Various optimizations
This commit is contained in:
Daniel Winzen
@ -1,23 +1,23 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$db = get_db_instance();
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
session_start(['name'=>'hosting_admin']);
|
||||
if($_SERVER['REQUEST_METHOD']==='HEAD'){
|
||||
exit; // headers sent, no further processing needed
|
||||
}
|
||||
echo '<!DOCTYPE html><html><head>';
|
||||
echo '<title>Daniel\'s Hosting - Admin panel</title>';
|
||||
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
|
||||
echo '<meta name="author" content="Daniel Winzen">';
|
||||
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
|
||||
echo '<link rel="canonical" href="'.CANONICAL_URL. $_SERVER['SCRIPT_NAME'] .'">';
|
||||
echo '</head><body>';
|
||||
echo '<h1>Hosting - Admin panel</h1>';
|
||||
?>
|
||||
<!DOCTYPE html><html><head>
|
||||
<title>Daniel's Hosting - Admin panel</title>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
||||
<meta name="author" content="Daniel Winzen">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<link rel="canonical" href="'.CANONICAL_URL. $_SERVER['SCRIPT_NAME'] .'">
|
||||
<style>td{padding:5px;}</style>
|
||||
<base target="_blank">
|
||||
</head><body>
|
||||
<h1>Hosting - Admin panel</h1>
|
||||
<?php
|
||||
$error=false;
|
||||
if($_SERVER['REQUEST_METHOD']==='POST' && isset($_POST['pass']) && $_POST['pass']===ADMIN_PASSWORD){
|
||||
if(!($error=check_captcha_error())){
|
||||
@ -26,7 +26,7 @@ if($_SERVER['REQUEST_METHOD']==='POST' && isset($_POST['pass']) && $_POST['pass'
|
||||
}
|
||||
}
|
||||
if(empty($_SESSION['logged_in'])){
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST"><table>';
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self"><table>';
|
||||
echo "<tr><td>Password </td><td><input type=\"password\" name=\"pass\" size=\"30\" required autofocus></td></tr>";
|
||||
send_captcha();
|
||||
echo "<tr><td colspan=\"2\"><input type=\"submit\" name=\"action\" value=\"login\"></td></tr>";
|
||||
@ -42,9 +42,9 @@ if(empty($_SESSION['logged_in'])){
|
||||
if(REQUIRE_APPROVAL){
|
||||
$stmt=$db->query('SELECT COUNT(*) FROM new_account WHERE approved=0;');
|
||||
$cnt=$stmt->fetch(PDO::FETCH_NUM)[0];
|
||||
echo '<a href="' . $_SERVER['SCRIPT_NAME'] . "?action=approve\">Approve pending sites ($cnt)</a> | ";
|
||||
echo '<a href="' . $_SERVER['SCRIPT_NAME'] . "?action=approve\" target=\"_self\">Approve pending sites ($cnt)</a> | ";
|
||||
}
|
||||
echo '<a href="' . $_SERVER['SCRIPT_NAME'] . '?action=list">List of accounts</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=delete">Delete accounts</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=suspend">Suspend hidden services</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=edit">Edit hidden services</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=logout">Logout</a></p>';
|
||||
echo '<a href="' . $_SERVER['SCRIPT_NAME'] . '?action=list" target="_self">List of accounts</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=delete" target="_self">Delete accounts</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=suspend" target="_self">Suspend hidden services</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=edit" target="_self">Edit hidden services</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=logout" target="_self">Logout</a></p>';
|
||||
if(empty($_REQUEST['action']) || $_REQUEST['action']==='login'){
|
||||
echo '<p>Welcome to the admin panel!</p>';
|
||||
}elseif($_REQUEST['action'] === 'logout'){
|
||||
@ -52,7 +52,8 @@ if(empty($_SESSION['logged_in'])){
|
||||
header('Location: ' . $_SERVER['SCRIPT_NAME']);
