d2jsp
Log InRegister
d2jsp Forums > Off-Topic > Computers & IT > Programming & Development > Website Progress
Add Reply New Topic New Poll
Member
Posts: 11,610
Joined: Oct 28 2008
Gold: 1,795.00
May 27 2013 08:49pm
Decided to hell with wordpress, I'm going to code my website from the ground up, you can follow live progress at http://www.geekygents.com/beta/

I'll post what I add here.
Development should be pretty fast, this isn't my first rodeo


On a side note, I am and forever will be a shitty designer.
Member
Posts: 32,925
Joined: Jul 23 2006
Gold: 3,804.50
May 27 2013 08:50pm
Not Found

The requested URL /beta/ was not found on this server.

Apache/2.2.23 (CentOS) Server at www.geekygents.com Port 80

if you designed it to look like an error page, i'd say you did a great job. it had me completely fooled

This post was edited by carteblanche on May 27 2013 08:51pm
Member
Posts: 11,610
Joined: Oct 28 2008
Gold: 1,795.00
May 27 2013 08:56pm
To start, the design is all pretty final, I will do just a bit of touching up here and there

Planned features:
Admin Login
Blog-like posting interface (No restrictions on what you can post via form)
Adding comments with captcha verification

Further down the road:
Cool charts n shit for my game

I encourage you all to test the security of my website, the source will be posted here
Member
Posts: 11,610
Joined: Oct 28 2008
Gold: 1,795.00
May 28 2013 02:31pm
Got a little time to work on it today
Login page is http://www.geekygents.com/beta/Fek35g.html

Fek35g_process.php source:

Code
<?php
mysql_connect ('localhost', 'plsss', 'notthateasy69');
mysql_select_db ('admin');

$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$salt = sha1 ("yummy5");
$pepper = sha1 ("dummy2");
$password = sha1 ($salt . $password . $pepper);

$result = mysql_query("SELECT * FROM login WHERE username = '$username' AND password = '$password'  ");

if(mysql_num_rows($result))
{
 session_start();
 $_SESSION['username'] = htmlspecialchars($username); // htmlspecialchars() sanitises XSS
 header('Location: index.php');
}
else
{
 echo '<p><strong>Error:</strong> Invalid username or password. <a href="login.php">Go back.</a></p>';  
}
exit;

?>


e/ Nothing special yet if you're logged in, you will only see a blank page.

This post was edited by 0n35 on May 28 2013 02:32pm
Member
Posts: 11,610
Joined: Oct 28 2008
Gold: 1,795.00
May 28 2013 05:28pm
The following isn't live yet, but
Made a way to post, and display content, update posts

INDEX
Code

<!DOCTYPE HTML>
<html>
<head>
<title>Geeky Gents</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<?php
SESSION_START();
{
 mysql_connect ('localhost', 'root', '');
 mysql_select_db ('admin');
}
?>
<div class="links">
 <a href="index.php">Home</a>
 <a href="about.html">About</a>
 <a href="products.html">Products</a>
 <a href="join.html">Join Us</a>
</div>
<div class="body">
 <?php
 if(isset($_SESSION['username']))
 {
   echo '<p id="make_post"><a href="postr52.php">Make Post</a></p>';
 }
 $blog_postnumber = 10;
 if (!isset($_GET['page']) || !is_numeric($_GET['page'])) {
  $page = 1;
 }
 else {
  $page = (int)$_GET['page'];
 }
 $from = (($page * $blog_postnumber) - $blog_postnumber);
 $sql = "SELECT * FROM posts ORDER BY timestamp DESC LIMIT $from, $blog_postnumber";
 $result = mysql_query($sql) or print ("Can't select entries from table.<br />" . $sql . "<br />" . mysql_error());
 while($row = mysql_fetch_array($result)) {
  $date = date("F j Y", $row['timestamp']);
  $title = stripslashes($row['title']);
  $entry = stripslashes($row['entry']);
 ?>
 <div class="post">
 <div class="title">
 <?php echo $title; ?>
 </div>
 <div class="entry">
 <?php echo $entry; ?>
 </div>
 <?php echo $date; ?>
 </div>
 <?php
 }
 ?>
 <div class="page">Page
   <?php
   $total_results = mysql_fetch_array(mysql_query("SELECT COUNT(*) AS num FROM posts"));
   $total_pages = ceil($total_results['num'] / $blog_postnumber);
   if ($page > 1) {
    $prev = ($page - 1);
    echo "<a href=\"?page=$prev\">&lt;&nbsp;</a> ";
   }
   for($i = 1; $i <= $total_pages; $i++) {
    if ($page == $i) {
     echo "$i ";
    }
    else {
     echo "<a href=\"?page=$i\">$i</a> ";
    }
   }
   if ($page < $total_pages) {
      $next = ($page + 1);
      echo "<a href=\"?page=$next\">&nbsp;&gt;</a>";
   }
  ?>
 </div>
</div>
<div class="footer">
  <a href="http://www.youtube.com/user/GeekyGents/" target="_blank"><img src="images/icon/yt.png" /></a>
  <a href="http://www.facebook.com/GeekyGents/" target="_blank"><img src="images/icon/fb.png" /></a>
  <a href="https://twitter.com/GeekyGents/" target="_blank"><img src="images/icon/twitter.png" /></a>
</div>
</body>
</html>


POST
Code

<!DOCTYPE HTML>
<html>
<head>
<title>Geeky Gents</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<div class="links">
 <a href="index.php">Home</a>
 <a href="about.html">About</a>
 <a href="products.html">Products</a>
 <a href="join.html">Join Us</a>
</div>
<div class="body">
 <?php
 session_start();
 if(isset($_SESSION['username']))
 {
  mysql_connect ('localhost', 'root', '');
  mysql_select_db ('admin');
 }
 else
 {
  header("Location: index.php");
 }
 ?>
 <?php
 if (isset($_POST['submit'])) {
  $month = htmlspecialchars(strip_tags($_POST['month']));
  $date = htmlspecialchars(strip_tags($_POST['date']));
  $year = htmlspecialchars(strip_tags($_POST['year']));
  $time = htmlspecialchars(strip_tags($_POST['time']));
  $title = htmlspecialchars(strip_tags($_POST['title']));
  $entry = $_POST['entry'];
  $timestamp = strtotime($month . " " . $date . " " . $year . " " . $time);
  $entry = nl2br($entry);
  if (!get_magic_quotes_gpc()) {
   $title = addslashes($title);
   $entry = addslashes($entry);
  }
  $sql = "INSERT INTO posts (timestamp,title,entry) VALUES ('$timestamp','$title','$entry')";
  $result = mysql_query($sql) or print("Can't insert into table.<br />" . $sql . "<br />" . mysql_error());
  mysql_close();
  header("location: index.php");
 }
 ?>
 <?php
 $current_month = date("F");
 $current_date = date("d");
 $current_year = date("Y");
 $current_time = date("H:i");
 ?>
 <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
 <p>
 <input type="hidden" value="<?php echo $current_month; ?>" name="month" id="month" />
 <input type="hidden" name="date" id="date" size="2" value="<?php echo $current_date; ?>" />
 <input type="hidden" value="<?php echo $current_year; ?>" name="year" id="year" />
 <input type="hidden" name="time" id="time" size="5" value="<?php echo $current_time; ?>" /></p>
 <p><strong><label for="title">Title:</label></strong> <input type="text" name="title" name="title" size="40" /></p>
 <p><strong>Your post:</strong></p>
 <p><textarea cols="80" rows="20" name="entry" id="entry"></textarea></p>

 <p>
 <input type="submit" name="submit" id="submit" value="Submit">
 <input type="button" value="Cancel" onclick="window.location.href='index.php'">
 </p>
</div>
<div class="footer">
  <a href="http://www.youtube.com/user/GeekyGents/" target="_blank"><img src="images/icon/yt.png" /></a>
  <a href="http://www.facebook.com/GeekyGents/" target="_blank"><img src="images/icon/fb.png" /></a>
  <a href="https://twitter.com/GeekyGents/" target="_blank"><img src="images/icon/twitter.png" /></a>
</div>
</body>
</html>


