mince/public/index.php

134 lines
4.2 KiB
PHP
Raw Normal View History

2022-07-03 22:07:00 +00:00
<?php
namespace Mince;
2023-08-16 22:39:35 +00:00
use Index\XString;
2022-07-03 22:07:00 +00:00
use Index\Http\HttpFx;
use Index\Security\CSRFP;
2022-07-03 22:07:00 +00:00
require_once __DIR__ . '/../mince.php';
// replace this with id.flashii.net shit
$authToken = (string)filter_input(INPUT_COOKIE, 'msz_auth');
$userInfo = ChatAuth::attempt($db, $config['chat_endpoint'], $config['chat_secret'], $authToken);
2023-08-16 22:39:35 +00:00
$csrfp = new CSRFP(
$config['csrf_secret'],
$userInfo->success ? $authToken : $_SERVER['REMOTE_ADDR']
);
2023-08-16 22:39:35 +00:00
$templating = new Templating;
$templating->addPath(MCR_DIR_TPL);
$templating->addVars([
2023-08-16 22:39:35 +00:00
'global' => [
'title' => 'Flashii Minecraft Servers',
'loginUrl' => $config['login_url'],
],
'auth' => $userInfo,
'csrfp' => $csrfp->createToken(),
]);
2022-07-03 22:07:00 +00:00
2023-08-16 22:39:35 +00:00
$router = new HttpFx;
2022-07-03 22:07:00 +00:00
$router->setDefaultErrorHandler(function($response, $request, $code, $text) use ($userInfo, $templating) {
$response->setContent($templating->render('http-error', [
2023-08-16 22:39:35 +00:00
'error' => [
'code' => sprintf('%03d', $code),
'text' => $text,
],
]));
2022-07-03 22:07:00 +00:00
});
$router->use('/', function($response, $request) {
2023-02-25 20:17:06 +00:00
$response->setPoweredBy('Mince');
2022-07-03 22:07:00 +00:00
});
$router->get('/index.php', function($response) {
$response->redirect('/', true);
});
$router->get('/', function($response, $request) use ($userInfo, $templating) {
2022-07-03 22:07:00 +00:00
$name = (string)$request->getParam('name');
$error = (string)$request->getParam('error');
if(!empty($error) && ctype_lower($error)) {
$errors = [
'request' => ['Invalid request type.', 'Try to reload the page and try again.'],
'verify' => ['Request verification failed.', 'Try to reload the page and try again.'],
'itainthappenin' => ['Haha', 'No'],
'short' => ['Invalid username', 'The provided name is too short.'],
'long' => ['Invalid username', 'The provided name is too long.'],
'invalid' => ['Invalid username', 'The provided name contains invalid characters.'],
'conflict' => ['Username conflict', 'This username is already whitelisted with someone, contact flashwave if this is unexpected.'],
'connect' => ['Failed to connect to the server', 'The server is probably offline, pope flashwave if this is not expected.'],
'not-listed' => ['You have not been whitelisted yet', 'Add yourself to the whitelist before trying to remove yourself from it.'],
];
if(array_key_exists($error, $errors)) {
$mErrorTitle = $errors[$error][0];
$mErrorComment = $errors[$error][1];
} else {
$mErrorTitle = 'Unexpected response from server';
$mErrorComment = $error;
}
$templating->addVars([
2023-08-16 22:39:35 +00:00
'error' => [
'title' => $mErrorTitle,
'body' => $mErrorComment,
],
]);
2022-07-03 22:07:00 +00:00
}
2023-08-16 22:39:35 +00:00
if($userInfo->mc_whitelisted > 0)
$templating->setVar('whitelist_pending', floor($userInfo->mc_whitelisted / 300) === floor(time() / 300));
2022-07-03 22:07:00 +00:00
return $templating->render('index', [
2023-08-16 22:39:35 +00:00
'wladdform_username' => $name,
]);
2022-07-03 22:07:00 +00:00
});
$router->use('/whitelist', function($response, $request) use ($csrfp) {
2022-07-03 22:07:00 +00:00
if(!$request->isFormContent()) {
$response->redirect('/?error=request');
return true;
}
$body = $request->getContent();
if(!$body->hasParam('csrfp') || !$csrfp->verifyToken((string)$body->getParam('csrfp'))) {
2022-07-03 22:07:00 +00:00
$response->redirect('/?error=verify');
return true;
}
});
$router->post('/whitelist/add', function($response, $request) use ($db, $userInfo) {
if($userInfo->user_id == 45) {
$response->redirect('/?error=itainthappenin');
return true;
}
$body = $request->getContent();
$name = (string)$body->getParam('name');
2023-02-25 20:17:06 +00:00
$resp = (new Whitelist($db))->add($userInfo, $name);
2022-07-03 22:07:00 +00:00
if($resp === '')
$response->redirect('/');
else {
if($resp === 'invalid')
$name = '';
$response->redirect("/?error={$resp}&name={$name}");
}
});
$router->post('/whitelist/remove', function($response) use ($db, $userInfo) {
2023-02-25 20:17:06 +00:00
$resp = (new Whitelist($db))->remove($userInfo);
2022-07-03 22:07:00 +00:00
if($resp === '')
$response->redirect('/');
else
$response->redirect("/?error={$resp}");
});
$router->dispatch();