un-hard-coded db name and server

master
BodgeMaster 2021-09-02 17:01:28 +02:00
parent 7e62d6f11e
commit d2b0c46510
12 changed files with 30 additions and 20 deletions

View File

@ -15,7 +15,7 @@
$random_salt = generate_salt($permitted_chars);
$password_hash_method = "sha256";
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$query = "SELECT id, name, authentication_algorithm FROM users;";
if (isset($_GET['action'])) {

View File

@ -7,6 +7,10 @@ configuration for a specific instance
- threadr_dir=<directory on the webhost>
- db_username=<mysql user>
- db_password=<mysql password>
- db_database=<name of the database>
- db_svr_host=<mysql server address>
I know some of these option names are silly but they all have the same length. -BodgeMaster
The format is strictly `<option>=<value>` because the mechanism used to load the config values is very simple. Dont add additional whitespace for fancy formatting. Things *will* break. You have been warned.

View File

@ -2,3 +2,5 @@ domain_name=threadr.lostcave.ddnss.de
threadr_dir=/threadr
db_username=webstuff
db_password=Schei// auf Pa$$w0rter!
db_database=web
db_svr_host=localhost

View File

@ -22,6 +22,8 @@ Macros that grab the configuration values and inject them into the instance
- `%CONTENT_DIR%` the directory of the ThreadR home page on the webhost
- `%DB_PASSWORD%` password for the MySQL server
- `%DB_USERNAME%` username for the MySQL server
- `%DB_NAME%` name of the database to use
- `%DB_SERVER%` address of the mysql server
- `%ABOUT_PAGE%` the template for the about page
### [README.md](./README.md)
this file

View File

@ -3,5 +3,7 @@
"CONTENT_DIR":["exec","echo -n \"$(sed --quiet \"/threadr_dir=/s/.*=//p\" config/instance.conf)\""],
"DB_PASSWORD":["exec","echo -n \"$(sed --quiet \"/db_password=/s/.*=//p\" config/instance.conf)\""],
"DB_USERNAME":["exec","echo -n \"$(sed --quiet \"/db_username=/s/.*=//p\" config/instance.conf)\""],
"DB_NAME" :["exec","echo -n \"$(sed --quiet \"/db_database=/s/.*=//p\" config/instance.conf)\""],
"DB_SERVER" :["exec","echo -n \"$(sed --quiet \"/db_svr_host=/s/.*=//p\" config/instance.conf)\""],
"ABOUT_PAGE":["file","config/about.template"]
}

View File

@ -1,5 +1,5 @@
<?php
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$statement = $pdo->prepare("SELECT * FROM posts WHERE board_id=:bid ORDER BY post_time asc");
$statement->execute(array("bid"=>$id));
foreach($statement->fetchAll() as $ROW) {

View File

@ -28,7 +28,7 @@ $id=$_GET['id'];
<div class="item-1">
<h1><center>
<?php
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false;
$error_message = "";
if (!$error) {

View File

@ -22,7 +22,7 @@ $navbar="boards";
<div class="item-2">
<ul class="list">
<?php
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false;
$error_message = "";
if (!$error) {

View File

@ -2,7 +2,7 @@
session_start();
%PLEAZE_NO_CACHE%
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;');
$result = $statement->execute(array('username' => $_POST['username']));
if ($statement->rowCount() > 0) {

View File

@ -5,7 +5,7 @@ session_start();
%NO_CHEAP_SESSION_STEALING%
%REQUIRE_LOGIN%
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false;
$error_message = "";
if (!$error) {

View File

@ -25,7 +25,7 @@
$password_salt = generate_salt($permitted_chars);
$password_hash_method = "sha256";
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
//$statement = $pdo->prepare('');
$navbar = "verify-email";
?>

View File

@ -5,7 +5,7 @@ session_start();
%NO_CHEAP_SESSION_STEALING%
%REQUIRE_LOGIN%
$pdo = new PDO('mysql:host=localhost;dbname=web', '%DB_USERNAME%', '%DB_PASSWORD%');
$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$error = false;
$error_message = "";
if (!$error) {