summaryrefslogtreecommitdiff
path: root/src/web
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/web/helpers/html.php21
-rw-r--r--src/web/index.php1
-rw-r--r--src/web/router.php52
-rw-r--r--src/web/views/error.php10
-rw-r--r--src/web/views/footer.php5
-rw-r--r--src/web/views/header.php8
-rw-r--r--src/web/views/login.php39
-rw-r--r--src/web/views/message.php2
8 files changed, 102 insertions, 36 deletions
diff --git a/src/web/helpers/html.php b/src/web/helpers/html.php
new file mode 100644
index 0000000..dc38e3a
--- /dev/null
+++ b/src/web/helpers/html.php
@@ -0,0 +1,21 @@
+<?php /* Copyright (c) 2024 Freya Murphy */
+
+function is_base64(string $data): bool {
+ return base64_encode(base64_decode($data, true)) === $data;
+}
+
+function maybe_base64_encode(string $data): string {
+ if (is_base64($data)) {
+ return $data;
+ } else {
+ return base64_encode($data);
+ }
+}
+
+function esc(string $data): string {
+ $data = trim(preg_replace('/\s\s+/', ' ', $data));
+ $data = str_replace('&', '&amp;', $data);
+ $data = str_replace('<', '&lt;', $data);
+ $data = str_replace('>', '&gt;', $data);
+ return $data;
+}
diff --git a/src/web/index.php b/src/web/index.php
index d4271c9..c4417ea 100644
--- a/src/web/index.php
+++ b/src/web/index.php
@@ -6,6 +6,7 @@ $webroot = dirname(__FILE__);
$publicroot = realpath(dirname(__FILE__) . '/../public');
// load stuff
+require($webroot . '/helpers/html.php');
require($webroot . '/helpers/schema.php');
require($webroot . '/helpers/ldap.php');
require($webroot . '/helpers/auth.php');
diff --git a/src/web/router.php b/src/web/router.php
index ce30f8b..536e228 100644
--- a/src/web/router.php
+++ b/src/web/router.php
@@ -17,12 +17,13 @@ class Router {
/**
* Displays a page to the user
* @param string $file
- * @param array<string,mixed> $data
- */
- private function send_page(
+ * @param array<string,mixed> $data
+ */
+ private function send_page(
string $file,
array $data = array()
): void {
+ $data['bg'] = random_int(1, 70);
extract($data);
$webroot = $GLOBALS['webroot'];
require($webroot . '/views/header.php');
@@ -35,7 +36,7 @@ class Router {
* @param string $title
* @param string $msg
* @param int $code
- */
+ */
private function send_message(
string $title,
string $msg
@@ -50,15 +51,16 @@ class Router {
* Gets the HTTP request information
*/
private function get_req(): array {
- $path = $_SERVER['REQUEST_URI'];
+ $uri = $_SERVER['REQUEST_URI'];
+ $path = parse_url($uri)['path'];
$method = $_SERVER['REQUEST_METHOD'];
return [$method, $path];
}
- /**
- * @param array<string> $fields
- */
- private function get_post_info(
+ /**
+ * @param array<string> $fields
+ */
+ private function get_post_info(
string ...$fields
): ?array {
$values = array();
@@ -88,10 +90,18 @@ class Router {
return;
}
+ $redirect = $this->get_post_info('redirect') ?? '';
+ if (is_array($redirect)) {
+ $redirect = $redirect['redirect'];
+ $redirect = base64_decode($redirect);
+ }
+
$user = $this->ldap->search($info['username']);
if ($user == NULL || !count($user)) {
http_response_code(400);
- $this->send_message('Error', 'User does not exist');
+ $this->send_page('error', array(
+ 'title' => 'Error',
+ 'redirect' => $redirect));
return;
}
@@ -108,9 +118,18 @@ class Router {
$session = $this->auth->create_session($user);
- http_response_code(200);
- $session->write_headers();
- $this->send_message('Success', 'Authenticated. You can now go back to your content');
+ if ($redirect == '') {
+ http_response_code(200);
+ $session->write_headers();
+ $this->send_message('Success', 'Authenticated. You can now go back to your content');
+ } else {
+ if (!str_starts_with($redirect, 'http')) {
+ $redirect = 'http://' . $redirect;
+ }
+ http_response_code(303);
+ $session->write_headers();
+ header("Location: $redirect");
+ }
}
private function handle_logout(): void {
@@ -131,7 +150,7 @@ class Router {
'You have been logged out successfully.');
}
- private function handle_auth(): void {
+ private function handle_auth(): void {
$session = $this->auth->get_session();
if ($session == NULL) {
// redirect them to login
@@ -145,14 +164,15 @@ class Router {
http_response_code(200);
$session->write_headers();
$this->send_message('Authenticated',
- 'You are already logged in.<br><br><a href="logout">Log Out</a>');
+ '<a class="btn" href="logout">Log Out</a>');
}
}
private function page_login(): void {
http_response_code(200);
$this->send_page('login', array(
- 'title' => 'Login'
+ 'title' => 'Login',
+ 'redirect' => $_GET['redirect'] ?? ''
));
}
diff --git a/src/web/views/error.php b/src/web/views/error.php
new file mode 100644
index 0000000..2860336
--- /dev/null
+++ b/src/web/views/error.php
@@ -0,0 +1,10 @@
+<?php /* Copyright (c) 2024 Freya Murphy */ ?>
+<form method="post" autocomplete="off">
+<span>Authentication failed</span>
+<br>
+<br>
+<a
+ class="btn"
+ href="/login?redirect=<?=maybe_base64_encode(esc($redirect))?>">
+ Go Back
+</a>
diff --git a/src/web/views/footer.php b/src/web/views/footer.php
index eb7ee28..bac99a3 100644
--- a/src/web/views/footer.php
+++ b/src/web/views/footer.php
@@ -1,4 +1,9 @@
<?php /* Copyright (c) 2024 Freya Murphy */ ?>
+ </div>
+ </div>
+ <div class="banner col">
+ <img src="/public/bg/<?=sprintf("%04d", $bg)?>.jpg">
+ </div>
</main>
</body>
</html>
diff --git a/src/web/views/header.php b/src/web/views/header.php
index befa190..3a608c3 100644
--- a/src/web/views/header.php
+++ b/src/web/views/header.php
@@ -4,13 +4,11 @@
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
- <link href="//fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&amp;subset=latin" rel="stylesheet">
<link rel="stylesheet" href="/public/main.css">
<title><?=$title?></title>
</head>
<body>
- <main id="main" role="main">
- <div class="heading">
- <span><?=$title?></span>
- </div>
+ <main id="main" role="main" class="row">
+ <div class="content-box col">
<div class="content">
+ <h1><?=$title?></h1>
diff --git a/src/web/views/login.php b/src/web/views/login.php
index 98d69af..ca38066 100644
--- a/src/web/views/login.php
+++ b/src/web/views/login.php
@@ -1,22 +1,33 @@
<?php /* Copyright (c) 2024 Freya Murphy */ ?>
-<form method="post">
-<label for="username">Username</label>
-<input
- type="text"
- id="username"
- name="username"
- autofocus="true"
->
-<label fot="password">Password</label>
-<input
- type="password"
- id="password"
- name="password"
->
+<form method="post" autocomplete="off">
+<div>
+ <input
+ type="text"
+ id="username"
+ name="username"
+ autofocus="true"
+ autocomplete="off"
+ placeholder=" ">
+ <label for="username">Username</label>
+</div>
+<div>
+ <input
+ type="password"
+ id="password"
+ name="password"
+ autocomplete="off"
+ placeholder=" ">
+ <label fot="password">Password</label>
+</div>
<input
type="submit"
role="button"
id="submit"
value="Sign In"
+ class="btn"
>
+<input
+ type="hidden"
+ name="redirect"
+ value="<?=maybe_base64_encode(esc($redirect))?>">
<form>
diff --git a/src/web/views/message.php b/src/web/views/message.php
index a071409..a8c074a 100644
--- a/src/web/views/message.php
+++ b/src/web/views/message.php
@@ -1 +1 @@
-<center><?=$msg?></center>
+<div class="inner"><?=$msg?></div>
generated by cgit v1.2.3-freya (git 2.51.0) at 2025-09-22 21:25:07 +0000