MMS-Web-App/index.php at master · ManageMyServer/MMS-Web-App · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<?php

ob_start();
session_start();
$config = include($_SERVER['DOCUMENT_ROOT'].'/core/config.php');

if($config['db_address']==''){
    header("Location: /install.php");
    die();
}

//Lastseen
if($_SESION['username']==null){
    $conn = new mysqli($config['db_address'], $config['db_username'], $config['db_password'], $config['db_name']);
    // Check connection
    if ($conn->connect_error) {
        die('Connection failed: ' . $conn->connect_error);
    }
    $sql = 'UPDATE '.$config['table_prefix'].'_users SET lastseen=CURRENT_TIMESTAMP WHERE username=?';
    $stmt = $conn->stmt_init();
    if(!$stmt->prepare($sql))
    {
        print "Failed to prepare statement\n";
    }
    $stmt = $conn->prepare($sql);
    $stmt->bind_param("s", $_SESSION['username']);
    $stmt->execute();
}

include 'pages/includes/header.php';
$directory = $_SERVER['REQUEST_URI'];

$directories = explode("/", $directory);
$lim = count($directories);

include($_SERVER['DOCUMENT_ROOT'] . $page);
if(strtolower($_SESSION['rank']) != strtolower('superuser') && strtolower($_SESSION['rank']) != strtolower('Admin') && $directories[1]=="admin") {
    header('Location: /errors/noaccess');
} elseif(strtolower($_SESSION['rank']) != strtolower('superuser') && strtolower($_SESSION['rank']) != strtolower('Admin') && $directories[1]=="nodes") {
    header('Location: /errors/noaccess');
} elseif(strtolower($_SESSION['rank']) != strtolower('superuser') && strtolower($_SESSION['rank']) != strtolower('Admin') && $directories[1]=="servers" && $directories[2]=="addserver") {
    header('Location: /errors/noaccess');
} elseif(empty($directories[0]) && empty($directories[1])){
    // Must be the index page
    $page_path = 'pages/index';
} elseif ($directories[1]=="admin" && empty($directories[2])) {
    $page_path = 'pages/admin/index';
}elseif ($directories[1]=="example" && $directories[2]=="page" && empty($directories[3])) {
    $page_path = 'pages/example/page/index';
} else {
    $n = 0;
    foreach($directories as $directory){
        if(strpos($directory, '?') !== false){
            $params = $directory; // Get URL parameters
            unset($directories[$n]);
        }
        $n++;
    }
    $page_path = 'pages' . implode('/', $directories);
    if(substr($page_path, -1) == "/"){
        $page_path = rtrim($page_path, '/');
    }
}
if($_SESSION['username']=='' && $page_path != 'pages/login'){
    header('Location: /login');
    die();
}
if(file_exists($page_path.".php")) {
    include $page_path. ".php";
} else {
    include $_SERVER['DOCUMENT_ROOT'].'/pages/errors/404.php';
}
?>
<?php
include 'pages/includes/footer.php';
?>