diff --git a/public/index.php b/public/index.php index ec4a7a2..6263fa0 100644 --- a/public/index.php +++ b/public/index.php @@ -32,6 +32,7 @@ Users\register_routes($r); Help\register_routes($r); Forum\register_routes($r); Install\register_routes($r); +Admin\register_routes($r); $r->post('/move', 'move'); diff --git a/public/admin.php b/src/actions/admin.php similarity index 95% rename from public/admin.php rename to src/actions/admin.php index 32dbb86..fbe08d1 100644 --- a/public/admin.php +++ b/src/actions/admin.php @@ -2,41 +2,44 @@ // admin.php :: primary administration script. -require_once '../src/lib.php'; +namespace Admin; -if (!file_exists('../.installed')) redirect('install.php'); +use Router; -$controlrow = get_control_row(); - -// Login (or verify) if not logged in. -if (($userrow = checkcookies()) === false) { - if (isset($_GET['do']) && $_GET['do'] === 'verify') redirect('users.php?do=verify'); - redirect('/login'); +function register_routes(Router $r): Router +{ + global $userrow; + if (isset($userrow) && $userrow !== false && $userrow['authlevel'] === 1) { + $r->get('/admin', 'Admin\donothing'); + $r->get('/admin/main', 'Admin\primary'); + $r->post('/admin/main', 'Admin\primary'); + $r->get('/admin/items', 'Admin\items'); + $r->get('/admin/items/:id', 'Admin\edititem'); + $r->post('/admin/items/:id', 'Admin\edititem'); + $r->get('/admin/drops', 'Admin\drops'); + $r->get('/admin/drops/:id', 'Admin\editdrop'); + $r->post('/admin/drops/:id', 'Admin\editdrop'); + $r->get('/admin/towns', 'Admin\towns'); + $r->get('/admin/towns/:id', 'Admin\edittown'); + $r->post('/admin/towns/:id', 'Admin\edittown'); + $r->get('/admin/monsters', 'Admin\monsters'); + $r->get('/admin/monsters/:id', 'Admin\editmonster'); + $r->post('/admin/monsters/:id', 'Admin\editmonster'); + $r->get('/admin/level', 'Admin\levels'); + $r->get('/admin/level/:id', 'Admin\editlevel'); + $r->post('/admin/level/:id', 'Admin\editlevel'); + $r->get('/admin/spells', 'Admin\spells'); + $r->get('/admin/spells/:id', 'Admin\editspell'); + $r->post('/admin/spells/:id', 'Admin\editspell'); + $r->get('/admin/users', 'Admin\users'); + $r->get('/admin/users/:id', 'Admin\edituser'); + $r->post('/admin/users/:id', 'Admin\edituser'); + $r->get('/admin/news', 'Admin\addnews'); + $r->post('/admin/news', 'Admin\addnews'); + } + return $r; } -if ($userrow["authlevel"] !== 1) exit("You must have administrator privileges to use the control panel."); - -$do = explode(':', $_GET['do'] ?? ''); -match ($do[0]) { - 'main' => primary(), - 'items' => items(), - 'edititem' => edititem($do[1]), - 'drops' => drops(), - 'editdrop' => editdrop($do[1]), - 'towns' => towns(), - 'edittown' => edittown($do[1]), - 'monsters' => monsters(), - 'editmonster' => editmonster($do[1]), - 'levels' => levels(), - 'editlevel' => editlevel(), - 'spells' => spells(), - 'editspell' => editspell($do[1]), - 'users' => users(), - 'edituser' => edituser($do[1]), - 'news' => addnews(), - default => donothing() -}; - function donothing() { $page = <<query('UPDATE control SET gamename=?, gamesize=?, class1name=?, class2name=?, class3name=?, gameopen=?, verifyemail=?, gameurl=?, adminemail=?, shownews=?, showonline=?, showbabble=? WHERE id=1;', [ - $form['gamename'], $form['gamesize'], $form['class1name'], $form['class1name'], $form['class1name'], $form['gameopen'], $form['verifyemail'], $form['gameurl'], $form['adminemail'], $form['shownews'], $form['showonline'], $form['showbabble'] + $form['gamename'], $form['gamesize'], $form['class1name'], $form['class2name'], $form['class3name'], $form['gameopen'], $form['verifyemail'], $form['gameurl'], $form['adminemail'], $form['shownews'], $form['showonline'], $form['showbabble'] ]); admindisplay("Settings updated.", "Main Settings"); @@ -95,7 +98,7 @@ function primary() $page = <<Main Settings
These options control several major settings for the overall game engine.

