last2014/uwuzu-mirror
1
0
Fork 0
mirror of https://github.com/Daichimarukana/uwuzu.git synced 2026-06-04 19:14:41 +00:00
Code Activity

uwuzu version 1.2.29

Browse Source
This commit is contained in:
daichimarukana
2023-12-21 20:29:41 +09:00
parent 51d7d84b63
commit 29c46fcc4e
18 changed files with 216 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files
authlogin.php
+38
View File
@@ -214,6 +214,44 @@ if( !empty($_POST['btn_submit']) ) {
clearstatcache();
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = explode(';', $_SERVER['HTTP_COOKIE']);
foreach($cookies as $cookie) {
$parts = explode('=', $cookie);
$name = trim($parts[0]);
setcookie($name, '', time()-1000);
}
}
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $row["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $row["username"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
check.php
+38
View File
@@ -171,6 +171,44 @@ if( !empty($_POST['btn_submit']) ) {
clearstatcache();
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = explode(';', $_SERVER['HTTP_COOKIE']);
foreach($cookies as $cookie) {
$parts = explode('=', $cookie);
$name = trim($parts[0]);
setcookie($name, '', time()-1000);
}
}
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $userData["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['loginid'] = $userData["loginid"];
css/home.css
+17
View File
@@ -1132,6 +1132,14 @@ main h1{
font-weight: bold;
transition: all 250ms ease-out;
}
.ueuse .mta img{
margin-top: auto;
margin-bottom: auto;
margin-left: 4px;
margin-right: 4px;
height: 14px;
vertical-align: middle;
}
.ueuse .mta:hover{
font-size: 14px;
background-color: var(--main-color);
@@ -1368,6 +1376,15 @@ main h1{
font-family: 'BIZ UDPGothic', sans-serif;
font-weight: bold;
}
.ueuse .abi .back h1 img{
margin-top: auto;
margin-bottom: auto;
margin-left: 4px;
margin-right: 4px;
height: 16px;
vertical-align: middle;
}
.ueuse .abi h1{
overflow-wrap: break-word;
margin-top: auto;
errorpage/400.php
+7 -1
View File
@@ -29,9 +29,15 @@ $domain = $_SERVER['HTTP_HOST'];
<body>
<div class="topbox">
<?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
<div class="logo">
<a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
<a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
</div>
<?php }else{?>
<div class="logo">
<a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
</div>
<?php }?>
</div>
<div class="terms">
errorpage/401.php
+7 -1
View File
@@ -29,9 +29,15 @@ $domain = $_SERVER['HTTP_HOST'];
<body>
<div class="topbox">
<?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
<div class="logo">
<a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
<a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
</div>
<?php }else{?>
<div class="logo">
<a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
</div>
<?php }?>
</div>
<div class="terms">
errorpage/403.php
+7 -1
View File
@@ -29,9 +29,15 @@ $domain = $_SERVER['HTTP_HOST'];
<body>
<div class="topbox">
<?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
<div class="logo">
<a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
<a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
</div>
<?php }else{?>
<div class="logo">
<a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
</div>
<?php }?>
</div>
<div class="terms">
errorpage/404.php
+7 -1
View File
@@ -31,9 +31,15 @@ $domain = $_SERVER['HTTP_HOST'];
<body>
<div class="topbox">
<?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
<div class="logo">
<a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
<a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
</div>
<?php }else{?>
<div class="logo">
