Hiding onyx2 directory
This commit is contained in:
Némunaire
parent
872acdbc01
commit
c1aeb11c6d
149 changed files with 1 additions and 1 deletions
210
htdocs/ajax.php
Normal file
210
htdocs/ajax.php
Normal file
|
|
@ -0,0 +1,210 @@
|
|||
<?php
|
||||
//Définition de la constante anti-hacking
|
||||
define("INDEX", 1);
|
||||
|
||||
ob_start();
|
||||
|
||||
//Inclusion de l'API Onyx
|
||||
require_once(trim(file_get_contents('./.onyx')));
|
||||
require_once(ONYX.'include/functions.php');
|
||||
$SESS = new Session();
|
||||
//sleep(1);
|
||||
$json = array("ping" => time(), "statut" => !empty($SESS->values["connecte"]));
|
||||
|
||||
if ($json["statut"])
|
||||
$json["username"] = $SESS->values["username"];
|
||||
|
||||
//Création du fichier XML
|
||||
$xml = new DOMDocument('1.0', 'UTF-8');
|
||||
$xml->formatOutput = true;
|
||||
$xml_root = $xml->createElement("root");
|
||||
|
||||
$demande = gpc('d');
|
||||
$value = intval(gpc('i'));
|
||||
if ($demande == "connecte")
|
||||
{
|
||||
$nom = strtolower(gpc("name", "post"));
|
||||
$mdp = hash("sha512", $nom.'♂♫↨'.gpc("mdp", "post"));
|
||||
|
||||
$bdd = new BDD();
|
||||
$bdd->escape($nom);
|
||||
$bdd->query("UPDATE users SET last_ip = '".$_SERVER["REMOTE_ADDR"]."', last_visite = ".time()." WHERE pseudo = '$nom' AND password = '$mdp';");
|
||||
$affected = $bdd->affected();
|
||||
if ($affected)
|
||||
$user = $bdd->unique_query("SELECT * FROM users WHERE pseudo = '$nom' AND password = '$mdp';");
|
||||
$bdd->deconnexion();
|
||||
|
||||
if ($affected != 0)
|
||||
{
|
||||
$json["statut"] = 1;
|
||||
$SESS->values["connecte"] = true;
|
||||
$SESS->values["username"] = $nom;
|
||||
$SESS->values["id_user"] = $user["id"];
|
||||
$SESS->put();
|
||||
}
|
||||
else
|
||||
{
|
||||
$json["statut"] = 0;
|
||||
$SESS->values["connecte"] = false;
|
||||
$SESS->values["username"] = "";
|
||||
$SESS->values["id_user"] = 0;
|
||||
$SESS->put();
|
||||
}
|
||||
}
|
||||
elseif ($demande == "logout")
|
||||
{
|
||||
$SESS->values["connecte"] = false;
|
||||
$SESS->values["username"] = "";
|
||||
$SESS->close();
|
||||
}
|
||||
elseif ($demande == "accueil")
|
||||
{
|
||||
$dir = opendir(APPSDIR);
|
||||
while (($app = readdir($dir)) !== false)
|
||||
{
|
||||
if (is_dir(APPSDIR.$app) && is_file(APPSDIR.$app.'/property.xml'))
|
||||
{
|
||||
$applicationXML = new DOMDocument();
|
||||
$applicationXML->load(APPSDIR.$app.'/property.xml');
|
||||
|
||||
if ($applicationXML->documentElement->getAttribute('active') && $applicationXML->getElementsByTagName('application'))
|
||||
{
|
||||
//Vérification de sécurités
|
||||
if (!acces_application($app, $applicationXML))
|
||||
continue;
|
||||
|
||||
$xml_appli = $xml->createElement("application");
|
||||
$xml_appli->appendChild($xml->createElement("dir", $app));
|
||||
foreach($applicationXML->getElementsByTagName('property') as $property)
|
||||
{
|
||||
$xml_appli->appendChild($xml->createElement($property->getAttribute('value'), $property->textContent));
|
||||
}
|
||||
$xml_root->appendChild($xml_appli);
|
||||
}
|
||||
}
|
||||
}
|
||||
closedir($dir);
|
||||
}
|
||||
elseif ($demande == "property" && $app = gpc('a'))
|
||||
{
|
||||
if (empty($app) || ereg('/', $app) || !is_file(APPSDIR.$app.'/property.xml'))
|
||||
send404($xml_root);
|
||||
else
|
||||
{
|
||||
$appXML = new DOMDocument();
|
||||
$appXML->load(APPSDIR.$app.'/property.xml');
|
||||
|
||||
if ($appXML->documentElement->getAttribute('active') && $appXML->getElementsByTagName('application'))
|
||||
{
|
||||
//Vérification de sécurités
|
||||
if (!acces_application($app, $appXML))
|
||||
continue;
|
||||
|
||||
$xml_appli = $xml->createElement("property");
|
||||
foreach($appXML->getElementsByTagName('property') as $property)
