danwin1210/le-chat-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Catch exceptions

Browse Source
This commit is contained in:
Daniel Winzen
2020-10-25 13:55:08 +01:00
parent 4c5c3e9ff0
commit f0e9a1a4dd
1 changed files with 140 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
chat.php
View File

@ -452,7 +452,7 @@ function send_captcha(){
$fg=imagecolorallocate($im, 255, 255, 255);
imagefill($im, 0, 0, $bg);
imagestring($im, 5, 5, 5, $code, $fg);
echo '<img width="55" height="24" src="data:image/gif;base64,';
echo '<img alt="" width="55" height="24" src="data:image/gif;base64,';
}elseif($difficulty===2){
$im=imagecreatetruecolor(55, 24);
$bg=imagecolorallocate($im, 0, 0, 0);
@ -467,13 +467,14 @@ function send_captcha(){
for($i=0;$i<100;++$i){
imagesetpixel($im, mt_rand(0, 55), mt_rand(0, 24), $dots);
}
echo '<img width="55" height="24" src="data:image/gif;base64,';
echo '<img alt="" width="55" height="24" src="data:image/gif;base64,';
}else{
$im=imagecreatetruecolor(150, 200);
$bg=imagecolorallocate($im, 0, 0, 0);
$fg=imagecolorallocate($im, 255, 255, 255);
imagefill($im, 0, 0, $bg);
$chars=[];
$x = $y = 0;
for($i=0;$i<10;++$i){
$found=false;
while(!$found){
@ -519,7 +520,7 @@ function send_captcha(){
for($i=0;$i<1000;++$i){
imagesetpixel($im, mt_rand(0, 150), mt_rand(0, 200), $dots);
}
echo '<img width="150" height="200" src="data:image/gif;base64,';
echo '<img alt="" width="150" height="200" src="data:image/gif;base64,';
}
ob_start();
imagegif($im);
@ -782,7 +783,11 @@ function restore_backup(array $C){
$note['type']=1;
}
if(MSGENCRYPTED){
try {
$note['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($note['text'], '', AES_IV, ENCRYPTKEY));
} catch (SodiumException $e){
send_error($e->getMessage());
}
}
$stmt->execute([$note['type'], $note['lastedited'], $note['editedby'], $note['text']]);
}
@ -818,7 +823,11 @@ function send_backup(array $C){
$result=$db->query('SELECT * FROM ' . PREFIX . "notes;");
while($note=$result->fetch(PDO::FETCH_ASSOC)){
if(MSGENCRYPTED){
try {
$note['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($note['text']), null, AES_IV, ENCRYPTKEY);
} catch (SodiumException $e){
send_error($e->getMessage());
}
}
$code['notes'][]=$note;
}
@ -1428,7 +1437,7 @@ function send_linkfilter($arg=''){
}
function send_frameset(){
global $I, $U, $db, $language;
global $U, $db, $language;
prepare_stylesheets();
send_headers();
echo '<!DOCTYPE html><html lang="'.$language.'"><head>'.meta_html();
@ -1490,7 +1499,7 @@ function send_frameset(){
exit;
}
function noframe_html(){
function noframe_html() : string {
global $I;
return "$I[noframes]".form_target('_parent', '').submit($I['backtologin'], 'class="backbutton"').'</form>';
}
@ -1591,7 +1600,11 @@ function send_notes(int $type){
}
if(isset($_POST['text'])){
if(MSGENCRYPTED){
try {
$_POST['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($_POST['text'], '', AES_IV, ENCRYPTKEY));
} catch (SodiumException $e){
send_error($e->getMessage());
}
}
$time=time();
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'notes (type, lastedited, editedby, text) VALUES (?, ?, ?, ?);');
@ -1625,7 +1638,11 @@ function send_notes(int $type){
$note['text']='';
}
if(MSGENCRYPTED){
try {
$note['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($note['text']), null, AES_IV, ENCRYPTKEY);
} catch (SodiumException $e){
send_error($e->getMessage());
}
}
echo "</p>".form('notes');
echo "$hiddendo<textarea name=\"text\">".htmlspecialchars($note['text']).'</textarea><br>';
@ -2336,7 +2353,11 @@ function write_new_session(string $password){
// create new session
$stmt=$db->prepare('SELECT null FROM ' . PREFIX . 'sessions WHERE session=?;');
do{
$U['session']=bin2hex(random_bytes(16));
try {
$U[ 'session' ] = bin2hex( random_bytes( 16 ) );
} catch(Exception $e) {
send_error($e->getMessage());
}
$stmt->execute([$U['session']]);
}while($stmt->fetch(PDO::FETCH_NUM)); // check for hash collision
if(isset($_SERVER['HTTP_USER_AGENT'])){
@ -2995,7 +3016,11 @@ function validate_input() : string {
'text' =>"<span class=\"usermsg\">$displaysend".style_this($message, $U['style']).'</span>'
];
if(MSGENCRYPTED){
$newmessage['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($newmessage['text'], '', AES_IV, ENCRYPTKEY));
try {
$newmessage[ 'text' ] = base64_encode( sodium_crypto_aead_aes256gcm_encrypt( $newmessage[ 'text' ], '', AES_IV, ENCRYPTKEY ) );
} catch (SodiumException $e){
send_error($e->getMessage());
}
}
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'inbox (postdate, postid, poster, recipient, text) VALUES(?, ?, ?, ?, ?)');
$stmt->execute([$newmessage['postdate'], $id[0], $newmessage['poster'], $newmessage['recipient'], $newmessage['text']]);
@ -3051,7 +3076,7 @@ function apply_linkfilter(string $message) : string {
if(get_setting('imgembed')){
$message=preg_replace_callback('/\[img]\s?<a href="([^"]+)" target="_blank" rel="noreferrer noopener">([^<]*)<\/a>/iu',
function ($matched){
return str_ireplace('[/img]', '', "<br><a href=\"$matched[1]\" target=\"_blank\" rel=\"noreferrer noopener\"><img src=\"$matched[1]\"></a><br>");
return str_ireplace('[/img]', '', "<br><a href=\"$matched[1]\" target=\"_blank\" rel=\"noreferrer noopener\"><img src=\"$matched[1]\" rel=\"noreferrer\" loading=\"lazy\"></a><br>");
}
, $message);
}
@ -3183,7 +3208,11 @@ function add_system_message(string $mes){
function write_message($message){
global $db;
if(MSGENCRYPTED){
try {
$message['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($message['text'], '', AES_IV, ENCRYPTKEY));
} catch (SodiumException $e){
send_error($e->getMessage());
}
}
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'messages (postdate, poststatus, poster, recipient, text, delstatus) VALUES (?, ?, ?, ?, ?, ?);');
$stmt->execute([$message['postdate'], $message['poststatus'], $message['poster'], $message['recipient'], $message['text'], $message['delstatus']]);
@ -3304,10 +3333,14 @@ function print_messages(int $delstatus=0){
function prepare_message_print(array &$message, bool $removeEmbed){
if(MSGENCRYPTED){
try {
$message['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($message['text']), null, AES_IV, ENCRYPTKEY);
} catch (SodiumException $e){
send_error($e->getMessage());
}
}
if($removeEmbed){
$message['text']=preg_replace_callback('/<img src="([^"]+)"><\/a>/u',
$message['text']=preg_replace_callback('/<img src="([^"]+)" rel="noreferrer" loading="lazy"><\/a>/u',
function ($matched){
return "$matched[1]</a>";
}
@ -3547,7 +3580,7 @@ function cron(){
}
function destroy_chat(array $C){
global $I, $db, $memcached;
global $I, $db, $memcached, $session;
setcookie(COOKIENAME, false);
$session = '';
print_start('destory');
@ -3923,9 +3956,6 @@ function update_db(){
//recreate db in utf8mb4
try{
$olddb=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
}catch(PDOException $e){
send_fatal_error($I['nodb']);
}
$db->exec('DROP TABLE ' . PREFIX . 'captcha;');
$db->exec('CREATE TABLE ' . PREFIX . "captcha (id integer PRIMARY KEY AUTO_INCREMENT, time integer NOT NULL, code char(5) NOT NULL) ENGINE=MEMORY DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_bin;");
$result=$olddb->query('SELECT filtermatch, filterreplace, allowinpm, regex, kick, cs FROM ' . PREFIX . 'filter;');
@ -4000,6 +4030,9 @@ function update_db(){
foreach($data as $tmp){
$stmt->execute($tmp);
}
}catch(PDOException $e){
send_fatal_error($I['nodb']);
}
}
if($dbversion<33){
$db->exec('CREATE TABLE ' . PREFIX . "files (id $primary, postid integer NOT NULL UNIQUE, filename varchar(255) NOT NULL, hash char(40) NOT NULL, type varchar(255) NOT NULL, data $longtext NOT NULL)$diskengine$charset;");
@ -4022,6 +4055,7 @@ function update_db(){
if($dbversion<39){
$db->exec('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('personalnotes', '1');");
$result=$db->query('SELECT type, id FROM ' . PREFIX . 'notes;');
$data = [];
while($tmp=$result->fetch(PDO::FETCH_NUM)){
if($tmp[0]==='admin'){
$tmp[0]=0;
@ -4075,21 +4109,29 @@ function update_db(){
$result=$db->query('SELECT id, text FROM ' . PREFIX . 'messages;');
$stmt=$db->prepare('UPDATE ' . PREFIX . 'messages SET text=? WHERE id=?;');
while($message=$result->fetch(PDO::FETCH_ASSOC)){
try {
if(MSGENCRYPTED){
$message['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($message['text'], '', AES_IV, ENCRYPTKEY));
}else{
$message['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($message['text']), null, AES_IV, ENCRYPTKEY);
}
} catch (SodiumException $e){
send_error($e->getMessage());
}
$stmt->execute([$message['text'], $message['id']]);
}
$result=$db->query('SELECT id, text FROM ' . PREFIX . 'notes;');
$stmt=$db->prepare('UPDATE ' . PREFIX . 'notes SET text=? WHERE id=?;');
while($message=$result->fetch(PDO::FETCH_ASSOC)){
try {
if(MSGENCRYPTED){
$message['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($message['text'], '', AES_IV, ENCRYPTKEY));
}else{
$message['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($message['text']), null, AES_IV, ENCRYPTKEY);
}
} catch (SodiumException $e){
send_error($e->getMessage());
}
$stmt->execute([$message['text'], $message['id']]);
}
update_setting('msgencrypted', (int) MSGENCRYPTED);