last2014/uwuzu-mirror
1
0
Fork 0
mirror of https://github.com/Daichimarukana/uwuzu.git synced 2026-06-04 19:14:41 +00:00
Code Activity

uwuzu v1.4.0 Funium

Browse Source
This commit is contained in:
Daichimarukana
2024-08-18 20:19:53 +09:00
commit ac2e6fe57c
491 changed files with 68446 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
settings_admin/CloudflareTurnstile_settings/CloudflareTurnstile_settings.php
+8
View File
@@ -0,0 +1,8 @@
<?php // Captchaの認証情報
define( 'CF_TURNSTILE_ONOFF', '');// trueならCloudflareTurnstileが有効
define( 'CF_TURNSTILE_SITE_KEY', '');
define( 'CF_TURNSTILE_SEAC_KEY', '');
?>
settings_admin/ad_admin.php
+413
View File
@@ -0,0 +1,413 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($_POST['ads_btn_submit']) ) {
$ads_url = safetext($_POST['ads_url']);
$ads_img_url = safetext($_POST['ads_img_url']);
$ads_start_date = safetext(date($_POST['ads_start_date']));
$ads_limit_date = safetext(date($_POST['ads_limit_date']));
$ads_memo = safetext($_POST['ads_memo']);
if(empty($ads_url)){
$error_message[] = "URLが入力されていません。(INPUT_PLEASE)";
}
if(empty($ads_img_url)){
$error_message[] = "画像のURLが入力されていません。(INPUT_PLEASE)";
}
if(empty($ads_start_date)){
$error_message[] = "設置開始日時が入力されていません。(INPUT_PLEASE)";
}
if(empty($ads_limit_date)){
$error_message[] = "設置終了日時が入力されていません。(INPUT_PLEASE)";
}
if(empty($ads_memo)){
$error_message[] = "メモが入力されていません。(INPUT_PLEASE)";
}
if(empty($error_message)){
if (!empty($pdo)) {
// 書き込み日時を取得
$datetime = date("Y-m-d H:i:s");
$uniqid = createUniqId();
// トランザクション開始
$pdo->beginTransaction();
try {
// SQL作成
$stmt = $pdo->prepare("INSERT INTO ads (uniqid, url, image_url, memo, start_date, limit_date, datetime) VALUES (:uniqid, :url, :image_url, :memo, :start_date, :limit_date, :datetime)");
$stmt->bindParam(':uniqid', $uniqid, PDO::PARAM_STR);
$stmt->bindParam(':url', $ads_url, PDO::PARAM_STR);
$stmt->bindParam(':image_url', $ads_img_url, PDO::PARAM_STR);
$stmt->bindParam(':memo', $ads_memo, PDO::PARAM_STR);
$stmt->bindParam(':start_date', $ads_start_date, PDO::PARAM_STR);
$stmt->bindParam(':limit_date', $ads_limit_date, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if( $res ) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
$error_message[] = $e->getMessage();
}
// プリペアドステートメントを削除
$stmt = null;
}
}
}
if( !empty($_POST['ads_del']) ) {
$ads_uniqid = safetext($_POST['ads_id']);
try{
// 通知削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM ads WHERE uniqid = :uniqid");
$deleteQuery->bindValue(':uniqid', $ads_uniqid, PDO::PARAM_STR);
$res = $deleteQuery->execute();
} catch (Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if( $res ) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
$error_message[] = $e->getMessage();
}
// プリペアドステートメントを削除
$stmt = null;
}
require('../logout/logout.php');
if(isset($_GET['q'])){
$keyword = safetext($_GET['q']);
}else{
$keyword = "";
}
if (!empty($pdo)) {
$sql = "SELECT * FROM ads ORDER BY datetime DESC";
$allads = $pdo->query($sql);
while ($row = $allads->fetch(PDO::FETCH_ASSOC)) {
$adss[] = $row;
}
}
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>広告 - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>広告追加</h1>
<p>広告はLTL・FTL・返信画面に表示されます。<br>また、投稿15件につき一件の広告がランダムに選ばれ表示されます。<br>表示の優先順位は設定できません。</p>
<div>
<p>クリックした時のリダイレクト先URL</p>
<div class="p2">広告をクリックするとこのURLに飛びます。</div>
<input id="ads_url" placeholder="https://uwuzu.net/" class="inbox" type="text" name="ads_url" value="">
</div>
<div>
<p>画像URL</p>
<div class="p2">以下のURL先の画像が表示されます。</div>
<input id="ads_img_url" placeholder="https://uwuzu.net/img/uwuzulogo.png" class="inbox" type="text" name="ads_img_url" value="">
</div>
<div>
<p>掲載開始日時</p>
<div class="p2">広告の掲載開始日時です。</div>
<input type="date" name="ads_start_date" class="inbox" value="">
</div>
<div>
<p>掲載終了日時</p>
<div class="p2">広告の掲載終了日時です。</div>
<input type="date" name="ads_limit_date" class="inbox" value="">
</div>
<div>
<p>広告のメモ</p>
<div class="p2">ユーザーが広告について確認するときに表示されるメモです。</div>
<textarea type="text" name="ads_memo" placeholder="このメモはユーザーに公開されます" class="inbox"></textarea>
</div>
<input type="submit" class = "irobutton" name="ads_btn_submit" value="追加">
</form>
<div class="formarea">
<hr>
<h1>広告一覧</h1>
<?php if(!(empty($adss))){?>
<?php foreach ($adss as $value) {?>
<div class="server_code">
<details>
<summary><?php echo safetext($value["url"]);?></summary>
<hr>
<p>設置状況:<?php if( !empty($value["url"]) ){
if($value["start_date"] < date("Y-m-d H:i:s") && $value["limit_date"] > date("Y-m-d H:i:s")){
echo "設置中  ✅";
}else{
echo "設置解除済⛔";
}}?></p>
<p>設置期間:<?php echo date("Y年m月d日",strtotime($value["start_date"])).' から '.date("Y年m月d日",strtotime($value["limit_date"])).' まで';?>
<hr>
<p>URL:<?php echo safetext($value["url"]);?></p>
<p>画像URL:<?php echo safetext($value["image_url"]);?></p>
<hr>
<p>メモ:<?php echo safetext($value["memo"]);?></p>
<hr>
<p>追加日時:<?php echo safetext($value["datetime"]);?></p>
<hr>
<form enctype="multipart/form-data" method="post">
<div class="delbox">
<p>削除ボタンを押すとこの広告は削除されます。</p>
<input type="text" name="ads_id" id="ads_id" value="<?php echo safetext($value["uniqid"]);?>" style="display:none;" >
<input type="submit" name="ads_del" class="delbtn" value="削除">
</div>
</form>
</details>
</div>
<?php }?>
<?php }else{?>
<div class="tokonone" id="noueuse"><p>広告がありません</p></div>
<?php }?>
</div>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
</html>
settings_admin/addemoji_admin.php
+463
View File
@@ -0,0 +1,463 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
require('../db.php');
//関数呼び出し
//- EXIF
require('../function/function.php');
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($pdo) ) {
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$userQuery = $dbh->prepare("SELECT username, userid, profile, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $userid);
$userQuery->execute();
$userData = $userQuery->fetch();
$role = $userData["role"];
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$rerole = $dbh->prepare("SELECT username, userid, password, mailadds, profile, iconname, headname, role, datetime FROM account WHERE userid = :userid");
$rerole->bindValue(':userid', $userid);
// SQL実行
$rerole->execute();
$userdata = $rerole->fetch(); // ここでデータベースから取得した値を $role に代入する
}
if( !empty($_POST['btn_submit']) ) {
$emojiname = safetext($_POST['emojiname']);
$emojiinfo = safetext($_POST['emojiinfo']);
if (!empty($_FILES['image']['name'])) {
// アップロードされたファイル情報
$uploadedFile = $_FILES['image'];
if(filesize($uploadedFile['tmp_name']) > 256000){
$error_message[] = "絵文字のファイルサイズは256KB以下に押さえてください。(EMOJI_OVER_256KB)";
}
if(check_mime($uploadedFile['tmp_name'])){
if(empty($error_message)){
// アップロードされたファイルの拡張子を取得
$extension = pathinfo($uploadedFile['name'], PATHINFO_EXTENSION);
// 新しいファイル名を生成(uniqid + 拡張子)
$newFilename = uniqid() . '.' . $extension;
// 保存先のパスを生成
$uploadedPath = 'emojiimage/' . $newFilename;
// EXIF削除
delete_exif($extension, $uploadedFile['tmp_name']);
// ファイルを移動
$result = move_uploaded_file($uploadedFile['tmp_name'], '../'.$uploadedPath);
if ($result) {
$emoji_path = $uploadedPath; // 保存されたファイルのパスを使用
} else {
$errnum = $uploadedFile['error'];
if($errnum === 1){$errcode = "FILE_DEKASUGUI_PHP_INI_KAKUNIN";}
if($errnum === 2){$errcode = "FILE_DEKASUGUI_HTML_KAKUNIN";}
if($errnum === 3){$errcode = "FILE_SUKOSHIDAKE_UPLOAD";}
if($errnum === 4){$errcode = "FILE_UPLOAD_DEKINAKATTA";}
if($errnum === 6){$errcode = "TMP_FOLDER_NAI";}
if($errnum === 7){$errcode = "FILE_KAKIKOMI_SIPPAI";}
if($errnum === 8){$errcode = "PHPINFO()_KAKUNIN";}
$error_message[] = 'アップロード失敗!(2)エラーコード:' .$errcode.'';
}
}
}else{
$error_message[] = "使用できない画像形式です。(FILE_UPLOAD_DEKINAKATTA)";
}
}else{
$error_message[] = '画像を選択してください';
}
$options = array(
// SQL実行失敗時に例外をスルー
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
// デフォルトフェッチモードを連想配列形式に設定
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
// バッファードクエリを使う(一度に結果セットを全て取得し、サーバー負荷を軽減)
// SELECTで得た結果に対してもrowCountメソッドを使えるようにする
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
);
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$query = $dbh->prepare('SELECT * FROM emoji WHERE emojiname = :emojiname limit 1');
$query->execute(array(':emojiname' => $emojiname));
$result = $query->fetch();
// IDの入力チェック
if( empty($emojiname) ) {
$error_message[] = '絵文字IDを入力してください!(EMOJI_ID_INPUT_PLEASE)';
} else {
// 文字数を確認
if( 20 < mb_strlen($emojiname, 'UTF-8') ) {
$error_message[] = 'IDは20文字以内で入力してください。(EMOJI_ID_OVER_MAX_COUNT)';
}
if($result > 0){
$error_message[] = 'このID('.$emojiname.')は既に使用されています。他のIDを作成してください。(EMOJI_ID_SHIYOUZUMI)'; //このE-mailは既に使用されています。
}
}
if( empty($error_message) ) {
// 書き込み日時を取得
$datetime = date("Y-m-d H:i:s");
// トランザクション開始
$pdo->beginTransaction();
try {
// SQL作成
$stmt = $pdo->prepare("INSERT INTO emoji (emojifile, emojiname, emojiinfo, emojidate) VALUES ( :emojifile, :emojiname, :emojiinfo, :emojidate)");
$stmt->bindValue(':emojifile', $emoji_path, PDO::PARAM_STR);
// 値をセット
$stmt->bindParam( ':emojiname', $emojiname, PDO::PARAM_STR);
$stmt->bindParam( ':emojiinfo', $emojiinfo, PDO::PARAM_STR);
$stmt->bindParam( ':emojidate', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if( $res ) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
$error_message[] = '登録に失敗しました。(REGISTERED_DAME)';
}
// プリペアドステートメントを削除
$stmt = null;
}
}
require('../logout/logout.php');
// データベースの接続を閉じる
$pdo = null;
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<script src="../js/jquery-min.js"></script>
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>絵文字登録 - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>絵文字登録</h1>
<p>絵文字登録です。</p>
<div class="p2">
注意 : uwuzuで表示されるカスタム絵文字の最大の大きさは縦64pxです。<br>
縦64px以上のカスタム絵文字を登録しても縮小されて表示されます。<br>
最大ファイルサイズは256KBです。<br>
これはカスタム絵文字によってuwuzuが重たくならないようにするための仕様です。</div>
<div id="wrap">
<label class="irobutton" for="file_upload">ファイル選択
<input type="file" id="file_upload" name="image" >
</label>
</div>
<!--ユーザーネーム関係-->
<div>
<p>EmojiID</p>
<input id="username" onInput="checkForm(this)" placeholder="kusa" class="inbox" type="text" name="emojiname" value="<?php if( !empty($_SESSION['emojiname']) ){ echo safetext( $_SESSION['emojiname']); } ?>">
</div>
<div>
<p>この絵文字について</p>
<input id="username" placeholder="くさデス" class="inbox" type="text" name="emojiinfo" value="<?php if( !empty($_SESSION['emojiinfo']) ){ echo safetext( $_SESSION['emojiinfo']); } ?>">
</div>
<div>
<input type="submit" class = "irobutton" name="btn_submit" value="登録">
</div>
</form>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
<script type="text/javascript">
function checkForm(inputElement) {
var str = inputElement.value;
while (str.match(/[^A-Za-z\d_]/)) {
str = str.replace(/[^A-Za-z\d_]/, "");
}
inputElement.value = str;
}
window.addEventListener('DOMContentLoaded', function(){
// ファイルが選択されたら実行
document.getElementById("file_upload").addEventListener('change', function(e){
var file_reader = new FileReader();
// ファイルの読み込みを行ったら実行
file_reader.addEventListener('load', function(e) {
const element = document.querySelector('#wrap');
const createElement = '<p>画像を選択しました。</p>';
element.insertAdjacentHTML('afterend', createElement);
});
file_reader.readAsText(e.target.files[0]);
});
});
</script>
</html>
settings_admin/api/code_delete.php
+65
View File
@@ -0,0 +1,65 @@
<?php
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
if (safetext(isset($_POST['code'])) && safetext(isset($_POST['userid'])) && safetext(isset($_POST['account_id']))){
$postUserid = safetext($_POST['userid']);
$postCode= safetext($_POST['code']);
$loginid = safetext($_POST['account_id']);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option);
} catch (PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$query = $dbh->prepare('SELECT * FROM account WHERE userid = :userid limit 1');
$query->execute(array(':userid' => $postUserid));
$result2 = $query->fetch();
if($result2["loginid"] === $loginid){
if($result2["admin"] === "yes"){
try {
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS);
// 削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM invitation WHERE code = :code");
$deleteQuery->bindValue(':code', $postCode, PDO::PARAM_STR);
$res = $deleteQuery->execute();
if ($res) {
echo json_encode(['success' => true]);
exit;
} else {
echo json_encode(['success' => false, 'error' => '削除に失敗しました。']);
exit;
}
} catch(PDOException $e) {
echo json_encode(['success' => false, 'error' => 'データベースエラー:' . $e->getMessage()]);
exit;
}
}
}
}else{
echo json_encode(['success' => false, 'error' => '削除に失敗しました。(sess_err)']);
exit;
}
?>
settings_admin/api/update_query.php
+88
View File
@@ -0,0 +1,88 @@
<?php
require('../../db.php');
require("../../function/function.php");
header("Content-Type: application/json");
header("charset=utf-8");
header("Access-Control-Allow-Origin: *");
if (isset($_FILES['update_zip']) && isset($_POST['userid']) && isset($_POST['account_id'])){
$postUserid = safetext($_POST['userid']);
$postZip= $_FILES['update_zip'];
$loginid = safetext($_POST['account_id']);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USER, DB_PASS, $option);
} catch (PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$query = $dbh->prepare('SELECT * FROM account WHERE userid = :userid limit 1');
$query->execute(array(':userid' => $postUserid));
$result2 = $query->fetch();
if($result2["loginid"] === $loginid){
if($result2["admin"] === "yes"){
$uploadDir = sys_get_temp_dir();
$uploadFile = $uploadDir . '/' . basename($_FILES['update_zip']['name']);
if (move_uploaded_file($_FILES['update_zip']['tmp_name'], $uploadFile)) {
$extractPath = $uploadDir . '/uwuzu_update_' . uniqid();
$zip = new ZipArchive;
if ($zip->open($uploadFile) == true) {
$zip->extractTo($extractPath);
$zip->close();
// JSONファイルを読み込む
$jsonFile = $extractPath . '/update.json';
if (file_exists($jsonFile)) {
$jsonData = json_decode(file_get_contents($jsonFile), true);
if (json_last_error() === JSON_ERROR_NONE) {
$response = [
'success' => true,
'software_name' => safetext($jsonData['software']) ?? '名前がありません',
'version' => safetext($jsonData['version']) ?? 'バージョン情報がありません',
'release_notes' => safetext($jsonData['release_notes']) ?? 'リリースノートが見つかりません。',
'notices' => safetext($jsonData['notices']) ?? '注意事項が見つかりません。',
'file_path' => safetext($extractPath)
];
echo json_encode($response);
} else {
echo json_encode(['success' => false, 'error' => 'JSONファイルの読み込みに失敗しました。(ROADING_JSON_ERROR)']);
}
} else {
echo json_encode(['success' => false, 'error' => 'JSONファイルの読み込みに失敗しました。(ROADING_JSON_ERROR)']);
}
} else {
echo json_encode(['success' => false, 'error' => '読み込みに失敗しました。1(ROADING_ERROR)']);
}
if (file_exists($uploadFile)) {
if (is_file($uploadFile)) {
unlink($uploadFile);
}
}
}
}
}
}else{
echo json_encode(['success' => false, 'error' => '読み込みに失敗しました。2(ROADING_ERROR)']);
exit;
}
?>
settings_admin/codeadmin.php
+379
View File
@@ -0,0 +1,379 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
$robots = "../robots.txt";
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($pdo) ) {
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$userQuery = $dbh->prepare("SELECT username, userid, profile, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $userid);
$userQuery->execute();
$userData = $userQuery->fetch();
$role = $userData["role"];
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$rerole = $dbh->prepare("SELECT username, userid, password, mailadds, profile, iconname, headname, role, datetime FROM account WHERE userid = :userid");
$rerole->bindValue(':userid', $userid);
// SQL実行
$rerole->execute();
$userdata = $rerole->fetch(); // ここでデータベースから取得した値を $role に代入する
}
if (!empty($pdo)) {
$sql = "SELECT code,used,datetime FROM invitation ORDER BY datetime DESC";
$invcode = $pdo->query($sql);
while ($row = $invcode->fetch(PDO::FETCH_ASSOC)) {
$codes[] = $row;
}
}
if( !empty($_POST['code_btn_submit']) ) {
$make_code = safetext($_POST['make_code']);
$code_num = 0;
while ($code_num < (int)$make_code) {
$code_num++;
$pdo->beginTransaction();
$datetime = date("Y-m-d H:i:s");
try {
$new_invcode = random_code();
$used = "none";
// SQL作成
$stmt = $pdo->prepare("INSERT INTO invitation (code, used, datetime) VALUES (:code, :used, :datetime)");
$stmt->bindParam(':code', $new_invcode, PDO::PARAM_STR);
$stmt->bindParam(':used', $used, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch (Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
}
if ($res) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
$error_message[] = '発行に失敗しました。(REGISTERED_DAME)';
}
// プリペアドステートメントを削除
$stmt = null;
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>招待コード発行所 - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>招待コード発行所</h1>
<?php if(safetext($serversettings["serverinfo"]["server_invitation"]) === "true"){?>
<p>下の発行ボタンで新しくコードを発行できます!<br>なお、コードは一回限り有効です。</p>
<div>
<p>発行数</p>
<input id="make_code" placeholder="1" class="inbox" type="number" name="make_code" value="1" min="1" max="10000">
</div>
<input type="submit" class = "irobutton" name="code_btn_submit" value="発行!">
<?php
if(!(empty($codes))){
foreach ($codes as $value) {?>
<div class="server_code">
<details>
<summary>コード:<?php if( !empty($value["code"]) ){ echo safetext($value["code"]); }?><?php if( !empty($value["used"]) ){if($value["used"] === "true"){echo " ✅";}}?> </summary>
<p>使用状況:<?php if( !empty($value["used"]) ){
if($value["used"] === "none"){
echo "未使用<br>発行日時:".$value["datetime"]."";
}elseif($value["used"] === "true"){
echo "使用済み<br>使用日時:".$value["datetime"]."";
}}?></p>
<div class="delbox">
<p>削除ボタンを押すとこのコードは使用できなくなります。</p>
<button type="button" id="code_delete" class="delbtn" del-code="<?php echo safetext($value["code"]);?>">削除</button>
</div>
</details>
</div>
<?php }?>
<?php }else{?>
<p>招待コードは発行されていません。</p>
<?php }?>
<?php }else{?>
<p>サーバーは招待制にされていないため招待コードは利用できません。</p>
<?php }?>
</form>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
<script>
$(document).ready(function() {
$(document).on('click', '.delbtn', function (event) {
var code = $(this).attr('del-code');
var userid = '<?php echo $userid; ?>';
var account_id = '<?php echo $loginid; ?>';
var codeElement = $(this).closest('.server_code');
$.ajax({
url: 'api/code_delete.php',
method: 'POST',
data: { code: code, userid: userid, account_id: account_id },
dataType: 'json',
success: function (response) {
if (response.success) {
codeElement.remove();
} else {
// 削除失敗時の処理
}
},
error: function () {
// エラー時の処理
}
});
});
});
</script>
</body>
</html>
settings_admin/customize_admin.php
+334
View File
@@ -0,0 +1,334 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
$colorfile = "../css/color.css";
$color_info = file_get_contents($colorfile);
$fontfile = "../css/font.css";
$font_info = file_get_contents($fontfile);
$manifestfile = "../manifest/manifest.json";
$manifest_info = file_get_contents($manifestfile);
$err404imagefile = "../server/404imagepath.txt";
$robots = "../robots.txt";
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($pdo) ) {
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$userQuery = $dbh->prepare("SELECT username, userid, profile, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $userid);
$userQuery->execute();
$userData = $userQuery->fetch();
$role = $userData["role"];
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$rerole = $dbh->prepare("SELECT username, userid, password, mailadds, profile, iconname, headname, role, datetime FROM account WHERE userid = :userid");
$rerole->bindValue(':userid', $userid);
// SQL実行
$rerole->execute();
$userdata = $rerole->fetch(); // ここでデータベースから取得した値を $role に代入する
}
if (!empty($pdo)) {
$sql = "SELECT code,used,datetime FROM invitation ORDER BY datetime DESC";
$invcode = $pdo->query($sql);
while ($row = $invcode->fetch(PDO::FETCH_ASSOC)) {
$codes[] = $row;
}
}
if( !empty($_POST['btn_submit']) ) {
//safetextで変換すると死ぬので注意
$colordata = $_POST['colordata'];
$fontdata = $_POST['fontdata'];
$manifestdata = $_POST['manifestdata'];
//色等変数
$file = fopen($colorfile, 'w');
$data = $colordata;
fputs($file, $data);
fclose($file);
//フォント呼び出し
$file = fopen($fontfile, 'w');
$data = $fontdata;
fputs($file, $data);
fclose($file);
//manifest
$file = fopen($manifestfile, 'w');
$data = $manifestdata;
fputs($file, $data);
fclose($file);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>サーバーカスタマイズ - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>サーバーカスタマイズ</h1>
<div>
<p>Color & Fontname CSS</p>
<div class="p2">ここで指定されている色が適用されます。<br>もし適用されなかった場合はキャッシュを削除し再読み込みしてください。<br>表示がおかしくなってしまった場合はカラーコードを再度確認してください。</div>
<textarea id="colordata" placeholder="CSS" class="inbox" type="text" name="colordata"><?php $sinfo = explode("\r", $color_info); foreach ($sinfo as $info) { echo $info; }?></textarea>
</div>
<div>
<p>FontRequire CSS</p>
<div class="p2">ここで指定されている色が適用されます。<br>もし適用されなかった場合はキャッシュを削除し再読み込みしてください。<br>表示がおかしくなってしまった場合はカラーコードを再度確認してください。</div>
<textarea id="fontdata" placeholder="FontRequireCSS" class="inbox" type="text" name="fontdata"><?php $sinfo = explode("\r", $font_info); foreach ($sinfo as $info) { echo $info; }?></textarea>
</div>
<div>
<p>PWA(manifest)</p>
<div class="p2">ここでPWAの設定を変更できます。<br>"short_name"、"name"が表示されるアプリ名、"theme_color"、"background_color"がテーマカラーとPWA起動時のスプラッシュ画面の背景色です。<br>いま記載したもの以外の設定は変更しないことをお勧めします。</div>
<textarea id="manifestdata" placeholder="manifest.json" class="inbox" type="text" name="manifestdata"><?php $sinfo = explode("\r", $manifest_info); foreach ($sinfo as $info) { echo $info; }?></textarea>
</div>
<input type="submit" class = "irobutton" name="btn_submit" value="保存&更新">
</form>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
</html>
settings_admin/hCaptcha_settings/hCaptcha_settings.php
+8
View File
@@ -0,0 +1,8 @@
<?php // Captchaの認証情報
define( 'H_CAPTCHA_ONOFF', '');// trueならhCaptchaが有効
define( 'H_CAPTCHA_SITE_KEY', '');
define( 'H_CAPTCHA_SEAC_KEY', '');
?>
settings_admin/maintenance_admin.php
+358
View File
@@ -0,0 +1,358 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
$serverstopfile = "../server/serverstop.txt";
$htaccessfile = "../.htaccess";
require('../db.php');
require("../function/function.php");
if(!empty(file_get_contents($serverstopfile))){
$serverstop = safetext(file_get_contents($serverstopfile));
}else{
$serverstop = "";
}
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($pdo) ) {
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$userQuery = $dbh->prepare("SELECT username, userid, profile, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $userid);
$userQuery->execute();
$userData = $userQuery->fetch();
$role = $userData["role"];
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$rerole = $dbh->prepare("SELECT username, userid, password, mailadds, profile, iconname, headname, role, datetime FROM account WHERE userid = :userid");
$rerole->bindValue(':userid', $userid);
// SQL実行
$rerole->execute();
$userdata = $rerole->fetch(); // ここでデータベースから取得した値を $role に代入する
}
if (!empty($pdo)) {
$sql = "SELECT code,used,datetime FROM invitation ORDER BY datetime DESC";
$invcode = $pdo->query($sql);
while ($row = $invcode->fetch(PDO::FETCH_ASSOC)) {
$codes[] = $row;
}
}
if( !empty($_POST['btn_submit']) ) {
// 空白除去
$serverstop = safetext($_POST['serverstop']);
//鯖停止
$file = fopen($serverstopfile, 'w');
$data = $serverstop;
fputs($file, $data);
fclose($file);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
}
if( !empty($_POST['serverstop_btn_submit']) ) {
// htaccess用意
$htaccess = "
ErrorDocument 403 /errorpage/serverstop.php
RewriteEngine On
RewriteCond %{REQUEST_URI} !=/function/function.php
RewriteCond %{REQUEST_URI} !=/errorpage/serverstop.php
RewriteCond %{REQUEST_URI} !=/css/home.css
RewriteCond %{REQUEST_URI} !=/css/color.css
RewriteCond %{REQUEST_URI} !=/js/console_notice.js
RewriteCond %{REQUEST_URI} !=/js/unsupported.js
RewriteCond %{REQUEST_URI} !=/img/uwuzulogo.svg
RewriteCond %{REQUEST_URI} !=/favicon/apple-touch-icon-180x180.png
RewriteCond %{REQUEST_URI} !=/favicon/icon-192x192.png
RewriteRule ^.*$ - [R=403,L]
";
// 上書き保存
$file = fopen($htaccessfile, 'w');
$data = $htaccess;
fputs($file, $data);
fclose($file);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>メンテナンス - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>メンテナンス</h1>
<div>
<p>サーバー停止時表示メッセージ</p>
<div class="p2">ここに入力してあるメッセージがサーバー停止時に表示されます。</div>
<textarea id="serverstop" placeholder="現在サーバーは止まっておりません。" class="inbox" type="text" name="serverstop"><?php $s_stop = explode("\r", $serverstop); foreach ($s_stop as $info) { echo $info; }?></textarea>
</div>
<input type="submit" class = "irobutton" name="btn_submit" value="保存&更新">
</form>
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>サーバー停止</h1>
<p>下のボタンを押すとサーバーへのアクセス時にすべてのアクセスがに対して上のサーバー停止時表示メッセージを表示します。<br>サーバーを止める必要がある際に使用してください。<br>復旧には現在の.htaccessファイルを上書きしていただく必要があります。<br>今現在の.htaccessファイルをFTPソフトなどからダウンロードすることを強く推奨します。</p>
<p class="errmsg">サーバーを停止するとこの画面にもログインができなくなります。<br>また、復旧時に今現在の.htaccessファイルを上書きする必要があります。<br>.htaccessファイルとサーバー管理権限はお持ちですか?<br>お持ちでない方は作業を中断してください。</p>
<div class="p2">サーバー停止</div>
<input type="submit" class = "irobutton" name="serverstop_btn_submit" value="サーバー停止">
</form>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
</html>
<script>
$(function(){
$("input"). keydown(function(e) {
if ((e.which && e.which === 13) || (e.keyCode && e.keyCode === 13)) {
return false;
} else {
return true;
}
});
});
</script>
settings_admin/moderation_admin.php
+466
View File
@@ -0,0 +1,466 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
$mojisizefile = "../server/textsize.txt";
$banuseridfile = "../server/banuserid.txt";
$banuserid_info = file_get_contents($banuseridfile);
$banurldomainfile = "../server/banurldomain.txt";
$banurldomain_info = file_get_contents($banurldomainfile);
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
require('../db.php');
require("../function/function.php");
//hCaptcha--------------------------------------------
require('hCaptcha_settings/hCaptcha_settings.php');
//Cloudflare_Turnstile--------------------------------------------
require('CloudflareTurnstile_settings/CloudflareTurnstile_settings.php');
//----------------------------------------------------
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($pdo) ) {
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$userQuery = $dbh->prepare("SELECT username, userid, profile, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $userid);
$userQuery->execute();
$userData = $userQuery->fetch();
$role = $userData["role"];
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$rerole = $dbh->prepare("SELECT username, userid, password, mailadds, profile, iconname, headname, role, datetime FROM account WHERE userid = :userid");
$rerole->bindValue(':userid', $userid);
// SQL実行
$rerole->execute();
$userdata = $rerole->fetch(); // ここでデータベースから取得した値を $role に代入する
}
if (!empty($pdo)) {
$sql = "SELECT code,used,datetime FROM invitation ORDER BY datetime DESC";
$invcode = $pdo->query($sql);
while ($row = $invcode->fetch(PDO::FETCH_ASSOC)) {
$codes[] = $row;
}
}
if( !empty($_POST['btn_submit']) ) {
// 空白除去
$banuserid = safetext($_POST['banuserid']);
$banurldomain = safetext($_POST['banurldomain']);
$max_textsize = safetext($_POST['max_textsize']);
if((int)$max_textsize > 16777216){
$error_message[] = "投稿の最大文字数の限界値を超えています。";
}
if(empty($error_message)){
//banuserid
$file = fopen($banuseridfile, 'w');
$data = $banuserid;
fputs($file, $data);
fclose($file);
//banurldomain
$file = fopen($banurldomainfile, 'w');
$data = $banurldomain;
fputs($file, $data);
fclose($file);
//maxtextsize
$file = fopen($mojisizefile, 'w');
$data = $max_textsize;
fputs($file, $data);
fclose($file);
$hCaptcha_ONOFF = safetext($_POST['hCaptcha_onoff']);
$hCaptcha_sitekey = safetext($_POST['hCaptcha_sitekey']);
$hCaptcha_seackey = safetext($_POST['hCaptcha_seackey']);
$New_hCaptcha_Settings = "
<?php // Captchaの認証情報
define( 'H_CAPTCHA_ONOFF', '".safetext($hCaptcha_ONOFF)."');// trueならhCaptchaが有効
define( 'H_CAPTCHA_SITE_KEY', '".safetext($hCaptcha_sitekey)."');
define( 'H_CAPTCHA_SEAC_KEY', '".safetext($hCaptcha_seackey)."');
?>
";
//設定上書き
$file = fopen('hCaptcha_settings/hCaptcha_settings.php', 'w');
$data = $New_hCaptcha_Settings;
fputs($file, $data);
fclose($file);
//CF_Turnstile
$CF_Turnstile_ONOFF = safetext($_POST['CF_Turnstile_onoff']);
$CF_Turnstile_sitekey = safetext($_POST['CF_Turnstile_sitekey']);
$CF_Turnstile_seackey = safetext($_POST['CF_Turnstile_seackey']);
$New_CF_Turnstile_Settings = "
<?php // Captchaの認証情報
define( 'CF_TURNSTILE_ONOFF', '".safetext($CF_Turnstile_ONOFF)."');// trueならCloudflareTurnstileが有効
define( 'CF_TURNSTILE_SITE_KEY', '".safetext($CF_Turnstile_sitekey)."');
define( 'CF_TURNSTILE_SEAC_KEY', '".safetext($CF_Turnstile_seackey)."');
?>
";
//設定上書き
$file = fopen('CloudflareTurnstile_settings/CloudflareTurnstile_settings.php', 'w');
$data = $New_CF_Turnstile_Settings;
fputs($file, $data);
fclose($file);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
}
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>モデレーション - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>モデレーション</h1>
<div>
<p>登録禁止ユーザーid</p>
<div class="p2">ここに入力してあるユーザーidは登録できません。<br>改行で禁止するユーザーidを指定できます。<br>すでにあるアカウントは影響を受けません。</div>
<textarea id="banuserid" placeholder="uwuzu" class="inbox" type="text" name="banuserid"><?php $sinfo = explode("\r", $banuserid_info); foreach ($sinfo as $info) { echo $info; }?></textarea>
</div>
<hr>
<div>
<p>投稿禁止URLドメイン</p>
<div class="p2">ここに入力してあるドメインが含まれる投稿をしようとすると投稿が拒否されます。<br>なお、この機能はまだ確実な動作が保証されないためベータ版です。<br>位置情報特定サイトなどの対策等にご利用ください。</div>
<textarea id="banurldomain" placeholder="" class="inbox" type="text" name="banurldomain"><?php $sinfo = explode("\r", $banurldomain_info); foreach ($sinfo as $info) { echo $info; }?></textarea>
</div>
<hr>
<div>
<p>投稿の最大文字数</p>
<div class="p2">ここで設定した文字数までの投稿が可能です。<br>なお、データベースより最大文字数を設定している場合そちらが優先されて使用されます。<br>1文字から16777216文字の間で設定が可能です。<br>※uwuzu version 1.3.0以前にuwuzuを導入された方はuwuzuのDB内のtext型を全てmediumtext型にしてください。</div>
<input id="max_textsize" placeholder="1024" class="inbox" type="number" min="1" max="16777216" name="max_textsize" value="<?php if( !empty(file_get_contents($mojisizefile)) ){ echo safetext(file_get_contents($mojisizefile)); } ?>">
</div>
<hr>
<div>
<p>hCaptcha認証</p>
<div class="p2">hCaptchaを使用し、ログイン時とアカウント登録時に認証をすることができます。<br>もし人間でないと判断された場合はアカウント登録やログイン、パスワード変更を受け付けません。</div>
<p>hCaptchaのオンオフ</p>
<div class="switch_button">
<?php if(!empty(H_CAPTCHA_ONOFF && H_CAPTCHA_ONOFF == "true")){?>
<input id="hCaptcha_onoff" class="switch_input" type='checkbox' name="hCaptcha_onoff" value="true" checked/>
<label for="hCaptcha_onoff" class="switch_label"></label>
<?php }else{?>
<input id="hCaptcha_onoff" class="switch_input" type='checkbox' name="hCaptcha_onoff" value="true" />
<label for="hCaptcha_onoff" class="switch_label"></label>
<?php }?>
</div>
<div id="hcaptcha">
<p>hCaptcha - 認証情報設定</p>
<div class="p2">サイトキー</div>
<input id="hcaptcha" placeholder="" class="inbox" type="text" name="hCaptcha_sitekey" value="<?php if( !empty(H_CAPTCHA_SITE_KEY) ){ echo safetext(H_CAPTCHA_SITE_KEY); } ?>">
<div class="p2">シークレットキー</div>
<input id="hcaptcha" placeholder="" class="inbox" type="text" name="hCaptcha_seackey" value="<?php if( !empty(H_CAPTCHA_SEAC_KEY) ){ echo safetext(H_CAPTCHA_SEAC_KEY); } ?>">
<p>デモ</p>
<div class="h-captcha" data-sitekey="10000000-ffff-ffff-ffff-000000000001"></div>
</div>
</div>
<hr>
<div>
<p>CloudflareTurnstile認証</p>
<div class="p2">CloudflareTurnstileを使用し、ログイン時とアカウント登録時に認証をすることができます。<br>もし人間でないと判断された場合はアカウント登録やログイン、パスワード変更を受け付けません。<br>hCaptchaなどと二重に設定することが可能です。</div>
<p>CloudflareTurnstileのオンオフ</p>
<div class="switch_button">
<?php if(!empty(CF_TURNSTILE_ONOFF && CF_TURNSTILE_ONOFF == "true")){?>
<input id="CF_Turnstile_onoff" class="switch_input" type='checkbox' name="CF_Turnstile_onoff" value="true" checked/>
<label for="CF_Turnstile_onoff" class="switch_label"></label>
<?php }else{?>
<input id="CF_Turnstile_onoff" class="switch_input" type='checkbox' name="CF_Turnstile_onoff" value="true" />
<label for="CF_Turnstile_onoff" class="switch_label"></label>
<?php }?>
</div>
<div id="CF_Turnstile">
<p>CloudflareTurnstile - 認証情報設定</p>
<div class="p2">サイトキー</div>
<input id="CF_Turnstile" placeholder="" class="inbox" type="text" name="CF_Turnstile_sitekey" value="<?php if( !empty(CF_TURNSTILE_SITE_KEY) ){ echo safetext(CF_TURNSTILE_SITE_KEY); } ?>">
<div class="p2">シークレットキー</div>
<input id="CF_Turnstile" placeholder="" class="inbox" type="text" name="CF_Turnstile_seackey" value="<?php if( !empty(CF_TURNSTILE_SEAC_KEY) ){ echo safetext(CF_TURNSTILE_SEAC_KEY); } ?>">
<p>デモ<p>
<div class="cf-turnstile" data-sitekey="1x00000000000000000000AA" data-callback="javascriptCallback" data-language="ja"></div>
</div>
</div>
<input type="submit" class = "irobutton" name="btn_submit" value="保存&更新">
</form>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
<script>
$(document).ready(function() {
$(function(){
$("input"). keydown(function(e) {
if ((e.which && e.which === 13) || (e.keyCode && e.keyCode === 13)) {
return false;
} else {
return true;
}
});
});
if ($("#hCaptcha_onoff").prop("checked")) {
$('#hcaptcha').show();
}else{
$('#hcaptcha').hide();
}
$('#hCaptcha_onoff').change(function(){
$('#hcaptcha').toggle();
});
if ($("#CF_Turnstile_onoff").prop("checked")) {
$('#CF_Turnstile').show();
}else{
$('#CF_Turnstile').hide();
}
$('#CF_Turnstile_onoff').change(function(){
$('#CF_Turnstile').toggle();
});
});
</script>
</html>
settings_admin/overview_admin.php
+382
View File
@@ -0,0 +1,382 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
$serverinfofile = '../server/info.txt';
$serverinfo = file_get_contents($serverinfofile);
$servertermsfile = '../server/terms.txt';
$serverterms = file_get_contents($servertermsfile);
$serverprvfile = '../server/privacypolicy.txt';
$serverprv = file_get_contents($serverprvfile);
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
function mb_to_gb($megabyte){
$n_mb = $megabyte / 1024;
return round($n_mb, 1);
}
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
//User
$result = $mysqli->query("SELECT userid FROM account");
$count1 = $result->num_rows;
//ueuse
$result2 = $mysqli->query("SELECT uniqid FROM ueuse");
$count2 = $result2->num_rows;
//emoji
$result3 = $mysqli->query("SELECT sysid FROM emoji");
$count3 = $result3->num_rows;
//bot
$result4 = $mysqli->query("SELECT userid FROM account WHERE sacinfo = 'bot'");
$count4 = $result4->num_rows;
if(function_exists("disk_free_space")){
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
$disk = true;
$diskFree = (int) disk_free_space('C:') / 1024 / 1024;
$diskTotal = (int) disk_total_space('C:') / 1024 / 1024;
$diskUmari = $diskTotal - $diskFree;
if ($diskFree / $diskTotal < 0.1) {
$disk_over90p = true;
}else{
$disk_over90p = false;
}
$loadAve = null;
} else {
$disk = true;
$diskFree = (int) disk_free_space('/') / 1024 / 1024;
$diskTotal = (int) disk_total_space('/') / 1024 / 1024;
$diskUmari = $diskTotal - $diskFree;
if ($diskFree / $diskTotal < 0.1) {
$disk_over90p = true;
}else{
$disk_over90p = false;
}
if(function_exists("sys_getloadavg")){
$loadAve = sys_getloadavg()[0];
}else{
$loadAve = null;
}
}
}else{
$disk = false;
$diskFree = 5000;
$diskUmari = 5000;
$diskTotal = 10000;
$disk_over90p = false;
if(function_exists("sys_getloadavg")){
$loadAve = sys_getloadavg()[0];
}else{
$loadAve = null;
}
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>サーバー概要 - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<div class="formarea">
<h1>サーバー概要</h1>
<!--(サーバーアイコン)-->
<?php if( !empty($serversettings["serverinfo"]["server_head"]) ){ ?>
<div class="serverhead">
<img src="<?php echo safetext($serversettings["serverinfo"]["server_head"]); ?>">
</div>
<?php }?>
<?php if( !empty($serversettings["serverinfo"]["server_icon"]) ){ ?>
<div class="servericon">
<?php if( !empty($serversettings["serverinfo"]["server_head"]) ){ ?>
<div class="up">
<img src="<?php echo safetext($serversettings["serverinfo"]["server_icon"]); ?>">
</div>
<?php }else{?>
<img src="<?php echo safetext($serversettings["serverinfo"]["server_icon"]); ?>">
<?php }?>
</div>
<?php }?>
<!--(サーバーアイコンここまで)-->
<p>サーバー名</p>
<p><?php if( !empty(safetext($serversettings["serverinfo"]["server_name"])) ){ echo safetext($serversettings["serverinfo"]["server_name"]); } ?></p>
<hr>
<p>サーバー紹介メッセージ</p>
<p><?php $sinfo = explode("\n", $serverinfo); foreach ($sinfo as $info) { echo nl2br(safetext($info)); }?></p>
<hr>
<p>サーバー管理者の名前</p>
<p><?php if( !empty(safetext($serversettings["serverinfo"]["server_admin"])) ){ echo safetext($serversettings["serverinfo"]["server_admin"]); } ?></p>
<hr>
<p>サーバーへのお問い合わせ用メールアドレス</p>
<p><?php if( !empty(safetext($serversettings["serverinfo"]["server_admin_mailadds"])) ){ echo safetext($serversettings["serverinfo"]["server_admin_mailadds"]); } ?></p>
<hr>
<p>統計情報</p>
<div class="overview">
<div class="overview_cnt_l">
<div class="p2">ユーザー数</div>
<p><?php echo safetext($count1);?></p>
</div>
<div class="overview_cnt_r">
<div class="p2">投稿数</div>
<p><?php echo safetext($count2);?></p>
</div>
</div>
<div class="overview">
<div class="overview_cnt_l">
<div class="p2">カスタム絵文字数</div>
<p><?php echo safetext($count3);?></p>
</div>
<div class="overview_cnt_r">
<div class="p2">Botアカウント数</div>
<p><?php echo safetext($count4);?></p>
</div>
</div>
<hr>
<p>ディスク空き容量</p>
<?php if($disk == true){?>
<?php if($disk_over90p == true){?>
<p class="errmsg">90%以上が使用済みです。<br>早急に容量拡張などの対応を考えてください!</p>
<?php }else{?>
<p>ディスク空き容量には余裕があります。</p>
<?php };?>
<div class="graph">
<div class="per" style="width:calc(<?php echo round((int)mb_to_gb($diskUmari) / (int)mb_to_gb($diskTotal) * 100, 1);?>% - 8px);">
</div>
</div>
<p>使用済み : <?php echo mb_to_gb($diskUmari)."GB/".mb_to_gb($diskTotal);?>GB<br>
空き容量 : <?php echo mb_to_gb($diskFree);?>GB</p>
<?php }else{?>
<p>空き容量の取得ができませんでした。</p>
<?php };?>
<hr>
<p>ロードアベレージ</p>
<div class="p2">ロードアベレージはCPUのコア数と照らし合わせて活用してください。<br>
"ロードアベレージ/CPUコア数"で計算をした時に1.0を超えると処理が重くなっています。<br>
※Windows環境ではロードアベレージの取得はできません。</div>
<?php if(empty($loadAve)){?>
<p>ロードアベレージの取得ができませんでした。</p>
<?php }else{?>
<p>過去1分間のロードアベレージ : <?php echo $loadAve?></p>
<?php };?>
</div>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
</html>
settings_admin/plugin_admin.php
+407
View File
@@ -0,0 +1,407 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
$serverstopfile = "../server/serverstop.txt";
$domain = $_SERVER['HTTP_HOST'];
require('../db.php');
require("../function/function.php");
if(!empty(file_get_contents($serverstopfile))){
$serverstop = safetext(file_get_contents($serverstopfile));
}else{
$serverstop = "";
}
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
//phpmailer--------------------------------------------
require('plugin_settings/phpmailer_settings.php');
require('plugin_settings/phpmailer_sender.php');
//------------------------------------------------------
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($_POST['btn_submit']) ) {
$N_MAIL_ONOFF = safetext($_POST['mailchks_onoff']);
$N_MAIL_ADDS = safetext($_POST['N_MAIL_ADDS']);
$N_MAIL_HOST = safetext($_POST['N_MAIL_HOST']);
$N_MAIL_PORT = safetext($_POST['N_MAIL_PORT']);
$N_MAIL_USER = safetext($_POST['N_MAIL_USER']);
$N_MAIL_PASS = safetext($_POST['N_MAIL_PASS']);
$N_MAIL_SSL_ = safetext($_POST['ssl_tls_none']);
$New_Mail_Settings = "
<?php // メールサーバーの情報
define( 'MAIL_CHKS', '".$N_MAIL_ONOFF."');// trueならPHPMailerが有効
define( 'MAIL_ADDS', '".$N_MAIL_ADDS."');
define( 'MAIL_HOST', '".$N_MAIL_HOST."');
define( 'MAIL_PORT', '".$N_MAIL_PORT."');
define( 'MAIL_USER', '".$N_MAIL_USER."');
define( 'MAIL_PASS', '".$N_MAIL_PASS."');
define( 'MAIL_SSL_', '".$N_MAIL_SSL_."');
?>
