From 29477e67ede12347b153e2255325327374e1b073 Mon Sep 17 00:00:00 2001 From: ilotterytea Date: Tue, 9 Dec 2025 01:43:12 +0500 Subject: feat: new configuration --- .gitignore | 2 +- 404.php | 2 +- README.md | 9 +- account/change_emoteset.php | 2 +- account/delete.php | 2 +- account/index.php | 24 +- account/login/index.php | 14 +- account/login/twitch.php | 14 +- account/register.php | 25 +- account/security.php | 6 +- badges.php | 2 +- captcha.php | 6 +- database.sql | 3 +- emotes/delete.php | 2 +- emotes/index.php | 16 +- emotes/rate.php | 4 +- emotes/setmanip.php | 10 +- emotes/upload.php | 596 ++++++++++++++++++++++---------------------- emotesets.php | 6 +- inbox.php | 4 +- index.php | 18 +- lib/accounts.php | 2 +- lib/config.php | 113 +++++++++ lib/config.sample.php | 74 ------ lib/partials.php | 16 +- report/index.php | 7 +- report/list.php | 6 +- report/send.php | 4 +- rules.php | 4 +- software.php | 2 +- system/config.php | 430 ++++++++++++++++++++++++++++++++ system/emotes/index.php | 10 +- system/emotes/verdict.php | 4 +- system/index.php | 10 +- users.php | 10 +- 35 files changed, 968 insertions(+), 491 deletions(-) create mode 100644 lib/config.php delete mode 100644 lib/config.sample.php create mode 100644 system/config.php diff --git a/.gitignore b/.gitignore index 6d1f0c2..6cd98bb 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ /.vscode userdata/ *.db -config.php +config.json custom_static/ captcha/ \ No newline at end of file diff --git a/404.php b/404.php index 8a74291..e380a70 100644 --- a/404.php +++ b/404.php @@ -15,7 +15,7 @@ $reason = str_safe($_GET["error_reason"] ?? "Not found", 200); - (Error) <?php echo sprintf("%s - %s", $reason, INSTANCE_NAME) ?> + (Error) <?php echo sprintf("%s - %s", $reason, CONFIG['instance']['name']) ?> diff --git a/README.md b/README.md index 7650409..ed1927e 100644 --- a/README.md +++ b/README.md @@ -38,11 +38,10 @@ The main goal of the project is to replicate full functionality of other emote p ### Step-by-step 1. Clone the repository. -2. Import `database.sql` to your database. -3. Copy `src/config.sample.php` to `src/config.php` and set it up. -4. Use reverse proxy *(Nginx, Apache, etc.)* for the project. See [configuration examples](#reverse-proxy-configurations). -5. ??? -6. Profit! It should work. +2. Use reverse proxy *(Nginx, Apache, etc.)* for the project. See [configuration examples](#reverse-proxy-configurations). +3. Go to `/` (or `/system/config.php`) in your browser to configure the instance. +4. ??? +5. Profit! It should work. ### Reverse proxy configurations diff --git a/account/change_emoteset.php b/account/change_emoteset.php index 2452b23..2094b22 100644 --- a/account/change_emoteset.php +++ b/account/change_emoteset.php @@ -21,7 +21,7 @@ if (!isset($_POST["id"])) { $emote_set_id = $_POST["id"]; $user_id = $_SESSION["user_id"]; -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $stmt = $db->prepare("SELECT id FROM acquired_emote_sets WHERE emote_set_id = ? AND user_id = ?"); $stmt->execute([$emote_set_id, $user_id]); diff --git a/account/delete.php b/account/delete.php index 34570a9..0a0bbb6 100644 --- a/account/delete.php +++ b/account/delete.php @@ -9,7 +9,7 @@ if (!isset($_SESSION["user_id"])) { exit; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $id = $_SESSION["user_id"]; diff --git a/account/index.php b/account/index.php index 665087a..bb4bff6 100644 --- a/account/index.php +++ b/account/index.php @@ -13,13 +13,13 @@ if (!isset($_SESSION["user_id"], $_SESSION["user_name"])) { exit; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); if ($_SERVER['REQUEST_METHOD'] == "POST") { - $username = str_safe($_POST["username"] ?? "", ACCOUNT_USERNAME_LENGTH[1]); + $username = str_safe($_POST["username"] ?? "", CONFIG['account']['maxusernamelength']); if (!empty($username) && $username != $_SESSION["user_name"]) { - if (!preg_match(ACCOUNT_USERNAME_REGEX, $username)) { + if (!preg_match(CONFIG['account']['regex'], $username)) { generate_alert("/account", "Bad username"); exit; } @@ -43,8 +43,8 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $err = create_image_bundle( $pfp["tmp_name"], $_SERVER["DOCUMENT_ROOT"] . "/static/userdata/avatars/" . $_SESSION["user_id"], - ACCOUNT_PFP_MAX_SIZE[0], - ACCOUNT_PFP_MAX_SIZE[1], + CONFIG['account']['pfpsizex'], + CONFIG['account']['pfpsizey'], true, true ) @@ -61,8 +61,8 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $err = create_image_bundle( $banner["tmp_name"], $_SERVER["DOCUMENT_ROOT"] . "/static/userdata/banners/" . $_SESSION["user_id"], - ACCOUNT_BANNER_MAX_SIZE[0], - ACCOUNT_BANNER_MAX_SIZE[1], + CONFIG['account']['bannersizex'], + CONFIG['account']['bannersizey'], true, true ) @@ -79,8 +79,8 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $err = create_image_bundle( $badge["tmp_name"], $_SERVER["DOCUMENT_ROOT"] . "/static/userdata/badges/" . $badge_id, - ACCOUNT_BADGE_MAX_SIZE[0], - ACCOUNT_BADGE_MAX_SIZE[1], + CONFIG['account']['badgesizex'], + CONFIG['account']['badgesizey'], true, true ) @@ -104,7 +104,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { - Account management - <?php echo INSTANCE_NAME ?> + Account management - <?php echo CONFIG['instance']['name'] ?> @@ -293,9 +293,9 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { let validUsername = ""; username.addEventListener("input", (e) => { - const regex = ; + const regex = ; - if (regex.test(e.target.value) && e.target.value.length <= ) { + if (regex.test(e.target.value) && e.target.value.length <= ) { validUsername = e.target.value; } else { e.target.value = validUsername; diff --git a/account/login/index.php b/account/login/index.php index 7aef703..b4223f2 100644 --- a/account/login/index.php +++ b/account/login/index.php @@ -21,13 +21,13 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $password = $_POST["password"]; $remember = intval($_POST["remember"] ?? "0") != 0; - $db = new PDO(DB_URL, DB_USER, DB_PASS); + $db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $stmt = $db->prepare("SELECT secret_key, password FROM users WHERE username = ? AND password IS NOT NULL"); $stmt->execute([$username]); if ($row = $stmt->fetch()) { if (password_verify($password, $row["password"])) { - setcookie("secret_key", $row["secret_key"], $remember ? (time() + ACCOUNT_COOKIE_MAX_LIFETIME) : 0, "/"); + setcookie("secret_key", $row["secret_key"], $remember ? (time() + CONFIG['account']['maxcookielifetime']) : 0, "/"); header("Location: /account"); exit; } else { @@ -44,7 +44,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { - Login - <?php echo INSTANCE_NAME ?> + Login - <?php echo CONFIG['instance']['name'] ?> @@ -57,7 +57,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {

- + Register

@@ -83,11 +83,11 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {

- +

Logging in via Twitch gives you the ability to use - emotes in your Twitch chat. + emotes in your Twitch chat.

diff --git a/account/login/twitch.php b/account/login/twitch.php index 23f4ea5..5e61c33 100644 --- a/account/login/twitch.php +++ b/account/login/twitch.php @@ -3,14 +3,14 @@ include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/config.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php"; -if (!TWITCH_REGISTRATION_ENABLE) { +if (!CONFIG['twitch']['registration']) { generate_alert("/404.php", "Registration via Twitch is disabled", 405); exit; } session_start(); -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); if (isset($_GET["disconnect"], $_SESSION["user_id"])) { $stmt = $db->prepare("SELECT c.id, @@ -37,9 +37,9 @@ if (isset($_GET["disconnect"], $_SESSION["user_id"])) { exit; } -$client_id = TWITCH_CLIENT_ID; -$client_secret = TWITCH_SECRET_KEY; -$redirect_uri = TWITCH_REDIRECT_URI; +$client_id = CONFIG['twitch']['clientid']; +$client_secret = CONFIG['twitch']['clientsecret']; +$redirect_uri = CONFIG['twitch']['redirecturi']; if (isset($_GET["error"])) { header("Location: /account/login"); @@ -113,7 +113,7 @@ $user_name = ""; if ($row = $stmt->fetch()) { if (isset($_SESSION["user_id"]) && $_SESSION["user_id"] != $row["id"]) { - generate_alert("/account", "There is another " . INSTANCE_NAME . " account associated with that Twitch account", 409); + generate_alert("/account", "There is another " . CONFIG['instance']['name'] . " account associated with that Twitch account", 409); exit; } @@ -168,7 +168,7 @@ if ($row = $stmt->fetch()) { $_SESSION["user_id"] = $user_id; $_SESSION["user_name"] = $user_name; -setcookie("secret_key", $user_secret_key, time() + ACCOUNT_COOKIE_MAX_LIFETIME, "/"); +setcookie("secret_key", $user_secret_key, time() + CONFIG['account']['maxcookielifetime'], "/"); $db = null; diff --git a/account/register.php b/account/register.php index 76dc27c..59ea886 100644 --- a/account/register.php +++ b/account/register.php @@ -7,7 +7,7 @@ if (authorize_user()) { exit; } -if (!ACCOUNT_REGISTRATION_ENABLE) { +if (!CONFIG['account']['registration']) { generate_alert("/404.php", "Account registration is disabled", 403); exit; } @@ -24,23 +24,23 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $username = $_POST["username"]; $username_length = strlen($username); - if (ACCOUNT_USERNAME_LENGTH[0] > $username_length || $username_length > ACCOUNT_USERNAME_LENGTH[1]) { - generate_alert("/account/register.php", sprintf("Username must be between %d-%d characters long", ACCOUNT_USERNAME_LENGTH[0], ACCOUNT_USERNAME_LENGTH[1])); + if (CONFIG['account']['minusernamelength'] > $username_length || $username_length > CONFIG['account']['maxusernamelength']) { + generate_alert("/account/register.php", sprintf("Username must be between %d-%d characters long", CONFIG['account']['minusernamelength'], CONFIG['account']['maxusernamelength'])); exit; } - if (!preg_match(ACCOUNT_USERNAME_REGEX, $username)) { + if (!preg_match(CONFIG['account']['regex'], $username)) { generate_alert("/account/register.php", "Bad username"); exit; } $password = $_POST["password"]; - if (ACCOUNT_PASSWORD_MIN_LENGTH > strlen($password)) { - generate_alert("/account/register.php", "Password must be at least " . ACCOUNT_PASSWORD_MIN_LENGTH . " characters"); + if (CONFIG['account']['minpasswordlength'] > strlen($password)) { + generate_alert("/account/register.php", "Password must be at least " . CONFIG['account']['minpasswordlength'] . " characters"); exit; } - $db = new PDO(DB_URL, DB_USER, DB_PASS); + $db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $stmt = $db->prepare("SELECT id FROM users WHERE username = ?"); $stmt->execute([$username]); @@ -50,7 +50,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { exit; } - $secret_key = generate_random_string(ACCOUNT_SECRET_KEY_LENGTH); + $secret_key = generate_random_string(CONFIG['account']['secretkeylength']); $password = password_hash($password, PASSWORD_DEFAULT); $id = bin2hex(random_bytes(16)); @@ -58,7 +58,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $stmt = $db->prepare("INSERT INTO users(id, username, password, secret_key) VALUES (?, ?, ?, ?)"); $stmt->execute([$id, $username, $password, $secret_key]); - setcookie("secret_key", $secret_key, time() + ACCOUNT_COOKIE_MAX_LIFETIME, "/"); + setcookie("secret_key", $secret_key, time() + CONFIG['account']['maxcookielifetime'], "/"); header("Location: /account"); exit; } @@ -67,7 +67,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { - Register an account - <?php echo INSTANCE_NAME ?> + Register an account - <?php echo CONFIG['instance']['name'] ?> @@ -81,7 +81,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {

@@ -98,7 +98,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {

- Since doesn't require email and password reset via email is + Since doesn't require email and password reset via + email is not supported, please remember your passwords!

diff --git a/account/security.php b/account/security.php index a0210b5..11738dc 100644 --- a/account/security.php +++ b/account/security.php @@ -10,7 +10,7 @@ if ($_SERVER["REQUEST_METHOD"] != "POST" || !authorize_user(true)) { exit; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $stmt = $db->prepare("SELECT * FROM users WHERE id = ?"); $stmt->execute([$_SESSION["user_id"]]); @@ -25,8 +25,8 @@ if ($user["password"] != null && !password_verify($current_password, $user["pass if (!empty($_POST["password-new"])) { $password = $_POST["password-new"]; - if (ACCOUNT_PASSWORD_MIN_LENGTH > strlen($password)) { - generate_alert("/account", "Your password must be at least " . ACCOUNT_PASSWORD_MIN_LENGTH . " characters"); + if (CONFIG['account']['minpasswordlength'] > strlen($password)) { + generate_alert("/account", "Your password must be at least " . CONFIG['account']['minpasswordlength'] . " characters"); exit; } diff --git a/badges.php b/badges.php index c4cfedb..57475ba 100644 --- a/badges.php +++ b/badges.php @@ -3,7 +3,7 @@ include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/config.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/user.php"; -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $stmt = $db->prepare("SELECT u.id, u.username, diff --git a/captcha.php b/captcha.php index 0b85bf8..3629cd0 100644 --- a/captcha.php +++ b/captcha.php @@ -26,7 +26,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["answer"])) { $file_folder = $_SERVER["DOCUMENT_ROOT"] . '/static/img/captcha'; -if (!CAPTCHA_ENABLE || ($_SESSION["captcha_solved"] ?? false) || !is_dir($file_folder)) { +if (!CONFIG['captcha']['enable'] || ($_SESSION["captcha_solved"] ?? false) || !is_dir($file_folder)) { $_SESSION["captcha_solved"] = true; echo json_response([ "status_code" => 200, @@ -45,8 +45,8 @@ $filename = basename($filename, ".png"); $_SESSION["captcha_word"] = $filename; $image = generate_image_captcha( - CAPTCHA_SIZE[0], - CAPTCHA_SIZE[1], + CONFIG['captcha']['x'], + CONFIG['captcha']['y'], random_int(1, 3), $filename, $file_folder diff --git a/database.sql b/database.sql index f1aca05..587a1d7 100644 --- a/database.sql +++ b/database.sql @@ -122,7 +122,8 @@ CREATE TABLE IF NOT EXISTS roles ( permission_approve_emotes BOOLEAN NOT NULL DEFAULT false, permission_useredit_own BOOLEAN NOT NULL DEFAULT true, permission_useredit_all BOOLEAN NOT NULL DEFAULT false, - permission_modsystem BOOLEAN NOT NULL DEFAULT false + permission_modsystem BOOLEAN NOT NULL DEFAULT false, + permission_admin BOOLEAN NOT NULL DEFAULT false ); CREATE TABLE IF NOT EXISTS role_assigns( diff --git a/emotes/delete.php b/emotes/delete.php index 159e293..03b6dec 100644 --- a/emotes/delete.php +++ b/emotes/delete.php @@ -16,7 +16,7 @@ if (!isset($_POST["id"])) { $emote_id = $_POST["id"]; $user_id = $_SESSION["user_id"]; -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $stmt = $db->prepare("SELECT uploaded_by, code FROM emotes WHERE id = ?"); $stmt->execute([$emote_id]); diff --git a/emotes/index.php b/emotes/index.php index 80a8c1d..3999d8e 100644 --- a/emotes/index.php +++ b/emotes/index.php @@ -8,7 +8,7 @@ include "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php"; authorize_user(); -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $user_id = $_SESSION["user_id"] ?? ""; @@ -126,7 +126,7 @@ if (CLIENT_REQUIRES_JSON) { <?php - echo ($emote != null ? "Emote " . $emote->get_code() : "Emotes") . ' - ' . INSTANCE_NAME + echo ($emote != null ? "Emote " . $emote->get_code() : "Emotes") . ' - ' . CONFIG['instance']['name'] ?> @@ -302,9 +302,9 @@ if (CLIENT_REQUIRES_JSON) { if ($row = $stmt->fetch()) { echo 'You gave

