From 2801550bddbdc73043018de9884a541d97543bf3 Mon Sep 17 00:00:00 2001
From: Sky Johnson <skylearj@gmail.com>
Date: Fri, 13 Dec 2024 17:28:51 -0600
Subject: [PATCH] Switch babblebox and map to new render model. Add positioning
 dot to map.

---
 public/index.php        |  36 ++++++-----
 src/lib.php             |  29 ++++++++-
 templates/babblebox.php |  26 ++++++--
 templates/minimal.php   | 129 ++++++++++++++++++++--------------------
 4 files changed, 133 insertions(+), 87 deletions(-)

diff --git a/public/index.php b/public/index.php
index dad8448..891f829 100644
--- a/public/index.php
+++ b/public/index.php
@@ -168,7 +168,7 @@ function showchar()
     if ($userrow["magiclist"] == "") $userrow["magiclist"] = "None";
 
     $array = ["content" => parsetemplate(gettemplate("showchar"), $userrow), "title" => "Character Information"];
-    echo parsetemplate("<html>\n" . gettemplate("minimal"), $array);
+    echo render('minimal', $array);
 }
 
 function onlinechar($id)
@@ -204,31 +204,39 @@ function onlinechar($id)
 
 function showmap()
 {
-    $array = ["content" => "<center><img src=\"/img/map.gif\" alt=\"Map\" /></center>", "title" => "Map"];
-    echo parsetemplate("<html>\n" . gettemplate("minimal"), $array);
+	global $userrow;
+
+	$pos = sprintf(
+		'<div style="position: absolute; width: 5px; height: 5px; border-radius: 1000px; border: solid 1px black; background-color: red; left: %dpx; top: %dpx;"></div>',
+		round(258 + $userrow['longitude'] * (500 / 500) - 3),
+		round(258 - $userrow['latitude'] * (500 / 500) - 3)
+	);
+
+    echo render('minimal', [
+		'content' => '<img src="/img/map.gif" alt="Map">'.$pos,
+		'title' => 'Map'
+	]);
 }
 
+/**
+ * Either render the latest 40 chats to the babblebox, or add a chat to it and redirect. This is used
+ * within an iframe.
+ */
 function babblebox()
 {
     global $userrow;
 
-    if (isset($_POST["babble"])) {
-        $safecontent = makesafe($_POST["babble"]);
+    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+        $safecontent = make_safe($_POST["babble"]);
         if (!empty($safecontent)) {
-			db()->query('INSERT INTO babble (posttime, author, babble) VALUES (CURRENT_TIMESTAMP, ?, ?);', [$userrow['username'], $safecontent]);
+			db()->query('INSERT INTO babble (posttime, author, babble) VALUES (CURRENT_TIMESTAMP, ?, ?);',
+				[$userrow['username'], $safecontent]);
 		}
         redirect('/babblebox');
     }
 
-    $babblebox['content'] = '';
 	$query = db()->query('SELECT * FROM babble ORDER BY id DESC LIMIT 40;');
-    while ($babblerow = $query->fetchArray(SQLITE3_ASSOC)) {
-        $new = "<div class=\"message\">[<b>{$babblerow["author"]}</b>] {$babblerow["babble"]}</div>\n";
-        $babblebox["content"] = $new . $babblebox["content"];
-    }
-    $babblebox["content"] .= '<form action="/babblebox" method="post" style="margin-top: 1rem;"><input type="text" name="babble" maxlength="255" style="width: 100%;"><br><input type="submit" name="submit" value="Babble"><input type="reset" name="reset" value="Clear"></form>';
-
-    echo parsetemplate("<html>\n" . gettemplate("babblebox"), $babblebox);
+	echo render('babblebox', ['messages' => $query]);
 }
 
 /**
diff --git a/src/lib.php b/src/lib.php
index c94785f..e9219fd 100644
--- a/src/lib.php
+++ b/src/lib.php
@@ -24,6 +24,26 @@ function redirect(string $location): void
 	exit;
 }
 
+/**
+ * Return the path to a view file.
+ */
+function template(string $name): string
+{
+	return "../templates/$name.php";
+}
+
+/**
+ * Render a view with the given data. Looks for `$path_to_base_view` through `template()`. Can be used redundantly
+ * within the template.
+ */
+function render(string $path_to_base_view, array $data = []): string|false
+{
+	ob_start();
+	extract($data);
+	require template($path_to_base_view);
+	return ob_get_clean();
+}
+
 function gettemplate($templatename) { // SQL query for the template.
 
