flash/sakura
flash/sakura
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

cleanup

Browse source
This commit is contained in:
flash 2016-08-02 22:35:12 +02:00
parent 6fa32eb5dc
commit 0dc204fcb3
23 changed files with 611 additions and 894 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/Controllers/Forum/PostController.php
View file

@ -12,6 +12,7 @@ use Sakura\DB;
use Sakura\Forum\Forum; use Sakura\Forum\Forum;
use Sakura\Forum\Post; use Sakura\Forum\Post;
use Sakura\Forum\Topic; use Sakura\Forum\Topic;
use Sakura\Perms;
use Sakura\Perms\Forum as ForumPerms; use Sakura\Perms\Forum as ForumPerms;
/** /**
@ -178,8 +179,6 @@ class PostController extends Controller
public function delete($id = 0) public function delete($id = 0)
{ {
$action = isset($_POST['yes']) && session_check();
$post = new Post($id); $post = new Post($id);
$topic = new Topic($post->topic); $topic = new Topic($post->topic);
$forum = new Forum($topic->forum); $forum = new Forum($topic->forum);
@ -211,8 +210,8 @@ class PostController extends Controller
return view('global/information', compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
} }
if ($action !== null) { if (session_check('sessionid')) {
if ($action) { if (isset($_POST['yes'])) {
// Set message // Set message
$message = "Deleted the post!"; $message = "Deleted the post!";

235
app/Controllers/Settings/AccountController.php
View file

@ -8,11 +8,8 @@
namespace Sakura\Controllers\Settings; namespace Sakura\Controllers\Settings;
use Sakura\ActiveUser; use Sakura\ActiveUser;
use Sakura\Config;
use Sakura\DB; use Sakura\DB;
use Sakura\Perms\Site; use Sakura\Perms\Site;
use Sakura\Router;
use Sakura\Template;
/** /**
* Account settings. * Account settings.
@ -22,43 +19,98 @@ use Sakura\Template;
*/ */
class AccountController extends Controller class AccountController extends Controller
{ {
public function profile()
{
// Check permission
if (!ActiveUser::$user->permission(Site::ALTER_PROFILE)) {
$message = "You aren't allowed to edit your profile!";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
}
if (session_check()) {
$redirect = route('settings.account.profile');
$save = [];
$allowed = [
'website',
'twitter',
'github',
'skype',
'discord',
'youtube',
'steam',
'osu',
'lastfm',
];
foreach ($allowed as $field) {
$save["user_{$field}"] = $_POST["profile_{$field}"] ?? null;
}
DB::table('users')
->where('user_id', ActiveUser::$user->id)
->update($save);
// Birthdays
if (isset($_POST['birthday_day'], $_POST['birthday_month'], $_POST['birthday_year'])) {
$day = intval($_POST['birthday_day']);
$month = intval($_POST['birthday_month']);
$year = intval($_POST['birthday_year']);
if (!$day && !$month && !$year) {
$birthdate = null;
} else {
if (!checkdate($month, $day, $year ? $year : 1)
|| $year > date("Y")
|| ($year != 0 && $year < (date("Y") - 100))) {
$message = "Your birthdate was invalid, everything else was saved though!";
return view('global/information', compact('message', 'redirect'));
}
// Combine it into a YYYY-MM-DD format
$birthdate = implode('-', compact('year', 'month', 'day'));
}
DB::table('users')
->where('user_id', ActiveUser::$user->id)
->update([
'user_birthday' => $birthdate,
]);
}
$message = "Updated your profile!";
return view('global/information', compact('message', 'redirect'));
}
return view('settings/account/profile');
}
public function email() public function email()
{ {
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::CHANGE_EMAIL)) { if (!ActiveUser::$user->permission(Site::CHANGE_EMAIL)) {
$message = "You aren't allowed to change your e-mail address."; $message = "You aren't allowed to change your e-mail address.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null;
$email = $_POST['email'] ?? null; $email = $_POST['email'] ?? null;
if ($session && $email) { if (session_check() && $email) {
$redirect = Router::route('settings.account.email'); $redirect = route('settings.account.email');
// Check if the CSRF session matches
if ($session !== session_id()) {
$message = "Your session expired!";
Template::vars(compact('redirect', 'message'));
return Template::render('global/information');
}
// Validate e-mail address // Validate e-mail address
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$message = "The e-mail address you supplied is invalid!"; $message = "The e-mail address you supplied is invalid!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
// Check the MX record of the email // Check the MX record of the email
if (!check_mx_record($email)) { if (!check_mx_record($email)) {
$message = 'No valid MX-Record found on the e-mail address you supplied.'; $message = 'No valid MX-Record found on the e-mail address you supplied.';
Template::vars(compact('message', 'redirect')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
// Check if the e-mail has already been used // Check if the e-mail has already been used
@ -67,18 +119,16 @@ class AccountController extends Controller
->count(); ->count();
if ($emailCheck) { if ($emailCheck) {
$message = 'Someone already used this e-mail!'; $message = 'Someone already used this e-mail!';
Template::vars(compact('message', 'redirect')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
ActiveUser::$user->setMail($email); ActiveUser::$user->setMail($email);
$message = 'Changed your e-mail address!'; $message = 'Changed your e-mail address!';
Template::vars(compact('message', 'redirect')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
return Template::render('settings/account/email'); return view('settings/account/email');
} }
public function username() public function username()
@ -86,39 +136,26 @@ class AccountController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::CHANGE_USERNAME)) { if (!ActiveUser::$user->permission(Site::CHANGE_USERNAME)) {
$message = "You aren't allowed to change your username."; $message = "You aren't allowed to change your username.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('redirect', 'message'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null;
$username = $_POST['username'] ?? null; $username = $_POST['username'] ?? null;
if ($session && $username) { if (session_check() && $username) {
$redirect = Router::route('settings.account.username'); $redirect = route('settings.account.username');
$username_clean = clean_string($username, true); $username_clean = clean_string($username, true);
// Check if the CSRF session matches
if ($session !== session_id()) {
$message = "Your session expired!";
Template::vars(compact('redirect', 'message'));
return Template::render('global/information');
}
// Check if the username is too short // Check if the username is too short
if (strlen($username_clean) < config('user.name_min')) { if (strlen($username_clean) < config('user.name_min')) {
$message = "This username is too short!"; $message = "This username is too short!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
// Check if the username is too long // Check if the username is too long
if (strlen($username_clean) > config('user.name_max')) { if (strlen($username_clean) > config('user.name_max')) {
$message = "This username is too long!"; $message = "This username is too long!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
// Check if this username hasn't been used in the last amount of days set in the config // Check if this username hasn't been used in the last amount of days set in the config
@ -131,8 +168,7 @@ class AccountController extends Controller
// Check if anything was returned // Check if anything was returned
if ($getOld && $getOld[0]->user_id != ActiveUser::$user->id) { if ($getOld && $getOld[0]->user_id != ActiveUser::$user->id) {
$message = "The username you tried to use is reserved, try again later!"; $message = "The username you tried to use is reserved, try again later!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
// Check if the username is already in use // Check if the username is already in use
@ -143,18 +179,16 @@ class AccountController extends Controller
// Check if anything was returned // Check if anything was returned
if ($getInUse) { if ($getInUse) {
$message = "Someone is already using this name!"; $message = "Someone is already using this name!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
ActiveUser::$user->setUsername($username, $username_clean); ActiveUser::$user->setUsername($username, $username_clean);
$message = "Changed your username!"; $message = "Changed your username!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
return Template::render('settings/account/username'); return view('settings/account/username');
} }
public function title() public function title()
@ -162,36 +196,23 @@ class AccountController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::CHANGE_USERTITLE)) { if (!ActiveUser::$user->permission(Site::CHANGE_USERTITLE)) {
$message = "You aren't allowed to change your title."; $message = "You aren't allowed to change your title.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('redirect', 'message'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null;
$title = $_POST['title'] ?? null; $title = $_POST['title'] ?? null;
if ($session && $title !== null) { if (session_check() && $title !== null) {
$redirect = Router::route('settings.account.title'); $redirect = route('settings.account.title');
// Check if the CSRF session matches
if ($session !== session_id()) {
$message = "Your session expired!";
Template::vars(compact('redirect', 'message'));
return Template::render('global/information');
}
if (strlen($title) > 64) { if (strlen($title) > 64) {
$message = "This title is too long!"; $message = "This title is too long!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
if ($title === ActiveUser::$user->title) { if ($title === ActiveUser::$user->title) {
$message = "This is already your title!"; $message = "This is already your title!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
// Update database // Update database
@ -202,11 +223,10 @@ class AccountController extends Controller
]); ]);
$message = "Changed your title!"; $message = "Changed your title!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
return Template::render('settings/account/title'); return view('settings/account/title');
} }
public function password() public function password()
@ -214,49 +234,35 @@ class AccountController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::CHANGE_PASSWORD)) { if (!ActiveUser::$user->permission(Site::CHANGE_PASSWORD)) {
$message = "You aren't allowed to change your password."; $message = "You aren't allowed to change your password.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('redirect', 'message'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null;
$current = $_POST['current'] ?? null; $current = $_POST['current'] ?? null;
$password = $_POST['password'] ?? null; $password = $_POST['password'] ?? null;
if ($session && $current && $password) { if (session_check() && $current && $password) {
$redirect = Router::route('settings.account.password'); $redirect = route('settings.account.password');
// Check if the CSRF session matches
if ($session !== session_id()) {
$message = "Your session expired!";
Template::vars(compact('redirect', 'message'));
return Template::render('global/information');
}
// Check current password // Check current password
if (!password_verify($current, ActiveUser::$user->password)) { if (!password_verify($current, ActiveUser::$user->password)) {
$message = "Your password was invalid!"; $message = "Your password was invalid!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
// Check password entropy // Check password entropy
if (password_entropy($password) < config('user.pass_min_entropy')) { if (password_entropy($password) < config('user.pass_min_entropy')) {
$message = "Your password isn't strong enough!"; $message = "Your password isn't strong enough!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
ActiveUser::$user->setPassword($password); ActiveUser::$user->setPassword($password);
$message = "Changed your password!"; $message = "Changed your password!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
return Template::render('settings/account/password'); return view('settings/account/password');
} }
public function ranks() public function ranks()
@ -264,14 +270,10 @@ class AccountController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::ALTER_RANKS)) { if (!ActiveUser::$user->permission(Site::ALTER_RANKS)) {
$message = "You aren't allowed to manage your ranks."; $message = "You aren't allowed to manage your ranks.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('redirect', 'message'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null;
$rank = $_POST['rank'] ?? null; $rank = $_POST['rank'] ?? null;
$mode = $_POST['mode'] ?? null; $mode = $_POST['mode'] ?? null;
@ -283,46 +285,33 @@ class AccountController extends Controller
config('rank.banned'), config('rank.banned'),
]; ];
if ($session && $rank && $mode) { if (session_check() && $rank && $mode) {
$redirect = Router::route('settings.account.ranks'); $redirect = route('settings.account.ranks');
// Check if the CSRF session matches
if ($session !== session_id()) {
$message = "Your session expired!";
Template::vars(compact('redirect', 'message'));
return Template::render('global/information');
}
// Check if user has this rank // Check if user has this rank
if (!ActiveUser::$user->hasRanks([$rank])) { if (!ActiveUser::$user->hasRanks([$rank])) {
$message = "You aren't a part of this rank!"; $message = "You aren't a part of this rank!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
if ($mode == 'remove') { if ($mode == 'remove') {
if (in_array($rank, $locked)) { if (in_array($rank, $locked)) {
$message = "You aren't allowed to remove this rank from your account!"; $message = "You aren't allowed to remove this rank from your account!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
ActiveUser::$user->removeRanks([$rank]); ActiveUser::$user->removeRanks([$rank]);
$message = "Removed the rank from your account!"; $message = "Removed the rank from your account!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
ActiveUser::$user->setMainRank($rank); ActiveUser::$user->setMainRank($rank);
$message = "Changed your main rank!"; $message = "Changed your main rank!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('redirect', 'message'));
return Template::render('global/information');
} }
Template::vars(compact('locked')); return view('settings/account/ranks', compact('locked'));
return Template::render('settings/account/ranks');
} }
} }

