query('SELECT * FROM users');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['username'] == htmlspecialchars($_SESSION['username']) && htmlspecialchars($_SESSION['username']) != "" && $line['password'] == htmlspecialchars($_SESSION['password']) && htmlspecialchars($_SESSION['password']) != "" && $line['usertype'] == 2) {
$Authorized = 1;
$Primary = $line['primaryadmin'];
break;
}
}
// not authorized
if ($Authorized != 1) {
header('Location: /');
die();
}
$html = "";
$html = printHeader($html, 0);
$html .= "\t\t\t
Page manager \n";
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t
\n";
if ($Action == "write") {
$html .= "\t\t\t\t\t\tWrite \n";
} else {
$html .= "\t\t\t\t\t\tWrite \n";
}
if ($Action == "attachments") {
$html .= "\t\t\t\t\t\tAttachments \n";
} else {
$html .= "\t\t\t\t\t\tAttachments \n";
}
if ($Action == "articles") {
$html .= "\t\t\t\t\t\tArticles \n";
} else {
$html .= "\t\t\t\t\t\tArticles \n";
}
if ($Action == "requests") {
$html .= "\t\t\t\t\t\tRequests \n";
} else {
$html .= "\t\t\t\t\t\tRequests \n";
}
$html .= "\t\t\t\t\t \n";
$html .= "\t\t\t\t
\n";
if ($Action == "write") {
$defaultText = "@csgen.title = \"Unicorns & Lollipops\";\n@csgen.description = \"My description\";\n@csgen.date = \"1970-01-01\";\n@csgen.allowComments = \"true\";\n\nHello world!";
$defaultEndpoint = "";
$DatabaseQuery = $Database->query('SELECT * FROM pages');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['id'] == $postID && $postID != -1) {
$theFile = $line['file'];
if (file_exists($theFile)) {
$defaultText = file_get_contents($theFile);
}
$defaultEndpoint = $line['endpoint'];
break;
}
}
if ($History == "true") {
$DatabaseQuery = $Database->query('SELECT * FROM history');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['id'] == $postID && $postID != -1) {
$theFile = $line['file'];
if (file_exists($theFile)) {
$defaultText = file_get_contents($theFile);
}
$defaultEndpoint = $line['endpoint'];
$postID = $line['pageid'];
break;
}
}
}
if ($Request == "true") {
$DatabaseQuery = $Database->query('SELECT * FROM requests');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['id'] == $postID && $postID != -1) {
$theFile = $line['file'];
if (file_exists($theFile)) {
$defaultText = file_get_contents($theFile);
}
$defaultEndpoint = $line['endpoint'];
$postID = $line['pageid'];
break;
}
}
}
$html .= "\t\t\t\tWarning: Switching tab will delete changes made to the Markdown document. Press 'Save' to avoid this.
\n";
if ($postID == -1) {
$html .= "\t\t\t\t\n";
// add history button if we're editing an existing page
if ($defaultEndpoint != "") {
$html .= "\t\t\t\t\t\tHistory \n";
}
// handle errors
if ($Error == "endpoint") {
$html .= "\t\t\t\tYou must specify a valid endpoint (e.g. /blog/article1)
\n";
} else if ($Error == "file") {
$html .= "\t\t\t\tFailed to upload file.
\n";
} else if ($Error == "ofile") {
$html .= "\t\t\t\tFailed to back up file, aborting.
\n";
} else if ($Error == "exists") {
$html .= "\t\t\t\tA file with this endpoint already exists.
\n";
} else if ($Error == "saved") { // not actually an error but i don't want to make this too complicated
$Date = date($dateFormat) . " at " . date($timeFormat);
$html .= "\t\t\t\t$Date: Page at endpoint '$defaultEndpoint' saved.
\n";
}
} else if ($Action == "attachments") {
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t \n";
$html .= "\t\t\t\t\t \n";
$html .= "\t\t\t\t \n";
$attachments = array();
if (is_dir($attachmentLocation)) {
$attachments = scandir($attachmentLocation);
}
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t \n";
$html .= "\t\t\t\t\t \n";
$html .= "\t\t\t\t\t\n";
foreach ($attachments as $index => $file) {
if ($file == "." || $file == "..") {
continue;
}
$html .= "\t\t\t\t\t \n";
$html .= "\t\t\t\t\t\t$file \n";
$html .= "\t\t\t\t\t\t\n";
$html .= "\t\t\t\t\t \n";
}
$html .= "\t\t\t\t
\n";
// handle errors
if ($Error == "endpoint") {
$html .= "\t\t\t\tYou must specify a valid endpoint (e.g. /blog/article1)
\n";
} else if ($Error == "file") {
$html .= "\t\t\t\tFailed to upload file.
\n";
} else if ($Error == "ofile") {
$html .= "\t\t\t\tFailed to back up file, aborting.
\n";
} else if ($Error == "exists") {
$html .= "\t\t\t\tA file with this endpoint already exists.
\n";
}
} else if ($Action == "history") {
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\tUser \n";
$html .= "\t\t\t\t\t\tDate \n";
$html .= "\t\t\t\t\t\tLocation \n";
$html .= "\t\t\t\t\t\tFile \n";
$html .= "\t\t\t\t\t \n";
$DatabaseQuery = $Database->query('SELECT * FROM history');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['pageid'] != $postID) {
continue;
}
$ID = $line['id'];
$Username = $line['username'];
$Date = $line['date'];
$Endpoint = $line['endpoint'];
$File = $line['file'];
$baseFile = basename($File);
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t$Username \n";
$html .= "\t\t\t\t\t\t$Date \n";
$html .= "\t\t\t\t\t\t$Endpoint \n";
$html .= "\t\t\t\t\t\t$baseFile \n";
$html .= "\t\t\t\t\t\tRestore \n";
$html .= "\t\t\t\t\t\tRemove \n";
$html .= "\t\t\t\t\t \n";
}
$html .= "\t\t\t\t
\n";
} else if ($Action == "articles") {
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\tID \n";
$html .= "\t\t\t\t\t\tUser \n";
$html .= "\t\t\t\t\t\tDate \n";
$html .= "\t\t\t\t\t\tLocation \n";
$html .= "\t\t\t\t\t\tFile \n";
$html .= "\t\t\t\t\t \n";
$DatabaseQuery = $Database->query('SELECT * FROM pages');
while ($line = $DatabaseQuery->fetchArray()) {
$ID = $line['id'];
$Username = $line['username'];
$Date = $line['date'];
$Endpoint = $line['endpoint'];
$File = $line['file'];
$baseFile = basename($File);
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t$ID \n";
$html .= "\t\t\t\t\t\t$Username \n";
$html .= "\t\t\t\t\t\t$Date \n";
$html .= "\t\t\t\t\t\t$Endpoint \n";
$html .= "\t\t\t\t\t\t$baseFile \n";
$html .= "\t\t\t\t\t\tEdit \n";
$html .= "\t\t\t\t\t\t\n";
$html .= "\t\t\t\t\t \n";
}
$html .= "\t\t\t\t
\n";
// handle errors
if ($Error == "endpoint") {
$html .= "\t\t\t\tYou must specify a valid endpoint (e.g. /blog/article1)
\n";
} else if ($Error == "file") {
$html .= "\t\t\t\tFailed to upload file.
\n";
} else if ($Error == "ofile") {
$html .= "\t\t\t\tFailed to back up file, aborting.
\n";
} else if ($Error == "exists") {
$html .= "\t\t\t\tA file with this endpoint already exists.
\n";
}
} else if ($Action == "requests") {
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\tUser \n";
$html .= "\t\t\t\t\t\tDate \n";
$html .= "\t\t\t\t\t\tMessage \n";
$html .= "\t\t\t\t\t\tLocation \n";
$html .= "\t\t\t\t\t\tFile \n";
$html .= "\t\t\t\t\t \n";
$DatabaseQuery = $Database->query('SELECT * FROM requests');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['pageid'] != $postID) {
continue;
}
$ID = $line['id'];
$Username = $line['username'];
$Message = $line['message'];
$Date = $line['date'];
$Endpoint = $line['endpoint'];
$File = $line['file'];
$baseFile = basename($File);
$Message = truncateText($Message, 50);
if ($Message == "") {
$Message = "No message specified.";
}
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t$Username \n";
$html .= "\t\t\t\t\t\t$Date \n";
$html .= "\t\t\t\t\t\t$Message \n";
$html .= "\t\t\t\t\t\t$Endpoint \n";
$html .= "\t\t\t\t\t\t$baseFile \n";
$html .= "\t\t\t\t\t\tView changes \n";
$html .= "\t\t\t\t\t\tDeny \n";
$html .= "\t\t\t\t\t \n";
}
$html .= "\t\t\t\t
\n";
}
$html = printFooter($html);
print "$html";
?>