diff options
author | Jesse Morgan <jesse@jesterpm.net> | 2011-05-12 16:59:36 -0700 |
---|---|---|
committer | Jesse Morgan <jesse@jesterpm.net ; true> | 2011-05-12 16:59:36 -0700 |
commit | dd24e2c973a7979894971bdc38d904d2aecc7d5d (patch) | |
tree | 2f8474d22cbf29749219bd6dd543bb22b959465e /htdocs/moderate | |
parent | e159ae5209a561043ceb89aa640b207df15181b7 (diff) |
Well, you can see posts on the moderation panel now
Diffstat (limited to 'htdocs/moderate')
-rw-r--r-- | htdocs/moderate/admin.css | 99 | ||||
-rw-r--r-- | htdocs/moderate/changepassword.php | 88 | ||||
-rw-r--r-- | htdocs/moderate/index.php | 50 | ||||
-rw-r--r-- | htdocs/moderate/login.php | 54 | ||||
-rw-r--r-- | htdocs/moderate/src/accounts.inc.php | 67 | ||||
-rw-r--r-- | htdocs/moderate/src/footer.inc.php | 6 | ||||
-rw-r--r-- | htdocs/moderate/src/header.inc.php | 64 |
7 files changed, 428 insertions, 0 deletions
diff --git a/htdocs/moderate/admin.css b/htdocs/moderate/admin.css new file mode 100644 index 0000000..936c3ec --- /dev/null +++ b/htdocs/moderate/admin.css @@ -0,0 +1,99 @@ +body { + font-family: "Lucida Grande", "Lucida Sans", "Lucida", sans-serif; + font-size: 0.75em; + line-height: 1.5em; + + margin-left: 10%; + margin-top: 5%; + width: 60%; +} + +h1 { + font-size: 4em; + margin-bottom: 1.25em; +} + +a, a:visited { + color: #1070c0; + text-decoration: none; +} + +#content { + width: 75%; + padding-left: 3em; + +} + +#nav { + float: right; +} + +#nav ul { + padding-left: 1em; + list-style: none; +} + +#search { + float: right; + margin-top: -2em; +} + +#listing { + margin-top: 1.5em; +} + +#listing .header { + background: #555; + padding: 0.75em; + color: white; + font-weight: bold; + font-size: 120%; +} + +#listing .row0, #listing .row1 { + border-top: solid thin #AAA; + padding: 0.75em; +} + +#listing .row0 { +} + +#listing .row1 { +} + +#listing .col0 { + display: inline-block; + width: 100px; + text-align: center; +} + + +.element input[type=text], .element input[type=password] { + width: 90%; + padding: .5em; +} + +label { + font-weight: bold; +} + +.element { + margin-bottom: 1.25em; +} + +.buttons { + float: right; + margin-right: 10%; +} + +div.error { + background: #FAA; + border: solid red 2px; + padding: 1.5em; + margin: 2em 0 2em 0; + width: 90%; +} + +p { + margin: 0; +} diff --git a/htdocs/moderate/changepassword.php b/htdocs/moderate/changepassword.php new file mode 100644 index 0000000..646af94 --- /dev/null +++ b/htdocs/moderate/changepassword.php @@ -0,0 +1,88 @@ +<?php +/* $Id: changepassword.php 134 2011-03-08 23:35:57Z jessemorgan $ */ + +require_once('../src/base.inc.php'); + +if (!isset($_SESSION['currentUser'])) { + header('Location: ' . $CONFIG['siteroot'].'/admin/login.php'); + exit(); +} + +require_once('src/accounts.inc.php'); + +$form['errors'] = ""; + +if (count($_POST) > 0) { + $errors = array(); + + if (!isset($_POST['oldpassword']) or $_POST['oldpassword'] == '') { + $errors[] = "Old Password is a required field."; + } + + if (!isset($_POST['newpassword']) or $_POST['newpassword'] == '') { + $errors[] = "New Password is a required field."; + } + + if (!isset($_POST['newpassword2']) or $_POST['newpassword2'] == '') { + $errors[] = "Confirm New Password is a required field."; + } + + if (count($errors) == 0) { + if ($_POST['newpassword'] != $_POST['newpassword2']) { + $errors[] = "New password must match Confirm New Password"; + } + + $user = getAccount($_SESSION['currentUser']['id']); + + if (sha1($_POST['oldpassword']) != $user['password']) { + $errors[] = "Old Password does not match your current password."; + + } else { + // Update the password + updatePassword($_SESSION['currentUser']['id'], $_POST['newpassword']); + + header("Location: index.php"); + } + } + + + if (count($errors) > 0) { + $form['errors'] = "<ul><li>". implode("</li>\n<li>", $errors) ."