From 1d62401c897a5ba82d0def92d97d09195a6d676f Mon Sep 17 00:00:00 2001
From: Minteck <46352972+Minteck@users.noreply.github.com>
Date: Thu, 1 Jul 2021 00:54:32 +0200
Subject: Fixed stuff + official logo

---
 _site/admin/callback/index.php | 59 ++++++++++++++++++++++++++++++++++++++++++
 _site/admin/denied/index.php   | 10 +++++++
 _site/admin/index.php          | 15 +++++++++++
 _site/admin/login/index.php    |  4 +++
 _site/admin/offline/index.php  | 13 ++++++++++
 _site/admin/status/index.php   | 40 ++++++++++++++++++++++++++++
 6 files changed, 141 insertions(+)
 create mode 100644 _site/admin/callback/index.php
 create mode 100644 _site/admin/denied/index.php
 create mode 100644 _site/admin/index.php
 create mode 100644 _site/admin/login/index.php
 create mode 100644 _site/admin/offline/index.php
 create mode 100644 _site/admin/status/index.php

(limited to '_site/admin')

diff --git a/_site/admin/callback/index.php b/_site/admin/callback/index.php
new file mode 100644
index 0000000..4243799
--- /dev/null
+++ b/_site/admin/callback/index.php
@@ -0,0 +1,59 @@
+<?php
+
+if (!isset($_GET['code'])) {
+    throw new ErrorException("GitHub OAuth Flow interrupted", 214, E_ERROR);
+}
+
+$data = array(
+    'client_id' => json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/credentials.json"), true)["id"],
+    'client_secret' => json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/credentials.json"), true)["secret"],
+    'code' => $_GET['code']
+);
+
+$post_data = json_encode($data);
+
+$crl = curl_init('https://github.com/login/oauth/access_token');
+curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+curl_setopt($crl, CURLOPT_POST, true);
+curl_setopt($crl, CURLOPT_POSTFIELDS, $post_data);
+
+curl_setopt($crl, CURLOPT_HTTPHEADER, array(
+        'Content-Type: application/json',
+        "Accept: application/json"
+));
+
+$result = curl_exec($crl);
+
+if ($result === false) {
+    throw new ErrorException("GitHub OAuth Flow interrupted", 214, E_ERROR);
+}
+
+curl_close($crl);
+
+$data = json_decode($result, true);
+$crl = curl_init('https://api.github.com/user');
+curl_setopt($crl, CURLOPT_RETURNTRANSFER, true);
+curl_setopt($crl, CURLINFO_HEADER_OUT, true);
+curl_setopt($crl, CURLOPT_POST, false);
+
+curl_setopt($crl, CURLOPT_HTTPHEADER, array(
+    'Content-Type: application/json',
+    "Accept: application/json",
+    "Authorization: token " . $data["access_token"],
+    "User-Agent: Blogchain-Admin/0.0.0 (nekostarfan@gmail.com)"
+));
+
+$result = curl_exec($crl);
+$ndata = json_decode($result, true);
+
+if (!in_array($ndata["login"], json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/authorized.json"), true))) {
+    header("Location: /admin/denied");
+    die();
+}
+
+file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/tokens/" . $data["access_token"], $ndata["login"]);
+setcookie("ADMIN_TOKEN", $data["access_token"], 0, "/", "blogchain.minteck.ro.lt", true, true);
+
+header("Location: /admin");
+die();
\ No newline at end of file
diff --git a/_site/admin/denied/index.php b/_site/admin/denied/index.php
new file mode 100644
index 0000000..8eb88c2
--- /dev/null
+++ b/_site/admin/denied/index.php
@@ -0,0 +1,10 @@
+<?php $_TITLE = "Access is denied"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/dom/header.php"; ?>
+
+<div class="container" style="margin-top:30px;text-align: center;">
+    <h1>Access is denied</h1>
+    <h4 style="margin-bottom:20px;">This is a "staff only" page</h4>
+    <p>You tried to access a page that is on Blogchain's Administrators Workplace, which you cannot get access to because your GitHub account is not registered as a Blogchain Administrator.</p>
+    <p>You probably want to <a href="/" style="text-decoration: underline;">go back home</a>.</p>
+</div>
+
+<?php require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/dom/footer.php"; ?>
\ No newline at end of file
diff --git a/_site/admin/index.php b/_site/admin/index.php
