-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 6cd7416
Showing
2,007 changed files
with
46,872 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| # more about ignoring files at https://help.github.com/articles/ignoring-files | ||
|
|
||
| .idea | ||
|
|
||
| # dependencies | ||
| /rc-fe/node_modules | ||
| /rc-fe/.pnp | ||
| /rc-fe.pnp.js | ||
|
|
||
| # testing | ||
| /rc-fe/coverage | ||
|
|
||
| # production | ||
| /rc-fe/build | ||
|
|
||
| # misc | ||
| /rc-fe/.DS_Store | ||
| /rc-fe/.env.local | ||
| /rc-fe/.env.development.local | ||
| /rc-fe/.env.test.local | ||
| /rc-fe/.env.production.local | ||
|
|
||
| /rc-fe/npm-debug.log* | ||
| /rc-fe/yarn-debug.log* | ||
| /rc-fe/yarn-error.log* | ||
|
|
||
| /rc-be/env.php | ||
|
|
||
| #composer | ||
| /rc-be/vendor | ||
| /rc-be/.DS_Store |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| # Developing locally | ||
| This app consists of 2 parts, frontend and backend. The backend is used for custom authentication and providing crypto logos. The 2 parts are respectively located under `rc-fe` and `rc-be` directories. | ||
|
|
||
| ## Prepare MySQL database | ||
| Use the following table name and structure | ||
| ``` | ||
| CREATE TABLE `users` ( | ||
| `id` int NOT NULL AUTO_INCREMENT, | ||
| `email` text NOT NULL, | ||
| `password` text CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci, | ||
| `verif_code` tinytext NOT NULL, | ||
| `pass_reset_code` mediumtext, | ||
| PRIMARY KEY (`id`) | ||
| ) ENGINE=InnoDB AUTO_INCREMENT=161 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci; | ||
| ``` | ||
|
|
||
| ## Prepare Firestore database | ||
| Create 2 main collections under your root: `users` and `pages` | ||
|
|
||
| ## Set environment variables | ||
| 1. Clone the repo onto your local server, e.g. `/var/www/receive-cash` | ||
| 2. Under `rc-fe/package.json` edit the `proxy` value entering your local server's host and port, e.g. http://localhost:80 | ||
| 3. Under `rc-fe/.env.development` for `REACT_APP_AUTH_HOST` value, enter the path to the backend of the app, e.g. if you cloned the repo to `/var/www/receive-cash`, enter `/receive-cash/rc-be` | ||
| 4. Under `rc-fe/src/firebase-config.js`, fill in your Firebase credentials for the `firebaseConfig` constant | ||
| 5. Rename file `rc-be/env-sample.php` to `rc-be/env.php` and edit it filling in your database and email info | ||
| 6. Under `rc-be/googleToken.php` enter values for variables `$service_account_email` and `$private_key` | ||
|
|
||
| ## Develop | ||
| `cd` into `rc-fe` and run `npm install`, then `npm start` to start developing |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| # Receive.cash | ||
|
|
||
| A web-app allowing people to create (a) page(s) with a collection of addresses / QR codes of different cryptocurrencies | ||
| easily viewable/shareable at storefronts, in-person and remotely | ||
|
|
||
| ## Tech | ||
|
|
||
| - React | ||
| - Bootstrap | ||
| - Firebase for storage & authentication | ||
| - PHP & MySQL for custom authentication | ||
|
|
||
| ## [Create React App](https://github.com/facebook/create-react-app) Scripts | ||
|
|
||
| ### `npm start` | ||
|
|
||
| ### `npm test` | ||
|
|
||
| ### `npm run build` | ||
|
|
||
| ### `npm run eject` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| # Bugs | ||
|
|
||
| - going from someone's page to the donations page via footer's link - doesn't go | ||
|
|
||
| # Improvements | ||
|
|
||
| ## Security | ||
|
|
||
| - see if we can improve firebase rules: allow write for authed user only for his/her own documents (crypto pages) | ||
| - expire & delete incomplete accounts (passwordless) that haven't completed registration | ||
| - clear verif_code and pass_reset_code flds in db when no longer needed | ||
| - encrypt passwords/emails locally in the browser before handoff to php | ||
| - request email verification code entry when changing account email address | ||
|
|
||
| ## Accessibility | ||
|
|
||
| - disable tabbing when sorting cryptos | ||
| - after deleting a crypto with keyboard, focus somewhere near the deleted crypto | ||
