Switch babblebox and map to new render model. Add positioning dot to map.

public/index.php

@@ -40,8 +40,7 @@ $r->get('/spell/:id', 'healspells');
 $r->get('/showchar', 'showchar');
 $r->get('/onlinechar/:id', 'onlinechar');
 $r->get('/showmap', 'showmap');
-$r->get('/babblebox', 'babblebox');
+$r->form('/babblebox', 'babblebox');
-$r->post('/babblebox', 'babblebox');
 
 // [code, handler, params, middleware]
 $l = $r->lookup($_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI']);
@@ -169,7 +168,7 @@ function showchar()
     if ($userrow["magiclist"] == "") $userrow["magiclist"] = "None";
 
     $array = ["content" => parsetemplate(gettemplate("showchar"), $userrow), "title" => "Character Information"];
-    echo parsetemplate("<html>\n" . gettemplate("minimal"), $array);
+    echo render('minimal', $array);
 }
 
 function onlinechar($id)
@@ -205,31 +204,39 @@ function onlinechar($id)
 
 function showmap()
 {
-    $array = ["content" => "<center><img src=\"/img/map.gif\" alt=\"Map\" /></center>", "title" => "Map"];
+	global $userrow;
-    echo parsetemplate("<html>\n" . gettemplate("minimal"), $array);
+
+	$pos = sprintf(
+		'<div style="position: absolute; width: 5px; height: 5px; border-radius: 1000px; border: solid 1px black; background-color: red; left: %dpx; top: %dpx;"></div>',
+		round(258 + $userrow['longitude'] * (500 / 500) - 3),
+		round(258 - $userrow['latitude'] * (500 / 500) - 3)
+	);
+
+    echo render('minimal', [
+		'content' => '<img src="/img/map.gif" alt="Map">'.$pos,
+		'title' => 'Map'
+	]);
 }
 
+/**
+ * Either render the latest 40 chats to the babblebox, or add a chat to it and redirect. This is used
+ * within an iframe.
+ */
 function babblebox()
 {
     global $userrow;
 
-    if (isset($_POST["babble"])) {
+    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-        $safecontent = makesafe($_POST["babble"]);
+        $safecontent = make_safe($_POST["babble"]);
         if (!empty($safecontent)) {
-			db()->query('INSERT INTO babble (posttime, author, babble) VALUES (CURRENT_TIMESTAMP, ?, ?);', [$userrow['username'], $safecontent]);
+			db()->query('INSERT INTO babble (posttime, author, babble) VALUES (CURRENT_TIMESTAMP, ?, ?);',
+				[$userrow['username'], $safecontent]);
 		}
         redirect('/babblebox');
     }
 
-    $babblebox['content'] = '';
 	$query = db()->query('SELECT * FROM babble ORDER BY id DESC LIMIT 40;');
-    while ($babblerow = $query->fetchArray(SQLITE3_ASSOC)) {
+	echo render('babblebox', ['messages' => $query]);
-        $new = "<div class=\"message\">[<b>{$babblerow["author"]}</b>] {$babblerow["babble"]}</div>\n";
-        $babblebox["content"] = $new . $babblebox["content"];
-    }
-    $babblebox["content"] .= '<form action="/babblebox" method="post" style="margin-top: 1rem;"><input type="text" name="babble" maxlength="255" style="width: 100%;"><br><input type="submit" name="submit" value="Babble"><input type="reset" name="reset" value="Clear"></form>';
-
-    echo parsetemplate("<html>\n" . gettemplate("babblebox"), $babblebox);
 }
 
