biglyderv/bigly-chat
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

minor fixes

Browse source
This commit is contained in:
biglyderv 2025-02-05 01:27:45 -05:00
parent daace699a6
commit 2ce4424db7
20 changed files with 674 additions and 621 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

144
docs/api/comment.php
View file

@ -1,88 +1,92 @@
<?php <?php
require(__DIR__ . "/../../libs/page.php");
$ref = 1732684297; require(__DIR__ . "/../../libs/page.php");
function getOut($typer, $idr) {
if ($typer == 'user' || $typer == 'comment') {
header("Location: " . '/' . $typer . '.php?id=' . htmlspecialchars($idr));
die();
}
header("Location: /"); $ref = 1732684297;
function getOut($typer, $idr)
{
if ($typer == 'user' || $typer == 'comment') {
header("Location: " . '/' . $typer . '.php?id=' . htmlspecialchars($idr));
die(); die();
} }
function post_handler() { header("Location: /");
global $ref; die();
global $username; }
global $db;
if (!$username || !array_key_exists('post',$_POST)) return;
$postie = $_POST['post'];
$postType = (array_key_exists('type',$_POST)) ? $_POST['type'] : 'root';
$postId = (array_key_exists('id',$_POST)) ? $_POST['id'] : 'root';
if (strlen($postie) < 1 || strlen($postie) > 1024) { function post_handler()
getOut($postType,$postId); {
} global $ref;
if (is_uploaded_file($_FILES['file']['tmp_name'])) { global $username;
$fid = bin2hex(random_bytes(16)); global $db;
if (!$username || !array_key_exists('post', $_POST)) {
return;
}
$type = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION); $postie = $_POST['post'];
$postType = (array_key_exists('type', $_POST)) ? $_POST['type'] : 'root';
$type = strtolower($type); $postId = (array_key_exists('id', $_POST)) ? $_POST['id'] : 'root';
$mime = mime_content_type('test' . $type); if (strlen($postie) < 1 || strlen($postie) > 1024) {
getOut($postType, $postId);
}
if (is_uploaded_file($_FILES['file']['tmp_name'])) {
$fid = bin2hex(random_bytes(16));
$legal = ['png','gif','jpeg','jpg','mp4','webm','mp3','wav']; $type = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
if (in_array($type, $legal)) { $type = strtolower($type);
move_uploaded_file($_FILES['file']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pic/' . $fid . '.' . $type);
$postie .= "\nhttps://" . $_SERVER['HTTP_HOST'] . '/pic/' . $fid . '.' . $type;
}
}
$poid = bin2hex(random_bytes(16)); $mime = mime_content_type('test' . $type);
$stmt = $db->prepare("SELECT * FROM comment WHERE username = ? ORDER BY date DESC");
$stmt->execute([
$username
]);
$userposts = $stmt->fetchAll(PDO::FETCH_DEFAULT);
if ($userposts[0]['date'] - (microtime(true) - $ref) > -3) { $legal = ['png','gif','jpeg','jpg','mp4','webm','mp3','wav'];
echo "You have been rate limited.";
return;
}
if (in_array($type, $legal)) {
move_uploaded_file($_FILES['file']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pic/' . $fid . '.' . $type);
$postie .= "\nhttps://" . $_SERVER['HTTP_HOST'] . '/pic/' . $fid . '.' . $type;
}
}
$poid = bin2hex(random_bytes(16));
$stmt = $db->prepare("SELECT * FROM comment WHERE username = ? ORDER BY date DESC");
$stmt->execute([
$username
]);
$userposts = $stmt->fetchAll(PDO::FETCH_DEFAULT);
if ($userposts[0]['date'] - (microtime(true) - $ref) > -3) {
echo "You have been rate limited.";
return;
}
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$username,$postType,$postId,microtime(true) - $ref,$postie,$poid]);
$postieP = "https://nbg.dervland.net/comment.php?id=" . $poid;
$user10 = ':system';
if ($postType == 'user') {
$postie = "A user commented on your wall: " . $postieP;
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)"); $stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$username,$postType,$postId,microtime(true) - $ref,$postie,$poid]); $stmt->execute([$user10,'notification',$postId,microtime(true) - $ref,$postie,bin2hex(random_bytes(16))]);
} elseif ($postType == 'comment') {
$stmt = $db->prepare("SELECT * FROM comment WHERE id = ? ORDER BY date DESC");
$stmt->execute([
$postId
]);
$posts1 = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$postieP = "https://nbg.dervland.net/comment.php?id=" . $poid; $posts2 = $posts1[0]['username'];
$postie = "A user replied to your post: " . $postieP;
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$user10,'notification',$posts2,microtime(true) - $ref,$postie,bin2hex(random_bytes(16))]);
}
$user10 = ':system'; getOut($postType, $postId);
if ($postType == 'user') { }
$postie = "A user commented on your wall: " . $postieP;
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$user10,'notification',$postId,microtime(true) - $ref,$postie,bin2hex(random_bytes(16))]);
} else if ($postType == 'comment') {
$stmt = $db->prepare("SELECT * FROM comment WHERE id = ? ORDER BY date DESC");
$stmt->execute([
$postId
]);
$posts1 = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$posts2 = $posts1[0]['username'];
$postie = "A user replied to your post: " . $postieP; post_handler();
$stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)");
$stmt->execute([$user10,'notification',$posts2,microtime(true) - $ref,$postie,bin2hex(random_bytes(16))]);
}
getOut($postType,$postId);
}
post_handler();
?>

25
docs/api/followjson.php
View file

@ -1,16 +1,17 @@
<?php <?php
require(__DIR__ . "/../../libs/page.php");
function get_handler() { require(__DIR__ . "/../../libs/page.php");
global $db;
$stmt = $db->prepare("SELECT * FROM main.follow");
$stmt->execute([]);
$result = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$result = array_reverse($result,true);
echo json_encode($result); function get_handler()
} {
global $db;
get_handler(); $stmt = $db->prepare("SELECT * FROM main.follow");
?> $stmt->execute([]);
$result = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$result = array_reverse($result, true);
echo json_encode($result);
}
get_handler();

6
docs/auth.php
View file

@ -1,5 +1,5 @@
<?php <?php
require(__DIR__ . "/../libs/auth.php"); require(__DIR__ . "/../libs/auth.php");
global $username; global $username;
echo $username; echo $username;
?> ?>

18
docs/comment.php
View file

@ -1,11 +1,11 @@
<?php <?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$ref = 1732684297; require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
page_header(); require(__DIR__ . "/../libs/comment.php");
comments("comment",$_GET['id']);
page_footer(); $ref = 1732684297;
?>
page_header();
comments("comment", $_GET['id']);
page_footer();

9
docs/css/main.css
View file

@ -134,7 +134,8 @@ pre {
padding: 10px; padding: 10px;
margin-bottom: 10px; margin-bottom: 10px;
align-items: center; align-items: center;
width: var(--elem-width); flex-wrap: wrap;
width: var(--elem-width);
border-radius: var(--border-radius); border-radius: var(--border-radius);
} }
@ -186,12 +187,16 @@ iframe {
border: none; border: none;
} }
.header a {
width: 60px;
}
.header a, .clickie { .header a, .clickie {
text-decoration: none; text-decoration: none;
color: inherit; color: inherit;
font-weight: bold; font-weight: bold;
margin: 5px; margin: 5px;
display: flex; display: flex;
flex-direction: column; flex-direction: column;
align-items: center; align-items: center;
justify-content: center; justify-content: center;

30
docs/index.php
View file

@ -1,13 +1,13 @@
<?php <?php
require(__DIR__ . "/../libs/page.php"); require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php"); require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php"); require(__DIR__ . "/../libs/comment.php");
page_header(); page_header();
if (!is_null($username)) { if (!is_null($username)) {
//comments("root","root"); //comments("root","root");
} }
if (!($_GET['page'] > 0)) { ?> if (!($_GET['page'] > 0)) { ?>
<div class="banner"><img class="banner-background" src="/img/newlogo.svg"> <div class="banner"><img class="banner-background" src="/img/newlogo.svg">
<div class="banner-content"> <div class="banner-content">
<h1>BiglyChat</h1> <h1>BiglyChat</h1>
@ -17,15 +17,13 @@
<h2>Community</h2> <h2>Community</h2>
<a class="form-button" href="/tou.php">Terms of Use</a> <a class="form-button" href="/tou.php">Terms of Use</a>
<a class="form-button" href="/stats.php?ref=<?php echo $username ?>">Suggested Users</a>
<a class="form-button" href="/stats.php">Top Users</a>
<a class="form-button" href="https://dervland.net/">More Projects</a> <a class="form-button" href="https://dervland.net/">More Projects</a>
</div> </div>
</div> </div>
<?php <?php
} }
//if (is_null($username)) { //if (is_null($username)) {
comments("root","root"); comments("root", "root");
//} //}
page_footer(); page_footer();
?> ?>

103
docs/login.php
View file

@ -1,55 +1,60 @@
<?php <?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
function post_handler() {
global $db;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('pass',$_POST) || !array_key_exists('user',$_POST)) {
return '';
}
$user = $_POST['user'];
$pass = $_POST['pass'];
$stmt = $db->prepare("SELECT * FROM main.auth WHERE UPPER(username) LIKE UPPER(?)"); require(__DIR__ . "/../libs/page.php");
$stmt->execute([$user]); require(__DIR__ . "/../libs/form.php");
$result = $stmt->fetch(PDO::FETCH_ASSOC); function post_handler()
{
if (!$result) return 'Username does not exist.'; global $db;
$verified = password_verify($pass,$result['password']); // there is 100% a better way to do this but i need to test
if (!array_key_exists('pass', $_POST) || !array_key_exists('user', $_POST)) {
if (!$verified) return 'Password is wrong.'; return '';
}
$token = bin2hex(random_bytes(32));
$user = $_POST['user'];
$stmt = $db->prepare("INSERT INTO main.token (username, token) VALUES (?, ?)"); $pass = $_POST['pass'];
$stmt->execute([$user,$token]);
$stmt = $db->prepare("SELECT * FROM main.auth WHERE UPPER(username) LIKE UPPER(?)");
setcookie("token", $token, time()+3600*24); $stmt->execute([$user]);
if (isset($_GET['next'])) { $result = $stmt->fetch(PDO::FETCH_ASSOC);
$gett = htmlspecialchars($_GET['next'] . '?token=' . $token);
echo "<script>window.location.href = '$gett'</script>"; if (!$result) {
page_footer(); return 'Username does not exist.';
die(); }
}
$verified = password_verify($pass, $result['password']);
header("Location: /");
if (!$verified) {
return 'Password is wrong.';
}
$token = bin2hex(random_bytes(32));
$stmt = $db->prepare("INSERT INTO main.token (username, token) VALUES (?, ?)");
$stmt->execute([$user,$token]);
setcookie("token", $token, time() + 3600 * 24);
if (isset($_GET['next'])) {
$gett = htmlspecialchars($_GET['next'] . '?token=' . $token);
echo "<script>window.location.href = '$gett'</script>";
page_footer();
die(); die();
} }
page_header(); header("Location: /");
die();
$form_message = post_handler(); }
form("Log in (<a class='link' target='_blank' href='/register.php'>Register?</a>)", $form_message, array(
array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''),
array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => '')
));
page_footer(); page_header();
?>
$form_message = post_handler();
form("Log in (<a class='link' target='_blank' href='/register.php'>Register?</a>)", $form_message, array(
array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''),
array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => '')
));
page_footer();

21
docs/logout.php
View file

@ -1,13 +1,12 @@
<?php <?php
require(__DIR__ . "/../libs/page.php");
page_header(); require(__DIR__ . "/../libs/page.php");
if (isset($_COOKIE)) { page_header();
foreach ( $_COOKIE as $key => $value ) if (isset($_COOKIE)) {
{ foreach ($_COOKIE as $key => $value) {
setcookie( $key, FALSE ); setcookie($key, false);
}
header("Location: /");
die();
} }
page_footer(); header("Location: /");
?> die();
}
page_footer();

123
docs/meta.php
View file

@ -1,61 +1,63 @@
<?php <?php
require(__DIR__ . "/../libs/page.php"); require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php"); require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php"); require(__DIR__ . "/../libs/comment.php");
$roles = array(); $roles = array();
page_header(); page_header();
// this is a mess // this is a mess
function get_handler() { function get_handler()
global $db; {
global $username; global $db;
global $user; global $username;
global $bio; global $user;
global $followers; global $bio;
global $following; global $followers;
global $roles; global $following;
global $roles;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('id',$_GET)) { // there is 100% a better way to do this but i need to test
die(); if (!array_key_exists('id', $_GET)) {
} die();
$user = $_GET['id'];
if (array_key_exists('type',$_GET)) {
$type = $_GET['type'];
if ($type == 'follow') {
follow();
} else if ($type == 'settings') {
settings();
}
}
$stmt = $db->prepare("SELECT * FROM main.user WHERE UPPER(username) LIKE UPPER(?)"); //weirdly, this requires a schema name
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE target = ?");
$stmt->execute([$user]);
$following = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ?");
$stmt->execute([$user]);
$followers = $stmt->fetchAll(PDO::FETCH_DEFAULT);
} }
get_handler();
//todo: rewrite $user = $_GET['id'];
if (array_key_exists('type', $_GET)) {
$type = $_GET['type'];
if ($type == 'follow') {
follow();
} elseif ($type == 'settings') {
settings();
}
}
$stmt = $db->prepare("SELECT * FROM main.user WHERE UPPER(username) LIKE UPPER(?)"); //weirdly, this requires a schema name
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE target = ?");
$stmt->execute([$user]);
$following = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ?");
$stmt->execute([$user]);
$followers = $stmt->fetchAll(PDO::FETCH_DEFAULT);
}
get_handler();
//todo: rewrite
?> ?>
<h2>Following</h2> <h2>Following</h2>
<?php <?php
foreach ($following as $user) { $usern = $user['username']; ?> foreach ($following as $user) {
$usern = $user['username']; ?>
<div class='comment'> <div class='comment'>
<div class="avatar"> <div class="avatar">
<img src="/pfp/<?php echo $usern ?>.png" class="avatar-img"> <img src="/pfp/<?php echo $usern ?>.png" class="avatar-img">
@ -69,14 +71,15 @@
</div> </div>
</div> </div>
</div> </div>
<?php <?php
} }
?> ?>
<h2>Followers</h2> <h2>Followers</h2>
<?php <?php
foreach ($followers as $user) { $usern = $user['target']; ?> foreach ($followers as $user) {
$usern = $user['target']; ?>
<div class='comment'> <div class='comment'>
<div class="avatar"> <div class="avatar">
<img src="/pfp/<?php echo $usern ?>.png" class="avatar-img"> <img src="/pfp/<?php echo $usern ?>.png" class="avatar-img">
@ -90,9 +93,9 @@
</div> </div>
</div> </div>
</div> </div>
<?php <?php
} }
?> ?>
<?php <?php
page_footer(); page_footer();
?> ?>

18
docs/notif.php
View file

@ -1,11 +1,11 @@
<?php <?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php");
$ref = 1732684297; require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
page_header(); require(__DIR__ . "/../libs/comment.php");
comments("notification",$username,true);
page_footer(); $ref = 1732684297;
?>
page_header();
comments("notification", $username, true);
page_footer();

113
docs/register.php
View file

@ -1,58 +1,61 @@
<?php <?php
require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php"); require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php");
function post_handler() {
global $db; function post_handler()
{
// there is 100% a better way to do this but i need to test global $db;
if (!array_key_exists('pass',$_POST) || !array_key_exists('user',$_POST) || !array_key_exists('pass2',$_POST)) {
return ''; // there is 100% a better way to do this but i need to test
} if (!array_key_exists('pass', $_POST) || !array_key_exists('user', $_POST) || !array_key_exists('pass2', $_POST)) {
return '';
$user = $_POST['user'];
$pass = $_POST['pass'];
$pass2 = $_POST['pass2'];
preg_match("/[^A-Za-z0-9\-\_]/",$user,$matches);
if ($pass != $pass2) {
return 'Passwords are not the same.';
}
if (isset($matches) && count($matches) > 0) {
return 'Username contains invalid characters.';
}
if (strlen($user) < 1 || strlen($user) > 32) {
return 'Username is too long or short.';
}
$stmt = $db->prepare("SELECT username FROM main.auth WHERE UPPER(username) LIKE UPPER(?)");
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result) return 'Username is taken.';
$hashed = password_hash($pass, PASSWORD_DEFAULT);
$stmt = $db->prepare("INSERT INTO main.auth (username, password) VALUES (?, ?)");
$stmt->execute([$user,$hashed]);
header("Location: /");
die();
} }
page_header(); $user = $_POST['user'];
$pass = $_POST['pass'];
$form_message = post_handler(); $pass2 = $_POST['pass2'];
form("Join", $form_message, array( preg_match("/[^A-Za-z0-9\-\_]/", $user, $matches);
array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''),
array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => ''), if ($pass != $pass2) {
array('key' => 'Password (again)', 'type' => 'password', 'name' => 'pass2', 'default' => '') return 'Passwords are not the same.';
)); }
page_footer(); if (isset($matches) && count($matches) > 0) {
?> return 'Username contains invalid characters.';
}
if (strlen($user) < 1 || strlen($user) > 32) {
return 'Username is too long or short.';
}
$stmt = $db->prepare("SELECT username FROM main.auth WHERE UPPER(username) LIKE UPPER(?)");
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result) {
return 'Username is taken.';
}
$hashed = password_hash($pass, PASSWORD_DEFAULT);
$stmt = $db->prepare("INSERT INTO main.auth (username, password) VALUES (?, ?)");
$stmt->execute([$user,$hashed]);
header("Location: /");
die();
}
page_header();
$form_message = post_handler();
form("Join", $form_message, array(
array('key' => 'Username', 'type' => 'text', 'name' => 'user', 'default' => ''),
array('key' => 'Password', 'type' => 'password', 'name' => 'pass', 'default' => ''),
array('key' => 'Password (again)', 'type' => 'password', 'name' => 'pass2', 'default' => '')
));
page_footer();

76
docs/stats.php
View file

@ -1,42 +1,52 @@
<?php <?php
require(__DIR__ . "/../libs/page.php"); require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php"); require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php"); require(__DIR__ . "/../libs/comment.php");
function cmp($a, $b) {
if ($a == $b) {
return 0;
}
return ($a > $b) ? -1 : 1;
}
page_header(); function cmp($a, $b)
{
if ($a == $b) {
return 0;
}
return ($a > $b) ? -1 : 1;
}
function get_handler() { page_header();
$api = file_get_contents("https://nbg.dervland.net/node/top?ref=" . $_GET['ref']); ?>
$pr = json_decode($api);
<div>
foreach ($pr as $usern => $rr) { ?> <a class="form-button" href="?username=<?php echo $username ?>">Local</a>
<div class='comment'> <a class="form-button" href="?">Global</a>
<div class="avatar"> </div>
<img src="/pfp/<?php echo $usern ?>.png" class="avatar-img">
<div>
<div><b> <?php
function get_handler()
{
$api = file_get_contents("https://nbg.dervland.net/node/top?ref=" . $_GET['ref']);
$pr = json_decode($api);
foreach ($pr as $usern => $rr) { ?>
<div class='comment'>
<div class="avatar">
<img src="/pfp/<?php echo $usern ?>.png" class="avatar-img">
<div>
<div><b>
<a class="link" href="/user.php?id=<?php echo $usern ?>"> <a class="link" href="/user.php?id=<?php echo $usern ?>">
<?php echo $usern ?> <?php echo $usern ?>
</a> </a>
</b> </b>
</div> </div>
</div> </div>
</div> </div>
<div><b>Power</b>: <?php echo $rr ?></div> <div><b>Power</b>: <?php echo $rr ?></div>
</div> </div>
<?php } <?php }
} }
get_handler(); get_handler();
?> ?>
<?php <?php
page_footer(); page_footer();
?> ?>

4
docs/tou.php
View file

@ -1,6 +1,6 @@
<?php <?php
require(__DIR__ . "/../libs/page.php"); require(__DIR__ . "/../libs/page.php");
page_header(); page_header();
?> ?>
<div class="comment"> <div class="comment">

