diff options
| author | RaindropsSys <raindrops@equestria.dev> | 2023-11-17 23:25:29 +0100 |
|---|---|---|
| committer | RaindropsSys <raindrops@equestria.dev> | 2023-11-17 23:25:29 +0100 |
| commit | 953ddd82e48dd206cef5ac94456549aed13b3ad5 (patch) | |
| tree | 8f003106ee2e7f422e5a22d2ee04d0db302e66c0 /pages/api | |
| parent | 62a9199846b0c07c03218703b33e8385764f42d9 (diff) | |
| download | pluralconnect-953ddd82e48dd206cef5ac94456549aed13b3ad5.tar.gz pluralconnect-953ddd82e48dd206cef5ac94456549aed13b3ad5.tar.bz2 pluralconnect-953ddd82e48dd206cef5ac94456549aed13b3ad5.zip | |
Updated 30 files and deleted 2976 files (automated)
Diffstat (limited to 'pages/api')
| -rw-r--r-- | pages/api/disconnect.php | 12 | ||||
| -rw-r--r-- | pages/api/pluralkit-integration.php | 10 | ||||
| -rw-r--r-- | pages/api/save-private.php | 35 | ||||
| -rw-r--r-- | pages/api/save.php | 37 | ||||
| -rw-r--r-- | pages/api/timeline.php | 2 |
5 files changed, 14 insertions, 82 deletions
diff --git a/pages/api/disconnect.php b/pages/api/disconnect.php index c4cf0bd..ffd3f40 100644 --- a/pages/api/disconnect.php +++ b/pages/api/disconnect.php @@ -13,13 +13,21 @@ $list = array_filter([...scandir($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens") $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true); - return isset($session["last"]) && isset($session["profile"]) && ($session["profile"]["id"] ?? "") === ($_PROFILE["id"] ?? ""); + return isset($session["id"]) && $session["id"] === ($_PROFILE["id"] ?? ""); }); +var_dump($list); + foreach ($list as $token) { $session = file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token) ? json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token), true) : json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/lowertokens/" . $token), true); - if (isset($_GET["id"]) && sha1($token) . md5($token) === $_GET["id"]) { + var_dump(bin2hex(substr($token, 0, 50)), trim($_GET["id"])); + + if (bin2hex(substr($token, 0, 50)) === trim($_GET["id"])) { + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token)) { + unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/sessions/" . $token); + } + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token)) { unlink($_SERVER['DOCUMENT_ROOT'] . "/includes/tokens/" . $token); } else { diff --git a/pages/api/pluralkit-integration.php b/pages/api/pluralkit-integration.php index 69d99b1..7d7c641 100644 --- a/pages/api/pluralkit-integration.php +++ b/pages/api/pluralkit-integration.php @@ -8,12 +8,6 @@ $inputJSON = file_get_contents('php://input'); $input = json_decode($inputJSON, true); $data = $GLOBALS["ColdHazeApp"]["webhook"]; -if (isset($GLOBALS["ColdHazeApp"]["ponytown"][$user])) { - $ponytown = $GLOBALS["ColdHazeApp"]["ponytown"][$user]; -} else { - header("HTTP/1.1 404 Not Found") and die(); -} - if ($user === null) { header("HTTP/1.1 500 Internal Server Error") and die(); } @@ -32,6 +26,9 @@ if ($input['system_id'] === "7d9f543e-f742-40f6-9d07-86c3f2983124") { } elseif ($input['system_id'] === "ade46823-206b-4b0c-ad3c-caae934a5f3b") { $system = "ynmuc"; $name = "Cloudburst System"; +} elseif ($input['system_id'] === "d1cd97eb-9c92-4e42-94cd-4397a5074ff9") { + $system = "hrbom"; + $name = "Moonglow"; } elseif (isset($app["other"]) && $input["system_id"] === $app["other"]["uuid"]) { $system = $app["other"]["id"]; $name = $app["other"]["name"]; @@ -48,7 +45,6 @@ if ($input["type"] === "CREATE_MEMBER" || $input["type"] === "UPDATE_MEMBER" || createJob("UpdateAssets", [ "type" => "members" ]); - createJob("UpdateLogo", []); } if ($input["type"] === "UPDATE_SYSTEM") { diff --git a/pages/api/save-private.php b/pages/api/save-private.php deleted file mode 100644 index 6843e2a..0000000 --- a/pages/api/save-private.php +++ /dev/null @@ -1,35 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; -if (!