aboutsummaryrefslogtreecommitdiffstats
path: root/admin
diff options
context:
space:
mode:
Diffstat (limited to 'admin')
-rw-r--r--admin/auth.php86
-rw-r--r--admin/database.php49
-rw-r--r--admin/index.php88
-rw-r--r--admin/page/delete.php72
-rw-r--r--admin/page/index.php76
-rw-r--r--admin/page/insert.php86
-rw-r--r--admin/page/update.php96
-rw-r--r--admin/post/delete.php72
-rw-r--r--admin/post/index.php76
-rw-r--r--admin/post/insert.php86
-rw-r--r--admin/post/update.php96
-rw-r--r--admin/user/delete.php72
-rw-r--r--admin/user/index.php72
-rw-r--r--admin/user/insert.php78
-rw-r--r--admin/user/update.php89
15 files changed, 1194 insertions, 0 deletions
diff --git a/admin/auth.php b/admin/auth.php
new file mode 100644
index 0000000..dbdd3ef
--- /dev/null
+++ b/admin/auth.php
@@ -0,0 +1,86 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../core/application.php';
+
+#===============================================================================
+# IF: Already authenticated
+#===============================================================================
+if(Application::isAuthenticated()) {
+ #===============================================================================
+ # IF: Logout action
+ #===============================================================================
+ if(HTTP::issetGET(['token' => Application::getSecurityToken(), ['action' => 'logout']])) {
+ session_destroy();
+ HTTP::redirect(Application::getAdminURL('auth.php'));
+ }
+
+ HTTP::redirect(Application::getAdminURL());
+}
+
+#===============================================================================
+# ELSE: Not authenticated
+#===============================================================================
+else {
+ #===============================================================================
+ # IF: Login action
+ #===============================================================================
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) {
+ try {
+ $User = User\Factory::buildByUsername(HTTP::POST('username'));
+
+ if($User->comparePassword(HTTP::POST('password'))) {
+ $_SESSION['auth'] = $User->getID();
+ HTTP::redirect(Application::getAdminURL());
+ }
+
+ else {
+ $messages[] = $Language->text('authentication_failure');
+ }
+ } catch(User\Exception $Exception){
+ $fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C';
+ $fake_pass = HTTP::POST('password');
+
+ password_verify($fake_pass, $fake_hash);
+
+ $messages[] = $Language->text('authentication_failure');
+ }
+ }
+}
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+ $AuthTemplate = Template\Factory::build('auth');
+ $AuthTemplate->set('FORM', [
+ 'INFO' => [
+ 'LIST' => $messages ?? [],
+ ],
+ 'DATA' => [
+ 'USERNAME' => HTTP::POST('username'),
+ 'PASSWORD' => HTTP::POST('password'),
+ ],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', 'Authentication');
+ $MainTemplate->set('HTML', $AuthTemplate);
+ echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+}
+?>
+
diff --git a/admin/database.php b/admin/database.php
new file mode 100644
index 0000000..47ffd29
--- /dev/null
+++ b/admin/database.php
@@ -0,0 +1,49 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../core/application.php';
+
+#===============================================================================
+# Execute database command(s)
+#===============================================================================
+if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'command')) {
+ try {
+ $Statement = $Database->query(HTTP::POST('command'));
+ $result = print_r($Statement->fetchAll(), TRUE);
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+}
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+ $DatabaseTemplate = Template\Factory::build('database');
+ $DatabaseTemplate->set('FORM', [
+ 'INFO' => $messages ?? [],
+ 'TOKEN' => Application::getSecurityToken(),
+ 'RESULT' => $result ?? NULL,
+ 'COMMAND' => HTTP::POST('command'),
+ ]);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', 'SQL');
+ $MainTemplate->set('HTML', $DatabaseTemplate);
+ echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+}
+?> \ No newline at end of file
diff --git a/admin/index.php b/admin/index.php
new file mode 100644
index 0000000..c2ef0e0
--- /dev/null
+++ b/admin/index.php
@@ -0,0 +1,88 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../core/application.php';
+
+#===============================================================================
+# TRY: PDOException
+#===============================================================================
+try {
+ $LastPageStatement = $Database->query(sprintf('SELECT id FROM %s ORDER BY time_insert DESC LIMIT 1', Page\Attribute::TABLE));
+ $LastPostStatement = $Database->query(sprintf('SELECT id FROM %s ORDER BY time_insert DESC LIMIT 1', Post\Attribute::TABLE));
+ $LastUserStatement = $Database->query(sprintf('SELECT id FROM %s ORDER BY time_insert DESC LIMIT 1', User\Attribute::TABLE));
+
+ $PageCountStatement = $Database->query(sprintf('SELECT COUNT(*) FROM %s', Page\Attribute::TABLE));
+ $PostCountStatement = $Database->query(sprintf('SELECT COUNT(*) FROM %s', Post\Attribute::TABLE));
+ $UserCountStatement = $Database->query(sprintf('SELECT COUNT(*) FROM %s', User\Attribute::TABLE));
+}
+
+#===============================================================================
+# CATCH: PDOException
+#===============================================================================
+catch(PDOException $Exception) {
+ exit($Exception->getMessage());
+}
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+ try {
+ $LastPage = Page\Factory::build($LastPageStatement->fetchColumn());
+ $LastPageUser = User\Factory::build($LastPage->attr('user'));
+
+ $PageItemTemplate = generatePageItemTemplate($LastPage, $LastPageUser);
+ }
+
+ catch(Page\Exception $Exception){}
+ catch(User\Exception $Exception){}
+
+ try {
+ $LastPost = Post\Factory::build($LastPostStatement->fetchColumn());
+ $LastPostUser = User\Factory::build($LastPost->attr('user'));
+
+ $PostItemTemplate = generatePostItemTemplate($LastPost, $LastPostUser);
+ }
+
+ catch(Post\Exception $Exception){}
+ catch(User\Exception $Exception){}
+
+ try {
+ $LastUser = User\Factory::build($LastUserStatement->fetchColumn());
+ $UserItemTemplate = generateUserItemTemplate($LastUser);
+ } catch(User\Exception $Exception){}
+
+ $HomeTemplate = Template\Factory::build('home');
+ $HomeTemplate->set('LAST', [
+ 'PAGE' => $PageItemTemplate ?? FALSE,
+ 'POST' => $PostItemTemplate ?? FALSE,
+ 'USER' => $UserItemTemplate ?? FALSE,
+
+ ]);
+
+ $HomeTemplate->set('COUNT', [
+ 'PAGE' => $PageCountStatement->fetchColumn(),
+ 'POST' => $PostCountStatement->fetchColumn(),
+ 'USER' => $UserCountStatement->fetchColumn(),
+ ]);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', 'Dashboard');
+ $MainTemplate->set('HTML', $HomeTemplate);
+ echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+}
+?> \ No newline at end of file
diff --git a/admin/page/delete.php b/admin/page/delete.php
new file mode 100644
index 0000000..163bbdb
--- /dev/null
+++ b/admin/page/delete.php
@@ -0,0 +1,72 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+#===============================================================================
+# TRY: Page\Exception
+#===============================================================================
+try {
+ $Page = Page\Factory::build(HTTP::GET('id'));
+ $Attribute = $Page->getAttribute();
+
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'delete')) {
+ try {
+ if($Attribute->databaseDELETE($Database)) {
+ HTTP::redirect(Application::getAdminURL('page/'));
+ }
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+ }
+
+ #===============================================================================
+ # TRY: Template\Exception
+ #===============================================================================
+ try {
+ $FormTemplate = Template\Factory::build('page/form');
+ $FormTemplate->set('HTML', $Page->getHTML());
+ $FormTemplate->set('FORM', [
+ 'TYPE' => 'DELETE',
+ 'INFO' => $messages ?? [],
+ 'DATA' => [
+ 'ID' => $Attribute->get('id'),
+ 'BODY' => $Attribute->get('body'),
+ 'TIME_INSERT' => $Attribute->get('time_insert'),
+ 'TIME_UPDATE' => $Attribute->get('time_update'),
+ ],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $DeleteTemplate = Template\Factory::build('page/delete');
+ $DeleteTemplate->set('HTML', $FormTemplate);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_page_delete'));
+ $MainTemplate->set('HTML', $DeleteTemplate);
+ echo $MainTemplate;
+ }
+
+ #===============================================================================
+ # CATCH: Template\Exception
+ #===============================================================================
+ catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+ }
+}
+
+#===============================================================================
+# CATCH: Page\Exception
+#===============================================================================
+catch(Page\Exception $Exception) {
+ Application::exit(404);
+}
+?>
+
diff --git a/admin/page/index.php b/admin/page/index.php
new file mode 100644
index 0000000..56233a9
--- /dev/null
+++ b/admin/page/index.php
@@ -0,0 +1,76 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+$site_size = Application::get('PAGE.LIST_SIZE');
+$site_sort = Application::get('PAGE.LIST_SORT');
+
+$lastSite = ceil($Database->query(sprintf('SELECT COUNT(id) FROM %s', Page\Attribute::TABLE))->fetchColumn() / $site_size);
+
+$currentSite = HTTP::GET('site') ?? 1;
+$currentSite = abs(intval($currentSite));
+
+if($currentSite < 1 OR ($currentSite > $lastSite AND $lastSite > 0)) {
+ Application::exit(404);
+}
+
+#===============================================================================
+# Fetch page IDs from database
+#===============================================================================
+$execSQL = "SELECT id FROM %s ORDER BY {$site_sort} LIMIT ".(($currentSite-1) * $site_size).", {$site_size}";
+$pageIDs = $Database->query(sprintf($execSQL, Page\Attribute::TABLE))->fetchAll($Database::FETCH_COLUMN);
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+ foreach($pageIDs as $pageID) {
+ try {
+ $Page = Page\Factory::build($pageID);
+ $User = User\Factory::build($Page->attr('user'));
+
+ $ItemTemplate = generatePageItemTemplate($Page, $User);
+
+ $pages[] = $ItemTemplate;
+ }
+ catch(Page\Exception $Exception){}
+ catch(User\Exception $Exception){}
+ }
+
+ $PaginationTemplate = Template\Factory::build('pagination');
+ $PaginationTemplate->set('THIS', $currentSite);
+ $PaginationTemplate->set('LAST', $lastSite);
+ $PaginationTemplate->set('HREF', Application::getAdminURL('page/?site=%d'));
+
+ $ListTemplate = Template\Factory::build('page/index');
+ $ListTemplate->set('LIST', [
+ 'PAGES' => $pages ?? []
+ ]);
+
+ $ListTemplate->set('PAGINATION', [
+ 'THIS' => $currentSite,
+ 'LAST' => $lastSite,
+ 'HTML' => $PaginationTemplate
+ ]);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_page_overview', $currentSite));
+ $MainTemplate->set('HTML', $ListTemplate);
+ echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+}
+?> \ No newline at end of file
diff --git a/admin/page/insert.php b/admin/page/insert.php
new file mode 100644
index 0000000..0f421f6
--- /dev/null
+++ b/admin/page/insert.php
@@ -0,0 +1,86 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+$Attribute = new Page\Attribute();
+
+if(HTTP::issetPOST('id', 'user', 'slug', 'name', 'body', 'time_insert', 'time_update', 'insert')) {
+ $Attribute->set('id', HTTP::POST('id') ? HTTP::POST('id') : FALSE);
+ $Attribute->set('user', HTTP::POST('user'));
+ $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('name')));
+ $Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL);
+ $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : FALSE);
+ $Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
+ $Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
+ try {
+ if($Attribute->databaseINSERT($Database)) {
+ HTTP::redirect(Application::getAdminURL('page/'));
+ }
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+ }
+
+ else {
+ $messages[] = $Language->text('error_security_csrf');
+ }
+}
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+ $userIDs = $Database->query(sprintf('SELECT id FROM %s ORDER BY fullname ASC', User\Attribute::TABLE));
+
+ foreach($userIDs->fetchAll(PDO::FETCH_COLUMN) as $userID) {
+ $User = User\Factory::build($userID);
+ $userAttributes[] = [
+ 'ID' => $User->attr('id'),
+ 'FULLNAME' => $User->attr('fullname'),
+ 'USERNAME' => $User->attr('username'),
+ ];
+ }
+
+ $FormTemplate = Template\Factory::build('page/form');
+ $FormTemplate->set('FORM', [
+ 'TYPE' => 'INSERT',
+ 'INFO' => $messages ?? [],
+ 'DATA' => [
+ 'ID' => $Attribute->get('id'),
+ 'USER' => $Attribute->get('user'),
+ 'SLUG' => $Attribute->get('slug'),
+ 'NAME' => $Attribute->get('name'),
+ 'BODY' => $Attribute->get('body'),
+ 'TIME_INSERT' => $Attribute->get('time_insert'),
+ 'TIME_UPDATE' => $Attribute->get('time_update'),
+ ],
+ 'USER_LIST' => $userAttributes ?? [],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $InsertTemplate = Template\Factory::build('page/insert');
+ $InsertTemplate->set('HTML', $FormTemplate);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_page_insert'));
+ $MainTemplate->set('HTML', $InsertTemplate);
+ echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+}
+?> \ No newline at end of file
