flash/sakura
flash/sakura
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

minimise the use of the global infromation page

Browse source
This commit is contained in:
flash 2016-09-10 17:05:54 +02:00
parent 2982c9fc36
commit 508d6a930d
14 changed files with 191 additions and 396 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

298
app/Controllers/AuthController.php
View file

@ -12,8 +12,6 @@ use Sakura\CurrentSession;
use Sakura\DB;
use Sakura\Net;
use Sakura\Perms\Site;
use Sakura\Router;
use Sakura\Template;
use Sakura\User;
/**
@ -47,11 +45,8 @@ class AuthController extends Controller
{
if (!session_check('s')) {
$message = 'Validation failed, this logout attempt was possibly forged.';
$redirect = (isset($_REQUEST['redirect']) ? $_REQUEST['redirect'] : Router::route('main.index'));
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
$redirect = $_REQUEST['redirect'] ?? route('main.index');
return view('global/information', compact('message', 'redirect'));
}
// Destroy the active session
@ -59,30 +54,22 @@ class AuthController extends Controller
// Return true indicating a successful logout
$message = 'Goodbye!';
$redirect = Router::route('auth.login');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
$redirect = route('auth.login');
return view('global/information', compact('message', 'redirect'));
}
/**
* Get the login page.
* Login page.
* @return string
*/
public function loginGet()
public function login()
{
return Template::render('auth/login');
}
if (!session_check()) {
return view('auth/login');
}
/**
* Do a login attempt.
* @return string
*/
public function loginPost()
{
// Preliminarily set login to failed
$redirect = Router::route('auth.login');
$redirect = route('auth.login');
// Get request variables
$username = $_REQUEST['username'] ?? null;
@ -98,9 +85,7 @@ class AuthController extends Controller
if ($rates > 4) {
$message = 'Your have hit the login rate limit, try again later.';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Get account data
@ -110,35 +95,27 @@ class AuthController extends Controller
if ($user->id === 0) {
$this->touchRateLimit($user->id);
$message = 'The user you tried to log into does not exist.';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
if ($user->passwordExpired()) {
$message = 'Your password expired.';
$redirect = Router::route('auth.resetpassword');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
$redirect = route('auth.resetpassword');
return view('global/information', compact('message', 'redirect'));
}
if (!$user->verifyPassword($password)) {
$this->touchRateLimit($user->id);
$message = 'The password you entered was invalid.';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Check if the user has the required privs to log in
if ($user->permission(Site::DEACTIVATED)) {
$this->touchRateLimit($user->id);
$message = 'Your account is deactivated, activate it first!';
$redirect = Router::route('auth.reactivate');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
$redirect = route('auth.reactivate');
return view('global/information', compact('message', 'redirect'));
}
// Generate a session key
@ -168,72 +145,51 @@ class AuthController extends Controller
$this->touchRateLimit($user->id, true);
$redirect = $user->lastOnline
? (isset($_REQUEST['redirect'])
? $_REQUEST['redirect']
: route('main.index'))
: route('info.welcome');
$redirect = $user->lastOnline ? ($_REQUEST['redirect'] ?? route('main.index')) : route('info.welcome');
$message = 'Welcome' . ($user->lastOnline ? ' back' : '') . '!';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
/**
* Get the registration page.
* @return string
*/
public function registerGet()
{
// Attempt to check if a user has already registered from the current IP
$getUserIP = DB::table('users')
->where('register_ip', Net::pton(Net::ip()))
->orWhere('last_ip', Net::pton(Net::ip()))
->get();
if ($getUserIP) {
Template::vars([
'haltRegistration' => count($getUserIP) > 1,
'haltName' => $getUserIP[array_rand($getUserIP)]->username,
]);
}
return Template::render('auth/register');
return view('global/information', compact('message', 'redirect'));
}
/**
* Do a registration attempt.
* @return string
*/
public function registerPost()
public function register()
{
// Preliminarily set registration to failed
$redirect = Router::route('auth.register');
$redirect = route('auth.register');
// Check if authentication is disallowed
if (config('user.disable_registration')) {
$message = 'Registration is disabled for security checkups! Try again later.';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Check if authentication is disallowed
if (!session_check()) {
$message = "Your session expired, refreshing the page will most likely fix this!";
// Attempt to check if a user has already registered from the current IP
$getUserIP = DB::table('users')