193
docs/user.php
View file

@ -1,98 +1,105 @@
<?php <?php
require(__DIR__ . "/../libs/page.php"); require(__DIR__ . "/../libs/page.php");
require(__DIR__ . "/../libs/form.php"); require(__DIR__ . "/../libs/form.php");
require(__DIR__ . "/../libs/comment.php"); require(__DIR__ . "/../libs/comment.php");
$roles = array(); $roles = array();
page_header(); page_header();
// this is a mess // this is a mess
function get_handler() { function get_handler()
global $db; {
global $username; global $db;
global $user; global $username;
global $bio; global $user;
global $followers; global $bio;
global $following; global $followers;
global $roles; global $following;
global $roles;
// there is 100% a better way to do this but i need to test
if (!array_key_exists('id',$_GET)) { // there is 100% a better way to do this but i need to test
die(); if (!array_key_exists('id', $_GET)) {
} die();
$user = $_GET['id'];
if (array_key_exists('type',$_GET)) {
$type = $_GET['type'];
if ($type == 'follow') {
follow();
} else if ($type == 'settings') {
settings();
}
}
$stmt = $db->prepare("SELECT * FROM main.user WHERE UPPER(username) LIKE UPPER(?)"); //weirdly, this requires a schema name
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$bio = isset($result) ? $result['bio'] : 'This user has not set a bio.';
$stmt = $db->prepare("SELECT * FROM main.follow WHERE target = ?");
$stmt->execute([$user]);
$following = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ?");
$stmt->execute([$user]);
$followers = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.role WHERE username = ?");
$stmt->execute([$user]);
$roles = $stmt->fetchAll(PDO::FETCH_DEFAULT);
} }
function follow() { $user = $_GET['id'];
global $db;
global $username; if (array_key_exists('type', $_GET)) {
global $user; $type = $_GET['type'];
if ($type == 'follow') {
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ? AND target = ?"); follow();
} elseif ($type == 'settings') {
settings();
}
}
$stmt = $db->prepare("SELECT * FROM main.user WHERE UPPER(username) LIKE UPPER(?)"); //weirdly, this requires a schema name
$stmt->execute([$user]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$bio = isset($result) ? $result['bio'] : 'This user has not set a bio.';
$stmt = $db->prepare("SELECT * FROM main.follow WHERE target = ?");
$stmt->execute([$user]);
$following = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ?");
$stmt->execute([$user]);
$followers = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$stmt = $db->prepare("SELECT * FROM main.role WHERE username = ?");
$stmt->execute([$user]);
$roles = $stmt->fetchAll(PDO::FETCH_DEFAULT);
}
function follow()
{
global $db;
global $username;
global $user;
$stmt = $db->prepare("SELECT * FROM main.follow WHERE username = ? AND target = ?");
$stmt->execute([$user,$username]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (is_null($username)) {
return;
}
if ($result) {
$stmt = $db->prepare("DELETE FROM main.follow WHERE username = ? AND target = ?");
$stmt->execute([$user,$username]);
} else {
$stmt = $db->prepare("INSERT INTO main.follow (username,target) VALUES (?,?)");
$stmt->execute([$user,$username]); $stmt->execute([$user,$username]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (is_null($username)) return;
if ($result) {
$stmt = $db->prepare("DELETE FROM main.follow WHERE username = ? AND target = ?");
$stmt->execute([$user,$username]);
} else {
$stmt = $db->prepare("INSERT INTO main.follow (username,target) VALUES (?,?)");
$stmt->execute([$user,$username]);
}
} }
function settings() { }
global $db; function settings()
global $username; {
global $user; global $db;
global $username;
if (is_null($username)) return; global $user;
$stmt = $db->prepare("DELETE FROM main.user WHERE username = ?"); if (is_null($username)) {
$stmt->execute([$username]); return;
$stmt = $db->prepare("INSERT INTO main.user (username,bio) VALUES (?,?)");
$stmt->execute([$username,$_POST['desc']]);
move_uploaded_file($_FILES['avatar']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pfp/' . $username . '.png');
} }
get_handler(); $stmt = $db->prepare("DELETE FROM main.user WHERE username = ?");
$stmt->execute([$username]);
$stmt = $db->prepare("INSERT INTO main.user (username,bio) VALUES (?,?)");
$stmt->execute([$username,$_POST['desc']]);
move_uploaded_file($_FILES['avatar']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pfp/' . $username . '.png');
}
get_handler();
?> ?>
<form class="banner" enctype="multipart/form-data" method="POST" action="/user.php?id=<?php echo $user ?>&type=follow"> <form class="banner" enctype="multipart/form-data" method="POST" action="/user.php?id=<?php echo $user ?>&type=follow">
<img class="banner-background" src="/pfp/<?php echo $user ?>.png"> <img class="banner-background" src="/pfp/<?php echo $user ?>.png">
@ -124,10 +131,10 @@
form("Your Settings", $form_message, array( form("Your Settings", $form_message, array(
array('key' => 'Bio', 'type' => 'textarea', 'name' => 'desc', 'default' => $bio), array('key' => 'Bio', 'type' => 'textarea', 'name' => 'desc', 'default' => $bio),
array('key' => 'Avatar', 'type' => 'file', 'name' => 'avatar', 'default' => '') array('key' => 'Avatar', 'type' => 'file', 'name' => 'avatar', 'default' => '')
),'/user.php?id=' . $user . '&type=settings'); ), '/user.php?id=' . $user . '&type=settings');
} }
comments('user',$user); comments('user', $user);
page_footer(); page_footer();
?> ?>

71
libs/auth.php
View file

@ -1,32 +1,41 @@
<?php <?php
require(__DIR__ . "/test_secret.php"); require(__DIR__ . "/test_secret.php");
function auth($token) {
if (is_null($token)) return null;
global $db; function auth($token)
{
if (is_null($token)) {
return null;
}
$stmt = $db->prepare("SELECT * FROM main.token WHERE token = ?"); global $db;
$stmt->execute([$token]);
$stmt = $db->prepare("SELECT * FROM main.token WHERE token = ?");
$result = $stmt->fetch(PDO::FETCH_ASSOC); $stmt->execute([$token]);
if (!$result) return null;
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$username = $result['username']; if (!$result) {
return null;
$stmt = $db->prepare("SELECT * FROM main.auth WHERE username = ?"); }
$stmt->execute([$username]);
$username = $result['username'];
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$result) return null; $stmt = $db->prepare("SELECT * FROM main.auth WHERE username = ?");
$stmt->execute([$username]);
$stmt = $db->prepare("SELECT * FROM main.ban WHERE username = ?");
$stmt->execute([$username]); $result = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$result) {
$result = $stmt->fetch(PDO::FETCH_ASSOC); return null;
if (!$result) return $username; }
$reason = $result['reason']; ?> $stmt = $db->prepare("SELECT * FROM main.ban WHERE username = ?");
$stmt->execute([$username]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$result) {
return $username;
}
$reason = $result['reason']; ?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<body> <body>
@ -35,9 +44,9 @@
</body> </body>
</html> </html>
<?php die(); <?php die();
} }
if (array_key_exists('token',$_COOKIE)) { if (array_key_exists('token', $_COOKIE)) {
$username = auth($_COOKIE['token']); $username = auth($_COOKIE['token']);
} }
?> ?>

155
libs/comment.php
View file

@ -1,42 +1,49 @@
<?php <?php
require(__DIR__ . "/markdown.php"); require(__DIR__ . "/markdown.php");
function comments($typer, $idr, $disable = false) { function comments($typer, $idr, $disable = false)
$ref = 1732684297; {
global $username; $ref = 1732684297;
global $db; global $username;
$page = array_key_exists('page',$_GET) ? ($_GET['page']) : 0; global $db;
$mode = array_key_exists('mode',$_GET) ? ($_GET['mode']) : 'all'; $page = array_key_exists('page', $_GET) ? ($_GET['page']) : 0;
if ($username && !$disable) { $mode = array_key_exists('mode', $_GET) ? ($_GET['mode']) : 'all';
form("Broadcast your thoughts...", '', array( if ($username && !$disable) {
array('key' => 'Your message', 'type' => 'textarea', 'name' => 'post', 'default' => ''), form("Broadcast your thoughts...", '', array(
array('key' => '','type' => 'hidden','name' => 'type', 'default' => $typer), array('key' => 'Your message', 'type' => 'textarea', 'name' => 'post', 'default' => ''),
array('key' => '','type' => 'hidden','name' => 'id', 'default' => $idr), array('key' => '','type' => 'hidden','name' => 'type', 'default' => $typer),
array('key' => 'Attachments', 'type' => 'file', 'name' => 'file', 'default' => '') array('key' => '','type' => 'hidden','name' => 'id', 'default' => $idr),
),'/api/comment.php'); array('key' => 'Attachments', 'type' => 'file', 'name' => 'file', 'default' => '')
} ), '/api/comment.php');
}
$qs = parse_url($_SERVER['REQUEST_URI']); $qs = parse_url($_SERVER['REQUEST_URI']);
if (is_null($qs)) $qs = array('query' => '?'); if (is_null($qs)) {
$qsq = $qs['query']; $qs = array('query' => '?');
}
$qsq = $qs['query'];
$qss = array(); $qss = array();
parse_str($qsq,$qss);
$qss['page'] = $page + 1; parse_str($qsq, $qss);
$qs_next = http_build_query($qss);
$qss['page'] = $page - 1;
$qs_prev = http_build_query($qss);
$qss['page'] = $page;
$qss['mode'] = 'all';
$qs_1 = http_build_query($qss);
$qss['mode'] = 'followers'; $qss['page'] = $page + 1;
$qs_2 = http_build_query($qss); $qs_next = http_build_query($qss);
?> $qss['page'] = $page - 1;
$qs_prev = http_build_query($qss);
$qss['page'] = $page;
$qss['mode'] = 'all';
$qs_1 = http_build_query($qss);
$qss['mode'] = 'followers';
$qs_2 = http_build_query($qss);
?>
<div>
<a class="form-button" href="?<?php echo $qs_1 ?>">Everyone</a>
<a class="form-button" href="?<?php echo $qs_2 ?>">Following</a>
</div>
<div> <div>
<?php if ($page > 0) { ?> <?php if ($page > 0) { ?>
<a class="form-button" href="?<?php echo $qs_prev ?>">Previous</a> <a class="form-button" href="?<?php echo $qs_prev ?>">Previous</a>
@ -44,60 +51,58 @@
<a class="form-button" href="?<?php echo $qs_next ?>">Next</a> <a class="form-button" href="?<?php echo $qs_next ?>">Next</a>
</div> </div>
<div>
<a class="form-button" href="?<?php echo $qs_1 ?>">Everyone</a>
<a class="form-button" href="?<?php echo $qs_2 ?>">Following</a>
</div>
<?php <?php
$posts = array(); $posts = array();
$theId = $idr; $theId = $idr;
while (true) { while (true) {
$stmt = $db->prepare("SELECT * FROM comment WHERE id = ? ORDER BY date DESC"); $stmt = $db->prepare("SELECT * FROM comment WHERE id = ? ORDER BY date DESC");
$stmt->execute([ $stmt->execute([
$theId $theId
]); ]);
$posts1 = $stmt->fetchAll(PDO::FETCH_DEFAULT); $posts1 = $stmt->fetchAll(PDO::FETCH_DEFAULT);
if (is_null($posts1) || count($posts1) < 1) break; if (is_null($posts1) || count($posts1) < 1) {
$theId = $posts1[0]['targetid']; break;
$posts = array_merge($posts1,$posts); }
} $theId = $posts1[0]['targetid'];
$posts = array_merge($posts1, $posts);
}
if ($mode == 'all') { if ($mode == 'all') {
$stmt = $db->prepare("SELECT * FROM comment WHERE targetType = ? AND targetId = ? ORDER BY date DESC LIMIT ? OFFSET ?"); $stmt = $db->prepare("SELECT * FROM comment WHERE targetType = ? AND targetId = ? ORDER BY date DESC LIMIT ? OFFSET ?");
$stmt->execute([ $stmt->execute([
$typer, $typer,
$idr, $idr,
10, 10,
$page * 10 $page * 10
]); ]);
} else { } else {
$stmt = $db->prepare("SELECT * FROM comment WHERE targetType = ? AND targetId = ? AND username IN (SELECT username FROM main.follow WHERE target = ?) ORDER BY date DESC LIMIT ? OFFSET ?"); $stmt = $db->prepare("SELECT * FROM comment WHERE targetType = ? AND targetId = ? AND username IN (SELECT username FROM main.follow WHERE target = ?) ORDER BY date DESC LIMIT ? OFFSET ?");
$stmt->execute([ $stmt->execute([
$typer, $typer,
$idr, $idr,
$username, $username,
10, 10,
$page * 10 $page * 10
]); ]);
} }
$posts2 = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$edge = count($posts); $posts2 = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$posts = array_merge($posts,$posts2);
?> $edge = count($posts);
$posts = array_merge($posts, $posts2);
?>
<meta property="og:title" content="NewBiglyChat" /> <meta property="og:title" content="NewBiglyChat" />
<meta property="og:type" content="article" /> <meta property="og:type" content="article" />
<meta property="og:url" content="<?php echo "https://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]" ?>" /> <meta property="og:url" content="<?php echo "https://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]" ?>" />
<meta property="og:description" content="<?php echo htmlspecialchars($posts[$edge - 1]['content']) ?>" /> <meta property="og:description" content="<?php echo htmlspecialchars($posts[$edge - 1]['content']) ?>" />
<meta property="og:image" content="https://nbg.dervland.net/img/newlogo.svg" /> <meta property="og:image" content="https://nbg.dervland.net/img/newlogo.svg" />
<?php <?php
foreach ($posts as $key => $post) { foreach ($posts as $key => $post) {
if ($key == $edge) { ?> if ($key == $edge) { ?>
<h2>Replies</h2> <h2>Replies</h2>
<?php } ?> <?php } ?>
<div class='comment'> <div class='comment'>
@ -111,7 +116,7 @@
</b></div> </b></div>
<div><b> <div><b>
<a class='link' href='/comment.php?id=<?php echo $post['id'] ?>'> <a class='link' href='/comment.php?id=<?php echo $post['id'] ?>'>
<?php echo date(DATE_RFC2822,$post['date'] + $ref) ?> <?php echo date(DATE_RFC2822, $post['date'] + $ref) ?>
</a> </a>
</b></div> </b></div>
</div> </div>
@ -120,5 +125,5 @@
<a class="clickie" href="/comment.php?id=<?php echo $post['id']?>"><img class="header-img header-link" src="/img/mail.svg">Replies</a> <a class="clickie" href="/comment.php?id=<?php echo $post['id']?>"><img class="header-img header-link" src="/img/mail.svg">Replies</a>
</div> </div>
<?php } <?php }
} }
?> ?>

