12 files changed, 146 insertions, 2 deletions
diff --git a/admin/.htaccess b/admin/.htaccess
new file mode 100755
index 0000000..d590e40
--- /dev/null
+++ b/admin/.htaccess

@@ -0,0 +1,4 @@
+RewriteEngine On
+RewriteCond %{REQUEST_FILENAME} !index.php
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteRule (.*).php /admin/index.php?file=$1 [QSA,L]
diff --git a/admin/add.php b/admin/add.php
new file mode 100644
index 0000000..96a9219
--- /dev/null
+++ b/admin/add.php

@@ -0,0 +1,30 @@
+<?php
+$getimage = "SELECT * FROM moderation WHERE id = " . $_GET['id'];
+$getimage2 = mysql_query($getimage);
+$getimage3 = mysql_fetch_array($getimage2);
+$title = $getimage3['title'];
+$title = preg_replace('/[^A-Za-z0-9 ]/','',$title);
+$title = str_replace(' ', '-', $title);
+$title = preg_replace('/-{2,}/','-',$title);
+if (substr($title,0,1) == '-')
+{
+        $title = substr($title,1);
+}
+if (substr($title,strlen($title)-1,1) == '-')
+{
+        $title = substr($title,0,strlen($title)-1);
+}
+$title = strtolower($title);
+rename($_SERVER['DOCUMENT_ROOT'] . '/moderation/' . $getimage3['id'] . '.png', $_SERVER['DOCUMENT_ROOT'] . '/images/' . $title . '.png');
+$insimage = "INSERT INTO pending (title,filename,text,author) VALUES (\"" . $getimage3['title'] . "\",\"" . $title . "\",\"" . $getimage3['text'] . "\",\"" . $getimage3['author'] . "\")";
+$insimage2 = mysql_query($insimage);
+$delimage = "DELETE FROM moderation WHERE id = " . $_GET['id'];
+$delimage2 = mysql_query($delimage);
+?>
+Added comic <?php echo($getimage3['title']); ?>!
diff --git a/admin/index.php b/admin/index.php
new file mode 100755
index 0000000..3a5f6be
--- /dev/null
+++ b/admin/index.php

@@ -0,0 +1,27 @@
+<?php
+session_start();
+ob_start();
+include('../header.php');
+if (!isset($_SESSION['username']))
+{
+        include('login.php');
+} else {
+        if (!isset($_GET['file']))
+        {
+                $file = 'main.php';
+        } else {
+                $file = basename($_GET['file'] . '.php');
+        }
+        include($file);
+}
+include('../footer.php');
+ob_end_flush();
+?>
diff --git a/admin/login.php b/admin/login.php
new file mode 100644
index 0000000..f938664
--- /dev/null
+++ b/admin/login.php

@@ -0,0 +1,30 @@
+<?php
+if (!isset($_GET['submit']))
+{
+?>
+<FORM ACTION="/admin/login.php?submit=" METHOD="POST">
+Username: <INPUT TYPE="text" NAME="user"><BR>
+Password: <INPUT TYPE="password" NAME="pass"><BR>
+<INPUT TYPE="submit"></FORM>
+<?php
+} else {
+        $getconfig = "SELECT * FROM config WHERE name = \"username\" OR name = \"password\" ORDER BY name DESC";
+        $getconfig2 = mysql_query($getconfig) or die($getconfig);
+        $username = mysql_fetch_array($getconfig2);
+        $password = mysql_fetch_array($getconfig2);
+        if (($username['value'] == $_POST['user']) && ($password['value'] == md5($_POST['pass'])))
+        {
+                $_SESSION['username'] = $_POST['user'];
+                header('Location: /admin/');
+                exit;
+        } else {
+?><H2>Incorrect login</H2><?php
+        }
+}
+?>
diff --git a/admin/logout.php b/admin/logout.php
new file mode 100644
index 0000000..639e045
--- /dev/null
+++ b/admin/logout.php

@@ -0,0 +1,7 @@
+<?php
+unset($_SESSION['username']);
+header('Location: /');
+?>
diff --git a/admin/main.php b/admin/main.php
new file mode 100644
index 0000000..aa01262
--- /dev/null
+++ b/admin/main.php