->where('register_ip', Net::pton(Net::ip()))
->orWhere('last_ip', Net::pton(Net::ip()))
->get();
Template::vars(compact('message', 'redirect'));
$vars = [];
return Template::render('global/information');
if ($getUserIP) {
$vars = [
'haltRegistration' => count($getUserIP) > 1,
'haltName' => $getUserIP[array_rand($getUserIP)]->username,
];
}
return view('auth/register', $vars);
}
// Grab forms
$username = isset($_POST['username']) ? $_POST['username'] : null;
$password = isset($_POST['password']) ? $_POST['password'] : null;
$email = isset($_POST['email']) ? $_POST['email'] : null;
$username = $_POST['username'] ?? null;
$password = $_POST['password'] ?? null;
$email = $_POST['email'] ?? null;
// Append username and email to the redirection url
$redirect .= "?username={$username}&email={$email}";
@ -245,46 +201,31 @@ class AuthController extends Controller
if ($user && $user->id !== 0) {
$message = "{$user->username} is already a member here!"
. " If this is you please use the password reset form instead of making a new account.";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Username too short
if (strlen($username) < config('user.name_min')) {
$message = 'Your name must be at least 3 characters long.';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Username too long
if (strlen($username) > config('user.name_max')) {
$message = 'Your name can\'t be longer than 16 characters.';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Check if the given email address is formatted properly
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$message = 'Your e-mail address is formatted incorrectly.';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Check the MX record of the email
if (!check_mx_record($email)) {
$message = 'No valid MX-Record found on the e-mail address you supplied.';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Check if the e-mail has already been used
@ -293,19 +234,13 @@ class AuthController extends Controller
->count();
if ($emailCheck) {
$message = 'Someone already registered using this email!';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Check password entropy
if (password_entropy($password) < config('user.pass_min_entropy')) {
$message = 'Your password is too weak, try adding some special characters.';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Set a few variables
@ -322,14 +257,12 @@ class AuthController extends Controller
}
// Return true with a specific message if needed
$redirect = Router::route('auth.login');
$redirect = route('auth.login');
$message = $requireActive
? 'Your registration went through! An activation e-mail has been sent.'
: 'Your registration went through! Welcome to ' . config('general.name') . '!';
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
/**
@ -339,11 +272,11 @@ class AuthController extends Controller
public function activate()
{
// Preliminarily set activation to failed
$redirect = Router::route('main.index');
$redirect = route('main.index');
// Attempt to get the required GET parameters
$userId = isset($_GET['u']) ? $_GET['u'] : 0;
$key = isset($_GET['k']) ? $_GET['k'] : "";
$userId = $_GET['u'] ?? 0;
$key = $_GET['k'] ?? "";
// Attempt to create a user object
$user = User::construct($userId);
@ -351,19 +284,13 @@ class AuthController extends Controller
// Quit if the user ID is 0
if ($user->id === 0) {
$message = "This user does not exist! Contact us if you think this isn't right.";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Check if the user is already active
if (!$user->permission(Site::DEACTIVATED)) {
$message = "Your account is already activated! Why are you here?";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Validate the activation key
@ -371,10 +298,7 @@ class AuthController extends Controller
if (!$action) {
$message = "Invalid activation code! Contact us if you think this isn't right.";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Get the ids for deactivated and default user ranks
@ -386,41 +310,25 @@ class AuthController extends Controller
$user->setMainRank($rankDefault);
$user->removeRanks([$rankDeactive]);
$redirect = Router::route('auth.login');
$redirect = route('auth.login');
$message = "Your account is activated, welcome to " . config('general.name') . "!";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
/**
* Get the reactivation request form.
* @return string
*/
public function reactivateGet()
{
return Template::render('auth/reactivate');
return view('global/information', compact('message', 'redirect'));
}
/**
* Do a reactivation preparation attempt.
* @return string
*/
public function reactivatePost()
public function reactivate()
{
// Preliminarily set registration to failed
$redirect = Router::route('auth.reactivate');
// Validate session
if (!session_check()) {
