86400, 'path' => '/', 'domain' => $RUNTIME['DOMAIN'], 'httponly' => true, 'secure' => true, 'samesite' => 'Lax' ]); session_start(); include_once 'classen/MAIL/PHPMailer.php'; include_once 'classen/MAIL/SMTP.php'; include_once("classen/utils.php"); include_once("classen/HTML.php"); include_once("classen/GoogleAuthenticator.php"); include_once("classen/OpenSim.php"); include_once("classen/discord.php"); $RUNTIME = array(); $RUNTIME['OPENSIM'] = new OpenSim(); include_once("config.php"); function isValidEndpoint(string $pageName, string $dirPrefix) { return preg_match("[a-zA-Z0-9\.]{1,100}", $pageName) && file_exists("./".$dirPrefix."/".$pageName.".php"); } //TODO: add API keys and/or rate limiting if(isset($_REQUEST['api'])) { if(isValidEndpoint($_REQUEST['api'], 'api')) { include "./api/".$_REQUEST['api'].".php"; } else { die("ERROR; ENDPOINT NOT EXIST"); } die(); } if ($handle = opendir('./plugins/')) { while (false !== ($entry = readdir($handle))) { if ($entry != "." && $entry != "..") { include_once "./plugins/".$entry; } } closedir($handle); } if(isset($_REQUEST['logout']) && $_REQUEST['logout'] == '1') { $_SESSION = array(); } if(isset($_SESSION['LOGIN']) && $_SESSION['LOGIN'] == 'true') { if(!isset($_REQUEST['page'])) { include './pages/dashboard.php'; } else if(isValidEndpoint($_REQUEST['page'], 'pages')) { include "./pages/".$_REQUEST['page'].".php"; } else { include "./pages/error.php"; } die(); } if(isset($_REQUEST['page']) && $_REQUEST['page'] == "register") { include "./pages/register.php"; } else { include "./pages/login.php"; } ?>