API tools faq
paste
Advertisement
lowheartrate

common.inc.php 11292016-0617

lowheartrate
Nov 29th, 2016
253
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 29.83 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // starts session for all function(s)
  3. session_start();
  4.  
  5. // connects to users database
  6. function dbConnect(){
  7.     require 'core/config.php';
  8.     try{
  9.         // for users table
  10.         $conn = new pdo("mysql:host=$server_name;dbname=$db_name;", $dbuser, $dbpw);
  11.         $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  12.         return $conn;
  13.  
  14.     }   catch(PDOException $e){
  15.         echo 'ERROR', $e->getMessage();
  16.     }
  17. }
  18.  
  19. // module for users to log in to profile
  20. function checkLogin() {
  21.   // originally header.php
  22.  
  23.   // if user is logged in
  24.   if(isset($_SESSION['username'])) {
  25.     $username = $_SESSION['username'];
  26.  
  27.     // run query to get users avatar
  28.     $getAvatar = dbConnect()->prepare("SELECT avatar FROM users WHERE username = :username");
  29.     $getAvatar->bindParam(':username', $username);
  30.     // execute query
  31.     $getAvatar->execute();
  32.     // set each column as row
  33.     $row = $getAvatar->fetch(PDO::FETCH_ASSOC);
  34.     // set $avatar as users set avatar
  35.     $avatar = $row['avatar'];
  36.  
  37.     // echo avatar, certain nav elements!!
  38.     echo '
  39.    <div class="navbar-right">
  40.       <!-- icons -->
  41.       <img src="http://i.imgur.com/HD6W7XJ.png" class="icon-search" alt="search-icon" />
  42.  
  43.       <a class="p1" href="#p1">
  44.         <img src="http://i.imgur.com/iHfwTS1.png" class="teamspeak-icon" alt="teamspeak icon" />
  45.       </a>
  46.  
  47.        <div class="page" id="p1-page">
  48.          <div id="shell">
  49.              <a class="btn-register">X</a>
  50.    ';
  51.                 // Don't report any php errors.
  52.                 error_reporting(0);
  53.  
  54.                 // load framework files
  55.                 require_once("includes/libraries/TeamSpeak3/TeamSpeak3.php");
  56.  
  57.                 // connect to server, authenticate and spawn an object for the virtual server on port xxxx
  58.                 $ts3_VirtualServer = TeamSpeak3::factory("serverquery://serverquerylogin:ATJ75oPF@63.251.20.99:14012/?server_port=14010&use_offline_as_virtual=1&no_query_clients=1");
  59.  
  60.                 // build and display HTML treeview using custom image paths (remote icons will be embedded using data URI sheme)
  61.                 echo $ts3_VirtualServer->getViewer(new TeamSpeak3_Viewer_Html("includes/images/viewer/", "", "data:image"));
  62.  
  63.                 // Report all php errors again.
  64.                 error_reporting(-1);
  65.     echo '
  66.              <a href="ts3server://ts3.heartfx.org/?port=4010&nickname=WebGuest"><button class="btn-connect">Connect</button></a>
  67.          </div>
  68.        </div>
  69.    ';
  70.  
  71.     // if user doesn't have avatar set:
  72.     if (empty($avatar)) {
  73.       echo '
  74.      <a class="p1" href="#p2">
  75.        <!-- default avatar -->
  76.        <img src="http://i.imgur.com/QFxs0nX.png" class="user_avatar" alt="default avatar" />
  77.      </a>
  78.      ';
  79.  
  80.     // if user has set an avatar:
  81.     } else {
  82.  
  83.       echo '
  84.      <a class="p1" href="#p2">
  85.        <!-- set avatar -->
  86.        <img src="includes/uploads/avatars/' .$avatar. '" class="user_avatar" alt="' .$username. ' avatar" />
  87.      </a>
  88.      ';
  89.  
  90.     }
  91.  
  92.     echo '
  93.    <div class="page" id="p2-page">
  94.      <div id="shell">
  95.        <a class="btn-register">X</a>
  96.  
  97.        <div class="top_user_cp">
  98.          <!-- link to $username profile -->
  99.          <a href="#">
  100.            <img src="http://i.imgur.com/sgmU8mb.png" class="member_icon" alt="member icon" />
  101.            <p class="username">' .$username. '</p>
  102.          </a>
  103.  
