Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $dbc = mysqli_connect('127.0.0.1', '40076509', 'password', '40076509_news') or die('Error connecting to MySQL server');
- if (empty($SESSION_['s_id']))
- {
- // Read the entered username and password
- $username = $_POST['username'];
- $password = $_POST['password'];
- // Select password from database
- $loginresult = mysqli_query($dbc, "SELECT password FROM user WHERE username = '$username'") or die('Error accessing the user database');
- $row = mysqli_fetch_assoc($loginresult);
- if (mysqli_num_rows($loginresult) > 0 && password_verify($password, $row['password']))
- {
- $SESSION_['s_id'] = $username;
- }
- else
- {
- echo ("Access denied. <a href='login.php'>Try again?</a>");
- exit();
- }
- mysqli_close($dbc);
- }
- if (isset($SESSION_['s_id']))
- {
- $dbc = mysqli_connect('127.0.0.1', '40076509', 'password', '40076509_news') or die('Error connecting to MySQL server');
- // Read articles from database
- $result = mysqli_query($dbc, "SELECT category, title, date, id FROM content") or die('Error querying the content database');
- if (mysqli_num_rows($result) == 0)
- {
- echo ("No articles found");
- }
- else
- {
- while ($row = mysqli_fetch_assoc($result))
- {
- echo ("
- <hr><p><a href=article.php?id=" . $row["id"] . " target='_blank'>" . $row["category"] . " - " . $row["title"] . "</a>
- <br />" . $row["date"] . "
- <br /><form action='modify.php?id=" . $row["id"] . "' method='post'><input type='submit' name='submit' value='Delete' /></form></p>
- ");
- }
- echo ("<hr><p><a href='cmsadd.php'><button>Add New Article</button></a></p>");
- }
- mysqli_close($dbc);
- }
- else
- {
- header("Location: login.php");
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement