<?php include './general.php'; include './security.php'; include './sqli.php'; $headers = apache_request_headers(); if (!isset($headers['username']) or !isset($headers['token'])) { exit('API Error: Username or Access Token Missing'); } $security = new security($db, $headers['username']); $security->checkSessionToken($headers['token']); $method = $_SERVER['REQUEST_METHOD']; if (isset($_GET['function']) or isset($_POST['function'])) { $function = isset($_GET['function']) ? $_GET['function'] : $_POST['function']; } else { $inputVars = get_object_vars(json_decode(file_get_contents("php://input"))); if (!isset($inputVars['function'])) { exit('API Error: Function not given'); } $function = $inputVars['function']; } if (!in_array($method, array('GET', 'POST', 'PUT', 'DELETE'))) { exit("API Error: Invalid Request Method: [{$_SERVER['REQUEST_METHOD']}]"); } $requestFile = __DIR__ . '/api/' . $function . '.php'; if (!is_file($requestFile)) { exit("API Error 404: page not found: [{$requestFile}]"); } if ($method == 'GET') { $params = $_GET; } elseif ($method == 'POST') {
} } } return $result; } ?> <script> window.context = {}; window.username = '******'username']; ?> '; window.token = <?php $s = new security($db, $_POST['username']); echo "'" . addslashes($s->checkSessionToken($_POST['token'])) . "'"; ?> window.panePre = <?php print json_encode(dirToArray('panes')); ?> ; </script> </head> <body id='main' class='unselectable'> <div id='nav'></div> <div id='addTab' class='addTab plusTab'>☩</div> <div id='leftTab' class='addTab leftTab'><</div> <div id='righTab' class='addTab righTab'>></div> <div id='header'> <span id='logout' class='headerItem'>Log Out</span>