Path: blob/master/web-gui/buildyourownbotnet/assets/js/jquery-terminal/examples/json-rpc-service-demo.php
1293 views
<?php12require('json-rpc.php');34if (function_exists('xdebug_disable')) {5xdebug_disable();6}78class Demo {9static $login_documentation = "login to the server (return token)";10public function login($user, $passwd) {11if (strcmp($user, 'demo') == 0 && strcmp($passwd, 'demo') == 0) {12// If you need to handle more than one user you can create13// new token and save it in database14// UPDATE users SET token = '$token' WHERE name = '$user'15return md5($user . ":" . $passwd);16} else {17throw new Exception("Wrong Password");18}19}20// ---------------------------------------------------------------------------21static $ls_documentation = "list directory if token is valid";22public function ls($token, $path = null) {23if (strcmp(md5("demo:demo"), $token) == 0) {24if (preg_match("/\.\./", $path)) {25throw new Exception("No directory traversal Dude");26}27$base = preg_replace("/(.*\/).*/", "$1", $_SERVER["SCRIPT_FILENAME"]);28$path = realpath($base . ($path[0] != '/' ? "/" : "") . $path);29$dir = opendir($path);30while($name = readdir($dir)) {31$fname = $path . "/" . $name;32if (!preg_match("/^\\.{1,2}$/", $name) && !is_dir($fname)) {33$list[] = $name;34}35}36closedir($dir);37return $list;38} else {39throw new Exception("Access Denied");40}41}42// ---------------------------------------------------------------------------43static $whoami_documentation = "return user information";44public function whoami($token) {45return array("your User Agent" => $_SERVER["HTTP_USER_AGENT"],46"your IP" => $_SERVER['REMOTE_ADDR'],47"you acces this from" => $_SERVER["HTTP_REFERER"]);48}49}5051handle_json_rpc(new Demo());5253?>545556