Файл: flexmovies/Script/libs/Admin/index.php
Строк: 340
<?php
if(isset($_GET['page']) && $_GET['page'] == 'Logout')
{
setcookie("admin_username", "", time());
setcookie("admin_password", "", time());
session_unset();
session_destroy();
echo '<script> document.location.href=("'.$LINK['url'].'/index.php?admin&page=settings"); </script>';
}
if(isset($_POST['username']) && isset($_POST['password']) && $_POST['password'] != "" && $_POST['username'] != ""){
$results = $db->query("SELECT * FROM settings");
if($results[0]['admin_username'] == $_POST['username'] && md5($_POST['password']) == $results[0]['admin_password']){
setcookie("admin_username", $_POST['username'], time()+3600);
setcookie("admin_password", md5($_POST['password']), time()+3600);
echo '<script> document.location.href=("'.$LINK['url'].'/index.php?admin&page=settings"); </script>';
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>FLEXmovies Adminpanel</title>
<meta name="description" content="FLEXmovies Adminpanel" />
<meta name="keywords" content="FLEXmovies Adminpanel" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
<link rel="stylesheet" href="<?=$LINK['url'].'/'.$CONF['template'];?>/css/style.css" type="text/css" />
<style>.nav a{color:#665;}</style>
</head>
<body>
<?php
$results = $db->query("SELECT * FROM settings");
if(isset($_COOKIE['admin_username']) && $_COOKIE['admin_username'] == $results[0]['admin_username']&& $_COOKIE['admin_password'] == $results[0]['admin_password']){
if(isset($_GET['page']) && $_GET['page'] == 'del_user' && isset($_GET['user']) && $_GET['user'] != ''){
$db->where('id', $_GET['user']);
if($db->delete('user')) echo '<script> document.location.href=("'.$LINK['url'].'/index.php?admin&page=users"); </script>';
}
if(isset($_POST['title']) && $results[0]['admin_password'] == md5($_POST['admin_password'])){
if(isset($_POST['admin_password_new']) && $_POST['admin_password_new'] != ''){$password = md5($_POST['admin_password_new']); } else{ $password = md5($_POST['admin_password']);}
$updateData = array(
'title' => $_POST['title'],
'description' => $_POST['description'],
'keywords' => $_POST['keywords'],
'language' => $_POST['language'],
'seo_urls' => $_POST['seo_urls'],
'TMDBAPIkey' => $_POST['TMDBAPIkey'],
'fb_appId' => $_POST['fb_appId'],
'fb_secret' => $_POST['fb_secret'],
'admin_password' => $password,
);
$db->where('title', $results[0]['title']);
$results = $db->update('settings', $updateData);
echo '<script> document.location.href=("'.$LINK['url'].'/index.php?admin&page=settings"); </script>';
}
?> <div class="container">
<br>
<div class="container row">
<div class="col-lg-4 hidden-lg">
<ul class="list-group nav">
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=settings"><i class="fa fa-cog"></i> Settings </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=users"><i class="fa fa-user"></i> Users </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=themes"><i class="fa fa-desctop"></i> Themes </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=ads"><i class="fa fa-money"></i> Ads </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/" target="_blank" class="pull-right"><i class="fa fa-share"></i> View Website </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=Logout" class="pull-right"><i class="fa fa-user"></i> Logout </a>
</ul>
</div>
<div class="col-lg-8 ">
<div class="panel" style="padding:10px;">
<?php
if(isset($_GET['page']) && $_GET['page'] == 'users'){
?>
<div class="panel-body row">
<?php
$results = $db->query("SELECT * FROM user ORDER BY id DESC");
$count = $db->query("SELECT COUNT(*) FROM user");
//$countToday = $db->query("SELECT COUNT(*) FROM user WHERE ");
foreach($results as $result){
var_dump($result);
?>
<div class="list-group col-lg-6">
<li href="?user=<?=$result["id"];?>" class="list-group-item">
<div class="media row">
<div class="col-xs-7 col-sm-7 col-md-7 col-lg-7">
<span class="pull-left">
<img class="media-object" src="<?=$result["img"];?>&?width=30&height=30&w=30&h=30" alt="<?=$result["first_name"];?> <?=$result["last_name"];?>">
</span>
<div class="media-body">
<h6 class="media-heading"> <?=$result["first_name"];?> <?=$result["last_name"];?></h6>
</div>
</div>
<div class="btn-group col-xs-5 col-sm-5 col-md-5 col-lg-5">
<a href="<?=$LINK['user'];?><?=$result['id'];?>" target="_blank" class="btn btn-primary btn-sm" style="border-radius:0;">View</a>
