Add removal of keys from administrator panel
This commit is contained in:
parent
51f17e8174
commit
335c00bf37
179
admin.php
179
admin.php
|
@ -8,6 +8,7 @@ include "core.php";
|
|||
include "config.php";
|
||||
include "create-table.php";
|
||||
|
||||
$Action = "";
|
||||
$Authorized = 0;
|
||||
$Primary = 0;
|
||||
|
||||
|
@ -19,6 +20,12 @@ if (!isset($_COOKIE[$cookieName]) || !isset($_COOKIE[$cookieTypeName])) {
|
|||
die();
|
||||
}
|
||||
|
||||
if (!isset($_REQUEST['action'])) {
|
||||
$Action = "files";
|
||||
} else {
|
||||
$Action = $_REQUEST['action'];
|
||||
}
|
||||
|
||||
// in case admin keys are disabled
|
||||
if (!$enableAdminKeys || $enableAdminKeys == "false") {
|
||||
header('Location: /');
|
||||
|
@ -45,6 +52,178 @@ if ($Authorized != 1) {
|
|||
$html = "";
|
||||
$html = printHeader($html);
|
||||
|
||||
$html .= "\t\t\t<h1>Administrator panel</h1>\n";
|
||||
$html .= "\t\t\t\t<div class=\"adminLinks\">\n";
|
||||
$html .= "\t\t\t\t\t<span id='adminSpan' class='title'>\n";
|
||||
|
||||
if ($Action == "files") {
|
||||
$html .= "\t\t\t\t\t\t<a href=\"/admin.php?action=files\" id='sel'>Files</a>\n";
|
||||
} else {
|
||||
$html .= "\t\t\t\t\t\t<a href=\"/admin.php?action=files\">Files</a>\n";
|
||||
}
|
||||
|
||||
if ($Action == "keys") {
|
||||
$html .= "\t\t\t\t\t\t<a href=\"/admin.php?action=keys\" id='sel'>Keys</a>\n";
|
||||
} else {
|
||||
$html .= "\t\t\t\t\t\t<a href=\"/admin.php?action=keys\">Keys</a>\n";
|
||||
}
|
||||
|
||||
$html .= "\t\t\t\t\t</span>\n";
|
||||
$html .= "\t\t\t\t</div>\n";
|
||||
|
||||
if ($Action == "files") {
|
||||
$DatabaseQuery = $Database->query('SELECT * FROM uploads');
|
||||
|
||||
$html .= "\t\t\t\t<table class=\"adminFileView\">\n";
|
||||
$html .= "\t\t\t\t\t<tr class=\"adminFileView\">\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminID\">ID</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminFilename\">Filename</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminUploadDate\">Upload date</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminKeyID\">Key ID</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminKeyType\">Key type</th>\n";
|
||||
$html .= "\t\t\t\t\t</tr>\n";
|
||||
|
||||
while ($line = $DatabaseQuery->fetchArray()) {
|
||||
$ID = $line['id'];
|
||||
$Filename = $line['file'];
|
||||
$uploadDate = $line['uploaddate'];
|
||||
$keyID = $line['keyid'];
|
||||
|
||||
if ($line['keytype'] == 0) {
|
||||
$keyType = "Key";
|
||||
} else if ($line['keytype'] == 1) {
|
||||
$keyType = "Temporary";
|
||||
} else if ($line['keytype'] == 2) {
|
||||
$keyType = "Administrator";
|
||||
} else {
|
||||
$keyType = "Unknown";
|
||||
}
|
||||
|
||||
$html .= "\t\t\t\t\t<tr class=\"adminFileView\">\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminID\" id=\"adminID-$ID\">$ID</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminFilename\">$Filename</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminUploadDate\">$uploadDate</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminKeyID\">$keyID</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminKeyType\">$keyType</td>\n";
|
||||
|
||||
$html .= "\t\t\t\t\t</tr>\n";
|
||||
}
|
||||
|
||||
$html .= "\t\t\t\t</table>\n";
|
||||
} else if ($Action == "keys") {
|
||||
$html .= "\t\t\t\t<p class=\"adminWarning\">Administrator keys are not visible.</p>\n";
|
||||
$html .= "\t\t\t\t<table class=\"adminKeyView\">\n";
|
||||
$html .= "\t\t\t\t\t<tr class=\"adminKeyView\">\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminID\">ID</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminKey\">Key</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminNumberOfUploads\">Uploads</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminUploadsLeft\">Uploads left</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminLastUsed\">Last used</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminIssued\">Issued</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminIP\">IP</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminUserAgent\">User agent</th>\n";
|
||||
$html .= "\t\t\t\t\t\t<th class=\"adminKeyType\">Key type</th>\n";
|
