From aba35eae1aa7b41719fa1fb6f43c622d06bc745c Mon Sep 17 00:00:00 2001
From: LarsVomMars
Date: Sun, 31 Jan 2021 01:36:25 +0100
Subject: SICKO MODE
---
superadmin/index.js | 29 +++++++++++++++++++++++++
superadmin/public/index.html | 38 +++++++++++++++++++++++++++++++++
superadmin/public/script.js | 51 ++++++++++++++++++++++++++++++++++++++++++++
superadmin/public/style.css | 32 +++++++++++++++++++++++++++
4 files changed, 150 insertions(+)
create mode 100644 superadmin/index.js
create mode 100644 superadmin/public/index.html
create mode 100644 superadmin/public/script.js
create mode 100644 superadmin/public/style.css
(limited to 'superadmin')
diff --git a/superadmin/index.js b/superadmin/index.js
new file mode 100644
index 0000000..d80ac17
--- /dev/null
+++ b/superadmin/index.js
@@ -0,0 +1,29 @@
+const express = require("express");
+const db = require("../db");
+const app = express.Router();
+const { checkSuperAdmin } = require("../auth");
+const { exec } = require("child_process");
+
+app.use("/", checkSuperAdmin, express.static(__dirname + "/public"))
+
+app.post("/api/query", checkSuperAdmin, async (req, res) => {
+ const { query } = req.body;
+ let s;
+ if (!query || !query.toLowerCase().startsWith("select") || (s = query.split(";")).length > 1 && s[1] !== "")
+ return res.status(403).json({ success: false });
+ try {
+ const response = await db.query(query);
+ res.json({ success: true, response });
+ } catch (e) {
+ res.json({ success: false, message: e });
+ }
+});
+
+app.get("/api/pull", checkSuperAdmin, (req, res) => {
+ exec("git pull", (error, stdout, stderr) => {
+ if (stderr) return res.json({ success: false, stderr, error });
+ return res.json({ success: true, stdout });
+ });
+});
+
+module.exports = app;
\ No newline at end of file
diff --git a/superadmin/public/index.html b/superadmin/public/index.html
new file mode 100644
index 0000000..0085630
--- /dev/null
+++ b/superadmin/public/index.html
@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html lang="en">
+ <head>
+ <meta charset="UTF-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1" />
+ <title>Super Admin</title>
+ <link
+ rel="stylesheet"
+ href="https://unpkg.com/purecss@2.0.3/build/pure-min.css"
+ integrity="sha384-cg6SkqEOCV1NbJoCu11+bm0NvBRc8IYLRGXkmNrqUBfTjmMYwNKPWBTIKyw9mHNJ"
+ crossorigin="anonymous"
+ />
+ <link rel="stylesheet" href="style.css" type="text/css" media="all" />
+ </head>
+ <body>
+ <header class="pure-menu pure-menu-horizontal">
+ <a href="/" class="pure-menu-item pure-menu-link">Home</a>
+ <a href="/admin" class="pure-menu-item pure-menu-link">Admin</a>
+ </header>
+ <main>
+ <h1>Super-Duper-Admin</h1>
+ <div>
+ <h3>Update code</h3>
+ <button class="pure-button pure-button-primary" id="pull-button">Pull code</button>
+ <div id="pull-response"></div>
+ </div>
+ <div>
+ <h3>SQL Select</h3>
+ <form class="pure-form" id="query-form">
+ <textarea required placeholder="SELECT something"></textarea>
+ <button type="submit" class="pure-button pure-button-primary">Query</button>
+ </form>
+ <table id="query-response"></table>
+ </div>
+ </main>
+ <script src="script.js"></script>
+ </body>
+</html>
\ No newline at end of file
diff --git a/superadmin/public/script.js b/superadmin/public/script.js
new file mode 100644
index 0000000..282e846
--- /dev/null
+++ b/superadmin/public/script.js
@@ -0,0 +1,51 @@
+const pullButton = document.getElementById("pull-button");
+const pullResponse = document.getElementById("pull-response");
+
+const queryForm = document.getElementById("query-form");
+const queryResponse = document.getElementById("query-response");
+
+pullButton.addEventListener("click", async e => {
+ const resp = await fetch("api/pull");
+ const res = await resp.json();
+ if (res.success) {
+ pullResponse.textContent = res.stdout;
+ } else {
+ console.log(res.error);
+ pullResponse.textContent = res.stderr;//.replace(/\n/g, "\n\r");
+ }
+});
+
+queryForm.addEventListener("submit", async e => {
+ e.preventDefault();
+ const textarea = queryForm.querySelector("textarea");
+ const body = JSON.stringify({ query: textarea.value.trim() });
+ const resp = await fetch("api/query", {
+ method: "POST", body, headers: { "Content-Type": "application/json" }
+ });
+ const res = await resp.json();
+ while (queryResponse.children.length > 0) queryResponse.removeChild(queryResponse.children[0]);
+ if (res.success && res.response.length > 0) {
+ const keys = Object.keys(res.response[0]);
+ const head = document.createElement("thead");
+ for (const key of keys) {
+ const th = document.createElement("th");
+ th.textContent = key;
+ head.append(th);
+ }
+ for (const row of res.response) {
+ const tr = document.createElement("tr");
+ for (const colI in row) {
+ if (!row.hasOwnProperty(colI)) continue;
+ const td = document.createElement("td");
+ td.textContent = row[colI];
+ tr.append(td);
+ }
+ queryResponse.append(tr);
+ }
+ queryResponse.append(head);
+ } else if (!res.success && res.message) {
+ const span = document.createElement("span");
+ span.textContent = JSON.stringify(res.message);
+ queryResponse.append(span);
+ }
+});
\ No newline at end of file
diff --git a/superadmin/public/style.css b/superadmin/public/style.css
new file mode 100644
index 0000000..e0a7352
--- /dev/null
+++ b/superadmin/public/style.css
@@ -0,0 +1,32 @@
+html,
+body {
+ padding: 0;
+ margin: 0;
+ height: 100%;
+ width: 100%;
+ color: #424242;
+ line-height: 1.6;
+ background-color: #eec0c6;
+ background-image: linear-gradient(315deg, #eec0c6 0%, #7ee8fa 74%);
+}
+
+main {
+ position: absolute;
+ max-height: calc(100% - 140px);
+ overflow-y: auto;
+ /*width: 80%;*/
+ width: fit-content;
+ width: -webkit-fit-content;
+ width: -moz-fit-content;
+ left: 50%;
+ top: 50%;
+ -webkit-transform: translate(-50%, -50%);
+ transform: translate(-50%, -50%);
+ padding: 20px;
+ border-radius: 10px;
+ background: white;
+}
+
+header {
+ background: white;
+}
\ No newline at end of file
--
cgit v1.2.3