[art-web] Add a very simple site administration page
- From: Thomas Wood <thos src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [art-web] Add a very simple site administration page
- Date: Sun, 3 Jan 2010 14:41:43 +0000 (UTC)
commit 0bbd79ab2dc63b16bc0e2360f77c2d726f7c6f18
Author: Thomas Wood <thos gnome org>
Date: Sun Jan 3 14:41:35 2010 +0000
Add a very simple site administration page
admin.php | 252 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 252 insertions(+), 0 deletions(-)
---
diff --git a/admin.php b/admin.php
new file mode 100644
index 0000000..2c477fc
--- /dev/null
+++ b/admin.php
@@ -0,0 +1,252 @@
+<?php
+
+/*
+ * Copyright (C) 2010 Thomas Wood <thos gnome org>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+require ('mysql.inc.php');
+require ('config.inc.php');
+
+session_start ();
+
+if (array_key_exists ('logout', $_GET))
+{
+ session_unset ();
+ unset ($_SESSION['granted']);
+}
+
+if (!array_key_exists ('granted', $_SESSION))
+{
+ $loginform =
+ "<html><head><title>Login</title></head>
+ <body><form method='post'>
+ <label>User: <input name='username'></label>
+ <label>Password: <input type='password' name='password'></label>
+ <input type='submit' value='Login' name='login'></form></body></html>";
+
+ if (array_key_exists ('login', $_POST))
+ {
+ /* attempt login */
+ $username = mysql_real_escape_string ($_POST['username']);
+ $password = $_POST['password'];
+ $res = mysql_query ("SELECT password, level FROM user WHERE username = '$username'");
+ $row = mysql_fetch_row ($res);
+ if ($row[0] == md5 ($password) && $row[1] == 2)
+ $_SESSION['granted'] = true;
+ else
+ exit ($loginform);
+ }
+ else
+ exit ($loginform);
+}
+
+
+function print_combo ($name, $values, $selected)
+{
+ print ("<select name='$name'>");
+ foreach ($values as $value => $name)
+ printf ('<option value="%s"%s>%s</option>',
+ $value, ($value == $selected) ? ' selected' : '', $name);
+ print ("</select>");
+}
+
+if (array_key_exists ('section', $_GET))
+ $section = mysql_real_escape_string ($_GET['section']);
+else
+ $section = '';
+
+if (array_key_exists ('category', $_GET))
+ $category = mysql_real_escape_string ($_GET['category']);
+else
+ $category = '';
+
+if (array_key_exists ('edit', $_GET) && is_numeric ($_GET['edit']))
+ $edit = $_GET['edit'];
+else
+ $edit = 0;
+?>
+<!DOCTYPE HTML SYSTEM>
+<html>
+<head>
+ <title>Art-Web Admin</title>
+ <style type="text/css">
+ body { font-family: sans-serif; font-size: 10pt; padding-top: 1.5em;}
+ table { font: inherit;}
+ img { border: none; }
+ </style>
+</head>
+<body>
+<div style="position:fixed; background-color: black; color: white; top: 0; left: 0; right: 0; padding: 2px;">
+Site Admin: <?php echo ucwords ($section); if ($category) echo " : " . ucwords (strtr ($category, '_', ' ')); ?>
+
+<div style="float:right">
+<a href="admin.php?logout" style="color:inherit">Logout</a>
+</div>
+</div>
+
+<b>Themes:</b>
+<a href="?section=theme&category=gtk2">GTK</a>
+·
+<a href="?section=theme&category=metacity">Metacity</a>
+·
+<a href="?section=theme&category=icon">Icons</a>
+·
+<a href="?section=theme&category=splash_screens">Splash Screens</a>
+·
+<a href="?section=theme&category=gdm_greeter">Gdm Greeter</a>
+
+<br>
+<b>Backgrounds:</b>
+<a href="?section=background&category=gnome">GNOME</a>
+·
+<a href="?section=background&category=nature">Nature</a>
+·
+<a href="?section=background&category=abstract">Abstract</a>
+·
+<a href="?section=background&category=Other">Other</a>
+<hr>
+<?php
+
+/* save an item */
+if (array_key_exists ('save', $_POST))
+{
+ /* make sure we don't have any extra escaped characters, then do a real
+ * escape */
+ $_POST = array_map ('trim', $_POST);
+ if (get_magic_quotes_gpc ())
+ $_POST = array_map ('stripslashes', $_POST);
+ $val = array_map ('mysql_real_escape_string', $_POST);
+
+ if ($section == "theme")
+ $sql = "UPDATE theme SET
+ name='{$val["name"]}',