<a href="<?=$LINK['url'];?>/index.php?admin&page=del_user&user=<?=$result["id"];?>" class="btn btn-danger btn-sm" style="border-radius:0;">Delete</a>
</div>
</div>
</li>
</div>
<?php
}
?>
</div>
<?php
}elseif(isset($_GET['page']) && $_GET['page'] == 'ads'){
if(isset($_POST['ad_1'])){
function toDBAds($val){
$val = str_replace('"','"',$val);
$val = str_replace(']]]','>',$val);
$val = str_replace('[[[','<',$val);
return $val;
}
$updateData = array(
'ad_1' => toDBAds($_POST["ad_1"]),
'ad_2' => toDBAds($_POST["ad_2"]),
'ad_3' => toDBAds($_POST["ad_3"]),
'ad_4' => toDBAds($_POST["ad_4"]),
'ad_5' => toDBAds($_POST["ad_5"]),
'ad_6' => toDBAds($_POST["ad_6"]),
'ad_7' => toDBAds($_POST["ad_7"]),
'ad_8' => toDBAds($_POST["ad_8"]),
'ad_9' => toDBAds($_POST["ad_9"]),
);
$db->where('title', $results[0]['title']);
$results = $db->update('settings', $updateData);
}
?>
<script src='http://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js'></script>
<script>
$(document).ready(function(){
$("#ads").submit(function(e){
e.preventDefault();
$("textarea").each( function(index){
var input = $(this).val();
input = input.replace(/</g, "[[[");
input = input.replace(/>/g, "]]]");
$(this).val(input);
});
$.post('/index.php?admin&page=ads', $("#ads").serialize(), function (data) {
document.location.href=("<?=$LINK['url'];?>/index.php?admin&page=ads");
});
return false;
});
});
</script>
<form role="form" method="post" id="ads" action="<?=$LINK['url'];?>/index.php">
<div class="form-group"><label>Advertisment 1:</label><textarea class="form-control" rows="3" name="ad_1"><?=$results[0]['ad_1'];?></textarea><p class="help-block">At The Top Of Main Page By Default</p><hr></div>
<div class="form-group"><label>Advertisment 2:</label><textarea class="form-control" rows="3" name="ad_2"><?=$results[0]['ad_2'];?></textarea><p class="help-block">At The Bottom Of Main Page By Default</p><hr></div>
<div class="form-group"><label>Advertisment 3:</label><textarea class="form-control" rows="3" name="ad_3"><?=$results[0]['ad_3'];?></textarea><p class="help-block">On Movies Page By Default</p><hr></div>
<div class="form-group"><label>Advertisment 4:</label><textarea class="form-control" rows="3" name="ad_4"><?=$results[0]['ad_4'];?></textarea><p class="help-block">On TV Shows Page By Default</p><hr></div>
<div class="form-group"><label>Advertisment 5:</label><textarea class="form-control" rows="3" name="ad_5"><?=$results[0]['ad_5'];?></textarea><p class="help-block">On Persons Page By Default</p><hr></div>
<div class="form-group"><label>Advertisment 6:</label><textarea class="form-control" rows="3" name="ad_6"><?=$results[0]['ad_6'];?></textarea><p class="help-block">On Movies Discover Page By Default</p><hr></div>
<div class="form-group"><label>Advertisment 7:</label><textarea class="form-control" rows="3" name="ad_7"><?=$results[0]['ad_7'];?></textarea><p class="help-block">On TV Shows Discover Page By Default</p><hr></div>
<div class="form-group"><label>Advertisment 8:</label><textarea class="form-control" rows="3" name="ad_8"><?=$results[0]['ad_8'];?></textarea><p class="help-block">On People Discover Page By Default</p><hr></div>
<div class="form-group"><label>Advertisment 9:</label><textarea class="form-control" rows="3" name="ad_9"><?=$results[0]['ad_9'];?></textarea><p class="help-block">On Users Discover Page By Default</p><hr></div>
<button type="submit" class="btn btn-primary btn-block">Save</button><br>
</form>
<?php
}elseif(isset($_GET['page']) && $_GET['page'] == 'settings'){
?>
<form role="form" method="post" action="<?=$LINK['url'];?>/index.php?admin&page=settings">
<div class="form-group">
<label>Website Title:</label>
<input type="text" class="form-control" name="title" value="<?=$results[0]['title'];?>">
</div>
<div class="form-group">
<label>Website Description</label>
<textarea class="form-control" rows="3" name="description"><?=$results[0]['description'];?></textarea>
</div>
<div class="form-group">
<label>Website Keywords</label>
<input type="text" class="form-control" name="keywords" value="<?=$results[0]['keywords'];?>">
</div>
<div class="form-group">
<label>Website Language</label>
<select name="language" class="form-control">
<?php
foreach($LANGUAGES as $file){
$file = substr($file, 0, -4);
if($file == $results[0]['language']){echo '<option value="'.$file.'" selected>'.$file.'</option>';}
