Subversion Repositories svnkaklik

Rev

Go to most recent revision | Details | Last modification | View Log

Rev Author Line No. Line
6 kaklik 1
<?php
2
 
3
/************************************************************************/
4
/* G-Shout : Gravitasi Shoutbox                                         */
5
/* ============================================                         */
6
/*                                                                      */
7
/* Copyright (c) 2005 by Yohanes Pradono                                */
8
/* http://gravitasi.com                                                 */
9
/*                                                                      */
10
/* This program is free software. You can redistribute it and/or modify */
11
/* it under the terms of the GNU General Public License as published by */
12
/* the Free Software Foundation; either version 2 of the License.       */
13
/*                                                                      */
14
/************************************************************************/
15
 
16
include("config.php");
17
include("./includes/functions.inc.php");
18
include ("./languages/lang-$language.php");
19
 
20
if(!is_writable($datafile)){
21
	$error = _DATA_UNWRITABLE;
22
} else if (!is_writable("config.php")){
23
	$error = _CONF_UNWRITABLE;
24
} else if (!is_writable($logfile)){
25
	$error = _LOG_UNWRITABLE;
26
}
27
 
28
if ($_POST['action'] == "login") {
29
	if($_POST['var_password'] == $admin_password){
30
    makeCookie($_POST['var_password']);
31
	writeLogs_php($_SERVER["REMOTE_ADDR"],"_LOG_LOGIN_SUCCESS",$_POST['var_password']);
32
	header("Location: admin.php");
33
	} else if ($_POST['var_password'] != $admin_password) {
34
		header("Location: admin.php?error="._WRONG_PASS."");
35
		writeLogs_php($_SERVER["REMOTE_ADDR"],"_LOG_LOGIN_FAIL",$_POST['var_password']);
36
	}
37
}
38
if ($_GET['action'] == "logout"){
39
    delCookie();
40
	writeLogs_php($_SERVER["REMOTE_ADDR"],"_LOG_LOGOUT","");
41
    header("Location: admin.php");
42
}
43
 
44
if ($_POST['action'] == "updateshout") {
45
    if (validCookie($_COOKIE['gshout_auth'])) {
46
		if(updateShout($_POST['id'],$_POST['comment'],$_POST['name'],$_POST['sex'],$_POST['uri'],$_POST['timestamp'],$_POST['ip'],$_POST['reply'])){
47
		$message = _SHOUT_UPDATED;
48
		header("Location: admin.php?page=".$_POST['gotopage']."&message="._SHOUT_UPDATED."");
49
		}else{
50
			$error = _ERROR_WRITE_DATA;
51
			header("Location: admin.php?page=".$_POST['gotopage']."&error="._ERROR_WRITE_DATA."");
52
		}
53
    }
54
}
55
if ($_POST['action'] == "delete") {
56
    if (validCookie($_COOKIE['gshout_auth'])) {
57
		deleteShout($_POST['toggle']);
58
		if(count($_POST['toggle']) == "1"){
59
		$message = _SHOUT_DELETED;
60
		header("Location: admin.php?page=".$gotopage."&message="._SHOUT_DELETED."");
61
		} else {
62
			$message= _SHOUTS_DELETED;
63
		header("Location: admin.php?page=".$gotopage."&message="._SHOUTS_DELETED."");
64
		}
65
    }
66
}
67
 
68
if ($_POST['action'] == "filter" AND validCookie($_COOKIE['gshout_auth'])) {
69
	$fp = fopen("config.php","r");
70
	while (!feof($fp)){
71
		$data = fgets($fp, filesize("config.php"));
72
            if (substr($data,0,7) == '$status') {
73
				$output[] = '$status = "'.trim($_POST['new_status'])."\";\n";
74
			} else if (substr($data,0,8) == '$results') {
75
				$output[] = '$results = "'.trim($_POST['new_results'])."\";\n";
76
            } else {//nothing happened :)
77
				$output[] = $data;
78
			}
79
	}//end while
80
        fclose($fp);
81
        $fp = fopen("config.php","w");
82
		if($fp){
83
        foreach ($output as $data){
84
            fwrite ($fp, $data);
85
        }
86
		} else {
87
			$error = _ERROR_WRITE_CONF;
88
		}
89
		header("Location: admin.php?results=".$_POST['new_results']."");
90
 }
91
 
92
// re-read the config file
93
if ($_POST['action'] == "updateshout") {
94
	include("config.php");
95
	include ("./languages/lang-".$language.".php");
96
}
97
 
98
//include header
99
include("./includes/header.inc.php");
100
 
101
if (validCookie($_COOKIE['gshout_auth'])) { // if admin still logged in
102
?>
103
 
104
<table style="width: 100%;" border="0" cellpadding="0" cellspacing="0">
105
<tbody><tr>
106
<td class="navCell" style="width: 2%;">
107
 
108
<div class="cpNavOff">
109
&nbsp;
110
</div>
111
 
112
</td>
113
 
114
<td class="navCell">
115
 
116
<div class="cpNavOn">
117
<a href="admin.php">&nbsp;<?=_EDIT_SHOUTS?>&nbsp;</a>
118
</div>
119
 
120
</td>
121
<td class="navCell">
122
 
123
<div class="cpNavOff">
124
<a href="editconf.php">&nbsp;<?=_CONFIGURATION?>&nbsp;</a>
125
</div>
126
 
127
</td>
128
<td class="navCell">
129
 
130
<div class="cpNavOff">
131
<a href="viewlogs.php">&nbsp;<?=_VIEW_LOGS?>&nbsp;</a>
132
</div>
133
 
134
</td>
135
 
136
<td class="navCell" style="width: 2%;">
137
 
138
<div class="cpNavOff">
139
&nbsp;
140
</div>
141
 
142
</td>
143
</tr>
144
</tbody></table>
145
 
146
<div id="breadcrumb">
147
<table style="width: 100%;" class="contentWidth" border="0" cellpadding="6" cellspacing="0">
148
<tbody><tr>
149
<td class="defaultBold">
150
<h1><?=_EDIT_SHOUTS;?></h1>
151
</td>
152
<td class="breadcrumbRight">
153
&nbsp;
154
</td>
155
</tr>
156
</tbody></table>
157
</div>
158
 
159
<div id="content">
160
 
161
<table border='0'  cellspacing='0' cellpadding='0' style='width:100%;' >
162
 
163
<?
164
 
165
if(isset($_GET['message'])){
166
	echo "<tr><td  class='box'  colspan='2'><div class='itemWrapper'>";
167
	echo "<div class='success'>";
168
	echo $_GET['message'];
169
	echo "</div>";
170
	echo "</div></td></tr>";
171
} else if(isset($_GET['error'])) {
172
	echo "<tr><td  class='box'  colspan='2'><div class='itemWrapper'>";
173
	echo "<div class='alert'>".$_GET['error']."</div>";
174
	echo "</div></td></tr>";
175
} else if(isset($message)) {
176
	echo "<tr><td  class='box'  colspan='2'><div class='itemWrapper'>";
177
	echo "<div class='success'>".$message."</div>";
178
	echo "</div></td></tr>";
179
} else if(isset($error)) {
180
	echo "<tr><td  class='box'  colspan='2'><div class='itemWrapper'>";
181
	echo "<div class='alert'>".$error."</div>";
182
	echo "</div></td></tr>";
183
} else {
184
	echo "<tr><td><div class='success'>&nbsp;</div></td></tr>";
185
}
186
 
187
?>
188
 
189
<tr>
190
<td  class='itemWrapper'  colspan='7'>
191
 
192
<form method='post' name='filterform' id='filterform' action='admin.php' >
193
 
194
<!-- still confuse, will be developed when I have time
195
<select name='new_status' class='select'>
196
<option value='all'>Filtered by Reply Status</option>
197
<option value='all' <?if($status=="all")echo "selected='selected'";?>>View All</option>
198
<option value='replied' <?if($status=="replied")echo "selected='selected'";?>>Replied</option>
199
<option value='notreplied' <?if($status=="notreplied")echo "selected='selected'";?>>Not Replied</option>
200
</select>
201
&nbsp;&nbsp;
202
-->
203
 
204
<select name='new_results' class='select'>
205
<option value='<?=$commentshown?>'><?=_SHOUTS_PER_PAGE?></option>
206
<option value='10' <?if($results=="10")echo "selected='selected'";?>>10 <?=_SHOUTS?></option>
207
<option value='20' <?if($results=="20")echo "selected='selected'";?>>20 <?=_SHOUTS?></option>
208
<option value='30' <?if($results=="30")echo "selected='selected'";?>>30 <?=_SHOUTS?></option>
209
<option value='40' <?if($results=="40")echo "selected='selected'";?>>40 <?=_SHOUTS?></option>
210
<option value='50' <?if($results=="50")echo "selected='selected'";?>>50 <?=_SHOUTS?></option>
211
</select>
212
&nbsp;&nbsp;
213
<input name='action' type='hidden' value='filter' />
214
<input name='submit' type='submit' value='Go' class='submit' />
215
</form>
216
 
217
</td>
218
</tr>
219
</table>
220
 
221
<form method="post" name="delete" id="delete" action="admin.php">
222
<script language="javascript" type="text/javascript"> 
223
<!--
224
	function toggle(thebutton)
225
        {
226
            if (thebutton.checked) 
227
            {
228
               val = true;
229
            }
230
            else
231
            {
232
               val = false;
233
            }
234
 
235
            var len = document.target.elements.length;
236
 
237
            for (var i = 0; i < len; i++) 
238
            {
239
                var button = document.target.elements[i];
240
 
241
                var name_array = button.name.split("["); 
242
 
243
                if (name_array[0] == "toggle") 
244
                {
245
                    button.checked = val;
246
                }
247
            }
248
 
249
            document.target.toggleflag.checked = val;
250
        }
251
 
252
//-->
253
</script>
254
 
255
<table style="width: 100%;" class="tableBorder" border="0" cellpadding="0" cellspacing="0">
256
<tbody><tr>
257
<td class="tablePad">
258
 
259
<table style="width: 100%;" border="0" cellpadding="0" cellspacing="0">
260
<tbody><tr>
261
<td class="tableHeadingBold">
262
<?=_ID;?>
263
</td>
264
<td class="tableHeadingBold">
265
<?=_DATE;?>
266
</td>
267
<td class="tableHeadingBold">
268
<?=_SHOUTS;?>
269
</td>
270
<td class="tableHeadingBold">
271
<?=_NAME;?>
272
</td>
273
<td class="tableHeadingBold">
274
<?=_SEX;?>
275
</td>
276
<td class="tableHeadingBold">
277
<?=_IP_ADDRESS;?>
278
</td>
279
<td class="tableHeadingBold">
280
<?=_WEB_EMAIL;?>
281
</td>
282
<td class="tableHeadingBold">
283
<?=_REPLYDATE;?>
284
</td>
285
<td class="tableHeadingBold">
286
<?=_REPLY;?>
287
</td>
288
<td class="tableHeadingBold">
289
<?=_EDIT;?>
290
</td>
291
<td class="tableHeadingBold">
292
<input class="checkbox" name="toggleflag" value="" onclick="toggle(this);" type="checkbox"><br />
293
<?=_DELETE;?>
294
</td>
295
</tr>
296
 
297
<!-- mulai ngelist -->
298
 
299
<?
300
//buat menentukan jumlah ditampilkan
301
//$shoutcount = countShouts();
302
 
303
if (isset($_GET['results'])){
304
$results = $_GET['results'];
305
}
306
if (isset($_GET['page'])){
307
$page = $_GET['page'];
308
}
309
 
310
if (!isset($page)||$page==0) {
311
	//buat nentuin halaman default
312
	//$page=floor($shoutcount/20)+1;
313
	$page=1;
314
	}
315
 
316
$entry = ($results * $page)-$results;
317
$selesai = $results*$page;
318
$output = getShouts($start,20,1);
319
 
