From 861c47d43e351dea1849db9042644cbd5ea2459e Mon Sep 17 00:00:00 2001 From: Banana Date: Sun, 25 Dec 2016 17:41:11 +0100 Subject: [PATCH] adding a link --- TODO | 1 + webroot/config.php | 6 +- webroot/index.php | 3 + webroot/lib/category.class.php | 94 ++++++++++++++++++++++++++++++++ webroot/lib/link.class.php | 70 ++++++++++++++++++++++++ webroot/lib/management.class.php | 1 + webroot/lib/summoner.class.php | 46 ++++++++++++++++ webroot/lib/tag.class.php | 66 ++++++++++++++++++++++ webroot/view/home.inc.php | 92 ++++++++++++++++++++++++++++++- webroot/view/home.php | 8 +-- 10 files changed, 381 insertions(+), 6 deletions(-) create mode 100644 webroot/lib/category.class.php create mode 100644 webroot/lib/link.class.php diff --git a/TODO b/TODO index 330cfec..d62704a 100755 --- a/TODO +++ b/TODO @@ -1,2 +1,3 @@ TODO / Feature list ========================================================================== ++ SQL transactions. \ No newline at end of file diff --git a/webroot/config.php b/webroot/config.php index baee4e1..a5369e5 100644 --- a/webroot/config.php +++ b/webroot/config.php @@ -31,4 +31,8 @@ define('DB_HOST','127.0.0.1'); define('DB_USERNAME','user'); define('DB_PASSWORD','test'); define('DB_NAME','insipid'); -define('DB_PREFIX','insipid'); # a _ is added automatically as seperation \ No newline at end of file +define('DB_PREFIX','insipid'); # a _ is added automatically as seperation + +# user config +define('FRONTEND_USERNAME','luke'); +define('FRONTEND_PASSWORD','thefather'); \ No newline at end of file diff --git a/webroot/index.php b/webroot/index.php index af5a94d..ccfe210 100644 --- a/webroot/index.php +++ b/webroot/index.php @@ -56,6 +56,9 @@ else { require('config.php'); require('lib/summoner.class.php'); require('lib/management.class.php'); +require('lib/tag.class.php'); +require('lib/category.class.php'); +require('lib/link.class.php'); ## main vars $Summoner = new Summoner(); diff --git a/webroot/lib/category.class.php b/webroot/lib/category.class.php new file mode 100644 index 0000000..a8f44dd --- /dev/null +++ b/webroot/lib/category.class.php @@ -0,0 +1,94 @@ + + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see http://www.gnu.org/licenses/gpl-3.0. + * + */ + +class Category { + /** + * the database object + * @var object + */ + private $DB; + + /** + * the current loaded category by DB id + * @var int + */ + private $id; + + public function __construct($databaseConnectionObject) { + $this->DB = $databaseConnectionObject; + } + + /** + * by given string load the info from the DB and even create if not existing + * @param string $string + */ + public function initbystring($string) { + if(!empty($string)) { + $queryStr = "SELECT id FROM `".DB_PREFIX."_category` + WHERE `name` = '".$this->DB->real_escape_string($string)."'"; + $query = $this->DB->query($queryStr); + if(!empty($query) && $query->num_rows > 0) { + $result = $query->fetch_assoc(); + $this->id = $result['id']; + } + else { + $queryStr = "INSERT INTO `".DB_PREFIX."_category` + SET `name` = '".$this->DB->real_escape_string($string)."'"; + $this->DB->query($queryStr); + if(!empty($this->DB->insert_id)) { + $this->id = $this->DB->insert_id; + } + } + } + } + + /** + * by given DB table id load all the info we need + * @param int $id + */ + public function initbyid($id) { + if(!empty($id)) { + $this->id = $id; + } + } + + /** + * set the relation to the given link to the loaded category + * @param int $linkid + * @return boolean + */ + public function setRelation($linkid) { + if(!empty($linkid) && !empty($this->id)) { + $queryStr = "INSERT IGNORE INTO `".DB_PREFIX."_categoryrelation` + SET `linkid` = '".$this->DB->real_escape_string($linkid)."', + `categoryid` = '".$this->DB->real_escape_string($this->id)."'"; + $this->DB->query($queryStr); + } + } +} + ?