www.webdeveloper.com
Results 1 to 4 of 4

Thread: PHP Admin Login Page

  1. #1
    Join Date
    Dec 2009
    Posts
    12

    PHP Admin Login Page

    I have a very basic login to view an admin panel, but when I upgraded the PHP version of this website it no longer works.
    Here is a link to the page
    http://site.odiz.biz/reviews/admin.php
    The password is "password123".

    Here is the code, can anyone see why the upgrade screwed up the script? Btw, I did not write the script so go ahead and make fun of it if its not up to par.

    PHP Code:

    <html>
    <head>
    <link rel="stylesheet" type="text/css" href="style.css" />
    </head>

    <body>
    <?php
    session_start
    ();
    mysql_connect("mysql""SivaBirdie""BirdMan71139") or die(mysql_error());
    mysql_select_db("reviews") or die(mysql_error());
    if(
    $_SESSION[loggedin] != "y"){
     if(
    $_POST[pass] == "password123"){
      
    $_SESSION[loggedin] = "y";
     echo 
    "<script>window.location = 'admin.php';</script>";
     }
     else{
     echo 
    "<form action='admin.php' method=post>Password: <input class='password' type='password' name='pass'><input class='submit' type=submit value='Login'></form>";

     }
    }
    else {
    if(
    $_GET[c] == ""){
    ?>
    <table height="100%"><tr><td width="100%" id="admin-title" colspan="2"><H1>Odiz.com Product Reviews Management</H1></td></tr><tr>
    <td width="25%" height="100%" valign="top" id="admin-cell">
    <a href="admin.php?c=app" target="content">New Approvals</a><br>
    <a href="admin.php?c=del" target="content">Delete Reviews</a><br>
    <a href="admin.php?c=appCp" target="content">Turn Approvals On Or Off</a><br>
    </td>
    <td wudth="75%" height="100%">
    <iframe
    src =""
    width="100%" height="100%" name="content" id="frame">
    </iframe>

    </td>
    </tr></table>
    <?php
    }
    else if(
    $_GET[c] == "del"){
    echo
    "<h1>Delete Area</h1><br><br>";
    if(
    $_GET[p] == ""){
    $q mysql_query("SELECT * FROM Reviews");

    $array[0] = "";
    while(
    $r mysql_fetch_array($q)){
     foreach (
    $array as $arrayItem){
      if(
    $arrayItem == $r[id])$fail y;
     }
     if(
    $fail != "y"$array[] = $r[id];
     
    $fail "";
    }
    foreach(
    $array as $id){
        echo 
    "<a href = 'admin.php?c=del&p=".$id."'>".$id."</a><br>";
    }
    }
    else if(
    $_GET[num] == ""){
     
    $q mysql_query("SELECT * FROM Reviews WHERE id='$_GET[p]' ORDER BY num ASC");
     while(
    $r mysql_fetch_array($q)){
      echo 
    "<a href='admin.php?c=del&p=".$_GET[p]."&num=".$r[num]."'>".$r[name]."</a><br>";
     }
    }
    else{
     if(
    $_GET[con] == "y"){
     
    mysql_query("DELETE FROM Reviews WHERE id='$_GET[p]' AND num='$_GET[num]'") or die(mysql_error());
     if(
    $_GET[ref] == "app") echo "<script>window.location = 'admin.php?c=app';</script>";
     else echo 
    "<script>window.location = 'admin.php?c=del';</script>";

     }
     else{
     
    $q mysql_query("SELECT * FROM Reviews WHERE num='$_GET[num]' ORDER BY num ASC");
     while(
    $r mysql_fetch_array($q)){
         
    $i 1;
        while(
    $i <= 5){
         if(
    $r[star] >= $i$starz .= "<img border='0' src='star1.png' width='14' height='13'>";
         else 
    $starz .= "<img border='0' src='star2.png' width='14' height='13'>";
         
    $i++;
        }
      
    ?>
          <div id="reviews">
          <div id="reviews-name"><?php echo $r[name]; ?></div>
          <div id="reviews-rating">Rating: <?php echo $starz?></div>
          <div id="reviews-comment"><?php echo $r[content]; ?></div>
          <br>
          <a href='admin.php?c=del&con=y&p=<?php echo $_GET[p]; ?>&num=<?php echo $r[num]; ?>'>Delete</a>
      <?
     }
    }
    }
    }
    else if($_GET[c] == "app"){

    $q = mysql_query("SELECT * FROM Reviews WHERE app = 'n'");

    $array[0] = "";
    while($r = mysql_fetch_array($q)){
     foreach ($array as $arrayItem){
      if($arrayItem == $r[id])$fail = y;
     }
     if($fail != "y") $array[] = $r[id];
     $fail = "";
    }
    foreach($array as $id){
        if($_GET[num] != "") mysql_query("UPDATE Reviews SET app = 'y' WHERE num = '$_GET[num]'") or die(mysql_error());
        echo "<hr>".$id."<br><hr>";
        $q2= mysql_query("SELECT * FROM Reviews WHERE app = 'n' AND id = '$id'");
        while($r2 = mysql_fetch_array($q2)){
         $i = 1;
        while($i <= 5){
         if($r2[star] >= $i) $starz .= "<img border='0' src='star1.png' width='14' height='13'>";
         else $starz .= "<img border='0' src='star2.png' width='14' height='13'>";
         $i++;
        }
      ?>
          <div id="reviews">
          <div id="reviews-name"><?php echo $r2[name]; ?></div>
          <div id="reviews-rating">Rating: <?php echo $starz?></div>
          <div id="reviews-comment"><?php echo $r2[content]; ?></div>
          <br>
          <a href='admin.php?c=app&num=<?php echo $r2[num]; ?>'>Approve</a> /
          <a href='admin.php?c=del&con=y&ref=app&p=<?php echo $r2[id]; ?>&num=<?php echo $r2[num]; ?>'>Delete</a>
          <br><br>
      <?
        $starz = "";

        }

        
    }



    }
    else if($_GET[c] == "appCp"){
      $w = mysql_fetch_array(mysql_query("SELECT * FROM app LIMIT 1")) or die(mysql_error());
      if($_GET[toggle] == "y"){
      if($w[approved] == "y") {
       $t = "n";
       $nt = "y";
      }
      if($w[approved] == "n") {
       $t = "y";
       $nt = "n";
      }
      mysql_query("UPDATE app SET approved = '$t' WHERE approved = '$nt'") or die(mysql_error());
      echo "<script>window.location = 'admin.php?c=appCp';</script>";
      }
      if($w[approved] == "y"){
      echo "Approval is off, Turn it on? <a href='admin.php?c=appCp&toggle=y' > Yes </a>";
      }
      if($w[approved] == "n"){
      echo "Approval is on, Turn it off? <a href='admin.php?c=appCp&toggle=y' > Yes </a>";
      }
    }

    }
    ?>
    </body>
    </html>

  2. #2
    Join Date
    Feb 2012
    Location
    Pensacola, FL
    Posts
    337
    LOL You have old code. Kidding, the start_session() should be set before any data is passed to the client. Try this:
    PHP Code:
    <?php session_start(); ?><html>
    <head>
    <link rel="stylesheet" type="text/css" href="style.css" />
    </head>

    <body>
    <?php

    mysql_connect
    ("mysql""SivaBirdie""BirdMan71139") or die(mysql_error());
    mysql_select_db("reviews") or die(mysql_error());
    if(
    $_SESSION[loggedin] != "y"){
     if(
    $_POST[pass] == "password123"){
      
    $_SESSION[loggedin] = "y";
     echo 
    "<script>window.location = 'admin.php';</script>";
     }
     else{
     echo 
    "<form action='admin.php' method=post>Password: <input class='password' type='password' name='pass'><input class='submit' type=submit value='Login'></form>";

     }
    }
    else {
    if(
    $_GET[c] == ""){
    ?>
    <table height="100%"><tr><td width="100%" id="admin-title" colspan="2"><H1>Odiz.com Product Reviews Management</H1></td></tr><tr>
    <td width="25%" height="100%" valign="top" id="admin-cell">
    <a href="admin.php?c=app" target="content">New Approvals</a><br>
    <a href="admin.php?c=del" target="content">Delete Reviews</a><br>
    <a href="admin.php?c=appCp" target="content">Turn Approvals On Or Off</a><br>
    </td>
    <td wudth="75%" height="100%">
    <iframe
    src =""
    width="100%" height="100%" name="content" id="frame">
    </iframe>

    </td>
    </tr></table>
    <?php
    }
    else if(
    $_GET[c] == "del"){
    echo
    "<h1>Delete Area</h1><br><br>";
    if(
    $_GET[p] == ""){
    $q mysql_query("SELECT * FROM Reviews");

    $array[0] = "";
    while(
    $r mysql_fetch_array($q)){
     foreach (
    $array as $arrayItem){
      if(
    $arrayItem == $r[id])$fail y;
     }
     if(
    $fail != "y"$array[] = $r[id];
     
    $fail "";
    }
    foreach(
    $array as $id){
        echo 
    "<a href = 'admin.php?c=del&p=".$id."'>".$id."</a><br>";
    }
    }
    else if(
    $_GET[num] == ""){
     
    $q mysql_query("SELECT * FROM Reviews WHERE id='$_GET[p]' ORDER BY num ASC");
     while(
    $r mysql_fetch_array($q)){
      echo 
    "<a href='admin.php?c=del&p=".$_GET[p]."&num=".$r[num]."'>".$r[name]."</a><br>";
     }
    }
    else{
     if(
    $_GET[con] == "y"){
     
    mysql_query("DELETE FROM Reviews WHERE id='$_GET[p]' AND num='$_GET[num]'") or die(mysql_error());
     if(
    $_GET[ref] == "app") echo "<script>window.location = 'admin.php?c=app';</script>";
     else echo 
    "<script>window.location = 'admin.php?c=del';</script>";

     }
     else{
     
    $q mysql_query("SELECT * FROM Reviews WHERE num='$_GET[num]' ORDER BY num ASC");
     while(
    $r mysql_fetch_array($q)){
         
    $i 1;
        while(
    $i <= 5){
         if(
    $r[star] >= $i$starz .= "<img border='0' src='star1.png' width='14' height='13'>";
         else 
    $starz .= "<img border='0' src='star2.png' width='14' height='13'>";
         
    $i++;
        }
      
    ?>
          <div id="reviews">
          <div id="reviews-name"><?php echo $r[name]; ?></div>
          <div id="reviews-rating">Rating: <?php echo $starz?></div>
          <div id="reviews-comment"><?php echo $r[content]; ?></div>
          <br>
          <a href='admin.php?c=del&con=y&p=<?php echo $_GET[p]; ?>&num=<?php echo $r[num]; ?>'>Delete</a>
      <?
     }
    }
    }
    }
    else if($_GET[c] == "app"){

    $q = mysql_query("SELECT * FROM Reviews WHERE app = 'n'");

    $array[0] = "";
    while($r = mysql_fetch_array($q)){
     foreach ($array as $arrayItem){
      if($arrayItem == $r[id])$fail = y;
     }
     if($fail != "y") $array[] = $r[id];
     $fail = "";
    }
    foreach($array as $id){
        if($_GET[num] != "") mysql_query("UPDATE Reviews SET app = 'y' WHERE num = '$_GET[num]'") or die(mysql_error());
        echo "<hr>".$id."<br><hr>";
        $q2= mysql_query("SELECT * FROM Reviews WHERE app = 'n' AND id = '$id'");
        while($r2 = mysql_fetch_array($q2)){
         $i = 1;
        while($i <= 5){
         if($r2[star] >= $i) $starz .= "<img border='0' src='star1.png' width='14' height='13'>";
         else $starz .= "<img border='0' src='star2.png' width='14' height='13'>";
         $i++;
        }
      ?>
          <div id="reviews">
          <div id="reviews-name"><?php echo $r2[name]; ?></div>
          <div id="reviews-rating">Rating: <?php echo $starz?></div>
          <div id="reviews-comment"><?php echo $r2[content]; ?></div>
          <br>
          <a href='admin.php?c=app&num=<?php echo $r2[num]; ?>'>Approve</a> /
          <a href='admin.php?c=del&con=y&ref=app&p=<?php echo $r2[id]; ?>&num=<?php echo $r2[num]; ?>'>Delete</a>
          <br><br>
      <?
        $starz = "";

        }

        
    }



    }
    else if($_GET[c] == "appCp"){
      $w = mysql_fetch_array(mysql_query("SELECT * FROM app LIMIT 1")) or die(mysql_error());
      if($_GET[toggle] == "y"){
      if($w[approved] == "y") {
       $t = "n";
       $nt = "y";
      }
      if($w[approved] == "n") {
       $t = "y";
       $nt = "n";
      }
      mysql_query("UPDATE app SET approved = '$t' WHERE approved = '$nt'") or die(mysql_error());
      echo "<script>window.location = 'admin.php?c=appCp';</script>";
      }
      if($w[approved] == "y"){
      echo "Approval is off, Turn it on? <a href='admin.php?c=appCp&toggle=y' > Yes </a>";
      }
      if($w[approved] == "n"){
      echo "Approval is on, Turn it off? <a href='admin.php?c=appCp&toggle=y' > Yes </a>";
      }
    }

    }
    ?>
    </body>
    </html>

  3. #3
    Join Date
    Dec 2009
    Posts
    12

    Fantastic!

    That fixed it, thank you very much!

  4. #4
    Join Date
    Oct 2012
    Posts
    17

    Regarding PHP code

    You have upgrade admin login script code. I have implement php code on my current website.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center

"

"

X vBulletin 4.2.2 Debug Information

  • Page Generation 0.49148 seconds
  • Memory Usage 2,951KB
  • Queries Executed 15 (?)
More Information
Template Usage (33):
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_global_above_footer
  • (1)ad_global_below_navbar
  • (1)ad_global_header1
  • (1)ad_global_header2
  • (1)ad_navbar_below
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)ad_thread_first_post_content
  • (1)ad_thread_last_post_content
  • (2)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)headinclude_bottom
  • (4)memberaction_dropdown
  • (1)navbar
  • (4)navbar_link
  • (1)navbar_moderation
  • (1)navbar_noticebit
  • (1)navbar_tabs
  • (2)option
  • (4)postbit
  • (4)postbit_onlinestatus
  • (4)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available (6):
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files (26):
  • ./showthread.php
  • ./global.php
  • ./includes/class_bootstrap.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/functions_navigation.php
  • ./includes/class_friendly_url.php
  • ./includes/class_hook.php
  • ./includes/class_bootstrap_framework.php
  • ./vb/vb.php
  • ./vb/phrase.php
  • ./includes/functions_facebook.php
  • ./includes/functions_calendar.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_notice.php
  • ./packages/vbattach/attach.php
  • ./vb/types.php
  • ./vb/cache.php
  • ./vb/cache/db.php
  • ./vb/cache/observer/db.php
  • ./vb/cache/observer.php 

Hooks Called (72):
  • init_startup
  • friendlyurl_resolve_class
  • init_startup_session_setup_start
  • database_pre_fetch_array
  • database_post_fetch_array
  • init_startup_session_setup_complete
  • global_bootstrap_init_start
  • global_bootstrap_init_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • load_show_variables
  • load_forum_show_variables
  • global_state_check
  • global_bootstrap_complete
  • global_start
  • style_fetch
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • strip_bbcode
  • friendlyurl_clean_fragment
  • friendlyurl_geturl
  • forumjump
  • cache_templates
  • cache_templates_process
  • template_register_var
  • template_render_output
  • fetch_template_start
  • fetch_template_complete
  • parse_templates
  • fetch_musername
  • notices_check_start
  • notices_noticebit
  • process_templates_complete
  • friendlyurl_redirect_canonical
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • memberaction_dropdown
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • build_navigation_data
  • build_navigation_array
  • check_navigation_permission
  • process_navigation_links_start
  • process_navigation_links_complete
  • set_navigation_menu_element
  • build_navigation_menudata
  • build_navigation_listdata
  • build_navigation_list
  • set_navigation_tab_main
  • set_navigation_tab_fallback
  • navigation_tab_complete
  • fb_like_button
  • showthread_complete
  • page_templates