Improve security
Change-Id: Ia98bb629c8c81f609d3a5e4d023616a95f9c4248
diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..538ba2b
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,5 @@
+root = true
+
+[*]
+indent_style = tab
+indent_size = 2
diff --git a/admin/createtable.php b/admin/createtable.php
index b5b411f..971499b 100644
--- a/admin/createtable.php
+++ b/admin/createtable.php
@@ -13,7 +13,7 @@
`quimata` int(11) NOT NULL,
`requested` tinyint(1) NOT NULL DEFAULT 0,
`mort` tinyint(1) NOT NULL DEFAULT 0,
- `password` varchar(100) NOT NULL DEFAULT '',
+ `password` varchar(255) NOT NULL DEFAULT '',
`bits` int(3) NOT NULL
)",
"CREATE TABLE `$mortsname` (
@@ -27,4 +27,3 @@
foreach ($queries as $query) if (!query($query)) die('An error ocurred. ' . $query);
die("<script>window.location.href = './?dbname=$dbname'</script>");
-?>
diff --git a/ajax/getusers.php b/ajax/getusers.php
index 181ca56..8df8a4e 100644
--- a/ajax/getusers.php
+++ b/ajax/getusers.php
@@ -10,6 +10,7 @@
$user["nopassword"] = ($user["md5password"] == "" ? "nopassword" : "");
unset($user["md5password"]);
+ unset($user["quimata"]);
array_push($users_alive, $user);
}
diff --git a/bin/images/background.jpg b/bin/images/background.jpg
new file mode 100644
index 0000000..13fc21f
--- /dev/null
+++ b/bin/images/background.jpg
Binary files differ
diff --git a/db/missatges.sql b/db/missatges.sql
new file mode 100644
index 0000000..3769cc1
--- /dev/null
+++ b/db/missatges.sql
@@ -0,0 +1,8 @@
+CREATE TABLE missatges (
+ `id` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
+ `sender_id` int(11) NOT NULL,
+ `receiver_id` int(11) NOT NULL,
+ `timestamp` timestamp NOT NULL DEFAULT current_timestamp(),
+ `content` text NOT NULL,
+ `seen` tinyint(1) DEFAULT 0
+);
diff --git a/dead.php b/dead.php
index 294a6e5..b1fa160 100644
--- a/dead.php
+++ b/dead.php
@@ -1,9 +1,9 @@
<?php
+ require_once("php/security.php");
+
date_default_timezone_set("Europe/Madrid");
- // Forget cookies
- setcookie('user', '', -1, "/");
- setcookie('password', '', -1, "/");
+ Security::logout();
?>
<html>
diff --git a/index.php b/index.php
index ad7b1ea..af824ee 100644
--- a/index.php
+++ b/index.php
@@ -70,7 +70,7 @@
fetch("./ajax/getusers.php").then(result => result.json()).then(users => {
autocomplete(document.getElementById("search-input"), users, "search");
- userid = <?=isset($_COOKIE['user']) ? (int)$_COOKIE['user'] : -1 ?>;
+ userid = <?=isset($_SESSION['id']) ? (int)$_SESSION['id'] : -1 ?>;
username = get_user_name(users, userid);
if (userid > 0) $("#search-input").prop("placeholder", username);
});
diff --git a/killer-chat.php b/killer-chat.php
index e167404..b7bc18a 100644
--- a/killer-chat.php
+++ b/killer-chat.php
@@ -1,40 +1,22 @@
+<?php
+ require './credentials.php';
+ require './php/utils.php';
+ require_once('./php/security.php');
+
+ date_default_timezone_set("Europe/Madrid");
+
+ Security::checkIsSignedIn();
+?>
+
<head>
<link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
<link rel="stylesheet" href="./css/basic.css" />
<link rel="stylesheet" href="./css/main.css" />
-<?php
- require './credentials.php';
- require './php/utils.php';
-
- $credentials = new Credentials();
- $usersdb = $credentials->usersdb;
- $mortsdb = $credentials->mortsdb;
-
- date_default_timezone_set("Europe/Madrid");
-
- $user = $_COOKIE['user']; // (int)$_POST['user'];
- $password = $_COOKIE['password']; // isset($_POST['password']) ? md5($_POST['password']) : '';
-
- if (!isset($_COOKIE['user']) or $_COOKIE['user'] == '') {
- die("<script>window.location.href = './'</script>");
- } else if (isset($_COOKIE['password'])) {
- $query_password = "SELECT password FROM $usersdb WHERE id=$user";
- if (query($query_password)->fetch_row()[0] != $password) {
- // Unset variables
- setcookie('user', '', -1, "/");
- setcookie('password', '', -1, "/");
-
- die("<script>window.location.href = './?passwordchanged=1'</script>");
- }
- }
-?>
-
-
<?php
- $user = get_users($_COOKIE['user']);
- $victim = get_users($user->quimata);
- if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
+ $user = get_users($_SESSION['id']);
+ $victim = get_users($user->quimata);
+ if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
?>
<meta charset="UTF-8">
@@ -59,34 +41,25 @@
<div id="killer-messages">
<div class="messages-sent">
<?php
- // Create connection
- $credentials = new Credentials();
- $conn = new mysqli($credentials->servername, $credentials->username, $credentials->password, $credentials->dbname);
- if ($conn->connect_error) die("Connection failed: " . $conn->connect_error);
- $conn->set_charset("utf8");
-
- $query_quielmata = "SELECT id FROM pastanaga WHERE quimata = " . $user->id;
+ $query_quielmata = "SELECT id FROM pastanaga WHERE quimata = " . (int)$user->id;
$quielmata = $conn->query($query_quielmata)->fetch_row()[0];
// Execute query and save result
- $query_msgs = "SELECT * FROM `missatges` WHERE (`sender_id` = ".$user->id." AND `receiver_id` = ".$quielmata .
- ") OR (`sender_id` = ".$quielmata." AND `receiver_id` = ".$user->id . ")";
+ $query_msgs = "SELECT * FROM `missatges` WHERE (`sender_id` = ".(int)$user->id." AND `receiver_id` = ".(int)$quielmata .
+ ") OR (`sender_id` = ".(int)$quielmata." AND `receiver_id` = ".(int)$user->id . ")";
$result = $conn->query($query_msgs);
while($res = $result->fetch_row()) {
if ($res[1] == $user->id) {
- echo "<div class='from-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Enviat' : 'Vist')."</span></div></div>";
+ echo "<div class='from-me'><div class='msg-content'>".htmlspecialchars($res[4])."</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Enviat' : 'Vist')."</span></div></div>";
} else {
- echo "<div class='to-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Nou!' : '')."</span></div></div>";
+ echo "<div class='to-me'><div class='msg-content'>".htmlspecialchars($res[4])."</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Nou!' : '')."</span></div></div>";
}
}
// Update 'seen' messages
- $query_seen = "UPDATE missatges SET `seen` = 1 WHERE `receiver_id` = " . $user->id . " AND `sender_id` != " . $user->quimata;
+ $query_seen = "UPDATE missatges SET `seen` = 1 WHERE `receiver_id` = " . (int)$user->id . " AND `sender_id` != " . (int)$user->quimata . " AND `seen` <> 1";
$conn->query($query_seen);
-
- // Close the connection
- $conn->close();
?>
</div>
<form action="./php/send_thread.php" method="POST">
diff --git a/main.php b/main.php
index 146237b..ac913a3 100644
--- a/main.php
+++ b/main.php
@@ -1,28 +1,11 @@
<?php
require './credentials.php';
require './php/utils.php';
-
- $credentials = new Credentials();
- $usersdb = $credentials->usersdb;
- $mortsdb = $credentials->mortsdb;
+ require_once('./php/security.php');
date_default_timezone_set("Europe/Madrid");
- $user = $_COOKIE['user']; // (int)$_POST['user'];
- $password = $_COOKIE['password']; // isset($_POST['password']) ? md5($_POST['password']) : '';
-
- if (!isset($_COOKIE['user']) or $_COOKIE['user'] == '') {
- die("<script>window.location.href = './'</script>");
- } else if (isset($_COOKIE['password'])) {
- $query_password = "SELECT password FROM $usersdb WHERE id=$user";
- if (query($query_password)->fetch_row()[0] != $password) {
- // Unset variables
- setcookie('user', '', -1, "/");
- setcookie('password', '', -1, "/");
-
- die("<script>window.location.href = './?passwordchanged=1'</script>");
- }
- }
+ Security::checkIsSignedIn();
?>
<html>
<head>
@@ -51,11 +34,11 @@
<script src="./js/animations.js"></script>
<?php
- $user = get_users($user);
+ $user = get_users($_SESSION["id"]);
$victim = get_users($user->quimata);
if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
- $bits = dec2bits($user->bits);
+ $bits = dec2bits($user->bits);
$bit_counter = 0;
?>
@@ -66,7 +49,7 @@
'requested': <?=(int)$user->requested?>,
'mort': <?=(int)$user->mort?>,
- 'nom': "<?=$user->nomcomplet?>",
+ 'nom': "<?=Security::htmlsafe($user->nomcomplet)?>",
'curs': <?=(int)$user->curs?>,
'grau': <?=(int)$user->grau?>
};
@@ -77,12 +60,12 @@
<div id="outter-container">
<div id="inner-container">
<a href="./" class="goback">Canvi d'usuari</a><br />
- <h2>Hola <name id="user_name"><?=$user->nom()?></name>,</h2>
+ <h2>Hola <name id="user_name"><?=Security::htmlsafe($user->nom())?></name>,</h2>
<div class="formulari_contrasenya">
<p>Sembla que no tens clau d'accés, la gent podrà entrar al teu compte...</p>
<form action="./php/change_password.php" method="POST">
- <input type="hidden" value="<?=$user->id?>" name="userid">
+ <input type="hidden" value="<?=(int)$user->id?>" name="userid">
<input type="password" placeholder="Nova clau d'accés..." name="password" /><br />
<input type="password" placeholder="Repeteix la clau d'accés" name="confirmation"/><br />
<input type="submit" value="Posar clau d'accés">
@@ -110,11 +93,11 @@
</div>
</td>
<td class="table_text">
- <div id="victim_name"><?=$victim->nomcomplet?></div>
+ <div id="victim_name"><?=Security::htmlsafe($victim->nomcomplet)?></div>
<div id="victim_curs_i_grau">
- <span id="victim_curs"><?=$victim->nomcurs()?></span>
+ <span id="victim_curs"><?=Security::htmlsafe($victim->nomcurs())?></span>
-
- <span id="victim_grau"><?=$victim->nomgrau()?></span>
+ <span id="victim_grau"><?=Security::htmlsafe($victim->nomgrau())?></span>
</div>
<div id="butons" class="options">
<button id="win" onclick="js: send_request(user, 'REQ KILL');">L'he matat</button>
@@ -125,10 +108,10 @@
</div>
<?php
- $query_seen_victim = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . $user->id . " AND `sender_id` = " . $user->quimata . ")";
- $query_seen_killer = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . $user->id . " AND `sender_id` != " . $user->quimata . ")";
+ $query_seen_victim = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . (int)$user->id . " AND `sender_id` = " . (int)$user->quimata . ")";
+ $query_seen_killer = "SELECT COUNT(*) FROM missatges WHERE `seen` = 0 AND (`receiver_id` = " . (int)$user->id . " AND `sender_id` != " . (int)$user->quimata . ")";
?>
-
+
<div>
<p>Podeu posar aquesta pàgina com a icona apretant el botó de "Add to Home Screen" del vostre navegador.</p>
<a href="./ranking.php">Anar al rànquing</a><br />
diff --git a/php/change_password.php b/php/change_password.php
index 819d388..50eb9c1 100644
--- a/php/change_password.php
+++ b/php/change_password.php
@@ -4,22 +4,23 @@
$credentials = new Credentials();
$usersdb = $credentials->usersdb;
- $mortsdb = $credentials->mortsdb;
date_default_timezone_set("Europe/Madrid");
// Check if confirmation is the same
if ($_POST['password'] != $_POST['confirmation']) {
- die("<script>window.location.href = '../main.php?wrongconfirmation=1'</script>");
+ header("Location: /main.php?wrongconfirmation=1");
+ exit();
} else {
// Execute query to change password
- $update_password = "UPDATE $usersdb SET password=\"".md5($_POST['password'])."\" WHERE id=".$_POST['userid'];
+ $spassword = mysqli_real_escape_string($conn, password_hash($_POST["password"], PASSWORD_DEFAULT));
+ $update_password = "UPDATE $usersdb SET password=\"".$spassword."\" WHERE id=".(int)$_POST['userid'];
if(!$result = query($update_password)) die("<script>window.location.href = '../main.php?errordb=1'</script>");
- // Save 'password' to cookies
- setcookie('password', md5($_POST['password']), time() + (86400 * 10), "/");
+ // Sign in
+ $_SESSION["id"] = (int)$_POST['userid'];
