From 57097a3c8a51abe516a35b31954f0fbf37693777 Mon Sep 17 00:00:00 2001
From: ui0ppk <113091876+ui0ppk@users.noreply.github.com>
Date: Tue, 24 Jan 2023 21:45:10 +0200
Subject: [PATCH] Registering + Config + Code Cleanup

---
 core/classes.php      | 58 ++++++++++++++++++++++++++++++---------
 core/classes/user.php | 54 ++++++++++++++++++++++++++++++++++++
 core/config.php       |  5 ++++
 index.php             |  4 +--
 login.php             | 64 +++++++++++++++++++++++++++++++++++++++++++
 logout.php            |  6 ++++
 register.php          | 51 ++++++++++++++++++++--------------
 7 files changed, 206 insertions(+), 36 deletions(-)
 create mode 100644 core/classes/user.php
 create mode 100644 logout.php

diff --git a/core/classes.php b/core/classes.php
index 49f00eb..0f329d2 100644
--- a/core/classes.php
+++ b/core/classes.php
@@ -1,5 +1,10 @@
 <?php
-namespace classes;
+ini_set('session.cookie_secure', '1');
+ini_set('session.cookie_lifetime', '2592000');
+ob_start(); //Turns on output buffering 
+session_start();
+require('core/config.php');
+
 class PartyStarter {
 	// creates header
 	function header()
@@ -10,46 +15,73 @@ class PartyStarter {
 		echo '<link rel="stylesheet" href="css/bootstrap.min.css">';
 	}
 	function buildloggedoutheader() {
+		require('core/config.php');
+		if(isset($_SESSION['user'])) {
+	 $query = $con->prepare('SELECT money FROM users WHERE id=:id');
+	 $query->bindParam(':id', $id);
+     $query->execute();	
+     $money = $query->fetch(PDO::FETCH_ASSOC)["money"];
+		
+		if ($money < 1000000) {
+         // Anything less than a million
+         $money = number_format($money);
+        } else if ($money < 1000000000) {
+         // Anything less than a billion
+         $money = number_format($money / 1000000, 1) . 'M';
+        } else {
+         // At least a billion
+         $money = number_format($money / 1000000000, 1) . 'B';
+        
+		}
+		// messy shit sorry mario1 fix it urself :trol:
+		
+	     $rightside = '<li class="nav-item"><a class="nav-link">'.$money.'</a></li>        <li class="nav-item">
+          <a class="nav-link" href="/logout">Logout</a>
+        </li>';
+        } else {
+	     $rightside = '
+        <li class="nav-item">
+          <a class="nav-link" href="/register">Register</a>
+        </li>
+        <li class="nav-item">
+          <a class="nav-link" href="/login">Login</a>
+        </li>';
+        }
+	    echo '<style> body, html { background-color: #2b3036; } </style>';
 		echo '<link rel="stylesheet" href="css/bootstrap.min.css">
 <nav class="navbar navbar-expand-lg navbar-light" style="background-color: #ff7700;">
   <div class="container-fluid">
-    <a class="navbar-brand" href="/"><img src="https://i.ytimg.com/vi/eAx4X7UtLoE/maxresdefault.jpg" width="30" height="30" class="d-inline-block align-top" alt=""> Grublox</a>
+    <a class="navbar-brand" href="/"><img src="/assets/win7.png" width="30" height="30" class="d-inline-block align-top" alt=""> '.$sitename.' </a>
     <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarColor03" aria-controls="navbarColor03" aria-expanded="false" aria-label="Toggle navigation">
       <span class="navbar-toggler-icon"></span>
     </button>
     <div class="collapse navbar-collapse" id="navbarColor03">
       <ul class="navbar-nav me-auto ml-auto" style="color: #FFFFFF;">
         <li class="nav-item" style="color: #FFFFFF;">
-          <a class="nav-link active" href="/home">Home</a>
+          <a class="nav-link active" href="/home">Home
             <span class="visually-hidden">(current)</span>
           </a>
         </li>
         <li class="nav-item">
-          <a class="nav-link" href="#">Games</a>
+          <a class="nav-link" href="/games">Games</a>
         </li>
         <li class="nav-item">
-          <a class="nav-link" href="#">Catalog</a>
+          <a class="nav-link" href="/catalog">Catalog</a>
         </li>
         <li class="nav-item">
-          <a class="nav-link" href="#">About</a>
+          <a class="nav-link" href="/about">About</a>
         </li>
       </ul>
       <ul class="navbar-nav">
         <li class="nav-item">
         </li>
-        <li class="nav-item">
-          <a class="nav-link" href="/register">Register</a>
-        </li>
-        <li class="nav-item">
-          <a class="nav-link" href="/login">Login</a>
-        </li>
+'.$rightside.'
       </ul>
     </div>
   </div>
 </nav>';
 	}
 	
-// Contributed by qzip! remove if noob.
 
 }
 ?>
\ No newline at end of file
diff --git a/core/classes/user.php b/core/classes/user.php
new file mode 100644
index 0000000..877a391
--- /dev/null
+++ b/core/classes/user.php
@@ -0,0 +1,54 @@
+<?php
+class User {
+// Contributed by qzip! remove if noob.
+
+    private $con, $sqlData;
+
+    public function __construct($con, $id) {
+	 $query = $con->prepare('SELECT * FROM users WHERE id=:id');
+	 $query->bindParam(':id', $id);
+     $query->execute();	
+     $this->sqlData = $query->fetch(PDO::FETCH_ASSOC);
+    }
+
+    public static function isLoggedIn() {
+        return isset($_SESSION["user"]);
+    }
+	
+	public function getMoney($short) {
+	    if ($short == "true") {
+        $money = $this->$query->sqlData["money"];
+		
+		if ($money < 1000000) {
+         // Anything less than a million
+         return number_format($money);
+        } else if ($money < 1000000000) {
+         // Anything less than a billion
+         return number_format($money / 1000000, 1) . 'M';
+        } else {
+         // At least a billion
+         return number_format($money / 1000000000, 1) . 'B';
+        
+		}
+		} else {
+		return $this->$query->sqlData["money"];
+		}
+    }
+	
+	public function getID($con, $username) {
+	    $query = $con->prepare('SELECT id FROM users WHERE username=:username');
+	    $query->bindParam(':username', $username);
+        $query->execute();	
+        $id = $query->fetch(PDO::FETCH_ASSOC);
+		return $id['id'];
+	}
+	
+	public function getUsername() {
+		return $this->sqlData["username"];
+	}
+	
+	public function getPassword() {
+		return $this->sqlData["password"];
+	}
+	
+}
\ No newline at end of file
diff --git a/core/config.php b/core/config.php
index e0fa65b..e20d82a 100644
--- a/core/config.php
+++ b/core/config.php
@@ -1,4 +1,9 @@
 <?php
+// settingz
+$sitename = "Grublox";
+$version = 1.0;
+$maintainers = Array("Mario1", "qzip");
+
      try {
       $con = new PDO("mysql:dbname=grublox;host=localhost", "root", "");
       $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
diff --git a/index.php b/index.php
index 964bed1..cd690c9 100644
--- a/index.php
+++ b/index.php
@@ -25,8 +25,8 @@ body {
   width: 50%;
 }
 </style>
-<title>undefined</title>
-<div class="text-and-stuff"><h1>undefined</h1>
+<title><?php echo $sitename; ?></title>
+<div class="text-and-stuff"><h1><?php echo $sitename; ?></h1>
 <h3>the funny website with</h3>
 <a type="button" class="btn btn-dark" href="/register">Register</a>
 <a type="button" class="btn btn-dark" href="/login">Login</a></div>
diff --git a/login.php b/login.php
index e69de29..0ffc495 100644
--- a/login.php
+++ b/login.php
@@ -0,0 +1,64 @@
+<!DOCTYPE html>
+<html>
+<head>
+<?php
+require_once 'core/classes.php';
+require_once 'core/classes/User.php';
+require_once 'core/config.php';
+
+$getitstarted = new PartyStarter;
+$getitstarted->buildloggedoutheader();
+$passwordiswrong = false;
+if(isset($_POST['submit'])) {
+	$username = $_POST['username'];
+	$password = $_POST['pass'];
+	$password = password_hash($password, PASSWORD_DEFAULT);
+	$user = new User($con, $user->getID($con, $username));
+	
+	$query = $con->prepare('SELECT COUNT(*) FROM users WHERE username=:username');
