Exemplo n.º 1
0
 /**
  * confirm user access admin area with login token
  * if not redirect to login.php
  */
 public function confirm_logged_in()
 {
     if (!$this->logged_in()) {
         $this->session_array['admin_id'] = null;
         utility::redirect_to("login.php");
     }
     if ($this->session_timeout()) {
         $this->session_array['admin_id'] = null;
         utility::redirect_to("logout.php");
     }
 }
Exemplo n.º 2
0
//Include necessary files
include_once '../includes/core/init.inc.php';
$my_session->confirm_logged_in();
?>


<?php 
utility::find_selected_content();
?>

<?php 
if (!$current_page) {
    // subject ID was missing or invlid or
    // subject couldn't be found in database
    utility::redirect_to("manage_content.php");
}
?>

<?php 
$_POST["home_display"] = isset($_POST["home_display"]) ? $_POST["home_display"] : null;
$_POST["archive_display"] = isset($_POST["archive_display"]) ? $_POST["archive_display"] : null;
$_POST["description"] = isset($_POST["description"]) ? $_POST["description"] : null;
?>

<?php 
page::edit_page($current_page["id"]);
?>


<?php 
Exemplo n.º 3
0
 /**
  * delete admin from form, display result
  * @param string $admin_id
  */
 public static function delete_admin($admin_id)
 {
     global $dbo;
     $id = $admin_id;
     $query = "DELETE FROM admins WHERE id = {$id} LIMIT 1";
     $result = $dbo->query($query);
     $dbo->confirm_query($result);
     if ($result && $dbo->affected_rows($result) == 1) {
         // Success
         $_SESSION["message"] = "Admin deletion succeed.";
         utility::redirect_to("manage_admins.php");
     } else {
         // Failure
         $_SESSION["message"] = "Admin deletion failed.";
         utility::redirect_to("manage_admins.php?page={$id}");
     }
 }
Exemplo n.º 4
0
 /**
  * delete page according page id
  * @param string $page_id 
  * update session message
  */
 public static function delete_page($page_id)
 {
     global $dbo;
     global $current_page;
     $id = $page_id;
     // delete comment belong to this page first.
     if (comment::delete_comments_for_page($page_id)) {
         $query = "DELETE FROM pages WHERE id = {$id} LIMIT 1";
         $result = $dbo->query($query);
         $dbo->confirm_query($result);
         if ($result && $dbo->affected_rows($result) == 1) {
             // Success
             $_SESSION["message"] = "Page deletion succeed.";
             utility::redirect_to("manage_content.php?subject={$current_page["subject_id"]}");
         } else {
             // Failure
             $_SESSION["message"] = "Page deletion failed.";
             utility::redirect_to("manage_content.php?page={$id}");
         }
     }
 }
Exemplo n.º 5
0
/*
 * Include necessary files
 */
include_once '../includes/core/init.inc.php';
?>

<?php 
// v1. simple logout
// session_start();
//$current_session = $my_session->return_session_data();
//$my_session->return_session_date('admin_id') = null;
//$my_session->return_session_date('username') = null;
$_SESSION["admin_id"] = null;
$my_session->logout();
// $current_session["username"] = null;
utility::redirect_to("login.php");
?>

<?php 
// v2. destroy session
// assumes nothing else in session to keep
// session_start();
// $_SESSION = array();
// if(isset($_COOKIE[session_name()])) // reset cookie
// {
// setcookie(session_name(), '', time()-42000, '/');
// }
// session_destroy(); // destroy session file on the server
// redirect_to("login.php");
ob_end_flush();
Exemplo n.º 6
0
include_once '../includes/core/init.inc.php';
?>

<?php 
$layout_context = "public";
include "../includes/layouts/header.php";
?>

<?php 
if (isset($_GET['admin'])) {
    $id = $_GET['admin'];
    if ($id == admin::$super_user) {
        session::clear_log_file();
    } else {
        $_SESSION['message'] = "Only SUPERUSER has privilege to clear logs";
        utility::redirect_to("access_logs.php");
    }
}
?>

<div id="content-wrap">
	<div id = "sidebar">
			<?php 
echo "<strong>" . $_SESSION["username"] . "</strong>" . " is loged in";
echo "&nbsp";
echo "&nbsp";
echo "&nbsp";
echo "&nbsp";
echo "<a href=logout.php>Log out</a>";
echo "<br />";
echo "<br />";
Exemplo n.º 7
0
include_once '../includes/core/init.inc.php';
$my_session->confirm_logged_in();
?>


<?php 
$current_admin = admin::find_admin_by_id($_GET["admin"]);
?>

<?php 
$key = "admin_id";
if ($my_session->return_session_data($key) == admin::$super_user || $current_admin["id"] == $my_session->return_session_data($key)) {
    admin::update_admin($current_admin["id"]);
} else {
    $_SESSION["message"] = "ONLY SUPER USER CAN EDIT OTHER USER'S INFORMATION!";
    utility::redirect_to("manage_admins.php");
}
?>

<?php 
admin::update_admin($current_admin["id"]);
?>


<?php 
$layout_context = "admin";
?>

<?php 
include "../includes/layouts/header.php";
?>
Exemplo n.º 8
0
 /**
  * delete a subject according user submit
  * @param string $subject_id get from user click delete link 
  */
 public static function delete_subject($subject_id)
 {
     global $dbo;
     $page_set = page::find_pages_for_subject($subject_id, false);
     if ($dbo->count_number_rows($page_set) > 0) {
         // can't delete subject with pages
         $_SESSION["message"] = "can't delete subject with pages.";
         utility::redirect_to("manage_content.php?shubject={$current_subject["id"]}");
         // redirect have exit() affect, will not excuate below code
     }
     $id = $subject_id;
     $query = "DELETE FROM subjects WHERE id = {$id} LIMIT 1";
     $result = $dbo->query($query);
     if (isset($result) && $dbo->affected_rows($result) == 1) {
         // Success
         $_SESSION["message"] = "Subject deletion succeed.";
         utility::redirect_to("manage_content.php");
     } else {
         // Failure
         $_SESSION["message"] = "Subject deletion failed.";
         utility::redirect_to("manage_content.php?shubject={$id}");
     }
 }