($msg === '') ? '' : '
' . LF, 4 => '' . LF, 5 => '' . LF, }; if (is_callable('displayPage')) displayPage(array_merge(['final_message' => $final_message], $data)); echo $final_message; exit(); } function exescape(array $args, array &$output = NULL, int &$result_code = NULL): int { exec('2>&1 ' . implode(' ', array_map('escapeshellarg', $args)), $output, $result_code); return $result_code; } function kdig(string $name, string $type, string $server = NULL): array { exescape([ CONF['dns']['kdig_path'], '+json', '+timeout=5', '+retry=0', '+noidn', '-q', $name, '-t', $type, ...(isset($server) ? ['@' . $server] : []), ], $output, $code); if ($code !== 0) throw new KdigException($name . ' ' . $type . ' resolution failed.'); foreach ($output as &$line) if (str_starts_with($line, ';')) $line = ''; return json_decode(implode(LF, $output), true, flags: JSON_THROW_ON_ERROR); } function insert(string $table, array $values): void { $query = 'INSERT INTO "' . $table . '"('; foreach ($values as $key => $val) { if ($key === array_key_last($values)) $query .= "$key"; else $query .= "$key, "; } $query .= ') VALUES('; foreach ($values as $key => $val) { if ($key === array_key_last($values)) $query .= ":$key"; else $query .= ":$key, "; } $query .= ')'; DB->prepare($query) ->execute($values); } function query(string $action, string $table, array $conditions = [], array $columns = NULL): array { $query = match ($action) { 'select' => 'SELECT ' . implode(',', $columns ?? ['*']), 'delete' => 'DELETE', }; $query .= ' FROM "' . $table . '"'; foreach ($conditions as $key => $val) { if ($key === array_key_first($conditions)) $query .= " WHERE $key = :$key"; else $query .= " AND $key = :$key"; } $stmt = DB->prepare($query); $stmt->execute($conditions); if (count($columns ?? []) === 1) return array_column($stmt->fetchAll(PDO::FETCH_ASSOC), $columns[0]); return $stmt->fetchAll(PDO::FETCH_ASSOC); } function displayIndex(): void { ?> redir.'); header('Location: ' . CONF['common']['prefix'] . '/' . $redir_to); exit(); } // PHP rmdir() only works on empty directories function removeDirectory(string $dir): void { $dirObj = new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS); $files = new RecursiveIteratorIterator($dirObj, RecursiveIteratorIterator::CHILD_FIRST); foreach ($files as $file) $file->isDir() && !$file->isLink() ? rmdir($file->getPathname()) : unlink($file->getPathname()); if (rmdir($dir) !== true) output(500, 'Unable to remove directory.'); } function equalArrays(array $a, array $b): bool { return array_diff($a, $b) === [] AND array_diff($b, $a) === []; } /* This token authenticates the user to the server through a public communication (the DNS). It is therefore also designed to keep private: - the user's id - that a same user used a token multiple times (by using a unique salt for each token) */ if (time() - query('select', 'params', ['name' => 'secret_key_last_change'], ['value'])[0] >= 86400 * 20) { DB->prepare("UPDATE params SET value = :secret_key WHERE name = 'secret_key';") ->execute([':secret_key' => bin2hex(random_bytes(32))]); DB->prepare("UPDATE params SET value = :last_change WHERE name = 'secret_key_last_change';") ->execute([':last_change' => time()]); } define('SECRET_KEY', hex2bin(query('select', 'params', ['name' => 'secret_key'], ['value'])[0])); function getAuthToken(): string { $salt = bin2hex(random_bytes(4)); $hash = hash_hmac('sha256', $salt . ($_SESSION['id'] ?? ''), SECRET_KEY); return $salt . '-' . substr($hash, 0, 32); } function checkAuthToken(string $salt, string $hash): void { $correctProof = substr(hash_hmac('sha256', $salt . $_SESSION['id'], SECRET_KEY), 0, 32); if (hash_equals($correctProof, $hash) !== true) output(403, _('Wrong proof.')); }