mirror/litebans-php
1
0
Fork 0
mirror of https://gitlab.com/ruany/litebans-php.git synced 2025-05-23 08:29:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Support Content Security Policy (CSP)

Browse Source
This commit is contained in:
ruan 2024-08-10 23:36:27 +02:00
parent afabb58c18
commit b079b0f954
12 changed files with 84 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
check.php
View File

@ -35,7 +35,7 @@ class Check {
if (!isset($uuid)) { if (!isset($uuid)) {
if (filter_var($name, FILTER_VALIDATE_FLOAT)) { if (filter_var($name, FILTER_VALIDATE_FLOAT)) {
echo "<br>"; echo "<br>";
redirect($page->link("info.php?type=$type&id=$name")); $page->redirect($page->link("info.php?type=$type&id=$name"), true, false);
return; return;
} }
$name = htmlspecialchars($name, ENT_QUOTES); $name = htmlspecialchars($name, ENT_QUOTES);
@ -50,9 +50,9 @@ class Check {
} }
echo "<br>"; echo "<br>";
redirect($page->link($href)); $page->redirect($page->link($href), true, false);
} catch (PDOException $ex) { } catch (PDOException $ex) {
$page->db->handle_error($page->settings, $ex); $page->db->handle_error($page, $ex);
} }
} }

20
error/tables-not-found.php
View File

@ -41,26 +41,6 @@
<br> <br>
- Ensure that you are using the latest version of LiteBans. - Ensure that you are using the latest version of LiteBans.
<br> <br>
<?php
echo("<br>Database tables:");
$db = new Database($settings, true, false);
try {
$st = $db->conn->query("SELECT * FROM " . $settings->table['bans'] . " LIMIT 1;");
$st->fetch();
$st->closeCursor();
} catch (PDOException $e) {
$st = $db->conn->query("SHOW TABLES;");
$st->execute();
$rows = $st->fetchAll(PDO::FETCH_ASSOC);
foreach ($rows as $row) {
foreach ($row as $k => $v) {
echo("<br> - $v");
}
}
$st->closeCursor();
}
?>
</div> </div>
<br> <br>
<a href="../" class="btn btn-primary">Try Again</a> <a href="../" class="btn btn-primary">Try Again</a>

2
history.php
View File

@ -266,5 +266,5 @@ try {
$page->print_footer(); $page->print_footer();
} catch (PDOException $ex) { } catch (PDOException $ex) {
$page->db->handle_error($page->settings, $ex); $page->db->handle_error($page, $ex);
} }

4
inc/css/custom.css
View File

@ -71,6 +71,10 @@ tr.hover {
text-align: left; text-align: left;
} }
.litebans-check-btn {
margin-left: 5px;
}
.litebans-check-form { .litebans-check-form {
margin-left: 15px; margin-left: 15px;
} }

18
inc/database.php
View File

@ -4,15 +4,16 @@
class Database { class Database {
public static $TRUE = "1", $FALSE = "0"; public static $TRUE = "1", $FALSE = "0";
public function __construct(Settings $settings, $connect, $verify) { public function __construct(Page $page, $connect, $verify) {
if ($connect) { if ($connect) {
$this->connect($settings, $verify); $this->connect($page, $verify);
} else { } else {
$this->conn = null; $this->conn = null;
} }
} }
function connect(Settings $cfg, $verify = true) { function connect(Page $page, $verify = true) {
$cfg = $page->settings;
$driver = $cfg->driver; $driver = $cfg->driver;
$host = $cfg->host; $host = $cfg->host;
$port = $cfg->port; $port = $cfg->port;
@ -41,7 +42,7 @@ class Database {
} }
if ($username === "" && $password === "") { if ($username === "" && $password === "") {
redirect("error/unconfigured.php"); $page->redirect("error/unconfigured.php");
} }
$dsn = "$driver:dbname=$database;host=$host;port=$port"; $dsn = "$driver:dbname=$database;host=$host;port=$port";
@ -84,7 +85,8 @@ class Database {
* @param $e Exception * @param $e Exception
* @throws Exception * @throws Exception
*/ */
function handle_error(Settings $cfg, Exception $e) { function handle_error(Page $page, Exception $e) {
$cfg = $page->settings;
if ($cfg->error_throw) throw $e; if ($cfg->error_throw) throw $e;
$message = 'Database error: ' . $e->getMessage(); $message = 'Database error: ' . $e->getMessage();
@ -92,7 +94,7 @@ class Database {
if (strstr($message, "Access denied for user")) { if (strstr($message, "Access denied for user")) {
$param = ""; $param = "";
if ($cfg->error_reporting) $param = "?error=" . base64_encode($e->getMessage()); if ($cfg->error_reporting) $param = "?error=" . base64_encode($e->getMessage());
redirect("error/access-denied.php$param"); $page->redirect("error/access-denied.php$param");
} }
if (strstr($message, "Base table or view not found:") || strstr($message, "Unknown column")) { if (strstr($message, "Base table or view not found:") || strstr($message, "Unknown column")) {
try { try {
@ -100,9 +102,9 @@ class Database {
$st->fetch(); $st->fetch();
$st->closeCursor(); $st->closeCursor();
} catch (PDOException $e) { } catch (PDOException $e) {
redirect("error/tables-not-found.php"); $page->redirect("error/tables-not-found.php");
} }
redirect("error/outdated-plugin.php"); $page->redirect("error/outdated-plugin.php");
} }
} }
if (!$cfg->error_reporting) $message = "Database error"; if (!$cfg->error_reporting) $message = "Database error";

