clouddesk/operator/lock.php

<?php

/*===============================================*\
|| ############################################# ||
|| # JAKWEB.CH / Version 2.0.3                 # ||
|| # ----------------------------------------- # ||
|| # Copyright 2022 JAKWEB All Rights Reserved # ||
|| ############################################# ||
\*===============================================*/

// Check if the file is accessed only via index.php if not stop the script from running
if (!defined('JAK_ADMIN_PREVENT_ACCESS')) die('You cannot access this file directly.');

// Login IN
if (!empty($_POST['action']) && $_POST['action'] == 'unlock') {
  
  $lcookies = false;
    $username = $_POST['username'];
    $userpass = $_POST['password'];
    $lcookies = 1;
    
    // Security fix
    $valid_agent = filter_var($_SERVER['HTTP_USER_AGENT'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
    $valid_ip = filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP);

    // Write the log file each time someone tries to login before
    JAK_base::jakWhatslog('', $opcacheid, 0, 0, 1, 0, (isset($_COOKIE['WIOgeoData']) ? $_COOKIE['WIOgeoData'] : ''), $username, $_SERVER['REQUEST_URI'], $valid_ip, $valid_agent);

    $user_check = $jakuserlogin->jakCheckuserdata($username, $userpass);
    if ($user_check == true) {

        // Now login in the user
        $jakuserlogin->jakLogin($user_check["username"], $userpass, $lcookies);

        // Write the log file each time someone login after to show success
        JAK_base::jakWhatslog('', $opcacheid, $user_check["id"], 0, 2, 0, '', $user_check["username"], '', $valid_ip, '');
        
        // Unset the recover message
        if (isset($_SESSION['password_recover'])) unset($_SESSION['password_recover']);
        
        if (isset($_SESSION['LCRedirect']) && strpos($_SESSION['LCRedirect'], JAK_OPERATOR_LOC) !== false) {
          jak_redirect($_SESSION['LCRedirect']);
        } else {
          jak_redirect(BASE_URL);
        }

    } else {
        $ErrLogin = $jkl['l'];
    }
}

if (isset($_SESSION["userlock"])) {
    $uilock = explode("#", $_SESSION["userlock"]);
}

// Title and Description
$SECTION_TITLE = $jkl["l21"];
$SECTION_DESC = "";

// Include the javascript file for results
$js_file_footer = 'js_lock.php';

$template = 'lock.php';

?>
Initial Commit 1 year ago			`<?php`

			`/===============================================\`
			`\|\| ############################################# \|\|`
			`\|\| # JAKWEB.CH / Version 2.0.3 # \|\|`
			`\|\| # ----------------------------------------- # \|\|`
			`\|\| # Copyright 2022 JAKWEB All Rights Reserved # \|\|`
			`\|\| ############################################# \|\|`
			`\===============================================/`

			`// Check if the file is accessed only via index.php if not stop the script from running`
			`if (!defined('JAK_ADMIN_PREVENT_ACCESS')) die('You cannot access this file directly.');`

			`// Login IN`
			`if (!empty($_POST['action']) && $_POST['action'] == 'unlock') {`

			`$lcookies = false;`
			`$username = $_POST['username'];`
			`$userpass = $_POST['password'];`
			`$lcookies = 1;`

			`// Security fix`
			`$valid_agent = filter_var($_SERVER['HTTP_USER_AGENT'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);`
			`$valid_ip = filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP);`

			`// Write the log file each time someone tries to login before`
			`JAK_base::jakWhatslog('', $opcacheid, 0, 0, 1, 0, (isset($_COOKIE['WIOgeoData']) ? $_COOKIE['WIOgeoData'] : ''), $username, $_SERVER['REQUEST_URI'], $valid_ip, $valid_agent);`

			`$user_check = $jakuserlogin->jakCheckuserdata($username, $userpass);`
			`if ($user_check == true) {`

			`// Now login in the user`
			`$jakuserlogin->jakLogin($user_check["username"], $userpass, $lcookies);`

			`// Write the log file each time someone login after to show success`
			`JAK_base::jakWhatslog('', $opcacheid, $user_check["id"], 0, 2, 0, '', $user_check["username"], '', $valid_ip, '');`

			`// Unset the recover message`
			`if (isset($_SESSION['password_recover'])) unset($_SESSION['password_recover']);`

			`if (isset($_SESSION['LCRedirect']) && strpos($_SESSION['LCRedirect'], JAK_OPERATOR_LOC) !== false) {`
			`jak_redirect($_SESSION['LCRedirect']);`
			`} else {`
			`jak_redirect(BASE_URL);`
			`}`

			`} else {`
			`$ErrLogin = $jkl['l'];`
			`}`
			`}`

			`if (isset($_SESSION["userlock"])) {`
			`$uilock = explode("#", $_SESSION["userlock"]);`
			`}`

			`// Title and Description`
			`$SECTION_TITLE = $jkl["l21"];`
			`$SECTION_DESC = "";`

			`// Include the javascript file for results`
			`$js_file_footer = 'js_lock.php';`

			`$template = 'lock.php';`

			`?>`