From 947ce5394c3eb84d4dfd69320d5647dbc4418a04 Mon Sep 17 00:00:00 2001
From: Tim Repke <timmothey@gmx.de>
Date: Fri, 14 Oct 2016 23:29:30 +0200
Subject: [PATCH] cleanup admin commons, prepare for env in admin
---
registration-system/admin/commons_admin.php | 88 +--------------------
registration-system/admin/index.php | 71 +++++++++--------
2 files changed, 41 insertions(+), 118 deletions(-)
diff --git a/registration-system/admin/commons_admin.php b/registration-system/admin/commons_admin.php
index 8a81cd8..bc641d7 100644
--- a/registration-system/admin/commons_admin.php
+++ b/registration-system/admin/commons_admin.php
@@ -12,91 +12,6 @@ function generateNavigationItems($page, $menu)
return $text;
}
-function checkIfLogin()
-{
-
- if(isset($_GET['logout']))
- setLoggedIn("");
-
- if(!isset($_POST['user']) || !isset($_POST['password']))
- return;
-
- $user = $_POST['user'];
- $password = $_POST['password'];
-
-
- if (isValidUser($user, $password))
- setLoggedIn($user);
-}
-
-function isValidUser($user, $password)
-{
- $config_admins = readUserFile();
- foreach($config_admins as $cfg_user => $cfg_password)
- {
- if ($cfg_user != $user)
- continue;
- $cfg_password = $cfg_password["pw"];
- if ($cfg_password[0] == '{')
- {
- if (strpos($cfg_password, "{SHA254}") >= 0)
- {
- $beginOfSalt = strpos($cfg_password, "$");
- $salt = substr($cfg_password, 9, strpos($cfg_password, "$") - 9);
- $hash = substr($cfg_password, $beginOfSalt + 1);
-
- if (hash('sha256', $password . $salt) == $hash)
- return true;
- }
- }
- else
- {
- // TODO: ONLY sha256 yet, others not implemented
- }
- }
- return false;
-}
-
-function readUserFile(){
- global $config_userfile;
- $ret = [];
-
- $handle = fopen($config_userfile, "r");
- if ($handle) {
- while (($line = fgets($handle)) !== false) {
- $tmp = explode(" ", $line);
- if(count($tmp)>=3){
- $ret[$tmp[1]] = ["pw" => $tmp[2], "sa" => $tmp[0]];
- }
- }
- } else { }
- fclose($handle);
- return $ret;
-}
-
-function isSuperAdmin(){
- $config_admins = readUserFile();
- return isset($_SESSION['loggedIn']) && isset($config_admins[$_SESSION['loggedIn']]) && $config_admins[$_SESSION['loggedIn']]['sa'] === "S";
-}
-
-function isLoggedIn()
-{
- return isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] != '';
-}
-
-function setLoggedIn($user)
-{
- if ($user != ""){
- comm_admin_verbose(2,"login");
- $_SESSION['loggedIn'] = $user;
- }else
- {
- comm_admin_verbose(2,"logout");
- session_destroy();
- header("location: ..");
- }
-}
-
function comm_admin_verbose($level, $text){
global $config_admin_verbose_level;
if($config_admin_verbose_level >= $level) {
@@ -107,7 +22,6 @@ function comm_admin_verbose($level, $text){
}
}
-
/**
* Puts out Label and Selection box
*
@@ -116,6 +30,7 @@ function comm_admin_verbose($level, $text){
* @param $values
* @param $selected
* @param $subtext
+ * @return string
*/
function admin_show_formular_helper_sel($name, $id, $values, $selected, $subtext){
$r = '<label>'.$name.'
@@ -143,6 +58,7 @@ function admin_show_formular_helper_sel($name, $id, $values, $selected, $subtext
* @param $values2
* @param $selected2
* @param $subtext
+ * @return string
*/
function admin_show_formular_helper_sel2($name, $id, $values, $selected, $id2, $values2, $selected2, $subtext){
$r = '<label style="text-align:left">'.$name.'
diff --git a/registration-system/admin/index.php b/registration-system/admin/index.php
index 1de8f8f..2141abb 100644
--- a/registration-system/admin/index.php
+++ b/registration-system/admin/index.php
@@ -6,7 +6,7 @@
* Time: 4:19 PM
*/
error_reporting(E_ALL);
-ini_set("display_errors",1);
+ini_set("display_errors", 1);
session_start();
@@ -15,21 +15,22 @@ require_once("../frameworks/commons.php");
require_once("pages.php");
require_once("../config.inc.php");
require_once("../frameworks/medoo.php");
+require_once('../frameworks/Environment.php');
require '../lang.php';
$template = file_get_contents("../view/admin_template.html");
$title = "FSFahrt - Admin Panel";
$navigation = "";
$headers = "";
-$header = "";
-$footer = "";
+$header = "";
+$footer = "";
$text = "";
$ajax = "";
-checkIfLogin();
+$environment = Environment::getEnv(true);
-if (isLoggedIn())
-{
+
+if ($environment->isAdmin()) {
$menu = array(
"Anmeldung" => "front",
"Ãœbersicht" => "stuff",
@@ -40,62 +41,68 @@ if (isLoggedIn())
"Notizen" => "notes",
"Listenexport" => "export",
"Infos" => "infos",
- "SA*" => "admin"
+ "SA*" => "admin"
);
$admin_db = new medoo(array(
'database_type' => $config_db["type"],
'database_name' => $config_db["name"],
- 'server' => $config_db["host"],
- 'username' => $config_db["user"],
- 'password' => $config_db["pass"]
+ 'server' => $config_db["host"],
+ 'username' => $config_db["user"],
+ 'password' => $config_db["pass"]
));
$page = isset($_GET['page']) ? $_GET['page'] : "";
$navigation = generateNavigationItems($page, $menu);
- switch($page)
- {
+ switch ($page) {
case "front":
- page_front(); break;
+ page_front();
+ break;
case "":
case "stuff":
- page_stuff(); break;
+ page_stuff();
+ break;
case "list":
- page_list(); break;
+ page_list();
+ break;
case "wl":
- page_wl(); break;
+ page_wl();
+ break;
case "cost":
- page_cost(); break;
+ page_cost();
+ break;
case "mail":
- page_mail(); break;
+ page_mail();
+ break;
case "notes":
- page_notes(); break;
+ page_notes();
+ break;
case "export":
- page_export(); break;
+ page_export();
+ break;
case "infos":
- page_infos(); break;
+ page_infos();
+ break;
case "admin":
- if(isSuperAdmin()) page_sa();
+ if (isSuperAdmin()) page_sa();
else page_404($page);
break;
default:
page_404($page);
}
-}
-else
-{
+} else {
$text .= file_get_contents("../view/admin_login_form.html");
}
-if(isset($_REQUEST['ajax']))
+if (isset($_REQUEST['ajax']))
echo $ajax;
-else{
+else {
$rep = ["{headers}" => $headers,
- "{text}" => $text,
- "{navigation}" => $navigation,
- "{title}" => $title,
- "{header}" => $header,
- "{footer}" => $footer];
+ "{text}" => $text,
+ "{navigation}" => $navigation,
+ "{title}" => $title,
+ "{header}" => $header,
+ "{footer}" => $footer];
echo str_replace(array_keys($rep), array_values($rep), $template);
}
\ No newline at end of file
--
GitLab