clarified documentation

config/README.md

@@ -4,12 +4,14 @@ The customizable part of the content page, HTML code for now, will eventually be
 ### [instance.conf](./instance.conf)
 configuration for a specific instance
 - domain_name=<public facing domain name of the instance>
-- threadr_dir=<directory on the webhost>
+- threadr_dir=<directory on the webhost\*>
 - db_username=<mysql user>
 - db_password=<mysql password>
 - db_database=<name of the database>
 - db_svr_host=<mysql server address>
 
+\* leading and trailing slashes not included
+
 I know some of these option names are silly but they all have the same length. -BodgeMaster
 
 The format is strictly `<option>=<value>` because the mechanism used to load the config values is very simple. Don’t add additional whitespace for fancy formatting. Things *will* break. You have been warned.

config/instance.conf

@@ -1,5 +1,5 @@
 domain_name=threadr.lostcave.ddnss.de
-threadr_dir=/
+threadr_dir=
 db_username=webstuff
 db_password=Schei// auf Pa$$w0rter!
 db_database=web

macros/pass2_session.json

@@ -1,6 +1,6 @@
 {
-"REQUIRE_LOGIN":"if (!$login) { header(\"Location: https:\/\/%DOMAIN_NAME%%CONTENT_DIR%\/login\/\\?error=session\"); die(); }",
-"NO_CHEAP_SESSION_STEALING":"if (isset($_SESSION['user_id'])) {if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR'] || $_SESSION['user_http_user_agent']!=$_SERVER['HTTP_USER_AGENT']){ $_SESSION = array(); if (ini_get(\"session.use_cookies\")){ $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params[\"path\"], $params[\"domain\"], $params[\"secure\"], $params[\"httponly\"]); } session_destroy(); header(\"Location: https://%DOMAIN_NAME%%CONTENT_DIR%/login/\\?error=session\"); die();}}",
+"REQUIRE_LOGIN":"if (!$login) { header(\"Location: https:\/\/%DOMAIN_NAME%/%CONTENT_DIR%\/login\/\\?error=session\"); die(); }",
+"NO_CHEAP_SESSION_STEALING":"if (isset($_SESSION['user_id'])) {if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR'] || $_SESSION['user_http_user_agent']!=$_SERVER['HTTP_USER_AGENT']){ $_SESSION = array(); if (ini_get(\"session.use_cookies\")){ $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params[\"path\"], $params[\"domain\"], $params[\"secure\"], $params[\"httponly\"]); } session_destroy(); header(\"Location: https://%DOMAIN_NAME%/%CONTENT_DIR%/login/\\?error=session\"); die();}}",
 "SET_LOGIN_VARIABLE":"if (isset($_SESSION['user_id'])) { $login = true; } else { $login = false; }",
 "FORCE_LOGOUT":"$_SESSION = array(); if (ini_get('session.use_cookies')) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);} session_destroy();"
 }

macros/templates/navbar.template

@@ -11,15 +11,15 @@ if (!isset($login)){
       echo "<a class=\"icon ";
       if ($login){
         if ($navbar == "home"){
-          echo "active\" href=\"%CONTENT_DIR%/userhome/\"><img src=\"/threadr/img/ThreadR_Home.svg\" alt=\"My Feed\" title=\"My Feed\"";
+          echo "active\" href=\"%CONTENT_DIR%/userhome/\"><img src=\"/%CONTENT_DIR%/img/ThreadR_Home.svg\" alt=\"My Feed\" title=\"My Feed\"";
         } else {
-          echo "\" href=\"%CONTENT_DIR%/userhome/\"><img src=\"/threadr/img/ThreadR_Home.svg\" alt=\"My Feed\" title=\"My Feed\"";
+          echo "\" href=\"%CONTENT_DIR%/userhome/\"><img src=\"/%CONTENT_DIR%/img/ThreadR_Home.svg\" alt=\"My Feed\" title=\"My Feed\"";
         }
       } else {
         if ($navbar == "home"){
-          echo "active\" href=\"%CONTENT_DIR%/\"><img src=\"/threadr/img/ThreadR_Home.svg\" alt=\"Home\" title=\"Home\"";
+          echo "active\" href=\"%CONTENT_DIR%/\"><img src=\"/%CONTENT_DIR%/img/ThreadR_Home.svg\" alt=\"Home\" title=\"Home\"";
         } else {
-          echo "\" href=\"%CONTENT_DIR%/\"><img src=\"/threadr/img/ThreadR_Home.svg\" alt=\"Home\" title=\"Home\"";
+          echo "\" href=\"%CONTENT_DIR%/\"><img src=\"/%CONTENT_DIR%/img/ThreadR_Home.svg\" alt=\"Home\" title=\"Home\"";
         }
       }
       echo "/></a>";

src/login/redirect.php

@@ -15,15 +15,15 @@ if ($statement->rowCount() > 0) {
     // IP and user agent string are used to prevent cheap session stealing
     $_SESSION['user_ip'] = $_SERVER['REMOTE_ADDR'];
     $_SESSION['user_http_user_agent'] = $_SERVER['HTTP_USER_AGENT'];
-    header("Location: https://%DOMAIN_NAME%%CONTENT_DIR%/userhome/");
+    header("Location: https://%DOMAIN_NAME%/%CONTENT_DIR%/userhome/");
   } else {
     //password inorrect
-    header("Location: https://%DOMAIN_NAME%%CONTENT_DIR%/login/?error=credentials");
+    header("Location: https://%DOMAIN_NAME%/%CONTENT_DIR%/login/?error=credentials");
     die();
   }
 } else {
   //wrong user name
-  header("Location: https://%DOMAIN_NAME%%CONTENT_DIR%/login/?error=credentials");
+  header("Location: https://%DOMAIN_NAME%/%CONTENT_DIR%/login/?error=credentials");
   die();
 }
 ?>

variable_grabbler.py

@@ -15,7 +15,7 @@ exit_codes = {
   "error while processing": 2
 }
 
-stderr("--------------------------------------------------------------------------------\nVariable Grabbler - version 5.0\n--------------------------------------------------------------------------------")
+stderr("\nVariable Grabbler - version 5.0\n--------------------------------------------------------------------------------")
 ################################################################################
 # Chnages in this version:
 # - complete rewrite in Python 3