From 2260294a6bc32477801def92b7a15e58fc6c2172 Mon Sep 17 00:00:00 2001
From: Bye <bye@byecorps.com>
Date: Tue, 31 Oct 2023 20:21:33 +0000
Subject: [PATCH] start with BCIDs

---
 head.php       |  7 ++++++
 id_handler.php | 34 ++++++++++++++++++++++++++++
 index.php      | 61 +++++++++++++++++++++++++++++---------------------
 landing.html   | 18 +++++++--------
 register.php   | 56 +++++++++++++++++++++++++++++++++++++++++++++
 signin.php     |  0
 6 files changed, 140 insertions(+), 36 deletions(-)
 create mode 100644 head.php
 create mode 100644 id_handler.php
 create mode 100644 register.php
 delete mode 100644 signin.php

diff --git a/head.php b/head.php
new file mode 100644
index 0000000..8abba52
--- /dev/null
+++ b/head.php
@@ -0,0 +1,7 @@
+<meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="IE=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title><?php if (isset($doc_title)) { echo $doc_title." | "; } ?>ByeCorps ID</title>
+
+<link rel="stylesheet" href="/styles/global.css">
+<link rel="stylesheet" href="/fontawesome/css/all.css">
\ No newline at end of file
diff --git a/id_handler.php b/id_handler.php
new file mode 100644
index 0000000..01615cd
--- /dev/null
+++ b/id_handler.php
@@ -0,0 +1,34 @@
+<?php
+
+function ganerate_bcid() {
+    $CHARS = str_split("ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890");
+    return $CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)];
+}
+
+function validate_bcid($bcid) {
+    $stripped_bcid = str_replace([" ", "-"], "", $bcid);
+    $stripped_bcid = strtoupper($stripped_bcid);
+
+    if (!preg_match('/^[^A-Z^0-9]^/', $stripped_bcid) && strlen($stripped_bcid) == 7) {
+        return 1;
+    }
+
+    return 0; // fail condition
+}
+
+$BCID = ganerate_bcid();
+
+echo "<pre>";
+echo "Random BCID (unformatted): $BCID
+";
+echo "Check if BCID is valid: ".validate_bcid($BCID)."
+";
+
+if ($query['bcid']) {
+    echo "BCID provided in the query: ".$query['bcid']."
+";
+    echo "Checking the BCID provided in the query: ".validate_bcid($query['bcid'])."
+";
+}
+
+?>
\ No newline at end of file
diff --git a/index.php b/index.php
index c4ee53f..f2f3bed 100644
--- a/index.php
+++ b/index.php
@@ -2,56 +2,65 @@
 
 session_start();
 
+include("config.php");
+
 $host_string = $_SERVER['HTTP_HOST'];
 $host = explode('.', $host_string);
 $uri_string = $_SERVER['REQUEST_URI'];
 $query_string = explode('?', $uri_string);
+$path = $query_string[0];
 $uri = array_values(array_filter(explode('/', $uri_string)));
 
 if(isset($query_string[1])) {
-        $uri_string = $query_string[0];
-        $query_string = explode('&', $query_string[1]);
-        $query = array();
-        foreach($query_string as $string) {
+    $uri_string = $query_string[0];
+    $query_string = explode('&', $query_string[1]);
+    $query = array();
+    foreach($query_string as $string) {
                 $bits = explode('=', $string);
                 $query[$bits[0]] = $bits[1];
-        }
+            }
 }
 else {
         $query = array();
 }
 
+$include = "404.html";
+
+// routing
+if (!$uri) {
+    // empty array means index
+    $include = "landing.html";
+}
+else if ($path == "/signin") {
+    $doc_title = "Sign in";
+    include("signin.php");
+    exit;
+}
+else if ($path == "/register") {
+    $doc_title = "Register";
+    include("register.php");
+    exit;
+}
+else if ($path == "/tests/id") {
+    include("id_handler.php");
+    exit;
+}
+else {
+    $doc_title = "404";
+    http_response_code(404);
+}
 