";
//設定上書き
$file = fopen('plugin_settings/phpmailer_settings.php', 'w');
$data = $New_Mail_Settings;
fputs($file, $data);
fclose($file);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
}
if( !empty($_POST['testmail_send_btn_submit']) ) {
$test_mail_adds = safetext($_POST['test_sender_adds']);
$mail_title = "Test email";
$mail_text = "これはuwuzuのテストメールです。 問題なく受信できていますか?";
$error_message[] = send_html_mail($test_mail_adds,$mail_title,$mail_text,"../");
}
/*
$plugin_chk_result = glob('../plugin/*');
$plugin_data = array();
foreach ($plugin_chk_result as $plugin_path) {
if (file_exists($plugin_path . "/plugin_config.json")) {
$plugin_conf = json_decode(file_get_contents($plugin_path . "/plugin_config.json"), true);
if ($plugin_conf) {
$plugin_data[] = array(
"name" => $plugin_conf["name"],
"version" => $plugin_conf["version"],
"author" => $plugin_conf["author"],
"description" => $plugin_conf["description"]
);
}
}
}
*/
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>プラグイン - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>プラグイン</h1>
<p>PHPMailerなどとの連携が可能です。</p>
<!--
<php if(!(empty($plugin_data))){?>
<php foreach ($plugin_data as $value) {?>
<div class="server_code">
<details>
<summary><php echo safetext($value["name"]);?></summary>
<div class="p2">バージョン</div>
<p><php echo safetext($value["version"]);?></p>
<hr>
<div class="p2">説明</div>
<p><php echo nl2br(safetext($value["description"]));?></p>
<hr>
<div class="p2">制作者</div>
<p><php echo safetext($value["author"]);?></p>
</details>
</div>
<php }?>
<php }?>
-->
<div>
<p>自動メールプラグイン</p>
<div class="p2">PHPMailerと連携し、パスワードリセット時やログイン通知などを自動送信することができます。<br>SMTP送信のみ対応です。<br><b>pluginフォルダに解凍済みのPHPMailerのファイル一式が入っていることが必須要件になります。</b><br>plugin/PHPMailer/README.MDなど一式</div>
<p>自動メールプラグインのオンオフ</p>
<div class="switch_button">
<?php if(!empty(MAIL_CHKS && MAIL_CHKS == "true")){?>
<input id="mailchks_onoff" class="switch_input" type='checkbox' name="mailchks_onoff" value="true" checked/>
<label for="mailchks_onoff" class="switch_label"></label>
<?php }else{?>
<input id="mailchks_onoff" class="switch_input" type='checkbox' name="mailchks_onoff" value="true" />
<label for="mailchks_onoff" class="switch_label"></label>
<?php }?>
</div>
<div id="mail_plugin">
<p>PHPMailer - メールサーバー設定</p>
<div class="p2">メールアドレス</div>
<input id="mail_plugin" placeholder="user@localhost" class="inbox" type="text" name="N_MAIL_ADDS" value="<?php if( !empty(MAIL_ADDS) ){ echo safetext(MAIL_ADDS); } ?>">
<div class="p2">ホスト名</div>
<input id="mail_plugin" placeholder="smtp.mailserver.com" class="inbox" type="text" name="N_MAIL_HOST" value="<?php if( !empty(MAIL_HOST) ){ echo safetext(MAIL_HOST); } ?>">
<div class="p2">ポート番号</div>
<input id="mail_plugin" placeholder="465" class="inbox" type="text" name="N_MAIL_PORT" value="<?php if( !empty(MAIL_PORT) ){ echo safetext(MAIL_PORT); } ?>">
<div class="p2">ユーザー名</div>
<input id="mail_plugin" placeholder="from@localhost" class="inbox" type="text" name="N_MAIL_USER" value="<?php if( !empty(MAIL_USER) ){ echo safetext(MAIL_USER); } ?>">
<div class="p2">パスワード</div>
<input id="mail_plugin" placeholder="password" class="inbox" type="text" name="N_MAIL_PASS" style="-webkit-text-security:disc;" value="<?php if( !empty(MAIL_PASS) ){ echo safetext(MAIL_PASS); } ?>">
<div class="p2">暗号化設定</div>
<div class="radio_btn_zone">
<input type="radio" name="ssl_tls_none" value="SSL" id="SSL" class="radiobtn_input" <?php if(!empty(MAIL_SSL_ && MAIL_SSL_ == "SSL")){echo "checked";}?>>
<label for="SSL" class="radiobtn_label">SSL</label>
<input type="radio" name="ssl_tls_none" value="TLS" id="TLS" class="radiobtn_input" <?php if(!empty(MAIL_SSL_ && MAIL_SSL_ == "TLS")){echo "checked";}?>>
<label for="TLS" class="radiobtn_label">TLS</label>
<input type="radio" name="ssl_tls_none" value="NONE" id="NONE" class="radiobtn_input" <?php if(!empty(MAIL_SSL_ && MAIL_SSL_ == "NONE")){echo "checked";}?>>
<label for="NONE" class="radiobtn_label">なし</label>
</div>
</div>
</div>
<input type="submit" class = "irobutton" name="btn_submit" value="保存&更新">
</form>
<?php if(!empty(MAIL_CHKS && MAIL_CHKS == "true")){?>
<form class="formarea" enctype="multipart/form-data" method="post">
<div id="mail_plugin_chk">
<p>メールテスト送信</p>
<input id="mail_plugin" placeholder="admin@localhost" class="inbox" type="text" name="test_sender_adds" value="">
<input type="submit" class = "irobutton" name="testmail_send_btn_submit" value="テスト送信">
</div>
</form>
<?php }?>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
</html>
<script>
$(function(){
$("input"). keydown(function(e) {
if ((e.which && e.which === 13) || (e.keyCode && e.keyCode === 13)) {
return false;
} else {
return true;
}
});
});
if ($("#mailchks_onoff").prop("checked")) {
$('#mail_plugin').show();
$('#mail_plugin_chk').show();
}else{
$('#mail_plugin').hide();
$('#mail_plugin_chk').hide();
}
$('#mailchks_onoff').change(function(){
$('#mail_plugin').toggle();
$('#mail_plugin_chk').toggle();
});
</script>
settings_admin/plugin_settings/phpmailer_sender.php
+188
View File
@@ -0,0 +1,188 @@
<?php
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
use PHPMailer\PHPMailer\SMTP;
function send_html_mail($mailadds,$mailtitle,$mailtext,$server_file_backslash){
if(!empty(MAIL_CHKS && MAIL_CHKS == "true")){
if(file_exists("".$server_file_backslash."plugin/PHPMailer/")){
require(''.$server_file_backslash.'plugin/PHPMailer/src/PHPMailer.php');
require(''.$server_file_backslash.'plugin/PHPMailer/src/Exception.php');
require(''.$server_file_backslash.'plugin/PHPMailer/src/SMTP.php');
}else{
$error_message[] = "pluginフォルダにPHPMailerがありません<br>ファイル名などをお間違いではありませんか?(PLUGIN_NOT_FOUND)";
}
}else{
$error_message[] = "メール送信プラグインは無効です。(PLUGIN_MUKOU)";
}
$serversettings = parse_ini_file("".$server_file_backslash."server/serversettings.ini", true);
$domain = $_SERVER['HTTP_HOST'];
$mail_adds = htmlentities($mailadds);
$mail_title = htmlentities($mailtitle);
$x_mailtext = htmlentities($mailtext);
$mail_text = str_replace( ' ', '<br>', $x_mailtext );
if(!(filter_var($mail_adds, FILTER_VALIDATE_EMAIL))){
$error_message[] = 'メールアドレスが正しくありません...(MAILADDS_CHECK_DAME)';
}
if(empty($error_message)){
if(htmlentities(MAIL_SSL_) == "NONE"){
$Mail_SSL = false;
}elseif(htmlentities(MAIL_SSL_) == "SSL"){
$Mail_SSL = "ssl";
}elseif(htmlentities(MAIL_SSL_) == "TLS"){
$Mail_SSL = "tls";
}
$s_name = htmlspecialchars($serversettings['serverinfo']['server_name'], ENT_QUOTES, 'UTF-8');
$now_date = date("Y-m-d H:i:s");
$logo_path = htmlspecialchars($serversettings["serverinfo"]["server_logo_login"], ENT_QUOTES, 'UTF-8');
if(empty($logo_path)){
$logo_path = "https://".$domain."/img/uwuzulogo.svg";
}
mb_language('uni');
mb_internal_encoding('UTF-8');
$mail = new PHPMailer(true);
$mail->CharSet = 'utf-8';
try {
// SMTPサーバの設定
$mail->isSMTP(); // SMTPの使用宣言
$mail->Host = htmlentities(MAIL_HOST); // SMTPサーバーを指定
$mail->SMTPAuth = true; // SMTP authenticationを有効化
$mail->Username = htmlentities(MAIL_USER); // SMTPサーバーのユーザ名
$mail->Password = htmlentities(MAIL_PASS); // SMTPサーバーのパスワード
$mail->SMTPSecure = $Mail_SSL; // 暗号化を有効(tls or ssl)無効の場合はfalse
$mail->Port = (int)htmlentities(MAIL_PORT); // TCPポートを指定(tlsの場合は465や587)
$mail->setFrom(htmlentities(MAIL_ADDS), htmlspecialchars($serversettings["serverinfo"]["server_name"], ENT_QUOTES, 'UTF-8')); // 送信者
$mail->addAddress(htmlentities($mail_adds)); // 宛先
$mail->addReplyTo(htmlspecialchars($serversettings["serverinfo"]["server_admin_mailadds"], ENT_QUOTES, 'UTF-8'), 'お問い合わせ'); // 返信先
$mail->Sender = htmlspecialchars($serversettings["serverinfo"]["server_admin_mailadds"], ENT_QUOTES, 'UTF-8'); // Return-path
// 送信内容設定
$mail->isHTML(true);
$mail->Subject = $mail_title;
$mail->Body = <<<EOD
<!DOCTYPE HTML>
<html xmlns="http://www.w3.org/1999/xhtml" lang="ja">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="viewport" content="width=device-width" />
<style>
body{
margin: 0px;
background-color: #F5F5F5;
}
table{
max-width: 640px;
width: 640px;
margin: 32px auto;
background-color: #FFFFFF;
border-radius: 10px;
border: solid 1px #EEEEEE;
overflow: hidden;
}
table .headtop{
background-color: #FFC832;
height: 64px;
font-size: 32px;
font-family: 'BIZ UDPGothic', sans-serif;
font-weight: bold;
margin: 0px;
width: 100%;
padding-left: 16px;
color: #FFFFFF;
}
table .headtop img{
line-height: 48px;
height: 48px;
margin: 8px 0px;
width: auto;
}
table .inner{
padding: 16px;
}
table h1{
font-size: 32px;
font-family: 'BIZ UDPGothic', sans-serif;
font-weight: bold;
margin: 8px auto;
color: #252525;
}
table p{
font-family: 'BIZ UDPGothic', sans-serif;
font-size: 16px;
margin: 8px auto;
color: #252525;
}
table .footbtm{
background-color: #252525;
height: 48px;
line-height: 48px;
font-size: 16px;
font-weight: normal;
margin: 0px;
width: 100%;
padding-left: 16px;
display: flex;
}
table .footbtm p{
color: #F7F7F7;
font-family: 'BIZ UDPGothic', sans-serif;
margin: 0px 8px 0px 0px;
}
table .footbtm a{
margin: 0px 8px 0px 0px;
display: block;
font-family: 'BIZ UDPGothic', sans-serif;
text-decoration: none;
color: #FFC832;
}
</style>
</head>
<body>
<table cellpadding="0" border="0" cellspacing="0">
<tr>
<td class="headtop">
<img src="{$logo_path}">
</td>
</tr>
<tr>
<td class="inner">
<h1>{$mail_title}</h1>
<p>{$mail_text}</p>
</td>
</tr>
<tr>
<td class="footbtm">
<p>{$now_date}</p>
<a href="https://{$domain}">{$s_name}</a>
</td>
</tr>
</table>
</body>
</html>
EOD;
// 送信
$mail->send();
} catch (Exception $e) {
// エラーの場合
$error_message[] = "PHPMailer Error:<br> ".$mail->ErrorInfo."";
return $error_message;
}
}else{
return $error_message;
}
}
?>
settings_admin/plugin_settings/phpmailer_settings.php
+12
View File
@@ -0,0 +1,12 @@
<?php // メールサーバーの情報
define( 'MAIL_CHKS', '');// trueならPHPMailerが有効
define( 'MAIL_ADDS', '');
define( 'MAIL_HOST', '');
define( 'MAIL_PORT', '');
define( 'MAIL_USER', '');
define( 'MAIL_PASS', '');
define( 'MAIL_SSL_', '');
?>
settings_admin/role_admin.php
+693
View File
@@ -0,0 +1,693 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($_POST['role_btn_submit']) ) {
$rolename = safetext($_POST['rolename']);
$roleid = safetext($_POST['roleid']);
$rolecolor = safetext($_POST['rolecolor']);
$roleeffect = safetext($_POST['roleeffect']);
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$query = $dbh->prepare('SELECT * FROM role WHERE roleidname = :roleid limit 1');
$query->execute(array(':roleid' => $roleid));
$result3 = $query->fetch();
if(empty($rolename)){
$error_message[] = "ロール名が入力されていません。(INPUT_PLEASE)";
}
if(empty($roleid)){
$error_message[] = "ロールのidが入力されていません。(ROLE_ID_INPUT_PLEASE)";
}elseif($result3 > 0){
$error_message[] = 'このロールのid('.$roleid.')は既に使用されています。他のidを作成してください。(ROLE_ID_SHIYOUZUMI)';
}
if(empty($rolecolor)){
$error_message[] = "ロールの色が入力されていません。(INPUT_PLEASE)";
}
if(empty($roleeffect)){
$error_message[] = "ロールに適用するエフェクトが選択されていません。(INPUT_PLEASE)";
}else{
if($roleeffect == "1"){
$save_role_effect = "none";
}
if($roleeffect == "2"){
$save_role_effect = "shine";
}
if($roleeffect == "3"){
$save_role_effect = "rainbow";
}
}
if(!($roleid == "ice" || $roleid == "official" || $roleid == "user")){
$error_message[] = "システムロールは作成できません。(DON'T_TOUCH_SYSTEM_ROLE)";
}
if (!empty($pdo)) {
if (empty($error_message)) {
// 書き込み日時を取得
$datetime = date("Y-m-d H:i:s");
$roleauth = "user";
// トランザクション開始
$pdo->beginTransaction();
try {
// SQL作成
$stmt = $pdo->prepare("INSERT INTO role (rolename, roleauth, rolecolor, roleidname, roleeffect) VALUES (:rolename, :roleauth, :rolecolor, :roleidname, :roleeffect)");
$stmt->bindParam(':rolename', $rolename, PDO::PARAM_STR);
$stmt->bindParam(':roleauth', $roleauth, PDO::PARAM_STR);
$stmt->bindParam(':rolecolor', $rolecolor, PDO::PARAM_STR);
$stmt->bindParam(':roleidname', $roleid, PDO::PARAM_STR);
$stmt->bindParam(':roleeffect', $save_role_effect, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if( $res ) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
$error_message[] = $e->getMessage();
}
// プリペアドステートメントを削除
$stmt = null;
}
}
}
if( !empty($_POST['role_del']) ) {
$role_id = safetext($_POST['role_id']);
if(!($role_id == "ice" || $role_id == "official" || $role_id == "user")){
$error_message[] = "システムロールは削除できません。(DON'T_TOUCH_SYSTEM_ROLE)";
}
if(empty($error_message)){
try{
// 通知削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM role WHERE roleidname = :roleid");
$deleteQuery->bindValue(':roleid', $role_id, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// ロールを削除したい全てのアカウントを取得
$query = $pdo->prepare("SELECT * FROM account WHERE role LIKE :pattern1 OR role LIKE :pattern2 OR role LIKE :pattern3");
$query->bindValue(':pattern1', "%,$role_id,%", PDO::PARAM_STR);
$query->bindValue(':pattern2', "%,$role_id", PDO::PARAM_STR);
$query->bindValue(':pattern3', "$role_id,%", PDO::PARAM_STR);
$query->execute();
$accounts = $query->fetchAll();
foreach ($accounts as $account) {
// フォローの更新
if (strpos($account['role'], ",$role_id,") !== false || strpos($account['role'], ",$role_id") !== false || strpos($account['role'], "$role_id,") !== false) {
$delrole_roleList = explode(',', $account['role']);
$delrole_roleList = array_diff($delrole_roleList, array($role_id));
$new_delrole_roleList = implode(',', $delrole_roleList);
