query('SELECT * FROM users');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['username'] == htmlspecialchars($_SESSION['username']) && htmlspecialchars($_SESSION['username']) != "" && $line['password'] == htmlspecialchars($_SESSION['password']) && htmlspecialchars($_SESSION['password']) != "" && $line['usertype'] == 2) {
$Authorized = 1;
$Primary = $line['primaryadmin'];
break;
}
}
// not authorized
if ($Authorized != 1) {
header('Location: /');
die();
}
$html = "";
$html = printHeader($html, 0);
$html .= "\t\t\tPage manager
\n";
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t
\n";
if ($Action == "write") {
$html .= "\t\t\t\t\t\tWrite\n";
} else {
$html .= "\t\t\t\t\t\tWrite\n";
}
if ($Action == "attachments") {
$html .= "\t\t\t\t\t\tAttachments\n";
} else {
$html .= "\t\t\t\t\t\tAttachments\n";
}
if ($Action == "articles") {
$html .= "\t\t\t\t\t\tArticles\n";
} else {
$html .= "\t\t\t\t\t\tArticles\n";
}
if ($Action == "requests") {
$html .= "\t\t\t\t\t\tRequests\n";
} else {
$html .= "\t\t\t\t\t\tRequests\n";
}
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t
Switching tab will delete changes made to the Markdown document. Press 'Save' to avoid this.
\n";
$html .= "\t\t\t\t\n";
if ($postID == -1) {
$html .= "\t\t\t\t\n";
// add history button if we're editing an existing page
if ($defaultEndpoint != "") {
$html .= "\t\t\t\t\t\tHistory\n";
}
// handle errors
if ($Error == "endpoint") {
$html .= "\t\t\t\tYou must specify a valid endpoint (e.g. /blog/article1)
\n";
} else if ($Error == "file") {
$html .= "\t\t\t\tFailed to upload file.
\n";
} else if ($Error == "ofile") {
$html .= "\t\t\t\tFailed to back up file, aborting.
\n";
} else if ($Error == "exists") {
$html .= "\t\t\t\tA file with this endpoint already exists.
\n";
} else if ($Error == "saved") { // not actually an error but i don't want to make this too complicated
$Date = date($dateFormat) . " at " . date($timeFormat);
$html .= "\t\t\t\t$Date: Your changes have been saved.
\n";
}
} else if ($Action == "attachments") {
$html .= "\t\t\t\t\n";
$attachments = array();
if (is_dir($attachmentLocation)) {
$attachments = scandir($attachmentLocation);
}
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t | \n";
$html .= "\t\t\t\t\t
\n";
$html .= "\t\t\t\t\t\n";
foreach ($attachments as $index => $file) {
if ($file == "." || $file == "..") {
continue;
}
$html .= "\t\t\t\t\t
\n";
$html .= "\t\t\t\t\t\t| $file | \n";
$html .= "\t\t\t\t\t\t\n";
$html .= "\t\t\t\t\t
\n";
}
$html .= "\t\t\t\t
\n";
// handle errors
if ($Error == "endpoint") {
$html .= "\t\t\t\tYou must specify a valid endpoint (e.g. /blog/article1)
\n";
} else if ($Error == "file") {
$html .= "\t\t\t\tFailed to upload file.
\n";
} else if ($Error == "ofile") {
$html .= "\t\t\t\tFailed to back up file, aborting.
\n";
} else if ($Error == "exists") {
$html .= "\t\t\t\tA file with this endpoint already exists.
\n";
}
} else if ($Action == "history") {
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t| User | \n";
$html .= "\t\t\t\t\t\tDate | \n";
$html .= "\t\t\t\t\t\tLocation | \n";
$html .= "\t\t\t\t\t\tFile | \n";
$html .= "\t\t\t\t\t
\n";
$DatabaseQuery = $Database->query('SELECT * FROM history');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['pageid'] != $postID) {
continue;
}
$ID = $line['id'];
$Username = $line['username'];
$Date = $line['date'];
$Endpoint = $line['endpoint'];
$File = $line['file'];
$baseFile = basename($File);
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t| $Username | \n";
$html .= "\t\t\t\t\t\t$Date | \n";
$html .= "\t\t\t\t\t\t$Endpoint | \n";
$html .= "\t\t\t\t\t\t$baseFile | \n";
$html .= "\t\t\t\t\t\tRestore | \n";
$html .= "\t\t\t\t\t\tRemove | \n";
$html .= "\t\t\t\t\t
\n";
}
$html .= "\t\t\t\t
\n";
} else if ($Action == "articles") {
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t| ID | \n";
$html .= "\t\t\t\t\t\tUser | \n";
$html .= "\t\t\t\t\t\tDate | \n";
$html .= "\t\t\t\t\t\tLocation | \n";
$html .= "\t\t\t\t\t\tFile | \n";
$html .= "\t\t\t\t\t
\n";
$DatabaseQuery = $Database->query('SELECT * FROM pages');
while ($line = $DatabaseQuery->fetchArray()) {
$ID = $line['id'];
$Username = $line['username'];
$Date = $line['date'];
$Endpoint = $line['endpoint'];
$File = $line['file'];
$baseFile = basename($File);
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t| $ID | \n";
$html .= "\t\t\t\t\t\t$Username | \n";
$html .= "\t\t\t\t\t\t$Date | \n";
$html .= "\t\t\t\t\t\t$Endpoint | \n";
$html .= "\t\t\t\t\t\t$baseFile | \n";
$html .= "\t\t\t\t\t\tEdit | \n";
$html .= "\t\t\t\t\t\t\n";
$html .= "\t\t\t\t\t
\n";
}
$html .= "\t\t\t\t
\n";
// handle errors
if ($Error == "endpoint") {
$html .= "\t\t\t\tYou must specify a valid endpoint (e.g. /blog/article1)
\n";
} else if ($Error == "file") {
$html .= "\t\t\t\tFailed to upload file.
\n";
} else if ($Error == "ofile") {
$html .= "\t\t\t\tFailed to back up file, aborting.
\n";
} else if ($Error == "exists") {
$html .= "\t\t\t\tA file with this endpoint already exists.
\n";
}
} else if ($Action == "requests") {
$html .= "\t\t\t\t\n";
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t| User | \n";
$html .= "\t\t\t\t\t\tDate | \n";
$html .= "\t\t\t\t\t\tMessage | \n";
$html .= "\t\t\t\t\t\tLocation | \n";
$html .= "\t\t\t\t\t\tFile | \n";
$html .= "\t\t\t\t\t
\n";
$DatabaseQuery = $Database->query('SELECT * FROM requests');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['pageid'] != $postID) {
continue;
}
$ID = $line['id'];
$Username = $line['username'];
$Message = $line['message'];
$Date = $line['date'];
$Endpoint = $line['endpoint'];
$File = $line['file'];
$baseFile = basename($File);
$Message = truncateText($Message, 50);
if ($Message == "") {
$Message = "No message specified.";
}
$html .= "\t\t\t\t\t\n";
$html .= "\t\t\t\t\t\t| $Username | \n";
$html .= "\t\t\t\t\t\t$Date | \n";
$html .= "\t\t\t\t\t\t$Message | \n";
$html .= "\t\t\t\t\t\t$Endpoint | \n";
$html .= "\t\t\t\t\t\t$baseFile | \n";
$html .= "\t\t\t\t\t\tView changes | \n";
$html .= "\t\t\t\t\t\tDeny | \n";
$html .= "\t\t\t\t\t
\n";
}
$html .= "\t\t\t\t
\n";
}
$html = printFooter($html);
print "$html";
?>