query("SELECT salt FROM user WHERE name='$username';"); while($salt_array = $salt_db->fetchArray(SQLITE3_NUM)){ foreach($salt_array as $firstelement){ $salt=$firstelement; } } $password = "$salt"."$passwort"; $hash_password = md5($password); for($i=0;$i<15000;$i++) $hash_password = md5($hash_password); $real_password_db = $db->query("SELECT password FROM user WHERE name='$username';"); while($real_password_array = $real_password_db->fetchArray(SQLITE3_NUM)){ foreach($real_password_array as $secondelement){ $real_password=$secondelement; } } /*___Login___*/ if ($real_password == $hash_password) { if($db->exec(" BEGIN TRANSACTION; INSERT INTO log (id, user, login) VALUES (NULL, (SELECT id FROM user WHERE name='$username'), (SELECT datetime()) ); COMMIT; ")){ $_SESSION["login"] = true; $_SESSION["username"] = "$unsafe_username"; header("Refresh: 0; /"); } else { header("Refresh: 0; login?reason=database"); } } else { header("Refresh: 0; login?reason=failure"); } } else { /*Prints the GET version*/ if($_SESSION["login"]){ header("Refresh: 0; /"); } else { foreach ($_GET as $argument => $value) { if(preg_match("/success/",$argument)) $logout="Log out was succesfull!"; } if($logout){ echo $logout; } echo "

Name:

Password:

"; } } exit; } /* --LOGOUT-- */ function logout(){ session_destroy(); header("Refresh: 0; /login?success"); exit; } /* --INVITE-- */ function invite($db){ if($_SERVER['REQUEST_METHOD'] == 'POST') { $name=$_SESSION["username"]; $safe_name = SQLite3::escapeString("$name"); $email=$_POST["email"]; $safe_email=SQLite3::escapeString("$email"); $invite_db = $db->query("SELECT invites FROM user WHERE name='$safe_name';"); $invite_ar = $invite_db->fetchArray(SQLITE3_NUM); $invite = $invite_ar[0]; if($invite > 0){ /*Generates the invite key => [-_0-9a-zA-Z]{11}*/ $key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" ); $length = count($key_array); $key = ""; for ($i=0;$i<11;$i++){ $index = mt_rand(0,$length-1); $key = "$key".$key_array[$index]; } $id_db = $db->query("SELECT id FROM USER WHERE name='$safe_name';"); $id_ar = $id_db->fetchArray(SQLITE3_NUM); $id = $id_ar[0]; /*Generates the new user and decrease the invites*/ $invite = $invite - 1; echo "ID: '$id', KEY: '$key', SAFE_EMAIL: '$safe_email'"; if($db->exec(" BEGIN TRANSACTION; INSERT INTO user (id, name, email, senpai, key, status) VALUES (NULL, NULL, '$safe_email', '$id', '$key', 0); UPDATE user SET invites='$invite' WHERE id='$id'; COMMIT;") ){ header("Refresh: 0; /invite?reason=success"); } else { header("Refresh: 0; /invite?reason=database"); } } else { header("Refresh: 0; /invite?reason=invites"); } } else { /*Prints the formular if requested with GET*/ foreach ($_GET as $name => $value) { echo 'Name: ' . $name . ' Value: ' . $value . '
'; } echo "Hallo $name

E-Mail:

"; echo "END"; } exit; } /* --REGISTER-- */ function register($db){ if($_SERVER['REQUEST_METHOD'] == 'POST') { session_start(); $name = $_POST["name"]; $cleartext_password = $_POST["pswd"]; $second_password = $_POST["2ndpswd"]; $email = $_POST["email"]; /* checking for empty password etc. */ if(($cleartext_password != $second_password) || !isset($_POST["pswd"]) || !isset($_POST["2ndpswd"]) || $cleartext_password == "" || empty($_POST["pswd"]) || empty($_POST["2ndpswd"])){ header("Refresh: 0; register?reason=password"); exit; } /* TODO: allow full unicode */ if(preg_match("/[^-_0-9a-zA-Z]/", $name) || preg_match("/[^-_0-9a-zA-Z]/", $cleartext_password) || preg_match("/[^-_0-9a-zA-Z@.]/", $email)){ header("Refresh: 0; register?reason=encoding"); exit; } $safe_name = SQLite3::escapeString("$name"); $safe_email = SQLite3::escapeString("$email"); /*Checks the validation of the registration attempt*/ $test_status_db = $db->query("SELECT status FROM user WHERE email='$safe_email';"); $test_status_arr = $test_status_db->fetchArray(SQLITE3_NUM); $test_status_int = $test_status_arr[0]; $test_key_db = $db->query("SELECT key FROM user WHERE email='$safe_email';"); $test_key_arr = $test_key_db->fetchArray(SQLITE3_NUM); $test_key = $test_key_arr[0]; if ($test_status_int != 0 || $email == "" || $test_key != $_POST["key"] || $test_key == "" || empty($test_status_db)){ header("Refresh: 0; /register?reason=prohibited"); exit; } else { $id_db = $db->query("SELECT id FROM user WHERE email='$safe_email';"); $id_ar = $id_db->fetchArray(SQLITE3_NUM); $id = $id_ar[0]; /*Generates the encrypted password and the database transactions*/ $salt = uniqid(mt_rand(), true); $password = "$salt"."$cleartext_password"; $hash_password = md5($password); for($i=0;$i<15000;$i++) $hash_password = md5($hash_password); if($db->exec(" BEGIN TRANSACTION; UPDATE user SET name='$safe_name', salt='$salt', password='$hash_password', invites=5, status=1, register=(SELECT datetime()) WHERE id=$id; INSERT INTO files (id, parent, owner, name, folder, mime, size, share, extra) VALUES (NULL, 0, $id, '/', 'DIRECTORY', NULL, NULL, 'PUBLIC', NULL); COMMIT;") ){ $_SESSION["login"] = true; $_SESSION["username"] = $name; header("Refresh: 0; /register?reason=registration"); } else { header("Refresh: 0; /register?reason=database"); } } } else { foreach ($_GET as $name => $value) { echo 'Name: ' . $name . ' Value: ' . $value . '
'; } echo "

Name:

pswd:

2ndpsdw:

key:

email:

"; } exit; } /* --PAGE NOT FOUND - 404 -- */ function get_404(){ echo "Sorry, page not found.
"; // select($db); exit; } //function select($db){ /* $i = 0; foreach ($_GET as $name => $value) { //value leer? $args[$i] = $name; echo 'Name: ' . $name . ' Value: ' . $value . '
'; $i++; } echo "Presented by func select()!"; */ //} function rewrite($db){ /* test if first argument a username or folder */ $name = SQLite3::escapeString("$_GET[name]"); $name_id_db = $db->query("SELECT id FROM user WHERE name='$name';"); $name_id_ar = $name_id_db->fetchArray(SQLITE3_NUM); if(empty($name_id_ar)){ /* if first argument wasn't valid, rewrite the URL to include the username */ if($_SESSION["login"]){ header("Refresh: 0; /" . $_SESSION[username] . "/" . $_GET["name"] . "/" . $_GET["folder"] . ""); exit; } else { get_404(); } return false; } return true; } function failure($reason){ echo "A 404 error occurred.
"; echo $reason; exit; } function user($db){ echo "loged in as: " . $_SESSION["username"]; $safe_name=SQLite3::escapeString("$_SESSION[username]"); $invite_db = $db->query("SELECT invites FROM user WHERE name='$safe_name';"); $invite_ar = $invite_db->fetchArray(SQLITE3_NUM); $invite = $invite_ar[0]; echo "

"; echo "You have currently $invite invites.
"; // exit; }