Je bent uitgelogt."; $_SESSION['login_post'] = $_POST; $_SESSION['login_get'] = $_GET; $_SESSION['login_method'] = $_SERVER['REQUEST_METHOD']; $_SESSION['login_uri'] = "{$_SERVER['SCRIPT_NAME']}/"; header("Location: {$_SERVER['SCRIPT_NAME']}/LOGIN"); exit; } if ($_SERVER["PATH_INFO"] == '/LOGIN') { //loginpagina if (isset($_SESSION['error'])) { $error = $_SESSION['error']; unset($_SESSION['error']); } if ($_REQUEST['username'] != '' && $_REQUEST['password'] != '') { //loginpogin $passwordhash = md5($_REQUEST['password']); $username = $_REQUEST['username']; if ($login['users'][$username]['passwordhash'] == $passwordhash) { // username en password matcht $_SESSION['username'] = $username; $_SESSION['passwordhash'] = $passwordhash; $_SESSION['time'] = time(); $_SESSION['doorgestuurdvanloginpage'] = TRUE; $uri = $_SESSION['login_uri']; header("Location: $uri"); exit; } else { $error = "Opgegeven wachtwoord en/of gebruikersnaam is onjuist."; } } print "

Inloggen

Voer je logingegevens in om verder te gaan:

"; print "

"; print ""; print ""; print ""; print ""; print "

Gebruikersnaam:
Wachtwoord:

"; print "

"; print $error; print ""; exit; } $time = $_SESSION['time']; if ($time > 0 && time() - $time < $login['timeout']) { $_SESSION['time'] = time(); } else { // session timeout, wis gegevens unset($_SESSION['time']); unset($_SESSION['username']); unset($_SESSION['passwordhash']); if ($time > 0) $_SESSION['error'] = "Timeout van {$login['timeout']} seconden is verlopen"; } $username = $_SESSION['username']; $passwordhash = $_SESSION['passwordhash']; if ($username == '' || $login['users'][$username]['passwordhash'] != $passwordhash) { // doorsturen naar login // alle info van pagina opslaan $_SESSION['login_post'] = $_POST; $_SESSION['login_get'] = $_GET; $_SESSION['login_uri'] = $_SERVER['REQUEST_URI']; $_SESSION['login_method'] = $_SERVER['REQUEST_METHOD']; header("Location: {$_SERVER['SCRIPT_NAME']}/LOGIN"); exit; } /* indien in orde, gewoon de opgevraagde pagina laden */ if ($_SESSION['doorgestuurdvanloginpage'] == TRUE) { // post/get variabelen enz terugzetten ivm redirect vanaf loginpagina $_POST = $_SESSION['login_post']; $_GET = $_SESSION['login_get']; $_SERVER['REQUEST_METHOD'] = $_SESSION['login_method']; unset($_SESSION['doorgestuurdvanloginpage']); unset($_SESSION['login_post']); unset($_SESSION['login_get']); unset($_SESSION['login_method']); } session_write_close(); session_name($prevsessionname); function findfile($pathtofile) { //$pathtofile = rtrim($pathtofile, '/'); // slashes aan het einde weg $pathparts = explode('/', $pathtofile); for ($i = 1; $i < count($pathparts); $i++) { $path = ''; for ($j = 1; $j <= count($pathparts) - $i; $j++) { $path .= '/' . $pathparts[$j]; } $j = 0; $path_link = $path; while(TRUE) { $j++; if ($j > 5) // cyclische link break; if (is_link($path_link)) { $link = readlink($path_link); if (substr($link, 0, 1) != '/') // relatief $path_link = dirname($path_link) . '/' . $link; else // absoluut $path_link = $link; } else { //. geen link break; } } if (is_file($path_link)) { if ($i > 1) { $pathinfo = ''; for ($j = count($pathparts) - $i + 1; $j < count($pathparts); $j++) { $pathinfo .= '/' . $pathparts[$j]; } $_SERVER['PATH_INFO'] = $pathinfo; //print $_SERVER['PATH_INFO']; //print $pathinfo; } $directory = ''; for ($j = 1; $j <= count($pathparts) - $i - 1; $j++) { $directory .= '/' . $pathparts[$j]; } return(array('directory' => $directory, 'filepath' => $path)); } if ($i == 1 && is_dir($path_link)) { if (substr($_SERVER['REQUEST_URI'], -1, 1) != '/') { header('Location: ' . $_SERVER['REQUEST_URI'] . '/'); exit; } foreach(array('index.html', 'index.php') as $index) { //print $path . '/' . $index . ' |
'; $newpath = $path . $index; $newpath_link = $newpath; $j = 0; while(TRUE) { $j++; if ($j > 5) // cyclische link break; if (is_link($newpath_link)) $newpath_link = readlink($newpath_link); else break; } if (is_file($newpath_link)) return(array('directory' => $path, 'filepath' => $path . $index)); } return(array('directory' => $path, 'filepath' => FALSE)); } } return (FALSE); } $searchpath = substr($_SERVER['SCRIPT_FILENAME'], 0, strlen($_SERVER['SCRIPT_FILENAME']) - strlen(SCRIPTNAAM)) . '/secure' . $_SERVER['PATH_INFO']; $pathinfo = $_SERVER['PATH_INFO']; unset($_SERVER['PATH_INFO']); $uri = findfile($searchpath); if (!is_array($uri) && $uri === FALSE) { header("HTTP/1.1 404 Not Found"); print "

404 niet gevonden

"; exit; } elseif($uri['filepath'] == FALSE) { print "

DirIndex $pathinfo

\n[DIR]\t..\n";
   $dir = $uri['directory'];
   if ($dh = opendir($dir)) {
      while (($file = readdir($dh)) !== false) {
          if ($file == '.' || $file == '..')
             continue;
          print ("[" . strtoupper(filetype($dir . '/' . $file)) . "]\t$file \n");
      }
      
      closedir($dh);
   }
   print "

"; } else { chdir($uri['directory']); if (substr($uri['filepath'], -4) == '.php') { //php script $_SERVER['SCRIPT_FILENAME'] = $uri['filepath']; if (substr($pathinfo, -1) == '/') // directory met index file $pathinfo .= basename($uri['filepath']); $_SERVER['SCRIPT_NAME'] = $_SERVER['SCRIPT_NAME'] . $pathinfo; $_SERVER['PHP_SELF'] = $_SERVER['SCRIPT_NAME']; include($uri['filepath']); exit; } else { //$finfo = finfo_open(FILEINFO_MIME); //$mime = finfo_file($finfo, $uri['filepath']); $mime = mime_content_type($uri['filepath']); if ($mime != FALSE) { header("Content-type: $mime"); readfile($uri['filepath']); exit; } } } ?>