uwuzu v1.4.12 Funium

user/followers/index.php

@@ -1,5 +1,7 @@
 <?php
+require('../../db.php');
 require("../../function/function.php");
+blockedIP($_SERVER['REMOTE_ADDR']);
 
 $serversettings_file = "../../server/serversettings.ini";
 $serversettings = parse_ini_file($serversettings_file, true);

user/following/index.php

@@ -1,5 +1,7 @@
 <?php
+require('../../db.php');
 require("../../function/function.php");
+blockedIP($_SERVER['REMOTE_ADDR']);
 
 $serversettings_file = "../../server/serversettings.ini";
 $serversettings = parse_ini_file($serversettings_file, true);

user/inbox/index.php

@@ -1,5 +1,7 @@
 <?php
+require('../../db.php');
 require("../../function/function.php");
+blockedIP($_SERVER['REMOTE_ADDR']);
 
 $serversettings_file = "../../server/serversettings.ini";
 $serversettings = parse_ini_file($serversettings_file, true);

user/index.php

@@ -47,126 +47,21 @@ try {
 	$error_message[] = $e->getMessage();
 }
 
-if (isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
-
-	$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
-	$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
-	$passQuery->execute();
-	$res = $passQuery->fetch();
-	if (empty($res["userid"])) {
-		header("Location: ../login.php");
-		exit;
-	} elseif ($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]) {
-		// セッションに値をセット
-		$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
-		$username = safetext($res['username']); // セッションに格納されている値をそのままセット
-		$loginid = safetext($res["loginid"]);
-		$role = safetext($res["role"]);
-		$sacinfo = safetext($res["sacinfo"]);
-		$myblocklist = safetext($res["blocklist"]);
-		$myfollowlist = safetext($res["follow"]);
-		$_SESSION['admin_login'] = true;
-		$_SESSION['userid'] = $userid;
-		$_SESSION['username'] = $username;
-		$_SESSION['loginid'] = $res["loginid"];
-		setcookie('userid', $userid, [
-			'expires' => time() + 60 * 60 * 24 * 28,
-			'path' => '/',
-			'samesite' => 'lax',
-			'secure' => true,
-			'httponly' => true,
-		]);
-		setcookie('username', $username, [
-			'expires' => time() + 60 * 60 * 24 * 28,
-			'path' => '/',
-			'samesite' => 'lax',
-			'secure' => true,
-			'httponly' => true,
-		]);
-		setcookie('loginid', $res["loginid"], [
-			'expires' => time() + 60 * 60 * 24 * 28,
-			'path' => '/',
-			'samesite' => 'lax',
-			'secure' => true,
-			'httponly' => true,
-		]);
-		setcookie('admin_login', true, [
-			'expires' => time() + 60 * 60 * 24 * 28,
-			'path' => '/',
-			'samesite' => 'lax',
-			'secure' => true,
-			'httponly' => true,
-		]);
-	} else {
-		header("Location: ../login.php");
-		exit;
-	}
-} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
-
-	$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
-	$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
-	$passQuery->execute();
-	$res = $passQuery->fetch();
-	if (empty($res["userid"])) {
-		header("Location: ../login.php");
-		exit;
-	} elseif ($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]) {
-		// セッションに値をセット
-		$userid = safetext($res['userid']); // クッキーから取得した値をセット
-		$username = safetext($res['username']); // クッキーから取得した値をセット
-		$loginid = safetext($res["loginid"]);
-		$role = safetext($res["role"]);
-		$sacinfo = safetext($res["sacinfo"]);
-		$myblocklist = safetext($res["blocklist"]);
-		$myfollowlist = safetext($res["follow"]);
-		$_SESSION['admin_login'] = true;
-		$_SESSION['userid'] = $userid;
-		$_SESSION['username'] = $username;
-		$_SESSION['loginid'] = $res["loginid"];
-		setcookie('userid', $userid, [
-			'expires' => time() + 60 * 60 * 24 * 28,
-			'path' => '/',
-			'samesite' => 'lax',
-			'secure' => true,
-			'httponly' => true,
-		]);
-		setcookie('username', $username, [
-			'expires' => time() + 60 * 60 * 24 * 28,
-			'path' => '/',
-			'samesite' => 'lax',
-			'secure' => true,
-			'httponly' => true,
-		]);
-		setcookie('loginid', $res["loginid"], [
-			'expires' => time() + 60 * 60 * 24 * 28,
-			'path' => '/',
-			'samesite' => 'lax',
-			'secure' => true,
-			'httponly' => true,
-		]);
-		setcookie('admin_login', true, [
-			'expires' => time() + 60 * 60 * 24 * 28,
-			'path' => '/',
-			'samesite' => 'lax',
-			'secure' => true,
-			'httponly' => true,
-		]);
-	} else {
-		header("Location: ../login.php");
-		exit;
-	}
-} else {
-	// ログインが許可されていない場合、ログインページにリダイレクト
-	header("Location: ../login.php");
-	exit;
-}
-if (empty($userid)) {
-	header("Location: ../login.php");
-	exit;
-}
-if (empty($username)) {
-	header("Location: ../login.php");
+//ログイン認証---------------------------------------------------
+blockedIP($_SERVER['REMOTE_ADDR']);
+$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "user");
+if($is_login === false){
+	header("Location: ../index.php");
 	exit;
+}else{
+	$userid = safetext($is_login['userid']);
+	$username = safetext($is_login['username']);
+	$loginid = safetext($is_login["loginid"]);
+	$role = safetext($is_login["role"]);
+	$sacinfo = safetext($is_login["sacinfo"]);
+	$myblocklist = safetext($is_login["blocklist"]);
+	$myfollowlist = safetext($is_login["follow"]);
+	$is_Admin = safetext($is_login["admin"]);
 }
 $notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
 $notiQuery->bindValue(':userid', $userid);
@@ -175,13 +70,6 @@ $notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
 
 $notificationcount = $notiData['notification_count'];
 
-function customStripTags($html, $allowedTags)
-{
-	$allowedTagsString = '<' . implode('><', $allowedTags) . '>';
-	return strip_tags($html, $allowedTagsString);
-}
-
-$allowedTags = array('h1', 'h2', 'h3', 'center', 'font');
 
 if (!empty($pdo)) {
 	$uwuzuid2 = safetext(str_replace('@', '', $_GET['uwuzuid']));

user/outbox/index.php

@@ -1,5 +1,7 @@
 <?php
+require('../../db.php');
 require("../../function/function.php");
+blockedIP($_SERVER['REMOTE_ADDR']);
 
 $serversettings_file = "../../server/serversettings.ini";
 $serversettings = parse_ini_file($serversettings_file, true);

user/report.php

@@ -46,130 +46,21 @@ try {
     $error_message[] = $e->getMessage();
 }
 
-if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
-
-	$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
-	$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
-	$passQuery->execute();
-	$res = $passQuery->fetch();
-	if(empty($res["userid"])){
-		header("Location: ../login.php");
-		exit;
-	}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
-	// セッションに値をセット
-	$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
-	$username = safetext($res['username']); // セッションに格納されている値をそのままセット
-	$loginid = safetext($res["loginid"]);
-	$role = safetext($res["role"]);
-	$sacinfo = safetext($res["sacinfo"]);
-	$myblocklist = safetext($res["blocklist"]);
-	$myfollowlist = safetext($res["follow"]);
-	$_SESSION['admin_login'] = true;
-	$_SESSION['userid'] = $userid;
-	$_SESSION['username'] = $username;
-	$_SESSION['loginid'] = $res["loginid"];
-	setcookie('userid', $userid, [
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('username', $username,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('loginid', $res["loginid"],[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('admin_login', true,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	}else{
-		header("Location: ../login.php");
-		exit;
-	}
-
-		
-} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
-
-	$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
-	$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
-	$passQuery->execute();
-	$res = $passQuery->fetch();
-	if(empty($res["userid"])){
-		header("Location: ../login.php");
-		exit;
-	}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
-	// セッションに値をセット
-	$userid = safetext($res['userid']); // クッキーから取得した値をセット
-	$username = safetext($res['username']); // クッキーから取得した値をセット
-	$loginid = safetext($res["loginid"]);
-	$role = safetext($res["role"]);
-	$sacinfo = safetext($res["sacinfo"]);
-	$myblocklist = safetext($res["blocklist"]);
-	$myfollowlist = safetext($res["follow"]);
-	$_SESSION['admin_login'] = true;
-	$_SESSION['userid'] = $userid;
-	$_SESSION['username'] = $username;
-	$_SESSION['loginid'] = $res["loginid"];
-	setcookie('userid', $userid,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('username', $username,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('loginid', $res["loginid"],[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('admin_login', true,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	}else{
-		header("Location: ../login.php");
-		exit;
-	}
-
-
-} else {
-	// ログインが許可されていない場合、ログインページにリダイレクト
-	header("Location: ../login.php");
-	exit;
-}
-if(empty($userid)){
-	header("Location: ../login.php");
-	exit;
-} 
-if(empty($username)){
-	header("Location: ../login.php");
+//ログイン認証---------------------------------------------------
+blockedIP($_SERVER['REMOTE_ADDR']);
+$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "user");
+if($is_login === false){
+	header("Location: ../index.php");
 	exit;
+}else{
+	$userid = safetext($is_login['userid']);
+	$username = safetext($is_login['username']);
+	$loginid = safetext($is_login["loginid"]);
+	$role = safetext($is_login["role"]);
+	$sacinfo = safetext($is_login["sacinfo"]);
+	$myblocklist = safetext($is_login["blocklist"]);
+	$myfollowlist = safetext($is_login["follow"]);
+	$is_Admin = safetext($is_login["admin"]);
 }
 $notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
 $notiQuery->bindValue(':userid', $userid);
@@ -264,6 +155,7 @@ if (!empty($_POST['report'])) {
 	}
 
