OpenVPN-Admin/include/grids.php

<?php
  session_start();
  if(!isset($_SESSION['admin_id'])) {
    exit -1;
  }
  require(dirname(__FILE__) . '/connect.php');
  require(dirname(__FILE__) . '/functions.php');

  // ---------------- SELECT ----------------
  if(isset($_GET['select'])){
    if($_GET['select'] == "user"){ // Select the users
      $req = $bdd->prepare('SELECT * FROM user');
      $req->execute();
      if($data = $req->fetch()) {
        do {
          $list[] = array(
            "user_id" => $data['user_id'],
            "user_pass" => $data['user_pass'],
            "user_mail" => $data['user_mail'],
            "user_phone" => $data['user_phone'],
            "user_online" => $data['user_online'],
            "user_enable" => $data['user_enable'],
            "user_start_date" => $data['user_start_date'],
            "user_end_date" => $data['user_end_date']
          );
        } while($data = $req->fetch());
        echo json_encode($list);
      }
      else{
        echo json_encode(array()); // If it is an empty answer, we need to encore an empty json object
      }
    }
    else if($_GET['select'] == "log" && isset($_GET['offset'], $_GET['limit'])){ // Select the logs
      $offset = intval($_GET['offset']);
      $limit = intval($_GET['limit']);
      // Creation of the LIMIT for build different pages
      $page = "LIMIT $offset, $limit";
      // ... filtering by the bootstrap table plugin
      $filter = isset($_GET['filter']) ? json_decode($_GET['filter'],true) : []; // this is passed by the bootstrap table filter plugin (if a filter was chosen by the user): these are the concrete set filters with their value
      $where = !empty($filter)?'WHERE TRUE':'';
      $allowed_query_filters = ['user_id', 'log_trusted_ip','log_trusted_port','log_remote_ip','log_remote_port']; // these are valid filters that could be used (defined here for sql security reason)
      $query_filters_existing = [];
      foreach($filter as $unsanitized_filter_key => $unsanitized_filter_val) {
        if(in_array($unsanitized_filter_key, $allowed_query_filters)) { // if this condition does not match: ignore it, because this parameter should not be passed
          // if $unsanitized_filter_key is in array $allowed_query_filters its a valid key and can not be harmful, so it can be considered sanitized
          $where .= " AND $unsanitized_filter_key = ?";
          $query_filters_existing[] = $unsanitized_filter_key;
        }
      }
      // Select the logs
      $req_string = "SELECT *, (SELECT COUNT(*) FROM log $where) AS nb FROM log $where ORDER BY log_id DESC $page";
      $req = $bdd->prepare($req_string);
      // dynamically bind the params
      foreach(array_merge($query_filters_existing,$query_filters_existing) as $i => $query_filter) { // array_merge -> duplicated the array contents; this is needed because our where clause is bound two times (in subquery + the outer query)
        $req->bindValue($i+1, $filter[$query_filter]);
      }
      $req->execute();
      $list = array();
      $data = $req->fetch();
      if($data) {
        $nb = $data['nb'];
        do {
          // Better in Kb or Mb
          $received = ($data['log_received'] > 1000000) ? $data['log_received']/1000000 . " Mo" : $data['log_received']/1000 . " Ko";
          $sent = ($data['log_send'] > 1000000) ? $data['log_send']/1000000 . " Mo" : $data['log_send']/1000 . " Ko";
          // We add to the array the new line of logs
          array_push($list, array(
            "log_id" => $data['log_id'],
            "user_id" => $data['user_id'],
            "log_trusted_ip" => $data['log_trusted_ip'],
            "log_trusted_port" => $data['log_trusted_port'],
            "log_remote_ip" => $data['log_remote_ip'],
            "log_remote_port" => $data['log_remote_port'],
            "log_start_time" => $data['log_start_time'],
            "log_end_time" => $data['log_end_time'],
            "log_received" => $received,
            "log_send" => $sent)
          );
        } while ($data = $req->fetch());
      }
      else {
        $nb = 0;
      }
      // We finally print the result
      $result = array('total' => intval($nb), 'rows' => $list);
      echo json_encode($result);
    }
    else if($_GET['select'] == "admin"){ // Select the admins
      $req = $bdd->prepare('SELECT * FROM admin');
      $req->execute();
      if($data = $req->fetch()) {
        do{
          $list[] = array(
            "admin_id" => $data['admin_id'],
            "admin_pass" => $data['admin_pass']
          );
        } while($data = $req->fetch());
        echo json_encode($list);
      }
      else{
        echo json_encode(array());
      }
    }
  }
  else if(isset($_POST['add_user'], $_POST['user_id'], $_POST['user_pass'])){ // ---------------- ADD USER ----------------
    // Put some default values
    $id = $_POST['user_id'];
    $pass = hashPass($_POST['user_pass']);
    $mail = "";
    $phone = "";
    $online = 0;
    $enable = 1;
    $start = null;
    $end = null;
    $req = $bdd->prepare('INSERT INTO user (user_id, user_pass, user_mail, user_phone, user_online, user_enable, user_start_date, user_end_date) VALUES (?, ?, ?, ?, ?, ?, ?, ?)');
    $req->execute(array($id, $pass, $mail, $phone, $online, $enable, $start, $end));
    $res = array(
	  "user_id" => $id,
      "user_pass" => $pass,
      "user_mail" => $mail ,
      "user_phone" => $phone,
      "user_online" => $online,
      "user_enable" => $enable,
      "user_start_date" => $start,
      "user_end_date" => $end
    );
    echo json_encode($res);
  }
  else if(isset($_POST['set_user'])){ // ---------------- UPDATE USER ----------------
    $valid = array("user_id", "user_pass", "user_mail", "user_phone", "user_enable", "user_start_date", "user_end_date");
    $field = $_POST['name'];
    $value = $_POST['value'];
    $pk = $_POST['pk'];
    if (!isset($field) || !isset($pk) || !in_array($field, $valid)) {
      return;
    }
    if ($field === 'user_pass') {
      $value = hashPass($value);
    }
    else if (($field === 'user_start_date' || $field === 'user_end_date') && $value === '') {
      $value = null;
    }
    // /!\ SQL injection: field was checked with in_array function
    $req_string = 'UPDATE user SET ' . $field . ' = ? WHERE user_id = ?';
    $req = $bdd->prepare($req_string);
    $req->execute(array($value, $pk));
  }
  else if(isset($_POST['del_user'], $_POST['del_user_id'])){ // ---------------- REMOVE USER ----------------
    $req = $bdd->prepare('DELETE FROM user WHERE user_id = ?');
    $req->execute(array($_POST['del_user_id']));
  }
  else if(isset($_POST['add_admin'], $_POST['admin_id'], $_POST['admin_pass'])){ // ---------------- ADD ADMIN ----------------
    $req = $bdd->prepare('INSERT INTO admin(admin_id, admin_pass) VALUES (?, ?)');
    $req->execute(array($_POST['admin_id'], hashPass($_POST['admin_pass'])));
  }
  else if(isset($_POST['set_admin'])){ // ---------------- UPDATE ADMIN ----------------
    $valid = array("admin_id", "admin_pass");
    $field = $_POST['name'];
    $value = $_POST['value'];
    $pk = $_POST['pk'];
    if (!isset($field) || !isset($pk) || !in_array($field, $valid)) {
      return;
    }
    if ($field === 'admin_pass') {
      $value = hashPass($value);
    }
    $req_string = 'UPDATE admin SET ' . $field . ' = ? WHERE admin_id = ?';
    $req = $bdd->prepare($req_string);
    $req->execute(array($value, $pk));
  }
  else if(isset($_POST['del_admin'], $_POST['del_admin_id'])){ // ---------------- REMOVE ADMIN ----------------
    $req = $bdd->prepare('DELETE FROM admin WHERE admin_id = ?');
    $req->execute(array($_POST['del_admin_id']));
  }
  else if(isset($_POST['update_config'])){ // ---------------- UPDATE CONFIG ----------------
      $pathinfo = pathinfo($_POST['config_file']);
      $config_full_uri = $_POST['config_file']; // the complete path to the file, including the file (name) its self and the fully qualified path
      $config_full_path = $pathinfo['dirname']; // path to file (without filename its self)
      $config_name = basename($_POST['config_file']); // config file name only (without path)
      $config_parent_dir = basename($config_full_path); // name of the dir that contains the config file (without path)
      /*
       * create backup for history
       */
      if (!file_exists($dir="../$config_full_path/history"))
         mkdir($dir, 0777, true);
      $ts = time();
      copy("../$config_full_uri", "../$config_full_path/history/${ts}_${config_name}");
      /*
       *  write config
       */
      $conf_success = file_put_contents('../'.$_POST['config_file'], $_POST['config_content']);
      echo json_encode([
        'debug' => [
            'config_file' => $_POST['config_file'],
            'config_content' => $_POST['config_content']
        ],
        'config_success' => $conf_success !== false,
      ]);
  }
?>
Big refresh 2015-07-09 14:26:07 +02:00			`<?php`
			`session_start();`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`if(!isset($_SESSION['admin_id'])) {`
Big refresh 2015-07-09 14:26:07 +02:00			`exit -1;`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`}`
Big refresh 2015-07-09 14:26:07 +02:00			`require(dirname(__FILE__) . '/connect.php');`
			`require(dirname(__FILE__) . '/functions.php');`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00
Big refresh 2015-07-09 14:26:07 +02:00			`// ---------------- SELECT ----------------`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`if(isset($_GET['select'])){`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`if($_GET['select'] == "user"){ // Select the users`
Big refresh 2015-07-09 14:26:07 +02:00			`$req = $bdd->prepare('SELECT * FROM user');`
			`$req->execute();`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`if($data = $req->fetch()) {`
			`do {`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`$list[] = array(`
			`"user_id" => $data['user_id'],`
			`"user_pass" => $data['user_pass'],`
			`"user_mail" => $data['user_mail'],`
			`"user_phone" => $data['user_phone'],`
			`"user_online" => $data['user_online'],`
			`"user_enable" => $data['user_enable'],`
			`"user_start_date" => $data['user_start_date'],`
			`"user_end_date" => $data['user_end_date']`
			`);`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`} while($data = $req->fetch());`
			`echo json_encode($list);`
Big refresh 2015-07-09 14:26:07 +02:00			`}`
			`else{`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`echo json_encode(array()); // If it is an empty answer, we need to encore an empty json object`
Big refresh 2015-07-09 14:26:07 +02:00			`}`
			`}`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`else if($_GET['select'] == "log" && isset($_GET['offset'], $_GET['limit'])){ // Select the logs`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`$offset = intval($_GET['offset']);`
			`$limit = intval($_GET['limit']);`
Big refresh 2015-07-09 14:26:07 +02:00			`// Creation of the LIMIT for build different pages`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`$page = "LIMIT $offset, $limit";`
added some cool new features 2018-05-11 17:03:39 +02:00			`// ... filtering by the bootstrap table plugin`
			`$filter = isset($_GET['filter']) ? json_decode($_GET['filter'],true) : []; // this is passed by the bootstrap table filter plugin (if a filter was chosen by the user): these are the concrete set filters with their value`
			`$where = !empty($filter)?'WHERE TRUE':'';`
			`$allowed_query_filters = ['user_id', 'log_trusted_ip','log_trusted_port','log_remote_ip','log_remote_port']; // these are valid filters that could be used (defined here for sql security reason)`
			`$query_filters_existing = [];`
			`foreach($filter as $unsanitized_filter_key => $unsanitized_filter_val) {`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`if(in_array($unsanitized_filter_key, $allowed_query_filters)) { // if this condition does not match: ignore it, because this parameter should not be passed`
			`// if $unsanitized_filter_key is in array $allowed_query_filters its a valid key and can not be harmful, so it can be considered sanitized`
			`$where .= " AND $unsanitized_filter_key = ?";`
			`$query_filters_existing[] = $unsanitized_filter_key;`
			`}`
added some cool new features 2018-05-11 17:03:39 +02:00			`}`
Big refresh 2015-07-09 14:26:07 +02:00			`// Select the logs`
added some cool new features 2018-05-11 17:03:39 +02:00			`$req_string = "SELECT , (SELECT COUNT() FROM log $where) AS nb FROM log $where ORDER BY log_id DESC $page";`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`$req = $bdd->prepare($req_string);`
added some cool new features 2018-05-11 17:03:39 +02:00			`// dynamically bind the params`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`foreach(array_merge($query_filters_existing,$query_filters_existing) as $i => $query_filter) { // array_merge -> duplicated the array contents; this is needed because our where clause is bound two times (in subquery + the outer query)`
