před 8 roky · 18b5d946a9
--- a/auth.php
+++ b/auth.php
@@ -23,53 +23,35 @@ function getWhitelist($string){
 
				     return $whitelist;
			
 
				 }
			
 
				 
			
 
				-if (isset($_GET['ban'])) : $ban = strtoupper($_GET['ban']); else : $ban = ""; endif;
			
 
				-if (isset($_GET['whitelist'])) : $whitelist = strtoupper($_GET['whitelist']); else : $whitelist = ""; endif;
			
 
				-$currentIP = $_SERVER['REMOTE_ADDR'];
			
 
				+//if (isset($_GET['ban'])) : $ban = strtoupper($_GET['ban']); else : $ban = ""; endif;
			
 
				+//if (isset($_GET['whitelist'])) : $whitelist = $_GET['whitelist']; else : $whitelist = ""; endif;
			
 
				+$ban = isset($_GET['ban']) ? strtoupper($_GET['ban']) : "";
			
 
				+$whitelist = isset($_GET['whitelist']) ? $_GET['whitelist'] : false;
			
 
				+$currentIP = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : false;
			
 
				 
			
 
				 require_once("user.php");
			
 
				 $USER = new User("registration_callback");
			
 
				 
			
 
				-if (isset($_GET['admin'])) :
			
 
				-
			
 
				-    if($USER->authenticated && $USER->role == "admin" && !in_array(strtoupper($USER->username), getBannedUsers($ban))) :
			
 
				-
			
 
				+if ($whitelist) {
			
 
				+    if(in_array($currentIP, getWhitelist($whitelist))) {
			
 
				+       exit(http_response_code(200)); 
			
 
				+	} else {
			
 
				+       exit(http_response_code(401));
			
 
				+	}
			
 
				+} elseif (isset($_GET['admin'])) {
			
 
				+    if($USER->authenticated && $USER->role == "admin" && !in_array(strtoupper($USER->username), getBannedUsers($ban))) {
			
 
				         exit(http_response_code(200));
			
 
				-
			
 
				-    else :
			
 
				-
			
 
				+	} else {
			
 
				         exit(http_response_code(401));
			
 
				-
			
 
				-    endif;
			
 
				-
			
 
				-elseif (isset($_GET['user'])) :
			
 
				-
			
 
				-    if($USER->authenticated && !in_array(strtoupper($USER->username), getBannedUsers($ban))) :
			
 
				-
			
 
				+    }
			
 
				+} elseif (isset($_GET['user'])) {
			
 
				+    if($USER->authenticated && !in_array(strtoupper($USER->username), getBannedUsers($ban))) {
			
 
				         exit(http_response_code(200));
			
 
				-
			
 
				-    else :
			
 
				-
			
 
				+	} else {
			
 
				         exit(http_response_code(401));
			
 
				-
			
 
				-    endif;
			
 
				-
			
 
				-elseif (isset($_GET['whitelist'])) :
			
 
				-
			
 
				-    if(in_array($currentIP, getWhitelist($whitelist))) :
			
 
				-       
			
 
				-       exit(http_response_code(200));
			
 
				-       
			
 
				-    else :
			
 
				-
			
 
				-        exit(http_response_code(401));
			
 
				-
			
 
				-    endif;
			
 
				-
			
 
				-elseif (!isset($_GET['user']) && !isset($_GET['admin']) && !isset($_GET['whitelist'])) :
			
 
				-
			
 
				+	}
			
 
				+} elseif (!isset($_GET['user']) && !isset($_GET['admin']) && !isset($_GET['whitelist'])) {
			
 
				     exit(http_response_code(401));
			
 
				-
			
 
				-endif;
			
 
				+}
			
 
				 
			
 
				 ?>