diff options
-rwxr-xr-x | admin/.htaccess | 4 | ||||
-rw-r--r-- | admin/add.php | 30 | ||||
-rwxr-xr-x | admin/index.php | 27 | ||||
-rw-r--r-- | admin/login.php | 30 | ||||
-rw-r--r-- | admin/logout.php | 7 | ||||
-rw-r--r-- | admin/main.php | 8 | ||||
-rw-r--r-- | admin/manage.php | 15 | ||||
-rw-r--r-- | admin/remove.php | 8 | ||||
-rw-r--r-- | admin/update.php | 5 | ||||
-rwxr-xr-x | db.php | 2 | ||||
-rw-r--r-- | header.php | 2 | ||||
-rwxr-xr-x | index.php | 10 |
12 files changed, 146 insertions, 2 deletions
diff --git a/admin/.htaccess b/admin/.htaccess new file mode 100755 index 0000000..d590e40 --- /dev/null +++ b/admin/.htaccess | |||
@@ -0,0 +1,4 @@ | |||
1 | RewriteEngine On | ||
2 | RewriteCond %{REQUEST_FILENAME} !index.php | ||
3 | RewriteCond %{REQUEST_FILENAME} !-d | ||
4 | RewriteRule (.*).php /admin/index.php?file=$1 [QSA,L] | ||
diff --git a/admin/add.php b/admin/add.php new file mode 100644 index 0000000..96a9219 --- /dev/null +++ b/admin/add.php | |||
@@ -0,0 +1,30 @@ | |||
1 | <?php | ||
2 | |||
3 | $getimage = "SELECT * FROM moderation WHERE id = " . $_GET['id']; | ||
4 | $getimage2 = mysql_query($getimage); | ||
5 | $getimage3 = mysql_fetch_array($getimage2); | ||
6 | |||
7 | $title = $getimage3['title']; | ||
8 | $title = preg_replace('/[^A-Za-z0-9 ]/','',$title); | ||
9 | $title = str_replace(' ', '-', $title); | ||
10 | $title = preg_replace('/-{2,}/','-',$title); | ||
11 | if (substr($title,0,1) == '-') | ||
12 | { | ||
13 | $title = substr($title,1); | ||
14 | } | ||
15 | if (substr($title,strlen($title)-1,1) == '-') | ||
16 | { | ||
17 | $title = substr($title,0,strlen($title)-1); | ||
18 | } | ||
19 | $title = strtolower($title); | ||
20 | rename($_SERVER['DOCUMENT_ROOT'] . '/moderation/' . $getimage3['id'] . '.png', $_SERVER['DOCUMENT_ROOT'] . '/images/' . $title . '.png'); | ||
21 | |||
22 | $insimage = "INSERT INTO pending (title,filename,text,author) VALUES (\"" . $getimage3['title'] . "\",\"" . $title . "\",\"" . $getimage3['text'] . "\",\"" . $getimage3['author'] . "\")"; | ||
23 | $insimage2 = mysql_query($insimage); | ||
24 | |||
25 | $delimage = "DELETE FROM moderation WHERE id = " . $_GET['id']; | ||
26 | $delimage2 = mysql_query($delimage); | ||
27 | |||
28 | ?> | ||
29 | |||
30 | Added comic <?php echo($getimage3['title']); ?>! | ||
diff --git a/admin/index.php b/admin/index.php new file mode 100755 index 0000000..3a5f6be --- /dev/null +++ b/admin/index.php | |||
@@ -0,0 +1,27 @@ | |||
1 | <?php | ||
2 | |||
3 | session_start(); | ||
4 | |||
5 | ob_start(); | ||
6 | |||
7 | include('../header.php'); | ||
8 | |||
9 | if (!isset($_SESSION['username'])) | ||
10 | { | ||
11 | include('login.php'); | ||
12 | } else { | ||
13 | if (!isset($_GET['file'])) | ||
14 | { | ||
15 | $file = 'main.php'; | ||
16 | } else { | ||
17 | $file = basename($_GET['file'] . '.php'); | ||
18 | } | ||
19 | |||
20 | include($file); | ||
21 | } | ||
22 | |||
23 | include('../footer.php'); | ||
24 | |||
25 | ob_end_flush(); | ||
26 | |||
27 | ?> | ||
diff --git a/admin/login.php b/admin/login.php new file mode 100644 index 0000000..f938664 --- /dev/null +++ b/admin/login.php | |||
@@ -0,0 +1,30 @@ | |||
1 | <?php | ||
2 | |||
3 | if (!isset($_GET['submit'])) | ||
4 | { | ||
5 | |||
6 | ?> | ||
7 | <FORM ACTION="/admin/login.php?submit=" METHOD="POST"> | ||
8 | Username: <INPUT TYPE="text" NAME="user"><BR> | ||
9 | Password: <INPUT TYPE="password" NAME="pass"><BR> | ||
10 | <INPUT TYPE="submit"></FORM> | ||
11 | <?php | ||
12 | |||
13 | } else { | ||
14 | $getconfig = "SELECT * FROM config WHERE name = \"username\" OR name = \"password\" ORDER BY name DESC"; | ||
15 | $getconfig2 = mysql_query($getconfig) or die($getconfig); | ||
16 | $username = mysql_fetch_array($getconfig2); | ||
17 | $password = mysql_fetch_array($getconfig2); | ||
18 | |||
19 | if (($username['value'] == $_POST['user']) && ($password['value'] == md5($_POST['pass']))) | ||
20 | { | ||
21 | $_SESSION['username'] = $_POST['user']; | ||
22 | |||
