Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if($_POST["username"] == "camdunlop" && $_POST["password"] == "Goosey1@") {
- setcookie("username","camdunlop",time()+86400);//cookie lasts for 24 hours
- setcookie("password","Goosey1@",time()+86400);
- echo '<script type="text/javascript" language="javascript">window.location.href="admin.php"</script>';
- }else if($_GET["p"] == "logout") {
- setcookie("username","",time()-1000);
- setcookie("password","",time()-1000);
- echo '<script type="text/javascript" language="javascript">window.location.href="admin.php"</script>';
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <title>CUT TO - Admin Tools</title>
- <link type="text/css" href="styles.css" rel="stylesheet" />
- <script src="jquery.js"></script>
- <script src="jquery.arrayshift.js"></script>
- </head>
- <body>
- <center>
- <div class="page">
- <div class="leftColumn">
- <img src="images/logo.png" width="125" height="160" align="CUT TO" id="logo" border="0" style="clear: both;" /><br>
- <?php
- //error_reporting(0);
- if($_COOKIE["username"] == "camdunlop" && $_COOKIE["password"] == "Goosey1@") {
- $loggedin = true;
- echo '
- <p>
- <a href="admin.php?p=about" class="heading">Edit About</a><br />
- <a href="admin.php?p=showreel" class="heading">Edit Showreel</a><br />
- </p><p>
- <a href="admin.php?p=newvideo" class="heading">New Video</a><br />
- <a href="admin.php?p=delvideo" class="heading">Delete Video</a><br />
- <a href="admin.php?p=video" class="heading">Edit Portfolio Info</a><br />
- <a href="admin.php?p=thumbs" class="heading">Edit Portfolio Thumbnails</a><br />
- </p><p>
- <a href="admin.php?p=css" class="heading">Edit Site CSS</a><br />
- <a href="admin.php?p=meta" class="heading">Edit META Data</a><br />
- </p>
- <p>
- <a href="admin.php?p=logout" class="heading">Log Out</a><br />
- </p>
- ';
- }else{
- echo '
- <form action="admin.php" method="post">
- Username:<br />
- <input type="text" name="username" class="formInput" /><br />
- Password:<br />
- <input type="password" name="password" class="formInput" /><br />
- <br />
- <input type="submit" value="Login" class="formInput" />
- </form>
- ';
- }
- ?>
- </div>
- <div class="rightColumn">
- <?php
- if($loggedin == true) {
- $sql = mysql_connect("cuttosql.db","camdunlop","Goosey1@");
- mysql_select_db("videos", $sql);
- if($_GET["p"] == "about") {
- if(isset($_POST["aboutHTML"])) {
- $html = $_POST["aboutHTML"];
- $html = str_replace("\\'","'",$html);
- $html = str_replace('\\"','"',$html);
- $file = fopen("about.html","w");
- fwrite($file,$html);
- fclose($file);
- echo 'Page updated!';
- }else{
- echo '
- <form action="admin.php?p=about" method="post">
- <h1>Edit About Page HTML:</h1>
- <textarea name="aboutHTML" style="width: 700px; height: 650px;" class="formInput">'.file_get_contents('about.html').'</textarea><br />
- <br />
- <input type="submit" value="Update Page" class="formInput" />
- </form>
- ';
- }
- }else if($_GET["p"] == "delvideo") {
- if(isset($_GET["n"])) {
- if(isset($_POST["confirmed"])) {
- $update = mysql_query("DELETE FROM videostable WHERE shortname = '".$_GET["n"]."'",$sql);
- if(!$update) die('Failed to delete video! Sorry!<br>' . mysql_error());
- else echo "Video deleted successfully.";
- }else{
- echo '<p>
- <form action="admin.php?p=delvideo&n='.$_GET["n"].'" method="post">
- <h1>Are you sure?</h1>
- <input type="hidden" name="confirmed" value="true">
- <input type="submit" class="formInput" value="Sure am!" />
- </form>
- ';
- }
- }else{
- $result = mysql_query("SELECT * FROM videostable");
- echo "<h1>Select which video you'd like to delete:</h1>";
- while($row = mysql_fetch_array($result)) {
- $sn = $row["shortname"];
- $fn = $row["fullname"];
- echo'<a href="admin.php?p=delvideo&n='.$sn.'" class="heading">'.$fn.'</a><br />
- ';
- }
- }
- }else if($_GET["p"] == "newvideo") {
- if(isset($_POST["description"])) {
- $sn = $_POST["shortname"];
- $fn = $_POST["fullname"];
- $vimeo = $_POST["vimeo"];
- $desc = $_POST["description"];
- $desc = str_replace("\\'","‘",$desc);
- $desc = str_replace('\\"','"',$desc);
- $desc = str_replace("\n","<br />\n",$desc);
- $update = mysql_query("INSERT INTO videostable (shortname, fullname, vimeo, dateadded, description) VALUES ('".$sn."', '".$fn."', '".$vimeo."', '".DATE_ATOM."', '".$desc."')", $sql);
- if(!$update) die('Failed to create video! Sorry!<br>' . mysql_error());
- else echo "'".$fn."' created successfully!";
- }else{
- echo '
- <form action="admin.php?p=newvideo" method="post">
- <h1>Create New Video</h1>
- <p>
- Short name:<br>
- <input type="text" class="formInput" name="shortname" value="" />
- </p>
- <p>
- Full name:<br>
- <input type="text" class="formInput" name="fullname" value="" />
- </p>
- <p>
- Vimeo ID#:<br>
- <input type="text" class="formInput" name="vimeo" maxlength="8" value="" />
- </p>
- <p>
- Description (HTML):<br>
- <textarea name="description" style="width: 700px; height: 350px; resize: vertical;" class="formInput"></textarea><br />
- (5000 character limit)
- </p>
- <p>
- <input type="submit" value="Create Video" class="formInput" />
- </p>
- </form>
- ';
- }
- }else if($_GET["p"] == "video") {
- if(isset($_GET["n"])) {
- if(isset($_POST["description"])) {
- $sn = $_POST["shortname"];
- $fn = $_POST["fullname"];
- $vimeo = $_POST["vimeo"];
- $desc = $_POST["description"];
- $desc = str_replace("\\'","‘",$desc);
- $desc = str_replace('\\"','"',$desc);
- $desc = str_replace("\n","<br />\n",$desc);
- //echo "$sn<br>$fn<br>$vimeo<br>$desc<br>";
- $update = mysql_query("UPDATE videostable SET fullname = '".$fn."', vimeo = '".$vimeo."', description = '".$desc."' WHERE shortname = '".$sn."'", $sql);
- if(!$update) die('Failed to update! Sorry!<br>' . mysql_error());
- else echo "'".$fn."' info updated successfully!";
- }else{
- $result = mysql_query("SELECT * FROM videostable WHERE shortname='".$_GET["n"]."'");
- while($row = mysql_fetch_array($result)) {
- $sn = $row["shortname"];
- $fn = $row["fullname"];
- $vimeo = $row["vimeo"];
- $desc = $row["description"];
- echo '
- <form action="admin.php?p=video&n='.$sn.'" method="post">
- <h1>You\'re editing the video \''.$fn.'\':</h1>
- <p>
- Short name:<br>
- <input type="text" class="formInput" value="'.$sn.'" disabled />
- <input type="hidden" name="shortname" value="'.$sn.'" />
- </p>
- <p>
- Full name:<br>
- <input type="text" class="formInput" name="fullname" value="'.$fn.'" />
- </p>
- <p>
- Vimeo ID#:<br>
- <input type="text" class="formInput" name="vimeo" maxlength="8" value="'.$vimeo.'" />
- </p>
- <p>
- Description (HTML):<br>
- <textarea name="description" style="width: 700px; height: 350px; resize: vertical;" class="formInput">'.$desc.'</textarea><br />
- (5000 character limit)
- </p>
- <p>
- <input type="submit" value="Update Video Info" class="formInput" />
- </p>
- </form>
- ';
- }
- }
- }else{
- //echo $_POST["reorder"];
- if($_POST["reorder"] == "true") {
- foreach($_POST as $key => $data) {
- if(strstr($key,"shortname_") != false) {
- $newOrder = str_replace("vid","",$data);
- $newOrder = str_replace("_","",$newOrder);
- $shortName = str_replace("shortname_","",$key);
- $update = mysql_query("UPDATE videostable SET `order` = ".$newOrder." WHERE `shortname` = '".$shortName."'", $sql);
- if(!$update) die('Failed to update! Sorry!<br>' . mysql_error());
- else echo "Videos reordered successfully!";
- }
- }
- echo "reordered yo";
- }else{
- $result = mysql_query("SELECT * FROM videostable ORDER BY `videostable`.`order` ASC");
- echo "<h1>Select which video you'd like to edit or reorder.</h1>";
- echo '
- <form action="admin.php?p=video" method="post" id="reorderForm">
- <div style="position: relative;">
- ';
- $i = 0;
- while($row = mysql_fetch_array($result)) {
- $sn = $row["shortname"];
- $fn = $row["fullname"];
- $i++;
- echo'
- <div id="vid'.$i.'_table" style=" position: absolute; display: block; left: 0px; top: '.(($i-1)*30).'px">
- <span style="display: inline-block; width: 300px;"><a href="admin.php?p=video&n='.$sn.'" class="heading">'.$fn.'</a></span>
- <input type="button" class="formInput" id="vid'.$i.'_up" value="Up" />
- <input type="button" class="formInput" id="vid'.$i.'_down" value="Down" />
- <input type="hidden" id="vid'.$i.'_order" name="shortname_'.$sn.'" value="vid'.($i).'_" />
- </div><br />
- ';
- }
- echo '
- <br><br>
- <div style="position: absolute; left: 0px; top: '.($i*30).'px">
- <span style="display: inline-block; width: 300px;"> </span>
- <input type="hidden" id="reorderHidden" name="reorder" value="false" />
- <input type="submit" class="formInput" value="Reorder Videos" id="reorderSubmit" />
- </div>
- </div>
- </form>
- <script>
- function swapTables(id1,id2) {
- var t1 = $("#vid"+id1+"_table");
- var t2 = $("#vid"+id2+"_table");
- t1.html(t1.html().split("vid"+id1+"_").join("vid"+id2+"_"));
- t2.html(t2.html().split("vid"+id2+"_").join("vid"+id1+"_"));
- y1 = parseInt(t1.css("top").replace("px",""));
- y2 = parseInt(t2.css("top").replace("px",""));
- t1.animate({"top": (y1+30)+"px"},500);
- t2.animate({"top": (y2-30)+"px"},500);
- t1.attr("id","vid"+id2+"_table");
- t2.attr("id","vid"+id1+"_table");
- redeclare();
- }
- function redeclare() {
- tables = $("div[id*=\'_table\']");
- $("input[id=\'reorderSubmit\']").unbind("click");
- $("input[id*=\'_up\']").unbind("click");
- $("input[id*=\'_down\']").unbind("click");
- declare();
- }
- function declare() {
- tables = $("div[id*=\'_table\']");
- $("#reorderForm").submit(function() {
- if($("#reorderHidden").attr("value") == "false") $("#reorderHidden").attr("value","true");
- return true;
- });
- $("input[id*=\'_up\']").bind("click",function() {
- var iconN = $(this).attr("id").split("_up").join("");
- iconN = parseInt(iconN.split("vid").join(""));
- //alert(iconN);
- if(iconN > 1) {
- swapTables(iconN-1,iconN);
- }
- });
- $("input[id*=\'_down\']").bind("click",function() {
- var iconN = $(this).attr("id").split("_down").join("");
- iconN = parseInt(iconN.split("vid").join(""));
- //alert(iconN);
- if(iconN < tables.length) {
- swapTables(iconN,iconN+1);
- }
- });
- }
- declare();
- </script>
- ';
- }
- }
- }else if($_GET["p"] == "thumbs") {
- if(isset($_POST["count"])) {
- $posts = intval($_POST["count"]);
- $iconlist = '';
- for($i=1; $i < $posts+1; $i++) {
- $result = mysql_fetch_row(mysql_query("SELECT fullname FROM videostable WHERE shortname = '".$_POST["img".$i."_name"]."'"));
- $fullname = $result[0];
- //echo $result."///".$fullname;
- if(isset($_POST["img".$i."_upload"])) {
- $curfile = $_FILES["img".$i."_url"];
- if(strpos($curfile["type"],"image") > -1) {
- move_uploaded_file($curfile["tmp_name"], "images/icons/" . $curfile["name"]);
- }else{
- echo $curfile["name"]." is not a valid image file.";
- }
- $iconlist .= "images/icons/".$curfile["name"].",".$_POST["img".$i."_name"].",".$fullname.",".$_POST["img".$i."_alt"].";\n";
- }else{
- $iconlist .= $_POST["img".$i."_url"].",".$_POST["img".$i."_name"].",".$fullname.",".$_POST["img".$i."_alt"].";\n";
- }
- }
- $iconlistfile = fopen("iconlist.txt","w");
- fwrite($iconlistfile,$iconlist);
- fclose($iconlistfile);
- }else{
- $txt = file_get_contents("iconlist.txt");
- $icons = explode(";\n",$txt);
- array_pop($icons);
- echo '
- <div id="pageContainer" style="display: block; position: relative;">
- <form action="admin.php?p=thumbs" method="post" enctype="multipart/form-data">
- <input type="hidden" name="count" id="thumbsCount" value="'.count($icons).'" />
- <h1>Edit Portfolio Thumbnails</h1>
- <div id="thumbTables">
- ';
- $result = mysql_query("SELECT * FROM videostable");
