Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //Includes all functions and parses the post data into appropriate variables
- include 'functions.php';
- include 'lights.php';
- $callback = json_decode(file_get_contents('php://input'));
- $attachments = $callback->attachments;
- $avatar = $callback->avatar_url;
- $name = $callback->name;
- $type = $callback->sender_type;
- $text = $callback->text;
- $userid = $callback->user_id;
- $admins = get_admins();
- $ignored = get_ignored();
- $settings = get_settings();
- //If logging is enabled in the config, this logs the chat to the database
- logging($userid, $name, $text);
- //Only handles messages from users to prevent infinite loops
- if ($type == 'user' && !in_array($userid, $ignored) && $text[0] != '/') {
- //Basic response is a simple response to a found phrase
- basic_response($text, $name, $userid);
- //If the Weather Underground API token and location are set and weather has been enabled, this will return a forecast if someone says "weather"
- if ($settings['weather']) {
- weather_response($text);
- }
- //If anyone says "bitcoin" and the bitcoin setting is enabled, this will return the price in USD
- if ($settings['bitcoin']) {
- btc_response($text);
- }
- //If anyone says "ethereum" and the ethereum setting is enabled, this will return the price in USD and BTC
- if ($settings['ethereum']) {
- eth_response($text);
- }
- //If anyone says "litecoin" and the litecoin setting is enabled, this will return the price in USD and BTC
- if ($settings['litecoin']) {
- ltc_response($text);
- }
- if ($settings['lights']) {
- blink($ip, $pins, "50", "20");
- }
- }
- if (in_array($userid, $admins) && $type == 'user' && $text == '/config') {
- }
- <?php
- //Writes the contents of a variable to a text file for debugging purposes
- function debugvar($variable) {
- file_put_contents('debug.txt', print_r($variable, true));
- }
- //Initialize the database
- function initdb() {
- $db = new PDO('sqlite:db.sqlite');
- $dbcmds = ['CREATE TABLE IF NOT EXISTS config(
- name TEXT NOT NULL,
- value TEXT NOT NULL
- )',
- 'CREATE TABLE IF NOT EXISTS settings(
- name TEXT NOT NULL,
- value INTEGER NOT NULL
- )',
- 'CREATE TABLE IF NOT EXISTS responses(
- find TEXT NOT NULL,
- respond TEXT NOT NULL
- )',
- 'CREATE TABLE IF NOT EXISTS users(
- name TEXT NOT NULL,
- userid TEXT NOT NULL,
- admin INTEGER,
- ignored INTEGER
- )',
- 'CREATE TABLE IF NOT EXISTS auth(
- username TEXT NOT NULL,
- password TEXT NOT NULL
- )',
- 'CREATE TABLE IF NOT EXISTS log(
- entry TEXT NOT NULL,
- timestamp INTEGER NOT NULL
- )',
- ];
- foreach ($dbcmds as $cmd) {
- $db->exec($cmd);
- }
- $clean = 1;
- foreach ($db->errorInfo() as $error) {
- if ($error != 0) {
- $clean = $error;
- }
- }
- return $clean;
- }
- //Gets the specified config variable value from the database
- function get_config_var($parameter) {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('SELECT value FROM config WHERE name=:name');
- $query->bindValue(':name', $parameter, PDO::PARAM_STR);
- $query->execute();
- $result = $query->fetch(PDO::FETCH_ASSOC);
- return $result['value'];
- }
- //Returns panel admins as an array
- function get_panel_admins() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('SELECT username FROM auth');
- $query->execute();
- $result = $query->fetchAll(PDO::FETCH_COLUMN, 0);
- return $result;
- }
- //Adds admins listed in array
- function add_admin($user, $pass) {
- $db = new PDO('sqlite:db.sqlite');
- $admins = get_panel_admins();
- $username = strtolower($user);
- $password = password_hash($pass, PASSWORD_DEFAULT);
- if (!in_array($username, $admins)) {
- $query = $db->prepare('INSERT INTO auth (username, password) VALUES (:username, :password)');
- $query->bindValue(':username', $username, PDO::PARAM_STR);
- $query->bindValue(':password', $password, PDO::PARAM_STR);
- $query->execute();
- } else {