| - have an option in the SR hint about sorting on `<Cryptos>` to not show this alert again | ||
|
|
||
| ## UX | ||
|
|
||
| - be able to edit a crypto's name/code | ||
| - be able to save a draft page from `<UserPages>` | ||
| - have a "Send again" btn for confirmation code emails | ||
| - when editing a `<Cryptos>` page, have the page title and url edit flds available in the site header | ||
| - Add Drag-n-Drop functionality for `<UserPages>` like in `<SortableCryptos>` | ||
| - add hrefs to all navigational buttons/links to allow middle-clicking to open in new tabs | ||
|
|
||
| ## Design | ||
|
|
||
| - site logo | ||
| - use svg crypto icons on a `<UserPage>` | ||
| - trim-crop away the transparency around png crypto logos (some CoinGecko logos have empty space around them) | ||
| - prettier emails | ||
|
|
||
| ## SEO | ||
|
|
||
| - add and dynamically update `<meta>` tags & the structured data | ||
| - make all modals URL reachable | ||
|
|
||
| ## Animation | ||
|
|
||
| - when closing a modal, don't change any of its contents until the fadeout is complete (use onExited for stuff that | ||
| visually changes contents) | ||
| - stop the slow fade-outs of outline (or box-shadow) when stopping to hover/focus over hover-ables/focus-ables | ||
| - achieve fade for `<Crypto>` address fld placeholder in the `<AddCryptoForm>` when turning the light on/off | ||
| - add transitions/animations to everything | ||
| - animate flipping a crypto card when opening it | ||
|
|
||
| ## General | ||
|
|
||
| - don't have a modal inside each `<Crypto>` but have just 1 modal that's populated with a clicked crypto's info | ||
| causes visual changes to contents) | ||
| - try to get rid of refs in `<Crypto>` | ||
| - see if we can use Bootstrap's built-in light/dark settings rather than own | ||
|
|
||
| # New features | ||
|
|
||
| - be able to add a public view address (e.g. for XMR) | ||
| - be able to add custom logos to user pages | ||
| - be able to add custom crypto logos | ||
| - add user page analytics | ||
| - allow embedding cryptos in an iframe / provide hardcode | ||
| - make footer collapsible, and after it does have a little info icon/btn in its place | ||
| - have a section with the page owner's name/info/avatar/links | ||
| - categories on pages | ||
|
|
||
| # Test | ||
|
|
||
| - screen readers | ||
| - diff mobile browsers | ||
| - old browsers |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| Options -Indexes | ||
| <IfModule mod_headers.c> | ||
| Header set Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" | ||
| Header set Access-Control-Allow-Origin "https://receive.cash" | ||
| Header set Access-Control-Allow-Credentials true | ||
| Header set Access-Control-Allow-Headers "*" | ||
| Header set Vary "Origin" | ||
| </IfModule> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,100 @@ | ||
| <?php | ||
| require_once 'env.php'; | ||
| require_once 'googleToken.php'; | ||
| require_once 'sendEmail.php'; | ||
| global $db_host, $db_user, $db_pass, $db_name; | ||
|
|
||
| //database | ||
| $conn = mysqli_connect($db_host, $db_user, $db_pass, $db_name); | ||
| $output = new stdClass(); | ||
| $output->changed = false; | ||
| if (!$conn) { | ||
| $output->error = 'Could not Connect MySql Server:' . mysqli_error($conn); | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| //✅️ | ||
|
|
||
| //current email | ||
| $currEmailHash = md5($_POST['currEmail']); | ||
| if ($currEmailHash !== $_POST['uid']) { | ||
| $output->curr_email_error = 'Wrong current email'; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| $result = mysqli_query($conn, "SELECT * FROM users WHERE email='$currEmailHash'"); | ||
| if ($mysql_error = mysqli_error($conn)) { | ||
| $output->error = $mysql_error; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| $rows_num = mysqli_num_rows($result); | ||
| $user = mysqli_fetch_assoc($result); | ||
| if ($rows_num === 0) { | ||
| $output->curr_email_error = "Couldn't find the current email in the system"; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| //✅️ | ||
|
|
||
| //new email is different from current? | ||
| $newEmailHash = md5($_POST['newEmail']); | ||
| if ($currEmailHash === $newEmailHash) { | ||
| $output->new_email_error = 'New email is the same as the old'; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| //✅️ | ||
|
|
||
| //new email is unique? | ||
| $checkIfNewEmailExistsQuery = mysqli_query($conn, "SELECT * FROM users WHERE email='$newEmailHash'"); | ||
| if ($mysql_error = mysqli_error($conn)) { | ||
| $output->error = $mysql_error; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| $rows_num = mysqli_num_rows($checkIfNewEmailExistsQuery); | ||
| if ($rows_num > 0) { | ||
| $output->new_email_error = 'New email is already registered'; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| //✅️ | ||
|
|
||
| //password correct? | ||
| $password_hash = md5($_POST['password']); | ||
| $another_query = mysqli_query($conn, "SELECT * FROM users WHERE email='$currEmailHash' AND password='$password_hash'"); | ||
| if ($mysql_error = mysqli_error($conn)) { | ||
| $output->error = $mysql_error; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| $rows_num = mysqli_num_rows($another_query); | ||
| if ($rows_num === 0) { | ||
| $output->password_error = 'Wrong password'; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| //✅️ | ||
|
|
||
| $query = mysqli_query($conn, "UPDATE users SET email='$newEmailHash' WHERE email='$currEmailHash'"); | ||
| if ($mysql_error = mysqli_error($conn)) { | ||
| $output->error = $mysql_error; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| $email_sent = send_email( | ||
| 'Email changed - Receive.cash', | ||
| "Your account's email address has been changed to " . $_POST['newEmail'], | ||
| $_POST['currEmail'] | ||
| ); | ||
| if ($email_sent !== true) { | ||
| $output->error = $email_sent; | ||
| } | ||
|
|
||
| $output->changed = true; | ||
| $output->new_uid = $newEmailHash; | ||
| $output->token = create_custom_token($newEmailHash); | ||
| $output->tokenForOldUid = create_custom_token($currEmailHash); | ||
| echo json_encode($output); | ||
| return; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| <?php | ||
| require_once 'env.php'; | ||
| require_once 'sendEmail.php'; | ||
| global $db_host, $db_user, $db_pass, $db_name; | ||
| $conn = mysqli_connect($db_host, $db_user, $db_pass, $db_name); | ||
| $output = new stdClass(); | ||
| $output->email_error = false; | ||
| if (!$conn) { | ||
| $output->mysql_error = 'Could not Connect MySql Server:' . mysqli_error($conn); | ||
| $output->changed = false; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| $result = mysqli_query($conn, "SELECT * FROM users WHERE email='{$_POST['uid']}'"); | ||
| $rows_num = mysqli_num_rows($result); | ||
| $user = mysqli_fetch_assoc($result); | ||
| if ($rows_num > 0) { | ||
| if ($user['password'] === md5($_POST['currPass'])) { | ||
| $newPass = md5($_POST['newPass']); | ||
| $query = mysqli_query($conn, "UPDATE users SET password='$newPass' WHERE email='{$_POST['uid']}'"); | ||
| if ($mysql_error = mysqli_error($conn)) { | ||
| $output->mysql_error = $mysql_error; | ||
| $output->changed = false; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| /*$email_sent = send_email( | ||
| 'Password changed - Receive.cash', | ||
| 'Your password has been changed', | ||
| $emailAddress | ||
| ); | ||
| if ($email_sent !== true) { | ||
| $output->email_error = $email_sent; | ||
| $output->changed = false; | ||
| }*/ | ||
| $output->changed = true; | ||
| echo json_encode($output); | ||
| return; | ||
| } else { | ||
| $output->mysql_error = "Current password incorrect"; | ||
| $output->changed = false; | ||
| echo json_encode($output); | ||
| return; | ||
| } | ||
| } else { | ||
| $output->mysql_error = "Couldn't find the user to change the password for"; | ||
| $output->changed = false; | ||
| echo json_encode($output); | ||
| return; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| { | ||
| "require": { | ||
| "phpmailer/phpmailer": "^6.6", | ||
| "firebase/php-jwt": "^6.3", | ||
| "ext-curl": "*", | ||
| "ext-mysqli": "*", | ||
| "ext-json": "*", | ||
| "ext-imagick": "*" | ||
| } | ||
| } |
Oops, something went wrong.