예제 #1
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Db;
use NERDZ\Core\Messages;
$messages = new Messages();
if (!NERDZ\Core\Security::refererControl()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $messages->lang('ERROR') . ': referer'));
}
$hpid = isset($_POST['hpid']) && is_numeric($_POST['hpid']) ? $_POST['hpid'] : false;
if (!$hpid) {
    die(NERDZ\Core\Utils::jsonResponse('error', $messages->lang('ERROR')));
}
$prj = isset($prj);
switch (isset($_GET['action']) ? strtolower(trim($_GET['action'])) : '') {
    case 'open':
        die(NERDZ\Core\Utils::jsonDbResponse($messages->reOpen($hpid, $prj)));
    case 'close':
        die(NERDZ\Core\Utils::jsonDbResponse($messages->close($hpid, $prj)));
    default:
        die(NERDZ\Core\Utils::jsonResponse('error', $messages->lang('ERROR')));
}
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Project;
use NERDZ\Core\User;
use NERDZ\Core\Captcha;
use NERDZ\Core\Db;
$user = new User();
$project = new Project();
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('REGISTER')));
}
$id = $_POST['id'] = isset($_POST['id']) && is_numeric($_POST['id']) ? trim($_POST['id']) : false;
if ($_SESSION['id'] != $project->getOwner($id) || !NERDZ\Core\Security::refererControl()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
}
if (!NERDZ\Core\Security::csrfControl(isset($_POST['tok']) ? $_POST['tok'] : 0, 'edit')) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': token'));
}
switch (isset($_GET['action']) ? strtolower($_GET['action']) : '') {
    case 'del':
        $capt = new Captcha();
        if (!$capt->check(isset($_POST['captcha']) ? $_POST['captcha'] : '')) {
            die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': ' . $user->lang('CAPTCHA')));
        }
        if (Db::NO_ERRNO != Db::query(['DELETE FROM "groups" WHERE "counter" = :id', [':id' => $id]], Db::FETCH_ERRNO)) {
            die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
        }
        break;
    case 'update':