/
index.php
110 lines (102 loc) · 2.79 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<?// Load application config
$conf = parse_ini_file('../config.ini');
$host = $_SERVER['HTTP_HOST'];
$server = $_SERVER['SERVER_ADDR'];
$remote = $_SERVER['REMOTE_ADDR'];
$remote = (substr($server,0,strrpos($server,'.')) == substr($remote,0,strrpos($remote,'.')))
? gethostbyname($host)
: $remote;
// Load user settings
$settings = (isset($_COOKIE)&&isset($_COOKIE['adhocSettings']) ? json_decode(urldecode($_COOKIE['adhocSettings'])) : (object)array());
// Start collecting errors
$errors = array();
// Start the session
if(session_status()==PHP_SESSION_NONE){
session_set_cookie_params(
0
,dirname(dirname($_SERVER['PHP_SELF'])).'/'
,$host
);
session_start();
}
// Initialize a DB connection
$dbConn = mysqli_connect($conf['mysql_host'], $conf['mysql_user'], $conf['mysql_pass'], $conf['mysql_db']);
if($dbConn->error){
$errors[] = $dbConn->error;
$dbConn = null;
}
// If already logged in, pass back the current XSRF token, or make a new one
if(isset($_SESSION['username'])){
if($_SESSION['username']==$_POST['username']){
if(!isset($_SESSION['xsrftoken']))
$_SESSION['xsrftoken'] = sha1(rand().$_SESSION['username']);
exit($_SESSION['xsrftoken']);
}else{
http_response_code(401);
exit;
}
}
// Try to log the user in
if(!isset($_POST['username']) || !$_POST['username']){
http_response_code(401);
exit;
}
if(!isset($_POST['password']) || !$_POST['password']){
http_response_code(401);
exit;
}
// Try to fetch the user
$query = mysqli_stmt_init($dbConn);
if(!count($errors) && !mysqli_stmt_prepare($query, "
SELECT
username
,settings
FROM
front_users
WHERE
username = ?
AND password = UNHEX(?)
LIMIT
1; ")){
$errors[] = "Could not prepare database statement: ".$dbConn->error;
}
if(!count($errors) && !mysqli_stmt_bind_param($query, 'ss'
,$_POST['username']
,sha1(sha1($_POST['password']))
)){
$errors[] = "Could not bind database parameters: ".$query->error;
}
if(!count($errors) && !mysqli_stmt_execute($query)){
$errors[] = "Query failed: ".$query->error;
}
if(!count($errors) && !mysqli_stmt_bind_result($query
,$username
,$settingsTemp
)){
$errors[] = "Query failed: ".$query->error;
}
if(!count($errors) && !$query->fetch()){
$errors[] = "Could not load user";
}
// Add password back to settings (if requested) and pass settings in the cookie
if(!count($errors)){
$_SESSION['username'] = $username;
if($_POST['remember']=='1'){
$settingsTemp = json_decode($settingsTemp);
$settingsTemp->password = sha1($_POST['password']);
$settingsTemp = json_encode($settingsTemp);
}
setcookie(
'adhocSettings'
,$settingsTemp
,strtotime('+1 year')
,'/adhoc_demo/'
,''
);
if(!isset($_SESSION['xsrftoken']))
$_SESSION['xsrftoken'] = sha1(rand().$_SESSION['username']);
exit($_SESSION['xsrftoken']);
}else{
http_response_code(401);
exit;
}