ewiki.sql templates/archaic/edit-profile.php templates/archaic/login.php @@ -37,5 +37,8 @@ final class Config // The default maximum image height const IMAGE_HEIGHT = 480; + + // The DSN of the database to use + const DSN = 'pgsql:'; } include/config.class.php @@ -48,14 +48,39 @@ function ls_r($path) return $r; } +function gentoken($len, $chrs='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./-_') +{ + $str = ''; + for ($i = 0; $i < $len; $i++) + $str .= $chrs{rand(0, strlen($chrs)-1)}; + return $str; +} + +$pdo = new PDO(Config::DSN); +$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + +$view = new View; + +$user = NULL; +if (isset($_COOKIE['session'])) +{ + $stmt = $pdo->prepare('SELECT * FROM ewiki_users WHERE "session" = :session'); + $stmt->execute(array('session' => $_COOKIE['session'])); + $user = $stmt->fetchObject(); + $stmt->closeCursor(); + + if ($user === FALSE) + $user = NULL; +} + +$view->user = $user; + $repo = new Git(Config::GIT_PATH); $parts = explode('?', $_SERVER['REQUEST_URI'], 2); assert(!strncmp($parts[0], Config::PATH, strlen(Config::PATH))); $parts[0] = substr($parts[0], strlen(Config::PATH)); -$view = new View; - $tip = $repo->getHead(Config::GIT_BRANCH); $commit = $tip; if (isset($_GET['commit'])) @@ -84,7 +109,36 @@ else $view->page = $page; } -if ($special[0] == 'recent') // {{{1 +if (!$user || $special[0] == 'login') // {{{1 +{ + $view->setTemplate('login.php'); + + $view->wrong = FALSE; + if (isset($_POST['user']) && isset($_POST['password'])) + { + $stmt = $pdo->prepare('SELECT * FROM ewiki_users WHERE "user" = :user AND "password" = :password'); + $stmt->execute(array('user' => $_POST['user'], 'password' => sha1($_POST['password']))); + $user = $stmt->fetchObject(); + $stmt->closeCursor(); + + if ($user) + { + $session = gentoken(10); + $stmt = $pdo->prepare('UPDATE ewiki_users SET "session" = :session WHERE "user" = :user'); + $stmt->execute(array('user' => $user->user, 'session' => $session)); + $stmt->closeCursor(); + + setcookie('session', $session, 0, Config::PATH . '/'); + redirect(Config::PATH . '/'); + exit(0); + } + else + $view->wrong = TRUE; + } + + $view->display(); +} +else if ($special[0] == 'recent') // {{{1 { $view->setTemplate('recent-changes.php'); @@ -193,6 +247,47 @@ else if ($special[0] == 'merge') // {{{1 $view->display(); } +else if ($special[0] == 'profile') // {{{1 +{ + $view->setTemplate('edit-profile.php'); + + $view->invalid_password = FALSE; + if (isset($_POST['email']) && isset($_POST['newpass'])) + { + $stmt = $pdo->prepare('UPDATE ewiki_users SET "email" = :email WHERE "user" = :user'); + $stmt->execute(array('user' => $user->user, 'email' => $_POST['email'])); + $stmt->closeCursor(); + $user->email = $_POST['email']; + + if ($_POST['newpass']) + { + if (strlen($_POST['newpass']) >= 3) + { + $stmt = $pdo->prepare('UPDATE ewiki_users SET "password" = :pass WHERE "user" = :user'); + $stmt->execute(array('user' => $user->user, 'pass' => sha1($_POST['newpass']))); + $stmt->closeCursor(); + } + else + $view->invalid_password = TRUE; + } + + if (!