Browse Source

This wasn't a good idea

admin_panel
parent
commit
6bca1a79b2
No known key found for this signature in database GPG Key ID: 630A04EE35E56530
11 changed files with 0 additions and 350 deletions
  1. +0
    -20
      admin/acl.json
  2. +0
    -43
      admin/challenge.php
  3. +0
    -19
      admin/components/json_manager.php
  4. +0
    -30
      admin/components/manage_item.php
  5. +0
    -19
      admin/components/md_manager.php
  6. +0
    -17
      admin/icons.json
  7. +0
    -94
      admin/index.php
  8. +0
    -18
      admin/login.php
  9. +0
    -4
      admin/logout.php
  10. +0
    -46
      admin/manage.php
  11. +0
    -40
      admin/pages/bylaws.php

+ 0
- 20
admin/acl.json View File

@ -1,20 +0,0 @@
{
"[email protected]": [
"*"
],
"[email protected]": [
"*"
],
"[email protected]": [
"chapters"
],
"[email protected]": [
"news",
"edu",
"resources"
],
"[email protected]": [
"membership",
"canary"
]
}

+ 0
- 43
admin/challenge.php View File

@ -1,43 +0,0 @@
<?php
// Copyright (C) 2021 Socialist Rifle Association
//
// This file is part of SRA Website.
//
// website is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// website is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with website. If not, see <http://www.gnu.org/licenses/>.
// This file is a script to challenge the end user for authentication.
// It shall be included at the top all admin panel pages to
// prevent side-channel attacks.
function logout() {
// Clear authentication tokens from browser and server
// TODO: Figure out GSuite auth
// header("Location: https://socialistra.org/admin/login.php");
die("You have been logged out. If you are not automatically redirected, follow <a href='https://socialistra.org/admin/login.php'>this link.</a>");
}
function challenge_auth() {
// TODO: Figure out GSuite auth
$AUTHENTICATED = TRUE;
return $AUTHENTICATED;
}
function challenge_permission() {
$acl = json_decode(file_get_contents("acl.json"), true);
return TRUE;
}
if (!challenge_auth() || !challenge_permission()) {
logout();
}

+ 0
- 19
admin/components/json_manager.php View File

@ -1,19 +0,0 @@
<?php
// Copyright (C) 2021 Aayla Semyonova
//
// This file is part of website.
//
// website is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// website is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with website. If not, see <http://www.gnu.org/licenses/>.
?>

+ 0
- 30
admin/components/manage_item.php View File

@ -1,30 +0,0 @@
<?php
// Copyright (C) 2021 Aayla Semyonova
//
// This file is part of website.
//
// website is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// website is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with website. If not, see <http://www.gnu.org/licenses/>.
?>
<a href="manage.php?page=<?php echo($manageName); ?>">
<li class="state">
<?php
if ($icon != NULL) {
echo "<i class=\"" . $icon . " fa-2x\"></i><br>";
}
?>
<?php echo($displayName); ?>
</li>
</a>

+ 0
- 19
admin/components/md_manager.php View File

@ -1,19 +0,0 @@
<?php
// Copyright (C) 2021 Aayla Semyonova
//
// This file is part of website.
//
// website is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// website is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with website. If not, see <http://www.gnu.org/licenses/>.
?>

+ 0
- 17
admin/icons.json View File

@ -1,17 +0,0 @@
{
"about": "fas fa-question",
"admin": "fas fa-user-astronaut",
"bylaws": "fas fa-book",
"canary": "fas fa-dove",
"chapters": "fas fa-users",
"contact": "fas fa-envelope",
"donate": "fas fa-hand-holding-usd",
"edu": "fas fa-user-graduate",
"instructor": "fas fa-chalkboard-teacher",
"leadership": "fas fa-user-tie",
"membership": "fas fa-id-card",
"news": "fas fa-newspaper",
"resolutions": "fas fa-pen-nib",
"resources": "fas fa-book-open",
"store": "fas fa-shopping-cart"
}

