may/1KA_F2F
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Preprečujem sledenje z odprtimi okni.

Browse Source 
Pojačana varnost hashanja (a pozor, pri geslih ostaja MD5/SHA1/... kombo zarazi družljivosti).

Nadgradnja md5 bo poseben...tretma.
This commit is contained in:
May Doušak 2023-01-23 20:39:16 +01:00
parent b2bfe93693
commit 29c3fb4482
20 changed files with 11 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
admin/exportclases/class.pdfIzvoz.php
View File

@ -5,7 +5,6 @@
* To change the template for this generated file go to
* Window - Preferences - PHPeclipse - PHP - Code Templates
*/
//error_reporting(E_ALL);
set_time_limit(1800);

1
admin/exportclases/class.pdfIzvozResults.php
View File

@ -5,7 +5,6 @@
* To change the template for this generated file go to
* Window - Preferences - PHPeclipse - PHP - Code Templates
*/
//error_reporting(E_ALL);
set_time_limit(1800);

8
admin/survey/SurveyAdminSettings.php
View File

@ -7990,13 +7990,13 @@ class SurveyAdminSettings {
$arrayTestni = array();
for ($i=1; $i<=$_POST['stevilo_vnosov']; $i++) {
session_start();
$_SESSION['progressBar'][$this->anketa]['current'] = $i;
session_commit();
session_start();
$_SESSION['progressBar'][$this->anketa]['current'] = $i;
session_commit();
// izberemo random hash, ki se ni v bazi (to more bit, ker je index na fieldu cookie)
do {
$rand = md5(random_int(1, mt_getrandmax()).'@'.$_SERVER['REMOTE_ADDR']);
$rand = md5(random_int(1, PHP_INT_MAX).'@'.$_SERVER['REMOTE_ADDR']);
$sql1 = sisplet_query("SELECT id FROM srv_user WHERE cookie = '$rand'");
} while (mysqli_num_rows($sql1) > 0);

11
admin/survey/ajax.php
View File

@ -8,17 +8,6 @@ include_once 'definition.php';
include_once '../../function.php';
include_once '../../vendor/autoload.php';
# error reporting
if (isDebug()){
# error_reporting(E_ALL ^ E_NOTICE ^ E_STRICT);
error_reporting(E_ALL ^ E_NOTICE);
ini_set('display_errors', '1');
}
else{
error_reporting(E_ALL ^ E_NOTICE ^ E_STRICT);
ini_set('display_errors', '0');
}
Common::start();
sisplet_query("BEGIN");

5
admin/survey/classes/surveyEmails/squalo/api_test.php
View File

@ -5,11 +5,6 @@
*
**/
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
include_once '../../../definition.php';
include_once '../../../../../function.php';
include_once '../../../../../vendor/autoload.php';

2
admin/survey/excel/PHPExcel/Shared/JAMA/examples/benchmark.php
View File

@ -1,7 +1,5 @@
<?php
error_reporting(E_ALL);
/**
* @package JAMA
*/

13
admin/survey/izvoz.php
View File

@ -8,19 +8,6 @@ include_once('../../vendor/autoload.php');
global $site_path, $global_user_id, $admin_type, $lang;
# error reporting
if(isDebug()){
error_reporting(E_ALL ^ E_NOTICE);
ini_set('display_errors', '1');
}
else{
//error_reporting(E_ALL ^ E_NOTICE ^ E_STRICT);
error_reporting(0);
ini_set('display_errors', '0');
}
/****** DEFINITIONS ******/
define("M_ANALIZA_DESCRIPTOR", "descriptor");
define("M_ANALIZA_FREQUENCY", "frequency");

4
admin/survey/modules/mod_gorenje/SurveyGorenje.php
View File

@ -91,10 +91,6 @@ class SurveyGorenje{
*/
public static function sendGorenjeRekID($rek_id){
/*ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);*/
$gorenje_wsdl = 'http://partners.gorenje.com/SAGWCFServices/SAGService.svc?wsdl';
$options = array(

6
frontend/install/classes/class.Display.php
View File

@ -1,11 +1,5 @@
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
include_once '../../function.php';
include_once 'classes/class.DisplayCheck.php';

6
frontend/install/index.php
View File

@ -2,12 +2,6 @@
session_start();
//phpinfo();
/*error_reporting(1);
ini_set('display_errors', 'On');*/
include_once('classes/class.Display.php');
// Inicializiramo razred za prikaz

2
frontend/payments/cebelica/InvoiceFox/api-tester.php
View File

@ -1,7 +1,5 @@
<?php
session_start();
ini_set('display_errors', 1);
error_reporting (E_ALL);
require_once "lib/strpcapi.php";
require_once "lib/invfoxapi.php";

7
frontend/simple/index.php
View File

@ -1,11 +1,6 @@
<?php
session_start();
//phpinfo();
error_reporting(0);
//ini_set('display_errors', 'On');
session_start();
include_once('classes/DisplayController.php');

2
function.php
View File

@ -1,7 +1,5 @@
<?php
error_reporting(E_ALL ^ E_NOTICE);
if (!function_exists('apache_request_headers')) {
function apache_request_headers()
{

8
index_sa_anketa.php
View File

@ -138,7 +138,7 @@ include('settings.php');
<body style="background-color:#FFFFFF;background-image:none;">
<div id="outercontainer" class=""><div id="container">
<div id="logo">
<a href="<?php echo $site_url; ?>" title="1KA spletne ankete" target="_blank">1KA</a>
<a href="<?php echo $site_url; ?>" title="1KA spletne ankete" target="_blank" rel="noopener">1KA</a>
<div id="logo_right"></div>
</div>
<h1>Vnos kode za dostop do samoevalvacije</h1>
@ -158,9 +158,9 @@ include('settings.php');
</form>
</div>
<div id="footer_survey">
<p class="footer_1ka"><a href="http://www.1ka.si" target="_blank">1KA - spletne ankete</a></p>
<p class="privacy"><a href="https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka/politika-zasebnosti?from1ka=1" target="_blank">Anketa </a> <a href="https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka/politika-zasebnosti?from1ka=1#cookies" target="_blank">brez piškotkov</a>, <a href="https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka/politika-zasebnosti?from1ka=1#ip" target="_blank">brez IP sledenja</a></p>
<p class="privacy_link"><a href="https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka/politika-zasebnosti?from1ka=1" target="_blank">Politika zasebnosti</a></p>
<p class="footer_1ka"><a href="http://www.1ka.si" target="_blank" rel="noopener">1KA - spletne ankete</a></p>
<p class="privacy"><a href="https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka/politika-zasebnosti?from1ka=1" target="_blank" rel="noopener">Anketa </a> <a href="https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka/politika-zasebnosti?from1ka=1#cookies" target="_blank" rel="noopener">brez piškotkov</a>, <a href="https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka/politika-zasebnosti?from1ka=1#ip" target="_blank" rel="noopener">brez IP sledenja</a></p>
<p class="privacy_link"><a href="https://www.1ka.si/d/sl/o-1ka/pogoji-uporabe-storitve-1ka/politika-zasebnosti?from1ka=1" target="_blank" rel="noopener">Politika zasebnosti</a></p>
</div>
</div>

6
main/survey/app/config.php
View File

@ -24,8 +24,6 @@ if (in_array($site_url, [
// Error reporting
if (/*ENVIRONMENT == 'dev' ||*/ isDebug()) {
error_reporting(E_ALL);
ini_set("display_errors", 1);
//ERROR blackscreen prikaz
if (class_exists('\Whoops\Run)')) {
@ -34,12 +32,8 @@ if (/*ENVIRONMENT == 'dev' ||*/ isDebug()) {
$whoops->register();
}
} else {
error_reporting(0);
ini_set("display_errors", 0);
}
//DB connection
define('DB_TYPE', 'mysql');
define('DB_HOST', $mysql_server);

6
utils/1kaUtils/app_settings_copy.php
View File

@ -6,12 +6,6 @@
*
*/
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
include_once('../../function.php');
include_once('../../vendor/autoload.php');
include_once($site_path.'/settings_optional.php');

4
utils/1kaUtils/check_packages.php
View File

@ -8,10 +8,6 @@
die();
/*ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);*/
include_once('../../function.php');
include_once('../../vendor/autoload.php');

6
utils/1kaUtils/fix_comments.php
View File

@ -6,12 +6,6 @@
*
*/
/*ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);*/
include_once('../../function.php');
include_once('../../vendor/autoload.php');

5
utils/1kaUtils/nijz_clean_db.php
View File

@ -6,13 +6,8 @@
*
*/
die();
/*ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);*/
include_once('../../function.php');
include_once('../../vendor/autoload.php');

6
utils/ParadataExport/export.php
View File

@ -5,11 +5,7 @@
set_time_limit(36000); // 10 ur
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
include_once '../../function.php';
include_once '../../function.php';
include_once '../../admin/survey/definition.php';
include_once '../../vendor/autoload.php';