$message = "Your session expired, refreshing the page will most likely fix this!";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('auth/reactivate');
}
// Preliminarily set registration to failed
$redirect = route('auth.reactivate');
// Grab forms
$username = isset($_POST['username']) ? clean_string($_POST['username'], true) : null;
$email = isset($_POST['email']) ? clean_string($_POST['email'], true) : null;
@ -434,10 +342,7 @@ class AuthController extends Controller
// Check if user exists
if (!$getUser) {
$message = "User not found! Double check your username and e-mail address!";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Create user object
@ -446,56 +351,37 @@ class AuthController extends Controller
// Check if a user is activated
if (!$user->permission(Site::DEACTIVATED)) {
$message = "Your account is already activated! Why are you here?";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Send activation e-mail to user
$this->sendActivationMail($user);
$redirect = Router::route('auth.login');
$redirect = route('auth.login');
$message = "Sent the e-mail! Make sure to check your spam folder as well!";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
}
/**
* Get the password reset forum.
* @return string
*/
public function resetPasswordGet()
{
return Template::render('auth/resetpassword');
return view('global/information', compact('message', 'redirect'));
}
/**
* Do a password reset attempt.
* @return string
*/
public function resetPasswordPost()
public function resetPassword()
{
// Preliminarily set action to failed
$redirect = Router::route('main.index');
// Validate session
if (!session_check()) {
$message = "Your session expired, refreshing the page will most likely fix this!";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('auth/resetpassword');
}
// Preliminarily set action to failed
$redirect = route('main.index');
// Attempt to get the various required GET parameters
$userId = isset($_POST['user']) ? $_POST['user'] : 0;
$key = isset($_POST['key']) ? $_POST['key'] : "";
$password = isset($_POST['password']) ? $_POST['password'] : "";
$userName = isset($_POST['username']) ? clean_string($_POST['username'], true) : "";
$email = isset($_POST['email']) ? clean_string($_POST['email'], true) : null;
$userId = $_POST['user'] ?? 0;
$key = $_POST['key'] ?? "";
$password = $_POST['password'] ?? "";
$userName = clean_string($_POST['username'] ?? "", true);
$email = clean_string($_POST['email'] ?? "", true);
// Create user object
$user = User::construct($userId ? $userId : $userName);
@ -503,29 +389,20 @@ class AuthController extends Controller
// Quit if the user ID is 0
if ($user->id === 0 || ($email !== null ? $email !== $user->email : false)) {
$message = "This user does not exist! Contact us if you think this isn't right.";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Check if the user is active
if ($user->permission(Site::DEACTIVATED)) {
$message = "Your account is deactivated, go activate it first...";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
if ($key && $password) {
// Check password entropy
if (password_entropy($password) < config('user.pass_min_entropy')) {
$message = "Your password doesn't meet the strength requirements!";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
// Validate the activation key
@ -533,27 +410,22 @@ class AuthController extends Controller
if (!$action) {
$message = "Invalid verification code! Contact us if you think this isn't right.";
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
$user->setPassword($password);
$message = "Changed your password! You may now log in.";
$redirect = Router::route('auth.login');
$redirect = route('auth.login');
} else {
// Send the e-mail
$this->sendPasswordMail($user);
$message = "Sent the e-mail, keep an eye on your spam folder as well!";
$redirect = Router::route('main.index');
$redirect = route('main.index');
}
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
return view('global/information', compact('message', 'redirect'));
}
/**
@ -567,8 +439,8 @@ class AuthController extends Controller
$siteName = config('general.name');
$baseUrl = "http://{$_SERVER['HTTP_HOST']}";
$activateLink = Router::route('auth.activate') . "?u={$user->id}&k={$activate}";
$profileLink = Router::route('user.profile', $user->id);
$activateLink = route('auth.activate') . "?u={$user->id}&k={$activate}";
$profileLink = route('user.profile', $user->id);
$signature = config('mail.signature');
// Build the e-mail
@ -601,7 +473,7 @@ class AuthController extends Controller
$siteName = config('general.name');
$baseUrl = "http://{$_SERVER['HTTP_HOST']}";
$reactivateLink = Router::route('auth.resetpassword') . "?u={$user->id}&k={$verk}";
$reactivateLink = route('auth.resetpassword') . "?u={$user->id}&k={$verk}";
$signature = config('mail.signature');
// Build the e-mail

