Fix formatting according to PSR-12
Anonymous Contributor
parent
9a5182816f
commit
120fb3772e
|
|
@ -4,26 +4,22 @@
|
||||||
</head>
|
</head>
|
||||||
<body style="background-image: url('./style/images/fabric-pattern.png')">
|
<body style="background-image: url('./style/images/fabric-pattern.png')">
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT UserID,RegionID FROM Presence WHERE RegionID != '00000000-0000-0000-0000-000000000000' ORDER BY RegionID ASC");
|
$statement = $RUNTIME['PDO']->prepare("SELECT UserID,RegionID FROM Presence WHERE RegionID != '00000000-0000-0000-0000-000000000000' ORDER BY RegionID ASC");
|
||||||
$statement->execute();
|
$statement->execute();
|
||||||
|
|
||||||
if($statement->rowCount() == 0)
|
if ($statement->rowCount() == 0) {
|
||||||
{
|
|
||||||
echo "<h1>Es ist niemand online!</h1>";
|
echo "<h1>Es ist niemand online!</h1>";
|
||||||
}else{
|
} else {
|
||||||
|
|
||||||
echo '<table style="width:350px;margin-left:auto;margin-right:auto;margin-top:25px"><tr><th align="left" style="background-color: #FF8000;">Name</th><th align="left" style="background-color: #FF8000;">Region</th></tr>';
|
echo '<table style="width:350px;margin-left:auto;margin-right:auto;margin-top:25px"><tr><th align="left" style="background-color: #FF8000;">Name</th><th align="left" style="background-color: #FF8000;">Region</th></tr>';
|
||||||
$entryColor = TRUE;
|
$entryColor = true;
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
while($row = $statement->fetch())
|
while ($row = $statement->fetch()) {
|
||||||
{
|
if ($entryColor) {
|
||||||
if($entryColor == TRUE)
|
|
||||||
$entry = '<tr style="background-color: #F2F2F2;"><td>'.trim($opensim->getUserName($row['UserID'])).'</td><td>'.$opensim->getRegionName($row['RegionID']).'</td></tr>';
|
$entry = '<tr style="background-color: #F2F2F2;"><td>'.trim($opensim->getUserName($row['UserID'])).'</td><td>'.$opensim->getRegionName($row['RegionID']).'</td></tr>';
|
||||||
|
} else {
|
||||||
if($entryColor == FALSE)
|
|
||||||
$entry = '<tr style="background-color: #E6E6E6;"><td>'.trim($opensim->getUserName($row['UserID'])).'</td><td>'.$opensim->getRegionName($row['RegionID']).'</td></tr>';
|
$entry = '<tr style="background-color: #E6E6E6;"><td>'.trim($opensim->getUserName($row['UserID'])).'</td><td>'.$opensim->getRegionName($row['RegionID']).'</td></tr>';
|
||||||
|
}
|
||||||
|
|
||||||
echo $entry;
|
echo $entry;
|
||||||
$entryColor = !$entryColor;
|
$entryColor = !$entryColor;
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
$HTML = new HTML();
|
$HTML = new HTML();
|
||||||
|
|
@ -7,12 +7,9 @@
|
||||||
$HTML->importHTML("viewerWelcomeImages.html");
|
$HTML->importHTML("viewerWelcomeImages.html");
|
||||||
|
|
||||||
$IMAGES = array();
|
$IMAGES = array();
|
||||||
if ($handle = opendir('./data/viewerWelcomeImages'))
|
if ($handle = opendir('./data/viewerWelcomeImages')) {
|
||||||
{
|
while (false !== ($entry = readdir($handle))) {
|
||||||
while (false !== ($entry = readdir($handle)))
|
if ($entry != "." && $entry != "..") {
|
||||||
{
|
|
||||||
if ($entry != "." && $entry != "..")
|
|
||||||
{
|
|
||||||
$IMAGES = array_merge($IMAGES, array("./data/viewerWelcomeImages/".$entry));
|
$IMAGES = array_merge($IMAGES, array("./data/viewerWelcomeImages/".$entry));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -32,4 +29,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -3,27 +3,29 @@ class FormValidator {
|
||||||
|
|
||||||
private array $fieldValidation;
|
private array $fieldValidation;
|
||||||
|
|
||||||
public function __construct(array $fieldValidation) {
|
public function __construct(array $fieldValidation)
|
||||||
|
{
|
||||||
$this->fieldValidation = $fieldValidation;
|
$this->fieldValidation = $fieldValidation;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function isValid(array $req) {
|
public function isValid(array $req): bool
|
||||||
if(!isset($req['csrf']) || $req['csrf'] !== $_SESSION['csrf']) {
|
{
|
||||||
|
if (!isset($req['csrf']) || $req['csrf'] !== $_SESSION['csrf']) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach($this->fieldValidation as $field => $params) {
|
foreach ($this->fieldValidation as $field => $params) {
|
||||||
if(isset($req[$field]) && strlen(trim($req[$field])) > 0) {
|
if (isset($req[$field]) && strlen(trim($req[$field])) > 0) {
|
||||||
if(isset($params['regex'])) {
|
if (isset($params['regex'])) {
|
||||||
if(!preg_match($params['regex'], $req[$field])) {
|
if (!preg_match($params['regex'], $req[$field])) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if(isset($params['equals']) && $params['equals'] !== $req[$field]) {
|
elseif (isset($params['equals']) && $params['equals'] !== $req[$field]) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if(isset($params['required']) && $params['required']) {
|
elseif (isset($params['required']) && $params['required']) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -32,4 +34,3 @@ class FormValidator {
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
?>
|
|
||||||
|
|
@ -13,13 +13,11 @@
|
||||||
$statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID FROM UserAccounts WHERE FirstName = ? AND LastName = ? LIMIT 1");
|
$statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID FROM UserAccounts WHERE FirstName = ? AND LastName = ? LIMIT 1");
|
||||||
$statementUser->execute($nameParts);
|
$statementUser->execute($nameParts);
|
||||||
|
|
||||||
while($rowUser = $statementUser->fetch())
|
while($rowUser = $statementUser->fetch()) {
|
||||||
{
|
|
||||||
$statementAuth = $RUNTIME['PDO']->prepare("SELECT passwordHash,passwordSalt FROM auth WHERE UUID = ? LIMIT 1");
|
$statementAuth = $RUNTIME['PDO']->prepare("SELECT passwordHash,passwordSalt FROM auth WHERE UUID = ? LIMIT 1");
|
||||||
$statementAuth->execute(array($rowUser['PrincipalID']));
|
$statementAuth->execute(array($rowUser['PrincipalID']));
|
||||||
|
|
||||||
while($rowAuth = $statementAuth->fetch())
|
if ($rowAuth = $statementAuth->fetch()) {
|
||||||
{
|
|
||||||
return md5(md5($_POST['password']).":".$rowAuth['passwordSalt']) == $rowAuth['passwordHash'];
|
return md5(md5($_POST['password']).":".$rowAuth['passwordSalt']) == $rowAuth['passwordHash'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -31,17 +29,18 @@
|
||||||
{
|
{
|
||||||
global $RUNTIME;
|
global $RUNTIME;
|
||||||
|
|
||||||
if($userID == "00000000-0000-0000-0000-000000000000")
|
if ($userID == "00000000-0000-0000-0000-000000000000") {
|
||||||
return "Unknown User";
|
return "Unknown User";
|
||||||
|
}
|
||||||
|
|
||||||
if(isset($RUNTIME['CACHE']['USERNAME'][$userID]))
|
if (isset($RUNTIME['CACHE']['USERNAME'][$userID])) {
|
||||||
return $RUNTIME['CACHE']['USERNAME'][$userID];
|
return $RUNTIME['CACHE']['USERNAME'][$userID];
|
||||||
|
}
|
||||||
|
|
||||||
$statementUser = $RUNTIME['PDO']->prepare("SELECT FirstName,LastName FROM UserAccounts WHERE PrincipalID = ?");
|
$statementUser = $RUNTIME['PDO']->prepare("SELECT FirstName,LastName FROM UserAccounts WHERE PrincipalID = ?");
|
||||||
$statementUser->execute(array($userID));
|
$statementUser->execute(array($userID));
|
||||||
|
|
||||||
while($rowUser = $statementUser->fetch())
|
if ($rowUser = $statementUser->fetch()) {
|
||||||
{
|
|
||||||
$RUNTIME['CACHE']['USERNAME'][$userID] = $rowUser['FirstName']." ".$rowUser['LastName'];
|
$RUNTIME['CACHE']['USERNAME'][$userID] = $rowUser['FirstName']." ".$rowUser['LastName'];
|
||||||
return $rowUser['FirstName']." ".$rowUser['LastName'];
|
return $rowUser['FirstName']." ".$rowUser['LastName'];
|
||||||
}
|
}
|
||||||
|
|
@ -49,57 +48,53 @@
|
||||||
$statementGridUser = $RUNTIME['PDO']->prepare("SELECT UserID FROM GridUser");
|
$statementGridUser = $RUNTIME['PDO']->prepare("SELECT UserID FROM GridUser");
|
||||||
$statementGridUser->execute();
|
$statementGridUser->execute();
|
||||||
|
|
||||||
while($rowGridUser = $statementGridUser->fetch())
|
while ($rowGridUser = $statementGridUser->fetch()) {
|
||||||
{
|
$userData = explode(";", $rowGridUser['UserID']);
|
||||||
$UserData = explode(";", $rowGridUser['UserID']);
|
|
||||||
|
|
||||||
if(count($UserData) >= 3)
|
if (count($userData) >= 3) {
|
||||||
{
|
$dbUserID = $userData[0];
|
||||||
$DBUserID = $UserData[0];
|
$dbUserName = $userData[2];
|
||||||
$DBUserName = $UserData[2];
|
|
||||||
|
|
||||||
$RUNTIME['CACHE']['USERNAME'][$userID] = $DBUserName;
|
$RUNTIME['CACHE']['USERNAME'][$userID] = $dbUserName;
|
||||||
|
|
||||||
if($DBUserID == $userID)
|
if ($dbUserID == $userID) {
|
||||||
return $DBUserName;
|
return $dbUserName;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$statementFriends = $RUNTIME['PDO']->prepare("SELECT PrincipalID FROM Friends");
|
$statementFriends = $RUNTIME['PDO']->prepare("SELECT PrincipalID FROM Friends");
|
||||||
$statementFriends->execute();
|
$statementFriends->execute();
|
||||||
|
|
||||||
while($rowFriends = $statementFriends->fetch())
|
while ($rowFriends = $statementFriends->fetch()) {
|
||||||
{
|
$userData = explode(";", $rowFriends['PrincipalID']);
|
||||||
$UserData = explode(";", $rowFriends['PrincipalID']);
|
|
||||||
|
|
||||||
if(count($UserData) == 4)
|
if (count($userData) == 4) {
|
||||||
{
|
$dbUserID = $userData[0];
|
||||||
$DBUserID = $UserData[0];
|
$dbUserName = $userData[2];
|
||||||
$DBUserName = $UserData[2];
|
|
||||||
|
|
||||||
$RUNTIME['CACHE']['USERNAME'][$userID] = $DBUserName;
|
$RUNTIME['CACHE']['USERNAME'][$userID] = $dbUserName;
|
||||||
|
|
||||||
if($DBUserID == $userID)
|
if ($dbUserID == $userID) {
|
||||||
return $DBUserName;
|
return $dbUserName;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return "Unknown User";
|
return "Unknown User";
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getUserUUID($UserName)
|
public function getUserUUID($userName)
|
||||||
{
|
{
|
||||||
global $RUNTIME;
|
global $RUNTIME;
|
||||||
|
|
||||||
$statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID,FirstName,LastName FROM UserAccounts");
|
$statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID,FirstName,LastName FROM UserAccounts");
|
||||||
$statementUser->execute();
|
$statementUser->execute();
|
||||||
|
|
||||||
while($rowUser = $statementUser->fetch())
|
while ($rowUser = $statementUser->fetch()) {
|
||||||
{
|
$sqlUserName = $rowUser['FirstName']." ".$rowUser['LastName'];
|
||||||
$SQLUserName = $rowUser['FirstName']." ".$rowUser['LastName'];
|
|
||||||
|
|
||||||
if($SQLUserName == $UserName)
|
if ($sqlUserName == $userName) {
|
||||||
{
|
|
||||||
return $rowUser['PrincipalID'];
|
return $rowUser['PrincipalID'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -114,8 +109,7 @@
|
||||||
$statementRegion = $RUNTIME['PDO']->prepare("SELECT regionName FROM regions WHERE uuid = ?");
|
$statementRegion = $RUNTIME['PDO']->prepare("SELECT regionName FROM regions WHERE uuid = ?");
|
||||||
$statementRegion->execute(array($regionID));
|
$statementRegion->execute(array($regionID));
|
||||||
|
|
||||||
while($rowRegion = $statementRegion->fetch())
|
if ($rowRegion = $statementRegion->fetch()) {
|
||||||
{
|
|
||||||
return $rowRegion['regionName'];
|
return $rowRegion['regionName'];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -129,11 +123,11 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT profilePartner FROM userprofile WHERE useruuid = ?");
|
$statement = $RUNTIME['PDO']->prepare("SELECT profilePartner FROM userprofile WHERE useruuid = ?");
|
||||||
$statement->execute(array($userID));
|
$statement->execute(array($userID));
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
while ($row = $statement->fetch()) {
|
||||||
{
|
if ($row['profilePartner'] != "00000000-0000-0000-0000-000000000000") {
|
||||||
if($row['profilePartner'] != "00000000-0000-0000-0000-000000000000")
|
|
||||||
return $row['profilePartner'];
|
return $row['profilePartner'];
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
@ -145,8 +139,7 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT imviaemail FROM usersettings WHERE useruuid = ?");
