Sindbad~EG File Manager

Current Path : /home/u625735752/domains/floralwhite-woodpecker-723030.hostingersite.com/public_html/1.9/
Upload File :
Current File : /home/u625735752/domains/floralwhite-woodpecker-723030.hostingersite.com/public_html/1.9/login.php

<?php
session_start();

include "conn.php";

/* ========= HELPERS ========= */
function handleFileUpload($file, $directory) {
    if (isset($file) && isset($file['error']) && $file['error'] === UPLOAD_ERR_OK) {
        if (!is_dir($directory)) {
            @mkdir($directory, 0777, true);
        }
        $ext = pathinfo($file['name'], PATHINFO_EXTENSION);
        $safeName = preg_replace('/[^a-zA-Z0-9_\.-]/', '_', pathinfo($file['name'], PATHINFO_FILENAME));
        $name = time() . "_" . $safeName . ($ext ? ".".$ext : "");
        $uploadPath = rtrim($directory, '/').'/'.$name;
        if (move_uploaded_file($file['tmp_name'], $uploadPath)) {
            return $name;
        }
    }
    return null;
}
function getBlogs($mysqli) {
    $q = "SELECT * FROM blogs ORDER BY created_at DESC";
    if ($res = $mysqli->query($q)) {
        return $res->fetch_all(MYSQLI_ASSOC);
    }
    return [];
}
function getBlogById($mysqli, $id) {
    $stmt = $mysqli->prepare("SELECT * FROM blogs WHERE id=?");
    $stmt->bind_param("i", $id);
    $stmt->execute();
    return $stmt->get_result()->fetch_assoc();
}
function getUsers($mysqli) {
    $q = "SELECT * FROM users ORDER BY created_at DESC";
    if ($res = $mysqli->query($q)) {
        return $res->fetch_all(MYSQLI_ASSOC);
    }
    return [];
}
function sendEmail($to, $subject, $message) {
    // Simple mail(); replace with PHPMailer/SMTP for production
    $headers = "MIME-Version: 1.0\r\n";
    $headers .= "Content-type:text/html;charset=UTF-8\r\n";
    $headers .= "From: noreply@yourdomain.com\r\n";
    return @mail($to, $subject, $message, $headers);
}
function randomPassword($length = 10) {
    $chars = 'ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz23456789@#$%';
    $out = '';
    for ($i=0; $i<$length; $i++) {
        $out .= $chars[random_int(0, strlen($chars)-1)];
    }
    return $out;
}

/* ========= FLASH MESSAGE ========= */
$flash = null;
function set_flash($msg) { $_SESSION['flash'] = $msg; }
if (isset($_SESSION['flash'])) { $flash = $_SESSION['flash']; unset($_SESSION['flash']); }

/* ========= AJAX: GET BLOG ========= */
if ($_SERVER['REQUEST_METHOD'] === 'GET' && isset($_GET['action']) && $_GET['action']==='get_blog' && isset($_GET['id'])) {
    $id = (int)$_GET['id'];
    $blog = getBlogById($mysqli, $id);
    header('Content-Type: application/json; charset=utf-8');
    echo json_encode($blog ?: ['error'=>'Not found']);
    exit;
}

/* ========= LOGIN ========= */
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login'])) {
    $email = trim($_POST['email'] ?? '');
    $pass = $_POST['password'] ?? '';
    $stmt = $mysqli->prepare("SELECT * FROM users WHERE email=? LIMIT 1");
    $stmt->bind_param("s", $email);
    $stmt->execute();
    $user = $stmt->get_result()->fetch_assoc();
    if ($user && $pass === $user['password']) { // plain-text check
        $_SESSION['user'] = $user;
        header("Location: manage-blogs.php");
        exit;
    } else {
        $error = "Invalid email or password.";
    }
}

/* ========= FORGOT PASSWORD ========= */
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['forgot_password'])) {
    $email = trim($_POST['fp_email'] ?? '');
    if ($email !== '') {
        $stmt = $mysqli->prepare("SELECT id, first_name, email FROM users WHERE email=? LIMIT 1");
        $stmt->bind_param("s", $email);
        $stmt->execute();
        $u = $stmt->get_result()->fetch_assoc();
        if ($u) {
            $temp = randomPassword(10);
            $up = $mysqli->prepare("UPDATE users SET password=? WHERE id=?");
            $up->bind_param("si", $temp, $u['id']);
            $up->execute();

            $subject = "Your temporary password";
            $msg = "<p>Hi ".htmlspecialchars($u['first_name']).",</p>
                    <p>Your temporary password is: <b>{$temp}</b></p>
                    <p>Please log in and change it immediately from Edit Profile.</p>
                    <p>Regards,<br>Admin</p>";
            if (sendEmail($u['email'], $subject, $msg)) {
                set_flash("Temporary password sent to your email.");
            } else {
                set_flash("Could not send email. Please contact admin.");
            }
        } else {
            set_flash("No account found for that email.");
        }
    } else {
        set_flash("Please enter your email.");
    }
    header("Location: manage-blogs.php");
    exit;
}