|
||||
exit;
|
||||
}elseif($_REQUEST['action'] === 'list'){
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . "\" method=\"POST\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\">";
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
|
||||
echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
|
||||
echo '<table border="1">';
|
||||
echo '<tr><th>Username</th><th>Onion link</th><th>Action</th></tr>';
|
||||
$stmt=$db->query('SELECT users.username, onions.onion, onions.enabled FROM users INNER JOIN onions ON (onions.user_id=users.id) ORDER BY users.username;');
|
||||
@ -70,7 +71,7 @@ if(empty($_SESSION['logged_in'])){
|
||||
echo '<br>';
|
||||
}
|
||||
if($onion[1]=='1'){
|
||||
echo "<a href=\"http://$onion[0].onion\" target=\"_blank\">$onion[0].onion</a>";
|
||||
echo "<a href=\"http://$onion[0].onion\">$onion[0].onion</a>";
|
||||
}else{
|
||||
echo "$onion[0].onion";
|
||||
}
|
||||
@ -89,12 +90,13 @@ if(empty($_SESSION['logged_in'])){
|
||||
echo '<p style="color:green;">Successfully approved</p>';
|
||||
}
|
||||
}
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . "\" method=\"POST\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\">";
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
|
||||
echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
|
||||
echo '<table border="1">';
|
||||
echo '<tr><th>Username</th><th>Onion address</th><th>Action</th></tr>';
|
||||
$stmt=$db->query('SELECT users.username, onions.onion FROM users INNER JOIN new_account ON (users.id=new_account.user_id) INNER JOIN onions ON (onions.user_id=users.id) WHERE new_account.approved=0 ORDER BY users.username;');
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
echo "<tr><td>$tmp[0]</td><td><a href=\"http://$tmp[1].onion\" target=\"_blank\">$tmp[1].onion</a></td><td><button type=\"submit\" name=\"action\" value=\"approve_$tmp[1]\">Approve</button><button type=\"submit\" name=\"action\" value=\"delete_$tmp[1]\">Delete</button></td></tr>";
|
||||
echo "<tr><td>$tmp[0]</td><td><a href=\"http://$tmp[1].onion\">$tmp[1].onion</a></td><td><button type=\"submit\" name=\"action\" value=\"approve_$tmp[1]\">Approve</button><button type=\"submit\" name=\"action\" value=\"delete_$tmp[1]\">Delete</button></td></tr>";
|
||||
}
|
||||
echo '</table></form>';
|
||||
}elseif(substr($_REQUEST['action'], 0, 6) === 'delete'){
|
||||
@ -105,7 +107,7 @@ if(empty($_SESSION['logged_in'])){
|
||||
$onion = substr($_REQUEST['action'], 7);
|
||||
}
|
||||
echo '<p>Delete accouts:</p>';
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
|
||||
echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
|
||||
echo '<p>Onion address: <input type="text" name="onion" size="30" value="';
|
||||
echo htmlspecialchars($onion);
|
||||
@ -136,8 +138,8 @@ if(empty($_SESSION['logged_in'])){
|
||||
$onion = substr($_REQUEST['action'], 8);
|
||||
}
|
||||
echo '<p>Suspend hidden service:</p>';
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
|
||||
echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
|
||||
echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
|
||||
echo '<p>Onion address: <input type="text" name="onion" size="30" value="';
|
||||
echo htmlspecialchars($onion);
|
||||
echo '" required autofocus></p>';
|
||||
@ -152,7 +154,7 @@ if(empty($_SESSION['logged_in'])){
|
||||
$stmt=$db->prepare('UPDATE onions SET enabled=-2 WHERE onion=?;');
|
||||
$stmt->execute([$match[1]]);
|
||||
echo "<p style=\"color:green;\">Successfully queued for suspension!</p>";
|
||||
enqueue_instance_reload($db, $instance[0]);
|
||||
enqueue_instance_reload($instance[0]);
|
||||
}else{
|
||||
echo "<p style=\"color:red;\">Onion address not hosted by us!</p>";
|
||||
}
|
||||
@ -168,8 +170,8 @@ if(empty($_SESSION['logged_in'])){
|
||||
$onion = substr($_REQUEST['action'], 5);
|
||||
}
|
||||
echo '<p>Edit hidden service:</p>';
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
|
||||
echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
|
||||
echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
|
||||
echo '<p>Onion address: <input type="text" name="onion" size="30" value="';
|
||||
echo htmlspecialchars($onion);
|
||||
echo '" required autofocus></p>';
|
||||
@ -200,15 +202,15 @@ if(empty($_SESSION['logged_in'])){
|
||||
$max_streams = 65535;
|
||||
}
|
||||
$stmt->execute([$enabled, $enable_smtp, $num_intros, $max_streams, $match[1]]);
|
||||
enqueue_instance_reload($db, $onion[1]);
|
||||
enqueue_instance_reload($onion[1]);
|
||||
echo "<p style=\"color:green;\">Changes successfully saved!</p>";
|
||||
}
|
||||
}
|
||||
$stmt=$db->prepare('SELECT onion, enabled, enable_smtp, num_intros, max_streams, version FROM onions WHERE onion=?;');
|
||||
$stmt->execute([$match[1]]);
|
||||
if($onion=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
|
||||
echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
|
||||
echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
|
||||
echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
|
||||
echo '<table border="1"><tr><th>Onion</th><th>Enabled</th><th>SMTP enabled</th><th>Nr. of intros</th><th>Max streams per rend circuit</th><th>Save</th></tr>';
|
||||
echo '<tr><td><input type="text" name="onion" size="15" value="'.$onion[0].'" required autofocus></td>';
|
||||
echo '<td><label><input type="checkbox" name="enabled" value="1"';
|
||||
|
||||
@ -1,10 +1,6 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$db = get_db_instance();
|
||||
session_start();
|
||||
$user=check_login();
|
||||
$msg='';
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
header('X-Accel-Expires: 60');
|
||||
?>
|
||||
<!DOCTYPE html><html><head>
|
||||
<title>Daniel's Hosting - FAQ</title>
|
||||
|
||||
@ -1,10 +1,6 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$db = get_db_instance();
|
||||
session_start();
|
||||
$user=check_login();
|
||||
if(!empty($_POST['ftp_pass'])){
|
||||
@ -137,7 +133,7 @@ if(!empty($_POST['mkfile']) && !empty($_POST['name'])){
|
||||
}
|
||||
$tmpfile='/tmp/'.uniqid();
|
||||
touch($tmpfile);
|
||||
ftp_put($ftp, $_POST['name'], $tmpfile, FTP_BINARY);
|
||||
@ftp_put($ftp, $_POST['name'], $tmpfile, FTP_BINARY);
|
||||
unlink($tmpfile);
|
||||
}
|
||||
|
||||
@ -155,7 +151,7 @@ if(!empty($_POST['rename_2']) && !empty($_POST['files'])){
|
||||
die($error);
|
||||
}
|
||||
foreach($_POST['files'] as $old=>$new){
|
||||
ftp_rename($ftp, $old, $new);
|
||||
@ftp_rename($ftp, $old, $new);
|
||||
}
|
||||
}
|
||||
|
||||
@ -174,7 +170,7 @@ if(!empty($_POST['edit_2']) && !empty($_POST['files'])){
|
||||
$tmpfile='/tmp/'.uniqid();
|
||||
foreach($_POST['files'] as $name=>$content){
|
||||
file_put_contents($tmpfile, $content);
|
||||
ftp_put($ftp, $name, $tmpfile, FTP_BINARY);
|
||||
@ftp_put($ftp, $name, $tmpfile, FTP_BINARY);
|
||||
}
|
||||
unlink($tmpfile);
|
||||
}
|
||||
@ -197,7 +193,7 @@ if(!empty($_POST['unzip']) && !empty($_POST['files'])){
|
||||
continue;
|
||||
}
|
||||
$tmpfile='/tmp/'.uniqid().'.zip';
|
||||
if(!ftp_get($ftp, $tmpfile, $file, FTP_BINARY)){
|
||||
if(@!ftp_get($ftp, $tmpfile, $file, FTP_BINARY)){
|
||||
continue;
|
||||
}
|
||||
//prevent zip-bombs
|
||||
@ -232,7 +228,7 @@ if(!empty($_FILES['files'])){
|
||||
$c=count($_FILES['files']['name']);
|
||||
for($i=0; $i<$c; ++$i){
