Move messages to php sessions

This commit is contained in:
Jonathan Flueren 2023-08-16 16:46:54 +02:00
parent 1cf3c49672
commit 83b8ec1799

View file

@ -1,11 +1,12 @@
<?php <?php
session_start();
define('IDENTITIES_FILE', 'identities.json'); define('IDENTITIES_FILE', 'identities.json');
define('PRESENT_FILE', 'present.json'); define('PRESENT_FILE', 'present.json');
$page_title = 'CZI Presence Detector'; define('NAME_PATTERN', "^([ a-zA-Z'\-]){1,30}$");
$name_pattern = "^([ a-zA-Z'\-]){1,30}$"; define('MAC_PATTERN', "^([0-9A-Fa-f]{2}[:-s]){5}([0-9A-Fa-f]{2})$");
$mac_pattern = "^([0-9A-Fa-f]{2}[:-s]){5}([0-9A-Fa-f]{2})$"; define('PAGE_TITLE', 'CZI Presence Detector');
$present = json_decode(file_get_contents(PRESENT_FILE), true); $present = json_decode(file_get_contents(PRESENT_FILE), true);
@ -14,141 +15,151 @@ $datetime = new DateTime("now", new DateTimeZone($tz));
$datetime->setTimestamp($present["timestamp"]); $datetime->setTimestamp($present["timestamp"]);
function hash_mac($mac) { function hash_mac($mac)
{
$normalized_mac = str_replace('-', ':', strtolower($mac)); $normalized_mac = str_replace('-', ':', strtolower($mac));
$hashed_mac = hash('sha256', $normalized_mac); $hashed_mac = hash('sha256', $normalized_mac);
return $hashed_mac; return $hashed_mac;
} }
function add_identity($name, $mac) { function add_identity($name, $mac)
{
if ( if (
preg_match('/' . $name_pattern . '/', $name) != 1 || preg_match('/' . NAME_PATTERN . '/', $name) != 1 ||
preg_match('/' . $mac_pattern . '/', $mac) != 1 preg_match('/' . MAC_PATTERN . '/', $mac) != 1
) { ) {
http_response_code(400); http_response_code(400);
die("Bad data"); die("Bad data");
} }
$hashed_mac = hash_mac($mac);
$identities = json_decode(file_get_contents(IDENTITIES_FILE), true);
$url = strtok($_SERVER['REQUEST_URI'], '?');
foreach ($identities as $identity) { $hashed_mac = hash_mac($mac);
if ($identity['name'] == $name) {
header("Location: " . $url . "?dup_name", true, 303); $identities = json_decode(file_get_contents(IDENTITIES_FILE), true);
exit();
} $url = strtok($_SERVER['REQUEST_URI'], '?');
if ($identity['mac_hash'] == $hashed_mac) {
header("Location: " . $url . "?dup_mac", true, 303); foreach ($identities as $identity) {
exit(); if ($identity['name'] == $name) {
} $_SESSION['form_success'] = false;
} $_SESSION['form_success_message'] = 'Name already in use, please choose a different one.';
header("Location: " . $url, true, 303);
array_push($identities, array("name" => $name, "mac_hash" => $hashed_mac)); exit();
file_put_contents(IDENTITIES_FILE, json_encode($identities)); }
if ($identity['mac_hash'] == $hashed_mac) {
header("Location: " . $url . "?succ", true, 303); $_SESSION['form_success'] = false;
exit(); $_SESSION['form_success_message'] = 'MAC already set up, please remove it first to change name.';
header("Location: " . $url, true, 303);
exit();
}
}
array_push($identities, array("name" => $name, "mac_hash" => $hashed_mac));
file_put_contents(IDENTITIES_FILE, json_encode($identities));
$_SESSION['form_success'] = true;
$_SESSION['form_success_message'] = 'Identity successfully saved.';
header("Location: " . $url, true, 303);
exit();
} }
function remove_identity($mac) { function remove_identity($mac)
if (preg_match('/' . $mac_pattern . '/', $mac) != 1) { {
http_response_code(400); if (preg_match('/' . MAC_PATTERN . '/', $mac) != 1) {
die("Bad data"); http_response_code(400);
} die("Bad data");
}
$hashed_mac = hash_mac($mac); $hashed_mac = hash_mac($mac);
$identities = json_decode(file_get_contents(IDENTITIES_FILE), true); $identities = json_decode(file_get_contents(IDENTITIES_FILE), true);
$new_identities = array(); $new_identities = array();
foreach ($identities as $identity) { foreach ($identities as $identity) {
if ($identity['mac_hash'] != $hashed_mac) { if ($identity['mac_hash'] != $hashed_mac) {
array_push($new_identities, $identity); array_push($new_identities, $identity);
} }
file_put_contents(IDENTITIES_FILE, json_encode($new_identities)); file_put_contents(IDENTITIES_FILE, json_encode($new_identities));
header("Location: " . strtok($_SERVER['REQUEST_URI'], '?'), true, 303); $_SESSION['form_success'] = true;
exit(); $_SESSION['form_success_message'] = 'Identity successfully removed.';
header("Location: " . strtok($_SERVER['REQUEST_URI'], '?'), true, 303);
exit();
} }
} }
if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($_SERVER['REQUEST_METHOD'] == "POST") {
if ( if (
isset($_POST['name']) && isset($_POST['name']) &&
isset($_POST['mac']) isset($_POST['mac'])
) { ) {
add_identity($_POST['name'], $_POST['mac']); add_identity($_POST['name'], $_POST['mac']);
} } else if (isset($_POST['remove-mac'])) {
else if (isset($_POST['remove-mac'])) {
remove_identity($_POST['remove-mac']); remove_identity($_POST['remove-mac']);
} }
} }
?> ?>
<html> <html>
<head>
<title><?php echo $page_title; ?></title> <head>
<meta charset="UTF-8"> <title><?php echo PAGE_TITLE; ?></title>
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta charset="UTF-8">
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-4bw+/aepP/YC94hEpVNVgiZdgIC5+VKNBQNGCHeKRQN+PtmoHDEXuppvnDJzQIu9" crossorigin="anonymous"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<script src="bootstrap/js/bootstrap.bundle.min.js" integrity="sha384-HwwvtgBNo3bZJJLYd8oVXjrBZt8cqVSpeBNS5n7C8IVInixGAoxmnlMuBnhbgrkm" crossorigin="anonymous"></script> <link href="bootstrap/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-4bw+/aepP/YC94hEpVNVgiZdgIC5+VKNBQNGCHeKRQN+PtmoHDEXuppvnDJzQIu9" crossorigin="anonymous">
</head> <script src="bootstrap/js/bootstrap.bundle.min.js" integrity="sha384-HwwvtgBNo3bZJJLYd8oVXjrBZt8cqVSpeBNS5n7C8IVInixGAoxmnlMuBnhbgrkm" crossorigin="anonymous"></script>
<body> </head>
<body>
<nav class="navbar navbar-light bg-light justify-content-between" style="padding: 0"> <nav class="navbar navbar-light bg-light justify-content-between" style="padding: 0">
<span class="navbar-brand mb-0 h1" style="padding-left: 1rem"><?php echo $page_title; ?></span> <span class="navbar-brand mb-0 h1" style="padding-left: 1rem"><?php echo PAGE_TITLE; ?></span>
</nav> </nav>
<div id="content" style="padding: 2rem;"> <div id="content" style="padding: 2rem;">
<h2>Jetzt gerade im CZI <small>(letztes Update von <?php echo $datetime->format('H:i:s d.m.Y'); ?>)</small></h2><br> <h2>Jetzt gerade im CZI <small>(letztes Update von <?php echo $datetime->format('H:i:s d.m.Y'); ?>)</small></h2><br>
<table class="table"> <table class="table">
<thead> <thead>
<tr> <tr>
<th>Name</th> <th>Name</th>
</tr> </tr>
</thead> </thead>
<?php <?php
foreach ($present["names"] as $name) { foreach ($present["names"] as $name) {
?> ?>
<tr> <tr>
<td><?php echo $name; ?></td> <td><?php echo $name; ?></td>
</tr> </tr>
<?php <?php
} }
?> ?>
</table> </table>
<br><br> <br><br>
<?php <?php
if ($_SERVER['QUERY_STRING'] == 'dup_name') { if (isset($_SESSION['form_success'])) {
?> if ($_SESSION['form_success'] === false) {
<div class="alert alert-danger" role="alert"> ?>
Name already in use, please choose a different one. <div class="alert alert-danger" role="alert">
</div> <?php echo $_SESSION['form_success_message']; ?>
</div>
<?php <?php
} else if ($_SERVER['QUERY_STRING'] == 'dup_mac') { } else if ($_SESSION['form_success'] === true) {
?> ?>
<div class="alert alert-danger" role="alert"> <div class="alert alert-success" role="alert">
MAC already set up, please remove it first to change name. <?php echo $_SESSION['form_success_message']; ?>
</div> </div>
<?php <?php
} else if ($_SERVER['QUERY_STRING'] == 'succ') { }
?> unset($_SESSION['form_success']);
<div class="alert alert-success" role="alert"> unset($_SESSION['form_success_message']);
Identity successfully saved. } ?>
</div> <div class="row justify-content-start row-cols-sm-1 row-cols-md-2 row-cols-lg-3 row-cols-xl-4">
<?php
}?>
<div class="row justify-content-start">
<div class="col col-md-4"> <div class="col col-md-4">
<div class="card" style="max-width: 30rem;"> <div class="card" style="max-width: 30rem;">
<div class="card-body"> <div class="card-body">
<h5 class="card-title">Neues Gerät tracken</h5> <h5 class="card-title">Neues Gerät tracken</h5>
<form method="POST"> <form method="POST">
<input class="form-control" type="text" name="name" pattern="<?php print($name_pattern); ?>" placeholder="Gebe hier deinen Namen ein" value="" /><br> <input class="form-control" type="text" name="name" pattern="<?php echo NAME_PATTERN; ?>" placeholder="Name des zu trackenden Geräts" value="" /><br>
<input class="form-control" type="text" name="mac" pattern="<?php print($mac_pattern); ?>" placeholder="Gebe hier die MAC-Adresse des zu trackenden Gerätes ein" value="" /><br> <input class="form-control" type="text" name="mac" pattern="<?php echo MAC_PATTERN; ?>" placeholder="MAC-Adresse des zu trackenden Geräts" value="" /><br>
<button class="btn btn-primary" type="submit">Speichern</button> <button class="btn btn-primary" type="submit">Speichern</button>
</form> </form>
</div> </div>
@ -159,7 +170,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
<div class="card-body"> <div class="card-body">
<h5 class="card-title">Gerät entfernen</h5> <h5 class="card-title">Gerät entfernen</h5>
<form method="POST"> <form method="POST">
<input class="form-control" type="text" name="remove-mac" pattern="<?php print($mac_pattern); ?>" placeholder="Gebe hier die MAC-Adresse des zu löschenden Gerätes ein" value="" /><br> <input class="form-control" type="text" name="remove-mac" pattern="<?php echo MAC_PATTERN; ?>" placeholder="MAC-Adresse des zu löschenden Geräts" value="" /><br>
<button class="btn btn-primary" type="submit">Entfernen</button> <button class="btn btn-primary" type="submit">Entfernen</button>
</form> </form>
</div> </div>
@ -167,5 +178,6 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
</div> </div>
</div> </div>
</div> </div>
</body> </body>
</html> </html>