  104.          <!-- link to preferences where user can change password, avatar, etc. -->
  105.          <a href="action.php?action=edit_account">
  106.            <img src="http://i.imgur.com/P7gStLu.png" class="preferences" alt="preferences" />
  107.          </a>
  108.        </div>
  109.  
  110.    ';
  111.  
  112.         // get id from users table to use in query below
  113.         $sql = "SELECT id, level FROM users WHERE username = :username";
  114.         $get_id_from_user = dbConnect()->prepare($sql);
  115.         $get_id_from_user->bindParam(':username', $username);
  116.         $get_id_from_user->execute();
  117.         $id_from_user = $get_id_from_user->fetchAll();
  118.         foreach($id_from_user as $row) {$id = $row['id'];$level=$row['level'];}
  119.  
  120.         // get more details about user
  121.         $sql = "SELECT * FROM user_details WHERE id = :id";
  122.         $get_user_details = dbConnect()->prepare($sql);
  123.         $get_user_details->bindParam(':id', $id);
  124.         $get_user_details->execute();
  125.         $user_details = $get_user_details->fetchAll();
  126.         foreach($user_details as $row) {
  127.           $id = $row['id'];
  128.           $first_name = $row['first_name'];
  129.           $last_name = $row['last_name'];
  130.           $birthday = $row['birthday'];
  131.           $steam = $row['steam_profile'];
  132.         }
  133.  
  134.         // get users level
  135.  
  136.     echo '
  137.        <p class="welcome_back">Welcome back, ' .$first_name. '</p>
  138.        <a href="action.php?action=edit_account"><p class="edit_profile">edit preferences</p></a>
  139.  
  140.        <div class="bottom_user_cp">
  141.          <a href="action.php?action=logout">
  142.            <img src="http://image.flaticon.com/icons/svg/25/25376.svg" class="signout_icon" alt="sign out of user account ' .$username. '" />
  143.            <p class="signout">sign out </p>
  144.          </a>
  145.        </div>
  146.      </div>
  147.    </div>
  148.  
  149.    <!-- closing tag to div.navbar-right -->
  150.    </div>';
  151.  
  152.   // if user is not logged in ..
  153.     } else {
  154.  
  155.   // echo sign-up and log-in btns
  156.     echo '
  157.    <div class="navbar-right">
  158.       <!-- sign up / log in buttons -->
  159.       <a href="action.php?action=register_account"><button type="button" class="sign-up">Sign Up</button></a>
  160.       <a href="action.php?action=sign_in"><button type="button" class="log-in">Log In</button></a>
  161.  
  162.       <!-- icons -->
  163.       <img src="http://i.imgur.com/HD6W7XJ.png" class="icon-search" alt="search-icon" />
  164.  
  165.       <!--
  166.       <span class="icon-bars-button">
  167.          <span class="icon-bar"></span>
  168.          <span class="icon-bar"></span>
  169.          <span class="icon-bar"></span>
  170.       </span>
  171.       -->
  172.  
  173.        <a class="p1" href="#p1">
  174.         <!-- teamspeak icon -->
  175.         <img src="http://i.imgur.com/iHfwTS1.png" class="teamspeak-icon" alt="teamspeak icon" />
  176.        </a>
  177.  
  178.        <div class="page" id="p1-page">
  179.          <div id="shell">
  180.            <a class="btn-register">X</a>
  181.    ';
  182.  
  183.             error_reporting(0);
  184.  
  185.             // load framework files
  186.             require_once("includes/libraries/TeamSpeak3/TeamSpeak3.php");
  187.  
  188.             // connect to server, authenticate and spawn an object for the virtual server on port xxxx
  189.             $ts3_VirtualServer = TeamSpeak3::factory("serverquery://serverquerylogin:ATJ75oPF@63.251.20.99:14012/?server_port=14010&use_offline_as_virtual=1&no_query_clients=1");
  190.  
  191.             // build and display HTML treeview using custom image paths (remote icons will be embedded using data URI sheme)
  192.             echo $ts3_VirtualServer->getViewer(new TeamSpeak3_Viewer_Html("includes/images/viewer/", "", "data:image"));
  193.  
  194.     echo '
  195.            <a href="ts3server://ts3.heartfx.org/?port=4010&nickname=WebGuest"><button class="btn-connect">Connect</button></a>
  196.          </div>
  197.        </div>
  198.  
  199.    </div>
  200.    ';
  201.   }
  202.   // check for errors logging in...
  203.   //checkLoginErrors();
  204. }
  205.  
  206. // display all header stuff at beginning of page(s)
  207. function showHeader($title) {
  208.   echo '
  209.  <html lang="en">
  210.    <head>
  211.      <meta charset="utf-8">
  212.      <meta http-equiv="X-UA-Compatible" content="IE=edge">
  213.      <meta name="viewport" content="width=device-width, initial-scale=1">
  214.      <meta name="google-signin-client_id" content="618381226281-f3ht6d47jl818rjmr0p3rh3idftoaka7.apps.googleusercontent.com">
  215.      <link rel="stylesheet" href="includes/css.css" type="text/css">
  216.      <link href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700" rel="stylesheet">
  217.      <link href="https://fonts.googleapis.com/css?family=Open+Sans" rel="stylesheet" type="text/css">
  218.      <link href="https://fonts.googleapis.com/css?family=Oxygen:400,300,700" rel="stylesheet" type="text/css">
  219.      <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
  220.      <script src="includes/js.js"></script>
  221.      <script src="https://www.google.com/recaptcha/api.js"></script>
  222.      <script src="https://apis.google.com/js/platform.js" async defer></script>
  223.      <title>'.$title.'</title>
  224.    </head>
  225.  
  226.    <body>
  227.    <header>
  228.       <nav>
  229.          <div class="navbar-left">
  230.             <a href="index.php">
  231.                <img src="http://i.imgur.com/IGvg5kM.png" alt="heart[fx] logo" width="100px" />
  232.             </a>
  233.          </div>
  234.  ';
  235.  
  236.           checkLogin();
  237.  
  238.   echo '
  239.       <!-- closing tag for nav.navbar -->
  240.       </nav>
  241.    </header>
  242.  ';
  243. }
  244.  
  245. // display footer of closing tags
  246. function showFooter() {
  247.   echo '
  248.    </body>
  249.  </html>
  250.  ';
  251. }
  252.  
  253. // display loginModule on login.php page
  254. function loginModule() {
  255.   echo '
  256.  <center>
  257.    <form method="post" class="login_module">
  258.      <input type="text" class="login_module" name="username" placeholder="username*" /><br />
  259.      <input type="password" class="login_module" name="password" placeholder="password*" /><br />
  260.  
  261.  ';
  262.  
  263.       // check for login errors...
  264.       checkLoginErrors();
  265.  
  266.   echo '
  267.      <div class="pull-left">
  268.        <input type="checkbox" name="remember" /><span class="remember_me">remember me</span>
  269.      </div>
  270.  
  271.      <div class="pull-right">
  272.        <a class="login_module" href="#"><span class="forgot_your_password">forgot your password?</span></a>
  273.      </div>
  274.  
  275.      <button type="submit" class="btn-login">Log In</button>
  276.    </form>
  277.  </center>
  278.  ';
  279. }
  280.  
  281. // check loginErrors before
  282. function checkLoginErrors() {
  283.   if (isset( $_SESSION['username'] )){
  284.       $_SESSION["username"] = $_COOKIE["username"];
  285.       redirect('index.php');
  286.   }
  287.   if(isset($_POST['username'], $_POST['password'])){
  288.       $username = $_POST['username'];
  289.       $password = $_POST['password'];
  290.       // $hash = password_hash($password, PASSWORD_DEFAULT);
  291.       $query = dbConnect()->prepare("SELECT password, activated FROM users WHERE username = :username");
  292.       $query->bindParam(':username', $username);
  293.       $query->execute();
  294.       $result = $query->fetch( PDO::FETCH_ASSOC );
  295.  
  296.       if ( $result == null ) {
  297.           echo "<p class='error'>username invalid</p>";
  298.       } else if ( $result['activated'] != "1" ) {
  299.           echo "<p class='info'>email not verified</p>";
  300.       }
  301.  
  302.       else {
  303.       $storedHash = $result["password"];
  304.       if (password_verify($password, $storedHash)) {
  305.  
  306.           if (isset( $_POST['remember'] )) {
  307.               setcookie("username", $username, time()+7889231); // 3 months
  308.           }
  309.  
  310.           $_SESSION['username'] = $username;
  311.           // notify user login was successful and exit();
  312.           echo "
  313.          <p class='success'>login successful</p>
  314.          <p class='info'>If you are not redirected, try to <a href='index.php'>refresh</a> your page.</p>
  315.          ";
  316.           // after 3 secs... redirect them to homepage where they
  317.           // will then appear logged in!