<a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
</div>
<?php }?>
</div>
<div class="terms">
errorpage/500.php
+7 -1
View File
@@ -28,9 +28,15 @@ $domain = $_SERVER['HTTP_HOST'];
<body>
<div class="topbox">
<?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
<div class="logo">
<a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
<a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
</div>
<?php }else{?>
<div class="logo">
<a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
</div>
<?php }?>
</div>
<div class="terms">
errorpage/503.php
+7 -1
View File
@@ -34,9 +34,15 @@ $domain = $_SERVER['HTTP_HOST'];
<body>
<div class="topbox">
<?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
<div class="logo">
<a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
<a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
</div>
<?php }else{?>
<div class="logo">
<a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
</div>
<?php }?>
</div>
<div class="terms">
errorpage/serverstop.php
+7 -1
View File
@@ -32,9 +32,15 @@ if(!empty(file_get_contents($serverstopfile))){
<body>
<div class="topbox">
<?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
<div class="logo">
<a href="../index.php"><img src="/img/uwuzulogo.svg"></a>
<a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
</div>
<?php }else{?>
<div class="logo">
<a href="../index.php"><img src="../img/uwuzulogo.svg"></a>
</div>
<?php }?>
</div>
<div class="terms">
index.php
+16 -3
View File
@@ -63,6 +63,17 @@ $serverinfo = file_get_contents($serverinfofile);
//-------------------------------------
//-------------------------
$softwarefile = "server/uwuzuinfo.txt";
$softwaredata = file_get_contents($softwarefile);
$softwaredata = explode( "\n", $softwaredata );
$cnt = count( $softwaredata );
for( $i=0;$i<$cnt;$i++ ){
$uwuzuinfo[$i] = ($softwaredata[$i]);
}
//-------------------------
$domain = $_SERVER['HTTP_HOST'];
//------------------------
@@ -135,9 +146,9 @@ if ("serviceWorker" in navigator) {
<body>
<div class="leftbox">
<?php if(!empty($serverlogo_link[1])){ ?>
<?php if(!empty(htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8'))){ ?>
<div class="logo">
<a href="../index.php"><img src=<?php echo htmlspecialchars($serverlogo_link[1], ENT_QUOTES, 'UTF-8');?>></a>
<a href="../index.php"><img src=<?php echo htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');?>></a>
</div>
<?php }else{?>
<div class="logo">
@@ -178,11 +189,13 @@ if ("serviceWorker" in navigator) {
<?php if(htmlspecialchars($serversettings["serverinfo"]["server_invitation"], ENT_QUOTES, 'UTF-8') === "true"){?>
<p>このサーバーには招待コードがないと登録できません。<br>招待コードはお手元にありますか?</p>
<div class="btnbox">
<a href="new.php" class="irobutton">アカウント登録</a>
<a href="login.php" class="sirobutton">ログイン</a>
</div>
<?php }else{?>
<div class="cntzone">
<div class="usercnt">
<div class="p1">ユーザー数</div>
@@ -193,12 +206,12 @@ if ("serviceWorker" in navigator) {
<p><?php echo $count2."<br>"?></p>
</div>
</div>
<div class="btnbox">
<a href="new.php" class="irobutton">アカウント登録</a>
<a href="login.php" class="sirobutton">ログイン</a>
</div>
<?php }?>
<div class="p2" style="margin-top:8px;margin-bottom:0px;"><?php echo $uwuzuinfo[0];?> Version <?php echo $uwuzuinfo[1];?></div>
</div>
</div>
new.php
+2 -2
View File
@@ -607,8 +607,8 @@ $pdo = null;
</div>
<div class="btn_area">
<a href="rule/terms.php" class="fbtn">利用規約</a>
<a href="rule/privacypolicy.php" class="fbtn">プライバシーポリシー</a>
<a href="rule/terms.php" target="_blank" class="fbtn">利用規約</a>
<a href="rule/privacypolicy.php" target="_blank" class="fbtn">プライバシーポリシー</a>
</div>
<p>登録を押すと利用規約とプライバシーポリシーに同意したこととなります。<br>未確認の場合は上のボタンよりお読みください。</p>