- while($row = mysql_fetch_array($result)) {
- $dropdown .= '<option value="'.$row["shortname"].'">'.$row["fullname"]."</option>\n";
- }
- $i = 0;
- foreach($icons as $icon) {
- $i++;
- $iconParts = explode(",",$icon);
- echo $curIcon;
- echo '
- <div id="img'.$i.'_table" class="thumbTable" style=" position: absolute; display: block; left: 0px; top: '.(($i-1)*200).'px">
- <p>
- <table border="0" cellpadding="0" cellspacing="5">
- <tr><td rowspan="3" valign="top">
- <img src="'.$iconParts[0].'" id="img'.$i.'_img" width="220" height="125" border="0" /><br />
- <input type="button" class="formInput" id="img'.$i.'_up" value="Up" />
- <input type="button" class="formInput" id="img'.$i.'_down" value="Down" />
- <input type="button" class="formInput" id="img'.$i.'_delete" value="Delete Thumbnail" />
- </td>
- <td>
- Thumbnail name:<br />
- <select name="img'.$i.'_name" class="formInput">
- <option value="null">-Select One-</option>';
- $result = mysql_query("SELECT * FROM videostable");
- while($row = mysql_fetch_array($result)) {
- if($row["shortname"] == $iconParts[1]) echo '<option value="'.$row["shortname"].'" selected>'.$row["fullname"]."</option>\n";
- else echo '<option value="'.$row["shortname"].'">'.$row["fullname"]."</option>\n";
- }
- echo '
- </select>
- </td></tr>
- <tr><td>
- Thumbnail url:<br />
- <input type="text" class="formInput" name="img'.$i.'_url" value="'.$iconParts[0].'" style="width: 360px;" readonly />
- </td></tr>
- <tr><td>
- Thumbnail description:<br />
- <textarea class="formInput" name="img'.$i.'_alt" style="resize: vertical; width: 360px;" rows="2" />'.$iconParts[3].'</textarea>
- </td></tr>
- </table>
- </p>
- <br />
- </div>
- ';
- }
- echo '
- </div>
- <br />
- <br />
- <table border="0" cellpadding="0" cellspacing="0" style="display:block; position: absolute; left: 0px; top: '.((count($icons)+1)*200).'px" id="thumbToolbar"><tr><td width="200">
- <input type="button" class="formInput" id="addThumb" value="Add Thumbnail" />
- </td><td width="400" align="right">
- <input type="submit" class="formInput" value="Update Thumbnails" />
- </td></tr>
- <td><td colspan="2" height="50"></td></tr></table>
- </form>
- </div>
- <br />
- <br />
- <br />
- <br />
- <br />
- <script>
- function swapTables(id1,id2) {
- var t1 = $("#img"+id1+"_table");
- var t2 = $("#img"+id2+"_table");
- t1.html(t1.html().split("img"+id1+"_").join("img"+id2+"_"));
- t2.html(t2.html().split("img"+id2+"_").join("img"+id1+"_"));
- y1 = parseInt(t1.css("top").replace("px",""));
- y2 = parseInt(t2.css("top").replace("px",""));
- t1.animate({"top": (y1+200)+"px"},500);
- t2.animate({"top": (y2-200)+"px"},500);
- t1.attr("id","img"+id2+"_table");
- t2.attr("id","img"+id1+"_table");
- redeclare();
- }
- function redeclare() {
- tables = $("div[id*=\'_table\']");
- $("#thumbToolbar").css("top",200+((200*tables.length))+"px");
- $("input[id*=\'_delete\']").unbind("click");
- $("input[id*=\'_up\']").unbind("click");
- $("input[id*=\'_down\']").unbind("click");
- declare();
- }
- function declare() {
- tables = $("div[id*=\'_table\']");
- $("input[id*=\'_delete\']").each(function() { $(this).removeAttr("disabled") });
- $("input[id*=\'_delete\']").bind("click",function() {
- $("input[id*=\'_delete\']").each(function() { $(this).attr("disabled","disabled") });
- var iconN = $(this).attr("id").replace("_delete","");
- var iconNo = parseInt(iconN.replace("img",""));
- if(iconN != "img1") {
- $("#thumbsCount").attr("value",parseInt($("#thumbsCount").attr("value"))-1);
- $("#"+iconN+"_table").toggle("slow",function() {
- $(this).remove();
- redeclare();
- });
- tables.each(function(i) {
- if(i+1 > iconNo) {
- //alert($(this).html());
- $(this).html($(this).html().split("img"+(i+1)+"_").join("img"+(i)+"_"));
- $(this).attr("id","img"+(i)+"_table");
- //alert($(this).html());
