Untitled

<?

session_start(); # Make sure the session is set, otherwise nothing else can be registered, destoryed, unset etc. This is used for the login part.

date_default_timezone_set('GMT'); # Default thing for the date.

# Start variables

$sqlh = "fdb2.eu.pn"; # SQL Host

$sqlu = "638119_638119"; # SQL Username

$sqlp = "robd123"; # SQL Password

$sqldb =  "638119_638119"; # SQL Database

# End variables

$sqlc = mysql_connect($sqlh,$sqlu,$sqlp); # Connect to database

$seldb = mysql_select_db($sqldb, $sqlc); # Select database

if (!$sqlc){

die("Couldn't connect to the SQL server.<br>Possibly host, username, or password incorrect?<br><br>"); # If it can't connect to MYSQL Server display the msg

}

if (!$seldb){

die("Couldn't select the database<br>Did you type it correctly?<br><br>"); # If it can't connect to database display the msg

}

$x = $_GET['id']; # Gets something after ID - e.g ?id=home

$x = mysql_real_escape_string($x); # Protect from SQL injections; such as ' nd shit.

?>

<html>

<head>

<title>WUS Problem Manager</title>

<style type="text/css">

body {

font-family: verdana, arial, helvetica, sans-serif;

color: white;

background-color: black;

}

a {

        text-decoration: none;

        font-weight: bold;

        color:  #ccc;

        outline: none;

        }

a:visited {

        color:  #ccc;

        }

a:active {

        color:  #ccc;

        }

a:hover {

        color: #ccc;

        text-decoration: underline;

        }

</style>

</head>

<Center>

<body>

<?

switch($x) {

default: # if not defined..

case "login"; # go to the login case

if (isset($_POST['login'])){ # if the form is submitted then...

# Check to see if things were left empty..

if (empty($_POST['username'])){

die("You left the username space empty.");

}

if (empty($_POST['password'])){

die("You left the password space empty.");

}

# End checking to see if it's empty.

# Assuming its not, lets see if it's correct..

$username = $_POST['username']; # Make it a variable, makes it easier.

$pass = sha1($_POST['password']); # Encrypt the password with SHA1

$query = "select * from user where username='$username' and password='$pass'"; # Selects based off the info given

$result = mysql_query($query); # Executes query

$numrows = mysql_num_rows($result); # Sees if any results pop up

 

if ($numrows == 1){ # If there is one..

$_SESSION['user'] = $username;

$_SESSION['l0gg3d'] = $pass . $username;

# Log it in two sessions, to make it nice and friendly :)

echo("You logged in successfully, please click <a href='?id=main'>here</a>"); # Display the correct login thing

}else{ # Otherwise

die("The username / password combination was incorrect."); # It's not correct.

}

}else{ # If its not submitted, print the form out.

echo "Login";

print'

<form action="" method="POST">

<table>

<tr>

<td>Username</td>

<td>-</td>

<td><input type="text" name="username"></td>

</tr>

<tr>

<td>Password</td>

<td>-</td>

<td><input type="password" name="password"></td>

</tr>

<tr>

<td></td>

<td></td>

<td><input type="submit" name="login"></td>

</tr></table></form>';

echo "<a href='problem.php'>Click here to add a problem</a>";

} # end the if statement

 

break; # Nothing else for login

 

case "main";

if (!isset($_SESSION['l0gg3d']) && ($_SESSION['username'])) { # If someone who isn't logged in turns up...

die("You're not authorized to use this page."); # Stop the rest of the page from loading.

}

# If they are logged in... then display the contents.

 

echo "Control Area";

print '

<br>

<br>

<a href="?id=add">Add a problem</a><br>

<a href="?id=view">View the problems</a><br>

<a href="?id=search">Search through the problems</a><br>

<a href="?id=logout">Logout</a>';

break;

 

case "logout";

session_unset(); # Unset all sessions

session_destroy(); # Destroy them!

print'

<a href="?id=login">You have been logged out.</a>'; # Say they've been logged out.

break;

 

case "add";

if (!isset($_SESSION['l0gg3d']) && ($_SESSION['username'])) { # If someone who isn't logged in turns up...

die("You're not authorized to use this page."); # Stop the rest of the page from loading.