@@ -0,0 +1,8 @@
+<H2>Admin Panel</H2>
+<UL>
+        <LI><A HREF="/admin/post.php">Upload a comic</A></LI>
+        <LI><A HREF="/admin/manage.php">Manage moderation queue</A></LI>
+        <LI><A HREF="/admin/update.php">HG Update</A></LI>
+        <LI><A HREF="/admin/logout.php">Logout</A></LI>
+</UL>
diff --git a/admin/manage.php b/admin/manage.php
new file mode 100644
index 0000000..2485520
--- /dev/null
+++ b/admin/manage.php

@@ -0,0 +1,15 @@
+<UL><?php
+$getimages = "SELECT * FROM moderation";
+$getimages2 = mysql_query($getimages);
+while ($getimages3 = mysql_fetch_array($getimages2))
+{
+?><LI><?php echo($getimages3['title']); ?> -
+<IMG SRC="/moderation/<?php echo($getimages3['id']); ?>.png" ALT="<?php echo($getimages3['text']); ?>" TITLE="<?php echo($getimages3['text']); ?>"> - 
+<A HREF="/admin/add.php?id=<?php echo($getimages3['id']); ?>">Add to Pending Queue</A> -
+<A HREF="/admin/remove.php?id=<?php echo($getimages3['id']); ?>">Remove</A></LI><?php
+}
+?></UL>
+<A HREF="/admin/">Back to Admin</A>
diff --git a/admin/remove.php b/admin/remove.php
new file mode 100644
index 0000000..bf8e565
--- /dev/null
+++ b/admin/remove.php

@@ -0,0 +1,8 @@
+<?php
+$delimage = "DELETE FROM moderation WHERE id = " . $_GET['id'];
+$delimage2 = mysql_query($delimage);
+?>
+Removed comic <?php echo($_GET['id']); ?>!
diff --git a/admin/update.php b/admin/update.php
new file mode 100644
index 0000000..c84c2c4
--- /dev/null
+++ b/admin/update.php

@@ -0,0 +1,5 @@
+<?php
+system('hg update');
+?>
diff --git a/db.php b/db.php
index d584c4c..a763283 100755
--- a/db.php
+++ b/db.php

@@ -1,6 +1,6 @@
 <?php
-include('../security/pillowcase.php');
+include($_SERVER['DOCUMENT_ROOT'] . '/../security/pillowcase.php');
 mysql_connect($dbhost, $dbuser, $dbpasswd);
 mysql_select_db($dbname);
diff --git a/header.php b/header.php
index ebdee99..dbbb5bf 100644
--- a/header.php
+++ b/header.php

@@ -21,7 +21,7 @@ if (isset($title))
 <?php
-include_once('db.php');
+include_once($_SERVER['DOCUMENT_ROOT'] . '/db.php');
 $getlast = "SELECT * FROM config WHERE name = \"lastUpdated\"";
 $getlast2 = mysql_query($getlast);
diff --git a/index.php b/index.php
index 50e381c..e10ee98 100755
--- a/index.php
+++ b/index.php

@@ -24,6 +24,16 @@ $getimage3 = mysql_fetch_array($getimage2);
                                <DIV CLASS="title">
                                        <H2><?php echo($getimage3['title']); ?></H2>
+<?php
+if ($getimage3['author'] != '')
+{
+?>
+                                        <CENTER><SMALL>Guest comic by <?php echo($getimage3['author']); ?></SMALL></CENTER>
+<?php
+}
+?>
                                </DIV>
                        </DIV>

diff --git a/admin/.htaccess b/admin/.htaccess new file mode 100755 index 0000000..d590e40 --- /dev/null +++ b/admin/.htaccess
@@ -0,0 +1,4 @@
		1	RewriteEngine On
		2	RewriteCond %{REQUEST_FILENAME} !index.php
		3	RewriteCond %{REQUEST_FILENAME} !-d
		4	RewriteRule (.*).php /admin/index.php?file=$1 [QSA,L]


diff --git a/admin/add.php b/admin/add.php new file mode 100644 index 0000000..96a9219 --- /dev/null +++ b/admin/add.php
@@ -0,0 +1,30 @@
		1	<?php
		2
		3	$getimage = "SELECT * FROM moderation WHERE id = " . $_GET['id'];
		4	$getimage2 = mysql_query($getimage);
		5	$getimage3 = mysql_fetch_array($getimage2);
		6
		7	$title = $getimage3['title'];
		8	$title = preg_replace('/[^A-Za-z0-9 ]/','',$title);
		9	$title = str_replace(' ', '-', $title);
		10	$title = preg_replace('/-{2,}/','-',$title);
		11	if (substr($title,0,1) == '-')
		12	{
		13	$title = substr($title,1);
		14	}
		15	if (substr($title,strlen($title)-1,1) == '-')
		16	{
		17	$title = substr($title,0,strlen($title)-1);
		18	}
		19	$title = strtolower($title);
		20	rename($_SERVER['DOCUMENT_ROOT'] . '/moderation/' . $getimage3['id'] . '.png', $_SERVER['DOCUMENT_ROOT'] . '/images/' . $title . '.png');
		21
		22	$insimage = "INSERT INTO pending (title,filename,text,author) VALUES (\"" . $getimage3['title'] . "\",\"" . $title . "\",\"" . $getimage3['text'] . "\",\"" . $getimage3['author'] . "\")";
		23	$insimage2 = mysql_query($insimage);
		24
		25	$delimage = "DELETE FROM moderation WHERE id = " . $_GET['id'];
		26	$delimage2 = mysql_query($delimage);
		27
		28	?>
		29
		30	Added comic <?php echo($getimage3['title']); ?>!


diff --git a/admin/index.php b/admin/index.php new file mode 100755 index 0000000..3a5f6be --- /dev/null +++ b/admin/index.php
@@ -0,0 +1,27 @@
		1	<?php
		2
		3	session_start();
		4
		5	ob_start();
		6
		7	include('../header.php');
		8
		9	if (!isset($_SESSION['username']))
		10	{
		11	include('login.php');
		12	} else {
		13	if (!isset($_GET['file']))
		14	{
		15	$file = 'main.php';
		16	} else {
		17	$file = basename($_GET['file'] . '.php');
		18	}
		19
		20	include($file);
		21	}
		22
		23	include('../footer.php');
		24
		25	ob_end_flush();
		26
		27	?>


diff --git a/admin/login.php b/admin/login.php new file mode 100644 index 0000000..f938664 --- /dev/null +++ b/admin/login.php
@@ -0,0 +1,30 @@
		1	<?php
		2
		3	if (!isset($_GET['submit']))
		4	{
		5
		6	?>
		7	<FORM ACTION="/admin/login.php?submit=" METHOD="POST">
		8	Username: <INPUT TYPE="text" NAME="user"><BR>
		9	Password: <INPUT TYPE="password" NAME="pass"><BR>
		10	<INPUT TYPE="submit"></FORM>
		11	<?php
		12
		13	} else {
		14	$getconfig = "SELECT * FROM config WHERE name = \"username\" OR name = \"password\" ORDER BY name DESC";
		15	$getconfig2 = mysql_query($getconfig) or die($getconfig);
		16	$username = mysql_fetch_array($getconfig2);
		17	$password = mysql_fetch_array($getconfig2);
		18
		19	if (($username['value'] == $_POST['user']) && ($password['value'] == md5($_POST['pass'])))
		20	{
		21	$_SESSION['username'] = $_POST['user'];
		22
		23	header('Location: /admin/');
		24	exit;
		25	} else {
		26	?><H2>Incorrect login</H2><?php
		27	}
		28	}
		29
		30	?>


diff --git a/admin/logout.php b/admin/logout.php new file mode 100644 index 0000000..639e045 --- /dev/null +++ b/admin/logout.php
@@ -0,0 +1,7 @@
		1	<?php
		2
		3	unset($_SESSION['username']);
		4
		5	header('Location: /');
		6
		7	?>


