sidebar.php

1. <?php // sidebar.php
2.  
3.  echo "<div id=\"sidebar\">\n";
4.    
5. isset($_GET['action']) ? $action = clean_it($_GET['action']) : $action = '';    // Variable definieren
6.  
7. if(isset($_POST['submit_login'])){
8.    
9.     $log_user = clean_it($_POST['log_user']);   // Variable definieren
10.     $log_pass = clean_it($_POST['log_pass']);   // Variable definieren => MD5 Verschluesselung
11.    
12.     $login = mysql_query("SELECT id FROM user WHERE name='$log_user' AND passwort='$log_pass'");
13.    
14.     if(mysql_num_rows($login) > 0){ // korrekt eingeloggt
15.    
16.             $row = mysql_fetch_object($login); // DATEN aus DB
17.            
18.             $_SESSION['login'] = $row->id; // Session zuweisen
19.             $_SESSION['user'] = $log_user; // Session zuweisen
20.            
21.             header("Location: admin.php"); // Weiterleitung
22.  
23.     }else{
24.         echo get_error(' Logindaten fehlerhaft ...');
25.     }
26. }
27.  
28. //--------------------------------------------------------
29. // Wenn Eingeloggt
30. //--------------------------------------------------------
31.  
32. if(isset($_SESSION['login'])){
33.  
34.  echo "<h2>Welcome ".$_SESSION['user']."<small>";
35.  echo "<a href=\"?action=logout\">Logout</a></small></h2>";
36.  
37.  echo "<p><a href=\"post_news.php\" class=\"the_button\">Neuen Artikel verfassen</a></p>";
38.  
39.  echo "<br />";
40.  
41. //--------------------------------------------------------
42. // Letzte Kommentare
43. //--------------------------------------------------------
44.  
45.  echo "<h2>Neusten Kommentare</h2>\n";
46.  
47.  $new_comi = mysql_query("SELECT id, name, comment, DATE_FORMAT(date, '%d.%m.%Y') AS datum FROM comments ORDER BY id DESC LIMIT 3");
48.  
49.  if(mysql_num_rows($new_comi)<1){
50.    
51.     echo "<p>Derzeit existieren keine Kommentare...</p>";
52.  }
53.  
54.  echo "<ul class=\"list\">";
55.  
56.  // News ausgeben ausgeben
57. while($row_c = mysql_fetch_object($new_comi)){
58.    
59.     echo "<li><strong>".$row_c->id.".</strong>";
60.     echo substr($row_c->comment, 0, 80)." [..] <br />\n";
61.  
62.     echo "<div class=\"right\">\n";
63.     echo "<a href=\"edit_comments.php?id=".$row_c->id."\">Bearbeiten</a>  \n";
64.     echo "<a href=\"edit_comments.php?action=loeschen&amp;id=".$row_c->id."\">[x]</a>\n";
65.     echo "</div>\n ";
66.        
67.     echo "<small>".$row_c->name." &#xBB; <span class=\"green\">".$row_c->datum."</span></small>\n";
68.     echo "</li>\n";
69.  
70. } // close while
71.  
72. echo "</ul>";
73.  
74.  
75. //--------------------------------------------------------
76. // Logout
77. //--------------------------------------------------------
78.  
79. if($action == 'logout'){
80.     session_unset();            // Sessionvariable loeschen
81.     session_destroy();          // Session zerstoeren
82.  
83.     header("Location: admin.php"); // Weiterleitung
84. }
85.  
86. }else{
87. ?>
88.  
89. <form action="" method="post">
90.     <fieldset>
91.     <legend><span class="blue">Grafixx</span> Login</legend>
92.         <label>Name</label>
93.         <input type="text" name="log_user" /><br />
94.  
95.         <label>Passwort</label>
96.         <input type="password" name="log_pass" />
97.         <br /><br />
98.  
99.         <input type="submit" value="Login" name="submit_login" class="button"/>
100.     </fieldset>
101. </form>
102. <?php } /* Close login */ ?>
103.  
104.         </div>
105.     </div>