Improve pretty URLs

README.md

@@ -21,7 +21,7 @@ your wishes for any kind of occasion ([demo](https://wishthis.online)).
 :de: German  (Germany)
 
 ## :heavy_check_mark: Requirements
-* Apache or Nginx (pretty URLs don't work on Nginx)
+* Apache or Nginx
 * PHP 8.1
 
 ## :hammer: Installation

index.php

@@ -119,6 +119,13 @@ if (isset($api)) {
     return;
 }
 
+/**
+ * Pretty URLs
+ */
+if ($_SERVER['QUERY_STRING']) {
+    $_SESSION['_GET'] = $_GET;
+}
+
 /**
  * Install
  */
@@ -138,7 +145,7 @@ if ($options && $options->getOption('isInstalled')) {
 /**
  * Wishlist
  */
-if (!isset($_GET['page']) && isset($_GET['wishlist'])) {
+if (!isset($_SESSION['_GET']['page']) && isset($_SESSION['_GET']['wishlist'])) {
     $page = 'wishlist';
 }
 
@@ -146,7 +153,7 @@ if (!isset($_GET['page']) && isset($_GET['wishlist'])) {
  * Page
  */
 if (!isset($page)) {
-    $page = isset($_GET['page']) ? $_GET['page'] : 'home';
+    $page = isset($_SESSION['_GET']['page']) ? $_SESSION['_GET']['page'] : 'home';
 }
 $pagePath = 'src/pages/' . $page . '.php';
 

src/classes/page.php

@@ -129,8 +129,8 @@ class Page
         );
         if (
                !isset($_SESSION['user'])
-            && isset($_GET['page'])
-            && !in_array($_GET['page'], $ignorePower)
+            && isset($_SESSION['_GET']['page'])
+            && !in_array($_SESSION['_GET']['page'], $ignorePower)
         ) {
             redirect('/?page=login');
         }
@@ -164,7 +164,7 @@ class Page
          * Redirect
          */
         if ($options && $options->getOption('isInstalled') && isset($_SERVER['QUERY_STRING'])) {
-            $url         = new URL($_SERVER['QUERY_STRING']);
+            $url         = new URL(http_build_query($_SESSION['_GET']));
             $redirect_to = $url->getPretty();
 
             if ($redirect_to) {
@@ -307,7 +307,7 @@ class Page
             ?>
             <script type="text/javascript">
                 var locale = '<?= str_replace('_', '-', $this->language) ?>';
-                var $_GET  = JSON.parse('<?= isset($_GET) ? json_encode($_GET) : array() ?>');
+                var $_GET  = JSON.parse('<?= isset($_SESSION['_GET']) ? json_encode($_SESSION['_GET']) : array() ?>');
                 var text   = {
                     wishlist_no_selection : '<?= __('No wishlist selected.') ?>',
 

src/pages/power.php

@@ -20,7 +20,7 @@ $page->navigation();
 
         <div class="ui segment">
             <h2 class="ui header"><?= __('Restricted access') ?></h2>
-            <p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_GET['required'] . '</strong>', '<strong>' . $user->power . '</strong>') ?></p>
+            <p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_SESSION['_GET']['required'] . '</strong>', '<strong>' . $user->power . '</strong>') ?></p>
         </div>
     </div>
 </main>

src/pages/register.php

@@ -8,7 +8,7 @@
 
 use wishthis\{Page, User};
 
-$passwordReset = isset($_GET['password-reset'], $_GET['token']);
+$passwordReset = isset($_SESSION['_GET']['password-reset'], $_SESSION['_GET']['token']);
 
 $pageTitle    = $passwordReset ? __('Reset password') : __('Register');
 $buttonSubmit = $passwordReset ? __('Reset')          : __('Register');
@@ -56,14 +56,14 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
     if ($isHuman) {
         $userRegistered = false;
 
