custom config

2024-12-21 06:19:38 +08:00 · 2016-02-04 17:28:59 +08:00 · 2016-02-04 17:28:59 +08:00 · 5e8a50495f
commit 5e8a50495f
parent b8588bf7f9 a2758c013a
12 changed files with 333 additions and 30 deletions
--- a/admin/admin_ajax.php
+++ b/admin/admin_ajax.php
@ -0,0 +1,67 @@
+<?php
+/**
+ * @Author: prpr
+ * @Date:   2016-02-04 13:53:55
+ * @Last Modified by:   prpr
+ * @Last Modified time: 2016-02-04 17:14:06
+ */
+session_start();
+$dir = dirname(dirname(__FILE__));
+require "$dir/includes/autoload.inc.php";
+require "$dir/config.php";
+
+if(isset($_COOKIE['uname']) && isset($_COOKIE['token'])) {
+    $_SESSION['uname'] = $_COOKIE['uname'];
+    $_SESSION['token'] = $_COOKIE['token'];
+}
+
+/**
+ * Check token, won't allow non-admin user to access
+ */
+if (isset($_SESSION['uname'])) {
+    $admin = new user($_SESSION['uname']);
+    if ($_SESSION['token'] != $admin->getToken()) {
+        header('Location: ../index.php?msg=Invalid token. Please login.');
+    } else if (!$admin->is_admin) {
+        header('Location: ../index.php?msg=Looks like that you are not administrator :(');
+    }
+} else {
+    header('Location: ../index.php?msg=Illegal access. Please login.');
+}
+
+/*
+ * No protection here,
+ * I don't think you wanna fuck yourself :(
+ */
+if (isset($_GET['action'])) {
+    $action = $_GET['action'];
+    $user = new user($_GET['uname']);
+
+    if ($action == "upload") {
+        $type = isset($_GET['type']) ? $_GET['type'] : "skin";
+        $file = isset($_FILES['file']) ? $_FILES['file'] : null;
+        if (!is_null($file)) {
+            if ($user->setTexture($type, $file)) {
+                $json['errno'] = 0;
+                $json['msg'] = "Skin uploaded successfully.";
+            } else {
+                $json['errno'] = 1;
+                $json['msg'] = "Uncaught error.";
+            }
+        } else {
+            utils::raise(1, 'No input file selected');
+        }
+    } else if ($action == "change") {
+        if (user::checkValidPwd($_POST['passwd'])) {
+            $user->changePasswd($_POST['passwd']);
+            $json['errno'] = 0;
+            $json['msg'] = "Password of ".$_GET['uname']." changed successfully.";
+        } // Will raise exception if password invalid
+    } else if ($action == "delete") {
+        $user->unRegister();
+        $json['errno'] = 0;
+        $json['msg'] = "Account successfully deleted.";
+    }
+}
+
+echo json_encode($json);
--- a/admin/index.php
+++ b/admin/index.php
@ -1,10 +1,115 @@
-<!DOCTYPE HTML>
+<?php
+/**
+ * @Author: prpr
+ * @Date:   2016-02-03 14:39:50
+ * @Last Modified by:   prpr
+ * @Last Modified time: 2016-02-04 16:56:34
+ */
+
+session_start();
+$dir = dirname(dirname(__FILE__));
+require "$dir/includes/autoload.inc.php";
+require "$dir/config.php";
+
+if(isset($_COOKIE['uname']) && isset($_COOKIE['token'])) {
+    $_SESSION['uname'] = $_COOKIE['uname'];
+    $_SESSION['token'] = $_COOKIE['token'];
+}
+
+if (isset($_SESSION['uname'])) {
+    $admin = new user($_SESSION['uname']);
+    if ($_SESSION['token'] != $admin->getToken()) {
+        header('Location: ../index.php?msg=Invalid token. Please login.');
+    } else if (!$admin->is_admin) {
+        header('Location: ../index.php?msg=Looks like that you are not administrator :(');
+    }
+} else {
+    header('Location: ../index.php?msg=Illegal access. Please login.');
+}
+?>
+
+<!DOCTYPE html>
 <html>
 <head>
-	<title>Console - Blessing Skin Server 0.1</title>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Console - Blessing Skin Server</title>
+    <link rel="shortcut icon" href="../assets/images/favicon.ico">
+    <link rel="stylesheet" href="../libs/pure/pure-min.css">
+    <link rel="stylesheet" href="../libs/pure/grids-responsive-min.css">
+    <link rel="stylesheet" href="../assets/css/style.css">
+    <link rel="stylesheet" href="../assets/css/profile.style.css">
+    <link rel="stylesheet" href="../assets/css/admin.style.css">
+    <link rel="stylesheet" href="../libs/ply/ply.css">
 </head>

