Add $ENV->convert, update readme and config template, add more Twig templates, etc.

.gitignore

@@ -33,3 +33,4 @@ __MACOSX/
 /static/common/badges/**
 /static/styles/**/*.css
 /static/styles/assets/fonts/**
+fonts.tgz

classes/charts.class.php

@@ -168,66 +168,3 @@ class PIE_CHART extends GOOGLE_CHARTS
         $this->URL .= "&chl=".implode('|', $Labels).'&chd=e:'.implode('', $Data);
     }
 }
-
-/*
-class LOG_BAR_GRAPH extends GOOGLE_CHARTS
-{
-    // todo: Finish
-    public function __construct($Base, $Width, $Height, $Options = [])
-    {
-        parent::__construct('lc', $Width, $Height, $Options);
-    }
-
-    public function color($Color)
-    {
-        $this->URL .= '&chco='.$Color.'&chm=B,'.$Color.'50,0,0,0';
-    }
-
-    public function generate()
-    {
-        $Max = max($this->Data);
-        $Min = ((isset($this->Options['Break'])) ? $Min = min($this->Data) : 0);
-        $Data = [];
-
-        foreach ($this->Data as $Value) {
-            $Data[] = $this->encode((($Value - $Min) / ($Max - $Min)) * 4095);
-        }
-        $this->URL .= "&chxt=y,x&chxs=0,h&chxl=1:|".implode('|', $this->Labels).'&chxr=0,'.$Min.','.($Max-$Min).'&chd=e:'.implode('', $Data);
-    }
-}
-*/
-
-/*
-class POLL_GRAPH extends GOOGLE_CHARTS
-{
-    public function __construct()
-    {
-        $this->URL .= '?cht=bhg';
-    }
-
-    public function add($Label, $Data)
-    {
-        if ($Label !== false) {
-            $this->Labels[] = Format::cut_string($Label, 35);
-        }
-        $this->Data[] = $Data;
-    }
-
-    public function generate()
-    {
-        $Count = count($this->Data);
-        $Height = (30 * $Count) + 20;
-        $Max = max($this->Data);
-        $Sum = array_sum($this->Data);
-        $Increment = ($Max / $Sum) * 25; // * 100% / 4divisions
-        $Data = [];
-        $Labels = [];
-
-        foreach ($this->Data as $Key => $Value) {
-            $Data[] = $this->encode(($Value / $Max) * 4095);
-            $Labels[] = '@t'.str_replace(array(' ', ','), array('+', '\,'), $this->Labels[$Key]).',000000,1,'.round((($Key + 1) / $Count) - (12 / $Height), 2).':0,12';
-        }
-        $this->URL .= "&chbh=25,0,5&chs=214x$Height&chl=0%|".round($Increment, 1)."%|".round($Increment * 2, 1)."%|".round($Increment * 3, 1)."%|".round($Increment * 4, 1)."%&chm=".implode('|', $Labels).'&chd=e:'.implode('', $Data);
-    }
-}
-*/

classes/config.template.php

@@ -1,3 +1,4 @@
+
 <?php
 declare(strict_types=1);
 
@@ -19,7 +20,7 @@ declare(strict_types=1);
  *   $LongArray = [];
  *   ENV::setPub(
  *     'CONFIG',
- *     new RecursiveArrayObject($LongArray)
+ *     $ENV->convert($LongArray)
  *   );
  *
  *   $ENV = ENV::go();
@@ -32,9 +33,8 @@ declare(strict_types=1);
  *
  *   var_dump(
  *     $ENV->dedupe(
- *       $ENV->CATS->SEQ->Platforms,
- *       $ENV->CATS->IMG->Platforms->toArray(),
- *       [$MapVectorFormats, $MapRasterFormats, $PlainFormats]
+ *       $ENV->META->Formats->Sequences,
+ *       $ENV->META->Formats->Proteins->toArray()
  *     )
  *   );
  */
@@ -42,6 +42,8 @@ declare(strict_types=1);
 # Initialize
 require_once 'env.class.php';
 $ENV = ENV::go();
+
+# Basic info
 ENV::setPub('PHP_MIN', '7.4.0');
 ENV::setPub('DEV', true);
 
