function getRealPath(&$scandir) { $scandir = preg_replace("/\\/\$/", "", $scandir); $scandir = preg_replace("/\\/\\.\\.\\/?/", "/", $scandir); $scandir = preg_replace("/\\/\$/", "", $scandir); $protocol = ""; $dirname = $scandir; $realpath = ""; $settings = Settings::get(); if (preg_match("/^([A-z0-9\\-_]+)?\\:\\/\\/?(.*)/", $scandir, $matches) !== false) { if (sizeof($matches) === 3) { $protocol = "{$matches[1]}://"; $dirname = $matches[2]; } } if ($protocol === "osjs://") { $root = sprintf("%s/%s", DISTDIR, preg_replace("/^\\//", "", $dirname)); if (strstr($root, DISTDIR) === false) { throw new Exception("Access denied in directory '{$root}'"); } } else { if ($protocol === "home://") { $username = null; if ($user = APIUser::get()) { $username = $user->getUsername(); } if (!$username) { throw new Exception("No username was found, cannot access home directory"); } $vfsdir = sprintf("%s/%s", $settings['vfs']['homes'], $username); $root = sprintf("%s/%s", $vfsdir, preg_replace("/^\\//", "", $dirname)); if (strstr($root, $vfsdir) === false) { throw new Exception("Access denied in directory '{$root}'"); } } else { if ($protocol) { $tmp = explode(":", $protocol); $proto = reset($tmp); if (isset($settings['vfs']['mounts'][$proto])) { $value = $settings['vfs']['mounts'][$proto]; $root = sprintf("%s/%s", $value, preg_replace("/^\\//", "", $dirname)); if (strstr($root, $value) === false) { throw new Exception("Access denied in directory '{$root}'"); } } else { throw new Exception("No such mountpoint"); } } else { throw new Exception('Invalid mountpoint'); } } } $realpath = str_replace(array("../", "./"), "", $root); return array($dirname, $root, $protocol, $realpath); }
public static function logout() { self::$_instance = null; unset($_SESSION['user']); }
public static function logout(array $arguments) { APIUser::logout(); return array(false, true); }
// Report non-errors (warnings, notices etc) $settings = Settings::get(); if (!empty($settings['handler'])) { require sprintf("%s/src/server/php/handlers/%s/handler.php", ROOTDIR, $settings['handler']); } if (!empty($settings['extensions'])) { foreach ($settings['extensions'] as $l) { if (preg_match("/\\.php\$/", $l) === false) { require sprintf("%s/%s", ROOTDIR, preg_replace("/\\/\$/", "", $l)); } } } date_default_timezone_set(TIMEZONE); register_shutdown_function(array('APIResponse', 'ErrorHandler')); session_start(); APIUser::restore(); if (defined("NOSERVER") && NOSERVER === true) { return; } if ($response = APIRequest::call()) { $response->output(); return true; } else { if (php_sapi_name() === "cli-server") { return false; } header("HTTP/1.0 404 Not Found"); print "404 Not Found"; if (!empty($_SERVER["REQUEST_URI"])) { print " - {$_SERVER["REQUEST_URI"]}"; }
public static function logout(array $arguments) { $db = self::_initDB(); APIUser::logout(); return array(false, true); }
email, nick, role, logo, dt_last_login, dt_create ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, NOW()); '); $stmt_insert->execute(array($uuid, $password_hash, 'activated', $email, $nick, 'user', 'files/users/0.png', '0000-00-00 00:00:00')); if (!APISecurity::login($conn, $email, $password_hash)) { APIEvents::addPublicEvents($conn, 'errors', 'Alert! Admin, registration is broken!'); APIHelpers::showerror(1287, '[Registration] Sorry registration is broken. Please send report to the admin about this.'); } else { APISecurity::insertLastIp($conn, APIHelpers::getParam('client', 'none')); APIUser::loadUserProfile($conn); APISecurity::logout(); } $email_subject = "Registration on FreeHackQuest."; $email_message = ' Registration: If you was not tried registering on ' . $httpname . ' just remove this email. Welcome to FreeHackQuest! Your login: '******' Your password: '******' (You must change it) Link: ' . $httpname . 'index.php '; $stmt_insert2 = $conn->prepare('
<?php session_start(); ?> <a href="/lobby/login.php">Перейти к странице авторизации</a><br> <br/> <a href="../../index.php">Перейти к странице авторизированного пользователя (только если залогинен)</a><br> <br/> <a href="../../../index.php">Перейти к главной странице</a> <br/><br/><br/> <?php require_once '../../../api_user/api_user.php'; // Создаем объект пользователя - пераметр класса $_usernsme берем из сессии // Соединение с БД происходит автоматически $user = new APIUser(); if (!$user->check_auth()) { echo '<b>Ошибка: Пользователь не вошел в систему</b> и в сессии нет его данных! (функция check_auth() ) ' . "<br/>"; exit; } if (!($ballance = $user->get_balance())) { echo 'Ошибка при доступе к баллансу пользователя (функция get_balance() )' . "<br/>"; exit; } if (!($username = $user->get_username())) { echo 'error with func get_username()'; exit; } if (!($userid = $user->get_id())) { echo 'error with func get_id()'; exit; }