2023-02-06 20:47:18 +01:00

446 lines
17 KiB
PHP
Executable File

<?php
session_start();
$mysqli = new mysqli('localhost', 'streaming', file_get_contents("secrets/MySQLPWD"), 'streaming');
$ipcka = $_SERVER['REMOTE_ADDR'];
$headers = apache_request_headers();
foreach ($headers as $header => $value) {
if($header == 'X-Real-IP'){
if (!empty($value) && $_SERVER['REMOTE_ADDR'] == "127.0.0.1"){
$ipcka = $value;
}
}
}
//BEGIN FUNCTIONS
function languageSelector(){
$lang_dir = "templates/locale";
$langs = scandir($lang_dir);
$langSelectDat = '<div id="langselect"><label for="langselector">Language/Jazyk:</label><select id="langselector">\n';
foreach($langs as $lang){
if (str_contains($lang, ".json")){
$parsedLang = json_decode(file_get_contents($lang_dir . '/' . $lang), true);
$shortLang = $parsedLang['__LOCALIZATION_LANG_SHORT'];
$longLang = $parsedLang['__LOCALIZATION_LANG_LONG'];
if ($lang == $_SESSION['language'] . '.json'){
$langSelectDat = $langSelectDat . '<option selected onclick="SetLang(\'' . $shortLang . '\');">'. $longLang . '</option>' . "\n";
}
else{
$langSelectDat = $langSelectDat . '<option onclick="SetLang(\'' . $shortLang . '\');">'. $longLang . '</option>' . "\n";
}
}
}
$langSelectDat = $langSelectDat . '</select></div>';
return $langSelectDat;
}
function localize($input_string){
if (empty($_SESSION['language'])){
if (empty($_COOKIE['language'])){
$_SESSION['language'] = "en";
setcookie("language", $_SESSION['language'], 2147483647);
}
else{
$_SESSION['language'] = $_COOKIE['language'];
}
}
$language = htmlspecialchars($_SESSION['language']) ;
$lang_dir = "templates/locale";
$langs = scandir($lang_dir);
$lang_file = "";
foreach($langs as $lang){
if ($lang == $language . '.json'){
$lang_file = $lang_dir . '/' . $lang;
}
}
if (!file_exists($lang_file)){
$_SESSION['language'] = "en";
setcookie("language", $_SESSION['language'], 2147483647);
$lang_file = $lang_dir . '/' . $lang;
}
if (file_exists($lang_file)){
$language_obj = json_decode(file_get_contents($lang_file), true);
$tempStr = str_replace("__VLOZ_ROK__", date("Y"), $input_string);
$tempStr = str_replace("__LOCALIZATION_LANGSELECT__", languageSelector(), $tempStr);
$tempStr = str_replace("__LOCALIZATION_LANGSELECT_SCRIPT__", file_get_contents('templates/langSelector.js'), $tempStr);
foreach ($language_obj as $key => $value){
$tempStr = str_replace($key, $value, $tempStr);
}
return $tempStr;
}
else{
return 'LANGUAGE NON EXISTENT';
}
}
function connectionAdminTable($idcko){
global $mysqli;
$stmt2 = $mysqli->prepare("DELETE FROM Connections WHERE TimestampPing < (CURRENT_TIMESTAMP - 300);");
$stmt2->execute();
$stmt2->store_result();
$stmt3 = $mysqli->prepare("Select ID, PHPSessID, TimeConnect, TimePing, Listeners, Inicialy, IP FROM Connections WHERE StreamID = ?");
$stmt3->bind_param('i', $idcko);
$stmt3->bind_result($idckoconnection, $phpSessID, $timeConn, $timePing, $listeners, $inicialy, $IP);
$stmt3->execute();
$stmt3->store_result();
$connadm = '
<table style="width:100%">
<tr><th>__LOCALIZATION_LOGIN_INITIALS_LABEL__</th><th>__LOCALIZATION_LOGIN_LISTENERS_LABEL__</th><th>__LOCALIZATION_CONNECTIONS_DATETIME_CONNECT_ADMIN__</th><th>__LOCALIZATION_CONNECTIONS_DATETIME_PING_ADMIN__</th><th>__LOCALIZATION_CONNECTIONS_IP_ADMIN__</th></tr>
';
if ($stmt3->num_rows > 0){
$listenersall = 0;
$connctionsall = 0;
while ($stmt3->fetch())
{
$connadm = $connadm . '<tr><td>' . $inicialy . '</td>' . '<td>' . $listeners . '</td>' . '<td>' . $timeConn . '</td>' . '<td>' . $timePing . '</td>' . '<td>' . $IP . '</td></tr>';
$listenersall += intval($listeners);
$connctionsall += 1;
}
}
$connadm = $connadm . '</table>';
$connadm = $connadm . "<p>__LOCALIZATION_ALL_CONNECTIONS__" . strval($connctionsall) . "</p>\n";
$connadm = $connadm . "<p>__LOCALIZATION_ALL_LISTENERS__" . strval($listenersall) . "</p>\n";
$localized = localize($connadm);
return $localized;
}
function chatAdminTable($idcko){
global $mysqli;
$stmt7 = $mysqli->prepare("Select ID, Timestamp, Author, Message from Chat WHERE StreamID = ?;");
$stmt7->bind_param('i', $idcko);
$stmt7->bind_result($idckochat, $timestamp, $author, $message);
$stmt7->execute();
$stmt7->store_result();
$chatadm = '
<table style="width:100%">
<tr>
<th>__LOCALIZATION_CHAT_AUTHOR_ADMIN__</th><th>__LOCALIZATION_CHAT_DATE_ADMIN__</th><th>__LOCALIZATION_CHAT_MESSAGE_ADMIN__</th><th>__LOCALIZATION_CHAT_ADMIN_DELETE_HEAD__</th>
</tr>
';
if ($stmt7->num_rows > 0){
while ($stmt7->fetch()){
$chatadm = $chatadm . '<tr><td>' . $author . '</td><td>' . $timestamp . ' GMT</td><td>' . $message . '<td><button onclick="deleteit(' . $idckochat . ')">__LOCALIZATION_CHAT_ADMIN_DELETE__</button></td></tr>' . "\n";
}
}
$chatadm = $chatadm . '</table>';
$localized = localize($chatadm);
return $localized;
}
//END OF FUNCTIONS
//CHAT AUTO PURGE
if ( (!empty($_GET['delete'])&&!empty($_POST['delete'])) || (!empty($_GET['chat'])) || (!empty($_GET['onlychattable']))){
$stmt20 = $mysqli->prepare("DELETE FROM Chat WHERE Timestamp < (CURRENT_TIMESTAMP - 86400);");
$stmt20->execute();
$stmt20->store_result();
}
//API CALLS START
if (!empty($_GET['setLang'])){
$language = htmlspecialchars($_GET['setLang']);
$lang_dir = "templates/locale";
$langs = scandir($lang_dir);
$lang_file = "";
foreach($langs as $lang){
if ($lang == $language . '.json'){
$lang2 = str_replace(".json", "", $lang);
$_SESSION['language'] = htmlspecialchars($lang2);
setcookie("language", $_SESSION['language'], 2147483647);
}
}
exit();
}
if (!empty($_GET['keepalive'])){
$kod = htmlspecialchars($_SESSION['kod']);
$stmt6 = $mysqli->prepare("Select ID FROM Streams WHERE Code = ? OR AdminCode = ?;");
$stmt6->bind_param('ss', $kod, $kod);
$stmt6->execute();
$stmt6->store_result();
if ($stmt6->num_rows > 0)
{
while($stmt6->fetch()){
$stmt7 = $mysqli->prepare("UPDATE Connections SET TimestampPing=CURRENT_TIMESTAMP, TimePing = ? WHERE PHPSessID = ?;");
$currsessid = session_id();
$curdate = date("Y.n.d H:i:s");
$stmt7->bind_param("ss", $curdate, $currsessid);
$stmt7->execute();
$stmt7->store_result();
}
}
exit();
}
if (!empty($_GET['logout']))
{
$stmt3 = $mysqli->prepare("DELETE FROM Connections WHERE PHPSessID = ?;");
$currsessid = session_id();
$stmt3->bind_param("s", $currsessid);
$stmt3->execute();
$stmt3->store_result();
$_SESSION["kod"] = '';
$_SESSION["listeners"] = '';
$_SESSION['inicialy'] = '';
session_destroy();
session_unset();
setcookie("inicialy", "", 1);
echo file_get_contents("templates/redirect.html");
exit();
}
if (!empty($_GET['verify'])&&!empty($_POST['kod'])){
if ($_GET['verify'] == 1){
if(strlen($_POST['kod']) <= 20){
$kod = htmlspecialchars($_POST['kod']);
$stmt5 = $mysqli->prepare("Select ID FROM Streams WHERE AdminCode = ?;");
$stmt5->bind_param('s', $kod);
$stmt5->execute();
$stmt5->store_result();
if ($stmt5->num_rows > 0)
{
while ($stmt5->fetch()){
}
echo "admin";
}
else{
$stmt4 = $mysqli->prepare("Select ID FROM Streams WHERE Code = ?;");
$stmt4->bind_param('s', $kod);
$stmt4->execute();
$stmt4->store_result();
if ($stmt4->num_rows > 0)
{
while ($stmt4->fetch()){
}
echo "verified";
}
else{
echo "unverified";
}
}
}
else{
echo "unverified";
}
}
exit();
}
if (!empty($_GET['chat'])){
if (!empty($_SESSION["kod"]) && !empty($_SESSION['listeners']) && !empty($_SESSION['inicialy']))
{
$kod = htmlspecialchars($_SESSION['kod']);
$stmt8 = $mysqli->prepare("Select ID FROM Streams WHERE Code = ? OR AdminCode = ?;");
$stmt8->bind_param('ss', $kod, $kod);
$stmt8->bind_result($idcko);
$stmt8->execute();
$stmt8->store_result();
if ($stmt8->num_rows > 0){
while ($stmt8->fetch()){
if (!empty($_GET['send'])&& !empty($_POST['text'])){
if (strlen($_POST['text']) <= 1024){
$stmt9 = $mysqli->prepare("INSERT INTO Chat (Author, Message, StreamID) VALUES (?, ?, ?);");
$messagetext = htmlspecialchars($_POST['text']);
$inicialy = htmlspecialchars($_SESSION['inicialy']);
$stmt9->bind_param('ssi', $inicialy, $messagetext, $idcko);
$stmt9->execute();
$stmt9->store_result();
}
}
else{
$stmt10 = $mysqli->prepare("Select Author, Message, Timestamp FROM Chat WHERE StreamID = ?;");
$stmt10->bind_param('i', $idcko);
$stmt10->execute();
$stmt10->store_result();
$stmt10->bind_result($author, $msg, $tmstmp);
$data = "";
if ($stmt10->num_rows() > 0) {
while ($stmt10->fetch()){
$data = $data . '• ' . $author . ' on ' . $tmstmp . ' GMT said: ' . $msg . "\n";
}
}
echo localize($data);
}
}
}
}
exit();
}
//LOGIN HANDLING
if (!empty($_POST['kod']) && !empty($_POST['listeners']) && !empty($_POST['ini'])){
if(strlen($_POST['kod']) <= 20 && strlen($_POST['ini']) <= 100 && intval(htmlspecialchars($_POST['listeners'])) <= 999 && intval(htmlspecialchars($_POST['listeners'])) >= 1){
$kod = htmlspecialchars($_POST['kod']);
$stmt11 = $mysqli->prepare("Select ID FROM Streams WHERE Code = ? OR AdminCode = ?;");
$stmt11->bind_param('ss', $kod, $kod);
$stmt11->bind_result($idcko);
$stmt11->execute();
$stmt11->store_result();
if ($stmt11->num_rows > 0)
{
while ($stmt11->fetch()){
$listeners = intval(htmlspecialchars($_POST['listeners']));
$inicialy = htmlspecialchars($_POST['ini']);
$_SESSION["kod"] = htmlspecialchars($kod);
$_SESSION['listeners'] = htmlspecialchars($listeners);
$_SESSION['inicialy'] = htmlspecialchars($inicialy);
if (empty($_SESSION['language'])){
$_SESSION['language'] = "en";
setcookie("language", $_SESSION['language'], 2147483647);
}
setcookie("inicialy", $inicialy);
$stmt12 = $mysqli->prepare("INSERT INTO Connections (PHPSessID, TimeConnect, TimestampPing, TimePing, Listeners, Inicialy, IP, StreamID) VALUES (?, ?, CURRENT_TIMESTAMP, ?, ?, ?, ?, ?);");
$currsessid = session_id();
$curdate = date("Y.n.d H:i:s");
$stmt12->bind_param('sssissi', $currsessid, $curdate, $curdate, $listeners, $inicialy, $ipcka, $idcko);
$stmt12->execute();
$stmt12->store_result();
echo file_get_contents("templates/reload.html");
exit();
}
}
else
{
$_SESSION["kod"] = '';
$_SESSION['listeners'] = '';
$_SESSION['inicialy'] = '';
echo file_get_contents("templates/reload.html");
session_destroy();
exit();
}
}
exit();
}
//END API CALLS
//START SPECIAL PAGES
if (!empty($_GET["adder"])){
$datasendadder = "";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$heslo = trim($_POST['heslo']);
if (password_verify($heslo, file_get_contents("secrets/AdminPwdHash"))) {
$kod = htmlspecialchars($_POST['kod']);
$url = htmlspecialchars($_POST['url']);
$type = htmlspecialchars($_POST['type']);
