website fix
This commit is contained in:
parent
e14794bc59
commit
309d08497b
58 changed files with 1690 additions and 363 deletions
60
_website/includes/admin_auth.php
Normal file
60
_website/includes/admin_auth.php
Normal file
|
|
@ -0,0 +1,60 @@
|
|||
<?php
|
||||
// Admin authorization include — include early (before output) on admin pages
|
||||
if (session_status() === PHP_SESSION_NONE) {
|
||||
session_name("gameservers_website");
|
||||
session_start();
|
||||
}
|
||||
|
||||
// If not logged in, redirect to login
|
||||
if (empty($_SESSION['website_user_id'])) {
|
||||
// Build absolute login URL to avoid browser-relative resolution issues
|
||||
$script = $_SERVER['SCRIPT_NAME'] ?? '';
|
||||
$siteRoot = '/';
|
||||
$pos = strpos($script, '/_website');
|
||||
if ($pos !== false) {
|
||||
$siteRoot = substr($script, 0, $pos + strlen('/_website'));
|
||||
} else {
|
||||
$siteRoot = rtrim(dirname($script), '/\\');
|
||||
}
|
||||
$loginUrl = $siteRoot . '/login.php';
|
||||
$returnTo = $siteRoot . '/' . basename($_SERVER['PHP_SELF']);
|
||||
header('Location: ' . $loginUrl . '?return_to=' . urlencode($returnTo));
|
||||
exit();
|
||||
}
|
||||
|
||||
// Require DB config and check role live from panel DB
|
||||
|
||||
require_once(__DIR__ . '/config.inc.php');
|
||||
// Use a local connection variable so we don't clash with pages that also use $db
|
||||
$auth_db = @mysqli_connect($db_host, $db_user, $db_pass, $db_name);
|
||||
if (!$auth_db) {
|
||||
// If DB unavailable, deny access gracefully
|
||||
// Redirect to absolute login URL
|
||||
$script = $_SERVER['SCRIPT_NAME'] ?? '';
|
||||
$pos = strpos($script, '/_website');
|
||||
$siteRoot = $pos !== false ? substr($script, 0, $pos + strlen('/_website')) : rtrim(dirname($script), '/\\');
|
||||
header('Location: ' . $siteRoot . '/login.php');
|
||||
exit();
|
||||
}
|
||||
|
||||
$uid = intval($_SESSION['website_user_id']);
|
||||
$role = '';
|
||||
$res = mysqli_query($auth_db, "SELECT users_role FROM ogp_users WHERE user_id = $uid LIMIT 1");
|
||||
if ($res && mysqli_num_rows($res) === 1) {
|
||||
$row = mysqli_fetch_assoc($res);
|
||||
$role = (string)($row['users_role'] ?? '');
|
||||
}
|
||||
mysqli_close($auth_db);
|
||||
|
||||
if (strtolower($role) !== 'admin') {
|
||||
// Not an admin — redirect to login or home
|
||||
// Redirect to absolute login URL
|
||||
$script = $_SERVER['SCRIPT_NAME'] ?? '';
|
||||
$pos = strpos($script, '/_website');
|
||||
$siteRoot = $pos !== false ? substr($script, 0, $pos + strlen('/_website')) : rtrim(dirname($script), '/\\');
|
||||
header('Location: ' . $siteRoot . '/login.php');
|
||||
exit();
|
||||
}
|
||||
|
||||
// If we reach here, user is an admin
|
||||
?>
|
||||
22
_website/includes/cart_helper.php
Normal file
22
_website/includes/cart_helper.php
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
// Helper to read cart items stored in session and return count
|
||||
// Non-invasive: reads $_SESSION['cart'] if present and returns total quantity or items count
|
||||
|
||||
if (session_status() === PHP_SESSION_NONE) {
|
||||
@session_start();
|
||||
}
|
||||
|
||||
function get_cart_count() {
|
||||
if (!isset($_SESSION['cart']) || !is_array($_SESSION['cart'])) {
|
||||
return 0;
|
||||
}
|
||||
$count = 0;
|
||||
foreach ($_SESSION['cart'] as $item) {
|
||||
if (is_array($item) && isset($item['quantity'])) {
|
||||
$count += (int) $item['quantity'];
|
||||
} else {
|
||||
$count += 1;
|
||||
}
|
||||
}
|
||||
return $count;
|
||||
}
|
||||
|
|
@ -13,4 +13,20 @@ $db_pass="Pkloyn7yvpht!";
|
|||
$db_name="panel";
|
||||
$table_prefix="ogp_";
|
||||
$db_type="mysql";
|
||||
// Optional: base URL used by admin pages to build absolute image previews.
|
||||
// Leave empty to prefer relative paths (local folder).
