Subversion Repositories taios

Compare Revisions

Ignore whitespace Rev 32 → Rev 45

/admin/account-do.php
17,13 → 17,23
{
if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser()))
{
$page->query('UPDATE Users SET AccessID=' . $accessID . ' WHERE ID = ' . $userID);
$page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = ' . $userID);
}
if (!empty($password))
{
$page->query('UPDATE Users SET Password=' . sha1($password) . ' WHERE ID = ' . $userID);
$page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = ' . $userID);
}
if (!empty($email))
{
$page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = ' . $userID);
}
if (!empty($name))
{
$page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = ' . $userID);
}
}
else
{
37,6 → 47,6
}
}
 
$page->redirect('account.php?id=' . $id);
$page->redirect('account.php?id=' . $userID);
 
?>
/blog/index.php
19,7 → 19,7
{
$id = $ids[$i];
$post = $page->getBlogPost($id);
write('<a href="post.php?id=' . $i . '"><h3>' . $post->title. '</h3></a>');
write('<a href="post.php?id=' . $ids[$i] . '"><h3>' . $post->title. '</h3></a>');
write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
write('<p>' . $post->content . '</p>');
}
/blog/post-add.php
0,0 → 1,56
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Blog Posts', '../');
 
if (isset($_POST['title']) && isset($_POST['content']) && isset($_POST['catagory']) && isset($_POST['parentID']))
{
$page->query('insert into BlogPosts VALUES(0, ' . $_POST['parentID'] . ', "' . $page->getLoggedInUser. '", "' . $_POST['title'] . '", "' . $_POST['content'] . '", NOW(), "' . $_POST['catagory'] . '", 0)');
$page->redirect("index.php");
}
 
$page->drawHeader();
write('<h3>Blog</h3>');
$page->drawMenuItem('Computing', 'index.php?cat=Computing');
$page->drawMiddle();
 
if ($page->isUserGM($page->getLoggedInUser()))
{
write('<p class="bold"><a href="add-post.php">Add Post</a></p>');
write('<br />');
}
 
?>
 
<form action="post-add.php" method="post">
<table>
<tr>
<td class="bold">Title: </td>
<td><input type="text" name="title" /></td>
</tr>
<tr>
<td class="bold">Content: </td>
<td><input type="text" name="content" /></td>
</tr>
<tr>
<td class="bold">Catagory: </td>
<td><input type="text" name="catagory" /></td>
</tr>
 
<?php
write('<input type="hidden" name="parentID" value="' . $_GET['id'] . '"/>');
?>
 
<tr>
<td class="bold"></td>
<td><input type="submit" value="Post" /></td>
</tr>
</table>
</form>
 
<?php
 
$page->drawFooter();
 
?>
/blog/post.php
2,23 → 2,6
 
require '../_taios.php';
 
function drawPost($id)
{
$post = $page->getBlogPost($id);
write('<h3>' . $post->title. '</h3>');
write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
write('<p>' . $post->content . '</p>');
 
$ids = $page->findIDs('BlogPosts', 'WHERE ParentID = ' . $id);
for ($i = 0; $i < count($ids); $i++)
{
write('<p class="indent">');
drawPost($i);
write('</p>');
}
 
}
 
$page = new Taios_Page('Blog Posts', '../');
 
if (!isset($_GET['id']))
35,9 → 18,8
write('<br />');
}
 
drawPost($_GET['id']);
$page->drawBlogPostTree($_GET['id']);
 
 
$page->drawFooter();
 