diff --git a/admin/main.php b/admin/main.php new file mode 100644 index 0000000..aa01262 --- /dev/null +++ b/admin/main.php
@@ -0,0 +1,8 @@
		1	<H2>Admin Panel</H2>
		2
		3	<UL>
		4	<LI><A HREF="/admin/post.php">Upload a comic</A></LI>
		5	<LI><A HREF="/admin/manage.php">Manage moderation queue</A></LI>
		6	<LI><A HREF="/admin/update.php">HG Update</A></LI>
		7	<LI><A HREF="/admin/logout.php">Logout</A></LI>
		8	</UL>


diff --git a/admin/manage.php b/admin/manage.php new file mode 100644 index 0000000..2485520 --- /dev/null +++ b/admin/manage.php
@@ -0,0 +1,15 @@
		1	<UL><?php
		2
		3	$getimages = "SELECT * FROM moderation";
		4	$getimages2 = mysql_query($getimages);
		5	while ($getimages3 = mysql_fetch_array($getimages2))
		6	{
		7	?><LI><?php echo($getimages3['title']); ?> -
		8	<IMG SRC="/moderation/<?php echo($getimages3['id']); ?>.png" ALT="<?php echo($getimages3['text']); ?>" TITLE="<?php echo($getimages3['text']); ?>"> -
		9	<A HREF="/admin/add.php?id=<?php echo($getimages3['id']); ?>">Add to Pending Queue</A> -
		10	<A HREF="/admin/remove.php?id=<?php echo($getimages3['id']); ?>">Remove</A></LI><?php
		11	}
		12
		13	?></UL>
		14
		15	<A HREF="/admin/">Back to Admin</A>


diff --git a/admin/remove.php b/admin/remove.php new file mode 100644 index 0000000..bf8e565 --- /dev/null +++ b/admin/remove.php
@@ -0,0 +1,8 @@
		1	<?php
		2
		3	$delimage = "DELETE FROM moderation WHERE id = " . $_GET['id'];
		4	$delimage2 = mysql_query($delimage);
		5
		6	?>
		7
		8	Removed comic <?php echo($_GET['id']); ?>!


diff --git a/admin/update.php b/admin/update.php new file mode 100644 index 0000000..c84c2c4 --- /dev/null +++ b/admin/update.php
@@ -0,0 +1,5 @@
		1	<?php
		2
		3	system('hg update');
		4
		5	?>


diff --git a/db.php b/db.php index d584c4c..a763283 100755 --- a/db.php +++ b/db.php
@@ -1,6 +1,6 @@
1	<?php	1	<?php
2		2
3	include('../security/pillowcase.php');	3	include($_SERVER['DOCUMENT_ROOT'] . '/../security/pillowcase.php');
4		4
5	mysql_connect($dbhost, $dbuser, $dbpasswd);	5	mysql_connect($dbhost, $dbuser, $dbpasswd);
6	mysql_select_db($dbname);	6	mysql_select_db($dbname);


diff --git a/header.php b/header.php index ebdee99..dbbb5bf 100644 --- a/header.php +++ b/header.php
@@ -21,7 +21,7 @@ if (isset($title))
21		21
22	<?php	22	<?php
23		23
24	include_once('db.php');	24	include_once($_SERVER['DOCUMENT_ROOT'] . '/db.php');
25		25
26	$getlast = "SELECT * FROM config WHERE name = \"lastUpdated\"";	26	$getlast = "SELECT * FROM config WHERE name = \"lastUpdated\"";
27	$getlast2 = mysql_query($getlast);	27	$getlast2 = mysql_query($getlast);


diff --git a/index.php b/index.php index 50e381c..e10ee98 100755 --- a/index.php +++ b/index.php
@@ -24,6 +24,16 @@ $getimage3 = mysql_fetch_array($getimage2);
24		24
25	<DIV CLASS="title">	25	<DIV CLASS="title">
26	<H2><?php echo($getimage3['title']); ?></H2>	26	<H2><?php echo($getimage3['title']); ?></H2>
		27	<?php
		28
		29	if ($getimage3['author'] != '')
		30	{
		31	?>
		32	<CENTER><SMALL>Guest comic by <?php echo($getimage3['author']); ?></SMALL></CENTER>
		33	<?php
		34	}
		35
		36	?>
27	</DIV>	37	</DIV>
28	</DIV>	38	</DIV>
29		39