$adminpwd = htmlspecialchars($_POST['adminpwd']);
if(!empty($kod) && !empty($url) && !empty($type) && !empty($adminpwd)){
if(strlen($kod) <= 20 && strlen($url) <= 256 && strlen($type) <= 20 && strlen($adminpwd) <= 20){
$stmt2 = $mysqli->prepare("SELECT ID FROM Streams WHERE Code=? OR AdminCode=?");
$stmt2->bind_param('ss', $kod, $adminpwd);
$stmt2->execute();
$stmt2->store_result();
if ($stmt2->num_rows > 0) {
$datasendadder = $datasendadder . "__LOCALIZATION_ADDER_EXISTS_LABEL__";
} else {
$stmt = $mysqli->prepare("INSERT INTO Streams (URL, Type, AdminCode, Code) VALUES (?, ?, ?, ?);");
$stmt->bind_param('ssss', $url, $type, $adminpwd, $kod);
$stmt->execute();
$stmt->store_result();
$datasendadder = $datasendadder . "__LOCALIZATION_ADDER_SUCCESS_LABEL__";
}
}
}
} else {
$datasendadder = $datasendadder . "__LOCALIZATION_ADDER_PASSWORD_LABEL__";
}
}
$datasendadder = $datasendadder . file_get_contents("templates/streamadd.html");
echo localize($datasendadder);
exit();
}
if (!empty($_GET["admin"])){
if (!empty($_SESSION["kod"]) && !empty($_SESSION['listeners']) && !empty($_SESSION["inicialy"]))
{
$kod = htmlspecialchars($_SESSION['kod']);
$stmt = $mysqli->prepare("Select ID, URL, Type, Code FROM Streams WHERE AdminCode = ?;");
$stmt->bind_param('s', $kod);
$stmt->bind_result($idcko, $url, $type, $code);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0){
while ($stmt->fetch())
{
if (!empty($_GET['deletechatmsg'])&&!empty($_POST['deletechatmsg'])){
if($_POST['deletechatmsg'] == "*"){
$stmt5 = $mysqli->prepare("DELETE from Chat WHERE StreamID = ?;");
$stmt5->bind_param('i', $idcko);
$stmt5->execute();
$stmt5->store_result();
exit();
}
else{
$deleteid = intval(htmlspecialchars($_POST['deletechatmsg']));
if ($deleteid >= 0){
$stmt6 = $mysqli->prepare("DELETE from Chat WHERE StreamID = ? AND ID = ?;");
$stmt6->bind_param('ii', $idcko, $deleteid);
$stmt6->execute();
$stmt6->store_result();
exit();
}
}
}
if (!empty($_GET['admin_dash_api'])){
$connadm = connectionAdminTable($idcko);
$chatadm = chatAdminTable($idcko);
$myobjcko = array("connadm"=>$connadm, "chatadm"=>$chatadm);
echo json_encode($myobjcko);
}
else{
$dats = file_get_contents("templates/admin.html");
$dats = str_replace('__VLOZ_URL_AUDIA__', $config->url , $dats);
$dats = str_replace('__VLOZ_TYP_AUDIA__', $config->type , $dats);
echo localize($dats);
}
}
}
else{
echo file_get_contents("templates/redirect.html");
exit();
}
exit();
}
}
//END SPECIAL PAGES
//MAIN PLAYER
if (!empty($_SESSION['listeners']) && !empty($_SESSION['inicialy']) && !empty($_SESSION['kod'])){
$kod = htmlspecialchars($_SESSION['kod']);
$stmt13 = $mysqli->prepare("Select ID, URL, Type, AdminCode, Code FROM Streams WHERE Code = ? OR AdminCode = ?;");
$stmt13->bind_param('ss', $kod, $kod);
$stmt13->bind_result($idcko, $url, $type, $admincode, $code);
$stmt13->execute();
$stmt13->store_result();
if ($stmt13->num_rows > 0){
while ($stmt13->fetch()){
$year = date("Y");
$player = file_get_contents("templates/player.html");
$player = str_replace('__VLOZ_URL_AUDIA__', $url , $player);
$player = str_replace('__VLOZ_TYP_AUDIA__', $type , $player);
if($_SESSION["kod"] == $admincode){
$player = str_replace('__VLOZ_ADMIN_LINK__', '<a href="index.php?admin=1">__LOCALIZATION_ADMIN_LINK__</a>', $player);
}
else{
$player = str_replace('__VLOZ_ADMIN_LINK__', "" , $player);
}
echo localize($player);
}
}
}
else{
echo localize(file_get_contents("templates/login.html"));
}
?>