P7COMunications/panchat
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
panchat/modcp.php
PANCHO7532 ba06e84643 P7RND_882550
2021-10-13 08:18:50 -03:00

178 lines
6.9 KiB
PHP
Raw Permalink Blame History

<?php
/*
* /=======================================================\
* | Panchat v2.0.0 |
* | Copyright (c) P7COMunications LLC 2021 - PANCHO7532 |
* |=======================================================/
* |-> Purpose: Moderation Control Panel
* ---------------------------------------------------------
*/
include 'config.inc.php';
$dataModel = array(
"messages" => array()
);
$moderationModel = array(
"bannedNicknames" => array(),
"bannedIPs" => array(),
"allowedIPsCLS" => array()
);
function xorCrypto($key, $data) {
$result = "";
for($a = 0, $b = 0; $a < strlen($data); $a++, $b++) {
if($b >= strlen($key)) { $b = 0; }
$result .= $data{$a} ^ $key{$b};
}
return $result;
}
function basicFileCheck($filedir, $filedb, $filemod, $dataModel, $moderationModel) {
if(!file_exists($filedir)) {
//checking if data folder exists for begin with
mkdir($filedir);
}
if(!file_exists($filedb)) {
//checking if message database exists
$fileHandler = fopen($filedb, "w");
fwrite($fileHandler, json_encode($dataModel));
fclose($fileHandler);
}
if(!file_exists($filemod)) {
$fileHandler = fopen($filemod, "w");
fwrite($fileHandler, json_encode($moderationModel));
fclose($fileHandler);
}
}
basicFileCheck($filedir, $filedb, $filemod, $dataModel, $moderationModel);
if(isset($_COOKIE['username']) && isset($_COOKIE['passwd'])) {
$username = htmlspecialchars($_COOKIE['username']);
$password = htmlspecialchars($_COOKIE['passwd']);
if(md5(base64_encode(xorCrypto($xorKey, $u1a))) == $username && md5(base64_encode(xorCrypto($xorKey, $u1b))) == $password) {
echo "<!DOCTYPE html><html><head><title>ModCP - Panchat</title></head><body><fieldset><legend>Welcome, $u1a - <a href='modAuth.php?logout=1'>Logout</a></legend>";
} else {
header("Location: error.html");
}
} else {
header("Location: error.html");
}
//all authenticated actions for the panel should go after this line
if($_SERVER["REQUEST_METHOD"] == "POST") {
// it's a POST request
if(isset($_POST["modAction"]) && isset($_POST["modActionValue"])) {
if($_POST["modActionValue"] == "") {
header("Location: modcp.php");
}
$tmpModData = json_decode(file_get_contents($filemod), true);
switch($_POST["modAction"]) {
case "banNick":
//action
$tmpModActionData = base64_encode(xorCrypto($xorKey, htmlspecialchars($_POST["modActionValue"])));
array_push($tmpModData["bannedNicknames"], $tmpModActionData);
$fileHandler = fopen($filemod, "w");
fwrite($fileHandler, json_encode($tmpModData));
fclose($fileHandler);
break;
case "banIP":
//action
$tmpModActionData = base64_encode(xorCrypto($xorKey, htmlspecialchars($_POST["modActionValue"])));
array_push($tmpModData["bannedIPs"], $tmpModActionData);
$fileHandler = fopen($filemod, "w");
fwrite($fileHandler, json_encode($tmpModData));
fclose($fileHandler);
break;
case "allowIPC":
//action
$tmpModActionData = base64_encode(xorCrypto($xorKey, htmlspecialchars($_POST["modActionValue"])));
array_push($tmpModData["allowedIPsCLS"], $tmpModActionData);
$fileHandler = fopen($filemod, "w");
fwrite($fileHandler, json_encode($tmpModData));
fclose($fileHandler);
break;
default:
break;
}
}
}
if(isset($_GET["removeNick"]) && $_GET["removeNick"] != "") {
$tmpModData = json_decode(file_get_contents($filemod), true);
$tmpModData["bannedNicknames"] = array_diff($tmpModData["bannedNicknames"], array($_GET["removeNick"]));
$fileHandler = fopen($filemod, "w");
fwrite($fileHandler, json_encode($tmpModData));
fclose($fileHandler);
}
if(isset($_GET["removeIP"]) && $_GET["removeIP"] != "") {
$tmpModData = json_decode(file_get_contents($filemod), true);
$tmpModData["bannedIPs"] = array_diff($tmpModData["bannedIPs"], array($_GET["removeIP"]));
$fileHandler = fopen($filemod, "w");
fwrite($fileHandler, json_encode($tmpModData));
fclose($fileHandler);
}
if(isset($_GET["removeIPc"]) && $_GET["removeIPc"] != "") {
$tmpModData = json_decode(file_get_contents($filemod), true);
$tmpModData["allowedIPsCLS"] = array_diff($tmpModData["allowedIPsCLS"], array($_GET["removeIPc"]));
$fileHandler = fopen($filemod, "w");
fwrite($fileHandler, json_encode($tmpModData));
fclose($fileHandler);
}
?>
<form action="modcp.php" method="POST">
<p>Banned nicknames:</p>
<ul>
<?php
include 'config.inc.php';
$nickDB = json_decode(file_get_contents($filemod), true);
if(sizeof($nickDB["bannedNicknames"]) == 0) {
echo "<li>[No banned nicknames]";
} else {
foreach($nickDB["bannedNicknames"] as $nicks) {
$tmpnick = xorCrypto($xorKey, base64_decode($nicks));
echo "<li>{$tmpnick} <a href=\"modcp.php?removeNick={$nicks}\">[Remove]</a></li>";
}
}
?>
</ul>
<p>Banned IPs:</p>
<ul>
<?php
include 'config.inc.php';
$ipDB = json_decode(file_get_contents($filemod), true);
if(sizeof($ipDB["bannedIPs"]) == 0) {
echo "<li>[No banned IPs]";
} else {
foreach($ipDB["bannedIPs"] as $ips) {
$tmpip = xorCrypto($xorKey, base64_decode($ips));
echo "<li>{$tmpip} <a href=\"modcp.php?removeIP={$ips}\">[Remove]</a></li>";
}
}
?>
</ul>
<p>Allowed IPs for clear chat:</p>
<ul>
<?php
include 'config.inc.php';
$ipcDB = json_decode(file_get_contents($filemod), true);
if($lockclschat == "disable") {
echo "[WARNING] 'lockclschat' variable is set to \"disabled\", values in this list will not be used.";
}
if(sizeof($ipDB["allowedIPsCLS"]) == 0) {
echo "<li>[No whitelisted IPs]";
} else {
foreach($ipcDB["allowedIPsCLS"] as $ipc) {
$tmpipc = xorCrypto($xorKey, base64_decode($ipc));
echo "<li>{$tmpipc} <a href=\"modcp.php?removeIPc={$ipc}\">[Remove]</a></li>";
}
}
?>
</ul>
<p>Add a record:</p>
Action: <select name="modAction" id="modAction">
<option value="banNick" selected>Ban Nickname</option>
<option value="banIP">Ban IP</option>
<option value="allowIPC">Allow IP (for clear chat)</option>
</select>
<br>
Value: <input type="text" autocomplete="off" name="modActionValue"/>
<input type="submit" value="Submit"/>
<br><a href="index.php">Go to the main page</a>
</form>
</fieldset>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink