Website
/
Manager
1
0
Fork 0
Code Releases 11 Activity

Fix various small errors

master
Anonymous Contributor 2023-08-23 18:16:34 +02:00
parent 3134f55393
commit bd3df89454
5 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
classen/HTML.php
View File

@ -226,7 +226,7 @@
$this->FertigesHTML = str_replace("%%GET_IP%%", @$_SERVER["REMOTE_ADDR"], $this->FertigesHTML); $this->FertigesHTML = str_replace("%%GET_IP%%", @$_SERVER["REMOTE_ADDR"], $this->FertigesHTML);
// Add CSRF token // Add CSRF token
$this->FertigesHTML = str_replace("%%CSRF%%", '<input type="hidden" name="csrf" value="'.$_SESSION['csrf'].'">'); $this->FertigesHTML = str_replace("%%CSRF%%", '<input type="hidden" name="csrf" value="'.$_SESSION['csrf'].'">', $this->FertigesHTML);
$this->isBuild = true; $this->isBuild = true;
} }

2
pages/HTML/identities.html
View File

@ -30,7 +30,7 @@
<div class="row" style="margin-top: 15px;"> <div class="row" style="margin-top: 15px;">
<div class="col"> <div class="col">
%&CSRF%& %%CSRF%%
<button type="submit" name="createIdent" class="btn btn-primary btn-lg">Erstelle Identität</button> <button type="submit" name="createIdent" class="btn btn-primary btn-lg">Erstelle Identität</button>
</div> </div>
</div> </div>

4
pages/identities.php
View File

@ -14,7 +14,7 @@
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_SESSION['UUID']]); $statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_SESSION['UUID']]);
} }
if(isset($_REQUEST['enableIdent']) && isset($_REQUEST['newuuid']) && $_REQUEST['enableIdent'] != "" && $_REQUEST['newuuid'] != "") if(isset($_REQUEST['enableIdent']) && isset($_REQUEST['newuuid']) && $_REQUEST['enableIdent'] == "" && $_REQUEST['newuuid'] != "")
{ {
$statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = :PrincipalID AND IdentityID = :IdentityID LIMIT 1"); $statement = $RUNTIME['PDO']->prepare("SELECT 1 FROM UserIdentitys WHERE PrincipalID = :PrincipalID AND IdentityID = :IdentityID LIMIT 1");
$statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_REQUEST['newuuid']]); $statement->execute(['PrincipalID' => $_SESSION['UUID'], 'IdentityID' => $_REQUEST['newuuid']]);
@ -64,7 +64,7 @@
} }
} }
if(isset($_REQUEST['createIdent']) && isset($_REQUEST['newName']) && $_REQUEST['createIdent'] != "" && $_REQUEST['newName'] != "") if(isset($_REQUEST['createIdent']) && isset($_REQUEST['newName']) && $_REQUEST['createIdent'] == "" && $_REQUEST['newName'] == "")
{ {
$avatarNameParts = explode(" ", trim($_REQUEST['newName'])); $avatarNameParts = explode(" ", trim($_REQUEST['newName']));

6
pages/login.php
View File

@ -8,8 +8,8 @@
if(isset($_POST['login'])) if(isset($_POST['login']))
{ {
$validator = new FormValidator(array( $validator = new FormValidator(array(
'username' => array('required' => true, 'regex' => '[^\\\/<>\s]{1,64} [^\\\/<>\s]{1,64}'), 'username' => array('required' => true, 'regex' => '/[^\\\/<>\s]{1,64} [^\\\/<>\s]{1,64}/'),
'password' => array('required' => true, 'regex' => '.{1,1000}') 'password' => array('required' => true, 'regex' => '/.{1,1000}/')
)); ));
if(!$validator->isValid($_POST)) { if(!$validator->isValid($_POST)) {
@ -57,7 +57,7 @@
} }
} }
if(isset($_REQUEST['page']) && preg_match('[0-9a-zA-Z]{1-100}') && file_exists("./pages/".$_REQUEST['page'].".php")) if(isset($_REQUEST['page']) && preg_match('/[0-9a-zA-Z]{1-100}/', $_REQUEST['page']) && file_exists("./pages/".$_REQUEST['page'].".php"))
$HTML->ReplaceLayoutInhalt("%%PAGENAME%%", urlencode($_REQUEST['page'])); $HTML->ReplaceLayoutInhalt("%%PAGENAME%%", urlencode($_REQUEST['page']));
$HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", ""); $HTML->ReplaceLayoutInhalt("%%LOGINMESSAGE%%", "");

12
pages/register.php
View File

@ -17,7 +17,7 @@
if(!isset($_REQUEST['code'])) if(!isset($_REQUEST['code']))
die("MISSING INVITE CODE!"); die("MISSING INVITE CODE!");
if(strlen($_REQUEST['code']) != 32 || !preg_match('[a-f0-9]+', $_REQUEST['code'])) { if(strlen($_REQUEST['code']) != 32 || !preg_match('/[a-f0-9]+/', $_REQUEST['code'])) {
die("INVALID INVITE CODE!"); die("INVALID INVITE CODE!");
} }
@ -29,10 +29,10 @@
include_once('classen/FormValidator.php'); include_once('classen/FormValidator.php');
$validator = new FormValidator(array( $validator = new FormValidator(array(
'tos' => array('required' => true, 'equals' => true), 'tos' => array('required' => true, 'equals' => 'on'),
'username' => array('required' => true, 'regex' => '[^\\\/<>\s]{1,64}( [^\\\/<>\s]{1,64})?'), 'username' => array('required' => true, 'regex' => '/[^\\\/<>\s]{1,64}( [^\\\/<>\s]{1,64})?/'),
'password' => array('required' => true, 'regex' => '.{1,1000}'), 'password' => array('required' => true, 'regex' => '/.{1,1000}/'),
'email' => array('required' => true, 'regex' => '\S{1,64}@\S{1,250}.\S{2,64}'), 'email' => array('required' => true, 'regex' => '/\S{1,64}@\S{1,250}.\S{2,64}/'),
'avatar' => array('required' => true) 'avatar' => array('required' => true)
)); ));
@ -82,7 +82,7 @@
} }
$RUNTIME['REGISTER']['PASS'] = trim($_REQUEST['password']); $RUNTIME['REGISTER']['PASS'] = trim($_REQUEST['password']);
$RUNTIME['REGISTER']['EMAIL'] = trim($_REQUEST['email']); $RUNTIME['REGISTER']['EMAIL'] = trim($_REQUEST['email']);
if(isset($RUNTIME['DEFAULTAVATAR'][$avatar]['UUID'])) if(isset($RUNTIME['DEFAULTAVATAR'][$_REQUEST['avatar']]['UUID']))
{ {
$RUNTIME['REGISTER']['AVATAR'] = trim($_REQUEST['avatar']); $RUNTIME['REGISTER']['AVATAR'] = trim($_REQUEST['avatar']);
} }