 /**

src/actions/admin.php

@@ -11,31 +11,31 @@ function register_routes(Router $r): Router
 	global $userrow;
 	if (isset($userrow) && $userrow !== false && $userrow['authlevel'] === 1) {
 		$r->get('/admin', 'Admin\donothing');
-		$r->get('/admin/main', 'Admin\primary');
+
-		$r->post('/admin/main', 'Admin\primary');
+		$r->form('/admin/main', 'Admin\primary');
+
 		$r->get('/admin/items', 'Admin\items');
-		$r->get('/admin/items/:id', 'Admin\edititem');
+		$r->form('/admin/items/:id', 'Admin\edititem');
-		$r->post('/admin/items/:id', 'Admin\edititem');
+
 		$r->get('/admin/drops', 'Admin\drops');
-		$r->get('/admin/drops/:id', 'Admin\editdrop');
+		$r->form('/admin/drops/:id', 'Admin\editdrop');
-		$r->post('/admin/drops/:id', 'Admin\editdrop');
+
 		$r->get('/admin/towns', 'Admin\towns');
-		$r->get('/admin/towns/:id', 'Admin\edittown');
+		$r->form('/admin/towns/:id', 'Admin\edittown');
-		$r->post('/admin/towns/:id', 'Admin\edittown');
+
 		$r->get('/admin/monsters', 'Admin\monsters');
-		$r->get('/admin/monsters/:id', 'Admin\editmonster');
+		$r->form('/admin/monsters/:id', 'Admin\editmonster');
-		$r->post('/admin/monsters/:id', 'Admin\editmonster');
+
 		$r->get('/admin/level', 'Admin\levels');
-		$r->get('/admin/level/:id', 'Admin\editlevel');
+		$r->form('/admin/level/:id', 'Admin\editlevel');
-		$r->post('/admin/level/:id', 'Admin\editlevel');
+
 		$r->get('/admin/spells', 'Admin\spells');
-		$r->get('/admin/spells/:id', 'Admin\editspell');
+		$r->form('/admin/spells/:id', 'Admin\editspell');
-		$r->post('/admin/spells/:id', 'Admin\editspell');
+
 		$r->get('/admin/users', 'Admin\users');
-		$r->get('/admin/users/:id', 'Admin\edituser');
+		$r->form('/admin/users/:id', 'Admin\edituser');
-		$r->post('/admin/users/:id', 'Admin\edituser');
+
-		$r->get('/admin/news', 'Admin\addnews');
+		$r->form('/admin/news', 'Admin\addnews');
-		$r->post('/admin/news', 'Admin\addnews');
 	}
 	return $r;
 }
@@ -318,7 +318,7 @@ function edittown($id)
         if ($mp < 0) $errors[] = "Map price must be a number greater than or equal to 0.";
         if ($tp < 0) $errors[] = "Travel points must be a number greater than or equal to 0.";
 
-        if ($errors == 0) {
+        if (count($errors) === 0) {
 			db()->query('UPDATE towns SET name=?, latitude=?, longitude=?, innprice=?, mapprice=?, travelpoints=?, itemslist=? WHERE id=?;', [
 				$n, $la, $lo, $ip, $mp, $tp, $il, $id
 			]);

src/actions/fight.php

@@ -8,11 +8,9 @@ use Router;
 
 function register_routes(Router $r): Router
 {
-	$r->get('/fight', 'Fights\fight');
+	$r->form('/fight', 'Fights\fight');
-	$r->post('/fight', 'Fights\fight');
 	$r->get('/victory', 'Fights\victory');
-	$r->get('/drop', 'Fights\drop');
+	$r->form('/drop', 'Fights\drop');
-	$r->post('/drop', 'Fights\drop');
 	$r->get('/dead', 'Fights\dead');
 	return $r;
 }

src/actions/forum.php

@@ -9,8 +9,7 @@ use Router;
 function register_routes(Router $r): Router
 {
 	$r->get('/forum/thread/:x/:x', 'Forum\showthread');
-	$r->get('/forum/new', 'Forum\newthread');
+	$r->form('/forum/new', 'Forum\newthread');
-	$r->post('/forum/new', 'Forum\newthread');
 	$r->post('/forum/reply', 'Forum\reply');
 	$r->get('/forum/list/:x', 'Forum\donothing');
 	$r->get('/forum', 'Forum\donothing');

src/actions/towns.php

@@ -8,8 +8,7 @@ use Router;
 
 function register_routes(Router $r): Router
 {
-	$r->get('/inn', 'Towns\inn');
+	$r->form('/inn', 'Towns\inn');
-	$r->post('/inn', 'Towns\inn');
 	$r->get('/buy', 'Towns\buy');
 	$r->get('/buy2/:id', 'Towns\buy2');
 	$r->post('/buy3/:id', 'Towns\buy3');

src/actions/users.php

@@ -6,17 +6,12 @@ use Router;
 
 function register_routes(Router $r): Router
 {
-	$r->get('/login', 'Users\login');
+	$r->form('/login', 'Users\login');
-	$r->post('/login', 'Users\login');
 	$r->get('/logout', 'Users\logout');
-	$r->get('/register', 'Users\register');
+	$r->form('/register', 'Users\register');
-	$r->post('/register', 'Users\register');
+	$r->form('/lostpassword', 'Users\lostpassword');
-	$r->get('/lostpassword', 'Users\lostpassword');
+	$r->form('/changepassword', 'Users\changepassword');
-	$r->post('/lostpassword', 'Users\lostpassword');
+	$r->form('/verify', 'Users\verify');
-	$r->get('/changepassword', 'Users\changepassword');
-	$r->post('/changepassword', 'Users\changepassword');
-	$r->get('/verify', 'Users\verify');
-	$r->post('/verify', 'Users\verify');
 	return $r;
 }
 

src/lib.php

@@ -2,9 +2,10 @@
 
 require_once __DIR__ . '/database.php';
 
-define('VERSION', '1.2.3');
+define('VERSION', '1.2.5');
 define('BUILD', 'Reawaken');
 define('START', microtime(true));
+define('DEBUG', true);
 
 /**
  * Open or get SQLite database connection.
@@ -23,6 +24,26 @@ function redirect(string $location): void
 	exit;
 }
 
+/**
+ * Return the path to a view file.
+ */
+function template(string $name): string
+{
+	return "../templates/$name.php";
+}
+
+/**
+ * Render a view with the given data. Looks for `$path_to_base_view` through `template()`. Can be used redundantly
+ * within the template.
+ */
+function render(string $path_to_base_view, array $data = []): string|false
+{
+	ob_start();
+	extract($data);
+	require template($path_to_base_view);
+	return ob_get_clean();
+}
+
 function gettemplate($templatename) { // SQL query for the template.
 
