-
Notifications
You must be signed in to change notification settings - Fork 0
/
parser.php
75 lines (63 loc) · 2.42 KB
/
parser.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
<?php
session_start();
$i = 0; // table stripeys
$pass = "7e16da8707112e18296fe5e1ceebf992";
require('classes.php');
$Q = new Quotes();
include('header.php');
include('parserfuncs.php');
?>
<form method="post" class="parser" action="parser.php">
<?php
echo ($_SESSION['loggedin']) ? "<p class='logout'>LOGGED IN <input type='submit' name='logout' value='logout' /></p>" : "<p>You haz no permissionz</p>";
if($_SESSION['loggedin']){
?>
<a href="parser.php">Start Fresh</a> <a href="fix.php">Update quotes</a><br /><br />
<select name="term">
<?php defTerm(); ?>
</select>
<input type="text" name="year" <?php echo ($_POST['year']) ? "value=\"".$_POST['year']."\"" : "value=\"".date('Y')."\""; ?> size="5">
<input type="checkbox" name="style" value="new" <?php echo ($_POST['style']) ? "checked" : ""; ?>/> Old style? <br />
<textarea name="quotes"><?php echo stripslashes($_POST['quotes']); ?></textarea><br />
<input type="reset" value="Reset to last parse" /> <input type="submit" name="submit" value="Parse Input + Preview" />
<?php
if($_POST['submit']){
$quotes = stripslashes($_POST['quotes']);
if($quotes == "") {
echo "You didn't input anything!";
exit;
}
echo "<input type='submit' style='background-color:red;color:white;' name='verify' value='Verify all ouput is well-formed and submit'>";
echo "<table><tr><th>Quote</th><th>Prof</th><th>Course</th><th>Term/Year</th></tr>\n";
parseQuotes($quotes);
echo "</table>\n";
unset($_POST['submit']);
}
else if($_POST['verify']) {
$quotes = $_POST['quotes'];
parseQuotes($quotes,1);
}
else if($_POST['logout'])
unset($_SESSION['loggedin']);
}
else {
?>
<p>Sorry, but I didn't think it would be a great idea if anyone could pop quotes into the database. Clearly other things could get in there... Log in below if I've given you access. kthxbai</p>
<p>Password? <input type="password" name="password" /> <input type="submit" name="login" value="GIMME ACCESS" /></p>
<?php
// This is probably crappy but w/e
if($_POST['login']) {
if(md5($_POST['password']) == $pass)
$_SESSION['loggedin'] = true;
else
echo "<p>Log in failed. You suck</p>";
}
else if($_SERVER['QUERY_STRING'] != "") {
$fake = preg_replace("/[\w\d]+=([\w\d]+)/", "\${1}", $_SERVER['QUERY_STRING']);
echo "<p>Do you really think I would use GET with a password? I'm hurt :(</p><p>And no, the password is not '".$fake."'.";
}
}
echo "</form>";
$Q->disconnect();
include('footer.php');
?>