flash/sakura
flash/sakura
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

minimise the use of the global infromation page

Browse source
This commit is contained in:
flash 2016-09-10 17:05:54 +02:00
parent 2982c9fc36
commit 508d6a930d
14 changed files with 191 additions and 396 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

298
app/Controllers/AuthController.php
View file

@ -12,8 +12,6 @@ use Sakura\CurrentSession;
use Sakura\DB; use Sakura\DB;
use Sakura\Net; use Sakura\Net;
use Sakura\Perms\Site; use Sakura\Perms\Site;
use Sakura\Router;
use Sakura\Template;
use Sakura\User; use Sakura\User;
/** /**
@ -47,11 +45,8 @@ class AuthController extends Controller
{ {
if (!session_check('s')) { if (!session_check('s')) {
$message = 'Validation failed, this logout attempt was possibly forged.'; $message = 'Validation failed, this logout attempt was possibly forged.';
$redirect = (isset($_REQUEST['redirect']) ? $_REQUEST['redirect'] : Router::route('main.index')); $redirect = $_REQUEST['redirect'] ?? route('main.index');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Destroy the active session // Destroy the active session
@ -59,30 +54,22 @@ class AuthController extends Controller
// Return true indicating a successful logout // Return true indicating a successful logout
$message = 'Goodbye!'; $message = 'Goodbye!';
$redirect = Router::route('auth.login'); $redirect = route('auth.login');
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
/** /**
* Get the login page. * Login page.
* @return string * @return string
*/ */
public function loginGet() public function login()
{ {
return Template::render('auth/login'); if (!session_check()) {
} return view('auth/login');
}
/**
* Do a login attempt.
* @return string
*/
public function loginPost()
{
// Preliminarily set login to failed // Preliminarily set login to failed
$redirect = Router::route('auth.login'); $redirect = route('auth.login');
// Get request variables // Get request variables
$username = $_REQUEST['username'] ?? null; $username = $_REQUEST['username'] ?? null;
@ -98,9 +85,7 @@ class AuthController extends Controller
if ($rates > 4) { if ($rates > 4) {
$message = 'Your have hit the login rate limit, try again later.'; $message = 'Your have hit the login rate limit, try again later.';
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
// Get account data // Get account data
@ -110,35 +95,27 @@ class AuthController extends Controller
if ($user->id === 0) { if ($user->id === 0) {
$this->touchRateLimit($user->id); $this->touchRateLimit($user->id);
$message = 'The user you tried to log into does not exist.'; $message = 'The user you tried to log into does not exist.';
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
if ($user->passwordExpired()) { if ($user->passwordExpired()) {
$message = 'Your password expired.'; $message = 'Your password expired.';
$redirect = Router::route('auth.resetpassword'); $redirect = route('auth.resetpassword');
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
if (!$user->verifyPassword($password)) { if (!$user->verifyPassword($password)) {
$this->touchRateLimit($user->id); $this->touchRateLimit($user->id);
$message = 'The password you entered was invalid.'; $message = 'The password you entered was invalid.';
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
// Check if the user has the required privs to log in // Check if the user has the required privs to log in
if ($user->permission(Site::DEACTIVATED)) { if ($user->permission(Site::DEACTIVATED)) {
$this->touchRateLimit($user->id); $this->touchRateLimit($user->id);
$message = 'Your account is deactivated, activate it first!'; $message = 'Your account is deactivated, activate it first!';
$redirect = Router::route('auth.reactivate'); $redirect = route('auth.reactivate');
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
// Generate a session key // Generate a session key
@ -168,72 +145,51 @@ class AuthController extends Controller
$this->touchRateLimit($user->id, true); $this->touchRateLimit($user->id, true);
$redirect = $user->lastOnline $redirect = $user->lastOnline ? ($_REQUEST['redirect'] ?? route('main.index')) : route('info.welcome');
? (isset($_REQUEST['redirect'])
? $_REQUEST['redirect']
: route('main.index'))
: route('info.welcome');
$message = 'Welcome' . ($user->lastOnline ? ' back' : '') . '!'; $message = 'Welcome' . ($user->lastOnline ? ' back' : '') . '!';
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
}
/**
* Get the registration page.
* @return string
*/
public function registerGet()
{
// Attempt to check if a user has already registered from the current IP
$getUserIP = DB::table('users')
->where('register_ip', Net::pton(Net::ip()))
->orWhere('last_ip', Net::pton(Net::ip()))
->get();
if ($getUserIP) {
Template::vars([
'haltRegistration' => count($getUserIP) > 1,
'haltName' => $getUserIP[array_rand($getUserIP)]->username,
]);
}
return Template::render('auth/register');
} }
/** /**
* Do a registration attempt. * Do a registration attempt.
* @return string * @return string
*/ */
public function registerPost() public function register()
{ {
// Preliminarily set registration to failed // Preliminarily set registration to failed
$redirect = Router::route('auth.register'); $redirect = route('auth.register');
// Check if authentication is disallowed // Check if authentication is disallowed
if (config('user.disable_registration')) { if (config('user.disable_registration')) {
$message = 'Registration is disabled for security checkups! Try again later.'; $message = 'Registration is disabled for security checkups! Try again later.';
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Check if authentication is disallowed
if (!session_check()) { if (!session_check()) {
$message = "Your session expired, refreshing the page will most likely fix this!"; // Attempt to check if a user has already registered from the current IP
$getUserIP = DB::table('users')
->where('register_ip', Net::pton(Net::ip()))
->orWhere('last_ip', Net::pton(Net::ip()))
->get();
Template::vars(compact('message', 'redirect')); $vars = [];
return Template::render('global/information'); if ($getUserIP) {
$vars = [
'haltRegistration' => count($getUserIP) > 1,
'haltName' => $getUserIP[array_rand($getUserIP)]->username,
];
}
return view('auth/register', $vars);
} }
// Grab forms // Grab forms
$username = isset($_POST['username']) ? $_POST['username'] : null; $username = $_POST['username'] ?? null;
$password = isset($_POST['password']) ? $_POST['password'] : null; $password = $_POST['password'] ?? null;
$email = isset($_POST['email']) ? $_POST['email'] : null; $email = $_POST['email'] ?? null;
// Append username and email to the redirection url // Append username and email to the redirection url
$redirect .= "?username={$username}&email={$email}"; $redirect .= "?username={$username}&email={$email}";
@ -245,46 +201,31 @@ class AuthController extends Controller
if ($user && $user->id !== 0) { if ($user && $user->id !== 0) {
$message = "{$user->username} is already a member here!" $message = "{$user->username} is already a member here!"
. " If this is you please use the password reset form instead of making a new account."; . " If this is you please use the password reset form instead of making a new account.";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Username too short // Username too short
if (strlen($username) < config('user.name_min')) { if (strlen($username) < config('user.name_min')) {
$message = 'Your name must be at least 3 characters long.'; $message = 'Your name must be at least 3 characters long.';
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Username too long // Username too long
if (strlen($username) > config('user.name_max')) { if (strlen($username) > config('user.name_max')) {
$message = 'Your name can\'t be longer than 16 characters.'; $message = 'Your name can\'t be longer than 16 characters.';
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Check if the given email address is formatted properly // Check if the given email address is formatted properly
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$message = 'Your e-mail address is formatted incorrectly.'; $message = 'Your e-mail address is formatted incorrectly.';
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Check the MX record of the email // Check the MX record of the email
if (!check_mx_record($email)) { if (!check_mx_record($email)) {
$message = 'No valid MX-Record found on the e-mail address you supplied.'; $message = 'No valid MX-Record found on the e-mail address you supplied.';
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Check if the e-mail has already been used // Check if the e-mail has already been used
@ -293,19 +234,13 @@ class AuthController extends Controller
->count(); ->count();
if ($emailCheck) { if ($emailCheck) {
$message = 'Someone already registered using this email!'; $message = 'Someone already registered using this email!';
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Check password entropy // Check password entropy
if (password_entropy($password) < config('user.pass_min_entropy')) { if (password_entropy($password) < config('user.pass_min_entropy')) {
$message = 'Your password is too weak, try adding some special characters.'; $message = 'Your password is too weak, try adding some special characters.';
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Set a few variables // Set a few variables
@ -322,14 +257,12 @@ class AuthController extends Controller
} }
// Return true with a specific message if needed // Return true with a specific message if needed
$redirect = Router::route('auth.login'); $redirect = route('auth.login');
$message = $requireActive $message = $requireActive
? 'Your registration went through! An activation e-mail has been sent.' ? 'Your registration went through! An activation e-mail has been sent.'
: 'Your registration went through! Welcome to ' . config('general.name') . '!'; : 'Your registration went through! Welcome to ' . config('general.name') . '!';
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
/** /**
@ -339,11 +272,11 @@ class AuthController extends Controller
public function activate() public function activate()
{ {
// Preliminarily set activation to failed // Preliminarily set activation to failed
$redirect = Router::route('main.index'); $redirect = route('main.index');
// Attempt to get the required GET parameters // Attempt to get the required GET parameters
$userId = isset($_GET['u']) ? $_GET['u'] : 0; $userId = $_GET['u'] ?? 0;
$key = isset($_GET['k']) ? $_GET['k'] : ""; $key = $_GET['k'] ?? "";
// Attempt to create a user object // Attempt to create a user object
$user = User::construct($userId); $user = User::construct($userId);
@ -351,19 +284,13 @@ class AuthController extends Controller
// Quit if the user ID is 0 // Quit if the user ID is 0
if ($user->id === 0) { if ($user->id === 0) {
$message = "This user does not exist! Contact us if you think this isn't right."; $message = "This user does not exist! Contact us if you think this isn't right.";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Check if the user is already active // Check if the user is already active
if (!$user->permission(Site::DEACTIVATED)) { if (!$user->permission(Site::DEACTIVATED)) {
$message = "Your account is already activated! Why are you here?"; $message = "Your account is already activated! Why are you here?";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Validate the activation key // Validate the activation key
@ -371,10 +298,7 @@ class AuthController extends Controller
if (!$action) { if (!$action) {
$message = "Invalid activation code! Contact us if you think this isn't right."; $message = "Invalid activation code! Contact us if you think this isn't right.";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Get the ids for deactivated and default user ranks // Get the ids for deactivated and default user ranks
@ -386,41 +310,25 @@ class AuthController extends Controller
$user->setMainRank($rankDefault); $user->setMainRank($rankDefault);
$user->removeRanks([$rankDeactive]); $user->removeRanks([$rankDeactive]);
$redirect = Router::route('auth.login'); $redirect = route('auth.login');
$message = "Your account is activated, welcome to " . config('general.name') . "!"; $message = "Your account is activated, welcome to " . config('general.name') . "!";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
/**
* Get the reactivation request form.
* @return string
*/
public function reactivateGet()
{
return Template::render('auth/reactivate');
} }
/** /**
* Do a reactivation preparation attempt. * Do a reactivation preparation attempt.
* @return string * @return string
*/ */
public function reactivatePost() public function reactivate()
{ {
// Preliminarily set registration to failed
$redirect = Router::route('auth.reactivate');
// Validate session // Validate session
if (!session_check()) { if (!session_check()) {
$message = "Your session expired, refreshing the page will most likely fix this!"; return view('auth/reactivate');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Preliminarily set registration to failed
