From 2385b8295a3f7f85655321dae3f4c4acc247c2c9 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Tue, 7 Jan 2025 22:04:55 +0100 Subject: [PATCH 01/21] New structure of files, change names of some files, rebuild part of the system, new functions, part of version v1.2.0 --- admin/{ => CSS}/panel.css | 35 +-- admin/CSS/window.css | 272 +++++++++++++++++++++ admin/JS/index.js | 42 ++++ admin/{ => algo}/dashboard.alg.php | 4 +- admin/algo/edit.alg.php | 21 ++ admin/algo/new.alg.php | 150 ++++++++++++ admin/{ => algo}/password.alg.php | 21 +- admin/{ => algo}/service_status.alg.php | 15 +- admin/all_articles.alg.php | 98 ++++---- admin/index.js | 89 ------- admin/{ => old}/functions.php | 17 +- admin/{ => old}/main.css | 30 +-- admin/{new.alg.php => old/new.alg.new.php} | 40 +-- admin/panel.login.css | 32 +-- admin/panel.login.php | 15 +- admin/panel.logout.alg.php | 4 +- admin/panel.php | 113 +++++---- admin/panel_login.alg.php | 16 +- admin/test.new.php | 3 - admin/window_functions.php | 266 ++++++++++++++++++++ 20 files changed, 969 insertions(+), 314 deletions(-) rename admin/{ => CSS}/panel.css (85%) create mode 100644 admin/CSS/window.css create mode 100644 admin/JS/index.js rename admin/{ => algo}/dashboard.alg.php (85%) create mode 100644 admin/algo/edit.alg.php create mode 100644 admin/algo/new.alg.php rename admin/{ => algo}/password.alg.php (77%) rename admin/{ => algo}/service_status.alg.php (77%) delete mode 100644 admin/index.js rename admin/{ => old}/functions.php (95%) rename admin/{ => old}/main.css (91%) rename admin/{new.alg.php => old/new.alg.new.php} (85%) delete mode 100644 admin/test.new.php create mode 100644 admin/window_functions.php diff --git a/admin/panel.css b/admin/CSS/panel.css similarity index 85% rename from admin/panel.css rename to admin/CSS/panel.css index 4f12804..593a6a6 100644 --- a/admin/panel.css +++ b/admin/CSS/panel.css @@ -10,10 +10,11 @@ body { min-height: 100%; - background-color: lightgray; + background-color: #fff; padding-top: 70px; } +/* nav, menu */ nav { position: fixed; top: 0; @@ -22,7 +23,7 @@ nav { width: 100%; display: flex; align-items: center; - background-color: #fff; + background-color: #4070f4; box-shadow: 0 0 1px rgba(0, 0, 0, 0.1); } @@ -39,6 +40,11 @@ nav .logo { cursor: pointer; } +.menu-icon.topbar, +span.logo-name.topbar{ + color: #fff; +} + .logo .logo-name { color: #333; font-size: 22px; @@ -55,7 +61,7 @@ nav .sidebar { /*opacity: 0.5;*/ background-color: #fff; box-shadow: 0 5px 10px rgba(0, 0, 0, 0.1); - transition: all 0.4s ease; /* 0.5s */ + transition: all 0.4s ease; } nav.open .sidebar { @@ -123,45 +129,26 @@ nav.open ~ .overlay { z-index: 100; } - /* main */ main { width: 100%; height: calc(100vh - 70px); - /*height: 100vh;*/ - /*height: calc(100%-70px);*/ - /*height: 1000px;*/ - /*background-color: blue;*/ - padding: 20px; -} - -main section.section { - /*border: solid 1px black;*/ - width: 100%; - height: 100%; - /*padding: 10px;*/ + background-color: #fff; } - -/*.bottom-content .list .nav-link span.link:hover, -.bottom-content .list .nav-link .icon:hover{ - color: #fff; -}*/ - .bottom-content .list .nav-link:hover{ background-color: #4070f4; color: #fff ; } + .list .nav-link:hover .icon, .list .nav-link:hover .link{ color: white; } - .bottom-content .list .nav-link#logOut:hover{ background-color: white; color: #707070; - } .list .nav-link:hover .icon.logOut, diff --git a/admin/CSS/window.css b/admin/CSS/window.css new file mode 100644 index 0000000..2ef7754 --- /dev/null +++ b/admin/CSS/window.css @@ -0,0 +1,272 @@ + +/* === general window === */ +article.window { + display: block; + width: 100%; + height: 100%; +} + +.main { + padding: 20px; + background-color: #fff; /* Kolor tła sekcji */ + height: 100%; +} + +/** window name */ +.main h2 { + margin-bottom: 20px; + font-size: 24px; + color: #333; /* Kolor nagłówka */ +} + +/** window content */ +.main .content { + padding: 20px; + background-color: #f2f2f2; /* Kolor tła wewnętrznej sekcji */ + border-radius: 8px; + box-sizing: border-box; + margin-top: 10px; + margin-bottom: 10px; + color: #333; + font-size: 16px; + height: 90%; +} + + +/* === GLOBAL STYLES ==== */ +.content { + /*background-color: #f2f2f2;*/ + padding: 20px; + width: 100%; + height: auto; +} + +.main h2 { + margin-bottom: 20px; +} + +.row { + margin-bottom: 10px; +} + +/* Clear floats after the columns */ +.row::after { + content: ""; + display: table; + clear: both; +} + +.align-checkbox { + display: flex; + align-items: center; +} + +input[type=checkbox] { + margin-right: 10px; +} + +button, +input[type=submit] { + /*background-color: red;*/ + background-color: #4070f4; + color: white; + padding: 12px 20px; + border: none; + border-radius: 4px; + cursor: pointer; + min-width: 80px; + +} + +button:hover, +input[type=submit]:hover { + /*background-color: rgb(235,14,14);*/ + background-color: #2359ee; +} + +input[type=text], +input[type=file] { + width: 40%; + padding: 12px; + border: 1px solid #ccc; + border-radius: 4px; + margin-top: 12px; +} + +input[type=file] { + padding: 0; +} + +.col-25 { + float: left; + width: 25%; + margin-top: 6px; +} + +.col-75 { + float: left; + width: 75%; + margin-top: 6px; +} + +/* Media queries */ +@media screen and (max-width: 600px) { + button, + input[type=submit], + .col-25, + .col-75 { + width: 100%; + margin-top: 0; + } + + input[type=text], + input[type=file] { + width: 100%; + } +} + + +/* styling of table */ +.data-table { + width: 100%; + border-collapse: collapse; + margin-bottom: 20px; + font-size: 1em; + text-align: left; +} + +.data-table thead { + background-color: #f2f2f2; +} + +.data-table th, +.data-table td { + padding: 12px 15px; + border: 1px solid #ddd; +} + +.data-table tbody tr:nth-child(even) { + background-color: #f9f9f9; +} + +.data-table tbody tr:hover { + background-color: #f1f1f1; +} + +#table-container-inner{ + overflow-x: scroll; + white-space: nowrap; /* To ensure the content stays on one line for scrolling */ + width: 100%; /* możesz dostosować */ + max-width: 2000px; +} + +/* === spcific styles === ------------------------------------------*/ + + + + +/* === error ===*/ + + + + + + +/* === popout message === */ + +/** message */ +.overlayPopout { + position: fixed; + top: 0; + left: 0; + width: 100%; + height: 100%; + background-color: rgba(0, 0, 0, 0.5); + display: flex; + justify-content: center; + align-items: center; + z-index: 9999; +} + +/** popout styles */ +.popout { + background-color: #fff; + padding: 10px; + max-width: 400px; + width: 80%; + border-radius: 15px; + box-shadow: 0 4px 8px rgba(0, 0, 0, 0.2); + text-align: center; + position: relative; + z-index: 1000; +} + +/** Styles for button */ +.popout .close-btn { + position: absolute; + top: -1px; + right: 7px; /* can be adjusted */ + cursor: pointer; + font-size: 20px; + color: #333; +} + +.popout p { + margin: 0; + padding: 10px 0; + line-height: 1.5; +} + +/** hide at the beggining */ +.hidden { + display: none; +} + + +/* === color buttons === */ +.custom-button { + display: inline-block; + width: 70px; + padding: 10px; + margin: 10px 0; + color: #fff; + text-align: center; + text-decoration: none; + border: none; + cursor: pointer; + border-radius: 5px; + font-size: 15px; + font-family: inherit; +} + +.blue{ + background-color: #4070f4; +} + +.green{ + background-color: green; +} + +.orange{ + background-color: orange; +} + +.red{ + background-color: red; +} + +.blue:hover{ + background-color: #3056c6; +} + +.green:hover{ + background-color: #006400; +} + +.orange:hover{ + background-color: #cc8400; +} + +.red:hover{ + background-color: #b30000; +} diff --git a/admin/JS/index.js b/admin/JS/index.js new file mode 100644 index 0000000..f7d7bad --- /dev/null +++ b/admin/JS/index.js @@ -0,0 +1,42 @@ + +// -- SIDEBAR -- +document.addEventListener("DOMContentLoaded", function() { + const navBar = document.querySelector("nav"), + menuBtns = document.querySelectorAll(".menu-icon"), + overlay = document.querySelector(".overlay") + optionBtns = document.querySelectorAll(".list") + + + menuBtns.forEach(menuBtn => { + menuBtn.addEventListener("click", () => { + navBar.classList.toggle("open") + }) + }) + + optionBtns.forEach(optBtn => { + optBtn.addEventListener("click", () => { + navBar.classList.remove("open") + }) + }) + + overlay.addEventListener("click", () => { + navBar.classList.remove("open"); + }) +}); + + +/*mesage handler*/ +document.addEventListener("DOMContentLoaded", function() { + + // Zamknij popout po kliknięciu w X + document.getElementById('close-btn')?.addEventListener('click', function() { + document.getElementById('overlay').classList.add('hidden'); + }); + + // Zamknij popout po kliknięciu poza nim + document.getElementById('overlay')?.addEventListener('click', function(event) { + if (event.target.id === 'overlay') { + document.getElementById('overlay').classList.add('hidden'); + } + }); +}); \ No newline at end of file diff --git a/admin/dashboard.alg.php b/admin/algo/dashboard.alg.php similarity index 85% rename from admin/dashboard.alg.php rename to admin/algo/dashboard.alg.php index 8588ba8..62ab4d6 100644 --- a/admin/dashboard.alg.php +++ b/admin/algo/dashboard.alg.php @@ -4,12 +4,12 @@ if(!isset ($_SESSION['adminLoged'])) { - header('Location:panel.login.php'); + header('Location: ../panel.login.php'); exit(); } -function dasboard_data() { +function dashboard_data() { echo'
diff --git a/admin/algo/edit.alg.php b/admin/algo/edit.alg.php new file mode 100644 index 0000000..051949d --- /dev/null +++ b/admin/algo/edit.alg.php @@ -0,0 +1,21 @@ + 1048576) { + $_SESSION['message'] = 'File too large (max 1MB).'; + header('Location: ../panel.php?window=add-article'); + exit(); + } + + $title = mysqli_real_escape_string($conn, $_POST['title']); + $textUpload = file_get_contents($_FILES['textUpload']['tmp_name']); + $photo = $_FILES['photoUpload']; + + if ($conn->connect_errno != 0) { + $_SESSION['message'] = 'db connection fail.'; + header('Location: ../panel.php?window=add-article'); + #echo "Error: " . $conn->connect_error; + #throw new Exception(mysqli_connect_errno()); + } else { + + $sql = "SELECT * FROM articles WHERE title = '$title'"; + + if($result = $conn->query($sql)) { + $num = $result->num_rows; + + if($num != 0) { + $_SESSION['message'] = 'Article with this title already exist.'; + header('Location: ../panel.php?window=add-article'); + } else { + + $pathinfo = pathinfo($_FILES["photoUpload"]["name"]); + + $base = $pathinfo["filename"]; + + $base = preg_replace("/[^\w-]/", "_", $base); + + $filename = $base . "." . $pathinfo["extension"]; + + $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/" . $filename; + + // Add a numeric suffix if the file already exists + $i = 1; + + while (file_exists($destination)) { + + $filename = $base . "($i)." . $pathinfo["extension"]; + //$destination = "/Applications/XAMPP/xamppfiles/htdocs/serwer/panel/articles_photos/" . $filename; + $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/" . $filename; + + $i++; + } + + if ( ! move_uploaded_file($_FILES["photoUpload"]["tmp_name"], $destination)) { + + echo $destination. '
'; + $_SESSION['message'] = "Can't move uploaded file."; + header('Location: ../panel.php?window=add-article'); + } + + $target_file = 'articles_photos/'.$filename; + + $sql_insert = $sql_insert = "INSERT INTO articles (title, text, photo_path) VALUES (?, ?, ?)"; + $stmt_insert = $conn->prepare($sql_insert); + $stmt_insert->bind_param('sss', $title, $textUpload, $target_file); + + if ($stmt_insert->execute()) { + + $_SESSION['message'] = 'Article was succesfully addes to db.'; + header('Location: ../panel.php?window=add-article'); + } else { + $_SESSION['message'] = 'Error during adding data to db.'; + header('Location: ../panel.php?window=add-article'); + } + + $stmt_insert->close(); + + #$_SESSION['message'] = 'File uploaded successfully.'; + } + + } else { + $_SESSION['message'] = 'Error occur during checking title.'; + header('Location: ../panel.php?window=add-article'); + #throw new Exception($conn->error); + } + $conn->close(); + exit(); + } +} + +exit(); \ No newline at end of file diff --git a/admin/password.alg.php b/admin/algo/password.alg.php similarity index 77% rename from admin/password.alg.php rename to admin/algo/password.alg.php index dd6966d..ed16b69 100644 --- a/admin/password.alg.php +++ b/admin/algo/password.alg.php @@ -4,13 +4,12 @@ if(!isset ($_SESSION['adminLoged'])) { - header('Location:panel.login.php'); + header('Location: ../panel.login.php'); exit(); } - //additional files -require_once 'panel.connect.php'; +require '../panel.connect.php'; $conn = @new mysqli($host, $db_user, $db_password, $db_name); @@ -22,7 +21,7 @@ if ($conn->connect_errno!=0) { $_SESSION['message'] = 'connection to db fail'; #echo 'Error: '.$conn->connect_error; - header('Location:panle.php'); + header('Location: ../panel.php?window=settings'); exit(); }else{ @@ -48,35 +47,35 @@ if ($conn->query($sql_update) === TRUE) { $_SESSION['message'] = 'Password changed successfully.'; - header('Location: panel.php'); + header('Location: ../panel.php?window=settings'); } else { $_SESSION['message'] = 'Error: something went wrong during updating password'; #echo $conn->error; - header('Location: panel.phps'); + header('Location: ../panel.php?window=settings'); } } else { $_SESSION['message'] = 'Old password is wrong'; - header('Location:panel.php'); + header('Location: ../panel.php?window=settings'); } } else { $_SESSION['message'] = 'more rows found than needed'; - header('Location: panel.phps'); + header('Location: ../panel.php?window=settings'); } } $conn->close(); exit(); } } else { - $_SESSION['message'] = 'new password different than one writen again'; - header('Location:panel.php'); + $_SESSION['message'] = 'new password different than one written again '; + header('Location: ../panel.php?window=settings'); exit(); } } else { $_SESSION['message'] = 'POST table doesnt have all data'; - header('Location:panel.php'); + header('Location: panel.php?window=settings'); exit(); } diff --git a/admin/service_status.alg.php b/admin/algo/service_status.alg.php similarity index 77% rename from admin/service_status.alg.php rename to admin/algo/service_status.alg.php index a698443..40e8b55 100644 --- a/admin/service_status.alg.php +++ b/admin/algo/service_status.alg.php @@ -4,13 +4,12 @@ if(!isset ($_SESSION['adminLoged'])) { - header('Location:panel.login.php'); + header('Location: ../panel.login.php'); exit(); } //additional files -require_once 'panel.connect.php'; - +require '../panel.connect.php'; $conn = @new mysqli($host, $db_user, $db_password, $db_name); @@ -20,7 +19,7 @@ if ($conn->connect_errno!=0) { $_SESSION['message'] = 'connection do db fail'; #echo "Error: ".$conn->connect_error; - header('Location: panel.php'); + header('Location: ../panel.php?window=service-break'); exit(); }else{ @@ -45,16 +44,16 @@ if ($conn->query($sql_update) === TRUE) { $_SESSION['message'] = 'Service status value changed successfully'; - header('Location: panel.php'); + header('Location: ../panel.php?window=service-break'); }else{ $_SESSION['message'] = 'Error: something went wrong during updating status'; #echo $conn->error; - header('Location: panel.php'); + header('Location: ../panel.php?window=service-break'); } }else{ $_SESSION['message'] = 'more rows found than needed'; - header('Location: panel.php'); + header('Location: ../panel.php?window=service-break'); } } $conn->close(); @@ -62,7 +61,7 @@ } }else{ $_SESSION['message'] = 'something went wrong, try again'; - header('Location: panel.php'); + header('Location: ../panel.php?window=service-break'); exit(); } diff --git a/admin/all_articles.alg.php b/admin/all_articles.alg.php index 8c3c582..c6f4266 100644 --- a/admin/all_articles.alg.php +++ b/admin/all_articles.alg.php @@ -9,50 +9,64 @@ function all() { -//additional files -require 'panel.connect.php'; - - //$conn = @new mysqli($host, $db_user, $db_password, $db_name); - - #error_reporting(E_ALL); - #ini_set('display_errors', 1); - -$conn = @new mysqli($host, $db_user, $db_password, $db_name); - -if ($conn->connect_errno) { - $_SESSION['message'] = 'connection to db fail'; - #echo "Error: " . $conn->connect_error; - header('Location:panel.php'); - exit(); -} else { - // Zaktualizowane zapytanie, które pobiera dodatkowe informacje - $sql = "SELECT * FROM articles"; - $result = $conn->query($sql); - - if ($result->num_rows > 0) { - echo ''; - echo ''; - echo ''; - // Pętla po wynikach - while ($row = $result->fetch_assoc()) { - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; // Skrócona treść - echo ''; - echo ''; - echo ''; - } - echo ''; - echo '
IDTitleDate of PublishedContentImage PathView
' . $row['ID'] . '' . $row['title'] . '' . $row['date_of_publish'] . '' . substr($row['text'], 0, 50) . '...' . $row['photo_path'] . 'Link
'; + //additional files + require 'panel.connect.php'; + + $conn = @new mysqli($host, $db_user, $db_password, $db_name); + + if ($conn->connect_errno) { + $_SESSION['message'] = 'connection to db fail'; + #echo "Error: " . $conn->connect_error; + header('Location: panel.php?window=all-articles'); + exit(); } else { - $_SESSION['message'] = 'no data found'; - header('Location:panel.php'); + $sql = "SELECT * FROM articles"; + $result = $conn->query($sql); - } + if ($result->num_rows > 0) { + echo ''; + echo ''; + echo ''; - $conn->close(); -} + while ($row = $result->fetch_assoc()) { + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + } + echo ''; + echo '
IDTitleDate of PublishedContentImage PathViewEdit
' . $row['ID'] . '' . $row['title'] . '' . $row['date_of_publish'] . '' . substr($row['text'], 0, 50) . '...' . $row['photo_path'] . 'ViewEdit
'; + } else { + echo ''; + echo ''; + echo ''; + + $info = 'No data'; + + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + + echo ''; + echo '
IDTitleDate of PublishedContentImage PathViewEdit
' . $info . '' . $info . '' . $info . '' . $info . '' . $info . '' . $info . '' . $info . '
'; + + $_SESSION['message'] = 'No data found. Database empty.'; + } + + $conn->close(); + } } +?> + diff --git a/admin/index.js b/admin/index.js deleted file mode 100644 index 155ec7e..0000000 --- a/admin/index.js +++ /dev/null @@ -1,89 +0,0 @@ - -// -- SIDEBAR -- -document.addEventListener("DOMContentLoaded", function() { - const navBar = document.querySelector("nav"), - menuBtns = document.querySelectorAll(".menu-icon"), - overlay = document.querySelector(".overlay") - optionBtns = document.querySelectorAll(".list") - - - menuBtns.forEach(menuBtn => { - menuBtn.addEventListener("click", () => { - navBar.classList.toggle("open") - }) - }) - - optionBtns.forEach(optBtn => { - optBtn.addEventListener("click", () => { - navBar.classList.remove("open") - }) - }) - - overlay.addEventListener("click", () => { - navBar.classList.remove("open"); - }) -}); - -document.addEventListener("DOMContentLoaded", function() { - - // Funkcja do obsługi kliknięcia w przycisk - function handleButtonClick(sectionId) { - // Pobierz wszystkie sekcje - const sections = document.querySelectorAll('.section'); - - // Ukryj wszystkie sekcje - sections.forEach(section => section.classList.remove('visible')); - - // Pokaż wybraną sekcję - document.getElementById(sectionId).classList.add('visible'); - - } - - // Dodaj event listenery do przycisków - document.getElementById("allBtn").addEventListener('click', function() { - handleButtonClick('allSection'); - }); - document.getElementById("section1Btn").addEventListener('click', function() { - handleButtonClick('section1'); - }); - document.getElementById("section2Btn").addEventListener('click', function() { - handleButtonClick('section2'); - }); - document.getElementById("section3Btn").addEventListener('click', function() { - handleButtonClick('section3'); - }); - document.getElementById("section4Btn").addEventListener('click', function() { - handleButtonClick('section4'); - }); - -}); - -/* -document.addEventListener("DOMContentLoaded", function() { - const smallMenuBtn = document.querySelectorAll(""), - - smallMenuBtns.forEach(smallMenuBtn => { - smallMenuBtn.addEventListener("click", () => { - .classList.toggle("visible") - }) - }) - -}) - -*/ - -/*mesage handler*/ -document.addEventListener("DOMContentLoaded", function() { - - // Zamknij popout po kliknięciu w X - document.getElementById('close-btn')?.addEventListener('click', function() { - document.getElementById('overlay').classList.add('hidden'); - }); - - // Zamknij popout po kliknięciu poza nim - document.getElementById('overlay')?.addEventListener('click', function(event) { - if (event.target.id === 'overlay') { - document.getElementById('overlay').classList.add('hidden'); - } - }); -}); \ No newline at end of file diff --git a/admin/functions.php b/admin/old/functions.php similarity index 95% rename from admin/functions.php rename to admin/old/functions.php index 8db997f..6dc1157 100644 --- a/admin/functions.php +++ b/admin/old/functions.php @@ -1,8 +1,9 @@ -
@@ -32,7 +33,7 @@ function dashboard() {
@@ -103,7 +104,7 @@ function allArticles() { include 'all_articles.alg.php'; - all(); + //all(); ?> @@ -185,4 +186,6 @@ function settings() { connect_errno != 0) { $_SESSION['message'] = 'db connection fail.'; @@ -84,43 +84,45 @@ } else { $sql = "SELECT * FROM articles WHERE title = '$title'"; - echo '4 '; + //echo '4 '; if($result = $conn->query($sql)) { $num = $result->num_rows; - echo '5 '; + //echo '5 '; if($num != 0) { $_SESSION['message'] = 'Article with this title already exist.'; header('Location: panel.php'); } else { - echo '6 '; + //echo '6 '; $pathinfo = pathinfo($_FILES["photoUpload"]["name"]); $base = $pathinfo["filename"]; $base = preg_replace("/[^\w-]/", "_", $base); - echo '7 '; + //echo '7 '; $filename = $base . "." . $pathinfo["extension"]; - $destination = "/Applications/XAMPP/xamppfiles/htdocs/serwer/panel/articles_photos/" . $filename; - echo '8 '; + //$destination = "/Applications/XAMPP/xamppfiles/htdocs/serwer/panel/articles_photos/" . $filename; //old mac + $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/" . $filename; // new mac + //echo '8 '; // Add a numeric suffix if the file already exists $i = 1; while (file_exists($destination)) { - echo '9 '; + //echo '9 '; $filename = $base . "($i)." . $pathinfo["extension"]; - $destination = "/Applications/XAMPP/xamppfiles/htdocs/serwer/panel/articles_photos/" . $filename; + //$destination = "/Applications/XAMPP/xamppfiles/htdocs/serwer/panel/articles_photos/" . $filename; //old + $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/" . $filename; // new $i++; } - echo '10 '; + //echo '10 '; if ( ! move_uploaded_file($_FILES["photoUpload"]["tmp_name"], $destination)) { echo $destination. '
'; $_SESSION['message'] = "Can't move uploaded file."; header('Location: panel.php'); } - echo '11 '; + //echo '11 '; //echo $destination; $target_file = 'articles_photos/'.$filename; @@ -130,19 +132,19 @@ $stmt_insert = $conn->prepare($sql_insert); $stmt_insert->bind_param('sss', $title, $textUpload, $target_file); - echo '12 '; + //echo '12 '; if ($stmt_insert->execute()) { - echo '13.1 '; + //echo '13.1 '; $_SESSION['message'] = 'Article was succesfully addes to db.'; header('Location: panel.php'); } else { $_SESSION['message'] = 'Error during adding data to db.'; header('Location: panel.php'); #echo "Błąd podczas dodawania artykułu: " . $conn->error; - echo '13.2 '; + //echo '13.2 '; } - echo '14 '; + //echo '14 '; $stmt_insert->close(); #$_SESSION['message'] = 'File uploaded successfully.'; @@ -151,7 +153,7 @@ } else { $_SESSION['message'] = 'Error occur during checking title.'; - header('Location: panel.php'); + header('Location: panel.php?window=add-article'); #throw new Exception($conn->error); } $conn->close(); diff --git a/admin/panel.login.css b/admin/panel.login.css index ca72540..64e72ad 100644 --- a/admin/panel.login.css +++ b/admin/panel.login.css @@ -1,8 +1,6 @@ body{ - /*background-color: lightslategray;*/ background-color: #fff; - /*background-color: #e3f2fd;*/ height: 100%; margin: 0; padding: 0; @@ -18,11 +16,9 @@ main{ } #loginBox{ - width: 340px; /*380px*/ - height: 290px; /*280px*/ - border-radius: 5px; /* 8px*/ - /*background-color: lightgrey;*/ - /*background-color: #fff;*/ + width: 320px; + height: 290px; + border-radius: 5px; position: absolute; top: 45%; left: 50%; @@ -44,28 +40,25 @@ main{ } input[type="text"], input[type="password"] { - width: 200px; /*180px*/ + width: 200px; padding: 10px; margin: 5px 0; box-sizing: border-box; - border-radius: 5px; /*8px*/ + border-radius: 5px; border: none; font-size: 13px; border: 1px solid #333; } input[type="submit"] { - width: 200px; /*180px*/ + width: 200px; padding: 10px; margin: 10px 0; - /*background-color: #4CAF50;/* - /*background-color: red;*/ background-color: #4070f4;; - color: white; - /*color: #333;*/ + color: #fff; border: none; cursor: pointer; - border-radius: 5px; /*8px*/ - font-size: 14px; + border-radius: 5px; + font-size: 16px; } footer{ @@ -73,12 +66,11 @@ footer{ bottom: 0; width: 100%; height: 30px; - background-color: #f1f1f1; text-align: center; line-height: 30px; - background-color: lightgray; + background-color: #4070f4; + color: #fff; font-size: 22px; - } @@ -149,7 +141,7 @@ footer{ } } -@media (max-width: 260px) OR (max-height: 460px){ +@media (max-width: 300px) OR (max-height: 460px){ main{ display: none; } diff --git a/admin/panel.login.php b/admin/panel.login.php index 7dcfb99..51ae66e 100644 --- a/admin/panel.login.php +++ b/admin/panel.login.php @@ -3,21 +3,18 @@ session_start(); - -if((isset($_SESSION['adminLoged'])) && ($_SESSION['aminLoged'] == true)) +if((isset($_SESSION['adminLoged'])) && ($_SESSION['adminLoged'] == true)) // think over { - //unset($_SESSION['adminLoged']); header('Location: panel.php'); exit(); - - //jesli nie chcemy by zosrtały wykonane następne instrukcje w skrypcie php - //znajdujące sie poniej instrukcji header naley uzyć exit(); - //nastąpi natychmiastowe przekierowanie - // nie kończymy imprzy, wychodzimy po angielsku + // nie kończymy imprezy, wychodzimy po angielsku } - +// cache control +header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); +header("Cache-Control: post-check=0, pre-check=0", false); +header("Pragma: no-cache"); ?> diff --git a/admin/panel.logout.alg.php b/admin/panel.logout.alg.php index 04f5e10..75017ea 100644 --- a/admin/panel.logout.alg.php +++ b/admin/panel.logout.alg.php @@ -2,6 +2,8 @@ session_start(); + $_SESSION['adminLoged'] = false; // i make sure it has value different from true + session_unset(); //session_destroy(); header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); @@ -9,5 +11,5 @@ header('Pragma: no-cache'); header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); - header('Location:panel.login.php');//panel.logout.out.php + header('Location:panel.login.php'); //panel.logout.out.php exit(); diff --git a/admin/panel.php b/admin/panel.php index 9c02241..dcbbe15 100644 --- a/admin/panel.php +++ b/admin/panel.php @@ -3,25 +3,26 @@ 1800)) { - // Sesja wygasła - usuń dane sesji - session_unset(); // Usuń wszystkie zmienne sesji - session_destroy(); // Zniszcz sesję + // Session expired - delete session data + session_unset(); // Delete all session variables + session_destroy(); // Destroy session } -$_SESSION['LAST_ACTIVITY'] = time(); // Aktualizacja czasu ostatniej aktywności +$_SESSION['LAST_ACTIVITY'] = time(); // Last Activity Time Update //additional files require_once 'panel.connect.php'; -include_once 'functions.php'; +include 'window_functions.php'; ?> @@ -45,8 +46,8 @@ - - + + @@ -76,11 +77,10 @@ -
-
- -
+ }else{ // if new widows added, there must be added new if statements added as well + + if($_GET["window"] == "all-articles"){ -
- -
-
- -
+ + + }elseif($_GET["window"] == "edit-article"){ + + editArticle(); + + }elseif($_GET["window"] == "service-break"){ -
- -
- + }elseif($_GET["window"] == "settings"){ -
- -
- + + }else{ + + error(); + + } + } + ?>
@@ -214,7 +223,7 @@ ?> - + \ No newline at end of file diff --git a/admin/panel_login.alg.php b/admin/panel_login.alg.php index e6be4b1..f99cec9 100644 --- a/admin/panel_login.alg.php +++ b/admin/panel_login.alg.php @@ -34,7 +34,7 @@ if($num_adm >0) { - $_SESSION['adminLoged'] = true; //zalogowany = true + $_SESSION['adminLoged'] = true; $row = $result->fetch_assoc(); @@ -47,10 +47,10 @@ $result->free_result(); header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); - header('Cache-Control: post-check=0, pre-check=0', false); // Dla zgodności z HTTP/1.0 - header('Pragma: no-cache'); // Dla zgodności z HTTP/1.0 + header('Cache-Control: post-check=0, pre-check=0', false); // For HTTP/1.0 compatibility + header('Pragma: no-cache'); // For HTTP/1.0 compatibility - // Ustawienie nagłówka Expires, aby upewnić się, że strona jest uznawana za przeterminowaną + //Set the Expires header to ensure that the page is considered expired header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); header('Location: panel.php'); @@ -66,4 +66,12 @@ } +// added for dev +$dev = false; +if($dev == true){ + $_SESSION['adminLoged'] = true; +header('Location: panel.php'); +} + + exit(); diff --git a/admin/test.new.php b/admin/test.new.php deleted file mode 100644 index 8b9657c..0000000 --- a/admin/test.new.php +++ /dev/null @@ -1,3 +0,0 @@ - + +
+
+

