mirror of
https://git.sr.ht/~iwakuralain/text0Nly
synced 2025-07-27 15:36:11 +00:00
315 lines
9.4 KiB
PHP
315 lines
9.4 KiB
PHP
<?php
|
|
header('X-Content-Type-Options: nosniff');
|
|
header('X-Frame-Options: DENY');
|
|
header('X-XSS-Protection: 1; mode=block');
|
|
header('Content-Security-Policy: default-src \'self\'');
|
|
|
|
$config = require 'config.php';
|
|
|
|
try {
|
|
$db = new PDO(
|
|
"mysql:host={$config['db']['host']};dbname={$config['db']['name']}",
|
|
$config['db']['user'],
|
|
$config['db']['pass']
|
|
);
|
|
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
} catch (PDOException $e) {
|
|
die('Connection failed: ' . $e->getMessage());
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
|
|
$message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING);
|
|
$signature = $_POST['signature'] ?? '';
|
|
$is_encrypted = isset($_POST['encrypted']) ? 1 : 0;
|
|
|
|
if ($username && $message) {
|
|
try {
|
|
$stmt = $db->prepare('INSERT INTO messages (username, message, signature, is_encrypted) VALUES (?, ?, ?, ?)');
|
|
$stmt->execute([$username, $message, $signature, $is_encrypted]);
|
|
} catch (PDOException $e) {
|
|
die('Database error: ' . $e->getMessage());
|
|
}
|
|
}
|
|
header('Location: ' . $_SERVER['PHP_SELF']);
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$stmt = $db->query('SELECT * FROM messages ORDER BY created_at DESC LIMIT 50');
|
|
$messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
} catch (PDOException $e) {
|
|
die('Database error: ' . $e->getMessage());
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<title>Text0Nly</title>
|
|
<style>
|
|
body {
|
|
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
|
|
max-width: 800px;
|
|
margin: 0 auto;
|
|
padding: 20px;
|
|
background: #f5f5f5;
|
|
color: #333;
|
|
height: 100vh;
|
|
display: flex;
|
|
flex-direction: column;
|
|
}
|
|
.container {
|
|
background: white;
|
|
border-radius: 8px;
|
|
box-shadow: 0 2px 4px rgba(0,0,0,0.1);
|
|
padding: 20px;
|
|
display: flex;
|
|
flex-direction: column;
|
|
height: 100%;
|
|
}
|
|
.messages-container {
|
|
flex: 1;
|
|
overflow-y: auto;
|
|
margin-bottom: 20px;
|
|
padding-right: 10px;
|
|
}
|
|
.message {
|
|
margin: 10px 0;
|
|
padding: 15px;
|
|
border: 1px solid #eee;
|
|
border-radius: 8px;
|
|
background: white;
|
|
transition: all 0.2s ease;
|
|
}
|
|
.message:hover {
|
|
box-shadow: 0 2px 8px rgba(0,0,0,0.1);
|
|
}
|
|
.username {
|
|
font-weight: 600;
|
|
color: #2196F3;
|
|
margin-right: 8px;
|
|
}
|
|
.time {
|
|
color: #999;
|
|
font-size: 0.8em;
|
|
float: right;
|
|
}
|
|
.encrypted {
|
|
color: #4CAF50;
|
|
font-size: 0.9em;
|
|
margin-left: 8px;
|
|
}
|
|
.signature {
|
|
color: #FF9800;
|
|
font-size: 0.9em;
|
|
margin-top: 5px;
|
|
padding-top: 5px;
|
|
border-top: 1px solid #eee;
|
|
}
|
|
.form-container {
|
|
background: white;
|
|
padding: 20px;
|
|
border-radius: 8px;
|
|
box-shadow: 0 2px 4px rgba(0,0,0,0.1);
|
|
}
|
|
input[type="text"] {
|
|
width: 100%;
|
|
padding: 10px;
|
|
margin: 5px 0;
|
|
border: 1px solid #ddd;
|
|
border-radius: 4px;
|
|
box-sizing: border-box;
|
|
}
|
|
textarea {
|
|
width: 100%;
|
|
height: 100px;
|
|
margin: 10px 0;
|
|
padding: 10px;
|
|
border: 1px solid #ddd;
|
|
border-radius: 4px;
|
|
resize: vertical;
|
|
box-sizing: border-box;
|
|
}
|
|
button {
|
|
background: #2196F3;
|
|
color: white;
|
|
border: none;
|
|
padding: 12px 24px;
|
|
border-radius: 4px;
|
|
cursor: pointer;
|
|
font-weight: 600;
|
|
transition: background 0.2s ease;
|
|
}
|
|
button:hover {
|
|
background: #1976D2;
|
|
}
|
|
.header {
|
|
display: flex;
|
|
justify-content: space-between;
|
|
align-items: center;
|
|
margin-bottom: 20px;
|
|
}
|
|
.header h1 {
|
|
margin: 0;
|
|
color: #2196F3;
|
|
}
|
|
.header-buttons {
|
|
display: flex;
|
|
gap: 10px;
|
|
}
|
|
.header-buttons a {
|
|
background: white;
|
|
padding: 8px 16px;
|
|
border-radius: 4px;
|
|
text-decoration: none;
