From dd24e2c973a7979894971bdc38d904d2aecc7d5d Mon Sep 17 00:00:00 2001
From: Jesse Morgan <jesse@jesterpm.net>
Date: Thu, 12 May 2011 16:59:36 -0700
Subject: Well, you can see posts on the moderation panel now

---
 htdocs/moderate/admin.css            | 99 ++++++++++++++++++++++++++++++++++++
 htdocs/moderate/changepassword.php   | 88 ++++++++++++++++++++++++++++++++
 htdocs/moderate/index.php            | 50 ++++++++++++++++++
 htdocs/moderate/login.php            | 54 ++++++++++++++++++++
 htdocs/moderate/src/accounts.inc.php | 67 ++++++++++++++++++++++++
 htdocs/moderate/src/footer.inc.php   |  6 +++
 htdocs/moderate/src/header.inc.php   | 64 +++++++++++++++++++++++
 7 files changed, 428 insertions(+)
 create mode 100644 htdocs/moderate/admin.css
 create mode 100644 htdocs/moderate/changepassword.php
 create mode 100644 htdocs/moderate/index.php
 create mode 100644 htdocs/moderate/login.php
 create mode 100644 htdocs/moderate/src/accounts.inc.php
 create mode 100644 htdocs/moderate/src/footer.inc.php
 create mode 100644 htdocs/moderate/src/header.inc.php

(limited to 'htdocs/moderate')

diff --git a/htdocs/moderate/admin.css b/htdocs/moderate/admin.css
new file mode 100644
index 0000000..936c3ec
--- /dev/null
+++ b/htdocs/moderate/admin.css
@@ -0,0 +1,99 @@
+body {
+    font-family: "Lucida Grande", "Lucida Sans", "Lucida", sans-serif;
+	font-size: 0.75em;
+    line-height: 1.5em;
+
+    margin-left: 10%;
+    margin-top: 5%;
+    width: 60%;
+}
+
+h1 {
+    font-size: 4em;
+    margin-bottom: 1.25em;
+}
+
+a, a:visited {
+    color: #1070c0;
+    text-decoration: none;
+}
+
+#content {
+    width: 75%;
+    padding-left: 3em;
+
+}
+
+#nav {
+    float: right;
+}
+
+#nav ul {
+    padding-left: 1em;
+    list-style: none;
+}
+
+#search {
+    float: right;
+    margin-top: -2em;
+}
+
+#listing {
+    margin-top: 1.5em;
+}
+
+#listing .header {
+    background: #555;
+    padding: 0.75em;
+    color: white;
+    font-weight: bold;
+    font-size: 120%;
+}
+
+#listing .row0, #listing .row1 {
+    border-top: solid thin #AAA;
+    padding: 0.75em;
+}
+
+#listing .row0 {
+}
+
+#listing .row1 {
+}
+
+#listing .col0 {
+    display: inline-block;
+    width: 100px;
+    text-align: center;
+}
+
+
+.element input[type=text], .element input[type=password] {
+    width: 90%;
+    padding: .5em;
+}
+
+label {
+    font-weight: bold;
+}
+
+.element {
+    margin-bottom: 1.25em;
+}
+
+.buttons {
+    float: right;
+    margin-right: 10%;
+}
+
+div.error {
+    background: #FAA;
+    border: solid red 2px;
+    padding: 1.5em;
+    margin: 2em 0 2em 0;
+    width: 90%;
+}
+
+p {
+    margin: 0;
+}
diff --git a/htdocs/moderate/changepassword.php b/htdocs/moderate/changepassword.php
new file mode 100644
index 0000000..646af94
--- /dev/null
+++ b/htdocs/moderate/changepassword.php
@@ -0,0 +1,88 @@
+<?php
+/* $Id: changepassword.php 134 2011-03-08 23:35:57Z jessemorgan $ */
+
+require_once('../src/base.inc.php');
+
+if (!isset($_SESSION['currentUser'])) {
+    header('Location: ' . $CONFIG['siteroot'].'/admin/login.php');
+    exit();
+}
+
+require_once('src/accounts.inc.php');
+
+$form['errors'] = "";
+
+if (count($_POST) > 0) {
+    $errors = array();
+
+    if (!isset($_POST['oldpassword']) or $_POST['oldpassword'] == '') {
+        $errors[] = "Old Password is a required field.";
+    }
+
+    if (!isset($_POST['newpassword']) or $_POST['newpassword'] == '') {
+        $errors[] = "New Password is a required field.";
+    }
+
+    if (!isset($_POST['newpassword2']) or $_POST['newpassword2'] == '') {
+        $errors[] = "Confirm New Password is a required field.";
+    }
+
+    if (count($errors) == 0) {
+        if ($_POST['newpassword'] != $_POST['newpassword2']) {
+            $errors[] = "New password must match Confirm New Password";
+        }
+    
+        $user = getAccount($_SESSION['currentUser']['id']);
+        
