// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // require_once "../ipplanlib.php"; require_once "../adodb/adodb.inc.php"; require_once "../class.dbflib.php"; require_once "../auth.php"; require_once "../class.templib.php"; $auth = new BasicAuthenticator(ADMINREALM, REALMERROR); $auth->addUser(ADMINUSER, ADMINPASSWD); // And now perform the authentication $auth->authenticate(); // save the last customer used // must set path else Netscape gets confused! setcookie("ipplanCustomer", "{$cust}", time() + 10000000, "/"); // basic sequence is connect, search, interpret search // result, close connection // explicitly cast variables as security measure against SQL injection list($cust) = myRegister("I:cust"); $ds = new IPplanDbf() or die(my_("Could not connect to database")); // force file download due to bad mime type header("Content-Type: bad/type"); header("Content-Disposition: attachment; filename=base.txt"); header("Pragma: no-cache");
public static function handleRequest() { if (isset($_REQUEST['alias'])) { $alias = $_REQUEST['alias']; self::processAlias($alias); return; } if (!isset($_REQUEST['action'])) { CSRFProtection::generateNewCsrfToken(); BasicAuthenticator::Authenticate(); self::homePage(); return; } if ('get_redirect_rules' == $_REQUEST['action']) { BasicAuthenticator::Authenticate(); $redirect_rules = Rules::GetRedirectRules(); echo json_encode($redirect_rules); return; } if ('update_redirect_rules' == $_REQUEST['action']) { BasicAuthenticator::Authenticate(); if (CSRFProtection::validateRequestParam('csrf_token')) { Rules::updateRedirectRules($_REQUEST['data']); } $redirect_rules = Rules::GetRedirectRules(); echo json_encode($redirect_rules); return; } }