+ status='{$val["status"]}',
+ category='{$val["category"]}',
+ version='{$val["version"]}',
+ license='{$val["license"]}',
+ parent={$val["parent"]},
+ description='{$val["description"]}',
+ preview_filename='{$val["preview_filename"]}',
+ thumbnail_filename='{$val["thumbnail_filename"]}',
+ download_filename='{$val["download_filename"]}',
+ WHERE themeID={$val['themeID']} LIMIT 1";
+ else if ($section == "background")
+ $sql = "UPDATE background SET
+ name='{$val["name"]}',
+ status='{$val["status"]}',
+ category='{$val["category"]}',
+ version='{$val["version"]}',
+ license='{$val["license"]}',
+ description='{$val["description"]}',
+ thumbnail_filename='{$val["thumbnail_filename"]}',
+ parent='{$val["parent"]}'
+ WHERE backgroundID={$val['backgroundID']} LIMIT 1";
+
+ if (mysql_query ($sql))
+ print ("<b>Saved</b>");
+ else
+ print ("<b>Save failed</b> " . mysql_error ());
+
+ print ("<hr>");
+}
+
+if ($edit)
+{
+ /* edit page */
+ if ($section == 'background')
+ $sql = "SELECT backgroundID, name, status, category, version, license, parent, description,thumbnail_filename FROM background WHERE backgroundID=$edit";
+ elseif ($section == 'theme')
+ $sql = "SELECT themeID, name, status, category, version, license, parent, description, preview_filename, thumbnail_filename, download_filename FROM theme WHERE themeID=$edit";
+ else
+ exit ("No section selected");
+
+ $res = mysql_query ($sql);
+ print (mysql_error ());
+ $row = mysql_fetch_assoc ($res);
+
+ if ($section == 'theme')
+ print ("<img alt='thumbnail' align=middle src='/images/thumbnails/{$row['category']}/{$row['thumbnail_filename']}'>");
+ else
+ print ("<img alt='thumbnail' align=middle src='/images/thumbnails/backgrounds/{$row['thumbnail_filename']}'>");
+ print (' <b>'.$row['name'].'</b>');
+
+ print ('<form method="post" action="'.$_SERVER['REQUEST_URI'].'"><table>');
+ foreach ($row as $key => $value)
+ {
+ print ("\n<tr><td>".ucwords (strtr ($key, '_', ' '))."<td>");
+ if ($key == 'status')
+ print_combo ($key, array ('active' => 'Active', 'archive' => 'Archive', 'broken' => 'Broken', 'inactive' => 'Inactive'),
+ $value);
+ elseif ($key == 'license')
+ print_combo ($key, $license_config_array, $value);
+ elseif ($key == 'category')
+ {
+ if ($section == 'background')
+ print_combo ($key,
+ array_combine (array_keys ($background_config_array),
+ array_keys ($background_config_array)),
+ $value);
+ else
+ print_combo ($key,
+ array_combine (array_keys ($theme_config_array),
+ array_keys ($theme_config_array)),
+ $value);
+ }
+ else
+ print ("<input name='$key' value='".htmlspecialchars ($value, ENT_QUOTES)."' size=50>");
+ }
+ print ('</table><input type="submit" name="save" value="Save"></form>');
+}
+else
+{
+ /* listing page */
+
+ if ($section)
+ print ("<form method=get><input type=hidden name=section value='$section'>
+ <input name=edit size=5><input type=submit value=Edit></form>");
+
+ if ($section == 'theme')
+ $sql = "SELECT themeID as artID, name, thumbnail_filename, status
+ FROM theme WHERE category='$category' AND themeID > 1000";
+ else
+ $sql = "SELECT backgroundID as artID, name, thumbnail_filename, status
+ FROM background WHERE category='$category' AND backgroundID > 1000";
+
+ $res = mysql_query ($sql);
+ print ('<table>');
+
+ $col = 0;
+ while ($row = mysql_fetch_assoc ($res))
+ {
+ if ($col == 0)
+ print ("\n<tr>");
+ if ($section == 'theme')
+ print ("<td><img alt='thumbnail' src='/images/thumbnails/$category/{$row['thumbnail_filename']}'>");
+ else
+ print ("<td><img alt='thumbnail' src='/images/thumbnails/backgrounds/{$row['thumbnail_filename']}'>");
+
+ print ("<td><a href='?edit={$row['artID']}&section=$section'>{$row['name']}</a>");
+ if ($row['status'] != 'active') print ("<br>({$row['status']})");
+
+ $col++;
+ if ($col > 2) $col = 0;
+ }
+ print ('</table>');
+}
+
+?>
+</body>
+</html>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]