$redirect = route('auth.reactivate');
// Grab forms // Grab forms
$username = isset($_POST['username']) ? clean_string($_POST['username'], true) : null; $username = isset($_POST['username']) ? clean_string($_POST['username'], true) : null;
$email = isset($_POST['email']) ? clean_string($_POST['email'], true) : null; $email = isset($_POST['email']) ? clean_string($_POST['email'], true) : null;
@ -434,10 +342,7 @@ class AuthController extends Controller
// Check if user exists // Check if user exists
if (!$getUser) { if (!$getUser) {
$message = "User not found! Double check your username and e-mail address!"; $message = "User not found! Double check your username and e-mail address!";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Create user object // Create user object
@ -446,56 +351,37 @@ class AuthController extends Controller
// Check if a user is activated // Check if a user is activated
if (!$user->permission(Site::DEACTIVATED)) { if (!$user->permission(Site::DEACTIVATED)) {
$message = "Your account is already activated! Why are you here?"; $message = "Your account is already activated! Why are you here?";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Send activation e-mail to user // Send activation e-mail to user
$this->sendActivationMail($user); $this->sendActivationMail($user);
$redirect = Router::route('auth.login'); $redirect = route('auth.login');
$message = "Sent the e-mail! Make sure to check your spam folder as well!"; $message = "Sent the e-mail! Make sure to check your spam folder as well!";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
/**
* Get the password reset forum.
* @return string
*/
public function resetPasswordGet()
{
return Template::render('auth/resetpassword');
} }
/** /**
* Do a password reset attempt. * Do a password reset attempt.
* @return string * @return string
*/ */
public function resetPasswordPost() public function resetPassword()
{ {
// Preliminarily set action to failed
$redirect = Router::route('main.index');
// Validate session // Validate session
if (!session_check()) { if (!session_check()) {
$message = "Your session expired, refreshing the page will most likely fix this!"; return view('auth/resetpassword');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Preliminarily set action to failed
$redirect = route('main.index');
// Attempt to get the various required GET parameters // Attempt to get the various required GET parameters
$userId = isset($_POST['user']) ? $_POST['user'] : 0; $userId = $_POST['user'] ?? 0;
$key = isset($_POST['key']) ? $_POST['key'] : ""; $key = $_POST['key'] ?? "";
$password = isset($_POST['password']) ? $_POST['password'] : ""; $password = $_POST['password'] ?? "";
$userName = isset($_POST['username']) ? clean_string($_POST['username'], true) : ""; $userName = clean_string($_POST['username'] ?? "", true);
$email = isset($_POST['email']) ? clean_string($_POST['email'], true) : null; $email = clean_string($_POST['email'] ?? "", true);
// Create user object // Create user object
$user = User::construct($userId ? $userId : $userName); $user = User::construct($userId ? $userId : $userName);
@ -503,29 +389,20 @@ class AuthController extends Controller
// Quit if the user ID is 0 // Quit if the user ID is 0
if ($user->id === 0 || ($email !== null ? $email !== $user->email : false)) { if ($user->id === 0 || ($email !== null ? $email !== $user->email : false)) {
$message = "This user does not exist! Contact us if you think this isn't right."; $message = "This user does not exist! Contact us if you think this isn't right.";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Check if the user is active // Check if the user is active
if ($user->permission(Site::DEACTIVATED)) { if ($user->permission(Site::DEACTIVATED)) {
$message = "Your account is deactivated, go activate it first..."; $message = "Your account is deactivated, go activate it first...";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
if ($key && $password) { if ($key && $password) {
// Check password entropy // Check password entropy
if (password_entropy($password) < config('user.pass_min_entropy')) { if (password_entropy($password) < config('user.pass_min_entropy')) {
$message = "Your password doesn't meet the strength requirements!"; $message = "Your password doesn't meet the strength requirements!";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Validate the activation key // Validate the activation key
@ -533,27 +410,22 @@ class AuthController extends Controller
if (!$action) { if (!$action) {
$message = "Invalid verification code! Contact us if you think this isn't right."; $message = "Invalid verification code! Contact us if you think this isn't right.";
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$user->setPassword($password); $user->setPassword($password);
$message = "Changed your password! You may now log in."; $message = "Changed your password! You may now log in.";
$redirect = Router::route('auth.login'); $redirect = route('auth.login');
} else { } else {
// Send the e-mail // Send the e-mail
$this->sendPasswordMail($user); $this->sendPasswordMail($user);
$message = "Sent the e-mail, keep an eye on your spam folder as well!"; $message = "Sent the e-mail, keep an eye on your spam folder as well!";
$redirect = Router::route('main.index'); $redirect = route('main.index');
} }
Template::vars(compact('message', 'redirect')); return view('global/information', compact('message', 'redirect'));
return Template::render('global/information');
} }
/** /**
@ -567,8 +439,8 @@ class AuthController extends Controller
$siteName = config('general.name'); $siteName = config('general.name');
$baseUrl = "http://{$_SERVER['HTTP_HOST']}"; $baseUrl = "http://{$_SERVER['HTTP_HOST']}";
$activateLink = Router::route('auth.activate') . "?u={$user->id}&k={$activate}"; $activateLink = route('auth.activate') . "?u={$user->id}&k={$activate}";
$profileLink = Router::route('user.profile', $user->id); $profileLink = route('user.profile', $user->id);
$signature = config('mail.signature'); $signature = config('mail.signature');
// Build the e-mail // Build the e-mail
@ -601,7 +473,7 @@ class AuthController extends Controller
$siteName = config('general.name'); $siteName = config('general.name');
$baseUrl = "http://{$_SERVER['HTTP_HOST']}"; $baseUrl = "http://{$_SERVER['HTTP_HOST']}";
$reactivateLink = Router::route('auth.resetpassword') . "?u={$user->id}&k={$verk}"; $reactivateLink = route('auth.resetpassword') . "?u={$user->id}&k={$verk}";
$signature = config('mail.signature'); $signature = config('mail.signature');
// Build the e-mail // Build the e-mail

29
app/Controllers/Forum/ForumController.php
View file

@ -6,6 +6,8 @@
namespace Sakura\Controllers\Forum; namespace Sakura\Controllers\Forum;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Phroute\Phroute\Exception\HttpRouteNotFoundException;
use Sakura\Config; use Sakura\Config;
use Sakura\CurrentSession; use Sakura\CurrentSession;
use Sakura\DB; use Sakura\DB;
@ -114,26 +116,22 @@ class ForumController extends Controller
{ {
$forum = new Forum($id); $forum = new Forum($id);
$redirect = route('forums.index');
$message = "The forum you tried to access does not exist!";
// Redirect forum id 0 to the main page // Redirect forum id 0 to the main page
if ($forum->id === 0) { if ($forum->id === 0) {
return header("Location: {$redirect}"); header("Location: " . route('forums.index'));
return;
} }
// Check if the forum exists // Check if the forum exists
if ($forum->id < 0 if ($forum->id < 0
|| !$forum->permission(ForumPerms::VIEW, CurrentSession::$user->id)) { || !$forum->permission(ForumPerms::VIEW, CurrentSession::$user->id)) {
return view('global/information', compact('message', 'redirect')); throw new HttpRouteNotFoundException();
} }
// Check if the forum isn't a link // Check if the forum isn't a link
if ($forum->type === 2) { if ($forum->type === 2) {
$message = "The forum you tried to access is a link. You're being redirected."; header("Location: {$forum->link}");
$redirect = $forum->link; return;
return view('global/information', compact('message', 'redirect'));
} }
return view('forum/forum', compact('forum')); return view('forum/forum', compact('forum'));
@ -146,11 +144,8 @@ class ForumController extends Controller
*/ */
public function markRead($id = 0) public function markRead($id = 0)
{ {
$redirect = route('forums.index');
if (!session_check('s')) { if (!session_check('s')) {
$message = "Your session expired! Go back and try again."; throw new HttpMethodNotAllowedException();
return view('global/information', compact('message', 'redirect'));
} }
$forum = new Forum($id); $forum = new Forum($id);
@ -158,15 +153,11 @@ class ForumController extends Controller
// Check if the forum exists // Check if the forum exists
if ($forum->id < 1 if ($forum->id < 1
|| !$forum->permission(ForumPerms::VIEW, CurrentSession::$user->id)) { || !$forum->permission(ForumPerms::VIEW, CurrentSession::$user->id)) {
$message = "The forum you tried to access does not exist."; throw new HttpRouteNotFoundException();
return view('global/information', compact('message', 'redirect'));
} }
$forum->trackUpdateAll(CurrentSession::$user->id); $forum->trackUpdateAll(CurrentSession::$user->id);
$message = 'All topics have been marked as read!'; header("Location: " . route('forums.forum', $forum->id));
$redirect = route('forums.forum', $forum->id);
return view('global/information', compact('message', 'redirect'));
} }
} }