@@ -132,7 +134,7 @@ $TechSupport = [
 ];
 ENV::setPub(
     'HELP',
-    new RecursiveArrayObject($TechSupport)
+    $ENV->convert($TechSupport)
 );
 
 
@@ -180,9 +182,9 @@ ENV::setPriv('SQLPORT', 3306);
 #ENV::setPriv('SQLSOCK', '/var/run/mysqld/mysqld.sock');
 
 # TLS client certs
-ENV::setPriv('SQL_CERT', "/var/www/sql-keys/client-cert.pem");
-ENV::setPriv('SQL_KEY', "/var/www/sql-keys/client-key.pem");
-ENV::setPriv('SQL_CA', "/var/www/sql-keys/ca.pem");
+ENV::setPriv('SQL_CERT', "$ENV->WEB_ROOT/sql-keys/client-cert.pem");
+ENV::setPriv('SQL_KEY', "$ENV->WEB_ROOT/sql-keys/client-key.pem");
+ENV::setPriv('SQL_CA', "$ENV->WEB_ROOT/sql-keys/ca.pem");
 
  # Production
  if (!$ENV->DEV) {
@@ -251,7 +253,7 @@ if (!$ENV->DEV) {
     ];
     ENV::setPub(
         'ANNOUNCE_URLS',
-        new RecursiveArrayObject($AnnounceURLs)
+        $ENV->convert($AnnounceURLs)
     );
 }
 
@@ -270,7 +272,7 @@ else {
     ];
     ENV::setPub(
         'ANNOUNCE_URLS',
-        new RecursiveArrayObject($AnnounceURLs)
+        $ENV->convert($AnnounceURLs)
     );
 }
 
@@ -378,6 +380,10 @@ ENV::setPub('FEATURE_SEND_EMAIL', true);
 # (should only be used for initial setup)
 ENV::setPub('FEATURE_SET_ENC_KEY_PUBLIC', false);
 
+# Attempt to support the Seqhash algorithm
+# https://blog.libredna.org/post/seqhash/
+ENV::setPub('FEATURE_SEQHASH', true);
+
 
 /**
  * Settings
@@ -592,7 +598,7 @@ $AutomatedBadgeIDs = [
 ];
 ENV::setPub(
     'AUTOMATED_BADGE_IDS',
-    new RecursiveArrayObject($AutomatedBadgeIDs)
+    $ENV->convert($AutomatedBadgeIDs)
 );
 
 
@@ -822,11 +828,13 @@ $DB = [
     'picture' => ['name' => 'Picture', 'desc' => 'A meaningful picture, e.g., the specimen or a thumbnail'],
 
     # From the non-renamed `torrents` table
-    'version' => ['name' => 'Version', 'desc' => 'Start with 0.1.0', 'note' => 'Please see <a href="https://semver.org target=" _blank">Semantic Versioning</a>'],
+    'version' => ['name' => 'Version', 'desc' => 'Start with 0.1.0', 'note' => 'Please see <a href="https://semver.org" target="_blank">Semantic Versioning</a>'],
+    'license' => ['name' => 'License', 'desc' => '', 'note' => 'Please see <a href="http://www.dcc.ac.uk/resources/how-guides/license-research-data" target="_blank">How to License Research Data</a>'],
+    'mirrors' => ['name' => 'Mirrors', 'desc' => 'Up to two FTP/HTTP addresses that either point directly to a file, or for multi-file torrents, to the enclosing folder'],
 ];
 ENV::setPub(
     'DB',
-    new RecursiveArrayObject($DB)
+    $ENV->convert($DB)
 );
 