|
|
color: #2196F3;
|
|
font-weight: 600;
|
|
box-shadow: 0 2px 4px rgba(0,0,0,0.1);
|
|
transition: all 0.2s ease;
|
|
}
|
|
.header-buttons a:hover {
|
|
background: #2196F3;
|
|
color: white;
|
|
}
|
|
.modal {
|
|
display: none;
|
|
position: fixed;
|
|
top: 0;
|
|
left: 0;
|
|
width: 100%;
|
|
height: 100%;
|
|
background: rgba(0,0,0,0.5);
|
|
z-index: 1000;
|
|
}
|
|
.modal-content {
|
|
position: relative;
|
|
background: white;
|
|
margin: 50px auto;
|
|
padding: 20px;
|
|
width: 80%;
|
|
max-width: 600px;
|
|
border-radius: 8px;
|
|
box-shadow: 0 4px 6px rgba(0,0,0,0.1);
|
|
}
|
|
.close {
|
|
position: absolute;
|
|
right: 20px;
|
|
top: 20px;
|
|
font-size: 24px;
|
|
cursor: pointer;
|
|
color: #666;
|
|
}
|
|
.api-info {
|
|
margin: 20px 0;
|
|
padding: 15px;
|
|
background: #f8f9fa;
|
|
border-radius: 8px;
|
|
border: 1px solid #eee;
|
|
}
|
|
.api-info pre {
|
|
background: #2d2d2d;
|
|
color: #fff;
|
|
padding: 15px;
|
|
border-radius: 4px;
|
|
overflow-x: auto;
|
|
}
|
|
.checkbox-wrapper {
|
|
margin: 10px 0;
|
|
display: flex;
|
|
align-items: center;
|
|
}
|
|
.checkbox-wrapper input[type="checkbox"] {
|
|
margin-right: 8px;
|
|
}
|
|
.checkbox-wrapper label {
|
|
color: #666;
|
|
}
|
|
.clear {
|
|
clear: both;
|
|
}
|
|
</style>
|
|
</head>
|
|
<body>
|
|
<div class="container">
|
|
<div class="header">
|
|
<h1>Text0Nly</h1>
|
|
<div class="header-buttons">
|
|
<a href="#" onclick="showApiInfo()">API Info</a>
|
|
<a href="register.php">Register</a>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="messages-container" id="messages">
|
|
<?php foreach ($messages as $msg): ?>
|
|
<div class="message">
|
|
<span class="username"><?= htmlspecialchars($msg['username']) ?></span>
|
|
<?php if ($msg['is_encrypted']): ?>
|
|
<span class="encrypted">[Encrypted]</span>
|
|
<?php endif; ?>
|
|
<span class="time"><?= $msg['created_at'] ?></span>
|
|
<div class="clear"></div>
|
|
<div class="message-content"><?= nl2br(htmlspecialchars($msg['message'])) ?></div>
|
|
<?php if ($msg['signature']): ?>
|
|
<div class="signature">Signature: <?= htmlspecialchars($msg['signature']) ?></div>
|
|
<?php endif; ?>
|
|
</div>
|
|
<?php endforeach; ?>
|
|
</div>
|
|
|
|
<div class="form-container">
|
|
<form method="post">
|
|
<input type="text" name="username" placeholder="Your username" required maxlength="50">
|
|
<textarea name="message" placeholder="Your message" required></textarea>
|
|
<textarea name="signature" placeholder="PGP signature (optional)"></textarea>
|
|
<div class="checkbox-wrapper">
|
|
<input type="checkbox" name="encrypted" id="encrypted">
|
|
<label for="encrypted">Message is encrypted</label>
|
|
</div>
|
|
<button type="submit">Send Message</button>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<div id="apiModal" class="modal">
|
|
<div class="modal-content">
|
|
<span class="close" onclick="hideApiInfo()">×</span>
|
|
<h2>Message API</h2>
|
|
<div class="api-info">
|
|
<pre>curl -X POST http://localhost/api.php -H "Content-Type: application/json" -d '{
|
|
"username": "name",
|
|
"message": "text",
|
|
"signature": "pgp_signature",
|
|
"encrypted": true
|
|
}'</pre>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<script>
|
|
function showApiInfo() {
|
|
document.getElementById('apiModal').style.display = 'block';
|
|
}
|
|
|
|
function hideApiInfo() {
|
|
document.getElementById('apiModal').style.display = 'none';
|
|
}
|
|
|
|
window.onclick = function(event) {
|
|
if (event.target == document.getElementById('apiModal')) {
|
|
hideApiInfo();
|
|
}
|
|
}
|
|
|
|
setInterval(() => {
|
|
fetch(window.location.href)
|
|
.then(response => response.text())
|
|
.then(html => {
|
|
const parser = new DOMParser();
|
|
const doc = parser.parseFromString(html, 'text/html');
|
|
document.getElementById('messages').innerHTML = doc.getElementById('messages').innerHTML;
|
|
});
|
|
}, 5000);
|
|
</script>
|
|
</body>
|
|
</html>
|