diff --git a/api/api.php b/api/api.php index fd9b4d2..09e57b6 100644 --- a/api/api.php +++ b/api/api.php @@ -99,4 +99,11 @@ class mcServApi { return true; } + + public function generateSessionID() { + $num = rand(1, 999999); + $hash = hash("sha256", $num); + + return $hash; + } } \ No newline at end of file diff --git a/api/login/getcookies.php b/api/login/getcookies.php index cd5124e..80770be 100644 --- a/api/login/getcookies.php +++ b/api/login/getcookies.php @@ -1,8 +1,8 @@ getDB(); +$api = new mcServApi(); +$db = $api->getDB(); if ($_SERVER["REQUEST_METHOD"] == "POST") { if (!isset($_POST["username"]) || !isset($_POST["passwd"])) { @@ -22,9 +22,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $result = $stmt->fetch(PDO::FETCH_ASSOC); if ($result) { - $config = $mcServ->getConf(); + $config = $api->getConf(); - $session["session_id"] = $mcServ->generateSessionID(); + $session["session_id"] = $api->generateSessionID(); $device_id = rand(1, 999); $json[$device_id] = $session; diff --git a/api/servers/list.php b/api/servers/list.php index 3de19a0..557414d 100644 --- a/api/servers/list.php +++ b/api/servers/list.php @@ -1,13 +1,13 @@ checkApiAuth()) { +if (!$api->checkAuth()) { die('{"status":500, "error":"Unauthrized"}'); } -$db = $mcServ->getDB(); +$db = $api->getDB(); $sql = "SELECT * FROM servers"; $stmt = $db->query($sql); diff --git a/api/setup/setup.php b/api/setup/setup.php index cbe774e..e877400 100755 --- a/api/setup/setup.php +++ b/api/setup/setup.php @@ -1,5 +1,5 @@ getConf(); +$api = new mcServApi(); +$config = $api->getConf(); $db = new PDO("sqlite:" . $config["DB_PATH"]); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); @@ -60,7 +60,7 @@ INSERT INTO users (username, mail, passwd) VALUES (:user, :mail, :passwd) $stmt = $db->prepare($sql); $stmt->execute([':user' => $admin_user, ':mail' => $admin_mail, ':passwd' => $admin_passwd]); -$session["session_id"] = $mcServ->generateSessionID(); +$session["session_id"] = $api->generateSessionID(); $device_id = rand(1, 999); $json[$device_id] = json_encode($session); diff --git a/front/index.php b/front/index.php index 4b452a0..e198e88 100755 --- a/front/index.php +++ b/front/index.php @@ -10,7 +10,7 @@ * By marc-go */ -require "../main.php"; +require "main.php"; $mcServ = new mcServ(); diff --git a/front/login.php b/front/login.php index 2a241a3..9eb0a1e 100755 --- a/front/login.php +++ b/front/login.php @@ -1,5 +1,5 @@ \ No newline at end of file diff --git a/front/test.php b/front/test.php index 238c29b..7266d48 100755 --- a/front/test.php +++ b/front/test.php @@ -3,15 +3,16 @@ ini_set("display_errors", 1); ini_set("display_startup_errors", 1); error_reporting(E_ALL); -/*foreach ($_SERVER as $key => $value) { +foreach ($_SERVER as $key => $value) { echo $key . " = " . $value . "
"; -}*/ +} -/*require "../main.php"; +/* +require "../main.php"; $mcServ = new mcServ(); echo $mcServ->checkApiAuth() ? "TRUE" : "FALSE"; */ -echo __DIR__; \ No newline at end of file +//echo __DIR__; \ No newline at end of file diff --git a/mcServ.db b/mcServ.db index 27a01a4..725e58e 100644 Binary files a/mcServ.db and b/mcServ.db differ diff --git a/tmp/user_sessions/marc.json b/tmp/user_sessions/marc.json index 9a5734a..c7ee5f6 100644 --- a/tmp/user_sessions/marc.json +++ b/tmp/user_sessions/marc.json @@ -1 +1 @@ -{"162":{"session_id":"a46d0e1ef15a9c36ef3cacfbedf8837a24021b31e7997718ef5b22cc3204b78d"}} \ No newline at end of file +{"506":"{\"session_id\":\"7f2b74a916c471ccd03b866c991e5b86f8a28cc776b54c6d73f38956a926368d\"}","array":true} \ No newline at end of file