Gitiles
Code Review Sign In
gerrit.avm99963.com / edu / fisi-pastanagapp / 0d0f9fd20ae6608f607da3cf29cc05bc82dc0e7d / . / main.php
blob: bb2ffbff20d22c4595174f159e7721f6b51b47eb [file] [log] [blame]
Andreu78e5bb02019-09-22 13:38:04 +0200[diff] [blame]1<?php
2 require './credentials.php';
3 require './php/utils.php';
Andreu0d0f9fd2019-09-23 03:56:08 +0200[diff] [blame^]4
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame]5 $user = (int)$_POST['user'];
Andreu0d0f9fd2019-09-23 03:56:08 +0200[diff] [blame^]6 $password = isset($_POST['password']) ? md5($_POST['password']) : '';
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]7
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame]8 // Check if password is correct
9 $query_password = "SELECT password FROM users WHERE id=".$user;
10 $real_password = query($query_password)->fetch_row()[0];
11 if ($real_password != $password) die("<script>window.location.href = './index.php?wrongpassword=1'</script>");
12
Andreu0d0f9fd2019-09-23 03:56:08 +0200[diff] [blame^]13 if (!isset($_POST['user']) or $_POST['user'] == '') {
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]14 die("<script>window.location.href = './index.php'</script>");
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame]15 } else if (isset($_POST['password'])) {
16 $query_password = "SELECT password FROM users WHERE id=$user";
17 if (query($query_password)->fetch_row()[0] != $password) {
Andreu78e5bb02019-09-22 13:38:04 +0200[diff] [blame]18 // Unset variables
19 setcookie('user', '', -1, "/");
20 setcookie('password', '', -1, "/");
21
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]22 die("<script>window.location.href = './index.php?passwordchanged=1'</script>");
Andreu78e5bb02019-09-22 13:38:04 +0200[diff] [blame]23 }
Andreu09b8b052019-09-21 21:47:20 +0200[diff] [blame]24 }
25?>
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]26<html>
27 <head>
28 <meta charset="UTF-8">
Andreu0d0f9fd2019-09-23 03:56:08 +0200[diff] [blame^]29 <title>PastanagAPP</title>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]30
31 <meta name="viewport" content="width=device-width, initial-scale=1">
Andreu0d0f9fd2019-09-23 03:56:08 +0200[diff] [blame^]32 <link rel="manifest" href="https://api.myjson.com/bins/u6r41">
33
34 <!-- Apple web app -->
35 <link rel="apple-touch-icon" href="./bin/images/icons/icon-72x72.png">
36 <meta name="apple-mobile-web-app-title" content="PastanagAPP">
37 <meta name="apple-mobile-web-app-capable" content="yes">
38 <meta name="apple-mobile-web-app-status-bar-style" content="green">
39
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]40
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]41 <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
42
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]43 <link rel="stylesheet" href="./css/basic.css" />
44 <link rel="stylesheet" href="./css/main.css" />
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]45
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]46 <script src="https://code.jquery.com/jquery-3.4.1.min.js"></script>
Andreued8e1f92019-09-18 22:26:04 +0200[diff] [blame]47 <script src="https://rawgit.com/notifyjs/notifyjs/master/dist/notify.js"></script>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]48
Andreu10cb3042019-09-18 19:55:36 +0200[diff] [blame]49 <script src="./js/utils.js"></script>
Andreuefe66eb2019-09-21 18:41:49 +0200[diff] [blame]50 <script src="./js/animations.js"></script>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]51
52 <?php
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame]53 $user = get_users($user);
Andreu09b8b052019-09-21 21:47:20 +0200[diff] [blame]54 $victim = get_users($user->quimata);
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]55 if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
Andreudca79f42019-09-18 23:53:19 +0200[diff] [blame]56 ?>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]57
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]58 <script>
Andreued491672019-09-20 13:09:18 +0200[diff] [blame]59 let user = {
Andreu99501052019-09-22 20:09:08 +0200[diff] [blame]60 'id': <?=(int)$user->id?>,
61 'quimata': <?=(int)$user->quimata?>,
62 'requested': <?=(int)$user->requested?>,
63 'mort': <?=(int)$user->mort?>,
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]64
Andreuabbcb7e2019-09-21 18:22:14 +0200[diff] [blame]65 'nom': "<?=$user->nomcomplet?>",
Andreu99501052019-09-22 20:09:08 +0200[diff] [blame]66 'curs': <?=(int)$user->curs?>,
67 'grau': <?=(int)$user->grau?>
Andreued491672019-09-20 13:09:18 +0200[diff] [blame]68 };
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]69 </script>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]70
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]71 </head>
72 <body>
73 <div id="outter-container">
74 <div id="inner-container">
Andreu0d0f9fd2019-09-23 03:56:08 +0200[diff] [blame^]75 <a href="./index.php" class="goback">Torna a la pàgina principal</a><br />
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]76 <h2>Hola <name id="user_name"><?=$user->nom()?></name>,</h2>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]77
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]78 <div class="formulari_contrasenya">
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame]79 <p>Sembla que no tens clau d'accés, la gent podrà entrar al teu compte...</p>
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]80 <form action="./php/change_password.php" method="POST">
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame]81 <input type="hidden" value="<?=(int)$_POST['user']?>" name="userid">
Andreu543e70c2019-09-22 14:08:49 +0200[diff] [blame]82 <input type="password" placeholder="Nova clau d'accés..." name="password" /><br />
83 <input type="password" placeholder="Repeteix la clau d'accés" name="confirmation"/><br />
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]84 <input type="submit" value="Posar clau d'accés">
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]85 </form>
86 </div>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]87
88 <p>La teva víctima és:</p>
89
Andreu04f79ef2019-09-22 18:52:19 +0200[diff] [blame]90 <div class="victima">
91 <table>
92 <tr>
Andreu0d0f9fd2019-09-23 03:56:08 +0200[diff] [blame^]93 <td class="table_img"><img id="victim_img" src="https://picsum.photos/id/<?=$victim->id?>/200/200" /></td>
94 <td class="table_text">
Andreu04f79ef2019-09-22 18:52:19 +0200[diff] [blame]95 <div id="victim_name"><?=$victim->nomcomplet?></div>
96 <div id="victim_curs_i_grau">
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]97 <span id="victim_curs"><?=$victim->nomcurs()?></span>
Andreu04f79ef2019-09-22 18:52:19 +0200[diff] [blame]98 -
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]99 <span id="victim_grau"><?=$victim->nomgrau()?></span>
Andreu04f79ef2019-09-22 18:52:19 +0200[diff] [blame]100 </div>
101 <div id="butons" class="options">
102 <button id="win" onclick="js: send_request(user, 'REQ KILL');">L'he matat</button>
103 </div>
104 </td>
105 </tr>
106 </table>
107 </div>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]108
109 <div style="clear: both;"></div>
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]110 </div>
111 </div>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]112
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]113 <script>
Andreudca79f42019-09-18 23:53:19 +0200[diff] [blame]114 $(document).ready(function() {
Andreuabbcb7e2019-09-21 18:22:14 +0200[diff] [blame]115 // Set interval of checking
Andreuefe66eb2019-09-21 18:41:49 +0200[diff] [blame]116 let checking = setInterval(function() { update_info(user); }, 1500);
Andreu96f1bcd2019-09-22 00:33:09 +0200[diff] [blame]117 // Set to hidden or not the password prompt
Andreu543e70c2019-09-22 14:08:49 +0200[diff] [blame]118 if (<?=$user->md5password=="" ? 1 : 0?>) {
119 $.notify("No tens clau d'accés", "info");
120 $(".formulari_contrasenya").show();
121 }
Andreudca79f42019-09-18 23:53:19 +0200[diff] [blame]122 });
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]123 </script>
124 </body>
125</html>