add protection

admin.php

@@ -38,6 +38,7 @@ if(isset($_GET['description'])) {
 $stats = true;
 
 $tok = new token;
+$act = new action;
 if (!$tok->isAdmin($token)) {
     echo "admin access denied</div></body></html>";
     exit;
@@ -47,56 +48,56 @@ if($stats == true) {
 }
 switch($action) {
     case 'deluser':
-        if((new action)->delUser($userid)){
+        if($act->delUser($userid)){
             echo " user removed " . $userid ."\n";
         } else {
             echo " fehler\n";
         };
         break;
     case 'adduser':
-        if((new action)->addUser($userid,$role,$description)){
+        if($act->addUser($userid,$role,$description)){
             echo " user added, token:" . $userid . " role:" .$role . " description: " . $description . "\n";
         } else {
             echo " fehler\n";
         };
         break;
     case 'blacklist':
-        if((new action)->blackList($ip)){
+        if($act->blackList($ip)){
             echo " blacklisted " . long2ip($ip) ."\n";
         } else {
             echo " fehler\n";
         };
         break;
     case 'deblacklist':
-        if((new action)->deBlackList($ip)){
+        if($act->deBlackList($ip)){
             echo " deblacklisted " . long2ip($ip) ."\n";
         } else {
             echo " fehler\n";
         };
         break;
     case 'whitelist':
-        if((new action)->whiteList($ip)){
+        if($act->whiteList($ip)){
             echo " whitelisted " . long2ip($ip) ."\n";
         } else {
             echo " fehler\n";
         };
         break;
     case 'dewhitelist':
-        if((new action)->deWhiteList($ip)){
+        if($act->deWhiteList($ip)){
             echo " dewhitelisted " . long2ip($ip) ."\n";
         } else {
             echo " fehler\n";
         };
         break;
     case 'list':
-        if((new action)->list($ip)){
+        if($act->list($ip)){
             echo " listed " . long2ip($ip) ."\n";
         } else {
             echo " fehler\n";
         };
         break;
     case 'delist':
-        if((new action)->adminDeList($ip)){
+        if($act->adminDeList($ip)){
             echo " delisted " . long2ip($ip) ."\n";
         } else {
             echo " fehler\n";
@@ -109,7 +110,7 @@ switch($action) {
 <table>
 <tr><th>Token</th><th>Role</th><th>Description</th><th></th></tr>
 <?php
-$userlist = (new action)->getUser();
+$userlist = $act->getUser();
 foreach($userlist as $user) {
     echo "<tr><td>" . $user[0] . "</td><td>" . $user[1] . "</td><td>" . $user[2] . "</td><td><input type='button' id='deluser' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deluser&userid=" . $user[0] . "\"'></td></tr>";
 }
@@ -135,7 +136,7 @@ foreach($userlist as $user) {
 <h3>Blacklist</h3>
 <table>
 <?php
-$blacklist = (new action)->getBlackList();
+$blacklist = $act->getBlackList();
 foreach($blacklist as $blip) {
     echo "<tr><td>" . long2ip($blip) . "</td><td><input type='button' id='deblacklist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=deblacklist&ip=" . long2ip($blip) . "\"'></td></tr>";
 }
@@ -154,7 +155,7 @@ foreach($blacklist as $blip) {
 <h3>Whitelist</h3>
 <table border="0">
 <?php
-$whitelist = (new action)->getWhiteList();
+$whitelist = $act->getWhiteList();
 foreach($whitelist as $wlip) {
     echo "<tr><td>" . long2ip($wlip) . "</td><td><input type='button' id='dewhitelist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=dewhitelist&ip=" . long2ip($wlip) . "\"'></td></tr>";
 }
@@ -173,7 +174,7 @@ foreach($whitelist as $wlip) {
 <h3>List</h3>
 <table border="0">
 <?php
-$list = (new action)->getList();
+$list = $act->getList();
 foreach($list as $lip) {
     echo "<tr><td>" . long2ip($lip) . "</td>";
     echo "<td><input type='button' id='delist' value='remove' onclick='window.location.href=\"admin.php?token=" . $token . "&action=delist&ip=" . long2ip($lip) . "\"'></td>";