root
/
threadr.lostcave.ddnss.de
3
1
Fork 1
Code Issues 18 Pull Requests Projects Releases Wiki Activity

added %NO_CHEAP_SESSION_STEALING%

master
BodgeMaster 2020-02-24 04:43:53 +01:00
parent 0df93c30aa
commit fc3d9468a1
7 changed files with 29 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
threadr/about/index.php
View File

@ -1,3 +1,7 @@
<?php
session_start();
%NO_CHEAP_SESSION_STEALING%
?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>

8
threadr/boards/index.php
View File

@ -1,3 +1,7 @@
<?php
session_start();
%NO_CHEAP_SESSION_STEALING%
?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
@ -25,7 +29,7 @@
$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!'); $pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
$error = false; $error = false;
$error_message = ""; $error_message = "";
if (!$error) { if (!$error) {
$statement = $pdo->prepare("SELECT * FROM boards"); $statement = $pdo->prepare("SELECT * FROM boards");
$statement->execute(); $statement->execute();
@ -34,7 +38,7 @@
echo "<li><a href='%CONTENT_DIR%/boards?=$ROW[id]'>$ROW[name]</a></li>"; echo "<li><a href='%CONTENT_DIR%/boards?=$ROW[id]'>$ROW[name]</a></li>";
} }
} }
if (!$result) { if (!$result) {
$error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2]; $error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2];
} }

4
threadr/index.php
View File

@ -1,3 +1,7 @@
<?php
session_start();
%NO_CHEAP_SESSION_STEALING%
?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>

4
threadr/login/index.php
View File

@ -1,3 +1,7 @@
<?php
session_start();
%NO_CHEAP_SESSION_STEALING%
?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>

6
threadr/news/index.php
View File

@ -1,3 +1,7 @@
<?php
session_start();
%NO_CHEAP_SESSION_STEALING%
?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
@ -25,7 +29,7 @@
<ul class="list"> <ul class="list">
<li><p> 2020-02-21 Whole Website updated: Homepage, News, Boards, About, Log In, Userhome, Log Out</p></li> <li><p> 2020-02-21 Whole Website updated: Homepage, News, Boards, About, Log In, Userhome, Log Out</p></li>
<li><p> 2020-01-06 First Steps done </p></li> <li><p> 2020-01-06 First Steps done </p></li>
</ul> </ul>
</div> </div>
</div> </div>
</body> </body>

4
threadr/signup/index.php
View File

@ -1,3 +1,7 @@
<?php
session_start();
%NO_CHEAP_SESSION_STEALING%
?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>

2
threadr/signup/verify-email/index.php
View File

@ -1,4 +1,6 @@
<?php <?php
//todo: force logout any user if logged in and on this page
//permitted chars for password salt //permitted chars for password salt
$permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ&/()[]$:?_'; $permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ&/()[]$:?_';