smzint/Messages
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

implemented use of ready.php

Browse source
This commit is contained in:
vincent 2025-04-21 16:39:14 +02:00
parent d8cb0d2c0a
commit 28593e8b37
8 changed files with 20 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
compose.php
View file

@ -4,6 +4,8 @@
<body>
<?php
include('../Auth/index.php');
include('ready.php');
?>
<h2>Messages Composer</h2>
<div>

3
inbox.php
View file

@ -6,6 +6,7 @@
*/
include('../Auth/index.php');
include('ready.php');
$conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
if ($conn->connect_error) {
@ -19,7 +20,7 @@ $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
include ('search.php');
echo "<table>";
while($row = $result->fetch_assoc()) {
echo "<tr><td><b>Absender:</b><br><abbr title='ID: ".$row["sender"]."'>".uid($row["sender"])."</abbr></td><td><b>Zeit:</b><br>".$row["datetime"]."</td><td><br><form action='read.php' method='POST'><input type='hidden' id='id' name='id' value='".$row["message"]."'><input type='hidden' id='upass' name='upass'><input type='submit' value='Öffnen'></form></td></tr>";
echo "<tr style=color:".$row["color"]."><td><b>Absender:</b><br><abbr title='ID: ".$row["sender"]."'>".uid($row["sender"])."</abbr></td><td><b>Zeit:</b><br>".$row["datetime"]."</td><td><br><form action='read.php' method='POST' target='_blank'><input type='hidden' id='id' name='id' value='".$row["message"]."'><input type='hidden' id='upass' name='upass'><input type='submit' value='Öffnen'></form></td></tr>";
}
echo "</table>";
} else {

6
index.php
View file

@ -18,11 +18,7 @@ include('../Auth/index.php');
</p>
<p>
<?php
if(!include('ready.php')){
echo "Ihr Account wurde noch nicht für Messages eingerichtet.";
}else{
echo "Ihr Account ist bereit für die Nutzung von Messages.";
}
include('ready.php');
?>
</p>
</div>

15
init.php
View file

@ -4,11 +4,7 @@
* smzint/Messages (c) schmamazon.com 2025
*/
if(include('ready.php')){
echo "FEHLER: Ihr Account scheint bereits inizialisiert worden zu sein.";
die();
}
include('../Auth/index.php');
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);
@ -33,8 +29,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
if(password_verify($password, $upassword_hash)){
//Alle Schritte erfolgreich. Nun müssen die Schlüssel generiert werden. Der private key muss außerdem mit $password verschlüsselt werden. Dann müssen der $username, $publicKey und der verschlüsselte $privateKey in die Datenbank gespeichert werden.
// Hinweis: Die Erstellung mit openssl scheint missbilligt zu werden -> Investigieren
// Erstellung durch sodium ist zuvor jedoch fehlgeschlagen (Extension problems)
$privateKeyobject = openssl_pkey_new(['private_key_bits' => 2048, 'private_key_type' => OPENSSL_KEYTYPE_RSA]);
openssl_pkey_export($privateKeyobject, $privateKey);
$keyDetails = openssl_pkey_get_details($privateKeyobject);
@ -63,6 +57,9 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
if ($conn->query($sql) === TRUE) {
echo "<h1>ACCOUNT ERFOLGREICH EINGERICHTET\nSCHLIEẞEN SIE DIESEN TAB UMGEHEND!</h1>";
include 'welcomeSend.php';
start($uid, $uname, $username);
header("Location: /smzint/Messages/");
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
@ -86,10 +83,10 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
<form action="init.php" method="post">
<label for="username">Benutzername:</label><br>
<input type="text" id="username" name="username" required>
<span class="error">* <?php echo $nameErr;?></span><br>
<span class="error">*<mark> <?php echo $nameErr;?></mark></span><br>
<label for="username">Aktuelles Auth Passwort:</label><br>
<input type="password" id="password" name="password" required>
<span class="error">* <?php echo $passwdErr;?></span><br>
<span class="error">*<mark> <?php echo $passwdErr;?></mark></span><br>
<input type="submit">
</form>
</div>

1
keyGrab.php
View file

@ -5,6 +5,7 @@
*/
include('../Auth/index.php');
include('ready.php');
function grabPublicKey($uid){
global $dbservername;

3
read.php
View file

@ -5,6 +5,7 @@
*/
include('../Auth/index.php');
include('ready.php');
$id = filter_var($_POST["id"], FILTER_SANITIZE_STRING);
$upassword = filter_var($_POST["upass"], FILTER_SANITIZE_STRING);
@ -74,7 +75,7 @@ function decrypt($aeskey, $body, $iv){
}
// Nachricht mit AES entschlüsseln
$decryptedMessage = openssl_decrypt(base64_decode($body), 'aes-256-cbc', $decryptedAesKey, 0, base64_decode($iv));
$decryptedMessage = openssl_decrypt(base64_decode($body), 'aes-128-cbc', $decryptedAesKey, 0, base64_decode($iv));
echo $decryptedMessage;
}

10
ready.php
View file

@ -6,8 +6,6 @@
include('../Auth/index.php');
include('../Auth/db.ini.php');
$conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
@ -17,15 +15,13 @@ $sql = "SELECT * FROM smz_messages_users WHERE uid='$uid'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$unique_name = $row["unique_name"];
$f_name = $row["f_name"];
$l_name = $row["l_name"];
$phone = $row["phone"];
$unique_name = $row["username"];
$init_date = $row["init_date"];
return true;
}
} else {
return false;
echo("Ihr Account wurde noch nicht für Messages eingerichtet.");
header("Location: /smzint/Messages/init.php");
}
$conn->close();

15
send.php
View file

@ -5,6 +5,7 @@
*/
include('../Auth/index.php');
include('ready.php');
$by = filter_var($_POST["by"], FILTER_SANITIZE_STRING);
$receiver = filter_var($_POST["receiver"], FILTER_SANITIZE_STRING);
@ -90,8 +91,8 @@ $sender_key = grabPublicKey($uid);
$receiver_key = grabPublicKey($receiver);
$aesKey = openssl_random_pseudo_bytes(32);
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc'));
$encryptedBody = openssl_encrypt($body, 'aes-256-cbc', $aesKey, 0, $iv);
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-128-cbc'));
$encryptedBody = openssl_encrypt($body, 'aes-128-cbc', $aesKey, 0, $iv);
$encryptedAesKey = '';
@ -110,16 +111,6 @@ $encryptedAesKeyBase64EXT = base64_encode($encryptedAesKeyEXTERNAL);
$encryptedAesKeyBase64INT = base64_encode($encryptedAesKeyINTERNAL);
$ivBase64 = base64_encode($iv);
// $encryptedINTERNAL = openssl_public_encrypt($body, $encryptedBodyINTERNAL, $sender_key, OPENSSL_PKCS1_PADDING);
// $encryptedEXTERNAL = openssl_public_encrypt($body, $encryptedBodyEXTERNAL, $receiver_key, OPENSSL_PKCS1_PADDING);
// if ($encryptedINTERNAL === false) {
// die("Fehler beim Verschlüsseln (internal): " . openssl_error_string());
// }
// if ($encryptedEXTERNAL === false) {
// die("Fehler beim Verschlüsseln (external): " . openssl_error_string());
// }
pushData($messageId, $encryptedMessageBase64, $ivBase64, $encryptedAesKeyBase64INT, $encryptedAesKeyBase64EXT);
echo "<h1>ERFOLG</1>";
?>