flash/sakura
flash/sakura
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Sock Chat auth file

Browse source
This commit is contained in:
flash 2015-04-18 11:35:16 +00:00
parent 09cbba9ac6
commit 3b38696c0a
9 changed files with 195 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

83
_developer_data/Sakura.php
View file

@ -13,14 +13,16 @@ $sockSakuraPath = ''; // Filesystem path to the _sakura folder WITHOUT an ending
require_once $sockSakuraPath .'/sakura.php'; require_once $sockSakuraPath .'/sakura.php';
use sockchat\Auth; use sockchat\Auth;
use Sakura\Session;
use Sakura\Users;
if(Auth::getPageType() == AUTH_FETCH) { if(Auth::getPageType() == AUTH_FETCH) {
// Check if user is logged into the Sakura backend if not deny // Check if user is logged into the Sakura backend if not deny
if(/* Login check */) { if(Users::checkLogin()) {
// If so append the required arguments and accept // If so append the required arguments and accept
Auth::AppendArguments([/* User ID */, /* Session ID */]); Auth::AppendArguments([Session::$userId, Session::$sessionId]);
Auth::Accept(); Auth::Accept();
} else } else
@ -28,15 +30,84 @@ if(Auth::getPageType() == AUTH_FETCH) {
} else { } else {
// Get arguments
$uid = $_GET['arg1'];
$sid = $_GET['arg2'];
// Check if session is active else deny // Check if session is active else deny
if(/* Check if session is active */) { if(Session::checkSession($uid, $sid)) {
// Get user and rank data
$user = Users::getUser($uid);
$rank = Users::getRank($user['rank_main']);
// Deny group and user id 0
if($user['id'] == 0 || $rank['id'] == 0) {
Auth::Deny();
Auth::Serve();
exit;
}
Auth::SetUserData( Auth::SetUserData(
/* User ID */, $user['id'],
/* Username */, $user['username'],
/* User colour */ $rank['colour']
); );
switch($rank['id']) {
default: // Fallback
case 2: // Regular User
Auth::SetCommonPermissions(
0,
USER_NORMAL,
LOGS_DISABLED,
NICK_DISABLED,
CHANNEL_CREATE_DISABLED
);
break;
case 6: // Bot
case 8: // Tenshi
case 9: // Alumni
Auth::SetCommonPermissions(
1,
USER_NORMAL,
LOGS_ENABLED,
NICK_ENABLED,
CHANNEL_CREATE_TEMP
);
break;
case 3: // Site Moderator
case 5: // Developer
case 6: // Chat Moderator
Auth::SetCommonPermissions(
($rank['id'] == 2 ? 3 : 2), // Site moderators are 3, rest is 2
USER_MODERATOR,
LOGS_ENABLED,
NICK_ENABLED,
CHANNEL_CREATE_TEMP
);
break;
case 4: // Administrator
Auth::SetCommonPermissions(
4,
USER_MODERATOR,
LOGS_ENABLED,
NICK_ENABLED,
CHANNEL_CREATE_PERM
);
break;
}
Auth::Accept();
} else } else
Auth::Deny(); Auth::Deny();

5
_sakura/sakura.php
View file

@ -63,6 +63,9 @@ $renderData = array(
'time' => \time() 'time' => \time()
], ],
'user' => [ 'user' => [
'checklogin' => Users::checkLogin() 'checklogin' => Users::checkLogin(),
'session' => Session::$sessionId,
'data' => ($_init_udata = Users::getUser(Session::$userId)),
'rank' => Users::getRank($_init_udata['rank_main'])
] ]
); );

12
_sakura/templates/yuuno/global/header.tpl
View file

@ -50,16 +50,18 @@
<div class="menu"> <div class="menu">
<div class="menu-nav" id="navMenuSite"> <div class="menu-nav" id="navMenuSite">
<!-- Navigation menu, displayed on left side of the bar. --> <!-- Navigation menu, displayed on left side of the bar. -->
<a class="menu-item" href="http://{{ sakura.urls.main }}/" title="Return to the front page of Flashii">Home</a> <a class="menu-item" href="//{{ sakura.urls.main }}/" title="Return to the front page of Flashii">Home</a>
<a class="menu-item" href="http://{{ sakura.urls.main }}/news" title="Here you can read updates on Flashii">News</a> <a class="menu-item" href="//{{ sakura.urls.main }}/news" title="Here you can read updates on Flashii">News</a>
</div> </div>
<div class="menu-ucp" id="navMenuUser"> <div class="menu-ucp" id="navMenuUser">
<!-- User menu, displayed on right side of the bar. --> <!-- User menu, displayed on right side of the bar. -->
{% if user.checklogin %} {% if user.checklogin %}
<a class="menu-item" href="http://{{ sakura.urls.main }}/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect={{ sakura.currentpage }}" title="End your login session">Logout</a> <a class="menu-item avatar" href="//{{ sakura.urls.main }}/u/{{ user.data.id }}" title="View and edit your own profile" style="background-image: url('//{{ sakura.urls.main }}/a/{{ user.data.id }}'); width: auto; color: {{ user.rank.colour }}; font-weight: 700;">{{ user.data.username }}</a>
<a class="menu-item" href="//{{ sakura.urls.main }}/settings" title="Change your settings">Settings</a>
<a class="menu-item" href="//{{ sakura.urls.main }}/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect={{ sakura.currentpage }}" title="End your login session">Logout</a>
{% else %} {% else %}
<a class="menu-item" id="headerLoginLink" href="http://{{ sakura.urls.main }}/login" title="Login to Flashii">Login</a> <a class="menu-item" id="headerLoginLink" href="//{{ sakura.urls.main }}/login" title="Login to Flashii">Login</a>
<a class="menu-item" href="http://{{ sakura.urls.main }}/register" title="Create an account">Register</a> <a class="menu-item" href="//{{ sakura.urls.main }}/register" title="Create an account">Register</a>
{% endif %} {% endif %}
</div> </div>
<div class="menu-mob"> <div class="menu-mob">

