Commit acd095a7 authored by Seblu's avatar Seblu
Browse files

add rss stream (news and videos) 

fix db latin1 connection in place of utf8
general sql reorganisation
new auth system
fix html errors (W3C HTML validator help me)
merge admin sql code
auth system rewrote
parent 0f1a2e79

css/default.css

+2 −0
Original line number Diff line number Diff line
@@ -38,6 +38,8 @@ li a { 
img {

    margin: 0 auto;

    padding: 0px;

    border: 0px;

    text-align: right;

}



.clr {

images/rss.png

0 → 100644
+44.5 KiB
Loading image diff...

include/admin_home.php

+2 −4
Original line number Diff line number Diff line
@@ -3,7 +3,6 @@ 
function dispAdminHome() {



include_once "include/admin_tables.php";

include_once "include/functions_sql_admin.php";

include_once "include/admin_menu.php";

include_once "include/admin_videos.php";

include_once "include/admin_news.php";
@@ -352,8 +351,7 @@ $str .= ' 
}

else

{

$str = '



$str = '<div id="all_side">

	<table width="100%">

		<tr>
@@ -367,7 +365,7 @@ $str = ' 
				</td>

				</tr>

		</tr>

	</table>

	</table></div>

';

}

include/admin_menu.php

+15 −51
Original line number Diff line number Diff line 
<?



function dispAdminMenu() {



$str = '



	</TR>



	';

	if ($_SESSION["user_right"] >= $GLOBALS["PRIV_GUEST"]) {

		$str .= '

			<div>

				<a href="index.php?html=AdminHome&section_admin=AdminVideos" class="texte_link">Videos</a>

			</div>

		';

	}



	$str .= '

<div>

			<a href="index.php?html=AdminHome&section_admin=AdminNews" class="texte_link">News</a>

</div>

		';

  $str = '</tr>';

  if ($_SESSION["user_right"] >= $GLOBALS["PRIV_GUEST"])

    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminVideos" class="texte_link">Videos</a></div>';



  if ($_SESSION["user_right"] >= $GLOBALS["EPTV"]) {

	$str .= '

<div>

	<a href="index.php?html=AdminHome&section_admin=AdminEdito" class="texte_link">Edito</a>

</div>

<div>

			<a href="index.php?html=AdminHome&section_admin=AdminLinks" class="texte_link">Links</a>

</div>

<div>

			<a href="index.php?html=AdminHome&section_admin=AdminMembers" class="texte_link">EPTV Members</a>

</div>

<div>

			<a href="index.php?html=AdminHome&section_admin=AdminUsers" class="texte_link">Users</a>

</div>

<div>

			<a href="index.php?html=AdminHome&section_admin=AdminBlacklist" class="texte_link">Blacklist</a>

</div>

<div>

			<a href="munin/" target="_blank" class="texte_link">Munin</a>

</div>

<div>

			<a href="phpmyadmin/" target="_blank" class="texte_link">PHPMyAdmin</a>

</div>



	';

    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminNews" class="texte_link">News</a></div>';

    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminEdito" class="texte_link">Edito</a></div>';

    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminLinks" class="texte_link">Links</a></div>';

    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminMembers" class="texte_link">EPTV Members</a></div>';

    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminUsers" class="texte_link">EPTV Fans</a></div>';

    $str .= '<div><a href="index.php?html=AdminHome&section_admin=AdminBlacklist" class="texte_link">Blacklist</a></div>';

    $str .= '<div><a href="munin/" target="_blank" class="texte_link">Munin</a></div>';

    $str .= '<div><a href="phpmyadmin/" target="_blank" class="texte_link">PHPMyAdmin</a></div>';

  }





  return $str;



}
 
 No newline at end of file

include/auth.php

0 → 100644
+52 −0
Original line number Diff line number Diff line 
<?php



function auth_init() {

  // define user right and id if new session

  if (!$_SESSION["user_id"] or !$_SESSION["user_right"]) {

    $_SESSION["user_id"] = 0;

    $_SESSION["user_right"] = 0;

  }



  // No logged user is allowed without https!

  if ($_SERVER['HTTPS'] != "on" && $_SESSION["user_id"] > 0)

    auth_disconnect();



  // Process auth if asked



  if ($_POST['connect']) {

    if (!auth_connect(stripslashes($_POST['user_login']),

		     stripslashes($_POST['user_pass'])))

      redirect('/?html=Connection&fail='.stripslashes($_POST['user_login']));

  }

  //Process disconnect if asked

  if ($_POST['disconnect'])

    auth_disconnect();

}



function auth_connect($login, $pass) {

  $md5_pass = md5($pass);

  $result = getOneUserByLogin($login);

  if (mysql_num_rows($result) > 0) {

    $user = mysql_fetch_array($result);

    if ($user["user_login"] == $login && $user["user_pass"] == $md5_pass)

      if (!auth_blacklisted($login)) {

	$_SESSION["user_right"] = $user["user_right"];

	$_SESSION["user_id"] = $user["user_id"];

	return true;

      }

  }

  return false;

}



function auth_disconnect() {

  $_SESSION["user_id"] = 0;

  $_SESSION["user_right"] = 0;

}



function auth_blacklisted($login) {

  $result = getOneBlacklistByLogin($login);



  return mysql_num_rows($result) > 0;

}



?>
 
 No newline at end of file