From 3118befc0ec7887f1240007fa1cd62df6b39a6ca Mon Sep 17 00:00:00 2001 From: Bye <bye@byecorps.com> Date: Mon, 18 Mar 2024 20:11:01 +0000 Subject: [PATCH] Dashboard --- account.php | 2 +- api_handler.php | 13 ++++++-- dashboard.php | 18 ++++++++++- index.php | 1 + login_external_basic.php | 9 +----- settings.php | 44 +++++++++++++++++++++++++ styles/colours.css | 13 ++++++-- styles/profiles.css | 10 +++--- styles/settings.css | 69 ++++++++++++++++++++++++++++++++++++++++ 9 files changed, 159 insertions(+), 20 deletions(-) create mode 100644 settings.php create mode 100644 styles/settings.css diff --git a/account.php b/account.php index 30fa20f..fe7931c 100644 --- a/account.php +++ b/account.php @@ -77,7 +77,7 @@ if (isset($message )) { ?> <div id="wrapper"> - <div id="profile"> + <div id="mini_profile"> <img src="<?= get_gravatar_url($user['email']); ?>"> <div class="details"> <span class="displayname"><?= $user['display_name'] ?></span> diff --git a/api_handler.php b/api_handler.php index d3fdc14..2792cb1 100644 --- a/api_handler.php +++ b/api_handler.php @@ -14,6 +14,7 @@ if (!empty($access_token)) { $token = db_execute("SELECT * FROM tokens WHERE access_token = ?", [$access_token]); // if the token doesn't exist... if (empty($token)) { + $invalid_token = true; // We won't tell this to the end-user immediately because I'd prefer to tell them about // 404 first. } else { @@ -21,10 +22,12 @@ if (!empty($access_token)) { } } -function check_authorisation($token): int +function check_authorisation($token=""): int { + global $token_owner; // Validate token - if (!validate_access_token($token)) { + if (!validate_access_token($token) && "" != $token) { + echo "invalid"; return 0; // Unauthorised } @@ -37,6 +40,7 @@ function check_authorisation($token): int $token_row = [ "type" => "dangerous" ]; + $token_owner = $_SESSION['id']; } else { return 0; } @@ -94,8 +98,11 @@ function api_user_info(): array $data = null; - if ($level == 1) { + if ($level >= 1) { $data = db_execute("SELECT id, email, display_name FROM accounts WHERE id = ? LIMIT 1", [$token_owner]); + } if ($level == 22) { + $data = db_execute("SELECT * FROM accounts WHERE id = ? LIMIT 1", [$token_owner]); + unset($data['password']); } if (null != $data) { diff --git a/dashboard.php b/dashboard.php index 9542481..b5e630e 100644 --- a/dashboard.php +++ b/dashboard.php @@ -14,4 +14,20 @@ if (!$_SESSION['auth']) { $doc_title = get_display_name($user['id']) . "'s Dashboard" ; $output = $output . - "<h1>Hey there ". $user['display_name'] ."!</h1>"; + "<link rel='stylesheet' href='/styles/settings.css' /> + +<div id=\"settings_split\"> + <div id=\"mini_profile\" class=\"left\"> + <div class=\"image_container\" data-backgroundcolour=\"white\"> + <img src='" . get_avatar_url($user['id']) . "' /> + </div> + <div class=\"texts\"> + <span class=\"displayname\">" . htmlspecialchars(get_display_name($user['id'], false)) . "</span> + <span class=\"id bcid\">" . format_bcid($user['id']) . "</span> + </div> + </div> + <div class='right'> + <h1>". htmlspecialchars(get_display_name($user['id'], false)) ."'s Dashboard</h1> + </div> +</div> +"; diff --git a/index.php b/index.php index 354cb19..dee8e31 100755 --- a/index.php +++ b/index.php @@ -125,6 +125,7 @@ $paths = array( // Settings "/dashboard" => ["dashboard.php", "Dashboard", true], + "/settings" => ["settings.php", "Settings"], "/account" => ["account.php", "Your account"], "/signin" => ["signin.php", "Sign in"], diff --git a/login_external_basic.php b/login_external_basic.php index 5b3d55b..15bfebe 100644 --- a/login_external_basic.php +++ b/login_external_basic.php @@ -86,14 +86,7 @@ login: ?> -<!DOCTYPE html> -<html> -<head> - <?php include ("head.php"); ?> -</head> -<body> - <?php include("header.php"); ?> - <main> +<main> <div id="loginform"> <?php if ("" != $error) {goto error_no_app;} ?