}

if (isset($_POST['add'])){

# If its submitted...

# I CBF to add "if empty" stuff. By all means, please do.

# Syntax:

# if (empty($_POST['*name here*'])){

# die("You left something empty");

# }

$email = $_POST['email'];

$name = $_POST['name'];

$type = $_POST['type'];

$problem = $_POST['problem'];

$cpu = $_POST['computer'];

$date = date("F j, Y, g:i a");

$ip = $_SERVER['REMOTE_ADDR'];

# end more variables

# structure and insert into the db

$query = "insert into problems (email, name, type, problem, computer, date, ip) values ('$email', '$name', '$type', '$problem', '$cpu', '$date', '$ip')";

mysql_query ($query) or die ('Could not enter the problem.'); # die if error

echo("Problem has been inserted."); # otherwise, its fine.

echo("Click <a href='?id=view'>here</a> to view all the problems, or <a href='?id=main'>here</a> to go back.");

# otherwise, form not submitted..

# print it out

}else{

print'

<form action="" method="POST">

<table cellpadding="8">

<tr valign="top">

<td>Email:</td>

<td><input type="text" name="email"></td>

</tr>

<tr valign="top">

<td>Name:</td>

<td><input type="text" name="name"></td>

</tr>

<tr valign="top">

<td>Hardware or Software:</td>

<td><select name="type"><option value="Hardware">Hardware</option><option value="Software">Software</option></select></td>

</tr>

<tr valign="top">

<td>Problem:</td>

<td><textarea cols="40" rows="20" name="problem"></textarea></td>

</tr>

<tr valign="top">

<td>Computer:</td>

<td><input type="text" name="computer"></td>

</tr>

<tr valign="top">

<td><input type="submit" name="add"></td>

<td><a href="?id=main">Click here to go back</a></td>

</tr>

</table>';

}

# end the if

break;

 

case "view";

if (!isset($_SESSION['l0gg3d']) && ($_SESSION['username'])) { # If someone who isn't logged in turns up...

die("You're not authorized to use this page."); # Stop the rest of the page from loading.

}

# If they are logged in... then display the contents.

$query = "SELECT * FROM problems ORDER BY ID DESC";  # Select all the problems, from the problems table. Order it by ID, descending.

$result = mysql_query($query) or die(mysql_error()); # Insert the query; otherwise, it'll die and reveal the error

$numrows=mysql_num_rows($result); # Grab the number of rows in the table from the query above

if ($numrows == 0){  # If there are no problems...

echo("There are no problems, yay!"); # No problems are there :)

} # End the if

echo "<a href='?id=main'>Click here to go back</a>"; # Always offer a go back menu

# Echo the table first

print'<table cellpadding="10" cellspacing="10">

<tr>

<td><b>ID</b></td>

<td><b>Email</b></td>

<td><b>Name</b></td>

<td><b>Type</b></td>

<td><b>Problem</b></td>

<td><b>Computer</b></td>

<td><b>Date</b></td>

<td><b>IP</b></td>

</tr>';

while($row = mysql_fetch_array($result)){ # Select the rows via table names nd stuff.

print'

<tr>

<td>' . $row['ID'] .'</td>

<td>' . $row['email'] .'</td>

<td>' . $row['name'] .'</td>

<td>' . $row['type'] .'</td>

<td>' . $row['problem'] .'</td>

<td>' . $row['computer'] .'</td>

<td>' . $row['date'] .'</td>

<td>' . $row['ip'] .'</td>

</tr>';

# echo all the problems out in the table, using data within the table.

}

echo"<table></p>";

break;

# end the switch statement

 

case "search";

<html>

<head>

<meta  http-equiv="Content-Type" content="text/html;  charset=iso-8859-1">  

<title>Search  Contacts</title>  

</head>

 

 

</html>

 

}

 

?>

</center>