From 7319816b7c712cd16d6e83bcd617c95943b79be6 Mon Sep 17 00:00:00 2001
From: Aqua-sama <aqua@iserlohn-fortress.net>
Date: Thu, 29 Apr 2021 20:43:35 +0300
Subject: CRUD reports

---
 bug/delete.php    |  0
 bug/edit.php      | 33 +++++++++++++++++++++++++++++++++
 bug/update.php    | 35 +++++++++++++++++++++++++++++++++++
 bug/view.php      | 28 ++++++++++++++++++++++++++++
 edit.php          | 33 ---------------------------------
 etc/readme.md     | 25 +++++++++++++++++++++++++
 index.php         |  6 +++---
 readme.md         | 28 ++++++++++++++--------------
 report/delete.php | 28 ++++++++++++++++++++++++++++
 report/edit.php   | 43 +++++++++++++++++++++++++++++++++++++++++++
 report/update.php | 28 ++++++++++++++++++++++++++++
 report/view.php   | 32 ++++++++++++++++++++++++++++++++
 update.php        | 35 -----------------------------------
 usage.md          | 19 -------------------
 view.php          | 28 ----------------------------
 15 files changed, 269 insertions(+), 132 deletions(-)
 create mode 100644 bug/delete.php
 create mode 100644 bug/edit.php
 create mode 100644 bug/update.php
 create mode 100644 bug/view.php
 delete mode 100644 edit.php
 create mode 100644 etc/readme.md
 create mode 100644 report/delete.php
 create mode 100644 report/edit.php
 create mode 100644 report/update.php
 create mode 100644 report/view.php
 delete mode 100644 update.php
 delete mode 100644 usage.md
 delete mode 100644 view.php

diff --git a/bug/delete.php b/bug/delete.php
new file mode 100644
index 0000000..e69de29
diff --git a/bug/edit.php b/bug/edit.php
new file mode 100644
index 0000000..7eba339
--- /dev/null
+++ b/bug/edit.php
@@ -0,0 +1,33 @@
+<?php
+require 'config.php';
+require_once(TEMPLATES_PATH . "/header.php");
+require_once(TEMPLATES_PATH . "/panel.php");
+require_once(LIBRARY_PATH . "/functions.php");
+
+if(!isset($_GET['id']) || $_GET['id'] == "") {
+    echo "<div id='error'>No bug selected, redirecting to index...</div>";
+    header('Refresh: 2; URL=index.php');
+
+} else if(!isset($_SESSION['user_id']) || $_SESSION['user_id'] == "") {
+    echo "<div id='error'>Not logged in, redirecting to index...</div>";
+    header('Refresh: 2; URL=index.php');
+
+} else {
+    $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
+
+    $query = "SELECT title, description, users.username AS submitter FROM bugs JOIN users ON bugs.author = users.id WHERE bugs.id=$_GET[id]";
+    $result = $conn->query($query)->fetch();
+?>
+
+<form action="update.php?id=<?php echo $_GET['id']; ?>" method="post">
+<p>Title: <input name="title" type="text" value="<?php echo $result['title']; ?>"></p>
+<p>Submitted by: <?php echo $result['submitter']; ?></p>
+<p>Description: <br><textarea name="description" rows=25 cols=80><?php echo $result['description']; ?></textarea></p>
+<input type="submit" value="update" >
+</form>
+
+<?php
+}
+
+require_once(TEMPLATES_PATH . "/footer.php");
+?>
diff --git a/bug/update.php b/bug/update.php
new file mode 100644
index 0000000..f27cdd4
--- /dev/null
+++ b/bug/update.php
@@ -0,0 +1,35 @@
+<?php
+require 'config.php';
+require_once(TEMPLATES_PATH . "/header.php");
+require_once(TEMPLATES_PATH . "/panel.php");
+require_once(LIBRARY_PATH . "/functions.php");
+
+if(!isset($_GET['id']) || $_GET['id'] == "") {
+    echo "<div id='error'>No bug selected, redirecting to index...</div>";
+    header('Refresh: 2; URL=index.php');
+
+} else if(!isset($_SESSION['user_id']) || $_SESSION['user_id'] == "") {
+    echo "<div id='error'>Not logged in, redirecting to index...</div>";
+    header('Refresh: 2; URL=index.php');
+
+} else {
+    $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
+
+    $query = $conn->prepare("UPDATE bugs SET title=:title, description=:description WHERE id=:id");
+    $query->bindParam(':title', $_POST['title']);
+    $query->bindParam(':description', $_POST['description']);
+    $query->bindParam(':id', $_GET['id']);
+    
+    if ($query->execute()) {
+        echo "Data is updated\n";
+    } else {
+        echo "User must have sent wrong inputs\n";
+    }
+
+    header("Refresh: 2; URL=view.php?id=$_GET[id]");
+
+}
+
+require_once(TEMPLATES_PATH . "/footer.php");
+?>
+
diff --git a/bug/view.php b/bug/view.php
new file mode 100644
index 0000000..2468abb
--- /dev/null
+++ b/bug/view.php
@@ -0,0 +1,28 @@
+<?php
+require 'config.php';
+require_once(TEMPLATES_PATH . "/header.php");
+require_once(TEMPLATES_PATH . "/panel.php");
+require_once(LIBRARY_PATH . "/parsedown.php");
+
+if(!isset($_GET['id']) || $_GET['id'] == "") {
+    echo "<div id='error'>No bug selected, redirecting to index...</div>";
+    header('Refresh: 2; URL=index.php');
+
+} else {
+    if(isset($_SESSION['user_id']) && $_SESSION['user_id'] != "") {
+        echo "<p><a href=edit.php?id=$_GET[id]>Edit</a></p>";
+    }
+
+    $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
+    $markdown = new Parsedown();
+
+    $query = "SELECT title, description, users.username AS submitter FROM bugs JOIN users ON bugs.author = users.id WHERE bugs.id=$_GET[id]";
+    $result = $conn->query($query)->fetch();
+
+    echo "<p><b>$result[title]</b></p>";
+    echo "<p>Submitted by $result[submitter]</p>";
+    echo '<p>' . $markdown->text($result['description']) . '</p>';
+}
+
+require_once(TEMPLATES_PATH . "/footer.php");
+?>
diff --git a/edit.php b/edit.php
deleted file mode 100644
index 7eba339..0000000
--- a/edit.php
+++ /dev/null
@@ -1,33 +0,0 @@
-<?php
-require 'config.php';
-require_once(TEMPLATES_PATH . "/header.php");
-require_once(TEMPLATES_PATH . "/panel.php");
-require_once(LIBRARY_PATH . "/functions.php");
-
-if(!isset($_GET['id']) || $_GET['id'] == "") {
-    echo "<div id='error'>No bug selected, redirecting to index...</div>";
-    header('Refresh: 2; URL=index.php');
-
-} else if(!isset($_SESSION['user_id']) || $_SESSION['user_id'] == "") {
-    echo "<div id='error'>Not logged in, redirecting to index...</div>";
-    header('Refresh: 2; URL=index.php');
-
-} else {
-    $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
-
-    $query = "SELECT title, description, users.username AS submitter FROM bugs JOIN users ON bugs.author = users.id WHERE bugs.id=$_GET[id]";
-    $result = $conn->query($query)->fetch();
-?>
-
-<form action="update.php?id=<?php echo $_GET['id']; ?>" method="post">
-<p>Title: <input name="title" type="text" value="<?php echo $result['title']; ?>"></p>
-<p>Submitted by: <?php echo $result['submitter']; ?></p>
-<p>Description: <br><textarea name="description" rows=25 cols=80><?php echo $result['description']; ?></textarea></p>
-<input type="submit" value="update" >
-</form>
-
-<?php
-}
-
-require_once(TEMPLATES_PATH . "/footer.php");
-?>
diff --git a/etc/readme.md b/etc/readme.md
new file mode 100644
index 0000000..2d01f05
--- /dev/null
+++ b/etc/readme.md
@@ -0,0 +1,25 @@
+## How to run the services manually
+
+### php-fpm
+```sh
+php-fpm --fpm-config php/php-fpm.conf
+```
+
+### nginx
+```sh
+nginx -p nginx/ -c nginx.conf
+```
+
+### postgresql
+```sh
+# setup
+initdb -D /path/to/postgres.d
+createdb -h localhost -p 5432 -U $(whoami) bugtracker
+
+# starting
+pg_ctl -D postgres/ -l logfile start
+
+# connecting
+psql -h localhost bugtracker
+```
+
diff --git a/index.php b/index.php
index f63f3af..02ad53a 100644
--- a/index.php
+++ b/index.php
@@ -39,11 +39,11 @@ foreach ($bugs_r as $row) {
 <?php
 
 if(session_set()) {
-    echo "<p><a href='{$config['urls']['base']}/reports/edit.php'>Create</a></p>\n";
+    echo "<p><a href='{$config['urls']['base']}/report/edit.php'>Create</a></p>\n";
 }
 
 # reports query
-$reports_q = 'SELECT title, description, author FROM reports WHERE bug IS NULL';
+$reports_q = 'SELECT reports.id AS id, title, description, users.username AS user FROM reports JOIN users ON reports.author=users.id WHERE bug IS NULL ORDER BY id';
 
 $reports_r = $conn->query($reports_q);
 if($reports_r->rowCount() > 0) {
@@ -53,7 +53,7 @@ if($reports_r->rowCount() > 0) {
 <tr><th>Title</th><th>Description</th><th>Submitted by</th></tr>
 <?php
 foreach ($reports_r as $row) {
-    echo "<tr><td><a href=view.php?id=$row[id]>$row[title]</a></td> <td>" . truncate($row['description']) . "</td> <td>$row[submitter]</td></tr>\n";
+    echo "<tr><td><a href=report/view.php?id=$row[id]>$row[title]</a></td> <td>" . truncate($row['description']) . "</td> <td>$row[user]</td></tr>\n";
 }
 ?>
 </table>
diff --git a/readme.md b/readme.md
index 1da26fc..455dd6b 100644
--- a/readme.md
+++ b/readme.md
@@ -20,18 +20,18 @@ A simple bugtracker written in php.
  login  | user/login.php
  logout | user/logout.php
 
-## bugs
-
-### create
-### read
-### update
-### delete
-
-## reports
-
-### create
-### read
-### update
-### delete
+### reports
+ action |
+--------|--------
+ create | report/edit.php
+ read   | report/view.php
+ update | report/update.php
+ delete | report/delete.php
 
-## index page
+### bugs
+ action |
+--------|--------
+ create | bug/edit.php
+ read   | bug/view.php
+ update | bug/update.php
+ delete | bug/delete.php
diff --git a/report/delete.php b/report/delete.php
new file mode 100644
index 0000000..1e43244
--- /dev/null
+++ b/report/delete.php
@@ -0,0 +1,28 @@
+<?php
+require '../config.php';
+require_once(TEMPLATES_PATH . "/header.php");
+require_once(TEMPLATES_PATH . "/panel.php");
+require_once(LIBRARY_PATH . "/functions.php");
+
+if(!session_set()) {
+    echo "You need to be logged in";
+    goto redirect;
+}
+
+if($_GET['id'] == "") {
+    echo "No report to delete";
+    goto redirect;
+}
+
+$conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
+$query = $conn->prepare("DELETE FROM reports WHERE id=:report_id");
+$query->bindParam(':report_id', $_GET['id']);
+if($query->execute()) {
+    echo "<h2>report deleted</h2>";
+} else {
+    echo "<h2>report failed to delete</h2>";
+}
+
+redirect: header("Refresh: 2; URL=$_SERVER[HTTP_REFERER]");
+footer: require_once(TEMPLATES_PATH . "/footer.php");
+?>
diff --git a/report/edit.php b/report/edit.php
new file mode 100644
index 0000000..ef289bd
--- /dev/null
+++ b/report/edit.php
@@ -0,0 +1,43 @@
