diff --git a/admin/api.php b/admin/api.php
index 9bbb386..0242590 100644
--- a/admin/api.php
+++ b/admin/api.php
@@ -1,106 +1,95 @@
ID | Content ID | Nickname | Button |
";
- foreach($stranky as $idx => $arr) {
- $id = htmlspecialchars($idx);
- $nickname = htmlspecialchars($arr["nickname"]);
- $contentid = htmlspecialchars($arr["contentid"]);
- $out = $out . "$id | $contentid | $nickname | |
";
- }
- $out = $out . " | | | |
";
- $out = $out . "";
- echo $out;
+ $stmt1 = $mysqli->prepare("SELECT `LinkID`, `ContentID`, `Nickname` FROM Links");
+ $stmt1->bind_result($linkid, $contentid, $nickname);
+ $stmt1->execute();
+ $stmt1->store_result();
+ $out = "";
+ echo $out;
}
if ($action == "delete" && !empty($_POST["id"])){
- if ($_POST["password"] == $config["admin_pwd"]){
- $stranky = json_decode(file_get_contents("../data/pageindex.json"), true);
- unset($stranky[$_POST["id"]]);
- file_put_contents("../data/pageindex.json", json_encode($stranky, JSON_PRETTY_PRINT));
- }
+ $stmt2 = $mysqli->prepare("DELETE FROM Links WHERE `LinkID` = ?");
+ $stmt2->bind_param('s', $_POST["id"]);
+ $stmt2->execute();
+ $stmt2->store_result();
}
if ($action == "set" && !empty($_POST["id"]) && !empty($_POST["contentid"]) && !empty($_POST["nickname"])){
- if ($_POST["password"] == $config["admin_pwd"]){
- $stranky = json_decode(file_get_contents("../data/pageindex.json"), true);
- $tmp = array("contentid"=>$_POST["contentid"], "nickname"=>$_POST["nickname"]);
- $stranky[$_POST["id"]] = $tmp;
- file_put_contents("../data/pageindex.json", json_encode($stranky, JSON_PRETTY_PRINT));
- }
+ $stmt3 = $mysqli->prepare("INSERT INTO Links (`LinkID`, `ContentID`, `Nickname`) VALUES (?, ?, ?);");
+ $stmt3->bind_param('sss', $_POST["id"], $_POST["contentid"], $_POST["nickname"]);
+ $stmt3->execute();
+ $stmt3->store_result();
}
if ($action == "getcontent"){
- if(!file_exists("../data/contents.json")){
- file_put_contents("../data/contents.json", "{}");
- }
- if ($_POST["password"] == $config["admin_pwd"]){
- $contents = json_decode(file_get_contents("../data/contents.json"), true);
- $out = "";
- echo $out;
+ $stmt4 = $mysqli->prepare("SELECT `ContentID`, `Content` FROM Content");
+ $stmt4->bind_result ($contentid, $content);
+ $stmt4->execute();
+ $stmt4->store_result();
+ $out = "";
+ echo $out;
}
if ($action == "deletecontent" && !empty($_POST["id"])){
- if ($_POST["password"] == $config["admin_pwd"]){
- $contents = json_decode(file_get_contents("../data/contents.json"), true);
- unset($contents[$_POST["id"]]);
- file_put_contents("../data/contents.json", json_encode($contents, JSON_PRETTY_PRINT));
- }
+ $stmt5 = $mysqli->prepare("DELETE FROM Content WHERE `ContentID` = ?");
+ $stmt5->bind_param('s', $_POST["id"]);
+ $stmt5->execute();
+ $stmt5->store_result();
}
if ($action == "setcontent" && !empty($_POST["id"]) && !empty($_POST["content"])){
- if ($_POST["password"] == $config["admin_pwd"]){
- $contents = json_decode(file_get_contents("../data/contents.json"), true);
- $contents[$_POST["id"]] = $_POST["content"];
- file_put_contents("../data/contents.json", json_encode($contents, JSON_PRETTY_PRINT));
- }
+ $stmt6 = $mysqli->prepare("INSERT INTO Content (`ContentID`, `Content`) VALUES (?, ?);");
+ $stmt6->bind_param('ss', $_POST["id"], $_POST["content"]);
+ $stmt6->execute();
+ $stmt6->store_result();
}
if ($action == "getlog"&& !empty($_POST["id"])){
- if(!file_exists("../data/logs.json")){
- file_put_contents("../data/logs.json", "{}");
- }
- if ($_POST["password"] == $config["admin_pwd"]){
- $logy = json_decode(file_get_contents("../data/logs.json"), true)[$_POST["id"]];
- $out = "Action | Date and Time | Nickname | Link | IP |
";
- foreach($logy as $arr) {
