PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]); }catch(PDOException $e){ die('No Connection to MySQL database!'); } header('Content-Type: text/html; charset=UTF-8'); session_start(['name'=>'hosting_admin']); if($_SERVER['REQUEST_METHOD']==='HEAD'){ exit; // headers sent, no further processing needed } echo ''; echo 'Daniel\'s Hosting - Login'; echo ''; echo ''; echo ''; echo ''; echo '

Hosting - Admin panel

'; $error=false; if($_SERVER['REQUEST_METHOD']==='POST' && isSet($_POST['pass']) && $_POST['pass']===ADMIN_PASSWORD){ if(!($error=check_captcha_error())){ $_SESSION['logged_in']=true; } } if(empty($_SESSION['logged_in'])){ echo "'; if($error){ echo "

$error

"; }elseif(isSet($_POST['pass'])){ echo "

Wrong password!

"; } echo '

If you disabled cookies, please re-enable them. You can\'t log in without!

'; }else{ echo '

'; if(REQUIRE_APPROVAL){ $stmt=$db->query('SELECT COUNT(*) FROM new_account WHERE approved=0;'); $cnt=$stmt->fetch(PDO::FETCH_NUM)[0]; echo "Approve pending sites ($cnt) | "; } echo "List of hidden hosted sites | Delete accounts | Logout

"; if(empty($_REQUEST['action']) || $_REQUEST['action']==='login'){ echo '

Welcome to the admin panel!

'; }elseif($_REQUEST['action']==='logout'){ session_destroy(); header("Location: $_SERVER[SCRIPT_NAME]"); exit; }elseif($_REQUEST['action']==='list'){ echo ''; echo ''; $stmt=$db->query('SELECT onions.onion FROM users INNER JOIN onions ON (onions.user_id=users.id) WHERE users.public=0 ORDER BY onions.onion;'); while($tmp=$stmt->fetch(PDO::FETCH_NUM)){ echo ""; } echo '

Onion link

$tmp[0].onion

'; }elseif($_REQUEST['action']==='approve'){ if(!empty($_POST['onion'])){ $stmt=$db->prepare('UPDATE new_account INNER JOIN users ON (users.id=new_account.user_id) SET new_account.approved=1 WHERE users.onion=?;'); $stmt->execute([$_POST['onion']]); echo '

Successfully approved

'; } echo ''; echo ''; $stmt=$db->query('SELECT users.username, onions.onion FROM users INNER JOIN new_account ON (users.id=new_account.user_id) INNER JOIN onions ON (onions.user_id=users.id) WHERE new_account.approved=0 ORDER BY users.username;'); while($tmp=$stmt->fetch(PDO::FETCH_NUM)){ echo ""; } echo '

Username	Onion address	Action
$tmp[0]	$tmp[1].onion

'; }elseif($_REQUEST['action']==='delete'){ echo '

Delete accouts:

'; echo "
'; if(!empty($_POST['onion'])){ if(preg_match('~^([a-z2-7]{16})(\.onion)?$~', $_POST['onion'], $match)){ $stmt=$db->prepare('SELECT user_id FROM onions WHERE onion=?;'); $stmt->execute([$match[1]]); if($user_id=$stmt->fetch(PDO::FETCH_NUM)){ $stmt=$db->prepare('UPDATE users SET todelete=1 WHERE id=?;'); $stmt->execute($user_id); echo "

Successfully queued for deletion!

"; }else{ echo "

Onion address not hosted by us!

"; } }else{ echo "

Invalid onion address!

"; } } } } echo '';

Password