add editability

This commit is contained in:
Bruno Rybársky 2023-06-10 13:59:08 +02:00
parent a6ea3abe90
commit d44a4b8d7e
No known key found for this signature in database
GPG Key ID: DFE2C061EF985CD4
3 changed files with 64 additions and 40 deletions

@ -15,7 +15,7 @@ if (!empty($action) && $_SESSION["password"] == $config["admin_pwd"]){
echo "YES"; echo "YES";
} }
if ($action == "get"){ if ($action == "getlinks"){
$stmt1 = $mysqli->prepare("SELECT `LinkID`, `ContentID`, `Nickname` FROM Links"); $stmt1 = $mysqli->prepare("SELECT `LinkID`, `ContentID`, `Nickname` FROM Links");
$stmt1->bind_result($linkid, $contentid, $nickname); $stmt1->bind_result($linkid, $contentid, $nickname);
$stmt1->execute(); $stmt1->execute();
@ -25,21 +25,21 @@ if (!empty($action) && $_SESSION["password"] == $config["admin_pwd"]){
$id = htmlspecialchars($linkid); $id = htmlspecialchars($linkid);
$nickname = htmlspecialchars($nickname); $nickname = htmlspecialchars($nickname);
$contentid = htmlspecialchars($contentid); $contentid = htmlspecialchars($contentid);
$out = $out . "<tr><td>$id</td><td>$contentid</td><td>$nickname</td><td><button onclick=\"delthis('$id')\">Delete</button></td></tr>"; $out = $out . "<tr><td><input id=\"addid_$id\" placeholder=\"ID\" value=\"$id\"></td></td><td><input id=\"addcontentid_$id\" value=\"$contentid\" placeholder=\"Content ID\"></td><td><input id=\"addnickname_$id\" value=\"$nickname\" placeholder=\"Nickname\"></td><td><button onclick=\"uplinkthis('$id')\">Update</button><button onclick=\"delthis('$id')\">Delete</button></td></tr>";
} }
$out = $out . "<tr><td><input id=\"addid\" placeholder=\"ID\"></td><td><input id=\"addcontentid\" placeholder=\"Content ID\"></td><td><input id=\"addnickname\" placeholder=\"Nickname\"></td><td><button id=\"linkadder\" onclick=\"justadd()\">Add</button></td></tr>"; $out = $out . "<tr><td><input id=\"addid\" placeholder=\"ID\"></td><td><input id=\"addcontentid\" placeholder=\"Content ID\"></td><td><input id=\"addnickname\" placeholder=\"Nickname\"></td><td><button id=\"linkadder\" onclick=\"justadd()\">Add</button></td></tr>";
$out = $out . "</tbody></table>"; $out = $out . "</tbody></table>";
echo $out; echo $out;
} }
if ($action == "delete" && !empty($_POST["id"])){ if ($action == "deletelink" && !empty($_POST["id"])){
$stmt2 = $mysqli->prepare("DELETE FROM Links WHERE `LinkID` = ?"); $stmt2 = $mysqli->prepare("DELETE FROM Links WHERE `LinkID` = ?");
$stmt2->bind_param('s', $_POST["id"]); $stmt2->bind_param('s', $_POST["id"]);
$stmt2->execute(); $stmt2->execute();
$stmt2->store_result(); $stmt2->store_result();
} }
if ($action == "set" && !empty($_POST["id"]) && !empty($_POST["contentid"]) && !empty($_POST["nickname"])){ if ($action == "addlink" && !empty($_POST["id"]) && !empty($_POST["contentid"]) && !empty($_POST["nickname"])){
$stmt3 = $mysqli->prepare("INSERT INTO Links (`LinkID`, `ContentID`, `Nickname`) VALUES (?, ?, ?);"); $stmt3 = $mysqli->prepare("INSERT INTO Links (`LinkID`, `ContentID`, `Nickname`) VALUES (?, ?, ?);");
$stmt3->bind_param('sss', $_POST["id"], $_POST["contentid"], $_POST["nickname"]); $stmt3->bind_param('sss', $_POST["id"], $_POST["contentid"], $_POST["nickname"]);
$stmt3->execute(); $stmt3->execute();
@ -47,23 +47,18 @@ if (!empty($action) && $_SESSION["password"] == $config["admin_pwd"]){
} }
if ($action == "getcontent"){ if ($action == "getcontent"){
$stmt4 = $mysqli->prepare("SELECT `ContentID`, `Type`, `Content` FROM Content"); $stmt4 = $mysqli->prepare("SELECT `ContentID`, `Content` FROM Content");
$stmt4->bind_result ($contentid, $type, $content); $stmt4->bind_result ($contentid, $content);
$stmt4->execute(); $stmt4->execute();
$stmt4->store_result(); $stmt4->store_result();
$out = "<table><tbody><tr><th>Content ID</th><th>Content</th><th>MIME type</th><th>Button</th></tr>"; $out = "<table><tbody><tr><th>Content ID</th><th>Content</th><th>Button</th></tr>";
while ($stmt4->fetch()) { while ($stmt4->fetch()) {
$id = htmlspecialchars($contentid); $id = htmlspecialchars($contentid);
if(empty($type)){ $content = htmlspecialchars($content);
$content = htmlspecialchars($content);
$type = "Normal text"; $out = $out . "<tr><td><input id=\"addidc_$id\" placeholder=\"Content ID\" value=\"$id\"></td></td><td><textarea id=\"addcontentc_$id\" placeholder=\"Content\">$content</textarea></td><td><button onclick=\"upcthis('$id')\">Update</button><button onclick=\"delcthis('$id')\">Delete</button></td></tr>";
}
else{
$content = "Binary data";
}
$out = $out . "<tr><td>$id</td><td>$content</td><td>$type</td><td><button onclick=\"delcthis('$id')\">Delete</button></td></tr>";
} }
$out = $out . "<tr><td><input id=\"addidc\" placeholder=\"Content ID\"></td><td><textarea id=\"addcontentc\" placeholder=\"Content\"></textarea></td><td><input id=\"addtypec\" placeholder=\"MIME Type(when set the data must be Base64)\"></td></td><td><button id=\"contentadder\" onclick=\"justaddc()\">Add</button></td></tr>"; $out = $out . "<tr><td><input id=\"addidc\" placeholder=\"Content ID\"></td><td><textarea id=\"addcontentc\" placeholder=\"Content\"></textarea></td><td><button id=\"contentadder\" onclick=\"justaddc()\">Add</button></td></tr>";
$out = $out . "</tbody></table>"; $out = $out . "</tbody></table>";
echo $out; echo $out;
} }
@ -75,21 +70,27 @@ if (!empty($action) && $_SESSION["password"] == $config["admin_pwd"]){
$stmt5->store_result(); $stmt5->store_result();
} }
if ($action == "setcontent" && !empty($_POST["id"]) && !empty($_POST["content"])){ if ($action == "addcontent" && !empty($_POST["id"]) && !empty($_POST["content"])){
$stmt6 = $mysqli->prepare("INSERT INTO Content (`ContentID`, `Type`, `Content`) VALUES (?, ?, ?);"); $stmt6 = $mysqli->prepare("INSERT INTO Content (`ContentID`, `Content`) VALUES (?, ?);");
$type = ""; $stmt6->bind_param('ss', $_POST["id"], $_POST["content"]);
if (!empty($_POST["type"])){
$decoded = base64_decode($_POST["content"]);
$type = $_POST["type"];
$stmt6->bind_param('sss', $_POST["id"], $type, $decoded);
}
else{
$stmt6->bind_param('sss', $_POST["id"], $type, $_POST["content"]);
}
$stmt6->execute(); $stmt6->execute();
$stmt6->store_result(); $stmt6->store_result();
} }
if ($action == "setlink" && !empty($_POST["id"]) && !empty($_POST["contentid"]) && !empty($_POST["nickname"]) && !empty($_POST["idwhere"])){
$stmt9 = $mysqli->prepare("UPDATE Links SET `LinkID` = ?, `ContentID` = ?, `Nickname` = ? WHERE `LinkID` = ?;");
$stmt9->bind_param('ssss', $_POST["id"], $_POST["contentid"], $_POST["nickname"], $_POST["idwhere"]);
$stmt9->execute();
$stmt8->store_result();
}
if ($action == "setcontent" && !empty($_POST["id"]) && !empty($_POST["content"]) && !empty($_POST["idwhere"])){