?>
/_taios.php
1,334 → 1,351
<?php
 
require '_config.php';
 
class Taios_Page
{
function __construct($title, $url = "")
{
$this->title = $title;
$this->url = $url;
$this->drawnHeader = false;
$this->drawnMiddle = false;
$this->drawnFooter = false;
$this->db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD);
if (!$this->db)
{
$this->drawError('Failed to connect to database: ' . mysql_error());
}
if (!mysql_select_db('Tim32'))
{
$this->drawError('Failed to select database: ' . mysql_error());
}
}
function drawHeader()
{
if (!$this->drawnHeader)
{
write('<!DOCTYPE html>');
write('<html>');
write('<head>');
write('<meta http-equiv="Content-Type" content="text/html;charset=utf-8">');
write('<title>Tim32 &middot; ' . $this->title . '</title>');
write('<link href="' . $this->url . 'styles.css" rel="stylesheet" type="text/css" media="screen">');
write('</head>');
write('<body>');
write('<div class="sidebar">');
write('<div class="sidebar-header">');
write('<h1>Tim32</h1>');
write('</div>');
write('<div class="sidebar-menu">');
$this->drawMenuItem('Home', 'index.php');
$this->drawMenuItem('Blog', 'blog/');
$this->drawMenuItem('Projects', 'projects/');
$this->drawMenuItem('Forums', 'forums/');
$this->drawMenuItem('Wiki', 'wiki/');
$this->drawMenuItem('Photos', 'photos/');
write('<br />');
if ($this->isLoggedIn())
{
$this->drawMenuItem('Manage Account', 'admin/account.php?id=' . $this->getLoggedInUser()->ID);
$this->drawMenuItem('Logout', 'logout-do.php');
}
else
{
$this->drawMenuItem('Login', 'login.php');
$this->drawMenuItem('Register', 'register.php');
}
write('<br />');
$this->drawnHeader = true;
}
}
function drawMenuItem($t, $u)
{
write('<p><a href="' . $this->url . $u . '"</a>' . $t . '</a></p>');
}
function drawMiddle()
{
if (!$this->drawnMiddle)
{
write('<br />');
write('</div>');
write('</div>');
write('<div class="content">');
write('<h2>' . $this->title . '</h2>');
 
$this->drawnMiddle = true;
}
}
function drawFooter()
{
if (!$this->drawnFooter)
{
write('</div>');
write('</body>');
write('</html>');
$this->drawnFooter = true;
}
// die();
}
function drawError($text, $die = true)
{
$this->drawHeader();
$this->drawMiddle();
write('<h4 style="color: red;">Error: ' . $text . '</h4>');
if ($die)
{
$this->drawFooter();
die();
}
}
function redirect($url)
{
header('Location: ' . $url);
die();
}
function isLoggedIn()
{
$cookie = $_COOKIE['Tim32_Login'];
if (!empty($cookie))
{
$clist = explode('|~|', $cookie);
$user = $this->getUserByUsername($clist[0]);
if ($user)
{
if ($user->password == $clist[1])
{
return true;
}
}
}
return false;
}
function isUserAdmin()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 0)
{
return true;
}
}
return false;
}
function isUserGM()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 1)
{
return true;
}
}
return false;
}
function isUserNormal()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 2)
{
return true;
}
}
return false;
}
function checkLoggedIn()
{
if (!$this->isLoggedIn())
{
$this->drawError('You need to be logged in.');
}
}
function query($query)
{
$result = mysql_query($query);
if (!$result)
{
$this->drawError('MySQL Error: ' . mysql_error());
}
return $result;
}
function findIDs($table, $query = '')
{
$array = array();
$result = $this->query('SELECT ID FROM ' . $table . ' ' . $query);
while ($row = mysql_fetch_array($result))
{
array_push($array, $row['ID']);
}
return $array;
}
function getUserByID($id)
{
$result = $this->query('SELECT * FROM Users WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$user = new User;
$user->ID = $row['ID'];
$user->accessID = $row['AccessID'];
$user->username = $row['Username'];
$user->password = $row['Password'];
$user->emailAddress = $row['EmailAddress'];
$user->name = $row['Name'];
$user->challengeID = $row['ChallengeID'];
return $user;
}
return false;
}
function getUserByUsername($username)
{
$result = $this->query('SELECT * FROM Users WHERE Username = "' . $username . '"');
while ($row = mysql_fetch_array($result))
{
return $this->getUserByID($row['ID']);
}
return false;
}
function getLoggedInUser()
{
if ($this->isLoggedIn())
{
$clist = explode('|~|', $_COOKIE['Tim32_Login']);
return $this->getUserByUsername($clist[0]);
}
return false;
}
function getBlogPost($id)
{
$result = $this->query('SELECT * FROM BlogPosts WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$post = new BlogPost;
$post->ID = $row['ID'];
if ($row['ParentID'] == -1)
{
$post->parent = -1;
}
else
{
$post->parent = $this->getBlogPost($row['ParentID']);
}
$post->user = $this->getUserByID($row['AuthorID']);
$post->title = $row['Title'];
$post->content = $row['Content'];
$post->datePosted = strtotime($row['DatePosted']);
$post->category = $row['Category'];
$post->spam = $row['Spam'];
return $post;
}
$this->drawError('Cannot find blog post, #' . $id);
return false;
}
function getGetID()
{
$id = $_GET['id'];
if (empty($id))
{
$id = 1;
}
return $id;
}
function getPostID()
{
$id = $_POSt['id'];
if (empty($id))
{
$id = 1;
}
return $id;
}
}
 
