3 سال پیش · 265097aa85
--- a/db/source.sql
+++ b/db/source.sql
@@ -1,20 +1,20 @@
 
				 BEGIN TRANSACTION;
			
 
				 CREATE TABLE IF NOT EXISTS "registry" (
			
 
				 	"id"	INTEGER NOT NULL UNIQUE,
			
 
				-	"domain"	TEXT,
			
 
				-	"username"	TEXT,
			
 
				+	"domain"	TEXT NOT NULL UNIQUE,
			
 
				+	"username"	TEXT NOT NULL,
			
 
				 	"last_renewal"	INTEGER,
			
 
				 	PRIMARY KEY("id" AUTOINCREMENT)
			
 
				 );
			
 
				 CREATE TABLE IF NOT EXISTS "zones" (
			
 
				 	"id"	INTEGER NOT NULL UNIQUE,
			
 
				-	"zone"	TEXT NOT NULL,
			
 
				+	"zone"	TEXT NOT NULL UNIQUE,
			
 
				 	"username"	TEXT NOT NULL,
			
 
				 	PRIMARY KEY("id" AUTOINCREMENT)
			
 
				 );
			
 
				 CREATE TABLE IF NOT EXISTS "users" (
			
 
				 	"id"	INTEGER NOT NULL UNIQUE,
			
 
				-	"username"	TEXT NOT NULL,
			
 
				+	"username"	TEXT NOT NULL UNIQUE,
			
 
				 	"password"	TEXT NOT NULL,
			
 
				 	"registration_date"	INTEGER NOT NULL,
			
 
				 	PRIMARY KEY("id" AUTOINCREMENT)
			
@@ -23,7 +23,7 @@ CREATE TABLE IF NOT EXISTS "sites" (
 
				 	"id"	INTEGER NOT NULL UNIQUE,
			
 
				 	"username"	TEXT NOT NULL,
			
 
				 	"site_dir"	TEXT NOT NULL,
			
 
				-	"domain"	TEXT NOT NULL,
			
 
				+	"domain"	TEXT NOT NULL UNIQUE,
			
 
				 	"domain_type"	TEXT NOT NULL,
			
 
				 	"protocol"	TEXT NOT NULL,
			
 
				 	"creation_date"	INTEGER NOT NULL,
			
--- a/fn/auth.php
+++ b/fn/auth.php
@@ -29,55 +29,24 @@ function hashPassword($password) {
 
				 }
			
 
				 
			
 
				 function userExist($username) {
			
 
				-	$usernameArray[0] = $username;
			
 
				-
			
 
				-	$db = new PDO('sqlite:' . DB_PATH);
			
 
				-
			
 
				-	$op = $db->prepare('SELECT username FROM users WHERE username = ?');
			
 
				-	$op->execute($usernameArray);
			
 
				-
			
 
				-	$data = $op->fetch();
			
 
				-	if (isset($data['username']))
			
 
				-		return true;
			
 
				-	else
			
 
				-		return false;
			
 
				+	return $username === query('select', 'users', ['username' => $username], 'username')[0];
			
 
				 }
			
 
				 
			
 
				 function checkPassword($username, $password) {
			
 
				-	$username2[0] = $username;
			
 
				-
			
 
				-	$db = new PDO('sqlite:' . DB_PATH);
			
 
				-
			
 
				-	$op = $db->prepare('SELECT username, password FROM users WHERE username = ?');
			
 
				-	$op->execute($username2);
			
 
				-
			
 
				-	$dbPassword = $op->fetch()['password'];
			
 
				-
			
 
				-	return password_verify($password, $dbPassword);
			
 
				+	return password_verify($password, query('select', 'users', ['username' => $username], 'password')[0]);
			
 
				 }
			
 
				 
			
 
				 function outdatedPasswordHash($username) {
			
 
				-	$username2[0] = $username;
			
 
				-
			
 
				-	$db = new PDO('sqlite:' . DB_PATH);
			
 
				-
			
 
				-	$op = $db->prepare('SELECT username, password FROM users WHERE username = ?');
			
 
				-	$op->execute($username2);
			
 
				-
			
 
				-	$dbPassword = $op->fetch()['password'];
			
 
				-
			
 
				-	return password_needs_rehash($dbPassword, ALGO_PASSWORD, OPTIONS_PASSWORD);
			
 
				+	return password_needs_rehash(query('select', 'users', ['username' => $username], 'password')[0], ALGO_PASSWORD, OPTIONS_PASSWORD);
			
 
				 }
			
 
				 
			
 
				 function changePassword($username, $password) {
			
 
				-	$password = hashPassword($password);
			
 
				-
			
 
				 	$db = new PDO('sqlite:' . DB_PATH);
			
 
				 
			
 
				 	$stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username");
			
 
				 
			
 
				 	$stmt->bindValue(':username', $username);
			
 
				-	$stmt->bindValue(':password', $password);
			
 
				+	$stmt->bindValue(':password', hashPassword($password));
			
 
				 
			
 
				 	$stmt->execute();
			
 
				 }
			
--- a/fn/dns.php
+++ b/fn/dns.php
@@ -39,10 +39,9 @@ function checkAbsoluteDomainFormat($domain) {
 
				 }
			
 
				 
			
 
				 function checkAction($action) {
			
 
				-	if ($action === "delete")
			
 
				-		return "un";
			
 
				-	else if ($action === "add")
			
 
				-		return "";
			
 
				-	else
			
 
				-		userError("Wrong value for action.");
			
 
				+	return match ($action) {
			
 
				+		'add' => '',
			
 
				+		'delete' => 'un',
			
 
				+		default => userError("Wrong value for action."),
			
 
				+	};
			
 
				 }
			
--- a/fn/reg.php
+++ b/fn/reg.php
@@ -6,17 +6,7 @@ function regGetUpperDomain($domain) {
 
				 }
			
 
				 
			
 
				 function regListUserDomains($username) {
			
 
				-	$db = new PDO('sqlite:' . DB_PATH);
			
 
				-	$usernameArray[0] = $username;
			
 
				-
			
 
				-	$op = $db->prepare('SELECT domain FROM registry WHERE username = ?');
			
 
				-	$op->execute($usernameArray);
			
 
				-
			
 
				-	$domains = [];
			
 
				-	foreach ($op->fetchAll() as $domain)
			
 
				-		array_push($domains, $domain['domain']);
			
 
				-
			
 
				-	return $domains;
			
 
				+	return query('select', 'registry', ['username' => $username], 'domain');
			
 
				 }
			
 
				 
			
 
				 function regCheckDomainPossession($domain) {
			
@@ -29,20 +19,8 @@ function regCheckDomainPossession($domain) {
 
				 }
			
 
				 
			
 
				 function regIsFree($domain) {
			
 
				+	foreach (query('select', 'registry', ['domain' => $domain], 'domain')) {
			
 
				 
			
 
				-	$domainArray[0] = $domain;
			
 
				-
			
 
				-	$db = new PDO('sqlite:' . DB_PATH);
			
 
				-
			
 
				-	$req = $db->prepare('SELECT domain FROM registry WHERE domain = ?');
			
 
				-	$req->execute($domainArray);
			
 
				-
			
 
				-	$data = $req->fetch();
			
 
				-
			
 
				-	if (isset($data['domain'])) {
			
 
				-		return false;
			
 
				-	} else {
			
 
				-		return true;
			
 
				 	}
			
 
				 
			
 
				 }