";
//var_dump($_POST);
//var_dump($_GET);
$file=explode('?', ($_GET['doc']=="")?$LANG['INDEXMD']:$_GET['doc'], 2)[0] ?? "";
$filedetail = pathinfo($file);
if (isset($_GET['logout'])) {
unset($_SESSION['md_admin']);
unset($_SESSION['md_user']);
redirect();
}
else if (isset($_POST['action']))
{
if ((isset($_SESSION['md_admin']) === false || $_SESSION['md_admin'] !== true) && (isset($_SESSION['md_user']) === false || $_SESSION['md_user'] !== true))
{
if ($_POST['action']=='ident')
{
if (isset($_POST['md_password']) && empty($_POST['md_password']) === false)
{
if (hash('sha512', $_POST['md_password']) === ADMIN_PASSWORD)
{
$_SESSION['md_admin'] = true;
redirect();
}
else if (hash('sha512', $_POST['md_password']) === USER_PASSWORD)
{
$_SESSION['md_user'] = true;
redirect($file);
}
else
{
$content = ''.$LANG['BADPASS'].'
';
$log = file_exists(LOG_DIR) ? unserialize(file_get_contents(LOG_DIR)) : array();
if (isset($log[$_SERVER['REMOTE_ADDR']]) === false)
{
$log[$_SERVER['REMOTE_ADDR']] = array('num' => 0, 'time' => 0);
}
$log[$_SERVER['REMOTE_ADDR']]['num'] += 1;
$log[$_SERVER['REMOTE_ADDR']]['time'] = time();
file_put_contents(LOG_DIR, serialize($log));
}
}
else
$content=''.$LANG['NOPASS'].'
';
}
else if (ACCESS_PRIVATE)
switch ($_POST['action'])
{
case 'allchildren':
case 'children':
print('{ "id" : "id1", "icon" : "fas fa-atlas", "parent" : "#", "text" : "'.$_SERVER["SERVER_NAME"].'" }');
exit;
default:
$content=specialurl("/:ADMIN",true);
}
}
switch ($_POST['action'])
{
case 'children':
print(json_encode(filesJSON(CONTENT_DIR,false)));
exit;
case 'new':
$file=urldecode($_POST['file']);
$filedetail = pathinfo($file);
if (!isset($_SESSION['md_admin']))
{
$content=specialurl("/:ADMIN",true);
}
else
{
setcontent($file,"## Titre");
print(getcontent($file,$md=$filedetail['extension']=='md',true));
}
exit;
case 'rename':
$file=urldecode($_POST['file']);
$file2=urldecode($_POST['file2']);
if (!isset($_SESSION['md_admin']))
{
$content=specialurl("/:ADMIN",true);
}
else
{
print(rencontent($file,$file2));
}
exit;
case 'delete':
$file=urldecode($_POST['file']);
if (!isset($_SESSION['md_admin']))
{
$content=specialurl("/:ADMIN",true);
}
else
{
print(delcontent($file));
}
exit;
case 'sendfile':
$file=urldecode($_POST['name']);
$filedetail = pathinfo($file);
$data=$_POST['file'];
if (!isset($_SESSION['md_admin']))
{
$content=specialurl("/:ADMIN",true);
}
else
{
if (in_array($filedetail['extension'], $supported_image))
$path="/images";
else
$path="/documents";
print(setcontent($path."/".$file,$data));
}
exit;
case 'allchildren':
print(json_encode(filesJSON(CONTENT_DIR,true)));
exit;
case 'open':
$file=urldecode($_POST['file']);
$filedetail = pathinfo($file);
if (substr($file,0,2)=="/:")
specialurl($file,true);
else
{
if (ACCESS_LIMITED!="" && strpos($filedetail['dirname'],ACCESS_LIMITED)!==false && !isset($_SESSION['md_user']))
{
$content=specialurl("/:ADMIN",true);
}
print(getcontent($file,$md=$filedetail['extension']=='md',true));
exit;
}
case 'realopen':
$file=urldecode($_POST['file']);
$filedetail = pathinfo($file);
if (ACCESS_LIMITED!="" && strpos($filedetail['dirname'],ACCESS_LIMITED)!==false && !isset($_SESSION['md_user']))
{
$content=specialurl("/:ADMIN",true);
}
else
print(getcontent($file,false,true));
exit;
case 'save':
$file=urldecode($_POST['file']);
$filedetail = pathinfo($file);
if (!isset($_SESSION['md_admin']))
{
$content=specialurl("/:ADMIN",true);
}
else
print(setcontent($file,$_POST['data']));
exit;
case 'search':
$results=searchstr(CONTENT_DIR,$_POST['search']);
$content=sprintf($LANG['FOUND'],$results['totalFiles']);
foreach($results['files'] as $key => $value)
{
$filedetail = pathinfo($key);
if (ACCESS_LIMITED=="" || strpos($filedetail['dirname'],ACCESS_LIMITED)===false || isset($_SESSION['md_user']))
$content.=''.$key.'
'.$value.'
';
}
if ($_POST['type']=="js")
{
print($content);
exit;
}
}
}
else if (ACCESS_PRIVATE && !isset($_SESSION['md_admin']))
{
$content=specialurl("/:ADMIN",false);
}
else if (substr($file,0,1)==":")
{
$content=specialurl("/".$file,false);
}
else if (ACCESS_LIMITED!="" && strpos($filedetail['dirname'],ACCESS_LIMITED)!==false && !isset($_SESSION['md_user']))
{
$content=specialurl("/:ADMIN",false);
}
else if ($filedetail['extension']=="md")
{
$content=getcontent($file);
}
else if ($filedetail['extension']!="" && strpos(ALLOWED_EXT, $filedetail['extension']) !== false)
{
if (file_exists(CONTENT_DIR . $file))
{
header('Content-type: '.mime_content_type(CONTENT_DIR . $file),true);
print file_get_contents(CONTENT_DIR . $file, false);
exit;
}
else
{
http_response_code(404);
$content=getcontent("/special/404.md");
}
exit;
}
else
{
$content=getcontent("/special/404.md");
}
?>
':''); ?>
':''); ?>