- echo "Admin already exists";
- }
- }
- //Changes an admin password to the specified password
- function change_admin_pass($users) {
- $db = new PDO('sqlite:db.sqlite');
- foreach ($users as $name=>$pass) {
- if (!empty($pass)) {
- $username = strtolower($name);
- $password = password_hash($pass, PASSWORD_DEFAULT);
- $query = $db->prepare('UPDATE auth set password=:password WHERE username=:username');
- $query->bindValue(':username', $username, PDO::PARAM_STR);
- $query->bindValue(':password', $password, PDO::PARAM_STR);
- $query->execute();
- }
- }
- }
- //Deletes admins listed in array
- function delete_admin($delete) {
- $db = new PDO('sqlite:db.sqlite');
- foreach ($delete as $name) {
- $query = $db->prepare('SELECT count(username) FROM auth');
- $query->execute();
- $count = $query->fetch();
- $count = $count[0];
- if ($count > '1') {
- $username = strtolower($name);
- $query = $db->prepare('DELETE FROM auth WHERE username=:name');
- $query->bindValue(':name', $username, PDO::PARAM_STR);
- $query->execute();
- } else {
- echo "Cannot delete last admin";
- }
- }
- }
- //Returns the responses as an array
- function get_responses() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('SELECT find,respond FROM responses');
- $query->execute();
- return $query->fetchAll();
- }
- //Returns the config as an array
- function get_config() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('SELECT name,value FROM config');
- $query->execute();
- return $query->fetchAll();
- }
- //Returns the chat log
- function get_log() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('SELECT entry,timestamp FROM log');
- $query->execute();
- return $query->fetchAll();
- }
- //Returns the admins as an array
- function get_admins() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('SELECT userid FROM users WHERE admin=1');
- $query->execute();
- return $query->fetchAll(PDO::FETCH_COLUMN, 0);
- }
- //Returns the ignored users as an array
- function get_ignored() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('SELECT userid FROM users WHERE ignored=1');
- $query->execute();
- return $query->fetchAll(PDO::FETCH_COLUMN, 0);
- }
- //Returns the settings as an array
- function get_settings() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('SELECT name,value FROM settings');
- $query->execute();
- $result = $query->fetchAll();
- foreach ($result as $setting) {
- $settings[$setting[0]] = $setting[1];
- }
- return $settings;
- }
- //Logs all chat to the database
- function logging($userid, $name, $text) {
- $db = new PDO('sqlite:db.sqlite');
- if (get_config_var('log')) {
- $entry = "$name($userid): $text";
- $statement = $db->prepare('INSERT INTO log (entry, timestamp) VALUES (:entry, :timestamp)');
- $statement->bindValue(':entry', $entry, PDO::PARAM_STR);
- $statement->bindValue(':timestamp', time(), PDO::PARAM_STR);
- $statement->execute();
- }
- }
- //Basic response (no images)
- function basic_response($text, $name, $userid) {
- $responses = get_responses();
- foreach ($responses as $element) {
- if (stripos($text, $element[0]) !== FALSE) {
- $message = $element[1];
- $message = str_replace('%u', $userid, $message);
- if (stripos($message, '%n') !== FALSE) {
- $message = str_replace('%n', $name, $message);
- mention($message, $name);
- } else {
- send($message);
- }
- }
- }
- }
- //WUnderground response
- function weather_response($text) {
- $wutoken = get_config_var('wutoken');
- $wuloc = get_config_var('wuloc');
- if (stripos($text, 'weather') !== FALSE) {
- if (isset($wutoken) && isset($wuloc)) {
- $rawweather = json_decode(curl_get("https://api.wunderground.com/api/$wutoken/conditions/q/$wuloc.json"));
- $temperature = $rawweather->current_observation->feelslike_string;
- $weather = $rawweather->current_observation->weather;
- $icon = $rawweather->current_observation->icon_url;
- $forecast = "The weather is $weather with a temperature of $temperature";
- send_img($forecast, $icon);
- } else {
- send('WUnderground token and location are not set');
- }
- }
- }
- //Bitcoin value response
- function btc_response($text) {
- if (stripos($text, 'bitcoin') !== FALSE) {
- $pricedata = json_decode(curl_get("https://min-api.cryptocompare.com/data/price?fsym=BTC&tsyms=USD"));
- $usdprice = $pricedata->USD;
- $message = "Bitcoin is worth $$usdprice";
- $btclogo = 'https://files.coinmarketcap.com/static/img/coins/32x32/bitcoin.png';
- send_img($message, $btclogo);
- }
- }
- //Ethereum value response
- function eth_response($text) {
- if (stripos($text, 'ethereum') !== FALSE) {
- $pricedata = json_decode(curl_get("https://min-api.cryptocompare.com/data/price?fsym=ETH&tsyms=BTC,USD"));
- $usdprice = $pricedata->USD;
- $btcprice = $pricedata->BTC;
- $message = "Ethereum is worth $$usdprice and $btcprice Bitcoin";
- $ethlogo = 'https://files.coinmarketcap.com/static/img/coins/32x32/ethereum.png';
- send_img($message, $ethlogo);
- }
- }
- //Litecoin value response
- function ltc_response($text) {
- if (stripos($text, 'litecoin') !== FALSE) {
- $pricedata = json_decode(curl_get("https://min-api.cryptocompare.com/data/price?fsym=LTC&tsyms=BTC,USD"));
- $usdprice = $pricedata->USD;
- $btcprice = $pricedata->BTC;
- $message = "Litecoin is worth $$usdprice and $btcprice Bitcoin";
- $ltclogo = 'https://files.coinmarketcap.com/static/img/coins/32x32/litecoin.png';
- send_img($message, $ltclogo);
- }
- }
- //Curl get function, takes url and returns the get response
- function curl_get($url) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, "$url");
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $get = curl_exec($ch);
- curl_close($ch);
- return $get;
- }
- //Curl post to groupme, takes the postfields and posts to the groupme bot api
- function curl_post($postfields) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, 'https://api.groupme.com/v3/bots/post');
- curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
- curl_exec($ch);
- curl_close($ch);
- }
- //Send message function, takes a message as input and posts to GroupMe
- function send($message) {
- $bottoken = get_config_var('bottoken');
- $postdata = [
- 'bot_id' => $bottoken,
- 'text' => $message
- ];
- curl_post(http_build_query($postdata));
- }
- //Send image function, takes message and img url as inputs and posts to GroupMe
- function send_img($message, $image) {
- $bottoken = get_config_var('bottoken');
- $attachments = [
- 'type' => 'image',
- 'url' => $image
- ];
- $postdata = [
- 'bot_id' => $bottoken,
- 'text' => $message,
- 'attachments' => [$attachments]
- ];
- curl_post(json_encode($postdata));
- }
- //Mention function, takes a message and name as inputs and posts to GroupMe
- function mention($message, $name) {
- $bottoken = get_config_var('bottoken');
- $loci = [
- stripos($message, $name),
- strlen($name)
- ];
- $attachments = [
- 'loci' => [$loci],
- 'type' => 'mentions',
- 'user_ids' => [get_user_id($name)]
- ];
- $postdata = [
- 'bot_id' => $bottoken,
- 'text' => $message,
- 'attachments' => [$attachments]
- ];
- curl_post(json_encode($postdata));
- }
- //Get bot group function, returns the group id of the bot
- function get_bot_group() {
- $apitoken = get_config_var('apitoken');
- $bottoken = get_config_var('bottoken');
- $bots = json_decode(curl_get("https://api.groupme.com/v3/bots?token=$apitoken"));
- foreach($bots->response as $element) {
- if ($element->bot_id == $bottoken) {
- return $element->group_id;
- }
- }
- }
- //Get user id function, takes a name as input and returns the user id
- function get_user_id($name) {
- $apitoken = get_config_var('apitoken');
- $user_id = 'No member with that name found';
- $groupid = get_bot_group();
- $groups = json_decode(curl_get("https://api.groupme.com/v3/groups?token=$apitoken"));
- foreach($groups->response as $element) {
- if ($element->id == $groupid) {
- foreach($element->members as $member) {
- if (stripos($member->nickname, $name) !== FALSE) {
- $user_id = $member->user_id;
- }
- }
- }
- }
- return $user_id;
- }
- //Get name function, takes a user id as input and returns the name associated with that user id
- function get_name($userid) {
- $apitoken = get_config_var('apitoken');
- $name = 'Invalid userid';
- $groupid = get_bot_group();
- $groups = json_decode(curl_get("https://api.groupme.com/v3/groups?token=$apitoken"));
- foreach($groups->response as $element) {
- if ($element->id == $groupid) {
- foreach($element->members as $member) {
- if ($userid == $member->user_id) {
- $name = $member->nickname;
- }
- }
- }
- }
- return $name;
- }
- //Get users function, gets user information from the groupme api, adds it to the database, and returns it as an array
- function get_users() {
- $apitoken = get_config_var('apitoken');
- $groupid = get_bot_group();
- $groups = json_decode(curl_get("https://api.groupme.com/v3/groups?token=$apitoken"));
- $index = 0;
- $db = new PDO('sqlite:db.sqlite');
- foreach($groups->response as $element) {
- if ($element->id == $groupid) {
- foreach($element->members as $member) {
- $userid = $member->user_id;
- $name = $member->nickname;
- $avatar = $member->image_url;
- $query = $db->prepare('SELECT userid FROM users WHERE userid=:userid');
- $query->bindValue('userid', $userid, PDO::PARAM_STR);
- $query->execute();
- $result = $query->fetch(PDO::FETCH_ASSOC);
- if (isset($result['userid'])) {
- $query = $db->prepare('UPDATE users SET name=:name WHERE userid=:userid');
- $query->bindValue(':name', $name, PDO::PARAM_STR);
- $query->bindValue(':userid', $userid, PDO::PARAM_STR);
- $query->execute();
- } else {
- $query = $db->prepare('INSERT INTO users (name, userid) VALUES (:name, :userid)');
- $query->bindValue(':name', $name, PDO::PARAM_STR);
- $query->bindValue(':userid', $userid, PDO::PARAM_STR);
- $query->execute();
- }
- $members[$index] = [
- "userid" => $userid,
- "name" => $name,
- "avatar" => $avatar
- ];
- $index++;
- }
- }
- }
- return $members;
- }
- //Adds a response to the database, uses input find and respond where find is the text that is searched for and respond is the text that is retrned
- function add_response($find, $respond) {
- $responses = get_responses();
- $exists = 0;
- foreach ($responses as $element) {
- if (stripos($element[0], $find) !== FALSE || stripos($find, $element[0]) !== FALSE) {
- $exists = 1;
- }
- }
- if (!$exists) {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('INSERT INTO responses (find, respond) VALUES (:find, :respond)');
- $query->bindValue(':find', $find, PDO::PARAM_STR);
- $query->bindValue(':respond', $respond, PDO::PARAM_STR);
- $query->execute();
- } else {
- echo "Similar find already exists<br>";
- }
- }
- //Deletes responses from the database, takes the "find" string as input
- function del_responses($delete) {
- $db = new PDO('sqlite:db.sqlite');
- foreach ($delete as $find) {
- $query = $db->prepare('DELETE FROM responses WHERE find=:find');
- $query->bindValue(':find', $find, PDO::PARAM_STR);
- $query->execute();
- }
- }
- //Deletes all admins from the database
- function delete_admins() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('UPDATE users SET admin = 0');
- $query->execute();
- }
- //Updates the admins by deleting all of them and then adding the specified userids
- function update_admins($admins) {
- delete_admins();
- $db = new PDO('sqlite:db.sqlite');
- foreach ($admins as $element) {
- $query = $db->prepare('UPDATE users SET admin=:admin WHERE userid=:userid');
- $query->bindValue(':userid', $element, PDO::PARAM_STR);
- $query->bindValue(':admin', '1', PDO::PARAM_STR);
- $query->execute();
- }
- }
- //Deletes all ignored users from the database
- function delete_ignored() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('UPDATE users SET ignored = 0');
- $query->execute();
- }
- //Updates the users by deleting all of them and then adding the specified userids
- function update_ignored($ignored) {
- delete_ignored();
- $db = new PDO('sqlite:db.sqlite');
- foreach ($ignored as $element) {
- $query = $db->prepare('UPDATE users SET ignored=:ignored WHERE userid=:userid');
- $query->bindValue(':userid', $element, PDO::PARAM_STR);
- $query->bindValue(':ignored', '1', PDO::PARAM_STR);
- $query->execute();
- }
- }
- //Resets all settings in the database
- function reset_settings() {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('UPDATE settings SET value = 0');
- $query->execute();
- }
- //Updates the settings by restting all of the settings and then enabling the specified ones
- function update_settings($settings) {
- reset_settings();
- $db = new PDO('sqlite:db.sqlite');
- foreach ($settings as $element) {
- $query = $db->prepare('UPDATE settings SET value=:value WHERE name=:name');
- $query->bindValue(':name', $element, PDO::PARAM_STR);
- $query->bindValue(':value', '1', PDO::PARAM_STR);
- $query->execute();
- }
- }
- //Adds the specified setting to the array if it doesn't already exist
- function add_setting($setting) {
- $settings = get_settings();
- $exists = 0;
- foreach ($settings as $element=>$key) {
- if ($setting == $element) {
- $exists = 1;
- }
- }
- if (!$exists) {
- $db = new PDO('sqlite:db.sqlite');
- $query = $db->prepare('INSERT INTO settings (name, value) VALUES (:name, :value)');
- $query->bindValue(':name', $setting, PDO::PARAM_STR);
- $query->bindValue(':value', '1', PDO::PARAM_STR);
- $query->execute();
- } else {
- echo "Setting already exists<br>";
- }
- }
- //Deletes responses from the database, takes the "find" string as input
- function del_settings($delete) {
- $db = new PDO('sqlite:db.sqlite');
- foreach ($delete as $setting) {
- $query = $db->prepare('DELETE FROM settings WHERE name=:setting');
- $query->bindValue(':setting', $setting, PDO::PARAM_STR);
- $query->execute();
- }
- }
- //Updates the config, takes an array of config paramaters with the element name being the paramter and the value being the value
- function update_config($config) {
- $db = new PDO('sqlite:db.sqlite');
- foreach ($config as $name=>$value) {
- if ($value[0] != "*") {
- $query = $db->prepare('UPDATE config SET value=:value WHERE name=:name');
- $query->bindValue(':name', $name, PDO::PARAM_STR);
- $query->bindValue(':value', $value, PDO::PARAM_STR);
- $query->execute();
- }
- }
- }
- //Display the setup form
- function disp_setup() {
- $setup = <<<'EOSETUP'
- <form name="setup" method="post" action="">
- <table align="center" style="width: 50%;">
- <tr>
- <td>Panel username:</td>
- <td><input type="text" style="width: 100%;" name="user" placeholder="Panel username" required></td>
- </tr>
- <tr>
- <td>Panel password:</td>
- <td><input type="password" style="width: 100%;" name="pass" placeholder="Panel password" required></td>
- </tr>
- <tr>
- <td>GroupMe API token:</td>
- <td><input type="text" style="width: 100%;" name="apitoken" placeholder="Your GroupMe API token" required></td>
- </tr>
- <tr>
- <td>GroupMe Bot token:</td>
- <td><input type="text" style="width: 100%;" name="bottoken" placeholder="Your GroupMe Bot token" required></td>
- </tr>
- <tr>
- <td>WeatherUnderground API token:</td>
- <td><input type="text" style="width: 100%;" name="wutoken" placeholder="Your WeatherUnderground API token" value=""></td>
- </tr>
- <tr>
- <td>WeatherUnderground location code:</td>
- <td><input type="text" style="width: 100%;" name="wuloc" placeholder="Your WeatherUnderground location code" value=""></td>
- </tr>
- <tr>
- <td>Logging, check to enable</td>
- <td><input type="checkbox" style="width: 100%;" name="log" value="1" checked required></td>
- </tr>
- <tr>
- <td colspan="3"><input type="submit" value="Initialize"></td>
- </tr>
- </table>
- </form>
- EOSETUP;
- echo $setup;
- }
- //Display the login
- function disp_login() {
- $login = <<<'EOLOGIN'
- <form name="login" method="post" action="">
- <table align="center" style="width: 50%;">
- <tr>
- <td>Username:</td>
- <td><input type="text" style="width: 100%;" name="username" placeholder="Panel username" required></td>
- </tr>
- <tr>
- <td>Password:</td>
- <td><input type="password" style="width: 100%;" name="password" placeholder="Panel password" required></td>
- </tr>
- <tr>
- <td colspan="3"><input type="submit" value="Login"></td>
- </tr>
- </table>
- </form>
- EOLOGIN;
- echo $login;
- }
- <!DOCTYPE html>
- <html>
- <head>
- <style>
- body {
- background: url("https://picload.org/image/dadcrgpl/background.png");
- background-repeat: repeat-y;
- background-size: cover;
- color: white;
- margin: 0;
- padding: 0;
- left: 0;
- right: 0;
- position: absolute;
- font-size: 16px;
- text-align: center;
- font-family: "Lucida Console", Monaco, monospace;
- }
- form {
- border: 0;
- margin: 0;
- }
- ul {
- list-style-type: none;
- margin: 0;
- padding: 0;
- overflow: hidden;
- }
- li {
- float: left;
- display: block;
- }
- summary {
- background: rgba(255, 0, 0, .1);
- text-align: left;;
- font-size: 18px;
- }
- table {
- max-width: 100%;
- border-spacing: 0;
- text-align: left;
- font-size: 16px;
- }
- tr {
- max-width: 100%;
- }
- th, td {
- height: 100%;
- padding: 10px;
- overflow-x: hidden;
- vertical-align: middle;
- }
- tr:nth-child(even) {
- background-color: rgba(255, 255, 255, 0.50);
- }
- tr:nth-child(odd) {
- background-color: rgba(255, 255, 255, 0.25);
- }
- input {
- border: 0;
- box-sizing: border-box;
- color: white;
- text-indent: 0px;
- font-size: 16px;
- background: rgba(0, 0, 0, 0);
- font-family: "Lucida Console", Monaco, monospace;
- }
- </style>
- <title>PHP GroupMe Bot</title>
- </head>
- <body>
- <?php
- header('Content-type: text/html; charset=utf-8');
- ini_set('display_errors', 1);
- ini_set('session.save_path', getcwd());
- error_reporting(-1);
- include 'functions.php';
- session_start();
- if (file_exists('db.sqlite')) {
- if (isset($_SESSION['username'])) {
- if (isset($_POST['logout'])) {
- session_destroy();
- header("Refresh:1");
- }
- if (!empty($_POST['add_admin_name']) && !empty($_POST['add_admin_pass'])) {
- add_admin($_POST['add_admin_name'], $_POST['add_admin_pass']);
- }
- if (isset($_POST['delete_admin'])) {
- delete_admin($_POST['delete_admin']);
- }
- if (isset($_POST['change_admin_pass'])) {
- change_admin_pass($_POST['change_admin_pass']);
- }
- if (isset($_POST['config'])) {
- update_config($_POST['config']);
- }
- if (isset($_POST['find']) && isset($_POST['respond']) && !empty($_POST['find']) && !empty($_POST['respond'])) {
- add_response($_POST['find'], $_POST['respond']);
- }
- if (isset($_POST['delete'])) {
- del_responses($_POST['delete']);
- }
- if (isset($_POST['users'])) {
- if (isset($_POST['admins'])) {
- update_admins($_POST['admins']);
- } else {
- delete_admins();
- }
- if (isset($_POST['ignored'])) {
- update_ignored($_POST['ignored']);
- } else {
- delete_ignored();
- }
- }
- if (isset($_POST['settings'])) {
- update_settings($_POST['settings']);
- }
- if (isset($_POST['new_setting']) && !empty($_POST['new_setting'])) {
- add_setting($_POST['new_setting']);
- }
- if (isset($_POST['del_settings']) && !empty($_POST['del_settings'])) {
- del_settings($_POST['del_settings']);
- }
- if (isset($_POST['send']) && !empty($_POST['send'])) {
- send($_POST['send']);
- }?>
- <div style="align: right; height: 5vh; background: rgba(0, 0, 0, .5);">
- <ul>
- <?php
- $username = $_SESSION['username'];
- echo "<li>$username Logged in</li>";
- ?>
- <form name="logout" method="post" action="">
- <li><input type="hidden" name="logout" value="logout"></li>
- <input style="float: right;" type="submit" value="Log Out">
- </form>
- </div>
- <div style="overflow-y: scroll; height: 90vh">
