danwin1210/onion-link-list
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add missing label tags and role="alert" attriubutes

Browse Source
This commit is contained in:
Daniel Winzen
2020-10-17 10:01:59 +02:00
parent bcf79f88d2
commit 84c598536b
3 changed files with 58 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
www/admin.php
View File

@ -8,25 +8,27 @@ try{
die($I['nodb']); die($I['nodb']);
} }
asort($categories); asort($categories);
echo '<!DOCTYPE html><html lang="'.$language.'><head>'; ?>
echo "<title>$I[admintitle]</title>"; <!DOCTYPE html><html lang="<?php echo $language; ?>"><head>
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">'; <title><?php echo $I['admintitle']; ?></title>
echo '<meta name=viewport content="width=device-width, initial-scale=1">'; <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
echo '<meta name="robots" content="noindex">'; <meta name=viewport content="width=device-width, initial-scale=1">
echo '<style type="text/css">'.$style.'</style>'; <meta name="robots" content="noindex">
echo '</head><body>'; <style type="text/css"><?php echo $style; ?></style>
echo "<h1>$I[admintitle]</h1>"; </head><body>
<h1><?php echo $I['admintitle']; ?></h1>
<?php
print_langs(); print_langs();
//check password //check password
if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
echo "<form action=\"$_SERVER[SCRIPT_NAME]\" method=\"POST\">"; echo "<form action=\"$_SERVER[SCRIPT_NAME]\" method=\"POST\">";
echo "<input type=\"hidden\" name=\"lang\" value=\"$language\">"; echo "<input type=\"hidden\" name=\"lang\" value=\"$language\">";
echo "<p>$I[password]: <input type=\"password\" name=\"pass\" size=\"30\" required></p>"; echo "<p><label>$I[password]: <input type=\"password\" name=\"pass\" size=\"30\" required></label></p>";
echo "<input type=\"submit\" name=\"action\" value=\"$I[login]\">"; echo "<input type=\"submit\" name=\"action\" value=\"$I[login]\">";
echo '</form>'; echo '</form>';
if(isset($_POST['pass'])){ if(isset($_POST['pass'])){
echo "<p class=\"red\">$I[wrongpass]</p>"; echo "<p class=\"red\" role=\"alert\">$I[wrongpass]</p>";
} }
}else{ }else{
$view_mode = isset($_POST['view_mode']) ? $_POST['view_mode'] : 'single'; $view_mode = isset($_POST['view_mode']) ? $_POST['view_mode'] : 'single';
@ -43,11 +45,11 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
echo "<input type=\"hidden\" name=\"pass\" value=\"$_POST[pass]\">"; echo "<input type=\"hidden\" name=\"pass\" value=\"$_POST[pass]\">";
echo "<input type=\"hidden\" name=\"view_mode\" value=\"$view_mode\">"; echo "<input type=\"hidden\" name=\"view_mode\" value=\"$view_mode\">";
if($view_mode === 'single') { if($view_mode === 'single') {
echo "<p>$I[link]: <input name=\"addr\" size=\"30\" value=\""; echo "<p><label>$I[link]: <input name=\"addr\" size=\"30\" value=\"";
if ( isset( $_REQUEST[ 'addr' ] ) ) { if ( isset( $_REQUEST[ 'addr' ] ) ) {
echo htmlspecialchars( $_REQUEST[ 'addr' ] ); echo htmlspecialchars( $_REQUEST[ 'addr' ] );
} }
echo '" required autofocus></p>'; echo '" required autofocus></label></p>';
} else { } else {
echo '<table id="maintable"><tr><th>Select</th><th>Address</th><th>Description</th><th>Category</th><th>Status</th></tr>'; echo '<table id="maintable"><tr><th>Select</th><th>Address</th><th>Description</th><th>Category</th><th>Status</th></tr>';
$stmt=$db->query('SELECT address, description, category, approved, locked FROM ' . PREFIX . "onions WHERE address!='';"); $stmt=$db->query('SELECT address, description, category, approved, locked FROM ' . PREFIX . "onions WHERE address!='';");
@ -57,17 +59,17 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
} }
echo '</table>'; echo '</table>';
} }
echo "<p>$I[cloneof]: <input type=\"text\" name=\"original\" size=\"30\""; echo "<p><label>$I[cloneof]: <input type=\"text\" name=\"original\" size=\"30\"";
if(isset($_REQUEST['original'])){ if(isset($_REQUEST['original'])){
echo ' value="'.htmlspecialchars($_REQUEST['original']).'"'; echo ' value="'.htmlspecialchars($_REQUEST['original']).'"';
} }
echo '></p>'; echo '></label></p>';
echo "<p>$I[bitcoins]: <input type=\"text\" name=\"btc\" size=\"30\""; echo "<p><label>$I[bitcoins]: <input type=\"text\" name=\"btc\" size=\"30\"";
if(isset($_REQUEST['btc'])){ if(isset($_REQUEST['btc'])){
echo ' value="'.htmlspecialchars($_REQUEST['btc']).'"'; echo ' value="'.htmlspecialchars($_REQUEST['btc']).'"';
} }
echo '></p>'; echo '></label></p>';
echo "<p>$I[adddesc]: <br><textarea name=\"desc\" rows=\"2\" cols=\"30\">"; echo "<p><label for=\"desc\">$I[adddesc]:</label> <br><textarea id=\"desc\" name=\"desc\" rows=\"2\" cols=\"30\">";
if(!empty($_REQUEST['desc'])){ if(!empty($_REQUEST['desc'])){
echo htmlspecialchars(trim($_REQUEST['desc'])); echo htmlspecialchars(trim($_REQUEST['desc']));
}elseif(isset($_REQUEST['addr']) && is_string($_REQUEST['addr'])){ }elseif(isset($_REQUEST['addr']) && is_string($_REQUEST['addr'])){
@ -89,7 +91,7 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
if(!isset($category)){ if(!isset($category)){
$category=count($categories); $category=count($categories);
} }
echo "<p>$I[category]: <select name=\"cat\">"; echo "<p><label>$I[category]: <select name=\"cat\">";
foreach($categories as $cat=>$name){ foreach($categories as $cat=>$name){
echo "<option value=\"$cat\""; echo "<option value=\"$cat\"";
if($category==$cat || ($cat===0 && $category>=count($categories))){ if($category==$cat || ($cat===0 && $category>=count($categories))){
@ -97,7 +99,7 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
} }
echo ">$name</option>"; echo ">$name</option>";
} }
echo '</select></p>'; echo '</select></label></p>';
echo '<input type="submit" name="action" value="None" hidden>'; echo '<input type="submit" name="action" value="None" hidden>';
echo '<table><tr>'; echo '<table><tr>';
echo "<td><input type=\"submit\" name=\"action\" value=\"$I[remove]\"></td>"; echo "<td><input type=\"submit\" name=\"action\" value=\"$I[remove]\"></td>";
@ -122,22 +124,22 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
$addrs = is_array($_POST['addr']) ? $_POST['addr'] : [$_POST['addr']]; $addrs = is_array($_POST['addr']) ? $_POST['addr'] : [$_POST['addr']];
foreach ($addrs as $addr_single) { foreach ($addrs as $addr_single) {
if ( ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim( $addr_single ), $addr ) ) { if ( ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim( $addr_single ), $addr ) ) {
echo "<p class=\"red\">$I[invalonion]</p>"; echo "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
} else { } else {
$addr = strtolower( $addr[ 3 ] ); $addr = strtolower( $addr[ 3 ] );
$md5 = md5( $addr, true ); $md5 = md5( $addr, true );
if ( $_POST[ 'action' ] === $I[ 'remove' ] ) { //remove address from public display if ( $_POST[ 'action' ] === $I[ 'remove' ] ) { //remove address from public display
$db->prepare( 'UPDATE ' . PREFIX . "onions SET address='', locked=1, approved=-1 WHERE md5sum=?;" )->execute( [ $md5 ] ); $db->prepare( 'UPDATE ' . PREFIX . "onions SET address='', locked=1, approved=-1 WHERE md5sum=?;" )->execute( [ $md5 ] );
echo "<p class=\"green\">$I[succremove]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succremove]</p>";
} elseif ( $_POST[ 'action' ] === $I[ 'lock' ] ) { //lock editing } elseif ( $_POST[ 'action' ] === $I[ 'lock' ] ) { //lock editing
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] ); $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] );
echo "<p class=\"green\">$I[succlock]</p>"; echo "<p class=\"green\"> role=\"alert\"$I[succlock]</p>";
} elseif ( $_POST[ 'action' ] === $I[ 'readd' ] ) { //add onion back, if previously removed } elseif ( $_POST[ 'action' ] === $I[ 'readd' ] ) { //add onion back, if previously removed
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET address=?, locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $addr, $md5 ] ); $db->prepare( 'UPDATE ' . PREFIX . 'onions SET address=?, locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $addr, $md5 ] );
echo "<p class=\"green\">$I[succreadd]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succreadd]</p>";
} elseif ( $_POST[ 'action' ] === $I[ 'unlock' ] ) { //unlock editing } elseif ( $_POST[ 'action' ] === $I[ 'unlock' ] ) { //unlock editing
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=0, approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] ); $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=0, approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] );
echo "<p class=\"green\">$I[succunlock]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succunlock]</p>";
} elseif ( $_POST[ 'action' ] === $I[ 'promote' ] ) { //promote link for payed time } elseif ( $_POST[ 'action' ] === $I[ 'promote' ] ) { //promote link for payed time
$stmt = $db->prepare( 'SELECT special FROM ' . PREFIX . 'onions WHERE md5sum=?;' ); $stmt = $db->prepare( 'SELECT special FROM ' . PREFIX . 'onions WHERE md5sum=?;' );
$stmt->execute( [ $md5 ] ); $stmt->execute( [ $md5 ] );
@ -148,10 +150,10 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
$time = $specialtime[ 0 ] + ( ( $_POST[ 'btc' ] / PROMOTEPRICE ) * PROMOTETIME ); $time = $specialtime[ 0 ] + ( ( $_POST[ 'btc' ] / PROMOTEPRICE ) * PROMOTETIME );
} }
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=?, locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $time, $md5 ] ); $db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=?, locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $time, $md5 ] );
printf( "<p class=\"green\">$I[succpromote]</p>", date( 'Y-m-d H:i', $time ) ); printf( "<p class=\"green\" role=\"alert\">$I[succpromote]</p>", date( 'Y-m-d H:i', $time ) );
} elseif ( $_POST[ 'action' ] === $I[ 'unpromote' ] ) { //remove promoted status } elseif ( $_POST[ 'action' ] === $I[ 'unpromote' ] ) { //remove promoted status
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=0 WHERE md5sum=?;' )->execute( [ $md5 ] ); $db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=0 WHERE md5sum=?;' )->execute( [ $md5 ] );
echo "<p class=\"green\">$I[succunpromote]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succunpromote]</p>";
} elseif ( $_POST[ 'action' ] === $I[ 'update' ] ) { //update description } elseif ( $_POST[ 'action' ] === $I[ 'update' ] ) { //update description
$stmt = $db->prepare( 'SELECT * FROM ' . PREFIX . 'onions WHERE md5sum=?;' ); $stmt = $db->prepare( 'SELECT * FROM ' . PREFIX . 'onions WHERE md5sum=?;' );
$stmt->execute( [ $md5 ] ); $stmt->execute( [ $md5 ] );
@ -168,21 +170,21 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
if ( ! $stmt->fetch( PDO::FETCH_ASSOC ) ) { //not yet there, add it if ( ! $stmt->fetch( PDO::FETCH_ASSOC ) ) { //not yet there, add it
$stmt = $db->prepare( 'INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded, locked, approved) VALUES (?, ?, ?, ?, ?, 1, 1);' ); $stmt = $db->prepare( 'INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded, locked, approved) VALUES (?, ?, ?, ?, ?, 1, 1);' );