||||
$html .= "\t\t\t\t\t</tr>\n";
|
||||
|
||||
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
||||
while ($line = $DatabaseQuery->fetchArray()) {
|
||||
if ($Primary != 1) {
|
||||
break;
|
||||
}
|
||||
|
||||
$ID = $line['id'];
|
||||
$Key = $line['key'];
|
||||
$NumberOfUploads = $line['numberofuploads'];
|
||||
$UploadsLeft = "";
|
||||
$LastUsed = $line['lastused'];
|
||||
$Issued = $line['issued'];
|
||||
$IP = $line['ip'];
|
||||
$UserAgent = $line['useragent'];
|
||||
|
||||
$keyType = "Administrator";
|
||||
$UploadsLeft = "∞";
|
||||
|
||||
if ($line['primaryadmin'] == 1) {
|
||||
$keyType = "Primary Administrator";
|
||||
}
|
||||
|
||||
$html .= "\t\t\t\t\t<tr class=\"adminKeyView\">\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminID\" id=\"id-2-$ID\">$ID</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminKey\">$Key</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminNumberOfUploads\">$NumberOfUploads</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminUploadsLeft\">$UploadsLeft</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminLastUsed\">$LastUsed</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminIssued\">$Issued</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminIP\">$IP</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminUserAgent\">$UserAgent</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminKeyType\">$keyType</td>\n";
|
||||
|
||||
if ($Primary == 1 && $line['primaryadmin'] != 1) { // primary admins cannot be removed
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminRemove\"><a href=\"/remove-key.php?redir=admin&id=$ID\">Remove</a></td>\n";
|
||||
}
|
||||
|
||||
$html .= "\t\t\t\t\t</tr>\n";
|
||||
}
|
||||
|
||||
$DatabaseQuery = $Database->query('SELECT * FROM keys');
|
||||
while ($line = $DatabaseQuery->fetchArray()) {
|
||||
$ID = $line['id'];
|
||||
$Key = $line['key'];
|
||||
$NumberOfUploads = $line['numberofuploads'];
|
||||
$UploadsLeft = "";
|
||||
$LastUsed = $line['lastused'];
|
||||
$Issued = $line['issued'];
|
||||
$IP = $line['ip'];
|
||||
$UserAgent = $line['useragent'];
|
||||
|
||||
$keyType = "Key";
|
||||
$UploadsLeft = "∞";
|
||||
|
||||
$html .= "\t\t\t\t\t<tr class=\"adminKeyView\">\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminID\" id=\"id-0-$ID\">$ID</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminKey\">$Key</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminNumberOfUploads\">$NumberOfUploads</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminUploadsLeft\">$UploadsLeft</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminLastUsed\">$LastUsed</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminIssued\">$Issued</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminIP\">$IP</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminUserAgent\">$UserAgent</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminKeyType\">$keyType</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminRemove\"><a href=\"/remove-key.php?redir=admin&id=$ID\">Remove</a></td>\n";
|
||||
$html .= "\t\t\t\t\t</tr>\n";
|
||||
}
|
||||
|
||||
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
|
||||
while ($line = $DatabaseQuery->fetchArray()) {
|
||||
$ID = $line['id'];
|
||||
$Key = $line['key'];
|
||||
$NumberOfUploads = $line['numberofuploads'];
|
||||
$UploadsLeft = "";
|
||||
$LastUsed = $line['lastused'];
|
||||
$Issued = $line['issued'];
|
||||
$IP = $line['ip'];
|
||||
$UserAgent = $line['useragent'];
|
||||
|
||||
$keyType = "Temporary";
|
||||
$UploadsLeft = $line['uploadsleft'];
|
||||
|
||||
$html .= "\t\t\t\t\t<tr class=\"adminKeyView\">\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminID\" id=\"id-1-$ID\">$ID</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminKey\">$Key</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminNumberOfUploads\">$NumberOfUploads</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminUploadsLeft\">$UploadsLeft</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminLastUsed\">$LastUsed</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminIssued\">$Issued</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminIP\">$IP</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminUserAgent\">$UserAgent</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminKeyType\">$keyType</td>\n";