> \ No newline at end of file diff --git a/webroot/lib/link.class.php b/webroot/lib/link.class.php new file mode 100644 index 0000000..e61b5ae --- /dev/null +++ b/webroot/lib/link.class.php @@ -0,0 +1,70 @@ + + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see http://www.gnu.org/licenses/gpl-3.0. + * + */ + +class Link { + /** + * the database object + * @var object + */ + private $DB; + + /** + * the current loaded tag by DB id + * @var int + */ + private $id; + + public function __construct($databaseConnectionObject) { + $this->DB = $databaseConnectionObject; + } + + public function create($data) {} + + /** + * check if the given URL exists in the DB + * if so return the id. If not, return false + * @param string $link + * @return boolean|int + */ + public function exists($link) { + $ret = false; + + if(!empty($link)) { + $queryStr = "SELECT * FROM `".DB_PREFIX."_link` + WHERE `link` = '".$this->DB->real_escape_string($link)."'"; + $query = $this->DB->query($queryStr); + if(!empty($query) && $query->num_rows > 0) { + $result = $query->fetch_assoc(); + $ret = $result['id']; + } + } + + return $ret; + } +} + ?> \ No newline at end of file diff --git a/webroot/lib/management.class.php b/webroot/lib/management.class.php index dbdcb71..7567c90 100644 --- a/webroot/lib/management.class.php +++ b/webroot/lib/management.class.php @@ -76,6 +76,7 @@ class Management { return $ret; } + } ?> \ No newline at end of file diff --git a/webroot/lib/summoner.class.php b/webroot/lib/summoner.class.php index dac6c0f..010d92f 100644 --- a/webroot/lib/summoner.class.php +++ b/webroot/lib/summoner.class.php @@ -331,6 +331,52 @@ class Summoner { return $mediaInfos; } + + /** + * at creation a category or tag can be a string with multiple values. + * seperated with space or , + * category and tag is a single string without any seperators + * + * @param string $string + */ + static function prepareTagOrCategorieStr($string) { + $ret = array(); + + $string = trim($string, ", "); + if(strstr($string, ",")) { + $_t = explode(",", $string); + foreach($_t as $new) { + $ret[$new] = $new; + } + unset($_t); + unset($new); + + foreach($ret as $e) { + if(strstr($e, " ")) { + unset($ret[$e]); + $_t = explode(" ", $e); + foreach($_t as $new) { + $new = trim($new); + if(!empty($new)) { + $ret[$new] = $new; + } + } + } + } + } + else { + $_t = explode(" ", $string); + foreach($_t as $new) { + $new = trim($new); + if(!empty($new)) { + $ret[$new] = $new; + } + } + } + + + return $ret; + } } ?> diff --git a/webroot/lib/tag.class.php b/webroot/lib/tag.class.php index 6f33597..060b297 100644 --- a/webroot/lib/tag.class.php +++ b/webroot/lib/tag.class.php @@ -25,4 +25,70 @@ * along with this program. If not, see http://www.gnu.org/licenses/gpl-3.0. * */ + +class Tag { + /** + * the database object + * @var object + */ + private $DB; + + /** + * the current loaded tag by DB id + * @var int + */ + private $id; + + public function __construct($databaseConnectionObject) { + $this->DB = $databaseConnectionObject; + } + + /** + * by given string load the info from the DB and even create if not existing + * @param string $string + */ + public function initbystring($string) { + if(!empty($string)) { + $queryStr = "SELECT id FROM `".DB_PREFIX."_tag` + WHERE `name` = '".$this->DB->real_escape_string($string)."'"; + $query = $this->DB->query($queryStr); + if(!empty($query) && $query->num_rows > 0) { + $result = $query->fetch_assoc(); + $this->id = $result['id']; + } + else { + $queryStr = "INSERT INTO `".DB_PREFIX."_tag` + SET `name` = '".$this->DB->real_escape_string($string)."'"; + $this->DB->query($queryStr); + if(!empty($this->DB->insert_id)) { + $this->id = $this->DB->insert_id; + } + } + } + } + + /** + * by given DB table id load all the info we need + * @param int $id + */ + public function initbyid($id) { + if(!empty($id)) { + $this->id = $id; + } + } + + /** + * set the relation to the given link to the loaded tag + * @param int $linkid + * @return boolean + */ + public function setRelation($linkid) { + if(!empty($linkid) && !empty($this->id)) { + $queryStr = "INSERT IGNORE INTO `".DB_PREFIX."_tagrelation` + SET `linkid` = '".$this->DB->real_escape_string($linkid)."', + `tagid` = '".$this->DB->real_escape_string($this->id)."'"; + $this->DB->query($queryStr); + } + } +} ?