'hosting_admin']); if($_SERVER['REQUEST_METHOD']==='HEAD'){ exit; // headers sent, no further processing needed } print_header('Admin panel', 'td{padding:5px;}', '_blank'); ?>

Hosting - Admin panel

'; echo ""; send_captcha(); echo ""; echo '

Password

'; if($error){ echo "

$error

"; }elseif(isset($_POST['pass'])){ echo "

Wrong password!

"; } echo '

If you disabled cookies, please re-enable them. You can\'t log in without!

'; }else{ echo '

'; if(REQUIRE_APPROVAL){ $stmt=$db->query('SELECT COUNT(*) FROM new_account WHERE approved=0;'); $cnt=$stmt->fetch(PDO::FETCH_NUM)[0]; echo 'Approve pending sites ($cnt) | "; } echo 'List of accounts | Delete accounts | Suspend hidden services | Edit hidden services | Logout

'; if(empty($_REQUEST['action']) || $_REQUEST['action']==='login'){ echo '

Welcome to the admin panel!

'; }elseif($_REQUEST['action'] === 'logout'){ session_destroy(); header('Location: ' . $_SERVER['SCRIPT_NAME']); exit; }elseif($_REQUEST['action'] === 'list'){ echo '

'; echo ''; echo ''; echo ''; $stmt=$db->query('SELECT users.username, onions.onion, onions.enabled FROM users INNER JOIN onions ON (onions.user_id=users.id) ORDER BY users.username;'); $sccounts = []; while($tmp=$stmt->fetch(PDO::FETCH_NUM)){ $accounts[$tmp[0]] []= [$tmp[1], $tmp[2]]; } foreach($accounts as $account => $onions){ echo ""; } echo '

Username	Onion link	Action
$account	"; $first = true; foreach($onions as $onion){ if($first){ $first = false; }else{ echo ' '; } if($onion[1]=='1'){ echo "$onion[0].onion"; }else{ echo "$onion[0].onion"; } } echo "

'; }elseif(substr($_REQUEST['action'], 0, 7) === 'approve'){ $onion = substr($_REQUEST['action'], 8); if(!empty($onion)){ if($error=check_csrf_error()){ echo '

'.$error.'

'; }else{ $stmt=$db->prepare('UPDATE new_account INNER JOIN onions ON (onions.user_id=new_account.user_id) SET new_account.approved=1 WHERE onions.onion=?;'); $stmt->execute([$onion]); echo '

Successfully approved

'; } } echo '

'; echo ''; echo ''; echo ''; $stmt=$db->query('SELECT users.username, onions.onion FROM users INNER JOIN new_account ON (users.id=new_account.user_id) INNER JOIN onions ON (onions.user_id=users.id) WHERE new_account.approved=0 ORDER BY users.username;'); while($tmp=$stmt->fetch(PDO::FETCH_NUM)){ echo ""; } echo '

Username	Onion address	Action
$tmp[0]	$tmp[1].onion

'; }elseif(substr($_REQUEST['action'], 0, 6) === 'delete'){ $onion = ''; if(isset($_POST['onion'])){ $onion = $_POST['onion']; }else{ $onion = substr($_REQUEST['action'], 7); } echo '

Delete accouts:

'; echo '
'; if(!empty($onion)){ if($error=check_csrf_error()){ echo '

'.$error.'

'; }elseif(preg_match('~^([a-z2-7]{16}|[a-z2-7]{56})(\.onion)?$~', $onion, $match)){ $stmt=$db->prepare('SELECT user_id FROM onions WHERE onion=?;'); $stmt->execute([$match[1]]); if($user_id=$stmt->fetch(PDO::FETCH_NUM)){ $stmt=$db->prepare('UPDATE users SET todelete=1 WHERE id=?;'); $stmt->execute($user_id); echo "

Successfully queued for deletion!

"; }else{ echo "

Onion address not hosted by us!

"; } }else{ echo "

Invalid onion address!

"; } } }elseif(substr($_REQUEST['action'], 0, 7) === 'suspend'){ $onion = ''; if(isset($_POST['onion'])){ $onion = $_POST['onion']; }else{ $onion = substr($_REQUEST['action'], 8); } echo '

Suspend hidden service:

'; echo '
'; if(!empty($onion)){ if($error=check_csrf_error()){ echo '

'.$error.'

'; }elseif(preg_match('~^([a-z2-7]{16}|[a-z2-7]{56})(\.onion)?$~', $onion, $match)){ $stmt=$db->prepare('SELECT instance FROM onions WHERE onion=?;'); $stmt->execute([$match[1]]); if($instance=$stmt->fetch(PDO::FETCH_NUM)){ $stmt=$db->prepare('UPDATE onions SET enabled=-2 WHERE onion=?;'); $stmt->execute([$match[1]]); echo "

Successfully queued for suspension!

"; enqueue_instance_reload($instance[0]); }else{ echo "

Onion address not hosted by us!

"; } }else{ echo "

Invalid onion address!

"; } } }elseif(substr($_REQUEST['action'], 0, 4) === 'edit'){ $onion = ''; if(isset($_POST['onion'])){ $onion = $_POST['onion']; }else{ $onion = substr($_REQUEST['action'], 5); } echo '

Edit hidden service:

'; echo '
'; if(!empty($onion)){ if($error=check_csrf_error()){ echo '

'.$error.'

'; }elseif(preg_match('~^([a-z2-7]{16}|[a-z2-7]{56})(\.onion)?$~', $onion, $match)){ if(isset($_POST['num_intros'])){ $stmt=$db->prepare('SELECT version, instance FROM onions WHERE onion=?;'); $stmt->execute([$match[1]]); if($onion=$stmt->fetch(PDO::FETCH_NUM)){ $stmt=$db->prepare('UPDATE onions SET enabled = ?, enable_smtp = ?, num_intros = ?, max_streams = ? WHERE onion=?;'); $enabled = isset($_POST['enabled']) ? 1 : 0; $enable_smtp = isset($_POST['enable_smtp']) ? 1 : 0; $num_intros = intval($_POST['num_intros']); if($num_intros<3){ $num_intros = 3; }elseif($onion[0]==2 && $num_intros>10){ $num_intros = 10; }elseif($num_intros>20){ $num_intros = 20; } $max_streams = intval($_POST['max_streams']); if($max_streams<0){ $max_streams = 0; }elseif($max_streams>65535){ $max_streams = 65535; } $stmt->execute([$enabled, $enable_smtp, $num_intros, $max_streams, $match[1]]); enqueue_instance_reload($onion[1]); echo "

Changes successfully saved!

"; } } $stmt=$db->prepare('SELECT onion, enabled, enable_smtp, num_intros, max_streams, version FROM onions WHERE onion=?;'); $stmt->execute([$match[1]]); if($onion=$stmt->fetch(PDO::FETCH_NUM)){ echo '

'; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; }else{ echo "

Onion address not hosted by us!

"; } }else{ echo "

Invalid onion address!

"; } } } } echo '';

Onion	Enabled	SMTP enabled	Nr. of intros	Max streams per rend circuit	Save
	Enabled	Enabled