class User
{
public $ID;
public $accessID;
public $username;
public $password;
public $emailAddress;
public $name;
public $challengeID;
}
 
class BlogPost
{
public $ID;
public $parent;
public $author;
public $title;
public $content;
public $datePosted;
public $category;
public $spam;
}
 
function write($str)
{
echo $str;
echo "\n";
}
 
?>
<?php
 
require '_config.php';
 
class Taios_Page
{
function __construct($title, $url = "")
{
$this->title = $title;
$this->url = $url;
$this->drawnHeader = false;
$this->drawnMiddle = false;
$this->drawnFooter = false;
$this->db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD);
if (!$this->db)
{
$this->drawError('Failed to connect to database: ' . mysql_error());
}
if (!mysql_select_db('Tim32'))
{
$this->drawError('Failed to select database: ' . mysql_error());
}
}
function drawHeader()
{
if (!$this->drawnHeader)
{
write('<!DOCTYPE html>');
write('<html>');
write('<head>');
write('<meta http-equiv="Content-Type" content="text/html;charset=utf-8">');
write('<title>Tim32 &middot; ' . $this->title . '</title>');
write('<link href="' . $this->url . 'styles.css" rel="stylesheet" type="text/css" media="screen">');
write('</head>');
write('<body>');
write('<div class="sidebar">');
write('<div class="sidebar-header">');
write('<h1>Tim32</h1>');
write('</div>');
write('<div class="sidebar-menu">');
$this->drawMenuItem('Home', 'index.php');
$this->drawMenuItem('Blog', 'blog/');
$this->drawMenuItem('Projects', 'projects/');
$this->drawMenuItem('Forums', 'forums/');
$this->drawMenuItem('Wiki', 'wiki/');
$this->drawMenuItem('Photos', 'photos/');
write('<br />');
if ($this->isLoggedIn())
{
$this->drawMenuItem('Manage Account', 'admin/account.php?id=' . $this->getLoggedInUser()->ID);
$this->drawMenuItem('Logout', 'logout-do.php');
}
else
{
$this->drawMenuItem('Login', 'login.php');
$this->drawMenuItem('Register', 'register.php');
}
write('<br />');
$this->drawnHeader = true;
}
}
function drawMenuItem($t, $u)
{
write('<p><a href="' . $this->url . $u . '"</a>' . $t . '</a></p>');
}
function drawMiddle()
{
if (!$this->drawnMiddle)
{
write('<br />');
write('</div>');
write('</div>');
write('<div class="content">');
write('<h2>' . $this->title . '</h2>');
 
$this->drawnMiddle = true;
}
}
function drawFooter()
{
if (!$this->drawnFooter)
{
write('</div>');
write('</body>');
write('</html>');
$this->drawnFooter = true;
}
// die();
}
function drawError($text, $die = true)
{
$this->drawHeader();
$this->drawMiddle();
write('<h4 style="color: red;">Error: ' . $text . '</h4>');
if ($die)
{
$this->drawFooter();
die();
}
}
function drawBlogPostTree($id)
{
$post = $this->getBlogPost($id);
write('<h3>' . $post->title. '</h3>');
write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
write('<p>' . $post->content . '</p>');
 
$ids = $this->findIDs('BlogPosts', 'WHERE ParentID=' . $id);
for ($i = 0; $i < count($ids); $i++)
{
write('<p class="indent">');
$this->drawBlogPostTree($ids[$i]);
write('</p>');
}
 
}
 
function redirect($url)
{
header('Location: ' . $url);
die();
}
function isLoggedIn()
{
$cookie = $_COOKIE['Tim32_Login'];
if (!empty($cookie))
{
$clist = explode('|~|', $cookie);
$user = $this->getUserByUsername($clist[0]);
if ($user)
{
if ($user->password == $clist[1])
{
return true;
}
}
}
return false;
}
function isUserAdmin()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 0)
{
return true;
}
}
return false;
}
function isUserGM()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 1)
{
return true;
}
}
return false;
}
function isUserNormal()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 2)
{
return true;
}
}
return false;
}
function checkLoggedIn()
{
if (!$this->isLoggedIn())
{
$this->drawError('You need to be logged in.');
}
}
function query($query)
{
$result = mysql_query($query);
if (!$result)
{
$this->drawError('MySQL Error: ' . mysql_error());
}
return $result;
}
function findIDs($table, $query = '')
{
$array = array();
$result = $this->query('SELECT ID FROM ' . $table . ' ' . $query);
while ($row = mysql_fetch_array($result))
{
array_push($array, $row['ID']);
}
return $array;
}
function getUserByID($id)
{
$result = $this->query('SELECT * FROM Users WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$user = new User;
$user->ID = $row['ID'];
$user->accessID = $row['AccessID'];
$user->username = $row['Username'];
$user->password = $row['Password'];
$user->emailAddress = $row['EmailAddress'];
$user->name = $row['Name'];
$user->challengeID = $row['ChallengeID'];
return $user;
}
return false;
}
function getUserByUsername($username)
{
$result = $this->query('SELECT * FROM Users WHERE Username = "' . $username . '"');
while ($row = mysql_fetch_array($result))
{
return $this->getUserByID($row['ID']);
}
return false;
}
function getLoggedInUser()
{
if ($this->isLoggedIn())
{
$clist = explode('|~|', $_COOKIE['Tim32_Login']);
return $this->getUserByUsername($clist[0]);
}
return false;
}
function getBlogPost($id)
{
$result = $this->query('SELECT * FROM BlogPosts WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$post = new BlogPost;
$post->ID = $row['ID'];
if ($row['ParentID'] == -1)
{
$post->parent = -1;
}
else
{
$post->parent = $this->getBlogPost($row['ParentID']);
}
$post->user = $this->getUserByID($row['AuthorID']);
$post->title = $row['Title'];
$post->content = $row['Content'];
$post->datePosted = strtotime($row['DatePosted']);
$post->category = $row['Category'];
$post->spam = $row['Spam'];
return $post;
}
$this->drawError('Cannot find blog post, #' . $id);
}
function getGetID()
{
$id = $_GET['id'];
if (empty($id))
{
$id = 1;
}
return $id;
}
function getPostID()
{
$id = $_POST['id'];
if (empty($id))
{
$id = 1;
}
return $id;
}
 
}
 
class User
{
public $ID;
public $accessID;
public $username;
public $password;
public $emailAddress;
public $name;
public $challengeID;
}
 
class BlogPost
{
public $ID;
public $parent;
public $author;
public $title;
public $content;
public $datePosted;
public $category;
public $spam;
}
 
function write($str)
{
echo $str;
echo "\n";
}
 
?>