..1 | <?php
..2 | function ipcheck(){
..3 | if(isset($_SESSION['valid'])){return "1";}
..4 | if(isset($_POST['ci'])){
..5 | $cf=file_get_contents("Videos/".intval($_POST['ci']),$num);
..6 | if(isset($_POST['cf'])&&$_POST['cf']==$cf){
..7 | unlink("Videos/".intval($_POST['ci']));
..8 | foreach(glob("Videos/*") as $old)
..9 | {if((filemtime($old)+3600)<time()){unlink($old);}}$_SESSION['valid']=1;
.10 | return "1";}return "2";}}
.11 |
.12 | $num = (hrtime()[1]%1000);
.13 | file_put_contents("Videos/".(crc32(time())%100),$num);
.14 |
.15 | if(ipcheck()==2){unset($_POST);echo'<p id="x" conclick="this.style.display=\'none\'">Please solve CAPTCHA</p>';}
.16 |
.17 | #1-2ms hash.
.18 | function pass($hash){for($i=1;$i<1000;$i++){$hash=strrev(hash('fnv164',$hash,true));}$hash=hash('fnv164',$hash); return $hash;}
.19 |
.20 | function xor_string($string, $key){
.21 | if(strlen($string)>99999){exit('Error: text too long');}
.22 | for($j=1;$j<38;$j++){
.23 | $key = substr(hash('fnv164',$key,true).$key, 0, 31);
.24 | for($i = 0; $i < strlen($string); $i++)
.25 | {$string[$i] = ($string[$i] ^ $key[$i % strlen($key)]);}}
.26 | return $string;}
.27 |
.28 | function passtest($p){$i=0;$b=true;$f='xato-net-1-million-passwords.txt';
.29 | if(!file_exists($f)){return$b;}
.30 | $passwords=file($f);
.31 | foreach($passwords as $password){$i++;
.32 | if(strpos($password,$p)!==false){echo'<p id="x" conclick="this.style.display=\'none\';">Password weak, consider changing it</p>';$b=false;break;}}return$b;}
.33 |
.34 | if(empty($_POST['Save'])){echo'<!DOCTYPE html><html lang="en"><title>Encrypted notes</title><meta name="viewport" content="width=device-width, initial-scale=1"><style>html{font-family:corbel; background:#ec9;}span,body,p,input,h1{padding:0.4em;margin:1em;color:#930;background:#dfe;margin-top: 0.5em;margin-bottom:0.3em}#b{margin:0em}h1{color:#4a0}input{margin-left:2em;border-radius:7px}input{border:1px solid #090}input:hover{border:1px solid #00f}p,pre{border:1px solid #930;background:#ff8;padding:1em;border-radius:10px}#t,#y,#b,#s{border:none;background:none;padding:0.3em}textarea{color:#074;padding:0.2em;border-radius:12px;border:1px solid #7f7}textarea:hover{border:1px solid #888}nav form{display:inline;}</style>';if(!empty($_POST['ws'])&&crc32($_POST['ws'])!=847461225){$pt=passtest($_POST['ws']);}}
.35 |
.36 | if(!empty($_POST['ws'])){$hs=pass($_POST['ws']);}
.37 | function safe($input){$input = strtr($input, "./", "~`");return $input;}
.38 | if(!empty($_POST['Register'])){
.39 | if(!file_exists($_POST['cn'])&&!empty($_POST['cn'])){
.40 | file_put_contents(safe($_POST['cn']),$hs."|0");
.41 | $_POST['Login']=1;
.42 | }
.43 | elseif(1==1){$_POST['Login']=1;}}
.44 |
.45 | if(!empty($_POST['Login'])||!empty($_POST['Save'])||!empty($_POST['epf'])){
.46 | if(1==1) {$cc = explode("|",file_get_contents($_POST['cn'])); if($cc[0]==$hs){
.47 | if(!empty($_POST['Save'])){file_put_contents($_POST['cn'].'.note',xor_string($_POST['t'],$_POST['ws']));}
.48 |
.49 | //Autosave handling
.50 | if($_POST['Save']==2){
.51 | file_put_contents(safe($_POST['cn']),$hs."|".($cc[1]));
.52 | echo filesize(safe($_POST['cn']).'.note').'B';exit;}
.53 |
.54 | //Setup private files
.55 | if($_POST['epf']=="3"){
.56 | mkdir(safe($_POST['cn'])) or die('Cannot create folder for file upload!');
.57 | copy('files.php',safe($_POST['cn']).'/files.php') or die('No file upload script installed!');
.58 | echo '<a href="'.safe($_POST['cn']).'/files.php">Your semi-private file upload is ready.</a>';}
.59 |
.60 | if($_POST['Save']!=2){
.61 | file_put_contents(safe($_POST['cn']),$hs."|".($cc[1] + 1));}
.62 |
.63 | //Decrypt note
.64 | $note = str_replace('%amp','&',xor_string(file_get_contents($_POST['cn'].'.note'),$_POST['ws']));
.65 |
.66 | echo "<p onclick=\"this.style.display='none';\"> ".$_POST['cn']." logged in, score: ".($cc[1] + 1)."</p><nav>