 ?>
 
 <!DOCTYPE html>
 <html lang="en">
 <head>
-    <meta charset="UTF-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>ByeCorps ID</title>
-
-    <link rel="stylesheet" href="/styles/global.css">
-    <link rel="stylesheet" href="/fontawesome/css/all.css">
+    <?php include("head.php"); ?>
 </head>
 <body>
     <?php include("header.php"); ?>
     <main>
-        <?php 
-            // routing
-            if (!$uri) {
-                // empty array means index
-                include("landing.html"); 
-            }
-            else if ($query_string[0] == "/signin") {
-                include("signin.php");
-            }
-            else {
-                http_response_code(404);
-                include("404.html");
-            }
-        ?>
+        <?php include($include); ?>
     </main>
     <?php include("footer.php"); ?>
 </body>
diff --git a/landing.html b/landing.html
index d6f90fa..6ad7729 100644
--- a/landing.html
+++ b/landing.html
@@ -1,11 +1,9 @@
-<main>
-    <div class="hero">
-        <div class="hero-text">
-            <h1><span class="bc-1">Bye</span><span class="bc-2">Corps</span><span class="bc-3"> ID</span></h1>
-            <p>Log into ByeCorps and beyond with a single ID.</p>
-            <!-- <p><input type="email" name="loginEmail" id="loginEmail" placeholder="Email" /></p> -->
-            <a href="/signin" class="button primary">Sign in</a>
-            <a href="/register" class="button">Create an account</a>
-        </div>
+<div class="hero">
+    <div class="hero-text">
+        <h1><span class="bc-1">Bye</span><span class="bc-2">Corps</span><span class="bc-3"> ID</span></h1>
+        <p>Log into ByeCorps and beyond with a single ID.</p>
+        <!-- <p><input type="email" name="loginEmail" id="loginEmail" placeholder="Email" /></p> -->
+        <a href="/signin" class="button primary">Sign in</a>
+        <a href="/register" class="button">Create an account</a>
     </div>
-</main>
\ No newline at end of file
+</div>
\ No newline at end of file
diff --git a/register.php b/register.php
new file mode 100644
index 0000000..eb8ce98
--- /dev/null
+++ b/register.php
@@ -0,0 +1,56 @@
+<?php 
+
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $DB_SERVER = DB_ADDRESS;
+    $DB_USER = DB_USERNAME;
+    $DB_PASSWD = DB_PASSWORD;
+    $DB_BASE = DB_DATABASE;
+
+    $email = $_POST['email'];
+    $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
+    
+    try {
+        $conn = new PDO("mysql:host=$DB_SERVER;dbname=$DB_BASE", $DB_USER, $DB_PASSWD);
+        // set the PDO error mode to exception
+        $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+        $sql = "INSERT INTO `accounts` (`email`, `password`, `verified`) VALUES ('$email', '$password', '0')";
+        try{
+            $stmt = $conn->prepare($sql);
+            $stmt->execute($query);
+            $result = $stmt->fetch();
+            echo "Failed successfully: $result";
+        } catch (PDOException $e) {
+                http_response_code(500);
+                die("An error occured: $e");
+        }
+    } 
+    catch(PDOException $e) {
+        die ("Connection failed: " . $e->getMessage());
+    }
+    echo '<pre>';
+    print_r($_POST);
+
+    exit;
+}
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <?php include("head.php"); ?>
+</head>
+<body>
+    <?php include("header.php"); ?>
+    <main>
+        <h2>Sign in</h2>
+        <form action="#" method="post">
+            <input type="email" name="email" id="email" placeholder="Email">
+            <input type="password" name="password" id="password" placeholder="Password">
+            <button type="submit">Submit</button>
+        </form>
+    </main>
+    <?php include("footer.php"); ?>
+</body>
+</html>
\ No newline at end of file
diff --git a/signin.php b/signin.php
deleted file mode 100644
index e69de29..0000000
-- 
GitLab