Gitiles
Code Review Sign In
gerrit.avm99963.com / edu / fisi-pastanagapp / a0fc827fb3d709f53ce15e866dd43907b4b0d2e5 / . / main.php
blob: 955e6e9b68f7fb6a797adf4e256f240494efc218 [file] [log] [blame]
Andreu78e5bb02019-09-22 13:38:04 +0200[diff] [blame]1<?php
2 require './credentials.php';
3 require './php/utils.php';
4
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame^]5 $user = (int)$_POST['user'];
6 $password = $_POST['password'] == '' ? '' : md5($_POST['password']);
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]7
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame^]8 // Check if password is correct
9 $query_password = "SELECT password FROM users WHERE id=".$user;
10 $real_password = query($query_password)->fetch_row()[0];
11 if ($real_password != $password) die("<script>window.location.href = './index.php?wrongpassword=1'</script>");
12
13 if (!isset($_POST['user'])) {
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]14 die("<script>window.location.href = './index.php'</script>");
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame^]15 } else if (isset($_POST['password'])) {
16 $query_password = "SELECT password FROM users WHERE id=$user";
17 if (query($query_password)->fetch_row()[0] != $password) {
Andreu78e5bb02019-09-22 13:38:04 +0200[diff] [blame]18 // Unset variables
19 setcookie('user', '', -1, "/");
20 setcookie('password', '', -1, "/");
21
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]22 die("<script>window.location.href = './index.php?passwordchanged=1'</script>");
Andreu78e5bb02019-09-22 13:38:04 +0200[diff] [blame]23 }
Andreu09b8b052019-09-21 21:47:20 +0200[diff] [blame]24 }
25?>
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]26<html>
27 <head>
28 <meta charset="UTF-8">
29 <title>Pàgina de l'usuari</title>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]30
31 <meta name="viewport" content="width=device-width, initial-scale=1">
32
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]33 <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
34
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]35 <link rel="stylesheet" href="./css/basic.css" />
36 <link rel="stylesheet" href="./css/main.css" />
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]37
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]38 <script src="https://code.jquery.com/jquery-3.4.1.min.js"></script>
Andreued8e1f92019-09-18 22:26:04 +0200[diff] [blame]39 <script src="https://rawgit.com/notifyjs/notifyjs/master/dist/notify.js"></script>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]40
Andreu10cb3042019-09-18 19:55:36 +0200[diff] [blame]41 <script src="./js/utils.js"></script>
Andreuefe66eb2019-09-21 18:41:49 +0200[diff] [blame]42 <script src="./js/animations.js"></script>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]43
44 <?php
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame^]45 $user = get_users($user);
Andreu09b8b052019-09-21 21:47:20 +0200[diff] [blame]46 $victim = get_users($user->quimata);
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]47 if ($user->mort) die("<script>window.location.href = './dead.php'</script>");
Andreudca79f42019-09-18 23:53:19 +0200[diff] [blame]48 ?>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]49
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]50 <script>
Andreued491672019-09-20 13:09:18 +0200[diff] [blame]51 let user = {
Andreu99501052019-09-22 20:09:08 +0200[diff] [blame]52 'id': <?=(int)$user->id?>,
53 'quimata': <?=(int)$user->quimata?>,
54 'requested': <?=(int)$user->requested?>,
55 'mort': <?=(int)$user->mort?>,
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]56
Andreuabbcb7e2019-09-21 18:22:14 +0200[diff] [blame]57 'nom': "<?=$user->nomcomplet?>",
Andreu99501052019-09-22 20:09:08 +0200[diff] [blame]58 'curs': <?=(int)$user->curs?>,
59 'grau': <?=(int)$user->grau?>
Andreued491672019-09-20 13:09:18 +0200[diff] [blame]60 };
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]61 </script>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]62
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]63 </head>
64 <body>
65 <div id="outter-container">
66 <div id="inner-container">
67 <h2>Hola <name id="user_name"><?=$user->nom()?></name>,</h2>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]68
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]69 <div class="formulari_contrasenya">
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame^]70 <p>Sembla que no tens clau d'accés, la gent podrà entrar al teu compte...</p>
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]71 <form action="./php/change_password.php" method="POST">
Andreua0fc8272019-09-23 00:35:25 +0200[diff] [blame^]72 <input type="hidden" value="<?=(int)$_POST['user']?>" name="userid">
Andreu543e70c2019-09-22 14:08:49 +0200[diff] [blame]73 <input type="password" placeholder="Nova clau d'accés..." name="password" /><br />
74 <input type="password" placeholder="Repeteix la clau d'accés" name="confirmation"/><br />
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]75 <input type="submit" value="Posar clau d'accés">
Andreu20cbd1d2019-09-22 00:00:57 +0200[diff] [blame]76 </form>
77 </div>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]78
79 <p>La teva víctima és:</p>
80
Andreu04f79ef2019-09-22 18:52:19 +0200[diff] [blame]81 <div class="victima">
82 <table>
83 <tr>
84 <td><img id="victim_img" src="https://picsum.photos/id/<?=$victim->id?>/200/200" /></td>
85 <td>
86 <div id="victim_name"><?=$victim->nomcomplet?></div>
87 <div id="victim_curs_i_grau">
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]88 <span id="victim_curs"><?=$victim->nomcurs()?></span>
Andreu04f79ef2019-09-22 18:52:19 +0200[diff] [blame]89 -
Andreu4b2fbd92019-09-22 22:30:25 +0200[diff] [blame]90 <span id="victim_grau"><?=$victim->nomgrau()?></span>
Andreu04f79ef2019-09-22 18:52:19 +0200[diff] [blame]91 </div>
92 <div id="butons" class="options">
93 <button id="win" onclick="js: send_request(user, 'REQ KILL');">L'he matat</button>
94 </div>
95 </td>
96 </tr>
97 </table>
98 </div>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]99
100 <div style="clear: both;"></div>
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]101 </div>
102 </div>
avm99963db383ed2019-09-22 02:14:42 +0200[diff] [blame]103
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]104 <script>
Andreudca79f42019-09-18 23:53:19 +0200[diff] [blame]105 $(document).ready(function() {
Andreuabbcb7e2019-09-21 18:22:14 +0200[diff] [blame]106 // Set interval of checking
Andreuefe66eb2019-09-21 18:41:49 +0200[diff] [blame]107 let checking = setInterval(function() { update_info(user); }, 1500);
Andreu96f1bcd2019-09-22 00:33:09 +0200[diff] [blame]108 // Set to hidden or not the password prompt
Andreu543e70c2019-09-22 14:08:49 +0200[diff] [blame]109 if (<?=$user->md5password=="" ? 1 : 0?>) {
110 $.notify("No tens clau d'accés", "info");
111 $(".formulari_contrasenya").show();
112 }
113
114 // Notify of messages
115 if (getUrlParameter("wrongconfirmation")) read_message("Les contrasenyes no coincideixen", "error");
116 if (getUrlParameter("errordb")) read_message("Hi ha hagut un problema a la base de dades, torna-ho a intentar", "error");
117 if (getUrlParameter("successpassword")) read_message("La teva clau d'accés s'ha guardat", "success");
Andreudca79f42019-09-18 23:53:19 +0200[diff] [blame]118 });
Andreu66ad5cf2019-09-18 17:15:44 +0200[diff] [blame]119 </script>
120 </body>
121</html>