- <details>
- <summary>Panel</summary>
- <form name="panel" method="post" action="">
- <table align="center">
- <tr>
- <th>Panel Admins</th>
- <th>Delete</th>
- <th>Change Password</th>
- </tr>
- <?php
- $admins = get_panel_admins();
- foreach ($admins as $element) {
- $name = $element;
- echo "<tr>";
- echo "<td>$name</td>";
- echo "<td><input type="checkbox" name="delete_admin[]" value="$name"></td>";
- echo "<td><input type="password" name="change_admin_pass[$name]" placeholder="Password"></td>";
- echo "</tr>";
- }?>
- <tr>
- <td><input type="text" name="add_admin_name" placeholder="Username"></td>
- <td colspan="2"><input type="password" name="add_admin_pass" placeholder="Password"></td>
- <tr>
- <th colspan="3"><input type="submit" value="Update"></th>
- </tr>
- </table>
- </form>
- </details>
- <details>
- <summary>Config</summary>
- <form name="config" method="post" action="">
- <table align="center">
- <tr>
- <th>Setting</th>
- <th>Value</th>
- <th>New Value</th>
- </tr>
- <?php
- $config = get_config();
- foreach ($config as $element) {
- $name = $element['name'];
- $value = $element['value'];
- echo "<tr>";
- echo "<td>$name</td>";
- if (stripos($name, 'token') !== FALSE) {
- $value = str_repeat('*', strlen($value) - 4) . substr($value, -4);
- echo "<td>$value</td>";
- echo "<td><input type="text" name="config[$name]" value="$value"></td>";
- } else {
- echo "<td>$value</td>";
- echo "<td><input type="text" name="config[$name]" value="$value"></td>";
- }
- echo "</tr>";
- }?>
- <tr>
- <th colspan="3"><input type="submit" value="Update"></th>
- </tr>
- </table>
- </form>
- </details>
- <details>
- <summary>Add</summary>
- <form name="add" method="post" action="">
- <h3>%n can be used to mention someone in a response</h3>
- <table align="center">
- <tr>
- <th><input type="text" name="find" placeholder="Text to find"></th>
- <th><input type="text" name="respond" placeholder="Text to respond with"></th>
- <th><input type="submit" value="Add"></th>
- </tr>
- </table>
- </form>
- </details>
- <details>
- <summary>Delete</summary>
- <form name="delete" method="post" action="">
- <table align="center">
- <tr>
- <th>Find</th>
- <th>Respond</th>
- <th>Delete</th>
- </tr>
- <?php
- $responses = get_responses();
- foreach ($responses as $element) {
- $find = $element['find'];
- $respond = $element['respond'];
- echo "<tr>";
- echo "<td>$find</td>";
- echo "<td>$respond</td>";
- echo "<td><input type="checkbox" name="delete[]" value="$find"></td>";
- echo "</tr>";
- }?>
- <tr>
- <th colspan="3"><input type="submit" value="Remove"></th>
- </tr>
- </table>
- </form>
- </details>
- <details>
- <summary>Users</summary>
- <form name="Users" method="post" action="">
- <table align="center">
- <tr>
- <th>Name</th>
- <th>Admin</th>
- <th>Ignored</th>
- </tr>
- <?php
- $admins = get_admins();
- $ignored = get_ignored();
- $users = get_users();
- $i = 0;
- foreach ($users as $user) {
- $name = htmlspecialchars($user["name"]);
- $userid = htmlspecialchars($user["userid"]);
- $avatar = $user["avatar"];
- echo "<tr>";
- echo "<td style="text-align: left;"><img src="$avatar" style="width:50px; height:50px; vertical-align: middle;">$name ($userid)</td>";
- if (in_array($users[$i]['userid'], $admins)) {
- echo "<td><input type="checkbox" name="admins[]" value="$userid" checked></td>";
- } else {
- echo "<td><input type="checkbox" name="admins[]" value="$userid"></td>";
- }
- if (in_array($users[$i]['userid'], $ignored)) {
- echo "<td><input type="checkbox" name="ignored[]" value="$userid" checked></td>";
- } else {
- echo "<td><input type="checkbox" name="ignored[]" value="$userid"></td>";
- }
- echo "</tr>";
- $i++;
- }?>
- <tr>
- <th colspan="3"><input type="submit" value="Update"></th>
- </tr>
- </table>
- <input type="hidden" name="users[]" value="1">
- </form>
- </details>
- <details>
- <summary>Settings</summary>
