1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/session.locked.php"; global $_PROFILE;
if (!isset($_GET['u'])) header("HTTP/1.1 500 Internal Server Error") and die();
if (!isset($_GET['p'])) header("HTTP/1.1 500 Internal Server Error") and die();
if (!isset($_GET['s'])) header("HTTP/1.1 500 Internal Server Error") and die();
$user = preg_replace("/\.+/mi", ".", preg_replace("/[^a-z\d]+/mi", ".", substr(str_replace("\"", "''", strip_tags($_GET['u'])), 0, 30)));
if ($user === ".") header("HTTP/1.1 500 Internal Server Error") and die("Permission denied");
if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/" . $user) || $user === "system" || $user === "users.json" || str_contains($user, "multisocial")) header("HTTP/1.1 500 Internal Server Error") and die("No such user");
$posts = array_filter(scandir($_SERVER['DOCUMENT_ROOT'] . "/data/" . $user . "/posts"), function ($item) {
return str_ends_with($item, ".json");
});
if (!in_array($_GET['p'] . ".json", $posts)) header("HTTP/1.1 500 Internal Server Error") and die("No such post");
if (!is_numeric($_GET['s'])) header("HTTP/1.1 500 Internal Server Error") and die("Invalid status");
$status = (bool)$_GET['s'];
$post = $_GET['p'];
if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/" . $_PROFILE['mmsp_username'] . "/settings/favorites.json")) file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/" . $_PROFILE['mmsp_username'] . "/settings/favorites.json", "[]");
$favorites = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/" . $_PROFILE['mmsp_username'] . "/settings/favorites.json"), true);
if ($status) {
if (!in_array($user . "/" . $post, $favorites)) {
$favorites[] = $user . "/" . $post;
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/" . $_PROFILE['mmsp_username'] . "/settings/favorites.json", json_encode($favorites));
}
} else {
if (in_array($user . "/" . $post, $favorites)) {
unset($favorites[array_search($user . "/" . $post, $favorites)]);
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/" . $_PROFILE['mmsp_username'] . "/settings/favorites.json", json_encode($favorites));
}
}
die("1");
|
