BRNSystems/contentdispenser
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add sessions and log deleting

Browse Source
This commit is contained in:
Bruno Rybársky 2023-06-10 10:13:00 +02:00
parent 2e2a56a751
commit 5834a92a3f
No known key found for this signature in database
GPG Key ID: DFE2C061EF985CD4
2 changed files with 51 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
admin/api.php
View File

@ -1,11 +1,18 @@
<?php <?php
session_start();
$action = $_POST['action']; $action = $_POST['action'];
$config = json_decode(file_get_contents("../data/config.json"), true); $config = json_decode(file_get_contents("../data/config.json"), true);
if (!empty($action) && $_POST["password"] == $config["admin_pwd"]){
if ($_POST["password"] == $config["admin_pwd"] && $action == "verify"){
echo "OK";
$_SESSION["password"] = $_POST["password"];
}
if (!empty($action) && $_SESSION["password"] == $config["admin_pwd"]){
$mysqli = new mysqli($config["mysqlhost"], $config["mysqluser"], $config["mysqlpass"], $config["mysqldb"]); $mysqli = new mysqli($config["mysqlhost"], $config["mysqluser"], $config["mysqlpass"], $config["mysqldb"]);
if ($action == "verify"){ if ($action == "hassession"){
echo "OK"; echo "YES";
} }
if ($action == "get"){ if ($action == "get"){
@ -83,19 +90,26 @@ if (!empty($action) && $_POST["password"] == $config["admin_pwd"]){
$stmt7->bind_result ($rowidx, $actionx, $linkidx, $contentidx, $datetimex, $timestampx, $nicknamex, $ipx); $stmt7->bind_result ($rowidx, $actionx, $linkidx, $contentidx, $datetimex, $timestampx, $nicknamex, $ipx);
$stmt7->execute(); $stmt7->execute();
$stmt7->store_result(); $stmt7->store_result();
$out = "<table><tbody><tr><th>Action</th><th>Date and Time</th><th>Nickname</th><th>Link</th><th>Content</th><th>IP</th></tr>"; $out = "<table><tbody><tr><th>Action</th><th>Date and Time</th><th>Nickname</th><th>Link</th><th>Content</th><th>IP</th><th>Button</th></tr>";
while ($stmt7->fetch()) { while ($stmt7->fetch()) {
$action = htmlspecialchars($actionx); $action = htmlspecialchars($actionx);
$link = htmlspecialchars($linkidx); $link = htmlspecialchars($linkidx);
$content = htmlspecialchars($contentidx); $content = htmlspecialchars($contentidx);
$nickname = htmlspecialchars($nicknamex); $nickname = htmlspecialchars($nicknamex);
$ip = htmlspecialchars($ipx); $ip = htmlspecialchars($ipx);
$rowid = htmlspecialchars($rowidx);
$datetime = htmlspecialchars($datetimex); $datetime = htmlspecialchars($datetimex);
$out = $out . "<tr><td>$action</td><td>$datetime</td><td>$nickname</td><td>$link</td><td>$content</td><td>$ip</td></tr>"; $out = $out . "<tr><td>$action</td><td>$datetime</td><td>$nickname</td><td>$link</td><td>$content</td><td>$ip</td><td><button onclick=\"dellog('$rowid')\">Delete</button></td></tr>";
} }
$out = $out . "</tbody></table>"; $out = $out . "</tbody></table>";
echo $out; echo $out;
} }
if ($action == "deletelog" && !empty($_POST["id"])){
$stmt5 = $mysqli->prepare("DELETE FROM Logs WHERE `ID` = ?");
$stmt5->bind_param('i', $_POST["id"]);
$stmt5->execute();
$stmt5->store_result();
}
} }
else{ else{

45
admin/index.html
View File

@ -48,7 +48,6 @@
$.post("api.php", $.post("api.php",
{ {
action: "deletecontent", action: "deletecontent",
password: password,
id: name id: name
}, function( data ) { }, function( data ) {
getcontents(); getcontents();
@ -58,8 +57,7 @@
function getcontents(){ function getcontents(){
$.post("api.php", $.post("api.php",
{ {
action: "getcontent", action: "getcontent"
password: password
}, function( data ) { }, function( data ) {
$("#contentlist").html(data); $("#contentlist").html(data);
@ -82,13 +80,32 @@
$.post("api.php", $.post("api.php",
{ {
action: "delete", action: "delete",
password: password,
id: name id: name
}, function( data ) { }, function( data ) {
getlinks(); getlinks();
}); });
} }
function dellog(name){
$.post("api.php",
{
action: "deletelog",
id: name
}, function( data ) {
getlog();
});
}
function loadmgmt() {
getlinks();
getcontents();
getlog();
$("#pwdentry").fadeOut("fast", function(){
$("#indexmanagement").fadeIn("fast", function(){
});
});
}
function verifyPassword(){ function verifyPassword(){
password = $("#pwdbox").val(); password = $("#pwdbox").val();
$.post("api.php", $.post("api.php",
@ -97,13 +114,7 @@
password: password password: password
}, function( data ) { }, function( data ) {
if (data == "OK"){ if (data == "OK"){
getlinks(); loadmgmt();
getcontents();
getlog();
$("#pwdentry").fadeOut("slow", function(){
$("#indexmanagement").fadeIn("slow", function(){
});
});
} }
}); });
} }
@ -111,8 +122,7 @@
function getlinks(){ function getlinks(){
$.post("api.php", $.post("api.php",
{ {
action: "get", action: "get"
password: password
}, function( data ) { }, function( data ) {
$("#linkslist").html(data); $("#linkslist").html(data);
$("#addnickname").keyup(function(event) { $("#addnickname").keyup(function(event) {
@ -140,7 +150,6 @@
$.post("api.php", $.post("api.php",
{ {
action: "getlog", action: "getlog",
password: password,
id: id id: id
}, function( data ) { }, function( data ) {
$("#loglist").html(data); $("#loglist").html(data);
@ -152,6 +161,14 @@
$("#submitpwd").click(verifyPassword); $("#submitpwd").click(verifyPassword);
$("#logget").click(getlog); $("#logget").click(getlog);
$.post("api.php",
{
action: "hassession"
}, function( data ) {
if (data == "YES"){
loadmgmt();
}
});
$("#logid").keyup(function(event) { $("#logid").keyup(function(event) {
if (event.keyCode === 13) { if (event.keyCode === 13) {