Manager/index.php

<?php
date_default_timezone_set("Europe/Berlin");
header('Strict-Transport-Security: max-age=657000');
error_reporting(E_ALL);
session_start();

include_once 'classen/MAIL/PHPMailer.php';
include_once 'classen/MAIL/SMTP.php';

include_once("classen/utils.php");
include_once("classen/HTML.php");
include_once("classen/GoogleAuthenticator.php");
include_once("classen/OpenSim.php");

$RUNTIME = array();
$RUNTIME['OPENSIM'] = new OpenSim();

include_once("config.php");

if(isset($_REQUEST['api']))
{
	if(file_exists("./api/".$_REQUEST['api'].".php")){
		if($_REQUEST['api'] == str_replace("/"," ",$_REQUEST['api']) and $_REQUEST['api'] == str_replace("\\"," ",$_REQUEST['api']) and $_REQUEST['api'] == str_replace(".."," ",$_REQUEST['api'])){
				include "./api/".$_REQUEST['api'].".php";
		}else{
			die("ERROR; ENDPOINT NOT EXIST");
		}
	}else{
		die("ERROR; ENDPOINT NOT EXIST");
	}

	die();
}

if(isset($_REQUEST['logout']))
	if($_REQUEST['logout'] == '1')
		$_SESSION = array();

if(isset($_SESSION['LOGIN']))
	if($_SESSION['LOGIN'] == 'true')
	{
		if(!isset($_REQUEST['page']))
			$_REQUEST['page'] = 'dashboard';

		if(file_exists("./pages/".$_REQUEST['page'].".php")){
			if($_REQUEST['page'] == str_replace("/"," ",$_REQUEST['page']) and $_REQUEST['page'] == str_replace("\\"," ",$_REQUEST['page']) and $_REQUEST['page'] == str_replace(".."," ",$_REQUEST['page'])){
					include "./pages/".$_REQUEST['page'].".php";
			}else{
				include "./pages/error.php";
			}
		}else{
			include "./pages/error.php";
		}

		die();
	}

if(@$_REQUEST['page'] == "register")
{
	include "./pages/register.php";
}else{
	include "./pages/login.php";
}

?>
add files 2020-06-03 15:31:18 +00:00			`<?php`
			`date_default_timezone_set("Europe/Berlin");`
			`header('Strict-Transport-Security: max-age=657000');`
			`error_reporting(E_ALL);`
			`session_start();`

			`include_once 'classen/MAIL/PHPMailer.php';`
			`include_once 'classen/MAIL/SMTP.php';`

			`include_once("classen/utils.php");`
			`include_once("classen/HTML.php");`
			`include_once("classen/GoogleAuthenticator.php");`
			`include_once("classen/OpenSim.php");`

			`$RUNTIME = array();`
			`$RUNTIME['OPENSIM'] = new OpenSim();`

			`include_once("config.php");`

			`if(isset($_REQUEST['api']))`
			`{`
			`if(file_exists("./api/".$_REQUEST['api'].".php")){`
			`if($_REQUEST['api'] == str_replace("/"," ",$_REQUEST['api']) and $_REQUEST['api'] == str_replace("\\"," ",$_REQUEST['api']) and $_REQUEST['api'] == str_replace(".."," ",$_REQUEST['api'])){`
			`include "./api/".$_REQUEST['api'].".php";`
			`}else{`
			`die("ERROR; ENDPOINT NOT EXIST");`
			`}`
			`}else{`
			`die("ERROR; ENDPOINT NOT EXIST");`
			`}`

			`die();`
			`}`

			`if(isset($_REQUEST['logout']))`
			`if($_REQUEST['logout'] == '1')`
			`$_SESSION = array();`

			`if(isset($_SESSION['LOGIN']))`
			`if($_SESSION['LOGIN'] == 'true')`
			`{`
			`if(!isset($_REQUEST['page']))`
			`$_REQUEST['page'] = 'dashboard';`

			`if(file_exists("./pages/".$_REQUEST['page'].".php")){`
			`if($_REQUEST['page'] == str_replace("/"," ",$_REQUEST['page']) and $_REQUEST['page'] == str_replace("\\"," ",$_REQUEST['page']) and $_REQUEST['page'] == str_replace(".."," ",$_REQUEST['page'])){`
			`include "./pages/".$_REQUEST['page'].".php";`
			`}else{`
			`include "./pages/error.php";`
			`}`
			`}else{`
			`include "./pages/error.php";`
			`}`

			`die();`
			`}`

			`if(@$_REQUEST['page'] == "register")`
			`{`
			`include "./pages/register.php";`
			`}else{`
			`include "./pages/login.php";`
			`}`

			`?>`