'; + echo 'title="' . CONFIG['rating']['names'][$row["rate"]] . '">'; } else { - foreach (RATING_NAMES as $key => $value) { + foreach (CONFIG['rating']['names'] as $key => $value) { echo '

'; echo ''; echo ""; @@ -316,7 +316,7 @@ if (CLIENT_REQUIRES_JSON) { } } } - if (REPORTS_ENABLE && $_SESSION["user_role"]["permission_report"]) { + if (CONFIG['reports']['enable'] && $_SESSION["user_role"]["permission_report"]) { echo "Report emote"; } } @@ -348,7 +348,7 @@ if (CLIENT_REQUIRES_JSON) { Uploader '; } - if (RATING_ENABLE): ?> + if (CONFIG['rating']['enable']): ?> Rating get_rating()["total"] < RATING_EMOTE_MIN_VOTES) { + if ($emote->get_rating()["total"] < CONFIG['rating']['minvotes']) { echo 'Not rated (' . $emote->get_rating()["total"] . ')'; } else { diff --git a/emotes/rate.php b/emotes/rate.php index fbea404..2e862f9 100644 --- a/emotes/rate.php +++ b/emotes/rate.php @@ -4,7 +4,7 @@ include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/config.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/accounts.php"; -if (!RATING_ENABLE) { +if (!CONFIG['rating']['enable']) { generate_alert("/404.php", "Emote ratings are disabled", 403); exit; } @@ -26,7 +26,7 @@ if ($id == 0 || $rate == 0) { exit; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); // checking if emote exists $stmt = $db->prepare("SELECT id FROM emotes WHERE id = ?"); diff --git a/emotes/setmanip.php b/emotes/setmanip.php index cf8add6..d6a5f4f 100644 --- a/emotes/setmanip.php +++ b/emotes/setmanip.php @@ -18,7 +18,7 @@ if (!isset($_POST["id"], $_POST["action"], $_POST["emote_set_id"])) { exit; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); // checking emote $emote_id = $_POST["id"]; @@ -62,7 +62,7 @@ switch ($action) { $stmt = $db->prepare("INSERT INTO emote_set_contents(emote_set_id, emote_id, added_by) VALUES (?, ?, ?)"); $stmt->execute([$emote_set_id, $emote_id, $user_id]); - if (ACCOUNT_LOG_ACTIONS) { + if (CONFIG['account']['log']) { $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)") ->execute([$user_id, "EMOTESET_ADD", json_encode($payload)]); } @@ -82,7 +82,7 @@ switch ($action) { exit; } - if (ACCOUNT_LOG_ACTIONS) { + if (CONFIG['account']['log']) { $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)") ->execute([$user_id, "EMOTESET_REMOVE", json_encode($payload)]); } @@ -98,7 +98,7 @@ switch ($action) { exit; } - $value = str_safe($_POST["value"], EMOTE_NAME_MAX_LENGTH); + $value = str_safe($_POST["value"], CONFIG['emote']['maxnamelength']); $stmt = $db->prepare("SELECT esc.code AS alias_code, e.code FROM emote_set_contents esc INNER JOIN emotes e ON e.id = esc.emote_id @@ -121,7 +121,7 @@ switch ($action) { $stmt = $db->prepare("UPDATE emote_set_contents SET code = ? WHERE emote_set_id = ? AND emote_id = ?"); $stmt->execute([$value, $emote_set_id, $emote_id]); - if (ACCOUNT_LOG_ACTIONS) { + if (CONFIG['account']['log']) { $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)") ->execute([$user_id, "EMOTESET_ALIAS", json_encode($payload)]); } diff --git a/emotes/upload.php b/emotes/upload.php index 01ae1ee..e509345 100644 --- a/emotes/upload.php +++ b/emotes/upload.php @@ -4,27 +4,27 @@ include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/config.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/captcha.php"; -if (!EMOTE_UPLOAD) { +if (!CONFIG['emote']['upload']) { generate_alert("/404.php", "Emote upload is disabled", 403); exit; } authorize_user(); -if (!ANONYMOUS_UPLOAD && isset($_SESSION["user_role"]) && !$_SESSION["user_role"]["permission_upload"]) { +if (!CONFIG['anonymous']['upload'] && isset($_SESSION["user_role"]) && !$_SESSION["user_role"]["permission_upload"]) { generate_alert("/404.php", "Not enough permissions", 403); exit; } $uploaded_by = null; -$uploader_name = ANONYMOUS_DEFAULT_NAME; +$uploader_name = CONFIG['anonymous']['defaultname']; if (isset($_SESSION["user_role"]) && $_SESSION["user_role"]["permission_upload"]) { $uploaded_by = $_SESSION["user_id"] ?? null; - $uploader_name = $_SESSION["user_name"] ?? ANONYMOUS_DEFAULT_NAME; + $uploader_name = $_SESSION["user_name"] ?? CONFIG['anonymous']['defaultname']; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); function abort_upload(string $path, PDO $db, string $id) { @@ -39,152 +39,152 @@ function abort_upload(string $path, PDO $db, string $id) include "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php"; include "{$_SERVER['DOCUMENT_ROOT']}/lib/images.php"; -$max_width = EMOTE_MAX_SIZE[0]; -$max_height = EMOTE_MAX_SIZE[1]; +$max_width = CONFIG['emote']['maxsizex']; +$max_height = CONFIG['emote']['maxsizey']; if ($_SERVER['REQUEST_METHOD'] != "POST") { include "{$_SERVER['DOCUMENT_ROOT']}/lib/partials.php"; echo '' ?> - - - - Upload an emote - <?php echo INSTANCE_NAME ?> - - - - - -

