From 793ed0c5502b38e597b69240babce9e0d5a53bdd Mon Sep 17 00:00:00 2001
From: overflowerror <mail@overflowerror.com>
Date: Thu, 12 Feb 2015 18:45:49 +0100
Subject: [PATCH] commit!

---
 ajax.php    | 161 +++++++++++++++++++++
 connect.php |   4 +
 db.sql      |  40 ++++++
 index.php   | 402 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 kicked.html |   2 +
 logout.php  |   4 +
 6 files changed, 613 insertions(+)
 create mode 100644 ajax.php
 create mode 100644 connect.php
 create mode 100644 db.sql
 create mode 100644 index.php
 create mode 100644 kicked.html
 create mode 100644 logout.php

diff --git a/ajax.php b/ajax.php
new file mode 100644
index 0000000..2dffb7a
--- /dev/null
+++ b/ajax.php
@@ -0,0 +1,161 @@
+<?php
+	include_once("connect.php");
+	
+	@session_start();
+	
+	$json = array();
+	
+	session_write_close();
+	
+	if (isset($_GET['addUser'])) {
+		if (!$_SESSION['loggedIn'])
+			die("not logged in");
+	
+		$sql = "SELECT 
+				`c`.`ID` AS `id`,
+				`c`.`name` AS `name`,
+				`c`.`initTime` AS `initTime`,
+				`p`.`joinTime` AS `joinTime`,
+				`iu`.`ID` AS `iuID`,
+				`iu`.`username` AS `initUser` 
+			FROM `participants` AS `p` 
+			INNER JOIN `conversations` AS `c` ON `p`.`conversationFK`=`c`.`ID` 
+			INNER JOIN `users` AS `iu` ON `c`.`initUserFK`=`iu`.`ID` 
+			WHERE `c`.`ID`=" . intval($_POST['chat']);
+		$result = mysql_query($sql);
+		$row = mysql_fetch_object($result);
+		if ($row->iuID != $_SESSION['userID']) {
+			$json['error'] = "nicht erlaubt";
+		} else {
+			$sql = "SELECT 
+				`p`.`ID` AS `id`
+			FROM `participants` AS `p` 
+			INNER JOIN `conversations` AS `c` ON `p`.`conversationFK`=`c`.`ID` 
+			INNER JOIN `users` AS `u` ON `p`.`userFK`=`u`.`ID` 
+			WHERE `c`.`ID`=" . intval($_POST['chat']) . " 
+			AND `u`.`username`='" . mysql_real_escape_string(htmlspecialchars($_POST['username'])) . "'";
+			$result = mysql_query($sql);
+			
+			echo mysql_error();
+			
+			if (!mysql_num_rows($result)) {
+				$sql = "SELECT * FROM `users` WHERE `username`='" . mysql_real_escape_string(htmlspecialchars($_POST['username'])) . "'";
+				$result = mysql_query($sql);
+				$row = mysql_fetch_object($result);
+				$sql = "INSERT INTO `participants` (`conversationFK`, `userFK`, `joinTime`) 
+					VALUES (" . intval($_POST['chat']) . ", " . $row->ID . ", " . time() . ")";
+				$result = mysql_query($sql);
+			}
+			
+			$json['succes'] = true;
+		}
+	} else if (isset($_GET['load'])) {
+	
+		if (!$_SESSION['loggedIn'])
+			die("not loggedIn");
+
+		$json['pid'] = $_POST['pid'];
+		$json['mid'] = $_POST['mid'];
+		
+		$sql = "SELECT * FROM `participants` WHERE `conversationFK`=" . intval($_POST['chat']) . " AND `userFK`=" . $_SESSION['userID'];
+		$result = mysql_query($sql);
+		if (!mysql_num_rows($result)) {
+			echo '{"nic": true}';
+			exit();
+		}
+
+	
+		$i = 0;
+		for (; $i < 55; $i++) {
+			$sql = "SELECT 
+				`m`.`ID` AS `id`,
+				`u`.`username` AS `username`, 
+				`u`.`ID` AS `userid`,
+				`m`.`sentTime` AS `time`,
+				`m`.`text` AS `text`
+			FROM `messages` AS `m`
+			INNER JOIN `users` AS `u` ON `m`.`userFK`=`u`.`ID`
+			WHERE `m`.`conversationFK`=" . intval($_POST['chat']) . "
+			AND `m`.`ID`>" . intval($_POST['mid']) . " 
+			ORDER BY `m`.`sentTime`";
+			$resultm = mysql_query($sql);
+			
+			$sql = "SELECT 
+				`p`.`ID` AS `id`,
+				`u`.`ID` AS `userid`,
+				`u`.`username` AS `username`
+			FROM `participants` AS `p`
+			INNER JOIN `users` AS `u` ON `p`.`userFK`=`u`.`ID`
+			WHERE `p`.`conversationFK`=" . intval($_POST['chat']) . " 
+			AND `p`.`ID`>" . intval($_POST['pid']);
+			$resultp = mysql_query($sql);
+			
+			if (mysql_num_rows($resultm) || mysql_num_rows($resultp)) {
+				$json['messages'] = array();
+		
+				while ($row = mysql_fetch_object($resultm)) {
+					$tmp = array();
+					$tmp['text'] = $row->text;
+					$tmp['username'] = $row->username;
+					$tmp['userid'] = $row->userid;
+					$json['messages'][] = $tmp;
+					$json['lastId'] = $row->id;
+					$sql = "INSERT INTO `seenTimes` (`time`, `userFK`, `messageFK`) VALUES (" . time() . ", " . $_SESSION['userID'] . ", " . $row->id . ")";
+					$result = mysql_query($sql);
+				}
+				
+				$json['users'] = array();
+				
+				$sql = "SELECT 
+					`p`.`ID` AS `id`,
+					`u`.`ID` AS `userid`,
+					`u`.`username` AS `username`
+				FROM `participants` AS `p`
+				INNER JOIN `users` AS `u` ON `p`.`userFK`=`u`.`ID`
+				WHERE `p`.`conversationFK`=" . intval($_POST['chat']);
+				$resultp = mysql_query($sql);
+				
+				while ($row = mysql_fetch_object($resultp)) {
+					$tmp = array();
+					$tmp['username'] = $row->username;
+					$tmp['userid'] = $row->userid;
+					$json['users'][] = $tmp;
+					$json['lastPa'] = $row->id;
+				}
+				
+				break;
+			}
+			usleep(30 * 1000);
+		}
+		if ($i >= 55) {
+			$json['succes'] = false;
+		} else {
+			$json['succes'] = true;
+		}
+	} else if (isset($_GET['send'])) {
+		$sql = "INSERT INTO `messages` (`userFK`, `conversationFK`, `sentTime`, `text`) 
+			VALUES (" . $_SESSION['userID'] . ", " . intval($_POST['chat']) . ", " . time() . ", 
+			'" . mysql_real_escape_string(htmlspecialchars($_POST['text'])) . "')";
+		$result = mysql_query($sql);
+		
+		$json['success'] = true;
+	} else if (isset($_GET['removeUser'])) {
+		if (!isset($_POST['id']) || !isset($_POST['chat']))
+			die();
+		$id = intval($_POST['id']);
+		$chat = intval($_POST['chat']);
+		
+		if (!$_SESSION['loggedIn'])
+			die("not logged in");
+		
+		$sql = "SELECT * FROM `conversations` WHERE `initUserFK`=" . $_SESSION['userID'] . " AND `ID`=" . $chat;
+		$result = mysql_query($sql);
+		if (!mysql_num_rows($result))
+			die("fatal!");
+		$sql = "DELETE FROM `participants` WHERE `userFK`=" . $id . " AND `conversationFK`=" . $chat;
+		$result = mysql_query($sql);
+		echo mysql_error();
+	}
+	
+	echo json_encode($json);
+?>
diff --git a/connect.php b/connect.php
new file mode 100644
index 0000000..6a029d1
--- /dev/null
+++ b/connect.php
@@ -0,0 +1,4 @@
+<?php
+	$connection = mysql_connect("localhost", "chat", "passwort");;
+        mysql_select_db("chat");
+?>
diff --git a/db.sql b/db.sql
new file mode 100644
index 0000000..7da70a5
--- /dev/null
+++ b/db.sql
@@ -0,0 +1,40 @@
+CREATE TABLE `conversations` (
+  `ID` int(11) NOT NULL AUTO_INCREMENT,
+  `name` text CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
+  `initUserFK` int(11) NOT NULL,
+  `initTime` int(11) NOT NULL,
+  PRIMARY KEY (`ID`)
+) ENGINE=MyISAM AUTO_INCREMENT=7 DEFAULT CHARSET=utf8;
+
+CREATE TABLE `messages` (
+  `ID` int(11) NOT NULL AUTO_INCREMENT,
+  `userFK` int(11) NOT NULL,
+  `conversationFK` int(11) NOT NULL,
+  `sentTime` int(11) NOT NULL,
