From 30588252d867d64de5c8d0cc67fa3a4bc321b7b9 Mon Sep 17 00:00:00 2001 From: Sky Johnson Date: Fri, 13 Dec 2024 16:09:57 -0600 Subject: [PATCH] Moved admin to new router/actions model --- public/index.php | 1 + {public => src/actions}/admin.php | 99 ++++++++++++++++--------------- src/bootstrap.php | 6 ++ src/lib.php | 2 +- templates/admin.php | 25 ++++---- 5 files changed, 71 insertions(+), 62 deletions(-) rename {public => src/actions}/admin.php (95%) diff --git a/public/index.php b/public/index.php index ec4a7a2..6263fa0 100644 --- a/public/index.php +++ b/public/index.php @@ -32,6 +32,7 @@ Users\register_routes($r); Help\register_routes($r); Forum\register_routes($r); Install\register_routes($r); +Admin\register_routes($r); $r->post('/move', 'move'); diff --git a/public/admin.php b/src/actions/admin.php similarity index 95% rename from public/admin.php rename to src/actions/admin.php index 32dbb86..fbe08d1 100644 --- a/public/admin.php +++ b/src/actions/admin.php @@ -2,41 +2,44 @@ // admin.php :: primary administration script. -require_once '../src/lib.php'; +namespace Admin; -if (!file_exists('../.installed')) redirect('install.php'); +use Router; -$controlrow = get_control_row(); - -// Login (or verify) if not logged in. -if (($userrow = checkcookies()) === false) { - if (isset($_GET['do']) && $_GET['do'] === 'verify') redirect('users.php?do=verify'); - redirect('/login'); +function register_routes(Router $r): Router +{ + global $userrow; + if (isset($userrow) && $userrow !== false && $userrow['authlevel'] === 1) { + $r->get('/admin', 'Admin\donothing'); + $r->get('/admin/main', 'Admin\primary'); + $r->post('/admin/main', 'Admin\primary'); + $r->get('/admin/items', 'Admin\items'); + $r->get('/admin/items/:id', 'Admin\edititem'); + $r->post('/admin/items/:id', 'Admin\edititem'); + $r->get('/admin/drops', 'Admin\drops'); + $r->get('/admin/drops/:id', 'Admin\editdrop'); + $r->post('/admin/drops/:id', 'Admin\editdrop'); + $r->get('/admin/towns', 'Admin\towns'); + $r->get('/admin/towns/:id', 'Admin\edittown'); + $r->post('/admin/towns/:id', 'Admin\edittown'); + $r->get('/admin/monsters', 'Admin\monsters'); + $r->get('/admin/monsters/:id', 'Admin\editmonster'); + $r->post('/admin/monsters/:id', 'Admin\editmonster'); + $r->get('/admin/level', 'Admin\levels'); + $r->get('/admin/level/:id', 'Admin\editlevel'); + $r->post('/admin/level/:id', 'Admin\editlevel'); + $r->get('/admin/spells', 'Admin\spells'); + $r->get('/admin/spells/:id', 'Admin\editspell'); + $r->post('/admin/spells/:id', 'Admin\editspell'); + $r->get('/admin/users', 'Admin\users'); + $r->get('/admin/users/:id', 'Admin\edituser'); + $r->post('/admin/users/:id', 'Admin\edituser'); + $r->get('/admin/news', 'Admin\addnews'); + $r->post('/admin/news', 'Admin\addnews'); + } + return $r; } -if ($userrow["authlevel"] !== 1) exit("You must have administrator privileges to use the control panel."); - -$do = explode(':', $_GET['do'] ?? ''); -match ($do[0]) { - 'main' => primary(), - 'items' => items(), - 'edititem' => edititem($do[1]), - 'drops' => drops(), - 'editdrop' => editdrop($do[1]), - 'towns' => towns(), - 'edittown' => edittown($do[1]), - 'monsters' => monsters(), - 'editmonster' => editmonster($do[1]), - 'levels' => levels(), - 'editlevel' => editlevel(), - 'spells' => spells(), - 'editspell' => editspell($do[1]), - 'users' => users(), - 'edituser' => edituser($do[1]), - 'news' => addnews(), - default => donothing() -}; - function donothing() { $page = <<query('UPDATE control SET gamename=?, gamesize=?, class1name=?, class2name=?, class3name=?, gameopen=?, verifyemail=?, gameurl=?, adminemail=?, shownews=?, showonline=?, showbabble=? WHERE id=1;', [ - $form['gamename'], $form['gamesize'], $form['class1name'], $form['class1name'], $form['class1name'], $form['gameopen'], $form['verifyemail'], $form['gameurl'], $form['adminemail'], $form['shownews'], $form['showonline'], $form['showbabble'] + $form['gamename'], $form['gamesize'], $form['class1name'], $form['class2name'], $form['class3name'], $form['gameopen'], $form['verifyemail'], $form['gameurl'], $form['adminemail'], $form['shownews'], $form['showonline'], $form['showbabble'] ]); admindisplay("Settings updated.", "Main Settings"); @@ -95,7 +98,7 @@ function primary() $page = <<Main Settings
These options control several major settings for the overall game engine.

-
+ @@ -136,7 +139,7 @@ function items() $hasItems = false; while ($row = $items->fetchArray(SQLITE3_BOTH)) { $hasItems = true; - $page .= "\n"; + $page .= "\n"; } if (!$hasItems) $page .= "\n"; @@ -171,7 +174,7 @@ function edititem($id) $page = <<Edit Items

- +
Game Open:
Close the game if you are upgrading or working on settings and don't want to cause odd errors for end-users. Closing the game will completely halt all activity.
Game Name:
Default is "Dragon Knight". Change this if you want to change to call your game something different.
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No items found.
@@ -211,7 +214,7 @@ function drops() $has_drops = false; while ($row = $drops->fetchArray(SQLITE3_ASSOC)) { $has_drops = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_drops) { $page .= "\n"; } @@ -249,7 +252,7 @@ function editdrop($id) $page = <<Edit Drops

- +
ID:{{id}}
Name:
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No drops found.
@@ -284,7 +287,7 @@ function towns() $has_towns = false; while ($row = $towns->fetchArray(SQLITE3_ASSOC)) { $has_towns = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_towns) $page .= "\n"; @@ -330,7 +333,7 @@ function edittown($id) $page = <<Edit Towns

- +
ID:{{id}}
Name:
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No towns found.
@@ -368,7 +371,7 @@ function monsters() $has_monsters = false; while ($row = $monsters->fetchArray(SQLITE3_ASSOC)) { $has_monsters = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_monsters) { $page .= "\n"; } @@ -411,7 +414,7 @@ function editmonster($id) $page = <<Edit Monsters

- +
ID:{{id}}
Name:
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No monsters found.
@@ -443,7 +446,7 @@ function spells() while ($row = $spells->fetchArray(SQLITE3_ASSOC)) { $has_spells = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_spells) { $page .= "\n"; } @@ -478,7 +481,7 @@ function editspell($id) $page = <<Edit Spells

- +
ID:{{id}}
Name:
".$row["id"]."".$row["name"]."
".$row["id"]."".$row["name"]."
No spells found.
@@ -511,7 +514,7 @@ function levels() $page = <<Edit Levels
Select a level number from the dropdown box to edit it.

- + @@ -610,7 +613,7 @@ function editlevel() $page = <<Edit Levels

Experience values for each level should be the cumulative total amount of experience up to this point. All other values should be only the new amount to add this level.

- +
ID:{{id}}
Name:
@@ -661,7 +664,7 @@ function users() while ($row = $users->fetchArray(SQLITE3_ASSOC)) { $has_users = true; - $page .= "\n"; + $page .= "\n"; } if (!$has_users) { $page .= "\n"; } @@ -800,7 +803,7 @@ function edituser($id) $page = <<Edit Users

- +
ID:{{id}}
".$row["id"]."".$row["username"]."
".$row["id"]."".$row["username"]."
No spells found.
@@ -904,7 +907,7 @@ function addnews() $page = <<Add A News Post

- + Type your post below and then click Submit to add it.

diff --git a/src/bootstrap.php b/src/bootstrap.php index d11fa0d..d809d11 100644 --- a/src/bootstrap.php +++ b/src/bootstrap.php @@ -10,6 +10,7 @@ require_once 'actions/towns.php'; require_once 'actions/fight.php'; require_once 'actions/forum.php'; require_once 'actions/install.php'; +require_once 'actions/admin.php'; $uri = uri(); @@ -41,5 +42,10 @@ if (!file_exists('../.installed') && $uri[0] !== 'install') { header("Location: users.php?do=verify"); exit; } + + // Ensure the user can't use the admin panel. + if ($userrow['authlevel'] !== 1 && $uri[0] === 'admin') { + redirect('/'); + } } } diff --git a/src/lib.php b/src/lib.php index 04b0832..805c780 100644 --- a/src/lib.php +++ b/src/lib.php @@ -141,7 +141,7 @@ function display($content, $title, $topnav=true, $leftnav=true, $rightnav=true, if ($userrow["longitude"] < 0) { $userrow["longitude"] = $userrow["longitude"] * -1 . "W"; } else { $userrow["longitude"] .= "E"; } $userrow["experience"] = number_format($userrow["experience"]); $userrow["gold"] = number_format($userrow["gold"]); - if ($userrow["authlevel"] == 1) { $userrow["adminlink"] = "Admin
"; } else { $userrow["adminlink"] = ""; } + if ($userrow["authlevel"] == 1) { $userrow["adminlink"] = "Admin
"; } else { $userrow["adminlink"] = ""; } // HP/MP/TP bars. $stathp = ceil($userrow["currenthp"] / $userrow["maxhp"] * 100); diff --git a/templates/admin.php b/templates/admin.php index c9cc0da..c5f3807 100644 --- a/templates/admin.php +++ b/templates/admin.php @@ -1,5 +1,5 @@ {{title}}
ID:{{id}}
Username:{{username}}