Taylor/trojans-trophy-room
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Added 'safe' admins; these accounts will persist across database resets

Browse Source
This commit is contained in:
Taylor Courage 2025-03-01 09:58:27 -05:00
parent 4db53fbe75
commit 797859c683
10 changed files with 325 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
admin/admin_nav.php
View File

@ -16,7 +16,8 @@
<div class="navPanel" id="userManagementPanel">
<a href="user_management/user_form.php" target="dataFrame" class="navLink">CREATE USER</a>
<a href="#" target="dataFrame" class="navLink">MODIFY USER</a>
<a href="#" target="dataFrame" class="navLink">DISPLAY ALL USERS</a>
<a href="#" target="dataFrame" class="navLink">SHOW ALL USERS</a>
<a href="user_management/create_safe_admin.php" target="dataFrame" class="navLink">CREATE SAFE ADMIN</a>
</div>
<p>&nbsp;</p>
<h3>TOURNEY MANAGEMENT</h3>
@ -31,7 +32,6 @@
<a href="db_management/conn_check.php" target="dataFrame" class="navLink">CHECK DB CONNECTION</a>
<a href="db_management/reinitialize.php" target="dataFrame" class="navLink">RE-INITIALIZE DB</a>
<a href="#" target="dataFrame" class="navLink">SHOW RAW DB</a>
<a href="#" target="dataFrame" class="navLink">FOUR</a>
</div>
<p>&nbsp;</p>
</div>

46
admin/db_config.php
View File

@ -6,6 +6,15 @@ $username = "USERNAME";
$password = "PASSWORD";
$dbName = "DBNAME";
//////////////////////////// DEVELOPER ///////////////////////////////
////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////
// THIS IS ONLY TO REPLACE THE ABOVE DEFAULTS WITH OUR DEV-ENVIRONMENT DETAILS
include ("dev_db_config.php");
////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////
/*////// USER-CONFIGURABLE VARIABLES HERE /////////
@ -17,6 +26,8 @@ $dbName = "DBNAME";
$userTableName = "users"; // name of the table containing user data
$dataTableName = "replays"; // table containing replay data
$trophyTableName = "trophies"; // trophy data table
$adminUserTableName = "safeadmins";
$passwordLength = 8; // default minimum random password length
@ -34,6 +45,21 @@ $passwordLength = 8; // default minimum random password length
////////////////////////////////////////////*/
// ADMIN DATA TABLE
$sqlCreateAdminTable = "
CREATE TABLE " . $adminUserTableName . " (
userID INT(8) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
isAdmin BOOL,
username VARCHAR(30) NOT NULL,
password VARCHAR(255),
discord VARCHAR(50),
twitch VARCHAR(50),
youtube VARCHAR(50),
userCreated TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
userUpdated TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
)";
// USER DATA TABLE
$sqlCreateUserTable = "
CREATE TABLE " . $userTableName . " (
@ -53,10 +79,10 @@ userUpdated TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
$sqlCreateDataTable = "
CREATE TABLE " . $dataTableName . " (
replayID INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
ballchasingID VARCHAR(100) NOT NULL,
replayName VARCHAR(150) NOT NULL,
ballchasingID VARCHAR(100),
replayName VARCHAR(150),
uploadedBy VARCHAR(30),
numPlayers TINYINT UNSIGNED NOT NULL,
numPlayers TINYINT UNSIGNED,
player1 VARCHAR(30),
player2 VARCHAR(30),
player3 VARCHAR(30),
@ -67,4 +93,18 @@ player7 VARCHAR(30),
player8 VARCHAR(30),
notes VARCHAR(1000)
)";
// TROPHY DATA TABLE
$sqlCreateTrophyTable = "
CREATE TABLE " . $trophyTableName . " (
trophyID INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
replayID INT UNSIGNED,
trophyType VARCHAR(25),
winner1 VARCHAR(30),
winner2 VARCHAR(30),
winner3 VARCHAR(30),
numPlayers TINYINT UNSIGNED,
notes VARCHAR(1000)
)";
?>

