/**
* GxMain Admin Function.
* This will load the backend controller. Secured, so to access it must be
* logged in with a current privilege. Default privilege is 2.
*
* @author Puguh Wijayanto (www.metalgenix.com)
* @since 0.0.1
*/
public function admin()
{
Session::start();
User::secure();
System::gZip();
if (User::access(2)) {
Control::handler('backend');
} else {
Theme::admin('header');
Control::error('noaccess');
Theme::admin('footer');
}
System::Zipped();
}
* @license http://www.opensource.org/licenses/mit-license.php MIT
*
*/
define('GX_PATH', realpath(__DIR__ . '/../'));
define('GX_LIB', GX_PATH . '/inc/lib/');
define('GX_MOD', GX_PATH . '/inc/mod/');
define('GX_THEME', GX_PATH . '/inc/themes/');
define('GX_ASSET', GX_PATH . '/assets/');
require "../autoload.php";
try {
new System();
} catch (Exception $e) {
echo $e->getMessage();
}
Session::start();
User::secure();
if (User::access(2)) {
// A list of permitted file extensions
$allowed = array('png', 'jpg', 'jpeg', 'gif');
if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) {
$extension = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
if (!in_array(strtolower($extension), $allowed)) {
echo '{"status":"error"}';
exit;
}
if (move_uploaded_file($_FILES['file']['tmp_name'], GX_PATH . '/assets/images/uploads/' . $_FILES['file']['name'])) {
$tmp = GX_PATH . '/assets/images/uploads/' . $_FILES['file']['name'];
echo Site::$url . '/assets/images/uploads/' . $_FILES['file']['name'];
//echo '{"status":"success"}';
exit;
}
/** Main Call Function **/
function callHook()
{
if (isset($_GET['url'])) {
$url = $_GET['url'];
} else {
$url = "index";
}
// Create the model factory
$query = new SQLQuery();
$query->connect('localhost', 'root', '', 'boxarcade');
//$modelFactory = new ModelFactory($query);
$settings = new Settings();
$login_check = 99;
User::sec_session_start();
User::Init();
if (User::login_check(Query::$mysqli) == true) {
$xuserid = intval($_SESSION['user_id']);
$sql = Query::query("SELECT * FROM Players WHERE PlayerID={$xuserid}");
$get_user_info = $sql->fetch_assoc();
$user = array('usrLang' => $get_user_info['Language'], 'username' => $get_user_info['Username'], 'id' => intval($_SESSION['user_id']), 'points' => $get_user_info['Points'], 'login_status' => 1, 'messages' => $get_user_info['Messages'], 'seo_url' => $get_user_info['Username']);
$user['ip'] = User::secure($_SERVER['REMOTE_ADDR']);
// If not avatar, try to get one from fb or set a default
if ($get_user_info['AvatarType'] == '') {
$user['avatar'] = 'uploads/avatars/default.png';
} else {
$user['avatar'] = 'uploads/avatars/' . $get_user_info['PlayerID'] . $get_user_info['AvatarType'];
}
$user['url'] = '/boxarcade/profile/' . $get_user_info['Username'];
$user['message_url'] = 'messages';
$user['admin'] = $get_user_info['Admin'];
$login_check = 1;
// Update the user IP if this is a new session
if (!isset($_COOKIE['ava_iptrack'])) {
Query::query("UPDATE Players SET LastIP = '{$user['ip']}' WHERE PlayerID = {$user['id']}") or die(mysql_error());
setcookie("iptrack", '1');
}
} else {
$user['login_status'] = 0;
$user['admin'] = 0;
}
// Prep the controller name and the query string
$urlArray = explode("/", $url);
$controller = ucwords($urlArray[0]);
array_shift($urlArray);
$queryString = array_merge($urlArray, $_POST, $_GET);
// Call the header controller
$h = new Header($modelFactory, [], true);
call_user_func_array(array($h, 'main'), [$login_check, $user]);
// Call the page controller
$dispatch = new $controller($modelFactory, $queryString, false);
call_user_func_array(array($dispatch, 'main'), [$user]);
// If an action was sent, call the appropriate function in the controller
if (isset($queryString['action']) && !empty($queryString['action'])) {
if (is_string($queryString['action'])) {
$method = $queryString['action'];
} else {
if (is_array($queryString['action'])) {
list($a_key, $a_val) = each($_POST['action']);
$method = 'btn' . ucwords($a_key) . '_Clicked';
}
}
if (method_exists($dispatch, $method) && is_callable(array($dispatch, $method))) {
call_user_func_array(array($dispatch, $method), []);
} else {
header("HTTP/1.0 404 Not Found");
}
}
// Call the footer controller
$f = new Footer($modelFactory, [], true);
call_user_func_array(array($f, 'main'), []);
}
