From 4d67f36c578475cf05ecbe406fb8b486e2c89586 Mon Sep 17 00:00:00 2001 From: Dslak Date: Thu, 3 Dec 2020 18:15:33 +0100 Subject: [PATCH] add autentication --- src/apis/auth.php | 21 ++-- src/apis/index.php | 170 ++++++++++++++++------------- src/app/admin/admin.component.html | 12 +- src/app/admin/admin.component.scss | 6 +- src/app/admin/admin.component.ts | 6 +- src/app/app.module.ts | 2 + src/assets/scss/forms.scss | 76 +++++++++++++ src/assets/scss/main.scss | 1 + 8 files changed, 198 insertions(+), 96 deletions(-) create mode 100644 src/assets/scss/forms.scss diff --git a/src/apis/auth.php b/src/apis/auth.php index 581c326..1e206e5 100755 --- a/src/apis/auth.php +++ b/src/apis/auth.php @@ -4,26 +4,29 @@ $GLOBALS['conn']; $conn=@mysqli_connect($DATAhst,$DATAusr,$DATApwd,$DATAdtb)or die("CONNECTION ERROR"); $content = null; -$content->status = 404; +$content->status = array(); +$data = json_decode(file_get_contents("php://input")); -if(isset($_POST['act']) && $_POST['act'] == 'auth') { - if($_POST['usr'] == 'admin' && $_POST['pwd'] == 'JohnHolmes') { +if(isset($_GET['act']) && $_GET['act'] == 'login') { + if($data->usr == 'admin' && $data->pwd == 'JohnHolmes') { $content->status = 200; - $content->authToken = md5(date("Y-m-d")); + $content->authToken = base64_encode(date("Y-m-d")); } else { $content->status = 403; } -} else if(isset($_POST['act']) && $_POST['act'] == 'check') { - if($_POST['token'] == md5(date("Y-m-d"))) { +} else if(isset($_GET['act']) && $_GET['act'] == 'check') { + if($data->token == base64_encode(date("Y-m-d"))) { $content->status = 200; - $content->authToken = md5(date("Y-m-d")); + $content->authToken = base64_encode(date("Y-m-d")); } else { $content->status = 403; } } +header("Access-Control-Allow-Origin: *"); +header("Content-Type: application/json; charset=UTF-8"); +header("Access-Control-Allow-Methods: POST"); +header("Access-Control-Max-Age: 3600"); -header('Access-Control-Allow-Origin: *'); -header('Content-Type: application/json'); echo json_encode($content); ?> diff --git a/src/apis/index.php b/src/apis/index.php index 830ff2e..e8e2b18 100644 --- a/src/apis/index.php +++ b/src/apis/index.php @@ -4,92 +4,114 @@ $GLOBALS['conn']; $conn=@mysqli_connect($DATAhst,$DATAusr,$DATApwd,$DATAdtb)or die("CONNECTION ERROR"); $content = null; -$content->items = array(); -$filter = array("portfolio", "installations", "entertainment", "performances", "workshops"); +if(isset($_GET['query'])) { -switch($_GET['query']) { - case "portfolio": - case "installations": - case "entertainment": - case "performances": - case "workshops": - if($_GET['query'] == 'portfolio') {$filter = '';} else {$filter = "WHERE type='".$_GET['query']."'";} - $qe = mysqli_query($conn,"SELECT * FROM `works` $filter ORDER BY id DESC"); - if(mysqli_num_rows($qe) > 0) { - $content = null; - $content->items = array(); - while($re = mysqli_fetch_array($qe)) { - $item = null; - $item->id = $re['id']; - $item->title = $re['title']; - $item->type = $re['type']; - $item->tags = $re['tags']; - $item->image = $re['image']; - array_push($content->items, $item); + $content->items = array(); + switch($_GET['query']) { + case "portfolio": + case "installations": + case "entertainment": + case "performances": + case "workshops": + if($_GET['query'] == 'portfolio') {$filter = '';} else {$filter = "WHERE type='".