Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function fetchRow($row, $table, $page){
- $query = "SELECT ".$row." FROM ".$table." WHERE p = '".$page."' LIMIT 1";
- $result = mysql_query($query)or die(mysql_error());
- if($result){
- $record = mysql_fetch_row($result);
- echo $record[0];
- }
- }
- function fetchContent($row, $table, $epage){
- $query = "SELECT ".$row." FROM ".$table." WHERE e = '".$epage."' LIMIT 1";
- $result = mysql_query($query)or die(mysql_error());
- if($result){
- $record = mysql_fetch_row($result);
- echo $record[0].'<br />'.PHP_EOL;
- }
- }
- function epages() {
- $querya = "SELECT * FROM content ORDER BY id";
- $resulta = mysql_query($querya);
- while($recorda = mysql_fetch_array($resulta, MYSQL_ASSOC)){
- if ($recorda['title'] == '404' || $recorda['p'] == 'register' || $recorda['p'] == 'login' || $recorda['p'] == 'admin' || $recorda['p'] == 'edit' || $recorda['p'] == 'add' || $recorda['p'] == 'delete') {
- }
- else {
- echo '<ul>'.PHP_EOL;
- echo '<li><a href="index.php?p=edit&e='.$recorda['p'].'">'.$recorda['title'].'</a></li>'.PHP_EOL;
- echo '</ul>'.PHP_EOL;
- }
- }
- }
- function pages() {
- $querya = "SELECT * FROM content ORDER BY id";
- $resulta = mysql_query($querya);
- while($recorda = mysql_fetch_array($resulta, MYSQL_ASSOC)){
- if ($recorda['title'] == '404' || $recorda['p'] == 'register' || $recorda['p'] == 'login' || $recorda['p'] == 'admin' || $recorda['p'] == 'edit' || $recorda['p'] == 'add' || $recorda['p'] == 'delete') {
- }
- else {
- echo '<ul>'.PHP_EOL;
- echo '<li><a href="index.php?p='.$recorda['p'].'">'.$recorda['title'].'</a></li>'.PHP_EOL;
- echo '</ul>'.PHP_EOL;
- }
- }
- }
- function login(){
- if(isset($_GET['action']) && ($_GET['action'] == "login")) {
- $user = mysql_real_escape_string($_POST['name']);
- $pass = mysql_real_escape_string(md5($_POST['pass']));
- $query = "SELECT * FROM users WHERE username = '".$user."' AND password = '".$pass."' AND enabled = 1";
- $result = mysql_query($query)or die(mysql_error());
- if(mysql_num_rows($result) < 1) {
- die ('De gebruikersnaam bestaat niet of het wachtwoord is verkeerd, probeer nogmaals in te loggen.');
- }
- else {
- session_start();
- $_SESSION['name'] = $user;
- $_SESSION['pass'] = $pass;
- header('location:?p=about');
- }
- }
- echo '<form action="?p=login&action=login" method="post">
- <label for="name">Loginnaam:</label>
- <input type="text" name="name" id="name" maxlength="30" /><br />
- <label for="pass">Wachtwoord:</label>
- <input type="password" name="pass" id="pass" maxlength="30" /><br />
- <label for="verzenden"> </label>
- <input type="submit" value="Inloggen"><br />
- </form>
- ';
- }
- function register(){
- if(isset($_GET['action']) && ($_GET['action'] == "register")){
- $user = mysql_real_escape_string($_POST['name']);
- $pass = mysql_real_escape_string(md5($_POST['pass']));
- $mailadres = mysql_real_escape_string($_POST['mailadres']);
- $query = "INSERT INTO users (`username`, `password`, `mailadres`, `enabled`, `lastlogin`) VALUES ('".$user."', '".$pass."', '".$mailadres."', 1, NOW())";
- empty($pass);
- $pass = clean($_POST['pass']);
- if(empty($user)) {
- echo 'naam is leeg';
- }
- elseif(empty($pass)) {
- echo 'pass is leeg';
- }
- elseif(empty($mailadres)) {
- echo 'mail is leeg';
- }
- else {
- if(mysql_query($query)){
- echo 'Registratie is gelukt. Klik <a href="?p=login">hier</a> om in te loggin.';
- }
- else {
- echo 'Registratie mislukt!';
- }
- }
- }
- echo'<form action="?p=register&action=register" method="post">
- <label for="name">Loginnaam:</label>
- <input type="text" name="name" id="name" maxlength="30" /><br />
- <label for="pass">Wachtwoord:</label>
- <input type="password" name="pass" id="pass" maxlength="30" /><br />
- <label for="mailadres">Email:</label>
- <input type="text" name="mailadres" id="mailadres" maxlength="60" /><br />
- <label for="verzenden"> </label>
- <input type="submit" name="verzenden" id="verzenden" value="Verzenden" /><br />
- </form>
- ';
- }
- function add() {
- if(isset($_GET['action']) && ($_GET['action'] == "add")){
- $title = mysql_real_escape_string($_POST['title']);
- $content = mysql_real_escape_string($_POST['content']);
- $query = "INSERT INTO content (`title`, `content`, `e`, `p`) VALUES ('".$title."', '".$content."', '".$title."', '".$title."')";
- if(mysql_query($query)){
- header('location:?p='.$title.'');
- }
- else {
- echo 'Registratie mislukt!';
- }
- }
- echo'<form action="?p=add&action=add" method="post">
- <label for="title">Titel:</label>
- <input type="text" name="title" id="title" maxlength="30" /><br />
- <label for="content">Content:</label>
- <input type="text" name="content" id="content" maxlength="30" /><br />
- <label for="verzenden"> </label>
- <input type="submit" name="verzenden" id="verzenden" value="Verzenden" /><br />
- </form>
- ';
- }
- function clean($str) {
- $str = @trim($str);
- if(get_magic_quotes_gpc()) {
- $str = stripslashes($str);
- }
- return mysql_real_escape_string($str);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement