Compare commits
No commits in common. "3e5f92c6b39e09d46a19c0f0c9cb092e64140c57" and "295d8e97c19e3f3712347f30fb28a198b7d6d2bd" have entirely different histories.
3e5f92c6b3
...
295d8e97c1
17
README.md
17
README.md
|
@ -54,8 +54,6 @@ This section has moved. Look in the files or their documentation below.
|
|||
This folder contains all the files that are parts of ThreadR directly
|
||||
### [[DIR] config](./config)
|
||||
A place to store the configuation for a specific ThreadR instance (contains official instance config for now, will be moved elsewhere eventually)
|
||||
### [[DIR] macros](./macros)
|
||||
files for variable_grabbler.py
|
||||
### [admin.php](./admin.php)
|
||||
This is the file that is shown on the internal admin page. It will contain a list of users, forums, threads, etc.
|
||||
At the moment, it is just a convenient way to access the other internal administration tools.
|
||||
|
@ -95,3 +93,18 @@ An alternative option to providing a string in the config is to add arrays defin
|
|||
Read the source code for further information.
|
||||
|
||||
NOTICE: This file (or rather a more up-to-date version of it) will be moved to a new repository containing the deployment system.
|
||||
### [variable_grabbler.pass0.json](./variable_grabbler.pass0.json), [variable_grabbler.pass1.json](./variable_grabbler.pass1.json), [variable_grabbler.pass2.json](./variable_grabbler.pass2.json)
|
||||
These are the the config files for variable_grabbler.py.
|
||||
A short description of what the variables do and where they should go:
|
||||
* `%NAVBAR%` (in HTML part of PHP file) → the Navbar, also includes an automatic logout-function if the user is in a place where they should never be logged in (triggered by absence of the $login variable)
|
||||
* `%SET_LOGIN_VARIABLE%` (in PHP code) → sets the $login variable in PHP by detecting if the user has a valid logged in session
|
||||
* `%NO_CHEAP_LOGIN_STEALING%` (in PHP code, before any non-header data is sent to client) → prevents the most primitive cookie stealing attempts, nothing advanced though
|
||||
* `%BANNER_COOKIES%` (in HTML part of PHP file) → the cookie banner that every web page has
|
||||
* `%PLEAZE_NO_CACHE%` (in PHP code, before any non-header data is sent to client) → requests the browser to not cache this page
|
||||
* `%FORCE_LOGOUT%` (in PHP code) → logout immediately (obviously less common than the other variables...)
|
||||
* `%CONTENT_DIR%` (anywhere in code) → the path to the ThreadR directory (without domain name)
|
||||
* `%STYLESHEET%` (in HTML) → adds the tag linking the stylesheet
|
||||
* `%REQUIRE_LOGIN%` (in PHP code, before any non-header data is sent to client) → sends users to the login page if they are not logged in
|
||||
### [navbar.template](./navbar.template), [banner_cookies.template](./banner_cookies.template)
|
||||
file templates for variables from the code variable replacement system
|
||||
|
||||
|
|
|
@ -1,16 +1,5 @@
|
|||
# Files
|
||||
### [about.template](./about.template)
|
||||
The customizable part of the content page, will eventually be replaced with a markdown file
|
||||
### [names.conf](./names.conf)
|
||||
Information about the installation location of ThreadR
|
||||
- domain name
|
||||
- ThreadR directory on that domain
|
||||
|
||||
Format: <config option>=<value>
|
||||
|
||||
This format is strictly enforced because the mechanism to load the config is very primitive. Don’t add additional whitespace for fancy formatting. Things *will* break. You have been warned.
|
||||
|
||||
How it is integrated: exec section of variable grabbler `/<config option>=/s/.*=//p" config/names.conf`
|
||||
|
||||
### [README.md](./README.md)
|
||||
this file
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
domain_name=threadr.lostcave.ddnss.de
|
||||
threadr_home=/threadr
|
|
@ -8,12 +8,10 @@ if [ -n "`shopt globstar | grep off`" ]; then shopt -s globstar; fi
|
|||
#remove READMEs
|
||||
rm ./threadr/**/README.md
|
||||
|
||||
#run the macro handler
|
||||
echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ macros/pass0*.json/'`" | bash -
|
||||
echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ macros/pass1*.json/'`" | bash -
|
||||
echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ macros/pass2*.json/'`" | bash -
|
||||
echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ macros/pass3*.json/'`" | bash -
|
||||
echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ macros/pass4*.json/'`" | bash -
|
||||
#run the code variable replacement
|
||||
echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ variable_grabbler.pass0.json/'`" | bash -
|
||||
echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ variable_grabbler.pass1.json/'`" | bash -
|
||||
echo -n "`find -name "*.php" -or -name "*.html" -or -name "*.css" -or -name "*.svg" | sed 's/^/python variable_grabbler.py /;s/$/ variable_grabbler.pass2.json/'`" | bash -
|
||||
|
||||
echo "==============================================================================
|
||||
Done."
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
# Files
|
||||
### [variable_grabbler.pass0.json](./variable_grabbler.pass0.json), [variable_grabbler.pass1.json](./variable_grabbler.pass1.json), [variable_grabbler.pass2.json](./variable_grabbler.pass2.json)
|
||||
These are the the config files for ../variable_grabbler.py.
|
||||
A short description of what the variables do and where they should go:
|
||||
* `%NAVBAR%` (in HTML part of PHP file) → the Navbar, also includes an automatic logout-function if the user is in a place where they should never be logged in (triggered by absence of the $login variable)
|
||||
* `%SET_LOGIN_VARIABLE%` (in PHP code) → sets the $login variable in PHP by detecting if the user has a valid logged in session
|
||||
* `%NO_CHEAP_LOGIN_STEALING%` (in PHP code, before any non-header data is sent to client) → prevents the most primitive cookie stealing attempts, nothing advanced though
|
||||
* `%BANNER_COOKIES%` (in HTML part of PHP file) → the cookie banner that every web page has
|
||||
* `%PLEAZE_NO_CACHE%` (in PHP code, before any non-header data is sent to client) → requests the browser to not cache this page
|
||||
* `%FORCE_LOGOUT%` (in PHP code) → logout immediately (obviously less common than the other variables...)
|
||||
* `%CONTENT_DIR%` (anywhere in code) → the path to the ThreadR directory (without domain name)
|
||||
* `%STYLESHEET%` (in HTML) → adds the tag linking the stylesheet
|
||||
* `%REQUIRE_LOGIN%` (in PHP code, before any non-header data is sent to client) → sends users to the login page if they are not logged in
|
||||
### [README.md](./README.md)
|
||||
this file
|
|
@ -1,4 +0,0 @@
|
|||
{
|
||||
"NAVBAR":["file","macros/templates/navbar.template"],
|
||||
"BANNER_COOKIES":["file","macros/templates/banner_cookies.template"]
|
||||
}
|
|
@ -1,5 +0,0 @@
|
|||
{
|
||||
"STYLESHEET":"<link rel=\"stylesheet\" type=\"text\/css\" href=\"%CONTENT_DIR%\/style.css\">",
|
||||
"PLEAZE_NO_CACHE":"header('Cache-Control: no-cache, no-store, must-revalidate');header('Pragma: no-cache');header('Expires: 0');",
|
||||
"COLOR_BEIGE":"#fef6e4", "COLOR_ORANGE":"#f3d2c1", "COLOR_BLUE":"#001858", "COLOR_PINK":"#f582ae", "COLOR_CYAN":"#8bd3dd"
|
||||
}
|
|
@ -1,4 +0,0 @@
|
|||
{
|
||||
"DOMAIN_NAME":["exec","sed --quiet "/domain_name=/s/.*=//p" config/names.conf"],
|
||||
"CONTENT_DIR":["exec","sed --quiet "/threadr_home=/s/.*=//p" config/names.conf"]
|
||||
}
|
|
@ -1,3 +0,0 @@
|
|||
{
|
||||
"ABOUT_PAGE":["file","config/templates/about.template"]
|
||||
}
|
|
@ -1,5 +0,0 @@
|
|||
# Files
|
||||
### [navbar.template](./navbar.template)
|
||||
contains the navbar, depends on a variable in PHP to determine which field on the navbar should be highlighted
|
||||
### [banner_cookies.template](./banner_cookies.template)
|
||||
contains the cookie banner
|
|
@ -3,7 +3,11 @@ session_start();
|
|||
%PLEAZE_NO_CACHE%
|
||||
$navbar = "login";
|
||||
if (isset($_SESSION['user_id'])){
|
||||
%FORCE_LOGOUT%
|
||||
if (ini_get("session.use_cookies")) {
|
||||
$params = session_get_cookie_params();
|
||||
setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
|
||||
}
|
||||
session_destroy();
|
||||
}
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
{
|
||||
"NAVBAR":["file","navbar.template"],
|
||||
"BANNER_COOKIES":["file","banner_cookies.template"],
|
||||
"ABOUT_PAGE":["file","config/about.template"]
|
||||
}
|
|
@ -0,0 +1,4 @@
|
|||
{
|
||||
"STYLESHEET":"<link rel=\"stylesheet\" type=\"text\/css\" href=\"%CONTENT_DIR%\/style.css\">",
|
||||
"REQUIRE_LOGIN":"if (!$login) { header(\"Location: https:\/\/threadr.lostcave.ddnss.de%CONTENT_DIR%\/login\/\\?error=session\"); die(); }"
|
||||
}
|
|
@ -1,6 +1,8 @@
|
|||
{
|
||||
"REQUIRE_LOGIN":"if (!$login) { header(\"Location: https:\/\/%DOMAIN_NAME%%CONTENT_DIR%\/login\/\\?error=session\"); die(); }",
|
||||
"NO_CHEAP_SESSION_STEALING":"if (isset($_SESSION['user_id'])) {if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR'] || $_SESSION['user_http_user_agent']!=$_SERVER['HTTP_USER_AGENT']){ $_SESSION = array(); if (ini_get(\"session.use_cookies\")){ $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params[\"path\"], $params[\"domain\"], $params[\"secure\"], $params[\"httponly\"]); } session_destroy(); header(\"Location: https://%DOMAIN_NAME%%CONTENT_DIR%/login/\\?error=session\"); die();}}",
|
||||
"CONTENT_DIR":"/threadr",
|
||||
"NO_CHEAP_SESSION_STEALING":"if (isset($_SESSION['user_id'])) {if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR'] || $_SESSION['user_http_user_agent']!=$_SERVER['HTTP_USER_AGENT']){ $_SESSION = array(); if (ini_get(\"session.use_cookies\")){ $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params[\"path\"], $params[\"domain\"], $params[\"secure\"], $params[\"httponly\"]); } session_destroy(); header(\"Location: https://threadr.lostcave.ddnss.de/threadr/login/\\?error=session\"); die();}}",
|
||||
"SET_LOGIN_VARIABLE":"if (isset($_SESSION['user_id'])) { $login = true; } else { $login = false; }",
|
||||
"FORCE_LOGOUT":"$_SESSION = array(); if (ini_get('session.use_cookies')) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);} session_destroy();"
|
||||
"PLEAZE_NO_CACHE":"header('Cache-Control: no-cache, no-store, must-revalidate');header('Pragma: no-cache');header('Expires: 0');",
|
||||
"FORCE_LOGOUT":"$_SESSION = array(); if (ini_get('session.use_cookies')) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);} session_destroy();",
|
||||
"COLOR_BEIGE":"#fef6e4", "COLOR_ORANGE":"#f3d2c1", "COLOR_BLUE":"#001858", "COLOR_PINK":"#f582ae", "COLOR_CYAN":"#8bd3dd"
|
||||
}
|
Loading…
Reference in New Issue