API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 13th, 2017
84
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 5.38 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require("header.php");
  3. if($session->isAdmin()) {
  4. mysql_connect(DB_SERVER, DB_USER, DB_PASS);
  5. mysql_select_db(DB_NAME);
  6. ?>
  7.  
  8. <div style="position:absolute; top:70px; left:210px;">
  9. <?php
  10. if (isset($_GET["name"])) {
  11.     if ($_GET["name"] == "createpage") {
  12.         $title = "Create Page";
  13.         echo "<h1>DreamCMS Control Panel - Create Page</h1>";
  14.         if (isset($_POST["pagename"]) && isset($_POST["pageextension"]) && isset($_POST["ftype"]) && isset($_POST["pagecontents"]) && !empty($_POST["pagename"]) && !empty($_POST["pageextension"]) && !empty($_POST["ftype"]) && !empty($_POST["pagecontents"])) {
  15.             $name = $_POST["pagename"];
  16.             $extension = $_POST["pageextension"];
  17.             $ftype = $_POST["ftype"];
  18.             $contents = stripslashes($_POST["pagecontents"]);
  19.             $page = fopen("../" . $name . $extension, $ftype);
  20.             fwrite($page, $contents);
  21.             echo "Page Created Succesfully!";
  22.         } else {
  23.             echo "You haven't filled out everything!";
  24.         }
  25.     } elseif ($_GET["name"] == "editpage") {
  26.         $title = "Edit Page";
  27.         echo "<h1>DreamCMS Control Panel - Edit Page</h1>";
  28.         if (isset($_POST["pagecontents"]) && isset($_POST["file"])) {
  29.             $contents = stripslashes($_POST["pagecontents"]);
  30.             $file = $_POST["file"];
  31.             $page = fopen("../" . $file, "w");
  32.             fwrite($page, $contents);
  33.             echo "Page Edited Succesfully!";
  34.         } else {
  35.             echo "You haven't filled out everything!";
  36.         }
  37.     } elseif ($_GET["name"] == "deletepage") {
  38.         $title = "Delete Page";
  39.         echo "<h1>DreamCMS Control Panel - Delete Page</h1>";
  40.         if (isset($_GET["file"]) && !empty($_GET["file"])) {
  41.             $file = $_GET["file"];
  42.             if (file_exists("../" . $file)) {
  43.                 unlink("../" . $file);
  44.                 echo "File Deleted Successfully!";
  45.             } else {
  46.                 echo "File Doesn't Exist!";
  47.             }
  48.         } else {
  49.             echo "You haven't filled out everything!";
  50.         }
  51.     } elseif ($_GET["name"] == "createfolder") {
  52.         $title = "Create Folder";
  53.         echo "<h1>DreamCMS Control Panel - Create Folder</h1>";
  54.         if (isset($_POST["foldername"]) && !empty($_POST["foldername"])) {
  55.             $name = $_POST["foldername"];
  56.             if (mkdir("../" . $name)) {
  57.                 echo "Directory Created Successfully!";
  58.             } else {
  59.                 echo "Failed to create directory named " . $name . "! It may already exist.";
  60.             }
  61.         } else {
  62.             echo "You haven't filled out everything!";
  63.         }
  64.     } elseif ($_GET["name"] == "News") {
  65.         $title = "News Update";
  66.         mysql_connect("localhost", "straig36_mgc2", "m121cm121c");
  67.         $news = $_POST["News"];
  68.         mysql_query("INSERT INTO News VALUES ($news)");
  69.     } elseif ($_GET["name"] == "settings") {
  70.         $title = "Settings";
  71.         echo "<h1>DreamCMS Control Panel - Settings</h1>";
  72.         if (isset($_POST["SPECIAL_MENU"]) && !empty($_POST["SPECIAL_MENU"])) {
  73.             $setting = $_POST["SPECIAL_MENU"];
  74.             mysql_query("UPDATE `settings` SET `set` = '" . $setting . "' WHERE `name` = 'SPECIAL_MENU'");
  75.         } else {
  76.             echo "You haven't filled out everything!";
  77.         }
  78.     } elseif ($_GET["name"] == "userverify") {
  79.         $title = "User Verify";
  80.         echo "<h1>DreamCMS Control Panel - User Verify</h1>";
  81.         if (isset($_GET["user"]) && !empty($_GET["user"])) {
  82.             $user = $_GET["user"];
  83.             $rows = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $user . "'");
  84.             $numrows = mysql_num_rows($rows);
  85.             mysql_query("UPDATE  `users` SET  `userlevel` =  '9' WHERE  `username` = '$user'");
  86.             echo "User Verified!";
  87.         } else {
  88.             echo "You haven't filled out everything!";
  89.         }
  90.     } elseif ($_GET["name"] == "updateuser") {
  91.         $title = "Update User";
  92.         echo "<h1>DreamCMS Control Panel - Update User</h1>";
  93.         if (isset($_POST["username"]) && isset($_POST["password"]) && isset($_POST["email"])) {
  94.             $user = $session->username;
  95.             if (!empty($_POST["username"])) {
  96.                 $username = $_POST["username"];
  97.                 mysql_query("UPDATE `users` SET `username` = '" . $username . "' WHERE `username` = '" . $user . "'");
  98.             }
  99.             if (!empty($_POST["password"])) {
  100.                 $password = md5($_POST["password"]);
  101.                 mysql_query("UPDATE `users` SET `password` = '" . $password . "' WHERE `username` = '" . $user . "'");
  102.             }
  103.             if (!empty($_POST["email"])) {
  104.                 $email = $_POST["email"];
  105.                 if (strstr($email, "@")) {
  106.                     mysql_query("UPDATE `users` SET `email` = '" . $email . "' WHERE `username` = '" . $user . "'");
  107.                 } else {
  108.                     echo "Email not Updated - Not Real Email Address.";
  109.                 }
  110.             }
  111.         }
  112.     } elseif ($_GET["name"] == "upload") {
  113.         $title = "Upload";
  114.         echo "<h1>DreamCMS Control Panel - Upload</h1>";
  115.         if ($_FILES["file"]["error"] > 0) {
  116.             echo 'Error Code: ' . $_FILES['file']['error'] . '';
  117.             if ($_FILES['file']['error'] == 1) {
  118.                 echo 'Your file is too large to upload!';
  119.             } elseif ($_FILES['file']['error'] == 4) {
  120.                 echo 'You have not specified a file to upload!';
  121.             } else {
  122.                 echo 'Unknown Error!';
  123.             }
  124.         } else {
  125.             if (file_exists("../" . $_FILES["file"]["name"])) {
  126.                 echo $_FILES["file"]["name"] . ' already exists.';
  127.             } else {
  128.                 move_uploaded_file($_FILES["file"]["tmp_name"], "../" . $_FILES["file"]["name"]);
  129.                 echo 'File Uploaded Successfully!';
  130.             }
  131.         }
  132.     } else {
  133.         echo "You haven't filled out everything!";
  134.     }
  135. } else {
  136.     $title = "No Function Specified";
  137.     echo "<h1>DreamCMS Control Panel - No Function Specified</h1>";
  138. }
  139. ?>
  140.  
  141. </div>
  142.  
  143. <?php
  144. require("footer.php");
  145. } else {
  146.     if ($session->logged_in && !$session->isAdmin()) {
  147.         echo '<meta http-equiv="refresh" content="0;url=verify.php">';
  148.     } else {
  149.         echo '<meta http-equiv="refresh" content="0;url=login.php">';
  150.     }
  151. }
  152. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!