SnowCode
/
threadr.lostcave.ddnss.de
forked from root/threadr.lostcave.ddnss.de
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

un-hard-coded db name and server

master
BodgeMaster 2021-09-02 17:01:28 +02:00
parent 7e62d6f11e
commit d2b0c46510
12 changed files with 30 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
admin.php
View File

@ -15,7 +15,7 @@
$random_salt = generate_salt($permitted_chars); $random_salt = generate_salt($permitted_chars);
$password_hash_method = "sha256"; $password_hash_method = "sha256";
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$query = "SELECT id, name, authentication_algorithm FROM users;"; $query = "SELECT id, name, authentication_algorithm FROM users;";
if (isset($_GET['action'])) { if (isset($_GET['action'])) {

4
config/README.md
View File

@ -7,6 +7,10 @@ configuration for a specific instance
- threadr_dir=<directory on the webhost> - threadr_dir=<directory on the webhost>
- db_username=<mysql user> - db_username=<mysql user>
- db_password=<mysql password> - db_password=<mysql password>
- db_database=<name of the database>
- db_svr_host=<mysql server address>
I know some of these option names are silly but they all have the same length. -BodgeMaster
The format is strictly `<option>=<value>` because the mechanism used to load the config values is very simple. Dont add additional whitespace for fancy formatting. Things *will* break. You have been warned. The format is strictly `<option>=<value>` because the mechanism used to load the config values is very simple. Dont add additional whitespace for fancy formatting. Things *will* break. You have been warned.

2
config/instance.conf
View File

@ -2,3 +2,5 @@ domain_name=threadr.lostcave.ddnss.de
threadr_dir=/threadr threadr_dir=/threadr
db_username=webstuff db_username=webstuff
db_password=Schei// auf Pa$$w0rter! db_password=Schei// auf Pa$$w0rter!
db_database=web
db_svr_host=localhost

26
macros/README.md
View File

@ -3,25 +3,27 @@
contains the templates used by the macro processor contains the templates used by the macro processor
### [pass0_templates.json](./pass0_templates.json) ### [pass0_templates.json](./pass0_templates.json)
Macros that insert templates Macros that insert templates
- `%NAVBAR%` the navigation bar at the top of the website (requires PHP) - `%NAVBAR%` the navigation bar at the top of the website (requires PHP)
- `%BANNER_COOKIES%` the cookie banner (requires PHP) - `%BANNER_COOKIES%` the cookie banner (requires PHP)
### [pass1_misc.json](./pass1_misc.json) ### [pass1_misc.json](./pass1_misc.json)
Miscellaneous macros Miscellaneous macros
- `%STYLESHEET%` links stylesheet (HTML <head> section) - `%STYLESHEET%` links stylesheet (HTML <head> section)
- `%PLEAZE_NO_CACHE%` tell the browser not to cache this page (PHP, before any data is sent to the client) - `%PLEAZE_NO_CACHE%` tell the browser not to cache this page (PHP, before any data is sent to the client)
- `%COLOR_BEIGE%`, `%COLOR_ORANGE%`, `%COLOR_BLUE%`, `%COLOR_PINK%`, `%COLOR_CYAN%` color codes, format: #XXXXXX - `%COLOR_BEIGE%`, `%COLOR_ORANGE%`, `%COLOR_BLUE%`, `%COLOR_PINK%`, `%COLOR_CYAN%` color codes, format: #XXXXXX
### [pass2_session.json](./pass2_session.json) ### [pass2_session.json](./pass2_session.json)
Session handling macros Session handling macros
- `%REQUIRE_LOGIN%` go to login page if not logged in - `%REQUIRE_LOGIN%` go to login page if not logged in
- `%NO_CHEAP_SESSION_STEALING%` make sure that IP and user agent stay the same, otherwise end session - `%NO_CHEAP_SESSION_STEALING%` make sure that IP and user agent stay the same, otherwise end session
- `%SET_LOGIN_VARIABLE%` sets the variable $login based on whether the user is logged in - `%SET_LOGIN_VARIABLE%` sets the variable $login based on whether the user is logged in
- `%FORCE_LOGOUT%` end session right here and now - `%FORCE_LOGOUT%` end session right here and now
### [pass3_install-config.json](./pass3_install-config.json) ### [pass3_install-config.json](./pass3_install-config.json)
Macros that grab the configuration values and inject them into the instance Macros that grab the configuration values and inject them into the instance
- `%DOMAIN_NAME%` the domain name of the instance - `%DOMAIN_NAME%` the domain name of the instance
- `%CONTENT_DIR%` the directory of the ThreadR home page on the webhost - `%CONTENT_DIR%` the directory of the ThreadR home page on the webhost
- `%DB_PASSWORD%` password for the MySQL server - `%DB_PASSWORD%` password for the MySQL server
- `%DB_USERNAME%` username for the MySQL server - `%DB_USERNAME%` username for the MySQL server
- `%ABOUT_PAGE%` the template for the about page - `%DB_NAME%` name of the database to use
- `%DB_SERVER%` address of the mysql server
- `%ABOUT_PAGE%` the template for the about page
### [README.md](./README.md) ### [README.md](./README.md)
this file this file

2
macros/pass3_install-config.json
View File

@ -3,5 +3,7 @@
"CONTENT_DIR":["exec","echo -n \"$(sed --quiet \"/threadr_dir=/s/.*=//p\" config/instance.conf)\""], "CONTENT_DIR":["exec","echo -n \"$(sed --quiet \"/threadr_dir=/s/.*=//p\" config/instance.conf)\""],
"DB_PASSWORD":["exec","echo -n \"$(sed --quiet \"/db_password=/s/.*=//p\" config/instance.conf)\""], "DB_PASSWORD":["exec","echo -n \"$(sed --quiet \"/db_password=/s/.*=//p\" config/instance.conf)\""],
"DB_USERNAME":["exec","echo -n \"$(sed --quiet \"/db_username=/s/.*=//p\" config/instance.conf)\""], "DB_USERNAME":["exec","echo -n \"$(sed --quiet \"/db_username=/s/.*=//p\" config/instance.conf)\""],
"DB_NAME" :["exec","echo -n \"$(sed --quiet \"/db_database=/s/.*=//p\" config/instance.conf)\""],
"DB_SERVER" :["exec","echo -n \"$(sed --quiet \"/db_svr_host=/s/.*=//p\" config/instance.conf)\""],
"ABOUT_PAGE":["file","config/about.template"] "ABOUT_PAGE":["file","config/about.template"]
} }

2
threadr/board/board.php
View File

@ -1,5 +1,5 @@
<?php <?php
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$statement = $pdo->prepare("SELECT * FROM posts WHERE board_id=:bid ORDER BY post_time asc"); $statement = $pdo->prepare("SELECT * FROM posts WHERE board_id=:bid ORDER BY post_time asc");
$statement->execute(array("bid"=>$id)); $statement->execute(array("bid"=>$id));
foreach($statement->fetchAll() as $ROW) { foreach($statement->fetchAll() as $ROW) {

2
threadr/board/index.php
View File

@ -28,7 +28,7 @@ $id=$_GET['id'];
<div class="item-1"> <div class="item-1">
<h1><center> <h1><center>
<?php <?php
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false; $error = false;
$error_message = ""; $error_message = "";
if (!$error) { if (!$error) {

2
threadr/boards/index.php
View File

@ -22,7 +22,7 @@ $navbar="boards";
<div class="item-2"> <div class="item-2">
<ul class="list"> <ul class="list">
<?php <?php
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false; $error = false;
$error_message = ""; $error_message = "";
if (!$error) { if (!$error) {

2
threadr/login/redirect.php
View File

@ -2,7 +2,7 @@
session_start(); session_start();
%PLEAZE_NO_CACHE% %PLEAZE_NO_CACHE%
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;'); $statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;');
$result = $statement->execute(array('username' => $_POST['username'])); $result = $statement->execute(array('username' => $_POST['username']));
if ($statement->rowCount() > 0) { if ($statement->rowCount() > 0) {

2
threadr/profile/index.php
View File

@ -5,7 +5,7 @@ session_start();
%NO_CHEAP_SESSION_STEALING% %NO_CHEAP_SESSION_STEALING%
%REQUIRE_LOGIN% %REQUIRE_LOGIN%
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false; $error = false;
$error_message = ""; $error_message = "";
if (!$error) { if (!$error) {

2
threadr/signup/verify-email/index.php
View File

@ -25,7 +25,7 @@
$password_salt = generate_salt($permitted_chars); $password_salt = generate_salt($permitted_chars);
$password_hash_method = "sha256"; $password_hash_method = "sha256";
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
//$statement = $pdo->prepare(''); //$statement = $pdo->prepare('');
$navbar = "verify-email"; $navbar = "verify-email";
?> ?>

2
threadr/userhome/index.php
View File

@ -5,7 +5,7 @@ session_start();
%NO_CHEAP_SESSION_STEALING% %NO_CHEAP_SESSION_STEALING%
%REQUIRE_LOGIN% %REQUIRE_LOGIN%
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%'); $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false; $error = false;
$error_message = ""; $error_message = "";
if (!$error) { if (!$error) {