"; //var_dump($_POST); //var_dump($_GET); $file=explode('?', ($_GET['doc']=="")?$LANG['INDEXMD']:$_GET['doc'], 2)[0] ?? ""; $filedetail = pathinfo($file); if (isset($_GET['logout'])) { unset($_SESSION['md_admin']); unset($_SESSION['md_user']); redirect(); } else if (isset($_POST['action'])) { if ((isset($_SESSION['md_admin']) === false || $_SESSION['md_admin'] !== true) && (isset($_SESSION['md_user']) === false || $_SESSION['md_user'] !== true)) { if ($_POST['action']=='ident') { if (isset($_POST['md_password']) && empty($_POST['md_password']) === false) { if (hash('sha512', $_POST['md_password']) === ADMIN_PASSWORD) { $_SESSION['md_admin'] = true; redirect(); } else if (hash('sha512', $_POST['md_password']) === USER_PASSWORD) { $_SESSION['md_user'] = true; redirect($file); } else { $content = '

'.$LANG['BADPASS'].'

'; $log = file_exists(LOG_DIR) ? unserialize(file_get_contents(LOG_DIR)) : array(); if (isset($log[$_SERVER['REMOTE_ADDR']]) === false) { $log[$_SERVER['REMOTE_ADDR']] = array('num' => 0, 'time' => 0); } $log[$_SERVER['REMOTE_ADDR']]['num'] += 1; $log[$_SERVER['REMOTE_ADDR']]['time'] = time(); file_put_contents(LOG_DIR, serialize($log)); } } else $content='

'.$LANG['NOPASS'].'

'; } else if (ACCESS_PRIVATE) switch ($_POST['action']) { case 'allchildren': case 'children': print('{ "id" : "id1", "icon" : "fas fa-atlas", "parent" : "#", "text" : "'.$_SERVER["SERVER_NAME"].'" }'); exit; default: $content=specialurl("/:ADMIN",true); } } switch ($_POST['action']) { case 'children': print(json_encode(filesJSON(CONTENT_DIR,false))); exit; case 'new': $file=urldecode($_POST['file']); $filedetail = pathinfo($file); if (!isset($_SESSION['md_admin'])) { $content=specialurl("/:ADMIN",true); } else { setcontent($file,"## Titre"); print(getcontent($file,$md=$filedetail['extension']=='md',true)); } exit; case 'rename': $file=urldecode($_POST['file']); $file2=urldecode($_POST['file2']); if (!isset($_SESSION['md_admin'])) { $content=specialurl("/:ADMIN",true); } else { print(rencontent($file,$file2)); } exit; case 'delete': $file=urldecode($_POST['file']); if (!isset($_SESSION['md_admin'])) { $content=specialurl("/:ADMIN",true); } else { print(delcontent($file)); } exit; case 'sendfile': $file=urldecode($_POST['name']); $data=file_get_contents($_FILES["file"]["tmp_name"]); unlink($_FILES["file"]["tmp_name"]); if (!isset($_SESSION['md_admin'])) { $content=specialurl("/:ADMIN",true); } else { print(setcontent($file,$data)); } exit; case 'allchildren': print(json_encode(filesJSON(CONTENT_DIR,true))); exit; case 'open': $file=urldecode($_POST['file']); $filedetail = pathinfo($file); if (substr($file,0,2)=="/:") specialurl($file,true); else { if (ACCESS_LIMITED!="" && strpos($filedetail['dirname'],ACCESS_LIMITED)!==false && !isset($_SESSION['md_user'])) { $content=specialurl("/:ADMIN",true); } print(getcontent($file,$md=$filedetail['extension']=='md',true)); exit; } case 'realopen': $file=urldecode($_POST['file']); $filedetail = pathinfo($file); if (ACCESS_LIMITED!="" && strpos($filedetail['dirname'],ACCESS_LIMITED)!==false && !isset($_SESSION['md_user'])) { $content=specialurl("/:ADMIN",true); } else print(getcontent($file,false,true)); exit; case 'save': $file=urldecode($_POST['file']); $filedetail = pathinfo($file); if (!isset($_SESSION['md_admin'])) { $content=specialurl("/:ADMIN",true); } else print(setcontent($file,$_POST['data'])); exit; case 'search': $results=searchstr(CONTENT_DIR,$_POST['search']); $content=sprintf($LANG['FOUND'],$results['totalFiles']); foreach($results['files'] as $key => $value) { $filedetail = pathinfo($key); if (ACCESS_LIMITED=="" || strpos($filedetail['dirname'],ACCESS_LIMITED)===false || isset($_SESSION['md_user'])) $content.='

'.$key.'

'.$value.'

'; } if ($_POST['type']=="js") { print($content); exit; } } } else if (ACCESS_PRIVATE && !isset($_SESSION['md_admin'])) { $content=specialurl("/:ADMIN",false); } else if (substr($file,0,1)==":") { $content=specialurl("/".$file,false); } else if (ACCESS_LIMITED!="" && strpos($filedetail['dirname'],ACCESS_LIMITED)!==false && !isset($_SESSION['md_user'])) { $content=specialurl("/:ADMIN",false); } else if ($filedetail['extension']=="md") { $content=getcontent($file); } else if ($filedetail['extension']!="" && strpos(ALLOWED_EXT, $filedetail['extension']) !== false) { if (file_exists(CONTENT_DIR . $file)) { header('Content-type: '.mime_content_type(CONTENT_DIR . $file),true); print file_get_contents(CONTENT_DIR . $file, false); exit; } else { http_response_code(404); $content=getcontent("/special/404.md"); } exit; } else { $content=getcontent("/special/404.md"); } ?> <?php echo TITLE." - ".$file; ?> ':''); ?>

Documentations

':''); ?>