<?phprequire 'adatbazis.php';session_start(); $csavo = $_SESSION['felhas

1. <?php
2. require 'adatbazis.php';
3. session_start();
4.  
5.  $csavo = $_SESSION['felhasznalo'];
6.  
7.  // banned
8.  $check = mysqli_query($conn, "SELECT banned FROM userek WHERE username='$csavo'");
9.  $check_2 = mysqli_fetch_array($check);
10.  if($check_2[0] == 1)
11.  {
12.      echo 'Your account has been permanently banned.';
13.      die();
14.  }
15.  
16. ?>
17.  
18. <!doctype html>
19. <html>
20. <head>
21. <meta charset="UTF-8">
22. <title>UCP</title>
23. </head>
24. <style>
25. table {
26.     font-family: arial, sans-serif;
27.     border-collapse: collapse;
28.     width: 100%;
29. }
30.  
31. td, th {
32.     border: 1px solid #dddddd;
33.     text-align: left;
34.     padding: 3 px;
35. }
36.  
37. tr:nth-child(even) {
38.     background-color: #dddddd;
39. }
40. </style>
41. <body>
42. <h1>UCP</h1>
43. <p>Szia
44. <?php
45. require 'adatbazis.php';
46.  
47.  $csavo = $_SESSION['felhasznalo'];
48.  
49.  echo $_SESSION['felhasznalo'];
50.  if(isset($_SESSION['felhasznalo']))
51.  {
52.      //echo 'ok';
53.  }
54.  else
55.  {
56.      header("Location: index.php");
57.  }
58.  
59.  if(isset($_POST['logout']))
60.  {
61.     session_destroy();
62.     header('Location: index.php');
63.  }
64.  
65.  $query = mysqli_query($conn, "SELECT szint FROM userek WHERE username='$csavo'");
66.  $adat = mysqli_fetch_array($query);
67.  
68. //echo $adat[0];   
69. $fasz = $adat[0];
70.  
71. // SERIAL LEKÉRÉSE
72. $serial_lekeres = mysqli_query($conn, "SELECT serial FROM userek WHERE username='$csavo'");
73. $serial_a = mysqli_fetch_array($serial_lekeres);
74. $serial = $serial_a[0];
75. echo "<br>A te serialod: ".$serial;
76.  
77. // megvásárolta
78.  if($fasz == 1)
79.  {
80.     // echo 'ez kurva jó';
81.         echo '<form method="post" action="">
82.     <input type="submit" value="Letöltöm" name="leszed">';
83.    
84.     if(isset($_POST['leszed']))
85.     {
86.          $leker = mysqli_query($conn, "SELECT file FROM userek WHERE username='$csavo'");
87.          $falj = mysqli_fetch_array($leker);
88.          $neve = $falj[0];
89.          if($neve == "0")
90.          {
91.              echo 'Nem elérhető.';
92.          }
93.          else
94.          {
95.              header("Location: ".$neve);
96.          }
97.        
98.     }
99.  }
100.  
101.  if($fasz == 2)
102.  {
103.         $_SESSION['admin_szint'] = $fasz;
104.         echo '<form method="post" action="">';
105.         echo '<input type="submit" value="Add new user" name="add">';
106.         echo '</form>';
107.         echo "<table border='3' cellpadding='2'>";
108.         echo "<tr> <th>ID</th> <th>Username</th> <th>Serial</th> <th>File</th> <th></th> <th></th> <th></th></tr>";
109.      
110.         $result = mysqli_query($conn,"SELECT id , username, serial, file FROM userek");
111.         if(mysqli_num_rows($result) > 0 ){
112.         while ($row = mysqli_fetch_array ($result))
113.         {
114.         echo "<tr>";
115.         echo '<td>' . $row['id'] . '</td>';
116.         echo '<td>' . $row['username'] . '</td>';
117.         echo '<td>' . $row['serial'] . '</td>';
118.         echo '<td>' . $row['file'] . '</td>';
119.         echo '<td>' . cucc() . '</td>';
120.         echo '<td><a href="edit.php?id=' . $row['id']   . '">Edit</a></td>';
121.         echo '<td><a href="delete.php?id=' . $row['id'] . '">Delete</a></td>';
122.         }
123. }
124.  
125.  }
126.  
127.  if(isset($_POST['add']))
128.  {
129.      header('Location: add_user.php');
130.  }
131.  
132.  function cucc() {
133.     echo "teszt";
134. }
135.  
136. ?></p>
137.  
138. <form method="post" action="">
139. <input type="submit" value="Logout" name="logout">
140. </body>
141. </html>