<?php
// [nyxIn/admin/galleries_customization.php]
//
// This file deals with the management of the staff. Staff accounts are
// created, renamed and deleted here.
//
// Anti-Exploit Check
if (!isset($_COOKIE['nyxIn_Admin']['id'])) {
die;
}
if (nyxInRequirePermissions(array('manage_staff')) == true) {
?>
<h2>Manage Staff</h2>
<?php
if ($nyxIn_Admin_Action == "create_staff") {
if (isset($_POST['staff_account_username']) && $_POST['staff_account_username'] != "") {
$staff_account_username = $nyxIn['db']->real_escape_string($_POST['staff_account_username']);
} else {
$fail = 1;
}
if (isset($_POST['staff_account_password']) && $_POST['staff_account_password'] != "") {
$staff_account_password = $nyxIn['db']->real_escape_string($_POST['staff_account_password']);
$staff_account_password = sha1($staff_account_password);
} else {
$fail = 1;
}
if (isset($_POST['staff_account_class_id']) && $_POST['staff_account_class_id'] != "") {
$staff_account_class_id = $nyxIn['db']->real_escape_string($_POST['staff_account_class_id']);
} else {
$fail = 1;
<?php
// [nyxIn/admin/gallery_organization.php]
//
// This file deals with organization and display of pictures in a gallery.
//
// Anti-Exploit Check
if (!isset($_COOKIE['nyxIn_Admin']['id'])) {
die;
}
if (nyxInRequirePermissions(array('gallery_organization'))) {
?>
<h2>Image Organization</h2>
<?php
$gallery_id = 0;
if ($nyxIn_Admin_Action == "select_gallery") {
if (isset($_POST['gallery_id']) && $_POST['gallery_id'] != "") {
$gallery_id = $_POST['gallery_id'];
} else {
$fail = 1;
}
} else {
if ($nyxIn_Admin_Action == "organize_gallery") {
if (isset($_POST['gallery_id']) && $_POST['gallery_id'] != "") {
$gallery_id = $_POST['gallery_id'];
} else {
$fail = 1;
}
if (isset($_POST['organized_images']) && $_POST['organized_images'] != "") {
$organized_images = $_POST['organized_images'];
} else {
<?php
// [nyxIn/admin/reset.php]
//
// This file let's an Administrator reset the nyxIn Gallery with ease.
// This file is preferably used after the Administrator has familiarized
// with nyxIn's UI and is in the need to reset the installation in order
// to prepare for an actual Gallery. This file has proven itself useful
// during the development of nyxIn.
//
// Anti-Exploit Check
if (!isset($_COOKIE['nyxIn_Admin']['id'])) {
die;
}
if (nyxInRequirePermissions(array('reset'))) {
?>
<h2>Reset</h2>
<?php
if ($nyxIn_Admin_Action == "reset_images") {
if (isset($_POST['password_check']) && $_POST['password_check'] != "") {
$password_check = sha1($_POST['password_check']);
$nyxQuery_SelectStaff = $nyxIn['db']->query("SELECT * FROM " . $nyxIn['db_prefix'] . "staff WHERE username='******'nyxIn_Admin']['username'] . "' AND password_hash='{$password_check}'") or die($nyxIn['db']->error);
if ($nyxQuery_SelectStaff->num_rows == 1) {
} else {
$fail = 1;
}
} else {
$fail = 1;
}
if ($fail == 0) {
$nyxIn['db']->query("TRUNCATE " . $nyxIn['db_prefix'] . "images") or die($nyxIn['db']->error);
<?php
// [nyxIn/admin/moderate_images.php]
//
// This file allows staff members to moderate the uploaded images. Most
// of this file is powered by Javascript. This file is important if the
// perference [Moderated Image Only] is set to 1.
//
// Anti-Exploit Check
if (!isset($_COOKIE['nyxIn_Admin']['id'])) {
die;
}
if (nyxInRequirePermissions(array('moderate_images'))) {
?>
<h2>Moderate Images</h2>
<?php
$gallery_id = 0;
if ($nyxIn_Admin_Action == "moderate") {
if (isset($_POST['moderate_image']) && $_POST['moderate_image'] != "") {
$moderate_images = $_POST['moderate_image'];
} else {
$fail = 1;
}
if ($fail == 0) {
foreach ($moderate_images as $image_id => $moderate_status) {
if ($moderate_status == 0) {
} else {
if ($moderate_status == 1) {
$nyxIn['db']->query("UPDATE " . $nyxIn['db_prefix'] . "images SET moderation_status='1' WHERE id='{$image_id}'") or die($nyxIn['db']->error);
} else {
if ($moderate_status == 2) {
<?php
// [nyxIn/admin/galleries_management.php]
//
// This file deals with the management of the Gallery as a whole, and
// not the individual galleries themselves. Galleries are created,
// renamed, moved and deleted here.
//
// Anti-Exploit Check
if (!isset($_COOKIE['nyxIn_Admin']['id'])) {
die;
}
if (nyxInRequirePermissions(array('galleries_management'))) {
?>
<h2>Galleries Management</h2>
<?php
if ($nyxIn_Admin_Action == "create_gallery") {
if (isset($_POST['parent_id']) && $_POST['parent_id'] != "") {
$parent_id = $nyxIn['db']->real_escape_string($_POST['parent_id']);
} else {
$fail = 1;
}
if (isset($_POST['galleries_name']) && $_POST['galleries_name'] != "") {
$galleries_name = $nyxIn['db']->real_escape_string($_POST['galleries_name']);
} else {
$fail = 1;
}
if ($fail == 0) {
$nyxIn['db']->query("INSERT INTO " . $nyxIn['db_prefix'] . "galleries (parent_id, name, thumbnail) VALUES('{$parent_id}','{$galleries_name}', '')") or die($nyxIn['db']->error);
}
} else {
<?php
// [nyxIn/admin/galleries_customization.php]
//
// This file deals with the management of the Gallery as a whole, and
// not the individual galleries themselves. Galleries are created,
// renamed, moved and deleted here.
//
// Anti-Exploit Check
if (!isset($_COOKIE['nyxIn_Admin']['id'])) {
die;
}
if (nyxInRequirePermissions(array('gallery_customization'))) {
?>
<h2>Gallery Customization</h2>
<?php
$gallery_id = 0;
if ($nyxIn_Admin_Action == "select_gallery") {
if (isset($_POST['gallery_id']) && $_POST['gallery_id'] != "") {
$gallery_id = $_POST['gallery_id'];
} else {
$fail = 1;
}
} else {
if ($nyxIn_Admin_Action == "customize_gallery") {
if (isset($_POST['gallery_id']) && $_POST['gallery_id'] != "") {
$gallery_id = $_POST['gallery_id'];
} else {
$fail = 1;
}
if (isset($_POST['gallery_name']) && $_POST['gallery_name'] != "") {
<?php
// [nyxIn/admin/upload.php]
//
// This file deals with the forms for the uploading of images. The
// used was the File Uploader by Andrew Valums. His Github can
// be found here: https://github.com/valums and the page for the file
// uploader can be found on https://github.com/valums/file-uploader.
//
// Anti-Exploit Check
if(!isset($_COOKIE['nyxIn_Admin']['id'])) {
die();
}
if(nyxInRequirePermissions(array('upload'))) {
?>
<h2>Upload Pictures</h2>
<script src="admin/upload_assets/fileuploader.js" type="text/javascript"></script>
<link href="admin/upload_assets/fileuploader.css" rel="stylesheet" type="text/css">
<div id="nyxIn_Admin_Content">
<script>
function createUploader(gallery_id, gallery_name, hasSubGroups){
var uploader = new qq.FileUploader({
nyxInID: gallery_id,
nyxInHeading: gallery_name,
nyxhasSubGroups: hasSubGroups,
element: document.getElementById('nyxIn-upload_'+gallery_id),
action: 'uploadHandler.php?gallery_id='+gallery_id,
debug: true
});
}
<?php
// [nyxIn/admin/preferences.php]
//
// This file deals with the main preferences of the Gallery. Preferably,
// only an Administrator should be allowed to access this file.
// Maintenance Mode, the Number of Columns and Moderated Image Only along
// with other incredibly important variables can be changed here.
//
// Anti-Exploit Check
if (!isset($_COOKIE['nyxIn_Admin']['id'])) {
die;
}
if (nyxInRequirePermissions(array('preferences'))) {
?>
<h2>Preferences</h2>
<?php
if ($nyxIn_Admin_Action == "update_preferences") {
if (isset($_POST['preferences'])) {
$preferences = $_POST['preferences'];
} else {
$fail = 1;
}
if ($fail == 0) {
foreach ($preferences as $preference_id => $value) {
$nyxIn['db']->query("UPDATE " . $nyxIn['db_prefix'] . "preferences SET value='{$value}' WHERE id='{$preference_id}'") or die($nyxIn['db']->error);
}
}
}
?>
<div id="nyxIn_Admin_Content">
<?php
// [nyxIn/admin/manage_staff_classes.php]
//
// This file deals with the management of the staff classes, mainly,
// permissions are set here.
//
// Anti-Exploit Check
if(!isset($_COOKIE['nyxIn_Admin']['id'])) {
die();
}
if(nyxInRequirePermissions(array('manage_staff_classes'))) {
?>
<h2>Manage Staff Classes</h2>
<?php
$class_id = 0;
if($nyxIn_Admin_Action=="create_class") {
if(isset($_POST['permission_count'])&&($_POST['permission_count']!="")) {
$permission_count = $_POST['permission_count'];
} else {
$fail = 1;
}
if(isset($_POST['class_name'])&&($_POST['class_name']!="")) {
$class_name = $_POST['class_name'];
} else {
$fail = 1;
}
if($fail==0) {
