Compare commits
No commits in common. "5b17a7dbd733cd3c8466a05f78c3168f9dfd60f6" and "4cecf2780645e7c6644e13f641218dbf15a86c90" have entirely different histories.
5b17a7dbd7
...
4cecf27806
@ -1,10 +1,5 @@
|
|||||||
.drone.yml
|
.drone.yml
|
||||||
.drone-manifest.yml
|
.drone-manifest.yml
|
||||||
.data
|
|
||||||
.gitignore
|
|
||||||
Dockerfile
|
|
||||||
docker-compose.yml
|
|
||||||
nginx.conf
|
|
||||||
onyx2/cache/*.cache.php
|
onyx2/cache/*.cache.php
|
||||||
onyx2/cache/signatures/*.sign
|
onyx2/cache/signatures/*.sign
|
||||||
onyx2/log/*.log
|
onyx2/log/*.log
|
||||||
|
@ -1,8 +1,7 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
[ -n "$MYSQL_DATABASE" ] && sed -i -r "/db/s/=\s*'([^']*)'/= '${MYSQL_DATABASE}'/" onyx2/db/default.profile.php
|
[ -n "$MYSQL_DATABASE" ] && sed -i -r "/db/s/=\s*'([^']*)'/= '${MYSQL_DATABASE}'/" onyx2/db/default.profile.php
|
||||||
# superseed in onyx2/db/default.profile.php
|
[ -n "$MYSQL_HOST" ] && sed -i -r "/host/s/=\s*'([^']*)'/= '${MYSQL_HOST}'/" onyx2/db/default.profile.php
|
||||||
#[ -n "$MYSQL_HOST" ] && sed -i -r "/host/s/=\s*'([^']*)'/= '${MYSQL_HOST}'/" onyx2/db/default.profile.php
|
|
||||||
[ -n "$MYSQL_USER" ] && sed -i -r "/user/s/=\s*'([^']*)'/= '${MYSQL_USER}'/" onyx2/db/default.profile.php
|
[ -n "$MYSQL_USER" ] && sed -i -r "/user/s/=\s*'([^']*)'/= '${MYSQL_USER}'/" onyx2/db/default.profile.php
|
||||||
[ -n "$MYSQL_PASSWORD" ] && sed -i -r "/pass/s/=\s*'([^']*)'/= '${MYSQL_PASSWORD}'/" onyx2/db/default.profile.php
|
[ -n "$MYSQL_PASSWORD" ] && sed -i -r "/pass/s/=\s*'([^']*)'/= '${MYSQL_PASSWORD}'/" onyx2/db/default.profile.php
|
||||||
|
|
||||||
|
@ -3,11 +3,7 @@
|
|||||||
if(!defined('ONYX')) exit;
|
if(!defined('ONYX')) exit;
|
||||||
|
|
||||||
$___profile['db'] = 'hb_game';
|
$___profile['db'] = 'hb_game';
|
||||||
if (getenv("MYSQL_HOST") === False) {
|
$___profile['host'] = 'localhost';
|
||||||
$___profile['host'] = 'localhost';
|
|
||||||
} else {
|
|
||||||
$___profile['host'] = getenv("MYSQL_HOST");
|
|
||||||
}
|
|
||||||
$___profile['user'] = 'hb';
|
$___profile['user'] = 'hb';
|
||||||
$___profile['pass'] = 'hb';
|
$___profile['pass'] = 'hb';
|
||||||
|
|
||||||
|
@ -4,9 +4,6 @@ if(!defined('ONYX')) exit;
|
|||||||
if (empty($sess->values["connected"]) && !defined("xCSRF"))
|
if (empty($sess->values["connected"]) && !defined("xCSRF"))
|
||||||
define("xCSRF", true);
|
define("xCSRF", true);
|
||||||
|
|
||||||
//A passer a True pour dev tranquillou (pas d'envois de mail, pas de https,...)
|
|
||||||
define("DEV", getenv("DEV"));
|
|
||||||
|
|
||||||
require_once("function.php"); //Inclusion des fonctions principales
|
require_once("function.php"); //Inclusion des fonctions principales
|
||||||
require_once("tables.php"); //Inclusion des noms des tables de base de données correspondant à l'architecture du serveur
|
require_once("tables.php"); //Inclusion des noms des tables de base de données correspondant à l'architecture du serveur
|
||||||
|
|
||||||
@ -53,11 +50,10 @@ if (!empty($sess->values["connected"]))
|
|||||||
unset($header);
|
unset($header);
|
||||||
|
|
||||||
//Evite les attaques CSRF
|
//Evite les attaques CSRF
|
||||||
if (DEV) { $protocole = "http"; } else { $protocole = "https"; }
|
if (!empty($_SERVER["HTTP_REFERER"]) && !(preg_match('#^https://'.$_SERVER['HTTP_HOST'].'#', $_SERVER["HTTP_REFERER"]) && defined("xCSRF")))
|
||||||
if (!empty($_SERVER["HTTP_REFERER"]) && !(preg_match('#^'.$protocole.'://'.$_SERVER['HTTP_HOST'].'#', $_SERVER["HTTP_REFERER"]) && defined("xCSRF")))
|
|
||||||
{
|
{
|
||||||
elog("Possibilité d'attaque CSRF\n".var_export($_REQUEST, TRUE), 2);
|
elog("Possibilité d'attaque CSRF\n".var_export($_REQUEST, TRUE), 2);
|
||||||
unset($_POST, $_GET);
|
unset($_POST, $_GET);
|
||||||
$_GET = $_POST = array();
|
$_GET = $_POST = array();
|
||||||
}
|
}
|
||||||
?>
|
?>
|
@ -147,13 +147,7 @@ if (isset($_POST['HB_pseudo']) && isset($_POST['HB_mdp']) && isset($_POST['HB_co
|
|||||||
//$mail->Subject='Halo-Battle :: Pre-Inscription';
|
//$mail->Subject='Halo-Battle :: Pre-Inscription';
|
||||||
//$mail->Body='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Halo-Battle :: Pré-Inscription</title></head><body><p>Félicitations '.$pseudo.' !<br />Votre compte vient d'être enregistré sur notre serveur. Un mail de confirmation vous sera envoyé lors de la sortie du jeu en ligne Halo-Battle. Si vous ne recevez pas l\'email de confirmation, <a href="mailto:technique@halo-battle.s-fr.com">contactez un administrateur</a>.<br /><br />A très bientôt pour la sortie d'Halo-Battle !</p></body></html>';
|
//$mail->Body='<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Halo-Battle :: Pré-Inscription</title></head><body><p>Félicitations '.$pseudo.' !<br />Votre compte vient d'être enregistré sur notre serveur. Un mail de confirmation vous sera envoyé lors de la sortie du jeu en ligne Halo-Battle. Si vous ne recevez pas l\'email de confirmation, <a href="mailto:technique@halo-battle.s-fr.com">contactez un administrateur</a>.<br /><br />A très bientôt pour la sortie d'Halo-Battle !</p></body></html>';
|
||||||
|
|
||||||
if (DEV) {
|
if(!$mail->Send()){
|
||||||
$ret = true;
|
|
||||||
} else {
|
|
||||||
$ret = $mail->Send();
|
|
||||||
}
|
|
||||||
|
|
||||||
if(!$ret){
|
|
||||||
$template->assign('message','Erreur lors de l\'envoie du courriel de confirmation !<br /><br /><small><i>'.$mail->ErrorInfo.'</i></small><br /><br />Si le problème perciste, <a href="mailto:technique@halo-battle.fr">contactez un administrateur</a>.');
|
$template->assign('message','Erreur lors de l\'envoie du courriel de confirmation !<br /><br /><small><i>'.$mail->ErrorInfo.'</i></small><br /><br />Si le problème perciste, <a href="mailto:technique@halo-battle.fr">contactez un administrateur</a>.');
|
||||||
$template->assign('couleur','red');
|
$template->assign('couleur','red');
|
||||||
$template->display('cms/erreur.tpl');
|
$template->display('cms/erreur.tpl');
|
||||||
|
@ -16,8 +16,7 @@ if (!empty($_GET['i'])) {
|
|||||||
case 1:
|
case 1:
|
||||||
//$url = "http://battle.halo.fr/";
|
//$url = "http://battle.halo.fr/";
|
||||||
//$url = "http://hb.s-fr.com/beta.php";
|
//$url = "http://hb.s-fr.com/beta.php";
|
||||||
//$url = "https://beta.halo-battle.fr/";
|
$url = "https://beta.halo-battle.fr/";
|
||||||
$url = 'http://'.$_SERVER['HTTP_HOST'].'/';
|
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
$url = "http://battle.halo.fr/";
|
$url = "http://battle.halo.fr/";
|
||||||
|
@ -24,7 +24,7 @@ function bithex($var)
|
|||||||
}
|
}
|
||||||
|
|
||||||
function cxor($msg,$cle)
|
function cxor($msg,$cle)
|
||||||
{
|
{
|
||||||
$xor = NULL;
|
$xor = NULL;
|
||||||
for($i = 0; $i < strlen($msg);$i++) $xor .= substr($msg,$i,1) ^ substr($cle,$i % strlen($cle),1);
|
for($i = 0; $i < strlen($msg);$i++) $xor .= substr($msg,$i,1) ^ substr($cle,$i % strlen($cle),1);
|
||||||
return $xor;
|
return $xor;
|
||||||
@ -45,19 +45,19 @@ function uniquehash($var,$length=128,$raw=FALSE)
|
|||||||
{
|
{
|
||||||
$hashs = array('tiger192,4','haval256,5','md5','snefru','gost','ripemd160','whirlpool');
|
$hashs = array('tiger192,4','haval256,5','md5','snefru','gost','ripemd160','whirlpool');
|
||||||
$r = hash('sha512',$var,TRUE);
|
$r = hash('sha512',$var,TRUE);
|
||||||
|
|
||||||
foreach($hashs as $algo) $r = cxor(strrev($r),hash($algo,strrev($r),TRUE));
|
foreach($hashs as $algo) $r = cxor(strrev($r),hash($algo,strrev($r),TRUE));
|
||||||
|
|
||||||
if($length % 8 == 0 && $length >=128 && $length <= 512) $r = substr($r,0,$length/8);
|
if($length % 8 == 0 && $length >=128 && $length <= 512) $r = substr($r,0,$length/8);
|
||||||
if(!$raw) $r = strhex($r);
|
if(!$raw) $r = strhex($r);
|
||||||
|
|
||||||
return $r;
|
return $r;
|
||||||
}
|
}
|
||||||
|
|
||||||
function temphash($var,$length=128,$raw=FALSE)
|
function temphash($var,$length=128,$raw=FALSE)
|
||||||
{
|
{
|
||||||
if(!$val = Cache::read('_temphash')) Cache::set('_temphash',$val = hexstr(random()));
|
if(!$val = Cache::read('_temphash')) Cache::set('_temphash',$val = hexstr(random()));
|
||||||
|
|
||||||
return uniquehash(cxor($var,$val),$length,$raw);
|
return uniquehash(cxor($var,$val),$length,$raw);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -70,7 +70,7 @@ function decode_ip($int_ip)
|
|||||||
function encode_ip($dotquad_ip=FALSE)
|
function encode_ip($dotquad_ip=FALSE)
|
||||||
{
|
{
|
||||||
if(!$dotquad_ip) $dotquad_ip = $_SERVER['REMOTE_ADDR'];
|
if(!$dotquad_ip) $dotquad_ip = $_SERVER['REMOTE_ADDR'];
|
||||||
|
|
||||||
$ip_sep = explode('.', $dotquad_ip);
|
$ip_sep = explode('.', $dotquad_ip);
|
||||||
if (empty($ip_sep[3])) $ip_sep = explode('.', "127.0.0.1");
|
if (empty($ip_sep[3])) $ip_sep = explode('.', "127.0.0.1");
|
||||||
return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
|
return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
|
||||||
@ -79,9 +79,9 @@ function encode_ip($dotquad_ip=FALSE)
|
|||||||
function url($string,$external=FALSE)
|
function url($string,$external=FALSE)
|
||||||
{
|
{
|
||||||
if($external) return htmlspecialchars($string);
|
if($external) return htmlspecialchars($string);
|
||||||
|
|
||||||
global $VAR;
|
global $VAR;
|
||||||
|
|
||||||
if(!empty($VAR['rewrite_url']))
|
if(!empty($VAR['rewrite_url']))
|
||||||
{
|
{
|
||||||
$masque = $VAR['rewrite_url']['masque'];
|
$masque = $VAR['rewrite_url']['masque'];
|
||||||
@ -91,4 +91,4 @@ function url($string,$external=FALSE)
|
|||||||
}
|
}
|
||||||
else return htmlspecialchars($string);
|
else return htmlspecialchars($string);
|
||||||
}
|
}
|
||||||
?>
|
?>
|
Loading…
Reference in New Issue
Block a user