-        if (isset($_GET['password-reset'], $_GET['token'])) {
+        if (isset($_SESSION['_GET']['password-reset'], $_SESSION['_GET']['token'])) {
             /**
              * Password reset
              */
             $user = $database
             ->query('SELECT * FROM `users`
-                      WHERE `email`                = "' . $_GET['password-reset'] . '"
-                        AND `password_reset_token` = "' . $_GET['token'] . '";')
+                      WHERE `email`                = "' . $_SESSION['_GET']['password-reset'] . '"
+                        AND `password_reset_token` = "' . $_SESSION['_GET']['token'] . '";')
             ->fetch();
 
             if ($user) {
@@ -76,7 +76,7 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
                               WHERE `id`                         = ' . $user['id'] . ';');
 
                     $page->messages[] = Page::success(
-                        'Password has been successfully reset for <strong>' . $_GET['password-reset'] . '</strong>.',
+                        'Password has been successfully reset for <strong>' . $_SESSION['_GET']['password-reset'] . '</strong>.',
                         'Success'
                     );
                 } else {
@@ -174,12 +174,12 @@ $page->navigation();
                             <div class="field">
                                 <label><?= __('Email') ?></label>
 
-                                <div class="ui left icon input<?= isset($_GET['password-reset']) ? ' disabled' : '' ?>">
-                                    <?php if (isset($_GET['password-reset'])) { ?>
+                                <div class="ui left icon input<?= isset($_SESSION['_GET']['password-reset']) ? ' disabled' : '' ?>">
+                                    <?php if (isset($_SESSION['_GET']['password-reset'])) { ?>
                                         <input type="email"
                                                name="email"
                                                placeholder="john.doe@domain.tld"
-                                               value="<?= $_GET['password-reset'] ?>"
+                                               value="<?= $_SESSION['_GET']['password-reset'] ?>"
                                                readonly
                                         />
                                     <?php } else { ?>

src/pages/wish.php

@@ -10,7 +10,7 @@ use wishthis\{Page, Wish};
 
 $userIsAuthenticated = false;
 
-$wish = new Wish($_GET['id'], false);
+$wish = new Wish($_SESSION['_GET']['id'], false);
 $page = new Page(__FILE__, $wish->getTitle());
 
 if ('POST' === $_SERVER['REQUEST_METHOD'] && count($_POST) >= 0) {
@@ -30,7 +30,7 @@ if ('POST' === $_SERVER['REQUEST_METHOD'] && count($_POST) >= 0) {
                     `priority`    = ' . $wish_priority . '
               WHERE `id`          = ' . $wish_id . ';');
 
-    $wish             = new Wish($_GET['id'], false);
+    $wish             = new Wish($_SESSION['_GET']['id'], false);
     $page             = new Page(__FILE__, $wish->getTitle());
     $page->messages[] = Page::success(__('Wish successfully updated.'), __('Success'));
 }
@@ -102,7 +102,7 @@ $referer = '/?page=wishlists&id=' . $wish->wishlist;
 
         <div class="ui segment">
             <form class="ui form wish" method="POST">
-                <input type="hidden" name="wish_id" value="<?= $_GET['id'] ?>" />
+                <input type="hidden" name="wish_id" value="<?= $_SESSION['_GET']['id'] ?>" />
                 <input type="hidden" name="wish_image" value="<?= $wish->image ?>" />
 
                 <div class="ui two column grid">

src/pages/wishlist.php

@@ -8,7 +8,7 @@
 
 use wishthis\{Page, User, Wishlist};
 
-$wishlist = new Wishlist($_GET['wishlist']);
+$wishlist = new Wishlist($_SESSION['_GET']['wishlist']);
 $page     = new Page(__FILE__, $wishlist->getTitle());
 
 if (!$wishlist->exists) {

src/pages/wishlists.php

@@ -176,7 +176,7 @@ $page->navigation();
             <p><?= __('Fill out any or all of the below fields to add your new wish.') ?></p>
 
             <form class="ui form wishlist-wish-add" method="POST">
-                <input type="hidden" name="wishlist_id" value="<?= $_GET['id'] ?>" />
+                <input type="hidden" name="wishlist_id" />
 
                 <div class="ui two column grid">
                     <?php include 'parts/wish-add.php' ?>