Website
/
Manager
1
0
Fork 0
Code Releases 11 Activity

Fix various small errors

master
Anonymous Contributor 2023-08-23 18:16:34 +02:00
parent 3134f55393
commit bd3df89454
5 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
classen/HTML.php
View File

@ -226,7 +226,7 @@
$this->FertigesHTML = str_replace("%%GET_IP%%", @$_SERVER["REMOTE_ADDR"], $this->FertigesHTML);
// Add CSRF token
$this->FertigesHTML = str_replace("%%CSRF%%", '<input type="hidden" name="csrf" value="'.$_SESSION['csrf'].'">');
$this->FertigesHTML = str_replace("%%CSRF%%", '<input type="hidden" name="csrf" value="'.$_SESSION['csrf'].'">', $this->FertigesHTML);
$this->isBuild = true;
}

2
pages/HTML/identities.html
View File

@ -30,7 +30,7 @@
<div class="row" style="margin-top: 15px;">
<div class="col">
%&CSRF%&
%%CSRF%%
<button type="submit" name="createIdent" class="btn btn-primary btn-lg">Erstelle Identität</button>
</div>
</div>

4
pages/identities.php
View File

@ -14,7 +14,7 @@
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_SESSION['UUID']]);
}
if(isset($_REQUEST['enableIdent']) && isset($_REQUEST['newuuid']) && $_REQUEST['enableIdent'] != "" && $_REQUEST['newuuid'] != "")
if(isset($_REQUEST['enableIdent']) && isset($_REQUEST['newuuid']) && $_REQUEST['enableIdent'] == "" && $_REQUEST['newuuid'] != "")
{
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = :PrincipalID AND IdentityID = :IdentityID LIMIT 1");
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_REQUEST['newuuid']]);
@ -64,7 +64,7 @@
}
}
if(isset($_REQUEST['createIdent']) && isset($_REQUEST['newName']) && $_REQUEST['createIdent'] != "" && $_REQUEST['newName'] != "")
if(isset($_REQUEST['createIdent']) && isset($_REQUEST['newName']) && $_REQUEST['createIdent'] == "" && $_REQUEST['newName'] == "")
{
$avatarNameParts = explode(" ", trim($_REQUEST['newName']));

6
pages/login.php
View File

@ -8,8 +8,8 @@
if(isset($_POST['login']))
{
$validator = new FormValidator(array(
'username' => array('required' => true, 'regex' => '[^\\\/<>\s]{1,64} [^\\\/<>\s]{1,64}'),
'password' => array('required' => true, 'regex' => '.{1,1000}')
'username' => array('required' => true, 'regex' => '/[^\\\/<>\s]{1,64} [^\\\/<>\s]{1,64}/'),
'password' => array('required' => true, 'regex' => '/.{1,1000}/')
));
if(!$validator->isValid($_POST)) {
@ -57,7 +57,7 @@
}
}
if(isset($_REQUEST['page']) && preg_match('[0-9a-zA-Z]{1-100}') && file_exists("./pages/".$_REQUEST['page'].".php"))
if(isset($_REQUEST['page']) && preg_match('/[0-9a-zA-Z]{1-100}/', $_REQUEST['page']) && file_exists("./pages/".$_REQUEST['page'].".php"))
$HTML->ReplaceLayoutInhalt("%%PAGENAME%%", urlencode($_REQUEST['page']));
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "");

12
pages/register.php
View File

@ -17,7 +17,7 @@
if(!isset($_REQUEST['code']))
die("MISSING INVITE CODE!");
if(strlen($_REQUEST['code']) != 32 || !preg_match('[a-f0-9]+', $_REQUEST['code'])) {
if(strlen($_REQUEST['code']) != 32 || !preg_match('/[a-f0-9]+/', $_REQUEST['code'])) {
die("INVALID INVITE CODE!");
}
@ -29,10 +29,10 @@
include_once('classen/FormValidator.php');
$validator = new FormValidator(array(
'tos' => array('required' => true, 'equals' => true),
'username' => array('required' => true, 'regex' => '[^\\\/<>\s]{1,64}( [^\\\/<>\s]{1,64})?'),
'password' => array('required' => true, 'regex' => '.{1,1000}'),
'email' => array('required' => true, 'regex' => '\S{1,64}@\S{1,250}.\S{2,64}'),
'tos' => array('required' => true, 'equals' => 'on'),
'username' => array('required' => true, 'regex' => '/[^\\\/<>\s]{1,64}( [^\\\/<>\s]{1,64})?/'),
'password' => array('required' => true, 'regex' => '/.{1,1000}/'),
'email' => array('required' => true, 'regex' => '/\S{1,64}@\S{1,250}.\S{2,64}/'),
'avatar' => array('required' => true)
));
@ -82,7 +82,7 @@
}
$RUNTIME['REGISTER']['PASS'] = trim($_REQUEST['password']);
$RUNTIME['REGISTER']['EMAIL'] = trim($_REQUEST['email']);
if(isset($RUNTIME['DEFAULTAVATAR'][$avatar]['UUID']))
if(isset($RUNTIME['DEFAULTAVATAR'][$_REQUEST['avatar']]['UUID']))
{
$RUNTIME['REGISTER']['AVATAR'] = trim($_REQUEST['avatar']);
}