diff --git a/database/auth.db b/database/auth.db index 7598b13..b9667c8 100644 Binary files a/database/auth.db and b/database/auth.db differ diff --git a/database/live.db b/database/live.db index d7abbac..ef11fe4 100644 Binary files a/database/live.db and b/database/live.db differ diff --git a/database/live.db-shm b/database/live.db-shm deleted file mode 100644 index b35e64d..0000000 Binary files a/database/live.db-shm and /dev/null differ diff --git a/database/live.db-wal b/database/live.db-wal deleted file mode 100644 index bb590ed..0000000 Binary files a/database/live.db-wal and /dev/null differ diff --git a/public/assets/css/dragon.css b/public/assets/css/dragon.css index 66b0f2b..6a2a0c9 100644 --- a/public/assets/css/dragon.css +++ b/public/assets/css/dragon.css @@ -324,6 +324,10 @@ span.badge { background-color: #444c55; color: white; } + + &.green { + background-color: #a6e3a1; + } } .my-1 { margin-bottom: 0.25rem; margin-top: 0.25rem; } @@ -517,3 +521,14 @@ body::-webkit-scrollbar-thumb { border-color: #3D444C #2F353B #2C3137; box-shadow: 0px 1px 0px 0px rgba(255, 255, 255, 0.2) inset; } + +#canvas-container { + & > canvas { + display: block; + width: 100%; + height: 440px; + image-rendering: pixelated; + image-rendering: crisp-edges; + background-color: rgba(0, 0, 0, 0.5); + } +} diff --git a/public/assets/css/forms.css b/public/assets/css/forms.css index 5b77591..7ae6c25 100644 --- a/public/assets/css/forms.css +++ b/public/assets/css/forms.css @@ -86,8 +86,6 @@ & > span.selected { display: none; - margin-left: 1rem; - color: #a6e3a1; } } diff --git a/src/controller/world.php b/src/controller/world.php index ef5c110..de5d989 100644 --- a/src/controller/world.php +++ b/src/controller/world.php @@ -15,42 +15,46 @@ function world_controller_get() */ function world_controller_move_post() { - auth_only_and_must_have_character(); csrf_ensure(); + /* + This endpoint is used to move the character around the world. The client sends a POST request with the direction + they want to move the character. The server will update the character's position in the database and return the + new position to the client. + + We should only be using this endpoint as an AJAX request from the world page. Since we don't need all the character's + data to move them, we can just get and update their lcoation using the user's currently selected character ID. + */ + + ajax_only(); auth_only(); csrf_ensure(); + + define('directions', [ + [0, -1], // Up + [0, 1], // Down + [-1, 0], // Left + [1, 0] // Right + ]); // direction must exist - $direction = $_POST['direction'] ?? false; - - // direction must be valid; 0-3 are sent from the client - if (!is_numeric($direction) || $direction < 0 || $direction > 3 || $direction === false) router_error(999); + $d = (int) $_POST['direction'] ?? -1; // Update the character's position // 0 = up, 1 = down, 2 = left, 3 = right $x = location('x'); $y = location('y'); - switch ($direction) { - case 0: $y--; break; - case 1: $y++; break; - case 2: $x--; break; - case 3: $x++; break; + if (isset(directions[$d])) { + $x += directions[$d][0]; + $y += directions[$d][1]; + } else { + router_error(999); } - // Update the character's position $r = db_query(db_live(), 'UPDATE char_locations SET x = :x, y = :y WHERE char_id = :c', [ ':x' => $x, ':y' => $y, - ':c' => char('id') + ':c' => user('char_id') ]); - // If the query failed, throw an error if ($r === false) throw new Exception('Failed to move character. (wcmp)'); - // If this is an HTMX request, return the new world page - if (is_htmx()) { - echo render('pages/world/base'); - exit; - } - - // Redirect back to the world page - redirect('/world'); + json_response(['x' => $x, 'y' => $y]); } diff --git a/src/helpers.php b/src/helpers.php index 85d0a0b..a17b027 100644 --- a/src/helpers.php +++ b/src/helpers.php @@ -59,12 +59,7 @@ function csrf() */ function csrf_verify($token) { - if (hash_equals($_SESSION['csrf'] ?? '', $token)) { - $_SESSION['csrf'] = token(); - return true; - } - - return false; + return hash_equals($_SESSION['csrf'] ?? '', $token); } /** @@ -196,7 +191,7 @@ function location($field = '') $GLOBALS['location'] = db_query( db_live(), "SELECT * FROM char_locations WHERE char_id = :c", - [':c' => char('id')] + [':c' => user('char_id')] )->fetchArray(SQLITE3_ASSOC); } @@ -254,7 +249,33 @@ function ce($condition, $value, $or = '') /** * Get whether the request is an HTMX request. */ -function is_htmx(): bool +function is_htmx() { return isset($_SERVER['HTTP_HX_REQUEST']); } + +/** + * Get whether the request is an AJAX (fetch) request. + */ +function is_ajax() +{ + return isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest'; +} + +/** + * Limit a request to AJAX only. + */ +function ajax_only() +{ + if (!is_ajax()) router_error(418); +} + +/** + * Return a JSON response with the given data. + */ +function json_response($data) +{ + header('Content-Type: application/json'); + echo json_encode($data); + exit; +} diff --git a/src/util/database.php b/src/util/database.php index 83c6cdc..e7cb560 100644 --- a/src/util/database.php +++ b/src/util/database.php @@ -1,5 +1,7 @@ "> - Active + Active diff --git a/templates/pages/world/base.php b/templates/pages/world/base.php index 55dec50..d7e7095 100644 --- a/templates/pages/world/base.php +++ b/templates/pages/world/base.php @@ -1,113 +1,163 @@ -

World

Use WASD keys to move the character

-

Current location: ,

+

Current location: ,

- - -
- - -
+
+ +
-