foltik
/
shimapan
mirror da https://github.com/Foltik/Shimapan
1
0
Forka 0
Codice Problemi 0 Rilasci 0 Wiki Attività
Sfoglia il codice sorgente

Version 3.0.0 - Major optimizations and streamlining

pull/1/head
Jack Foltz 7 anni fa
parent
ee5770b7fe
commit
82ca61db4e
13 ha cambiato i file con 383 aggiunte e 304 eliminazioni
Visualizzazione separata
Diff Options
Show Stats Download Patch File Download Diff File
  1. +17
    -18
      assets/css/shimapan-panel.css
  2. +44
    -24
      includes/api.php
  3. +293
    -236
      includes/core.php
  4. +2
    -2
      includes/header.swig
  5. +3
    -3
      includes/layout.swig
  6. +1
    -1
      includes/nav.swig
  7. +8
    -7
      includes/navbar.swig
  8. +1
    -1
      includes/report.swig
  9. +5
    -4
      includes/search.swig
  10. +4
    -4
      includes/settings.inc.php
  11. +1
    -1
      includes/shimapan.swig
  12. +1
    -1
      templates/login/index.swig
  13. +3
    -2
      templates/register/index.swig

+ 17
- 18
assets/css/shimapan-panel.css Vedi File

@@ -4,8 +4,8 @@
/* ---------- GENERAL ---------- */

body {
background: #eaeaea;
color: #999;
background-color: #060606;
color: #d3d3d3;
font: 100%/1.5em sans-serif;
margin: 0;
}
@@ -55,9 +55,9 @@ input[type="submit"] { cursor: pointer; }
}

#login-form h3 {
background-color: #282830;
background-color: #222222;
border-radius: 5px 5px 0 0;
color: #fff;
color: #2a9fd6;
font-size: 14px;
padding: 20px;
text-align: center;
@@ -65,14 +65,14 @@ input[type="submit"] { cursor: pointer; }
}

#login-form fieldset {
background: #fff;
background: #151515;
border-radius: 0 0 5px 5px;
padding: 20px;
position: relative;
}

#login-form fieldset:before {
background-color: #fff;
background-color: #222222;
content: "";
height: 8px;
left: 50%;
@@ -94,13 +94,12 @@ input[type="submit"] { cursor: pointer; }
#login-form input[name="user"],
#login-form input[name="code"],
#login-form input[type="password"] {
border: 1px solid #dcdcdc;
padding: 12px 10px;
width: 238px;
}

#login-form input[name="user"] {
color: #888888;
background: #ffffff;
border: 1px solid #282828;
border-radius: 3px 3px 0 0;
width: 248px;
padding: 12px 10px;
}

#login-form input[name="code"],
@@ -110,7 +109,7 @@ input[type="submit"] { cursor: pointer; }
}

#login-form input[type="submit"] {
background: #1dabb8;
background: #454545;
border-radius: 3px;
color: #fff;
float: right;
@@ -127,7 +126,7 @@ input[type="submit"] { cursor: pointer; }
}

.info {
background: #e5e5e5;
background: #2a9fd6;
border-radius: 50%;
display: inline-block;
height: 20px;
@@ -150,9 +149,9 @@ input[type="submit"] { cursor: pointer; }
}

#fail:target h3 {
background-color: #282830;
background-color: #222222;
border-radius: 5px 5px 0 0;
color: #fff;
color: #2a9fd6;
font-size: 14px;
padding: 20px;
text-align: center;
@@ -160,14 +159,14 @@ input[type="submit"] { cursor: pointer; }
}

#fail:target fieldset {
background: #fff;
background: #151515;
border-radius: 0 0 5px 5px;
padding: 20px;
position: relative;
}

#fail:target fieldset:before {
background-color: #fff;
background-color: #151515;
content: "";
height: 8px;
left: 50%;


+ 44
- 24
includes/api.php Vedi File

@@ -6,46 +6,66 @@ if (isset($_GET['do'])) {

switch ($action) {
case "login":
login($_POST['user'], $_POST['pass']);
login($_POST['user'], $_POST['pass']);
break;

case "register":
register($_POST['user'], $_POST['pass'], $_POST['code']);
break;

case "invite":
generate($_GET['level']);
case "invite":
if (!empty($_GET['level']))
generate($_GET['level']);
else
generate(NULL);
break;

case "fetch":
fetchFiles($_GET['date'], $_GET['count'], $_GET['keyword'], $_GET['action']);
break;
case "fetch":
switch($_GET['method']) {
case "Fetch All":
fetchFiles($_GET['method'], NULL, $_GET['count'], NULL);
break;

case "search":
fetchFiles();
break;
case "Fetch":
fetchFiles($_GET['method'], $_GET['date'], $_GET['count'], $_GET['keyword']);
break;

case "report":
report($_POST['file'], $_POST['reason']);
break;
default:
fetchFiles(NULL, NULL, NULL, NULL);
break;
}
break;

case "mod":
mod($_GET['action'], $_GET['date'], $_GET['count'], $_GET['why'], $_GET['file'], $_GET['keyword'], $_GET['fileid'], $_GET['hash'], $_GET['originalname']);
break;
case "report":
if (!empty($_POST['file']))
report($_POST['file'], $_POST['reason']);
else
report(NULL, NULL);
break;

case "reports":
reports();
break;

case "acceptreport":
acceptreport($_GET['id']);
break;

case "dismissreport":
dismissreport($_GET['id']);
break;

case "panel":
header('Location: ../panel/index.php');
panel();
break;

case "delete":
delete($_GET['filename'], $_GET['fileid']);
case "delete":
delete($_GET['fileid']);
break;

case "logout":
session_unset();
session_destroy();
session_write_close();
header('Location: ../login');
case "logout":
destroySession();
break;

default:
@@ -53,4 +73,4 @@ if (isset($_GET['do'])) {
}
} else {
echo "What are you doing here, <span language=\"jp\">baka</span>?";
}
}

+ 293
- 236
includes/core.php Vedi File

@@ -2,81 +2,125 @@
session_start();
require_once 'database.inc.php';

function register($user, $pass, $code)
{
global $db;
$q = $db->prepare("SELECT id, used, level FROM invites WHERE code = (:code)");
$q->bindParam(':code', $code);
/*
*
* Utilitiy Functions
*
*/

function createSession($id, $username, $level) {
$_SESSION['id'] = $id;
$_SESSION['user'] = $username;
$_SESSION['level'] = $level;
redirect('/');
}

function destroySession() {
session_unset();
session_destroy();
redirect('/login');
}

function checkSession($requiredLevel) {
// Check that they are logged in
if (!isset($_SESSION['id']))
redirect('/login');

// Check that they have the required access level
if ($_SESSION['level'] > $requiredLevel)
exit(header('HTTP/1.0 403 Forbidden'));
}

function redirect($uri) {
$host = $_SERVER['HTTP_HOST'];
exit(header('Location: https://'.$host.$uri));
}

/*
*
* Core Functions
*
*/

function panel() {
global $db;
checkSession(3);

include('./panel.php');

$q = $db->prepare("SELECT apikey FROM accounts WHERE user = (:user)");
$q->bindParam(':user', $_SESSION['user']);
$q->execute();
$r = $q->fetch();

echo 'Your API Key is '.$r['apikey'];
}

function register($user, $pass, $code) {
global $db;
// Check if code exists, if it is used, and store it in $r for later use
$q = $db->prepare("SELECT id, used, level FROM invites WHERE code = (:code) AND used = 0");
$q->bindParam(':code', $code);
$q->execute();
$r = $q->fetch();
if ($q->rowCount() == 0) redirect('/register/index.html#fail');

// Check if username is used
$q = $db->prepare("SELECT user FROM accounts WHERE user = (:user)");
$q->bindParam(':user', $user);
$q->execute();
$result = $q->fetch();

// Check if code is used
if ($result['used'] == '0') {
// Check to see if the username is in use
$q = $db->prepare("SELECT user FROM accounts WHERE user = (:user)");
$q->bindParam(':user', $user);
$q->execute();
if (!($result = $q->fetch())) {
// Add new account
$q = $db->prepare("INSERT INTO accounts (user, pass, level, apikey) VALUES (:user, :pass, :level, :apikey)");
$q->bindParam(':user', $user);
$q->bindParam(':level', $result['level']);
$hash = password_hash($pass, PASSWORD_DEFAULT);
$q->bindParam(':pass', $hash);
$apikey = generateString(KEY_CHARSET, 32);
$q->bindParam(':apikey', $apikey);
$q->execute();

// Set the code as used
$q = $db->prepare("UPDATE invites SET used = (:used),usedby = (:usedby) WHERE code = (:code)");
$q->bindValue(':used', '1');
$q->bindValue(':usedby', $user);
$q->bindParam(':code', $code);
$q->execute();

// Log them in
$_SESSION['id'] = $result['id'];
$_SESSION['user'] = $user;
$_SESSION['level'] = $result['level'];
header('Location: http://www.shimapan.rocks/includes/api.php?do=panel');
} else {
header('Location: ../register/index.html#fail');
}
} else {
header('Location: ../register/index.html#fail');
}
if ($q->rowCount() > 0) redirect('/register/index.html#fail');

// If the checks passed, create the account
$q = $db->prepare("INSERT INTO accounts (user, pass, apikey, level) VALUES (:user, :pass, :apikey, :level)");
$q->bindParam(':user', $user);
$q->bindParam(':pass', password_hash($pass, PASSWORD_DEFAULT));
$q->bindParam(':apikey', generateString(KEY_CHARSET, 32));
$q->bindParam(':level', $r['level']);
$q->execute();

// Set the code as used
$q = $db->prepare("UPDATE invites SET used = (:used), usedby = (:usedby) WHERE code = (:code)");
$q->bindValue(':used', 1);
$q->bindValue(':usedby', $user);
$q->bindParam(':code', $code);
$q->execute();

// Log them in
createSession($r['id'], $user, $r['level']);
}

function generate($level)
{
global $db;
if (isset($_SESSION['id'])) {
if ($_SESSION['level'] < '3') {
if (empty($level)) {
include_once('./invite.php');
} else {
if ($level > $_SESSION['level'] && $level < '4') {
$q = $db->prepare("INSERT INTO invites (code, level, issuer) VALUES (:code, :level, :issuer)");
$code = generateString(CODE_CHARSET, 16);
$q->bindParam(':code', $code);
$q->bindParam(':level', $level);
$q->bindParam(':issuer', $_SESSION['user']);
$q->execute();
echo '<p>Generation Successful.</p><br>
<p>Code: '.$code.'</p><br>
<p>Access Level: '.$level.'</p>';
}
}
} else {
echo 'Insufficient Access Level.';
}
} else {
header('Location: ../login');
}
function generate($level) {
global $db;
checkSession(2);

// Display form if not generating an invite
if (empty($level)) {
include_once('./invite.php');
exit();
}

// Check to make sure level is valid
if ($level < $_SESSION['level'] || $level > 3) {
echo 'Invalid Access Level.<br>
Level must be greater than your current level, and less than 4.';
exit();
}
// Create the invite code
$q = $db->prepare("INSERT INTO invites (code, level, issuer) VALUES (:code, :level, :issuer)");
$code = generateString(CODE_CHARSET, 16);
$q->bindParam(':code', $code);
$q->bindParam(':level', $level);
$q->bindParam(':issuer', $_SESSION['user']);
$q->execute();
echo 'Generation Successful.<br>
Code: '.$code.'<br>
Access Level: '.$level;
}

function generateString($charset, $length)
{
function generateString($charset, $length) {
$string = '';
for ($i = 0; $i < $length; $i++) {
$string .= $charset[rand(0, strlen($charset) - 1)];
@@ -84,122 +128,114 @@ function generateString($charset, $length)
return $string;
}

function login($user, $pass)
{
global $db;
function login($user, $pass) {
global $db;
// Get the specified user's data
$q = $db->prepare("SELECT pass, id, user, level FROM accounts WHERE user = (:user)");
$q->bindParam(':user', $user);
$q->execute();
$result = $q->fetch();

if (password_verify($pass, $result['pass'])) {
$_SESSION['id'] = $result['id'];
$_SESSION['user'] = $result['user'];
$_SESSION['level'] = $result['level'];
header('Location: api.php?do=panel');
} else {
header('Location: ../login/index.html#fail');
}
$r = $q->fetch();
if (password_verify($pass, $r['pass']))
createSession($r['id'], $r['user'], $r['level']);
else
redirect('/login/index.html#fail');
}

function delete($filename, $deleteid)
{
if (isset($_SESSION['id'])) {
if ($_SESSION['level'] < '4') {
if (empty($filename)) {
echo "Invalid Filename";
} else {
global $db;
$q = $db->prepare("SELECT filename, delid, id, user FROM files WHERE filename = (:filename)");
$q->bindParam(':filename', $filename);
$q->execute();
$result = $q->fetch();
function delete($fileid) {
global $db;
checkSession(3);

if ($_SESSION['level'] === '0' || $result['user'] === $_SESSION['user']) {
$q = $db->prepare("DELETE FROM files WHERE id = (:id)");
$q->bindParam(':id', $result['id']);
$q->execute();
unlink(SHIM_FILES_ROOT.$filename);
echo "<br/>File deleted.<br/>";
} else {
echo 'Insufficient Access Level';
}
}
} else {
echo 'Insufficient Access Level.';
}
} else {
header('Location: ../login');
}
if (empty($fileid)) {
echo 'Invalid File.';
exit();
}

// Get owner + filename
$q = $db->prepare("SELECT filename, user FROM files WHERE id = (:id)");
$q->bindParam(':id', $fileid);
$q->execute();
$r = $q->fetch();

// If they own it or are an admin
if ($_SESSION['level'] <= 1 || $r['user'] == $_SESSION['user']) {
// Remove it from the DB
$q = $db->prepare("DELETE FROM files WHERE id = (:id)");
$q->bindParam(':id', $fileid);
$q->execute();
// Delete the file
unlink(SHIM_FILES_ROOT.$r['filename']);
echo 'File deleted.';
}
}

function fetchFiles($date, $count, $keyword, $action)
{
global $db;
if (isset($_SESSION['id'])) {
if ($_SESSION['level'] < '4') {
include('./search.php');

if ($action === 'Fetch All') {
if ($_SESSION['level'] === '0') {
$q = $db->prepare("SELECT * FROM files ORDER BY id DESC LIMIT :count");
} else {
$q = $db->prepare("SELECT * FROM files WHERE user = (:user) ORDER BY id DESC LIMIT :count");
$q->bindValue(':user', $_SESSION['user']);
}
$q->bindValue(':count', (int) $count, PDO::PARAM_INT);
$q->execute();
function fetchFiles($method, $date, $count, $keyword) {
global $db;
checkSession(3);

$i = 0;
while ($row = $q->fetch()) {
$i++;
$bytes = $row['size'];
$kilobytes = $row['size'] / 1000;
echo '<tr><td>'.$row['id'].'</td>
<td>'.strip_tags($row['originalname']).'</td>
<td><a href="'.SHIM_FILE_URL.$row['filename'].'" target="_BLANK">'.$row['filename'].'</a> ('.$row['originalname'].')</td>
<td>'.$bytes.' / '.$kilobytes.'</td>
<td><a class="btn btn-default" href="'.SHIM_URL.'/includes/api.php?do=delete&action=remove&fileid='.$row['id'].'&filename='.$row['filename'].'" target="_BLANK">Remove</a></td></tr>';
}
echo '<p>'.$i.' Files in total at being shown.</p>';
echo '</table>';
} elseif ($action === 'Fetch') {
if ($_SESSION['level'] === '0') {
$q = $db->prepare("SELECT * FROM files WHERE originalname LIKE (:keyword) AND date LIKE (:date) OR filename LIKE (:keyword) AND date LIKE (:date) ORDER BY id DESC LIMIT :count");
} else {
$q = $db->prepare("SELECT * FROM files WHERE originalname LIKE (:keyword) AND date LIKE (:date) AND user = (:user) OR filename LIKE (:keyword) AND date LIKE (:date) AND user = (:userid) ORDER BY id DESC LIMIT :count");
$q->bindValue(':user', $_SESSION['user']);
}
$q->bindValue(':date', "%".$date."%");
$q->bindValue(':count', (int) $count, PDO::PARAM_INT);
$q->bindValue(':keyword', "%".$keyword."%");
$q->execute();
include('./search.php');

$i = 0;
while ($row = $q->fetch()) {
$i++;
$bytes = $row['size'];
$kilobytes = $row['size'] / 1000;
echo '<tr><td>'.$row['id'].'</td>
<td>'.strip_tags($row['originalname']).'</td>
<td><a href="'.SHIM_FILE_URL.$row['filename'].'" target="_BLANK">'.$row['filename'].'</a> ('.$row['originalname'].')</td>
<td>'.$bytes.' / '.$kilobytes.'</td>
<td><a class="btn btn-default" href="'.SHIM_URL.'/includes/api.php?do=delete&action=remove&fileid='.$row['id'].'&filename='.$row['filename'].'" target="_BLANK">Remove</a></td></tr>';
}
echo '<p>'.$i.' Files in total at being shown.</p>';
echo '</table>';
}
include('./footer.php');
} else {
echo 'Insufficient Access Level.';
}
} else {
header('Location: ../login');
}
if (empty($method)) {
include('./footer.php');
exit();
}

if ($method == 'Fetch') {
// Either fetch all files matching query, or only the user's files
if ($_SESSION['level'] == 0)
$q = $db->prepare('SELECT * FROM files WHERE (originalname LIKE (:keyword) AND date LIKE (:date)) OR (filename LIKE (:keyword) AND date LIKE (:date)) ORDER BY id DESC LIMIT :count');
else {
$q = $db->prepare('SELECT * FROM files WHERE user = (:user) AND ((originalname LIKE (:keyword) AND date LIKE (:date)) OR (filename LIKE (:keyword) AND date LIKE (:date))) ORDER BY id DESC LIMIT :count');
$q->bindValue(':user', $_SESSION['user']);
}

$q->bindValue(':date', '%'.$date.'%');
$q->bindValue(':count', (int)$count, PDO::PARAM_INT);
$q->bindValue(':keyword', '%'.$keyword.'%');
$q->execute();
} else if ($method == 'Fetch All') {
// Either fetch all files or only the user's files
if ($_SESSION['level'] == 0)
$q = $db->prepare('SELECT * FROM files ORDER BY id DESC LIMIT :count');
else {
$q = $db->prepare('SELECT * FROM files WHERE user = (:user) ORDER BY id DESC LIMIT :count');
$q->bindValue(':user', $_SESSION['user']);
}

$q->bindValue(':count', (int)$count, PDO::PARAM_INT);
$q->execute();
}

while ($r = $q->fetch()) {
$id = $r['id'];
$oname = strip_tags($r['originalname']);
$fname = $r['filename'];
$bytes = $r['size'].' B';
$temp = $r['size'] / 1000;
$kilobytes = $temp.' KB';
$uploadDate = $r['date'];
$uploader = $r['user'];

echo '<tr>
<td>'.$id.'</td>
<td>'.$oname.'</td>
<td><a href="'.SHIM_FILE_URL.$fname.'" target="_BLANK">'.$fname.'</a></td>
<td>'.$uploadDate.'</td>
<td>'.$uploader.'</td>
<td>'.$bytes.' / '.$kilobytes.'</td>
<td><a class="btn btn-default" href="'.SHIM_URL.'/includes/api.php?do=delete&fileid='.$id.'" target="_BLANK">Remove</a></td>
</tr>';
}
echo '<p>'.$q->rowCount().' files found.</p>';
echo '</table>';

include('./footer.php');
}

function report($file, $reason)
{
function report($file, $reason) {
global $db;
if (isset($_SESSION['id'])) {
if ($_SESSION['level'] < '4') {
@@ -212,7 +248,7 @@ function report($file, $reason)
$result = $q->fetch();
if ($q->rowCount() != '0') {
$q = $db->prepare(" header('Location: ../register/index.html#fail');INSERT INTO reports (hash, date, file, fileid, reporter, reason) VALUES (:hash, :date, :file, :fileid, :reporter, :reason)");
$q = $db->prepare("INSERT INTO reports (hash, date, file, fileid, reporter, reason) VALUES (:hash, :date, :file, :fileid, :reporter, :reason)");
$q->bindValue(':file', strip_tags($file));
$q->bindValue(':date', date('Y-m-d'));
$q->bindValue(':reporter', $_SESSION['user']);
@@ -221,69 +257,90 @@ function report($file, $reason)
$q->bindValue(':reason', $reason);
$q->execute();
echo 'Thank you, report has been sent. The file will be reviewed.';
} else {
echo 'File does not exist.';
}
} else echo 'File does not exist.';
}
} else {
echo 'Insufficient Access Level.';
}
} else {
header('Location: ../login');
}
} else echo 'Insufficient Access Level.';
} else header('Location: ../login');
}