- <form name="settings" method="post" action="">
- <table align="center">
- <tr>
- <th>Name</th>
- <th>State</th>
- <th>Delete</th>
- </tr>
- <?php
- $settings = get_settings();
- foreach ($settings as $element=>$key) {
- $name = $element;
- $value = $key;
- echo "<tr>";
- echo "<td>$name</td>";
- if ($value) {
- echo "<td><input type="checkbox" name="settings[]" value="$name" checked></td>";
- } else {
- echo "<td><input type="checkbox" name="settings[]" value="$name"></td>";
- }
- echo "<td><input type="checkbox" name="del_settings[]" value="$name"></td>";
- echo "</tr>";
- }?>
- <tr>
- <td>Add setting</td>
- <td colspan="2"><input type="text" name="new_setting" placeholder="Name for new setting"></td>
- </tr>
- <tr>
- <th colspan="3"><input type="submit" value="Update"></th>
- </tr>
- </table>
- <input type="hidden" name="settings[]" value="1">
- </form>
- </details>
- <details>
- <summary>Log</summary>
- <table style="width: 100%;">
- <?php
- $log = get_log();
- foreach ($log as $element) {
- $timestamp = date("Y-m-d@H:i:s", $element['timestamp']);
- $entry = htmlspecialchars($element['entry']);
- echo "<tr>";
- echo "<td>$timestamp</td>";
- echo "<td>$entry</td>";
- echo "</tr>";
- }?>
- </table>
- </details>
- </div>
- <form name="send" method="post" action="">
- <table style="width: 100%; position: fixed; bottom: 0; height: 5vh">
- <tr>
- <th><input type="text" name="send" placeholder="Message to send"></th>
- </tr>
- </table>
- <input type="submit" value="Send" style="display: none">
- </form>
- <?php
- } else {
- disp_login();
- if (isset($_POST['username']) && isset($_POST['password'])) {
- $db = new PDO('sqlite:db.sqlite');
- $username = strtolower($_POST['username']);
- $password = $_POST['password'];
- $query = $db->prepare('SELECT password FROM auth WHERE username=:username');
- $query->bindValue(':username', $username, PDO::PARAM_STR);
- $query->execute();
- $hashed = $query->fetch(PDO::FETCH_COLUMN, 0);
- if (password_verify($password, $hashed)) {
- echo "Logging in...";
- $_SESSION['username'] = $username;
- header("Refresh:1");
- } else {
- echo "Incorrect password!";
- }
- }
- }
- } else if (is_writeable('./')) {
- if (!empty($_POST) && initdb()) {
- $db = new PDO('sqlite:db.sqlite');
- $config = ['apitoken', 'bottoken', 'wutoken', 'wuloc'];
- $settings = ['litecoin', 'bitcoin', 'ethereum'];
- foreach($config as $variable) {
- $statement = $db->prepare('INSERT INTO config (name, value) VALUES (:name, :value)');
- $statement->bindValue(':name', $variable, PDO::PARAM_STR);
- $statement->bindValue(':value', $_POST[$variable], PDO::PARAM_STR);
- $statement->execute();
- }
- if ($_POST['log']) {
- $db->exec("INSERT INTO config (name, value) VALUES ('log', '1')");
- } else {
- $db->exec("INSERT INTO config (name, value) VALUES ('log', '1')");
- }
- if ((isset($_POST['wutoken'])) && isset($_POST['wuloc'])) {
- $db->exec("INSERT INTO settings (name, value) VALUES ('weather', '1')");
- } else {
- $db->exec("INSERT INTO settings (name, value) VALUES ('weather', '0')");
- }
- $db->exec("INSERT INTO settings (name, value) VALUES ('lights', '0')");
- $db->exec("INSERT INTO responses (find, respond) VALUES ('test', 'It works!')");
- add_admin($_POST['user'], $_POST['pass']);
- foreach($settings as $variable) {
- $statement = $db->prepare('INSERT INTO settings (name, value) VALUES (:name, :value)');
- $statement->bindValue(':name', $variable, PDO::PARAM_STR);
- $statement->bindValue(':value', '1', PDO::PARAM_STR);
- $statement->execute();
- }
- file_put_contents('.htaccess', "<Files "db.sqlite">nDeny From Alln</Files>n<Files "sess*">nDeny From Alln</Files>");
- header("Refresh:1");
- }
- disp_setup();
- } else {
- echo "Working directory is not writeable, either chown it to the webserver user and group or allow write permissions to everyone (insecure!)";
- }?>
- </body>
- </html>
Add Comment
Please, Sign In to add comment