/* ========= LOGOUT ========= */
if (isset($_GET['logout'])) {
    session_destroy();
    header("Location: login.php");
    exit;
}
 

/* ========= FETCH DATA FOR UI ========= */
$blogs = getBlogs($mysqli);
$users = isset($_SESSION['user']) && $_SESSION['user']['user_type']==='super_admin' ? getUsers($mysqli) : [];
?>

<!DOCTYPE html>
<html lang="en" data-bs-theme="light">
<head>
  <meta charset="utf-8">
  <title>Manage Website</title>
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <!-- Bootstrap & Icons -->
  <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
  <link href="https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css" rel="stylesheet">
  <style>
    .sidebar { width:260px; min-height:100vh; }
    .card-img-top { object-fit:cover; height:180px; }
    .pointer { cursor:pointer; }
  </style>
</head>
<body class="bg-body">
 

<!-- CHANGE PASSWORD MODAL -->
<div class="modal fade" id="changePasswordModal" tabindex="-1">
  <div class="modal-dialog">
    <form method="post" class="modal-content">
      <div class="modal-header"><h5>Change Password</h5></div>
      <div class="modal-body">
        <input type="hidden" name="id" value="<?= $_SESSION['user']['id'] ?>">
        <div class="mb-3"><label>New Password</label><input type="text" name="password" class="form-control" required></div>
      </div>
      <div class="modal-footer">
        <button type="submit" name="change_password" class="btn btn-primary">Update</button>
        <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
      </div>
    </form>
  </div>
</div>


<?php if (!isset($_SESSION['user'])): ?>
  <!-- ============ LOGIN VIEW ============ -->
  <div class="container mt-5">
    <?php if (!empty($flash)): ?><div class="alert alert-info"><?php echo htmlspecialchars($flash); ?></div><?php endif; ?>
    <?php if (!empty($error)): ?><div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div><?php endif; ?>
    <div class="row justify-content-center">
      <div class="col-md-5">
        <div class="card shadow-sm">
         
          <div class="card-body">
            <form method="post">
              <div class="mb-3">
                <label class="form-label">Email</label>
                <input type="email" name="email" class="form-control" required>
              </div>
              <div class="mb-3">
                <label class="form-label">Password</label>
                <input type="password" name="password" class="form-control" required>
              </div>
              <button class="btn btn-primary w-100 mb-2" name="login">Login</button>
              <div class="text-center">
                <a href="#" data-bs-toggle="modal" data-bs-target="#forgotPasswordModal">Forgot password?</a>
              </div>
            </form>
          </div>
        </div>
      </div>
    </div>
  </div>

  <!-- Forgot Password Modal -->
  <div class="modal fade" id="forgotPasswordModal" tabindex="-1" aria-hidden="true">
    <div class="modal-dialog">
      <form method="post" class="modal-content">
        <div class="modal-header">
          <h5 class="modal-title">Forgot Password</h5>
          <button type="button" class="btn-close" data-bs-dismiss="modal"></button>
        </div>
        <div class="modal-body">
          <p>Enter your account email. We’ll send a temporary password to that address.</p>
          <div class="mb-3">
            <label class="form-label">Email</label>
            <input type="email" name="fp_email" class="form-control" required>
          </div>
        </div>
        <div class="modal-footer">
          <button class="btn btn-primary" name="forgot_password">Send</button>
        </div>
      </form>
    </div>
  </div>

 
 

<?php endif; ?>
 
<!-- Scripts -->
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
<script src="https://cdn.ckeditor.com/4.20.2/standard/ckeditor.js"></script> 

<script>
  function toggleTheme() {
    const html = document.documentElement;
    const current = html.getAttribute('data-bs-theme') || 'light';
    const newTheme = current === 'dark' ? 'light' : 'dark';
    html.setAttribute('data-bs-theme', newTheme);
    
    // Update icon
    const icon = document.querySelector('#themeToggle i');
    if (icon) {
      icon.className = newTheme === 'dark' ? 'bi bi-sun' : 'bi bi-moon';
    }

    // Optional: persist in localStorage
    localStorage.setItem('theme', newTheme);
  }

  document.addEventListener('DOMContentLoaded', () => {
    // Restore theme from localStorage (optional)
    const savedTheme = localStorage.getItem('theme');
    if (savedTheme) {
      document.documentElement.setAttribute('data-bs-theme', savedTheme);
      const icon = document.querySelector('#themeToggle i');
      if (icon) {
        icon.className = savedTheme === 'dark' ? 'bi bi-sun' : 'bi bi-moon';
      }
    }

    document.getElementById('themeToggle').addEventListener('click', toggleTheme);
  });
</script>



</body>
</html>

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists