-
Notifications
You must be signed in to change notification settings - Fork 0
/
requests.php
111 lines (111 loc) · 2.77 KB
/
requests.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
require_once('assets/init.php');
$f = '';
$s = '';
if (isset($_GET['f'])) {
$f = Wo_Secure($_GET['f'], 0);
}
if (isset($_GET['s'])) {
$s = Wo_Secure($_GET['s'], 0);
}
$hash_id = '';
if (!empty($_POST['hash_id'])) {
$hash_id = $_POST['hash_id'];
} else if (!empty($_GET['hash_id'])) {
$hash_id = $_GET['hash_id'];
} else if (!empty($_GET['hash'])) {
$hash_id = $_GET['hash'];
} else if (!empty($_POST['hash'])) {
$hash_id = $_POST['hash'];
}
$data = array();
$allow_array = array(
'upgrade',
'paystack',
'cashfree',
'payment',
'pay_with_bitcoin',
'coinpayments_callback',
'paypro_with_bitcoin',
'upload-blog-image',
'wallet',
'download_user_info',
'movies',
'funding'
);
$non_login_array = array(
'session_status',
'open_lightbox',
'get_welcome_users',
'load_posts',
'save_user_location',
'load-more-groups',
'load-more-pages',
'load-more-users',
'load_profile_posts',
'confirm_user_unusal_login',
'confirm_user',
'confirm_sms_user',
'resned_code',
'resned_code_ac',
'resned_ac_email',
'contact_us',
'google_login',
'login',
'register',
'recover',
'recoversms',
'reset_password',
'search',
'get_search_filter',
'update_announcement_views',
'get_more_hashtag_posts',
'open_album_lightbox',
'get_next_album_image',
'get_previous_album_image',
'get_next_product_image',
'get_previous_product_image',
'open_multilightbox',
'get_next_image',
'get_previous_image',
'load-blogs',
'load-recent-blogs',
'get_no_posts_name'
);
if ($wo['config']['membership_system'] == 1) {
$non_login_array[] = 'pro_register';
$non_login_array[] = 'get_payment_method';
$non_login_array[] = 'cashfree';
$non_login_array[] = 'paystack';
$non_login_array[] = 'pay_using_wallet';
$non_login_array[] = 'get_paypal_url';
$non_login_array[] = 'stripe_payment';
$non_login_array[] = 'paypro_with_bitcoin';
$non_login_array[] = '2checkout_pro';
$non_login_array[] = 'bank_transfer';
}
if (!in_array($f, $allow_array)) {
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH'])) {
if (strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest') {
exit("Restrcited Area");
}
} else {
exit("Restrcited Area");
}
}
if (!in_array($f, $non_login_array)) {
if ($wo['loggedin'] == false && ($s != 'load_more_posts')) {
if ($s != 'load-comments') {
exit("Please login or signup to continue.");
}
}
}
$files = scandir('xhr');
unset($files[0]);
unset($files[1]);
if (file_exists('xhr/' . $f . '.php') && in_array($f . '.php', $files)) {
include 'xhr/' . $f . '.php';
}
mysqli_close($sqlConnect);
unset($wo);
exit();