$_GET['query']."'";} + $qe = mysqli_query($conn,"SELECT * FROM `works` $filter ORDER BY id DESC"); + if(mysqli_num_rows($qe) > 0) { + $content = null; + $content->items = array(); + while($re = mysqli_fetch_array($qe)) { + $item = null; + $item->id = $re['id']; + $item->title = $re['title']; + $item->type = $re['type']; + $item->tags = $re['tags']; + $item->image = $re['image']; + array_push($content->items, $item); + } + } + break; + case "exhibitions": + $qe = mysqli_query($conn,"SELECT * FROM `exhibitions` ORDER BY date_from DESC"); + if(mysqli_num_rows($qe) > 0) { + $content = null; + $content->items = array(); + while($re = mysqli_fetch_array($qe)) { + $item = null; + $item->id = $re['id']; + $item->title = $re['title']; + $item->date_from = $re['date_from']; + $item->date_to = $re['date_to']; + $item->tags = $re['tags']; + $item->image = $re['image']; + array_push($content->items, $item); + } } - } - break; - case "exhibitions": - $qe = mysqli_query($conn,"SELECT * FROM `exhibitions` ORDER BY date_from DESC"); - if(mysqli_num_rows($qe) > 0) { - $content = null; - $content->items = array(); - while($re = mysqli_fetch_array($qe)) { + break; + case "detail": + $qe = mysqli_query($conn,"SELECT * FROM `".$_GET['type']."` WHERE id=".$_GET['id']); + if(mysqli_num_rows($qe)>0) { + $content = null; + $re = mysqli_fetch_array($qe); $item = null; $item->id = $re['id']; $item->title = $re['title']; - $item->date_from = $re['date_from']; - $item->date_to = $re['date_to']; + $item->content = $re['content']; $item->tags = $re['tags']; $item->image = $re['image']; - array_push($content->items, $item); - } - } - break; - case "detail": - $qe = mysqli_query($conn,"SELECT * FROM `".$_GET['type']."` WHERE id=".$_GET['id']); - if(mysqli_num_rows($qe)>0) { - $content = null; - $re = mysqli_fetch_array($qe); - $item = null; - $item->id = $re['id']; - $item->title = $re['title']; - $item->content = $re['content']; - $item->tags = $re['tags']; - $item->image = $re['image']; - if($_GET['type'] == 'exhibitions') { - $item->date_from = $re['date_from']; - $item->date_to = $re['date_to']; - $item->works = array(); - $qx = mysqli_query($conn,"SELECT id,title FROM `works` WHERE id IN (".$re['works'].")"); - while($re = mysqli_fetch_array($qx)) { - $ex = null; - $ex->id = $re['id']; - $ex->title = $re['title']; - array_push($item->works, $ex); - } - } else if($_GET['type'] == 'works') { - $item->type = $re['type']; - $item->videos = $re['videos']; - $item->gallery = $re['gallery']; - $item->exhibitions = array(); - $qx = mysqli_query($conn,"SELECT id,title FROM `exhibitions` WHERE id IN (".$re['exhibitions'].")"); - while($re = mysqli_fetch_array($qx)) { - $ex = null; - $ex->id = $re['id']; - $ex->title = $re['title']; - array_push($item->exhibitions, $ex); + if($_GET['type'] == 'exhibitions') { + $item->date_from = $re['date_from']; + $item->date_to = $re['date_to']; + $item->works = array(); + $qx = mysqli_query($conn,"SELECT id,title FROM `works` WHERE id IN (".$re['works'].")"); + while($re = mysqli_fetch_array($qx)) { + $ex = null; + $ex->id = $re['id']; + $ex->title = $re['title']; + array_push($item->works, $ex); + } + } else if($_GET['type'] == 'works') { + $item->type = $re['type']; + $item->videos = $re['videos']; + $item->gallery = $re['gallery']; + $item->exhibitions = array(); + $qx = mysqli_query($conn,"SELECT id,title FROM `exhibitions` WHERE id IN (".$re['exhibitions'].")"); + while($re = mysqli_fetch_array($qx)) { + $ex = null; + $ex->id = $re['id']; + $ex->title = $re['title']; + array_push($item->exhibitions, $ex); + } } + $content->item = $item; } - $content->item = $item; - } - break; -} + break; + } +} else if(isset($_GET['auth'])) { + switch($_GET['auth']) { + case 'auth': + if($_POST['usr'] == 'admin' && $_POST['pwd'] == 'JohnHolmes') { + $content->status = 200; + $content->authToken = md5(date("Y-m-d")); + } else { + $content->status = 403; + } + break; + case 'check': + if($_POST['token'] == md5(date("Y-m-d"))) { + $content->status = 200; + $content->authToken = md5(date("Y-m-d")); + } else { + $content->status = 403; + } + break; + } +} -header('Access-Control-Allow-Origin: *'); -header('Content-Type: application/json'); +header("Access-Control-Allow-Origin: *"); +header("Content-Type: application/json; charset=UTF-8"); +header("Access-Control-Allow-Methods: GET"); +header("Access-Control-Max-Age: 3600"); echo json_encode($content); ?> diff --git a/src/app/admin/admin.component.html b/src/app/admin/admin.component.html index 717bddf..618f8eb 100644 --- a/src/app/admin/admin.component.html +++ b/src/app/admin/admin.component.html @@ -1,19 +1,19 @@
-
diff --git a/src/app/admin/admin.component.scss b/src/app/admin/admin.component.scss index 08ad394..af3b1e3 100644 --- a/src/app/admin/admin.component.scss +++ b/src/app/admin/admin.component.scss @@ -7,12 +7,8 @@ padding: 40px; color: $white; - .input { - width: 100%; - } - .button { - background: $black; + width: 300px; } } diff --git a/src/app/admin/admin.component.ts b/src/app/admin/admin.component.ts index 18082e0..d8aa620 100644 --- a/src/app/admin/admin.component.ts +++ b/src/app/admin/admin.component.ts @@ -9,6 +9,8 @@ import { AuthService } from '../services/auth.service' export class AdminComponent implements OnInit { public authCheck: boolean = false + public userName: string = '' + public password: string = '' constructor(private authService: AuthService) { } @@ -31,8 +33,8 @@ export class AdminComponent implements OnInit { login(): void { const body = { - usr: 'admin', - pwd: 'JohnHolmes' + usr: this.userName, + pwd: this.password } this.authService.login(body).toPromise().then((response) => { this.authCheck = response.status == 200 diff --git a/src/app/app.module.ts b/src/app/app.module.ts index 4962f37..ac157ca 100644 --- a/src/app/app.module.ts +++ b/src/app/app.module.ts @@ -3,6 +3,7 @@ import { NgModule } from '@angular/core'; import { HttpClientModule } from '@angular/common/http'; import { NgParticlesModule } from "ng-particles"; import { NgxImageGalleryModule } from 'ngx-image-gallery'; +import { FormsModule } from '@angular/forms' import { AppRoutingModule } from './app-routing.module'; import { AppComponent } from './app.component'; @@ -28,6 +29,7 @@ import { AdminComponent } from './admin/admin.component'; AppRoutingModule, NgParticlesModule, NgxImageGalleryModule, + FormsModule, HttpClientModule ], providers: [], diff --git a/src/assets/scss/forms.scss b/src/assets/scss/forms.scss new file mode 100644 index 0000000..28abac5 --- /dev/null +++ b/src/assets/scss/forms.scss @@ -0,0 +1,76 @@ + + +input, +button, +textarea { + border: none; + border-radius: 4px; + background: $white; + appearance: none; + font-family: $font-primary; + font-size: $font-20; + resize: none; + &::-ms-clear { + display: none; + } + &:focus {outline:none;} + &::-moz-focus-inner {border:0;} +} + +input[type=text], +input[type=password]{ + color: $gray; + padding: 10px 20px; + width: 100%; + text-align: left; + box-sizing: border-box; + &:focus::placeholder { + color: transparent; + } +} + +.input-text { + padding: 10px 20px; +} + +.input-textarea { + padding: 10px; + width: 100%; +} + +.button { + position: relative; + appearance: none; + color: $white; + border: none; + background: $black; + display: inline-block; + padding: 8px 20px 10px 20px; + text-align: center; + font-family: $font-20; + text-transform: uppercase; + font-weight: 500; + transition: opacity .3s; + white-space: nowrap; + outline: none; + cursor: pointer; + + &:disabled { + opacity: 0.5; + } + + &.button-white { + background: $white; + color: $black !important; + &:before { + content: ''; + height: 100%; + width: 100%; + position: absolute; + left: 0; + top: 0; + z-index: 1; + border: 1px solid $light-gray; + } + } +} diff --git a/src/assets/scss/main.scss b/src/assets/scss/main.scss index faf70d3..05094d3 100644 --- a/src/assets/scss/main.scss +++ b/src/assets/scss/main.scss @@ -1,6 +1,7 @@ @import "./variables"; @import "./fonts"; @import "./icons"; +@import "./forms"; @import "./global";