38
app/Controllers/Forum/PostController.php
View file

@ -6,6 +6,8 @@
namespace Sakura\Controllers\Forum; namespace Sakura\Controllers\Forum;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Phroute\Phroute\Exception\HttpRouteNotFoundException;
use Sakura\CurrentSession; use Sakura\CurrentSession;
use Sakura\DB; use Sakura\DB;
use Sakura\Forum\Forum; use Sakura\Forum\Forum;
@ -36,10 +38,7 @@ class PostController extends Controller
if ($post->id === 0 if ($post->id === 0
|| $topic->id === 0 || $topic->id === 0
|| !$forum->permission(ForumPerms::VIEW, CurrentSession::$user->id)) { || !$forum->permission(ForumPerms::VIEW, CurrentSession::$user->id)) {
$message = "This post doesn't exist or you don't have access to it!"; throw new HttpRouteNotFoundException();
$redirect = route('forums.index');
return view('global/information', compact('message', 'redirect'));
} }
$topicLink = route('forums.topic', $topic->id); $topicLink = route('forums.topic', $topic->id);
@ -112,15 +111,7 @@ class PostController extends Controller
// Check if the forum exists // Check if the forum exists
if ($noAccess || $noEdit) { if ($noAccess || $noEdit) {
if ($noDelete) { throw new HttpMethodNotAllowedException();
$message = "You aren't allowed to edit posts in this topic!";
$redirect = route('forums.post', $post->id);
} else {
$message = "This post doesn't exist or you don't have access to it!";
$redirect = route('forums.index');
}
return view('global/information', compact('message', 'redirect'));
} }
$titleLength = strlen($title); $titleLength = strlen($title);
@ -217,22 +208,11 @@ class PostController extends Controller
// Check if the forum exists // Check if the forum exists
if ($noAccess || $noDelete) { if ($noAccess || $noDelete) {
if ($noDelete) { throw new HttpMethodNotAllowedException();
$message = "You aren't allowed to delete posts in this topic!";
$redirect = route('forums.post', $post->id);
} else {
$message = "This post doesn't exist or you don't have access to it!";
$redirect = route('forums.index');
}
return view('global/information', compact('message', 'redirect'));
} }
if (session_check('sessionid')) { if (session_check('sessionid')) {
if (isset($_POST['yes'])) { if (isset($_POST['yes'])) {
// Set message
$message = "Deleted the post!";
// Check if the topic only has 1 post // Check if the topic only has 1 post
if ($topic->replyCount() === 1) { if ($topic->replyCount() === 1) {
// Delete the entire topic // Delete the entire topic
@ -245,12 +225,12 @@ class PostController extends Controller
$redirect = route('forums.topic', $topic->id); $redirect = route('forums.topic', $topic->id);
} }
} else {
return view('global/information', compact('message', 'redirect')); $redirect = route('forums.post', $post->id);
} }
$postLink = route('forums.post', $post->id); header("Location: {$redirect}");
return header("Location: {$postLink}"); return;
} }
$message = "Are you sure?"; $message = "Are you sure?";

22
app/Controllers/NewsController.php
View file

@ -6,10 +6,10 @@
namespace Sakura\Controllers; namespace Sakura\Controllers;
use Phroute\Phroute\Exception\HttpRouteNotFoundException;
use Sakura\Config; use Sakura\Config;
use Sakura\News\Category; use Sakura\News\Category;
use Sakura\News\Post; use Sakura\News\Post;
use Sakura\Template;
/** /**
* News controller. * News controller.
@ -35,16 +35,10 @@ class NewsController extends Controller
$category = new Category($category); $category = new Category($category);
if (!$category->posts()) { if (!$category->posts()) {
$message = "This news category doesn't exist!"; throw new HttpRouteNotFoundException();
Template::vars(compact('message'));
return Template::render('global/information');
} }
Template::vars(compact('category')); return view('news/category', compact('category'));
return Template::render('news/category');
} }
/** /**
@ -58,15 +52,9 @@ class NewsController extends Controller
$post = new Post($id); $post = new Post($id);
if (!$post->id) { if (!$post->id) {
$message = "This news post doesn't exist!"; throw new HttpRouteNotFoundException();
Template::vars(compact('message'));
return Template::render('global/information');
} }
Template::vars(compact('post')); return view('news/post', compact('post'));
return Template::render('news/post');
} }
} }