|
$statement = $RUNTIME['PDO']->prepare("SELECT imviaemail FROM usersettings WHERE useruuid = ?");
|
||||||
$statement->execute(array($userID));
|
$statement->execute(array($userID));
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
if ($row = $statement->fetch()) {
|
||||||
{
|
|
||||||
return strtoupper($row['imviaemail']);
|
return strtoupper($row['imviaemail']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -160,8 +153,7 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT Email FROM UserAccounts WHERE PrincipalID = ?");
|
$statement = $RUNTIME['PDO']->prepare("SELECT Email FROM UserAccounts WHERE PrincipalID = ?");
|
||||||
$statement->execute(array($userID));
|
$statement->execute(array($userID));
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
if ($row = $statement->fetch()) {
|
||||||
{
|
|
||||||
return $row['Email'];
|
return $row['Email'];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -218,4 +210,3 @@
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
|
||||||
|
|
@ -1,19 +1,18 @@
|
||||||
<?php
|
<?php
|
||||||
function sendMessageToWebhook($webhook, $title, $message)
|
function sendMessageToWebhook($webhook, $title, $message)
|
||||||
{
|
{
|
||||||
$RAWmessage = file_get_contents("style/discordMessage.json");
|
$rawMessage = file_get_contents("style/discordMessage.json");
|
||||||
$RAWmessage = str_replace("%%message%%", $message, $RAWmessage);
|
$rawMessage = str_replace("%%message%%", $message, $rawMessage);
|
||||||
$RAWmessage = str_replace("%%title%%", $title, $RAWmessage);
|
$rawMessage = str_replace("%%title%%", $title, $rawMessage);
|
||||||
|
|
||||||
$options = [
|
$options = [
|
||||||
'http' => [
|
'http' => [
|
||||||
'method' => 'POST',
|
'method' => 'POST',
|
||||||
'header' => 'Content-Type: application/json',
|
'header' => 'Content-Type: application/json',
|
||||||
'timeout' => 3,
|
'timeout' => 3,
|
||||||
'content' => $RAWmessage
|
'content' => $rawMessage
|
||||||
]
|
]
|
||||||
];
|
];
|
||||||
|
|
||||||
$result = file_get_contents($webhook, false, stream_context_create($options));
|
file_get_contents($webhook, false, stream_context_create($options));
|
||||||
}
|
}
|
||||||
?>
|
|
||||||
|
|
@ -22,7 +22,8 @@ function right($str, $length)
|
||||||
return substr($str, -$length);
|
return substr($str, -$length);
|
||||||
}
|
}
|
||||||
|
|
||||||
function generateToken($length): string {
|
function generateToken($length): string
|
||||||
|
{
|
||||||
$chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
$chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
||||||
$res = "";
|
$res = "";
|
||||||
for($i = 0; $i < $length; $i++) {
|
for($i = 0; $i < $length; $i++) {
|
||||||
|
|
@ -32,17 +33,19 @@ function generateToken($length): string {
|
||||||
return $res;
|
return $res;
|
||||||
}
|
}
|
||||||
|
|
||||||
function htmlToPlain($message): string {
|
function htmlToPlain($message): string
|
||||||
|
{
|
||||||
$messageNew = str_replace('<br/>', "\n", $message);
|
$messageNew = str_replace('<br/>', "\n", $message);
|
||||||
$messageNew = preg_replace('/<a href="(.*)">(.*)<\\/a>/', "$2: $1", $messageNew);
|
$messageNew = preg_replace('/<a href="(.*)">(.*)<\\/a>/', "$2: $1", $messageNew);
|
||||||
return $messageNew;
|
return $messageNew;
|
||||||
}
|
}
|
||||||
|
|
||||||
function sendMail($email, $message, $subject, $title, $preheader): bool {
|
function sendMail($email, $message, $subject, $title, $preheader): bool
|
||||||
include_once('lib/phpmailer/Exception.php');
|
{
|
||||||
include_once('lib/phpmailer/PHPMailer.php');
|
include_once 'lib/phpmailer/Exception.php';
|
||||||
include_once('lib/phpmailer/SMTP.php');
|
include_once 'lib/phpmailer/PHPMailer.php';
|
||||||
include_once('app/HTML.php');
|
include_once 'lib/phpmailer/SMTP.php';
|
||||||
|
include_once 'app/HTML.php';
|
||||||
global $RUNTIME;
|
global $RUNTIME;
|
||||||
|
|
||||||
$mailer = new PHPMailer(true);
|
$mailer = new PHPMailer(true);
|
||||||
|
|
@ -78,18 +81,16 @@ function sendMail($email, $message, $subject, $title, $preheader): bool {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function getDataFromHTTP($URL, $contend = "", $requestTyp = "application/text")
|
function getDataFromHTTP($url, $content = "", $requestTyp = "application/text")
|
||||||
{
|
{
|
||||||
try
|
try {
|
||||||
{
|
if ($content != "") {
|
||||||
if($contend != "")
|
return file_get_contents($url, true, stream_context_create(array('http' => array('header' => 'Content-type: '.$requestTyp, 'method' => 'POST', 'timeout' => 0.5, 'content' => $content))));
|
||||||
{
|
} else {
|
||||||
return file_get_contents($URL, true, stream_context_create(array('http' => array('header' => 'Content-type: '.$requestTyp, 'method' => 'POST', 'timeout' => 0.5, 'content' => $contend))));
|
return file_get_contents($url);
|
||||||
}else{
|
|
||||||
return file_get_contents($URL);
|
|
||||||
}
|
}
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
echo "(HTTP REQUEST) error while conntect to remote server. : ".$URL;
|
echo "(HTTP REQUEST) error while conntect to remote server. : ".$url;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -98,4 +99,3 @@ function sendInworldIM($fromUUID, $toUUID, $fromName, $targetURL, $text)
|
||||||
$rawXML = "<?xml version=\"1.0\" encoding=\"utf-8\"?><methodCall><methodName>grid_instant_message</methodName><params><param><value><struct><member><name>position_x</name><value><string>0</string></value></member><member><name>position_y</name><value><string>0</string></value></member><member><name>position_z</name><value><string>0</string></value></member><member><name>to_agent_id</name><value><string>".$toUUID."</string></value></member><member><name>from_agent_session</name><value><string>00000000-0000-0000-0000-000000000000</string></value></member><member><name>im_session_id</name><value><string>".$fromUUID."</string></value></member><member><name>from_agent_name</name><value><string>".$fromName."</string></value></member><member><name>from_agent_id</name><value><string>".$fromUUID."</string></value></member><member><name>binary_bucket</name><value><string>AA==</string></value></member><member><name>region_handle</name><value><i4>0</i4></value></member><member><name>region_id</name><value><string>00000000-0000-0000-0000-000000000000</string></value></member><member><name>parent_estate_id</name><value><string>1</string></value></member><member><name>timestamp</name><value><string>".time()."</string></value></member><member><name>dialog</name><value><string>AA==</string></value></member><member><name>offline</name><value><string>AA==</string></value></member><member><name>from_group</name><value><string>FALSE</string></value></member><member><name>message</name><value><string>".$text."</string></value></member></struct></value></param></params></methodCall>";
|
$rawXML = "<?xml version=\"1.0\" encoding=\"utf-8\"?><methodCall><methodName>grid_instant_message</methodName><params><param><value><struct><member><name>position_x</name><value><string>0</string></value></member><member><name>position_y</name><value><string>0</string></value></member><member><name>position_z</name><value><string>0</string></value></member><member><name>to_agent_id</name><value><string>".$toUUID."</string></value></member><member><name>from_agent_session</name><value><string>00000000-0000-0000-0000-000000000000</string></value></member><member><name>im_session_id</name><value><string>".$fromUUID."</string></value></member><member><name>from_agent_name</name><value><string>".$fromName."</string></value></member><member><name>from_agent_id</name><value><string>".$fromUUID."</string></value></member><member><name>binary_bucket</name><value><string>AA==</string></value></member><member><name>region_handle</name><value><i4>0</i4></value></member><member><name>region_id</name><value><string>00000000-0000-0000-0000-000000000000</string></value></member><member><name>parent_estate_id</name><value><string>1</string></value></member><member><name>timestamp</name><value><string>".time()."</string></value></member><member><name>dialog</name><value><string>AA==</string></value></member><member><name>offline</name><value><string>AA==</string></value></member><member><name>from_group</name><value><string>FALSE</string></value></member><member><name>message</name><value><string>".$text."</string></value></member></struct></value></param></params></methodCall>";
|
||||||
getDataFromHTTP($targetURL, $rawXML, "text/xml");
|
getDataFromHTTP($targetURL, $rawXML, "text/xml");
|
||||||
}
|
}
|
||||||
?>
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
$statement = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS `iarstates` (`userID` VARCHAR(36) NOT NULL COLLATE 'utf8_unicode_ci', `filesize` BIGINT(20) NOT NULL DEFAULT '0', `iarfilename` VARCHAR(64) NOT NULL COLLATE 'utf8_unicode_ci', `running` INT(1) NOT NULL DEFAULT '0', PRIMARY KEY (`userID`) USING BTREE) COLLATE='utf8_unicode_ci' ENGINE=InnoDB;");
|
$statement = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS `iarstates` (`userID` VARCHAR(36) NOT NULL COLLATE 'utf8_unicode_ci', `filesize` BIGINT(20) NOT NULL DEFAULT '0', `iarfilename` VARCHAR(64) NOT NULL COLLATE 'utf8_unicode_ci', `running` INT(1) NOT NULL DEFAULT '0', PRIMARY KEY (`userID`) USING BTREE) COLLATE='utf8_unicode_ci' ENGINE=InnoDB;");
|
||||||
|
|
@ -8,25 +8,22 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT userID,iarfilename,filesize FROM iarstates WHERE running = 1 LIMIT 1");
|
$statement = $RUNTIME['PDO']->prepare("SELECT userID,iarfilename,filesize FROM iarstates WHERE running = 1 LIMIT 1");
|
||||||
$statement->execute();
|
$statement->execute();
|
||||||
|
|
||||||
if($row = $statement->fetch())
|
if ($row = $statement->fetch()) {
|
||||||
{
|
|
||||||
$email = $opensim->getUserMail($row['userID']);
|
$email = $opensim->getUserMail($row['userID']);
|
||||||
|
|
||||||
$fullFilePath = "/var/www/html/data/".$row['iarfilename'];
|
$fullFilePath = "/var/www/html/data/".$row['iarfilename'];
|
||||||
|
|
||||||
echo "Aktive IAR für ".$opensim->getUserName($row['userID'])." gefunden. File: ".$fullFilePath."\n";
|
echo "Aktive IAR für ".$opensim->getUserName($row['userID'])." gefunden. File: ".$fullFilePath."\n";
|
||||||
|
|
||||||
if(file_exists($fullFilePath))
|
if (file_exists($fullFilePath)) {
|
||||||
{
|
|
||||||
$filesize = filesize($fullFilePath);
|
$filesize = filesize($fullFilePath);
|
||||||
|
|
||||||
if($filesize != $row['filesize'])
|
if ($filesize != $row['filesize']) {
|
||||||
{
|
|
||||||
$statementUpdate = $RUNTIME['PDO']->prepare('UPDATE iarstates SET filesize = :filesize WHERE userID = :userID');
|
$statementUpdate = $RUNTIME['PDO']->prepare('UPDATE iarstates SET filesize = :filesize WHERE userID = :userID');
|
||||||
$statementUpdate->execute(['filesize' => $filesize, 'userID' => $row['userID']]);
|
$statementUpdate->execute(['filesize' => $filesize, 'userID' => $row['userID']]);
|
||||||
|
|
||||||
echo "Status der IAR für ".$opensim->getUserName($row['userID']).": Speichert...\n";
|
echo "Status der IAR für ".$opensim->getUserName($row['userID']).": Speichert...\n";
|
||||||
}else{
|
} else {
|
||||||
$APIURL = $RUNTIME['SIDOMAN']['URL']."api.php?CONTAINER=".$RUNTIME['SIDOMAN']['CONTAINER']."&KEY=".$RUNTIME['SIDOMAN']['PASSWORD']."&METODE=RESTART";
|
$APIURL = $RUNTIME['SIDOMAN']['URL']."api.php?CONTAINER=".$RUNTIME['SIDOMAN']['CONTAINER']."&KEY=".$RUNTIME['SIDOMAN']['PASSWORD']."&METODE=RESTART";
|
||||||
$APIResult = file_get_contents($APIURL);
|
$APIResult = file_get_contents($APIURL);
|
||||||
echo "Status der IAR für ".$opensim->getUserName($row['userID']).": Sende Mail...\n";
|
echo "Status der IAR für ".$opensim->getUserName($row['userID']).": Sende Mail...\n";
|
||||||
|
|
@ -35,7 +32,7 @@
|
||||||
|
|
||||||
sendInworldIM("00000000-0000-0000-0000-000000000000", $row['userID'], "Inventory", $RUNTIME['GRID']['HOMEURL'], "Deine IAR ist fertig zum Download: ".$RUNTIME['IAR']['BASEURL'].$row['iarfilename']);
