From 2260294a6bc32477801def92b7a15e58fc6c2172 Mon Sep 17 00:00:00 2001 From: Bye <bye@byecorps.com> Date: Tue, 31 Oct 2023 20:21:33 +0000 Subject: [PATCH] start with BCIDs --- head.php | 7 ++++++ id_handler.php | 34 ++++++++++++++++++++++++++++ index.php | 61 +++++++++++++++++++++++++++++--------------------- landing.html | 18 +++++++-------- register.php | 56 +++++++++++++++++++++++++++++++++++++++++++++ signin.php | 0 6 files changed, 140 insertions(+), 36 deletions(-) create mode 100644 head.php create mode 100644 id_handler.php create mode 100644 register.php delete mode 100644 signin.php diff --git a/head.php b/head.php new file mode 100644 index 0000000..8abba52 --- /dev/null +++ b/head.php @@ -0,0 +1,7 @@ +<meta charset="UTF-8"> +<meta http-equiv="X-UA-Compatible" content="IE=edge"> +<meta name="viewport" content="width=device-width, initial-scale=1.0"> +<title><?php if (isset($doc_title)) { echo $doc_title." | "; } ?>ByeCorps ID</title> + +<link rel="stylesheet" href="/styles/global.css"> +<link rel="stylesheet" href="/fontawesome/css/all.css"> \ No newline at end of file diff --git a/id_handler.php b/id_handler.php new file mode 100644 index 0000000..01615cd --- /dev/null +++ b/id_handler.php @@ -0,0 +1,34 @@ +<?php + +function ganerate_bcid() { + $CHARS = str_split("ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"); + return $CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)].$CHARS[array_rand($CHARS)]; +} + +function validate_bcid($bcid) { + $stripped_bcid = str_replace([" ", "-"], "", $bcid); + $stripped_bcid = strtoupper($stripped_bcid); + + if (!preg_match('/^[^A-Z^0-9]^/', $stripped_bcid) && strlen($stripped_bcid) == 7) { + return 1; + } + + return 0; // fail condition +} + +$BCID = ganerate_bcid(); + +echo "<pre>"; +echo "Random BCID (unformatted): $BCID +"; +echo "Check if BCID is valid: ".validate_bcid($BCID)." +"; + +if ($query['bcid']) { + echo "BCID provided in the query: ".$query['bcid']." +"; + echo "Checking the BCID provided in the query: ".validate_bcid($query['bcid'])." +"; +} + +?> \ No newline at end of file diff --git a/index.php b/index.php index c4ee53f..f2f3bed 100644 --- a/index.php +++ b/index.php @@ -2,56 +2,65 @@ session_start(); +include("config.php"); + $host_string = $_SERVER['HTTP_HOST']; $host = explode('.', $host_string); $uri_string = $_SERVER['REQUEST_URI']; $query_string = explode('?', $uri_string); +$path = $query_string[0]; $uri = array_values(array_filter(explode('/', $uri_string))); if(isset($query_string[1])) { - $uri_string = $query_string[0]; - $query_string = explode('&', $query_string[1]); - $query = array(); - foreach($query_string as $string) { + $uri_string = $query_string[0]; + $query_string = explode('&', $query_string[1]); + $query = array(); + foreach($query_string as $string) { $bits = explode('=', $string); $query[$bits[0]] = $bits[1]; - } + } } else { $query = array(); } +$include = "404.html"; + +// routing +if (!$uri) { + // empty array means index + $include = "landing.html"; +} +else if ($path == "/signin") { + $doc_title = "Sign in"; + include("signin.php"); + exit; +} +else if ($path == "/register") { + $doc_title = "Register"; + include("register.php"); + exit; +} +else if ($path == "/tests/id") { + include("id_handler.php"); + exit; +} +else { + $doc_title = "404"; + http_response_code(404); +} ?> <!DOCTYPE html> <html lang="en"> <head> - <meta charset="UTF-8"> - <meta http-equiv="X-UA-Compatible" content="IE=edge"> - <meta name="viewport" content="width=device-width, initial-scale=1.0"> - <title>ByeCorps ID</title> - - <link rel="stylesheet" href="/styles/global.css"> - <link rel="stylesheet" href="/fontawesome/css/all.css"> + <?php include("head.php"); ?> </head> <body> <?php include("header.php"); ?> <main> - <?php - // routing - if (!$uri) { - // empty array means index - include("landing.html"); - } - else if ($query_string[0] == "/signin") { - include("signin.php"); - } - else { - http_response_code(404); - include("404.html"); - } - ?> + <?php include($include); ?> </main> <?php include("footer.php"); ?> </body> diff --git a/landing.html b/landing.html index d6f90fa..6ad7729 100644 --- a/landing.html +++ b/landing.html @@ -1,11 +1,9 @@ -<main> - <div class="hero"> - <div class="hero-text"> - <h1><span class="bc-1">Bye</span><span class="bc-2">Corps</span><span class="bc-3"> ID</span></h1> - <p>Log into ByeCorps and beyond with a single ID.</p> - <!-- <p><input type="email" name="loginEmail" id="loginEmail" placeholder="Email" /></p> --> - <a href="/signin" class="button primary">Sign in</a> - <a href="/register" class="button">Create an account</a> - </div> +<div class="hero"> + <div class="hero-text"> + <h1><span class="bc-1">Bye</span><span class="bc-2">Corps</span><span class="bc-3"> ID</span></h1> + <p>Log into ByeCorps and beyond with a single ID.</p> + <!-- <p><input type="email" name="loginEmail" id="loginEmail" placeholder="Email" /></p> --> + <a href="/signin" class="button primary">Sign in</a> + <a href="/register" class="button">Create an account</a> </div> -</main> \ No newline at end of file +</div> \ No newline at end of file diff --git a/register.php b/register.php new file mode 100644 index 0000000..eb8ce98 --- /dev/null +++ b/register.php @@ -0,0 +1,56 @@ +<?php + + +if ($_SERVER['REQUEST_METHOD'] === 'POST') { + $DB_SERVER = DB_ADDRESS; + $DB_USER = DB_USERNAME; + $DB_PASSWD = DB_PASSWORD; + $DB_BASE = DB_DATABASE; + + $email = $_POST['email']; + $password = password_hash($_POST['password'], PASSWORD_DEFAULT); + + try { + $conn = new PDO("mysql:host=$DB_SERVER;dbname=$DB_BASE", $DB_USER, $DB_PASSWD); + // set the PDO error mode to exception + $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + $sql = "INSERT INTO `accounts` (`email`, `password`, `verified`) VALUES ('$email', '$password', '0')"; + try{ + $stmt = $conn->prepare($sql); + $stmt->execute($query); + $result = $stmt->fetch(); + echo "Failed successfully: $result"; + } catch (PDOException $e) { + http_response_code(500); + die("An error occured: $e"); + } + } + catch(PDOException $e) { + die ("Connection failed: " . $e->getMessage()); + } + echo '<pre>'; + print_r($_POST); + + exit; +} + +?> + +<!DOCTYPE html> +<html lang="en"> +<head> + <?php include("head.php"); ?> +</head> +<body> + <?php include("header.php"); ?> + <main> + <h2>Sign in</h2> + <form action="#" method="post"> + <input type="email" name="email" id="email" placeholder="Email"> + <input type="password" name="password" id="password" placeholder="Password"> + <button type="submit">Submit</button> + </form> + </main> + <?php include("footer.php"); ?> +</body> +</html> \ No newline at end of file diff --git a/signin.php b/signin.php deleted file mode 100644 index e69de29..0000000 -- GitLab