failed-galleries/php-gallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2024-12-28 02:16:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixing security issues

Browse source
This commit is contained in:
Michał 2022-07-25 18:28:55 +01:00
parent 87dc4d5ff0
commit a9ba8669a6
9 changed files with 173 additions and 92 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
account.php Normal file
View file

@ -0,0 +1,30 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Account</title>
<link rel="stylesheet" href="css/master.css">
<link href="https://fonts.googleapis.com/css2?family=Rubik" rel="stylesheet">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@600&amp;display=swap">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Fira+Code:wght@500&amp;display=swap">
</head>
<body>
<?php include("ui/header.php"); ?>
<div class="account-root">
<h2>Account settings</h2>
<?php
if (isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
echo "<p>Oh hi ".$_SESSION["username"].".</p>";
echo "<a class='btn alert-default space-top' href='https://superdupersecteteuploadtest.fluffybean.gay/logout.php'><img class='svg' src='assets/icons/user-circle.svg'>Logout</a>";
} else {
echo "<p class='space-bottom-large'>You must be logged in to change your account settings!</p>";
echo "<a class='btn alert-high space-top-large' href='https://superdupersecteteuploadtest.fluffybean.gay/signup.php'>Sign up!</a>";
}
?>
</div>
<?php include("ui/footer.php"); ?>
</body>
</html>

69
edit.php
View file

@ -10,7 +10,39 @@
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Fira+Code:wght@500&amp;display=swap">
</head>
<body>
<?php include("ui/header.php"); ?>
<?php
include("ui/header.php");
include("ui/conn.php");
if (isset($_POST['id'])) {
// Getting all image info from table
$get_image = "SELECT * FROM swag_table WHERE id = ".$_POST['id'];
$image_results = mysqli_query($conn, $get_image);
$image = mysqli_fetch_assoc($image_results);
// Checking if user has edit rights
if (isset($_SESSION['id']) && $image['author'] == $_SESSION['id'] || $_SESSION['id'] == 1) {
if (isset($_POST['alt'])) {
$sql = $conn->prepare("UPDATE swag_table SET alt=? WHERE id=?");
$sql->bind_param("si", $alt, $id);
$alt = $_POST['alt'];
$id = $_POST['id'];
if ($sql->execute()) {
header("Location:https://superdupersecteteuploadtest.fluffybean.gay/image.php?id=".$_POST['id']."&update=success");
} else {
$error = "Something fuckywucky";
}
} else {
$error = "No description/alt, pls give";
}
} else {
$error = "You do not have edit rights";
}
}
?>
<div class="edit-root">
<h2>Modify Information</h2>
@ -21,43 +53,12 @@
</form>
<?php
if ($_GET["r"] == "success") {
// Info updated
echo "<p class='alert alert-high space-top'>Information updated!</p>";
} elseif ($_GET["r"] == "fail") {
// Upload failed
echo "<p class='alert alert-low space-top'>Something fuckywucky</p>";
} elseif ($_GET["r"] == "noinfo") {
// No info was present
echo "<p class='alert alert-default space-top'>No description/alt, pls give</p>";
if (isset($error)) {
echo "<p class='alert alert-low space-top'>".$error."</p>";
}
?>
</div>
<?php
include("ui/conn.php");
if (isset($_POST['id'])) {
if (empty($_POST['alt'])) {
header("Location:edit.php?r=noinfo");
} else {
$sql = $conn->prepare("UPDATE swag_table SET alt=? WHERE id=?");
$sql->bind_param("si", $alt, $id);
$alt = $_POST['alt'];
$id = $_POST['id'];
if ($sql->execute()) {
//header("Location:edit.php?r=success");
header("Location:https://superdupersecteteuploadtest.fluffybean.gay/image.php?id=".$_POST['id']."&update=success");
} else {
header("Location:edit.php?r=fail");
}
}
}
?>
<?php include("ui/footer.php"); ?>
</body>
</html>