|
||||
// To enable production base URL, uncomment and set it to your site, e.g.:
|
||||
// $SITE_BASE_URL = 'https://gameservers.world/';
|
||||
$SITE_BASE_URL = '';
|
||||
|
||||
// Normalize: ensure either empty or ends without trailing slash (we use join_base to handle joining)
|
||||
$SITE_BASE_URL = trim((string)$SITE_BASE_URL);
|
||||
|
||||
// Site-wide background image (relative to site root). Change to your preferred background.
|
||||
$SITE_BACKGROUND = 'images/dark.jpg';
|
||||
// Normalize
|
||||
$SITE_BACKGROUND = trim((string)$SITE_BACKGROUND);
|
||||
|
||||
// Data directory for persisted payment webhook JSON files (relative to repo root)
|
||||
$SITE_DATA_DIR = realpath(__DIR__ . '/..') . DIRECTORY_SEPARATOR . 'data';
|
||||
?>
|
||||
|
|
|
|||
8
_website/includes/footer.php
Normal file
8
_website/includes/footer.php
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
<?php
|
||||
// Simple footer include
|
||||
?>
|
||||
<footer class="gsw-footer">
|
||||
<div class="container-wide">
|
||||
<a href="privacy.php">Privacy</a> | <a href="tos.php">TOS</a> | <a href="https://worlddomination.dev" target="_blank" rel="noopener">Worlddomination.dev</a>
|
||||
</div>
|
||||
</footer>
|
||||
19
_website/includes/login_required.php
Normal file
19
_website/includes/login_required.php
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
if (session_status() === PHP_SESSION_NONE) {
|
||||
session_name("gameservers_website");
|
||||
session_start();
|
||||
}
|
||||
|
||||
if (empty($_SESSION['website_user_id'])) {
|
||||
// Build return_to pointing to current script + query and force absolute login URL
|
||||
// Use raw REQUEST_URI (already absolute) and urlencode once when passing to login
|
||||
$requestUri = $_SERVER['REQUEST_URI'] ?? '/index.php';
|
||||
// Determine site root (prefer up to /_website)
|
||||
$script = $_SERVER['SCRIPT_NAME'] ?? '';
|
||||
$pos = strpos($script, '/_website');
|
||||
$siteRoot = $pos !== false ? substr($script, 0, $pos + strlen('/_website')) : rtrim(dirname($script), '/\\');
|
||||
$loginUrl = $siteRoot . '/login.php';
|
||||
header('Location: ' . $loginUrl . '?return_to=' . urlencode($requestUri));
|
||||
exit();
|
||||
}
|
||||
?>
|
||||
|
|
@ -13,43 +13,84 @@ if (session_status() === PHP_SESSION_NONE) {
|
|||
// Check login status
|
||||
$is_logged_in = isset($_SESSION['website_user_id']) && !empty($_SESSION['website_user_id']);
|
||||
$username = $is_logged_in ? htmlspecialchars($_SESSION['website_username']) : '';
|
||||
?>
|
||||
<style>
|
||||
.gsw-header{display:flex;justify-content:space-between;align-items:center;padding:16px 24px;background:rgba(102, 126, 234, 0.95);backdrop-filter:blur(10px);margin-bottom:20px;box-shadow:0 2px 4px rgba(0,0,0,0.1);}
|
||||
.gsw-header-left{font-weight:700;font-size:1.2rem;color:#fff;}
|
||||
.gsw-header-left a{color:#fff;text-decoration:none;}
|
||||
.gsw-header-nav{display:flex;gap:20px;align-items:center;}
|
||||
.gsw-nav-link{color:#fff;text-decoration:none;font-size:0.95rem;transition:opacity 0.2s;}
|
||||
.gsw-nav-link:hover{opacity:0.8;text-decoration:underline;}
|
||||
.gsw-header-right{display:flex;gap:12px;align-items:center;}
|
||||
.gsw-user-info{color:#fff;font-size:0.95rem;}
|
||||
.gsw-header-btn{padding:8px 16px;background:#fff;color:#667eea;border-radius:6px;text-decoration:none;font-weight:600;transition:transform 0.2s;}
|
||||
.gsw-header-btn:hover{transform:translateY(-2px);}
|
||||
@media(max-width:768px){
|
||||
.gsw-header{flex-direction:column;gap:12px;}
|
||||
.gsw-header-nav{flex-wrap:wrap;justify-content:center;}
|
||||
|
||||
// Determine if the logged-in user is an admin by checking the panel DB
|
||||
$is_admin = false;
|
||||
if ($is_logged_in) {
|
||||
// load DB credentials
|
||||
require_once(__DIR__ . '/config.inc.php');
|
||||
// Prefer reusing an existing $db if present, otherwise open a local connection
|
||||
$menu_db = null;
|
||||
$menu_db_opened = false;
|
||||
if (isset($db) && $db instanceof mysqli) {
|
||||
$menu_db = $db;
|
||||
} else {
|
||||