.67 | <form action='3.php' method='post'><input type='hidden' name='del' value='".$_POST['cn']."'><input type='hidden' name='ws' value='".$_POST['ws']."'><input type='submit' value='Delete' style='background:#d22;color:#fff;'></form><form action='3.php' method='post'><input type='hidden' name='chg' value='".$_POST['cn']."'><input type='hidden' name='ws' value='".$_POST['ws']."'><input type='submit' value='Change password' style='background:#4dd;color:#000'></form>
.68 | <form action='3.php' method='post'><input type='submit' name='Logout' value='Logout' style='background:#ff2;color:#000;'></form>
.69 | <form action='bookings.php' method='post'><input type='hidden' name='nick' value='".$_POST['cn']."'><input type='hidden' name='ws' value='".$_POST['ws']."'><input type='submit' value='Make a booking' style='background:#6f8;color:#000'></form></nav>
.70 |
.71 | <p id='s'>".filesize($_POST['cn'].'.note')."B</p>
.72 | <form action='3.php' method='post' id='txt' accept-charset='utf-8'>
.73 | <input type='hidden' name='cn' value='".$_POST['cn']."'><input type='hidden' name='ws' value='".$_POST['ws']."'>
.74 | <textarea name='t' form='txt' rows='16' style='margin-left:2em;width:92%' id='tt' onkeyup='a()'>".htmlspecialchars($note, ENT_HTML5,'UTF-8',false)."</textarea><br><br>
.75 | <script>
.76 | function a(){document.getElementById('b').innerHTML = document.getElementById('b').innerHTML - 1;}
.77 |
.78 | setInterval(sync,1000);
.79 | function sync(){if(document.getElementById('b').innerHTML!=0){
.80 | var xhttp = new XMLHttpRequest();
.81 | xhttp.onreadystatechange = function() {
.82 | if (this.readyState == 4 && this.status == 200) {
.83 | document.getElementById('s').innerHTML =
.84 | this.responseText;}};
.85 | xhttp.open('POST', '3.php', true);
.86 | xhttp.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
.87 | xhttp.send('Save=2&cn=".$_POST['cn']."&ws=".$_POST['ws']."&t=' + document.getElementById('tt').value.replace('&','%amp'));
.88 | document.getElementById('b').innerHTML=0;}}
.89 | </script><input type='submit' name='Save' value='Save manually'><br><br><p id='y'></p><script>document.getElementById('y').innerHTML='Autosave is on';</script></form>
.90 | <span id='b' style='margin-left:2em'>0</span><span> bytes difference</span>
.91 | ";exit;}
.92 | elseif(file_exists($_POST['cn'])){echo '<p onclick="this.style.display=\'none\';">Bad credentials</p>';unset($_SESSION['valid']);}}
.93 | }
.94 | if(!empty($_POST['del'])){
.95 | if($_POST['confirm']==""){echo"<p onclick=\"this.style.display='none';\"> Delete account?</p><form action='3.php' method='post'><input type='hidden' name='del' value='".$_POST['del']."'><input type='hidden' name='cn' value='".$_POST['del']."'><input type='hidden' name='ws' value='".$_POST['ws']."'><input type='hidden' name='confirm' value='7'><input type='submit' value='Confirm' style='background:#d22;color:#fff;'></form><br><br><form action='3.php' method='post'><input type='hidden' name='cn' value='".$_POST['del']."'><input type='hidden' name='ws' value='".$_POST['ws']."'><input type='submit' name='Register' value='Cancel' style='background:#4dd;color:#000;'></form>";exit;}
.96 | else{
.97 | if($hs==explode("|",file_get_contents($_POST['del']))[0]){unlink($_POST['del']);unlink($_POST['del'].'.note');
.98 |
.99 | echo '<p onclick="this.style.display=\'none\';">Deleted</p>';}else{echo'<p onclick="this.style.display=\'none\';">User doesn\'t exist / credential error.</p>';}}}
100 |
101 | if(!empty($_POST['chg'])){if($hs==explode("|",file_get_contents($_POST['chg']))[0]){
102 | if(!empty($_POST['ws']) && $_POST['r']!="Change Password"){
103 | echo 'Change password
104 | <form action="3.php" method="post">
105 | <input name="ws" type="hidden" value="'.$_POST['ws'].'">
106 | <input name="np" type="password" placeholder="Code">
107 | <input name="chg" type="hidden" value="'.$_POST['chg'].'"><br><br>
108 | <input type="submit" name="r" value="Change Password" style="background:#e9e;color:#000"></form><br><br>';echo"
109 | <form action='3.php' method='post'><input type='hidden' name='cn' value='".htmlspecialchars($_POST['chg'])."'><input type='hidden' name='Login' value='Login'><input type='hidden' name='ws' value='".$_POST['ws']."'><input type='submit' value='Cancel' style='background:#4dd;color:#000;'></form>";}
110 | else{ $np=pass($_POST['np']);
111 | $cc = explode("|",file_get_contents(safe($_POST['chg'])));
112 |
113 | //Change encryption key of note
114 | $note = xor_string(file_get_contents($_POST['chg'].'.note'),$_POST['ws']);
115 | file_put_contents($_POST['chg'].'.note',xor_string($note,$_POST['np']));
116 |
117 | file_put_contents(safe($_POST['chg'].$_POST['cn']),$np."|".($cc[1])); echo "<style>#x{display:none}</style>Changed.
118 | <form action='3.php' method='post'><input type='hidden' name='cn' value='".$_POST['chg']."'><input type='hidden' name='ws' value='".$_POST['np']."'><input type='hidden' name='Login' value='Login'><input type='submit' value='Ok' style='background:#2d2;color:#fff;'></form>";}
119 | exit;}else{echo'Error';}//Missing credentials when changing password
120 | }
121 |
122 | echo '<body><h1>Welcome :)</h1>
123 | <span>Suggested password:</span><input type="text" size="12" value="'.base64_encode(random_bytes(9)).'" style="margin:0em"><br><br>
124 | <form action="3.php" method="post">
125 | <input name="cn" placeholder="User" value="'.htmlspecialchars($_POST['cn']?:$_COOKIE['name']).'" size="14"><br>
126 | <input name="ws" type="password" placeholder="Code" size="14"><br>
127 | <input name="cf" required placeholder="Type '.$num.'" size="14">
128 | <input type="hidden" name="ci" value="'.(crc32(time())%100).'">
129 | <br><input type="submit" name="Register" value="Register / Login"><br></form>
130 | <p>Create an account for the autosave tool!<br> You can see your score, the length of your text, change password, and delete account.<br><br> (PS: Try to survive... I don\'t know when users are deceased and therefore cannot delete deceased accounts... but the server won\'t last forever, so ¯\\_(ツ)_/¯)
131 | <br><br>
132 | Notes are private & encrypted internally. View the <a href="source.php?f=3.php" target="_blank">source code</a>.<br><b>Save the password</b> if you want to use that file again!</p>
133 | <style>
134 | #show,.content{display:none}
135 | #show:checked~.content{display:inline-block !important}
136 | </style>
137 | <input id="show" type=checkbox><label for="show" style="color:blue;margin-left:7vw;font-size:24px">Show/Hide Changelog</label><br>
138 | <p id="l" style="font-family:\'Arial\';" class="content">
139 | * NEW: cancelling account deletion no longer logs users out<br>
140 | * Fixed delete account button after upgrading password hashes to fnv164.<br>
141 | * Removed false accounts and made account list private.<br>
142 | * Used XML HTTP requests for autosave<br>
143 | * Implemented change password function<br>
144 | * Couldn\'t implement optional encryption, wasting up to an hour<br>
145 | * However, I was able to add default encryption<br>
146 | * Removed list of accounts due to unknown bug<br>
147 | * Changing password no longer risks losing the note<br>
148 | * Minor style changes (border/margin, de-duplicated inline css, text colour variants)<br>
149 | * Shortened text for the login page<br>
150 | * <s>Changed</s> Removed error message (couldn\'t get user files working), and <s>hide</s> show changelog by default.<br>
151 | * Changelog CSS toggle added :)<br>
152 | * See calculation below, assuming rapid improvements in technology<br><br>
153 | (64^12)/5000000000/86400/365.25 ~= 29000 years!</p><br>
154 | <span>Estimated crack time for secure password is over 100 years!</span>
155 | </body>';
156 | ?>