get('/', function () use ($siteConfigs) { $viewData = array( 'title' => 'Home' , 'siteConfigs' => $siteConfigs , 'showSplash' => true ); $view = ViewFactory::createTwigView("Home"); $view->display($viewData); }); $app->get('/about', function () use ($siteConfigs) { $viewData = array( 'title' => 'About' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("About"); $view->display($viewData); }); $app->get('/join-us', function () use ($siteConfigs) { $viewData = array( 'title' => 'Join us' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Join-Us"); $view->display($viewData); }); $app->get('/festival', function () use ($siteConfigs) { $viewData = array( 'title' => 'BlueFire Street-Fest' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Festival"); $view->display($viewData); }); $app->get('/street-performers', function () use ($siteConfigs) { $viewData = array( 'title' => 'Street Performers' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Street-performers"); $view->display($viewData); }); $app->get('/main-stage', function () use ($siteConfigs) { $viewData = array( 'title' => 'Main Stage' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Main-stage"); $view->display($viewData); }); $app->get('/language-exchanges', function () use ($siteConfigs) { $viewData = array( 'title' => 'Language Exchanges' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Language-exchanges"); $view->display($viewData); }); $app->get('/vitaltalks', function () use ($siteConfigs) { $viewData = array( 'title' => 'VitalTalks' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Vital-talks"); $view->display($viewData); }); $app->get('/workshops', function () use ($siteConfigs) { $viewData = array( 'title' => 'Workshops' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Workshops"); $view->display($viewData); }); $app->get('/childrens-area', function () use ($siteConfigs) { $viewData = array( 'title' => 'Never Never Land from around the world' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Childrens-Area"); $view->display($viewData); }); $app->get('/graffiti-area', function () use ($siteConfigs) { $viewData = array( 'title' => 'Grafitti Area' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Graffiti-area"); $view->display($viewData); }); $app->get('/other-events', function () use ($siteConfigs) { $viewData = array( 'title' => 'Other events' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Other-Events"); $view->display($viewData); }); $app->post('/contact', function () use ($app, $siteConfigs) { $request = $app->request(); // Handle ajax request $errors = validateContactForm( $request->post('name') , $request->post('email') , $request->post('phone') , $request->post('topic') , $request->post('contact_form_message') ); //There were no errors... if (empty($errors)) { $contactFormHandler = new ContactFormEntries(); foreach ($request->params() as $key => $val) { $contactFormHandler->$key = strip_tags($val); } if ($contactFormHandler->writeOrUpdateDB()) { // send mail notification $message = "

From: " . strip_tags($request->post('name')) . "

" . "

Email: " . strip_tags($request->post('email')) . "

" . "

Phone: " . strip_tags($request->post('phone')) . "

" . "

Topic: " . strip_tags($request->post('topic')) . "

" . "

Message:" . strip_tags($request->post('contact_form_message')) . "

" ; Mailer::sendContactFormMail( $siteConfigs['contact_email'] , $request->post('email') , $siteConfigs['orgnization'] . " Contact Notifiction" , $message ); $postValsArray['ok'] = 1; } else { $postValsArray['ok'] = 0; } // Return the post data that was written to the DB and success value $response = $postValsArray; } else { $response = array( 'ok' => -1, 'errors' => $errors ); } echo json_encode($response); }); $app->post('/subscribe', function () use ($app, $siteConfigs) { $request = $app->request(); // Handle ajax request //There were no errors... if (filter_var($request->post('email'), FILTER_VALIDATE_EMAIL)) { $subscriber = new Subscriber(); foreach ($request->params() as $key => $val) { $subscriber->$key = strip_tags($val); } if ($subscriber->writeOrUpdateDB()) { $postValsArray['ok'] = 1; } else { $postValsArray['ok'] = 0; } // Return the post data that was written to the DB and success value $response = $postValsArray; } else { $response = array( 'ok' => -1 ); } echo json_encode($response); }); $app->get('/gallery', function () use ($siteConfigs) { $photos=Database::query("SELECT * FROM gallery WHERE active=? LIMIT 16",array(1)); $viewData = array( 'title' => 'Gallery' ,'photos'=>$photos , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Gallery"); $view->display($viewData); }); $app->get('/artists', function () use ($siteConfigs) { $artists=Artist::getActiveArtists(); $roles=Artist::getRoles($artists); for($i=0;$i 'Artists' , 'siteConfigs' => $siteConfigs, 'artists'=>$artists, 'roles'=>$roles ); $view = ViewFactory::createTwigView("Artists"); $view->display($viewData); }); $app->get('/artist',function() use ($siteConfigs){ if(isset($_GET['a'])){ if(is_numeric($_GET['a'])){ $artist=Database::loadByID('artist',$_GET['a']); /*$artist=new Artist(); $artist->loadFromDB($_GET['a']);*/ if($artist['other_pictures']!=""){ $artist['other_pictures']=explode('|',$artist['other_pictures']); for($i=0;$i $artist['name'] , 'siteConfigs' => $siteConfigs, 'artist'=>$artist ); $view = ViewFactory::createTwigView("Artist_profile"); $view->display($viewData); }); $app->get('/events',function() use ($siteConfigs){ $uevents=array(); $pevents=array(); $all_event=new Event(); $events=$all_event->getActiveEvents(); foreach($events as $event){ if($event['timestamp']>time()){ //upcoming array_push($uevents,$event); }else{ //past array_push($pevents,$event); } } $viewData = array( 'title' => 'Events' , 'siteConfigs' => $siteConfigs ,'past_events'=>$pevents ,'upcoming_events'=>$uevents ,'currentDate'=>time() ); $view = ViewFactory::createTwigView("Events"); $view->display($viewData); }); $app->get('/get-involved',function() use ($siteConfigs){ $positions=array(); $positions=Positions::getActive(); $viewData = array( 'title' => 'Get Involved' ,'positions'=> $positions , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("Get-involved"); $view->display($viewData); }); $app->get('/blog',function() use ($siteConfigs){ if(isset($_GET['page']) && $_GET['page']!=1){ if($_GET['page']==2){ $previous=$siteConfigs['website_url'].'blog'; }else{ $previous=$siteConfigs['website_url'].'blog?page='.($_GET['page']-1); } $page=$_GET['page']; }else{ $page=1; $previous=''; } $posts=new Posts(); $posts=$posts->getActive(10,($page*10)-10); if(count($posts)>=10){ $next=$siteConfigs['website_url'].'blog?page='.($page+1); }else{ $next=''; } for($i=0;$i300){ $excerpt=substr($posts[$i]['content'],0,300); $excerpt.='...
Read More'; }else{ $excerpt=$posts[$i]['content']; } $posts[$i]['excerpt']=$excerpt;//add excerpt to array $posts[$i]['url']=$siteConfigs['website_url'].'post?url='.$posts[$i]['url']; array_push($posts[$i],$author); array_push($posts[$i],$excerpt); } $viewData = array( 'title' => 'Blog' , 'siteConfigs' => $siteConfigs ,'posts'=>$posts ,'previouspage'=>$previous ,'nextpage'=>$next ); $view = ViewFactory::createTwigView("Blog"); $view->display($viewData); }); $app->get('/post',function() use ($siteConfigs){ $post=''; if(isset($_GET['url'])){ $post=new Posts(); $post->getPost($_GET['url']); } $viewData = array( 'title' => $post->title , 'siteConfigs' => $siteConfigs ,'post'=>$post ); $view = ViewFactory::createTwigView("Post"); $view->display($viewData); }); $app->get('/admin/blog', function () use ($siteConfigs){ sec_session_start(); // Our custom secure way of starting a PHP session. $links=array(); $tasks=array(); $message=''; $msg_type=''; $page='blog'; $post=''; $options=array(); if(Member::login_check()){ if(isset($_GET['action'])){ if($_GET['action']=='remove'){ $options['posts']=array(); $options['posts']=Database::query("SELECT * FROM posts WHERE active=? ORDER BY date DESC",array(1)); for($i=0;$iloadFromDB($_GET['id']); } } } array_push($links,array('name'=>'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links array_push($tasks,array('name'=>'blog?action=create','message'=>'Add new Blog Post'),array('name'=>'blog?action=remove','message'=>'Remove a Blog Post')); $viewData = array( 'title' => 'Admin Panel' , 'siteConfigs' => $siteConfigs ,'task'=>$page ,'message'=>$message ,'type'=>$msg_type ,'links'=> $links ,'post'=>$post ,'tasks'=>$tasks ,'options'=>$options ,'currentUser'=>$_SESSION['user_id'] ); $view = ViewFactory::createTwigView("Admin"); }else{ $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->post('/admin/blog', function () use ($siteConfigs,$app){ $message=''; $msg_type=''; $page='blog'; $tasks=array(); $links=array(); $options=array(); sec_session_start(); // Our custom secure way of starting a PHP session. if(Member::login_check()){ if(!isset($_GET['action'])){ if(!isset($_POST['edit_post'])&&$_POST['edit_post']!='true'){ if(isset($_POST['posttitle'])&&isset($_POST['theContent'])){ $posts=new Posts(); if($posts->add($_SESSION['user_id'],$_POST['posttitle'],$_POST['theContent'],time())){ $message.='Blog post submitted successfully'; $msg_type='success'; } }else{ $message.='Error creating blog post. Please ensure all information is correct'; $msg_type='error'; } }else{ if(isset($_POST['posttitle'])&&isset($_POST['theContent'])){ $post=new Posts(); $post->loadFromDB($_POST['edit']); if(isset($_POST['posttitle'])&&isset($_POST['theContent'])){ $post->title=$_POST['posttitle']; $post->content=$_POST['theContent']; $post->writeOrUpdateDB(); $msg_type='success'; $message='Posts updated successfully'; } } } }else{ if(isset($_GET['action'])){ if($_GET['action']=='remove'){ if(isset($_POST['remove_post'])){ foreach($_POST as $k=>$p){ if(strpos($k,'post') !== false){ if(is_numeric($p)){ $post = new Posts(); $post->loadFromDB($p); $post->active = 0; if($post->writeOrUpdateDB()){ $msg_type='success'; $message='Posts(s) removed successfully'; } else{ $msg_type='danger'; $message='Failed to remove post(s)'; } } } } } $page='remove_post'; $options['posts']=array(); $options['posts']=Database::query("SELECT * FROM posts WHERE active=? ORDER BY date DESC",array(1)); for($i=0;$iloadFromDB($_GET['id']); $page='edit_post'; } } } } $data=Posts::getActive(); array_push($links,array('name'=>'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links array_push($tasks,array('name'=>'blog?action=create','message'=>'Add new Blog Post'),array('name'=>'blog?action=remove','message'=>'Remove a Blog Post')); $viewData = array( 'title' => 'Admin Panel' , 'siteConfigs' => $siteConfigs ,'task'=>$page ,'message'=>$message ,'type'=>$msg_type ,'post'=>$post ,'links'=> $links ,'options'=>$options ,'tasks'=>$tasks ,'currentUser'=>$_SESSION['user_id'] ); $view = ViewFactory::createTwigView("Admin"); }else{ $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->get('/admin/event', function () use ($siteConfigs){ $options=array(); $links=array(); sec_session_start(); // Our custom secure way of starting a PHP session. if(Member::login_check()){ array_push($links,array('name'=>'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links $viewData = array( 'title' => 'Admin Panel' , 'siteConfigs' => $siteConfigs ,'task'=>'new_event', 'links'=> $links, 'options'=>$options, 'currentUser'=>$_SESSION['user_id'] ); $view = ViewFactory::createTwigView("Admin"); }else{ $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->get('/admin/artist', function () use ($siteConfigs){ $tab=''; $links=array(); $options=array(); sec_session_start(); // Our custom secure way of starting a PHP session. if(Member::login_check()){ if(isset($_GET['action'])){ $tab=$_GET['action']; } if($tab=='create'){ $options['artists']=Database::query("SELECT * FROM artist WHERE active=?",array(1)); $options['roles']=array(); for($i=0;$i'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links $viewData = array( 'title' => 'Admin Panel' , 'siteConfigs' => $siteConfigs ,'task'=>'new_artist' ,'links'=> $links ,'options'=>$options ,'currentUser'=>$_SESSION['user_id'] ); $view = ViewFactory::createTwigView("Admin"); }else{ $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->post('/admin/artist', function () use ($siteConfigs,$app){ $tab=''; $links=array(); $options=array(); sec_session_start(); // Our custom secure way of starting a PHP session. if(Member::login_check()){ if(isset($_GET['action'])){ $tab=$_GET['action']; } if($tab=='remove'){ }else{ $options['artists']=Database::query("SELECT * FROM artist WHERE active=?",array(1)); $options['roles']=array(); for($i=0;$icreate($_POST['artistname'],$_POST['twitter'],$_POST['facebook'],$_POST['youtube'],$_POST['website'],$_SESSION['user_id'])){ $msg_type='success'; $message='Artist added successfully'; }else{ $msg_type='danger'; $message='Failed to add artist'; } }else{ $message='Incorrect info'; } } array_push($links,array('name'=>'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links $viewData = array( 'title' => 'Admin Panel' , 'siteConfigs' => $siteConfigs ,'task'=>'new_artist' ,'links'=> $links ,'options'=>$options ,'currentUser'=>$_SESSION['user_id'] ); $view = ViewFactory::createTwigView("Admin"); }else{ $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->get('/admin/user', function () use ($siteConfigs){ $links=array(); $tasks=array(); $options=array(); sec_session_start(); // Our custom secure way of starting a PHP session. if(Member::login_check()){ if(Member::hasPermission('admin')){ //checks if the user has permission to add new users array_push($links,array('name'=>'register','message'=>'Add a new user')); //adds to the links variable } if(isset($_GET['action'])){ $tab=$_GET['action']; }else{ $tab='password'; } if($tab=='create'){ $page='new_member'; $options['permissions']=array(); $options['members']=array(); $i=1; while($row=Database::loadByID('groups',$i)){ $i++; array_push($options['permissions'],$row); } $options['members']=Database::query("SELECT * FROM member WHERE active=? ORDER BY name",array(1)); }elseif($tab=='remove'){ $page='remove_user'; $options['members']=array(); $options['members']=Database::query("SELECT * FROM member WHERE active=? ORDER BY name",array(1)); }else{ $page='password_change'; } array_push($links,array('name'=>'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links array_push($tasks,array('name'=>'user?action=create','message'=>'Add new User'),array('name'=>'user?action=remove','message'=>'Remove user/users'),array('name'=>'user','message'=>'Change your Password')); $viewData = array( 'title' => 'Admin Panel' , 'siteConfigs' => $siteConfigs ,'task'=>$page ,'links'=> $links ,'tasks'=>$tasks ,'options'=>$options, 'currentUser'=>$_SESSION['user_id'] ); $view = ViewFactory::createTwigView("Admin"); }else{ $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->post('/admin/user',function() use ($siteConfigs){ $msg_type=''; $message=''; $links=array(); $tasks=array(); $options=array(); sec_session_start(); // Our custom secure way of starting a PHP session. if(Member::login_check()){ /*change password*/ if(isset($_POST['pass'])&&$_POST['pass']=='true'){ //checks if a password change if(isset($_POST['pw'])&&isset($_POST['new_pw'])&&isset($_POST['new_pw2'])){ if(strlen($_POST['new_pw'])>5){ if($_POST['new_pw']==$_POST['new_pw2']){ $member=new Member(); if($member->changePass($_POST['pw'],$_POST['new_pw'])){ $msg_type='success'; $message='Password updated successfully'; }else{ $msg_type='danger'; $message='There was an error changing your password'; } } }else{ $msg_type='warning'; $message='Password must be greater than 5 characters 2blah'; } }else{ $msg_type='danger'; $message='Invalid request'; } } if(Member::hasPermission('admin')){ //checks if the user has permission to add new users /* remove user / deactivate user*/ if(isset($_POST['remove_user'])&&$_POST['remove_user']=='true'){ //deactivate user foreach($_POST as $k=>$p){ if(strpos($k,'user') !== false){ if(is_numeric($p)){ $member = new Member(); $member->loadFromDB($p); $member->active = 0; if($member->writeOrUpdateDB()){ $msg_type='success'; $message='Member(s) deactivated successfully'; } else{ $msg_type='danger'; $message='Failed to deactivate member(s)'; } } } } } array_push($links,array('name'=>'register','message'=>'Add a new user')); //adds to the links variable if(isset($_POST['register'])){ if(isset($_POST['email'],$_POST['memname'],$_POST['permission'])){ $user=new Member(); $user->create($_POST['memname'],$_POST['email'],$_POST['permission']); } } } if(isset($_GET['action'])){ $tab=$_GET['action']; }else{ $tab='password'; } if($tab=='create'){ $page='new_member'; $options['permissions']=array(); $i=1; while($row=Database::loadByID('groups',$i)){ $i++; array_push($options['permissions'],$row); } }elseif($tab=='remove'){ $page='remove_user'; $options['members']=array(); $options['members']=Database::query("SELECT * FROM member WHERE active=? ORDER BY name",array(1)); }else{ $page='password_change'; } array_push($links,array('name'=>'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links array_push($tasks,array('name'=>'user?action=create','message'=>'Add new User'),array('name'=>'user?action=remove','message'=>'Remove user/users'),array('name'=>'user','message'=>'Change your Password')); //adds tasks that the user can carry out $viewData = array( 'title' => 'Update User' , 'siteConfigs' => $siteConfigs ,'task'=>$page ,'links'=> $links ,'message'=>$message ,'type'=>$msg_type ,'tasks'=>$tasks ,'options'=>$options, 'currentUser'=>$_SESSION['user_id'] ); $view = ViewFactory::createTwigView("Admin"); }else{ $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->get('/admin/involved', function () use ($siteConfigs){ $options=array(); $links=array(); sec_session_start(); // Our custom secure way of starting a PHP session. if(Member::login_check()){ $page='get_involved'; array_push($links,array('name'=>'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links $viewData = array( 'title' => 'Add an Opportunity' , 'siteConfigs' => $siteConfigs ,'task'=>$page, 'links'=> $links, 'options'=>$options, 'currentUser'=>$_SESSION['user_id'] ); $view=ViewFactory::createTwigView("Admin"); }else{ $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->get('/admin/logout', function () use ($siteConfigs){ sec_session_start(); // Our custom secure way of starting a PHP session. Member::logout(); }); $app->get('/admin', function () use ($siteConfigs) { $message=''; $msg_type=''; $tasks=array(); sec_session_start(); // Our custom secure way of starting a PHP session. $links=array();//sets up array for links in admin-sidebar.twig if(isset($_GET['tab'])){ //checks if the tab variable has been set if($_GET['tab']=='logout'){ //checks if user wants to logout Member::logout(); } } if (Member::login_check() == true) { //checks if there is a user logged in $options=array(); array_push($links,array('name'=>'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links array_push($tasks,array('name'=>'blog?action=create','message'=>'Add new Blog Post'),array('name'=>'blog?action=remove','message'=>'Remove a Blog Post')); $viewData = array( 'title' => 'Admin Panel' , 'siteConfigs' => $siteConfigs ,'task'=>'blog' ,'message'=>$message ,'type'=>$msg_type ,'links'=> $links ,'tasks'=>$tasks ,'options'=>$options ,'currentUser'=>$_SESSION['user_id'] ); $view = ViewFactory::createTwigView("Admin"); } else { $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->post('/admin', function () use ($siteConfigs) { $message=''; $links=array(); $tasks=array(); $options=array(); sec_session_start(); // Our custom secure way of starting a PHP session. if(isset($_POST['login'])&&$_POST['login']=='true'){ //checks if user is logging in if(Member::login($_POST['email'],$_POST['p'])){ $message='Logged in successfully'; $msg_type='success'; }else{ $message='Error logging in. Please check your email and password'; $msg_type='danger'; } } if(Member::login_check()){ //checks if user already logged in array_push($links,array('name'=>'event','message'=>'Events'),array('name'=>'user','message'=>'Update user'),array('name'=>'blog','message'=>'Blog')); //creates full array for links array_push($tasks,array('name'=>'blog?action=create','message'=>'Add new Blog Post'),array('name'=>'blog?action=remove','message'=>'Remove a Blog Post')); if(isset($_POST['blog'])&&$_POST['blog']=='true'){ //code to insert a new blog post if(isset($_POST['title'])&&isset($_POST['content'])){ $posts=new Posts(); if(Posts::add($_SESSION['user_id'],$_POST['title'],$_POST['content'])){ $message.='Blog post submitted successfully'; } }else{ $message.='Error creating blog post. Please ensure all information is correct'; } $data=Posts::getActive(); } if(isset($_POST['pass'])&&$_POST['pass']=='true'){ //checks if a password change if(isset($_POST['pw'])&&isset($_POST['new_pw'])&&isset($_POST['new_pw2'])){ if(strlen($_POST['new_pw'])>5){ if($_POST['new_pw']==$_POST['new_pw2']){ $member=new Member(); if($member->changePass($_POST['pw'],$_POST['new_pw'])){ $msg_type='success'; $message='Password updated successfully'; }else{ $msg_type='danger'; $message='There was an error changing your password'; } } }else{ $msg_type='warning'; $message='Password must be greater than 5 characters blah'; } }else{ $msg_type='danger'; $message='Invalid request'; } } if(isset($_POST['update_perms'])&&$_POST['update_perms']=='true'){ //updating permissions if(isset($_POST['user'])&&isset($_POST['permission'])){ if(is_numeric($_POST['user'])&&is_numeric($_POST['permission'])){ Member::updatePerms($_POST['user'],$_POST['permission']); } } } //events if(isset($_POST['event'])&&$_POST['event']=='true'){ $artist=new Artist(); if($artist->create($_POST['name'],$_POST['location'],$_POST['description'],$_POST['date'],$_POST['user_id'])){ $message='Event added successfully'; }else{ $message='Failed to create event'; } } if(isset($_POST['artist'])&&$_POST['artist']=='true'){ $artist=new Artist(); if($artist->create($_POST['name'],$_POST['twitter'],$_POST['facebook'],$_POST['youtube'],$_POST['website'], $_SESSION['user_id'])){ $message='Artist added successfully'; }else{ $message='Failed to create artist'; } } if(isset($_POST['remove_user'])&&$_POST['remove_user']=='true'){ //deactivate user if(isset($_POST['user'])){ if(is_numeric($_POST['user'])){ $member = new Member(); $member->loadFromDB($_POST['user']); $member->active = 0; if($member->writeOrUpdateDB()){ $msg_type='success'; $message='Member deactivated successfully'; } else{ $msg_type='danger'; $message='Failed to deactivate member'; } } } } $tab='blog'; $viewData = array( 'title' => 'Admin' , 'siteConfigs' => $siteConfigs ,'task'=>$tab ,'links'=> $links ,'tasks'=>$tasks ,'type'=>$msg_type ,'message'=>$message ,'options'=>$options ); $view = ViewFactory::createTwigView("Admin"); }else{ $viewData = array( 'title' => 'Admin login' , 'siteConfigs' => $siteConfigs ,'type'=>$msg_type ,'message'=>$message ); $view = ViewFactory::createTwigView("admin/Login"); } $view->display($viewData); }); $app->post('/admin/ajax', function () use ($siteConfigs,$app) { sec_session_start(); if(Member::login_check()){ if(isset($_POST['blog'])&&$_POST['blog']=='true'){ //code to insert a new blog post if(isset($_POST['edit'])){ $posts=new Posts(); $post->loadFromDB($_POST['edit']); $post->title=$_POST['posttitle']; $post->content=$_POST['content']; $post->writeOrUpdateDB(); }else{ $posts=new Posts(); if($posts->add($_SESSION['user_id'],$_POST['posttitle'],$_POST['post'],time())){ $message='Blog post submitted successfully'; }else{ $message='Failed to submit post'; } } }elseif(isset($_POST['artist']) && $_POST['artist']=='true'){ $artist=new Artist(); if($artist->create($_POST['name'],$_POST['twitter'],$_POST['facebook'],$_POST['youtube'],$_POST['website'], $_SESSION['user_id'])){ $message='Artist added successfully'; }else{ $message='Failed to create artist'; } }elseif(isset($_POST['newevent'])&&$_POST['newevent']=='true'){ $event=new Event(); if($event->create($_POST['name'],$_POST['location'],$_POST['description'],$_POST['date'],$_POST['user_id'])){ $message='Event added successfully'; }else{ $message='Failed to create event'; } }elseif(isset($_POST['remove_user'])&&$_POST['remove_user']=='true'){ //deactivate user if(isset($_POST['user'])){ if(is_numeric($_POST['user'])){ $member = new Member(); $member->loadFromDB($_POST['user']); $member->active = 0; if($member->writeOrUpdateDB()){ $message='Member deactivated successfully'; } else{ $message='Failed to deactivate member'; } } } }elseif(isset($_POST['register'])&&$_POST['register']=='true'){ //checks if the form was submitted if(Member::hasPermission('admin')){ //checks if the user has permission to add new users if (isset($_POST['email'], $_POST['name'],$_POST['permission'])) { $member=new Member(); $message=$member->newMember($_POST['name'],$_POST['email'],$_POST['permission']); } else { $message='Error registering user'; } } } } echo $message; }); $app->get('/admin/ajax', function () use ($siteConfigs) { if(isset($_GET['q'])){ //checks if there has been a query for information $q=$_GET['q']; if($q=='posts'){ //check permissions //check if they are allowed to delete posts //return the information about posts as associative array //print associative array for use in JavaScript print_r(Database::query("SELECT * FROM posts WHERE active=?",array(1))); }elseif($q=='artists'){ print_r(Database::query("SELECT * FROM posts WHERE active=?",array(1))); }elseif($q=='events'){ print_r(Database::query("SELECT * FROM posts WHERE active=?",array(1))); }elseif($q='sponsors'){ print_r(Database::query("SELECT * FROM posts WHERE active=?",array(1))); } } }); $app->get('/ajax',function() use ($siteConfigs){ if(isset($_GET['q'])){ if($_GET['q']=='artist'&&is_numeric($_GET['id'])){ $artist=new Artist(); $artist->loadFromDB($_GET['id']); print_r($artist->getJSON()); } } }); $app->run(); ?>