+  `text` text CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
+  PRIMARY KEY (`ID`)
+) ENGINE=MyISAM AUTO_INCREMENT=15 DEFAULT CHARSET=utf8;
+
+CREATE TABLE `participants` (
+  `ID` int(11) NOT NULL AUTO_INCREMENT,
+  `conversationFK` int(11) NOT NULL,
+  `userFK` int(11) NOT NULL,
+  `joinTime` int(11) NOT NULL,
+  PRIMARY KEY (`ID`)
+) ENGINE=MyISAM AUTO_INCREMENT=21 DEFAULT CHARSET=utf8;
+
+CREATE TABLE `seenTimes` (
+  `ID` int(11) NOT NULL AUTO_INCREMENT,
+  `time` int(11) NOT NULL,
+  `userFK` int(11) NOT NULL,
+  `messageFK` int(11) NOT NULL,
+  PRIMARY KEY (`ID`)
+) ENGINE=MyISAM AUTO_INCREMENT=63 DEFAULT CHARSET=utf8;
+
+CREATE TABLE `users` (
+  `ID` int(11) NOT NULL AUTO_INCREMENT,
+  `username` text CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
+  `password` text CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
+  `regTime` int(11) NOT NULL,
+  PRIMARY KEY (`ID`)
+) ENGINE=MyISAM AUTO_INCREMENT=9 DEFAULT CHARSET=utf8;
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..7e71809
--- /dev/null
+++ b/index.php
@@ -0,0 +1,402 @@
+<?php
+	include_once("connect.php");
+	
+	ob_start();
+
+	@session_start();
+	
+?>
+	<style>
+		body {
+		}
+	</style>
+<?php
+
+	if (!isset($_SESSION['active'])) {
+		$_SESSION['active'] = true;
+		$_SESSION['loggedIn'] = false;
+		$_SESSION['userID'] = 0;
+	}
+	
+	if (!isset($_GET['site'])) {
+		header("LOCATION: ?site=home");
+		exit();
+	}
+	
+	switch($_GET['site']) {
+	case "home":
+		if ($_SESSION['loggedIn']) {
+?>
+	<a href="?site=conversations">Eine Liste der Konversationen</a>
+<?php
+		} else {
+?>
+	<a href="?site=login">Login</a><br />
+	<a href="?site=register">Noch keinen Account?</a>
+<?php
+		}
+		break;
+	case "login":
+		if ($_SESSION['loggedIn']) {
+			header("LOCATION: ?site=home");
+			exit();
+		}
+		if (isset($_GET['sent'])) {
+			if (!isset($_POST['username']) || empty($_POST['username'])) {
+				header("LOCATION: ?site=login&error=username");
+				exit();
+			}
+			if (!isset($_POST['password']) || empty($_POST['password'])) {
+				header("LOCATION: ?site=login&error=password");
+				exit();
+			}
+			
+			$sql = "SELECT `ID` FROM `users` WHERE `username`='" . mysql_real_escape_string(htmlspecialchars($_POST['username'])) . "' AND `password`='" . hash("sha256", $_POST['password']) . "'";
+			$result = mysql_query($sql);
+			if (!mysql_num_rows($result)) {
+				header("LOCATION: ?site=login&error=wrong");
+				exit();
+			}
+			
+			$_SESSION['loggedIn'] = true;
+			$row = mysql_fetch_object($result);
+			$_SESSION['userID'] = $row->ID;
+			
+			header("LOCATION: ?site=home");
+			exit();
+		}
+		if (isset($_GET['error']))
+			echo "<div class='error'>Error Typ: " . htmlspecialchars($_GET['error']) . "</div>";
+?>
+	<form action="?site=login&sent" method="POST">
+		<input type="text" name="username"><br />
+		<input type="password" name="password"><br />
+		<input type="submit">
+	</form>
+<?php
+		break;
+	case "register":
+		if ($_SESSION['loggedIn']) {
+			header("LOCATION: ?site=home");
+			exit();
+		}
+		if (isset($_GET['sent'])) {
+			if (!isset($_POST['username']) || empty($_POST['username'])) {
+				header("LOCATION: ?site=register&error=username");
+				exit();
+			}
+			if (!isset($_POST['password']) || empty($_POST['password'])) {
+				header("LOCATION: ?site=register&error=password");
+				exit();
+			}
+			
