From ea8587e10fbd59efce4dbf742ffdd427df02b483 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=81=A0=E3=81=84=E3=81=A1=E3=81=BE=E3=82=8B?= <98202777+Daichimarukana@users.noreply.github.com> Date: Sat, 19 Aug 2023 21:36:13 +0900 Subject: [PATCH] uwuzu version 1.2.6.1 --- addauthcode.php | 7 ++++- authlogin.php | 66 ++++++++++++++++++++++++++++++++++++--- css/home.css | 65 +++++++++++++++++++++++++++++++++++++- emoji/addemoji.php | 6 ++++ emoji/index.php | 5 +++ home/index.php | 7 +++++ index.php | 6 ++-- login.php | 56 ++++++++++++++++++++++++++++++++- nextpage/notification.php | 12 +++++++ notice/addnotice.php | 6 ++++ notification/index.php | 11 +++++-- others/index.php | 6 ++++ require/botbox.php | 6 +++- require/leftbox.php | 6 +++- search/index.php | 6 ++++ server/uwuzuinfo.txt | 2 +- server/uwuzurelease.txt | 5 +++ settings/addauthcode.php | 6 ++++ settings/index.php | 6 ++++ settings/success.php | 6 ++++ ueuse/index.php | 6 ++++ user/index.php | 5 +++ 22 files changed, 292 insertions(+), 15 deletions(-) diff --git a/addauthcode.php b/addauthcode.php index 5fc9c8d..664aad2 100644 --- a/addauthcode.php +++ b/addauthcode.php @@ -32,7 +32,6 @@ $option = null; $userid = $_SESSION['userid']; -// データベースに接続 try { $option = array( @@ -46,6 +45,12 @@ try { // 接続エラーのときエラー内容を取得する $error_message[] = $e->getMessage(); } +// 管理者としてログインしているか確認 +if( empty($_SESSION['admin_login']) || $_SESSION['admin_login'] !== true ) { + // ログインページへリダイレクト + header("Location: ./login.php"); + exit; +} require_once 'authcode/GoogleAuthenticator.php'; diff --git a/authlogin.php b/authlogin.php index 9955a46..abae2f9 100644 --- a/authlogin.php +++ b/authlogin.php @@ -30,15 +30,73 @@ $_SESSION["password"]=""; session_start(); $userid = $_SESSION['userid']; + try { - $options = array( + + $option = array( PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::MYSQL_ATTR_MULTI_STATEMENTS => false ); - $pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $options); + $pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option); + } catch(PDOException $e) { + // 接続エラーのときエラー内容を取得する - $error_message[] = 'データベース接続エラー: ' . $e->getMessage(); + $error_message[] = $e->getMessage(); +} + +if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) { + + $passQuery = $pdo->prepare("SELECT username,userid,loginid,admin FROM account WHERE userid = :userid"); + $passQuery->bindValue(':userid', $_SESSION['userid']); + $passQuery->execute(); + $res = $passQuery->fetch(); + if(empty($res["userid"])){ + header("Location: login.php"); + exit; + }elseif($_SESSION['loginid'] === $res["loginid"]){ + // セッションに値をセット + $userid = $_SESSION['userid']; // セッションに格納されている値をそのままセット + $username = $_SESSION['username']; // セッションに格納されている値をそのままセット + $_SESSION['admin_login'] = true; + $_SESSION['userid'] = $userid; + $_SESSION['username'] = $username; + $_SESSION['loginid'] = $res["loginid"]; + setcookie('userid', $userid, time() + 60 * 60 * 24 * 14); + setcookie('username', $username, time() + 60 * 60 * 24 * 14); + setcookie('loginid', $res["loginid"], time() + 60 * 60 * 24 * 14); + setcookie('admin_login', true, time() + 60 * 60 * 24 * 14); + header("Location: home/"); + exit; + } + + +} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) { + + $passQuery = $pdo->prepare("SELECT username,userid,loginid,admin FROM account WHERE userid = :userid"); + $passQuery->bindValue(':userid', $_COOKIE['userid']); + $passQuery->execute(); + $res = $passQuery->fetch(); + if(empty($res["userid"])){ + header("Location: login.php"); + exit; + }elseif($_COOKIE['loginid'] === $res["loginid"]){ + // セッションに値をセット + $userid = $_COOKIE['userid']; // クッキーから取得した値をセット + $username = $_COOKIE['username']; // クッキーから取得した値をセット + $_SESSION['admin_login'] = true; + $_SESSION['userid'] = $userid; + $_SESSION['username'] = $username; + $_SESSION['loginid'] = $res["loginid"]; + setcookie('userid', $userid, time() + 60 * 60 * 24 * 14); + setcookie('username', $username, time() + 60 * 60 * 24 * 14); + setcookie('loginid', $res["loginid"], time() + 60 * 60 * 24 * 14); + setcookie('admin_login', true, time() + 60 * 60 * 24 * 14); + header("Location: home/"); + exit; + } + + } @@ -144,7 +202,7 @@ $pdo = null;