62
app/Controllers/Settings/AdvancedController.php
View file

@ -10,8 +10,6 @@ namespace Sakura\Controllers\Settings;
use Sakura\ActiveUser; use Sakura\ActiveUser;
use Sakura\DB; use Sakura\DB;
use Sakura\Perms\Site; use Sakura\Perms\Site;
use Sakura\Router;
use Sakura\Template;
/** /**
* Advanced settings. * Advanced settings.
@ -26,26 +24,15 @@ class AdvancedController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::MANAGE_SESSIONS)) { if (!ActiveUser::$user->permission(Site::MANAGE_SESSIONS)) {
$message = "You aren't allowed to manage sessions."; $message = "You aren't allowed to manage sessions.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null;
$id = $_POST['id'] ?? null; $id = $_POST['id'] ?? null;
$all = isset($_POST['all']); $all = isset($_POST['all']);
if ($session && ($id || $all)) { if (session_check() && ($id || $all)) {
$redirect = Router::route('settings.advanced.sessions'); $redirect = route('settings.advanced.sessions');
// Check if the CSRF session matches
if ($session !== session_id()) {
$message = "Your session expired, not the one you were intending to let expire though!";
Template::vars(compact('redirect', 'message'));
return Template::render('global/information');
}
// End all sessions // End all sessions
if ($all) { if ($all) {
@ -54,8 +41,7 @@ class AdvancedController extends Controller
->delete(); ->delete();
$message = "Deleted all active session associated with your account!"; $message = "Deleted all active session associated with your account!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
// Create the session statement // Create the session statement
@ -66,16 +52,14 @@ class AdvancedController extends Controller
// Check if the session exists // Check if the session exists
if (!$session->count()) { if (!$session->count()) {
$message = "This session doesn't exist!"; $message = "This session doesn't exist!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
// Delete it // Delete it
$session->delete(); $session->delete();
$message = "Deleted the session!"; $message = "Deleted the session!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
$sessions = DB::table('sessions') $sessions = DB::table('sessions')
@ -83,9 +67,7 @@ class AdvancedController extends Controller
->get(); ->get();
$active = ActiveUser::$session->sessionId; $active = ActiveUser::$session->sessionId;
Template::vars(compact('sessions', 'active')); return view('settings/advanced/sessions', compact('sessions', 'active'));
return Template::render('settings/advanced/sessions');
} }
public function deactivate() public function deactivate()
@ -93,31 +75,18 @@ class AdvancedController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::DEACTIVATE_ACCOUNT)) { if (!ActiveUser::$user->permission(Site::DEACTIVATE_ACCOUNT)) {
$message = "You aren't allowed to deactivate your account."; $message = "You aren't allowed to deactivate your account.";
$redirect = Router::route('settings.general.home'); return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null;
$password = $_POST['password'] ?? null; $password = $_POST['password'] ?? null;
if ($session && $password) { if (session_check() && $password) {
$redirect = Router::route('settings.advanced.deactivate'); $redirect = route('settings.advanced.deactivate');
// Verify session
if ($session !== session_id()) {
$message = "Session verification failed!";
Template::vars(compact('redirect', 'message'));
return Template::render('global/information');
}
// Check password // Check password
if (!ActiveUser::$user->verifyPassword($password)) { if (!ActiveUser::$user->verifyPassword($password)) {
$message = "Your password was invalid!"; $message = "Your password was invalid!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
// Deactivate account // Deactivate account
@ -128,12 +97,11 @@ class AdvancedController extends Controller
// Destroy all active sessions // Destroy all active sessions
ActiveUser::$session->destroyAll(); ActiveUser::$session->destroyAll();
$redirect = Router::route('main.index'); $redirect = route('main.index');
$message = "Farewell!"; $message = "Farewell!";
Template::vars(compact('redirect', 'message')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
return Template::render('settings/advanced/deactivate'); return view('settings/advanced/deactivate');
} }
} }

154
app/Controllers/Settings/AppearanceController.php
View file

@ -8,12 +8,9 @@
namespace Sakura\Controllers\Settings; namespace Sakura\Controllers\Settings;
use Sakura\ActiveUser; use Sakura\ActiveUser;
use Sakura\Config;
use Sakura\DB; use Sakura\DB;
use Sakura\File; use Sakura\File;
use Sakura\Perms\Site; use Sakura\Perms\Site;
use Sakura\Router;
use Sakura\Template;
/** /**
* Appearance settings. * Appearance settings.
@ -117,18 +114,13 @@ class AppearanceController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::CHANGE_AVATAR)) { if (!ActiveUser::$user->permission(Site::CHANGE_AVATAR)) {
$message = "You aren't allowed to change your avatar."; $message = "You aren't allowed to change your avatar.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null; if (session_check()) {
if ($session) {
$avatar = $_FILES['avatar'] ?? null; $avatar = $_FILES['avatar'] ?? null;
$redirect = Router::route('settings.appearance.avatar'); $redirect = route('settings.appearance.avatar');
if ($avatar && $avatar['error'] !== UPLOAD_ERR_NO_FILE) { if ($avatar && $avatar['error'] !== UPLOAD_ERR_NO_FILE) {
$upload = $this->handleUpload('avatar', $_FILES['avatar']); $upload = $this->handleUpload('avatar', $_FILES['avatar']);
@ -138,12 +130,10 @@ class AppearanceController extends Controller
$message = "Deleted your avatar!"; $message = "Deleted your avatar!";
} }
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
return Template::render('settings/appearance/avatar'); return view('settings/appearance/avatar');
} }
public function background() public function background()
@ -151,18 +141,13 @@ class AppearanceController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::CHANGE_BACKGROUND)) { if (!ActiveUser::$user->permission(Site::CHANGE_BACKGROUND)) {
$message = "You aren't allowed to change your background."; $message = "You aren't allowed to change your background.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null; if (session_check()) {
if ($session) {
$background = $_FILES['background'] ?? null; $background = $_FILES['background'] ?? null;
$redirect = Router::route('settings.appearance.background'); $redirect = route('settings.appearance.background');
if ($background && $background['error'] !== UPLOAD_ERR_NO_FILE) { if ($background && $background['error'] !== UPLOAD_ERR_NO_FILE) {
$upload = $this->handleUpload('background', $_FILES['background']); $upload = $this->handleUpload('background', $_FILES['background']);
@ -172,12 +157,10 @@ class AppearanceController extends Controller
$message = "Deleted your background!"; $message = "Deleted your background!";
} }
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
return Template::render('settings/appearance/background'); return view('settings/appearance/background');
} }
public function header() public function header()
@ -185,18 +168,13 @@ class AppearanceController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::CHANGE_HEADER)) { if (!ActiveUser::$user->permission(Site::CHANGE_HEADER)) {
$message = "You aren't allowed to change your profile header."; $message = "You aren't allowed to change your profile header.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null; if (session_check()) {
if ($session) {
$header = $_FILES['header'] ?? null; $header = $_FILES['header'] ?? null;
$redirect = Router::route('settings.appearance.header'); $redirect = route('settings.appearance.header');
if ($header && $header['error'] !== UPLOAD_ERR_NO_FILE) { if ($header && $header['error'] !== UPLOAD_ERR_NO_FILE) {
$upload = $this->handleUpload('header', $_FILES['header']); $upload = $this->handleUpload('header', $_FILES['header']);
@ -206,12 +184,10 @@ class AppearanceController extends Controller
$message = "Deleted your header!"; $message = "Deleted your header!";
} }
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
return Template::render('settings/appearance/header'); return view('settings/appearance/header');
} }
public function userpage() public function userpage()
@ -220,50 +196,34 @@ class AppearanceController extends Controller
if (!( if (!(
ActiveUser::$user->page ActiveUser::$user->page
&& ActiveUser::$user->permission(Site::CHANGE_USERPAGE) && ActiveUser::$user->permission(Site::CHANGE_USERPAGE)
) || !ActiveUser::$user->permission(Site::CREATE_USERPAGE)) { ) && !ActiveUser::$user->permission(Site::CREATE_USERPAGE)) {
$message = "You aren't allowed to change your userpage."; $message = "You aren't allowed to change your userpage.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null;
$userpage = $_POST['userpage'] ?? null; $userpage = $_POST['userpage'] ?? null;
$maxLength = config('user.page_max');
$maxLength = 65535; if (session_check() && $userpage) {
$redirect = route('settings.appearance.userpage');
if ($session && $userpage) {
$redirect = Router::route('settings.appearance.userpage');
if ($session !== session_id()) {
$message = 'Your session expired!';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
if (strlen($userpage) > $maxLength) { if (strlen($userpage) > $maxLength) {
$message = 'Your userpage is too long, shorten it a little!'; $message = 'Your userpage is too long, shorten it a little!';
Template::vars(compact('message', 'redirect')); } else {
return Template::render('global/information'); DB::table('users')
->where('user_id', ActiveUser::$user->id)
->update([
'user_page' => $userpage,
]);
$message = 'Updated your userpage!';
} }
// Update database return view('global/information', compact('message', 'redirect'));
DB::table('users')
->where('user_id', ActiveUser::$user->id)
->update([
'user_page' => $userpage,
]);
$message = 'Updated your userpage!';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
Template::vars(compact('maxLength')); return view('settings/appearance/userpage', compact('maxLength'));
return Template::render('settings/appearance/userpage');
} }
public function signature() public function signature()
@ -271,47 +231,31 @@ class AppearanceController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::CHANGE_SIGNATURE)) { if (!ActiveUser::$user->permission(Site::CHANGE_SIGNATURE)) {
$message = "You aren't allowed to change your signature."; $message = "You aren't allowed to change your signature.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$session = $_POST['session'] ?? null;
$signature = $_POST['signature'] ?? null; $signature = $_POST['signature'] ?? null;
$maxLength = config('user.signature_max');
$maxLength = 500; if (session_check() && $signature) {
$redirect = route('settings.appearance.signature');
if ($session && $signature) {
$redirect = Router::route('settings.appearance.signature');
if ($session !== session_id()) {
$message = 'Your session expired!';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
if (strlen($signature) > $maxLength) { if (strlen($signature) > $maxLength) {
$message = 'Your signature is too long, shorten it a little!'; $message = 'Your signature is too long, shorten it a little!';
Template::vars(compact('message', 'redirect')); } else {
return Template::render('global/information'); DB::table('users')
->where('user_id', ActiveUser::$user->id)
->update([
'user_signature' => $signature,
]);
$message = 'Updated your signature!';
} }
// Update database return view('global/information', compact('message', 'redirect'));
DB::table('users')
->where('user_id', ActiveUser::$user->id)
->update([
'user_signature' => $signature,
]);
$message = 'Updated your signature!';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
Template::vars(compact('maxLength')); return view('settings/appearance/signature', compact('maxLength'));
return Template::render('settings/appearance/signature');
} }
} }

44
app/Controllers/Settings/Controller.php
View file

@ -23,21 +23,32 @@ class Controller extends BaseController
{ {
public function __construct() public function __construct()
{ {
$navigation = $this->navigation(); Template::vars(['navigation' => $this->navigation()]);
Template::vars(compact('navigation'));
} }
public function navigation() public function navigation()
{ {
$nav = []; $nav = [];
// General // Account
$nav["General"]["Home"] = Router::route('settings.general.home');
if (ActiveUser::$user->permission(Site::ALTER_PROFILE)) { if (ActiveUser::$user->permission(Site::ALTER_PROFILE)) {
$nav["General"]["Profile"] = Router::route('settings.general.profile'); $nav["Account"]["Profile"] = Router::route('settings.account.profile');
}
if (ActiveUser::$user->permission(Site::CHANGE_EMAIL)) {
$nav["Account"]["E-mail address"] = Router::route('settings.account.email');
}
if (ActiveUser::$user->permission(Site::CHANGE_USERNAME)) {
$nav["Account"]["Username"] = Router::route('settings.account.username');
}
if (ActiveUser::$user->permission(Site::CHANGE_USERTITLE)) {
$nav["Account"]["Title"] = Router::route('settings.account.title');
}
if (ActiveUser::$user->permission(Site::CHANGE_PASSWORD)) {
$nav["Account"]["Password"] = Router::route('settings.account.password');
}
if (ActiveUser::$user->permission(Site::ALTER_RANKS)) {
$nav["Account"]["Ranks"] = Router::route('settings.account.ranks');
} }
$nav["General"]["Options"] = Router::route('settings.general.options');
// Friends // Friends
if (ActiveUser::$user->permission(Site::MANAGE_FRIENDS)) { if (ActiveUser::$user->permission(Site::MANAGE_FRIENDS)) {
@ -45,8 +56,6 @@ class Controller extends BaseController
$nav["Friends"]["Requests"] = Router::route('settings.friends.requests'); $nav["Friends"]["Requests"] = Router::route('settings.friends.requests');
} }
// Groups
// Notifications // Notifications
$nav["Notifications"]["History"] = Router::route('settings.notifications.history'); $nav["Notifications"]["History"] = Router::route('settings.notifications.history');
@ -70,23 +79,6 @@ class Controller extends BaseController
$nav["Appearance"]["Signature"] = Router::route('settings.appearance.signature'); $nav["Appearance"]["Signature"] = Router::route('settings.appearance.signature');
} }
// Account
if (ActiveUser::$user->permission(Site::CHANGE_EMAIL)) {
$nav["Account"]["E-mail address"] = Router::route('settings.account.email');
}
if (ActiveUser::$user->permission(Site::CHANGE_USERNAME)) {
$nav["Account"]["Username"] = Router::route('settings.account.username');
}
if (ActiveUser::$user->permission(Site::CHANGE_USERTITLE)) {
$nav["Account"]["Title"] = Router::route('settings.account.title');
}
if (ActiveUser::$user->permission(Site::CHANGE_PASSWORD)) {
$nav["Account"]["Password"] = Router::route('settings.account.password');
}
if (ActiveUser::$user->permission(Site::ALTER_RANKS)) {
$nav["Account"]["Ranks"] = Router::route('settings.account.ranks');
}
// Advanced // Advanced
if (ActiveUser::$user->permission(Site::MANAGE_SESSIONS)) { if (ActiveUser::$user->permission(Site::MANAGE_SESSIONS)) {
$nav["Advanced"]["Sessions"] = Router::route('settings.advanced.sessions'); $nav["Advanced"]["Sessions"] = Router::route('settings.advanced.sessions');

20
app/Controllers/Settings/FriendsController.php
View file

@ -9,8 +9,6 @@ namespace Sakura\Controllers\Settings;
use Sakura\ActiveUser; use Sakura\ActiveUser;
use Sakura\Perms\Site; use Sakura\Perms\Site;
use Sakura\Router;
use Sakura\Template;
/** /**
* Friends settings. * Friends settings.
@ -25,14 +23,11 @@ class FriendsController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::MANAGE_FRIENDS)) { if (!ActiveUser::$user->permission(Site::MANAGE_FRIENDS)) {
$message = "You aren't allowed to manage friends."; $message = "You aren't allowed to manage friends.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
return Template::render('settings/friends/listing'); return view('settings/friends/listing');
} }
public function requests() public function requests()
@ -40,13 +35,10 @@ class FriendsController extends Controller
// Check permission // Check permission
if (!ActiveUser::$user->permission(Site::MANAGE_FRIENDS)) { if (!ActiveUser::$user->permission(Site::MANAGE_FRIENDS)) {
$message = "You aren't allowed to manage friends."; $message = "You aren't allowed to manage friends.";
$redirect = Router::route('settings.general.home'); $redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
return Template::render('settings/friends/requests'); return view('settings/friends/requests');
} }
} }

200
app/Controllers/Settings/GeneralController.php
View file

@ -1,200 +0,0 @@
<?php
/**
* Holds the general settings section controller.
*
* @package Sakura
*/
namespace Sakura\Controllers\Settings;
use Sakura\ActiveUser;
use Sakura\DB;
use Sakura\Perms\Site;
use Sakura\Router;
use Sakura\Template;
use stdClass;
/**
* General settings.
*
* @package Sakura
* @author Julian van de Groep <me@flash.moe>
*/
class GeneralController extends Controller
{
public function home()
{
return Template::render('settings/general/home');
}
public function profile()
{
// Check permission
if (!ActiveUser::$user->permission(Site::ALTER_PROFILE)) {
$message = "You aren't allowed to edit your profile!";
$redirect = Router::route('settings.general.home');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
// Get profile fields
$rawFields = DB::table('profilefields')
->get();
// Create output array
$fields = [];
// Iterate over the fields and clean them up
foreach ($rawFields as $fieldData) {
$field = new stdClass;
$field->id = clean_string($fieldData->field_name, true, true);
$field->name = $fieldData->field_name;
$field->type = $fieldData->field_type;
$field->link = $fieldData->field_link;
$field->format = $fieldData->field_linkformat;
$field->description = $fieldData->field_description;
$field->additional = json_decode($fieldData->field_additional, true);
$fields[$fieldData->field_id] = $field;
}
// Attempt to get the session value
$session = $_POST['session'] ?? null;
if ($session) {
$redirect = Router::route('settings.general.profile');
// Go over each field
foreach ($fields as $field) {
// Add to the store table
if (isset($_POST["profile_{$field->id}"])) {
DB::table('user_profilefields')
->insert([
'user_id' => ActiveUser::$user->id,
'field_name' => $field->id,
'field_value' => $_POST["profile_{$field->id}"],
]);
}
// Check if there's additional values we should keep in mind
if (!empty($field->additional)) {
// Go over each additional value
foreach ($field->additional as $addKey => $addVal) {
// Add to the array
$store = (isset($_POST["profile_additional_{$addKey}"]))
? $_POST["profile_additional_{$addKey}"]
: false;
DB::table('user_profilefields')
->insert([
'user_id' => ActiveUser::$user->id,
'field_name' => $addKey,
'field_value' => $store,
]);
}
}
}
// Birthdays
if (isset($_POST['birthday_day'])
&& isset($_POST['birthday_month'])
&& isset($_POST['birthday_year'])) {
$day = intval($_POST['birthday_day']);
$month = intval($_POST['birthday_month']);
$year = intval($_POST['birthday_year']);
// Check the values
if (!checkdate($month, $day, $year ? $year : 1)
|| $year > date("Y")
|| ($year != 0 && $year < (date("Y") - 100))) {
$message = "Your birthdate was considered invalid, everything else was saved though.";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
// Combine it into a YYYY-MM-DD format
$birthdate = implode(
'-',
[$_POST['birthday_year'], $_POST['birthday_month'], $_POST['birthday_day']]
);
DB::table('users')
->where('user_id', ActiveUser::$user->id)
->update([
'user_birthday' => $birthdate,
]);
}
$message = "Updated your profile!";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
Template::vars(compact('fields'));
return Template::render('settings/general/profile');
}
public function options()
{
// Get profile fields
$rawFields = DB::table('optionfields')
->get();
// Create output array
$fields = [];
// Iterate over the fields and clean them up
foreach ($rawFields as $fieldData) {
if (!ActiveUser::$user->permission(constant("Sakura\Perms\Site::{$fieldData->option_permission}"))) {
continue;
}
$field = new stdClass;
$field->id = $fieldData->option_id;
$field->name = $fieldData->option_name;
$field->description = $fieldData->option_description;
$field->type = $fieldData->option_type;
$field->permission = $fieldData->option_permission;
$fields[$fieldData->option_id] = $field;
}
// Attempt to get the session value
$session = $_POST['session'] ?? null;
if ($session) {
// Delete all option fields for this user
DB::table('user_optionfields')
->where('user_id', ActiveUser::$user->id)
->delete();
// Go over each field
foreach ($fields as $field) {
if (isset($_POST["option_{$field->id}"])) {
DB::table('user_optionfields')
->insert([
'user_id' => ActiveUser::$user->id,
'field_name' => $field->id,
'field_value' => $_POST["option_{$field->id}"],
]);
}
}
$message = "Updated your options!";
$redirect = Router::route('settings.general.options');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
Template::vars(compact('fields'));
return Template::render('settings/general/options');
}
}

