diff options
| author | root | 2014-04-16 13:31:02 +0200 |
|---|---|---|
| committer | root | 2014-04-16 13:31:02 +0200 |
| commit | 2441480079f68bd4bc15a12d7b9b47c18ce0bd52 (patch) | |
| tree | cd7544145e3539004619dc963c4e6cbf3a7b6c5b | |
| parent | b4e9313612dd341e43e5dc998469ec346adea8c6 (diff) | |
| download | jungegemeinde-2441480079f68bd4bc15a12d7b9b47c18ce0bd52.tar.gz | |
Added stuff.
| -rwxr-xr-x | blob/nginx_rewrite_rules | 1 | ||||
| -rw-r--r-- | www/failure.php | 90 | ||||
| -rwxr-xr-x | www/functions/func_login.php | 19 | ||||
| -rwxr-xr-x | www/functions/func_user.php | 2 | ||||
| -rwxr-xr-x | www/index.php | 3 | ||||
| -rw-r--r-- | www/liste.php | 42 | ||||
| -rw-r--r-- | www/services.php | 2 |
7 files changed, 125 insertions, 34 deletions
diff --git a/blob/nginx_rewrite_rules b/blob/nginx_rewrite_rules index a1323f7..d8a6611 100755 --- a/blob/nginx_rewrite_rules +++ b/blob/nginx_rewrite_rules @@ -18,6 +18,7 @@ location ~* ^/liste { rewrite ^/liste/new_member/? /index.php?task=new_member; } +rewrite ^/banned /failure.php?e=401; rewrite ^/quote/?$ /index.php?task=quote; rewrite ^/quote/([0-9]+)/?$ /index.php?task=quote&id=$1; rewrite ^/new_member/? /index.php?task=new_member; diff --git a/www/failure.php b/www/failure.php index 976e414..7461a28 100644 --- a/www/failure.php +++ b/www/failure.php @@ -1,15 +1,28 @@ <?php session_start(); + +$scheme="http://"; + +if(isset($_SERVER["HTTPS"])){ + if($_SERVER["HTTPS"] == "on"){ + $scheme="https://"; + } +} + +include("functions/func_login.php"); $db = new SQLite3("../database/sqlite.db"); -include("include.php"); +if($_GET["e"] != "401" && check_if_banned($db)){ + banned(); +} +//include("include.php"); if(!empty($_GET)){ switch($_GET["e"]){ case("401"): - $message = "Access forbidden"; + $message = "You are banned!"; break; case("403"): - $message = "Access forbidden"; + $message = "I could do that... but access forbidden"; break; case("404"): @@ -36,40 +49,95 @@ if(!empty($_GET)){ header("Refresh: 0; https://".$_SERVER["HTTP_HOST"]."/"); exit; $message = "200 / Everything is okay."; + $_GET["e"] = 200; } ?><!doctype html> <html> <head> - <title>Failure :: Junge Gemeinde Adlershof</title> + <title><?php if($_GET["e"] != "401"){ echo "Failure ".$_GET["e"]; } else { echo "You are banned! "; } ?> :: Junge Gemeinde Adlershof</title> <meta http-equiv='Content-type' content='text/html; charset=utf-8' /> <link rel='stylesheet' type='text/css' href='/static/hyperstyle.css' /> <link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'> </head> -<?php include("static/head.php"); ?> +<?php + +if($_SESSION["login"]){ + include("static/head.php"); + + echo " <br><br> <div id='content_container' align='center'> - <div class='kleineschrift'><div class='ueberschrift'><b><p style='text-decoration:underline;'><?php echo $message; ?></p></b></div></div> + <div class='kleineschrift'><div class='ueberschrift'><b><p style='text-decoration:underline;'>". $message ."</p></b></div></div> + "; + echo " <br><br> <p style='font-size:14px'>Upps, it seems to be something went wrong, sorry.</p> <p style='font-size:14px'>Have a random quote to bridge the time. Try to reload the site or check for typos in the URL.</p> -<?php + "; + $rows = $db->query("SELECT count(*) as count FROM sprueche;"); $row = $rows->fetchArray(); $numRows = $row["count"]; $zufall = mt_rand(1,$numRows); $ergebnis = $db->query("SELECT * FROM sprueche where id=$zufall;"); -?> + + echo " <br> <div id='container' align='center'> <br><br><br> <b>Zitat Nummer #<?php echo $zufall; ?></b><br><br><div id='bgcolor'> -<?php + "; + while($row=$ergebnis->fetchArray()){ echo $row["spruch"]; } -?></div> -</div> + + echo "</div> + </div> + "; +} else { + echo " + <body link='#000000' vlink='#000000' alink='#FF0000'> + "; + echo " +<br><br> +<div id='content_container' align='center'> + <div class='kleineschrift'><div class='ueberschrift'><b><p style='text-decoration:underline;'>". $message ."</p></b></div></div> + "; + + if($_GET["e"] != "401"){ + echo " + <br><br> + <p style='font-size:14px'>Upps, it seems to be something went wrong, sorry.</p> + <p style='font-size:14px'>Have a random quote to bridge the time. Try to reload the site or check for typos in the URL.</p> + <br> + <font style='font-size:14px'>Zurück zur <a href='/login'><u>Startseite</u></a> oder <a href='/password_recover'><u>Passwort vergessen?</u></a></font> + "; + + $rows = $db->query("SELECT count(*) as count FROM sprueche;"); + $row = $rows->fetchArray(); + $numRows = $row["count"]; + + $zufall = mt_rand(1,$numRows); + $ergebnis = $db->query("SELECT * FROM sprueche where id=$zufall;"); + + echo " + <br> + <div id='container' align='center'> + <br><br><br> + <b>Zitat Nummer #". $zufall ."</b><br><br><div id='bgcolor'> + "; + + while($row=$ergebnis->fetchArray()){ + echo $row["spruch"]; + } + + echo "</div> + </div> + "; + } +} diff --git a/www/functions/func_login.php b/www/functions/func_login.php index ccd99db..d909180 100755 --- a/www/functions/func_login.php +++ b/www/functions/func_login.php @@ -10,8 +10,9 @@ function login($db){ $real_password = ""; if($username == "Guest"){ - $real_password_db = $db->query("SELECT email FROM jg"); - while($row = $real_passsword_db->fetchArray(SQLITE3_NUM)){ + + $real_password_db = $db->query("SELECT email FROM jg;"); + while($row = $real_password_db->fetchArray(SQLITE3_NUM)){ if($row[0] == $password){ $log_in = true; break; @@ -83,14 +84,13 @@ function brutforce_protection($db){ $time = $_SERVER["REQUEST_TIME"]; if($_SESSION["login_attempts"] <= 0){ - if($db->exec(" + $db->exec(" BEGIN TRANSACTION; INSERT INTO banned_user (id, login_attempts, ip, session_id, time) VALUES (NULL, ".$_SESSION["login_attempts"].", '".SQLite3::escapeString($remote_ip)."', '".SQLite3::escapeString($session_id)."', ".$time."); COMMIT; - ")){ - echo "You are banned. ;_;"; - } - exit; + "); + banned(); + } else { if($db->exec(" BEGIN TRANSACTION; @@ -127,3 +127,8 @@ function check_if_banned($db){ return false; // not longer banned } + +function banned(){ + header("Refresh: 0; ".$GLOBALS["scheme"].$_SERVER["HTTP_HOST"]."/banned"); + exit; +} diff --git a/www/functions/func_user.php b/www/functions/func_user.php index 8efd104..f044334 100755 --- a/www/functions/func_user.php +++ b/www/functions/func_user.php @@ -164,7 +164,7 @@ function account($db, $var){ </td><td>   </td><td> - ".date("j.n.Y / H:i:s", $info_ar[5])." + ".date("j.n.Y H:i:s", $info_ar[5])." </td><td> </td><td>   diff --git a/www/index.php b/www/index.php index b6dce19..189e880 100755 --- a/www/index.php +++ b/www/index.php @@ -12,8 +12,7 @@ if(!isset($_SESSION["login_attempts"])){ require_once("include.php"); // handles all the stuff that needs to be included if(check_if_banned($db)){ - echo "You are banned. ;_;"; - exit; + banned(); } if(empty($_GET)){ diff --git a/www/liste.php b/www/liste.php index 1df43ce..211f485 100644 --- a/www/liste.php +++ b/www/liste.php @@ -1,10 +1,24 @@ -<?php include('auth.php'); +<?php /* Copyright Maximilian Möhring, 2013 Licensed under the GPL. Read LICENSE for more Information.*/ function print_list($db){ - include("static/header.php"); + + echo " <!doctype html> + <head> + <title>Adressliste :: Junge Gemeinde</title> + <meta http-equiv='Content-type' content='text/html; charset=utf-8' /> + <link rel='stylesheet' type='text/css' href='/static/hyperstyle.css' /> + <link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'> + <style> + /* a:focus, a:hover { color:#ffffff; background-color:#888080; opacity: 0.85;} */ + a:focus, a:hover { color:#ffffff; background-color:#888080; opacity: 0.85;} + .liste a { display:block; width:100%; } + </style> + </head> + "; + include("static/head.php"); echo " <script> @@ -41,17 +55,18 @@ function hide_elements() echo" <br><br> - <table height='350' border='1' rules='all' cellpadding='20' cellbording='20' cellspacing='20'> + <table class='liste' width='1190' height='350' border='0' rules='all' cellpadding='20' cellbording='20' cellspacing='20'> <!-- Wenn mir mal einer erklären könnte, warum die Zellen trotzdem keinen Abstand haben? --> <thead> <tr> - <th><a3> </a3></th> - <th><a3>Name</a3></th> - <th><a3>Adresse</a3></th> - <th><a3>Telefon</a3></th> - <th><a3>Handynummer</a3></th> - <th><a3>E-Mail</a3></th> - <th><a3>Geburtstag</a3></th> + <th><p>#</p></th> + <th><p>Name</p></th> + <th><p>Adresse</p></th> + <th><p>Telefon</p></th> + <th><p>Handynummer</p></th> + <th><p>E-Mail</p></th> + <th><p>Geburtstag</p></th> + <th><p>ändern</p></th> <tr> </thead> <tbody cellpadding='20' cellbording='20' cellspacing='20'> @@ -62,7 +77,8 @@ function hide_elements() while($row=$ergebnis->fetchArray(SQLITE3_NUM)){ //echo "<r><td align='left'><a href=\"/liste/.".$id."\" onclick=\"document.location.href='/liste/."$id."'\">$element</a></td></tr>"; - echo "<tr><td align='left'><a href=\"/liste/".$row[0]."\">".$count."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[1]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[2]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[3]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[4]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[5]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[6]."</a></td><tr>"; + echo "<tr><td align='center'><a href=\"/liste/".$row[0]."\">".$count."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[1]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[2]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[3]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[4]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[5]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[6]."</a></td><td align='center'><a href=\"/liste/".$row[0]."\"><input type='checkbox' name='change' value='true'</td></a><tr>"; + //echo "<tr><td align='center'><a href=\"/liste/".$row[0]."\">".$count."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[1]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[2]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[3]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[4]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[5]."</a></td><td align='left'><a href=\"/liste/".$row[0]."\">".$row[6]."</a></td><td align='center'><a href=\"/liste/".$row[0]."\"><input type='checkbox' name='change' value='true'</td></a><tr>"; $count++; } @@ -74,7 +90,9 @@ function hide_elements() <br><br> <div style='width:1000px;' class='mittlereschrift'> Da es in letzter Zeit doch öfters vorgekommen ist, dass jemand seine Adresse geändert hat, ist es jetzt möglich, einen Eintrag in der Adressliste zu ändern oder zu ergänzen. -Wenn du deine Adresse <b>ändern</b> möchtest, dann drücke einfach auf deinen Namen in der richtigen Zeile. <a href='/new_member'>Möchtest du jemanden <b>hinzufügen</b>, dann drücke bitte <u>hier</u>.</a> +Wenn du deine Adresse <b>ändern</b> möchtest, dann klicke in der richtigen Zeile 'ändern' an. <a href='/new_member'>Möchtest du jemanden <b>hinzufügen</b>, dann drücke bitte <u>hier</u>.</a> +<br><br> +Mitglied <a href='/new_member'><u>hinzufügen</u></a> </div> <br><br> diff --git a/www/services.php b/www/services.php index 5c24a0f..03c9da7 100644 --- a/www/services.php +++ b/www/services.php @@ -139,7 +139,7 @@ function print_services(){ <p>Bei Fragen, Kritik, Anregungen oder Projekte, ihr kennt ja meine E-Mail.<p> </td></tr> <tr><td> - <p>Kleiner Nachtrag: Ich lizenziere so gut wie jeden Quellcode meiner Projekte unter der GPL, darunter auch der dieser Website für die JG. Wen es interessiert, was unter der Haube läuft, der findet die Sammlung auf meinem privaten Git Server. Wo ihr natürlich auch ein Repo haben könntet. ;) </p> + <p>Kleiner Nachtrag: Ich lizenziere so gut wie jeden Quellcode meiner Projekte unter der GPL, unter anderem auch der Source dieser Website für die JG. Wen es interessiert, was unter der Haube läuft, der findet die Sammlung auf meinem privaten Git Server. Wo ihr natürlich auch ein Repo haben könntet. ;) </p> </td></tr> <tr><td> <br> |