 <body>
-	<h2>Console</h2>
+<div class="header">
+    <div class="home-menu pure-menu pure-menu-horizontal pure-menu-fixed">
+        <a class="pure-menu-heading" href="../index.php">Blessing Skin Server</a>
+        <ul class="pure-menu-list">
+            <li class="pure-menu-item">
+                <a class="pure-menu-link" href="../user/profile.php">Profile</a>
+            </li>
+            <li class="pure-menu-item">
+                    <a href="javascript:;" class="pure-menu-link">Welcome, <?php echo $_SESSION['uname']; ?>!</a>
+             </li>
+        </ul>
+        <div class="home-menu-blur">
+            <div class="home-menu-wrp">
+                <div class="home-menu-bg"></div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<div class="container">
+    <table class="pure-table pure-table-horizontal">
+        <thead>
+            <tr>
+                <th>#</th>
+                <th>Username</th>
+                <th>Preview Textures</th>
+                <th>Change Textures</th>
+                <th>Opreation</th>
+            </tr>
+        </thead>
+
+        <tbody>
+            <?php
+            $db = new database();
+            $result = $db->query("SELECT * FROM users");
+            while ($row = $result->fetch_array()) { ?>
+            <tr>
+                <td><?php echo $row['uid']; ?></td>
+                <td><?php echo $row['username']; ?></td>
+                <td>
+                    <?php echo '<img id="'.$row['username'].'_skin" width="64" '.(($row['skin_hash'] == "") ? '' : 'src="http://skin.fuck.io/skin/'.$row['username'].'.png"').'/>'; ?>
+                    <?php echo '<img id="'.$row['username'].'_cape" width="64" '.(($row['cape_hash'] == "") ? '' : 'src="http://skin.fuck.io/cape/'.$row['username'].'.png"').'/>'; ?>
+                </td>
+                <td>
+                    <a href="javascript:showUpload('<?php echo $row['username'] ?>', 'skin');" class="pure-button pure-button-primary">Skin</a>
+                    <a href="javascript:showUpload('<?php echo $row['username'] ?>', 'cape');" class="pure-button pure-button-primary">Cape</a>
+                </td>
+                <td>
+                    <a href="javascript:showChange('<?php echo $row['username'] ?>');" class="pure-button pure-button-default">Password</a>
+                    <a href="javascript:showDelete('<?php echo $row['username'] ?>');" class="pure-button pure-button-error">Delete</a>
+                </td>
+            </tr>
+            <?php } ?>
+        </tbody>
+    </table>
+</div>
+
+<div class="footer">
+    &copy; <a class="copy" href="https://prinzeugen.net">Blessing Studio</a> 2016
+</div>
+
+</body>
+<script type="text/javascript" src="../libs/jquery/jquery-2.1.1.min.js"></script>
+<script type="text/javascript" src="../libs/ply/ply.min.js"></script>
+<script type="text/javascript" src="../assets/js/utils.js"></script>
+<script type="text/javascript" src="../assets/js/admin.utils.js"></script>
+</html>
 </body>
 </html>
--- a/admin/install.lock
+++ b/admin/install.lock
@ -0,0 +1 @@
+1454430305
--- a/assets/css/admin.style.css
+++ b/assets/css/admin.style.css
@ -0,0 +1,26 @@
+/*
+* @Author: prpr
+* @Date:   2016-02-04 16:47:54
+* @Last Modified by:   prpr
+* @Last Modified time: 2016-02-04 16:48:04
+*/
+.pure-table {
+    margin: 80px auto 0;
+    width: 100%;
+    background-color: #fff;
+}
+.pure-button {
+    width: inherit;
+    margin: 0 10px 0 0 !important;
+}
+.pure-button-error {
+    background: rgb(202, 60, 60);
+    color: #fff;
+}
+input {
+    width: 100%;
+    margin: 10px 0 20px;
+}
+.fw {
+    width: 100%;
+}
--- a/assets/css/user.style.css
+++ b/assets/css/user.style.css
@ -2,7 +2,7 @@
 * @Author: prpr
 * @Date:   2016-01-21 19:12:06
 * @Last Modified by:   prpr
-* @Last Modified time: 2016-02-03 16:39:42
+* @Last Modified time: 2016-02-04 12:56:15
 */