UPDATE
Code

<!DOCTYPE HTML>
<html>
<head>
<title>Geeky Gents</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<div class="links">
 <a href="index.php">Home</a>
 <a href="about.html">About</a>
 <a href="products.html">Products</a>
 <a href="join.html">Join Us</a>
</div>
<div class="body">
 <?php
 session_start();
 if(isset($_SESSION['username']))
 {
  mysql_connect ('localhost', 'root', '');
  mysql_select_db ('admin');
 }
 else
 {
  header("Location: index.php");
 }
 ?>
 <?php
 if (isset($_POST['update'])) {
  $id = htmlspecialchars(strip_tags($_POST['id']));
  $month = htmlspecialchars(strip_tags($_POST['month']));
  $date = htmlspecialchars(strip_tags($_POST['date']));
  $year = htmlspecialchars(strip_tags($_POST['year']));
  $time = htmlspecialchars(strip_tags($_POST['time']));
  $entry = $_POST['entry'];
  $title = htmlspecialchars(strip_tags($_POST['title']));
  $entry = nl2br($entry);
  if (!get_magic_quotes_gpc()) {
   $title = addslashes($title);
   $entry = addslashes($entry);
  }
  $timestamp = strtotime ($month . " " . $date . " " . $year . " " . $time);
  $result = mysql_query("UPDATE posts SET timestamp='$timestamp', title='$title', entry='$entry' WHERE id='$id' LIMIT 1") or print ("Can't update entry.<br />" . mysql_error());
  header("Location: index.php");
 }
 if (isset($_POST['delete'])) {
  $id = (int)$_POST['id'];
  $result = mysql_query("DELETE FROM posts WHERE id='$id'") or print ("Can't delete entry.<br />" . mysql_error());
  if ($result != false) {
   header("Location: index.php");
   exit;
  }
 }
 if (!isset($_GET['id']) || empty($_GET['id']) || !is_numeric($_GET['id'])) {
  die("Invalid entry ID.");
 }
 else {
  $id = (int)$_GET['id'];
 }
 $result = mysql_query ("SELECT * FROM posts WHERE id='$id'") or print ("Can't select entry.<br />" . $sql . "<br />" . mysql_error());
 while ($row = mysql_fetch_array($result)) {
  $old_timestamp = $row['timestamp'];
  $old_title = stripslashes($row['title']);
  $old_entry = stripslashes($row['entry']);
  $old_title = str_replace('"','\'',$old_title);
  $old_entry = str_replace('<br />', '', $old_entry);
  $old_month = date("F",$old_timestamp);
  $old_date = date("d",$old_timestamp);
  $old_year = date("Y",$old_timestamp);
  $old_time = date("H:i",$old_timestamp);
 }
 ?>
 <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
 <p><input type="hidden" name="id" value="<?php echo $id; ?>" />
 <input type="hidden" value="<?php echo $old_month; ?>" name="month" id="month" />
 <input type="hidden" name="date" id="date" size="2" value="<?php echo $old_date; ?>" />
 <input type="hidden" value="<?php echo $old_year; ?>" name="year" id="year" />
 <input type="hidden" name="time" id="time" size="5" value="<?php echo $old_time; ?>" /></p>
 <p><strong><label for="title">Title:</label></strong> <input type="text" name="title" id="title" value="<?php echo $old_title; ?>" size="40" /> </p>
 <p><strong>Please edit your message below:</strong></p>
 <p><textarea cols="80" rows="20" name="entry" id="entry"><?php echo $old_entry; ?></textarea></p>
 <p>
 <input type="submit" name="update" id="update" value="Update">
 <input type="button" value="Cancel" onclick="window.location.href='index.php'">
 <input type="submit" name="delete" id="delete" value="Delete" />
 </p>
 </form>
 <p>
 <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
 <input type="hidden" name="id" id="id" value="<?php echo $id; ?>" />
 </form>
 </p>
 <?php
 mysql_close();
 ?>
</div>
<div class="footer">
  <a href="http://www.youtube.com/user/GeekyGents/" target="_blank"><img src="images/icon/yt.png" /></a>
  <a href="http://www.facebook.com/GeekyGents/" target="_blank"><img src="images/icon/fb.png" /></a>
  <a href="https://twitter.com/GeekyGents/" target="_blank"><img src="images/icon/twitter.png" /></a>
</div>
</body>
</html>
Member
Posts: 11,610
Joined: Oct 28 2008
Gold: 1,795.00
May 28 2013 09:51pm
Updated a couple things
Index now displays posts properly, gives links to individual posts
Post.php displays each post individually
Postr.php allows you to upload an image and assign it to use it on the Index page

Now using http://www.geekygents.com/



INDEX
Code

<!DOCTYPE HTML>
<html>
<head>
<title>Geeky Gents</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<?php
SESSION_START();
{
 mysql_connect ('localhost', 'root', '');
 mysql_select_db ('admin');
}
?>
<div class="links">
 <a href="index.php">Home</a>
 <a href="about.html">About</a>
 <a href="products.html">Products</a>
 <a href="join.html">Join Us</a>
</div>
<div class="body">
 <?php
 if(isset($_SESSION['username']))
 {
   echo '<p id="make_post"><a href="postr52.php">Make Post</a></p>';
 }
 $blog_postnumber = 10;
 if (!isset($_GET['page']) || !is_numeric($_GET['page'])) {
  $page = 1;
 }
 else {
  $page = (int)$_GET['page'];
 }
 $from = (($page * $blog_postnumber) - $blog_postnumber);
 $sql = "SELECT * FROM posts ORDER BY timestamp DESC LIMIT $from, $blog_postnumber";
 $result = mysql_query($sql) or print ("Can't select entries from table.<br />" . $sql . "<br />" . mysql_error());
 while($row = mysql_fetch_array($result)) {
  $date = date("F j Y", $row['timestamp']);
  $title = stripslashes($row['title']);
  $entry = stripslashes($row['entry']);
  $id = stripslashes($row['id']);
  $image = stripslashes($row['image']);
 ?>
 <div id="post" style="background-image:url(<?php echo $image; ?>);background-repeat:no-repeat;">
 <p><a href="/post.php?id=<?php echo $id; ?>"><?php echo $title; ?>&nbsp;&nbsp;&nbsp;&nbsp;<?php echo $date; ?></a></p>
 </div>
 <?php
 }
 ?>
 <div class="page">Page
   <?php
   $total_results = mysql_fetch_array(mysql_query("SELECT COUNT(*) AS num FROM posts"));
   $total_pages = ceil($total_results['num'] / $blog_postnumber);
   if ($page > 1) {
    $prev = ($page - 1);
    echo "<a href=\"?page=$prev\">&lt;&nbsp;</a> ";
   }
   for($i = 1; $i <= $total_pages; $i++) {
    if ($page == $i) {
     echo "$i ";
    }
    else {
     echo "<a href=\"?page=$i\">$i</a> ";
    }
   }
   if ($page < $total_pages) {
      $next = ($page + 1);
      echo "<a href=\"?page=$next\">&nbsp;&gt;</a>";
   }
  ?>
 </div>
</div>
<div class="footer">
  <a href="http://www.youtube.com/user/GeekyGents/" target="_blank"><img src="images/icon/yt.png" /></a>
  <a href="http://www.facebook.com/GeekyGents/" target="_blank"><img src="images/icon/fb.png" /></a>
  <a href="https://twitter.com/GeekyGents/" target="_blank"><img src="images/icon/twitter.png" /></a>
</div>
</body>
</html>


POST
Code

<!DOCTYPE HTML>
<html>
<head>
<title>Geeky Gents</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<?php
SESSION_START();
{
 mysql_connect ('localhost', 'root', '');
 mysql_select_db ('admin');
}
?>
<div class="links">
 <a href="index.php">Home</a>
 <a href="about.html">About</a>
 <a href="products.html">Products</a>
 <a href="join.html">Join Us</a>
</div>
<div class="body">
 <?php
 $id = (int)$_GET['id'];
 if(isset($_SESSION['username']))
 {
   echo '<p id="make_post"><a href="updatr52.php?id=',$id,'">Edit Post</a></p>';
 }
 $result = mysql_query ("SELECT * FROM posts WHERE id='$id'") or print ("Can't select entry.<br />" . $sql . "<br />" . mysql_error());
 while ($row = mysql_fetch_array($result)) {
  $timestamp = $row['timestamp'];
  $title = stripslashes($row['title']);
  $entry = stripslashes($row['entry']);
  $title = str_replace('"','\'',$title);
  $entry = str_replace('<br />', '', $entry);
  $month = date("F",$timestamp);
  $date = date("d",$timestamp);
  $year = date("Y",$timestamp);
  $time = date("H:i",$timestamp);
 }
 ?>
 <?php echo "<p>", $title, "<br />", $month, " ", $date, " ", $year, "</p>"; ?>
 
 <p><?php echo $entry; ?></p>
</div>
<div class="footer">
  <a href="http://www.youtube.com/user/GeekyGents/" target="_blank"><img src="images/icon/yt.png" /></a>
  <a href="http://www.facebook.com/GeekyGents/" target="_blank"><img src="images/icon/fb.png" /></a>
  <a href="https://twitter.com/GeekyGents/" target="_blank"><img src="images/icon/twitter.png" /></a>
</div>
</body>
</html>


POSTR
Code

<?php
session_start();
if(isset($_SESSION['username']))
{
 mysql_connect ('localhost', 'root', '');
 mysql_select_db ('admin');
}
else
{
 header("Location: index.php");
}
if (isset($_POST['submit'])) {
 $month = htmlspecialchars(strip_tags($_POST['month']));
 $date = htmlspecialchars(strip_tags($_POST['date']));
 $year = htmlspecialchars(strip_tags($_POST['year']));
 $time = htmlspecialchars(strip_tags($_POST['time']));
 $title = htmlspecialchars(strip_tags($_POST['title']));
 $entry = $_POST['entry'];
 $image = htmlspecialchars(strip_tags($_POST['uploaded_file']));
 $timestamp = strtotime($month . " " . $date . " " . $year . " " . $time);
 $entry = nl2br($entry);
 if (!get_magic_quotes_gpc()) {
  $title = addslashes($title);
  $entry = addslashes($entry);
 }
 $sql = "INSERT INTO posts (timestamp,title,entry,image) VALUES ('$timestamp','$title','$entry','$image')";
 $result = mysql_query($sql) or print("Can't insert into table.<br />" . $sql . "<br />" . mysql_error());
 mysql_close();
 header("location: index.php");
}
$current_month = date("F");
$current_date = date("d");
$current_year = date("Y");
$current_time = date("H:i");
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Geeky Gents</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<div class="links">
 <a href="index.php">Home</a>
 <a href="about.html">About</a>
 <a href="products.html">Products</a>
 <a href="join.html">Join Us</a>
</div>
<div class="body">
 <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
 <p>
 <input type="hidden" value="<?php echo $current_month; ?>" name="month" id="month" />
 <input type="hidden" name="date" id="date" size="2" value="<?php echo $current_date; ?>" />
 <input type="hidden" value="<?php echo $current_year; ?>" name="year" id="year" />
 <input type="hidden" name="time" id="time" size="5" value="<?php echo $current_time; ?>" /></p>
 <p><label for="title">*Title:</label><input type="text" name="title" name="title" size="40" /></p>
 <p>*Image:<input type="text" name="uploaded_file" name="uploaded_file" size="70" /></p>
 <p>*Content:</p>
 <p><textarea cols="80" rows="20" name="entry" id="entry"></textarea></p>
 <p>
 <input type="submit" name="submit" id="submit" value="Submit">
 <input type="button" value="Cancel" onclick="window.location.href='index.php'">
 </p>
 </form>
 <br /><br />
 <p>Image Uploader: (150x750)</p>
 <form action="uploader.php" method="post" enctype="multipart/form-data">
 <input type="file" name="myFile">
 <input type="submit" value="Upload">
 </form>
</div>
<div class="footer">
  <a href="http://www.youtube.com/user/GeekyGents/" target="_blank"><img src="images/icon/yt.png" /></a>
  <a href="http://www.facebook.com/GeekyGents/" target="_blank"><img src="images/icon/fb.png" /></a>
  <a href="https://twitter.com/GeekyGents/" target="_blank"><img src="images/icon/twitter.png" /></a>
</div>
</body>
</html>


UPLOADER
Code

<?php
define("UPLOAD_DIR", "uploads/");

if (!empty($_FILES["myFile"])) {
   $myFile = $_FILES["myFile"];

   if ($myFile["error"] !== UPLOAD_ERR_OK) {
       echo "<p>An error occurred.</p>";
       exit;
   }

   // ensure a safe filename
   $name = preg_replace("/[^A-Z0-9._-]/i", "_", $myFile["name"]);

   // don't overwrite an existing file
   $i = 0;
   $parts = pathinfo($name);
   while (file_exists(UPLOAD_DIR . $name)) {
       $i++;
       $name = $parts["filename"] . "-" . $i . "." . $parts["extension"];
   }

   // preserve file from temporary directory
   $success = move_uploaded_file($myFile["tmp_name"],
       UPLOAD_DIR . $name);
   if (!$success) {
       echo "<p>Unable to save file.</p>";
       exit;
   }

   // set proper permissions on the new file
   chmod(UPLOAD_DIR . $name, 0644);
}
?>
<p>Image uploaded successfully to: http://www.geekygents.com/<?php echo UPLOAD_DIR . $name; ?> </p>
<a href="postr52.php">Continue with post</a>



Tomorrow I'll update the Updatr52.php file to allow for changing the image file, and uploading from there as well.
Go Back To Programming & Development Topic List
Add Reply New Topic New Poll