From a9ba8669a64af7405a5d9a47fb5c472be38bc309 Mon Sep 17 00:00:00 2001 From: Fluffy-Bean Date: Mon, 25 Jul 2022 18:28:55 +0100 Subject: [PATCH] Fixing security issues --- account.php | 30 ++++++++++++++++ edit.php | 69 +++++++++++++++++++------------------ image.php | 35 +++++++++++++------ index.php | 6 +++- login.php | 2 +- logout.php | 14 ++++++++ signup.php | 10 ++++++ ui/header.php | 4 +-- upload.php | 95 +++++++++++++++++++++++++++------------------------ 9 files changed, 173 insertions(+), 92 deletions(-) create mode 100644 account.php create mode 100644 logout.php diff --git a/account.php b/account.php new file mode 100644 index 0000000..066f950 --- /dev/null +++ b/account.php @@ -0,0 +1,30 @@ + + + + + + Account + + + + + + + + +
+

Account settings

+ Oh hi ".$_SESSION["username"].".

"; + echo "Logout"; + } else { + echo "

You must be logged in to change your account settings!

"; + echo "Sign up!"; + } + ?> +
+ + + + diff --git a/edit.php b/edit.php index 5f585b4..309666b 100644 --- a/edit.php +++ b/edit.php @@ -10,7 +10,39 @@ - + prepare("UPDATE swag_table SET alt=? WHERE id=?"); + $sql->bind_param("si", $alt, $id); + + $alt = $_POST['alt']; + $id = $_POST['id']; + + if ($sql->execute()) { + header("Location:https://superdupersecteteuploadtest.fluffybean.gay/image.php?id=".$_POST['id']."&update=success"); + } else { + $error = "Something fuckywucky"; + } + } else { + $error = "No description/alt, pls give"; + } + } else { + $error = "You do not have edit rights"; + } + } + + ?>

Modify Information

@@ -21,43 +53,12 @@ Information updated!

"; - } elseif ($_GET["r"] == "fail") { - // Upload failed - echo "

Something fuckywucky

"; - } elseif ($_GET["r"] == "noinfo") { - // No info was present - echo "

No description/alt, pls give

"; + if (isset($error)) { + echo "

".$error."

"; } ?>
- prepare("UPDATE swag_table SET alt=? WHERE id=?"); - $sql->bind_param("si", $alt, $id); - - $alt = $_POST['alt']; - $id = $_POST['id']; - - if ($sql->execute()) { - //header("Location:edit.php?r=success"); - header("Location:https://superdupersecteteuploadtest.fluffybean.gay/image.php?id=".$_POST['id']."&update=success"); - } else { - header("Location:edit.php?r=fail"); - } - } - } - ?> - diff --git a/image.php b/image.php index 43fdad1..02be4db 100644 --- a/image.php +++ b/image.php @@ -20,13 +20,18 @@ echo "

Information updated

"; } - - // Get image ID // Getting all image info from table $get_image = "SELECT * FROM swag_table WHERE id = ".$_GET['id']; $image_results = mysqli_query($conn, $get_image); $image = mysqli_fetch_assoc($image_results); + // Get all user details + if (isset($image['author'])) { + $get_user = "SELECT * FROM users WHERE id = ".$image['author']; + $user_results = mysqli_query($conn, $get_user); + $user = mysqli_fetch_assoc($user_results); + } + // Check if ID of image in URL if (!isset($_GET['id'])) { // No ID toast @@ -71,6 +76,13 @@

Details

Author: ".$user['username']."

"; + } else { + echo "

Author: No author

"; + } + // Image ID echo "

ID: ".$image['id']."

"; @@ -89,10 +101,10 @@ ?>
-
-

Danger zone

- - "; + echo "

Danger zone

"; // Image hover details echo "
"; echo ""; @@ -115,11 +127,14 @@ echo "

Error: Coult not delete image

"; } } - ?> - - Modify image content"; ?> -
+ echo "Modify image content"; + echo ""; + } else { + + } + + ?> diff --git a/index.php b/index.php index e3da55b..4219062 100644 --- a/index.php +++ b/index.php @@ -26,13 +26,17 @@
Welcome ".$_SESSION['username']."!"; } else { echo "

Welcome!

