Eigenlijk is dus de 1e vraag , wat moet ik uit deze code verwijderen zodat er geen admin sectie en password screen meer inzit::
------
code
------
<?
error_reporting(E_ALL ^ E_NOTICE);
// ************************** CONFIG **************************
// ************************************************************
$ppp = 7; // posts to display per page
$adminname = "admin";
$adminpwd = "pass";
$adminexpire = 20*60; // time in seconds until admin has to relogin
$wrap = false; // max. length of a word (to avoid bad entries like "hhhheeeeeeeeelllllllllllloooooooooo" that destroy your design)
// ATTENTION: if wysiwyg is on set $wrap=false; otherwise unwanted spaces are insertetd into html tags!!
$dateformat = "%e.%b.%G"; // %e -> day, %b -> short month, %G -> 4digit year; for all possibilities have a look at
http://www.php.net/manual/de/function.strftime.php
$datelang = "en_US"; // language for formatted date output, de_DE -> german formatting; see
http://www.php.net/manual/de/function.setlocale.php
//WYSIWYG editor settings
$wysiwyg = true; // turn wysiwyg editor on/off
$pathtoscript = ""; // if the mynews.inc.php file is included in a file somewhere outside the mynews folder, this variable has to
// contain the path from the file where mynews.inc.php is included in to the mynews folder. With trailing slash if set!
// language setttings
$txtsign = "add news item"; // menu item text
$txtview = "view news items"; // menu item text
$txtadmin = "admin"; // menu item text
$txtbadtitle = "missing title";
$txtbadstory = "missing story";
$txtclickback = "Click BACK in your browser!";
$txterrors = "Following errors occurred:";
$txtedit = "edit";
$txtdelete = "delete";
$txtoptional = "optional";
// ************************** STYLE DEFs **********************
// ************************************************************
?>
<style type="text/css">
<!--
.smtxt, .smtxt a {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
color: #163968;
}
.smsmall, .smsmall a {
font-size: 9px;
letter-spacing: 0px;
}
-->
</style>
<?
// ************************** misc other variables - do not change **********************
// ************************************ below here! *************************************
// ************************* unless you know what you're doing **************************
$dir=substr(__FILE__, 0, strrpos(__FILE__, "/")+1);
$dat=$dir."data.dat";
$template=$dir."template.inc.php";
$log=$dir."log.dat.php";
$pathtowysiwyg=$pathtoscript."wysiwyg/";
$badwords=explode(",", $badwords);
setlocale(LC_TIME, $datelang);
$me= $_SERVER['PHP_SELF'];
$empty=false;
$now=time();
$version="v1.1";
if (!isset($_GET['hash']) || $_GET['hash']=="") {
srand($now);
for ($i=0; $i<16 ; $i++) $secret.=chr(rand(60, 127));
$secret=md5($secret);
$hash=md5($_SERVER['HTTP_USER_AGENT'].$now.$secret);
}else $hash= $_GET['hash'];
$getvars="?hash=$hash";
if (isset($_REQUEST['do'])) $do=$_REQUEST['do'];
if (isset($_REQUEST['id'])) $id=$_REQUEST['id'];
if (isset($_REQUEST['action'])) $action=$_REQUEST['action'];
if (isset($_REQUEST['title'])) $title=$_REQUEST['title'];
if (isset($_REQUEST['name'])) $name=$_REQUEST['name'];
if (isset($_REQUEST['pwd'])) $pwd=$_REQUEST['pwd'];
if (isset($_REQUEST['email'])) $email=$_REQUEST['email'];
if (isset($_REQUEST['www'])) $www=$_REQUEST['www'];
if (isset($_REQUEST['story'])) $story=$_REQUEST['story'];