     $filename = __DIR__ . "/../templates/" . $templatename . ".php";
@@ -66,8 +86,12 @@ function is_email($email) { // Thanks to "mail(at)philipp-louis.de" from php.net
 
 }
 
-function makesafe($d) {
-	return htmlentities($d);
+/**
+ * Use htmlentities with UTF-8 encoding to ensure we're only outputting healthy, safe and effective HTML.
+ */
+function make_safe(string $content): string
+{
+	return htmlentities($content, ENT_QUOTES, 'UTF-8');
 }
 
 /**
@@ -559,3 +583,4 @@ function guest_only(): void
 {
 	if (checkcookies()) redirect('/login');
 }
+
diff --git a/templates/babblebox.php b/templates/babblebox.php
index 8c2387b..d584d98 100644
--- a/templates/babblebox.php
+++ b/templates/babblebox.php
@@ -1,10 +1,9 @@
-<?php
-$template = <<<HTML
+<html lang="en">
 <head>
 	<title>Babblebox</title>
 	<style type="text/css">
 		body {
-			background-image: url(/img/background.jpg);
+			background-image: url('/img/background.jpg');
 			color: black;
 			font: 11px verdana;
 			margin: 0px;
@@ -37,8 +36,23 @@ $template = <<<HTML
 		}
 	</style>
 </head>
-<body onload="window.scrollTo(0,99999)">
-	{{content}}
+
+<body onload="window.scrollTo(0, 99999)">
+	<?php
+		$has_chats = false;
+		while ($row = $messages->fetchArray(SQLITE3_ASSOC)):
+			$has_chats = true;
+	?>
+			<div class="message">[<b><?= $row['author'] ?></b>] <?= $row['babble'] ?></div>
+	<?php
+		endwhile;
+		if (!$has_chats) echo 'There are no messages. :(';
+	?>
+
+	<form action="/babblebox" method="post" style="margin-top: 1rem;">
+		<input type="text" name="babble" maxlength="255" style="width: 100%;"><br>
+		<input type="submit" name="submit" value="Babble">
+		<input type="reset" name="reset" value="Clear">
+	</form>
 </body>
 </html>
-HTML;
diff --git a/templates/minimal.php b/templates/minimal.php
index 52312a4..56f4d5a 100644
--- a/templates/minimal.php
+++ b/templates/minimal.php
@@ -1,68 +1,67 @@
-<?php
-$template = <<<THEVERYENDOFYOU
+<html lang="en">
 <head>
-<title>{{title}}</title>
-<style type="text/css">
-body {
-  background-image: url(/img/background.jpg);
-  color: black;
-  font: 11px verdana;
-}
-table {
-  border-style: none;
-  padding: 0px;
-  font: 11px verdana;
-}
-td {
-  border-style: none;
-  padding: 3px;
-  vertical-align: top;
-}
-td.top {
-  border-bottom: solid 2px black;
-}
-td.left {
-  width: 150px;
-  border-right: solid 2px black;
-}
-td.right {
-  width: 150px;
-  border-left: solid 2px black;
-}
-a {
-    color: #663300;
-    text-decoration: none;
-    font-weight: bold;
-}
-a:hover {
-    color: #330000;
-}
-.small {
-  font: 10px verdana;
-}
-.highlight {
-  color: red;
-}
-.light {
-  color: #999999;
-}
-.title {
-  border: solid 1px black;
-  background-color: #eeeeee;
-  font-weight: bold;
-  padding: 5px;
-  margin: 3px;
-}
-.copyright {
-  border: solid 1px black;
-  background-color: #eeeeee;
-  font: 10px verdana;
-}
-</style>
+	<title><?= $title ?></title>
+	<style type="text/css">
+		body {
+			background-image: url(/img/background.jpg);
+			color: black;
+			font: 11px verdana;
+		}
+		table {
+			border-style: none;
+			padding: 0px;
+			font: 11px verdana;
+		}
+		td {
+			border-style: none;
+			padding: 3px;
+			vertical-align: top;
+		}
+		td.top {
+			border-bottom: solid 2px black;
+		}
+		td.left {
+			width: 150px;
+			border-right: solid 2px black;
+		}
+		td.right {
+			width: 150px;
+			border-left: solid 2px black;
+		}
+		a {
+		color: #663300;
+			text-decoration: none;
+			font-weight: bold;
+		}
+		a:hover {
+			color: #330000;
+		}
+		.small {
+			font: 10px verdana;
+		}
+		.highlight {
+			color: red;
+		}
+		.light {
+			color: #999999;
+		}
+		.title {
+			border: solid 1px black;
+			background-color: #eeeeee;
+			font-weight: bold;
+			padding: 5px;
+			margin: 3px;
+		}
+		.copyright {
+			border: solid 1px black;
+			background-color: #eeeeee;
+			font: 10px verdana;
+		}
+	</style>
 </head>
-<body><center>
-{{content}}
-</center></body>
+<body>
+	<center>
+		<?= $content ?>
+	</center>
+</body>
 </html>
-THEVERYENDOFYOU;
-?>