diff options
Diffstat (limited to 'admin')
| -rw-r--r-- | admin/callback/index.php | 60 | ||||
| -rw-r--r-- | admin/contact/index.php | 118 | ||||
| -rw-r--r-- | admin/index.php | 45 | ||||
| -rw-r--r-- | admin/login/index.php | 4 | ||||
| -rw-r--r-- | admin/pluralkit/index.php | 50 | ||||
| -rw-r--r-- | admin/projects/index.php | 155 | ||||
| -rw-r--r-- | admin/users/index.php | 75 |
7 files changed, 507 insertions, 0 deletions
diff --git a/admin/callback/index.php b/admin/callback/index.php new file mode 100644 index 0000000..7aaed70 --- /dev/null +++ b/admin/callback/index.php @@ -0,0 +1,60 @@ +<?php + +if (!isset($_GET['code'])) { + throw new ErrorException("GitHub OAuth Flow interrupted", 214, E_ERROR); +} + +$data = array( + 'client_id' => json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/github.json"), true)["id"], + 'client_secret' => json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/github.json"), true)["secret"], + 'code' => $_GET['code'] +); + +$post_data = json_encode($data); + +$crl = curl_init('https://github.com/login/oauth/access_token'); +curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); +curl_setopt($crl, CURLINFO_HEADER_OUT, true); +curl_setopt($crl, CURLOPT_POST, true); +curl_setopt($crl, CURLOPT_POSTFIELDS, $post_data); + +curl_setopt($crl, CURLOPT_HTTPHEADER, array( + 'Content-Type: application/json', + "Accept: application/json" +)); + +$result = curl_exec($crl); + +if ($result === false) { + throw new ErrorException("GitHub OAuth Flow interrupted", 214, E_ERROR); +} + +curl_close($crl); + +$data = json_decode($result, true); +$crl = curl_init('https://api.github.com/user'); +curl_setopt($crl, CURLOPT_RETURNTRANSFER, true); +curl_setopt($crl, CURLINFO_HEADER_OUT, true); +curl_setopt($crl, CURLOPT_POST, false); + +curl_setopt($crl, CURLOPT_HTTPHEADER, array( + 'Content-Type: application/json', + "Accept: application/json", + "Authorization: token " . $data["access_token"], + "User-Agent: ProjectCloudsdale-Admin/0.0.0 (contact@minteck.org)" +)); + +$result = curl_exec($crl); +$ndata = json_decode($result, true); + +if (!in_array($ndata["login"], json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/admins.json"), true))) { + header("Location: /"); + die(); +} + +if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/tokens")) mkdir($_SERVER['DOCUMENT_ROOT'] . "/data/tokens"); +file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $data["access_token"], $ndata["login"]); +setcookie("pcdAdminToken", $data["access_token"], 0, "/"); + +header("Location: /admin"); +die(); diff --git a/admin/contact/index.php b/admin/contact/index.php new file mode 100644 index 0000000..3310762 --- /dev/null +++ b/admin/contact/index.php @@ -0,0 +1,118 @@ +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/session.php"; global $_USER; ?> +<?php + +$projects = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/contact.json"), true); + +if (isset($_GET['submit'])) { + if (isset($_GET["add-project"]) && isset($_GET["add-project-src"])) { + $projects[] = [ + "name" => $_GET["add-project"], + "link" => $_GET["add-project-src"], + "icon" => "about:blank" + ]; + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/contact.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/contact"); + die(); + } + + if (isset($_GET["delete-project"])) { + if (isset($projects[(int)$_GET["delete-project"]])) { + unset($projects[(int)$_GET["delete-project"]]); + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/contact.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/contact"); + die(); + } + } + + if (isset($_GET["edit-project"]) && isset($_GET["edit-project-name"]) && isset($_GET["edit-project-source"]) && isset($_GET["edit-project-icon"])) { + if (isset($projects[(int)$_GET["edit-project"]])) { + $projects[(int)$_GET["edit-project"]]["name"] = $_GET["edit-project-name"]; + $projects[(int)$_GET["edit-project"]]["link"] = $_GET["edit-project-source"]; + $projects[(int)$_GET["edit-project"]]["icon"] = $_GET["edit-project-icon"]; + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/contact.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/contact"); + die(); + } + } +} + +?> +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/header.php"; ?