Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require("header.php");
- if($session->isAdmin()) {
- mysql_connect(DB_SERVER, DB_USER, DB_PASS);
- mysql_select_db(DB_NAME);
- ?>
- <div style="position:absolute; top:70px; left:210px;">
- <?php
- if (isset($_GET["name"])) {
- if ($_GET["name"] == "createpage") {
- $title = "Create Page";
- echo "<h1>DreamCMS Control Panel - Create Page</h1>";
- if (isset($_POST["pagename"]) && isset($_POST["pageextension"]) && isset($_POST["ftype"]) && isset($_POST["pagecontents"]) && !empty($_POST["pagename"]) && !empty($_POST["pageextension"]) && !empty($_POST["ftype"]) && !empty($_POST["pagecontents"])) {
- $name = $_POST["pagename"];
- $extension = $_POST["pageextension"];
- $ftype = $_POST["ftype"];
- $contents = stripslashes($_POST["pagecontents"]);
- $page = fopen("../" . $name . $extension, $ftype);
- fwrite($page, $contents);
- echo "Page Created Succesfully!";
- } else {
- echo "You haven't filled out everything!";
- }
- } elseif ($_GET["name"] == "editpage") {
- $title = "Edit Page";
- echo "<h1>DreamCMS Control Panel - Edit Page</h1>";
- if (isset($_POST["pagecontents"]) && isset($_POST["file"])) {
- $contents = stripslashes($_POST["pagecontents"]);
- $file = $_POST["file"];
- $page = fopen("../" . $file, "w");
- fwrite($page, $contents);
- echo "Page Edited Succesfully!";
- } else {
- echo "You haven't filled out everything!";
- }
- } elseif ($_GET["name"] == "deletepage") {
- $title = "Delete Page";
- echo "<h1>DreamCMS Control Panel - Delete Page</h1>";
- if (isset($_GET["file"]) && !empty($_GET["file"])) {
- $file = $_GET["file"];
- if (file_exists("../" . $file)) {
- unlink("../" . $file);
- echo "File Deleted Successfully!";
- } else {
- echo "File Doesn't Exist!";
- }
- } else {
- echo "You haven't filled out everything!";
- }
- } elseif ($_GET["name"] == "createfolder") {
- $title = "Create Folder";
- echo "<h1>DreamCMS Control Panel - Create Folder</h1>";
- if (isset($_POST["foldername"]) && !empty($_POST["foldername"])) {
- $name = $_POST["foldername"];
- if (mkdir("../" . $name)) {
- echo "Directory Created Successfully!";
- } else {
- echo "Failed to create directory named " . $name . "! It may already exist.";
- }
- } else {
- echo "You haven't filled out everything!";
- }
- } elseif ($_GET["name"] == "News") {
- $title = "News Update";
- mysql_connect("localhost", "straig36_mgc2", "m121cm121c");
- $news = $_POST["News"];
- mysql_query("INSERT INTO News VALUES ($news)");
- } elseif ($_GET["name"] == "settings") {
- $title = "Settings";
- echo "<h1>DreamCMS Control Panel - Settings</h1>";
- if (isset($_POST["SPECIAL_MENU"]) && !empty($_POST["SPECIAL_MENU"])) {
- $setting = $_POST["SPECIAL_MENU"];
- mysql_query("UPDATE `settings` SET `set` = '" . $setting . "' WHERE `name` = 'SPECIAL_MENU'");
- } else {
- echo "You haven't filled out everything!";
- }
- } elseif ($_GET["name"] == "userverify") {
- $title = "User Verify";
- echo "<h1>DreamCMS Control Panel - User Verify</h1>";
- if (isset($_GET["user"]) && !empty($_GET["user"])) {
- $user = $_GET["user"];
- $rows = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $user . "'");
- $numrows = mysql_num_rows($rows);
- mysql_query("UPDATE `users` SET `userlevel` = '9' WHERE `username` = '$user'");
- echo "User Verified!";
- } else {
- echo "You haven't filled out everything!";
- }
- } elseif ($_GET["name"] == "updateuser") {
- $title = "Update User";
- echo "<h1>DreamCMS Control Panel - Update User</h1>";
- if (isset($_POST["username"]) && isset($_POST["password"]) && isset($_POST["email"])) {
- $user = $session->username;
- if (!empty($_POST["username"])) {
- $username = $_POST["username"];
- mysql_query("UPDATE `users` SET `username` = '" . $username . "' WHERE `username` = '" . $user . "'");
- }
- if (!empty($_POST["password"])) {
- $password = md5($_POST["password"]);
- mysql_query("UPDATE `users` SET `password` = '" . $password . "' WHERE `username` = '" . $user . "'");
- }
- if (!empty($_POST["email"])) {
- $email = $_POST["email"];
- if (strstr($email, "@")) {
- mysql_query("UPDATE `users` SET `email` = '" . $email . "' WHERE `username` = '" . $user . "'");
- } else {
- echo "Email not Updated - Not Real Email Address.";
- }
- }
- }
- } elseif ($_GET["name"] == "upload") {
- $title = "Upload";
- echo "<h1>DreamCMS Control Panel - Upload</h1>";
- if ($_FILES["file"]["error"] > 0) {
- echo 'Error Code: ' . $_FILES['file']['error'] . '';
- if ($_FILES['file']['error'] == 1) {
- echo 'Your file is too large to upload!';
- } elseif ($_FILES['file']['error'] == 4) {
- echo 'You have not specified a file to upload!';
- } else {
- echo 'Unknown Error!';
- }
- } else {
- if (file_exists("../" . $_FILES["file"]["name"])) {
- echo $_FILES["file"]["name"] . ' already exists.';
- } else {
- move_uploaded_file($_FILES["file"]["tmp_name"], "../" . $_FILES["file"]["name"]);
- echo 'File Uploaded Successfully!';
- }
- }
- } else {
- echo "You haven't filled out everything!";
- }
- } else {
- $title = "No Function Specified";
- echo "<h1>DreamCMS Control Panel - No Function Specified</h1>";
- }
- ?>
- </div>
- <?php
- require("footer.php");
- } else {
- if ($session->logged_in && !$session->isAdmin()) {
- echo '<meta http-equiv="refresh" content="0;url=verify.php">';
- } else {
- echo '<meta http-equiv="refresh" content="0;url=login.php">';
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement