$param1 = isset($_GET['param1']) ? $_GET['param1'] : '';
if (!isset($_SESSION['lolgh_admin'])) {
$param = '';
} else {
$user = $dao->findById('user', $_SESSION['lolgh_admin']);
$vars['user'] = $user;
}
switch ($param) {
case '':
case 'login':
$passwordHash = new \Lib\Password();
if (isset($_POST['email'])) {
array_walk_recursive($_POST, 'mysql_real_escape_string');
$email = $_POST['email'];
$password = $_POST['password'];
$userId = $dao->authenticate($email, $password);
if ($userId) {
$_SESSION['lolgh_admin'] = $userId;
header('Location: /admin/comic');
exit;
}
$vars['error'] = 'Invalid username and password';
}
$template = '@admin/login.html';
break;
case 'comic':
// Check if delete is required
if ($param1 != '' && preg_match("/(del)-[0-9]*/i", $param1)) {
$delId = end(explode('-', $param1));
$comic = $dao->findById('comic', $delId);
unlink('/img/comics/' . $comic->getUrl());
