From 6dd7d425c7ddd92354c0c867ff6bd54b4254394b Mon Sep 17 00:00:00 2001 From: Daniel Winzen Date: Sun, 26 Apr 2015 14:21:11 +0200 Subject: [PATCH] Added option to only allow guests with a global password Also fixed an error in valid_admin() introduced in the previous version --- CHANGELOG | 3 +++ chat.php | 52 +++++++++++++++++++++++++++++++++++++++++++--------- lang_de.php | 2 ++ lang_en.php | 2 ++ 4 files changed, 50 insertions(+), 9 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 633fbb4..c3ca4be 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,6 @@ +Version 1.6 - Apr. 26, 2015 +Added option to only allow guests with a global password + Version 1.5 - Apr. 20, 2015 Added incognito mode diff --git a/chat.php b/chat.php index 69053e2..656031b 100755 --- a/chat.php +++ b/chat.php @@ -133,12 +133,16 @@ if(!isSet($_REQUEST['action'])){ approve_session(); send_approve_waiting(); }elseif($_REQUEST['do']=='guestaccess'){ - if(isSet($_REQUEST['set']) && preg_match('/^[0123]$/', $_REQUEST['set'])){ + if(isSet($_REQUEST['set']) && preg_match('/^[01234]$/', $_REQUEST['set'])){ update_setting('guestaccess', $_REQUEST['set']); } }elseif($_REQUEST['do']=='filter'){ manage_filter(); send_filter(); + }elseif($_REQUEST['do']=='globalpass'){ + if(isSet($_REQUEST['globalpass'])){ + update_setting('globalpass', $_REQUEST['globalpass']); + } } send_admin(); }elseif($_REQUEST['action']=='setup'){ @@ -153,7 +157,7 @@ if(!isSet($_REQUEST['action'])){ if(!valid_admin()) send_alogin(); if(!isSet($_REQUEST['do'])){ }elseif($_REQUEST['do']=='guestaccess'){ - if(isSet($_REQUEST['set']) && preg_match('/^[0123]$/', $_REQUEST['set'])){ + if(isSet($_REQUEST['set']) && preg_match('/^[01234]$/', $_REQUEST['set'])){ update_setting('guestaccess', $_REQUEST['set']); } }elseif($_REQUEST['do']=='messages'){ @@ -163,6 +167,10 @@ if(!isSet($_REQUEST['action'])){ $_REQUEST['rulestxt']=preg_replace("/\n/", '
', $_REQUEST['rulestxt']); $_REQUEST['rulestxt']=preg_replace("/\r/", '
', $_REQUEST['rulestxt']); update_setting('rulestxt', $_REQUEST['rulestxt']); + }elseif($_REQUEST['do']=='globalpass'){ + if(isSet($_REQUEST['globalpass'])){ + update_setting('globalpass', $_REQUEST['globalpass']); + } } send_setup(); }elseif($_REQUEST['action']=='init'){ @@ -288,10 +296,21 @@ function send_setup(){ echo '  "; + echo '  "; echo '   ".submit($I['change']).''; + echo "> "; + echo ' '.submit($I['change']).''; thr(); + if($ga==4){ + echo "
$I[globalloginpass]"; + echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'globalpass').hidden('session', $U['session']).''; + echo "'; + echo '
 '.submit($I['apply']).'
'; + thr(); + } echo "
$I[sysmessages]"; echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'messages').hidden('session', $U['session']).''; echo "'; @@ -393,11 +412,20 @@ function send_admin($arg=''){ echo ""; + echo ""; echo ""; echo '
 $I[msgenter] 
  
  
  
 '.submit($I['change']).'
'; thr(); + if($ga==4){ + echo "
$I[globalloginpass]"; + echo frmadm('globalpass').''; + echo '
  '.submit($I['apply']).'
'; + thr(); + } if($C['suguests']){ echo "
$I[addsuguest]"; echo frmadm('superguest').""; if($C['enablecaptcha']) send_captcha(); if(get_setting('guestaccess')>0){ + if(get_setting('guestaccess')==4) echo ""; echo "'; @@ -984,7 +1013,7 @@ function create_session($setup){ global $U, $C, $I, $mysqli; $U['nickname']=cleanup_nick($_REQUEST['nick']); $U['passhash']=md5(sha1(md5($U['nickname'].$_REQUEST['pass']))); - if(!$setup) $U['colour']=$_REQUEST['colour']; + if(isSet($_REQUEST['colour'])) $U['colour']=$_REQUEST['colour']; else $U['colour']=$C['coltxt']; $U['status']=1; check_member(); @@ -1010,6 +1039,7 @@ function create_session($setup){ if(!valid_pass($_REQUEST['pass'])) send_error(sprintf($I['invalpass'], $C['minpass'])); $ga=get_setting('guestaccess'); if($ga==0) send_error($I['noguests']); + if($ga==4 && isSet($_REQUEST['globalpass']) && $_REQUEST['globalpass']!=get_setting('globalpass')) send_error($I['wrongpass']); } write_new_session(); } @@ -1820,15 +1850,15 @@ function print_messages($delstatus=''){ // this and that function valid_admin(){ + global $U; if(isSet($_REQUEST['session'])){ check_session(); - return true; } elseif(isSet($_REQUEST['nick']) && isSet($_REQUEST['pass'])){ create_session(true); - return true; } - return false; + if(isSet($U['status']) && $U['status']>=7) return true; + else return false; } function valid_nick($nick){ @@ -1990,6 +2020,7 @@ function init_chat(){ 'ALTER TABLE `sessions` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT; '. 'ALTER TABLE `settings` MODIFY `id` tinyint(3) unsigned NOT NULL AUTO_INCREMENT; '. 'INSERT INTO `settings` (`setting`,`value`) VALUES (\'guestaccess\',\'0\'); '. + 'INSERT INTO `settings` (`setting`,`value`) VALUES (\'globalpass\',\'\'); '. 'INSERT INTO `settings` (`setting`,`value`) VALUES (\'rulestxt\', \'1. YOUR_RULS
2. YOUR_RULES\'); '. 'INSERT INTO `settings` (`setting`,`value`) VALUES (\'msgenter\',\'%s entered the chat.\'); '. 'INSERT INTO `settings` (`setting`,`value`) VALUES (\'msgexit\',\'%s left the chat.\'); '. @@ -2045,6 +2076,9 @@ function update_db(){ mysqli_query($mysqli, 'ALTER TABLE `members` ADD `incognito` TINYINT(1) UNSIGNED NOT NULL'); mysqli_query($mysqli, 'ALTER TABLE `sessions` ADD `incognito` TINYINT(1) UNSIGNED NOT NULL'); } + if($dbversion<5){ + mysqli_query($mysqli, 'INSERT INTO `settings` (`setting`, `value`) VALUES (\'globalpass\', \'\')'); + } update_setting('dbversion', $C['dbversion']); send_update(); } @@ -2147,8 +2181,8 @@ function load_lang(){ function load_config(){ global $C; $C=array( - 'version' =>'1.5', // Script version - 'dbversion' =>4, // Database version + 'version' =>'1.6', // Script version + 'dbversion' =>5, // Database version 'showcredits' =>false, // Allow showing credits 'colbg' =>'000000', // Background colour 'coltxt' =>'FFFFFF', // Default text colour diff --git a/lang_de.php b/lang_de.php index 6580d06..75b1c49 100644 --- a/lang_de.php +++ b/lang_de.php @@ -54,6 +54,7 @@ $I=array( 'msgclean' => 'Raum geleert', 'nick' => 'Nickname:', 'pass' => 'Passwort:', + 'globalloginpass' => 'Globales Passwort:', 'login' => 'Anmelden', 'admfunc' => 'Administrative Funktionen', 'allguests' => 'Alle Gäste', @@ -74,6 +75,7 @@ $I=array( 'guestallow' => 'Erlauben', 'guestwait' => 'Mit Warteraum erlauben', 'adminallow' => 'Moderator-Erlaubnis benötigen', + 'globalpass' => 'Globales Passwort', 'guestdisallow' => 'Verweigern', 'addsuguest' => 'Anwerber hinzufügen', 'register' => 'Registrieren', diff --git a/lang_en.php b/lang_en.php index 56f1be5..1e6a103 100644 --- a/lang_en.php +++ b/lang_en.php @@ -45,6 +45,7 @@ $I=array( 'initgosetup' => 'Go to the Setup-Page', 'nick' => 'Nickname:', 'pass' => 'Password:', + 'globalloginpass' => 'Global Password:', 'login' => 'Login', 'dbupdate' => 'Database successfully updated!', 'sysmessages' => 'System messages', @@ -75,6 +76,7 @@ $I=array( 'guestallow' => 'Allow', 'guestwait' => 'Allow with waitingroom', 'adminallow' => 'Require moderator approval', + 'globalpass' => 'Global Password', 'guestdisallow' => 'Disallow', 'addsuguest' => 'Add applicant', 'register' => 'Register',
 
$I[pass]
$I[globalloginpass]
$I[choosecol]