if (isset($_REQUEST['time'])) $time=$_REQUEST['time'];
if (isset($_REQUEST['from'])) $from=$_REQUEST['from']; else $from=1;
// ************************** functions ***********************
// ************************************************************
class mdasort {
var $data;
var $sortkeys;
function _sortcmp($a, $b, $i=0) {
$r = strnatcmp($a[$this->sortkeys[$i][0]],$b[$this->sortkeys[$i][0]]);
if ($this->sortkeys[$i][1] == "DESC") $r = $r * -1;
if($r==0) {
$i++;
if ($this->sortkeys[$i]) $r = $this->_sortcmp($a, $b, $i);
}
return $r;
}
function msort() {
if(count($this->sortkeys)) {
usort($this->data,array($this,"_sortcmp"));
}
}
}
function getkey($index, $stuff){
foreach ($stuff->data as $key => $item){
if ($item['id']==$index){
$ret=$key;
break;
}
}
return $ret;
}
function validemail($addr){
return eregi("^[a-z0-9]+([_.-][a-z0-9]+)*@([a-z0-9]+([.-][a-z0-9]+)*)+\\.[a-z]{2,4}$", $addr);
}
function clearoldadmins() {
global $log, $now, $adminexpire;
include($log);
if (count($admins)>0){
$i=0;
$fp=fopen($log, "w");
fputs($fp, "<?\n");
foreach ($admins as $line){
if ($now-$line['time']<$adminexpire)
fputs($fp, "\$admins[$i]['time']=".$line[time]."; \$admins[$i]['hash']='".$line['hash']."';\n");
$i++;
}
fputs($fp, "?>");
fclose($fp);
}
}
function saveposts($stuff){
global $dat;
$fp=fopen($dat, "w");
foreach ($stuff as $item){
$line=$item['id']."|".$item['time']."|".$item['title']."|".$item['story']."\n";
fputs($fp, $line);
}
fclose($fp);
}
function isloggedin() {
global $log, $now, $adminexpire;
include($log);
$logged=false;
if (count($admins)>0){
foreach ($admins as $line){
if ($line['hash']==md5($_GET['hash'])) $logged=true;
}
}
return $logged;
}
function showmenu() {
global $txtsign, $txtview, $txtadmin, $me, $getvars;
echo "<div class='smtxt' style='margin-bottom:8px;'><a href='$me$getvars&do=add'>$txtsign</a> :: <a href='$me$getvars&do=view'>$txtview</a></div>";
}
function emailencoder ($str){
for ($i=0; $i< strlen($str); $i++){
$n=rand(0,10);
if ($n>5) $foo.="&#".ord($str[$i]).";";
else $foo.="&#x".sprintf("%X", ord($str[$i])).";";
}
return $foo;
}
if (!function_exists('str_ireplace'))
{
function str_ireplace ($search, $replace, $subject, $count = null)
{
if (is_string($search) && is_array($replace)) {
trigger_error('Array to string conversion', E_USER_NOTICE);
$replace = (string) $replace;
}
if (!is_array($search)) {
$search = array ($search);
}
if (!is_array($replace))
{
$replace_string = $replace;
$replace = array ();
for ($i = 0, $c = count($search); $i < $c; $i++)
{
$replace[$i] = $replace_string;
}
}
$length_replace = count($replace);
$length_search = count($search);
if ($length_replace < $length_search)
{
for ($i = $length_replace; $i < $length_search; $i++)
{
$replace[$i] = '';
}
}
$was_array = false;
if (!is_array($subject)) {
$was_array = true;
$subject = array ($subject);
}
$count = 0;
foreach ($subject as $subject_key => $subject_value)
{
foreach ($search as $search_key => $search_value)
{
$segments = explode(strtolower($search_value), strtolower($subject_value));
$count += count($segments) - 1;
$pos = 0;
foreach ($segments as $segment_key => $segment_value)
{
$segments[$segment_key] = substr($subject_value, $pos, strlen($segment_value));
$pos += strlen($segment_value) + strlen($search_value);
}
$subject_value = implode($replace[$search_key], $segments);