27
app/Controllers/Settings/GroupsController.php
View file

@ -1,27 +0,0 @@
<?php
/**
* Holds the groups section controller.
*
* @package Sakura
*/
namespace Sakura\Controllers\Settings;
/**
* Group settings.
*
* @package Sakura
* @author Julian van de Groep <me@flash.moe>
*/
class GroupsController extends Controller
{
public function listing()
{
return "";
}
public function invites()
{
return "";
}
}

4
app/Controllers/Settings/NotificationsController.php
View file

@ -7,8 +7,6 @@
namespace Sakura\Controllers\Settings; namespace Sakura\Controllers\Settings;
use Sakura\Template;
/** /**
* Notification settings. * Notification settings.
* *
@ -19,6 +17,6 @@ class NotificationsController extends Controller
{ {
public function history() public function history()
{ {
return Template::render('settings/notifications/history'); return view('settings/notifications/history');
} }
} }

249
app/User.php
View file

@ -165,6 +165,83 @@ class User
*/ */
public $signature = ''; public $signature = '';
/**
* Whether the user's background should be displayed sitewide.
*
* @var bool
*/
public $backgroundSitewide = false;
/**
* The user's website url.
*
* @var string
*/
public $website = '';
/**
* The user's twitter handle.
*
* @var string
*/
public $twitter = '';
/**
* The user's github username.
*
* @var string
*/
public $github = '';
/**
* The user's skype username.
*
* @var string
*/
public $skype = '';
/**
* The user's discord tag.
*
* @var string
*/
public $discord = '';
/**
* The user's youtube channel id/name.
*
* @var string
*/
public $youtube = '';
/**
* The thing that indicates if it's an id or a name.
*
* @var int
*/
public $youtubeType = 0;
/**
* The user's steam community username.
*
* @var string
*/
public $steam = '';
/**
* The user's osu! username.
*
* @var string
*/
public $osu = '';
/**
* The user's lastfm username.
*
* @var string
*/
public $lastfm = '';
/** /**
* The user's birthday. * The user's birthday.
* *
@ -179,20 +256,6 @@ class User
*/ */
private $permissions; private $permissions;
/**
* The user's option fields.
*
* @var array
*/
private $optionFields = null;
/**
* The user's profile fields.
*
* @var array
*/
private $profileFields = null;
/** /**
* The User instance cache array. * The User instance cache array.
* *
@ -281,24 +344,35 @@ class User
// Populate the variables // Populate the variables
if ($userRow) { if ($userRow) {
$userRow = $userRow[0]; $userRow = $userRow[0];
$this->id = $userRow->user_id; $this->id = intval($userRow->user_id);
$this->username = $userRow->username; $this->username = $userRow->username;
$this->usernameClean = $userRow->username_clean; $this->usernameClean = $userRow->username_clean;
$this->password = $userRow->password; $this->password = $userRow->password;
$this->passwordChan = $userRow->password_chan; $this->passwordChan = intval($userRow->password_chan);
$this->email = $userRow->email; $this->email = $userRow->email;
$this->mainRankId = $userRow->rank_main; $this->mainRankId = intval($userRow->rank_main);
$this->colour = $userRow->user_colour; $this->colour = $userRow->user_colour;
$this->title = $userRow->user_title; $this->title = $userRow->user_title;
$this->registered = $userRow->user_registered; $this->registered = intval($userRow->user_registered);
$this->lastOnline = $userRow->user_last_online; $this->lastOnline = intval($userRow->user_last_online);
$this->birthday = $userRow->user_birthday; $this->birthday = $userRow->user_birthday;
$this->country = $userRow->user_country; $this->country = $userRow->user_country;
$this->avatar = $userRow->user_avatar; $this->avatar = intval($userRow->user_avatar);
$this->background = $userRow->user_background; $this->background = intval($userRow->user_background);
$this->header = $userRow->user_header; $this->header = intval($userRow->user_header);
$this->page = $userRow->user_page; $this->page = $userRow->user_page;
$this->signature = $userRow->user_signature; $this->signature = $userRow->user_signature;
$this->backgroundSitewide = boolval($userRow->user_background_sitewide);
$this->website = $userRow->user_website;
$this->twitter = $userRow->user_twitter;
$this->github = $userRow->user_github;
$this->skype = $userRow->user_skype;
$this->discord = $userRow->user_discord;
$this->youtube = $userRow->user_youtube;
$this->youtubeType = intval($userRow->user_youtube_type);
$this->steam = $userRow->user_steam;
$this->osu = $userRow->user_osu;
$this->lastfm = $userRow->user_lastfm;
// Temporary backwards compatible IP storage system // Temporary backwards compatible IP storage system
try { try {
@ -777,137 +851,6 @@ class User
return $comments; return $comments;
} }
/**
* Get the user's profile fields.
*
* @return array The profile fields.
*/
public function profileFields()
{
// Check if we have cached data
if ($this->profileFields) {
return $this->profileFields;
}
// Create array and get values
$profile = [];
$profileFields = DB::table('profilefields')
->get();
$profileValuesRaw = DB::table('user_profilefields')
->where('user_id', $this->id)
->get();
$profileValues = array_column($profileValuesRaw, 'field_value', 'field_name');
// Check if anything was returned
if (!$profileFields || !$profileValues) {
return $profile;
}
// Check if profile fields aren't fake
foreach ($profileFields as $field) {
// Completely strip all special characters from the field name
$fieldName = clean_string($field->field_name, true, true);
// Check if the user has the current field set otherwise continue
if (!array_key_exists($fieldName, $profileValues)) {
continue;
}
// Assign field to output with value
$profile[$fieldName] = [];
$profile[$fieldName]['name'] = $field->field_name;
$profile[$fieldName]['value'] = $profileValues[$fieldName];
$profile[$fieldName]['islink'] = $field->field_link;
// If the field is set to be a link add a value for that as well
if ($field->field_link) {
$profile[$fieldName]['link'] = str_replace(
'{{ VAL }}',
$profileValues[$fieldName],
$field->field_linkformat
);
}
// Check if we have additional options as well
if (!empty($field->field_additional)) {
// Decode the json of the additional stuff
$additional = json_decode($field->field_additional, true);
// Go over all additional forms
foreach ($additional as $subName => $subField) {
// Check if the user has the current field set otherwise continue
if (!array_key_exists($subName, $profileValues)) {
continue;
}
// Assign field to output with value
$profile[$fieldName][$subName] = $profileValues[$subName];
}
}
}
// Assign cache
$this->profileFields = $profile;
// Return appropiate profile data
return $profile;
}
/**
* Get a user's option fields.
*
* @return array The array containing the fields.
*/
public function optionFields()
{
// Check if we have cached data
if ($this->optionFields) {
return $this->optionFields;
}
// Create array and get values
$options = [];
$optionFields = DB::table('optionfields')
->get();
$optionValuesRaw = DB::table('user_optionfields')
->where('user_id', $this->id)
->get();
$optionValues = array_column($optionValuesRaw, 'field_value', 'field_name');
// Check if anything was returned
if (!$optionFields || !$optionValues) {
return $options;
}
// Check if option fields aren't fake
foreach ($optionFields as $field) {
// Check if the user has the current field set otherwise continue
if (!array_key_exists($field->option_id, $optionValues)) {
continue;
}
// Make sure the user has the proper permissions to use this option
if (!$this->permission(constant('Sakura\Perms\Site::' . $field->option_permission))) {
continue;
}
// Assign field to output with value
$options[$field->option_id] = $optionValues[$field->option_id];
}
// Assign cache
$this->optionFields = $options;
// Return appropiate option data
return $options;
}
/** /**
* Add premium in seconds. * Add premium in seconds.
* *

9
config/config.example.ini
View file

@ -80,9 +80,6 @@ twig_debug = false
; Show a small version of the changelog loaded from sakura.flash.moe ; Show a small version of the changelog loaded from sakura.flash.moe
show_changelog = false show_changelog = false
; Enable twig debug mode
twig_debug = false
; Host for the mahou serve command ; Host for the mahou serve command
host = localhost:8000 host = localhost:8000
@ -151,6 +148,12 @@ name_reserve = 90
; How long a user should be inactive till another person can use their name ; How long a user should be inactive till another person can use their name
name_takeover = 365 name_takeover = 365
; Max length of a signature
signature_max = 500
; Max length of a userpage
page_max = 65535
; Premium settings ; Premium settings
[premium] [premium]
max_months_at_once = 24 max_months_at_once = 24

9
database/2013_01_27_221444_base_tables.php
View file

@ -3,9 +3,6 @@ use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint; use Illuminate\Database\Schema\Blueprint;
use Sakura\DB; use Sakura\DB;
// this is based on what is in the live flashii table at the
// moment this migration was created to avoid merge conflicts.
class BaseTables extends Migration class BaseTables extends Migration
{ {
/** /**
@ -451,11 +448,9 @@ class BaseTables extends Migration
$table->integer('user_id') $table->integer('user_id')
->unsigned(); ->unsigned();
$table->string('field_name', 255) $table->string('field_name', 255);
->comment('Identifier of the field');
$table->string('field_value', 255) $table->string('field_value', 255);
->comment('Value of the field');
}); });
$schema->create('user_ranks', function (Blueprint $table) { $schema->create('user_ranks', function (Blueprint $table) {

141
database/2016_08_02_204141_move_options_and_profile_into_users.php Normal file
View file

@ -0,0 +1,141 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Sakura\DB;
class MoveOptionsAndProfileIntoUsers extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
$schema = DB::getSchemaBuilder();
$schema->drop('optionfields');
$schema->drop('profilefields');
$schema->drop('user_optionfields');
$schema->drop('user_profilefields');
$schema->table('users', function (Blueprint $table) {
$table->tinyInteger('user_background_sitewide')
->default(0);
$table->string('user_website', 255)
->nullable()
->default(null);
$table->string('user_twitter', 255)
->nullable()
->default(null);
$table->string('user_github', 255)
->nullable()
->default(null);
$table->string('user_skype', 255)
->nullable()
->default(null);
$table->string('user_discord', 255)
->nullable()
->default(null);
$table->string('user_youtube', 255)
->nullable()
->default(null);
$table->tinyInteger('user_youtube_type')
->default(0);
$table->string('user_steam', 255)
->nullable()
->default(null);
$table->string('user_osu', 255)
->nullable()
->default(null);
$table->string('user_lastfm', 255)
->nullable()
->default(null);
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
$schema = DB::getSchemaBuilder();
$schema->table('users', function (Blueprint $table) {
$table->dropColumn([
'user_background_sitewide',
'user_website',
'user_twitter',
'user_github',
'user_skype',
'user_discord',
'user_youtube',
'user_youtube_type',
'user_steam',
'user_osu',
'user_lastfm',
]);
});
$schema->create('optionfields', function (Blueprint $table) {
$table->string('option_id', 255)
->unique();
$table->string('option_name', 255);
$table->string('option_description', 255);
$table->string('option_type', 255);
$table->string('option_permission', 255);
});
$schema->create('profilefields', function (Blueprint $table) {
$table->increments('field_id')
->unsigned();
$table->string('field_name', 255);
$table->string('field_type', 255);
$table->tinyInteger('field_link')
->unsigned();
$table->string('field_linkformat', 255);
$table->string('field_description', 255);
$table->string('field_additional', 255);
});
$schema->create('user_optionfields', function (Blueprint $table) {
$table->integer('user_id')
->unsigned();
$table->string('field_name', 255);
$table->string('field_value', 255);
});
$schema->create('user_profilefields', function (Blueprint $table) {
$table->integer('user_id')
->unsigned();
$table->string('field_name', 255);
$table->string('field_value', 255);
});
}
}

2
resources/views/yuuno/master.twig
View file

@ -83,7 +83,7 @@
</div> </div>
<div id="contentwrapper"> <div id="contentwrapper">
<div id="notifications"></div> <div id="notifications"></div>
{% if profile is defined ? profile.background : (user.permission(constant('Sakura\\Perms\\Site::CHANGE_BACKGROUND')) and user.optionFields.profileBackgroundSiteWide and user.background) %} {% if profile is defined ? profile.background : (user.permission(constant('Sakura\\Perms\\Site::CHANGE_BACKGROUND')) and user.backgroundSitewide and user.background) %}
<div id="userBackground" style="background-image: url('{{ route('file.background', (profile is defined ? profile : user).id) }}');"></div> <div id="userBackground" style="background-image: url('{{ route('file.background', (profile is defined ? profile : user).id) }}');"></div>
{% endif %} {% endif %}
{% if not user.isActive and server['REQUEST_URI'] != route('auth.login') %} {% if not user.isActive and server['REQUEST_URI'] != route('auth.login') %}

140
resources/views/yuuno/settings/account/profile.twig Normal file
View file

@ -0,0 +1,140 @@
{% extends 'settings/account/master.twig' %}
{% set mode = 'Profile' %}
{% block description %}
<p>These are the external account links etc. on your profile, shouldn't need any additional explanation for this one.</p>
{% endblock %}
{% set months = [
"January",
"February",
"March",
"April",
"May",
"June",
"July",
"August",
"September",
"October",
"November",
"December",
] %}
{% set fields = {
"website": {
"title": "Website",
"type": "url",
"placeholder": "The url of your site, personal blog, anything you want!",
"name": "profile_website",
"value": user.website,
},
"twitter": {
"title": "Twitter",
"type": "text",
"placeholder": "The true shitpost platform.",
"name": "profile_twitter",
"value": user.twitter,
},
"github": {
"title": "GitHub",
"type": "text",
"placeholder": "So we can find you on there too!",
"name": "profile_github",
"value": user.github,
},
"skype": {
"title": "Skype",
"type": "text",
"placeholder": "Because people still use it for some reason...",
"name": "profile_skype",
"value": user.skype,
},
"discord": {
"title": "Discord",
"type": "text",
"placeholder": "Somehow way better than Skype.",
"name": "profile_discord",
"value": user.discord,
},
"youtube": {
"title": "YouTube",
"type": "text",
"placeholder": "Share your room tours with the world!",
"name": "profile_youtube",
"value": user.youtube,
},
"steam": {
"title": "Steam",
"type": "text",
"placeholder": "Something something video games.",
"name": "profile_steam",
"value": user.steam,
},
"osu": {
"title": "osu!",
"type": "text",
"placeholder": "Click circles like a mad motherfucker!",
"name": "profile_osu",
"value": user.osu,
},
"lastfm": {
"title": "Last.fm",
"type": "text",
"placeholder": "Somehow WAYLT threads made for a good business model.",
"name": "profile_lastfm",
"value": user.lastfm,
},
} %}
{% set birthday = user.birthday|split('-') %}
{% block settingsContent %}
<form enctype="multipart/form-data" method="post" action="{{ route('settings.account.profile') }}">
{% for id, vars in fields %}
<div class="profile-field {{ id }}">
<div>
<h2>{{ vars.title }}</h2>
</div>
<div>
<input class="inputStyling"
{% for name, value in vars %}
{% if name != 'title' %}
{{ name }}="{{ value }}"
{% endif %}
{% endfor %}
>
</div>
</div>
{% endfor %}
<div class="profile-field birthday">
<div>
<h2>Birthday</h2>
</div>
<div style="text-align: center;">
Day: <select name="birthday_day">
<option value="0"{% if not birthday[2] %} selected="selected"{% endif %}>--</option>
{% for i in 1..31 %}
<option{% if birthday[2] == i %} selected="selected"{% endif %}>{{ i }}</option>
{% endfor %}
</select>
Month: <select name="birthday_month">
<option value="0"{% if not birthday[1] %} selected="selected"{% endif %}>--</option>
{% for i in 1..12 %}
<option value="{{ i }}"{% if birthday[1] == i %} selected="selected"{% endif %}>{{ months[i - 1] }}</option>
{% endfor %}
</select>
Year: <select name="birthday_year">
<option value="0"{% if not birthday[0] %} selected="selected"{% endif %}>----</option>
{% for i in "now"|date('Y')..("now"|date('Y') - 100) %}
<option{% if birthday[0] == i %} selected="selected"{% endif %}>{{ i }}</option>
{% endfor %}
</select>
</div>
</div>
<div class="profile-save">
<button name="session" value="{{ session_id() }}" class="inputStyling">Save</button>
<button type="reset" class="inputStyling">Reset</button>
</div>
</form>
{% endblock %}

