LINUX.ORG.RU

История изменений

Исправление Spoofing, (текущая версия) :

Система регистрации и авторизации пользователей в моём блоге.

# sqlite3 spfng.sqlite3 <<EOF
CREATE TABLE 'user'
(
  'user_id' INTEGER PRIMARY KEY AUTOINCREMENT,
  'user_login' VARCHAR(32),
  'user_password' VARCHAR(128),
  'user_salt' VARCHAR(16),
  'user_name' VARCHAR(80),
  'user_date_registered' DATETIME DEFAULT CURRENT_TIMESTAMP,
  'user_date_authorized' DATETIME
);
EOF
<?php
$dbh = new SQLite3('spfng.sqlite3');
$dbh->busyTimeout(31337);
$dbh->query('
PRAGMA synchronous=NORMAL;
PRAGMA journal_mode=WAL;
PRAGMA page_size=16384;
PRAGMA cache_size=65536;
PRAGMA temp_store=MEMORY;
');
?>
<?php
if (isset($_COOKIE[session_name()])) {
session_start();
if (empty($_SESSION['user_id'])) {
setcookie(session_name(), '', 1);
session_destroy();
}
}
?>
<?php if ($_SERVER['REQUEST_URI'] === '/'): ?>
<?php if (session_id() === ''): ?>
Welcome, <b>anonymous</b> (IP: <?php echo $_SERVER['REMOTE_ADDR']?>). <a href="/signin/">Sign in</a> | <a href="/signup/">Sign up</a>
<?php else: ?>
Welcome, <b><?php echo $_SESSION['user_name']; ?></b> (IP: <?php echo $_SERVER['REMOTE_ADDR']?>). <a href="/signout/">Sign out</a>
<?php endif; ?>
<?php elseif ($_SERVER['REQUEST_URI'] === '/signup/'): ?>
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ((strlen($_POST['name']) < 2) || (strlen($_POST['name']) > 80)) {
die('?');
}
if ((strlen($_POST['login']) < 2) || (strlen($_POST['login']) > 32) || (str_replace(array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9'), '', substr($_POST['login'], 0, 1)) === '') || (str_replace(array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'), '', $_POST['login']) !== '')) {
die('?');
}
if ((strlen($_POST['password']) < 2) || (strlen($_POST['password']) > 512)) {
die('?');
}
if ($dbh->query('SELECT * FROM user WHERE user_login = "'.$_POST['login'].'"')->fetchArray()['user_id']) {
die('?');
}
$dbh->query('BEGIN TRANSACTION');
$try = $dbh->prepare('INSERT INTO user (user_login, user_password, user_salt, user_name) VALUES (:user_login, :user_password, :user_salt, :user_name)');
$try->bindValue(':user_login', $_POST['login']);
$try->bindValue(':user_salt', 'Spoofing + Faumi = <3');
$try->bindValue(':user_password', crypt($_POST['password'], '$6$rounds=31337$'.'Spoofing + Faumi = <3'.''));
$try->bindValue(':user_name', $_POST['name']);
$try->execute();
$dbh->query('UPDATE user SET user_date_authorized = CURRENT_TIMESTAMP WHERE user_login = "'.$_POST['login'].'"');
$dbh->query('COMMIT');
session_start();
$try = $dbh->query('SELECT * FROM user WHERE user_login = "'.$_POST['login'].'"');
if ($row = $try->fetchArray()) {
extract($row); unset($row);
}
$_SESSION['user_id'] = $user_id;
$_SESSION['user_login'] = $user_login;
$_SESSION['user_name'] = htmlspecialchars($user_name);
header($_SERVER['SERVER_PROTOCOL'].' 303 See Other');
header('Location: /');
die();
}
?>
<?php if ($_SERVER['REQUEST_METHOD'] === 'GET'): ?>
<form action="/signup/" method="POST">
<input class="edits" type="text" name="login">
<input class="edits" type="text" name="password" value="<?php echo substr(str_shuffle('0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'), <input class="edits" type="text" name="name">
<input class="edits" type="submit" value="sign up">
</form>
<?php endif; ?>
<?php elseif ($_SERVER['REQUEST_URI'] === '/signin/'): ?>
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$try = $dbh->prepare('SELECT * FROM user WHERE user_login = :user_login AND user_password = :user_password');
$try->bindValue(':user_login', $_POST['login']);
$try->bindValue(':user_password', crypt($_POST['password'], '$6$rounds=31337$'.'Spoofing + Faumi = <3'.''));
if ($row = $try->execute()->fetchArray()) {
extract($row); unset($row);
}
if (isset($user_id)) {
$dbh->query('UPDATE user SET user_date_authorized = CURRENT_TIMESTAMP WHERE user_id = "'.$user_id.'"');
session_start();
$_SESSION['user_id'] = $user_id;
$_SESSION['user_login'] = $user_login;
$_SESSION['user_name'] = htmlspecialchars($user_name);
header($_SERVER['SERVER_PROTOCOL'].' 303 See Other');
header('Location: /');
die();
}
else {
die('?');
}
}
?>
<?php if ($_SERVER['REQUEST_METHOD'] === 'GET'): ?>
<form action="/signin/" method="POST">
<input class="edits" type="text" name="login">
<input class="edits" type="text" name="password">
<input class="edits" type="submit" value="sign in">
</form>
<?php endif; ?>
<?php elseif ($_SERVER['REQUEST_URI'] === '/signout/'): ?>
<?php if ($_SERVER['REQUEST_METHOD'] === 'GET'): ?>
<?php
session_start();
session_destroy();
setcookie(session_name(), '', 1);
header($_SERVER['SERVER_PROTOCOL'].' 303 See Other');
header('Location: /');
die();
?>
<?php endif; ?>
<?php endif; ?>

Исходная версия Spoofing, :

Система регистрации и авторизации пользователей в моём блоге.

# sqlite3 spfng.db <<EOF
CREATE TABLE 'user'
(
  'user_id' INTEGER PRIMARY KEY AUTOINCREMENT,
  'user_login' VARCHAR(32),
  'user_password' VARCHAR(128),
  'user_salt' VARCHAR(16),
  'user_name' VARCHAR(80),
  'user_date_registered' DATETIME DEFAULT CURRENT_TIMESTAMP,
  'user_date_authorized' DATETIME
);
EOF
<?php
$dbh = new SQLite3('spfng.sqlite3');
$dbh->busyTimeout(31337);
$dbh->query('
PRAGMA synchronous=NORMAL;
PRAGMA journal_mode=WAL;
PRAGMA page_size=16384;
PRAGMA cache_size=65536;
PRAGMA temp_store=MEMORY;
');
?>
<?php
if (isset($_COOKIE[session_name()])) {
session_start();
if (empty($_SESSION['user_id'])) {
setcookie(session_name(), '', 1);
session_destroy();
}
}
?>
<?php if ($_SERVER['REQUEST_URI'] === '/'): ?>
<?php if (session_id() === ''): ?>
Welcome, <b>anonymous</b> (IP: <?php echo $_SERVER['REMOTE_ADDR']?>). <a href="/signin/">Sign in</a> | <a href="/signup/">Sign up</a>
<?php else: ?>
Welcome, <b><?php echo $_SESSION['user_name']; ?></b> (IP: <?php echo $_SERVER['REMOTE_ADDR']?>). <a href="/signout/">Sign out</a>
<?php endif; ?>
<?php elseif ($_SERVER['REQUEST_URI'] === '/signup/'): ?>
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ((strlen($_POST['name']) < 2) || (strlen($_POST['name']) > 80)) {
die('?');
}
if ((strlen($_POST['login']) < 2) || (strlen($_POST['login']) > 32) || (str_replace(array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9'), '', substr($_POST['login'], 0, 1)) === '') || (str_replace(array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'), '', $_POST['login']) !== '')) {
die('?');
}
if ((strlen($_POST['password']) < 2) || (strlen($_POST['password']) > 512)) {
die('?');
}
if ($dbh->query('SELECT * FROM user WHERE user_login = "'.$_POST['login'].'"')->fetchArray()['user_id']) {
die('?');
}
$dbh->query('BEGIN TRANSACTION');
$try = $dbh->prepare('INSERT INTO user (user_login, user_password, user_salt, user_name) VALUES (:user_login, :user_password, :user_salt, :user_name)');
$try->bindValue(':user_login', $_POST['login']);
$try->bindValue(':user_salt', 'Spoofing + Faumi = <3');
$try->bindValue(':user_password', crypt($_POST['password'], '$6$rounds=31337$'.'Spoofing + Faumi = <3'.''));
$try->bindValue(':user_name', $_POST['name']);
$try->execute();
$dbh->query('UPDATE user SET user_date_authorized = CURRENT_TIMESTAMP WHERE user_login = "'.$_POST['login'].'"');
$dbh->query('COMMIT');
session_start();
$try = $dbh->query('SELECT * FROM user WHERE user_login = "'.$_POST['login'].'"');
if ($row = $try->fetchArray()) {
extract($row); unset($row);
}
$_SESSION['user_id'] = $user_id;
$_SESSION['user_login'] = $user_login;
$_SESSION['user_name'] = htmlspecialchars($user_name);
header($_SERVER['SERVER_PROTOCOL'].' 303 See Other');
header('Location: /');
die();
}
?>
<?php if ($_SERVER['REQUEST_METHOD'] === 'GET'): ?>
<form action="/signup/" method="POST">
<input class="edits" type="text" name="login">
<input class="edits" type="text" name="password" value="<?php echo substr(str_shuffle('0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'), <input class="edits" type="text" name="name">
<input class="edits" type="submit" value="sign up">
</form>
<?php endif; ?>
<?php elseif ($_SERVER['REQUEST_URI'] === '/signin/'): ?>
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$try = $dbh->prepare('SELECT * FROM user WHERE user_login = :user_login AND user_password = :user_password');
$try->bindValue(':user_login', $_POST['login']);
$try->bindValue(':user_password', crypt($_POST['password'], '$6$rounds=31337$'.'Spoofing + Faumi = <3'.''));
if ($row = $try->execute()->fetchArray()) {
extract($row); unset($row);
}
if (isset($user_id)) {
$dbh->query('UPDATE user SET user_date_authorized = CURRENT_TIMESTAMP WHERE user_id = "'.$user_id.'"');
session_start();
$_SESSION['user_id'] = $user_id;
$_SESSION['user_login'] = $user_login;
$_SESSION['user_name'] = htmlspecialchars($user_name);
header($_SERVER['SERVER_PROTOCOL'].' 303 See Other');
header('Location: /');
die();
}
else {
die('?');
}
}
?>
<?php if ($_SERVER['REQUEST_METHOD'] === 'GET'): ?>
<form action="/signin/" method="POST">
<input class="edits" type="text" name="login">
<input class="edits" type="text" name="password">
<input class="edits" type="submit" value="sign in">
</form>
<?php endif; ?>
<?php elseif ($_SERVER['REQUEST_URI'] === '/signout/'): ?>
<?php if ($_SERVER['REQUEST_METHOD'] === 'GET'): ?>
<?php
session_start();
session_destroy();
setcookie(session_name(), '', 1);
header($_SERVER['SERVER_PROTOCOL'].' 303 See Other');
header('Location: /');
die();
?>
<?php endif; ?>
<?php endif; ?>