$updateroleQuery = $pdo->prepare("UPDATE account SET role = :role WHERE userid = :userid");
$updateroleQuery->bindValue(':role', $new_delrole_roleList, PDO::PARAM_STR);
$updateroleQuery->bindValue(':userid', $account['userid'], PDO::PARAM_STR);
$updateroleQuery->execute();
}
}
} catch (Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if( $res ) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
$error_message[] = $e->getMessage();
}
}
}
if( !empty($_POST['send_add_role_submit']) ) {
$add_userid = safetext($_POST['add_userid']);
$add_roleid = safetext($_POST['add_roleid']);
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$query = $dbh->prepare('SELECT * FROM account WHERE userid = :userid limit 1');
$query->execute(array(':userid' => $add_userid));
$result4 = $query->fetch();
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$query = $dbh->prepare('SELECT * FROM role WHERE roleidname = :roleid limit 1');
$query->execute(array(':roleid' => $add_roleid));
$result5 = $query->fetch();
if($result4 > 0 && $result5 > 0){
if(!($add_roleid == "ice")){
$error_message[] = "凍結ロールは付与できません。ユーザー管理画面より凍結してください。(BAD_REQUEST)";
}
if($result4["role"] == "ice"){
$error_message[] = "凍結されたユーザーにロールを追加することはできません。";
}
if (false !== strstr($result4["role"], ','.$add_roleid)) {
$error_message[] = "既に".$add_roleid."は付与済みです。(ROLE_HUYOZUMI)";
}
$New_role_id = $result4["role"] . ',' . $add_roleid;
if(empty($error_message)){
try{
// ロールの更新
$updateRoleQuery = $pdo->prepare("UPDATE account SET role = :newrole WHERE userid = :userid");
$updateRoleQuery->bindValue(':newrole', "$New_role_id", PDO::PARAM_STR);
$updateRoleQuery->bindValue(':userid', $add_userid, PDO::PARAM_STR);
$res = $updateRoleQuery->execute();
} catch (Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if( $res ) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
$error_message[] = $e->getMessage();
}
// プリペアドステートメントを削除
$stmt = null;
}
}else{
$error_message[] = "ロールがないまたはユーザーがいません。(ROLE_OR_USER_NOT_FOUND)";
}
}
if( !empty($_POST['send_del_role_submit']) ) {
$del_userid = safetext($_POST['del_userid']);
$del_roleid = safetext($_POST['del_roleid']);
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$query = $dbh->prepare('SELECT * FROM account WHERE userid = :userid limit 1');
$query->execute(array(':userid' => $del_userid));
$result4 = $query->fetch();
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$query = $dbh->prepare('SELECT * FROM role WHERE roleidname = :roleid limit 1');
$query->execute(array(':roleid' => $del_roleid));
$result5 = $query->fetch();
if($result4 > 0 && $result5 > 0){
if(!($del_roleid == "ice")){
$error_message[] = "凍結ロールは削除できません。ユーザー管理画面より凍結解除してください。(BAD_REQUEST)";
}
$userQuery = $dbh->prepare("SELECT role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $del_userid);
$userQuery->execute();
$userData = $userQuery->fetch();
// ロール剥奪ボタンが押された場合の処理
$roleList = explode(',', $userData['role']);
if (in_array($del_roleid, $roleList)) {
// 自分が相手をフォローしている場合、相手のfollowerカラムと自分のfollowカラムを更新
$roleList = array_diff($roleList, array($del_roleid));
$newroleList = implode(',', $roleList);
// UPDATE文を実行してフォロー情報を更新
$updateQuery = $pdo->prepare("UPDATE account SET role = :role WHERE userid = :userid");
$updateQuery->bindValue(':role', $newroleList, PDO::PARAM_STR);
$updateQuery->bindValue(':userid', $del_userid, PDO::PARAM_STR);
$res = $updateQuery->execute();
if ($res) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:" . $url);
exit;
} else {
$error_message[] = '更新に失敗しました。(REGISTERED_DAME)';
}
$stmt = null;
}
}else{
$error_message[] = "ロールがないまたはユーザーがいません。(ROLE_OR_USER_NOT_FOUND)";
}
}
require('../logout/logout.php');
if (!empty($pdo)) {
$sql = "SELECT * FROM role";
$allrole = $pdo->query($sql);
while ($row = $allrole->fetch(PDO::FETCH_ASSOC)) {
$roles[] = $row;
}
}
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>ロール - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>ロール作成</h1>
<p>ここではロールを作成できます。</p>
<div>
<p>ロール名</p>
<div class="p2">ロールの表示名です。</div>
<input id="rolename" placeholder="RoleName" class="inbox" type="text" name="rolename" value="">
</div>
<div>
<p>ロールid</p>
<div class="p2">ロールのidです。ロールを付与する際に使用されるidです。</div>
<input onInput="checkForm(this)" id="roleid" placeholder="role" class="inbox" type="text" name="roleid" value="">
</div>
<div>
<p>ロールの色</p>
<div class="p2">ロールの色です。<br>HEXコードで入力してください。(#はつけないでください。)</div>
<input id="rolecolor" onInput="checkForm(this)" placeholder="256238" class="inbox" type="text" name="rolecolor" maxlength="6" value="">
</div>
<div>
<div class="p2">ロールに付与するエフェクト</div>
<div class="radio_btn_zone">
<input type="radio" name="roleeffect" value="1" id="1" class="radiobtn_input" checked>
<label for="1" class="radiobtn_label">なし</label>
<input type="radio" name="roleeffect" value="2" id="2" class="radiobtn_input">
<label for="2" class="radiobtn_label">輝かせる</label>
<input type="radio" name="roleeffect" value="3" id="3" class="radiobtn_input">
<label for="3" class="radiobtn_label">枠を虹色にする</label>
</div>
</div>
<input type="submit" class = "irobutton" name="role_btn_submit" value="作成">
</form>
<div class="formarea">
<hr>
<h1>ロール付与</h1>
<p>特定のユーザーにロール付与するときに使用してください。</p>
<button id="addrole" class="irobutton">付与</button>
<hr>
<h1>ロール剥奪</h1>
<p>特定のユーザーからロールを剥奪する時に使用してください。</p>
<button id="delrole" class="irobutton">剥奪</button>
<hr>
<h1>ロール一覧</h1>
<?php if(!(empty($roles))){?>
<?php foreach ($roles as $value) {?>
<div class="server_code">
<details>
<summary><?php echo safetext($value["rolename"]);?></summary>
<hr>
<p>ロールのid:<?php echo safetext($value["roleidname"]);?></p>
<p>ロールの色:#<?php echo safetext($value["rolecolor"]);?></p>
<p>ロールのエフェクト:<?php
if(safetext($value["roleeffect"]) == '' || safetext($value["roleeffect"]) == 'none'){
$role_view_effect = "なし";
}elseif(safetext($value["roleeffect"]) == 'shine'){
$role_view_effect = "輝かせる";
}elseif(safetext($value["roleeffect"]) == 'rainbow'){
$role_view_effect = "枠を虹色にする";
}else{
$role_view_effect = "不明";
}
echo $role_view_effect;
?></p>
<hr>
<div class="roleboxes">
<?php
if(safetext($value["roleeffect"]) == '' || safetext($value["roleeffect"]) == 'none'){
$role_view_effect = "";
}elseif(safetext($value["roleeffect"]) == 'shine'){
$role_view_effect = "shine";
}elseif(safetext($value["roleeffect"]) == 'rainbow'){
$role_view_effect = "rainbow";
}else{
$role_view_effect = "";
}
?>
<div class="rolebox <?php echo safetext($role_view_effect); ?>" style="border: 1px solid <?php echo '#' . safetext($value["rolecolor"]); ?>;">
<p style="color: <?php echo '#' . $value["rolecolor"]; ?>;">
<?php if (!empty($value["rolename"])) { echo safetext($value["rolename"]); }else{ echo("ロールが正常に設定されていません。");} ?>
</p>
</div>
</div>
<hr>
<form enctype="multipart/form-data" method="post">
<?php if(!($value["roleidname"] === "user" || $value["roleidname"] === "official" || $value["roleidname"] === "ice")){?>
<div class="delbox">
<p>削除ボタンを押すとこのロールは削除されます。<br>また、このロールをつけているユーザー全員からこのロールが剥奪されます。</p>
<input type="text" name="role_id" id="role_id" value="<?php echo safetext($value["roleidname"]);?>" style="display:none;" >
<input type="submit" name="role_del" class="delbtn" value="削除">
</div>
<?php }else{?>
<div class="delbox">
<p>このロールは削除できません。</p>
</div>
<?php }?>
</form>
</details>
</div>
<?php }?>
<?php }?>
</div>
</div>
</div>
<div id="account_addrole_Modal" class="modal">
<div class="modal-content">
<h1>ロール付与</h1>
<p>ロール付与先のユーザーidと付与したいロールのidを入力してください。</p>
<form method="post" id="deleteForm">
<div class="p2">付与先ユーザーid</div>
<input type="text" id="add_userid" onInput="checkForm(this)" class="inbox" placeholder="admin" name="add_userid" value="">
<div class="p2">付与するロールid</div>
<input type="text" id="add_roleid" onInput="checkForm(this)" class="inbox" placeholder="role" name="add_roleid" value="">
<div class="btn_area">
<input type="submit" id="deleteButton" class="fbtn_no" name="send_add_role_submit" value="付与">
<input type="button" id="cancelButton" class="fbtn" value="キャンセル">
</div>
</form>
</div>
</div>
<div id="account_delrole_Modal" class="modal">
<div class="modal-content">
<h1>ロール剥奪</h1>
<p>ロール剥奪先のユーザーidと剥奪したいロールのidを入力してください。</p>
<form method="post" id="delrole_Form">
<div class="p2">剥奪先ユーザーid</div>
<input type="text" id="del_userid" onInput="checkForm(this)" class="inbox" placeholder="admin" name="del_userid" value="">
<div class="p2">剥奪するロールid</div>
<input type="text" id="del_roleid" onInput="checkForm(this)" class="inbox" placeholder="role" name="del_roleid" value="">
<div class="btn_area">
<input type="submit" id="delrole_deleteButton" class="fbtn_no" name="send_del_role_submit" value="剥奪">
<input type="button" id="delrole_cancelButton" class="fbtn" value="キャンセル">
</div>
</form>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
<script type="text/javascript">
function checkForm(inputElement) {
var str = inputElement.value;
while (str.match(/[^A-Za-z\d_]/)) {
str = str.replace(/[^A-Za-z\d_]/, "");
}
inputElement.value = str;
}
var modal = document.getElementById('account_addrole_Modal');
var deleteButton = document.getElementById('deleteButton');
var cancelButton = document.getElementById('cancelButton'); // 追加
var modalMain = $('.modal-content');
document.getElementById("addrole").addEventListener('click', function(){
modal.style.display = 'block';
modalMain.addClass("slideUp");
modalMain.removeClass("slideDown");
deleteButton.addEventListener('click', () => {
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal.style.display = 'none';
}, 150);
});
cancelButton.addEventListener('click', () => { // 追加
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal.style.display = 'none';
}, 150);
});
});
var modal2 = document.getElementById('account_delrole_Modal');
var delrole_deleteButton = document.getElementById('delrole_deleteButton');
var delrole_cancelButton = document.getElementById('delrole_cancelButton'); // 追加
var modalMain = $('.modal-content');
document.getElementById("delrole").addEventListener('click', function(){
modal2.style.display = 'block';
modalMain.addClass("slideUp");
modalMain.removeClass("slideDown");
delrole_deleteButton.addEventListener('click', () => {
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal2.style.display = 'none';
}, 150);
});
delrole_cancelButton.addEventListener('click', () => { // 追加
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal2.style.display = 'none';
}, 150);
});
});
</script>
</html>
settings_admin/serveradmin.php
+546
View File
@@ -0,0 +1,546 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
$serverinfofile = '../server/info.txt';
$serverinfo = file_get_contents($serverinfofile);
$servertermsfile = '../server/terms.txt';
$serverterms = file_get_contents($servertermsfile);
$serverprvfile = '../server/privacypolicy.txt';
$serverprv = file_get_contents($serverprvfile);
$err404imagefile = "../server/404imagepath.txt";
$robots = "../robots.txt";
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($pdo) ) {
// データベース接続の設定
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$userQuery = $dbh->prepare("SELECT username, userid, profile, role FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $userid);
$userQuery->execute();
$userData = $userQuery->fetch();
$role = $userData["role"];
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
$rerole = $dbh->prepare("SELECT username, userid, password, mailadds, profile, iconname, headname, role, datetime FROM account WHERE userid = :userid");
$rerole->bindValue(':userid', $userid);
// SQL実行
$rerole->execute();
$userdata = $rerole->fetch(); // ここでデータベースから取得した値を $role に代入する
}
if (!empty($pdo)) {
$sql = "SELECT code,used,datetime FROM invitation ORDER BY datetime DESC";
$invcode = $pdo->query($sql);
while ($row = $invcode->fetch(PDO::FETCH_ASSOC)) {
$codes[] = $row;
}
}
if( !empty($_POST['btn_submit']) ) {
$servericon = safetext($_POST['servericon']);
$serverhead = safetext($_POST['serverhead']);
$serverlogo_onoff = safetext($_POST['serverlogo_onoff']);
$serverlogo_light = safetext($_POST['serverlogo_light']);
$serverlogo_dark = safetext($_POST['serverlogo_dark']);
if(!($serverlogo_onoff === "true")){
$serverlogo_light = "";
$serverlogo_dark = "";
}
$servername = safetext($_POST['servername']);
$serverinfo = safetext($_POST['serverinfo']);
$serveradminname = safetext($_POST['serveradminname']);
$servermailadds = safetext($_POST['servermailadds']);
$onlyuser = safetext($_POST['onlyuser']);
if($onlyuser === "true"){
$saveonlyuser = "true";
}else{
$saveonlyuser = "false";
}
$activitypub = safetext($_POST['activitypub']);
if($activitypub === "true"){
$saveactivitypub = "true";
}else{
$saveactivitypub = "false";
}
$migration = safetext($_POST['migration']);
if($migration === "true"){
$savemigration = "true";
}else{
$savemigration = "false";
}
$postrobots = safetext($_POST['robots']);
if($postrobots === "true"){
//GPTBotによるクロールを拒否
$file = fopen($robots, 'w');
$data = "User-agent: GPTBot\nDisallow: /";
fputs($file, $data);
fclose($file);
}else{
//GPTBotによるクロールを許可
$file = fopen($robots, 'w');
$data = "";
fputs($file, $data);
fclose($file);
}
$serverterms = safetext($_POST['serverterms']);
$serverprv = safetext($_POST['serverprv']);
$server_new_settings = '
;サーバーの基本情報
[serverinfo]
;サーバー名
server_name = "'.$servername.'"
;サーバーアイコンのアドレス
server_icon = "'.$servericon.'"
;サーバーヘッダーのアドレス
server_head = "'.$serverhead.'"
;サーバーロゴのアドレス
server_logo_home = "'.$serverlogo_light.'"
server_logo_login = "'.$serverlogo_dark.'"
;管理者関係
server_admin = "'.$serveradminname.'"
server_admin_mailadds = "'.$servermailadds.'"
;招待のオンオフ
server_invitation = "'.$saveonlyuser.'"
server_activitypub = "'.$saveactivitypub.'"
;アカウントの移行登録を許可するか
server_account_migration = "'.$savemigration.'"
';
//サーバー設定上書き
$file = fopen($serversettings_file, 'w');
$data = $server_new_settings;
fputs($file, $data);
fclose($file);
//鯖紹介
$file = fopen($serverinfofile, 'w');
$data = $serverinfo;
fputs($file, $data);
fclose($file);
//利用規約
$file = fopen($servertermsfile, 'w');
$data = $serverterms;
fputs($file, $data);
fclose($file);
//プライバシーポリシー
$file = fopen($serverprvfile, 'w');
$data = $serverprv;
fputs($file, $data);
fclose($file);
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>サーバー設定 - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>サーバー設定</h1>
<!--(サーバーアイコン)-->
<?php if( !empty($serversettings["serverinfo"]["server_head"]) ){ ?>
<div class="serverhead_set">
<img src="<?php echo safetext($serversettings["serverinfo"]["server_head"]); ?>">
</div>
<?php }?>
<?php if( !empty($serversettings["serverinfo"]["server_icon"]) ){ ?>
<div class="servericon">
<?php if( !empty($serversettings["serverinfo"]["server_head"]) ){ ?>
<div class="up">
<img src="<?php echo safetext($serversettings["serverinfo"]["server_icon"]); ?>">
</div>
<?php }else{?>
<img src="<?php echo safetext($serversettings["serverinfo"]["server_icon"]); ?>">
<?php }?>
</div>
<?php }?>
<!--(サーバーアイコンここまで)-->
<div>
<p>サーバーアイコン</p>
<div class="p2">サーバー登録画面などに表示されます。<br>自動的に角が丸くなります。<br>URLより設定してください。(設定しなくても大丈夫です。)</div>
<input id="servericon" placeholder="https://~" class="inbox" type="text" name="servericon" value="<?php if( !empty($serversettings["serverinfo"]["server_icon"]) ){ echo safetext($serversettings["serverinfo"]["server_icon"]); } ?>">
</div>
<div>
<p>サーバーヘッダー</p>
<div class="p2">サーバー登録画面などに表示されます。<br>自動的に角が丸くなります。<br>URLより設定してください。(設定しなくても大丈夫です。)</div>
<input id="serverhead" placeholder="https://~" class="inbox" type="text" name="serverhead" value="<?php if( !empty($serversettings["serverinfo"]["server_head"]) ){ echo safetext($serversettings["serverinfo"]["server_head"]); } ?>">
</div>
<div>
<p>サーバーロゴ機能のオンオフ</p>
<div class="switch_button">
<?php if(!empty($serversettings["serverinfo"]["server_logo_home"]&&$serversettings["serverinfo"]["server_logo_login"])){?>
<input id="serverlogo_onoff" class="switch_input" type='checkbox' name="serverlogo_onoff" value="true" checked/>
<label for="serverlogo_onoff" class="switch_label"></label>
<?php }else{?>
<input id="serverlogo_onoff" class="switch_input" type='checkbox' name="serverlogo_onoff" value="true" />
<label for="serverlogo_onoff" class="switch_label"></label>
<?php }?>
</div>
</div>
<div id="serverlogo">
<p>サーバーロゴ</p>
<div class="p2">サーバーの左上に表示されているuwuzuのロゴを独自のロゴに置き換えるときに使用します。<br>自動的に角が丸くなります。<br>URLより設定してください。<br>背景透過画像を推奨します。</div>
<div class="p2">ログイン後のロゴ</div>
<input id="serverlogo" placeholder="https://~" class="inbox" type="text" name="serverlogo_light" value="<?php if( !empty($serversettings["serverinfo"]["server_logo_home"]) ){ echo safetext($serversettings["serverinfo"]["server_logo_home"]); } ?>">
<div class="p2">ログイン画面と利用規約などドキュメントページのロゴ</div>
<input id="serverlogo" placeholder="https://~" class="inbox" type="text" name="serverlogo_dark" value="<?php if( !empty($serversettings["serverinfo"]["server_logo_login"]) ){ echo safetext($serversettings["serverinfo"]["server_logo_login"]); } ?>">
</div>
<script>
if ($("#serverlogo_onoff").prop("checked")) {
$('#serverlogo').show();
}else{
$('#serverlogo').hide();
}
$('#serverlogo_onoff').change(function(){
$('#serverlogo').toggle();
});
</script>
<div>
<p>サーバー名</p>
<div class="p2">サーバー名です。</div>
<input id="servername" placeholder="uwuzuさ~ば~" class="inbox" type="text" name="servername" value="<?php if( !empty($serversettings["serverinfo"]["server_name"]) ){ echo safetext($serversettings["serverinfo"]["server_name"]); } ?>">
</div>
<div>
<p>サーバー紹介メッセージ</p>
<div class="p2">サーバーの紹介メッセージです。</div>
<textarea id="serverinfo" placeholder="たのしいさーばーです" class="inbox" type="text" name="serverinfo"><?php $sinfo = explode("\n", $serverinfo); foreach ($sinfo as $info) { echo $info; }?></textarea>
</div>
<div>
<p>サーバー管理者の名前</p>
<div class="p2">サーバー管理者名です。</div>
<input id="serveradminname" placeholder="わたし" class="inbox" type="text" name="serveradminname" value="<?php if( !empty($serversettings["serverinfo"]["server_admin"]) ){ echo safetext($serversettings["serverinfo"]["server_admin"]); } ?>">
</div>
<div>
<p>サーバーへのお問い合わせ用メールアドレス</p>
<div class="p2">ユーザーからのお問い合わせメアドです。</div>
<input id="servermailadds" placeholder="" class="inbox" type="text" name="servermailadds" value="<?php if( !empty($serversettings["serverinfo"]["server_admin_mailadds"]) ){ echo safetext($serversettings["serverinfo"]["server_admin_mailadds"]); } ?>">
</div>
<div>
<p>招待制にするかどうか</p>
<div class="switch_button">
<?php if($serversettings["serverinfo"]["server_invitation"] === "true"){?>
<input id="onlyuser" class="switch_input" type='checkbox' name="onlyuser" value="true" checked/>
<label for="onlyuser" class="switch_label"></label>
<?php }else{?>
<input id="onlyuser" class="switch_input" type='checkbox' name="onlyuser" value="true" />
<label for="onlyuser" class="switch_label"></label>
<?php }?>
</div>
</div>
<div>
<p>アカウントの移行登録を許可するか</p>
<div class="p2">他のuwuzuサーバーからのアカウント移行を許可するかです。<br>このサーバーが招待制の場合移行登録にも招待コードが必要となります。</div>
<div class="switch_button">
<?php if($serversettings["serverinfo"]["server_account_migration"] === "true"){?>
<input id="migration" class="switch_input" type='checkbox' name="migration" value="true" checked/>
<label for="migration" class="switch_label"></label>
<?php }else{?>
<input id="migration" class="switch_input" type='checkbox' name="migration" value="true" />
<label for="migration" class="switch_label"></label>
<?php }?>
</div>
</div>
<div>
<p>OpenAIによるクロールを拒否するかどうか<br>※robots.txtによりOpenAIからのクロールを拒否するものであり、他のAI企業によるクロールを完全拒否するものではございません。</p>
<div class="switch_button">
<?php if(file_get_contents($robots) === "User-agent: GPTBot\nDisallow: /"){?>
<input id="robots" class="switch_input" type='checkbox' name="robots" value="true" checked/>
<label for="robots" class="switch_label"></label>
<?php }else{?>
<input id="robots" class="switch_input" type='checkbox' name="robots" value="true" />
<label for="robots" class="switch_label"></label>
<?php }?>
</div>
</div>
<div>
<p>ActivityPubサーバーとして認識されるようにするか</p>
<div class="p2">ActivityPubの仮実装をオンにするかです。inboxに入ってきた内容には今現在これといったレスポンスを返しません。<br>また、publicKeyも返却しません。<br>現状ActivityPubサーバーと連合を組むことは出来ません。(リモートユーザーの確認程度なら出来ます。)<br>オフの状態だと410 Goneを返します。</div>
<div class="switch_button">
<?php if($serversettings["serverinfo"]["server_activitypub"] === "true"){?>
<input id="activitypub" class="switch_input" type='checkbox' name="activitypub" value="true" checked/>
<label for="activitypub" class="switch_label"></label>
<?php }else{?>
<input id="activitypub" class="switch_input" type='checkbox' name="activitypub" value="true" />
<label for="activitypub" class="switch_label"></label>
<?php }?>
</div>
</div>
<div>
<p>利用規約</p>
<textarea id="serverterms" placeholder="しっかり書きましょう" class="inbox" type="text" name="serverterms"><?php $sinfo = explode("\n", $serverterms); foreach ($sinfo as $info) { echo $info; }?></textarea>
</div>
<div>
<p>プライバシーポリシー</p>
<textarea id="serverprv" placeholder="しっかり書きましょう" class="inbox" type="text" name="serverprv"><?php $sinfo = explode("\n", $serverprv); foreach ($sinfo as $info) { echo $info; }?></textarea>
</div>
<input type="submit" class = "irobutton" name="btn_submit" value="保存&更新">
</form>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
</html>
settings_admin/settings_left_menu.php
+16
View File
@@ -0,0 +1,16 @@
<?php ?>
<div class="admin_left">
<a href="overview_admin" class="admin_leftbtn">概要</a>
<a href="serveradmin" class="admin_leftbtn">サーバー設定</a>
<a href="useradmin" class="admin_leftbtn">ユーザー管理</a>
<a href="codeadmin" class="admin_leftbtn">招待コード発行所</a>
<a href="role_admin" class="admin_leftbtn">ロール</a>
<a href="addemoji_admin" class="admin_leftbtn">絵文字登録</a>
<a href="ad_admin" class="admin_leftbtn">広告</a>
<a href="moderation_admin" class="admin_leftbtn">モデレーション</a>
<a href="customize_admin" class="admin_leftbtn">カスタマイズ</a>
<a href="maintenance_admin" class="admin_leftbtn">メンテナンス</a>
<a href="plugin_admin" class="admin_leftbtn">プラグイン</a>
<a href="update_admin" class="admin_leftbtn">アップデート</a>
</div>
<?php ?>
settings_admin/update_admin.php
+355
View File
@@ -0,0 +1,355 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($_POST['update_submit']) ) {
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['extract_path'])) {
$extractPath = safetext($_POST['extract_path']);
// JSONファイルの再読み込み
$jsonFile = $extractPath . '/update.json';
if (file_exists($jsonFile)) {
$jsonData = json_decode(file_get_contents($jsonFile), true);
if (json_last_error() === JSON_ERROR_NONE) {
// 上書きファイルの処理
if(!(empty($jsonData['files']['overwrite']))){
foreach ($jsonData['files']['overwrite'] as $file) {
$sourceFile = $extractPath . '/' . $file;
$destinationFile = $_SERVER['DOCUMENT_ROOT'] . '/' . $file;
if (file_exists($sourceFile)) {
copy($sourceFile, $destinationFile);
}else{
$error_message[] = "アップデート元のzipファイルに本来予定されていたファイルがありませんでしたが、アップデート作業は完了しました。(UPDATE_FILE_NOT_FOUND)";
}
}
}
// 削除ファイルの処理
if(!(empty($jsonData['files']['delete']))){
foreach ($jsonData['files']['delete'] as $file) {
$deleteFile = $_SERVER['DOCUMENT_ROOT'] . '/' . $file;
if (file_exists($deleteFile)) {
unlink($deleteFile);
}else{
$error_message[] = "削除予定のファイルがありませんでしたが、アップデート作業は完了しました。(DELETE_FILE_NOT_FOUND)";
}
}
}
} else {
$error_message[] = "update.jsonがうまく読み込めませんでした。(LOADING_ERROR)";
}
} else {
$error_message[] = "update.jsonが見つかりませんでした。(LOADING_ERROR)";
}
if (file_exists($extractPath)) {
if (is_dir($extractPath)) {
deleteDirectory($extractPath);
}
}
} else {
$error_message[] = "不正なリクエストです。(BAD_REQUEST)";
}
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>アップデート - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<div class="formarea">
<h1>アップデート</h1>
<p>ここからuwuzuのアップデートが行えます。<br>
データベースの構造に変更を加える必要のあるアップデートの場合、データベースの構造の変更を手動で行っていただいた後にここからuwuzu自体のアップデートが行えます。<br>
uwuzuは一度アップデートするともとの状態に戻すことはできません。<br>
また、アップデート中に発生したエラーや不具合に関してuwuzu開発者が責任を取ることはできません。</p>
<label class="irobutton" for="file_upload">ファイル選択
<input type="file" id="file_upload" name="zip" accept="application/zip">
</label>
<p id="file_select" style="display:none;">ファイルを選択しました</p>
</div>
<div id="confirm_update" class="formarea" style="display: none;">
<h1>アップデート内容の確認</h1>
<p>アップデート内容を確認してください。</p>
<div class="update_box">
<h1 id="software">ソフトウェア名</h1>
<h2 id="version">version 1.2.3</h2>
<p>リリースノート</p>
<div class="update_text">
<p id="release_notes"></p>
</div>
<p>注意事項</p>
<div class="update_text">
<p id="notices"></p>
</div>
</div>
<form enctype="multipart/form-data" method="post">
<input type="hidden" name="extract_path" id="extract_path" value="">
<input type="submit" class="irobutton" name="update_submit" value="アップデート">
</form>
</div>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
<script>
$(document).ready(function(){
$('#file_upload').change(function(e) {
$('#file_select').show();
var file = $('#file_upload').prop('files')[0];
if (file) {
const formData = new FormData();
formData.append('update_zip', file);
formData.append('userid', "<?php echo $userid ?>");
formData.append('account_id', "<?php echo $loginid ?>");
$.ajax({
url: 'api/update_query.php', // PHPファイルへのパス
method: 'POST',
data: formData,
processData: false, // jQueryが自動的に処理しないようにする
contentType: false, // jQueryが自動的に設定するContent-Typeを無効にする
cache: false,
dataType: 'json',
timeout: 300000,
success: function(response) {
if (response["success"] == true) {
$("#extract_path").val(response["file_path"]);
$("#software").text(response["software_name"]);
$("#version").text(response["version"]);
$("#release_notes").html(response["release_notes"].replace("\n", "<br>"));
$("#notices").html(response["notices"].replace("\n", "<br>"));
$("#confirm_update").show();
} else {
console.log("error1");
}
}.bind(this),
error: function (xhr, textStatus, errorThrown) {
console.log(xhr);
}
});
}
});
});
</script>
</html>
settings_admin/useradmin.php
+376
View File
@@ -0,0 +1,376 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
if( !empty($_POST['btn_submit']) ) {
// 空白除去
$target_userid = safetext(str_replace('@', '', $_POST['target_userid']));
if (!empty($pdo)) {
$rerole = $pdo->prepare("SELECT * FROM account WHERE userid = :userid");
$rerole->bindValue(':userid', $target_userid);
// SQL実行
$rerole->execute();
$userdata = $rerole->fetch(); // ここでデータベースから取得した値を $role に代入する
if(empty($userdata)){
$error_message[] = "ユーザーがいません(USER_NOT_FOUND)";
}else{
$_SESSION['query_userid'] = $userdata["userid"];
// リダイレクト先のURLへ転送する
$url = 'userinfo';
header('Location: ' . $url, true, 303);
// すべての出力を終了
exit;
}
}
}
if( !empty($_POST['report_done']) ) {
$report_id = safetext($_POST['report_id']);
if (!empty($pdo)) {
$dbh = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS, array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true,
));
$newchk = "done";
// トランザクション開始
$pdo->beginTransaction();
try {
$stmt = $pdo->prepare("UPDATE report SET admin_chk = :adchk WHERE uniqid = :uniqid");
$stmt->bindValue(':adchk', $newchk, PDO::PARAM_STR);
$stmt->bindValue(':uniqid', $report_id , PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
if ($res) {
$url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:".$url."");
exit;
} else {
$error_message[] = '発行に失敗しました。(REGISTERED_DAME)';
}
} catch (Exception $e) {
$error_message[] = "えらー(ERROR)";
// エラーが発生した時はロールバック
$pdo->rollBack();
}
}
}
require('../logout/logout.php');
if(isset($_GET['q'])){
$keyword = safetext($_GET['q']);
}else{
$keyword = "";
}
if (!empty($pdo)) {
$sql = "SELECT * FROM report WHERE admin_chk = 'none' ORDER BY datetime DESC";
$allreport = $pdo->query($sql);
while ($row = $allreport->fetch(PDO::FETCH_ASSOC)) {
$reports[] = $row;
}
}
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>ユーザー管理 - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<form class="formarea" enctype="multipart/form-data" method="post">
<h1>ユーザー管理</h1>
<div>
<p>ユーザーID</p>
<input id="target_userid" placeholder="admin" class="inbox" type="text" name="target_userid" value="<?php if( !empty($keyword) ){ echo safetext($keyword); } ?>">
</div>
<input type="submit" class = "irobutton" name="btn_submit" value="検索">
<section class="inner">
<div id="postContainer">
</div>
</section>
<div id="loading" class="loading" style="display: none;">
🤔
</div>
<hr>
</form>
<div class="formarea">
<h1>通報</h1>
<?php if(!(empty($reports))){?>
<?php foreach ($reports as $value) {?>
<div class="server_code">
<details>
<summary>@<?php if( !empty($value["userid"]) ){ echo safetext($value["userid"]); }?></summary>
<hr>
<p>通報先アカウント名:@<?php echo safetext($value["userid"]);?></p>
<p>通報元アカウント名:@<?php echo safetext($value["report_userid"]);?></p>
<hr>
<p>通報元アカウントよりメッセージ</p>
<p><?php echo nl2br(safetext($value["msg"]));?></p>
<hr>
<p>通報日時:<?php echo safetext($value["datetime"]);?></p>
<hr>
<p>アカウント操作を行う場合は上の「ユーザーID」にアカウントをしたいユーザーIDを入れて対応してください。</p>
<form enctype="multipart/form-data" method="post">
<div class="delbox">
<p>解決ボタンを押すとこの件は解決済みとなります。</p>
<input type="text" name="report_id" value="<?php echo safetext($value["uniqid"]);?>" style="display:none;" >
<input type="submit" name="report_done" class="delbtn" value="解決">
</div>
</form>
</details>
</div>
<?php }?>
<?php }else{?>
<p>通報されたアカウントはありません。</p>
<?php }?>
</div>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
</html>
settings_admin/userinfo.php
+815
View File
@@ -0,0 +1,815 @@
<?php
$serversettings_file = "../server/serversettings.ini";
$serversettings = parse_ini_file($serversettings_file, true);
function random_code($length = 8){
return substr(str_shuffle('1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, $length);
}
require('../db.php');
require("../function/function.php");
// 変数の初期化
$datetime = array();
$user_name = null;
$message = array();
$message_data = null;
$error_message = array();
$pdo = null;
$stmt = null;
$res = null;
$option = null;
session_name('uwuzu_s_id');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'secure' => true,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
session_regenerate_id(true);
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_SESSION['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_SESSION['loginid'] === $res["loginid"] && $_SESSION['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // セッションに格納されている値をそのままセット
$username = safetext($res['username']); // セッションに格納されている値をそのままセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid, [
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) {
$passQuery = $pdo->prepare("SELECT username,userid,loginid,follow,admin,role,sacinfo,blocklist FROM account WHERE userid = :userid");
$passQuery->bindValue(':userid', safetext($_COOKIE['userid']));
$passQuery->execute();
$res = $passQuery->fetch();
if(empty($res["userid"])){
header("Location: ../login.php");
exit;
}elseif($_COOKIE['loginid'] === $res["loginid"] && $_COOKIE['userid'] == $res["userid"]){
// セッションに値をセット
$userid = safetext($res['userid']); // クッキーから取得した値をセット
$username = safetext($res['username']); // クッキーから取得した値をセット
$loginid = safetext($res["loginid"]);
$role = safetext($res["role"]);
$sacinfo = safetext($res["sacinfo"]);
$myblocklist = safetext($res["blocklist"]);
$myfollowlist = safetext($res["follow"]);
$_SESSION['admin_login'] = true;
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $username;
$_SESSION['loginid'] = $res["loginid"];
setcookie('userid', $userid,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('username', $username,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('loginid', $res["loginid"],[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
setcookie('admin_login', true,[
'expires' => time() + 60 * 60 * 24 * 14,
'path' => '/',
'samesite' => 'lax',
'secure' => true,
'httponly' => true,
]);
}else{
header("Location: ../login.php");
exit;
}
} else {
// ログインが許可されていない場合、ログインページにリダイレクト
header("Location: ../login.php");
exit;
}
if(empty($userid)){
header("Location: ../login.php");
exit;
}
if(empty($username)){
header("Location: ../login.php");
exit;
}
if(!($res["admin"] === "yes")){
header("Location: ../login.php");
exit;
}
if(empty($_SESSION["query_userid"])){
header("Location: useradmin");
exit;
}
$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'");
$notiQuery->bindValue(':userid', $userid);
$notiQuery->execute();
$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC);
$notificationcount = $notiData['notification_count'];
//phpmailer--------------------------------------------
require('plugin_settings/phpmailer_settings.php');
require('plugin_settings/phpmailer_sender.php');
//------------------------------------------------------
if (!empty($pdo)) {
$userQuery = $pdo->prepare("SELECT * FROM account WHERE userid = :userid");
$userQuery->bindValue(':userid', $_SESSION["query_userid"]);
$userQuery->execute();
$userdata = $userQuery->fetch();
if(!(empty($userdata["encryption_ivkey"]))){
$view_mailadds = DecryptionUseEncrKey($userdata["mailadds"], GenUserEnckey($userdata["datetime"]), $userdata["encryption_ivkey"]);
}else{
$view_mailadds = $userdata["mailadds"];
}
$roles = explode(',', $userdata["role"]);
$roleDataArray = array();
foreach ($roles as $roleId) {
$rerole = $pdo->prepare("SELECT rolename, roleauth, rolecolor, roleeffect FROM role WHERE roleidname = :role");
$rerole->bindValue(':role', $roleId);
$rerole->execute();
$roleDataArray[$roleId] = $rerole->fetch();
}
$followIds = explode(',', $userdata['follow']);
$followCount = count($followIds)-1;
$followerIds = explode(',', $userdata['follower']);
$followerCount = count($followerIds)-1;
$result = $pdo->prepare("SELECT ueuse FROM ueuse WHERE account = :userid ORDER BY datetime");
$result->bindValue(':userid', $userdata["userid"]);
$result->execute();
$upload_cnt1 = $result->rowCount();
}
if( !empty($_POST['send_ice_submit']) ) {
$notice_msg = $_POST['notice_msg'];
$newrole = "ice";
$newtoken = "ice";
$newadmin = "none";
// トランザクション開始
$pdo->beginTransaction();
try {
$touserid = safetext($userdata['userid']);
// SQL作成
$stmt = $pdo->prepare("UPDATE account SET role = :role,token = :newtoken,admin = :newadmin WHERE userid = :userid");
$stmt->bindValue(':role', $newrole, PDO::PARAM_STR);
$stmt->bindValue(':newtoken', $newtoken, PDO::PARAM_STR);
$stmt->bindValue(':newadmin', $newadmin, PDO::PARAM_STR);
$stmt->bindValue(':userid', $touserid, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch (Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
//凍結通知メール
if(false !== strpos($userdata["mail_settings"], 'important')) {
if(!empty(MAIL_CHKS)){
if(MAIL_CHKS == "true"){
if( !empty($view_mailadds) ){
if(filter_var($view_mailadds, FILTER_VALIDATE_EMAIL)){
$mail_title = "お使いの".safetext($serversettings["serverinfo"]["server_name"])."アカウントは凍結されました";
$mail_text = "".$userdata["username"]."(".$userdata["userid"].")さん いつもuwuzuをご利用いただきありがとうございます。 ご利用のアカウント(".$userdata["userid"].")が".safetext($serversettings["serverinfo"]["server_name"])."管理者により凍結されたためお知らせいたします。 サービス管理者からのメッセージは以下のものです。 ". $notice_msg ." 異議申し立てする場合は[".safetext($serversettings["serverinfo"]["server_admin_mailadds"])."]まで異議申し立てをする旨を記載し送信をしてください。";
$error_message[] = send_html_mail($view_mailadds,$mail_title,$mail_text,"../");
}
}
}
}
}
//------------
$pdo->beginTransaction();
try {
$touserid = safetext($userdata['userid']);
$datetime = safetext(date("Y-m-d H:i:s"));
$msg = safetext("サービス管理者からのメッセージは以下のものです。\n" . $notice_msg . "\n異議申し立てする場合は連絡用メールに異議申し立てをする旨を記載し送信をしてください。");
$title = safetext("🧊お使いのアカウントは凍結されました。🧊");
$url = safetext("/rule/serverabout");
$userchk = 'none';
$fromuserid ="uwuzu-fromsys";
// 通知用SQL作成
$stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title)");
$stmt->bindParam(':fromuserid', $fromuserid, PDO::PARAM_STR);
$stmt->bindParam(':touserid', $touserid, PDO::PARAM_STR);
$stmt->bindParam(':msg', $msg, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':userchk', $userchk, PDO::PARAM_STR);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res2 = $stmt->execute();
// コミット
$res2 = $pdo->commit();
} catch(Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if ($res) {
header("Location:useradmin");
exit;
} else {
$error_message[] = '凍結に失敗しました。(USER_ICE_DAME)';
}
}
if( !empty($_POST['send_water_submit']) ) {
$newrole = "user";
$newtoken = "";
$newadmin = "none";
// トランザクション開始
$pdo->beginTransaction();
try {
$touserid = safetext($userdata['userid']);
// SQL作成
$stmt = $pdo->prepare("UPDATE account SET role = :role,token = :newtoken,admin = :newadmin WHERE userid = :userid");
$stmt->bindValue(':role', $newrole, PDO::PARAM_STR);
$stmt->bindValue(':newtoken', $newtoken, PDO::PARAM_STR);
$stmt->bindValue(':newadmin', $newadmin, PDO::PARAM_STR);
$stmt->bindValue(':userid', $touserid, PDO::PARAM_STR);
// SQLクエリの実行
$res = $stmt->execute();
// コミット
$res = $pdo->commit();
} catch (Exception $e) {
$error_message[] = "えらー(ERROR)";
// エラーが発生した時はロールバック
$pdo->rollBack();
}
//凍結通知メール
if(false !== strpos($userdata["mail_settings"], 'important')) {
if(!empty(MAIL_CHKS)){
if(MAIL_CHKS == "true"){
if( !empty($view_mailadds) ){
if(filter_var($view_mailadds, FILTER_VALIDATE_EMAIL)){
$mail_title = "お使いの".safetext($serversettings["serverinfo"]["server_name"])."アカウントは解凍されました!";
$mail_text = "".$userdata["username"]."(".$userdata["userid"].")さん いつもuwuzuをご利用いただきありがとうございます。 ご利用のアカウント(".$userdata["userid"].")が解凍されたためお知らせいたします。 今後、ご利用のuwuzuアカウントは今まで通りご利用いただけます。 また、APIを使用している方はAPIのトークンがリセットされているため再度トークンを発行してご利用ください。";
$error_message[] = send_html_mail($view_mailadds,$mail_title,$mail_text,"../");
}
}
}
}
}
//------------
$pdo->beginTransaction();
try {
$touserid = safetext($userdata['userid']);
$datetime = safetext(date("Y-m-d H:i:s"));
$msg = safetext("サービス管理者によりお使いのアカウントは解凍されました!\n今まで通りご利用いただけます。\nなお、APIを使用している方はAPIのトークンがリセットされているため再度トークンを発行してご利用ください。");
$title = safetext("🫗お使いのアカウントが解凍されました!🫗");
$url = safetext("/home");
$userchk = 'none';
$fromuserid ="uwuzu-fromsys";
// 通知用SQL作成
$stmt = $pdo->prepare("INSERT INTO notification (fromuserid, touserid, msg, url, datetime, userchk, title) VALUES (:fromuserid, :touserid, :msg, :url, :datetime, :userchk, :title)");
$stmt->bindParam(':fromuserid', $fromuserid, PDO::PARAM_STR);
$stmt->bindParam(':touserid', $touserid, PDO::PARAM_STR);
$stmt->bindParam(':msg', $msg, PDO::PARAM_STR);
$stmt->bindParam(':url', $url, PDO::PARAM_STR);
$stmt->bindParam(':userchk', $userchk, PDO::PARAM_STR);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':datetime', $datetime, PDO::PARAM_STR);
// SQLクエリの実行
$res2 = $stmt->execute();
// コミット
$res2 = $pdo->commit();
} catch(Exception $e) {
$error_message[] = "えらー(ERROR)";
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if ($res) {
header("Location:useradmin");
exit;
} else {
$error_message[] = '解凍に失敗しました。(USER_WATER_DAME)';
}
}
if( !empty($_POST['send_ban_submit']) ) {
$userId2 = $userdata['userid']; // 削除対象のユーザーID
$folderPath = "../ueuseimages/"; // フォルダのパス
// 指定したフォルダ内でユーザーIDを含むファイルを検索
$filesToDelete = glob($folderPath . "*-$userId2.*"); // 「-ユーザーID.拡張子」というパターンを検索
// ファイルを順に削除
foreach ($filesToDelete as $file) {
if (is_file($file)) {
unlink($file); // ファイルを削除