}
$result[$subject_key] = $subject_value;
}
if ($was_array === true) {
return $result[0];
}
return $result;
}
}
// ************************** MAIN ****************************
// ************************************************************
// init
$foo=file($dat);
$stuff= new mdasort;
$stuff->sortkeys = array(array('time','DESC'));
if (count($foo)==0){
$empty=true;
$nextindex=1;
}else{
$i=0;
foreach ($foo as $line){
$line=explode("|", rtrim($line));
$stuff->data[$i] = array("id" => $line[0], "time" => $line[1], "title" => $line[2], "story" => $line[3]);
$i++;
}
$stuff->sortkeys = array(array('id','DESC'));
$stuff->msort();
$foo=current($stuff->data);
$nextindex=$foo['id']+1;
$stuff->sortkeys = array(array('time','DESC'));
$stuff->msort();
$numposts=count($stuff->data);
}
echo "\n\n<!-- start mynews $version -->\n\n";
echo "<table cellpadding='0' cellspacing='0' border='0'><tr><td align='center'>";
clearoldadmins();
// admin stuff
if ($do=="admin") {
if ($action=="login"){
if ($name==$adminname && $pwd==$adminpwd){
include($log);
$fp=fopen($log, "w");
fputs($fp, "<?\n");
$i=0;
if (count($admins)>0){
foreach ($admins as $line){
fputs($fp, "\$admins[$i]['time']=".$line[time]."; \$admins[$i]['hash']='".$line['hash']."';\n");
$i++;
}
}
fputs($fp, "\$admins[$i]['time']=".$now."; \$admins[$i]['hash']='".md5($hash)."';\n?>");
fclose($fp);
echo "<meta http-equiv='refresh' content='0;URL=$me$getvars'>";
}
}
if ($action=="delete" && isloggedin()){
$todel=getkey($id, $stuff);
unset($stuff->data[$todel]);
$stuff->msort();
saveposts($stuff->data);
$do="view";
}else{
?>
<form action="<?=$me.$getvars?>" method="post" name="form2" class="smtxt">
Admin Login<br><br>
<table border="0" cellpadding="0" cellspacing="0" class="smtxt">
<tr><td>Login</td><td>
<input name="name" type="text" id="name" size="20">
</td></tr><tr><td>Password</td>
<td><input name="pwd" type="password" id="pwd" size="20"></td>
</tr><tr><td> </td><td>
<input type="submit" name="Submit" value="Login">
<input name="do" type="hidden" id="do" value="admin">
<input name="action" type="hidden" id="action" value="login">
</td></tr></table>
</form>
<?
}
}
if (isloggedin()){
showmenu();
if ($do=="add"){
if ($action=="save"){
$error=false;
$saveit=false;
if ($title=="") $error.="<br>» $txtbadtitle";
if ($story=="") $error.="<br>» $txtbadstory";
if ($error===false){
if ($id=="new"){
$index=$numposts;
$id=$nextindex;
$time=$now;
$saveit=true;
}else if (is_numeric($id)){
$index=getkey($id, $stuff);
$saveit=true;
}
if ($saveit){
$stuff->data[$index]['id']=$id;
$stuff->data[$index]['time']=$time;
$stuff->data[$index]['title']=$title;
if ($wysiwyg===true) $stuff->data[$index]['story']=str_replace(array("\r", "\n"), array("", ""), $story);
else $stuff->data[$index]['story']=str_replace(array("\r", "\n"), array("", "<br>"), $story);
saveposts($stuff->data);
$stuff->msort();
$empty=false;
}
$do="view";
}else echo "<div class='smtxt' style='color:#cc0000;'><b>$txterrors</b>$error<br><br><i>$txtclickback</i></div>";
}else{
if ($action=="edit"){
$post=$stuff->data[getkey($id, $stuff)];
$title= html_entity_decode($post['title'], ENT_QUOTES);
if ($wysiwyg===true) $story=addslashes(html_entity_decode($post['story'], ENT_QUOTES));
else $story=stripslashes(str_replace("<br>", "\n", html_entity_decode($post['story'], ENT_QUOTES)));
$time=$post['time'];
