diff --git a/admin.php b/admin.php
index 3af65a5..793b182 100644
--- a/admin.php
+++ b/admin.php
@@ -8,6 +8,7 @@ include "core.php";
include "config.php";
include "create-table.php";
+$Action = "";
$Authorized = 0;
$Primary = 0;
@@ -19,6 +20,12 @@ if (!isset($_COOKIE[$cookieName]) || !isset($_COOKIE[$cookieTypeName])) {
die();
}
+if (!isset($_REQUEST['action'])) {
+ $Action = "files";
+} else {
+ $Action = $_REQUEST['action'];
+}
+
// in case admin keys are disabled
if (!$enableAdminKeys || $enableAdminKeys == "false") {
header('Location: /');
@@ -45,6 +52,178 @@ if ($Authorized != 1) {
$html = "";
$html = printHeader($html);
+$html .= "\t\t\t
Administrator panel
\n";
+$html .= "\t\t\t\t\n";
+$html .= "\t\t\t\t\t
\n";
+
+if ($Action == "files") {
+ $html .= "\t\t\t\t\t\tFiles\n";
+} else {
+ $html .= "\t\t\t\t\t\tFiles\n";
+}
+
+if ($Action == "keys") {
+ $html .= "\t\t\t\t\t\tKeys\n";
+} else {
+ $html .= "\t\t\t\t\t\tKeys\n";
+}
+
+$html .= "\t\t\t\t\t\n";
+$html .= "\t\t\t\t
\n";
+
+if ($Action == "files") {
+ $DatabaseQuery = $Database->query('SELECT * FROM uploads');
+
+ $html .= "\t\t\t\t\n";
+ $html .= "\t\t\t\t\t\n";
+ $html .= "\t\t\t\t\t\tID | \n";
+ $html .= "\t\t\t\t\t\tFilename | \n";
+ $html .= "\t\t\t\t\t\tUpload date | \n";
+ $html .= "\t\t\t\t\t\tKey ID | \n";
+ $html .= "\t\t\t\t\t\tKey type | \n";
+ $html .= "\t\t\t\t\t
\n";
+
+ while ($line = $DatabaseQuery->fetchArray()) {
+ $ID = $line['id'];
+ $Filename = $line['file'];
+ $uploadDate = $line['uploaddate'];
+ $keyID = $line['keyid'];
+
+ if ($line['keytype'] == 0) {
+ $keyType = "Key";
+ } else if ($line['keytype'] == 1) {
+ $keyType = "Temporary";
+ } else if ($line['keytype'] == 2) {
+ $keyType = "Administrator";
+ } else {
+ $keyType = "Unknown";
+ }
+
+ $html .= "\t\t\t\t\t\n";
+ $html .= "\t\t\t\t\t\t$ID | \n";
+ $html .= "\t\t\t\t\t\t$Filename | \n";
+ $html .= "\t\t\t\t\t\t$uploadDate | \n";
+ $html .= "\t\t\t\t\t\t$keyID | \n";
+ $html .= "\t\t\t\t\t\t$keyType | \n";
+
+ $html .= "\t\t\t\t\t
\n";
+ }
+
+ $html .= "\t\t\t\t
\n";
+} else if ($Action == "keys") {
+ $html .= "\t\t\t\tAdministrator keys are not visible.
