index.php 2.4 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
  1. <?php
  2. /**
  3. * @author Tobias Reich
  4. * @copyright 2016 by Tobias Reich
  5. */
  6. namespace Lychee;
  7. use Lychee\Modules\Config;
  8. use Lychee\Modules\Response;
  9. use Lychee\Modules\Settings;
  10. use Lychee\Modules\Validator;
  11. use Lychee\Access\Installation;
  12. use Lychee\Access\Admin;
  13. use Lychee\Access\Guest;
  14. require(__DIR__ . '/define.php');
  15. require(__DIR__ . '/autoload.php');
  16. require(__DIR__ . '/helpers/fastImageCopyResampled.php');
  17. require(__DIR__ . '/helpers/generateID.php');
  18. require(__DIR__ . '/helpers/getExtension.php');
  19. require(__DIR__ . '/helpers/getGraphHeader.php');
  20. require(__DIR__ . '/helpers/getHashedString.php');
  21. require(__DIR__ . '/helpers/hasPermissions.php');
  22. require(__DIR__ . '/helpers/search.php');
  23. // Define the called function
  24. if (isset($_POST['function'])) $fn = $_POST['function'];
  25. else if (isset($_GET['function'])) $fn = $_GET['function'];
  26. else $fn = null;
  27. // Check if a function has been specified
  28. if (!empty($fn)) {
  29. // Start the session and set the default timezone
  30. session_start();
  31. date_default_timezone_set('UTC');
  32. // Validate parameters
  33. if (isset($_POST['albumIDs'])&&Validator::isAlbumIDs($_POST['albumIDs'])===false) Response::error('Wrong parameter type for albumIDs!');
  34. if (isset($_POST['photoIDs'])&&Validator::isPhotoIDs($_POST['photoIDs'])===false) Response::error('Wrong parameter type for photoIDs!');
  35. if (isset($_POST['albumID'])&&Validator::isAlbumID($_POST['albumID'])==false) Response::error('Wrong parameter type for albumID!');
  36. if (isset($_POST['photoID'])&&Validator::isPhotoID($_POST['photoID'])==false) Response::error('Wrong parameter type for photoID!');
  37. // Check if a configuration exists
  38. if (Config::exists()===false) {
  39. /**
  40. * Installation Access
  41. * Limited access to configure Lychee. Only available when the config.php file is missing.
  42. */
  43. Installation::init($fn);
  44. exit();
  45. }
  46. // Check if user is logged
  47. if ((isset($_SESSION['login'])&&$_SESSION['login']===true)&&
  48. (isset($_SESSION['identifier'])&&$_SESSION['identifier']===Settings::get()['identifier'])) {
  49. /**
  50. * Admin Access
  51. * Full access to Lychee. Only with correct password/session.
  52. */
  53. Admin::init($fn);
  54. exit();
  55. } else {
  56. /**
  57. * Guest Access
  58. * Access to view all public folders and photos in Lychee.
  59. */
  60. Guest::init($fn);
  61. exit();
  62. }
  63. } else {
  64. Response::error('No API function specified!');
  65. }
  66. ?>