T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/domains/soundstudiopro.com/public_html/radio/api/v1/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/domains/soundstudiopro.com/public_html/radio/api/v1/index.php
<?php
/**
 * Radio Station API v1
 * RESTful API for radio station integrations
 */

header('Content-Type: application/json');
require_once __DIR__ . '/../../../config/database.php';
require_once __DIR__ . '/../../includes/functions.php';

// CORS headers
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Authorization, Content-Type');

// Handle preflight
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    http_response_code(200);
    exit;
}

// Authenticate
$station = authenticateRadioAPI();

if (!$station) {
    http_response_code(401);
    echo json_encode(['error' => 'Invalid or expired API credentials']);
    exit;
}

// Get request path and method
$path = $_SERVER['PATH_INFO'] ?? '/';
$method = $_SERVER['REQUEST_METHOD'];

// Route requests
$routes = [
    'GET:/catalog/tracks' => 'catalog_tracks.php',
    'GET:/catalog/tracks/{id}' => 'catalog_track.php',
    'POST:/plays' => 'log_play.php',
    'GET:/plays' => 'get_plays.php',
    'GET:/playlists' => 'get_playlists.php',
    'POST:/playlists' => 'create_playlist.php',
    'GET:/playlists/{id}/tracks' => 'get_playlist_tracks.php',
    'POST:/playlists/{id}/tracks' => 'add_playlist_track.php',
    'GET:/analytics/overview' => 'analytics_overview.php',
    'GET:/station' => 'get_station.php',
    // Live streaming endpoints
    'POST:/stream/start' => 'stream_start.php',
    'POST:/stream/stop' => 'stream_stop.php',
    'POST:/stream/now_playing' => 'stream_now_playing.php',
    'GET:/stream/status' => 'stream_status.php',
    'GET:/stream/queue' => 'stream_queue.php',
];

// Simple routing
$route_key = $method . ':' . $path;

// Handle dynamic routes
if (preg_match('#^/catalog/tracks/(\d+)$#', $path, $matches)) {
    $route_key = 'GET:/catalog/tracks/{id}';
    $_GET['track_id'] = $matches[1];
} elseif (preg_match('#^/playlists/(\d+)/tracks$#', $path, $matches)) {
    if ($method === 'GET') {
        $route_key = 'GET:/playlists/{id}/tracks';
    } else {
        $route_key = 'POST:/playlists/{id}/tracks';
    }
    $_GET['playlist_id'] = $matches[1];
}

if (isset($routes[$route_key])) {
    $endpoint_file = __DIR__ . '/endpoints/' . $routes[$route_key];
    if (file_exists($endpoint_file)) {
        require $endpoint_file;
    } else {
        http_response_code(404);
        echo json_encode(['error' => 'Endpoint not found']);
    }
} else {
    http_response_code(404);
    echo json_encode(['error' => 'Endpoint not found', 'path' => $path]);
}

CasperSecurity Mini