  318.           redirect("index.php");
  319.           } else {
  320.               echo "<p class='error'>password invalid</p>";
  321.           }
  322.       }
  323.   }
  324. }
  325.  
  326. // protect pages from users logged in
  327. function protect() {
  328.   // If user is logged in remove user from page
  329.   if(isset($_SESSION['username'])) {
  330.     echo '<p class="error">You are already logged in, no need to be here...</p>';
  331.     exit();
  332.   }
  333. }
  334.  
  335. // protect pages from users not logged in :?
  336. function protect2() {
  337.   if(!isset($_SESSION['username'])) {
  338.     echo '<p class="info">You are not logged in, you do not need to be here...</p>';
  339.     exit();
  340.   }
  341. }
  342.  
  343. // check for admin level & display module(s) for admins to post
  344. function adminModules() {
  345.  
  346.   //protect module from users not logged in
  347.   protect2();
  348.  
  349.   // variables for query below
  350.   // gets username of user logged in...
  351.   $username = $_SESSION['username'];
  352.  
  353.   // sets $author to username that is logged in
  354.   $author = $username;
  355.  
  356.   // gets current date
  357.   $current_date = date('F d, Y');
  358.  
  359.  
  360.   // setup query to get get users admin level
  361.   $getAdminLevel = dbConnect()->prepare("SELECT level FROM users WHERE username = :username");
  362.   // sets :username parameter to the $_SESSION username!
  363.   $getAdminLevel->bindParam(':username', $username);
  364.   // Execute the query
  365.   $getAdminLevel->execute();
  366.   // define admin level of user logged in (fetchs level column from user that is logged in & sets it as $adminLevel)
  367.   $adminLevel = $getAdminLevel->fetchColumn();
  368.  
  369.  
  370.   // if user is not an admin, exit!
  371.   if ($adminLevel == 0) {
  372.     exit();
  373.  
  374.   // closes if($adminLevel == 0) statement
  375.   // if user is not level 0 and is admin level, continue...
  376.   } else {
  377.  
  378.     // display module for admin to create post (level 1 module)
  379.     echo '
  380.  
  381.      <div class="container-fluid">
  382.  
  383.        <div class="row">
  384.  
  385.    <!-- stops echo that inserts div.container-fluid && div.row -->
  386.    ';
  387.  
  388.  
  389.           // if admin level == 1 : put in one lg-col-12 row
  390.           // if admin level == 2 : put in two lg-col-6 row
  391.           // if admin level == 3 : put in three lg-col-4 row
  392.  
  393.           // if user is level 1 admin : put in one lg-col-12 in row
  394.           if($adminLevel == 1) {
  395.  
  396.           echo '
  397.  
  398.          <div class="col-lg-12">
  399.  
  400.          <!-- closes echo tag that inserts div.col-lg-12 into div.row -->
  401.          ';
  402.  
  403.           // closes if($adminLevel == 1) statement
  404.           }
  405.  
  406.           // if user is level 2 admin : make col-lg-6
  407.           if($adminLevel == 2) {
  408.  
  409.           echo '
  410.  
  411.          <div class="col-lg-6">
  412.  
  413.          <!-- closes echo tag that inserts div.col-lg-6 into div.row -->
  414.          ';
  415.  
  416.           // closes if($adminLevel == 2) statement
  417.           }
  418.  
  419.           // if user is level 3 admin : make col-lg-4
  420.           if($adminLevel == 3) {
  421.  
  422.           echo '
  423.  
  424.          <div class="col-lg-4">
  425.  
  426.          <!-- closes echo tag that inserts div.col-lg-4 into div.row -->
  427.          ';
  428.  
  429.           // closes if($adminLevel == 3) statement
  430.           }
  431.  
  432.             ///////////////////////
  433.             // start lines here //
  434.             //                  //
  435.             //                  //
  436.             //                  //
  437.             // start lines here //
  438.             /////////////////////
  439.  
  440.             echo '
  441.  
  442.            <!-- heading here -->
  443.            <h3>Admin Level 1 Panel</h3>
  444.            <p>Use this module to create new posts</p>
  445.  
  446.            <!-- button for minimizing function -->
  447.            <button class="btn btn-default hideshow">show/hide</button>
  448.  