Dashboard

+
+ +
+
+
+ + + +
+
+

All articles

+
+
+ +
+
+
+
+ + + +
+
+

Add article

+
+
+
+
+ +
+
+ +
+
+
+
+ +
+
+ +
+
+
+
+ +
+
+ +
+
+
+ + +
+
+
+ +
+
+
+
+
+ + 0) { + + // algo loading data from db + + ?> +
+
+

Edit article

+
+
+
+
+ +
+
+ +
+
+
+
+ +
+
+ +
+
+
+
+ +
+
+ +
+
+
+ + +
+
+
+ +
+
+
+
+
+ +
+
+

Choose article to edit

+
+
+ +
+
+
+
+ + +
+
+

Service Break

+
+
+ +
+ + +
+
+
+ +
+
+
+
+
+ + + +
+
+

Settings

+
+ +
+
+ +
+
+
+ +
+
+
+ +
+
+
+ + +
+
+
+ +
+
+
+
+ + +
+
+
+ +
+
+
+
+
+ + + +
+
+

Something went wrong

+
+ Something went wrong, please reload the page with the link below + Reload +
+
+
+ + Date: Tue, 7 Jan 2025 22:13:47 +0100 Subject: [PATCH 02/21] Update md's --- CHANGELOG.md | 16 +++++++++++----- CONTRIBUTING.md | 19 +++++++------------ README.md | 2 +- SECURITY.md | 3 +-- 4 files changed, 20 insertions(+), 20 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c0ca0d3..776211a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,20 +2,26 @@ All notable changes to this project will be documented in this file. - ## [Unreleased] -Right now project is finished, I am working on fixing all the bugs and secruity issues. + +Right now project is finished, I am working on fixing all the bugs and secruity issues. ### Added -- + ### Changed -- + ### Fixed -- -## [pre release] - 2024-10-30 -### Added -The only functionalities that are added right now are fix patches for media queries, secruity reasons bugs fixing. +## Newest version: v1.0.0 + +### Addedd in v1.0.0 + +This was first release of this project, first compleate verion still not with all functions i wanted but it was already functional. + +I will keep working on this project. Next version will bring many changes, all of them will be explain here. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index cdeedf1..47bbf68 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,10 +1,11 @@ # Contributing to PHP_CMS_for_blog First off, thank you for considering contributing to [PHP_CMS_for_blog](https://github.com/Dominik-developer/PHP_CMS_for_blog)! 🎉 Your help is greatly appreciated. - + ## If you've found a bug, please create an issue following these steps: + 1. **Check for duplicates:** Search [existing issues](https://github.com/Dominik-developer/PHP_CMS_for_blog/issues) to ensure it hasn’t been reported. -2. **If it’s a new issue:** +2. **If it’s a new issue:** - Open a new issue. - Provide a detailed description of the bug. - The version of the project you’re using. @@ -12,9 +13,10 @@ First off, thank you for considering contributing to [PHP_CMS_for_blog](https:// - Expected vs. actual behavior. - Screenshots or logs (if applicable/possible). - Environment details (e.g., OS, browser). -3. **Remeber to follow** [Style Guides](https://github.com/Dominik-developer/PHP_CMS_for_blog/blob/main/STYLE_GUIDES.md) for this softwere. +3. **Remeber to follow** [Style Guides](https://github.com/Dominik-developer/PHP_CMS_for_blog/blob/main/STYLE_GUIDES.md) for this softwere. ## How to Suggest a Feature + 1. **Search existing suggestions:** Ensure your idea isn’t already suggested in [existing issues](https://github.com/Dominik-developer/PHP_CMS_for_blog/issues). 2. **If it’s a new idea:** - Open a new issue. @@ -22,7 +24,7 @@ First off, thank you for considering contributing to [PHP_CMS_for_blog](https:// - Explain why the feature is needed and what problem it solves. - Describe how the feature might work or look. - Potential implementation ideas. -3. **Remeber to follow** [Style Guides](https://github.com/Dominik-developer/PHP_CMS_for_blog/blob/main/STYLE_GUIDES.md) for this softwere. +3. **Remeber to follow** [Style Guides](https://github.com/Dominik-developer/PHP_CMS_for_blog/blob/main/STYLE_GUIDES.md) for this softwere. ## Code of Conduct -Please read our [Code of Conduct](CODE_OF_CONDUCT.md) to understand the expectations for participation in this project. - - - - - - +Please read our [Code of Conduct](CODE_OF_CONDUCT.md) to understand the expectations for participation in this project. - * All safe and supported versions of our software are marked with a ✅. * New versions that do not introduce changes in terms of security do not affect the lack of support for previous versions. From fc586a38d1c8cf922edc55d786edf4a8362c4fca Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Fri, 10 Jan 2025 20:30:27 +0100 Subject: [PATCH 03/21] New update for this branch --- admin/CSS/window.css | 28 +++- admin/algo/dashboard.alg.php | 3 +- admin/all_articles.alg.php | 2 +- admin/data_loading.alg.php | 39 +++++ admin/old/functions.php | 191 ---------------------- admin/old/main.css | 302 ----------------------------------- admin/old/new.alg.new.php | 164 ------------------- admin/panel.php | 2 +- admin/window_functions.php | 79 +++++---- 9 files changed, 119 insertions(+), 691 deletions(-) create mode 100644 admin/data_loading.alg.php delete mode 100644 admin/old/functions.php delete mode 100644 admin/old/main.css delete mode 100644 admin/old/new.alg.new.php diff --git a/admin/CSS/window.css b/admin/CSS/window.css index 2ef7754..8fa5b75 100644 --- a/admin/CSS/window.css +++ b/admin/CSS/window.css @@ -91,6 +91,7 @@ input[type=file] { border: 1px solid #ccc; border-radius: 4px; margin-top: 12px; + font-size: 14px; } input[type=file] { @@ -162,13 +163,34 @@ input[type=file] { /* === spcific styles === ------------------------------------------*/ +/* === edit ===*/ +textarea { + width: 40%; + min-height: 100px; + max-height: 300px; + padding: 10px; + font-size: 14px; + font-family: Arial, sans-serif; + border: 1px solid #ccc; + border-radius: 5px; + resize: vertical; +} +input[type="file"] { + padding: 10px; + border: 1px solid #ccc; + border-radius: 5px; + cursor: pointer; + background-color: #fff; + } -/* === error ===*/ - - + a#showBttn { + width: 80px; + } + +/* === error ===*/ diff --git a/admin/algo/dashboard.alg.php b/admin/algo/dashboard.alg.php index 62ab4d6..5172684 100644 --- a/admin/algo/dashboard.alg.php +++ b/admin/algo/dashboard.alg.php @@ -14,7 +14,8 @@ function dashboard_data() { echo'
Welcome on admin panel for your blog! - +
+ We are evolving for you! :)
'; } diff --git a/admin/all_articles.alg.php b/admin/all_articles.alg.php index c6f4266..3f741b2 100644 --- a/admin/all_articles.alg.php +++ b/admin/all_articles.alg.php @@ -35,7 +35,7 @@ function all() { echo '' . $row['date_of_publish'] . ''; echo '' . substr($row['text'], 0, 50) . '...'; echo '' . $row['photo_path'] . ''; - echo 'View'; + echo 'View'; echo 'Edit'; echo ''; } diff --git a/admin/data_loading.alg.php b/admin/data_loading.alg.php new file mode 100644 index 0000000..7a6504d --- /dev/null +++ b/admin/data_loading.alg.php @@ -0,0 +1,39 @@ +connect_errno) { + $_SESSION['message'] = 'connection to db fail'; + header('Location: panel.php?window=edit-article'); + exit(); + } else { + $sql = "SELECT * FROM articles WHERE id = $articleID"; + $result = $conn->query($sql); + + if ($result->num_rows > 0) { + $row = $result->fetch_assoc(); + $conn->close(); + return $row; + + } else { + $_SESSION['message'] = 'No data found. Database empty.'; + $conn->close(); + return null; + } + } +} + + + + + diff --git a/admin/old/functions.php b/admin/old/functions.php deleted file mode 100644 index 6dc1157..0000000 --- a/admin/old/functions.php +++ /dev/null @@ -1,191 +0,0 @@ - -
-
- Dashboard -
- -
-
-
-

- -
-
-
-
- -
-
- Add new article -
- -
-
-
-

New article

-
-
-
- -
-
- -
-
-
-
- -
-
- -
-
-
-
- -
-
- -
-
-
- - -
-
-
- -
-
-
-
-
-
- -
-
- All Articles - -
- -
-
-
-

All articles

-
- -
-
-
-
-
- -
-
- Service Break -
- -
-
-
-

Change status of service break

-
- -
- - -
-
-
- -
-
-
-
-
-
- -
-
- Password - -
- -
-
-
-

Change Password

-
-
- -
-
-
- -
-
-
- -
-
-
- - -
-
-
- -
-
-
-
-
-
- 1048576) { - $_SESSION['message'] = 'File too large (max 1MB).'; - header('Location: panel.php'); - exit(); - } - - //echo '2 '; - - $title = mysqli_real_escape_string($conn, $_POST['title']); - $textUpload = file_get_contents($_FILES['textUpload']['tmp_name']); - $photo = $_FILES['photoUpload']; - - //echo '3 '; - - if ($conn->connect_errno != 0) { - $_SESSION['message'] = 'db connection fail.'; - header('Location: panel.php'); - #echo "Error: " . $conn->connect_error; - #throw new Exception(mysqli_connect_errno()); - } else { - - $sql = "SELECT * FROM articles WHERE title = '$title'"; - //echo '4 '; - if($result = $conn->query($sql)) { - $num = $result->num_rows; - //echo '5 '; - if($num != 0) { - $_SESSION['message'] = 'Article with this title already exist.'; - header('Location: panel.php'); - } else { - //echo '6 '; - $pathinfo = pathinfo($_FILES["photoUpload"]["name"]); - - $base = $pathinfo["filename"]; - - $base = preg_replace("/[^\w-]/", "_", $base); - //echo '7 '; - $filename = $base . "." . $pathinfo["extension"]; - - //$destination = "/Applications/XAMPP/xamppfiles/htdocs/serwer/panel/articles_photos/" . $filename; //old mac - $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/" . $filename; // new mac - //echo '8 '; - // Add a numeric suffix if the file already exists - $i = 1; - - while (file_exists($destination)) { - //echo '9 '; - $filename = $base . "($i)." . $pathinfo["extension"]; - //$destination = "/Applications/XAMPP/xamppfiles/htdocs/serwer/panel/articles_photos/" . $filename; //old - $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/" . $filename; // new - - $i++; - } - //echo '10 '; - if ( ! move_uploaded_file($_FILES["photoUpload"]["tmp_name"], $destination)) { - - echo $destination. '
'; - $_SESSION['message'] = "Can't move uploaded file."; - header('Location: panel.php'); - } - //echo '11 '; - //echo $destination; - - $target_file = 'articles_photos/'.$filename; - - // inserting data into db - $sql_insert = $sql_insert = "INSERT INTO articles (title, text, photo_path) VALUES (?, ?, ?)"; - $stmt_insert = $conn->prepare($sql_insert); - $stmt_insert->bind_param('sss', $title, $textUpload, $target_file); - - //echo '12 '; - if ($stmt_insert->execute()) { - //echo '13.1 '; - $_SESSION['message'] = 'Article was succesfully addes to db.'; - header('Location: panel.php'); - } else { - $_SESSION['message'] = 'Error during adding data to db.'; - header('Location: panel.php'); - #echo "Błąd podczas dodawania artykułu: " . $conn->error; - //echo '13.2 '; - } - - //echo '14 '; - $stmt_insert->close(); - - #$_SESSION['message'] = 'File uploaded successfully.'; - #header('Location: panel.php'); - } - - } else { - $_SESSION['message'] = 'Error occur during checking title.'; - header('Location: panel.php?window=add-article'); - #throw new Exception($conn->error); - } - $conn->close(); - exit(); - } -} - -exit(); \ No newline at end of file diff --git a/admin/panel.php b/admin/panel.php index dcbbe15..a5e0d05 100644 --- a/admin/panel.php +++ b/admin/panel.php @@ -212,7 +212,7 @@ /* ---- POPOUT ---- */ if (isset($_SESSION['message'])) { echo " -
+ +
- +

- +
@@ -100,16 +101,26 @@ function addArticle(){ // edit article ========================================== + function editArticle(){ - + if (isset($_GET['id']) && ctype_digit($_GET['id']) && (int)$_GET['id'] > 0) { - // algo loading data from db + require_once 'data_loading.alg.php'; + + $articleData = edit_dataLoading($_GET['id']); + + if ($articleData) { + //echo "Content: " . $articleData['photo_path'] . "
"; + + } else { + echo "No article data found."; + } ?>
-

Edit article

+

Edit article

@@ -117,7 +128,7 @@ function editArticle(){
- +
@@ -125,33 +136,56 @@ function editArticle(){
- + + +
+
- +
+
- +

+
+
+
@@ -167,11 +201,11 @@ function editArticle(){
@@ -180,11 +214,11 @@ function serviceBreak(){

Service Break

-
+
- +

@@ -223,23 +257,13 @@ function settings(){
- +

-
-
- - -
-
-
- -
-
@@ -263,4 +287,3 @@ function error() { Date: Wed, 15 Jan 2025 15:57:04 +0100 Subject: [PATCH 04/21] Add files via upload --- admin/algo/edit.alg.php | 188 ++++++++++++++++++++++++++++++++++-- admin/algo/password.alg.php | 7 +- 2 files changed, 185 insertions(+), 10 deletions(-) diff --git a/admin/algo/edit.alg.php b/admin/algo/edit.alg.php index 051949d..61769f4 100644 --- a/admin/algo/edit.alg.php +++ b/admin/algo/edit.alg.php @@ -2,20 +2,194 @@ session_start(); -if (!isset($_SESSION['adminLoged'])) { +if(!isset ($_SESSION['adminLoged'])) { header('Location: ../panel.login.php'); exit(); } +//additional files +require '../panel.connect.php'; -function edit() { +try { + $conn = @new mysqli($host, $db_user, $db_password, $db_name); + + if (isset($_POST['new_title']) && isset($_POST['new_text']) && isset($_POST['id'])) { + + $article_id = $_POST['id'] ?? 0; + + // Validate article_id + if (!is_numeric($article_id) || $article_id <= 0) { + $_SESSION['message'] = 'Invalid article ID.'; + header('Location: ../panel.php?window=articles-list'); + exit(); + } + + $NEW_title = mysqli_real_escape_string($conn, $_POST['new_title'] ?? ''); + $NEW_text = mysqli_real_escape_string($conn, $_POST['new_text'] ?? ''); + $NEW_photo = $_FILES['new_photo'] ?? ''; + + // Validate required fields + if (empty($article_id) || empty($NEW_title) || empty($NEW_text)) { + $_SESSION['message'] = 'All fields are required'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + $conn->close(); + exit(); + } - require '../panel.connect.php'; + // Check database connection + if ($conn->connect_errno != 0) { + $_SESSION['message'] = 'Connection to db fail'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + $conn->close(); + exit(); + } else { - $conn = @new mysqli($host, $db_user, $db_password, $db_name); + // Checking if article exists + $sql_select = "SELECT id, photo_path FROM articles WHERE id = ?"; + $stmt = $conn->prepare($sql_select); + $stmt->bind_param("i", $article_id); + $stmt->execute(); + $result = $stmt->get_result(); + + if ($result->num_rows > 0) { + + // Fetch existing photo path + $row = $result->fetch_assoc(); + $existing_photo = $row['photo_path']; + + // If a new photo is submitted + if(!empty($_FILES['new_photo']['name'])) { + + // Remove the old photo if a new one is being uploaded + #=========usuwanie=strego=zdjecia===== + + /** * + check in db what way i have path for photos saved and fix it in case it is the other way + */ + if (!empty($existing_photo) && file_exists('/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/' . $existing_photo)) { + unlink('/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/' . $existing_photo); + } + + // Check for upload errors + if ($_FILES["new_photo"]["error"] !== UPLOAD_ERR_OK) { + switch ($_FILES["new_photo"]["error"]) { + case UPLOAD_ERR_PARTIAL: + $_SESSION['message'] = 'File only partially uploaded.'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + exit(); + case UPLOAD_ERR_NO_FILE: + $_SESSION['message'] = 'No file was uploaded.'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + exit(); + case UPLOAD_ERR_EXTENSION: + $_SESSION['message'] = 'File upload stopped by a PHP extension.'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + exit(); + case UPLOAD_ERR_FORM_SIZE: + $_SESSION['message'] = 'File exceeds MAX_FILE_SIZE in the HTML form.'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + exit(); + case UPLOAD_ERR_INI_SIZE: + $_SESSION['message'] = 'File exceeds upload_max_filesize in php.ini .'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + exit(); + case UPLOAD_ERR_NO_TMP_DIR: + $_SESSION['message'] = 'Temporary folder not found.'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + exit(); + case UPLOAD_ERR_CANT_WRITE: + $_SESSION['message'] = 'Failed to write file.'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + exit(); + default: + $_SESSION['message'] = 'Unknown upload error.'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + exit(); + } + } - // code - echo 'edit'; + // Check photo size + if ($_FILES["new_photo"]["size"] > 1048576) { + $_SESSION['message'] = 'File too large (max 1MB).'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + $conn->close(); + exit(); + } + + // Generate a new filename for the photo + $pathinfo = pathinfo($_FILES["new_photo"]["name"]); + $base = preg_replace("/[^\w-]/", "_", $pathinfo["filename"]); + $filename = $base . "." . $pathinfo["extension"]; + $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/" . $filename; + + // Add a numeric suffix if file exists + $i = 1; + while (file_exists($destination)) { + $filename = $base . "($i)." . $pathinfo["extension"]; + $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/" . $filename; + $i++; + } + + if (!move_uploaded_file($_FILES["new_photo"]["tmp_name"], $destination)) { + $_SESSION['message'] = "Can't move uploaded file."; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + $conn->close(); + exit(); + } + + // Update photo path in database + $NEW_photo_path = 'articles_photos/'.$filename; + $sql_update = "UPDATE articles SET title = ?, text = ?, photo_path = ? WHERE id = ?"; + $stmt_update = $conn->prepare($sql_update); + $stmt_update->bind_param('sssi', $NEW_title, $NEW_text, $NEW_photo_path , $article_id); + + } else { + // If no new photo is uploaded + $sql_update = "UPDATE articles SET title = ?, text = ? WHERE id = ?"; + $stmt_update = $conn->prepare($sql_update); + $stmt_update->bind_param("ssi", $NEW_title, $NEW_text, $article_id); + } + + if ($stmt_update->execute()) { + $_SESSION['message'] = 'Article was successfully updated.'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + $stmt_update->close(); + $conn->close(); + exit(); + } else { + $_SESSION['message'] = 'Error during updating article.'; + header('Location: ../panel.php?window=edit-article?id='.$article_id); + $stmt_update->close(); + $conn->close(); + exit(); + } + + } else { + $_SESSION['message'] = 'Article with id: '.$article_id.' does not exist'; + header('Location: ../panel.php?window=edit-article?id=0'); + $stmt->close(); + $conn->close(); + exit(); + } + } + + } else { + $_SESSION['message'] = 'POST table doesn\'t have all data'; + header('Location: panel.php?window=edit-article?id='.$article_id); + $conn->close(); + exit(); + } + +} catch (mysqli_sql_exception $e) { + $_SESSION['message'] = 'Database connection error: ' . $e->getMessage(); + header('Location: ../panel.php?window=edit-article?id=0'); + $conn->close(); + exit(); + +} finally { -} \ No newline at end of file + if (isset($conn) && $conn instanceof mysqli) { + $conn->close(); + } +} diff --git a/admin/algo/password.alg.php b/admin/algo/password.alg.php index ed16b69..3f31f64 100644 --- a/admin/algo/password.alg.php +++ b/admin/algo/password.alg.php @@ -41,8 +41,10 @@ $new_password = $_POST['newPass']; + $password_hash = password_hash($new_password, PASSWORD_DEFAULT); + //DB update - $sql_update = "UPDATE `admin` SET `password` = '$new_password' WHERE id=1 "; + $sql_update = "UPDATE `admin` SET `password` = '$password_hash' WHERE id=1 "; if ($conn->query($sql_update) === TRUE) { @@ -77,5 +79,4 @@ $_SESSION['message'] = 'POST table doesnt have all data'; header('Location: panel.php?window=settings'); exit(); -} - +} \ No newline at end of file From d4e22612700c3eba5574ffed3e0c4abb91f109f4 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Fri, 17 Jan 2025 08:01:31 +0100 Subject: [PATCH 05/21] New password algo hash version New password algo hash version, next step is to update login algorithm for hashing and update new pass form --- admin/algo/password.alg.php | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/admin/algo/password.alg.php b/admin/algo/password.alg.php index 3f31f64..0cdc321 100644 --- a/admin/algo/password.alg.php +++ b/admin/algo/password.alg.php @@ -24,38 +24,43 @@ header('Location: ../panel.php?window=settings'); exit(); }else{ + + $ID = $_SESSION['id']; - $sql = "SELECT `login`, `password` FROM `admin` WHERE id=1 "; + $sql = "SELECT `password` FROM `admin` WHERE id = '$ID' "; if($result = @$conn->query(sprintf($sql))) { - $num = $result->num_rows; if($num >0) { - $row = $result->fetch_assoc(); - - if($_POST['oldPass'] == $row['password']) { - $new_password = $_POST['newPass']; + if (password_verify($_POST['oldPass'], $row['password'])) { + $new_password = $_POST['newPass']; $password_hash = password_hash($new_password, PASSWORD_DEFAULT); - //DB update - $sql_update = "UPDATE `admin` SET `password` = '$password_hash' WHERE id=1 "; + $sql = "UPDATE `admin` SET `password` = ? WHERE `id` = ?"; + $stmt = $conn->prepare($sql); - if ($conn->query($sql_update) === TRUE) { - + if (!$stmt) { + die("Błąd przygotowania zapytania: " . $conn->error); + } + + $stmt->bind_param("si", $password_hash, $ID); + + if ($stmt->execute()) { $_SESSION['message'] = 'Password changed successfully.'; header('Location: ../panel.php?window=settings'); } else { - $_SESSION['message'] = 'Error: something went wrong during updating password'; - #echo $conn->error; - header('Location: ../panel.php?window=settings'); + $_SESSION['message'] = 'Error: something went wrong during updating password.
'. $stmt->error; } - + + $stmt->close(); + $conn->close(); + } else { $_SESSION['message'] = 'Old password is wrong'; header('Location: ../panel.php?window=settings'); From 191321ea14035d9e4fbb3063c28666f9d09413ba Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Fri, 17 Jan 2025 13:11:40 +0100 Subject: [PATCH 06/21] Add files via upload --- admin/panel.login.alg.php | 83 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 admin/panel.login.alg.php diff --git a/admin/panel.login.alg.php b/admin/panel.login.alg.php new file mode 100644 index 0000000..3c679a1 --- /dev/null +++ b/admin/panel.login.alg.php @@ -0,0 +1,83 @@ +connect_errno!=0) +{ + echo "Error: ".$conn->connect_error; +} +else +{ + + $login = $_POST['login']; + $password = $_POST['password']; + + $login = htmlentities($login, ENT_QUOTES, "UTF-8"); + $password = htmlentities($password, ENT_QUOTES, "UTF-8"); + + if($result = @$conn->query(sprintf("SELECT * FROM admin WHERE login='%s' AND password='%s' ", + mysqli_real_escape_string($conn, $login), + mysqli_real_escape_string($conn, $password) ))) + { + $num_adm = $result->num_rows; + + if($num_adm >0) + { + if (password_verify($password, $row['password'])) { + + $_SESSION['adminLoged'] = true; + + $row = $result->fetch_assoc(); + + $_SESSION['id'] = $row['id']; + $_SESSION['login'] = $row['login']; + $_SESSION['password'] = $row['password']; + + + unset($_SESSION['loginError']); + $result->free_result(); + + header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); + header('Cache-Control: post-check=0, pre-check=0', false); // For HTTP/1.0 compatibility + header('Pragma: no-cache'); // For HTTP/1.0 compatibility + + //Set the Expires header to ensure that the page is considered expired + header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); + + header('Location: panel.php'); + + } else { + $_SESSION['loginError'] = 'Error! Login or password wrong.'; + header('Location: panel.login.php'); + } + + }else{ + $_SESSION['loginError'] = 'Error! Login or password wrong.'; + header('Location: panel.login.php'); + } + } + + $conn->close(); +} + + +// added for dev +$dev = false; +if($dev == true){ + $_SESSION['adminLoged'] = true; +header('Location: panel.php'); +} + + +exit(); \ No newline at end of file From 188dc77a7152a576112b9028e9b2c19c350735f2 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Fri, 17 Jan 2025 18:01:44 +0100 Subject: [PATCH 07/21] Add files via upload --- admin/algo/service_status.alg.php | 63 ++++++++++++++++++++++++------- 1 file changed, 49 insertions(+), 14 deletions(-) diff --git a/admin/algo/service_status.alg.php b/admin/algo/service_status.alg.php index 40e8b55..1ee5a77 100644 --- a/admin/algo/service_status.alg.php +++ b/admin/algo/service_status.alg.php @@ -13,15 +13,51 @@ $conn = @new mysqli($host, $db_user, $db_password, $db_name); +if ($conn->connect_errno!=0) { + $_SESSION['message'] = 'connection do db fail'; + header('Location: ../panel.php?window=service-break'); + exit(); +} + if (isset($_POST['toggle'])) { + $setting_id = $_POST['setting_id']; - if ($conn->connect_errno!=0) { - $_SESSION['message'] = 'connection do db fail'; - #echo "Error: ".$conn->connect_error; - header('Location: ../panel.php?window=service-break'); - exit(); - }else{ + $stmt = $conn->prepare("UPDATE `service` SET `service_status` = `service_status` XOR 1 WHERE `id` = ?"); + if ($stmt) { + $stmt->bind_param('i', $setting_id); + + if ($stmt->execute()) { + if ($stmt->affected_rows > 0) { + $_SESSION['message'] = 'Service status value changed successfully.'; + } else { + $_SESSION['message'] = 'Error during updating: row ID error.'; + } + } else { + $_SESSION['message'] = 'Something went wrong during updating status.'; + } + $stmt->close(); + } else { + $_SESSION['message'] = 'Failed to prepare the SQL statement.'; + } + +} else { + $_SESSION['message'] = 'Something went wrong, try again.'; + header('Location: ../panel.php?window=service-break'); + exit(); +} + + + + + + + +/* + + + + $setting_id = $_POST['setting_id']; $sql = "SELECT `service_status` FROM `service` WHERE id=1 "; @@ -45,24 +81,23 @@ $_SESSION['message'] = 'Service status value changed successfully'; header('Location: ../panel.php?window=service-break'); - }else{ + } else { $_SESSION['message'] = 'Error: something went wrong during updating status'; #echo $conn->error; header('Location: ../panel.php?window=service-break'); } - }else{ + } else{ $_SESSION['message'] = 'more rows found than needed'; header('Location: ../panel.php?window=service-break'); } } $conn->close(); exit(); - } -}else{ - $_SESSION['message'] = 'something went wrong, try again'; - header('Location: ../panel.php?window=service-break'); - exit(); -} + } else { + $_SESSION['message'] = 'something went wrong, try again'; + header('Location: ../panel.php?window=service-break'); + exit(); + } From 8cbf7400ef889af625f830ff967f666c8c6a24e2 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Fri, 17 Jan 2025 20:17:44 +0100 Subject: [PATCH 08/21] Create php.yml --- .github/workflows/php.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/workflows/php.yml diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml new file mode 100644 index 0000000..e970dc7 --- /dev/null +++ b/.github/workflows/php.yml @@ -0,0 +1,29 @@ +name: PHP Lint Workflow + +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + lint: + runs-on: ubuntu-latest + + steps: + # 1. Pobierz kod z repozytorium + - name: Checkout code + uses: actions/checkout@v3 + + # 2. Instalacja PHP + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '8.1' + + # 3. Sprawdzenie składni PHP + - name: Lint PHP files + run: | + find . -name "*.php" -not -path "./vendor/*" -exec php -l {} \; From d3dcaa3332cd7b0d6fb3acd0dd8d876c846e7d03 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Fri, 17 Jan 2025 20:39:00 +0100 Subject: [PATCH 09/21] Adding styling for html files --- public/error.html | 23 ++++++++--------------- public/service.html | 36 +++++++++++++++++++----------------- 2 files changed, 27 insertions(+), 32 deletions(-) diff --git a/public/error.html b/public/error.html index 7157461..81ed519 100644 --- a/public/error.html +++ b/public/error.html @@ -5,32 +5,25 @@ Error page + + + + + +
diff --git a/public/service.html b/public/service.html index 6665d34..502fbd8 100644 --- a/public/service.html +++ b/public/service.html @@ -4,37 +4,39 @@ Service page + + + + + + + + + + + + + +

