exists($config_file)) { + require_once $config_file; } else { - include 'pages/front.php'; + die('Config file not found'); } +session_start(); + +if (isset($_GET['page'])) { + $page = $_GET['page']; +} elseif (isset($_POST['page'])) { + $page = $_POST['page']; +} else { + $page = 'front'; +} + +// logged in username +if ( isset($_SESSION['username']) ) { + $user = htmlspecialchars($_SESSION['username']); +} + +// redirect to login +if ( !isset($_SESSION['user_id']) && ($page !== 'login' && $page !== 'register') ) { + header('Location: index.php?page=login'); + exit(); +} + +// we use 'notice' for all non-critical messages and 'error' for errors +if (isset($_SESSION['notice'])) { + $notice = $_SESSION['notice']; +} +if (isset($_SESSION['error'])) { + $error = $_SESSION['error']; +} + +// page building +if (in_array($page, $allowed_urls)) { + // logout is a special case, as we can't use session vars for notices + if ($page == 'logout') { + + // clean up session + session_unset(); + session_destroy(); + + $notice = "You were logged out.
You can log in again."; + include 'templates/header.php'; + include 'templates/menu.php'; + include 'templates/message.php'; + include 'pages/login.php'; + + // all other normal pages + } else { + include 'templates/header.php'; + include 'templates/menu.php'; + include 'templates/message.php'; + include "pages/{$page}.php"; + } + +// the page is not in allowed urls, loading front page +} else { + include 'templates/header.php'; + include 'templates/menu.php'; + include 'templates/message.php'; + include 'pages/front.php'; +} include 'templates/footer.php'; +// clear errors and notices before next page just in case +unset($_SESSION['error']); +unset($_SESSION['notice']); + ?> diff --git a/public_html/pages/login.php b/public_html/pages/login.php index 3106994..a41d6be 100644 --- a/public_html/pages/login.php +++ b/public_html/pages/login.php @@ -2,10 +2,12 @@ require_once 'classes/database.php'; require 'classes/user.php'; + +// clear the global error var before login unset($error); try { - $db = new Database('./jilo-web.db'); + $db = new Database($config['database']); $user = new User($db); if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) { @@ -34,16 +36,19 @@ try { 'samesite' => 'Strict', 'httponly' => true, 'secure' => isset($_SERVER['HTTPS']), - 'domain' => $domain, - 'path' => '/jilo-web/' + 'domain' => $config['domain'], + 'path' => $config['folder'] ]); // redirect to index + $_SESSION['notice'] = "Login successful"; header('Location: index.php'); exit(); // login failed } else { - $error = "Login failed."; + $_SESSION['error'] = "Login failed."; + header('Location: index.php'); + exit(); } } } catch (Exception $e) { diff --git a/public_html/pages/logout.php b/public_html/pages/logout.php deleted file mode 100644 index a38ffd0..0000000 --- a/public_html/pages/logout.php +++ /dev/null @@ -1,10 +0,0 @@ - \ No newline at end of file diff --git a/public_html/pages/register.php b/public_html/pages/register.php index fd983ee..aae29c7 100644 --- a/public_html/pages/register.php +++ b/public_html/pages/register.php @@ -5,17 +5,23 @@ require 'classes/user.php'; unset($error); try { - $db = new Database('./jilo-web.db'); + $db = new Database($config['database']); $user = new User($db); if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) { $username = $_POST['username']; $password = $_POST['password']; + // redirect to login if ( $user->register($username, $password) ) { - echo "Registration successful."; + $_SESSION['notice'] = "Registration successful.
You can log in now."; + header('Location: index.php'); + exit(); + // registration fail, redirect to login } else { - echo "Registration failed."; + $_SESSION['error'] = "Registration failed."; + header('Location: index.php'); + exit(); } } } catch (Exception $e) { diff --git a/public_html/static/all.css b/public_html/static/all.css index 6bd8b2f..8d498e8 100644 --- a/public_html/static/all.css +++ b/public_html/static/all.css @@ -44,6 +44,7 @@ background-color: #eee; border: 1px solid #333; font-weight: bold; + font-size: 0.85em; } .notice { @@ -53,4 +54,26 @@ background-color: #eee; border: 1px solid #333; font-weight: bold; + font-size: 0.85em; +} + +#main { + width: 100%; +} + +#footer { + position: absolute; + left: 0px; + bottom: 0px; + height: 30px; + width: 100%; + background-color: #777; + color: white; + text-align: center; + font-size: 0.85em; + line-height: 30px; +} + +#footer a { + color: white; } diff --git a/public_html/templates/footer.php b/public_html/templates/footer.php index 8dd310c..7e59374 100644 --- a/public_html/templates/footer.php +++ b/public_html/templates/footer.php @@ -1,5 +1,7 @@ - + + + diff --git a/public_html/templates/form-login.php b/public_html/templates/form-login.php index 1eb8a88..a04a3ee 100644 --- a/public_html/templates/form-login.php +++ b/public_html/templates/form-login.php @@ -1,12 +1,6 @@

Login

- -
- -
- -
diff --git a/public_html/templates/form-register.php b/public_html/templates/form-register.php index 19f180d..19e9b17 100644 --- a/public_html/templates/form-register.php +++ b/public_html/templates/form-register.php @@ -1,6 +1,12 @@ - - - - -
+

Register

+ +
+
+ +
+ +
+ +
+
diff --git a/public_html/templates/header.php b/public_html/templates/header.php index d6ac58d..32fbebb 100644 --- a/public_html/templates/header.php +++ b/public_html/templates/header.php @@ -8,21 +8,4 @@ -
- - - -
+
diff --git a/public_html/templates/menu.php b/public_html/templates/menu.php new file mode 100644 index 0000000..4131410 --- /dev/null +++ b/public_html/templates/menu.php @@ -0,0 +1,19 @@ + +
+ + + +
diff --git a/public_html/templates/message.php b/public_html/templates/message.php new file mode 100644 index 0000000..75a8988 --- /dev/null +++ b/public_html/templates/message.php @@ -0,0 +1,12 @@ + + +
+ +
+ + + +
+ +
+