"; } + + // Random welcome message + $welcome_message = array("*internal screaming*", "Sussy Wussy", "What is this world?", "Don't forget to drink water!", "Bruh", "PHP is pain", "This is so poorly programmed"); + echo "

".$welcome_message[array_rand($welcome_message, 1)]."

"; ?> -

*internal screaming*

diff --git a/login.php b/login.php index bde146b..f9a509c 100644 --- a/login.php +++ b/login.php @@ -98,7 +98,7 @@ - + diff --git a/signup.php b/signup.php index 23dda9c..868fe4a 100644 --- a/signup.php +++ b/signup.php @@ -79,6 +79,15 @@ } } + // Check for invite code + if (isset($_POST['invite_code'])) { + if ($_POST['invite_code'] != "23R2pz33yDrb3Ry9") { + $error = "Seems that you don't have the right invite code, whatever shall you do"; + } + } else { + $error = "Enter Invite Code ;3"; + } + // Checking for errors if (empty($error)) { $sql = "INSERT INTO users (username, password) VALUES (?, ?)"; @@ -109,6 +118,7 @@ + Home
- Upload -
Upload"; + echo "
"; echo "".$_SESSION["username"].""; } else { echo "Sign Up"; diff --git a/upload.php b/upload.php index 8dc0e87..a674eae 100644 --- a/upload.php +++ b/upload.php @@ -14,55 +14,62 @@ include("ui/header.php"); include_once("ui/conn.php"); - if (isset($_POST['upload'])) { - // Get image name - $image_name = $_FILES['image']['name']; + if (isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true) { + if (isset($_POST['upload'])) { + // Get image name + $image_name = $_FILES['image']['name']; - // Get alt text - if (empty($_POST['alt'])) { - $get_alt_text = "No description provided"; - } else { - $get_alt_text = $_POST['alt']; - } - - // If image present, continue - if (!empty($image_name)) { - // Set file path for image upload - $image_basename = basename($image_name); - $image_path = "images/".$image_basename; - - // Prepare sql for destruction and filtering the sus - $sql = $conn->prepare("INSERT INTO swag_table (imagename, alt) VALUES (?, ?)"); - $sql->bind_param("ss", $image_name, $get_alt_text); - - // Uploading image to Table - $sql->execute(); - - // Checking if image uploaded - if (move_uploaded_file($_FILES['image']['tmp_name'], $image_path)) { - // Make thumbnail - $image_thumbnail = new Imagick($image_path); - // Get image format - $image_format = $image_thumbnail->getImageFormat(); - // If image is gif - if ($image_format == 'GIF') { - $image_thumbnail = $image_thumbnail->coalesceImages(); - } - // Resize image - $image_thumbnail->resizeImage(300,null,null,1,null); - // Save image - $image_thumbnail->writeImage("images/thumbnails/".$image_basename); - - $success = "Your Image uploaded successfully!"; + // Get alt text + if (empty($_POST['alt'])) { + $get_alt_text = "No description provided"; } else { - // Could not move images to folder - $error = "F, Upload failed"; + $get_alt_text = $_POST['alt']; + } + + // If image present, continue + if (!empty($image_name)) { + // Set file path for image upload + $image_basename = basename($image_name); + $image_path = "images/".$image_basename; + + // Prepare sql for destruction and filtering the sus + $sql = $conn->prepare("INSERT INTO swag_table (imagename, alt, author) VALUES (?, ?, ?)"); + $sql->bind_param("sss", $image_name, $get_alt_text, $user_id); + + $user_id = $_SESSION["id"]; + + // Uploading image to Table + $sql->execute(); + + // Checking if image uploaded + if (move_uploaded_file($_FILES['image']['tmp_name'], $image_path)) { + // Make thumbnail + $image_thumbnail = new Imagick($image_path); + // Get image format + $image_format = $image_thumbnail->getImageFormat(); + // If image is gif + if ($image_format == 'GIF') { + $image_thumbnail = $image_thumbnail->coalesceImages(); + } + // Resize image + $image_thumbnail->resizeImage(300,null,null,1,null); + // Save image + $image_thumbnail->writeImage("images/thumbnails/".$image_basename); + + $success = "Your Image uploaded successfully!"; + } else { + // Could not move images to folder + $error = "F, Upload failed"; + } + } else { + // No image present + $error = "No file lol"; } - } else { - // No image present - $error = "No file lol"; } + } else { + $error = "You must be logged in to upload images"; } + ?>