From c5f39ea2cd7cf02246705ea8872d3b350526165c Mon Sep 17 00:00:00 2001
From: Freya Murphy <freya@freyacat.org>
Date: Fri, 24 May 2024 09:05:42 -0400
Subject: initial

---
 src/web/_controller/_comments.php | 87 +++++++++++++++++++++++++++++++++++++++
 src/web/_controller/_meta.php     | 76 ++++++++++++++++++++++++++++++++++
 src/web/_controller/blog.php      | 74 +++++++++++++++++++++++++++++++++
 src/web/_controller/bucket.php    | 22 ++++++++++
 src/web/_controller/error.php     | 21 ++++++++++
 src/web/_controller/home.php      | 17 ++++++++
 src/web/_controller/projects.php  | 21 ++++++++++
 7 files changed, 318 insertions(+)
 create mode 100644 src/web/_controller/_comments.php
 create mode 100644 src/web/_controller/_meta.php
 create mode 100644 src/web/_controller/blog.php
 create mode 100644 src/web/_controller/bucket.php
 create mode 100644 src/web/_controller/error.php
 create mode 100644 src/web/_controller/home.php
 create mode 100644 src/web/_controller/projects.php

(limited to 'src/web/_controller')

diff --git a/src/web/_controller/_comments.php b/src/web/_controller/_comments.php
new file mode 100644
index 0000000..4b87a94
--- /dev/null
+++ b/src/web/_controller/_comments.php
@@ -0,0 +1,87 @@
+<?php /* Copyright (c) 2024 Freya Murphy */
+class _comments_controller extends Controller {
+
+	private $comments_model;
+
+	function __construct($load) {
+		parent::__construct($load);
+		$this->comments_model = $this->load->model('_comments');
+	}
+
+
+	public function comments($page, $ref): void {
+		$data = $this->comments_model->get_comments($page);
+		$this->view('comments', array(
+			'comments' => $data,
+			'ref' => $ref,
+			'page' => $page
+		));
+	}
+
+	public function post(): void {
+		$author = ''; $content = ''; $ref = '';
+		if (
+			!array_key_exists('author', $_GET) ||
+			!array_key_exists('content', $_GET) ||
+			!array_key_exists('ref', $_GET) ||
+			!array_key_exists('page', $_GET)
+		) {
+			$this->error(400); return;
+		}
+
+		$author = trim($_GET['author']);
+		$content = trim($_GET['content']);
+		$page = $_GET['page'];
+		$ref = $_GET['ref'];
+		$url = NULL;
+
+		$author_len = strlen($author);
+		$content_len = strlen($content);
+
+		if ($author_len < 1 || $content_len < 1) {
+			$this->error(400);
+			return;
+		}
+
+		if ($author_len > 30 || $content_len > 500) {
+			$this->error(413);
+			return;
+		}
+
+		if (base64_encode(base64_decode($ref)) !== $ref) {
+			// invalid base64
+			$this->error(400);
+			return;
+		}
+
+		try {
+			$ref = base64_decode($ref);
+			$url = parse_url($ref);
+			if (!$url && array_key_exists('host', $url)) {
+				// dont allow redirects off this site
+				$this->error(400);
+				return;
+			}
+		} catch (Exception $e) {
+			$this->error(400);
+			return;
+		}
+
+		$vulgar = 'false';
+		if (
+			$this->comments_model->is_vulgar($author) ||
+			$this->comments_model->is_vulgar($content)
+		) {
+			$vulgar = 'true';
+		}
+
+		$result = $this->comments_model
+			->post_comment($author, $content, $page, $vulgar);
+
+		if ($result) {
+			header('Location: ' . $this->main->get_url($ref) . '#comments');
+		} else {
+			$this->error(500);
+		}
+	}
+}
diff --git a/src/web/_controller/_meta.php b/src/web/_controller/_meta.php
new file mode 100644
index 0000000..801d254
--- /dev/null
+++ b/src/web/_controller/_meta.php
@@ -0,0 +1,76 @@