+        if (sha1($_POST['oldpassword']) != $user['password']) {
+            $errors[] = "Old Password does not match your current password.";
+        
+        } else {
+            // Update the password
+            updatePassword($_SESSION['currentUser']['id'], $_POST['newpassword']);
+
+            header("Location: index.php");
+        }
+    }
+            
+    
+    if (count($errors) > 0) {
+        $form['errors'] = "<ul><li>". implode("</li>\n<li>", $errors) ."</li></ul>";
+    }
+}
+
+require_once('src/header.inc.php');
+
+?>
+
+<h2>Change Password</h2>
+
+<?php
+    echo $form['errors'];
+?>
+
+<form method="post">
+<label>Old Password</label>
+<div class="element">
+    <input type="password" name="oldpassword" />
+</div>
+
+<label>New Password</label>
+<div class="element">
+    <input type="password" name="newpassword" />
+</div>
+
+<label>Confirm New Password</label>
+<div class="element">
+    <input type="password" name="newpassword2" />
+</div>
+
+<div class="buttons">
+    <input type="submit" value="Change Password" />
+</div>
+
+<?php
+
+require_once('src/footer.inc.php');
+
+?>
diff --git a/htdocs/moderate/index.php b/htdocs/moderate/index.php
new file mode 100644
index 0000000..454a514
--- /dev/null
+++ b/htdocs/moderate/index.php
@@ -0,0 +1,50 @@
+<?php
+
+/* Foursquare Community Site
+ * 
+ * Copyright (C) 2011 Foursquare Church.
+ * 
+ * Developers: Jesse Morgan <jmorgan@foursquarestaff.com>
+ *
+ */
+
+require_once('../src/base.inc.php');
+
+if (!isset($_SESSION['currentUser'])) {
+    header('Location: ' . $CONFIG['urlroot'].'/moderate/login.php');
+    exit();
+}
+
+require_once('header.inc.php');
+
+?>
+
+<h2>Welcome</h2>
+
+<?php
+
+// List posts to be approved
+echo "<h3>Moderate Posts</h3>";
+
+$posts = new PostIterator();
+$posts->filterStage('moderation');
+$posts->query();
+
+// TODO: Also filter by source?
+
+if ($posts->valid()) {
+    foreach ($posts as $id => $post) {
+        printf("<div class=\"post\"><p><a href=\"preview/%s\">%s</a></p>"
+                . "<div class=\"options\"><a href=\"approve/%s\">Approve</a>"
+                . " <a href=\"reject/%s\">Reject</a></div></div>",
+                
+                $id, $post->getName(), $id, $id);
+    }
+
+} else {
+    echo "<p>No posts awaiting approval</p>";
+}
+
+require_once('footer.inc.php');
+
+?>
diff --git a/htdocs/moderate/login.php b/htdocs/moderate/login.php
new file mode 100644
index 0000000..92cddc1
--- /dev/null
+++ b/htdocs/moderate/login.php
@@ -0,0 +1,54 @@
+<?php
+
+require_once('../src/base.inc.php');
+
+$error = "";
+
+if (isset($_GET['logout'])) {
+    unset($_SESSION['currentUser']);
+}
+
+if (isset($_POST['login_email']) and isset($_POST['login_password'])) {
+    $user = User::getByEmail(addslashes($_POST['login_email']));
+
+    if ($user and $user->authenticate($_POST['login_password'])) {
+        $_SESSION['currentUser'] = $user;
+        header('Location: index.php');
+
+    } else {
+        $error = "<div class=\"error\">Invalid Username/Password</div>";
+    }
+}
+
+require_once('header.inc.php');
+
+?>
+
+
+<h2>Login</h2>
+
+<?php echo $error; ?>
+
+<form method="post">
+
+<label>Email</label>
+<div class="element">
+    <input type="text" name="login_email" />
+</div>
+
+<label>Password</label>
+<div class="element">
+    <input type="password" name="login_password" />
+</div>
+
+<div>
+    <input type="submit" value="Login" />
+</div>
+
+</form>
+
+<?php
+    
+require_once('footer.inc.php');
+
+?>
diff --git a/htdocs/moderate/src/accounts.inc.php b/htdocs/moderate/src/accounts.inc.php
new file mode 100644
index 0000000..fac6c7c
--- /dev/null
+++ b/htdocs/moderate/src/accounts.inc.php
@@ -0,0 +1,67 @@
+<?php
+/* $Id: accounts.inc.php 134 2011-03-08 23:35:57Z jessemorgan $ */
+
+function getAccount($id) {
+    $query = "SELECT * FROM jpm_users WHERE"
+        . "`id`='$id' OR `email`='$id'";
+    
+    $db = getDatabase();
+
+    $results = array();
+
+    try {
+        $results = $db->fetchAssocRow($query);
+
+    } catch (Cif_Database_Exception $e) {
+        $results = false;
+    }
+
+    return $results;
+}
+
+function updatePassword($id, $password) {
+    $db = getDatabase();
+
+    $row['password'] = sha1($password);
+    
+    $db->update('jpm_users', $row, "WHERE `id`='$id'");
+}
+
+function getAccounts($s) {
+    $query = "SELECT * FROM jpm_users";
+    
+    if (!is_null($s)) {
+        $s = addslashes($s);
+        $query .= " WHERE name LIKE '%$s%' OR email LIKE '%$s%'";
+    }
+
+    $query .= " ORDER BY name";
+    
+    $db = getDatabase();
+
+    $results = array();
+
+    try {
+        $results = $db->fetchAssocRows($query);
+
+    } catch (Cif_Database_Exception $e) {
+        $results = array();
+    }
+
+    return $results;
+}
+
+function generatePassword() {
+    $alphabet = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz123456789!@#$%*()";
+    $length = strlen($alphabet);
+
+    $password = '';
+    for ($i = 0; $i < 8; $i++) {
+        $pos = rand(0, $length - 1);
+        $password .= substr($alphabet, $pos, 1); 
+    }
+
+    return $password;
+}
+
+?>
diff --git a/htdocs/moderate/src/footer.inc.php b/htdocs/moderate/src/footer.inc.php
new file mode 100644
index 0000000..96d3e78
--- /dev/null
+++ b/htdocs/moderate/src/footer.inc.php
@@ -0,0 +1,6 @@
+<?php /* $Id: footer.inc.php 134 2011-03-08 23:35:57Z jessemorgan $ */ ?>
+</div>
+
+
+</body>
+</html>
diff --git a/htdocs/moderate/src/header.inc.php b/htdocs/moderate/src/header.inc.php
new file mode 100644
index 0000000..4310009
--- /dev/null
+++ b/htdocs/moderate/src/header.inc.php
@@ -0,0 +1,64 @@
+<?php
+/* $Id: header.inc.php 151 2011-04-19 23:21:06Z jessemorgan $ */
+
+if (!isset($SESSION['currentUser']['id'])) {
+    if (isset($_POST['login_email']) and isset($_POST['login_password'])) {
+        $db = getDatabase();
+
+        $email = addslashes($_POST['login_email']);
+        $password = sha1($_POST['password']);
+
+        $query = "SELECT * FROM jpm_users WHERE `email`='$email' AND `password`='$password'";
+        $result = $db->fetchAssocRow($query);
+
+        if ($result) { 
+            $SESSION['currentUser'] = $result;
+        }
+    
+    }
+}
+
+?><!DOCTYPE html>
+<html>
+<head>
+    <link rel="stylesheet" type="text/css" href="<?= $CONFIG['siteroot']?>/admin/admin.css" />
+
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js"></script>
+    <script>
+        $(document).ready(function() {
+            $('a.delete').click(function() {
+                return confirm('Are you sure you want to delete this?');
+
+            });
+
+            $('a.delete img').hover(function() {
+                    $(this).attr('src', '<?= $CONFIG['siteroot'] ?>/admin/images/delete.png');
+                },
+                function() {
+                    $(this).attr('src', '<?= $CONFIG['siteroot'] ?>/admin/images/deletegray.png');
+                });
+
+        });
+    </script>
+
+</head>
+<body>
+
+<h1><a href="<?= $CONFIG['siteroot']?>/admin/index.php">Foursquare Admin Panel</a></h1>
+<div id="nav">
+    <h2>Navigation</h2>
+    <ul>
+        <li><a href="<?= $CONFIG['siteroot']?>/admin/online-campus">Online Services</a>
+            <ul>
+            <li><a href="<?= $CONFIG['siteroot']?>/admin/online-campus/attendance">Online Attendance</a></li>
+            </ul>
+        </li>
+
+        <li><a href="<?= $CONFIG['siteroot']?>/troubleshoot.php">Troubleshooting Page</a></li>
+        <li><a href="<?= $CONFIG['siteroot']?>/admin/accounts/">Accounts</a></li>
+        <li><a href="<?= $CONFIG['siteroot']?>/admin/changepassword.php">Change Password</a></li>
+        <li><a href="<?= $CONFIG['siteroot']?>/admin/login.php?logout">Logout</a></li>
+    </ul>
+</div>
+
+<div id="content">
-- 
cgit v1.2.3