 
@@ -947,7 +955,7 @@ $META = [
             'Binary',
             'Text',
         ],
-    ], # End $this->META->Platforms
+    ], # End $ENV->META->Platforms
 
     /**
      * 1.
@@ -1172,7 +1180,7 @@ $META = [
             'Jupyter'      => ['ipynb'],
             'Ontology'     => ['cgif', 'cl', 'clif', 'csv', 'htm', 'html', 'kif', 'obo', 'owl', 'rdf', 'rdfa', 'rdfs', 'rif', 'tsv', 'xcl', 'xht', 'xhtml', 'xml'],
         ],
-    ], # End $this->META->Formats
+    ], # End $ENV->META->Formats
 
 
     /**
@@ -1268,7 +1276,7 @@ $META = [
             'Velocity',
             'Weight',
         ],
-    ], # End $this->META->Scopes
+    ], # End $ENV->META->Scopes
 
     /**
      * 1.
@@ -1294,11 +1302,11 @@ $META = [
         'OpenMTA',
         'Public Domain',
         'Unspecified',
-    ], # End $this->META->Licenses
+    ], # End $ENV->META->Licenses
 ];
 ENV::setPub(
     'META',
-    new RecursiveArrayObject($META)
+    $ENV->convert($META)
 );
 
 
@@ -1322,16 +1330,16 @@ $CATS = [
         'Icon' => "$CatIcons/sequences.png",
         'Description' => "For data that's ACGT, ACGU, amino acid letters on disk.",
         'Platforms' => $ENV->META->Platforms->Sequences,
-        'Formats' => [
-            $ENV->META->Formats->Sequences,
-            $ENV->META->Formats->Proteins,
-            $ENV->META->Formats->Plain,
+        'Formats' => array_merge([
             /*
             'Sequences' => $ENV->META->Formats->Sequences,
             'Proteins' => $ENV->META->Formats->Proteins,
             'Plain' => $ENV->META->Formats->Plain,
             */
-        ],
+            $ENV->META->Formats->Sequences,
+            $ENV->META->Formats->Proteins,
+            $ENV->META->Formats->Plain,
+        ]),
     ],
 
     2 => [
@@ -1481,7 +1489,7 @@ $CATS = [
 ];
 ENV::setPub(
     'CATS',
-    new RecursiveArrayObject($CATS)
+    $ENV->convert($CATS)
 );
 
 

classes/env.class.php

@@ -43,19 +43,13 @@ class ENV
     # Prevents multiple instances
     public function __clone()
     {
-        return trigger_error(
-            'clone() not allowed',
-            E_USER_ERROR
-        );
+        return error('clone() not allowed.');
     }
 
     # Prevents unserializing
     public function __wakeup()
     {
-        return trigger_error(
-            'wakeup() not allowed',
-            E_USER_ERROR
-        );
+        return error('wakeup() not allowed.');
     }
 
     # $this->key returns public->key
@@ -112,11 +106,40 @@ class ENV
     }
 
 
+    /**
+     * convert
+     *
+     * Take a mixed input and returns a RecursiveArrayObject.
+     * This function is the sausage grinder, so to speak.
+     */
+    public function convert($obj)
+    {
+        switch (gettype($obj)) {
+            case 'string':
+                $out = json_decode($obj, true);
+                return (json_last_error() === JSON_ERROR_NONE)
+                    ? new RecursiveArrayObject($out)
+                    : error('json_last_error_msg(): ' . json_last_error_msg());
+                break;
+            
+            case 'array':
+            case 'object':
+                return new RecursiveArrayObject($obj);
+            
+            default:
+                return error('$ENV->convert() expects a JSON string, array, or object.');
+                break;
+        }
+    }
+
+
     /**
      * toArray
+     *
+     * Takes an object and returns an array.
      * @see https://ben.lobaugh.net/blog/567/php-recursively-convert-an-object-to-an-array
      */
-    public function toArray($obj)
+    public function toArray(object $obj)
     {
         if (is_object($obj)) {
             $obj = (array) $obj;
@@ -135,30 +158,6 @@ class ENV
     }
 