  449.            <div class="content">
  450.  
  451.              <form method="post" enctype="multipart/form-data" class="admin_module">
  452.  
  453.                <input class="input2" type="text" name="title" placeholder="Headline" required /><br />
  454.  
  455.                <input class="input2" type="text" name="date" value="' .$current_date. '" readonly /><br />
  456.                <input class="input2" type="text" name="author" value="' .$author. '" readonly /><br />
  457.  
  458.                <div class="input2">
  459.  
  460.                  <p>Select image to upload:</p>
  461.                  <input style="padding:3px;" type="file" name="image" id="image" />
  462.  
  463.                <!-- closes div.input2 for upload image "input"-->
  464.                </div>
  465.  
  466.                <textarea class="ta-summary input2" type="text" name="summary" placeholder="Summary" required></textarea><br />
  467.  
  468.                <button class="btn btn-default input2" type="submit" name="submit">Submit Post</button>
  469.  
  470.              <!-- closes form -->
  471.              </form>
  472.  
  473.            <!-- closes echo that contains heading and form for level 1 module -->
  474.            ';
  475.  
  476.             // checks to make sure image is valid && checks form for error(s)
  477.             include "includes/uploadPost.php";
  478.  
  479.             echo '
  480.  
  481.            <!-- closes div.content -->
  482.            </div>
  483.  
  484.          <!-- closes div.col-lg-? -->
  485.          </div>
  486.  
  487.            <!-- closes echo that contains closing tags for div.col-lg-? && div.content -->
  488.            ';
  489.  
  490.  
  491.  
  492.  
  493.  
  494.  
  495.  
  496.  
  497.  
  498.             /*
  499.             THAT IS ALL FOR ADMIN LEVEL 1 PANEL
  500.             */
  501.  
  502.  
  503.  
  504.  
  505.  
  506.  
  507.  
  508.  
  509.           // if user is level 2 or greater...
  510.           if($adminLevel > 1) {
  511.  
  512.             // if user is level 2 : use col-lg-6
  513.             // if user is level 3 : use col-lg-4
  514.  
  515.             // if user is level 2
  516.             if($adminLevel == 2) {
  517.  
  518.               // use col-lg-6
  519.               echo '
  520.              <div class="col-lg-6">
  521.              ';
  522.  
  523.             // closing tag for if($adminLevel == 2) statement
  524.             }
  525.  
  526.             // if user is level 3
  527.             if($adminLevel == 3) {
  528.  
  529.               // use col-lg-4
  530.               echo '
  531.              <div class="col-lg-4">
  532.              ';
  533.  
  534.             // closing tag for if($adminLevel == 3) statement
  535.             }
  536.  
  537.  
  538.  
  539.  
  540.  
  541.  
  542.  
  543.  
  544.  
  545.  
  546.  
  547.  
  548.  
  549.  
  550.  
  551.             // start query to fetch all users that are not admins!
  552.             $fetchNonAdmins = dbConnect()->prepare("SELECT * FROM users WHERE level < 1");
  553.             // execute the query
  554.             $fetchNonAdmins->execute();
  555.             // select all columns from query
  556.             $nonAdmins = $fetchNonAdmins->fetchAll();
  557.  
  558.  
  559.             // echo users that aren't admins...
  560.             echo '
  561.  
  562.            <!-- heading here -->
  563.            <h3>Admin Level 2 Panel</h3>
  564.            <p>Use this module to adjust regular user levels</p>
  565.  
  566.  
  567.            <!-- button for minimize action in js.js -->
  568.            <button class="btn btn-default hideshow2">show/hide</button>
  569.  
  570.  
  571.            <div class="content2">
  572.  
  573.              <div class="admin_module">
  574.  
  575.                <table class="nonAdmins" border="1">
  576.  
  577.                  <tr>
  578.  
  579.  
  580.                    <!-- header on the table to show which column is which -->
  581.                    <td class="table_header">ID</td>
  582.                    <td class="table_header">Username</td>
  583.                    <td class="table_header">Level 1</td>
  584.                    <td class="table_header">Level 2</td>
  585.  
  586.  
  587.                  <!-- 1st closing tag for tr -->
  588.                  </tr>
  589.  
  590.            ';
  591.  
  592.                 // start to fetch users that are not admins
  593.                 foreach($nonAdmins as $row) {
  594.  