-
+ @@ -136,7 +139,7 @@ function items() $hasItems = false; while ($row = $items->fetchArray(SQLITE3_BOTH)) { $hasItems = true; - $page .= "\n"; + $page .= "\n"; } if (!$hasItems) $page .= "\n"; @@ -171,7 +174,7 @@ function edititem($id) $page = <<Edit Items

- +
Game Open:
Close the game if you are upgrading or working on settings and don't want to cause odd errors for end-users. Closing the game will completely halt all activity.
Game Name:
Default is "Dragon Knight". Change this if you want to change to call your game something different.
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No items found.
@@ -211,7 +214,7 @@ function drops() $has_drops = false; while ($row = $drops->fetchArray(SQLITE3_ASSOC)) { $has_drops = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_drops) { $page .= "\n"; } @@ -249,7 +252,7 @@ function editdrop($id) $page = <<Edit Drops

- +
ID:{{id}}
Name:
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No drops found.
@@ -284,7 +287,7 @@ function towns() $has_towns = false; while ($row = $towns->fetchArray(SQLITE3_ASSOC)) { $has_towns = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_towns) $page .= "\n"; @@ -330,7 +333,7 @@ function edittown($id) $page = <<Edit Towns

- +
ID:{{id}}
Name:
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No towns found.
@@ -368,7 +371,7 @@ function monsters() $has_monsters = false; while ($row = $monsters->fetchArray(SQLITE3_ASSOC)) { $has_monsters = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_monsters) { $page .= "\n"; } @@ -411,7 +414,7 @@ function editmonster($id) $page = <<Edit Monsters

- +
ID:{{id}}
Name:
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No monsters found.
@@ -443,7 +446,7 @@ function spells() while ($row = $spells->fetchArray(SQLITE3_ASSOC)) { $has_spells = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_spells) { $page .= "\n"; } @@ -478,7 +481,7 @@ function editspell($id) $page = <<Edit Spells

- +
ID:{{id}}
Name:
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No spells found.
@@ -511,7 +514,7 @@ function levels() $page = <<Edit Levels
Select a level number from the dropdown box to edit it.

- + @@ -610,7 +613,7 @@ function editlevel() $page = <<Edit Levels

Experience values for each level should be the cumulative total amount of experience up to this point. All other values should be only the new amount to add this level.

- +
ID:{{id}}
Name:
@@ -661,7 +664,7 @@ function users() while ($row = $users->fetchArray(SQLITE3_ASSOC)) { $has_users = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_users) { $page .= "\n"; } @@ -800,7 +803,7 @@ function edituser($id) $page = <<Edit Users

- +
ID:{{id}}
".$row["id"]."".$row["username"]."
".$row["id"]."".$row["username"]."
No spells found.
@@ -904,7 +907,7 @@ function addnews() $page = <<Add A News Post

- + Type your post below and then click Submit to add it.

diff --git a/src/bootstrap.php b/src/bootstrap.php index d11fa0d..d809d11 100644 --- a/src/bootstrap.php +++ b/src/bootstrap.php @@ -10,6 +10,7 @@ require_once 'actions/towns.php'; require_once 'actions/fight.php'; require_once 'actions/forum.php'; require_once 'actions/install.php'; +require_once 'actions/admin.php'; $uri = uri(); @@ -41,5 +42,10 @@ if (!file_exists('../.installed') && $uri[0] !== 'install') { header("Location: users.php?do=verify"); exit; } + + // Ensure the user can't use the admin panel. + if ($userrow['authlevel'] !== 1 && $uri[0] === 'admin') { + redirect('/'); + } } } diff --git a/src/lib.php b/src/lib.php index 04b0832..805c780 100644 --- a/src/lib.php +++ b/src/lib.php @@ -141,7 +141,7 @@ function display($content, $title, $topnav=true, $leftnav=true, $rightnav=true, if ($userrow["longitude"] < 0) { $userrow["longitude"] = $userrow["longitude"] * -1 . "W"; } else { $userrow["longitude"] .= "E"; } $userrow["experience"] = number_format($userrow["experience"]); $userrow["gold"] = number_format($userrow["gold"]); - if ($userrow["authlevel"] == 1) { $userrow["adminlink"] = "Admin
"; } else { $userrow["adminlink"] = ""; } + if ($userrow["authlevel"] == 1) { $userrow["adminlink"] = "Admin
"; } else { $userrow["adminlink"] = ""; } // HP/MP/TP bars. $stathp = ceil($userrow["currenthp"] / $userrow["maxhp"] * 100); diff --git a/templates/admin.php b/templates/admin.php index c9cc0da..c5f3807 100644 --- a/templates/admin.php +++ b/templates/admin.php @@ -1,5 +1,5 @@ {{title}}
ID:{{id}}
Username:{{username}}