eurofurence/conbook-artist-credits
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: eurofurence:026aea638fc552af75b5500c170f52db21365985
Branches Tags
eurofurence:main
...
compare: eurofurence:b3381897135bdb35e7f76adb129905db45f799f0
Branches Tags
eurofurence:main

3 Commits
026aea638f ... b338189713

Author SHA1 Message Date
draconigen
b338189713 feat: add overview page 2025-03-06 00:34:48 +01:00
draconigen
824fe614a4 fix: 🐛 prevent use gallery upload as avatar 2025-03-06 00:33:44 +01:00
draconigen
8e7299751e perf: 🔒 allow only numeric ids 2025-03-06 00:32:55 +01:00
3 changed files with 146 additions and 7 deletions
Show Stats Expand all files Collapse all files

7
css/style.css
View File

@ -18,6 +18,7 @@ header, main, footer {
section {
border: 1px solid #666;
overflow: hidden;
padding: 15px;
margin: 10px 0;
}
@ -25,10 +26,16 @@ section {
height: calc(100% - 75px);
}
.muted,
#bookmark {
background-color: #333;
}
.muted:hover {
cursor: pointer;
background-color: #335;
}
#img {
z-index: -1;
position: absolute;

10
index.php
View File

@ -4,13 +4,19 @@ include_once('src/storage.php');
include_once('src/telegram.php');
if (empty($_GET['id'])) {
$newId = bin2hex(random_bytes(16));
$newId = time() . rand(1000, 9999);
header("Location: ?id=$newId");
exit;
}
$id = htmlspecialchars($_GET['id']);
if (!is_numeric($id)) {
$newId = time() . rand(1000, 9999);
header("Location: ?id=$newId");
exit;
}
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
$bookmark = $protocol . '://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
@ -75,6 +81,7 @@ if ($_SERVER["REQUEST_METHOD"] === 'POST' && isset($_GET['upload'])) {
// Move uploaded file to the target directory
if (move_uploaded_file($file["tmp_name"][0], $targetDir . $fileName)) {
if ($upload === 'avatar') {
$data['img'] = $targetDir . $fileName;
try {
Storage::set($id, $data);
@ -82,6 +89,7 @@ if ($_SERVER["REQUEST_METHOD"] === 'POST' && isset($_GET['upload'])) {
catch(Exception $ex) {
exit("❌ Database error.");
}
}
http_response_code(200);
exit(($upload === 'avatar'? $targetDir : '') . $fileName);

124
overview.php Normal file
View File

@ -0,0 +1,124 @@
<?php declare(strict_types=1);
include_once('src/storage.php');
// if (!isset($_GET['token']) || $_GET['token'] !== '*****') {
// exit("invalid access token");
// }
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
$bookmark = $protocol . '://' . $_SERVER['SERVER_NAME'] . dirname($_SERVER['PHP_SELF']);
try {
$entries = Storage::getAll($id);
}
catch(Exception $ex) {
exit($ex);
}
?>
<!DOCTYPE html>
<html prefix="og: http://ogp.me/ns#" lang="en">
<head>
<title>Artist Credits</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="description" content="Overview" />
<meta name="keywords" content="eurofurence, Conbook, artist credits" />
<meta name="robots" content="index, follow, noodp" />
<meta name="author" content="The Eurofurence Conbook Team" />
<meta name="rating" content="general" />
<link rel="shortcut icon" href="favicon.png">
<meta property="og:image" content="img/ogp.jpg" />
<meta property="og:image:secure_url" content="img/ogp.jpg" />
<meta property="og:image:type" content="image/jpeg" />
<meta property="og:image:width" content="344" />
<meta property="og:image:height" content="247" />
<meta property="og:image:alt" content="Conbook Art Credits" />
<meta property="og:title" content="Conbook Art Credits" />
<meta property="og:description" content="Overview" />
<meta property="og:type" content="website" />
<meta property="og:url" content="https://dogpixels.net/ef/conbook-artist-credits" />
<meta property="og:site_name" content="Conbook Art Credits" />
<meta name="twitter:card" content="summary_large_image" />
<meta name="twitter:title" content="Conbook Art Credits" />
<meta name="twitter:description" content="Overview" />
<meta name="twitter:image" content="img/ogp.jpg" />
<link rel="stylesheet" href="css/uikit.min.css" type="text/css" />
<link rel="stylesheet" href="css/style.css" type="text/css" />
<script src="js/uikit.min.js"></script>
<script src="js/uikit-icons.min.js"></script>
</head>
<body>
<header>
<h1>Conbook Artist Credit</h1>
</header>
<main>
<div class="uk-margin-bottom uk-grid-small uk-grid-match uk-child-width-1-1 uk-child-width-1-2@m" uk-grid>
<?php $i = 0;
foreach ($entries as $id => $data) { ?>
<div>
<section>
<?= "<h3><a href=\"$bookmark?id=$id\">$id</a></h3>" ?>
<div class="uk-margin">
<strong>Name:</strong>
<input type="text" id="e_<?= $i ?>_n" class="muted jscopy uk-input" value="<?= $data['name'] ?>" />
</div>
<div class="uk-margin">
<strong>Text:</strong>
<textarea id="e_<?= $i ?>_t" class="muted jscopy uk-textarea"><?= $data['desc'] ?></textarea>
</div>
<div class="uk-margin">
<strong>Image:</strong>
<?= $data['img']? "<a href=\"" . $data['img'] . "\">" . basename($data['img']) . "</a>" : "<span class=\"uk-label uk-label-danger\">NO IMAGE</span>" ?>
</div>
<div>
<strong>Contributions:</strong>
<ul>
<?php
$j = 0;
if (file_exists("uppies/$id/gallery")) {
foreach(scandir("uppies/$id/gallery") as $g) {
if (in_array($g, ['.', '..', '.thumbs', '.DS_Store']))
continue;
echo "<li><a href=\"uppies/$id/gallery/$g\">$g</a></li>";
$j++;
}
}
if ($j === 0) echo "<li class=\"uk-label uk-label-danger\">NO FILES</li>";
?>
</ul>
</div>
</section>
</div>
<?php $i++; } ?>
</div>
</main>
<footer>
<hr />
<p>If you need assistance, please contact <a href="https://t.me/draconigen" target="_blank">@draconigen</a>.</p>
</footer>
<script>
document.querySelectorAll('.jscopy').forEach(element => {
element.addEventListener('click', (e) => {
e.target.setSelectionRange(0, e.target.value.length);
navigator.clipboard.writeText(e.target.value);
e.target.style.backgroundColor = "#335";
e.target.blur();
});
});
</script>
</body>
</html>