> + +<br> +<div class="container"> + <?php if (isset($_GET['change']) && isset($_GET['edit-project']) && isset($projects[(int)$_GET["edit-project"]])): $project = $projects[(int)$_GET["edit-project"]]; ?> + + <h1>Edit <b><?= $project["name"] ?></b> (<code><?= (int)$_GET["edit-project"] ?></code>)</h1> + + <form> + <p> + Social Network Name:<br> + <input name="edit-project-name" class="form-control" type="text" value="<?= $project["name"] ?>"> + </p> + <p> + Link:<br> + <input name="edit-project-source" class="form-control" type="text" value="<?= $project["link"] ?>"> + </p> + <p> + Icon URL (can be relative):<br> + <input name="edit-project-icon" class="form-control" type="text" value="<?= $project["icon"] ?>"> + </p> + <input name="submit" type="hidden"> + <input name="edit-project" type="hidden" value="<?= (int)$_GET["edit-project"] ?>"> + <button type="submit" class="btn btn-primary">Save and apply changes</button> + </form> + + <?php else: ?> + <h1>Contact Info Management</h1> + <p>Contact info added to this list is publicly shown on the website's Contact page and will lead users to containg you.</p> + + <ul class="list-group"> + <?php foreach (json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/contact.json"), true) as $index => $project): ?> + <li class="list-group-item"> + <span style="vertical-align: middle;padding-top:10px;"> + <img src="<?= $project["icon"] ?>" class="project-icon"> <?= $project["name"] ?> + </span> + <form style="display:inline;float:right;"> + <input name="delete-project" type="hidden" value="<?= $index ?>"> + <input name="submit" type="hidden"> + <button type="submit" class="btn btn-danger">Remove</button> + </form> + <form style="display:inline;float:right;margin-right:10px;"> + <input name="edit-project" type="hidden" value="<?= $index ?>"> + <input name="change" type="hidden"> + <button type="submit" class="btn btn-primary">Edit</button> + </form> + </li> + <?php endforeach; ?> + </ul> + <br> + + <button type="button" id="admin-add-s0" class="btn btn-outline-primary" onclick="document.getElementById('admin-add-s0').style.display='none';document.getElementById('admin-add-s1').style.display='';document.getElementById('admin-add-s2').focus();">Add another contact method</button> + <div class="card" style="max-width:550px;display:none;" id="admin-add-s1"> + <form class="card-body"> + <h4 class="card-title">Add contact method</h4> + <p>Once added, this contact method will be shown on the Contact page.</p> + <p> + <input id="admin-add-s2" name="add-project" type="text" class="form-control" placeholder="Social network name"> + <input id="admin-add-s2a" name="add-project-src" type="text" class="form-control" placeholder="Link"> + </p> + <p>You are able to add additional details after adding the contact method.</p> + <input name="submit" type="hidden"> + <button type="submit" class="btn btn-success">Create</button> <button onclick="document.getElementById('admin-add-s1').style.display='none';document.getElementById('admin-add-s0').style.display='';" type="button" class="btn btn-outline-danger">Cancel</button> + </form> + </div> + <?php endif; ?> +</div> + +<style> + .project-icon { + border-radius: 999px; + width: 24px; + vertical-align: middle; + background: lightgray; + margin-right: 5px; + } +</style> + +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/footer.php"; ?>
\ No newline at end of file diff --git a/admin/index.php b/admin/index.php new file mode 100644 index 0000000..0b03f35 --- /dev/null +++ b/admin/index.php @@ -0,0 +1,45 @@ +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/session.php"; global $_USER; ?> +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/header.php"; ?> + +<br> +<div class="container"> + <h1>Welcome back <?= $_USER ?>!</h1> + <br> + + <div class="row"> + <div class="col"> + <div class="card"> + <div class="card-body"> + <h4 class="card-title">PluralKit</h4> + <p class="card-text">Configure PluralKit system ID.</p> + <a href="/admin/pluralkit" class="btn btn-primary">Manage</a> + </div> + </div> + </div> + <div class="col"> + <div class="card"> + <div class="card-body"> + <h4 class="card-title">Projects</h4> + <p class="card-text">Add, edit, delete or showcase projects.</p> + <a href="/admin/projects" class="btn btn-primary">Manage</a> + </div> + </div> + </div> + <div class="col"> + <div class="card"> + <div class="card-body"> + <h4 class="card-title">Contact Info</h4> + <p class="card-text">Add, edit or delete contact information.</p> + <a href="/admin/contact" class="btn btn-primary">Manage</a> + </div> + </div> + </div> + </div> + <br> + + <p>This website is managed by <?php $admins = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/admins.json"), true); foreach ($admins as $index => $item): ?><b><?= $item ?></b><?php if ($item === $_USER): ?> (you)<?php endif; ?><?php if ($index !== count($admins) - 1): ?><?php if ($index + 1 === count($admins) - 1): ?> and <?php else: ?>, <?php endif; ?><?php endif; ?><?php endforeach; ?>, <a href="/admin/users">edit...</a></p> + + <p class="small text-muted">powered by Pawer Technologies</p> +</div> + +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/footer.php"; ?>
\ No newline at end of file diff --git a/admin/login/index.php b/admin/login/index.php new file mode 100644 index 0000000..41c4298 --- /dev/null +++ b/admin/login/index.php @@ -0,0 +1,4 @@ +<?php + +header("Location: https://github.com/login/oauth/authorize?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/github.json"), true)["id"] . "&redirect_uri=http://$_SERVER[HTTP_HOST]/admin/callback/&allow_signups=false&scope=read:user"); +die(); diff --git a/admin/pluralkit/index.php b/admin/pluralkit/index.php new file mode 100644 index 0000000..c976882 --- /dev/null +++ b/admin/pluralkit/index.php @@ -0,0 +1,50 @@ +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/session.php"; global $_USER; ?> +<?php + +if (isset($_GET['submit'])) { + if (isset($_GET["system-id"])) { + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/pluralkit.json", json_encode([ + "system" => $_GET['system-id'] + ], JSON_PRETTY_PRINT)); + header("Location: /admin/pluralkit"); + die(); + } +} + +?> +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/header.php"; ?> + +<br> +<div class="container"> + <h1>PluralKit Configuration</h1> + + <p><b>Current System:</b> <?php + + $config = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/pluralkit.json"), true); + $data = @file_get_contents("https://api.pluralkit.me/v2/systems/$config[system]"); + + if (isset($data) && $data !== false): + $parsed = json_decode($data, true); + ?> + <img src="<?= $parsed["avatar_url"] ?>" id="system-icon"><?= $parsed["name"] ?> (<code><?= $parsed["id"] ?></code>) + <?php else: ?> + <span class="text-danger">Not found, please make sure the ID is entered correctly</span> + <?php endif; ?></p> + <form class="input-group mb-3" style="max-width: 500px;"> + <input name="system-id" value="<?= $config['system'] ?>" type="text" class="form-control" placeholder="System ID"> + <input type="hidden" name="submit"> + <button class="btn btn-primary" type="submit">Save and apply</button> + </form> +</div> + +<style> + #system-icon { + border-radius: 999px; + width: 24px; + vertical-align: middle; + background: lightgray; + margin-right: 5px; + } +</style> + +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/footer.php"; ?>
\ No newline at end of file diff --git a/admin/projects/index.php b/admin/projects/index.php new file mode 100644 index 0000000..78e2b04 --- /dev/null +++ b/admin/projects/index.php @@ -0,0 +1,155 @@ +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/session.php"; global $_USER; ?> +<?php + +$projects = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/projects.json"), true); + +if (isset($_GET['submit'])) { + if (isset($_GET["showcase-yes"])) { + if (isset($projects[(int)$_GET["showcase-yes"]])) { + $projects[(int)$_GET["showcase-yes"]]["showcase"] = true; + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/projects.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/projects"); + die(); + } + } + + if (isset($_GET["showcase-no"])) { + if (isset($projects[(int)$_GET["showcase-no"]])) { + $projects[(int)$_GET["showcase-no"]]["showcase"] = false; + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/projects.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/projects"); + die(); + } + } + + if (isset($_GET["add-project"]) && isset($_GET["add-project-src"])) { + $projects[] = [ + "name" => $_GET["add-project"], + "description" => $_GET["add-project"], + "icon" => "about:blank", + "source" => $_GET["add-project-src"], + "showcase" => false + ]; + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/projects.