\n";
+ $html .= "\t\t\t\t\n";
+ $html .= "\t\t\t\t\t\n";
+ $html .= "\t\t\t\t\t\tID | \n";
+ $html .= "\t\t\t\t\t\tKey | \n";
+ $html .= "\t\t\t\t\t\tUploads | \n";
+ $html .= "\t\t\t\t\t\tUploads left | \n";
+ $html .= "\t\t\t\t\t\tLast used | \n";
+ $html .= "\t\t\t\t\t\tIssued | \n";
+ $html .= "\t\t\t\t\t\tIP | \n";
+ $html .= "\t\t\t\t\t\tUser agent | \n";
+ $html .= "\t\t\t\t\t\tKey type | \n";
+ $html .= "\t\t\t\t\t
\n";
+
+ $DatabaseQuery = $Database->query('SELECT * FROM admins');
+ while ($line = $DatabaseQuery->fetchArray()) {
+ if ($Primary != 1) {
+ break;
+ }
+
+ $ID = $line['id'];
+ $Key = $line['key'];
+ $NumberOfUploads = $line['numberofuploads'];
+ $UploadsLeft = "";
+ $LastUsed = $line['lastused'];
+ $Issued = $line['issued'];
+ $IP = $line['ip'];
+ $UserAgent = $line['useragent'];
+
+ $keyType = "Administrator";
+ $UploadsLeft = "∞";
+
+ if ($line['primaryadmin'] == 1) {
+ $keyType = "Primary Administrator";
+ }
+
+ $html .= "\t\t\t\t\t\n";
+ $html .= "\t\t\t\t\t\t$ID | \n";
+ $html .= "\t\t\t\t\t\t$Key | \n";
+ $html .= "\t\t\t\t\t\t$NumberOfUploads | \n";
+ $html .= "\t\t\t\t\t\t$UploadsLeft | \n";
+ $html .= "\t\t\t\t\t\t$LastUsed | \n";
+ $html .= "\t\t\t\t\t\t$Issued | \n";
+ $html .= "\t\t\t\t\t\t$IP | \n";
+ $html .= "\t\t\t\t\t\t$UserAgent | \n";
+ $html .= "\t\t\t\t\t\t$keyType | \n";
+
+ if ($Primary == 1 && $line['primaryadmin'] != 1) { // primary admins cannot be removed
+ $html .= "\t\t\t\t\t\tRemove | \n";
+ }
+
+ $html .= "\t\t\t\t\t
\n";
+ }
+
+ $DatabaseQuery = $Database->query('SELECT * FROM keys');
+ while ($line = $DatabaseQuery->fetchArray()) {
+ $ID = $line['id'];
+ $Key = $line['key'];
+ $NumberOfUploads = $line['numberofuploads'];
+ $UploadsLeft = "";
+ $LastUsed = $line['lastused'];
+ $Issued = $line['issued'];
+ $IP = $line['ip'];
+ $UserAgent = $line['useragent'];
+
+ $keyType = "Key";
+ $UploadsLeft = "∞";
+
+ $html .= "\t\t\t\t\t\n";
+ $html .= "\t\t\t\t\t\t$ID | \n";
+ $html .= "\t\t\t\t\t\t$Key | \n";
+ $html .= "\t\t\t\t\t\t$NumberOfUploads | \n";
+ $html .= "\t\t\t\t\t\t$UploadsLeft | \n";
+ $html .= "\t\t\t\t\t\t$LastUsed | \n";
+ $html .= "\t\t\t\t\t\t$Issued | \n";
+ $html .= "\t\t\t\t\t\t$IP | \n";
+ $html .= "\t\t\t\t\t\t$UserAgent | \n";
+ $html .= "\t\t\t\t\t\t$keyType | \n";
+ $html .= "\t\t\t\t\t\tRemove | \n";
+ $html .= "\t\t\t\t\t
\n";
+ }
+
+ $DatabaseQuery = $Database->query('SELECT * FROM tkeys');
+ while ($line = $DatabaseQuery->fetchArray()) {
+ $ID = $line['id'];
+ $Key = $line['key'];
+ $NumberOfUploads = $line['numberofuploads'];
+ $UploadsLeft = "";
+ $LastUsed = $line['lastused'];
+ $Issued = $line['issued'];
+ $IP = $line['ip'];
+ $UserAgent = $line['useragent'];
+
+ $keyType = "Temporary";
+ $UploadsLeft = $line['uploadsleft'];
+
+ $html .= "\t\t\t\t\t\n";
+ $html .= "\t\t\t\t\t\t$ID | \n";
+ $html .= "\t\t\t\t\t\t$Key | \n";
+ $html .= "\t\t\t\t\t\t$NumberOfUploads | \n";
+ $html .= "\t\t\t\t\t\t$UploadsLeft | \n";
+ $html .= "\t\t\t\t\t\t$LastUsed | \n";
+ $html .= "\t\t\t\t\t\t$Issued | \n";
+ $html .= "\t\t\t\t\t\t$IP | \n";
+ $html .= "\t\t\t\t\t\t$UserAgent | \n";
+ $html .= "\t\t\t\t\t\t$keyType | \n";
+ $html .= "\t\t\t\t\t\tRemove | \n";
+ $html .= "\t\t\t\t\t
\n";
+ }
+
+ $html .= "\t\t\t\t
\n";
