last2014/uwuzu-mirror
1
0
Fork 0
mirror of https://github.com/Daichimarukana/uwuzu.git synced 2026-06-04 19:14:41 +00:00
Code Activity

uwuzu v1.4.12 Funium

Browse Source
This commit is contained in:
Daichimarukana
2025-01-12 20:01:08 +09:00
parent 79328e826c
commit a8b9ad0333
119 changed files with 1656 additions and 4598 deletions
Download Patch File Download Diff File Expand all files Collapse all files
settings_admin/actionlog_admin.php
+14 -127
View File
@@ -47,136 +47,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
settings_admin/ad_admin.php
+16 -127
View File
@@ -47,136 +47,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
@@ -241,9 +128,11 @@ if( !empty($_POST['ads_btn_submit']) ) {
// エラーが発生した時はロールバック
$pdo->rollBack();
actionLog($userid, "error", "ad_admin", null, $e, 4);
}
if( $res ) {
actionLog($userid, "info", "ad_admin", null, "広告が新規作成されました", 0);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
settings_admin/addemoji_admin.php
+18 -127
View File
@@ -45,136 +45,23 @@ try {
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
@@ -312,9 +199,11 @@ if( !empty($_POST['btn_submit']) ) {
// エラーが発生した時はロールバック
$pdo->rollBack();
actionLog($userid, "error", "addemoji_admin", null, $e, 4);
}
if( $res ) {
actionLog($userid, "info", "addemoji_admin", null, "カスタム絵文字が追加されました", 0);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
@@ -353,9 +242,11 @@ if( !empty($_POST['emoji_del']) ) {
} catch (Exception $e) {
$pdo->rollBack();
actionLog($userid, "error", "addemoji_admin_del", null, $e, 4);
}
if( $res ) {
actionLog($userid, "info", "addemoji_admin_del", null, "カスタム絵文字が削除されました", 0);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
settings_admin/api/code_delete.php
+1
View File
@@ -1,6 +1,7 @@
<?php
require('../../db.php');
require("../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");
settings_admin/api/update_query.php
+1
View File
@@ -1,6 +1,7 @@
<?php
require('../../db.php');
require("../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");
settings_admin/codeadmin.php
+16 -127
View File
@@ -49,136 +49,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
@@ -259,10 +146,12 @@ if( !empty($_POST['code_btn_submit']) ) {
}
}
if ($res) {
actionLog($userid, "info", "codeadmin", null, "招待コードを".$make_code."件発行しました", 0);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
actionLog($userid, "error", "codeadmin", null, "招待コードを".$make_code."件発行できませんでした", 3);
$error_message[] = '発行に失敗しました。(REGISTERED_DAME)';
}
settings_admin/customize_admin.php
+16 -127
View File
@@ -60,136 +60,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
@@ -262,6 +149,8 @@ if( !empty($_POST['btn_submit']) ) {
fputs($file, $data);
fclose($file);
actionLog($userid, "info", "customize_admin", null, "サーバーカスタマイズを更新しました", 0);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
settings_admin/ipblock_admin.php
+275
View File
@@ -0,0 +1,275 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($pdo) ) {
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$userQuery = $dbh->prepare("SELECT username, userid, profile, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $userid);
$userQuery->execute();
$userData = $userQuery->fetch();
$role = $userData["role"];
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$rerole = $dbh->prepare("SELECT username, userid, password, mailadds, profile, iconname, headname, role, datetime FROM account WHERE userid = :userid");
$rerole->bindValue(':userid', $userid);
// SQL実行
$rerole->execute();
$userdata = $rerole->fetch(); // ここでデータベースから取得した値を $role に代入する
}
if (!empty($pdo)) {
$sql = "SELECT ipaddr,note,adduserid,datetime FROM ipblock ORDER BY datetime DESC";
$ipaddr_query = $pdo->query($sql);
while ($row = $ipaddr_query->fetch(PDO::FETCH_ASSOC)) {
$ipaddr_list[] = $row;
}
}
if( !empty($_POST['ip_btn_submit']) ) {
$ipaddr = safetext($_POST['ipaddr']);
$note = safetext($_POST['note']);
if(filter_var($ipaddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($ipaddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){
$search_query = $pdo->prepare('SELECT * FROM ipblock WHERE ipaddr = :ipaddr limit 1');
$search_query->execute(array(':ipaddr' => $ipaddr));
$result = $search_query->fetch();
if($result > 0){
$error_message[] = 'IPアドレスはすでに登録されています。(ERROR)';
} else {
$pdo->beginTransaction();
$datetime = date("Y-m-d H:i:s");
try {
$stmt = $pdo->prepare("INSERT INTO ipblock (ipaddr, note, adduserid, datetime) VALUES (:ipaddr, :note, :adduserid, :datetime)");
$stmt->bindParam(':ipaddr', $ipaddr, PDO::PARAM_STR);
$stmt->bindParam(':note', $note, PDO::PARAM_STR);
$stmt->bindParam(':adduserid', $userid, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
$res = $pdo->commit();
} catch (Exception $e) {
$pdo->rollBack();
actionLog($userid, "error", "ipblock_admin_add", null, $e, 4);
}
if ($res) {
actionLog($userid, "info", "ipblock_admin_add", null, "ブロックするIPアドレスを追加しました", 0);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
actionLog($userid, "error", "ipblock_admin_add", null, "ブロックするIPアドレスを追加できませんでした", 3);
$error_message[] = '登録に失敗しました。(REGISTERED_DAME)';
}
$stmt = null;
}
} else {
$error_message[] = '不正なIPアドレスです。(ERROR)';
}
}
if( !empty($_POST['ip_del_submit']) ) {
$ipaddr = safetext($_POST['del_ipaddr']);
if(filter_var($ipaddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($ipaddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){
$search_query = $pdo->prepare('SELECT * FROM ipblock WHERE ipaddr = :ipaddr limit 1');
$search_query->execute(array(':ipaddr' => $ipaddr));
$result = $search_query->fetch();
if($result > 0){
$pdo->beginTransaction();
try{
$deleteQuery = $pdo->prepare("DELETE FROM ipblock WHERE ipaddr = :ipaddr");
$deleteQuery->bindValue(':ipaddr', $ipaddr, PDO::PARAM_STR);
$res = $deleteQuery->execute();
$res = $pdo->commit();
} catch (Exception $e) {
$pdo->rollBack();
$res = null;
actionLog($userid, "error", "ipblock_admin_del", null, $e, 4);
}
if ($res) {
actionLog($userid, "info", "ipblock_admin_del", null, "ブロックするIPアドレスを削除しました", 0);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
actionLog($userid, "error", "ipblock_admin_del", null, "ブロックするIPアドレスを削除できませんでした", 3);
$error_message[] = '削除に失敗しました。(REGISTERED_DAME)';
}
} else {
$error_message[] = 'IPアドレスが見つかりませんでした。(ERROR)';
}
} else {
$error_message[] = '不正なIPアドレスです。(ERROR)';
}
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>IPブロック - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>IPブロック</h1>
<p>IPアドレスのブロック機能です。</p>
<div>
<p>IPアドレス</p>
<div class="p2">IPv4とIPv6に対応しています。</div>
<input id="ipaddr" placeholder="000.000.000.000" class="inbox" type="text" name="ipaddr">
</div>
<div>
<p>ノート</p>
<textarea placeholder="ここに内容" class="inbox" name="note"></textarea>
</div>
<input type="submit" class = "irobutton" name="ip_btn_submit" value="登録">
</form>
<div class="formarea">
<h1>ブロック中のIPアドレス</h1>
<?php
if(!(empty($ipaddr_list))){
foreach ($ipaddr_list as $value) {?>
<div class="server_code">
<details>
<summary><?php if( !empty($value["ipaddr"]) ){ echo safetext($value["ipaddr"]); }?></summary>
<p>登録ユーザー:<?php if( !empty($value["adduserid"]) ){ echo safetext($value["adduserid"]); }?></p>
<p>登録日時:<?php if( !empty($value["datetime"]) ){ echo safetext($value["datetime"]); }?></p>
<hr>
<p><?php if( !empty($value["note"]) ){ echo nl2br(safetext($value["note"])); }?></p>
<hr>
<form class="delbox" enctype="multipart/form-data" method="post">
<p>削除ボタンを押すとこのIPアドレスは削除されます。</p>
<input id="del_ipaddr" style="display: none;" type="text" name="del_ipaddr" value="<?php if( !empty($value["ipaddr"]) ){ echo safetext($value["ipaddr"]); }?>">
<input type="submit" class="delbtn" name="ip_del_submit" value="削除">
</form>
</details>
</div>
<?php }?>
<?php }else{?>
<p>IPアドレスは登録されていません。</p>
<?php }?>
</div>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
</html>
settings_admin/maintenance_admin.php
+16 -127
View File
@@ -59,136 +59,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
@@ -276,6 +163,8 @@ RewriteRule ^.*$ - [R=403,L]
fputs($file, $data);
fclose($file);
actionLog($userid, "info", "maintenance_admin", null, "サーバーを停止しました", 0);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
settings_admin/moderation_admin.php
+14 -127
View File
@@ -60,136 +60,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
settings_admin/overview_admin.php
+14 -127
View File
@@ -60,136 +60,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
settings_admin/plugin_admin.php
+14 -127
View File
@@ -66,136 +66,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
settings_admin/role_admin.php
+14 -127
View File
@@ -47,136 +47,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
settings_admin/serveradmin.php
+40 -130
View File
@@ -59,136 +59,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
@@ -280,6 +167,13 @@ if( !empty($_POST['btn_submit']) ) {
$savemigration = "false";
}
$get_ip_addr = safetext($_POST['get_ip_addr']);
if($get_ip_addr === "true"){
$saveget_ip_addr = "true";
}else{
$saveget_ip_addr = "false";
}
$postrobots = safetext($_POST['robots']);
if($postrobots === "true"){
//GPTBotによるクロールを拒否
@@ -319,6 +213,8 @@ if( !empty($_POST['btn_submit']) ) {
server_activitypub = "'.$saveactivitypub.'"
;アカウントの移行登録を許可するか
server_account_migration = "'.$savemigration.'"
;IPアドレスを取得するか
server_get_ip = "'.$saveget_ip_addr.'"
';
//サーバー設定上書き
@@ -471,7 +367,7 @@ require('../logout/logout.php');
<div>
<p>招待制にするかどうか</p>
<div class="switch_button">
<?php if($serversettings["serverinfo"]["server_invitation"] === "true"){?>
<?php if(isset($serversettings["serverinfo"]["server_invitation"]) && $serversettings["serverinfo"]["server_invitation"] === "true"){?>
<input id="onlyuser" class="switch_input" type='checkbox' name="onlyuser" value="true" checked/>
<label for="onlyuser" class="switch_label"></label>
<?php }else{?>
@@ -485,7 +381,7 @@ require('../logout/logout.php');
<p>アカウントの移行登録を許可するか</p>
<div class="p2">他のuwuzuサーバーからのアカウント移行を許可するかです。<br>このサーバーが招待制の場合移行登録にも招待コードが必要となります。</div>
<div class="switch_button">
<?php if($serversettings["serverinfo"]["server_account_migration"] === "true"){?>
<?php if(isset($serversettings["serverinfo"]["server_account_migration"]) && $serversettings["serverinfo"]["server_account_migration"] === "true"){?>
<input id="migration" class="switch_input" type='checkbox' name="migration" value="true" checked/>
<label for="migration" class="switch_label"></label>
<?php }else{?>
@@ -514,7 +410,7 @@ require('../logout/logout.php');
<p>ActivityPubサーバーとして認識されるようにするか</p>
<div class="p2">ActivityPubの仮実装をオンにするかです。inboxに入ってきた内容には今現在これといったレスポンスを返しません。<br>また、publicKeyも返却しません。<br>現状ActivityPubサーバーと連合を組むことは出来ません。(リモートユーザーの確認程度なら出来ます。)<br>オフの状態だと410 Goneを返します。</div>
<div class="switch_button">