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/projects"); + die(); + } + + if (isset($_GET["delete-project"])) { + if (isset($projects[(int)$_GET["delete-project"]])) { + unset($projects[(int)$_GET["delete-project"]]); + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/projects.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/projects"); + die(); + } + } + + if (isset($_GET["edit-project"]) && isset($_GET["edit-project-name"]) && isset($_GET["edit-project-source"]) && isset($_GET["edit-project-icon"]) && isset($_GET["edit-project-description"])) { + if (isset($projects[(int)$_GET["edit-project"]])) { + $projects[(int)$_GET["edit-project"]]["name"] = $_GET["edit-project-name"]; + $projects[(int)$_GET["edit-project"]]["description"] = $_GET["edit-project-description"]; + $projects[(int)$_GET["edit-project"]]["icon"] = $_GET["edit-project-icon"]; + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/projects.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/projects"); + die(); + } + } +} + +?> +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/header.php"; ?> + +<br> +<div class="container"> + <?php if (isset($_GET['change']) && isset($_GET['edit-project']) && isset($projects[(int)$_GET["edit-project"]])): $project = $projects[(int)$_GET["edit-project"]]; ?> + + <h1>Edit <b><?= $project["name"] ?></b> (<code><?= (int)$_GET["edit-project"] ?></code>)</h1> + + <form> + <p> + Project Name:<br> + <input name="edit-project-name" class="form-control" type="text" value="<?= $project["name"] ?>"> + </p> + <p> + Project VCS Repository:<br> + <input name="edit-project-source" class="form-control" type="text" value="<?= $project["source"] ?>"> + </p> + <p> + Icon URL (can be relative):<br> + <input name="edit-project-icon" class="form-control" type="text" value="<?= $project["icon"] ?>"> + </p> + <p> + Project Description (can contain HTML tags):<br> + <textarea name="edit-project-description" class="form-control font-monospace" type="text"><?= $project["description"] ?></textarea> + </p> + <input name="submit" type="hidden"> + <input name="edit-project" type="hidden" value="<?= (int)$_GET["edit-project"] ?>"> + <button type="submit" class="btn btn-primary">Save and apply changes</button> + </form> + + <?php else: ?> + <h1>Projects Management</h1> + <p>Projects added to this list are publicly shown on the website's Projects page and (for select projects) on the homepage.</p> + + <ul class="list-group"> + <?php foreach (json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/projects.json"), true) as $index => $project): ?> + <li class="list-group-item"> + <span style="vertical-align: middle;padding-top:10px;"> + <img src="<?= $project["icon"] ?>" class="project-icon"> <?= $project["name"] ?> + </span> + <form style="display:inline;float:right;"> + <input name="delete-project" type="hidden" value="<?= $index ?>"> + <input name="submit" type="hidden"> + <button type="submit" class="btn btn-danger">Remove</button> + </form> + <form style="display:inline;float:right;margin-right:10px;"> + <input name="edit-project" type="hidden" value="<?= $index ?>"> + <input name="change" type="hidden"> + <button type="submit" class="btn btn-primary">Edit</button> + </form> + <?php if ($project["showcase"]): ?> + <form style="display:inline;float:right;margin-right:10px;"> + <input name="showcase-no" type="hidden" value="<?= $index ?>"> + <input name="submit" type="hidden"> + <button type="submit" class="btn btn-outline-danger">Hide on homepage</button> + </form> + <?php else: ?> + <form style="display:inline;float:right;margin-right:10px;"> + <input name="showcase-yes" type="hidden" value="<?= $index ?>"> + <input name="submit" type="hidden"> + <button type="submit" class="btn btn-outline-success">Show on homepage</button> + </form> + <?php endif; ?> + </li> + <?php endforeach; ?> + </ul> + <br> + + <button type="button" id="admin-add-s0" class="btn btn-outline-primary" onclick="document.getElementById('admin-add-s0').style.display='none';document.getElementById('admin-add-s1').style.display='';document.getElementById('admin-add-s2').focus();">Create another project</button> + <div class="card" style="max-width:550px;display:none;" id="admin-add-s1"> + <form class="card-body"> + <h4 class="card-title">Create project</h4> + <p>Once added, this project will be shown on the Projects page.