 .home-menu-blur {
@ -66,7 +66,7 @@ body {

 .upload-container {
 	color: #333;
-	margin-top: 35%;
+	margin-top: 30%;
 	margin-right: 30%;
 	border: #989898 1px solid;
 	border-radius: 4px;
--- a/assets/js/admin.utils.js
+++ b/assets/js/admin.utils.js
@ -0,0 +1,85 @@
+/*
+* @Author: prpr
+* @Date:   2016-02-04 16:48:42
+* @Last Modified by:   prpr
+* @Last Modified time: 2016-02-04 17:09:20
+*/
+
+'use strict';
+
+function showUpload(uname, type) {
+    var ply = new Ply({
+        el: '<h2>Upload new '+type+':</h2><input type="file" id="file" accept="image/png"><button id="upload" class="pure-button pure-button-primary fw">Upload</button>',
+        effect: "fade",
+        onaction: function(){ upload(uname, type, $('#file').get(0).files[0]); },
+    });
+    ply.open();
+}
+
+function upload(uname, type, file){
+    var form_data = new FormData();
+    if (file) {
+        form_data.append('file', file);
+        $.ajax({
+            type: 'POST',
+            contentType: false,
+            url: 'admin_ajax.php?action=upload&type='+type+'&uname='+uname,
+            dataType: "json",
+            data: form_data,
+            processData: false,
+            success: function(json) {
+                if (json.errno == 0) {
+                    showAlert("Successfully uploaded.");
+                    $('#'+uname+'_'+type).attr('src', 'http://skin.fuck.io/'+type+'/'+uname+'.png?t='+Math.random());
+                } else {
+                    showAlert("Error when uploading cape:\n" + json.msg);
+                }
+            }
+        });
+    }
+}
+
+function showAlert(msg) {
+    Ply.dialog("alert", msg);
+}
+
+function showChange(uname) {
+    Ply.dialog("prompt", {
+        title: "Type in "+uname+"'s new password",
+        form: { passwd: "New Password" }
+    }).done(function(ui){
+        var passwd = ui.data.passwd;
+        $.ajax({
+            type: "POST",
+            url: "admin_ajax.php?action=change&uname="+uname,
+            dataType: "json",
+            data: { "passwd": passwd },
+            success: function(json) {
+                if (json.errno == 0) {
+                    showAlert(json.msg);
+                } else {
+                    showAlert(json.msg);
+                }
+            }
+        });
+    });
+}
+
+function showDelete(uname) {
+    Ply.dialog("prompt", {
+        title: "Are you sure to delete "+uname+"?",
+    }).done(function(ui){
+        $.ajax({
+            type: "POST",
+            url: "admin_ajax.php?action=delete&uname="+uname,
+            dataType: "json",
+            success: function(json) {
+                if (json.errno == 0) {
+                    showAlert(json.msg);
+                } else {
+                    showAlert(json.msg);
+                }
+            }
+        });
+    });
+}
--- a/assets/js/index.utils.js
+++ b/assets/js/index.utils.js
@ -2,7 +2,7 @@
 * @Author: prpr
 * @Date:   2016-01-21 13:55:44
 * @Last Modified by:   prpr
-* @Last Modified time: 2016-02-03 21:40:41
+* @Last Modified time: 2016-02-04 12:34:37
 */

 'use strict';
@ -52,17 +52,20 @@ var register = function() {
                showMsg("alert-info", "Registering...");
            },
            success: function(json) {
-                    if (json.errno == 0) {
-                    showAlert(json.msg + " Please log in.", function(){
+                if (json.errno == 0) {
+                    showAlert(json.msg, function(){
                        showMsg('hide', "");
                        $('[data-remodal-id=register-modal]').remodal().close();
-                        $('[data-remodal-id=login-modal]').remodal().open();
+                        // Automatically login after registeration
+                        $("#uname").val(uname);
+                        $("#passwd").val(passwd);
+                        login();
                    });
                } else {
                    showAlert(json.msg);
                    showMsg('hide', "");
                }
-                }
+            }
        });
    }
 }
@ -125,3 +128,4 @@ $("body").on("keypress", "[data-remodal-id=register-modal]", function(event){
 $("body").on("keypress", "[data-remodal-id=login-modal]", function(event){
    if (event.which == 13) login();
 }).on("click", "#login-button", login);
+
--- a/config.php
+++ b/config.php
@ -1,18 +1,21 @@
 <?php
-/* Blessing Skin Server 数据库的名称 */
+/* Blessing Skin Server Database Name */
 define('DB_NAME', 'skin');

-/* MySQL 数据库用户名 */
+/* MySQL Username */
 define('DB_USER', 'skin');

-/* MySQL 数据库密码 */
+/* MySQL Password */
 define('DB_PASSWD', 'y92aTw2CmsJm9ZaU');

-/* MySQL 主机 */
+/* MySQL Host */
 define('DB_HOST', 'localhost');

-/* 盐，用于 token 验证，自行修改 */
+/* Salt for encrypting token, Change it to any random string */
 define('SALT', '9tvsh55d*s');

