moved website outside of panel folder

This commit is contained in:
Frank Harris 2026-05-13 20:00:40 -04:00
parent 92ac778956
commit 08f07dca97
10328 changed files with 90 additions and 501 deletions

View file

@ -0,0 +1,31 @@
<?php
require_once(__DIR__ . '/../includes/config_loader.php');
$db = mysqli_connect($db_host, $db_user, $db_pass, $db_name, isset($db_port) ? (int)$db_port : null);
if (!$db) {
echo "DB connect failed: " . mysqli_connect_error() . PHP_EOL;
exit(1);
}
$prefix = defined('OGP_DB_PREFIX') ? OGP_DB_PREFIX : (isset($table_prefix) ? $table_prefix : 'gsp_');
$user = $argv[1] ?? 'iaregamer';
$user_safe = mysqli_real_escape_string($db, $user);
$has_shadow = false;
$res_cols = mysqli_query($db, "SHOW COLUMNS FROM `{$prefix}users` LIKE 'users_pass_hash'");
if ($res_cols && mysqli_num_rows($res_cols) > 0) $has_shadow = true;
$select_fields = 'user_id, users_login, users_passwd';
if ($has_shadow) $select_fields .= ", users_pass_hash";
$q = "SELECT $select_fields FROM `{$prefix}users` WHERE users_login = '$user_safe' LIMIT 1";
$res = mysqli_query($db, $q);
if (!$res) {
echo "Query error: " . mysqli_error($db) . PHP_EOL;
exit(1);
}
if (mysqli_num_rows($res) === 0) {
echo "No user found for '$user'\n";
} else {
$row = mysqli_fetch_assoc($res);
echo "Found user: id={$row['user_id']}, login={$row['users_login']}\n";
echo "passwd(db)=" . ($row['users_passwd'] ?? '') . "\n";
echo "pass_hash(db)=" . ($row['users_pass_hash'] ?? '') . "\n";
}
mysqli_close($db);
?>

View file

@ -0,0 +1,16 @@
<?php
$target = 'http://localhost/GSP/_website/invoices.php';
$ch = curl_init($target);
curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER=>true, CURLOPT_HEADER=>true, CURLOPT_FOLLOWLOCATION=>false]);
$res = curl_exec($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($res, 0, $header_size);
$body = substr($res, $header_size);
curl_close($ch);
echo "Request: $target\n";
echo "HTTP: $http\n";
echo "Headers:\n$headers\n";
echo "Body snippet:\n" . substr($body,0,400) . "\n";
?>

View file

@ -0,0 +1,21 @@
<?php
// Simple header fetcher for logout.php
$url = 'http://localhost/GSP/_website/logout.php';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_NOBODY, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
$res = curl_exec($ch);
if ($res === false) {
echo "Curl error: " . curl_error($ch) . PHP_EOL;
exit(1);
}
$info = curl_getinfo($ch);
echo "Request: $url\n";
echo "HTTP: " . ($info['http_code'] ?? '0') . "\n";
echo "Headers:\n";
$header_text = substr($res, 0, $info['header_size'] ?? 0);
echo $header_text . PHP_EOL;
curl_close($ch);
?>

View file

@ -0,0 +1,40 @@
<?php
// Fetch admin.php and then fetch the invoices.php link to observe redirects and Location headers
$adminUrl = 'http://localhost/GSP/_website/admin.php';
$ch = curl_init($adminUrl);
curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER=>true, CURLOPT_HEADER=>true, CURLOPT_FOLLOWLOCATION=>false]);
$res = curl_exec($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($res, 0, $header_size);
$body = substr($res, $header_size);
curl_close($ch);
echo "admin.php HTTP: $http\n";
echo "Headers:\n$headers\n";
// Find invoices link
if (preg_match('#href="([^"]*invoices\.php)"#i', $body, $m)) {
$link = $m[1];
echo "Found invoices link: $link\n";
// Resolve relative link
$linkUrl = (strpos($link, 'http')===0) ? $link : 'http://localhost/GSP/_website/' . ltrim($link, './');
echo "Resolved invoices URL: $linkUrl\n";
// Fetch invoices.php and show headers
$ch = curl_init($linkUrl);
curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER=>true, CURLOPT_HEADER=>true, CURLOPT_FOLLOWLOCATION=>false]);
$res2 = curl_exec($ch);
$h2 = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$http2 = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$headers2 = substr($res2, 0, $h2);
$body2 = substr($res2, $h2);
curl_close($ch);
echo "invoices.php HTTP: $http2\n";
echo "invoices headers:\n$headers2\n";
echo "invoices body snippet:\n" . substr($body2,0,400) . "\n";
} else {
echo "No invoices link found in admin.php body.\n";
}
?>

View file

@ -0,0 +1,39 @@
<?php
// Simple script to POST an existing JSON file to the local webhook endpoint
$webhookUrl = 'http://localhost/GSP/_website/webhook.php';
$sample = __DIR__ . '/../data/SIMULATED-WEBHOOK-20251022-101500.json';
if (!file_exists($sample)) {
echo "Sample file not found: $sample\n";
exit(1);
}
$raw = file_get_contents($sample);
$ch = curl_init($webhookUrl);
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $raw,
CURLOPT_HTTPHEADER => [
'Content-Type: application/json',
'PayPal-Transmission-Id: SIM-TEST',
'PayPal-Transmission-Time: ' . gmdate('c'),
'PayPal-Cert-Url: https://example.com/cert.pem',
'PayPal-Auth-Algo: SHA256withRSA',
'PayPal-Transmission-Sig: FAKE',
],
]);
$res = curl_exec($ch);
$err = curl_error($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
echo "HTTP: $http\n";
if ($err) echo "CURL_ERROR: $err\n";
echo "RESPONSE:\n" . $res . "\n";
// show if a new file was written
$dataDir = realpath(__DIR__ . '/../data');
$files = glob($dataDir . '/*.json');
echo "Files in data/ after run: \n";
foreach ((array)$files as $f) echo basename($f) . "\n";
?>