320
$d = array();
321
require_once($datafile);
322
$shoutcount = count($d);
323
 
324
	while (trim($d[$entry]) != "" && $entry < $selesai ) {
325
 
326
		$temporary = explode("#%", $d[$entry]);
327
		$id = $temporary[0];
328
		$com = $temporary[1];
329
		$nam = $temporary[2];
330
		$sex = $temporary[3];
331
		$uri = $temporary[4];
332
		$timestamp = $temporary[5];
333
		$ip = $temporary[6];
334
		$reply = $temporary[7];
335
		$redate = $temporary[8];
336
 
337
	showEntryfromCPanel($id,$com,$nam,$sex,$uri,$timestamp,$ip,$reply,$redate);
338
	$entry++;
339
	}
340
 
341
 
342
?>
343
 
344
<!-- End of list -->
345
 
346
</tbody></table>
347
 
348
 
349
</td>
350
</tr>
351
</tbody></table>
352
 
353
 
354
<table style="width: 98%;" border="0" cellpadding="0" cellspacing="0">
355
<tbody><tr>
356
<td class="default">
357
 
358
<div class="crumblinks">
359
 
360
</div>
361
 
362
</td>
363
 
364
<td class="defaultRight">
365
<input type="hidden" name="gotopage" value="<?=$page?>" />
366
<input type="hidden" name="action" value="delete" />
367
<input type="submit" class="submit" value="<?=_DELETE?>" onclick="return confirm('<?=_ARE_YOU_SURE?>')" />
368
</td>
369
</tr>
370
</tbody></table>
371
 
372
</form>
373
 
374
<!-- Begin paginate -->
375
        <table class="paginate"><tr><td>&nbsp;&nbsp;<?=_DISPLAYING_PAGE?> <?=$page?> <?=_OF?> <?=floor($shoutcount/$results)+1?> (<?=_TOTAL?> <?=$shoutcount?> <?=_FROM_MAXIMAL?> <?=$keep?> <?=_LAST_SHOUTS?>)</tr></td><tr><td>&nbsp;&nbsp;<?=_PAGE?>
376
    <?
377
        if ($page != 1) {
378
            echo "<a href='admin.php?page=1'>[ &lt;&lt; ]</a> <a href='admin.php?page=".($page-1)."'>[ &lt; ]</a> ";
379
        } else {
380
            echo "<font color='#666666'>[ &lt;&lt; ] [ &lt; ]</font> ";            
381
        }
382
        for ($count=0;$count<$shoutcount;$count=$count+$results) {
383
            $newpage = floor($count/$results) + 1;
384
            if ($page == $newpage) {
385
                echo $newpage." ";
386
            } else {
387
                echo "<a href='admin.php?page=".$newpage."'>".$newpage."</a> ";
388
            }
389
        }
390
		if ($page != floor($shoutcount/$results)+1) {
391
            echo "<a href='admin.php?page=".($page+1)."'>[ &gt; ]</a> <a href='admin.php?page=".(floor($shoutcount/$results)+1)."'>[ &gt;&gt; ]</a>";
392
        } else {
393
            echo "<font color='#666666'>[ &gt; ] [ &gt;&gt; ]</font>";
394
        }
395
    ?>
396
        &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td></tr></table>
397
<!-- End of paginate -->
398
 
399
 
400
<?
401
} else if(!empty($_POST['fgt_answer']) && strtolower($_POST['fgt_answer']) == strtolower($secret_answer)) {
402
writeLogs_php($_SERVER["REMOTE_ADDR"], "_LOG_RIGHT_SECRET_ANSWER", $_POST['fgt_answer']);	
403
?>
404
 
405
<div class='leftPad'>
406
<br />
407
<div class='leftPad'>
408
 
409
<div class='default'>
410
<?echo "<br /><div class='success'>Your password is: $admin_password</div>"?>
411
</div>
412
 
413
<div class='default'><br /><a href='admin.php' ><?=_RETURN_TO_LOGIN?></a></div>
414
 
415
 
416
<? } else if(!empty($_POST['fgt_answer']) && strtolower($_POST['fgt_answer']) == strtolower($secret_answer) && $sendmail == "yes") {
417
 
418
	$extra_hdr_str = "From: G-Shout System <g-shout@".$_SERVER['HTTP_HOST']."> \r\nContent-type: text/html\r\nX-Mailer: PHP/" .phpversion();
419
	$body = "<p align=\"center\">"._YOUR_PASSWORD_IS.": $admin_password</p>";
420
	$subject = "[G-Shout] "._YOUR_PASSWORD."";
421
 
422
	mail($emailaddress,$subject,$body,$extra_hdr_str);
423
?>
424
 
425
<div class='leftPad'>
426
<br />
427
<div class='leftPad'>
428
 
429
<div class='default'>
430
<?echo "<br /><div class='success'>Your password has been sent to ".$emailaddress."</div>"?>
431
</div>
432
 
433
<div class='default'><br /><a href='admin.php' ><?=_RETURN_TO_LOGIN?></a></div>
434
 
435
<?
436
} else if ($_POST['action'] == "sendpass" && !empty($_POST['fgt_answer']) && strtolower($_POST['fgt_answer']) != strtolower($secret_answer)){
437
writeLogs_php($_SERVER["REMOTE_ADDR"], "_LOG_WRONG_SECRET_ANSWER", $_POST['fgt_answer']);
438
?>
439
 
440
<div class='leftPad'>
441
<br />
442
<div class='leftPad'>
443
 
444
<div class='default'>
445
<?echo "<br /><div class='alert'>You have entered incorrect secret answer.</div>"?>
446
</div>
447
 
448
<div class='default'><br /><a href='admin.php?action=forgotpass' ><?=_RETURN_TO_FORGOT?></a></div>
449
 
450
 
451
<?
452
} else if ($_GET['action'] == "forgotpass" && empty($_POST['fgt_email']) && empty($_POST['fgt_email'])) { 
453
?>
454
 
455
 
456
<div class='leftPad'>
457
<br />
458
<div class='leftPad'>
459
<h2><?=_FORGOT_PASSWORD?></h2>
460
 
461
<form method='post' action='admin.php' >
462
 
463
<div class='default'><br /><label for='fgt_answer'><?=_ANSWER_THIS?></label></div>
464
 
465
<div class='default'><br /><b><label for='fgt_answer'><?=$secret_question?></label></b></div>
466
 
467
<div class='default'><input style='width:250px' type='text' name='fgt_answer' id='fgt_answer' value='' size='20' maxlength='80' class='input'  />
468
</div>
469
 
470
<div class='default'><br />
471
<input  type='hidden' name='action' value='sendpass' />
472
<input  type='submit' value='Submit' class='submit' />
473
</div>
474
 
475
<div class='default'><br /><a href='admin.php' ><?=_RETURN_TO_LOGIN?></a></div>
476
 
477
<?
478
	} else { // kalo gak terlogin
479
 
480
?>
481
 
482
<?
483
 
484
if(isset($_GET['error'])) {
485
	echo "<div class='itemWrapper' style='padding:10px'>";
486
	echo "<div class='alert'>".$_GET['error']."</div>";
487
	echo "</div>";
488
}
489
?>
490
 
491
<div class='leftPad'>
492
<br />
493
<div class='leftPad'>
494
 
495
<h2><?=_ADMIN_LOGIN?></h2>
496
 
497
<form name="login" method="post" action="admin.php" >
498
 
499
<div class='default'><br /><label for="password"><?=_PASSWORD?></label></div>
500
 
501
<div class='default'><input style="width:150px" type="password" name="var_password" id="password" value="" size="20" maxlength="32" class="input" />
502
</div>
503
 
504
<div class='default'>
505
<br />
506
<input type="hidden" name="action" value="login" />
507
<input type='submit' class='submit' value='Submit' />
508
 
509
</div>
510
</form>
511
 
512
<div class='default'><br /><a href='admin.php?action=forgotpass' ><?=_FORGOT_PASSWORD?></a></div>
513
 
514
<? } ?>
515
 
516
</div>
517
</div>
518
 
519
 
520
<?
521
include("./includes/footer.inc.php");
522
?>