diff --git a/admin/page/update.php b/admin/page/update.php
new file mode 100644
index 0000000..0489406
--- /dev/null
+++ b/admin/page/update.php
@@ -0,0 +1,96 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+#===============================================================================
+# TRY: Page\Exception
+#===============================================================================
+try {
+ $Page = Page\Factory::build(HTTP::GET('id'));
+ $Attribute = $Page->getAttribute();
+
+ if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'time_insert', 'time_update', 'update')) {
+ $Attribute->set('user', HTTP::POST('user'));
+ $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('name')));
+ $Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL);
+ $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : FALSE);
+ $Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
+ $Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
+ try {
+ $Attribute->databaseUPDATE($Database);
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+ }
+
+ else {
+ $messages[] = $Language->text('error_security_csrf');
+ }
+ }
+
+ #===============================================================================
+ # TRY: Template\Exception
+ #===============================================================================
+ try {
+ $userIDs = $Database->query(sprintf('SELECT id FROM %s ORDER BY fullname ASC', User\Attribute::TABLE));
+
+ foreach($userIDs->fetchAll(PDO::FETCH_COLUMN) as $userID) {
+ $User = User\Factory::build($userID);
+ $userAttributes[] = [
+ 'ID' => $User->attr('id'),
+ 'FULLNAME' => $User->attr('fullname'),
+ 'USERNAME' => $User->attr('username'),
+ ];
+ }
+
+ $FormTemplate = Template\Factory::build('page/form');
+ $FormTemplate->set('FORM', [
+ 'TYPE' => 'UPDATE',
+ 'INFO' => $messages ?? [],
+ 'DATA' => [
+ 'ID' => $Attribute->get('id'),
+ 'USER' => $Attribute->get('user'),
+ 'SLUG' => $Attribute->get('slug'),
+ 'NAME' => $Attribute->get('name'),
+ 'BODY' => $Attribute->get('body'),
+ 'TIME_INSERT' => $Attribute->get('time_insert'),
+ 'TIME_UPDATE' => $Attribute->get('time_update'),
+ ],
+ 'USER_LIST' => $userAttributes ?? [],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $PageUpdateTemplate = Template\Factory::build('page/update');
+ $PageUpdateTemplate->set('HTML', $FormTemplate);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_page_update'));
+ $MainTemplate->set('HTML', $PageUpdateTemplate);
+ echo $MainTemplate;
+ }
+
+ #===============================================================================
+ # CATCH: Template\Exception
+ #===============================================================================
+ catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+ }
+}
+
+#===============================================================================
+# CATCH: Page\Exception
+#===============================================================================
+catch(Page\Exception $Exception) {
+ Application::exit(404);
+}
+?> \ No newline at end of file
diff --git a/admin/post/delete.php b/admin/post/delete.php
new file mode 100644
index 0000000..82e71da
--- /dev/null
+++ b/admin/post/delete.php
@@ -0,0 +1,72 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+#===============================================================================
+# TRY: Post\Exception
+#===============================================================================
+try {
+ $Post = Post\Factory::build(HTTP::GET('id'));
+ $Attribute = $Post->getAttribute();
+
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'delete')) {
+ try {
+ if($Attribute->databaseDELETE($Database)) {
+ HTTP::redirect(Application::getAdminURL('post/'));
+ }
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+ }
+
+ #===============================================================================
+ # TRY: Template\Exception
+ #===============================================================================
+ try {
+ $FormTemplate = Template\Factory::build('post/form');
+ $FormTemplate->set('HTML', $Post->getHTML());
+ $FormTemplate->set('FORM', [
+ 'TYPE' => 'DELETE',
+ 'INFO' => $messages ?? [],
+ 'DATA' => [
+ 'ID' => $Attribute->get('id'),
+ 'BODY' => $Attribute->get('body'),
+ 'TIME_INSERT' => $Attribute->get('time_insert'),
+ 'TIME_UPDATE' => $Attribute->get('time_update'),
+ ],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $DeleteTemplate = Template\Factory::build('post/delete');
