Weiterleitung auf HTTPS eingebaut

d9735c75 · Nico Schallehn · 9c82750b · d9735c75
Commit d9735c75 authored Jul 11, 2016 by Nico Schallehn
Hide whitespace changes
Inline Side-by-side

Showing with 85 additions and 77 deletions

index.php index.php +85 -77

No files found.
--- a/index.php
+++ b/index.php
-<?php include("config.php"); ?>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
-	<title>Chat - Login</title>
-	<link rel="stylesheet" type="text/css" href="standard.css">
-</head>
-<body id="body" class="bodybg" style="background-position: 0 -692;">
-
-<?php
-$result = mysql_query("SELECT * FROM user WHERE name = '{$_SESSION['chatuserid']}'");
-$users = mysql_fetch_array($result);
-echo '<a href="index.php">Home</a> | <a href="index.php?action=register">Registieren</a>';
-$text = "";
-if($_GET['action'] == "")
-{
-	$text .= '<h1>Einloggen</h1>';
-	if(isset($_POST['ok']))
-	{
-		$username = htmlentities($_POST['username']);
-		$passwort = htmlentities($_POST['pass']);
-		if($username == "" OR $passwort == "")
-			$text .= "<font color=\"red\">Name oder Password Fehlt!</font>";
-		else
-		{
-			$result = mysql_query("SELECT id, pass, name FROM user WHERE name = '$username'");
-			$user = mysql_fetch_array($result);
-			if($user['pass'] == $passwort)
-			{
-				$_SESSION['chatuserid'] = $user['id'];
-				$_SESSION['name'] = $user['name'];
-				mysql_query("UPDATE user SET online = '1', refresh_time = ".time()." WHERE id = '{$_SESSION['chatuserid']}'");
-				mysql_query("INSERT INTO chat (nachricht, user_id, userchange, hideuser, chat_time) VALUES ('<b>{$user['name']}</b> betritt den Chat', '{$_SESSION['chatuserid']}', '1', '1', '".time()."')");
-				$text .=  "Du hast dich erfolgreich eingeloggt!<script>parent.location.href = 'fr.php';</script>";
-			}
-			else
-				$text .= "<font color=\"red\">Name ($username) oder Passwort falsch!</font><br /><br />";
-		}
-	}
-
-	$text .= '<form method="post" action="index.php">
-		<table>
-			<tr><td>Name:</td>			<td><input type="text" name="username" /></td></tr>
-			<tr><td>Passwort:</td>		<td><input type="password" name="pass" /></td></tr>
-			<tr><td></td><td><input type="submit" name="ok" value="Anmelden" /></td></tr>
-		</table>
-	</form>';
-}
-else if($_GET['action'] == "register")
-{
-	$text .= '<h1>Registieren</h1>';
-	if(isset($_POST['ok'])){
-		$result = mysql_query("SELECT COUNT(*) AS anz FROM user WHERE name = '{$_POST['username']}'");
-		$user = mysql_fetch_array($result);
-		if($user['anz'] == 0 AND $_POST['username'] != "" AND $_POST['pass'] != ""){
-			$_SESSION['chatuserid'] = $user['id'];
-			$_POST['username'] = htmlentities($_POST['username']);
-			$_POST['pass'] = htmlentities($_POST['pass']);
-			mysql_query("INSERT INTO user (name, pass) VALUES ('{$_POST['username']}', '{$_POST['pass']}')");
-			mysql_query("INSERT INTO chat (nachricht, user_id, userchange, hideuser, chat_time) VALUES ('<b>{$_POST['username']}</b> hat sich registriert', '{$_SESSION['chatuserid']}', '1', '1', '".time()."')");
-			AdminLogAdd("{$_POST['username']} hat sich registiert!", $_SESSION['chatuserid'], 0);
-			$text .=  "Du hast dich erfolgreich registriert! <a href=\"index.php\">Zum Login!</a><br><br>";
-		}
-		else
-			if($user['anz'] != 0)	$text .=  "<font color=\"red\">Name existiert Schon!</font><br><br>";
-			else					$text .=  "<font color=\"red\">Name oder Passwort fehlt oder ist ungltig!</font><br><br>";
-	}
-	$text .= '<form method="post" action="index.php?action=register">
-		<table><tr><td>Name:</td>		<td><input type="text" name="username"><td></tr>
-			<tr><td>Passwort:</td>	<td><input type="password" name="pass"><td></tr>
-			<tr><td></td>			<td><input type="submit" name="ok" value="Registrieren"><td></tr></table></form>';
-	}
-	
-	echo $text; ?>
-	<br><br><?php echo BBcode(file_get_contents("$yourFile")); ?><br><br>
-	<small><?php echo "Es sind schon ".$Useranzahl." an Bord! Es sind ".$Useronline." Online!";?></small><br><br><br>
-</body>
+<?php 
+if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"){
+    $redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
+    header('HTTP/1.1 301 Moved Permanently');
+    header('Location: ' . $redirect);
+    exit();
+}
+
+include("config.php"); ?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+	<title>Chat - Login</title>
+	<link rel="stylesheet" type="text/css" href="standard.css">
+</head>
+<body id="body" class="bodybg" style="background-position: 0 -692;">
+
+<?php
+$result = mysql_query("SELECT * FROM user WHERE name = '{$_SESSION['chatuserid']}'");
+$users = mysql_fetch_array($result);
+echo '<a href="index.php">Home</a> | <a href="index.php?action=register">Registieren</a>';
+$text = "";
+if($_GET['action'] == "")
+{
+	$text .= '<h1>Einloggen</h1>';
+	if(isset($_POST['ok']))
+	{
+		$username = htmlentities($_POST['username']);
+		$passwort = htmlentities($_POST['pass']);
+		if($username == "" OR $passwort == "")
+			$text .= "<font color=\"red\">Name oder Password Fehlt!</font>";
+		else
+		{
+			$result = mysql_query("SELECT id, pass, name FROM user WHERE name = '$username'");
+			$user = mysql_fetch_array($result);
+			if($user['pass'] == $passwort)
+			{
+				$_SESSION['chatuserid'] = $user['id'];
+				$_SESSION['name'] = $user['name'];
+				mysql_query("UPDATE user SET online = '1', refresh_time = ".time()." WHERE id = '{$_SESSION['chatuserid']}'");
+				mysql_query("INSERT INTO chat (nachricht, user_id, userchange, hideuser, chat_time) VALUES ('<b>{$user['name']}</b> betritt den Chat', '{$_SESSION['chatuserid']}', '1', '1', '".time()."')");
+				$text .=  "Du hast dich erfolgreich eingeloggt!<script>parent.location.href = 'fr.php';</script>";
+			}
+			else
+				$text .= "<font color=\"red\">Name ($username) oder Passwort falsch!</font><br /><br />";
+		}
+	}
+
+	$text .= '<form method="post" action="index.php">
+		<table>
+			<tr><td>Name:</td>			<td><input type="text" name="username" /></td></tr>
+			<tr><td>Passwort:</td>		<td><input type="password" name="pass" /></td></tr>
+			<tr><td></td><td><input type="submit" name="ok" value="Anmelden" /></td></tr>
+		</table>
+	</form>';
+}
+else if($_GET['action'] == "register")
+{
+	$text .= '<h1>Registieren</h1>';
+	if(isset($_POST['ok'])){
+		$result = mysql_query("SELECT COUNT(*) AS anz FROM user WHERE name = '{$_POST['username']}'");
+		$user = mysql_fetch_array($result);
+		if($user['anz'] == 0 AND $_POST['username'] != "" AND $_POST['pass'] != ""){
+			$_SESSION['chatuserid'] = $user['id'];
+			$_POST['username'] = htmlentities($_POST['username']);
+			$_POST['pass'] = htmlentities($_POST['pass']);
+			mysql_query("INSERT INTO user (name, pass) VALUES ('{$_POST['username']}', '{$_POST['pass']}')");
+			mysql_query("INSERT INTO chat (nachricht, user_id, userchange, hideuser, chat_time) VALUES ('<b>{$_POST['username']}</b> hat sich registriert', '{$_SESSION['chatuserid']}', '1', '1', '".time()."')");
+			AdminLogAdd("{$_POST['username']} hat sich registiert!", $_SESSION['chatuserid'], 0);
+			$text .=  "Du hast dich erfolgreich registriert! <a href=\"index.php\">Zum Login!</a><br><br>";
+		}
+		else
+			if($user['anz'] != 0)	$text .=  "<font color=\"red\">Name existiert Schon!</font><br><br>";
+			else					$text .=  "<font color=\"red\">Name oder Passwort fehlt oder ist ungltig!</font><br><br>";
+	}
+	$text .= '<form method="post" action="index.php?action=register">
+		<table><tr><td>Name:</td>		<td><input type="text" name="username"><td></tr>
+			<tr><td>Passwort:</td>	<td><input type="password" name="pass"><td></tr>
+			<tr><td></td>			<td><input type="submit" name="ok" value="Registrieren"><td></tr></table></form>';
+	}
+	
+	echo $text; ?>
+	<br><br><?php echo BBcode(file_get_contents("$yourFile")); ?><br><br>
+	<small><?php echo "Es sind schon ".$Useranzahl." an Bord! Es sind ".$Useronline." Online!";?></small><br><br><br>
+</body>
 </html>
\ No newline at end of file