+ 0
- 94
admin/index.php View File

@ -1,94 +0,0 @@
<?php
// Copyright (C) 2021 Aayla Semyonova
//
// This file is part of SRA Website.
//
// website is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// website is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with website. If not, see <http://www.gnu.org/licenses/>.
include("challenge.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Socialist Rifle Association</title>
<?php include("../res/php/headtags.php") ?>
<style type="text/css">
ul.state-cont {
width: 100%;
margin: auto auto;
right: 0;
left: 0;
text-align: center;
margin-left: 0;
padding-left: 0;
}
li.state {
list-style-type: none;
background-color: #d32f2f;
width: 20%;
text-align: center;
margin: 1em;
padding: 25px;
border-radius: 4px;
display: inline-block;
font-weight: bold;
font-family: "HelveticaNeue-Light", "Helvetica Neue Light", "Helvetica Neue", Helvetica, Arial, "Lucida Grande", sans-serif;
color: white;
}
</style>
</head>
<body>
<?php include("../res/php/top.php") ?>
<div id="section-title">Administration Panel</div>
<hr>
<div id="page-content">
<ul class="state-cont">
<?php
$email = "[email protected]";
$dirs = array_filter(glob('../*'), 'is_dir');
$permission = json_decode(file_get_contents("acl.json"), true)[$email];
$icons = json_decode(file_get_contents("icons.json"), true);
foreach ($dirs as $key => $value) {
// Get the name of the directory
$manageName = basename($value);
$displayName = ucwords($manageName);
if (in_array($manageName, $permission) || in_array("*", $permission)) {
if (key_exists($manageName, $icons)) {
$icon = $icons[$manageName];
} else {
$icon = "fas fa-cog";
}
include("components/manage_item.php");
}
}
// Add logout button
$icon = "fas fa-sign-out-alt";
$displayName = "Log Out";
$manageName = "logout";
include("components/manage_item.php");
?>
</ul>
</div>
<?php include("../res/php/bottom.php") ?>
<script src="../res/js/adminpanel.js"></script>
</body>
</html>

+ 0
- 18
admin/login.php View File

@ -1,18 +0,0 @@
<?php
// Copyright (C) 2021 Aayla Semyonova
//
// This file is part of SRA Website.
//
// website is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// website is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with website. If not, see <http://www.gnu.org/licenses/>.

+ 0
- 4
admin/logout.php View File

@ -1,4 +0,0 @@
<?php
include("challenge.php");
logout();
?>

+ 0
- 46
admin/manage.php View File

@ -1,46 +0,0 @@
<?php
// Copyright (C) 2021 Aayla Semyonova
//
// This file is part of website.
//
// website is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// website is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with website. If not, see <http://www.gnu.org/licenses/>.
// Ensure a page is defined
if (!isset($_GET["page"])) {
header("Location: https://socialistra.org/admin");
die("Select a page to manage");
}
$manageTitle = $_GET["page"];
if (!file_exists("../" . $manageTitle)) {
header("Location: https://socialistra.org/admin");
die("Selected page is invalid");
}
$displayTitle = ucwords($_GET["page"]);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Socialist Rifle Association</title>
<?php include("../res/php/headtags.php") ?>
</head>
<body>
<?php include("../res/php/top.php") ?>
<div id="section-title"><?php echo($displayTitle); ?></div>
<hr>
<!-- Content Goes Here -->
<?php include("../res/php/bottom.php") ?>
</body>
</html>

+ 0
- 40
admin/pages/bylaws.php View File

@ -1,40 +0,0 @@
<?php
// Copyright (C) 2021 Aayla Semyonova
//
// This file is part of website.
//
// website is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// website is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with website. If not, see <http://www.gnu.org/licenses/>.
// Test authentication
include("../challenge.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Socialist Rifle Association</title>
<?php include("../../res/php/headtags.php") ?>
</head>
<body>
<?php include("../res/php/top.php") ?>
<div id="section-title">Edit Bylaws</div>
<hr>
<?php
include("../components/md_manager.php");
?>
<?php include("../../res/php/bottom.php") ?>
</body>
</html>

Loading…
Cancel
Save