KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixing backend bugs with admin password and added new error message

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2015-02-12 13:43:14 +01:00
parent b03f8d4356
commit a61846beab
4 changed files with 26 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
index.php
View File

@@ -12,7 +12,7 @@
</head> </head>
<body> <body>
<div id="sBar"></div> <div id="sBar"></div>
<div id="eBar">Error: Wrong Admin Password</div> <div id="eBar"></div>
<div class="bgimage" id="bgimage"></div> <div class="bgimage" id="bgimage"></div>
<div class="top vcent centered"> <div class="top vcent centered">
<div id="change" class="small"> <div id="change" class="small">

13
js/admin.js
View File

@@ -42,7 +42,11 @@ function submitAdmin(form)
document.getElementById("sBar").innerHTML = "Successfully applied settings."; document.getElementById("sBar").innerHTML = "Successfully applied settings.";
$("#sBar").addClass("opacityFull"); $("#sBar").addClass("opacityFull");
document.getElementById("passbox").value = ""; document.getElementById("passbox").value = "";
}else{ $("#eBar").addClass("opacityFull");document.getElementById("passbox").value = "";/*$("#adminPanel").addClass("fadeerror");*/} }else{
document.getElementById("sBar").innerHTML = "Error: Wrong Admin Password!";
$("#eBar").addClass("opacityFull");
document.getElementById("passbox").value = "";/*$("#adminPanel").addClass("fadeerror");*/
}
console.log(pass_corr); console.log(pass_corr);
updateList(); updateList();
@@ -72,8 +76,13 @@ function shuffle(form)
document.getElementById("sBar").innerHTML = "Successfully shuffled playlist."; document.getElementById("sBar").innerHTML = "Successfully shuffled playlist.";
$("#sBar").addClass("opacityFull"); $("#sBar").addClass("opacityFull");
updateList(); updateList();
}else if(confRes = "wrong!") }else if(confRes = "wrong!"){
document.getElementById("sBar").innerHTML = "Error: Wrong Admin Password!";
$("#eBar").addClass("opacityFull"); $("#eBar").addClass("opacityFull");
}else if(confRes = "size"){
document.getElementById("sBar").innerHTML = "Error: Empty Playlist!";
$("#eBar").addClass("opacityFull");
}
setTimeout(function(){ setTimeout(function(){
$("#adminPanel").removeClass("success"); $("#adminPanel").removeClass("success");
$("#adminPanel").removeClass("fadeerror"); $("#adminPanel").removeClass("fadeerror");

1
js/search.js
View File

@@ -202,6 +202,7 @@ function submit(id,title,type){
{ {
//alert("Wrong adminpassword"); //alert("Wrong adminpassword");
$("#search").addClass("error"); $("#search").addClass("error");
document.getElementById("sBar").innerHTML = "Error: Wrong Admin Password!";
$("#eBar").addClass("opacityFull"); $("#eBar").addClass("opacityFull");
}else{ }else{
//$("#search").addClass("success"); //$("#search").addClass("success");

