auth.php 1.5 KB

1234567891011121314151617181920212223242526272829303132333435
  1. <?php
  2. $debug = false;
  3. require_once("user.php");
  4. $USER = new User("registration_callback");
  5. $ban = isset($_GET['ban']) ? strtoupper($_GET['ban']) : "";
  6. $whitelist = isset($_GET['whitelist']) ? $_GET['whitelist'] : false;
  7. $currentIP = get_client_ip();
  8. if ($whitelist) {
  9. if(in_array($currentIP, getWhitelist($whitelist))) {
  10. !$debug ? exit(http_response_code(200)) : die("$currentIP is Whitelist Authorized");
  11. }
  12. } elseif (isset($_GET['admin'])) {
  13. if($USER->authenticated && $USER->role == "admin" && !in_array(strtoupper($USER->username), getBannedUsers($ban))) {
  14. !$debug ? exit(http_response_code(200)) : die("$USER->username Authorized At Admin Level");
  15. } else {
  16. !$debug ? exit(http_response_code(401)) : die("$USER->username Not Authorized At Admin Level");
  17. }
  18. } elseif (isset($_GET['user'])) {
  19. if($USER->authenticated && !in_array(strtoupper($USER->username), getBannedUsers($ban))) {
  20. !$debug ? exit(http_response_code(200)) : die("$USER->username Authorized At User Level");
  21. } else {
  22. !$debug ? exit(http_response_code(401)) : die("$USER->username Not Authorized At User Level");
  23. }
  24. } elseif (!isset($_GET['user']) && !isset($_GET['admin']) && !isset($_GET['whitelist'])) {
  25. !$debug ? exit(http_response_code(401)) : die("Not Authorized Due To No Parameters Set");
  26. }
  27. if ($skipped) {
  28. !$debug ? exit(http_response_code(401)) : die("$currentIP Not Authorized On Whitelist");
  29. }
  30. !$debug ? exit(http_response_code(401)) : die("$USER->username on $currentIP $skipped Not Authorized");
  31. ?>