+<?php /* Copyright (c) 2024 Freya Murphy */
+class _meta_controller extends Controller {
+
+	function __construct($load) {
+		parent::__construct($load);
+	}
+
+	public function robots() {
+		header("Content-Type: text/plain");
+		$sitemap = $this->main->get_url_full('sitemap.xml');
+
+		echo "User-agent: *\n";
+		echo "Disallow:\n";
+		echo "Crawl-delay: 5\n";
+		echo "Disallow: /_comments/\n";
+		echo "Disallow: /pacbattle/\n";
+		echo "Disallow: /bucket/\n";
+		echo "Sitemap: {$sitemap}\n";
+	}
+
+	private function sitemap_page($url, $priority) {
+		echo "<url>\n";
+		echo "<loc>{$this->main->get_url_full($url)}</loc>\n";
+		echo "<priority>{$priority}</priority>\n";
+		echo "</url>";
+	}
+
+	public function sitemap() {
+		header("Content-Type: application/xml");
+
+		echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
+		echo "<urlset xmlns=\"http://www.sitemaps.org/schemas/sitemap/0.9\">\n";
+
+		$this->sitemap_page('home', 1);
+		$this->sitemap_page('projects', 0.8);
+		$this->sitemap_page('blog', 0.8);
+
+		$this->load->app_lang('blog');
+		$blog_modal = $this->load->model('blog');
+		$blog = $blog_modal->get_data()['blog'];
+
+		foreach ($blog as $name => $_) {
+			$this->sitemap_page("blog/post?name={$name}", 0.5);
+		}
+
+		echo "</urlset>\n";
+	}
+
+	public function manifest() {
+		$json = array(
+			'short_name' => lang('domain'),
+			'name' => lang('domain'),
+			'icons' => [
+				array(
+					'src' => $this->main->get_url('public/icons/logo512.png'),
+					'type' => 'image/png',
+					'sizes' => '512x512',
+					'purpose' => 'any maskable'
+				)
+			],
+			'id' => $this->main->get_url('home'),
+			'start_url' => $this->main->get_url('home'),
+			'background_color' => lang('theme_color'),
+			'display' => 'standalone',
+			'scope' => lang('base_path'),
+			'theme_color' => lang('theme_color'),
+			'shortcuts' => [],
+			'description' => lang('default_short_desc'),
+			'screenshots' => []
+		);
+
+		header('Content-type: application/json');
+		echo json_encode($json);
+	}
+
+}
diff --git a/src/web/_controller/blog.php b/src/web/_controller/blog.php
new file mode 100644
index 0000000..f13ffd1
--- /dev/null
+++ b/src/web/_controller/blog.php
@@ -0,0 +1,74 @@
+<?php /* Copyright (c) 2024 Freya Murphy */
+class Blog_controller extends Controller {
+
+	public $comments_controller;
+	private $blog_model;
+
+	function __construct($load) {
+		parent::__construct($load);
+		$this->blog_model = $this->load->model('blog');
+		$this->comments_controller = $this->load->controller('_comments');
+	}
+
+	public function index(): void {
+		parent::index();
+		$data = $this->blog_model->get_data();
+		$this->view('header', $data);
+		$this->view('apps/blog', $data);
+		$this->view('footer', $data);
+	}
+
+	private function protect($folder) {
+		if (!array_key_exists('name', $_GET)) {
+			$this->error(400);
+		}
+
+		$basepath = $GLOBALS['assetroot'] . '/' . $folder . '/';
+		$realBase = realpath($basepath);
+
+		$userpath = $basepath . $_GET['name'];
+		$realUserPath = realpath($userpath);
+
+		if ($realUserPath === false || strpos($realUserPath, $realBase) !== 0) {
+			$this->error(404);
+		}
+	}
+
+	public function post(): void {
+		$this->protect('blog');
+		parent::index();
+		$data = $this->blog_model->get_post($_GET['name']);
+		if ($data === FALSE) {
+			$this->error(404);
+		}
+		$this->view('header', $data);