|
sendInworldIM("00000000-0000-0000-0000-000000000000", $row['userID'], "Inventory", $RUNTIME['GRID']['HOMEURL'], "Deine IAR ist fertig zum Download: ".$RUNTIME['IAR']['BASEURL'].$row['iarfilename']);
|
||||||
}
|
}
|
||||||
}else{
|
} else {
|
||||||
$name = explode(" ", $opensim->getUserName($row['userID']));
|
$name = explode(" ", $opensim->getUserName($row['userID']));
|
||||||
|
|
||||||
$APIURL = $RUNTIME['SIDOMAN']['URL']."api.php?CONTAINER=".$RUNTIME['SIDOMAN']['CONTAINER']."&KEY=".$RUNTIME['SIDOMAN']['PASSWORD']."&METODE=COMMAND&COMMAND=".urlencode("save iar ".$name[0]." ".$name[1]." /* PASSWORD /downloads/".$row['iarfilename']);
|
$APIURL = $RUNTIME['SIDOMAN']['URL']."api.php?CONTAINER=".$RUNTIME['SIDOMAN']['CONTAINER']."&KEY=".$RUNTIME['SIDOMAN']['PASSWORD']."&METODE=COMMAND&COMMAND=".urlencode("save iar ".$name[0]." ".$name[1]." /* PASSWORD /downloads/".$row['iarfilename']);
|
||||||
|
|
@ -43,12 +40,11 @@
|
||||||
|
|
||||||
echo "IAR für ".$name[0]." ".$name[1]." wurde gestartet: Status: ".$APIResult."\n";
|
echo "IAR für ".$name[0]." ".$name[1]." wurde gestartet: Status: ".$APIResult."\n";
|
||||||
}
|
}
|
||||||
}else{
|
} else {
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT userID,iarfilename FROM iarstates WHERE running = 0 LIMIT 1");
|
$statement = $RUNTIME['PDO']->prepare("SELECT userID,iarfilename FROM iarstates WHERE running = 0 LIMIT 1");
|
||||||
$statement->execute();
|
$statement->execute();
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
while ($row = $statement->fetch()) {
|
||||||
{
|
|
||||||
$statementUpdate = $RUNTIME['PDO']->prepare('UPDATE iarstates SET running = :running WHERE userID = :userID');
|
$statementUpdate = $RUNTIME['PDO']->prepare('UPDATE iarstates SET running = :running WHERE userID = :userID');
|
||||||
$statementUpdate->execute(['running' => 1, 'userID' => $row['userID']]);
|
$statementUpdate->execute(['running' => 1, 'userID' => $row['userID']]);
|
||||||
|
|
||||||
|
|
@ -60,5 +56,3 @@
|
||||||
echo "IAR für ".$name[0]." ".$name[1]." wurde gestartet: Status: ".$APIResult."\n";
|
echo "IAR für ".$name[0]." ".$name[1]." wurde gestartet: Status: ".$APIResult."\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
|
||||||
|
|
@ -4,8 +4,7 @@ $statement->execute();
|
||||||
|
|
||||||
$count = 0;
|
$count = 0;
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
while ($row = $statement->fetch()) {
|
||||||
{
|
|
||||||
$fileNameParts = array();
|
$fileNameParts = array();
|
||||||
$fileNameParts[0] = substr($row['hash'], 0, 2);
|
$fileNameParts[0] = substr($row['hash'], 0, 2);
|
||||||
$fileNameParts[1] = substr($row['hash'], 2, 2);
|
$fileNameParts[1] = substr($row['hash'], 2, 2);
|
||||||
|
|
@ -17,9 +16,9 @@ while($row = $statement->fetch())
|
||||||
$fileNameParts['UUID'] = $row['id'];
|
$fileNameParts['UUID'] = $row['id'];
|
||||||
$fileNameParts['FilePath'] = "/data/assets/base/".$fileNameParts[0]."/".$fileNameParts[1]."/".$fileNameParts[2]."/".$fileNameParts[3]."/".$fileNameParts[4];
|
$fileNameParts['FilePath'] = "/data/assets/base/".$fileNameParts[0]."/".$fileNameParts[1]."/".$fileNameParts[2]."/".$fileNameParts[3]."/".$fileNameParts[4];
|
||||||
|
|
||||||
if(file_exists($fileNameParts['FilePath'])) {
|
if (file_exists($fileNameParts['FilePath'])) {
|
||||||
$filesize = filesize($fileNameParts['FilePath']);
|
$filesize = filesize($fileNameParts['FilePath']);
|
||||||
if($filesize === false) {
|
if ($filesize === false) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -30,11 +29,8 @@ while($row = $statement->fetch())
|
||||||
$fileNameParts['FileSize'] = $filesize;
|
$fileNameParts['FileSize'] = $filesize;
|
||||||
$fileNameParts['Count'] = $count++;
|
$fileNameParts['Count'] = $count++;
|
||||||
|
|
||||||
if($fileNameParts['FileSize'] == 0)
|
if ($fileNameParts['FileSize'] == 0) {
|
||||||
{
|
|
||||||
$add = $RUNTIME['PDO']->prepare('DELETE FROM fsassets WHERE hash = :fileHash');
|
$add = $RUNTIME['PDO']->prepare('DELETE FROM fsassets WHERE hash = :fileHash');
|
||||||
$add->execute(['fileHash' => $row['hash']]);
|
$add->execute(['fileHash' => $row['hash']]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
|
||||||
|
|
|
||||||
|
|
@ -17,5 +17,3 @@ i.assetID IN (
|
||||||
)");
|
)");
|
||||||
|
|
||||||
$InventarCheckStatement->execute();
|
$InventarCheckStatement->execute();
|
||||||
|
|
||||||
?>
|
|
||||||
|
|
@ -2,24 +2,25 @@
|
||||||
use PHPMailer\PHPMailer\PHPMailer;
|
use PHPMailer\PHPMailer\PHPMailer;
|
||||||
use PHPMailer\PHPMailer\SMTP;
|
use PHPMailer\PHPMailer\SMTP;
|
||||||
|
|
||||||
include_once('lib/phpmailer/Exception.php');
|
include_once 'lib/phpmailer/Exception.php';
|
||||||
include_once('lib/phpmailer/PHPMailer.php');
|
include_once 'lib/phpmailer/PHPMailer.php';
|
||||||
include_once('lib/phpmailer/SMTP.php');
|
include_once 'lib/phpmailer/SMTP.php';
|
||||||
|
|
||||||
$statement = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS im_offline_send (`id` int(6) NOT NULL DEFAULT 0) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci");
|
$statement = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS im_offline_send (`id` int(6) NOT NULL DEFAULT 0) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci");
|
||||||
$statement->execute();
|
$statement->execute();
|
||||||
|
|
||||||
function isMailAllreadySend($id)
|
function isMailAlreadySent($id)
|
||||||
{
|
{
|
||||||
GLOBAL $RUNTIME;
|
global $RUNTIME;
|
||||||
|
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM im_offline_send WHERE id = ? LIMIT 1");
|
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM im_offline_send WHERE id = ? LIMIT 1");
|
||||||
$statement->execute(array($id));
|
$statement->execute(array($id));
|
||||||
|
|
||||||
if($statement->rowCount() != 0)
|
if ($statement->rowCount() != 0) {
|
||||||
return TRUE;
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
return FALSE;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$IMTYP = array(
|
$IMTYP = array(
|
||||||
|
|
@ -41,18 +42,15 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT ID,PrincipalID,Message FROM im_offline");
|
$statement = $RUNTIME['PDO']->prepare("SELECT ID,PrincipalID,Message FROM im_offline");
|
||||||
$statement->execute();
|
$statement->execute();
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
while ($row = $statement->fetch()) {
|
||||||
{
|
include_once 'app/OpenSim.php';
|
||||||
include 'app/OpenSim.php';
|
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
$email = $opensim->getUserMail($row['PrincipalID']);
|
$email = $opensim->getUserMail($row['PrincipalID']);
|
||||||
$allowOfflineIM = $opensim->allowOfflineIM($row['PrincipalID']);
|
$allowOfflineIM = $opensim->allowOfflineIM($row['PrincipalID']);
|
||||||
|
|
||||||
if($email != "" && $allowOfflineIM == "TRUE")
|
if ($email != "" && $allowOfflineIM == "TRUE") {
|
||||||
{
|
if (!isMailAlreadySent($row['ID'])) {
|
||||||
if(isMailAllreadySend($row['ID']) == FALSE)
|
|
||||||
{
|
|
||||||
$statementSend = $RUNTIME['PDO']->prepare('INSERT INTO im_offline_send (id) VALUES (:idnummer)');
|
$statementSend = $RUNTIME['PDO']->prepare('INSERT INTO im_offline_send (id) VALUES (:idnummer)');
|
||||||
$statementSend->execute(['idnummer' => $row['ID']]);
|
$statementSend->execute(['idnummer' => $row['ID']]);
|
||||||
|
|
||||||
|
|
@ -71,21 +69,18 @@
|
||||||
|
|
||||||
$HTMLMESSAGE = "Du hast ".$IMTYP["".$XMLMESSAGE->dialog.""]." in ".$RUNTIME['GRID']['NAME']." bekommen. <br><p><ul><li>".htmlspecialchars($XMLMESSAGE->message)."</li></ul></p>Gesendet von: ";
|
$HTMLMESSAGE = "Du hast ".$IMTYP["".$XMLMESSAGE->dialog.""]." in ".$RUNTIME['GRID']['NAME']." bekommen. <br><p><ul><li>".htmlspecialchars($XMLMESSAGE->message)."</li></ul></p>Gesendet von: ";
|
||||||
|
|
||||||
if(isset($XMLMESSAGE->fromAgentName))
|
if (isset($XMLMESSAGE->fromAgentName)) {
|
||||||
$HTMLMESSAGE .= $XMLMESSAGE->fromAgentName;
|
$HTMLMESSAGE .= $XMLMESSAGE->fromAgentName;
|
||||||
|
}
|
||||||
|
|
||||||
if(isset($XMLMESSAGE->RegionID) && isset($XMLMESSAGE->Position))
|
if (isset($XMLMESSAGE->RegionID) && isset($XMLMESSAGE->Position)) {
|
||||||
{
|
if ($XMLMESSAGE->Position->X != 0 || $XMLMESSAGE->Position->X != 0 || $XMLMESSAGE->Position->X != 0) { //TODO
|
||||||
if($XMLMESSAGE->Position->X != 0 || $XMLMESSAGE->Position->X != 0 || $XMLMESSAGE->Position->X != 0)
|
|
||||||
{
|
|
||||||
$HTMLMESSAGE .= " @ ".$opensim->getRegionName($XMLMESSAGE->RegionID)."/".$XMLMESSAGE->Position->X."/".$XMLMESSAGE->Position->Y."/".$XMLMESSAGE->Position->Z;
|
$HTMLMESSAGE .= " @ ".$opensim->getRegionName($XMLMESSAGE->RegionID)."/".$XMLMESSAGE->Position->X."/".$XMLMESSAGE->Position->Y."/".$XMLMESSAGE->Position->Z;
|
||||||
}else{
|
} else {
|
||||||
$HTMLMESSAGE .= " @ ".$opensim->getRegionName($XMLMESSAGE->RegionID);
|
$HTMLMESSAGE .= " @ ".$opensim->getRegionName($XMLMESSAGE->RegionID);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//die($HTMLMESSAGE);
|
|
||||||
|
|
||||||
$HTML = new HTML();
|
$HTML = new HTML();
|
||||||
$HTML->importHTML("mail.html");
|
$HTML->importHTML("mail.html");
|
||||||
$HTML->setSeitenInhalt($HTMLMESSAGE);
|
$HTML->setSeitenInhalt($HTMLMESSAGE);
|
||||||
|
|
@ -105,4 +100,3 @@
|
||||||
//echo $row['PrincipalID']." möchte keine offline IM oder hat keine E-MAIL Adresse hinterlegt.";
|
//echo $row['PrincipalID']." möchte keine offline IM oder hat keine E-MAIL Adresse hinterlegt.";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
$HTML->setHTMLTitle("Dashboard");
|
$HTML->setHTMLTitle("Dashboard");
|
||||||
|
|
@ -12,4 +12,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -4,4 +4,3 @@
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
http_response_code(404);
|
http_response_code(404);
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -5,20 +5,19 @@
|
||||||
$HTML->setHTMLTitle("Passwort vergessen");
|
$HTML->setHTMLTitle("Passwort vergessen");
|
||||||
$HTML->importHTML("forgot.html");
|
$HTML->importHTML("forgot.html");
|
||||||
|
|
||||||
if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
include_once 'app/FormValidator.php';
|
include_once 'app/FormValidator.php';
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'username' => array('required' => true, 'regex' => '/^[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}$/'),
|
'username' => array('required' => true, 'regex' => '/^[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}$/'),
|
||||||
'email' => array('required' => true, 'regex' => '/^\S{1,64}@\S{1,250}.\S{2,64}$/')
|
'email' => array('required' => true, 'regex' => '/^\S{1,64}@\S{1,250}.\S{2,64}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if(!$validator->isValid($_POST)) {
|
if (!$validator->isValid($_POST)) {
|
||||||
$HTML->ReplaceLayoutInhalt('%%MESSAGE%%', 'Bitte gebe deinen Benutzernamen (Vor- und Nachname) und die dazugehörige E-Mail-Adresse ein');
|
$HTML->ReplaceLayoutInhalt('%%MESSAGE%%', 'Bitte gebe deinen Benutzernamen (Vor- und Nachname) und die dazugehörige E-Mail-Adresse ein');
|
||||||
$HTML->ReplaceLayoutInhalt('%%MESSAGECOLOR%%', 'red');
|
$HTML->ReplaceLayoutInhalt('%%MESSAGECOLOR%%', 'red');
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$nameParts = explode(" ", $_POST['username']);
|
$nameParts = explode(" ", $_POST['username']);
|
||||||
$email = strtolower(trim($_POST['email']));
|
$email = strtolower(trim($_POST['email']));
|
||||||
|
|
||||||
|
|
@ -27,14 +26,14 @@
|
||||||
$validRequest = $getAccount->rowCount() == 1;
|
$validRequest = $getAccount->rowCount() == 1;
|
||||||
$uuid;
|
$uuid;
|
||||||
$name;
|
$name;
|
||||||
if($res = $getAccount->fetch()) {
|
if ($res = $getAccount->fetch()) {
|
||||||
$email = $res['Email'];
|
$email = $res['Email'];
|
||||||
$uuid = $res['PrincipalID'];
|
$uuid = $res['PrincipalID'];
|
||||||
$name = $res['FirstName'].' '.$res['LastName'];
|
$name = $res['FirstName'].' '.$res['LastName'];
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach($RUNTIME['RESET_BLOCKED_DOMAINS'] as $domain) {
