2024-04-27 21:09:42 +02:00
|
|
|
<?php
|
|
|
|
// Include config file
|
|
|
|
include_once("config.php");
|
|
|
|
|
2024-05-04 23:02:24 +02:00
|
|
|
// Include utils to have access to custom classes
|
|
|
|
include_once("utils.php");
|
|
|
|
|
2024-05-04 23:08:47 +02:00
|
|
|
// If the session cookie is set, start session
|
|
|
|
if(isset($_COOKIE["PHPSESSID"]))
|
|
|
|
{
|
|
|
|
session_start();
|
|
|
|
}
|
2024-04-27 21:09:42 +02:00
|
|
|
|
2024-07-22 20:38:41 +02:00
|
|
|
// Use this for page generation timing
|
|
|
|
$generation_start_time = microtime(true);
|
|
|
|
|
2024-04-27 21:09:42 +02:00
|
|
|
// PDO Mysql connection object
|
2024-04-28 15:21:09 +02:00
|
|
|
$conn = null;
|
|
|
|
attempt_sql_connect();
|
2024-04-27 21:09:42 +02:00
|
|
|
|
2024-05-08 16:00:44 +02:00
|
|
|
// this variable is here to ensure header doesn't appear twice (on errors,
|
|
|
|
// for example)
|
|
|
|
$header_displayed = false;
|
|
|
|
|
2024-04-27 21:09:42 +02:00
|
|
|
/** Attempt to connect to sql database
|
|
|
|
*/
|
|
|
|
function attempt_sql_connect() {
|
|
|
|
// access global $conn
|
|
|
|
global $conn;
|
|
|
|
|
|
|
|
// Load the global login constants
|
|
|
|
$sql_hostname = SQL_HOSTNAME;
|
|
|
|
$sql_database = SQL_DATABASE;
|
|
|
|
$sql_username = SQL_USERNAME;
|
|
|
|
$sql_password = SQL_PASSWORD;
|
|
|
|
|
|
|
|
try {
|
|
|
|
//Try connecting to the SQL database
|
|
|
|
$conn = new PDO("mysql:host=$sql_hostname;dbname=$sql_database",
|
|
|
|
$sql_username, $sql_password);
|
|
|
|
// set the PDO error mode to exception
|
|
|
|
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
|
|
} catch(PDOException $e) {
|
|
|
|
$conn = null;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-05-05 21:51:21 +02:00
|
|
|
/**
|
|
|
|
* If user logged out, destroy the session data and delete cookie.
|
|
|
|
*/
|
|
|
|
if (isset($_POST["logout"])) {
|
|
|
|
if (ini_get("session.use_cookies")) {
|
|
|
|
$params = session_get_cookie_params();
|
|
|
|
setcookie(session_name(), '', time() - 42000,
|
|
|
|
$params["path"], $params["domain"],
|
|
|
|
$params["secure"], $params["httponly"]
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Redirect to this page with GET
|
2024-05-13 19:11:40 +02:00
|
|
|
header(sprintf("Location: %s/?%s",
|
|
|
|
sanitize_input($_SERVER["PHP_SELF"]),
|
2024-05-05 21:51:21 +02:00
|
|
|
sanitize_input($_POST["get_params"])));
|
2024-05-13 19:11:40 +02:00
|
|
|
die();
|
2024-05-05 21:51:21 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Construct the available account actions for the header depending on whether
|
|
|
|
* a user is logged in or not and return it as string.
|
|
|
|
*/
|
|
|
|
function construct_account_section(){
|
|
|
|
if(isset($_SESSION["current_user"])) {
|
|
|
|
return sprintf("Logged in as %s <br>
|
|
|
|
<form method=\"post\" action=%s>
|
|
|
|
<input name=\"get_params\" type=\"hidden\" value=\"%s\">
|
|
|
|
<input name=\"logout\" type=\"submit\" value=\"logout\">
|
|
|
|
</form>
|
|
|
|
<a href=\"http://www.zdenekborovec-dev.cz/deleteaccount/\">
|
|
|
|
Delete account</a>", $_SESSION["current_user"]->user_name,
|
|
|
|
sanitize_input($_SERVER["PHP_SELF"]),
|
|
|
|
sanitize_input($_SERVER["QUERY_STRING"]));
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return sprintf("<a href=\"http://www.zdenekborovec-dev.cz/login\">Login</a>
|
|
|
|
<br><a href=\"http://www.zdenekborovec-dev.cz/register\">Register</a>");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-04-28 15:21:09 +02:00
|
|
|
/**
|
|
|
|
* Start the html document, set headers, begin body and display the default
|
|
|
|
* navbar.
|
|
|
|
* <html><body> nad <main> tags will be left open, to close them
|
|
|
|
* in the default way include footer.php
|
|
|
|
* This should be the first function to write any text outside of debugging
|
|
|
|
* purposes.
|
|
|
|
*/
|
|
|
|
function display_header($pageTitle) {
|
2024-05-08 16:00:44 +02:00
|
|
|
global $header_displayed;
|
|
|
|
|
|
|
|
if($header_displayed){
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
$header_displayed = true;
|
|
|
|
|
2024-04-28 15:21:09 +02:00
|
|
|
printf("
|
2024-06-29 08:13:16 +02:00
|
|
|
<!DOCTYPE html>
|
2024-04-28 15:21:09 +02:00
|
|
|
<html lang=\"en\">
|
2023-12-21 13:11:22 +01:00
|
|
|
<head>
|
2024-04-28 15:21:09 +02:00
|
|
|
<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">
|
2024-05-06 21:17:48 +02:00
|
|
|
<meta name=\"title\" content=\"Zdenek's Website\">
|
|
|
|
<meta name=\"description\" content=\"Hi! I am Zdenek and this is my website.\">
|
|
|
|
<meta property=\"og:image\" content=\"http://www.zdenekborovec-dev.cz/favicon.ico\">
|
2024-04-28 15:21:09 +02:00
|
|
|
<link rel=\"icon\" href=\"http://www.zdenekborovec-dev.cz/favicon.ico\">
|
|
|
|
<link rel=\"stylesheet\"
|
|
|
|
href=\"http://assets.zdenekborovec-dev.cz/common/styles.css?TIMESTAMP\">
|
|
|
|
<title>%s</title>
|
2023-12-21 13:11:22 +01:00
|
|
|
</head>
|
2024-01-19 03:38:05 +01:00
|
|
|
|
2023-12-21 13:11:22 +01:00
|
|
|
<body>
|
|
|
|
<main>
|
2024-04-28 15:21:09 +02:00
|
|
|
<div id=\"header\">
|
2024-05-05 21:51:21 +02:00
|
|
|
<table class=\"noborder-table\">
|
|
|
|
<tr>
|
|
|
|
<td>
|
2024-05-06 21:17:48 +02:00
|
|
|
<h1> Zdenek Borovec </h1>
|
2024-05-05 21:51:21 +02:00
|
|
|
</td>
|
|
|
|
<td style=\"text-align: right; padding-right: 2em;\">
|
|
|
|
%s
|
|
|
|
</td>
|
|
|
|
</tr>
|
|
|
|
</table>
|
2023-12-21 13:11:22 +01:00
|
|
|
<ul>
|
2024-04-28 15:21:09 +02:00
|
|
|
<li>
|
|
|
|
<a href=\"http://www.zdenekborovec-dev.cz\">
|
|
|
|
About
|
|
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<a href=\"http://www.zdenekborovec-dev.cz/blog\">
|
|
|
|
Blog
|
|
|
|
</a>
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
Gallery
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<a href=\"http://www.zdenekborovec-dev.cz/random\">
|
2024-06-22 22:24:12 +02:00
|
|
|
Random Stuff
|
2024-04-28 15:21:09 +02:00
|
|
|
</a>
|
|
|
|
</li>
|
2023-12-21 13:11:22 +01:00
|
|
|
</ul>
|
2024-05-05 21:51:21 +02:00
|
|
|
</div>", $pageTitle, construct_account_section());
|
2024-04-28 15:21:09 +02:00
|
|
|
}
|
|
|
|
?>
|