19
_sakura/templates/yuuno/main/index.tpl
View file

@ -1,10 +1,21 @@
{% include 'global/header.tpl' %} {% include 'global/header.tpl' %}
<div class="content homepage"> <div class="content homepage">
<div class="content-right content-column"> <div class="content-right content-column">
<div class="head">Welcome!</div> {% if user.checklogin %}
Welcome to Flashii! This is a site for a bunch of friends to hang out, nothing special. Anyone is pretty much welcome to register so why not have a go? <div class="head">Hi, {{ user.data.username }}!</div>
<a class="button registerbutton" href="/register">Register!</a> <img src="//{{ sakura.urls.main }}/a/{{ user.data.id }}" class="default-avatar-setting homepage-menu-avatar" />
<a class="button loginbutton" href="/login">Login</a> <ul>
<li><a href="//{{ sakura.urls.main }}/settings/profile" class="underline">Edit profile</a></li>
<li><a href="//{{ sakura.urls.main }}/settings/avatar" class="underline">Change avatar</a></li>
<li><a href="//{{ sakura.urls.main }}/settings/sessions" class="underline">View active sessions</a></li>
</ul>
<div class="clear"></div>
{% else %}
<div class="head">Welcome!</div>
Welcome to Flashii! This is a site for a bunch of friends to hang out, nothing special. Anyone is pretty much welcome to register so why not have a go?
<a class="button registerbutton" href="/register">Register!</a>
<a class="button loginbutton" href="/login">Login</a>
{% endif %}
<div class="head">Stats</div> <div class="head">Stats</div>
We have <b>{{ stats.userCount }}</b>, We have <b>{{ stats.userCount }}</b>,
<b><a href="/u/{{ stats.newestUser.id }}" class="default">{{ stats.newestUser.username }}</a></b> is the newest user, <b><a href="/u/{{ stats.newestUser.id }}" class="default">{{ stats.newestUser.username }}</a></b> is the newest user,

29
_sakura/templates/yuuno/main/legacypasswordchange.tpl Normal file
View file

@ -0,0 +1,29 @@
{% include 'global/header.tpl' %}
<div class="content news settings">
<div class="head">Changing Password</div>
<div class="settings-explanation">
Because of a change in the way Flashii handles authentication you are required to change your password.
</div>
<form method="post" action="/authenticate">
<input type="hidden" name="redirect" value="//iihsalf.net/" />
<input type="hidden" name="session" value="{{ php.sessionid }}" />
<input type="hidden" name="time" value="{{ php.time }}" />
<input type="hidden" name="mode" value="legacypwchange" />
<div class="profile-field">
<div><h2>Old Password</h2></div>
<div style="text-align: center;"><input type="password" name="oldpw" placeholder="Your current password for verification" class="inputStyling" /></div>
</div>
<div class="profile-field">
<div><h2>New Password</h2></div>
<div style="text-align: center;"><input type="password" name="newpw" placeholder="Your new password, can be the same but that's not a good idea" class="inputStyling" /></div>
</div>
<div class="profile-field">
<div><h2>Verify Password</h2></div>
<div style="text-align: center;"><input type="password" name="verpw" placeholder="Your new password again to make sure you didn't typo anything" class="inputStyling" /></div>
</div>
<div class="profile-save">
<input type="submit" value="Save" name="submit" class="inputStyling" /> <input type="reset" value="Reset" name="reset" class="inputStyling" />
</div>
</form>
</div>
{% include 'global/footer.tpl' %}

