From 1e44886d6f53d5bb9621211810fdea247f7fbd71 Mon Sep 17 00:00:00 2001
From: Mateja <mail@matejamaric.com>
Date: Sat, 3 Oct 2020 00:10:38 +0200
Subject: moved notes

---
 admin.php      | 55 +++++++++++++++++++++++--------------------------------
 edit.php       | 15 +++++++++++++++
 notes.sql      | 27 ---------------------------
 test/notes.sql | 27 +++++++++++++++++++++++++++
 4 files changed, 65 insertions(+), 59 deletions(-)
 create mode 100644 edit.php
 delete mode 100644 notes.sql
 create mode 100644 test/notes.sql

diff --git a/admin.php b/admin.php
index 2bfdfde..39f268c 100644
--- a/admin.php
+++ b/admin.php
@@ -1,41 +1,32 @@
 <?php
 session_start();
 
-# DB CONNECT
-try {
-  $user = "yota_user";
-  $password = "leex3EThieK0ieLaiVaicaifef5eecei";
-  $database = "yota_call_db";
-  $conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
-  $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-} catch (PDOException $e) {
-  echo "<p>Error!: " . $e->getMessage() . "</p>";
-  die();
-}
-
-# SHOLUD SOMETHING BE APPROVED?
-if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['id']) ) {
-	$stmt = $conn->prepare("UPDATE activities SET approved = true WHERE id=:id");
-echo "lol:" . $_POST['id'];
-	$stmt->bindParam(':id', $_POST['id']);
-	$stmt->execute();
-}
-
 # IS LOGIN LEGITIMATE?
 if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['email']) && isset($_POST['password'])) {
-    try {
-	$stmt = $conn->prepare("SELECT * FROM admins WHERE email=:email");
-	$stmt->bindParam(':email', $_POST['email']);
-	$stmt->execute();
-	$row = $stmt->fetch();
-	if (password_verify($_POST['password'], $row['password'])){
-		$_SESSION['admin'] = true;
-	} else {
-		$_SESSION['admin'] = false;
+	# DB CONNECT
+	try {
+		$user = "yota_user";
+		$password = "gahdeer6shai9hogai2sai4quuaj1eVu";
+		$database = "yota_call_db";
+
+		$conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
+		$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+		$stmt = $conn->prepare("SELECT * FROM admins WHERE email=:email");
+		$stmt->bindParam(':email', $_POST['email']);
+		$stmt->execute();
+		$row = $stmt->fetch();
+
+		if (password_verify($_POST['password'], $row['password'])){
+			$_SESSION['admin'] = true;
+		} else {
+			$_SESSION['admin'] = false;
+		}
+	} catch (PDOException $e) {
+			echo "<p>Error!: " . $e->getMessage() . "</p>";
 	}
-    } catch (PDOException $e) {
-        echo "<p>Error!: " . $e->getMessage() . "</p>";
-    }
+	$stmt=null;
+	$conn=null;
 }
 ?>
 <!DOCTYPE html>
diff --git a/edit.php b/edit.php
new file mode 100644
index 0000000..3ddada5
--- /dev/null
+++ b/edit.php
@@ -0,0 +1,15 @@
+<?php
+session_start();
+
+if (isset($_SESSION['admin']) && $_SESSION['admin'] == true) {
+	try {
+		$user = "yota_admin";
+		$password = "quaequaquagh6ahwoh6Chahx1EiFooGh";
+		$database = "yota_call_db";
+		$conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
+		$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+	} catch (PDOException $e) {
+		echo "<p>Error!: " . $e->getMessage() . "</p>";
+	}
+
+}
diff --git a/notes.sql b/notes.sql
deleted file mode 100644
index dd59770..0000000
--- a/notes.sql
+++ /dev/null
@@ -1,27 +0,0 @@
-CREATE DATABASE yota_db;
-USE yota_db;
-
-CREATE TABLE activities(
-        `id` int(11) not null auto_increment primary key,
-        `approved` boolean not null default false;
-        `specialCall` varchar(50) not null,
-        `fromTime` datetime not null,
-        `toTime` datetime not null,
-        `frequencies` varchar(255) not null,
-        `modes` varchar(255) not null,
-        `operatorCall` varchar(50) not null,
-        `operatorName` varchar(50) not null,
-        `operatorEmail` varchar(100) not null,
-        `operatorPhone` varchar(50) not null
-        `qso` int not null default 0;
-      ) charset=utf8;
-
-CREATE TABLE admins(
-        `id` int(11) not null auto_increment primary key,
-        `email` varchar(100) not null,
-        `password` varchar(255) not null
-      ) charset=utf8;
-
-GRANT ALL PRIVILEGES ON `yota_db`.* TO `yota_admin`@`localhost` IDENTIFIED BY 'quaequaquagh6ahwoh6Chahx1EiFooGh';
-GRANT SELECT ON `yota_db`.* TO `yota_user`@`localhost` IDENTIFIED BY 'gahdeer6shai9hogai2sai4quuaj1eVu';
-GRANT INSERT ON `yota_db`.`activities` TO `yota_requester`@`localhost` IDENTIFIED BY 'oon5iraeghaidoShi5sheefie2uuz3gu';
diff --git a/test/notes.sql b/test/notes.sql
new file mode 100644
index 0000000..dd59770
--- /dev/null
+++ b/test/notes.sql
@@ -0,0 +1,27 @@
+CREATE DATABASE yota_db;
+USE yota_db;
+
+CREATE TABLE activities(
+        `id` int(11) not null auto_increment primary key,
+        `approved` boolean not null default false;
+        `specialCall` varchar(50) not null,
+        `fromTime` datetime not null,
+        `toTime` datetime not null,
+        `frequencies` varchar(255) not null,
+        `modes` varchar(255) not null,
+        `operatorCall` varchar(50) not null,
+        `operatorName` varchar(50) not null,
+        `operatorEmail` varchar(100) not null,
+        `operatorPhone` varchar(50) not null
+        `qso` int not null default 0;
+      ) charset=utf8;
+
+CREATE TABLE admins(
+        `id` int(11) not null auto_increment primary key,
+        `email` varchar(100) not null,
+        `password` varchar(255) not null
+      ) charset=utf8;
+
+GRANT ALL PRIVILEGES ON `yota_db`.* TO `yota_admin`@`localhost` IDENTIFIED BY 'quaequaquagh6ahwoh6Chahx1EiFooGh';
+GRANT SELECT ON `yota_db`.* TO `yota_user`@`localhost` IDENTIFIED BY 'gahdeer6shai9hogai2sai4quuaj1eVu';
+GRANT INSERT ON `yota_db`.`activities` TO `yota_requester`@`localhost` IDENTIFIED BY 'oon5iraeghaidoShi5sheefie2uuz3gu';
-- 
cgit v1.2.3