- $(this).animate({"top": (parseInt($(this).css("top").replace("px",""))-200)+"px"},500);
- }
- });
- }
- });
- $("input[id*=\'_up\']").bind("click",function() {
- var iconN = $(this).attr("id").split("_up").join("");
- iconN = parseInt(iconN.split("img").join(""));
- //alert(iconN);
- if(iconN > 1) {
- swapTables(iconN-1,iconN);
- }
- });
- $("input[id*=\'_down\']").bind("click",function() {
- var iconN = $(this).attr("id").split("_down").join("");
- iconN = parseInt(iconN.split("img").join(""));
- //alert(iconN);
- if(iconN < tables.length) {
- swapTables(iconN,iconN+1);
- }
- });
- }
- declare();
- $("#addThumb").bind("click",function() {
- $("#thumbsCount").attr("value",parseInt($("#thumbsCount").attr("value"))+1);
- var newName = "img"+$("#thumbsCount").attr("value");
- $("#img1_table").clone().appendTo($("#thumbTables"));
- var $newTable = $("div[id*=\'_table\']").last();
- $newTable.css("top",(200*(tables.length))+"px");
- $newTable.attr("id",newName+"_table");
- $newTable.find("input").each(function(i) {
- if(i <= 2) $(this).attr("id", $(this).attr("id").replace("img1_",newName+"_"));
- else $(this).replaceWith(\'<input type="file" class="formInput" name="\'+newName+\'_url" style="width:360px" /><input type="hidden" name="\'+newName+\'_upload" value="true" />\');
- });
- $newTable.find("textarea").each(function(i) {
- //alert($(this).attr("name"));
- $(this).attr("name", $(this).attr("name").replace("img1_",newName+"_"));
- $(this).html("");
- });
- $newTable.find("img").each(function(i) {
- //alert($(this).attr("name"));
- $(this).attr("src","images/transparentgreybg.png");
- $(this).css("border","1px solid black");
- });
- $newTable.hide();
- $newTable.toggle("slow");
- redeclare();
- });
- </script>
- ';
- }
- }else if($_GET["p"] == "css") {
- if(isset($_POST["CSScontent"])) {
- $html = $_POST["CSScontent"];
- $html = str_replace("\\'","'",$html);
- $html = str_replace('\\"','"',$html);
- $file = fopen("styles.css","w");
- fwrite($file,$html);
- fclose($file);
- echo 'CSS updated!';
- }else{
- echo '<form action="admin.php?p=css" method="post">
- <h1>Edit Site CSS:</h1>
- <textarea name="CSScontent" style="width: 700px; height: 650px;" class="formInput">'.file_get_contents('styles.css').'</textarea><br />
- <br />
- <input type="submit" value="Update CSS" class="formInput" />
- </form>';
- }
- }else if($_GET["p"] == "meta") {
- if(isset($_POST["keywords"])) {
- $file = fopen("keywords.txt","w");
- fwrite($file,$_POST["keywords"]);
- fclose($file);
- $file = fopen("description.txt","w");
- fwrite($file,$_POST["description"]);
- fclose($file);
- echo 'Meta tags updated.';
- }else{
- echo '<form action="admin.php?p=meta" method="post">
- <h1>Edit Site META tags:</h1>
- <p>
- Keywords:<br />
- <input type="text" class="formInput" name="keywords" value="'.file_get_contents('keywords.txt').'" size="100" />
- </p><p>
- Description:<br />
- <textarea name="description" style="width: 700px; height: 200px;" class="formInput">'.file_get_contents('description.txt').'</textarea>
- </p>
- <br />
- <input type="submit" value="Update META Tags" class="formInput" />
- </form>';
- }
- }else if($_GET["p"] == "showreel") {
- if(isset($_POST["reelHTML"])) {
- $html = $_POST["reelHTML"];
- $html = str_replace("\\'","'",$html);
- $html = str_replace('\\"','"',$html);
- $file = fopen("reel.html","w");
- fwrite($file,$html);
- fclose($file);
- echo 'Page updated!';
- }else{
- echo '
- <form action="admin.php?p=showreel" method="post">
- <h1>Edit Showreel Page HTML:</h1>
- <textarea name="reelHTML" style="width: 700px; height: 650px;" class="formInput">'.file_get_contents('reel.html').'</textarea><br />
- <br />
- <input type="submit" value="Update Page" class="formInput" />
- </form>
- ';
- }
- }
- mysql_close($sql);
- }
- ?>
- </div>
- </div>
- </center>
- </body>
- </html>
Add Comment
Please, Sign In to add comment