|
foreach ($RUNTIME['RESET_BLOCKED_DOMAINS'] as $domain) {
|
||||||
if(str_ends_with($email, $domain)) {
|
if (str_ends_with($email, $domain)) {
|
||||||
$validRequest = false;
|
$validRequest = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -45,10 +44,10 @@
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
fastcgi_finish_request();
|
fastcgi_finish_request();
|
||||||
|
|
||||||
if($validRequest) {
|
if ($validRequest) {
|
||||||
$getReqTime = $RUNTIME['PDO']->prepare('SELECT RequestTime FROM PasswordResetTokens WHERE PrincipalID=?');
|
$getReqTime = $RUNTIME['PDO']->prepare('SELECT RequestTime FROM PasswordResetTokens WHERE PrincipalID=?');
|
||||||
$getReqTime->execute([$uuid]);
|
$getReqTime->execute([$uuid]);
|
||||||
if(($res = $getReqTime->fetch()) && time() - $res['RequestTime'] < 900) {
|
if (($res = $getReqTime->fetch()) && time() - $res['RequestTime'] < 900) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -60,12 +59,9 @@
|
||||||
sendMail($email, str_replace('%%NAME%%', $name, str_replace('%%RESET_LINK%%', 'https://'.$RUNTIME['DOMAIN'].'/index.php?page=reset-password&token='.$token, MESSAGE)), "Zurücksetzung des Passworts für ".$name, 'Dein Passwort zurücksetzen', 'Folge diesen Anweisungen, um ein neues Passwort für deinen 4Creative-Account festzulegen');
|
sendMail($email, str_replace('%%NAME%%', $name, str_replace('%%RESET_LINK%%', 'https://'.$RUNTIME['DOMAIN'].'/index.php?page=reset-password&token='.$token, MESSAGE)), "Zurücksetzung des Passworts für ".$name, 'Dein Passwort zurücksetzen', 'Folge diesen Anweisungen, um ein neues Passwort für deinen 4Creative-Account festzulegen');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$HTML->ReplaceLayoutInhalt('%%MESSAGE%%', '');
|
$HTML->ReplaceLayoutInhalt('%%MESSAGE%%', '');
|
||||||
$HTML->ReplaceLayoutInhalt('%%MESSAGECOLOR%%', 'red');
|
$HTML->ReplaceLayoutInhalt('%%MESSAGECOLOR%%', 'red');
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
|
||||||
|
|
@ -1,13 +1,12 @@
|
||||||
<?php
|
<?php
|
||||||
if($_SERVER['REQUEST_METHOD'] == 'POST')
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
{
|
if (isset($_POST['remove'])) {
|
||||||
if(isset($_POST['remove'])) {
|
include_once 'app/FormValidator.php';
|
||||||
include 'app/FormValidator.php';
|
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'uuid' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
'uuid' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
$statementMembership = $RUNTIME['PDO']->prepare("DELETE FROM Friends WHERE Friend = ? AND PrincipalID = ?");
|
$statementMembership = $RUNTIME['PDO']->prepare("DELETE FROM Friends WHERE Friend = ? AND PrincipalID = ?");
|
||||||
$statementMembership->execute(array($_REQUEST['uuid'], $_SESSION['UUID']));
|
$statementMembership->execute(array($_REQUEST['uuid'], $_SESSION['UUID']));
|
||||||
|
|
||||||
|
|
@ -28,17 +27,16 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT PrincipalID,Friend FROM Friends WHERE PrincipalID = ? ORDER BY Friend ASC");
|
$statement = $RUNTIME['PDO']->prepare("SELECT PrincipalID,Friend FROM Friends WHERE PrincipalID = ? ORDER BY Friend ASC");
|
||||||
$statement->execute([$_SESSION['UUID']]);
|
$statement->execute([$_SESSION['UUID']]);
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
include_once 'app/OpenSim.php';
|
||||||
{
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
|
while ($row = $statement->fetch()) {
|
||||||
$PrincipalID = explode(";", $row['PrincipalID'])[0];
|
$PrincipalID = explode(";", $row['PrincipalID'])[0];
|
||||||
$FriendData = explode(";", $row['Friend']);
|
$FriendData = explode(";", $row['Friend']);
|
||||||
$Friend = $FriendData[0];
|
$Friend = $FriendData[0];
|
||||||
|
|
||||||
include 'app/OpenSim.php';
|
|
||||||
$opensim = new OpenSim();
|
|
||||||
|
|
||||||
$name = trim($opensim->getUserName($Friend));
|
$name = trim($opensim->getUserName($Friend));
|
||||||
if(count($FriendData) > 1) {
|
if (count($FriendData) > 1) {
|
||||||
$FriendData[1] = str_replace("http://", "", $FriendData[1]);
|
$FriendData[1] = str_replace("http://", "", $FriendData[1]);
|
||||||
$FriendData[1] = str_replace("https://", "", $FriendData[1]);
|
$FriendData[1] = str_replace("https://", "", $FriendData[1]);
|
||||||
$FriendData[1] = str_replace("/", "", $FriendData[1]);
|
$FriendData[1] = str_replace("/", "", $FriendData[1]);
|
||||||
|
|
@ -55,4 +53,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -1,13 +1,12 @@
|
||||||
<?php
|
<?php
|
||||||
if($_SERVER['REQUEST_METHOD'] == 'POST')
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
{
|
if (isset($_POST['leave'])) {
|
||||||
if(isset($_POST['leave'])) {
|
include_once 'app/FormValidator.php';
|
||||||
include 'app/FormValidator.php';
|
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'group' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
'group' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
$statementMembership = $RUNTIME['PDO']->prepare("DELETE FROM os_groups_membership WHERE GroupID = ? AND PrincipalID = ?");
|
$statementMembership = $RUNTIME['PDO']->prepare("DELETE FROM os_groups_membership WHERE GroupID = ? AND PrincipalID = ?");
|
||||||
$statementMembership->execute(array($_REQUEST['group'], $_SESSION['UUID']));
|
$statementMembership->execute(array($_REQUEST['group'], $_SESSION['UUID']));
|
||||||
}
|
}
|
||||||
|
|
@ -17,7 +16,7 @@
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
$HTML->setHTMLTitle("Gruppen");
|
$HTML->setHTMLTitle("Gruppen");
|
||||||
|
|
@ -28,8 +27,7 @@
|
||||||
$statementGroups = $RUNTIME['PDO']->prepare("SELECT Name,FounderID,os_groups_membership.GroupID FROM os_groups_groups JOIN os_groups_membership ON os_groups_groups.GroupID = os_groups_membership.GroupID WHERE PrincipalID = ?");
|
$statementGroups = $RUNTIME['PDO']->prepare("SELECT Name,FounderID,os_groups_membership.GroupID FROM os_groups_groups JOIN os_groups_membership ON os_groups_groups.GroupID = os_groups_membership.GroupID WHERE PrincipalID = ?");
|
||||||
$statementGroups->execute(array($_SESSION['UUID']));
|
$statementGroups->execute(array($_SESSION['UUID']));
|
||||||
|
|
||||||
while($rowGroups = $statementGroups->fetch())
|
while ($rowGroups = $statementGroups->fetch()) {
|
||||||
{
|
|
||||||
$entry = '<tr><td>'.htmlspecialchars($rowGroups['Name']).'</td><td>'.htmlspecialchars($opensim->getUserName($rowGroups['FounderID'])).'</td><td><form action="index.php?page=groups" method="post">%%CSRF%%<input type="hidden" name="group" value="'.htmlspecialchars($rowGroups['GroupID']).'"><button type="submit" name="leave" class="btn btn-danger btn-sm">VERLASSEN</button></form></td></tr>';
|
$entry = '<tr><td>'.htmlspecialchars($rowGroups['Name']).'</td><td>'.htmlspecialchars($opensim->getUserName($rowGroups['FounderID'])).'</td><td><form action="index.php?page=groups" method="post">%%CSRF%%<input type="hidden" name="group" value="'.htmlspecialchars($rowGroups['GroupID']).'"><button type="submit" name="leave" class="btn btn-danger btn-sm">VERLASSEN</button></form></td></tr>';
|
||||||
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
|
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
|
||||||
}
|
}
|
||||||
|
|
@ -39,4 +37,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -2,24 +2,22 @@
|
||||||
$statementCreateTable = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS `UserIdentitys` (`PrincipalID` VARCHAR(38) NOT NULL, `IdentityID` VARCHAR(38) NOT NULL, PRIMARY KEY (`IdentityID`))");
|
$statementCreateTable = $RUNTIME['PDO']->prepare("CREATE TABLE IF NOT EXISTS `UserIdentitys` (`PrincipalID` VARCHAR(38) NOT NULL, `IdentityID` VARCHAR(38) NOT NULL, PRIMARY KEY (`IdentityID`))");
|
||||||
$statementCreateTable->execute();
|
$statementCreateTable->execute();
|
||||||
|
|
||||||
if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
include 'app/FormValidator.php';
|
include_once 'app/FormValidator.php';
|
||||||
if(isset($_POST['enableIdent'])) {
|
if (isset($_POST['enableIdent'])) {
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'newuuid' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
'newuuid' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = :PrincipalID AND IdentityID = :IdentityID LIMIT 1");
|
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = :PrincipalID AND IdentityID = :IdentityID LIMIT 1");
|
||||||
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_REQUEST['newuuid']]);
|
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_REQUEST['newuuid']]);
|
||||||
|
|
||||||
$statementPresence = $RUNTIME['PDO']->prepare("SELECT 1 FROM Presence WHERE UserID = :PrincipalID LIMIT 1");
|
$statementPresence = $RUNTIME['PDO']->prepare("SELECT 1 FROM Presence WHERE UserID = :PrincipalID LIMIT 1");
|
||||||
$statementPresence->execute(['PrincipalID' => $_SESSION['UUID']]);
|
$statementPresence->execute(['PrincipalID' => $_SESSION['UUID']]);
|
||||||
|
|
||||||
if($statementPresence->rowCount() == 0)
|
if ($statementPresence->rowCount() == 0) {
|
||||||
{
|
if ($statement->rowCount() == 1) {
|
||||||
if($statement->rowCount() == 1)
|
|
||||||
{
|
|
||||||
$statementAuth = $RUNTIME['PDO']->prepare('UPDATE auth SET UUID = :IdentityID WHERE UUID = :PrincipalID');
|
$statementAuth = $RUNTIME['PDO']->prepare('UPDATE auth SET UUID = :IdentityID WHERE UUID = :PrincipalID');
|
||||||
$statementAuth->execute(['IdentityID' => $_REQUEST['newuuid'], 'PrincipalID' => $_SESSION['UUID']]);
|
$statementAuth->execute(['IdentityID' => $_REQUEST['newuuid'], 'PrincipalID' => $_SESSION['UUID']]);
|
||||||
|
|
||||||
|
|
@ -55,22 +53,20 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if(isset($_POST['createIdent'])) {
|
elseif (isset($_POST['createIdent'])) {
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'newName' => array('required' => true, 'regex' => '/^[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}$/')
|
'newName' => array('required' => true, 'regex' => '/^[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
$avatarNameParts = explode(" ", trim($_REQUEST['newName']));
|
$avatarNameParts = explode(" ", trim($_REQUEST['newName']));
|
||||||
|
|
||||||
if(count($avatarNameParts) == 2)
|
if (count($avatarNameParts) == 2) {
|
||||||
{
|
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserAccounts WHERE FirstName = :FirstName AND LastName = :LastName LIMIT 1");
|
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserAccounts WHERE FirstName = :FirstName AND LastName = :LastName LIMIT 1");
|
||||||
$statement->execute(['FirstName' => trim($avatarNameParts[0]), 'LastName' => trim($avatarNameParts[1])]);
|
$statement->execute(['FirstName' => trim($avatarNameParts[0]), 'LastName' => trim($avatarNameParts[1])]);
|
||||||
|
|
||||||
if($statement->rowCount() == 0)
|
if ($statement->rowCount() == 0) {
|
||||||
{
|
include_once 'app/OpenSim.php';
|
||||||
include 'app/OpenSim.php';
|
|
||||||
$avatarUUID = (new OpenSim())->gen_uuid();
|
$avatarUUID = (new OpenSim())->gen_uuid();
|
||||||
|
|
||||||
$statementAccounts = $RUNTIME['PDO']->prepare('INSERT INTO UserAccounts (PrincipalID, ScopeID, FirstName, LastName, Email, ServiceURLs, Created, UserLevel, UserFlags, UserTitle, active) VALUES (:PrincipalID, :ScopeID, :FirstName, :LastName, :Email, :ServiceURLs, :Created, :UserLevel, :UserFlags, :UserTitle, :active )');
|
$statementAccounts = $RUNTIME['PDO']->prepare('INSERT INTO UserAccounts (PrincipalID, ScopeID, FirstName, LastName, Email, ServiceURLs, Created, UserLevel, UserFlags, UserTitle, active) VALUES (:PrincipalID, :ScopeID, :FirstName, :LastName, :Email, :ServiceURLs, :Created, :UserLevel, :UserFlags, :UserTitle, :active )');
|
||||||
|
|
@ -78,10 +74,10 @@
|
||||||
|
|
||||||
$statementUserIdentitys = $RUNTIME['PDO']->prepare('INSERT INTO UserIdentitys (PrincipalID, IdentityID) VALUES (:PrincipalID, :IdentityID)');
|
$statementUserIdentitys = $RUNTIME['PDO']->prepare('INSERT INTO UserIdentitys (PrincipalID, IdentityID) VALUES (:PrincipalID, :IdentityID)');
|
||||||
