diff --git a/footer.php b/footer.php index 5b73615..45419a6 100644 --- a/footer.php +++ b/footer.php @@ -2,11 +2,7 @@ $strDefaults = "--- - Copyright © - - * [Website Home](/) - * [Post](/post) - * [CSS](/edit/css)"; + Copyright © Application Owner"; $strDefaults = preg_replace("/[ ]{4,}/", "", $strDefaults); $strContent = Settings::get("footer", $strDefaults, true); diff --git a/header.php b/header.php index d05ec0a..dc8ac6d 100644 --- a/header.php +++ b/header.php @@ -1,8 +1,11 @@ @@ -37,11 +37,33 @@ preg_match("/(^|\n).*?([A-Za-z0-9].*?(\!|\.|\,|\?|\n))/i", $strText, $varTitles); $strTitle = $varTitles[2]; $strTitle = trim($strTitle); + + $intUpdated = Util::diff($r["created"], $r["updated"]) >= 500; + $strDatePreposition = "on"; + $strDateUsed = $r["created"]; + + if ($intUpdated) + { + $strDatePreposition = "updated"; + $strDateUsed = $r["updated"]; + } + + $strDateUsed = "{$strDateUsed} UTC"; + $intOwnership = UserAuth::has("is_admin") || $varUser["username"] == $r["username"]; + + $fncFooter = function() + { + ?> + -
- "> · by +
+
+ "> + · by +
0): ?>
@@ -62,33 +84,27 @@
by
-
on UTC
+
">Permalink · ">Related - - · ">Edit
@@ -99,7 +115,7 @@
@@ -111,8 +127,8 @@ ob_clean(); header("Content-Type: text/plain"); - $strTextBuffer = Settings::makeReplacements($strTextBuffer); - echo $strTextBuffer; + $strBuffer = Settings::makeReplacements($strBuffer); + echo $strBuffer; ob_end_flush(); exit; diff --git a/lib/UserAuth.php b/lib/UserAuth.php index 9a8bb7c..6e4ea08 100644 --- a/lib/UserAuth.php +++ b/lib/UserAuth.php @@ -8,6 +8,16 @@ { $strToken = Cookie::get("token"); + if ($strToken == null) + { + // Attempt to read token from X-Token header first: + $strToken = Request::getHeader("X-Token"); + + // Then try reading it directly from the POST: + if (Request::posts("token")) + $strToken = Request::getPosted("token"); + } + if ($strToken !== null) if (strlen($strToken) > 0) { @@ -63,11 +73,11 @@ return true; $varUser = UserAuth::getUser(); - $strUsername = $varUser["username"] ?? null; - $varRegex = [ - ["/user/i", ($varUser == null)], - ["/admin/i", (!UserAuth::has("is_admin"))], - ]; + $strUsername = ""; + + if ($varUser !== null) + if (array_key_exists("username", $varUser)) + $strUsername = $varUser["username"] ?? ""; // Support arrays with username and visibility keys: if (is_array($strVisibility)) @@ -89,22 +99,15 @@ if (preg_match("/^(admin|hid(e|den)|invisible|no(ne|body)|private)$/i", $strVisibility)) return false; - if (preg_match("/{$strUsername}/i", $strVisibility)) return true; + if (strlen($strUsername) > 0) + if (preg_match("/{$strUsername}/i", $strVisibility)) + return true; // Handle showing the post to everyone: - if (preg_match("/^(|(every|any)(body|one))|all|public)$/i", $strVisibility)) + if (preg_match("/^(|(every|any)(body|one)|all|public)$/i", $strVisibility)) return true; - $intExit = 0; - - foreach ($varRegex as $re) - if (preg_match($re[0], $strVisibility)) - if ($re[1]) - $intExit = 1; - - if ($intExit == 1) - return false; - return true; + return false; } } ?> diff --git a/pages/index.php b/pages/index.php index a85ee91..86d596c 100644 --- a/pages/index.php +++ b/pages/index.php @@ -13,7 +13,7 @@ where id = ? order by - created desc", + updated desc", intval($strArg1)); } @@ -27,7 +27,7 @@ where username like ? order by - created desc", + updated desc", $strArg1); } @@ -40,9 +40,10 @@ location like ? or location like '*' order by - created desc", + updated desc", Request::getPath()); } ?> + diff --git a/pages/post.php b/pages/post.php index 50d8dae..051739e 100644 --- a/pages/post.php +++ b/pages/post.php @@ -10,8 +10,9 @@ $strLocation = Request::getParam("to") ?? ""; $strVisibility = ""; $strVerb = "Create"; + $intPublic = 0; - if (strlen($strId) > 0) + if ($strId !== null && strlen($strId) > 0) { $strVerb = "Edit"; $varRows = $c->query("SELECT * from posts where id = ?", $strId); @@ -26,6 +27,10 @@ $strContent = $varRow["content"]; $strLocation = $varRow["location"]; $strVisibility = $varRow["visibility"]; + $intPublic = 0; + + if ($strVisibility == "public") + $intPublic = 1; if (!UserAuth::has("is_admin")) if ($varUser["username"] !== $varRow["username"]) @@ -36,11 +41,19 @@ } - if (Request::posts("location", "content", "visibility")) + if (Request::posts("location", "content", "visibility", "public")) { $strLocation = Request::getPosted("location"); $strContent = Request::getPosted("content"); $strVisibility = Request::getPosted("visibility"); + $intPublic = intval(Request::getPosted("public")); + + if (!preg_match("/^\//", $strLocation)) + $strLocation = "/{$strLocation}"; + + $strVisibility = "private"; + if ($intPublic == 1) + $strVisibility = "public"; if ($strId == null || strlen($strId) < 1) { @@ -120,13 +133,16 @@ - + + + + type="checkbox" + name="public" + value="1" + + /> diff --git a/pages/search.php b/pages/search.php index 1e0007d..ddd0282 100644 --- a/pages/search.php +++ b/pages/search.php @@ -18,16 +18,8 @@ where content like concat('%', ?, '%') order by - created desc", + updated desc", $strQuery); - - $i = 0; - for ($i = 0; $i < count($varPosts); $i++) - { - $varOld = $varPosts[$i]; - $varOld["content"] = preg_replace("/\b({$strQuery})\b/i", "$1", $varOld["content"]); - $varPosts[$i] = $varOld; - } } ?> diff --git a/pages/user/index.php b/pages/user/index.php deleted file mode 100644 index 1b92496..0000000 --- a/pages/user/index.php +++ /dev/null @@ -1,49 +0,0 @@ -query( - "INSERT or replace into users (email, user_name, display_name) - select - ?, - ?, - ?", - $varUser["email"], - $strUsername, - $strDisplayName); - - PageRender::message("Profile updated", "success"); - } - } - catch (Exception $x) - { - PageRender::message($x->getMessage(), "danger"); - } - - $strUsername = $varUser["username"]; - PageRender::message("You are signed in as {$strUsername}."); -?> - - - - diff --git a/pages/user/signin.php b/pages/user/signin.php index 60a5b69..b4e8780 100644 --- a/pages/user/signin.php +++ b/pages/user/signin.php @@ -38,7 +38,7 @@ "Successfully signed in", "info"); - Respond::redirect("/user"); + Respond::redirect("/user/info"); } }