Service page

-

Prowadzone są teraz prace serwisowe!
Za utrudnienia przepraszamy.

+

We are currently undergoing maintenance!
We apologize for the inconvenience.


- Prosimy spróbować póniej: Link: Blog main page + Please try again later: Link: Blog main page
\ No newline at end of file From be42f47947ead26851d3b37ba45b53bb6a505edb Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Fri, 17 Jan 2025 20:40:09 +0100 Subject: [PATCH 10/21] Adding delate.alg.php file Delate article logic file --- admin/algo/delate.alg.php | 62 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 admin/algo/delate.alg.php diff --git a/admin/algo/delate.alg.php b/admin/algo/delate.alg.php new file mode 100644 index 0000000..d2d1729 --- /dev/null +++ b/admin/algo/delate.alg.php @@ -0,0 +1,62 @@ +connect_error) { + $_SESSION['message'] = 'Database connection error.'; + header('Location: ../panel.php?window=edit-article'); + exit(); +} + +if ($_SERVER["REQUEST_METHOD"] !== "POST") { + exit('POST request method required'); +} + +if (isset($_POST['deleteText']) && isset($_POST['id'])) { + if ($_POST['deleteText'] === 'Destroy-article') { + + if (filter_var($_POST['id'], FILTER_VALIDATE_INT)) { + $articleId = (int)$_POST['id']; + + $sql = "DELETE FROM articles WHERE id = ?"; + $stmt = $conn->prepare($sql); + + if ($stmt) { + $stmt->bind_param("i", $articleId); + + if ($stmt->execute()) { + $_SESSION['message'] = 'Article was deleted successfully.'; + $stmt->close(); + $conn->close(); + header('Location: ../panel.php?window=edit-article'); + exit(); + } else { + $_SESSION['message'] = 'Error during deleting article. Try again.'; + } + $stmt->close(); + } else { + $_SESSION['message'] = 'Error preparing statement.'; + } + } else { + $_SESSION['message'] = 'Invalid article ID.'; + } + } else { + $_SESSION['message'] = 'Error in security message. Try again.'; + } +} else { + $_SESSION['message'] = 'Error. No security message or article ID.'; +} + +$conn->close(); + +header('Location: ../panel.php?window=edit-article'); +exit(); + From 1ea365bf911f1bc2c4ab03dcf5f678861a88b9f3 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Sat, 18 Jan 2025 18:22:30 +0100 Subject: [PATCH 11/21] Update window.css Adding scroll for edit form --- admin/CSS/window.css | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/admin/CSS/window.css b/admin/CSS/window.css index 8fa5b75..c92fa93 100644 --- a/admin/CSS/window.css +++ b/admin/CSS/window.css @@ -164,6 +164,11 @@ input[type=file] { /* === spcific styles === ------------------------------------------*/ /* === edit ===*/ + +/*article.window #edit */ /* in future */ +article.window #edit section.content{ + overflow-y: scroll; +} textarea { width: 40%; min-height: 100px; From bd57a37afb545bb53b4757576f442b52d4ac4398 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Sun, 19 Jan 2025 11:16:59 +0100 Subject: [PATCH 12/21] aditarticle() update --- admin/window_functions.php | 116 ++++++++++++++++++------------------- 1 file changed, 56 insertions(+), 60 deletions(-) diff --git a/admin/window_functions.php b/admin/window_functions.php index dd15d62..31b1dd9 100644 --- a/admin/window_functions.php +++ b/admin/window_functions.php @@ -102,90 +102,86 @@ function addArticle(){ // edit article ========================================== + function editArticle(){ - + if (isset($_GET['id']) && ctype_digit($_GET['id']) && (int)$_GET['id'] > 0) { require_once 'data_loading.alg.php'; $articleData = edit_dataLoading($_GET['id']); - if ($articleData) { - //echo "Content: " . $articleData['photo_path'] . "
"; - - } else { - echo "No article data found."; - } - + if ($articleData === null) { + + echo "No article data found."; + } else { ?> -
-
-