$statementUserIdentitys->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $avatarUUID]);
|
$statementUserIdentitys->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $avatarUUID]);
|
||||||
}else{
|
} else {
|
||||||
$_SESSION['identities_err'] = 'Dieser Name ist schon in Benutzung.';
|
$_SESSION['identities_err'] = 'Dieser Name ist schon in Benutzung.';
|
||||||
}
|
}
|
||||||
}else{
|
} else {
|
||||||
$_SESSION['identities_err'] = 'Der Name muss aus einem Vor und einem Nachnamen bestehen.';
|
$_SESSION['identities_err'] = 'Der Name muss aus einem Vor und einem Nachnamen bestehen.';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -97,8 +93,7 @@
|
||||||
$statementCheckForEntry = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = ? LIMIT 1");
|
$statementCheckForEntry = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = ? LIMIT 1");
|
||||||
$statementCheckForEntry->execute(array($_SESSION['UUID']));
|
$statementCheckForEntry->execute(array($_SESSION['UUID']));
|
||||||
|
|
||||||
if($statementCheckForEntry->rowCount() == 0)
|
if ($statementCheckForEntry->rowCount() == 0) {
|
||||||
{
|
|
||||||
$statement = $RUNTIME['PDO']->prepare('INSERT INTO `UserIdentitys` (PrincipalID, IdentityID) VALUES (:PrincipalID, :IdentityID)');
|
$statement = $RUNTIME['PDO']->prepare('INSERT INTO `UserIdentitys` (PrincipalID, IdentityID) VALUES (:PrincipalID, :IdentityID)');
|
||||||
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_SESSION['UUID']]);
|
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_SESSION['UUID']]);
|
||||||
}
|
}
|
||||||
|
|
@ -107,15 +102,13 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT IdentityID FROM UserIdentitys WHERE PrincipalID = ? ORDER BY IdentityID ASC");
|
$statement = $RUNTIME['PDO']->prepare("SELECT IdentityID FROM UserIdentitys WHERE PrincipalID = ? ORDER BY IdentityID ASC");
|
||||||
$statement->execute(array($_SESSION['UUID']));
|
$statement->execute(array($_SESSION['UUID']));
|
||||||
|
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
while ($row = $statement->fetch()) {
|
||||||
{
|
if ($row['IdentityID'] == $_SESSION['UUID']) {
|
||||||
if($row['IdentityID'] == $_SESSION['UUID'])
|
|
||||||
{
|
|
||||||
$entry = '<tr><td>'.htmlspecialchars(trim($opensim->getUserName($row['IdentityID']))).' <span class="badge badge-info">Aktiv</span></td><td>-</td></tr>';
|
$entry = '<tr><td>'.htmlspecialchars(trim($opensim->getUserName($row['IdentityID']))).' <span class="badge badge-info">Aktiv</span></td><td>-</td></tr>';
|
||||||
}else{
|
} else {
|
||||||
$entry = '<tr><td>'.htmlspecialchars(trim($opensim->getUserName($row['IdentityID']))).'</td><td><form action="index.php?page=identities" method="post">%%CSRF%%<input type="hidden" name="newuuid" value="'.htmlspecialchars($row['IdentityID']).'"><button type="submit" name="enableIdent" class="btn btn-success btn-sm">Aktivieren</button></form></td></tr>';
|
$entry = '<tr><td>'.htmlspecialchars(trim($opensim->getUserName($row['IdentityID']))).'</td><td><form action="index.php?page=identities" method="post">%%CSRF%%<input type="hidden" name="newuuid" value="'.htmlspecialchars($row['IdentityID']).'"><button type="submit" name="enableIdent" class="btn btn-success btn-sm">Aktivieren</button></form></td></tr>';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -127,7 +120,7 @@
|
||||||
$HTML->ReplaceSeitenInhalt("%%link%%", ' ');
|
$HTML->ReplaceSeitenInhalt("%%link%%", ' ');
|
||||||
|
|
||||||
$message = '';
|
$message = '';
|
||||||
if(isset($_SESSION['identities_err'])) {
|
if (isset($_SESSION['identities_err'])) {
|
||||||
$message = '<div class="alert alert-danger" role="alert">'.$_SESSION['identities_err'].'</div>';
|
$message = '<div class="alert alert-danger" role="alert">'.$_SESSION['identities_err'].'</div>';
|
||||||
unset($_SESSION['identities_err']);
|
unset($_SESSION['identities_err']);
|
||||||
}
|
}
|
||||||
|
|
@ -135,4 +128,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -1,6 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
if(!isset($_SESSION['LOGIN']) || !isset($_SESSION['LEVEL']) || $_SESSION['LEVEL'] < 100)
|
if (!isset($_SESSION['LOGIN']) || !isset($_SESSION['LEVEL']) || $_SESSION['LEVEL'] < 100) {
|
||||||
{
|
|
||||||
$HTML->setHTMLTitle("Kein Zugriff");
|
$HTML->setHTMLTitle("Kein Zugriff");
|
||||||
$HTML->SetSeitenInhalt("Dazu hast du keine Rechte!");
|
$HTML->SetSeitenInhalt("Dazu hast du keine Rechte!");
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
|
|
@ -16,4 +15,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -3,27 +3,25 @@
|
||||||
$HTML->setHTMLTitle("Login");
|
$HTML->setHTMLTitle("Login");
|
||||||
$HTML->importHTML("login.html");
|
$HTML->importHTML("login.html");
|
||||||
|
|
||||||
if($_SERVER['REQUEST_METHOD'] == 'POST')
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
{
|
|
||||||
include_once 'app/FormValidator.php';
|
include_once 'app/FormValidator.php';
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'username' => array('required' => true, 'regex' => '/^[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}$/'),
|
'username' => array('required' => true, 'regex' => '/^[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}$/'),
|
||||||
'password' => array('required' => true, 'regex' => '/^.{1,1000}$/')
|
'password' => array('required' => true, 'regex' => '/^.{1,1000}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if(!$validator->isValid($_POST)) {
|
if (!$validator->isValid($_POST)) {
|
||||||
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "Bitte gebe Benutzername (Vor- und Nachname) und Passwort ein.");
|
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "Bitte gebe Benutzername (Vor- und Nachname) und Passwort ein.");
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID,FirstName,LastName,Email,UserLevel,passwordHash,passwordSalt FROM UserAccounts JOIN auth ON UserAccounts.PrincipalID = auth.UUID WHERE FirstName = ? AND LastName = ? LIMIT 1");
|
$statementUser = $RUNTIME['PDO']->prepare("SELECT PrincipalID,FirstName,LastName,Email,UserLevel,passwordHash,passwordSalt FROM UserAccounts JOIN auth ON UserAccounts.PrincipalID = auth.UUID WHERE FirstName = ? AND LastName = ? LIMIT 1");
|
||||||
$statementUser->execute(explode(" ", trim($_POST['username'])));
|
$statementUser->execute(explode(" ", trim($_POST['username'])));
|
||||||
$res = ['passwordHash' => '', 'passwordSalt' => ''];
|
$res = ['passwordHash' => '', 'passwordSalt' => ''];
|
||||||
|
|
||||||
if($rowUser = $statementUser->fetch()) {
|
if ($rowUser = $statementUser->fetch()) {
|
||||||
$res = $rowUser;
|
$res = $rowUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(hash_equals(md5(md5($_POST['password']).":".$res['passwordSalt']), $res['passwordHash'])) {
|
if (hash_equals(md5(md5($_POST['password']).":".$res['passwordSalt']), $res['passwordHash'])) {
|
||||||
session_unset(); // Unset pre-session variables, next request will generate a new CSRF token
|
session_unset(); // Unset pre-session variables, next request will generate a new CSRF token
|
||||||
$_SESSION['FIRSTNAME'] = $rowUser['FirstName'];
|
$_SESSION['FIRSTNAME'] = $rowUser['FirstName'];
|
||||||
$_SESSION['LASTNAME'] = $rowUser['LastName'];
|
$_SESSION['LASTNAME'] = $rowUser['LastName'];
|
||||||
|
|
@ -42,8 +40,7 @@
|
||||||
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "Benutzername und/oder Passwort falsch.");
|
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "Benutzername und/oder Passwort falsch.");
|
||||||
$HTML->ReplaceLayoutInhalt("%%LASTUSERNAME%%", htmlspecialchars($_POST['username']));
|
$HTML->ReplaceLayoutInhalt("%%LASTUSERNAME%%", htmlspecialchars($_POST['username']));
|
||||||
}
|
}
|
||||||
}
|
} elseif (isset($_SESSION) && isset($_SESSION['loginMessage'])) {
|
||||||
else if(isset($_SESSION) && isset($_SESSION['loginMessage'])) {
|
|
||||||
$HTML->ReplaceLayoutInhalt('%%LOGINMESSAGE%%', $_SESSION['loginMessage']);
|
$HTML->ReplaceLayoutInhalt('%%LOGINMESSAGE%%', $_SESSION['loginMessage']);
|
||||||
$HTML->ReplaceLayoutInhalt('%%MESSAGECOLOR%%', $_SESSION['loginMessageColor']);
|
$HTML->ReplaceLayoutInhalt('%%MESSAGECOLOR%%', $_SESSION['loginMessageColor']);
|
||||||
unset($_SESSION['loginMessage']);
|
unset($_SESSION['loginMessage']);
|
||||||
|
|
@ -56,4 +53,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -1,11 +1,12 @@
|
||||||
<?php
|
<?php
|
||||||
function setNamePart(string $part, string $value, string $otherPart, string $otherValue) {
|
function setNamePart(string $part, string $value, string $otherPart, string $otherValue): bool
|
||||||
|
{
|
||||||
global $RUNTIME;
|
global $RUNTIME;
|
||||||
|
|
||||||
$query = $RUNTIME['PDO']->prepare('SELECT 1 FROM UserAccounts WHERE '.$part.' = ? AND '.$otherPart.' = ?');
|
$query = $RUNTIME['PDO']->prepare('SELECT 1 FROM UserAccounts WHERE '.$part.' = ? AND '.$otherPart.' = ?');
|
||||||
$query->execute(array($value, $otherValue));
|
$query->execute(array($value, $otherValue));
|
||||||
|
|
||||||
if($query->rowCount() == 0) {
|
if ($query->rowCount() == 0) {
|
||||||
$statement = $RUNTIME['PDO']->prepare('UPDATE UserAccounts SET '.$part.' = ? WHERE PrincipalID = ?');
|
$statement = $RUNTIME['PDO']->prepare('UPDATE UserAccounts SET '.$part.' = ? WHERE PrincipalID = ?');
|
||||||
$statement->execute(array($value, $_SESSION['UUID']));
|
$statement->execute(array($value, $_SESSION['UUID']));
|
||||||
return true;
|
return true;
|
||||||
|
|
@ -23,12 +24,12 @@
|
||||||
$IARRUNNING = $statementIARCheck->rowCount() != 0;
|
$IARRUNNING = $statementIARCheck->rowCount() != 0;
|
||||||
$statementIARCheck->closeCursor();
|
$statementIARCheck->closeCursor();
|
||||||
|
|
||||||
if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
include 'app/FormValidator.php';
|
include_once 'app/FormValidator.php';
|
||||||
|
|
||||||
if(isset($_POST['createIAR'])) {
|
if (isset($_POST['createIAR'])) {
|
||||||
$validator = new FormValidator(array()); // CSRF validation only
|
$validator = new FormValidator(array()); // CSRF validation only
|
||||||
if($validator->isValid($_POST) && $IARRUNNING == FALSE) {
|
if($validator->isValid($_POST) && !$IARRUNNING) {
|
||||||
$iarname = md5(time().$_SESSION['UUID'] . rand()).".iar";
|
$iarname = md5(time().$_SESSION['UUID'] . rand()).".iar";
|
||||||
|
|
||||||
$statementIARSTART = $RUNTIME['PDO']->prepare('INSERT INTO iarstates (userID, filesize, iarfilename) VALUES (:userID, :filesize, :iarfilename)');
|
$statementIARSTART = $RUNTIME['PDO']->prepare('INSERT INTO iarstates (userID, filesize, iarfilename) VALUES (:userID, :filesize, :iarfilename)');
|
||||||
|
|
@ -37,7 +38,7 @@
|
||||||
$_SESSION['iar_created'] = true;
|
$_SESSION['iar_created'] = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if(isset($_POST['saveProfileData'])) {
|
elseif (isset($_POST['saveProfileData'])) {
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'formInputFeldVorname' => array('regex' => '/^[^\\/<>\s]{1,64}$/'),
|
'formInputFeldVorname' => array('regex' => '/^[^\\/<>\s]{1,64}$/'),
|
||||||
'formInputFeldNachname' => array('regex' => '/^[^\\/<>\s]{1,64}$/'),
|
'formInputFeldNachname' => array('regex' => '/^[^\\/<>\s]{1,64}$/'),
|
||||||
|
|
@ -46,7 +47,7 @@
|
||||||
'formInputFeldPartnerName' => array('regex' => '/^[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}$/')
|
'formInputFeldPartnerName' => array('regex' => '/^[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
if(isset($_POST['formInputFeldVorname'])) {
|
if(isset($_POST['formInputFeldVorname'])) {
|
||||||
$NewFirstName = trim($_POST['formInputFeldVorname']);
|
$NewFirstName = trim($_POST['formInputFeldVorname']);
|
||||||
|
|
||||||
|
|
@ -62,25 +63,24 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($_POST['formInputFeldNachname'])) {
|
if (isset($_POST['formInputFeldNachname'])) {
|
||||||
$NewLastName = trim($_POST['formInputFeldNachname']);
|
$NewLastName = trim($_POST['formInputFeldNachname']);
|
||||||
|
|
||||||
if($NewLastName != "" && $_SESSION['LASTNAME'] != $NewLastName) {
|
if ($NewLastName != "" && $_SESSION['LASTNAME'] != $NewLastName) {
