root
/
threadr.lostcave.ddnss.de
3
1
Fork 1
Code Issues 18 Pull Requests Projects Releases Wiki Activity

removed another useless file

master
BodgeMaster 2021-09-07 09:03:59 +02:00
parent 9e601df065
commit 18b82274f3
2 changed files with 0 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -52,12 +52,6 @@ This folder contains all the files that are parts of ThreadR directly
A place to store the configuation for a specific ThreadR instance (contains official instance config for now, will be moved elsewhere eventually) A place to store the configuation for a specific ThreadR instance (contains official instance config for now, will be moved elsewhere eventually)
### [[DIR] macros](./macros) ### [[DIR] macros](./macros)
files for use with variable_grabbler.py files for use with variable_grabbler.py
### [admin.php](./admin.php)
~~This is the file that is shown on the internal admin page. It will contain a list of users, forums, threads, etc.
At the moment, it is just a convenient way to access the other internal administration tools.
This is not directly a part of ThreadR.~~
This is part of the server management tools and therefore will be gone from this repository soon.
### [default.html](./default.html) ### [default.html](./default.html)
The main index.html on the server. It redirects to ThreadR. The main index.html on the server. It redirects to ThreadR.
### [deployment_script.sh](./deployment_script.sh) ### [deployment_script.sh](./deployment_script.sh)

83
admin.php
View File

@ -1,83 +0,0 @@
<?php
%PLEAZE_NO_CACHE%
$permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ&/()[]$:?_';
function generate_salt($input, $strength = 5) {
$input_length = strlen($input);
$random_string = '';
for($i = 0; $i < $strength; $i++) {
$random_character = $input[random_int(0, $input_length - 1)];
$random_string .= $random_character;
}
return $random_string;
}
$random_salt = generate_salt($permitted_chars);
$password_hash_method = "sha256";
$pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%');
$query = "SELECT id, name, authentication_algorithm FROM users;";
if (isset($_GET['action'])) {
if ($_GET['action']=='add') {
$error = false;
$error_message = "";
if ($_POST['name']=='' || $_POST['password']=='' || $_POST['password_confirmation']=='') {
$error = true;
$error_message = "<p>Error: Not all values populated.</p>";
}
if ($_POST['password'] != $_POST['password_confirmation']) {
$error = true;
$error_message = "<p>Error: Password confirmation does not match password.</p>";
}
if (!$error) {
$statement = $pdo->prepare('INSERT INTO users (name, authentication_string, authentication_salt, authentication_algorithm) VALUES (:name, :authentication_string, :authentication_salt, :authentication_algorithm)');
$result = $statement->execute(array('name' => $_POST['name'], 'authentication_string' => hash($password_hash_method, $_POST['password'] . $random_salt), 'authentication_salt' => $random_salt, 'authentication_algorithm' => $password_hash_method));
if (!$result) {
$error_message = "<p>Error: SQL error.</p><pre>" . $statement->queryString . "</pre><pre>" . $statement->errorInfo()[2] . "</pre>";
}
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title> LostCave Admin Page </title>
<meta charset="utf-8" />
</head>
<body>
<h1> Useful links </h1>
<ul>
<li><a href="http://admin.strassenkind.ip/phpmyadmin/" > PHPMyAdmin </a></li>
<li><a href="http://admin.strassenkind.ip/postfixadmin/" > PostfixAdmin </a></li>
<li><a href="http://strassenkind.ip/" > Server status page </a></li>
<li><a href="http://strassenkind.ip/git/" > Gitea </a></li>
<li><a href="http://admin.strassenkind.ip/phpinfo.php"> phpinfo(); </a></li>
<li><a href="http://admin.strassenkind.ip/stdout.log"> Just normal server logs, nothing to see here. </a></li>
<li><a href="http://admin.strassenkind.ip/stderr.log"> Just normal server error logs, nothing to see here. </a></li>
</ul>
<h1> User Management </h1>
<h2> Registered Users </h2>
<table>
<tr><td>User ID</td><td>Name</td><td>Authentication algorithm</td></tr>
<?php
foreach ($pdo->query($query) as $row) {
echo "<tr><td>".$row['id']."</td><td>".$row['name']."</td><td>".$row['authentication_algorithm']."</td></tr>";
}
?>
</table>
<h2> Add user </h2>
<form action="?action=add" method="post">
<input type="text" maxlength="20" name="name" placeholder="Username" />
<input type="password" maxlength="256" name="password" placeholder="Password" />
<input type="password" maxlength="256" name="password_confirmation" placeholder="Repeat password" />
<input type="submit" value="Add" />
<?php
if (isset($error_message)) {
echo $error_message;
}
?>
</form>
</body>
</html>