UPDATING YOUR FILES (+ A LITTLE BIT MICROSOFT SLANDER)
These are instructions for updating my code. We will be cursing Microsoft quite a bit because many of these changes/updates are the result of Visual Studio Code fucking me over. Visual Studio was not saving reliably and had tendency to revert my code to older versions or not save what I was currently working on.
I now use Notepad++ which is fine.
REGARDING AUTH FILES PASSWORD ERRORS
Regarding authorization files, I've gotten a few bug reports for these, and I've been aware of the issue for some time.At some point, many of my auth.php files got reverted to their pre-hashed versions because Visual Studio Code lies to me. This was reported to me at various times and I fixed it for specific users but could never replicate on my machine.
I am not sure when this occured. I try to keep my code generally unified (which unfortunately somewhat impossible), so I changed all the auth files at once to non-working version. My first report of this was in March but I theorize it was a problem I published across my files much earlier (smiles weakly). It is hard to say really.
It's a basic fix at least. This goes at the top of your auth files. You also can just replace the auth files with the existing versions in Github. This affects SimpleRSS, SimpleAskbox, and the PHPSQL Blog.
<?php
session_start();
// ===== Single User Configuration =====
$username = 'testentries'; // Keep as is
$password = '$password'; // Paste your generated hash here
// ====================================
function check_login() {
global $username, $password;
if (!isset($_SESSION['logged_in'])) {
if (isset($_POST['username']) && isset($_POST['password'])) {
// Check username AND verify if the submitted password matches the stored hash
if ($_POST['username'] === $username && password_verify($_POST['password'], $password)) {
$_SESSION['logged_in'] = true;
return true;
}
}
show_login_form();
exit;
}
return true;
}
This VSC bug primarily affected authorization the most because it reverted them to their pre-hashed versions though it also the affected my blog development which explore later.
BEFORE YOU UPDATE YOUR SQL
Export your exisiting table as a SQL file. It is just a button. You don't need to change anything. Just do a quick export. Please. Please please. It's very easy to erase all of your SQL as someone who has done many many many times.
(SQL) LANGUAGE SUPPORT
Language support requires altering your table, but it is the easiest change here. Export your existing SQL file to have a backup then run this (change your_table_name of course)
ALTER TABLE your_table_name
CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
This will allow you to alter tables without unicodesupport.
(SQL) COLUMN CHANGES FOR ASKBOX
So, the SQL files had random bugs due to some of the data types used previously. I believe I only did for Askbox and this seems to be the case looking at my Git history.
This isn't technically strictly required, but I did it, and SQL no longer yells at me, so I recommend it. You may also want to do this for blog content.
I updated the data formats of various things in the SQL file. Kail was the reason I changed `visible`'s default handling. Thanks, Kail! I changed formats here. I modified the column formats via the SQL code dropdown, as I generally don't like touching SQL unless I have to because it's really easy to mess up everything. However, I am including this code here in case you prefer SQL and are confident using it I guess.
You don't have to run SQL, and if you do run SQL, export your existing table because I have erased entire tables and was only able to recover them because I back up my SQL regularly. I prefer clicking "Structure" and seeing it visually with your eyes, which I recommend because it feels better. I hate running SQL on existing tables!!!
- Click on your table, then click the Structure tab at the top.
- Check the boxes next to all the columns you want to change.
- Click the Change icon (represented by a pencil) directly below the table list. Update your SQL in the structure to match the UNTESTED code below. It's visual so you've got this! Don't run this code unless you have no fear for whatever reason.
ALTER TABLE your_table_name
MODIFY COLUMN `question` mediumtext NOT NULL,
MODIFY COLUMN `answer` longtext DEFAULT NULL,
MODIFY COLUMN `visible` mediumtext NOT NULL DEFAULT 'n',
MODIFY COLUMN `ID` int(11) NOT NULL,
MODIFY COLUMN `timestamp` datetime NOT NULL DEFAULT current_timestamp(),
MODIFY COLUMN `slug` varchar(255) DEFAULT NULL,
MODIFY COLUMN `tags` varchar(255) DEFAULT NULL;
BLOG TEMPLATE PHP UPDATES
All the blog templates underwent multiple updates because it was also heavily affected by that Visual Studio Code bug that ruined my saved states simply because it is a lot of files. It had the same auth bug as above, but if the hashes work for you, you don't need to worry about it. You downloaded it before Visual Studio Code fucked up my life.
Luckily, the main changes outside of auth.php are to whatever your blog's root directory is (initially called rectangle.php, blank.php, journal.php, and compact.php) needs to be updated, but the other files should be just fine.
There are two ways to update it. If you did not make many changes to the files outside of CSS, you are as good as just uploading the new files to your service and replacing the titles/text with whatever you used. If you made more changes, or you don't want to do this you can replace the PHP code blocks by hand.
Replacing PHP blocks is not too bad. I did this myself when standardizing the files across each other. It can just a bit overwhelming but even then eehhh. It's fine since PHP starts with these:
<?
?>
All of the PHP files now have been standardized so they have the same code (mostly). Before, there were small differences, but now even the comment blocks are all the same, so it's pretty easy to sort through. I do think the new templates are far superior to their older versions and easier to pick apart as well.
This should maintenance for you, as a user, and me, as the programmer, much better.
ASKBOX TAGS + SPAM BOT UPDATE
So, askbox has always tag support which means you do not need to touch the SQL. This update is somewhat affected by the VSC bug in that I think I would've done it much earlier had Visual Studio Code not made me feel like an insane person, but overall, it's been okay honestly.
Askbox is a bit of pain to update in some ways though since it is a pretty simple code, it's fine. If you changed a lot of the code, it may be annoying depending on what you changed?
So, askbox also has had one update since is initial release due to Kail and I finding a bug and fixing it though I honestly don't remember what we found due to struggling with illness at the time. I don't remember what we did, but if you got the initial askbox code, there may be some differences.
INDEX.PHP
You can replace the entire PHP head unless you changed it LOL. In that case, you can compare side by side. It's not that different, I've mainly added things like the honeypot protection and the tags. The tag addition is further down and the Honeypot is at the top of FORM SUBMISSION.
I believe these are the main chhanges.... I believe.... Smiles.
<?php
session_start();
include "config.php";
$conn = new mysqli($servername, $username, $password, $dbname);
// THE CONFIG LOGIN
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// FORM SUBMISSION
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Honeypot anti-spam
if (!empty($_POST['website2'])) {
die("Spam detected");
}
$question = trim($_POST["question"]);
// Prevent empty submissions
if ($question === '') {
$formresults = "Please enter a question.";
} else {
// Check duplicates
$check_query = "SELECT id FROM questions WHERE question = ?";
$check_stmt = $conn->prepare($check_query);
$check_stmt->bind_param("s", $question);
$check_stmt->execute();
$check_result = $check_stmt->get_result();
if ($check_result->num_rows > 0) {
$formresults = "This question has already been submitted!";
} else {
// Generate unique 4-character slug
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
do {
$slug = '';
for ($i = 0; $i < 4; $i++) {
$slug .= $chars[rand(0, strlen($chars) - 1)];
}
$slug_check_stmt = $conn->prepare(
"SELECT id FROM questions WHERE slug = ?"
);
$slug_check_stmt->bind_param("s", $slug);
$slug_check_stmt->execute();
$slug_check_result = $slug_check_stmt->get_result();
} while ($slug_check_result->num_rows > 0);
$slug_check_stmt->close();
// Insert question
$sql = "
INSERT INTO questions
(question, slug, visible, timestamp)
VALUES (?, ?, 'n', NOW())
";
$stmt = $conn->prepare($sql);
if ($stmt) {
$stmt->bind_param("ss", $question, $slug);
if ($stmt->execute()) {
$formresults = "Your question has been submitted!";
// Discord webhook
$webhook_url = "https://discord.com/api/webhooks/blahblahblah";
$message =
"New Question Submitted:\n" .
"Question: $question\n" .
"Slug: $slug";
$data = [
"content" => $message
];
$curl = curl_init($webhook_url);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt(
$curl,
CURLOPT_POSTFIELDS,
json_encode($data)
);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt(
$curl,
CURLOPT_HTTPHEADER,
[
'Content-Type: application/json'
]
);
curl_exec($curl);
curl_close($curl);
} else {
$formresults =
"Your form was not submitted. Maybe try again? " .
$stmt->error;
}
$stmt->close();
} else {
$formresults =
"Form submission failed: " .
$conn->error;
}
}
$check_stmt->close();
}
}
// TAG CLOUD LOGIC
$tag_cloud = [];
$tag_query = $conn->query("
SELECT tags
FROM questions
WHERE tags IS NOT NULL
AND tags != ''
");
if ($tag_query && $tag_query->num_rows > 0) {
while ($tag_row = $tag_query->fetch_assoc()) {
$tags = array_map(
'trim',
explode(',', $tag_row['tags'])
);
foreach ($tags as $tag) {
if ($tag !== '') {
$tag_cloud[$tag] = isset($tag_cloud[$tag])
? $tag_cloud[$tag] + 1
: 1;
}
}
}
}
// TAG FILTERING
$selected_tag = isset($_GET['tag'])
? trim($_GET['tag'])
: '';
if ($selected_tag !== '') {
$sql = "
SELECT *
FROM questions
WHERE visible = 'y'
AND FIND_IN_SET(
?,
REPLACE(
REPLACE(
REPLACE(tags, ', ', ','),
' ,', ','),
',,', ',')
)
ORDER BY timestamp DESC
";
$stmt = $conn->prepare($sql);
$stmt->bind_param("s", $selected_tag);
$stmt->execute();
$result = $stmt->get_result();
} else {
$result = $conn->query("
SELECT *
FROM questions
WHERE visible = 'y'
ORDER BY timestamp DESC
");
}
?>
This is the Tag Cloud. By default, it goes beneath the title, which by default in the template is
<h2>Questions Answered Thus Far</h2>
Beneath that, you can add this.
