Close HTML using function, better error handling
This commit is contained in:
parent
12534ee183
commit
deb219d758
30 changed files with 118 additions and 119 deletions
|
@ -1,13 +0,0 @@
|
|||
</main>
|
||||
<footer>
|
||||
<small>
|
||||
<?php if (isset($_SESSION['username'])) {
|
||||
echo "Connecté·e en tant que " . $_SESSION['username'] . "<br><a class='authButton' href='" . CONF['common']['prefix'] . "/auth/logout'>Se déconnecter</a>";
|
||||
} else { ?>
|
||||
Vous n'êtes pas connecté·e à un compte Niver
|
||||
<br><a class="authButton" href="<?= CONF['common']['prefix'] ?>/auth/login?redir=<?php if (SERVICE !== "") echo SERVICE . "/"; ?><?= PAGE ?>">Se connecter</a>
|
||||
<?php } ?>
|
||||
</small>
|
||||
</footer>
|
||||
</body>
|
||||
</html>
|
|
@ -9,14 +9,14 @@ function antiCSRF() {
|
|||
|
||||
// Session initialisation (with cookies)
|
||||
if (
|
||||
isset($_COOKIE['niver']) // Resume session
|
||||
isset($_COOKIE['niver-session-key']) // Resume session
|
||||
OR
|
||||
(SERVICE === "auth" // Create new session
|
||||
AND (PAGE === "login" OR PAGE === "register")
|
||||
AND isset($_POST['username']))
|
||||
) {
|
||||
session_start([
|
||||
'name' => 'niver',
|
||||
'name' => 'niver-session-key',
|
||||
'sid_length' => 64,
|
||||
'sid_bits_per_character' => 6,
|
||||
'cookie_secure' => true,
|
||||
|
@ -104,3 +104,21 @@ $cssFileName = Less_Cache::Get($absoluteLessFiles, $options, THEME);
|
|||
|
||||
</header>
|
||||
<main>
|
||||
<?php
|
||||
function closeHTML() {
|
||||
?>
|
||||
</main>
|
||||
<footer>
|
||||
<small>
|
||||
<?php if (isset($_SESSION['username'])) {
|
||||
echo "Connecté·e en tant que " . $_SESSION['username'] . "<br><a class='authButton' href='" . CONF['common']['prefix'] . "/auth/logout'>Se déconnecter</a>";
|
||||
} else { ?>
|
||||
Vous n'êtes pas connecté·e à un compte Niver
|
||||
<br><a class="authButton" href="<?= CONF['common']['prefix'] ?>/auth/login?redir=<?php if (SERVICE !== "") echo SERVICE . "/"; ?><?= PAGE ?>">Se connecter</a>
|
||||
<?php } ?>
|
||||
</small>
|
||||
</footer>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
<?php } ?>
|
|
@ -16,11 +16,15 @@ if (SERVICE !== "")
|
|||
require "pages.php";
|
||||
|
||||
function userError($msg) {
|
||||
http_response_code(422);
|
||||
exit("<strong>User error</strong>: The server refused to process this request: <em>" . $msg . "</em>");
|
||||
http_response_code(403);
|
||||
echo "<p><strong>Erreur utilisataire</strong> : <em>" . $msg . "</em></p>";
|
||||
closeHTML();
|
||||
exit();
|
||||
}
|
||||
|
||||
function serverError($msg) {
|
||||
http_response_code(500);
|
||||
exit("<strong>Server error</strong>: The server encountered an error: <em>" . $msg . "</em>");
|
||||
echo "<p><strong>Server error</strong>: The server encountered an error: <em>" . $msg . "</em></p>";
|
||||
closeHTML();
|
||||
exit();
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<?php if (isset($_SESSION['username'])) { ?>
|
||||
|
||||
|
@ -14,4 +14,4 @@
|
|||
<a class="authButton" href="login">Se connecter</a>
|
||||
<?php } ?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
<label for="username">Identifiant</label><br>
|
||||
|
@ -24,27 +24,26 @@ if (isset($_POST['username']) AND isset($_POST['password'])) {
|
|||
|
||||
checkUsernameFormat($_POST['username']);
|
||||
|
||||
if (checkPassword($_POST['username'], $_POST['password'])) {
|
||||
if (userExist($_POST['username']) !== true)
|
||||
userError("Connexion impossible : ce compte n'existe pas.");
|
||||
|
||||
$_SESSION['username'] = htmlspecialchars($_POST['username']);
|
||||
if (checkPassword($_POST['username'], $_POST['password']) !== true)
|
||||
userError("Connexion impossible : clé de passe invalide.");
|
||||
|
||||
$_SESSION['username'] = $_POST['username'];
|
||||
|
||||
if (outdatedPasswordHash($_SESSION['username']))
|
||||
changePassword($_SESSION['username'], $_POST['password']);
|
||||
|
||||
if (isset($_GET['redir'])) {
|
||||
if (preg_match("/^[0-9a-z\/-]+$/", $_GET['redir']))
|
||||
header("Location: " . CONF['common']['prefix'] . "/" . $_GET['redir']);
|
||||
else
|
||||
if (preg_match("/^[0-9a-z\/-]+$/", $_GET['redir']) !== 1)
|
||||
userError("Wrong character in <code>redir</code>.");
|
||||
header("Location: " . CONF['common']['prefix'] . "/" . $_GET['redir']);
|
||||
} else {
|
||||
header("Location: " . CONF['common']['prefix'] . "/");
|
||||
}
|
||||
} else {
|
||||
echo "<br>Connexion impossible : mot de passe invalide";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<?php
|
||||
session_destroy();
|
||||
|
@ -7,4 +7,4 @@ header('Location: ' . CONF['common']['prefix'] . '/');
|
|||
exit;
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<p>
|
||||
Vous pouvez ici changer le mot de passe permettant d'accéder à votre compte Niver.