- - - -

- Upload a new emote -

You can just upload, btw. Anything you want.

- -

Image*

- - - - - -

- Manual resize - -

- -

Emote name*

- - -

- Emote visibility: -
-

test

+ + + + Upload an emote - <?php echo CONFIG['instance']['name'] ?> + + + + + +

+ + + +

+ Upload a new emote +

You can just upload, btw. Anything you want.

- - Approval notes - - - - - - - - - - - - - -

Emote source:	-
Tags [?]: -

- -

- Do you accept the - rules?* - +

+ +

Image*

+ + + + + +

+ Manual resize + +

+ +

Emote name*

+ + +

+ Emote visibility: +
+

test

+ + Approval notes + + + + + + + + + + + + + +

Emote source:	+
Tags [?]: +

+ +

+ Do you accept the + rules?* + +

+ + +

- - +

- -

- Chat Preview -

- query("SELECT u.username, + +

+ Chat Preview +

+ query("SELECT u.username, CASE WHEN ub.badge_id IS NOT NULL THEN ub.badge_id WHEN r.badge_id IS NOT NULL THEN r.badge_id @@ -197,194 +197,194 @@ if ($_SERVER['REQUEST_METHOD'] != "POST") { ORDER BY RAND() LIMIT 3 "); - while ($row = $stmt->fetch()) { - echo '

'; + while ($row = $stmt->fetch()) { + echo '

'; - if ($row["badge_id"]) { - echo '

'; - } + if ($row["badge_id"]) { + echo '

'; + } - echo ''; - echo $row["username"]; - echo ': '; + echo ''; + echo $row["username"]; + echo ': '; - echo ''; + echo ''; - echo '

'; - } - ?> + echo '

'; + } + ?> +

- - - + - + - 0 && $count >= TAGS_MAX_COUNT) { + if (CONFIG['tags']['maxcount'] > 0 && $count >= CONFIG['tags']['maxcount']) { break; } - if (!preg_match(TAGS_CODE_REGEX, $tag)) { + if (!preg_match(CONFIG['tags']['regex'], $tag)) { continue; } @@ -526,7 +526,7 @@ $emote_data = [ "tags" => $tags_processed ]; -if (ACCOUNT_LOG_ACTIONS && $uploaded_by != null) { +if (CONFIG['account']['log'] && $uploaded_by != null) { $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)") ->execute([ $uploaded_by, diff --git a/emotesets.php b/emotesets.php index 9d2fa07..e2dae57 100644 --- a/emotesets.php +++ b/emotesets.php @@ -10,7 +10,7 @@ authorize_user(); $id = $_GET["id"] ?? ""; -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); // searching requested emoteset $emote_set = null; @@ -75,7 +75,7 @@ $emote_sets = null; // fetching emotes if ($emote_set) { $emote_set = Emoteset::from_array_extended($emote_set, $user_id, $db); -} elseif (!EMOTESET_PUBLIC_LIST) { +} elseif (!CONFIG['emoteset']['public']) { generate_alert("/404.php", "The public list of emotesets is disabled", 403); exit; } else { @@ -120,7 +120,7 @@ if (CLIENT_REQUIRES_JSON) { false => "Emoteset - {$emote_set->name}", }; - echo "$title - " . INSTANCE_NAME; + echo "$title - " . CONFIG['instance']['name']; ?> diff --git a/inbox.php b/inbox.php index b7d2213..5cac695 100644 --- a/inbox.php +++ b/inbox.php @@ -8,7 +8,7 @@ if (!authorize_user(true)) { exit; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $stmt = $db->prepare("SELECT * FROM inbox_messages WHERE recipient_id = ? ORDER BY sent_at DESC"); $stmt->execute([$_SESSION["user_id"]]); @@ -23,7 +23,7 @@ $stmt->execute([$_SESSION["user_id"]]); - Inbox - <?php echo INSTANCE_NAME ?> + Inbox - <?php echo CONFIG['instance']['name'] ?> diff --git a/index.php b/index.php index b443df7..1a6d19d 100644 --- a/index.php +++ b/index.php @@ -1,5 +1,11 @@ - <?php echo INSTANCE_NAME ?> + <?php echo CONFIG['instance']['name'] ?> @@ -17,20 +23,20 @@ authorize_user();