</li></ul>"; + } +} + +require_once('src/header.inc.php'); + +?> + +<h2>Change Password</h2> + +<?php + echo $form['errors']; +?> + +<form method="post"> +<label>Old Password</label> +<div class="element"> + <input type="password" name="oldpassword" /> +</div> + +<label>New Password</label> +<div class="element"> + <input type="password" name="newpassword" /> +</div> + +<label>Confirm New Password</label> +<div class="element"> + <input type="password" name="newpassword2" /> +</div> + +<div class="buttons"> + <input type="submit" value="Change Password" /> +</div> + +<?php + +require_once('src/footer.inc.php'); + +?> diff --git a/htdocs/moderate/index.php b/htdocs/moderate/index.php new file mode 100644 index 0000000..454a514 --- /dev/null +++ b/htdocs/moderate/index.php @@ -0,0 +1,50 @@ +<?php + +/* Foursquare Community Site + * + * Copyright (C) 2011 Foursquare Church. + * + * Developers: Jesse Morgan <jmorgan@foursquarestaff.com> + * + */ + +require_once('../src/base.inc.php'); + +if (!isset($_SESSION['currentUser'])) { + header('Location: ' . $CONFIG['urlroot'].'/moderate/login.php'); + exit(); +} + +require_once('header.inc.php'); + +?> + +<h2>Welcome</h2> + +<?php + +// List posts to be approved +echo "<h3>Moderate Posts</h3>"; + +$posts = new PostIterator(); +$posts->filterStage('moderation'); +$posts->query(); + +// TODO: Also filter by source? + +if ($posts->valid()) { + foreach ($posts as $id => $post) { + printf("<div class=\"post\"><p><a href=\"preview/%s\">%s</a></p>" + . "<div class=\"options\"><a href=\"approve/%s\">Approve</a>" + . " <a href=\"reject/%s\">Reject</a></div></div>", + + $id, $post->getName(), $id, $id); + } + +} else { + echo "<p>No posts awaiting approval</p>"; +} + +require_once('footer.inc.php'); + +?> diff --git a/htdocs/moderate/login.php b/htdocs/moderate/login.php new file mode 100644 index 0000000..92cddc1 --- /dev/null +++ b/htdocs/moderate/login.php @@ -0,0 +1,54 @@ +<?php + +require_once('../src/base.inc.php'); + +$error = ""; + +if (isset($_GET['logout'])) { + unset($_SESSION['currentUser']); +} + +if (isset($_POST['login_email']) and isset($_POST['login_password'])) { + $user = User::getByEmail(addslashes($_POST['login_email'])); + + if ($user and $user->authenticate($_POST['login_password'])) { + $_SESSION['currentUser'] = $user; + header('Location: index.php'); + + } else { + $error = "<div class=\"error\">Invalid Username/Password</div>"; + } +} + +require_once('header.inc.php'); + +?> + + +<h2>Login</h2> + +<?php echo $error; ?> + +<form method="post"> + +<label>Email</label> +<div class="element"> + <input type="text" name="login_email" /> +</div> + +<label>Password</label> +<div class="element"> + <input type="password" name="login_password" /> +</div> + +<div> + <input type="submit" value="Login" /> +</div> + +</form> + +<?php + +require_once('footer.inc.php'); + +?