function getRealPath(&$scandir)
{
$scandir = preg_replace("/\\/\$/", "", $scandir);
$scandir = preg_replace("/\\/\\.\\.\\/?/", "/", $scandir);
$scandir = preg_replace("/\\/\$/", "", $scandir);
$protocol = "";
$dirname = $scandir;
$realpath = "";
$settings = Settings::get();
if (preg_match("/^([A-z0-9\\-_]+)?\\:\\/\\/?(.*)/", $scandir, $matches) !== false) {
if (sizeof($matches) === 3) {
$protocol = "{$matches[1]}://";
$dirname = $matches[2];
}
}
if ($protocol === "osjs://") {
$root = sprintf("%s/%s", DISTDIR, preg_replace("/^\\//", "", $dirname));
if (strstr($root, DISTDIR) === false) {
throw new Exception("Access denied in directory '{$root}'");
}
} else {
if ($protocol === "home://") {
$username = null;
if ($user = APIUser::get()) {
$username = $user->getUsername();
}
if (!$username) {
throw new Exception("No username was found, cannot access home directory");
}
$vfsdir = sprintf("%s/%s", $settings['vfs']['homes'], $username);
$root = sprintf("%s/%s", $vfsdir, preg_replace("/^\\//", "", $dirname));
if (strstr($root, $vfsdir) === false) {
throw new Exception("Access denied in directory '{$root}'");
}
} else {
if ($protocol) {
$tmp = explode(":", $protocol);
$proto = reset($tmp);
if (isset($settings['vfs']['mounts'][$proto])) {
$value = $settings['vfs']['mounts'][$proto];
$root = sprintf("%s/%s", $value, preg_replace("/^\\//", "", $dirname));
if (strstr($root, $value) === false) {
throw new Exception("Access denied in directory '{$root}'");
}
} else {
throw new Exception("No such mountpoint");
}
} else {
throw new Exception('Invalid mountpoint');
}
}
}
$realpath = str_replace(array("../", "./"), "", $root);
return array($dirname, $root, $protocol, $realpath);
}
public static function logout()
{
self::$_instance = null;
unset($_SESSION['user']);
}
public static function logout(array $arguments)
{
APIUser::logout();
return array(false, true);
}
// Report non-errors (warnings, notices etc)
$settings = Settings::get();
if (!empty($settings['handler'])) {
require sprintf("%s/src/server/php/handlers/%s/handler.php", ROOTDIR, $settings['handler']);
}
if (!empty($settings['extensions'])) {
foreach ($settings['extensions'] as $l) {
if (preg_match("/\\.php\$/", $l) === false) {
require sprintf("%s/%s", ROOTDIR, preg_replace("/\\/\$/", "", $l));
}
}
}
date_default_timezone_set(TIMEZONE);
register_shutdown_function(array('APIResponse', 'ErrorHandler'));
session_start();
APIUser::restore();
if (defined("NOSERVER") && NOSERVER === true) {
return;
}
if ($response = APIRequest::call()) {
$response->output();
return true;
} else {
if (php_sapi_name() === "cli-server") {
return false;
}
header("HTTP/1.0 404 Not Found");
print "404 Not Found";
if (!empty($_SERVER["REQUEST_URI"])) {
print " - {$_SERVER["REQUEST_URI"]}";
}
public static function logout(array $arguments)
{
$db = self::_initDB();
APIUser::logout();
return array(false, true);
}
email,
nick,
role,
logo,
dt_last_login,
dt_create
)
VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, NOW());
');
$stmt_insert->execute(array($uuid, $password_hash, 'activated', $email, $nick, 'user', 'files/users/0.png', '0000-00-00 00:00:00'));
if (!APISecurity::login($conn, $email, $password_hash)) {
APIEvents::addPublicEvents($conn, 'errors', 'Alert! Admin, registration is broken!');
APIHelpers::showerror(1287, '[Registration] Sorry registration is broken. Please send report to the admin about this.');
} else {
APISecurity::insertLastIp($conn, APIHelpers::getParam('client', 'none'));
APIUser::loadUserProfile($conn);
APISecurity::logout();
}
$email_subject = "Registration on FreeHackQuest.";
$email_message = '
Registration:
If you was not tried registering on ' . $httpname . ' just remove this email.
Welcome to FreeHackQuest!
Your login: '******'
Your password: '******' (You must change it)
Link: ' . $httpname . 'index.php
';
$stmt_insert2 = $conn->prepare('
<?php
session_start();
?>
<a href="/lobby/login.php">Перейти к странице авторизации</a><br>
<br/>
<a href="../../index.php">Перейти к странице авторизированного пользователя (только если залогинен)</a><br>
<br/>
<a href="../../../index.php">Перейти к главной странице</a>
<br/><br/><br/>
<?php
require_once '../../../api_user/api_user.php';
// Создаем объект пользователя - пераметр класса $_usernsme берем из сессии
// Соединение с БД происходит автоматически
$user = new APIUser();
if (!$user->check_auth()) {
echo '<b>Ошибка: Пользователь не вошел в систему</b> и в сессии нет его данных! (функция check_auth() ) ' . "<br/>";
exit;
}
if (!($ballance = $user->get_balance())) {
echo 'Ошибка при доступе к баллансу пользователя (функция get_balance() )' . "<br/>";
exit;
}
if (!($username = $user->get_username())) {
echo 'error with func get_username()';
exit;
}
if (!($userid = $user->get_id())) {
echo 'error with func get_id()';
exit;
}