     $filename = __DIR__ . "/../templates/" . $templatename . ".php";
@@ -65,8 +86,12 @@ function is_email($email) { // Thanks to "mail(at)philipp-louis.de" from php.net
 
 }
 
-function makesafe($d) {
+/**
-	return htmlentities($d);
+ * Use htmlentities with UTF-8 encoding to ensure we're only outputting healthy, safe and effective HTML.
+ */
+function make_safe(string $content): string
+{
+	return htmlentities($content, ENT_QUOTES, 'UTF-8');
 }
 
 /**
@@ -211,7 +236,8 @@ function display($content, $title, $topnav=true, $leftnav=true, $rightnav=true,
         "totaltime"  => round(getmicrotime() - START, 4),
         "numqueries" => db()->count,
         "version"    => VERSION,
-        "build"      => BUILD
+        "build"      => BUILD,
+		"querylog"   => DEBUG ? '<pre>'.print_r(db()->log, true).'</pre>' : ''
 	]);
 
     echo "<html>\n" . $page;
@@ -557,3 +583,4 @@ function guest_only(): void
 {
 	if (checkcookies()) redirect('/login');
 }
+

src/router.php

@@ -151,6 +151,32 @@ class Router
 		return $this->add('PATCH', $route, $handler);
 	}
 
+	/**
+	 * Register multiple verbs to the same route.
+	 */
+	public function many(array $methods, string $route, callable $handler): Router
+	{
+		foreach ($methods as $method) $this->add($method, $route, $handler);
+		return $this;
+	}
+
+	/**
+	 * Register all verbs to the same route.
+	 */
+	public function any(string $route, callable $handler): Router
+	{
+		foreach (SELF::VALID_METHODS as $method) $this->add($method, $route, $handler);
+		return $this;
+	}
+
+	/**
+	 * Some pages function entirely as forms; thus we can shorthand a GET/POST route.
+	 */
+	public function form(string $route, callable $handler): Router
+	{
+		return $this->many(['GET', 'POST'], $route, $handler);
+	}
+
 	/**
 	 * Validate the given method against valid HTTP verbs.
 	 */

templates/babblebox.php

@@ -1,10 +1,9 @@
-<?php
+<html lang="en">
-$template = <<<HTML
 <head>
 	<title>Babblebox</title>
 	<style type="text/css">
 		body {
-			background-image: url(/img/background.jpg);
+			background-image: url('/img/background.jpg');
 			color: black;
 			font: 11px verdana;
 			margin: 0px;
@@ -37,8 +36,23 @@ $template = <<<HTML
 		}
 	</style>
 </head>
+
 <body onload="window.scrollTo(0, 99999)">
-	{{content}}
+	<?php
+		$has_chats = false;
+		while ($row = $messages->fetchArray(SQLITE3_ASSOC)):
+			$has_chats = true;
+	?>
+			<div class="message">[<b><?= $row['author'] ?></b>] <?= $row['babble'] ?></div>
+	<?php
+		endwhile;
+		if (!$has_chats) echo 'There are no messages. :(';
+	?>
+
+	<form action="/babblebox" method="post" style="margin-top: 1rem;">
+		<input type="text" name="babble" maxlength="255" style="width: 100%;"><br>
+		<input type="submit" name="submit" value="Babble">
+		<input type="reset" name="reset" value="Clear">
+	</form>
 </body>
 </html>
-HTML;

templates/minimal.php

@@ -1,7 +1,6 @@
-<?php
+<html lang="en">
-$template = <<<THEVERYENDOFYOU
 <head>
-<title>{{title}}</title>
+	<title><?= $title ?></title>
 	<style type="text/css">
 		body {
 			background-image: url(/img/background.jpg);
@@ -60,9 +59,9 @@ a:hover {
 		}
 	</style>
 </head>
-<body><center>
+<body>
-{{content}}
+	<center>
-</center></body>
+		<?= $content ?>
+	</center>
+</body>
 </html>
-THEVERYENDOFYOU;
-?>

templates/primary.php

@@ -38,6 +38,8 @@ $template = <<<HTML
 			<div>{{totaltime}} Seconds, {{numqueries}} Queries</div>
 			<div>Version {{version}} {{build}}</div>
 		</footer>
+
+		{{querylog}}
 	</div>
 </body>
 </html>