-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex.php
88 lines (75 loc) · 2.06 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
header("Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self'; form-action 'self'; connect-src 'self'");
require_once('php/settings.php');
if(strpos($_SERVER['REQUEST_URI'], basename(__FILE__)) !== false)
{
redirect(BASEDIR);
}
db_connect();
// Set up right management
if(isset($_SESSION['idhost']))
{
$result = $mysqli->query("SELECT `access_level` FROM `hosts` WHERE `idhost` = " . intval($_SESSION['idhost'])) or die('query failed');
if($result->num_rows == 0)
{
define('ACCESS', ACCESS_GUEST);
} else
{
$row = $result->fetch_assoc();
define('ACCESS', $row['access_level']);
}
$result->free();
} else
{
define('ACCESS', ACCESS_GUEST);
}
ob_start();
echo file_get_contents('php/head.htm');
if(isset($_GET['admin']))
{
require('php/admin.php');
} else if(isset($_GET['fileupload']))
{
require('php/file.php');
} else if(isset($_GET['login']))
{
require('php/login.php');
} else if(isset($_GET['getpack']))
{
require('php/file.php');
} else if(isset($_GET['getfile']))
{
require('php/file.php');
} else if(isset($_GET['getresults']))
{
require('php/file.php');
} else if(isset($_GET['getcompo']))
{
require('php/file.php');
} else if(isset($_GET['uploadping']))
{
require('php/file.php');
} else if(isset($_GET['stats']))
{
require('php/stats.php');
} else if(isset($_GET['search']))
{
require('php/search.php');
} else if(isset($_GET['compos']))
{
require('php/all-compos.php');
} else
{
require('php/upload.php');
}
echo file_get_contents('php/foot.htm');
$text = ob_get_clean();
header('Content-type: text/html; charset=utf-8');
@ob_start('ob_gzhandler');
require('php/navigation.php');
$text = str_replace('{{MANAGE}}', getNavigationBox(), $text);
$text = str_replace('{{BASE}}', htmlspecialchars(BASEDIR), $text);
$text = str_replace('{{BASE_ABS}}', htmlspecialchars(BASEDIR_ABSOLUTE), $text);
$text = str_replace('{{SERVER}}', htmlspecialchars(SERVER), $text);
echo $text;
db_disconnect();