saving texts and whatnot
This commit is contained in:
trinkey
parent
34256263ac
commit
1933a6cee8
3 changed files with 45 additions and 4 deletions
1
TODO.md
1
TODO.md
|
|
@ -1,4 +1,5 @@
|
|||
- saving section info
|
||||
- proper colors
|
||||
- account deletion
|
||||
- admin page
|
||||
- invite codes
|
||||
|
|
|
|||
44
index.php
44
index.php
|
|
@ -44,7 +44,7 @@ if ($user === false) {
|
|||
} else if ($intent === "create-row") {
|
||||
$section_id = $_POST["section"];
|
||||
|
||||
if (strlen($section_id) !== 64 || !preg_match("/[a-f0-9]{64}/", $section_id)) {
|
||||
if (strlen($section_id) !== 64 || !preg_match("/^[a-f0-9]{64}$/", $section_id)) {
|
||||
$err = $lang["add"]["errors"]["invalid_id"];
|
||||
} else {
|
||||
pg_insert(
|
||||
|
|
@ -61,7 +61,7 @@ if ($user === false) {
|
|||
$date = strtotime($_POST["date"]);
|
||||
$description = $_POST["description"];
|
||||
|
||||
if (strlen($row_id) !== 64 || !preg_match("/[a-f0-9]{64}/", $row_id)) {
|
||||
if (strlen($row_id) !== 64 || !preg_match("/^[a-f0-9]{64}/$", $row_id)) {
|
||||
$err = $lang["add"]["errors"]["invalid_id"];
|
||||
} else if ($date === false) {
|
||||
$err = $lang["add"]["errors"]["date"];
|
||||
|
|
@ -82,6 +82,40 @@ if ($user === false) {
|
|||
)
|
||||
);
|
||||
}
|
||||
} else if ($intent === "update-texts") {
|
||||
foreach ($_POST as $ident => $value) {
|
||||
if (preg_match("/^(?:section-[a-f0-9]{64}-name)|(?:row-[a-f0-9]{64}-(?:name|format))$/", $ident)) {
|
||||
$table_name = explode("-", $ident)[0];
|
||||
$table_id = explode("-", $ident)[1];
|
||||
$action = explode("-", $ident)[2];
|
||||
|
||||
if ($action === "name") {
|
||||
if (strlen($value) !== 0 && strlen($value) <= 128) {
|
||||
if ($table_name === "section") {
|
||||
$v = array(
|
||||
"name" => $value,
|
||||
"show_subtitle" => (bool) $_POST["$table_name-$table_id-subtitle"]
|
||||
);
|
||||
} else {
|
||||
$v = array("name" => $value);
|
||||
}
|
||||
|
||||
pg_update(
|
||||
$db, $table_name, $v,
|
||||
array("id" => $table_id)
|
||||
);
|
||||
}
|
||||
} else if ($action === "format") {
|
||||
if (strlen($value) !== 0 && strlen($value) <= 128) {
|
||||
pg_update(
|
||||
$db, $table_name,
|
||||
array("display_format" => $value),
|
||||
array("id" => $table_id)
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} else if ($intent === "change-password") {
|
||||
$old_pw = $_POST["old"];
|
||||
$new_pw = $_POST["new"];
|
||||
|
|
@ -110,12 +144,14 @@ if ($user === false) {
|
|||
} else {
|
||||
$err = $lang["account"]["errors"]["incorrect_password"];
|
||||
}
|
||||
} else {
|
||||
$err = $lang["errors"]["intent"];
|
||||
}
|
||||
} else if ($_GET["del"]) {
|
||||
$del_type = explode("-", $_GET["del"])[0];
|
||||
$del_id = explode("-", $_GET["del"])[1];
|
||||
|
||||
if (strlen($del_id) === 64 && preg_match("/[a-f0-9]{64}/", $del_id) && ($del_type === "item" || $del_type === "row" || $del_type === "section")) {
|
||||
if (strlen($del_id) === 64 && preg_match("/^[a-f0-9]{64}$/", $del_id) && ($del_type === "item" || $del_type === "row" || $del_type === "section")) {
|
||||
pg_query($db, "DELETE FROM $del_type WHERE id='$del_id';");
|
||||
}
|
||||
}
|
||||
|
|
@ -257,7 +293,7 @@ foreach ($sections as $section) {
|
|||
<h2><?php echo $lang["list"]["title"]; ?></h2>
|
||||
<?php echo $todo_list; ?>
|
||||
|
||||
<details open>
|
||||
<details>
|
||||
<summary><?php echo $lang["settings"]["title"]; ?></summary>
|
||||
|
||||
<div id="settings-container">
|
||||
|
|
|
|||
|
|
@ -1,4 +1,8 @@
|
|||
{
|
||||
"errors": {
|
||||
"intent": "Unknown request intent"
|
||||
},
|
||||
|
||||
"account": {
|
||||
"errors": {
|
||||
"bad_request": "Bad request",
|
||||
|
|
|
|||
Loading…
Reference in a new issue