> <div id="connection_img"> diff --git a/settings.php b/settings.php new file mode 100644 index 0000000..13d3d3a --- /dev/null +++ b/settings.php @@ -0,0 +1,44 @@ +<?php + +if (empty($_SESSION)) { + http_response_code(307); + header('Location: /signin?callback=/dashboard'); + exit(); +} +if (!$_SESSION['auth']) { + http_response_code(307); + header('Location: /signin?callback=/dashboard'); + exit; +} + +?> + +<link href="/styles/settings.css" rel="stylesheet" /> + +<div id="settings_split"> + <div id="mini_profile" class="left"> + <div class="image_container" data-backgroundcolour="white"> + <img src=<?= get_avatar_url($user['id']) ?> /> + </div> + <div class="texts"> + <span class="displayname"><?= htmlspecialchars(get_display_name($user['id'], false)) ?></span> + <span class="id bcid"><?= format_bcid($user['id']) ?></span> + </div> + </div> + + <ul id="settings_list" class="right"> + <h1>Settings</h1> + <li> + <a href="/settings/account"> + <i class="fa-solid fa-fw fa-person icon"></i> + Account + </a> + </li> + <li> + <a href="/dashboard"> + <i class="fa-solid fa-fw fa-arrow-left icon"></i> + Return to Dashboard + </a> + </li> + </ul> +</div> diff --git a/styles/colours.css b/styles/colours.css index 287d9f0..aac47e3 100644 --- a/styles/colours.css +++ b/styles/colours.css @@ -27,6 +27,9 @@ --background: white; --background-dark: #121212; + --foreground: black; + --foreground-dark: white; + color-scheme: light dark; } @@ -107,8 +110,15 @@ input[data-com-onepassword-filled="dark"] { } @media screen and (prefers-color-scheme: dark) { + :root { + --background: #121212; + --foreground: white; + + color-scheme: light dark; + } + html { - background: var(--background-dark, #121212); + background: var(--background, #121212); } button.primary, .button.primary { @@ -126,7 +136,6 @@ input[data-com-onepassword-filled="dark"] { } input, textarea { - background-color: #2c2c2c77; } diff --git a/styles/profiles.css b/styles/profiles.css index 01c8d67..fb02a44 100644 --- a/styles/profiles.css +++ b/styles/profiles.css @@ -1,5 +1,5 @@ -#profile { +#mini_profile { display: flex; gap: 1rem; padding: 1rem; @@ -12,18 +12,18 @@ background: var(--grey-0); } -#profile > .avatar { +#mini_profile > .avatar { height: 150px; border-radius: 1em; } -#profile > .info > .displayname { +#mini_profile > .info > .displayname { font-size: 2.5rem; font-weight: bolder; } -#profile > .info > .bcid { +#mini_profile > .info > .bcid { font-size: 1.5rem; } @@ -63,7 +63,7 @@ } @media screen and (prefers-color-scheme: dark) { - #profile { + #mini_profile { background: var(--grey-9); } } diff --git a/styles/settings.css b/styles/settings.css new file mode 100644 index 0000000..86ad52f --- /dev/null +++ b/styles/settings.css @@ -0,0 +1,69 @@ + +#settings_split { + display: grid; + + grid-template-columns: 1fr 4fr; +} + +#mini_profile { + display: flex; + flex-direction: column; + + border-radius: 1.5rem; + overflow: clip; +} + +#mini_profile .image_container { + display: flex; + background: linear-gradient(to bottom, white, var(--background) 90%); +} + +#mini_profile .image_container img { + width: 50%; + margin: 0.5rem auto auto; + padding-top: 0.5rem; + border-radius: 1rem; +} + +#mini_profile .texts { + text-align: center; + display: flex; + flex-direction: column; + + padding-top: 1rem; +} + +#mini_profile .texts .displayname { + font-size: 2rem; + font-weight: bold; +} + +#settings_list { + list-style: none; +} + +#settings_list > h1 { + margin: 0 0 1rem 0; +} + +#settings_list li { + border-top: var(--foreground) 1px solid; +} + +#settings_list li:first-child { + border-top: none; +} + +#settings_list li > a { + display: block; + padding: 1rem 0; + + color: var(--foreground); + text-decoration: none; + + transition: color 0.2s ease-in-out; +} + +#settings_list li > a:hover { + color: var(--flax) +} -- GitLab