</p> + <p> + <input id="admin-add-s2" name="add-project" type="text" class="form-control" placeholder="Project name"> + <input id="admin-add-s2a" name="add-project-src" type="text" class="form-control" placeholder="VCS repository"> + </p> + <p>You are able to add additional details after creating the project.</p> + <input name="submit" type="hidden"> + <button type="submit" class="btn btn-success">Create</button> <button onclick="document.getElementById('admin-add-s1').style.display='none';document.getElementById('admin-add-s0').style.display='';" type="button" class="btn btn-outline-danger">Cancel</button> + </form> + </div> + <?php endif; ?> +</div> + +<style> + .project-icon { + border-radius: 999px; + width: 24px; + vertical-align: middle; + background: lightgray; + margin-right: 5px; + } +</style> + +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/footer.php"; ?>
\ No newline at end of file diff --git a/admin/users/index.php b/admin/users/index.php new file mode 100644 index 0000000..1bc81d2 --- /dev/null +++ b/admin/users/index.php @@ -0,0 +1,75 @@ +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/session.php"; global $_USER; ?> +<?php + +if (isset($_GET['submit'])) { + $admins = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/admins.json"), true); + + if (isset($_GET["delete-user"])) { + $newlist = []; + + foreach ($admins as $admin) { + if ($admin !== $_GET["delete-user"]) { + $newlist[] = $admin; + } + } + + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/admins.json", json_encode($newlist, JSON_PRETTY_PRINT)); + header("Location: /admin/users"); + die(); + } + + if (isset($_GET["add-user"])) { + $admins[] = $_GET["add-user"]; + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/admins.json", json_encode($admins, JSON_PRETTY_PRINT)); + header("Location: /admin/users"); + die(); + } +} + +?> +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/header.php"; ?> + +<br> +<div class="container"> + <h1>Administrators Management</h1> + <p>Administrators added to this list are able to login to this admin panel using their GitHub account. Make sure you trust the person before giving them administrative permissions.</p> + + <ul class="list-group"> + <?php foreach (json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/admins.json"), true) as $user): ?> + <li class="list-group-item"> + <form> + <span style="vertical-align: middle;padding-top:10px;"> + <a href="https://github.com/<?= $user ?>" target="_blank"><?= $user ?></a> + <?php if ($user === $_USER): ?> + <span class="badge bg-warning rounded-pill">You!</span> + <?php endif; ?> + <?php if ($user === "Minteck"): ?> + <span class="badge bg-danger rounded-pill">Immutable</span> + <?php endif; ?> + </span> + <input name="delete-user" type="hidden" value="<?= $user ?>"> + <input name="submit" type="hidden"> + <button type="submit" class="btn btn-danger" style="float:right;vertical-align: middle;" + <?php if ($user === $_USER || $user === "Minteck"): ?> disabled<?php endif; ?> + >Remove</button> + </form> + </li> + <?php endforeach; ?> + </ul> + <br> + + <button type="button" id="admin-add-s0" class="btn btn-outline-primary" onclick="document.getElementById('admin-add-s0').style.display='none';document.getElementById('admin-add-s1').style.display='';document.getElementById('admin-add-s2').focus();">Add another administrator</button> + <div class="card" style="max-width:550px;display:none;" id="admin-add-s1"> + <form class="card-body"> + <h4 class="card-title">Add administrator</h4> + <p>This will give this user full control over this website, including permission to add or remove other administrators. <b>Make sure you trust this user.</b></p> + <p> + <input id="admin-add-s2" name="add-user" type="text" class="form-control" placeholder="GitHub user name"> + </p> + <input name="submit" type="hidden"> + <button type="submit" class="btn btn-success">Add</button> <button onclick="document.getElementById('admin-add-s1').style.display='none';document.getElementById('admin-add-s0').style.display='';" type="button" class="btn btn-outline-danger">Cancel</button> + </form> + </div> +</div> + +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/footer.php"; ?>
\ No newline at end of file |