Merge pull request #15 from Dominik-developer/V1.2.0->main

Update for V1.2.0

Author: Dominik-developer

CHANGELOG.md

@@ -2,18 +2,37 @@
 
 All notable changes to this project will be documented in this file.
 
-## v1.0.0 – First Release
+## New in v1.2.0
 
-### New in v1.0.0
-
-The project is ready for use but is still evolving. Work is ongoing to fix bugs and address security issues.
+Changes since 1.1.0
 
 ### Added
 <!-- - Initial examples of added changelog entries. -->
+
+`/root`
+1 - themes folder
+
+`/public`
+1 - cookies for users,
+2 - tables for cookies added
+3 - JS folder
+4 - popout for cookies
+5 - collecting data for analytics
+
+`/admin`
+1 - added 2 new windows: theme and analytics
+2 - build algo to change theme in db
 .....
 
 ### Changed
 <!-- - Improved existing changelog entries for consistency. -->
+
+`/public`
+1 - structure of /public fixes
+
+`/admin`
+1 - chagne name of setting window,function to password
+2 - error function
 .....
 
 ### Fixed

HOW_TO_RUN.md

@@ -8,9 +8,9 @@ CorelyPHP is a ready-to-deploy blogging platform designed for efficient web deve
 
 Before you begin, ensure you have the following installed:
 
-- PHP (>= 8.0)
-- MySQL (or another compatible database)
-- XAMPP
+- PHP (>= 8.2) (8.0+ also should be fine but not tested) <!--(in XAMPP/MAMP)-->
+- MySQL (or another compatible database) <!--(in XAMPP/MAMP)-->
+- XAMPP / MAMP
 - Git
 
 ## Installation
@@ -25,9 +25,9 @@ Before you begin, ensure you have the following installed:
 2. Set up the database:
 
    - Open phpMyAdmin in your browser (`http://localhost/phpmyadmin`).
-   - Import the SQL files located in the `sql` folder:
-     - Create a new database by importing `database_structure.sql`
-     - Add the `database_data.sql`
+   - Import the SQL files located in the `SQL` folder:
+     - Create a new database by importing `blog_DB_structure.sql`
+     - Add the `blog_DB_data.sql`
 
 3. Start the development server using XAMPP:
 

README.md

@@ -15,6 +15,7 @@ All files are divided into the following sections:
 - **`articles_photos/`** - Holds photos for articles
 - **`docs/`** – Holds documentation  
 - **`public/`** – Contains user-facing files  
+- **`themes/`** – Contains themes for client front-end
 
 This structured approach helps prevent backend modifications while rebuilding the frontend. The only challenge is the integration of PHP functions that generate HTML dynamically, but this can be adjusted when refining queries and templates.
 
@@ -43,6 +44,6 @@ For more details on the project, check out the following files:
 - 🌍 **[CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)** – Community guidelines  
 - 🙌 **[SUPPORT.md](SUPPORT.md)** – Support for community
 
-## **Current Version: v1.1.0**
+## **Current Version: v1.2.0**
 
 The versioning system ensures clarity on stable releases. Minor patches may not require immediate updates, but always check the **CHANGELOG.md** for details on new features and fixes.

SECURITY.md

@@ -2,8 +2,6 @@
 
 ‼️ Security suggestions should be treated as invalid, not as vulnerabilities.
 
-## Security Policy
-
 * **Latest Releases:** The newest release, currently version v1.1.0, is the only version receiving active security updates. We strongly recommend using the latest version whenever possible.
 
 * **Review Changelog for Updates:** For minor updates or changes, please refer to the changelog to understand what has been updated or fixed.
@@ -26,6 +24,7 @@
 | v0.1.0-beta   | :negative_squared_cross_mark: |
 | v1.0.0        | :negative_squared_cross_mark: |
 | v1.1.0        | :white_check_mark: |
+| v1.2.0        | :white_check_mark: |
 
 ## Reporting a Vulnerability
 

admin/algo/dashboard.alg.php

@@ -7,9 +7,9 @@
     exit();
 }
 
-function dashboard_data(): string {
+function dashboard_data(): void {
 
-    return'
+    echo'
         <div id="hello">
             Welcome on admin panel for your blog!
             <br>

admin/algo/new_theme.alg.php

@@ -0,0 +1,6 @@
+<?php
+
+//new themes algo
+
+// adds new themes do db 
+

admin/algo/password.alg.php

@@ -21,9 +21,9 @@
     if ($_POST['newPass'] == $_POST['newPassAgain']) {
 
         if ($conn->connect_errno!=0) {
-            $_SESSION['message'] = 'connection to db fail';
+            $_SESSION['message'] = 'Connection to db fail.';
             #echo 'Error: '.$conn->connect_error;
-            header('Location: ../panel.php?window=settings');
+            header('Location: ../panel.php?window=password');
             exit();
         }else{
 
@@ -48,44 +48,46 @@
                         $stmt = $conn->prepare($sql);
 
                         if (!$stmt) {
-                            die("Error during prepearing statement: " . $conn->error);
+                            $_SESSION['message'] = 'Error during prepearing statement:' . $conn->error . '.';
+                            header('Location: ../panel.php?window=password');
                         }
 
