$main = new Main(); $_REQUEST = $main->clean_array($_REQUEST); $userid = 0; $role = 0; //}}} //{{{Login if (isset($_REQUEST['user']) and isset($_REQUEST['passwd'])) { $user = ""; if ($_REQUEST['user'] != "") { $user = $_REQUEST['user']; } $passwd = ""; if ($_REQUEST['passwd'] != "") { $passwd = $_REQUEST['passwd']; } $userdata = $main->login($user, $passwd, false); if ($userdata->rows != 0) { $userid = $userdata->records[0]['id']; $role = $userdata->records[0]['role']; } } //}}} //{{{ Print content $nr = "10"; if (isset($_REQUEST['nr'])) { $nr = $_REQUEST['nr']; } $tnews = $main->getnewsrss($role, 0, $nr); $news = $main->rss_array($tnews->records); $tzdate = preg_replace("#([-+])([0-9])([0-9])([0-9])([0-9])#", "\$1\$2\$3:\$4\$5", strftime("%z", $news['0']['date'])); $date = strftime("%Y-%m-%dT%T", $news['0']['date']) . $tzdate;
if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) { $main = new Main(); $main->register($email, $pass, $level); } else { json_return(400, "Invalid Email", NULL); } } } elseif ($task == "login") { $email = trim($_POST['email']); $pass = trim($_POST['pass']); if (strlen($email) == 0 || strlen($pass) == 0) { json_return(400, "Invalid Data", NULL); } else { if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) { $main = new Main(); $main->login($email, $pass); } else { json_return(400, "Invalid Email", NULL); } } } elseif ($task == "getTimes") { $headers = apache_request_headers(); if (isset($headers['Authorization'])) { $auth_array = split(":", $headers['Authorization']); if (trim($auth_array[0]) == session_id() && trim($auth_array[1]) == $_SESSION['api_key']) { $main = new Main(); $main->getTimes(); } else { json_return(401, "Unauthorized Request", NULL); } } else {
if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $_SERVER['HTTP_X_FORWARDED_FOR'] = ""; } if (!isset($_SERVER['HTTP_ACCEPT_CHARSET'])) { $_SERVER['HTTP_ACCEPT_CHARSET'] = ""; } $user = ""; if ($_REQUEST['user'] != "") { $user = $_REQUEST['user']; } $passwd = ""; if ($_REQUEST['passwd'] != "") { $passwd = $_REQUEST['passwd']; } $passwd = md5($passwd); $userdata = $main->login($user, $passwd, true); if (isset($userdata->rows) and $userdata->rows == 1) { $userid = $userdata->records[0]['id']; $role = $userdata->records[0]['role']; $_SESSION['name'] = $userdata->records[0]['name']; $_SESSION['nr'] = $userdata->records[0]['nr']; $_SESSION['userid'] = $userid; $_SESSION['role'] = $role; $_SESSION['user'] = $userdata->records[0]['user']; $_SESSION['passwd'] = $passwd; $_SESSION['email'] = $userdata->records[0]['email']; $_SESSION['theme'] = $userdata->records[0]['theme']; //$_SESSION['img']=$userdata->records[0]['img']; //$_SESSION['data']=$userdata->records[0]['data']; $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['agent'] = "{$_SERVER['HTTP_USER_AGENT']}{$_SERVER['HTTP_X_FORWARDED_FOR']}{$_SERVER['HTTP_ACCEPT_LANGUAGE']}{$_SERVER['HTTP_ACCEPT_CHARSET']}";