junior/ComicsViewer
junior/ComicsViewer
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make sure all ajax calls properly redirect to login page when required

Browse Source
This commit is contained in:
Junior 2024-10-17 10:55:21 -04:00
parent 4577aa5e16
commit d593369c14
6 changed files with 68 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ajax/getfoldercontents.php
View File

@ -2,7 +2,20 @@
require '../header.php'; require '../header.php';
require_login(); $validated = require_login();
$data = array();
$data["error"] = false;
$data["message"] = "";
$data["validated"] = $validated;
if ( !$validated ) {
$data["error"] = true;
$data["message"] = "Clients must validate accounts";
header('Content-Type: application/json');
echo json_encode($data);
exit();
}
# usort function for sorting by array's "mtime" # usort function for sorting by array's "mtime"
# Return 1 or -1 in reverse order so newest is first # Return 1 or -1 in reverse order so newest is first
@ -36,7 +49,6 @@ while ( $row = $sth->fetch(PDO::FETCH_ASSOC) ) {
if ( !in_array($row['issue'], $issues_read) ) $issues_read[] = $row['issue']; if ( !in_array($row['issue'], $issues_read) ) $issues_read[] = $row['issue'];
} }
$data = array();
$folders = array(); $folders = array();
$issues = array(); $issues = array();
$entries = scandir($fullcompath); $entries = scandir($fullcompath);

13
ajax/setpage.php
View File

@ -1,9 +1,20 @@
<?php <?php
require '../header.php'; require '../header.php';
require_login(); $validated = require_login(NOREDIRECT);
$data = array(); $data = array();
$data["error"] = false;
$data["message"] = "";
$data["validated"] = $validated;
if ( !$validated ) {
$data["error"] = true;
$data["message"] = "Clients must validate accounts";
header('Content-Type: application/json');
echo json_encode($data);
exit();
}
if ( !isset($_REQUEST['page']) ) { if ( !isset($_REQUEST['page']) ) {
exit(); exit();

11
ajax/setpath.php
View File

@ -2,13 +2,22 @@
require "../header.php"; require "../header.php";
require_login(); $validated = require_login(NOREDIRECT);
if ( !isset($_REQUEST['path']) ) exit(); if ( !isset($_REQUEST['path']) ) exit();
$data = array(); $data = array();
$data["error"] = false; $data["error"] = false;
$data["message"] = ""; $data["message"] = "";
$data["validated"] = $validated;
if ( !$validated ) {
$data["error"] = true;
$data["message"] = "Clients must validate accounts";
header('Content-Type: application/json');
echo json_encode($data);
exit();
}
$newpath = urldecode($_REQUEST['path']); $newpath = urldecode($_REQUEST['path']);

17
ajax/showcomic.php
View File

@ -2,7 +2,20 @@
require '../header.php'; require '../header.php';
require_login(); $validated = require_login(NOREDIRECT);
$data = array();
$data["error"] = false;
$data["message"] = "";
$data["validated"] = $validated;
if ( !$validated ) {
$data["error"] = true;
$data["message"] = "Clients must validate accounts";
header('Content-Type: application/json');
echo json_encode($data);
exit();
}
if ( isset($_REQUEST['comic']) ) { if ( isset($_REQUEST['comic']) ) {
$comicfull = realpath(COMICSDIR . base64_decode(urldecode($_REQUEST['comic']))); $comicfull = realpath(COMICSDIR . base64_decode(urldecode($_REQUEST['comic'])));
@ -18,8 +31,6 @@ if ( isset($_REQUEST['comic']) ) {
$ext = strtolower(substr($comicfull, -3)); $ext = strtolower(substr($comicfull, -3));
$_SESSION['comfile'] = basename($comicfull); $_SESSION['comfile'] = basename($comicfull);
$data = array();
// Get the current page for this comic or 0 (zero) if never opened // Get the current page for this comic or 0 (zero) if never opened
$query = "SELECT currentpage FROM pagetracker WHERE username=:username AND issue=:issue"; $query = "SELECT currentpage FROM pagetracker WHERE username=:username AND issue=:issue";
$fields = array(); $fields = array();

13
authfunctions.php
View File

@ -5,15 +5,20 @@
// user login is required. Feel free to change the logic between // user login is required. Feel free to change the logic between
// the lines indicated below. // the lines indicated below.
// //
function require_login () { define("NOREDIRECT", false);
if ( !$_SESSION['validated'] ) { function require_login ($redirect = true) {
if ( !is_bool($redirect) ) exit();
if ( !$_SESSION['validated'] && $redirect ) {
// ******** START OF AUTH LOGIC ******** // ******** START OF AUTH LOGIC ********
$_SESSION['appurl'] = $_SERVER['REQUEST_URI']; $_SESSION['appurl'] = $_SERVER['REQUEST_URI'];
header('Location: /jajauth/login.php'); header('Location: /jajauth/login.php');
exit(); exit();
// ********* END OF AUTH LOGIC ********* // ********* END OF AUTH LOGIC *********
} elseif ( !$_SESSION['validated'] && !$redirect ) {
return false;
} elseif ( $_SESSION['validated'] ) {
return true;
} }
} }
// vim: set ts=3 sw=3:
?>

9
js/comics.js
View File

@ -10,6 +10,11 @@ $(document).ready(function() {
var lightbox = null; var lightbox = null;
function redirectToLogin() {
console.log("Redirecting for login...");
window.location.replace("index.php");
}
function getFolderContents() { function getFolderContents() {
$("#list").html(""); $("#list").html("");
toastr.info("Loading folder contents. Comics containing a large number of issues, or issues with a large number of pages, that have not been opened recently may take some time to load. Thank you for your patience!", "Loading Contents...", {timeOut: 15000}); toastr.info("Loading folder contents. Comics containing a large number of issues, or issues with a large number of pages, that have not been opened recently may take some time to load. Thank you for your patience!", "Loading Contents...", {timeOut: 15000});
@ -17,6 +22,7 @@ function getFolderContents() {
url : 'ajax/getfoldercontents.php', url : 'ajax/getfoldercontents.php',
dataType : 'json', dataType : 'json',
success : function(data, stat, jqo) { success : function(data, stat, jqo) {
if ( !data.validated ) redirectToLogin();
curpath = data.compath; curpath = data.compath;
updatePathNavigator(); updatePathNavigator();
data.contents.forEach(function(entry, index) { data.contents.forEach(function(entry, index) {
@ -48,6 +54,7 @@ function changeFolder(name, path) {
dataType : 'json', dataType : 'json',
success : function(data, stat, jqo) { success : function(data, stat, jqo) {
console.log(data.message); console.log(data.message);
if ( !data.validated ) redirectToLogin();
curpath = path; curpath = path;
parentpath = data.parentpath; parentpath = data.parentpath;
foldername = data.foldername; foldername = data.foldername;
@ -63,6 +70,7 @@ function updateCurrentPage() {
data : {page: currentPage}, data : {page: currentPage},
dataType : 'json', dataType : 'json',
success : function(data, stat, jqo) { success : function(data, stat, jqo) {
if ( !data.validated ) redirectToLogin();
console.log(data.message); console.log(data.message);
} }
}); });
@ -82,6 +90,7 @@ function showComic(comic, name) {
data : {comic: comic}, data : {comic: comic},
dataType : 'json', dataType : 'json',
success : function(data, stat, jqo) { success : function(data, stat, jqo) {
if ( !data.validated ) redirectToLogin();
// Clear out the debug DIV and start the fancybox. // Clear out the debug DIV and start the fancybox.
$("#debug").html(""); $("#debug").html("");
lightbox = SimpleLightbox.open({ lightbox = SimpleLightbox.open({