35
image.php
View file

@ -20,13 +20,18 @@
echo "<p class='alert alert-high space-bottom-large'>Information updated</p>";
}
// Get image ID
// Getting all image info from table
$get_image = "SELECT * FROM swag_table WHERE id = ".$_GET['id'];
$image_results = mysqli_query($conn, $get_image);
$image = mysqli_fetch_assoc($image_results);
// Get all user details
if (isset($image['author'])) {
$get_user = "SELECT * FROM users WHERE id = ".$image['author'];
$user_results = mysqli_query($conn, $get_user);
$user = mysqli_fetch_assoc($user_results);
}
// Check if ID of image in URL
if (!isset($_GET['id'])) {
// No ID toast
@ -71,6 +76,13 @@
<div class="image-detail flex-down">
<h2>Details</h2>
<?php
// Image ID
if (isset($image['author'])) {
echo "<p>Author: ".$user['username']."</p>";
} else {
echo "<p>Author: No author</p>";
}
// Image ID
echo "<p>ID: ".$image['id']."</p>";
@ -89,10 +101,10 @@
?>
</div>
<div class="danger-zone flex-down">
<h2>Danger zone</h2>
<!-- DELETE BUTTON -->
<?php
<?php
if (isset($_SESSION['id']) && $image['author'] == $_SESSION['id'] || $_SESSION['id'] == 1) {
echo "<div class='danger-zone flex-down'>";
echo "<h2>Danger zone</h2>";
// Image hover details
echo "<form class='detail' method='POST' enctype='multipart/form-data'>";
echo "<button class='btn alert-low' type='submit' name='delete' value='".$image['id']."'><img class='svg' src='assets/icons/trash.svg'>Delete image</button>";
@ -115,11 +127,14 @@
echo "<p class='alert alert-fail' id='deleted'>Error: Coult not delete image</p>";
}
}
?>
<!-- EDIT BUTTON -->
<?php echo "<a class='btn alert-low space-top' href='https://superdupersecteteuploadtest.fluffybean.gay/edit.php?id=".$image['id']."'><img class='svg' src='assets/icons/edit.svg'>Modify image content</a>"; ?>
</div>
echo "<a class='btn alert-low space-top' href='https://superdupersecteteuploadtest.fluffybean.gay/edit.php?id=".$image['id']."'><img class='svg' src='assets/icons/edit.svg'>Modify image content</a>";
echo "</div>";
} else {
}
?>
<?php include("ui/footer.php"); ?>
</body>

6
index.php
View file

@ -26,13 +26,17 @@
<div class="info-text center">
<?php
// Welcome depending on if user is logged in or not
if (isset($_SESSION["username"])) {
echo "<h1>Welcome ".$_SESSION['username']."!</h1>";
} else {
echo "<h1>Welcome!</h1>";
}
// Random welcome message
$welcome_message = array("*internal screaming*", "Sussy Wussy", "What is this world?", "Don't forget to drink water!", "Bruh", "PHP is pain", "This is so poorly programmed");
echo "<p>".$welcome_message[array_rand($welcome_message, 1)]."</p>";
?>
<p>*internal screaming*</p>
</div>
<div class="gallery-root flex-left">

2
login.php
View file

@ -98,7 +98,7 @@
<form class="flex-down between" method="POST" action="login.php" enctype="multipart/form-data">
<input class="btn alert-default space-bottom" type="text" name="username" placeholder="Username">
<input class="btn alert-default space-bottom-large" type="password" name="password" placeholder="Password">
<button class="btn alert-default" type="submit" name="login"><img class="svg" src="assets/icons/user-circle.svg">Login</button>
<button class="btn alert-high" type="submit" name="login"><img class="svg" src="assets/icons/user-circle.svg">Login</button>
</form>
<?php
if (isset($error)) {

14
logout.php Normal file
View file

@ -0,0 +1,14 @@
<?php
// Initialize the session
session_start();
// Unset all of the session variables
$_SESSION = array();
// Destroy the session.
session_destroy();
// Redirect to login page
header("location: https://superdupersecteteuploadtest.fluffybean.gay");
exit;
?>

10
signup.php
View file

@ -79,6 +79,15 @@
}
}
// Check for invite code
if (isset($_POST['invite_code'])) {
if ($_POST['invite_code'] != "23R2pz33yDrb3Ry9") {
$error = "Seems that you don't have the right invite code, whatever shall you do";
}
} else {
$error = "Enter Invite Code ;3";
}
// Checking for errors
if (empty($error)) {
$sql = "INSERT INTO users (username, password) VALUES (?, ?)";
@ -109,6 +118,7 @@
<input class="btn alert-default space-bottom-large" type="text" name="username" placeholder="Username">
<input class="btn alert-default space-bottom" type="password" name="password" placeholder="Password">
<input class="btn alert-default space-bottom-large" type="password" name="confirm_password" placeholder="Re-enter Password">
<input class="btn alert-default space-bottom-large" type="text" name="invite_code" placeholder="Invite Code">
<button class="btn alert-high" type="submit" name="signup">Sign Up</button>
<?php
if (isset($error)) {