                         $stmt->bind_param("si", $password_hash, $ID);
 
                         if ($stmt->execute()) {
                             $_SESSION['message'] = 'Password changed successfully.';
-                            header('Location: ../panel.php?window=settings');
-                            echo $_SERVER['message'];
+                            header('Location: ../panel.php?window=password');
                         } else {
                             $_SESSION['message'] = 'Error: something went wrong during updating password.<br>'; //$stmt->error;
-                            echo $_SERVER['message'];
+                            header('Location: ../panel.php?window=password');
                         }
 
                         $stmt->close();
                         $conn->close();
 
                     } else {
-                        $_SESSION['message'] = 'Old password is wrong';
-                        header('Location: ../panel.php?window=settings');
+                        $_SESSION['message'] = 'Old password is wrong.';
+                        header('Location: ../panel.php?window=password');
                     }
 
                 } else {
-                    $_SESSION['message'] = 'more rows found than needed';
-                    header('Location: ../panel.php?window=settings');
+                    $_SESSION['message'] = 'More rows found than needed.';
+                    header('Location: ../panel.php?window=password');
                 }
             }
             $conn->close();
+            $_SESSION['message'] = 'Error fetching data.';
+            header('Location: ../panel.php?window=password');
             exit();
         }
     } else {
-        $_SESSION['message'] = 'new password different than one written again ';
-        header('Location: ../panel.php?window=settings');
+        $_SESSION['message'] = 'New password different than one written again.';
+        header('Location: ../panel.php?window=password');
         exit();   
     }
 
 } else {
-    $_SESSION['message'] = 'POST table doesnt have all data';
-    header('Location: panel.php?window=settings');
+    $_SESSION['message'] = 'POST table doesnt have all data.';
+    header('Location: panel.php?window=password');
     exit(); 
 }

admin/algo/service_status.alg.php

@@ -17,7 +17,7 @@
 $conn = @new mysqli($host, $db_user, $db_password, $db_name);
 
 if ($conn->connect_errno!=0) {
-    $_SESSION['message'] = 'connection do db fail';
+    $_SESSION['message'] = 'Connection do db fail.';
     header('Location: ../panel.php?window=service-break');
     exit();
 }
@@ -33,15 +33,19 @@
         if ($stmt->execute()) {
             if ($stmt->affected_rows > 0) {
                 $_SESSION['message'] = 'Service status value changed successfully.';
+                header('Location: ../panel.php?window=service-break');
             } else {
                 $_SESSION['message'] = 'Error during updating: row ID error.<!--No rows updated, check the ID.-->';
+                header('Location: ../panel.php?window=service-break');
             }
         } else {
             $_SESSION['message'] = 'Something went wrong during updating status.';
+            header('Location: ../panel.php?window=service-break');
         }
         $stmt->close();
     } else {
         $_SESSION['message'] = 'Failed to prepare the SQL statement.';
+        header('Location: ../panel.php?window=service-break');
     }
 
 } else {

admin/algo/theme.alg.php

@@ -0,0 +1,64 @@
+<?php
+
+declare(strict_types=1);
+
+if (session_status() == PHP_SESSION_NONE) {
+    session_start();
+}
+
+if(!isset ($_SESSION['adminLoged']))
+{
+    header('Location: ../panel.login.php');
+    exit();
+}
+
+function updateUserTheme($newTheme): void {
+
+    require '../panel.connect.php';
+
+    $conn = new mysqli($host, $db_user, $db_password, $db_name);
+
+    if ($conn->connect_errno) {
+        $_SESSION['message'] = 'Connection failed: '.$conn->connect_error;
+        header('Location: ../panel.php?window=themes');
+        exit();
+    }
+ 
+    $query = "UPDATE `settings` SET `value` = ? WHERE `name` = 'active_theme'";
+    
+    $stmt = $conn->prepare($query);
+    if (!$stmt) {
+        $_SESSION['message'] = 'Error prep query: '.$conn->error;
+        header('Location: ../panel.php?window=themes');
+        exit();
+    }
+
+    $stmt->bind_param("s", $newTheme);
+    if (!$stmt->execute()) {
+        $_SESSION['message'] = 'Error during query: '.$stmt->error;
+        header('Location: ../panel.php?window=themes');
+        exit();
+    }
+
+    $stmt->close();
+    $conn->close();
+}
+
+include dirname(__DIR__, 2) . '/themes/handlers/index.php';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['theme'])) {
+    $newTheme = $_POST['theme'];
+    
+    if (in_array($newTheme, getAvailableThemes())) {
+
+        updateUserTheme($newTheme);
+
+        $_SESSION['message'] = 'Theme changed to: '.htmlspecialchars($newTheme);
+        header('Location: ../panel.php?window=themes');
+        exit();
+    } else {
+        $_SESSION['message'] = 'Invalid theme!';
+        header('Location: ../panel.php?window=themes');
+        exit();
+    }
+}

admin/panel.connect.php

@@ -2,7 +2,7 @@
 
     $host = "localhost";
     $db_user = "root";
-    $db_password ="";
+    $db_password ="root";
     $db_name = "blog";