diff --git a/www/M3-06-messages.dat b/www/M3-06-messages.dat deleted file mode 100644 index 5e6a3fd..0000000 --- a/www/M3-06-messages.dat +++ /dev/null @@ -1 +0,0 @@ -

Från: 555

afsdgfh

\ No newline at end of file diff --git a/www/M4-01-users.dat b/www/M4-01-users.dat deleted file mode 100644 index b0f1c20..0000000 Binary files a/www/M4-01-users.dat and /dev/null differ diff --git a/www/public/M2/09/userManipulation.php b/www/public/M2/09/userManipulation.php index a04f466..76ff560 100644 --- a/www/public/M2/09/userManipulation.php +++ b/www/public/M2/09/userManipulation.php @@ -13,7 +13,7 @@ function addUser($user) { - $file = "../../../M2-09-users.dat"; + $file = "../../../userData/M2-09-users.dat"; if(file_exists($file)) { $users = unserialize(file_get_contents($file)); @@ -30,7 +30,7 @@ function isPresent($userToFind) { - $file = "../../../M2-09-users.dat"; + $file = "../../../userData/M2-09-users.dat"; if (file_exists($file)) { $userArray = unserialize(file_get_contents($file)); } diff --git a/www/public/M3/02/index.php b/www/public/M3/02/index.php index 8a2ede0..0d14cac 100644 --- a/www/public/M3/02/index.php +++ b/www/public/M3/02/index.php @@ -3,12 +3,12 @@ session_start(); } $hit = 0; - if(file_exists("../../../M3-02-hit.dat")) { - $hit = file_get_contents("../../../M3-02-hit.dat"); + if(file_exists("../../../userCount/M3-02-hit.dat")) { + $hit = file_get_contents("../../../userCount/M3-02-hit.dat"); } $hit++; // Ökar antalet besökare med 1 - file_put_contents("../../../M3-02-hit.dat", $hit); + file_put_contents("../../../userCount/M3-02-hit.dat", $hit); echo $hit; ?> diff --git a/www/public/M3/03/index.php b/www/public/M3/03/index.php index af94ad5..1d05c18 100644 --- a/www/public/M3/03/index.php +++ b/www/public/M3/03/index.php @@ -8,8 +8,8 @@ else { } } -if (file_exists("../../../M3-03-hit.dat")) { - $hit = file_get_contents("../../../M3-03-hit.dat"); +if (file_exists("../../../userCount/M3-03-hit.dat")) { + $hit = file_get_contents("../../../userCount/M3-03-hit.dat"); } echo $hit; @@ -20,12 +20,12 @@ function login() $_SESSION['logged_in'] = true; $hit = 0; - if (file_exists("../../../M3-03-hit.dat")) { - $hit = file_get_contents("../../../M3-03-hit.dat"); + if (file_exists("../../../userCount/M3-03-hit.dat")) { + $hit = file_get_contents("../../../userCount/M3-03-hit.dat"); } $hit++; // Ökar antalet besökare med 1 - file_put_contents("../../../M3-03-hit.dat", $hit); + file_put_contents("../../../userCount/M3-03-hit.dat", $hit); } } function logout() diff --git a/www/public/M3/04/index.php b/www/public/M3/04/index.php index 4dee2bb..eff06c7 100644 --- a/www/public/M3/04/index.php +++ b/www/public/M3/04/index.php @@ -9,8 +9,8 @@ else { #header("Location: login.php"); } -if (file_exists("../../../M3-04-hit.dat")) { - $hit = file_get_contents("../../../M3-04-hit.dat"); +if (file_exists("../../../userCount/M3-04-hit.dat")) { + $hit = file_get_contents("../../../userCount/M3-04-hit.dat"); } echo $hit; @@ -21,12 +21,12 @@ function login() $_SESSION['logged_in'] = true; $hit = 0; - if (file_exists("../../../M3-04-hit.dat")) { - $hit = file_get_contents("../../../M3-04-hit.dat"); + if (file_exists("../../../userCount/M3-04-hit.dat")) { + $hit = file_get_contents("../../../userCount/M3-04-hit.dat"); } $hit++; // Ökar antalet besökare med 1 - file_put_contents("../../../M3-04-hit.dat", $hit); + file_put_contents("../../../userCount/M3-04-hit.dat", $hit); } } function logout() diff --git a/www/public/M3/04/pages/klotter.php b/www/public/M3/04/pages/klotter.php index d2b6df4..24ae777 100644 --- a/www/public/M3/04/pages/klotter.php +++ b/www/public/M3/04/pages/klotter.php @@ -15,8 +15,8 @@ else { \ No newline at end of file diff --git a/www/public/M3/04/saveMsg.php b/www/public/M3/04/saveMsg.php index 0fd3790..5a81c74 100644 --- a/www/public/M3/04/saveMsg.php +++ b/www/public/M3/04/saveMsg.php @@ -2,7 +2,7 @@ $name = "

Från: " . $_POST['name'] . "

"; $msg = "

" . $_POST['message'] . "

"; - file_put_contents("../../../M3-04-messages.dat",$name.$msg,FILE_APPEND); + file_put_contents("../../../userData/M3-04-messages.dat",$name.$msg,FILE_APPEND); header("location: index.php?page=klotter"); //Omdirigerar till klotterplanket ?> \ No newline at end of file diff --git a/www/public/M3/06/index.php b/www/public/M3/06/index.php index ec359ed..04b0adc 100644 --- a/www/public/M3/06/index.php +++ b/www/public/M3/06/index.php @@ -11,8 +11,8 @@ else { #header("Location: login.php"); } -if (file_exists("../../../M3-06-hit.dat")) { - $hit = file_get_contents("../../../M3-06-hit.dat"); +if (file_exists("../../../userCount/M3-06-hit.dat")) { + $hit = file_get_contents("../../../userCount/M3-06-hit.dat"); echo $hit; } @@ -71,12 +71,12 @@ function incUserCount() { session_start(); $hit = 0; - if (file_exists("../../../M3-06-hit.dat")) { - $hit = file_get_contents("../../../M3-06-hit.dat"); + if (file_exists("../../../userCount/M3-06-hit.dat")) { + $hit = file_get_contents("../../../userCount/M3-06-hit.dat"); } $hit++; // Ökar antalet besökare med 1 - file_put_contents("../../../M3-06-hit.dat", $hit); + file_put_contents("../../../userCount/M3-06-hit.dat", $hit); } } diff --git a/www/public/M3/06/pages/klotter.php b/www/public/M3/06/pages/klotter.php index 2d6f3ce..9c5da69 100644 --- a/www/public/M3/06/pages/klotter.php +++ b/www/public/M3/06/pages/klotter.php @@ -10,7 +10,7 @@ \ No newline at end of file diff --git a/www/public/M3/06/saveMsg.php b/www/public/M3/06/saveMsg.php index f14b29b..374d610 100644 --- a/www/public/M3/06/saveMsg.php +++ b/www/public/M3/06/saveMsg.php @@ -5,7 +5,7 @@ $name = "

Från: " . $_SESSION['username'] . "

"; $msg = "

" . cleanData($_POST['message']) . "

"; - file_put_contents("../../../M3-06-messages.dat", $name . $msg, FILE_APPEND); + file_put_contents("../../../userData/M3-06-messages.dat", $name . $msg, FILE_APPEND); header("location: index.php?page=klotter"); //Omdirigerar till klotterplanket diff --git a/www/public/M3/06/userManipulation.php b/www/public/M3/06/userManipulation.php index d7a352b..fc15068 100644 --- a/www/public/M3/06/userManipulation.php +++ b/www/public/M3/06/userManipulation.php @@ -13,7 +13,7 @@ function addUser($user) { - $file = "../../../M3-06-users.dat"; + $file = "../../../userData/M3-06-users.dat"; if(file_exists($file)) { $users = unserialize(file_get_contents($file)); @@ -30,7 +30,7 @@ function isPresent($userToFind) { - $file = "../../../M3-06-users.dat"; + $file = "../../../userData/M3-06-users.dat"; if (file_exists($file)) { $userArray = unserialize(file_get_contents($file)); } diff --git a/www/public/M4/01/userManipulation.php b/www/public/M4/01/userManipulation.php index 7dacf2d..a5c224d 100644 --- a/www/public/M4/01/userManipulation.php +++ b/www/public/M4/01/userManipulation.php @@ -13,7 +13,7 @@ function addUser($user) { - $file = "../../../M4-01-users.dat"; + $file = "../../../userData/M4-01-users.dat"; if(file_exists($file)) { $users = unserialize(file_get_contents($file)); @@ -30,7 +30,7 @@ function isPresent($userToFind) { - $file = "../../../M4-01-users.dat"; + $file = "../../../userData/M4-01-users.dat"; if (file_exists($file)) { $userArray = unserialize(file_get_contents($file)); } diff --git a/www/public/M4/02/index.php b/www/public/M4/02/index.php index ad26309..0317484 100644 --- a/www/public/M4/02/index.php +++ b/www/public/M4/02/index.php @@ -8,14 +8,13 @@ else { if (session_status() == PHP_SESSION_NONE) { session_start(); } - #header("Location: login.php"); } function login() { if (isset($_POST["username"])) $username = $_POST["username"]; if (isset($_POST["password"])) $password = $_POST["password"]; - $username = cleanData($username); + $username = filter_input(INPUT_POST, $username, FILTER_SANITIZE_SPECIAL_CHARS | FILTER_SANITIZE_STRIPPED); $user = new User($username, $password); @@ -26,6 +25,7 @@ function login() if (session_status() == PHP_SESSION_NONE) { session_start(); } + session_regenerate_id(true); $_SESSION['logged_in'] = true; } function signup() { @@ -40,7 +40,7 @@ function signup() { exit(); } - $username = cleanData($username); + $username = filter_input(INPUT_POST, $username, FILTER_SANITIZE_SPECIAL_CHARS | FILTER_SANITIZE_STRIPPED); $password = password_hash($password, PASSWORD_DEFAULT); $user = new User($username, $password); @@ -55,30 +55,33 @@ function logout() } $_POST = array(); $_SESSION = array(); // Tömmer sessionsarrayen - session_destroy(); - #header("Location: login.php"); + session_regenerate_id(true); } -function cleanData($data) -{ - $data = strip_tags($data); - $data = htmlspecialchars($data); - $data = trim($data); - $data = stripslashes($data); - return $data; -} ?> - M4 | 01 + M4 | 02
+
+
+ Form + + +

+ +

+ +
+
+ Logged in!"; @@ -86,6 +89,16 @@ function cleanData($data) else { echo "

Not logged in!

"; } + + if(isset($_POST['message'])) { + $safeName = filter_input(INPUT_POST, 'name',FILTER_SANITIZE_FULL_SPECIAL_CHARS); + $safeMassage = filter_input(INPUT_POST, 'text',FILTER_SANITIZE_FULL_SPECIAL_CHARS); + echo "

Name - " . $safeName . "

"; + echo "

Massage - " . $safeMassage . "

"; + } + else { + echo "

No message!

"; + } ?> Login
diff --git a/www/public/M4/02/userManipulation.php b/www/public/M4/02/userManipulation.php index f83d150..86a3a2c 100644 --- a/www/public/M4/02/userManipulation.php +++ b/www/public/M4/02/userManipulation.php @@ -13,7 +13,7 @@ function addUser($user) { - $file = "../../../M4-02-users.dat"; + $file = "../../../userData/M4-02-users.dat"; if(file_exists($file)) { $users = unserialize(file_get_contents($file)); @@ -30,7 +30,7 @@ function isPresent($userToFind) { - $file = "../../../M4-02-users.dat"; + $file = "../../../userData/M4-02-users.dat"; if (file_exists($file)) { $userArray = unserialize(file_get_contents($file)); } diff --git a/www/public/M4/03/User.php b/www/public/M4/03/User.php new file mode 100644 index 0000000..afa0130 --- /dev/null +++ b/www/public/M4/03/User.php @@ -0,0 +1,28 @@ +username = $username; + $this->password = $password; + } + + public function getUsername() { + return $this->username; + } + + public function getPassword() { + return $this->password; + } + + public function setUsername($username) { + $this->username = $username; + } + + public function setPassword($password) { + $this->password = $password; + } +} diff --git a/www/public/M4/03/index.php b/www/public/M4/03/index.php new file mode 100644 index 0000000..78e75d7 --- /dev/null +++ b/www/public/M4/03/index.php @@ -0,0 +1,131 @@ + + + + + + + M4 | 03 + + + + +
+
+
+ Form + + > + +

+ +

+ +
+
+ + Logged in!"; + } + else { + echo "

Not logged in!

"; + } + + if(isset($_POST['message'])) { + if($_SESSION['CSRFToken'] === $_POST['CSRFToken']){ + echo "ok csrft"; + }else{ + echo "Inte ok csrft"; + } + $safeName = filter_input(INPUT_POST, 'name',FILTER_SANITIZE_FULL_SPECIAL_CHARS); + $safeMassage = filter_input(INPUT_POST, 'text',FILTER_SANITIZE_FULL_SPECIAL_CHARS); + echo "

Name - " . $safeName . "

"; + echo "

Massage - " . $safeMassage . "

"; + } + else { + echo "

No message!

"; + } + ?> + Login +
+ + + \ No newline at end of file diff --git a/www/public/M4/03/login.php b/www/public/M4/03/login.php new file mode 100644 index 0000000..c367978 --- /dev/null +++ b/www/public/M4/03/login.php @@ -0,0 +1,44 @@ + + + + + + Login + + +
+
+ Login + + +

+ +

+ +
+
+ +
+
+ Signup + + +

+ +

+ +
+
+ +
+
+ +
+
+ Logout + + +
+
+ + \ No newline at end of file diff --git a/www/public/M4/03/userManipulation.php b/www/public/M4/03/userManipulation.php new file mode 100644 index 0000000..b12c101 --- /dev/null +++ b/www/public/M4/03/userManipulation.php @@ -0,0 +1,47 @@ + + + + + + Person write + + + + + getUsername() == $user->getUsername() && password_verify($userToFind->getPassword(), $user->getPassword())) return true; + } + return false; + } + ?> + + + \ No newline at end of file diff --git a/www/public/M4/04/index.php b/www/public/M4/04/index.php new file mode 100644 index 0000000..d7ee067 --- /dev/null +++ b/www/public/M4/04/index.php @@ -0,0 +1,128 @@ +Username: " . $username ."\n

"; + echo "

Password: " . $password . "



"; + + $_SESSION['logged_in'] = true; + $_SESSION['CSRFToken'] = bin2hex(random_bytes(32)); +} + +function logout() +{ + if (session_status() == PHP_SESSION_NONE) { + session_start(); + } + $_POST = array(); + $_SESSION = array(); // Tömmer sessionsarrayen + + session_regenerate_id(true); + $_SESSION['CSRFToken'] = bin2hex(random_bytes(32)); +} + +function cleanData($data) +{ + $data = strip_tags($data); + $data = htmlspecialchars($data); + $data = trim($data); + $data = stripslashes($data); + return $data; +} +?> + + + + + + M4 | 04 + + + + +
+
+
+ Form + + > + +

+ +

+ +
+
+ + Logged in!"; + } + else { + echo "

Not logged in!

"; + } + + if(isset($_POST['message'])) { + if($_SESSION['CSRFToken'] === $_POST['CSRFToken']){ + echo "ok csrft"; + }else{ + echo "Inte ok csrft"; + } + $safeName = filter_input(INPUT_POST, 'name',FILTER_SANITIZE_FULL_SPECIAL_CHARS); + $safeMassage = filter_input(INPUT_POST, 'text',FILTER_SANITIZE_FULL_SPECIAL_CHARS); + echo "

Name - " . $safeName . "

"; + echo "

Massage - " . $safeMassage . "

"; + } + else { + echo "

No message!

"; + } + ?> + Login +
+ + + \ No newline at end of file diff --git a/www/public/M4/04/login.php b/www/public/M4/04/login.php new file mode 100644 index 0000000..c367978 --- /dev/null +++ b/www/public/M4/04/login.php @@ -0,0 +1,44 @@ + + + + + + Login + + +
+
+ Login + + +

+ +

+ +
+
+ +
+
+ Signup + + +

+ +

+ +
+
+ +
+
+ +
+
+ Logout + + +
+
+ + \ No newline at end of file diff --git a/www/M3-02-hit.dat b/www/userCount/M3-02-hit.dat similarity index 100% rename from www/M3-02-hit.dat rename to www/userCount/M3-02-hit.dat diff --git a/www/M3-03-hit.dat b/www/userCount/M3-03-hit.dat similarity index 100% rename from www/M3-03-hit.dat rename to www/userCount/M3-03-hit.dat diff --git a/www/M3-04-hit.dat b/www/userCount/M3-04-hit.dat similarity index 100% rename from www/M3-04-hit.dat rename to www/userCount/M3-04-hit.dat diff --git a/www/M3-06-hit.dat b/www/userCount/M3-06-hit.dat similarity index 100% rename from www/M3-06-hit.dat rename to www/userCount/M3-06-hit.dat diff --git a/www/M2-09-users.dat b/www/userData/M2-09-users.dat similarity index 100% rename from www/M2-09-users.dat rename to www/userData/M2-09-users.dat diff --git a/www/M3-04-messages.dat b/www/userData/M3-04-messages.dat similarity index 100% rename from www/M3-04-messages.dat rename to www/userData/M3-04-messages.dat diff --git a/www/userData/M3-06-messages.dat b/www/userData/M3-06-messages.dat new file mode 100644 index 0000000..1627f89 --- /dev/null +++ b/www/userData/M3-06-messages.dat @@ -0,0 +1 @@ +

Från: 555

afsdgfh


Från: 111

iopdfgjosdhckotre


Från: 111

awfgerkoösed


Från: 222

4353w6eur7ti

\ No newline at end of file diff --git a/www/M3-06-users.dat b/www/userData/M3-06-users.dat similarity index 100% rename from www/M3-06-users.dat rename to www/userData/M3-06-users.dat diff --git a/www/userData/M4-01-users.dat b/www/userData/M4-01-users.dat new file mode 100644 index 0000000..1936897 Binary files /dev/null and b/www/userData/M4-01-users.dat differ diff --git a/www/userData/M4-02-users.dat b/www/userData/M4-02-users.dat new file mode 100644 index 0000000..6353158 Binary files /dev/null and b/www/userData/M4-02-users.dat differ diff --git a/www/userData/M4-03-users.dat b/www/userData/M4-03-users.dat new file mode 100644 index 0000000..f5edc71 Binary files /dev/null and b/www/userData/M4-03-users.dat differ diff --git a/www/userData/M4-04-users.php b/www/userData/M4-04-users.php new file mode 100644 index 0000000..e6bdbad --- /dev/null +++ b/www/userData/M4-04-users.php @@ -0,0 +1,9 @@ + \ No newline at end of file