<?php if($serversettings["serverinfo"]["server_activitypub"] === "true"){?>
<?php if(isset($serversettings["serverinfo"]["server_activitypub"]) && $serversettings["serverinfo"]["server_activitypub"] === "true"){?>
<input id="activitypub" class="switch_input" type='checkbox' name="activitypub" value="true" checked/>
<label for="activitypub" class="switch_label"></label>
<?php }else{?>
@@ -524,6 +420,20 @@ require('../logout/logout.php');
</div>
</div>
<div>
<p>IPアドレスを取得するか</p>
<div class="p2">ユーザーの最終アクセス時のIPアドレスを取得して保存するかどうかを設定します。<br>IPアドレスは最終アクセス時のものを暗号化されて保存されます。<br>プライバシーに関わる事項のため注意して設定してください。</div>
<div class="switch_button">
<?php if(isset($serversettings["serverinfo"]["server_get_ip"]) && $serversettings["serverinfo"]["server_get_ip"] === "true"){?>
<input id="get_ip_addr" class="switch_input" type='checkbox' name="get_ip_addr" value="true" checked/>
<label for="get_ip_addr" class="switch_label"></label>
<?php }else{?>
<input id="get_ip_addr" class="switch_input" type='checkbox' name="get_ip_addr" value="true" />
<label for="get_ip_addr" class="switch_label"></label>
<?php }?>
</div>
</div>
<div>
<p>利用規約</p>
<textarea id="serverterms" placeholder="しっかり書きましょう" class="inbox" type="text" name="serverterms"><?php $sinfo = explode("\n", $serverterms); foreach ($sinfo as $info) { echo $info; }?></textarea>
settings_admin/settings_left_menu.php
+1
View File
@@ -12,6 +12,7 @@
<a href="maintenance_admin" class="admin_leftbtn">メンテナンス</a>
<a href="plugin_admin" class="admin_leftbtn">プラグイン</a>
<a href="update_admin" class="admin_leftbtn">アップデート</a>
<a href="ipblock_admin" class="admin_leftbtn">IPブロック</a>
<a href="actionlog_admin" class="admin_leftbtn">ログ</a>
</div>
<?php ?>
settings_admin/update_admin.php
+14 -127
View File
@@ -43,136 +43,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
settings_admin/useradmin.php
+14 -127
View File
@@ -47,136 +47,23 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
settings_admin/userinfo.php
+19 -128
View File
@@ -47,135 +47,21 @@ try {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 28,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
//ログイン認証---------------------------------------------------
blockedIP($_SERVER['REMOTE_ADDR']);
$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "admin");
if($is_login === false){
header("Location: ../index.php");
exit;
}else{
$userid = safetext($is_login['userid']);
$username = safetext($is_login['username']);
$loginid = safetext($is_login["loginid"]);
$role = safetext($is_login["role"]);
$sacinfo = safetext($is_login["sacinfo"]);
$myblocklist = safetext($is_login["blocklist"]);
$myfollowlist = safetext($is_login["follow"]);
$is_Admin = safetext($is_login["admin"]);
}
if(empty($_SESSION["query_userid"])){
@@ -204,8 +90,10 @@ if (!empty($pdo)) {
if(!(empty($userdata["encryption_ivkey"]))){
$view_mailadds = DecryptionUseEncrKey($userdata["mailadds"], GenUserEnckey($userdata["datetime"]), $userdata["encryption_ivkey"]);
$view_ip_addr = DecryptionUseEncrKey($userdata["last_ip"], GenUserEnckey($userdata["datetime"]), $userdata["encryption_ivkey"]);
}else{
$view_mailadds = $userdata["mailadds"];
$view_ip_addr = $userdata["last_ip"];
}
$roles = explode(',', $userdata["role"]);
@@ -683,6 +571,9 @@ require('../logout/logout.php');
<div class="p2">アカウント登録日時</div>
<p><?php echo safetext($userdata["datetime"]); ?></p>
<hr>
<div class="p2">最終アクセス時のIPアドレス</div>
<p><?php if( !empty($view_ip_addr) ){ echo safetext($view_ip_addr); }else{echo "記録なし";} ?></p>
<hr>
<div class="p2">アカウント操作</div>
<div class="banzone">
<?php if($roleId === "ice"){?>