Webmonkey
05-25-2006, 04:33 PM
Hi all,
I have this script and want to make it so it shows more than the id when i am reviewing to accept or delete the tutorials, anyone care to edit if for me so it will do that?
Code is here:
<?php
error_reporting(E_ALL ^ E_NOTICE);
session_start();
if (@$_SESSION['logged'] != "yes")
{
header("Location: login.php");
exit();
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<title>Tutorial Admin</title>
</head>
<body>
<?php
include "connect.php";
$query = "SELECT url, id FROM tutorials WHERE status = 'no'";
$result = @mysql_query($query);
$num = mysql_num_rows($result);
if($num > 0)
{
echo '<table>';
while($row = mysql_fetch_array($result))
{
$id = $row[1];
echo "<tr>
<td></td>
<td>$row[1]</td>
<form action=edit.php method=post>
<td><input type=hidden value=$row[1] name=ID> </td>
<td>
<select name=action>
<option value=Delete>Delete</option>
<option value=Approve>Approve</option>
</select>
<input type=submit value=Submit name=submit></td>
</form>
</tr>";
}
echo '</table>';
}
else
{
echo "The query didnt find any results.";
}
if(isset($_POST['submit']) && $_POST['submit'] != '')
{
//never trust user input ;)
//even setting values yourself, select, etc..it can be injected
$action = trim(strip_tags($_POST['action']));
$id2 = intval($_POST['ID']);
if(!empty($id) && !empty($action))
{
if($action == 'Delete')
{
$query2 = "DELETE FROM tutorials WHERE id='".$id2."' LIMIT 1";
$result2 = @mysql_query($query2);
echo '<meta http-equiv="Refresh" content="0; url=http://www.stevengibbons.com/tutorial/edit.php">';
}
else
{
$query3 = "UPDATE tutorials SET status='yes' WHERE id='".$id2."' LIMIT 1";
$result3 = @mysql_query($query3);
echo '<meta http-equiv="Refresh" content="0; url=http://www.stevengibbons.com/tutorial/edit.php">';
}
}
else
{
//hmm, that shouldn't happen
}
}
?>
</body>
</html>
Thanks
I have this script and want to make it so it shows more than the id when i am reviewing to accept or delete the tutorials, anyone care to edit if for me so it will do that?
Code is here:
<?php
error_reporting(E_ALL ^ E_NOTICE);
session_start();
if (@$_SESSION['logged'] != "yes")
{
header("Location: login.php");
exit();
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<title>Tutorial Admin</title>
</head>
<body>
<?php
include "connect.php";
$query = "SELECT url, id FROM tutorials WHERE status = 'no'";
$result = @mysql_query($query);
$num = mysql_num_rows($result);
if($num > 0)
{
echo '<table>';
while($row = mysql_fetch_array($result))
{
$id = $row[1];
echo "<tr>
<td></td>
<td>$row[1]</td>
<form action=edit.php method=post>
<td><input type=hidden value=$row[1] name=ID> </td>
<td>
<select name=action>
<option value=Delete>Delete</option>
<option value=Approve>Approve</option>
</select>
<input type=submit value=Submit name=submit></td>
</form>
</tr>";
}
echo '</table>';
}
else
{
echo "The query didnt find any results.";
}
if(isset($_POST['submit']) && $_POST['submit'] != '')
{
//never trust user input ;)
//even setting values yourself, select, etc..it can be injected
$action = trim(strip_tags($_POST['action']));
$id2 = intval($_POST['ID']);
if(!empty($id) && !empty($action))
{
if($action == 'Delete')
{
$query2 = "DELETE FROM tutorials WHERE id='".$id2."' LIMIT 1";
$result2 = @mysql_query($query2);
echo '<meta http-equiv="Refresh" content="0; url=http://www.stevengibbons.com/tutorial/edit.php">';
}
else
{
$query3 = "UPDATE tutorials SET status='yes' WHERE id='".$id2."' LIMIT 1";
$result3 = @mysql_query($query3);
echo '<meta http-equiv="Refresh" content="0; url=http://www.stevengibbons.com/tutorial/edit.php">';
}
}
else
{
//hmm, that shouldn't happen
}
}
?>
</body>
</html>
Thanks