 
-    /**
-     * fromJson
-     *
-     * @param string $JSON Valid JavaScript object string
-     * @return RecursiveArrayObject Not stdClass as in json_decode()
-     */
-
-    public function fromJson($str)
-    {
-        if (!is_string($str) || is_empty($str)) {
-            error('$ENV->fromJson() expects a string.');
-        }
-
-        $json = json_decode($str, true);
-        
-        if (json_last_error() === JSON_ERROR_NONE) {
-            # Decode to array and construct RAO
-            return new RecursiveArrayObject($json);
-        } else {
-            error('Unable to parse JSON in $ENV->fromJson().');
-        }
-    }
-
-
     /**
      * dedupe
      *
@@ -181,18 +180,24 @@ class ENV
     /**
      * flatten
      *
-     * Takes an $ENV node (Recursive ArrayObject)
+     * Takes an $ENV node or array of them
      * and flattens out the multi-dimensionality.
-     * Returns a single, non-deduplicated array.
+     * It returns a flat array with keys intact.
      */
-    public function flatten($arr)
+    public function flatten($arr, int $lvl = null)
     {
+        if (!is_array($arr) && !is_object($arr)) {
+            return error('$ENV->flatten() expects an array or object, got ' . gettype($arr));
+        }
+
         $new = array();
 
         foreach ($arr as $k => $v) {
-            if (is_object($v)) {
+            /*
+             if (is_object($v)) {
                 $v = $this->toArray($v);
             }
+            */
     
             if (is_array($v)) {
                 $new = array_merge($new, $this->flatten($v));
@@ -212,7 +217,7 @@ class ENV
      * Maps a callback (or default) to an object.
      *
      * Example output:
-     * $Hashes = $ENV->map('md5', $ENV->CATS->SEQ);
+     * $Hashes = $ENV->map('md5', $ENV->CATS->{6});
      *
      * var_dump($Hashes);
      * object(RecursiveArrayObject)#324 (1) {
@@ -240,7 +245,7 @@ class ENV
      * @param object $obj Object to operate on
      * @return object $RAO Mapped RecursiveArrayObject
      */
-    public function map($fn = '', $obj = null)
+    public function map(string $fn = '', object $obj = null)
     {
         # Set a default function if desired
         if (empty($fn) && !is_object($fn)) {

classes/input.class.php

@@ -1,44 +0,0 @@
-<?php
-declare(strict_types=1);
-
-/**
- * Input class
- * 
- * An attempt to normalize and secure form inputs.
- */
-
-class Input {
-
-    /**
-     * passphrase
-     */
-    function passphrase(
-        string $Name = 'password',
-        string $ID = 'password',
-        string $Placeholder = 'Passphrase',
-        bool $Advice = false) {
-        $ENV = ENV::go();
-
-        # Input validation
-        if (!is_string($Name) || empty($Name)) {
-            error("Expected non-empty string, got \$Name = $Name in Input::passphrase.");
-        }
-
-        if (!empty($Advice) && $Advice !== true || $Advice !== false) {
-            error("Expected true|false, got \$Advice = $Advice in Input::passphrase.");
-        }
-
-        $Field = <<<HTML
-        <input type="password" name="$Name" id="$ID" placeholder="$Placeholder"
-          minlength="$ENV->PW_MIN" maxlength="$ENV->PW_MAX"
-          class="inputtext" autocomplete="off" required="required" />
-HTML;
-
-if ($Advice) {
-    return $Field . $ENV->PW_ADVICE;
-} else {
-    return $Field;
-}
-
-    }
-}

classes/security.class.php

@@ -39,23 +39,38 @@ class Security
     {
         $ENV = ENV::go();
 