29
app/Controllers/Forum/ForumController.php
View file

@ -6,6 +6,8 @@
namespace Sakura\Controllers\Forum;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Phroute\Phroute\Exception\HttpRouteNotFoundException;
use Sakura\Config;
use Sakura\CurrentSession;
use Sakura\DB;
@ -114,26 +116,22 @@ class ForumController extends Controller
{
$forum = new Forum($id);
$redirect = route('forums.index');
$message = "The forum you tried to access does not exist!";
// Redirect forum id 0 to the main page
if ($forum->id === 0) {
return header("Location: {$redirect}");
header("Location: " . route('forums.index'));
return;
}
// Check if the forum exists
if ($forum->id < 0
|| !$forum->permission(ForumPerms::VIEW, CurrentSession::$user->id)) {
return view('global/information', compact('message', 'redirect'));
throw new HttpRouteNotFoundException();
}
// Check if the forum isn't a link
if ($forum->type === 2) {
$message = "The forum you tried to access is a link. You're being redirected.";
$redirect = $forum->link;
return view('global/information', compact('message', 'redirect'));
header("Location: {$forum->link}");
return;
}
return view('forum/forum', compact('forum'));
@ -146,11 +144,8 @@ class ForumController extends Controller
*/
public function markRead($id = 0)
{
$redirect = route('forums.index');
if (!session_check('s')) {
$message = "Your session expired! Go back and try again.";
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
$forum = new Forum($id);
@ -158,15 +153,11 @@ class ForumController extends Controller
// Check if the forum exists
if ($forum->id < 1
|| !$forum->permission(ForumPerms::VIEW, CurrentSession::$user->id)) {
$message = "The forum you tried to access does not exist.";
return view('global/information', compact('message', 'redirect'));
throw new HttpRouteNotFoundException();
}
$forum->trackUpdateAll(CurrentSession::$user->id);
$message = 'All topics have been marked as read!';
$redirect = route('forums.forum', $forum->id);
return view('global/information', compact('message', 'redirect'));
header("Location: " . route('forums.forum', $forum->id));
}
}