+ $DeleteTemplate->set('HTML', $FormTemplate);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_post_delete'));
+ $MainTemplate->set('HTML', $DeleteTemplate);
+ echo $MainTemplate;
+ }
+
+ #===============================================================================
+ # CATCH: Template\Exception
+ #===============================================================================
+ catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+ }
+}
+
+#===============================================================================
+# CATCH: Post\Exception
+#===============================================================================
+catch(Post\Exception $Exception) {
+ Application::exit(404);
+}
+?>
+
diff --git a/admin/post/index.php b/admin/post/index.php
new file mode 100644
index 0000000..bf7afdf
--- /dev/null
+++ b/admin/post/index.php
@@ -0,0 +1,76 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+$site_size = Application::get('POST.LIST_SIZE');
+$site_sort = Application::get('POST.LIST_SORT');
+
+$lastSite = ceil($Database->query(sprintf('SELECT COUNT(id) FROM %s', Post\Attribute::TABLE))->fetchColumn() / $site_size);
+
+$currentSite = HTTP::GET('site') ?? 1;
+$currentSite = abs(intval($currentSite));
+
+if($currentSite < 1 OR ($currentSite > $lastSite AND $lastSite > 0)) {
+ Application::exit(404);
+}
+
+#===============================================================================
+# Fetch post IDs from database
+#===============================================================================
+$execSQL = "SELECT id FROM %s ORDER BY {$site_sort} LIMIT ".(($currentSite-1) * $site_size).", {$site_size}";
+$postIDs = $Database->query(sprintf($execSQL, Post\Attribute::TABLE))->fetchAll($Database::FETCH_COLUMN);
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+ foreach($postIDs as $postID) {
+ try {
+ $Post = Post\Factory::build($postID);
+ $User = User\Factory::build($Post->attr('user'));
+
+ $ItemTemplate = generatePostItemTemplate($Post, $User);
+
+ $posts[] = $ItemTemplate;
+ }
+ catch(Post\Exception $Exception){}
+ catch(User\Exception $Exception){}
+ }
+
+ $PaginationTemplate = Template\Factory::build('pagination');
+ $PaginationTemplate->set('THIS', $currentSite);
+ $PaginationTemplate->set('LAST', $lastSite);
+ $PaginationTemplate->set('HREF', Application::getAdminURL('post/?site=%d'));
+
+ $ListTemplate = Template\Factory::build('post/index');
+ $ListTemplate->set('LIST', [
+ 'POSTS' => $posts ?? []
+ ]);
+
+ $ListTemplate->set('PAGINATION', [
+ 'THIS' => $currentSite,
+ 'LAST' => $lastSite,
+ 'HTML' => $PaginationTemplate
+ ]);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_post_overview', $currentSite));
+ $MainTemplate->set('HTML', $ListTemplate);
+ echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+}
+?> \ No newline at end of file
diff --git a/admin/post/insert.php b/admin/post/insert.php
new file mode 100644
index 0000000..ab6bb87
--- /dev/null
+++ b/admin/post/insert.php
@@ -0,0 +1,86 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+$Attribute = new Post\Attribute();
+
+if(HTTP::issetPOST('id', 'user', 'slug', 'name', 'body', 'time_insert', 'time_update', 'insert')) {
+ $Attribute->set('id', HTTP::POST('id') ? HTTP::POST('id') : FALSE);
+ $Attribute->set('user', HTTP::POST('user'));
+ $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('name')));
+ $Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL);
+ $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL);
+ $Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
+ $Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
+ try {
+ if($Attribute->databaseINSERT($Database)) {
+ HTTP::redirect(Application::getAdminURL('post/'));
+ }
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+ }
+
+ else {
+ $messages[] = $Language->text('error_security_csrf');
+ }
+}
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+ $userIDs = $Database->query(sprintf('SELECT id FROM %s ORDER BY fullname ASC', User\Attribute::TABLE));
+
+ foreach($userIDs->fetchAll(PDO::FETCH_COLUMN) as $userID) {
+ $User = User\Factory::build($userID);
+ $userAttributes[] = [
+ 'ID' => $User->attr('id'),
+ 'FULLNAME' => $User->attr('fullname'),
+ 'USERNAME' => $User->attr('username'),
+ ];
+ }
+
+ $FormTemplate = Template\Factory::build('post/form');
+ $FormTemplate->set('FORM', [
+ 'TYPE' => 'INSERT',
+ 'INFO' => $messages ?? [],
+ 'DATA' => [
+ 'ID' => $Attribute->get('id'),
+ 'USER' => $Attribute->get('user'),
+ 'SLUG' => $Attribute->get('slug'),
