11 rokov pred · 10fb5ab06f
--- a/api.php
+++ b/api.php
@@ -24,7 +24,12 @@
 
 				break;
 
 				case 'template':
 
 					$ret['template'] = file_get_contents('data/'.$id.'.template.html');
 
-					$ret['context'] = json_decode(file_get_contents('data/'.$id.'.context.json'));
 
+					if(file_exists(PATH_DATA.$id.'.context.json')){
 
+						$context = json_decode(file_get_contents(PATH_DATA.$id.'.context.json'));
 
+					}else{
 
+						$context = Array();
 
+					}
 
+					$ret['context'] = $context;
 
 					retj($ret,$id);
 
 				break;
 
 				case 'action':
--- a/data/index.template.html
+++ b/data/index.template.html
@@ -5,7 +5,12 @@
 
 	Welcome to bugs!
 
 </p>
 
 <p>
 
+	{{#unless key}}
 
 	<a href="#page-login">Login</a>
 
 	-
 
 	<a href="#page-register">Register</a>
 
+	{{/unless}}
 
+	{{#if key}}
 
+	<a href="#page-logout">Logout</a>
 
+	{{/if}}
 
 </p>
--- a/data/logout.template.html
+++ b/data/logout.template.html
@@ -0,0 +1,4 @@
 
+<script>
 
+	setKey(null);
 
+	apiState('page-index');
 
+</script>
--- a/js/index.js
+++ b/js/index.js
@@ -8,6 +8,7 @@
 
 		},
 
 		setKey = window.setKey = function(key){
 
 			Key = key;
 
+			$.cookie('key',key);
 
 		},
 
 		getKey = window.getKey = function(){
 
 			return Key;
@@ -57,6 +58,9 @@
 
 				}
 
 			},'json');
 
 		};
 
+	if(exists($.cookie('key'))){
 
+		setKey($.cookie('key'));
 
+	}
 
 	$(document).ready(function(){
 
 		$(window).on('statechange',function(){
 
 			var Old = State;
@@ -76,6 +80,9 @@
 
 				switch(State.data.type){
 
 					case 'template':
 
 						api(State.data,function(d){
 
+							if(Key !== null){
 
+								d.context.key = Key
 
+							}
 
 							$('#content').html(Handlebars.compile(d.template)(d.context)).mCustomScrollbar('destroy');
 
 							$('#content,.scroll').mCustomScrollbar({
 
 								theme: 'dark-2',
--- a/php/database.php
+++ b/php/database.php
@@ -5,4 +5,15 @@
 
 		echo "Failed to connect to MySQL: ".$mysqli->connect_error;
 
 	}
 
 	$mysqli->autocommit(true);
 
+	function query($query,$args = []){
 
+		global $mysqli;
 
+		for ($i=0;$i<count($args);$i++){
 
+			$args[$i] = $mysqli->real_escape_string($args[$i]);
 
+		}
 
+		$result = $mysqli->query(vsprintf($query,$args));
 
+		if (!$result){
 
+			die("Query: ".vsprintf($query,$args));
 
+		}
 
+		return $result;
 
+	}
 
 ?>
--- a/php/include.php
+++ b/php/include.php
@@ -5,10 +5,5 @@
 
 	require_once(PATH_PHP.'functions.php');
 
 	require_once(PATH_PHP.'security.php');
 
 	require_once(PATH_PHP.'user.php');
 
-	if(isset($_GET['key'])&&isset($SESSION['key'])){
 
-		if($_GET['key'] != $SESSION['key']){
 
-			unset($SESSION['key']);
 
-			retj(Array('error'=>'Invalid key, you were logged out.'));
 
-		}
 
-	}
 
+	authenticate();
 
 ?>
--- a/php/security.php
+++ b/php/security.php
@@ -15,4 +15,27 @@
 
 	function securityKey($username,$salt){
 
 		return saltedHash($username,$salt);
 
 	}
 
+	function authenticate(){
 
+		global $SESSION;
 
+		if(isset($_GET['key'])&&isset($SESSION['key'])&&isset($SESSION['username'])&&isUser($SESSION['usernamed'])){
 
+			if($_GET['key'] != $SESSION['key']){
 
+				setKey(null);
 
+				retj(Array('error'=>'Invalid key, you were logged out.'));
 
+			}
 
+			setKey($SESSION['key']);
 
+		}else{
 
+			setKey(null);
 
+		}
 
+	}
 
+	function setKey($key){
 
+		global $SESSION;
 
+		if($key == null){
 
+			unset($SESSION['key']);
 
+			unset($SESSION['username']);
 
+			setcookie('key','',time()-3600);
 
+		}else{
 
+			$SESSION['key'] = $key;
 
+			setcookie('key',$key,time()+3600);
 
+		}
 
+	}
 
 ?>
--- a/php/user.php
+++ b/php/user.php
@@ -23,7 +23,11 @@
 
 		}
 
 		return false;
 
 	}
 
-	function setKey($key){
 
-		$SESSION['key'] = $key;
 
+	function isUser($name){
 
+		if(query("SELECT id FROM `".get('database')."`.`users` WHERE name='%s'",Array($name))){
 
+			return true;
 
+		}else{
 
+			return false;
 
+		}
 
 	}
 
 ?>