Skip to content
Snippets Groups Projects
Commit 66a0a8a4 authored by Tim Repke's avatar Tim Repke
Browse files

cleanup admin commons, prepare for env in admin

parent 1cad771d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
registration-system/admin/commons_admin.php
+ 2
86
View file @ 66a0a8a4
......@@ -12,91 +12,6 @@ function generateNavigationItems($page, $menu)
return $text;
}
function checkIfLogin()
{
if(isset($_GET['logout']))
setLoggedIn("");
if(!isset($_POST['user']) || !isset($_POST['password']))
return;
$user = $_POST['user'];
$password = $_POST['password'];
if (isValidUser($user, $password))
setLoggedIn($user);
}
function isValidUser($user, $password)
{
$config_admins = readUserFile();
foreach($config_admins as $cfg_user => $cfg_password)
{
if ($cfg_user != $user)
continue;
$cfg_password = $cfg_password["pw"];
if ($cfg_password[0] == '{')
{
if (strpos($cfg_password, "{SHA254}") >= 0)
{
$beginOfSalt = strpos($cfg_password, "$");
$salt = substr($cfg_password, 9, strpos($cfg_password, "$") - 9);
$hash = substr($cfg_password, $beginOfSalt + 1);
if (hash('sha256', $password . $salt) == $hash)
return true;
}
}
else
{
// TODO: ONLY sha256 yet, others not implemented
}
}
return false;
}
function readUserFile(){
global $config_userfile;
$ret = [];
$handle = fopen($config_userfile, "r");
if ($handle) {
while (($line = fgets($handle)) !== false) {
$tmp = explode(" ", $line);
if(count($tmp)>=3){
$ret[$tmp[1]] = ["pw" => $tmp[2], "sa" => $tmp[0]];
}
}
} else { }
fclose($handle);
return $ret;
}
function isSuperAdmin(){
$config_admins = readUserFile();
return isset($_SESSION['loggedIn']) && isset($config_admins[$_SESSION['loggedIn']]) && $config_admins[$_SESSION['loggedIn']]['sa'] === "S";
}
function isLoggedIn()
{
return isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] != '';
}
function setLoggedIn($user)
{
if ($user != ""){
comm_admin_verbose(2,"login");
$_SESSION['loggedIn'] = $user;
}else
{
comm_admin_verbose(2,"logout");
session_destroy();
header("location: ..");
}
}
function comm_admin_verbose($level, $text){
global $config_admin_verbose_level;
if($config_admin_verbose_level >= $level) {
......@@ -107,7 +22,6 @@ function comm_admin_verbose($level, $text){
}
}
/**
* Puts out Label and Selection box
*
......@@ -116,6 +30,7 @@ function comm_admin_verbose($level, $text){
* @param $values
* @param $selected
* @param $subtext
* @return string
*/
function admin_show_formular_helper_sel($name, $id, $values, $selected, $subtext){
$r = '<label>'.$name.'
......@@ -143,6 +58,7 @@ function admin_show_formular_helper_sel($name, $id, $values, $selected, $subtext
* @param $values2
* @param $selected2
* @param $subtext
* @return string
*/
function admin_show_formular_helper_sel2($name, $id, $values, $selected, $id2, $values2, $selected2, $subtext){
$r = '<label style="text-align:left">'.$name.'
......
registration-system/admin/index.php
+ 39
32
View file @ 66a0a8a4
......@@ -6,7 +6,7 @@
* Time: 4:19 PM
*/
error_reporting(E_ALL);
ini_set("display_errors",1);
ini_set("display_errors", 1);
session_start();
......@@ -15,21 +15,22 @@ require_once("../frameworks/commons.php");
require_once("pages.php");
require_once("../config.inc.php");
require_once("../frameworks/medoo.php");
require_once('../frameworks/Environment.php');
require '../lang.php';
$template = file_get_contents("../view/admin_template.html");
$title = "FSFahrt - Admin Panel";
$navigation = "";
$headers = "";
$header = "";
$footer = "";
$header = "";
$footer = "";
$text = "";
$ajax = "";
checkIfLogin();
$environment = Environment::getEnv(true);
if (isLoggedIn())
{
if ($environment->isAdmin()) {
$menu = array(
"Anmeldung" => "front",
"Übersicht" => "stuff",
......@@ -40,62 +41,68 @@ if (isLoggedIn())
"Notizen" => "notes",
"Listenexport" => "export",
"Infos" => "infos",
"SA*" => "admin"
"SA*" => "admin"
);
$admin_db = new medoo(array(
'database_type' => $config_db["type"],
'database_name' => $config_db["name"],
'server' => $config_db["host"],
'username' => $config_db["user"],
'password' => $config_db["pass"]
'server' => $config_db["host"],
'username' => $config_db["user"],
'password' => $config_db["pass"]
));
$page = isset($_GET['page']) ? $_GET['page'] : "";
$navigation = generateNavigationItems($page, $menu);
switch($page)
{
switch ($page) {
case "front":
page_front(); break;
page_front();
break;
case "":
case "stuff":
page_stuff(); break;
page_stuff();
break;
case "list":
page_list(); break;
page_list();
break;
case "wl":
page_wl(); break;
page_wl();
break;
case "cost":
page_cost(); break;
page_cost();
break;
case "mail":
page_mail(); break;
page_mail();
break;
case "notes":
page_notes(); break;
page_notes();
break;
case "export":
page_export(); break;
page_export();
break;
case "infos":
page_infos(); break;
page_infos();
break;
case "admin":
if(isSuperAdmin()) page_sa();
if (isSuperAdmin()) page_sa();
else page_404($page);
break;
default:
page_404($page);
}
}
else
{
} else {
$text .= file_get_contents("../view/admin_login_form.html");
}
if(isset($_REQUEST['ajax']))
if (isset($_REQUEST['ajax']))
echo $ajax;
else{
else {
$rep = ["{headers}" => $headers,
"{text}" => $text,
"{navigation}" => $navigation,
"{title}" => $title,
"{header}" => $header,
"{footer}" => $footer];
"{text}" => $text,
"{navigation}" => $navigation,
"{title}" => $title,
"{header}" => $header,
"{footer}" => $footer];
echo str_replace(array_keys($rep), array_values($rep), $template);
}
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Impressum | Datenschutzerklärung