diff --git a/admin/admin_ajax.php b/admin/admin_ajax.php
new file mode 100644
index 00000000..af1ce3c2
--- /dev/null
+++ b/admin/admin_ajax.php
@@ -0,0 +1,67 @@
+getToken()) {
+ header('Location: ../index.php?msg=Invalid token. Please login.');
+ } else if (!$admin->is_admin) {
+ header('Location: ../index.php?msg=Looks like that you are not administrator :(');
+ }
+} else {
+ header('Location: ../index.php?msg=Illegal access. Please login.');
+}
+
+/*
+ * No protection here,
+ * I don't think you wanna fuck yourself :(
+ */
+if (isset($_GET['action'])) {
+ $action = $_GET['action'];
+ $user = new user($_GET['uname']);
+
+ if ($action == "upload") {
+ $type = isset($_GET['type']) ? $_GET['type'] : "skin";
+ $file = isset($_FILES['file']) ? $_FILES['file'] : null;
+ if (!is_null($file)) {
+ if ($user->setTexture($type, $file)) {
+ $json['errno'] = 0;
+ $json['msg'] = "Skin uploaded successfully.";
+ } else {
+ $json['errno'] = 1;
+ $json['msg'] = "Uncaught error.";
+ }
+ } else {
+ utils::raise(1, 'No input file selected');
+ }
+ } else if ($action == "change") {
+ if (user::checkValidPwd($_POST['passwd'])) {
+ $user->changePasswd($_POST['passwd']);
+ $json['errno'] = 0;
+ $json['msg'] = "Password of ".$_GET['uname']." changed successfully.";
+ } // Will raise exception if password invalid
+ } else if ($action == "delete") {
+ $user->unRegister();
+ $json['errno'] = 0;
+ $json['msg'] = "Account successfully deleted.";
+ }
+}
+
+echo json_encode($json);
diff --git a/assets/css/admin.style.css b/assets/css/admin.style.css
new file mode 100644
index 00000000..2a649f45
--- /dev/null
+++ b/assets/css/admin.style.css
@@ -0,0 +1,26 @@
+/*
+* @Author: prpr
+* @Date: 2016-02-04 16:47:54
+* @Last Modified by: prpr
+* @Last Modified time: 2016-02-04 16:48:04
+*/
+.pure-table {
+ margin: 80px auto 0;
+ width: 100%;
+ background-color: #fff;
+}
+.pure-button {
+ width: inherit;
+ margin: 0 10px 0 0 !important;
+}
+.pure-button-error {
+ background: rgb(202, 60, 60);
+ color: #fff;
+}
+input {
+ width: 100%;
+ margin: 10px 0 20px;
+}
+.fw {
+ width: 100%;
+}
diff --git a/assets/js/admin.utils.js b/assets/js/admin.utils.js
new file mode 100644
index 00000000..abc01778
--- /dev/null
+++ b/assets/js/admin.utils.js
@@ -0,0 +1,85 @@
+/*
+* @Author: prpr
+* @Date: 2016-02-04 16:48:42
+* @Last Modified by: prpr
+* @Last Modified time: 2016-02-04 17:09:20
+*/
+
+'use strict';
+
+function showUpload(uname, type) {
+ var ply = new Ply({
+ el: 'Upload new '+type+':
',
+ effect: "fade",
+ onaction: function(){ upload(uname, type, $('#file').get(0).files[0]); },
+ });
+ ply.open();
+}
+
+function upload(uname, type, file){
+ var form_data = new FormData();
+ if (file) {
+ form_data.append('file', file);
+ $.ajax({
+ type: 'POST',
+ contentType: false,
+ url: 'admin_ajax.php?action=upload&type='+type+'&uname='+uname,
+ dataType: "json",
+ data: form_data,
+ processData: false,
+ success: function(json) {
+ if (json.errno == 0) {
+ showAlert("Successfully uploaded.");
+ $('#'+uname+'_'+type).attr('src', 'http://skin.fuck.io/'+type+'/'+uname+'.png?t='+Math.random());
+ } else {
+ showAlert("Error when uploading cape:\n" + json.msg);
+ }
+ }
+ });
+ }
+}
+
+function showAlert(msg) {
+ Ply.dialog("alert", msg);
+}
+
+function showChange(uname) {
+ Ply.dialog("prompt", {
+ title: "Type in "+uname+"'s new password",
+ form: { passwd: "New Password" }
+ }).done(function(ui){
+ var passwd = ui.data.passwd;
+ $.ajax({
+ type: "POST",
+ url: "admin_ajax.php?action=change&uname="+uname,
+ dataType: "json",
+ data: { "passwd": passwd },
+ success: function(json) {
+ if (json.errno == 0) {
+ showAlert(json.msg);
+ } else {
+ showAlert(json.msg);
+ }
+ }
+ });
+ });
+}
+
+function showDelete(uname) {
+ Ply.dialog("prompt", {
+ title: "Are you sure to delete "+uname+"?",
+ }).done(function(ui){
+ $.ajax({
+ type: "POST",
+ url: "admin_ajax.php?action=delete&uname="+uname,
+ dataType: "json",
+ success: function(json) {
+ if (json.errno == 0) {
+ showAlert(json.msg);
+ } else {
+ showAlert(json.msg);
+ }
+ }
+ });
+ });
+}