+ 'NAME' => $Attribute->get('name'),
+ 'BODY' => $Attribute->get('body'),
+ 'TIME_INSERT' => $Attribute->get('time_insert'),
+ 'TIME_UPDATE' => $Attribute->get('time_update'),
+ ],
+ 'USER_LIST' => $userAttributes ?? [],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $InsertTemplate = Template\Factory::build('post/insert');
+ $InsertTemplate->set('HTML', $FormTemplate);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_post_insert'));
+ $MainTemplate->set('HTML', $InsertTemplate);
+ echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+}
+?> \ No newline at end of file
diff --git a/admin/post/update.php b/admin/post/update.php
new file mode 100644
index 0000000..875d947
--- /dev/null
+++ b/admin/post/update.php
@@ -0,0 +1,96 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+#===============================================================================
+# TRY: Post\Exception
+#===============================================================================
+try {
+ $Post = Post\Factory::build(HTTP::GET('id'));
+ $Attribute = $Post->getAttribute();
+
+ if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'time_insert', 'time_update', 'update')) {
+ $Attribute->set('user', HTTP::POST('user'));
+ $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('name')));
+ $Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL);
+ $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : FALSE);
+ $Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
+ $Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
+ try {
+ $Attribute->databaseUPDATE($Database);
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+ }
+
+ else {
+ $messages[] = $Language->text('error_security_csrf');
+ }
+ }
+
+ #===============================================================================
+ # TRY: Template\Exception
+ #===============================================================================
+ try {
+ $userIDs = $Database->query(sprintf('SELECT id FROM %s ORDER BY fullname ASC', User\Attribute::TABLE));
+
+ foreach($userIDs->fetchAll(PDO::FETCH_COLUMN) as $userID) {
+ $User = User\Factory::build($userID);
+ $userAttributes[] = [
+ 'ID' => $User->attr('id'),
+ 'FULLNAME' => $User->attr('fullname'),
+ 'USERNAME' => $User->attr('username'),
+ ];
+ }
+
+ $FormTemplate = Template\Factory::build('post/form');
+ $FormTemplate->set('FORM', [
+ 'TYPE' => 'UPDATE',
+ 'INFO' => $messages ?? [],
+ 'DATA' => [
+ 'ID' => $Attribute->get('id'),
+ 'USER' => $Attribute->get('user'),
+ 'SLUG' => $Attribute->get('slug'),
+ 'NAME' => $Attribute->get('name'),
+ 'BODY' => $Attribute->get('body'),
+ 'TIME_INSERT' => $Attribute->get('time_insert'),
+ 'TIME_UPDATE' => $Attribute->get('time_update'),
+ ],
+ 'USER_LIST' => $userAttributes ?? [],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $PostUpdateTemplate = Template\Factory::build('post/update');
+ $PostUpdateTemplate->set('HTML', $FormTemplate);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_post_update'));
+ $MainTemplate->set('HTML', $PostUpdateTemplate);
+ echo $MainTemplate;
+ }
+
+ #===============================================================================
+ # CATCH: Template\Exception
+ #===============================================================================
+ catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+ }
+}
+
+#===============================================================================
+# CATCH: Post\Exception
+#===============================================================================
+catch(Post\Exception $Exception) {
+ Application::exit(404);
+}
+?> \ No newline at end of file
diff --git a/admin/user/delete.php b/admin/user/delete.php
new file mode 100644
index 0000000..ed8f925
--- /dev/null
+++ b/admin/user/delete.php
@@ -0,0 +1,72 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+#===============================================================================
+# TRY: User\Exception
+#===============================================================================
+try {
+ $User = User\Factory::build(HTTP::GET('id'));
+ $Attribute = $User->getAttribute();
+
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'delete')) {
+ try {
+ if($Attribute->databaseDELETE($Database)) {
+ HTTP::redirect(Application::getAdminURL('user/'));
+ }
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+ }
+
+ #===============================================================================
+ # TRY: Template\Exception
