. * * index.php * * Actitude home page. * * @author Daniele Bonini * @copyrights (c) 2021, 2024, 5 Mode */ require "init.inc"; $signHistory = []; $cmd = PHP_STR; $opt = PHP_STR; $param1 = PHP_STR; $param2 = PHP_STR; $param3 = PHP_STR; $curLocale = APP_LOCALE; $lastSign = PHP_STR; function showHistory() { global $signHistory; global $curPath; global $CONFIG; global $curLocale; global $LOCALE; global $lastSign; global $password; $m = 1; foreach($signHistory as $val) { $val = rtrim($val, "\n"); $ipos=mb_stripos($val, "|"); $myname = left($val,$ipos); $ipos2=mb_strripos($val, "|"); $myplace = substr($val, $ipos+1, (($ipos2 - $ipos) - 1)); $aflag = substr($val, $ipos2+1, 1); // If I'm in admin if ($password !== PHP_STR) { $adminFnc = PHP_STR; if ($aflag === "u") { $adminFnc = ""; } else { $adminFnc = ""; } echo("".$myname.",".PHP_SPACE.$myplace."   ".$adminFnc."
"); // If I'm not in admin } else { if ($aflag !== "u") { echo("".$myname.",".PHP_SPACE.$myplace."
"); } } $m++; } } function updateHistory(&$update, $maxItems) { global $signHistory; global $curPath; // Making enough space in $signHistory for the update.. $shift = (count($signHistory) + count($update)) - $maxItems; if ($shift > 0) { $signHistory = array_slice($signHistory, $shift, $maxItems); } // Adding $signHistory update.. if (count($update) > $maxItems) { $beginUpd = count($update) - ($maxItems-1); } else { $beginUpd = 0; } $update = array_slice($update, $beginUpd, $maxItems); foreach($update as $val) { $signHistory[] = $val; } // Writing out $signHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".ACT_history"; file_put_contents($filepath, implode('', $signHistory)); } function updatecaptchaHistory(&$update) { global $captchaHistory; global $curPath; foreach($update as $val) { $captchaHistory[] = $val; } // Writing out $captchaHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".ACT_captchahistory"; file_put_contents($filepath, implode('', $captchaHistory)); } function parseCommand() { global $command; global $cmd; global $opt; global $param1; global $param2; global $param3; $str = trim($command); $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $cmd = left($str, $ipos); $str = substr($str, $ipos+1); } else { $cmd = $str; return; } if (left($str, 1) === "-") { $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $opt = left($str, $ipos); $str = substr($str, $ipos+1); } else { $opt = $str; return; } } if (left($str, 1) === "'") { $ipos = stripos($str, "'", 1); if ($ipos > 0) { $param1 = substr($str, 0, $ipos+1); $str = substr($str, $ipos+1); } else { $param1 = $str; return; } } else { $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $param1 = left($str, $ipos); $str = substr($str, $ipos+1); } else { $param1 = $str; return; } } $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $param2 = left($str, $ipos); $str = substr($str, $ipos+1); } else { $param2 = $str; return; } $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $param3 = left($str, $ipos); $str = substr($str, $ipos+1); } else { $param3 = $str; return; } } function signParamValidation() { global $opt; global $param1; global $param2; global $param3; global $name; global $place; global $captchacount; global $captchasign; global $captchaHistory; //opt!="" if ($opt!==PHP_STR) { echo("WARNING: invalid options
"); return false; } //param1=="" if ($param1!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param2=="" if ($param2!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param3=="" if ($param3!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //name!="" if ($name===PHP_STR || strlen($name)<3) { //echo("WARNING: invalid name
"); return false; } //place!="" if ($place===PHP_STR || strlen($place)<3) { //echo("WARNING: invalid place
"); return false; } $rescaptcha1=$captchacount>=4; $rescaptcha2=count(array_filter($captchaHistory, "odd")) > (APP_MAX_FROM_IP - 1); if ($rescaptcha1) { echo("WARNING: captcha expired #1
"); } if ($rescaptcha2) { echo("WARNING: captcha expired #2
"); } if ($rescaptcha1 || $rescaptcha2) { return false; } return true; } function odd($val) { global $captchasign; return rtrim($val,"\n") == $captchasign; } function myExecSignCommand() { global $name; global $place; global $curPath; global $lastMessage; global $captchacount; global $captchasign; global $captchaHistory; $newSign = HTMLencodeF($name,false) . "|" . HTMLencodeF($place,false) . "|u"; //echo("array_filter=".count(array_filter($captchaHistory, "odd"))."
"); //echo("new_sign?=".((hash("sha256", $newSign . APP_SALT, false) !== $lastMessage)?"true":"false")."
"); if (hash("sha256", $newSign . APP_SALT, false) !== $lastMessage) { // Updating message history.. $output = []; $output[] = $newSign . "\n"; updateHistory($output, HISTORY_MAX_ITEMS); // Updating captcha history.. $output = []; $output[] = $captchasign . "\n"; updatecaptchaHistory($output); $lastMessage = hash("sha256", $newSign . APP_SALT, false); } } function confParamValidation() { global $opt; global $param1; global $param2; global $param3; global $signHistory; //opt!="" if ($opt!==PHP_STR) { echo("WARNING: invalid options
"); return false; } $myval = trim($param1,"'"); //param1!="" if ($myval===PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param1 in $signHistory if (!in_array($myval."\n",$signHistory)) { echo("WARNING: invalid parameters
"); return false; } //param2=="" if ($param2!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param3=="" if ($param3!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } return true; } function myExecConfSignCommand() { global $param1; global $signHistory; global $curPath; $mysign = trim($param1,"'"); if ($signHistory) { //echo("inside myExecConfSignCommand()"); $newval = left($mysign, strlen($mysign)-2) . "|v"; $key = array_search($mysign."\n", $signHistory); if ($key !== false) { $signHistory[$key] = $newval . "\n"; // Writing out $signHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".ACT_history"; file_put_contents($filepath, implode('', $signHistory)); } } } function delParamValidation() { global $opt; global $param1; global $param2; global $param3; global $signHistory; //opt!="" if ($opt!==PHP_STR) { echo("WARNING: invalid options
"); return false; } $myval = trim($param1,"'"); //param1!="" if ($myval===PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param1 in $signHistory if (!in_array($myval."\n",$signHistory)) { echo("WARNING: invalid parameters
"); return false; } //param2=="" if ($param2!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param3=="" if ($param3!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } return true; } function myExecDelSignCommand() { global $param1; global $signHistory; global $curPath; $mysign = trim($param1,"'"); if ($signHistory) { //echo("inside myExecDelSignCommand()"); $newval = left($mysign, strlen($mysign)-2) . "|u"; $key = array_search($mysign."\n", $signHistory); if ($key !== false) { $signHistory[$key] = $newval . "\n"; // Writing out $signHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".ACT_history"; file_put_contents($filepath, implode('', $signHistory)); } } } $curPath = APP_DATA_PATH; chdir($curPath); $signHistory = file($curPath . DIRECTORY_SEPARATOR . ".ACT_history"); $captchaHistory = file($curPath . DIRECTORY_SEPARATOR . ".ACT_captchahistory"); $password = filter_input(INPUT_POST, "Password"); if ($password==PHP_STR) { $password = filter_input(INPUT_POST, "Password2"); } $command = filter_input(INPUT_POST, "CommandLine"); //$pwd = filter_input(INPUT_POST, "pwd"); $hideSplash = filter_input(INPUT_POST, "hideSplash"); $hideHCSplash = filter_input(INPUT_POST, "hideHCSplash"); $name = filter_input(INPUT_POST, "name"); $place = filter_input(INPUT_POST, "place"); $captchasign = hash("sha256", $_SERVER["REMOTE_ADDR"] . date("Y") . APP_SALT, false); $lastMessage = filter_input(INPUT_POST, "last_message"); $totsigns = count($signHistory); //print_r($totsigns); //exit(0); if ($totsigns > 0) { $lastMessage = hash("sha256", rtrim($signHistory[$totsigns-1],"\n") . APP_SALT, false); } $captchacount = (int)filter_input(INPUT_POST, "captcha_count"); //if ($captchacount === 0) { // $captchacount = 1; //} if ($password !== PHP_STR) { $hash = hash("sha256", $password . APP_SALT, false); if ($hash !== APP_HASH) { $password=PHP_STR; } } parseCommand($command); //echo("cmd=" . $cmd . "
"); //echo("opt=" . $opt . "
"); //echo("param1=" . $param1 . "
"); //echo("param2=" . $param2 . "
"); if ($password !== PHP_STR) { if (mb_stripos(CMDLINE_VALIDCMDS, "|" . $command . "|")) { if ($cmd === "sign") { $captchacount = $captchacount + 1; if (signParamValidation()) { myExecSignCommand(); } } else if ($command === "refresh") { // refreshing Msg Board.. } } else if (mb_stripos(CMDLINE_VALIDCMDS, "|" . $cmd . "|")) { if ($cmd === "del") { if (delParamValidation()) { myExecDelSignCommand(); } } else if ($cmd === "conf") { if (confParamValidation()) { myExecConfSignCommand(); } } } else { } } else { if (mb_stripos(CMDLINE_VALIDCMDS, "|" . $command . "|")) { if ($cmd === "sign") { $captchacount = $captchacount + 1; if (signParamValidation()) { myExecSignCommand(); } } } } ?> <?php echo(APP_TITLE); ?>
 Actitude       on github      for feedback       get support  
 
 
Hello and welcome to Actitude!

Actitude is a light and simple software on premise to get registrations to events or support.

Actitude is released under GPLv3 license, it is supplied AS-IS and we do not take any responsibility for its misusage.

Actitude name comes from a prank between two words: "active" meaning our positive way to do stuff and "attitude".

First step, use the left side panel password and salt fields to create the hash to insert in the config file. Remember to manually set there also the salt value.

As you are going to run Actitude in the PHP process context, using a limited web server or phpfpm user, you must follow some simple directives for an optimal first setup:
  1. Check the permissions of your "data" folder in your web app private path; and set its path in the config file.
  2. In the data path create a ".ACT_history" and ".ACT_captchahistory" files and give them the write permission.
  3. Finish to setup the configuration file apporpriately, in the specific:
    • Configure the APP_USE and APP_CONTEXT appropriately.
    • Configure the DISPLAY attributes as required.
    • Configure the max history items as required (default: 1000).

Hope you can enjoy it and let us know about any feedback: my25mb@aol.com


 













Powered by Actitude