smzint/Messages
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

implemented use of ready.php

Browse source
This commit is contained in:
vincent 2025-04-21 16:39:14 +02:00
parent d8cb0d2c0a
commit 28593e8b37
8 changed files with 20 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
compose.php
View file

@ -4,6 +4,8 @@
<body> <body>
<?php <?php
include('../Auth/index.php'); include('../Auth/index.php');
include('ready.php');
?> ?>
<h2>Messages Composer</h2> <h2>Messages Composer</h2>
<div> <div>

3
inbox.php
View file

@ -6,6 +6,7 @@
*/ */
include('../Auth/index.php'); include('../Auth/index.php');
include('ready.php');
$conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname); $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
if ($conn->connect_error) { if ($conn->connect_error) {
@ -19,7 +20,7 @@ $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
include ('search.php'); include ('search.php');
echo "<table>"; echo "<table>";
while($row = $result->fetch_assoc()) { while($row = $result->fetch_assoc()) {
echo "<tr><td><b>Absender:</b><br><abbr title='ID: ".$row["sender"]."'>".uid($row["sender"])."</abbr></td><td><b>Zeit:</b><br>".$row["datetime"]."</td><td><br><form action='read.php' method='POST'><input type='hidden' id='id' name='id' value='".$row["message"]."'><input type='hidden' id='upass' name='upass'><input type='submit' value='Öffnen'></form></td></tr>"; echo "<tr style=color:".$row["color"]."><td><b>Absender:</b><br><abbr title='ID: ".$row["sender"]."'>".uid($row["sender"])."</abbr></td><td><b>Zeit:</b><br>".$row["datetime"]."</td><td><br><form action='read.php' method='POST' target='_blank'><input type='hidden' id='id' name='id' value='".$row["message"]."'><input type='hidden' id='upass' name='upass'><input type='submit' value='Öffnen'></form></td></tr>";
} }
echo "</table>"; echo "</table>";
} else { } else {

6
index.php
View file

@ -18,11 +18,7 @@ include('../Auth/index.php');
</p> </p>
<p> <p>
<?php <?php
if(!include('ready.php')){ include('ready.php');
echo "Ihr Account wurde noch nicht für Messages eingerichtet.";
}else{
echo "Ihr Account ist bereit für die Nutzung von Messages.";
}
?> ?>
</p> </p>
</div> </div>

15
init.php
View file

@ -4,11 +4,7 @@
* smzint/Messages (c) schmamazon.com 2025 * smzint/Messages (c) schmamazon.com 2025
*/ */
if(include('ready.php')){ include('../Auth/index.php');
echo "FEHLER: Ihr Account scheint bereits inizialisiert worden zu sein.";
die();
}
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = filter_var($_POST["username"], FILTER_SANITIZE_STRING); $username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);
@ -33,8 +29,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
if(password_verify($password, $upassword_hash)){ if(password_verify($password, $upassword_hash)){
//Alle Schritte erfolgreich. Nun müssen die Schlüssel generiert werden. Der private key muss außerdem mit $password verschlüsselt werden. Dann müssen der $username, $publicKey und der verschlüsselte $privateKey in die Datenbank gespeichert werden. //Alle Schritte erfolgreich. Nun müssen die Schlüssel generiert werden. Der private key muss außerdem mit $password verschlüsselt werden. Dann müssen der $username, $publicKey und der verschlüsselte $privateKey in die Datenbank gespeichert werden.
// Hinweis: Die Erstellung mit openssl scheint missbilligt zu werden -> Investigieren
// Erstellung durch sodium ist zuvor jedoch fehlgeschlagen (Extension problems)
$privateKeyobject = openssl_pkey_new(['private_key_bits' => 2048, 'private_key_type' => OPENSSL_KEYTYPE_RSA]); $privateKeyobject = openssl_pkey_new(['private_key_bits' => 2048, 'private_key_type' => OPENSSL_KEYTYPE_RSA]);
openssl_pkey_export($privateKeyobject, $privateKey); openssl_pkey_export($privateKeyobject, $privateKey);
$keyDetails = openssl_pkey_get_details($privateKeyobject); $keyDetails = openssl_pkey_get_details($privateKeyobject);
@ -63,6 +57,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
if ($conn->query($sql) === TRUE) { if ($conn->query($sql) === TRUE) {
echo "<h1>ACCOUNT ERFOLGREICH EINGERICHTET\nSCHLIEẞEN SIE DIESEN TAB UMGEHEND!</h1>"; echo "<h1>ACCOUNT ERFOLGREICH EINGERICHTET\nSCHLIEẞEN SIE DIESEN TAB UMGEHEND!</h1>";
include 'welcomeSend.php';
start($uid, $uname, $username);
header("Location: /smzint/Messages/");
} else { } else {
echo "Error: " . $sql . "<br>" . $conn->error; echo "Error: " . $sql . "<br>" . $conn->error;
} }
@ -86,10 +83,10 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<form action="init.php" method="post"> <form action="init.php" method="post">
<label for="username">Benutzername:</label><br> <label for="username">Benutzername:</label><br>
<input type="text" id="username" name="username" required> <input type="text" id="username" name="username" required>
<span class="error">* <?php echo $nameErr;?></span><br> <span class="error">*<mark> <?php echo $nameErr;?></mark></span><br>
<label for="username">Aktuelles Auth Passwort:</label><br> <label for="username">Aktuelles Auth Passwort:</label><br>
<input type="password" id="password" name="password" required> <input type="password" id="password" name="password" required>
<span class="error">* <?php echo $passwdErr;?></span><br> <span class="error">*<mark> <?php echo $passwdErr;?></mark></span><br>
<input type="submit"> <input type="submit">
</form> </form>
</div> </div>