}
}
$folderPath2 = "../ueusevideos/"; // フォルダのパス
// 指定したフォルダ内でユーザーIDを含むファイルを検索
$filesToDelete2 = glob($folderPath2 . "*-$userId2.*"); // 「-ユーザーID.拡張子」というパターンを検索
// ファイルを順に削除
foreach ($filesToDelete2 as $file2) {
if (is_file($file2)) {
unlink($file2); // ファイルを削除
}
}
$folderPath3 = "../usericons/"; // フォルダのパス
// 指定したフォルダ内でユーザーIDを含むファイルを検索
$filesToDelete3 = glob($folderPath3 . "*-$userId2.*"); // 「-ユーザーID.拡張子」というパターンを検索
// ファイルを順に削除
foreach ($filesToDelete3 as $file3) {
if (is_file($file3)) {
unlink($file3); // ファイルを削除
}
}
$folderPath4 = "../userheads/"; // フォルダのパス
// 指定したフォルダ内でユーザーIDを含むファイルを検索
$filesToDelete4 = glob($folderPath4 . "*-$userId2.*"); // 「-ユーザーID.拡張子」というパターンを検索
// ファイルを順に削除
foreach ($filesToDelete4 as $file4) {
if (is_file($file4)) {
unlink($file4); // ファイルを削除
}
}
try {
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS);
// 投稿削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM ueuse WHERE account = :userid");
$deleteQuery->bindValue(':userid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// アカウント削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM account WHERE userid = :userid");
$deleteQuery->bindValue(':userid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// 通知削除クエリを実行
$deleteQuery = $pdo->prepare("DELETE FROM notification WHERE touserid = :touserid");
$deleteQuery->bindValue(':touserid', $userId2, PDO::PARAM_STR);
$res = $deleteQuery->execute();
// ユーザーIDを削除したい全てのアカウントを取得
$query = $pdo->prepare("SELECT * FROM account WHERE follow LIKE :pattern1 OR follow LIKE :pattern2 OR follow LIKE :pattern3 OR follower LIKE :pattern1 OR follower LIKE :pattern2 OR follower LIKE :pattern3");
$query->bindValue(':pattern1', "%,$userid,%", PDO::PARAM_STR);
$query->bindValue(':pattern2', "%,$userid", PDO::PARAM_STR);
$query->bindValue(':pattern3', "$userid,%", PDO::PARAM_STR);
$query->execute();
$accounts = $query->fetchAll();
foreach ($accounts as $account) {
// フォローの更新
if (strpos($account['follow'], ",$userid,") !== false || strpos($account['follow'], ",$userid") !== false || strpos($account['follow'], "$userid,") !== false) {
$followList = explode(',', $account['follow']);
$followList = array_diff($followList, array($userid));
$newFollowList = implode(',', $followList);
$updateFollowQuery = $pdo->prepare("UPDATE account SET follow = :follow WHERE userid = :userid");
$updateFollowQuery->bindValue(':follow', $newFollowList, PDO::PARAM_STR);
$updateFollowQuery->bindValue(':userid', $account['userid'], PDO::PARAM_STR);
$updateFollowQuery->execute();
}
// フォロワーの更新
if (strpos($account['follower'], ",$userid,") !== false || strpos($account['follower'], ",$userid") !== false || strpos($account['follower'], "$userid,") !== false) {
$followerList = explode(',', $account['follower']);
$followerList = array_diff($followerList, array($userid));
$newFollowerList = implode(',', $followerList);
$updateFollowerQuery = $pdo->prepare("UPDATE account SET follower = :follower WHERE userid = :userid");
$updateFollowerQuery->bindValue(':follower', $newFollowerList, PDO::PARAM_STR);
$updateFollowerQuery->bindValue(':userid', $account['userid'], PDO::PARAM_STR);
$updateFollowerQuery->execute();
}
}
$query = $pdo->prepare("SELECT * FROM ueuse WHERE favorite LIKE :pattern1 OR favorite LIKE :pattern2 OR favorite LIKE :pattern3");
$query->bindValue(':pattern1', "%,$userid,%", PDO::PARAM_STR);
$query->bindValue(':pattern2', "%,$userid", PDO::PARAM_STR);
$query->bindValue(':pattern3', "$userid,%", PDO::PARAM_STR);
$query->execute();
$accounts = $query->fetchAll();
foreach ($accounts as $account) {
// いいねの更新
if (strpos($account['favorite'], ",$userid,") !== false || strpos($account['favorite'], ",$userid") !== false || strpos($account['favorite'], "$userid,") !== false) {
$favoriteList = explode(',', $account['favorite']);
$favoriteList = array_diff($favoriteList, array($userid));
$newFavoriteList = implode(',', $favoriteList);
$updateFavoriteQuery = $pdo->prepare("UPDATE ueuse SET favorite = :favorite WHERE uniqid = :uniqid");
$updateFavoriteQuery->bindValue(':favorite', $newFavoriteList, PDO::PARAM_STR);
$updateFavoriteQuery->bindValue(':uniqid', $account['uniqid'], PDO::PARAM_STR);
$updateFavoriteQuery->execute();
}
}
//BAN通知メール
if(false !== strpos($userdata["mail_settings"], 'important')) {
if(!empty(MAIL_CHKS)){
if(MAIL_CHKS == "true"){
if( !empty($view_mailadds) ){
if(filter_var($view_mailadds, FILTER_VALIDATE_EMAIL)){
$mail_title = "お使いの".safetext($serversettings["serverinfo"]["server_name"])."アカウントはBANされました";
$mail_text = "".$userdata["username"]."(".$userdata["userid"].")さん いつもuwuzuをご利用いただきありがとうございます。 この度、ご利用のアカウント(".$userdata["userid"].")が".safetext($serversettings["serverinfo"]["server_name"])."管理者によりBAN(削除)されたためお知らせいたします。 今後は今までご利用いただいた".safetext($serversettings["serverinfo"]["server_name"])."アカウントは利用できません。 ".safetext($serversettings["serverinfo"]["server_name"])."サーバー上から今までご利用いただいていたアカウントの情報は削除されたためログインなどもできません。 ご理解とご協力のほどよろしくお願いします。";
$error_message[] = send_html_mail($view_mailadds,$mail_title,$mail_text,"../");
}
}
}
}
}
//------------
} catch (Exception $e) {
// エラーが発生した時はロールバック
$pdo->rollBack();
}
if ($res) {
header("Location:useradmin");
exit;
} else {
$error_message[] = 'アカウント削除に失敗しました。(ACCOUNT_DELETE_DAME)';
}
// プリペアドステートメントを削除
$stmt = null;
}
require('../logout/logout.php');
?>
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="../css/home.css">
<script src="../js/jquery-min.js"></script>
<script src="../js/unsupported.js"></script>
<script src="../js/console_notice.js"></script>
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="apple-touch-icon" type="image/png" href="../favicon/apple-touch-icon-180x180.png">
<link rel="icon" type="image/png" href="../favicon/icon-192x192.png">
<title>ユーザー管理 - <?php echo safetext($serversettings["serverinfo"]["server_name"]);?></title>
</head>
<body>
<?php require('../require/leftbox.php');?>
<main>
<?php if( !empty($error_message) ): ?>
<ul class="errmsg">
<?php foreach( $error_message as $value ): ?>
<p>・ <?php echo $value; ?></p>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<div class="admin_settings">
<?php require('settings_left_menu.php');?>
<div class="admin_right">
<div class="admin_userinfo">
<div class="icon">
<img src="<?php echo safetext('../'.$userdata['iconname']); ?>">
<div class="tatext">
<h2><?php echo safetext($userdata['username']); ?></h2>
<p>@<?php echo safetext($userdata['userid']); ?></p>
</div>
</div>
<div class="roleboxes">
<?php foreach ($roles as $roleId): ?>
<?php $roleData = $roleDataArray[$roleId]; ?>
<?php
if(safetext($roleData["roleeffect"]) == '' || safetext($roleData["roleeffect"]) == 'none'){
$role_view_effect = "";
}elseif(safetext($roleData["roleeffect"]) == 'shine'){
$role_view_effect = "shine";
}elseif(safetext($roleData["roleeffect"]) == 'rainbow'){
$role_view_effect = "rainbow";
}else{
$role_view_effect = "";
}
?>
<div class="rolebox <?php echo safetext($role_view_effect); ?>" style="border: 1px solid <?php echo '#' . safetext($roleData["rolecolor"]); ?>;">
<p style="color: <?php echo '#' . $roleData["rolecolor"]; ?>;">
<?php if (!empty($roleData["rolename"])) { echo safetext($roleData["rolename"]); }else{ echo("ロールが正常に設定されていません。");} ?>
</p>
</div>
<?php endforeach; ?>
</div>
<div class="profile">
<div class="p2">プロフィール</div>
<p><?php echo nl2br(safetext($userdata["profile"])); ?></p>
</div>
<hr>
<div class="about">
<div class="p2">メールアドレス</div>
<p><?php if( !empty($view_mailadds) ){ echo safetext($view_mailadds); }else{echo "未設定";} ?></p>
<hr>
<div class="p2">二段階認証</div>
<p><?php if( !empty($userdata["authcode"]) ){ echo "設定済み";}else{echo "未設定";} ?></p>
<hr>
<div class="p2">管理者権限</div>
<p><?php if( !empty($userdata["admin"] === "yes") ){ echo "あり";}else{echo "なし";} ?></p>
<hr>
<div class="p2">フォロー数</div>
<p><?php if( $followCount > 0 ){ echo safetext($followCount);}else{echo "なし";} ?></p>
<div class="p2">フォロワー数</div>
<p><?php if( $followerCount > 0 ){ echo safetext($followerCount);}else{echo "なし";} ?></p>
<hr>
<div class="p2">投稿数</div>
<p><?php if( $upload_cnt1 > 0 ){ echo $upload_cnt1;}else{echo "なし";} ?></p>
<hr>
<div class="p2">アカウント登録日時</div>
<p><?php echo safetext($userdata["datetime"]); ?></p>
<hr>
<div class="p2">アカウント操作</div>
<div class="banzone">
<?php if($roleId === "ice"){?>
<button id="water" class="waterbtn">解凍</button>
<?php }else{?>
<button id="ice" class="icebtn">凍結</button>
<?php }?>
<button id="ban" class="banbtn">BAN</button>
</div>
</div>
</div>
</div>
</div>
<div id="account_IceModal" class="modal">
<div class="modal-content">
<h1>このアカウントを凍結しますか?</h1>
<p><?php echo safetext($userdata['username']); ?>さんのアカウントを凍結しますか?<br>凍結すると<?php echo safetext($userdata['username']); ?>さんは以下のことができなくなります。<br>・投稿<br>・追記<br>・フォロー<br>・返信<br>・管理者権限の利用(管理者権限を持っていた場合)<br>・APIの使用(トークンがリセットされます)<br>また、以下の欄に入力した内容が個別メッセージとして通知欄に表示されます。<br><?php echo safetext($userdata['username']); ?>さんは異議申し立てが可能です。</p>
<form method="post" id="deleteForm">
<textarea id="notice_msg" placeholder="<?php echo safetext($userdata['username']); ?>さんへのメッセージ" name="notice_msg"></textarea>
<div class="btn_area">
<input type="submit" id="deleteButton" class="fbtn_no" name="send_ice_submit" value="凍結">
<input type="button" id="cancelButton" class="fbtn" value="キャンセル">
</div>
</form>
</div>
</div>
<div id="account_BanModal" class="modal">
<div class="modal-content">
<h1>このアカウントをBANしますか?</h1>
<p><?php echo safetext($userdata['username']); ?>さんのアカウントをBANしますか?<br>BANすると<?php echo safetext($userdata['username']); ?>さんのアカウントとは削除されます。<br>また、以下のデータも削除されます。<br>・アカウントに紐づいている画像や写真データ<br>・投稿<br>・フォロー情報やいいね情報<br>・APIトークン<br>・アカウントのメールアドレス<br>・その他アカウントに関連している情報<br>また、すぐに削除されるため本人に削除通知を送ることは出来ません。<br><?php echo safetext($userdata['username']); ?>さんのアカウントを削除する場合は「BAN」を押してください。<br>アカウントの復旧は出来ません。</p>
<form class="btn_area" method="post" id="deleteForm">
<input type="submit" id="deleteButton2" class="fbtn_no" name="send_ban_submit" value="BAN">
<input type="button" id="cancelButton2" class="fbtn" value="キャンセル">
</form>
</div>
</div>
<div id="account_WaterModal" class="modal">
<div class="modal-content">
<h1>このアカウントを解凍しますか?</h1>
<p><?php echo safetext($userdata['username']); ?>さんのアカウントを解凍しますか?<br>凍結すると<?php echo safetext($userdata['username']); ?>さんは今まで通りアカウントを使用できます。</p>
<form method="post" id="deleteForm">
<div class="btn_area">
<input type="submit" id="deleteButton3" class="fbtn_no" name="send_water_submit" value="解凍">
<input type="button" id="cancelButton3" class="fbtn" value="キャンセル">
</div>
</form>
</div>
</div>
</main>
<?php require('../require/rightbox.php');?>
<?php require('../require/botbox.php');?>
<?php require('../require/noscript_modal.php');?>
</body>
<script>
$(document).ready(function() {
var modal3 = document.getElementById('account_WaterModal');
var deleteButton3 = document.getElementById('deleteButton3');
var cancelButton3 = document.getElementById('cancelButton3'); // 追加
var modalMain = $('.modal-content');
$(document).on('click', '.waterbtn', function (event) {
modal3.style.display = 'block';
modalMain.addClass("slideUp");
modalMain.removeClass("slideDown");
deleteButton3.addEventListener('click', () => {
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal3.style.display = 'none';
}, 150);
});
cancelButton3.addEventListener('click', () => { // 追加
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal3.style.display = 'none';
}, 150);
});
});
var modal = document.getElementById('account_IceModal');
var deleteButton = document.getElementById('deleteButton');
var cancelButton = document.getElementById('cancelButton'); // 追加
var modalMain = $('.modal-content');
$(document).on('click', '.icebtn', function (event) {
modal.style.display = 'block';
modalMain.addClass("slideUp");
modalMain.removeClass("slideDown");
deleteButton.addEventListener('click', () => {
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal.style.display = 'none';
}, 150);
});
cancelButton.addEventListener('click', () => { // 追加
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal.style.display = 'none';
}, 150);
});
});
var modal2 = document.getElementById('account_BanModal');
var deleteButton2 = document.getElementById('deleteButton2');
var cancelButton2 = document.getElementById('cancelButton2'); // 追加
var modalMain = $('.modal-content');
$(document).on('click', '.banbtn', function (event) {
modal2.style.display = 'block';
modalMain.addClass("slideUp");
modalMain.removeClass("slideDown");
deleteButton2.addEventListener('click', () => {
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal2.style.display = 'none';
}, 150);
});
cancelButton2.addEventListener('click', () => { // 追加
modalMain.removeClass("slideUp");
modalMain.addClass("slideDown");
window.setTimeout(function(){
modal2.style.display = 'none';
}, 150);
});
});
});
</script>
</html>