From d3f06ef7ce62a632c3f3323f1877729b5be8aca6 Mon Sep 17 00:00:00 2001
From: ilotterytea <iltsu@alright.party>
Date: Mon, 18 Aug 2025 11:21:23 +0500
Subject: feat: alerts

---
 lib/alert.php | 43 +++++++++++++++++++++++++++++++++++++++++++
 login.php     | 11 +++++++----
 register.php  | 14 ++++++++------
 3 files changed, 58 insertions(+), 10 deletions(-)
 create mode 100644 lib/alert.php

diff --git a/lib/alert.php b/lib/alert.php
new file mode 100644
index 0000000..c481018
--- /dev/null
+++ b/lib/alert.php
@@ -0,0 +1,43 @@
+<?php
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php';
+
+function create_alert(string $redirect, int $code, string|null $message, mixed $data)
+{
+    if (IS_JSON_REQUEST) {
+        return json_response($code, $message, $data);
+    } else {
+        http_response_code($code);
+        $loc = "Location: $redirect";
+        if ($message) {
+            $loc .= "?e=$code%20$message";
+        }
+        header($loc);
+        return "$code $message";
+    }
+}
+
+function display_alert()
+{
+    if (!isset($_GET['e']) || empty(trim($_GET['e']))) {
+        return;
+    }
+
+    $message = $_GET['e'];
+    $parts = explode(' ', $message, 2);
+
+    $code = intval($parts[0]);
+
+    if (count($parts) > 1) {
+        $reason = $parts[1];
+    }
+
+    if (isset($reason)) {
+        echo '<div class="alert';
+        if ($code > 299) {
+            echo ' red';
+        }
+        echo '">';
+        echo "<p>$reason</p>";
+        echo '</div>';
+    }
+}
\ No newline at end of file
diff --git a/login.php b/login.php
index 095fe6e..76102e5 100644
--- a/login.php
+++ b/login.php
@@ -2,13 +2,14 @@
 include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/partials.php';
 include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php';
 include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/alert.php';
 
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
     $username = $_POST['username'] ?? null;
     $password = $_POST['password'] ?? null;
 
     if (!isset($username, $password)) {
-        exit(json_response(400, 'Username and password must be sent!', null));
+        exit(create_alert('/login.php', 400, 'Username and password must be sent!', null));
     }
 
     $db = new PDO(DB_URL, DB_USER, DB_PASS);
@@ -18,16 +19,16 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
     $user = $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
 
     if (!$user) {
-        exit(json_response(401, 'Incorrect username or password.', null));
+        exit(create_alert('/login.php', 401, 'Incorrect username or password.', null));
     }
 
     if (!password_verify($password, $user['password'])) {
-        exit(json_response(401, 'Incorrect username or password.', null));
+        exit(create_alert('/login.php', 401, 'Incorrect username or password.', null));
     }
 
     $_SESSION['user'] = $user;
 
-    exit(json_response(200, null, $user));
+    exit(create_alert('/', 200, null, $user));
 }
 ?>
 <!DOCTYPE html>
@@ -42,6 +43,8 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
     <main>
         <?php html_navbar(); ?>
 
+        <?php display_alert(); ?>
+
         <form action="/login.php" method="post" class="column gap-16">
             <h1>Log in to your ilt.su account</h1>
 
diff --git a/register.php b/register.php
index 0771788..8892679 100644
--- a/register.php
+++ b/register.php
@@ -2,29 +2,30 @@
 include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/partials.php';
 include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/utils.php';
 include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/alert.php';
 
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
     $username = $_POST['username'] ?? null;
     $password = $_POST['password'] ?? null;
 
     if (!isset($username, $password)) {
-        exit(json_response(400, 'Username and password must be sent!', null));
+        exit(create_alert('/register.php', 400, 'Username and password must be sent!', null));
     }
 
     $username = trim($username);
 
     if (!preg_match('/^[a-zA-Z0-9_]+$/', $username)) {
-        exit(json_response(400, 'Your username must contain only letters and numbers!', null));
+        exit(create_alert('/register.php', 400, 'Your username must contain only letters and numbers!', null));
     }
 
     $username_len = strlen($username);
 
     if ($username_len < 4 || $username_len > 20) {
-        exit(json_response(400, 'Your username must be between 4 and 20 characters long', null));
+        exit(create_alert('/register.php', 400, 'Your username must be between 4 and 20 characters long', null));
     }
 
     if (strlen($password) < 8) {
-        exit(json_response(400, 'Your password must be at least 8 characters long', null));
+        exit(create_alert('/register.php', 400, 'Your password must be at least 8 characters long', null));
     }
 
     $db = new PDO(DB_URL, DB_USER, DB_PASS);
@@ -33,7 +34,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
     $stmt = $db->prepare('SELECT id FROM users WHERE username = ?');
     $stmt->execute([$username]);
     if ($stmt->rowCount() > 0) {
-        exit(json_response(409, 'This username has been taken.', null));
+        exit(create_alert('/register.php', 409, 'This username has been taken.', null));
     }
 
     $userid = 0;
@@ -51,7 +52,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
     $stmt->execute([$userid]);
     $user = $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
 
-    exit(json_response(200, null, $user));
+    exit(create_alert('/login.php', 200, 'Registered! Now log in to your account.', $user));
 }
 ?>
 <!DOCTYPE html>
@@ -65,6 +66,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 <body>
     <main>
         <?php html_navbar(); ?>
+        <?php display_alert(); ?>
 
         <form action="/register.php" method="post" class="column gap-16">
             <h1>Register new ilt.su account</h1>
-- 
cgit v1.2.3