|
||||
{
|
||||
$xml_appli->appendChild($xml->createElement($property->getAttribute('value'), $property->textContent));
|
||||
}
|
||||
$xml_appli->appendChild($xml->createElement("dir", $app));
|
||||
$xml_root->appendChild($xml_appli);
|
||||
}
|
||||
}
|
||||
}
|
||||
elseif ($demande == "display" && $app = gpc('a'))
|
||||
{
|
||||
if (empty($app) || ereg('/', $app) || !is_file(APPSDIR.$app.'/property.xml'))
|
||||
send404($xml_root);
|
||||
else
|
||||
{
|
||||
$appXML = new DOMDocument();
|
||||
$appXML->load(APPSDIR.$app.'/property.xml');
|
||||
|
||||
if ($appXML->documentElement->getAttribute('active') && $appXML->getElementsByTagName('application'))
|
||||
{
|
||||
//Vérification de sécurités
|
||||
if (!acces_application($app, $appXML))
|
||||
continue;
|
||||
|
||||
require(APPSDIR.$app.'/main.php');
|
||||
|
||||
$xml_root->appendChild($xml->createElement("dir", $app));
|
||||
|
||||
$xml_appli = $xml->createElement("display");
|
||||
foreach($appXML->getElementsByTagName('display') as $contenu)
|
||||
{
|
||||
if ($contenu->getAttribute('value') == "css")
|
||||
{
|
||||
$xml_css = $xml->createElement($contenu->getAttribute('value'), $contenu->textContent);
|
||||
if ($contenu->getAttribute('media'))
|
||||
$xml_css->setAttribute("media", $contenu->getAttribute('media'));
|
||||
$xml_appli->appendChild($xml_css);
|
||||
}
|
||||
else
|
||||
$xml_appli->appendChild($xml->createElement($contenu->getAttribute('value'), $contenu->textContent));
|
||||
}
|
||||
$xml_root->appendChild($xml_appli);
|
||||
|
||||
$xml_appli = $xml->createElement("property");
|
||||
foreach($appXML->getElementsByTagName('property') as $property)
|
||||
{
|
||||
$xml_appli->appendChild($xml->createElement($property->getAttribute('value'), $property->textContent));
|
||||
}
|
||||
|
||||
if ($appXML->getElementsByTagName('menu'))
|
||||
{
|
||||
$menu = array();
|
||||
foreach($appXML->getElementsByTagName('menu') as $item)
|
||||
$menu[] = array("text" => $item->getAttribute('text'), "eventClick" => $item->getAttribute('eventClick'));
|
||||
|
||||
$xml_appli->appendChild($xml->createElement("menu", json_encode($menu)));
|
||||
}
|
||||
$xml_root->appendChild($xml_appli);
|
||||
}
|
||||
}
|
||||
}
|
||||
elseif ($demande == "action" && $app = gpc('a'))
|
||||
{
|
||||
if (empty($app) || ereg('/', $app) || !is_file(APPSDIR.$app.'/property.xml'))
|
||||
send404($xml_root);
|
||||
else
|
||||
{
|
||||
$appXML = new DOMDocument();
|
||||
$appXML->load(APPSDIR.$app.'/property.xml');
|
||||
|
||||
if ($appXML->documentElement->getAttribute('active') && $appXML->getElementsByTagName('application'))
|
||||
require(APPSDIR.$app.'/main.php');
|
||||
}
|
||||
}
|
||||
elseif ($demande == "page" && $page = gpc('p'))
|
||||
{
|
||||
if (empty($page) || ereg('/', $page) || !is_file(PAGESDIR.$page.'.xml'))
|
||||
send404($xml_root);
|
||||
else
|
||||
{
|
||||
$pageXML = new DOMDocument();
|
||||
$pageXML->load(PAGESDIR.$page.'.xml');
|
||||
|
||||
if ($pageXML->documentElement->getAttribute('active') && $pageXML->getElementsByTagName('page'))
|
||||
{
|
||||
//Vérification de sécurité
|
||||
if (!acces_application($page, $pageXML))
|
||||
send403($xml_root);
|
||||
else
|
||||
{
|
||||
foreach($pageXML->getElementsByTagName('display') as $contenu)
|
||||
{
|
||||
$xml_root->appendChild($xml->createElement($contenu->getAttribute('value'), $contenu->textContent));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
header("X-JSON: ".json_encode($json));
|
||||
$sortie = ob_get_contents();
|
||||
ob_end_clean();
|
||||
if (!empty($sortie))
|
||||
$xml_root->appendChild($xml->createElement("sortie", $sortie));
|
||||
$xml->appendChild($xml_root);
|
||||
print $xml->saveXML();
|
||||
?>
|
||||
Reference in a new issue