|
||||
|
@ -22,26 +22,21 @@ if (isset($_SESSION['username']) AND isset($_POST['newPassword']) AND isset($_PO
|
|||
|
||||
checkPasswordFormat($_POST['newPassword']);
|
||||
|
||||
if (checkPassword($_SESSION['username'], $_POST['currentPassword'])) {
|
||||
if (checkPassword($_SESSION['username'], $_POST['currentPassword']) !== true)
|
||||
userError("Changement impossible : clé de passe invalide.");
|
||||
|
||||
$username = $_SESSION['username'];
|
||||
$newPassword = password_hash($_POST['newPassword'], PASSWORD_DEFAULT);
|
||||
$newPassword = hashPassword($_POST['newPassword']);
|
||||
|
||||
$db = new PDO('sqlite:' . DB_PATH);
|
||||
|
||||
$stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username");
|
||||
|
||||
$stmt->bindParam(':username', $username);
|
||||
$stmt->bindParam(':username', $_SESSION['username']);
|
||||
$stmt->bindParam(':password', $newPassword);
|
||||
|
||||
$stmt->execute();
|
||||
|
||||
} else {
|
||||
echo "<br>Le mot de passe actuel n'est pas bon !";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<?php
|
||||
|
||||
|
@ -12,7 +12,7 @@ if (isset($_POST['username']) AND isset($_POST['password'])) {
|
|||
|
||||
$userExist = userExist($_POST['username']);
|
||||
|
||||
if (!$userExist) {
|
||||
if ($userExist === false) {
|
||||
|
||||
// Setup SFTP directory
|
||||
umask(0002);
|
||||
|
@ -76,4 +76,4 @@ if (isset($_POST['username']) AND isset($_POST['password'])) {
|
|||
|
||||
Déjà un compte ? <a class="authButton" href="login">Se connecter</a>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
<p>
|
||||
Ajouter un accès en .onion sur un dossier
|
||||
</p>
|
||||
|
@ -81,4 +81,4 @@ HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<p>
|
||||
Ajouter un domaine sur un dossier de site<br>
|
||||
|
@ -67,4 +67,4 @@ if (isset($_POST['domain']) AND isset($_POST['dir']) AND isset($_SESSION['userna
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<p>
|
||||
Vous avez accès à un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>. Vous pouvez téléverser vos sites dans <code>/<nom du site>/*</code>. Indiquez les données ci-dessous à votre client <abbr title="SSH File Transfert Protocol">SFTP</abbr> pour y accéder.
|
||||
|
@ -67,4 +67,4 @@
|
|||
</dd>
|
||||
</dl>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
<p>
|
||||
Installer un certificat Let's Encrypt
|
||||
</p>
|
||||
|
@ -51,4 +51,4 @@ if (isset($_POST['domain']) AND isset($_SESSION['username'])) {
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../common/top.php"; ?>
|
||||
<?php require "../common/html.php"; ?>
|
||||
|
||||
<dl>
|
||||
<dt><a class="regButton" href="reg/">Registre</code></a></dt>
|
||||
|
@ -19,4 +19,4 @@
|
|||
</dd>
|
||||
</dl>
|
||||
|
||||
<?php require "../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
|
||||
|
@ -49,4 +49,4 @@ if (nsCommonRequirements()
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
Afin d'activer DNSSEC, vous devez indiquer un enregistrement DS à la zone parente.
|
||||
|
||||
|
@ -75,4 +75,4 @@ if (isset($_POST['zone']) AND isset($_SESSION['username'])) {
|
|||
|
||||
<?php } ?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<dl>
|
||||
<dt><a class="nsButton" href="zone">Gérer ses zones</a></dt>
|
||||
|
@ -58,4 +58,4 @@
|
|||
</dd>-->
|
||||
</dl>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<p>
|
||||
Ici vous pouvez ajouter ou enlever des adresses IP dans une zone déjà enregistrée sur le serveur de noms de Niver
|
||||
|
@ -30,4 +30,4 @@ if (nsCommonRequirements()
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
|
||||
|
@ -49,4 +49,4 @@ if (nsCommonRequirements()
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
|
||||
|
@ -42,4 +42,4 @@ if (nsCommonRequirements()
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
<?php require "../../form.ns.php"; ?>
|
||||
|
@ -27,4 +27,4 @@ if (nsCommonRequirements()
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
|
||||
|
@ -62,4 +62,4 @@ if (nsCommonRequirements()
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
|
||||
|
@ -59,4 +59,4 @@ if (nsCommonRequirements()
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
|
||||
|
@ -75,4 +75,4 @@ if (nsCommonRequirements()
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
<?php require "../../form.ns.php"; ?>
|
||||
|
@ -28,4 +28,4 @@ if (nsCommonRequirements()
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
<h2>Ajouter une zone</h2>
|
||||
|
@ -91,4 +91,4 @@ if (isset($_POST['zone']) AND isset($_SESSION['username'])) {
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
<label for="action">Action</label>
|
||||
|
@ -104,4 +104,4 @@ if (isset($_POST['zone']) AND isset($_POST['keytag']) AND isset($_POST['algo'])
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
<label for="action">Action</label>
|
||||
|
@ -66,4 +66,4 @@ if (isset($_POST['action']) AND isset($_POST['subdomain']) AND isset($_POST['suf
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<dl>
|
||||
<dt><a class="regButton" href="register">Enregistrer un nouveau domaine</a></dt>
|
||||
|
@ -19,4 +19,4 @@
|
|||
</dd>
|
||||
</dl>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<form method="post">
|
||||
<label for="action">Action</label>
|
||||
|
@ -49,6 +49,7 @@ if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns'])
|
|||
exec(CONF['reg']['knotc_path'] . " zone-" . $action . "set " . $suffix . " " . $_POST['domain'] . " 86400 IN NS " . $_POST['ns'], $output);
|
||||
exec(CONF['reg']['knotc_path'] . " zone-commit " . $suffix, $output);
|
||||
$error = false;
|
||||
var_dump($output);
|
||||
foreach ($output as $line) {
|
||||
if ($line !== "OK") {
|
||||
$error = true;
|
||||
|
@ -63,4 +64,4 @@ if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns'])
|
|||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<?php require "../../common/top.php"; ?>
|
||||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
Enregistrer la possession d'un domaine sur son compte.<br>
|
||||
Ce domaine doit être composé uniquement d'au moins 4 lettres latines non accentuées.
|
||||
|
@ -19,35 +19,30 @@ if (isset($_POST['subdomain']) AND isset($_SESSION['username'])) {
|
|||
|
||||
antiCSRF();
|
||||
|
||||
if (preg_match("/" . CONF['reg']['subdomain_regex'] . "/", $_POST['subdomain'])) {
|
||||
if (preg_match("/" . CONF['reg']['subdomain_regex'] . "/", $_POST['subdomain']) !== 1)
|
||||
userError("Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)");
|
||||
|
||||
$domain = $_POST['subdomain'] . "." . CONF['reg']['registry'];
|
||||
|
||||
checkAbsoluteDomainFormat($domain);
|
||||
|
||||
if (regIsFree($domain)) {
|
||||
if (regIsFree($domain) !== true)
|
||||
userError("Ce domaine n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.");
|
||||
|
||||
$db = new PDO('sqlite:' . DB_PATH);
|
||||
$stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
|
||||
$username = $_SESSION['username'];
|
||||
|
||||
$time = date("Y-m-d H:i:s");
|
||||
|
||||
$stmt->bindParam(':domain', $domain);
|
||||
$stmt->bindParam(':username', $username);
|
||||
$stmt->bindParam(':username', $_SESSION['username']);
|
||||
$stmt->bindParam(':last_renewal', $time);
|
||||
|
||||
$stmt->execute();
|
||||
|
||||
echo "Nouveau domaine enregistré";
|
||||
|
||||
} else {
|
||||
echo "Le domaine " . $domain . " n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.";
|
||||
}
|
||||
} else {
|
||||
echo "Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)";
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<?php require "../../common/bottom.php"; ?>
|
||||
<?php closeHTML(); ?>
|
||||
|
|
Loading…
Reference in a new issue