78
content/.htaccess
View file

@ -1,39 +1,39 @@
AddType application/vnd.ms-fontobject .eot AddType application/vnd.ms-fontobject .eot
AddType font/ttf .ttf AddType font/ttf .ttf
AddType font/otf .otf AddType font/otf .otf
AddType font/woff .woff AddType font/woff .woff
<FilesMatch "\.(ttf|otf|eot|woff)$"> <FilesMatch "\.(ttf|otf|eot|woff)$">
<IfModule mod_headers.c> <IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*" Header set Access-Control-Allow-Origin "*"
</IfModule> </IfModule>
</FilesMatch> </FilesMatch>
<FilesMatch "global.css"> <FilesMatch "global.css">
Header set Cache-Control "max-age=0, must-revalidate" Header set Cache-Control "max-age=0, must-revalidate"
</FilesMatch> </FilesMatch>
Options -Indexes Options -Indexes
RewriteEngine On RewriteEngine On
# #
#RewriteCond %{HTTP_REFERER} !^$ #RewriteCond %{HTTP_REFERER} !^$
#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC] #RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC]
#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC] #RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC]
#RewriteRule .*\.(jpe?g|gif|bmp|png|swf)$ http://i.imgur.com/Bv0MKtu.gif [L] #RewriteRule .*\.(jpe?g|gif|bmp|png|swf)$ http://i.imgur.com/Bv0MKtu.gif [L]
# #
#RewriteCond %{HTTP_REFERER} !^$ #RewriteCond %{HTTP_REFERER} !^$
#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC] #RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC]
#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC] #RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC]
#RewriteRule .*\.(wav|mp3)$ http://chat.flashii.net/sandstorm.mp3 [L] #RewriteRule .*\.(wav|mp3)$ http://chat.flashii.net/sandstorm.mp3 [L]
# #
#RewriteCond %{HTTP_REFERER} !^$ #RewriteCond %{HTTP_REFERER} !^$
#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC] #RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.net [NC]
#RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC] #RewriteCond %{HTTP_REFERER} !^http://(.+\.)?flashii\.org [NC]
#RewriteRule .*\.(ogg)$ http://chat.flashii.net/sandstorm.ogg [L] #RewriteRule .*\.(ogg)$ http://chat.flashii.net/sandstorm.ogg [L]
# #
ErrorDocument 403 /index.php ErrorDocument 403 "403"
ErrorDocument 404 /index.php ErrorDocument 404 "404"
ErrorDocument 500 /index.php ErrorDocument 500 "500"

20
content/data/yuuno/css/yuuno.css
View file

@ -1042,7 +1042,9 @@ h1.stylised {
} }
/* Input buttons styling */ /* Input buttons styling */
input[type="submit"].inputStyling, input[type="button"].inputStyling { input[type="submit"].inputStyling,
input[type="button"].inputStyling,
input[type="reset"].inputStyling {
padding: 3px 10px; padding: 3px 10px;
cursor: pointer; cursor: pointer;
border: 0; border: 0;
@ -1056,23 +1058,31 @@ input[type="submit"].inputStyling, input[type="button"].inputStyling {
font-size: 22px; font-size: 22px;
min-width: 120px; min-width: 120px;
} }
input[type="submit"].inputStyling.small, input[type="button"].inputStyling.small { input[type="submit"].inputStyling.small,
input[type="button"].inputStyling.small,
input[type="reset"].inputStyling.small {
padding: 0 4px 1px; padding: 0 4px 1px;
margin: -2px 0 0; margin: -2px 0 0;
font-size: 16px; font-size: 16px;
border-radius: 0; border-radius: 0;
min-width: 80px !important; min-width: 80px !important;
} }
input[type="submit"].inputStyling:hover, input[type="button"].inputStyling:hover { input[type="submit"].inputStyling:hover,
input[type="button"].inputStyling:hover,
input[type="reset"].inputStyling:hover {
box-shadow: inset #222 0 0 3px; box-shadow: inset #222 0 0 3px;
text-shadow: #F1F1F1 0 0 5px; text-shadow: #F1F1F1 0 0 5px;
} }
input[type="submit"].inputStyling:active, input[type="button"].inputStyling:active { input[type="submit"].inputStyling:active,
input[type="button"].inputStyling:active,
input[type="reset"].inputStyling:active {
box-shadow: inset #222 0 0 5px; box-shadow: inset #222 0 0 5px;
text-shadow: #F1F1F1 0 0 3px; text-shadow: #F1F1F1 0 0 3px;
transition: text-shadow .2s, box-shadow .2s; transition: text-shadow .2s, box-shadow .2s;
} }
input[type="text"].inputStyling, input[type="password"].inputStyling , input[type="date"].inputStyling { input[type="text"].inputStyling,
input[type="password"].inputStyling ,
input[type="date"].inputStyling {
padding: 3px 4px; padding: 3px 4px;
border: 1px solid #CCC; border: 1px solid #CCC;
box-shadow: inset #DDD 0 0 5px; box-shadow: inset #DDD 0 0 5px;

2
content/index.php
View file

@ -1,2 +0,0 @@
<?php
header("Location: http://flashii.net/");

9
main/authenticate.php
View file

@ -47,6 +47,15 @@ if(
} }
// Login check
if(Users::checkLogin()) {
if($_REQUEST['mode'] != 'logout')
$continue = false;
}
if($continue) { if($continue) {
switch($_REQUEST['mode']) { switch($_REQUEST['mode']) {