23 | header('Location: /admin/'); | ||
24 | exit; | ||
25 | } else { | ||
26 | ?><H2>Incorrect login</H2><?php | ||
27 | } | ||
28 | } | ||
29 | |||
30 | ?> | ||
diff --git a/admin/logout.php b/admin/logout.php new file mode 100644 index 0000000..639e045 --- /dev/null +++ b/admin/logout.php | |||
@@ -0,0 +1,7 @@ | |||
1 | <?php | ||
2 | |||
3 | unset($_SESSION['username']); | ||
4 | |||
5 | header('Location: /'); | ||
6 | |||
7 | ?> | ||
diff --git a/admin/main.php b/admin/main.php new file mode 100644 index 0000000..aa01262 --- /dev/null +++ b/admin/main.php | |||
@@ -0,0 +1,8 @@ | |||
1 | <H2>Admin Panel</H2> | ||
2 | |||
3 | <UL> | ||
4 | <LI><A HREF="/admin/post.php">Upload a comic</A></LI> | ||
5 | <LI><A HREF="/admin/manage.php">Manage moderation queue</A></LI> | ||
6 | <LI><A HREF="/admin/update.php">HG Update</A></LI> | ||
7 | <LI><A HREF="/admin/logout.php">Logout</A></LI> | ||
8 | </UL> | ||
diff --git a/admin/manage.php b/admin/manage.php new file mode 100644 index 0000000..2485520 --- /dev/null +++ b/admin/manage.php | |||
@@ -0,0 +1,15 @@ | |||
1 | <UL><?php | ||
2 | |||
3 | $getimages = "SELECT * FROM moderation"; | ||
4 | $getimages2 = mysql_query($getimages); | ||
5 | while ($getimages3 = mysql_fetch_array($getimages2)) | ||
6 | { | ||
7 | ?><LI><?php echo($getimages3['title']); ?> - | ||
8 | <IMG SRC="/moderation/<?php echo($getimages3['id']); ?>.png" ALT="<?php echo($getimages3['text']); ?>" TITLE="<?php echo($getimages3['text']); ?>"> - | ||
9 | <A HREF="/admin/add.php?id=<?php echo($getimages3['id']); ?>">Add to Pending Queue</A> - | ||
10 | <A HREF="/admin/remove.php?id=<?php echo($getimages3['id']); ?>">Remove</A></LI><?php | ||
11 | } | ||
12 | |||
13 | ?></UL> | ||
14 | |||
15 | <A HREF="/admin/">Back to Admin</A> | ||
diff --git a/admin/remove.php b/admin/remove.php new file mode 100644 index 0000000..bf8e565 --- /dev/null +++ b/admin/remove.php | |||
@@ -0,0 +1,8 @@ | |||
1 | <?php | ||
2 | |||
3 | $delimage = "DELETE FROM moderation WHERE id = " . $_GET['id']; | ||
4 | $delimage2 = mysql_query($delimage); | ||
5 | |||
6 | ?> | ||
7 | |||
8 | Removed comic <?php echo($_GET['id']); ?>! | ||
diff --git a/admin/update.php b/admin/update.php new file mode 100644 index 0000000..c84c2c4 --- /dev/null +++ b/admin/update.php | |||
@@ -0,0 +1,5 @@ | |||
1 | <?php | ||
2 | |||
3 | system('hg update'); | ||
4 | |||
5 | ?> | ||
diff --git a/db.php b/db.php index d584c4c..a763283 100755 --- a/db.php +++ b/db.php | |||
@@ -1,6 +1,6 @@ | |||
1 | <?php | 1 | <?php |
2 | 2 | ||
3 | include('../security/pillowcase.php'); | 3 | include($_SERVER['DOCUMENT_ROOT'] . '/../security/pillowcase.php'); |
4 | 4 | ||
5 | mysql_connect($dbhost, $dbuser, $dbpasswd); | 5 | mysql_connect($dbhost, $dbuser, $dbpasswd); |
6 | mysql_select_db($dbname); | 6 | mysql_select_db($dbname); |
diff --git a/header.php b/header.php index ebdee99..dbbb5bf 100644 --- a/header.php +++ b/header.php | |||
@@ -21,7 +21,7 @@ if (isset($title)) | |||
21 | 21 | ||
22 | <?php | 22 | <?php |
23 | 23 | ||
24 | include_once('db.php'); | 24 | include_once($_SERVER['DOCUMENT_ROOT'] . '/db.php'); |
25 | 25 | ||
26 | $getlast = "SELECT * FROM config WHERE name = \"lastUpdated\""; | 26 | $getlast = "SELECT * FROM config WHERE name = \"lastUpdated\""; |
27 | $getlast2 = mysql_query($getlast); | 27 | $getlast2 = mysql_query($getlast); |
diff --git a/index.php b/index.php index 50e381c..e10ee98 100755 --- a/index.php +++ b/index.php | |||
@@ -24,6 +24,16 @@ $getimage3 = mysql_fetch_array($getimage2); | |||
24 | 24 | ||
25 | <DIV CLASS="title"> | 25 | <DIV CLASS="title"> |
26 | <H2><?php echo($getimage3['title']); ?></H2> | 26 | <H2><?php echo($getimage3['title']); ?></H2> |
27 | <?php | ||
28 | |||
29 | if ($getimage3['author'] != '') | ||
30 | { | ||
31 | ?> | ||
32 | <CENTER><SMALL>Guest comic by <?php echo($getimage3['author']); ?></SMALL></CENTER> | ||
33 | <?php | ||
34 | } | ||
35 | |||
36 | ?> | ||
27 | </DIV> | 37 | </DIV> |
28 | </DIV> | 38 | </DIV> |
29 | 39 | ||