$value) { if($header == 'X-Real-IP'){ if (!empty($value)){ $ipcka = $value; } } } $stmt2 = $mysqli->prepare("DELETE FROM Connections WHERE TimestampPing < (CURRENT_TIMESTAMP - 300);"); $stmt2->execute(); $stmt2->store_result(); if (!empty($_GET["adder"])){ if ($_SERVER['REQUEST_METHOD'] == 'POST') { $heslo = trim($_POST['heslo']); if (password_verify($heslo, file_get_contents("secrets/AdminPwdHash"))) { $kod = $_POST['kod']; $url = $_POST['url']; $type = $_POST['type']; $adminpwd = $_POST['adminpwd']; if(!empty($kod) && !empty($url) && !empty($type) && !empty($adminpwd)){ if(strlen($kod) <= 20 && strlen($url) <= 256 && strlen($type) <= 20 && strlen($adminpwd) <= 20){ $stmt2 = $mysqli->prepare("SELECT ID FROM Streams WHERE Code=? OR AdminCode=?"); $stmt2->bind_param('ss', $kod, $adminpwd); $stmt2->execute(); $stmt2->store_result(); if ($stmt2->num_rows > 0) { echo ("Stream exists!"); } else { $stmt = $mysqli->prepare("INSERT INTO Streams (URL, Type, AdminCode, Code) VALUES (?, ?, ?, ?);"); $stmt->bind_param('ssss', $url, $type, $adminpwd, $kod); $stmt->execute(); $stmt->store_result(); echo "Stream added"; } } } } else { echo "Bad password."; } } echo str_replace("__VLOZ_ROK__", date("Y"), file_get_contents("templates/streamadd.html")); exit(); } if (!empty($_SESSION["kod"]) && !empty($_SESSION['listeners']) && !empty($_SESSION["inicialy"]) && !empty($_GET["admin"])) { $kod = $_SESSION['kod']; $stmt = $mysqli->prepare("Select ID, URL, Type, Code FROM Streams WHERE AdminCode = ?;"); $stmt->bind_param('s', $kod); $stmt->bind_result($idcko, $url, $type, $code); $stmt->execute(); $stmt->store_result(); if ($stmt->num_rows > 0){ while ($stmt->fetch()) { if (!empty($_GET["onlyconns"])){ $stmt3 = $mysqli->prepare("Select ID, PHPSessID, TimeConnect, TimePing, Listeners, Inicialy, IP FROM Connections WHERE StreamID = ?"); $stmt3->bind_param('i', $idcko); $stmt3->bind_result($idcko, $phpSessID, $timeConn, $timePing, $listeners, $inicialy, $IP); $stmt3->execute(); $stmt3->store_result(); $connadm = ' '; if ($stmt3->num_rows > 0){ while ($stmt3->fetch()) { $connadm = $connadm . '' . '' . '' . '' . ''; } } $connadm = $connadm . '

Iniciály	Listeners	Date and time of connection	Date and time of keepalive	IP address
' . $inicialy . '	' . $listeners . '	' . $timeConn . '	' . $timePing . '	' . $IP . '

'; echo $connadm; } else{ if (!empty($_GET['delete'])&&!empty($_POST['delete'])){ if($_POST['delete'] == "*"){ $stmt5 = $mysqli->prepare("DELETE from Chat WHERE StreamID = ?;"); $stmt5->bind_param('i', $idcko); $stmt5->execute(); $stmt5->store_result(); } else{ $deleteid = intval($_POST['delete']); if ($deleteid >= 0){ $stmt6 = $mysqli->prepare("DELETE from Chat WHERE StreamID = ? AND ID = ?;"); $stmt6->bind_param('ii', $idcko, $deleteid); $stmt6->execute(); $stmt6->store_result(); } } } else{ $stmt7 = $mysqli->prepare("Select ID, Timestamp, Author, Message from Chat WHERE StreamID = ?;"); $stmt7->bind_param('i', $idcko); $stmt7->bind_result($idckochat, $timestamp, $author, $message); $stmt7->execute(); $stmt7->store_result(); $chatadm = ' '; if ($stmt7->num_rows > 0){ while ($stmt7->fetch()){ $chatadm = $chatadm . '' . "\n"; } } $chatadm = $chatadm . '

Author	Date	Message	Delete
' . $author . '	' . date("d.m.Y H:i:s", $tmstmp) . ' GMT	' . $message . '

'; if (!empty($_GET['onlytable'])){ echo $chatadm; } else{ $dats = file_get_contents("templates/admin.html"); $dats = str_replace('__VLOZ_CHAT_ADMIN_TABULKU__', $chatadm , $dats); $dats = str_replace('__VLOZ_URL_AUDIA__', $config->url , $dats); $dats = str_replace('__VLOZ_TYP_AUDIA__', $config->type , $dats); $dats = str_replace('__VLOZ_ROK__', date("Y"), $dats); echo $dats; } } } } } exit(); } if (!empty($_GET['logout'])) { $stmt3 = $mysqli->prepare("DELETE FROM Connections WHERE PHPSessID = ?;"); $stmt3->bind_param("s", session_id()); $stmt3->execute(); $stmt3->store_result(); $_SESSION["kod"] = ''; $_SESSION["listeners"] = ''; $_SESSION['inicialy'] = ''; session_destroy(); session_unset(); setcookie("inicialy", "", 1); echo ' '; exit(); } if (!empty($_GET['verify'])&&!empty($_POST['kod'])){ if ($_GET['verify'] == 1){ if(strlen($_POST['kod']) <= 20){ $kod = $_POST['kod']; $stmt5 = $mysqli->prepare("Select ID FROM Streams WHERE AdminCode = ?;"); $stmt5->bind_param('s', $kod); $stmt5->execute(); $stmt5->store_result(); if ($stmt5->num_rows > 0) { while ($stmt5->fetch()){ } echo "admin"; } else{ $stmt4 = $mysqli->prepare("Select ID FROM Streams WHERE Code = ?;"); $stmt4->bind_param('s', $kod); $stmt4->execute(); $stmt4->store_result(); if ($stmt4->num_rows > 0) { while ($stmt4->fetch()){ } echo "verified"; } else{ echo "unverified"; } } } else{ echo "unverified"; } } exit(); } if (!empty($_GET['keepalive'])){ $stmt6 = $mysqli->prepare("Select ID FROM Streams WHERE Code = ? OR AdminCode = ?;"); $stmt6->bind_param('ss', $kod, $kod); $stmt6->execute(); $stmt6->store_result(); if ($stmt6->num_rows > 0) { $stmt7 = $mysqli->prepare("Update Connections SET TimestampPing=CURRENT_TIMESTAMP, TimePing = ? FROM WHERE StreamID = ?;"); $stmt7->bind_param("si", date("Y.n.d H:i:s"), $streamidcko); $stmt7->execute(); $stmt7->store_result(); } exit(); } if (!empty($_GET['chat'])){ if (!empty($_SESSION["kod"]) && !empty($_SESSION['listeners']) && !empty($_SESSION['inicialy'])) { $kod = $_SESSION['kod']; $stmt8 = $mysqli->prepare("Select ID FROM Streams WHERE Code = ? OR AdminCode = ?;"); $stmt8->bind_param('ss', $kod, $kod); $stmt8->bind_result($idcko); $stmt8->execute(); $stmt8->store_result(); if ($stmt8->num_rows > 0){ while ($stmt8->fetch()){ if (!empty($_GET['send'])&& !empty($_POST['text'])){ if (strlen($_POST['text']) <= 1024){ $stmt9 = $mysqli->prepare("INSERT INTO Chat (Author, Message, StreamID) VALUES (?, ?, ?);"); $stmt9->bind_param('ssi', $_SESSION['inicialy'], $_POST['text'], $idcko); $stmt9->execute(); $stmt9->store_result(); } } else{ $stmt10 = $mysqli->prepare("Select Author, Message, Timestamp FROM Chat WHERE StreamID = ?;"); $stmt10->bind_param('i', $idcko); $stmt10->execute(); $stmt10->store_result(); $stmt10->bind_result($author, $msg, $tmstmp); $data = ""; if ($stmt10->num_rows() > 0) { while ($stmt10->fetch()){ $data = $data . '• ' . $author . ' on ' . date("d.m.Y H:i:s", intval($tmstmp)) . ' GMT said: ' . $msg . "\n"; } } echo $data; } } } } exit(); } if (!empty($_POST['kod']) && !empty($_POST['listeners']) && !empty($_POST['ini'])){ if(strlen($_POST['kod']) <= 20 && strlen($_POST['ini']) <= 100 && intval($_POST['listeners']) <= 999 && intval($_POST['listeners']) >= 1){ $kod = $_POST['kod']; $stmt11 = $mysqli->prepare("Select ID FROM Streams WHERE Code = ? OR AdminCode = ?;"); $stmt11->bind_param('ss', $kod, $kod); $stmt11->bind_result($idcko); $stmt11->execute(); $stmt11->store_result(); if ($stmt11->num_rows > 0) { while ($stmt11->fetch()){ $listeners = intval($_POST['listeners']); $inicialy = $_POST['ini']; $_SESSION["kod"] = $kod; $_SESSION['listeners'] = $listeners; $_SESSION['inicialy'] = $inicialy; setcookie("inicialy", $inicialy); $stmt12 = $mysqli->prepare("INSERT INTO Connections (PHPSessID, TimeConnect, TimestampPing, TimePing, Listeners, Inicialy, IP, StreamID) VALUES (?, ?, CURRENT_TIMESTAMP, ?, ?, ?, ?, ?);"); $stmt12->bind_param('sssissi', session_id(), date("Y.n.d H:i:s"), date("Y.n.d H:i:s"), $listeners, $inicialy, $ipcka, $idcko); $stmt12->execute(); $stmt12->store_result(); echo ' '; } } else { $_SESSION["kod"] = ''; $_SESSION['listeners'] = ''; $_SESSION['inicialy'] = ''; echo ' '; session_destroy(); } } exit(); } if (!empty($_SESSION['listeners']) && !empty($_SESSION['inicialy']) && !empty($_SESSION['kod'])){ $kod = $_SESSION['kod']; $stmt13 = $mysqli->prepare("Select ID, URL, Type, AdminCode, Code FROM Streams WHERE Code = ? OR AdminCode = ?;"); $stmt13->bind_param('ss', $kod, $kod); $stmt13->bind_result($idcko, $url, $type, $admincode, $code); $stmt13->execute(); $stmt13->store_result(); if ($stmt13->num_rows > 0){ while ($stmt13->fetch()){ $year = date("Y"); $player = file_get_contents("templates/player.html"); $player = str_replace('__VLOZ_URL_AUDIA__', $url , $player); $player = str_replace('__VLOZ_TYP_AUDIA__', $type , $player); $player = str_replace('__VLOZ_ROK__', $year, $player); if($_SESSION["kod"] == $admincode){ $player = str_replace('__VLOZ_ADMIN_LINK__', 'Administrácia', $player); } else{ $player = str_replace('__VLOZ_ADMIN_LINK__', "" , $player); } echo($player); } } } else{ echo str_replace("__VLOZ_ROK__", date("Y"), file_get_contents("templates/login.html")); } ?>