|
||||||
if(setNamePart('LastName', $NewLastName, 'FirstName', isset($_POST['formInputFeldVorname']) && strlen(trim($_POST['formInputFeldVorname'])) > 0 ? $_POST['formInputFeldVorname'] : $_SESSION['FIRSTNAME'])) {
|
if (setNamePart('LastName', $NewLastName, 'FirstName', isset($_POST['formInputFeldVorname']) && strlen(trim($_POST['formInputFeldVorname'])) > 0 ? $_POST['formInputFeldVorname'] : $_SESSION['FIRSTNAME'])) {
|
||||||
$_SESSION['LASTNAME'] = $NewLastName;
|
$_SESSION['LASTNAME'] = $NewLastName;
|
||||||
$_SESSION['USERNAME'] = $_SESSION['FIRSTNAME']." ".$_SESSION['LASTNAME'];
|
$_SESSION['USERNAME'] = $_SESSION['FIRSTNAME']." ".$_SESSION['LASTNAME'];
|
||||||
$_SESSION['DISPLAYNAME'] = strtoupper($_SESSION['USERNAME']);
|
$_SESSION['DISPLAYNAME'] = strtoupper($_SESSION['USERNAME']);
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$_SESSION['profile_info'] = 'Der gewählte Name ist bereits vergeben.';
|
$_SESSION['profile_info'] = 'Der gewählte Name ist bereits vergeben.';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($_POST['formInputFeldEMail'])) {
|
if (isset($_POST['formInputFeldEMail'])) {
|
||||||
$NewEMail = trim($_POST['formInputFeldEMail']);
|
$NewEMail = trim($_POST['formInputFeldEMail']);
|
||||||
|
|
||||||
if($NewEMail != "" && $_SESSION['EMAIL'] != $NewEMail) {
|
if ($NewEMail != "" && $_SESSION['EMAIL'] != $NewEMail) {
|
||||||
$statement = $RUNTIME['PDO']->prepare('UPDATE UserAccounts SET Email = :Email WHERE PrincipalID = :PrincipalID');
|
$statement = $RUNTIME['PDO']->prepare('UPDATE UserAccounts SET Email = :Email WHERE PrincipalID = :PrincipalID');
|
||||||
$statement->execute(['Email' => $NewEMail, 'PrincipalID' => $_SESSION['UUID']]);
|
$statement->execute(['Email' => $NewEMail, 'PrincipalID' => $_SESSION['UUID']]);
|
||||||
|
|
||||||
|
|
@ -91,7 +91,7 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($_POST['formInputFeldOfflineIM']) && $_POST['formInputFeldOfflineIM'] == "on") {
|
if (isset($_POST['formInputFeldOfflineIM']) && $_POST['formInputFeldOfflineIM'] == "on") {
|
||||||
$statement = $RUNTIME['PDO']->prepare('UPDATE usersettings SET imviaemail = :IMState WHERE useruuid = :PrincipalID');
|
$statement = $RUNTIME['PDO']->prepare('UPDATE usersettings SET imviaemail = :IMState WHERE useruuid = :PrincipalID');
|
||||||
$statement->execute(['IMState' => 'true', 'PrincipalID' => $_SESSION['UUID']]);
|
$statement->execute(['IMState' => 'true', 'PrincipalID' => $_SESSION['UUID']]);
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -99,40 +99,41 @@
|
||||||
$statement->execute(['IMState' => 'false', 'PrincipalID' => $_SESSION['UUID']]);
|
$statement->execute(['IMState' => 'false', 'PrincipalID' => $_SESSION['UUID']]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($_POST['formInputFeldPartnerName']) && $_POST['formInputFeldPartnerName'] != "") {
|
if (isset($_POST['formInputFeldPartnerName']) && $_POST['formInputFeldPartnerName'] != "") {
|
||||||
include_once 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
$NewPartner = trim($_POST['formInputFeldPartnerName']);
|
$NewPartner = trim($_POST['formInputFeldPartnerName']);
|
||||||
$CurrentPartner = $opensim->getPartner($_SESSION['UUID']);
|
$CurrentPartner = $opensim->getPartner($_SESSION['UUID']);
|
||||||
|
|
||||||
if($CurrentPartner != "")$CurrentPartner = $opensim->getUserName($CurrentPartner);
|
if ($CurrentPartner != "") {
|
||||||
|
$CurrentPartner = $opensim->getUserName($CurrentPartner);
|
||||||
|
}
|
||||||
|
|
||||||
if($NewPartner != "" && $CurrentPartner != $NewPartner) {
|
if ($NewPartner != "" && $CurrentPartner != $NewPartner) {
|
||||||
$newPartnerUUID = $opensim->getUserUUID($NewPartner);
|
$newPartnerUUID = $opensim->getUserUUID($NewPartner);
|
||||||
|
|
||||||
if($newPartnerUUID != null) {
|
if ($newPartnerUUID != null) {
|
||||||
$statement = $RUNTIME['PDO']->prepare('UPDATE userprofile SET profilePartner = :profilePartner WHERE useruuid = :PrincipalID');
|
$statement = $RUNTIME['PDO']->prepare('UPDATE userprofile SET profilePartner = :profilePartner WHERE useruuid = :PrincipalID');
|
||||||
$statement->execute(['profilePartner' => $newPartnerUUID, 'PrincipalID' => $_SESSION['UUID']]);
|
$statement->execute(['profilePartner' => $newPartnerUUID, 'PrincipalID' => $_SESSION['UUID']]);
|
||||||
}
|
}
|
||||||
}else{
|
} else {
|
||||||
$statement = $RUNTIME['PDO']->prepare('UPDATE userprofile SET profilePartner = :profilePartner WHERE useruuid = :PrincipalID');
|
$statement = $RUNTIME['PDO']->prepare('UPDATE userprofile SET profilePartner = :profilePartner WHERE useruuid = :PrincipalID');
|
||||||
$statement->execute(['profilePartner' => '00000000-0000-0000-0000-000000000000', 'PrincipalID' => $_SESSION['UUID']]);
|
$statement->execute(['profilePartner' => '00000000-0000-0000-0000-000000000000', 'PrincipalID' => $_SESSION['UUID']]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
} elseif (isset($_POST['savePassword'])) {
|
||||||
else if(isset($_POST['savePassword'])) {
|
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'oldPassword' => array('required' => true, 'regex' => '/^.{1,1000}$/'),
|
'oldPassword' => array('required' => true, 'regex' => '/^.{1,1000}$/'),
|
||||||
'newPassword' => array('required' => true, 'regex' => '/^.{1,1000}$/'),
|
'newPassword' => array('required' => true, 'regex' => '/^.{1,1000}$/'),
|
||||||
'newPasswordRepeat' => array('required' => true, 'regex' => '/^.{1,1000}$/')
|
'newPasswordRepeat' => array('required' => true, 'regex' => '/^.{1,1000}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
if($_POST['newPasswordRepeat'] == $_POST['newPassword']) {
|
if ($_POST['newPasswordRepeat'] == $_POST['newPassword']) {
|
||||||
if(strlen(trim($_POST['newPassword'])) >= $RUNTIME['PASSWORD_MIN_LENGTH']) {
|
if (strlen(trim($_POST['newPassword'])) >= $RUNTIME['PASSWORD_MIN_LENGTH']) {
|
||||||
if(md5(md5($_POST['oldPassword']).':'.$_SESSION['SALT']) == $_SESSION['PASSWORD']) {
|
if (md5(md5($_POST['oldPassword']).':'.$_SESSION['SALT']) == $_SESSION['PASSWORD']) {
|
||||||
$salt = bin2hex(random_bytes(16));
|
$salt = bin2hex(random_bytes(16));
|
||||||
$hash = md5(md5(trim($_POST['newPassword'])).':'.$salt);
|
$hash = md5(md5(trim($_POST['newPassword'])).':'.$salt);
|
||||||
$statement = $RUNTIME['PDO']->prepare('UPDATE auth SET passwordHash = :PasswordHash, passwordSalt = :PasswordSalt WHERE UUID = :PrincipalID');
|
$statement = $RUNTIME['PDO']->prepare('UPDATE auth SET passwordHash = :PasswordHash, passwordSalt = :PasswordSalt WHERE UUID = :PrincipalID');
|
||||||
|
|
@ -140,20 +141,16 @@
|
||||||
$_SESSION['PASSWORD'] = $hash;
|
$_SESSION['PASSWORD'] = $hash;
|
||||||
$_SESSION['SALT'] = $salt;
|
$_SESSION['SALT'] = $salt;
|
||||||
$_SESSION['profile_info'] = 'Neues Passwort gespeichert.';
|
$_SESSION['profile_info'] = 'Neues Passwort gespeichert.';
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$_SESSION['profile_info'] = 'Das alte Passwort ist nicht richtig!';
|
$_SESSION['profile_info'] = 'Das alte Passwort ist nicht richtig!';
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$_SESSION['profile_info'] = 'Das neue Passwort muss mindestens '.$RUNTIME['PASSWORD_MIN_LENGTH'].' Zeichen lang sein.';
|
$_SESSION['profile_info'] = 'Das neue Passwort muss mindestens '.$RUNTIME['PASSWORD_MIN_LENGTH'].' Zeichen lang sein.';
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$_SESSION['profile_info'] = 'Die neuen Passwörter stimmen nicht überein!';
|
$_SESSION['profile_info'] = 'Die neuen Passwörter stimmen nicht überein!';
|
||||||
}
|
}
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$_SESSION['profile_info'] = 'Bitte fülle das Formular vollständig aus.';
|
$_SESSION['profile_info'] = 'Bitte fülle das Formular vollständig aus.';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -165,12 +162,11 @@
|
||||||
$HTML->setHTMLTitle("Dein Profile");
|
$HTML->setHTMLTitle("Dein Profile");
|
||||||
$HTML->importSeitenInhalt("profile.html");
|
$HTML->importSeitenInhalt("profile.html");
|
||||||
|
|
||||||
if($IARRUNNING) {
|
if ($IARRUNNING) {
|
||||||
if(isset($_SESSION['iar_created'])) {
|
if (isset($_SESSION['iar_created'])) {
|
||||||
$HTML->ReplaceSeitenInhalt("%%IARINFOMESSAGE%%", '<div class="alert alert-success" role="alert">Deine IAR wird jetzt erstellt und der Download Link wird dir per PM zugesendet.'.$APIResult.'</div>');
|
$HTML->ReplaceSeitenInhalt("%%IARINFOMESSAGE%%", '<div class="alert alert-success" role="alert">Deine IAR wird jetzt erstellt und der Download Link wird dir per PM zugesendet.'.$APIResult.'</div>');
|
||||||
unset($_SESSION['iar_created']);
|
unset($_SESSION['iar_created']);
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$HTML->ReplaceSeitenInhalt("%%IARINFOMESSAGE%%", '<div class="alert alert-danger" role="alert">Aktuell wird eine IAR erstellt.<br>Warte bitte bis du eine PM bekommst.</div>');
|
$HTML->ReplaceSeitenInhalt("%%IARINFOMESSAGE%%", '<div class="alert alert-danger" role="alert">Aktuell wird eine IAR erstellt.<br>Warte bitte bis du eine PM bekommst.</div>');
|
||||||
}
|
}
|
||||||
$HTML->ReplaceSeitenInhalt("%%IARBUTTONSTATE%%", 'disabled');
|
$HTML->ReplaceSeitenInhalt("%%IARBUTTONSTATE%%", 'disabled');
|
||||||
|
|
@ -182,9 +178,13 @@
|
||||||
$PartnerUUID = $opensim->getPartner($_SESSION['UUID']);
|
$PartnerUUID = $opensim->getPartner($_SESSION['UUID']);
|
||||||
$PartnerName = "";
|
$PartnerName = "";
|
||||||
|
|
||||||
if($PartnerUUID != null)$PartnerName = $opensim->getUserName($PartnerUUID);
|
if ($PartnerUUID != null) {
|
||||||
|
$PartnerName = $opensim->getUserName($PartnerUUID);
|
||||||
|
}
|
||||||
|
|
||||||
if($opensim->allowOfflineIM($_SESSION['UUID']) == "TRUE")$HTML->ReplaceSeitenInhalt("%%offlineIMSTATE%%", ' checked');
|
if ($opensim->allowOfflineIM($_SESSION['UUID']) == "TRUE") {
|
||||||
|
$HTML->ReplaceSeitenInhalt("%%offlineIMSTATE%%", ' checked');
|
||||||
|
}
|
||||||
|
|
||||||
$HTML->ReplaceSeitenInhalt("%%offlineIMSTATE%%", ' ');
|
$HTML->ReplaceSeitenInhalt("%%offlineIMSTATE%%", ' ');
|
||||||
$HTML->ReplaceSeitenInhalt("%%firstname%%", htmlspecialchars($_SESSION['FIRSTNAME']));
|
$HTML->ReplaceSeitenInhalt("%%firstname%%", htmlspecialchars($_SESSION['FIRSTNAME']));
|
||||||
|
|
@ -194,7 +194,7 @@
|
||||||
$HTML->ReplaceSeitenInhalt("%%listAllResidentsAsJSArray%%", "");
|
$HTML->ReplaceSeitenInhalt("%%listAllResidentsAsJSArray%%", "");
|
||||||
|
|
||||||
$profileInfo = '';
|
$profileInfo = '';
|
||||||
if(isset($_SESSION['profile_info'])) {
|
if (isset($_SESSION['profile_info'])) {
|
||||||
$profileInfo = $_SESSION['profile_info'];
|
$profileInfo = $_SESSION['profile_info'];
|
||||||
unset($_SESSION['profile_info']);
|
unset($_SESSION['profile_info']);
|
||||||
}
|
}
|
||||||
|
|
@ -205,4 +205,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -4,13 +4,11 @@
|
||||||
|
|
||||||
function cleanSize($bytes)
|
function cleanSize($bytes)
|
||||||
{
|
{
|
||||||
if ($bytes > 0)
|
if ($bytes > 0) {
|
||||||
{
|
|
||||||
$unit = intval(log($bytes, 1024));
|
$unit = intval(log($bytes, 1024));
|
||||||
$units = array('B', 'KB', 'MB', 'GB');
|
$units = array('B', 'KB', 'MB', 'GB');
|
||||||
|
|
||||||
if (array_key_exists($unit, $units) === true)
|
if (array_key_exists($unit, $units) === true) {
|
||||||
{
|
|
||||||
return sprintf('%d %s', $bytes / pow(1024, $unit), $units[$unit]);
|
return sprintf('%d %s', $bytes / pow(1024, $unit), $units[$unit]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -25,8 +23,7 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT Prims,SimFPS,PhyFPS,ProcMem,RegionVersion FROM regions_info WHERE regionID = ?");
|
$statement = $RUNTIME['PDO']->prepare("SELECT Prims,SimFPS,PhyFPS,ProcMem,RegionVersion FROM regions_info WHERE regionID = ?");
|
||||||
$statement->execute([$regionID]);
|
$statement->execute([$regionID]);
|
||||||
|
|
||||||
if($row = $statement->fetch())
|
if ($row = $statement->fetch()) {
|
||||||
{
|
|
||||||
$return = array();
|
$return = array();