 	if( $res ) {
+		actionLog($userid, "notice", "report", $touserid, "ユーザー(@".$touserid.")が通報されました", 1);
 		header("Location:success");
         exit;
 	} else {

user/success.php

@@ -43,130 +43,21 @@ try {
     $error_message[] = $e->getMessage();
 }
 
-if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
-
-	$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
-	$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
-	$passQuery->execute();
-	$res = $passQuery->fetch();
-	if(empty($res["userid"])){
-		header("Location: ../login.php");
-		exit;
-	}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
-	// セッションに値をセット
-	$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
-	$username = safetext($res['username']); // セッションに格納されている値をそのままセット
-	$loginid = safetext($res["loginid"]);
-	$role = safetext($res["role"]);
-	$sacinfo = safetext($res["sacinfo"]);
-	$myblocklist = safetext($res["blocklist"]);
-	$myfollowlist = safetext($res["follow"]);
-	$_SESSION['admin_login'] = true;
-	$_SESSION['userid'] = $userid;
-	$_SESSION['username'] = $username;
-	$_SESSION['loginid'] = $res["loginid"];
-	setcookie('userid', $userid, [
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('username', $username,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('loginid', $res["loginid"],[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('admin_login', true,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	}else{
-		header("Location: ../login.php");
-		exit;
-	}
-
-		
-} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
-
-	$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
-	$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
-	$passQuery->execute();
-	$res = $passQuery->fetch();
-	if(empty($res["userid"])){
-		header("Location: ../login.php");
-		exit;
-	}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
-	// セッションに値をセット
-	$userid = safetext($res['userid']); // クッキーから取得した値をセット
-	$username = safetext($res['username']); // クッキーから取得した値をセット
-	$loginid = safetext($res["loginid"]);
-	$role = safetext($res["role"]);
-	$sacinfo = safetext($res["sacinfo"]);
-	$myblocklist = safetext($res["blocklist"]);
-	$myfollowlist = safetext($res["follow"]);
-	$_SESSION['admin_login'] = true;
-	$_SESSION['userid'] = $userid;
-	$_SESSION['username'] = $username;
-	$_SESSION['loginid'] = $res["loginid"];
-	setcookie('userid', $userid,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('username', $username,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('loginid', $res["loginid"],[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	setcookie('admin_login', true,[
-		'expires' => time() + 60 * 60 * 24 * 28,
-		'path' => '/',
-		'samesite' => 'lax',
-		'secure' => true,
-		'httponly' => true,
-	]);
-	}else{
-		header("Location: ../login.php");
-		exit;
-	}
-
-
-} else {
-	// ログインが許可されていない場合、ログインページにリダイレクト
-	header("Location: ../login.php");
-	exit;
-}
-if(empty($userid)){
-	header("Location: ../login.php");
-	exit;
-} 
-if(empty($username)){
-	header("Location: ../login.php");
+//ログイン認証---------------------------------------------------
+blockedIP($_SERVER['REMOTE_ADDR']);
+$is_login = uwuzuUserLogin($_SESSION, $_COOKIE, $_SERVER['REMOTE_ADDR'], "user");
+if($is_login === false){
+	header("Location: ../index.php");
 	exit;
+}else{
+	$userid = safetext($is_login['userid']);
+	$username = safetext($is_login['username']);
+	$loginid = safetext($is_login["loginid"]);
+	$role = safetext($is_login["role"]);
+	$sacinfo = safetext($is_login["sacinfo"]);
+	$myblocklist = safetext($is_login["blocklist"]);
+	$myfollowlist = safetext($is_login["follow"]);
+	$is_Admin = safetext($is_login["admin"]);
 }
 
 $notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");