function make_connect_link($label_admin = ' ', $label_logout = ' ', $label_login = '******')
{
if (is_admin_connected()) {
if (!empty($_SESSION['login']) && $label_admin == ' ') {
$label_admin = $_SESSION['login'];
}
if (function_exists('returntoken')) {
$token = returnToken();
} else {
$token = '';
}
echo '<a id="admin_button" class="btn green" href="index.php?p=admin&token=' . $token . '" title="' . e('Admin', false) . '">' . $label_admin . '</a>';
echo '<a id="logout_button" class="btn red" href="index.php?deconnexion" title="' . e('Logout', false) . '">' . $label_logout . '</a>';
} else {
echo '<a id="login_button" class="btn" href="index.php?p=login" title="' . e('Connection', false) . '">' . $label_login . '</a>';
}
}
</div>
<?php
}
?>
<div id="connect">
<?php
if (empty($_GET['f'])) {
/* you can add labels if you want like make_connect_link('Admin','Logout','Connection') */
make_connect_link();
}
?>
</div>
<?php
if (!is_admin_connected() || !empty($_GET['f'])) {
?>
<a id="logo" href="index.php">BoZoN</a>
<h2 class="slogan"><?php
e('Drag, drop, share.');
?>
</h2>
<?php
} else {
include 'core/auto_dropzone.php';
}
?>
</header>
?>
<input type='password' class="npt" name='confirm' id='confirm' onKeyup="check();" required="required" placeholder="<?php
e('Repeat password');
?>
"/>
<?php
}
?>
<?php
if (is_admin_connected()) {
newToken();
}
?>
<div>
<?php
if ($f && !$n && !is_admin_connected()) {
echo '<input id="cookie" type="checkbox" value="cookie" name="cookie"/><label for="cookie">' . e('Stay connected', false) . '</label>';
}
?>
<input type='submit' class="btn" value='Ok'/>
</div>
</form>
</div>
<script>
p=document.getElementById('pass');
c=document.getElementById('confirm');
function check(){
if (p.value!=c.value){c.style.backgroundColor='#F50';}
else{c.style.backgroundColor='#5F5';p.style.backgroundColor='#5F5'}
}
</script>
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . filesize($f));
readfile($f);
exit;
}
# share request
if (!empty($_GET['f'])) {
require 'core/share.php';
exit;
}
# Try to login or logout ? => auto_restrict
if (!empty($_POST['pass']) && !empty($_POST['login']) || isset($_GET['logout']) || isset($_GET['deconnexion'])) {
require 'core/auto_restrict.php';
exit;
}
if (is_admin_connected()) {
# if admin is connected, use auto_restrict
require_once 'core/auto_restrict.php';
$token = returnToken();
# refresh list files ajax request
if (isset($_GET['refresh'])) {
include 'core/listfiles.php';
exit;
}
if (empty($_GET['p']) && !empty($_GET) || count($_GET) > 2 || !empty($_POST)) {
include 'core/GET_POST_admin_data.php';
}
if (!empty($_FILES)) {
include 'core/auto_dropzone.php';
exit;
}
<?php
/**
* BoZoN GET/POST page:
* handles the GET & POST data
* @author: Bronco (bronco@warriordudimanche.net)
**/
# avoid user control: only admin
if (!function_exists('newToken') || !is_admin_connected()) {
exit;
}
######################################################################
# $_GET DATA
######################################################################
# unzip: convert zip file to folder
if (!empty($_GET['unzip']) && trim($_GET['unzip']) !== false) {
$id = $_GET['unzip'];
$path = id2file($id);
unzip($path, dirname($path));
header('location:index.php?p=admin&token=' . returnToken());
exit;
}
# renew file id
if (!empty($_GET['renew']) && trim($_GET['renew']) !== false && is_owner($_GET['renew'])) {
$old_id = $_GET['renew'];
$path = id2file($old_id);
unset($ids[$old_id]);
addID($path, $ids);
header('location:index.php?p=admin&token=' . returnToken());
exit;
}