un-hard-coded db name and server

2021-09-02 17:01:28 +02:00 · 2021-09-02 17:01:28 +02:00 · d2b0c46510
parent 7e62d6f11e
commit d2b0c46510
12 changed files with 30 additions and 20 deletions
--- a/admin.php
+++ b/admin.php
@ -15,7 +15,7 @@
  $random_salt = generate_salt($permitted_chars);
  $password_hash_method = "sha256";

-  $pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
+  $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
  $query = "SELECT id, name, authentication_algorithm FROM users;";

  if (isset($_GET['action'])) {
--- a/config/README.md
+++ b/config/README.md
@ -7,6 +7,10 @@ configuration for a specific instance
 - threadr_dir=<directory on the webhost>
 - db_username=<mysql user>
 - db_password=<mysql password>
+- db_database=<name of the database>
+- db_svr_host=<mysql server address>
+
+I know some of these option names are silly but they all have the same length. -BodgeMaster

 The format is strictly `<option>=<value>` because the mechanism used to load the config values is very simple. Don’t add additional whitespace for fancy formatting. Things *will* break. You have been warned.

--- a/config/instance.conf
+++ b/config/instance.conf
@ -2,3 +2,5 @@ domain_name=threadr.lostcave.ddnss.de
 threadr_dir=/threadr
 db_username=webstuff
 db_password=Schei// auf Pa$$w0rter!
+db_database=web
+db_svr_host=localhost
--- a/macros/README.md
+++ b/macros/README.md
@ -3,25 +3,27 @@
 contains the templates used by the macro processor
 ### [pass0_templates.json](./pass0_templates.json)
 Macros that insert templates
- `%NAVBAR%` the navigation bar at the top of the website (requires PHP)
- `%BANNER_COOKIES%` the cookie banner (requires PHP)
+- `%NAVBAR%`            the navigation bar at the top of the website (requires PHP)
+- `%BANNER_COOKIES%`    the cookie banner (requires PHP)
 ### [pass1_misc.json](./pass1_misc.json)
 Miscellaneous macros
- `%STYLESHEET%` links stylesheet (HTML <head> section)
- `%PLEAZE_NO_CACHE%` tell the browser not to cache this page (PHP, before any data is sent to the client)
+- `%STYLESHEET%`        links stylesheet (HTML <head> section)
+- `%PLEAZE_NO_CACHE%`   tell the browser not to cache this page (PHP, before any data is sent to the client)
 - `%COLOR_BEIGE%`, `%COLOR_ORANGE%`, `%COLOR_BLUE%`, `%COLOR_PINK%`, `%COLOR_CYAN%` color codes, format: #XXXXXX
 ### [pass2_session.json](./pass2_session.json)
 Session handling macros
- `%REQUIRE_LOGIN%` go to login page if not logged in
+- `%REQUIRE_LOGIN%`             go to login page if not logged in
 - `%NO_CHEAP_SESSION_STEALING%` make sure that IP and user agent stay the same, otherwise end session
- `%SET_LOGIN_VARIABLE%` sets the variable $login based on whether the user is logged in
- `%FORCE_LOGOUT%` end session right here and now
+- `%SET_LOGIN_VARIABLE%`        sets the variable $login based on whether the user is logged in
+- `%FORCE_LOGOUT%`              end session right here and now
 ### [pass3_install-config.json](./pass3_install-config.json)
 Macros that grab the configuration values and inject them into the instance
- `%DOMAIN_NAME%` the domain name of the instance
- `%CONTENT_DIR%` the directory of the ThreadR home page on the webhost
- `%DB_PASSWORD%` password for the MySQL server
- `%DB_USERNAME%` username for the MySQL server
- `%ABOUT_PAGE%` the template for the about page
+- `%DOMAIN_NAME%`   the domain name of the instance
+- `%CONTENT_DIR%`   the directory of the ThreadR home page on the webhost
+- `%DB_PASSWORD%`   password for the MySQL server
+- `%DB_USERNAME%`   username for the MySQL server
+- `%DB_NAME%`       name of the database to use
+- `%DB_SERVER%`     address of the mysql server
+- `%ABOUT_PAGE%`    the template for the about page
 ### [README.md](./README.md)
 this file
--- a/macros/pass3_install-config.json
+++ b/macros/pass3_install-config.json
@ -3,5 +3,7 @@
  "CONTENT_DIR":["exec","echo -n \"$(sed --quiet \"/threadr_dir=/s/.*=//p\" config/instance.conf)\""],
  "DB_PASSWORD":["exec","echo -n \"$(sed --quiet \"/db_password=/s/.*=//p\" config/instance.conf)\""],
  "DB_USERNAME":["exec","echo -n \"$(sed --quiet \"/db_username=/s/.*=//p\" config/instance.conf)\""],
+  "DB_NAME"    :["exec","echo -n \"$(sed --quiet \"/db_database=/s/.*=//p\" config/instance.conf)\""],
+  "DB_SERVER"  :["exec","echo -n \"$(sed --quiet \"/db_svr_host=/s/.*=//p\" config/instance.conf)\""],
  "ABOUT_PAGE":["file","config/about.template"]
 }
--- a/threadr/board/board.php
+++ b/threadr/board/board.php
@ -1,5 +1,5 @@
 <?php
-$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
+$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
 $statement = $pdo->prepare("SELECT * FROM posts WHERE board_id=:bid ORDER BY post_time asc");
 $statement->execute(array("bid"=>$id));
 foreach($statement->fetchAll() as $ROW) {
--- a/threadr/board/index.php
+++ b/threadr/board/index.php
@ -28,7 +28,7 @@ $id=$_GET['id'];
      <div class="item-1">
        <h1><center>
          <?php
-          $pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
+          $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
          $error = false;
          $error_message = "";
          if (!$error) {
--- a/threadr/boards/index.php
+++ b/threadr/boards/index.php
@ -22,7 +22,7 @@ $navbar="boards";
        <div class="item-2">
          <ul class="list">
            <?php 
-              $pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
+              $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
              $error = false;
              $error_message = "";
              if (!$error) {
--- a/threadr/login/redirect.php
+++ b/threadr/login/redirect.php
@ -2,7 +2,7 @@
 session_start();
 %PLEAZE_NO_CACHE%

-$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
+$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
 $statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;');
 $result = $statement->execute(array('username' => $_POST['username']));
 if ($statement->rowCount() > 0) {
--- a/threadr/profile/index.php
+++ b/threadr/profile/index.php
@ -5,7 +5,7 @@ session_start();
 %NO_CHEAP_SESSION_STEALING%
 %REQUIRE_LOGIN%

-$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
+$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
 $error = false;
 $error_message = "";
 if (!$error) {
--- a/threadr/signup/verify-email/index.php
+++ b/threadr/signup/verify-email/index.php
@ -25,7 +25,7 @@
  $password_salt = generate_salt($permitted_chars);
  $password_hash_method = "sha256";

-  $pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
+  $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
  //$statement = $pdo->prepare('');
 $navbar = "verify-email";
 ?>
--- a/threadr/userhome/index.php
+++ b/threadr/userhome/index.php
@ -5,7 +5,7 @@ session_start();
 %NO_CHEAP_SESSION_STEALING%
 %REQUIRE_LOGIN%

-$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
+$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
 $error = false;
 $error_message = "";
 if (!$error) {