$menu_db = @mysqli_connect($db_host, $db_user, $db_pass, $db_name);
|
||||
$menu_db_opened = true;
|
||||
}
|
||||
</style>
|
||||
|
||||
if ($menu_db) {
|
||||
$uid = intval($_SESSION['website_user_id']);
|
||||
$res = mysqli_query($menu_db, "SELECT users_role FROM ogp_users WHERE user_id = $uid LIMIT 1");
|
||||
if ($res && mysqli_num_rows($res) === 1) {
|
||||
$row = mysqli_fetch_assoc($res);
|
||||
if (strtolower((string)($row['users_role'] ?? '')) === 'admin') $is_admin = true;
|
||||
}
|
||||
if ($menu_db_opened) {
|
||||
mysqli_close($menu_db);
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
<link rel="stylesheet" href="css/header.css">
|
||||
|
||||
<div class="gsw-header">
|
||||
<div class="gsw-header-left">
|
||||
<a href="/">GameServers.World</a>
|
||||
<a href="index.php">GameServers.World</a>
|
||||
</div>
|
||||
<nav class="gsw-header-nav">
|
||||
<a href="/" class="gsw-nav-link">Home</a>
|
||||
<a href="/serverlist.php" class="gsw-nav-link">Game Servers</a>
|
||||
<a href="/cart.php" class="gsw-nav-link">Cart</a>
|
||||
<?php if ($is_logged_in): ?>
|
||||
<a href="/adminserverlist.php" class="gsw-nav-link">Admin</a>
|
||||
<a href="index.php" class="gsw-nav-link">Home</a>
|
||||
<a href="serverlist.php" class="gsw-nav-link">Game Servers</a>
|
||||
<li>
|
||||
<a href="cart.php">Cart
|
||||
<?php
|
||||
// show cart badge if helper available
|
||||
$cart_count = 0;
|
||||
if (file_exists(__DIR__ . '/cart_helper.php')) {
|
||||
include_once __DIR__ . '/cart_helper.php';
|
||||
if (function_exists('get_cart_count')) {
|
||||
$cart_count = (int) get_cart_count();
|
||||
}
|
||||
}
|
||||
if ($cart_count > 0) {
|
||||
echo ' <span class="cart-badge">' . intval($cart_count) . '</span>';
|
||||
}
|
||||
?>
|
||||
</a>
|
||||
</li>
|
||||
<?php if (basename($_SERVER['PHP_SELF']) === 'login.php'): ?>
|
||||
<a href="register.php" class="gsw-nav-link">Register</a>
|
||||
<?php endif; ?>
|
||||
<?php if ($is_logged_in && $is_admin): ?>
|
||||
<a href="admin.php" class="gsw-nav-link">Admin</a>
|
||||
<?php endif; ?>
|
||||
<a href="http://panel.iaregamer.com" class="gsw-nav-link" target="_blank">Panel Login</a>
|
||||
</nav>
|
||||
<div class="gsw-header-right">
|
||||
<?php if ($is_logged_in): ?>
|
||||
<span class="gsw-user-info">Welcome, <?php echo $username; ?>!</span>
|
||||
<a href="/logout.php" class="gsw-header-btn">Logout</a>
|
||||
<?php
|
||||
// Build a safe absolute return_to under this site so logout redirects stay in _website
|
||||
$script = $_SERVER['SCRIPT_NAME'] ?? '';
|
||||
$pos = strpos($script, '/_website');
|
||||
$siteRoot = $pos !== false ? substr($script, 0, $pos + strlen('/_website')) : rtrim(dirname($script), '/\\');
|
||||
$current = $_SERVER['REQUEST_URI'] ?? $siteRoot . '/index.php';
|
||||
// Ensure current is absolute and under site root; urlencode only when embedding in URL
|
||||
$return_to_param = $current;
|
||||
?>
|
||||
<a href="logout.php?return_to=<?php echo urlencode($return_to_param); ?>" class="gsw-header-btn">Logout</a>
|
||||
<?php else: ?>
|
||||
<a href="/login.php" class="gsw-header-btn">Login</a>
|
||||
<a href="login.php" class="gsw-header-btn">Login</a>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
18
_website/includes/top.php
Normal file
18
_website/includes/top.php
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
<?php
|
||||
// Top include for all _website pages: logo + site name
|
||||
?>
|
||||
<link rel="stylesheet" href="css/header.css">
|
||||
<?php
|
||||
// Optionally set a background image from config
|
||||
if (isset($SITE_BACKGROUND) && $SITE_BACKGROUND) {
|
||||
$bg = htmlspecialchars($SITE_BACKGROUND, ENT_QUOTES, 'UTF-8');
|
||||
echo "<style>body{background-image:url('". $bg ."');background-size:cover;background-position:center fixed;}</style>\n";
|
||||
}
|
||||
?>
|
||||
|
||||
<div class="gsw-top">
|
||||
<div class="gsw-top-left">
|
||||
<img src="images/logo-sm.png" alt="Gameservers World logo">
|
||||
</div>
|
||||
<div class="gsw-site-name">Gameservers World</div>
|
||||
</div>
|
||||
Loading…
Add table
Add a link
Reference in a new issue