4
ui/header.php
View file

@ -7,10 +7,10 @@
<div class="nav-links flex-left">
<a class="btn alert-default" href="https://superdupersecteteuploadtest.fluffybean.gay"><img class="svg" src="assets/icons/house.svg">Home</a>
<hr>
<a class="btn alert-default" href="https://superdupersecteteuploadtest.fluffybean.gay/upload.php"><img class="svg" src="assets/icons/upload.svg">Upload</a>
<hr>
<?php
if (isset($_SESSION["username"])) {
echo "<a class='btn alert-default' href='https://superdupersecteteuploadtest.fluffybean.gay/upload.php'><img class='svg' src='assets/icons/upload.svg'>Upload</a>";
echo "<hr>";
echo "<a class='btn alert-default' href='https://superdupersecteteuploadtest.fluffybean.gay/account.php'><img class='svg' src='assets/icons/user-circle.svg'>".$_SESSION["username"]."</a>";
} else {
echo "<a class='btn alert-default' href='https://superdupersecteteuploadtest.fluffybean.gay/signup.php'><img class='svg' src='assets/icons/user-circle-plus.svg'>Sign Up</a>";

95
upload.php
View file

@ -14,55 +14,62 @@
include("ui/header.php");
include_once("ui/conn.php");
if (isset($_POST['upload'])) {
// Get image name
$image_name = $_FILES['image']['name'];
if (isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) {
if (isset($_POST['upload'])) {
// Get image name
$image_name = $_FILES['image']['name'];
// Get alt text
if (empty($_POST['alt'])) {
$get_alt_text = "No description provided";
} else {
$get_alt_text = $_POST['alt'];
}
// If image present, continue
if (!empty($image_name)) {
// Set file path for image upload
$image_basename = basename($image_name);
$image_path = "images/".$image_basename;
// Prepare sql for destruction and filtering the sus
$sql = $conn->prepare("INSERT INTO swag_table (imagename, alt) VALUES (?, ?)");
$sql->bind_param("ss", $image_name, $get_alt_text);
// Uploading image to Table
$sql->execute();
// Checking if image uploaded
if (move_uploaded_file($_FILES['image']['tmp_name'], $image_path)) {
// Make thumbnail
$image_thumbnail = new Imagick($image_path);
// Get image format
$image_format = $image_thumbnail->getImageFormat();
// If image is gif
if ($image_format == 'GIF') {
$image_thumbnail = $image_thumbnail->coalesceImages();
}
// Resize image
$image_thumbnail->resizeImage(300,null,null,1,null);
// Save image
$image_thumbnail->writeImage("images/thumbnails/".$image_basename);
$success = "Your Image uploaded successfully!";
// Get alt text
if (empty($_POST['alt'])) {
$get_alt_text = "No description provided";
} else {
// Could not move images to folder
$error = "F, Upload failed";
$get_alt_text = $_POST['alt'];
}
// If image present, continue
if (!empty($image_name)) {
// Set file path for image upload
$image_basename = basename($image_name);
$image_path = "images/".$image_basename;
// Prepare sql for destruction and filtering the sus
$sql = $conn->prepare("INSERT INTO swag_table (imagename, alt, author) VALUES (?, ?, ?)");
$sql->bind_param("sss", $image_name, $get_alt_text, $user_id);
$user_id = $_SESSION["id"];
// Uploading image to Table
$sql->execute();
// Checking if image uploaded
if (move_uploaded_file($_FILES['image']['tmp_name'], $image_path)) {
// Make thumbnail
$image_thumbnail = new Imagick($image_path);
// Get image format
$image_format = $image_thumbnail->getImageFormat();
// If image is gif
if ($image_format == 'GIF') {
$image_thumbnail = $image_thumbnail->coalesceImages();
}
// Resize image
$image_thumbnail->resizeImage(300,null,null,1,null);
// Save image
$image_thumbnail->writeImage("images/thumbnails/".$image_basename);
$success = "Your Image uploaded successfully!";
} else {
// Could not move images to folder
$error = "F, Upload failed";
}
} else {
// No image present
$error = "No file lol";
}
} else {
// No image present
$error = "No file lol";
}
} else {
$error = "You must be logged in to upload images";
}
?>
<div class="upload-root">