hestiacp/web/list/access-key/index.php

<?php
use function Hestiacp\quoteshellarg\quoteshellarg;

$TAB = 'Access Key';

// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

if (($_SESSION['userContext'] === 'admin') && (!empty($_GET['user']))) {
    $user = quoteshellarg($_GET['user']);
    $user_plain = $_GET['user'];
}

// Checks if API access is enabled
$api_status = (!empty($_SESSION['API_SYSTEM']) && is_numeric($_SESSION['API_SYSTEM'])) ? $_SESSION['API_SYSTEM'] : 0;
if (($user_plain == 'admin' && $api_status < 1) || ($user_plain != 'admin' && $api_status < 2)) {
    header("Location: /edit/user/");
    exit;
}

if (!empty($_GET['key'])) {
    $v_key = quoteshellarg(trim($_GET['key']));

    // Key data
    exec(HESTIA_CMD."v-list-access-key ".$v_key." json", $output, $return_var);
    $key_data = json_decode(implode('', $output), true);
    unset($output);

    if (empty($key_data) || $key_data['USER'] != $user_plain) {
        header("Location: /list/access-key/");
        exit;
    }

    // APIs
    exec(HESTIA_CMD."v-list-apis json", $output, $return_var);
    $apis = json_decode(implode('', $output), true);
    $apis = array_filter($apis, function ($api) use ($user_plain) {
        return ($user_plain == 'admin' || $api['ROLE'] == 'user');
    });
    ksort($apis);
    unset($output);

    render_page($user, $TAB, 'list_access_key');
} else {
    exec(HESTIA_CMD."v-list-access-keys $user json", $output, $return_var);
    $data = json_decode(implode('', $output), true);

    uasort($data, function ($a, $b) {
        return $a['DATE'] <=> $b['DATE'] ?: $a['TIME'] <=> $b['TIME'];
    });
    unset($output);

    // Render page
    render_page($user, $TAB, 'list_access_keys');
}

// Back uri
$_SESSION['back'] = $_SERVER['REQUEST_URI'];