19
php/change.php
View File

@@ -8,7 +8,7 @@ if($list[1]==""||!isset($list[1])||count($list)<=1)$list="videos";
else $list=$list[1]; else $list=$list[1];
$list="../lists/".$list.".json"; //actually setting the list for the target. Under is the array for an empty list being created $list="../lists/".$list.".json"; //actually setting the list for the target. Under is the array for an empty list being created
$array = array("nowPlaying" => array("30H2Z8Lr-4c" => array("id" => "30H2Z8Lr-4c", "title" => "Empty Channel, search to add a video")), "songs" => array(), "conf" => array("startTime" => time(), "views" => array(), "skips" => array())); $array = array("nowPlaying" => array("30H2Z8Lr-4c" => array("id" => "30H2Z8Lr-4c", "title" => "Empty Channel, search to add a video")), "songs" => array(), "conf" => array("startTime" => time(), "views" => array(), "skips" => array(), "vote" => "false", "addsongs" => "false", "longsongs" => "true", "frontpage" => "true", "allvideos" => "true", "removeplay" => "false", "adminpass" => ""));
$array = json_encode($array); //encoding the array $array = json_encode($array); //encoding the array
$f = @fopen($list,"x"); //opening a file, ignoring warnings $f = @fopen($list,"x"); //opening a file, ignoring warnings
if($f){ fwrite($f,$array); fclose($f); } //if the file doesn't exist, we create a new one, and adds the newly made array there if($f){ fwrite($f,$array); fclose($f); } //if the file doesn't exist, we create a new one, and adds the newly made array there
@@ -27,8 +27,12 @@ if(isset($_REQUEST['shuffle'])){ //shuffle songs in list
$q = array_key_exists("adminpass", $q); $q = array_key_exists("adminpass", $q);
$pass = htmlspecialchars($_GET['pass']); $pass = htmlspecialchars($_GET['pass']);
$x = explode("/", htmlspecialchars(strtolower($_SERVER["REQUEST_URI"]))); $x = explode("/", htmlspecialchars(strtolower($_SERVER["REQUEST_URI"])));
if($pass != "")
$pass=crypt($pass, '$6$rounds=9001$'.$x[1].'Fuck0ffuSn34kyn!ggerzZ$'); $pass=crypt($pass, '$6$rounds=9001$'.$x[1].'Fuck0ffuSn34kyn!ggerzZ$');
if($pass == $data["conf"]["adminpass"]) { if(sizeof($data["songs"]) == 0){
die("size");
}
if($pass == $data["conf"]["adminpass"] || $data["conf"]["adminpass"] == "") {
//shuffle($data["songs"]); //shuffle($data["songs"]);
foreach($data["songs"] as $k=>$v) { foreach($data["songs"] as $k=>$v) {
@@ -120,7 +124,8 @@ else if(isset($_GET['v'])){ //if it
$name = htmlspecialchars($_GET['n']); //name of the video $name = htmlspecialchars($_GET['n']); //name of the video
if($np[0]["id"] == "30H2Z8Lr-4c") if($np[0]["id"] == "30H2Z8Lr-4c")
{ {
$q = array("nowPlaying" => array($video => array("id" => $video, "title" => $name, "votes" => 0, "added" => time(), "guids" => array())), "songs" => array(), "conf" => array("startTime" => time(), "views" => array(), "skips" => array())); $q = array("nowPlaying" => array($video => array("id" => $video, "title" => $name, "votes" => 0, "added" => time(), "guids" => array())), "songs" => array(), "conf" => array("startTime" => time(), "views" => array(), "skips" => array(), "vote" => "false", "addsongs" => "false", "longsongs" => "true", "frontpage" => "true", "allvideos" => "true", "removeplay" => "false", "adminpass" => ""));
//$q = array("nowPlaying" => array($video => array("id" => $video, "title" => $name, "votes" => 0, "added" => time(), "guids" => array())), "songs" => array(), "conf" => array("startTime" => time(), "views" => array(), "skips" => array()));
$q["nowPlaying"][$video]["votes"] = 1; //Upping the votes, so it comes further up than the ones already played $q["nowPlaying"][$video]["votes"] = 1; //Upping the votes, so it comes further up than the ones already played
array_push($q["nowPlaying"][$video]["guids"], $guid); array_push($q["nowPlaying"][$video]["guids"], $guid);
file_put_contents($list, json_encode($q)); file_put_contents($list, json_encode($q));
@@ -243,17 +248,13 @@ else if(isset($_GET['skip'])){ //skip,
$data["conf"]["allvideos"] = $_POST['allvideos']; $data["conf"]["allvideos"] = $_POST['allvideos'];
$data["conf"]["removeplay"] = $_POST['removeplay']; $data["conf"]["removeplay"] = $_POST['removeplay'];
$pass = htmlspecialchars($_POST['pass']); $pass = htmlspecialchars($_POST['pass']);
if($pass != ""){
$x = explode("/", htmlspecialchars(strtolower($_SERVER["REQUEST_URI"]))); $x = explode("/", htmlspecialchars(strtolower($_SERVER["REQUEST_URI"])));
$pass=crypt($pass, '$6$rounds=9001$'.$x[1].'Fuck0ffuSn34kyn!ggerzZ$'); $pass=crypt($pass, '$6$rounds=9001$'.$x[1].'Fuck0ffuSn34kyn!ggerzZ$');
}
$q = $data["conf"]; $q = $data["conf"];
$q = array_key_exists("adminpass", $q); $q = array_key_exists("adminpass", $q);
//$data["conf"]["vote"] = $vote;
//$data["conf"]["addsongs"] = $addsongs;
//$data["conf"]["longsongs"] = $longsongs;
//$data["conf"]["frontpage"] = $frontpage;
//$data["conf"]["allvideos"] = $allvideos;
//$data["conf"]["removeplay"] = $removeplay;
if($data["conf"]["adminpass"] == $pass || $q != 1 || $data["conf"]["adminpass"] == "") //if the password is the same as the one in the jsonfile, we are updating the settings (not in use yet) if($data["conf"]["adminpass"] == $pass || $q != 1 || $data["conf"]["adminpass"] == "") //if the password is the same as the one in the jsonfile, we are updating the settings (not in use yet)
{ {
$data["conf"]["adminpass"] = $pass; $data["conf"]["adminpass"] = $pass;