aboutsummaryrefslogtreecommitdiff
path: root/www/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'www/index.php')
-rwxr-xr-xwww/index.php171
1 files changed, 0 insertions, 171 deletions
diff --git a/www/index.php b/www/index.php
deleted file mode 100755
index 189e880..0000000
--- a/www/index.php
+++ /dev/null
@@ -1,171 +0,0 @@
-<?php
-session_start();
-
-if(!isset($_SESSION["login"])){
- $_SESSION["login"] = false;
-}
-
-if(!isset($_SESSION["login_attempts"])){
- $_SESSION["login_attempts"] = 6;
-}
-
-require_once("include.php"); // handles all the stuff that needs to be included
-
-if(check_if_banned($db)){
- banned();
-}
-
-if(empty($_GET)){
- print_index($db);
-} else {
- switch($_GET["task"]){
- case("login"):
- if($_SESSION["login"]){
- header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/");
- exit;
- }
-
- if($_SERVER['REQUEST_METHOD'] == 'POST'){
- $var = login($db);
- if($var == LOGIN_SUCCESSFULL){
- $_SESSION["login_attempts"] = 6;
- header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/");
- } elseif ($var == LOGIN_PASSWORD){
- brutforce_protection($db);
- print_login($var);
-
- } else {
- print_login($var);
- }
- } else {
- print_login(constant("EMPTY"));
- }
- break;
-
- case("logout"):
- if(!$_SESSION["login"]){
- print_login(constant("EMPTY"));
- exit;
- }
-
- $var = logout();
- if($var == LOGOUT_SUCCESSFULL){
- print_login($var);
- } else {
- header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/httperror.php?e=500");
- }
- break;
-
- case("register"):
-// if($_SESSION["login"]){
-// header("Refresh: 0; ".$scheme.$_SERVER["HTTP_HOST"]."/");
-// exit;
-// }
-
- if($_SERVER['REQUEST_METHOD'] == 'POST'){
- $var = register($db);
- if($var == REGISTER_SUCCESSFULL){
- print_index($db);
- } else {
- print_register($var);
- }
- } else {
- print_register(constant("EMPTY"));
- }
- break;
-
- case("password_recover"):
- if($_SERVER['REQUEST_METHOD'] == 'POST'){
- $var = recover_password($db); //TODO: Print error message
- if($var == RECOVER_PROHIBITED || $var = RECOVER_EMAIL){
- brutforce_protection($db);
- print_recover_password($var);
- }
- } else {
- print_recover_password("");
- }
- break;
-
- case("liste"):
- print_list($db);
- break;
-
- case("quote"):
- print_quote($db);
- break;
-
- case("new_member"):
- if($_SERVER["REQUEST_METHOD"] == "POST"){
- if(!insert_db($db)){
- echo "Database error. Please send me a <a href'mailto:max-moehring@web.de?subject=database error'>mail</a>";
- exit;
- } else {
- print_list($db);
- }
- } else {
- print_insert();
- }
- break;
-
- case("update"):
- if($_SERVER["REQUEST_METHOD"] == "POST"){
- $var = update_db($db);
- if($var){
- print_list($db);
- } else {
- echo $var."<br>";
- echo "Database error. Please send me a <a href'mailto:max-moehring@web.de?subject=database error'>mail</a>";
- exit;
- }
- } else {
- print_list($db);
- }
-
- break;
-
- case("account"):
- $var = "";
-
- if($_SERVER["REQUEST_METHOD"] == "POST"){
- if($_GET["change"] == "password"){
- if(validate_password($db, $_SESSION["username"], $_POST["oldpswd"])){
- $var=change_password($db, $_POST["pswd"], $_POST["2ndpswd"]);
- } else {
- $var = "password";
- }
-
- } elseif($_GET["change"] == "user"){
- if(validate_password($db, $_SESSION["username"], $_POST["pswd"])){
- $var = change_email($db, $_SESSION["username"], $_POST["email"]);
- if($var != CH_MAIL_EXISTS && $var != DATABASE){
- $eb = true;
- $var = change_username($db, $_SESSION["username"], $_POST["name"]);
- if($eb && $var == CH_USERNAME_EXISTS){
- $var = CH_EMAIL_SUCCESS;
- }
- }
- } else {
- $var = "password";
- }
- /*if($var != CH_USERNAME_EXISTS && $var != DATABASE){
- $var="success";
- }*/
- }
- }
-
- account($db, $var);
- break;
-
- case("services"):
- print_services();
- break;
-
- default:
- echo "404";
- //get_404($_GET["task"], $_GET["task"]); //TODO: Commit EMPTY constant
- break;
- }
-}
-include("piwik.php");
-echo "</body>";
-echo "</html>";