auth.php<?phpfunction auth($login, $passwd){ $path = "../private/passw

1. auth.php
2. <?php
3.  
4. function auth($login, $passwd)
5. {
6. $path = "../private/passwd";
7. $hash = hash("whirlpool", $passwd);
8. $accounts = file_get_contents($path);
9. $accounts = unserialize($accounts);
10. foreach ($accounts as $elem)
11. {
12. if ($elem["login"] == $login && $elem["passwd"] == $hash)
13. return true;
14. }
15. return false;
16. }
17.  
18. ?>
19. login.php
20. <?php
21.  
22. include("auth.php");
23.  
24. $login = $_GET['login'];
25. $passwd = $_GET['passwd'];
26.  
27. session_start();
28. if (auth($login, $passwd))
29. {
30. $_SESSION['loggued_on_user'] = $login;
31. echo "OK\n";
32. }
33. else
34. {
35. $_SESSION['loggued_on_user'] = "";
36. echo "ERROR\n";
37. }
38.  
39. ?>
40. logout.php
41. <?php
42.  
43. session_start();
44. $_SESSION['loggued_on_user'] = "";
45.  
46. ?>
47. <?php
48.  
49. session_start();
50. if ($_SESSION['loggued_on_user'])
51. echo $_SESSION['loggued_on_user']."\n";
52. else
53. echo "ERROR\n";
54.  
55. ?>
56.  
57.  
58.  
59.  
60.  
61.  
62.  
63.  
64. ////////////////////////////////////////////////////////////////
65. auth.php
66. <?php
67.  
68. function auth($login, $passwd)
69. {
70. $path = "../private/passwd";
71. $hash = hash("whirlpool", $passwd);
72. $accounts = file_get_contents($path);
73. $accounts = unserialize($accounts);
74. foreach ($accounts as $elem)
75. {
76. if ($elem["login"] == $login && $elem["passwd"] == $hash)
77. return true;
78. }
79. return false;
80. }
81.  
82. ?>
83.  
84. chat.php
85. <?php
86.  
87. session_start();
88. if ($_SESSION['loggued_on_user'])
89. {
90. $folder = "../private";
91. $path = "../private/chat";
92. $fp = fopen($path, "r");
93. flock($fp, LOCK_SH);
94. $messages = file_get_contents($path);
95. fclose($fp);
96. $messages = unserialize($messages);
97. foreach ($messages as $key=>$msg)
98. echo $msg['time']." <b>".$msg['login']."</b>: ".$msg['msg']."<br />\n";
99. }
100. else
101. echo "ERROR\n";
102.  
103. ?>
104.  
105. <head>
106. <script>scroll = setTimeout(function(){ window.scrollBy(0, 100000);}, 1);</script>
107. <meta http-equiv="refresh" content="1">
108. </head>
109.  
110. create.html
111. <html><body>
112. <form action = "create.php" method="POST">
113. Username: <input type="text" name="login" value="" />
114. <br />
115. Password: <input type="password" name="passwd" value="" />
116. <input type="submit" name="submit" value="OK" />
117. </form>
118. </body></html>
119.  
120. create.php
121. <?php
122.  
123. function add_account($login, $passwd, $path, $accounts)
124. {
125. $hash = hash("whirlpool", $passwd);
126. $new_account = array("login"=>$login, "passwd"=>$hash);
127. $accounts[] = $new_account;
128. file_put_contents($path, serialize($accounts));
129. echo "OK\n";
130. header("Location: index.html");
131. }
132.  
133. function search_account($login, $accounts)
134. {
135. foreach ($accounts as $elem) {
136. if ($elem["login"] == $login)
137. return true;
138. }
139. return false;
140. }
141.  
142. $login = $_POST['login'];
143. $passwd = $_POST['passwd'];
144. $submit = $_POST['submit'];
145. $folder = '../private';
146. $path = '../private/passwd';
147. $accounts = array();
148.  
149. if ($submit == 'OK')
150. {
151. if (!file_exists($folder))
152. mkdir($folder);
153.  
154. $accounts = file_get_contents($path);
155. $accounts = unserialize($accounts);
156.  
157. if ($passwd == NULL)
158. echo "ERROR\n";
159. else if ($accounts == NULL)
160. add_account($login, $passwd, $path, $accounts);
161. else
162. {
163. if (!search_account($login, $accounts))
164. add_account($login, $passwd, $path, $accounts);
165. else
166. echo "ERROR\n";
167. }
168. }
169. else
170. echo "ERROR\n";
171. ?>
172.  
173.  
174. index.html
175. <html><body>
176. <form action="login.php" method="POST">
177. Username: <input type="text" name="login" value="" />
178. <br />
179. Password: <input type="password" name="passwd" value="" />
180. <input type="submit" name="submit" value="OK" />
181. <br />
182. <a href="create.html">Create an account</a>
183. <br />
184. <a href="modif.html">Modify the password</a>
185. </form>
186. </body></html>
187.  
188.  
189. login.php
190.  
191. <?php
192.  
193. include("auth.php");
194.  
195. $login = $_POST['login'];
196. $passwd = $_POST['passwd'];
197.  
198. session_start();
199. if (auth($login, $passwd))
200. {
201. $_SESSION['loggued_on_user'] = $login;
202. echo '<html><body>
203. <iframe name="chat" src="chat.php" width="100%" height="550px"></iframe>
204. <iframe name="speak" src="speak.php" width="100%" height="50px"></iframe>
205. <a href="logout.php">Logout</a>
206. </body></html>';
207. }
208. else
209. {
210. $_SESSION['loggued_on_user'] = "";
211. echo "ERROR\n";
212. }
213.  
214. ?>
215.  
216.  
217. logout.php
218. <?php
219.  
220. session_start();
221. $_SESSION['loggued_on_user'] = "";
222. header("Location: index.html");
223.  
224. ?>
225.  
226. modif.html
227. <html><body>
228. <form action = "modif.php" method="POST">
229. Username: <input type="text" name="login" value="" />
230. <br />
231. Old password: <input type="password" name="oldpw" value="" />
232. <br />
233. New password: <input type="password" name="newpw" value="" />
234. <input type="submit" name="submit" value="OK" />
235. </form>
236. </body></html>
237.  
238. modif.php
239. <?php
240.  
241. function search_account($login, $oldpw, $accounts)
242. {
243. $hash = hash("whirlpool", $oldpw);
244. foreach ($accounts as $elem) {
245. if ($elem["login"] == $login && $elem["passwd"] == $hash)
246. return true;
247. }
248. return false;
249. }
250.  
251. function modif_account($login, $newpw, &$accounts)
252. {
253. $hash = hash("whirlpool", $newpw);
254. foreach ($accounts as &$elem) {
255. if ($elem["login"] == $login)
256. {
257. $elem["passwd"] = $hash;
258. return;
259. }
260. }
261. }
262.  
263. $login = $_POST['login'];
264. $oldpw = $_POST['oldpw'];
265. $newpw = $_POST['newpw'];
266. $submit = $_POST['submit'];
267. $path = '../private/passwd';
268. $accounts = array();
269.  
270.  
271. if ($submit == 'OK')
272. {
273. $accounts = file_get_contents($path);
274. $accounts = unserialize($accounts);
275.  
276. if ($newpw == NULL || $oldpw == NULL)
277. echo "ERROR\n";
278. else if ($accounts == NULL)
279. echo "ERROR\n";
280. else
281. {
282. if (!search_account($login, $oldpw, $accounts))
283. echo "ERROR\n";
284. else
285. {
286. modif_account($login, $newpw, $accounts);
287. file_put_contents($path, serialize($accounts));
288. echo "OK\n";
289. header("Location: index.html");
290. }
291. }
292. }
293. else
294. echo "ERROR\n";
295. ?>
296.  
297. speak.php
298. <?php
299.  
300. date_default_timezone_set('Europe/Bucharest');
301. session_start();
302.  
303. $msg = $_POST['msg'];
304. $submit = $_POST['submit'];
305. $folder = "../private";
306. $path = "../private/chat";
307. if ($submit == "OK")
308. {
309. if ($_SESSION['loggued_on_user'])
310. {
311. if (!file_exists($folder))
312. mkdir($folder);
313. $fp = fopen($path, "r+");
314. flock($fp, LOCK_EX);
315. $messages = file_get_contents($path);
316. $messages = unserialize($messages);
317. $new_msg = array("login"=>$_SESSION['loggued_on_user'], "time"=>date("[d/m/y H:i:s]"), "msg"=>$msg);
318. $messages[] = $new_msg;
319. file_put_contents($path, serialize($messages));
320. fclose($fp);
321. }
322. else
323. echo "ERROR\n";
324. }
325.  
326. ?>
327. <form method='POST'>
328. <input type='text' style='width: 250px;' name='msg'>
329. <input type='submit' name='submit' value='OK'>
330. </form>