			`$req->bindValue($i+1, $filter[$query_filter]);`
			`}`
Big refresh 2015-07-09 14:26:07 +02:00			`$req->execute();`
			`$list = array();`
			`$data = $req->fetch();`
			`if($data) {`
			`$nb = $data['nb'];`
			`do {`
			`// Better in Kb or Mb`
Fix log byte counts 2017-09-04 09:04:06 +02:00			`$received = ($data['log_received'] > 1000000) ? $data['log_received']/1000000 . " Mo" : $data['log_received']/1000 . " Ko";`
			`$sent = ($data['log_send'] > 1000000) ? $data['log_send']/1000000 . " Mo" : $data['log_send']/1000 . " Ko";`
Big refresh 2015-07-09 14:26:07 +02:00			`// We add to the array the new line of logs`
			`array_push($list, array(`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`"log_id" => $data['log_id'],`
			`"user_id" => $data['user_id'],`
			`"log_trusted_ip" => $data['log_trusted_ip'],`
			`"log_trusted_port" => $data['log_trusted_port'],`
			`"log_remote_ip" => $data['log_remote_ip'],`
			`"log_remote_port" => $data['log_remote_port'],`
			`"log_start_time" => $data['log_start_time'],`
			`"log_end_time" => $data['log_end_time'],`
			`"log_received" => $received,`
			`"log_send" => $sent)`
			`);`
Big refresh 2015-07-09 14:26:07 +02:00			`} while ($data = $req->fetch());`
			`}`
			`else {`
			`$nb = 0;`
			`}`
			`// We finally print the result`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`$result = array('total' => intval($nb), 'rows' => $list);`
Big refresh 2015-07-09 14:26:07 +02:00			`echo json_encode($result);`
			`}`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`else if($_GET['select'] == "admin"){ // Select the admins`
Big refresh 2015-07-09 14:26:07 +02:00			`$req = $bdd->prepare('SELECT * FROM admin');`
			`$req->execute();`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`if($data = $req->fetch()) {`
			`do{`
Big refresh 2015-07-09 14:26:07 +02:00			`$list[] = array(`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`"admin_id" => $data['admin_id'],`
			`"admin_pass" => $data['admin_pass']`
			`);`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`} while($data = $req->fetch());`
			`echo json_encode($list);`
Big refresh 2015-07-09 14:26:07 +02:00			`}`
			`else{`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`echo json_encode(array());`
Big refresh 2015-07-09 14:26:07 +02:00			`}`
			`}`
			`}`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`else if(isset($_POST['add_user'], $_POST['user_id'], $_POST['user_pass'])){ // ---------------- ADD USER ----------------`
Big refresh 2015-07-09 14:26:07 +02:00			`// Put some default values`
			`$id = $_POST['user_id'];`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`$pass = hashPass($_POST['user_pass']);`
Big refresh 2015-07-09 14:26:07 +02:00			`$mail = "";`
			`$phone = "";`
			`$online = 0;`
			`$enable = 1;`
Change PHP keywords to comply with PSR2 (#139) Signed-off-by: CodeLingoBot <bot@codelingo.io> 2019-04-06 09:35:19 +02:00			`$start = null;`
			`$end = null;`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`$req = $bdd->prepare('INSERT INTO user (user_id, user_pass, user_mail, user_phone, user_online, user_enable, user_start_date, user_end_date) VALUES (?, ?, ?, ?, ?, ?, ?, ?)');`
Big refresh 2015-07-09 14:26:07 +02:00			`$req->execute(array($id, $pass, $mail, $phone, $online, $enable, $start, $end));`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`$res = array(`
			`"user_id" => $id,`
Big refresh 2015-07-09 14:26:07 +02:00			`"user_pass" => $pass,`
			`"user_mail" => $mail ,`
			`"user_phone" => $phone,`
			`"user_online" => $online,`
			`"user_enable" => $enable,`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`"user_start_date" => $start,`
			`"user_end_date" => $end`
Big refresh 2015-07-09 14:26:07 +02:00			`);`
			`echo json_encode($res);`
			`}`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`else if(isset($_POST['set_user'])){ // ---------------- UPDATE USER ----------------`
Big refresh 2015-07-09 14:26:07 +02:00			`$valid = array("user_id", "user_pass", "user_mail", "user_phone", "user_enable", "user_start_date", "user_end_date");`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`$field = $_POST['name'];`
			`$value = $_POST['value'];`
			`$pk = $_POST['pk'];`
			`if (!isset($field) \|\| !isset($pk) \|\| !in_array($field, $valid)) {`
			`return;`
Big refresh 2015-07-09 14:26:07 +02:00			`}`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`if ($field === 'user_pass') {`
			`$value = hashPass($value);`
			`}`
Fix database date: 0000-00-00 -> NULL 2017-02-05 17:03:00 +01:00			`else if (($field === 'user_start_date' \|\| $field === 'user_end_date') && $value === '') {`
Change PHP keywords to comply with PSR2 (#139) Signed-off-by: CodeLingoBot <bot@codelingo.io> 2019-04-06 09:35:19 +02:00			`$value = null;`
Fix database date: 0000-00-00 -> NULL 2017-02-05 17:03:00 +01:00			`}`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`// /!\ SQL injection: field was checked with in_array function`
			`$req_string = 'UPDATE user SET ' . $field . ' = ? WHERE user_id = ?';`
Big refresh 2015-07-09 14:26:07 +02:00			`$req = $bdd->prepare($req_string);`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`$req->execute(array($value, $pk));`
Big refresh 2015-07-09 14:26:07 +02:00			`}`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`else if(isset($_POST['del_user'], $_POST['del_user_id'])){ // ---------------- REMOVE USER ----------------`
Big refresh 2015-07-09 14:26:07 +02:00			`$req = $bdd->prepare('DELETE FROM user WHERE user_id = ?');`
			`$req->execute(array($_POST['del_user_id']));`
			`}`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`else if(isset($_POST['add_admin'], $_POST['admin_id'], $_POST['admin_pass'])){ // ---------------- ADD ADMIN ----------------`
Big refresh 2015-07-09 14:26:07 +02:00			`$req = $bdd->prepare('INSERT INTO admin(admin_id, admin_pass) VALUES (?, ?)');`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`$req->execute(array($_POST['admin_id'], hashPass($_POST['admin_pass'])));`
Big refresh 2015-07-09 14:26:07 +02:00			`}`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`else if(isset($_POST['set_admin'])){ // ---------------- UPDATE ADMIN ----------------`
Update tables : use bootstrap tables, x-editable, bootstrap datepicker... 2016-08-25 11:59:49 +02:00			`$valid = array("admin_id", "admin_pass");`
			`$field = $_POST['name'];`
			`$value = $_POST['value'];`
			`$pk = $_POST['pk'];`
			`if (!isset($field) \|\| !isset($pk) \|\| !in_array($field, $valid)) {`
			`return;`
			`}`
			`if ($field === 'admin_pass') {`
			`$value = hashPass($value);`
			`}`
			`$req_string = 'UPDATE admin SET ' . $field . ' = ? WHERE admin_id = ?';`
			`$req = $bdd->prepare($req_string);`
			`$req->execute(array($value, $pk));`
Big refresh 2015-07-09 14:26:07 +02:00			`}`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`else if(isset($_POST['del_admin'], $_POST['del_admin_id'])){ // ---------------- REMOVE ADMIN ----------------`
Big refresh 2015-07-09 14:26:07 +02:00			`$req = $bdd->prepare('DELETE FROM admin WHERE admin_id = ?');`
			`$req->execute(array($_POST['del_admin_id']));`
			`}`
„include/grids.php“ ändern Code Style 2020-01-14 21:09:14 +01:00			`else if(isset($_POST['update_config'])){ // ---------------- UPDATE CONFIG ----------------`
added some cool new features 2018-05-11 17:03:39 +02:00			`$pathinfo = pathinfo($_POST['config_file']);`
			`$config_full_uri = $_POST['config_file']; // the complete path to the file, including the file (name) its self and the fully qualified path`
			`$config_full_path = $pathinfo['dirname']; // path to file (without filename its self)`
			`$config_name = basename($_POST['config_file']); // config file name only (without path)`
			`$config_parent_dir = basename($config_full_path); // name of the dir that contains the config file (without path)`
			`/*`
			`* create backup for history`
			`*/`
			`if (!file_exists($dir="../$config_full_path/history"))`
			`mkdir($dir, 0777, true);`
			`$ts = time();`
			`copy("../$config_full_uri", "../$config_full_path/history/${ts}_${config_name}");`
			`/*`
			`* write config`
			`*/`
			`$conf_success = file_put_contents('../'.$_POST['config_file'], $_POST['config_content']);`
			`echo json_encode([`
			`'debug' => [`
			`'config_file' => $_POST['config_file'],`
			`'config_content' => $_POST['config_content']`
			`],`
			`'config_success' => $conf_success !== false,`
			`]);`
			`}`
Big refresh 2015-07-09 14:26:07 +02:00			`?>`