  595.  
  596.                   // display content of table below (each users id, username, etc...)
  597.                   echo '
  598.  
  599.                  <tr>
  600.  
  601.                    <!-- displays each users id from database -->
  602.                    <td class="table_content">' .$row['id']. '</td>
  603.  
  604.                    <!-- displays each users username from database -->
  605.                    <td class="table_content">' .$row['username']. '</td>
  606.  
  607.  
  608.                    <td class="table_content">
  609.  
  610.                      <!-- displays button where it will change X user to level 1 admin level -->
  611.                      <form method="post" class="table_content_form">
  612.  
  613.                        <button class="btn btn-default" type="submit" name="changeLevel">Change to level 1</button>
  614.                        <input type="hidden" name="user_id" value="' .$row['id']. '" />
  615.                        <input type="hidden" name="user_level" value="1" />
  616.  
  617.                      <!-- closing tag to form where it will displays button to update users level to "1" -->
  618.                      </form>
  619.  
  620.                    <!-- closing tag to td that inserts form where button is displayed to update users to level 1 -->
  621.                    </td>
  622.  
  623.  
  624.                    <td class="table_content">
  625.  
  626.                      <form method="post" class="table_content_form">
  627.  
  628.                        <button class="btn btn-default" type="submit" name="changeLevel">Change to level 2</button>
  629.                        <input type="hidden" name="user_id" value="' .$row['id']. '" />
  630.                        <input type="hidden" name="user_level" value="2" />
  631.  
  632.                      <!-- closing tag to form -->
  633.                      </form>
  634.  
  635.                    <!-- closing tag to td that contains button to change user level to 2 -->
  636.                    </td>
  637.  
  638.  
  639.                  </tr>
  640.  
  641.                  <!-- closing tag for echo that displays details of each user that is not an admin -->
  642.                  ';
  643.  
  644.  
  645.                 // closing tag for foreach($nonAdmins as $row) statement
  646.                 }
  647.  
  648.             echo '
  649.  
  650.                <!-- closing tag for table -->
  651.                </table>
  652.  
  653.            <!-- closing tag for echo that inserts closing tag for table -->
  654.            ';
  655.  
  656.  
  657.             // if user hits a change level 1/2 button
  658.             if(isset($_POST['changeLevel'])) {
  659.  
  660.  
  661.               // set variables for query below
  662.               $userid = $_POST['user_id'];
  663.               $newLevel = $_POST['user_level'];
  664.  
  665.               // update users new level in database
  666.               $updateLevel = dbConnect()->prepare("UPDATE users SET level = :level WHERE id = :id");
  667.               // bind some parameters
  668.               $updateLevel->bindParam(':level', $newLevel);
  669.               $updateLevel->bindParam(':id', $userid);
  670.               // execute query
  671.               $updateLevel->execute();
  672.  
  673.               // echo success messsage & redirect??
  674.               echo '<p class="success">user with ID#' .$userid. ' has been updated to level ' .$newLevel. '! <a href="index.php">refresh</a> to update table(s)...</p>';
  675.  
  676.  
  677.             // closing tag for if(isset($_POST['changeLevel'])) statement
  678.             }
  679.  
  680.  
  681.             echo '
  682.  
  683.              <!-- closing tag for div.admin_module -->
  684.              </div>
  685.  
  686.            <!-- closing tag for div.content2 -->
  687.            </div>
  688.  
  689.              <!-- closing tag for col-lg-> -->
  690.              </div>
  691.  
  692.            <!-- closing tag for echo to insert closing tag for col-lg-? -->
  693.            ';
  694.  
  695.           // closing tag for if($adminLevel > 1) statement
  696.           }
  697.  
  698.  
  699.  
  700.  
  701.  
  702.           /* DONE WITH ADMIN LEVEL 2 PANEL HERE */
  703.           /* DONE WITH ADMIN LEVEL 2 PANEL HERE */
  704.           /* DONE WITH ADMIN LEVEL 2 PANEL HERE */
  705.  
  706.  
  707.  
  708.  
  709.           // if users level is greater then 2
  710.           if($adminLevel > 2) {
  711.  
  712.             echo '
  713.  
  714.            <div class="col-lg-4">
  715.  
  716.  
  717.              <!-- heading here-->
  718.              <h3>Admin Level 3 Panel</h3>
  719.              <p>Use this module to demote admins that are at least level 2</p>
  720.  
