adding updated code

2024-06-18 09:36:11 +01:00
parent 0aaa1964fb
commit 0d7038c4b6
29 changed files with 4350 additions and 0 deletions
--- a/sys0-code/login/keepmeloggedin.php
+++ b/sys0-code/login/keepmeloggedin.php
@@ -0,0 +1,64 @@
+<?php
+function logmein($link)
+{
+	require_once "../log/log.php";
+		 $cookie = isset($_COOKIE['keepmeloggedin']) ? $_COOKIE['keepmeloggedin'] : '';
+		if ($cookie) {
+			$data=explode(':', $cookie);
+			$username=$data[0];
+			$token=$data[1];
+			$mac=$data[2];
+			if (!hash_equals(hash('sha256', $username . ':' . $token), $mac)) {
+				log_("Logged $username not in via autologin","LOGIN:AUTOLOGIN:FAILURE"); 
+				return "error1";
+			}
+			//echo($username);
+			$role="";
+			$usertoken="";
+			$id=0;
+			$color="";
+			$banned=0;
+			$telegram_id="";
+			$notification_mail=0;
+			$notification_telegram=0;
+			$sql = "SELECT keepmeloggedin, role, id, color,banned,telegram_id,notification_telegram,notification_mail FROM users WHERE username = ?";
+			$username=htmlspecialchars($username);
+			$stmt = mysqli_prepare($link, $sql);
+			mysqli_stmt_bind_param($stmt, "s", $username);
+			mysqli_stmt_execute($stmt);
+			mysqli_stmt_store_result($stmt);
+			mysqli_stmt_bind_result($stmt, $usertoken,$role,$id,$color,$banned,$telegram_id,$notification_telegram,$notification_mail);
+			mysqli_stmt_fetch($stmt);
+			mysqli_stmt_close($stmt);
+			if ($usertoken!==$token) {
+				log_("Logged $username not in via autologin","LOGIN:AUTOLOGIN:FAILURE"); 
+				return "error2";
+			}
+			else
+			{
+				if($banned!=1)
+				{
+					session_start();
+					$_SESSION["loggedin"] = true;
+					$_SESSION["id"] = $id;
+					$_SESSION["username"] = $username;       
+					$_SESSION["role"] = $role; 
+					$_SESSION["token"]=bin2hex(random_bytes(32));   
+					$_SESSION["color"]=$color;  
+					$_SESSION["telegram_id"]=$telegram_id;
+					$_SESSION["notification_telegram"]=$notification_telegram;
+					$_SESSION["notification_mail"]=$notification_mail;
+					log_("Logged $username in via autologin","LOGIN:AUTOLOGIN:SUCCESS"); 
+					return "success";
+				}
+				else
+				{
+					log_("Logged $username not in via autologin","LOGIN:AUTOLOGIN:FAILURE"); 
+					return "error3";
+				}
+			}
+		}		 
+		 return $username;
+}
+
+?>