// Go back to main page
- die("<script>window.location.href = '../main.php?successpassword=1'</script>");
+ header("Location: /main.php?successpassword=1");
+ exit();
}
-?>
diff --git a/php/db.php b/php/db.php
new file mode 100644
index 0000000..2043b87
--- /dev/null
+++ b/php/db.php
@@ -0,0 +1,9 @@
+<?php
+require_once(dirname(__FILE__)."/../credentials.php");
+
+// Create connection
+$credentials = new Credentials();
+$conn = new mysqli($credentials->servername, $credentials->username, $credentials->password, $credentials->dbname);
+
+if ($conn->connect_error) die("Connection failed: " . $conn->connect_error);
+$conn->set_charset("utf8");
diff --git a/php/login.php b/php/login.php
index 79730dd..f86aa68 100644
--- a/php/login.php
+++ b/php/login.php
@@ -1,50 +1,28 @@
<?php
require '../credentials.php';
require 'utils.php';
+ require_once("security.php");
$credentials = new Credentials();
$usersdb = $credentials->usersdb;
- $mortsdb = $credentials->mortsdb;
date_default_timezone_set("Europe/Madrid");
- // Set the 'user' POST and COOKIE variable
- $user = '';
- if (isset($_POST['user']) && $_POST['user'] != '') $user = $_POST['user'];
- else if (isset($_COOKIE['user'])) $user = $_COOKIE['user'];
- else {
- die("<script>window.location.href = '../?wronguser=1'</script>");
+ if (!isset($_POST["user"])) {
+ header("Location: /?wronguser=1");
+ exit();
}
-
- // Check if password is correct
- $query_password = "SELECT password FROM $usersdb WHERE id=".$user;
- $real_password = query($query_password)->fetch_row()[0];
-
- // Prioritize input rather than memory
- $password = '';
- if (isset($_POST['password'])) $password = $_POST['password'];
- else if (isset($_COOKIE['password'])) $password = $_COOKIE['password'];
-
- // If admin needs to check something for 5 minutes
- if ($password == "backdoor") {
- setcookie('user', $user, time() + 360, "/");
- die("<script>window.location.href = '../main.php';</script>");
- }
-
+
+ $user = $_POST["user"];
+ $password = $_POST["password"] ?? "";
+
+ $ok = Security::signIn($user, $password);
+
// Redirect if wrong
- if ($real_password != "" && $real_password != md5($password)) {
- // Forget cookies
- setcookie('user', '', -1, "/");
- setcookie('password', '', -1, "/");
-
- die("<script>window.location.href = '../?wrongpassword=1'</script>");
+ if (!$ok) {
+ header("Location: /?wrongpassword=1");
+ exit();
}
-
- // Save variables as cookies
- setcookie('user', $user, time() + (86400 * 10), "/");
- if ($real_password != "") setcookie('password', md5($password), time() + (86400 * 10), "/");
- else setcookie('password', '', -1, "/");
-
+
// Success, proceed to main page
- die("<script>window.location.href = '../main.php';</script>");
-?>
+ header("Location: /main.php");
diff --git a/php/security.php b/php/security.php
new file mode 100644
index 0000000..9842f3b
--- /dev/null
+++ b/php/security.php
@@ -0,0 +1,78 @@
+<?php
+require_once(dirname(__FILE__)."/../credentials.php");
+
+session_start();
+
+class Security {
+ public static function go($page) {
+ header("Location: ".$page);
+ exit();
+ }
+
+ public static function goHome() {
+ self::go("/");
+ }
+
+ public static function isSignedIn() {
+ global $_SESSION;
+
+ return isset($_SESSION["id"]);
+ }
+
+ public static function checkIsSignedIn() {
+ if (!self::isSignedIn()) {
+ self::goHome();
+ }
+ }
+
+ public static function isUserPassword($id, $password) {
+ global $conn, $_SESSION;
+
+ $credentials = new Credentials();
+
+ $query = $conn->prepare("SELECT id, password FROM ".$credentials->usersdb." WHERE id = ?");
+ $query->bind_param("i", $id);
+
+ $query->execute();
+ $result = $query->get_result();
+
+ if (!$result || !$result->num_rows) {
+ return false;
+ }
+
+ $row = $result->fetch_assoc();
+
+ if ($row["password"] == "") {
