Added a way to see the last IP that accessed the key

2022-01-21 17:15:36 -05:00
parent 9a7efa94c3
commit aba0757df1
7 changed files with 21 additions and 13 deletions
--- a/html/api/key.php
+++ b/html/api/key.php
@@ -12,7 +12,7 @@ if (array_key_exists("get", $_GET)) {
    $cookie = $USERNAME;
    $cookie .= rand();
    $cookie = sanitize(substr(sha1($cookie), 5));
-    dbCommand("INSERT INTO cookies VALUES ('$cookie', '$USERNAME', $expire)");
+    dbCommand("INSERT INTO cookies VALUES ('$cookie', '$USERNAME', $expire, '$address')");
    echo "Created new session";
 } else {
    http_response_code(400);
--- a/html/api/login.php
+++ b/html/api/login.php
@@ -46,7 +46,7 @@ if (array_key_exists("username", $_POST) and array_key_exists("type", $_POST) an
            $Cookie = $USERNAME;
            $Cookie .= rand();
            $Cookie = sanitize(substr(sha1($Cookie), 5));
-            $CookieForDB = [$Cookie, $USERNAME, $Time];
+            $CookieForDB = [$Cookie, $USERNAME, $Time, $address];
            dbAdd($CookieForDB, "cookies");
            setcookie("user", $Cookie, time() + 600, "/");
            echo json_encode($Cookie);
--- a/html/include/functions.php
+++ b/html/include/functions.php
@@ -279,6 +279,8 @@ if (array_key_exists("user", $_COOKIE)) {
  $COOKIEID = $_COOKIE["user"];
  $USERNAME = dbRequest("username", "cookies", "cookie", $COOKIEID, 0);
  if ($USERNAME) {
+    // Makes sure that the database knows who last accessed that session
+    dbCommand("UPDATE cookies SET lastIP='$address' WHERE cookie='$COOKIEID'");
    setcookie("user", $COOKIEID, time() + 600, "/");
    $USERNAME = $USERNAME[0];
    $PRIVILEGES = dbRequest("privilege", "privileges", "username", $USERNAME, 0);
--- a/html/logTypes.json
+++ b/html/logTypes.json
@@ -94,14 +94,14 @@
        "name": "Backup created",
        "color": "#009966"
    },
-    {
-        "type": "20",
-        "name": "Backup deleted",
-        "color": "#009966"
-    },
    {
        "type": "19",
        "name": "Update",
        "color": "#00ff00"
+    },
+    {
+        "type": "20",
+        "name": "Backup deleted",
+        "color": "#009966"
    }
 ]
--- a/html/usermenu/key.js
+++ b/html/usermenu/key.js
@@ -3,7 +3,7 @@ function updateKey() { // Used to update the keys and session data
    
    ajax.onload = function() {
        if (ajax.status == 200) {
-            let text = "<tr><th>Key</th><th>Expiration</th></tr>";
+            let text = "<tr><th>Key</th><th>Previous IP</th><th>Expiration</th></tr>";
            Object.values(JSON.parse(this.responseText)).forEach(element => {
                if (element["expire"] == 0) {
                    expireText = "never"
@@ -11,7 +11,7 @@ function updateKey() { // Used to update the keys and session data
                    let date = new Date(element["expire"]*1000);
                    expireText = `${date.getHours()}:${date.getMinutes()}:${date.getSeconds()} at ${date.getMonth()+1}-${date.getDate()}-${date.getFullYear()}`;
                }
-                text += `<tr id='${element["cookie"]}' ><td>${element["cookie"]}</td><td>${expireText}</td><td><button onclick='revoke("${element["cookie"]}")'>Revoke</button></td></tr>`;
+                text += `<tr id='${element["cookie"]}' ><td>${element["cookie"]}</td><td>${element["lastIP"]}</td><td>${expireText}</td><td><button onclick='revoke("${element["cookie"]}")'>Revoke</button></td></tr>`;
            });
            $("#keys").html(text);
        } else {
--- a/html/usermenu/key.php
+++ b/html/usermenu/key.php
@@ -26,7 +26,7 @@
        <table>
            <tbody id='keys'>
                <tr>
-                    <th>Key</th><th>Expiration</th>
+                    <th>Key</th><th>Previous IP</th><th>Expiration</th>
                </tr>
            </tbody>
        </table>
--- a/python/database.py
+++ b/python/database.py
@@ -159,7 +159,7 @@ def repair():  # Repairs all tables
    updatedVersions = []
    databaseDict = {
        "information" : [["pointer", 0], ["data", 0]],
-        "cookies": [["cookie", 0], ["username", 0], ["expire", 1]],
+        "cookies": [["cookie", 0], ["username", 0], ["expire", 1], ["lastIP", 0]],
        "internet": [
            ["hour", 1],
            ["minute", 1],
@@ -239,12 +239,18 @@ def repair():  # Repairs all tables
                changedTables.append(name)
        elif name == "information": # Used to check the information table to see if the database can be updated in a better way.
            version = trueSearch("SELECT data FROM information WHERE pointer='version'")
-            latestVersion = "v1.0"
            try: # In here you can update the version to a new version
                versionNumber = version[0][0]
+                if versionNumber == "v1.0":
+                    command("ALTER TABLE cookies ADD lastIP varchar(255) NULL")
+                    version = "v1.1"
+                    updatedVersions.append("v1.1")
+                # Fixes the version if it is invalid to the latest version
+                if version != "v1.1":
+                    version = "v1.1"
            except:
                1
            command("DELETE FROM information WHERE pointer='version'")
-            command(f"INSERT INTO information VALUES('version', '{latestVersion}')")
+            command(f"INSERT INTO information VALUES('version', '{version}')")
    db2.close()
    return changedTables, updatedVersions