二段階認証コード

6桁のコードを入力してください。
- +
diff --git a/css/home.css b/css/home.css index a6c499e..b80c592 100644 --- a/css/home.css +++ b/css/home.css @@ -349,9 +349,10 @@ body{ } .leftbutton{ + cursor: pointer; border: none; - display: block; + display: flex; width:70%; margin: 16px; padding: 8px auto; @@ -387,6 +388,39 @@ body{ width:65%; } +.leftbutton .notipod{ + width: 25px; + height: 25px; + margin-left: auto; + margin-right: 20px; + margin-top: auto; + margin-bottom: auto; + background-color: #FF4444; + border-radius: 50%; + transition: all 250ms ease-out; +} +.leftbutton .notipod p{ + margin-top: -1px; + margin-bottom: 0px; + margin-left: auto; + margin-right: auto; + color:#FFFFFF; + font-size: 16px; + font-family: 'Zen Maru Gothic', sans-serif; + font-weight: normal; + text-decoration:none; + text-align: center; + transition: all 250ms ease-out; +} + +.leftbutton:hover .notipod { + background-color:#FFFFFF; +} + +.leftbutton:hover .notipod p{ + color:#FF4444; +} + main{ height: 95dvh; overflow: auto; @@ -2617,6 +2651,35 @@ hr{ width:27%; } + .btmbutton_on{ + cursor: pointer; + border: none; + display: block; + width:28%; + margin: 16px; + padding: 8px auto; + height: auto; + margin-left: 12px; + margin-right: 12px; + + padding-top: 14px; + padding-bottom: 14px; + background-color: #FFFFFF; + border-radius: 50px; + color:#FF4444; + font-size: 16px; + font-family: 'Zen Maru Gothic', sans-serif; + font-weight: normal; + text-decoration:none; + text-align: center; + transition: box-shadow 250ms ease-in-out; + transition: width 250ms ease-out; + transition: all 250ms ease-out; + box-shadow:0 0px 48px 0 rgba(0, 0, 0, .05); + border: 1px solid #FFC832; + } + + .ueuse .favbox .tuduki{ display: block; diff --git a/emoji/addemoji.php b/emoji/addemoji.php index b75bd8a..a7f0213 100644 --- a/emoji/addemoji.php +++ b/emoji/addemoji.php @@ -114,6 +114,12 @@ if(!($res["admin"] === "yes")){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; if( !empty($pdo) ) { diff --git a/emoji/index.php b/emoji/index.php index 3e157df..7974507 100644 --- a/emoji/index.php +++ b/emoji/index.php @@ -108,7 +108,12 @@ if(empty($username)){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); +$notificationcount = $notiData['notification_count']; if (!empty($pdo)) { $sql = "SELECT emojiname,emojiinfo,emojidate FROM emoji ORDER BY emojidate DESC"; diff --git a/home/index.php b/home/index.php index 41c96db..81ff420 100644 --- a/home/index.php +++ b/home/index.php @@ -108,6 +108,13 @@ if(empty($username)){ exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; + //------------------------------------------- if( !empty($_POST['btn_submit']) ) { diff --git a/index.php b/index.php index a746583..1576757 100644 --- a/index.php +++ b/index.php @@ -40,7 +40,7 @@ if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) { setcookie('username', $username, time() + 60 * 60 * 24 * 14); setcookie('loginid', $res["loginid"], time() + 60 * 60 * 24 * 14); setcookie('admin_login', true, time() + 60 * 60 * 24 * 14); - header("Location: home/index.php"); + header("Location: home/"); exit; } @@ -52,7 +52,7 @@ if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) { $passQuery->execute(); $res = $passQuery->fetch(); if(empty($res["userid"])){ - header("Location: ../login.php"); + header("Location: login.php"); exit; }elseif($_COOKIE['loginid'] === $res["loginid"]){ // セッションに値をセット @@ -66,7 +66,7 @@ if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) { setcookie('username', $username, time() + 60 * 60 * 24 * 14); setcookie('loginid', $res["loginid"], time() + 60 * 60 * 24 * 14); setcookie('admin_login', true, time() + 60 * 60 * 24 * 14); - header("Location: home/index.php"); + header("Location: home/"); exit; } diff --git a/login.php b/login.php index 7fe1959..bea792a 100644 --- a/login.php +++ b/login.php @@ -28,7 +28,7 @@ $_SESSION["password"]=""; session_start(); -// データベースに接続 + try { $option = array( @@ -43,6 +43,60 @@ try { $error_message[] = $e->getMessage(); } +if(isset($_SESSION['admin_login']) && $_SESSION['admin_login'] === true) { + + $passQuery = $pdo->prepare("SELECT username,userid,loginid,admin FROM account WHERE userid = :userid"); + $passQuery->bindValue(':userid', $_SESSION['userid']); + $passQuery->execute(); + $res = $passQuery->fetch(); + if(empty($res["userid"])){ + header("Location: login.php"); + exit; + }elseif($_SESSION['loginid'] === $res["loginid"]){ + // セッションに値をセット + $userid = $_SESSION['userid']; // セッションに格納されている値をそのままセット + $username = $_SESSION['username']; // セッションに格納されている値をそのままセット + $_SESSION['admin_login'] = true; + $_SESSION['userid'] = $userid; + $_SESSION['username'] = $username; + $_SESSION['loginid'] = $res["loginid"]; + setcookie('userid', $userid, time() + 60 * 60 * 24 * 14); + setcookie('username', $username, time() + 60 * 60 * 24 * 14); + setcookie('loginid', $res["loginid"], time() + 60 * 60 * 24 * 14); + setcookie('admin_login', true, time() + 60 * 60 * 24 * 14); + header("Location: home/"); + exit; + } + + +} elseif (isset($_COOKIE['admin_login']) && $_COOKIE['admin_login'] == true) { + + $passQuery = $pdo->prepare("SELECT username,userid,loginid,admin FROM account WHERE userid = :userid"); + $passQuery->bindValue(':userid', $_COOKIE['userid']); + $passQuery->execute(); + $res = $passQuery->fetch(); + if(empty($res["userid"])){ + header("Location: login.php"); + exit; + }elseif($_COOKIE['loginid'] === $res["loginid"]){ + // セッションに値をセット + $userid = $_COOKIE['userid']; // クッキーから取得した値をセット + $username = $_COOKIE['username']; // クッキーから取得した値をセット + $_SESSION['admin_login'] = true; + $_SESSION['userid'] = $userid; + $_SESSION['username'] = $username; + $_SESSION['loginid'] = $res["loginid"]; + setcookie('userid', $userid, time() + 60 * 60 * 24 * 14); + setcookie('username', $username, time() + 60 * 60 * 24 * 14); + setcookie('loginid', $res["loginid"], time() + 60 * 60 * 24 * 14); + setcookie('admin_login', true, time() + 60 * 60 * 24 * 14); + header("Location: home/"); + exit; + } + + +} + if( !empty($_POST['btn_submit']) ) { diff --git a/nextpage/notification.php b/nextpage/notification.php index 7b36cfb..3bea3d4 100644 --- a/nextpage/notification.php +++ b/nextpage/notification.php @@ -41,6 +41,18 @@ if (!empty($pdo)) { PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true, )); + // トランザクション開始 + $pdo->beginTransaction(); + + // SQL作成 + $stmt = $pdo->prepare("UPDATE notification SET userchk = 'done' WHERE touserid = :userid;"); + + $stmt->bindValue(':userid', $userid, PDO::PARAM_STR); + + $res = $stmt->execute(); + $res = $pdo->commit(); + + $messageQuery = $dbh->prepare("SELECT title,msg,url,datetime,userchk FROM notification WHERE touserid = :userid ORDER BY datetime DESC LIMIT $offset, $itemsPerPage"); $messageQuery->bindValue(':userid', $userid); $messageQuery->execute(); diff --git a/notice/addnotice.php b/notice/addnotice.php index 8bff8b1..585f132 100644 --- a/notice/addnotice.php +++ b/notice/addnotice.php @@ -114,6 +114,12 @@ if(!($res["admin"] === "yes")){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; if( !empty($pdo) ) { diff --git a/notification/index.php b/notification/index.php index 91195bd..5374e41 100644 --- a/notification/index.php +++ b/notification/index.php @@ -111,6 +111,12 @@ if(empty($username)){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; if( !empty($_POST['logout']) ) { if (isset($_SERVER['HTTP_COOKIE'])) { @@ -139,11 +145,12 @@ $pdo = null; + + + - - 通知 - <?php echo file_get_contents($servernamefile);?> diff --git a/others/index.php b/others/index.php index 61f3ad4..d14c128 100644 --- a/others/index.php +++ b/others/index.php @@ -117,6 +117,12 @@ if(empty($username)){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; if( !empty($pdo) ) { diff --git a/require/botbox.php b/require/botbox.php index b5617a6..00d7861 100644 --- a/require/botbox.php +++ b/require/botbox.php @@ -2,8 +2,12 @@
ホーム + 0){?> + 通知 + + 通知 + 検索 - 自情報 設定
diff --git a/require/leftbox.php b/require/leftbox.php index e350811..5136d8c 100644 --- a/require/leftbox.php +++ b/require/leftbox.php @@ -7,7 +7,11 @@
🏠ホーム 検索 - 通知 + 0){?> + 通知

 + + 通知 + 絵文字 プロフィール 設定 diff --git a/search/index.php b/search/index.php index db917bf..d3fd5ac 100644 --- a/search/index.php +++ b/search/index.php @@ -107,6 +107,12 @@ if(empty($username)){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; //------------------------------------------- diff --git a/server/uwuzuinfo.txt b/server/uwuzuinfo.txt index 84881d4..8ef5948 100644 --- a/server/uwuzuinfo.txt +++ b/server/uwuzuinfo.txt @@ -1,4 +1,4 @@ uwuzu -1.2.5 +1.2.6 2023/08/19 daichimarukana,putonfps \ No newline at end of file diff --git a/server/uwuzurelease.txt b/server/uwuzurelease.txt index ae9912c..0fb9edd 100644 --- a/server/uwuzurelease.txt +++ b/server/uwuzurelease.txt @@ -1,6 +1,11 @@ ## リリースノートだぜぇぇぇぇぇぇい!!!!!!! ここにはuwuzuの更新情報を載せてくぜぇ~!(いやまてテンションおかしいだろ...) +## Version 1.2.6 +リリース日:2023/08/19 +ログイン時の二段階認証入力画面を数字のみに限定しました。 +通知機能を強化し、わかりやすくしました! + ## Version 1.2.5 リリース日:2023/08/19 全てのデバイスでセッションを終了する機能を実装しました! diff --git a/settings/addauthcode.php b/settings/addauthcode.php index 6ecf1c8..7848501 100644 --- a/settings/addauthcode.php +++ b/settings/addauthcode.php @@ -114,6 +114,12 @@ if(empty($username)){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; require_once '../authcode/GoogleAuthenticator.php'; diff --git a/settings/index.php b/settings/index.php index 26d58e9..51074d2 100644 --- a/settings/index.php +++ b/settings/index.php @@ -109,6 +109,12 @@ if(empty($username)){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; if( !empty($pdo) ) { diff --git a/settings/success.php b/settings/success.php index 915151c..0ad5b91 100644 --- a/settings/success.php +++ b/settings/success.php @@ -106,6 +106,12 @@ if(empty($username)){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; ?> diff --git a/ueuse/index.php b/ueuse/index.php index 6601196..32d6f1a 100644 --- a/ueuse/index.php +++ b/ueuse/index.php @@ -112,6 +112,12 @@ if(empty($username)){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); + +$notificationcount = $notiData['notification_count']; $ueuseid = htmlentities(str_replace('!', '', $_GET['ueuseid'])); $touserid = htmlentities(str_replace('~', '', $_GET['touser'])); diff --git a/user/index.php b/user/index.php index 953b287..ef43ea5 100644 --- a/user/index.php +++ b/user/index.php @@ -111,7 +111,12 @@ if(empty($username)){ header("Location: ../login.php"); exit; } +$notiQuery = $pdo->prepare("SELECT COUNT(*) as notification_count FROM notification WHERE touserid = :userid AND userchk = 'none'"); +$notiQuery->bindValue(':userid', $userid); +$notiQuery->execute(); +$notiData = $notiQuery->fetch(PDO::FETCH_ASSOC); +$notificationcount = $notiData['notification_count']; function customStripTags($html, $allowedTags) { $allowedTagsString = '<' . implode('><', $allowedTags) . '>';