|
||||||
$return['Prims'] = $row['Prims'];
|
$return['Prims'] = $row['Prims'];
|
||||||
$return['SimFPS'] = $row['SimFPS'];
|
$return['SimFPS'] = $row['SimFPS'];
|
||||||
|
|
@ -40,15 +37,14 @@
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
|
|
||||||
if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_REQUEST['remove']))
|
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_REQUEST['remove'])) {
|
||||||
{
|
include_once 'app/FormValidator.php';
|
||||||
include 'app/FormValidator.php';
|
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'region' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
'region' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
if(isset($_SESSION['LEVEL']) && $_SESSION['LEVEL'] >= 100) {
|
if (isset($_SESSION['LEVEL']) && $_SESSION['LEVEL'] >= 100) {
|
||||||
$statementMembership = $RUNTIME['PDO']->prepare("DELETE FROM regions WHERE uuid = ?");
|
$statementMembership = $RUNTIME['PDO']->prepare("DELETE FROM regions WHERE uuid = ?");
|
||||||
$statementMembership->execute(array($_POST['region']));
|
$statementMembership->execute(array($_POST['region']));
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -67,14 +63,13 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT uuid,regionName,owner_uuid,locX,locY FROM regions ".($showAll ? "ORDER BY owner_uuid ASC" : "WHERE owner_uuid = ? ORDER BY uuid ASC"));
|
$statement = $RUNTIME['PDO']->prepare("SELECT uuid,regionName,owner_uuid,locX,locY FROM regions ".($showAll ? "ORDER BY owner_uuid ASC" : "WHERE owner_uuid = ? ORDER BY uuid ASC"));
|
||||||
$statement->execute($showAll ? array() : array($_SESSION['UUID']));
|
$statement->execute($showAll ? array() : array($_SESSION['UUID']));
|
||||||
|
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
while ($row = $statement->fetch()) {
|
||||||
{
|
|
||||||
$stats = getRegionStatsData($row['uuid']);
|
$stats = getRegionStatsData($row['uuid']);
|
||||||
|
|
||||||
$entry = '<tr><td>'.htmlspecialchars($row['regionName']).'<div class="blockquote-footer">'.(count($stats) > 0 ? 'Prims: '.$stats['Prims'].'; RAM-Nutzung: '.$stats['ProcMem'].'; SIM/PHYS FPS: '.$stats['SimFPS'].'/'.$stats['PhyFPS'].' ('.$stats['RegionVersion'].')' : 'Keine Statistik verfügbar').'</div></td><td>'.htmlspecialchars($opensim->getUserName($row['owner_uuid'])).'</td><td>'.fillString(($row['locX'] / 256), 4).' / '.fillString(($row['locY'] / 256), 4).'</td><td><form action="index.php?page=regions" method="post">%%CSRF%%<input type="hidden" name="region" value="'.$row['uuid'].'"><button type="submit" name="remove" class="btn btn-link btn-sm">LÖSCHEN</button></form></td></tr>';
|
$entry = '<tr><td>'.htmlspecialchars($row['regionName']).'<div class="blockquote-footer">'.(!empty($stats) ? 'Prims: '.$stats['Prims'].'; RAM-Nutzung: '.$stats['ProcMem'].'; SIM/PHYS FPS: '.$stats['SimFPS'].'/'.$stats['PhyFPS'].' ('.$stats['RegionVersion'].')' : 'Keine Statistik verfügbar').'</div></td><td>'.htmlspecialchars($opensim->getUserName($row['owner_uuid'])).'</td><td>'.fillString(($row['locX'] / 256), 4).' / '.fillString(($row['locY'] / 256), 4).'</td><td><form action="index.php?page=regions" method="post">%%CSRF%%<input type="hidden" name="region" value="'.$row['uuid'].'"><button type="submit" name="remove" class="btn btn-link btn-sm">LÖSCHEN</button></form></td></tr>';
|
||||||
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
|
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -83,4 +78,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -15,7 +15,8 @@
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
function displayError(string $message) {
|
function displayError(string $message)
|
||||||
|
{
|
||||||
$HTML = new HTML();
|
$HTML = new HTML();
|
||||||
$HTML->importHTML("error.html");
|
$HTML->importHTML("error.html");
|
||||||
$HTML->ReplaceLayoutInhalt("%%MESSAGE%%", $message);
|
$HTML->ReplaceLayoutInhalt("%%MESSAGE%%", $message);
|
||||||
|
|
@ -24,27 +25,26 @@
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!isset($_REQUEST['code'])) {
|
if (!isset($_REQUEST['code'])) {
|
||||||
displayError("Du benötigst einen Einladungscode, um dich bei 4Creative zu registrieren.");
|
displayError("Du benötigst einen Einladungscode, um dich bei 4Creative zu registrieren.");
|
||||||
}
|
}
|
||||||
|
|
||||||
if(strlen($_REQUEST['code']) != 32 || !preg_match('/^[a-f0-9]+$/', $_REQUEST['code'])) {
|
if (strlen($_REQUEST['code']) != 32 || !preg_match('/^[a-f0-9]+$/', $_REQUEST['code'])) {
|
||||||
displayError("Der angegebene Einladungscode ist nicht gültig. Nutze genau den Link, der dir zugeschickt wurde.");
|
displayError("Der angegebene Einladungscode ist nicht gültig. Nutze genau den Link, der dir zugeschickt wurde.");
|
||||||
}
|
}
|
||||||
|
|
||||||
$statementInviteCode = $RUNTIME['PDO']->prepare("SELECT 1 FROM InviteCodes WHERE InviteCode = ? LIMIT 1");
|
$statementInviteCode = $RUNTIME['PDO']->prepare("SELECT 1 FROM InviteCodes WHERE InviteCode = ? LIMIT 1");
|
||||||
$statementInviteCode->execute([$_REQUEST['code']]);
|
$statementInviteCode->execute([$_REQUEST['code']]);
|
||||||
|
|
||||||
if($statementInviteCode->rowCount() == 0) {
|
if ($statementInviteCode->rowCount() == 0) {
|
||||||
displayError("Der angegebene Einladungscode ist nicht gültig. Nutze genau den Link, der dir zugeschickt wurde.");
|
displayError("Der angegebene Einladungscode ist nicht gültig. Nutze genau den Link, der dir zugeschickt wurde.");
|
||||||
}
|
}
|
||||||
|
|
||||||
if($_SERVER['REQUEST_METHOD'] != 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
|
||||||
displayPage("");
|
displayPage("");
|
||||||
}
|
}
|
||||||
|
|
||||||
include_once('app/FormValidator.php');
|
include_once 'app/FormValidator.php';
|
||||||
|
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'tos' => array('required' => true, 'equals' => 'on'),
|
'tos' => array('required' => true, 'equals' => 'on'),
|
||||||
'username' => array('required' => true, 'regex' => '/^[^\\/<>\s]{1,64}( [^\\/<>\s]{1,64})?$/'),
|
'username' => array('required' => true, 'regex' => '/^[^\\/<>\s]{1,64}( [^\\/<>\s]{1,64})?$/'),
|
||||||
|
|
@ -53,11 +53,10 @@
|
||||||
'avatar' => array('required' => true)
|
'avatar' => array('required' => true)
|
||||||
));
|
));
|
||||||
|
|
||||||
if(!$validator->isValid($_POST)) {
|
if (!$validator->isValid($_POST)) {
|
||||||
if(!isset($_POST['tos']) || $_POST['tos'] !== true) {
|
if (!isset($_POST['tos']) || $_POST['tos'] !== true) {
|
||||||
displayPage("Du musst die Nutzungsbedingungen lesen und Akzeptieren.");
|
displayPage("Du musst die Nutzungsbedingungen lesen und Akzeptieren.");
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
displayPage("Ups da stimmt was nicht. Versuche es bitte noch mal.");
|
displayPage("Ups da stimmt was nicht. Versuche es bitte noch mal.");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -66,36 +65,35 @@
|
||||||
|
|
||||||
$name = trim($_POST['username']);
|
$name = trim($_POST['username']);
|
||||||
$nameParts;
|
$nameParts;
|
||||||
if($name != "") {
|
if ($name != "") {
|
||||||
$nameParts = explode(" ", $name);
|
$nameParts = explode(" ", $name);
|
||||||
if(count($nameParts) == 1) {
|
if (count($nameParts) == 1) {
|
||||||
$name .= " Resident";
|
$name .= " Resident";
|
||||||
$nameParts = explode(" ", $name);
|
$nameParts = explode(" ", $name);
|
||||||
}
|
}
|
||||||
|
|
||||||
$statementAvatarName = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserAccounts WHERE FirstName = :FirstName AND LastName = :LastName LIMIT 1");
|
$statementAvatarName = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserAccounts WHERE FirstName = :FirstName AND LastName = :LastName LIMIT 1");
|
||||||
$statementAvatarName->execute(['FirstName' => $nameParts[0], 'LastName' => $nameParts[1]]);
|
$statementAvatarName->execute(['FirstName' => $nameParts[0], 'LastName' => $nameParts[1]]);
|
||||||
if($statementAvatarName->rowCount() > 0) {
|
if ($statementAvatarName->rowCount() > 0) {
|
||||||
displayPage("Der gewählte Name ist bereits vergeben.");
|
displayPage("Der gewählte Name ist bereits vergeben.");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$pass = trim($_POST['password']);
|
$pass = trim($_POST['password']);
|
||||||
if(strlen($pass) < $RUNTIME['PASSWORD_MIN_LENGTH']) {
|
if (strlen($pass) < $RUNTIME['PASSWORD_MIN_LENGTH']) {
|
||||||
displayPage('Dein Passwort muss mindestens '.$RUNTIME['PASSWORD_MIN_LENGTH'].' Zeichen lang sein.');
|
displayPage('Dein Passwort muss mindestens '.$RUNTIME['PASSWORD_MIN_LENGTH'].' Zeichen lang sein.');
|
||||||
}
|
}
|
||||||
|
|
||||||
$email = trim($_POST['email']);
|
$email = trim($_POST['email']);
|
||||||
|
|
||||||
$avatar;
|
$avatar;
|
||||||
if(isset($RUNTIME['DEFAULTAVATAR'][$_POST['avatar']]['UUID'])) {
|
if (isset($RUNTIME['DEFAULTAVATAR'][$_POST['avatar']]['UUID'])) {
|
||||||
$avatar = trim($_POST['avatar']);
|
$avatar = trim($_POST['avatar']);
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
displayPage("Der gewählte Standardavatar existiert nicht.");
|
displayPage("Der gewählte Standardavatar existiert nicht.");
|
||||||
}
|
}
|
||||||
|
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
$avatarUUID = $opensim->gen_uuid();
|
$avatarUUID = $opensim->gen_uuid();
|
||||||
|
|
@ -104,7 +102,7 @@
|
||||||
|
|
||||||
$statementInviteDeleter = $RUNTIME['PDO']->prepare('DELETE FROM InviteCodes WHERE InviteCode = :code');
|
$statementInviteDeleter = $RUNTIME['PDO']->prepare('DELETE FROM InviteCodes WHERE InviteCode = :code');
|
||||||
$statementInviteDeleter->execute(['code' => $_REQUEST['code']]);
|
$statementInviteDeleter->execute(['code' => $_REQUEST['code']]);
|
||||||
if($statementInviteDeleter->rowCount() == 0) {
|
if ($statementInviteDeleter->rowCount() == 0) {
|
||||||
displayError("Der angegebene Einladungscode ist nicht mehr gültig.");
|
displayError("Der angegebene Einladungscode ist nicht mehr gültig.");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -123,14 +121,12 @@
|
||||||
$statementInventoryFolder = $RUNTIME['PDO']->prepare('INSERT INTO `inventoryfolders` (`folderName`, `type`, `version`, `folderID`, `agentID`, `parentFolderID`) VALUES (:folderName, :folderTyp, :folderVersion, :folderID, :agentID, :parentFolderID)');
|
$statementInventoryFolder = $RUNTIME['PDO']->prepare('INSERT INTO `inventoryfolders` (`folderName`, `type`, `version`, `folderID`, `agentID`, `parentFolderID`) VALUES (:folderName, :folderTyp, :folderVersion, :folderID, :agentID, :parentFolderID)');
|
||||||
$Inventory = array('Calling Cards' => 2, 'Objects' => 6, 'Landmarks' => 3, 'Clothing' => 5, 'Gestures' => 21, 'Body Parts' => 13, 'Textures' => 0, 'Scripts' => 10, 'Photo Album' => 15, 'Lost And Found' => 16, 'Trash' => 14, 'Notecards' => 7, 'My Inventory' => 8, 'Sounds' => 1, 'Animations' => 20);
|
$Inventory = array('Calling Cards' => 2, 'Objects' => 6, 'Landmarks' => 3, 'Clothing' => 5, 'Gestures' => 21, 'Body Parts' => 13, 'Textures' => 0, 'Scripts' => 10, 'Photo Album' => 15, 'Lost And Found' => 16, 'Trash' => 14, 'Notecards' => 7, 'My Inventory' => 8, 'Sounds' => 1, 'Animations' => 20);
|
||||||
$InventoryRootFolder = $opensim->gen_uuid();
|
$InventoryRootFolder = $opensim->gen_uuid();
|
||||||
foreach ($Inventory as $FolderName => $InventoryType)
|
foreach ($Inventory as $FolderName => $InventoryType) {
|
||||||
{
|
|
||||||
$FolderUUID = $opensim->gen_uuid();
|
$FolderUUID = $opensim->gen_uuid();
|
||||||
if ($InventoryType == 8)
|
if ($InventoryType == 8) {
|
||||||
{
|
|
||||||
$FolderUUID = $InventoryRootFolder;
|
$FolderUUID = $InventoryRootFolder;
|
||||||
$FolderParent = "00000000-0000-0000-0000-000000000000";
|
$FolderParent = "00000000-0000-0000-0000-000000000000";
|
||||||
}else{
|
} else {
|
||||||
$FolderParent = $InventoryRootFolder;
|
$FolderParent = $InventoryRootFolder;
|
||||||
}
|
}
|
||||||
$statementInventoryFolder->execute(['agentID' => $avatarUUID, 'folderName' => $FolderName, 'folderTyp' => $InventoryType, 'folderVersion' => 1, 'folderID' => $FolderUUID, 'parentFolderID' => $FolderParent]);
|
$statementInventoryFolder->execute(['agentID' => $avatarUUID, 'folderName' => $FolderName, 'folderTyp' => $InventoryType, 'folderVersion' => 1, 'folderID' => $FolderUUID, 'parentFolderID' => $FolderParent]);
|
||||||
|
|
@ -156,4 +152,3 @@
|
||||||
|
|
||||||
header('Location: index.php?page=dashboard');
|
header('Location: index.php?page=dashboard');
|
||||||
die();
|
die();
|
||||||
?>
|
|
||||||
|
|
@ -3,7 +3,8 @@
|
||||||
const TOKEN_INVALID = 'Dieser Link zur Passwortzurücksetzung ist nicht gültig. Bitte klicke oder kopiere den Link aus der E-Mail, die du erhalten hast.';
|
const TOKEN_INVALID = 'Dieser Link zur Passwortzurücksetzung ist nicht gültig. Bitte klicke oder kopiere den Link aus der E-Mail, die du erhalten hast.';
|
||||||
const TOKEN_EXPIRED = 'Dein Link zur Passwortzurücksetzung ist abgelaufen. Klicke <a href="index.php?page=forgot">hier</a>, um eine neue Anfrage zu senden.';
|
const TOKEN_EXPIRED = 'Dein Link zur Passwortzurücksetzung ist abgelaufen. Klicke <a href="index.php?page=forgot">hier</a>, um eine neue Anfrage zu senden.';
|
||||||
|
|
||||||
function displayTokenError($message) {
|
function displayTokenError($message)
|
||||||
|
{
|
||||||
$HTML = new HTML();
|
$HTML = new HTML();
|
||||||
$HTML->importHTML("error.html");
|
$HTML->importHTML("error.html");
|
||||||
$HTML->ReplaceLayoutInhalt('%%MESSAGE%%', $message);
|
$HTML->ReplaceLayoutInhalt('%%MESSAGE%%', $message);
|
||||||
|
|
@ -12,8 +13,9 @@
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
function displayPage($err) {
|
function displayPage($err)
|
||||||
if(!isset($_GET['token']) || !preg_match('/^[a-z0-9A-Z]{32}$/', $_GET['token'])) {
|
{
|
||||||
|
if (!isset($_GET['token']) || !preg_match('/^[a-z0-9A-Z]{32}$/', $_GET['token'])) {
|
||||||
displayTokenError(TOKEN_INVALID);
|
displayTokenError(TOKEN_INVALID);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -27,7 +29,7 @@
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
include_once 'app/FormValidator.php';
|
include_once 'app/FormValidator.php';
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'password' => array('required' => true, 'regex' => '/^.{1,1000}$/'),
|
'password' => array('required' => true, 'regex' => '/^.{1,1000}$/'),
|
||||||
|
|
@ -35,24 +37,24 @@
|
||||||
'resetToken' => array('required' => true, 'regex' => '/^[a-zA-Z0-9]{32}$/')
|
'resetToken' => array('required' => true, 'regex' => '/^[a-zA-Z0-9]{32}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
if($_POST['password'] !== $_POST['passwordRepeat']) {
|
if ($_POST['password'] !== $_POST['passwordRepeat']) {
|
||||||
displayPage('Du musst in beiden Feldern das gleiche Passwort eingeben');
|
displayPage('Du musst in beiden Feldern das gleiche Passwort eingeben');
|
||||||
}
|
}
|
||||||
|
|
||||||
if(strlen($_POST['password']) < $RUNTIME['PASSWORD_MIN_LENGTH']) {
|
if (strlen($_POST['password']) < $RUNTIME['PASSWORD_MIN_LENGTH']) {
|
||||||
displayPage('Dein Passwort muss mindestens '.$RUNTIME['PASSWORD_MIN_LENGTH'].' Zeichen lang sein.');
|
displayPage('Dein Passwort muss mindestens '.$RUNTIME['PASSWORD_MIN_LENGTH'].' Zeichen lang sein.');
|
||||||
}
|
}
|
||||||
|
|
||||||
$getReq = $RUNTIME['PDO']->prepare('SELECT UserAccounts.PrincipalID AS UUID,FirstName,LastName,Email,Token,RequestTime FROM PasswordResetTokens JOIN UserAccounts ON UserAccounts.PrincipalID = PasswordResetTokens.PrincipalID WHERE Token = ?');
|
$getReq = $RUNTIME['PDO']->prepare('SELECT UserAccounts.PrincipalID AS UUID,FirstName,LastName,Email,Token,RequestTime FROM PasswordResetTokens JOIN UserAccounts ON UserAccounts.PrincipalID = PasswordResetTokens.PrincipalID WHERE Token = ?');
|
||||||
$getReq->execute([$_POST['resetToken']]);
|
$getReq->execute([$_POST['resetToken']]);
|
||||||
if($getReq->rowCount() == 0) {
|
if ($getReq->rowCount() == 0) {
|
||||||
displayTokenError(TOKEN_INVALID);
|
displayTokenError(TOKEN_INVALID);
|
||||||
}
|
}
|
||||||
|
|
||||||
$res = $getReq->fetch();
|
$res = $getReq->fetch();
|
||||||
|
|
||||||
if(!hash_equals($res['Token'], $_POST['resetToken'])) {
|
if (!hash_equals($res['Token'], $_POST['resetToken'])) {
|
||||||
displayTokenError(TOKEN_INVALID);
|
displayTokenError(TOKEN_INVALID);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -60,11 +62,11 @@
|
||||||
$name = $res['FirstName'].' '.$res['LastName'];
|
$name = $res['FirstName'].' '.$res['LastName'];
|
||||||
$getToken = $RUNTIME['PDO']->prepare('DELETE FROM PasswordResetTokens WHERE PrincipalID = ? AND Token = ?');
|
$getToken = $RUNTIME['PDO']->prepare('DELETE FROM PasswordResetTokens WHERE PrincipalID = ? AND Token = ?');
|
||||||
$getToken->execute([$uuid, $_POST['resetToken']]);
|
$getToken->execute([$uuid, $_POST['resetToken']]);
|
||||||
if($getToken->rowCount() == 0) {
|
if ($getToken->rowCount() == 0) {
|
||||||
displayTokenError(TOKEN_INVALID);
|
displayTokenError(TOKEN_INVALID);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(time() - $res['RequestTime'] > 86400) {
|
if (time() - $res['RequestTime'] > 86400) {
|
||||||
displayTokenError(TOKEN_EXPIRED);
|
displayTokenError(TOKEN_EXPIRED);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -86,4 +88,3 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
displayPage('');
|
displayPage('');
|
||||||
?>
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
$HTML->setHTMLTitle("Online Anzeige");
|
$HTML->setHTMLTitle("Online Anzeige");
|
||||||
|
|
@ -10,10 +10,8 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT RegionID,UserID FROM Presence ORDER BY RegionID ASC");
|
$statement = $RUNTIME['PDO']->prepare("SELECT RegionID,UserID FROM Presence ORDER BY RegionID ASC");
|
||||||
$statement->execute();
|
$statement->execute();
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
while ($row = $statement->fetch()) {
|
||||||
{
|
if ($row['RegionID'] != "00000000-0000-0000-0000-000000000000") {
|
||||||
if($row['RegionID'] != "00000000-0000-0000-0000-000000000000")
|
|
||||||
{
|
|
||||||
$entry = '<tr><td>'.htmlspecialchars(trim($opensim->getUserName($row['UserID']))).'</td><td>'.htmlspecialchars($opensim->getRegionName($row['RegionID'])).'</td></tr>';
|
$entry = '<tr><td>'.htmlspecialchars(trim($opensim->getUserName($row['UserID']))).'</td><td>'.htmlspecialchars($opensim->getRegionName($row['RegionID'])).'</td></tr>';
|
||||||
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
|
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
|
||||||
}
|
}
|
||||||
|
|
@ -24,4 +22,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -2,8 +2,7 @@
|
||||||
$HTML->setHTMLTitle("Benutzer");
|
$HTML->setHTMLTitle("Benutzer");
|
||||||
$HTML->importSeitenInhalt("users.html");
|
$HTML->importSeitenInhalt("users.html");
|
||||||
|
|
||||||
if(!isset($_SESSION['LOGIN']) || !isset($_SESSION['LEVEL']) || $_SESSION['LEVEL'] < 100)
|
if (!isset($_SESSION['LOGIN']) || !isset($_SESSION['LEVEL']) || $_SESSION['LEVEL'] < 100) {
|
||||||
{
|
|
||||||
$HTML->setHTMLTitle("Kein Zugriff");
|
$HTML->setHTMLTitle("Kein Zugriff");
|
||||||
$HTML->SetSeitenInhalt("Dazu hast du keine Rechte!");
|
$HTML->SetSeitenInhalt("Dazu hast du keine Rechte!");
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
|
|
@ -11,17 +10,17 @@
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
include 'app/OpenSim.php';
|
include_once 'app/OpenSim.php';
|
||||||
$opensim = new OpenSim();
|
$opensim = new OpenSim();
|
||||||
|
|
||||||
if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
include 'app/FormValidator.php';
|
include_once 'app/FormValidator.php';
|
||||||
if(isset($_POST['genpw'])) {
|
if (isset($_POST['genpw'])) {
|
||||||
$validator = new FormValidator(array(
|
$validator = new FormValidator(array(
|
||||||
'userid' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
'userid' => array('required' => true, 'regex' => '/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/')
|
||||||
));
|
));
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
require_once 'app/utils.php';
|
require_once 'app/utils.php';
|
||||||
$token = generateToken(32);
|
$token = generateToken(32);
|
||||||
$setToken = $RUNTIME['PDO']->prepare('REPLACE INTO PasswordResetTokens(PrincipalID,Token,RequestTime) VALUES(?,?,?)');
|
$setToken = $RUNTIME['PDO']->prepare('REPLACE INTO PasswordResetTokens(PrincipalID,Token,RequestTime) VALUES(?,?,?)');
|
||||||
|
|
@ -30,11 +29,10 @@
|
||||||
|
|
||||||
$HTML->ReplaceSeitenInhalt("%%MESSAGE%%", '<div class="alert alert-danger" role="alert">Das Passwort für '.htmlspecialchars($opensim->getUserName($_REQUEST['userid'])).' kann in den nächsten 24 Stunden über diesen Link zurückgesetzt werden: <b>'.$resetLink.'</b></div>');
|
$HTML->ReplaceSeitenInhalt("%%MESSAGE%%", '<div class="alert alert-danger" role="alert">Das Passwort für '.htmlspecialchars($opensim->getUserName($_REQUEST['userid'])).' kann in den nächsten 24 Stunden über diesen Link zurückgesetzt werden: <b>'.$resetLink.'</b></div>');
|
||||||
}
|
}
|
||||||
}
|
} elseif (isset($_POST['generateLink'])) {
|
||||||
else if(isset($_POST['generateLink'])) {
|
|
||||||
$validator = new FormValidator(array()); // Needed only for CSRF token validation
|
$validator = new FormValidator(array()); // Needed only for CSRF token validation
|
||||||
|
|
||||||
if($validator->isValid($_POST)) {
|
if ($validator->isValid($_POST)) {
|
||||||
$inviteID = bin2hex(random_bytes(16));
|
$inviteID = bin2hex(random_bytes(16));
|
||||||
$link = "https://".$_SERVER['SERVER_NAME']."/index.php?page=register&code=".$inviteID;
|
$link = "https://".$_SERVER['SERVER_NAME']."/index.php?page=register&code=".$inviteID;
|
||||||
|
|
||||||
|
|
@ -54,8 +52,7 @@
|
||||||
$statement = $RUNTIME['PDO']->prepare("SELECT FirstName,LastName,UserLevel,PrincipalID FROM UserAccounts ORDER BY Created ASC");
|
$statement = $RUNTIME['PDO']->prepare("SELECT FirstName,LastName,UserLevel,PrincipalID FROM UserAccounts ORDER BY Created ASC");
|
||||||
$statement->execute();
|
$statement->execute();
|
||||||
|
|
||||||
while($row = $statement->fetch())
|
while ($row = $statement->fetch()) {
|
||||||
{
|
|
||||||
$entry = '<tr><td>'.htmlspecialchars($row['FirstName']).'</td><td>'.htmlspecialchars($row['LastName']).'</td><td>'.htmlspecialchars($row['UserLevel']).'</td><td><form action="index.php?page=users" method="post">%%CSRF%%<input type="hidden" name="userid" value="'.htmlspecialchars($row['PrincipalID']).'"><button type="submit" name="genpw" class="btn btn-link btn-sm">PASSWORT ZURÜCKSETZEN</button></form></td></tr>';
|
$entry = '<tr><td>'.htmlspecialchars($row['FirstName']).'</td><td>'.htmlspecialchars($row['LastName']).'</td><td>'.htmlspecialchars($row['UserLevel']).'</td><td><form action="index.php?page=users" method="post">%%CSRF%%<input type="hidden" name="userid" value="'.htmlspecialchars($row['PrincipalID']).'"><button type="submit" name="genpw" class="btn btn-link btn-sm">PASSWORT ZURÜCKSETZEN</button></form></td></tr>';
|
||||||
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
|
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
|
||||||
}
|
}
|
||||||
|
|
@ -67,4 +64,3 @@
|
||||||
|
|
||||||
$HTML->build();
|
$HTML->build();
|
||||||
echo $HTML->ausgabe();
|
echo $HTML->ausgabe();
|
||||||
?>
|
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
$HTML = new HTML();
|
$HTML = new HTML();
|
||||||
if(isset($_SESSION['LOGIN']))
|
if (isset($_SESSION['LOGIN'])) {
|
||||||
{
|
|
||||||
$HTML->importHTML("dashboard.html");
|
$HTML->importHTML("dashboard.html");
|
||||||
|
|
||||||
if(isset($_SESSION['LEVEL']) && $_SESSION['LEVEL'] > 100) {
|
if(isset($_SESSION['LEVEL']) && $_SESSION['LEVEL'] > 100) {
|
||||||
|
|
@ -10,4 +9,3 @@
|
||||||
|
|
||||||
$HTML->ReplaceLayoutInhalt("%%USERNAME%%", isset($_SESSION['DISPLAYNAME']) ? htmlspecialchars($_SESSION['DISPLAYNAME']) : '');
|
$HTML->ReplaceLayoutInhalt("%%USERNAME%%", isset($_SESSION['DISPLAYNAME']) ? htmlspecialchars($_SESSION['DISPLAYNAME']) : '');
|
||||||
}
|
}
|
||||||
?>
|
|
||||||
Loading…
Reference in New Issue