  721.  
  722.              <!-- button to minimize module -->
  723.              <button class="btn btn-default hideshow3">show/hide</button>
  724.  
  725.  
  726.              <div class="content3">
  727.  
  728.                <div class="admin_module">
  729.  
  730.  
  731.                  <!-- content here -->
  732.  
  733.  
  734.            ';
  735.  
  736.  
  737.                   // setup query to get users that are level 2
  738.                   $getLevel2Admins = dbConnect()->prepare("SELECT * FROM users WHERE LEVEL = 2");
  739.                   $getLevel2Admins->execute();
  740.                   $levelTwoAdmins = $getLevel2Admins->fetchAll();
  741.  
  742.  
  743.                   // content below this line!!
  744.                   echo '
  745.  
  746.                  <!-- this shows the top "titles" for the table -->
  747.                  <table class="nonAdmins" border="1">
  748.  
  749.                    <tr>
  750.  
  751.                      <td class="table_header">ID</td>
  752.                      <td class="table_header">Username</td>
  753.                      <td class="table_header">Level 1</td>
  754.                      <td class="table_header">Level 0</td>
  755.  
  756.                    <!-- closes tr tag -->
  757.                    </tr>
  758.  
  759.                  <!-- closes echo tag -->
  760.                  ';
  761.  
  762.  
  763.                     // for each level 2 user as $row2 variable
  764.                     foreach($levelTwoAdmins as $row2) {
  765.  
  766.                       echo '
  767.  
  768.                        <tr>
  769.  
  770.                          <!-- display each users id next to their name from database -->
  771.                          <td class="table_content">' .$row2['id']. '</td>
  772.                          <!-- display each users username -->
  773.                          <td class="table_content">' .$row2['username']. '</td>
  774.  
  775.  
  776.                          <td class="table_content">
  777.  
  778.                            <form method="post" class="table_content_form">
  779.  
  780.  
  781.                              <!-- button that demotes selected users level down to 1 -->
  782.                              <button class="btn btn-default" type="submit" name="demoteLevel">Demote to level 1</button>
  783.  
  784.                              <input type="hidden" name="user_id2" value="' .$row2['id']. '" />
  785.                              <input type="hidden" name="user_level2" value="1" />
  786.  
  787.  
  788.                            <!-- closes form -->
  789.                            </form>
  790.  
  791.                          <!-- closing tag for td -->
  792.                          </td>
  793.  
  794.  
  795.                          <td class="table_content">
  796.  
  797.                            <form method="post" class="table_content_form">
  798.  
  799.  
  800.                              <!-- button that demotes selected user to level 0 -->
  801.                              <button class="btn btn-default" type="submit" name="demoteLevel">Demote to level 0</button>
  802.  
  803.                              <input type="hidden" name="user_id2" value=" '.$row2['id'].' " />
  804.                              <input type="hidden" name="user_level2" value="0" />
  805.  
  806.  
  807.                            <!-- closes form -->
  808.                            </form>
  809.  
  810.                          <!-- closing td tag -->
  811.                          </td>
  812.  
  813.  
  814.                        <!-- closes tr tag that contains details of each user that is level 2 -->
  815.                        </tr>
  816.  
  817.                      <!-- closes echo tag -->
  818.                      ';
  819.  
  820.                     // closes foreach($levelTwoAdmins as $row2) statement
  821.                     }
  822.  
  823.  
  824.                     // if user hits demote level button
  825.                     if(isset($_POST['demoteLevel'])) {
  826.  
  827.  
  828.                       // set variables
  829.                       $userid2 = $_POST['user_id2'];
  830.                       $newLevel2 = $_POST['user_level2'];
  831.  
  832.                       // setup query to update user in that row to level accordingly
  833.                       $demoteLevel = dbConnect()->prepare("UPDATE users SET level = :level2 WHERE id = :id2");
  834.                       // bind parameters
  835.                       $demoteLevel->bindParam(':id2', $userid2);
  836.                       $demoteLevel->bindParam(':level2', $newLevel2);
  837.                       // execute query
  838.                       $demoteLevel->execute();
  839.  
  840.                       // echo success message and redirect...
  841.                       echo '<p class="success">user with ID#' .$userid2. ' has been demoted to level ' .$newLevel2. '! <a href="index.php">Refresh</a> to update table...</p>';
  842.  
  843.  
