updates
This commit is contained in:
parent
573551bd32
commit
e5a06090c5
5 changed files with 131 additions and 102 deletions
|
@ -59,5 +59,16 @@
|
|||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<script>
|
||||
document.querySelector('form').addEventListener('submit', function(e) {
|
||||
var password = document.getElementById('password').value;
|
||||
var confirm_password = document.getElementById('confirm_password').value;
|
||||
|
||||
if (password !== confirm_password) {
|
||||
e.preventDefault(); // Prevent form submission
|
||||
alert('Passwords do not match!');
|
||||
}
|
||||
});
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -39,6 +39,8 @@ if result:
|
|||
# Store the session in the sessions table
|
||||
cursor.execute("INSERT INTO sessions (session_id, username, expires_at) VALUES (?, ?, ?)",
|
||||
(session_token, username, expires_at))
|
||||
last_login = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime())
|
||||
cursor.execute("UPDATE users SET last_login=? WHERE username=?", (last_login, username))
|
||||
db.commit()
|
||||
|
||||
# Set the session cookie
|
||||
|
|
|
@ -31,3 +31,4 @@ print("<html><head><title>Logout</title></head>")
|
|||
print("<body><h1>You have been logged out!</h1>")
|
||||
print("<a href='/login/'>Login again</a>")
|
||||
print("</body></html>")
|
||||
|
|
@ -1,92 +1,96 @@
|
|||
#!/bin/bash
|
||||
#!/bin/bash
|
||||
|
||||
echo "Content-type: text/html"
|
||||
echo ""
|
||||
echo "Content-type: text/html"
|
||||
echo ""
|
||||
|
||||
# Log the raw POST data for debugging
|
||||
read POST_DATA
|
||||
echo "POST Data: $POST_DATA" >> /tmp/register_form.log
|
||||
# Log the raw POST data for debugging
|
||||
read POST_DATA
|
||||
echo "POST Data: $POST_DATA" >> /tmp/register_form.log
|
||||
|
||||
# URL decoding function
|
||||
urldecode() {
|
||||
local url_encoded="${1//+/ }"
|
||||
printf '%b' "${url_encoded//%/\\x}"
|
||||
}
|
||||
# URL decoding function
|
||||
urldecode() {
|
||||
local url_encoded="${1//+/ }"
|
||||
printf '%b' "${url_encoded//%/\\x}"
|
||||
}
|
||||
|
||||
# Parse the form data using IFS
|
||||
USERNAME=""
|
||||
EMAIL=""
|
||||
PASSWORD=""
|
||||
CONFIRM_PASSWORD=""
|
||||
# Parse the form data using IFS
|
||||
USERNAME=""
|
||||
EMAIL=""
|
||||
PASSWORD=""
|
||||
CONFIRM_PASSWORD=""
|
||||
|
||||
IFS='&' # Split fields by "&"
|
||||
for param in $POST_DATA; do
|
||||
IFS='=' read -r key value <<< "$param"
|
||||
key=$(urldecode "$key")
|
||||
value=$(urldecode "$value")
|
||||
|
||||
case $key in
|
||||
username) USERNAME="$value" ;;
|
||||
email) EMAIL="$value" ;;
|
||||
password) PASSWORD="$value" ;;
|
||||
confirm_password) CONFIRM_PASSWORD="$value" ;;
|
||||
esac
|
||||
done
|
||||
IFS='&' # Split fields by "&"
|
||||
for param in $POST_DATA; do
|
||||
IFS='=' read -r key value <<< "$param"
|
||||
key=$(urldecode "$key")
|
||||
value=$(urldecode "$value")
|
||||
|
||||
case $key in
|
||||
username) USERNAME="$value" ;;
|
||||
email) EMAIL="$value" ;;
|
||||
password) PASSWORD="$value" ;;
|
||||
confirm_password) CONFIRM_PASSWORD="$value" ;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Check if passwords match
|
||||
if [ "$PASSWORD" != "$CONFIRM_PASSWORD" ]; then
|
||||
cat <<EOF
|
||||
<html>
|
||||
<head><title>Registration Failed</title></head>
|
||||
<body>
|
||||
<h1>Passwords do not match!</h1>
|
||||
<a href="/login/register/">Go back</a>
|
||||
</body>
|
||||
</html>
|
||||
EOF
|
||||
exit 1
|
||||
fi
|
||||
# Check if passwords match
|
||||
if [ "$PASSWORD" != "$CONFIRM_PASSWORD" ]; then
|
||||
cat <<EOF
|
||||
<html>
|
||||
<head><title>Registration Failed</title></head>
|
||||
<body>
|
||||
<h1>Passwords do not match!</h1>
|
||||
<a href="/login/register/">Go back</a>
|
||||
</body>
|
||||
</html>
|
||||
EOF
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Hash the password using SHA-256
|
||||
PASSWORD_HASH=$(echo -n "$PASSWORD" | sha256sum | awk '{print $1}')
|
||||
# Hash the password using SHA-256
|
||||
PASSWORD_HASH=$(echo -n "$PASSWORD" | sha256sum | awk '{print $1}')
|
||||
|
||||
# Insert the user into the SQLite database
|
||||
DB_PATH="/var/lib/monotreme/data/monotreme.db"
|
||||
sqlite3 $DB_PATH "INSERT INTO users (username, email, password_hash) VALUES ('$USERNAME', '$EMAIL', '$PASSWORD_HASH');" 2>> /tmp/register_form.log
|
||||
# Generate the current timestamp for date_joined in UTC format
|
||||
DATE_JOINED=$(date -u +"%Y-%m-%d %H:%M:%S")
|
||||
|
||||
# Log the username and email for debugging
|
||||
echo "Username: $USERNAME, Email: $EMAIL" >> /tmp/register_form.log
|
||||
# Insert the user into the SQLite database, including date_joined
|
||||
DB_PATH="/var/lib/monotreme/data/monotreme.db"
|
||||
sqlite3 $DB_PATH "INSERT INTO users (username, email, password_hash, date_joined) VALUES ('$USERNAME', '$EMAIL', '$PASSWORD_HASH', '$DATE_JOINED');" 2>> /tmp/register_form.log
|
||||
|
||||
# Create the email with proper headers
|
||||
EMAIL_BODY=$(cat <<EOF
|
||||
From: info@monotreme.org
|
||||
To: $EMAIL
|
||||
Subject: Welcome to monotreme.org
|
||||
# Log the username and email for debugging
|
||||
echo "Username: $USERNAME, Email: $EMAIL" >> /tmp/register_form.log
|
||||
|
||||
Hello $USERNAME,
|
||||
# Create the email with proper headers
|
||||
EMAIL_BODY=$(cat <<EOF
|
||||
From: info@monotreme.org
|
||||
To: $EMAIL
|
||||
Subject: Welcome to monotreme.org
|
||||
|
||||
Thank you for registering at monotreme.org. You can now log in with your credentials. I hope you enjoy the world of the monotreme!
|
||||
Hello $USERNAME,
|
||||
|
||||
Best regards,
|
||||
Tristan
|
||||
monotreme.org team
|
||||
EOF
|
||||
)
|
||||
Thank you for registering at monotreme.org. You can now log in with your credentials. I hope you enjoy the world of the monotreme!
|
||||
|
||||
# Log the email body for debugging
|
||||
echo "Email Body: $EMAIL_BODY" >> /tmp/register_form.log
|
||||
Best regards,
|
||||
Tristan
|
||||
monotreme.org team
|
||||
EOF
|
||||
)
|
||||
|
||||
# Send the email using msmtp (or your protonmail-bridge setup)
|
||||
echo "$EMAIL_BODY" | msmtp --account=monotreme "$EMAIL"
|
||||
# Log the email body for debugging
|
||||
echo "Email Body: $EMAIL_BODY" >> /tmp/register_form.log
|
||||
|
||||
# Response back to the browser
|
||||
cat <<EOF
|
||||
<html>
|
||||
<head><title>Registration Successful</title></head>
|
||||
<body>
|
||||
<h1>Registration successful!</h1>
|
||||
<p>A confirmation email has been sent to $EMAIL.</p>
|
||||
<a href="/login/">Go to login page</a>
|
||||
</body>
|
||||
</html>
|
||||
EOF
|
||||
# Send the email using msmtp (or your protonmail-bridge setup)
|
||||
echo "$EMAIL_BODY" | msmtp --account=monotreme "$EMAIL"
|
||||
|
||||
# Response back to the browser
|
||||
cat <<EOF
|
||||
<html>
|
||||
<head><title>Registration Successful</title></head>
|
||||
<body>
|
||||
<h1>Registration successful!</h1>
|
||||
<p>A confirmation email has been sent to $EMAIL.</p>
|
||||
<a href="/login/">Go to login page</a>
|
||||
</body>
|
||||
</html>
|
||||
EOF
|
||||
|
|
@ -1,9 +1,9 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
import sqlite3
|
||||
import http.cookies
|
||||
import os
|
||||
import time # Ensure we import time for the timestamp check
|
||||
import http.cookies
|
||||
import time
|
||||
|
||||
print("Content-Type: text/html")
|
||||
print()
|
||||
|
@ -12,44 +12,55 @@ print()
|
|||
cookie = http.cookies.SimpleCookie(os.environ.get('HTTP_COOKIE', ''))
|
||||
session_id = cookie.get('session_id')
|
||||
|
||||
# Log the session ID for debugging
|
||||
with open("/tmp/user_panel_session.log", "a") as f:
|
||||
f.write(f"Parsed session ID: {session_id.value if session_id else 'None'}\n")
|
||||
|
||||
if session_id:
|
||||
session_id = session_id.value
|
||||
|
||||
# Connect to SQLite and check the session
|
||||
db = sqlite3.connect('/var/lib/monotreme/data/monotreme.db')
|
||||
cursor = db.cursor()
|
||||
|
||||
# Log the current timestamp for debugging
|
||||
current_time = int(time.time())
|
||||
with open("/tmp/user_panel_session.log", "a") as f:
|
||||
f.write(f"Current time (UNIX timestamp): {current_time}\n")
|
||||
|
||||
# Check if the session exists and is still valid
|
||||
cursor.execute("SELECT username, expires_at FROM sessions WHERE session_id=? AND expires_at > ?", (session_id, current_time))
|
||||
cursor.execute("SELECT username FROM sessions WHERE session_id=? AND expires_at > ?", (session_id, int(time.time())))
|
||||
result = cursor.fetchone()
|
||||
|
||||
if result:
|
||||
username, expires_at = result
|
||||
|
||||
# Log the session expiration time for debugging
|
||||
with open("/tmp/user_panel_session.log", "a") as f:
|
||||
f.write(f"Session found for user: {username}\n")
|
||||
f.write(f"Session expires at: {expires_at}, Current time: {current_time}\n")
|
||||
|
||||
# Print the user panel
|
||||
username = result[0]
|
||||
print(f"<h1>Welcome, {username}!</h1>")
|
||||
print("<p>This is your user panel.</p>")
|
||||
print("<p>This panel contains nothing but the ability to logout.</p>")
|
||||
print('<a href="/cgi-bin/logout.cgi">Logout</a>')
|
||||
print("<p>This page contains a couple things once I figure out how databases work.</p>")
|
||||
|
||||
# Fetch and display profile info
|
||||
cursor.execute("SELECT email, date_joined, last_login FROM users WHERE username=?", (username,))
|
||||
profile_info = cursor.fetchone()
|
||||
if profile_info:
|
||||
email, date_joined, last_login = profile_info
|
||||
print(f"<p>Email: {email}</p>")
|
||||
print(f"<p>Date Joined: {date_joined}</p>")
|
||||
print(f"<p>Last Login: {last_login}</p>")
|
||||
|
||||
# Fetch and display recent activity
|
||||
cursor.execute("SELECT action, timestamp FROM activity_log WHERE username=? ORDER BY timestamp DESC LIMIT 5", (username,))
|
||||
recent_activity = cursor.fetchall()
|
||||
print("<h3>Recent Activity</h3>")
|
||||
if recent_activity:
|
||||
for action, timestamp in recent_activity:
|
||||
time_str = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(timestamp))
|
||||
print(f"<p>{action} at {time_str}</p>")
|
||||
else:
|
||||
print("<p>No recent activity</p>")
|
||||
|
||||
# Fetch and display notifications
|
||||
cursor.execute("SELECT message, timestamp FROM notifications WHERE username=? AND read=0 ORDER BY timestamp DESC", (username,))
|
||||
notifications = cursor.fetchall()
|
||||
print("<h3>Notifications</h3>")
|
||||
if notifications:
|
||||
for message, timestamp in notifications:
|
||||
time_str = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(timestamp))
|
||||
print(f"<p>{message} at {time_str}</p>")
|
||||
else:
|
||||
print("<p>No new notifications</p>")
|
||||
else:
|
||||
with open("/tmp/user_panel_session.log", "a") as f:
|
||||
f.write("Session expired or invalid.\n")
|
||||
print("<h1>Session expired or invalid!</h1>")
|
||||
print("<a href='/login/'>Login again</a>")
|
||||
else:
|
||||
print("<h1>No session found!</h1>")
|
||||
print("<a href='/login/'>Login again</a>")
|
||||
print("<a href='/login/'>Login again</a>")
|
||||
|
|
Loading…
Reference in a new issue