$stmt->execute( [ $addr, $desc, $md5, $category, time() ] ); $stmt->execute( [ $addr, $desc, $md5, $category, time() ] );
echo "<p class=\"green\">$I[succadd]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succadd]</p>";
} elseif ( $desc != '' ) { //update description+category } elseif ( $desc != '' ) { //update description+category
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET description=?, category=?, locked=1, approved=1 WHERE md5sum=?;' ); $stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET description=?, category=?, locked=1, approved=1 WHERE md5sum=?;' );
$stmt->execute( [ $desc, $category, $md5 ] ); $stmt->execute( [ $desc, $category, $md5 ] );
echo "<p class=\"green\">$I[succupddesc]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succupddesc]</p>";
} elseif ( $category != 0 ) { //only update category } elseif ( $category != 0 ) { //only update category
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET category=?, locked=1, approved=1 WHERE md5sum=?;' ); $stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET category=?, locked=1, approved=1 WHERE md5sum=?;' );
$stmt->execute( [ $category, $md5 ] ); $stmt->execute( [ $category, $md5 ] );
echo "<p class=\"green\">$I[succupdcat]!</p>"; echo "<p class=\"green\" role=\"alert\">$I[succupdcat]!</p>";
} else { //no description or category change and already known } else { //no description or category change and already known
echo "<p class=\"green\">$I[alreadyknown]</p>"; echo "<p class=\"green\" role=\"alert\">$I[alreadyknown]</p>";
} }
} elseif ( $_POST[ 'action' ] === $I[ 'phishing' ] ) {//mark as phishing clone } elseif ( $_POST[ 'action' ] === $I[ 'phishing' ] ) {//mark as phishing clone
if ( $_POST[ 'original' ] !== '' && ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', $_POST[ 'original' ], $orig ) ) { if ( $_POST[ 'original' ] !== '' && ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', $_POST[ 'original' ], $orig ) ) {
echo "<p class=\"red\">$I[invalonion]</p>"; echo "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
} else { } else {
if ( isset( $orig[ 3 ] ) ) { if ( isset( $orig[ 3 ] ) ) {
$orig = strtolower( $orig[ 3 ] ); $orig = strtolower( $orig[ 3 ] );
@ -194,27 +196,28 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
$stmt->execute( [ $addr, $orig ] ); $stmt->execute( [ $addr, $orig ] );
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1 WHERE address=?;' ); $stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1 WHERE address=?;' );
$stmt->execute( [ $addr ] ); $stmt->execute( [ $addr ] );
echo "<p class=\"green\">$I[succaddphish]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succaddphish]</p>";
} else { } else {
echo "<p class=\"red\">$I[samephish]</p>"; echo "<p class=\"red\" role=\"alert\">$I[samephish]</p>";
} }
} }
} elseif ( $_POST[ 'action' ] === $I[ 'unphishing' ] ) { //remove phishing clone status } elseif ( $_POST[ 'action' ] === $I[ 'unphishing' ] ) { //remove phishing clone status
$stmt = $db->prepare( 'DELETE FROM ' . PREFIX . 'phishing WHERE onion_id=(SELECT id FROM ' . PREFIX . 'onions WHERE address=?);' ); $stmt = $db->prepare( 'DELETE FROM ' . PREFIX . 'phishing WHERE onion_id=(SELECT id FROM ' . PREFIX . 'onions WHERE address=?);' );
$stmt->execute( [ $addr ] ); $stmt->execute( [ $addr ] );
echo "<p class=\"green\">$I[succrmphish]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succrmphish]</p>";
} elseif ( $_POST[ 'action' ] === $I[ 'reject' ] ) { //lock editing } elseif ( $_POST[ 'action' ] === $I[ 'reject' ] ) { //lock editing
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=-1 WHERE md5sum=?;' )->execute( [ $md5 ] ); $db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=-1 WHERE md5sum=?;' )->execute( [ $md5 ] );