  844.                     // closing tag for if(isset($_POST['demoteLevel'])) statement
  845.                     }
  846.  
  847.  
  848.  
  849.                   echo '
  850.                  <!-- closes table -->
  851.                  </table>
  852.  
  853.  
  854.                  <!-- closes echo tag that contains content!! -->
  855.                  ';
  856.  
  857.  
  858.             echo '
  859.  
  860.  
  861.                <!-- closes div.admin_module -->
  862.                </div>
  863.  
  864.              <!-- closes div.content3 -->
  865.              </div>
  866.  
  867.  
  868.            <!-- closes div.col-lg-4 -->
  869.            </div>
  870.  
  871.            <!-- closing tag for echo that displays admin level 3 panel -->
  872.            ';
  873.  
  874.           // closing bracket for if($adminLevel > 2) statement
  875.           }
  876.  
  877.  
  878.     echo '
  879.  
  880.        <!-- closes div.row -->
  881.        </div>
  882.  
  883.      <!-- closes div.container-fluid -->
  884.      </div>
  885.  
  886.    <!-- closes echo tag that closes div.row && div.container-fluid -->
  887.    ';
  888.  
  889.   // closes else tag directly below if($adminLevel == 0) statement
  890.   // that determines what to do if user IS ADMIN!
  891.   }
  892.  
  893.  
  894.   // closes adminModule function
  895. }
  896.  
  897. // show posts here...
  898. function showPosts() {
  899.  
  900.   // run query to get everything from posts table in database.
  901.   $sql = "SELECT * FROM posts";
  902.   $get_posts = dbConnect()->prepare($sql);
  903.   $get_posts->execute();
  904.   $posts = $get_posts->fetchAll();
  905.  
  906.   // start table here
  907.   echo '
  908.  <table class="posts">
  909.    <tr class="heading">
  910.      <th class="heading">Topic</th>
  911.      <th class="heading">Published</th>
  912.      <th class="heading">Views</th>
  913.      <th class="heading">Author</th>
  914.    </tr>
  915.  ';
  916.  
  917.     foreach($posts as $row) {
  918.  
  919.       require 'core/config.php';
  920.  
  921.       $id = $row['id'];
  922.       $image = $row['image'];
  923.       $title = $row['title'];
  924.       $date = $row['date'];
  925.       $summary = $row['summary'];
  926.       $author = $row['author'];
  927.  
  928.       $random_integer = rand(514651661,3513216335121);
  929.  
  930.   echo '
  931.    <tr class="content">
  932.      <th class="posts_topic">
  933.        <img src="' .$posts_images_directory. '/' .$image. '" alt="posts_image" class="posts_image" />
  934.        <p class="posts_title">' .$title. '</p>
  935.  
  936.        <p class="posts_short_summary">
  937.          <!-- echos only first 200 characters of $summary -->
  938.          ' .substr($summary, 0, 50). '...
  939.        </p>
  940.  
  941.        <p class="read_more">
  942.          <!-- link to page where it shows entire post. -->
  943.          <a href="post.php?post=' .$id. '&?rand=' .$random_integer. '">read more</a>
  944.        </p>
  945.      </th>
  946.  
  947.      <th>
  948.        <p class="posts_date">' .$date. '</p>
  949.      </th>
  950.  
  951.      <th>
  952.        <!-- views -->
  953.        <p class="posts_views">451,251</p>
  954.      </th>
  955.  
  956.      <th>
  957.        <!-- author -->
  958.        <p class="posts_author">' .$author. '</p>
  959.      </th>
  960.    </tr>
  961.  ';
  962.  
  963.   // closes foreach $post as $row statement
  964.   }
  965.  
  966.   echo '
  967.  </table>
  968.  ';
  969.  
  970.   // closing tag for showPosts() function
  971. }
  972.  
  973. // function to redirect multiple times on one page
  974. function redirect($url) {
  975.   if (!headers_sent()) {
  976.     header('refresh:3;url='.$url);
  977.     exit;
  978.   } else {
  979.     echo '
  980.    <script type="text/javascript">
  981.      window.setTimeout(function () {
  982.        window.location.href="' .$url. '";
  983.      }, 3000);
  984.    </script>
  985.  
  986.    <noscript>
  987.      <meta http-equiv="refresh" content="0;url='.$url.'" />
  988.    </noscript>
  989.    '; exit;
  990.   }
  991. }
  992. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!