> \ No newline at end of file diff --git a/webroot/view/home.inc.php b/webroot/view/home.inc.php index af4b756..6a40d96 100644 --- a/webroot/view/home.inc.php +++ b/webroot/view/home.inc.php @@ -40,12 +40,14 @@ if((isset($_POST['password']) && !empty($_POST['password'])) || (isset($_POST['u $honeypotCheck = true; } +# search or new one. if(isset($_POST['data']) && !empty($_POST['data']) && isset($_POST['submitsearch']) && $honeypotCheck === false) { $searchValue = trim($_POST['data']['searchfield']); $isUrl = Summoner::validate($searchValue,'url'); if($isUrl === true) { # search for URL - $queryStr = "SELECT * FROM"; + $queryStr = "SELECT * FROM `".DB_PREFIX."_link` + WHERE `link` = '".$DB->real_escape_string($searchValue)."'"; } elseif(Summoner::validate($searchValue,'text')) { # search for this in more then one field @@ -57,6 +59,10 @@ if(isset($_POST['data']) && !empty($_POST['data']) && isset($_POST['submitsearch } if(!empty($queryStr)) { + $query = $DB->query($queryStr); + if(!empty($query) && $query->num_rows > 0) { + $searchResult = $query->fetch_all(MYSQLI_ASSOC); + } } # new one? @@ -72,6 +78,90 @@ if(isset($_POST['data']) && !empty($_POST['data']) && isset($_POST['submitsearch $showAddForm = true; $formData['url'] = $searchValue; } + elseif(!empty($searchResult)) { + # something has been found + } + else { + # nothing found + $submitFeedback['message'] = 'Nothing found...'; + $submitFeedback['status'] = 'error'; + } +} + +# add a new one +if(isset($_POST['data']) && !empty($_POST['data']) && isset($_POST['addnewone']) && $honeypotCheck === false) { + $fData = $_POST['data']; + + $formData['private'] = 2; + if(isset($fData['private'])) { + $formData['private'] = 1; + } + + $formData['url'] = trim($fData['url']); + $formData['description'] = trim($fData['description']); + $formData['title'] = trim($fData['title']); + $formData['image'] = trim($fData['image']); + $formData['category'] = trim($fData['category']); + $formData['tag'] = trim($fData['tag']); + $username = trim($fData['username']); + $password = trim($fData['password']); + + $isUrl = Summoner::validate($formData['url'],'url'); + + if($isUrl === true && !empty($formData['title']) && $username === FRONTEND_USERNAME && $password === FRONTEND_PASSWORD) { + $queryStr = "INSERT IGNORE INTO `".DB_PREFIX."_link` SET + `link` = '".$DB->real_escape_string($formData['url'])."', + `created` = NOW(), + `status` = '".$DB->real_escape_string($formData['private'])."', + `description` = '".$DB->real_escape_string($formData['description'])."', + `title` = '".$DB->real_escape_string($formData['title'])."', + `image` = '".$DB->real_escape_string($formData['image'])."', + `hash` = '".$DB->real_escape_string(md5($formData['url']))."'"; + $DB->query($queryStr); + $linkID = $DB->insert_id; + + var_dump($linkID); + + if(!empty($linkID)) { + + # categories and tag stuff + $catArr = Summoner::prepareTagOrCategorieStr($formData['category']); + $tagArr = Summoner::prepareTagOrCategorieStr($formData['tag']); + + if(!empty($catArr)) { + foreach($catArr as $c) { + $catObj = new Category($DB); + $catObj->initbystring($c); + $catObj->setRelation($linkID); + + unset($catObj); + } + } + if(!empty($tagArr)) { + foreach($tagArr as $t) { + $tagObj = new Tag($DB); + $tagObj->initbystring($t); + $tagObj->setRelation($linkID); + + unset($tagObj); + } + } + + $submitFeedback['message'] = 'Link added successfully.'; + $submitFeedback['status'] = 'success'; + $TemplateData['refresh'] = 'index.php?p=showlink&id='.$linkID; + } + else { + $submitFeedback['message'] = 'Something went wrong...'; + $submitFeedback['status'] = 'error'; + $showAddForm = true; + } + } + else { + $submitFeedback['message'] = 'Please provide a valid URL, title, username and password.'; + $submitFeedback['status'] = 'error'; + $showAddForm = true; + } } $existingCategories = $Management->categories(); diff --git a/webroot/view/home.php b/webroot/view/home.php index 60ff137..751f145 100644 --- a/webroot/view/home.php +++ b/webroot/view/home.php @@ -112,7 +112,7 @@