+			$sql = "SELECT `ID` FROM `users` WHERE `username`='" . mysql_real_escape_string(htmlspecialchars($_POST['username'])) . "'";
+			$result = mysql_query($sql);
+			if (mysql_num_rows($result)) {
+				header("LOCATION: ?site=register&error=existing");
+				exit();
+			}
+			$sql = "INSERT INTO `users` (`username`, `password`, `regTime`) VALUES ('" . mysql_real_escape_string(htmlspecialchars($_POST['username'])) . "', '" . hash("sha256", $_POST['password']) . "', " . time() . ")";
+			$result = mysql_query($sql);
+			$_SESSION['loggedIn'] = true;
+			$sql = "SELECT `ID` FROM `users` WHERE `username`='" . mysql_real_escape_string(htmlspecialchars($_POST['username'])) . "'";
+			$result = mysql_query($sql);
+			$row = mysql_fetch_object($result);
+			
+			$_SESSION['userID'] = $row->ID;
+			//echo mysql_error();
+			header("LOCATION: ?site=home");
+			exit();
+		}
+		if (isset($_GET['error']))
+			echo "<div class='error'>Error Typ: " . htmlspecialchars($_GET['error']) . "</div>";
+?>
+	<form action="?site=register&sent" method="POST">
+		<input type="text" name="username"><br />
+		<input type="password" name="password"><br />
+		<input type="submit"><br />
+	</form>
+<?php
+		break;
+	case "chat":
+		if (!$_SESSION['loggedIn']) {
+			header("LOCATION: ?site=login");
+			exit();
+		}
+		if (!isset($_GET['id'])) {
+			header("LOCATION: ?site=conversations");
+			exit();
+		}
+		
+		$sql = "SELECT 
+				`c`.`ID` AS `id`,
+				`c`.`name` AS `name`,
+				`c`.`initTime` AS `initTime`,
+				`p`.`joinTime` AS `joinTime`,
+				`iu`.`ID` AS `iuID`,
+				`iu`.`username` AS `initUser` 
+			FROM `participants` AS `p` 
+			INNER JOIN `conversations` AS `c` ON `p`.`conversationFK`=`c`.`ID` 
+			INNER JOIN `users` AS `iu` ON `c`.`initUserFK`=`iu`.`ID` 
+			WHERE `p`.`userFK`=" . $_SESSION['userID'] . " AND `c`.`ID`=" . intval($_GET['id']);
+		$result = mysql_query($sql);
+		if (!mysql_num_rows($result)) {
+			echo "Du bist bei dem Chat nicht dabei... : / ";
+			exit();
+		}
+		
+		$row = mysql_fetch_object($result);
+		
+		if (intval($_SESSION['userID']) == $row->iuID) {
+?>
+<div style="height: 20px; width: 100%;">
+	Uh, du bist der Initiator? Cool... : )
+	<input type="text" id="username">
+	<button onclick="addUser()">Benutzer hinzuf&uuml;gen</button>
+</div>
+<?php
+		}
+?>
+<div style="display: none">
+	<style>
+		.sender {
+			text-decoration: underline;
+			font-weight: bold;
+		}
+	</style>
+	<script>
+		var ret = function(v) {
+			return v;
+		}
+		//var http;
+		var reqGet = function(file, pars, bg, after) {
+			var http = new XMLHttpRequest();
+			http.open("GET", "ajax/" + file + ".php?" + pars, bg);
+			if (bg) {
+				http.onreadystatechange = function() {
+					if (http.readyState == 4) {
+						after(http.responseText);
+					}
+				};
+			}
+			http.send(null);
+			if (!bg) 
+				return after(http.responseText);
+		}
+		var reqPost = function(file, get, pars, bg, after) {
+			var http = new XMLHttpRequest();
+			http.open("POST", file + ".php?" + get, bg);
+			http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+			http.setRequestHeader("Content-length", pars.length);
+			http.setRequestHeader("Connection", "close")
+			if (bg) {
+				http.onreadystatechange = function() {
+					if (http.readyState == 4) {
+						after(http.responseText);
+					}
+				};
+			}
+			http.send(pars);
+			if (!bg) 