2
resources/views/yuuno/settings/friends/listing.twig
View file

@ -1,4 +1,4 @@
{% extends 'settings/general/master.twig' %} {% extends 'settings/friends/master.twig' %}
{% set friends = user.friends(1)|batch(12) %} {% set friends = user.friends(1)|batch(12) %}

2
resources/views/yuuno/settings/friends/requests.twig
View file

@ -1,4 +1,4 @@
{% extends 'settings/general/master.twig' %} {% extends 'settings/friends/master.twig' %}
{% set friends = user.friends(-1)|batch(12) %} {% set friends = user.friends(-1)|batch(12) %}

25
resources/views/yuuno/settings/general/home.twig
View file

@ -1,25 +0,0 @@
{% extends 'settings/general/master.twig' %}
{% set mode = 'Home' %}
{% block description %}
<p>Welcome to the Settings Panel! From here you can monitor, view and update your profile and preferences.</p>
{% endblock %}
{% block settingsContent %}
<div style="margin: 5px;">
<h1 class="stylised">Common Tasks</h1>
<h2>Profile</h2>
<ul>
<li><a href="{{ route('settings.appearance.avatar') }}" class="default">Change Avatar</a></li>
<li><a href="{{ route('settings.appearance.userpage') }}" class="default">Change Userpage</a></li>
<li><a href="{{ route('settings.appearance.signature') }}" class="default">Change Signature</a></li>
<li><a href="{{ route('settings.general.profile') }}" class="default">Change Profile Details</a></li>
</ul>
<h2>Account</h2>
<ul>
<li><a href="{{ route('settings.advanced.sessions') }}" class="default">Manage Active Sessions</a></li>
<li><a href="{{ route('settings.account.password') }}" class="default">Change Password</a></li>
</ul>
</div>
{% endblock %}

3
resources/views/yuuno/settings/general/master.twig
View file

@ -1,3 +0,0 @@
{% extends 'settings/master.twig' %}
{% set category = 'General' %}

33
resources/views/yuuno/settings/general/options.twig
View file

@ -1,33 +0,0 @@
{% extends 'settings/general/master.twig' %}
{% set mode = 'Options' %}
{% block description %}
<p>These are a few personalisation options for the site while you're logged in.</p>
{% endblock %}
{% block settingsContent %}
{% if fields %}
<form enctype="multipart/form-data" method="post" action="{{ route('settings.general.options') }}">
{% for field in fields %}
<div class="profile-field">
<div>
<h2>{{ field.name }}</h2>
<div style="font-size: .8em; line-height: 110%;">
{{ field.description }}
</div>
</div>
<div style="padding: 8px 0;">
<input type="{{ field.type }}" name="option_{{ field.id }}" class="inputStyling"{% if user.optionFields[field.id] %}{% if field.type == 'checkbox' and user.optionFields[field.id] %} checked="checked" value="option_{{ field.id }}"{% else %} value="{{ user.optionFields[field.id] }}"{% endif %}{% endif %}>
</div>
</div>
{% endfor %}
<div class="profile-save">
<button name="session" value="{{ session_id() }}" class="inputStyling">Save</button>
<button type="reset" class="inputStyling">Reset</button>
</div>
</form>
{% else %}
<h1 class="stylised" style="margin: 2em auto; text-align: center;">There are currently no changeable options.</h1>
{% endif %}
{% endblock %}

76
resources/views/yuuno/settings/general/profile.twig
View file

@ -1,76 +0,0 @@
{% extends 'settings/general/master.twig' %}
{% set mode = 'Profile' %}
{% block description %}
<p>These are the external account links etc. on your profile, shouldn't need any additional explanation for this one.</p>
{% endblock %}
{% set months = {
1: "January",
2: "February",
3: "March",
4: "April",
5: "May",
6: "June",
7: "July",
8: "August",
9: "September",
10: "October",
11: "November",
12: "December",
} %}
{% set birthday = user.birthday|split('-') %}
{% block settingsContent %}
<form enctype="multipart/form-data" method="post" action="{{ route('settings.general.profile') }}">
{% for field in fields %}
<div class="profile-field" id="{{ field.id }}">
<div>
<h2>{{ field.name }}</h2>
</div>
<div>
<input type="{{ field.type }}" name="profile_{{ field.id }}" class="inputStyling" placeholder="{{ field.description }}"{% if user.profileFields[field.id].value %}{% if field.type == 'checkbox' and user.profileFields[field.id].value == 'true' %} checked="checked" value="profile_{{ field.id }}"{% else %} value="{{ user.profileFields[field.id].value }}"{% endif %}{% endif %}>
</div>
{% if field.additional %}
{% for id,addit in field.additional %}
<div>
<input type="{{ addit[0] }}" id="{{ id }}" name="profile_additional_{{ id }}"{% if user.profileFields[field.id][id] %}{% if addit[0] == 'checkbox' and user.profileFields[field.id][id] == true %} checked="checked"{% else %} value="{{ user.profileFields[field.id][id] }}"{% endif %}{% endif %}>
<label for="{{ id }}" style="font-size: 10px;">{{ addit[1]|raw }}</label>
</div>
{% endfor %}
{% endif %}
</div>
{% endfor %}
<div class="profile-field birthday">
<div>
<h2>Birthday</h2>
</div>
<div style="text-align: center;">
Day: <select name="birthday_day">
<option value="0"{% if not birthday[2] %} selected="selected"{% endif %}>--</option>
{% for i in 1..31 %}
<option value="{{ i }}"{% if birthday[2] == i %} selected="selected"{% endif %}>{{ i }}</option>
{% endfor %}
</select>
Month: <select name="birthday_month">
<option value="0"{% if not birthday[1] %} selected="selected"{% endif %}>--</option>
{% for i in 1..12 %}
<option value="{{ i }}"{% if birthday[1] == i %} selected="selected"{% endif %}>{{ months[i] }}</option>
{% endfor %}
</select>
Year: <select name="birthday_year">
<option value="0"{% if not birthday[0] %} selected="selected"{% endif %}>----</option>
{% for i in "now"|date('Y')..("now"|date('Y') - 100) %}
<option value="{{ i }}"{% if birthday[0] == i %} selected="selected"{% endif %}>{{ i }}</option>
{% endfor %}
</select>
</div>
</div>
<div class="profile-save">
<button name="session" value="{{ session_id() }}" class="inputStyling">Save</button>
<button type="reset" class="inputStyling">Reset</button>
</div>
</form>
{% endblock %}

