I had some help doing some of this but what I'm trying to do is get my functions to retrieve its values from the backstagefunctions.php file and place the contents in the content div but when you click on the link it doesn't do anything and then when you try and manually plug the function name in it just logs you out. I'm trying to figure out why it won't work properly. Anyone know?
Code: <?php
require "backstageconfig.php";
require "backstagefunctions.php";
ob_start();
//if the login form is submitted
if(isset($_POST['submit']))
{
if(!$_POST['username'] || !$_POST['password'])
{
die('You did not fill in a required field.');
}
$username = mysql_real_escape_string ($_POST['username']);
$pass = md5 (mysql_real_escape_string ($_POST['password']));
$check = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$pass."' LIMIT 1") or die (mysql_error());
$check2 = mysql_num_rows($check);
if ($check2 == 0)
{
die('That user does not exist in our database.');
}
while($info = mysql_fetch_array( $check ))
{
$pass = md5(stripslashes($_POST['password']));
$info['password'] = stripslashes($info['password']);
if ($pass != $info['password'])
{
die('Incorrect password, please try again.');
}
else
{
$username = stripslashes($username);
$_SESSION['username'] = $username;
$_SESSION['loggedin'] = time();
$query = "SELECT `admin` FROM `users` WHERE `username` = '" . $username . "'";
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);
$admin = $row['admin'];
$_SESSION['admin'] = $admin;
if(isset($_SESSION['admin']))
if(isset($_GET['method']))
{
$func = $_GET['method'];
}
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
</head>
<body>
<div id=container>
<div class=header>
<table cellpadding="0" cellspacing="0" border="0" width="95%">
<tr>
<td width=110 align=center></td>
<td></td>
<td width=40 valign=bottom align=right>
<a href="#" onclick="">Home</a> | <a href="#" onclick="">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a></td>
</tr>
</table>
</div>
<div id=container2>
<div id=nav>
<?php if(isset($_SESSION['loggedin'])) { ?>
<h1>Character</h1>
<ul>
<li><a href="#" onclick="backstagefunctions.php?method=biography">Biography</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=allies">Allies</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=rivals">Rivals</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=quotes">Quotes</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin'])) { ?>
<h1>Submit</h1>
<ul>
<li><a href="#" onclick="backstagefunctions.php?method=roleplays">Roleplay</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=news">News</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=matches">Match</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=segments">Seg</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>
<h1>Handler</h1>
<ul>
<li><a href="#" onclick="backstagefunctions.php?method=directory">Directory</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>
<h1>Booking</h1>
<ul>
<li><a href="#" onclick="backstagefunctions.php?method=champions">Champions</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=booker">Booker</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=compiler">Compiler</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=archives">Archives</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>
<h1>Fed Admin</h1>
<ul>
<li><a href="#" onclick="backstagefunctions.php?method=handlers">Handlers</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=characters">Characters</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=applications">Applications</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=events">Event Names</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=titles">Title Names</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=matchtypes">Match Types</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=divisions">Divisions</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=arenas">Arenas</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>
<h1>Site Admin</h1>
<ul>
<li><a href="#" onclick="backstagefunctions.php?method=templates">Templates</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=content">Content</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=bioconfig">Bio Configuration</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=newscat">News Categories</a></li>
<li><a href="#" onclick="backstagefunctions.php?method=menus">Menus</a></li>
</ul>
<?php } ?>
</div>
<div id=content>
<?php
if(isset($_GET['method']))
echo $func();
?>
</div>
<div id="footer">Backstage 1 © 2009
</div>
</div>
</div>
</body>
</html>
<?php
}
}
}
}
else
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
</head>
<body>
<div id=login>
<form method="POST" action="/mybackstage/backstage.php">
<h1>KOW Backstage</h1>
<p><label>Username:
<input type="text" name="username" id="log" tabindex="1"></label></p>
<p><label>Password:
<input type="password" name="password" id="pwd" tabindex="2"></label></p>
<p style="text-align: center;"><input type="submit" class="button" name="submit" id="submit" value="Login »" tabindex="4"></p>
</form>
</div>
</body>
</html>
<?php
}
?>
Will this protect from mysql injection?
I do not want anything like DROP TABLE to work or any type of coding.. Heres my code.. is it secure? if not, please help:Code:
Why does my php page download images over and over
Can anybody please explain to me why my php page keeps downloading the images and other items every single time the page is loaded or refreshed. I would have thought that the images get cached and
Really need helps regarding Pagination with Sort
I need someone helps regarding pagination problem...i actually want to make my page limited to let say 50 so it will look like this page1=0-50page2=51-100Then i want to sort let say based on the name
Request-URI Too Large
I have created a simple submit form for a mysql database that puts a piece of code into database.But if I want to put a document of any decent length, eg. 500 characters (I guess), I get the error
Simultaneous select/update/insert
HiHow would I need to go about when 2 users update a single row simultaneous? And how would I need to go about when 2 users want to edit a row?Should I first lock the table, update the row to indicate
Echoing ASCII code
I have a php page that splits a string into chars and then echoes the ASCII code for each char. I'm trying to get it print the original value => ASCII code, splitted by :, like:A => 65:
PHP Include w/If IE Condition Statement?
I was having a problem with Internet Exploder (big surprise, right?) displaying my drop down menus improperly. I found a solution that works ... I have a PHP file that I place as an include on all my
weird problem
last time, i did post a topic concerning why my page sometime will load as blank page when using IE. someone has told me that it might be my hosting server problem, too slow...but, now after testing
php code to accept and delete incoming data
Using following HTML Code please show me how to write PHP code to accept and delete the incoming data entered through the form below. from the following MySQL database and table.Database = hrmsTable =
Why doesn't this work? (SSH2)
This is my script:Code: <?php$connection = ssh2_connect('213.251.167.109', 22);ssh2_auth_password($connection, 'root', 'MGdgfskc');$stream = ssh2_exec($connection, 'useradd -d /home/users/test