else{ echo '<option value="'.$file.'">'.$file.'</option>';}
}
?>
</select>
</div>
<div class="form-group">
<label>Seo Urls</label>
<select name="seo_urls" class="form-control">
<?php $s1 = $s2 =0; $results[0]['seo_urls'] == 1 ? $s1 = 'selected' : $s2 = 'selected'; ?>
<option value="1" <?=$s1;?>>Turn On</option>
<option value="0" <?=$s2;?>>Turn Off</option>
</select> <p class="help-block">After turning on urls will looks like this <b>yourwebsite/movie/14</b></p>
</div>
<div class="form-group">
<label>TMDB API key</label>
<input type="text" class="form-control" name="TMDBAPIkey" value="<?=$results[0]['TMDBAPIkey'];?>">
</div>
<div class="form-group">
<label>Facebook APP ID</label>
<input type="text" class="form-control" name="fb_appId" value="<?=$results[0]['fb_appID'];?>">
</div>
<div class="form-group">
<label>Facebook APP Secret</label>
<input type="text" class="form-control" name="fb_secret" value="<?=$results[0]['fb_secret'];?>">
</div>
<div class="form-group">
<label>Admin Username</label>
<input type="text" class="form-control" name="admin_username" value="<?=$results[0]['admin_username'];?>">
</div>
<div class="form-group">
<label>Admin Password</label>
<input type="password" class="form-control" name="admin_password" required>
</div>
<div class="form-group">
<label>Admin New Password</label>
<input type="password" class="form-control" name="admin_password_new">
<p class="help-block">*if you don't want to change password leave this field free </p>
</div>
<button type="submit" class="btn btn-primary btn-block">Save</button><br>
</form>
<?php
}elseif(isset($_GET['page']) && $_GET['page'] == 'themes'){
if(isset($_GET['theme']) && $_GET['theme'] != ''){
$updateData = array(
'template' => $_GET['theme'],
);
$db->where('title', $CONF['title']);
if($db->update('settings', $updateData)) echo '<script> document.location.href=("'.$LINK['url'].'/index.php?admin&page=themes"); </script>';
}
$directory = 'templates/';
$files = glob($directory . "*");
//print each file name
foreach($files as $file)
{
//check to see if the file is a folder/directory
if(is_dir($file))
{
$cfgtemplate = file($file."/config.xml");
$cfgtemplate = implode("", $cfgtemplate);
preg_match("/<name>(.*)</name>/s", $cfgtemplate, $template['name']);
preg_match("/<author>(.*)</author>/s", $cfgtemplate, $template['author']);
preg_match("/<author_url>(.*)</author_url>/s", $cfgtemplate, $template['author_url']);
preg_match("/<thumb>(.*)</thumb>/s", $cfgtemplate, $template['thumb']);
?>
<div class="media panel"><a href="<?=$LINK['url'];?>/index.php?admin&page=themes&theme=<?=$file;?>">
<span class="pull-left">
<img class="media-object" src="<?=$file.$template['thumb'][1];?>" alt="<?=$template['name'][1];?>" style="width:60px; height:60px; margin-right:10px;">
</span>
<div class="media-body" style="padding:5px;">
<h4 class="media-heading"><?=$template['name'][1];?></h4>
By <a href="<?=$template['author_url'][1];?>"><?=$template['author'][1];?></a>
</div></a>
</div>
<?php
}
}
}else{echo '<script> document.location.href=("'.$LINK['url'].'/index.php?admin&page=settings"); </script>';}
?>
</div>
</div>
<div class="col-lg-4 visible-lg">
<ul class="list-group nav">
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=settings"><i class="fa fa-cog"></i> Settings </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=users"><i class="fa fa-user"></i> Users </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=themes"><i class="fa fa-desktop"></i> Themes </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=ads"><i class="fa fa-money"></i> Ads </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/" target="_blank" class="pull-right"><i class="fa fa-share"></i> View Website </a>
<a class="list-group-item" href="<?=$LINK['url'];?>/index.php?admin&page=Logout" class="pull-right"><i class="fa fa-user"></i> Logout </a>
</ul>
</div>
</div>
</body>
</html>
<?php
}else{
?>
<div class="container" style="max-width:500px;">
<form class="form-signin" action="<?=$LINK['url'];?>/index.php?admin" method="post">
<h1 class="text-muted text-center">Adminpanel</h1><br>
<input type="text" class="form-control" placeholder="Username" name="username" required autofocus>
<input type="password" class="form-control" placeholder="Password" name="password" required><br>
<button class="btn btn-primary btn-block" type="submit">
Sign In
</button>
</form>
</div>
<?php
}
?>