+	$query->bindParam(':username', $username);
+    $query->execute();
+	$result = $query->fetchColumn();
+	if ($result > 0) {
+	if ($password == $user->getPassword($con, $username)) {
+	$_SESSION["user"] = $user->getID($con, $username);
+	} else {
+	$passwordiswrong = true;
+	echo $password." - sex - ".$user->getPassword($con, $username);
+    }
+	}
+}
+$result = file_get_contents("https://useless-facts.sameerkumar.website/api");
+$thefunfact = json_decode($result);
+?>
+<link rel="stylesheet" href="css/register.css">
+</head>
+<body>
+<form action="" method="post">
+<div class="card  mb-3 bg-dark" style="max-height: 19rem;">
+  <h3 class="card-header bg-dark text-light">Login</h3>
+  </svg>
+  <div class="card-body bg-dark text-light">
+  <label class="col-form-label col-form-label-sm mt-4 username text-light" for="inputSmall">Username</label>
+  <input class="form-control form-control-sm" type="text" placeholder="Your username" id="inputSmall" for="inputValid" name="username">
+  <label class="col-form-label col-form-label-sm mt-4 password text-light" for="inputSmall">Password</label>
+  <input class="<?php if($passwordiswrong == true) {
+	  echo "form-control is-invalid";
+  } else {
+echo "form-control form-control-sm";
+  }	?>" type="password" placeholder="Your password (Minmum 8 characters)" id="inputSmall" name="pass">
+  <?php if($passwordiswrong == true) {
+	  echo '<div class="invalid-feedback" bis_skin_checked="1">Password is incorrect.</div>';
+  } ?>
+  <button type="submit" class="btn btn-secondary text-light" name="submit">Login</button><br>
+  </div>
+</div>
+</form>
+<div class="card text-white bg-dark mb-3" style="max-width: 20rem;">
+  <div class="card-header">Random useless fact generator</div>
+  <div class="card-body">
+    <p class="card-text"><?php echo $thefunfact->{"data"}; ?></p>
+  </div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..382feb0
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,6 @@
+<?php
+ob_start(); //Turns on output buffering 
+session_start();
+
+unset($_SESSION["user"]);
+header("Location: /");
\ No newline at end of file
diff --git a/register.php b/register.php
index e64fa55..734b6f8 100644
--- a/register.php
+++ b/register.php
@@ -1,22 +1,21 @@
+<!DOCTYPE html>
+<html>
+<head>
 <?php
 require_once 'core/classes.php';
-use classes\PartyStarter as PartyStarter;
+require_once 'core/classes/User.php';
 require_once 'core/config.php';
 
 $getitstarted = new PartyStarter;
 $getitstarted->buildloggedoutheader();
 $passwordconfirmiswrong = false;
 $passwordistooshort = false;
+$userexists = false;
 if(isset($_POST['submit'])) {
 	$username = $_POST['username'];
 	$password = $_POST['pass'];
 	$passwordconfirm = $_POST['passconfirm'];
-	echo "ur username: " . $username;
-	echo "<br/>";
-	echo "ur password: " . $password;
-	echo "<br/>";
-	echo "ur passwordconfirm: " . $passwordconfirm;
-	echo "<br/>";
+	$user = new User($con, $user->getID($con, $username));
 	if ($password == $passwordconfirm) {
       $passwordconfirmiswrong = false;
 	} else {
@@ -30,37 +29,46 @@ if(isset($_POST['submit'])) {
 	}
 	if ($passwordistooshort == false && $passwordconfirmiswrong == false) {
 			$password = password_hash($password, PASSWORD_DEFAULT);
-			echo $password;
-			echo "<br/>";
