function get_parser()
{
$conf = configurations();
if (!$_GET) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listprojects');
}
if (isset($_GET['mod'])) {
if (is_array(myfilter($_GET['mod'], 'mod'))) {
trigger_error('potential attack using mod');
return deconnect();
} else {
$mod = $_GET['mod'];
}
} else {
$mod = null;
}
switch ($_GET['action']) {
case 'adduser':
if (admin(true)) {
if ($_POST['usr_email'] && $_POST['username']) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'adduser', add_user(myfilter($_POST['usr_email'], 'email'), myfilter($_POST['username'], 'user'), myfilter($_POST['lvl'], 'lvl')));
}
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'adduser');
}
break;
case 'listusers':
if (admin(true)) {
$list_users = list_users(array(null));
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listusers', $list_users);
}
break;
case 'deco':
return deconnect();
break;
case 'modpass':
if ($_POST['oldpass'] && $_POST['password1'] && $_POST['password2']) {
$pass = array(myfilter($_POST['oldpass'], 'password'), myfilter($_POST['password1'], 'password'), myfilter($_POST['password2'], 'password'));
if (is_string($pass[0]) && is_string($pass[1]) && is_string($pass[2])) {
$change = change_password($_SESSION['db_data']['_id'], $pass);
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'changepass', $change);
}
}
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'changepass', null);
break;
case 'resetpass':
if (isset($_GET['user_id']) && isset($_GET['resetcode']) && !is_array($_GET['user_id']) && !is_array($_GET['resetcode'])) {
return reset_password($_GET['user_id'], $_GET['resetcode']);
} elseif (isset($_GET['user_id']) && !is_array($_GET['user_id']) && admin(true)) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', reset_password($_GET['user_id']));
}
break;
case 'edituser':
if (isset($_GET['user_id'])) {
if (user(true) && $_GET['user_id'] == $_SESSION['db_data']['_id']) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', change_user_data($_SESSION['db_data']));
}
if (admin(true) && !is_array($_GET['user_id'])) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_user', change_user_data(check_user(array('_id' => new MongoID(myfilter($_GET['user_id'], '_id'))))));
}
}
break;
case 'changemail':
if (isset($_GET['user_id']) && isset($_GET['code'])) {
$db = check_user(array('_id' => new MongoID(myfilter($_GET['user_id'], '_id'))));
if ($db['mail_change_id'] == $_GET['code']) {
return change_email_user(array('email' => $db['new_mail'], 'new_mail' => null, 'mail_change_id' => null), myfilter($_GET['user_id'], '_id'), 'postmail');
}
}
break;
case 'deluser':
if (admin(true) && !is_array($_GET['user_id'])) {
return delete_user(myfilter($_GET['user_id'], '_id'));
}
break;
case 'addproject':
if (admin(true)) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'add_project', addproject());
}
break;
case 'project':
if (isset($_GET['project_id'])) {
if (!is_array(myfilter($_GET['project_id'], '_id'))) {
$_SESSION['currentprojet'] = myfilter($_GET['project_id'], '_id');
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'project', check_projects_mod($mod));
}
}
break;
case 'getfile':
if (isset($_GET['file']) && isset($_GET['key']) && isset($_GET['id']) && isset($_GET['os']) && isset($_GET['arch'])) {
if (!is_array(myfilter($_GET['file'], 'sha1')) && !is_array(myfilter($_GET['key'], 'timestamp')) && !is_array(myfilter($_GET['id'], '_id')) && !is_array($_GET['os']) && !is_array($_GET['arch'])) {
return down_file(myfilter($_GET['file'], 'sha1'), myfilter($_GET['key'], 'timestamp'), base64_decode(urldecode($_GET['os'])), base64_decode(urldecode($_GET['arch'])), myfilter($_GET['id'], '_id'));
}
}
break;
case 'addfile':
if (admin(true) && isset($_GET['id'])) {
if (!is_array(myfilter($_GET['id'], '_id'))) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'add_file', addfile(myfilter($_GET['id'], '_id')));
}
}
break;
case 'deletefile':
if (admin(true) && isset($_GET['id']) && isset($_GET['key'])) {
if (!is_array(myfilter($_GET['id'], '_id')) && !is_array(myfilter($_GET['key'], 'timestamp'))) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'project', delete_file(myfilter($_GET['id'], '_id'), myfilter($_GET['key'], 'timestamp')));
}
}
break;
case 'usersetting':
if (isset($_GET['user_id'])) {
if (user(true) && $_GET['user_id'] == $_SESSION['db_data']['_id']) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'setting', change_user_setting($_SESSION['db_data']['_id']));
}
}
break;
case 'bug':
if (isset($_GET['id'])) {
if (!is_array(myfilter($_GET['id'], '_id'))) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'bug', check_bug($mod));
}
}
break;
case 'submitbug':
if (isset($_GET['id'])) {
if (user(true) && in_array($_GET['id'], $_SESSION['db_data']['projects'])) {
$_SESSION['idbug'] = $_GET['id'];
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'submitbug', add_bug($_POST, $_GET['id']));
}
if (admin(true) || vip(true)) {
if (!is_array(myfilter($_GET['id'], '_id'))) {
$_SESSION['idbug'] = $_GET['id'];
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'submitbug', add_bug($_POST, $_GET['id']));
}
}
}
break;
case 'listprojects':
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'listprojects', $mod);
break;
case 'editbug':
if (strlen($_POST['status']) && isset($_GET['id']) && admin(true)) {
if (!is_array($_POST['status']) && !is_array(myfilter($_GET['id'], '_id'))) {
if (in_array($_POST['status'], $conf['bugs']['Open']) || in_array($_POST['status'], $conf['bugs']['Closed'])) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'bug', edit_bug($_POST['status']));
}
}
}
break;
case 'resetpassmail':
if (strlen($_POST['usr_email'])) {
return echo_front_page(reset_password_mail(myfilter($_POST['usr_email'], 'email')));
}
break;
case 'editproject':
if (isset($_GET['id']) && admin(true)) {
if (!is_array(myfilter($_GET['id'], '_id'))) {
return user_page_display($_SESSION['db_data']['user'], $_SESSION['db_data']['lvl'], 'edit_project', edit_project($_POST));
}
}
break;
}
return echo_front_page();
}
function html5_user_listprojects($lang, $mod = null)
{
global $text_cont;
trigger_error($mod);
if (is_string($mod)) {
$cb = 'html5_' . $mod;
$mod = $cb($lang);
}
$list = list_projects();
$count = 0;
$html_var = '<div id="message">' . $mod . '</div><div id="project_list">';
if (isset($list)) {
foreach ($list as $key => $value) {
if (in_array($key, $_SESSION['db_data']['projects']) || admin(true) || vip(true)) {
$html_var .= '<div class="project"><a href="?action=project&project_id=' . $key . '">' . html($value['name']) . '</a></div>';
$count++;
}
}
}
if (!$count) {
$html_var .= '<div class="project">' . $text_cont[53][$lang] . '</div>';
}
$html_var .= '</div>';
return $html_var;
}