38
app/Controllers/Forum/PostController.php
View file

@ -6,6 +6,8 @@
namespace Sakura\Controllers\Forum;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Phroute\Phroute\Exception\HttpRouteNotFoundException;
use Sakura\CurrentSession;
use Sakura\DB;
use Sakura\Forum\Forum;
@ -36,10 +38,7 @@ class PostController extends Controller
if ($post->id === 0
|| $topic->id === 0
|| !$forum->permission(ForumPerms::VIEW, CurrentSession::$user->id)) {
$message = "This post doesn't exist or you don't have access to it!";
$redirect = route('forums.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpRouteNotFoundException();
}
$topicLink = route('forums.topic', $topic->id);
@ -112,15 +111,7 @@ class PostController extends Controller
// Check if the forum exists
if ($noAccess || $noEdit) {
if ($noDelete) {
$message = "You aren't allowed to edit posts in this topic!";
$redirect = route('forums.post', $post->id);
} else {
$message = "This post doesn't exist or you don't have access to it!";
$redirect = route('forums.index');
}
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
$titleLength = strlen($title);
@ -217,22 +208,11 @@ class PostController extends Controller
// Check if the forum exists
if ($noAccess || $noDelete) {
if ($noDelete) {
$message = "You aren't allowed to delete posts in this topic!";
$redirect = route('forums.post', $post->id);
} else {
$message = "This post doesn't exist or you don't have access to it!";
$redirect = route('forums.index');
}
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
if (session_check('sessionid')) {
if (isset($_POST['yes'])) {
// Set message
$message = "Deleted the post!";
// Check if the topic only has 1 post
if ($topic->replyCount() === 1) {
// Delete the entire topic
@ -245,12 +225,12 @@ class PostController extends Controller
$redirect = route('forums.topic', $topic->id);
}
return view('global/information', compact('message', 'redirect'));
} else {
$redirect = route('forums.post', $post->id);
}
$postLink = route('forums.post', $post->id);
return header("Location: {$postLink}");
header("Location: {$redirect}");
return;
}
$message = "Are you sure?";

22
app/Controllers/NewsController.php
View file

@ -6,10 +6,10 @@
namespace Sakura\Controllers;
use Phroute\Phroute\Exception\HttpRouteNotFoundException;
use Sakura\Config;
use Sakura\News\Category;
use Sakura\News\Post;
use Sakura\Template;
/**
* News controller.
@ -35,16 +35,10 @@ class NewsController extends Controller
$category = new Category($category);
if (!$category->posts()) {
$message = "This news category doesn't exist!";
Template::vars(compact('message'));
return Template::render('global/information');
throw new HttpRouteNotFoundException();
}
Template::vars(compact('category'));
return Template::render('news/category');
return view('news/category', compact('category'));
}
/**
@ -58,15 +52,9 @@ class NewsController extends Controller
$post = new Post($id);
if (!$post->id) {
$message = "This news post doesn't exist!";
Template::vars(compact('message'));
return Template::render('global/information');
throw new HttpRouteNotFoundException();
}
Template::vars(compact('post'));
return Template::render('news/post');
return view('news/post', compact('post'));
}
}

48
app/Controllers/PremiumController.php
View file

@ -7,12 +7,11 @@
namespace Sakura\Controllers;
use Exception;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\Config;
use Sakura\CurrentSession;
use Sakura\Payments;
use Sakura\Perms\Site;
use Sakura\Router;
use Sakura\Template;
/**
* Premium pages controller.
@ -43,10 +42,7 @@ class PremiumController extends Controller
{
$price = config('premium.price_per_month');
$amountLimit = config('premium.max_months_at_once');
Template::vars(compact('price', 'amountLimit'));
return Template::render('premium/index');
return view('premium/index', compact('price', 'amountLimit'));
}
/**
@ -62,12 +58,7 @@ class PremiumController extends Controller
if (!session_check()
|| CurrentSession::$user->permission(Site::DEACTIVATED)
|| !CurrentSession::$user->permission(Site::OBTAIN_PREMIUM)) {
$message = "You are not allowed to get premium!";
$redirect = Router::route('premium.index');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
throw new HttpMethodNotAllowedException();
}
// Fetch the limit
@ -76,12 +67,8 @@ class PremiumController extends Controller
// Check months
if ($months < 1
|| $months > $amountLimit) {
$message = "An incorrect amount of months was specified, stop messing with the source.";
$redirect = Router::route('premium.index');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
header("Location: " . route('premium.error'));
return;
}
$pricePerMonth = config('premium.price_per_month');
@ -94,7 +81,7 @@ class PremiumController extends Controller
. (isset($_SERVER['HTTPS']) ? 's' : '')
. "://{$_SERVER['SERVER_NAME']}"
. ($_SERVER['SERVER_PORT'] != 80 ? ":{$_SERVER['SERVER_PORT']}" : '');
$handlerRoute = Router::route('premium.handle');
$handlerRoute = route('premium.handle');
$itemName = "{$siteName} Premium - {$months} month{$multiMonths}";
$transactionName = "{$siteName} premium purchase";
@ -110,12 +97,8 @@ class PremiumController extends Controller
// Attempt to create a transaction
if (!$transaction) {
$message = "Something went wrong while preparing the transaction.";
$redirect = Router::route('premium.index');
Template::vars(compact('message', 'redirect'));
return Template::render('global/information');
header("Location: " . route('premium.error'));
return;
}
// Store the amount of months in the global session array
@ -135,8 +118,8 @@ class PremiumController extends Controller
$payer = isset($_GET['PayerID']) ? $_GET['PayerID'] : null;
$months = isset($_SESSION['premiumMonths']) ? $_SESSION['premiumMonths'] : null;
$successRoute = Router::route('premium.complete');
$failRoute = Router::route('premium.index') . "?fail=true";
$successRoute = route('premium.complete');
$failRoute = route('premium.error');
if (!$success
|| !$payment
@ -167,6 +150,15 @@ class PremiumController extends Controller
*/
public function complete()
{
return Template::render('premium/complete');
return view('premium/complete');
}
/**
* Errors.
* @return string
*/
public function error()
{
return view('premium/error');
}
}