$isLoggedIn) header("Location: /-/login") and die(); - -$request_raw = file_get_contents('php://input'); -$json_object = json_decode($request_raw, true); - -$system = $_GET['system'] ?? null; -$member = $_GET['member'] ?? null; -$content = $json_object['content'] ?? null; - -if (!isset($system) || trim($system) === "" || strlen($system) !== 5 || !preg_match("/[a-z]/i", $system)) - peh_error("System not found", 404); - -if (!isset($member) || trim($member) === "" || strlen($member) !== 5 || !preg_match("/[a-z]/i", $member)) - if ($member !== null && $member !== "null") peh_error("System member not found", 404); - -if (!isset($content)) - peh_error("No content", 400); - -if ($member !== null && $member !== "null") { - $file = $_SERVER['DOCUMENT_ROOT'] . "/includes/data/content/" . $member . "-private.html"; -} else { - $file = $_SERVER['DOCUMENT_ROOT'] . "/includes/data/content/" . $system . ".html"; -} - -if (trim($content) === "") { - if (file_exists($file)) { - unlink($file); - } - die(); -} - -file_put_contents($file, $content);
\ No newline at end of file diff --git a/pages/api/save.php b/pages/api/save.php deleted file mode 100644 index abb477d..0000000 --- a/pages/api/save.php +++ /dev/null @@ -1,37 +0,0 @@ -<?php - -require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $isLoggedIn; global $isLowerLoggedIn; global $app; -if (!$isLoggedIn && !$isLowerLoggedIn) header("Location: /-/login") and die(); - -$request_raw = file_get_contents('php://input'); -$json_object = json_decode($request_raw, true); - -$system = $_GET['system'] ?? null; -$member = $_GET['member'] ?? null; -$content = $json_object['content'] ?? null; - -if (!isset($system) || trim($system) === "" || strlen($system) !== 5 || !preg_match("/[a-z]/i", $system)) - peh_error("System not found", 404); - -if (!isset($member) || trim($member) === "" || strlen($member) !== 5 || !preg_match("/[a-z]/i", $member)) - if ($member !== null && $member !== "null") peh_error("System member not found", 404); - -if ($isLowerLoggedIn && $system !== $app["other"]["id"]) die(); - -if (!isset($content)) - peh_error("No content", 400); - -if ($member !== null && $member !== "null") { - $file = $_SERVER['DOCUMENT_ROOT'] . "/includes/data/content/" . $member . ".html"; -} else { - $file = $_SERVER['DOCUMENT_ROOT'] . "/includes/data/" . $system . "/content.html"; -} - -if (trim($content) === "") { - if (file_exists($file)) { - unlink($file); - } - die(); -} - -file_put_contents($file, $content);
\ No newline at end of file diff --git a/pages/api/timeline.php b/pages/api/timeline.php index 392d5de..ccd19f9 100644 --- a/pages/api/timeline.php +++ b/pages/api/timeline.php @@ -5,7 +5,7 @@ require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/util/session.inc"; global $i $systems = array_filter(array_keys($_GET), function ($i) { global $isLowerLoggedIn; global $isLoggedIn; global $app; - return $i === "gdapd" || $i === "ynmuc" || (($isLowerLoggedIn || $isLoggedIn) && $i === $app["other"]["id"]); + return $i === "gdapd" || $i === "ynmuc" || $i === "hrbom" || (($isLowerLoggedIn || $isLoggedIn) && $i === $app["other"]["id"]); }); require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/components/timeline.inc"; |