5
libs/form.php
View file

@ -1,5 +1,6 @@
<?php <?php
function form($title, $form_message, $inputs, $action = '') { ?> function form($title, $form_message, $inputs, $action = '')
{ ?>
<form class='form' enctype="multipart/form-data" method="POST" action="<?php echo $action ?>"> <form class='form' enctype="multipart/form-data" method="POST" action="<?php echo $action ?>">
<h1 class="form-heading"> <h1 class="form-heading">
<?php echo $title ?> <?php echo $title ?>
@ -8,7 +9,7 @@
<?php echo htmlspecialchars($form_message) ?> <?php echo htmlspecialchars($form_message) ?>
</span> </span>
<?php <?php
foreach ($inputs as $kv) { ?> foreach ($inputs as $kv) { ?>
<span class='form-key'> <span class='form-key'>
<?php echo htmlspecialchars($kv['key']) ?> <?php echo htmlspecialchars($kv['key']) ?>
</span> </span>

83
libs/markdown.php
View file

@ -1,43 +1,44 @@
<?php <?php
function markdown($text) { function markdown($text)
$search = array ( {
'~(https://[^.]+\.dervland\.net/[^\s<]+\.(png|jpg|jpeg|gif))~i', $search = array(
'~(https://[^.]+\.dervland\.net/[^\s<]+\.(mp3|wav))~i', '~(https://[^.]+\.dervland\.net/[^\s<]+\.(png|jpg|jpeg|gif))~i',
'~(https://[^.]+\.dervland\.net/[^\s<]+\.(webm|mp4))~i', '~(https://[^.]+\.dervland\.net/[^\s<]+\.(mp3|wav))~i',
//'~(https://studio\.penguinmod\.com/[^\s<?#]*[#]([^\s<]*))~i', '~(https://[^.]+\.dervland\.net/[^\s<]+\.(webm|mp4))~i',
//'~(https://studio\.penguinmod\.com/[^\s<?#]*[?#]?([^\s<#]*)[#]?([^\s<]*))~i', //'~(https://studio\.penguinmod\.com/[^\s<?#]*[#]([^\s<]*))~i',
'~(?:\s|^)(?:(https?)://([^\s<]+)|(www\.[^\s<]+?\.[^\s<]+))(?<![\.,:])~i', //'~(https://studio\.penguinmod\.com/[^\s<?#]*[?#]?([^\s<#]*)[#]?([^\s<]*))~i',
'~(?:@)([^\s]+)(?:\s|$)~i', '~(?:\s|^)(?:(https?)://([^\s<]+)|(www\.[^\s<]+?\.[^\s<]+))(?<![\.,:])~i',
'~(\[b\])(.*?)(\[\/b\])~i', '~(?:@)([^\s]+)(?:\s|$)~i',
'~(\[i\])(.*?)(\[\/i\])~i', '~(\[b\])(.*?)(\[\/b\])~i',
'~(\[u\])(.*?)(\[\/u\])~i', '~(\[i\])(.*?)(\[\/i\])~i',
'~(\[ul\])(.*?)(\[\/ul\])~i', '~(\[u\])(.*?)(\[\/u\])~i',
'~(\[li\])(.*?)(\[\/li\])~i', '~(\[ul\])(.*?)(\[\/ul\])~i',
'~(\[h\])(.*?)(\[\/h\])~i', '~(\[li\])(.*?)(\[\/li\])~i',
'~(\[url=)(.*?)(\])(.*?)(\[\/url\])~i', '~(\[h\])(.*?)(\[\/h\])~i',
'~(\[url\])(.*?)(\[\/url\])~i' '~(\[url=)(.*?)(\])(.*?)(\[\/url\])~i',
); '~(\[url\])(.*?)(\[\/url\])~i'
);
$replace = array (
'<a class="link" href="$1" target="_blank"><div>$1</div><img src="$1" class="img"></a>', $replace = array(
'<a class="link" href="$1" target="_blank"><div>$1</div><audio controls src="$1"></a>', '<a class="link" href="$1" target="_blank"><div>$1</div><img src="$1" class="img"></a>',
'<a class="link" href="$1" target="_blank"><div>$1</div><video controls class="img"><source src="$1"/></video></a>', '<a class="link" href="$1" target="_blank"><div>$1</div><audio controls src="$1"></a>',
//'https://studio.penguinmod.com/?#$2', '<a class="link" href="$1" target="_blank"><div>$1</div><video controls class="img"><source src="$1"/></video></a>',
//'<a class="link" href="$1" target="_blank"><div>$1</div><iframe src="https://studio.penguinmod.com/embed?$2#$3"></iframe></a>', //'https://studio.penguinmod.com/?#$2',
'<a class="link" href="$0" target="_blank">$0</a>', //'<a class="link" href="$1" target="_blank"><div>$1</div><iframe src="https://studio.penguinmod.com/embed?$2#$3"></iframe></a>',
'<a class="link" href="/user.php?id=$1" target="_blank">@$1</a>', '<a class="link" href="$0" target="_blank">$0</a>',
'<strong>$2</strong>', '<a class="link" href="/user.php?id=$1" target="_blank">@$1</a>',
'<em>$2</em>', '<strong>$2</strong>',
'<u>$2</u>', '<em>$2</em>',
'<ul>$2</ul>', '<u>$2</u>',
'<li>$2</li>', '<ul>$2</ul>',
'<h2>$2</h2>', '<li>$2</li>',
'<a class="link" href="$2" target="_blank">$4</a>', '<h2>$2</h2>',
'<a class="link" href="$2" target="_blank">$2</a>' '<a class="link" href="$2" target="_blank">$4</a>',
); '<a class="link" href="$2" target="_blank">$2</a>'
);
$text = preg_replace($search, $replace, $text);
$text = preg_replace($search, $replace, $text);
return $text;
} return $text;
}
?> ?>

78
libs/page.php
View file

@ -1,43 +1,45 @@
<?php <?php
require(__DIR__ . "/auth.php"); require(__DIR__ . "/auth.php");
global $username;
function page_header()
{
global $db;
global $username; global $username;
function page_header() { $stmt = $db->prepare("SELECT * FROM comment WHERE targetType = ? AND targetId = ? ORDER BY date DESC");
global $db; $stmt->execute([
global $username; "notification",
$stmt = $db->prepare("SELECT * FROM comment WHERE targetType = ? AND targetId = ? ORDER BY date DESC"); $username,
$stmt->execute([ ]);
"notification",
$username,
]);
$posts2 = $stmt->fetchAll(PDO::FETCH_DEFAULT);
$edge = count($posts2); $posts2 = $stmt->fetchAll(PDO::FETCH_DEFAULT);
?> $edge = count($posts2);
<!DOCTYPE html> ?>
<html> <!DOCTYPE html>
<head> <html>
<title>BiglyChat</title> <head>
<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1"> <title>BiglyChat</title>
<link rel="icon" href="/img/bgc.svg"> <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1">
<link rel="icon" href="/img/bgc.svg">
<link rel="stylesheet" href="/css/main.css"> <link rel="stylesheet" href="/css/main.css">
</head> </head>
<body> <body>
<div class="header"> <div class="header">
<a href="/"><img class="header-img header-link" src="/img/bgc.svg">BiglyChat</a> <a href="/"><img class="header-img header-link" src="/img/bgc.svg">BiglyChat</a>
<?php <?php if (isset($username)) { ?>
if (isset($username)) { ?> <a href="/user.php?id=<?php echo $username ?>"><img class="header-img header-link" src="/pfp/<?php echo $username ?>.png">Wall</a>
<a href="/user.php?id=<?php echo $username ?>"><img class="header-img header-link" src="/img/home.svg">Home</a> <a href="/notif.php"> <img class="header-img header-link" src="/img/mail.svg"><span>Mail<sub> <?php echo $edge?></sub></span></a>
<a href="/notif.php"> <img class="header-img header-link" src="/img/mail.svg"><span>Mail<sub> <?php echo $edge?></sub></span></a> <a href="/stats.php?username=<?php echo $username ?>"><img class="header-img header-link" src="/img/home.svg">Users</a>
<a href="/logout.php"><img class="header-img header-link" src="/img/logout.svg">Leave</a> <a href="/logout.php"><img class="header-img header-link" src="/img/logout.svg">Leave</a>
<?php } else { ?> <?php } else { ?>
<a href="/login.php"><img class="header-img header-link" src="/img/home.svg">Join</a> <a href="/login.php"><img class="header-img header-link" src="/img/home.svg">Join</a>
<?php } <a href="/stats.php"><img class="header-img header-link" src="/img/home.svg">Users</a>
?> <?php }
</div> ?>
<?php } </div>
function page_footer() { ?> <?php }
</body> function page_footer()
</html> { ?>
<?php } </body>
</html>
<?php }
?> ?>

20
scripts/init.php
View file

@ -1,11 +1,11 @@
<?php <?php
require(__DIR__ . "/../libs/test_secret.php");
require(__DIR__ . "/../libs/test_secret.php");
global $db;
global $db;
$sql = file_get_contents('../scripts/init.sql', true);
$sql = file_get_contents('../scripts/init.sql', true);
$db->exec($sql);
$db->exec($sql);
echo "Database was set up.";
?> echo "Database was set up.";