|
||||
$html .= "\t\t\t\t\t\t<td class=\"adminRemove\"><a href=\"/remove-key.php?redir=admin&id=$ID\">Remove</a></td>\n";
|
||||
$html .= "\t\t\t\t\t</tr>\n";
|
||||
}
|
||||
|
||||
$html .= "\t\t\t\t</table>\n";
|
||||
}
|
||||
|
||||
$html = printFooter($html);
|
||||
|
||||
print "$html";
|
||||
|
|
|
@ -11,6 +11,7 @@ function createTables($sqlDB) {
|
|||
* id (INTEGER PRIMARY KEY)
|
||||
* key (TEXT)
|
||||
* primaryadmin (INT)
|
||||
* numberofuploads (INT)
|
||||
* lastused (TEXT)
|
||||
* issued (TEXT)
|
||||
* ip (TEXT)
|
||||
|
|
37
index.css
37
index.css
|
@ -13,16 +13,6 @@
|
|||
padding-right: 5px;
|
||||
}
|
||||
|
||||
.bar input {
|
||||
padding-top: 2px;
|
||||
padding-bottom: 2px;
|
||||
border-color: #363636;
|
||||
border-width: 0px;
|
||||
background-color: #363636;
|
||||
color: #f0eee4;
|
||||
width: 100%
|
||||
}
|
||||
|
||||
.title {
|
||||
color: #f0eee4;
|
||||
padding-left: 2px;
|
||||
|
@ -61,6 +51,33 @@ footer {
|
|||
text-align: center;
|
||||
}
|
||||
|
||||
.content table {
|
||||
width: 100%;
|
||||
}
|
||||
|
||||
.content td, th {
|
||||
padding-left: 10px;
|
||||
padding-right: 10px;
|
||||
}
|
||||
|
||||
.adminLinks {
|
||||
width: 100%;
|
||||
margin: 0px;
|
||||
padding: 5px;
|
||||
padding-left: 10px;
|
||||
padding-right: 10px;
|
||||
background-color: #363636;
|
||||
}
|
||||
|
||||
.adminWarning {
|
||||
color: #ffff00;
|
||||
}
|
||||
|
||||
#sel {
|
||||
text-decoration: underline;
|
||||
color: #f0eee4;
|
||||
}
|
||||
|
||||
a {
|
||||
color: #89bfff;
|
||||
text-decoration: none;
|
||||
|
|
|
@ -10,6 +10,7 @@ include "core.php";
|
|||
|
||||
$Authorized = 0;
|
||||
$KeyType = 0;
|
||||
$Redirect = "";
|
||||
|
||||
if (isset($_REQUEST['redir'])) {
|
||||
$Redirect = $_REQUEST['redir'];
|
||||
|
|
|
@ -7,10 +7,11 @@
|
|||
include "config.php";
|
||||
include "create-table.php";
|
||||
|
||||
if (isset($_REQUEST['key'])) {
|
||||
$Key = $_REQUEST['key'];
|
||||
} else {
|
||||
print "No key specified.";
|
||||
if (!isset($_COOKIE[$cookieName]) || !isset($_COOKIE[$cookieTypeName])) {
|
||||
header('Location: login.php?redir=admin');
|
||||
die();
|
||||
} else if ($_COOKIE[$cookieTypeName] != 2) { // not allowed
|
||||
header('Location: /');
|
||||
die();
|
||||
}
|
||||
|
||||
|
@ -25,22 +26,29 @@ $AdminIsPrimary = 0;
|
|||
$KeyIsPrimary = 0;
|
||||
$AuthorizedRemoval = 0;
|
||||
$Removed = 0;
|
||||
$Redirect = "";
|
||||
|
||||
if (isset($_REQUEST['redir'])) {
|
||||
$Redirect = $_REQUEST['redir'];
|
||||
}
|
||||
|
||||
$Database = createTables($sqlDB);
|
||||
|
||||
// check if the key we passed is an admin key and if it's a primary admin key
|
||||
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
||||
while ($line = $DatabaseQuery->fetchArray()) {
|
||||
if ($Key == $line['key']) {
|
||||
if ($line['primaryadmin'] == 1) {
|
||||
$AdminIsPrimary = 1;
|
||||
}
|
||||
|
||||
while ($line = $DatabaseQuery->fetchArray()) {
|
||||
if ($line['key'] == $_COOKIE[$cookieName] && $_COOKIE[$cookieName] != "" && $line['key'] != "" && ($enableKeys || $enableKeys == "true")) {
|
||||
$AuthorizedRemoval = 1;
|
||||
$AdminIsPrimary = $line['primaryadmin'];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
// not authorized
|
||||
if ($AuthorizedRemoval != 1) {
|
||||
header('Location: /');
|
||||
die();
|
||||
}
|
||||
|
||||
$DatabaseQuery = $Database->query('SELECT * FROM keys');
|
||||
while ($line = $DatabaseQuery->fetchArray()) {
|
||||
if ($line['id'] == $id && $line['id'] != "" && $id != "") { // passed ID is a key that exists
|
||||
|
@ -86,9 +94,10 @@ while ($line = $DatabaseQuery->fetchArray()) {
|
|||
}
|
||||
}
|
||||
|
||||
if ($AuthorizedRemoval != 1) {
|
||||
print "You aren't authorized to perform this action.";
|
||||
die();
|
||||
if ($Redirect == "admin") {
|
||||
header("Location: admin.php?action=keys");
|
||||
} else {
|
||||
header("Location: /");
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
Loading…
Reference in a new issue