+				return after(http.responseText);
+		}
+		var addUser = function() {
+			try {
+				//http.abort();
+			} catch(e) {
+				
+			}
+			var username = document.getElementById("username").value;
+			reqPost("ajax", "addUser", "chat=<?php echo $row->id; ?>&username=" + encodeURIComponent(username), true, message);
+			document.getElementById("username").value = "";
+			//startLoader();
+		}
+		var lastId = 0;
+		var lastPa = 0;
+		var startLoader = function() {
+			reqPost("ajax", "load", "chat=<?php echo $row->id; ?>&mid=" + lastId + "&pid=" + lastPa, true, load);
+		}
+		var load = function(result) {
+			console.log(result);
+			if (!result.length)
+				return;
+			result = JSON.parse(result);
+			if (result.nic) {
+				window.location = "kicked.html";
+				return;
+			}
+			if (result.lastId)
+				lastId = result.lastId;
+			if (result.lastPa)
+				lastPa = result.lastPa;
+			if (result.messages) {
+				var chat = document.getElementById("chat");
+				var chattext = "";
+				for (var i = 0; i < result.messages.length; i++) {
+					chattext += "<tr>";
+					chattext += '<td class="sender">';
+				//	chattext += '<a href="?site=users&id=' + result.messages[i].userid + '">';
+					chattext += result.messages[i].username;
+				//	chattext += '</a>';
+					chattext += "</td>";
+					chattext += "<td>";
+					chattext += result.messages[i].text;
+					chattext += "</td>";
+					chattext += "</tr>";
+				}
+				chat.innerHTML += chattext;
+			}
+			if (result.users) {
+				var users = document.getElementById("users");
+				users.innerHTML = "";
+				var userstext = "";
+				for (var i = 0; i < result.users.length; i++) {
+					userstext += "<tr>";
+					userstext += "<td>";
+					//userstext += '<a href="?site=users&id=' + result.users[i].userid + '">';
+					if (result.users[i].userid != <?php echo $_SESSION['userID'];?>) {
+					<?php
+					if (intval($_SESSION['userID']) == $row->iuID)
+						echo "userstext += '<a href=\"javascript:remove(' + result.users[i].userid + ');\">';\n";
+					echo "userstext += result.users[i].username;\n";
+					if (intval($_SESSION['userID']) == $row->iuID)
+						echo "userstext += '</a>';\n";
+					?>
+					} else {
+						userstext += result.users[i].username;
+					}
+					userstext += "</td>";
+					userstext += "</tr>";
+				}
+				users.innerHTML = userstext;
+			}
+			scrollDown();
+			startLoader();
+		}
+		var remove = function(id) {
+			reqPost("ajax", "removeUser", "chat=<?php echo $row->id; ?>&id=" + id, true, resetLastPa);
+		}
+		var resetLastPa = function(msg) {
+			lastPa = 0;
+		}
+		var send = function() {
+			try {
+				//http.abort();
+			} catch(e) {
+				
+			}
+			var text = document.getElementById("chatInput").value;
+			document.getElementById("chatInput").value = "";
+			reqPost("ajax", "send", "text=" + encodeURIComponent(text) + "&chat=<?php echo $row->id; ?>", true, function (v) { console.dir(v); } );
+			//startLoader();
+		}
+		var message = function(result) {
+			console.log(result);
+			result = JSON.parse(result);
+			console.dir(result);
+		}
+		var scrollDown = function() {
+			var obj = document.getElementById("chatcontainer");
+			obj.scrollTop = obj.scrollHeight;
+		}
+		window.onunload = function() {
+			document.getElementById("chat").innerHTML = "";
+			//http.abort();
+		}
+		startLoader();
+	</script>
+</div>
+<div style="height: 85%; width: 100%">
+	<div id="chatcontainer" style="float: left; height: 100%; width: 75%; overflow-y: scroll; overflow-x: hidden">
+		<table id="chat">
+		</table>
+	</div>
+	<div style="float: right; height: 100%; width: 25%; overflow-y: scroll; overflow-x: hidden">
+		<table id="users">
+		</table>
+	</div>
+</div>
+<div style="margin: 0px; padding: 0px; height: 5%; width: 100%; position: absolute; left: 0px; bottom: 0px;">
+	<form>
+		<input type="text" id="chatInput" style="margin: 0px; padding-left: 10px; width: 89%">
+		<input type="submit" style="width: 10%" onclick="send(); return false;">
+	</form>
+</div>
+<?php
+		
+		break;
+	case "conversations":
+		if (!$_SESSION['loggedIn']) {
+			header("LOCATION: ?site=home");
+			exit();
+		}
+		
+		if (isset($_GET['new'])) {
+			if (!isset($_POST['name']) || empty($_POST['name'])) {
+				header("LOCATION: ?site=conversations&error=name");
+				exit();
+			}
+			
+			$sql = "INSERT INTO `conversations` (`name`, `initUserFK`, `initTime`) VALUES ('" .  mysql_real_escape_string(htmlspecialchars($_POST['name'])) . "', " . $_SESSION['userID'] . ", " . time() . ")";
+			$result = mysql_query($sql);
+			
+			$sql = "SELECT `ID` FROM `conversations` WHERE `name`='" . mysql_real_escape_string(htmlspecialchars($_POST['name'])) . "'";
+			$result = mysql_query($sql);
+			$row = mysql_fetch_object($result);
+			
+			$sql = "INSERT INTO `participants` (`conversationFK`, `userFK`, `joinTime`) VALUES (" . $row->ID . ", " . $_SESSION['userID'] . ", " . time() . ")";
+			$result = mysql_query($sql);
+			
+			header("LOCATION: ?site=conversations");
+			exit();
+		}
+		
+		$sql = "SELECT 
+				`c`.`ID` AS `id`,
+				`c`.`name` AS `name`,
+				`c`.`initTime` AS `initTime`,
+				`p`.`joinTime` AS `joinTime`,
+				`iu`.`ID` AS `iuID`,
+				`iu`.`username` AS `initUser` 
+			FROM `participants` AS `p` 
+			INNER JOIN `conversations` AS `c` ON `p`.`conversationFK`=`c`.`ID` 
+			INNER JOIN `users` AS `iu` ON `c`.`initUserFK`=`iu`.`ID` 
+			WHERE `p`.`userFK`=" . $_SESSION['userID'];
+			
+		$result = mysql_query($sql);
+		
+		if (!mysql_num_rows($result)) {
+			echo "Keine Konversationen... : (<br />";
+		}
+		if (isset($_GET['error']))
+			echo "<div class='error'>Error Typ: " . htmlspecialchars($_GET['error']) . "</div>";
+?>
+	<table>
+<?php
+		while ($row = mysql_fetch_object($result)) {
+?>
+	<tr>
+		<td colspan="2"><a href="?site=chat&id=<?php echo $row->id; ?>"><?php echo $row->name; ?></td>
+	</tr>
+	<tr>
+		<td>von <a href="?site=users&id=<?php echo $row->iuID; ?>"><?php echo $row->initUser; ?></a></td>
+		<td>um <?php echo $row->initTime; ?></td>
+	</tr>
+	<tr>
+		<td>dabei seit <?php echo $row->joinTime; ?></td>
+	</tr>
+<?php
+		}
+?>
+	</table>
+	<div>
+		Neue Konversation:<br />
+		<form action="?site=conversations&new" method="POST">
+			<input type="text" name="name"><br />
+			<input type="submit">
+		</form>
+	</div>
+<?php
+		break;
+	}
+?>
diff --git a/kicked.html b/kicked.html
new file mode 100644
index 0000000..e3ae89d
--- /dev/null
+++ b/kicked.html
@@ -0,0 +1,2 @@
+Du wurdest gekickt!<br />
+<a href="./">Zur&uuml;ck</a>
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..acaaa5e
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,4 @@
+<?php
+	session_start();
+	$_SESSION = array();
+?>
\ No newline at end of file