Skip to content
Snippets Groups Projects
Commit 82f10359 authored by omar.alkheja's avatar omar.alkheja
Browse files

give up

parent 6e0cc9cf
No related branches found
No related tags found
No related merge requests found
# Projet Web
# https://sec-app-edc9f62bb6e5.herokuapp.com/
## nous pouvons pas tester tout les fonctionalité car le site n'a pas pu se connecter à la base de donné sur heroku!
## nous avons malheureusement pas fait les filtrages nécessaires pour les API's
## nous avons malheureusement pas fait les logs pour la tracabilité
## Choix effectués
- Page HTML et CSS simple
- Un fichier PHP
......
<?php
// Enhanced security with session management and error handling
session_start([
'use_strict_mode' => true,
'cookie_httponly' => true,
......@@ -9,8 +9,17 @@ session_start([
]);
include 'session_control.php';
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
// Ensure HTTPS is used
if ($_SERVER['HTTPS'] !== 'on') {
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
......@@ -32,11 +41,6 @@ if (!isset($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = generateToken();
}
// Security headers
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
$admin_id = $_SESSION['username'];
......
......@@ -11,4 +11,3 @@ function generateCsrfToken() {
function validateCsrfToken($token) {
return isset($_SESSION['csrf_token']) && $_SESSION['csrf_token'] === $token;
}
?>
......@@ -7,12 +7,20 @@ session_start([
]);
include 'session_control.php';
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
// Ensure HTTPS is used
if ($_SERVER['HTTPS'] !== 'on') {
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
......@@ -25,7 +33,6 @@ header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
?>
<!DOCTYPE html>
......
......@@ -13,7 +13,7 @@
<form action="reset_psswd.php" method="post">
<!--faut add value -->>
<input type="hidden" name="csrd_token" value="">
<input type="hidden" name="csrf_token" value="">
<label for="email">Adresse e-mail:</label>
<input type="email" id="email" name="email" placeholder="Entrez votre adresse e-mail" required>
<input type="submit" name="reset_password" value="Réinitialiser le mot de passe">
......
......@@ -5,20 +5,23 @@ session_start([
'cookie_secure' => true,
'use_only_cookies' => true
]);
include 'session_control.php';
// Ensure HTTPS is used
if ($_SERVER['HTTPS'] !== 'on') {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
// Security headers
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
// Ensure HTTPS is used
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
......
......@@ -9,15 +9,21 @@
<body>
<?php
// Ensure HTTPS is used
if ($_SERVER['HTTPS'] !== 'on') {
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
// Security headers
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
?>
<div class="container">
<form action="login.php" method="post">
......
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
include 'session_control.php';
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Security headers
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "sfsfs";
$loginError = "";
......@@ -44,18 +59,6 @@ if (isset($_POST['login'])) {
$loginError = "Identifiants incorrects!"; // Mot de passe incorrect
}
if ($userData && password_verify($password, $user['password_hash'])) {
if ($userData['banned'] == 1) {
$loginError = "Votre compte est banni!";
} else {
// Connexion en tant qu'utilisateur normal
$_SESSION['username'] = $username;
$_SESSION['is_admin'] = false;
echo sprintf('<dt>%s<dt><dd>%s<dd>', 'user name ', $username);
echo "Connexion réussie en tant qu'utilisateur!";
header("Location: post_message.php");
}
}
}
}
......
......@@ -8,12 +8,20 @@ session_start([
'use_only_cookies' => true
]);
// Security headers
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
$_SESSION = array();
// Regenerate session ID and then destroy the session
......@@ -30,4 +38,3 @@ session_destroy();
header("Location: index.php");
exit();
?>
\ No newline at end of file
......@@ -10,11 +10,20 @@ session_start([
'use_only_cookies' => true
]);
// Security headers
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
if (isset($_POST['post_message'])) {
$user_id = $_SESSION['username'];
......@@ -23,13 +32,18 @@ if (isset($_POST['post_message'])) {
$attachment_file = '';
if ($_FILES['attachment']['error'] == 0) {
// L'utilisateur a téléchargé un fichier
$attachment_file = file_get_contents($_FILES['attachment']['tmp_name']);
// changer le nom du fichier pour eviter des probleme
$newFilename = 'uploads/' . uniqid() . '_' . basename($_FILES['attachment']['name']);
move_uploaded_file($_FILES['attachment']['tmp_name'], $newFilename);
$attachment_file = file_get_contents($newFilename);
} elseif (!empty($_POST['attachment_url'])) {
// L'utilisateur a fourni une URL pour la pièce jointe
$attachment_url = $_POST['attachment_url'];
$attachment_url = filter_var($_POST['attachment_url'], FILTER_VALIDATE_URL);
if ($attachment_url === false) {
echo "url non valide !!";
}
}
// Insérer le message dans la base de données
$stmt = $db->prepare("INSERT INTO messages (user_id, message_text, attachment_url, attachment_file) VALUES (?, ?, ?, ?)");
$stmt->execute([$user_id, $message_text, $attachment_url, $attachment_file]);
......
......@@ -11,12 +11,20 @@ session_start([
'use_only_cookies' => true
]);
// Security headers
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
$username = $_SESSION['username'];
......@@ -40,4 +48,4 @@ if (isset($_POST['reply_text'], $_POST['recipient_id'])) {
} else {
echo "Erreur : les données nécessaires ne sont pas fournies.";
}
?>
<?php
include 'session_control.php';
include 'csrf_token.php'; // Include CSRF token utilities
include 'csrf_token.php';
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
// Add Content-Security-Policy and other headers
header('Content-Security-Policy: default-src \'self\';');
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Validate CSRF token
......@@ -36,4 +46,4 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
exit;
}
}
?>
<?php
include 'csrf_token.php';
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
......@@ -39,4 +54,4 @@ if (isset($_POST['reset_password'])) {
header("Location: forgot_password.html");
exit();
}
?>
......@@ -2,7 +2,20 @@
include 'session_control.php';
include 'csrf_token.php';
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
......@@ -16,8 +29,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
}
// filter input
$to_username = filter_input(INPUT_POST, 'to_username', FILTER_SANITIZE_STRING);
$message_text = filter_input(INPUT_POST, 'message_text', FILTER_SANITIZE_STRING);
$to_username = filter_input(INPUT_POST, 'to_username', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$message_text = filter_input(INPUT_POST, 'message_text', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$sender_id = $_SESSION['username'];
......
<?php
$timeout = 360; // Timeout en secondes
ini_set("session.gc_maxlifetime", $timeout);
ini_set("session.cookie_lifetime", $timeout);
ini_set("session.cookie_httponly", 1);
ini_set("session.cookie_secure", 1);
ini_set("session.cookie_samesite", 'Strict');
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
session_start();
if (!isset($_SESSION['initialized'])) {
session_regenerate_id();
$_SESSION['initialized'] = true;
}
$s_name = session_name();
if(isset( $_COOKIE[ $s_name ] )) {
setcookie( $s_name, $_COOKIE[ $s_name ], time() + $timeout, '/' );
echo "New session is created .<br/>";
if (!isset($_COOKIE[$s_name])) {
$_SESSION['expired'] = true;
} else {
echo '<script type="text/javascript">
alert("Votre session a expiré. Veuillez vous connecter à nouveau.");
</script>';
session_destroy();
header("Location: index.php");
exit();
}
?>
\ No newline at end of file
setcookie($s_name, $_COOKIE[$s_name], time() + $timeout, '/');
}
\ No newline at end of file
<?php
include("session_control.php");
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
function generateToken($length = 20) {
return bin2hex(random_bytes($length)); // Génère un token aléatoire de 100 caractères hexadécimaux
}
......@@ -22,7 +39,7 @@ $stmt = $db->prepare("SELECT username, phone, email, birthdate, gender, token FR
$stmt->execute([$user_id]);
$userData = $stmt->fetch(PDO::FETCH_ASSOC);
//$csrfToken = generateCsrfToken();
?>
<!DOCTYPE html>
......
<?php
include 'csrf_token.php'; // CSRF token utilities
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
......@@ -11,13 +24,12 @@ if (isset($_POST['signup'])) {
}
// Input validation and sanitization
$new_username = filter_input(INPUT_POST, 'new_username', FILTER_SANITIZE_STRING);
$new_password = $_POST['new_password']; // Password will be hashed, no need to sanitize
$phone = $_POST['phone'];
$email = $_POST['email'];
$birthdate = $_POST['birthdate'];
$gender = $_POST['gender'];
// ... similar validation for other inputs ...
$new_username = filter_input(INPUT_POST, 'new_username', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$new_password = $_POST['new_password'];
$phone = filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_NUMBER_INT);
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$birthdate = filter_input(INPUT_POST, 'birthdate', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$gender = filter_input(INPUT_POST, 'gender', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
// Check for existing username
$stmt = $db->prepare("SELECT username FROM users WHERE username = ?");
......@@ -37,5 +49,4 @@ if (isset($_POST['signup'])) {
header("Location: index.php");
exit();
}
?>
\ No newline at end of file
}
\ No newline at end of file
<?php
include 'session_control.php';
include 'csrf_token.php';
header("Content-Security-Policy: default-src 'self';");
header('X-Frame-Options: DENY');
header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=31536000; includeSubDomains');
header("Referrer-Policy: no-referrer");
header("Permissions-Policy: geolocation=(), microphone=(), camera=()");
if (
(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off')
&& empty($_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https'
) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit();
}
// Connexion à la base de données
$dbPath = realpath('users.db');
$db = new PDO("sqlite:$dbPath");
......@@ -13,22 +26,21 @@ if (isset($_POST['update_profile'])) {
}
// Récupération des nouvelles informations du formulaire
$new_username = filter_input(INPUT_POST, 'new_username', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$new_password = $_POST['new_password'];
$phone = filter_input(INPUT_POST, 'phone', $phone = filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_NUMBER_INT));
$email = $_POST['email'];
$birthdate = $_POST['birthdate'];
$gender = $_POST['gender'];
$new_password = filter_input(INPUT_POST, 'new_password', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$phone = filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_NUMBER_INT);
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$birthdate = filter_input(INPUT_POST, 'birthdate', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$gender = filter_input(INPUT_POST, 'gender', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
// Mise à jour des informations de l'utilisateur dans la base de données
$stmt = $db->prepare("UPDATE users SET username = ?, password = ?, phone = ?, email = ?, birthdate = ?, gender = ? WHERE username = ?");
$stmt->execute([$new_username, $new_password, $phone, $email, $birthdate, $gender, $_SESSION['username']]);
// Redirection vers la page de profil mise à jour ou autre page appropriée
header("Location: index.php"); // Remplacez "profile.php" par l'URL souhaité
header("Location: index.php");
exit();
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
......@@ -45,8 +57,6 @@ if (isset($_POST['update_profile'])) {
<div class="container">
<form action="update_profile.php" method="post">
<h2>Modifier vos informations</h2>
<!-- Les champs du formulaire -->
<!-- ... -->
<input type="submit" name="update_profile" value="Enregistrer les modifications">
</form>
</div>
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment