function main() { if ($_SERVER['REQUEST_METHOD'] === 'POST') { print_r($_POST); echo "<br />"; // Required Fields in the POST data // if (!isset($_POST['type'])) { return; } if (!isset($_POST['subtype'])) { return; } if (!isset($_POST['name'])) { return; } if (!isset($_POST['author'])) { return; } if (!isset($_POST['parent'])) { return; } if (!isset($_POST['publish'])) { return; } // Node Type // $type = sanitize_NodeType($_POST['type']); if (empty($type)) { return; } $subtype = sanitize_NodeType($_POST['subtype']); // Name/Title // $name = $_POST['name']; // TODO: Sanitize // Slug // if (empty($_POST['slug'])) { $slug = $_POST['name']; } else { $slug = $_POST['slug']; } $slug = sanitize_Slug($slug); if (empty($slug)) { return; } // Body // $body = $_POST['body']; // TODO: Sanitize // Relationships // $author = intval($_POST['author']); $parent = intval($_POST['parent']); // Do we publish? // $publish = mb_strtolower($_POST['publish']) == "true"; $id = node_Add($type, $subtype, $slug, $name, $body, $author, $parent, $publish); echo "Added " . $id . ".<br />"; echo "<br />"; } }
// Modes // const M_DEFAULT = 1; // Default State // const M_USER = 2; // User Page // const M_NO_USER = -2; // No User Found // const M_ERROR = -255; // Other Error // $mode = M_DEFAULT; // Retrieve Action and Arguments $arg = core_ParseActionURL(); $user_name = array_shift($arg); $arg_count = count($arg); // Sanitize Input $user_name = sanitize_Slug($user_name); if (empty($user_name)) { $mode = M_ERROR; } //if ( $arg_count > 0 ) { // $arg[0] = sanitize_Slug($arg[0]); // if ( empty($arg[0]) ) { // $mode = M_ERROR; // } //} $user = []; $meta = []; $config = []; $service = []; $back_url = ""; if ($mode > 0) {
json_EmitError(); // Emit a regular error, since we haven't attempted a login yet // } // If already logged in, dispose of the active session. if ($response['id'] !== 0) { user_Start(); user_DoLogout(); // Destroy Session $response['id'] = 0; } // Check the APCU cache if access attempts for this IP address is > 5, deny access. // On failure, increase the access attempt (APCU). Timeout in 5 minutes. Log attempt. // Sanitize the data $mail = sanitize_Email($login); if (!$mail) { $login = sanitize_Slug($login); if (!$login) { my_LoginError(); } } $hash = null; /* // Debug // if ( $mail ) $response['mail'] = $mail; else $response['login'] = $login; $response['pw'] = $password; */ // By E-mail // if ($mail) {
function ShowAdmin() { global $EVENT_NODE; $all_themes = theme_GetIdeas($EVENT_NODE); $byid_themes = []; foreach ($all_themes as &$theme) { $byid_themes[$theme['id']] =& $theme; } // Generate Slugs // foreach ($all_themes as &$theme) { $theme['slug'] = sanitize_Slug($theme['theme']); } // Sort by Slugs+Parent+Id // $sorted_themes = []; foreach ($all_themes as &$theme) { $sort_slug = ($theme['parent'] > 0 ? $byid_themes[$theme['parent']]['slug'] : $theme['slug']) . ($theme['parent'] > 0 ? str_pad($theme['parent'], 8, "0", STR_PAD_LEFT) . "-" : "") . str_pad($theme['id'], 8, "0", STR_PAD_LEFT); $sorted_themes[$sort_slug] =& $theme; $theme['sort_slug'] = $sort_slug; } ksort($sorted_themes); echo "<div id='admin-list'>"; foreach ($sorted_themes as &$theme) { $style = "text-align:left;"; if ($theme['parent']) { $style .= "margin-left:1em;background:#FEA;"; } ?> <div class='item admin-item' style='<?php echo $style; ?> ' id='admin-item-<?php echo $theme['id']; ?> ' title='<?php echo $theme['sort_slug']; ?> '> <input class='item-check' type="checkbox" id='admin-item-<?php echo $theme['id']; ?> ' number='<?php echo $theme['id']; ?> ' onclick="admin_OnCheck()"> <?php echo $theme['theme']; ?> <div class="right">(<span><?php echo $theme['id']; ?> </span>, <span><?php echo $theme['parent']; ?> </span>)</div> <div class="right" onclick="admin_MakeParent(<?php echo $theme['id']; ?> )">[Make Parent] </div> <div class="right" onclick="admin_DoStrike()">[STRIKE] </div> </input> </div> <?php } echo "</div>"; ?> <div style="background:#0BE;position:fixed;bottom:0;right:0;padding:1em;"> Selected: <span id="admin-selected">0</span> | <span onclick="admin_Deselect()">Deselect All</a> </div> <script> function admin_OnCheck() { admin_UpdateSelected(); } function admin_UpdateSelected() { dom_SetText('admin-selected',admin_CountSelected()); } function admin_Deselect() { el = document.getElementsByClassName("item-check"); for ( var idx = 0; idx < el.length; idx++ ) { el[idx].checked = false; } admin_UpdateSelected(); } function admin_GetSelected() { el = document.getElementsByClassName("item-check"); var Selected = []; for ( var idx = 0; idx < el.length; idx++ ) { if ( el[idx].checked ) Selected.push( el[idx] ); } return Selected; } function admin_CountSelected() { el = document.getElementsByClassName("item-check"); var Count = 0; for ( var idx = 0; idx < el.length; idx++ ) { if ( el[idx].checked ) Count++; } return Count; } function admin_MakeParent(Id) { var Selected = admin_GetSelected(); if ( Selected.length === 0 ) return; var Ids = []; for (var idx = 0; idx < Selected.length; idx++ ) { //Ids.push( Number(Selected[idx].id.substring(11)) ); Ids.push( Number(Selected[idx].getAttribute('number')) ); } //console.log(Id,Ids); //console.log( admin_GetSelected() ); xhr_PostJSON( "/api-theme.php", serialize({"action":"SETPARENT","parent":Id,"children":Ids}), // On success // function(response,code) { // TODO: Respond to errors // console.log("SETPARENT:",response); admin_Deselect(); } ); } function admin_DoStrike() { var Idea = "blah"; dialog_ConfirmAlert(Idea,"Are you sure you want to remove this, and give user a strike?",function(){ // xhr_PostJSON( // "/api-theme.php", // serialize({"action":"IDEA","id":Id,"value":Value}), // // On success // // function(response,code) { // // TODO: Respond to errors // // console.log("IDEA*:",response); // // kill_RemoveRecentTheme(Id); // kill_AddRecentTheme(Id,Idea,Value,true); // // kill_CancelEditTheme(); // dom_RestartAnimation('kill-theme','effect-accent'); // } // ); }); } </script> <?php }
require_once __DIR__ . "/../core/internal/emoji.php"; require_once __DIR__ . "/../core/post.php"; require_once __DIR__ . "/../core/schedule.php"; user_StartEnd(); //template_SetTheme("embed"); // Modes // const M_DEFAULT = 1; // Default State // const M_ERROR = -255; // Other Error // $mode = M_DEFAULT; $args = core_ParseActionURL(); $args_count = count($args); // Sanitize Input foreach ($args as $arg) { $arg = sanitize_Slug($arg); if (empty($arg)) { $mode = M_ERROR; break; } } if ($mode > 0) { $args_merged = implode('/', $args); $paths = [CMW_NODE_ROOT]; foreach ($args as $key => $slug) { $id = node_GetNodeIdByParentIdAndSlug($paths[$key], $slug); if (!empty($id)) { $paths[] = $id; } else { $mode = M_ERROR; break;
function main() { if ($_SERVER['REQUEST_METHOD'] === 'POST') { print_r($_POST); echo "<br />"; // Required Fields in the POST data // if (!isset($_POST['_type'])) { return; } if (!isset($_POST['_subtype'])) { return; } if (!isset($_POST['_name'])) { return; } if (!isset($_POST['_mail'])) { return; } if (!isset($_POST['_password'])) { return; } if (!isset($_POST['_publish'])) { return; } // Node Type // $type = sanitize_NodeType($_POST['_type']); if (empty($type)) { return; } $subtype = sanitize_NodeType($_POST['_subtype']); // Name/Title // $name = $_POST['_name']; // TODO: Sanitize // Slug // if (empty($_POST['_slug'])) { $slug = $_POST['_name']; } else { $slug = $_POST['_slug']; } $slug = sanitize_Slug($slug); if (empty($slug)) { return; } // TODO: Confirm slug is legal // Body // $body = $_POST['_body']; // TODO: Sanitize // Do we publish? // $publish = mb_strtolower($_POST['_publish']) == "true"; // Email // $mail = sanitize_Email($_POST['_mail']); if (empty($mail)) { return; } // Password // $password = $_POST['_password']; if (empty($password)) { return; } $id = node_Add($type, $subtype, $slug, $name, $body, 0, 2, $publish); user_Add($id, $mail, $password); echo "Added " . $id . ".<br />"; echo "<br />"; } }
function main() { $out = ""; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $out .= print_r($_POST, true); $out .= "<br />"; // Required Fields in the POST data // if (!isset($_POST['login'])) { return; } if (!isset($_POST['password'])) { return; } //if ( !isset($_POST['hashword']) ) return; // Password // $password = $_POST['password']; if (empty($password)) { return; } $login = $_POST['login']; // Can Login 3 ways: // - User Name (slug) // - Email // - User ID $mail = sanitize_Email($login); $id = sanitize_Id($login); $slug = sanitize_Slug($login); $hash = ""; if (!empty($mail)) { $out .= "By Mail<br />"; $data = user_GetIdAndHashByMail($mail); $id = $data['id']; $hash = $data['hash']; } else { if (!empty($id)) { $out .= "By User ID<br />"; $hash = user_GetHashById($id); } else { if (!empty($slug)) { $out .= "By Slug<br />"; $id = node_GetNodeIdByParentIdAndSlug(CMW_NODE_USER, $slug); if ($id > 0) { $hash = user_GetHashById($id); } } else { $out .= "Bad Login Method<br />"; } } } $success = user_VerifyPassword($password, $hash); $out .= "Verify: " . ($success ? "Success!" : "failed") . "<br />"; if ($success) { user_StartSession(true); user_SetLoginToken(); user_SetID($id); user_EndSession(); } $out .= "<br />"; } return $out; }
const M_NO_ITEM = -3; // No Item Found // const M_ERROR = -255; // Other Error // $mode = M_DEFAULT; // Retrieve Action and Arguments $arg = core_ParseActionURL(); $user_name = array_shift($arg); $arg_count = count($arg); // Sanitize Input $user_name = sanitize_Slug($user_name); if (empty($user_name)) { $mode = M_ERROR; } if ($arg_count > 0) { $arg[0] = sanitize_Slug($arg[0]); if (empty($arg[0])) { $mode = M_ERROR; } } $user = []; $item = []; $meta = []; $config = []; $back_url = ""; if ($mode > 0) { // Item Mode // if ($arg_count > 0) { $user = node_GetUserBySlug($user_name); if (empty($user)) { $mode = M_NO_USER;