new file mode 100644
index 0000000..62d4fa7
--- /dev/null
+++ b/_site/admin/index.php
@@ -0,0 +1,15 @@
+<?php $__ADMIN = true; $_TITLE = "Blogchain Administration"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/dom/header.php"; ?>
+
+<div class="container" style="margin-top:30px;text-align: center;">
+    <h2>Welcome back <?= $_USER ?>!</h2>
+    <p>You now have access to all unpublished blog articles, except on the RSS feed.</p>
+</div>
+
+<div class="container">
+    <h3>Tasks</h3>
+    <ul class="list-group">
+        <a class="list-group-item list-group-item-action" href="/admin/status">Data Sync Status</a>
+    </ul>
+</div>
+
+<?php require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/dom/footer.php"; ?>
\ No newline at end of file
diff --git a/_site/admin/login/index.php b/_site/admin/login/index.php
new file mode 100644
index 0000000..0741757
--- /dev/null
+++ b/_site/admin/login/index.php
@@ -0,0 +1,4 @@
+<?php
+
+header("Location: https://github.com/login/oauth/authorize?client_id=" . json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/admin/credentials.json"), true)["id"] . "&redirect_uri=https://blogchain.minteck.ro.lt/admin/callback/&allow_signups=false&scope=read:user");
+die();
\ No newline at end of file
diff --git a/_site/admin/offline/index.php b/_site/admin/offline/index.php
new file mode 100644
index 0000000..aa39eca
--- /dev/null
+++ b/_site/admin/offline/index.php
@@ -0,0 +1,13 @@
+<?php $_TITLE = "Blogchain Administration"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/dom/header.php"; ?>
+
+<div class="container" style="margin-top:30px;text-align: center;">
+    <h2>Extensively and simply manage Blogchain</h2>
+    <p>View unpublished articles, get statistics, export data and more.</p>
+
+    <p>
+        <a class="btn btn-primary" href="https://minteck.ro.lt/admin/blogchain">Login with Minteck Central Admin</a>
+        <a class="btn btn-primary" href="/admin/login">Login with GitHub</a>
+    </p>
+</div>
+
+<?php require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/dom/footer.php"; ?>
\ No newline at end of file
diff --git a/_site/admin/status/index.php b/_site/admin/status/index.php
new file mode 100644
index 0000000..6d46f34
--- /dev/null
+++ b/_site/admin/status/index.php
@@ -0,0 +1,40 @@
+<?php $__ADMIN = true; $_TITLE = "Data Sync Status - Blogchain Administration"; require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/dom/header.php"; ?>
+
+<div class="container" style="margin-top:30px;text-align: center;">
+    <h2>Data Sync Status</h2>
+    <p>Check if everything is good!</p>
+</div>
+
+<div class="container">
+    <ul>
+        <?php
+
+        $commit = json_decode(gh_api("repos/Minteck/Blogchain-Content/commits"), true)[0];
+        if (!isset($commit["commit"]["verification"]) || !isset($commit["commit"]["verification"]["verified"]) || !$commit["commit"]["verification"]["verified"]) {
+            echo("<li class='list-admin-warning'>This version is <b>not</b> digitally signed, its content may have been compromised.</li>");
+        }
+
+        ?>
+        <li><b>Upstream version:</b> <?php
+
+            echo(substr($commit["sha"], 0, 7) . " « " . $commit["commit"]["message"] . " » · commited by " . $commit["commit"]["author"]["name"]);
+
+            ?></li>
+        <li><b>Downstream version:</b> <?php
+
+            echo(substr(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/../_posts/.git/refs/heads/master"), 0, 7));
+
+            ?></li>
+        <li><?php
+
+            if (trim(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/../_posts/.git/refs/heads/master")) === trim($commit["sha"])) {
+                echo("Downstream is up to date");
+            } else {
+                echo("Downstream <b>rebase needed</b>");
+            }
+
+            ?></li>
+    </ul>
+</div>
+
+<?php require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/dom/footer.php"; ?>
\ No newline at end of file
-- 
cgit