Updated 14 files and added 6 files (automated)

author: RaindropsSys <contact@minteck.org> 2023-05-13 19:25:44 +0200
committer: RaindropsSys <contact@minteck.org> 2023-05-13 19:25:44 +0200
commit: 21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1 (patch)
tree: 8bdad11e806ad4ac6c68902eaf72913a4554e484 /pages/api
parent: f80190dddaa72d9f8863b0b922e557668b6cba27 (diff)
download: pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.tar.gz
pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.tar.bz2
pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.zip
6 files changed, 83 insertions, 2 deletions
diff --git a/pages/api/browser.php b/pages/api/browser.php
new file mode 100644
index 0000000..657b2a7
--- /dev/null
+++ b/pages/api/browser.php
@@ -0,0 +1,4 @@
+<?php
+
+header("Content-Type: application/json");
+die(json_encode(get_browser(), JSON_PRETTY_PRINT));
+\ No newline at end of file
diff --git a/pages/api/computer.php b/pages/api/computer.php
index a9b87ae..f5117f9 100644
--- a/pages/api/computer.php
+++ b/pages/api/computer.php
@@ -6,7 +6,11 @@ if (isset($_GET["chrome"])) {
 }
 
 require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $_PROFILE;
-if (!$isLoggedIn) header("Location: /-/login") and die();
+
+if (!$isLoggedIn || !isset($_PROFILE) || !isset($_PROFILE["login"])) {
+    header("Location: /-/login");
+    die();
+}
 
 $request_raw = file_get_contents('php://input');
 $json_object = json_decode($request_raw, true);
diff --git a/pages/api/disconnect.php b/pages/api/disconnect.php
new file mode 100644
index 0000000..13363e6
--- /dev/null
+++ b/pages/api/disconnect.php
@@ -0,0 +1,26 @@
+<?php
+
+require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc";
+require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $_PROFILE;
+if (!$isLoggedIn && !$isLowerLoggedIn) {
+    header("Location: /-/login");
+    die();
+}
+
+$list = array_filter([...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens"), ...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens")], function ($token) use ($_PROFILE) {
+    $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true);
+
+    return $token !== "." && $token !== ".." && isset($session["last"]) && isset($session["profile"]) && $session["profile"]["id"] === $_PROFILE["id"];
+});
+
+foreach ($list as $token) {
+    $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true);
+
+    if (isset($_GET["id"]) && sha1($token) . md5($token) === $_GET["id"]) {
+        if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token)) {
+            unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token);
+        } else {
+            unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token);
+        }
+    }
+}
+\ No newline at end of file
diff --git a/pages/api/reauthenticate.php b/pages/api/reauthenticate.php
index 50657cc..e726e8e 100644
--- a/pages/api/reauthenticate.php
+++ b/pages/api/reauthenticate.php
@@ -13,7 +13,13 @@ if (!$isLoggedIn || $isLowerLoggedIn) {
 $newToken = generateToken();
 
 if (isset($_COOKIE['PEH2_SESSION_TOKEN'])) {
-    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $newToken, file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $_COOKIE['PEH2_SESSION_TOKEN']));
+    $old = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $_COOKIE['PEH2_SESSION_TOKEN']), true);
+    $old["name"] = base64_decode($_GET["name"] ?? "LQo=");
+    $old["created"] = time();
+    $old["addresses"] = [];
+    $old["last"] = time();
+
+    file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $newToken, json_encode($old));
 }
 
 die($newToken);
 \ No newline at end of file
diff --git a/pages/api/rename.php b/pages/api/rename.php
new file mode 100644
index 0000000..d450557
--- /dev/null
+++ b/pages/api/rename.php
@@ -0,0 +1,17 @@
+<?php
+
+require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc";
+require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn;
+
+header("Content-Type: application/json");
+
+if (!$isLoggedIn || $isLowerLoggedIn) {
+    header("Location: /-/login");
+    die();
+}
+
+$data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN'])), true);
+
+$data["name"] = $_GET["name"] ?? $data["name"];
+
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN']), json_encode($data));
+\ No newline at end of file
diff --git a/pages/api/session.php b/pages/api/session.php
new file mode 100644
index 0000000..f91288e
--- /dev/null
+++ b/pages/api/session.php
@@ -0,0 +1,24 @@
+<?php
+
+require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/functions.inc";
+require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn;
+
+header("Content-Type: application/json");
+
+if (!$isLoggedIn || $isLowerLoggedIn) {
+    die(json_encode([
+        "name" => null,
+        "created" => null,
+        "last_seen" => null,
+        "seen_at" => null
+    ], JSON_PRETTY_PRINT));
+}
+
+$data = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . str_replace("/", "", $_COOKIE['PEH2_SESSION_TOKEN'])), true);
+
+die(json_encode([
+    "name" => $data["name"],
+    "created" => date('c', $data["created"]),
+    "last_seen" => date('c', $data["last"]),
+    "seen_at" => array_keys($data["addresses"])
+], JSON_PRETTY_PRINT));
+\ No newline at end of file
author	RaindropsSys <contact@minteck.org>	2023-05-13 19:25:44 +0200
committer	RaindropsSys <contact@minteck.org>	2023-05-13 19:25:44 +0200
commit	21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1 (patch)
tree	8bdad11e806ad4ac6c68902eaf72913a4554e484 /pages/api
parent	f80190dddaa72d9f8863b0b922e557668b6cba27 (diff)
download	pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.tar.gz pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.tar.bz2 pluralconnect-21ed7d0e837d74c1ebd8ada4396f96ce42c14fb1.zip