[null, 0, null, null, -2147483648, -2147483648]
diff --git a/.idea/id.iml b/.idea/id.iml
deleted file mode 100644
index 7267852..0000000
--- a/.idea/id.iml
+++ /dev/null
@@ -1,30 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
deleted file mode 100644
index 9367315..0000000
--- a/.idea/modules.xml
+++ /dev/null
@@ -1,8 +0,0 @@
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/php.xml b/.idea/php.xml
deleted file mode 100644
index a30690c..0000000
--- a/.idea/php.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/sqldialects.xml b/.idea/sqldialects.xml
deleted file mode 100644
index 63772a3..0000000
--- a/.idea/sqldialects.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
-
-
-
-
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
deleted file mode 100644
index 35eb1dd..0000000
--- a/.idea/vcs.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
-
-
-
-
\ No newline at end of file
diff --git a/accounts_handler.php b/accounts_handler.php
index 9add2f5..5d862b9 100644
--- a/accounts_handler.php
+++ b/accounts_handler.php
@@ -25,7 +25,7 @@ function get_avatar_url($bcid):string {
}
-function get_display_name($bcid, $use_bcid_fallback=true, $put_bcid_in_parenthesis=false):string {
+function get_display_name($bcid, $use_bcid_fallback=true, $put_bcid_in_parenthesis=false, $format_bcid=false):string {
$display_name = db_execute("SELECT display_name FROM accounts WHERE id = ?", [$bcid])['display_name'];
if (!empty($display_name)) {
if ($put_bcid_in_parenthesis) {
diff --git a/admin_apps_create.php b/admin_apps_create.php
index 0de29ff..1e495fb 100644
--- a/admin_apps_create.php
+++ b/admin_apps_create.php
@@ -13,7 +13,7 @@ function check_app_id($app_id): bool
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$app_id = generate_app_id();
- db_execute("INSERT INTO apps (id, owner_id, title, description, type) VALUES (?, ?, ?, ?, ?)", [$app_id, $_POST['owner'], $_POST['title'], $_POST['description'], $_POST['type']]);
+ db_execute("INSERT INTO apps (id, owner_id, title, description, type, callback) VALUES (?, ?, ?, ?, ?, ?)", [$app_id, $_POST['owner'], $_POST['title'], $_POST['description'], $_POST['type'], $_POST['callback']]);
die();
}
@@ -40,5 +40,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
-
+
+
+
\ No newline at end of file
diff --git a/admin_initdatabase.php b/admin_initdatabase.php
index fec3bb9..838580c 100644
--- a/admin_initdatabase.php
+++ b/admin_initdatabase.php
@@ -6,15 +6,15 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
echo "Create table `accounts`";
$stmt = $pdo->prepare('create table accounts
(
- id varchar(7) not null
+ id varchar(7) not null
primary key,
- email text not null,
- created_date date default current_timestamp() not null,
- display_name text null,
- password text not null,
- verified tinyint(1) default 0 not null,
- has_pfp tinyint(1) default 0 not null,
- is_admin tinyint(1) default 0 not null,
+ email text not null,
+ created_date datetime default current_timestamp() not null,
+ display_name text null,
+ password text not null,
+ verified tinyint(1) default 0 not null,
+ has_pfp tinyint(1) default 0 not null,
+ is_admin tinyint(1) default 0 not null,
constraint email
unique (email) using hash
);');
@@ -73,6 +73,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
title text not null,
description text,
image text default "https://id.byecorps.com/assets/default.png" not null,
+ type text null,
+ callback text null,
constraint badges_ibfk_1
foreign key (app_id) references apps (id)
);');
@@ -89,6 +91,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
description text null,
public_avatar tinyint(1) default 0,
public_display_name tinyint(1) default 0,
+
constraint profiles_ibfk_1
foreign key (id) references accounts (id)
);');
@@ -96,6 +99,26 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
echo('
An error occurred: '. $e->getMessage() .'. Most likely this is already set.');
}
+ echo '
Create the `tokens` table';
+
+ try {
+ db_execute('create table tokens (
+ id int auto_increment primary key,
+ access_token text unique,
+ refresh_token text null,
+ expiry int not null,
+ owner_id varchar(7),
+ application_id int(10) null,
+
+ constraint tokens_application_id
+ foreign key (application_id) references apps (id),
+ constraint tokens_owner_id
+ foreign key (owner_id) references accounts (id)
+ );');
+ } catch (PDOException $e) {
+ echo('
An error occurred: '. $e->getMessage() .'. Most likely this is already set.');
+ }
+
echo "
Database initialised.
";
}
diff --git a/forgot_password.php b/forgot_password.php
index f8180ea..bd02325 100644
--- a/forgot_password.php
+++ b/forgot_password.php
@@ -16,15 +16,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
// create a password reset
$password_reset_link = create_password_reset($user['id']);
- try {
- $safe_display_name = format_bcid($user['id']);
- } catch (Exception $e) {
- die("Bad BCID.");
- }
-
- if ($user['display_name'] != '') {
- $safe_display_name = $user['display_name'];
- }
+ $safe_display_name = get_display_name($user['id'], use_bcid_fallback: true);
try {
@@ -41,7 +33,7 @@ If you did not request this password reset, please ignore it (or tighten your ac
// echo("This is a security issue.");
} catch (Exception $e) {
- echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}";
+ echo "Message could not be sent. Mailer Error: $e";
}
}
diff --git a/index.php b/index.php
index 3c9f9b9..7a6bd0b 100644
--- a/index.php
+++ b/index.php
@@ -176,10 +176,10 @@ if ($include == "login_external_basic.php") {
echo "Admin
";
}
- if ($uri[0] == "admin" && !$user['is_admin']) {
- http_response_code(401);
- die("");
- }
+// if ($uri[0] == "admin" && !$user['is_admin']) {
+// http_response_code(401);
+// die("");
+// }
if ($uri[0] == "docs") {
$include = "docs.php";
diff --git a/profile.php b/profile.php
index 0c38e6c..9b365d2 100644
--- a/profile.php
+++ b/profile.php
@@ -11,7 +11,7 @@ $profile = db_execute("SELECT * FROM `profiles` WHERE id = ? LIMIT 1", [$user['i
if (empty($profile)) {
$profile = [
- "id" => "0000000",
+ "id" => "9999999",
"public_display_name" => false,
"public_avatar" => false,
"description" => null,