1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
<?php require_once "../../resources/private/relative.php"; getRelativeDetails("api"); ?>
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . "/api/lang/processor.php";
if (isset($_POST['password'])) {
if (isset($_POST['authkey'])) { // Use authentication key
if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/authkey")) {
if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/authkey")) == $_POST['password']) {
$token = str_ireplace("/", "-", password_hash(password_hash(rand(0, 999999) + rand(0, 999999) + rand(0, 999999) + rand(0, 999999) + rand(0, 999999), PASSWORD_BCRYPT, ['cost' => 12,]), PASSWORD_BCRYPT, ['cost' => 12,]));
if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/tokens")) {
mkdir($_SERVER['DOCUMENT_ROOT'] . "/data/tokens");
}
$tokens = scandir($_SERVER['DOCUMENT_ROOT'] . "/data/tokens");
foreach ($tokens as $deltoken) {
if ($deltoken == "." || $deltoken == "..") {} else {
unlink($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $deltoken);
}
}
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $token, "");
header("Set-Cookie: _NEUTRON_ADMIN_TOKEN={$token}; Path=/; Http-Only; SameSite=Strict");
require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit("ok");
return;
} else {
require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["keyinvalid"]);
}
} else {
require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["keynone"]);
}
} else { // Use regular password
if (password_verify($_POST['password'], file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/password"))) {
$token = str_ireplace("/", "-", password_hash(password_hash(rand(0, 999999) + rand(0, 999999) + rand(0, 999999) + rand(0, 999999) + rand(0, 999999), PASSWORD_BCRYPT, ['cost' => 12,]), PASSWORD_BCRYPT, ['cost' => 12,]));
if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/tokens")) {
mkdir($_SERVER['DOCUMENT_ROOT'] . "/data/tokens");
}
$tokens = scandir($_SERVER['DOCUMENT_ROOT'] . "/data/tokens");
foreach ($tokens as $atoken) {
if ($atoken == "." || $atoken == "..") {} else {
unlink($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $atoken);
}
}
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $token, "");
header("Set-Cookie: _NEUTRON_ADMIN_TOKEN={$token}; Path=/; Http-Only; SameSite=Strict");
require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit("ok");
return;
} else {
require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["lgpassinvalid"]);
}
}
} else {
require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["lgpassnone"]);
}
|
