last2014/uwuzu-mirror
1
0
Fork 0
mirror of https://github.com/Daichimarukana/uwuzu.git synced 2026-06-05 03:24:41 +00:00
Code Activity

uwuzu version 1.2.28

Browse Source
This commit is contained in:
daichimarukana
2023-12-20 22:36:44 +09:00
parent 6367282bb5
commit 51d7d84b63
89 changed files with 2770 additions and 1998 deletions
Download Patch File Download Diff File Expand all files Collapse all files
settings_admin/useradmin.php
+27 -30
View File
@@ -1,27 +1,7 @@
<?php
$servernamefile = "../server/servername.txt";
$serverinfofile = '../server/info.txt';
$serverinfo = file_get_contents($serverinfofile);
$servertermsfile = '../server/terms.txt';
$serverterms = file_get_contents($servertermsfile);
$serverprvfile = '../server/privacypolicy.txt';
$serverprv = file_get_contents($serverprvfile);
$contactfile = "../server/contact.txt";
$adminfile = "../server/admininfo.txt";
$serverstopfile = "../server/serverstop.txt";
$onlyuserfile = "../server/onlyuser.txt";
$err404imagefile = "../server/404imagepath.txt";
$robots = "../robots.txt";
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
function createUniqId(){
list($msec, $sec) = explode(" ", microtime());
@@ -49,6 +29,7 @@ $res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params(0, '', '', true, true);
session_start();
session_regenerate_id(true);
@@ -65,7 +46,7 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) {
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', htmlentities($_SESSION['userid']));
@@ -74,7 +55,7 @@ if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) {
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] === $res["userid"]){
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = htmlentities($res['userid']); // セッションに格納されている値をそのままセット
$username = htmlentities($res['username']); // セッションに格納されている値をそのままセット
@@ -91,21 +72,29 @@ if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) {
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
@@ -122,7 +111,7 @@ if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) {
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] === $res["userid"]){
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = htmlentities($res['userid']); // クッキーから取得した値をセット
$username = htmlentities($res['username']); // クッキーから取得した値をセット
@@ -139,21 +128,29 @@ if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) {
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
@@ -173,7 +170,7 @@ if(empty($userid)){
if(empty($username)){
header("Location: ../login.php");
exit;
}
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
@@ -292,14 +289,14 @@ if (!empty($pdo)) {
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<link rel="stylesheet" href="../css/home.css?<?php echo date('Ymd-Hi'); ?>">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<script src="../js/unsupported.js?<?php echo date('Ymd-Hi'); ?>"></script>
<script src="../js/console_notice.js?<?php echo date('Ymd-Hi'); ?>"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>ユーザー管理 - <?php echo file_get_contents($servernamefile);?></title>
<title>ユーザー管理 - <?php echo htmlspecialchars($serversettings["serverinfo"]["server_name"], ENT_QUOTES, 'UTF-8');?></title>
</head>