<?php
header("Content-Type: text/html; charset=UTF-8");
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);

/* 

Welcome to the code of #DashboardFE (or #DashFE if you like it better)
If you are reading this, you are in for a big adventure where all your
patience will be tested.

I will try to add comments to all pieces of code that may seem confusing
or hard to understand how they work.

While the frontend is coded in a procedural style, i think i coded it to 
be simple enough to be easy to understand. I suggest you to check first
the code of this file, then the code of the included files ("include/init.php" and 
include/functions.php") which will give a better understanding on how the FE
operates.

The frontend also does most of the processing of the posts on the server side. Why?
I wanted this frontend to be available to people that does not like to use javascript
or where javascript is not an option (old phones/computers). This makes the 
frontend very fast to navigate on older devices. Javascript is used mostly to make the 
FE more dynamic in "normal" situations, but it is not required.

This was mostly coded in a non-serious way and i lack many of the training
that most people may have, you could say that i just put things together 
until they work, so if you want to help me to make it better, i will be
so grateful

@daisuke@stereophonic.space

*/

ini_set('display_errors', 1);
ini_set("log_errors", 1);
error_reporting(1);
ini_set("error_log", "php-error.log");

include "settings.php";				# the general settings of the FE
include "include/init.php";			# initializes the page load with some variables and cookies
include "include/functions.php";    # the functions that are used on all the FE files.

/* if part of the url query is an ajax action, this file will handle it */
if(isset($_GET['action']) || isset($_POST['action'])){
	include "action.php";
}

/* if part of the url query is the return of a login attempt, this file will handle it */
if(isset($_GET['code'])){
	include "login/activate.php";
}

/* the header and other layout elements will be included only if the 
call is not an AJAX request */
if(!isset($_GET['ajax'])){
	if ($logedin){ 
		$info = api_get("accounts/verify_credentials");
		if($info['error']){
			header('Location: ./logout');
		}
	}
	include "layout/header.php";
}

/* Basically the FE looks at the "page" url variable and then checks if the file exist either in the "pages" folder
or in the "modules" folder. If it does, it includes them 

Even if the user does not provide a "page" variable, the init.php file can assume one based on other variables, so you should check that file too.

The url query is sanitized so it only allows alphanumeric characters
*/
if(isset($_GET['page']) && file_exists("pages/". preg_replace("/[^a-zA-Z0-9]+/", "", $_GET['page']).".php")){
	include ("pages/". preg_replace("/[^a-zA-Z0-9]+/", "", $_GET['page']).".php");
} else {
	$page = (isset($_GET['page']) ? preg_replace("/[^a-zA-Z0-9]+/", "", $_GET['page']) : "timeline");

	if(file_exists("modules/$page.php")){
		include ("modules/$page.php");
	} else {
		$content .= "The page you were looking for was not found";
	}
} 

/* same as a bit above */
if(!isset($_GET['ajax'])){
	include "layout/footer.php";
}

?>