Finish install step 1

public/css/dragon.css

@@ -26,6 +26,10 @@ body {
     }
 }
 
+.text-red {
+	color: #d20f39;
+}
+
 .mb-1 {
     margin-bottom: 1rem;
 }

public/install/index.php

@@ -7,7 +7,8 @@ if (installed()) redirect('/');
 
 $db = new Database(DB);
 
-const STEPS = ['first', 'second', 'third', 'fourth', 'fifth'];
+// Define our pages and whitelist the request
+const STEPS = ['first', 'second', 'third'];
 $step = isset($_GET['step']) && in_array($_GET['step'], STEPS) ? $_GET['step'] : 'first';
 
 // Introduction; offer the user two options for installation;
@@ -21,7 +22,7 @@ if ($step == 'first') {
 // Database setup; create tables and default data (if requested)
 if ($step == 'second') {
     $istart = microtime(true); // time the database setup
-    if (!isset($_POST['mode'])) redirect('/install/'); // dont run install if a button wasnt clicked
+    if (!required(['mode'])) redirect('/install/'); // dont run step two if a button wasnt clicked
     $complete = $_POST['mode'] == 'complete'; // complete or partial setup
 
     // Create Control table
@@ -378,7 +379,7 @@ if ($step == 'second') {
             ['name' => 'Breath', 'type' => 1, 'mp' => 25, 'effect' => 'heal:self,50',  'icon' => 'breath.png'],
             ['name' => 'Revive', 'type' => 1, 'mp' => 50, 'effect' => 'heal:self,100', 'icon' => 'revive.png'],
             ['name' => 'Gaia',   'type' => 1, 'mp' => 75, 'effect' => 'heal:self,150', 'icon' => 'gaia.png'  ],
-            
+
             // Type 2 = damage
             ['name' => 'Slash',         'type' => 2, 'mp' => 5,  'effect' => 'damage:opp,10',  'icon' => 'slash.png'    ],
             ['name' => 'Magic Missile', 'type' => 2, 'mp' => 12, 'effect' => 'damage:opp,35',  'icon' => 'missile.png'  ],
@@ -431,8 +432,8 @@ if ($step == 'second') {
         ]);
     }
 
-    // Create Users table
-    $db->table('users')->create([
+    // Create Players table
+    $db->table('players')->create([
         'id INTEGER PRIMARY KEY',
         'username TEXT NOT NULL',
         'password TEXT NOT NULL',
@@ -469,7 +470,7 @@ if ($step == 'second') {
     // Create Fights table
     $db->table('fights')->create([
         'id INTEGER PRIMARY KEY',
-        'user_id INTEGER DEFAULT 1',
+        'player_id INTEGER DEFAULT 1',
         'monster_id INTEGER DEFAULT 1',
         'turn INTEGER DEFAULT 1',
         'user_hp INTEGER DEFAULT 0',
@@ -484,6 +485,41 @@ if ($step == 'second') {
         'monster_sleep INTEGER DEFAULT 0',
     ]);
 
-    echo render('install/layout', ['title' => 'Database', 'step' => 'second', 'complete' => $complete]);
+    echo render('install/layout', ['title' => 'Database Setup', 'step' => 'second', 'complete' => $complete, 'start' => $istart]);
     exit;
 }
+
+// Admin account; create it from the provided info
+if ($step == 'third') {
+	$errors = [];
+
+    if (!required(['username', 'password', 'email'])) {
+        $errors[] = 'All fields are required.';
+    } else {
+	   	if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
+			$errors[] = 'Invalid email address format.';
+		}
+
+		if (strlen($_POST['password']) < 6) {
+			$errors[] = 'Password must be at least 6 characters long.';
+		}
+    }
+
+    $class = isset($_POST['class']) && in_array($_POST['class'], [1, 2, 3]) ? $_POST['class'] : 0;
+
+	if (!empty($errors)) {
+		echo render('install/layout', ['title' => 'Admin Account', 'step' => 'third', 'errors' => $errors, 'complete' => $_POST['complete'] ?? false]);
+		exit;
+	}
+
+	$db->table('players')->insert([
+		'username' => trim($_POST['username']),
+		'password' => password_hash($_POST['password'], PASSWORD_ARGON2ID),
+		'email' => trim($_POST['email']),
+		'class' => $class,
+		'role' => 5
+	]);
+
+	echo render('install/layout', ['title' => 'Finished!', 'step' => 'done', 'name' => $_POST['username'], 'complete' => $_POST['complete'] ?? false]);
+	exit;
+}

server/lib.php

@@ -1,5 +1,11 @@
 <?php // lib.php :: Common functions used throughout the program.
 
