un-hard-coded db name and server

master
BodgeMaster 2021-09-02 17:01:28 +02:00
parent 7e62d6f11e
commit d2b0c46510
12 changed files with 30 additions and 20 deletions

View File

@ -15,7 +15,7 @@
$random_salt = generate_salt($permitted_chars); $random_salt = generate_salt($permitted_chars);
$password_hash_method = "sha256"; $password_hash_method = "sha256";
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$query = "SELECT id, name, authentication_algorithm FROM users;"; $query = "SELECT id, name, authentication_algorithm FROM users;";
if (isset($_GET['action'])) { if (isset($_GET['action'])) {

View File

@ -7,6 +7,10 @@ configuration for a specific instance
- threadr_dir=<directory on the webhost> - threadr_dir=<directory on the webhost>
- db_username=<mysql user> - db_username=<mysql user>
- db_password=<mysql password> - db_password=<mysql password>
- db_database=<name of the database>
- db_svr_host=<mysql server address>
I know some of these option names are silly but they all have the same length. -BodgeMaster
The format is strictly `<option>=<value>` because the mechanism used to load the config values is very simple. Dont add additional whitespace for fancy formatting. Things *will* break. You have been warned. The format is strictly `<option>=<value>` because the mechanism used to load the config values is very simple. Dont add additional whitespace for fancy formatting. Things *will* break. You have been warned.

View File

@ -2,3 +2,5 @@ domain_name=threadr.lostcave.ddnss.de
threadr_dir=/threadr threadr_dir=/threadr
db_username=webstuff db_username=webstuff
db_password=Schei// auf Pa$$w0rter! db_password=Schei// auf Pa$$w0rter!
db_database=web
db_svr_host=localhost

View File

@ -22,6 +22,8 @@ Macros that grab the configuration values and inject them into the instance
- `%CONTENT_DIR%` the directory of the ThreadR home page on the webhost - `%CONTENT_DIR%` the directory of the ThreadR home page on the webhost
- `%DB_PASSWORD%` password for the MySQL server - `%DB_PASSWORD%` password for the MySQL server
- `%DB_USERNAME%` username for the MySQL server - `%DB_USERNAME%` username for the MySQL server
- `%DB_NAME%` name of the database to use
- `%DB_SERVER%` address of the mysql server
- `%ABOUT_PAGE%` the template for the about page - `%ABOUT_PAGE%` the template for the about page
### [README.md](./README.md) ### [README.md](./README.md)
this file this file

View File

@ -3,5 +3,7 @@
"CONTENT_DIR":["exec","echo -n \"$(sed --quiet \"/threadr_dir=/s/.*=//p\" config/instance.conf)\""], "CONTENT_DIR":["exec","echo -n \"$(sed --quiet \"/threadr_dir=/s/.*=//p\" config/instance.conf)\""],
"DB_PASSWORD":["exec","echo -n \"$(sed --quiet \"/db_password=/s/.*=//p\" config/instance.conf)\""], "DB_PASSWORD":["exec","echo -n \"$(sed --quiet \"/db_password=/s/.*=//p\" config/instance.conf)\""],
"DB_USERNAME":["exec","echo -n \"$(sed --quiet \"/db_username=/s/.*=//p\" config/instance.conf)\""], "DB_USERNAME":["exec","echo -n \"$(sed --quiet \"/db_username=/s/.*=//p\" config/instance.conf)\""],
"DB_NAME" :["exec","echo -n \"$(sed --quiet \"/db_database=/s/.*=//p\" config/instance.conf)\""],
"DB_SERVER" :["exec","echo -n \"$(sed --quiet \"/db_svr_host=/s/.*=//p\" config/instance.conf)\""],
"ABOUT_PAGE":["file","config/about.template"] "ABOUT_PAGE":["file","config/about.template"]
} }

View File

@ -1,5 +1,5 @@
<?php <?php
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$statement = $pdo->prepare("SELECT * FROM posts WHERE board_id=:bid ORDER BY post_time asc"); $statement = $pdo->prepare("SELECT * FROM posts WHERE board_id=:bid ORDER BY post_time asc");
$statement->execute(array("bid"=>$id)); $statement->execute(array("bid"=>$id));
foreach($statement->fetchAll() as $ROW) { foreach($statement->fetchAll() as $ROW) {

View File

@ -28,7 +28,7 @@ $id=$_GET['id'];
<div class="item-1"> <div class="item-1">
<h1><center> <h1><center>
<?php <?php
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false; $error = false;
$error_message = ""; $error_message = "";
if (!$error) { if (!$error) {

View File

@ -22,7 +22,7 @@ $navbar="boards";
<div class="item-2"> <div class="item-2">
<ul class="list"> <ul class="list">
<?php <?php
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false; $error = false;
$error_message = ""; $error_message = "";
if (!$error) { if (!$error) {

View File

@ -2,7 +2,7 @@
session_start(); session_start();
%PLEAZE_NO_CACHE% %PLEAZE_NO_CACHE%
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;'); $statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;');
$result = $statement->execute(array('username' => $_POST['username'])); $result = $statement->execute(array('username' => $_POST['username']));
if ($statement->rowCount() > 0) { if ($statement->rowCount() > 0) {

View File

@ -5,7 +5,7 @@ session_start();
%NO_CHEAP_SESSION_STEALING% %NO_CHEAP_SESSION_STEALING%
%REQUIRE_LOGIN% %REQUIRE_LOGIN%
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false; $error = false;
$error_message = ""; $error_message = "";
if (!$error) { if (!$error) {

View File

@ -25,7 +25,7 @@
$password_salt = generate_salt($permitted_chars); $password_salt = generate_salt($permitted_chars);
$password_hash_method = "sha256"; $password_hash_method = "sha256";
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
//$statement = $pdo->prepare(''); //$statement = $pdo->prepare('');
$navbar = "verify-email"; $navbar = "verify-email";
?> ?>

View File

@ -5,7 +5,7 @@ session_start();
%NO_CHEAP_SESSION_STEALING% %NO_CHEAP_SESSION_STEALING%
%REQUIRE_LOGIN% %REQUIRE_LOGIN%
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false; $error = false;
$error_message = ""; $error_message = "";
if (!$error) { if (!$error) {