+<?php
+require '../config.php';
+require_once(TEMPLATES_PATH . "/header.php");
+require_once(TEMPLATES_PATH . "/panel.php");
+require_once(LIBRARY_PATH . "/functions.php");
+
+if(!session_set()) {
+    header("Refresh: 2; URL={$config['urls']['base']}");
+    goto footer;
+}
+
+$id = isset($_GET['id']) ? $_GET['id'] : "";
+$title = "";
+$submitter = $_SESSION['user_name'];
+$description = "";
+
+if($id != "") {
+    $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
+    $query = $conn->prepare("SELECT title, description, users.username AS submitter FROM reports 
+        JOIN users ON reports.author=users.id 
+        WHERE reports.id=:report_id");
+    $query->bindParam(':report_id', $id);
+    $query->execute();
+
+    $result = $query->fetch();
+    $title = $result['title'];
+    $submitter = $result['submitter'];
+    $description = $result['description'];
+}
+
+?>
+
+<form action="update.php?id=<?php echo $id; ?>" method="post">
+<input name="id" type="hidden" value="<?php echo $id; ?>">
+<p>Title: <input name="title" type="text" value="<?php echo $title; ?>"></p>
+<p>Submitted by: <?php echo $submitter; ?></p>
+<p>Description: <br><textarea name="description" rows=25 cols=80><?php echo $description; ?></textarea></p>
+<input type="submit" value="submit" >
+</form>
+
+<?php
+footer: require_once(TEMPLATES_PATH . "/footer.php");
+?>
diff --git a/report/update.php b/report/update.php
new file mode 100644
index 0000000..0fadb53
--- /dev/null
+++ b/report/update.php
@@ -0,0 +1,28 @@
+<?php
+require '../config.php';
+require_once(TEMPLATES_PATH . "/header.php");
+require_once(TEMPLATES_PATH . "/panel.php");
+require_once(LIBRARY_PATH . "/functions.php");
+
+if(session_set()) {
+    $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
+    $query = $_POST['id'] == "" ?
+        $conn->prepare("INSERT INTO reports (author, title, description) VALUES (:user_id, :title, :description)")
+      : $conn->prepare("UPDATE reports SET title=:title, description=:description WHERE id=:report_id");
+    if($_POST['id'] == "") {
+        $query->bindParam(':user_id', $_SESSION['user_id']);
+    } else {
+        $query->bindParam(':report_id', $_POST['id']);
+    }
+    $query->bindParam(':title', $_POST['title']);
+    $query->bindParam(':description', $_POST['description']);
+    if($query->execute()) {
+        echo "<h2>report submitted</h2>";
+    } else {
+        echo "<h2>report failed to submit</h2>";
+    }
+}
+
+header("Refresh: 2; URL=$_SERVER[HTTP_REFERER]");
+footer: require_once(TEMPLATES_PATH . "/footer.php");
+?>
diff --git a/report/view.php b/report/view.php
new file mode 100644
index 0000000..479f90e
--- /dev/null
+++ b/report/view.php
@@ -0,0 +1,32 @@
+<?php
+require '../config.php';
+require_once(TEMPLATES_PATH . "/header.php");
+require_once(TEMPLATES_PATH . "/panel.php");
+require_once(LIBRARY_PATH . "/functions.php");
+require_once(LIBRARY_PATH . "/parsedown.php");
+
+if(!isset($_GET['id']) || $_GET['id'] == "") {
+    echo "<div id='error'>No report selected, redirecting to index...</div>";
+    header("Refresh: 2; URL=$_SERVER[HTTP_REFERER]");
+    goto footer;
+}
+
+$conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
+$query = $conn->prepare("SELECT title, description, users.username AS submitter FROM reports 
+    JOIN users ON reports.author = users.id WHERE reports.id=:report_id");
+$query->bindParam(':report_id', $_GET['id']);
+$query->execute();
+$result = $query->fetch();
+
+$markdown = new Parsedown();
+
+echo "<p><b>$result[title]</b></p>";
+echo "<p>Submitted by $result[submitter]</p>";
+echo '<p>' . $markdown->text($result['description']) . '</p>';
+
+if(session_set()) {
+    echo "<p><a href=edit.php?id=$_GET[id]>Edit</a> | <a href=delete.php?id=$_GET[id]>Delete</a></p>";
+}
+
+footer: require_once(TEMPLATES_PATH . "/footer.php");
+?>
diff --git a/update.php b/update.php
deleted file mode 100644
index f27cdd4..0000000
--- a/update.php
+++ /dev/null
@@ -1,35 +0,0 @@
-<?php
-require 'config.php';
-require_once(TEMPLATES_PATH . "/header.php");
-require_once(TEMPLATES_PATH . "/panel.php");
-require_once(LIBRARY_PATH . "/functions.php");
-
-if(!isset($_GET['id']) || $_GET['id'] == "") {
-    echo "<div id='error'>No bug selected, redirecting to index...</div>";
-    header('Refresh: 2; URL=index.php');
-
-} else if(!isset($_SESSION['user_id']) || $_SESSION['user_id'] == "") {
-    echo "<div id='error'>Not logged in, redirecting to index...</div>";
-    header('Refresh: 2; URL=index.php');
-
-} else {
-    $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
-
-    $query = $conn->prepare("UPDATE bugs SET title=:title, description=:description WHERE id=:id");
-    $query->bindParam(':title', $_POST['title']);
-    $query->bindParam(':description', $_POST['description']);
-    $query->bindParam(':id', $_GET['id']);
-    
-    if ($query->execute()) {
-        echo "Data is updated\n";
-    } else {
-        echo "User must have sent wrong inputs\n";
-    }
-
-    header("Refresh: 2; URL=view.php?id=$_GET[id]");
-
-}
-
-require_once(TEMPLATES_PATH . "/footer.php");
-?>
-
diff --git a/usage.md b/usage.md
deleted file mode 100644
index 1d25ff9..0000000
--- a/usage.md
+++ /dev/null
@@ -1,19 +0,0 @@
-## Starting services
-
-```sh
-php-fpm --fpm-config php/php-fpm.conf
-nginx -p nginx/ -c nginx.conf
-```
-
-## postgresql
-### setup
-```sh
-$ initdb -D /path/to/postgres.d
-$ createdb -h localhost -p 5432 -U red bugtracker
-
-# starting
-pg_ctl -D /home/red/etc/postgres/ -l logfile start
-
-# connecting
-psql -h localhost bugtracker
-```
diff --git a/view.php b/view.php
deleted file mode 100644
index 2468abb..0000000
--- a/view.php
+++ /dev/null
@@ -1,28 +0,0 @@
-<?php
-require 'config.php';
-require_once(TEMPLATES_PATH . "/header.php");
-require_once(TEMPLATES_PATH . "/panel.php");
-require_once(LIBRARY_PATH . "/parsedown.php");
-
-if(!isset($_GET['id']) || $_GET['id'] == "") {
-    echo "<div id='error'>No bug selected, redirecting to index...</div>";
-    header('Refresh: 2; URL=index.php');
-
-} else {
-    if(isset($_SESSION['user_id']) && $_SESSION['user_id'] != "") {
-        echo "<p><a href=edit.php?id=$_GET[id]>Edit</a></p>";
-    }
-
-    $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
-    $markdown = new Parsedown();
-
-    $query = "SELECT title, description, users.username AS submitter FROM bugs JOIN users ON bugs.author = users.id WHERE bugs.id=$_GET[id]";
-    $result = $conn->query($query)->fetch();
-
-    echo "<p><b>$result[title]</b></p>";
-    echo "<p>Submitted by $result[submitter]</p>";
-    echo '<p>' . $markdown->text($result['description']) . '</p>';
-}
-
-require_once(TEMPLATES_PATH . "/footer.php");
-?>
-- 
cgit v1.2.1