+        # Bad PHP version
+        if (version_compare(PHP_VERSION, $ENV->PHP_MIN, '<')) {
+            error("Gazelle requires PHP > $ENV->PHP_MIN.");
+        }
+
         # short_open_tag
         if (!ini_get('short_open_tag')) {
-            error('short_open_tag != On in php.ini');
+            error('short_open_tag != On in php.ini.');
         }
 
         # apcu
         if (!extension_loaded('apcu')) {
-            error('APCu extension not loaded');
+            error('APCu extension php-apcu not loaded.');
         }
 
-        # Bad PHP version
-        if (version_compare($ENV->PHP_MIN, '7.4.0', '<')) {
-            error("Gazelle requires PHP > $ENV->PHP_MIN.");
+        # mbstring
+        if (!extension_loaded('mbstring')) {
+            error('Multibyte string extension php-mbstring not loaded.');
+        }
+
+        # memcache
+        if (!extension_loaded('memcache')) {
+            error('memcached extension php-memcache not loaded.');
+        }
+
+        # blake3
+        if ($ENV->FEATURE_SEQHASH && !extension_loaded('blake3')) {
+            error('Please install and enable the php-blake3 extension.');
         }
 
         # Deal with dumbasses
-        if (isset($_REQUEST['info_hash']) && isset($_REQUEST['peer_id'])) {
+        if (isset($_REQUEST['info_hash']) || isset($_REQUEST['peer_id'])) {
             error(
                 'd14:failure reason40:Invalid .torrent, try downloading again.e',
                 $NoHTML = true,

classes/torrent_form.class.php

@@ -444,7 +444,7 @@ HTML;
         $Version = display_str($Torrent['Version']);
 
         echo $Twig->render(
-            'torrent_form/identifier.html',
+            'torrent_form/version.html',
             [
               'db' => $ENV->DB->version,
               'version' => $Version,
@@ -583,7 +583,7 @@ HTML;
             'torrent_form/year.html',
             [
             'db' => $ENV->DB->year,
-            'location' => $TorrentYear,
+            'year' => $TorrentYear,
           ]
         );
 
@@ -699,7 +699,7 @@ HTML;
                 $trID = 'media_tr',
                 $Label = 'Platform',
                 $Torrent = $Torrent,
-                $Media = $ENV->META->Platforms->Sequences
+                $Media = $ENV->CATS->{1}->Platforms
             );
             
 
@@ -710,10 +710,7 @@ HTML;
                 $trID = 'media_graphs_tr',
                 $Label = 'Platform',
                 $Torrent = $Torrent,
-                $Media = $ENV->flatten([
-                    $ENV->META->Platforms->Graphs,
-                    $ENV->META->Platforms->Sequences
-                ])
+                $Media = $ENV->CATS->{2}->Platforms
             );
             
 
@@ -724,10 +721,7 @@ HTML;
                 $trID = 'media_scalars_vectors_tr',
                 $Label = 'Platform',
                 $Torrent = $Torrent,
-                $Media = $ENV->flatten([
-                    $ENV->META->Platforms->Graphs,
-                    $ENV->META->Platforms->Images
-                ])
+                $Media = $ENV->CATS->{5}->Platforms
             );
 
 
@@ -738,7 +732,7 @@ HTML;
                 $trID = 'media_images_tr',
                 $Label = 'Platform',
                 $Torrent = $Torrent,
-                $Media = $ENV->META->Platforms->Images
+                $Media = $ENV->CATS->{8}->Platforms
             );
 
 
@@ -749,7 +743,7 @@ HTML;
                 $trID = 'media_documents_tr',
                 $Label = 'Platform',
                 $Torrent = $Torrent,
-                $Media = $ENV->META->Platforms->Documents
+                $Media = $ENV->CATS->{11}->Platforms
             );
 