Edit article

-
-
-
-
- -
-
- -
-
-
-
- +
+
+

Edit article

+
+ +
+
+ +
+
+ +
-
- - - +
+
+ +
+
+ +
-
- -
-
- +
+
+ +
-
- +
+
+ +
-
-
-
- - -
+
-
- -
- -
- + +
-
-
- +
@@ -201,7 +197,7 @@ function editArticle(){
Date: Wed, 12 Feb 2025 00:17:31 +0100 Subject: [PATCH 13/21] Fixing errors, ready to be added to main --- admin/CSS/window.css | 3 +- admin/JS/index.js | 4 +- admin/algo/delate.alg.php | 10 ++--- admin/algo/edit.alg.php | 36 +++++++++-------- admin/algo/new.alg.php | 5 +-- admin/algo/password.alg.php | 9 +++-- admin/panel.login.alg.php | 40 +++++++------------ admin/panel.login.php | 12 +++++- admin/panel.php | 2 +- admin/panel_login.alg.php | 77 ------------------------------------- admin/window_functions.php | 76 ++++++++++++++++++++---------------- public/functions.php | 7 +++- public/main.css | 27 +++++++------ public/single.css | 22 +---------- 14 files changed, 125 insertions(+), 205 deletions(-) delete mode 100644 admin/panel_login.alg.php diff --git a/admin/CSS/window.css b/admin/CSS/window.css index c92fa93..2ac589e 100644 --- a/admin/CSS/window.css +++ b/admin/CSS/window.css @@ -85,7 +85,8 @@ input[type=submit]:hover { } input[type=text], -input[type=file] { +input[type=file], +input[type=password] { width: 40%; padding: 12px; border: 1px solid #ccc; diff --git a/admin/JS/index.js b/admin/JS/index.js index f7d7bad..5c1eddf 100644 --- a/admin/JS/index.js +++ b/admin/JS/index.js @@ -28,12 +28,12 @@ document.addEventListener("DOMContentLoaded", function() { /*mesage handler*/ document.addEventListener("DOMContentLoaded", function() { - // Zamknij popout po kliknięciu w X + // close poout by X document.getElementById('close-btn')?.addEventListener('click', function() { document.getElementById('overlay').classList.add('hidden'); }); - // Zamknij popout po kliknięciu poza nim + // close popout area around popout document.getElementById('overlay')?.addEventListener('click', function(event) { if (event.target.id === 'overlay') { document.getElementById('overlay').classList.add('hidden'); diff --git a/admin/algo/delate.alg.php b/admin/algo/delate.alg.php index d2d1729..70e0fac 100644 --- a/admin/algo/delate.alg.php +++ b/admin/algo/delate.alg.php @@ -20,8 +20,8 @@ exit('POST request method required'); } -if (isset($_POST['deleteText']) && isset($_POST['id'])) { - if ($_POST['deleteText'] === 'Destroy-article') { +if (/*isset($_POST['deleteText']) &&*/ isset($_POST['id'])) { + /*if ($_POST['deleteText'] === 'Destroy-article') { */ // this will be added in future if (filter_var($_POST['id'], FILTER_VALIDATE_INT)) { $articleId = (int)$_POST['id']; @@ -48,11 +48,11 @@ } else { $_SESSION['message'] = 'Invalid article ID.'; } - } else { + /*} else { $_SESSION['message'] = 'Error in security message. Try again.'; - } + }*/ } else { - $_SESSION['message'] = 'Error. No security message or article ID.'; + $_SESSION['message'] = 'Error. No article ID.'; } $conn->close(); diff --git a/admin/algo/edit.alg.php b/admin/algo/edit.alg.php index 61769f4..79e0fd4 100644 --- a/admin/algo/edit.alg.php +++ b/admin/algo/edit.alg.php @@ -11,6 +11,8 @@ require '../panel.connect.php'; + + try { $conn = @new mysqli($host, $db_user, $db_password, $db_name); @@ -32,7 +34,7 @@ // Validate required fields if (empty($article_id) || empty($NEW_title) || empty($NEW_text)) { $_SESSION['message'] = 'All fields are required'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); $conn->close(); exit(); } @@ -40,7 +42,7 @@ // Check database connection if ($conn->connect_errno != 0) { $_SESSION['message'] = 'Connection to db fail'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); $conn->close(); exit(); } else { @@ -76,35 +78,35 @@ switch ($_FILES["new_photo"]["error"]) { case UPLOAD_ERR_PARTIAL: $_SESSION['message'] = 'File only partially uploaded.'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); exit(); case UPLOAD_ERR_NO_FILE: $_SESSION['message'] = 'No file was uploaded.'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); exit(); case UPLOAD_ERR_EXTENSION: $_SESSION['message'] = 'File upload stopped by a PHP extension.'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); exit(); case UPLOAD_ERR_FORM_SIZE: $_SESSION['message'] = 'File exceeds MAX_FILE_SIZE in the HTML form.'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); exit(); case UPLOAD_ERR_INI_SIZE: $_SESSION['message'] = 'File exceeds upload_max_filesize in php.ini .'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); exit(); case UPLOAD_ERR_NO_TMP_DIR: $_SESSION['message'] = 'Temporary folder not found.'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); exit(); case UPLOAD_ERR_CANT_WRITE: $_SESSION['message'] = 'Failed to write file.'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); exit(); default: $_SESSION['message'] = 'Unknown upload error.'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); exit(); } } @@ -112,7 +114,7 @@ // Check photo size if ($_FILES["new_photo"]["size"] > 1048576) { $_SESSION['message'] = 'File too large (max 1MB).'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); $conn->close(); exit(); } @@ -133,7 +135,7 @@ if (!move_uploaded_file($_FILES["new_photo"]["tmp_name"], $destination)) { $_SESSION['message'] = "Can't move uploaded file."; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); $conn->close(); exit(); } @@ -153,13 +155,13 @@ if ($stmt_update->execute()) { $_SESSION['message'] = 'Article was successfully updated.'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); $stmt_update->close(); $conn->close(); exit(); } else { $_SESSION['message'] = 'Error during updating article.'; - header('Location: ../panel.php?window=edit-article?id='.$article_id); + header('Location: ../panel.php?window=edit-article&id='.$article_id); $stmt_update->close(); $conn->close(); exit(); @@ -167,7 +169,7 @@ } else { $_SESSION['message'] = 'Article with id: '.$article_id.' does not exist'; - header('Location: ../panel.php?window=edit-article?id=0'); + header('Location: ../panel.php?window=edit-article&id=0'); $stmt->close(); $conn->close(); exit(); @@ -176,14 +178,14 @@ } else { $_SESSION['message'] = 'POST table doesn\'t have all data'; - header('Location: panel.php?window=edit-article?id='.$article_id); + header('Location: panel.php?window=edit-article&id='.$article_id); $conn->close(); exit(); } } catch (mysqli_sql_exception $e) { $_SESSION['message'] = 'Database connection error: ' . $e->getMessage(); - header('Location: ../panel.php?window=edit-article?id=0'); + header('Location: ../panel.php?window=edit-article&id=0'); $conn->close(); exit(); diff --git a/admin/algo/new.alg.php b/admin/algo/new.alg.php index 14f1c53..62a4cb0 100644 --- a/admin/algo/new.alg.php +++ b/admin/algo/new.alg.php @@ -104,8 +104,8 @@ while (file_exists($destination)) { $filename = $base . "($i)." . $pathinfo["extension"]; - //$destination = "/Applications/XAMPP/xamppfiles/htdocs/serwer/panel/articles_photos/" . $filename; - $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/" . $filename; + + $destination = "/Applications/XAMPP/xamppfiles/htdocs/server/panel_new/articles_photos/".$filename; $i++; } @@ -134,7 +134,6 @@ $stmt_insert->close(); - #$_SESSION['message'] = 'File uploaded successfully.'; } } else { diff --git a/admin/algo/password.alg.php b/admin/algo/password.alg.php index 0cdc321..d12d93d 100644 --- a/admin/algo/password.alg.php +++ b/admin/algo/password.alg.php @@ -1,4 +1,4 @@ -prepare($sql); if (!$stmt) { - die("Błąd przygotowania zapytania: " . $conn->error); + die("Error during prepearing statement: " . $conn->error); } $stmt->bind_param("si", $password_hash, $ID); @@ -54,8 +53,10 @@ if ($stmt->execute()) { $_SESSION['message'] = 'Password changed successfully.'; header('Location: ../panel.php?window=settings'); + echo $_SERVER['message']; } else { - $_SESSION['message'] = 'Error: something went wrong during updating password.
'. $stmt->error; + $_SESSION['message'] = 'Error: something went wrong during updating password.
'; //$stmt->error; + echo $_SERVER['message']; } $stmt->close(); diff --git a/admin/panel.login.alg.php b/admin/panel.login.alg.php index 3c679a1..94c7bbf 100644 --- a/admin/panel.login.alg.php +++ b/admin/panel.login.alg.php @@ -10,41 +10,38 @@ require_once 'panel.connect.php'; - $conn = @new mysqli($host, $db_user, $db_password, $db_name); if ($conn->connect_errno!=0) { echo "Error: ".$conn->connect_error; -} -else -{ - +} else { + $login = $_POST['login']; $password = $_POST['password']; + $password_hash = password_hash($password, PASSWORD_DEFAULT); + + echo 'hash:'.$password_hash; + $login = htmlentities($login, ENT_QUOTES, "UTF-8"); - $password = htmlentities($password, ENT_QUOTES, "UTF-8"); - if($result = @$conn->query(sprintf("SELECT * FROM admin WHERE login='%s' AND password='%s' ", - mysqli_real_escape_string($conn, $login), - mysqli_real_escape_string($conn, $password) ))) + if($result = @$conn->query(sprintf("SELECT * FROM admin WHERE login='%s' ", mysqli_real_escape_string($conn, $login)))) { $num_adm = $result->num_rows; if($num_adm >0) - { + { + $row = $result->fetch_assoc(); + if (password_verify($password, $row['password'])) { $_SESSION['adminLoged'] = true; - - $row = $result->fetch_assoc(); - + $_SESSION['id'] = $row['id']; $_SESSION['login'] = $row['login']; $_SESSION['password'] = $row['password']; - unset($_SESSION['loginError']); $result->free_result(); @@ -59,25 +56,16 @@ } else { $_SESSION['loginError'] = 'Error! Login or password wrong.'; - header('Location: panel.login.php'); + header('Location: panel.login.php'); } }else{ $_SESSION['loginError'] = 'Error! Login or password wrong.'; - header('Location: panel.login.php'); + header('Location: panel.login.php'); } } $conn->close(); } - -// added for dev -$dev = false; -if($dev == true){ - $_SESSION['adminLoged'] = true; -header('Location: panel.php'); -} - - -exit(); \ No newline at end of file +exit(); diff --git a/admin/panel.login.php b/admin/panel.login.php index 51ae66e..a3afd39 100644 --- a/admin/panel.login.php +++ b/admin/panel.login.php @@ -8,7 +8,6 @@ header('Location: panel.php'); exit(); // nie kończymy imprezy, wychodzimy po angielsku - } // cache control @@ -16,6 +15,15 @@ header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); + +// for dev +define('ENV_DEV', false); +if(ENV_DEV == true){ + $_SESSION['adminLoged'] = true; + header('Location: panel.php'); + exit(); +} + ?> @@ -35,7 +43,7 @@
-
+
diff --git a/admin/panel.php b/admin/panel.php index a5e0d05..dcbbe15 100644 --- a/admin/panel.php +++ b/admin/panel.php @@ -212,7 +212,7 @@ /* ---- POPOUT ---- */ if (isset($_SESSION['message'])) { echo " -

