-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathadmin.php
More file actions
143 lines (138 loc) · 5.51 KB
/
admin.php
File metadata and controls
143 lines (138 loc) · 5.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
<?php
/******
*
* DDNS Update Utility
* Developped by Arthur Mayer, a.mayer@citex.net
* Released under LGPL, Apache and BSD licenses (use the one you want)
*
******/
# php datetime to unix timestamp
function unixTimestamp($timestamp){
$timestamp = date_parse($timestamp);
$timestamp = mktime(
$timestamp['hour'],
$timestamp['minute'],
$timestamp['second'],
$timestamp['month'],
$timestamp['day'],
$timestamp['year'],
-1 # 1 if the time is during daylight savings time (DST), 0 if it is not, -1 if it is unknown
);
return $timestamp;
}
# "time ago" for last update
# use to unix timestamps: $registered = timeAgo($row['registered']);
# use to php datetime: $registered = timeAgo(unixTimestamp($row['registered']));
function timeAgo($timestamp, $granularity=2){
$difference = time() - $timestamp;
if ($difference < 0) { return 'less than a second'; }
$periods = array(
'year' => 12 * 30 * 24 * 60 * 60,
'month' => 30 * 24 * 60 * 60,
'week' => 7 * 24 * 60 * 60,
'day' => 24 * 60 * 60,
'hr' => 60 * 60,
'min' => 60,
'sec' => 1
);
$output = '';
foreach($periods as $key => $value){
if($difference >= $value){
$time = round($difference / $value);
$difference %= $value;
$output .= ($output ? ' ' : '').$time.' ';
$output .= (($time > 1 && $key == 'day') ? $key.'s' : $key);
$granularity--;
}
if($granularity == 0) break;
}
return $output;
}
# admin panel, list users, edit, delete, activate, deactivate.
# since i made this script for my own usage, there are no confirmation dialogs like "do you really want to delete this user"
# and no error treating, so be carefull. you are welcome to improve this script ;)
if ($_SESSION['adminloggedin'] == 'muy bien') {
$id = $_POST['id'];
$userspass = $_POST['userspass'];
if(isset($_POST['set'])){
$sql = "UPDATE accounts SET password = '$userspass' WHERE A_id = '$id'";
$update = $db->query($sql);
# NOT TODO: we could also give options to change username and domain of user, but
# this does not make any sense, we can simply delete user and create new one.
# if you want to realize those options, do not forget to "nsupdate delete" the old zone entry,
# the new zone entry will be created automatically at next update.
# always keep the zone clean!
}
if(isset($_POST['delete'])) {
$sql = "DELETE FROM accounts WHERE A_id ='$id'";
$delete = $db->query($sql);
# TODO: add here "nsupdate delete" to keep the zone clean. example nsupdate template:
# nsupdate template already there, inc/templates.php, $CLEAN_TEMPLATE
}
if(isset($_POST['allow'])){
$sql = "UPDATE accounts SET approved = '1' WHERE A_id = '$id'";
$update = $db->query($sql);
}
if(isset($_POST['block'])){
$sql = "UPDATE accounts SET approved = '0' WHERE A_id = '$id'";
$update = $db->query($sql);
}
$sql = "SELECT D.D_id, D.domain, A.A_id, A.user, A.password, A.dmnid, A.approved, A.email, A.registered, A.lastupdate, A.ip FROM domains AS D INNER JOIN accounts AS A ON D.D_id = A.dmnid";
$result = $db->query($sql);
$list .= '<div class="spacer top"></div>
<form method="post" action="index.php?site=admin" class="inlineform" name="admin'.$row['A_id'].'">
<table class="adminlist">
<thead>
<tr>';
$list .= '<th align="right">id</th>
<th align="left">Host</th>
<th></th>
<th></th>
<th align="left">pass</th>
<th>eMail</th>
<th>Registered</th>
<th></th>
<th align="left">Current IP</th>
<th align="left">Update IP</th>
<th align="left">Last update</th>';
$list .= '</tr>
</thead>
<tbody>';
while ($row = $result->fetch_assoc()) {
$list .= '<tr>';
$list .= '<td align="right"><b>'.$row['A_id'].'</b></td>';
$list .= '<td>'.$row['user'].'.'.$row['domain'].'</td>';
$list .= '<td><input type="hidden" name="id" value="'.$row['A_id'].'" />';
$list .= '<input type="Submit" value="delete" name="delete" class="btn btn-danger"></td>';
$list .= '<td>';
if ($row['approved'] == 0) { $list .= '<input type="Submit" value="allow" name="allow" class="btn btn-success">'; }
else { $list .= '<input type="Submit" value="block" name="block" class="btn btn-warning">'; }
$list .= '</td>';
# on the next line you may want to change input type to password, or even not to query the password from database in the statement above.
$list .= '<td><div class="input-group input-group-sm">
<input type="text" name="userspass" value="'.$row['password'].'" size="10" class="form-control" />
<input type="Submit" value="set" name="set" class="btn btn-primary input-group-addon right">
</div></td>';
$list .= '<td>'.$row['email'].'</td>';
$registered = timeAgo($row['registered']); # call function to convert timestamp to "time ago" string
$list .= '<td>'.$registered.'</td>'; # "time ago" string
$list .= '<td><a href="http://'.$row['user'].'.'.$row['domain'].'" target="_blank"><img src="images/globe_go.png"></a></td>';
$currip = gethostbyname($row['user'].'.'.$row['domain']);
$list .= '<td>'.$currip.'</td>';
$list .= '<td>'.$row['ip'].'</td>';
#$list .= '<td>'.$row['lastupdate'].'</td>'; # normal timestamp Y-m-d H:i:s ## omfg, i forgot why i created this line and also why commented it out. maybe for debugging? guess we can delete it. xD
$lastupdate = timeAgo($row['lastupdate']); # call function to convert timestamp to "time ago" string
$list .= '<td>'.$lastupdate.'</td>'; # "time ago" string
$list .= '</tr>';
$list .= "\n";
}
$list .= '</tbody>
</table>
</form>
<div class="spacer bottom"></div>';
echo $list;
}
else {
echo '<h2>Administration</h2><p>Access denied!</p>';
}
?>