48
app/Controllers/PremiumController.php
View file

@ -7,12 +7,11 @@
namespace Sakura\Controllers; namespace Sakura\Controllers;
use Exception; use Exception;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\Config; use Sakura\Config;
use Sakura\CurrentSession; use Sakura\CurrentSession;
use Sakura\Payments; use Sakura\Payments;
use Sakura\Perms\Site; use Sakura\Perms\Site;
use Sakura\Router;
use Sakura\Template;
/** /**
* Premium pages controller. * Premium pages controller.
@ -43,10 +42,7 @@ class PremiumController extends Controller
{ {
$price = config('premium.price_per_month'); $price = config('premium.price_per_month');
$amountLimit = config('premium.max_months_at_once'); $amountLimit = config('premium.max_months_at_once');
return view('premium/index', compact('price', 'amountLimit'));
Template::vars(compact('price', 'amountLimit'));
return Template::render('premium/index');
} }
/** /**
@ -62,12 +58,7 @@ class PremiumController extends Controller
if (!session_check() if (!session_check()
|| CurrentSession::$user->permission(Site::DEACTIVATED) || CurrentSession::$user->permission(Site::DEACTIVATED)
|| !CurrentSession::$user->permission(Site::OBTAIN_PREMIUM)) { || !CurrentSession::$user->permission(Site::OBTAIN_PREMIUM)) {
$message = "You are not allowed to get premium!"; throw new HttpMethodNotAllowedException();
$redirect = Router::route('premium.index');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Fetch the limit // Fetch the limit
@ -76,12 +67,8 @@ class PremiumController extends Controller
// Check months // Check months
if ($months < 1 if ($months < 1
|| $months > $amountLimit) { || $months > $amountLimit) {
$message = "An incorrect amount of months was specified, stop messing with the source."; header("Location: " . route('premium.error'));
$redirect = Router::route('premium.index'); return;
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
$pricePerMonth = config('premium.price_per_month'); $pricePerMonth = config('premium.price_per_month');
@ -94,7 +81,7 @@ class PremiumController extends Controller
. (isset($_SERVER['HTTPS']) ? 's' : '') . (isset($_SERVER['HTTPS']) ? 's' : '')
. "://{$_SERVER['SERVER_NAME']}" . "://{$_SERVER['SERVER_NAME']}"
. ($_SERVER['SERVER_PORT'] != 80 ? ":{$_SERVER['SERVER_PORT']}" : ''); . ($_SERVER['SERVER_PORT'] != 80 ? ":{$_SERVER['SERVER_PORT']}" : '');
$handlerRoute = Router::route('premium.handle'); $handlerRoute = route('premium.handle');
$itemName = "{$siteName} Premium - {$months} month{$multiMonths}"; $itemName = "{$siteName} Premium - {$months} month{$multiMonths}";
$transactionName = "{$siteName} premium purchase"; $transactionName = "{$siteName} premium purchase";
@ -110,12 +97,8 @@ class PremiumController extends Controller
// Attempt to create a transaction // Attempt to create a transaction
if (!$transaction) { if (!$transaction) {
$message = "Something went wrong while preparing the transaction."; header("Location: " . route('premium.error'));
$redirect = Router::route('premium.index'); return;
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
} }
// Store the amount of months in the global session array // Store the amount of months in the global session array
@ -135,8 +118,8 @@ class PremiumController extends Controller
$payer = isset($_GET['PayerID']) ? $_GET['PayerID'] : null; $payer = isset($_GET['PayerID']) ? $_GET['PayerID'] : null;
$months = isset($_SESSION['premiumMonths']) ? $_SESSION['premiumMonths'] : null; $months = isset($_SESSION['premiumMonths']) ? $_SESSION['premiumMonths'] : null;
$successRoute = Router::route('premium.complete'); $successRoute = route('premium.complete');
$failRoute = Router::route('premium.index') . "?fail=true"; $failRoute = route('premium.error');
if (!$success if (!$success
|| !$payment || !$payment
@ -167,6 +150,15 @@ class PremiumController extends Controller
*/ */
public function complete() public function complete()
{ {
return Template::render('premium/complete'); return view('premium/complete');
}
/**
* Errors.
* @return string
*/
public function error()
{
return view('premium/error');
} }
} }

9
app/Controllers/Settings/AccountController.php
View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers\Settings; namespace Sakura\Controllers\Settings;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\CurrentSession; use Sakura\CurrentSession;
use Sakura\DB; use Sakura\DB;
use Sakura\Perms\Site; use Sakura\Perms\Site;
@ -25,9 +26,7 @@ class AccountController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::ALTER_PROFILE)) { if (!CurrentSession::$user->permission(Site::ALTER_PROFILE)) {
$message = "You aren't allowed to edit your profile!"; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
} }
if (session_check()) { if (session_check()) {
@ -235,9 +234,7 @@ class AccountController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::ALTER_RANKS)) { if (!CurrentSession::$user->permission(Site::ALTER_RANKS)) {
$message = "You aren't allowed to manage your ranks."; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('redirect', 'message'));
} }
$rank = $_POST['rank'] ?? null; $rank = $_POST['rank'] ?? null;

8
app/Controllers/Settings/AdvancedController.php
View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers\Settings; namespace Sakura\Controllers\Settings;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\CurrentSession; use Sakura\CurrentSession;
use Sakura\Perms\Site; use Sakura\Perms\Site;
use Sakura\Session; use Sakura\Session;
@ -25,9 +26,7 @@ class AdvancedController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::MANAGE_SESSIONS)) { if (!CurrentSession::$user->permission(Site::MANAGE_SESSIONS)) {
$message = "You aren't allowed to manage sessions."; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
} }
$id = $_POST['id'] ?? null; $id = $_POST['id'] ?? null;
@ -73,8 +72,7 @@ class AdvancedController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::DEACTIVATE_ACCOUNT)) { if (!CurrentSession::$user->permission(Site::DEACTIVATE_ACCOUNT)) {
$message = "You aren't allowed to deactivate your account."; throw new HttpMethodNotAllowedException();
return view('global/information', compact('message', 'redirect'));
} }
$password = $_POST['password'] ?? null; $password = $_POST['password'] ?? null;

21
app/Controllers/Settings/AppearanceController.php
View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers\Settings; namespace Sakura\Controllers\Settings;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\CurrentSession; use Sakura\CurrentSession;
use Sakura\DB; use Sakura\DB;
use Sakura\File; use Sakura\File;
@ -129,9 +130,7 @@ class AppearanceController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::CHANGE_AVATAR)) { if (!CurrentSession::$user->permission(Site::CHANGE_AVATAR)) {
$message = "You aren't allowed to change your avatar."; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
} }
if (session_check()) { if (session_check()) {
@ -160,9 +159,7 @@ class AppearanceController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::CHANGE_BACKGROUND)) { if (!CurrentSession::$user->permission(Site::CHANGE_BACKGROUND)) {
$message = "You aren't allowed to change your background."; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
} }
if (session_check()) { if (session_check()) {
@ -191,9 +188,7 @@ class AppearanceController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::CHANGE_HEADER)) { if (!CurrentSession::$user->permission(Site::CHANGE_HEADER)) {
$message = "You aren't allowed to change your profile header."; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
} }
if (session_check()) { if (session_check()) {
@ -224,9 +219,7 @@ class AppearanceController extends Controller
CurrentSession::$user->page CurrentSession::$user->page
&& CurrentSession::$user->permission(Site::CHANGE_USERPAGE) && CurrentSession::$user->permission(Site::CHANGE_USERPAGE)
) && !CurrentSession::$user->permission(Site::CREATE_USERPAGE)) { ) && !CurrentSession::$user->permission(Site::CREATE_USERPAGE)) {
$message = "You aren't allowed to change your userpage."; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
} }
$userpage = $_POST['userpage'] ?? null; $userpage = $_POST['userpage'] ?? null;
@ -261,9 +254,7 @@ class AppearanceController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::CHANGE_SIGNATURE)) { if (!CurrentSession::$user->permission(Site::CHANGE_SIGNATURE)) {
$message = "You aren't allowed to change your signature."; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
} }
$signature = $_POST['signature'] ?? null; $signature = $_POST['signature'] ?? null;