- $action = htmlspecialchars($arr["action"]);
- $link = htmlspecialchars($arr["link"]);
- $nickname = htmlspecialchars($arr["nickname"]);
- $ip = htmlspecialchars($arr["ip"]);
- $datetime = htmlspecialchars($arr["datetime"]);
- $out = $out . "$action | $datetime | $nickname | $link | $ip |
";
- }
- $out = $out . "
";
- echo $out;
+ $stmt7 = $mysqli->prepare("SELECT `ID`, `Action`, `LinkID`, `ContentID`, `Datetime`, `Timestamp`, `Nickname`, `IP` FROM Logs");
+ $stmt7->bind_result ($rowidx, $actionx, $linkidx, $contentidx, $datetimex, $timestampx, $nicknamex, $ipx);
+ $stmt7->execute();
+ $stmt7->store_result();
+ $out = "Action | Date and Time | Nickname | Link | Content | IP |
";
+ while ($stmt7->fetch()) {
+ $action = htmlspecialchars($actionx);
+ $link = htmlspecialchars($linkidx);
+ $content = htmlspecialchars($contentidx);
+ $nickname = htmlspecialchars($nicknamex);
+ $ip = htmlspecialchars($ipx);
+ $datetime = htmlspecialchars($datetimex);
+ $out = $out . "$action | $datetime | $nickname | $link | $content | $ip |
";
}
+ $out = $out . "
";
+ echo $out;
}
}
+else{
+ echo "ERROR";
+}
?>
\ No newline at end of file
diff --git a/index.php b/index.php
index ded7785..1de18d7 100644
--- a/index.php
+++ b/index.php
@@ -4,53 +4,39 @@ $idcko = $_GET['id'];
if (!empty($idcko)){
+ $config = json_decode(file_get_contents("data/config.json"), true);
+ $mysqli = new mysqli($config["mysqlhost"], $config["mysqluser"], $config["mysqlpass"], $config["mysqldb"]);
+
$ipcka = $_SERVER['REMOTE_ADDR'];
+ $curdate = date("H:i:s d.m.Y");
- if(!file_exists("data/logs.json")){
- file_put_contents("data/logs.json", "{}");
+ $stmt1 = $mysqli->prepare("SELECT `LinkID`, `ContentID`, `Nickname` FROM `Links` WHERE `LinkID` = ?");
+ $stmt1->bind_param("s", $idcko);
+ $stmt1->bind_result($linkid, $contentid, $nickname);
+ $stmt1->execute();
+ $stmt1->store_result();
+ if ($stmt1->num_rows() < 1) {
+ die("Nonexistent link");
}
-
- if(!file_exists("data/pageindex.json")){
- file_put_contents("data/pageindex.json", "{}");
- }
-
- if(!file_exists("data/contents.json")){
- file_put_contents("data/contents.json", "{}");
- }
-
- $stranky = json_decode(file_get_contents("data/pageindex.json"), true);
- $contents = json_decode(file_get_contents("data/contents.json"), true);
- $logs = json_decode(file_get_contents("data/logs.json"), true);
-
-
- $alllog = "data/all.log";
-
- if(array_key_exists($idcko, $stranky)){
-
- $entry = $stranky[$idcko];
-
- if (!array_key_exists($entry["contentid"], $contents)){
+ while ($stmt1->fetch()) {
+ $stmt2 = $mysqli->prepare("SELECT `Content` FROM Content WHERE `ContentID` = ?");
+ $stmt2->bind_param("s", $contentid);
+ $stmt2->bind_result ($content);
+ $stmt2->execute();
+ $stmt2->store_result();
+ if ($stmt2->num_rows() < 1) {
die("Faulty link");
}
-
- $content = $contents[$entry["contentid"]];
- $nickname = $entry["nickname"];
- $logmessage = "Success from $nickname($idcko), IP: $ipcka\n";
- if (!array_key_exists($idcko, $logs)){
- $logs[$idcko] = [];
+ while ($stmt2->fetch()) {
+ $action = "Success";
+ $stmt3 = $mysqli->prepare("INSERT INTO Logs (`Action`, `LinkID`, `ContentID`, `Datetime`, `Nickname`, `IP`) VALUES (?, ?, ?, ?, ?, ?);");
+ $stmt3->bind_param('ssssss', $action, $idcko, $contentid, $curdate, $nickname, $ipcka);
+ $stmt3->execute();
+ $stmt3->store_result();
+ echo $content;
}
- $logs[$idcko][] = array("action"=>"Success", "datetime"=>date("H:i:s d.m.Y"), "link"=>$idcko, "nickname"=>$nickname, "ip"=>$ipcka);
-
- file_put_contents("data/logs.json", json_encode($logs, JSON_PRETTY_PRINT));
- file_put_contents($alllog, $logmessage, FILE_APPEND);
-
- echo $content;
}
-
- else{
- die("Nonexistent link");
- }
}
else{
die("No link");