version 4.0

author: root 2014-09-25 10:26:56 +0200
committer: root 2014-09-25 10:26:56 +0200
commit: 2036626b560f22efd59673187a2de3b1319fcf8a (patch)
tree: 5180be078e3758b6fe3c37834cf6074c148394d1 /bootstrap/action.php
parent: 7ea240aef9b75758d05cb5212ef7c99b47b4180b (diff)
download: jungegemeinde-2036626b560f22efd59673187a2de3b1319fcf8a.tar.gz
1 files changed, 164 insertions, 20 deletions
diff --git a/bootstrap/action.php b/bootstrap/action.php
index 533ef0a..a52d471 100644
--- a/bootstrap/action.php
+++ b/bootstrap/action.php
@@ -1,51 +1,102 @@
 <?php
-
 if ( ! isset($_GET["page"]) || $_GET["page"] != "action" ){
 	header($_SERVER["SERVER_PROTOCOL"] . " 404 Not Found");
+	ob_clean();
 	exit;
 }
 
 if ( ! isset($_GET["task"]) || $_GET["task"] == "" ){
 	header($_SERVER["SERVER_PROTOCOL"] . "400 Wrong Request");
 	header("Location: /?page=index");
+	ob_clean();
+	exit;
 }
 
 switch($_GET["task"]){
 	case("login"):
 		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
 			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
+			ob_clean();
 			echo "Method not allowed";
 			exit;
 		}
 		if ( ! isset($_POST["name"]) || $_POST["name"] == "" || ! isset($_POST["password"]) || $_POST["password"] == "" ){
-			failure("not enough information", "400 Bad Request");
-		}
-		if ( $jg->login($_POST["name"], $_POST["password"]) ){
-			header($_SERVER["SERVER_PROTCOL"] . " 302 Moved");
+			print_login("missing");
+		} else 	if ( $user->login($_POST["name"], $_POST["password"]) ){
+			header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
 			header("Location: /?page=" . $_GET["goto"]);
+			ob_clean();
 			exit;
+		} else {
+			print_login("password");
 		}
 		break;
 
-	case("update"):
+	case("register"):
 		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
 			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
+			ob_clean();
 			echo "Method not allowed";
 			exit;
 		}
-		if ( ! isset($_GET["id"]) || $_GET["id"] == 0 || $_GET["id"] == "" ){
+		if ( ! isset($_POST["name"]) || $_POST["name"] == "" || ! isset($_POST["password"]) || $_POST["password"] == "" || ! isset($_POST["confirm"]) || $_POST["confirm"] == "" || ! isset($_POST["key"])){
+			print_login("missing");
+		} 
+		else if ( $_POST["key"] != INVITEKEY ){
+			print_login("key");
+		} 
+		else if ( $_POST["password"] != $_POST["confirm"]){
+			print_login("password");
+		} else {
+			if ( ! isset($_POST["email"]) || $_POST["email"] == "" ){
+				$email = "null";
+				$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX . "user WHERE name = %s LIMIT 1;", $_POST["name"]);
+			}
+			else {
+				$email = $_POST["email"];
+				$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX . "user WHERE name = %s OR email = %s LIMIT 1", $_POST["name"], $_POST["email"]);	
+			}	
+			$check_db = $db->doQuery($sql);
+			$check_ar = $check_db->fetch_array(MYSQLI_NUM);
+			if ( $check_ar[0] == 1) {
+				print_login("double");
+			} else {
+				if ( ! $user->register($_POST["name"], $_POST["password"], $email))
+					print_login("database");
+				else {
+					header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
+					header("Location: /?page=" . $_GET["goto"]);
+					ob_clean();
+					exit;
+				}
+			}
+		} 
+		break;
+
+	case("update"):
+		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
+			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
+			ob_clean();
+			echo "Method not allowed";
 			exit;
 		}
-		$sql = $db->prepare("UPDATE " . DBPREFIX . "member SET name = %s AND adresse = %s AND telefonnummer = %s AND handynummer = %s AND email = %s AND geburtstag = %s WHERE id = %d;", 
-			$_POST["name"], $_POST["adresse"], $_POST["telefonnummer"], $_POST["handynummer"], $_POST["email"], $_POST["geburtstag"], $_GET["id"]
-		);
-		if ( ! $sql )
-			exit;
-		if ( $result = $db->doQuery($sql) ){
-			header($_SERVER["SERVER_PROTCOL"] . " 302 Moved");
-			header("Location: /?page=" . $_GET["goto"]);
+		if ( ! isset($_GET["id"]) || $_GET["id"] == 0 || $_GET["id"] == "" ){
+			print_list("update");
+		} else {
+			$sql = $db->prepare("UPDATE " . DBPREFIX . "member SET name = %s, adresse = %s, telefonnummer = %s, handynummer = %s, email = %s, geburtstag = %s WHERE member_id = %d;", 
+				$_POST["name"], $_POST["adresse"], $_POST["telefonnummer"], $_POST["handynummer"], $_POST["email"], $_POST["geburtstag"], $_GET["id"]
+			);
+			if ( ! $sql ){
+				ob_clean();
+				echo "SQL preparation failed.";
+				exit;
+			}
+			if ( $result = $db->doQuery($sql) ){
+				header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
+				header("Location: /?page=" . $_GET["goto"]);
+				$c->flush();
+			}
 		}
-		exit;
 		break;
 
 	case("add"):
@@ -54,14 +105,107 @@ switch($_GET["task"]){
 			echo "Method not allowed";
 			exit;
 		}
-		$sql = $db->prepare("INSERT INTO " . DBPREFIX . "member (id, name, adresse, telefonnummer, handynummer, email, geburtstag) VALUES (NULL, %s, %s, %s, %s, %s, %s);", 
+		$sql = $db->prepare("INSERT INTO " . DBPREFIX . "member (member_id, name, adresse, telefonnummer, handynummer, email, geburtstag) VALUES (NULL, %s, %s, %s, %s, %s, %s);", 
 			 $_POST["name"], $_POST["adresse"], $_POST["telefonnummer"], $_POST["handynummer"], $_POST["email"], $_POST["geburtstag"]
 		);
-		if ( ! $sql )
+		if ( ! $sql ){
+			echo "SQL preparation failed.";
 			exit;
+		}
 		if ( $result = $db->doQuery($sql) ){
-			header($_SERVER["SERVER_PROTCOL"] . " 302 Moved");
+			header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
 			header("Location: /?page=" . $_GET["goto"]);
+			$c->flush($_GET["_flush"]);
+		}
+		break;
+	case("account"):
+		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
+			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
+			echo "Method not allowed";
+			exit;
+		}
+		if ( ! isset($_POST["name"]) || $_POST["name"] == "" || ! isset($_POST["confirm"]) || $_POST["confirm"] == ""){
+			print_account("info");
+		} else if ( ! isset($_POST["email"]) ){
+			$_POST["email"] = "";
+		} else if ( ! password_verify($_POST["confirm"] . PEPPER , $user->getPassword()) ) {
+			print_account("password");
+		} else {
+			$sql = false;
+			$check_ar[0] = 0;
+			if ( $_POST["name"] != $_SESSION["username"]){
+			
+				if ( isset($_POST["email"]) && $_POST["email"] != "" && $_POST["email"] != $user->getEmail() )
+					$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX ."user WHERE name = %s OR email = %s ;", $_POST["name"], $_POST["email"]);
+				else
+					$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX ."user WHERE name = %s ;", $_POST["name"]);
+
+			} else 	if ( isset($_POST["email"]) && $_POST["email"] != "" && $_POST["email"] != $user->getEmail() ){
+					$sql = $db->prepare("SELECT 1 FROM " . DBPREFIX ."user WHERE email = %s ;", $_POST["email"]);
+
+			} else if ( $_POST["password"] == "" ){
+				redirect("account");
+			}
+			
+			if ( $sql ){
+				$check_db = $db->doQuery($sql);
+				$check_ar = $check_db->fetch_array(MYSQLI_NUM);
+			}
+			
+			if ( $check_ar[0] == 1){
+				print_account("double");
+			} else {
+				if ( $_POST["password"] != $_POST["confirm"] && $_POST["password"] != "" ){
+					$sql = $db->prepare("UPDATE " . DBPREFIX . "user SET name = %s, password = %s, email = %s WHERE id = %d;", $_POST["name"] , password_hash($_POST["password"]. PEPPER, PASSWORD_DEFAULT),  $_POST["email"], $_SESSION["userid"]);
+				} else
+					$sql = $db->prepare("UPDATE " . DBPREFIX . "user SET name = %s,  email = %s WHERE id = %d;", $_POST["name"], $_POST["email"], $_SESSION["userid"]);
+				if ( ! $db->doQuery($sql) ){
+				
+					echo $sql;
+					print_account("database");
+				} else
+					$_SESSION["username"] = $_POST["name"];
+					redirect("account&success=1");
+			}
 		}
-		exit;
+		break;
+	case("recover"):
+		if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){
+			header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed");
+			echo "Method not allowed";
+			exit;
+		}
+		$sql = $db->prepare("SELECT 1, name FROM " . DBPREFIX . "user WHERE email = %s ;", $_POST["email"]);
+		$result_db = $db->doQuery($sql);
+		$result_ar = $result_db->fetch_array(MYSQLI_NUM);
+		if ( $result_ar[0] == 1){
+			
+			$arr = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "_", "-");
+			$password = "";
+			$l = count($arr) -1 ;
+			for ($i=0;$i<10;$i++){
+				$r = mt_rand(0, $l);
+				$password.=$arr[$r];
+			}
+
+			$hash = password_hash($password . PEPPER, PASSWORD_DEFAULT);
+			$sql = $db->prepare("UPDATE " . DBPREFIX . "user SET password = %s WHERE email = %s ;", $hash, $_POST["email"]);
+			if ( ! $db->doQuery($sql) )
+				redirect("recover&track=0");
+
+			$body = 
+"Hello,
+someone requested a new password for '".$result_ar[1]."' on https://jungegemeinde.iamfabulous.de.
+The new password is '". $password ."'. Remember to change it immediately at https://jungegemeinde.iamfabulous.de/?page=account after successfull login.
+
+Kindly regards,
+JG Adlershof";
+
+			// header injection
+			mail($_POST["email"], "JG: Passwort Reset", $body, "From: JG Adlershof <noreply@jungegemeinde.iamfabulous.de>\r\n" );
+			redirect("recover&track=1");
+		} else {
+			redirect("recover&track=0");
+		}
+		break;
 }
author	root	2014-09-25 10:26:56 +0200
committer	root	2014-09-25 10:26:56 +0200
commit	2036626b560f22efd59673187a2de3b1319fcf8a (patch)
tree	5180be078e3758b6fe3c37834cf6074c148394d1 /bootstrap/action.php
parent	7ea240aef9b75758d05cb5212ef7c99b47b4180b (diff)
download	jungegemeinde-2036626b560f22efd59673187a2de3b1319fcf8a.tar.gz