echo "<p class=\"green\">$I[succreject]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succreject]</p>";
} elseif ( $_POST[ 'action' ] === $I[ 'approve' ] ) { //lock editing } elseif ( $_POST[ 'action' ] === $I[ 'approve' ] ) { //lock editing
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] ); $db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] );
echo "<p class=\"green\">$I[succapprove]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succapprove]</p>";
} else { //no specific button was pressed } else { //no specific button was pressed
echo "<p class=\"red\">$I[noaction]</p>"; echo "<p class=\"red\" role=\"alert\">$I[noaction]</p>";
} }
} }
} }
} }
} }
echo '<br><p class="software-link"><a target="_blank" href="https://github.com/DanWin/onion-link-list">Onion Link List - ' . VERSION . '</a></p>'; ?>
echo '</body></html>'; <br><p class="software-link"><a target="_blank" href="https://github.com/DanWin/onion-link-list" rel="noopener">Onion Link List - <?php echo VERSION; ?></a></p>
</body></html>

14
www/onions.php
View File

@ -208,7 +208,7 @@ function send_html(){
echo '</ul><br><br>'; echo '</ul><br><br>';
if($_SERVER['REQUEST_METHOD']==='POST' && !empty($_REQUEST['addr'])){ if($_SERVER['REQUEST_METHOD']==='POST' && !empty($_REQUEST['addr'])){
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){ if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
echo "<p class=\"red\">$I[invalonion]</p>"; echo "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
echo "<p>$I[valid]: http://tt3j2x4k5ycaa5zt.onion</p>"; echo "<p>$I[valid]: http://tt3j2x4k5ycaa5zt.onion</p>";
}else{ }else{
if(!isset($_REQUEST['challenge'])){ if(!isset($_REQUEST['challenge'])){
@ -246,19 +246,19 @@ function send_html(){
if(!$stmt->fetch(PDO::FETCH_BOUND)){//new link, add to database if(!$stmt->fetch(PDO::FETCH_BOUND)){//new link, add to database
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded) VALUES (?, ?, ?, ?, ?);'); $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded) VALUES (?, ?, ?, ?, ?);');
$stmt->execute([$addr, $desc, $md5, $category, time()]); $stmt->execute([$addr, $desc, $md5, $category, time()]);
echo "<p class=\"green\">$I[succadd]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succadd]</p>";
}elseif($locked==1){//locked, not editable }elseif($locked==1){//locked, not editable
echo "<p class=\"red\">$I[faillocked]</p>"; echo "<p class=\"red\" role=\"alert\">$I[faillocked]</p>";
}elseif($desc!==''){//update description }elseif($desc!==''){//update description
$stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=? WHERE md5sum=?;'); $stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=? WHERE md5sum=?;');
$stmt->execute([$desc, $category, $md5]); $stmt->execute([$desc, $category, $md5]);
echo "<p class=\"green\">$I[succupddesc]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succupddesc]</p>";
}elseif($category!=0){//update category only }elseif($category!=0){//update category only
$stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=? WHERE md5sum=?;'); $stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=? WHERE md5sum=?;');
$stmt->execute([$category, $md5]); $stmt->execute([$category, $md5]);
echo "<p class=\"green\">$I[succupdcat]</p>"; echo "<p class=\"green\" role=\"alert\">$I[succupdcat]</p>";
}else{//nothing changed and already known }else{//nothing changed and already known
echo "<p class=\"green\">$I[alreadyknown]</p>"; echo "<p class=\"green\" role=\"alert\">$I[alreadyknown]</p>";
} }
} }
} }
@ -524,5 +524,5 @@ function send_captcha(){
} }
function send_error(string $msg){ function send_error(string $msg){
die("<p class=\"red\">$msg</p></div></body></html>"); die("<p class=\"red\" role=\"alert\">$msg</p></div></body></html>");
} }

17
www/test.php
View File

@ -33,7 +33,7 @@ if(!empty($_REQUEST['addr'])){
die('No DB connection'); die('No DB connection');
} }
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){ if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
echo "<p class=\"red\">$I[invalonion]</p>"; echo "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
}else{ }else{
$ch=curl_init(); $ch=curl_init();
set_curl_options($ch); set_curl_options($ch);
@ -49,17 +49,17 @@ if(!empty($_REQUEST['addr'])){
$phishing=$db->prepare('SELECT original FROM ' . PREFIX . 'phishing, ' . PREFIX . 'onions WHERE address=? AND onion_id=' . PREFIX . 'onions.id;'); $phishing=$db->prepare('SELECT original FROM ' . PREFIX . 'phishing, ' . PREFIX . 'onions WHERE address=? AND onion_id=' . PREFIX . 'onions.id;');
$phishing->execute([$addr]); $phishing->execute([$addr]);
if($orig=$phishing->fetch(PDO::FETCH_NUM)){ if($orig=$phishing->fetch(PDO::FETCH_NUM)){
printf("<p class=\"red\">$I[testphishing]</p>", "<a href=\"http://$orig[0].onion\">$orig[0].onion</a>"); printf("<p class=\"red\" role=\"alert\">$I[testphishing]</p>", "<a href=\"http://$orig[0].onion\">$orig[0].onion</a>");
} }
$scam=$db->prepare('SELECT null FROM ' . PREFIX . 'onions WHERE md5sum=? AND category=15 AND locked=1;'); $scam=$db->prepare('SELECT null FROM ' . PREFIX . 'onions WHERE md5sum=? AND category=15 AND locked=1;');
$scam->execute([$md5]); $scam->execute([$md5]);
if($scam->fetch(PDO::FETCH_NUM)){ if($scam->fetch(PDO::FETCH_NUM)){
echo "<p class=\"red\">Warning: This is a known scam!</p>"; echo "<p class=\"red\" role=\"alert\">Warning: This is a known scam!</p>";
} }
$stmt=$db->prepare('SELECT null FROM ' . PREFIX . 'onions WHERE md5sum=? AND timediff=0 AND lasttest>?;'); $stmt=$db->prepare('SELECT null FROM ' . PREFIX . 'onions WHERE md5sum=? AND timediff=0 AND lasttest>?;');
$stmt->execute([$md5, time()-60]); $stmt->execute([$md5, time()-60]);
if($stmt->fetch(PDO::FETCH_NUM)){ if($stmt->fetch(PDO::FETCH_NUM)){
echo "<p class=\"green\">$I[testonline]</p>"; echo "<p class=\"green\" role=\"alert\">$I[testonline]</p>";
}elseif(($content=curl_exec($ch))!==false){ }elseif(($content=curl_exec($ch))!==false){
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE); $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$header = substr($content, 0, $header_size); $header = substr($content, 0, $header_size);
@ -94,16 +94,17 @@ if(!empty($_REQUEST['addr'])){
} }
blacklist_scams($addr, $content); blacklist_scams($addr, $content);
} }
echo "<p class=\"green\">$I[testonline]</p>"; echo "<p class=\"green\" role=\"alert\">$I[testonline]</p>";
}else{ }else{
if(isset($db)){ if(isset($db)){
$time=time(); $time=time();
$db->prepare('UPDATE ' . PREFIX . 'onions SET lasttest=?, timediff=lasttest-lastup WHERE md5sum=? AND lasttest<?;')->execute([$time, $md5, $time]); $db->prepare('UPDATE ' . PREFIX . 'onions SET lasttest=?, timediff=lasttest-lastup WHERE md5sum=? AND lasttest<?;')->execute([$time, $md5, $time]);
} }
echo "<p class=\"red\">$I[testoffline]</p>"; echo "<p class=\"red\" role=\"alert\">$I[testoffline]</p>";
} }
curl_close($ch); curl_close($ch);
} }
} }
echo '<br><p class="software-link"><a target="_blank" href="https://github.com/DanWin/onion-link-list" rel="noopener">Onion Link List - ' . VERSION . '</a></p>'; ?>
echo '</body></html>'; <br><p class="software-link"><a target="_blank" href="https://github.com/DanWin/onion-link-list" rel="noopener">Onion Link List - <?php echo VERSION; ?></a></p>
</body></html>