1
0
Fork 0

Improve routing

master
Anonymous Contributor 2023-08-23 18:16:34 +02:00
parent 26311c8ffb
commit 0ff99a3678
1 changed files with 24 additions and 32 deletions

View File

@ -18,10 +18,13 @@ $RUNTIME['OPENSIM'] = new OpenSim();
include_once("config.php");
function isValidEndpoint(string $pageName, string $dirPrefix) {
return preg_match("[a-zA-Z0-9\.]{1,100}", $pageName) && file_exists("./".$dirPrefix."/".$pageName.".php");
}
//TODO: add API keys and/or rate limiting
if(isset($_REQUEST['api']))
{
if(preg_match("[a-zA-Z0-9\.]{1,100}", $_REQUEST['api']) && file_exists("./api/".$_REQUEST['api'].".php")) {
if(isset($_REQUEST['api'])) {
if(isValidEndpoint($_REQUEST['api'], 'api')) {
include "./api/".$_REQUEST['api'].".php";
} else {
die("ERROR; ENDPOINT NOT EXIST");
@ -30,12 +33,9 @@ if(isset($_REQUEST['api']))
die();
}
if ($handle = opendir('./plugins/'))
{
while (false !== ($entry = readdir($handle)))
{
if ($entry != "." && $entry != "..")
{
if ($handle = opendir('./plugins/')) {
while (false !== ($entry = readdir($handle))) {
if ($entry != "." && $entry != "..") {
include_once "./plugins/".$entry;
}
}
@ -43,33 +43,25 @@ if ($handle = opendir('./plugins/'))
closedir($handle);
}
if(isset($_REQUEST['logout']))
if($_REQUEST['logout'] == '1')
if(isset($_REQUEST['logout']) && $_REQUEST['logout'] == '1') {
$_SESSION = array();
}
if(isset($_SESSION['LOGIN']))
if($_SESSION['LOGIN'] == 'true')
{
if(!isset($_REQUEST['page']))
$_REQUEST['page'] = 'dashboard';
if(file_exists("./pages/".$_REQUEST['page'].".php")){
if($_REQUEST['page'] == str_replace("/"," ",$_REQUEST['page']) and $_REQUEST['page'] == str_replace("\\"," ",$_REQUEST['page']) and $_REQUEST['page'] == str_replace(".."," ",$_REQUEST['page'])){
if(isset($_SESSION['LOGIN']) && $_SESSION['LOGIN'] == 'true') {
if(!isset($_REQUEST['page'])) {
include './pages/dashboard.php';
} else if(isValidEndpoint($_REQUEST['page'], 'pages')) {
include "./pages/".$_REQUEST['page'].".php";
}else{
include "./pages/error.php";
}
}else{
} else {
include "./pages/error.php";
}
die();
}
}
if(@$_REQUEST['page'] == "register")
{
if(isset($_REQUEST['page']) && $_REQUEST['page'] == "register") {
include "./pages/register.php";
}else{
} else {
include "./pages/login.php";
}