diff --git a/README.md b/README.md index c883e29..650b6a5 100644 --- a/README.md +++ b/README.md @@ -54,6 +54,8 @@ This section has moved. Look in the files or their documentation below. This folder contains all the files that are parts of ThreadR directly ### [[DIR] config](./config) A place to store the configuation for a specific ThreadR instance (contains official instance config for now, will be moved elsewhere eventually) +### [[DIR] macros](./macros) +files for variable_grabbler.py ### [admin.php](./admin.php) This is the file that is shown on the internal admin page. It will contain a list of users, forums, threads, etc. At the moment, it is just a convenient way to access the other internal administration tools. @@ -93,18 +95,3 @@ An alternative option to providing a string in the config is to add arrays defin Read the source code for further information. NOTICE: This file (or rather a more up-to-date version of it) will be moved to a new repository containing the deployment system. -### [variable_grabbler.pass0.json](./variable_grabbler.pass0.json), [variable_grabbler.pass1.json](./variable_grabbler.pass1.json), [variable_grabbler.pass2.json](./variable_grabbler.pass2.json) -These are the the config files for variable_grabbler.py. -A short description of what the variables do and where they should go: - * `%NAVBAR%` (in HTML part of PHP file) → the Navbar, also includes an automatic logout-function if the user is in a place where they should never be logged in (triggered by absence of the $login variable) - * `%SET_LOGIN_VARIABLE%` (in PHP code) → sets the $login variable in PHP by detecting if the user has a valid logged in session - * `%NO_CHEAP_LOGIN_STEALING%` (in PHP code, before any non-header data is sent to client) → prevents the most primitive cookie stealing attempts, nothing advanced though - * `%BANNER_COOKIES%` (in HTML part of PHP file) → the cookie banner that every web page has - * `%PLEAZE_NO_CACHE%` (in PHP code, before any non-header data is sent to client) → requests the browser to not cache this page - * `%FORCE_LOGOUT%` (in PHP code) → logout immediately (obviously less common than the other variables...) - * `%CONTENT_DIR%` (anywhere in code) → the path to the ThreadR directory (without domain name) - * `%STYLESHEET%` (in HTML) → adds the tag linking the stylesheet - * `%REQUIRE_LOGIN%` (in PHP code, before any non-header data is sent to client) → sends users to the login page if they are not logged in -### [navbar.template](./navbar.template), [banner_cookies.template](./banner_cookies.template) -file templates for variables from the code variable replacement system - diff --git a/deployment-script.sh b/deployment-script.sh index ec85ee8..906a862 100644 --- a/deployment-script.sh +++ b/deployment-script.sh @@ -9,9 +9,9 @@ if [ -n "`shopt globstar | grep off`" ]; then shopt -s globstar; fi rm ./threadr/**/README.md #run the code variable replacement -echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ variable_grabbler.pass0.json/'`" | bash - -echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ variable_grabbler.pass1.json/'`" | bash - -echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ variable_grabbler.pass2.json/'`" | bash - +echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ macros/variable_grabbler.pass0.json/'`" | bash - +echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ macros/variable_grabbler.pass1.json/'`" | bash - +echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ macros/variable_grabbler.pass2.json/'`" | bash - echo "============================================================================== Done." diff --git a/macros/README.md b/macros/README.md new file mode 100644 index 0000000..db246ad --- /dev/null +++ b/macros/README.md @@ -0,0 +1,17 @@ +# Files +### [variable_grabbler.pass0.json](./variable_grabbler.pass0.json), [variable_grabbler.pass1.json](./variable_grabbler.pass1.json), [variable_grabbler.pass2.json](./variable_grabbler.pass2.json) +These are the the config files for ../variable_grabbler.py. +A short description of what the variables do and where they should go: + * `%NAVBAR%` (in HTML part of PHP file) → the Navbar, also includes an automatic logout-function if the user is in a place where they should never be logged in (triggered by absence of the $login variable) + * `%SET_LOGIN_VARIABLE%` (in PHP code) → sets the $login variable in PHP by detecting if the user has a valid logged in session + * `%NO_CHEAP_LOGIN_STEALING%` (in PHP code, before any non-header data is sent to client) → prevents the most primitive cookie stealing attempts, nothing advanced though + * `%BANNER_COOKIES%` (in HTML part of PHP file) → the cookie banner that every web page has + * `%PLEAZE_NO_CACHE%` (in PHP code, before any non-header data is sent to client) → requests the browser to not cache this page + * `%FORCE_LOGOUT%` (in PHP code) → logout immediately (obviously less common than the other variables...) + * `%CONTENT_DIR%` (anywhere in code) → the path to the ThreadR directory (without domain name) + * `%STYLESHEET%` (in HTML) → adds the tag linking the stylesheet + * `%REQUIRE_LOGIN%` (in PHP code, before any non-header data is sent to client) → sends users to the login page if they are not logged in +### [navbar.template](./navbar.template), [banner_cookies.template](./banner_cookies.template) +file templates for variables from the code variable replacement system +### [README.md](./README.md) +this file diff --git a/banner_cookies.template b/macros/banner_cookies.template similarity index 100% rename from banner_cookies.template rename to macros/banner_cookies.template diff --git a/navbar.template b/macros/navbar.template similarity index 100% rename from navbar.template rename to macros/navbar.template diff --git a/macros/variable_grabbler.pass0.json b/macros/variable_grabbler.pass0.json new file mode 100644 index 0000000..aacd39b --- /dev/null +++ b/macros/variable_grabbler.pass0.json @@ -0,0 +1,5 @@ +{ +"NAVBAR":["file","macros/navbar.template"], +"BANNER_COOKIES":["file","macros/banner_cookies.template"], +"ABOUT_PAGE":["file","config/about.template"] +} diff --git a/variable_grabbler.pass1.json b/macros/variable_grabbler.pass1.json similarity index 100% rename from variable_grabbler.pass1.json rename to macros/variable_grabbler.pass1.json diff --git a/variable_grabbler.pass2.json b/macros/variable_grabbler.pass2.json similarity index 100% rename from variable_grabbler.pass2.json rename to macros/variable_grabbler.pass2.json diff --git a/threadr/login/index.php b/threadr/login/index.php index 20d7386..c0c4e7c 100644 --- a/threadr/login/index.php +++ b/threadr/login/index.php @@ -3,11 +3,7 @@ session_start(); %PLEAZE_NO_CACHE% $navbar = "login"; if (isset($_SESSION['user_id'])){ - if (ini_get("session.use_cookies")) { - $params = session_get_cookie_params(); - setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]); - } - session_destroy(); + %FORCE_LOGOUT% } ?> diff --git a/variable_grabbler.pass0.json b/variable_grabbler.pass0.json deleted file mode 100644 index fa59c58..0000000 --- a/variable_grabbler.pass0.json +++ /dev/null @@ -1,5 +0,0 @@ -{ -"NAVBAR":["file","navbar.template"], -"BANNER_COOKIES":["file","banner_cookies.template"], -"ABOUT_PAGE":["file","config/about.template"] -}