2
resources/views/yuuno/user/profile.twig
View file

@ -111,7 +111,7 @@
{% if user.isActive %} {% if user.isActive %}
<div class="new-profile-actions"> <div class="new-profile-actions">
{% if user.id == profile.id %} {% if user.id == profile.id %}
<a class="fa fa-pencil-square-o" title="Edit your profile" href="{{ route('settings.general.profile') }}"></a> <a class="fa fa-pencil-square-o" title="Edit your profile" href="{{ route('settings.account.profile') }}"></a>
{% else %} {% else %}
{% if user.isFriends(profile.id) != 0 %}<a class="fa fa-{% if user.isFriends(profile.id) == 2 %}heart{% else %}star{% endif %}" title="You are friends"></a>{% endif %} {% if user.isFriends(profile.id) != 0 %}<a class="fa fa-{% if user.isFriends(profile.id) == 2 %}heart{% else %}star{% endif %}" title="You are friends"></a>{% endif %}
<a class="fa fa-user-{% if user.isFriends(profile.id) == 0 %}plus{% else %}times{% endif %}" title="{% if user.isFriends(profile.id) == 0 %}Add {{ profile.username }} as a friend{% else %}Remove friend{% endif %}" href="javascript:void(0);" onclick="Sakura.Friend.{% if user.isFriends(profile.id) == 0 %}Add({{ profile.id }}){% else %}Remove({{ profile.id }}){% endif %}"></a> <a class="fa fa-user-{% if user.isFriends(profile.id) == 0 %}plus{% else %}times{% endif %}" title="{% if user.isFriends(profile.id) == 0 %}Add {{ profile.username }} as a friend{% else %}Remove friend{% endif %}" href="javascript:void(0);" onclick="Sakura.Friend.{% if user.isFriends(profile.id) == 0 %}Add({{ profile.id }}){% else %}Remove({{ profile.id }}){% endif %}"></a>

59
routes.php
View file

@ -206,22 +206,29 @@ Router::group(['before' => 'maintenance'], function () {
// Settings // Settings
Router::group(['prefix' => 'settings', 'before' => 'loginCheck'], function () { Router::group(['prefix' => 'settings', 'before' => 'loginCheck'], function () {
Router::get('/', function () { Router::get('/', function () {
$route = Router::route('settings.general.home'); $route = Router::route('settings.account.profile');
return header("Location: {$route}"); return header("Location: {$route}");
}, 'settings.index'); }, 'settings.index');
// General section // Account section
Router::group(['prefix' => 'general'], function () { Router::group(['prefix' => 'account'], function () {
Router::get('/', function () { Router::get('/', function () {
$route = Router::route('settings.general.home'); $route = Router::route('settings.account.profile');
return header("Location: {$route}"); return header("Location: {$route}");
}); });
Router::get('/home', 'Settings.GeneralController@home', 'settings.general.home'); Router::get('/profile', 'Settings.AccountController@profile', 'settings.account.profile');
Router::get('/profile', 'Settings.GeneralController@profile', 'settings.general.profile'); Router::post('/profile', 'Settings.AccountController@profile', 'settings.account.profile');
Router::post('/profile', 'Settings.GeneralController@profile', 'settings.general.profile'); Router::get('/email', 'Settings.AccountController@email', 'settings.account.email');
Router::get('/options', 'Settings.GeneralController@options', 'settings.general.options'); Router::post('/email', 'Settings.AccountController@email', 'settings.account.email');
Router::post('/options', 'Settings.GeneralController@options', 'settings.general.options'); Router::get('/username', 'Settings.AccountController@username', 'settings.account.username');
Router::post('/username', 'Settings.AccountController@username', 'settings.account.username');
Router::get('/title', 'Settings.AccountController@title', 'settings.account.title');
Router::post('/title', 'Settings.AccountController@title', 'settings.account.title');
Router::get('/password', 'Settings.AccountController@password', 'settings.account.password');
Router::post('/password', 'Settings.AccountController@password', 'settings.account.password');
Router::get('/ranks', 'Settings.AccountController@ranks', 'settings.account.ranks');
Router::post('/ranks', 'Settings.AccountController@ranks', 'settings.account.ranks');
}); });
// Friends section // Friends section
@ -235,17 +242,6 @@ Router::group(['before' => 'maintenance'], function () {
Router::get('/requests', 'Settings.FriendsController@requests', 'settings.friends.requests'); Router::get('/requests', 'Settings.FriendsController@requests', 'settings.friends.requests');
}); });
// Groups section
Router::group(['prefix' => 'groups'], function () {
Router::get('/', function () {
$route = Router::route('settings.groups.listing');
return header("Location: {$route}");
});
Router::get('/listing', 'Settings.GroupsController@listing', 'settings.groups.listing');
Router::get('/invites', 'Settings.GroupsController@invites', 'settings.groups.invites');
});
// Notifications section // Notifications section
Router::group(['prefix' => 'notifications'], function () { Router::group(['prefix' => 'notifications'], function () {
Router::get('/', function () { Router::get('/', function () {
@ -275,25 +271,6 @@ Router::group(['before' => 'maintenance'], function () {
Router::post('/signature', 'Settings.AppearanceController@signature', 'settings.appearance.signature'); Router::post('/signature', 'Settings.AppearanceController@signature', 'settings.appearance.signature');
}); });
// Account section
Router::group(['prefix' => 'account'], function () {
Router::get('/', function () {
$route = Router::route('settings.account.email');
return header("Location: {$route}");
});
Router::get('/email', 'Settings.AccountController@email', 'settings.account.email');
Router::post('/email', 'Settings.AccountController@email', 'settings.account.email');
Router::get('/username', 'Settings.AccountController@username', 'settings.account.username');
Router::post('/username', 'Settings.AccountController@username', 'settings.account.username');
Router::get('/title', 'Settings.AccountController@title', 'settings.account.title');
Router::post('/title', 'Settings.AccountController@title', 'settings.account.title');
Router::get('/password', 'Settings.AccountController@password', 'settings.account.password');
Router::post('/password', 'Settings.AccountController@password', 'settings.account.password');
Router::get('/ranks', 'Settings.AccountController@ranks', 'settings.account.ranks');
Router::post('/ranks', 'Settings.AccountController@ranks', 'settings.account.ranks');
});
// Advanced section // Advanced section
Router::group(['prefix' => 'advanced'], function () { Router::group(['prefix' => 'advanced'], function () {
Router::get('/', function () { Router::get('/', function () {
@ -311,7 +288,7 @@ Router::group(['before' => 'maintenance'], function () {
// Settings // Settings
Router::group(['prefix' => 'manage', 'before' => 'loginCheck'], function () { Router::group(['prefix' => 'manage', 'before' => 'loginCheck'], function () {
Router::get('/', function () { Router::get('/', function () {
$route = Router::route('manage.overview'); $route = Router::route('manage.overview.index');
return header("Location: {$route}"); return header("Location: {$route}");
}, 'manage.index'); }, 'manage.index');
@ -320,7 +297,7 @@ Router::group(['before' => 'maintenance'], function () {
Router::get('/', function () { Router::get('/', function () {
$route = Router::route('manage.overview.index'); $route = Router::route('manage.overview.index');
return header("Location: {$route}"); return header("Location: {$route}");
}, 'manage.overview'); });
Router::get('/index', 'Manage.OverviewController@index', 'manage.overview.index'); Router::get('/index', 'Manage.OverviewController@index', 'manage.overview.index');
Router::get('/data', 'Manage.OverviewController@data', 'manage.overview.data'); Router::get('/data', 'Manage.OverviewController@data', 'manage.overview.data');