}else{
$title="";
$story="";
$time="notset";
$id="new";
}
?>
<form name="form1" method="post" action="<?=$me.$getvars?>" onSubmit="return submitForm();">
<table border="0" cellpadding="2" cellspacing="0" class="smtxt">
<tr>
<td>Title</td>
<td>
<input name="title" type="text" id="title" value="<?=$title?>" style="width:500px;" >
</td></tr>
<tr>
<td>Story</td><td>
<? if ($wysiwyg===true){ ?>
<script language="JavaScript" type="text/javascript" src="<?=$pathtowysiwyg?>richtext.js"></script>
<script language="JavaScript" type="text/javascript">
<!--
function submitForm() {
//make sure hidden and iframe values are in sync before submitting form
//to sync only 1 rte, use updateRTE(rte)
//to sync all rtes, use updateRTEs
updateRTE('story');
return true;
}
//Usage: initRTE(imagesPath, includesPath, cssFile)
initRTE("<?=$pathtowysiwyg?>images/", "<?=$pathtowysiwyg?>", "");
//-->
</script>
<noscript><p><b>Javascript must be enabled to use this form.</b></p></noscript>
<script language="JavaScript" type="text/javascript">
<!--
// Usage: writeRichText(fieldname, html, width, height, buttons, readOnly)
writeRichText('story', '<?=$story?>', 500, 200, true, false);
//-->
</script>
<? } else { ?>
<textarea name="story" cols="50" rows="5" id="story" style="width:500px"><?=$story?></textarea>
<? }?>
</td></tr><tr><td> </td><td>
<input type="submit" name="Submit" value="Add">
<input name="do" type="hidden" id="do" value="add">
<input name="action" type="hidden" id="action" value="save">
<input name="time" type="hidden" id="time" value="<?=$time?>">
<input name="id" type="hidden" id="id" value="<?=$id?>">
</td></tr>
</table>
</form>
<?
}
}
}
// display posts
if ($do=="view" || !isset($do)){
if (!$empty){
$tpl=implode("", file($template));
$i=1;
foreach($stuff->data as $item){
if ($item['id']!=0 && $i>=$from && $i< ($from+$ppp) ){
if ($wrap!==false) $item['story']=wordwrap($item['story'], $wrap, " ", 1);
$match=array("{title}", "{time}", "{story}", "{edit}", "{delete}");
if (isloggedin()) $replace=array($item['title'], strftime($dateformat, $item['time']), stripslashes($item['story']), "<a href='$me$getvars&do=add&action=edit&id=".$item['id']."'>$txtedit</a>", "<a href='$me$getvars&do=admin&action=delete&id=".$item['id']."&from=$from'>$txtdelete</a>");
else $replace=array($item['title'], strftime($dateformat, $item['time']), stripslashes($item['story']), "", "");
$html.=str_replace($match, $replace, $tpl);
}
$i++;
}
echo $html;
$numpages=(fmod($numposts,$ppp)>0) ? floor($numposts/$ppp)+1 : ($numposts/$ppp);
echo "<div class='smtxt'>";
echo (($from>1) ? "<a href='$me$getvars&from=".(($from-$ppp<1)?1:$from-$ppp)."'>«««</a> " : "").(!(($from+$ppp>$numposts)) ? " <a href='$me$getvars&from=".($from+$ppp)."'>»»»</a>" : "");
echo "</div>";
}
}
// closing table tags
// Please don't remove the 'powered by...' link
echo "</td></tr><tr class='smtxt'><td align='center' class='smsmall' height='20' valign='bottom'>";
if (!isloggedin()) echo "<a href='$me$getvars&do=admin'>$txtadmin</a> ";
echo "Powered by <a href='http://
www.planetluc.com'; target='_blank'>MyNews $version</a></td></tr></table>";
echo "\n\n<!-- end mynews $version -->\n\n";
?>
----
vraag 2 is dan dus: wat moet ik nu in mijn aparte admin.php bestandje zetten zodat ik met dat bestandje mijn nieuws kan editen etc.. ( password screen hoeft niet)