Emotes - + Emotesets - + Users - Upload'; } ?> Account @@ -44,7 +50,7 @@ authorize_user();

query("SELECT COUNT(*) FROM emotes WHERE visibility = 1"); $count = $results->fetch()[0]; diff --git a/lib/accounts.php b/lib/accounts.php index 51cb3f6..2ddb796 100644 --- a/lib/accounts.php +++ b/lib/accounts.php @@ -28,7 +28,7 @@ function authorize_user(bool $required = false): bool include_once "config.php"; - $db = new PDO(DB_URL, DB_USER, DB_PASS); + $db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $key = $_SERVER["HTTP_AUTHORIZATION"] ?? $_COOKIE["secret_key"]; diff --git a/lib/config.php b/lib/config.php new file mode 100644 index 0000000..1c6797d --- /dev/null +++ b/lib/config.php @@ -0,0 +1,113 @@ + [ + 'name' => $_SERVER['HTTP_HOST'] + ], + 'database' => [ + 'name' => '', + 'user' => '', + 'pass' => '', + 'host' => 'localhost', + 'url' => '' + ], + 'anonymous' => [ + 'upload' => false, + 'defaultname' => 'Anonymous' + ], + 'emote' => [ + 'upload' => true, + 'nameregex' => "/^[A-Za-z0-9_]+$/", + 'defaultvisibility' => 2, + 'maxnamelength' => 100, + 'maxcommentlength' => 100, + 'maxsizex' => 128, + 'maxsizey' => 128, + 'storeoriginal' => true + ], + 'rating' => [ + 'enable' => true, + 'names' => "-1=COAL\n1=GEM", + 'minvotes' => 10 + ], + 'tags' => [ + 'enable' => true, + 'regex' => "/^[A-Za-z0-9_]+$/", + 'maxcount' => 10 + ], + 'emoteset' => [ + 'public' => true + ], + 'mod' => [ + 'dashboard' => true, + 'approve' => true + ], + 'reports' => [ + 'enable' => true + ], + 'account' => [ + 'registration' => true, + 'maxcookielifetime' => 86400 * 30, + 'regex' => "/^[A-Za-z0-9_]+$/", + 'minusernamelength' => 2, + 'maxusernamelength' => 20, + 'minpasswordlength' => 10, + 'secretkeylength' => 32, + 'pfpsizex' => 128, + 'pfpsizey' => 128, + 'bannersizex' => 1920, + 'bannersizey' => 1080, + 'badgesizex' => 72, + 'badgesizey' => 72, + 'publiclist' => true, + 'log' => true + ], + 'twitch' => [ + 'registration' => false, + 'clientid' => '', + 'clientsecret' => '', + 'redirecturi' => ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? "https" : "http") . "://$_SERVER[HTTP_HOST]/account/login/twitch.php" + ], + 'captcha' => [ + 'enable' => false, + 'x' => 580, + 'y' => 220, + 'force' => false + ] +]; + +if (file_exists(CFG_PATH)) { + $c = json_decode(file_get_contents(CFG_PATH), true); + foreach ($cfg as $sk => $sv) { + if (!is_array($sv) || !array_key_exists($sk, $c)) { + continue; + } + + foreach ($sv as $k => $v) { + if (array_key_exists($k, $c[$sk])) { + $cfg[$sk][$k] = $c[$sk][$k]; + } + } + } +} + +if (!empty($cfg['database']['host'])) { + $cfg['database']['url'] = "mysql:host={$cfg['database']['host']};dbname={$cfg['database']['name']};port=3306"; +} + +$cfg['rating']['names_string'] = $cfg['rating']['names']; +$n = []; +foreach (explode("\n", $cfg['rating']['names']) as $_ => $v) { + [$k, $v] = explode('=', $v, 2); + $n[intval($k)] = $v; +} +$cfg['rating']['names'] = $n; + +define('CONFIG', $cfg); + +define("INSTANCE_STATIC_FOLDER", "static"); // Static folder. Used only in /404.php. + +// FOR DEVELOPERS +define("CLIENT_REQUIRES_JSON", isset($_SERVER["HTTP_ACCEPT"]) && $_SERVER["HTTP_ACCEPT"] == "application/json"); \ No newline at end of file diff --git a/lib/config.sample.php b/lib/config.sample.php deleted file mode 100644 index 3d30044..0000000 --- a/lib/config.sample.php +++ /dev/null @@ -1,74 +0,0 @@ - "COAL", - "1" => "GEM", -]); // Rating names. The schema is [ "id/rating_point" => "name" ]. -define("RATING_EMOTE_MIN_VOTES", 10); // Minimal amount of votes to display emote rating. - -// UPLOADS -define("ANONYMOUS_UPLOAD", false); // Allow anonymous upload for emotes. -define("ANONYMOUS_DEFAULT_NAME", "Anonymous"); // Default uploader name for anonymous emotes. It's also used when original uploader has been deleted. - -// EMOTES -define("EMOTE_UPLOAD", true); // Enable emote upload. -define("EMOTE_NAME_MAX_LENGTH", 100); // Max length for emote name. -define("EMOTE_COMMENT_MAX_LENGTH", 100); // Max length for emote comment. -define("EMOTE_VISIBILITY_DEFAULT", 2); // Default visibility for emotes. 0 - unlisted, 1 - public, 2 - pending approval (same as unlisted). -define("EMOTE_MAX_SIZE", [128, 128]); // Max size of emote. -define("EMOTE_NAME_REGEX", "/^[A-Za-z0-9_]+$/"); // RegEx filter for emote names. -define("EMOTE_STORE_ORIGINAL", true); // Store original uploads of emotes. - -// TAGS -define("TAGS_ENABLE", true); // Allow emote tagging. -define("TAGS_CODE_REGEX", "/^[A-Za-z0-9_]+$/"); -define("TAGS_MAX_COUNT", 10); // Maximum tags per emote. Set -1 for unlimited amount. - -// EMOTESETS -define("EMOTESET_PUBLIC_LIST", true); // Show emotesets public. - -// MODERATION -define("MOD_SYSTEM_DASHBOARD", true); // Enable system dashboard for moderators (/system). -define("MOD_EMOTES_APPROVE", true); // Enable manual emote approval (/system/emotes). - -// REPORTS -define("REPORTS_ENABLE", true); // Enable emote, user reports. - -// ACCOUNTS -define("ACCOUNT_REGISTRATION_ENABLE", true); // Enable account registration. -define("ACCOUNT_COOKIE_MAX_LIFETIME", 86400 * 30); // Remember user for a month. -define("ACCOUNT_USERNAME_REGEX", "/^[A-Za-z0-9_]+$/"); // RegEx filter for account usernames. -define("ACCOUNT_USERNAME_LENGTH", [2, 20]); // [Min, Max] length for account usernames. -define("ACCOUNT_PASSWORD_MIN_LENGTH", 10); // Minimal length for passwords. -define("ACCOUNT_SECRET_KEY_LENGTH", 32); // The length for secret keys. -define("ACCOUNT_PFP_MAX_SIZE", [128, 128]); // Max dimensions for account pictures. -define("ACCOUNT_BANNER_MAX_SIZE", [1920, 1080]); // Max dimensions for account banners. -define("ACCOUNT_BADGE_MAX_SIZE", [72, 72]); // Max dimensions for account badges. -define("ACCOUNT_PUBLIC_LIST", true); // The public list of accounts. -define("ACCOUNT_LOG_ACTIONS", true); // Log user's actions (emote addition, etc.). - -// TWITCH -define("TWITCH_REGISTRATION_ENABLE", false); // Enable account registration via Twitch. -define("TWITCH_CLIENT_ID", "AAAAAAAAA"); // Client ID of your Twitch application. -define("TWITCH_SECRET_KEY", "BBBBBBBBB"); // Secret key of your Twitch application. -define("TWITCH_REDIRECT_URI", ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? "https" : "http") . "://$_SERVER[HTTP_HOST]/account/login/twitch.php"); // Redirect URI of your Twitch application. - -// CAPTCHA -define("CAPTCHA_ENABLE", true); // Enable built-in captcha. -define("CAPTCHA_SIZE", [580, 220]); // Captcha size. -define("CAPTCHA_FORCE_USERS", false); // Force authorized users to solve captcha. - -// FOR DEVELOPERS -define("CLIENT_REQUIRES_JSON", isset($_SERVER["HTTP_ACCEPT"]) && $_SERVER["HTTP_ACCEPT"] == "application/json"); \ No newline at end of file diff --git a/lib/partials.php b/lib/partials.php index 760923a..979621d 100644 --- a/lib/partials.php +++ b/lib/partials.php @@ -7,26 +7,26 @@ function html_navigation_bar()

Emotes - + Emotesets - + Users - Upload'; } ?> Account prepare("SELECT COUNT(*) FROM inbox_messages WHERE recipient_id = ? AND has_read = false"); @@ -40,7 +40,7 @@ function html_navigation_bar() $stmt = null; if (isset($_SESSION["user_role"])) { - if (REPORTS_ENABLE && $_SESSION["user_role"]["permission_report"]) { + if (CONFIG['reports']['enable'] && $_SESSION["user_role"]["permission_report"]) { // getting reports $stmt = $db->prepare("SELECT COUNT(*) FROM reports WHERE sender_id = ? AND resolved_by IS NULL"); $stmt->execute([$_SESSION["user_id"]]); @@ -53,10 +53,10 @@ function html_navigation_bar() query("SELECT COUNT(*) FROM emotes WHERE visibility = 2")->fetch()[0]); } diff --git a/report/index.php b/report/index.php index 7b1b259..fe83855 100644 --- a/report/index.php +++ b/report/index.php @@ -5,7 +5,7 @@ include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/partials.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php"; -if (!REPORTS_ENABLE) { +if (!CONFIG['reports']['enable']) { generate_alert("/404.php", "Reports are disabled", 403); exit; } @@ -19,7 +19,7 @@ if (isset($_SESSION["user_role"]) && !$_SESSION["user_role"]["permission_report" exit; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $report = null; $report_id = $_GET["id"] ?? ""; @@ -58,7 +58,8 @@ if ($contents == "") { - <?php echo ($report == null ? "Send a message to MODS" : "A message to MODS") . ' - ' . INSTANCE_NAME ?> + <title> + <?php echo ($report == null ? "Send a message to MODS" : "A message to MODS") . ' - ' . CONFIG['instance']['name'] ?> diff --git a/report/list.php b/report/list.php index 71c233e..94154fe 100644 --- a/report/list.php +++ b/report/list.php @@ -5,7 +5,7 @@ include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/partials.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php"; -if (!REPORTS_ENABLE) { +if (!CONFIG['reports']['enable']) { generate_alert("/404.php", "Reports are disabled", 403); exit; } @@ -19,7 +19,7 @@ if (isset($_SESSION["user_role"]) && !$_SESSION["user_role"]["permission_report" exit; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $stmt = $db->prepare("SELECT * FROM reports WHERE sender_id = ? ORDER BY sent_at DESC"); $stmt->execute([$_SESSION["user_id"]]); @@ -30,7 +30,7 @@ $reports = $stmt->fetchAll(PDO::FETCH_ASSOC); - Report list - <?php echo INSTANCE_NAME ?> + Report list - <?php echo CONFIG['instance']['name'] ?> diff --git a/report/send.php b/report/send.php index fe10ba6..fb4a726 100644 --- a/report/send.php +++ b/report/send.php @@ -4,7 +4,7 @@ include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/config.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/utils.php"; include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php"; -if (!REPORTS_ENABLE) { +if (!CONFIG['reports']['enable']) { generate_alert("/404.php", "Reports are disabled", 403); exit; } @@ -18,7 +18,7 @@ if (isset($_SESSION["user_role"]) && !$_SESSION["user_role"]["permission_report" exit; } -$db = new PDO(DB_URL, DB_USER, DB_PASS); +$db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); if (!isset($_POST["contents"])) { generate_alert("/report", "Not enough POST fields"); diff --git a/rules.php b/rules.php index f0c4e5d..d490fd3 100644 --- a/rules.php +++ b/rules.php @@ -18,7 +18,7 @@ if (is_file($path)) { - The Rules of <?php echo INSTANCE_NAME ?> + The Rules of <?php echo CONFIG['instance']['name'] ?> @@ -30,7 +30,7 @@ if (is_file($path)) {

The Rules of

Software - <?php echo INSTANCE_NAME ?>

Software - <?php echo CONFIG['instance']['name'] ?>

Configuration - <?= CONFIG['instance']['name'] ?>

+ +

Instance configuration

+ +

This message confirms the instance is nearly ready. The configuration below shows the default + settings. Enter your database credentials to complete the setup.

+ +

Instance

+ + + + + +

Name

+ +

Database

+ + + + + + + + + + + + + + + + + +

Name
User
Password
Host

+ +

Emotes

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Allow emote upload	>
Allow anonymous emote upload	>
Default uploader name
RegEx filter for names
Default visibility	+ +
Max name length
Max comment length
Max size	X: Y: + +
Store original uploaded file	>

+ +

Accounts

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Enable account registration	>
Max. cookie lifetime (in seconds)
RegEx filter for usernames
Username length	Min: + Max:
Min. password length
Secret key length
Profile picture size	X: + Y:
Profile banner size	X: + Y:
Badge size	X: + Y:
Enable public list	>
Log actions	>

+ +

Twitch

+ + + + + + + + + + + + + + + + + +

Enable account registration via Twitch	value="on"> +
Client ID	+
Client secret	+
Redirect URI	+

+ +

CAPTCHA

+ + + + + + + + + + + + + +

Enable CAPTCHA	value="on"> +
Force authorized users to solve CAPTCHA	value="on"> +
Size	Min: + Max:

+ +

Rating

+ + + + + + + + + + + + + +

Enable rating	value="on"> +
Names^[?]	<?= CONFIG['rating']['names_string'] ?> +
Minimal amount of votes

+ +

Enable tags	value="on"> +
RegEx filter	+
Maximum amount of tags per emote.

Enable system dashboard for moderators	value="on"> +
Enable manual emote approval	value="on"> +