<!-- TAG CLOUD -->
<?php if (!empty($tag_cloud)) : ?>
<div class="tag-cloud" style="margin-bottom:20px;">
<?php foreach ($tag_cloud as $tag => $count) : ?>
<a
href="?tag=<?php echo urlencode($tag); ?>"
style="
font-size: <?php echo 12 + ($count * 2); ?>px;
margin:5px;
text-decoration:none;
"
>
<?php echo htmlspecialchars($tag); ?>
</a>
<?php endforeach; ?>
</div>
<?php endif; ?>
<!-- ACTIVE TAG -->
<?php if ($selected_tag !== '') : ?>
<div class="tag-filter-msg" style="margin-bottom:20px;">
Viewing tag:
<strong>
<?php echo htmlspecialchars($selected_tag); ?>
</strong>
<a href="?">[clear filter]</a>
</div>
It stops right before the PHP block that echoes the ask container.
Next is the honeypot insertion
<!-- Honeypot -->
<div style="display:none;">
<input
type="text"
name="website2"
autocomplete="off"
>
</div>
<?php endif; ?>
This goes before:
<div class="form-group">
<input
type="submit"
class="cutiepie"
value="Submit"
>
</div>
Sidenote: What the heck is a honeypot?
It is a measure for stopping bots, but it is not extremely sophisticated.
It involves having bots feel out an empty form entry that humans cannot see.
It has worked for me to substantially decrease bot form entries,
however, I know more sophisticated bots cannot be stopped by it.
FANLISTINGS...?
I don't update fanlistings anymore (for now; my hope is that one day I will have time to make my webrings/listings all a more unified kind of deal, as they all have the same base I received help developing from Koinuko) but my final update to it was adding a honeypot.
It is not that hard to make the fanlistings more robust, though. It is simply time-consuming, and I have no interest in fanlistings right now. If you want to add the honeypot while using the code, you can take it.
In connections.php beneath:
if ($_SERVER["REQUEST_METHOD"] == "POST") {
You can add:
// Honeypot spam protection
if (!empty($_POST['website2'])) {
die("Spam detected.");
}
In form.php, you then add this above the DIV containing submit:
<div style="display:none;">
<input type="text" name="website2" autocomplete="off">
</div>
MY FINAL MESSAGE (FUCK MICROSOFT)
Obviously, like I said, I made this after dealing with that VSC bug for the past like year. I have migraines basically the time which is honestly why I didn't realize the bug was happening. I knew weird was happening but because I was just in pain with deteriorating cognition, I just assumed most of the errors were because of programmer error (me), but I just happened to download Notepad++ on a whim and discovered that it wasn't because of user error. So, I sat down and updated a bunch of the code since I could actually see it now.
I have never ever dealt with a bug like this and I have been programming for a really long time since I was 12ish, and I've used VSC for the bulk of that time. It is a shame that Visual Studio Code exploded at the same time as I dealt with a neurological disorder because despite my problems with Microsoft, I love Visual Studio Code. It has driven insane for the past year I was so unwilling to believe the program I've used for the past god knows how long would have a catastrophic error like this.
I, in the past, have recommended VSC, but I don't anymore, for obvious reasons. I hope to eventually update some of my old guides to put emphasis on other engines, especially open source ones that aren't being fucked over by over use of LLMs. I will take the time to setup Notepad++ with my SQL and PHP setup and try to give instructions for how to do that. In the past I wanted do with Visual Studio, but I just can't. It is a bit heartbreaking an autistic to have to change my tools like this which is why I keep rambling. It was really hard. And it was extremely painful physically to deal with bug. I thought I hated programming. I thought my skill had declined. I didn't know what I was doing wrong, so I just gave up.
And then I just a differen tool and fixed a lot of this in a single sitting. I ended up just confirming my suspicions about a lot of VSC bugs... Like I said, this was also mostly focusing on unifying files which should be a non issue, but I just couldn't do a basic thing in VSC because of this fucking bug but I thought it was Me.
Smiles. It's pretty agonizing to think about, but yeah. But because of all that jazz, um, I'd love bug reports or any other reports. I have a guestbook and askbox, and the files are on Github (for now), so you can also report issues there. I am in pain as mentioned most of the time now, so it's kind of difficult to address things in a timely manner, but you know, I try! And I like knowing about. It really helps. Thanks everyone who reported.
There will be more fixes. I have more spambot measures to put in place for the askbox soon, and I feel more motivated that my tools aren't broken.
I guess!!! Thanks, Microsoft for years of a good time with skillfully made software before you fucked up all your shit!!!!
