admin/30882-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

admin

Browse Source
This commit is contained in:
Flatlogic Bot 2025-09-17 10:34:40 +00:00
parent 415571db64
commit 96ee530283
8 changed files with 262 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
admin.php
View File

@ -1,6 +1,13 @@
<?php
session_start();
require_once 'db/config.php';
if (!isset($_SESSION['user_id'])) {
header('Location: login.php');
exit;
}
// Handle deletion
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_id'])) {
try {
@ -41,6 +48,7 @@ try {
<div class="container">
<a class="navbar-brand" href="/">My Awesome Blog</a>
<a href="admin.php" class="nav-link">Admin</a>
<a href="logout.php" class="nav-link">Logout</a>
</div>
</nav>

14
db/migrate.php Normal file
View File

@ -0,0 +1,14 @@
<?php
$migrations_dir = __DIR__ . '/migrations';
$migration_files = glob($migrations_dir . '/*.php');
foreach ($migration_files as $file) {
require_once $file;
$function_name = 'migrate_' . basename($file, '.php');
if (function_exists($function_name)) {
$function_name();
} else {
echo "Migration function {$function_name} not found in {$file}.\n";
}
}

23
db/migrations/001_create_users_table.php Normal file
View File

@ -0,0 +1,23 @@
<?php
require_once __DIR__ . '/../config.php';
function migrate_001_create_users_table() {
try {
$pdo = db();
$sql = "
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(255) NOT NULL,
`password` varchar(255) NOT NULL,
`created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
";
$pdo->exec($sql);
echo "Migration 001: Users table created successfully.\n";
} catch (PDOException $e) {
die("Migration 001 failed: " . $e->getMessage() . "\n");
}
}

8
editor.php
View File

@ -1,6 +1,13 @@
<?php
session_start();
require_once 'db/config.php';
if (!isset($_SESSION['user_id'])) {
header('Location: login.php');
exit;
}
$post = [
'id' => null,
'title' => '',
@ -79,6 +86,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<div class="container">
<a class="navbar-brand" href="/">My Awesome Blog</a>
<a href="admin.php" class="nav-link">Admin</a>
<a href="logout.php" class="nav-link">Logout</a>
</div>
</nav>

9
index.php
View File

@ -1,4 +1,5 @@
<?php
session_start();
require_once 'db/config.php';
$posts = [];
try {
@ -71,7 +72,13 @@ try {
<footer class="footer mt-auto py-3 bg-white border-top">
<div class="container text-center">
<span class="text-muted">&copy; <?php echo date("Y"); ?> My Awesome Blog. All Rights Reserved. | <a href="admin.php">Admin</a></span>
<span class="text-muted">&copy; <?php echo date("Y"); ?> My Awesome Blog. All Rights Reserved. |
<?php if (isset($_SESSION['user_id'])): ?>
<a href="admin.php">Admin</a> | <a href="logout.php">Logout</a>
<?php else: ?>
<a href="login.php">Login</a>
<?php endif; ?>
</span>
</div>
</footer>

89
login.php Normal file
View File

@ -0,0 +1,89 @@
<?php
session_start();
require_once 'db/config.php';
$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($username) || empty($password)) {
$error = 'Please fill in all fields.';
} else {
try {
$stmt = db()->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
header("Location: admin.php");
exit;
} else {
$error = 'Invalid username or password.';
}
} catch (PDOException $e) {
$error = "Error: " . $e->getMessage();
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login - My Blog</title>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Georgia&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
</head>
<body class="bg-light-gray">
<header class="bg-white shadow-md">
<div class="container mx-auto px-4 py-6">
<h1 class="text-3xl font-serif text-dark-gray"><a href="index.php">My Blog</a></h1>
</div>
</header>
<main class="container mx-auto px-4 py-12">
<div class="max-w-md mx-auto bg-white p-8 rounded-lg shadow-md">
<h2 class="text-2xl font-bold mb-6 text-center">Admin Login</h2>
<?php if ($error): ?>
<div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative mb-4" role="alert">
<span class="block sm:inline"><?php echo htmlspecialchars($error); ?></span>
</div>
<?php endif; ?>
<form action="login.php" method="POST">
<div class="mb-4">
<label for="username" class="block text-gray-700 text-sm font-bold mb-2">Username</label>
<input type="text" id="username" name="username" required
class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline">
</div>
<div class="mb-6">
<label for="password" class="block text-gray-700 text-sm font-bold mb-2">Password</label>
<input type="password" id="password" name="password" required
class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline">
</div>
<div class="flex items-center justify-between">
<button type="submit"
class="bg-blue-500 hover:bg-blue-700 text-white font-bold py-2 px-4 rounded focus:outline-none focus:shadow-outline">
Sign In
</button>
<a href="register.php" class="inline-block align-baseline font-bold text-sm text-blue-500 hover:text-blue-800">
Register
</a>
</div>
</form>
</div>
</main>
<footer class="bg-white mt-12">
<div class="container mx-auto px-4 py-6 text-center text-gray-600">
<p>&copy; <?php echo date('Y'); ?> My Blog. All rights reserved.</p>
</div>
</footer>
</body>
</html>

6
logout.php Normal file
View File

@ -0,0 +1,6 @@
<?php
session_start();
session_unset();
session_destroy();
header("Location: login.php");
exit;

106
register.php Normal file
View File

@ -0,0 +1,106 @@
<?php
session_start();
require_once 'db/config.php';
$error = '';
$success = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
$password_confirm = $_POST['password_confirm'] ?? '';
if (empty($username) || empty($password) || empty($password_confirm)) {
$error = 'Please fill in all fields.';
} elseif ($password !== $password_confirm) {
$error = 'Passwords do not match.';
} else {
try {
$stmt = db()->prepare("SELECT id FROM users WHERE username = ?");
$stmt->execute([$username]);
if ($stmt->fetch()) {
$error = 'Username already exists.';
} else {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$stmt = db()->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
$stmt->execute([$username, $hashed_password]);
$success = 'Registration successful! You can now <a href="login.php" class="font-bold text-blue-700">log in</a>.';
}
} catch (PDOException $e) {
if ($e->getCode() === '42S02') { // Base table not found
$error = 'The application has not been fully set up. Please run the database migrations.';
} else {
$error = "Error: " . $e->getMessage();
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Register - My Blog</title>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Georgia&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
</head>
<body class="bg-light-gray">
<header class="bg-white shadow-md">
<div class="container mx-auto px-4 py-6">
<h1 class="text-3xl font-serif text-dark-gray"><a href="index.php">My Blog</a></h1>
</div>
</header>
<main class="container mx-auto px-4 py-12">
<div class="max-w-md mx-auto bg-white p-8 rounded-lg shadow-md">
<h2 class="text-2xl font-bold mb-6 text-center">Create an Account</h2>
<?php if ($error): ?>
<div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative mb-4" role="alert">
<span class="block sm:inline"><?php echo htmlspecialchars($error); ?></span>
</div>
<?php endif; ?>
<?php if ($success): ?>
<div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded relative mb-4" role="alert">
<span class="block sm:inline"><?php echo $success; ?></span>
</div>
<?php else: ?>
<form action="register.php" method="POST">
<div class="mb-4">
<label for="username" class="block text-gray-700 text-sm font-bold mb-2">Username</label>
<input type="text" id="username" name="username" required
class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline">
</div>
<div class="mb-4">
<label for="password" class="block text-gray-700 text-sm font-bold mb-2">Password</label>
<input type="password" id="password" name="password" required
class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline">
</div>
<div class="mb-6">
<label for="password_confirm" class="block text-gray-700 text-sm font-bold mb-2">Confirm Password</label>
<input type="password" id="password_confirm" name="password_confirm" required
class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline">
</div>
<div class="flex items-center justify-between">
<button type="submit"
class="bg-blue-500 hover:bg-blue-700 text-white font-bold py-2 px-4 rounded focus:outline-none focus:shadow-outline">
Register
</button>
<a href="login.php" class="inline-block align-baseline font-bold text-sm text-blue-500 hover:text-blue-800">
Login
</a>
</div>
</form>
<?php endif; ?>
</div>
</main>
<footer class="bg-white mt-12">
<div class="container mx-auto px-4 py-6 text-center text-gray-600">
<p>&copy; <?php echo date('Y'); ?> My Blog. All rights reserved.</p>
</div>
</footer>
</body>
</html>