 
@@ -760,7 +754,7 @@ HTML;
                 $trID = 'media_machine_data_tr',
                 $Label = 'Platform',
                 $Torrent = $Torrent,
-                $Media = $ENV->META->Platforms->Raw
+                $Media = $ENV->CATS->{12}->Platforms
             );
         } # fi NewTorrent
         else {
@@ -826,7 +820,7 @@ HTML;
             $trID = 'container_tr',
             $Label = 'Format',
             $Torrent = $Torrent,
-            $FileTypes = array_merge(($ENV->CATS->{1}->Formats))
+            $FileTypes = $ENV->CATS->{1}->Formats
         );
         
 
@@ -837,7 +831,7 @@ HTML;
             $trID = 'container_graphs_tr',
             $Label = 'Format',
             $Torrent = $Torrent,
-            $FileTypes = array_merge($this->GraphXmlFormats, $this->GraphTxtFormats, $this->SeqFormats, $this->ProtFormats, $this->PlainFormats)
+            #$FileTypes = array_column($ENV->META, $Formats)
         );
 
 
@@ -1030,21 +1024,13 @@ HTML;
             $TorrentImage = display_str($Torrent['Image']);
             $Disabled = $this->Disabled;
 
-            echo <<<HTML
-            <tr id="cover_tr">
-            <td>
-              <label for="image">
-                Picture
-              </label>
-            </td>
-            
-            <td>
-              <input type="text" id="image" name="image" size="60"
-                placeholder="A meaningful picture, e.g., the specimen or a thumbnail"
-                value="$TorrentImage" $Disabled? />
-            </td>
-          </tr>
-HTML;
+            echo $Twig->render(
+                'torrent_form/picture.html',
+                [
+                    'db' => $ENV->DB->picture,
+                    'picture' => $TorrentImage,
+                ]
+            );
         }
 
 
@@ -1056,21 +1042,13 @@ HTML;
          */
         if (!$this->DisabledFlag && $this->NewTorrent) {
             $TorrentMirrors = display_str($Torrent['Mirrors']);
-            echo <<<HTML
-            <tr id="mirrors_tr">
-              <td>
-                <label for="mirrors">
-                  Mirrors
-                </label>
-              </td>
-              
-              <td>
-                <!-- Needs to be all on one line -->
-                <textarea rows="2" name="mirrors" id="mirrors"
-                  placeholder="Up to two FTP/HTTP addresses that either point directly to a file, or for multi-file torrents, to the enclosing folder">$TorrentMirrors</textarea>
-              </td>
-            </tr>
-HTML;
+            echo $Twig->render(
+                'torrent_form/mirrors.html',
+                [
+                  'db' => $ENV->DB->mirrors,
+                  'mirrors' => $TorrentMirrors,
+              ]
+            );
         }
 
 

classes/twig.class.php

@@ -60,13 +60,16 @@ class Twig
     private static function factory(): \Twig\Environment
     {
         $ENV = ENV::go();
+
+        # https://twig.symfony.com/doc/3.x/api.html
         $Twig = new \Twig\Environment(
             new \Twig\Loader\FilesystemLoader("$ENV->SERVER_ROOT/templates"),
             [
                 'auto_reload' => true,
-                'autoescape' => 'html',
-                'cache' => "$ENV->WEB_ROOT/cache/twig"
+                'autoescape' => 'name',
+                'cache' => "$ENV->WEB_ROOT/cache/twig",
                 #'debug' => DEBUG_MODE,
+                'strict_variables' => true,
         ]
         );
 

readme.md

@@ -1,9 +1,11 @@
 # BioTorrents.de Gazelle
 
 This software is twice removed from the original
-[What.cd Gazelle](https://github.com/WhatCD/Gazelle):
-it's based on the security hardened PHP7 fork
+[What.cd Gazelle](https://github.com/WhatCD/Gazelle).
+It's based on the security hardened PHP7 fork
 [Oppaitime Gazelle](https://git.oppaiti.me/Oppaitime/Gazelle).
+It shares several features with
+[Orpheus Gazelle](https://github.com/OPSnet/Gazelle).
 The goal is to organize a functional database with pleasant interfaces,
 and render insightful views using data from robust external sources.
 