9
app/Controllers/Settings/FriendsController.php
View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers\Settings; namespace Sakura\Controllers\Settings;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\CurrentSession; use Sakura\CurrentSession;
use Sakura\Perms\Site; use Sakura\Perms\Site;
@ -24,9 +25,7 @@ class FriendsController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::MANAGE_FRIENDS)) { if (!CurrentSession::$user->permission(Site::MANAGE_FRIENDS)) {
$message = "You aren't allowed to manage friends."; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
} }
return view('settings/friends/listing'); return view('settings/friends/listing');
@ -40,9 +39,7 @@ class FriendsController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::MANAGE_FRIENDS)) { if (!CurrentSession::$user->permission(Site::MANAGE_FRIENDS)) {
$message = "You aren't allowed to manage friends."; throw new HttpMethodNotAllowedException();
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
} }
return view('settings/friends/requests'); return view('settings/friends/requests');

28
app/Controllers/UserController.php
View file

@ -11,8 +11,6 @@ use Sakura\CurrentSession;
use Sakura\DB; use Sakura\DB;
use Sakura\Perms\Site; use Sakura\Perms\Site;
use Sakura\Rank; use Sakura\Rank;
use Sakura\Router;
use Sakura\Template;
use Sakura\User; use Sakura\User;
/** /**
@ -38,25 +36,17 @@ class UserController extends Controller
$check = DB::table('username_history') $check = DB::table('username_history')
->where('username_old_clean', clean_string($id, true, true)) ->where('username_old_clean', clean_string($id, true, true))
->orderBy('change_id', 'desc') ->orderBy('change_id', 'desc')
->get(); ->first();
// Redirect if so // Redirect if so
if ($check) { if ($check) {
$message = "This user changed their username! Redirecting you to their new profile."; $message = "This user changed their username! Redirecting you to their new profile.";
$redirect = Router::route('user.profile', $check[0]->user_id); $redirect = route('user.profile', $check->user_id);
return view('global/information', compact('message', 'redirect'));
Template::vars(compact('message', 'redirect'));
// Print page contents
return Template::render('global/information');
} }
} }
// Set parse variables return view((isset($_GET['new']) ? '@aitemu/' : '') . 'user/profile', compact('profile'));
Template::vars(compact('profile'));
// Print page contents
return Template::render((isset($_GET['new']) ? '@aitemu/' : '') . 'user/profile');
} }
/** /**
@ -68,7 +58,7 @@ class UserController extends Controller
{ {
// Check permission // Check permission
if (!CurrentSession::$user->permission(Site::VIEW_MEMBERLIST)) { if (!CurrentSession::$user->permission(Site::VIEW_MEMBERLIST)) {
return Template::render('global/restricted'); return view('global/restricted');
} }
// Get all ranks // Get all ranks
@ -92,11 +82,7 @@ class UserController extends Controller
// Get members per page // Get members per page
$membersPerPage = 30; $membersPerPage = 30;
// Set parse variables return view('user/members', compact('ranks', 'rank', 'membersPerPage'));
Template::vars(compact('ranks', 'rank', 'membersPerPage'));
// Render the template
return Template::render('user/members');
} }
/** /**
@ -105,6 +91,6 @@ class UserController extends Controller
*/ */
public function report($id = 0) public function report($id = 0)
{ {
return Template::render('user/report'); return view('user/report');
} }
} }

30
resources/views/aitemu/meta/index.twig
View file

@ -1,24 +1,22 @@
{% extends 'master.twig' %} {% extends 'master.twig' %}
{% set banner_classes = "banner--insane landing__banner" %} {% set banner_classes = user.isActive ? "banner--large" : "banner--insane landing__banner" %}
{% set banner = "https://i.flash.moe/7131467636550.jpg" %} {% set banner = user.isActive ? route('user.header', user.id) : "https://i.flash.moe/7131467636550.jpg" %}
{% block banner_content %} {% block banner_content %}
<div class="landing__inner"> {% if user.isActive %}
<div class="landing__buttons"> {% else %}
<a href="{{ route('auth.register') }}" class="landing__button">register</a> <div class="landing__inner">
<a href="{{ route('auth.login') }}" class="landing__button">login</a> <div class="landing__buttons">
<a href="{{ route('auth.register') }}" class="landing__button">register</a>
<a href="{{ route('auth.login') }}" class="landing__button">login</a>
</div>
<div class="landing__text">
<p>Welcome to my humble abode, it doesn't look like much but if you like rectangles this is the place for you.</p>
<p>Allow me to expound for five paragraphs on why you should join.</p>
</div>
</div> </div>
<div class="landing__text"> {% endif %}
<p>Welcome to my humble abode, it doesn't look like much but if you like rectangles this is the place for you.</p>
<p>Allow me to expound for five paragraphs on why you should join.</p>
<p>Paragraph 1.</p>
<p>Paragraph 2.</p>
<p>Paragraph 3.</p>
<p>Paragraph 4.</p>
<p>Paragraph 5.</p>
</div>
</div>
{% endblock %} {% endblock %}
{% block content %} {% block content %}

