From be2912e26bdf1843c3a91fc0717b301f168d4962 Mon Sep 17 00:00:00 2001
From: ilotterytea <iltsu@alright.party>
Date: Fri, 9 May 2025 18:15:54 +0500
Subject: feat: option to log user actions

---
 public/account/index.php   |  18 ++---
 public/emotes/setmanip.php |  18 +++--
 public/emotes/upload.php   |  28 ++++----
 public/users.php           | 167 +++++++++++++++++++++++----------------------
 src/config.sample.php      |   1 +
 5 files changed, 124 insertions(+), 108 deletions(-)

diff --git a/public/account/index.php b/public/account/index.php
index 7bb19f5..48bfb8d 100644
--- a/public/account/index.php
+++ b/public/account/index.php
@@ -144,14 +144,16 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
                             <input type="password" name="password-new" id="form-password-new">
                         </div>
                         <div>
-                            <input type="checkbox" name="hide-actions" value="1" id="form-hide-actions" <?php
-                            $stmt = $db->prepare("SELECT hide_actions FROM user_preferences WHERE id = ?");
-                            $stmt->execute([$_SESSION["user_id"]]);
-                            if (intval($stmt->fetch()[0]) == 1) {
-                                echo 'checked';
-                            }
-                            ?>>
-                            <label for="hide-actions" class="inline">Hide actions</label>
+                            <?php if (ACCOUNT_LOG_ACTIONS): ?>
+                                <input type="checkbox" name="hide-actions" value="1" id="form-hide-actions" <?php
+                                $stmt = $db->prepare("SELECT hide_actions FROM user_preferences WHERE id = ?");
+                                $stmt->execute([$_SESSION["user_id"]]);
+                                if (intval($stmt->fetch()[0]) == 1) {
+                                    echo 'checked';
+                                }
+                                ?>>
+                                <label for="hide-actions" class="inline">Hide actions</label>
+                            <?php endif; ?>
                         </div>
                         <div>
                             <input type="checkbox" name="signout-everywhere" value="1" id="form-signout-everywhere">
diff --git a/public/emotes/setmanip.php b/public/emotes/setmanip.php
index 71d922b..8e8d840 100644
--- a/public/emotes/setmanip.php
+++ b/public/emotes/setmanip.php
@@ -82,8 +82,10 @@ switch ($action) {
         $stmt = $db->prepare("INSERT INTO emote_set_contents(emote_set_id, emote_id, added_by) VALUES (?, ?, ?)");
         $stmt->execute([$emote_set_id, $emote_id, $user_id]);
 
-        $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)")
-            ->execute([$user_id, "EMOTESET_ADD", json_encode($payload)]);
+        if (ACCOUNT_LOG_ACTIONS) {
+            $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)")
+                ->execute([$user_id, "EMOTESET_ADD", json_encode($payload)]);
+        }
 
         $db = null;
 
@@ -100,8 +102,10 @@ switch ($action) {
             exit;
         }
 
-        $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)")
-            ->execute([$user_id, "EMOTESET_REMOVE", json_encode($payload)]);
+        if (ACCOUNT_LOG_ACTIONS) {
+            $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)")
+                ->execute([$user_id, "EMOTESET_REMOVE", json_encode($payload)]);
+        }
 
         $db = null;
 
@@ -137,8 +141,10 @@ switch ($action) {
         $stmt = $db->prepare("UPDATE emote_set_contents SET code = ? WHERE emote_set_id = ? AND emote_id = ?");
         $stmt->execute([$value, $emote_set_id, $emote_id]);
 
-        $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)")
-            ->execute([$user_id, "EMOTESET_ALIAS", json_encode($payload)]);
+        if (ACCOUNT_LOG_ACTIONS) {
+            $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)")
+                ->execute([$user_id, "EMOTESET_ALIAS", json_encode($payload)]);
+        }
 
         $db = null;
 
diff --git a/public/emotes/upload.php b/public/emotes/upload.php
index 42e58c6..96544fd 100644
--- a/public/emotes/upload.php
+++ b/public/emotes/upload.php
@@ -389,19 +389,21 @@ if ($is_manual) {
     }
 }
 
-$db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)")
-    ->execute([
-        $uploaded_by,
-        "EMOTE_CREATE",
-        json_encode([
-            "emote" => [
-                "id" => $id,
-                "code" => $code,
-                "visibility" => $visibility,
-                "uploaded_by" => $uploaded_by,
-            ]
-        ])
-    ]);
+if (ACCOUNT_LOG_ACTIONS) {
+    $db->prepare("INSERT INTO actions(user_id, action_type, action_payload) VALUES (?, ?, ?)")
+        ->execute([
+            $uploaded_by,
+            "EMOTE_CREATE",
+            json_encode([
+                "emote" => [
+                    "id" => $id,
+                    "code" => $code,
+                    "visibility" => $visibility,
+                    "uploaded_by" => $uploaded_by,
+                ]
+            ])
+        ]);
+}
 