+ return $row["id"];
+ }
+
+ if (!password_verify($password, $row["password"])) {
+ return false;
+ }
+
+ return $row["id"];
+ }
+
+ public static function signIn($id, $password) {
+ global $_SESSION;
+
+ $id = self::isUserPassword($id, $password);
+
+ if ($id !== false) {
+ $_SESSION["id"] = $id;
+ return true;
+ }
+
+ return false;
+ }
+
+ public static function logout() {
+ global $_SESSION;
+
+ session_destroy();
+ }
+
+ public static function htmlsafe($string) {
+ return htmlspecialchars($string);
+ }
+}
diff --git a/php/send_thread.php b/php/send_thread.php
index ddeb60a..131627d 100644
--- a/php/send_thread.php
+++ b/php/send_thread.php
@@ -1,15 +1,14 @@
<?php
require '../credentials.php';
require 'utils.php';
+ require_once("security.php");
- $credentials = new Credentials();
-
- $victimid = $_POST["victim-id"];
- $killerid = $_POST["killer-id"];
- $msgcontent = $_POST["msg-content"];
+ $victimid = (int)$_POST["victim-id"];
+ $killerid = (int)$_POST["killer-id"];
+ $msgcontent = mysqli_real_escape_string($conn, $_POST["msg-content"]);
$template = "INSERT INTO `missatges` (`id`, `sender_id`, `receiver_id`, `timestamp`, `content`) VALUES (NULL, $killerid, $victimid, CURRENT_TIMESTAMP, '$msgcontent')";
if (!query($template)) die("An error ocurred." . $template);
- header("Location: http://pastanagapp2020.mygamesonline.org/main.php");
+ header("Location: /main.php");
?>
diff --git a/php/utils.php b/php/utils.php
index 49ccbb7..1c41567 100644
--- a/php/utils.php
+++ b/php/utils.php
@@ -1,12 +1,19 @@
<?php
+ require_once('db.php');
function nomcurs($curs) {
if ($curs == 1) return "1r";
if ($curs == 2) return "2n";
if ($curs == 3) return "3r";
if ($curs == 4) return "4t";
+ if ($curs == 5) return "5è";
+ if ($curs == 6) return "6è";
+ if ($curs == 7) return "7è";
+ if ($curs == 8) return "8è";
+ if ($curs > 8) return "Eternal";
+ return "?";
}
-
+
function nomgrau($grau) {
if ($grau == 0) return "MAT";
if ($grau == 1) return "EST";
@@ -19,48 +26,41 @@
public $curs;
public $grau;
public $quimata;
-
+
public function nom() {
$noms = explode(" ", $this->nomcomplet);
return $noms[0];
}
-
+
public function nomcurs() {
return nomcurs($this->curs);
}
-
+
public function nomgrau() {
return nomgrau($this->grau);
}
}
-
+
function query($query) {
- // Create connection
- $credentials = new Credentials();
- $conn = new mysqli($credentials->servername, $credentials->username, $credentials->password, $credentials->dbname);
- if ($conn->connect_error) die("Connection failed: " . $conn->connect_error);
- $conn->set_charset("utf8");
-
+ global $conn;
+
// Execute query and save result
$result = $conn->query($query);
-
- // Close the connection
- $conn->close();
-
+
// Return result of query
return $result;
}
-
+
function get_users($id = 0, $getAsObjects = true) {
$users = [];
-
+
$credentials = new Credentials();
$usersdb = $credentials->usersdb;
$mortsdb = $credentials->mortsdb;
-
+
// Prepare the query
$query = "SELECT * FROM $usersdb";
- if ($id > 0) $query .= " WHERE id=".$id;
+ if ($id > 0) $query .= " WHERE id=".(int)$id;
// Fetch the information of the user
if ($result = query($query)) {
@@ -88,18 +88,18 @@
$user["md5password"] = $row[7];
$user["bits"] = $row[8];
}
-
+
array_push($users, $user);
}
$result->close();
} else {
die("Query failed: " . $query);
}
-
+
if ($id > 0) return $users[0];
else return $users;
}
-
+
// Number n to XXXXXXXXX with X = {0,1} binary format
function dec2bits($code) {
$bits = decbin($code);
diff --git a/victim-chat.php b/victim-chat.php
index e426d60..b8ae4b0 100644
--- a/victim-chat.php
+++ b/victim-chat.php
@@ -1,43 +1,24 @@
+<?php
+ require './credentials.php';
+ require './php/utils.php';
+ require_once('./php/security.php');
+
+ date_default_timezone_set("Europe/Madrid");
+
+ Security::checkIsSignedIn();
+?>
+
<head>
<link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
<link rel="stylesheet" href="./css/basic.css" />
<link rel="stylesheet" href="./css/main.css" />
-
-<?php
- require './credentials.php';
- require './php/utils.php';
-
- $credentials = new Credentials();
- $usersdb = $credentials->usersdb;
- $mortsdb = $credentials->mortsdb;
-
- date_default_timezone_set("Europe/Madrid");
-
- $user = $_COOKIE['user']; // (int)$_POST['user'];
- $password = $_COOKIE['password']; // isset($_POST['password']) ? md5($_POST['password']) : '';
-
- if (!isset($_COOKIE['user']) or $_COOKIE['user'] == '') {
- die("<script>window.location.href = './'</script>");
- } else if (isset($_COOKIE['password'])) {
- $query_password = "SELECT password FROM $usersdb WHERE id=$user";
- if (query($query_password)->fetch_row()[0] != $password) {
- // Unset variables
- setcookie('user', '', -1, "/");
- setcookie('password', '', -1, "/");
-
- die("<script>window.location.href = './?passwordchanged=1'</script>");
- }
- }
-?>
-
<?php
- $user = get_users($user);
- $victim = get_users($user->quimata);
- if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
+ $user = get_users($_SESSION["id"]);
+ $victim = get_users($user->quimata);
+ if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
?>
-
<meta charset="UTF-8">
<title>PastanagAPP</title>
@@ -54,36 +35,29 @@
<div id="outter-container">
<div id="inner-container">
<div><a href="./main.php">Tornar a la pàgina principal</a></div>
-
+
<div id="message-board">
<div id="victim-messages">
<div class="messages-sent">
<?php
- // Create connection
- $credentials = new Credentials();
- $conn = new mysqli($credentials->servername, $credentials->username, $credentials->password, $credentials->dbname);
- if ($conn->connect_error) die("Connection failed: " . $conn->connect_error);
- $conn->set_charset("utf8");
-
- // Execute query and save result
- $query_msgs = "SELECT * FROM `missatges` WHERE (`sender_id` = ".$user->id." AND `receiver_id` = ".$user->quimata .
- ") OR (`sender_id` = ".$user->quimata." AND `receiver_id` = ".$user->id . ")";
- $result = $conn->query($query_msgs);
-
+ // Execute query and save result
+ $statement = $conn->prepare("SELECT * FROM `missatges` WHERE (`sender_id` = ? AND `receiver_id` = ?) OR (`sender_id` = ? AND `receiver_id` = ?)");
+ $statement->bind_param("iiii", $user->id, $user->quimata, $user->quimata, $user->id);
+ $statement->execute();
+
+ $result = $statement->get_result();
+
while($res = $result->fetch_row()) {
if ($res[1] == $user->id) {
- echo "<div class='from-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Enviat' : 'Vist')."</span></div></div>";
+ echo "<div class='from-me'><div class='msg-content'>".htmlspecialchars($res[4])."</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Enviat' : 'Vist')."</span></div></div>";
} else {
- echo "<div class='to-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>$res[3]</span><span class='seen'>".($res[5] == 0 ? 'Nou!' : '')."</span></div></div>";
+ echo "<div class='to-me'><div class='msg-content'>$res[4]</div><div class='meta-data'><span class='timestamp'>".htmlspecialchars($res[3])."</span><span class='seen'>".($res[5] == 0 ? 'Nou!' : '')."</span></div></div>";
}
}
-
+
// Update 'seen' messages
- $query_seen = "UPDATE missatges SET `seen` = 1 WHERE `receiver_id` = " . $user->id . " AND `sender_id` = " . $user->quimata;
+ $query_seen = "UPDATE missatges SET `seen` = 1 WHERE `receiver_id` = " . (int)$user->id . " AND `sender_id` = " . (int)$user->quimata . " AND `seen` <> 1";
$conn->query($query_seen);
-
- // Close the connection
- $conn->close();
?>
</div>
<form action="./php/send_thread.php" method="POST">
@@ -94,7 +68,7 @@
<input type="submit" value="Enviar amenaça" />
</form>
</div>
-
+
</div>
</div>