aboutsummaryrefslogtreecommitdiff
path: root/Neutron-trunk/api/admin/create_page.php
blob: f7d67e77a5dbd679952c73077addd8a139231ccf (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

<?php require_once "../../resources/private/relative.php"; getRelativeDetails("api"); ?>
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . "/api/lang/processor.php";

if (isset($_COOKIE['_NEUTRON_ADMIN_TOKEN']) && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != ".." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "/") {
    if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $_COOKIE['_NEUTRON_ADMIN_TOKEN'])) {

    } else {
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang['api']['token']);
        if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) {
            file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
        } else {
            file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
        }
    }
} else {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang['api']['token']);
    if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) {
        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
    } else {
        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
    }
}

if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) {
    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - API/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
} else {
    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - API/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
}

if (isset($_POST['type'])) {} else {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnotype"]);
}

if (isset($_POST['title'])) {} else {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnotitle"]);
}

if (isset($_POST['content'])) {} else {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnocontent"]);
}

$title = $_POST['title'];
$title = str_replace('>', '&gt;', $title);
$title = str_replace('<', '&lt;', $title);
if (substr($title, 0, 1) == " " || substr($title, 0, 1) == "-" || substr($title, 0, 1) == " " || substr($title, 0, 1) == "_" || substr($title, 0, 1) == "@" || substr($title, 0, 1) == "|" || substr($title, 0, 1) == "'" || substr($title, 0, 1) == "\"" || substr($title, 0, 1) == "~" || substr($title, 0, 1) == "&" || substr($title, 0, 1) == "=") {
    $prefixed = true;
} else {
    $prefixed = false;
}
$type = $_POST['type'];
$content = $_POST['content'];

$slug = preg_replace("/[^0-9a-zA-Z ]/m", "", $title );
$slug = str_replace(" ", "-", $slug);
$slug = strtolower($slug);

if ($prefixed) {
    $slug = "-" . $slug;
}

if (trim($title) == "") {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgtitleempty"]);
}

if ($slug == "api" || $slug == "cms-special" || $slug == "galery" || $slug == "cms-unrelated" || $slug == "vendor" || $slug == "data" || $slug == "resources" || $slug == "widgets" || $slug == "-htaccess" || $slug == "index" || $slug == "index-php") {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnameinternal"]);
}

if (strlen($slug) > 70) {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnamelong"]);
}

if ($type != "0" && $type != "1") {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgtypenone"]);
}

if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/pages/" . $slug)) {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["pgnameexists"]);
}

file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/pages/" . $slug, $content);
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/pagetypes/" . $slug, $type);
mkdir($_SERVER['DOCUMENT_ROOT'] . "/" . $slug);
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/" . $slug . "/index.php", '<?php require_once "../resources/private/relative.php"; getRelativeDetails("' . $slug . '"); ?><?php require_once $_SERVER[\'DOCUMENT_ROOT\'] . "/api/engine-cyclic/render.php"; render(\'' . $slug . '\'); ?>');
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/" . $slug . "/pagename", $title);
require_once $_SERVER['DOCUMENT_ROOT'] . "/api/admin/cache_pages_update.php";
require $_SERVER['DOCUMENT_ROOT'] . "/api/admin/cache_content_reset.php";
require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit("ok");
© Floofi Systems, Some rights reserved. Powered by cgit.