Create and use switchToFormProcess() and success()

2022-05-31 17:31:48 +02:00 · 2022-05-31 17:31:48 +02:00 · eadc2d44e3
parent cd082e8719
commit eadc2d44e3
16 changed files with 266 additions and 355 deletions
--- a/common/init.php
+++ b/common/init.php
@ -15,15 +15,30 @@ if (SERVICE !== "")
 // Page titles definition
 require "pages.php";

+function success($msg) {
+	echo "<p><strong>Succès</strong> : <em>" . $msg . "</em></p>";
+	closeHTML();
+}
+
+// When the user requests something unexpected
 function userError($msg) {
 	http_response_code(403);
 	echo "<p><strong>Erreur utilisataire</strong> : <em>" . $msg . "</em></p>";
 	closeHTML();
 }

+// When the system did something unexpected
 function serverError($msg) {
 	http_response_code(500);
 	error_log("Niver internal error: " . strip_tags($msg));
 	echo "<p><strong>Server error</strong>: The server encountered an error: <em>" . $msg . "</em></p>";
 	closeHTML();
 }
+
+// For use in pages that first display a form and then process it
+function switchToFormProcess($requireLogin = true) {
+	if (empty($_POST))
+		closeHTML();
+	if ($requireLogin AND !isset($_SESSION['username']))
+		userError("Vous devez être connecté·e pour effectuer cette action.");
+}
--- a/public/ht/http-onion.php
+++ b/public/ht/http-onion.php
@ -28,7 +28,7 @@ if (isset($_SESSION['username'])) {

 <?php

-if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
+switchToFormProcess();

 if ($dirsStatuses[$_POST['dir']] !== false)
 	userError("Wrong value for <code>dir</code>.");
@ -73,10 +73,4 @@ HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
 addNiverLog("Nginx reloaded by " . $_SESSION['username'], $output);

 // Tell the user their site address
-	echo "<p>L'adresse de votre site Onion HTTP est :<br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";
-
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("L'adresse de votre service Onion HTTP est : <a href='http://" . $onion . "/'<code>http://" . $onion . "/</code></a>");
--- a/public/ht/https-domain.php
+++ b/public/ht/https-domain.php
@ -34,7 +34,7 @@ if (isset($_SESSION['username'])) {

 <?php

-if (isset($_POST['domain']) AND isset($_POST['dir']) AND isset($_SESSION['username'])) {
+switchToFormProcess();

 checkDomainFormat($_POST['domain']);

@ -60,9 +60,4 @@ if (isset($_POST['domain']) AND isset($_POST['dir']) AND isset($_SESSION['userna
 // Reload Nginx
 exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx");

-	echo "Accès HTTP par domaine ajouté sur ce dossier !";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Accès HTTP par domaine ajouté sur ce dossier !");
--- a/public/ht/le.php
+++ b/public/ht/le.php
@ -20,7 +20,7 @@

 <?php

-if (isset($_POST['domain']) AND isset($_SESSION['username'])) {
+switchToFormProcess();

 exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['certbot_path'] . " certonly --dry-run --test-cert --webroot --webroot-path /srv/acme --register-unsafely-without-email --agree-tos --domain " . $_POST['domain'], $output, $returnCode);

@ -38,15 +38,10 @@ if (isset($_POST['domain']) AND isset($_SESSION['username'])) {
 file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $conf);

 // Reload Nginx
-	exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx reload", $output, $returnCode);
+exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", $output, $returnCode);

 // Abort if Nginx reload failed
 if ($returnCode !== 0)
 	serverError("Nginx configuration reload failed.");

-	echo "Succès : La connexion avec votre site utilise désomais un certificat TLS émis par Let's Encrypt.";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("La connexion avec votre site utilise désomais un certificat TLS émis par Let's Encrypt.");
--- a/public/ns/caa.php
+++ b/public/ns/caa.php
@ -22,11 +22,8 @@

 <?php

-if (nsCommonRequirements()
-		AND isset($_POST['flag'])
-		AND isset($_POST['tag'])
-		AND isset($_POST['value'])
-	) {
+switchToFormProcess();
+

 $values = nsParseCommonRequirements();

@ -48,11 +45,4 @@ if (nsCommonRequirements()
 	$_POST['value']
 ));

-	echo "Enregistrement ajouté";
-}
-
-
-
-?>
-
-<?php closeHTML(); ?>
+success("Enregistrement ajouté");
--- a/public/ns/ip.php
+++ b/public/ns/ip.php
@ -13,9 +13,8 @@
 </form>

 <?php
-if (nsCommonRequirements()
-		AND isset($_POST['ip'])
-	) {
+
+switchToFormProcess();

 $values = nsParseCommonRequirements();

@ -28,9 +27,4 @@ if (nsCommonRequirements()
 	$_POST['ip']
 ));

-	echo "Enregistrement ajouté";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Enregistrement ajouté");
--- a/public/ns/mx.php
+++ b/public/ns/mx.php
@ -22,10 +22,7 @@

 <?php

-if (nsCommonRequirements()
-		AND isset($_POST['priority'])
-		AND isset($_POST['host'])
-	) {
+switchToFormProcess();

 $values = nsParseCommonRequirements();

@ -42,9 +39,4 @@ if (nsCommonRequirements()
 	$_POST['host']
 ));

-	echo "Enregistrement ajouté";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Enregistrement ajouté");
--- a/public/ns/ns.php
+++ b/public/ns/ns.php
@ -11,9 +11,8 @@
 </form>

 <?php
-if (nsCommonRequirements()
-		AND isset($_POST['ns'])
-	) {
+
+switchToFormProcess();

 $values = nsParseCommonRequirements();

@ -26,9 +25,4 @@ if (nsCommonRequirements()
 	$_POST['ns']
 ));

-	echo "Enregistrement ajouté";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Enregistrement ajouté");
--- a/public/ns/srv.php
+++ b/public/ns/srv.php
@ -34,12 +34,7 @@

 <?php

-if (nsCommonRequirements()
-		AND isset($_POST['priority'])
-		AND isset($_POST['weight'])
-		AND isset($_POST['port'])
-		AND isset($_POST['target'])
-	) {
+switchToFormProcess();

 $values = nsParseCommonRequirements();

@ -64,9 +59,4 @@ if (nsCommonRequirements()
 	$_POST['target']
 ));

-	echo "Enregistrement ajouté";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Enregistrement ajouté");
--- a/public/ns/sshfp.php
+++ b/public/ns/sshfp.php
@ -35,10 +35,7 @@

 <?php

-if (nsCommonRequirements()
-		AND isset($_POST['algo'])
-		AND isset($_POST['fp'])
-	) {
+switchToFormProcess();

 $values = nsParseCommonRequirements();

@ -60,9 +57,4 @@ if (nsCommonRequirements()
 	$_POST['fp']
 ));

-	echo "Enregistrement ajouté";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Enregistrement ajouté");
--- a/public/ns/tlsa.php
+++ b/public/ns/tlsa.php
@ -44,12 +44,7 @@

 <?php

-if (nsCommonRequirements()
-		AND isset($_POST['use'])
-		AND isset($_POST['selector'])
-		AND isset($_POST['type'])
-		AND isset($_POST['content'])
-	) {
+switchToFormProcess();

 $values = nsParseCommonRequirements();

@ -75,11 +70,4 @@ if (nsCommonRequirements()
 	$_POST['content']
 ));

-	echo "Enregistrement ajouté";
-}
-
-
-
-?>
-
-<?php closeHTML(); ?>
+success("Enregistrement ajouté");
--- a/public/ns/txt.php
+++ b/public/ns/txt.php
@ -11,9 +11,8 @@
 </form>

 <?php
-if (nsCommonRequirements()
-		AND isset($_POST['txt'])
-	) {
+
+switchToFormProcess();

 $values = nsParseCommonRequirements();

@ -27,9 +26,4 @@ if (nsCommonRequirements()
 	"\"" . $_POST['txt'] . "\""
 ));

-	echo "Enregistrement ajouté";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Enregistrement ajouté");
--- a/public/reg/ds.php
+++ b/public/reg/ds.php
@ -64,7 +64,7 @@ foreach($domains as $domain)

 <?php

-if (isset($_POST['zone']) AND isset($_POST['keytag']) AND isset($_POST['algo']) AND isset($_POST['key']) AND isset($_SESSION['username'])) {
+switchToFormProcess();

 if (
 	($_POST['algo'] !== "8")
@ -97,9 +97,4 @@ if (isset($_POST['zone']) AND isset($_POST['keytag']) AND isset($_POST['algo'])
 	$_POST['key']
 ));

-	echo "La requête a été envoyée à Knot";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("La requête a été envoyée à Knot");
--- a/public/reg/glue.php
+++ b/public/reg/glue.php
@ -37,7 +37,7 @@ if (isset($_SESSION['username']))

 <?php

-if (isset($_POST['action']) AND isset($_POST['subdomain']) AND isset($_POST['suffix']) AND isset($_POST['ip']) AND isset($_SESSION['username'])) {
+switchToFormProcess();

 regCheckDomainPossession($_POST['suffix']);

@ -50,15 +50,10 @@ if (isset($_POST['action']) AND isset($_POST['subdomain']) AND isset($_POST['suf
 $publicSuffix = regGetUpperDomain($_POST['suffix']);

 knotcExec($publicSuffix, array(
-		$domain
+	$domain,
 	CONF['reg']['ttl'],
 	$record,
 	$_POST['ip']
 ));

-	echo "Glue record ajouté";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Glue record ajouté");
--- a/public/reg/ns.php
+++ b/public/reg/ns.php
@ -11,13 +11,11 @@
 	<br>
 	<select required="" name="domain" id="domain">
 		<option value="" disabled="" selected="">---</option>
-
 <?php
-
 foreach(regListUserDomains($_SESSION['username']) as $suffix)
-				echo "				<option value='" . $suffix . "'>." . $suffix . "</option>";
-
+	echo "		<option value='" . $suffix . "'>." . $suffix . "</option>\n";
 ?>
+
 	</select>
 	<br>
 	<label for="ns">Serveur de nom</label>
@ -29,7 +27,7 @@

 <?php

-if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns']) AND isset($_SESSION['username'])) {
+switchToFormProcess();

 regCheckDomainPossession($_POST['domain']);
 checkAbsoluteDomainFormat($_POST['ns']);
@ -43,9 +41,4 @@ if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns'])
 	$_POST['ns']
 ));

-	echo "Modification effectuée avec succès";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Modification effectuée avec succès");
--- a/public/reg/register.php
+++ b/public/reg/register.php
@ -15,7 +15,7 @@ Ce domaine doit être composé uniquement d'au moins 4 lettres latines non accen

 <?php

-if (isset($_POST['subdomain']) AND isset($_SESSION['username'])) {
+switchToFormProcess();

 if (preg_match("/" . CONF['reg']['subdomain_regex'] . "/", $_POST['subdomain']) !== 1)
 	userError("Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)");
@ -38,9 +38,4 @@ if (isset($_POST['subdomain']) AND isset($_SESSION['username'])) {

 $stmt->execute();

-	echo "Nouveau domaine enregistré";
-}
-
-?>
-
-<?php closeHTML(); ?>
+success("Modification effectuée avec succès");