public function testIsAdmin()
{
$admin = new Admin();
$admin->add_admin('toto');
$admins = $admin->get_admins();
$this->assertTrue($admin->is_admin('toto'));
$admin->remove_admin('toto');
}
/**
* return if the user is log and if he is an admin
*/
public function connect($login, $password)
{
$admin = new Admin();
$users = $this->get_users();
if ($this->_password_verify($password, $users[$login])) {
$_SESSION['login'] = $login;
$_SESSION['loggedIn'] = true;
$_SESSION['admin'] = $admin->is_admin($login);
} else {
$_SESSION['loggedIn'] = false;
$_SESSION['admin'] = false;
}
return array('loggedIn' => $_SESSION['loggedIn'], 'admin' => $_SESSION['admin']);
}
//* under any circumstances.
//* It must stay intact in all the files.
//* Samforum
//* Version 1.0
//* Script created by Samiuddin Samiuddin
//* Email: phpdevsami@gmail.com
//* Skype: n0h4cks
//* - This is not an open source project, functions/classes
//* or any other code form this script cannot be
//* used for other scripts or applications.
//* You are not allowed to resell this script.
//* - You are free to make modification/changes,
//* however it must be for your own use.
//*********************************************************************//
session_start();
if (!isset($_SESSION["logged_in"])) {
header("location: ../index.php");
}
define('ALLOWED', true);
include_once "admin_class.php";
include_once "../connection_to_db.php";
$Admin_cp = new Admin($conn);
if (isset($_SESSION["logged_in"]) and $Admin_cp->is_admin()) {
include_once "../connection_to_db.php";
include_once "admin_class.php";
echo "<a href=\"create_category.php\"> Create category </a> </br>";
echo "<a href=\"edit_category.php\"> Edit category </a> </br>";
echo "<a href=\"delete_category.php\"> Delete category </a>";
} else {
header("location: ../index.php");
}
include_once "include/admin.class.php";
$template = new DxTemplate();
$section = new Admin();
@($action = intval($_GET['action']));
print $template->Head("Administration Page");
print $template->includeCSS("template/Default/style.tmp");
print $template->includeJS("include/menu.js");
print $template->openBody(0);
print '<center>';
print $template->openDiv("header");
print $template->closeDiv();
print $template->setMenu(explode('/', $_SERVER['PHP_SELF']), 4);
print $template->openDiv("body");
print $section->setMenu();
print '<h2 align="center">Administration Pannel Control</h2>';
if ($section->is_admin()) {
if ($action == 1) {
print '<form method="POST" action="?action=1">
<table width="100%" valign="top">
<tr>
<td> Name: </td>
<td> <input type="text" name="name" /> </td>
</tr>
<tr>
<td>Description: </td>
<td><input type="text" name="description" /> </td>
</tr>
<tr />
<tr>
<td> </td>
<td> <input type="submit" value="New Section" /> </td>
}
break;
//--------------- SET_ADMIN ------------------
//--------------- SET_ADMIN ------------------
case 'set_admin':
if ($params['isAdmin'] == 'true') {
echo json_encode($admin->add_admin($params['login']));
} else {
echo json_encode($admin->remove_admin($params['login']));
}
break;
//--------------- GET_USERS ------------------
//--------------- GET_USERS ------------------
case 'get_users':
foreach ($auth->get_users() as $login => $pass) {
$users[] = array('login' => $login, 'isAdmin' => $admin->is_admin($login));
}
unset($login);
unset($pass);
echo json_encode($users);
break;
//--------------- REMOVE_USER ------------------
//--------------- REMOVE_USER ------------------
case 'remove_user':
echo json_encode($auth->remove_user($params['login']));
break;
//--------------- RESET_USER ------------------
//--------------- RESET_USER ------------------
case 'reset_user':
echo json_encode($auth->reset_password($params['login']));
break;
public static function restrict($redirect)
{
if (!Admin::is_admin()) {
header('Location: ' . 'auth/signin.php?redirect=' . $redirect);
}
}
public function printTopicAndPost($id)
{
include "admin.class.php";
$admin = new Admin();
$query = $this->sql->sendQuery("SELECT * FROM " . __PREFIX__ . "topics WHERE id='" . (int) $id . "'");
$result = mysql_fetch_array($query);
$date_time = preg_replace("[/,: ]", "", $result['date_time']);
$this->MarkAsNewPost->SetClickUp($result['id'], $date_time);
print "\t\t\t<table width='100%' class='border'>\n\t\t\t<tr>\n";
print ' <td class="body-right" valign="top"><p align="justify" class="sections">' . $result['author'] . ":</p></td>\n";
print ' <td class="body-left" valign="top"><p align="justify" class="sections">' . $result['text'] . "</p></p>";
if ($admin->is_admin()) {
print "<p><form method='POST' action='admin.php?action=4' />\n\n\t\t\t\t\t\t<input type=\"hidden\" name=\"id_topic\" value=\"" . (int) $result['id'] . "\" />\n\n\t\t\t\t\t\t<input type=\"hidden\" name=\"name\" value=\"" . $result['author'] . "\" />\n\n\t\t\t\t\t\t<input type=\"hidden\" name=\"description\" value=\"" . $result['text'] . "\" />\n\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t<input type=\"submit\" value=\"Edit Topic\" /></form><a href=\"admin.php?action=5&id=" . (int) $result['id'] . "\">[x]</a></p>";
}
print "</td></tr>\n</tr><tr>";
$query_post = $this->sql->sendQuery("SELECT * FROM " . __PREFIX__ . "posts WHERE id_topics='" . (int) $id . "'");
while ($result_post = mysql_fetch_array($query_post)) {
print ' <td class="body-right" valign="top"><p align="justify" class="sections">' . $result_post['author'] . ":</p></td>\n";
print ' <td class="body-left" valign="top"><p align="justify" class="sections">' . $result_post['text'] . "</p>";
if ($admin->is_admin()) {
print "<p><form method='POST' action='admin.php?action=4' />\n\n\t\t\t\t\t\t<input type=\"hidden\" name=\"id_topic\" value=\"" . (int) $result_post['id'] . "\" />\n\n\t\t\t\t\t\t<input type=\"hidden\" name=\"name\" value=\"" . $result_post['author'] . "\" />\n\n\t\t\t\t\t\t<input type=\"hidden\" name=\"description\" value=\"" . $result_post['text'] . "\" />\n\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t<input type=\"submit\" value=\"Edit Topic\" /></form><a href=\"admin.php?action=6&id=" . (int) $result_post['id'] . "\">[x]</a></p>";
}
print "</td></tr>\n</tr><tr>";
}
print "</table>";
}