nextpage/notificationview.php
+26 -1
View File
@@ -1,4 +1,29 @@
<?php
//Profile
function replaceProfileEmojiImages($postText) {
// プロフィール名で絵文字名(:emoji:)を検出して画像に置き換える
$emojiPattern = '/:(\w+):/';
$postTextWithImages = preg_replace_callback($emojiPattern, function($matches) {
$emojiName = $matches[1];
//絵文字path取得
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$emoji_Query = $dbh->prepare("SELECT emojifile, emojiname FROM emoji WHERE emojiname = :emojiname");
$emoji_Query->bindValue(':emojiname', $emojiName);
$emoji_Query->execute();
$emoji_row = $emoji_Query->fetch();
if(empty($emoji_row["emojifile"])){
$emoji_path = "img/sysimage/errorimage/emoji_404.png";
}else{
$emoji_path = $emoji_row["emojifile"];
}
return "<img src='../".$emoji_path."' alt=':$emojiName:' title=':$emojiName:'>";
}, $postText);
return $postTextWithImages;
}
function replaceEmojisWithImages($postText) {
// ユーズ内で絵文字名(:emoji:)を検出して画像に置き換える
$emojiPattern = '/:(\w+):/';
@@ -41,7 +66,7 @@ function replaceEmojisWithImages($postText) {
if(empty($mentionsuserData)){
return "@$username";
}else{
return "<a class = 'mta' href='/@".$mentionsuserData["userid"]."'>@".$mentionsuserData["username"]."</a>";
return "<a class = 'mta' href='/@".htmlentities($mentionsuserData["userid"])."'>@".replaceProfileEmojiImages(htmlentities($mentionsuserData["username"]))."</a>";
}
}, $postTextWithImages);
nextpage/view.php
+2 -2
View File
@@ -85,7 +85,7 @@ function replaceEmojisWithImages($postText) {
if(empty($mentionsuserData)){
return "@$username";
}else{
return "<a class = 'mta' href='/@".$mentionsuserData["userid"]."'>@".$mentionsuserData["username"]."</a>";
return "<a class = 'mta' href='/@".htmlentities($mentionsuserData["userid"])."'>@".replaceProfileEmojiImages(htmlentities($mentionsuserData["username"]))."</a>";
}
}, $postTextWithImages);
@@ -304,7 +304,7 @@ class MessageDisplay {
if(!($this->value['abi'] == "none")){
echo '<div class="abi">';
echo ' <div class="back">';
echo '<h1>' . htmlentities($this->value['username']) . 'さんが追記しました</h1>';
echo '<h1>' . replaceProfileEmojiImages(htmlentities($this->value['username'])) . 'さんが追記しました</h1>';
echo ' </div>';
echo '<p>'.processMarkdownAndWrapEmptyLines(replaceEmojisWithImages(replaceURLsWithLinks(nl2br($this->value['abi'])))) . '</p>';
echo '<div class="h3s">追記日時 : '. date("Y年m月d日 H:i", strtotime(htmlentities($this->value['abidate']))) . '</div>';
server/serversettings.ini
+1 -1
View File
@@ -9,7 +9,7 @@
server_logo_home = ""
server_logo_login = ""
;管理者関係
server_admin = "admin"
server_admin = "あどみん"
server_admin_mailadds = "admin@localhost"
;招待のオンオフ
server_invitation = "false"
server/uwuzuinfo.txt
+2 -2
View File
@@ -1,4 +1,4 @@
uwuzu
1.2.28
2023/12/20
1.2.29
2023/12/21
daichimarukana,putonfps
server/uwuzurelease.txt
+10
View File
@@ -1,6 +1,16 @@
## リリースノートだぜぇぇぇぇぇぇい!!!!!!!
ここにはuwuzuの更新情報を載せてくぜぇ~!(いやまてテンションおかしいだろ...)
## Version 1.2.29
リリース日:2023/12/21
fix: ログインがうまくできない・ログインループを起こしてしまう問題を修正しました。
fix: サーバーのindexページでサーバーロゴが適用されない問題を修正しました。
fix: 脆弱性を修正しました。
chg: アカウント作成画面で利用規約を新しいタブで開くようにしました。
chg: 追記欄でのユーザー名にも絵文字が表示されるようにしました。
chg: メンション時にカスタム絵文字を表示されるようにしました。
new: 404ページなどエラーページにもサーバーロゴを適用しました。
## Version 1.2.28
リリース日:2023/12/20
fix: モバイル表示時にメニューを開くとその他が2つになってしまっている問題を修正しました!
user/index.php
+1 -1
View File
@@ -267,7 +267,7 @@ if( !empty($pdo) ) {
if(empty($mentionsuserData)){
return "@$username";
}else{
return "<a class = 'mta' href='/@".$mentionsuserData["userid"]."'>@".$mentionsuserData["username"]."</a>";
return "<a class = 'mta' href='/@".htmlentities($mentionsuserData["userid"])."'>@".replaceProfileEmojiImages(htmlentities($mentionsuserData["username"]))."</a>";
}
}, $postTextWithImages);