Mercurial > hgrepos > hgweb.cgi > skipweb
changeset 573:e1d51954ae00
Updated security
| author | MURAKAMI Masaki <c112124@h.koeki-u.ac.jp> |
|---|---|
| date | Fri, 25 Jul 2014 13:22:33 +0900 |
| parents | af884996a628 |
| children | b391196a7c4a 6bb57e79ac91 |
| files | minato2014/admin/chusen.rb minato2014/admin/delete.rb minato2014/admin/etsuran.rb |
| diffstat | 3 files changed, 55 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/minato2014/admin/chusen.rb Thu Jul 24 21:25:55 2014 +0900 +++ b/minato2014/admin/chusen.rb Fri Jul 25 13:22:33 2014 +0900 @@ -8,6 +8,10 @@ c = CGI.new(:tag_maker => "html5", :accept_charest => "UTF-8") db = SQLite3::Database.new("../sql/stamp.sq3") +add = ENV["REMOTE_ADDR"] +hoge = add.split(/(\d+).(\d+).(\d+).(\d+)/) + +if ((hoge[1].to_i == 172)&&(hoge[2].to_i == 19)&&(hoge[3].to_i == 5)) || ((hoge[1].to_i == 172)&&(hoge[2].to_i == 19)&&(hoge[3].to_i == 5)) check = c['check'] printf("Content-type: text/html; charset=UTF-8\n\n") @@ -67,3 +71,17 @@ else print"<p>抽選はまだ行いませんよ</p>\n" end +else + printf("Content-type: text/html; charset=UTF-8\n\n") + + printf'<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/h +tml4/strict.dtd"> +<html> +<head> +<title>Delete table</title> +<link rel="stylesheet" type="text/css" href="design.css"> +</head> +</body> +<p>管理者用ページのため閲覧できません。</p>' +end +print'</body></html>'
--- a/minato2014/admin/delete.rb Thu Jul 24 21:25:55 2014 +0900 +++ b/minato2014/admin/delete.rb Fri Jul 25 13:22:33 2014 +0900 @@ -5,8 +5,14 @@ require 'cgi' db = SQLite3::Database.new("../sql/stamp.sq3") +c = CGI.new(:accept_charaset => "UTF-8") -c = CGI.new(:accept_charaset => "UTF-8") +add = ENV["REMOTE_ADDR"] +hoge = add.split(/(\d+).(\d+).(\d+).(\d+)/) + +printf("Content-type: text/html; charset=UTF-8\n\n") + +if ((hoge[1].to_i == 172)&&(hoge[2].to_i == 19)&&(hoge[3].to_i == 5)) || ((hoge[1].to_i == 172)&&(hoge[2].to_i == 19)&&(hoge[3].to_i == 5)) check = c['check'] if check == "OK" begin @@ -20,8 +26,6 @@ text = "データは削除されません" end -printf("Content-type: text/html; charset=UTF-8\n\n") - printf'<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> @@ -34,3 +38,15 @@ <p></p> </body></html> ',text + +else + printf'<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/h +tml4/strict.dtd"> +<html> +<head> +<title>Delete table</title> +<link rel="stylesheet" type="text/css" href="design.css"> +</head> +</body> +<p>管理者用ページのため閲覧できません。</p>' +end
--- a/minato2014/admin/etsuran.rb Thu Jul 24 21:25:55 2014 +0900 +++ b/minato2014/admin/etsuran.rb Fri Jul 25 13:22:33 2014 +0900 @@ -8,6 +8,10 @@ c = CGI.new(:accept_charaset => "UTF-8") +add = ENV["REMOTE_ADDR"] +hoge = add.split(/(\d+).(\d+).(\d+).(\d+)/) + +if ((hoge[1].to_i == 172)&&(hoge[2].to_i == 19)&&(hoge[3].to_i == 5)) || ((hoge[1].to_i == 172)&&(hoge[2].to_i == 19)&&(hoge[3].to_i == 5)) rank = c["rank"] flag = 0 text = "<p>登録者一覧を表示します</p>\n" @@ -32,7 +36,7 @@ tml4/strict.dtd"> <html> <head> -<meta http-equiv="refresh" content="5;http://roy.e.koeki-u.ac.jp/~c112124/web/minato2014/admin/etsuran.rb"> +<meta http-equiv="refresh" content="5;http://skip.koeki-prj.org/minato2014/admin/etsuran.rb"> <title>Delete table</title> <link rel="stylesheet" type="text/css" href="design.css"> </head> @@ -64,5 +68,18 @@ end print"</table></marquee>" end +else + printf("Content-type: text/html; charset=UTF-8\n\n") + + printf'<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/h +tml4/strict.dtd"> +<html> +<head> +<title>Delete table</title> +<link rel="stylesheet" type="text/css" href="design.css"> +</head> +</body> +<p>管理者用ページのため閲覧できません。</p>' +end print'</body></html>'