9
app/Controllers/Settings/AccountController.php
View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers\Settings;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\CurrentSession;
use Sakura\DB;
use Sakura\Perms\Site;
@ -25,9 +26,7 @@ class AccountController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::ALTER_PROFILE)) {
$message = "You aren't allowed to edit your profile!";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
if (session_check()) {
@ -235,9 +234,7 @@ class AccountController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::ALTER_RANKS)) {
$message = "You aren't allowed to manage your ranks.";
$redirect = route('settings.index');
return view('global/information', compact('redirect', 'message'));
throw new HttpMethodNotAllowedException();
}
$rank = $_POST['rank'] ?? null;

8
app/Controllers/Settings/AdvancedController.php
View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers\Settings;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\CurrentSession;
use Sakura\Perms\Site;
use Sakura\Session;
@ -25,9 +26,7 @@ class AdvancedController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::MANAGE_SESSIONS)) {
$message = "You aren't allowed to manage sessions.";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
$id = $_POST['id'] ?? null;
@ -73,8 +72,7 @@ class AdvancedController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::DEACTIVATE_ACCOUNT)) {
$message = "You aren't allowed to deactivate your account.";
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
$password = $_POST['password'] ?? null;

21
app/Controllers/Settings/AppearanceController.php
View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers\Settings;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\CurrentSession;
use Sakura\DB;
use Sakura\File;
@ -129,9 +130,7 @@ class AppearanceController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::CHANGE_AVATAR)) {
$message = "You aren't allowed to change your avatar.";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
if (session_check()) {
@ -160,9 +159,7 @@ class AppearanceController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::CHANGE_BACKGROUND)) {
$message = "You aren't allowed to change your background.";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
if (session_check()) {
@ -191,9 +188,7 @@ class AppearanceController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::CHANGE_HEADER)) {
$message = "You aren't allowed to change your profile header.";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
if (session_check()) {
@ -224,9 +219,7 @@ class AppearanceController extends Controller
CurrentSession::$user->page
&& CurrentSession::$user->permission(Site::CHANGE_USERPAGE)
) && !CurrentSession::$user->permission(Site::CREATE_USERPAGE)) {
$message = "You aren't allowed to change your userpage.";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
$userpage = $_POST['userpage'] ?? null;
@ -261,9 +254,7 @@ class AppearanceController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::CHANGE_SIGNATURE)) {
$message = "You aren't allowed to change your signature.";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
$signature = $_POST['signature'] ?? null;

9
app/Controllers/Settings/FriendsController.php
View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers\Settings;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\CurrentSession;
use Sakura\Perms\Site;
@ -24,9 +25,7 @@ class FriendsController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::MANAGE_FRIENDS)) {
$message = "You aren't allowed to manage friends.";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
return view('settings/friends/listing');
@ -40,9 +39,7 @@ class FriendsController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::MANAGE_FRIENDS)) {
$message = "You aren't allowed to manage friends.";
$redirect = route('settings.index');
return view('global/information', compact('message', 'redirect'));
throw new HttpMethodNotAllowedException();
}
return view('settings/friends/requests');

28
app/Controllers/UserController.php
View file

@ -11,8 +11,6 @@ use Sakura\CurrentSession;
use Sakura\DB;
use Sakura\Perms\Site;
use Sakura\Rank;
use Sakura\Router;
use Sakura\Template;
use Sakura\User;
/**
@ -38,25 +36,17 @@ class UserController extends Controller
$check = DB::table('username_history')
->where('username_old_clean', clean_string($id, true, true))
->orderBy('change_id', 'desc')
->get();
->first();
// Redirect if so
if ($check) {
$message = "This user changed their username! Redirecting you to their new profile.";
$redirect = Router::route('user.profile', $check[0]->user_id);
Template::vars(compact('message', 'redirect'));
// Print page contents
return Template::render('global/information');
$redirect = route('user.profile', $check->user_id);
return view('global/information', compact('message', 'redirect'));
}
}
// Set parse variables
Template::vars(compact('profile'));
// Print page contents
return Template::render((isset($_GET['new']) ? '@aitemu/' : '') . 'user/profile');
return view((isset($_GET['new']) ? '@aitemu/' : '') . 'user/profile', compact('profile'));
}
/**
@ -68,7 +58,7 @@ class UserController extends Controller
{
// Check permission
if (!CurrentSession::$user->permission(Site::VIEW_MEMBERLIST)) {
return Template::render('global/restricted');
return view('global/restricted');
}
// Get all ranks
@ -92,11 +82,7 @@ class UserController extends Controller
// Get members per page
$membersPerPage = 30;
// Set parse variables
Template::vars(compact('ranks', 'rank', 'membersPerPage'));
// Render the template
return Template::render('user/members');
return view('user/members', compact('ranks', 'rank', 'membersPerPage'));
}
/**
@ -105,6 +91,6 @@ class UserController extends Controller
*/
public function report($id = 0)
{
return Template::render('user/report');
return view('user/report');
}
}

30
resources/views/aitemu/meta/index.twig
View file

@ -1,24 +1,22 @@
{% extends 'master.twig' %}
{% set banner_classes = "banner--insane landing__banner" %}
{% set banner = "https://i.flash.moe/7131467636550.jpg" %}
{% set banner_classes = user.isActive ? "banner--large" : "banner--insane landing__banner" %}
{% set banner = user.isActive ? route('user.header', user.id) : "https://i.flash.moe/7131467636550.jpg" %}
{% block banner_content %}
<div class="landing__inner">
<div class="landing__buttons">
<a href="{{ route('auth.register') }}" class="landing__button">register</a>
<a href="{{ route('auth.login') }}" class="landing__button">login</a>
{% if user.isActive %}
{% else %}
<div class="landing__inner">
<div class="landing__buttons">
<a href="{{ route('auth.register') }}" class="landing__button">register</a>
<a href="{{ route('auth.login') }}" class="landing__button">login</a>
</div>
<div class="landing__text">
<p>Welcome to my humble abode, it doesn't look like much but if you like rectangles this is the place for you.</p>
<p>Allow me to expound for five paragraphs on why you should join.</p>
</div>
</div>
<div class="landing__text">
<p>Welcome to my humble abode, it doesn't look like much but if you like rectangles this is the place for you.</p>
<p>Allow me to expound for five paragraphs on why you should join.</p>
<p>Paragraph 1.</p>
<p>Paragraph 2.</p>
<p>Paragraph 3.</p>
<p>Paragraph 4.</p>
<p>Paragraph 5.</p>
</div>
</div>
{% endif %}
{% endblock %}
{% block content %}