 			$query = $con->prepare('SELECT COUNT(*) FROM users WHERE username=:username');
 			$query->bindParam(':username', $username);
             $query->execute();
 			$result = $query->fetchColumn();
 			if ($result == 0) {
-  	        echo "No results, continue. ";
 			$query = $con->prepare('INSERT INTO users (username, password) VALUES (:username, :password)');
 			$query->bindParam(':username', $username);
 			$query->bindParam(':password', $password);
             $query->execute();
+			$_POST['success'] = 1;
+			header("Location: /register.php");
   	        } else {
-  	        echo "Nope, you stay.";
+              $userexists = true;
   	        }
 
 	}
 }
+if(isset($_POST['success']) && $_POST['success'] == 1) {
+$username = $_POST['username'];
+$_SESSION["user"] = $user->getID($con, $username);	
+}
 $result = file_get_contents("https://useless-facts.sameerkumar.website/api");
 $thefunfact = json_decode($result);
 ?>
-<div class="bg-dark">
 <link rel="stylesheet" href="css/register.css">
+</head>
+<body>
 <form action="" method="post">
-<div class="card mb-3">
-  <h3 class="card-header">Registration</h3>
+<div class="card mb-3 bg-dark">
+  <h3 class="card-header bg-dark text-light">Registration</h3>
   </svg>
-  <div class="card-body">
-  <label class="col-form-label col-form-label-sm mt-4 username" for="inputSmall">Username</label>
-  <input class="form-control form-control-sm" type="text" placeholder="Your username" id="inputSmall" for="inputValid" name="username">
-  <label class="col-form-label col-form-label-sm mt-4 password" for="inputSmall">Password</label>
+  <div class="card-body bg-dark text-light">
+  <label class="col-form-label col-form-label-sm mt-4 username text-light" for="inputSmall">Username</label>
+  <input class="<?php if($userexists == true) {
+	  echo "form-control is-invalid";
+  } else {
+echo "form-control form-control-sm";
+  }	?>" type="text" placeholder="Your username" id="inputSmall" for="inputValid" name="username">
+  <?php if($userexists == true) { echo '<div class="invalid-feedback" bis_skin_checked="1">Password Confirmation field is invalid.</div>'; } ?>
+  <label class="col-form-label col-form-label-sm mt-4 password text-light" for="inputSmall">Password</label>
   <input class="<?php if($passwordconfirmiswrong == true) {
 	  echo "form-control is-invalid";
   } else {
@@ -72,8 +80,8 @@ echo "form-control form-control-sm";
 	  echo '<div class="invalid-feedback" bis_skin_checked="1">Password is too short. (8 Characters minmum)</div>';
   }?>
   <label class="col-form-label col-form-label-sm mt-4 passwordconfirm" for="inputSmall">Password Confirmation</label>
-  <input class="form-control form-control-sm" type="password" placeholder="Enter your password again" id="inputSmall" name="passconfirm">
-  <button type="submit" class="btn btn-secondary" name="submit">Register</button>
+  <input class="form-control form-control-sm text-light" type="password" placeholder="Enter your password again" id="inputSmall" name="passconfirm">
+  <button type="submit" class="btn btn-secondary text-light" name="submit">Register</button>
   </div>
 </div>
 </form>
@@ -83,4 +91,5 @@ echo "form-control form-control-sm";
     <p class="card-text"><?php echo $thefunfact->{"data"}; ?></p>
   </div>
 </div>
-</div>
+</body>
+</html>
\ No newline at end of file