11
resources/views/yuuno/premium/error.twig Normal file
View file

@ -0,0 +1,11 @@
{% extends 'master.twig' %}
{% set title = 'Something went wrong!' %}
{% block content %}
<div class="content standalone" style="text-align: center;">
<h1 class="stylised" style="margin: 1em auto;">Something went wrong!</h1>
<h1 class="fa fa-exclamation-triangle stylised" style="font-size: 20em;"></h1>
<h3>Your account shouldn't have been charged yet, if it has contact staff ASAP.</h3>
</div>
{% endblock %}

6
resources/views/yuuno/premium/index.twig
View file

@ -14,12 +14,6 @@
} %} } %}
{% block content %} {% block content %}
{% if get.fail %}
<div class="headerNotify">
<h1>The payment failed or was cancelled!</h1>
<p>Something went wrong while processing the transaction, your PayPal account wasn't charged.</p>
</div>
{% endif %}
<div class="content support"> <div class="content support">
<div class="head">Support {{ config('general.name') }}</div> <div class="head">Support {{ config('general.name') }}</div>
<div style="font-size: .9em; margin-bottom: 10px;"> <div style="font-size: .9em; margin-bottom: 10px;">

30
routes.php
View file

@ -6,21 +6,20 @@
// Define namespace // Define namespace
namespace Sakura; namespace Sakura;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Phroute\Phroute\Exception\HttpRouteNotFoundException;
// Check if logged out // Check if logged out
Router::filter('logoutCheck', function () { Router::filter('logoutCheck', function () {
if (CurrentSession::$user->isActive()) { if (CurrentSession::$user->isActive()) {
return view('global/information', [ throw new HttpRouteNotFoundException();
'message' => "You must be logged out to do that!",
]);
} }
}); });
// Check if logged in // Check if logged in
Router::filter('loginCheck', function () { Router::filter('loginCheck', function () {
if (!CurrentSession::$user->isActive()) { if (!CurrentSession::$user->isActive()) {
return view('global/information', [ throw new HttpMethodNotAllowedException();
'message' => "You must be logged in to do that!",
]);
} }
}); });
@ -29,7 +28,7 @@ Router::filter('maintenance', function () {
if (config('general.maintenance')) { if (config('general.maintenance')) {
CurrentSession::stop(); CurrentSession::stop();
http_response_code(503); http_response_code(503);
return view('global/maintenance'); return view('errors/503');
} }
}); });
@ -41,14 +40,14 @@ Router::group(['before' => 'maintenance'], function () {
// Auth // Auth
Router::group(['before' => 'logoutCheck'], function () { Router::group(['before' => 'logoutCheck'], function () {
Router::get('/login', 'AuthController@loginGet', 'auth.login'); Router::get('/login', 'AuthController@login', 'auth.login');
Router::post('/login', 'AuthController@loginPost', 'auth.login'); Router::post('/login', 'AuthController@login', 'auth.login');
Router::get('/register', 'AuthController@registerGet', 'auth.register'); Router::get('/register', 'AuthController@register', 'auth.register');
Router::post('/register', 'AuthController@registerPost', 'auth.register'); Router::post('/register', 'AuthController@register', 'auth.register');
Router::get('/resetpassword', 'AuthController@resetPasswordGet', 'auth.resetpassword'); Router::get('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::post('/resetpassword', 'AuthController@resetPasswordPost', 'auth.resetpassword'); Router::post('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::get('/reactivate', 'AuthController@reactivateGet', 'auth.reactivate'); Router::get('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::post('/reactivate', 'AuthController@reactivatePost', 'auth.reactivate'); Router::post('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::get('/activate', 'AuthController@activate', 'auth.activate'); Router::get('/activate', 'AuthController@activate', 'auth.activate');
}); });
Router::group(['before' => 'loginCheck'], function () { Router::group(['before' => 'loginCheck'], function () {
@ -192,6 +191,7 @@ Router::group(['before' => 'maintenance'], function () {
// Premium // Premium
Router::group(['prefix' => 'support', 'before' => 'loginCheck'], function () { Router::group(['prefix' => 'support', 'before' => 'loginCheck'], function () {
Router::get('/', 'PremiumController@index', 'premium.index'); Router::get('/', 'PremiumController@index', 'premium.index');
Router::get('/error', 'PremiumController@error', 'premium.error');
Router::get('/handle', 'PremiumController@handle', 'premium.handle'); Router::get('/handle', 'PremiumController@handle', 'premium.handle');
Router::get('/complete', 'PremiumController@complete', 'premium.complete'); Router::get('/complete', 'PremiumController@complete', 'premium.complete');
Router::post('/purchase', 'PremiumController@purchase', 'premium.purchase'); Router::post('/purchase', 'PremiumController@purchase', 'premium.purchase');