11
resources/views/yuuno/premium/error.twig Normal file
View file

@ -0,0 +1,11 @@
{% extends 'master.twig' %}
{% set title = 'Something went wrong!' %}
{% block content %}
<div class="content standalone" style="text-align: center;">
<h1 class="stylised" style="margin: 1em auto;">Something went wrong!</h1>
<h1 class="fa fa-exclamation-triangle stylised" style="font-size: 20em;"></h1>
<h3>Your account shouldn't have been charged yet, if it has contact staff ASAP.</h3>
</div>
{% endblock %}

6
resources/views/yuuno/premium/index.twig
View file

@ -14,12 +14,6 @@
} %}
{% block content %}
{% if get.fail %}
<div class="headerNotify">
<h1>The payment failed or was cancelled!</h1>
<p>Something went wrong while processing the transaction, your PayPal account wasn't charged.</p>
</div>
{% endif %}
<div class="content support">
<div class="head">Support {{ config('general.name') }}</div>
<div style="font-size: .9em; margin-bottom: 10px;">

30
routes.php
View file

@ -6,21 +6,20 @@
// Define namespace
namespace Sakura;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Phroute\Phroute\Exception\HttpRouteNotFoundException;
// Check if logged out
Router::filter('logoutCheck', function () {
if (CurrentSession::$user->isActive()) {
return view('global/information', [
'message' => "You must be logged out to do that!",
]);
throw new HttpRouteNotFoundException();
}
});
// Check if logged in
Router::filter('loginCheck', function () {
if (!CurrentSession::$user->isActive()) {
return view('global/information', [
'message' => "You must be logged in to do that!",
]);
throw new HttpMethodNotAllowedException();
}
});
@ -29,7 +28,7 @@ Router::filter('maintenance', function () {
if (config('general.maintenance')) {
CurrentSession::stop();
http_response_code(503);
return view('global/maintenance');
return view('errors/503');
}
});
@ -41,14 +40,14 @@ Router::group(['before' => 'maintenance'], function () {
// Auth
Router::group(['before' => 'logoutCheck'], function () {
Router::get('/login', 'AuthController@loginGet', 'auth.login');
Router::post('/login', 'AuthController@loginPost', 'auth.login');
Router::get('/register', 'AuthController@registerGet', 'auth.register');
Router::post('/register', 'AuthController@registerPost', 'auth.register');
Router::get('/resetpassword', 'AuthController@resetPasswordGet', 'auth.resetpassword');
Router::post('/resetpassword', 'AuthController@resetPasswordPost', 'auth.resetpassword');
Router::get('/reactivate', 'AuthController@reactivateGet', 'auth.reactivate');
Router::post('/reactivate', 'AuthController@reactivatePost', 'auth.reactivate');
Router::get('/login', 'AuthController@login', 'auth.login');
Router::post('/login', 'AuthController@login', 'auth.login');
Router::get('/register', 'AuthController@register', 'auth.register');
Router::post('/register', 'AuthController@register', 'auth.register');
Router::get('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::post('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::get('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::post('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::get('/activate', 'AuthController@activate', 'auth.activate');
});
Router::group(['before' => 'loginCheck'], function () {
@ -192,6 +191,7 @@ Router::group(['before' => 'maintenance'], function () {
// Premium
Router::group(['prefix' => 'support', 'before' => 'loginCheck'], function () {
Router::get('/', 'PremiumController@index', 'premium.index');
Router::get('/error', 'PremiumController@error', 'premium.error');
Router::get('/handle', 'PremiumController@handle', 'premium.handle');
Router::get('/complete', 'PremiumController@complete', 'premium.complete');
Router::post('/purchase', 'PremiumController@purchase', 'premium.purchase');