diff options
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/footer.php | 18 | ||||
| -rw-r--r-- | includes/funktion_activeUser.php | 34 | ||||
| -rw-r--r-- | includes/funktion_faq.php | 10 | ||||
| -rw-r--r-- | includes/funktion_flag.php | 9 | ||||
| -rw-r--r-- | includes/header_start.php | 40 | ||||
| -rw-r--r-- | includes/login_eingabefeld.php | 17 | ||||
| -rw-r--r-- | includes/pages/guest_faq.php | 9 | ||||
| -rw-r--r-- | includes/secure.php | 25 | ||||
| -rw-r--r-- | includes/sys_auth.php | 8 |
9 files changed, 17 insertions, 153 deletions
diff --git a/includes/footer.php b/includes/footer.php deleted file mode 100644 index fdf00581..00000000 --- a/includes/footer.php +++ /dev/null @@ -1,18 +0,0 @@ -</article> -</div> -</div> - -<footer> - <p> - © copyleft | <a href="mailto:erzengel@lists.ccc.de">Contact</a> | <a href="<?php echo $ENGEL_ROOT; ?>credits.php">Credits</a><br /> - This is hell. Temporarily. - </p> -</footer> - -<?php -include ("funktion_counter.php"); -mysql_close($con); -?> - -</body> -</html> diff --git a/includes/funktion_activeUser.php b/includes/funktion_activeUser.php deleted file mode 100644 index 631ec2d1..00000000 --- a/includes/funktion_activeUser.php +++ /dev/null @@ -1,34 +0,0 @@ -<?php - - -// Funktionen gibt es nicht auf allen Rechnern -echo "<h4>Engel online</h4>"; - -$SQL = "SELECT UID, Nick, lastLogIn " . -"FROM User " . -"WHERE (`lastLogIn` > '" . (time() - 60 * 60) . "' AND NOT (UID=" . $_SESSION['UID'] . ")) " . -"ORDER BY lastLogIn DESC;"; - -$Erg = mysql_query($SQL, $con); - -echo "<ul class=\"content\">"; - -for ($i = 0; $i < mysql_num_rows($Erg); $i++) { - echo "<li>"; - - if ($_SESSION['UID'] > 0) - echo DisplayAvatar(mysql_result($Erg, $i, "UID")); - - // Show Admin Page - echo funktion_isLinkAllowed_addLink_OrLinkText("admin/userChangeNormal.php?enterUID=" . mysql_result($Erg, $i, "UID") . "&Type=Normal", mysql_result($Erg, $i, "Nick")); - - $timestamp = mktime($hour, $minute, $second, $month, $day, $year); - - $Tlog = time() - mysql_result($Erg, $i, "lastLogIn"); - - echo " " . date("i:s", $Tlog); - echo "</li>\n"; -} - -echo "</ul>"; -?> diff --git a/includes/funktion_faq.php b/includes/funktion_faq.php deleted file mode 100644 index e9f09e7c..00000000 --- a/includes/funktion_faq.php +++ /dev/null @@ -1,10 +0,0 @@ -<?php - function noAnswer() { - global $con; - - $SQL = "SELECT UID FROM Questions WHERE `AID`='0'"; - $Res = mysql_query($SQL, $con); - - return mysql_num_rows($Res); - } -?> diff --git a/includes/funktion_flag.php b/includes/funktion_flag.php deleted file mode 100644 index 6b4e2f06..00000000 --- a/includes/funktion_flag.php +++ /dev/null @@ -1,9 +0,0 @@ -<?php -if (strpos($_SERVER["REQUEST_URI"], "?") > 0) - $URL = $_SERVER["REQUEST_URI"] . "&SetLanguage="; -else - $URL = $_SERVER["REQUEST_URI"] . "?SetLanguage="; - -echo '<p class="content"><a class="sprache" href="' . $URL . 'DE"><img src="' . $ENGEL_ROOT . 'pic/flag/de.png" alt="DE" title="Deutsch"></a>'; -echo '<a class="sprache" href="' . $URL . 'EN"><img src="' . $ENGEL_ROOT . 'pic/flag/en.png" alt="EN" title="English"></a></p>'; -?> diff --git a/includes/header_start.php b/includes/header_start.php deleted file mode 100644 index 4795cee3..00000000 --- a/includes/header_start.php +++ /dev/null @@ -1,40 +0,0 @@ -<?php -ini_set("session.gc_maxlifetime", "65535"); - -include "config/config.php"; -include "error_handler.php"; -include "config/config_db.php"; -include "funktion_lang.php"; -include "funktion_faq.php"; // fuer noAnswer() im menu -include "funktion_menu.php"; -include "funktion_user.php"; - -if (isset ($SystemDisableMessage) && (strlen($SystemDisableMessage) > 0)) { - echo "<html><head><title>" . $SystemDisableMessage . "</title></head>"; - echo "<body>" . $SystemDisableMessage . "</body></html>\n"; - die(); -} - -if (!isset ($_SESSION)) - session_start(); - -include "secure.php"; - -if (!isset ($_SESSION['IP'])) - $_SESSION['IP'] = $_SERVER['REMOTE_ADDR']; - -if (isset ($_SESSION['UID']) && ($_SESSION['IP'] <> $_SERVER['REMOTE_ADDR'])) { - session_destroy(); - header("Location: " . $url . $ENGEL_ROOT); -} - -include "UserCVS.php"; - -// update LASTlogin -if (isset ($_SESSION['UID'])) { - $SQLlastLogIn = "UPDATE `User` SET " . - "`lastLogIn` = '" . time() . "'" . - " WHERE `UID` = '" . $_SESSION['UID'] . "' LIMIT 1;"; - mysql_query($SQLlastLogIn, $con); -} -?> diff --git a/includes/login_eingabefeld.php b/includes/login_eingabefeld.php deleted file mode 100644 index 9e10271d..00000000 --- a/includes/login_eingabefeld.php +++ /dev/null @@ -1,17 +0,0 @@ -<?php - include "config/config.php"; -?> - -<form action="<?php echo $url . $ENGEL_ROOT; ?>nonpublic/index.php" method="post"> -<table> - <tr> - <td align="right"><?php echo Get_Text("index_lang_nick"); ?></td> - <td><input type="text" name="user" size="23" /></td> - </tr> - <tr> - <td align="right"><?php echo Get_Text("index_lang_pass"); ?></td> - <td><input type="password" name="password" size="23"></td> - </tr> - </table> - <br /><input type="submit" value="<?php echo Get_Text("index_lang_send"); ?>"> -</form> diff --git a/includes/pages/guest_faq.php b/includes/pages/guest_faq.php index 6b5eeeeb..48e75d16 100644 --- a/includes/pages/guest_faq.php +++ b/includes/pages/guest_faq.php @@ -18,4 +18,13 @@ function guest_faq() { } return $html; } + +function noAnswer() { + global $con; + + $SQL = "SELECT UID FROM Questions WHERE `AID`='0'"; + $Res = mysql_query($SQL, $con); + + return mysql_num_rows($Res); +} ?> diff --git a/includes/secure.php b/includes/secure.php deleted file mode 100644 index 1d1a9e46..00000000 --- a/includes/secure.php +++ /dev/null @@ -1,25 +0,0 @@ -<?php - if($debug) - echo "secure.php START<br />\n"; - - foreach ($_GET as $k => $v) { - $v = htmlentities($v, ENT_QUOTES); - preg_replace('/([\'"`\'])/', '', $v); - $_GET[$k] = $v; - - if($debug) - echo "GET $k=\"$v\"<br />"; - } - - foreach ($_POST as $k => $v) { - $v = htmlentities($v, ENT_QUOTES); - preg_replace('/([\'"`\'])/', '', $v); - $_POST[$k] = $v; - - if($debug) - echo "POST $k=\"$v\"<br />"; - } - - if($debug) - echo "secure.php END<br />\n"; -?> diff --git a/includes/sys_auth.php b/includes/sys_auth.php index 1c15122e..68e336b0 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -5,6 +5,14 @@ function load_auth() { global $user; + if (!isset ($_SESSION['IP'])) + $_SESSION['IP'] = $_SERVER['REMOTE_ADDR']; + + if ($_SESSION['IP'] != $_SERVER['REMOTE_ADDR']) { + session_destroy(); + header("Location: " . link_to_page($start)); + } + $user = null; if (isset ($_SESSION['uid'])) { $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1"); |