updates
This commit is contained in:
parent
573551bd32
commit
e5a06090c5
5 changed files with 131 additions and 102 deletions
|
@ -59,5 +59,16 @@
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
</table>
|
</table>
|
||||||
|
<script>
|
||||||
|
document.querySelector('form').addEventListener('submit', function(e) {
|
||||||
|
var password = document.getElementById('password').value;
|
||||||
|
var confirm_password = document.getElementById('confirm_password').value;
|
||||||
|
|
||||||
|
if (password !== confirm_password) {
|
||||||
|
e.preventDefault(); // Prevent form submission
|
||||||
|
alert('Passwords do not match!');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
</script>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -39,6 +39,8 @@ if result:
|
||||||
# Store the session in the sessions table
|
# Store the session in the sessions table
|
||||||
cursor.execute("INSERT INTO sessions (session_id, username, expires_at) VALUES (?, ?, ?)",
|
cursor.execute("INSERT INTO sessions (session_id, username, expires_at) VALUES (?, ?, ?)",
|
||||||
(session_token, username, expires_at))
|
(session_token, username, expires_at))
|
||||||
|
last_login = time.strftime('%Y-%m-%d %H:%M:%S', time.gmtime())
|
||||||
|
cursor.execute("UPDATE users SET last_login=? WHERE username=?", (last_login, username))
|
||||||
db.commit()
|
db.commit()
|
||||||
|
|
||||||
# Set the session cookie
|
# Set the session cookie
|
||||||
|
|
|
@ -31,3 +31,4 @@ print("<html><head><title>Logout</title></head>")
|
||||||
print("<body><h1>You have been logged out!</h1>")
|
print("<body><h1>You have been logged out!</h1>")
|
||||||
print("<a href='/login/'>Login again</a>")
|
print("<a href='/login/'>Login again</a>")
|
||||||
print("</body></html>")
|
print("</body></html>")
|
||||||
|
|
|
@ -1,26 +1,26 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
echo "Content-type: text/html"
|
echo "Content-type: text/html"
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
# Log the raw POST data for debugging
|
# Log the raw POST data for debugging
|
||||||
read POST_DATA
|
read POST_DATA
|
||||||
echo "POST Data: $POST_DATA" >> /tmp/register_form.log
|
echo "POST Data: $POST_DATA" >> /tmp/register_form.log
|
||||||
|
|
||||||
# URL decoding function
|
# URL decoding function
|
||||||
urldecode() {
|
urldecode() {
|
||||||
local url_encoded="${1//+/ }"
|
local url_encoded="${1//+/ }"
|
||||||
printf '%b' "${url_encoded//%/\\x}"
|
printf '%b' "${url_encoded//%/\\x}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Parse the form data using IFS
|
# Parse the form data using IFS
|
||||||
USERNAME=""
|
USERNAME=""
|
||||||
EMAIL=""
|
EMAIL=""
|
||||||
PASSWORD=""
|
PASSWORD=""
|
||||||
CONFIRM_PASSWORD=""
|
CONFIRM_PASSWORD=""
|
||||||
|
|
||||||
IFS='&' # Split fields by "&"
|
IFS='&' # Split fields by "&"
|
||||||
for param in $POST_DATA; do
|
for param in $POST_DATA; do
|
||||||
IFS='=' read -r key value <<< "$param"
|
IFS='=' read -r key value <<< "$param"
|
||||||
key=$(urldecode "$key")
|
key=$(urldecode "$key")
|
||||||
value=$(urldecode "$value")
|
value=$(urldecode "$value")
|
||||||
|
@ -31,62 +31,66 @@
|
||||||
password) PASSWORD="$value" ;;
|
password) PASSWORD="$value" ;;
|
||||||
confirm_password) CONFIRM_PASSWORD="$value" ;;
|
confirm_password) CONFIRM_PASSWORD="$value" ;;
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
|
|
||||||
# Check if passwords match
|
# Check if passwords match
|
||||||
if [ "$PASSWORD" != "$CONFIRM_PASSWORD" ]; then
|
if [ "$PASSWORD" != "$CONFIRM_PASSWORD" ]; then
|
||||||
cat <<EOF
|
cat <<EOF
|
||||||
<html>
|
<html>
|
||||||
<head><title>Registration Failed</title></head>
|
<head><title>Registration Failed</title></head>
|
||||||
<body>
|
<body>
|
||||||
<h1>Passwords do not match!</h1>
|
<h1>Passwords do not match!</h1>
|
||||||
<a href="/login/register/">Go back</a>
|
<a href="/login/register/">Go back</a>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
EOF
|
EOF
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Hash the password using SHA-256
|
# Hash the password using SHA-256
|
||||||
PASSWORD_HASH=$(echo -n "$PASSWORD" | sha256sum | awk '{print $1}')
|
PASSWORD_HASH=$(echo -n "$PASSWORD" | sha256sum | awk '{print $1}')
|
||||||
|
|
||||||
# Insert the user into the SQLite database
|
# Generate the current timestamp for date_joined in UTC format
|
||||||
DB_PATH="/var/lib/monotreme/data/monotreme.db"
|
DATE_JOINED=$(date -u +"%Y-%m-%d %H:%M:%S")
|
||||||
sqlite3 $DB_PATH "INSERT INTO users (username, email, password_hash) VALUES ('$USERNAME', '$EMAIL', '$PASSWORD_HASH');" 2>> /tmp/register_form.log
|
|
||||||
|
|
||||||
# Log the username and email for debugging
|
# Insert the user into the SQLite database, including date_joined
|
||||||
echo "Username: $USERNAME, Email: $EMAIL" >> /tmp/register_form.log
|
DB_PATH="/var/lib/monotreme/data/monotreme.db"
|
||||||
|
sqlite3 $DB_PATH "INSERT INTO users (username, email, password_hash, date_joined) VALUES ('$USERNAME', '$EMAIL', '$PASSWORD_HASH', '$DATE_JOINED');" 2>> /tmp/register_form.log
|
||||||
|
|
||||||
# Create the email with proper headers
|
# Log the username and email for debugging
|
||||||
EMAIL_BODY=$(cat <<EOF
|
echo "Username: $USERNAME, Email: $EMAIL" >> /tmp/register_form.log
|
||||||
From: info@monotreme.org
|
|
||||||
To: $EMAIL
|
|
||||||
Subject: Welcome to monotreme.org
|
|
||||||
|
|
||||||
Hello $USERNAME,
|
# Create the email with proper headers
|
||||||
|
EMAIL_BODY=$(cat <<EOF
|
||||||
|
From: info@monotreme.org
|
||||||
|
To: $EMAIL
|
||||||
|
Subject: Welcome to monotreme.org
|
||||||
|
|
||||||
Thank you for registering at monotreme.org. You can now log in with your credentials. I hope you enjoy the world of the monotreme!
|
Hello $USERNAME,
|
||||||
|
|
||||||
Best regards,
|
Thank you for registering at monotreme.org. You can now log in with your credentials. I hope you enjoy the world of the monotreme!
|
||||||
Tristan
|
|
||||||
monotreme.org team
|
|
||||||
EOF
|
|
||||||
)
|
|
||||||
|
|
||||||
# Log the email body for debugging
|
Best regards,
|
||||||
echo "Email Body: $EMAIL_BODY" >> /tmp/register_form.log
|
Tristan
|
||||||
|
monotreme.org team
|
||||||
|
EOF
|
||||||
|
)
|
||||||
|
|
||||||
# Send the email using msmtp (or your protonmail-bridge setup)
|
# Log the email body for debugging
|
||||||
echo "$EMAIL_BODY" | msmtp --account=monotreme "$EMAIL"
|
echo "Email Body: $EMAIL_BODY" >> /tmp/register_form.log
|
||||||
|
|
||||||
|
# Send the email using msmtp (or your protonmail-bridge setup)
|
||||||
|
echo "$EMAIL_BODY" | msmtp --account=monotreme "$EMAIL"
|
||||||
|
|
||||||
|
# Response back to the browser
|
||||||
|
cat <<EOF
|
||||||
|
<html>
|
||||||
|
<head><title>Registration Successful</title></head>
|
||||||
|
<body>
|
||||||
|
<h1>Registration successful!</h1>
|
||||||
|
<p>A confirmation email has been sent to $EMAIL.</p>
|
||||||
|
<a href="/login/">Go to login page</a>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
EOF
|
||||||
|
|
||||||
# Response back to the browser
|
|
||||||
cat <<EOF
|
|
||||||
<html>
|
|
||||||
<head><title>Registration Successful</title></head>
|
|
||||||
<body>
|
|
||||||
<h1>Registration successful!</h1>
|
|
||||||
<p>A confirmation email has been sent to $EMAIL.</p>
|
|
||||||
<a href="/login/">Go to login page</a>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
||||||
EOF
|
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
#!/usr/bin/python3
|
#!/usr/bin/python3
|
||||||
|
|
||||||
import sqlite3
|
import sqlite3
|
||||||
import http.cookies
|
|
||||||
import os
|
import os
|
||||||
import time # Ensure we import time for the timestamp check
|
import http.cookies
|
||||||
|
import time
|
||||||
|
|
||||||
print("Content-Type: text/html")
|
print("Content-Type: text/html")
|
||||||
print()
|
print()
|
||||||
|
@ -12,42 +12,53 @@ print()
|
||||||
cookie = http.cookies.SimpleCookie(os.environ.get('HTTP_COOKIE', ''))
|
cookie = http.cookies.SimpleCookie(os.environ.get('HTTP_COOKIE', ''))
|
||||||
session_id = cookie.get('session_id')
|
session_id = cookie.get('session_id')
|
||||||
|
|
||||||
# Log the session ID for debugging
|
|
||||||
with open("/tmp/user_panel_session.log", "a") as f:
|
|
||||||
f.write(f"Parsed session ID: {session_id.value if session_id else 'None'}\n")
|
|
||||||
|
|
||||||
if session_id:
|
if session_id:
|
||||||
session_id = session_id.value
|
session_id = session_id.value
|
||||||
|
|
||||||
# Connect to SQLite and check the session
|
# Connect to SQLite and check the session
|
||||||
db = sqlite3.connect('/var/lib/monotreme/data/monotreme.db')
|
db = sqlite3.connect('/var/lib/monotreme/data/monotreme.db')
|
||||||
cursor = db.cursor()
|
cursor = db.cursor()
|
||||||
|
|
||||||
# Log the current timestamp for debugging
|
|
||||||
current_time = int(time.time())
|
|
||||||
with open("/tmp/user_panel_session.log", "a") as f:
|
|
||||||
f.write(f"Current time (UNIX timestamp): {current_time}\n")
|
|
||||||
|
|
||||||
# Check if the session exists and is still valid
|
# Check if the session exists and is still valid
|
||||||
cursor.execute("SELECT username, expires_at FROM sessions WHERE session_id=? AND expires_at > ?", (session_id, current_time))
|
cursor.execute("SELECT username FROM sessions WHERE session_id=? AND expires_at > ?", (session_id, int(time.time())))
|
||||||
result = cursor.fetchone()
|
result = cursor.fetchone()
|
||||||
|
|
||||||
if result:
|
if result:
|
||||||
username, expires_at = result
|
username = result[0]
|
||||||
|
|
||||||
# Log the session expiration time for debugging
|
|
||||||
with open("/tmp/user_panel_session.log", "a") as f:
|
|
||||||
f.write(f"Session found for user: {username}\n")
|
|
||||||
f.write(f"Session expires at: {expires_at}, Current time: {current_time}\n")
|
|
||||||
|
|
||||||
# Print the user panel
|
|
||||||
print(f"<h1>Welcome, {username}!</h1>")
|
print(f"<h1>Welcome, {username}!</h1>")
|
||||||
print("<p>This is your user panel.</p>")
|
print("<p>This is your user panel.</p>")
|
||||||
print("<p>This panel contains nothing but the ability to logout.</p>")
|
print("<p>This page contains a couple things once I figure out how databases work.</p>")
|
||||||
print('<a href="/cgi-bin/logout.cgi">Logout</a>')
|
|
||||||
|
# Fetch and display profile info
|
||||||
|
cursor.execute("SELECT email, date_joined, last_login FROM users WHERE username=?", (username,))
|
||||||
|
profile_info = cursor.fetchone()
|
||||||
|
if profile_info:
|
||||||
|
email, date_joined, last_login = profile_info
|
||||||
|
print(f"<p>Email: {email}</p>")
|
||||||
|
print(f"<p>Date Joined: {date_joined}</p>")
|
||||||
|
print(f"<p>Last Login: {last_login}</p>")
|
||||||
|
|
||||||
|
# Fetch and display recent activity
|
||||||
|
cursor.execute("SELECT action, timestamp FROM activity_log WHERE username=? ORDER BY timestamp DESC LIMIT 5", (username,))
|
||||||
|
recent_activity = cursor.fetchall()
|
||||||
|
print("<h3>Recent Activity</h3>")
|
||||||
|
if recent_activity:
|
||||||
|
for action, timestamp in recent_activity:
|
||||||
|
time_str = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(timestamp))
|
||||||
|
print(f"<p>{action} at {time_str}</p>")
|
||||||
|
else:
|
||||||
|
print("<p>No recent activity</p>")
|
||||||
|
|
||||||
|
# Fetch and display notifications
|
||||||
|
cursor.execute("SELECT message, timestamp FROM notifications WHERE username=? AND read=0 ORDER BY timestamp DESC", (username,))
|
||||||
|
notifications = cursor.fetchall()
|
||||||
|
print("<h3>Notifications</h3>")
|
||||||
|
if notifications:
|
||||||
|
for message, timestamp in notifications:
|
||||||
|
time_str = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(timestamp))
|
||||||
|
print(f"<p>{message} at {time_str}</p>")
|
||||||
|
else:
|
||||||
|
print("<p>No new notifications</p>")
|
||||||
else:
|
else:
|
||||||
with open("/tmp/user_panel_session.log", "a") as f:
|
|
||||||
f.write("Session expired or invalid.\n")
|
|
||||||
print("<h1>Session expired or invalid!</h1>")
|
print("<h1>Session expired or invalid!</h1>")
|
||||||
print("<a href='/login/'>Login again</a>")
|
print("<a href='/login/'>Login again</a>")
|
||||||
else:
|
else:
|
||||||
|
|
Loading…
Reference in a new issue