1
keyGrab.php
View file

@ -5,6 +5,7 @@
*/ */
include('../Auth/index.php'); include('../Auth/index.php');
include('ready.php');
function grabPublicKey($uid){ function grabPublicKey($uid){
global $dbservername; global $dbservername;

3
read.php
View file

@ -5,6 +5,7 @@
*/ */
include('../Auth/index.php'); include('../Auth/index.php');
include('ready.php');
$id = filter_var($_POST["id"], FILTER_SANITIZE_STRING); $id = filter_var($_POST["id"], FILTER_SANITIZE_STRING);
$upassword = filter_var($_POST["upass"], FILTER_SANITIZE_STRING); $upassword = filter_var($_POST["upass"], FILTER_SANITIZE_STRING);
@ -74,7 +75,7 @@ function decrypt($aeskey, $body, $iv){
} }
// Nachricht mit AES entschlüsseln // Nachricht mit AES entschlüsseln
$decryptedMessage = openssl_decrypt(base64_decode($body), 'aes-256-cbc', $decryptedAesKey, 0, base64_decode($iv)); $decryptedMessage = openssl_decrypt(base64_decode($body), 'aes-128-cbc', $decryptedAesKey, 0, base64_decode($iv));
echo $decryptedMessage; echo $decryptedMessage;
} }

10
ready.php
View file

@ -6,8 +6,6 @@
include('../Auth/index.php'); include('../Auth/index.php');
include('../Auth/db.ini.php');
$conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname); $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
if ($conn->connect_error) { if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error); die("Connection failed: " . $conn->connect_error);
@ -17,15 +15,13 @@ $sql = "SELECT * FROM smz_messages_users WHERE uid='$uid'";
$result = $conn->query($sql); $result = $conn->query($sql);
if ($result->num_rows > 0) { if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) { while($row = $result->fetch_assoc()) {
$unique_name = $row["unique_name"]; $unique_name = $row["username"];
$f_name = $row["f_name"];
$l_name = $row["l_name"];
$phone = $row["phone"];
$init_date = $row["init_date"]; $init_date = $row["init_date"];
return true; return true;
} }
} else { } else {
return false; echo("Ihr Account wurde noch nicht für Messages eingerichtet.");
header("Location: /smzint/Messages/init.php");
} }
$conn->close(); $conn->close();

15
send.php
View file

@ -5,6 +5,7 @@
*/ */
include('../Auth/index.php'); include('../Auth/index.php');
include('ready.php');
$by = filter_var($_POST["by"], FILTER_SANITIZE_STRING); $by = filter_var($_POST["by"], FILTER_SANITIZE_STRING);
$receiver = filter_var($_POST["receiver"], FILTER_SANITIZE_STRING); $receiver = filter_var($_POST["receiver"], FILTER_SANITIZE_STRING);
@ -90,8 +91,8 @@ $sender_key = grabPublicKey($uid);
$receiver_key = grabPublicKey($receiver); $receiver_key = grabPublicKey($receiver);
$aesKey = openssl_random_pseudo_bytes(32); $aesKey = openssl_random_pseudo_bytes(32);
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc')); $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-128-cbc'));
$encryptedBody = openssl_encrypt($body, 'aes-256-cbc', $aesKey, 0, $iv); $encryptedBody = openssl_encrypt($body, 'aes-128-cbc', $aesKey, 0, $iv);
$encryptedAesKey = ''; $encryptedAesKey = '';
@ -110,16 +111,6 @@ $encryptedAesKeyBase64EXT = base64_encode($encryptedAesKeyEXTERNAL);
$encryptedAesKeyBase64INT = base64_encode($encryptedAesKeyINTERNAL); $encryptedAesKeyBase64INT = base64_encode($encryptedAesKeyINTERNAL);
$ivBase64 = base64_encode($iv); $ivBase64 = base64_encode($iv);
// $encryptedINTERNAL = openssl_public_encrypt($body, $encryptedBodyINTERNAL, $sender_key, OPENSSL_PKCS1_PADDING);
// $encryptedEXTERNAL = openssl_public_encrypt($body, $encryptedBodyEXTERNAL, $receiver_key, OPENSSL_PKCS1_PADDING);
// if ($encryptedINTERNAL === false) {
// die("Fehler beim Verschlüsseln (internal): " . openssl_error_string());
// }
// if ($encryptedEXTERNAL === false) {
// die("Fehler beim Verschlüsseln (external): " . openssl_error_string());
// }
pushData($messageId, $encryptedMessageBase64, $ivBase64, $encryptedAesKeyBase64INT, $encryptedAesKeyBase64EXT); pushData($messageId, $encryptedMessageBase64, $ivBase64, $encryptedAesKeyBase64INT, $encryptedAesKeyBase64EXT);
echo "<h1>ERFOLG</1>"; echo "<h1>ERFOLG</1>";
?> ?>