hajime/public/sys/auth2.php

122 lines
4.7 KiB
PHP
Raw Normal View History

2023-08-11 22:16:32 +00:00
<?php
// Flashii System Authentication Backend
// I don't even want a copyright stamp on this garbage
// Include core shit
require_once __DIR__ . '/../../startup.php';
// Fuck salt
$redir = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/';
// Broken bullshit
if(isset($_GET['mode'])) {
switch($_GET['mode']) {
case 'login':
if(!isset($_POST['submit'])) {
header('Location: '. $redir);
exit;
}
if($flashii->checkActivation($_POST['username'])) {
print $flashii->printMessage("<h1>Your account is deactivated, try again later or contact an Admin.</h1>", $redir);
} else {
if($flashii->login($_POST['username'], $_POST['password'])) {
print $flashii->printMessage("<h1>You are now logged in.</h1>", $redir);
} else {
print $flashii->printMessage("<h1>Username or Password was wrong.</h1>", $redir);
}
}
break;
case 'logout':
if($flashii->loggedIn()) {
if($flashii->logout())
print $flashii->printMessage("<h1>You are now logged out.</h1>", $redir);
else
print $flashii->printMessage("<h1>You somehow managed to fuck up while trying to log out.</h1><br />Good job!", $redir);
} else {
header('Location: '. $redir);
}
break;
case 'regkey':
$flashii->newRegistrationCode();
header('Location: '. $redir);
break;
case 'session':
if(!isset($_POST['submit'])) {
header('Location: '. $redir);
exit;
}
if(isset($_POST['submit'])) {
if($flashii->checkIfSessionExists($_POST['sessionid'])) {
$flashii->killSession($_POST['sessionid'], true);
print $flashii->printMessage("<h1>Requested session has been killed.</h1>", $redir);
} else {
print $flashii->printMessage("<h1>Requested session does not exist.</h1>", $redir);
}
} else {
print $flashii->printMessage("<h1>Fuck off.</h1>", $redir);
}
break;
case 'register':
if(!isset($_POST['submit'])) {
header('Location: '. $redir);
exit;
}
if(!recaptcha_check_answer($RECAPTCHAprivatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"])->is_valid) {
print $flashii->printMessage("<h1>The reCAPTCHA wasn't entered correctly. Go back and try it again.</h1>", $redir);
exit;
}
if(!$flashii->registrationCodeCheck(@$_POST['registrationcode'])) {
print $flashii->printMessage("<h1>The provided registration code is invalid.</h1>", $redir);
exit;
}
if(!@$_POST['tos']) {
print $flashii->printMessage("<h1>Please agree to the Terms of Service and try again.</h1>", $redir);
exit;
}
if($flashii->checkIfUserExists(@$_POST['username'])) {
print $flashii->printMessage("<h1>Username is taken.</h1>", $redir);
exit;
}
if(preg_match('/[\'^<5E>$%&*()}{@#~?><>,|=_+<2B>-]/', @$_POST['username'])) {
print $flashii->printMessage("<h1>One or more characters in your username is disallowed.</h1>", $redir);
exit;
}
if(!$flashii->checkEmail(@$_POST['email'], true)) {
print $flashii->printMessage("<h1>The E-mail Address given has already been registered or was invalid.</h1>", $redir);
exit;
}
if(strlen(@$_POST['password']) < 4 || strlen(@$_POST['password']) > 128) {
print $flashii->printMessage("<h1>Password was either too long or too short.</h1>", $redir);
exit;
}
if(@$_POST['password'] != @$_POST['confirmpassword']) {
print $flashii->printMessage("<h1>Passwords do not match.</h1>", $redir);
exit;
}
$flashii->registerUser(@$_POST['username'], @$_POST['password'], $_POST['email']);
print $flashii->printMessage("<h1>Successfully Registered! Welcome to Flashii!</h1>", "/login");
break;
default:
header('Location: '. $redir);
}
} else {
header('Location: '. $redir);
}