@@ -23,6 +25,7 @@ BioTorrents.de supports an array of
 with the appropriate bold/italic glyphs and monospace.
 These options are available to every theme.
 Font Awesome 5 is also universally available.
+[Download the fonts](https://docs.biotorrents.de/dl/fonts.tgz).
 
 ## Markdown support
 
@@ -36,30 +39,46 @@ Support for the default Gazelle recursive regex BBcode parser.
 ## $ENV recursive singleton
 
 [The site configuration](classes/config.template.php)
-is being migrated to a format govered by
-[the ENV special class](classes/env.class.php)
-for modified ArrayObjects.
-This is useful for several reasons:
-
-- prevents multiple configs loaded in memory;
-- ensures the config's immutability;
-- doesn't pollute the constants table;
-- allows public (echoed) and private (accessed) values;
-- supports large, nested static metadata structures;
-- able to scope access to the function level;
-- easy to extend ENV with new class methods;
-- good interoperability potential with JSON; and
-- native PHP ArrayObject support with Array compatibility.
+is being migrated to a format govered by the
+[ENV special class](classes/env.class.php)
+for modified recursive ArrayObjects.
 
 ## Twig template system
 
-Similar to ENV,
-[the Twig interface](classes/twig.class.php)
+Similar to ENV, the
+[Twig interface](classes/twig.class.php)
 operates as a singleton because it's an external module with its own cache.
 Twig provides a security benefit by escaping rendered output,
 and a secondary benefit of clarifying the PHP running the site sections.
-Several custom filters are available from
-[Orpheus Gazelle](https://github.com/OPSnet/Gazelle).
+Several custom filters are available from OPS.
+
+## Active data minimization
+
+BioTorrents.de has
+[real lawyer-vetted policies](templates/legal).
+In the process of matching the tech to the legal word,
+we dropped support for a number of compromising features:
+
+- Bitcoin, PayPal, and currency exchange API and system calls;
+- Bitcoin addresses, user donation history, and similar metadata; and
+- IP address and geolocation, email address, passphrase, and passkey history.
+
+Besides that, BioTorrents has several passive developments in progress:
+
+- prepare all queries with parameterized statements;
+- declare strict mode at the top of every PHP and JS file;
+- check strict equality and strong typing, including function arguments;
+- run all files through generic formatters such as PHP-CS-Fixer; and
+- move all external libraries to uncomplicated package management.
+
+## Minor changes
+
+- Database crypto bumped up to AES-256
+- Good subresource integrity support
+- Configurable HTTP status code errors
+- Integrated diceware passphrase generator
+- TLS database connections
+- Semantic HTML5 themes (WIP)
 
 # Changelog: WCD → OT
 

sections/login/login.php

@@ -1,6 +1,9 @@
 <?php
 declare(strict_types=1);
 
+$ENV = ENV::go();
+$Twig = Twig::go();
+
 View::show_header('Login'); ?>
 
 <p class="center mouseless">
@@ -47,7 +50,15 @@ if (!$Banned) { ?>
 
     <tr>
       <td>
-        <?= Input::passphrase() ?>
+        <?=
+        $Twig->render('input/passphrase.html', [
+          'name' => 'password',
+          'id' => 'password',
+          'placeholder' => 'Passphrase',
+          'pw_min' => $ENV->PW_MIN,
+          'pw_max' => $ENV->PW_MAX,
+          'advice' => false,
+        ]) ?>
       </td>
 
       <td>
@@ -76,8 +87,8 @@ else { ?>
 
 if ($Attempts > 0) { ?>
 <p class="center">
-  Forgot your password?
-  <a href="login.php?act=recover" class="tooltip" title="Recover your password">Reset it here!</a>
+  Forgot your passphrase?
+  <a href="login.php?act=recover" class="tooltip" title="Recover your passphrase">Reset it here!</a>
 </p>
 
 <?php

sections/login/recover_step2.php

@@ -2,8 +2,9 @@
 declare(strict_types=1);
 
