add m4 2/2

This commit is contained in:
vadym Novoselskyi 2024-09-13 14:56:16 +02:00
parent 866c6b3731
commit af1865776c
33 changed files with 491 additions and 47 deletions

View File

@ -1 +0,0 @@
<hr><p>Från: 555</p><p>afsdgfh</p>

Binary file not shown.

View File

@ -13,7 +13,7 @@
function addUser($user) function addUser($user)
{ {
$file = "../../../M2-09-users.dat"; $file = "../../../userData/M2-09-users.dat";
if(file_exists($file)) { if(file_exists($file)) {
$users = unserialize(file_get_contents($file)); $users = unserialize(file_get_contents($file));
@ -30,7 +30,7 @@
function isPresent($userToFind) function isPresent($userToFind)
{ {
$file = "../../../M2-09-users.dat"; $file = "../../../userData/M2-09-users.dat";
if (file_exists($file)) { if (file_exists($file)) {
$userArray = unserialize(file_get_contents($file)); $userArray = unserialize(file_get_contents($file));
} }

View File

@ -3,12 +3,12 @@
session_start(); session_start();
} }
$hit = 0; $hit = 0;
if(file_exists("../../../M3-02-hit.dat")) { if(file_exists("../../../userCount/M3-02-hit.dat")) {
$hit = file_get_contents("../../../M3-02-hit.dat"); $hit = file_get_contents("../../../userCount/M3-02-hit.dat");
} }
$hit++; // Ökar antalet besökare med 1 $hit++; // Ökar antalet besökare med 1
file_put_contents("../../../M3-02-hit.dat", $hit); file_put_contents("../../../userCount/M3-02-hit.dat", $hit);
echo $hit; echo $hit;
?> ?>
<!doctype html> <!doctype html>

View File

@ -8,8 +8,8 @@ else {
} }
} }
if (file_exists("../../../M3-03-hit.dat")) { if (file_exists("../../../userCount/M3-03-hit.dat")) {
$hit = file_get_contents("../../../M3-03-hit.dat"); $hit = file_get_contents("../../../userCount/M3-03-hit.dat");
} }
echo $hit; echo $hit;
@ -20,12 +20,12 @@ function login()
$_SESSION['logged_in'] = true; $_SESSION['logged_in'] = true;
$hit = 0; $hit = 0;
if (file_exists("../../../M3-03-hit.dat")) { if (file_exists("../../../userCount/M3-03-hit.dat")) {
$hit = file_get_contents("../../../M3-03-hit.dat"); $hit = file_get_contents("../../../userCount/M3-03-hit.dat");
} }
$hit++; // Ökar antalet besökare med 1 $hit++; // Ökar antalet besökare med 1
file_put_contents("../../../M3-03-hit.dat", $hit); file_put_contents("../../../userCount/M3-03-hit.dat", $hit);
} }
} }
function logout() function logout()

View File

@ -9,8 +9,8 @@ else {
#header("Location: login.php"); #header("Location: login.php");
} }
if (file_exists("../../../M3-04-hit.dat")) { if (file_exists("../../../userCount/M3-04-hit.dat")) {
$hit = file_get_contents("../../../M3-04-hit.dat"); $hit = file_get_contents("../../../userCount/M3-04-hit.dat");
} }
echo $hit; echo $hit;
@ -21,12 +21,12 @@ function login()
$_SESSION['logged_in'] = true; $_SESSION['logged_in'] = true;
$hit = 0; $hit = 0;
if (file_exists("../../../M3-04-hit.dat")) { if (file_exists("../../../userCount/M3-04-hit.dat")) {
$hit = file_get_contents("../../../M3-04-hit.dat"); $hit = file_get_contents("../../../userCount/M3-04-hit.dat");
} }
$hit++; // Ökar antalet besökare med 1 $hit++; // Ökar antalet besökare med 1
file_put_contents("../../../M3-04-hit.dat", $hit); file_put_contents("../../../userCount/M3-04-hit.dat", $hit);
} }
} }
function logout() function logout()

View File

@ -15,8 +15,8 @@ else {
</form> </form>
<?php <?php
if(file_exists("../../../M3-04-messages.dat")) { if(file_exists("../../../userData/M3-04-messages.dat")) {
echo file_get_contents("../../../M3-04-messages.dat"); echo file_get_contents("../../../userData/M3-04-messages.dat");
} }
} }
?> ?>

View File

@ -2,7 +2,7 @@
$name = "<hr><p>Från: " . $_POST['name'] . "</p>"; $name = "<hr><p>Från: " . $_POST['name'] . "</p>";
$msg = "<p>" . $_POST['message'] . "</p>"; $msg = "<p>" . $_POST['message'] . "</p>";
file_put_contents("../../../M3-04-messages.dat",$name.$msg,FILE_APPEND); file_put_contents("../../../userData/M3-04-messages.dat",$name.$msg,FILE_APPEND);
header("location: index.php?page=klotter"); //Omdirigerar till klotterplanket header("location: index.php?page=klotter"); //Omdirigerar till klotterplanket
?> ?>

View File

@ -11,8 +11,8 @@ else {
#header("Location: login.php"); #header("Location: login.php");
} }
if (file_exists("../../../M3-06-hit.dat")) { if (file_exists("../../../userCount/M3-06-hit.dat")) {
$hit = file_get_contents("../../../M3-06-hit.dat"); $hit = file_get_contents("../../../userCount/M3-06-hit.dat");
echo $hit; echo $hit;
} }
@ -71,12 +71,12 @@ function incUserCount() {
session_start(); session_start();
$hit = 0; $hit = 0;
if (file_exists("../../../M3-06-hit.dat")) { if (file_exists("../../../userCount/M3-06-hit.dat")) {
$hit = file_get_contents("../../../M3-06-hit.dat"); $hit = file_get_contents("../../../userCount/M3-06-hit.dat");
} }
$hit++; // Ökar antalet besökare med 1 $hit++; // Ökar antalet besökare med 1
file_put_contents("../../../M3-06-hit.dat", $hit); file_put_contents("../../../userCount/M3-06-hit.dat", $hit);
} }
} }

View File

@ -10,7 +10,7 @@
</form> </form>
<?php <?php
if(file_exists("../../../M3-06-messages.dat")) { if(file_exists("../../../userData/M3-06-messages.dat")) {
echo file_get_contents("../../../M3-06-messages.dat"); echo file_get_contents("../../../userData/M3-06-messages.dat");
} }
?> ?>

View File

@ -5,7 +5,7 @@
$name = "<hr><p>Från: " . $_SESSION['username'] . "</p>"; $name = "<hr><p>Från: " . $_SESSION['username'] . "</p>";
$msg = "<p>" . cleanData($_POST['message']) . "</p>"; $msg = "<p>" . cleanData($_POST['message']) . "</p>";
file_put_contents("../../../M3-06-messages.dat", $name . $msg, FILE_APPEND); file_put_contents("../../../userData/M3-06-messages.dat", $name . $msg, FILE_APPEND);
header("location: index.php?page=klotter"); //Omdirigerar till klotterplanket header("location: index.php?page=klotter"); //Omdirigerar till klotterplanket

View File

@ -13,7 +13,7 @@
function addUser($user) function addUser($user)
{ {
$file = "../../../M3-06-users.dat"; $file = "../../../userData/M3-06-users.dat";
if(file_exists($file)) { if(file_exists($file)) {
$users = unserialize(file_get_contents($file)); $users = unserialize(file_get_contents($file));
@ -30,7 +30,7 @@
function isPresent($userToFind) function isPresent($userToFind)
{ {
$file = "../../../M3-06-users.dat"; $file = "../../../userData/M3-06-users.dat";
if (file_exists($file)) { if (file_exists($file)) {
$userArray = unserialize(file_get_contents($file)); $userArray = unserialize(file_get_contents($file));
} }

View File

@ -13,7 +13,7 @@
function addUser($user) function addUser($user)
{ {
$file = "../../../M4-01-users.dat"; $file = "../../../userData/M4-01-users.dat";
if(file_exists($file)) { if(file_exists($file)) {
$users = unserialize(file_get_contents($file)); $users = unserialize(file_get_contents($file));
@ -30,7 +30,7 @@
function isPresent($userToFind) function isPresent($userToFind)
{ {
$file = "../../../M4-01-users.dat"; $file = "../../../userData/M4-01-users.dat";
if (file_exists($file)) { if (file_exists($file)) {
$userArray = unserialize(file_get_contents($file)); $userArray = unserialize(file_get_contents($file));
} }

View File

@ -8,14 +8,13 @@ else {
if (session_status() == PHP_SESSION_NONE) { if (session_status() == PHP_SESSION_NONE) {
session_start(); session_start();
} }
#header("Location: login.php");
} }
function login() function login()
{ {
if (isset($_POST["username"])) $username = $_POST["username"]; if (isset($_POST["username"])) $username = $_POST["username"];
if (isset($_POST["password"])) $password = $_POST["password"]; if (isset($_POST["password"])) $password = $_POST["password"];
$username = cleanData($username); $username = filter_input(INPUT_POST, $username, FILTER_SANITIZE_SPECIAL_CHARS | FILTER_SANITIZE_STRIPPED);
$user = new User($username, $password); $user = new User($username, $password);
@ -26,6 +25,7 @@ function login()
if (session_status() == PHP_SESSION_NONE) { if (session_status() == PHP_SESSION_NONE) {
session_start(); session_start();
} }
session_regenerate_id(true);
$_SESSION['logged_in'] = true; $_SESSION['logged_in'] = true;
} }
function signup() { function signup() {
@ -40,7 +40,7 @@ function signup() {
exit(); exit();
} }
$username = cleanData($username); $username = filter_input(INPUT_POST, $username, FILTER_SANITIZE_SPECIAL_CHARS | FILTER_SANITIZE_STRIPPED);
$password = password_hash($password, PASSWORD_DEFAULT); $password = password_hash($password, PASSWORD_DEFAULT);
$user = new User($username, $password); $user = new User($username, $password);
@ -55,30 +55,33 @@ function logout()
} }
$_POST = array(); $_POST = array();
$_SESSION = array(); // Tömmer sessionsarrayen $_SESSION = array(); // Tömmer sessionsarrayen
session_destroy(); session_regenerate_id(true);
#header("Location: login.php");
} }
function cleanData($data)
{
$data = strip_tags($data);
$data = htmlspecialchars($data);
$data = trim($data);
$data = stripslashes($data);
return $data;
}
?> ?>
<!doctype html> <!doctype html>
<html lang="sv"> <html lang="sv">
<head> <head>
<meta charset="UTF-8"> <meta charset="UTF-8">
<title>M4 | 01</title> <title>M4 | 02</title>
<link href="css/styleSheet.css" rel="stylesheet" type="text/css"> <link href="css/styleSheet.css" rel="stylesheet" type="text/css">
</head> </head>
<body> <body>
<main> <main>
<form action="" method="post">
<fieldset>
<legend>Form</legend>
<input type="hidden" name="message">
<label>Your name: </label>
<input type="text" name="name"> <br> <br>
<label>Your message: </label>
<input type="text" name="text"> <br> <br>
<input type="submit" value="Submit">
</fieldset>
</form>
<?php <?php
if(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == true) { if(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == true) {
echo "<h1>Logged in!</h1>"; echo "<h1>Logged in!</h1>";
@ -86,6 +89,16 @@ function cleanData($data)
else { else {
echo "<h1>Not logged in!</h1>"; echo "<h1>Not logged in!</h1>";
} }
if(isset($_POST['message'])) {
$safeName = filter_input(INPUT_POST, 'name',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$safeMassage = filter_input(INPUT_POST, 'text',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
echo "<h3>Name - " . $safeName . "</h3>";
echo "<p>Massage - " . $safeMassage . "</p>";
}
else {
echo "<h3>No message!</h3>";
}
?> ?>
<a href="login.php">Login</a> <a href="login.php">Login</a>
</main> </main>

