-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathinit.php
More file actions
141 lines (128 loc) · 5.1 KB
/
init.php
File metadata and controls
141 lines (128 loc) · 5.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
<?php
// Require dependencies
require_once(__DIR__ . "/config.php");
require_once(__DIR__ . "/utils.php");
require_once(__DIR__ . "/components.php");
// Start session
session_start();
// Get current route
$route = get_route();
// Reject access to this route
if ($route === "init.php") {
header("Location: index.php");
}
// Connect to MySQL server
try {
$pdo = new PDO("mysql:host=" . DB_HOST, DB_USERNAME, DB_PASSWORD);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
redirect_error();
$error_scope = "An error occured during connecting to database server.";
return;
}
// Checking database existence
try {
// Check if database exists
$check_db_query = "SELECT SCHEMA_NAME
FROM INFORMATION_SCHEMA.SCHEMATA
WHERE SCHEMA_NAME = :db_name";
$stmt = $pdo->prepare($check_db_query);
$stmt->bindValue(":db_name", DB_NAME, PDO::PARAM_STR);
$stmt->execute();
} catch (PDOException $e) {
redirect_error();
$error_scope = "An error occured during setting up database.";
return;
}
// Create database if it does not exist
try {
if (!$db_exists = $stmt->rowCount() > 0) {
$create_db_query = "CREATE DATABASE IF NOT EXISTS " . DB_NAME;
$stmt = $pdo->prepare($create_db_query);
$stmt->execute();
}
} catch (PDOException $e) {
redirect_error();
$error_scope = "An error occured during setting up database";
return;
}
// Reconnect to the database
try {
$pdo = new PDO("mysql:host=" . DB_HOST . ";dbname=" . DB_NAME, DB_USERNAME, DB_PASSWORD);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
redirect_error();
$error_scope = "An error occured during connecting to database.";
return;
}
// Create table User if it does not exist
try {
$create_user_query = "CREATE TABLE IF NOT EXISTS User (
username VARCHAR(" . USERNAME_MAX_LENGTH . ") PRIMARY KEY NOT NULL,
email VARCHAR(" . EMAIL_MAX_LENGTH . ") NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL,
reset_token_hash VARCHAR(64) UNIQUE,
reset_token_expires_at DATETIME,
CONSTRAINT validate_username CHECK (
username REGEXP :username_regexp
),
CONSTRAINT validate_email CHECK (
email REGEXP :email_regexp
)
)";
$stmt = $pdo->prepare($create_user_query);
$stmt->bindValue(":username_regexp", trim(USERNAME_REGEXP, "/"), PDO::PARAM_STR);
$stmt->bindValue(":email_regexp", trim(EMAIL_REGEXP, "/"), PDO::PARAM_STR);
$stmt->execute();
} catch (PDOException $e) {
redirect_error();
$error_scope = "An error occured during creating table User.";
return;
}
// Create table Task
try {
$valid_progress_list = array_map(function ($progress) {
return "'$progress'";
}, TASK_PROGRESS);
$valid_progress_string = implode(", ", $valid_progress_list);
$create_task_query = "CREATE TABLE IF NOT EXISTS Task (
id INTEGER PRIMARY KEY AUTO_INCREMENT,
username VARCHAR(" . USERNAME_MAX_LENGTH . ") NOT NULL,
name VARCHAR(" . TASKNAME_MAX_LENGTH . ") NOT NULL,
description VARCHAR(" . TASKDESC_MAX_LENGTH . "),
progress VARCHAR(20) NOT NULL DEFAULT 'Not started' CHECK (progress IN (" . $valid_progress_string . ")),
todo_date DATE NOT NULL,
dependent_on_id INTEGER,
CONSTRAINT fk_task_user FOREIGN KEY (username) REFERENCES User (username) ON DELETE CASCADE,
CONSTRAINT fk_task_dependency FOREIGN KEY (dependent_on_id) REFERENCES Task (id) ON DELETE SET NULL,
CHECK (
(progress <> 'Waiting on' AND dependent_on_id IS NULL)
OR
(progress = 'Waiting on' AND dependent_on_id IS NOT NULL)
)
)";
$stmt = $pdo->prepare($create_task_query);
$stmt->execute();
} catch (PDOException $e) {
redirect_error();
$error_scope = "An error occured during creating table Task.";
return;
}
// Throw to login if not authenticated
if (!$is_authenticated = is_authenticated()) logout();
// Otherwise, ensure user exists
else {
try {
$check_user_query = "SELECT * FROM User
WHERE username = :username";
$stmt = $pdo->prepare($check_user_query);
$stmt->bindParam(":username", $_SESSION["username"], PDO::PARAM_STR);
$stmt->execute();
} catch (PDOException $e) {
redirect_error();
$error_scope = "An error occured during authenticating user.";
return;
}
// If user does not exist, throw to login
if ($stmt->rowCount() === 0) logout();
}