$stmt8 = $mysqli->prepare("UPDATE Content SET `ContentID` = ?, `Content` = ? WHERE `ContentID` = ?;");
$stmt8->bind_param('sss', $_POST["id"], $_POST["content"], $_POST["idwhere"]);
$stmt8->execute();
$stmt8->store_result();
}
if ($action == "getlog"){ if ($action == "getlog"){
$idcko = $_POST["id"]; $idcko = $_POST["id"];
if (empty($idcko)||$idcko == "*"){ if (empty($idcko)||$idcko == "*"){

@ -20,7 +20,7 @@
let nickname = $("#addnickname").val(); let nickname = $("#addnickname").val();
$.post("api.php", $.post("api.php",
{ {
action: "set", action: "addlink",
password: password, password: password,
id: id, id: id,
contentid: contentid, contentid: contentid,
@ -33,15 +33,12 @@
function justaddc(){ function justaddc(){
let id = $("#addidc").val(); let id = $("#addidc").val();
let content = $("#addcontentc").val(); let content = $("#addcontentc").val();
let type = "normal";
type = $("#addtypec").val();
$.post("api.php", $.post("api.php",
{ {
action: "setcontent", action: "addcontent",
password: password, password: password,
id: id, id: id,
content: content, content: content,
type: type,
}, function( data ) { }, function( data ) {
getcontents(); getcontents();
}); });
@ -57,6 +54,36 @@
}); });
} }
function upcthis(name){
let id = $("#addidc_" + name).val();
let contentin = $("#addcontentc_" + name).val();
$.post("api.php",
{
action: "setcontent",
idwhere: name,
id: id,
content: contentin,
}, function( data ) {
getcontents();
});
}
function uplinkthis(name){
let id = $("#addid_" + name).val();
let contentid = $("#addcontentid_" + name).val();
let nickname = $("#addnickname_" + name).val();
$.post("api.php",
{
action: "setlink",
idwhere: name,
id: id,
contentid: contentid,
nickname: nickname,
}, function( data ) {
getcontents();
});
}
function getcontents(){ function getcontents(){
$.post("api.php", $.post("api.php",
{ {
@ -82,7 +109,7 @@
function delthis(name){ function delthis(name){
$.post("api.php", $.post("api.php",
{ {
action: "delete", action: "deletelink",
id: name id: name
}, function( data ) { }, function( data ) {
getlinks(); getlinks();
@ -125,7 +152,7 @@
function getlinks(){ function getlinks(){
$.post("api.php", $.post("api.php",
{ {
action: "get" action: "getlinks"
}, function( data ) { }, function( data ) {
$("#linkslist").html(data); $("#linkslist").html(data);
$("#addnickname").keyup(function(event) { $("#addnickname").keyup(function(event) {

@ -19,9 +19,9 @@ if (!empty($idcko)){
die("Nonexistent link"); die("Nonexistent link");
} }
while ($stmt1->fetch()) { while ($stmt1->fetch()) {
$stmt2 = $mysqli->prepare("SELECT `Type`, `Content` FROM Content WHERE `ContentID` = ?"); $stmt2 = $mysqli->prepare("SELECT `Content` FROM Content WHERE `ContentID` = ?");
$stmt2->bind_param("s", $contentid); $stmt2->bind_param("s", $contentid);
$stmt2->bind_result ($type, $content); $stmt2->bind_result ($content);
$stmt2->execute(); $stmt2->execute();
$stmt2->store_result(); $stmt2->store_result();
if ($stmt2->num_rows() < 1) { if ($stmt2->num_rows() < 1) {
@ -33,10 +33,6 @@ if (!empty($idcko)){
$stmt3->bind_param('ssssss', $action, $idcko, $contentid, $curdate, $nickname, $ipcka); $stmt3->bind_param('ssssss', $action, $idcko, $contentid, $curdate, $nickname, $ipcka);
$stmt3->execute(); $stmt3->execute();
$stmt3->store_result(); $stmt3->store_result();
if ($type == 1){
}
header("Content-Type: $type");
echo $content; echo $content;
} }