. * * index.php * * StarWorth home page. * * @author Daniele Bonini * @copyrights (c) 2021, 2024, 5 Mode */ require "init.inc"; // echo("    " . time()); $contextType = PUBLIC_CONTEXT_TYPE; $signHistory = []; $cmd = PHP_STR; $opt = PHP_STR; $param1 = PHP_STR; $param2 = PHP_STR; $param3 = PHP_STR; $curLocale = APP_LOCALE; function doAging($param1) { global $signHistory; global $curPath; $mysign= trim($param1,"'"); $ret = $mysign; if ($signHistory) { $ipos = stripos($mysign, PHP_PIPE); $oldTimestamp = (int)left($mysign, $ipos); if ((time() -$oldTimestamp) > APP_MAX_AGE) { $newval = str_repeat("0",strlen(time())).PHP_PIPE.substr($mysign,$ipos+1); //echo("**$newval**"); $ret = $newval; $key = array_search($mysign."\n", $signHistory); if ($key !== false) { $signHistory[$key] = $newval . "\n"; // Writing out $signHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".SW_history"; file_put_contents($filepath, implode('', $signHistory)); } } } return $ret; } function showHistory() { global $signHistory; global $curPath; global $CONFIG; global $curLocale; global $LOCALE; global $password; global $contextType; $signHistoryCopy = $signHistory; rsort($signHistoryCopy); echo("
"); $m = 1; foreach($signHistoryCopy as $val) { $val = rtrim($val, "\n"); $val = doAging($val); $mytag = PHP_STR; $myccounter = PHP_STR; $mydate = PHP_STR; $mytime = PHP_STR; $mydesc = PHP_STR; $myflag = PHP_STR; $aFields = explode(PHP_PIPE, $val); $mytag = $aFields[0]??"0000"; $myccounter = (int)$aFields[1]??PHP_STR; $mydate = $aFields[2]??PHP_STR; $mytime = $aFields[3]??PHP_STR; $mydesc = $aFields[4]??PHP_STR; $myflag = $aFields[5]??PHP_STR; if ($mydate==PHP_STR && $mydesc==PHP_STR) { continue; } $mytag = date("Hi", $mytag); //right($mytag??"0000", 4); $mytag = left($mytag, 2).":".right($mytag, 2); $yesStar = ($mytag==="00:00")?false:true; $myccounter = left($myccounter,6); $mydesc = enableLinks($mydesc); // If I'm in admin if ($contextType === PERSONAL_CONTEXT_TYPE) { $star= PHP_STR; if ($yesStar) { $starFnc= "   "; } else { $starFnc = "   "; } $adminFnc = PHP_STR; if ($myflag === "u") { $adminFnc = ""; } else { $adminFnc = ""; } // Display event/calendar list echo(""); echo(""); echo(""); echo(""); echo(""); echo(""); echo(""); echo(""); echo("
"); echo("".$mydate.""); echo(""); echo("".$mytime.""); echo(""); echo("".$mydesc.""); echo(""); echo($starFnc); echo(""); echo($adminFnc); echo("
"); // If I'm not in admin } else { if ($myflag !== "u") { $star= PHP_STR; if ($yesStar) { $star= " (".$mytag.")"; } else { $star = ""; } // Display event list echo(""); echo(""); echo(""); echo(""); echo(""); echo(""); echo(""); echo("
"); echo("$star"); echo(""); echo("".$mydate.""); echo(""); echo("".$mytime.""); echo(""); echo("".$mydesc." (".$myccounter.")"); echo("
"); } } $m++; } echo("
"); } function updateHistory(&$update, $maxItems) { global $signHistory; global $curPath; // Making enough space in $signHistory for the update.. $shift = (count($signHistory) + count($update)) - $maxItems; if ($shift > 0) { $signHistory = array_slice($signHistory, $shift, $maxItems); } // Adding $signHistory update.. if (count($update) > $maxItems) { $beginUpd = count($update) - ($maxItems-1); } else { $beginUpd = 0; } $update = array_slice($update, $beginUpd, $maxItems); foreach($update as $val) { $signHistory[] = $val; } // Writing out $signHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".SW_history"; file_put_contents($filepath, implode('', $signHistory)); } function updatecaptchaHistory(&$update) { global $captchaHistory; global $curPath; foreach($update as $val) { $captchaHistory[] = $val; } // Writing out $captchaHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".SW_captchahistory"; file_put_contents($filepath, implode('', $captchaHistory)); } function parseCommand() { global $command; global $cmd; global $opt; global $param1; global $param2; global $param3; $str = trim($command); $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $cmd = left($str, $ipos); $str = substr($str, $ipos+1); } else { $cmd = $str; return; } if (left($str, 1) === "-") { $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $opt = left($str, $ipos); $str = substr($str, $ipos+1); } else { $opt = $str; return; } } if (left($str, 1) === "'") { $ipos = stripos($str, "'", 1); if ($ipos > 0) { $param1 = substr($str, 0, $ipos+1); $str = substr($str, $ipos+1); } else { $param1 = $str; return; } } else { $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $param1 = left($str, $ipos); $str = substr($str, $ipos+1); } else { $param1 = $str; return; } } $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $param2 = left($str, $ipos); $str = substr($str, $ipos+1); } else { $param2 = $str; return; } $ipos = stripos($str, PHP_SPACE); if ($ipos > 0) { $param3 = left($str, $ipos); $str = substr($str, $ipos+1); } else { $param3 = $str; return; } } function signParamValidation() { global $opt; global $param1; global $param2; global $param3; global $date; global $hour; global $min; global $desc; global $captchacount; global $captchasign; global $captchaHistory; //opt!="" if ($opt!==PHP_STR) { echo("WARNING: invalid options
"); return false; } //param1=="" if ($param1!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param2=="" if ($param2!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param3=="" if ($param3!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //date!="" if ($date===PHP_STR || strlen($date)<4) { //echo("WARNING: invalid date
"); return false; } if ($hour===PHP_STR || strlen($hour)>2) { //echo("WARNING: invalid hour
"); return false; } if ($min===PHP_STR || strlen($min)>2) { //echo("WARNING: invalid min
"); return false; } //place!="" if ($desc===PHP_STR || strlen($desc)<4) { //echo("WARNING: invalid desc
"); return false; } $rescaptcha1=$captchacount>=4; $rescaptcha2=count(array_filter($captchaHistory, "odd")) > (APP_MAX_FROM_IP - 1); //if ($rescaptcha1) { // echo("WARNING: captcha expired #1
"); //} //if ($rescaptcha2) { // echo("WARNING: captcha expired #2
"); //} ///if ($rescaptcha1 || $rescaptcha2) { //if ($rescaptcha1) { // return false; //} return true; } function odd($val) { global $captchasign; return rtrim($val,"\n") == $captchasign; } function myExecSignCommand() { global $date; global $hour; global $min; global $desc; global $curPath; global $lastMessage; global $captchacount; global $captchasign; global $captchaHistory; $newSign = time() . PHP_PIPE . "000001X" . PHP_PIPE . HTMLencodeF($date,false) . PHP_PIPE . HTMLencodeF($hour.":".((strlen($min)==1)?"0".$min:$min)) . PHP_PIPE . HTMLencodeF($desc,false) . "|v"; $newSignChk = HTMLencodeF($date,false) . PHP_PIPE . HTMLencodeF($hour.":".((strlen($min)==1)?"0".$min:$min)) . PHP_PIPE . HTMLencodeF($desc,false) . "|v"; $signHChk = file($curPath . DIRECTORY_SEPARATOR . ".SW_history"); $lastMsgChk = $signHChk[count($signHChk)-1]; $doubleChk = (stripos($lastMsgChk,"|$desc|")===false)?false:true; if (hash("sha256", $newSignChk . APP_SALT, false) !== $lastMessage && !$doubleChk) { // Updating message history.. $output = []; $output[] = $newSign . "\n"; updateHistory($output, HISTORY_MAX_ITEMS); // Updating captcha history.. $output = []; $output[] = $captchasign . "\n"; updatecaptchaHistory($output); $lastMessage = hash("sha256", $newSignChk . APP_SALT, false); } } function confParamValidation() { global $opt; global $param1; global $param2; global $param3; global $signHistory; //opt!="" if ($opt!==PHP_STR) { echo("WARNING: invalid options
"); return false; } $myval = trim($param1,"'"); //param1!="" if ($myval===PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param1 in $signHistory if (!in_array($myval."\n",$signHistory)) { echo("WARNING: invalid parameters
"); return false; } //param2=="" if ($param2!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param3=="" if ($param3!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } return true; } function myExecConfSignCommand() { global $param1; global $signHistory; global $curPath; $mysign = trim($param1,"'"); if ($signHistory) { //echo("inside myExecConfSignCommand()"); $newval = left($mysign, strlen($mysign)-2) . "|v"; $key = array_search($mysign."\n", $signHistory); if ($key !== false) { $signHistory[$key] = $newval . "\n"; // Writing out $signHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".SW_history"; file_put_contents($filepath, implode('', $signHistory)); } } } function delParamValidation() { global $opt; global $param1; global $param2; global $param3; global $signHistory; //opt!="" if ($opt!==PHP_STR) { echo("WARNING: invalid options
"); return false; } $myval = trim($param1,"'"); //param1!="" if ($myval===PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param1 in $signHistory if (!in_array($myval."\n",$signHistory)) { echo("WARNING: invalid parameters
"); return false; } //param2=="" if ($param2!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param3=="" if ($param3!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } return true; } function myExecDelSignCommand() { global $param1; global $signHistory; global $curPath; $mysign = trim($param1,"'"); if ($signHistory) { //echo("inside myExecDelSignCommand()"); $newval = left($mysign, strlen($mysign)-2) . "|u"; $key = array_search($mysign."\n", $signHistory); if ($key !== false) { $signHistory[$key] = $newval . "\n"; // Writing out $signHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".SW_history"; file_put_contents($filepath, implode('', $signHistory)); } } } function myExecSetStarCommand() { global $param1; global $signHistory; global $curPath; $val = trim($param1,"\n'"); $mytag = PHP_STR; $myccounter = PHP_STR; $mydate = PHP_STR; $mytime = PHP_STR; $mydesc = PHP_STR; $myflag = PHP_STR; $aFields = explode(PHP_PIPE, $val); $mytag = $aFields[0]??"0000"; $myccounter = $aFields[1]??PHP_STR; $mydate = $aFields[2]??PHP_STR; $mytime = $aFields[3]??PHP_STR; $mydesc = $aFields[4]??PHP_STR; $myflag = $aFields[5]??PHP_STR; $mytagnew = time(); $myccounter = (int)left($myccounter,6); $myccounter = (string)($myccounter+1); $myccounternew = str_repeat("0", 6-strlen($myccounter)).$myccounter."X"; if ($signHistory) { //echo("inside myExecConfSignCommand()"); $newval = $mytagnew.PHP_PIPE.$myccounternew.PHP_PIPE.$mydate.PHP_PIPE.$mytime.PHP_PIPE.$mydesc.PHP_PIPE."v"; $key = array_search($val."\n", $signHistory); if ($key !== false) { $signHistory[$key] = $newval . "\n"; // Writing out $signHistory on disk.. $filepath = $curPath . DIRECTORY_SEPARATOR . ".SW_history"; file_put_contents($filepath, implode('', $signHistory)); } } } function setParamValidation() { global $opt; global $param1; global $param2; global $param3; global $signHistory; //opt!="" if ($opt!==PHP_STR) { echo("WARNING: invalid options
"); return false; } $myval = trim($param1,"'"); //param1!="" if ($myval===PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param1 in $signHistory if (!in_array($myval."\n",$signHistory)) { echo("WARNING: invalid parameters
"); return false; } //param2=="" if ($param2!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } //param3=="" if ($param3!==PHP_STR) { echo("WARNING: invalid parameters
"); return false; } return true; } $curPath = APP_DATA_PATH; chdir($curPath); $signHistory = file($curPath . DIRECTORY_SEPARATOR . ".SW_history"); $captchaHistory = file($curPath . DIRECTORY_SEPARATOR . ".SW_captchahistory"); $password = filter_input(INPUT_POST, "Password")??""; $password = strip_tags($password); if ($password==PHP_STR) { $password = filter_input(INPUT_POST, "Password2")??""; $password = strip_tags($password); } $command = filter_input(INPUT_POST, "CommandLine")??""; $command = strip_tags($command); //$pwd = filter_input(INPUT_POST, "pwd"); $hideSplash = filter_input(INPUT_POST, "hideSplash")??""; $hideSplash = strip_tags($hideSplash); $hideHCSplash = filter_input(INPUT_POST, "hideHCSplash")??""; $hideHCSplash = strip_tags($hideHCSplash); $date = filter_input(INPUT_POST, "date")??""; $date = strip_tags($date); $hour = filter_input(INPUT_POST, "hour")??""; $hour = strip_tags($hour); $min = filter_input(INPUT_POST, "min")??""; $min = strip_tags($min); $desc = filter_input(INPUT_POST, "desc")??""; $desc = strip_tags($desc); $captchasign = hash("sha256", $_SERVER["REMOTE_ADDR"] . date("Y") . APP_SALT, false); $lastMessage = filter_input(INPUT_POST, "last_message")??""; $lastMessage = strip_tags($lastMessage); $totsigns = count($signHistory); //print_r($totsigns); //exit(0); if ($totsigns > 0) { $lastMessage = hash("sha256", rtrim($signHistory[$totsigns-1],"\n") . APP_SALT, false); } $captchacount = (int)filter_input(INPUT_POST, "captcha_count")??""; $captchacount = strip_tags($captchacount); //if ($captchacount === 0) { // $captchacount = 1; //} if ($password !== PHP_STR) { $hash = hash("sha256", $password . APP_SALT, false); if ($hash !== APP_HASH) { $password=PHP_STR; } } parseCommand($command); //echo("cmd=" . $cmd . "
"); //echo("opt=" . $opt . "
"); //echo("param1=" . $param1 . "
"); //echo("param2=" . $param2 . "
"); if ($password !== PHP_STR) { if (mb_stripos(CMDLINE_VALIDCMDS, "|" . $command . "|")) { if ($cmd === "sign") { $captchacount = $captchacount + 1; if (signParamValidation()) { myExecSignCommand(); } } else if ($command === "refresh") { // refreshing Msg Board.. } } else if (mb_stripos(CMDLINE_VALIDCMDS, "|" . $cmd . "|")) { if ($cmd === "del") { if (delParamValidation()) { myExecDelSignCommand(); } } else if ($cmd === "conf") { if (confParamValidation()) { myExecConfSignCommand(); } } else if ($cmd === "set") { if (setParamValidation()) { myExecSetStarCommand(); } } } else { } $contextType = PERSONAL_CONTEXT_TYPE; } else { /* if (mb_stripos(CMDLINE_VALIDCMDS, "|" . $command . "|")) { if ($cmd === "sign") { $captchacount = $captchacount + 1; if (signParamValidation()) { myExecSignCommand(); } } }*/ } ?> <?php echo(APP_TITLE); ?>
 StarWorth          on github         for feedback          get support  
 
 
Hello and welcome to StarWorth!

StarWorth is a light and simple software on premise to log calendar and events.

StarWorth is released under GPLv3 license, it is supplied AS-IS and we do not take any responsibility for its misusage.

StarWorth name comes from a prank on "Star War" meaning our intention to make stars/projects "worth".

First step, use the left side panel password and salt fields to create the hash to insert in the config file. Remember to manually set there also the salt value.

As you are going to run StarWorth in the PHP process context, using a limited web server or phpfpm user, you must follow some simple directives for an optimal first setup:
  1. Check the permissions of your "data" folder in your web app private path; and set its path in the config file.
  2. In the data path create a ".SW_history" and ".SW_captchahistory" files and give them the write permission.
  3. Finish to setup the configuration file apporpriately, in the specific:
    • Configure the APP_USE appropriately.
    • Configure the DISPLAY attributes as required.
    • Configure the max history items as required (default: 1000).

Hope you can enjoy it and let us know about any feedback: posta@elettronica.lol





">  : 









">  :