 
 $db = null;
diff --git a/public/users.php b/public/users.php
index 5d1f125..7146cd1 100644
--- a/public/users.php
+++ b/public/users.php
@@ -231,10 +231,13 @@ $stmt->execute([$user->id(), $user->id()]);
 $uploaded_emotes = $stmt->fetchAll(PDO::FETCH_ASSOC);
 
 // gathering actions
-$stmt = $db->prepare("SELECT a.* FROM actions a WHERE a.user_id = ? ORDER BY a.created_at DESC LIMIT 15");
-$stmt->execute([$user->id()]);
+$actions = [];
 
-$actions = $stmt->fetchAll(PDO::FETCH_ASSOC);
+if (ACCOUNT_LOG_ACTIONS) {
+    $stmt = $db->prepare("SELECT a.* FROM actions a WHERE a.user_id = ? ORDER BY a.created_at DESC LIMIT 15");
+    $stmt->execute([$user->id()]);
+    $actions = $stmt->fetchAll(PDO::FETCH_ASSOC);
+}
 
 // TODO: add functionality
 
@@ -514,56 +517,46 @@ if ($is_json) {
                     }
                     ?>
 
-                    <!-- Actions -->
-                    <section class="box">
-                        <div class="box navtab">
-                            <p>Actions</p>
-                        </div>
-                        <div class="box content">
-                            <?php
-                            if (empty($actions)) {
-                                echo "<p>This user has done nothing bad or good...</p>";
-                            }
-
-                            foreach ($actions as $action) {
-                                echo '<div class="row">';
-
-                                list($action_name, $preposition, $icon_name) = match ($action["action_type"]) {
-                                    "EMOTESET_ADD" => ["added", "to", "yes.png"],
-                                    "EMOTESET_REMOVE" => ["removed", "from", "no.png"],
-                                    "EMOTESET_ALIAS" => ["renamed", "in", "pencil.png"],
-                                    "EMOTE_CREATE" => ["created", null, "new_emote.png"],
-                                    "EMOTE_DELETE" => ["deleted", null, "deleted_emote.png"],
-                                    "EMOTE_RENAME" => ["renamed", null, "renamed_emote.png"]
-                                };
+                    <?php if (ACCOUNT_LOG_ACTIONS): ?>
+                        <!-- Actions -->
+                        <section class="box">
+                            <div class="box navtab">
+                                <p>Actions</p>
+                            </div>
+                            <div class="box content">
+                                <?php
+                                if (empty($actions)) {
+                                    echo "<p>This user has done nothing bad or good...</p>";
+                                }
 
-                                echo "<div><img src='/static/img/icons/$icon_name' width='16' /></div>";
+                                foreach ($actions as $action) {
+                                    echo '<div class="row">';
 
-                                echo '<div class="column">';
-                                echo '<p>';
-                                echo '<i>' . $user->username() . '</i> ';
+                                    list($action_name, $preposition, $icon_name) = match ($action["action_type"]) {
+                                        "EMOTESET_ADD" => ["added", "to", "yes.png"],
+                                        "EMOTESET_REMOVE" => ["removed", "from", "no.png"],
+                                        "EMOTESET_ALIAS" => ["renamed", "in", "pencil.png"],
+                                        "EMOTE_CREATE" => ["created", null, "new_emote.png"],
+                                        "EMOTE_DELETE" => ["deleted", null, "deleted_emote.png"],
+                                        "EMOTE_RENAME" => ["renamed", null, "renamed_emote.png"]
+                                    };
 
-                                $payload = json_decode($action["action_payload"], true);
+                                    echo "<div><img src='/static/img/icons/$icon_name' width='16' /></div>";
 
-                                list($action_root, $action_sub) = explode("_", $action["action_type"]);
+                                    echo '<div class="column">';
+                                    echo '<p>';
+                                    echo '<i>' . $user->username() . '</i> ';
 
-                                switch ($action_root) {
-                                    case "EMOTESET": {
-                                        $e_stmt = $db->prepare("SELECT COUNT(*) FROM emotes WHERE id = ?");
-                                        $e_stmt->execute([$payload["emote"]["id"]]);
+                                    $payload = json_decode($action["action_payload"], true);
 
-                                        echo "$action_name emote <a href=\"";
+                                    list($action_root, $action_sub) = explode("_", $action["action_type"]);
 
-                                        if ($e_stmt->rowCount() == 1) {
-                                            echo '/emotes?id=' . $payload["emote"]["id"] . '">';
-                                            echo '<img src="/static/userdata/emotes/' . $payload["emote"]["id"] . '/1x.webp" height="16" /> ';
-                                        } else {
-                                            echo '">';
-                                        }
+                                    switch ($action_root) {
+                                        case "EMOTESET": {
+                                            $e_stmt = $db->prepare("SELECT COUNT(*) FROM emotes WHERE id = ?");
+                                            $e_stmt->execute([$payload["emote"]["id"]]);
 
-                                        if (isset($payload["emote"]["original_code"])) {
-                                            echo $payload["emote"]["original_code"] . '</a> to ';
-                                            echo "<a href=\"";
+                                            echo "$action_name emote <a href=\"";
 
                                             if ($e_stmt->rowCount() == 1) {
                                                 echo '/emotes?id=' . $payload["emote"]["id"] . '">';
@@ -572,51 +565,63 @@ if ($is_json) {
                                                 echo '">';
                                             }
 
-                                            echo $payload["emote"]["code"] . '</a>';
-                                        } else {
-                                            echo $payload["emote"]["code"] . '</a>';
-                                        }
+                                            if (isset($payload["emote"]["original_code"])) {
+                                                echo $payload["emote"]["original_code"] . '</a> to ';
+                                                echo "<a href=\"";
 
-                                        $es_stmt = $db->prepare("SELECT COUNT(*) FROM emote_sets WHERE id = ?");
-                                        $es_stmt->execute([$payload["emoteset"]["id"]]);
+                                                if ($e_stmt->rowCount() == 1) {
+                                                    echo '/emotes?id=' . $payload["emote"]["id"] . '">';
+                                                    echo '<img src="/static/userdata/emotes/' . $payload["emote"]["id"] . '/1x.webp" height="16" /> ';
+                                                } else {
+                                                    echo '">';
+                                                }
 
-                                        echo " $preposition <a href=\"";
-                                        if ($es_stmt->rowCount() == 1) {
-                                            echo '/emotesets.php?id=' . $payload["emoteset"]["id"];
-                                        }
+                                                echo $payload["emote"]["code"] . '</a>';
+                                            } else {
+                                                echo $payload["emote"]["code"] . '</a>';
+                                            }
 
-                                        echo '">' . $payload["emoteset"]["name"] . '</a>';
-                                        break;
-                                    }
-                                    case "EMOTE": {
-                                        $e_stmt = $db->prepare("SELECT COUNT(*) FROM emotes WHERE id = ?");
-                                        $e_stmt->execute([$payload["emote"]["id"]]);
+                                            $es_stmt = $db->prepare("SELECT COUNT(*) FROM emote_sets WHERE id = ?");
+                                            $es_stmt->execute([$payload["emoteset"]["id"]]);
 
-                                        echo "$action_name emote <a href=\"";
+                                            echo " $preposition <a href=\"";
+                                            if ($es_stmt->rowCount() == 1) {
+                                                echo '/emotesets.php?id=' . $payload["emoteset"]["id"];
+                                            }
 
-                                        if ($e_stmt->rowCount() == 1) {
-                                            echo '/emotes?id=' . $payload["emote"]["id"] . '">';
-                                            echo '<img src="/static/userdata/emotes/' . $payload["emote"]["id"] . '/1x.webp" height="16" /> ';
-                                        } else {
-                                            echo '">';
+                                            echo '">' . $payload["emoteset"]["name"] . '</a>';
+                                            break;
                                         }
+                                        case "EMOTE": {
+                                            $e_stmt = $db->prepare("SELECT COUNT(*) FROM emotes WHERE id = ?");
+                                            $e_stmt->execute([$payload["emote"]["id"]]);
 
-                                        echo $payload["emote"]["code"] . '</a>';
-                                        break;
-                                    }
-                                    default: {
-                                        echo "something that we don't know";
-                                        break;
+                                            echo "$action_name emote <a href=\"";
+
+                                            if ($e_stmt->rowCount() == 1) {
+                                                echo '/emotes?id=' . $payload["emote"]["id"] . '">';
+                                                echo '<img src="/static/userdata/emotes/' . $payload["emote"]["id"] . '/1x.webp" height="16" /> ';
+                                            } else {
+                                                echo '">';
+                                            }
+
+                                            echo $payload["emote"]["code"] . '</a>';
+                                            break;
+                                        }
+                                        default: {
+                                            echo "something that we don't know";
+                                            break;
+                                        }
                                     }
-                                }
 
-                                echo '</p>';
-                                echo '<span class="font-small" style="color: gray;">[' . format_timestamp(time() - strtotime($action["created_at"])) . ' ago]</span> ';
-                                echo '</div></div>';
-                            }
-                            ?>
-                        </div>
-                    </section>
+                                    echo '</p>';
+                                    echo '<span class="font-small" style="color: gray;">[' . format_timestamp(time() - strtotime($action["created_at"])) . ' ago]</span> ';
+                                    echo '</div></div>';
+                                }
+                                ?>
+                            </div>
+                        </section>
+                    <?php endif; ?>
                 </section>
             </section>
         </div>
diff --git a/src/config.sample.php b/src/config.sample.php
index 7478be6..9a50d2d 100644
--- a/src/config.sample.php
+++ b/src/config.sample.php
@@ -49,6 +49,7 @@ define("ACCOUNT_SECRET_KEY_LENGTH", 32); // The length for secret keys.
 define("ACCOUNT_PFP_MAX_SIZE", [128, 128]); // Max dimensions for account pictures.
 define("ACCOUNT_BANNER_MAX_SIZE", [1920, 1080]); // Max dimensions for account banners.
 define("ACCOUNT_PUBLIC_LIST", true); // The public list of accounts.
+define("ACCOUNT_LOG_ACTIONS", true); // Log user's actions (emote addition, etc.).
 
 // TWITCH
 define("TWITCH_REGISTRATION_ENABLE", false); // Enable account registration via Twitch.
-- 
cgit v1.2.3