> diff --git a/htdocs/moderate/src/accounts.inc.php b/htdocs/moderate/src/accounts.inc.php new file mode 100644 index 0000000..fac6c7c --- /dev/null +++ b/htdocs/moderate/src/accounts.inc.php @@ -0,0 +1,67 @@ +<?php +/* $Id: accounts.inc.php 134 2011-03-08 23:35:57Z jessemorgan $ */ + +function getAccount($id) { + $query = "SELECT * FROM jpm_users WHERE" + . "`id`='$id' OR `email`='$id'"; + + $db = getDatabase(); + + $results = array(); + + try { + $results = $db->fetchAssocRow($query); + + } catch (Cif_Database_Exception $e) { + $results = false; + } + + return $results; +} + +function updatePassword($id, $password) { + $db = getDatabase(); + + $row['password'] = sha1($password); + + $db->update('jpm_users', $row, "WHERE `id`='$id'"); +} + +function getAccounts($s) { + $query = "SELECT * FROM jpm_users"; + + if (!is_null($s)) { + $s = addslashes($s); + $query .= " WHERE name LIKE '%$s%' OR email LIKE '%$s%'"; + } + + $query .= " ORDER BY name"; + + $db = getDatabase(); + + $results = array(); + + try { + $results = $db->fetchAssocRows($query); + + } catch (Cif_Database_Exception $e) { + $results = array(); + } + + return $results; +} + +function generatePassword() { + $alphabet = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz123456789!@#$%*()"; + $length = strlen($alphabet); + + $password = ''; + for ($i = 0; $i < 8; $i++) { + $pos = rand(0, $length - 1); + $password .= substr($alphabet, $pos, 1); + } + + return $password; +} + +?> diff --git a/htdocs/moderate/src/footer.inc.php b/htdocs/moderate/src/footer.inc.php new file mode 100644 index 0000000..96d3e78 --- /dev/null +++ b/htdocs/moderate/src/footer.inc.php @@ -0,0 +1,6 @@ +<?php /* $Id: footer.inc.php 134 2011-03-08 23:35:57Z jessemorgan $ */ ?> +</div> + + +</body> +</html> diff --git a/htdocs/moderate/src/header.inc.php b/htdocs/moderate/src/header.inc.php new file mode 100644 index 0000000..4310009 --- /dev/null +++ b/htdocs/moderate/src/header.inc.php @@ -0,0 +1,64 @@ +<?php +/* $Id: header.inc.php 151 2011-04-19 23:21:06Z jessemorgan $ */ + +if (!isset($SESSION['currentUser']['id'])) { + if (isset($_POST['login_email']) and isset($_POST['login_password'])) { + $db = getDatabase(); + + $email = addslashes($_POST['login_email']); + $password = sha1($_POST['password']); + + $query = "SELECT * FROM jpm_users WHERE `email`='$email' AND `password`='$password'"; + $result = $db->fetchAssocRow($query); + + if ($result) { + $SESSION['currentUser'] = $result; + } + + } +} + +?><!DOCTYPE html> +<html> +<head> + <link rel="stylesheet" type="text/css" href="<?= $CONFIG['siteroot']?>/admin/admin.css" /> + + <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js"></script> + <script> + $(document).ready(function() { + $('a.delete').click(function() { + return confirm('Are you sure you want to delete this?'); + + }); + + $('a.delete img').hover(function() { + $(this).attr('src', '<?= $CONFIG['siteroot'] ?>/admin/images/delete.png'); + }, + function() { + $(this).attr('src', '<?= $CONFIG['siteroot'] ?>/admin/images/deletegray.png'); + }); + + }); + </script> + +</head> +<body> + +<h1><a href="<?= $CONFIG['siteroot']?>/admin/index.php">Foursquare Admin Panel</a></h1> +<div id="nav"> + <h2>Navigation</h2> + <ul> + <li><a href="<?= $CONFIG['siteroot']?>/admin/online-campus">Online Services</a> + <ul> + <li><a href="<?= $CONFIG['siteroot']?>/admin/online-campus/attendance">Online Attendance</a></li> + </ul> + </li> + + <li><a href="<?= $CONFIG['siteroot']?>/troubleshoot.php">Troubleshooting Page</a></li> + <li><a href="<?= $CONFIG['siteroot']?>/admin/accounts/">Accounts</a></li> + <li><a href="<?= $CONFIG['siteroot']?>/admin/changepassword.php">Change Password</a></li> + <li><a href="<?= $CONFIG['siteroot']?>/admin/login.php?logout">Logout</a></li> + </ul> +</div> + +<div id="content"> |