$view->invalid_password) + { + redirect(Config::PATH . '/'); + exit(0); + } + } + + $view->display(); +} +else if ($special[0] == 'logout') // {{{1 +{ + $stmt = $pdo->prepare('UPDATE ewiki_users SET "session" = NULL WHERE "user" = :user'); + $stmt->execute(array('user' => $user->user)); + $stmt->closeCursor(); + setcookie('session', '', 1, Config::PATH . '/'); + redirect(Config::PATH . '/'); +} else if ($special !== NULL) // {{{1 throw new Exception(sprintf('unknown special: %s', $special[0])); else if ($action == 'view') // {{{1 @@ -302,8 +397,16 @@ else if ($action == 'edit') // {{{1 $newcommit->tree = $tree->getName(); $newcommit->parents = array($commit->getName()); $stamp = new GitCommitStamp; - $stamp->name = $_SERVER['REMOTE_ADDR']; - $stamp->email = sprintf('anonymous@%s', $_SERVER['REMOTE_ADDR']); + if ($user) + { + $stamp->name = $user->name; + $stamp->email = $user->email; + } + else + { + $stamp->name = $_SERVER['REMOTE_ADDR']; + $stamp->email = sprintf('anonymous@%s', $_SERVER['REMOTE_ADDR']); + } $stamp->time = time(); $stamp->offset = idate('Z', $stamp->time); index.php @@ -10,6 +10,13 @@ <body> <div id="page"> <div id="linkpane"> + <? if ($user): ?> + <div id="userinfo"> + <span id="uid"><?= Markup::escape($user->name) ?> + &lt;<?= Markup::escape($user->email) ?>&gt;</span> + <a href="<?= Config::PATH ?>/:profile">change password/email</a> + <a href="<?= Config::PATH ?>/:logout">logout</a> + </div> <div id="globallinks"> <a href="<?= Config::PATH ?>/">home</a> <a href="<?= Config::PATH ?>/:recent">recent changes</a> @@ -27,4 +34,5 @@ </div> <? endif; ?> <div style="clear: both"></div> + <? endif; ?> </div> templates/archaic/header.php @@ -36,7 +36,7 @@ <div class="par"> Summary of changes: - <input type="text" name="summary" class="summary" /> + <input type="text" name="summary" class="text" /> <div class="submit"> <input type="submit" value="Save changes" class="submit" /> </div> templates/archaic/page-edit.php @@ -30,7 +30,7 @@ body #linkpane { font-size: .75em; - line-height: 1.2; + line-height: 1.5; padding-top: 1em; } @@ -43,7 +43,9 @@ body float: left; text-align: left; } -#globallinks a { margin: 0px 1em 0px 0px; } +#globallinks a, +#userinfo a, +#userinfo #uid { margin: 0px 1em 0px 0px; } #pagelinks { @@ -53,6 +55,12 @@ body } #pagelinks a { margin: 0px 0px 0px 1em; } +#userinfo, +#userinfo a +{ + color: #AAA; +} + p, div.par { @@ -133,7 +141,7 @@ table.history overflow: scroll; } -#edit-form input.summary +input.text { font-family: monospace; font-size: .9em; @@ -142,7 +150,7 @@ table.history padding: .25em; } -#edit-form input.submit +input.submit { display: block; margin: .75em 0px .75em auto; @@ -178,13 +186,24 @@ div.commits .commit .changes font-size: .8em; } +div.error, div.history-warning { - background-color: #FFE; - border: 1px solid #FA0; padding: .5em 1em; margin: 1em 0px; line-height: 1.2; font-size: .8em; } +div.history-warning +{ + background-color: #FFE; + border: 1px solid #FA0; +} + +div.error +{ + background-color: #FEE; + border: 1px solid #F00; +} + templates/archaic/style.css 11f056def0cdafb58821982232c6aa5c24ea5f02 Patrik Fimml patrik@fimml.at http://github.com/patrikf/ewiki/commit/81df955a74280a9164304e3f117b09bf2097a24e 81df955a74280a9164304e3f117b09bf2097a24e 2008-07-30T07:48:05-07:00 2008-07-30T07:36:10-07:00 Add user management 160da72c2843748dfd983099b3f0897dbaac50a0 Patrik Fimml patrik@fimml.at