-/* 同一 IP 可注册的账户数 */
+/* Max amount of accounts per IP */
 define('REGS_PER_IP', 2);
+
+/* Do not change this */
+define('DIR', dirname(__FILE__));
--- a/includes/user.class.php
+++ b/includes/user.class.php
@ -3,7 +3,7 @@
 * @Author: printempw
 * @Date:   2016-01-16 23:01:33
 * @Last Modified by:   prpr
- * @Last Modified time: 2016-02-03 21:13:05
+ * @Last Modified time: 2016-02-04 13:48:48
 */

 class user
@ -68,9 +68,9 @@ class user
    }

    public function unRegister() {
-        if (is_null($this->getTexture('skin')))
+        if ($this->getTexture('skin') != "")
            utils::remove("./textures/".$this->getTexture('skin'));
-        if (is_null($this->getTexture('skin')))
+        if ($this->getTexture('skin') != "")
            utils::remove("./textures/".$this->getTexture('cape'));
        return $this->db->delete($this->uname);
    }
--- a/includes/utils.class.php
+++ b/includes/utils.class.php
@ -3,7 +3,7 @@
 * @Author: printempw
 * @Date:   2016-01-16 23:01:33
 * @Last Modified by:   prpr
- * @Last Modified time: 2016-02-03 15:52:39
+ * @Last Modified time: 2016-02-04 16:20:19
 */

 class utils
@ -29,9 +29,9 @@ class utils
     * @return string $hash, sha256 hash of file
     */
    public static function upload($file) {
-        move_uploaded_file($file["tmp_name"], "./textures/tmp.png");
-        $hash = hash_file('sha256', "./textures/tmp.png");
-        rename("./textures/tmp.png", "./textures/".$hash);
+        move_uploaded_file($file["tmp_name"], DIR."/textures/tmp.png");
+        $hash = hash_file('sha256', DIR."/textures/tmp.png");
+        rename(DIR."/textures/tmp.png", DIR."/textures/".$hash);
        return $hash;
    }

--- a/user/index.php
+++ b/user/index.php
@ -49,15 +49,15 @@ if (isset($_SESSION['uname'])) {
        <a href="javascript:;" title="Running"><span class="glyphicon glyphicon-forward"></span></a>
        <a href="javascript:;" title="Rotation"><span class="glyphicon glyphicon-repeat"></span></a>
        <ul class="pure-menu-list">
-            <li class="pure-menu-item">
-                    <a href="javascript:;" class="pure-menu-link">Welcome, <?php echo $_SESSION['uname']; ?>!</a>
-             </li>
             <li class="pure-menu-item">
                 <a class="pure-menu-link" href="profile.php">Profile</a>
             </li>
             <li class="pure-menu-item">
                 <a class="pure-menu-link" id="logout" href="javascript:;">Log out?</a>
             </li>
+             <li class="pure-menu-item">
+                 <a href="javascript:;" class="pure-menu-link">Welcome, <?php echo $_SESSION['uname']; ?>!</a>
+             </li>
        </ul>
        <div class="home-menu-blur">
            <div class="home-menu-wrp">
@ -85,10 +85,10 @@ if (isset($_SESSION['uname'])) {
        <h2 class="upload-title">Upload</h2>
            <div id="upload-form">
                <p>Select a skin:</p>
-                <input type=file id="skininput" name="skininput" accept="image/png">
+                <input type="file" id="skininput" name="skininput" accept="image/png">
                <br />
                <p>Select a cape:</p>
-                <input type=file id="capeinput" name="capeinput" accept="image/png">
+                <input type="file" id="capeinput" name="capeinput" accept="image/png">
                <br /><br />
                <button id="upload" class="pure-button pure-button-primary">Upload</button>
                <a href="?action=preview" class="pure-button">Preview</a>
@ -119,7 +119,9 @@ if (isset($_SESSION['uname'])) {
                    <br />
                    <p>Select a cape:</p>
                    <input type=file id="capeinput" name="capeinput" accept="image/png">
-                    <br /><br />
+                    <br />
+                    <p>Well, the skin server <b>does</b> support double layer skin of 1.8, but the preview <b>does not</b>. So just upload and you will get it display well in game.</p>
+
                    <button id="upload" class="pure-button pure-button-primary">Upload</button>
                    <a id="preview" href="?action=preview" class="pure-button">Preview</a>
                </div>
--- a/user/profile.php
+++ b/user/profile.php
@ -3,7 +3,7 @@
 * @Author: prpr
 * @Date:   2016-02-03 16:12:45
 * @Last Modified by:   prpr
- * @Last Modified time: 2016-02-03 23:15:41
+ * @Last Modified time: 2016-02-04 12:51:07
 */

 session_start();
@ -98,6 +98,16 @@ if (isset($_SESSION['uname'])) {
                </div>
            </div>
        </div>
+        <?php if ($user->is_admin) { ?>
+        <div class="pure-u-1 pure-u-md-1-2">
+            <div class="panel panel-default">
+                <div class="panel-heading">Welcome, administrator.</div>
+                <div class="panel-body">
+                    <p>Here manage your site: <a href="../admin/">Console</a></p>
+                </div>
+            </div>
+        </div>
+        <?php } ?>
    </div>
 </div>