/** * GxMain Admin Function. * This will load the backend controller. Secured, so to access it must be * logged in with a current privilege. Default privilege is 2. * * @author Puguh Wijayanto (www.metalgenix.com) * @since 0.0.1 */ public function admin() { Session::start(); User::secure(); System::gZip(); if (User::access(2)) { Control::handler('backend'); } else { Theme::admin('header'); Control::error('noaccess'); Theme::admin('footer'); } System::Zipped(); }
* @license http://www.opensource.org/licenses/mit-license.php MIT * */ define('GX_PATH', realpath(__DIR__ . '/../')); define('GX_LIB', GX_PATH . '/inc/lib/'); define('GX_MOD', GX_PATH . '/inc/mod/'); define('GX_THEME', GX_PATH . '/inc/themes/'); define('GX_ASSET', GX_PATH . '/assets/'); require "../autoload.php"; try { new System(); } catch (Exception $e) { echo $e->getMessage(); } Session::start(); User::secure(); if (User::access(2)) { // A list of permitted file extensions $allowed = array('png', 'jpg', 'jpeg', 'gif'); if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) { $extension = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION); if (!in_array(strtolower($extension), $allowed)) { echo '{"status":"error"}'; exit; } if (move_uploaded_file($_FILES['file']['tmp_name'], GX_PATH . '/assets/images/uploads/' . $_FILES['file']['name'])) { $tmp = GX_PATH . '/assets/images/uploads/' . $_FILES['file']['name']; echo Site::$url . '/assets/images/uploads/' . $_FILES['file']['name']; //echo '{"status":"success"}'; exit; }
/** Main Call Function **/ function callHook() { if (isset($_GET['url'])) { $url = $_GET['url']; } else { $url = "index"; } // Create the model factory $query = new SQLQuery(); $query->connect('localhost', 'root', '', 'boxarcade'); //$modelFactory = new ModelFactory($query); $settings = new Settings(); $login_check = 99; User::sec_session_start(); User::Init(); if (User::login_check(Query::$mysqli) == true) { $xuserid = intval($_SESSION['user_id']); $sql = Query::query("SELECT * FROM Players WHERE PlayerID={$xuserid}"); $get_user_info = $sql->fetch_assoc(); $user = array('usrLang' => $get_user_info['Language'], 'username' => $get_user_info['Username'], 'id' => intval($_SESSION['user_id']), 'points' => $get_user_info['Points'], 'login_status' => 1, 'messages' => $get_user_info['Messages'], 'seo_url' => $get_user_info['Username']); $user['ip'] = User::secure($_SERVER['REMOTE_ADDR']); // If not avatar, try to get one from fb or set a default if ($get_user_info['AvatarType'] == '') { $user['avatar'] = 'uploads/avatars/default.png'; } else { $user['avatar'] = 'uploads/avatars/' . $get_user_info['PlayerID'] . $get_user_info['AvatarType']; } $user['url'] = '/boxarcade/profile/' . $get_user_info['Username']; $user['message_url'] = 'messages'; $user['admin'] = $get_user_info['Admin']; $login_check = 1; // Update the user IP if this is a new session if (!isset($_COOKIE['ava_iptrack'])) { Query::query("UPDATE Players SET LastIP = '{$user['ip']}' WHERE PlayerID = {$user['id']}") or die(mysql_error()); setcookie("iptrack", '1'); } } else { $user['login_status'] = 0; $user['admin'] = 0; } // Prep the controller name and the query string $urlArray = explode("/", $url); $controller = ucwords($urlArray[0]); array_shift($urlArray); $queryString = array_merge($urlArray, $_POST, $_GET); // Call the header controller $h = new Header($modelFactory, [], true); call_user_func_array(array($h, 'main'), [$login_check, $user]); // Call the page controller $dispatch = new $controller($modelFactory, $queryString, false); call_user_func_array(array($dispatch, 'main'), [$user]); // If an action was sent, call the appropriate function in the controller if (isset($queryString['action']) && !empty($queryString['action'])) { if (is_string($queryString['action'])) { $method = $queryString['action']; } else { if (is_array($queryString['action'])) { list($a_key, $a_val) = each($_POST['action']); $method = 'btn' . ucwords($a_key) . '_Clicked'; } } if (method_exists($dispatch, $method) && is_callable(array($dispatch, $method))) { call_user_func_array(array($dispatch, $method), []); } else { header("HTTP/1.0 404 Not Found"); } } // Call the footer controller $f = new Footer($modelFactory, [], true); call_user_func_array(array($f, 'main'), []); }