+ #===============================================================================
+ try {
+ $FormTemplate = Template\Factory::build('user/form');
+ $FormTemplate->set('HTML', $User->getHTML());
+ $FormTemplate->set('FORM', [
+ 'TYPE' => 'DELETE',
+ 'INFO' => $messages ?? [],
+ 'DATA' => [
+ 'ID' => $Attribute->get('id'),
+ 'BODY' => $Attribute->get('body'),
+ 'TIME_INSERT' => $Attribute->get('time_insert'),
+ 'TIME_UPDATE' => $Attribute->get('time_update'),
+ ],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $DeleteTemplate = Template\Factory::build('user/delete');
+ $DeleteTemplate->set('HTML', $FormTemplate);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_user_delete'));
+ $MainTemplate->set('HTML', $DeleteTemplate);
+ echo $MainTemplate;
+ }
+
+ #===============================================================================
+ # CATCH: Template\Exception
+ #===============================================================================
+ catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+ }
+}
+
+#===============================================================================
+# CATCH: User\Exception
+#===============================================================================
+catch(User\Exception $Exception) {
+ Application::exit(404);
+}
+?>
+
diff --git a/admin/user/index.php b/admin/user/index.php
new file mode 100644
index 0000000..3dca93a
--- /dev/null
+++ b/admin/user/index.php
@@ -0,0 +1,72 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+$site_size = Application::get('POST.LIST_SIZE');
+$site_sort = Application::get('POST.LIST_SORT');
+
+$lastSite = ceil($Database->query(sprintf('SELECT COUNT(id) FROM %s', User\Attribute::TABLE))->fetchColumn() / $site_size);
+
+$currentSite = HTTP::GET('site') ?? 1;
+$currentSite = abs(intval($currentSite));
+
+if($currentSite < 1 OR ($currentSite > $lastSite AND $lastSite > 0)) {
+ Application::exit(404);
+}
+
+#===============================================================================
+# Fetch user IDs from database
+#===============================================================================
+$execSQL = "SELECT id FROM %s ORDER BY {$site_sort} LIMIT ".(($currentSite-1) * $site_size).", {$site_size}";
+$userIDs = $Database->query(sprintf($execSQL, User\Attribute::TABLE))->fetchAll($Database::FETCH_COLUMN);
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+ foreach($userIDs as $userID) {
+ try {
+ $User = User\Factory::build($userID);
+ $ItemTemplate = generateUserItemTemplate($User);
+
+ $users[] = $ItemTemplate;
+ } catch(User\Exception $Exception){}
+ }
+
+ $PaginationTemplate = Template\Factory::build('pagination');
+ $PaginationTemplate->set('THIS', $currentSite);
+ $PaginationTemplate->set('LAST', $lastSite);
+ $PaginationTemplate->set('HREF', Application::getAdminURL('user/?site=%d'));
+
+ $ListTemplate = Template\Factory::build('user/index');
+ $ListTemplate->set('LIST', [
+ 'USERS' => $users ?? []
+ ]);
+
+ $ListTemplate->set('PAGINATION', [
+ 'THIS' => $currentSite,
+ 'LAST' => $lastSite,
+ 'HTML' => $PaginationTemplate
+ ]);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_user_overview', $currentSite));
+ $MainTemplate->set('HTML', $ListTemplate);
+ echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+}
+?> \ No newline at end of file
diff --git a/admin/user/insert.php b/admin/user/insert.php
new file mode 100644
index 0000000..7c892d4
--- /dev/null
+++ b/admin/user/insert.php
@@ -0,0 +1,78 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+$Attribute = new User\Attribute();
+
+if(HTTP::issetPOST('id', 'slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'time_insert', 'time_update', 'insert')) {
+ $Attribute->set('id', HTTP::POST('id') ? HTTP::POST('id') : FALSE);
+ $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('username')));
+ $Attribute->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL);
+ $Attribute->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE);
+ $Attribute->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL);
+ $Attribute->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL);
+ $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL);
+ $Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
+ $Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
+ try {
+ if($Attribute->databaseINSERT($Database)) {
+ HTTP::redirect(Application::getAdminURL('user/'));
+ }
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+ }
+
+ else {
+ $messages[] = $Language->text('error_security_csrf');
+ }
+}
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+try {
+ $FormTemplate = Template\Factory::build('user/form');
+ $FormTemplate->set('FORM', [
+ 'TYPE' => 'INSERT',
+ 'INFO' => $messages ?? [],
+ 'DATA' => [
+ 'ID' => $Attribute->get('id'),
+ 'SLUG' => $Attribute->get('slug'),
+ 'USERNAME' => $Attribute->get('username'),
+ 'PASSWORD' => NULL,
+ 'FULLNAME' => $Attribute->get('fullname'),
+ 'MAILADDR' => $Attribute->get('mailaddr'),
+ 'BODY' => $Attribute->get('body'),
+ 'TIME_INSERT' => $Attribute->get('time_insert'),
+ 'TIME_UPDATE' => $Attribute->get('time_update'),
+ ],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $InsertTemplate = Template\Factory::build('user/insert');
+ $InsertTemplate->set('HTML', $FormTemplate);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_user_insert'));
+ $MainTemplate->set('HTML', $InsertTemplate);
+ echo $MainTemplate;
+}
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+}
+?> \ No newline at end of file
diff --git a/admin/user/update.php b/admin/user/update.php
new file mode 100644
index 0000000..cab582e
--- /dev/null
+++ b/admin/user/update.php
@@ -0,0 +1,89 @@
+<?php
+#===============================================================================
+# DEFINE: Administration
+#===============================================================================
+define('ADMINISTRATION', TRUE);
+define('AUTHENTICATION', TRUE);
+
+#===============================================================================
+# INCLUDE: Main configuration
+#===============================================================================
+require_once '../../core/application.php';
+
+#===============================================================================
+# TRY: User\Exception
+#===============================================================================
+try {
+ $User = User\Factory::build(HTTP::GET('id'));
+ $Attribute = $User->getAttribute();
+
+ if(HTTP::issetPOST('slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'time_insert', 'time_update', 'update')) {
+ $Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('username')));
+ $Attribute->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL);
+ $Attribute->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE);
+ $Attribute->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL);
+ $Attribute->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL);
+ $Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL);
+ $Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
+ $Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+
+ if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
+ try {
+ if($Attribute->databaseUPDATE($Database)) {
+ }
+ } catch(PDOException $Exception) {
+ $messages[] = $Exception->getMessage();
+ }
+ }
+
+ else {
+ $messages[] = $Language->text('error_security_csrf');
+ }
+ }
+
+#===============================================================================
+# TRY: Template\Exception
+#===============================================================================
+ try {
+ $FormTemplate = Template\Factory::build('user/form');
+ $FormTemplate->set('FORM', [
+ 'TYPE' => 'UPDATE',
+ 'INFO' => $messages ?? [],
+ 'DATA' => [
+ 'ID' => $Attribute->get('id'),
+ 'SLUG' => $Attribute->get('slug'),
+ 'USERNAME' => $Attribute->get('username'),
+ 'PASSWORD' => NULL,
+ 'FULLNAME' => $Attribute->get('fullname'),
+ 'MAILADDR' => $Attribute->get('mailaddr'),
+ 'BODY' => $Attribute->get('body'),
+ 'TIME_INSERT' => $Attribute->get('time_insert'),
+ 'TIME_UPDATE' => $Attribute->get('time_update'),
+ ],
+ 'TOKEN' => Application::getSecurityToken()
+ ]);
+
+ $InsertTemplate = Template\Factory::build('user/update');
+ $InsertTemplate->set('HTML', $FormTemplate);
+
+ $MainTemplate = Template\Factory::build('main');
+ $MainTemplate->set('NAME', $Language->text('title_user_update'));
+ $MainTemplate->set('HTML', $InsertTemplate);
+ echo $MainTemplate;
+ }
+
+#===============================================================================
+# CATCH: Template\Exception
+#===============================================================================
+ catch(Template\Exception $Exception) {
+ $Exception->defaultHandler();
+ }
+}
+
+#===============================================================================
+# CATCH: User\Exception
+#===============================================================================
+catch(User\Exception $Exception) {
+ Application::exit(404);
+}
+?> \ No newline at end of file