function mod($action, $date, $count, $why, $file, $keyword, $fileid, $hash, $orginalname)
{
global $db;
if (isset($_SESSION['id'])) {
if ($_SESSION['level'] < '2') {
switch ($action) {
case "reports":
$q = $db->prepare("SELECT * FROM reports WHERE status = '0'");
$q->execute();
function reports() {
global $db;
checkSession(1);

$i = 0;
include('./reports.php');
while ($row = $q->fetch()) {
$i++;
echo '<tr><td>'.$row['id'].'</td>
<td><a href="'.SHIM_FILE_URL.strip_tags($row['file']).'" target="_BLANK">'.strip_tags($row['file']).'</td>
<td>'.$row['fileid'].'</td>
<td>'.$row['reporter'].'</td>
<td>'.$row['status'].'</td>
<td>'.$row['reason'].'</td>
<td><a class="btn btn-default" href="'.SHIM_URL.'/includes/api.php?do=mod&action=remove&fileid='.$row['fileid'].'&file='.$row['file'].'" target="_BLANK">Remove File</a>
<a class="btn btn-default" href="'.SHIM_URL.'/includes/api.php?do=mod&action=dismiss&fileid='.$row['fileid'].'&file='.$row['file'].'" target="_BLANK">Dismiss Report</a></td></tr>';
}
echo '</table>';
include('./footer.php');
echo $i.' Reports in total at being shown.';
break;

case "remove":
delete($file, $fileid);
$q = $db->prepare("DELETE FROM files WHERE id = (:id)");
$q->bindParam(':id', $fileid);
$q->execute();
unlink(SHIM_FILES_ROOT.$file);
$q = $db->prepare("UPDATE reports SET status = (:status) WHERE fileid = (:fileid)");
$q->bindValue(':status', '1');
$q->bindValue(':fileid', $fileid);
$q->execute();
break;
include('./reports.php');

case "dismiss":
$q = $db->prepare("UPDATE reports SET status = (:status) WHERE fileid = (:fileid)");
$q->bindValue(':status', '2');
$q->bindValue('fileid', $fileid);
$q->execute();
echo 'Report Dismissed.';
}
} else {
echo 'Insufficient Access Level.';
}
} else {
header('Location: ../login');
}
}
// Populate the table
$q = $db->prepare("SELECT * FROM reports WHERE status = '0'");
$q->execute();
while ($r = $q->fetch()) {
$id = $r['id'];
$fileid = $r['fileid'];
$filename = strip_tags($r['file']);
$reporter = $r['reporter'];
$status = $r['status'];
$reason = strip_tags($r['reason']);

echo '<tr>
<td>'.$id.'</td>
<td><a href="'.SHIM_FILE_URL.$filename.'" target="_BLANK">'.$filename.'</td>
<td>'.$fileid.'</td>
<td>'.$reporter.'</td>
<td>'.$status.'</td>
<td>'.$reason.'</td>
<td><a class="btn btn-default" href="'.SHIM_URL.'/includes/api.php?do=acceptreport&id='.$id.'" target="_BLANK">Remove File</a>
<a class="btn btn-default" href="'.SHIM_URL.'/includes/api.php?do=dismissreport&id='.$id.'" target="_BLANK">Dismiss Report</a></td>
</tr>';
}
echo '</table>';
include('./footer.php');

// Display report stats
echo $q->rowCount().' Reports in total are being shown.<br>';
$q = $db->prepare("SELECT * FROM reports WHERE status != '0'");
$q->execute();
echo $q->rowCount().' Unshown reports filled.';
}

function acceptreport($id) {
global $db;
checkSession(1);
// Get file info
$q = $db->prepare('SELECT file, fileid FROM reports WHERE id = (:id)');
$q->bindParam(':id', $id);
$q->execute();
$r = $q->fetch();
$fileid = $r['fileid'];
$filename = $r['file'];

