-
Notifications
You must be signed in to change notification settings - Fork 68
/
Copy pathpassport.php
95 lines (67 loc) · 2.45 KB
/
passport.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<?php
/*!
* ATTENTION: THIS FREE LICENSE IS ONLY FOR PERSONAL NON-COMMERCIAL USER. FOR COMMERCIAL PURPOSES, PLEASE PURCHASE A COMMERCIAL LICENSE! *
* module: Centcount Analytics Free Passport PHP Code *
* version: 1.00 Free *
* author: WM Jonssen *
* date: 03/12/2018 *
* copyright 2015-2018 WM Jonssen <[email protected]> - All rights reserved.*
* license: Dual licensed under the Free License and Commercial License. *
* https://www.centcount.com *
*/
if (isset($_GET['l'])) {
header('Content-type: text/html; charset=utf-8');
@require './config/config_common.php';
session_name('CASESSID');
session_start();
$level = (int)$_GET['l'];
switch ($level) {
case 1://Normal Data Access Permission
isset($_SESSION['r']) ? $r = (int)$_SESSION['r'] : exit;
isset($_GET['sid']) ? $sid = (int)$_GET['sid'] : exit;
isset($_GET['r']) ? $v = (int)$_GET['r'] : exit;
if ($v !== $r || $v === 0) exit;
$t = time() + 30;
$pass = md5($sid . $t . ENCODE_FACTOR);
echo 't=' . $t . '&v=' . $pass . '&';
exit;
case 2://CA Heatmap Access Permission
$ip = '';
foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (array_key_exists($key, $_SERVER)) {
foreach (explode(',', $_SERVER[$key]) as $val) {
if ((bool) filter_var($val, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
$ip = $val;
goto skip;
}
}
}
}
skip:
$ip === '' AND exit;
isset($_SESSION['r']) ? $r = (int)$_SESSION['r'] : exit;
isset($_GET['sid']) ? $sid = (int)$_GET['sid'] : exit;
isset($_GET['r']) ? $v = (int)$_GET['r'] : exit;
if ($v !== $r || $v === 0) exit;
$t = time() + 86400;
$pass = md5($sid . $t . ENCODE_FACTOR);
echo 'cahm_visa=' . $pass . $t;
exit;
case 4://Administrator Access Permission
if (isset($_SESSION['admin'])) {
if ($_SESSION['admin'] != 4 && $_SESSION['admin'] != 1) exit;
} else {
exit;
}
isset($_SESSION['r']) ? $r = (int)$_SESSION['r'] : exit;
isset($_GET['uid']) ? $uid = (int)$_GET['uid'] : exit;
isset($_GET['r']) ? $v = (int)$_GET['r'] : exit;
if ($v !== $r || $v === 0) exit;
$t = time() + 30;
$pass = md5($uid . $t . ENCODE_FACTOR . '4');
echo 't=' . $t . '&v=' . $pass . '&';
exit;
}
}
exit;
?>