+// A stopwatch function to return the elapsed time in seconds.
+function stopwatch(float $start, int $roundTo = 3): float
+{
+    return round(microtime(true) - $start, $roundTo);
+}
+
 // Redirect to another page.
 function redirect(string $url): void
 {
@@ -30,6 +36,23 @@ function render(string $baseView, array $data = []): string
     return ob_get_clean();
 }
 
+// Checks if all required POST variables are set.
+function required(array $keys): bool
+{
+    foreach ($keys as $key) {
+        if (!isset($_POST[$key]) || empty($_POST[$key])) return false;
+    }
+    return true;
+}
+
+function dd(mixed $var, bool $r = false)
+{
+	echo '<pre>';
+	$r ? print_r($var) : var_dump($var);
+	echo '</pre>';
+	exit;
+}
+
 
 function gettemplate($templatename) { // SQL query for the template.
 

server/templates/install/done.php

@@ -0,0 +1,14 @@
+<p class="mb-1">
+	Congratulations, <?= $name ?>! Your installation is complete. Dragon Knight is ready to go.
+	All that's left is to log in and start playing. <?php if (!$complete): ?>Once you've set the 
+	classes in the admin panel, you can assign yourself one.<?php endif; ?>
+</p>
+
+<p class="mb-1">
+	<a href="/">Click here to log in.</a>
+</p>
+
+<p>
+	We'd love if you were to join the Sharkk community and let us know what you think!
+	@TODO
+</p>

server/templates/install/partials/adminForm.php

@@ -0,0 +1,31 @@
+<form action="/install/?step=third" method="post" style="max-width: 300px;">
+    <input type="hidden" name="complete" value="<?= $complete ? "true" : "false" ?>">
+
+    <div class="form-group">
+        <label for="username">Username</label>
+        <input type="text" name="username" id="username">
+    </div>
+
+    <div class="form-group">
+        <label for="password">Password</label>
+        <input type="password" name="password" id="password" required>
+    </div>
+
+    <div class="form-group">
+        <label for="email">Email</label>
+        <input type="email" name="email" id="email" required>
+    </div>
+
+    <?php if ($complete): ?>
+        <div class="form-group">
+            <label for="class">Class</label>
+            <select name="class" id="class">
+                <option value="1">Mage</option>
+                <option value="2">Paladin</option>
+                <option value="3">Warrior</option>
+            </select>
+        </div>
+    <?php endif; ?>
+
+    <button type="submit" name="submit">Submit</button>
+</form>

server/templates/install/second.php

@@ -1,5 +1,6 @@
 <p class="mb-1">
     If you're seeing this page with no errors, then database setup is complete!
+    It took about <?= stopwatch($start) ?> seconds.
 </p>
 
 <?php if ($complete): ?>
@@ -21,32 +22,4 @@
     panel.<?php endif; ?>
 </p>
 
-<form action="/install/?step=third" method="post" style="max-width: 300px;">
-    <div class="form-group">
-        <label for="username">Username</label>
-        <input type="text" name="username" id="username" required>
-    </div>
-
-    <div class="form-group">
-        <label for="password">Password</label>
-        <input type="password" name="password" id="password" required>
-    </div>
-
-    <div class="form-group">
-        <label for="email">Email</label>
-        <input type="email" name="email" id="email" required>
-    </div>
-
-    <?php if ($complete): ?>
-        <div class="form-group">
-            <label for="class">Class</label>
-            <select name="class" id="class">
-                <option value="1">Mage</option>
-                <option value="2">Paladin</option>
-                <option value="3">Warrior</option>
-            </select>
-        </div>
-    <?php endif; ?>
-
-    <button type="submit" name="submit">Submit</button>
-</form>
+<?= render('install/partials/adminForm', ['complete' => $complete]) ?>

server/templates/install/third.php

@@ -0,0 +1,12 @@
+<p class="mb-1">
+	It looks like we encountered some errors with the info provided for your
+	admin account. Let's try that again.
+</p>
+
+<?php
+foreach ($errors as $error) {
+	echo '<p class="mb-1 text-red">' . $error . '</p>';
+}
+?>
+
+<?= render('install/partials/adminForm', ['complete' => $complete]) ?>