 $ENV = ENV::go();
-View::show_header('Recover Password', 'validate,password_validate');
+$Twig = Twig::go();
 
+View::show_header('Recover Password', 'validate,password_validate');
 echo '<h2>Reset your password</h2>';
 
 if (empty($PassWasReset)) {
@@ -22,11 +23,12 @@ if (empty($PassWasReset)) {
       </td>
 
       <td>
-        <?= Input::passphrase($Name = 'password', $ID='new_pass_1', $Placeholder = 'New passphrase') ?>
-        <!--
-        <input type="password" minlength="15" name="password" id="new_pass_1" class="inputtext" size="40"
-          placeholder="New Password" pattern=".{15,307200}" required style="width: 250px !important;">
-        -->
+        <?=
+        $Twig->render('input/passphrase.html', [
+          'name' => 'password',
+          'id' => 'new_pass_1',
+          'placeholder' => 'New passphrase'
+        ]) ?>
       </td>
     </tr>
 
@@ -35,11 +37,12 @@ if (empty($PassWasReset)) {
         <strong id="pass_match"></strong>
       </td>
       <td>
-        <?= Input::passphrase($Name = 'verifypassword', $ID='new_pass_2', $Placeholder = 'Confirm passphrase') ?>
-        <!--
-        <input type="password" minlength="15" name="verifypassword" id="new_pass_2" class="inputtext" size="40"
-          placeholder="Confirm Password" pattern=".{15,307200}" required style="width: 250px !important;">
-        -->
+      <?=
+        $Twig->render('input/passphrase.html', [
+          'name' => 'verifypassword',
+          'id' => 'new_pass_2',
+          'placeholder' => 'Confirm passphrase'
+        ]) ?>
       </td>
     </tr>
 

templates/input/passphrase.html

@@ -0,0 +1,24 @@
+<input
+  type="password"
+  name="{{ name|default('password') }}"
+  id="{{ id|default('password') }}"
+  placeholder="{{ placeholder|default('passphrase') }}"
+  minlength="{{ pw_min|default('15') }}"
+  maxlength="{{ pw_max|default('10000') }}"
+  pattern=".{ {{ pw_min }},{{ pw_max }} }"
+  class="inputtext"
+  autocomplete="off"
+  required="required"
+/>
+
+<strong id="pass_match"></strong>
+
+{% if advice == true %}
+<p>
+  Any password {{ pw_min }} characters or longer is accepted, but a strong password
+  <ul>
+    <li>is a pass<em>phrase</em> of mixed case with many small words,</li>
+    <li>that contains complex characters including Unicode and emoji.</li>
+  </ul>
+</p>
+{% endif %}

templates/torrent_form/mirrors.html

@@ -0,0 +1,14 @@
+<tr id="mirrors_tr">
+  <td>
+    <label for="mirrors">{{ db.name }}</label>
+  </td>
+
+  <td>
+    <textarea
+      rows="2"
+      name="mirrors"
+      id="mirrors"
+      {# Needs to be all on one line #}
+      placeholder="{{ db.desc }}">{{ mirrors }}</textarea>
+  </td>
+</tr>

templates/torrent_form/picture.html

@@ -0,0 +1,16 @@
+<tr id="cover_tr">
+  <td>
+    <label for="image">{{db.name }}</label>
+  </td>
+
+  <td>
+    <input
+      type="text"
+      id="image"
+      name="image"
+      size="60"
+      placeholder="{{ db.desc }}"
+      value="{{ picture }}"
+    />
+  </td>
+</tr>

templates/torrent_form/version.html

@@ -10,10 +10,10 @@
       name="version"
       size="12"
       pattern="\d+\.*\d*\.*\d*"
-      placeholder="{{ db.desc}}"
+      placeholder="{{ db.desc }}"
       value="{{ version }}"
     />
 
-    <p>{{ note }}</p>
+    <p>{{ db.note|raw }}</p>
   </td>
 </tr>