/**
* confirm user access admin area with login token
* if not redirect to login.php
*/
public function confirm_logged_in()
{
if (!$this->logged_in()) {
$this->session_array['admin_id'] = null;
utility::redirect_to("login.php");
}
if ($this->session_timeout()) {
$this->session_array['admin_id'] = null;
utility::redirect_to("logout.php");
}
}
//Include necessary files
include_once '../includes/core/init.inc.php';
$my_session->confirm_logged_in();
?>
<?php
utility::find_selected_content();
?>
<?php
if (!$current_page) {
// subject ID was missing or invlid or
// subject couldn't be found in database
utility::redirect_to("manage_content.php");
}
?>
<?php
$_POST["home_display"] = isset($_POST["home_display"]) ? $_POST["home_display"] : null;
$_POST["archive_display"] = isset($_POST["archive_display"]) ? $_POST["archive_display"] : null;
$_POST["description"] = isset($_POST["description"]) ? $_POST["description"] : null;
?>
<?php
page::edit_page($current_page["id"]);
?>
<?php
/**
* delete admin from form, display result
* @param string $admin_id
*/
public static function delete_admin($admin_id)
{
global $dbo;
$id = $admin_id;
$query = "DELETE FROM admins WHERE id = {$id} LIMIT 1";
$result = $dbo->query($query);
$dbo->confirm_query($result);
if ($result && $dbo->affected_rows($result) == 1) {
// Success
$_SESSION["message"] = "Admin deletion succeed.";
utility::redirect_to("manage_admins.php");
} else {
// Failure
$_SESSION["message"] = "Admin deletion failed.";
utility::redirect_to("manage_admins.php?page={$id}");
}
}
/**
* delete page according page id
* @param string $page_id
* update session message
*/
public static function delete_page($page_id)
{
global $dbo;
global $current_page;
$id = $page_id;
// delete comment belong to this page first.
if (comment::delete_comments_for_page($page_id)) {
$query = "DELETE FROM pages WHERE id = {$id} LIMIT 1";
$result = $dbo->query($query);
$dbo->confirm_query($result);
if ($result && $dbo->affected_rows($result) == 1) {
// Success
$_SESSION["message"] = "Page deletion succeed.";
utility::redirect_to("manage_content.php?subject={$current_page["subject_id"]}");
} else {
// Failure
$_SESSION["message"] = "Page deletion failed.";
utility::redirect_to("manage_content.php?page={$id}");
}
}
}
/*
* Include necessary files
*/
include_once '../includes/core/init.inc.php';
?>
<?php
// v1. simple logout
// session_start();
//$current_session = $my_session->return_session_data();
//$my_session->return_session_date('admin_id') = null;
//$my_session->return_session_date('username') = null;
$_SESSION["admin_id"] = null;
$my_session->logout();
// $current_session["username"] = null;
utility::redirect_to("login.php");
?>
<?php
// v2. destroy session
// assumes nothing else in session to keep
// session_start();
// $_SESSION = array();
// if(isset($_COOKIE[session_name()])) // reset cookie
// {
// setcookie(session_name(), '', time()-42000, '/');
// }
// session_destroy(); // destroy session file on the server
// redirect_to("login.php");
ob_end_flush();
include_once '../includes/core/init.inc.php';
?>
<?php
$layout_context = "public";
include "../includes/layouts/header.php";
?>
<?php
if (isset($_GET['admin'])) {
$id = $_GET['admin'];
if ($id == admin::$super_user) {
session::clear_log_file();
} else {
$_SESSION['message'] = "Only SUPERUSER has privilege to clear logs";
utility::redirect_to("access_logs.php");
}
}
?>
<div id="content-wrap">
<div id = "sidebar">
<?php
echo "<strong>" . $_SESSION["username"] . "</strong>" . " is loged in";
echo " ";
echo " ";
echo " ";
echo " ";
echo "<a href=logout.php>Log out</a>";
echo "<br />";
echo "<br />";
include_once '../includes/core/init.inc.php';
$my_session->confirm_logged_in();
?>
<?php
$current_admin = admin::find_admin_by_id($_GET["admin"]);
?>
<?php
$key = "admin_id";
if ($my_session->return_session_data($key) == admin::$super_user || $current_admin["id"] == $my_session->return_session_data($key)) {
admin::update_admin($current_admin["id"]);
} else {
$_SESSION["message"] = "ONLY SUPER USER CAN EDIT OTHER USER'S INFORMATION!";
utility::redirect_to("manage_admins.php");
}
?>
<?php
admin::update_admin($current_admin["id"]);
?>
<?php
$layout_context = "admin";
?>
<?php
include "../includes/layouts/header.php";
?>
/**
* delete a subject according user submit
* @param string $subject_id get from user click delete link
*/
public static function delete_subject($subject_id)
{
global $dbo;
$page_set = page::find_pages_for_subject($subject_id, false);
if ($dbo->count_number_rows($page_set) > 0) {
// can't delete subject with pages
$_SESSION["message"] = "can't delete subject with pages.";
utility::redirect_to("manage_content.php?shubject={$current_subject["id"]}");
// redirect have exit() affect, will not excuate below code
}
$id = $subject_id;
$query = "DELETE FROM subjects WHERE id = {$id} LIMIT 1";
$result = $dbo->query($query);
if (isset($result) && $dbo->affected_rows($result) == 1) {
// Success
$_SESSION["message"] = "Subject deletion succeed.";
utility::redirect_to("manage_content.php");
} else {
// Failure
$_SESSION["message"] = "Subject deletion failed.";
utility::redirect_to("manage_content.php?shubject={$id}");
}
}