function delete()
{
$this->is_loggedin();
global $runtime;
$to_trash = new Admin($runtime['ident']);
$to_trash->delete();
redirect('admin/all');
}
if (!isset($_SESSION['ITCLoggedInAdmin']) || !isset($_SESSION["ITCadminEmail"])) {
$json = array("status" => 0, "msg" => "You are not logged in.");
header('Content-type: application/json');
echo json_encode($json);
} else {
if (filter_input(INPUT_POST, "deleteThisAdmin") != NULL) {
$postVars = array('id');
// Form fields names
//Validate the POST variables and add up to error message if empty
foreach ($postVars as $postVar) {
switch ($postVar) {
default:
$adminObj->{$postVar} = filter_input(INPUT_POST, $postVar) ? mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, $postVar)) : '';
if ($adminObj->{$postVar} === "") {
array_push($errorArr, "Please enter {$postVar} ");
}
break;
}
}
//If validated and not empty submit it to database
if (count($errorArr) < 1) {
echo $adminObj->delete();
} else {
$json = array("status" => 0, "msg" => $errorArr);
$dbObj->close();
//Close Database Connection
header('Content-type: application/json');
echo json_encode($json);
}
}
}
/**
* @before _secure
*/
public function delete($id)
{
parent::delete($id);
$view = $this->getActionView();
$usr = \User::first(['_id' => $id, 'org_id' => $this->org->_id]);
$allowedTypes = ['afm', 'adm'];
if ($usr->type === 'admin') {
$view->set('message', 'Can not remove admin!!');
} else {
if (in_array($usr->type, $allowedTypes)) {
$usr->delete();
}
$view->set('message', 'Accout Deleted!!');
}
}
/**
* Create admin page
*
* @author Thibaud Rohmer
*/
public function __construct()
{
/// Check that current user is an admin or an uploader
if (!(CurrentUser::$admin || CurrentUser::$uploader)) {
return;
}
/// Get actions available for Uploaders too
if (isset($_GET['a'])) {
switch ($_GET['a']) {
case "Abo":
$this->page = new AdminAbout();
break;
case "Upl":
if (isset($_POST['path'])) {
AdminUpload::upload();
CurrentUser::$path = File::r2a(stripslashes($_POST['path']));
}
break;
case "Mov":
if (isset($_POST['pathFrom'])) {
try {
CurrentUser::$path = File::r2a(dirname(stripslashes($_POST['pathFrom'])));
} catch (Exception $e) {
CurrentUser::$path = Settings::$photos_dir;
}
}
Admin::move();
if (isset($_POST['move']) && $_POST['move'] == "rename") {
try {
if (is_dir(File::r2a(stripslashes($_POST['pathFrom'])))) {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['pathFrom']))) . "/" . stripslashes($_POST['pathTo']);
}
} catch (Exception $e) {
CurrentUser::$path = Settings::$photos_dir;
}
}
break;
case "Del":
if (isset($_POST['del'])) {
if (!is_array($_POST['del'])) {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['del'])));
} else {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['del'][0])));
}
Admin::delete();
}
break;
}
}
/// Check that current user is an admin
if (!CurrentUser::$admin) {
return;
}
/// Get action
if (isset($_GET['a'])) {
switch ($_GET['a']) {
case "Sta":
$this->page = new AdminStats();
break;
case "VTk":
$this->page = new GuestToken();
break;
case "DTk":
if (isset($_POST['tokenkey'])) {
GuestToken::delete($_POST['tokenkey']);
}
$this->page = new GuestToken();
break;
case "Acc":
if (isset($_POST['edit'])) {
Account::edit($_POST['login'], $_POST['old_password'], $_POST['password'], $_POST['name'], $_POST['email'], NULL, $_POST['language']);
}
if (isset($_POST['login'])) {
$this->page = new Account($_POST['login']);
} else {
$this->page = CurrentUser::$account;
}
break;
case "GC":
Group::create($_POST['group']);
$this->page = new Group();
break;
case "AAc":
Account::create($_POST['login'], $_POST['password'], $_POST['verif']);
$this->page = new Group();
break;
case "AGA":
$a = new Account($_POST['acc']);
$a->add_group($_POST['group']);
$a->save();
$this->page = CurrentUser::$account;
break;
case "AGR":
$a = new Account($_POST['acc']);
$a->remove_group($_POST['group']);
$a->save();
$this->page = CurrentUser::$account;
break;
case "ADe":
Account::delete($_POST['name']);
$this->page = new Group();
break;
case "GEd":
Group::edit($_POST);
$this->page = new Group();
break;
case "GDe":
Group::delete($_GET['g']);
$this->page = new Group();
break;
case "CDe":
CurrentUser::$path = File::r2a($_POST['image']);
Comments::delete($_POST['id']);
$this->page = new MainPage();
break;
case "JS":
break;
case "EdA":
$this->page = new Group();
break;
case "GAl":
if (isset($_POST['path'])) {
Settings::gener_all(File::r2a(stripslashes($_POST['path'])));
}
case "Set":
if (isset($_POST['name'])) {
Settings::set();
}
$this->page = new Settings();
break;
}
}
if (!isset($this->page)) {
$this->page = new AdminAbout();
}
/// Create menu
$this->menu = new AdminMenu();
}
/**
* @before _secure
*/
public function delete($id)
{
parent::delete($id);
$view = $this->getActionView();
$ad = \Ad::first(["_id = ?" => $id, "org_id = ?" => $this->org->_id]);
if (!$ad) {
return $view->set('message', 'Invalid Request!!');
}
$msg = $ad->delete();
$view->set($msg);
}
<?php include '../php_library/class_admin.php'; $id = $_GET['id']; $post = new Admin(); $post->delete($id);
<?php
session_start();
require "../includes/checkPermission.php";
require "../../deny/connector.php";
require "class/class.Admin.php";
require "../includes/injection.php";
$aid = sqlInjection($_POST['adminID']);
$continue = $_POST['continue'];
$adm = new Admin();
if ($_SESSION['ADMIN'] != $aid) {
$adm->delete($aid);
}
echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=listadmin'>";
//header("location: ../admincp.php?opt=listadmin");
//exit();
}
}
//OBJECT OF adminusercontroller
$admin = new Admin();
//IF m IS SET, SET IT TO $method, ELSE DEFAULT IT TO index
if (isset($_GET['m'])) {
$method = $_GET['m'];
} else {
$method = "index";
}
switch ($method) {
case "index":
$admin->index();
break;
case "add":
$admin->add();
break;
case "edit":
$admin->edit();
break;
case "delete":
$admin->delete();
break;
case "check":
$admin->check();
break;
case "logout":
$admin->logout();
default:
$admin->index();
}
<?php
require_once "AccessData.php";
header("Access-Control-Allow-Orgin: *");
header("Access-Control-Allow-Methods: *");
header("Content-Type: application/json");
$admin = new Admin();
if (isset($_POST['message_id'])) {
$admin->delete($_POST['message_id']);
} else {
if (isset($_POST['login']) && isset($_POST['password'])) {
$admin->authorise($_POST['login'], $_POST['password']);
} else {
if (isset($_POST['signout'])) {
$admin->signout();
} else {
$admin->response("Unknown params", 500);
}
}
}
class Admin
{
public function __construct()
{
session_start();
}
function authorise($login, $password)
{
if ($login == 'admin' && $password == 'admin') {
$token = bin2hex(openssl_random_pseudo_bytes(16));
setcookie('access_token', $token, time() + 1800);