52
admin/db_management/initialize.php
View File

@ -13,7 +13,7 @@
<body class="sqlOutput">
<?php
// USER-DEFINED VARIABLES
include("../dev_db_config.php"); // Include database stuff
include("../db_config.php"); // Include database stuff
try { // Try opening the SQL database connection
@ -25,6 +25,9 @@
echo "Connection failed: " . $e->getMessage();
}
////////// USER DATA ///////////
echo "<p>Creating user data table...</p>";
// Check if the users table exists already
$sqlCheckUserTable = $conn->prepare("SHOW TABLES LIKE '" . $userTableName . "'");
@ -55,7 +58,19 @@
}
}
// Check if the users table exists already
// Next we're going to copy any safe admins into the users table.
// This will make userlists easier to work with
echo "<p>Copying users from safe admins...</p>";
$copyAdmins = $conn->prepare("INSERT INTO " . $userTableName . " SELECT * FROM " . $adminUserTableName);
$copyAdmins->execute();
echo "<p>Copied!</p>";
//////// REPLAY DATA ////////
echo "<p>Creating replay data table...</p>";
// Check if the replay data table exists already
$sqlCheckDataTable = $conn->prepare("SHOW TABLES LIKE '" . $dataTableName . "'");
// Run the query
@ -85,6 +100,39 @@
}
}
//////// TROPHY DATA ////////
echo "<p>Creating trophy data table...</p>";
// Check if the replay data table exists already
$sqlCheckTrophyTable = $conn->prepare("SHOW TABLES LIKE '" . $trophyTableName . "'");
// Run the query
$sqlCheckTrophyTable->execute();
//Check if any rows exist - if not, create the table, if yes, destroy it first, then create it
$count = $sqlCheckTrophyTable->rowCount();
if ($count != 0) {
echo "<p>Deleting exsiting table '" . $trophyTableName . "'...</p>";
// Create the query to drop the table
$sqlDropDataTable = "DROP TABLE " . $trophyTableName;
$conn->exec($sqlDropDataTable); // drop the table
echo "<p>Deleted!</p><p>Creating new table '" . $trophyTableName . "'...</p>";
try { // Create the new table
$conn->query($sqlCreateTrophyTable);
echo "<p>Table '" . $trophyTableName . "' successfully created (trophy data)</p>";
} catch (PDOException $e) {
echo $sqlCreateTrophyTable . "<br>" . $e->getMessage();
}
} else { // If the table doesn't already exist, we'll just create it
try {
$conn->query($sqlCreateTrophyTable);
echo "<p>Table '" . $trophyTableName . "' successfully created (trophy data)</p>";
} catch (PDOException $e) {
echo $sqlCreateTrophyTable . "<br>" . $e->getMessage();
}
}
$conn = null; // Close the connection
// Tell the use we're done

12
admin/dev_db_config.php Normal file
View File

@ -0,0 +1,12 @@
<?php
// DB LOGIN DETAILS HERE
$servername = "127.0.0.1";
$username = "trojandestinyrl";
$password = "f4f7L2aexOUXLkV";
$dbName = "dev";
ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
error_reporting(-1);
?>

42
admin/index.php
View File

@ -14,7 +14,47 @@
<div id="contentFrame">
<h1>Trojan's Trophy Room</h1>
<h2 id="adminHeader">ADMIN PANEL</h2>
<iframe src="admin_nav.php" name="dataFrame" class="dataFrame" id="dataFrame" onload="resizeIframe(this);"></iframe>
<?php
/* This little bit of code is going to check whether or not we have
at least one "safe admin" user - this is someone who isn't gonna be
deleted by the (re)initialization script, a 'master administrator'
for the program if you like.
*/
include ("db_config.php");
try { // Try opening the SQL database connection
$conn = new PDO("mysql:host=$servername; dbname=$dbName", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) { // failed connection
echo "SQL connection failed: " . $e->getMessage();
}
// Check if the admin table exists
$sqlCheckAdminTable = $conn->prepare("SHOW TABLES LIKE '" . $adminUserTableName . "'");
// Run the query
$sqlCheckAdminTable->execute();
//Check if any rows exist
$count = $sqlCheckAdminTable->rowCount();
$count = 1;
// EVENTUALLY WE NEED TO MAKE SURE THE PERSON LOGGED IN IS AN ADMIN
if ($count == 0) { // If no safe admins are found, we'll force creation of one
echo "<iframe src=\"user_management/create_safe_admin.php\" name=\"dataFrame\" class=\"dataFrame\" id=\"dataFrame\" onload=\"resizeIframe(this);\"></iframe>";
} else { // Otherwise we'll show the nav page
echo "<iframe src=\"admin_nav.php\" name=\"dataFrame\" class=\"dataFrame\" id=\"dataFrame\" onload=\"resizeIframe(this);\"></iframe>";
}
?>
<div id="subNav">
<a href="./" class="navLink" id="adminHomeButton">ADMIN HOME</a>
<a href="../" class="navLink" id="mainHomeButton">MAIN HOME</a>

95
admin/user_management/add_safe_admin.php Normal file
View File

@ -0,0 +1,95 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no" />
<link rel="stylesheet" href="db_management.css" />
<!-- <script src="trojan.js"></script>-->
<title>no title</title>
</head>
<body class="sqlOutput">
<?php
// USER-DEFINED VARIABLES
include("../db_config.php"); // Include database stuff
try { // Try opening the SQL database connection
$conn = new PDO("mysql:host=$servername; dbname=$dbName", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "<p>Connected successfully</p>";
// Check if the users table exists already
$sqlCheckUserTable = $conn->prepare("SHOW TABLES LIKE '" . $adminUserTableName . "'");
// Run the query
$sqlCheckUserTable->execute();
//Check if any rows exist - if not, create the table
$count = $sqlCheckUserTable->rowCount();
if ($count == 0) {
try {
$conn->query($sqlCreateAdminTable);
echo "<p>Table '" . $adminUserTableName . "' successfully created (user data)</p>";
} catch (PDOException $e) {
echo $sqlCreateUserTable . "<br>" . $e->getMessage();
}
}
// Variables for the various input fields
$username = $_POST["username"];
$password = password_hash($_POST["password"], PASSWORD_DEFAULT); // Hash the password for security
$discord = $_POST["discord"];
$twitch = $_POST["twitch"];
$youtube = $_POST["youtube"];
$isAdmin = 0;
if (filter_has_var(INPUT_POST, "isAdmin")) {
$isAdmin = 1;
}
echo "<br>";
echo $username . "<br>";
echo $password . "<br>";
echo $discord . "<br>";
echo $twitch . "<br>";
echo $youtube . "<br>";
echo $isAdmin . "<br>";
$insert = $conn->prepare("INSERT INTO " . $adminUserTableName . " (username, password, discord, twitch, youtube, isAdmin) VALUES (:username, :password, :discord, :twitch, :youtube, :isAdmin)");
$insert->bindParam(":username", $username);
$insert->bindParam(":password", $password);
$insert->bindParam(":discord", $discord);
$insert->bindParam(":twitch", $twitch);
$insert->bindParam(":youtube", $youtube);
$insert->bindParam(":isAdmin", $isAdmin);
$insert->execute();
echo "New records created successfully?";
} catch (PDOException $e) { // failed connection
echo "Connection failed: " . $e->getMessage();
}
$conn = null;
?>
</body>
</html>

23
admin/user_management/add_user.php
View File

@ -12,13 +12,8 @@
<body class="sqlOutput">
<?php
/////
ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
error_reporting(-1);
// USER-DEFINED VARIABLES
include("../dev_db_config.php"); // Include database stuff
include("../db_config.php"); // Include database stuff
try { // Try opening the SQL database connection
@ -30,17 +25,23 @@ error_reporting(-1);
// Variables for the various input fields
$username = $_POST["username"];
$password = password_hash($_POST["password"], PASSWORD_DEFAULT);
$discord = $_POST["discord"];
$password = password_hash($_POST["password"], PASSWORD_DEFAULT); // Hash the password for security
$discord = "";
$twitch = $_POST["twitch"];
$youtube = $_POST["youtube"];
if ($_POST["isAdmin"] == NULL) {
$isAdmin = 0;
} else {
if (filter_has_var(INPUT_POST, "isAdmin")) {
$isAdmin = 1;
}
echo "<p>Is Admin? " . $isAdmin . "</p>";
if (isset($_POST["discord"])) {
$discord = $_POST["discord"];
}
echo "<br>";
echo $username . "<br>";
echo $password . "<br>";
@ -51,7 +52,7 @@ error_reporting(-1);
echo $isAdmin . "<br>";
echo "lock 0";
$insert = $conn->prepare("INSERT INTO users (username, password, discord, twitch, youtube, isAdmin) VALUES (:username, :password, :discord, :twitch, :youtube, :isAdmin)");
$insert = $conn->prepare("INSERT INTO " . $userTableName . " (username, password, discord, twitch, youtube, isAdmin) VALUES (:username, :password, :discord, :twitch, :youtube, :isAdmin)");
echo "lock 1";

67
admin/user_management/create_safe_admin.php Normal file
View File

@ -0,0 +1,67 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no" />
<link rel="stylesheet" href="../../styles/admin.css" />
<link rel="stylesheet" href="../../styles/admin_nav.css" />
<link rel="stylesheet" href="user_management.css" />
<?php include ("../db_config.php");?> <!-- Our password-length variable is stored here -->
<script src="user_management.js"></script>
<title>ADMIN CREATION FORM</title>
</head>
<body id="generalBody">
<div id="userFormPanel">
<h2>SAFE ADMIN CREATION</h2>
<p>This form is used to create safe administrators - users who won't be deleted by a (re)initilization of the database</p>
<hr>
<p></p>
<form id="userForm" action="add_safe_admin.php" onsubmit="return verifyInput()" method="POST" target="dataFrame">
<!-- THIS DIV IS FOR INPUT -->
<div id="inputArea">
<label for="username">Username:</label>
<input type="text" id="username" name="username" onchange="forcePassword()"/>
<label for="password">Password:</label>
<input type="password" id="password" name="password" />
<label for="discord">Discord:</label>
<input type="text" id="discord" name="discord" />
<label for="twitch">Twitch:</label>
<input type="text" id="twitch" name="twitch" />
<label for="youtube">Youtube:</label>
<input type="text" id="youtube" name="youtube" />
</div>
<hr>
<!-- THIS DIV IS FOR PASSWORD SETTINGS -->
<div id="passwordOptions">
<h4>PASSWORD OPTIONS</h4>
<p class="newLine"></p>
<input type="checkbox" id="showPassword" name="showPassword" class="passwordOptions" onclick="togglePassword()"/>
<label for="showPassword" class="passwordOptions">Show Password</label>
<p class="newLine"></p>
<input type="checkbox" id="random" name="random" class="passwordOptions" onclick="randomPassword();togglePassword();"/>
<label for="random" class="passwordOptions">Random</label>
<label for="passwordLength">Length of password:&nbsp;</label>
<input type="number" id="passwordLength" value="<?php echo $passwordLength ?>" min="6" max="20" onchange="randomPassword();togglePassword();">
<p class="newLine"></p>
<input type="checkbox" id="none" name="none" class="passwordOptions" onclick="togglePassword()" style="visibility:hidden;"/>
<label for="none" class="passwordOptions" style="visibility:hidden;">None (can be set later)</label>
</div>
<hr>
<!-- THIS DIV IS FOR EXTRA SETTINGS -->
<div id="extraOptions">
<h4>EXTRA OPTIONS</h4>
<p class="newLine">&nbsp;</p>
<input type="checkbox" id="isAdmin" name="isAdmin" value="isAdmin" class="extraOptions" checked onclick="return false;">
<label for="isAdmin" class="extraOptions">Make administrator?</label>
<p class="newLine">This is a safe admin. You are forced to provide a password.</p>
<p class="newLine"></p>
</div>
<p>&nbsp;</p>
<input type="submit" value="CREATE" />
</form>
<p>&nbsp;</p>
</div>
</body>
</html>

1
admin/user_management/user_form.php
View File

@ -47,6 +47,7 @@
<p class="newLine"></p>
<input type="checkbox" id="none" name="none" class="passwordOptions" onclick="togglePassword()"/>
<label for="none" class="passwordOptions">None (can be set later)</label>
<p class="newLine"></p>
</div>
<hr>
<!-- THIS DIV IS FOR EXTRA SETTINGS -->

1
styles/admin_nav.css
View File

@ -46,6 +46,7 @@
padding: 10px;
padding-left: 30px;
padding-right: 30px;
margin-top: 10px;
}
#dbManagementPanel {