Renamed new.php to admin.php, fixed redirects

This commit is contained in:
hbrain 2026-06-04 14:33:29 +02:00
parent 5aca0bdbf8
commit ab07d7ab35
6 changed files with 1902 additions and 1887 deletions

View file

@ -7,7 +7,7 @@ PHP web UI for publishing and managing MVLog videos on **bubulescu.org**.
- Web root: `/var/www/html/mvlog`
- Public URLs:
- `https://bubulescu.org/`
- `https://bubulescu.org/new.php`
- `https://bubulescu.org/admin.php`
- `https://bubulescu.org/login.php`
- `https://bubulescu.org/feed.php`
- `https://bubulescu.org/contact.php`
@ -15,7 +15,7 @@ PHP web UI for publishing and managing MVLog videos on **bubulescu.org**.
## Main structure
- `index.php` — public landing page (rendered videos and permalink pages)
- `new.php` — authenticated admin UI
- `admin.php` — authenticated admin UI
- `feed.php` — RSS feed
- `contact.php` — contact form
- `auth.php` — session auth helpers
@ -46,7 +46,7 @@ Important dirs:
- Video posters are resolved from the source image recorded in the thumbnail sidecar JSON; if the source image is missing, the `<video>` gets no poster
- Permalink OG/Twitter images use `out-dir/<article_id>_og.jpg` when present; otherwise they fall back to `https://bubulescu.org/assets/img/bubulescuorg.jpg`
## Admin (`new.php`)
## Admin (`admin.php`)
Requires login via PHP session.

View file

@ -1,4 +1,4 @@
<footer class="site-footer admin-footer"><div class="admin-left"><nav class="tabs"><a class="<?= $tab==='new'?'active':'' ?>" href="new.php?tab=new">New</a><a class="<?= $tab==='edit'?'active':'' ?>" href="new.php?tab=edit">Edit</a><a class="<?= $tab==='videos'?'active':'' ?>" href="new.php?tab=videos">Videos</a></nav></div><div id="job-status" class="job-status"<?= empty($runningJobs) ? ' hidden' : '' ?>><?php foreach($runningJobs as $job): ?><span class="job-dot"></span><span><?=h(str_replace('_', ' ', $job['name']))?></span><?php if(!empty($job['started_at'])): ?><span class="job-age">(<?=h(format_job_age($job['started_at']))?>)</span><?php endif; ?><?php endforeach; ?></div><div class="admin-right"><a class="logout-link" href="logout.php">Log off</a></div></footer>
<footer class="site-footer admin-footer"><div class="admin-left"><nav class="tabs"><a class="<?= $tab==='new'?'active':'' ?>" href="admin.php?tab=new">New</a><a class="<?= $tab==='edit'?'active':'' ?>" href="admin.php?tab=edit">Edit</a><a class="<?= $tab==='videos'?'active':'' ?>" href="admin.php?tab=videos">Videos</a></nav></div><div id="job-status" class="job-status"<?= empty($runningJobs) ? ' hidden' : '' ?>><?php foreach($runningJobs as $job): ?><span class="job-dot"></span><span><?=h(str_replace('_', ' ', $job['name']))?></span><?php if(!empty($job['started_at'])): ?><span class="job-age">(<?=h(format_job_age($job['started_at']))?>)</span><?php endif; ?><?php endforeach; ?></div><div class="admin-right"><a class="logout-link" href="logout.php">Log off</a></div></footer>
<script>document.querySelectorAll('textarea[data-counter]').forEach(function(t){var c=document.getElementById(t.dataset.counter);function u(){c.textContent=t.value.length+' / '+t.maxLength+' characters';}t.addEventListener('input',u);u();});</script>
<script>
(function(){
@ -90,7 +90,7 @@
}
var storageKey = 'mvlog_gemini_description_' + (articleId || job);
try { localStorage.setItem(storageKey, JSON.stringify({description: description || '', teaser: teaser || '', quote_da: quoteDa || ''})); } catch(e){}
var href = 'new.php?tab=edit';
var href = 'admin.php?tab=edit';
if (articleId) href += '&id=' + encodeURIComponent(articleId);
if (job) href += '&edit=' + encodeURIComponent(job);
window.location.href = href;

1876
admin.php Normal file

File diff suppressed because it is too large Load diff

View file

@ -37,13 +37,27 @@ function mvlog_current_user(): ?string {
return isset($_SESSION['mvlog_user']) && is_string($_SESSION['mvlog_user']) ? $_SESSION['mvlog_user'] : null;
}
function mvlog_normalize_next(string $next): string {
if ($next === '' || str_contains($next, "
") || str_contains($next, " ")) return '/admin.php';
$parts = parse_url($next);
if ($parts === false || isset($parts['scheme']) || isset($parts['host'])) return '/admin.php';
$path = (string)($parts['path'] ?? '');
if ($path === '' || $path === '/mvlog') {
$path = '/admin.php';
} elseif (str_starts_with($path, '/mvlog/')) {
$path = substr($path, 6);
}
$query = isset($parts['query']) ? ('?' . $parts['query']) : '';
return $path . $query;
}
function mvlog_require_login(): void {
if (mvlog_current_user() !== null) return;
$next = $_SERVER['REQUEST_URI'] ?? '/new.php';
$next = mvlog_normalize_next((string)($_SERVER['REQUEST_URI'] ?? '/admin.php'));
header('Location: login.php?next=' . rawurlencode($next));
exit;
}
function mvlog_logout(): void {
mvlog_session_start();
$_SESSION = [];
@ -55,8 +69,5 @@ function mvlog_logout(): void {
}
function mvlog_safe_next(string $next): string {
if ($next === '' || str_contains($next, "\n") || str_contains($next, "\r")) return 'new.php';
$parts = parse_url($next);
if ($parts === false || isset($parts['scheme']) || isset($parts['host'])) return 'new.php';
return $next;
return mvlog_normalize_next($next);
}

View file

@ -1,7 +1,7 @@
<?php
require __DIR__ . '/auth.php';
$err = '';
$next = mvlog_safe_next((string)($_GET['next'] ?? $_POST['next'] ?? 'new.php'));
$next = mvlog_safe_next((string)($_GET['next'] ?? $_POST['next'] ?? '/admin.php'));
if (mvlog_current_user() !== null) {
header('Location: ' . $next);
exit;

1876
new.php

File diff suppressed because it is too large Load diff