1 files changed, 90 insertions, 0 deletions

diff --git a/Neutron-trunk/api/admin/create_page.php b/Neutron-trunk/api/admin/create_page.php
new file mode 100644
index 0000000..f7d67e7
--- /dev/null
+++ b/Neutron-trunk/api/admin/create_page.php
@@ -0,0 +1,90 @@
+<?php require_once "../../resources/private/relative.php"; getRelativeDetails("api"); ?>
+<?php
+
+require_once $_SERVER['DOCUMENT_ROOT'] . "/api/lang/processor.php";
+
+if (isset($_COOKIE['_NEUTRON_ADMIN_TOKEN']) && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != ".." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "/") {
+    if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $_COOKIE['_NEUTRON_ADMIN_TOKEN'])) {
+
+    } else {
+        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang['api']['token']);
+        if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) {
+            file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
+        } else {
+            file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
+        }
+    }
+} else {
+    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang['api']['token']);
+    if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) {
+        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
+    } else {
+        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
+    }
+}
+
+if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) {
+    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - API/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
+} else {
+    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - API/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
+}
+
+if (isset($_POST['type'])) {} else {
+    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnotype"]);
+}
+
+if (isset($_POST['title'])) {} else {
+    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnotitle"]);
+}
+
+if (isset($_POST['content'])) {} else {
+    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnocontent"]);
+}
+
+$title = $_POST['title'];
+$title = str_replace('>', '&gt;', $title);
+$title = str_replace('<', '&lt;', $title);
+if (substr($title, 0, 1) == " " || substr($title, 0, 1) == "-" || substr($title, 0, 1) == " " || substr($title, 0, 1) == "_" || substr($title, 0, 1) == "@" || substr($title, 0, 1) == "|" || substr($title, 0, 1) == "'" || substr($title, 0, 1) == "\"" || substr($title, 0, 1) == "~" || substr($title, 0, 1) == "&" || substr($title, 0, 1) == "=") {
+    $prefixed = true;
+} else {
+    $prefixed = false;
+}
+$type = $_POST['type'];
+$content = $_POST['content'];
+
+$slug = preg_replace("/[^0-9a-zA-Z ]/m", "", $title );
+$slug = str_replace(" ", "-", $slug);
+$slug = strtolower($slug);
+
+if ($prefixed) {
+    $slug = "-" . $slug;
+}
+
+if (trim($title) == "") {
+    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgtitleempty"]);
+}
+
+if ($slug == "api" || $slug == "cms-special" || $slug == "galery" || $slug == "cms-unrelated" || $slug == "vendor" || $slug == "data" || $slug == "resources" || $slug == "widgets" || $slug == "-htaccess" || $slug == "index" || $slug == "index-php") {
+    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnameinternal"]);
+}
+
+if (strlen($slug) > 70) {
+    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnamelong"]);
+}
+
+if ($type != "0" && $type != "1") {
+    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgtypenone"]);
+}
+
+if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/pages/" . $slug)) {
+    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnameexists"]);
+}
+
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/pages/" . $slug, $content);
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/pagetypes/" . $slug, $type);
+mkdir($_SERVER['DOCUMENT_ROOT'] . "/" . $slug);
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/" . $slug . "/index.php", '<?php require_once "../resources/private/relative.php"; getRelativeDetails("' . $slug . '"); ?><?php require_once $_SERVER[\'DOCUMENT_ROOT\'] . "/api/engine-cyclic/render.php"; render(\'' . $slug . '\'); ?>');
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/" . $slug . "/pagename", $title);
+require_once $_SERVER['DOCUMENT_ROOT'] . "/api/admin/cache_pages_update.php";
+require $_SERVER['DOCUMENT_ROOT'] . "/api/admin/cache_content_reset.php";
+require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit("ok");
\ No newline at end of file