Weiterleitung auf HTTPS eingebaut

d9735c75 · Nico Schallehn · 9c82750b · d9735c75
Commit d9735c75 authored Jul 11, 2016 by Nico Schallehn
Hide whitespace changes
Inline Side-by-side

Showing with 85 additions and 77 deletions

index.php index.php +85 -77

No files found.
--- a/index.php
+++ b/index.php
-<?php include("config.php"); ?>
+<?php 
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"){
-<html>
+    $redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
-<head>
+    header('HTTP/1.1 301 Moved Permanently');
-	<title>Chat - Login</title>
+    header('Location: ' . $redirect);
-	<link rel="stylesheet" type="text/css" href="standard.css">
+    exit();
-</head>
+}
-<body id="body" class="bodybg" style="background-position: 0 -692;">
+include("config.php"); ?>
-<?php
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-$result = mysql_query("SELECT * FROM user WHERE name = '{$_SESSION['chatuserid']}'");
+<html>
-$users = mysql_fetch_array($result);
+<head>
-echo '<a href="index.php">Home</a> | <a href="index.php?action=register">Registieren</a>';
+	<title>Chat - Login</title>
-$text = "";
+	<link rel="stylesheet" type="text/css" href="standard.css">
-if($_GET['action'] == "")
+</head>
-{
+<body id="body" class="bodybg" style="background-position: 0 -692;">
-	$text .= '<h1>Einloggen</h1>';
-	if(isset($_POST['ok']))
+<?php
-	{
+$result = mysql_query("SELECT * FROM user WHERE name = '{$_SESSION['chatuserid']}'");
-		$username = htmlentities($_POST['username']);
+$users = mysql_fetch_array($result);
-		$passwort = htmlentities($_POST['pass']);
+echo '<a href="index.php">Home</a> | <a href="index.php?action=register">Registieren</a>';
-		if($username == "" OR $passwort == "")
+$text = "";
-			$text .= "<font color=\"red\">Name oder Password Fehlt!</font>";
+if($_GET['action'] == "")
-		else
+{
-		{
+	$text .= '<h1>Einloggen</h1>';
-			$result = mysql_query("SELECT id, pass, name FROM user WHERE name = '$username'");
+	if(isset($_POST['ok']))
-			$user = mysql_fetch_array($result);
+	{
-			if($user['pass'] == $passwort)
+		$username = htmlentities($_POST['username']);
-			{
+		$passwort = htmlentities($_POST['pass']);
-				$_SESSION['chatuserid'] = $user['id'];
+		if($username == "" OR $passwort == "")
-				$_SESSION['name'] = $user['name'];
+			$text .= "<font color=\"red\">Name oder Password Fehlt!</font>";
-				mysql_query("UPDATE user SET online = '1', refresh_time = ".time()." WHERE id = '{$_SESSION['chatuserid']}'");
+		else
-				mysql_query("INSERT INTO chat (nachricht, user_id, userchange, hideuser, chat_time) VALUES ('<b>{$user['name']}</b> betritt den Chat', '{$_SESSION['chatuserid']}', '1', '1', '".time()."')");
+		{
-				$text .=  "Du hast dich erfolgreich eingeloggt!<script>parent.location.href = 'fr.php';</script>";
+			$result = mysql_query("SELECT id, pass, name FROM user WHERE name = '$username'");
-			}
+			$user = mysql_fetch_array($result);
-			else
+			if($user['pass'] == $passwort)
-				$text .= "<font color=\"red\">Name ($username) oder Passwort falsch!</font><br /><br />";
+			{
-		}
+				$_SESSION['chatuserid'] = $user['id'];
-	}
+				$_SESSION['name'] = $user['name'];
+				mysql_query("UPDATE user SET online = '1', refresh_time = ".time()." WHERE id = '{$_SESSION['chatuserid']}'");
-	$text .= '<form method="post" action="index.php">
+				mysql_query("INSERT INTO chat (nachricht, user_id, userchange, hideuser, chat_time) VALUES ('<b>{$user['name']}</b> betritt den Chat', '{$_SESSION['chatuserid']}', '1', '1', '".time()."')");
-		<table>
+				$text .=  "Du hast dich erfolgreich eingeloggt!<script>parent.location.href = 'fr.php';</script>";
-			<tr><td>Name:</td>			<td><input type="text" name="username" /></td></tr>
+			}
-			<tr><td>Passwort:</td>		<td><input type="password" name="pass" /></td></tr>
+			else
-			<tr><td></td><td><input type="submit" name="ok" value="Anmelden" /></td></tr>
+				$text .= "<font color=\"red\">Name ($username) oder Passwort falsch!</font><br /><br />";
-		</table>
+		}
-	</form>';
+	}
-}
-else if($_GET['action'] == "register")
+	$text .= '<form method="post" action="index.php">
-{
+		<table>
-	$text .= '<h1>Registieren</h1>';
+			<tr><td>Name:</td>			<td><input type="text" name="username" /></td></tr>
-	if(isset($_POST['ok'])){
+			<tr><td>Passwort:</td>		<td><input type="password" name="pass" /></td></tr>
-		$result = mysql_query("SELECT COUNT(*) AS anz FROM user WHERE name = '{$_POST['username']}'");
+			<tr><td></td><td><input type="submit" name="ok" value="Anmelden" /></td></tr>
-		$user = mysql_fetch_array($result);
+		</table>
-		if($user['anz'] == 0 AND $_POST['username'] != "" AND $_POST['pass'] != ""){
+	</form>';
-			$_SESSION['chatuserid'] = $user['id'];
+}
-			$_POST['username'] = htmlentities($_POST['username']);
+else if($_GET['action'] == "register")
-			$_POST['pass'] = htmlentities($_POST['pass']);
+{
-			mysql_query("INSERT INTO user (name, pass) VALUES ('{$_POST['username']}', '{$_POST['pass']}')");
+	$text .= '<h1>Registieren</h1>';
-			mysql_query("INSERT INTO chat (nachricht, user_id, userchange, hideuser, chat_time) VALUES ('<b>{$_POST['username']}</b> hat sich registriert', '{$_SESSION['chatuserid']}', '1', '1', '".time()."')");
+	if(isset($_POST['ok'])){
-			AdminLogAdd("{$_POST['username']} hat sich registiert!", $_SESSION['chatuserid'], 0);
+		$result = mysql_query("SELECT COUNT(*) AS anz FROM user WHERE name = '{$_POST['username']}'");
-			$text .=  "Du hast dich erfolgreich registriert! <a href=\"index.php\">Zum Login!</a><br><br>";
+		$user = mysql_fetch_array($result);
-		}
+		if($user['anz'] == 0 AND $_POST['username'] != "" AND $_POST['pass'] != ""){
-		else
+			$_SESSION['chatuserid'] = $user['id'];
-			if($user['anz'] != 0)	$text .=  "<font color=\"red\">Name existiert Schon!</font><br><br>";
+			$_POST['username'] = htmlentities($_POST['username']);
-			else					$text .=  "<font color=\"red\">Name oder Passwort fehlt oder ist ungltig!</font><br><br>";
+			$_POST['pass'] = htmlentities($_POST['pass']);
-	}
+			mysql_query("INSERT INTO user (name, pass) VALUES ('{$_POST['username']}', '{$_POST['pass']}')");
-	$text .= '<form method="post" action="index.php?action=register">
+			mysql_query("INSERT INTO chat (nachricht, user_id, userchange, hideuser, chat_time) VALUES ('<b>{$_POST['username']}</b> hat sich registriert', '{$_SESSION['chatuserid']}', '1', '1', '".time()."')");
-		<table><tr><td>Name:</td>		<td><input type="text" name="username"><td></tr>
+			AdminLogAdd("{$_POST['username']} hat sich registiert!", $_SESSION['chatuserid'], 0);
-			<tr><td>Passwort:</td>	<td><input type="password" name="pass"><td></tr>
+			$text .=  "Du hast dich erfolgreich registriert! <a href=\"index.php\">Zum Login!</a><br><br>";
-			<tr><td></td>			<td><input type="submit" name="ok" value="Registrieren"><td></tr></table></form>';
+		}
-	}
+		else
+			if($user['anz'] != 0)	$text .=  "<font color=\"red\">Name existiert Schon!</font><br><br>";
-	echo $text; ?>
+			else					$text .=  "<font color=\"red\">Name oder Passwort fehlt oder ist ungltig!</font><br><br>";
-	<br><br><?php echo BBcode(file_get_contents("$yourFile")); ?><br><br>
+	}
-	<small><?php echo "Es sind schon ".$Useranzahl." an Bord! Es sind ".$Useronline." Online!";?></small><br><br><br>
+	$text .= '<form method="post" action="index.php?action=register">
-</body>
+		<table><tr><td>Name:</td>		<td><input type="text" name="username"><td></tr>
+			<tr><td>Passwort:</td>	<td><input type="password" name="pass"><td></tr>
+			<tr><td></td>			<td><input type="submit" name="ok" value="Registrieren"><td></tr></table></form>';
+	}
+	echo $text; ?>
+	<br><br><?php echo BBcode(file_get_contents("$yourFile")); ?><br><br>
+	<small><?php echo "Es sind schon ".$Useranzahl." an Bord! Es sind ".$Useronline." Online!";?></small><br><br><br>
+</body>
 </html>
\ No newline at end of file