View File

@ -13,7 +13,7 @@
function addUser($user) function addUser($user)
{ {
$file = "../../../M4-02-users.dat"; $file = "../../../userData/M4-02-users.dat";
if(file_exists($file)) { if(file_exists($file)) {
$users = unserialize(file_get_contents($file)); $users = unserialize(file_get_contents($file));
@ -30,7 +30,7 @@
function isPresent($userToFind) function isPresent($userToFind)
{ {
$file = "../../../M4-02-users.dat"; $file = "../../../userData/M4-02-users.dat";
if (file_exists($file)) { if (file_exists($file)) {
$userArray = unserialize(file_get_contents($file)); $userArray = unserialize(file_get_contents($file));
} }

28
www/public/M4/03/User.php Normal file
View File

@ -0,0 +1,28 @@
<?php
class User
{
private $username;
private $password;
public function __construct($username, $password)
{
$this->username = $username;
$this->password = $password;
}
public function getUsername() {
return $this->username;
}
public function getPassword() {
return $this->password;
}
public function setUsername($username) {
$this->username = $username;
}
public function setPassword($password) {
$this->password = $password;
}
}

131
www/public/M4/03/index.php Normal file
View File

@ -0,0 +1,131 @@
<?php
include("userManipulation.php");
if (isset($_POST['login'])) login();
else if (isset($_POST['signup'])) signup();
else if (isset($_POST['logout'])) logout();
else {
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
}
function login()
{
if (isset($_POST["username"])) $username = $_POST["username"];
if (isset($_POST["password"])) $password = $_POST["password"];
$username = cleanData($username);
$user = new User($username, $password);
if (!isPresent($user)) {
header("Location: login.php");
exit();
}
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
session_regenerate_id(true);
$_SESSION['logged_in'] = true;
$_SESSION['CSRFToken'] = bin2hex(random_bytes(32));
}
function signup() {
if (isset($_POST["username"]) && $_POST["username"] != "") $username = $_POST["username"];
else {
header("Location: login.php");
exit();
}
if (isset($_POST["password"]) && $_POST["password"] != "") $password = $_POST["password"];
else {
header("Location: login.php");
exit();
}
$username = cleanData($username);
$password = password_hash($password, PASSWORD_DEFAULT);
$user = new User($username, $password);
addUser($user);
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
session_regenerate_id();
$_SESSION['logged_in'] = true;
$_SESSION['CSRFToken'] = bin2hex(random_bytes(32));
}
function logout()
{
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$_POST = array();
$_SESSION = array(); // Tömmer sessionsarrayen
session_regenerate_id(true);
$_SESSION['CSRFToken'] = bin2hex(random_bytes(32));
}
function cleanData($data)
{
$data = strip_tags($data);
$data = htmlspecialchars($data);
$data = trim($data);
$data = stripslashes($data);
return $data;
}
?>
<!doctype html>
<html lang="sv">
<head>
<meta charset="UTF-8">
<title>M4 | 03</title>
<link href="css/styleSheet.css" rel="stylesheet" type="text/css">
</head>
<body>
<main>
<form action="" method="post">
<fieldset>
<legend>Form</legend>
<input type="hidden" name="message">
<input type = "hidden" name = "CSRFToken" value = <?php echo $_SESSION['CSRFToken']; ?>>
<label>Your name: </label>
<input type="text" name="name"> <br> <br>
<label>Your message: </label>
<input type="text" name="text"> <br> <br>
<input type="submit" value="Submit">
</fieldset>
</form>
<?php
if(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == true) {
echo "<h1>Logged in!</h1>";
}
else {
echo "<h1>Not logged in!</h1>";
}
if(isset($_POST['message'])) {
if($_SESSION['CSRFToken'] === $_POST['CSRFToken']){
echo "ok csrft";
}else{
echo "Inte ok csrft";
}
$safeName = filter_input(INPUT_POST, 'name',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$safeMassage = filter_input(INPUT_POST, 'text',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
echo "<h3>Name - " . $safeName . "</h3>";
echo "<p>Massage - " . $safeMassage . "</p>";
}
else {
echo "<h3>No message!</h3>";
}
?>
<a href="login.php">Login</a>
</main>
</body>
</html>

View File

@ -0,0 +1,44 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
</head>
<body>
<form action="index.php" method="post">
<fieldset>
<legend>Login</legend>
<input type="hidden" name="login">
<label>Your username: </label>
<input type="text" name="username"> <br> <br>
<label>Your password: </label>
<input type="password" name="password"> <br> <br>
<input type="submit" value="Submit">
</fieldset>
</form>
<form action="index.php" method="post">
<fieldset>
<legend>Signup</legend>
<input type="hidden" name="signup">
<label>Your username: </label>
<input type="text" name="username"> <br> <br>
<label>Your password: </label>
<input type="password" name="password"> <br> <br>
<input type="submit" value="Submit">
</fieldset>
</form>
<br>
<br>
<form action="index.php" method="post">
<fieldset>
<legend>Logout</legend>
<input type="hidden" name="logout">
<input type="submit" value="Logout">
</fieldset>
</form>
</body>
</html>

View File

@ -0,0 +1,47 @@
<!DOCTYPE html>
<html lang="se">
<head>
<meta charset="UTF-8">
<title>Person write</title>
</head>
<body>
<?php
include("User.php");
function addUser($user)
{
$file = "../../../userData/M4-03-users.dat";
if(file_exists($file)) {
$users = unserialize(file_get_contents($file));
$users[] = $user;
file_put_contents($file, serialize($users));
}
else {
$users = array();
$users[] = $user;
file_put_contents($file, serialize($users));
}
}
function isPresent($userToFind)
{
$file = "../../../userData/M4-03-users.dat";
if (file_exists($file)) {
$userArray = unserialize(file_get_contents($file));
}
else return false;
foreach($userArray as $user) {
if($userToFind->getUsername() == $user->getUsername() && password_verify($userToFind->getPassword(), $user->getPassword())) return true;
}
return false;
}
?>
</body>
</html>

128
www/public/M4/04/index.php Normal file
View File

@ -0,0 +1,128 @@
<?php
include("../../../userData/M4-04-users.php");
if (isset($_POST['login'])) login();
else if (isset($_POST['signup'])) signup();
else if (isset($_POST['logout'])) logout();
else {
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
}
function login()
{
if (isset($_POST["username"])) $username = $_POST["username"];
if (isset($_POST["password"])) $password = $_POST["password"];
$username = cleanData($username);
$users = getUsers();
if (isset($users[$username]) && password_verify($password, $users[$username])) {
echo $username;
}
else {
header("Location: login.php");
exit();
}
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
session_regenerate_id(true);
$_SESSION['logged_in'] = true;
$_SESSION['CSRFToken'] = bin2hex(random_bytes(32));
}
function signup() {
if (isset($_POST["username"]) && $_POST["username"] != "") $username = $_POST["username"];
else {
header("Location: login.php");
exit();
}
if (isset($_POST["password"]) && $_POST["password"] != "") $password = $_POST["password"];
else {
header("Location: login.php");
exit();
}
$username = cleanData($username);
$password = password_hash($password, PASSWORD_DEFAULT);
echo "<p>Username: " . $username ."\n</p>";
echo "<p>Password: " . $password . "</p> <br><br>";
$_SESSION['logged_in'] = true;
$_SESSION['CSRFToken'] = bin2hex(random_bytes(32));
}
function logout()
{
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$_POST = array();
$_SESSION = array(); // Tömmer sessionsarrayen
session_regenerate_id(true);
$_SESSION['CSRFToken'] = bin2hex(random_bytes(32));
}
function cleanData($data)
{
$data = strip_tags($data);
$data = htmlspecialchars($data);
$data = trim($data);
$data = stripslashes($data);
return $data;
}
?>
<!doctype html>
<html lang="sv">
<head>
<meta charset="UTF-8">
<title>M4 | 04</title>
<link href="css/styleSheet.css" rel="stylesheet" type="text/css">
</head>
<body>
<main>
<form action="" method="post">
<fieldset>
<legend>Form</legend>
<input type="hidden" name="message">
<input type = "hidden" name = "CSRFToken" value = <?php echo $_SESSION['CSRFToken']?>>
<label>Your name: </label>
<input type="text" name="name"> <br> <br>
<label>Your message: </label>
<input type="text" name="text"> <br> <br>
<input type="submit" value="Submit">
</fieldset>
</form>
<?php
if(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == true) {
echo "<h1>Logged in!</h1>";
}
else {
echo "<h1>Not logged in!</h1>";
}
if(isset($_POST['message'])) {
if($_SESSION['CSRFToken'] === $_POST['CSRFToken']){
echo "ok csrft";
}else{
echo "Inte ok csrft";
}
$safeName = filter_input(INPUT_POST, 'name',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$safeMassage = filter_input(INPUT_POST, 'text',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
echo "<h3>Name - " . $safeName . "</h3>";
echo "<p>Massage - " . $safeMassage . "</p>";
}
else {
echo "<h3>No message!</h3>";
}
?>
<a href="login.php">Login</a>
</main>
</body>
</html>

View File

@ -0,0 +1,44 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
</head>
<body>
<form action="index.php" method="post">
<fieldset>
<legend>Login</legend>
<input type="hidden" name="login">
<label>Your username: </label>
<input type="text" name="username"> <br> <br>
<label>Your password: </label>
<input type="password" name="password"> <br> <br>
<input type="submit" value="Submit">
</fieldset>
</form>
<form action="index.php" method="post">
<fieldset>
<legend>Signup</legend>
<input type="hidden" name="signup">
<label>Your username: </label>
<input type="text" name="username"> <br> <br>
<label>Your password: </label>
<input type="password" name="password"> <br> <br>
<input type="submit" value="Submit">
</fieldset>
</form>
<br>
<br>
<form action="index.php" method="post">
<fieldset>
<legend>Logout</legend>
<input type="hidden" name="logout">
<input type="submit" value="Logout">
</fieldset>
</form>
</body>
</html>

View File

@ -0,0 +1 @@
<hr><p>Från: 555</p><p>afsdgfh</p><hr><p>Från: 111</p><p>iopdfgjosdhckotre</p><hr><p>Från: 111</p><p>awfgerkoösed</p><hr><p>Från: 222</p><p>4353w6eur7ti</p>

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -0,0 +1,9 @@
<?php
function getUsers() {
$users = array();
$users['admin'] = '$2y$10$fCFmmSX/lumDbNJw7YUMdOAfASpMAEEeQg6eT5r5govkZdV31/wLm';
$users['hank'] = '$2y$10$6qpK9B7tHzGqwLJmHx.XpeefSpMIbamxgpOWsx6CqtrBCxVKqsEn6';
$user['admin1'] = '$2y$10$YcT3gCMi2H9KZcFQHw0kfOzG.FdWeQqkcjr9mPsWAKxVNTZRWJZWy';
return $users;
}
?>