// Delete the file and remove from DB
delete($fileid);
$q = $db->prepare("DELETE FROM files WHERE id = (:id)");
$q->bindParam(':id', $fileid);
$q->execute();
// MOVE TO delete();
unlink(SHIM_FILES_ROOT.$filename);
// Update report status
$q = $db->prepare("UPDATE reports SET status = (:status) WHERE id = (:id)");
$q->bindValue(':status', '1');
$q->bindValue(':id', $id);
$q->execute();
}

function dismissreport($id) {
global $db;
checkSession(1);
// Update report status
$q = $db->prepare('UPDATE reports SET status = (:status) WHERE id = (:id)');
$q->bindValue(':status', '2');
$q->bindValue('id', $id);
$q->execute();
echo 'Report Dismissed.';
}

?>

+ 2
- 2
includes/header.swig Vedi File

@@ -6,7 +6,7 @@
<meta name="viewport" content="width=device-width, initial-scale=1">

<title>{{siteName}} Panel</title>
<link href="/assets/css/bootstrap.min.css" rel="stylesheet">
<link href="/assets/css/bootstrap.css" rel="stylesheet">
</head>
<body>
{% include "navbar.swig" %}
{% include "navbar.swig" %}

+ 3
- 3
includes/layout.swig Vedi File

@@ -7,12 +7,12 @@
<meta name="generator" content="Shimapan {{pkgVersion}}">
<title>{{siteName}} {% block title %}Services{% endblock %}</title>
<link rel="icon" href="/assets/img/favicon.ico">
<link rel="stylesheet" href="/assets/css/shimapan.min.css">
<script src="/assets/js/shimapan.min.js"></script>
<link rel="stylesheet" href="/assets/css/shimapan.css">
<script src="/assets/js/shimapan.js"></script>
</head>
<body>
<div class="container">
{% block body %}What are you doing here, <span lang="jp">baka</span>?{% endblock %}
</div>
</body>
</html>
</html>

+ 1
- 1
includes/nav.swig Vedi File

@@ -1,7 +1,7 @@
<nav>
<ul>
<li><a href="/">{{siteName}}</a></li>
<li><a href="/panel/">Panel</a></li>
<li><a href="/includes/api.php?do=panel">Panel</a></li>
<li><a href="/tools.html">Tools</a></li>
<li><a href="https://github.com/Foltik/Shimapan">Git</a></li>
<li><a href="/faq.html">FAQ</a></li>


+ 8
- 7
includes/navbar.swig Vedi File

@@ -11,13 +11,14 @@
</div>
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li><a href="/panel" target="_BLANK">Panel</a></li>
<li><a href="/includes/api.php?do=search" target="_BLANK">Search</a></li>
<?php if ($_SESSION['level'] < '3') echo '<li><a href="/includes/api.php?do=invite" target="_BLANK">Invites</a></li>'; ?>
<li><a href="/includes/api.php?do=report" target="_BLANK">Report</a></li>
<?php if ($_SESSION['level'] < '2') echo '<li><a href="/includes/api.php?do=mod&action=reports" target="_BLANK">Reports</a></li>'; ?>
<li><a href="/includes/api.php?do=logout">Logout</a></li>
<li><a href="/includes/api.php?do=panel">Panel</a></li>
<li><a href="/includes/api.php?do=fetch">Search</a></li>
<?php if ($_SESSION['level'] < '3') echo '<li><a href="/includes/api.php?do=invite">Invites</a></li>'; ?>
<li><a href="/includes/api.php?do=report">Report</a></li>
<?php if ($_SESSION['level'] < '2') echo '<li><a href="/includes/api.php?do=reports">Reports</a></li>'; ?>
<?php if ($_SESSION['level'] < '1') echo '<li><a href="/includes/api.php?do=users">Users</a></li>'; ?>
<li><a href="/includes/api.php?do=logout">Logout</a></li>
</ul>
</div>
</div>
</nav>
</nav>

+ 1
- 1
includes/report.swig Vedi File

@@ -10,4 +10,4 @@
</div>
<input class="btn btn-default" type="submit" value="Report">
</form>
{% include "footer.swig" %}
{% include "footer.swig" %}

+ 5
- 4
includes/search.swig Vedi File

@@ -1,7 +1,6 @@
{% include "header.swig" %}
<form class="form-inline" action="/includes/api.php" method="get">
<input type="hidden" name="do" value="fetch">
<input type="hidden" name="all" value="no">
<div class="form-group">
<label for="date">Date:</label>
<input id="date" type="date" name="date" data-date-format="YYYY-MM-DD" value="<?php if (empty($date)) { echo date('Y-m-d'); } else { echo $date; }?>">
@@ -14,8 +13,8 @@
<label for="amount">Keyword:</label>
<input type="text" name="keyword">
</div>
<input class="btn btn-default" type="submit" name="action" value="Fetch">
<input class="btn btn-default" type="submit" name="action" value="Fetch All">
<input class="btn btn-default" type="submit" name="method" value="Fetch">
<input class="btn btn-default" type="submit" name="method" value="Fetch All">
</form>
<br>
<table id="result" class="table">
@@ -23,6 +22,8 @@
<th>ID</th>
<th>Orginal Name</th>
<th>Filename</th>
<th>Upload Date</th>
<th>Uploader</th>
<th>Size (Bytes / Kilobytes)</th>
<th>Action</th>
</tr>
</tr>

+ 4
- 4
includes/settings.inc.php Vedi File

@@ -4,12 +4,12 @@ define('SHIM_DB_CONN', 'mysql:host=localhost;dbname=shimapan');
define('SHIM_DB_USER', 'shimapan');
define('SHIM_DB_PASS', 'skeleton');

define('SHIM_FILES_ROOT', '/media/shimapan/');
define('SHIM_FILES_ROOT', '/var/www/shimapan/i/');
define('SHIM_FILES_RETRIES', 15);
define('SHIM_FILES_LENGTH', 6);

define('SHIM_URL', 'http://www.shimapan.rocks/');
define('SHIM_FILE_URL', 'http://i.shimapan.rocks/');
define('SHIM_URL', 'https://www.shimapan.rocks/');
define('SHIM_FILE_URL', 'https://i.shimapan.rocks/');

define('FILE_CHARSET', 'abcdefghijklmnopqrstuvwxyz');
define('KEY_CHARSET', '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
@@ -23,4 +23,4 @@ $doubledots = array_map('strrev', array(
'tar.bz2',
'tar.xz',
'user.js',
));
));

+ 1
- 1
includes/shimapan.swig Vedi File

@@ -14,5 +14,5 @@ $images = array(

// Redirect to a random image from the above array using status code "303 See Other"
if (headers_sent() === false) {
header('Location: '.$images[array_rand($images)], true, 303);
//header('Location: '.$images[array_rand($images)], true, 303);
}

+ 1
- 1
templates/login/index.swig Vedi File

@@ -1,6 +1,6 @@
<html lang="en-US">
<head>
<link rel="stylesheet" type="text/css" href="/assets/css/shimapan-panel.min.css" media="screen"/>
<link rel="stylesheet" type="text/css" href="/assets/css/shimapan-panel.css" media="screen"/>
<meta charset="utf-8">
<title>{{siteName}} Login</title>
</head>


+ 3
- 2
templates/register/index.swig Vedi File

@@ -1,6 +1,6 @@
<html>
<head>
<link rel="stylesheet" type="text/css" href="/assets/css/shimapan-panel.min.css" media="screen" />
<link rel="stylesheet" type="text/css" href="/assets/css/shimapan-panel.css" media="screen" />
<meta charset="utf-8">
<title>{{siteName}} Register</title>
</head>
@@ -11,6 +11,7 @@
<form action="/includes/api.php?do=register" method="post">
<input type="text" name="user" placeholder="Username" required>
<input type="password" name="pass" placeholder="Password" required>
<input type="password" name="confirmpass" placeholder="Confirm Password" required>
<input type="text" name="code" placeholder="Invite Code" required>
<input type="submit" value="Register">
<footer class="clearfix">
@@ -29,4 +30,4 @@
</fieldset>
</div>
</body>
</html>
</html>

Write Preview
Loading…
Annulla
Salva