|
||||
if($_FILES['files']['error'][$i]===UPLOAD_ERR_OK){
|
||||
ftp_put($ftp, $dir.$_FILES['files']['name'][$i], $_FILES['files']['tmp_name'][$i], FTP_BINARY);
|
||||
@ftp_put($ftp, $dir.$_FILES['files']['name'][$i], $_FILES['files']['tmp_name'][$i], FTP_BINARY);
|
||||
unlink($_FILES['files']['tmp_name'][$i]);
|
||||
}
|
||||
}
|
||||
@ -424,7 +420,7 @@ function ftp_recursive_upload($ftp, $path){
|
||||
ftp_chdir($ftp, '..');
|
||||
rmdir($dir->path.$file);
|
||||
}else{
|
||||
ftp_put($ftp, $file, $dir->path.$file, FTP_BINARY);
|
||||
@ftp_put($ftp, $file, $dir->path.$file, FTP_BINARY);
|
||||
unlink($dir->path.$file);
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,17 +1,13 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$db = get_db_instance();
|
||||
session_start();
|
||||
$user=check_login();
|
||||
if(isset($_POST['action']) && $_POST['action']==='add_db'){
|
||||
if($error=check_csrf_error()){
|
||||
die($error);
|
||||
}
|
||||
add_user_db($db, $user['id']);
|
||||
add_user_db($user['id']);
|
||||
}
|
||||
if(isset($_POST['action']) && $_POST['action']==='del_db' && !empty($_POST['db'])){
|
||||
if($error=check_csrf_error()){
|
||||
@ -37,7 +33,7 @@ if(isset($_POST['action']) && $_POST['action']==='del_db_2' && !empty($_POST['db
|
||||
if($error=check_csrf_error()){
|
||||
die($error);
|
||||
}
|
||||
del_user_db($db, $user['id'], $_POST['db']);
|
||||
del_user_db($user['id'], $_POST['db']);
|
||||
}
|
||||
if(isset($_POST['action']) && $_POST['action']==='del_onion' && !empty($_POST['onion'])){
|
||||
if($error=check_csrf_error()){
|
||||
@ -102,24 +98,24 @@ if(isset($_POST['action']) && $_POST['action']==='add_onion'){
|
||||
$ok = false;
|
||||
}
|
||||
if($ok){
|
||||
add_user_onion($db, $user['id'], $onion, $priv_key, $onion_version);
|
||||
add_user_onion($user['id'], $onion, $priv_key, $onion_version);
|
||||
}
|
||||
}
|
||||
if(isset($_POST['action']) && $_POST['action']==='del_onion_2' && !empty($_POST['onion'])){
|
||||
if($error=check_csrf_error()){
|
||||
die($error);
|
||||
}
|
||||
del_user_onion($db, $user['id'], $_POST['onion']);
|
||||
del_user_onion($user['id'], $_POST['onion']);
|
||||
}
|
||||
if(isset($_POST['action']) && $_POST['action']==='add_domain' && !empty($_POST['domain'])){
|
||||
if($error=check_csrf_error()){
|
||||
die($error);
|
||||
}
|
||||
$error = add_user_domain($db, $user['id'], $_POST['domain']);
|
||||
$error = add_user_domain($user['id'], $_POST['domain']);
|
||||
if(!empty($error)){
|
||||
$msg = "<p style=\"color:red;\">$error</p>";
|
||||
}else{
|
||||
enqueue_instance_reload($db);
|
||||
enqueue_instance_reload();
|
||||
}
|
||||
}
|
||||
if(isset($_POST['action']) && $_POST['action']==='del_domain' && !empty($_POST['domain'])){
|
||||
@ -146,8 +142,8 @@ if(isset($_POST['action']) && $_POST['action']==='del_domain_2' && !empty($_POST
|
||||
if($error=check_csrf_error()){
|
||||
die($error);
|
||||
}
|
||||
del_user_domain($db, $user['id'], $_POST['domain']);
|
||||
enqueue_instance_reload($db);
|
||||
del_user_domain($user['id'], $_POST['domain']);
|
||||
enqueue_instance_reload();
|
||||
}
|
||||
if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action']==='edit_onion'){
|
||||
if($error=check_csrf_error()){
|
||||
@ -174,7 +170,7 @@ if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action'
|
||||
$max_streams = 65535;
|
||||
}
|
||||
$stmt->execute([$enabled, $enable_smtp, $num_intros, $max_streams, $_REQUEST['onion']]);
|
||||
enqueue_instance_reload($db, substr($_REQUEST['onion'], 0, 1));
|
||||
enqueue_instance_reload(substr($_REQUEST['onion'], 0, 1));
|
||||
}
|
||||
}
|
||||
if(isset($_REQUEST['action']) && isset($_POST['domain']) && $_POST['action']==='edit_domain'){
|
||||
@ -187,7 +183,7 @@ if(isset($_REQUEST['action']) && isset($_POST['domain']) && $_POST['action']==='
|
||||
$stmt=$db->prepare('UPDATE domains SET enabled = ? WHERE domain = ?;');
|
||||
$enabled = isset($_POST['enabled']) ? 1 : 0;
|
||||
$stmt->execute([$enabled, $_POST['domain']]);
|
||||
enqueue_instance_reload($db);
|
||||
enqueue_instance_reload();
|
||||
}
|
||||
}
|
||||
|
||||
@ -296,7 +292,8 @@ while($mysql=$stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
echo '<form action="home.php" method="post">';
|
||||
echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
|
||||
echo '<input type="hidden" name="db" value="'.$mysql['mysql_database'].'">';
|
||||
echo "<tr><td>$mysql[mysql_database]</td><td>localhost</td><td>$user[mysql_user]</td><td><button type=\"submit\" name=\"action\" value=\"del_db\">Delete</button></td></tr>";
|
||||
echo '<tr><td>'.htmlspecialchars($mysql['mysql_database']).'</td><td>localhost</td><td>'.htmlspecialchars($user['mysql_user']).'</td>';
|
||||
echo '<td><button type="submit" name="action" value="del_db">Delete</button></td></tr>';
|
||||
echo '</form>';
|
||||
}
|
||||
echo '</table>';
|
||||
@ -304,7 +301,7 @@ if($count_dbs<MAX_NUM_USER_DBS){
|
||||
echo '<p><form action="home.php" method="post"><input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'"><button type="submit" name="action" value="add_db">Add new database</button></form></p>';
|
||||
}
|
||||
echo '<p><a href="password.php?type=sql">Change MySQL password</a></p>';
|
||||
echo '<p>You can use <a href="/phpmyadmin/" target="_blank">PHPMyAdmin</a> and <a href="/adminer/" target="_blank">Adminer</a> for web based database administration.</p>';
|
||||
echo '<p>You can use <a href="/phpmyadmin/" target="_blank">PHPMyAdmin</a> and <a href="/adminer/?username='.htmlspecialchars($user['mysql_user']).'" target="_blank">Adminer</a> for web based database administration.</p>';
|
||||
echo '<h3>System Account</h3>';
|
||||
echo '<table border="1">';
|
||||
echo '<tr><th>Username</th><th>Host</th><th>FTP Port</th><th>SFTP Port</th><th>POP3 Port</th><th>IMAP Port</th><th>SMTP port</th></tr>';
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
header('X-Accel-Expires: 60');
|
||||
?>
|
||||
<!DOCTYPE html><html><head>
|
||||
<title>Daniel's Hosting</title>
|
||||
|
||||
@ -1,20 +1,21 @@
|
||||
<?php
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
include_once('../common.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
echo '<!DOCTYPE html><html><head>';
|
||||
echo '<title>Daniel\'s Hosting - List of hosted sites</title>';
|
||||
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
|
||||
echo '<meta name="author" content="Daniel Winzen">';
|
||||
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
|
||||
echo '<link rel="canonical" href="' . CANONICAL_URL . $_SERVER['SCRIPT_NAME'] . '">';
|
||||
echo '</head><body>';
|
||||
echo '<h1>Hosting - List of hosted sites</h1>';
|
||||
echo '<p><a href="index.php">Info</a> | <a href="register.php">Register</a> | <a href="login.php">Login</a> | List of hosted sites | <a href="faq.php">FAQ</a></p>';
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
header('X-Accel-Expires: 60');
|
||||
$db = get_db_instance();
|
||||
?>
|
||||
<!DOCTYPE html><html><head>
|
||||
<title>Daniel's Hosting - List of hosted sites</title>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
||||
<meta name="author" content="Daniel Winzen">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<link rel="canonical" href="<?php echo CANONICAL_URL . $_SERVER['SCRIPT_NAME']; ?>">
|
||||
<style>td{padding:5px;}</style>
|
||||
<base target="_blank">
|
||||
</head><body>
|
||||
<h1>Hosting - List of hosted sites</h1>
|
||||
<p><a href="index.php" target="_self">Info</a> | <a href="register.php" target="_self">Register</a> | <a href="login.php" target="_self">Login</a> | List of hosted sites | <a href="faq.php" target="_self">FAQ</a></p>
|
||||
<?php
|
||||
$stmt=$db->query('SELECT COUNT(*) FROM users WHERE public=1;');
|
||||
$count=$stmt->fetch(PDO::FETCH_NUM);
|
||||
$stmt=$db->query('SELECT COUNT(*) FROM users WHERE public=0;');
|
||||
@ -24,7 +25,8 @@ echo '<table border="1">';
|
||||
echo '<tr><td>Onion link</td></tr>';
|
||||
$stmt=$db->query('SELECT onions.onion FROM users INNER JOIN onions ON (onions.user_id=users.id) WHERE users.public=1 ORDER BY onions.onion;');
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
echo "<tr><td><a href=\"http://$tmp[0].onion\" target=\"_blank\">$tmp[0].onion</a></td></tr>";
|
||||
echo "<tr><td><a href=\"http://$tmp[0].onion\">$tmp[0].onion</a></td></tr>";
|
||||
}
|
||||
echo '</table>';
|
||||
echo '</body></html>';
|
||||
?>
|
||||
</table>
|
||||
</body></html>
|
||||
|
||||
@ -1,10 +1,5 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
session_start();
|
||||
$user=check_login();
|
||||
if(!isset($_REQUEST['old']) || $_REQUEST['old']==0){
|
||||
|
||||
@ -1,10 +1,6 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$db = get_db_instance();
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
session_start();
|
||||
if(!empty($_SESSION['hosting_username'])){
|
||||
|
||||
@ -1,10 +1,6 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$db = get_db_instance();
|
||||
session_start();
|
||||
$user=check_login();
|
||||
if(!isset($_REQUEST['type'])){
|
||||
|
||||
@ -1,10 +1,6 @@
|
||||
<?php
|
||||
include('../common.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$db = get_db_instance();
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
session_start();
|
||||
if(!empty($_SESSION['hosting_username'])){
|
||||
@ -106,14 +102,14 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
|
||||
echo '<p style="color:red;">To prevent abuse a site can only be registered every 60 seconds, but one has already been registered within the last 60 seconds. Please try again.</p>';
|
||||
$ok=false;
|
||||
}elseif($ok){
|
||||
$mysql_user = add_mysql_user($db, $_POST['pass']);
|
||||
$mysql_user = add_mysql_user($_POST['pass']);
|
||||
$stmt=$db->prepare('INSERT INTO users (username, system_account, password, dateadded, public, php, autoindex, mysql_user, instance) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);');
|
||||
$stmt->execute([$_POST['username'], substr("$onion.onion", 0, 32), $hash, time(), $public_list, $php, $autoindex, $mysql_user, get_new_tor_instance($db)]);
|
||||
$stmt->execute([$_POST['username'], substr("$onion.onion", 0, 32), $hash, time(), $public_list, $php, $autoindex, $mysql_user, get_new_tor_instance()]);
|
||||
$user_id = $db->lastInsertId();
|
||||
$stmt = $db->prepare('INSERT INTO disk_quota (user_id, quota_size, quota_files) VALUES (?, ?, ?);');
|
||||
$stmt->execute([$user_id, DEFAULT_QUOTA_SIZE, DEFAULT_QUOTA_FILES]);
|
||||
add_user_onion($db, $user_id, $onion, $priv_key, $onion_version);
|
||||
add_user_db($db, $user_id);
|
||||
add_user_onion($user_id, $onion, $priv_key, $onion_version);
|
||||
add_user_db($user_id);
|
||||
$stmt=$db->prepare('INSERT INTO new_account (user_id, password) VALUES (?, ?);');
|
||||
$stmt->execute([$user_id, get_system_hash($_POST['pass'])]);
|
||||
if(EMAIL_TO!==''){
|
||||
|
||||
Reference in New Issue
Block a user