-
- - -
-
-
- - -
+
+
+ +
+ + +
+
+ +
+

-
- - - -
- - -
-
-
- +
+ + +
+ + +
+
+ +
+ +
- From cb986323acd03b2087d94abdd3d9ac56d7abb6d2 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Wed, 12 Feb 2025 16:09:17 +0100 Subject: [PATCH 15/21] Update window.css --- admin/CSS/window.css | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/admin/CSS/window.css b/admin/CSS/window.css index 4a95823..3a69a23 100644 --- a/admin/CSS/window.css +++ b/admin/CSS/window.css @@ -195,6 +195,25 @@ a#showBttn { width: 80px; } +/** fixing forms */ +.form-container { + display: flex; + justify-content: space-between; + align-items: flex-start; + gap: 20px; /* Odstęp między formularzami */ +} + +.form-left { + flex: 1; +} + +.form-right { + flex: 1; + display: flex; + flex-direction: column; + align-items: flex-start; +} + /* === popout message === */ @@ -294,21 +313,3 @@ a#showBttn { .red:hover{ background-color: #b30000; } - -.form-container { - display: flex; - justify-content: space-between; - align-items: flex-start; - gap: 20px; /* Odstęp między formularzami */ -} - -.form-left { - flex: 1; -} - -.form-right { - flex: 1; - display: flex; - flex-direction: column; - align-items: flex-start; -} \ No newline at end of file From 813a61d5af46e253dac26fa8530b5f3aefa41184 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Wed, 12 Feb 2025 17:06:43 +0100 Subject: [PATCH 16/21] Update README.md --- README.md | 53 +++++++++++++++++++++++++++++++++++------------------ 1 file changed, 35 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 44ac901..efe7460 100644 --- a/README.md +++ b/README.md @@ -1,28 +1,45 @@ -# PHP_CMS_for_blog +# **CorelyPHP – PHP CMS for Blogs** -This project is ready to deploy blog webiste with seprate admin panel to manage data. +**CorelyPHP** is a ready-to-deploy blogging platform with a separate admin panel for managing content. -It is written in PHP with MySQL on backend and HTML, CSS and JavaScript on frontend. +This project is built using: +- **Backend:** PHP with MySQL +- **Frontend:** HTML, CSS, JavaScript -All files all devided into 4 groups: +## **Project Structure** -* admin - with all admin side files -* docs - with documentation -* public - with all user side files -* rest - all md files and license - -This way of deviding files allows to not damage backend files while rebuilding fronend. -The only concern is implemetation of PHP functions and HTML code that is deliverd by functions. -But this may be easly fixed specialy that when rebuilding frontend you will want other data so queries may need some improvment or rebuild. +All files are divided into the following sections: -I am still working to make sure this project is 100% secure, responisve, functional, elegant and the possibly the best I can make it. +- **`admin/`** – Contains all admin-side files +- **`docs/`** – Holds documentation +- **`public/`** – Contains user-facing files -Senior Dev probably will tell that few things could be build differnt or better, probably but all things I learned druring building this project will implemented in next one, plus I upgreade codebase all the time when I find easier or better way to write sometinng but I am limited by time. +This structured approach helps prevent backend modifications while rebuilding the frontend. The only challenge is the integration of PHP functions that generate HTML dynamically, but this can be adjusted when refining queries and templates. -## Current version: v1.0.0 +## **Development Status** -This version number means which version should be used. Release version sometimes may just have small patches that are not worth rebuilding to new V. But make sure you read what is changing so you know what is going on. +I am continuously improving **CorelyPHP** to make it: +✔ Secure +✔ Responsive +✔ Fully functional +✔ Elegant +✔ Efficient -## INFO +This project is a work in progress, and while some parts may be improved or rewritten in future updates, it is stable and ready for use. Contributions and feedback are always welcome! -Check SECRUITY.md and CHANGELOG.md for information about versions and other stuff. +A more experienced developer might suggest alternative or optimized approaches. However, every lesson I’ve learned during this project will be applied to future updates and projects. I also refine the codebase whenever I find better solutions, though time constraints may limit immediate improvements. + +## **Project Guidelines & Documentation** + +For more details on the project, check out the following files: + +- 📜 **[LICENSE](LICENSE)** – License terms and conditions +- 🛠 **[CONTRIBUTING.md](CONTRIBUTING.md)** – Guidelines for contributors +- 🚀 **[STYLE_GUIDES.md](STYLE_GUIDES.md)** – Code style and best practices +- 🔄 **[CHANGELOG.md](CHANGELOG.md)** – Version history and updates +- 🔐 **[SECURITY.md](SECURITY.md)** – Security policies and vulnerability reporting +- 🌍 **[CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)** – Community guidelines + +## **Current Version: v1.0.0** + +The versioning system ensures clarity on stable releases. Minor patches may not require immediate updates, but always check the **CHANGELOG.md** for details on new features and fixes. From 8f29ee8b323757fbb44cbf16907464f31642f495 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Wed, 12 Feb 2025 17:10:04 +0100 Subject: [PATCH 17/21] Update STYLE_GUIDES.md --- STYLE_GUIDES.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/STYLE_GUIDES.md b/STYLE_GUIDES.md index 542e300..20864b3 100644 --- a/STYLE_GUIDES.md +++ b/STYLE_GUIDES.md @@ -1,9 +1,11 @@ # Style Guides for PHP CMS for blog -This document outlines the coding and formatting standards to be followed when contributing to [PHP_CMS_for_blog](https://github.com/Dominik-developer/PHP_CMS_for_blog). +This document outlines the coding and formatting standards to be followed when contributing to [CorelyPHP](https://github.com/Dominik-developer/CorelyPHP). This guideline is still in development and probaby will take a while before it will appears here because project is private now on GitHub. +If you nedd help create issue with label 'documentation' and tag Dominik-developer. + --- +..... ### Changed --- +..... ### Fixed --- - -## Newest version: v1.0.0 - -### Addedd in v1.0.0 - -This was first release of this project, first compleate verion still not with all functions i wanted but it was already functional. - -I will keep working on this project. Next version will bring many changes, all of them will be explain here. +..... From 3d30e4593a3fe28f75de0dc3a44e038c8dbdf5a7 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Wed, 12 Feb 2025 17:22:48 +0100 Subject: [PATCH 19/21] Update SECURITY.md --- SECURITY.md | 88 ++++++++++++++++++++++------------------------------- 1 file changed, 37 insertions(+), 51 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 5340198..bb17c44 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,67 +1,53 @@ # Security Policy -‼️ Secruity sugestions should be treated as invalid not as vulnerability. +‼️ Security suggestions should be treated as invalid, not as vulnerabilities. -## Secruity Policy +## Security Policy -* Latest Releases: The newest release, currently version v1.0.0, is the only version receiving active security updates. We strongly recommend using the latest version whenever possible. +* **Latest Releases:** The newest release, currently version v1.0.0, is the only version receiving active security updates. We strongly recommend using the latest version whenever possible. -* Review Changelog for Updates: For minor updates or changes, please refer to the changelog to understand what has been updated or fixed. +* **Review Changelog for Updates:** For minor updates or changes, please refer to the changelog to understand what has been updated or fixed. -* No Backports: Security fixes are applied exclusively to the latest version. Older versions will not receive retroactive patches for vulnerabilities. +* **No Backports:** Security fixes are applied exclusively to the latest version. Older versions will not receive retroactive patches for vulnerabilities. -* Security Risks of Unsupported Versions: Using unsupported versions exposes you to known and unknown vulnerabilities, as they are no longer maintained or updated. +* **Security Risks of Unsupported Versions:** Using unsupported versions exposes you to known and unknown vulnerabilities, as they are no longer maintained or updated. -* Update Regularly: Keeping your software up to date is essential to ensure your system remains secure. +* **Update Regularly:** Keeping your software up to date is essential to ensure your system remains secure. ## Supported Versions - +* All safe and supported versions of our software are marked with a ✅. +* It is highly recommended to use only these versions, as they contain the latest security fixes and improvements. Older, unsupported versions should be avoided, as they may contain vulnerabilities that will not be addressed retroactively. +* New versions that do not introduce security changes will not affect the support status of previous versions. -* All safe and supported versions of our software are marked with a ✅. -* New versions that do not introduce changes in terms of security do not affect the lack of support for previous versions. - - - -| Version | Supported | -| ------- | ------------------ | -| pre release | :negative_squared_cross_mark: | +| Version | Supported | +| ------------- | ------------------ | +| pre-release | :negative_squared_cross_mark: | | v0.1.0-beta | :white_check_mark: | -| v1.0.0 | :white_check_mark: | - - +| v1.0.0 | :white_check_mark: | ## Reporting a Vulnerability - - -‼️ Please report only one vulnerability ot once unless it is really connected. - -To report vulnerability: - -* create issue -* in title write 'Vulnerability' and which part it affects: admin/user/other and how serious it is -* tag me -* add 'Vulnerability' label / bug label or invalid label -* write description: - * short summary - * which part of the repository is affected - * in which version it happend - * how serious it is - * what type of vulnerability it is - * how did you find it/ how it happend -* if you know how to solve the issue please be welcome to propose the solution - * propose solution here in issue or by pull request - * if u decide to create pull request, add note here in pr that this pr fixes this specific issue described here -* publish aaaand done! -* I may comment on your issue so please turn on notifications because I will comment - Thank you for reporting issues and making the project more sefe. - Thankful main developer: Dominik-developer +‼️ Please report only one vulnerability at a time, unless it is genuinely connected to another issue. + +To report a vulnerability: + +* Create an issue. +* In the title, write "Vulnerability" and specify which part it affects (admin/user/other) and how serious it is. +* Tag me in the issue. +* Add the "Vulnerability" label, or a "Bug" label, or an "Invalid" label if it’s not valid. +* Write a detailed description: + * A short summary of the vulnerability. + * Which part of the repository is affected. + * In which version the vulnerability occurs. + * How serious the vulnerability is. + * What type of vulnerability it is (e.g., XSS, SQL injection, etc.). + * How you found the issue and how it happened. +* If you know how to fix the issue, feel free to propose a solution: + * Propose a solution in the issue or via a pull request. + * If submitting a pull request, please note in the PR description that it fixes this specific issue. +* Publish the issue and you’re done! +* I may comment on your issue, so please turn on notifications to stay updated. + +Thank you for reporting issues and helping make the project more secure! +— Main developer: Dominik-developer From 11d48f2b6a95333e5c5d918de01b692f93a9066d Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Wed, 12 Feb 2025 17:29:13 +0100 Subject: [PATCH 20/21] Update CONTRIBUTING.md --- CONTRIBUTING.md | 100 ++++++++---------------------------------------- 1 file changed, 16 insertions(+), 84 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 47bbf68..bd19f44 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,99 +1,31 @@ -# Contributing to PHP_CMS_for_blog +# Contributing to CorelyPHP -First off, thank you for considering contributing to [PHP_CMS_for_blog](https://github.com/Dominik-developer/PHP_CMS_for_blog)! 🎉 Your help is greatly appreciated. +First off, thank you for considering contributing to [CorelyPHP](https://github.com/Dominik-developer/CorelyPHP)! 🎉 Your help is greatly appreciated. ## If you've found a bug, please create an issue following these steps: -1. **Check for duplicates:** Search [existing issues](https://github.com/Dominik-developer/PHP_CMS_for_blog/issues) to ensure it hasn’t been reported. +1. **Check for duplicates:** Search [existing issues](https://github.com/Dominik-developer/CorelyPHP/issues) to ensure it hasn’t been reported. 2. **If it’s a new issue:** - Open a new issue. - - Provide a detailed description of the bug. - - The version of the project you’re using. - - Steps to reproduce it. - - Expected vs. actual behavior. - - Screenshots or logs (if applicable/possible). - - Environment details (e.g., OS, browser). -3. **Remeber to follow** [Style Guides](https://github.com/Dominik-developer/PHP_CMS_for_blog/blob/main/STYLE_GUIDES.md) for this softwere. + - Provide a detailed description of the bug. + - The version of the project you’re using. + - Steps to reproduce it. + - Expected vs. actual behavior. + - Screenshots or logs (if applicable/possible). + - Environment details (e.g., OS, browser). +3. **Remember to follow** [Style Guides](https://github.com/Dominik-developer/CorelyPHP/STYLE_GUIDES.md) for this software. ## How to Suggest a Feature -1. **Search existing suggestions:** Ensure your idea isn’t already suggested in [existing issues](https://github.com/Dominik-developer/PHP_CMS_for_blog/issues). +1. **Search existing suggestions:** Ensure your idea isn’t already suggested in [existing issues](https://github.com/Dominik-developerCorelyPHP/issues). 2. **If it’s a new idea:** - Open a new issue. - - Add clear title and description. - - Explain why the feature is needed and what problem it solves. - - Describe how the feature might work or look. - - Potential implementation ideas. -3. **Remeber to follow** [Style Guides](https://github.com/Dominik-developer/PHP_CMS_for_blog/blob/main/STYLE_GUIDES.md) for this softwere. - - + - Add a clear title and description. + - Explain why the feature is needed and what problem it solves. + - Describe how the feature might work or look. + - Potential implementation ideas. +3. **Remember to follow** [Style Guides](https://github.com/Dominik-developer/CorelyPHP/STYLE_GUIDES.md) for this software. ## Code of Conduct Please read our [Code of Conduct](CODE_OF_CONDUCT.md) to understand the expectations for participation in this project. - - - - - - - - - - From 0a80eaf5ca6662ed314b892cc78495cfbc7de753 Mon Sep 17 00:00:00 2001 From: Dominik <163560221+Dominik-developer@users.noreply.github.com> Date: Wed, 12 Feb 2025 17:51:19 +0100 Subject: [PATCH 21/21] Last update, small fixes --- .github/workflows/php.yml | 14 +++++++++++--- STYLE_GUIDES.md | 2 +- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml index e970dc7..d46d153 100644 --- a/.github/workflows/php.yml +++ b/.github/workflows/php.yml @@ -13,17 +13,25 @@ jobs: runs-on: ubuntu-latest steps: - # 1. Pobierz kod z repozytorium + # 1. Fetch code from the repository - name: Checkout code uses: actions/checkout@v3 - # 2. Instalacja PHP + # 2. Set up PHP - name: Setup PHP uses: shivammathur/setup-php@v2 with: php-version: '8.1' - # 3. Sprawdzenie składni PHP + # 3. Check PHP syntax in all files - name: Lint PHP files run: | find . -name "*.php" -not -path "./vendor/*" -exec php -l {} \; + + # 4. (Optional) Install Composer dependencies - useful if you add dependencies in the future + # - name: Install dependencies + # run: composer install --no-progress --no-suggest + + # 5. (Optional) Run unit tests - for example, PHPUnit + # - name: Run tests + # run: vendor/bin/phpunit diff --git a/STYLE_GUIDES.md b/STYLE_GUIDES.md index 20864b3..2f2ed83 100644 --- a/STYLE_GUIDES.md +++ b/STYLE_GUIDES.md @@ -1,4 +1,4 @@ -# Style Guides for PHP CMS for blog +# Style Guides for CorelyPHP This document outlines the coding and formatting standards to be followed when contributing to [CorelyPHP](https://github.com/Dominik-developer/CorelyPHP).