session_start();
require_once 'php/mariadb.php';
require_once 'php/falk_session.php';
$hst = $_SERVER['HTTP_HOST'];
$not = "null";
//$tabEdit = "null";
$usr_id = "null";
$is_adm = "n";
$falk689 = new falk689_session();
$logged = $falk689->is_logged();
if ($logged)
{
$is_adm = $_SESSION["admin"];
}
if(isset($_POST["username"]) && isset($_POST["password"]) && !isset($_POST["usr_id"]))
{
$usr = $_POST["username"];
$pwd = $_POST["password"];
$log = new login($usr, $pwd);
$log->mdb_connect();
$test = $log->do_login();
$log->mdb_disconnect();
if($test)
{
header("Location: /");
exit();
}
else
{
$not = 'Username o password non validi, prova ancora.';
}
}
if((isset($_GET["act"]) && $_GET["act"] == "log" && isset($_SESSION['username']) && isset($_SESSION["password"])) || !isset($_GET["act"]))
{
header("Location: /");
exit();
}
else if(isset($_GET["act"]) && $_GET["act"] == "log")
{
$mInp = "
";
$aInp = "Login";
$ttl = "Login";
$usr = "null";
$pwd = "null";
}
else if(isset($_GET["act"]) && $_GET["act"] == "pst" && isset($_SESSION['username']) && isset($_SESSION["password"]))
{
$mInp = "";
$aInp = "Invia";
$ttl = "Post";
$not = "La dimensione massima delle singole immagini è di 10mb. Quelle più grandi, se presenti nella lista, saranno ignorate.
I formati accettati per i documenti sono 'txt', 'rtf', 'doc', 'odt', 'ppt', 'odp' e 'pdf'.";
}
else if(isset($_GET["act"]) && $_GET["act"] == "edt" && isset($_SESSION['username']) && isset($_SESSION["password"]) && isset($_POST["tgt_id"]) && isset($_POST["tgt_title"]) && isset($_POST["tgt_body"]))
{
$id = $_POST["tgt_id"];
$title = $_POST["tgt_title"];
$body = $_POST["tgt_body"];
$tags = $_POST["tgt_tags"];
$links = $_POST["tgt_links"];
$lArr = explode(",", $links);
$tArr = explode(", ", $tags);
$len = count($tArr);
$len2 = count($lArr);
$imgs = "";
$lnks = "";
$path = "/images/uploads/";
if($len > 0)
{
$imgs = "";
foreach($tArr as $img)
{
$imgs .= "
";
}
$imgs .= "
";
}
if($len2 > 0)
{
foreach($lArr as $link)
{
$split = explode("=", $link);
$lN = $split[0];
$lP = $split[1];
if(strlen($lN) > 0)
{
$lnks .= "$lN$lP
";
}
}
}
$mInp = "";
$aInp = "Invia";
$ttl = "Edit";
}
else if(isset($_GET["act"]) && $_GET["act"] == "usr" && isset($_SESSION['username']) && isset($_SESSION["password"]) && isset($_SESSION["admin"]) && $_SESSION["admin"] == "y" )
{
$log = new login($_SESSION['username'], $_SESSION['password']);
$log->mdb_connect();
if(isset($_POST["username"]) && isset($_POST["password"]) && isset($_POST["usr_id"]) && isset($_POST["admin"]))
{
$usr = $_POST["username"];
$pwd = $_POST["password"];
$adm = $_POST["admin"];
$uid = $_POST["usr_id"];
if($uid == "delete")
{
$del = $log->del_user($usr);
if($del == true)
{
$log->mdb_disconnect();
$log = new data_mgr();
$log->mdb_connect();
$log->del_data($usr);
$log->mdb_disconnect();
if($usr == $_SESSION["username"])
{
header("Location: /php/logout.php");
}
else
{
header("Location: /util.php?act=usr");
}
exit();
}
else
{
$not = "Impossibile eliminare l'utente, prova ancora.";
}
}
else if($uid == "new")
{
$add = $log->add_user($usr, $pwd, $adm);
if($add)
{
$log->mdb_disconnect();
header("Location: /util.php?act=usr");
exit();
}
else
{
$not = "Errore nella creazione di un nuovo utente, prova più tardi.";
}
}
else
{
$edit = $log->edit_user($usr, $pwd, $adm, $uid);
if($edit == false)
{
$not = "Impossibile modificare l'utente, prova ancora.";
}
else if ($edit == 1)
{
echo "true";
$log->mdb_disconnect();
if ($edit == $_SESSION["username"]) {
$_SESSION["admin"] = $adm;
}
header("Location: /util.php?act=usr");
exit();
}
else
{
if($edit == $_SESSION["username"])
{
$_SESSION["username"] = $usr;
$_SESSION["admin"] = $adm;
}
$posts = new p_manager();
$posts->mdb_connect();
$a_edit = $posts->update_post_author($edit, $usr);
if($a_edit == true)
{
$log->mdb_disconnect();
$posts->mdb_disconnect();
header("Location: /util.php?act=usr");
exit();
}
else
{
$posts->mdb_disconnect();
$not = "Qualcosa è andato storto durante l'aggiornamento del nome utente, ripetere l'operazione.";
}
}
}
}
$mInp = $log->admin_panel();
$log->mdb_disconnect();
$aInp = "Ricarica";
$ttl = "Users";
}
else if (isset($_GET["act"]) && $_GET["act"] == "udata" && isset($_SESSION['username']))
{
$log = new login($_SESSION['username'], $_SESSION['password']);
$log->mdb_connect();
$usr_id = $log->get_uid();
$usr_names = $log->get_names();
$log->mdb_disconnect();
if (isset($_POST["uact"]) && $_POST["uact"] == "edit")
{
$t_uid = $_POST["usr_id"];
$name = $_POST["name"];
$surname = $_POST["surname"];
$mail = $_POST["mail"];
$phone = $_POST["phone"];
$dataMgr = new data_mgr();
$dataMgr->mdb_connect();
$in_db = $dataMgr->check_usr($t_uid);
if ($in_db)
{
$dataMgr->edit_data($t_uid, $name, $surname, $mail, $phone);
}
else
{
$dataMgr->add_data($t_uid, $name, $surname, $mail, $phone);
}
$dataMgr->mdb_disconnect();
}
$tLines = "";
if ($usr_names != NULL)
{
$dataMgr = new data_mgr();
$dataMgr->mdb_connect();
$add_data = $dataMgr->get_data($tgt, $usr_id);
$dataMgr->mdb_disconnect();
$count = $usr_names->num_rows;
foreach ($usr_names as $unm)
{
if ($unm != "Falk689")
{
$last_rows = " | | ";
$add_r = " | | | | $last_rows";
if (array_key_exists($unm, $add_data))
{
$t_nm = $add_data[$unm]["name"];
$t_sr = $add_data[$unm]["surn"];
$t_ml = $add_data[$unm]["mail"];
$t_ph = $add_data[$unm]["phone"];
if ($t_ml != "" && $t_ml != "null")
{
$last_rows = " | | ";
}
$add_r = "$t_nm | $t_sr | $t_ml | $t_ph | $last_rows";
}
$tLines .= "$unm | $add_r
";
}
}
$mInp = "ID | Nome | Cognome | Mail | Telefono | Util | Invia |
$tLines
";
$aInp = "ModificaMail";
$ttl = "User Data";
}
}
else
{
header("Location: /");
exit();
}
$tgt = $_SERVER["PHP_SELF"]."?act=".$_GET["act"];
?>
echo $mInp; ?>