break;
default:
$method = 'nw';
break;
}
$url = str_replace(array('rss.pml.php'), array('rss.php'), $url) . '?f=' . urlencode($file_id) . '&l=' . urlencode(isset($_GET['l']) ? $_GET['l'] : $lang) . '&tz=' . urlencode($tz) . '&format=' . urlencode($format) . '&count=' . (isset($files[$file_id]['max']) ? urlencode($files[$file_id]['max']) : urlencode(LOGS_MAX)) . '&timeout=' . urlencode(MAX_SEARCH_LOG_TIME) . '&search=' . urlencode(@$_POST['search']);
$current_user = Sentinel::attempt($files);
// We authenticate the url if a user is logged in
// -> if log is anonymous, the request will be authenticated and if an admin remove
// the anonymous log, this user will always be able to get it
// -> if the log file is protected, this user will be able to get ot according to its rights
if (!is_null($current_user)) {
$username = Sentinel::getCurrentUsername();
$user = Sentinel::getUser($username);
$token = $user['at'];
$hash = Sentinel::sign(array('f' => $_POST['file']), $username);
$url = $url . '&t=' . urlencode($token) . '&h=' . urlencode($hash);
}
$u = parse_url($url);
$ip = $u['host'];
if (filter_var($ip, FILTER_VALIDATE_IP)) {
$return['war'] = !is_not_local_ip($ip);
} else {
if ($ip === 'localhost') {
$return['war'] = true;
} else {
$return['war'] = false;
}
}
$return['url'] = $url;
$return['met'] = $method;