+		$this->view('apps/blog_post', $data);
+		$ref = 'blog/post?name=' . $_GET['name'];
+		$this->comments_controller->comments($data['post']['meta']['name'], $ref);
+		$this->view('footer', $data);
+	}
+
+	public function writeup(): void {
+		$this->protect('writeup');
+		parent::index();
+		$data = $this->blog_model->get_writeup($_GET['name']);
+		if ($data === FALSE) {
+			$this->error(404);
+		}
+		$this->view('header', $data);
+		$this->view('apps/blog_writeup', $data);
+		$ref = 'blog/writeup?name=' . $_GET['name'];
+		$this->comments_controller->comments($data['post']['meta']['name'], $ref);
+		$this->view('footer', $data);
+	}
+
+	public function rss() {
+		$data = $this->blog_model->get_data();
+		header('Content-Type: application/xml');
+		$this->view('apps/blog_rss', $data);
+		die();
+	}
+
+}
+
+?>
diff --git a/src/web/_controller/bucket.php b/src/web/_controller/bucket.php
new file mode 100644
index 0000000..ed15ef8
--- /dev/null
+++ b/src/web/_controller/bucket.php
@@ -0,0 +1,22 @@
+<?php /* Copyright (c) 2024 Freya Murphy */
+class Bucket_controller extends Controller {
+
+	private $bucket_model;
+
+	function __construct($load) {
+		parent::__construct($load);
+		$this->bucket_model = $this->load->model('bucket');
+	}
+
+	public function index(): void {
+		parent::index();
+		$data = $this->bucket_model->get_data();
+		if ($data === NULL) {
+			$this->error(400);
+			return;
+		}
+		$this->view('apps/bucket', $data);
+	}
+}
+
+?>
diff --git a/src/web/_controller/error.php b/src/web/_controller/error.php
new file mode 100644
index 0000000..d24308b
--- /dev/null
+++ b/src/web/_controller/error.php
@@ -0,0 +1,21 @@
+<?php /* Copyright (c) 2024 Freya Murphy */
+class Error_controller extends Controller {
+
+	private $error_model;
+
+	function __construct($load) {
+		parent::__construct($load);
+		$this->error_model = $this->load->model('error');
+	}
+
+	public function index(): void {
+		parent::index();
+		$data = $this->error_model->get_data();
+		$this->view('header', $data);
+		$this->view('apps/error', $data);
+		$this->view('footer', $data);
+	}
+
+}
+
+?>
diff --git a/src/web/_controller/home.php b/src/web/_controller/home.php
new file mode 100644
index 0000000..12dff64
--- /dev/null
+++ b/src/web/_controller/home.php
@@ -0,0 +1,17 @@
+<?php /* Copyright (c) 2024 Freya Murphy */
+class Home_controller extends Controller {
+	function __construct($load) {
+		parent::__construct($load);
+	}
+
+	public function index(): void {
+		parent::index();
+		$data = $this->main->get_data();
+		$this->view('header', $data);
+		$this->view('apps/home', $data);
+		$this->view('footer', $data);
+	}
+
+}
+
+?>
diff --git a/src/web/_controller/projects.php b/src/web/_controller/projects.php
new file mode 100644
index 0000000..9ee2136
--- /dev/null
+++ b/src/web/_controller/projects.php
@@ -0,0 +1,21 @@
+<?php /* Copyright (c) 2024 Freya Murphy */
+class Projects_controller extends Controller {
+
+	private $projects_model;
+
+	function __construct($load) {
+		parent::__construct($load);
+		$this->projects_model = $this->load->model('projects');
+	}
+
+	public function index(): void {
+		parent::index();
+		$data = $this->projects_model->get_data();
+		$this->view('header', $data);
+		$this->view('apps/projects', $data);
+		$this->view('footer', $data);
+	}
+
+}
+
+?>
-- 
cgit v1.2.3-freya