2
inc/footer.php
View File

@ -1,3 +1,3 @@
<script src="<?php echo $this->resource('inc/js/jquery-3.5.1.min.js'); ?>"></script> <script src="<?php echo $this->resource('inc/js/jquery-3.5.1.min.js'); ?>"></script>
<script src="<?php echo $this->resource('inc/js/bootstrap.min.js'); ?>"></script> <script src="<?php echo $this->resource('inc/js/bootstrap.min.js'); ?>"></script>
<?php echo "</html>"; ?> </html>

10
inc/header.php
View File

@ -71,7 +71,7 @@ if ($page->settings->header_show_totals) {
'kicks.php' => $row[3], 'kicks.php' => $row[3],
); );
} catch (PDOException $ex) { } catch (PDOException $ex) {
$page->db->handle_error($page->settings, $ex); $page->db->handle_error($page, $ex);
} }
} }
?> ?>
@ -87,14 +87,6 @@ if ($page->settings->header_show_totals) {
<link href="<?php echo $this->page->resource('inc/css/bootstrap.min.css'); ?>" rel="stylesheet"> <link href="<?php echo $this->page->resource('inc/css/bootstrap.min.css'); ?>" rel="stylesheet">
<link href="<?php echo $this->page->resource('inc/css/glyphicons.min.css'); ?>" rel="stylesheet"> <link href="<?php echo $this->page->resource('inc/css/glyphicons.min.css'); ?>" rel="stylesheet">
<link href="<?php echo $this->page->resource('inc/css/custom.css'); ?>" rel="stylesheet"> <link href="<?php echo $this->page->resource('inc/css/custom.css'); ?>" rel="stylesheet">
<script type="text/javascript">
function withjQuery(tries, f) {
if (window.jQuery) f();
else if (tries > 0) window.setTimeout(function () {
withjQuery(tries - 1, f);
}, 100);
}
</script>
</head> </head>

12
inc/init.php
View File

@ -1,12 +0,0 @@
<?php
function redirect($url, $showtext = true) {
if ($showtext === true) {
echo "<a href=\"$url\">Redirecting...</a>";
}
die("<script data-cfasync=\"false\" type=\"text/javascript\">document.location=\"$url\";</script>");
}
if (!extension_loaded("pdo_mysql") || !extension_loaded("intl")) {
redirect("error/missing-extensions.php");
}

20
inc/js/form.js Normal file
View File

@ -0,0 +1,20 @@
var captureForm = function (b) {
var o = $(".litebans-check-output");
o.removeClass("show");
var x = setTimeout(function () {
o.html("<br>")
}, 150);
$.ajax({type: "GET", url: $("#form-link").val() + "?name=" + $("#user").val() + "&table=" + $("#form-table").val()}).done(function (c) {
clearTimeout(x);
o.html(c);
o.addClass("show")
var url = document.getElementById("redirect-url");
if (url !== null) {
document.location = url.value;
}
});
b.preventDefault();
return false
};
document.getElementById("check").addEventListener("submit", captureForm)

4
inc/js/redirect.js Normal file
View File

@ -0,0 +1,4 @@
var url = document.getElementById("redirect-url");
if (url !== null) {
document.location = url.value;
}

15
inc/js/table.js Normal file
View File

@ -0,0 +1,15 @@
function withjQuery(tries, f) {
if (window.jQuery) f();
else if (tries > 0) window.setTimeout(function () {
withjQuery(tries - 1, f);
}, 100);
}
withjQuery(30, function () {
$('tr').click(function () {
var href = $(this).find('a').attr('href');
if (href !== undefined) window.location = href;
}).hover(function () {
$(this).toggleClass('hover');
});
});

33
inc/page.php
View File

@ -1,5 +1,4 @@
<?php <?php
require_once './inc/init.php';
#[AllowDynamicProperties] #[AllowDynamicProperties]
class Page { class Page {
@ -23,12 +22,17 @@ class Page {
} else { } else {
$this->lang = new en_US(); $this->lang = new en_US();
} }
$this->db = new Database($cfg, $connect, !($cfg instanceof EnvSettings)); $this->settings = $cfg;
if (!extension_loaded("pdo_mysql") || !extension_loaded("intl")) {
$this->redirect("error/missing-extensions.php");
}
$this->db = new Database($this, $connect, !($cfg instanceof EnvSettings));
$this->formatter = new IntlDateFormatter($cfg->lang, IntlDateFormatter::LONG, IntlDateFormatter::NONE, $cfg->timezone, IntlDateFormatter::GREGORIAN, $cfg->date_format); $this->formatter = new IntlDateFormatter($cfg->lang, IntlDateFormatter::LONG, IntlDateFormatter::NONE, $cfg->timezone, IntlDateFormatter::GREGORIAN, $cfg->date_format);
$this->conn = $this->db->conn; $this->conn = $this->db->conn;
$this->settings = $cfg;
$this->uuid_name_cache = array(); $this->uuid_name_cache = array();
$this->name = $name; $this->name = $name;
@ -201,7 +205,7 @@ class Page {
return $rows; return $rows;
} catch (PDOException $ex) { } catch (PDOException $ex) {
$this->db->handle_error($this->settings, $ex); $this->db->handle_error($this, $ex);
return array(); return array();
} }
} }
@ -430,6 +434,16 @@ class Page {
return ($millis > $until); return ($millis > $until);
} }
function redirect($url, $showtext = true, $script = true) {
if ($showtext === true) {
echo "<a href=\"$url\">Redirecting...</a>";
}
echo("<input type=\"hidden\" id=\"redirect-url\" value=\"$url\">");
if ($script) {
die("<script src={$this->resource('inc/js/redirect.js')}></script>");
} else die;
}
/** /**
* Returns true if a string should be treated as a UUID. * Returns true if a string should be treated as a UUID.
* @param $str * @param $str
@ -542,18 +556,19 @@ class Page {
echo ' echo '
<div class="row litebans-check"> <div class="row litebans-check">
<div class="litebans-check litebans-check-form"> <div class="litebans-check litebans-check-form">
<form action="check.php" onsubmit="captureForm(event);" class="form-inline"> <form action="check.php" class="form-inline" id="check">
<div class="form-group"> <div class="form-group">
<input type="text" class="form-control" name="name" id="user" placeholder="' . $this->t("generic.player-name") . '"> <input type="text" class="form-control" name="name" id="user" placeholder="' . $this->t("generic.player-name") . '">
</div> </div>
<input type="hidden" name="table" value="' . $this->name . '"> <input type="hidden" name="table" id="form-table" value="' . $this->name . '">
<button type="submit" class="btn btn-primary" style="margin-left: 5px;">' . $this->t("action.check") . '</button> <input type="hidden" name="link" id="form-link" value="' . $link . '">
<button type="submit" class="btn btn-primary litebans-check-btn">' . $this->t("action.check") . '</button>
</form> </form>
</div> </div>
<script type="text/javascript">function captureForm(b){var o=$(".litebans-check-output");o.removeClass("show");var x=setTimeout(function(){o.html("<br>")}, 150);$.ajax({type:"GET",url:"' . $link . '?name="+$("#user").val()+"&table=' . $table . '"}).done(function(c){clearTimeout(x);o.html(c);o.addClass("show")});b.preventDefault();return false};</script>
</div> </div>
<div class="litebans-check litebans-check-output fade" class="success fade" data-alert="alert"></div> <div class="litebans-check litebans-check-output fade" class="success fade" data-alert="alert"></div>
<p class="noselect"></p> <p class="noselect"></p>
<script src="' . $this->resource('inc/js/form.js') . '"></script>
'; ';
} }
@ -653,7 +668,7 @@ class Page {
function table_end($clicky = true) { function table_end($clicky = true) {
echo '</table>'; echo '</table>';
if ($clicky) { if ($clicky) {
echo "<script type=\"text/javascript\">withjQuery(30,function(){ $('tr').click(function(){var href=$(this).find('a').attr('href');if(href!==undefined)window.location=href;}).hover(function(){\$(this).toggleClass('hover');}); });</script>"; echo "<script src={$this->resource('inc/js/table.js')}></script>";
} }
} }