The new home of the ThreadR Forum Engine https://threadr.lostcave.ddnss.de
 
 
 
 
 
Go to file
BodgeMaster fe79d6ca8d poking at cookie mechanics 2020-03-10 19:30:22 +01:00
policies added placeholders for documents we have to write 2020-03-05 04:43:39 +01:00
threadr poking at cookie mechanics 2020-03-10 19:30:22 +01:00
README.md updated todo 2020-03-07 21:40:24 +01:00
admin.php request client to not use caching 2020-03-02 14:10:27 +01:00
banner_cookies.template error is not here 2020-03-10 19:29:36 +01:00
commands_git.conf force deployment-script being executable 2020-03-08 18:12:59 +01:00
commands_ondemand.conf improved readability 2020-02-12 06:02:49 +01:00
commands_status.conf added apache error log to status page 2020-03-08 17:55:22 +01:00
default.html duplicated redirect page and changed paths to %CONTENT_DIR% 2020-02-19 04:07:26 +01:00
deployment-script.sh forgot a single double quote... 2020-03-08 18:14:55 +01:00
icon.png Initial commit of various files 2020-01-02 12:33:49 +01:00
index.html duplicated redirect page and changed paths to %CONTENT_DIR% 2020-02-19 04:07:26 +01:00
internal.css added separate stylesheet for internal status page 2020-03-04 21:44:38 +01:00
navbar.template force users to log out where they should not be logged in 2020-03-07 21:12:08 +01:00
run-once-script.sh removing some files in preparation for a change in the deployment script 2020-03-08 18:05:34 +01:00
strassenkind.php poking at a problem 2020-03-05 10:52:03 +01:00
variable_grabbler.pass0.json added cookie banner variable 2020-03-09 12:09:49 +01:00
variable_grabbler.pass1.json fixed typo 2020-03-08 17:49:23 +01:00
variable_grabbler.pass2.json moved logout mechanism to a variable 2020-03-07 21:09:48 +01:00
variable_grabbler.py enforced capitalized variables 2020-03-07 19:46:34 +01:00

README.md

Git based automatic web deployment system

This repository will be automagically pulled by the web server each time something is pushed by a user.

Dear Developers, Please use the ToDo list below. You do not need need to create your own lists. Thank you.

The following files and directories are linked to areas where they can be accessed by the web server:

  • index.html*/common/index.html (http redirect)
  • icon.png*/common/icon.png (unused)
  • threadr/*/common/threadr/ (everything else acessible by the web server)
  • default.htmllostcave.ddnss.de/index.html (http redirect)
  • admin.phpadmin.strassenkind.ip/index.php (future management page, maybe for services, available sites, users, etc?)
  • strassenkind.phpstrassenkind.ip/index.php (status page)
  • commands_status.confstrassenkind.ip/commands_status.conf
  • commands_ondemand.confstrassenkind.ip/commands_ondemand.conf
  • internal.cssstrassenkind.ip/style.css

Variables handled by the deployment script

Here is the place for variables that will be replaced automatically on the server. Using them is encouraged. Using the paths is DISCOURAGED. This way, it is possible to change folder names around and fix the URLs in one place for all files simultaneously.

Pass 0:

  • %NAVBAR% → the code used to build the navbar, should remain in pass 0 as it may contain other variables

Pass 1:

Looks quite empty at this point

Pass 2:

  • %CONTENT_DIR% → The part of the URL between the domain name and the destination (e.g. https://lostcave.ddnss.de**/common/threadr/**about/), should remain in the last pass
  • %NO_CHEAP_SESSION_STEALING% → checks the request origin against the values stored in the session cookie, add this before any actual data is transmitted (as in before any HTML code or echo commands because this affects the HTTP header)
  • %PLEAZE_NO_CACHE% → adds header information, same as above goes here

Some server variables that might turn out to be useful (example):

{ "HTTP_USER_AGENT":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:73.0) Gecko/20100101 Firefox/73.0", "REMOTE_ADDR":"10.1.1.3" }

TODO:

  • cookie policy and eula
  • signup redirect: add check for existing users
  • signup redirect: return redirect header, handling highlighting of affected boxes
  • userhome: setting for users that use VPNs/Proxies (because IP duh)
  • frontend: dropdown menus?
  • internal status site: add fail2ban status ← how?
  • add reverse proxy or similar to admin tools to a user account locked external page
  • email verification
  • recruit some people
  • redirect back to login if user tries to acces restricted content without being logged in
  • allow caching of some files
  • make logout function a variable
  • put the profile and logout links in a dropdown menu
  • change cookie storage to either an encrypted cookie or a database
  • add a feed of some sort
  • direct msg
  • connect thread tables to PHP
  • replacement variable for PDO
  • variable arguments
  • Groups
  • add %EMPTY_NAVBAR% variable for verify-email.php