+}
+
$html = printFooter($html);
print "$html";
diff --git a/create-table.php b/create-table.php
index 95c4555..65b0b4c 100644
--- a/create-table.php
+++ b/create-table.php
@@ -11,6 +11,7 @@ function createTables($sqlDB) {
* id (INTEGER PRIMARY KEY)
* key (TEXT)
* primaryadmin (INT)
+ * numberofuploads (INT)
* lastused (TEXT)
* issued (TEXT)
* ip (TEXT)
diff --git a/index.css b/index.css
index ee60602..0fb3ee7 100644
--- a/index.css
+++ b/index.css
@@ -13,16 +13,6 @@
padding-right: 5px;
}
-.bar input {
- padding-top: 2px;
- padding-bottom: 2px;
- border-color: #363636;
- border-width: 0px;
- background-color: #363636;
- color: #f0eee4;
- width: 100%
-}
-
.title {
color: #f0eee4;
padding-left: 2px;
@@ -61,6 +51,33 @@ footer {
text-align: center;
}
+.content table {
+ width: 100%;
+}
+
+.content td, th {
+ padding-left: 10px;
+ padding-right: 10px;
+}
+
+.adminLinks {
+ width: 100%;
+ margin: 0px;
+ padding: 5px;
+ padding-left: 10px;
+ padding-right: 10px;
+ background-color: #363636;
+}
+
+.adminWarning {
+ color: #ffff00;
+}
+
+#sel {
+ text-decoration: underline;
+ color: #f0eee4;
+}
+
a {
color: #89bfff;
text-decoration: none;
diff --git a/login.php b/login.php
index 48574a9..b64080c 100644
--- a/login.php
+++ b/login.php
@@ -10,6 +10,7 @@ include "core.php";
$Authorized = 0;
$KeyType = 0;
+$Redirect = "";
if (isset($_REQUEST['redir'])) {
$Redirect = $_REQUEST['redir'];
diff --git a/remove-key.php b/remove-key.php
index 02a89a2..a36b70e 100644
--- a/remove-key.php
+++ b/remove-key.php
@@ -7,10 +7,11 @@
include "config.php";
include "create-table.php";
-if (isset($_REQUEST['key'])) {
- $Key = $_REQUEST['key'];
-} else {
- print "No key specified.";
+if (!isset($_COOKIE[$cookieName]) || !isset($_COOKIE[$cookieTypeName])) {
+ header('Location: login.php?redir=admin');
+ die();
+} else if ($_COOKIE[$cookieTypeName] != 2) { // not allowed
+ header('Location: /');
die();
}
@@ -25,22 +26,29 @@ $AdminIsPrimary = 0;
$KeyIsPrimary = 0;
$AuthorizedRemoval = 0;
$Removed = 0;
+$Redirect = "";
+
+if (isset($_REQUEST['redir'])) {
+ $Redirect = $_REQUEST['redir'];
+}
$Database = createTables($sqlDB);
-
-// check if the key we passed is an admin key and if it's a primary admin key
$DatabaseQuery = $Database->query('SELECT * FROM admins');
-while ($line = $DatabaseQuery->fetchArray()) {
- if ($Key == $line['key']) {
- if ($line['primaryadmin'] == 1) {
- $AdminIsPrimary = 1;
- }
+while ($line = $DatabaseQuery->fetchArray()) {
+ if ($line['key'] == $_COOKIE[$cookieName] && $_COOKIE[$cookieName] != "" && $line['key'] != "" && ($enableKeys || $enableKeys == "true")) {
$AuthorizedRemoval = 1;
+ $AdminIsPrimary = $line['primaryadmin'];
break;
}
}
+// not authorized
+if ($AuthorizedRemoval != 1) {
+ header('Location: /');
+ die();
+}
+
$DatabaseQuery = $Database->query('SELECT * FROM keys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['id'] == $id && $line['id'] != "" && $id != "") { // passed ID is a key that exists
@@ -86,9 +94,10 @@ while ($line = $DatabaseQuery->fetchArray()) {
}
}
-if ($AuthorizedRemoval != 1) {
- print "You aren't authorized to perform this action.";
- die();
+if ($Redirect == "admin") {
+ header("Location: admin.php?action=keys");
+} else {
+ header("Location: /");
}
?>