forked from jcubic/jquery.terminal-www
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathjson-rpc-service-demo.php
53 lines (47 loc) · 1.57 KB
/
json-rpc-service-demo.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<?php
require('json-rpc.php');
if (function_exists('xdebug_disable')) {
xdebug_disable();
}
class Demo {
static $login_documentation = "login to the server (return token)";
public function login($user, $passwd) {
if (strcmp($user, 'demo') == 0 && strcmp($passwd, 'demo') == 0) {
// If you need to handle more than one user you can create
// new token and save it in database
// UPDATE users SET token = '$token' WHERE name = '$user'
return md5($user . ":" . $passwd);
} else {
throw new Exception("Wrong Password");
}
}
static $ls_documentation = "list directory if token is valid";
public function ls($token, $path = null) {
if (strcmp(md5("demo:demo"), $token) == 0) {
if (preg_match("/\.\./", $path)) {
throw new Exception("No directory traversal Dude");
}
$base = preg_replace("/(.*\/).*/", "$1", $_SERVER["SCRIPT_FILENAME"]);
$path = $base . ($path[0] != '/' ? "/" : "") . $path;
$dir = opendir($path);
while($name = readdir($dir)) {
$fname = $path."/".$name;
if (!is_dir($name) && !is_dir($fname)) {
$list[] = $name;
}
}
closedir($dir);
return $list;
} else {
throw new Exception("Access Denied");
}
}
static $whoami_documentation = "return user information";
public function whoami($token) {
return array("your User Agent" => $_SERVER["HTTP_USER_AGENT"],
"your IP" => $_SERVER['REMOTE_ADDR'],
"you acces this from" => $_SERVER["HTTP_REFERER"]);
}
}
handle_json_rpc(new Demo());
?>